alloc/
boxed.rs

1//! The `Box<T>` type for heap allocation.
2//!
3//! [`Box<T>`], casually referred to as a 'box', provides the simplest form of
4//! heap allocation in Rust. Boxes provide ownership for this allocation, and
5//! drop their contents when they go out of scope. Boxes also ensure that they
6//! never allocate more than `isize::MAX` bytes.
7//!
8//! # Examples
9//!
10//! Move a value from the stack to the heap by creating a [`Box`]:
11//!
12//! ```
13//! let val: u8 = 5;
14//! let boxed: Box<u8> = Box::new(val);
15//! ```
16//!
17//! Move a value from a [`Box`] back to the stack by [dereferencing]:
18//!
19//! ```
20//! let boxed: Box<u8> = Box::new(5);
21//! let val: u8 = *boxed;
22//! ```
23//!
24//! Creating a recursive data structure:
25//!
26//! ```
27//! # #[allow(dead_code)]
28//! #[derive(Debug)]
29//! enum List<T> {
30//!     Cons(T, Box<List<T>>),
31//!     Nil,
32//! }
33//!
34//! let list: List<i32> = List::Cons(1, Box::new(List::Cons(2, Box::new(List::Nil))));
35//! println!("{list:?}");
36//! ```
37//!
38//! This will print `Cons(1, Cons(2, Nil))`.
39//!
40//! Recursive structures must be boxed, because if the definition of `Cons`
41//! looked like this:
42//!
43//! ```compile_fail,E0072
44//! # enum List<T> {
45//! Cons(T, List<T>),
46//! # }
47//! ```
48//!
49//! It wouldn't work. This is because the size of a `List` depends on how many
50//! elements are in the list, and so we don't know how much memory to allocate
51//! for a `Cons`. By introducing a [`Box<T>`], which has a defined size, we know how
52//! big `Cons` needs to be.
53//!
54//! # Memory layout
55//!
56//! For non-zero-sized values, a [`Box`] will use the [`Global`] allocator for its allocation. It is
57//! valid to convert both ways between a [`Box`] and a raw pointer allocated with the [`Global`]
58//! allocator, given that the [`Layout`] used with the allocator is correct for the type and the raw
59//! pointer points to a valid value of the right type. More precisely, a `value: *mut T` that has
60//! been allocated with the [`Global`] allocator with `Layout::for_value(&*value)` may be converted
61//! into a box using [`Box::<T>::from_raw(value)`]. Conversely, the memory backing a `value: *mut T`
62//! obtained from [`Box::<T>::into_raw`] may be deallocated using the [`Global`] allocator with
63//! [`Layout::for_value(&*value)`].
64//!
65//! For zero-sized values, the `Box` pointer has to be non-null and sufficiently aligned. The
66//! recommended way to build a Box to a ZST if `Box::new` cannot be used is to use
67//! [`ptr::NonNull::dangling`].
68//!
69//! On top of these basic layout requirements, a `Box<T>` must point to a valid value of `T`.
70//!
71//! So long as `T: Sized`, a `Box<T>` is guaranteed to be represented
72//! as a single pointer and is also ABI-compatible with C pointers
73//! (i.e. the C type `T*`). This means that if you have extern "C"
74//! Rust functions that will be called from C, you can define those
75//! Rust functions using `Box<T>` types, and use `T*` as corresponding
76//! type on the C side. As an example, consider this C header which
77//! declares functions that create and destroy some kind of `Foo`
78//! value:
79//!
80//! ```c
81//! /* C header */
82//!
83//! /* Returns ownership to the caller */
84//! struct Foo* foo_new(void);
85//!
86//! /* Takes ownership from the caller; no-op when invoked with null */
87//! void foo_delete(struct Foo*);
88//! ```
89//!
90//! These two functions might be implemented in Rust as follows. Here, the
91//! `struct Foo*` type from C is translated to `Box<Foo>`, which captures
92//! the ownership constraints. Note also that the nullable argument to
93//! `foo_delete` is represented in Rust as `Option<Box<Foo>>`, since `Box<Foo>`
94//! cannot be null.
95//!
96//! ```
97//! #[repr(C)]
98//! pub struct Foo;
99//!
100//! #[unsafe(no_mangle)]
101//! pub extern "C" fn foo_new() -> Box<Foo> {
102//!     Box::new(Foo)
103//! }
104//!
105//! #[unsafe(no_mangle)]
106//! pub extern "C" fn foo_delete(_: Option<Box<Foo>>) {}
107//! ```
108//!
109//! Even though `Box<T>` has the same representation and C ABI as a C pointer,
110//! this does not mean that you can convert an arbitrary `T*` into a `Box<T>`
111//! and expect things to work. `Box<T>` values will always be fully aligned,
112//! non-null pointers. Moreover, the destructor for `Box<T>` will attempt to
113//! free the value with the global allocator. In general, the best practice
114//! is to only use `Box<T>` for pointers that originated from the global
115//! allocator.
116//!
117//! **Important.** At least at present, you should avoid using
118//! `Box<T>` types for functions that are defined in C but invoked
119//! from Rust. In those cases, you should directly mirror the C types
120//! as closely as possible. Using types like `Box<T>` where the C
121//! definition is just using `T*` can lead to undefined behavior, as
122//! described in [rust-lang/unsafe-code-guidelines#198][ucg#198].
123//!
124//! # Considerations for unsafe code
125//!
126//! **Warning: This section is not normative and is subject to change, possibly
127//! being relaxed in the future! It is a simplified summary of the rules
128//! currently implemented in the compiler.**
129//!
130//! The aliasing rules for `Box<T>` are the same as for `&mut T`. `Box<T>`
131//! asserts uniqueness over its content. Using raw pointers derived from a box
132//! after that box has been mutated through, moved or borrowed as `&mut T`
133//! is not allowed. For more guidance on working with box from unsafe code, see
134//! [rust-lang/unsafe-code-guidelines#326][ucg#326].
135//!
136//! # Editions
137//!
138//! A special case exists for the implementation of `IntoIterator` for arrays on the Rust 2021
139//! edition, as documented [here][array]. Unfortunately, it was later found that a similar
140//! workaround should be added for boxed slices, and this was applied in the 2024 edition.
141//!
142//! Specifically, `IntoIterator` is implemented for `Box<[T]>` on all editions, but specific calls
143//! to `into_iter()` for boxed slices will defer to the slice implementation on editions before
144//! 2024:
145//!
146//! ```rust,edition2021
147//! // Rust 2015, 2018, and 2021:
148//!
149//! # #![allow(boxed_slice_into_iter)] // override our `deny(warnings)`
150//! let boxed_slice: Box<[i32]> = vec![0; 3].into_boxed_slice();
151//!
152//! // This creates a slice iterator, producing references to each value.
153//! for item in boxed_slice.into_iter().enumerate() {
154//!     let (i, x): (usize, &i32) = item;
155//!     println!("boxed_slice[{i}] = {x}");
156//! }
157//!
158//! // The `boxed_slice_into_iter` lint suggests this change for future compatibility:
159//! for item in boxed_slice.iter().enumerate() {
160//!     let (i, x): (usize, &i32) = item;
161//!     println!("boxed_slice[{i}] = {x}");
162//! }
163//!
164//! // You can explicitly iterate a boxed slice by value using `IntoIterator::into_iter`
165//! for item in IntoIterator::into_iter(boxed_slice).enumerate() {
166//!     let (i, x): (usize, i32) = item;
167//!     println!("boxed_slice[{i}] = {x}");
168//! }
169//! ```
170//!
171//! Similar to the array implementation, this may be modified in the future to remove this override,
172//! and it's best to avoid relying on this edition-dependent behavior if you wish to preserve
173//! compatibility with future versions of the compiler.
174//!
175//! [ucg#198]: https://github.com/rust-lang/unsafe-code-guidelines/issues/198
176//! [ucg#326]: https://github.com/rust-lang/unsafe-code-guidelines/issues/326
177//! [dereferencing]: core::ops::Deref
178//! [`Box::<T>::from_raw(value)`]: Box::from_raw
179//! [`Global`]: crate::alloc::Global
180//! [`Layout`]: crate::alloc::Layout
181//! [`Layout::for_value(&*value)`]: crate::alloc::Layout::for_value
182//! [valid]: ptr#safety
183
184#![stable(feature = "rust1", since = "1.0.0")]
185
186use core::borrow::{Borrow, BorrowMut};
187#[cfg(not(no_global_oom_handling))]
188use core::clone::CloneToUninit;
189use core::cmp::Ordering;
190use core::error::{self, Error};
191use core::fmt;
192use core::future::Future;
193use core::hash::{Hash, Hasher};
194use core::marker::{PointerLike, Tuple, Unsize};
195use core::mem::{self, SizedTypeProperties};
196use core::ops::{
197    AsyncFn, AsyncFnMut, AsyncFnOnce, CoerceUnsized, Coroutine, CoroutineState, Deref, DerefMut,
198    DerefPure, DispatchFromDyn, LegacyReceiver,
199};
200use core::pin::{Pin, PinCoerceUnsized};
201use core::ptr::{self, NonNull, Unique};
202use core::task::{Context, Poll};
203
204#[cfg(not(no_global_oom_handling))]
205use crate::alloc::handle_alloc_error;
206use crate::alloc::{AllocError, Allocator, Global, Layout};
207use crate::raw_vec::RawVec;
208#[cfg(not(no_global_oom_handling))]
209use crate::str::from_boxed_utf8_unchecked;
210
211/// Conversion related impls for `Box<_>` (`From`, `downcast`, etc)
212mod convert;
213/// Iterator related impls for `Box<_>`.
214mod iter;
215/// [`ThinBox`] implementation.
216mod thin;
217
218#[unstable(feature = "thin_box", issue = "92791")]
219pub use thin::ThinBox;
220
221/// A pointer type that uniquely owns a heap allocation of type `T`.
222///
223/// See the [module-level documentation](../../std/boxed/index.html) for more.
224#[lang = "owned_box"]
225#[fundamental]
226#[stable(feature = "rust1", since = "1.0.0")]
227#[rustc_insignificant_dtor]
228#[doc(search_unbox)]
229// The declaration of the `Box` struct must be kept in sync with the
230// compiler or ICEs will happen.
231pub struct Box<
232    T: ?Sized,
233    #[unstable(feature = "allocator_api", issue = "32838")] A: Allocator = Global,
234>(Unique<T>, A);
235
236/// Constructs a `Box<T>` by calling the `exchange_malloc` lang item and moving the argument into
237/// the newly allocated memory. This is an intrinsic to avoid unnecessary copies.
238///
239/// This is the surface syntax for `box <expr>` expressions.
240#[rustc_intrinsic]
241#[unstable(feature = "liballoc_internals", issue = "none")]
242pub fn box_new<T>(x: T) -> Box<T>;
243
244impl<T> Box<T> {
245    /// Allocates memory on the heap and then places `x` into it.
246    ///
247    /// This doesn't actually allocate if `T` is zero-sized.
