mod.rs source code [crates/core/src/mem/mod.rs]

1	//! Basic functions for dealing with memory.
2	//!
3	//! This module contains functions for querying the size and alignment of
4	//! types, initializing and manipulating memory.
5
6	#![stable(feature = "rust1", since = "1.0.0")]
7
8	use crate::clone;
9	use crate::cmp;
10	use crate::fmt;
11	use crate::hash;
12	use crate::intrinsics;
13	use crate::marker::DiscriminantKind;
14	use crate::ptr;
15
16	mod manually_drop;
17	#[stable(feature = "manually_drop", since = "1.20.0")]
18	pub use manually_drop::ManuallyDrop;
19
20	mod maybe_uninit;
21	#[stable(feature = "maybe_uninit", since = "1.36.0")]
22	pub use maybe_uninit::MaybeUninit;
23
24	mod transmutability;
25	#[unstable(feature = "transmutability", issue = "99571")]
26	pub use transmutability::{Assume, BikeshedIntrinsicFrom};
27
28	#[stable(feature = "rust1", since = "1.0.0")]
29	#[doc(inline)]
30	pub use crate::intrinsics::transmute;
31
32	/// Takes ownership and "forgets" about the value without running its destructor.
33	///
34	/// Any resources the value manages, such as heap memory or a file handle, will linger
35	/// forever in an unreachable state. However, it does not guarantee that pointers
36	/// to this memory will remain valid.
37	///
38	/// If you want to leak memory, see [`Box::leak`].*
39	/// If you want to obtain a raw pointer to the memory, see [`Box::into_raw`].*
40	/// If you want to dispose of a value properly, running its destructor, see*
41	/// [`mem::drop`].
42	///
43	/// # Safety
44	///
45	/// `forget` is not marked as `unsafe`, because Rust's safety guarantees
46	/// do not include a guarantee that destructors will always run. For example,
47	/// a program can create a reference cycle using [`Rc`][rc], or call
48	/// [`process::exit`][exit] to exit without running destructors. Thus, allowing
49	/// `mem::forget` from safe code does not fundamentally change Rust's safety
50	/// guarantees.
51	///
52	/// That said, leaking resources such as memory or I/O objects is usually undesirable.
53	/// The need comes up in some specialized use cases for FFI or unsafe code, but even
54	/// then, [`ManuallyDrop`] is typically preferred.
55	///
56	/// Because forgetting a value is allowed, any `unsafe` code you write must
57	/// allow for this possibility. You cannot return a value and expect that the
58	/// caller will necessarily run the value's destructor.
59	///
60	/// [rc]: ../../std/rc/struct.Rc.html
61	/// [exit]: ../../std/process/fn.exit.html
62	///
63	/// # Examples
64	///
65	/// The canonical safe use of `mem::forget` is to circumvent a value's destructor
66	/// implemented by the `Drop` trait. For example, this will leak a `File`, i.e. reclaim
67	/// the space taken by the variable but never close the underlying system resource:
68	///
69	/// ```no_run
70	/// use std::mem;
71	/// use std::fs::File;
72	///
73	/// let file = File::open("foo.txt").unwrap();
74	/// mem::forget(file);
75	/// ```
76	///
77	/// This is useful when the ownership of the underlying resource was previously
78	/// transferred to code outside of Rust, for example by transmitting the raw
79	/// file descriptor to C code.
80	///
81	/// # Relationship with `ManuallyDrop`
82	///
83	/// While `mem::forget` can also be used to transfer memory* ownership, doing so is error-prone.*
84	/// [`ManuallyDrop`] should be used instead. Consider, for example, this code:
85	///
86	/// ```
87	/// use std::mem;
88	///
89	/// let mut v = vec![`65`, `122`];
90	/// // Build a `String` using the contents of `v`
91	/// let s = unsafe { String::from_raw_parts(v.as_mut_ptr(), v.len(), v.capacity()) };
92	/// // leak `v` because its memory is now managed by `s`
93	/// mem::forget(v); // ERROR - v is invalid and must not be passed to a function
94	/// assert_eq!(s, "Az");
95	/// // `s` is implicitly dropped and its memory deallocated.
96	/// ```
97	///
98	/// There are two issues with the above example:
99	///
100	/// If more code were added between the construction of `String` and the invocation of*
101	/// `mem::forget()`, a panic within it would cause a double free because the same memory
102	/// is handled by both `v` and `s`.
103	/// After calling `v.as_mut_ptr()` and transmitting the ownership of the data to `s`,*
104	/// the `v` value is invalid. Even when a value is just moved to `mem::forget` (which won't
105	/// inspect it), some types have strict requirements on their values that
106	/// make them invalid when dangling or no longer owned. Using invalid values in any
107	/// way, including passing them to or returning them from functions, constitutes
108	/// undefined behavior and may break the assumptions made by the compiler.
109	///
110	/// Switching to `ManuallyDrop` avoids both issues:
111	///
112	/// ```
113	/// use std::mem::ManuallyDrop;
114	///
115	/// let v = vec![`65`, `122`];
116	/// // Before we disassemble `v` into its raw parts, make sure it
117	/// // does not get dropped!
118	/// let mut v = ManuallyDrop::new(v);
119	/// // Now disassemble `v`. These operations cannot panic, so there cannot be a leak.
120	/// let (ptr, len, cap) = (v.as_mut_ptr(), v.len(), v.capacity());
121	/// // Finally, build a `String`.
122	/// let s = unsafe { String::from_raw_parts(ptr, len, cap) };
123	/// assert_eq!(s, "Az");
124	/// // `s` is implicitly dropped and its memory deallocated.
125	/// ```
126	///
127	/// `ManuallyDrop` robustly prevents double-free because we disable `v`'s destructor
128	/// before doing anything else. `mem::forget()` doesn't allow this because it consumes its
129	/// argument, forcing us to call it only after extracting anything we need from `v`. Even
130	/// if a panic were introduced between construction of `ManuallyDrop` and building the
131	/// string (which cannot happen in the code as shown), it would result in a leak and not a
132	/// double free. In other words, `ManuallyDrop` errs on the side of leaking instead of
133	/// erring on the side of (double-)dropping.
134	///
135	/// Also, `ManuallyDrop` prevents us from having to "touch" `v` after transferring the
136	/// ownership to `s` — the final step of interacting with `v` to dispose of it without
137	/// running its destructor is entirely avoided.
138	///
139	/// [`Box`]: ../../std/boxed/struct.Box.html
140	/// [`Box::leak`]: ../../std/boxed/struct.Box.html#method.leak
141	/// [`Box::into_raw`]: ../../std/boxed/struct.Box.html#method.into_raw
142	/// [`mem::drop`]: drop
143	/// [ub]: ../../reference/behavior-considered-undefined.html
144	#[inline]
145	#[rustc_const_stable(feature = "const_forget", since = "1.46.0")]
146	#[stable(feature = "rust1", since = "1.0.0")]
147	#[cfg_attr(not(test), rustc_diagnostic_item = "mem_forget")]
148	pub const fn forget<T>(t: T) {
149	let _ = ManuallyDrop::new(t);
150	}
151
152	/// Like [`forget`], but also accepts unsized values.
153	///
154	/// This function is just a shim intended to be removed when the `unsized_locals` feature gets
155	/// stabilized.
156	#[inline]
157	#[unstable(feature = "forget_unsized", issue = "none")]
158	pub fn forget_unsized<T: ?Sized>(t: T) {
159	intrinsics::forget(t)
160	}
161
162	/// Returns the size of a type in bytes.
