1 use crate::alloc::{TryClone, try_realloc}; 2 use crate::error::OutOfMemory; 3 use core::borrow::Borrow; 4 use core::{ 5 cmp::Ordering, 6 fmt, mem, 7 num::NonZeroUsize, 8 ops::{Deref, DerefMut, Index, IndexMut}, 9 slice::SliceIndex, 10 }; 11 #[cfg(feature = "serde")] 12 use serde::ser::SerializeSeq; 13 use std_alloc::alloc::Layout; 14 use std_alloc::boxed::Box; 15 use std_alloc::vec::Vec as StdVec; 16 17 /// Same as the [`std::vec!`] macro but returns an error on allocation failure. 18 #[macro_export] 19 macro_rules! try_vec { 20 ( $( $elem:expr ),* ) => {{ 21 let len = $crate::private_len!( $( $elem ),* ); 22 $crate::alloc::TryVec::with_capacity(len).and_then(|mut v| { 23 $( v.push($elem)?; )* 24 let _ = &mut v; 25 Ok(v) 26 }) 27 }}; 28 29 ( $elem:expr; $len:expr ) => {{ 30 let len: usize = $len; 31 if let Some(len) = ::core::num::NonZeroUsize::new(len) { 32 let elem = $elem; 33 $crate::alloc::TryVec::from_elem(elem, len) 34 } else { 35 Ok($crate::alloc::TryVec::new()) 36 } 37 }}; 38 39 } 40 41 // Only for use by the `vec!` macro. 42 #[doc(hidden)] 43 #[macro_export] 44 macro_rules! private_len { 45 ( ) => { 0 }; 46 ( $e:expr $( , $es:expr )* ) => { 1 + $crate::private_len!( $( $es ),* ) }; 47 } 48 49 /// Like `std::vec::Vec` but all methods that allocate force handling allocation 50 /// failure. 51 #[derive(PartialEq, Eq, PartialOrd, Ord, Hash)] 52 pub struct TryVec<T> { 53 inner: StdVec<T>, 54 } 55 56 impl<T> Default for TryVec<T> { 57 fn default() -> Self { 58 Self { 59 inner: Default::default(), 60 } 61 } 62 } 63 64 impl<T: fmt::Debug> fmt::Debug for TryVec<T> { 65 fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { 66 fmt::Debug::fmt(&self.inner, f) 67 } 68 } 69 70 impl<T> TryClone for TryVec<T> 71 where 72 T: TryClone, 73 { 74 fn try_clone(&self) -> Result<Self, OutOfMemory> { 75 let mut v = TryVec::with_capacity(self.len())?; 76 for x in self { 77 v.push(x.try_clone()?).expect("reserved capacity"); 78 } 79 Ok(v) 80 } 81 } 82 83 impl<T> TryVec<T> { 84 /// Same as [`std::vec::Vec::new`]. 85 pub const fn new() -> Self { 86 Self { 87 inner: StdVec::new(), 88 } 89 } 90 91 /// Same as [`std::vec::Vec::with_capacity`] but returns an error on 92 /// allocation failure. 93 pub fn with_capacity(capacity: usize) -> Result<Self, OutOfMemory> { 94 let mut v = Self::new(); 95 v.reserve(capacity)?; 96 Ok(v) 97 } 98 99 // For use with the `vec!` macro. 100 #[doc(hidden)] 101 #[inline] 102 pub fn from_elem(elem: T, len: NonZeroUsize) -> Result<Self, OutOfMemory> 103 where 104 T: TryClone, 105 { 106 let mut v = Self::with_capacity(len.get())?; 107 108 // Minimize calls to `TryClone` by always pushing `elem` itself as the 109 // last element. 110 for _ in 0..len.get() - 1 { 111 v.push(elem.try_clone()?)?; 112 } 113 v.push(elem)?; 114 115 Ok(v) 116 } 117 118 /// Same as [`std::vec::Vec::reserve`] but returns an error on allocation 119 /// failure. 120 pub fn reserve(&mut self, additional: usize) -> Result<(), OutOfMemory> { 121 self.inner.try_reserve(additional).map_err(|_| { 122 OutOfMemory::new( 123 self.len() 124 .saturating_add(additional) 125 .saturating_mul(mem::size_of::<T>()), 126 ) 127 }) 128 } 129 130 /// Same as [`std::vec::Vec::reserve_exact`] but returns an error on allocation 131 /// failure. 