zephyr-core: mutex: own the data rather than forcing a reference

tylerwhall · tylerwhall · commit a4f23376437a · 2019-07-08T17:32:50.000-04:00
The original design worked when both the mutex were static or the
lifetime was known (which doesn't really work if you're sharing across
threads). To share dynamically-allocated data, we need an Arc. So the
mutex needs to either own an Arc, or own the data directly and be
wrapped in an Arc. Forcing data to be a reference is incompatible with
both.

Retain the ability to clone the mutex directly if data is a reference
(most likely static), so we don't have to put two static references in
an Arc on the heap just to be able to share them. The new mutex struct
will keep the lifetime constaints of the original.
diff --git a/rust/zephyr-core/src/mutex.rs b/rust/zephyr-core/src/mutex.rs
@@ -70,57 +70,67 @@ impl<'a> RawMutex for &'a KMutex {
 /// Using this is safe, but creating it is not. Creator must ensure it is not
 /// possible to get a reference to the data elsewhere. Lifetime bounds ensure the
 /// mutex kobject lives at least as long as the data it protects.
-#[derive(Copy)]
-pub struct Mutex<'m: 'd, 'd, T> {
+pub struct Mutex<'m, T> {
     mutex: &'m KMutex,
-    data: &'d MutexData<T>,
+    data: MutexData<T>,
 }
 
-impl<'m: 'd, 'd, T> Mutex<'m, 'd, T> {
-    pub unsafe fn new(mutex: &'m KMutex, data: &'d MutexData<T>) -> Self {
-        Mutex { mutex, data }
+impl<'m, T> Mutex<'m, T> {
+    pub unsafe fn new(mutex: &'m KMutex, data: T) -> Self {
+        Mutex {
+            mutex,
+            data: MutexData::new(data),
+        }
     }
 
     pub unsafe fn kobj(&self) -> *mut libc::c_void {
         self.mutex as *const _ as *mut _
     }
 
-    pub fn lock<C: MutexSyscalls>(&self) -> MutexGuard<'d, T, C> {
+    pub fn lock<'a, C: MutexSyscalls>(&'a self) -> MutexGuard<'a, T, C> {
         unsafe {
             self.mutex.lock::<C>();
         }
-        MutexGuard(self.clone(), PhantomData)
+        MutexGuard {
+            mutex: self,
+            _syscalls: PhantomData,
+        }
     }
 }
 
-impl<'m: 'd, 'd, T> Clone for Mutex<'m, 'd, T> {
+/// Allow cloning a mutex where the data is a reference. This allows multiple references to static
+/// data with a static lock without wrapping those references in another Arc layer.
+impl<'m, 'd, T> Clone for Mutex<'m, &'d T> {
     fn clone(&self) -> Self {
         Mutex {
             mutex: self.mutex,
-            data: self.data,
+            data: unsafe { MutexData::new(&*self.data.0.get()) },
         }
     }
 }
 
-pub struct MutexGuard<'a, T, C: MutexSyscalls>(Mutex<'a, 'a, T>, PhantomData<C>);
+pub struct MutexGuard<'a, T: 'a, C: MutexSyscalls> {
+    mutex: &'a Mutex<'a, T>,
+    _syscalls: PhantomData<C>,
+}
 
-impl<'a, T, C: MutexSyscalls> Drop for MutexGuard<'a, T, C> {
+impl<'a, T: 'a, C: MutexSyscalls> Drop for MutexGuard<'a, T, C> {
     fn drop(&mut self) {
-        unsafe { self.0.mutex.unlock::<C>() }
+        unsafe { self.mutex.mutex.unlock::<C>() }
     }
 }
 
-impl<'a, T, C: MutexSyscalls> Deref for MutexGuard<'a, T, C> {
+impl<'a, T: 'a, C: MutexSyscalls> Deref for MutexGuard<'a, T, C> {
     type Target = T;
 
     fn deref(&self) -> &T {
-        unsafe { &*self.0.data.0.get() }
+        unsafe { &*self.mutex.data.0.get() }
     }
 }
 
-impl<'a, T, C: MutexSyscalls> DerefMut for MutexGuard<'a, T, C> {
+impl<'a, T: 'a, C: MutexSyscalls> DerefMut for MutexGuard<'a, T, C> {
     fn deref_mut(&mut self) -> &mut T {
-        unsafe { &mut *self.0.data.0.get() }
+        unsafe { &mut *self.mutex.data.0.get() }
     }
 }
 
diff --git a/samples/rust-app/src/lib.rs b/samples/rust-app/src/lib.rs
@@ -24,12 +24,14 @@ zephyr_macros::k_mutex_define!(MUTEX);
 zephyr_macros::k_sem_define!(TLS_SEM, 0, 1);
 
 fn mutex_test() {
-    let data = MutexData::new(1u32);
+    let data = 1u32;
 
     // Bind the static mutex to our local data. This would make more sense if
     // the data were static, but that requires app mem regions for user mode.
     let mutex = unsafe { Mutex::new(&MUTEX, &data) };
 
+    // Should allow cloning directly if the data is a reference.
+    let _other_mutex = mutex.clone();
     zephyr::any::k_str_out("Locking\n");
     let _val = mutex.lock::<zephyr::context::Any>();
     zephyr::any::k_str_out("Unlocking\n");