163	///
164	/// More specifically, this is the offset in bytes between successive elements
165	/// in an array with that item type including alignment padding. Thus, for any
166	/// type `T` and length `n`, `[T; n]` has a size of `n size_of::<T>()`.*
167	///
168	/// In general, the size of a type is not stable across compilations, but
169	/// specific types such as primitives are.
170	///
171	/// The following table gives the size for primitives.
172	///
173	/// Type \| `size_of::<Type>()`
174	/// ---- \| ---------------
175	/// () \| 0
176	/// bool \| 1
177	/// u8 \| 1
178	/// u16 \| 2
179	/// u32 \| 4
180	/// u64 \| 8
181	/// u128 \| 16
182	/// i8 \| 1
183	/// i16 \| 2
184	/// i32 \| 4
185	/// i64 \| 8
186	/// i128 \| 16
187	/// f32 \| 4
188	/// f64 \| 8
189	/// char \| 4
190	///
191	/// Furthermore, `usize` and `isize` have the same size.
192	///
193	/// The types [`const T`], `&T`, [`Box<T>`],* [`Option<&T>`], and `Option<Box<T>>` all have
194	/// the same size. If `T` is `Sized`, all of those types have the same size as `usize`.
195	///
196	/// The mutability of a pointer does not change its size. As such, `&T` and `&mut T`
197	/// have the same size. Likewise for `const T` and `mut T`.
198	///
199	/// # Size of `#[repr(C)]` items
200	///
201	/// The `C` representation for items has a defined layout. With this layout,
202	/// the size of items is also stable as long as all fields have a stable size.
203	///
204	/// ## Size of Structs
205	///
206	/// For `struct`s, the size is determined by the following algorithm.
207	///
208	/// For each field in the struct ordered by declaration order:
209	///
210	/// 1. Add the size of the field.
211	/// 2. Round up the current size to the nearest multiple of the next field's [alignment].
212	///
213	/// Finally, round the size of the struct to the nearest multiple of its [alignment].
214	/// The alignment of the struct is usually the largest alignment of all its
215	/// fields; this can be changed with the use of `repr(align(N))`.
216	///
217	/// Unlike `C`, zero sized structs are not rounded up to one byte in size.
218	///
219	/// ## Size of Enums
220	///
221	/// Enums that carry no data other than the discriminant have the same size as C enums
222	/// on the platform they are compiled for.
223	///
224	/// ## Size of Unions
225	///
226	/// The size of a union is the size of its largest field.
227	///
228	/// Unlike `C`, zero sized unions are not rounded up to one byte in size.
229	///
230	/// # Examples
231	///
232	/// ```
233	/// use std::mem;
234	///
235	/// // Some primitives
236	/// assert_eq!(`4`, mem::size_of::<i32>());
237	/// assert_eq!(`8`, mem::size_of::<f64>());
238	/// assert_eq!(`0`, mem::size_of::<()>());
239	///
240	/// // Some arrays
241	/// assert_eq!(`8`, mem::size_of::<[i32; `2`]>());
242	/// assert_eq!(`12`, mem::size_of::<[i32; `3`]>());
243	/// assert_eq!(`0`, mem::size_of::<[i32; `0`]>());
244	///
245	///
246	/// // Pointer size equality
247	/// assert_eq!(mem::size_of::<&i32>(), mem::size_of::<*const i32>());
248	/// assert_eq!(mem::size_of::<&i32>(), mem::size_of::<Box<i32>>());
249	/// assert_eq!(mem::size_of::<&i32>(), mem::size_of::<Option<&i32>>());
250	/// assert_eq!(mem::size_of::<Box<i32>>(), mem::size_of::<Option<Box<i32>>>());
251	/// ```
252	///
253	/// Using `#[repr(C)]`.
254	///
255	/// ```
256	/// use std::mem;
257	///
258	/// #[repr(C)]
259	/// struct FieldStruct {
260	/// first: u8,
261	/// second: u16,
262	/// third: u8
263	/// }
264	///
265	/// // The size of the first field is 1, so add 1 to the size. Size is 1.
266	/// // The alignment of the second field is 2, so add 1 to the size for padding. Size is 2.
267	/// // The size of the second field is 2, so add 2 to the size. Size is 4.
268	/// // The alignment of the third field is 1, so add 0 to the size for padding. Size is 4.
269	/// // The size of the third field is 1, so add 1 to the size. Size is 5.
270	/// // Finally, the alignment of the struct is 2 (because the largest alignment amongst its
271	/// // fields is 2), so add 1 to the size for padding. Size is 6.
272	/// assert_eq!(`6`, mem::size_of::<FieldStruct>());
273	///
274	/// #[repr(C)]
275	/// struct TupleStruct(u8, u16, u8);
276	///
277	/// // Tuple structs follow the same rules.
278	/// assert_eq!(`6`, mem::size_of::<TupleStruct>());
279	///
280	/// // Note that reordering the fields can lower the size. We can remove both padding bytes
281	/// // by putting `third` before `second`.
282	/// #[repr(C)]
283	/// struct FieldStructOptimized {
284	/// first: u8,
285	/// third: u8,
286	/// second: u16
287	/// }
288	///
289	/// assert_eq!(`4`, mem::size_of::<FieldStructOptimized>());
290	///
291	/// // Union size is the size of the largest field.
292	/// #[repr(C)]
293	/// union ExampleUnion {
294	/// smaller: u8,
295	/// larger: u16
296	/// }
297	///
298	/// assert_eq!(`2`, mem::size_of::<ExampleUnion>());
299	/// ```
300	///
301	/// [alignment]: align_of
302	/// [`const T`]: primitive@pointer*
303	/// [`Box<T>`]: ../../std/boxed/struct.Box.html
304	/// [`Option<&T>`]: crate::option::Option
305	///
306	#[inline(always)]
307	#[must_use]
308	#[stable(feature = "rust1", since = "1.0.0")]
309	#[rustc_promotable]
310	#[rustc_const_stable(feature = "const_mem_size_of", since = "1.24.0")]
311	#[cfg_attr(not(test), rustc_diagnostic_item = "mem_size_of")]
312	pub const fn size_of<T>() -> usize {
313	intrinsics::size_of::<T>()
314	}
315
316	/// Returns the size of the pointed-to value in bytes.
317	///
318	/// This is usually the same as [`size_of::<T>()`]. However, when `T` has* no*
319	/// statically-known size, e.g., a slice [`[T]`][slice] or a [trait object],
320	/// then `size_of_val` can be used to get the dynamically-known size.
321	///
322	/// [trait object]: ../../book/ch17-02-trait-objects.html
323	///
324	/// # Examples
325	///
326	/// ```
327	/// use std::mem;
328	///
329	/// assert_eq!(`4`, mem::size_of_val(&`5i32`));
330	///
331	/// let x: [u8; `13`] = [`0`; `13`];
332	/// let y: &[u8] = &x;
333	/// assert_eq!(`13`, mem::size_of_val(y));
334	/// ```
335	///
336	/// [`size_of::<T>()`]: size_of
337	#[inline]
338	#[must_use]
339	#[stable(feature = "rust1", since = "1.0.0")]
340	#[rustc_const_unstable(feature = "const_size_of_val", issue = "46571")]
341	#[cfg_attr(not(test), rustc_diagnostic_item = "mem_size_of_val")]
342	pub const fn size_of_val<T: ?Sized>(val: &T) -> usize {
343	// SAFETY: `val` is a reference, so it's a valid raw pointer
344	unsafe { intrinsics::size_of_val(val) }
345	}
346
347	/// Returns the size of the pointed-to value in bytes.
348	///
349	/// This is usually the same as [`size_of::<T>()`]. However, when `T` has* no*
350	/// statically-known size, e.g., a slice [`[T]`][slice] or a [trait object],
351	/// then `size_of_val_raw` can be used to get the dynamically-known size.
