Struct creusot_contracts::std::sync::Exclusive

source ·
pub struct Exclusive<T>
where T: ?Sized,
{ /* private fields */ }
🔬This is a nightly-only experimental API. (exclusive_wrapper)
Expand description

Exclusive provides only mutable access, also referred to as exclusive access to the underlying value. It provides no immutable, or shared access to the underlying value.

While this may seem not very useful, it allows Exclusive to unconditionally implement Sync. Indeed, the safety requirements of Sync state that for Exclusive to be Sync, it must be sound to share across threads, that is, it must be sound for &Exclusive to cross thread boundaries. By design, a &Exclusive has no API whatsoever, making it useless, thus harmless, thus memory safe.

Certain constructs like Futures can only be used with exclusive access, and are often Send but not Sync, so Exclusive can be used as hint to the Rust compiler that something is Sync in practice.

§Examples

Using a non-Sync future prevents the wrapping struct from being Sync

use core::cell::Cell;

async fn other() {}
fn assert_sync<T: Sync>(t: T) {}
struct State<F> {
    future: F
}

assert_sync(State {
    future: async {
        let cell = Cell::new(1);
        let cell_ref = &cell;
        other().await;
        let value = cell_ref.get();
    }
});

Exclusive ensures the struct is Sync without stripping the future of its functionality.

#![feature(exclusive_wrapper)]
use core::cell::Cell;
use core::sync::Exclusive;

async fn other() {}
fn assert_sync<T: Sync>(t: T) {}
struct State<F> {
    future: Exclusive<F>
}

assert_sync(State {
    future: Exclusive::new(async {
        let cell = Cell::new(1);
        let cell_ref = &cell;
        other().await;
        let value = cell_ref.get();
    })
});

§Parallels with a mutex

In some sense, Exclusive can be thought of as a compile-time version of a mutex, as the borrow-checker guarantees that only one &mut can exist for any value. This is a parallel with the fact that & and &mut references together can be thought of as a compile-time version of a read-write lock.

Implementations§

source§

impl<T> Exclusive<T>

source

pub const fn new(t: T) -> Exclusive<T>

🔬This is a nightly-only experimental API. (exclusive_wrapper)

Wrap a value in an Exclusive

source

pub const fn into_inner(self) -> T

🔬This is a nightly-only experimental API. (exclusive_wrapper)

Unwrap the value contained in the Exclusive

source§

impl<T> Exclusive<T>
where T: ?Sized,

source

pub const fn get_mut(&mut self) -> &mut T

🔬This is a nightly-only experimental API. (exclusive_wrapper)

Get exclusive access to the underlying value.

source

pub const fn get_pin_mut(self: Pin<&mut Exclusive<T>>) -> Pin<&mut T>

🔬This is a nightly-only experimental API. (exclusive_wrapper)

Get pinned exclusive access to the underlying value.

Exclusive is considered to structurally pin the underlying value, which means unpinned Exclusives can produce unpinned access to the underlying value, but pinned Exclusives only produce pinned access to the underlying value.

source

pub const fn from_mut(r: &mut T) -> &mut Exclusive<T>

🔬This is a nightly-only experimental API. (exclusive_wrapper)

Build a mutable reference to an Exclusive<T> from a mutable reference to a T. This allows you to skip building an Exclusive with Exclusive::new.

source

pub const fn from_pin_mut(r: Pin<&mut T>) -> Pin<&mut Exclusive<T>>

🔬This is a nightly-only experimental API. (exclusive_wrapper)

Build a pinned mutable reference to an Exclusive<T> from a pinned mutable reference to a T. This allows you to skip building an Exclusive with Exclusive::new.

Trait Implementations§

source§

impl<R, G> Coroutine<R> for Exclusive<G>
where G: Coroutine<R> + ?Sized,

§

type Yield = <G as Coroutine<R>>::Yield

🔬This is a nightly-only experimental API. (coroutine_trait)
The type of value this coroutine yields. Read more
§

type Return = <G as Coroutine<R>>::Return

🔬This is a nightly-only experimental API. (coroutine_trait)
The type of value this coroutine returns. Read more
source§

fn resume( self: Pin<&mut Exclusive<G>>, arg: R, ) -> CoroutineState<<Exclusive<G> as Coroutine<R>>::Yield, <Exclusive<G> as Coroutine<R>>::Return>

🔬This is a nightly-only experimental API. (coroutine_trait)
Resumes the execution of this coroutine. Read more
source§

impl<T> Debug for Exclusive<T>
where T: ?Sized,

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
source§

impl<T> Default for Exclusive<T>
where T: Default + ?Sized,

source§

fn default() -> Exclusive<T>

Returns the “default value” for a type. Read more
source§

impl<F, Args> FnMut<Args> for Exclusive<F>
where F: FnMut<Args>, Args: Tuple,

source§

extern "rust-call" fn call_mut( &mut self, args: Args, ) -> <Exclusive<F> as FnOnce<Args>>::Output