248    ///
249    /// # Examples
250    ///
251    /// ```
252    /// let five = Box::new(5);
253    /// ```
254    #[cfg(not(no_global_oom_handling))]
255    #[inline(always)]
256    #[stable(feature = "rust1", since = "1.0.0")]
257    #[must_use]
258    #[rustc_diagnostic_item = "box_new"]
259    #[cfg_attr(miri, track_caller)] // even without panics, this helps for Miri backtraces
260    pub fn new(x: T) -> Self {
261        return box_new(x);
262    }
263
264    /// Constructs a new box with uninitialized contents.
265    ///
266    /// # Examples
267    ///
268    /// ```
269    /// let mut five = Box::<u32>::new_uninit();
270    /// // Deferred initialization:
271    /// five.write(5);
272    /// let five = unsafe { five.assume_init() };
273    ///
274    /// assert_eq!(*five, 5)
275    /// ```
276    #[cfg(not(no_global_oom_handling))]
277    #[stable(feature = "new_uninit", since = "1.82.0")]
278    #[must_use]
279    #[inline]
280    pub fn new_uninit() -> Box<mem::MaybeUninit<T>> {
281        Self::new_uninit_in(Global)
282    }
283
284    /// Constructs a new `Box` with uninitialized contents, with the memory
285    /// being filled with `0` bytes.
286    ///
287    /// See [`MaybeUninit::zeroed`][zeroed] for examples of correct and incorrect usage
288    /// of this method.
289    ///
290    /// # Examples
291    ///
292    /// ```
293    /// #![feature(new_zeroed_alloc)]
294    ///
295    /// let zero = Box::<u32>::new_zeroed();
296    /// let zero = unsafe { zero.assume_init() };
297    ///
298    /// assert_eq!(*zero, 0)
299    /// ```
300    ///
301    /// [zeroed]: mem::MaybeUninit::zeroed
302    #[cfg(not(no_global_oom_handling))]
303    #[inline]
304    #[unstable(feature = "new_zeroed_alloc", issue = "129396")]
305    #[must_use]
306    pub fn new_zeroed() -> Box<mem::MaybeUninit<T>> {
307        Self::new_zeroed_in(Global)
308    }
309
310    /// Constructs a new `Pin<Box<T>>`. If `T` does not implement [`Unpin`], then
311    /// `x` will be pinned in memory and unable to be moved.
312    ///
313    /// Constructing and pinning of the `Box` can also be done in two steps: `Box::pin(x)`
314    /// does the same as <code>[Box::into_pin]\([Box::new]\(x))</code>. Consider using
315    /// [`into_pin`](Box::into_pin) if you already have a `Box<T>`, or if you want to
316    /// construct a (pinned) `Box` in a different way than with [`Box::new`].
317    #[cfg(not(no_global_oom_handling))]
318    #[stable(feature = "pin", since = "1.33.0")]
319    #[must_use]
320    #[inline(always)]
321    pub fn pin(x: T) -> Pin<Box<T>> {
322        Box::new(x).into()
323    }
324
325    /// Allocates memory on the heap then places `x` into it,
326    /// returning an error if the allocation fails
327    ///
328    /// This doesn't actually allocate if `T` is zero-sized.
329    ///
330    /// # Examples
331    ///
332    /// ```
333    /// #![feature(allocator_api)]
334    ///
335    /// let five = Box::try_new(5)?;
336    /// # Ok::<(), std::alloc::AllocError>(())
337    /// ```
338    #[unstable(feature = "allocator_api", issue = "32838")]
339    #[inline]
340    pub fn try_new(x: T) -> Result<Self, AllocError> {
341        Self::try_new_in(x, Global)
342    }
343
344    /// Constructs a new box with uninitialized contents on the heap,
345    /// returning an error if the allocation fails
346    ///
347    /// # Examples
348    ///
349    /// ```
350    /// #![feature(allocator_api)]
351    ///
352    /// let mut five = Box::<u32>::try_new_uninit()?;
353    /// // Deferred initialization:
354    /// five.write(5);
355    /// let five = unsafe { five.assume_init() };
356    ///
357    /// assert_eq!(*five, 5);
358    /// # Ok::<(), std::alloc::AllocError>(())
359    /// ```
360    #[unstable(feature = "allocator_api", issue = "32838")]
361    // #[unstable(feature = "new_uninit", issue = "63291")]
362    #[inline]
363    pub fn try_new_uninit() -> Result<Box<mem::MaybeUninit<T>>, AllocError> {
364        Box::try_new_uninit_in(Global)
365    }
366
367    /// Constructs a new `Box` with uninitialized contents, with the memory
368    /// being filled with `0` bytes on the heap
369    ///
370    /// See [`MaybeUninit::zeroed`][zeroed] for examples of correct and incorrect usage
371    /// of this method.
372    ///
373    /// # Examples
374    ///
375    /// ```
376    /// #![feature(allocator_api)]
377    ///
378    /// let zero = Box::<u32>::try_new_zeroed()?;
379    /// let zero = unsafe { zero.assume_init() };
380    ///
381    /// assert_eq!(*zero, 0);
382    /// # Ok::<(), std::alloc::AllocError>(())
383    /// ```
384    ///
385    /// [zeroed]: mem::MaybeUninit::zeroed
386    #[unstable(feature = "allocator_api", issue = "32838")]
387    // #[unstable(feature = "new_uninit", issue = "63291")]
388    #[inline]
389    pub fn try_new_zeroed() -> Result<Box<mem::MaybeUninit<T>>, AllocError> {
390        Box::try_new_zeroed_in(Global)
391    }
392}
393
394impl<T, A: Allocator> Box<T, A> {
395    /// Allocates memory in the given allocator then places `x` into it.
396    ///
397    /// This doesn't actually allocate if `T` is zero-sized.
398    ///
399    /// # Examples
400    ///
401    /// ```
402    /// #![feature(allocator_api)]
403    ///
404    /// use std::alloc::System;
405    ///
406    /// let five = Box::new_in(5, System);
407    /// ```
408    #[cfg(not(no_global_oom_handling))]
409    #[unstable(feature = "allocator_api", issue = "32838")]
410    #[must_use]
411    #[inline]
412    pub fn new_in(x: T, alloc: A) -> Self
413    where
414        A: Allocator,
415    {
416        let mut boxed = Self::new_uninit_in(alloc);
417        boxed.write(x);
418        unsafe { boxed.assume_init() }
419    }
420
421    /// Allocates memory in the given allocator then places `x` into it,
422    /// returning an error if the allocation fails
423    ///
424    /// This doesn't actually allocate if `T` is zero-sized.
425    ///
426    /// # Examples
427    ///
428    /// ```
429    /// #![feature(allocator_api)]
430    ///
431    /// use std::alloc::System;
432    ///
433    /// let five = Box::try_new_in(5, System)?;
434    /// # Ok::<(), std::alloc::AllocError>(())
435    /// ```
436    #[unstable(feature = "allocator_api", issue = "32838")]
437    #[inline]
438    pub fn try_new_in(x: T, alloc: A) -> Result<Self, AllocError>
439    where
440        A: Allocator,
441    {
442        let mut boxed = Self::try_new_uninit_in(alloc)?;
443        boxed.write(x);
444        unsafe { Ok(boxed.assume_init()) }
445    }
446
447    /// Constructs a new box with uninitialized contents in the provided allocator.
448    ///
449    /// # Examples
450    ///
451    /// ```
452    /// #![feature(allocator_api)]
453    ///
454    /// use std::alloc::System;
455    ///
456    /// let mut five = Box::<u32, _>::new_uninit_in(System);
457    /// // Deferred initialization:
458    /// five.write(5);
459    /// let five = unsafe { five.assume_init() };
460    ///
461    /// assert_eq!(*five, 5)
462    /// ```
463    #[unstable(feature = "allocator_api", issue = "32838")]
464    #[cfg(not(no_global_oom_handling))]
465    #[must_use]
466    // #[unstable(feature = "new_uninit", issue = "63291")]
467    pub fn new_uninit_in(alloc: A) -> Box<mem::MaybeUninit<T>, A>
468    where
469        A: Allocator,
470    {
471        let layout = Layout::new::<mem::MaybeUninit<T>>();
472        // NOTE: Prefer match over unwrap_or_else since closure sometimes not inlineable.
473        // That would make code size bigger.
474        match Box::try_new_uninit_in(alloc) {
475            Ok(m) => m,
476            Err(_) => handle_alloc_error(layout),
477        }
478    }
479
480    /// Constructs a new box with uninitialized contents in the provided allocator,
481    /// returning an error if the allocation fails
482    ///
483    /// # Examples
484    ///
485    /// ```
486    /// #![feature(allocator_api)]
487    ///
488    /// use std::alloc::System;
489    ///
490    /// let mut five = Box::<u32, _>::try_new_uninit_in(System)?;
491    /// // Deferred initialization:
492    /// five.write(5);
493    /// let five = unsafe { five.assume_init() };
494    ///
495    /// assert_eq!(*five, 5);
496    /// # Ok::<(), std::alloc::AllocError>(())
497    /// ```
498    #[unstable(feature = "allocator_api", issue = "32838")]
499    // #[unstable(feature = "new_uninit", issue = "63291")]
500    pub fn try_new_uninit_in(alloc: A) -> Result<Box<mem::MaybeUninit<T>, A>, AllocError>
501    where
502        A: Allocator,
503    {
504        let ptr = if T::IS_ZST {
505            NonNull::dangling()
506        } else {
507            let layout = Layout::new::<mem::MaybeUninit<T>>();
508            alloc.allocate(layout)?.cast()
509        };
510        unsafe { Ok(Box::from_raw_in(ptr.as_ptr(), alloc)) }
511    }
512
513    /// Constructs a new `Box` with uninitialized contents, with the memory
514    /// being filled with `0` bytes in the provided allocator.
515    ///
516    /// See [`MaybeUninit::zeroed`][zeroed] for examples of correct and incorrect usage
517    /// of this method.
518    ///
519    /// # Examples
520    ///
521    /// ```
522    /// #![feature(allocator_api)]
523    ///
524    /// use std::alloc::System;
525    ///
526    /// let zero = Box::<u32, _>::new_zeroed_in(System);
527    /// let zero = unsafe { zero.assume_init() };
528    ///
529    /// assert_eq!(*zero, 0)
530    /// ```
531    ///
532    /// [zeroed]: mem::MaybeUninit::zeroed
533    #[unstable(feature = "allocator_api", issue = "32838")]
534    #[cfg(not(no_global_oom_handling))]
535    // #[unstable(feature = "new_uninit", issue = "63291")]
536    #[must_use]
537    pub fn new_zeroed_in(alloc: A) -> Box<mem::MaybeUninit<T>, A>
538    where
539        A: Allocator,
540    {
541        let layout = Layout::new::<mem::MaybeUninit<T>>();
542        // NOTE: Prefer match over unwrap_or_else since closure sometimes not inlineable.
543        // That would make code size bigger.
544        match Box::try_new_zeroed_in(alloc) {
545            Ok(m) => m,
546            Err(_) => handle_alloc_error(layout),
547        }
548    }
549
550    /// Constructs a new `Box` with uninitialized contents, with the memory
551    /// being filled with `0` bytes in the provided allocator,
552    /// returning an error if the allocation fails,
553    ///
554    /// See [`MaybeUninit::zeroed`][zeroed] for examples of correct and incorrect usage
555    /// of this method.
