Improve libcore/cell.rs docs

This commit is contained in:
Steve Klabnik 2015-01-23 15:02:05 -05:00
parent 86fbdbfbcd
commit edc67817a3

View File

@ -10,39 +10,30 @@
//! Shareable mutable containers. //! Shareable mutable containers.
//! //!
//! Values of the `Cell` and `RefCell` types may be mutated through //! Values of the `Cell<T>` and `RefCell<T>` types may be mutated through shared references (i.e.
//! shared references (i.e. the common `&T` type), whereas most Rust //! the common `&T` type), whereas most Rust types can only be mutated through unique (`&mut T`)
//! types can only be mutated through unique (`&mut T`) references. We //! references. We say that `Cell<T>` and `RefCell<T>` provide 'interior mutability', in contrast
//! say that `Cell` and `RefCell` provide *interior mutability*, in //! with typical Rust types that exhibit 'inherited mutability'.
//! contrast with typical Rust types that exhibit *inherited
//! mutability*.
//! //!
//! Cell types come in two flavors: `Cell` and `RefCell`. `Cell` //! Cell types come in two flavors: `Cell<T>` and `RefCell<T>`. `Cell<T>` provides `get` and `set`
//! provides `get` and `set` methods that change the //! methods that change the interior value with a single method call. `Cell<T>` though is only
//! interior value with a single method call. `Cell` though is only //! compatible with types that implement `Copy`. For other types, one must use the `RefCell<T>`
//! compatible with types that implement `Copy`. For other types, //! type, acquiring a write lock before mutating.
//! one must use the `RefCell` type, acquiring a write lock before
//! mutating.
//! //!
//! `RefCell` uses Rust's lifetimes to implement *dynamic borrowing*, //! `RefCell<T>` uses Rust's lifetimes to implement 'dynamic borrowing', a process whereby one can
//! a process whereby one can claim temporary, exclusive, mutable //! claim temporary, exclusive, mutable access to the inner value. Borrows for `RefCell<T>`s are
//! access to the inner value. Borrows for `RefCell`s are tracked *at //! tracked 'at runtime', unlike Rust's native reference types which are entirely tracked
//! runtime*, unlike Rust's native reference types which are entirely //! statically, at compile time. Because `RefCell<T>` borrows are dynamic it is possible to attempt
//! tracked statically, at compile time. Because `RefCell` borrows are //! to borrow a value that is already mutably borrowed; when this happens it results in task panic.
//! dynamic it is possible to attempt to borrow a value that is
//! already mutably borrowed; when this happens it results in task
//! panic.
//! //!
//! # When to choose interior mutability //! # When to choose interior mutability
//! //!
//! The more common inherited mutability, where one must have unique //! The more common inherited mutability, where one must have unique access to mutate a value, is
//! access to mutate a value, is one of the key language elements that //! one of the key language elements that enables Rust to reason strongly about pointer aliasing,
//! enables Rust to reason strongly about pointer aliasing, statically //! statically preventing crash bugs. Because of that, inherited mutability is preferred, and
//! preventing crash bugs. Because of that, inherited mutability is //! interior mutability is something of a last resort. Since cell types enable mutation where it
//! preferred, and interior mutability is something of a last //! would otherwise be disallowed though, there are occasions when interior mutability might be
//! resort. Since cell types enable mutation where it would otherwise //! appropriate, or even *must* be used, e.g.
//! be disallowed though, there are occasions when interior
//! mutability might be appropriate, or even *must* be used, e.g.
//! //!
//! * Introducing inherited mutability roots to shared types. //! * Introducing inherited mutability roots to shared types.
//! * Implementation details of logically-immutable methods. //! * Implementation details of logically-immutable methods.
@ -50,15 +41,13 @@
//! //!
//! ## Introducing inherited mutability roots to shared types //! ## Introducing inherited mutability roots to shared types
//! //!
