RFC: Introduce Mut<T> to libstd (round 2)

[sfackler]

This is based off of @blake2-ppc's work on #9429. That PR bitrotted and I haven't been able to contact the original author so I decided to take up the cause.

Overview

Mut encapsulates a mutable, non-nullable slot. The Cell type is currently used to do this, but Cell is much more commonly used as a workaround for the inability to move values into non-once functions. Mut provides a more robust API.

Mut duplicates the semantics of borrowed pointers with enforcement at runtime instead of compile time.

let x = Mut::new(0);

{
    // make some immutable borrows
    let p = x.borrow();
    let y = *p.get() + 10;

    // multiple immutable borrows are allowed simultaneously
    let p2 = x.borrow();

    // this would throw a runtime failure
    // let p_mut = x.borrow_mut();
}

// now we can mutably borrow
let p = x.borrow_mut();
*p.get() = 10;

borrow returns a Ref type and borrow_mut returns a RefMut type, both of which are simple smart pointer types with a single method, get, which returns a reference to the wrapped data.

This also allows RcMut<T> to be deleted, as it can be replaced with Rc<Mut<T>>.

Changes

I've done things a little bit differently than the original proposal.

• I've added try_borrow and try_borrow_mut methods that return Option<Ref<T>> and Option<RefMut<T>> respectively instead of failing on a borrow check failure. I'm not totally sure when that'd be useful, but I don't see any reason to not put them in and @cmr requested them.
• ReadPtr and WritePtr have been renamed to Ref and RefMut respectively, as Ref is to ref foo and RefMut is to ref mut foo as Mut is to mut foo.
• get on MutRef now takes &self instead of &mut self for consistency with &mut. As @alexcrichton pointed, out this violates soundness by allowing aliasing &mut references.
• Cell is being left as is. It solves a different problem than Mut is designed to solve.
• There are no longer methods implemented for Mut<Option<T>>. Since Cell isn't going away, there's less of a need for these, and I didn't feel like they provided a huge benefit, especially as that kind of impl is very uncommon in the standard library.

Open Questions

• Cell should now be used exclusively for movement into closures. Should this be enforced by reducing its API to new and take? It seems like this use case will be completely going away once the transition to proc and co. finishes.
• Should there be try_map and try_map_mut methods along with map and map_mut?

[alexcrichton]

Shouldn't this be called with and with_mut? It doesn't seem like there's any mapping going on here.

[sfackler]

Done

[alexcrichton]

I'm very much a fan of destroying Cell as much as possible. If cell were reduced to new, take, and put_back, then why again can't we define the same methods for Mut<Option<T>>? Otherwise, I'm in favor of deleting the extra Cell methods that should be superseded by Mut<T> now.

I would not vote for a try_map{,_mut}, map_mut is only a convenience method and if you want the try version then you could say try_borrow().map(|a| f(a.get())( which isn't too bad.

[emberian]

Agree

On Sat, Nov 16, 2013 at 3:25 AM, Alex Crichton [email protected]:

I'm very much a fan of destroying Cell as much as possible. If cell were
reduced to new, take, and put_back, then why again can't we define the
same methods for Mut<Option>? Otherwise, I'm in favor of deleting the
extra Cell methods that should be superseded by Mut now.

I would not vote for a try_map{,_mut}, map_mut is only a convenience
method and if you want the try version then you could say try_borrow().map(|a|
f(a.get())( which isn't too bad.

—
Reply to this email directly or view it on GitHubhttps://github.com//pull/10514#issuecomment-28622183
.

[glaebhoerl]

Is there any reason not to add type RcMut<T> = Rc<Mut<T>>?

[sfackler]

@alexcrichton I'm hesitant to totally replace Cell<T> with Mut<Option<T>> since Cell is used to emulate move semantics at runtime and Mut is used to emulate mutability at runtime, which I see as being significantly different. Plus leaving Cell around for now will allow for easier cleanup once closure reform goes through.

[alexcrichton]

Sounds reasonable to me, how do you feel about reducing Cell's api as part of this pull request?