556    ///
557    /// # Examples
558    ///
559    /// ```
560    /// #![feature(allocator_api)]
561    ///
562    /// use std::alloc::System;
563    ///
564    /// let zero = Box::<u32, _>::try_new_zeroed_in(System)?;
565    /// let zero = unsafe { zero.assume_init() };
566    ///
567    /// assert_eq!(*zero, 0);
568    /// # Ok::<(), std::alloc::AllocError>(())
569    /// ```
570    ///
571    /// [zeroed]: mem::MaybeUninit::zeroed
572    #[unstable(feature = "allocator_api", issue = "32838")]
573    // #[unstable(feature = "new_uninit", issue = "63291")]
574    pub fn try_new_zeroed_in(alloc: A) -> Result<Box<mem::MaybeUninit<T>, A>, AllocError>
575    where
576        A: Allocator,
577    {
578        let ptr = if T::IS_ZST {
579            NonNull::dangling()
580        } else {
581            let layout = Layout::new::<mem::MaybeUninit<T>>();
582            alloc.allocate_zeroed(layout)?.cast()
583        };
584        unsafe { Ok(Box::from_raw_in(ptr.as_ptr(), alloc)) }
585    }
586
587    /// Constructs a new `Pin<Box<T, A>>`. If `T` does not implement [`Unpin`], then
588    /// `x` will be pinned in memory and unable to be moved.
589    ///
590    /// Constructing and pinning of the `Box` can also be done in two steps: `Box::pin_in(x, alloc)`
591    /// does the same as <code>[Box::into_pin]\([Box::new_in]\(x, alloc))</code>. Consider using
592    /// [`into_pin`](Box::into_pin) if you already have a `Box<T, A>`, or if you want to
593    /// construct a (pinned) `Box` in a different way than with [`Box::new_in`].
594    #[cfg(not(no_global_oom_handling))]
595    #[unstable(feature = "allocator_api", issue = "32838")]
596    #[must_use]
597    #[inline(always)]
598    pub fn pin_in(x: T, alloc: A) -> Pin<Self>
599    where
600        A: 'static + Allocator,
601    {
602        Self::into_pin(Self::new_in(x, alloc))
603    }
604
605    /// Converts a `Box<T>` into a `Box<[T]>`
606    ///
607    /// This conversion does not allocate on the heap and happens in place.
608    #[unstable(feature = "box_into_boxed_slice", issue = "71582")]
609    pub fn into_boxed_slice(boxed: Self) -> Box<[T], A> {
610        let (raw, alloc) = Box::into_raw_with_allocator(boxed);
611        unsafe { Box::from_raw_in(raw as *mut [T; 1], alloc) }
612    }
613
614    /// Consumes the `Box`, returning the wrapped value.
615    ///
616    /// # Examples
617    ///
618    /// ```
619    /// #![feature(box_into_inner)]
620    ///
621    /// let c = Box::new(5);
622    ///
623    /// assert_eq!(Box::into_inner(c), 5);
624    /// ```
625    #[unstable(feature = "box_into_inner", issue = "80437")]
626    #[inline]
627    pub fn into_inner(boxed: Self) -> T {
628        *boxed
629    }
630}
631
632impl<T> Box<[T]> {
633    /// Constructs a new boxed slice with uninitialized contents.
634    ///
635    /// # Examples
636    ///
637    /// ```
638    /// let mut values = Box::<[u32]>::new_uninit_slice(3);
639    /// // Deferred initialization:
640    /// values[0].write(1);
641    /// values[1].write(2);
642    /// values[2].write(3);
643    /// let values = unsafe {values.assume_init() };
644    ///
645    /// assert_eq!(*values, [1, 2, 3])
646    /// ```
647    #[cfg(not(no_global_oom_handling))]
648    #[stable(feature = "new_uninit", since = "1.82.0")]
649    #[must_use]
650    pub fn new_uninit_slice(len: usize) -> Box<[mem::MaybeUninit<T>]> {
651        unsafe { RawVec::with_capacity(len).into_box(len) }
652    }
653
654    /// Constructs a new boxed slice with uninitialized contents, with the memory
655    /// being filled with `0` bytes.
656    ///
657    /// See [`MaybeUninit::zeroed`][zeroed] for examples of correct and incorrect usage
658    /// of this method.
659    ///
660    /// # Examples
661    ///
662    /// ```
663    /// #![feature(new_zeroed_alloc)]
664    ///
665    /// let values = Box::<[u32]>::new_zeroed_slice(3);
666    /// let values = unsafe { values.assume_init() };
667    ///
668    /// assert_eq!(*values, [0, 0, 0])
669    /// ```
670    ///
671    /// [zeroed]: mem::MaybeUninit::zeroed
672    #[cfg(not(no_global_oom_handling))]
673    #[unstable(feature = "new_zeroed_alloc", issue = "129396")]
674    #[must_use]
675    pub fn new_zeroed_slice(len: usize) -> Box<[mem::MaybeUninit<T>]> {
676        unsafe { RawVec::with_capacity_zeroed(len).into_box(len) }
677    }
678
679    /// Constructs a new boxed slice with uninitialized contents. Returns an error if
680    /// the allocation fails.
681    ///
682    /// # Examples
683    ///
684    /// ```
685    /// #![feature(allocator_api)]
686    ///
687    /// let mut values = Box::<[u32]>::try_new_uninit_slice(3)?;
688    /// // Deferred initialization:
689    /// values[0].write(1);
690    /// values[1].write(2);
691    /// values[2].write(3);
692    /// let values = unsafe { values.assume_init() };
693    ///
694    /// assert_eq!(*values, [1, 2, 3]);
695    /// # Ok::<(), std::alloc::AllocError>(())
696    /// ```
697    #[unstable(feature = "allocator_api", issue = "32838")]
698    #[inline]
699    pub fn try_new_uninit_slice(len: usize) -> Result<Box<[mem::MaybeUninit<T>]>, AllocError> {
700        let ptr = if T::IS_ZST || len == 0 {
701            NonNull::dangling()
702        } else {
703            let layout = match Layout::array::<mem::MaybeUninit<T>>(len) {
704                Ok(l) => l,
705                Err(_) => return Err(AllocError),
706            };
707            Global.allocate(layout)?.cast()
708        };
709        unsafe { Ok(RawVec::from_raw_parts_in(ptr.as_ptr(), len, Global).into_box(len)) }
710    }
711
712    /// Constructs a new boxed slice with uninitialized contents, with the memory
713    /// being filled with `0` bytes. Returns an error if the allocation fails.
714    ///
715    /// See [`MaybeUninit::zeroed`][zeroed] for examples of correct and incorrect usage
716    /// of this method.
717    ///
718    /// # Examples
719    ///
720    /// ```
721    /// #![feature(allocator_api)]
722    ///
723    /// let values = Box::<[u32]>::try_new_zeroed_slice(3)?;
724    /// let values = unsafe { values.assume_init() };
725    ///
726    /// assert_eq!(*values, [0, 0, 0]);
727    /// # Ok::<(), std::alloc::AllocError>(())
728    /// ```
729    ///
730    /// [zeroed]: mem::MaybeUninit::zeroed
731    #[unstable(feature = "allocator_api", issue = "32838")]
732    #[inline]
733    pub fn try_new_zeroed_slice(len: usize) -> Result<Box<[mem::MaybeUninit<T>]>, AllocError> {
734        let ptr = if T::IS_ZST || len == 0 {
735            NonNull::dangling()
736        } else {
737            let layout = match Layout::array::<mem::MaybeUninit<T>>(len) {
738                Ok(l) => l,
739                Err(_) => return Err(AllocError),
740            };
741            Global.allocate_zeroed(layout)?.cast()
742        };
743        unsafe { Ok(RawVec::from_raw_parts_in(ptr.as_ptr(), len, Global).into_box(len)) }
744    }
745
746    /// Converts the boxed slice into a boxed array.
747    ///
748    /// This operation does not reallocate; the underlying array of the slice is simply reinterpreted as an array type.
749    ///
750    /// If `N` is not exactly equal to the length of `self`, then this method returns `None`.
751    #[unstable(feature = "slice_as_array", issue = "133508")]
752    #[inline]
753    #[must_use]
754    pub fn into_array<const N: usize>(self) -> Option<Box<[T; N]>> {
755        if self.len() == N {
756            let ptr = Self::into_raw(self) as *mut [T; N];
757
758            // SAFETY: The underlying array of a slice has the exact same layout as an actual array `[T; N]` if `N` is equal to the slice's length.
759            let me = unsafe { Box::from_raw(ptr) };
760            Some(me)
761        } else {
762            None
763        }
764    }
765}
766
767impl<T, A: Allocator> Box<[T], A> {
768    /// Constructs a new boxed slice with uninitialized contents in the provided allocator.
769    ///
770    /// # Examples
771    ///
772    /// ```
773    /// #![feature(allocator_api)]
774    ///
775    /// use std::alloc::System;
776    ///
777    /// let mut values = Box::<[u32], _>::new_uninit_slice_in(3, System);
778    /// // Deferred initialization:
779    /// values[0].write(1);
780    /// values[1].write(2);
781    /// values[2].write(3);
782    /// let values = unsafe { values.assume_init() };
783    ///
784    /// assert_eq!(*values, [1, 2, 3])
785    /// ```
786    #[cfg(not(no_global_oom_handling))]
787    #[unstable(feature = "allocator_api", issue = "32838")]
788    // #[unstable(feature = "new_uninit", issue = "63291")]
789    #[must_use]
790    pub fn new_uninit_slice_in(len: usize, alloc: A) -> Box<[mem::MaybeUninit<T>], A> {
791        unsafe { RawVec::with_capacity_in(len, alloc).into_box(len) }
792    }
793
794    /// Constructs a new boxed slice with uninitialized contents in the provided allocator,
795    /// with the memory being filled with `0` bytes.
796    ///
797    /// See [`MaybeUninit::zeroed`][zeroed] for examples of correct and incorrect usage
798    /// of this method.
799    ///
800    /// # Examples
801    ///
802    /// ```
803    /// #![feature(allocator_api)]
804    ///
805    /// use std::alloc::System;
806    ///
807    /// let values = Box::<[u32], _>::new_zeroed_slice_in(3, System);
808    /// let values = unsafe { values.assume_init() };
809    ///
810    /// assert_eq!(*values, [0, 0, 0])
811    /// ```
812    ///
813    /// [zeroed]: mem::MaybeUninit::zeroed
814    #[cfg(not(no_global_oom_handling))]
815    #[unstable(feature = "allocator_api", issue = "32838")]
816    // #[unstable(feature = "new_uninit", issue = "63291")]
817    #[must_use]
818    pub fn new_zeroed_slice_in(len: usize, alloc: A) -> Box<[mem::MaybeUninit<T>], A> {
819        unsafe { RawVec::with_capacity_zeroed_in(len, alloc).into_box(len) }
820    }
821
822    /// Constructs a new boxed slice with uninitialized contents in the provided allocator. Returns an error if
823    /// the allocation fails.