//! Shared smart pointer types, including `Rc` and `Arc`, provide //! Shared smart pointer types, including `Rc<T>` and `Arc<T>`, provide containers that can be
//! containers that can be cloned and shared between multiple parties. //! cloned and shared between multiple parties. Because the contained values may be
//! Because the contained values may be multiply-aliased, they can //! multiply-aliased, they can only be borrowed as shared references, not mutable references.
//! only be borrowed as shared references, not mutable references. //! Without cells it would be impossible to mutate data inside of shared boxes at all!
//! Without cells it would be impossible to mutate data inside of
//! shared boxes at all!
//! //!
//! It's very common then to put a `RefCell` inside shared pointer //! It's very common then to put a `RefCell<T>` inside shared pointer types to reintroduce
//! types to reintroduce mutability: //! mutability:
//! //!
//! ``` //! ```
//! use std::collections::HashMap; //! use std::collections::HashMap;
@ -80,12 +69,10 @@
//! //!
//! ## Implementation details of logically-immutable methods //! ## Implementation details of logically-immutable methods
//! //!
//! Occasionally it may be desirable not to expose in an API that //! Occasionally it may be desirable not to expose in an API that there is mutation happening
//! there is mutation happening "under the hood". This may be because //! "under the hood". This may be because logically the operation is immutable, but e.g. caching
//! logically the operation is immutable, but e.g. caching forces the //! forces the implementation to perform mutation; or because you must employ mutation to implement
//! implementation to perform mutation; or because you must employ //! a trait method that was originally defined to take `&self`.
//! mutation to implement a trait method that was originally defined
//! to take `&self`.
//! //!
//! ``` //! ```
//! use std::cell::RefCell; //! use std::cell::RefCell;
@ -123,13 +110,11 @@
//! //!
//! ## Mutating implementations of `clone` //! ## Mutating implementations of `clone`
//! //!
//! This is simply a special - but common - case of the previous: //! This is simply a special - but common - case of the previous: hiding mutability for operations
//! hiding mutability for operations that appear to be immutable. //! that appear to be immutable. The `clone` method is expected to not change the source value, and
//! The `clone` method is expected to not change the source value, and //! is declared to take `&self`, not `&mut self`. Therefore any mutation that happens in the
//! is declared to take `&self`, not `&mut self`. Therefore any //! `clone` method must use cell types. For example, `Rc<T>` maintains its reference counts within a
//! mutation that happens in the `clone` method must use cell //! `Cell<T>`.
//! types. For example, `Rc` maintains its reference counts within a
//! `Cell`.
//! //!
//! ``` //! ```
//! use std::cell::Cell; //! use std::cell::Cell;
@ -153,10 +138,6 @@
//! } //! }
//! ``` //! ```
//! //!
// FIXME: Explain difference between Cell and RefCell
// FIXME: Downsides to interior mutability
// FIXME: Can't be shared between threads. Dynamic borrows
// FIXME: Relationship to Atomic types and RWLock
#![stable] #![stable]
@ -169,6 +150,8 @@ use option::Option;
use option::Option::{None, Some}; use option::Option::{None, Some};
/// A mutable memory location that admits only `Copy` data. /// A mutable memory location that admits only `Copy` data.
///
/// See the [module-level documentation](../index.html) for more.
#[stable] #[stable]
pub struct Cell<T> { pub struct Cell<T> {
value: UnsafeCell<T>, value: UnsafeCell<T>,
@ -176,6 +159,14 @@ pub struct Cell<T> {
impl<T:Copy> Cell<T> { impl<T:Copy> Cell<T> {
/// Creates a new `Cell` containing the given value. /// Creates a new `Cell` containing the given value.
///
/// # Examples
///
/// ```
/// use std::cell::Cell;
///
/// let c = Cell::new(5);
/// ```
#[stable] #[stable]
pub fn new(value: T) -> Cell<T> { pub fn new(value: T) -> Cell<T> {
Cell { Cell {
@ -184,6 +175,16 @@ impl<T:Copy> Cell<T> {
} }
/// Returns a copy of the contained value. /// Returns a copy of the contained value.