🔬This is a nightly-only experimental API. (fn_traits)
Performs the call operation.
source§

impl<F, Args> FnOnce<Args> for Exclusive<F>
where F: FnOnce<Args>, Args: Tuple,

§

type Output = <F as FnOnce<Args>>::Output

The returned type after the call operator is used.
source§

extern "rust-call" fn call_once( self, args: Args, ) -> <Exclusive<F> as FnOnce<Args>>::Output

🔬This is a nightly-only experimental API. (fn_traits)
Performs the call operation.
source§

impl<T> From<T> for Exclusive<T>

source§

fn from(t: T) -> Exclusive<T>

Converts to this type from the input type.
source§

impl<T> Future for Exclusive<T>
where T: Future + ?Sized,

§

type Output = <T as Future>::Output

The type of value produced on completion.
source§

fn poll( self: Pin<&mut Exclusive<T>>, cx: &mut Context<'_>, ) -> Poll<<Exclusive<T> as Future>::Output>

Attempt to resolve the future to a final value, registering the current task for wakeup if the value is not yet available. Read more
source§

impl<T> Sync for Exclusive<T>
where T: ?Sized,

Auto Trait Implementations§

§

impl<T> !Freeze for Exclusive<T>

§

impl<T> !RefUnwindSafe for Exclusive<T>

§

impl<T> !Send for Exclusive<T>

§

impl<T> !Sized for Exclusive<T>

§

impl<T> !Unpin for Exclusive<T>

§

impl<T> !UnwindSafe for Exclusive<T>

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<Args, F> FnMutExt<Args> for F
where Args: Tuple, F: FnMut<Args>,

source§

fn postcondition_mut( self, args: Args, result_state: F, result: <F as FnOnceExt<Args>>::Output, ) -> bool

logic(prophetic)

true /* Dummy */

source§

fn unnest(self, _: F) -> bool

logic(prophetic)

true /* Dummy */

source§

fn postcondition_mut_unnest( self, args: Args, res_state: F, res: <F as FnOnceExt<Args>>::Output, )

law

requires

self.postcondition_mut(args, res_state, res)

ensures

self.unnest(res_state)

source§

fn unnest_refl(self)

law

ensures

self.unnest(self)

source§

fn unnest_trans(self, b: F, c: F)

law

requires

self.unnest(b)

requires

b.unnest(c)

ensures

self.unnest(c)

source§

fn fn_mut_once(self, args: Args, res: <F as FnOnceExt<Args>>::Output)

law

ensures

self.postcondition_once(args, res) ==
              exists<res_state: Self> self.postcondition_mut(args, res_state, res) && resolve(&res_state)
source§

impl<Args, F> FnOnceExt<Args> for F
where Args: Tuple, F: FnOnce<Args>,

source§

fn precondition(self, args: Args) -> bool

logic(prophetic)

true /* Dummy */

source§

fn postcondition_once( self, args: Args, result: <F as FnOnceExt<Args>>::Output, ) -> bool

logic(prophetic)

true /* Dummy */

§

type Output = <F as FnOnce<Args>>::Output

source§

impl<T> From<!> for T

source§

fn from(t: !) -> T

Converts to this type from the input type.
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<F> IntoFuture for F
where F: Future,

§

type Output = <F as Future>::Output

The output that the future will produce on completion.
§

type IntoFuture = F

Which kind of future are we turning this into?
source§

fn into_future(self) -> <F as IntoFuture>::IntoFuture

Creates a future from a value. Read more
source§

impl<T> MakeSized for T
where T: ?Sized,

source§

fn make_sized(&self) -> Box<T>

logic

ensures

*result == *self

source§

impl<F> Pattern for F
where F: FnMut(char) -> bool,

§

type Searcher<'a> = CharPredicateSearcher<'a, F>

🔬This is a nightly-only experimental API. (pattern)
Associated searcher for this pattern
source§

fn into_searcher<'a>(self, haystack: &'a str) -> CharPredicateSearcher<'a, F>

🔬This is a nightly-only experimental API. (pattern)
Constructs the associated searcher from self and the haystack to search in.
source§

fn is_contained_in<'a>(self, haystack: &'a str) -> bool

🔬This is a nightly-only experimental API. (pattern)
Checks whether the pattern matches anywhere in the haystack
source§

fn is_prefix_of<'a>(self, haystack: &'a str) -> bool

🔬This is a nightly-only experimental API. (pattern)
Checks whether the pattern matches at the front of the haystack
source§

fn strip_prefix_of<'a>(self, haystack: &'a str) -> Option<&'a str>

🔬This is a nightly-only experimental API. (pattern)
Removes the pattern from the front of haystack, if it matches.
source§

fn is_suffix_of<'a>(self, haystack: &'a str) -> bool

🔬This is a nightly-only experimental API. (pattern)
Checks whether the pattern matches at the back of the haystack
source§

fn strip_suffix_of<'a>(self, haystack: &'a str) -> Option<&'a str>

🔬This is a nightly-only experimental API. (pattern)
Removes the pattern from the back of haystack, if it matches.
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.