1 | #![stable (feature = "rust1" , since = "1.0.0" )] |
2 | |
3 | //! Thread-safe reference-counting pointers. |
4 | //! |
5 | //! See the [`Arc<T>`][Arc] documentation for more details. |
6 | //! |
7 | //! **Note**: This module is only available on platforms that support atomic |
8 | //! loads and stores of pointers. This may be detected at compile time using |
9 | //! `#[cfg(target_has_atomic = "ptr")]`. |
10 | |
11 | use core::any::Any; |
12 | #[cfg (not(no_global_oom_handling))] |
13 | use core::clone::CloneToUninit; |
14 | use core::clone::UseCloned; |
15 | use core::cmp::Ordering; |
16 | use core::hash::{Hash, Hasher}; |
17 | use core::intrinsics::abort; |
18 | #[cfg (not(no_global_oom_handling))] |
19 | use core::iter; |
20 | use core::marker::{PhantomData, Unsize}; |
21 | use core::mem::{self, ManuallyDrop, align_of_val_raw}; |
22 | use core::num::NonZeroUsize; |
23 | use core::ops::{CoerceUnsized, Deref, DerefPure, DispatchFromDyn, LegacyReceiver}; |
24 | use core::panic::{RefUnwindSafe, UnwindSafe}; |
25 | use core::pin::{Pin, PinCoerceUnsized}; |
26 | use core::ptr::{self, NonNull}; |
27 | #[cfg (not(no_global_oom_handling))] |
28 | use core::slice::from_raw_parts_mut; |
29 | use core::sync::atomic; |
30 | use core::sync::atomic::Ordering::{Acquire, Relaxed, Release}; |
31 | use core::{borrow, fmt, hint}; |
32 | |
33 | #[cfg (not(no_global_oom_handling))] |
34 | use crate::alloc::handle_alloc_error; |
35 | use crate::alloc::{AllocError, Allocator, Global, Layout}; |
36 | use crate::borrow::{Cow, ToOwned}; |
37 | use crate::boxed::Box; |
38 | use crate::rc::is_dangling; |
39 | #[cfg (not(no_global_oom_handling))] |
40 | use crate::string::String; |
41 | #[cfg (not(no_global_oom_handling))] |
42 | use crate::vec::Vec; |
43 | |
44 | /// A soft limit on the amount of references that may be made to an `Arc`. |
45 | /// |
46 | /// Going above this limit will abort your program (although not |
47 | /// necessarily) at _exactly_ `MAX_REFCOUNT + 1` references. |
48 | /// Trying to go above it might call a `panic` (if not actually going above it). |
49 | /// |
50 | /// This is a global invariant, and also applies when using a compare-exchange loop. |
51 | /// |
52 | /// See comment in `Arc::clone`. |
53 | const MAX_REFCOUNT: usize = (isize::MAX) as usize; |
54 | |
55 | /// The error in case either counter reaches above `MAX_REFCOUNT`, and we can `panic` safely. |
56 | const INTERNAL_OVERFLOW_ERROR: &str = "Arc counter overflow" ; |
57 | |
58 | #[cfg (not(sanitize = "thread" ))] |
59 | macro_rules! acquire { |
60 | ($x:expr) => { |
61 | atomic::fence(Acquire) |
62 | }; |
63 | } |
64 | |
65 | // ThreadSanitizer does not support memory fences. To avoid false positive |
66 | // reports in Arc / Weak implementation use atomic loads for synchronization |
67 | // instead. |
68 | #[cfg (sanitize = "thread" )] |
69 | macro_rules! acquire { |
70 | ($x:expr) => { |
71 | $x.load(Acquire) |
72 | }; |
73 | } |
74 | |
75 | /// A thread-safe reference-counting pointer. 'Arc' stands for 'Atomically |
76 | /// Reference Counted'. |
77 | /// |
78 | /// The type `Arc<T>` provides shared ownership of a value of type `T`, |
79 | /// allocated in the heap. Invoking [`clone`][clone] on `Arc` produces |
80 | /// a new `Arc` instance, which points to the same allocation on the heap as the |
81 | /// source `Arc`, while increasing a reference count. When the last `Arc` |
82 | /// pointer to a given allocation is destroyed, the value stored in that allocation (often |
83 | /// referred to as "inner value") is also dropped. |
84 | /// |
85 | /// Shared references in Rust disallow mutation by default, and `Arc` is no |
86 | /// exception: you cannot generally obtain a mutable reference to something |
87 | /// inside an `Arc`. If you do need to mutate through an `Arc`, you have several options: |
88 | /// |
89 | /// 1. Use interior mutability with synchronization primitives like [`Mutex`][mutex], |
90 | /// [`RwLock`][rwlock], or one of the [`Atomic`][atomic] types. |
91 | /// |
92 | /// 2. Use clone-on-write semantics with [`Arc::make_mut`] which provides efficient mutation |
93 | /// without requiring interior mutability. This approach clones the data only when |
94 | /// needed (when there are multiple references) and can be more efficient when mutations |
95 | /// are infrequent. |
96 | /// |
97 | /// 3. Use [`Arc::get_mut`] when you know your `Arc` is not shared (has a reference count of 1), |
98 | /// which provides direct mutable access to the inner value without any cloning. |
99 | /// |
100 | /// ``` |
101 | /// use std::sync::Arc; |
102 | /// |
103 | /// let mut data = Arc::new(vec![1, 2, 3]); |
104 | /// |
105 | /// // This will clone the vector only if there are other references to it |
106 | /// Arc::make_mut(&mut data).push(4); |
107 | /// |
108 | /// assert_eq!(*data, vec![1, 2, 3, 4]); |
109 | /// ``` |
110 | /// |
111 | /// **Note**: This type is only available on platforms that support atomic |
112 | /// loads and stores of pointers, which includes all platforms that support |
113 | /// the `std` crate but not all those which only support [`alloc`](crate). |
114 | /// This may be detected at compile time using `#[cfg(target_has_atomic = "ptr")]`. |
115 | /// |
116 | /// ## Thread Safety |
117 | /// |
118 | /// Unlike [`Rc<T>`], `Arc<T>` uses atomic operations for its reference |
119 | /// counting. This means that it is thread-safe. The disadvantage is that |
120 | /// atomic operations are more expensive than ordinary memory accesses. If you |
121 | /// are not sharing reference-counted allocations between threads, consider using |
122 | /// [`Rc<T>`] for lower overhead. [`Rc<T>`] is a safe default, because the |
123 | /// compiler will catch any attempt to send an [`Rc<T>`] between threads. |
124 | /// However, a library might choose `Arc<T>` in order to give library consumers |
125 | /// more flexibility. |
126 | /// |
127 | /// `Arc<T>` will implement [`Send`] and [`Sync`] as long as the `T` implements |
128 | /// [`Send`] and [`Sync`]. Why can't you put a non-thread-safe type `T` in an |
129 | /// `Arc<T>` to make it thread-safe? This may be a bit counter-intuitive at |
130 | /// first: after all, isn't the point of `Arc<T>` thread safety? The key is |
131 | /// this: `Arc<T>` makes it thread safe to have multiple ownership of the same |
132 | /// data, but it doesn't add thread safety to its data. Consider |
133 | /// <code>Arc<[RefCell\<T>]></code>. [`RefCell<T>`] isn't [`Sync`], and if `Arc<T>` was always |
134 | /// [`Send`], <code>Arc<[RefCell\<T>]></code> would be as well. But then we'd have a problem: |
135 | /// [`RefCell<T>`] is not thread safe; it keeps track of the borrowing count using |
136 | /// non-atomic operations. |
137 | /// |
138 | /// In the end, this means that you may need to pair `Arc<T>` with some sort of |
139 | /// [`std::sync`] type, usually [`Mutex<T>`][mutex]. |
140 | /// |
141 | /// ## Breaking cycles with `Weak` |
142 | /// |
143 | /// The [`downgrade`][downgrade] method can be used to create a non-owning |
144 | /// [`Weak`] pointer. A [`Weak`] pointer can be [`upgrade`][upgrade]d |
145 | /// to an `Arc`, but this will return [`None`] if the value stored in the allocation has |
146 | /// already been dropped. In other words, `Weak` pointers do not keep the value |
147 | /// inside the allocation alive; however, they *do* keep the allocation |
148 | /// (the backing store for the value) alive. |
149 | /// |
150 | /// A cycle between `Arc` pointers will never be deallocated. For this reason, |
151 | /// [`Weak`] is used to break cycles. For example, a tree could have |
152 | /// strong `Arc` pointers from parent nodes to children, and [`Weak`] |
153 | /// pointers from children back to their parents. |
154 | /// |
155 | /// # Cloning references |
156 | /// |
157 | /// Creating a new reference from an existing reference-counted pointer is done using the |
158 | /// `Clone` trait implemented for [`Arc<T>`][Arc] and [`Weak<T>`][Weak]. |
159 | /// |
160 | /// ``` |
161 | /// use std::sync::Arc; |
162 | /// let foo = Arc::new(vec![1.0, 2.0, 3.0]); |
163 | /// // The two syntaxes below are equivalent. |
164 | /// let a = foo.clone(); |
165 | /// let b = Arc::clone(&foo); |
166 | /// // a, b, and foo are all Arcs that point to the same memory location |
167 | /// ``` |
168 | /// |
169 | /// ## `Deref` behavior |
170 | /// |
171 | /// `Arc<T>` automatically dereferences to `T` (via the [`Deref`] trait), |
172 | /// so you can call `T`'s methods on a value of type `Arc<T>`. To avoid name |
173 | /// clashes with `T`'s methods, the methods of `Arc<T>` itself are associated |
174 | /// functions, called using [fully qualified syntax]: |
175 | /// |
176 | /// ``` |
177 | /// use std::sync::Arc; |
178 | /// |
179 | /// let my_arc = Arc::new(()); |
180 | /// let my_weak = Arc::downgrade(&my_arc); |
181 | /// ``` |
182 | /// |
183 | /// `Arc<T>`'s implementations of traits like `Clone` may also be called using |
184 | /// fully qualified syntax. Some people prefer to use fully qualified syntax, |
185 | /// while others prefer using method-call syntax. |
186 | /// |
187 | /// ``` |
188 | /// use std::sync::Arc; |
189 | /// |
190 | /// let arc = Arc::new(()); |
191 | /// // Method-call syntax |
192 | /// let arc2 = arc.clone(); |
193 | /// // Fully qualified syntax |
194 | /// let arc3 = Arc::clone(&arc); |
195 | /// ``` |
196 | /// |
197 | /// [`Weak<T>`][Weak] does not auto-dereference to `T`, because the inner value may have |
198 | /// already been dropped. |
199 | /// |
200 | /// [`Rc<T>`]: crate::rc::Rc |
201 | /// [clone]: Clone::clone |
202 | /// [mutex]: ../../std/sync/struct.Mutex.html |
203 | /// [rwlock]: ../../std/sync/struct.RwLock.html |
204 | /// [atomic]: core::sync::atomic |
205 | /// [downgrade]: Arc::downgrade |
206 | /// [upgrade]: Weak::upgrade |
207 | /// [RefCell\<T>]: core::cell::RefCell |
208 | /// [`RefCell<T>`]: core::cell::RefCell |
209 | /// [`std::sync`]: ../../std/sync/index.html |
210 | /// [`Arc::clone(&from)`]: Arc::clone |
211 | /// [fully qualified syntax]: https://doc.rust-lang.org/book/ch19-03-advanced-traits.html#fully-qualified-syntax-for-disambiguation-calling-methods-with-the-same-name |
212 | /// |
213 | /// # Examples |
214 | /// |
215 | /// Sharing some immutable data between threads: |
216 | /// |
217 | /// ``` |
218 | /// use std::sync::Arc; |
219 | /// use std::thread; |
220 | /// |
221 | /// let five = Arc::new(5); |
222 | /// |
223 | /// for _ in 0..10 { |
224 | /// let five = Arc::clone(&five); |
225 | /// |
226 | /// thread::spawn(move || { |
227 | /// println!("{five:?}" ); |
228 | /// }); |
229 | /// } |
230 | /// ``` |
231 | /// |
232 | /// Sharing a mutable [`AtomicUsize`]: |
233 | /// |
234 | /// [`AtomicUsize`]: core::sync::atomic::AtomicUsize "sync::atomic::AtomicUsize" |
235 | /// |
236 | /// ``` |
237 | /// use std::sync::Arc; |
238 | /// use std::sync::atomic::{AtomicUsize, Ordering}; |
239 | /// use std::thread; |
240 | /// |
241 | /// let val = Arc::new(AtomicUsize::new(5)); |
242 | /// |
243 | /// for _ in 0..10 { |
244 | /// let val = Arc::clone(&val); |
245 | /// |
246 | /// thread::spawn(move || { |
247 | /// let v = val.fetch_add(1, Ordering::Relaxed); |
248 | /// println!("{v:?}" ); |
249 | /// }); |
250 | /// } |
251 | /// ``` |
252 | /// |
253 | /// See the [`rc` documentation][rc_examples] for more examples of reference |
254 | /// counting in general. |
255 | /// |
256 | /// [rc_examples]: crate::rc#examples |
257 | #[doc (search_unbox)] |
258 | #[rustc_diagnostic_item = "Arc" ] |
259 | #[stable (feature = "rust1" , since = "1.0.0" )] |
260 | #[rustc_insignificant_dtor ] |
261 | pub struct Arc< |
262 | T: ?Sized, |
263 | #[unstable (feature = "allocator_api" , issue = "32838" )] A: Allocator = Global, |
264 | > { |
265 | ptr: NonNull<ArcInner<T>>, |
266 | phantom: PhantomData<ArcInner<T>>, |
267 | alloc: A, |
268 | } |
269 | |
270 | #[stable (feature = "rust1" , since = "1.0.0" )] |
271 | unsafe impl<T: ?Sized + Sync + Send, A: Allocator + Send> Send for Arc<T, A> {} |
272 | #[stable (feature = "rust1" , since = "1.0.0" )] |
273 | unsafe impl<T: ?Sized + Sync + Send, A: Allocator + Sync> Sync for Arc<T, A> {} |
274 | |
275 | #[stable (feature = "catch_unwind" , since = "1.9.0" )] |
276 | impl<T: RefUnwindSafe + ?Sized, A: Allocator + UnwindSafe> UnwindSafe for Arc<T, A> {} |
277 | |
278 | #[unstable (feature = "coerce_unsized" , issue = "18598" )] |
279 | impl<T: ?Sized + Unsize<U>, U: ?Sized, A: Allocator> CoerceUnsized<Arc<U, A>> for Arc<T, A> {} |
280 | |
281 | #[unstable (feature = "dispatch_from_dyn" , issue = "none" )] |
282 | impl<T: ?Sized + Unsize<U>, U: ?Sized> DispatchFromDyn<Arc<U>> for Arc<T> {} |
283 | |
284 | impl<T: ?Sized> Arc<T> { |
285 | unsafe fn from_inner(ptr: NonNull<ArcInner<T>>) -> Self { |
286 | unsafe { Self::from_inner_in(ptr, alloc:Global) } |
287 | } |
288 | |
289 | unsafe fn from_ptr(ptr: *mut ArcInner<T>) -> Self { |
290 | unsafe { Self::from_ptr_in(ptr, alloc:Global) } |
291 | } |
292 | } |
293 | |
294 | impl<T: ?Sized, A: Allocator> Arc<T, A> { |
295 | #[inline ] |
296 | fn into_inner_with_allocator(this: Self) -> (NonNull<ArcInner<T>>, A) { |
297 | let this: ManuallyDrop> = mem::ManuallyDrop::new(this); |
298 | (this.ptr, unsafe { ptr::read(&this.alloc) }) |
299 | } |
300 | |
301 | #[inline ] |
302 | unsafe fn from_inner_in(ptr: NonNull<ArcInner<T>>, alloc: A) -> Self { |
303 | Self { ptr, phantom: PhantomData, alloc } |
304 | } |
305 | |
306 | #[inline ] |
307 | unsafe fn from_ptr_in(ptr: *mut ArcInner<T>, alloc: A) -> Self { |
308 | unsafe { Self::from_inner_in(ptr:NonNull::new_unchecked(ptr), alloc) } |
309 | } |
310 | } |
311 | |
312 | /// `Weak` is a version of [`Arc`] that holds a non-owning reference to the |
313 | /// managed allocation. |
314 | /// |
315 | /// The allocation is accessed by calling [`upgrade`] on the `Weak` |
316 | /// pointer, which returns an <code>[Option]<[Arc]\<T>></code>. |
317 | /// |
318 | /// Since a `Weak` reference does not count towards ownership, it will not |
319 | /// prevent the value stored in the allocation from being dropped, and `Weak` itself makes no |
320 | /// guarantees about the value still being present. Thus it may return [`None`] |
321 | /// when [`upgrade`]d. Note however that a `Weak` reference *does* prevent the allocation |
322 | /// itself (the backing store) from being deallocated. |
323 | /// |
324 | /// A `Weak` pointer is useful for keeping a temporary reference to the allocation |
325 | /// managed by [`Arc`] without preventing its inner value from being dropped. It is also used to |
326 | /// prevent circular references between [`Arc`] pointers, since mutual owning references |
327 | /// would never allow either [`Arc`] to be dropped. For example, a tree could |
328 | /// have strong [`Arc`] pointers from parent nodes to children, and `Weak` |
329 | /// pointers from children back to their parents. |
330 | /// |
331 | /// The typical way to obtain a `Weak` pointer is to call [`Arc::downgrade`]. |
332 | /// |
333 | /// [`upgrade`]: Weak::upgrade |
334 | #[stable (feature = "arc_weak" , since = "1.4.0" )] |
335 | #[rustc_diagnostic_item = "ArcWeak" ] |
336 | pub struct Weak< |
337 | T: ?Sized, |
338 | #[unstable (feature = "allocator_api" , issue = "32838" )] A: Allocator = Global, |
339 | > { |
340 | // This is a `NonNull` to allow optimizing the size of this type in enums, |
341 | // but it is not necessarily a valid pointer. |
342 | // `Weak::new` sets this to `usize::MAX` so that it doesn’t need |
343 | // to allocate space on the heap. That's not a value a real pointer |
344 | // will ever have because RcInner has alignment at least 2. |
345 | // This is only possible when `T: Sized`; unsized `T` never dangle. |
346 | ptr: NonNull<ArcInner<T>>, |
347 | alloc: A, |
348 | } |
349 | |
350 | #[stable (feature = "arc_weak" , since = "1.4.0" )] |
351 | unsafe impl<T: ?Sized + Sync + Send, A: Allocator + Send> Send for Weak<T, A> {} |
352 | #[stable (feature = "arc_weak" , since = "1.4.0" )] |
353 | unsafe impl<T: ?Sized + Sync + Send, A: Allocator + Sync> Sync for Weak<T, A> {} |
354 | |
355 | #[unstable (feature = "coerce_unsized" , issue = "18598" )] |
356 | impl<T: ?Sized + Unsize<U>, U: ?Sized, A: Allocator> CoerceUnsized<Weak<U, A>> for Weak<T, A> {} |
357 | #[unstable (feature = "dispatch_from_dyn" , issue = "none" )] |
358 | impl<T: ?Sized + Unsize<U>, U: ?Sized> DispatchFromDyn<Weak<U>> for Weak<T> {} |
359 | |
360 | #[stable (feature = "arc_weak" , since = "1.4.0" )] |
361 | impl<T: ?Sized, A: Allocator> fmt::Debug for Weak<T, A> { |
362 | fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { |
363 | write!(f, "(Weak)" ) |
364 | } |
365 | } |
366 | |
367 | // This is repr(C) to future-proof against possible field-reordering, which |
368 | // would interfere with otherwise safe [into|from]_raw() of transmutable |
369 | // inner types. |
370 | #[repr (C)] |
371 | struct ArcInner<T: ?Sized> { |
372 | strong: atomic::AtomicUsize, |
373 | |
374 | // the value usize::MAX acts as a sentinel for temporarily "locking" the |
375 | // ability to upgrade weak pointers or downgrade strong ones; this is used |
376 | // to avoid races in `make_mut` and `get_mut`. |
377 | weak: atomic::AtomicUsize, |
378 | |
379 | data: T, |
380 | } |
381 | |
382 | /// Calculate layout for `ArcInner<T>` using the inner value's layout |
383 | fn arcinner_layout_for_value_layout(layout: Layout) -> Layout { |
384 | // Calculate layout using the given value layout. |
385 | // Previously, layout was calculated on the expression |
386 | // `&*(ptr as *const ArcInner<T>)`, but this created a misaligned |
387 | // reference (see #54908). |
388 | Layout::new::<ArcInner<()>>().extend(next:layout).unwrap().0.pad_to_align() |
389 | } |
390 | |
391 | unsafe impl<T: ?Sized + Sync + Send> Send for ArcInner<T> {} |
392 | unsafe impl<T: ?Sized + Sync + Send> Sync for ArcInner<T> {} |
393 | |
394 | impl<T> Arc<T> { |
395 | /// Constructs a new `Arc<T>`. |
396 | /// |
397 | /// # Examples |
398 | /// |
399 | /// ``` |
400 | /// use std::sync::Arc; |
401 | /// |
402 | /// let five = Arc::new(5); |
403 | /// ``` |
404 | #[cfg (not(no_global_oom_handling))] |
405 | #[inline ] |
406 | #[stable (feature = "rust1" , since = "1.0.0" )] |
407 | pub fn new(data: T) -> Arc<T> { |
408 | // Start the weak pointer count as 1 which is the weak pointer that's |
409 | // held by all the strong pointers (kinda), see std/rc.rs for more info |
410 | let x: Box<_> = Box::new(ArcInner { |
411 | strong: atomic::AtomicUsize::new(1), |
412 | weak: atomic::AtomicUsize::new(1), |
413 | data, |
414 | }); |
415 | unsafe { Self::from_inner(Box::leak(x).into()) } |
416 | } |
417 | |
418 | /// Constructs a new `Arc<T>` while giving you a `Weak<T>` to the allocation, |
419 | /// to allow you to construct a `T` which holds a weak pointer to itself. |
420 | /// |
421 | /// Generally, a structure circularly referencing itself, either directly or |
422 | /// indirectly, should not hold a strong reference to itself to prevent a memory leak. |
423 | /// Using this function, you get access to the weak pointer during the |
424 | /// initialization of `T`, before the `Arc<T>` is created, such that you can |
425 | /// clone and store it inside the `T`. |
426 | /// |
427 | /// `new_cyclic` first allocates the managed allocation for the `Arc<T>`, |
428 | /// then calls your closure, giving it a `Weak<T>` to this allocation, |
429 | /// and only afterwards completes the construction of the `Arc<T>` by placing |
430 | /// the `T` returned from your closure into the allocation. |
431 | /// |
432 | /// Since the new `Arc<T>` is not fully-constructed until `Arc<T>::new_cyclic` |
433 | /// returns, calling [`upgrade`] on the weak reference inside your closure will |
434 | /// fail and result in a `None` value. |
435 | /// |
436 | /// # Panics |
437 | /// |
438 | /// If `data_fn` panics, the panic is propagated to the caller, and the |
439 | /// temporary [`Weak<T>`] is dropped normally. |
440 | /// |
441 | /// # Example |
442 | /// |
443 | /// ``` |
444 | /// # #![allow (dead_code)] |
445 | /// use std::sync::{Arc, Weak}; |
