cell.rs source code [crates/core/src/cell.rs]

1	//! Shareable mutable containers.
2	//!
3	//! Rust memory safety is based on this rule: Given an object `T`, it is only possible to
4	//! have one of the following:
5	//!
6	//! - Several immutable references (`&T`) to the object (also known as aliasing).
7	//! - One mutable reference (`&mut T`) to the object (also known as mutability).
8	//!
9	//! This is enforced by the Rust compiler. However, there are situations where this rule is not
10	//! flexible enough. Sometimes it is required to have multiple references to an object and yet
11	//! mutate it.
12	//!
13	//! Shareable mutable containers exist to permit mutability in a controlled manner, even in the
14	//! presence of aliasing. [`Cell<T>`], [`RefCell<T>`], and [`OnceCell<T>`] allow doing this in
15	//! a single-threaded way—they do not implement [`Sync`]. (If you need to do aliasing and
16	//! mutation among multiple threads, [`Mutex<T>`], [`RwLock<T>`], [`OnceLock<T>`] or [`atomic`]
17	//! types are the correct data structures to do so).
18	//!
19	//! Values of the `Cell<T>`, `RefCell<T>`, and `OnceCell<T>` types may be mutated through shared
20	//! references (i.e. the common `&T` type), whereas most Rust types can only be mutated through
21	//! unique (`&mut T`) references. We say these cell types provide 'interior mutability'
22	//! (mutable via `&T`), in contrast with typical Rust types that exhibit 'inherited mutability'
23	//! (mutable only via `&mut T`).
24	//!
25	//! Cell types come in four flavors: `Cell<T>`, `RefCell<T>`, `OnceCell<T>`, and `LazyCell<T>`.
26	//! Each provides a different way of providing safe interior mutability.
27	//!
28	//! ## `Cell<T>`
29	//!
30	//! [`Cell<T>`] implements interior mutability by moving values in and out of the cell. That is, an
31	//! `&mut T` to the inner value can never be obtained, and the value itself cannot be directly
32	//! obtained without replacing it with something else. Both of these rules ensure that there is
33	//! never more than one reference pointing to the inner value. This type provides the following
34	//! methods:
35	//!
36	//! - For types that implement [`Copy`], the [`get`](Cell::get) method retrieves the current
37	//! interior value by duplicating it.
38	//! - For types that implement [`Default`], the [`take`](Cell::take) method replaces the current
39	//! interior value with [`Default::default()`] and returns the replaced value.
40	//! - All types have:
41	//! - [`replace`](Cell::replace): replaces the current interior value and returns the replaced
42	//! value.
43	//! - [`into_inner`](Cell::into_inner): this method consumes the `Cell<T>` and returns the
44	//! interior value.
45	//! - [`set`](Cell::set): this method replaces the interior value, dropping the replaced value.
46	//!
47	//! `Cell<T>` is typically used for more simple types where copying or moving values isn't too
48	//! resource intensive (e.g. numbers), and should usually be preferred over other cell types when
49	//! possible. For larger and non-copy types, `RefCell` provides some advantages.
50	//!
51	//! ## `RefCell<T>`
52	//!
53	//! [`RefCell<T>`] uses Rust's lifetimes to implement "dynamic borrowing", a process whereby one can
54	//! claim temporary, exclusive, mutable access to the inner value. Borrows for `RefCell<T>`s are
55	//! tracked at _runtime_, unlike Rust's native reference types which are entirely tracked
56	//! statically, at compile time.
57	//!
58	//! An immutable reference to a `RefCell`'s inner value (`&T`) can be obtained with
59	//! [`borrow`](`RefCell::borrow`), and a mutable borrow (`&mut T`) can be obtained with
60	//! [`borrow_mut`](`RefCell::borrow_mut`). When these functions are called, they first verify that
61	//! Rust's borrow rules will be satisfied: any number of immutable borrows are allowed or a
62	//! single mutable borrow is allowed, but never both. If a borrow is attempted that would violate
63	//! these rules, the thread will panic.
64	//!
65	//! The corresponding [`Sync`] version of `RefCell<T>` is [`RwLock<T>`].
66	//!
67	//! ## `OnceCell<T>`
68	//!
69	//! [`OnceCell<T>`] is somewhat of a hybrid of `Cell` and `RefCell` that works for values that
70	//! typically only need to be set once. This means that a reference `&T` can be obtained without
71	//! moving or copying the inner value (unlike `Cell`) but also without runtime checks (unlike
72	//! `RefCell`). However, its value can also not be updated once set unless you have a mutable
73	//! reference to the `OnceCell`.
74	//!
75	//! `OnceCell` provides the following methods:
76	//!
77	//! - [`get`](OnceCell::get): obtain a reference to the inner value
78	//! - [`set`](OnceCell::set): set the inner value if it is unset (returns a `Result`)
79	//! - [`get_or_init`](OnceCell::get_or_init): return the inner value, initializing it if needed
80	//! - [`get_mut`](OnceCell::get_mut): provide a mutable reference to the inner value, only available
81	//! if you have a mutable reference to the cell itself.
82	//!
83	//! The corresponding [`Sync`] version of `OnceCell<T>` is [`OnceLock<T>`].
84	//!
85	//! ## `LazyCell<T, F>`
86	//!
87	//! A common pattern with OnceCell is, for a given OnceCell, to use the same function on every
88	//! call to [`OnceCell::get_or_init`] with that cell. This is what is offered by [`LazyCell`],
89	//! which pairs cells of `T` with functions of `F`, and always calls `F` before it yields `&T`.
90	//! This happens implicitly by simply attempting to dereference the LazyCell to get its contents,
91	//! so its use is much more transparent with a place which has been initialized by a constant.
92	//!
93	//! More complicated patterns that don't fit this description can be built on `OnceCell<T>` instead.
94	//!
95	//! `LazyCell` works by providing an implementation of `impl Deref` that calls the function,
96	//! so you can just use it by dereference (e.g. `lazy_cell` or `lazy_cell.deref()`).*
97	//!
98	//! The corresponding [`Sync`] version of `LazyCell<T, F>` is [`LazyLock<T, F>`].
99	//!
100	//! # When to choose interior mutability
101	//!
102	//! The more common inherited mutability, where one must have unique access to mutate a value, is
103	//! one of the key language elements that enables Rust to reason strongly about pointer aliasing,
104	//! statically preventing crash bugs. Because of that, inherited mutability is preferred, and
105	//! interior mutability is something of a last resort. Since cell types enable mutation where it
106	//! would otherwise be disallowed though, there are occasions when interior mutability might be
107	//! appropriate, or even must* be used, e.g.*
108	//!
109	//! Introducing mutability 'inside' of something immutable*
110	//! Implementation details of logically-immutable methods.*
111	//! Mutating implementations of* [`Clone`].
112	//!
113	//! ## Introducing mutability 'inside' of something immutable
114	//!
115	//! Many shared smart pointer types, including [`Rc<T>`] and [`Arc<T>`], provide containers that can
116	//! be cloned and shared between multiple parties. Because the contained values may be
117	//! multiply-aliased, they can only be borrowed with `&`, not `&mut`. Without cells it would be
118	//! impossible to mutate data inside of these smart pointers at all.
119	//!
120	//! It's very common then to put a `RefCell<T>` inside shared pointer types to reintroduce
121	//! mutability:
122	//!
123	//! ```
124	//! use std::cell::{RefCell, RefMut};
125	//! use std::collections::HashMap;
126	//! use std::rc::Rc;
127	//!
128	//! fn main() {
129	//! let shared_map: Rc<RefCell<_>> = Rc::new(RefCell::new(HashMap::new()));
130	//! // Create a new block to limit the scope of the dynamic borrow
131	//! {
132	//! let mut map: RefMut<'_, _> = shared_map.borrow_mut();
133	//! map.insert("africa", `92388`);
134	//! map.insert("kyoto", `11837`);
135	//! map.insert("piccadilly", `11826`);
136	//! map.insert("marbles", `38`);
137	//! }
138	//!
139	//! // Note that if we had not let the previous borrow of the cache fall out
140	//! // of scope then the subsequent borrow would cause a dynamic thread panic.
141	//! // This is the major hazard of using `RefCell`.
142	//! let total: i32 = shared_map.borrow().values().sum();
143	//! println!("{total}");
144	//! }
145	//! ```
146	//!
147	//! Note that this example uses `Rc<T>` and not `Arc<T>`. `RefCell<T>`s are for single-threaded
148	//! scenarios. Consider using [`RwLock<T>`] or [`Mutex<T>`] if you need shared mutability in a
149	//! multi-threaded situation.
150	//!
151	//! ## Implementation details of logically-immutable methods
152	//!
153	//! Occasionally it may be desirable not to expose in an API that there is mutation happening
154	//! "under the hood". This may be because logically the operation is immutable, but e.g., caching
155	//! forces the implementation to perform mutation; or because you must employ mutation to implement
156	//! a trait method that was originally defined to take `&self`.
157	//!
158	//! ```
159	//! # #![allow(dead_code)]
160	//! use std::cell::OnceCell;
161	//!
162	//! struct Graph {
163	//! edges: Vec<(i32, i32)>,
164	//! span_tree_cache: OnceCell<Vec<(i32, i32)>>
165	//! }
166	//!
167	//! impl Graph {
168	//! fn minimum_spanning_tree(&self) -> Vec<(i32, i32)> {
169	//! self.span_tree_cache
170	//! .get_or_init(\|\| self.calc_span_tree())
171	//! .clone()
172	//! }
173	//!
174	//! fn calc_span_tree(&self) -> Vec<(i32, i32)> {
175	//! // Expensive computation goes here
176	//! vec![]
177	//! }
178	//! }
179	//! ```
180	//!
181	//! ## Mutating implementations of `Clone`
182	//!
183	//! This is simply a special - but common - case of the previous: hiding mutability for operations
184	//! that appear to be immutable. The [`clone`](Clone::clone) method is expected to not change the
185	//! source value, and is declared to take `&self`, not `&mut self`. Therefore, any mutation that
186	//! happens in the `clone` method must use cell types. For example, [`Rc<T>`] maintains its
187	//! reference counts within a `Cell<T>`.
188	//!
189	//! ```
190	//! use std::cell::Cell;
191	//! use std::ptr::NonNull;
192	//! use std::process::abort;
193	//! use std::marker::PhantomData;
194	//!
195	//! struct Rc<T: ?Sized> {
196	//! ptr: NonNull<RcInner<T>>,
197	//! phantom: PhantomData<RcInner<T>>,
198	//! }
199	//!
200	//! struct RcInner<T: ?Sized> {
201	//! strong: Cell<usize>,
202	//! refcount: Cell<usize>,
203	//! value: T,
204	//! }
205	//!
206	//! impl<T: ?Sized> Clone for Rc<T> {
207	//! fn clone(&self) -> Rc<T> {
208	//! self.inc_strong();
209	//! Rc {
210	//! ptr: self.ptr,
211	//! phantom: PhantomData,
212	//! }
213	//! }
214	//! }
215	//!
216	//! trait RcInnerPtr<T: ?Sized> {
217	//!
218	//! fn inner(&self) -> &RcInner<T>;
219	//!
220	//! fn strong(&self) -> usize {
221	//! self.inner().strong.get()
222	//! }
223	//!
224	//! fn inc_strong(&self) {
225	//! self.inner()
226	//! .strong
227	//! .set(self.strong()
228	//! .checked_add(`1`)
229	//! .unwrap_or_else(\|\| abort() ));
230	//! }
231	//! }
232	//!
233	//! impl<T: ?Sized> RcInnerPtr<T> for Rc<T> {
234	//! fn inner(&self) -> &RcInner<T> {
235	//! unsafe {
236	//! self.ptr.as_ref()
237	//! }
238	//! }
239	//! }
240	//! ```
241	//!
242	//! [`Arc<T>`]: ../../std/sync/struct.Arc.html
243	//! [`Rc<T>`]: ../../std/rc/struct.Rc.html
244	//! [`RwLock<T>`]: ../../std/sync/struct.RwLock.html
245	//! [`Mutex<T>`]: ../../std/sync/struct.Mutex.html
246	//! [`OnceLock<T>`]: ../../std/sync/struct.OnceLock.html
247	//! [`LazyLock<T, F>`]: ../../std/sync/struct.LazyLock.html
248	//! [`Sync`]: ../../std/marker/trait.Sync.html
249	//! [`atomic`]: crate::sync::atomic
250
251	#![stable(feature = "rust1", since = "1.0.0")]
252
253	use crate::cmp::Ordering;
254	use crate::fmt::{self, Debug, Display};
255	use crate::marker::{PhantomData, PointerLike, Unsize};
256	use crate::mem;
257	use crate::ops::{CoerceUnsized, Deref, DerefMut, DerefPure, DispatchFromDyn};
258	use crate::pin::PinCoerceUnsized;
259	use crate::ptr::{self, NonNull};
260
261	mod lazy;
262	mod once;
263
264	#[stable(feature = "lazy_cell", since = "1.80.0")]
265	pub use lazy::LazyCell;
266	#[stable(feature = "once_cell", since = "1.70.0")]
267	pub use once::OnceCell;
268
269	/// A mutable memory location.
270	///
271	/// # Memory layout
272	///
273	/// `Cell<T>` has the same [memory layout and caveats as
274	/// `UnsafeCell<T>`](UnsafeCell#memory-layout). In particular, this means that
275	/// `Cell<T>` has the same in-memory representation as its inner type `T`.