824    ///
825    /// # Examples
826    ///
827    /// ```
828    /// #![feature(allocator_api)]
829    ///
830    /// use std::alloc::System;
831    ///
832    /// let mut values = Box::<[u32], _>::try_new_uninit_slice_in(3, System)?;
833    /// // Deferred initialization:
834    /// values[0].write(1);
835    /// values[1].write(2);
836    /// values[2].write(3);
837    /// let values = unsafe { values.assume_init() };
838    ///
839    /// assert_eq!(*values, [1, 2, 3]);
840    /// # Ok::<(), std::alloc::AllocError>(())
841    /// ```
842    #[unstable(feature = "allocator_api", issue = "32838")]
843    #[inline]
844    pub fn try_new_uninit_slice_in(
845        len: usize,
846        alloc: A,
847    ) -> Result<Box<[mem::MaybeUninit<T>], A>, AllocError> {
848        let ptr = if T::IS_ZST || len == 0 {
849            NonNull::dangling()
850        } else {
851            let layout = match Layout::array::<mem::MaybeUninit<T>>(len) {
852                Ok(l) => l,
853                Err(_) => return Err(AllocError),
854            };
855            alloc.allocate(layout)?.cast()
856        };
857        unsafe { Ok(RawVec::from_raw_parts_in(ptr.as_ptr(), len, alloc).into_box(len)) }
858    }
859
860    /// Constructs a new boxed slice with uninitialized contents in the provided allocator, with the memory
861    /// being filled with `0` bytes. Returns an error if the allocation fails.
862    ///
863    /// See [`MaybeUninit::zeroed`][zeroed] for examples of correct and incorrect usage
864    /// of this method.
865    ///
866    /// # Examples
867    ///
868    /// ```
869    /// #![feature(allocator_api)]
870    ///
871    /// use std::alloc::System;
872    ///
873    /// let values = Box::<[u32], _>::try_new_zeroed_slice_in(3, System)?;
874    /// let values = unsafe { values.assume_init() };
875    ///
876    /// assert_eq!(*values, [0, 0, 0]);
877    /// # Ok::<(), std::alloc::AllocError>(())
878    /// ```
879    ///
880    /// [zeroed]: mem::MaybeUninit::zeroed
881    #[unstable(feature = "allocator_api", issue = "32838")]
882    #[inline]
883    pub fn try_new_zeroed_slice_in(
884        len: usize,
885        alloc: A,
886    ) -> Result<Box<[mem::MaybeUninit<T>], A>, AllocError> {
887        let ptr = if T::IS_ZST || len == 0 {
888            NonNull::dangling()
889        } else {
890            let layout = match Layout::array::<mem::MaybeUninit<T>>(len) {
891                Ok(l) => l,
892                Err(_) => return Err(AllocError),
893            };
894            alloc.allocate_zeroed(layout)?.cast()
895        };
896        unsafe { Ok(RawVec::from_raw_parts_in(ptr.as_ptr(), len, alloc).into_box(len)) }
897    }
898}
899
900impl<T, A: Allocator> Box<mem::MaybeUninit<T>, A> {
901    /// Converts to `Box<T, A>`.
902    ///
903    /// # Safety
904    ///
905    /// As with [`MaybeUninit::assume_init`],
906    /// it is up to the caller to guarantee that the value
907    /// really is in an initialized state.
908    /// Calling this when the content is not yet fully initialized
909    /// causes immediate undefined behavior.
910    ///
911    /// [`MaybeUninit::assume_init`]: mem::MaybeUninit::assume_init
912    ///
913    /// # Examples
914    ///
915    /// ```
916    /// let mut five = Box::<u32>::new_uninit();
917    /// // Deferred initialization:
918    /// five.write(5);
919    /// let five: Box<u32> = unsafe { five.assume_init() };
920    ///
921    /// assert_eq!(*five, 5)
922    /// ```
923    #[stable(feature = "new_uninit", since = "1.82.0")]
924    #[inline]
925    pub unsafe fn assume_init(self) -> Box<T, A> {
926        let (raw, alloc) = Box::into_raw_with_allocator(self);
927        unsafe { Box::from_raw_in(raw as *mut T, alloc) }
928    }
929
930    /// Writes the value and converts to `Box<T, A>`.
931    ///
932    /// This method converts the box similarly to [`Box::assume_init`] but
933    /// writes `value` into it before conversion thus guaranteeing safety.
934    /// In some scenarios use of this method may improve performance because
935    /// the compiler may be able to optimize copying from stack.
936    ///
937    /// # Examples
938    ///
939    /// ```
940    /// let big_box = Box::<[usize; 1024]>::new_uninit();
941    ///
942    /// let mut array = [0; 1024];
943    /// for (i, place) in array.iter_mut().enumerate() {
944    ///     *place = i;
945    /// }
946    ///
947    /// // The optimizer may be able to elide this copy, so previous code writes
948    /// // to heap directly.
949    /// let big_box = Box::write(big_box, array);
950    ///
951    /// for (i, x) in big_box.iter().enumerate() {
952    ///     assert_eq!(*x, i);
953    /// }
954    /// ```
955    #[stable(feature = "box_uninit_write", since = "CURRENT_RUSTC_VERSION")]
956    #[inline]
957    pub fn write(mut boxed: Self, value: T) -> Box<T, A> {
958        unsafe {
959            (*boxed).write(value);
960            boxed.assume_init()
961        }
962    }
963}
964
965impl<T, A: Allocator> Box<[mem::MaybeUninit<T>], A> {
966    /// Converts to `Box<[T], A>`.
967    ///
968    /// # Safety
969    ///
970    /// As with [`MaybeUninit::assume_init`],
971    /// it is up to the caller to guarantee that the values
972    /// really are in an initialized state.
973    /// Calling this when the content is not yet fully initialized
974    /// causes immediate undefined behavior.
975    ///
976    /// [`MaybeUninit::assume_init`]: mem::MaybeUninit::assume_init
977    ///
978    /// # Examples
979    ///
980    /// ```
981    /// let mut values = Box::<[u32]>::new_uninit_slice(3);
982    /// // Deferred initialization:
983    /// values[0].write(1);
984    /// values[1].write(2);
985    /// values[2].write(3);
986    /// let values = unsafe { values.assume_init() };
987    ///
988    /// assert_eq!(*values, [1, 2, 3])
989    /// ```
990    #[stable(feature = "new_uninit", since = "1.82.0")]
991    #[inline]
992    pub unsafe fn assume_init(self) -> Box<[T], A> {
993        let (raw, alloc) = Box::into_raw_with_allocator(self);
994        unsafe { Box::from_raw_in(raw as *mut [T], alloc) }
995    }
996}
997
998impl<T: ?Sized> Box<T> {
999    /// Constructs a box from a raw pointer.
1000    ///
1001    /// After calling this function, the raw pointer is owned by the
1002    /// resulting `Box`. Specifically, the `Box` destructor will call
1003    /// the destructor of `T` and free the allocated memory. For this
1004    /// to be safe, the memory must have been allocated in accordance
1005    /// with the [memory layout] used by `Box` .
1006    ///
1007    /// # Safety
1008    ///
1009    /// This function is unsafe because improper use may lead to
1010    /// memory problems. For example, a double-free may occur if the
1011    /// function is called twice on the same raw pointer.
1012    ///
1013    /// The raw pointer must point to a block of memory allocated by the global allocator.
1014    ///
1015    /// The safety conditions are described in the [memory layout] section.
1016    ///
1017    /// # Examples
1018    ///
1019    /// Recreate a `Box` which was previously converted to a raw pointer
1020    /// using [`Box::into_raw`]:
1021    /// ```
1022    /// let x = Box::new(5);
1023    /// let ptr = Box::into_raw(x);
1024    /// let x = unsafe { Box::from_raw(ptr) };
1025    /// ```
1026    /// Manually create a `Box` from scratch by using the global allocator:
1027    /// ```
1028    /// use std::alloc::{alloc, Layout};
1029    ///
1030    /// unsafe {
1031    ///     let ptr = alloc(Layout::new::<i32>()) as *mut i32;
1032    ///     // In general .write is required to avoid attempting to destruct
1033    ///     // the (uninitialized) previous contents of `ptr`, though for this
1034    ///     // simple example `*ptr = 5` would have worked as well.
1035    ///     ptr.write(5);
1036    ///     let x = Box::from_raw(ptr);
1037    /// }
1038    /// ```
1039    ///
1040    /// [memory layout]: self#memory-layout
1041    #[stable(feature = "box_raw", since = "1.4.0")]
1042    #[inline]
1043    #[must_use = "call `drop(Box::from_raw(ptr))` if you intend to drop the `Box`"]
1044    pub unsafe fn from_raw(raw: *mut T) -> Self {
1045        unsafe { Self::from_raw_in(raw, Global) }
1046    }
1047
1048    /// Constructs a box from a `NonNull` pointer.
1049    ///
1050    /// After calling this function, the `NonNull` pointer is owned by
1051    /// the resulting `Box`. Specifically, the `Box` destructor will call
1052    /// the destructor of `T` and free the allocated memory. For this
1053    /// to be safe, the memory must have been allocated in accordance
1054    /// with the [memory layout] used by `Box` .
1055    ///
1056    /// # Safety
1057    ///
1058    /// This function is unsafe because improper use may lead to
1059    /// memory problems. For example, a double-free may occur if the
1060    /// function is called twice on the same `NonNull` pointer.
1061    ///
1062    /// The non-null pointer must point to a block of memory allocated by the global allocator.
1063    ///
1064    /// The safety conditions are described in the [memory layout] section.
1065    ///
1066    /// # Examples
1067    ///
1068    /// Recreate a `Box` which was previously converted to a `NonNull`
1069    /// pointer using [`Box::into_non_null`]:
1070    /// ```
1071    /// #![feature(box_vec_non_null)]
1072    ///
1073    /// let x = Box::new(5);
1074    /// let non_null = Box::into_non_null(x);
1075    /// let x = unsafe { Box::from_non_null(non_null) };
1076    /// ```
1077    /// Manually create a `Box` from scratch by using the global allocator:
1078    /// ```
1079    /// #![feature(box_vec_non_null)]
1080    ///
1081    /// use std::alloc::{alloc, Layout};
1082    /// use std::ptr::NonNull;
1083    ///
1084    /// unsafe {
1085    ///     let non_null = NonNull::new(alloc(Layout::new::<i32>()).cast::<i32>())
1086    ///         .expect("allocation failed");
1087    ///     // In general .write is required to avoid attempting to destruct
1088    ///     // the (uninitialized) previous contents of `non_null`.
1089    ///     non_null.write(5);
1090    ///     let x = Box::from_non_null(non_null);
1091    /// }
1092    /// ```
1093    ///
1094    /// [memory layout]: self#memory-layout
1095    #[unstable(feature = "box_vec_non_null", reason = "new API", issue = "130364")]
1096    #[inline]
1097    #[must_use = "call `drop(Box::from_non_null(ptr))` if you intend to drop the `Box`"]
1098    pub unsafe fn from_non_null(ptr: NonNull<T>) -> Self {
1099        unsafe { Self::from_raw(ptr.as_ptr()) }
1100    }
1101}
1102
1103impl<T: ?Sized, A: Allocator> Box<T, A> {
1104    /// Constructs a box from a raw pointer in the given allocator.
1105    ///
1106    /// After calling this function, the raw pointer is owned by the
1107    /// resulting `Box`. Specifically, the `Box` destructor will call
1108    /// the destructor of `T` and free the allocated memory. For this
1109    /// to be safe, the memory must have been allocated in accordance
1110    /// with the [memory layout] used by `Box` .
