Require Error = ! for "infallible allocation

Author: Ericson2314

src/alloc/mod.rs

@@ -14,6 +14,7 @@ pub use liballoc::alloc::{handle_alloc_error, Layout};
 use std::alloc::System;
 
 mod panic_adaptor;
+pub use self::panic_adaptor::PanicAdapter;
 
 /// Allocate memory with the global allocator.
 ///

src/boxed.rs

@@ -79,11 +79,10 @@
 //! [`NonZeroLayout::for_value(&*value)`]: crate::alloc::NonZeroLayout::for_value
 
 use crate::{
-    alloc::{AllocRef, BuildAllocRef, DeallocRef, Global, NonZeroLayout},
+    alloc::{AllocRef, BuildAllocRef, DeallocRef, Global, NonZeroLayout, PanicAdapter},
     clone::CloneIn,
     collections::CollectionAllocErr,
     raw_vec::RawVec,
-    UncheckedResultExt,
 };
 use core::{
     any::Any,
@@ -105,7 +104,7 @@ use core::{
 /// A pointer type for heap allocation.
 ///
 /// See the [module-level documentation](index.html) for more.
-pub struct Box<T: ?Sized, A: DeallocRef = Global> {
+pub struct Box<T: ?Sized, A: DeallocRef = PanicAdapter<Global>> {
     ptr: Unique<T>,
     build_alloc: A::BuildAlloc,
 }
@@ -131,7 +130,7 @@ impl<T> Box<T> {
     #[inline(always)]
     #[must_use]
     pub fn new(x: T) -> Self {
-        Self::new_in(x, Global)
+        Self::new_in(x, PanicAdapter(Global))
     }
 
     /// Constructs a new box with uninitialized contents.
@@ -156,7 +155,7 @@ impl<T> Box<T> {
     #[inline(always)]
     #[must_use]
     pub fn new_uninit() -> Box<mem::MaybeUninit<T>> {
-        Self::new_uninit_in(Global)
+        Self::new_uninit_in(PanicAdapter(Global))
     }
 
     /// Constructs a new `Pin<Box<T>>`. If `T` does not implement `Unpin`, then
@@ -184,8 +183,12 @@ impl<T, A: AllocRef> Box<T, A> {
     /// ```
     #[allow(clippy::inline_always)]
     #[inline(always)]
-    pub fn new_in(x: T, a: A) -> Self {
-        unsafe { Self::try_new_in(x, a).unwrap_unchecked() }
+    pub fn new_in(x: T, a: A) -> Self
+    where
+        A: AllocRef<Error = !>,
+    {
+        let Ok(b) = Self::try_new_in(x, a);
+        b
     }
 
     /// Tries to allocate memory with the given allocator and then places `x` into it.
@@ -234,8 +237,12 @@ impl<T, A: AllocRef> Box<T, A> {
     /// ```
     #[allow(clippy::inline_always)]
     #[inline(always)]
-    pub fn new_uninit_in(a: A) -> Box<mem::MaybeUninit<T>, A> {
-        unsafe { Self::try_new_uninit_in(a).unwrap_unchecked() }
+    pub fn new_uninit_in(a: A) -> Box<mem::MaybeUninit<T>, A>
+    where
+        A: AllocRef<Error = !>,
+    {
+        let Ok(b) = Self::try_new_uninit_in(a);
+        b
     }
 
     /// Tries to construct a new box with uninitialized contents in a specified allocator.
@@ -271,8 +278,12 @@ impl<T, A: AllocRef> Box<T, A> {
     /// `Unpin`, then `x` will be pinned in memory and unable to be moved.
     #[allow(clippy::inline_always)]
     #[inline(always)]
-    pub fn pin_in(x: T, a: A) -> Pin<Self> {
-        unsafe { Self::try_pin_in(x, a).unwrap_unchecked() }
+    pub fn pin_in(x: T, a: A) -> Pin<Self>
+    where
+        A: AllocRef<Error = !>,
+    {
+        let Ok(b) = Self::try_pin_in(x, a);
+        b
     }
 
