1 use crate::alloc::{TryClone, try_realloc}; 2 use crate::error::OutOfMemory; 3 use core::{ 4 cmp::Ordering, 5 fmt, 6 marker::PhantomData, 7 mem, 8 num::NonZeroUsize, 9 ops::{Deref, DerefMut, Index, IndexMut}, 10 slice::SliceIndex, 11 }; 12 use serde::ser::SerializeSeq; 13 use std_alloc::alloc::Layout; 14 use std_alloc::boxed::Box; 15 use std_alloc::vec::Vec as StdVec; 16 17 /// Same as the [`std::vec!`] macro but returns an error on allocation failure. 18 #[macro_export] 19 macro_rules! vec { 20 ( $( $elem:expr ),* ) => {{ 21 let len = $crate::private_len!( $( $elem ),* ); 22 $crate::alloc::Vec::with_capacity(len).and_then(|mut v| { 23 $( v.push($elem)?; )* 24 let _ = &mut v; 25 Ok(v) 26 }) 27 }}; 28 29 ( $elem:expr; $len:expr ) => {{ 30 let len: usize = $len; 31 if let Some(len) = ::core::num::NonZeroUsize::new(len) { 32 let elem = $elem; 33 $crate::alloc::Vec::from_elem(elem, len) 34 } else { 35 Ok($crate::alloc::Vec::new()) 36 } 37 }}; 38 39 } 40 41 // Only for use by the `vec!` macro. 42 #[doc(hidden)] 43 #[macro_export] 44 macro_rules! private_len { 45 ( ) => { 0 }; 46 ( $e:expr $( , $es:expr )* ) => { 1 + $crate::private_len!( $( $es ),* ) }; 47 } 48 49 /// Like `std::vec::Vec` but all methods that allocate force handling allocation 50 /// failure. 51 #[derive(Clone, PartialEq, Eq, PartialOrd, Ord, Hash)] 52 pub struct Vec<T> { 53 inner: StdVec<T>, 54 } 55 56 impl<T> Default for Vec<T> { 57 fn default() -> Self { 58 Self { 59 inner: Default::default(), 60 } 61 } 62 } 63 64 impl<T: fmt::Debug> fmt::Debug for Vec<T> { 65 fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { 66 fmt::Debug::fmt(&self.inner, f) 67 } 68 } 69 70 impl<T> TryClone for Vec<T> 71 where 72 T: TryClone, 73 { 74 fn try_clone(&self) -> Result<Self, OutOfMemory> { 75 let mut v = Vec::with_capacity(self.len())?; 76 for x in self { 77 v.push(x.try_clone()?).expect("reserved capacity"); 78 } 79 Ok(v) 80 } 81 } 82 83 impl<T> Vec<T> { 84 /// Same as [`std::vec::Vec::new`]. 85 pub const fn new() -> Self { 86 Self { 87 inner: StdVec::new(), 88 } 89 } 90 91 /// Same as [`std::vec::Vec::with_capacity`] but returns an error on 92 /// allocation failure. 93 pub fn with_capacity(capacity: usize) -> Result<Self, OutOfMemory> { 94 let mut v = Self::new(); 95 v.reserve(capacity)?; 96 Ok(v) 97 } 98 99 // For use with the `vec!` macro. 100 #[doc(hidden)] 101 #[inline] 102 pub fn from_elem(elem: T, len: NonZeroUsize) -> Result<Self, OutOfMemory> 103 where 104 T: TryClone, 105 { 106 let mut v = Self::with_capacity(len.get())?; 107 108 // Minimize calls to `TryClone` by always pushing `elem` itself as the 109 // last element. 110 for _ in 0..len.get() - 1 { 111 v.push(elem.try_clone()?)?; 112 } 113 v.push(elem)?; 114 115 Ok(v) 116 } 117 118 /// Same as [`std::vec::Vec::reserve`] but returns an error on allocation 119 /// failure. 120 pub fn reserve(&mut self, additional: usize) -> Result<(), OutOfMemory> { 121 self.inner.try_reserve(additional).map_err(|_| { 122 OutOfMemory::new( 123 self.len() 124 .saturating_add(additional) 125 .saturating_mul(mem::size_of::<T>()), 126 ) 127 }) 128 } 129 130 /// Same as [`std::vec::Vec::reserve_exact`] but returns an error on allocation 131 /// failure. 