Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use Pin to pin RWLock. #77865

Closed
wants to merge 2 commits into from
Closed

Use Pin to pin RWLock. #77865

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
9b2112a
Use Pin to pin RwLock.
m-ou-se Oct 12, 2020
9b48a5f
Use PhantomPinned in RWLock to enforce Pin usage.
m-ou-se Oct 12, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions library/std/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -289,6 +289,7 @@
#![feature(panic_info_message)]
#![feature(panic_internals)]
#![feature(panic_unwind)]
#![feature(pin_static_ref)]
#![feature(prelude_import)]
#![feature(ptr_internals)]
#![feature(raw)]
Expand Down
13 changes: 7 additions & 6 deletions library/std/src/panicking.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ use crate::any::Any;
use crate::fmt;
use crate::intrinsics;
use crate::mem::{self, ManuallyDrop};
use crate::pin::Pin;
use crate::process;
use crate::sync::atomic::{AtomicBool, Ordering};
use crate::sys::stdio::panic_output;
Expand Down Expand Up @@ -116,11 +117,11 @@ pub fn set_hook(hook: Box<dyn Fn(&PanicInfo<'_>) + 'static + Sync + Send>) {
panic!("cannot modify the panic hook from a panicking thread");
}

Pin::static_ref(&HOOK_LOCK).write();
unsafe {
HOOK_LOCK.write();
let old_hook = HOOK;
HOOK = Hook::Custom(Box::into_raw(hook));
HOOK_LOCK.write_unlock();
Pin::static_ref(&HOOK_LOCK).write_unlock();

if let Hook::Custom(ptr) = old_hook {
#[allow(unused_must_use)]
Expand Down Expand Up @@ -164,11 +165,11 @@ pub fn take_hook() -> Box<dyn Fn(&PanicInfo<'_>) + 'static + Sync + Send> {
panic!("cannot modify the panic hook from a panicking thread");
}

Pin::static_ref(&HOOK_LOCK).write();
unsafe {
HOOK_LOCK.write();
let hook = HOOK;
HOOK = Hook::Default;
HOOK_LOCK.write_unlock();
Pin::static_ref(&HOOK_LOCK).write_unlock();

match hook {
Hook::Default => Box::new(default_hook),
Expand Down Expand Up @@ -563,7 +564,7 @@ fn rust_panic_with_hook(

unsafe {
let mut info = PanicInfo::internal_constructor(message, location);
HOOK_LOCK.read();
Pin::static_ref(&HOOK_LOCK).read();
match HOOK {
// Some platforms (like wasm) know that printing to stderr won't ever actually
// print anything, and if that's the case we can skip the default
Expand All @@ -581,7 +582,7 @@ fn rust_panic_with_hook(
(*ptr)(&info);
}
};
HOOK_LOCK.read_unlock();
Pin::static_ref(&HOOK_LOCK).read_unlock();
}

if panics > 1 {
Expand Down
58 changes: 25 additions & 33 deletions library/std/src/sync/rwlock.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ use crate::cell::UnsafeCell;
use crate::fmt;
use crate::mem;
use crate::ops::{Deref, DerefMut};
use crate::pin::Pin;
use crate::ptr;
use crate::sys_common::poison::{self, LockResult, TryLockError, TryLockResult};
use crate::sys_common::rwlock as sys;
Expand Down Expand Up @@ -64,7 +65,7 @@ use crate::sys_common::rwlock as sys;
/// [`Mutex`]: super::Mutex
#[stable(feature = "rust1", since = "1.0.0")]
pub struct RwLock<T: ?Sized> {
inner: Box<sys::RWLock>,
inner: Pin<Box<sys::RWLock>>,
poison: poison::Flag,
data: UnsafeCell<T>,
}
Expand Down Expand Up @@ -128,7 +129,7 @@ impl<T> RwLock<T> {
#[stable(feature = "rust1", since = "1.0.0")]
pub fn new(t: T) -> RwLock<T> {
RwLock {
inner: box sys::RWLock::new(),
inner: Box::pin(sys::RWLock::new()),
poison: poison::Flag::new(),
data: UnsafeCell::new(t),
}
Expand Down Expand Up @@ -178,10 +179,9 @@ impl<T: ?Sized> RwLock<T> {
#[inline]
#[stable(feature = "rust1", since = "1.0.0")]
pub fn read(&self) -> LockResult<RwLockReadGuard<'_, T>> {
unsafe {
self.inner.read();
RwLockReadGuard::new(self)
}
self.inner.as_ref().read();
// SAFETY: We've gotten a read-lock on the rwlock.
unsafe { RwLockReadGuard::new(self) }
}