446 | /// |
447 | /// struct Gadget { |
448 | /// me: Weak<Gadget>, |
449 | /// } |
450 | /// |
451 | /// impl Gadget { |
452 | /// /// Constructs a reference counted Gadget. |
453 | /// fn new() -> Arc<Self> { |
454 | /// // `me` is a `Weak<Gadget>` pointing at the new allocation of the |
455 | /// // `Arc` we're constructing. |
456 | /// Arc::new_cyclic(|me| { |
457 | /// // Create the actual struct here. |
458 | /// Gadget { me: me.clone() } |
459 | /// }) |
460 | /// } |
461 | /// |
462 | /// /// Returns a reference counted pointer to Self. |
463 | /// fn me(&self) -> Arc<Self> { |
464 | /// self.me.upgrade().unwrap() |
465 | /// } |
466 | /// } |
467 | /// ``` |
468 | /// [`upgrade`]: Weak::upgrade |
469 | #[cfg (not(no_global_oom_handling))] |
470 | #[inline ] |
471 | #[stable (feature = "arc_new_cyclic" , since = "1.60.0" )] |
472 | pub fn new_cyclic<F>(data_fn: F) -> Arc<T> |
473 | where |
474 | F: FnOnce(&Weak<T>) -> T, |
475 | { |
476 | Self::new_cyclic_in(data_fn, Global) |
477 | } |
478 | |
479 | /// Constructs a new `Arc` with uninitialized contents. |
480 | /// |
481 | /// # Examples |
482 | /// |
483 | /// ``` |
484 | /// #![feature(get_mut_unchecked)] |
485 | /// |
486 | /// use std::sync::Arc; |
487 | /// |
488 | /// let mut five = Arc::<u32>::new_uninit(); |
489 | /// |
490 | /// // Deferred initialization: |
491 | /// Arc::get_mut(&mut five).unwrap().write(5); |
492 | /// |
493 | /// let five = unsafe { five.assume_init() }; |
494 | /// |
495 | /// assert_eq!(*five, 5) |
496 | /// ``` |
497 | #[cfg (not(no_global_oom_handling))] |
498 | #[inline ] |
499 | #[stable (feature = "new_uninit" , since = "1.82.0" )] |
500 | #[must_use ] |
501 | pub fn new_uninit() -> Arc<mem::MaybeUninit<T>> { |
502 | unsafe { |
503 | Arc::from_ptr(Arc::allocate_for_layout( |
504 | Layout::new::<T>(), |
505 | |layout| Global.allocate(layout), |
506 | <*mut u8>::cast, |
507 | )) |
508 | } |
509 | } |
510 | |
511 | /// Constructs a new `Arc` with uninitialized contents, with the memory |
512 | /// being filled with `0` bytes. |
513 | /// |
514 | /// See [`MaybeUninit::zeroed`][zeroed] for examples of correct and incorrect usage |
515 | /// of this method. |
516 | /// |
517 | /// # Examples |
518 | /// |
519 | /// ``` |
520 | /// #![feature(new_zeroed_alloc)] |
521 | /// |
522 | /// use std::sync::Arc; |
523 | /// |
524 | /// let zero = Arc::<u32>::new_zeroed(); |
525 | /// let zero = unsafe { zero.assume_init() }; |
526 | /// |
527 | /// assert_eq!(*zero, 0) |
528 | /// ``` |
529 | /// |
530 | /// [zeroed]: mem::MaybeUninit::zeroed |
531 | #[cfg (not(no_global_oom_handling))] |
532 | #[inline ] |
533 | #[unstable (feature = "new_zeroed_alloc" , issue = "129396" )] |
534 | #[must_use ] |
535 | pub fn new_zeroed() -> Arc<mem::MaybeUninit<T>> { |
536 | unsafe { |
537 | Arc::from_ptr(Arc::allocate_for_layout( |
538 | Layout::new::<T>(), |
539 | |layout| Global.allocate_zeroed(layout), |
540 | <*mut u8>::cast, |
541 | )) |
542 | } |
543 | } |
544 | |
545 | /// Constructs a new `Pin<Arc<T>>`. If `T` does not implement `Unpin`, then |
546 | /// `data` will be pinned in memory and unable to be moved. |
547 | #[cfg (not(no_global_oom_handling))] |
548 | #[stable (feature = "pin" , since = "1.33.0" )] |
549 | #[must_use ] |
550 | pub fn pin(data: T) -> Pin<Arc<T>> { |
551 | unsafe { Pin::new_unchecked(Arc::new(data)) } |
552 | } |
553 | |
554 | /// Constructs a new `Pin<Arc<T>>`, return an error if allocation fails. |
555 | #[unstable (feature = "allocator_api" , issue = "32838" )] |
556 | #[inline ] |
557 | pub fn try_pin(data: T) -> Result<Pin<Arc<T>>, AllocError> { |
558 | unsafe { Ok(Pin::new_unchecked(Arc::try_new(data)?)) } |
559 | } |
560 | |
561 | /// Constructs a new `Arc<T>`, returning an error if allocation fails. |
562 | /// |
563 | /// # Examples |
564 | /// |
565 | /// ``` |
566 | /// #![feature(allocator_api)] |
567 | /// use std::sync::Arc; |
568 | /// |
569 | /// let five = Arc::try_new(5)?; |
570 | /// # Ok::<(), std::alloc::AllocError>(()) |
571 | /// ``` |
572 | #[unstable (feature = "allocator_api" , issue = "32838" )] |
573 | #[inline ] |
574 | pub fn try_new(data: T) -> Result<Arc<T>, AllocError> { |
575 | // Start the weak pointer count as 1 which is the weak pointer that's |
576 | // held by all the strong pointers (kinda), see std/rc.rs for more info |
577 | let x: Box<_> = Box::try_new(ArcInner { |
578 | strong: atomic::AtomicUsize::new(1), |
579 | weak: atomic::AtomicUsize::new(1), |
580 | data, |
581 | })?; |
582 | unsafe { Ok(Self::from_inner(Box::leak(x).into())) } |
583 | } |
584 | |
585 | /// Constructs a new `Arc` with uninitialized contents, returning an error |
586 | /// if allocation fails. |
587 | /// |
588 | /// # Examples |
589 | /// |
590 | /// ``` |
591 | /// #![feature(allocator_api)] |
592 | /// #![feature(get_mut_unchecked)] |
593 | /// |
594 | /// use std::sync::Arc; |
595 | /// |
596 | /// let mut five = Arc::<u32>::try_new_uninit()?; |
597 | /// |
598 | /// // Deferred initialization: |
599 | /// Arc::get_mut(&mut five).unwrap().write(5); |
600 | /// |
601 | /// let five = unsafe { five.assume_init() }; |
602 | /// |
603 | /// assert_eq!(*five, 5); |
604 | /// # Ok::<(), std::alloc::AllocError>(()) |
605 | /// ``` |
606 | #[unstable (feature = "allocator_api" , issue = "32838" )] |
607 | // #[unstable(feature = "new_uninit", issue = "63291")] |
608 | pub fn try_new_uninit() -> Result<Arc<mem::MaybeUninit<T>>, AllocError> { |
609 | unsafe { |
610 | Ok(Arc::from_ptr(Arc::try_allocate_for_layout( |
611 | Layout::new::<T>(), |
612 | |layout| Global.allocate(layout), |
613 | <*mut u8>::cast, |
614 | )?)) |
615 | } |
616 | } |
617 | |
618 | /// Constructs a new `Arc` with uninitialized contents, with the memory |
619 | /// being filled with `0` bytes, returning an error if allocation fails. |
620 | /// |
621 | /// See [`MaybeUninit::zeroed`][zeroed] for examples of correct and incorrect usage |
622 | /// of this method. |
623 | /// |
624 | /// # Examples |
625 | /// |
626 | /// ``` |
627 | /// #![feature( allocator_api)] |
628 | /// |
629 | /// use std::sync::Arc; |
630 | /// |
631 | /// let zero = Arc::<u32>::try_new_zeroed()?; |
632 | /// let zero = unsafe { zero.assume_init() }; |
633 | /// |
634 | /// assert_eq!(*zero, 0); |
635 | /// # Ok::<(), std::alloc::AllocError>(()) |
636 | /// ``` |
637 | /// |
638 | /// [zeroed]: mem::MaybeUninit::zeroed |
639 | #[unstable (feature = "allocator_api" , issue = "32838" )] |
640 | // #[unstable(feature = "new_uninit", issue = "63291")] |
641 | pub fn try_new_zeroed() -> Result<Arc<mem::MaybeUninit<T>>, AllocError> { |
642 | unsafe { |
643 | Ok(Arc::from_ptr(Arc::try_allocate_for_layout( |
644 | Layout::new::<T>(), |
645 | |layout| Global.allocate_zeroed(layout), |
646 | <*mut u8>::cast, |
647 | )?)) |
648 | } |
649 | } |
650 | } |
651 | |
652 | impl<T, A: Allocator> Arc<T, A> { |
653 | /// Constructs a new `Arc<T>` in the provided allocator. |
654 | /// |
655 | /// # Examples |
656 | /// |
657 | /// ``` |
658 | /// #![feature(allocator_api)] |
659 | /// |
660 | /// use std::sync::Arc; |
661 | /// use std::alloc::System; |
662 | /// |
663 | /// let five = Arc::new_in(5, System); |
664 | /// ``` |
665 | #[inline ] |
666 | #[cfg (not(no_global_oom_handling))] |
667 | #[unstable (feature = "allocator_api" , issue = "32838" )] |
668 | pub fn new_in(data: T, alloc: A) -> Arc<T, A> { |
669 | // Start the weak pointer count as 1 which is the weak pointer that's |
670 | // held by all the strong pointers (kinda), see std/rc.rs for more info |
671 | let x = Box::new_in( |
672 | ArcInner { |
673 | strong: atomic::AtomicUsize::new(1), |
674 | weak: atomic::AtomicUsize::new(1), |
675 | data, |
676 | }, |
677 | alloc, |
678 | ); |
679 | let (ptr, alloc) = Box::into_unique(x); |
680 | unsafe { Self::from_inner_in(ptr.into(), alloc) } |
681 | } |
682 | |
683 | /// Constructs a new `Arc` with uninitialized contents in the provided allocator. |
684 | /// |
685 | /// # Examples |
686 | /// |
687 | /// ``` |
688 | /// #![feature(get_mut_unchecked)] |
689 | /// #![feature(allocator_api)] |
690 | /// |
691 | /// use std::sync::Arc; |
692 | /// use std::alloc::System; |
693 | /// |
694 | /// let mut five = Arc::<u32, _>::new_uninit_in(System); |
695 | /// |
696 | /// let five = unsafe { |
697 | /// // Deferred initialization: |
698 | /// Arc::get_mut_unchecked(&mut five).as_mut_ptr().write(5); |
699 | /// |
700 | /// five.assume_init() |
701 | /// }; |
702 | /// |
703 | /// assert_eq!(*five, 5) |
704 | /// ``` |
705 | #[cfg (not(no_global_oom_handling))] |
706 | #[unstable (feature = "allocator_api" , issue = "32838" )] |
707 | // #[unstable(feature = "new_uninit", issue = "63291")] |
708 | #[inline ] |
709 | pub fn new_uninit_in(alloc: A) -> Arc<mem::MaybeUninit<T>, A> { |
710 | unsafe { |
711 | Arc::from_ptr_in( |
712 | Arc::allocate_for_layout( |
713 | Layout::new::<T>(), |
714 | |layout| alloc.allocate(layout), |
715 | <*mut u8>::cast, |
716 | ), |
717 | alloc, |
718 | ) |
719 | } |
720 | } |
721 | |
722 | /// Constructs a new `Arc` with uninitialized contents, with the memory |
723 | /// being filled with `0` bytes, in the provided allocator. |
724 | /// |
725 | /// See [`MaybeUninit::zeroed`][zeroed] for examples of correct and incorrect usage |
726 | /// of this method. |
727 | /// |
728 | /// # Examples |
729 | /// |
730 | /// ``` |
731 | /// #![feature(allocator_api)] |
732 | /// |
733 | /// use std::sync::Arc; |
734 | /// use std::alloc::System; |
735 | /// |
736 | /// let zero = Arc::<u32, _>::new_zeroed_in(System); |
737 | /// let zero = unsafe { zero.assume_init() }; |
738 | /// |
739 | /// assert_eq!(*zero, 0) |
740 | /// ``` |
741 | /// |
742 | /// [zeroed]: mem::MaybeUninit::zeroed |
743 | #[cfg (not(no_global_oom_handling))] |
744 | #[unstable (feature = "allocator_api" , issue = "32838" )] |
745 | // #[unstable(feature = "new_uninit", issue = "63291")] |
746 | #[inline ] |
747 | pub fn new_zeroed_in(alloc: A) -> Arc<mem::MaybeUninit<T>, A> { |
748 | unsafe { |
749 | Arc::from_ptr_in( |
750 | Arc::allocate_for_layout( |
751 | Layout::new::<T>(), |
752 | |layout| alloc.allocate_zeroed(layout), |
753 | <*mut u8>::cast, |
754 | ), |
755 | alloc, |
756 | ) |
757 | } |
758 | } |
759 | |
760 | /// Constructs a new `Arc<T, A>` in the given allocator while giving you a `Weak<T, A>` to the allocation, |
761 | /// to allow you to construct a `T` which holds a weak pointer to itself. |
762 | /// |
763 | /// Generally, a structure circularly referencing itself, either directly or |
764 | /// indirectly, should not hold a strong reference to itself to prevent a memory leak. |
765 | /// Using this function, you get access to the weak pointer during the |
766 | /// initialization of `T`, before the `Arc<T, A>` is created, such that you can |
767 | /// clone and store it inside the `T`. |
768 | /// |
769 | /// `new_cyclic_in` first allocates the managed allocation for the `Arc<T, A>`, |
770 | /// then calls your closure, giving it a `Weak<T, A>` to this allocation, |
771 | /// and only afterwards completes the construction of the `Arc<T, A>` by placing |
772 | /// the `T` returned from your closure into the allocation. |
773 | /// |
774 | /// Since the new `Arc<T, A>` is not fully-constructed until `Arc<T, A>::new_cyclic_in` |
775 | /// returns, calling [`upgrade`] on the weak reference inside your closure will |
776 | /// fail and result in a `None` value. |
777 | /// |
778 | /// # Panics |
779 | /// |
780 | /// If `data_fn` panics, the panic is propagated to the caller, and the |
781 | /// temporary [`Weak<T>`] is dropped normally. |
782 | /// |
783 | /// # Example |
784 | /// |
785 | /// See [`new_cyclic`] |
786 | /// |
787 | /// [`new_cyclic`]: Arc::new_cyclic |
788 | /// [`upgrade`]: Weak::upgrade |
789 | #[cfg (not(no_global_oom_handling))] |
790 | #[inline ] |
791 | #[unstable (feature = "allocator_api" , issue = "32838" )] |
792 | pub fn new_cyclic_in<F>(data_fn: F, alloc: A) -> Arc<T, A> |
793 | where |
794 | F: FnOnce(&Weak<T, A>) -> T, |
795 | { |
796 | // Construct the inner in the "uninitialized" state with a single |
797 | // weak reference. |
798 | let (uninit_raw_ptr, alloc) = Box::into_raw_with_allocator(Box::new_in( |
799 | ArcInner { |
800 | strong: atomic::AtomicUsize::new(0), |
801 | weak: atomic::AtomicUsize::new(1), |
802 | data: mem::MaybeUninit::<T>::uninit(), |
803 | }, |
804 | alloc, |
805 | )); |
806 | let uninit_ptr: NonNull<_> = (unsafe { &mut *uninit_raw_ptr }).into(); |
807 | let init_ptr: NonNull<ArcInner<T>> = uninit_ptr.cast(); |
808 | |
809 | let weak = Weak { ptr: init_ptr, alloc }; |
810 | |
811 | // It's important we don't give up ownership of the weak pointer, or |
812 | // else the memory might be freed by the time `data_fn` returns. If |
813 | // we really wanted to pass ownership, we could create an additional |
814 | // weak pointer for ourselves, but this would result in additional |
815 | // updates to the weak reference count which might not be necessary |
816 | // otherwise. |
817 | let data = data_fn(&weak); |
818 | |
819 | // Now we can properly initialize the inner value and turn our weak |
820 | // reference into a strong reference. |
821 | let strong = unsafe { |
822 | let inner = init_ptr.as_ptr(); |
823 | ptr::write(&raw mut (*inner).data, data); |
824 | |
825 | // The above write to the data field must be visible to any threads which |
826 | // observe a non-zero strong count. Therefore we need at least "Release" ordering |
827 | // in order to synchronize with the `compare_exchange_weak` in `Weak::upgrade`. |
828 | // |
829 | // "Acquire" ordering is not required. When considering the possible behaviors |
830 | // of `data_fn` we only need to look at what it could do with a reference to a |
831 | // non-upgradeable `Weak`: |
832 | // - It can *clone* the `Weak`, increasing the weak reference count. |
833 | // - It can drop those clones, decreasing the weak reference count (but never to zero). |
834 | // |
835 | // These side effects do not impact us in any way, and no other side effects are |
836 | // possible with safe code alone. |
837 | let prev_value = (*inner).strong.fetch_add(1, Release); |
838 | debug_assert_eq!(prev_value, 0, "No prior strong references should exist" ); |
839 | |
840 | // Strong references should collectively own a shared weak reference, |
841 | // so don't run the destructor for our old weak reference. |
842 | // Calling into_raw_with_allocator has the double effect of giving us back the allocator, |
843 | // and forgetting the weak reference. |
844 | let alloc = weak.into_raw_with_allocator().1; |
845 | |
846 | Arc::from_inner_in(init_ptr, alloc) |
847 | }; |
848 | |
849 | strong |
850 | } |
851 | |
852 | /// Constructs a new `Pin<Arc<T, A>>` in the provided allocator. If `T` does not implement `Unpin`, |
853 | /// then `data` will be pinned in memory and unable to be moved. |
854 | #[cfg (not(no_global_oom_handling))] |
855 | #[unstable (feature = "allocator_api" , issue = "32838" )] |
856 | #[inline ] |
857 | pub fn pin_in(data: T, alloc: A) -> Pin<Arc<T, A>> |
858 | where |
859 | A: 'static, |
860 | { |
861 | unsafe { Pin::new_unchecked(Arc::new_in(data, alloc)) } |
862 | } |
863 | |
864 | /// Constructs a new `Pin<Arc<T, A>>` in the provided allocator, return an error if allocation |
865 | /// fails. |
866 | #[inline ] |
867 | #[unstable (feature = "allocator_api" , issue = "32838" )] |
868 | pub fn try_pin_in(data: T, alloc: A) -> Result<Pin<Arc<T, A>>, AllocError> |
869 | where |
870 | A: 'static, |
871 | { |
872 | unsafe { Ok(Pin::new_unchecked(Arc::try_new_in(data, alloc)?)) } |
873 | } |
874 | |
875 | /// Constructs a new `Arc<T, A>` in the provided allocator, returning an error if allocation fails. |
876 | /// |
877 | /// # Examples |
878 | /// |
879 | /// ``` |
880 | /// #![feature(allocator_api)] |
881 | /// |
882 | /// use std::sync::Arc; |
883 | /// use std::alloc::System; |
884 | /// |
885 | /// let five = Arc::try_new_in(5, System)?; |
886 | /// # Ok::<(), std::alloc::AllocError>(()) |
887 | /// ``` |
888 | #[inline ] |
889 | #[unstable (feature = "allocator_api" , issue = "32838" )] |
890 | #[inline ] |
891 | pub fn try_new_in(data: T, alloc: A) -> Result<Arc<T, A>, AllocError> { |
892 | // Start the weak pointer count as 1 which is the weak pointer that's |
893 | // held by all the strong pointers (kinda), see std/rc.rs for more info |
894 | let x = Box::try_new_in( |
895 | ArcInner { |
896 | strong: atomic::AtomicUsize::new(1), |
897 | weak: atomic::AtomicUsize::new(1), |
898 | data, |
899 | }, |
900 | alloc, |
901 | )?; |
902 | let (ptr, alloc) = Box::into_unique(x); |
903 | Ok(unsafe { Self::from_inner_in(ptr.into(), alloc) }) |
904 | } |
905 | |
906 | /// Constructs a new `Arc` with uninitialized contents, in the provided allocator, returning an |
907 | /// error if allocation fails. |
908 | /// |
909 | /// # Examples |
910 | /// |
911 | /// ``` |
912 | /// #![feature(allocator_api)] |
913 | /// #![feature(get_mut_unchecked)] |
914 | /// |
915 | /// use std::sync::Arc; |
916 | /// use std::alloc::System; |
917 | /// |
918 | /// let mut five = Arc::<u32, _>::try_new_uninit_in(System)?; |
919 | /// |
920 | /// let five = unsafe { |
921 | /// // Deferred initialization: |
922 | /// Arc::get_mut_unchecked(&mut five).as_mut_ptr().write(5); |
923 | /// |
924 | /// five.assume_init() |
925 | /// }; |
926 | /// |
927 | /// assert_eq!(*five, 5); |
928 | /// # Ok::<(), std::alloc::AllocError>(()) |
929 | /// ``` |
930 | #[unstable (feature = "allocator_api" , issue = "32838" )] |
931 | // #[unstable(feature = "new_uninit", issue = "63291")] |
932 | #[inline ] |
933 | pub fn try_new_uninit_in(alloc: A) -> Result<Arc<mem::MaybeUninit<T>, A>, AllocError> { |
934 | unsafe { |
935 | Ok(Arc::from_ptr_in( |
936 | Arc::try_allocate_for_layout( |
937 | Layout::new::<T>(), |
938 | |layout| alloc.allocate(layout), |
939 | <*mut u8>::cast, |
940 | )?, |
941 | alloc, |
942 | )) |
943 | } |
944 | } |
945 | |
946 | /// Constructs a new `Arc` with uninitialized contents, with the memory |
947 | /// being filled with `0` bytes, in the provided allocator, returning an error if allocation |
948 | /// fails. |
949 | /// |
950 | /// See [`MaybeUninit::zeroed`][zeroed] for examples of correct and incorrect usage |
951 | /// of this method. |
952 | /// |
953 | /// # Examples |
954 | /// |
955 | /// ``` |
956 | /// #![feature(allocator_api)] |
957 | /// |
958 | /// use std::sync::Arc; |
959 | /// use std::alloc::System; |
960 | /// |
961 | /// let zero = Arc::<u32, _>::try_new_zeroed_in(System)?; |
962 | /// let zero = unsafe { zero.assume_init() }; |
963 | /// |
964 | /// assert_eq!(*zero, 0); |
965 | /// # Ok::<(), std::alloc::AllocError>(()) |
966 | /// ``` |
967 | /// |
968 | /// [zeroed]: mem::MaybeUninit::zeroed |
969 | #[unstable (feature = "allocator_api" , issue = "32838" )] |
970 | // #[unstable(feature = "new_uninit", issue = "63291")] |
971 | #[inline ] |
972 | pub fn try_new_zeroed_in(alloc: A) -> Result<Arc<mem::MaybeUninit<T>, A>, AllocError> { |
973 | unsafe { |
974 | Ok(Arc::from_ptr_in( |
975 | Arc::try_allocate_for_layout( |
976 | Layout::new::<T>(), |
977 | |layout| alloc.allocate_zeroed(layout), |
978 | <*mut u8>::cast, |
979 | )?, |
980 | alloc, |
981 | )) |
982 | } |
983 | } |
984 | /// Returns the inner value, if the `Arc` has exactly one strong reference. |
985 | /// |
986 | /// Otherwise, an [`Err`] is returned with the same `Arc` that was |
987 | /// passed in. |
988 | /// |
989 | /// This will succeed even if there are outstanding weak references. |
990 | /// |
991 | /// It is strongly recommended to use [`Arc::into_inner`] instead if you don't |
992 | /// keep the `Arc` in the [`Err`] case. |
993 | /// Immediately dropping the [`Err`]-value, as the expression |
994 | /// `Arc::try_unwrap(this).ok()` does, can cause the strong count to |
995 | /// drop to zero and the inner value of the `Arc` to be dropped. |
996 | /// For instance, if two threads execute such an expression in parallel, |
997 | /// there is a race condition without the possibility of unsafety: |
998 | /// The threads could first both check whether they own the last instance |
