Initialisation failure in Once::try_call_once can lead to undefined behaviour for other initialisers

Wrong memory orderings in RwLock potentially violates mutual exclusion