/// Attempts to acquire this rwlock with shared read access.
Expand Down Expand Up @@ -217,12 +217,11 @@ impl<T: ?Sized> RwLock<T> {
#[inline]
#[stable(feature = "rust1", since = "1.0.0")]
pub fn try_read(&self) -> TryLockResult<RwLockReadGuard<'_, T>> {
unsafe {
if self.inner.try_read() {
Ok(RwLockReadGuard::new(self)?)
} else {
Err(TryLockError::WouldBlock)
}
if self.inner.as_ref().try_read() {
// SAFETY: We've gotten a read-lock on the rwlock.
unsafe { Ok(RwLockReadGuard::new(self)?) }
} else {
Err(TryLockError::WouldBlock)
}
}

Expand Down Expand Up @@ -260,10 +259,9 @@ impl<T: ?Sized> RwLock<T> {
#[inline]
#[stable(feature = "rust1", since = "1.0.0")]
pub fn write(&self) -> LockResult<RwLockWriteGuard<'_, T>> {
unsafe {
self.inner.write();
RwLockWriteGuard::new(self)
}
self.inner.as_ref().write();
// SAFETY: We've gotten a write-lock on the rwlock.
unsafe { RwLockWriteGuard::new(self) }
}

/// Attempts to lock this rwlock with exclusive write access.
Expand Down Expand Up @@ -299,12 +297,11 @@ impl<T: ?Sized> RwLock<T> {
#[inline]
#[stable(feature = "rust1", since = "1.0.0")]
pub fn try_write(&self) -> TryLockResult<RwLockWriteGuard<'_, T>> {
unsafe {
if self.inner.try_write() {
Ok(RwLockWriteGuard::new(self)?)
} else {
Err(TryLockError::WouldBlock)
}
if self.inner.as_ref().try_write() {
// SAFETY: We've gotten a write-lock on the rwlock.
unsafe { Ok(RwLockWriteGuard::new(self)?) }
} else {
Err(TryLockError::WouldBlock)
}
}

Expand Down Expand Up @@ -374,7 +371,6 @@ impl<T: ?Sized> RwLock<T> {
(ptr::read(inner), ptr::read(poison), ptr::read(data))
};
mem::forget(self);
inner.destroy(); // Keep in sync with the `Drop` impl.
drop(inner);

poison::map_result(poison.borrow(), |_| data.into_inner())
Expand Down Expand Up @@ -409,14 +405,6 @@ impl<T: ?Sized> RwLock<T> {
}
}

#[stable(feature = "rust1", since = "1.0.0")]
unsafe impl<#[may_dangle] T: ?Sized> Drop for RwLock<T> {
fn drop(&mut self) {
// IMPORTANT: This code needs to be kept in sync with `RwLock::into_inner`.
unsafe { self.inner.destroy() }
}
}

#[stable(feature = "rust1", since = "1.0.0")]
impl<T: ?Sized + fmt::Debug> fmt::Debug for RwLock<T> {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
Expand Down Expand Up @@ -524,8 +512,10 @@ impl<T: ?Sized> DerefMut for RwLockWriteGuard<'_, T> {
#[stable(feature = "rust1", since = "1.0.0")]
impl<T: ?Sized> Drop for RwLockReadGuard<'_, T> {
fn drop(&mut self) {
// SAFETY: The fact that we have a RwLockReadGuard proves this thread
// has this rwlock read-locked.
unsafe {
self.lock.inner.read_unlock();
self.lock.inner.as_ref().read_unlock();
}
}
}
Expand All @@ -534,8 +524,10 @@ impl<T: ?Sized> Drop for RwLockReadGuard<'_, T> {
impl<T: ?Sized> Drop for RwLockWriteGuard<'_, T> {
fn drop(&mut self) {
self.lock.poison.done(&self.poison);
// SAFETY: The fact that we have a RwLockWriteGuard proves this thread
// has this rwlock write-locked.
unsafe {
self.lock.inner.write_unlock();
self.lock.inner.as_ref().write_unlock();
}
}
}
57 changes: 25 additions & 32 deletions library/std/src/sys_common/rwlock.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,88 +1,81 @@
use crate::marker::PhantomPinned;
use crate::pin::Pin;
use crate::sys::rwlock as imp;

