rust-lang
diff --git a/‎src/liballoc/arc.rs
Lines changed: 4 additions & 0 deletions b/‎src/liballoc/arc.rs
Lines changed: 4 additions & 0 deletions
diff --git a/‎src/liballoc/boxed.rs
Lines changed: 2 additions & 1 deletion b/‎src/liballoc/boxed.rs
Lines changed: 2 additions & 1 deletion
diff --git a/‎src/libcollections/vec.rs
Lines changed: 28 additions & 26 deletions b/‎src/libcollections/vec.rs
Lines changed: 28 additions & 26 deletions
diff --git a/‎src/libcore/atomic.rs
Lines changed: 12 additions & 12 deletions b/‎src/libcore/atomic.rs
Lines changed: 12 additions & 12 deletions
diff --git a/‎src/libcore/cell.rs
Lines changed: 26 additions & 1 deletion b/‎src/libcore/cell.rs
Lines changed: 26 additions & 1 deletion
diff --git a/‎src/libcore/ptr.rs
Lines changed: 33 additions & 0 deletions b/‎src/libcore/ptr.rs
Lines changed: 33 additions & 0 deletions
@@ -129,6 +129,10 @@ pub struct Weak<T> {
     _ptr: *mut ArcInner<T>,
 }
 
+impl<T: Sync + Send> Send for Arc<T> { }
+
+impl<T: Sync + Send> Sync for Arc<T> { }
+
 struct ArcInner<T> {
     strong: atomic::AtomicUint,
     weak: atomic::AtomicUint,
 
@@ -19,6 +19,7 @@ use core::hash::{mod, Hash};
 use core::kinds::Sized;
 use core::mem;
 use core::option::Option;
+use core::ptr::OwnedPtr;
 use core::raw::TraitObject;
 use core::result::Result;
 use core::result::Result::{Ok, Err};
@@ -44,7 +45,7 @@ pub static HEAP: () = ();
 /// A type that represents a uniquely-owned value.
 #[lang = "owned_box"]
 #[unstable = "custom allocators will add an additional type parameter (with default)"]
-pub struct Box<T>(*mut T);
+pub struct Box<T>(OwnedPtr<T>);
 
 #[stable]
 impl<T: Default> Default for Box<T> {
 
@@ -58,7 +58,7 @@ use core::kinds::marker::{ContravariantLifetime, InvariantType};
 use core::mem;
 use core::num::{Int, UnsignedInt};
 use core::ops;
-use core::ptr;
+use core::ptr::{mod, OwnedPtr};
 use core::raw::Slice as RawSlice;
 use core::uint;
 
@@ -133,7 +133,7 @@ use slice::CloneSliceExt;
 #[unsafe_no_drop_flag]
 #[stable]
 pub struct Vec<T> {
-    ptr: *mut T,
+    ptr: OwnedPtr<T>,
     len: uint,
     cap: uint,
 }
@@ -176,7 +176,7 @@ impl<T> Vec<T> {
         // non-null value which is fine since we never call deallocate on the ptr
         // if cap is 0. The reason for this is because the pointer of a slice
         // being NULL would break the null pointer optimization for enums.
-        Vec { ptr: EMPTY as *mut T, len: 0, cap: 0 }
+        Vec { ptr: OwnedPtr(EMPTY as *mut T), len: 0, cap: 0 }
     }
 
     /// Constructs a new, empty `Vec<T>` with the specified capacity.
@@ -209,15 +209,15 @@ impl<T> Vec<T> {
     #[stable]
     pub fn with_capacity(capacity: uint) -> Vec<T> {
         if mem::size_of::<T>() == 0 {
-            Vec { ptr: EMPTY as *mut T, len: 0, cap: uint::MAX }
+            Vec { ptr: OwnedPtr(EMPTY as *mut T), len: 0, cap: uint::MAX }
         } else if capacity == 0 {
             Vec::new()
         } else {
             let size = capacity.checked_mul(mem::size_of::<T>())
                                .expect("capacity overflow");
             let ptr = unsafe { allocate(size, mem::min_align_of::<T>()) };
             if ptr.is_null() { ::alloc::oom() }
-            Vec { ptr: ptr as *mut T, len: 0, cap: capacity }
+            Vec { ptr: OwnedPtr(ptr as *mut T), len: 0, cap: capacity }
         }
     }
 