352	///
353	/// # Safety
354	///
355	/// This function is only safe to call if the following conditions hold:
356	///
357	/// - If `T` is `Sized`, this function is always safe to call.
358	/// - If the unsized tail of `T` is:
359	/// - a [slice], then the length of the slice tail must be an initialized
360	/// integer, and the size of the entire value
361	/// (dynamic tail length + statically sized prefix) must fit in `isize`.
362	/// - a [trait object], then the vtable part of the pointer must point
363	/// to a valid vtable acquired by an unsizing coercion, and the size
364	/// of the entire value* (dynamic tail length + statically sized prefix)*
365	/// must fit in `isize`.
366	/// - an (unstable) [extern type], then this function is always safe to
367	/// call, but may panic or otherwise return the wrong value, as the
368	/// extern type's layout is not known. This is the same behavior as
369	/// [`size_of_val`] on a reference to a type with an extern type tail.
370	/// - otherwise, it is conservatively not allowed to call this function.
371	///
372	/// [`size_of::<T>()`]: size_of
373	/// [trait object]: ../../book/ch17-02-trait-objects.html
374	/// [extern type]: ../../unstable-book/language-features/extern-types.html
375	///
376	/// # Examples
377	///
378	/// ```
379	/// #![feature(layout_for_ptr)]
380	/// use std::mem;
381	///
382	/// assert_eq!(`4`, mem::size_of_val(&`5i32`));
383	///
384	/// let x: [u8; `13`] = [`0`; `13`];
385	/// let y: &[u8] = &x;
386	/// assert_eq!(`13`, unsafe { mem::size_of_val_raw(y) });
387	/// ```
388	#[inline]
389	#[must_use]
390	#[unstable(feature = "layout_for_ptr", issue = "69835")]
391	#[rustc_const_unstable(feature = "const_size_of_val_raw", issue = "46571")]
392	pub const unsafe fn size_of_val_raw<T: ?Sized>(val: *const T) -> usize {
393	// SAFETY: the caller must provide a valid raw pointer
394	unsafe { intrinsics::size_of_val(val) }
395	}
396
397	/// Returns the [ABI]-required minimum alignment of a type in bytes.
398	///
399	/// Every reference to a value of the type `T` must be a multiple of this number.
400	///
401	/// This is the alignment used for struct fields. It may be smaller than the preferred alignment.
402	///
403	/// [ABI]: https://en.wikipedia.org/wiki/Application_binary_interface
404	///
405	/// # Examples
406	///
407	/// ```
408	/// # #![allow(deprecated)]
409	/// use std::mem;
410	///
411	/// assert_eq!(`4`, mem::min_align_of::<i32>());
412	/// ```
413	#[inline]
414	#[must_use]
415	#[stable(feature = "rust1", since = "1.0.0")]
416	#[deprecated(note = "use `align_of` instead", since = "1.2.0", suggestion = "align_of")]
417	pub fn min_align_of<T>() -> usize {
418	intrinsics::min_align_of::<T>()
419	}
420
421	/// Returns the [ABI]-required minimum alignment of the type of the value that `val` points to in
422	/// bytes.
423	///
424	/// Every reference to a value of the type `T` must be a multiple of this number.
425	///
426	/// [ABI]: https://en.wikipedia.org/wiki/Application_binary_interface
427	///
428	/// # Examples
429	///
430	/// ```
431	/// # #![allow(deprecated)]
432	/// use std::mem;
433	///
434	/// assert_eq!(`4`, mem::min_align_of_val(&`5i32`));
435	/// ```
436	#[inline]
437	#[must_use]
438	#[stable(feature = "rust1", since = "1.0.0")]
439	#[deprecated(note = "use `align_of_val` instead", since = "1.2.0", suggestion = "align_of_val")]
440	pub fn min_align_of_val<T: ?Sized>(val: &T) -> usize {
441	// SAFETY: val is a reference, so it's a valid raw pointer
442	unsafe { intrinsics::min_align_of_val(val) }
443	}
444
445	/// Returns the [ABI]-required minimum alignment of a type in bytes.
446	///
447	/// Every reference to a value of the type `T` must be a multiple of this number.
448	///
449	/// This is the alignment used for struct fields. It may be smaller than the preferred alignment.
450	///
451	/// [ABI]: https://en.wikipedia.org/wiki/Application_binary_interface
452	///
453	/// # Examples
454	///
455	/// ```
456	/// use std::mem;
457	///
458	/// assert_eq!(`4`, mem::align_of::<i32>());
459	/// ```
460	#[inline(always)]
461	#[must_use]
462	#[stable(feature = "rust1", since = "1.0.0")]
463	#[rustc_promotable]
464	#[rustc_const_stable(feature = "const_align_of", since = "1.24.0")]
465	pub const fn align_of<T>() -> usize {
466	intrinsics::min_align_of::<T>()
467	}
468
469	/// Returns the [ABI]-required minimum alignment of the type of the value that `val` points to in
470	/// bytes.
471	///
472	/// Every reference to a value of the type `T` must be a multiple of this number.
473	///
474	/// [ABI]: https://en.wikipedia.org/wiki/Application_binary_interface
475	///
476	/// # Examples
477	///
478	/// ```
479	/// use std::mem;
480	///
481	/// assert_eq!(`4`, mem::align_of_val(&`5i32`));
482	/// ```
483	#[inline]
484	#[must_use]
485	#[stable(feature = "rust1", since = "1.0.0")]
486	#[rustc_const_unstable(feature = "const_align_of_val", issue = "46571")]
487	#[allow(deprecated)]
488	pub const fn align_of_val<T: ?Sized>(val: &T) -> usize {
489	// SAFETY: val is a reference, so it's a valid raw pointer
490	unsafe { intrinsics::min_align_of_val(val) }
491	}
492
493	/// Returns the [ABI]-required minimum alignment of the type of the value that `val` points to in
494	/// bytes.
495	///
496	/// Every reference to a value of the type `T` must be a multiple of this number.
497	///
498	/// [ABI]: https://en.wikipedia.org/wiki/Application_binary_interface
499	///
500	/// # Safety
501	///
502	/// This function is only safe to call if the following conditions hold:
503	///
504	/// - If `T` is `Sized`, this function is always safe to call.
505	/// - If the unsized tail of `T` is:
506	/// - a [slice], then the length of the slice tail must be an initialized
507	/// integer, and the size of the entire value
508	/// (dynamic tail length + statically sized prefix) must fit in `isize`.
509	/// - a [trait object], then the vtable part of the pointer must point
510	/// to a valid vtable acquired by an unsizing coercion, and the size
511	/// of the entire value* (dynamic tail length + statically sized prefix)*
512	/// must fit in `isize`.
513	/// - an (unstable) [extern type], then this function is always safe to
514	/// call, but may panic or otherwise return the wrong value, as the
515	/// extern type's layout is not known. This is the same behavior as
516	/// [`align_of_val`] on a reference to a type with an extern type tail.
517	/// - otherwise, it is conservatively not allowed to call this function.
518	///
519	/// [trait object]: ../../book/ch17-02-trait-objects.html
520	/// [extern type]: ../../unstable-book/language-features/extern-types.html
521	///
522	/// # Examples
523	///
524	/// ```
525	/// #![feature(layout_for_ptr)]
526	/// use std::mem;
527	///
528	/// assert_eq!(`4`, unsafe { mem::align_of_val_raw(&`5i32`) });
529	/// ```
530	#[inline]
531	#[must_use]
532	#[unstable(feature = "layout_for_ptr", issue = "69835")]
533	#[rustc_const_unstable(feature = "const_align_of_val_raw", issue = "46571")]
534	pub const unsafe fn align_of_val_raw<T: ?Sized>(val: *const T) -> usize {
535	// SAFETY: the caller must provide a valid raw pointer
536	unsafe { intrinsics::min_align_of_val(val) }
537	}
538
539	/// Returns `true` if dropping values of type `T` matters.