132 pub fn reserve_exact(&mut self, additional: usize) -> Result<(), OutOfMemory> { 133 self.inner 134 .try_reserve_exact(additional) 135 .map_err(|_| OutOfMemory::new(self.len().saturating_add(additional))) 136 } 137 138 /// Same as [`std::vec::Vec::len`]. 139 pub fn len(&self) -> usize { 140 self.inner.len() 141 } 142 143 /// Same as [`std::vec::Vec::capacity`]. 144 pub fn capacity(&self) -> usize { 145 self.inner.capacity() 146 } 147 148 /// Same as [`std::vec::Vec::is_empty`]. 149 pub fn is_empty(&self) -> bool { 150 self.inner.is_empty() 151 } 152 153 /// Same as [`std::vec::Vec::push`] but returns an error on allocation 154 /// failure. 155 pub fn push(&mut self, value: T) -> Result<(), OutOfMemory> { 156 self.reserve(1)?; 157 self.inner.push(value); 158 Ok(()) 159 } 160 161 /// Same as [`std::vec::Vec::pop`]. 162 pub fn pop(&mut self) -> Option<T> { 163 self.inner.pop() 164 } 165 166 /// Same as [`std::vec::Vec::truncate`]. 167 pub fn truncate(&mut self, len: usize) { 168 self.inner.truncate(len); 169 } 170 171 /// Same as [`std::vec::Vec::resize`] but returns an error on allocation 172 /// failure. 173 pub fn resize(&mut self, new_len: usize, value: T) -> Result<(), OutOfMemory> 174 where 175 T: TryClone, 176 { 177 match new_len.cmp(&self.len()) { 178 Ordering::Less => self.truncate(new_len), 179 Ordering::Equal => {} 180 Ordering::Greater => { 181 let delta = new_len - self.len(); 182 self.reserve(delta)?; 183 // Minimize `try_clone` calls by always pushing `value` directly 184 // as the last element. 185 for _ in 0..delta - 1 { 186 self.push(value.try_clone()?)?; 187 } 188 self.push(value)?; 189 } 190 } 191 Ok(()) 192 } 193 194 /// Same as [`std::vec::Vec::into_raw_parts`]. 195 pub fn into_raw_parts(mut self) -> (*mut T, usize, usize) { 196 // NB: Can't use `Vec::into_raw_parts` until our MSRV is >= 1.93. 197 #[cfg(not(miri))] 198 { 199 let ptr = self.as_mut_ptr(); 200 let len = self.len(); 201 let cap = self.capacity(); 202 mem::forget(self); 203 (ptr, len, cap) 204 } 205 // NB: Miri requires using `into_raw_parts`, but always run on nightly, 206 // so it's fine to use there. 207 #[cfg(miri)] 208 { 209 let _ = &mut self; 210 self.inner.into_raw_parts() 211 } 212 } 213 214 /// Same as [`std::vec::Vec::from_raw_parts`]. 215 pub unsafe fn from_raw_parts(ptr: *mut T, length: usize, capacity: usize) -> Self { 216 Vec { 217 // Safety: Same as our unsafe contract. 218 inner: unsafe { StdVec::from_raw_parts(ptr, length, capacity) }, 219 } 220 } 221 222 /// Same as [`std::vec::Vec::drain`]. 223 pub fn drain<R>(&mut self, range: R) -> std_alloc::vec::Drain<'_, T> 224 where 225 R: core::ops::RangeBounds<usize>, 226 { 227 self.inner.drain(range) 228 } 229 230 /// Same as [`std::vec::Vec::shrink_to_fit`] but returns an error on 231 /// allocation failure. 232 pub fn shrink_to_fit(&mut self) -> Result<(), OutOfMemory> { 233 // If our length is already equal to our capacity, then there is nothing 234 // to shrink. 