276	///
277	/// # Examples
278	///
279	/// In this example, you can see that `Cell<T>` enables mutation inside an
280	/// immutable struct. In other words, it enables "interior mutability".
281	///
282	/// ```
283	/// use std::cell::Cell;
284	///
285	/// struct SomeStruct {
286	/// regular_field: u8,
287	/// special_field: Cell<u8>,
288	/// }
289	///
290	/// let my_struct = SomeStruct {
291	/// regular_field: `0`,
292	/// special_field: Cell::new(`1`),
293	/// };
294	///
295	/// let new_value = `100`;
296	///
297	/// // ERROR: `my_struct` is immutable
298	/// // my_struct.regular_field = new_value;
299	///
300	/// // WORKS: although `my_struct` is immutable, `special_field` is a `Cell`,
301	/// // which can always be mutated
302	/// my_struct.special_field.set(new_value);
303	/// assert_eq!(my_struct.special_field.get(), new_value);
304	/// ```
305	///
306	/// See the [module-level documentation](self) for more.
307	#[rustc_diagnostic_item = "Cell"]
308	#[stable(feature = "rust1", since = "1.0.0")]
309	#[repr(transparent)]
310	#[rustc_pub_transparent]
311	pub struct Cell<T: ?Sized> {
312	value: UnsafeCell<T>,
313	}
314
315	#[stable(feature = "rust1", since = "1.0.0")]
316	unsafe impl<T: ?Sized> Send for Cell<T> where T: Send {}
317
318	// Note that this negative impl isn't strictly necessary for correctness,
319	// as `Cell` wraps `UnsafeCell`, which is itself `!Sync`.
320	// However, given how important `Cell`'s `!Sync`-ness is,
321	// having an explicit negative impl is nice for documentation purposes
322	// and results in nicer error messages.
323	#[stable(feature = "rust1", since = "1.0.0")]
324	impl<T: ?Sized> !Sync for Cell<T> {}
325
326	#[stable(feature = "rust1", since = "1.0.0")]
327	impl<T: Copy> Clone for Cell<T> {
328	#[inline]
329	fn clone(&self) -> Cell<T> {
330	Cell::new(self.get())
331	}
332	}
333
334	#[stable(feature = "rust1", since = "1.0.0")]
335	impl<T: Default> Default for Cell<T> {
336	/// Creates a `Cell<T>`, with the `Default` value for T.
337	#[inline]
338	fn default() -> Cell<T> {
339	Cell::new(Default::default())
340	}
341	}
342
343	#[stable(feature = "rust1", since = "1.0.0")]
344	impl<T: PartialEq + Copy> PartialEq for Cell<T> {
345	#[inline]
346	fn eq(&self, other: &Cell<T>) -> bool {
347	self.get() == other.get()
348	}
349	}
350
351	#[stable(feature = "cell_eq", since = "1.2.0")]
352	impl<T: Eq + Copy> Eq for Cell<T> {}
353
354	#[stable(feature = "cell_ord", since = "1.10.0")]
355	impl<T: PartialOrd + Copy> PartialOrd for Cell<T> {
356	#[inline]
357	fn partial_cmp(&self, other: &Cell<T>) -> Option<Ordering> {
358	self.get().partial_cmp(&other.get())
359	}
360
361	#[inline]
362	fn lt(&self, other: &Cell<T>) -> bool {
363	self.get() < other.get()
364	}
365
366	#[inline]
367	fn le(&self, other: &Cell<T>) -> bool {
368	self.get() <= other.get()
369	}
370
371	#[inline]
372	fn gt(&self, other: &Cell<T>) -> bool {
373	self.get() > other.get()
374	}
375
376	#[inline]
377	fn ge(&self, other: &Cell<T>) -> bool {
378	self.get() >= other.get()
379	}
380	}
381
382	#[stable(feature = "cell_ord", since = "1.10.0")]
383	impl<T: Ord + Copy> Ord for Cell<T> {
384	#[inline]
385	fn cmp(&self, other: &Cell<T>) -> Ordering {
386	self.get().cmp(&other.get())
387	}
388	}
389
390	#[stable(feature = "cell_from", since = "1.12.0")]
391	impl<T> From<T> for Cell<T> {
392	/// Creates a new `Cell<T>` containing the given value.
393	fn from(t: T) -> Cell<T> {
394	Cell::new(t)
395	}
396	}
397
398	impl<T> Cell<T> {
399	/// Creates a new `Cell` containing the given value.
400	///
401	/// # Examples
402	///
403	/// ```
404	/// use std::cell::Cell;
405	///
406	/// let c = Cell::new(`5`);
407	/// ```
408	#[stable(feature = "rust1", since = "1.0.0")]
409	#[rustc_const_stable(feature = "const_cell_new", since = "1.24.0")]
410	#[inline]
411	pub const fn new(value: T) -> Cell<T> {
412	Cell { value: UnsafeCell::new(value) }
413	}
414
415	/// Sets the contained value.
416	///
417	/// # Examples
418	///
419	/// ```
420	/// use std::cell::Cell;
421	///
422	/// let c = Cell::new(`5`);
423	///
424	/// c.set(`10`);
425	/// ```
426	#[inline]
427	#[stable(feature = "rust1", since = "1.0.0")]
428	pub fn set(&self, val: T) {
429	self.replace(val);
430	}
431
432	/// Swaps the values of two `Cell`s.
433	///
434	/// The difference with `std::mem::swap` is that this function doesn't
435	/// require a `&mut` reference.
436	///
437	/// # Panics
438	///
439	/// This function will panic if `self` and `other` are different `Cell`s that partially overlap.
440	/// (Using just standard library methods, it is impossible to create such partially overlapping `Cell`s.
441	/// However, unsafe code is allowed to e.g. create two `&Cell<[i32; 2]>` that partially overlap.)
442	///
443	/// # Examples
444	///
445	/// ```
446	/// use std::cell::Cell;
447	///
448	/// let c1 = Cell::new(`5i32`);
449	/// let c2 = Cell::new(`10i32`);
450	/// c1.swap(&c2);
451	/// assert_eq!(`10`, c1.get());
452	/// assert_eq!(`5`, c2.get());
453	/// ```
454	#[inline]
455	#[stable(feature = "move_cell", since = "1.17.0")]
456	pub fn swap(&self, other: &Self) {
457	// This function documents that it will* panic, and intrinsics::is_nonoverlapping doesn't*
458	// do the check in const, so trying to use it here would be inviting unnecessary fragility.
459	fn is_nonoverlapping<T>(src: *const T, dst: *const T) -> bool {
460	let src_usize = src.addr();
461	let dst_usize = dst.addr();
462	let diff = src_usize.abs_diff(dst_usize);
463	diff >= size_of::<T>()
464	}
465
466	if ptr::eq(self, other) {
467	// Swapping wouldn't change anything.
468	return;
469	}
470	if !is_nonoverlapping(self, other) {
471	// See <https://github.com/rust-lang/rust/issues/80778> for why we need to stop here.
472	panic!("`Cell::swap` on overlapping non-identical `Cell`s");
473	}
474	// SAFETY: This can be risky if called from separate threads, but `Cell`
475	// is `!Sync` so this won't happen. This also won't invalidate any
476	// pointers since `Cell` makes sure nothing else will be pointing into
477	// either of these `Cell`s. We also excluded shenanigans like partially overlapping `Cell`s,
478	// so `swap` will just properly copy two full values of type `T` back and forth.
479	unsafe {
480	mem::swap(&mut self.value.get(), &mut* *other.value.get());
481	}
482	}
483
484	/// Replaces the contained value with `val`, and returns the old contained value.
485	///
486	/// # Examples
487	///
488	/// ```
489	/// use std::cell::Cell;
490	///
491	/// let cell = Cell::new(`5`);
492	/// assert_eq!(cell.get(), `5`);
493	/// assert_eq!(cell.replace(`10`), `5`);
494	/// assert_eq!(cell.get(), `10`);
495	/// ```
496	#[inline]
497	#[stable(feature = "move_cell", since = "1.17.0")]
498	#[rustc_const_stable(feature = "const_cell", since = "1.88.0")]
499	#[rustc_confusables("swap")]
500	pub const fn replace(&self, val: T) -> T {
501	// SAFETY: This can cause data races if called from a separate thread,
502	// but `Cell` is `!Sync` so this won't happen.
503	mem::replace(unsafe { &mut *self.value.get() }, val)
504	}
505
506	/// Unwraps the value, consuming the cell.
507	///
508	/// # Examples
509	///
510	/// ```
511	/// use std::cell::Cell;
512	///
513	/// let c = Cell::new(`5`);
514	/// let five = c.into_inner();
515	///
516	/// assert_eq!(five, `5`);
517	/// ```
518	#[stable(feature = "move_cell", since = "1.17.0")]
519	#[rustc_const_stable(feature = "const_cell_into_inner", since = "1.83.0")]
520	#[rustc_allow_const_fn_unstable(const_precise_live_drops)]
521	pub const fn into_inner(self) -> T {
522	self.value.into_inner()
523	}
524	}
525
526	impl<T: Copy> Cell<T> {
527	/// Returns a copy of the contained value.
528	///
529	/// # Examples
530	///
531	/// ```
532	/// use std::cell::Cell;
533	///
534	/// let c = Cell::new(`5`);
535	///
536	/// let five = c.get();
537	/// ```
538	#[inline]
539	#[stable(feature = "rust1", since = "1.0.0")]
540	#[rustc_const_stable(feature = "const_cell", since = "1.88.0")]
541	pub const fn get(&self) -> T {
542	// SAFETY: This can cause data races if called from a separate thread,
543	// but `Cell` is `!Sync` so this won't happen.
544	unsafe { *self.value.get() }
545	}
546
547	/// Updates the contained value using a function.
548	///
549	/// # Examples
550	///
551	/// ```
552	/// use std::cell::Cell;
553	///
554	/// let c = Cell::new(`5`);
555	/// c.update(\|x\| x + `1`);
556	/// assert_eq!(c.get(), `6`);
557	/// ```
558	#[inline]
559	#[stable(feature = "cell_update", since = "1.88.0")]
560	pub fn update(&self, f: impl FnOnce(T) -> T) {
561	let old = self.get();
562	self.set(f(old));
563	}
564	}
565
566	impl<T: ?Sized> Cell<T> {
567	/// Returns a raw pointer to the underlying data in this cell.
568	///
569	/// # Examples
570	///
571	/// ```
572	/// use std::cell::Cell;
573	///
574	/// let c = Cell::new(`5`);
575	///
576	/// let ptr = c.as_ptr();
577	/// ```
578	#[inline]
579	#[stable(feature = "cell_as_ptr", since = "1.12.0")]
580	#[rustc_const_stable(feature = "const_cell_as_ptr", since = "1.32.0")]
581	#[rustc_as_ptr]
582	#[rustc_never_returns_null_ptr]
583	pub const fn as_ptr(&self) -> *mut T {
584	self.value.get()
585	}
586
587	/// Returns a mutable reference to the underlying data.
588	///
589	/// This call borrows `Cell` mutably (at compile-time) which guarantees
590	/// that we possess the only reference.
591	///
592	/// However be cautious: this method expects `self` to be mutable, which is
593	/// generally not the case when using a `Cell`. If you require interior
594	/// mutability by reference, consider using `RefCell` which provides
595	/// run-time checked mutable borrows through its [`borrow_mut`] method.
596	///
597	/// [`borrow_mut`]: RefCell::borrow_mut()
598	///
599	/// # Examples
600	///
601	/// ```
602	/// use std::cell::Cell;
603	///
604	/// let mut c = Cell::new(`5`);
605	/// *c.get_mut() += `1`;
606	///
607	/// assert_eq!(c.get(), `6`);
608	/// ```
609	#[inline]
610	#[stable(feature = "cell_get_mut", since = "1.11.0")]
611	#[rustc_const_stable(feature = "const_cell", since = "1.88.0")]
612	pub const fn get_mut(&mut self) -> &mut T {
613	self.value.get_mut()
614	}
615
616	/// Returns a `&Cell<T>` from a `&mut T`
617	///
618	/// # Examples
619	///
620	/// ```
621	/// use std::cell::Cell;
622	///
623	/// let slice: &mut [i32] = &mut [`1`, `2`, `3`];
624	/// let cell_slice: &Cell<[i32]> = Cell::from_mut(slice);
625	/// let slice_cell: &[Cell<i32>] = cell_slice.as_slice_of_cells();
626	///
627	/// assert_eq!(slice_cell.len(), `3`);
628	/// ```
629	#[inline]
630	#[stable(feature = "as_cell", since = "1.37.0")]
631	#[rustc_const_stable(feature = "const_cell", since = "1.88.0")]
632	pub const fn from_mut(t: &mut T) -> &Cell<T> {
633	// SAFETY: `&mut` ensures unique access.
634	unsafe { &(t as mut T as *const Cell<T>) }
635	}
636	}
637
638	impl<T: Default> Cell<T> {
639	/// Takes the value of the cell, leaving `Default::default()` in its place.
