surelock 0.1.0

Deadlock-free locks for Rust with compile time guarantees, incremental locks, and atomic lock sets.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296

//! Internal trait for types that can be locked atomically.
//! See [`Acquirable`]. Most users do not need to interact with this
//! trait directly.

pub mod tuples;

use alloc::vec::Vec;

use crate::{
    id::LockId,
    level::IsLevel,
    mutex::{Mutex, guard::MutexGuard},
    raw_mutex::RawMutex,
};

/// Uniform access to a [`Mutex`] through any wrapper type.
///
/// Implemented for bare references, `Arc`, `Rc`, and `Box`. Used by
/// tuple [`Acquirable`] impls so that `LockSet::new((&arc, &bare))`
/// and `key.lock_with(&(&arc, &rc), ...)` work transparently.
///
/// Associated types (`Data`, `Lvl`, `RawMtx`) are determined by
/// `Self`, avoiding unconstrained type parameter issues in generic
/// tuple impls.
pub trait MutexRef<'a> {
    /// The data type guarded by the mutex.
    type Data: 'a;

    /// The level of the mutex.
    type Lvl: IsLevel;

    /// The raw mutex backend.
    type RawMtx: RawMutex + 'a;

    /// Return this mutex's [`LockId`].
    fn id(&self) -> LockId;

    /// Lock the mutex and return the guard.
    fn lock_ref(&'a self) -> MutexGuard<'a, Self::RawMtx, Self::Data>;
}

impl<'a, T: 'a, Lvl: IsLevel, R: RawMutex + 'a> MutexRef<'a> for &'a Mutex<T, Lvl, R> {
    type Data = T;
    type Lvl = Lvl;
    type RawMtx = R;

    fn id(&self) -> LockId {
        Mutex::id(self)
    }

    fn lock_ref(&'a self) -> MutexGuard<'a, R, T> {
        MutexGuard {
            data: &self.data,
            _raw_guard: self.raw.lock(),
        }
    }
}

#[cfg(target_has_atomic = "ptr")]
impl<'a, T: 'a, Lvl: IsLevel, R: RawMutex + 'a> MutexRef<'a>
    for &'a alloc::sync::Arc<Mutex<T, Lvl, R>>
{
    type Data = T;
    type Lvl = Lvl;
    type RawMtx = R;

    fn id(&self) -> LockId {
        Mutex::id(self)
    }

    fn lock_ref(&'a self) -> MutexGuard<'a, R, T> {
        MutexGuard {
            data: &self.data,
            _raw_guard: self.raw.lock(),
        }
    }
}

impl<'a, T: 'a, Lvl: IsLevel, R: RawMutex + 'a> MutexRef<'a>
    for &'a alloc::rc::Rc<Mutex<T, Lvl, R>>
{
    type Data = T;
    type Lvl = Lvl;
    type RawMtx = R;

    fn id(&self) -> LockId {
        Mutex::id(self)
    }

    fn lock_ref(&'a self) -> MutexGuard<'a, R, T> {
        MutexGuard {
            data: &self.data,
            _raw_guard: self.raw.lock(),
        }
    }
}

impl<'a, T: 'a, Lvl: IsLevel, R: RawMutex + 'a> MutexRef<'a>
    for &'a alloc::boxed::Box<Mutex<T, Lvl, R>>
{
    type Data = T;
    type Lvl = Lvl;
    type RawMtx = R;

    fn id(&self) -> LockId {
        Mutex::id(self)
    }

    fn lock_ref(&'a self) -> MutexGuard<'a, R, T> {
        MutexGuard {
            data: &self.data,
            _raw_guard: self.raw.lock(),
        }
    }
}

/// A type (or collection of types) that can be locked atomically.
///
/// This trait is primarily internal bookkeeping -- most users
/// interact with [`Mutex`], [`LockSet`](crate::set::LockSet), and
/// [`MutexKey`](crate::key::MutexKey) directly. Implementations are
/// provided for single `&Mutex` references and tuples of up to 12
/// mutex references. Users do not typically need to implement this
/// trait.
///
/// Elements can be at different levels. The `MinLvl` and `MaxLvl`
/// associated types track the range. For a single mutex or
/// same-level tuple, `MinLvl = MaxLvl`.
///
/// The lifetime `'a` is the borrow lifetime of the lock group. Guards
/// returned by [`lock_sorted`](Acquirable::lock_sorted) borrow from
/// the underlying mutexes for this lifetime.
///
/// This is a safe trait because a wrong implementation can only
/// cause deadlocks (a liveness failure), not undefined behaviour.
/// The soundness invariant is on [`RawMutex`], not on `Acquirable`.
///
/// # Invariants
///
/// Custom implementations must uphold these invariants:
///
/// 1. **`collect_ids` and `lock_sorted` must agree on indexing.**
///    `collect_ids` pushes `N` ids; `lock_sorted` receives a
///    permutation of `0..N` and must lock the element at each
///    index in the given order.
/// 2. **`lock_sorted` must respect the permutation.** Locking in
///    an order other than the one given defeats the deadlock
///    prevention guarantee.
/// 3. **`MinLvl` and `MaxLvl` must be accurate.** `MinLvl` is
///    checked against the key's current level; `MaxLvl` becomes
///    the key's new level after acquisition. Incorrect bounds
///    can break cross-level ordering.
#[diagnostic::on_unimplemented(
    message = "`{Self}` cannot be used as a lock group",
    note = "use `&Mutex<T>` or tuples of mutex references to implement `Acquirable`"
)]
pub trait Acquirable<'a> {
    /// The minimum level in this collection.
    ///
    /// Used to check that all locks are above the key's current
    /// level (`MinLvl: LockAfter<CurrentKeyLevel>`).
    type MinLvl: IsLevel;