999 | /// in `Arc::try_unwrap`, determine that they both do not, and then both |
1000 | /// discard and drop their instance in the call to [`ok`][`Result::ok`]. |
1001 | /// In this scenario, the value inside the `Arc` is safely destroyed |
1002 | /// by exactly one of the threads, but neither thread will ever be able |
1003 | /// to use the value. |
1004 | /// |
1005 | /// # Examples |
1006 | /// |
1007 | /// ``` |
1008 | /// use std::sync::Arc; |
1009 | /// |
1010 | /// let x = Arc::new(3); |
1011 | /// assert_eq!(Arc::try_unwrap(x), Ok(3)); |
1012 | /// |
1013 | /// let x = Arc::new(4); |
1014 | /// let _y = Arc::clone(&x); |
1015 | /// assert_eq!(*Arc::try_unwrap(x).unwrap_err(), 4); |
1016 | /// ``` |
1017 | #[inline ] |
1018 | #[stable (feature = "arc_unique" , since = "1.4.0" )] |
1019 | pub fn try_unwrap(this: Self) -> Result<T, Self> { |
1020 | if this.inner().strong.compare_exchange(1, 0, Relaxed, Relaxed).is_err() { |
1021 | return Err(this); |
1022 | } |
1023 | |
1024 | acquire!(this.inner().strong); |
1025 | |
1026 | let this = ManuallyDrop::new(this); |
1027 | let elem: T = unsafe { ptr::read(&this.ptr.as_ref().data) }; |
1028 | let alloc: A = unsafe { ptr::read(&this.alloc) }; // copy the allocator |
1029 | |
1030 | // Make a weak pointer to clean up the implicit strong-weak reference |
1031 | let _weak = Weak { ptr: this.ptr, alloc }; |
1032 | |
1033 | Ok(elem) |
1034 | } |
1035 | |
1036 | /// Returns the inner value, if the `Arc` has exactly one strong reference. |
1037 | /// |
1038 | /// Otherwise, [`None`] is returned and the `Arc` is dropped. |
1039 | /// |
1040 | /// This will succeed even if there are outstanding weak references. |
1041 | /// |
1042 | /// If `Arc::into_inner` is called on every clone of this `Arc`, |
1043 | /// it is guaranteed that exactly one of the calls returns the inner value. |
1044 | /// This means in particular that the inner value is not dropped. |
1045 | /// |
1046 | /// [`Arc::try_unwrap`] is conceptually similar to `Arc::into_inner`, but it |
1047 | /// is meant for different use-cases. If used as a direct replacement |
1048 | /// for `Arc::into_inner` anyway, such as with the expression |
1049 | /// <code>[Arc::try_unwrap]\(this).[ok][Result::ok]()</code>, then it does |
1050 | /// **not** give the same guarantee as described in the previous paragraph. |
1051 | /// For more information, see the examples below and read the documentation |
1052 | /// of [`Arc::try_unwrap`]. |
1053 | /// |
1054 | /// # Examples |
1055 | /// |
1056 | /// Minimal example demonstrating the guarantee that `Arc::into_inner` gives. |
1057 | /// ``` |
1058 | /// use std::sync::Arc; |
1059 | /// |
1060 | /// let x = Arc::new(3); |
1061 | /// let y = Arc::clone(&x); |
1062 | /// |
1063 | /// // Two threads calling `Arc::into_inner` on both clones of an `Arc`: |
1064 | /// let x_thread = std::thread::spawn(|| Arc::into_inner(x)); |
1065 | /// let y_thread = std::thread::spawn(|| Arc::into_inner(y)); |
1066 | /// |
1067 | /// let x_inner_value = x_thread.join().unwrap(); |
1068 | /// let y_inner_value = y_thread.join().unwrap(); |
1069 | /// |
1070 | /// // One of the threads is guaranteed to receive the inner value: |
1071 | /// assert!(matches!( |
1072 | /// (x_inner_value, y_inner_value), |
1073 | /// (None, Some(3)) | (Some(3), None) |
1074 | /// )); |
1075 | /// // The result could also be `(None, None)` if the threads called |
1076 | /// // `Arc::try_unwrap(x).ok()` and `Arc::try_unwrap(y).ok()` instead. |
1077 | /// ``` |
1078 | /// |
1079 | /// A more practical example demonstrating the need for `Arc::into_inner`: |
1080 | /// ``` |
1081 | /// use std::sync::Arc; |
1082 | /// |
1083 | /// // Definition of a simple singly linked list using `Arc`: |
1084 | /// #[derive(Clone)] |
1085 | /// struct LinkedList<T>(Option<Arc<Node<T>>>); |
1086 | /// struct Node<T>(T, Option<Arc<Node<T>>>); |
1087 | /// |
1088 | /// // Dropping a long `LinkedList<T>` relying on the destructor of `Arc` |
1089 | /// // can cause a stack overflow. To prevent this, we can provide a |
1090 | /// // manual `Drop` implementation that does the destruction in a loop: |
1091 | /// impl<T> Drop for LinkedList<T> { |
1092 | /// fn drop(&mut self) { |
1093 | /// let mut link = self.0.take(); |
1094 | /// while let Some(arc_node) = link.take() { |
1095 | /// if let Some(Node(_value, next)) = Arc::into_inner(arc_node) { |
1096 | /// link = next; |
1097 | /// } |
1098 | /// } |
1099 | /// } |
1100 | /// } |
1101 | /// |
1102 | /// // Implementation of `new` and `push` omitted |
1103 | /// impl<T> LinkedList<T> { |
1104 | /// /* ... */ |
1105 | /// # fn new() -> Self { |
1106 | /// # LinkedList(None) |
1107 | /// # } |
1108 | /// # fn push(&mut self, x: T) { |
1109 | /// # self.0 = Some(Arc::new(Node(x, self.0.take()))); |
1110 | /// # } |
1111 | /// } |
1112 | /// |
1113 | /// // The following code could have still caused a stack overflow |
1114 | /// // despite the manual `Drop` impl if that `Drop` impl had used |
1115 | /// // `Arc::try_unwrap(arc).ok()` instead of `Arc::into_inner(arc)`. |
1116 | /// |
1117 | /// // Create a long list and clone it |
1118 | /// let mut x = LinkedList::new(); |
1119 | /// let size = 100000; |
1120 | /// # let size = if cfg!(miri) { 100 } else { size }; |
1121 | /// for i in 0..size { |
1122 | /// x.push(i); // Adds i to the front of x |
1123 | /// } |
1124 | /// let y = x.clone(); |
1125 | /// |
1126 | /// // Drop the clones in parallel |
1127 | /// let x_thread = std::thread::spawn(|| drop(x)); |
1128 | /// let y_thread = std::thread::spawn(|| drop(y)); |
1129 | /// x_thread.join().unwrap(); |
1130 | /// y_thread.join().unwrap(); |
1131 | /// ``` |
1132 | #[inline ] |
1133 | #[stable (feature = "arc_into_inner" , since = "1.70.0" )] |
1134 | pub fn into_inner(this: Self) -> Option<T> { |
1135 | // Make sure that the ordinary `Drop` implementation isn’t called as well |
1136 | let mut this = mem::ManuallyDrop::new(this); |
1137 | |
1138 | // Following the implementation of `drop` and `drop_slow` |
1139 | if this.inner().strong.fetch_sub(1, Release) != 1 { |
1140 | return None; |
1141 | } |
1142 | |
1143 | acquire!(this.inner().strong); |
1144 | |
1145 | // SAFETY: This mirrors the line |
1146 | // |
1147 | // unsafe { ptr::drop_in_place(Self::get_mut_unchecked(self)) }; |
1148 | // |
1149 | // in `drop_slow`. Instead of dropping the value behind the pointer, |
1150 | // it is read and eventually returned; `ptr::read` has the same |
1151 | // safety conditions as `ptr::drop_in_place`. |
1152 | |
1153 | let inner = unsafe { ptr::read(Self::get_mut_unchecked(&mut this)) }; |
1154 | let alloc = unsafe { ptr::read(&this.alloc) }; |
1155 | |
1156 | drop(Weak { ptr: this.ptr, alloc }); |
1157 | |
1158 | Some(inner) |
1159 | } |
1160 | } |
1161 | |
1162 | impl<T> Arc<[T]> { |
1163 | /// Constructs a new atomically reference-counted slice with uninitialized contents. |
1164 | /// |
1165 | /// # Examples |
1166 | /// |
1167 | /// ``` |
1168 | /// #![feature(get_mut_unchecked)] |
1169 | /// |
1170 | /// use std::sync::Arc; |
1171 | /// |
1172 | /// let mut values = Arc::<[u32]>::new_uninit_slice(3); |
1173 | /// |
1174 | /// // Deferred initialization: |
1175 | /// let data = Arc::get_mut(&mut values).unwrap(); |
1176 | /// data[0].write(1); |
1177 | /// data[1].write(2); |
1178 | /// data[2].write(3); |
1179 | /// |
1180 | /// let values = unsafe { values.assume_init() }; |
1181 | /// |
1182 | /// assert_eq!(*values, [1, 2, 3]) |
1183 | /// ``` |
1184 | #[cfg (not(no_global_oom_handling))] |
1185 | #[inline ] |
1186 | #[stable (feature = "new_uninit" , since = "1.82.0" )] |
1187 | #[must_use ] |
1188 | pub fn new_uninit_slice(len: usize) -> Arc<[mem::MaybeUninit<T>]> { |
1189 | unsafe { Arc::from_ptr(Arc::allocate_for_slice(len)) } |
1190 | } |
1191 | |
1192 | /// Constructs a new atomically reference-counted slice with uninitialized contents, with the memory being |
1193 | /// filled with `0` bytes. |
1194 | /// |
1195 | /// See [`MaybeUninit::zeroed`][zeroed] for examples of correct and |
1196 | /// incorrect usage of this method. |
1197 | /// |
1198 | /// # Examples |
1199 | /// |
1200 | /// ``` |
1201 | /// #![feature(new_zeroed_alloc)] |
1202 | /// |
1203 | /// use std::sync::Arc; |
1204 | /// |
1205 | /// let values = Arc::<[u32]>::new_zeroed_slice(3); |
1206 | /// let values = unsafe { values.assume_init() }; |
1207 | /// |
1208 | /// assert_eq!(*values, [0, 0, 0]) |
1209 | /// ``` |
1210 | /// |
1211 | /// [zeroed]: mem::MaybeUninit::zeroed |
1212 | #[cfg (not(no_global_oom_handling))] |
1213 | #[inline ] |
1214 | #[unstable (feature = "new_zeroed_alloc" , issue = "129396" )] |
1215 | #[must_use ] |
1216 | pub fn new_zeroed_slice(len: usize) -> Arc<[mem::MaybeUninit<T>]> { |
1217 | unsafe { |
1218 | Arc::from_ptr(Arc::allocate_for_layout( |
1219 | Layout::array::<T>(len).unwrap(), |
1220 | |layout| Global.allocate_zeroed(layout), |
1221 | |mem| { |
1222 | ptr::slice_from_raw_parts_mut(mem as *mut T, len) |
1223 | as *mut ArcInner<[mem::MaybeUninit<T>]> |
1224 | }, |
1225 | )) |
1226 | } |
1227 | } |
1228 | |
1229 | /// Converts the reference-counted slice into a reference-counted array. |
1230 | /// |
1231 | /// This operation does not reallocate; the underlying array of the slice is simply reinterpreted as an array type. |
1232 | /// |
1233 | /// If `N` is not exactly equal to the length of `self`, then this method returns `None`. |
1234 | #[unstable (feature = "slice_as_array" , issue = "133508" )] |
1235 | #[inline ] |
1236 | #[must_use ] |
1237 | pub fn into_array<const N: usize>(self) -> Option<Arc<[T; N]>> { |
1238 | if self.len() == N { |
1239 | let ptr = Self::into_raw(self) as *const [T; N]; |
1240 | |
1241 | // SAFETY: The underlying array of a slice has the exact same layout as an actual array `[T; N]` if `N` is equal to the slice's length. |
1242 | let me = unsafe { Arc::from_raw(ptr) }; |
1243 | Some(me) |
1244 | } else { |
1245 | None |
1246 | } |
1247 | } |
1248 | } |
1249 | |
1250 | impl<T, A: Allocator> Arc<[T], A> { |
1251 | /// Constructs a new atomically reference-counted slice with uninitialized contents in the |
1252 | /// provided allocator. |
1253 | /// |
1254 | /// # Examples |
1255 | /// |
1256 | /// ``` |
1257 | /// #![feature(get_mut_unchecked)] |
1258 | /// #![feature(allocator_api)] |
1259 | /// |
1260 | /// use std::sync::Arc; |
1261 | /// use std::alloc::System; |
1262 | /// |
1263 | /// let mut values = Arc::<[u32], _>::new_uninit_slice_in(3, System); |
1264 | /// |
1265 | /// let values = unsafe { |
1266 | /// // Deferred initialization: |
1267 | /// Arc::get_mut_unchecked(&mut values)[0].as_mut_ptr().write(1); |
1268 | /// Arc::get_mut_unchecked(&mut values)[1].as_mut_ptr().write(2); |
1269 | /// Arc::get_mut_unchecked(&mut values)[2].as_mut_ptr().write(3); |
1270 | /// |
1271 | /// values.assume_init() |
1272 | /// }; |
1273 | /// |
1274 | /// assert_eq!(*values, [1, 2, 3]) |
1275 | /// ``` |
1276 | #[cfg (not(no_global_oom_handling))] |
1277 | #[unstable (feature = "allocator_api" , issue = "32838" )] |
1278 | #[inline ] |
1279 | pub fn new_uninit_slice_in(len: usize, alloc: A) -> Arc<[mem::MaybeUninit<T>], A> { |
1280 | unsafe { Arc::from_ptr_in(Arc::allocate_for_slice_in(len, &alloc), alloc) } |
1281 | } |
1282 | |
1283 | /// Constructs a new atomically reference-counted slice with uninitialized contents, with the memory being |
1284 | /// filled with `0` bytes, in the provided allocator. |
1285 | /// |
1286 | /// See [`MaybeUninit::zeroed`][zeroed] for examples of correct and |
1287 | /// incorrect usage of this method. |
1288 | /// |
1289 | /// # Examples |
1290 | /// |
1291 | /// ``` |
1292 | /// #![feature(allocator_api)] |
1293 | /// |
1294 | /// use std::sync::Arc; |
1295 | /// use std::alloc::System; |
1296 | /// |
1297 | /// let values = Arc::<[u32], _>::new_zeroed_slice_in(3, System); |
1298 | /// let values = unsafe { values.assume_init() }; |
1299 | /// |
1300 | /// assert_eq!(*values, [0, 0, 0]) |
1301 | /// ``` |
1302 | /// |
1303 | /// [zeroed]: mem::MaybeUninit::zeroed |
1304 | #[cfg (not(no_global_oom_handling))] |
1305 | #[unstable (feature = "allocator_api" , issue = "32838" )] |
1306 | #[inline ] |
1307 | pub fn new_zeroed_slice_in(len: usize, alloc: A) -> Arc<[mem::MaybeUninit<T>], A> { |
1308 | unsafe { |
1309 | Arc::from_ptr_in( |
1310 | Arc::allocate_for_layout( |
1311 | Layout::array::<T>(len).unwrap(), |
1312 | |layout| alloc.allocate_zeroed(layout), |
1313 | |mem| { |
1314 | ptr::slice_from_raw_parts_mut(mem.cast::<T>(), len) |
1315 | as *mut ArcInner<[mem::MaybeUninit<T>]> |
1316 | }, |
1317 | ), |
1318 | alloc, |
1319 | ) |
1320 | } |
1321 | } |
1322 | } |
1323 | |
1324 | impl<T, A: Allocator> Arc<mem::MaybeUninit<T>, A> { |
1325 | /// Converts to `Arc<T>`. |
1326 | /// |
1327 | /// # Safety |
1328 | /// |
1329 | /// As with [`MaybeUninit::assume_init`], |
1330 | /// it is up to the caller to guarantee that the inner value |
1331 | /// really is in an initialized state. |
1332 | /// Calling this when the content is not yet fully initialized |
1333 | /// causes immediate undefined behavior. |
1334 | /// |
1335 | /// [`MaybeUninit::assume_init`]: mem::MaybeUninit::assume_init |
1336 | /// |
1337 | /// # Examples |
1338 | /// |
1339 | /// ``` |
1340 | /// #![feature(get_mut_unchecked)] |
1341 | /// |
1342 | /// use std::sync::Arc; |
1343 | /// |
1344 | /// let mut five = Arc::<u32>::new_uninit(); |
1345 | /// |
1346 | /// // Deferred initialization: |
1347 | /// Arc::get_mut(&mut five).unwrap().write(5); |
1348 | /// |
1349 | /// let five = unsafe { five.assume_init() }; |
1350 | /// |
1351 | /// assert_eq!(*five, 5) |
1352 | /// ``` |
1353 | #[stable (feature = "new_uninit" , since = "1.82.0" )] |
1354 | #[must_use = "`self` will be dropped if the result is not used" ] |
1355 | #[inline ] |
1356 | pub unsafe fn assume_init(self) -> Arc<T, A> { |
1357 | let (ptr, alloc) = Arc::into_inner_with_allocator(self); |
1358 | unsafe { Arc::from_inner_in(ptr.cast(), alloc) } |
1359 | } |
1360 | } |
1361 | |
1362 | impl<T, A: Allocator> Arc<[mem::MaybeUninit<T>], A> { |
1363 | /// Converts to `Arc<[T]>`. |
1364 | /// |
1365 | /// # Safety |
1366 | /// |
1367 | /// As with [`MaybeUninit::assume_init`], |
1368 | /// it is up to the caller to guarantee that the inner value |
1369 | /// really is in an initialized state. |
1370 | /// Calling this when the content is not yet fully initialized |
1371 | /// causes immediate undefined behavior. |
1372 | /// |
1373 | /// [`MaybeUninit::assume_init`]: mem::MaybeUninit::assume_init |
1374 | /// |
1375 | /// # Examples |
1376 | /// |
1377 | /// ``` |
1378 | /// #![feature(get_mut_unchecked)] |
1379 | /// |
1380 | /// use std::sync::Arc; |
1381 | /// |
1382 | /// let mut values = Arc::<[u32]>::new_uninit_slice(3); |
1383 | /// |
1384 | /// // Deferred initialization: |
1385 | /// let data = Arc::get_mut(&mut values).unwrap(); |
1386 | /// data[0].write(1); |
1387 | /// data[1].write(2); |
1388 | /// data[2].write(3); |
1389 | /// |
1390 | /// let values = unsafe { values.assume_init() }; |
1391 | /// |
1392 | /// assert_eq!(*values, [1, 2, 3]) |
1393 | /// ``` |
1394 | #[stable (feature = "new_uninit" , since = "1.82.0" )] |
1395 | #[must_use = "`self` will be dropped if the result is not used" ] |
1396 | #[inline ] |
1397 | pub unsafe fn assume_init(self) -> Arc<[T], A> { |
1398 | let (ptr, alloc) = Arc::into_inner_with_allocator(self); |
1399 | unsafe { Arc::from_ptr_in(ptr.as_ptr() as _, alloc) } |
1400 | } |
1401 | } |
1402 | |
1403 | impl<T: ?Sized> Arc<T> { |
1404 | /// Constructs an `Arc<T>` from a raw pointer. |
1405 | /// |
1406 | /// The raw pointer must have been previously returned by a call to |
1407 | /// [`Arc<U>::into_raw`][into_raw] with the following requirements: |
1408 | /// |
1409 | /// * If `U` is sized, it must have the same size and alignment as `T`. This |
1410 | /// is trivially true if `U` is `T`. |
1411 | /// * If `U` is unsized, its data pointer must have the same size and |
1412 | /// alignment as `T`. This is trivially true if `Arc<U>` was constructed |
1413 | /// through `Arc<T>` and then converted to `Arc<U>` through an [unsized |
1414 | /// coercion]. |
1415 | /// |
1416 | /// Note that if `U` or `U`'s data pointer is not `T` but has the same size |
1417 | /// and alignment, this is basically like transmuting references of |
1418 | /// different types. See [`mem::transmute`][transmute] for more information |
1419 | /// on what restrictions apply in this case. |
1420 | /// |
1421 | /// The raw pointer must point to a block of memory allocated by the global allocator. |
1422 | /// |
1423 | /// The user of `from_raw` has to make sure a specific value of `T` is only |
1424 | /// dropped once. |
1425 | /// |
1426 | /// This function is unsafe because improper use may lead to memory unsafety, |
1427 | /// even if the returned `Arc<T>` is never accessed. |
1428 | /// |
1429 | /// [into_raw]: Arc::into_raw |
1430 | /// [transmute]: core::mem::transmute |
1431 | /// [unsized coercion]: https://doc.rust-lang.org/reference/type-coercions.html#unsized-coercions |
1432 | /// |
1433 | /// # Examples |
1434 | /// |
1435 | /// ``` |
1436 | /// use std::sync::Arc; |
1437 | /// |
1438 | /// let x = Arc::new("hello" .to_owned()); |
1439 | /// let x_ptr = Arc::into_raw(x); |
1440 | /// |
1441 | /// unsafe { |
1442 | /// // Convert back to an `Arc` to prevent leak. |
1443 | /// let x = Arc::from_raw(x_ptr); |
1444 | /// assert_eq!(&*x, "hello" ); |
1445 | /// |
1446 | /// // Further calls to `Arc::from_raw(x_ptr)` would be memory-unsafe. |
1447 | /// } |
1448 | /// |
1449 | /// // The memory was freed when `x` went out of scope above, so `x_ptr` is now dangling! |
1450 | /// ``` |
1451 | /// |
1452 | /// Convert a slice back into its original array: |
1453 | /// |
1454 | /// ``` |
1455 | /// use std::sync::Arc; |
1456 | /// |
1457 | /// let x: Arc<[u32]> = Arc::new([1, 2, 3]); |
1458 | /// let x_ptr: *const [u32] = Arc::into_raw(x); |
1459 | /// |
1460 | /// unsafe { |
1461 | /// let x: Arc<[u32; 3]> = Arc::from_raw(x_ptr.cast::<[u32; 3]>()); |
1462 | /// assert_eq!(&*x, &[1, 2, 3]); |
1463 | /// } |
1464 | /// ``` |
1465 | #[inline ] |
1466 | #[stable (feature = "rc_raw" , since = "1.17.0" )] |
1467 | pub unsafe fn from_raw(ptr: *const T) -> Self { |
1468 | unsafe { Arc::from_raw_in(ptr, Global) } |
1469 | } |
1470 | |
1471 | /// Increments the strong reference count on the `Arc<T>` associated with the |
1472 | /// provided pointer by one. |
1473 | /// |
1474 | /// # Safety |
1475 | /// |
1476 | /// The pointer must have been obtained through `Arc::into_raw` and must satisfy the |
1477 | /// same layout requirements specified in [`Arc::from_raw_in`][from_raw_in]. |
1478 | /// The associated `Arc` instance must be valid (i.e. the strong count must be at |
1479 | /// least 1) for the duration of this method, and `ptr` must point to a block of memory |
1480 | /// allocated by the global allocator. |
1481 | /// |
1482 | /// [from_raw_in]: Arc::from_raw_in |
1483 | /// |
1484 | /// # Examples |
1485 | /// |
1486 | /// ``` |
1487 | /// use std::sync::Arc; |
1488 | /// |
1489 | /// let five = Arc::new(5); |
1490 | /// |
1491 | /// unsafe { |
1492 | /// let ptr = Arc::into_raw(five); |
1493 | /// Arc::increment_strong_count(ptr); |
1494 | /// |
1495 | /// // This assertion is deterministic because we haven't shared |
1496 | /// // the `Arc` between threads. |
1497 | /// let five = Arc::from_raw(ptr); |
1498 | /// assert_eq!(2, Arc::strong_count(&five)); |
1499 | /// # // Prevent leaks for Miri. |
1500 | /// # Arc::decrement_strong_count(ptr); |
1501 | /// } |
1502 | /// ``` |
1503 | #[inline ] |
1504 | #[stable (feature = "arc_mutate_strong_count" , since = "1.51.0" )] |
1505 | pub unsafe fn increment_strong_count(ptr: *const T) { |
1506 | unsafe { Arc::increment_strong_count_in(ptr, Global) } |
1507 | } |
1508 | |
1509 | /// Decrements the strong reference count on the `Arc<T>` associated with the |
1510 | /// provided pointer by one. |
1511 | /// |
1512 | /// # Safety |
1513 | /// |
1514 | /// The pointer must have been obtained through `Arc::into_raw` and must satisfy the |
1515 | /// same layout requirements specified in [`Arc::from_raw_in`][from_raw_in]. |
