Implement rfc 1789: Conversions from &mut T to &Cell<T>
#50494
Conversation
|
(rust_highfive has picked a reviewer for you, use r? to override) |
rust-highfive
added
the
S-waiting-on-review
This comment has been minimized.
This comment has been minimized.
kennytm
added
the
T-libs-api
src/libcore/cell.rs
Outdated
| @@ -235,7 +236,7 @@ use ptr; | |||
| /// | |||
| /// See the [module-level documentation](index.html) for more. | |||
| #[stable(feature = "rust1", since = "1.0.0")] | |||
| pub struct Cell<T> { | |||
| pub struct Cell<T: ?Sized> { | |||
There was a problem hiding this comment.
Should this be #[repr(transparent)], or at least #[repr(C)]?
There was a problem hiding this comment.
Should definitely be repr(transparent).
|
Ping from triage @joshtriplett! This PR needs your review. |
|
This looks plausible to me, but I'd feel more comfortable if a second reviewer looked at it. |
src/libcore/cell.rs
Outdated
| @@ -235,7 +236,8 @@ use ptr; | |||
| /// | |||
| /// See the [module-level documentation](index.html) for more. | |||
| #[stable(feature = "rust1", since = "1.0.0")] | |||
| pub struct Cell<T> { | |||
| #[repr(transparent)] | |||
| pub struct Cell<T: ?Sized> { | |||
| value: UnsafeCell<T>, | |||
There was a problem hiding this comment.
@eddyb is UnsafeCell itself already effectively repr(transparent)?
There was a problem hiding this comment.
It should be explicitly marked as such.
There was a problem hiding this comment.
Note that #[repr(transparent)] means the same thing as #[repr(C)] except it also guarantees you can pass it by value and get the same call ABI as its only non-ZST field. If we don't want to make the call ABI transparency guarantee, we should use only #[repr(C)]. Although, transparency would be nice. So maybe we should have a proper decision on it?
There was a problem hiding this comment.
Also, in terms of implementation details, within the libcore/libstd you can "just" assume that anything newtype-shaped already has the memory layout and call ABI of the inner type. So this PR by itself needs no annotations, and adding annotations should be considered as sort of insta-stable "guarantees".
There was a problem hiding this comment.
It should be explicitly marked as such.
Should that be a separate PR or happen here?
Just trying to make sure it doesn't get forgotten.
There was a problem hiding this comment.
cc @rust-lang/lang @rust-lang/libs Whose responsibility is it, for the addition of insta-stable #[repr] attributes like these ones?
There was a problem hiding this comment.
For what it’s worth we’re about to stabilize the attribute itself: #43036
There was a problem hiding this comment.
The attribute is stable. #51395 adds #[repr(transparent)] to UnsafeCell and Cell. (It’s waiting on checkboxes from team members.)
|
☔ The latest upstream changes (presumably #50629) made this pull request unmergeable. Please resolve the merge conflicts. |
|
@F001 You need to rebase to get rid of the merge commit. |
|
cc @rust-lang/libs . Is there anyone else can help to do the review? Thanks! |
|
cc @rust-lang/libs |
src/libcore/cell.rs
Outdated
| @@ -521,6 +567,20 @@ impl<T: Default> Cell<T> { | |||
| #[unstable(feature = "coerce_unsized", issue = "27732")] | |||
| impl<T: CoerceUnsized<U>, U> CoerceUnsized<Cell<U>> for Cell<T> {} | |||
|
|
|||
| #[unstable(feature = "as_cell", issue="43038")] | |||
| impl<T, I> Index<I> for Cell<[T]> | |||
There was a problem hiding this comment.
Trait implementations are insta-stable, so this needs a review (and I think an FCP?) from @rust-lang/libs
There was a problem hiding this comment.
Or perhaps it's effectively unstable because it's not possible to construct a Cell<[T]> safely without this change?
There was a problem hiding this comment.
Sure it is, make a &Cell<[T; N]> and unsize it.
There was a problem hiding this comment.
@rfcbot fcp merge
Due to the new trait impl let's FCP for merge
src/libcore/cell.rs
Outdated
| /// ``` | ||
| #[inline] | ||
| #[unstable(feature = "as_cell", issue="43038")] | ||
| pub fn get_with<U, F>(&self, f: F) -> U |
There was a problem hiding this comment.
