1 use std::{
2     cell::UnsafeCell,
3     hint,
4     panic::{RefUnwindSafe, UnwindSafe},
5     sync::atomic::{AtomicBool, Ordering},
6 };
7 
8 use parking_lot::Mutex;
9 
10 use crate::take_unchecked;
11 
12 pub(crate) struct OnceCell<T> {
13     mutex: Mutex<()>,
14     is_initialized: AtomicBool,
15     value: UnsafeCell<Option<T>>,
16 }
17 
18 // Why do we need `T: Send`?
19 // Thread A creates a `OnceCell` and shares it with
20 // scoped thread B, which fills the cell, which is
21 // then destroyed by A. That is, destructor observes
22 // a sent value.
23 unsafe impl<T: Sync + Send> Sync for OnceCell<T> {}
24 unsafe impl<T: Send> Send for OnceCell<T> {}
25 
26 impl<T: RefUnwindSafe + UnwindSafe> RefUnwindSafe for OnceCell<T> {}
27 impl<T: UnwindSafe> UnwindSafe for OnceCell<T> {}
28 
29 impl<T> OnceCell<T> {
new() -> OnceCell<T>30     pub(crate) const fn new() -> OnceCell<T> {
31         OnceCell {
32             mutex: parking_lot::const_mutex(()),
33             is_initialized: AtomicBool::new(false),
34             value: UnsafeCell::new(None),
35         }
36     }
37 
38     /// Safety: synchronizes with store to value via Release/Acquire.
39     #[inline]
is_initialized(&self) -> bool40     pub(crate) fn is_initialized(&self) -> bool {
41         self.is_initialized.load(Ordering::Acquire)
42     }
43 
44     /// Safety: synchronizes with store to value via `is_initialized` or mutex
45     /// lock/unlock, writes value only once because of the mutex.
46     #[cold]
initialize<F, E>(&self, f: F) -> Result<(), E> where F: FnOnce() -> Result<T, E>,47     pub(crate) fn initialize<F, E>(&self, f: F) -> Result<(), E>
48     where
49         F: FnOnce() -> Result<T, E>,
50     {
51         let mut f = Some(f);
52         let mut res: Result<(), E> = Ok(());
53         let slot: *mut Option<T> = self.value.get();
54         initialize_inner(&self.mutex, &self.is_initialized, &mut || {
55             // We are calling user-supplied function and need to be careful.
56             // - if it returns Err, we unlock mutex and return without touching anything
57             // - if it panics, we unlock mutex and propagate panic without touching anything
58             // - if it calls `set` or `get_or_try_init` re-entrantly, we get a deadlock on
59             //   mutex, which is important for safety. We *could* detect this and panic,
60             //   but that is more complicated
61             // - finally, if it returns Ok, we store the value and store the flag with
62             //   `Release`, which synchronizes with `Acquire`s.
63             let f = unsafe { take_unchecked(&mut f) };
64             match f() {
65                 Ok(value) => unsafe {
66                     // Safe b/c we have a unique access and no panic may happen
67                     // until the cell is marked as initialized.
68                     debug_assert!((*slot).is_none());
69                     *slot = Some(value);
70                     true
71                 },
72                 Err(err) => {
73                     res = Err(err);
74                     false
75                 }
76             }
77         });
78         res
79     }
80 
81     /// Get the reference to the underlying value, without checking if the cell
82     /// is initialized.
83     ///
84     /// # Safety
85     ///
86     /// Caller must ensure that the cell is in initialized state, and that
87     /// the contents are acquired by (synchronized to) this thread.
get_unchecked(&self) -> &T88     pub(crate) unsafe fn get_unchecked(&self) -> &T {
89         debug_assert!(self.is_initialized());
90         let slot: &Option<T> = &*self.value.get();
91         match slot {
92             Some(value) => value,
93             // This unsafe does improve performance, see `examples/bench`.
94             None => {
95                 debug_assert!(false);
96                 hint::unreachable_unchecked()
97             }
98         }
99     }
100 
101     /// Gets the mutable reference to the underlying value.
102     /// Returns `None` if the cell is empty.
get_mut(&mut self) -> Option<&mut T>103     pub(crate) fn get_mut(&mut self) -> Option<&mut T> {
104         // Safe b/c we have an exclusive access
105         let slot: &mut Option<T> = unsafe { &mut *self.value.get() };
106         slot.as_mut()
107     }
108 
109     /// Consumes this `OnceCell`, returning the wrapped value.
110     /// Returns `None` if the cell was empty.
into_inner(self) -> Option<T>111     pub(crate) fn into_inner(self) -> Option<T> {
112         self.value.into_inner()
113     }
114 }
115 
116 // Note: this is intentionally monomorphic
117 #[inline(never)]
initialize_inner(mutex: &Mutex<()>, is_initialized: &AtomicBool, init: &mut dyn FnMut() -> bool)118 fn initialize_inner(mutex: &Mutex<()>, is_initialized: &AtomicBool, init: &mut dyn FnMut() -> bool) {
119     let _guard = mutex.lock();
120 
121     if !is_initialized.load(Ordering::Acquire) {
122         if init() {
123             is_initialized.store(true, Ordering::Release);
124         }
125     }
126 }
127 
128 #[test]
test_size()129 fn test_size() {
130     use std::mem::size_of;
131 
132     assert_eq!(size_of::<OnceCell<bool>>(), 2 * size_of::<bool>() + size_of::<u8>());
133 }
134