640	///
641	/// # Examples
642	///
643	/// ```
644	/// use std::cell::Cell;
645	///
646	/// let c = Cell::new(`5`);
647	/// let five = c.take();
648	///
649	/// assert_eq!(five, `5`);
650	/// assert_eq!(c.into_inner(), `0`);
651	/// ```
652	#[stable(feature = "move_cell", since = "1.17.0")]
653	pub fn take(&self) -> T {
654	self.replace(val:Default::default())
655	}
656	}
657
658	#[unstable(feature = "coerce_unsized", issue = "18598")]
659	impl<T: CoerceUnsized<U>, U> CoerceUnsized<Cell<U>> for Cell<T> {}
660
661	// Allow types that wrap `Cell` to also implement `DispatchFromDyn`
662	// and become dyn-compatible method receivers.
663	// Note that currently `Cell` itself cannot be a method receiver
664	// because it does not implement Deref.
665	// In other words:
666	// `self: Cell<&Self>` won't work
667	// `self: CellWrapper<Self>` becomes possible
668	#[unstable(feature = "dispatch_from_dyn", issue = "none")]
669	impl<T: DispatchFromDyn<U>, U> DispatchFromDyn<Cell<U>> for Cell<T> {}
670
671	#[unstable(feature = "pointer_like_trait", issue = "none")]
672	impl<T: PointerLike> PointerLike for Cell<T> {}
673
674	impl<T> Cell<[T]> {
675	/// Returns a `&[Cell<T>]` from a `&Cell<[T]>`
676	///
677	/// # Examples
678	///
679	/// ```
680	/// use std::cell::Cell;
681	///
682	/// let slice: &mut [i32] = &mut [`1`, `2`, `3`];
683	/// let cell_slice: &Cell<[i32]> = Cell::from_mut(slice);
684	/// let slice_cell: &[Cell<i32>] = cell_slice.as_slice_of_cells();
685	///
686	/// assert_eq!(slice_cell.len(), `3`);
687	/// ```
688	#[stable(feature = "as_cell", since = "1.37.0")]
689	#[rustc_const_stable(feature = "const_cell", since = "1.88.0")]
690	pub const fn as_slice_of_cells(&self) -> &[Cell<T>] {
691	// SAFETY: `Cell<T>` has the same memory layout as `T`.
692	unsafe { &(self as const Cell<[T]> as *const [Cell<T>]) }
693	}
694	}
695
696	impl<T, const N: usize> Cell<[T; N]> {
697	/// Returns a `&[Cell<T>; N]` from a `&Cell<[T; N]>`
698	///
699	/// # Examples
700	///
701	/// ```
702	/// #![feature(as_array_of_cells)]
703	/// use std::cell::Cell;
704	///
705	/// let mut array: [i32; `3`] = [`1`, `2`, `3`];
706	/// let cell_array: &Cell<[i32; `3`]> = Cell::from_mut(&mut array);
707	/// let array_cell: &[Cell<i32>; `3`] = cell_array.as_array_of_cells();
708	/// ```
709	#[unstable(feature = "as_array_of_cells", issue = "88248")]
710	pub const fn as_array_of_cells(&self) -> &[Cell<T>; N] {
711	// SAFETY: `Cell<T>` has the same memory layout as `T`.
712	unsafe { &(self as const Cell<[T; N]> as *const [Cell<T>; N]) }
713	}
714	}
715
716	/// A mutable memory location with dynamically checked borrow rules
717	///
718	/// See the [module-level documentation](self) for more.
719	#[rustc_diagnostic_item = "RefCell"]
720	#[stable(feature = "rust1", since = "1.0.0")]
721	pub struct RefCell<T: ?Sized> {
722	borrow: Cell<BorrowFlag>,
723	// Stores the location of the earliest currently active borrow.
724	// This gets updated whenever we go from having zero borrows
725	// to having a single borrow. When a borrow occurs, this gets included
726	// in the generated `BorrowError`/`BorrowMutError`
727	#[cfg(feature = "debug_refcell")]
728	borrowed_at: Cell<Option<&'static crate::panic::Location<'static>>>,
729	value: UnsafeCell<T>,
730	}
731
732	/// An error returned by [`RefCell::try_borrow`].
733	#[stable(feature = "try_borrow", since = "1.13.0")]
734	#[non_exhaustive]
735	pub struct BorrowError {
736	#[cfg(feature = "debug_refcell")]
737	location: &'static crate::panic::Location<'static>,
738	}
739
740	#[stable(feature = "try_borrow", since = "1.13.0")]
741	impl Debug for BorrowError {
742	fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
743	let mut builder: DebugStruct<'_, '_> = f.debug_struct(name:"BorrowError");
744
745	#[cfg(feature = "debug_refcell")]
746	builder.field("location", self.location);
747
748	builder.finish()
749	}
750	}
751
752	#[stable(feature = "try_borrow", since = "1.13.0")]
753	impl Display for BorrowError {
754	fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
755	Display::fmt(self:"already mutably borrowed", f)
756	}
757	}
758
759	/// An error returned by [`RefCell::try_borrow_mut`].
760	#[stable(feature = "try_borrow", since = "1.13.0")]
761	#[non_exhaustive]
762	pub struct BorrowMutError {
763	#[cfg(feature = "debug_refcell")]
764	location: &'static crate::panic::Location<'static>,
765	}
766
767	#[stable(feature = "try_borrow", since = "1.13.0")]
768	impl Debug for BorrowMutError {
769	fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
770	let mut builder: DebugStruct<'_, '_> = f.debug_struct(name:"BorrowMutError");
771
772	#[cfg(feature = "debug_refcell")]
773	builder.field("location", self.location);
774
775	builder.finish()
776	}
777	}
778
779	#[stable(feature = "try_borrow", since = "1.13.0")]
780	impl Display for BorrowMutError {
781	fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
782	Display::fmt(self:"already borrowed", f)
783	}
784	}
785
786	// This ensures the panicking code is outlined from `borrow_mut` for `RefCell`.
787	#[cfg_attr(not(feature = "panic_immediate_abort"), inline(never))]
788	#[track_caller]
789	#[cold]
790	fn panic_already_borrowed(err: BorrowMutError) -> ! {
791	panic!("already borrowed: {:?}", err)
792	}
793
794	// This ensures the panicking code is outlined from `borrow` for `RefCell`.
795	#[cfg_attr(not(feature = "panic_immediate_abort"), inline(never))]
796	#[track_caller]
797	#[cold]
798	fn panic_already_mutably_borrowed(err: BorrowError) -> ! {
799	panic!("already mutably borrowed: {:?}", err)
800	}
801
802	// Positive values represent the number of `Ref` active. Negative values
803	// represent the number of `RefMut` active. Multiple `RefMut`s can only be
804	// active at a time if they refer to distinct, nonoverlapping components of a
805	// `RefCell` (e.g., different ranges of a slice).
806	//
807	// `Ref` and `RefMut` are both two words in size, and so there will likely never
808	// be enough `Ref`s or `RefMut`s in existence to overflow half of the `usize`
809	// range. Thus, a `BorrowFlag` will probably never overflow or underflow.
810	// However, this is not a guarantee, as a pathological program could repeatedly
811	// create and then mem::forget `Ref`s or `RefMut`s. Thus, all code must
812	// explicitly check for overflow and underflow in order to avoid unsafety, or at
813	// least behave correctly in the event that overflow or underflow happens (e.g.,
814	// see BorrowRef::new).
815	type BorrowFlag = isize;
816	const UNUSED: BorrowFlag = `0`;
817
818	#[inline(always)]
819	fn is_writing(x: BorrowFlag) -> bool {
820	x < UNUSED
821	}
822
823	#[inline(always)]
824	fn is_reading(x: BorrowFlag) -> bool {
825	x > UNUSED
826	}
827
828	impl<T> RefCell<T> {
829	/// Creates a new `RefCell` containing `value`.
830	///
831	/// # Examples
832	///
833	/// ```
834	/// use std::cell::RefCell;
835	///
836	/// let c = RefCell::new(`5`);
837	/// ```
838	#[stable(feature = "rust1", since = "1.0.0")]
839	#[rustc_const_stable(feature = "const_refcell_new", since = "1.24.0")]
840	#[inline]
841	pub const fn new(value: T) -> RefCell<T> {
842	RefCell {
843	value: UnsafeCell::new(value),
844	borrow: Cell::new(UNUSED),
845	#[cfg(feature = "debug_refcell")]
846	borrowed_at: Cell::new(None),
847	}
848	}
849
850	/// Consumes the `RefCell`, returning the wrapped value.
851	///
852	/// # Examples
853	///
854	/// ```
855	/// use std::cell::RefCell;
856	///
857	/// let c = RefCell::new(`5`);
858	///
859	/// let five = c.into_inner();
860	/// ```
861	#[stable(feature = "rust1", since = "1.0.0")]
862	#[rustc_const_stable(feature = "const_cell_into_inner", since = "1.83.0")]
863	#[rustc_allow_const_fn_unstable(const_precise_live_drops)]
864	#[inline]
865	pub const fn into_inner(self) -> T {
866	// Since this function takes `self` (the `RefCell`) by value, the
867	// compiler statically verifies that it is not currently borrowed.
868	self.value.into_inner()
869	}
870
871	/// Replaces the wrapped value with a new one, returning the old value,
872	/// without deinitializing either one.
873	///
874	/// This function corresponds to [`std::mem::replace`](../mem/fn.replace.html).
875	///
876	/// # Panics
877	///
878	/// Panics if the value is currently borrowed.
879	///
880	/// # Examples
881	///
882	/// ```
883	/// use std::cell::RefCell;
884	/// let cell = RefCell::new(`5`);
885	/// let old_value = cell.replace(`6`);
886	/// assert_eq!(old_value, `5`);
887	/// assert_eq!(cell, RefCell::new(`6`));
888	/// ```
889	#[inline]
890	#[stable(feature = "refcell_replace", since = "1.24.0")]
891	#[track_caller]
892	#[rustc_confusables("swap")]
893	pub fn replace(&self, t: T) -> T {
894	mem::replace(&mut *self.borrow_mut(), t)
895	}
896
897	/// Replaces the wrapped value with a new one computed from `f`, returning
898	/// the old value, without deinitializing either one.
899	///
900	/// # Panics
901	///
902	/// Panics if the value is currently borrowed.
903	///
904	/// # Examples
905	///
906	/// ```
907	/// use std::cell::RefCell;
908	/// let cell = RefCell::new(`5`);
909	/// let old_value = cell.replace_with(\|&mut old\| old + `1`);
910	/// assert_eq!(old_value, `5`);
911	/// assert_eq!(cell, RefCell::new(`6`));
912	/// ```
913	#[inline]
914	#[stable(feature = "refcell_replace_swap", since = "1.35.0")]
915	#[track_caller]
916	pub fn replace_with<F: FnOnce(&mut T) -> T>(&self, f: F) -> T {
917	let mut_borrow = &mut *self.borrow_mut();
918	let replacement = f(mut_borrow);
919	mem::replace(mut_borrow, replacement)
920	}
921
922	/// Swaps the wrapped value of `self` with the wrapped value of `other`,
923	/// without deinitializing either one.
924	///
925	/// This function corresponds to [`std::mem::swap`](../mem/fn.swap.html).
926	///
927	/// # Panics
928	///
929	/// Panics if the value in either `RefCell` is currently borrowed, or
930	/// if `self` and `other` point to the same `RefCell`.
931	///
932	/// # Examples
933	///
934	/// ```
935	/// use std::cell::RefCell;
936	/// let c = RefCell::new(`5`);
937	/// let d = RefCell::new(`6`);
938	/// c.swap(&d);
939	/// assert_eq!(c, RefCell::new(`6`));
940	/// assert_eq!(d, RefCell::new(`5`));
941	/// ```
942	#[inline]
943	#[stable(feature = "refcell_swap", since = "1.24.0")]
944	pub fn swap(&self, other: &Self) {
945	mem::swap(&mut self.borrow_mut(), &mut* *other.borrow_mut())
946	}
947	}
948
949	impl<T: ?Sized> RefCell<T> {
950	/// Immutably borrows the wrapped value.
951	///
952	/// The borrow lasts until the returned `Ref` exits scope. Multiple
953	/// immutable borrows can be taken out at the same time.
954	///
955	/// # Panics
956	///
957	/// Panics if the value is currently mutably borrowed. For a non-panicking variant, use
958	/// [`try_borrow`](#method.try_borrow).
959	///
960	/// # Examples
961	///
962	/// ```
963	/// use std::cell::RefCell;
964	///
965	/// let c = RefCell::new(`5`);
966	///
967	/// let borrowed_five = c.borrow();
968	/// let borrowed_five2 = c.borrow();
969	/// ```
970	///
971	/// An example of panic:
972	///
973	/// ```should_panic
974	/// use std::cell::RefCell;
975	///
976	/// let c = RefCell::new(`5`);
977	///
978	/// let m = c.borrow_mut();
979	/// let b = c.borrow(); // this causes a panic
980	/// ```
981	#[stable(feature = "rust1", since = "1.0.0")]
982	#[inline]
983	#[track_caller]
984	pub fn borrow(&self) -> Ref<'_, T> {
985	match self.try_borrow() {
986	Ok(b) => b,
987	Err(err) => panic_already_mutably_borrowed(err),
988	}
989	}
990
991	/// Immutably borrows the wrapped value, returning an error if the value is currently mutably
992	/// borrowed.
993	///
994	/// The borrow lasts until the returned `Ref` exits scope. Multiple immutable borrows can be
995	/// taken out at the same time.
996	///
997	/// This is the non-panicking variant of [`borrow`](#method.borrow).