1516 | /// The associated `Arc` instance must be valid (i.e. the strong count must be at |
1517 | /// least 1) when invoking this method, and `ptr` must point to a block of memory |
1518 | /// allocated by the global allocator. This method can be used to release the final |
1519 | /// `Arc` and backing storage, but **should not** be called after the final `Arc` has been |
1520 | /// released. |
1521 | /// |
1522 | /// [from_raw_in]: Arc::from_raw_in |
1523 | /// |
1524 | /// # Examples |
1525 | /// |
1526 | /// ``` |
1527 | /// use std::sync::Arc; |
1528 | /// |
1529 | /// let five = Arc::new(5); |
1530 | /// |
1531 | /// unsafe { |
1532 | /// let ptr = Arc::into_raw(five); |
1533 | /// Arc::increment_strong_count(ptr); |
1534 | /// |
1535 | /// // Those assertions are deterministic because we haven't shared |
1536 | /// // the `Arc` between threads. |
1537 | /// let five = Arc::from_raw(ptr); |
1538 | /// assert_eq!(2, Arc::strong_count(&five)); |
1539 | /// Arc::decrement_strong_count(ptr); |
1540 | /// assert_eq!(1, Arc::strong_count(&five)); |
1541 | /// } |
1542 | /// ``` |
1543 | #[inline ] |
1544 | #[stable (feature = "arc_mutate_strong_count" , since = "1.51.0" )] |
1545 | pub unsafe fn decrement_strong_count(ptr: *const T) { |
1546 | unsafe { Arc::decrement_strong_count_in(ptr, Global) } |
1547 | } |
1548 | } |
1549 | |
1550 | impl<T: ?Sized, A: Allocator> Arc<T, A> { |
1551 | /// Returns a reference to the underlying allocator. |
1552 | /// |
1553 | /// Note: this is an associated function, which means that you have |
1554 | /// to call it as `Arc::allocator(&a)` instead of `a.allocator()`. This |
1555 | /// is so that there is no conflict with a method on the inner type. |
1556 | #[inline ] |
1557 | #[unstable (feature = "allocator_api" , issue = "32838" )] |
1558 | pub fn allocator(this: &Self) -> &A { |
1559 | &this.alloc |
1560 | } |
1561 | |
1562 | /// Consumes the `Arc`, returning the wrapped pointer. |
1563 | /// |
1564 | /// To avoid a memory leak the pointer must be converted back to an `Arc` using |
1565 | /// [`Arc::from_raw`]. |
1566 | /// |
1567 | /// # Examples |
1568 | /// |
1569 | /// ``` |
1570 | /// use std::sync::Arc; |
1571 | /// |
1572 | /// let x = Arc::new("hello" .to_owned()); |
1573 | /// let x_ptr = Arc::into_raw(x); |
1574 | /// assert_eq!(unsafe { &*x_ptr }, "hello" ); |
1575 | /// # // Prevent leaks for Miri. |
1576 | /// # drop(unsafe { Arc::from_raw(x_ptr) }); |
1577 | /// ``` |
1578 | #[must_use = "losing the pointer will leak memory" ] |
1579 | #[stable (feature = "rc_raw" , since = "1.17.0" )] |
1580 | #[rustc_never_returns_null_ptr ] |
1581 | pub fn into_raw(this: Self) -> *const T { |
1582 | let this = ManuallyDrop::new(this); |
1583 | Self::as_ptr(&*this) |
1584 | } |
1585 | |
1586 | /// Consumes the `Arc`, returning the wrapped pointer and allocator. |
1587 | /// |
1588 | /// To avoid a memory leak the pointer must be converted back to an `Arc` using |
1589 | /// [`Arc::from_raw_in`]. |
1590 | /// |
1591 | /// # Examples |
1592 | /// |
1593 | /// ``` |
1594 | /// #![feature(allocator_api)] |
1595 | /// use std::sync::Arc; |
1596 | /// use std::alloc::System; |
1597 | /// |
1598 | /// let x = Arc::new_in("hello" .to_owned(), System); |
1599 | /// let (ptr, alloc) = Arc::into_raw_with_allocator(x); |
1600 | /// assert_eq!(unsafe { &*ptr }, "hello" ); |
1601 | /// let x = unsafe { Arc::from_raw_in(ptr, alloc) }; |
1602 | /// assert_eq!(&*x, "hello" ); |
1603 | /// ``` |
1604 | #[must_use = "losing the pointer will leak memory" ] |
1605 | #[unstable (feature = "allocator_api" , issue = "32838" )] |
1606 | pub fn into_raw_with_allocator(this: Self) -> (*const T, A) { |
1607 | let this = mem::ManuallyDrop::new(this); |
1608 | let ptr = Self::as_ptr(&this); |
1609 | // Safety: `this` is ManuallyDrop so the allocator will not be double-dropped |
1610 | let alloc = unsafe { ptr::read(&this.alloc) }; |
1611 | (ptr, alloc) |
1612 | } |
1613 | |
1614 | /// Provides a raw pointer to the data. |
1615 | /// |
1616 | /// The counts are not affected in any way and the `Arc` is not consumed. The pointer is valid for |
1617 | /// as long as there are strong counts in the `Arc`. |
1618 | /// |
1619 | /// # Examples |
1620 | /// |
1621 | /// ``` |
1622 | /// use std::sync::Arc; |
1623 | /// |
1624 | /// let x = Arc::new("hello" .to_owned()); |
1625 | /// let y = Arc::clone(&x); |
1626 | /// let x_ptr = Arc::as_ptr(&x); |
1627 | /// assert_eq!(x_ptr, Arc::as_ptr(&y)); |
1628 | /// assert_eq!(unsafe { &*x_ptr }, "hello" ); |
1629 | /// ``` |
1630 | #[must_use ] |
1631 | #[stable (feature = "rc_as_ptr" , since = "1.45.0" )] |
1632 | #[rustc_never_returns_null_ptr ] |
1633 | pub fn as_ptr(this: &Self) -> *const T { |
1634 | let ptr: *mut ArcInner<T> = NonNull::as_ptr(this.ptr); |
1635 | |
1636 | // SAFETY: This cannot go through Deref::deref or RcInnerPtr::inner because |
1637 | // this is required to retain raw/mut provenance such that e.g. `get_mut` can |
1638 | // write through the pointer after the Rc is recovered through `from_raw`. |
1639 | unsafe { &raw mut (*ptr).data } |
1640 | } |
1641 | |
1642 | /// Constructs an `Arc<T, A>` from a raw pointer. |
1643 | /// |
1644 | /// The raw pointer must have been previously returned by a call to [`Arc<U, |
1645 | /// A>::into_raw`][into_raw] with the following requirements: |
1646 | /// |
1647 | /// * If `U` is sized, it must have the same size and alignment as `T`. This |
1648 | /// is trivially true if `U` is `T`. |
1649 | /// * If `U` is unsized, its data pointer must have the same size and |
1650 | /// alignment as `T`. This is trivially true if `Arc<U>` was constructed |
1651 | /// through `Arc<T>` and then converted to `Arc<U>` through an [unsized |
1652 | /// coercion]. |
1653 | /// |
1654 | /// Note that if `U` or `U`'s data pointer is not `T` but has the same size |
1655 | /// and alignment, this is basically like transmuting references of |
1656 | /// different types. See [`mem::transmute`][transmute] for more information |
1657 | /// on what restrictions apply in this case. |
1658 | /// |
1659 | /// The raw pointer must point to a block of memory allocated by `alloc` |
1660 | /// |
1661 | /// The user of `from_raw` has to make sure a specific value of `T` is only |
1662 | /// dropped once. |
1663 | /// |
1664 | /// This function is unsafe because improper use may lead to memory unsafety, |
1665 | /// even if the returned `Arc<T>` is never accessed. |
1666 | /// |
1667 | /// [into_raw]: Arc::into_raw |
1668 | /// [transmute]: core::mem::transmute |
1669 | /// [unsized coercion]: https://doc.rust-lang.org/reference/type-coercions.html#unsized-coercions |
1670 | /// |
1671 | /// # Examples |
1672 | /// |
1673 | /// ``` |
1674 | /// #![feature(allocator_api)] |
1675 | /// |
1676 | /// use std::sync::Arc; |
1677 | /// use std::alloc::System; |
1678 | /// |
1679 | /// let x = Arc::new_in("hello" .to_owned(), System); |
1680 | /// let x_ptr = Arc::into_raw(x); |
1681 | /// |
1682 | /// unsafe { |
1683 | /// // Convert back to an `Arc` to prevent leak. |
1684 | /// let x = Arc::from_raw_in(x_ptr, System); |
1685 | /// assert_eq!(&*x, "hello" ); |
1686 | /// |
1687 | /// // Further calls to `Arc::from_raw(x_ptr)` would be memory-unsafe. |
1688 | /// } |
1689 | /// |
1690 | /// // The memory was freed when `x` went out of scope above, so `x_ptr` is now dangling! |
1691 | /// ``` |
1692 | /// |
1693 | /// Convert a slice back into its original array: |
1694 | /// |
1695 | /// ``` |
1696 | /// #![feature(allocator_api)] |
1697 | /// |
1698 | /// use std::sync::Arc; |
1699 | /// use std::alloc::System; |
1700 | /// |
1701 | /// let x: Arc<[u32], _> = Arc::new_in([1, 2, 3], System); |
1702 | /// let x_ptr: *const [u32] = Arc::into_raw(x); |
1703 | /// |
1704 | /// unsafe { |
1705 | /// let x: Arc<[u32; 3], _> = Arc::from_raw_in(x_ptr.cast::<[u32; 3]>(), System); |
1706 | /// assert_eq!(&*x, &[1, 2, 3]); |
1707 | /// } |
1708 | /// ``` |
1709 | #[inline ] |
1710 | #[unstable (feature = "allocator_api" , issue = "32838" )] |
1711 | pub unsafe fn from_raw_in(ptr: *const T, alloc: A) -> Self { |
1712 | unsafe { |
1713 | let offset = data_offset(ptr); |
1714 | |
1715 | // Reverse the offset to find the original ArcInner. |
1716 | let arc_ptr = ptr.byte_sub(offset) as *mut ArcInner<T>; |
1717 | |
1718 | Self::from_ptr_in(arc_ptr, alloc) |
1719 | } |
1720 | } |
1721 | |
1722 | /// Creates a new [`Weak`] pointer to this allocation. |
1723 | /// |
1724 | /// # Examples |
1725 | /// |
1726 | /// ``` |
1727 | /// use std::sync::Arc; |
1728 | /// |
1729 | /// let five = Arc::new(5); |
1730 | /// |
1731 | /// let weak_five = Arc::downgrade(&five); |
1732 | /// ``` |
1733 | #[must_use = "this returns a new `Weak` pointer, \ |
1734 | without modifying the original `Arc`" ] |
1735 | #[stable (feature = "arc_weak" , since = "1.4.0" )] |
1736 | pub fn downgrade(this: &Self) -> Weak<T, A> |
1737 | where |
1738 | A: Clone, |
1739 | { |
1740 | // This Relaxed is OK because we're checking the value in the CAS |
1741 | // below. |
1742 | let mut cur = this.inner().weak.load(Relaxed); |
1743 | |
1744 | loop { |
1745 | // check if the weak counter is currently "locked"; if so, spin. |
1746 | if cur == usize::MAX { |
1747 | hint::spin_loop(); |
1748 | cur = this.inner().weak.load(Relaxed); |
1749 | continue; |
1750 | } |
1751 | |
1752 | // We can't allow the refcount to increase much past `MAX_REFCOUNT`. |
1753 | assert!(cur <= MAX_REFCOUNT, "{}" , INTERNAL_OVERFLOW_ERROR); |
1754 | |
1755 | // NOTE: this code currently ignores the possibility of overflow |
1756 | // into usize::MAX; in general both Rc and Arc need to be adjusted |
1757 | // to deal with overflow. |
1758 | |
1759 | // Unlike with Clone(), we need this to be an Acquire read to |
1760 | // synchronize with the write coming from `is_unique`, so that the |
1761 | // events prior to that write happen before this read. |
1762 | match this.inner().weak.compare_exchange_weak(cur, cur + 1, Acquire, Relaxed) { |
1763 | Ok(_) => { |
1764 | // Make sure we do not create a dangling Weak |
1765 | debug_assert!(!is_dangling(this.ptr.as_ptr())); |
1766 | return Weak { ptr: this.ptr, alloc: this.alloc.clone() }; |
1767 | } |
1768 | Err(old) => cur = old, |
1769 | } |
1770 | } |
1771 | } |
1772 | |
1773 | /// Gets the number of [`Weak`] pointers to this allocation. |
1774 | /// |
1775 | /// # Safety |
1776 | /// |
1777 | /// This method by itself is safe, but using it correctly requires extra care. |
1778 | /// Another thread can change the weak count at any time, |
1779 | /// including potentially between calling this method and acting on the result. |
1780 | /// |
1781 | /// # Examples |
1782 | /// |
1783 | /// ``` |
1784 | /// use std::sync::Arc; |
1785 | /// |
1786 | /// let five = Arc::new(5); |
1787 | /// let _weak_five = Arc::downgrade(&five); |
1788 | /// |
1789 | /// // This assertion is deterministic because we haven't shared |
1790 | /// // the `Arc` or `Weak` between threads. |
1791 | /// assert_eq!(1, Arc::weak_count(&five)); |
1792 | /// ``` |
1793 | #[inline ] |
1794 | #[must_use ] |
1795 | #[stable (feature = "arc_counts" , since = "1.15.0" )] |
1796 | pub fn weak_count(this: &Self) -> usize { |
1797 | let cnt = this.inner().weak.load(Relaxed); |
1798 | // If the weak count is currently locked, the value of the |
1799 | // count was 0 just before taking the lock. |
1800 | if cnt == usize::MAX { 0 } else { cnt - 1 } |
1801 | } |
1802 | |
1803 | /// Gets the number of strong (`Arc`) pointers to this allocation. |
1804 | /// |
1805 | /// # Safety |
1806 | /// |
1807 | /// This method by itself is safe, but using it correctly requires extra care. |
1808 | /// Another thread can change the strong count at any time, |
1809 | /// including potentially between calling this method and acting on the result. |
1810 | /// |
1811 | /// # Examples |
1812 | /// |
1813 | /// ``` |
1814 | /// use std::sync::Arc; |
1815 | /// |
1816 | /// let five = Arc::new(5); |
1817 | /// let _also_five = Arc::clone(&five); |
1818 | /// |
1819 | /// // This assertion is deterministic because we haven't shared |
1820 | /// // the `Arc` between threads. |
1821 | /// assert_eq!(2, Arc::strong_count(&five)); |
1822 | /// ``` |
1823 | #[inline ] |
1824 | #[must_use ] |
1825 | #[stable (feature = "arc_counts" , since = "1.15.0" )] |
1826 | pub fn strong_count(this: &Self) -> usize { |
1827 | this.inner().strong.load(Relaxed) |
1828 | } |
1829 | |
1830 | /// Increments the strong reference count on the `Arc<T>` associated with the |
1831 | /// provided pointer by one. |
1832 | /// |
1833 | /// # Safety |
1834 | /// |
1835 | /// The pointer must have been obtained through `Arc::into_raw` and must satisfy the |
1836 | /// same layout requirements specified in [`Arc::from_raw_in`][from_raw_in]. |
1837 | /// The associated `Arc` instance must be valid (i.e. the strong count must be at |
1838 | /// least 1) for the duration of this method, and `ptr` must point to a block of memory |
1839 | /// allocated by `alloc`. |
1840 | /// |
1841 | /// [from_raw_in]: Arc::from_raw_in |
1842 | /// |
1843 | /// # Examples |
1844 | /// |
1845 | /// ``` |
1846 | /// #![feature(allocator_api)] |
1847 | /// |
1848 | /// use std::sync::Arc; |
1849 | /// use std::alloc::System; |
1850 | /// |
1851 | /// let five = Arc::new_in(5, System); |
1852 | /// |
1853 | /// unsafe { |
1854 | /// let ptr = Arc::into_raw(five); |
1855 | /// Arc::increment_strong_count_in(ptr, System); |
1856 | /// |
1857 | /// // This assertion is deterministic because we haven't shared |
1858 | /// // the `Arc` between threads. |
1859 | /// let five = Arc::from_raw_in(ptr, System); |
1860 | /// assert_eq!(2, Arc::strong_count(&five)); |
1861 | /// # // Prevent leaks for Miri. |
1862 | /// # Arc::decrement_strong_count_in(ptr, System); |
1863 | /// } |
1864 | /// ``` |
1865 | #[inline ] |
1866 | #[unstable (feature = "allocator_api" , issue = "32838" )] |
1867 | pub unsafe fn increment_strong_count_in(ptr: *const T, alloc: A) |
1868 | where |
1869 | A: Clone, |
1870 | { |
1871 | // Retain Arc, but don't touch refcount by wrapping in ManuallyDrop |
1872 | let arc = unsafe { mem::ManuallyDrop::new(Arc::from_raw_in(ptr, alloc)) }; |
1873 | // Now increase refcount, but don't drop new refcount either |
1874 | let _arc_clone: mem::ManuallyDrop<_> = arc.clone(); |
1875 | } |
1876 | |
1877 | /// Decrements the strong reference count on the `Arc<T>` associated with the |
1878 | /// provided pointer by one. |
1879 | /// |
1880 | /// # Safety |
1881 | /// |
1882 | /// The pointer must have been obtained through `Arc::into_raw` and must satisfy the |
1883 | /// same layout requirements specified in [`Arc::from_raw_in`][from_raw_in]. |
1884 | /// The associated `Arc` instance must be valid (i.e. the strong count must be at |
1885 | /// least 1) when invoking this method, and `ptr` must point to a block of memory |
1886 | /// allocated by `alloc`. This method can be used to release the final |
1887 | /// `Arc` and backing storage, but **should not** be called after the final `Arc` has been |
1888 | /// released. |
1889 | /// |
1890 | /// [from_raw_in]: Arc::from_raw_in |
1891 | /// |
1892 | /// # Examples |
1893 | /// |
1894 | /// ``` |
1895 | /// #![feature(allocator_api)] |
1896 | /// |
1897 | /// use std::sync::Arc; |
1898 | /// use std::alloc::System; |
1899 | /// |
1900 | /// let five = Arc::new_in(5, System); |
1901 | /// |
1902 | /// unsafe { |
1903 | /// let ptr = Arc::into_raw(five); |
1904 | /// Arc::increment_strong_count_in(ptr, System); |
1905 | /// |
1906 | /// // Those assertions are deterministic because we haven't shared |
1907 | /// // the `Arc` between threads. |
1908 | /// let five = Arc::from_raw_in(ptr, System); |
1909 | /// assert_eq!(2, Arc::strong_count(&five)); |
1910 | /// Arc::decrement_strong_count_in(ptr, System); |
1911 | /// assert_eq!(1, Arc::strong_count(&five)); |
1912 | /// } |
1913 | /// ``` |
1914 | #[inline ] |
1915 | #[unstable (feature = "allocator_api" , issue = "32838" )] |
1916 | pub unsafe fn decrement_strong_count_in(ptr: *const T, alloc: A) { |
1917 | unsafe { drop(Arc::from_raw_in(ptr, alloc)) }; |
1918 | } |
1919 | |
1920 | #[inline ] |
1921 | fn inner(&self) -> &ArcInner<T> { |
1922 | // This unsafety is ok because while this arc is alive we're guaranteed |
1923 | // that the inner pointer is valid. Furthermore, we know that the |
1924 | // `ArcInner` structure itself is `Sync` because the inner data is |
1925 | // `Sync` as well, so we're ok loaning out an immutable pointer to these |
1926 | // contents. |
1927 | unsafe { self.ptr.as_ref() } |
1928 | } |
1929 | |
1930 | // Non-inlined part of `drop`. |
1931 | #[inline (never)] |
1932 | unsafe fn drop_slow(&mut self) { |
1933 | // Drop the weak ref collectively held by all strong references when this |
1934 | // variable goes out of scope. This ensures that the memory is deallocated |
1935 | // even if the destructor of `T` panics. |
1936 | // Take a reference to `self.alloc` instead of cloning because 1. it'll last long |
1937 | // enough, and 2. you should be able to drop `Arc`s with unclonable allocators |
1938 | let _weak = Weak { ptr: self.ptr, alloc: &self.alloc }; |
1939 | |
1940 | // Destroy the data at this time, even though we must not free the box |
1941 | // allocation itself (there might still be weak pointers lying around). |
1942 | // We cannot use `get_mut_unchecked` here, because `self.alloc` is borrowed. |
1943 | unsafe { ptr::drop_in_place(&mut (*self.ptr.as_ptr()).data) }; |
1944 | } |
1945 | |
1946 | /// Returns `true` if the two `Arc`s point to the same allocation in a vein similar to |
1947 | /// [`ptr::eq`]. This function ignores the metadata of `dyn Trait` pointers. |
1948 | /// |
1949 | /// # Examples |
1950 | /// |
1951 | /// ``` |
1952 | /// use std::sync::Arc; |
1953 | /// |
1954 | /// let five = Arc::new(5); |
1955 | /// let same_five = Arc::clone(&five); |
1956 | /// let other_five = Arc::new(5); |
1957 | /// |
1958 | /// assert!(Arc::ptr_eq(&five, &same_five)); |
1959 | /// assert!(!Arc::ptr_eq(&five, &other_five)); |
1960 | /// ``` |
1961 | /// |
1962 | /// [`ptr::eq`]: core::ptr::eq "ptr::eq" |
1963 | #[inline ] |
1964 | #[must_use ] |
1965 | #[stable (feature = "ptr_eq" , since = "1.17.0" )] |
1966 | pub fn ptr_eq(this: &Self, other: &Self) -> bool { |
1967 | ptr::addr_eq(this.ptr.as_ptr(), other.ptr.as_ptr()) |
1968 | } |
1969 | } |
1970 | |
1971 | impl<T: ?Sized> Arc<T> { |
1972 | /// Allocates an `ArcInner<T>` with sufficient space for |
1973 | /// a possibly-unsized inner value where the value has the layout provided. |
1974 | /// |
1975 | /// The function `mem_to_arcinner` is called with the data pointer |
1976 | /// and must return back a (potentially fat)-pointer for the `ArcInner<T>`. |
1977 | #[cfg (not(no_global_oom_handling))] |
1978 | unsafe fn allocate_for_layout( |
1979 | value_layout: Layout, |
1980 | allocate: impl FnOnce(Layout) -> Result<NonNull<[u8]>, AllocError>, |
1981 | mem_to_arcinner: impl FnOnce(*mut u8) -> *mut ArcInner<T>, |
1982 | ) -> *mut ArcInner<T> { |
1983 | let layout = arcinner_layout_for_value_layout(value_layout); |
1984 | |
1985 | let ptr = allocate(layout).unwrap_or_else(|_| handle_alloc_error(layout)); |
1986 | |
1987 | unsafe { Self::initialize_arcinner(ptr, layout, mem_to_arcinner) } |
1988 | } |
1989 | |
1990 | /// Allocates an `ArcInner<T>` with sufficient space for |
1991 | /// a possibly-unsized inner value where the value has the layout provided, |
1992 | /// returning an error if allocation fails. |
1993 | /// |
1994 | /// The function `mem_to_arcinner` is called with the data pointer |
1995 | /// and must return back a (potentially fat)-pointer for the `ArcInner<T>`. |
1996 | unsafe fn try_allocate_for_layout( |
1997 | value_layout: Layout, |
1998 | allocate: impl FnOnce(Layout) -> Result<NonNull<[u8]>, AllocError>, |
1999 | mem_to_arcinner: impl FnOnce(*mut u8) -> *mut ArcInner<T>, |
2000 | ) -> Result<*mut ArcInner<T>, AllocError> { |
2001 | let layout = arcinner_layout_for_value_layout(value_layout); |
2002 | |
2003 | let ptr = allocate(layout)?; |
2004 | |