///
/// # Examples
///
/// ```
/// use std::cell::Cell;
///
/// let c = Cell::new(5);
///
/// let five = c.get();
/// ```
#[inline] #[inline]
#[stable] #[stable]
pub fn get(&self) -> T { pub fn get(&self) -> T {
@ -191,6 +192,16 @@ impl<T:Copy> Cell<T> {
} }
/// Sets the contained value. /// Sets the contained value.
///
/// # Examples
///
/// ```
/// use std::cell::Cell;
///
/// let c = Cell::new(5);
///
/// c.set(10);
/// ```
#[inline] #[inline]
#[stable] #[stable]
pub fn set(&self, value: T) { pub fn set(&self, value: T) {
@ -201,9 +212,19 @@ impl<T:Copy> Cell<T> {
/// Get a reference to the underlying `UnsafeCell`. /// Get a reference to the underlying `UnsafeCell`.
/// ///
/// This can be used to circumvent `Cell`'s safety checks. /// # Unsafety
/// ///
/// This function is `unsafe` because `UnsafeCell`'s field is public. /// This function is `unsafe` because `UnsafeCell`'s field is public.
///
/// # Examples
///
/// ```
/// use std::cell::Cell;
///
/// let c = Cell::new(5);
///
/// let uc = unsafe { c.as_unsafe_cell() };
/// ```
#[inline] #[inline]
#[unstable] #[unstable]
pub unsafe fn as_unsafe_cell<'a>(&'a self) -> &'a UnsafeCell<T> { pub unsafe fn as_unsafe_cell<'a>(&'a self) -> &'a UnsafeCell<T> {
@ -237,6 +258,8 @@ impl<T:PartialEq + Copy> PartialEq for Cell<T> {
} }
/// A mutable memory location with dynamically checked borrow rules /// A mutable memory location with dynamically checked borrow rules
///
/// See the [module-level documentation](../index.html) for more.
#[stable] #[stable]
pub struct RefCell<T> { pub struct RefCell<T> {
value: UnsafeCell<T>, value: UnsafeCell<T>,
@ -250,7 +273,15 @@ const UNUSED: BorrowFlag = 0;
const WRITING: BorrowFlag = -1; const WRITING: BorrowFlag = -1;
impl<T> RefCell<T> { impl<T> RefCell<T> {
/// Create a new `RefCell` containing `value` /// Creates a new `RefCell` containing `value`.
///
/// # Examples
///
/// ```
/// use std::cell::RefCell;
///
/// let c = RefCell::new(5);
/// ```
#[stable] #[stable]
pub fn new(value: T) -> RefCell<T> { pub fn new(value: T) -> RefCell<T> {
RefCell { RefCell {
@ -260,6 +291,16 @@ impl<T> RefCell<T> {
} }
/// Consumes the `RefCell`, returning the wrapped value. /// Consumes the `RefCell`, returning the wrapped value.
///
/// # Examples
///
/// ```
/// use std::cell::RefCell;
///
/// let c = RefCell::new(5);
///
/// let five = c.into_inner();
/// ```
#[stable] #[stable]
pub fn into_inner(self) -> T { pub fn into_inner(self) -> T {
// Since this function takes `self` (the `RefCell`) by value, the // Since this function takes `self` (the `RefCell`) by value, the
@ -285,12 +326,39 @@ impl<T> RefCell<T> {
/// Immutably borrows the wrapped value. /// Immutably borrows the wrapped value.
/// ///
/// The borrow lasts until the returned `Ref` exits scope. Multiple /// The borrow lasts until the returned `Ref` exits scope. Multiple immutable borrows can be
/// immutable borrows can be taken out at the same time. /// taken out at the same time.
/// ///
/// # Panics /// # Panics
/// ///
/// Panics if the value is currently mutably borrowed. /// Panics if the value is currently mutably borrowed.