998	///
999	/// # Examples
1000	///
1001	/// ```
1002	/// use std::cell::RefCell;
1003	///
1004	/// let c = RefCell::new(`5`);
1005	///
1006	/// {
1007	/// let m = c.borrow_mut();
1008	/// assert!(c.try_borrow().is_err());
1009	/// }
1010	///
1011	/// {
1012	/// let m = c.borrow();
1013	/// assert!(c.try_borrow().is_ok());
1014	/// }
1015	/// ```
1016	#[stable(feature = "try_borrow", since = "1.13.0")]
1017	#[inline]
1018	#[cfg_attr(feature = "debug_refcell", track_caller)]
1019	pub fn try_borrow(&self) -> Result<Ref<'_, T>, BorrowError> {
1020	match BorrowRef::new(&self.borrow) {
1021	Some(b) => {
1022	#[cfg(feature = "debug_refcell")]
1023	{
1024	// `borrowed_at` is always the first* active borrow*
1025	if b.borrow.get() == `1` {
1026	self.borrowed_at.set(Some(crate::panic::Location::caller()));
1027	}
1028	}
1029
1030	// SAFETY: `BorrowRef` ensures that there is only immutable access
1031	// to the value while borrowed.
1032	let value = unsafe { NonNull::new_unchecked(self.value.get()) };
1033	Ok(Ref { value, borrow: b })
1034	}
1035	None => Err(BorrowError {
1036	// If a borrow occurred, then we must already have an outstanding borrow,
1037	// so `borrowed_at` will be `Some`
1038	#[cfg(feature = "debug_refcell")]
1039	location: self.borrowed_at.get().unwrap(),
1040	}),
1041	}
1042	}
1043
1044	/// Mutably borrows the wrapped value.
1045	///
1046	/// The borrow lasts until the returned `RefMut` or all `RefMut`s derived
1047	/// from it exit scope. The value cannot be borrowed while this borrow is
1048	/// active.
1049	///
1050	/// # Panics
1051	///
1052	/// Panics if the value is currently borrowed. For a non-panicking variant, use
1053	/// [`try_borrow_mut`](#method.try_borrow_mut).
1054	///
1055	/// # Examples
1056	///
1057	/// ```
1058	/// use std::cell::RefCell;
1059	///
1060	/// let c = RefCell::new("hello".to_owned());
1061	///
1062	/// *c.borrow_mut() = "bonjour".to_owned();
1063	///
1064	/// assert_eq!(&*c.borrow(), "bonjour");
1065	/// ```
1066	///
1067	/// An example of panic:
1068	///
1069	/// ```should_panic
1070	/// use std::cell::RefCell;
1071	///
1072	/// let c = RefCell::new(`5`);
1073	/// let m = c.borrow();
1074	///
1075	/// let b = c.borrow_mut(); // this causes a panic
1076	/// ```
1077	#[stable(feature = "rust1", since = "1.0.0")]
1078	#[inline]
1079	#[track_caller]
1080	pub fn borrow_mut(&self) -> RefMut<'_, T> {
1081	match self.try_borrow_mut() {
1082	Ok(b) => b,
1083	Err(err) => panic_already_borrowed(err),
1084	}
1085	}
1086
1087	/// Mutably borrows the wrapped value, returning an error if the value is currently borrowed.
1088	///
1089	/// The borrow lasts until the returned `RefMut` or all `RefMut`s derived
1090	/// from it exit scope. The value cannot be borrowed while this borrow is
1091	/// active.
1092	///
1093	/// This is the non-panicking variant of [`borrow_mut`](#method.borrow_mut).
1094	///
1095	/// # Examples
1096	///
1097	/// ```
1098	/// use std::cell::RefCell;
1099	///
1100	/// let c = RefCell::new(`5`);
1101	///
1102	/// {
1103	/// let m = c.borrow();
1104	/// assert!(c.try_borrow_mut().is_err());
1105	/// }
1106	///
1107	/// assert!(c.try_borrow_mut().is_ok());
1108	/// ```
1109	#[stable(feature = "try_borrow", since = "1.13.0")]
1110	#[inline]
1111	#[cfg_attr(feature = "debug_refcell", track_caller)]
1112	pub fn try_borrow_mut(&self) -> Result<RefMut<'_, T>, BorrowMutError> {
1113	match BorrowRefMut::new(&self.borrow) {
1114	Some(b) => {
1115	#[cfg(feature = "debug_refcell")]
1116	{
1117	self.borrowed_at.set(Some(crate::panic::Location::caller()));
1118	}
1119
1120	// SAFETY: `BorrowRefMut` guarantees unique access.
1121	let value = unsafe { NonNull::new_unchecked(self.value.get()) };
1122	Ok(RefMut { value, borrow: b, marker: PhantomData })
1123	}
1124	None => Err(BorrowMutError {
1125	// If a borrow occurred, then we must already have an outstanding borrow,
1126	// so `borrowed_at` will be `Some`
1127	#[cfg(feature = "debug_refcell")]
1128	location: self.borrowed_at.get().unwrap(),
1129	}),
1130	}
1131	}
1132
1133	/// Returns a raw pointer to the underlying data in this cell.
1134	///
1135	/// # Examples
1136	///
1137	/// ```
1138	/// use std::cell::RefCell;
1139	///
1140	/// let c = RefCell::new(`5`);
1141	///
1142	/// let ptr = c.as_ptr();
1143	/// ```
1144	#[inline]
1145	#[stable(feature = "cell_as_ptr", since = "1.12.0")]
1146	#[rustc_as_ptr]
1147	#[rustc_never_returns_null_ptr]
1148	pub fn as_ptr(&self) -> *mut T {
1149	self.value.get()
1150	}
1151
1152	/// Returns a mutable reference to the underlying data.
1153	///
1154	/// Since this method borrows `RefCell` mutably, it is statically guaranteed
1155	/// that no borrows to the underlying data exist. The dynamic checks inherent
1156	/// in [`borrow_mut`] and most other methods of `RefCell` are therefore
1157	/// unnecessary. Note that this method does not reset the borrowing state if borrows were previously leaked
1158	/// (e.g., via [`forget()`] on a [`Ref`] or [`RefMut`]). For that purpose,
1159	/// consider using the unstable [`undo_leak`] method.
1160	///
1161	/// This method can only be called if `RefCell` can be mutably borrowed,
1162	/// which in general is only the case directly after the `RefCell` has
1163	/// been created. In these situations, skipping the aforementioned dynamic
1164	/// borrowing checks may yield better ergonomics and runtime-performance.
1165	///
1166	/// In most situations where `RefCell` is used, it can't be borrowed mutably.
1167	/// Use [`borrow_mut`] to get mutable access to the underlying data then.
1168	///
1169	/// [`borrow_mut`]: RefCell::borrow_mut()
1170	/// [`forget()`]: mem::forget
1171	/// [`undo_leak`]: RefCell::undo_leak()
1172	///
1173	/// # Examples
1174	///
1175	/// ```
1176	/// use std::cell::RefCell;
1177	///
1178	/// let mut c = RefCell::new(`5`);
1179	/// *c.get_mut() += `1`;
1180	///
1181	/// assert_eq!(c, RefCell::new(`6`));
1182	/// ```
1183	#[inline]
1184	#[stable(feature = "cell_get_mut", since = "1.11.0")]
1185	pub fn get_mut(&mut self) -> &mut T {
1186	self.value.get_mut()
1187	}
1188
1189	/// Undo the effect of leaked guards on the borrow state of the `RefCell`.
1190	///
1191	/// This call is similar to [`get_mut`] but more specialized. It borrows `RefCell` mutably to
1192	/// ensure no borrows exist and then resets the state tracking shared borrows. This is relevant
1193	/// if some `Ref` or `RefMut` borrows have been leaked.
1194	///
1195	/// [`get_mut`]: RefCell::get_mut()
1196	///
1197	/// # Examples
1198	///
1199	/// ```
1200	/// #![feature(cell_leak)]
1201	/// use std::cell::RefCell;
1202	///
1203	/// let mut c = RefCell::new(`0`);
1204	/// std::mem::forget(c.borrow_mut());
1205	///
1206	/// assert!(c.try_borrow().is_err());
1207	/// c.undo_leak();
1208	/// assert!(c.try_borrow().is_ok());
1209	/// ```
1210	#[unstable(feature = "cell_leak", issue = "69099")]
1211	pub fn undo_leak(&mut self) -> &mut T {
1212	*self.borrow.get_mut() = UNUSED;
1213	self.get_mut()
1214	}
1215
1216	/// Immutably borrows the wrapped value, returning an error if the value is
1217	/// currently mutably borrowed.
1218	///
1219	/// # Safety
1220	///
1221	/// Unlike `RefCell::borrow`, this method is unsafe because it does not
1222	/// return a `Ref`, thus leaving the borrow flag untouched. Mutably
1223	/// borrowing the `RefCell` while the reference returned by this method
1224	/// is alive is undefined behavior.
1225	///
1226	/// # Examples
1227	///
1228	/// ```
1229	/// use std::cell::RefCell;
1230	///
1231	/// let c = RefCell::new(`5`);
1232	///
1233	/// {
1234	/// let m = c.borrow_mut();
1235	/// assert!(unsafe { c.try_borrow_unguarded() }.is_err());
1236	/// }
1237	///
1238	/// {
1239	/// let m = c.borrow();
1240	/// assert!(unsafe { c.try_borrow_unguarded() }.is_ok());
1241	/// }
1242	/// ```
1243	#[stable(feature = "borrow_state", since = "1.37.0")]
1244	#[inline]
1245	pub unsafe fn try_borrow_unguarded(&self) -> Result<&T, BorrowError> {
1246	if !is_writing(self.borrow.get()) {
1247	// SAFETY: We check that nobody is actively writing now, but it is
1248	// the caller's responsibility to ensure that nobody writes until
1249	// the returned reference is no longer in use.
1250	// Also, `self.value.get()` refers to the value owned by `self`
1251	// and is thus guaranteed to be valid for the lifetime of `self`.
1252	Ok(unsafe { &*self.value.get() })
1253	} else {
1254	Err(BorrowError {
1255	// If a borrow occurred, then we must already have an outstanding borrow,
1256	// so `borrowed_at` will be `Some`
1257	#[cfg(feature = "debug_refcell")]
1258	location: self.borrowed_at.get().unwrap(),
1259	})
1260	}
1261	}
1262	}
1263
1264	impl<T: Default> RefCell<T> {
1265	/// Takes the wrapped value, leaving `Default::default()` in its place.
1266	///
1267	/// # Panics
1268	///
1269	/// Panics if the value is currently borrowed.
1270	///
1271	/// # Examples
1272	///
1273	/// ```
1274	/// use std::cell::RefCell;
1275	///
1276	/// let c = RefCell::new(`5`);
1277	/// let five = c.take();
1278	///
1279	/// assert_eq!(five, `5`);
1280	/// assert_eq!(c.into_inner(), `0`);
1281	/// ```
1282	#[stable(feature = "refcell_take", since = "1.50.0")]
1283	pub fn take(&self) -> T {
1284	self.replace(Default::default())
1285	}
1286	}
1287
1288	#[stable(feature = "rust1", since = "1.0.0")]
1289	unsafe impl<T: ?Sized> Send for RefCell<T> where T: Send {}
1290
1291	#[stable(feature = "rust1", since = "1.0.0")]
1292	impl<T: ?Sized> !Sync for RefCell<T> {}
1293
1294	#[stable(feature = "rust1", since = "1.0.0")]
1295	impl<T: Clone> Clone for RefCell<T> {
1296	/// # Panics
1297	///
1298	/// Panics if the value is currently mutably borrowed.
1299	#[inline]
1300	#[track_caller]
1301	fn clone(&self) -> RefCell<T> {
1302	RefCell::new(self.borrow().clone())
1303	}
1304
1305	/// # Panics
1306	///
1307	/// Panics if `source` is currently mutably borrowed.
1308	#[inline]
1309	#[track_caller]
1310	fn clone_from(&mut self, source: &Self) {
1311	self.get_mut().clone_from(&source.borrow())
1312	}
1313	}
1314
1315	#[stable(feature = "rust1", since = "1.0.0")]
1316	impl<T: Default> Default for RefCell<T> {
1317	/// Creates a `RefCell<T>`, with the `Default` value for T.
1318	#[inline]
1319	fn default() -> RefCell<T> {
1320	RefCell::new(Default::default())
1321	}
1322	}
1323
1324	#[stable(feature = "rust1", since = "1.0.0")]
1325	impl<T: ?Sized + PartialEq> PartialEq for RefCell<T> {
1326	/// # Panics
1327	///
1328	/// Panics if the value in either `RefCell` is currently mutably borrowed.
1329	#[inline]
1330	fn eq(&self, other: &RefCell<T>) -> bool {
1331	self.borrow() == other.borrow()
1332	}
1333	}
1334
1335	#[stable(feature = "cell_eq", since = "1.2.0")]
1336	impl<T: ?Sized + Eq> Eq for RefCell<T> {}
1337
1338	#[stable(feature = "cell_ord", since = "1.10.0")]
1339	impl<T: ?Sized + PartialOrd> PartialOrd for RefCell<T> {
1340	/// # Panics
1341	///
1342	/// Panics if the value in either `RefCell` is currently mutably borrowed.
1343	#[inline]
1344	fn partial_cmp(&self, other: &RefCell<T>) -> Option<Ordering> {
1345	self.borrow().partial_cmp(&*other.borrow())
1346	}
1347
1348	/// # Panics
1349	///
1350	/// Panics if the value in either `RefCell` is currently mutably borrowed.
