1 // Copyright 2012-2014 The Rust Project Developers. See the COPYRIGHT
2 // file at the top-level directory of this distribution and at
3 // http://rust-lang.org/COPYRIGHT.
5 // Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
6 // http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
7 // <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
8 // option. This file may not be copied, modified, or distributed
9 // except according to those terms.
11 //! Basic functions for dealing with memory
13 //! This module contains functions for querying the size and alignment of
14 //! types, initializing and manipulating memory.
16 #![stable(feature = "rust1", since = "1.0.0")]
22 #[stable(feature = "rust1", since = "1.0.0")]
23 pub use intrinsics
::transmute
;
25 /// Leaks a value into the void, consuming ownership and never running its
28 /// This function will take ownership of its argument, but is distinct from the
29 /// `mem::drop` function in that it **does not run the destructor**, leaking the
30 /// value and any resources that it owns.
34 /// This function is not marked as `unsafe` as Rust does not guarantee that the
35 /// `Drop` implementation for a value will always run. Note, however, that
36 /// leaking resources such as memory or I/O objects is likely not desired, so
37 /// this function is only recommended for specialized use cases.
39 /// The safety of this function implies that when writing `unsafe` code
40 /// yourself care must be taken when leveraging a destructor that is required to
41 /// run to preserve memory safety. There are known situations where the
42 /// destructor may not run (such as if ownership of the object with the
43 /// destructor is returned) which must be taken into account.
45 /// # Other forms of Leakage
47 /// It's important to point out that this function is not the only method by
48 /// which a value can be leaked in safe Rust code. Other known sources of
51 /// * `Rc` and `Arc` cycles
52 /// * `mpsc::{Sender, Receiver}` cycles (they use `Arc` internally)
53 /// * Panicking destructors are likely to leak local resources
59 /// use std::fs::File;
61 /// // Leak some heap memory by never deallocating it
62 /// let heap_memory = Box::new(3);
63 /// mem::forget(heap_memory);
65 /// // Leak an I/O object, never closing the file
66 /// let file = File::open("foo.txt").unwrap();
67 /// mem::forget(file);
69 #[stable(feature = "rust1", since = "1.0.0")]
70 pub fn forget
<T
>(t
: T
) {
71 unsafe { intrinsics::forget(t) }
74 /// Returns the size of a type in bytes.
81 /// assert_eq!(4, mem::size_of::<i32>());
84 #[stable(feature = "rust1", since = "1.0.0")]
85 pub fn size_of
<T
>() -> usize {
86 unsafe { intrinsics::size_of::<T>() }
89 /// Returns the size of the type that `val` points to in bytes.
96 /// assert_eq!(4, mem::size_of_val(&5i32));
100 #[stable(feature = "rust1", since = "1.0.0")]
101 pub fn size_of_val
<T
: ?Sized
>(val
: &T
) -> usize {
102 unsafe { intrinsics::size_of_val(val) }
105 /// Returns the size of the type that `_val` points to in bytes.
112 /// assert_eq!(4, mem::size_of_val(&5i32));
116 #[stable(feature = "rust1", since = "1.0.0")]
117 pub fn size_of_val
<T
>(_val
: &T
) -> usize {
121 /// Returns the ABI-required minimum alignment of a type
123 /// This is the alignment used for struct fields. It may be smaller than the preferred alignment.
130 /// assert_eq!(4, mem::min_align_of::<i32>());
133 #[stable(feature = "rust1", since = "1.0.0")]
134 pub fn min_align_of
<T
>() -> usize {
135 unsafe { intrinsics::min_align_of::<T>() }
138 /// Returns the ABI-required minimum alignment of the type of the value that `val` points to
145 /// assert_eq!(4, mem::min_align_of_val(&5i32));
149 #[stable(feature = "rust1", since = "1.0.0")]
150 pub fn min_align_of_val
<T
: ?Sized
>(val
: &T
) -> usize {
151 unsafe { intrinsics::min_align_of_val(val) }
154 /// Returns the ABI-required minimum alignment of the type of the value that `_val` points to
161 /// assert_eq!(4, mem::min_align_of_val(&5i32));
165 #[stable(feature = "rust1", since = "1.0.0")]
166 pub fn min_align_of_val
<T
>(_val
: &T
) -> usize {
170 /// Returns the alignment in memory for a type.
172 /// This function will return the alignment, in bytes, of a type in memory. If the alignment
173 /// returned is adhered to, then the type is guaranteed to function properly.
