Merge pull request #508 from fpdotmonkey/vec-layout-array-chk

Use the newest Layout::array size checks for vec-alloc
3 weeks ago · 28f4ae6967
parent 91044a66c8 9bc0f07e7a
commit 28f4ae6967
2 changed files with 13 additions and 22 deletions
--- a/src/vec/vec-alloc.md
+++ b/src/vec/vec-alloc.md
@ -170,20 +170,17 @@ use std::alloc::{self, Layout};
 impl<T> Vec<T> {
    fn grow(&mut self) {
        let (new_cap, new_layout) = if self.cap == 0 {
-            (1, Layout::array::<T>(1).unwrap())
+            (1, Layout::array::<T>(1))
        } else {
            // This can't overflow since self.cap <= isize::MAX.
            let new_cap = 2 * self.cap;
-
-            // `Layout::array` checks that the number of bytes is <= usize::MAX,
-            // but this is redundant since old_layout.size() <= isize::MAX,
-            // so the `unwrap` should never fail.
-            let new_layout = Layout::array::<T>(new_cap).unwrap();
-            (new_cap, new_layout)
+            (new_cap, Layout::array::<T>(new_cap))
        };

-        // Ensure that the new allocation doesn't exceed `isize::MAX` bytes.
-        assert!(new_layout.size() <= isize::MAX as usize, "Allocation too large");
+        // `Layout::array` checks that the number of bytes allocated is
+        // in 1..=isize::MAX and will error otherwise.  An allocation of
+        // 0 bytes isn't possible thanks to the above condition.
+        let new_layout = new_layout.expect("Allocation too large");

        let new_ptr = if self.cap == 0 {
            unsafe { alloc::alloc(new_layout) }
--- a/src/vec/vec-final.md
+++ b/src/vec/vec-final.md
@ -33,23 +33,17 @@ impl<T> RawVec<T> {
        assert!(mem::size_of::<T>() != 0, "capacity overflow");

        let (new_cap, new_layout) = if self.cap == 0 {
-            (1, Layout::array::<T>(1).unwrap())
+            (1, Layout::array::<T>(1))
        } else {
-            // This can't overflow because we ensure self.cap <= isize::MAX.
+            // This can't overflow since self.cap <= isize::MAX.
            let new_cap = 2 * self.cap;
-
-            // `Layout::array` checks that the number of bytes is <= usize::MAX,
-            // but this is redundant since old_layout.size() <= isize::MAX,
-            // so the `unwrap` should never fail.
-            let new_layout = Layout::array::<T>(new_cap).unwrap();
-            (new_cap, new_layout)
+            (new_cap, Layout::array::<T>(new_cap))
        };

-        // Ensure that the new allocation doesn't exceed `isize::MAX` bytes.
-        assert!(
-            new_layout.size() <= isize::MAX as usize,
-            "Allocation too large"
-        );
+        // `Layout::array` checks that the number of bytes allocated is
+        // in 1..=isize::MAX and will error otherwise.  An allocation of
+        // 0 bytes isn't possible thanks to the above condition.
+        let new_layout = new_layout.expect("Allocation too large");

        let new_ptr = if self.cap == 0 {
            unsafe { alloc::alloc(new_layout) }