1351	#[inline]
1352	fn lt(&self, other: &RefCell<T>) -> bool {
1353	self.borrow() < other.borrow()
1354	}
1355
1356	/// # Panics
1357	///
1358	/// Panics if the value in either `RefCell` is currently mutably borrowed.
1359	#[inline]
1360	fn le(&self, other: &RefCell<T>) -> bool {
1361	self.borrow() <= other.borrow()
1362	}
1363
1364	/// # Panics
1365	///
1366	/// Panics if the value in either `RefCell` is currently mutably borrowed.
1367	#[inline]
1368	fn gt(&self, other: &RefCell<T>) -> bool {
1369	self.borrow() > other.borrow()
1370	}
1371
1372	/// # Panics
1373	///
1374	/// Panics if the value in either `RefCell` is currently mutably borrowed.
1375	#[inline]
1376	fn ge(&self, other: &RefCell<T>) -> bool {
1377	self.borrow() >= other.borrow()
1378	}
1379	}
1380
1381	#[stable(feature = "cell_ord", since = "1.10.0")]
1382	impl<T: ?Sized + Ord> Ord for RefCell<T> {
1383	/// # Panics
1384	///
1385	/// Panics if the value in either `RefCell` is currently mutably borrowed.
1386	#[inline]
1387	fn cmp(&self, other: &RefCell<T>) -> Ordering {
1388	self.borrow().cmp(&*other.borrow())
1389	}
1390	}
1391
1392	#[stable(feature = "cell_from", since = "1.12.0")]
1393	impl<T> From<T> for RefCell<T> {
1394	/// Creates a new `RefCell<T>` containing the given value.
1395	fn from(t: T) -> RefCell<T> {
1396	RefCell::new(t)
1397	}
1398	}
1399
1400	#[unstable(feature = "coerce_unsized", issue = "18598")]
1401	impl<T: CoerceUnsized<U>, U> CoerceUnsized<RefCell<U>> for RefCell<T> {}
1402
1403	struct BorrowRef<'b> {
1404	borrow: &'b Cell<BorrowFlag>,
1405	}
1406
1407	impl<'b> BorrowRef<'b> {
1408	#[inline]
1409	fn new(borrow: &'b Cell<BorrowFlag>) -> Option<BorrowRef<'b>> {
1410	let b: isize = borrow.get().wrapping_add(`1`);
1411	if !is_reading(b) {
1412	// Incrementing borrow can result in a non-reading value (<= 0) in these cases:
1413	// 1. It was < 0, i.e. there are writing borrows, so we can't allow a read borrow
1414	// due to Rust's reference aliasing rules
1415	// 2. It was isize::MAX (the max amount of reading borrows) and it overflowed
1416	// into isize::MIN (the max amount of writing borrows) so we can't allow
1417	// an additional read borrow because isize can't represent so many read borrows
1418	// (this can only happen if you mem::forget more than a small constant amount of
1419	// `Ref`s, which is not good practice)
1420	None
1421	} else {
1422	// Incrementing borrow can result in a reading value (> 0) in these cases:
1423	// 1. It was = 0, i.e. it wasn't borrowed, and we are taking the first read borrow
1424	// 2. It was > 0 and < isize::MAX, i.e. there were read borrows, and isize
1425	// is large enough to represent having one more read borrow
1426	borrow.set(val:b);
1427	Some(BorrowRef { borrow })
1428	}
1429	}
1430	}
1431
1432	impl Drop for BorrowRef<'_> {
1433	#[inline]
1434	fn drop(&mut self) {
1435	let borrow: isize = self.borrow.get();
1436	debug_assert!(is_reading(borrow));
1437	self.borrow.set(val:borrow - `1`);
1438	}
1439	}
1440
1441	impl Clone for BorrowRef<'_> {
1442	#[inline]
1443	fn clone(&self) -> Self {
1444	// Since this Ref exists, we know the borrow flag
1445	// is a reading borrow.
1446	let borrow: isize = self.borrow.get();
1447	debug_assert!(is_reading(borrow));
1448	// Prevent the borrow counter from overflowing into
1449	// a writing borrow.
1450	assert!(borrow != BorrowFlag::MAX);
1451	self.borrow.set(val:borrow + `1`);
1452	BorrowRef { borrow: self.borrow }
1453	}
1454	}
1455
1456	/// Wraps a borrowed reference to a value in a `RefCell` box.
1457	/// A wrapper type for an immutably borrowed value from a `RefCell<T>`.
1458	///
1459	/// See the [module-level documentation](self) for more.
1460	#[stable(feature = "rust1", since = "1.0.0")]
1461	#[must_not_suspend = "holding a Ref across suspend points can cause BorrowErrors"]
1462	#[rustc_diagnostic_item = "RefCellRef"]
1463	pub struct Ref<'b, T: ?Sized + 'b> {
1464	// NB: we use a pointer instead of `&'b T` to avoid `noalias` violations, because a
1465	// `Ref` argument doesn't hold immutability for its whole scope, only until it drops.
1466	// `NonNull` is also covariant over `T`, just like we would have with `&T`.
1467	value: NonNull<T>,
1468	borrow: BorrowRef<'b>,
1469	}
1470
1471	#[stable(feature = "rust1", since = "1.0.0")]
1472	impl<T: ?Sized> Deref for Ref<'_, T> {
1473	type Target = T;
1474
1475	#[inline]
1476	fn deref(&self) -> &T {
1477	// SAFETY: the value is accessible as long as we hold our borrow.
1478	unsafe { self.value.as_ref() }
1479	}
1480	}
1481
1482	#[unstable(feature = "deref_pure_trait", issue = "87121")]
1483	unsafe impl<T: ?Sized> DerefPure for Ref<'_, T> {}
1484
1485	impl<'b, T: ?Sized> Ref<'b, T> {
1486	/// Copies a `Ref`.
1487	///
1488	/// The `RefCell` is already immutably borrowed, so this cannot fail.
1489	///
1490	/// This is an associated function that needs to be used as
1491	/// `Ref::clone(...)`. A `Clone` implementation or a method would interfere
1492	/// with the widespread use of `r.borrow().clone()` to clone the contents of
1493	/// a `RefCell`.
1494	#[stable(feature = "cell_extras", since = "1.15.0")]
1495	#[must_use]
1496	#[inline]
1497	pub fn clone(orig: &Ref<'b, T>) -> Ref<'b, T> {
1498	Ref { value: orig.value, borrow: orig.borrow.clone() }
1499	}
1500
1501	/// Makes a new `Ref` for a component of the borrowed data.
1502	///
1503	/// The `RefCell` is already immutably borrowed, so this cannot fail.
1504	///
1505	/// This is an associated function that needs to be used as `Ref::map(...)`.
1506	/// A method would interfere with methods of the same name on the contents
1507	/// of a `RefCell` used through `Deref`.
1508	///
1509	/// # Examples
1510	///
1511	/// ```
1512	/// use std::cell::{RefCell, Ref};
1513	///
1514	/// let c = RefCell::new((`5`, 'b'));
1515	/// let b1: Ref<'_, (u32, char)> = c.borrow();
1516	/// let b2: Ref<'_, u32> = Ref::map(b1, \|t\| &t.0);
1517	/// assert_eq!(*b2, `5`)
1518	/// ```
1519	#[stable(feature = "cell_map", since = "1.8.0")]
1520	#[inline]
1521	pub fn map<U: ?Sized, F>(orig: Ref<'b, T>, f: F) -> Ref<'b, U>
1522	where
1523	F: FnOnce(&T) -> &U,
1524	{
1525	Ref { value: NonNull::from(f(&*orig)), borrow: orig.borrow }
1526	}
1527
1528	/// Makes a new `Ref` for an optional component of the borrowed data. The
1529	/// original guard is returned as an `Err(..)` if the closure returns
1530	/// `None`.
1531	///
1532	/// The `RefCell` is already immutably borrowed, so this cannot fail.
1533	///
1534	/// This is an associated function that needs to be used as
1535	/// `Ref::filter_map(...)`. A method would interfere with methods of the same
1536	/// name on the contents of a `RefCell` used through `Deref`.
1537	///
1538	/// # Examples
1539	///
1540	/// ```
1541	/// use std::cell::{RefCell, Ref};
1542	///
1543	/// let c = RefCell::new(vec![`1`, `2`, `3`]);
1544	/// let b1: Ref<'_, Vec<u32>> = c.borrow();
1545	/// let b2: Result<Ref<'_, u32>, _> = Ref::filter_map(b1, \|v\| v.get(`1`));
1546	/// assert_eq!(*b2.unwrap(), `2`);
1547	/// ```
1548	#[stable(feature = "cell_filter_map", since = "1.63.0")]
1549	#[inline]
1550	pub fn filter_map<U: ?Sized, F>(orig: Ref<'b, T>, f: F) -> Result<Ref<'b, U>, Self>
1551	where
1552	F: FnOnce(&T) -> Option<&U>,
1553	{
1554	match f(&*orig) {
1555	Some(value) => Ok(Ref { value: NonNull::from(value), borrow: orig.borrow }),
1556	None => Err(orig),
1557	}
1558	}
1559
1560	/// Splits a `Ref` into multiple `Ref`s for different components of the
1561	/// borrowed data.
1562	///
1563	/// The `RefCell` is already immutably borrowed, so this cannot fail.
1564	///
1565	/// This is an associated function that needs to be used as
1566	/// `Ref::map_split(...)`. A method would interfere with methods of the same
1567	/// name on the contents of a `RefCell` used through `Deref`.
1568	///
1569	/// # Examples
1570	///
1571	/// ```
1572	/// use std::cell::{Ref, RefCell};
1573	///
1574	/// let cell = RefCell::new([`1`, `2`, `3`, `4`]);
1575	/// let borrow = cell.borrow();
1576	/// let (begin, end) = Ref::map_split(borrow, \|slice\| slice.split_at(`2`));
1577	/// assert_eq!(*begin, [`1`, `2`]);
1578	/// assert_eq!(*end, [`3`, `4`]);
1579	/// ```
1580	#[stable(feature = "refcell_map_split", since = "1.35.0")]
1581	#[inline]
1582	pub fn map_split<U: ?Sized, V: ?Sized, F>(orig: Ref<'b, T>, f: F) -> (Ref<'b, U>, Ref<'b, V>)
1583	where
1584	F: FnOnce(&T) -> (&U, &V),
1585	{
1586	let (a, b) = f(&*orig);
1587	let borrow = orig.borrow.clone();
1588	(
1589	Ref { value: NonNull::from(a), borrow },
1590	Ref { value: NonNull::from(b), borrow: orig.borrow },
1591	)
1592	}
1593
1594	/// Converts into a reference to the underlying data.
1595	///
1596	/// The underlying `RefCell` can never be mutably borrowed from again and will always appear
1597	/// already immutably borrowed. It is not a good idea to leak more than a constant number of
1598	/// references. The `RefCell` can be immutably borrowed again if only a smaller number of leaks
1599	/// have occurred in total.
1600	///
1601	/// This is an associated function that needs to be used as
1602	/// `Ref::leak(...)`. A method would interfere with methods of the
1603	/// same name on the contents of a `RefCell` used through `Deref`.
1604	///
1605	/// # Examples
1606	///
1607	/// ```
1608	/// #![feature(cell_leak)]
1609	/// use std::cell::{RefCell, Ref};
1610	/// let cell = RefCell::new(`0`);
1611	///
1612	/// let value = Ref::leak(cell.borrow());
1613	/// assert_eq!(*value, `0`);
1614	///
1615	/// assert!(cell.try_borrow().is_ok());
1616	/// assert!(cell.try_borrow_mut().is_err());
1617	/// ```
1618	#[unstable(feature = "cell_leak", issue = "69099")]
1619	pub fn leak(orig: Ref<'b, T>) -> &'b T {
1620	// By forgetting this Ref we ensure that the borrow counter in the RefCell can't go back to
1621	// UNUSED within the lifetime `'b`. Resetting the reference tracking state would require a
1622	// unique reference to the borrowed RefCell. No further mutable references can be created
1623	// from the original cell.
1624	mem::forget(orig.borrow);
1625	// SAFETY: after forgetting, we can form a reference for the rest of lifetime `'b`.
1626	unsafe { orig.value.as_ref() }
1627	}
1628	}
1629
1630	#[unstable(feature = "coerce_unsized", issue = "18598")]
1631	impl<'b, T: ?Sized + Unsize<U>, U: ?Sized> CoerceUnsized<Ref<'b, U>> for Ref<'b, T> {}
1632
1633	#[stable(feature = "std_guard_impls", since = "1.20.0")]
1634	impl<T: ?Sized + fmt::Display> fmt::Display for Ref<'_, T> {
1635	fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
1636	(**self).fmt(f)
1637	}
1638	}
1639
1640	impl<'b, T: ?Sized> RefMut<'b, T> {
1641	/// Makes a new `RefMut` for a component of the borrowed data, e.g., an enum
1642	/// variant.
1643	///
1644	/// The `RefCell` is already mutably borrowed, so this cannot fail.
1645	///
1646	/// This is an associated function that needs to be used as
1647	/// `RefMut::map(...)`. A method would interfere with methods of the same
1648	/// name on the contents of a `RefCell` used through `Deref`.