///
/// # Examples
///
/// ```
/// use std::cell::RefCell;
///
/// let c = RefCell::new(5);
///
/// let borrowed_five = c.borrow();
/// let borrowed_five2 = c.borrow();
/// ```
///
/// An example of panic:
///
/// ```
/// use std::cell::RefCell;
/// use std::thread::Thread;
///
/// let result = Thread::scoped(move || {
/// let c = RefCell::new(5);
/// let m = c.borrow_mut();
///
/// let b = c.borrow(); // this causes a panic
/// }).join();
///
/// assert!(result.is_err());
/// ```
#[stable] #[stable]
pub fn borrow<'a>(&'a self) -> Ref<'a, T> { pub fn borrow<'a>(&'a self) -> Ref<'a, T> {
match self.try_borrow() { match self.try_borrow() {
@ -315,12 +383,38 @@ impl<T> RefCell<T> {
/// Mutably borrows the wrapped value. /// Mutably borrows the wrapped value.
/// ///
/// The borrow lasts until the returned `RefMut` exits scope. The value /// The borrow lasts until the returned `RefMut` exits scope. The value cannot be borrowed
/// cannot be borrowed while this borrow is active. /// while this borrow is active.
/// ///
/// # Panics /// # Panics
/// ///
/// Panics if the value is currently borrowed. /// Panics if the value is currently borrowed.
///
/// # Examples
///
/// ```
/// use std::cell::RefCell;
///
/// let c = RefCell::new(5);
///
/// let borrowed_five = c.borrow_mut();
/// ```
///
/// An example of panic:
///
/// ```
/// use std::cell::RefCell;
/// use std::thread::Thread;
///
/// let result = Thread::scoped(move || {
/// let c = RefCell::new(5);
/// let m = c.borrow_mut();
///
/// let b = c.borrow_mut(); // this causes a panic
/// }).join();
///
/// assert!(result.is_err());
/// ```
#[stable] #[stable]
pub fn borrow_mut<'a>(&'a self) -> RefMut<'a, T> { pub fn borrow_mut<'a>(&'a self) -> RefMut<'a, T> {
match self.try_borrow_mut() { match self.try_borrow_mut() {
@ -402,7 +496,9 @@ impl<'b> Clone for BorrowRef<'b> {
} }
} }
/// Wraps a borrowed reference to a value in a `RefCell` box. /// A wrapper type for an immutably borrowed value from a `RefCell<T>`.
///
/// See the [module-level documentation](../index.html) for more.
#[stable] #[stable]
pub struct Ref<'b, T:'b> { pub struct Ref<'b, T:'b> {
// FIXME #12808: strange name to try to avoid interfering with // FIXME #12808: strange name to try to avoid interfering with
@ -460,7 +556,9 @@ impl<'b> BorrowRefMut<'b> {
} }
} }
/// Wraps a mutable borrowed reference to a value in a `RefCell` box. /// A wrapper type for a mutably borrowed value from a `RefCell<T>`.
///
/// See the [module-level documentation](../index.html) for more.
#[stable] #[stable]
pub struct RefMut<'b, T:'b> { pub struct RefMut<'b, T:'b> {
// FIXME #12808: strange name to try to avoid interfering with // FIXME #12808: strange name to try to avoid interfering with
@ -489,28 +587,25 @@ impl<'b, T> DerefMut for RefMut<'b, T> {
/// The core primitive for interior mutability in Rust. /// The core primitive for interior mutability in Rust.
/// ///
/// `UnsafeCell` type that wraps a type T and indicates unsafe interior /// `UnsafeCell<T>` is a type that wraps some `T` and indicates unsafe interior operations on the
/// operations on the wrapped type. Types with an `UnsafeCell<T>` field are /// wrapped type. Types with an `UnsafeCell<T>` field are considered to have an 'unsafe interior'.
/// considered to have an *unsafe interior*. The `UnsafeCell` type is the only /// The `UnsafeCell<T>` type is the only legal way to obtain aliasable data that is considered
/// legal way to obtain aliasable data that is considered mutable. In general, /// mutable. In general, transmuting an `&T` type into an `&mut T` is considered undefined behavior.
/// transmuting an &T type into an &mut T is considered undefined behavior.