235 if self.len() == self.capacity() { 236 return Ok(()); 237 } 238 239 // `realloc` requires a non-zero original layout as well as a non-zero 240 // destination layout, so this guard ensures that the sizes below are 241 // all nonzero. This handles a few cases: 242 // 243 // * If `len == cap == 0` then no allocation has ever been made. 244 // * If `len == 0` and `cap != 0` then this function effectively frees 245 // the memory. 246 // * If `T` is a zero-sized type then nothing's been allocated either. 247 // 248 // In all of these cases delegate to the standard library's 249 // `shrink_to_fit` which is guaranteed to not perform a `realloc`. 250 if self.is_empty() || mem::size_of::<T>() == 0 { 251 self.inner.shrink_to_fit(); 252 return Ok(()); 253 } 254 255 let (ptr, len, cap) = mem::take(self).into_raw_parts(); 256 let layout = Layout::array::<T>(cap).unwrap(); 257 let new_size = Layout::array::<T>(len).unwrap().size(); 258 259 // SAFETY: `ptr` was previously allocated in the global allocator, 260 // `layout` has a nonzero size and matches the current allocation of 261 // `ptr`, `new_size` is nonzero, and `new_size` is a valid array size 262 // for `len` elements given its constructor. 263 let result = unsafe { try_realloc(ptr.cast(), layout, new_size) }; 264 265 match result { 266 Ok(ptr) => { 267 // SAFETY: `result` is allocated with the global allocator and 268 // has room for exactly `[T; len]`. 269 *self = unsafe { Self::from_raw_parts(ptr.cast::<T>().as_ptr(), len, len) }; 270 Ok(()) 271 } 272 Err(oom) => { 273 // SAFETY: If reallocation fails then it's guaranteed that the 274 // original allocation is not tampered with, so it's safe to 275 // reassemble the original vector. 276 *self = unsafe { Vec::from_raw_parts(ptr, len, cap) }; 277 Err(oom) 278 } 279 } 280 } 281 282 /// Same as [`std::vec::Vec::into_boxed_slice`] but returns an error on 283 /// allocation failure. 284 pub fn into_boxed_slice(mut self) -> Result<Box<[T]>, OutOfMemory> { 285 self.shrink_to_fit()?; 286 287 // Once we've shrunken the allocation to just the actual length, we can 288 // use `std`'s `into_boxed_slice` without fear of `realloc`. 289 Ok(self.inner.into_boxed_slice()) 290 } 291 } 292 293 impl<T> Deref for Vec<T> { 294 type Target = [T]; 295 296 fn deref(&self) -> &Self::Target { 297 &self.inner 298 } 299 } 300 301 impl<T> DerefMut for Vec<T> { 302 fn deref_mut(&mut self) -> &mut Self::Target { 303 &mut self.inner 304 } 305 } 306 307 impl<T, I> Index<I> for Vec<T> 308 where 309 I: SliceIndex<[T]>, 310 { 311 type Output = <I as SliceIndex<[T]>>::Output; 312 313 fn index(&self, index: I) -> &Self::Output { 314 &self.inner[index] 315 } 316 } 317 318 impl<T, I> IndexMut<I> for Vec<T> 319 where 320 I: SliceIndex<[T]>, 321 { 322 fn index_mut(&mut self, index: I) -> &mut Self::Output { 323 &mut self.inner[index] 324 } 325 } 326 327 impl<T> IntoIterator for Vec<T> { 328 type Item = T; 329 type IntoIter = std_alloc::vec::IntoIter<T>; 330 331 fn into_iter(self) -> Self::IntoIter { 332 