Original file line number	Diff line number	Diff line change
`@@ -70,57 +70,67 @@ impl<'a> RawMutex for &'a KMutex {`
`70`	`70`	`/// Using this is safe, but creating it is not. Creator must ensure it is not`
`71`	`71`	`/// possible to get a reference to the data elsewhere. Lifetime bounds ensure the`
`72`	`72`	`/// mutex kobject lives at least as long as the data it protects.`
`73`		`-#[derive(Copy)]`
`74`		`-pub struct Mutex<'m: 'd, 'd, T> {`
	`73`	`+pub struct Mutex<'m, T> {`
`75`	`74`	`mutex: &'m KMutex,`
`76`		`- data: &'d MutexData<T>,`
	`75`	`+ data: MutexData<T>,`
`77`	`76`	`}`
`78`	`77`
`79`		`-impl<'m: 'd, 'd, T> Mutex<'m, 'd, T> {`
`80`		`- pub unsafe fn new(mutex: &'m KMutex, data: &'d MutexData<T>) -> Self {`
`81`		`- Mutex { mutex, data }`
	`78`	`+impl<'m, T> Mutex<'m, T> {`
	`79`	`+ pub unsafe fn new(mutex: &'m KMutex, data: T) -> Self {`
	`80`	`+ Mutex {`
	`81`	`+ mutex,`
	`82`	`+ data: MutexData::new(data),`
	`83`	`+ }`
`82`	`84`	`}`
`83`	`85`
`84`	`86`	`pub unsafe fn kobj(&self) -> *mut libc::c_void {`
`85`	`87`	`self.mutex as const _ as mut _`
`86`	`88`	`}`
`87`	`89`
`88`		`- pub fn lock<C: MutexSyscalls>(&self) -> MutexGuard<'d, T, C> {`
	`90`	`+ pub fn lock<'a, C: MutexSyscalls>(&'a self) -> MutexGuard<'a, T, C> {`
`89`	`91`	`unsafe {`
`90`	`92`	`self.mutex.lock::<C>();`
`91`	`93`	`}`
`92`		`- MutexGuard(self.clone(), PhantomData)`
	`94`	`+ MutexGuard {`
	`95`	`+ mutex: self,`
	`96`	`+ _syscalls: PhantomData,`
	`97`	`+ }`
`93`	`98`	`}`
`94`	`99`	`}`
`95`	`100`
`96`		`-impl<'m: 'd, 'd, T> Clone for Mutex<'m, 'd, T> {`
	`101`	`+/// Allow cloning a mutex where the data is a reference. This allows multiple references to static`
	`102`	`+/// data with a static lock without wrapping those references in another Arc layer.`
	`103`	`+impl<'m, 'd, T> Clone for Mutex<'m, &'d T> {`
`97`	`104`	`fn clone(&self) -> Self {`
`98`	`105`	`Mutex {`
`99`	`106`	`mutex: self.mutex,`
`100`		`- data: self.data,`
	`107`	`+ data: unsafe { MutexData::new(&*self.data.0.get()) },`
`101`	`108`	`}`
`102`	`109`	`}`
`103`	`110`	`}`
`104`	`111`
`105`		`-pub struct MutexGuard<'a, T, C: MutexSyscalls>(Mutex<'a, 'a, T>, PhantomData<C>);`
	`112`	`+pub struct MutexGuard<'a, T: 'a, C: MutexSyscalls> {`
	`113`	`+ mutex: &'a Mutex<'a, T>,`
	`114`	`+ _syscalls: PhantomData<C>,`
	`115`	`+}`
`106`	`116`
`107`		`-impl<'a, T, C: MutexSyscalls> Drop for MutexGuard<'a, T, C> {`
	`117`	`+impl<'a, T: 'a, C: MutexSyscalls> Drop for MutexGuard<'a, T, C> {`
`108`	`118`	`fn drop(&mut self) {`
`109`		`- unsafe { self.0.mutex.unlock::<C>() }`
	`119`	`+ unsafe { self.mutex.mutex.unlock::<C>() }`
`110`	`120`	`}`
`111`	`121`	`}`
`112`	`122`
`113`		`-impl<'a, T, C: MutexSyscalls> Deref for MutexGuard<'a, T, C> {`
	`123`	`+impl<'a, T: 'a, C: MutexSyscalls> Deref for MutexGuard<'a, T, C> {`
`114`	`124`	`type Target = T;`
`115`	`125`
`116`	`126`	`fn deref(&self) -> &T {`
`117`		`- unsafe { &*self.0.data.0.get() }`
	`127`	`+ unsafe { &*self.mutex.data.0.get() }`
`118`	`128`	`}`
`119`	`129`	`}`
`120`	`130`
`121`		`-impl<'a, T, C: MutexSyscalls> DerefMut for MutexGuard<'a, T, C> {`
	`131`	`+impl<'a, T: 'a, C: MutexSyscalls> DerefMut for MutexGuard<'a, T, C> {`
`122`	`132`	`fn deref_mut(&mut self) -> &mut T {`
`123`		`- unsafe { &mut *self.0.data.0.get() }`
	`133`	`+ unsafe { &mut *self.mutex.data.0.get() }`
`124`	`134`	`}`
`125`	`135`	`}`
`126`	`136`