2005 | let inner = unsafe { Self::initialize_arcinner(ptr, layout, mem_to_arcinner) }; |
2006 | |
2007 | Ok(inner) |
2008 | } |
2009 | |
2010 | unsafe fn initialize_arcinner( |
2011 | ptr: NonNull<[u8]>, |
2012 | layout: Layout, |
2013 | mem_to_arcinner: impl FnOnce(*mut u8) -> *mut ArcInner<T>, |
2014 | ) -> *mut ArcInner<T> { |
2015 | let inner = mem_to_arcinner(ptr.as_non_null_ptr().as_ptr()); |
2016 | debug_assert_eq!(unsafe { Layout::for_value_raw(inner) }, layout); |
2017 | |
2018 | unsafe { |
2019 | (&raw mut (*inner).strong).write(atomic::AtomicUsize::new(1)); |
2020 | (&raw mut (*inner).weak).write(atomic::AtomicUsize::new(1)); |
2021 | } |
2022 | |
2023 | inner |
2024 | } |
2025 | } |
2026 | |
2027 | impl<T: ?Sized, A: Allocator> Arc<T, A> { |
2028 | /// Allocates an `ArcInner<T>` with sufficient space for an unsized inner value. |
2029 | #[inline ] |
2030 | #[cfg (not(no_global_oom_handling))] |
2031 | unsafe fn allocate_for_ptr_in(ptr: *const T, alloc: &A) -> *mut ArcInner<T> { |
2032 | // Allocate for the `ArcInner<T>` using the given value. |
2033 | unsafe { |
2034 | Arc::allocate_for_layout( |
2035 | Layout::for_value_raw(ptr), |
2036 | |layout| alloc.allocate(layout), |
2037 | |mem| mem.with_metadata_of(ptr as *const ArcInner<T>), |
2038 | ) |
2039 | } |
2040 | } |
2041 | |
2042 | #[cfg (not(no_global_oom_handling))] |
2043 | fn from_box_in(src: Box<T, A>) -> Arc<T, A> { |
2044 | unsafe { |
2045 | let value_size = size_of_val(&*src); |
2046 | let ptr = Self::allocate_for_ptr_in(&*src, Box::allocator(&src)); |
2047 | |
2048 | // Copy value as bytes |
2049 | ptr::copy_nonoverlapping( |
2050 | (&raw const *src) as *const u8, |
2051 | (&raw mut (*ptr).data) as *mut u8, |
2052 | value_size, |
2053 | ); |
2054 | |
2055 | // Free the allocation without dropping its contents |
2056 | let (bptr, alloc) = Box::into_raw_with_allocator(src); |
2057 | let src = Box::from_raw_in(bptr as *mut mem::ManuallyDrop<T>, alloc.by_ref()); |
2058 | drop(src); |
2059 | |
2060 | Self::from_ptr_in(ptr, alloc) |
2061 | } |
2062 | } |
2063 | } |
2064 | |
2065 | impl<T> Arc<[T]> { |
2066 | /// Allocates an `ArcInner<[T]>` with the given length. |
2067 | #[cfg (not(no_global_oom_handling))] |
2068 | unsafe fn allocate_for_slice(len: usize) -> *mut ArcInner<[T]> { |
2069 | unsafe { |
2070 | Self::allocate_for_layout( |
2071 | Layout::array::<T>(len).unwrap(), |
2072 | |layout| Global.allocate(layout), |
2073 | |mem| ptr::slice_from_raw_parts_mut(mem.cast::<T>(), len) as *mut ArcInner<[T]>, |
2074 | ) |
2075 | } |
2076 | } |
2077 | |
2078 | /// Copy elements from slice into newly allocated `Arc<[T]>` |
2079 | /// |
2080 | /// Unsafe because the caller must either take ownership or bind `T: Copy`. |
2081 | #[cfg (not(no_global_oom_handling))] |
2082 | unsafe fn copy_from_slice(v: &[T]) -> Arc<[T]> { |
2083 | unsafe { |
2084 | let ptr = Self::allocate_for_slice(v.len()); |
2085 | |
2086 | ptr::copy_nonoverlapping(v.as_ptr(), (&raw mut (*ptr).data) as *mut T, v.len()); |
2087 | |
2088 | Self::from_ptr(ptr) |
2089 | } |
2090 | } |
2091 | |
2092 | /// Constructs an `Arc<[T]>` from an iterator known to be of a certain size. |
2093 | /// |
2094 | /// Behavior is undefined should the size be wrong. |
2095 | #[cfg (not(no_global_oom_handling))] |
2096 | unsafe fn from_iter_exact(iter: impl Iterator<Item = T>, len: usize) -> Arc<[T]> { |
2097 | // Panic guard while cloning T elements. |
2098 | // In the event of a panic, elements that have been written |
2099 | // into the new ArcInner will be dropped, then the memory freed. |
2100 | struct Guard<T> { |
2101 | mem: NonNull<u8>, |
2102 | elems: *mut T, |
2103 | layout: Layout, |
2104 | n_elems: usize, |
2105 | } |
2106 | |
2107 | impl<T> Drop for Guard<T> { |
2108 | fn drop(&mut self) { |
2109 | unsafe { |
2110 | let slice = from_raw_parts_mut(self.elems, self.n_elems); |
2111 | ptr::drop_in_place(slice); |
2112 | |
2113 | Global.deallocate(self.mem, self.layout); |
2114 | } |
2115 | } |
2116 | } |
2117 | |
2118 | unsafe { |
2119 | let ptr = Self::allocate_for_slice(len); |
2120 | |
2121 | let mem = ptr as *mut _ as *mut u8; |
2122 | let layout = Layout::for_value_raw(ptr); |
2123 | |
2124 | // Pointer to first element |
2125 | let elems = (&raw mut (*ptr).data) as *mut T; |
2126 | |
2127 | let mut guard = Guard { mem: NonNull::new_unchecked(mem), elems, layout, n_elems: 0 }; |
2128 | |
2129 | for (i, item) in iter.enumerate() { |
2130 | ptr::write(elems.add(i), item); |
2131 | guard.n_elems += 1; |
2132 | } |
2133 | |
2134 | // All clear. Forget the guard so it doesn't free the new ArcInner. |
2135 | mem::forget(guard); |
2136 | |
2137 | Self::from_ptr(ptr) |
2138 | } |
2139 | } |
2140 | } |
2141 | |
2142 | impl<T, A: Allocator> Arc<[T], A> { |
2143 | /// Allocates an `ArcInner<[T]>` with the given length. |
2144 | #[inline ] |
2145 | #[cfg (not(no_global_oom_handling))] |
2146 | unsafe fn allocate_for_slice_in(len: usize, alloc: &A) -> *mut ArcInner<[T]> { |
2147 | unsafe { |
2148 | Arc::allocate_for_layout( |
2149 | value_layout:Layout::array::<T>(len).unwrap(), |
2150 | |layout| alloc.allocate(layout), |
2151 | |mem: *mut u8| ptr::slice_from_raw_parts_mut(data:mem.cast::<T>(), len) as *mut ArcInner<[T]>, |
2152 | ) |
2153 | } |
2154 | } |
2155 | } |
2156 | |
2157 | /// Specialization trait used for `From<&[T]>`. |
2158 | #[cfg (not(no_global_oom_handling))] |
2159 | trait ArcFromSlice<T> { |
2160 | fn from_slice(slice: &[T]) -> Self; |
2161 | } |
2162 | |
2163 | #[cfg (not(no_global_oom_handling))] |
2164 | impl<T: Clone> ArcFromSlice<T> for Arc<[T]> { |
2165 | #[inline ] |
2166 | default fn from_slice(v: &[T]) -> Self { |
2167 | unsafe { Self::from_iter_exact(iter:v.iter().cloned(), v.len()) } |
2168 | } |
2169 | } |
2170 | |
2171 | #[cfg (not(no_global_oom_handling))] |
2172 | impl<T: Copy> ArcFromSlice<T> for Arc<[T]> { |
2173 | #[inline ] |
2174 | fn from_slice(v: &[T]) -> Self { |
2175 | unsafe { Arc::copy_from_slice(v) } |
2176 | } |
2177 | } |
2178 | |
2179 | #[stable (feature = "rust1" , since = "1.0.0" )] |
2180 | impl<T: ?Sized, A: Allocator + Clone> Clone for Arc<T, A> { |
2181 | /// Makes a clone of the `Arc` pointer. |
2182 | /// |
2183 | /// This creates another pointer to the same allocation, increasing the |
2184 | /// strong reference count. |
2185 | /// |
2186 | /// # Examples |
2187 | /// |
2188 | /// ``` |
2189 | /// use std::sync::Arc; |
2190 | /// |
2191 | /// let five = Arc::new(5); |
2192 | /// |
2193 | /// let _ = Arc::clone(&five); |
2194 | /// ``` |
2195 | #[inline ] |
2196 | fn clone(&self) -> Arc<T, A> { |
2197 | // Using a relaxed ordering is alright here, as knowledge of the |
2198 | // original reference prevents other threads from erroneously deleting |
2199 | // the object. |
2200 | // |
2201 | // As explained in the [Boost documentation][1], Increasing the |
2202 | // reference counter can always be done with memory_order_relaxed: New |
2203 | // references to an object can only be formed from an existing |
2204 | // reference, and passing an existing reference from one thread to |
2205 | // another must already provide any required synchronization. |
2206 | // |
2207 | // [1]: (www.boost.org/doc/libs/1_55_0/doc/html/atomic/usage_examples.html) |
2208 | let old_size = self.inner().strong.fetch_add(1, Relaxed); |
2209 | |
2210 | // However we need to guard against massive refcounts in case someone is `mem::forget`ing |
2211 | // Arcs. If we don't do this the count can overflow and users will use-after free. This |
2212 | // branch will never be taken in any realistic program. We abort because such a program is |
2213 | // incredibly degenerate, and we don't care to support it. |
2214 | // |
2215 | // This check is not 100% water-proof: we error when the refcount grows beyond `isize::MAX`. |
2216 | // But we do that check *after* having done the increment, so there is a chance here that |
2217 | // the worst already happened and we actually do overflow the `usize` counter. However, that |
2218 | // requires the counter to grow from `isize::MAX` to `usize::MAX` between the increment |
2219 | // above and the `abort` below, which seems exceedingly unlikely. |
2220 | // |
2221 | // This is a global invariant, and also applies when using a compare-exchange loop to increment |
2222 | // counters in other methods. |
2223 | // Otherwise, the counter could be brought to an almost-overflow using a compare-exchange loop, |
2224 | // and then overflow using a few `fetch_add`s. |
2225 | if old_size > MAX_REFCOUNT { |
2226 | abort(); |
2227 | } |
2228 | |
2229 | unsafe { Self::from_inner_in(self.ptr, self.alloc.clone()) } |
2230 | } |
2231 | } |
2232 | |
2233 | #[unstable (feature = "ergonomic_clones" , issue = "132290" )] |
2234 | impl<T: ?Sized, A: Allocator + Clone> UseCloned for Arc<T, A> {} |
2235 | |
2236 | #[stable (feature = "rust1" , since = "1.0.0" )] |
2237 | impl<T: ?Sized, A: Allocator> Deref for Arc<T, A> { |
2238 | type Target = T; |
2239 | |
2240 | #[inline ] |
2241 | fn deref(&self) -> &T { |
2242 | &self.inner().data |
2243 | } |
2244 | } |
2245 | |
2246 | #[unstable (feature = "pin_coerce_unsized_trait" , issue = "123430" )] |
2247 | unsafe impl<T: ?Sized, A: Allocator> PinCoerceUnsized for Arc<T, A> {} |
2248 | |
2249 | #[unstable (feature = "pin_coerce_unsized_trait" , issue = "123430" )] |
2250 | unsafe impl<T: ?Sized, A: Allocator> PinCoerceUnsized for Weak<T, A> {} |
2251 | |
2252 | #[unstable (feature = "deref_pure_trait" , issue = "87121" )] |
2253 | unsafe impl<T: ?Sized, A: Allocator> DerefPure for Arc<T, A> {} |
2254 | |
2255 | #[unstable (feature = "legacy_receiver_trait" , issue = "none" )] |
2256 | impl<T: ?Sized> LegacyReceiver for Arc<T> {} |
2257 | |
2258 | #[cfg (not(no_global_oom_handling))] |
2259 | impl<T: ?Sized + CloneToUninit, A: Allocator + Clone> Arc<T, A> { |
2260 | /// Makes a mutable reference into the given `Arc`. |
2261 | /// |
2262 | /// If there are other `Arc` pointers to the same allocation, then `make_mut` will |
2263 | /// [`clone`] the inner value to a new allocation to ensure unique ownership. This is also |
2264 | /// referred to as clone-on-write. |
2265 | /// |
2266 | /// However, if there are no other `Arc` pointers to this allocation, but some [`Weak`] |
2267 | /// pointers, then the [`Weak`] pointers will be dissociated and the inner value will not |
2268 | /// be cloned. |
2269 | /// |
2270 | /// See also [`get_mut`], which will fail rather than cloning the inner value |
2271 | /// or dissociating [`Weak`] pointers. |
2272 | /// |
2273 | /// [`clone`]: Clone::clone |
2274 | /// [`get_mut`]: Arc::get_mut |
2275 | /// |
2276 | /// # Examples |
2277 | /// |
2278 | /// ``` |
2279 | /// use std::sync::Arc; |
2280 | /// |
2281 | /// let mut data = Arc::new(5); |
2282 | /// |
2283 | /// *Arc::make_mut(&mut data) += 1; // Won't clone anything |
2284 | /// let mut other_data = Arc::clone(&data); // Won't clone inner data |
2285 | /// *Arc::make_mut(&mut data) += 1; // Clones inner data |
2286 | /// *Arc::make_mut(&mut data) += 1; // Won't clone anything |
2287 | /// *Arc::make_mut(&mut other_data) *= 2; // Won't clone anything |
2288 | /// |
2289 | /// // Now `data` and `other_data` point to different allocations. |
2290 | /// assert_eq!(*data, 8); |
2291 | /// assert_eq!(*other_data, 12); |
2292 | /// ``` |
2293 | /// |
2294 | /// [`Weak`] pointers will be dissociated: |
2295 | /// |
2296 | /// ``` |
2297 | /// use std::sync::Arc; |
2298 | /// |
2299 | /// let mut data = Arc::new(75); |
2300 | /// let weak = Arc::downgrade(&data); |
2301 | /// |
2302 | /// assert!(75 == *data); |
2303 | /// assert!(75 == *weak.upgrade().unwrap()); |
2304 | /// |
2305 | /// *Arc::make_mut(&mut data) += 1; |
2306 | /// |
2307 | /// assert!(76 == *data); |
2308 | /// assert!(weak.upgrade().is_none()); |
2309 | /// ``` |
2310 | #[inline ] |
2311 | #[stable (feature = "arc_unique" , since = "1.4.0" )] |
2312 | pub fn make_mut(this: &mut Self) -> &mut T { |
2313 | let size_of_val = size_of_val::<T>(&**this); |
2314 | |
2315 | // Note that we hold both a strong reference and a weak reference. |
2316 | // Thus, releasing our strong reference only will not, by itself, cause |
2317 | // the memory to be deallocated. |
2318 | // |
2319 | // Use Acquire to ensure that we see any writes to `weak` that happen |
2320 | // before release writes (i.e., decrements) to `strong`. Since we hold a |
2321 | // weak count, there's no chance the ArcInner itself could be |
2322 | // deallocated. |
2323 | if this.inner().strong.compare_exchange(1, 0, Acquire, Relaxed).is_err() { |
2324 | // Another strong pointer exists, so we must clone. |
2325 | |
2326 | let this_data_ref: &T = &**this; |
2327 | // `in_progress` drops the allocation if we panic before finishing initializing it. |
2328 | let mut in_progress: UniqueArcUninit<T, A> = |
2329 | UniqueArcUninit::new(this_data_ref, this.alloc.clone()); |
2330 | |
2331 | let initialized_clone = unsafe { |
2332 | // Clone. If the clone panics, `in_progress` will be dropped and clean up. |
2333 | this_data_ref.clone_to_uninit(in_progress.data_ptr().cast()); |
2334 | // Cast type of pointer, now that it is initialized. |
2335 | in_progress.into_arc() |
2336 | }; |
2337 | *this = initialized_clone; |
2338 | } else if this.inner().weak.load(Relaxed) != 1 { |
2339 | // Relaxed suffices in the above because this is fundamentally an |
2340 | // optimization: we are always racing with weak pointers being |
2341 | // dropped. Worst case, we end up allocated a new Arc unnecessarily. |
2342 | |
2343 | // We removed the last strong ref, but there are additional weak |
2344 | // refs remaining. We'll move the contents to a new Arc, and |
2345 | // invalidate the other weak refs. |
2346 | |
2347 | // Note that it is not possible for the read of `weak` to yield |
2348 | // usize::MAX (i.e., locked), since the weak count can only be |
2349 | // locked by a thread with a strong reference. |
2350 | |
2351 | // Materialize our own implicit weak pointer, so that it can clean |
2352 | // up the ArcInner as needed. |
2353 | let _weak = Weak { ptr: this.ptr, alloc: this.alloc.clone() }; |
2354 | |
2355 | // Can just steal the data, all that's left is Weaks |
2356 | // |
2357 | // We don't need panic-protection like the above branch does, but we might as well |
2358 | // use the same mechanism. |
2359 | let mut in_progress: UniqueArcUninit<T, A> = |
2360 | UniqueArcUninit::new(&**this, this.alloc.clone()); |
2361 | unsafe { |
2362 | // Initialize `in_progress` with move of **this. |
2363 | // We have to express this in terms of bytes because `T: ?Sized`; there is no |
2364 | // operation that just copies a value based on its `size_of_val()`. |
2365 | ptr::copy_nonoverlapping( |
2366 | ptr::from_ref(&**this).cast::<u8>(), |
2367 | in_progress.data_ptr().cast::<u8>(), |
2368 | size_of_val, |
2369 | ); |
2370 | |
2371 | ptr::write(this, in_progress.into_arc()); |
2372 | } |
2373 | } else { |
2374 | // We were the sole reference of either kind; bump back up the |
2375 | // strong ref count. |
2376 | this.inner().strong.store(1, Release); |
2377 | } |
2378 | |
2379 | // As with `get_mut()`, the unsafety is ok because our reference was |
2380 | // either unique to begin with, or became one upon cloning the contents. |
2381 | unsafe { Self::get_mut_unchecked(this) } |
2382 | } |
2383 | } |
2384 | |
2385 | impl<T: Clone, A: Allocator> Arc<T, A> { |
2386 | /// If we have the only reference to `T` then unwrap it. Otherwise, clone `T` and return the |
2387 | /// clone. |
2388 | /// |
2389 | /// Assuming `arc_t` is of type `Arc<T>`, this function is functionally equivalent to |
2390 | /// `(*arc_t).clone()`, but will avoid cloning the inner value where possible. |
2391 | /// |
2392 | /// # Examples |
2393 | /// |
2394 | /// ``` |
2395 | /// # use std::{ptr, sync::Arc}; |
2396 | /// let inner = String::from("test" ); |
2397 | /// let ptr = inner.as_ptr(); |
2398 | /// |
2399 | /// let arc = Arc::new(inner); |
2400 | /// let inner = Arc::unwrap_or_clone(arc); |
2401 | /// // The inner value was not cloned |
2402 | /// assert!(ptr::eq(ptr, inner.as_ptr())); |
2403 | /// |
2404 | /// let arc = Arc::new(inner); |
2405 | /// let arc2 = arc.clone(); |
2406 | /// let inner = Arc::unwrap_or_clone(arc); |
2407 | /// // Because there were 2 references, we had to clone the inner value. |
2408 | /// assert!(!ptr::eq(ptr, inner.as_ptr())); |
2409 | /// // `arc2` is the last reference, so when we unwrap it we get back |
2410 | /// // the original `String`. |
2411 | /// let inner = Arc::unwrap_or_clone(arc2); |
2412 | /// assert!(ptr::eq(ptr, inner.as_ptr())); |
2413 | /// ``` |
2414 | #[inline ] |
2415 | #[stable (feature = "arc_unwrap_or_clone" , since = "1.76.0" )] |
2416 | pub fn unwrap_or_clone(this: Self) -> T { |
2417 | Arc::try_unwrap(this).unwrap_or_else(|arc| (*arc).clone()) |
2418 | } |
2419 | } |
2420 | |
2421 | impl<T: ?Sized, A: Allocator> Arc<T, A> { |
2422 | /// Returns a mutable reference into the given `Arc`, if there are |
2423 | /// no other `Arc` or [`Weak`] pointers to the same allocation. |
2424 | /// |
2425 | /// Returns [`None`] otherwise, because it is not safe to |
2426 | /// mutate a shared value. |
2427 | /// |
2428 | /// See also [`make_mut`][make_mut], which will [`clone`][clone] |
2429 | /// the inner value when there are other `Arc` pointers. |
2430 | /// |
2431 | /// [make_mut]: Arc::make_mut |
2432 | /// [clone]: Clone::clone |
2433 | /// |
2434 | /// # Examples |
2435 | /// |
2436 | /// ``` |
2437 | /// use std::sync::Arc; |
2438 | /// |
2439 | /// let mut x = Arc::new(3); |
2440 | /// *Arc::get_mut(&mut x).unwrap() = 4; |
2441 | /// assert_eq!(*x, 4); |
2442 | /// |
2443 | /// let _y = Arc::clone(&x); |
2444 | /// assert!(Arc::get_mut(&mut x).is_none()); |
2445 | /// ``` |
2446 | #[inline ] |
2447 | #[stable (feature = "arc_unique" , since = "1.4.0" )] |
2448 | pub fn get_mut(this: &mut Self) -> Option<&mut T> { |
2449 | if this.is_unique() { |
2450 | // This unsafety is ok because we're guaranteed that the pointer |
2451 | // returned is the *only* pointer that will ever be returned to T. Our |
2452 | // reference count is guaranteed to be 1 at this point, and we required |
2453 | // the Arc itself to be `mut`, so we're returning the only possible |
2454 | // reference to the inner data. |
2455 | unsafe { Some(Arc::get_mut_unchecked(this)) } |
2456 | } else { |
2457 | None |
2458 | } |
2459 | } |
2460 | |
2461 | /// Returns a mutable reference into the given `Arc`, |
2462 | /// without any check. |
2463 | /// |
2464 | /// See also [`get_mut`], which is safe and does appropriate checks. |
2465 | /// |
2466 | /// [`get_mut`]: Arc::get_mut |
2467 | /// |
2468 | /// # Safety |
2469 | /// |
2470 | /// If any other `Arc` or [`Weak`] pointers to the same allocation exist, then |
2471 | /// they must not be dereferenced or have active borrows for the duration |
2472 | /// of the returned borrow, and their inner type must be exactly the same as the |
2473 | /// inner type of this Rc (including lifetimes). This is trivially the case if no |
2474 | /// such pointers exist, for example immediately after `Arc::new`. |
2475 | /// |
2476 | /// # Examples |
2477 | /// |
2478 | /// ``` |
2479 | /// #![feature(get_mut_unchecked)] |
2480 | /// |
2481 | /// use std::sync::Arc; |
2482 | /// |
2483 | /// let mut x = Arc::new(String::new()); |
2484 | /// unsafe { |
2485 | /// Arc::get_mut_unchecked(&mut x).push_str("foo" ) |
2486 | /// } |
2487 | /// assert_eq!(*x, "foo" ); |
2488 | /// ``` |
2489 | /// Other `Arc` pointers to the same allocation must be to the same type. |
2490 | /// ```no_run |
2491 | /// #![feature(get_mut_unchecked)] |
2492 | /// |
2493 | /// use std::sync::Arc; |
2494 | /// |
2495 | /// let x: Arc<str> = Arc::from("Hello, world!" ); |
2496 | /// let mut y: Arc<[u8]> = x.clone().into(); |
2497 | /// unsafe { |
2498 | /// // this is Undefined Behavior, because x's inner type is str, not [u8] |
2499 | /// Arc::get_mut_unchecked(&mut y).fill(0xff); // 0xff is invalid in UTF-8 |
2500 | /// } |
2501 | /// println!("{}" , &*x); // Invalid UTF-8 in a str |
2502 | /// ``` |
2503 | /// Other `Arc` pointers to the same allocation must be to the exact same type, including lifetimes. |