540	///
541	/// This is purely an optimization hint, and may be implemented conservatively:
542	/// it may return `true` for types that don't actually need to be dropped.
543	/// As such always returning `true` would be a valid implementation of
544	/// this function. However if this function actually returns `false`, then you
545	/// can be certain dropping `T` has no side effect.
546	///
547	/// Low level implementations of things like collections, which need to manually
548	/// drop their data, should use this function to avoid unnecessarily
549	/// trying to drop all their contents when they are destroyed. This might not
550	/// make a difference in release builds (where a loop that has no side-effects
551	/// is easily detected and eliminated), but is often a big win for debug builds.
552	///
553	/// Note that [`drop_in_place`] already performs this check, so if your workload
554	/// can be reduced to some small number of [`drop_in_place`] calls, using this is
555	/// unnecessary. In particular note that you can [`drop_in_place`] a slice, and that
556	/// will do a single needs_drop check for all the values.
557	///
558	/// Types like Vec therefore just `drop_in_place(&mut self[..])` without using
559	/// `needs_drop` explicitly. Types like [`HashMap`], on the other hand, have to drop
560	/// values one at a time and should use this API.
561	///
562	/// [`drop_in_place`]: crate::ptr::drop_in_place
563	/// [`HashMap`]: ../../std/collections/struct.HashMap.html
564	///
565	/// # Examples
566	///
567	/// Here's an example of how a collection might make use of `needs_drop`:
568	///
569	/// ```
570	/// use std::{mem, ptr};
571	///
572	/// pub struct MyCollection<T> {
573	/// # data: [T; `1`],
574	/// / ... /
575	/// }
576	/// # impl<T> MyCollection<T> {
577	/// # fn iter_mut(&mut self) -> &mut [T] { &mut self.data }
578	/// # fn free_buffer(&mut self) {}
579	/// # }
580	///
581	/// impl<T> Drop for MyCollection<T> {
582	/// fn drop(&mut self) {
583	/// unsafe {
584	/// // drop the data
585	/// if mem::needs_drop::<T>() {
586	/// for x in self.iter_mut() {
587	/// ptr::drop_in_place(x);
588	/// }
589	/// }
590	/// self.free_buffer();
591	/// }
592	/// }
593	/// }
594	/// ```
595	#[inline]
596	#[must_use]
597	#[stable(feature = "needs_drop", since = "1.21.0")]
598	#[rustc_const_stable(feature = "const_mem_needs_drop", since = "1.36.0")]
599	#[rustc_diagnostic_item = "needs_drop"]
600	pub const fn needs_drop<T: ?Sized>() -> bool {
601	intrinsics::needs_drop::<T>()
602	}
603
604	/// Returns the value of type `T` represented by the all-zero byte-pattern.
605	///
606	/// This means that, for example, the padding byte in `(u8, u16)` is not
607	/// necessarily zeroed.
608	///
609	/// There is no guarantee that an all-zero byte-pattern represents a valid value
610	/// of some type `T`. For example, the all-zero byte-pattern is not a valid value
611	/// for reference types (`&T`, `&mut T`) and functions pointers. Using `zeroed`
612	/// on such types causes immediate [undefined behavior][ub] because [the Rust
613	/// compiler assumes][inv] that there always is a valid value in a variable it
614	/// considers initialized.
615	///
616	/// This has the same effect as [`MaybeUninit::zeroed().assume_init()`][zeroed].
617	/// It is useful for FFI sometimes, but should generally be avoided.
618	///
619	/// [zeroed]: MaybeUninit::zeroed
620	/// [ub]: ../../reference/behavior-considered-undefined.html
621	/// [inv]: MaybeUninit#initialization-invariant
622	///
623	/// # Examples
624	///
625	/// Correct usage of this function: initializing an integer with zero.
626	///
627	/// ```
628	/// use std::mem;
629	///
630	/// let x: i32 = unsafe { mem::zeroed() };
631	/// assert_eq!(`0`, x);
632	/// ```
633	///
634	/// Incorrect* usage of this function: initializing a reference with zero.*
635	///
636	/// ```rust,no_run
637	/// # #![allow(invalid_value)]
638	/// use std::mem;
639	///
640	/// let _x: &i32 = unsafe { mem::zeroed() }; // Undefined behavior!
641	/// let _y: fn() = unsafe { mem::zeroed() }; // And again!
642	/// ```
643	#[inline(always)]
644	#[must_use]
645	#[stable(feature = "rust1", since = "1.0.0")]
646	#[allow(deprecated_in_future)]
647	#[allow(deprecated)]
648	#[rustc_diagnostic_item = "mem_zeroed"]
649	#[track_caller]
650	#[rustc_const_stable(feature = "const_mem_zeroed", since = "1.75.0")]
651	pub const unsafe fn zeroed<T>() -> T {
652	// SAFETY: the caller must guarantee that an all-zero value is valid for `T`.
653	unsafe {
654	intrinsics::assert_zero_valid::<T>();
655	MaybeUninit::zeroed().assume_init()
656	}
657	}
658
659	/// Bypasses Rust's normal memory-initialization checks by pretending to
660	/// produce a value of type `T`, while doing nothing at all.
661	///
662	/// This function is deprecated.* Use [`MaybeUninit<T>`] instead.*
663	/// It also might be slower than using `MaybeUninit<T>` due to mitigations that were put in place to
664	/// limit the potential harm caused by incorrect use of this function in legacy code.
665	///
666	/// The reason for deprecation is that the function basically cannot be used
667	/// correctly: it has the same effect as [`MaybeUninit::uninit().assume_init()`][uninit].
668	/// As the [`assume_init` documentation][assume_init] explains,
669	/// [the Rust compiler assumes][inv] that values are properly initialized.
670	///
671	/// Truly uninitialized memory like what gets returned here
672	/// is special in that the compiler knows that it does not have a fixed value.
673	/// This makes it undefined behavior to have uninitialized data in a variable even
674	/// if that variable has an integer type.
675	///
676	/// Therefore, it is immediate undefined behavior to call this function on nearly all types,
677	/// including integer types and arrays of integer types, and even if the result is unused.
678	///
679	/// [uninit]: MaybeUninit::uninit
680	/// [assume_init]: MaybeUninit::assume_init
681	/// [inv]: MaybeUninit#initialization-invariant
682	#[inline(always)]
683	#[must_use]
684	#[deprecated(since = "1.39.0", note = "use `mem::MaybeUninit` instead")]
685	#[stable(feature = "rust1", since = "1.0.0")]
686	#[allow(deprecated_in_future)]
687	#[allow(deprecated)]
688	#[rustc_diagnostic_item = "mem_uninitialized"]
689	#[track_caller]
690	pub unsafe fn uninitialized<T>() -> T {
691	// SAFETY: the caller must guarantee that an uninitialized value is valid for `T`.
692	unsafe {
693	intrinsics::assert_mem_uninitialized_valid::<T>();
694	let mut val: MaybeUninit = MaybeUninit::<T>::uninit();
695
696	// Fill memory with 0x01, as an imperfect mitigation for old code that uses this function on
697	// bool, nonnull, and noundef types. But don't do this if we actively want to detect UB.
