From 893f95f1f7c663c67c884120003b3bf21b0af61a Mon Sep 17 00:00:00 2001 From: lukaslueg Date: Sun, 16 Jun 2024 09:07:08 +0200 Subject: [PATCH] Update `Arc::try_unwrap()` docs Clarify the language wrt `race condition` not meaning `memory unsafety`. --- library/alloc/src/sync.rs | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/library/alloc/src/sync.rs b/library/alloc/src/sync.rs index 60e3918157e..f9d884e0ea5 100644 --- a/library/alloc/src/sync.rs +++ b/library/alloc/src/sync.rs @@ -940,15 +940,18 @@ pub fn try_new_zeroed_in(alloc: A) -> Result, A>, AllocE /// This will succeed even if there are outstanding weak references. /// /// It is strongly recommended to use [`Arc::into_inner`] instead if you don't - /// want to keep the `Arc` in the [`Err`] case. - /// Immediately dropping the [`Err`] payload, like in the expression - /// `Arc::try_unwrap(this).ok()`, can still cause the strong count to - /// drop to zero and the inner value of the `Arc` to be dropped: - /// For instance if two threads each execute this expression in parallel, then - /// there is a race condition. The threads could first both check whether they - /// have the last clone of their `Arc` via `Arc::try_unwrap`, and then - /// both drop their `Arc` in the call to [`ok`][`Result::ok`], - /// taking the strong count from two down to zero. + /// keep the `Arc` in the [`Err`] case. + /// Immediately dropping the [`Err`]-value, as the expression + /// `Arc::try_unwrap(this).ok()` does, can cause the strong count to + /// drop to zero and the inner value of the `Arc` to be dropped. + /// For instance, if two threads execute such an expression in parallel, + /// there is a race condition without the possibility of unsafety: + /// The threads could first both check whether they own the last instance + /// in `Arc::try_unwrap`, determine that they both do not, and then both + /// discard and drop their instance in the call to [`ok`][`Result::ok`]. + /// In this scenario, the value inside the `Arc` is safely destroyed + /// by exactly one of the threads, but neither thread will ever be able + /// to use the value. /// /// # Examples ///