    /// The maximum level in this collection.
    ///
    /// The key advances to this level after acquisition.
    type MaxLvl: IsLevel;

    /// The guard type(s) returned when all locks are held.
    type Guard;

    /// Collect the [`LockId`] of each lock into `out`.
    fn collect_ids(&self, out: &mut Vec<LockId>);

    /// Acquire all locks in the order given by `sorted_indices`,
    /// returning the guards.
    ///
    /// `sorted_indices` must be a valid permutation of `0..N`
    /// (as produced by [`LockSet`](crate::set::LockSet)). Invalid
    /// indices will panic, not cause undefined behavior.
    fn lock_sorted(&'a self, sorted_indices: &[usize]) -> Self::Guard;
}

// Used by key.lock_with(&mutex, |guard| ...)
impl<'a, T: 'a, Lvl: IsLevel, R: RawMutex + 'a> Acquirable<'a> for Mutex<T, Lvl, R> {
    type MinLvl = Lvl;
    type MaxLvl = Lvl;
    type Guard = MutexGuard<'a, R, T>;

    fn collect_ids(&self, out: &mut Vec<LockId>) {
        out.push(self.id());
    }

    fn lock_sorted(&'a self, _sorted_indices: &[usize]) -> Self::Guard {
        let raw_guard = self.raw.lock();
        MutexGuard {
            data: &self.data,
            _raw_guard: raw_guard,
        }
    }
}

// Used by LockSet (which stores &Mutex)
impl<'a, T: 'a, Lvl: IsLevel, R: RawMutex + 'a> Acquirable<'a> for &'a Mutex<T, Lvl, R> {
    type MinLvl = Lvl;
    type MaxLvl = Lvl;
    type Guard = MutexGuard<'a, R, T>;

    fn collect_ids(&self, out: &mut Vec<LockId>) {
        out.push(self.id());
    }

    fn lock_sorted(&'a self, _sorted_indices: &[usize]) -> Self::Guard {
        let raw_guard = self.raw.lock();
        MutexGuard {
            data: &self.data,
            _raw_guard: raw_guard,
        }
    }
}

// -- Smart pointer delegation --
//
// These delegate to the inner type's Acquirable impl via Deref.
// Enables key.lock_with(&arc_mutex, |g| ...) without &*.

#[cfg(target_has_atomic = "ptr")]
impl<'a, T: Acquirable<'a>> Acquirable<'a> for alloc::sync::Arc<T> {
    type MinLvl = T::MinLvl;
    type MaxLvl = T::MaxLvl;
    type Guard = T::Guard;

    fn collect_ids(&self, out: &mut Vec<LockId>) {
        T::collect_ids(self, out);
    }

    fn lock_sorted(&'a self, sorted_indices: &[usize]) -> Self::Guard {
        T::lock_sorted(self, sorted_indices)
    }
}

impl<'a, T: Acquirable<'a>> Acquirable<'a> for alloc::rc::Rc<T> {
    type MinLvl = T::MinLvl;
    type MaxLvl = T::MaxLvl;
    type Guard = T::Guard;

    fn collect_ids(&self, out: &mut Vec<LockId>) {
        T::collect_ids(self, out);
    }

    fn lock_sorted(&'a self, sorted_indices: &[usize]) -> Self::Guard {
        T::lock_sorted(self, sorted_indices)
    }
}

impl<'a, T: Acquirable<'a>> Acquirable<'a> for alloc::boxed::Box<T> {
    type MinLvl = T::MinLvl;
    type MaxLvl = T::MaxLvl;
    type Guard = T::Guard;

    fn collect_ids(&self, out: &mut Vec<LockId>) {
        T::collect_ids(self, out);
    }

    fn lock_sorted(&'a self, sorted_indices: &[usize]) -> Self::Guard {
        T::lock_sorted(self, sorted_indices)
    }
}

// Slice of mutexes -- same type, same level, dynamic length.
// Guards are returned as a Vec.
#[allow(clippy::indexing_slicing)] // sorted_indices are valid (produced by LockSet)
impl<'a, T: 'a, Lvl: IsLevel, R: RawMutex + 'a> Acquirable<'a> for &'a [Mutex<T, Lvl, R>] {
    type MinLvl = Lvl;
    type MaxLvl = Lvl;
    type Guard = Vec<MutexGuard<'a, R, T>>;

    fn collect_ids(&self, out: &mut Vec<LockId>) {
        for m in *self {
            out.push(m.id());
        }
    }

    fn lock_sorted(&'a self, sorted_indices: &[usize]) -> Self::Guard {
        sorted_indices
            .iter()
            .map(|&i| {
                let raw_guard = self[i].raw.lock();
                MutexGuard {
                    data: &self[i].data,
                    _raw_guard: raw_guard,
                }
            })
            .collect()
    }
}