Was this in the RFC? As-is I think this isn't sound unfortunately :(
There was a problem hiding this comment.
As I mentioned in the description of this pull request (at the top of the thread), I am not quite confident on this method. Could you please help to point out how to fix it, or remove it completely?
There was a problem hiding this comment.
Unfortunately as-is this can't be safely written, but I think you can coerce &Cell<[i32]> to &[Cell<i32>] to get the length, right?
src/libcore/cell.rs
Outdated
| #[unstable(feature = "as_cell", issue="43038")] | ||
| pub fn get_with<U, F>(&self, f: F) -> U | ||
| where | ||
| F: Fn(&T) -> U, U: 'static |
There was a problem hiding this comment.
-
FnOnceshould be used in a situation like this. -
U: 'staticdoesn't do anything useful here,Ucan't hold the reference toTanyway in Rust, becauseFgets no guarantee as to how long that anonymous lifetime is. -
I'll make a separate comment on the PR about the unsoundness so it doesn't get lost
|
To expand on what @alexcrichton said, let cell = Cell::new(Some(String::from("foo")));
cell.get_with(|s| {
let s = s.as_ref().unwrap();
cell.set(None);
let s2 = String::from("bar");
println!("{}", s); // crash or print "bar" or garbage
println!("{}", s2); // keep `s2` alive
});If there was, you could even make it give out Sadly, we're not ready to support anything like this yet (cc @nikomatsakis @RalfJung). |
This comment has been minimized.
This comment has been minimized.
src/libcore/cell.rs
Outdated
| /// ``` | ||
| #[inline] | ||
| #[unstable(feature = "as_cell", issue="43038")] | ||
| pub fn from_mut<'a>(t: &'a mut T) -> &'a Cell<T> { |
There was a problem hiding this comment.
get_mut relies on lifetime elision while this doesn't - they should be more uniform IMO.
src/libcore/cell.rs
Outdated
| impl<T, I> Index<I> for Cell<[T]> | ||
| where | ||
| I: SliceIndex<[Cell<T>]> | ||
| { |
There was a problem hiding this comment.
Oh, something potentially of note: it should be possible to implement Deref<Target=[Cell<T>]> on Cell<[T]> (instead of Index), to allow e.g. calling .len() directly.
There was a problem hiding this comment.
Thanks! IMHO it is a great improvement. I think it is sound AFAIK.
This comment has been minimized.
This comment has been minimized.
|
I have no idea why linkchecker failed. It seems irrelevant to my last commit. |
src/libcore/cell.rs
Outdated
| /// let cell_slice: &Cell<[i32]> = Cell::from_mut(slice); | ||
| /// assert_eq!(cell_slice.len(), 3); | ||
| /// let slice_cell : &[Cell<i32>] = &cell_slice[..]; | ||
| /// assert_eq!(slice_cell.len(), 3); |
There was a problem hiding this comment.
Please leave some empty lines in this example just like the get_mut example does.
src/libcore/cell.rs
Outdated
| /// let slice: &mut [i32] = &mut [1,2,3]; | ||
| /// let cell_slice: &Cell<[i32]> = Cell::from_mut(slice); | ||
| /// assert_eq!(cell_slice.len(), 3); | ||
| /// let slice_cell : &[Cell<i32>] = &cell_slice[..]; |
src/libcore/cell.rs
Outdated
| /// ``` | ||
| /// #![feature(as_cell)] | ||
| /// use std::cell::Cell; | ||
| /// let slice: &mut [i32] = &mut [1,2,3]; |
This comment has been minimized.
This comment has been minimized.
|
If it's an unstable-only method, I'd suggest |
This comment has been minimized.
This comment has been minimized.
|
@alexcrichton I have replaced the "Deref" by "Index". Could you please help to do the review? |
|
@F001 I believe the objection was not about a trait v.s. another trait but having a trait impl that becomes stable as soon as this PR lands, rather an inherent method that is |
This comment has been minimized.