698	if !cfg!(any(miri, sanitize = "memory")) {
699	val.as_mut_ptr().write_bytes(val:`0x01`, count:`1`);
700	}
701
702	val.assume_init()
703	}
704	}
705
706	/// Swaps the values at two mutable locations, without deinitializing either one.
707	///
708	/// If you want to swap with a default or dummy value, see* [`take`].
709	/// If you want to swap with a passed value, returning the old value, see* [`replace`].
710	///
711	/// # Examples
712	///
713	/// ```
714	/// use std::mem;
715	///
716	/// let mut x = `5`;
717	/// let mut y = `42`;
718	///
719	/// mem::swap(&mut x, &mut y);
720	///
721	/// assert_eq!(`42`, x);
722	/// assert_eq!(`5`, y);
723	/// ```
724	#[inline]
725	#[stable(feature = "rust1", since = "1.0.0")]
726	#[rustc_const_unstable(feature = "const_swap", issue = "83163")]
727	#[rustc_diagnostic_item = "mem_swap"]
728	pub const fn swap<T>(x: &mut T, y: &mut T) {
729	// NOTE(eddyb) SPIR-V's Logical addressing model doesn't allow for arbitrary
730	// reinterpretation of values as (chunkable) byte arrays, and the loop in the
731	// block optimization in `swap_slice` is hard to rewrite back
732	// into the (unoptimized) direct swapping implementation, so we disable it.
733	#[cfg(not(any(target_arch = "spirv")))]
734	{
735	// For types that are larger multiples of their alignment, the simple way
736	// tends to copy the whole thing to stack rather than doing it one part
737	// at a time, so instead treat them as one-element slices and piggy-back
738	// the slice optimizations that will split up the swaps.
739	if const { size_of::<T>() / align_of::<T>() > `2` } {
740	// SAFETY: exclusive references always point to one non-overlapping
741	// element and are non-null and properly aligned.
742	return unsafe { ptr::swap_nonoverlapping(x, y, `1`) };
743	}
744	}
745
746	// If a scalar consists of just a small number of alignment units, let
747	// the codegen just swap those pieces directly, as it's likely just a
748	// few instructions and anything else is probably overcomplicated.
749	//
750	// Most importantly, this covers primitives and simd types that tend to
751	// have size=align where doing anything else can be a pessimization.
752	// (This will also be used for ZSTs, though any solution works for them.)
753	swap_simple(x, y);
754	}
755
756	/// Same as [`swap`] semantically, but always uses the simple implementation.
757	///
758	/// Used elsewhere in `mem` and `ptr` at the bottom layer of calls.
759	#[rustc_const_unstable(feature = "const_swap", issue = "83163")]
760	#[inline]
761	pub(crate) const fn swap_simple<T>(x: &mut T, y: &mut T) {
762	// We arrange for this to typically be called with small types,
763	// so this reads-and-writes approach is actually better than using
764	// copy_nonoverlapping as it easily puts things in LLVM registers
765	// directly and doesn't end up inlining allocas.
766	// And LLVM actually optimizes it to 3×memcpy if called with
767	// a type larger than it's willing to keep in a register.
768	// Having typed reads and writes in MIR here is also good as
769	// it lets Miri and CTFE understand them better, including things
770	// like enforcing type validity for them.
771	// Importantly, read+copy_nonoverlapping+write introduces confusing
772	// asymmetry to the behaviour where one value went through read+write
773	// whereas the other was copied over by the intrinsic (see #94371).
774	// Furthermore, using only read+write here benefits limited backends
775	// such as SPIR-V that work on an underlying typed* view of memory,*
776	// and thus have trouble with Rust's untyped memory operations.
777
778	// SAFETY: exclusive references are always valid to read/write,
779	// including being aligned, and nothing here panics so it's drop-safe.
780	unsafe {
781	let a = ptr::read(x);
782	let b = ptr::read(y);
783	ptr::write(x, b);
784	ptr::write(y, a);
785	}
786	}
787
788	/// Replaces `dest` with the default value of `T`, returning the previous `dest` value.
789	///
790	/// If you want to replace the values of two variables, see* [`swap`].
791	/// If you want to replace with a passed value instead of the default value, see* [`replace`].
792	///
793	/// # Examples
794	///
795	/// A simple example:
796	///
797	/// ```
798	/// use std::mem;
799	///
800	/// let mut v: Vec<i32> = vec![`1`, `2`];
801	///
802	/// let old_v = mem::take(&mut v);
803	/// assert_eq!(vec![`1`, `2`], old_v);
804	/// assert!(v.is_empty());
805	/// ```
806	///
807	/// `take` allows taking ownership of a struct field by replacing it with an "empty" value.
808	/// Without `take` you can run into issues like these:
809	///
810	/// ```compile_fail,E0507
811	/// struct Buffer<T> { buf: Vec<T> }
812	///
813	/// impl<T> Buffer<T> {
814	/// fn get_and_reset(&mut self) -> Vec<T> {
815	/// // error: cannot move out of dereference of `&mut`-pointer
816	/// let buf = self.buf;
817	/// self.buf = Vec::new();
818	/// buf
819	/// }
820	/// }
821	/// ```
822	///
823	/// Note that `T` does not necessarily implement [`Clone`], so it can't even clone and reset
824	/// `self.buf`. But `take` can be used to disassociate the original value of `self.buf` from
825	/// `self`, allowing it to be returned:
826	///
827	/// ```
828	/// use std::mem;
829	///
830	/// # struct Buffer<T> { buf: Vec<T> }
831	/// impl<T> Buffer<T> {
832	/// fn get_and_reset(&mut self) -> Vec<T> {
833	/// mem::take(&mut self.buf)
834	/// }
835	/// }
836	///
837	/// let mut buffer = Buffer { buf: vec![`0`, `1`] };
838	/// assert_eq!(buffer.buf.len(), `2`);
839	///
840	/// assert_eq!(buffer.get_and_reset(), vec![`0`, `1`]);
841	/// assert_eq!(buffer.buf.len(), `0`);
842	/// ```
843	#[inline]
844	#[stable(feature = "mem_take", since = "1.40.0")]
845	pub fn take<T: Default>(dest: &mut T) -> T {
846	replace(dest, T::default())
847	}
848
849	/// Moves `src` into the referenced `dest`, returning the previous `dest` value.
850	///
851	/// Neither value is dropped.
852	///
853	/// If you want to replace the values of two variables, see* [`swap`].
854	/// If you want to replace with a default value, see* [`take`].
855	///
856	/// # Examples
857	///
858	/// A simple example:
859	///
860	/// ```
861	/// use std::mem;
862	///
863	/// let mut v: Vec<i32> = vec![`1`, `2`];
864	///
865	/// let old_v = mem::replace(&mut v, vec![`3`, `4`, `5`]);
866	/// assert_eq!(vec![`1`, `2`], old_v);
867	/// assert_eq!(vec![`3`, `4`, `5`], v);
868	/// ```
869	///
870	/// `replace` allows consumption of a struct field by replacing it with another value.