1111    ///
1112    /// # Safety
1113    ///
1114    /// This function is unsafe because improper use may lead to
1115    /// memory problems. For example, a double-free may occur if the
1116    /// function is called twice on the same raw pointer.
1117    ///
1118    /// The raw pointer must point to a block of memory allocated by `alloc`.
1119    ///
1120    /// # Examples
1121    ///
1122    /// Recreate a `Box` which was previously converted to a raw pointer
1123    /// using [`Box::into_raw_with_allocator`]:
1124    /// ```
1125    /// #![feature(allocator_api)]
1126    ///
1127    /// use std::alloc::System;
1128    ///
1129    /// let x = Box::new_in(5, System);
1130    /// let (ptr, alloc) = Box::into_raw_with_allocator(x);
1131    /// let x = unsafe { Box::from_raw_in(ptr, alloc) };
1132    /// ```
1133    /// Manually create a `Box` from scratch by using the system allocator:
1134    /// ```
1135    /// #![feature(allocator_api, slice_ptr_get)]
1136    ///
1137    /// use std::alloc::{Allocator, Layout, System};
1138    ///
1139    /// unsafe {
1140    ///     let ptr = System.allocate(Layout::new::<i32>())?.as_mut_ptr() as *mut i32;
1141    ///     // In general .write is required to avoid attempting to destruct
1142    ///     // the (uninitialized) previous contents of `ptr`, though for this
1143    ///     // simple example `*ptr = 5` would have worked as well.
1144    ///     ptr.write(5);
1145    ///     let x = Box::from_raw_in(ptr, System);
1146    /// }
1147    /// # Ok::<(), std::alloc::AllocError>(())
1148    /// ```
1149    ///
1150    /// [memory layout]: self#memory-layout
1151    #[unstable(feature = "allocator_api", issue = "32838")]
1152    #[rustc_const_unstable(feature = "const_box", issue = "92521")]
1153    #[inline]
1154    pub const unsafe fn from_raw_in(raw: *mut T, alloc: A) -> Self {
1155        Box(unsafe { Unique::new_unchecked(raw) }, alloc)
1156    }
1157
1158    /// Constructs a box from a `NonNull` pointer in the given allocator.
1159    ///
1160    /// After calling this function, the `NonNull` pointer is owned by
1161    /// the resulting `Box`. Specifically, the `Box` destructor will call
1162    /// the destructor of `T` and free the allocated memory. For this
1163    /// to be safe, the memory must have been allocated in accordance
1164    /// with the [memory layout] used by `Box` .
1165    ///
1166    /// # Safety
1167    ///
1168    /// This function is unsafe because improper use may lead to
1169    /// memory problems. For example, a double-free may occur if the
1170    /// function is called twice on the same raw pointer.
1171    ///
1172    /// The non-null pointer must point to a block of memory allocated by `alloc`.
1173    ///
1174    /// # Examples
1175    ///
1176    /// Recreate a `Box` which was previously converted to a `NonNull` pointer
1177    /// using [`Box::into_non_null_with_allocator`]:
1178    /// ```
1179    /// #![feature(allocator_api, box_vec_non_null)]
1180    ///
1181    /// use std::alloc::System;
1182    ///
1183    /// let x = Box::new_in(5, System);
1184    /// let (non_null, alloc) = Box::into_non_null_with_allocator(x);
1185    /// let x = unsafe { Box::from_non_null_in(non_null, alloc) };
1186    /// ```
1187    /// Manually create a `Box` from scratch by using the system allocator:
1188    /// ```
1189    /// #![feature(allocator_api, box_vec_non_null, slice_ptr_get)]
1190    ///
1191    /// use std::alloc::{Allocator, Layout, System};
1192    ///
1193    /// unsafe {
1194    ///     let non_null = System.allocate(Layout::new::<i32>())?.cast::<i32>();
1195    ///     // In general .write is required to avoid attempting to destruct
1196    ///     // the (uninitialized) previous contents of `non_null`.
1197    ///     non_null.write(5);
1198    ///     let x = Box::from_non_null_in(non_null, System);
1199    /// }
1200    /// # Ok::<(), std::alloc::AllocError>(())
1201    /// ```
1202    ///
1203    /// [memory layout]: self#memory-layout
1204    #[unstable(feature = "allocator_api", issue = "32838")]
1205    // #[unstable(feature = "box_vec_non_null", reason = "new API", issue = "130364")]
1206    #[rustc_const_unstable(feature = "const_box", issue = "92521")]
1207    #[inline]
1208    pub const unsafe fn from_non_null_in(raw: NonNull<T>, alloc: A) -> Self {
1209        // SAFETY: guaranteed by the caller.
1210        unsafe { Box::from_raw_in(raw.as_ptr(), alloc) }
1211    }
1212
1213    /// Consumes the `Box`, returning a wrapped raw pointer.
1214    ///
1215    /// The pointer will be properly aligned and non-null.
1216    ///
1217    /// After calling this function, the caller is responsible for the
1218    /// memory previously managed by the `Box`. In particular, the
1219    /// caller should properly destroy `T` and release the memory, taking
1220    /// into account the [memory layout] used by `Box`. The easiest way to
1221    /// do this is to convert the raw pointer back into a `Box` with the
1222    /// [`Box::from_raw`] function, allowing the `Box` destructor to perform
1223    /// the cleanup.
1224    ///
1225    /// Note: this is an associated function, which means that you have
1226    /// to call it as `Box::into_raw(b)` instead of `b.into_raw()`. This
1227    /// is so that there is no conflict with a method on the inner type.
1228    ///
1229    /// # Examples
1230    /// Converting the raw pointer back into a `Box` with [`Box::from_raw`]
1231    /// for automatic cleanup:
1232    /// ```
1233    /// let x = Box::new(String::from("Hello"));
1234    /// let ptr = Box::into_raw(x);
1235    /// let x = unsafe { Box::from_raw(ptr) };
1236    /// ```
1237    /// Manual cleanup by explicitly running the destructor and deallocating
1238    /// the memory:
1239    /// ```
1240    /// use std::alloc::{dealloc, Layout};
1241    /// use std::ptr;
1242    ///
1243    /// let x = Box::new(String::from("Hello"));
1244    /// let ptr = Box::into_raw(x);
1245    /// unsafe {
1246    ///     ptr::drop_in_place(ptr);
1247    ///     dealloc(ptr as *mut u8, Layout::new::<String>());
1248    /// }
1249    /// ```
1250    /// Note: This is equivalent to the following:
1251    /// ```
1252    /// let x = Box::new(String::from("Hello"));
1253    /// let ptr = Box::into_raw(x);
1254    /// unsafe {
1255    ///     drop(Box::from_raw(ptr));
1256    /// }
1257    /// ```
1258    ///
1259    /// [memory layout]: self#memory-layout
1260    #[must_use = "losing the pointer will leak memory"]
1261    #[stable(feature = "box_raw", since = "1.4.0")]
1262    #[inline]
1263    pub fn into_raw(b: Self) -> *mut T {
1264        // Make sure Miri realizes that we transition from a noalias pointer to a raw pointer here.
1265        unsafe { &raw mut *&mut *Self::into_raw_with_allocator(b).0 }
1266    }
1267
1268    /// Consumes the `Box`, returning a wrapped `NonNull` pointer.
1269    ///
1270    /// The pointer will be properly aligned.
1271    ///
1272    /// After calling this function, the caller is responsible for the
1273    /// memory previously managed by the `Box`. In particular, the
1274    /// caller should properly destroy `T` and release the memory, taking
1275    /// into account the [memory layout] used by `Box`. The easiest way to
1276    /// do this is to convert the `NonNull` pointer back into a `Box` with the
1277    /// [`Box::from_non_null`] function, allowing the `Box` destructor to
1278    /// perform the cleanup.
1279    ///
1280    /// Note: this is an associated function, which means that you have
1281    /// to call it as `Box::into_non_null(b)` instead of `b.into_non_null()`.
1282    /// This is so that there is no conflict with a method on the inner type.
1283    ///
1284    /// # Examples
1285    /// Converting the `NonNull` pointer back into a `Box` with [`Box::from_non_null`]
1286    /// for automatic cleanup:
1287    /// ```
1288    /// #![feature(box_vec_non_null)]
1289    ///
1290    /// let x = Box::new(String::from("Hello"));
1291    /// let non_null = Box::into_non_null(x);
1292    /// let x = unsafe { Box::from_non_null(non_null) };
1293    /// ```
1294    /// Manual cleanup by explicitly running the destructor and deallocating
1295    /// the memory:
1296    /// ```
1297    /// #![feature(box_vec_non_null)]
1298    ///
1299    /// use std::alloc::{dealloc, Layout};
1300    ///
1301    /// let x = Box::new(String::from("Hello"));
1302    /// let non_null = Box::into_non_null(x);
1303    /// unsafe {
1304    ///     non_null.drop_in_place();
1305    ///     dealloc(non_null.as_ptr().cast::<u8>(), Layout::new::<String>());
1306    /// }
1307    /// ```
1308    /// Note: This is equivalent to the following:
1309    /// ```
1310    /// #![feature(box_vec_non_null)]
1311    ///
1312    /// let x = Box::new(String::from("Hello"));
1313    /// let non_null = Box::into_non_null(x);
1314    /// unsafe {
1315    ///     drop(Box::from_non_null(non_null));
1316    /// }
1317    /// ```
1318    ///
1319    /// [memory layout]: self#memory-layout
1320    #[must_use = "losing the pointer will leak memory"]
1321    #[unstable(feature = "box_vec_non_null", reason = "new API", issue = "130364")]
1322    #[inline]
1323    pub fn into_non_null(b: Self) -> NonNull<T> {
1324        // SAFETY: `Box` is guaranteed to be non-null.
1325        unsafe { NonNull::new_unchecked(Self::into_raw(b)) }
1326    }
1327
1328    /// Consumes the `Box`, returning a wrapped raw pointer and the allocator.
1329    ///
1330    /// The pointer will be properly aligned and non-null.
1331    ///
1332    /// After calling this function, the caller is responsible for the
1333    /// memory previously managed by the `Box`. In particular, the
1334    /// caller should properly destroy `T` and release the memory, taking
1335    /// into account the [memory layout] used by `Box`. The easiest way to
1336    /// do this is to convert the raw pointer back into a `Box` with the
1337    /// [`Box::from_raw_in`] function, allowing the `Box` destructor to perform
1338    /// the cleanup.
1339    ///
1340    /// Note: this is an associated function, which means that you have
1341    /// to call it as `Box::into_raw_with_allocator(b)` instead of `b.into_raw_with_allocator()`. This
1342    /// is so that there is no conflict with a method on the inner type.