/// An OS-based reader-writer lock.
///
/// This structure is entirely unsafe and serves as the lowest layer of a
/// cross-platform binding of system rwlocks. It is recommended to use the
/// safer types at the top level of this crate instead of this type.
pub struct RWLock(imp::RWLock);
pub struct RWLock {
inner: imp::RWLock,
_pinned: PhantomPinned,
}

impl RWLock {
/// Creates a new reader-writer lock for use.
///
/// Behavior is undefined if the reader-writer lock is moved after it is
/// first used with any of the functions below.
pub const fn new() -> RWLock {
RWLock(imp::RWLock::new())
RWLock { inner: imp::RWLock::new(), _pinned: PhantomPinned }
}

/// Acquires shared access to the underlying lock, blocking the current
/// thread to do so.
///
/// Behavior is undefined if the rwlock has been moved between this and any
/// previous method call.
#[inline]
pub unsafe fn read(&self) {
self.0.read()
pub fn read(self: Pin<&Self>) {
unsafe { self.inner.read() }
}

/// Attempts to acquire shared access to this lock, returning whether it
/// succeeded or not.
///
/// This function does not block the current thread.
///
/// Behavior is undefined if the rwlock has been moved between this and any
/// previous method call.
#[inline]
pub unsafe fn try_read(&self) -> bool {
self.0.try_read()
pub fn try_read(self: Pin<&Self>) -> bool {
unsafe { self.inner.try_read() }
}

/// Acquires write access to the underlying lock, blocking the current thread
/// to do so.
///
/// Behavior is undefined if the rwlock has been moved between this and any
/// previous method call.
#[inline]
pub unsafe fn write(&self) {
self.0.write()
pub fn write(self: Pin<&Self>) {
unsafe { self.inner.write() }
}

/// Attempts to acquire exclusive access to this lock, returning whether it
/// succeeded or not.
///
/// This function does not block the current thread.
///
/// Behavior is undefined if the rwlock has been moved between this and any
/// previous method call.
#[inline]
pub unsafe fn try_write(&self) -> bool {
self.0.try_write()
pub fn try_write(self: Pin<&Self>) -> bool {
unsafe { self.inner.try_write() }
}

/// Unlocks previously acquired shared access to this lock.
///
/// Behavior is undefined if the current thread does not have shared access.
#[inline]
pub unsafe fn read_unlock(&self) {
self.0.read_unlock()
pub unsafe fn read_unlock(self: Pin<&Self>) {
self.inner.read_unlock()
}

/// Unlocks previously acquired exclusive access to this lock.
///
/// Behavior is undefined if the current thread does not currently have
/// exclusive access.
#[inline]
pub unsafe fn write_unlock(&self) {
self.0.write_unlock()
pub unsafe fn write_unlock(self: Pin<&Self>) {
self.inner.write_unlock()
}
}

/// Destroys OS-related resources with this RWLock.
///
/// Behavior is undefined if there are any currently active users of this
/// lock.
impl Drop for RWLock {
#[inline]
pub unsafe fn destroy(&self) {
self.0.destroy()
fn drop(&mut self) {
// SAFETY: The rwlock wasn't moved since using any of its
// functions, because they all require a Pin.
Comment on lines -82 to +78
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Isn't this changing the safety preconditions? Previously there was something about "active users", which is no longer mentioned.

This seems related to #85434. The "no active users" condition is not actually upheld by the users of this code. So it makes sense to remove this comment here, but IMO then there should be a comment one layer down -- because there pthread_mutex_destroy is being called and the safety precondition does not ensure all that needs to be ensured. (Basically, this moves the "active users" comment instead of removing it entirely, and acknowledges that we have a gap in our safety reasoning here.)

unsafe { self.inner.destroy() }
}
}