180 /// assert_eq!(4, mem::align_of::<i32>());
183 #[stable(feature = "rust1", since = "1.0.0")]
184 pub fn align_of
<T
>() -> usize {
185 // We use the preferred alignment as the default alignment for a type. This
186 // appears to be what clang migrated towards as well:
188 // http://lists.cs.uiuc.edu/pipermail/cfe-commits/Week-of-Mon-20110725/044411.html
189 unsafe { intrinsics::pref_align_of::<T>() }
192 /// Returns the alignment of the type of the value that `_val` points to.
194 /// This is similar to `align_of`, but function will properly handle types such as trait objects
195 /// (in the future), returning the alignment for an arbitrary value at runtime.
202 /// assert_eq!(4, mem::align_of_val(&5i32));
205 #[stable(feature = "rust1", since = "1.0.0")]
206 pub fn align_of_val
<T
>(_val
: &T
) -> usize {
210 /// Creates a value initialized to zero.
212 /// This function is similar to allocating space for a local variable and zeroing it out (an unsafe
215 /// Care must be taken when using this function, if the type `T` has a destructor and the value
216 /// falls out of scope (due to unwinding or returning) before being initialized, then the
217 /// destructor will run on zeroed data, likely leading to crashes.
219 /// This is useful for FFI functions sometimes, but should generally be avoided.
226 /// let x: i32 = unsafe { mem::zeroed() };
229 #[stable(feature = "rust1", since = "1.0.0")]
230 pub unsafe fn zeroed
<T
>() -> T
{
234 /// Creates a value initialized to an unspecified series of bytes.
236 /// The byte sequence usually indicates that the value at the memory
237 /// in question has been dropped. Thus, *if* T carries a drop flag,
238 /// any associated destructor will not be run when the value falls out
241 /// Some code at one time used the `zeroed` function above to
242 /// accomplish this goal.
244 /// This function is expected to be deprecated with the transition
245 /// to non-zeroing drop.
247 #[unstable(feature = "filling_drop")]
248 pub unsafe fn dropped
<T
>() -> T
{
250 unsafe fn dropped_impl
<T
>() -> T { intrinsics::init_dropped() }
255 /// Creates an uninitialized value.
257 /// Care must be taken when using this function, if the type `T` has a destructor and the value
258 /// falls out of scope (due to unwinding or returning) before being initialized, then the
259 /// destructor will run on uninitialized data, likely leading to crashes.
261 /// This is useful for FFI functions sometimes, but should generally be avoided.
268 /// let x: i32 = unsafe { mem::uninitialized() };
271 #[stable(feature = "rust1", since = "1.0.0")]
272 pub unsafe fn uninitialized
<T
>() -> T
{
276 /// Swap the values at two mutable locations of the same type, without deinitialising or copying
289 /// assert_eq!(42, *x);
290 /// assert_eq!(5, *y);
293 #[stable(feature = "rust1", since = "1.0.0")]
294 pub fn swap
<T
>(x
: &mut T
, y
: &mut T
) {
296 // Give ourselves some scratch space to work with
297 let mut t
: T
= uninitialized();
299 // Perform the swap, `&mut` pointers never alias
300 ptr
::copy_nonoverlapping(&*x
, &mut t
, 1);
301 ptr
::copy_nonoverlapping(&*y
, x
, 1);
302 ptr
::copy_nonoverlapping(&t
, y
, 1);
304 // y and t now point to the same thing, but we need to completely forget `t`
305 // because it's no longer relevant.
310 /// Replaces the value at a mutable location with a new one, returning the old value, without
311 /// deinitialising or copying either one.
313 /// This is primarily used for transferring and swapping ownership of a value in a mutable
318 /// A simple example:
323 /// let mut v: Vec<i32> = Vec::new();
325 /// mem::replace(&mut v, Vec::new());
328 /// This function allows consumption of one field of a struct by replacing it with another value.