1343    ///
1344    /// # Examples
1345    /// Converting the raw pointer back into a `Box` with [`Box::from_raw_in`]
1346    /// for automatic cleanup:
1347    /// ```
1348    /// #![feature(allocator_api)]
1349    ///
1350    /// use std::alloc::System;
1351    ///
1352    /// let x = Box::new_in(String::from("Hello"), System);
1353    /// let (ptr, alloc) = Box::into_raw_with_allocator(x);
1354    /// let x = unsafe { Box::from_raw_in(ptr, alloc) };
1355    /// ```
1356    /// Manual cleanup by explicitly running the destructor and deallocating
1357    /// the memory:
1358    /// ```
1359    /// #![feature(allocator_api)]
1360    ///
1361    /// use std::alloc::{Allocator, Layout, System};
1362    /// use std::ptr::{self, NonNull};
1363    ///
1364    /// let x = Box::new_in(String::from("Hello"), System);
1365    /// let (ptr, alloc) = Box::into_raw_with_allocator(x);
1366    /// unsafe {
1367    ///     ptr::drop_in_place(ptr);
1368    ///     let non_null = NonNull::new_unchecked(ptr);
1369    ///     alloc.deallocate(non_null.cast(), Layout::new::<String>());
1370    /// }
1371    /// ```
1372    ///
1373    /// [memory layout]: self#memory-layout
1374    #[must_use = "losing the pointer will leak memory"]
1375    #[unstable(feature = "allocator_api", issue = "32838")]
1376    #[inline]
1377    pub fn into_raw_with_allocator(b: Self) -> (*mut T, A) {
1378        let mut b = mem::ManuallyDrop::new(b);
1379        // We carefully get the raw pointer out in a way that Miri's aliasing model understands what
1380        // is happening: using the primitive "deref" of `Box`. In case `A` is *not* `Global`, we
1381        // want *no* aliasing requirements here!
1382        // In case `A` *is* `Global`, this does not quite have the right behavior; `into_raw`
1383        // works around that.
1384        let ptr = &raw mut **b;
1385        let alloc = unsafe { ptr::read(&b.1) };
1386        (ptr, alloc)
1387    }
1388
1389    /// Consumes the `Box`, returning a wrapped `NonNull` pointer and the allocator.
1390    ///
1391    /// The pointer will be properly aligned.
1392    ///
1393    /// After calling this function, the caller is responsible for the
1394    /// memory previously managed by the `Box`. In particular, the
1395    /// caller should properly destroy `T` and release the memory, taking
1396    /// into account the [memory layout] used by `Box`. The easiest way to
1397    /// do this is to convert the `NonNull` pointer back into a `Box` with the
1398    /// [`Box::from_non_null_in`] function, allowing the `Box` destructor to
1399    /// perform the cleanup.
1400    ///
1401    /// Note: this is an associated function, which means that you have
1402    /// to call it as `Box::into_non_null_with_allocator(b)` instead of
1403    /// `b.into_non_null_with_allocator()`. This is so that there is no
1404    /// conflict with a method on the inner type.
1405    ///
1406    /// # Examples
1407    /// Converting the `NonNull` pointer back into a `Box` with
1408    /// [`Box::from_non_null_in`] for automatic cleanup:
1409    /// ```
1410    /// #![feature(allocator_api, box_vec_non_null)]
1411    ///
1412    /// use std::alloc::System;
1413    ///
1414    /// let x = Box::new_in(String::from("Hello"), System);
1415    /// let (non_null, alloc) = Box::into_non_null_with_allocator(x);
1416    /// let x = unsafe { Box::from_non_null_in(non_null, alloc) };
1417    /// ```
1418    /// Manual cleanup by explicitly running the destructor and deallocating
1419    /// the memory:
1420    /// ```
1421    /// #![feature(allocator_api, box_vec_non_null)]
1422    ///
1423    /// use std::alloc::{Allocator, Layout, System};
1424    ///
1425    /// let x = Box::new_in(String::from("Hello"), System);
1426    /// let (non_null, alloc) = Box::into_non_null_with_allocator(x);
1427    /// unsafe {
1428    ///     non_null.drop_in_place();
1429    ///     alloc.deallocate(non_null.cast::<u8>(), Layout::new::<String>());
1430    /// }
1431    /// ```
1432    ///
1433    /// [memory layout]: self#memory-layout
1434    #[must_use = "losing the pointer will leak memory"]
1435    #[unstable(feature = "allocator_api", issue = "32838")]
1436    // #[unstable(feature = "box_vec_non_null", reason = "new API", issue = "130364")]
1437    #[inline]
1438    pub fn into_non_null_with_allocator(b: Self) -> (NonNull<T>, A) {
1439        let (ptr, alloc) = Box::into_raw_with_allocator(b);
1440        // SAFETY: `Box` is guaranteed to be non-null.
1441        unsafe { (NonNull::new_unchecked(ptr), alloc) }
1442    }
1443
1444    #[unstable(
1445        feature = "ptr_internals",
1446        issue = "none",
1447        reason = "use `Box::leak(b).into()` or `Unique::from(Box::leak(b))` instead"
1448    )]
1449    #[inline]
1450    #[doc(hidden)]
1451    pub fn into_unique(b: Self) -> (Unique<T>, A) {
1452        let (ptr, alloc) = Box::into_raw_with_allocator(b);
1453        unsafe { (Unique::from(&mut *ptr), alloc) }
1454    }
1455
1456    /// Returns a raw mutable pointer to the `Box`'s contents.
1457    ///
1458    /// The caller must ensure that the `Box` outlives the pointer this
1459    /// function returns, or else it will end up dangling.
1460    ///
1461    /// This method guarantees that for the purpose of the aliasing model, this method
1462    /// does not materialize a reference to the underlying memory, and thus the returned pointer
1463    /// will remain valid when mixed with other calls to [`as_ptr`] and [`as_mut_ptr`].
1464    /// Note that calling other methods that materialize references to the memory
1465    /// may still invalidate this pointer.
1466    /// See the example below for how this guarantee can be used.
1467    ///
1468    /// # Examples
1469    ///
1470    /// Due to the aliasing guarantee, the following code is legal:
1471    ///
1472    /// ```rust
1473    /// #![feature(box_as_ptr)]
1474    ///
1475    /// unsafe {
1476    ///     let mut b = Box::new(0);
1477    ///     let ptr1 = Box::as_mut_ptr(&mut b);
1478    ///     ptr1.write(1);
1479    ///     let ptr2 = Box::as_mut_ptr(&mut b);
1480    ///     ptr2.write(2);
1481    ///     // Notably, the write to `ptr2` did *not* invalidate `ptr1`:
1482    ///     ptr1.write(3);
1483    /// }
1484    /// ```
1485    ///
1486    /// [`as_mut_ptr`]: Self::as_mut_ptr
1487    /// [`as_ptr`]: Self::as_ptr
1488    #[unstable(feature = "box_as_ptr", issue = "129090")]
1489    #[rustc_never_returns_null_ptr]
1490    #[rustc_as_ptr]
1491    #[inline]
1492    pub fn as_mut_ptr(b: &mut Self) -> *mut T {
1493        // This is a primitive deref, not going through `DerefMut`, and therefore not materializing
1494        // any references.
1495        &raw mut **b
1496    }
1497
1498    /// Returns a raw pointer to the `Box`'s contents.
1499    ///
1500    /// The caller must ensure that the `Box` outlives the pointer this
1501    /// function returns, or else it will end up dangling.
1502    ///
1503    /// The caller must also ensure that the memory the pointer (non-transitively) points to
1504    /// is never written to (except inside an `UnsafeCell`) using this pointer or any pointer
1505    /// derived from it. If you need to mutate the contents of the `Box`, use [`as_mut_ptr`].
1506    ///
1507    /// This method guarantees that for the purpose of the aliasing model, this method
1508    /// does not materialize a reference to the underlying memory, and thus the returned pointer
1509    /// will remain valid when mixed with other calls to [`as_ptr`] and [`as_mut_ptr`].
1510    /// Note that calling other methods that materialize mutable references to the memory,
1511    /// as well as writing to this memory, may still invalidate this pointer.
1512    /// See the example below for how this guarantee can be used.
1513    ///
1514    /// # Examples
1515    ///
1516    /// Due to the aliasing guarantee, the following code is legal:
1517    ///
1518    /// ```rust
1519    /// #![feature(box_as_ptr)]
1520    ///
1521    /// unsafe {
1522    ///     let mut v = Box::new(0);
1523    ///     let ptr1 = Box::as_ptr(&v);
1524    ///     let ptr2 = Box::as_mut_ptr(&mut v);
1525    ///     let _val = ptr2.read();
1526    ///     // No write to this memory has happened yet, so `ptr1` is still valid.
1527    ///     let _val = ptr1.read();
1528    ///     // However, once we do a write...
1529    ///     ptr2.write(1);
1530    ///     // ... `ptr1` is no longer valid.
1531    ///     // This would be UB: let _val = ptr1.read();
1532    /// }
1533    /// ```
1534    ///
1535    /// [`as_mut_ptr`]: Self::as_mut_ptr
1536    /// [`as_ptr`]: Self::as_ptr
1537    #[unstable(feature = "box_as_ptr", issue = "129090")]
1538    #[rustc_never_returns_null_ptr]
1539    #[rustc_as_ptr]
1540    #[inline]
1541    pub fn as_ptr(b: &Self) -> *const T {
1542        // This is a primitive deref, not going through `DerefMut`, and therefore not materializing
1543        // any references.
1544        &raw const **b
1545    }
1546
1547    /// Returns a reference to the underlying allocator.
1548    ///
1549    /// Note: this is an associated function, which means that you have
1550    /// to call it as `Box::allocator(&b)` instead of `b.allocator()`. This
1551    /// is so that there is no conflict with a method on the inner type.
1552    #[unstable(feature = "allocator_api", issue = "32838")]
1553    #[rustc_const_unstable(feature = "const_box", issue = "92521")]
1554    #[inline]
1555    pub const fn allocator(b: &Self) -> &A {
1556        &b.1
1557    }
1558
1559    /// Consumes and leaks the `Box`, returning a mutable reference,
1560    /// `&'a mut T`.
1561    ///
1562    /// Note that the type `T` must outlive the chosen lifetime `'a`. If the type
1563    /// has only static references, or none at all, then this may be chosen to be
1564    /// `'static`.
1565    ///
1566    /// This function is mainly useful for data that lives for the remainder of
1567    /// the program's life. Dropping the returned reference will cause a memory
1568    /// leak. If this is not acceptable, the reference should first be wrapped
1569    /// with the [`Box::from_raw`] function producing a `Box`. This `Box` can
1570    /// then be dropped which will properly destroy `T` and release the
1571    /// allocated memory.
1572    ///
1573    /// Note: this is an associated function, which means that you have
1574    /// to call it as `Box::leak(b)` instead of `b.leak()`. This
1575    /// is so that there is no conflict with a method on the inner type.
1576    ///
1577    /// # Examples
1578    ///
1579    /// Simple usage:
1580    ///
1581    /// ```
1582    /// let x = Box::new(41);
1583    /// let static_ref: &'static mut usize = Box::leak(x);
1584    /// *static_ref += 1;
1585    /// assert_eq!(*static_ref, 42);
1586    /// # // FIXME(https://github.com/rust-lang/miri/issues/3670):
1587    /// # // use -Zmiri-disable-leak-check instead of unleaking in tests meant to leak.
1588    /// # drop(unsafe { Box::from_raw(static_ref) });
1589    /// ```
1590    ///
1591    /// Unsized data:
1592    ///
1593    /// ```
1594    /// let x = vec![1, 2, 3].into_boxed_slice();
1595    /// let static_ref = Box::leak(x);
1596    /// static_ref[0] = 4;
1597    /// assert_eq!(*static_ref, [4, 2, 3]);
1598    /// # // FIXME(https://github.com/rust-lang/miri/issues/3670):
1599    /// # // use -Zmiri-disable-leak-check instead of unleaking in tests meant to leak.
