[PATCH v5 7/7] rust: alloc: add Vec::insert_within_capacity

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Alice Ryhl <aliceryhl@google.com>
To: Danilo Krummrich <dakr@kernel.org>
Cc: Matthew Maurer <mmaurer@google.com>,
	rust-for-linux@vger.kernel.org,  linux-kernel@vger.kernel.org,
	Alice Ryhl <aliceryhl@google.com>
Subject: [PATCH v5 7/7] rust: alloc: add Vec::insert_within_capacity
Date: Fri, 02 May 2025 13:19:35 +0000	[thread overview]
Message-ID: <20250502-vec-methods-v5-7-06d20ad9366f@google.com> (raw)
In-Reply-To: <20250502-vec-methods-v5-0-06d20ad9366f@google.com>

This adds a variant of Vec::insert that does not allocate memory. This
makes it safe to use this function while holding a spinlock. Rust Binder
uses it for the range allocator fast path.

Signed-off-by: Alice Ryhl <aliceryhl@google.com>
---
 rust/kernel/alloc/kvec.rs        | 51 +++++++++++++++++++++++++++++++++++++++-
 rust/kernel/alloc/kvec/errors.rs | 23 ++++++++++++++++++
 2 files changed, 73 insertions(+), 1 deletion(-)

diff --git a/rust/kernel/alloc/kvec.rs b/rust/kernel/alloc/kvec.rs
index 8845e7694334b672476ff935580f3a9eb94d23fe..d2f3669c5417422dddaebcc7348543d3576b9ba8 100644
--- a/rust/kernel/alloc/kvec.rs
+++ b/rust/kernel/alloc/kvec.rs
@@ -22,7 +22,7 @@
 };
 
 mod errors;
-pub use self::errors::{PushError, RemoveError};
+pub use self::errors::{InsertError, PushError, RemoveError};
 
 /// Create a [`KVec`] containing the arguments.
 ///
@@ -358,6 +358,55 @@ pub unsafe fn push_within_capacity_unchecked(&mut self, v: T) {
         unsafe { self.inc_len(1) };
     }
 
+    /// Inserts an element at the given index in the [`Vec`] instance.
+    ///
+    /// Fails if the vector does not have capacity for the new element. Panics if the index is out
+    /// of bounds.
+    ///
+    /// # Examples
+    ///
+    /// ```
+    /// use kernel::alloc::kvec::InsertError;
+    ///
+    /// let mut v = KVec::with_capacity(5, GFP_KERNEL)?;
+    /// for i in 0..5 {
+    ///     v.insert_within_capacity(0, i)?;
+    /// }
+    ///
+    /// assert!(matches!(v.insert_within_capacity(0, 5), Err(InsertError::OutOfCapacity(_))));
+    /// assert!(matches!(v.insert_within_capacity(1000, 5), Err(InsertError::IndexOutOfBounds(_))));
+    /// assert_eq!(v, [4, 3, 2, 1, 0]);
+    /// # Ok::<(), Error>(())
+    /// ```
+    pub fn insert_within_capacity(
+        &mut self,
+        index: usize,
+        element: T,
+    ) -> Result<(), InsertError<T>> {
+        let len = self.len();
+        if index > len {
+            return Err(InsertError::IndexOutOfBounds(element));
+        }
+
+        if len >= self.capacity() {
+            return Err(InsertError::OutOfCapacity(element));
+        }
+
+        // SAFETY: This is in bounds since `index <= len < capacity`.
+        let p = unsafe { self.as_mut_ptr().add(index) };
+        // INVARIANT: This breaks the Vec invariants by making `index` contain an invalid element,
+        // but we restore the invariants below.
+        // SAFETY: Both the src and dst ranges end no later than one element after the length.
+        // Since the length is less than the capacity, both ranges are in bounds of the allocation.
+        unsafe { ptr::copy(p, p.add(1), len - index) };
+        // INVARIANT: This restores the Vec invariants.
+        // SAFETY: The pointer is in-bounds of the allocation.
+        unsafe { ptr::write(p, element) };
+        // SAFETY: Index `len` contains a valid element due to the above copy and write.
+        unsafe { self.inc_len(1) };
+        Ok(())
+    }
+
     /// Removes the last element from a vector and returns it, or `None` if it is empty.
     ///
     /// # Examples
diff --git a/rust/kernel/alloc/kvec/errors.rs b/rust/kernel/alloc/kvec/errors.rs
index 06fe696e8bc6612a5e6aa2f6c28b685033acfa2f..348b8d27e102ca34a0d6194ae9d00b12c11547b4 100644
--- a/rust/kernel/alloc/kvec/errors.rs
+++ b/rust/kernel/alloc/kvec/errors.rs
@@ -36,3 +36,26 @@ fn from(_: RemoveError) -> Error {
         EINVAL
     }
 }
+
+/// Error type for [`Vec::insert_within_capacity`].
+pub enum InsertError<T> {
+    /// The value could not be inserted because the index is out of bounds.
+    IndexOutOfBounds(T),
+    /// The value could not be inserted because the vector is out of capacity.
+    OutOfCapacity(T),
+}
+
+impl<T> Debug for InsertError<T> {
+    fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result {
+        match self {
+            InsertError::IndexOutOfBounds(_) => write!(f, "Index out of bounds"),
+            InsertError::OutOfCapacity(_) => write!(f, "Not enough capacity"),
+        }
+    }
+}
+
+impl<T> From<InsertError<T>> for Error {
+    fn from(_: InsertError<T>) -> Error {
+        EINVAL
+    }
+}