2504 | /// ```no_run |
2505 | /// #![feature(get_mut_unchecked)] |
2506 | /// |
2507 | /// use std::sync::Arc; |
2508 | /// |
2509 | /// let x: Arc<&str> = Arc::new("Hello, world!" ); |
2510 | /// { |
2511 | /// let s = String::from("Oh, no!" ); |
2512 | /// let mut y: Arc<&str> = x.clone(); |
2513 | /// unsafe { |
2514 | /// // this is Undefined Behavior, because x's inner type |
2515 | /// // is &'long str, not &'short str |
2516 | /// *Arc::get_mut_unchecked(&mut y) = &s; |
2517 | /// } |
2518 | /// } |
2519 | /// println!("{}" , &*x); // Use-after-free |
2520 | /// ``` |
2521 | #[inline ] |
2522 | #[unstable (feature = "get_mut_unchecked" , issue = "63292" )] |
2523 | pub unsafe fn get_mut_unchecked(this: &mut Self) -> &mut T { |
2524 | // We are careful to *not* create a reference covering the "count" fields, as |
2525 | // this would alias with concurrent access to the reference counts (e.g. by `Weak`). |
2526 | unsafe { &mut (*this.ptr.as_ptr()).data } |
2527 | } |
2528 | |
2529 | /// Determine whether this is the unique reference (including weak refs) to |
2530 | /// the underlying data. |
2531 | /// |
2532 | /// Note that this requires locking the weak ref count. |
2533 | fn is_unique(&mut self) -> bool { |
2534 | // lock the weak pointer count if we appear to be the sole weak pointer |
2535 | // holder. |
2536 | // |
2537 | // The acquire label here ensures a happens-before relationship with any |
2538 | // writes to `strong` (in particular in `Weak::upgrade`) prior to decrements |
2539 | // of the `weak` count (via `Weak::drop`, which uses release). If the upgraded |
2540 | // weak ref was never dropped, the CAS here will fail so we do not care to synchronize. |
2541 | if self.inner().weak.compare_exchange(1, usize::MAX, Acquire, Relaxed).is_ok() { |
2542 | // This needs to be an `Acquire` to synchronize with the decrement of the `strong` |
2543 | // counter in `drop` -- the only access that happens when any but the last reference |
2544 | // is being dropped. |
2545 | let unique = self.inner().strong.load(Acquire) == 1; |
2546 | |
2547 | // The release write here synchronizes with a read in `downgrade`, |
2548 | // effectively preventing the above read of `strong` from happening |
2549 | // after the write. |
2550 | self.inner().weak.store(1, Release); // release the lock |
2551 | unique |
2552 | } else { |
2553 | false |
2554 | } |
2555 | } |
2556 | } |
2557 | |
2558 | #[stable (feature = "rust1" , since = "1.0.0" )] |
2559 | unsafe impl<#[may_dangle ] T: ?Sized, A: Allocator> Drop for Arc<T, A> { |
2560 | /// Drops the `Arc`. |
2561 | /// |
2562 | /// This will decrement the strong reference count. If the strong reference |
2563 | /// count reaches zero then the only other references (if any) are |
2564 | /// [`Weak`], so we `drop` the inner value. |
2565 | /// |
2566 | /// # Examples |
2567 | /// |
2568 | /// ``` |
2569 | /// use std::sync::Arc; |
2570 | /// |
2571 | /// struct Foo; |
2572 | /// |
2573 | /// impl Drop for Foo { |
2574 | /// fn drop(&mut self) { |
2575 | /// println!("dropped!" ); |
2576 | /// } |
2577 | /// } |
2578 | /// |
2579 | /// let foo = Arc::new(Foo); |
2580 | /// let foo2 = Arc::clone(&foo); |
2581 | /// |
2582 | /// drop(foo); // Doesn't print anything |
2583 | /// drop(foo2); // Prints "dropped!" |
2584 | /// ``` |
2585 | #[inline ] |
2586 | fn drop(&mut self) { |
2587 | // Because `fetch_sub` is already atomic, we do not need to synchronize |
2588 | // with other threads unless we are going to delete the object. This |
2589 | // same logic applies to the below `fetch_sub` to the `weak` count. |
2590 | if self.inner().strong.fetch_sub(1, Release) != 1 { |
2591 | return; |
2592 | } |
2593 | |
2594 | // This fence is needed to prevent reordering of use of the data and |
2595 | // deletion of the data. Because it is marked `Release`, the decreasing |
2596 | // of the reference count synchronizes with this `Acquire` fence. This |
2597 | // means that use of the data happens before decreasing the reference |
2598 | // count, which happens before this fence, which happens before the |
2599 | // deletion of the data. |
2600 | // |
2601 | // As explained in the [Boost documentation][1], |
2602 | // |
2603 | // > It is important to enforce any possible access to the object in one |
2604 | // > thread (through an existing reference) to *happen before* deleting |
2605 | // > the object in a different thread. This is achieved by a "release" |
2606 | // > operation after dropping a reference (any access to the object |
2607 | // > through this reference must obviously happened before), and an |
2608 | // > "acquire" operation before deleting the object. |
2609 | // |
2610 | // In particular, while the contents of an Arc are usually immutable, it's |
2611 | // possible to have interior writes to something like a Mutex<T>. Since a |
2612 | // Mutex is not acquired when it is deleted, we can't rely on its |
2613 | // synchronization logic to make writes in thread A visible to a destructor |
2614 | // running in thread B. |
2615 | // |
2616 | // Also note that the Acquire fence here could probably be replaced with an |
2617 | // Acquire load, which could improve performance in highly-contended |
2618 | // situations. See [2]. |
2619 | // |
2620 | // [1]: (www.boost.org/doc/libs/1_55_0/doc/html/atomic/usage_examples.html) |
2621 | // [2]: (https://github.com/rust-lang/rust/pull/41714) |
2622 | acquire!(self.inner().strong); |
2623 | |
2624 | // Make sure we aren't trying to "drop" the shared static for empty slices |
2625 | // used by Default::default. |
2626 | debug_assert!( |
2627 | !ptr::addr_eq(self.ptr.as_ptr(), &STATIC_INNER_SLICE.inner), |
2628 | "Arcs backed by a static should never reach a strong count of 0. \ |
2629 | Likely decrement_strong_count or from_raw were called too many times." , |
2630 | ); |
2631 | |
2632 | unsafe { |
2633 | self.drop_slow(); |
2634 | } |
2635 | } |
2636 | } |
2637 | |
2638 | impl<A: Allocator> Arc<dyn Any + Send + Sync, A> { |
2639 | /// Attempts to downcast the `Arc<dyn Any + Send + Sync>` to a concrete type. |
2640 | /// |
2641 | /// # Examples |
2642 | /// |
2643 | /// ``` |
2644 | /// use std::any::Any; |
2645 | /// use std::sync::Arc; |
2646 | /// |
2647 | /// fn print_if_string(value: Arc<dyn Any + Send + Sync>) { |
2648 | /// if let Ok(string) = value.downcast::<String>() { |
2649 | /// println!("String ({}): {}" , string.len(), string); |
2650 | /// } |
2651 | /// } |
2652 | /// |
2653 | /// let my_string = "Hello World" .to_string(); |
2654 | /// print_if_string(Arc::new(my_string)); |
2655 | /// print_if_string(Arc::new(0i8)); |
2656 | /// ``` |
2657 | #[inline ] |
2658 | #[stable (feature = "rc_downcast" , since = "1.29.0" )] |
2659 | pub fn downcast<T>(self) -> Result<Arc<T, A>, Self> |
2660 | where |
2661 | T: Any + Send + Sync, |
2662 | { |
2663 | if (*self).is::<T>() { |
2664 | unsafe { |
2665 | let (ptr, alloc) = Arc::into_inner_with_allocator(self); |
2666 | Ok(Arc::from_inner_in(ptr.cast(), alloc)) |
2667 | } |
2668 | } else { |
2669 | Err(self) |
2670 | } |
2671 | } |
2672 | |
2673 | /// Downcasts the `Arc<dyn Any + Send + Sync>` to a concrete type. |
2674 | /// |
2675 | /// For a safe alternative see [`downcast`]. |
2676 | /// |
2677 | /// # Examples |
2678 | /// |
2679 | /// ``` |
2680 | /// #![feature(downcast_unchecked)] |
2681 | /// |
2682 | /// use std::any::Any; |
2683 | /// use std::sync::Arc; |
2684 | /// |
2685 | /// let x: Arc<dyn Any + Send + Sync> = Arc::new(1_usize); |
2686 | /// |
2687 | /// unsafe { |
2688 | /// assert_eq!(*x.downcast_unchecked::<usize>(), 1); |
2689 | /// } |
2690 | /// ``` |
2691 | /// |
2692 | /// # Safety |
2693 | /// |
2694 | /// The contained value must be of type `T`. Calling this method |
2695 | /// with the incorrect type is *undefined behavior*. |
2696 | /// |
2697 | /// |
2698 | /// [`downcast`]: Self::downcast |
2699 | #[inline ] |
2700 | #[unstable (feature = "downcast_unchecked" , issue = "90850" )] |
2701 | pub unsafe fn downcast_unchecked<T>(self) -> Arc<T, A> |
2702 | where |
2703 | T: Any + Send + Sync, |
2704 | { |
2705 | unsafe { |
2706 | let (ptr, alloc) = Arc::into_inner_with_allocator(self); |
2707 | Arc::from_inner_in(ptr.cast(), alloc) |
2708 | } |
2709 | } |
2710 | } |
2711 | |
2712 | impl<T> Weak<T> { |
2713 | /// Constructs a new `Weak<T>`, without allocating any memory. |
2714 | /// Calling [`upgrade`] on the return value always gives [`None`]. |
2715 | /// |
2716 | /// [`upgrade`]: Weak::upgrade |
2717 | /// |
2718 | /// # Examples |
2719 | /// |
2720 | /// ``` |
2721 | /// use std::sync::Weak; |
2722 | /// |
2723 | /// let empty: Weak<i64> = Weak::new(); |
2724 | /// assert!(empty.upgrade().is_none()); |
2725 | /// ``` |
2726 | #[inline ] |
2727 | #[stable (feature = "downgraded_weak" , since = "1.10.0" )] |
2728 | #[rustc_const_stable (feature = "const_weak_new" , since = "1.73.0" )] |
2729 | #[must_use ] |
2730 | pub const fn new() -> Weak<T> { |
2731 | Weak { ptr: NonNull::without_provenance(addr:NonZeroUsize::MAX), alloc: Global } |
2732 | } |
2733 | } |
2734 | |
2735 | impl<T, A: Allocator> Weak<T, A> { |
2736 | /// Constructs a new `Weak<T, A>`, without allocating any memory, technically in the provided |
2737 | /// allocator. |
2738 | /// Calling [`upgrade`] on the return value always gives [`None`]. |
2739 | /// |
2740 | /// [`upgrade`]: Weak::upgrade |
2741 | /// |
2742 | /// # Examples |
2743 | /// |
2744 | /// ``` |
2745 | /// #![feature(allocator_api)] |
2746 | /// |
2747 | /// use std::sync::Weak; |
2748 | /// use std::alloc::System; |
2749 | /// |
2750 | /// let empty: Weak<i64, _> = Weak::new_in(System); |
2751 | /// assert!(empty.upgrade().is_none()); |
2752 | /// ``` |
2753 | #[inline ] |
2754 | #[unstable (feature = "allocator_api" , issue = "32838" )] |
2755 | pub fn new_in(alloc: A) -> Weak<T, A> { |
2756 | Weak { ptr: NonNull::without_provenance(addr:NonZeroUsize::MAX), alloc } |
2757 | } |
2758 | } |
2759 | |
2760 | /// Helper type to allow accessing the reference counts without |
2761 | /// making any assertions about the data field. |
2762 | struct WeakInner<'a> { |
2763 | weak: &'a atomic::AtomicUsize, |
2764 | strong: &'a atomic::AtomicUsize, |
2765 | } |
2766 | |
2767 | impl<T: ?Sized> Weak<T> { |
2768 | /// Converts a raw pointer previously created by [`into_raw`] back into `Weak<T>`. |
2769 | /// |
2770 | /// This can be used to safely get a strong reference (by calling [`upgrade`] |
2771 | /// later) or to deallocate the weak count by dropping the `Weak<T>`. |
2772 | /// |
2773 | /// It takes ownership of one weak reference (with the exception of pointers created by [`new`], |
2774 | /// as these don't own anything; the method still works on them). |
2775 | /// |
2776 | /// # Safety |
2777 | /// |
2778 | /// The pointer must have originated from the [`into_raw`] and must still own its potential |
2779 | /// weak reference, and must point to a block of memory allocated by global allocator. |
2780 | /// |
2781 | /// It is allowed for the strong count to be 0 at the time of calling this. Nevertheless, this |
2782 | /// takes ownership of one weak reference currently represented as a raw pointer (the weak |
2783 | /// count is not modified by this operation) and therefore it must be paired with a previous |
2784 | /// call to [`into_raw`]. |
2785 | /// # Examples |
2786 | /// |
2787 | /// ``` |
2788 | /// use std::sync::{Arc, Weak}; |
2789 | /// |
2790 | /// let strong = Arc::new("hello" .to_owned()); |
2791 | /// |
2792 | /// let raw_1 = Arc::downgrade(&strong).into_raw(); |
2793 | /// let raw_2 = Arc::downgrade(&strong).into_raw(); |
2794 | /// |
2795 | /// assert_eq!(2, Arc::weak_count(&strong)); |
2796 | /// |
2797 | /// assert_eq!("hello" , &*unsafe { Weak::from_raw(raw_1) }.upgrade().unwrap()); |
2798 | /// assert_eq!(1, Arc::weak_count(&strong)); |
2799 | /// |
2800 | /// drop(strong); |
2801 | /// |
2802 | /// // Decrement the last weak count. |
2803 | /// assert!(unsafe { Weak::from_raw(raw_2) }.upgrade().is_none()); |
2804 | /// ``` |
2805 | /// |
2806 | /// [`new`]: Weak::new |
2807 | /// [`into_raw`]: Weak::into_raw |
2808 | /// [`upgrade`]: Weak::upgrade |
2809 | #[inline ] |
2810 | #[stable (feature = "weak_into_raw" , since = "1.45.0" )] |
2811 | pub unsafe fn from_raw(ptr: *const T) -> Self { |
2812 | unsafe { Weak::from_raw_in(ptr, Global) } |
2813 | } |
2814 | } |
2815 | |
2816 | impl<T: ?Sized, A: Allocator> Weak<T, A> { |
2817 | /// Returns a reference to the underlying allocator. |
2818 | #[inline ] |
2819 | #[unstable (feature = "allocator_api" , issue = "32838" )] |
2820 | pub fn allocator(&self) -> &A { |
2821 | &self.alloc |
2822 | } |
2823 | |
2824 | /// Returns a raw pointer to the object `T` pointed to by this `Weak<T>`. |
2825 | /// |
2826 | /// The pointer is valid only if there are some strong references. The pointer may be dangling, |
2827 | /// unaligned or even [`null`] otherwise. |
2828 | /// |
2829 | /// # Examples |
2830 | /// |
2831 | /// ``` |
2832 | /// use std::sync::Arc; |
2833 | /// use std::ptr; |
2834 | /// |
2835 | /// let strong = Arc::new("hello" .to_owned()); |
2836 | /// let weak = Arc::downgrade(&strong); |
2837 | /// // Both point to the same object |
2838 | /// assert!(ptr::eq(&*strong, weak.as_ptr())); |
2839 | /// // The strong here keeps it alive, so we can still access the object. |
2840 | /// assert_eq!("hello" , unsafe { &*weak.as_ptr() }); |
2841 | /// |
2842 | /// drop(strong); |
2843 | /// // But not any more. We can do weak.as_ptr(), but accessing the pointer would lead to |
2844 | /// // undefined behavior. |
2845 | /// // assert_eq!("hello", unsafe { &*weak.as_ptr() }); |
2846 | /// ``` |
2847 | /// |
2848 | /// [`null`]: core::ptr::null "ptr::null" |
2849 | #[must_use ] |
2850 | #[stable (feature = "weak_into_raw" , since = "1.45.0" )] |
2851 | pub fn as_ptr(&self) -> *const T { |
2852 | let ptr: *mut ArcInner<T> = NonNull::as_ptr(self.ptr); |
2853 | |
2854 | if is_dangling(ptr) { |
2855 | // If the pointer is dangling, we return the sentinel directly. This cannot be |
2856 | // a valid payload address, as the payload is at least as aligned as ArcInner (usize). |
2857 | ptr as *const T |
2858 | } else { |
2859 | // SAFETY: if is_dangling returns false, then the pointer is dereferenceable. |
2860 | // The payload may be dropped at this point, and we have to maintain provenance, |
2861 | // so use raw pointer manipulation. |
2862 | unsafe { &raw mut (*ptr).data } |
2863 | } |
2864 | } |
2865 | |
2866 | /// Consumes the `Weak<T>` and turns it into a raw pointer. |
2867 | /// |
2868 | /// This converts the weak pointer into a raw pointer, while still preserving the ownership of |
2869 | /// one weak reference (the weak count is not modified by this operation). It can be turned |
2870 | /// back into the `Weak<T>` with [`from_raw`]. |
2871 | /// |
2872 | /// The same restrictions of accessing the target of the pointer as with |
2873 | /// [`as_ptr`] apply. |
2874 | /// |
2875 | /// # Examples |
2876 | /// |
2877 | /// ``` |
2878 | /// use std::sync::{Arc, Weak}; |
2879 | /// |
2880 | /// let strong = Arc::new("hello" .to_owned()); |
2881 | /// let weak = Arc::downgrade(&strong); |
2882 | /// let raw = weak.into_raw(); |
2883 | /// |
2884 | /// assert_eq!(1, Arc::weak_count(&strong)); |
2885 | /// assert_eq!("hello" , unsafe { &*raw }); |
2886 | /// |
2887 | /// drop(unsafe { Weak::from_raw(raw) }); |
2888 | /// assert_eq!(0, Arc::weak_count(&strong)); |
2889 | /// ``` |
2890 | /// |
2891 | /// [`from_raw`]: Weak::from_raw |
2892 | /// [`as_ptr`]: Weak::as_ptr |
2893 | #[must_use = "losing the pointer will leak memory" ] |
2894 | #[stable (feature = "weak_into_raw" , since = "1.45.0" )] |
2895 | pub fn into_raw(self) -> *const T { |
2896 | ManuallyDrop::new(self).as_ptr() |
2897 | } |
2898 | |
2899 | /// Consumes the `Weak<T>`, returning the wrapped pointer and allocator. |
2900 | /// |
2901 | /// This converts the weak pointer into a raw pointer, while still preserving the ownership of |
2902 | /// one weak reference (the weak count is not modified by this operation). It can be turned |
2903 | /// back into the `Weak<T>` with [`from_raw_in`]. |
2904 | /// |
2905 | /// The same restrictions of accessing the target of the pointer as with |
2906 | /// [`as_ptr`] apply. |
2907 | /// |
2908 | /// # Examples |
2909 | /// |
2910 | /// ``` |
2911 | /// #![feature(allocator_api)] |
2912 | /// use std::sync::{Arc, Weak}; |
2913 | /// use std::alloc::System; |
2914 | /// |
2915 | /// let strong = Arc::new_in("hello" .to_owned(), System); |
2916 | /// let weak = Arc::downgrade(&strong); |
2917 | /// let (raw, alloc) = weak.into_raw_with_allocator(); |
2918 | /// |
2919 | /// assert_eq!(1, Arc::weak_count(&strong)); |
2920 | /// assert_eq!("hello" , unsafe { &*raw }); |
2921 | /// |
2922 | /// drop(unsafe { Weak::from_raw_in(raw, alloc) }); |
2923 | /// assert_eq!(0, Arc::weak_count(&strong)); |
2924 | /// ``` |
2925 | /// |
2926 | /// [`from_raw_in`]: Weak::from_raw_in |
2927 | /// [`as_ptr`]: Weak::as_ptr |
2928 | #[must_use = "losing the pointer will leak memory" ] |
2929 | #[unstable (feature = "allocator_api" , issue = "32838" )] |
2930 | pub fn into_raw_with_allocator(self) -> (*const T, A) { |
2931 | let this = mem::ManuallyDrop::new(self); |
2932 | let result = this.as_ptr(); |
2933 | // Safety: `this` is ManuallyDrop so the allocator will not be double-dropped |
2934 | let alloc = unsafe { ptr::read(&this.alloc) }; |
2935 | (result, alloc) |
2936 | } |
2937 | |
2938 | /// Converts a raw pointer previously created by [`into_raw`] back into `Weak<T>` in the provided |
2939 | /// allocator. |
2940 | /// |
2941 | /// This can be used to safely get a strong reference (by calling [`upgrade`] |
2942 | /// later) or to deallocate the weak count by dropping the `Weak<T>`. |
2943 | /// |
2944 | /// It takes ownership of one weak reference (with the exception of pointers created by [`new`], |
2945 | /// as these don't own anything; the method still works on them). |
2946 | /// |
2947 | /// # Safety |
2948 | /// |
2949 | /// The pointer must have originated from the [`into_raw`] and must still own its potential |
2950 | /// weak reference, and must point to a block of memory allocated by `alloc`. |
2951 | /// |
2952 | /// It is allowed for the strong count to be 0 at the time of calling this. Nevertheless, this |
2953 | /// takes ownership of one weak reference currently represented as a raw pointer (the weak |
2954 | /// count is not modified by this operation) and therefore it must be paired with a previous |
2955 | /// call to [`into_raw`]. |
2956 | /// # Examples |
2957 | /// |
2958 | /// ``` |
2959 | /// use std::sync::{Arc, Weak}; |
2960 | /// |
2961 | /// let strong = Arc::new("hello" .to_owned()); |
2962 | /// |
2963 | /// let raw_1 = Arc::downgrade(&strong).into_raw(); |
2964 | /// let raw_2 = Arc::downgrade(&strong).into_raw(); |
2965 | /// |
2966 | /// assert_eq!(2, Arc::weak_count(&strong)); |
2967 | /// |
2968 | /// assert_eq!("hello" , &*unsafe { Weak::from_raw(raw_1) }.upgrade().unwrap()); |
2969 | /// assert_eq!(1, Arc::weak_count(&strong)); |
2970 | /// |
2971 | /// drop(strong); |
2972 | /// |
2973 | /// // Decrement the last weak count. |
2974 | /// assert!(unsafe { Weak::from_raw(raw_2) }.upgrade().is_none()); |
2975 | /// ``` |
2976 | /// |
2977 | /// [`new`]: Weak::new |
2978 | /// [`into_raw`]: Weak::into_raw |
2979 | /// [`upgrade`]: Weak::upgrade |
2980 | #[inline ] |
2981 | #[unstable (feature = "allocator_api" , issue = "32838" )] |
2982 | pub unsafe fn from_raw_in(ptr: *const T, alloc: A) -> Self { |
2983 | // See Weak::as_ptr for context on how the input pointer is derived. |
2984 | |
2985 | let ptr = if is_dangling(ptr) { |
2986 | // This is a dangling Weak. |
2987 | ptr as *mut ArcInner<T> |
2988 | } else { |
2989 | // Otherwise, we're guaranteed the pointer came from a nondangling Weak. |
2990 | // SAFETY: data_offset is safe to call, as ptr references a real (potentially dropped) T. |
2991 | let offset = unsafe { data_offset(ptr) }; |
2992 | // Thus, we reverse the offset to get the whole RcInner. |
2993 | // SAFETY: the pointer originated from a Weak, so this offset is safe. |