1600    /// # drop(unsafe { Box::from_raw(static_ref) });
1601    /// ```
1602    #[stable(feature = "box_leak", since = "1.26.0")]
1603    #[inline]
1604    pub fn leak<'a>(b: Self) -> &'a mut T
1605    where
1606        A: 'a,
1607    {
1608        unsafe { &mut *Box::into_raw(b) }
1609    }
1610
1611    /// Converts a `Box<T>` into a `Pin<Box<T>>`. If `T` does not implement [`Unpin`], then
1612    /// `*boxed` will be pinned in memory and unable to be moved.
1613    ///
1614    /// This conversion does not allocate on the heap and happens in place.
1615    ///
1616    /// This is also available via [`From`].
1617    ///
1618    /// Constructing and pinning a `Box` with <code>Box::into_pin([Box::new]\(x))</code>
1619    /// can also be written more concisely using <code>[Box::pin]\(x)</code>.
1620    /// This `into_pin` method is useful if you already have a `Box<T>`, or you are
1621    /// constructing a (pinned) `Box` in a different way than with [`Box::new`].
1622    ///
1623    /// # Notes
1624    ///
1625    /// It's not recommended that crates add an impl like `From<Box<T>> for Pin<T>`,
1626    /// as it'll introduce an ambiguity when calling `Pin::from`.
1627    /// A demonstration of such a poor impl is shown below.
1628    ///
1629    /// ```compile_fail
1630    /// # use std::pin::Pin;
1631    /// struct Foo; // A type defined in this crate.
1632    /// impl From<Box<()>> for Pin<Foo> {
1633    ///     fn from(_: Box<()>) -> Pin<Foo> {
1634    ///         Pin::new(Foo)
1635    ///     }
1636    /// }
1637    ///
1638    /// let foo = Box::new(());
1639    /// let bar = Pin::from(foo);
1640    /// ```
1641    #[stable(feature = "box_into_pin", since = "1.63.0")]
1642    #[rustc_const_unstable(feature = "const_box", issue = "92521")]
1643    pub const fn into_pin(boxed: Self) -> Pin<Self>
1644    where
1645        A: 'static,
1646    {
1647        // It's not possible to move or replace the insides of a `Pin<Box<T>>`
1648        // when `T: !Unpin`, so it's safe to pin it directly without any
1649        // additional requirements.
1650        unsafe { Pin::new_unchecked(boxed) }
1651    }
1652}
1653
1654#[stable(feature = "rust1", since = "1.0.0")]
1655unsafe impl<#[may_dangle] T: ?Sized, A: Allocator> Drop for Box<T, A> {
1656    #[inline]
1657    fn drop(&mut self) {
1658        // the T in the Box is dropped by the compiler before the destructor is run
1659
1660        let ptr = self.0;
1661
1662        unsafe {
1663            let layout = Layout::for_value_raw(ptr.as_ptr());
1664            if layout.size() != 0 {
1665                self.1.deallocate(From::from(ptr.cast()), layout);
1666            }
1667        }
1668    }
1669}
1670
1671#[cfg(not(no_global_oom_handling))]
1672#[stable(feature = "rust1", since = "1.0.0")]
1673impl<T: Default> Default for Box<T> {
1674    /// Creates a `Box<T>`, with the `Default` value for T.
1675    #[inline]
1676    fn default() -> Self {
1677        let mut x: Box<mem::MaybeUninit<T>> = Box::new_uninit();
1678        unsafe {
1679            // SAFETY: `x` is valid for writing and has the same layout as `T`.
1680            // If `T::default()` panics, dropping `x` will just deallocate the Box as `MaybeUninit<T>`
1681            // does not have a destructor.
1682            //
1683            // We use `ptr::write` as `MaybeUninit::write` creates
1684            // extra stack copies of `T` in debug mode.
1685            //
1686            // See https://github.com/rust-lang/rust/issues/136043 for more context.
1687            ptr::write(&raw mut *x as *mut T, T::default());
1688            // SAFETY: `x` was just initialized above.
1689            x.assume_init()
1690        }
1691    }
1692}
1693
1694#[cfg(not(no_global_oom_handling))]
1695#[stable(feature = "rust1", since = "1.0.0")]
1696impl<T> Default for Box<[T]> {
1697    #[inline]
1698    fn default() -> Self {
1699        let ptr: Unique<[T]> = Unique::<[T; 0]>::dangling();
1700        Box(ptr, Global)
1701    }
1702}
1703
1704#[cfg(not(no_global_oom_handling))]
1705#[stable(feature = "default_box_extra", since = "1.17.0")]
1706impl Default for Box<str> {
1707    #[inline]
1708    fn default() -> Self {
1709        // SAFETY: This is the same as `Unique::cast<U>` but with an unsized `U = str`.
1710        let ptr: Unique<str> = unsafe {
1711            let bytes: Unique<[u8]> = Unique::<[u8; 0]>::dangling();
1712            Unique::new_unchecked(bytes.as_ptr() as *mut str)
1713        };
1714        Box(ptr, Global)
1715    }
1716}
1717
1718#[cfg(not(no_global_oom_handling))]
1719#[stable(feature = "rust1", since = "1.0.0")]
1720impl<T: Clone, A: Allocator + Clone> Clone for Box<T, A> {
1721    /// Returns a new box with a `clone()` of this box's contents.
1722    ///
1723    /// # Examples
1724    ///
1725    /// ```
1726    /// let x = Box::new(5);
1727    /// let y = x.clone();
1728    ///
1729    /// // The value is the same
1730    /// assert_eq!(x, y);
1731    ///
1732    /// // But they are unique objects
1733    /// assert_ne!(&*x as *const i32, &*y as *const i32);
1734    /// ```
1735    #[inline]
1736    fn clone(&self) -> Self {
1737        // Pre-allocate memory to allow writing the cloned value directly.
1738        let mut boxed = Self::new_uninit_in(self.1.clone());
1739        unsafe {
1740            (**self).clone_to_uninit(boxed.as_mut_ptr().cast());
1741            boxed.assume_init()
1742        }
1743    }
1744
1745    /// Copies `source`'s contents into `self` without creating a new allocation.
1746    ///
1747    /// # Examples
1748    ///
1749    /// ```
1750    /// let x = Box::new(5);
1751    /// let mut y = Box::new(10);
1752    /// let yp: *const i32 = &*y;
1753    ///
1754    /// y.clone_from(&x);
1755    ///
1756    /// // The value is the same
1757    /// assert_eq!(x, y);
1758    ///
1759    /// // And no allocation occurred
1760    /// assert_eq!(yp, &*y);
1761    /// ```
1762    #[inline]
1763    fn clone_from(&mut self, source: &Self) {
1764        (**self).clone_from(&(**source));
1765    }
1766}
1767
1768#[cfg(not(no_global_oom_handling))]
1769#[stable(feature = "box_slice_clone", since = "1.3.0")]
1770impl<T: Clone, A: Allocator + Clone> Clone for Box<[T], A> {
1771    fn clone(&self) -> Self {
1772        let alloc = Box::allocator(self).clone();
1773        self.to_vec_in(alloc).into_boxed_slice()
1774    }
1775
1776    /// Copies `source`'s contents into `self` without creating a new allocation,
1777    /// so long as the two are of the same length.
1778    ///
1779    /// # Examples
1780    ///
1781    /// ```
1782    /// let x = Box::new([5, 6, 7]);
1783    /// let mut y = Box::new([8, 9, 10]);
1784    /// let yp: *const [i32] = &*y;
1785    ///
1786    /// y.clone_from(&x);
1787    ///
1788    /// // The value is the same
1789    /// assert_eq!(x, y);
1790    ///
1791    /// // And no allocation occurred
1792    /// assert_eq!(yp, &*y);
1793    /// ```
1794    fn clone_from(&mut self, source: &Self) {
1795        if self.len() == source.len() {
1796            self.clone_from_slice(&source);
1797        } else {
1798            *self = source.clone();
1799        }
1800    }
1801}
1802
1803#[cfg(not(no_global_oom_handling))]
1804#[stable(feature = "box_slice_clone", since = "1.3.0")]
1805impl Clone for Box<str> {
1806    fn clone(&self) -> Self {
1807        // this makes a copy of the data
1808        let buf: Box<[u8]> = self.as_bytes().into();
1809        unsafe { from_boxed_utf8_unchecked(buf) }
1810    }
1811}
1812
1813#[stable(feature = "rust1", since = "1.0.0")]
1814impl<T: ?Sized + PartialEq, A: Allocator> PartialEq for Box<T, A> {
1815    #[inline]
1816    fn eq(&self, other: &Self) -> bool {
1817        PartialEq::eq(&**self, &**other)
1818    }
1819    #[inline]
1820    fn ne(&self, other: &Self) -> bool {
1821        PartialEq::ne(&**self, &**other)
1822    }
1823}
1824
1825#[stable(feature = "rust1", since = "1.0.0")]
1826impl<T: ?Sized + PartialOrd, A: Allocator> PartialOrd for Box<T, A> {
1827    #[inline]
1828    fn partial_cmp(&self, other: &Self) -> Option<Ordering> {
1829        PartialOrd::partial_cmp(&**self, &**other)
1830    }
1831    #[inline]
1832    fn lt(&self, other: &Self) -> bool {
1833        PartialOrd::lt(&**self, &**other)
1834    }
1835    #[inline]
1836    fn le(&self, other: &Self) -> bool {
1837        PartialOrd::le(&**self, &**other)
1838    }
1839    #[inline]
1840    fn ge(&self, other: &Self) -> bool {
1841        PartialOrd::ge(&**self, &**other)
1842    }
1843    #[inline]
1844    fn gt(&self, other: &Self) -> bool {
1845        PartialOrd::gt(&**self, &**other)
1846    }
1847}
1848
1849#[stable(feature = "rust1", since = "1.0.0")]
1850impl<T: ?Sized + Ord, A: Allocator> Ord for Box<T, A> {
1851    #[inline]
1852    fn cmp(&self, other: &Self) -> Ordering {
1853        Ord::cmp(&**self, &**other)
1854    }
1855}
1856
1857#[stable(feature = "rust1", since = "1.0.0")]
1858impl<T: ?Sized + Eq, A: Allocator> Eq for Box<T, A> {}
1859
1860#[stable(feature = "rust1", since = "1.0.0")]
1861impl<T: ?Sized + Hash, A: Allocator> Hash for Box<T, A> {
1862    fn hash<H: Hasher>(&self, state: &mut H) {
1863        (**self).hash(state);
1864    }
1865}
1866
1867#[stable(feature = "indirect_hasher_impl", since = "1.22.0")]
1868impl<T: ?Sized + Hasher, A: Allocator> Hasher for Box<T, A> {
1869    fn finish(&self) -> u64 {
1870        (**self).finish()
1871    }
1872    fn write(&mut self, bytes: &[u8]) {
1873        (**self).write(bytes)
1874    }
1875    fn write_u8(&mut self, i: u8) {