1649	///
1650	/// # Examples
1651	///
1652	/// ```
1653	/// use std::cell::{RefCell, RefMut};
1654	///
1655	/// let c = RefCell::new((`5`, 'b'));
1656	/// {
1657	/// let b1: RefMut<'_, (u32, char)> = c.borrow_mut();
1658	/// let mut b2: RefMut<'_, u32> = RefMut::map(b1, \|t\| &mut t.0);
1659	/// assert_eq!(*b2, `5`);
1660	/// *b2 = `42`;
1661	/// }
1662	/// assert_eq!(*c.borrow(), (`42`, 'b'));
1663	/// ```
1664	#[stable(feature = "cell_map", since = "1.8.0")]
1665	#[inline]
1666	pub fn map<U: ?Sized, F>(mut orig: RefMut<'b, T>, f: F) -> RefMut<'b, U>
1667	where
1668	F: FnOnce(&mut T) -> &mut U,
1669	{
1670	let value = NonNull::from(f(&mut *orig));
1671	RefMut { value, borrow: orig.borrow, marker: PhantomData }
1672	}
1673
1674	/// Makes a new `RefMut` for an optional component of the borrowed data. The
1675	/// original guard is returned as an `Err(..)` if the closure returns
1676	/// `None`.
1677	///
1678	/// The `RefCell` is already mutably borrowed, so this cannot fail.
1679	///
1680	/// This is an associated function that needs to be used as
1681	/// `RefMut::filter_map(...)`. A method would interfere with methods of the
1682	/// same name on the contents of a `RefCell` used through `Deref`.
1683	///
1684	/// # Examples
1685	///
1686	/// ```
1687	/// use std::cell::{RefCell, RefMut};
1688	///
1689	/// let c = RefCell::new(vec![`1`, `2`, `3`]);
1690	///
1691	/// {
1692	/// let b1: RefMut<'_, Vec<u32>> = c.borrow_mut();
1693	/// let mut b2: Result<RefMut<'_, u32>, _> = RefMut::filter_map(b1, \|v\| v.get_mut(`1`));
1694	///
1695	/// if let Ok(mut b2) = b2 {
1696	/// *b2 += `2`;
1697	/// }
1698	/// }
1699	///
1700	/// assert_eq!(*c.borrow(), vec![`1`, `4`, `3`]);
1701	/// ```
1702	#[stable(feature = "cell_filter_map", since = "1.63.0")]
1703	#[inline]
1704	pub fn filter_map<U: ?Sized, F>(mut orig: RefMut<'b, T>, f: F) -> Result<RefMut<'b, U>, Self>
1705	where
1706	F: FnOnce(&mut T) -> Option<&mut U>,
1707	{
1708	// SAFETY: function holds onto an exclusive reference for the duration
1709	// of its call through `orig`, and the pointer is only de-referenced
1710	// inside of the function call never allowing the exclusive reference to
1711	// escape.
1712	match f(&mut *orig) {
1713	Some(value) => {
1714	Ok(RefMut { value: NonNull::from(value), borrow: orig.borrow, marker: PhantomData })
1715	}
1716	None => Err(orig),
1717	}
1718	}
1719
1720	/// Splits a `RefMut` into multiple `RefMut`s for different components of the
1721	/// borrowed data.
1722	///
1723	/// The underlying `RefCell` will remain mutably borrowed until both
1724	/// returned `RefMut`s go out of scope.
1725	///
1726	/// The `RefCell` is already mutably borrowed, so this cannot fail.
1727	///
1728	/// This is an associated function that needs to be used as
1729	/// `RefMut::map_split(...)`. A method would interfere with methods of the
1730	/// same name on the contents of a `RefCell` used through `Deref`.
1731	///
1732	/// # Examples
1733	///
1734	/// ```
1735	/// use std::cell::{RefCell, RefMut};
1736	///
1737	/// let cell = RefCell::new([`1`, `2`, `3`, `4`]);
1738	/// let borrow = cell.borrow_mut();
1739	/// let (mut begin, mut end) = RefMut::map_split(borrow, \|slice\| slice.split_at_mut(`2`));
1740	/// assert_eq!(*begin, [`1`, `2`]);
1741	/// assert_eq!(*end, [`3`, `4`]);
1742	/// begin.copy_from_slice(&[`4`, `3`]);
1743	/// end.copy_from_slice(&[`2`, `1`]);
1744	/// ```
1745	#[stable(feature = "refcell_map_split", since = "1.35.0")]
1746	#[inline]
1747	pub fn map_split<U: ?Sized, V: ?Sized, F>(
1748	mut orig: RefMut<'b, T>,
1749	f: F,
1750	) -> (RefMut<'b, U>, RefMut<'b, V>)
1751	where
1752	F: FnOnce(&mut T) -> (&mut U, &mut V),
1753	{
1754	let borrow = orig.borrow.clone();
1755	let (a, b) = f(&mut *orig);
1756	(
1757	RefMut { value: NonNull::from(a), borrow, marker: PhantomData },
1758	RefMut { value: NonNull::from(b), borrow: orig.borrow, marker: PhantomData },
1759	)
1760	}
1761
1762	/// Converts into a mutable reference to the underlying data.
1763	///
1764	/// The underlying `RefCell` can not be borrowed from again and will always appear already
1765	/// mutably borrowed, making the returned reference the only to the interior.
1766	///
1767	/// This is an associated function that needs to be used as
1768	/// `RefMut::leak(...)`. A method would interfere with methods of the
1769	/// same name on the contents of a `RefCell` used through `Deref`.
1770	///
1771	/// # Examples
1772	///
1773	/// ```
1774	/// #![feature(cell_leak)]
1775	/// use std::cell::{RefCell, RefMut};
1776	/// let cell = RefCell::new(`0`);
1777	///
1778	/// let value = RefMut::leak(cell.borrow_mut());
1779	/// assert_eq!(*value, `0`);
1780	/// *value = `1`;
1781	///
1782	/// assert!(cell.try_borrow_mut().is_err());
1783	/// ```
1784	#[unstable(feature = "cell_leak", issue = "69099")]
1785	pub fn leak(mut orig: RefMut<'b, T>) -> &'b mut T {
1786	// By forgetting this BorrowRefMut we ensure that the borrow counter in the RefCell can't
1787	// go back to UNUSED within the lifetime `'b`. Resetting the reference tracking state would
1788	// require a unique reference to the borrowed RefCell. No further references can be created
1789	// from the original cell within that lifetime, making the current borrow the only
1790	// reference for the remaining lifetime.
1791	mem::forget(orig.borrow);
1792	// SAFETY: after forgetting, we can form a reference for the rest of lifetime `'b`.
1793	unsafe { orig.value.as_mut() }
1794	}
1795	}
1796
1797	struct BorrowRefMut<'b> {
1798	borrow: &'b Cell<BorrowFlag>,
1799	}
1800
1801	impl Drop for BorrowRefMut<'_> {
1802	#[inline]
1803	fn drop(&mut self) {
1804	let borrow: isize = self.borrow.get();
1805	debug_assert!(is_writing(borrow));
1806	self.borrow.set(val:borrow + `1`);
1807	}
1808	}
1809
1810	impl<'b> BorrowRefMut<'b> {
1811	#[inline]
1812	fn new(borrow: &'b Cell<BorrowFlag>) -> Option<BorrowRefMut<'b>> {
1813	// NOTE: Unlike BorrowRefMut::clone, new is called to create the initial
1814	// mutable reference, and so there must currently be no existing
1815	// references. Thus, while clone increments the mutable refcount, here
1816	// we explicitly only allow going from UNUSED to UNUSED - 1.
1817	match borrow.get() {
1818	UNUSED => {
1819	borrow.set(UNUSED - `1`);
1820	Some(BorrowRefMut { borrow })
1821	}
1822	_ => None,
1823	}
1824	}
1825
1826	// Clones a `BorrowRefMut`.
1827	//
1828	// This is only valid if each `BorrowRefMut` is used to track a mutable
1829	// reference to a distinct, nonoverlapping range of the original object.
1830	// This isn't in a Clone impl so that code doesn't call this implicitly.
1831	#[inline]
1832	fn clone(&self) -> BorrowRefMut<'b> {
1833	let borrow = self.borrow.get();
1834	debug_assert!(is_writing(borrow));
1835	// Prevent the borrow counter from underflowing.
1836	assert!(borrow != BorrowFlag::MIN);
1837	self.borrow.set(borrow - `1`);
1838	BorrowRefMut { borrow: self.borrow }
1839	}
1840	}
1841
1842	/// A wrapper type for a mutably borrowed value from a `RefCell<T>`.
1843	///
1844	/// See the [module-level documentation](self) for more.
1845	#[stable(feature = "rust1", since = "1.0.0")]
1846	#[must_not_suspend = "holding a RefMut across suspend points can cause BorrowErrors"]
1847	#[rustc_diagnostic_item = "RefCellRefMut"]
1848	pub struct RefMut<'b, T: ?Sized + 'b> {
1849	// NB: we use a pointer instead of `&'b mut T` to avoid `noalias` violations, because a
1850	// `RefMut` argument doesn't hold exclusivity for its whole scope, only until it drops.
1851	value: NonNull<T>,
1852	borrow: BorrowRefMut<'b>,
1853	// `NonNull` is covariant over `T`, so we need to reintroduce invariance.
1854	marker: PhantomData<&'b mut T>,
1855	}
1856
1857	#[stable(feature = "rust1", since = "1.0.0")]
1858	impl<T: ?Sized> Deref for RefMut<'_, T> {
1859	type Target = T;
1860
1861	#[inline]
1862	fn deref(&self) -> &T {
1863	// SAFETY: the value is accessible as long as we hold our borrow.
1864	unsafe { self.value.as_ref() }
1865	}
1866	}
1867
1868	#[stable(feature = "rust1", since = "1.0.0")]
1869	impl<T: ?Sized> DerefMut for RefMut<'_, T> {
1870	#[inline]
1871	fn deref_mut(&mut self) -> &mut T {
1872	// SAFETY: the value is accessible as long as we hold our borrow.
1873	unsafe { self.value.as_mut() }
1874	}
1875	}
1876
1877	#[unstable(feature = "deref_pure_trait", issue = "87121")]
1878	unsafe impl<T: ?Sized> DerefPure for RefMut<'_, T> {}
1879
1880	#[unstable(feature = "coerce_unsized", issue = "18598")]
1881	impl<'b, T: ?Sized + Unsize<U>, U: ?Sized> CoerceUnsized<RefMut<'b, U>> for RefMut<'b, T> {}
1882
1883	#[stable(feature = "std_guard_impls", since = "1.20.0")]
1884	impl<T: ?Sized + fmt::Display> fmt::Display for RefMut<'_, T> {
1885	fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
1886	(**self).fmt(f)
1887	}
1888	}
1889
1890	/// The core primitive for interior mutability in Rust.
1891	///
1892	/// If you have a reference `&T`, then normally in Rust the compiler performs optimizations based on
1893	/// the knowledge that `&T` points to immutable data. Mutating that data, for example through an
1894	/// alias or by transmuting a `&T` into a `&mut T`, is considered undefined behavior.
1895	/// `UnsafeCell<T>` opts-out of the immutability guarantee for `&T`: a shared reference
1896	/// `&UnsafeCell<T>` may point to data that is being mutated. This is called "interior mutability".
1897	///
1898	/// All other types that allow internal mutability, such as [`Cell<T>`] and [`RefCell<T>`], internally
1899	/// use `UnsafeCell` to wrap their data.
1900	///
1901	/// Note that only the immutability guarantee for shared references is affected by `UnsafeCell`. The
1902	/// uniqueness guarantee for mutable references is unaffected. There is no* legal way to obtain*
1903	/// aliasing `&mut`, not even with `UnsafeCell<T>`.
1904	///
1905	/// `UnsafeCell` does nothing to avoid data races; they are still undefined behavior. If multiple
1906	/// threads have access to the same `UnsafeCell`, they must follow the usual rules of the
1907	/// [concurrent memory model]: conflicting non-synchronized accesses must be done via the APIs in
1908	/// [`core::sync::atomic`].
1909	///
1910	/// The `UnsafeCell` API itself is technically very simple: [`.get()`] gives you a raw pointer
1911	/// `mut T` to its contents. It is up to _you_ as the abstraction designer to use that raw pointer*
1912	/// correctly.
1913	///
1914	/// [`.get()`]: `UnsafeCell::get`
1915	/// [concurrent memory model]: ../sync/atomic/index.html#memory-model-for-atomic-accesses
1916	///
1917	/// # Aliasing rules
1918	///
1919	/// The precise Rust aliasing rules are somewhat in flux, but the main points are not contentious:
1920	///
1921	/// - If you create a safe reference with lifetime `'a` (either a `&T` or `&mut T` reference), then
1922	/// you must not access the data in any way that contradicts that reference for the remainder of
1923	/// `'a`. For example, this means that if you take the `mut T` from an `UnsafeCell<T>` and cast it*
1924	/// to an `&T`, then the data in `T` must remain immutable (modulo any `UnsafeCell` data found
1925	/// within `T`, of course) until that reference's lifetime expires. Similarly, if you create a `&mut
1926	/// T` reference that is released to safe code, then you must not access the data within the
1927	/// `UnsafeCell` until that reference expires.