871	/// Without `replace` you can run into issues like these:
872	///
873	/// ```compile_fail,E0507
874	/// struct Buffer<T> { buf: Vec<T> }
875	///
876	/// impl<T> Buffer<T> {
877	/// fn replace_index(&mut self, i: usize, v: T) -> T {
878	/// // error: cannot move out of dereference of `&mut`-pointer
879	/// let t = self.buf[i];
880	/// self.buf[i] = v;
881	/// t
882	/// }
883	/// }
884	/// ```
885	///
886	/// Note that `T` does not necessarily implement [`Clone`], so we can't even clone `self.buf[i]` to
887	/// avoid the move. But `replace` can be used to disassociate the original value at that index from
888	/// `self`, allowing it to be returned:
889	///
890	/// ```
891	/// # #![allow(dead_code)]
892	/// use std::mem;
893	///
894	/// # struct Buffer<T> { buf: Vec<T> }
895	/// impl<T> Buffer<T> {
896	/// fn replace_index(&mut self, i: usize, v: T) -> T {
897	/// mem::replace(&mut self.buf[i], v)
898	/// }
899	/// }
900	///
901	/// let mut buffer = Buffer { buf: vec![`0`, `1`] };
902	/// assert_eq!(buffer.buf[`0`], `0`);
903	///
904	/// assert_eq!(buffer.replace_index(`0`, `2`), `0`);
905	/// assert_eq!(buffer.buf[`0`], `2`);
906	/// ```
907	#[inline]
908	#[stable(feature = "rust1", since = "1.0.0")]
909	#[must_use = "if you don't need the old value, you can just assign the new value directly"]
910	#[rustc_const_unstable(feature = "const_replace", issue = "83164")]
911	#[cfg_attr(not(test), rustc_diagnostic_item = "mem_replace")]
912	pub const fn replace<T>(dest: &mut T, src: T) -> T {
913	// It may be tempting to use `swap` to avoid `unsafe` here. Don't!
914	// The compiler optimizes the implementation below to two `memcpy`s
915	// while `swap` would require at least three. See PR#83022 for details.
916
917	// SAFETY: We read from `dest` but directly write `src` into it afterwards,
918	// such that the old value is not duplicated. Nothing is dropped and
919	// nothing here can panic.
920	unsafe {
921	let result: T = ptr::read(src:dest);
922	ptr::write(dst:dest, src);
923	result
924	}
925	}
926
927	/// Disposes of a value.
928	///
929	/// This does so by calling the argument's implementation of [`Drop`][drop].
930	///
931	/// This effectively does nothing for types which implement `Copy`, e.g.
932	/// integers. Such values are copied and _then_ moved into the function, so the
933	/// value persists after this function call.
934	///
935	/// This function is not magic; it is literally defined as
936	///
937	/// ```
938	/// pub fn drop<T>(_x: T) {}
939	/// ```
940	///
941	/// Because `_x` is moved into the function, it is automatically dropped before
942	/// the function returns.
943	///
944	/// [drop]: Drop
945	///
946	/// # Examples
947	///
948	/// Basic usage:
949	///
950	/// ```
951	/// let v = vec![`1`, `2`, `3`];
952	///
953	/// drop(v); // explicitly drop the vector
954	/// ```
955	///
956	/// Since [`RefCell`] enforces the borrow rules at runtime, `drop` can
957	/// release a [`RefCell`] borrow:
958	///
959	/// ```
960	/// use std::cell::RefCell;
961	///
962	/// let x = RefCell::new(`1`);
963	///
964	/// let mut mutable_borrow = x.borrow_mut();
965	/// *mutable_borrow = `1`;
966	///
967	/// drop(mutable_borrow); // relinquish the mutable borrow on this slot
968	///
969	/// let borrow = x.borrow();
970	/// println!("{}", *borrow);
971	/// ```
972	///
973	/// Integers and other types implementing [`Copy`] are unaffected by `drop`.
974	///
975	/// ```
976	/// # #![allow(dropping_copy_types)]
977	/// #[derive(Copy, Clone)]
978	/// struct Foo(u8);
979	///
980	/// let x = `1`;
981	/// let y = Foo(`2`);
982	/// drop(x); // a copy of `x` is moved and dropped
983	/// drop(y); // a copy of `y` is moved and dropped
984	///
985	/// println!("x: {}, y: {}", x, y.`0`); // still available
986	/// ```
987	///
988	/// [`RefCell`]: crate::cell::RefCell
989	#[inline]
990	#[stable(feature = "rust1", since = "1.0.0")]
991	#[cfg_attr(not(test), rustc_diagnostic_item = "mem_drop")]
992	pub fn drop<T>(_x: T) {}
993
994	/// Bitwise-copies a value.
995	///
996	/// This function is not magic; it is literally defined as
997	/// ```
998	/// pub fn copy<T: Copy>(x: &T) -> T { *x }
999	/// ```
1000	///
1001	/// It is useful when you want to pass a function pointer to a combinator, rather than defining a new closure.
1002	///
1003	/// Example:
1004	/// ```
1005	/// #![feature(mem_copy_fn)]
1006	/// use core::mem::copy;
1007	/// let result_from_ffi_function: Result<(), &i32> = Err(&`1`);
1008	/// let result_copied: Result<(), i32> = result_from_ffi_function.map_err(copy);
1009	/// ```
1010	#[inline]
1011	#[unstable(feature = "mem_copy_fn", issue = "98262")]
1012	pub const fn copy<T: Copy>(x: &T) -> T {
1013	*x
1014	}
1015
1016	/// Interprets `src` as having type `&Dst`, and then reads `src` without moving
1017	/// the contained value.
1018	///
1019	/// This function will unsafely assume the pointer `src` is valid for [`size_of::<Dst>`][size_of]
1020	/// bytes by transmuting `&Src` to `&Dst` and then reading the `&Dst` (except that this is done
1021	/// in a way that is correct even when `&Dst` has stricter alignment requirements than `&Src`).
1022	/// It will also unsafely create a copy of the contained value instead of moving out of `src`.
1023	///
1024	/// It is not a compile-time error if `Src` and `Dst` have different sizes, but it
1025	/// is highly encouraged to only invoke this function where `Src` and `Dst` have the
1026	/// same size. This function triggers [undefined behavior][ub] if `Dst` is larger than
1027	/// `Src`.
1028	///
1029	/// [ub]: ../../reference/behavior-considered-undefined.html
1030	///
1031	/// # Examples
1032	///
1033	/// ```
1034	/// use std::mem;
1035	///
1036	/// #[repr(packed)]
1037	/// struct Foo {
1038	/// bar: u8,
1039	/// }
1040	///
1041	/// let foo_array = [`10u8`];
1042	///
1043	/// unsafe {
1044	/// // Copy the data from 'foo_array' and treat it as a 'Foo'
1045	/// let mut foo_struct: Foo = mem::transmute_copy(&foo_array);
1046	/// assert_eq!(foo_struct.bar, `10`);
1047	///
1048	/// // Modify the copied data
1049	/// foo_struct.bar = `20`;
1050	/// assert_eq!(foo_struct.bar, `20`);
1051	/// }
1052	///
1053	/// // The contents of 'foo_array' should not have changed
1054	/// assert_eq!(foo_array, [`10`]);
1055	/// ```
1056	#[inline]
1057	#[must_use]
1058	#[track_caller]
1059	#[stable(feature = "rust1", since = "1.0.0")]
1060	#[rustc_const_stable(feature = "const_transmute_copy", since = "1.74.0")]
1061	pub const unsafe fn transmute_copy<Src, Dst>(src: &Src) -> Dst {
1062	assert!(
1063	size_of::<Src>() >= size_of::<Dst>(),
1064	"cannot transmute_copy if Dst is larger than Src"
1065	);
1066
1067	// If Dst has a higher alignment requirement, src might not be suitably aligned.
1068	if align_of::<Dst>() > align_of::<Src>() {
1069	// SAFETY: `src` is a reference which is guaranteed to be valid for reads.
1070	// The caller must guarantee that the actual transmutation is safe.
1071	unsafe { ptr::read_unaligned(src as *const Src as *const Dst) }
1072	} else {
1073	// SAFETY: `src` is a reference which is guaranteed to be valid for reads.
1074	// We just checked that `src as const Dst` was properly aligned.*
1075	// The caller must guarantee that the actual transmutation is safe.