@@ -284,7 +284,7 @@ impl<T> Vec<T> {
     #[unstable = "needs finalization"]
     pub unsafe fn from_raw_parts(ptr: *mut T, length: uint,
                                  capacity: uint) -> Vec<T> {
-        Vec { ptr: ptr, len: length, cap: capacity }
+        Vec { ptr: OwnedPtr(ptr), len: length, cap: capacity }
     }
 
     /// Creates a vector by copying the elements from a raw pointer.
@@ -795,19 +795,19 @@ impl<T> Vec<T> {
         if self.len == 0 {
             if self.cap != 0 {
                 unsafe {
-                    dealloc(self.ptr, self.cap)
+                    dealloc(self.ptr.0, self.cap)
                 }
                 self.cap = 0;
             }
         } else {
             unsafe {
                 // Overflow check is unnecessary as the vector is already at
                 // least this large.
-                self.ptr = reallocate(self.ptr as *mut u8,
-                                      self.cap * mem::size_of::<T>(),
-                                      self.len * mem::size_of::<T>(),
-                                      mem::min_align_of::<T>()) as *mut T;
-                if self.ptr.is_null() { ::alloc::oom() }
+                self.ptr = OwnedPtr(reallocate(self.ptr.0 as *mut u8,
+                                               self.cap * mem::size_of::<T>(),
+                                               self.len * mem::size_of::<T>(),
+                                               mem::min_align_of::<T>()) as *mut T);
+                if self.ptr.0.is_null() { ::alloc::oom() }
             }
             self.cap = self.len;
         }
@@ -867,7 +867,7 @@ impl<T> Vec<T> {
     pub fn as_mut_slice<'a>(&'a mut self) -> &'a mut [T] {
         unsafe {
             mem::transmute(RawSlice {
-                data: self.ptr as *const T,
+                data: self.ptr.0 as *const T,
                 len: self.len,
             })
         }
@@ -890,9 +890,9 @@ impl<T> Vec<T> {
     #[unstable = "matches collection reform specification, waiting for dust to settle"]
     pub fn into_iter(self) -> IntoIter<T> {
         unsafe {
-            let ptr = self.ptr;
+            let ptr = self.ptr.0;
             let cap = self.cap;
-            let begin = self.ptr as *const T;
+            let begin = self.ptr.0 as *const T;
             let end = if mem::size_of::<T>() == 0 {
                 (ptr as uint + self.len()) as *const T
             } else {
@@ -1110,14 +1110,14 @@ impl<T> Vec<T> {
             let size = max(old_size, 2 * mem::size_of::<T>()) * 2;
             if old_size > size { panic!("capacity overflow") }
             unsafe {
-                self.ptr = alloc_or_realloc(self.ptr, old_size, size);
-                if self.ptr.is_null() { ::alloc::oom() }
+                self.ptr = OwnedPtr(alloc_or_realloc(self.ptr.0, old_size, size));
+                if self.ptr.0.is_null() { ::alloc::oom() }
             }
             self.cap = max(self.cap, 2) * 2;
         }
 
