From: Ralf Jung Date: Tue, 18 Jul 2017 16:56:46 +0000 (-0700) Subject: only &UnsafeCell is special X-Git-Url: https://git.ralfj.de/web.git/commitdiff_plain/9cadf91aef0815c3982f957131b37c0b2f876915?hp=08828a8ca87acd71a18ff2e719c587aa36a35231 only &UnsafeCell is special --- diff --git a/personal/_posts/2017-07-17-types-as-contracts.md b/personal/_posts/2017-07-17-types-as-contracts.md index 2d5e3c4..e01e750 100644 --- a/personal/_posts/2017-07-17-types-as-contracts.md +++ b/personal/_posts/2017-07-17-types-as-contracts.md @@ -306,7 +306,8 @@ If a function takes an `x: &Cell`, following the rules above, it will acqui Clearly, we do not want to do that -- calling `x.set` *will* actually mutate `*x`, and mutating through a shared reference is exactly the point of using `Cell`! Lucky enough, the compiler *already* says that interior mutability is only allowed via [`UnsafeCell`](https://doc.rust-lang.org/beta/core/cell/struct.UnsafeCell.html). -We can use this for our purposes: To adjust validation for interior mutability, we *stop* our recursive descent and do not do anything when reaching an `UnsafeCell`. +We can use this for our purposes: To adjust validation for interior mutability, we *stop* our recursive descent and do not do anything when reaching an `UnsafeCell` *while `mutbl` indicates we are in immutable mode*. +(`&mut UnsafeCell` is not affected.) In particular, no locks are acquired. This justifies calling `set` on a shared reference and having the value changed. Of course, it also means we cannot do some of the optimizations we discussed above -- but that's actually exactly what we want!