1076	unsafe { ptr::read(src as *const Src as *const Dst) }
1077	}
1078	}
1079
1080	/// Opaque type representing the discriminant of an enum.
1081	///
1082	/// See the [`discriminant`] function in this module for more information.
1083	#[stable(feature = "discriminant_value", since = "1.21.0")]
1084	pub struct Discriminant<T>(<T as DiscriminantKind>::Discriminant);
1085
1086	// N.B. These trait implementations cannot be derived because we don't want any bounds on T.
1087
1088	#[stable(feature = "discriminant_value", since = "1.21.0")]
1089	impl<T> Copy for Discriminant<T> {}
1090
1091	#[stable(feature = "discriminant_value", since = "1.21.0")]
1092	impl<T> clone::Clone for Discriminant<T> {
1093	fn clone(&self) -> Self {
1094	*self
1095	}
1096	}
1097
1098	#[stable(feature = "discriminant_value", since = "1.21.0")]
1099	impl<T> cmp::PartialEq for Discriminant<T> {
1100	fn eq(&self, rhs: &Self) -> bool {
1101	self.0 == rhs.0
1102	}
1103	}
1104
1105	#[stable(feature = "discriminant_value", since = "1.21.0")]
1106	impl<T> cmp::Eq for Discriminant<T> {}
1107
1108	#[stable(feature = "discriminant_value", since = "1.21.0")]
1109	impl<T> hash::Hash for Discriminant<T> {
1110	fn hash<H: hash::Hasher>(&self, state: &mut H) {
1111	self.0.hash(state);
1112	}
1113	}
1114
1115	#[stable(feature = "discriminant_value", since = "1.21.0")]
1116	impl<T> fmt::Debug for Discriminant<T> {
1117	fn fmt(&self, fmt: &mut fmt::Formatter<'_>) -> fmt::Result {
1118	fmt.debug_tuple(name:"Discriminant").field(&self.0).finish()
1119	}
1120	}
1121
1122	/// Returns a value uniquely identifying the enum variant in `v`.
1123	///
1124	/// If `T` is not an enum, calling this function will not result in undefined behavior, but the
1125	/// return value is unspecified.
1126	///
1127	/// # Stability
1128	///
1129	/// The discriminant of an enum variant may change if the enum definition changes. A discriminant
1130	/// of some variant will not change between compilations with the same compiler. See the [Reference]
1131	/// for more information.
1132	///
1133	/// [Reference]: ../../reference/items/enumerations.html#custom-discriminant-values-for-fieldless-enumerations
1134	///
1135	/// The value of a [`Discriminant<T>`] is independent of any free lifetimes* in `T`. As such,*
1136	/// reading or writing a `Discriminant<Foo<'a>>` as a `Discriminant<Foo<'b>>` (whether via
1137	/// [`transmute`] or otherwise) is always sound. Note that this is not* true for other kinds*
1138	/// of generic parameters and for higher-ranked lifetimes; `Discriminant<Foo<A>>` and
1139	/// `Discriminant<Foo<B>>` as well as `Discriminant<Bar<dyn for<'a> Trait<'a>>>` and
1140	/// `Discriminant<Bar<dyn Trait<'static>>>` may be incompatible.
1141	///
1142	/// # Examples
1143	///
1144	/// This can be used to compare enums that carry data, while disregarding
1145	/// the actual data:
1146	///
1147	/// ```
1148	/// use std::mem;
1149	///
1150	/// enum Foo { A(&'static str), B(i32), C(i32) }
1151	///
1152	/// assert_eq!(mem::discriminant(&Foo::A("bar")), mem::discriminant(&Foo::A("baz")));
1153	/// assert_eq!(mem::discriminant(&Foo::B(`1`)), mem::discriminant(&Foo::B(`2`)));
1154	/// assert_ne!(mem::discriminant(&Foo::B(`3`)), mem::discriminant(&Foo::C(`3`)));
1155	/// ```
1156	///
1157	/// ## Accessing the numeric value of the discriminant
1158	///
1159	/// Note that it is undefined behavior* to* [`transmute`] from [`Discriminant`] to a primitive!
1160	///
1161	/// If an enum has only unit variants, then the numeric value of the discriminant can be accessed
1162	/// with an [`as`] cast:
1163	///
1164	/// ```
1165	/// enum Enum {
1166	/// Foo,
1167	/// Bar,
1168	/// Baz,
1169	/// }
1170	///
1171	/// assert_eq!(`0`, Enum::Foo as isize);
1172	/// assert_eq!(`1`, Enum::Bar as isize);
1173	/// assert_eq!(`2`, Enum::Baz as isize);
1174	/// ```
1175	///
1176	/// If an enum has opted-in to having a [primitive representation] for its discriminant,
1177	/// then it's possible to use pointers to read the memory location storing the discriminant.
1178	/// That cannot* be done for enums using the [default representation], however, as it's*
1179	/// undefined what layout the discriminant has and where it's stored — it might not even be
1180	/// stored at all!
1181	///
1182	/// [`as`]: ../../std/keyword.as.html
1183	/// [primitive representation]: ../../reference/type-layout.html#primitive-representations
1184	/// [default representation]: ../../reference/type-layout.html#the-default-representation
1185	/// ```
1186	/// #[repr(u8)]
1187	/// enum Enum {
1188	/// Unit,
1189	/// Tuple(bool),
1190	/// Struct { a: bool },
1191	/// }
1192	///
1193	/// impl Enum {
1194	/// fn discriminant(&self) -> u8 {
1195	/// // SAFETY: Because `Self` is marked `repr(u8)`, its layout is a `repr(C)` `union`
1196	/// // between `repr(C)` structs, each of which has the `u8` discriminant as its first
1197	/// // field, so we can read the discriminant without offsetting the pointer.
1198	/// unsafe { <const _>::from(self).cast::<u8>() }
1199	/// }
1200	/// }
1201	///
1202	/// let unit_like = Enum::Unit;
1203	/// let tuple_like = Enum::Tuple(`true`);
1204	/// let struct_like = Enum::Struct { a: `false` };
1205	/// assert_eq!(`0`, unit_like.discriminant());
1206	/// assert_eq!(`1`, tuple_like.discriminant());
1207	/// assert_eq!(`2`, struct_like.discriminant());
1208	///
1209	/// // ⚠️ This is undefined behavior. Don't do this. ⚠️
1210	/// // assert_eq!(0, unsafe { std::mem::transmute::<_, u8>(std::mem::discriminant(&unit_like)) });
1211	/// ```
1212	#[stable(feature = "discriminant_value", since = "1.21.0")]
1213	#[rustc_const_stable(feature = "const_discriminant", since = "1.75.0")]
1214	#[cfg_attr(not(test), rustc_diagnostic_item = "mem_discriminant")]
1215	#[cfg_attr(miri, track_caller)] // even without panics, this helps for Miri backtraces
1216	pub const fn discriminant<T>(v: &T) -> Discriminant<T> {
1217	Discriminant(intrinsics::discriminant_value(v))
1218	}
1219
1220	/// Returns the number of variants in the enum type `T`.
1221	///
1222	/// If `T` is not an enum, calling this function will not result in undefined behavior, but the
1223	/// return value is unspecified. Equally, if `T` is an enum with more variants than `usize::MAX`
1224	/// the return value is unspecified. Uninhabited variants will be counted.
1225	///
1226	/// Note that an enum may be expanded with additional variants in the future
1227	/// as a non-breaking change, for example if it is marked `#[non_exhaustive]`,
1228	/// which will change the result of this function.