1876        (**self).write_u8(i)
1877    }
1878    fn write_u16(&mut self, i: u16) {
1879        (**self).write_u16(i)
1880    }
1881    fn write_u32(&mut self, i: u32) {
1882        (**self).write_u32(i)
1883    }
1884    fn write_u64(&mut self, i: u64) {
1885        (**self).write_u64(i)
1886    }
1887    fn write_u128(&mut self, i: u128) {
1888        (**self).write_u128(i)
1889    }
1890    fn write_usize(&mut self, i: usize) {
1891        (**self).write_usize(i)
1892    }
1893    fn write_i8(&mut self, i: i8) {
1894        (**self).write_i8(i)
1895    }
1896    fn write_i16(&mut self, i: i16) {
1897        (**self).write_i16(i)
1898    }
1899    fn write_i32(&mut self, i: i32) {
1900        (**self).write_i32(i)
1901    }
1902    fn write_i64(&mut self, i: i64) {
1903        (**self).write_i64(i)
1904    }
1905    fn write_i128(&mut self, i: i128) {
1906        (**self).write_i128(i)
1907    }
1908    fn write_isize(&mut self, i: isize) {
1909        (**self).write_isize(i)
1910    }
1911    fn write_length_prefix(&mut self, len: usize) {
1912        (**self).write_length_prefix(len)
1913    }
1914    fn write_str(&mut self, s: &str) {
1915        (**self).write_str(s)
1916    }
1917}
1918
1919#[stable(feature = "rust1", since = "1.0.0")]
1920impl<T: fmt::Display + ?Sized, A: Allocator> fmt::Display for Box<T, A> {
1921    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
1922        fmt::Display::fmt(&**self, f)
1923    }
1924}
1925
1926#[stable(feature = "rust1", since = "1.0.0")]
1927impl<T: fmt::Debug + ?Sized, A: Allocator> fmt::Debug for Box<T, A> {
1928    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
1929        fmt::Debug::fmt(&**self, f)
1930    }
1931}
1932
1933#[stable(feature = "rust1", since = "1.0.0")]
1934impl<T: ?Sized, A: Allocator> fmt::Pointer for Box<T, A> {
1935    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
1936        // It's not possible to extract the inner Uniq directly from the Box,
1937        // instead we cast it to a *const which aliases the Unique
1938        let ptr: *const T = &**self;
1939        fmt::Pointer::fmt(&ptr, f)
1940    }
1941}
1942
1943#[stable(feature = "rust1", since = "1.0.0")]
1944impl<T: ?Sized, A: Allocator> Deref for Box<T, A> {
1945    type Target = T;
1946
1947    fn deref(&self) -> &T {
1948        &**self
1949    }
1950}
1951
1952#[stable(feature = "rust1", since = "1.0.0")]
1953impl<T: ?Sized, A: Allocator> DerefMut for Box<T, A> {
1954    fn deref_mut(&mut self) -> &mut T {
1955        &mut **self
1956    }
1957}
1958
1959#[unstable(feature = "deref_pure_trait", issue = "87121")]
1960unsafe impl<T: ?Sized, A: Allocator> DerefPure for Box<T, A> {}
1961
1962#[unstable(feature = "legacy_receiver_trait", issue = "none")]
1963impl<T: ?Sized, A: Allocator> LegacyReceiver for Box<T, A> {}
1964
1965#[stable(feature = "boxed_closure_impls", since = "1.35.0")]
1966impl<Args: Tuple, F: FnOnce<Args> + ?Sized, A: Allocator> FnOnce<Args> for Box<F, A> {
1967    type Output = <F as FnOnce<Args>>::Output;
1968
1969    extern "rust-call" fn call_once(self, args: Args) -> Self::Output {
1970        <F as FnOnce<Args>>::call_once(*self, args)
1971    }
1972}
1973
1974#[stable(feature = "boxed_closure_impls", since = "1.35.0")]
1975impl<Args: Tuple, F: FnMut<Args> + ?Sized, A: Allocator> FnMut<Args> for Box<F, A> {
1976    extern "rust-call" fn call_mut(&mut self, args: Args) -> Self::Output {
1977        <F as FnMut<Args>>::call_mut(self, args)
1978    }
1979}
1980
1981#[stable(feature = "boxed_closure_impls", since = "1.35.0")]
1982impl<Args: Tuple, F: Fn<Args> + ?Sized, A: Allocator> Fn<Args> for Box<F, A> {
1983    extern "rust-call" fn call(&self, args: Args) -> Self::Output {
1984        <F as Fn<Args>>::call(self, args)
1985    }
1986}
1987
1988#[stable(feature = "async_closure", since = "1.85.0")]
1989impl<Args: Tuple, F: AsyncFnOnce<Args> + ?Sized, A: Allocator> AsyncFnOnce<Args> for Box<F, A> {
1990    type Output = F::Output;
1991    type CallOnceFuture = F::CallOnceFuture;
1992
1993    extern "rust-call" fn async_call_once(self, args: Args) -> Self::CallOnceFuture {
1994        F::async_call_once(*self, args)
1995    }
1996}
1997
1998#[stable(feature = "async_closure", since = "1.85.0")]
1999impl<Args: Tuple, F: AsyncFnMut<Args> + ?Sized, A: Allocator> AsyncFnMut<Args> for Box<F, A> {
2000    type CallRefFuture<'a>
2001        = F::CallRefFuture<'a>
2002    where
2003        Self: 'a;
2004
2005    extern "rust-call" fn async_call_mut(&mut self, args: Args) -> Self::CallRefFuture<'_> {
2006        F::async_call_mut(self, args)
2007    }
2008}
2009
2010#[stable(feature = "async_closure", since = "1.85.0")]
2011impl<Args: Tuple, F: AsyncFn<Args> + ?Sized, A: Allocator> AsyncFn<Args> for Box<F, A> {
2012    extern "rust-call" fn async_call(&self, args: Args) -> Self::CallRefFuture<'_> {
2013        F::async_call(self, args)
2014    }
2015}
2016
2017#[unstable(feature = "coerce_unsized", issue = "18598")]
2018impl<T: ?Sized + Unsize<U>, U: ?Sized, A: Allocator> CoerceUnsized<Box<U, A>> for Box<T, A> {}
2019
2020#[unstable(feature = "pin_coerce_unsized_trait", issue = "123430")]
2021unsafe impl<T: ?Sized, A: Allocator> PinCoerceUnsized for Box<T, A> {}
2022
2023// It is quite crucial that we only allow the `Global` allocator here.
2024// Handling arbitrary custom allocators (which can affect the `Box` layout heavily!)
2025// would need a lot of codegen and interpreter adjustments.
2026#[unstable(feature = "dispatch_from_dyn", issue = "none")]
2027impl<T: ?Sized + Unsize<U>, U: ?Sized> DispatchFromDyn<Box<U>> for Box<T, Global> {}
2028
2029#[stable(feature = "box_borrow", since = "1.1.0")]
2030impl<T: ?Sized, A: Allocator> Borrow<T> for Box<T, A> {
2031    fn borrow(&self) -> &T {
2032        &**self
2033    }
2034}
2035
2036#[stable(feature = "box_borrow", since = "1.1.0")]
2037impl<T: ?Sized, A: Allocator> BorrowMut<T> for Box<T, A> {
2038    fn borrow_mut(&mut self) -> &mut T {
2039        &mut **self
2040    }
2041}
2042
2043#[stable(since = "1.5.0", feature = "smart_ptr_as_ref")]
2044impl<T: ?Sized, A: Allocator> AsRef<T> for Box<T, A> {
2045    fn as_ref(&self) -> &T {
2046        &**self
2047    }
2048}
2049
2050#[stable(since = "1.5.0", feature = "smart_ptr_as_ref")]
2051impl<T: ?Sized, A: Allocator> AsMut<T> for Box<T, A> {
2052    fn as_mut(&mut self) -> &mut T {
2053        &mut **self
2054    }
2055}
2056
2057/* Nota bene
2058 *
2059 *  We could have chosen not to add this impl, and instead have written a
2060 *  function of Pin<Box<T>> to Pin<T>. Such a function would not be sound,
2061 *  because Box<T> implements Unpin even when T does not, as a result of
2062 *  this impl.
2063 *
2064 *  We chose this API instead of the alternative for a few reasons:
2065 *      - Logically, it is helpful to understand pinning in regard to the
2066 *        memory region being pointed to. For this reason none of the
2067 *        standard library pointer types support projecting through a pin
2068 *        (Box<T> is the only pointer type in std for which this would be
2069 *        safe.)
2070 *      - It is in practice very useful to have Box<T> be unconditionally
2071 *        Unpin because of trait objects, for which the structural auto
2072 *        trait functionality does not apply (e.g., Box<dyn Foo> would
2073 *        otherwise not be Unpin).
2074 *
2075 *  Another type with the same semantics as Box but only a conditional
2076 *  implementation of `Unpin` (where `T: Unpin`) would be valid/safe, and
2077 *  could have a method to project a Pin<T> from it.
2078 */
2079#[stable(feature = "pin", since = "1.33.0")]
2080impl<T: ?Sized, A: Allocator> Unpin for Box<T, A> {}
2081
2082#[unstable(feature = "coroutine_trait", issue = "43122")]
2083impl<G: ?Sized + Coroutine<R> + Unpin, R, A: Allocator> Coroutine<R> for Box<G, A> {
2084    type Yield = G::Yield;
2085    type Return = G::Return;
2086
2087    fn resume(mut self: Pin<&mut Self>, arg: R) -> CoroutineState<Self::Yield, Self::Return> {
2088        G::resume(Pin::new(&mut *self), arg)
2089    }
2090}
2091
2092#[unstable(feature = "coroutine_trait", issue = "43122")]
2093impl<G: ?Sized + Coroutine<R>, R, A: Allocator> Coroutine<R> for Pin<Box<G, A>>
2094where
2095    A: 'static,
2096{
2097    type Yield = G::Yield;
2098    type Return = G::Return;
2099
2100    fn resume(mut self: Pin<&mut Self>, arg: R) -> CoroutineState<Self::Yield, Self::Return> {
2101        G::resume((*self).as_mut(), arg)
2102    }
2103}
2104
2105#[stable(feature = "futures_api", since = "1.36.0")]
2106impl<F: ?Sized + Future + Unpin, A: Allocator> Future for Box<F, A> {
2107    type Output = F::Output;
2108
2109    fn poll(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<Self::Output> {
2110        F::poll(Pin::new(&mut *self), cx)
2111    }
2112}
2113
2114#[stable(feature = "box_error", since = "1.8.0")]
2115impl<E: Error> Error for Box<E> {
2116    #[allow(deprecated, deprecated_in_future)]
2117    fn description(&self) -> &str {
2118        Error::description(&**self)
2119    }
2120
2121    #[allow(deprecated)]
2122    fn cause(&self) -> Option<&dyn Error> {
2123        Error::cause(&**self)
2124    }
2125
2126    fn source(&self) -> Option<&(dyn Error + 'static)> {
2127        Error::source(&**self)
2128    }
2129
2130    fn provide<'b>(&'b self, request: &mut error::Request<'b>) {
2131        Error::provide(&**self, request);
2132    }
2133}
2134
2135#[unstable(feature = "pointer_like_trait", issue = "none")]
2136impl<T> PointerLike for Box<T> {}