         unsafe {
-            let end = (self.ptr as *const T).offset(self.len as int) as *mut T;
+            let end = self.ptr.0.offset(self.len as int);
             ptr::write(&mut *end, value);
             self.len += 1;
         }
@@ -1162,11 +1162,11 @@ impl<T> Vec<T> {
     #[unstable = "matches collection reform specification, waiting for dust to settle"]
     pub fn drain<'a>(&'a mut self) -> Drain<'a, T> {
         unsafe {
-            let begin = self.ptr as *const T;
+            let begin = self.ptr.0 as *const T;
             let end = if mem::size_of::<T>() == 0 {
-                (self.ptr as uint + self.len()) as *const T
+                (self.ptr.0 as uint + self.len()) as *const T
             } else {
-                self.ptr.offset(self.len() as int) as *const T
+                self.ptr.0.offset(self.len() as int) as *const T
             };
             self.set_len(0);
             Drain {
@@ -1231,8 +1231,10 @@ impl<T> Vec<T> {
             let size = capacity.checked_mul(mem::size_of::<T>())
                                .expect("capacity overflow");
             unsafe {
-                self.ptr = alloc_or_realloc(self.ptr, self.cap * mem::size_of::<T>(), size);
-                if self.ptr.is_null() { ::alloc::oom() }
+                self.ptr = OwnedPtr(alloc_or_realloc(self.ptr.0,
+                                                     self.cap * mem::size_of::<T>(),
+                                                     size));
+                if self.ptr.0.is_null() { ::alloc::oom() }
             }
             self.cap = capacity;
         }
@@ -1355,7 +1357,7 @@ impl<T> AsSlice<T> for Vec<T> {
     fn as_slice<'a>(&'a self) -> &'a [T] {
         unsafe {
             mem::transmute(RawSlice {
-                data: self.ptr as *const T,
+                data: self.ptr.0 as *const T,
                 len: self.len
             })
         }
@@ -1380,7 +1382,7 @@ impl<T> Drop for Vec<T> {
                 for x in self.iter() {
                     ptr::read(x);
                 }
-                dealloc(self.ptr, self.cap)
+                dealloc(self.ptr.0, self.cap)
             }
         }
     }
@@ -1418,7 +1420,7 @@ impl<T> IntoIter<T> {
             for _x in self { }
             let IntoIter { allocation, cap, ptr: _ptr, end: _end } = self;
             mem::forget(self);
-            Vec { ptr: allocation, cap: cap, len: 0 }
+            Vec { ptr: OwnedPtr(allocation), cap: cap, len: 0 }
         }
     }
 
 
@@ -15,30 +15,30 @@
 pub use self::Ordering::*;
 
 use intrinsics;
-use cell::UnsafeCell;
+use cell::{UnsafeCell, RacyCell};
 
 /// A boolean type which can be safely shared between threads.
 #[stable]
 pub struct AtomicBool {
-    v: UnsafeCell<uint>,
+    v: RacyCell<uint>,
 }
 
 /// A signed integer type which can be safely shared between threads.
 #[stable]
 pub struct AtomicInt {
-    v: UnsafeCell<int>,
+    v: RacyCell<int>,
 }
 
 /// An unsigned integer type which can be safely shared between threads.
 #[stable]
 pub struct AtomicUint {
-    v: UnsafeCell<uint>,
+    v: RacyCell<uint>,
 }
 
 /// A raw pointer type which can be safely shared between threads.
 #[stable]
 pub struct AtomicPtr<T> {
-    p: UnsafeCell<uint>,
+    p: RacyCell<uint>,
 }
 
 /// Atomic memory orderings
@@ -80,15 +80,15 @@ pub enum Ordering {
 /// An `AtomicBool` initialized to `false`.
 #[unstable = "may be renamed, pending conventions for static initalizers"]
 pub const INIT_ATOMIC_BOOL: AtomicBool =
-        AtomicBool { v: UnsafeCell { value: 0 } };
+        AtomicBool { v: RacyCell(UnsafeCell { value: 0 }) };
 /// An `AtomicInt` initialized to `0`.
 #[unstable = "may be renamed, pending conventions for static initalizers"]
 pub const INIT_ATOMIC_INT: AtomicInt =
-        AtomicInt { v: UnsafeCell { value: 0 } };
+        AtomicInt { v: RacyCell(UnsafeCell { value: 0 }) };
 /// An `AtomicUint` initialized to `0`.
 #[unstable = "may be renamed, pending conventions for static initalizers"]
 pub const INIT_ATOMIC_UINT: AtomicUint =
-        AtomicUint { v: UnsafeCell { value: 0, } };
+        AtomicUint { v: RacyCell(UnsafeCell { value: 0 }) };
 
 // NB: Needs to be -1 (0b11111111...) to make fetch_nand work correctly
 const UINT_TRUE: uint = -1;
@@ -108,7 +108,7 @@ impl AtomicBool {
     #[stable]
     pub fn new(v: bool) -> AtomicBool {
         let val = if v { UINT_TRUE } else { 0 };
-        AtomicBool { v: UnsafeCell::new(val) }
+        AtomicBool { v: RacyCell::new(val) }
     }
 
     /// Loads a value from the bool.
@@ -348,7 +348,7 @@ impl AtomicInt {
     #[inline]
     #[stable]
     pub fn new(v: int) -> AtomicInt {
-        AtomicInt {v: UnsafeCell::new(v)}
+        AtomicInt {v: RacyCell::new(v)}
     }
 