This comment has been minimized.
|
📌 Commit 489101c has been approved by |
bors
added
S-waiting-on-bors
Implement rfc 1789: Conversions from `&mut T` to `&Cell<T>` I'm surprised that RFC 1789 has not been implemented for several months. Tracking issue: #43038 Please note: when I was writing tests for `&Cell<[i32]>`, I found it is not easy to get the length of the contained slice. So I designed a `get_with` method which might be useful for similar cases. This method is not designed in the RFC, and it certainly needs to be reviewed by core team. I think it has some connections with `Cell::update` #50186 , which is also in design phase.
|
☀️ Test successful - status-appveyor, status-travis |
Version 1.29.0 (2018-09-13)
==========================
Compiler
--------
- [Bumped minimum LLVM version to 5.0.][51899]
- [Added `powerpc64le-unknown-linux-musl` target.][51619]
- [Added `aarch64-unknown-hermit` and `x86_64-unknown-hermit` targets.][52861]
Libraries
---------
- [`Once::call_once` now no longer requires `Once` to be `'static`.][52239]
- [`BuildHasherDefault` now implements `PartialEq` and `Eq`.][52402]
- [`Box<CStr>`, `Box<OsStr>`, and `Box<Path>` now implement `Clone`.][51912]
- [Implemented `PartialEq<&str>` for `OsString` and `PartialEq<OsString>`
for `&str`.][51178]
- [`Cell<T>` now allows `T` to be unsized.][50494]
- [`SocketAddr` is now stable on Redox.][52656]
Stabilized APIs
---------------
- [`Arc::downcast`]
- [`Iterator::flatten`]
- [`Rc::downcast`]
Cargo
-----
- [Cargo can silently fix some bad lockfiles ][cargo/5831] You can use
`--locked` to disable this behaviour.
- [`cargo-install` will now allow you to cross compile an install
using `--target`][cargo/5614]
- [Added the `cargo-fix` subcommand to automatically move project code from
2015 edition to 2018.][cargo/5723]
Misc
----
- [`rustdoc` now has the `--cap-lints` option which demotes all lints above
the specified level to that level.][52354] For example `--cap-lints warn`
will demote `deny` and `forbid` lints to `warn`.
- [`rustc` and `rustdoc` will now have the exit code of `1` if compilation
fails, and `101` if there is a panic.][52197]
- [A preview of clippy has been made available through rustup.][51122]
You can install the preview with `rustup component add clippy-preview`
Compatibility Notes
-------------------
- [`str::{slice_unchecked, slice_unchecked_mut}` are now deprecated.][51807]
Use `str::get_unchecked(begin..end)` instead.
- [`std::env::home_dir` is now deprecated for its unintuitive behaviour.][51656]
Consider using the `home_dir` function from
https://crates.io/crates/dirs instead.
- [`rustc` will no longer silently ignore invalid data in target spec.][52330]
[52861]: rust-lang/rust#52861
[52656]: rust-lang/rust#52656
[52239]: rust-lang/rust#52239
[52330]: rust-lang/rust#52330
[52354]: rust-lang/rust#52354
[52402]: rust-lang/rust#52402
[52103]: rust-lang/rust#52103
[52197]: rust-lang/rust#52197
[51807]: rust-lang/rust#51807
[51899]: rust-lang/rust#51899
[51912]: rust-lang/rust#51912
[51511]: rust-lang/rust#51511
[51619]: rust-lang/rust#51619
[51656]: rust-lang/rust#51656
[51178]: rust-lang/rust#51178
[51122]: rust-lang/rust#51122
[50494]: rust-lang/rust#50494
[cargo/5614]: rust-lang/cargo#5614
[cargo/5723]: rust-lang/cargo#5723
[cargo/5831]: rust-lang/cargo#5831
[`Arc::downcast`]: https://doc.rust-lang.org/std/sync/struct.Arc.html#method.downcast
[`Iterator::flatten`]: https://doc.rust-lang.org/std/iter/trait.Iterator.html#method.flatten
[`Rc::downcast`]: https://doc.rust-lang.org/std/rc/struct.Rc.html#method.downcast
I'm surprised that RFC 1789 has not been implemented for several months. Tracking issue: #43038
Please note: when I was writing tests for
&Cell<[i32]>, I found it is not easy to get the length of the contained slice. So I designed aget_withmethod which might be useful for similar cases. This method is not designed in the RFC, and it certainly needs to be reviewed by core team. I think it has some connections withCell::update#50186 , which is also in design phase.