     /// Constructs a new `Pin<Box<T, A>>` with the specified allocator. If `T` does not implement
@@ -309,12 +320,12 @@ impl<T> Box<[T]> {
     #[inline(always)]
     #[must_use]
     pub fn new_uninit_slice(len: usize) -> Box<[mem::MaybeUninit<T>]> {
-        Self::new_uninit_slice_in(len, Global)
+        Self::new_uninit_slice_in(len, PanicAdapter(Global))
     }
 }
 
 #[allow(clippy::use_self)]
-impl<T, A: AllocRef> Box<[T], A> {
+impl<T, A: AllocRef<Error = !>> Box<[T], A> {
     /// Construct a new boxed slice with uninitialized contents with the spoecified allocator.
     ///
     /// # Example
@@ -338,9 +349,17 @@ impl<T, A: AllocRef> Box<[T], A> {
     #[allow(clippy::inline_always)]
     #[inline(always)]
     pub fn new_uninit_slice_in(len: usize, a: A) -> Box<[mem::MaybeUninit<T>], A> {
-        unsafe { Self::try_new_uninit_slice_in(len, a).unwrap_unchecked() }
+        match Self::try_new_uninit_slice_in(len, a) {
+            Ok(b) => b,
+            Err(CollectionAllocErr::CapacityOverflow) => capacity_overflow(),
+            #[allow(unreachable_patterns)] // TODO rustc bug?
+            Err(CollectionAllocErr::AllocError { inner: e, .. }) => e,
+        }
     }
+}
 
+#[allow(clippy::use_self)]
+impl<T, A: AllocRef> Box<[T], A> {
     /// Tries to construct a new boxed slice with uninitialized contents with the spoecified
     /// allocator.
     ///
@@ -503,7 +522,7 @@ impl<T: ?Sized> Box<T> {
     #[allow(clippy::inline_always)]
     #[inline(always)]
     pub unsafe fn from_raw(raw: *mut T) -> Self {
-        Self::from_raw_in(raw, Global)
+        Self::from_raw_in(raw, PanicAdapter(Global))
     }
 }
 
@@ -747,7 +766,7 @@ unsafe impl<#[may_dangle] T: ?Sized, A: DeallocRef> Drop for Box<T, A> {
 impl<T, A> Default for Box<T, A>
 where
     T: Default,
-    A: Default + AllocRef,
+    A: Default + AllocRef<Error = !>,
 {
     #[must_use]
     fn default() -> Self {
@@ -756,7 +775,7 @@ where
 }
 
 #[allow(clippy::use_self)]
-impl<T, A> Default for Box<[T], A>
+impl<T, A: AllocRef<Error = !>> Default for Box<[T], A>
 where
     A: Default + AllocRef,
 {
@@ -773,7 +792,7 @@ unsafe fn from_boxed_utf8_unchecked<A: DeallocRef>(v: Box<[u8], A>) -> Box<str,
 }
 
 #[allow(clippy::use_self)]
-impl<A> Default for Box<str, A>
+impl<A: AllocRef<Error = !>> Default for Box<str, A>
 where
     A: Default + AllocRef,
 {
@@ -783,7 +802,7 @@ where
     }
 }
 
-impl<T: Clone, A> Clone for Box<T, A>
+impl<T: Clone, A: AllocRef<Error = !>> Clone for Box<T, A>
 where
     A: AllocRef,
     A::BuildAlloc: Clone,
@@ -846,7 +865,10 @@ where
 impl<T: Clone, A: AllocRef, B: AllocRef> CloneIn<B> for Box<T, A> {
     type Cloned = Box<T, B>;
 
-    fn clone_in(&self, a: B) -> Self::Cloned {
+    fn clone_in(&self, a: B) -> Self::Cloned
+    where
+        B: AllocRef<Error = !>,
+    {
         Box::new_in(self.as_ref().clone(), a)
     }
 
@@ -947,7 +969,7 @@ impl<T: ?Sized + Hasher, A: DeallocRef> Hasher for Box<T, A> {
     }
 }
 