self.inner.into_iter() 333 } 334 } 335 336 impl<'a, T> IntoIterator for &'a Vec<T> { 337 type Item = &'a T; 338 339 type IntoIter = core::slice::Iter<'a, T>; 340 341 fn into_iter(self) -> Self::IntoIter { 342 (**self).iter() 343 } 344 } 345 346 impl<'a, T> IntoIterator for &'a mut Vec<T> { 347 type Item = &'a mut T; 348 349 type IntoIter = core::slice::IterMut<'a, T>; 350 351 fn into_iter(self) -> Self::IntoIter { 352 (**self).iter_mut() 353 } 354 } 355 356 impl<T> From<Vec<T>> for StdVec<T> { 357 fn from(v: Vec<T>) -> Self { 358 v.inner 359 } 360 } 361 362 impl<T> From<StdVec<T>> for Vec<T> { 363 fn from(inner: StdVec<T>) -> Self { 364 Self { inner } 365 } 366 } 367 368 impl<T> From<Box<[T]>> for Vec<T> { 369 fn from(boxed_slice: Box<[T]>) -> Self { 370 Self::from(StdVec::from(boxed_slice)) 371 } 372 } 373 374 impl<T> serde::ser::Serialize for Vec<T> 375 where 376 T: serde::ser::Serialize, 377 { 378 fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error> 379 where 380 S: serde::Serializer, 381 { 382 let mut seq = serializer.serialize_seq(Some(self.len()))?; 383 for elem in self { 384 seq.serialize_element(elem)?; 385 } 386 seq.end() 387 } 388 } 389 390 impl<'de, T> serde::de::Deserialize<'de> for Vec<T> 391 where 392 T: serde::de::Deserialize<'de>, 393 { 394 fn deserialize<D>(deserializer: D) -> Result<Self, D::Error> 395 where 396 D: serde::Deserializer<'de>, 397 { 398 struct Visitor<T>(PhantomData<fn() -> Vec<T>>); 399 400 impl<'de, T> serde::de::Visitor<'de> for Visitor<T> 401 where 402 T: serde::de::Deserialize<'de>, 403 { 404 type Value = Vec<T>; 405 406 fn expecting(&self, f: &mut fmt::Formatter) -> fmt::Result { 407 f.write_str("a `wasmtime_core::alloc::Vec` sequence") 408 } 409 410 fn visit_seq<A>(self, mut seq: A) -> Result<Self::Value, A::Error> 411 where 412 A: serde::de::SeqAccess<'de>, 413 { 414 use serde::de::Error as _; 415 416 let mut v = Vec::new(); 417 418 if let Some(len) = seq.size_hint() { 419 v.reserve_exact(len).map_err(|oom| A::Error::custom(oom))?; 420 } 421 422 while let Some(elem) = seq.next_element()? { 423 v.push(elem).map_err(|oom| A::Error::custom(oom))?; 424 } 425 426 Ok(v) 427 } 428 } 429 430 deserializer.deserialize_seq(Visitor(PhantomData)) 431 } 432 } 433 434 #[cfg(test)] 435 mod tests { 436 use super::Vec; 437 use crate::error::OutOfMemory; 438 439 #[test] 440 fn test_into_boxed_slice() -> Result<(), OutOfMemory> { 441 assert_eq!(*Vec::<i32>::new().into_boxed_slice()?, []); 442 443 let mut vec = Vec::new(); 444 vec.push(1)?; 445 assert_eq!(*vec.into_boxed_slice()?, [1]); 446 447 let mut vec = Vec::with_capacity(2)?; 448 vec.push(1)?; 449 assert_eq!(*vec.into_boxed_slice()?, [1]); 450 451 let mut vec = Vec::with_capacity(2)?; 452 vec.push(1_u128)?; 453 assert_eq!(*vec.into_boxed_slice()?, [1]); 454 455 assert_eq!(*Vec::<()>::new().into_boxed_slice()?, []); 456 457 let mut vec = Vec::new(); 458 vec.push(())?; 459 assert_eq!(*vec.into_boxed_slice()?, [()]); 460 461 let vec = Vec::<i32>::with_capacity(2)?; 462 assert_eq!(*vec.into_boxed_slice()?, []); 463 Ok(()) 464 } 465 } 466