/// ///
/// Although it is possible to put an `UnsafeCell<T>` into static item, it is /// Although it is possible to put an `UnsafeCell<T>` into static item, it is not permitted to take
/// not permitted to take the address of the static item if the item is not /// the address of the static item if the item is not declared as mutable. This rule exists because
/// declared as mutable. This rule exists because immutable static items are /// immutable static items are stored in read-only memory, and thus any attempt to mutate their
/// stored in read-only memory, and thus any attempt to mutate their interior /// interior can cause segfaults. Immutable static items containing `UnsafeCell<T>` instances are
/// can cause segfaults. Immutable static items containing `UnsafeCell<T>` /// still useful as read-only initializers, however, so we do not forbid them altogether.
/// instances are still useful as read-only initializers, however, so we do not
/// forbid them altogether.
/// ///
/// Types like `Cell` and `RefCell` use this type to wrap their internal data. /// Types like `Cell<T>` and `RefCell<T>` use this type to wrap their internal data.
/// ///
/// `UnsafeCell` doesn't opt-out from any kind, instead, types with an /// `UnsafeCell<T>` doesn't opt-out from any marker traits, instead, types with an `UnsafeCell<T>`
/// `UnsafeCell` interior are expected to opt-out from kinds themselves. /// interior are expected to opt-out from those traits themselves.
/// ///
/// # Example: /// # Examples
/// ///
/// ```rust /// ```
/// use std::cell::UnsafeCell; /// use std::cell::UnsafeCell;
/// use std::marker::Sync; /// use std::marker::Sync;
/// ///
@ -521,9 +616,8 @@ impl<'b, T> DerefMut for RefMut<'b, T> {
/// unsafe impl<T> Sync for NotThreadSafe<T> {} /// unsafe impl<T> Sync for NotThreadSafe<T> {}
/// ``` /// ```
/// ///
/// **NOTE:** `UnsafeCell<T>` fields are public to allow static initializers. It /// **NOTE:** `UnsafeCell<T>`'s fields are public to allow static initializers. It is not
/// is not recommended to access its fields directly, `get` should be used /// recommended to access its fields directly, `get` should be used instead.
/// instead.
#[lang="unsafe"] #[lang="unsafe"]
#[stable] #[stable]
pub struct UnsafeCell<T> { pub struct UnsafeCell<T> {
@ -539,22 +633,52 @@ impl<T> UnsafeCell<T> {
/// Construct a new instance of `UnsafeCell` which will wrap the specified /// Construct a new instance of `UnsafeCell` which will wrap the specified
/// value. /// value.
/// ///
/// All access to the inner value through methods is `unsafe`, and it is /// All access to the inner value through methods is `unsafe`, and it is highly discouraged to
/// highly discouraged to access the fields directly. /// access the fields directly.
///
/// # Examples
///
/// ```
/// use std::cell::UnsafeCell;
///
/// let uc = UnsafeCell::new(5);
/// ```
#[stable] #[stable]
pub fn new(value: T) -> UnsafeCell<T> { pub fn new(value: T) -> UnsafeCell<T> {
UnsafeCell { value: value } UnsafeCell { value: value }
} }
/// Gets a mutable pointer to the wrapped value. /// Gets a mutable pointer to the wrapped value.
///
/// # Examples
///
/// ```
/// use std::cell::UnsafeCell;
///
/// let uc = UnsafeCell::new(5);
///
/// let five = uc.get();
/// ```
#[inline] #[inline]
#[stable] #[stable]
pub fn get(&self) -> *mut T { &self.value as *const T as *mut T } pub fn get(&self) -> *mut T { &self.value as *const T as *mut T }
/// Unwraps the value /// Unwraps the value
/// ///
/// This function is unsafe because there is no guarantee that this or other /// # Unsafety
/// tasks are currently inspecting the inner value. ///
/// This function is unsafe because there is no guarantee that this or other threads are
/// currently inspecting the inner value.
///
/// # Examples
///
/// ```
/// use std::cell::UnsafeCell;
///
/// let uc = UnsafeCell::new(5);
///
/// let five = unsafe { uc.into_inner() };
/// ```
#[inline] #[inline]
#[stable] #[stable]
pub unsafe fn into_inner(self) -> T { self.value } pub unsafe fn into_inner(self) -> T { self.value }