# moveit
A library for safe, in-place construction of Rust (and C++!) objects.
## How It Works
`moveit` revolves around `unsafe trait`s that impose additional guarantees
on `!Unpin` types, such that they can be moved in the C++ sense. There are
two senses of "move" frequently used:
- The Rust sense, which is a blind memcpy and analogous-ish to the
C++ "std::is_trivially_moveable` type-trait. Rust moves also render the
moved-from object inaccessible.
- The C++ sense, where a move is really like a mutating `Clone` operation,
which leave the moved-from value accessible to be destroyed at the end of
the scope.
C++ also has *constructors*, which are special functions that produce a new
value in a particular location. In particular, C++ constructors may assume
that the address of `*this` will not change; all C++ objects are effectively
pinned and new objects must be constructed using copy or move constructors.
The [`New`], [`CopyNew`], and [`MoveNew`] traits bring these concepts
into Rust. A [`New`] is like a nilary [`FnOnce`], except that instead of
returning its result, it writes it to a `Pin<&mut MaybeUninit<T>>`, which is
in the "memory may be repurposed" state described in the
[`Pin` documentation] (i.e., either it is freshly allocated or the
destructor was recently run). This allows a [`New`] to rely on the
pointer's address remaining stable, much like `*this` in C++.
Types that implement [`CopyNew`] may be *copy-constructed*: given any
pointer to `T: CopyNew`, we can generate a constructor that constructs a
new, identical `T` at a designated location. [`MoveNew`] types may be
*move-constructed*: given an *owning* pointer (see [`DerefMove`]) to `T`,
we can generate a similar constructor, except that it also destroys the
`T` and the owning pointer's storage.
None of this violates the existing `Pin` guarantees: moving out of a
`Pin<P>` does not perform a move in the Rust sense, but rather in the C++
sense: it mutates through the pinned pointer in a safe manner to construct
a new `P::Target`, and then destroys the pointer and its contents.
In general, move-constructible types are going to want to be `!Unpin` so
that they can be self-referential. Self-referential types are one of the
primary motivations for move constructors.
## Constructors
A constructor is any type that implements [`New`]. Constructors are like
closures that have guaranteed RVO, which can be used to construct a
self-referential type in-place. To use the example from the `Pin<T>` docs:
```rust
use std::marker::PhantomPinned;
use std::mem::MaybeUninit;
use std::pin::Pin;
use std::ptr;
use std::ptr::NonNull;
use moveit::new;
use moveit::new::New;
use moveit::moveit;
// This is a self-referential struct because the slice field points to the
// data field. We cannot inform the compiler about that with a normal
// reference, as this pattern cannot be described with the usual borrowing
// rules. Instead we use a raw pointer, though one which is known not to be
// null, as we know it's pointing at the string.
struct Unmovable {
data: String,
slice: NonNull<String>,
_pin: PhantomPinned,
}
impl Unmovable {
// Defer construction until the final location is known.
fn new(data: String) -> impl New<Output = Self> {
new::of(Unmovable {
data,
// We only create the pointer once the data is in place
// otherwise it will have already moved before we even started.
slice: NonNull::dangling(),
_pin: PhantomPinned,
}).with(|this| unsafe {
let this = this.get_unchecked_mut();
this.slice = NonNull::from(&this.data);
})
// It is also possible to use other `new::` helpers, such as
// `new::by` and `new::by_raw`, to configure construction behavior.
}
}
// The constructor can't be used directly, and needs to be emplaced.
moveit! {
let unmoved = Unmovable::new("hello".to_string());
}
// The pointer should point to the correct location,
// so long as the struct hasn't moved.
// Meanwhile, we are free to move the pointer around.
let mut still_unmoved = unmoved;
assert_eq!(still_unmoved.slice, NonNull::from(&still_unmoved.data));
// Since our type doesn't implement Unpin, this will fail to compile:
// let mut new_unmoved = Unmovable::new("world".to_string());
// std::mem::swap(&mut *still_unmoved, &mut *new_unmoved);
// However, we can implement `MoveNew` to allow it to be "moved" again.
```
The [`new`] module provides various helpers for making constructors. As a
rule, functions which, in Rust, would normally construct and return a value
should return `impl New` instead. This is analogous to have `async fn`s and
`.iter()` functions work.
## Emplacement
The example above makes use of the [`moveit!()`] macro, one of many ways to
turn a constructor into a value. `moveit` gives you two choices for running
a constructor:
- On the stack, using the [`MoveRef`] type (this is what [`moveit!()`]
generates).
- On the heap, using the extension methods from the [`Emplace`] trait.
For example, we could have placed the above in a `Box` by writing
`Box::emplace(Unmovable::new())`.
[`Pin` documentation]: https://doc.rust-lang.org/std/pin/index.html#drop-guarantee
License: Apache-2.0
This is not an officially supported Google product.