-- 
2.49.0.967.g6a0df3ecc3-goog

next prev parent reply	other threads:[~2025-05-02 13:19 UTC|newest]

Thread overview: 24+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-05-02 13:19 [PATCH v5 0/7] Additional methods for Vec Alice Ryhl
2025-05-02 13:19 ` [PATCH v5 1/7] rust: alloc: add Vec::clear Alice Ryhl
2025-05-02 13:19 ` [PATCH v5 2/7] rust: alloc: add Vec::pop Alice Ryhl
2025-05-07 11:32   ` Benno Lossin
2025-05-02 13:19 ` [PATCH v5 3/7] rust: alloc: add Vec::push_within_capacity Alice Ryhl
2025-05-02 14:07   ` Greg KH
2025-05-02 14:25     ` Alice Ryhl
2025-05-03 11:50       ` Danilo Krummrich
2025-05-07 11:35   ` Benno Lossin
2025-05-02 13:19 ` [PATCH v5 4/7] rust: alloc: add Vec::drain_all Alice Ryhl
2025-05-07 11:37   ` Benno Lossin
2025-05-02 13:19 ` [PATCH v5 5/7] rust: alloc: add Vec::retain Alice Ryhl
2025-05-07 11:40   ` Benno Lossin
2025-05-02 13:19 ` [PATCH v5 6/7] rust: alloc: add Vec::remove Alice Ryhl
2025-05-03 11:44   ` Danilo Krummrich
2025-05-07  5:30   ` Alexandre Courbot
2025-05-07  5:32     ` Alexandre Courbot
2025-05-07  6:32       ` [PATCH v5 6/7] rust: alloc: add Vec::remove' Alice Ryhl
2025-05-07 11:44   ` [PATCH v5 6/7] rust: alloc: add Vec::remove Benno Lossin
2025-05-08  9:50     ` Alice Ryhl
2025-05-02 13:19 ` Alice Ryhl [this message]
2025-05-07 11:46   ` [PATCH v5 7/7] rust: alloc: add Vec::insert_within_capacity Benno Lossin
2025-05-02 14:08 ` [PATCH v5 0/7] Additional methods for Vec Greg KH
2025-05-07 16:46 ` Danilo Krummrich

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:8845e7694334b672476ff935580f3a9eb94d23f
dfblob:d2f3669c5417422dddaebcc7348543d3576b9ba
dfblob:06fe696e8bc6612a5e6aa2f6c28b685033acfa2
dfblob:348b8d27e102ca34a0d6194ae9d00b12c11547b )
 OR (
bs:"[PATCH v5 7/7] rust: alloc: add Vec::insert_within_capacity" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20250502-vec-methods-v5-7-06d20ad9366f@google.com \
    --to=aliceryhl@google.com \
    --cc=dakr@kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mmaurer@google.com \
    --cc=rust-for-linux@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.