132 pub fn reserve_exact(&mut self, additional: usize) -> Result<(), OutOfMemory> { 133 self.inner 134 .try_reserve_exact(additional) 135 .map_err(|_| OutOfMemory::new(self.len().saturating_add(additional))) 136 } 137 138 /// Same as [`std::vec::Vec::len`]. 139 pub fn len(&self) -> usize { 140 self.inner.len() 141 } 142 143 /// Same as [`std::vec::Vec::capacity`]. 144 pub fn capacity(&self) -> usize { 145 self.inner.capacity() 146 } 147 148 /// Same as [`std::vec::Vec::is_empty`]. 149 pub fn is_empty(&self) -> bool { 150 self.inner.is_empty() 151 } 152 153 /// Same as [`std::vec::Vec::push`] but returns an error on allocation 154 /// failure. 155 pub fn push(&mut self, value: T) -> Result<(), OutOfMemory> { 156 self.reserve(1)?; 157 self.inner.push(value); 158 Ok(()) 159 } 160 161 /// Same as [`std::vec::Vec::pop`]. 162 pub fn pop(&mut self) -> Option<T> { 163 self.inner.pop() 164 } 165 166 /// Same as [`std::vec::Vec::truncate`]. 167 pub fn truncate(&mut self, len: usize) { 168 self.inner.truncate(len); 169 } 170 171 /// Same as [`std::vec::Vec::resize`] but returns an error on allocation 172 /// failure. 173 pub fn resize(&mut self, new_len: usize, value: T) -> Result<(), OutOfMemory> 174 where 175 T: TryClone, 176 { 177 match new_len.cmp(&self.len()) { 178 Ordering::Less => self.truncate(new_len), 179 Ordering::Equal => {} 180 Ordering::Greater => { 181 let delta = new_len - self.len(); 182 self.reserve(delta)?; 183 // Minimize `try_clone` calls by always pushing `value` directly 184 // as the last element. 185 for _ in 0..delta - 1 { 186 self.push(value.try_clone()?)?; 187 } 188 self.push(value)?; 189 } 190 } 191 Ok(()) 192 } 193 194 /// Same as [`std::vec::Vec::retain`]. 195 pub fn retain<F>(&mut self, f: F) 196 where 197 F: FnMut(&T) -> bool, 198 { 199 self.inner.retain(f); 200 } 201 202 /// Same as [`std::vec::Vec::retain_mut`]. 203 pub fn retain_mut<F>(&mut self, f: F) 204 where 205 F: FnMut(&mut T) -> bool, 206 { 207 self.inner.retain_mut(f); 208 } 209 210 /// Same as [`std::vec::Vec::into_raw_parts`]. 211 pub fn into_raw_parts(mut self) -> (*mut T, usize, usize) { 212 // NB: Can't use `Vec::into_raw_parts` until our MSRV is >= 1.93. 213 #[cfg(not(miri))] 214 { 215 let ptr = self.as_mut_ptr(); 216 let len = self.len(); 217 let cap = self.capacity(); 218 mem::forget(self); 219 (ptr, len, cap) 220 } 221 // NB: Miri requires using `into_raw_parts`, but always run on nightly, 222 // so it's fine to use there. 223 #[cfg(miri)] 224 { 225 let _ = &mut self; 226 self.inner.into_raw_parts() 227 } 228 } 229 230 /// Same as [`std::vec::Vec::from_raw_parts`]. 231 pub unsafe fn from_raw_parts(ptr: *mut T, length: usize, capacity: usize) -> Self { 232 TryVec { 233 // Safety: Same as our unsafe contract. 234 inner: unsafe { StdVec::from_raw_parts(ptr, length, capacity) }, 235 } 236 } 237 238 /// Same as [`std::vec::Vec::drain`]. 239 pub fn drain<R>(&mut self, range: R) -> std_alloc::vec::Drain<'_, T> 240 where 241 R: core::ops::RangeBounds<usize>, 242 { 243 self.inner.drain(range) 244 } 245 246 /// Same as [`std::vec::Vec::shrink_to_fit`] but returns an error on 247 /// allocation failure. 248 pub fn shrink_to_fit(&mut self) -> Result<(), OutOfMemory> { 249 // If our length is already equal to our capacity, then there is nothing 250 // to shrink. 