[sfackler]

Will do

[emberian]

You can't call associated functions on typedefs, so it'd be weirdly
asymetric (let x: RcMut<T>= Rc::new(Mut::new(42)))

On Sat, Nov 16, 2013 at 6:47 AM, Gábor Lehel [email protected]:

Is there any reason not to add type RcMut = Rc<Mut>?

—
Reply to this email directly or view it on GitHubhttps://github.com//pull/10514#issuecomment-28625010
.

[nikomatsakis]

I am in favor of this PR, but I'd like to do a thorough review. I think we'll need a few more compile-fail tests, if nothing else.

[sfackler]

@alexcrichton I've stripped Cell's API down to new, take, take_opt and is_empty. It's a surprisingly small change. It's still called Cell for now, though I've updated the module documentation.

@nikomatsakis I've added a couple more compile-fail soundness tests.

[thestinger]

RcMut currently requires Send or Freeze. If it's replaced with Rc<Mut<T>>, it will always require Send because the contained value will always be non-Freeze.

[sfackler]

That is a problem. We could do something like

impl<T: Freeze> Rc<Mut<T>> {
    fn from_mut(val: Mut<T>) -> Rc<Mut<T>> { ... }
}

[thestinger]

@sfackler: I don't think we need a from_send one since Rc has it, but that new function is going to conflict with the one on Rc<T> (the compiler should throw an error, not sure if it does).

[sfackler]

@thestinger yeah, I just realized that and edited the comment.

[thestinger]

@sfackler: Is that usable as Rc::from_mut? It seems like it would be, but I could be wrong!

[sfackler]

@thestinger yep, it is. I've updated the PR.

[pcwalton]

My current thinking is that:

• Cell should go away;
• This API should be renamed to BorrowableCell;
• There should be a new API Cell which is like this API but (a) doesn't have the borrow flags and (b) doesn't allow borrowing (only get which copies out and set which sets the value). The reasoning here is that if you just have a scalar field like int, or even a small-ish field like Rect<int>, there's no need to support borrowing; you might as well just avoid wasting space on borrow flags and copy out the values every time. Furthermore, copying out values and setting a new values is an infallible operation that will never fail unless borrowing is allowed, so using this hypothetical future Cell instead of BorrowableCell when possible will lead to fewer dynamic borrow check failures. Finally, this Cell would be simpler for beginners to use.

[nikomatsakis]

After some discussion on IRC, we decided that while @pcwalton's scheme of using a "tag-less" Cell is appealing, it doesn't quite work as specified, since there is the possibility that when you call get(), which in turn invokes clone(). The call to clone() invokes user-supplied code which could then call set(), overwriting the value being cloned.

There are some ways to overcome this: one option that appeals to me is to define a "POD" builtin bound, basically meaning any type that can be safely memcopied, and then say that Cell does not invoke clone but rather just memcopies. Of course this is essentially just reintroducing implicitly copyable as a thing.

Presuming we do wind up with two types, then RefCell is a better name than BorrowableCell.

[glaebhoerl]

I think "Mut" is a much more helpful name than "Cell". You use it to introduce the ability to mutate. What association is "Cell" supposed to evoke?

[thestinger]

The prison cell you're going to be sent to for bending the mutability rules :).

[bluss]

You have my blessings. Not that it's needed, but still.

[pcwalton]

The consensus we came to is that this should be named RefCell. Once that's done, I'm happy to merge. Thanks a lot for the work on this!

@glehel The problem here is that there are multiple things called Mut (this, and the qualifier on locals) and it'll be hard to talk about the different kinds. I found myself having to say "capital-M Mut" and "lowercase-M mut" in person and that was pretty awkward. I took the name "cell" from ML.

[sfackler]

Rc<RefCell<T>> seems like an exceptionally confusing type name, but I'll rename it and move it to std::cell.

[sfackler]

@pcwalton updated.

[glaebhoerl]

(I think reading or writing the name is a much more common use case than saying or hearing it, but w/e.)