2994 | unsafe { ptr.byte_sub(offset) as *mut ArcInner<T> } |
2995 | }; |
2996 | |
2997 | // SAFETY: we now have recovered the original Weak pointer, so can create the Weak. |
2998 | Weak { ptr: unsafe { NonNull::new_unchecked(ptr) }, alloc } |
2999 | } |
3000 | } |
3001 | |
3002 | impl<T: ?Sized, A: Allocator> Weak<T, A> { |
3003 | /// Attempts to upgrade the `Weak` pointer to an [`Arc`], delaying |
3004 | /// dropping of the inner value if successful. |
3005 | /// |
3006 | /// Returns [`None`] if the inner value has since been dropped. |
3007 | /// |
3008 | /// # Examples |
3009 | /// |
3010 | /// ``` |
3011 | /// use std::sync::Arc; |
3012 | /// |
3013 | /// let five = Arc::new(5); |
3014 | /// |
3015 | /// let weak_five = Arc::downgrade(&five); |
3016 | /// |
3017 | /// let strong_five: Option<Arc<_>> = weak_five.upgrade(); |
3018 | /// assert!(strong_five.is_some()); |
3019 | /// |
3020 | /// // Destroy all strong pointers. |
3021 | /// drop(strong_five); |
3022 | /// drop(five); |
3023 | /// |
3024 | /// assert!(weak_five.upgrade().is_none()); |
3025 | /// ``` |
3026 | #[must_use = "this returns a new `Arc`, \ |
3027 | without modifying the original weak pointer" ] |
3028 | #[stable (feature = "arc_weak" , since = "1.4.0" )] |
3029 | pub fn upgrade(&self) -> Option<Arc<T, A>> |
3030 | where |
3031 | A: Clone, |
3032 | { |
3033 | #[inline ] |
3034 | fn checked_increment(n: usize) -> Option<usize> { |
3035 | // Any write of 0 we can observe leaves the field in permanently zero state. |
3036 | if n == 0 { |
3037 | return None; |
3038 | } |
3039 | // See comments in `Arc::clone` for why we do this (for `mem::forget`). |
3040 | assert!(n <= MAX_REFCOUNT, "{}" , INTERNAL_OVERFLOW_ERROR); |
3041 | Some(n + 1) |
3042 | } |
3043 | |
3044 | // We use a CAS loop to increment the strong count instead of a |
3045 | // fetch_add as this function should never take the reference count |
3046 | // from zero to one. |
3047 | // |
3048 | // Relaxed is fine for the failure case because we don't have any expectations about the new state. |
3049 | // Acquire is necessary for the success case to synchronise with `Arc::new_cyclic`, when the inner |
3050 | // value can be initialized after `Weak` references have already been created. In that case, we |
3051 | // expect to observe the fully initialized value. |
3052 | if self.inner()?.strong.fetch_update(Acquire, Relaxed, checked_increment).is_ok() { |
3053 | // SAFETY: pointer is not null, verified in checked_increment |
3054 | unsafe { Some(Arc::from_inner_in(self.ptr, self.alloc.clone())) } |
3055 | } else { |
3056 | None |
3057 | } |
3058 | } |
3059 | |
3060 | /// Gets the number of strong (`Arc`) pointers pointing to this allocation. |
3061 | /// |
3062 | /// If `self` was created using [`Weak::new`], this will return 0. |
3063 | #[must_use ] |
3064 | #[stable (feature = "weak_counts" , since = "1.41.0" )] |
3065 | pub fn strong_count(&self) -> usize { |
3066 | if let Some(inner) = self.inner() { inner.strong.load(Relaxed) } else { 0 } |
3067 | } |
3068 | |
3069 | /// Gets an approximation of the number of `Weak` pointers pointing to this |
3070 | /// allocation. |
3071 | /// |
3072 | /// If `self` was created using [`Weak::new`], or if there are no remaining |
3073 | /// strong pointers, this will return 0. |
3074 | /// |
3075 | /// # Accuracy |
3076 | /// |
3077 | /// Due to implementation details, the returned value can be off by 1 in |
3078 | /// either direction when other threads are manipulating any `Arc`s or |
3079 | /// `Weak`s pointing to the same allocation. |
3080 | #[must_use ] |
3081 | #[stable (feature = "weak_counts" , since = "1.41.0" )] |
3082 | pub fn weak_count(&self) -> usize { |
3083 | if let Some(inner) = self.inner() { |
3084 | let weak = inner.weak.load(Acquire); |
3085 | let strong = inner.strong.load(Relaxed); |
3086 | if strong == 0 { |
3087 | 0 |
3088 | } else { |
3089 | // Since we observed that there was at least one strong pointer |
3090 | // after reading the weak count, we know that the implicit weak |
3091 | // reference (present whenever any strong references are alive) |
3092 | // was still around when we observed the weak count, and can |
3093 | // therefore safely subtract it. |
3094 | weak - 1 |
3095 | } |
3096 | } else { |
3097 | 0 |
3098 | } |
3099 | } |
3100 | |
3101 | /// Returns `None` when the pointer is dangling and there is no allocated `ArcInner`, |
3102 | /// (i.e., when this `Weak` was created by `Weak::new`). |
3103 | #[inline ] |
3104 | fn inner(&self) -> Option<WeakInner<'_>> { |
3105 | let ptr = self.ptr.as_ptr(); |
3106 | if is_dangling(ptr) { |
3107 | None |
3108 | } else { |
3109 | // We are careful to *not* create a reference covering the "data" field, as |
3110 | // the field may be mutated concurrently (for example, if the last `Arc` |
3111 | // is dropped, the data field will be dropped in-place). |
3112 | Some(unsafe { WeakInner { strong: &(*ptr).strong, weak: &(*ptr).weak } }) |
3113 | } |
3114 | } |
3115 | |
3116 | /// Returns `true` if the two `Weak`s point to the same allocation similar to [`ptr::eq`], or if |
3117 | /// both don't point to any allocation (because they were created with `Weak::new()`). However, |
3118 | /// this function ignores the metadata of `dyn Trait` pointers. |
3119 | /// |
3120 | /// # Notes |
3121 | /// |
3122 | /// Since this compares pointers it means that `Weak::new()` will equal each |
3123 | /// other, even though they don't point to any allocation. |
3124 | /// |
3125 | /// # Examples |
3126 | /// |
3127 | /// ``` |
3128 | /// use std::sync::Arc; |
3129 | /// |
3130 | /// let first_rc = Arc::new(5); |
3131 | /// let first = Arc::downgrade(&first_rc); |
3132 | /// let second = Arc::downgrade(&first_rc); |
3133 | /// |
3134 | /// assert!(first.ptr_eq(&second)); |
3135 | /// |
3136 | /// let third_rc = Arc::new(5); |
3137 | /// let third = Arc::downgrade(&third_rc); |
3138 | /// |
3139 | /// assert!(!first.ptr_eq(&third)); |
3140 | /// ``` |
3141 | /// |
3142 | /// Comparing `Weak::new`. |
3143 | /// |
3144 | /// ``` |
3145 | /// use std::sync::{Arc, Weak}; |
3146 | /// |
3147 | /// let first = Weak::new(); |
3148 | /// let second = Weak::new(); |
3149 | /// assert!(first.ptr_eq(&second)); |
3150 | /// |
3151 | /// let third_rc = Arc::new(()); |
3152 | /// let third = Arc::downgrade(&third_rc); |
3153 | /// assert!(!first.ptr_eq(&third)); |
3154 | /// ``` |
3155 | /// |
3156 | /// [`ptr::eq`]: core::ptr::eq "ptr::eq" |
3157 | #[inline ] |
3158 | #[must_use ] |
3159 | #[stable (feature = "weak_ptr_eq" , since = "1.39.0" )] |
3160 | pub fn ptr_eq(&self, other: &Self) -> bool { |
3161 | ptr::addr_eq(self.ptr.as_ptr(), other.ptr.as_ptr()) |
3162 | } |
3163 | } |
3164 | |
3165 | #[stable (feature = "arc_weak" , since = "1.4.0" )] |
3166 | impl<T: ?Sized, A: Allocator + Clone> Clone for Weak<T, A> { |
3167 | /// Makes a clone of the `Weak` pointer that points to the same allocation. |
3168 | /// |
3169 | /// # Examples |
3170 | /// |
3171 | /// ``` |
3172 | /// use std::sync::{Arc, Weak}; |
3173 | /// |
3174 | /// let weak_five = Arc::downgrade(&Arc::new(5)); |
3175 | /// |
3176 | /// let _ = Weak::clone(&weak_five); |
3177 | /// ``` |
3178 | #[inline ] |
3179 | fn clone(&self) -> Weak<T, A> { |
3180 | if let Some(inner) = self.inner() { |
3181 | // See comments in Arc::clone() for why this is relaxed. This can use a |
3182 | // fetch_add (ignoring the lock) because the weak count is only locked |
3183 | // where are *no other* weak pointers in existence. (So we can't be |
3184 | // running this code in that case). |
3185 | let old_size = inner.weak.fetch_add(1, Relaxed); |
3186 | |
3187 | // See comments in Arc::clone() for why we do this (for mem::forget). |
3188 | if old_size > MAX_REFCOUNT { |
3189 | abort(); |
3190 | } |
3191 | } |
3192 | |
3193 | Weak { ptr: self.ptr, alloc: self.alloc.clone() } |
3194 | } |
3195 | } |
3196 | |
3197 | #[unstable (feature = "ergonomic_clones" , issue = "132290" )] |
3198 | impl<T: ?Sized, A: Allocator + Clone> UseCloned for Weak<T, A> {} |
3199 | |
3200 | #[stable (feature = "downgraded_weak" , since = "1.10.0" )] |
3201 | impl<T> Default for Weak<T> { |
3202 | /// Constructs a new `Weak<T>`, without allocating memory. |
3203 | /// Calling [`upgrade`] on the return value always |
3204 | /// gives [`None`]. |
3205 | /// |
3206 | /// [`upgrade`]: Weak::upgrade |
3207 | /// |
3208 | /// # Examples |
3209 | /// |
3210 | /// ``` |
3211 | /// use std::sync::Weak; |
3212 | /// |
3213 | /// let empty: Weak<i64> = Default::default(); |
3214 | /// assert!(empty.upgrade().is_none()); |
3215 | /// ``` |
3216 | fn default() -> Weak<T> { |
3217 | Weak::new() |
3218 | } |
3219 | } |
3220 | |
3221 | #[stable (feature = "arc_weak" , since = "1.4.0" )] |
3222 | unsafe impl<#[may_dangle ] T: ?Sized, A: Allocator> Drop for Weak<T, A> { |
3223 | /// Drops the `Weak` pointer. |
3224 | /// |
3225 | /// # Examples |
3226 | /// |
3227 | /// ``` |
3228 | /// use std::sync::{Arc, Weak}; |
3229 | /// |
3230 | /// struct Foo; |
3231 | /// |
3232 | /// impl Drop for Foo { |
3233 | /// fn drop(&mut self) { |
3234 | /// println!("dropped!" ); |
3235 | /// } |
3236 | /// } |
3237 | /// |
3238 | /// let foo = Arc::new(Foo); |
3239 | /// let weak_foo = Arc::downgrade(&foo); |
3240 | /// let other_weak_foo = Weak::clone(&weak_foo); |
3241 | /// |
3242 | /// drop(weak_foo); // Doesn't print anything |
3243 | /// drop(foo); // Prints "dropped!" |
3244 | /// |
3245 | /// assert!(other_weak_foo.upgrade().is_none()); |
3246 | /// ``` |
3247 | fn drop(&mut self) { |
3248 | // If we find out that we were the last weak pointer, then its time to |
3249 | // deallocate the data entirely. See the discussion in Arc::drop() about |
3250 | // the memory orderings |
3251 | // |
3252 | // It's not necessary to check for the locked state here, because the |
3253 | // weak count can only be locked if there was precisely one weak ref, |
3254 | // meaning that drop could only subsequently run ON that remaining weak |
3255 | // ref, which can only happen after the lock is released. |
3256 | let inner = if let Some(inner) = self.inner() { inner } else { return }; |
3257 | |
3258 | if inner.weak.fetch_sub(1, Release) == 1 { |
3259 | acquire!(inner.weak); |
3260 | |
3261 | // Make sure we aren't trying to "deallocate" the shared static for empty slices |
3262 | // used by Default::default. |
3263 | debug_assert!( |
3264 | !ptr::addr_eq(self.ptr.as_ptr(), &STATIC_INNER_SLICE.inner), |
3265 | "Arc/Weaks backed by a static should never be deallocated. \ |
3266 | Likely decrement_strong_count or from_raw were called too many times." , |
3267 | ); |
3268 | |
3269 | unsafe { |
3270 | self.alloc.deallocate(self.ptr.cast(), Layout::for_value_raw(self.ptr.as_ptr())) |
3271 | } |
3272 | } |
3273 | } |
3274 | } |
3275 | |
3276 | #[stable (feature = "rust1" , since = "1.0.0" )] |
3277 | trait ArcEqIdent<T: ?Sized + PartialEq, A: Allocator> { |
3278 | fn eq(&self, other: &Arc<T, A>) -> bool; |
3279 | fn ne(&self, other: &Arc<T, A>) -> bool; |
3280 | } |
3281 | |
3282 | #[stable (feature = "rust1" , since = "1.0.0" )] |
3283 | impl<T: ?Sized + PartialEq, A: Allocator> ArcEqIdent<T, A> for Arc<T, A> { |
3284 | #[inline ] |
3285 | default fn eq(&self, other: &Arc<T, A>) -> bool { |
3286 | **self == **other |
3287 | } |
3288 | #[inline ] |
3289 | default fn ne(&self, other: &Arc<T, A>) -> bool { |
3290 | **self != **other |
3291 | } |
3292 | } |
3293 | |
3294 | /// We're doing this specialization here, and not as a more general optimization on `&T`, because it |
3295 | /// would otherwise add a cost to all equality checks on refs. We assume that `Arc`s are used to |
3296 | /// store large values, that are slow to clone, but also heavy to check for equality, causing this |
3297 | /// cost to pay off more easily. It's also more likely to have two `Arc` clones, that point to |
3298 | /// the same value, than two `&T`s. |
3299 | /// |
3300 | /// We can only do this when `T: Eq` as a `PartialEq` might be deliberately irreflexive. |
3301 | #[stable (feature = "rust1" , since = "1.0.0" )] |
3302 | impl<T: ?Sized + crate::rc::MarkerEq, A: Allocator> ArcEqIdent<T, A> for Arc<T, A> { |
3303 | #[inline ] |
3304 | fn eq(&self, other: &Arc<T, A>) -> bool { |
3305 | Arc::ptr_eq(self, other) || **self == **other |
3306 | } |
3307 | |
3308 | #[inline ] |
3309 | fn ne(&self, other: &Arc<T, A>) -> bool { |
3310 | !Arc::ptr_eq(self, other) && **self != **other |
3311 | } |
3312 | } |
3313 | |
3314 | #[stable (feature = "rust1" , since = "1.0.0" )] |
3315 | impl<T: ?Sized + PartialEq, A: Allocator> PartialEq for Arc<T, A> { |
3316 | /// Equality for two `Arc`s. |
3317 | /// |
3318 | /// Two `Arc`s are equal if their inner values are equal, even if they are |
3319 | /// stored in different allocation. |
3320 | /// |
3321 | /// If `T` also implements `Eq` (implying reflexivity of equality), |
3322 | /// two `Arc`s that point to the same allocation are always equal. |
3323 | /// |
3324 | /// # Examples |
3325 | /// |
3326 | /// ``` |
3327 | /// use std::sync::Arc; |
3328 | /// |
3329 | /// let five = Arc::new(5); |
3330 | /// |
3331 | /// assert!(five == Arc::new(5)); |
3332 | /// ``` |
3333 | #[inline ] |
3334 | fn eq(&self, other: &Arc<T, A>) -> bool { |
3335 | ArcEqIdent::eq(self, other) |
3336 | } |
3337 | |
3338 | /// Inequality for two `Arc`s. |
3339 | /// |
3340 | /// Two `Arc`s are not equal if their inner values are not equal. |
3341 | /// |
3342 | /// If `T` also implements `Eq` (implying reflexivity of equality), |
3343 | /// two `Arc`s that point to the same value are always equal. |
3344 | /// |
3345 | /// # Examples |
3346 | /// |
3347 | /// ``` |
3348 | /// use std::sync::Arc; |
3349 | /// |
3350 | /// let five = Arc::new(5); |
3351 | /// |
3352 | /// assert!(five != Arc::new(6)); |
3353 | /// ``` |
3354 | #[inline ] |
3355 | fn ne(&self, other: &Arc<T, A>) -> bool { |
3356 | ArcEqIdent::ne(self, other) |
3357 | } |
3358 | } |
3359 | |
3360 | #[stable (feature = "rust1" , since = "1.0.0" )] |
3361 | impl<T: ?Sized + PartialOrd, A: Allocator> PartialOrd for Arc<T, A> { |
3362 | /// Partial comparison for two `Arc`s. |
3363 | /// |
3364 | /// The two are compared by calling `partial_cmp()` on their inner values. |
3365 | /// |
3366 | /// # Examples |
3367 | /// |
3368 | /// ``` |
3369 | /// use std::sync::Arc; |
3370 | /// use std::cmp::Ordering; |
3371 | /// |
3372 | /// let five = Arc::new(5); |
3373 | /// |
3374 | /// assert_eq!(Some(Ordering::Less), five.partial_cmp(&Arc::new(6))); |
3375 | /// ``` |
3376 | fn partial_cmp(&self, other: &Arc<T, A>) -> Option<Ordering> { |
3377 | (**self).partial_cmp(&**other) |
3378 | } |
3379 | |
3380 | /// Less-than comparison for two `Arc`s. |
3381 | /// |
3382 | /// The two are compared by calling `<` on their inner values. |
3383 | /// |
3384 | /// # Examples |
3385 | /// |
3386 | /// ``` |
3387 | /// use std::sync::Arc; |
3388 | /// |
3389 | /// let five = Arc::new(5); |
3390 | /// |
3391 | /// assert!(five < Arc::new(6)); |
3392 | /// ``` |
3393 | fn lt(&self, other: &Arc<T, A>) -> bool { |
3394 | *(*self) < *(*other) |
3395 | } |
3396 | |
3397 | /// 'Less than or equal to' comparison for two `Arc`s. |
3398 | /// |
3399 | /// The two are compared by calling `<=` on their inner values. |
3400 | /// |
3401 | /// # Examples |
3402 | /// |
3403 | /// ``` |
3404 | /// use std::sync::Arc; |
3405 | /// |
3406 | /// let five = Arc::new(5); |
3407 | /// |
3408 | /// assert!(five <= Arc::new(5)); |
3409 | /// ``` |
3410 | fn le(&self, other: &Arc<T, A>) -> bool { |
3411 | *(*self) <= *(*other) |
3412 | } |
3413 | |
3414 | /// Greater-than comparison for two `Arc`s. |
3415 | /// |
3416 | /// The two are compared by calling `>` on their inner values. |
3417 | /// |
3418 | /// # Examples |
3419 | /// |
3420 | /// ``` |
3421 | /// use std::sync::Arc; |
3422 | /// |
3423 | /// let five = Arc::new(5); |
3424 | /// |
3425 | /// assert!(five > Arc::new(4)); |
3426 | /// ``` |
3427 | fn gt(&self, other: &Arc<T, A>) -> bool { |
3428 | *(*self) > *(*other) |
3429 | } |
3430 | |
3431 | /// 'Greater than or equal to' comparison for two `Arc`s. |
3432 | /// |
3433 | /// The two are compared by calling `>=` on their inner values. |
3434 | /// |
3435 | /// # Examples |
3436 | /// |
3437 | /// ``` |
3438 | /// use std::sync::Arc; |
3439 | /// |
3440 | /// let five = Arc::new(5); |
3441 | /// |
3442 | /// assert!(five >= Arc::new(5)); |
3443 | /// ``` |
3444 | fn ge(&self, other: &Arc<T, A>) -> bool { |
3445 | *(*self) >= *(*other) |
3446 | } |
3447 | } |
3448 | #[stable (feature = "rust1" , since = "1.0.0" )] |
3449 | impl<T: ?Sized + Ord, A: Allocator> Ord for Arc<T, A> { |
3450 | /// Comparison for two `Arc`s. |
3451 | /// |
3452 | /// The two are compared by calling `cmp()` on their inner values. |
3453 | /// |
3454 | /// # Examples |
3455 | /// |
3456 | /// ``` |
3457 | /// use std::sync::Arc; |
3458 | /// use std::cmp::Ordering; |
3459 | /// |
3460 | /// let five = Arc::new(5); |
3461 | /// |
3462 | /// assert_eq!(Ordering::Less, five.cmp(&Arc::new(6))); |
3463 | /// ``` |
3464 | fn cmp(&self, other: &Arc<T, A>) -> Ordering { |
3465 | (**self).cmp(&**other) |
3466 | } |
3467 | } |
3468 | #[stable (feature = "rust1" , since = "1.0.0" )] |
3469 | impl<T: ?Sized + Eq, A: Allocator> Eq for Arc<T, A> {} |
3470 | |
3471 | #[stable (feature = "rust1" , since = "1.0.0" )] |
3472 | impl<T: ?Sized + fmt::Display, A: Allocator> fmt::Display for Arc<T, A> { |
3473 | fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { |
3474 | fmt::Display::fmt(&**self, f) |
3475 | } |
3476 | } |
3477 | |
3478 | #[stable (feature = "rust1" , since = "1.0.0" )] |
3479 | impl<T: ?Sized + fmt::Debug, A: Allocator> fmt::Debug for Arc<T, A> { |
3480 | fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { |
3481 | fmt::Debug::fmt(&**self, f) |
3482 | } |
3483 | } |
3484 | |
3485 | #[stable (feature = "rust1" , since = "1.0.0" )] |
3486 | impl<T: ?Sized, A: Allocator> fmt::Pointer for Arc<T, A> { |
3487 | fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { |
3488 | fmt::Pointer::fmt(&(&raw const **self), f) |
3489 | } |
3490 | } |
3491 | |
3492 | #[cfg (not(no_global_oom_handling))] |
3493 | #[stable (feature = "rust1" , since = "1.0.0" )] |
3494 | impl<T: Default> Default for Arc<T> { |
3495 | /// Creates a new `Arc<T>`, with the `Default` value for `T`. |
3496 | /// |
3497 | /// # Examples |
3498 | /// |
3499 | /// ``` |
3500 | /// use std::sync::Arc; |
3501 | /// |
3502 | /// let x: Arc<i32> = Default::default(); |
3503 | /// assert_eq!(*x, 0); |
3504 | /// ``` |
3505 | fn default() -> Arc<T> { |
3506 | unsafe { |
3507 | Self::from_inner( |
3508 | Box::leak(Box::write( |
3509 | Box::new_uninit(), |
3510 | ArcInner { |
3511 | strong: atomic::AtomicUsize::new(1), |
3512 | weak: atomic::AtomicUsize::new(1), |
3513 | data: T::default(), |
3514 | }, |
3515 | )) |
3516 | .into(), |
3517 | ) |
3518 | } |
3519 | } |
3520 | } |
3521 | |
3522 | /// Struct to hold the static `ArcInner` used for empty `Arc<str/CStr/[T]>` as |
3523 | /// returned by `Default::default`. |
3524 | /// |
3525 | /// Layout notes: |
3526 | /// * `repr(align(16))` so we can use it for `[T]` with `align_of::<T>() <= 16`. |
3527 | /// * `repr(C)` so `inner` is at offset 0 (and thus guaranteed to actually be aligned to 16). |
3528 | /// * `[u8; 1]` (to be initialized with 0) so it can be used for `Arc<CStr>`. |
3529 | #[repr (C, align(16))] |
3530 | struct SliceArcInnerForStatic { |
3531 | inner: ArcInner<[u8; 1]>, |
3532 | } |
3533 | #[cfg (not(no_global_oom_handling))] |
3534 | const MAX_STATIC_INNER_SLICE_ALIGNMENT: usize = 16; |
3535 | |
3536 | static STATIC_INNER_SLICE: SliceArcInnerForStatic = SliceArcInnerForStatic { |
3537 | inner: ArcInner { |
3538 | strong: atomic::AtomicUsize::new(1), |
3539 | weak: atomic::AtomicUsize::new(1), |
3540 | data: [0], |
3541 | }, |
3542 | }; |
3543 | |
3544 | #[cfg (not(no_global_oom_handling))] |
3545 | #[stable (feature = "more_rc_default_impls" , since = "1.80.0" )] |
3546 | impl Default for Arc<str> { |
3547 | /// Creates an empty str inside an Arc |
3548 | /// |
3549 | /// This may or may not share an allocation with other Arcs. |
