Struct qcell::QCellOwner [−][src]
pub struct QCellOwner { /* fields omitted */ }
Expand description
Borrowing-owner of zero or more QCell
instances.
See crate documentation.
Implementations
Create an owner that can be used for creating many QCell
instances. It will have a temporally unique ID associated
with it to detect using the wrong owner to access a cell at
runtime, which is a programming error. This call will panic
if the limit of 2^31 owners active at the same time is
reached. This is the slow and safe version that uses a mutex
and a free list to allocate IDs. If speed of this call
matters, then consider using fast_new()
instead.
This safe version does successfully defend against all malicious and unsafe use, as far as I am aware. If not, please raise an issue. The same unique ID will later be allocated to someone else once you drop the returned owner, but this cannot be abused to cause unsafe access to cells because there will still be only one owner active at any one time with that ID. Also it cannot be used maliciously to access cells which don’t belong to the new caller, because you also need a reference to the cells. So for example if you have a graph of cells that is only accessible through a private structure, then someone else getting the same owner ID makes no difference, because they have no way to get a reference to those cells. In any case, you are probably going to drop all those cells at the same time as dropping the owner, because they are no longer of any use without the owner ID.
Create an owner that can be used for creating many QCell
instances. It will have a unique(-ish) ID associated with it
to detect using the wrong owner to access a cell at runtime,
which is a programming error.
Safety
This call is much faster than new()
because
it uses a simple atomic increment to get a new ID, but it
could be used maliciously to obtain unsafe behaviour, so the
call is marked as unsafe
.
If used non-maliciously the chance of getting unsafe behaviour in practice is zero – not just close to zero but actually zero. To get unsafe behaviour, you’d have to accidentally create exactly 2^31 more owners to get a duplicate ID and you’d also have to have a bug in your code where you try to use the wrong owner to access a cell (which should normally be rejected with a panic). Already this is vanishingly improbable, but then if that happened by accident on one run but not on another, your code would still panic and you would fix your bug. So once that bug in your code is fixed, the risk is zero. No amount of fuzz-testing could ever cause unsafe behaviour once that bug is fixed. So whilst strictly-speaking this call is unsafe, in practice there is no risk unless you really try hard to exploit it.
Create a new cell owned by this owner instance. See also
QCell::new
.
Get the internal owner ID. This may be used to create QCell
instances without needing a borrow on this structure, which is
useful if this structure is already borrowed.
Borrow contents of a QCell
immutably (read-only). Many
QCell
instances can be borrowed immutably at the same time
from the same owner. Panics if the QCell
is not owned by
this QCellOwner
.
Borrow contents of a QCell
mutably (read-write). Only one
QCell
at a time can be borrowed from the owner using this
call. The returned reference must go out of scope before
another can be borrowed. Panics if the QCell
is not owned
by this QCellOwner
.
Borrow contents of two QCell
instances mutably. Panics if
the two QCell
instances point to the same memory. Panics if
either QCell
is not owned by this QCellOwner
.
Borrow contents of three QCell
instances mutably. Panics if
any pair of QCell
instances point to the same memory.
Panics if any QCell
is not owned by this QCellOwner
.