251 if self.len() == self.capacity() { 252 return Ok(()); 253 } 254 255 // `realloc` requires a non-zero original layout as well as a non-zero 256 // destination layout, so this guard ensures that the sizes below are 257 // all nonzero. This handles a few cases: 258 // 259 // * If `len == cap == 0` then no allocation has ever been made. 260 // * If `len == 0` and `cap != 0` then this function effectively frees 261 // the memory. 262 // * If `T` is a zero-sized type then nothing's been allocated either. 263 // 264 // In all of these cases delegate to the standard library's 265 // `shrink_to_fit` which is guaranteed to not perform a `realloc`. 266 if self.is_empty() || mem::size_of::<T>() == 0 { 267 self.inner.shrink_to_fit(); 268 return Ok(()); 269 } 270 271 let (ptr, len, cap) = mem::take(self).into_raw_parts(); 272 let layout = Layout::array::<T>(cap).unwrap(); 273 let new_size = Layout::array::<T>(len).unwrap().size(); 274 275 // SAFETY: `ptr` was previously allocated in the global allocator, 276 // `layout` has a nonzero size and matches the current allocation of 277 // `ptr`, `new_size` is nonzero, and `new_size` is a valid array size 278 // for `len` elements given its constructor. 279 let result = unsafe { try_realloc(ptr.cast(), layout, new_size) }; 280 281 match result { 282 Ok(ptr) => { 283 // SAFETY: `result` is allocated with the global allocator and 284 // has room for exactly `[T; len]`. 285 *self = unsafe { Self::from_raw_parts(ptr.cast::<T>().as_ptr(), len, len) }; 286 Ok(()) 287 } 288 Err(oom) => { 289 // SAFETY: If reallocation fails then it's guaranteed that the 290 // original allocation is not tampered with, so it's safe to 291 // reassemble the original vector. 292 *self = unsafe { TryVec::from_raw_parts(ptr, len, cap) }; 293 Err(oom) 294 } 295 } 296 } 297 298 /// Same as [`std::vec::Vec::into_boxed_slice`] but returns an error on 299 /// allocation failure. 300 pub fn into_boxed_slice(mut self) -> Result<Box<[T]>, OutOfMemory> { 301 self.shrink_to_fit()?; 302 303 // Once we've shrunken the allocation to just the actual length, we can 304 // use `std`'s `into_boxed_slice` without fear of `realloc`. 305 Ok(self.inner.into_boxed_slice()) 306 } 307 308 /// Same as [`std::vec::Vec::clear`]. 309 pub fn clear(&mut self) { 310 self.inner.clear(); 311 } 312 } 313 314 impl<T> Deref for TryVec<T> { 315 type Target = [T]; 316 317 fn deref(&self) -> &Self::Target { 318 &self.inner 319 } 320 } 321 322 impl<T> DerefMut for TryVec<T> { 323 fn deref_mut(&mut self) -> &mut Self::Target { 324 &mut self.inner 325 } 326 } 327 328 impl<T> AsRef<[T]> for TryVec<T> { 329 fn as_ref(&self) -> &[T] { 330 self 331 } 332 } 333 334 impl<T> Borrow<[T]> for TryVec<T> { 335 fn borrow(&self) -> &[T] { 336 self 337 } 338 } 339 340 impl<T, I> Index<I> for TryVec<T> 341 where 342 I: SliceIndex<[T]>, 343 { 344 type Output = <I as SliceIndex<[T]>>::Output; 345 346 fn index(&self, index: I) -> &Self::Output { 347 &self.inner[index] 348 } 349 } 350 351 impl<T, I> IndexMut<I> for TryVec<T> 352 where 353 I: SliceIndex<[T]>, 354 { 355 fn index_mut(&mut self, index: I) -> &mut Self::Output { 356 &mut self.inner[index] 357 } 358 } 359 360 impl<T> IntoIterator for TryVec<T> { 361 type Item = T; 362 type IntoIter = std_alloc::vec::IntoIter<T>; 