1928	///
1929	/// - For both `&T` without `UnsafeCell<_>` and `&mut T`, you must also not deallocate the data
1930	/// until the reference expires. As a special exception, given an `&T`, any part of it that is
1931	/// inside an `UnsafeCell<_>` may be deallocated during the lifetime of the reference, after the
1932	/// last time the reference is used (dereferenced or reborrowed). Since you cannot deallocate a part
1933	/// of what a reference points to, this means the memory an `&T` points to can be deallocated only if
1934	/// every part of it* (including padding) is inside an `UnsafeCell`.*
1935	///
1936	/// However, whenever a `&UnsafeCell<T>` is constructed or dereferenced, it must still point to
1937	/// live memory and the compiler is allowed to insert spurious reads if it can prove that this
1938	/// memory has not yet been deallocated.
1939	///
1940	/// To assist with proper design, the following scenarios are explicitly declared legal
1941	/// for single-threaded code:
1942	///
1943	/// 1. A `&T` reference can be released to safe code and there it can co-exist with other `&T`
1944	/// references, but not with a `&mut T`
1945	///
1946	/// 2. A `&mut T` reference may be released to safe code provided neither other `&mut T` nor `&T`
1947	/// co-exist with it. A `&mut T` must always be unique.
1948	///
1949	/// Note that whilst mutating the contents of an `&UnsafeCell<T>` (even while other
1950	/// `&UnsafeCell<T>` references alias the cell) is
1951	/// ok (provided you enforce the above invariants some other way), it is still undefined behavior
1952	/// to have multiple `&mut UnsafeCell<T>` aliases. That is, `UnsafeCell` is a wrapper
1953	/// designed to have a special interaction with _shared_ accesses (_i.e._, through an
1954	/// `&UnsafeCell<_>` reference); there is no magic whatsoever when dealing with _exclusive_
1955	/// accesses (_e.g._, through a `&mut UnsafeCell<_>`): neither the cell nor the wrapped value
1956	/// may be aliased for the duration of that `&mut` borrow.
1957	/// This is showcased by the [`.get_mut()`] accessor, which is a _safe_ getter that yields
1958	/// a `&mut T`.
1959	///
1960	/// [`.get_mut()`]: `UnsafeCell::get_mut`
1961	///
1962	/// # Memory layout
1963	///
1964	/// `UnsafeCell<T>` has the same in-memory representation as its inner type `T`. A consequence
1965	/// of this guarantee is that it is possible to convert between `T` and `UnsafeCell<T>`.
1966	/// Special care has to be taken when converting a nested `T` inside of an `Outer<T>` type
1967	/// to an `Outer<UnsafeCell<T>>` type: this is not sound when the `Outer<T>` type enables [niche]
1968	/// optimizations. For example, the type `Option<NonNull<u8>>` is typically 8 bytes large on
1969	/// 64-bit platforms, but the type `Option<UnsafeCell<NonNull<u8>>>` takes up 16 bytes of space.
1970	/// Therefore this is not a valid conversion, despite `NonNull<u8>` and `UnsafeCell<NonNull<u8>>>`
1971	/// having the same memory layout. This is because `UnsafeCell` disables niche optimizations in
1972	/// order to avoid its interior mutability property from spreading from `T` into the `Outer` type,
1973	/// thus this can cause distortions in the type size in these cases.
1974	///
1975	/// Note that the only valid way to obtain a `mut T` pointer to the contents of a*
1976	/// _shared_ `UnsafeCell<T>` is through [`.get()`] or [`.raw_get()`]. A `&mut T` reference
1977	/// can be obtained by either dereferencing this pointer or by calling [`.get_mut()`]
1978	/// on an _exclusive_ `UnsafeCell<T>`. Even though `T` and `UnsafeCell<T>` have the
1979	/// same memory layout, the following is not allowed and undefined behavior:
1980	///
1981	/// ```rust,compile_fail
1982	/// # use std::cell::UnsafeCell;
1983	/// unsafe fn not_allowed<T>(ptr: &UnsafeCell<T>) -> &mut T {
1984	/// let t = ptr as *const UnsafeCell<T> as *mut T;
1985	/// // This is undefined behavior, because the `mut T` pointer*
1986	/// // was not obtained through `.get()` nor `.raw_get()`:
1987	/// unsafe { &mut *t }
1988	/// }
1989	/// ```
1990	///
1991	/// Instead, do this:
1992	///
1993	/// ```rust
1994	/// # use std::cell::UnsafeCell;
1995	/// // Safety: the caller must ensure that there are no references that
1996	/// // point to the contents* of the `UnsafeCell`.*
1997	/// unsafe fn get_mut<T>(ptr: &UnsafeCell<T>) -> &mut T {
1998	/// unsafe { &mut *ptr.get() }
1999	/// }
2000	/// ```
2001	///
2002	/// Converting in the other direction from a `&mut T`
2003	/// to an `&UnsafeCell<T>` is allowed:
2004	///
2005	/// ```rust
2006	/// # use std::cell::UnsafeCell;
2007	/// fn get_shared<T>(ptr: &mut T) -> &UnsafeCell<T> {
2008	/// let t = ptr as *mut T as *const UnsafeCell<T>;
2009	/// // SAFETY: `T` and `UnsafeCell<T>` have the same memory layout
2010	/// unsafe { &*t }
2011	/// }
2012	/// ```
2013	///
2014	/// [niche]: https://rust-lang.github.io/unsafe-code-guidelines/glossary.html#niche
2015	/// [`.raw_get()`]: `UnsafeCell::raw_get`
2016	///
2017	/// # Examples
2018	///
2019	/// Here is an example showcasing how to soundly mutate the contents of an `UnsafeCell<_>` despite
2020	/// there being multiple references aliasing the cell:
2021	///
2022	/// ```
2023	/// use std::cell::UnsafeCell;
2024	///
2025	/// let x: UnsafeCell<i32> = `42`.into();
2026	/// // Get multiple / concurrent / shared references to the same `x`.
2027	/// let (p1, p2): (&UnsafeCell<i32>, &UnsafeCell<i32>) = (&x, &x);
2028	///
2029	/// unsafe {
2030	/// // SAFETY: within this scope there are no other references to `x`'s contents,
2031	/// // so ours is effectively unique.
2032	/// let p1_exclusive: &mut i32 = &mut p1.get(); // -- borrow --+*
2033	/// p1_exclusive += `27`; // \|*
2034	/// } // <---------- cannot go beyond this point -------------------+
2035	///
2036	/// unsafe {
2037	/// // SAFETY: within this scope nobody expects to have exclusive access to `x`'s contents,
2038	/// // so we can have multiple shared accesses concurrently.
2039	/// let p2_shared: &i32 = &*p2.get();
2040	/// assert_eq!(*p2_shared, `42` + `27`);
2041	/// let p1_shared: &i32 = &*p1.get();
2042	/// assert_eq!(p1_shared, p2_shared);
2043	/// }
2044	/// ```
2045	///
2046	/// The following example showcases the fact that exclusive access to an `UnsafeCell<T>`
2047	/// implies exclusive access to its `T`:
2048	///
2049	/// ```rust
2050	/// #![forbid(unsafe_code)] // with exclusive accesses,
2051	/// // `UnsafeCell` is a transparent no-op wrapper,
2052	/// // so no need for `unsafe` here.
2053	/// use std::cell::UnsafeCell;
2054	///
2055	/// let mut x: UnsafeCell<i32> = `42`.into();
2056	///
2057	/// // Get a compile-time-checked unique reference to `x`.
2058	/// let p_unique: &mut UnsafeCell<i32> = &mut x;
2059	/// // With an exclusive reference, we can mutate the contents for free.
2060	/// *p_unique.get_mut() = `0`;
2061	/// // Or, equivalently:
2062	/// x = UnsafeCell::new(`0`);
2063	///
2064	/// // When we own the value, we can extract the contents for free.
2065	/// let contents: i32 = x.into_inner();
2066	/// assert_eq!(contents, `0`);
2067	/// ```
2068	#[lang = "unsafe_cell"]
2069	#[stable(feature = "rust1", since = "1.0.0")]
2070	#[repr(transparent)]
2071	#[rustc_pub_transparent]
2072	pub struct UnsafeCell<T: ?Sized> {
2073	value: T,
2074	}
2075
2076	#[stable(feature = "rust1", since = "1.0.0")]
2077	impl<T: ?Sized> !Sync for UnsafeCell<T> {}
2078
2079	impl<T> UnsafeCell<T> {
2080	/// Constructs a new instance of `UnsafeCell` which will wrap the specified
2081	/// value.
2082	///
2083	/// All access to the inner value through `&UnsafeCell<T>` requires `unsafe` code.
2084	///
2085	/// # Examples
2086	///
2087	/// ```
2088	/// use std::cell::UnsafeCell;
2089	///
2090	/// let uc = UnsafeCell::new(`5`);
2091	/// ```
2092	#[stable(feature = "rust1", since = "1.0.0")]
2093	#[rustc_const_stable(feature = "const_unsafe_cell_new", since = "1.32.0")]
2094	#[inline(always)]
2095	pub const fn new(value: T) -> UnsafeCell<T> {
2096	UnsafeCell { value }
2097	}
2098
2099	/// Unwraps the value, consuming the cell.
2100	///
2101	/// # Examples
2102	///
2103	/// ```
2104	/// use std::cell::UnsafeCell;
2105	///
2106	/// let uc = UnsafeCell::new(`5`);
2107	///
2108	/// let five = uc.into_inner();
2109	/// ```
2110	#[inline(always)]
2111	#[stable(feature = "rust1", since = "1.0.0")]
2112	#[rustc_const_stable(feature = "const_cell_into_inner", since = "1.83.0")]
2113	#[rustc_allow_const_fn_unstable(const_precise_live_drops)]
2114	pub const fn into_inner(self) -> T {
2115	self.value
2116	}
2117
2118	/// Replace the value in this `UnsafeCell` and return the old value.
2119	///
2120	/// # Safety
2121	///
2122	/// The caller must take care to avoid aliasing and data races.
2123	///
2124	/// - It is Undefined Behavior to allow calls to race with
2125	/// any other access to the wrapped value.
2126	/// - It is Undefined Behavior to call this while any other
2127	/// reference(s) to the wrapped value are alive.
2128	///
2129	/// # Examples
2130	///
2131	/// ```
2132	/// #![feature(unsafe_cell_access)]
2133	/// use std::cell::UnsafeCell;
2134	///
2135	/// let uc = UnsafeCell::new(`5`);
2136	///
2137	/// let old = unsafe { uc.replace(`10`) };
2138	/// assert_eq!(old, `5`);
2139	/// ```
2140	#[inline]
2141	#[unstable(feature = "unsafe_cell_access", issue = "136327")]
2142	pub const unsafe fn replace(&self, value: T) -> T {
2143	// SAFETY: pointer comes from `&self` so naturally satisfies invariants.
2144	unsafe { ptr::replace(self.get(), value) }
2145	}
2146	}
2147
2148	impl<T: ?Sized> UnsafeCell<T> {
2149	/// Converts from `&mut T` to `&mut UnsafeCell<T>`.
2150	///
2151	/// # Examples
2152	///
2153	/// ```
2154	/// use std::cell::UnsafeCell;
2155	///
2156	/// let mut val = `42`;
2157	/// let uc = UnsafeCell::from_mut(&mut val);
2158	///
2159	/// *uc.get_mut() -= `1`;
2160	/// assert_eq!(*uc.get_mut(), `41`);
2161	/// ```
2162	#[inline(always)]
2163	#[stable(feature = "unsafe_cell_from_mut", since = "1.84.0")]
2164	#[rustc_const_stable(feature = "unsafe_cell_from_mut", since = "1.84.0")]
2165	pub const fn from_mut(value: &mut T) -> &mut UnsafeCell<T> {
2166	// SAFETY: `UnsafeCell<T>` has the same memory layout as `T` due to #[repr(transparent)].
2167	unsafe { &mut (value as mut T as *mut UnsafeCell<T>) }
2168	}
2169
2170	/// Gets a mutable pointer to the wrapped value.
2171	///
2172	/// This can be cast to a pointer of any kind. When creating references, you must uphold the
2173	/// aliasing rules; see [the type-level docs][UnsafeCell#aliasing-rules] for more discussion and
2174	/// caveats.
2175	///
2176	/// # Examples
2177	///
2178	/// ```
2179	/// use std::cell::UnsafeCell;
2180	///
2181	/// let uc = UnsafeCell::new(`5`);
2182	///
2183	/// let five = uc.get();
2184	/// ```
2185	#[inline(always)]
2186	#[stable(feature = "rust1", since = "1.0.0")]
2187	#[rustc_const_stable(feature = "const_unsafecell_get", since = "1.32.0")]
2188	#[rustc_as_ptr]
2189	#[rustc_never_returns_null_ptr]
2190	pub const fn get(&self) -> *mut T {
2191	// We can just cast the pointer from `UnsafeCell<T>` to `T` because of
2192	// #[repr(transparent)]. This exploits std's special status, there is
2193	// no guarantee for user code that this will work in future versions of the compiler!
2194	self as *const UnsafeCell<T> as *const T as *mut T
2195	}
2196
2197	/// Returns a mutable reference to the underlying data.
2198	///
2199	/// This call borrows the `UnsafeCell` mutably (at compile-time) which
2200	/// guarantees that we possess the only reference.