329 /// The normal approach doesn't always work:
332 /// struct Buffer<T> { buf: Vec<T> }
334 /// impl<T> Buffer<T> {
335 /// fn get_and_reset(&mut self) -> Vec<T> {
336 /// // error: cannot move out of dereference of `&mut`-pointer
337 /// let buf = self.buf;
338 /// self.buf = Vec::new();
344 /// Note that `T` does not necessarily implement `Clone`, so it can't even clone and reset
345 /// `self.buf`. But `replace` can be used to disassociate the original value of `self.buf` from
346 /// `self`, allowing it to be returned:
350 /// # struct Buffer<T> { buf: Vec<T> }
351 /// impl<T> Buffer<T> {
352 /// fn get_and_reset(&mut self) -> Vec<T> {
353 /// mem::replace(&mut self.buf, Vec::new())
358 #[stable(feature = "rust1", since = "1.0.0")]
359 pub fn replace
<T
>(dest
: &mut T
, mut src
: T
) -> T
{
360 swap(dest
, &mut src
);
364 /// Disposes of a value.
366 /// This function can be used to destroy any value by allowing `drop` to take ownership of its
372 /// use std::cell::RefCell;
374 /// let x = RefCell::new(1);
376 /// let mut mutable_borrow = x.borrow_mut();
377 /// *mutable_borrow = 1;
379 /// drop(mutable_borrow); // relinquish the mutable borrow on this slot
381 /// let borrow = x.borrow();
382 /// println!("{}", *borrow);
385 #[stable(feature = "rust1", since = "1.0.0")]
386 pub fn drop
<T
>(_x
: T
) { }
388 macro_rules
! repeat_u8_as_u32
{
389 ($name
:expr
) => { (($name
as u32) << 24 |
390 ($name
as u32) << 16 |
391 ($name
as u32) << 8 |
394 macro_rules
! repeat_u8_as_u64
{
395 ($name
:expr
) => { ((repeat_u8_as_u32
!($name
) as u64) << 32 |
396 (repeat_u8_as_u32
!($name
) as u64)) }
399 // NOTE: Keep synchronized with values used in librustc_trans::trans::adt.
401 // In particular, the POST_DROP_U8 marker must never equal the
402 // DTOR_NEEDED_U8 marker.
404 // For a while pnkfelix was using 0xc1 here.
405 // But having the sign bit set is a pain, so 0x1d is probably better.
407 // And of course, 0x00 brings back the old world of zero'ing on drop.
408 #[unstable(feature = "filling_drop")]
409 pub const POST_DROP_U8
: u8 = 0x1d;
410 #[unstable(feature = "filling_drop")]
411 pub const POST_DROP_U32
: u32 = repeat_u8_as_u32
!(POST_DROP_U8
);
412 #[unstable(feature = "filling_drop")]
413 pub const POST_DROP_U64
: u64 = repeat_u8_as_u64
!(POST_DROP_U8
);
415 #[cfg(target_pointer_width = "32")]
416 #[unstable(feature = "filling_drop")]
417 pub const POST_DROP_USIZE
: usize = POST_DROP_U32
as usize;
418 #[cfg(target_pointer_width = "64")]
419 #[unstable(feature = "filling_drop")]
420 pub const POST_DROP_USIZE
: usize = POST_DROP_U64
as usize;
422 /// Interprets `src` as `&U`, and then reads `src` without moving the contained
425 /// This function will unsafely assume the pointer `src` is valid for
426 /// `sizeof(U)` bytes by transmuting `&T` to `&U` and then reading the `&U`. It
427 /// will also unsafely create a copy of the contained value instead of moving
430 /// It is not a compile-time error if `T` and `U` have different sizes, but it
431 /// is highly encouraged to only invoke this function where `T` and `U` have the
432 /// same size. This function triggers undefined behavior if `U` is larger than
440 /// let one = unsafe { mem::transmute_copy(&1) };
442 /// assert_eq!(1, one);
445 #[stable(feature = "rust1", since = "1.0.0")]
446 pub unsafe fn transmute_copy
<T
, U
>(src
: &T
) -> U
{
447 // FIXME(#23542) Replace with type ascription.
448 #![allow(trivial_casts)]
449 ptr
::read(src
as *const T
as *const U
)
452 /// Transforms lifetime of the second pointer to match the first.
454 #[unstable(feature = "core",
455 reason
= "this function may be removed in the future due to its \
456 questionable utility")]
457 pub unsafe fn copy_lifetime
<'a
, S
: ?Sized
, T
: ?Sized
+ 'a
>(_ptr
: &'a S
,
462 /// Transforms lifetime of the second mutable pointer to match the first.
464 #[unstable(feature = "core",
465 reason
= "this function may be removed in the future due to its \
466 questionable utility")]
467 pub unsafe fn copy_mut_lifetime
<'a
, S
: ?Sized
, T
: ?Sized
+ 'a
>(_ptr
: &'a S
,