363 364 fn into_iter(self) -> Self::IntoIter { 365 self.inner.into_iter() 366 } 367 } 368 369 impl<'a, T> IntoIterator for &'a TryVec<T> { 370 type Item = &'a T; 371 372 type IntoIter = core::slice::Iter<'a, T>; 373 374 fn into_iter(self) -> Self::IntoIter { 375 (**self).iter() 376 } 377 } 378 379 impl<'a, T> IntoIterator for &'a mut TryVec<T> { 380 type Item = &'a mut T; 381 382 type IntoIter = core::slice::IterMut<'a, T>; 383 384 fn into_iter(self) -> Self::IntoIter { 385 (**self).iter_mut() 386 } 387 } 388 389 impl<T> From<TryVec<T>> for StdVec<T> { 390 fn from(v: TryVec<T>) -> Self { 391 v.inner 392 } 393 } 394 395 impl<T> From<StdVec<T>> for TryVec<T> { 396 fn from(inner: StdVec<T>) -> Self { 397 Self { inner } 398 } 399 } 400 401 impl<T> From<Box<[T]>> for TryVec<T> { 402 fn from(boxed_slice: Box<[T]>) -> Self { 403 Self::from(StdVec::from(boxed_slice)) 404 } 405 } 406 407 #[cfg(feature = "serde")] 408 impl<T> serde::ser::Serialize for TryVec<T> 409 where 410 T: serde::ser::Serialize, 411 { 412 fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error> 413 where 414 S: serde::Serializer, 415 { 416 let mut seq = serializer.serialize_seq(Some(self.len()))?; 417 for elem in self { 418 seq.serialize_element(elem)?; 419 } 420 seq.end() 421 } 422 } 423 424 #[cfg(feature = "serde")] 425 impl<'de, T> serde::de::Deserialize<'de> for TryVec<T> 426 where 427 T: serde::de::Deserialize<'de>, 428 { 429 fn deserialize<D>(deserializer: D) -> Result<Self, D::Error> 430 where 431 D: serde::Deserializer<'de>, 432 { 433 use core::marker::PhantomData; 434 435 struct Visitor<T>(PhantomData<fn() -> TryVec<T>>); 436 437 impl<'de, T> serde::de::Visitor<'de> for Visitor<T> 438 where 439 T: serde::de::Deserialize<'de>, 440 { 441 type Value = TryVec<T>; 442 443 fn expecting(&self, f: &mut fmt::Formatter) -> fmt::Result { 444 f.write_str("a `wasmtime_core::alloc::Vec` sequence") 445 } 446 447 fn visit_seq<A>(self, mut seq: A) -> Result<Self::Value, A::Error> 448 where 449 A: serde::de::SeqAccess<'de>, 450 { 451 use serde::de::Error as _; 452 453 let mut v = TryVec::new(); 454 455 if let Some(len) = seq.size_hint() { 456 v.reserve_exact(len).map_err(|oom| A::Error::custom(oom))?; 457 } 458 459 while let Some(elem) = seq.next_element()? { 460 v.push(elem).map_err(|oom| A::Error::custom(oom))?; 461 } 462 463 Ok(v) 464 } 465 } 466 467 deserializer.deserialize_seq(Visitor(PhantomData)) 468 } 469 } 470 471 #[cfg(test)] 472 mod tests { 473 use super::TryVec; 474 use crate::error::OutOfMemory; 475 476 #[test] 477 fn test_into_boxed_slice() -> Result<(), OutOfMemory> { 478 assert_eq!(*TryVec::<i32>::new().into_boxed_slice()?, []); 479 480 let mut vec = TryVec::new(); 481 vec.push(1)?; 482 assert_eq!(*vec.into_boxed_slice()?, [1]); 483 484 let mut vec = TryVec::with_capacity(2)?; 485 vec.push(1)?; 486 assert_eq!(*vec.into_boxed_slice()?, [1]); 487 488 let mut vec = TryVec::with_capacity(2)?; 489 vec.push(1_u128)?; 490 assert_eq!(*vec.into_boxed_slice()?, [1]); 491 492 assert_eq!(*TryVec::<()>::new().into_boxed_slice()?, []); 493 494 let mut vec = TryVec::new(); 495 vec.push(())?; 496 assert_eq!(*vec.into_boxed_slice()?, [()]); 497 498 let vec = TryVec::<i32>::with_capacity(2)?; 499 assert_eq!(*vec.into_boxed_slice()?, []); 500 Ok(()) 501 } 502 } 503