-impl<T, A> From<T> for Box<T, A>
+impl<T, A: AllocRef<Error = !>> From<T> for Box<T, A>
 where
     A: Default + AllocRef,
 {
@@ -983,7 +1005,7 @@ impl<T: ?Sized, A: DeallocRef> From<Box<T, A>> for Pin<Box<T, A>> {
 #[allow(clippy::use_self)]
 impl<T: Copy, A> From<&[T]> for Box<[T], A>
 where
-    A: Default + AllocRef,
+    A: Default + AllocRef<Error = !>,
 {
     /// Converts a `&[T]` into a `Box<[T], B>`
     ///
@@ -1012,7 +1034,7 @@ where
 #[allow(clippy::use_self)]
 impl<A> From<&str> for Box<str, A>
 where
-    A: Default + AllocRef,
+    A: Default + AllocRef<Error = !>,
 {
     /// Converts a `&str` into a `Box<str>`
     ///
@@ -1272,7 +1294,7 @@ impl_dispatch_from_dyn!(std::alloc::System);
 #[allow(clippy::items_after_statements)]
 impl<T: Clone, A: Clone> Clone for Box<[T], A>
 where
-    A: AllocRef,
+    A: AllocRef<Error = !>,
     A::BuildAlloc: Clone,
 {
     fn clone(&self) -> Self {
@@ -1383,3 +1405,10 @@ impl<F: ?Sized + Future + Unpin, A: DeallocRef> Future for Box<F, A> {
         F::poll(Pin::new(&mut *self), cx)
     }
 }
+
+// One central function responsible for reporting capacity overflows. This'll
+// ensure that the code generation related to these panics is minimal as there's
+// only one location which panics rather than a bunch throughout the module.
+fn capacity_overflow() -> ! {
+    panic!("capacity overflow");
+}

src/clone.rs

@@ -3,7 +3,9 @@ use crate::alloc::AllocRef;
 pub trait CloneIn<A: AllocRef>: Sized {
     type Cloned;
 
-    fn clone_in(&self, a: A) -> Self::Cloned;
+    fn clone_in(&self, a: A) -> Self::Cloned
+    where
+        A: AllocRef<Error = !>;
 
     fn try_clone_in(&self, a: A) -> Result<Self::Cloned, A::Error>;
 }

src/iter.rs

@@ -25,7 +25,9 @@ pub trait TryExtend<A> {
 }
 
 pub trait FromIteratorIn<T, A: AllocRef> {
-    fn from_iter_in<I: IntoIterator<Item = T>>(iter: I, allocator: A) -> Self;
+    fn from_iter_in<I: IntoIterator<Item = T>>(iter: I, allocator: A) -> Self
+    where
+        A: AllocRef<Error = !>;
 
     fn try_from_iter_in<I: IntoIterator<Item = T>>(
         iter: I,
@@ -38,7 +40,10 @@ pub trait FromIteratorIn<T, A: AllocRef> {
 pub trait IteratorExt: Iterator + Sized {
     #[inline]
     #[must_use = "if you really need to exhaust the iterator, consider `.for_each(drop)` instead"]
-    fn collect_in<T: FromIteratorIn<Self::Item, A>, A: AllocRef>(self, allocator: A) -> T {
+    fn collect_in<T: FromIteratorIn<Self::Item, A>, A: AllocRef>(self, allocator: A) -> T
+    where
+        A: AllocRef<Error = !>,
+    {
         FromIteratorIn::from_iter_in(self, allocator)
     }
 

src/lib.rs

@@ -68,7 +68,8 @@
     specialization,
     trusted_len,
     unsized_locals,
-    fn_traits
+    fn_traits,
+    exhaustive_patterns
 )]
 #![cfg_attr(not(feature = "std"), no_std)]
 #![doc(test(attr(
@@ -116,8 +117,6 @@ pub mod vec;
 
 extern crate alloc as liballoc;
 
-mod unchecked_unwrap;
-use self::unchecked_unwrap::*;
 pub use liballoc::{borrow, fmt, rc, slice, sync};
 
 #[macro_export]