3 releases

0.1.2 Oct 10, 2024
0.1.1 Oct 10, 2024
0.1.0 Oct 3, 2024

#121 in Memory management

Download history 165/week @ 2024-09-30 327/week @ 2024-10-07 114/week @ 2024-10-14 76/week @ 2024-10-21 23/week @ 2024-10-28 61/week @ 2024-11-04

291 downloads per month

MIT/Apache

32KB
755 lines

Overview

The alloc-checked crate provides wrapper types for common collections that require an explicit allocator and return a Result instead of panicking on allocation failure.

The wrapper collection types provide two main benefits:

  • They can't be used incorrectly by virtue of lacking APIs which panic.
  • Provide additional convenience methods for working with the collection in a checked manner.

Restrictions

The crate requires a recent build of the Rust "nightly" compiler, as it uses the allocator_api feature.

No Std

By default, the crate compiles against the Rust standard library.

The crate is also #![no_std] compatible via the no_std feature. When compiled in no_std mode, it still relies on the alloc, core crates.

Usage

Add the dependency

cargo add alloc-checked # --features no_std

Chances are you might have been using Vec in a few places. Import the type you need

use alloc_checked::vec::Vec;

let vec = Vec::new_in(your_allocator);
vec.push(42)?;  // -> Result<(), TryReserveError>

and fix any resulting compile errors.

Along the way, you probably want to implement the From trait for your error type to make it easier to bubble up allocation errors.

use alloc::AllocError;
use alloc::collections::TryReserveError;

impl From<AllocError> for YourErrorType { /* ... */ }
impl From<TryReserveError> for YourErrorType { /* ... */ }

Current state of the project and design philosophy

We (QuestDB) are adding to this crate on a per-need basis. There's currently decent support for the Vec type, with more types to come. Contributions are quite welcome even if they extend beyond our needs.

The core design philosophy here is that it should never be possible to use this crate in a way that it silently allocates memory. Having a different type that can't be misused also allows for improved API ergonomics.

As a small example, std's Vec has both fn with_capacity_in(alloc: Allocator) -> Vec and fn try_with_capacity_in(alloc: Allocator) -> Result<Vec, TryReserveError> variants.

The Vec implementation in alloc-checked has a single fn with_capacity_in(alloc: Allocator) -> Vec, likewise many common methods that silently panic in the standard library, here return a Result instead with the idea of an easier code migration.

License

Licensed under either of

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

No runtime deps

Features