3550 | #[inline ] |
3551 | fn default() -> Self { |
3552 | let arc: Arc<[u8]> = Default::default(); |
3553 | debug_assert!(core::str::from_utf8(&*arc).is_ok()); |
3554 | let (ptr: NonNull>, alloc: Global) = Arc::into_inner_with_allocator(this:arc); |
3555 | unsafe { Arc::from_ptr_in(ptr.as_ptr() as *mut ArcInner<str>, alloc) } |
3556 | } |
3557 | } |
3558 | |
3559 | #[cfg (not(no_global_oom_handling))] |
3560 | #[stable (feature = "more_rc_default_impls" , since = "1.80.0" )] |
3561 | impl Default for Arc<core::ffi::CStr> { |
3562 | /// Creates an empty CStr inside an Arc |
3563 | /// |
3564 | /// This may or may not share an allocation with other Arcs. |
3565 | #[inline ] |
3566 | fn default() -> Self { |
3567 | use core::ffi::CStr; |
3568 | let inner: NonNull<ArcInner<[u8]>> = NonNull::from(&STATIC_INNER_SLICE.inner); |
3569 | let inner: NonNull<ArcInner<CStr>> = |
3570 | NonNull::new(inner.as_ptr() as *mut ArcInner<CStr>).unwrap(); |
3571 | // `this` semantically is the Arc "owned" by the static, so make sure not to drop it. |
3572 | let this: mem::ManuallyDrop<Arc<CStr>> = |
3573 | unsafe { mem::ManuallyDrop::new(Arc::from_inner(ptr:inner)) }; |
3574 | (*this).clone() |
3575 | } |
3576 | } |
3577 | |
3578 | #[cfg (not(no_global_oom_handling))] |
3579 | #[stable (feature = "more_rc_default_impls" , since = "1.80.0" )] |
3580 | impl<T> Default for Arc<[T]> { |
3581 | /// Creates an empty `[T]` inside an Arc |
3582 | /// |
3583 | /// This may or may not share an allocation with other Arcs. |
3584 | #[inline ] |
3585 | fn default() -> Self { |
3586 | if align_of::<T>() <= MAX_STATIC_INNER_SLICE_ALIGNMENT { |
3587 | // We take a reference to the whole struct instead of the ArcInner<[u8; 1]> inside it so |
3588 | // we don't shrink the range of bytes the ptr is allowed to access under Stacked Borrows. |
3589 | // (Miri complains on 32-bit targets with Arc<[Align16]> otherwise.) |
3590 | // (Note that NonNull::from(&STATIC_INNER_SLICE.inner) is fine under Tree Borrows.) |
3591 | let inner: NonNull<SliceArcInnerForStatic> = NonNull::from(&STATIC_INNER_SLICE); |
3592 | let inner: NonNull<ArcInner<[T; 0]>> = inner.cast(); |
3593 | // `this` semantically is the Arc "owned" by the static, so make sure not to drop it. |
3594 | let this: mem::ManuallyDrop<Arc<[T; 0]>> = |
3595 | unsafe { mem::ManuallyDrop::new(Arc::from_inner(ptr:inner)) }; |
3596 | return (*this).clone(); |
3597 | } |
3598 | |
3599 | // If T's alignment is too large for the static, make a new unique allocation. |
3600 | let arr: [T; 0] = []; |
3601 | Arc::from(arr) |
3602 | } |
3603 | } |
3604 | |
3605 | #[stable (feature = "rust1" , since = "1.0.0" )] |
3606 | impl<T: ?Sized + Hash, A: Allocator> Hash for Arc<T, A> { |
3607 | fn hash<H: Hasher>(&self, state: &mut H) { |
3608 | (**self).hash(state) |
3609 | } |
3610 | } |
3611 | |
3612 | #[cfg (not(no_global_oom_handling))] |
3613 | #[stable (feature = "from_for_ptrs" , since = "1.6.0" )] |
3614 | impl<T> From<T> for Arc<T> { |
3615 | /// Converts a `T` into an `Arc<T>` |
3616 | /// |
3617 | /// The conversion moves the value into a |
3618 | /// newly allocated `Arc`. It is equivalent to |
3619 | /// calling `Arc::new(t)`. |
3620 | /// |
3621 | /// # Example |
3622 | /// ```rust |
3623 | /// # use std::sync::Arc; |
3624 | /// let x = 5; |
3625 | /// let arc = Arc::new(5); |
3626 | /// |
3627 | /// assert_eq!(Arc::from(x), arc); |
3628 | /// ``` |
3629 | fn from(t: T) -> Self { |
3630 | Arc::new(data:t) |
3631 | } |
3632 | } |
3633 | |
3634 | #[cfg (not(no_global_oom_handling))] |
3635 | #[stable (feature = "shared_from_array" , since = "1.74.0" )] |
3636 | impl<T, const N: usize> From<[T; N]> for Arc<[T]> { |
3637 | /// Converts a [`[T; N]`](prim@array) into an `Arc<[T]>`. |
3638 | /// |
3639 | /// The conversion moves the array into a newly allocated `Arc`. |
3640 | /// |
3641 | /// # Example |
3642 | /// |
3643 | /// ``` |
3644 | /// # use std::sync::Arc; |
3645 | /// let original: [i32; 3] = [1, 2, 3]; |
3646 | /// let shared: Arc<[i32]> = Arc::from(original); |
3647 | /// assert_eq!(&[1, 2, 3], &shared[..]); |
3648 | /// ``` |
3649 | #[inline ] |
3650 | fn from(v: [T; N]) -> Arc<[T]> { |
3651 | Arc::<[T; N]>::from(v) |
3652 | } |
3653 | } |
3654 | |
3655 | #[cfg (not(no_global_oom_handling))] |
3656 | #[stable (feature = "shared_from_slice" , since = "1.21.0" )] |
3657 | impl<T: Clone> From<&[T]> for Arc<[T]> { |
3658 | /// Allocates a reference-counted slice and fills it by cloning `v`'s items. |
3659 | /// |
3660 | /// # Example |
3661 | /// |
3662 | /// ``` |
3663 | /// # use std::sync::Arc; |
3664 | /// let original: &[i32] = &[1, 2, 3]; |
3665 | /// let shared: Arc<[i32]> = Arc::from(original); |
3666 | /// assert_eq!(&[1, 2, 3], &shared[..]); |
3667 | /// ``` |
3668 | #[inline ] |
3669 | fn from(v: &[T]) -> Arc<[T]> { |
3670 | <Self as ArcFromSlice<T>>::from_slice(v) |
3671 | } |
3672 | } |
3673 | |
3674 | #[cfg (not(no_global_oom_handling))] |
3675 | #[stable (feature = "shared_from_mut_slice" , since = "1.84.0" )] |
3676 | impl<T: Clone> From<&mut [T]> for Arc<[T]> { |
3677 | /// Allocates a reference-counted slice and fills it by cloning `v`'s items. |
3678 | /// |
3679 | /// # Example |
3680 | /// |
3681 | /// ``` |
3682 | /// # use std::sync::Arc; |
3683 | /// let mut original = [1, 2, 3]; |
3684 | /// let original: &mut [i32] = &mut original; |
3685 | /// let shared: Arc<[i32]> = Arc::from(original); |
3686 | /// assert_eq!(&[1, 2, 3], &shared[..]); |
3687 | /// ``` |
3688 | #[inline ] |
3689 | fn from(v: &mut [T]) -> Arc<[T]> { |
3690 | Arc::from(&*v) |
3691 | } |
3692 | } |
3693 | |
3694 | #[cfg (not(no_global_oom_handling))] |
3695 | #[stable (feature = "shared_from_slice" , since = "1.21.0" )] |
3696 | impl From<&str> for Arc<str> { |
3697 | /// Allocates a reference-counted `str` and copies `v` into it. |
3698 | /// |
3699 | /// # Example |
3700 | /// |
3701 | /// ``` |
3702 | /// # use std::sync::Arc; |
3703 | /// let shared: Arc<str> = Arc::from("eggplant" ); |
3704 | /// assert_eq!("eggplant" , &shared[..]); |
3705 | /// ``` |
3706 | #[inline ] |
3707 | fn from(v: &str) -> Arc<str> { |
3708 | let arc: Arc<[u8]> = Arc::<[u8]>::from(v.as_bytes()); |
3709 | unsafe { Arc::from_raw(ptr:Arc::into_raw(this:arc) as *const str) } |
3710 | } |
3711 | } |
3712 | |
3713 | #[cfg (not(no_global_oom_handling))] |
3714 | #[stable (feature = "shared_from_mut_slice" , since = "1.84.0" )] |
3715 | impl From<&mut str> for Arc<str> { |
3716 | /// Allocates a reference-counted `str` and copies `v` into it. |
3717 | /// |
3718 | /// # Example |
3719 | /// |
3720 | /// ``` |
3721 | /// # use std::sync::Arc; |
3722 | /// let mut original = String::from("eggplant" ); |
3723 | /// let original: &mut str = &mut original; |
3724 | /// let shared: Arc<str> = Arc::from(original); |
3725 | /// assert_eq!("eggplant" , &shared[..]); |
3726 | /// ``` |
3727 | #[inline ] |
3728 | fn from(v: &mut str) -> Arc<str> { |
3729 | Arc::from(&*v) |
3730 | } |
3731 | } |
3732 | |
3733 | #[cfg (not(no_global_oom_handling))] |
3734 | #[stable (feature = "shared_from_slice" , since = "1.21.0" )] |
3735 | impl From<String> for Arc<str> { |
3736 | /// Allocates a reference-counted `str` and copies `v` into it. |
3737 | /// |
3738 | /// # Example |
3739 | /// |
3740 | /// ``` |
3741 | /// # use std::sync::Arc; |
3742 | /// let unique: String = "eggplant" .to_owned(); |
3743 | /// let shared: Arc<str> = Arc::from(unique); |
3744 | /// assert_eq!("eggplant" , &shared[..]); |
3745 | /// ``` |
3746 | #[inline ] |
3747 | fn from(v: String) -> Arc<str> { |
3748 | Arc::from(&v[..]) |
3749 | } |
3750 | } |
3751 | |
3752 | #[cfg (not(no_global_oom_handling))] |
3753 | #[stable (feature = "shared_from_slice" , since = "1.21.0" )] |
3754 | impl<T: ?Sized, A: Allocator> From<Box<T, A>> for Arc<T, A> { |
3755 | /// Move a boxed object to a new, reference-counted allocation. |
3756 | /// |
3757 | /// # Example |
3758 | /// |
3759 | /// ``` |
3760 | /// # use std::sync::Arc; |
3761 | /// let unique: Box<str> = Box::from("eggplant" ); |
3762 | /// let shared: Arc<str> = Arc::from(unique); |
3763 | /// assert_eq!("eggplant" , &shared[..]); |
3764 | /// ``` |
3765 | #[inline ] |
3766 | fn from(v: Box<T, A>) -> Arc<T, A> { |
3767 | Arc::from_box_in(src:v) |
3768 | } |
3769 | } |
3770 | |
3771 | #[cfg (not(no_global_oom_handling))] |
3772 | #[stable (feature = "shared_from_slice" , since = "1.21.0" )] |
3773 | impl<T, A: Allocator + Clone> From<Vec<T, A>> for Arc<[T], A> { |
3774 | /// Allocates a reference-counted slice and moves `v`'s items into it. |
3775 | /// |
3776 | /// # Example |
3777 | /// |
3778 | /// ``` |
3779 | /// # use std::sync::Arc; |
3780 | /// let unique: Vec<i32> = vec![1, 2, 3]; |
3781 | /// let shared: Arc<[i32]> = Arc::from(unique); |
3782 | /// assert_eq!(&[1, 2, 3], &shared[..]); |
3783 | /// ``` |
3784 | #[inline ] |
3785 | fn from(v: Vec<T, A>) -> Arc<[T], A> { |
3786 | unsafe { |
3787 | let (vec_ptr, len, cap, alloc) = v.into_raw_parts_with_alloc(); |
3788 | |
3789 | let rc_ptr = Self::allocate_for_slice_in(len, &alloc); |
3790 | ptr::copy_nonoverlapping(vec_ptr, (&raw mut (*rc_ptr).data) as *mut T, len); |
3791 | |
3792 | // Create a `Vec<T, &A>` with length 0, to deallocate the buffer |
3793 | // without dropping its contents or the allocator |
3794 | let _ = Vec::from_raw_parts_in(vec_ptr, 0, cap, &alloc); |
3795 | |
3796 | Self::from_ptr_in(rc_ptr, alloc) |
3797 | } |
3798 | } |
3799 | } |
3800 | |
3801 | #[stable (feature = "shared_from_cow" , since = "1.45.0" )] |
3802 | impl<'a, B> From<Cow<'a, B>> for Arc<B> |
3803 | where |
3804 | B: ToOwned + ?Sized, |
3805 | Arc<B>: From<&'a B> + From<B::Owned>, |
3806 | { |
3807 | /// Creates an atomically reference-counted pointer from a clone-on-write |
3808 | /// pointer by copying its content. |
3809 | /// |
3810 | /// # Example |
3811 | /// |
3812 | /// ```rust |
3813 | /// # use std::sync::Arc; |
3814 | /// # use std::borrow::Cow; |
3815 | /// let cow: Cow<'_, str> = Cow::Borrowed("eggplant" ); |
3816 | /// let shared: Arc<str> = Arc::from(cow); |
3817 | /// assert_eq!("eggplant" , &shared[..]); |
3818 | /// ``` |
3819 | #[inline ] |
3820 | fn from(cow: Cow<'a, B>) -> Arc<B> { |
3821 | match cow { |
3822 | Cow::Borrowed(s: &B) => Arc::from(s), |
3823 | Cow::Owned(s: ::Owned) => Arc::from(s), |
3824 | } |
3825 | } |
3826 | } |
3827 | |
3828 | #[stable (feature = "shared_from_str" , since = "1.62.0" )] |
3829 | impl From<Arc<str>> for Arc<[u8]> { |
3830 | /// Converts an atomically reference-counted string slice into a byte slice. |
3831 | /// |
3832 | /// # Example |
3833 | /// |
3834 | /// ``` |
3835 | /// # use std::sync::Arc; |
3836 | /// let string: Arc<str> = Arc::from("eggplant" ); |
3837 | /// let bytes: Arc<[u8]> = Arc::from(string); |
3838 | /// assert_eq!("eggplant" .as_bytes(), bytes.as_ref()); |
3839 | /// ``` |
3840 | #[inline ] |
3841 | fn from(rc: Arc<str>) -> Self { |
3842 | // SAFETY: `str` has the same layout as `[u8]`. |
3843 | unsafe { Arc::from_raw(ptr:Arc::into_raw(this:rc) as *const [u8]) } |
3844 | } |
3845 | } |
3846 | |
3847 | #[stable (feature = "boxed_slice_try_from" , since = "1.43.0" )] |
3848 | impl<T, A: Allocator, const N: usize> TryFrom<Arc<[T], A>> for Arc<[T; N], A> { |
3849 | type Error = Arc<[T], A>; |
3850 | |
3851 | fn try_from(boxed_slice: Arc<[T], A>) -> Result<Self, Self::Error> { |
3852 | if boxed_slice.len() == N { |
3853 | let (ptr: NonNull>, alloc: A) = Arc::into_inner_with_allocator(this:boxed_slice); |
3854 | Ok(unsafe { Arc::from_inner_in(ptr.cast(), alloc) }) |
3855 | } else { |
3856 | Err(boxed_slice) |
3857 | } |
3858 | } |
3859 | } |
3860 | |
3861 | #[cfg (not(no_global_oom_handling))] |
3862 | #[stable (feature = "shared_from_iter" , since = "1.37.0" )] |
3863 | impl<T> FromIterator<T> for Arc<[T]> { |
3864 | /// Takes each element in the `Iterator` and collects it into an `Arc<[T]>`. |
3865 | /// |
3866 | /// # Performance characteristics |
3867 | /// |
3868 | /// ## The general case |
3869 | /// |
3870 | /// In the general case, collecting into `Arc<[T]>` is done by first |
3871 | /// collecting into a `Vec<T>`. That is, when writing the following: |
3872 | /// |
3873 | /// ```rust |
3874 | /// # use std::sync::Arc; |
3875 | /// let evens: Arc<[u8]> = (0..10).filter(|&x| x % 2 == 0).collect(); |
3876 | /// # assert_eq!(&*evens, &[0, 2, 4, 6, 8]); |
3877 | /// ``` |
3878 | /// |
3879 | /// this behaves as if we wrote: |
3880 | /// |
3881 | /// ```rust |
3882 | /// # use std::sync::Arc; |
3883 | /// let evens: Arc<[u8]> = (0..10).filter(|&x| x % 2 == 0) |
3884 | /// .collect::<Vec<_>>() // The first set of allocations happens here. |
3885 | /// .into(); // A second allocation for `Arc<[T]>` happens here. |
3886 | /// # assert_eq!(&*evens, &[0, 2, 4, 6, 8]); |
3887 | /// ``` |
3888 | /// |
3889 | /// This will allocate as many times as needed for constructing the `Vec<T>` |
3890 | /// and then it will allocate once for turning the `Vec<T>` into the `Arc<[T]>`. |
3891 | /// |
3892 | /// ## Iterators of known length |
3893 | /// |
3894 | /// When your `Iterator` implements `TrustedLen` and is of an exact size, |
3895 | /// a single allocation will be made for the `Arc<[T]>`. For example: |
3896 | /// |
3897 | /// ```rust |
3898 | /// # use std::sync::Arc; |
3899 | /// let evens: Arc<[u8]> = (0..10).collect(); // Just a single allocation happens here. |
3900 | /// # assert_eq!(&*evens, &*(0..10).collect::<Vec<_>>()); |
3901 | /// ``` |
3902 | fn from_iter<I: IntoIterator<Item = T>>(iter: I) -> Self { |
3903 | ToArcSlice::to_arc_slice(iter.into_iter()) |
3904 | } |
3905 | } |
3906 | |
3907 | #[cfg (not(no_global_oom_handling))] |
3908 | /// Specialization trait used for collecting into `Arc<[T]>`. |
3909 | trait ToArcSlice<T>: Iterator<Item = T> + Sized { |
3910 | fn to_arc_slice(self) -> Arc<[T]>; |
3911 | } |
3912 | |
3913 | #[cfg (not(no_global_oom_handling))] |
3914 | impl<T, I: Iterator<Item = T>> ToArcSlice<T> for I { |
3915 | default fn to_arc_slice(self) -> Arc<[T]> { |
3916 | self.collect::<Vec<T>>().into() |
3917 | } |
3918 | } |
3919 | |
3920 | #[cfg (not(no_global_oom_handling))] |
3921 | impl<T, I: iter::TrustedLen<Item = T>> ToArcSlice<T> for I { |
3922 | fn to_arc_slice(self) -> Arc<[T]> { |
3923 | // This is the case for a `TrustedLen` iterator. |
3924 | let (low, high) = self.size_hint(); |
3925 | if let Some(high) = high { |
3926 | debug_assert_eq!( |
3927 | low, |
3928 | high, |
3929 | "TrustedLen iterator's size hint is not exact: {:?}" , |
3930 | (low, high) |
3931 | ); |
3932 | |
3933 | unsafe { |
3934 | // SAFETY: We need to ensure that the iterator has an exact length and we have. |
3935 | Arc::from_iter_exact(self, low) |
3936 | } |
3937 | } else { |
3938 | // TrustedLen contract guarantees that `upper_bound == None` implies an iterator |
3939 | // length exceeding `usize::MAX`. |
3940 | // The default implementation would collect into a vec which would panic. |
3941 | // Thus we panic here immediately without invoking `Vec` code. |
3942 | panic!("capacity overflow" ); |
3943 | } |
3944 | } |
3945 | } |
3946 | |
3947 | #[stable (feature = "rust1" , since = "1.0.0" )] |
3948 | impl<T: ?Sized, A: Allocator> borrow::Borrow<T> for Arc<T, A> { |
3949 | fn borrow(&self) -> &T { |
3950 | &**self |
3951 | } |
3952 | } |
3953 | |
3954 | #[stable (since = "1.5.0" , feature = "smart_ptr_as_ref" )] |
3955 | impl<T: ?Sized, A: Allocator> AsRef<T> for Arc<T, A> { |
3956 | fn as_ref(&self) -> &T { |
3957 | &**self |
3958 | } |
3959 | } |
3960 | |
3961 | #[stable (feature = "pin" , since = "1.33.0" )] |
3962 | impl<T: ?Sized, A: Allocator> Unpin for Arc<T, A> {} |
3963 | |
3964 | /// Gets the offset within an `ArcInner` for the payload behind a pointer. |
3965 | /// |
3966 | /// # Safety |
3967 | /// |
3968 | /// The pointer must point to (and have valid metadata for) a previously |
3969 | /// valid instance of T, but the T is allowed to be dropped. |
3970 | unsafe fn data_offset<T: ?Sized>(ptr: *const T) -> usize { |
3971 | // Align the unsized value to the end of the ArcInner. |
3972 | // Because RcInner is repr(C), it will always be the last field in memory. |
3973 | // SAFETY: since the only unsized types possible are slices, trait objects, |
3974 | // and extern types, the input safety requirement is currently enough to |
3975 | // satisfy the requirements of align_of_val_raw; this is an implementation |
3976 | // detail of the language that must not be relied upon outside of std. |
3977 | unsafe { data_offset_align(align_of_val_raw(val:ptr)) } |
3978 | } |
3979 | |
3980 | #[inline ] |
3981 | fn data_offset_align(align: usize) -> usize { |
3982 | let layout: Layout = Layout::new::<ArcInner<()>>(); |
3983 | layout.size() + layout.padding_needed_for(align) |
3984 | } |
3985 | |
3986 | /// A unique owning pointer to an [`ArcInner`] **that does not imply the contents are initialized,** |
3987 | /// but will deallocate it (without dropping the value) when dropped. |
3988 | /// |
3989 | /// This is a helper for [`Arc::make_mut()`] to ensure correct cleanup on panic. |
3990 | #[cfg (not(no_global_oom_handling))] |
3991 | struct UniqueArcUninit<T: ?Sized, A: Allocator> { |
3992 | ptr: NonNull<ArcInner<T>>, |
3993 | layout_for_value: Layout, |
3994 | alloc: Option<A>, |
3995 | } |
3996 | |
3997 | #[cfg (not(no_global_oom_handling))] |
3998 | impl<T: ?Sized, A: Allocator> UniqueArcUninit<T, A> { |
3999 | /// Allocates an ArcInner with layout suitable to contain `for_value` or a clone of it. |
4000 | fn new(for_value: &T, alloc: A) -> UniqueArcUninit<T, A> { |
4001 | let layout = Layout::for_value(for_value); |
4002 | let ptr = unsafe { |
4003 | Arc::allocate_for_layout( |
4004 | layout, |
4005 | |layout_for_arcinner| alloc.allocate(layout_for_arcinner), |
4006 | |mem| mem.with_metadata_of(ptr::from_ref(for_value) as *const ArcInner<T>), |
4007 | ) |
4008 | }; |
4009 | Self { ptr: NonNull::new(ptr).unwrap(), layout_for_value: layout, alloc: Some(alloc) } |
4010 | } |
4011 | |
4012 | /// Returns the pointer to be written into to initialize the [`Arc`]. |
4013 | fn data_ptr(&mut self) -> *mut T { |
4014 | let offset = data_offset_align(self.layout_for_value.align()); |
4015 | unsafe { self.ptr.as_ptr().byte_add(offset) as *mut T } |
4016 | } |
4017 | |
4018 | /// Upgrade this into a normal [`Arc`]. |
4019 | /// |
4020 | /// # Safety |
4021 | /// |
4022 | /// The data must have been initialized (by writing to [`Self::data_ptr()`]). |
4023 | unsafe fn into_arc(self) -> Arc<T, A> { |
4024 | let mut this = ManuallyDrop::new(self); |
4025 | let ptr = this.ptr.as_ptr(); |
4026 | let alloc = this.alloc.take().unwrap(); |
4027 | |
4028 | // SAFETY: The pointer is valid as per `UniqueArcUninit::new`, and the caller is responsible |
4029 | // for having initialized the data. |
4030 | unsafe { Arc::from_ptr_in(ptr, alloc) } |
4031 | } |
4032 | } |
4033 | |
4034 | #[cfg (not(no_global_oom_handling))] |
4035 | impl<T: ?Sized, A: Allocator> Drop for UniqueArcUninit<T, A> { |
4036 | fn drop(&mut self) { |
4037 | // SAFETY: |
4038 | // * new() produced a pointer safe to deallocate. |
4039 | // * We own the pointer unless into_arc() was called, which forgets us. |
4040 | unsafe { |
4041 | self.alloc.take().unwrap().deallocate( |
4042 | self.ptr.cast(), |
4043 | arcinner_layout_for_value_layout(self.layout_for_value), |
4044 | ); |
4045 | } |
4046 | } |
4047 | } |
4048 | |
4049 | #[stable (feature = "arc_error" , since = "1.52.0" )] |
4050 | impl<T: core::error::Error + ?Sized> core::error::Error for Arc<T> { |
4051 | #[allow (deprecated, deprecated_in_future)] |
4052 | fn description(&self) -> &str { |
4053 | core::error::Error::description(&**self) |
4054 | } |
4055 | |
4056 | #[allow (deprecated)] |
4057 | fn cause(&self) -> Option<&dyn core::error::Error> { |
4058 | core::error::Error::cause(&**self) |
4059 | } |
4060 | |
4061 | fn source(&self) -> Option<&(dyn core::error::Error + 'static)> { |
4062 | core::error::Error::source(&**self) |
4063 | } |
4064 | |
4065 | fn provide<'a>(&'a self, req: &mut core::error::Request<'a>) { |
4066 | core::error::Error::provide(&**self, request:req); |
4067 | } |
4068 | } |
4069 | |