2201	///
2202	/// # Examples
2203	///
2204	/// ```
2205	/// use std::cell::UnsafeCell;
2206	///
2207	/// let mut c = UnsafeCell::new(`5`);
2208	/// *c.get_mut() += `1`;
2209	///
2210	/// assert_eq!(*c.get_mut(), `6`);
2211	/// ```
2212	#[inline(always)]
2213	#[stable(feature = "unsafe_cell_get_mut", since = "1.50.0")]
2214	#[rustc_const_stable(feature = "const_unsafecell_get_mut", since = "1.83.0")]
2215	pub const fn get_mut(&mut self) -> &mut T {
2216	&mut self.value
2217	}
2218
2219	/// Gets a mutable pointer to the wrapped value.
2220	/// The difference from [`get`] is that this function accepts a raw pointer,
2221	/// which is useful to avoid the creation of temporary references.
2222	///
2223	/// This can be cast to a pointer of any kind. When creating references, you must uphold the
2224	/// aliasing rules; see [the type-level docs][UnsafeCell#aliasing-rules] for more discussion and
2225	/// caveats.
2226	///
2227	/// [`get`]: UnsafeCell::get()
2228	///
2229	/// # Examples
2230	///
2231	/// Gradual initialization of an `UnsafeCell` requires `raw_get`, as
2232	/// calling `get` would require creating a reference to uninitialized data:
2233	///
2234	/// ```
2235	/// use std::cell::UnsafeCell;
2236	/// use std::mem::MaybeUninit;
2237	///
2238	/// let m = MaybeUninit::<UnsafeCell<i32>>::uninit();
2239	/// unsafe { UnsafeCell::raw_get(m.as_ptr()).write(`5`); }
2240	/// // avoid below which references to uninitialized data
2241	/// // unsafe { UnsafeCell::get(&m.as_ptr()).write(5); }*
2242	/// let uc = unsafe { m.assume_init() };
2243	///
2244	/// assert_eq!(uc.into_inner(), `5`);
2245	/// ```
2246	#[inline(always)]
2247	#[stable(feature = "unsafe_cell_raw_get", since = "1.56.0")]
2248	#[rustc_const_stable(feature = "unsafe_cell_raw_get", since = "1.56.0")]
2249	#[rustc_diagnostic_item = "unsafe_cell_raw_get"]
2250	pub const fn raw_get(this: *const Self) -> *mut T {
2251	// We can just cast the pointer from `UnsafeCell<T>` to `T` because of
2252	// #[repr(transparent)]. This exploits std's special status, there is
2253	// no guarantee for user code that this will work in future versions of the compiler!
2254	this as *const T as *mut T
2255	}
2256
2257	/// Get a shared reference to the value within the `UnsafeCell`.
2258	///
2259	/// # Safety
2260	///
2261	/// - It is Undefined Behavior to call this while any mutable
2262	/// reference to the wrapped value is alive.
2263	/// - Mutating the wrapped value while the returned
2264	/// reference is alive is Undefined Behavior.
2265	///
2266	/// # Examples
2267	///
2268	/// ```
2269	/// #![feature(unsafe_cell_access)]
2270	/// use std::cell::UnsafeCell;
2271	///
2272	/// let uc = UnsafeCell::new(`5`);
2273	///
2274	/// let val = unsafe { uc.as_ref_unchecked() };
2275	/// assert_eq!(val, &`5`);
2276	/// ```
2277	#[inline]
2278	#[unstable(feature = "unsafe_cell_access", issue = "136327")]
2279	pub const unsafe fn as_ref_unchecked(&self) -> &T {
2280	// SAFETY: pointer comes from `&self` so naturally satisfies ptr-to-ref invariants.
2281	unsafe { self.get().as_ref_unchecked() }
2282	}
2283
2284	/// Get an exclusive reference to the value within the `UnsafeCell`.
2285	///
2286	/// # Safety
2287	///
2288	/// - It is Undefined Behavior to call this while any other
2289	/// reference(s) to the wrapped value are alive.
2290	/// - Mutating the wrapped value through other means while the
2291	/// returned reference is alive is Undefined Behavior.
2292	///
2293	/// # Examples
2294	///
2295	/// ```
2296	/// #![feature(unsafe_cell_access)]
2297	/// use std::cell::UnsafeCell;
2298	///
2299	/// let uc = UnsafeCell::new(`5`);
2300	///
2301	/// unsafe { *uc.as_mut_unchecked() += `1`; }
2302	/// assert_eq!(uc.into_inner(), `6`);
2303	/// ```
2304	#[inline]
2305	#[unstable(feature = "unsafe_cell_access", issue = "136327")]
2306	#[allow(clippy::mut_from_ref)]
2307	pub const unsafe fn as_mut_unchecked(&self) -> &mut T {
2308	// SAFETY: pointer comes from `&self` so naturally satisfies ptr-to-ref invariants.
2309	unsafe { self.get().as_mut_unchecked() }
2310	}
2311	}
2312
2313	#[stable(feature = "unsafe_cell_default", since = "1.10.0")]
2314	impl<T: Default> Default for UnsafeCell<T> {
2315	/// Creates an `UnsafeCell`, with the `Default` value for T.
2316	fn default() -> UnsafeCell<T> {
2317	UnsafeCell::new(Default::default())
2318	}
2319	}
2320
2321	#[stable(feature = "cell_from", since = "1.12.0")]
2322	impl<T> From<T> for UnsafeCell<T> {
2323	/// Creates a new `UnsafeCell<T>` containing the given value.
2324	fn from(t: T) -> UnsafeCell<T> {
2325	UnsafeCell::new(t)
2326	}
2327	}
2328
2329	#[unstable(feature = "coerce_unsized", issue = "18598")]
2330	impl<T: CoerceUnsized<U>, U> CoerceUnsized<UnsafeCell<U>> for UnsafeCell<T> {}
2331
2332	// Allow types that wrap `UnsafeCell` to also implement `DispatchFromDyn`
2333	// and become dyn-compatible method receivers.
2334	// Note that currently `UnsafeCell` itself cannot be a method receiver
2335	// because it does not implement Deref.
2336	// In other words:
2337	// `self: UnsafeCell<&Self>` won't work
2338	// `self: UnsafeCellWrapper<Self>` becomes possible
2339	#[unstable(feature = "dispatch_from_dyn", issue = "none")]
2340	impl<T: DispatchFromDyn<U>, U> DispatchFromDyn<UnsafeCell<U>> for UnsafeCell<T> {}
2341
2342	#[unstable(feature = "pointer_like_trait", issue = "none")]
2343	impl<T: PointerLike> PointerLike for UnsafeCell<T> {}
2344
2345	/// [`UnsafeCell`], but [`Sync`].
2346	///
2347	/// This is just an `UnsafeCell`, except it implements `Sync`
2348	/// if `T` implements `Sync`.
2349	///
2350	/// `UnsafeCell` doesn't implement `Sync`, to prevent accidental mis-use.
2351	/// You can use `SyncUnsafeCell` instead of `UnsafeCell` to allow it to be
2352	/// shared between threads, if that's intentional.
2353	/// Providing proper synchronization is still the task of the user,
2354	/// making this type just as unsafe to use.
2355	///
2356	/// See [`UnsafeCell`] for details.
2357	#[unstable(feature = "sync_unsafe_cell", issue = "95439")]
2358	#[repr(transparent)]
2359	#[rustc_diagnostic_item = "SyncUnsafeCell"]
2360	#[rustc_pub_transparent]
2361	pub struct SyncUnsafeCell<T: ?Sized> {
2362	value: UnsafeCell<T>,
2363	}
2364
2365	#[unstable(feature = "sync_unsafe_cell", issue = "95439")]
2366	unsafe impl<T: ?Sized + Sync> Sync for SyncUnsafeCell<T> {}
2367
2368	#[unstable(feature = "sync_unsafe_cell", issue = "95439")]
2369	impl<T> SyncUnsafeCell<T> {
2370	/// Constructs a new instance of `SyncUnsafeCell` which will wrap the specified value.
2371	#[inline]
2372	pub const fn new(value: T) -> Self {
2373	Self { value: UnsafeCell { value } }
2374	}
2375
2376	/// Unwraps the value, consuming the cell.
2377	#[inline]
2378	#[rustc_const_unstable(feature = "sync_unsafe_cell", issue = "95439")]
2379	pub const fn into_inner(self) -> T {
2380	self.value.into_inner()
2381	}
2382	}
2383
2384	#[unstable(feature = "sync_unsafe_cell", issue = "95439")]
2385	impl<T: ?Sized> SyncUnsafeCell<T> {
2386	/// Gets a mutable pointer to the wrapped value.
2387	///
2388	/// This can be cast to a pointer of any kind.
2389	/// Ensure that the access is unique (no active references, mutable or not)
2390	/// when casting to `&mut T`, and ensure that there are no mutations
2391	/// or mutable aliases going on when casting to `&T`
2392	#[inline]
2393	#[rustc_as_ptr]
2394	#[rustc_never_returns_null_ptr]
2395	pub const fn get(&self) -> *mut T {
2396	self.value.get()
2397	}
2398
2399	/// Returns a mutable reference to the underlying data.
2400	///
2401	/// This call borrows the `SyncUnsafeCell` mutably (at compile-time) which
2402	/// guarantees that we possess the only reference.
2403	#[inline]
2404	pub const fn get_mut(&mut self) -> &mut T {
2405	self.value.get_mut()
2406	}
2407
2408	/// Gets a mutable pointer to the wrapped value.
2409	///
2410	/// See [`UnsafeCell::get`] for details.
2411	#[inline]
2412	pub const fn raw_get(this: *const Self) -> *mut T {
2413	// We can just cast the pointer from `SyncUnsafeCell<T>` to `T` because
2414	// of #[repr(transparent)] on both SyncUnsafeCell and UnsafeCell.
2415	// See UnsafeCell::raw_get.
2416	this as *const T as *mut T
2417	}
2418	}
2419
2420	#[unstable(feature = "sync_unsafe_cell", issue = "95439")]
2421	impl<T: Default> Default for SyncUnsafeCell<T> {
2422	/// Creates an `SyncUnsafeCell`, with the `Default` value for T.
2423	fn default() -> SyncUnsafeCell<T> {
2424	SyncUnsafeCell::new(Default::default())
2425	}
2426	}
2427
2428	#[unstable(feature = "sync_unsafe_cell", issue = "95439")]
2429	impl<T> From<T> for SyncUnsafeCell<T> {
2430	/// Creates a new `SyncUnsafeCell<T>` containing the given value.
2431	fn from(t: T) -> SyncUnsafeCell<T> {
2432	SyncUnsafeCell::new(t)
2433	}
2434	}
2435
2436	#[unstable(feature = "coerce_unsized", issue = "18598")]
2437	//#[unstable(feature = "sync_unsafe_cell", issue = "95439")]
2438	impl<T: CoerceUnsized<U>, U> CoerceUnsized<SyncUnsafeCell<U>> for SyncUnsafeCell<T> {}
2439
2440	// Allow types that wrap `SyncUnsafeCell` to also implement `DispatchFromDyn`
2441	// and become dyn-compatible method receivers.
2442	// Note that currently `SyncUnsafeCell` itself cannot be a method receiver
2443	// because it does not implement Deref.
2444	// In other words:
2445	// `self: SyncUnsafeCell<&Self>` won't work
2446	// `self: SyncUnsafeCellWrapper<Self>` becomes possible
2447	#[unstable(feature = "dispatch_from_dyn", issue = "none")]
2448	//#[unstable(feature = "sync_unsafe_cell", issue = "95439")]
2449	impl<T: DispatchFromDyn<U>, U> DispatchFromDyn<SyncUnsafeCell<U>> for SyncUnsafeCell<T> {}
2450
2451	#[unstable(feature = "pointer_like_trait", issue = "none")]
2452	impl<T: PointerLike> PointerLike for SyncUnsafeCell<T> {}
2453
2454	#[allow(unused)]
2455	fn assert_coerce_unsized(
2456	a: UnsafeCell<&i32>,
2457	b: SyncUnsafeCell<&i32>,
2458	c: Cell<&i32>,
2459	d: RefCell<&i32>,
2460	) {
2461	let _: UnsafeCell<&dyn Send> = a;
2462	let _: SyncUnsafeCell<&dyn Send> = b;
2463	let _: Cell<&dyn Send> = c;
2464	let _: RefCell<&dyn Send> = d;
2465	}
2466
2467	#[unstable(feature = "pin_coerce_unsized_trait", issue = "123430")]
2468	unsafe impl<T: ?Sized> PinCoerceUnsized for UnsafeCell<T> {}
2469
2470	#[unstable(feature = "pin_coerce_unsized_trait", issue = "123430")]
2471	unsafe impl<T: ?Sized> PinCoerceUnsized for SyncUnsafeCell<T> {}
2472
2473	#[unstable(feature = "pin_coerce_unsized_trait", issue = "123430")]
2474	unsafe impl<T: ?Sized> PinCoerceUnsized for Cell<T> {}
2475
2476	#[unstable(feature = "pin_coerce_unsized_trait", issue = "123430")]
2477	unsafe impl<T: ?Sized> PinCoerceUnsized for RefCell<T> {}
2478
2479	#[unstable(feature = "pin_coerce_unsized_trait", issue = "123430")]
2480	unsafe impl<'b, T: ?Sized> PinCoerceUnsized for Ref<'b, T> {}
2481
2482	#[unstable(feature = "pin_coerce_unsized_trait", issue = "123430")]
2483	unsafe impl<'b, T: ?Sized> PinCoerceUnsized for RefMut<'b, T> {}
2484