Generalize impl<T> Clone for Box<T> to unsized types
#146381
Conversation
rustbot
added
S-waiting-on-review
|
rustbot has assigned @workingjubilee. Use |
This comment has been minimized.
This comment has been minimized.
|
r? library |
|
Failed to set assignee to
|
|
r? libs |
This comment has been minimized.
This comment has been minimized.
| /// | ||
| /// # Safety | ||
| /// | ||
| /// `dest` must be a valid pointer to a valid value of the same concrete type than `self`. |
There was a problem hiding this comment.
Given that trait vtable pointers can be deduplicated, I'm not sure if "the same concrete type" is what we want to require here. cc #146381 (comment) . I.e. it's not possible in general to verify for certain that two dyn Trait pointers with the same metadata actually point to the same erased/concrete type.
There was a problem hiding this comment.
This seems similar to the issue with Rc::get_mut_unchecked, where either:
- if any other pointers exist to this value, we must only write a value that is valid for all those pointers' types/metadatas.
- if there are no other pointers to this value, we can write anything that is valid for this pointer's type/metadata.
There was a problem hiding this comment.
I think this is the right thing. It be not be possible in general, but it is in some cases (eg with TypeId). Another formulation would be that it is safe to create a mutable reference from dest.with_metadata_of(self).
|
As CI is failing, @rustbot author |
rustbot
added
S-waiting-on-author
|
Reminder, once the PR becomes ready for a review, use |
a1phyr
force-pushed
the
box_clone_more
branch
from
f32cd66 to
bdc70ea
Compare
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
a1phyr
force-pushed
the
box_clone_more
branch
from
bdc70ea to
32deea5
Compare
This comment has been minimized.
This comment has been minimized.
a1phyr
force-pushed
the
box_clone_more
branch
from
32deea5 to
6f53c47
Compare
|
This PR was rebased onto a different master commit. Here's a range-diff highlighting what actually changed. Rebasing is a normal part of keeping PRs up to date, so no action is needed—this note is just to help reviewers. |
This comment has been minimized.
This comment has been minimized.
a1phyr
force-pushed
the
box_clone_more
branch
from
6f53c47 to
9cc7f3f
Compare
This comment has been minimized.
This comment has been minimized.
This new module contains a type that is like an uninitialized `Box`, but works with any type, not just `Sized` ones. Additionally, this will be useful for future work on in-place initialization (see rust-lang#142518).
This is necessary to properly support `Clone::clone_from`.
a1phyr
force-pushed
the
box_clone_more
branch
from
9cc7f3f to
84c014a
Compare
a1phyr
force-pushed
the
box_clone_more
branch
from
84c014a to
9331815
Compare
|
@rustbot ready |
rustbot
added
S-waiting-on-review
|
I forgot I was assigned to this and apparently missed that it was ready for review. I'm busy at the moment, so passing off. r? libs |
| #[cfg(not(no_global_oom_handling))] | ||
| pub(crate) unsafe fn new_for_metadata_in(meta: T::Metadata, alloc: A) -> Self { | ||
| let ptr = ptr::from_raw_parts_mut::<T>(ptr::null_mut::<()>(), meta); | ||
| let layout = unsafe { Layout::for_value_raw(ptr) }; |
There was a problem hiding this comment.
What is the safety justification here? AFAICT, this can hit the last case ("otherwise, it is conservatively not allowed to call this function." in https://doc.rust-lang.org/nightly/std/alloc/struct.Layout.html#method.for_value_raw).
We should have safety comments on the unsafe blocks and new_for_metadata_in itself should have a doc comment with requirements to be called.
|
|
||
| let ptr = if layout.size() == 0 { | ||
| let dangling = unsafe { core::num::NonZero::new_unchecked(layout.align()) }; | ||
| NonNull::without_provenance(dangling) |
There was a problem hiding this comment.
| } | ||
|
|
||
| #[stable(feature = "more_box_slice_clone", since = "1.29.0")] | ||
| impl Clone for Box<CStr> { |
There was a problem hiding this comment.
Do we have a unit test or compile test verifying this still exists? Want to avoid accidentally losing it if the unstable feature is removed without noticing that we've shrunk the API surface area.
| // if the concrete types are different, so we never allow them to | ||
| // go through `clone_from`. | ||
| #[inline] | ||
| default fn meta_eq(self, _: Self) -> bool { |
There was a problem hiding this comment.
Hm, I'm not very happy with using specialization for this. At minimum I'd like to get T-types to weigh in before we merge. It seems like if we replaced this with an unconditional 'false', we'd only regress performance for callers of clone_from with slices?
Maybe the right thing is to add MaybeComparable or some such to a bound of Pointee::Metadata and force impls for all things that might be metadata? AFAICT, that would avoid specialization, right?
| | | ||
| LL | struct R { | ||
| | -------- doesn't satisfy `R: Clone` | ||
| | -------- doesn't satisfy `R: CloneToUninit` |
There was a problem hiding this comment.
This seems like an unfortunate regression to probably relatively common diagnostics... especially the lack of the derive suggestion seems not-great. Is there some do_not_recommend attribute or tweak to the compiler we can land that would avoid this regression? CloneToUninit doesn't seem like it should be surfaced to users, at least until it is stabilized, and even then only if you're dealing with something ?Sized I suspect.
rustbot
added
S-waiting-on-author
8 participants
Part of #142518
I had to add a non-default method to
CloneToUninitfor this to work, but I think this is fine. (I did not do the renaming toCloneUnsizedas suggested in #126799 (comment), as this is quite orthogonal)This also adds some infrastructure that will be helpful for in-place initialization.
Commits can be reviewed independently.