     /// Loads a value from the int.
@@ -534,7 +534,7 @@ impl AtomicUint {
     #[inline]
     #[stable]
     pub fn new(v: uint) -> AtomicUint {
-        AtomicUint { v: UnsafeCell::new(v) }
+        AtomicUint { v: RacyCell::new(v) }
     }
 
     /// Loads a value from the uint.
@@ -721,7 +721,7 @@ impl<T> AtomicPtr<T> {
     #[inline]
     #[stable]
     pub fn new(p: *mut T) -> AtomicPtr<T> {
-        AtomicPtr { p: UnsafeCell::new(p as uint) }
+        AtomicPtr { p: RacyCell::new(p as uint) }
     }
 
     /// Loads a value from the pointer.
 
@@ -158,7 +158,7 @@
 use clone::Clone;
 use cmp::PartialEq;
 use default::Default;
-use kinds::{marker, Copy};
+use kinds::{marker, Copy, Send, Sync};
 use ops::{Deref, DerefMut, Drop};
 use option::Option;
 use option::Option::{None, Some};
@@ -555,3 +555,28 @@ impl<T> UnsafeCell<T> {
     #[deprecated = "renamed to into_inner()"]
     pub unsafe fn unwrap(self) -> T { self.into_inner() }
 }
+
+/// A version of `UnsafeCell` intended for use in concurrent data
+/// structures (for example, you might put it in an `Arc`).
+pub struct RacyCell<T>(pub UnsafeCell<T>);
+
+impl<T> RacyCell<T> {
+    /// DOX
+    pub fn new(value: T) -> RacyCell<T> {
+        RacyCell(UnsafeCell { value: value })
+    }
+
+    /// DOX
+    pub unsafe fn get(&self) -> *mut T {
+        self.0.get()
+    }
+
+    /// DOX
+    pub unsafe fn into_inner(self) -> T {
+        self.0.into_inner()
+    }
+}
+
+impl<T:Send> Send for RacyCell<T> { }
+
+impl<T> Sync for RacyCell<T> { } // Oh dear
@@ -92,6 +92,7 @@ use clone::Clone;
 use intrinsics;
 use option::Option;
 use option::Option::{Some, None};
+use kinds::{Send, Sync};
 
 use cmp::{PartialEq, Eq, Ord, PartialOrd, Equiv};
 use cmp::Ordering;
@@ -501,3 +502,35 @@ impl<T> PartialOrd for *mut T {
     #[inline]
     fn ge(&self, other: &*mut T) -> bool { *self >= *other }
 }
+
+/// A wrapper around a raw `*mut T` that indicates that the possessor
+/// of this wrapper owns the referent. This in turn implies that the
+/// `OwnedPtr<T>` is `Send`/`Sync` if `T` is `Send`/`Sync`, unlike a
+/// raw `*mut T` (which conveys no particular ownership semantics).
+/// Useful for building abstractions like `Vec<T>` or `Box<T>`, which
+/// internally use raw pointers to manage the memory that they own.
+pub struct OwnedPtr<T>(pub *mut T);
+
+/// `OwnedPtr` pointers are `Send` if `T` is `Send` because the data they
+/// reference is unaliased. Note that this aliasing invariant is
+/// unenforced by the type system; the abstraction using the
+/// `OwnedPtr` must enforce it.
+impl<T:Send> Send for OwnedPtr<T> { }
+
+/// `OwnedPtr` pointers are `Sync` if `T` is `Sync` because the data they
+/// reference is unaliased. Note that this aliasing invariant is
+/// unenforced by the type system; the abstraction using the
+/// `OwnedPtr` must enforce it.
+impl<T:Sync> Sync for OwnedPtr<T> { }
+
+impl<T> OwnedPtr<T> {
+    /// Returns a null OwnedPtr.
+    pub fn null() -> OwnedPtr<T> {
+        OwnedPtr(RawPtr::null())
+    }
+
+    /// Return an (unsafe) pointer into the memory owned by `self`.
+    pub unsafe fn offset(self, offset: int) -> *mut T {
+        (self.0 as *const T).offset(offset) as *mut T
+    }
+}