1229	///
1230	/// # Examples
1231	///
1232	/// ```
1233	/// # #![feature(never_type)]
1234	/// # #![feature(variant_count)]
1235	///
1236	/// use std::mem;
1237	///
1238	/// enum Void {}
1239	/// enum Foo { A(&'static str), B(i32), C(i32) }
1240	///
1241	/// assert_eq!(mem::variant_count::<Void>(), `0`);
1242	/// assert_eq!(mem::variant_count::<Foo>(), `3`);
1243	///
1244	/// assert_eq!(mem::variant_count::<Option<!>>(), `2`);
1245	/// assert_eq!(mem::variant_count::<Result<!, !>>(), `2`);
1246	/// ```
1247	#[inline(always)]
1248	#[must_use]
1249	#[unstable(feature = "variant_count", issue = "73662")]
1250	#[rustc_const_unstable(feature = "variant_count", issue = "73662")]
1251	#[rustc_diagnostic_item = "mem_variant_count"]
1252	pub const fn variant_count<T>() -> usize {
1253	intrinsics::variant_count::<T>()
1254	}
1255
1256	/// Provides associated constants for various useful properties of types,
1257	/// to give them a canonical form in our code and make them easier to read.
1258	///
1259	/// This is here only to simplify all the ZST checks we need in the library.
1260	/// It's not on a stabilization track right now.
1261	#[doc(hidden)]
1262	#[unstable(feature = "sized_type_properties", issue = "none")]
1263	pub trait SizedTypeProperties: Sized {
1264	/// `true` if this type requires no storage.
1265	/// `false` if its [size](size_of) is greater than zero.
1266	///
1267	/// # Examples
1268	///
1269	/// ```
1270	/// #![feature(sized_type_properties)]
1271	/// use core::mem::SizedTypeProperties;
1272	///
1273	/// fn do_something_with<T>() {
1274	/// if T::IS_ZST {
1275	/// // ... special approach ...
1276	/// } else {
1277	/// // ... the normal thing ...
1278	/// }
1279	/// }
1280	///
1281	/// struct MyUnit;
1282	/// assert!(MyUnit::IS_ZST);
1283	///
1284	/// // For negative checks, consider using UFCS to emphasize the negation
1285	/// assert!(!<i32>::IS_ZST);
1286	/// // As it can sometimes hide in the type otherwise
1287	/// assert!(!String::IS_ZST);
1288	/// ```
1289	#[doc(hidden)]
1290	#[unstable(feature = "sized_type_properties", issue = "none")]
1291	const IS_ZST: bool = size_of::<Self>() == `0`;
1292	}
1293	#[doc(hidden)]
1294	#[unstable(feature = "sized_type_properties", issue = "none")]
1295	impl<T> SizedTypeProperties for T {}
1296
1297	/// Expands to the offset in bytes of a field from the beginning of the given type.
1298	///
1299	/// Structs, enums, unions and tuples are supported.
1300	///
1301	/// Nested field accesses may be used, but not array indexes.
1302	///
1303	/// Enum variants may be traversed as if they were fields. Variants themselves do
1304	/// not have an offset.
1305	///
1306	/// However, on stable only a single field name is supported, which blocks the use of
1307	/// enum support.
1308	///
1309	/// Visibility is respected - all types and fields must be visible to the call site:
1310	///
1311	/// ```
1312	/// mod nested {
1313	/// #[repr(C)]
1314	/// pub struct Struct {
1315	/// private: u8,
1316	/// }
1317	/// }
1318	///
1319	/// // assert_eq!(mem::offset_of!(nested::Struct, private), 0);
1320	/// // ^^^ error[E0616]: field `private` of struct `Struct` is private
1321	/// ```
1322	///
1323	/// Note that type layout is, in general, [subject to change and
1324	/// platform-specific](https://doc.rust-lang.org/reference/type-layout.html). If
1325	/// layout stability is required, consider using an [explicit `repr` attribute].
1326	///
1327	/// Rust guarantees that the offset of a given field within a given type will not
1328	/// change over the lifetime of the program. However, two different compilations of
1329	/// the same program may result in different layouts. Also, even within a single
1330	/// program execution, no guarantees are made about types which are similar* but*
1331	/// not identical, e.g.:
1332	///
1333	/// ```
1334	/// struct Wrapper<T, U>(T, U);
1335	///
1336	/// type A = Wrapper<u8, u8>;
1337	/// type B = Wrapper<u8, i8>;
1338	///
1339	/// // Not necessarily identical even though `u8` and `i8` have the same layout!
1340	/// // assert!(mem::offset_of!(A, 1), mem::offset_of!(B, 1));
1341	///
1342	/// #[repr(transparent)]
1343	/// struct U8(u8);
1344	///
1345	/// type C = Wrapper<u8, U8>;
1346	///
1347	/// // Not necessarily identical even though `u8` and `U8` have the same layout!
1348	/// // assert!(mem::offset_of!(A, 1), mem::offset_of!(C, 1));
1349	///
1350	/// struct Empty<T>(core::marker::PhantomData<T>);
1351	///
1352	/// // Not necessarily identical even though `PhantomData` always has the same layout!
1353	/// // assert!(mem::offset_of!(Empty<u8>, 0), mem::offset_of!(Empty<i8>, 0));
1354	/// ```
1355	///
1356	/// [explicit `repr` attribute]: https://doc.rust-lang.org/reference/type-layout.html#representations
1357	///
1358	/// # Examples
1359	///
1360	/// ```
1361	/// #![feature(offset_of_enum, offset_of_nested)]
1362	///
1363	/// use std::mem;
1364	/// #[repr(C)]
1365	/// struct FieldStruct {
1366	/// first: u8,
1367	/// second: u16,
1368	/// third: u8
1369	/// }
1370	///
1371	/// assert_eq!(mem::offset_of!(FieldStruct, first), `0`);
1372	/// assert_eq!(mem::offset_of!(FieldStruct, second), `2`);
1373	/// assert_eq!(mem::offset_of!(FieldStruct, third), `4`);
1374	///
1375	/// #[repr(C)]
1376	/// struct NestedA {
1377	/// b: NestedB
1378	/// }
1379	///
1380	/// #[repr(C)]
1381	/// struct NestedB(u8);
1382	///
1383	/// assert_eq!(mem::offset_of!(NestedA, b.`0`), `0`);
1384	///
1385	/// #[repr(u8)]
1386	/// enum Enum {
1387	/// A(u8, u16),
1388	/// B { one: u8, two: u16 },
1389	/// }
1390	///
1391	/// assert_eq!(mem::offset_of!(Enum, A.`0`), `1`);
1392	/// assert_eq!(mem::offset_of!(Enum, B.two), `2`);
1393	///
1394	/// assert_eq!(mem::offset_of!(Option<&u8>, Some.`0`), `0`);
1395	/// ```
1396	#[cfg(not(bootstrap))]
1397	#[stable(feature = "offset_of", since = "1.77.0")]
1398	#[allow_internal_unstable(builtin_syntax, hint_must_use)]
1399	pub macro offset_of($Container:ty, $($fields:expr)+ $(,)?) {
1400	// The `{}` is for better error messages
1401	crate::hint::must_use({builtin # offset_of($Container, $($fields)+)})
1402	}
1403
1404	#[cfg(bootstrap)]
1405	#[stable(feature = "offset_of", since = "1.77.0")]
1406	#[allow_internal_unstable(builtin_syntax, hint_must_use)]
1407	#[allow(missing_docs)]
1408	pub macro offset_of($Container:ty, $($fields:tt).+ $(,)?) {
1409	// The `{}` is for better error messages
1410	crate::hint::must_use({builtin # offset_of($Container, $($fields).+)})
1411	}
1412