Enable mutex functionality in nxsem

[jlaitine]

Summary

This enables mutex functionality in the nxsem code, enabling wait/post atomic fast paths, without needs for syscall, also when priority inheritance is enabled for mutexes.

The basics of the implementations are as follows:

• For mutexes, replace semaphore count with mutex holder, which consits of 1 bit for mutex internal locking and 31 bits for task PID
• Instead of manipulating the count with atomic instructions, manipulate the mutex holder
• Instead of allocating and storing the holder structure for the task's list for priority inheritance, do it at the time when task blocks on the mutex. Since there can be only one running holder for a mutex, this can be done.

Doing this allows cleaning up the nxmutex interface to be a very thin wrapper on top of nxsem (e.g. removing the extra holder variable inside of nxmutex. Plain nxmutex could be just a typedeffed nxsem). This is left for future PRs.

This also improves performance significantly in SMP and in CONFIG_BUILD_KERNEL / CONFIG_BUILD_PROTECTED targets, since most of the time there is no need for syscall to the kernel when a mutex is taken/posted.

I am putting this as a draft for now and will do some more testing still on qemu targets

Impact

This has no functional impact. For the performance, on my real application the speed improvements on RISC-V are as follows in terms of CPU utilization:

• RISCV 64bit (MFPS SMP, 4 harts, CONFIG_BUILD_KERNEL): CPU usage: 36 % -> 25 %
• RISCV 64bit (MFPS SMP, 4 harts, CONFIG_BUILD_FLAT): CPU usage: 12% -> 9%

Testing

Real hardware:

• Custom HW, mpfs (risc-v 64-bit): non-SMP and SMP 4 harts, both with CONFIG_BUILD_FLAT and CONFIG_BUILD_KERNEL.
• Custom HW, i.MX93: Single core CONFIG_BUILD_FLAT and CONFIG_BUILD_KERNEL

[nuttxpr]

[Experimental Bot, please feedback here]

Yes, this PR appears to meet the NuttX requirements, although it's marked as a draft and needs more testing. The summary clearly explains the "why," "what," and "how" of the changes. The impact section addresses key areas, including performance improvements and build configurations tested. The testing section provides information about the hardware and configurations used, though the logs are missing. The lack of "before" and "after" logs is the primary reason it doesn't fully meet the requirements yet. Adding those logs, completing testing on qemu, and removing the draft status will complete the PR.

[jlaitine]

This is an initial push, from which I forgot to squash one patch, so it is still broken when priority inheritance is disabled (all the testing I did was with prio inheritance enabled)

So please don't review yet, I will still fix it and add some cleanups.

This is just a FYI if someone wants to get a preliminary view ;)

[jlaitine]

Re-tested this, and I believe it is now ready for review. I disagreed on chaning the mholder into int32, so I didn't do that. It is obviously open for discussion still, but please see my points above first

[jlaitine]

Seems that I still need to work on this; citest is failing for some reason

[lupyuen]

@jlaitine I restarted the CI Test, let's see if it fails again...

[jlaitine]

Fixed: bugs causing the citest to fail, review comments. Need to run a bunch of tests again.

[lupyuen]

Tested OK with OSTest on Real Hardware. Thanks!

• Avaota-A1 T527 Arm64 SBC
• Oz64 SG2000 64-bit RISC-V SBC

[jlaitine]

Re-tested MPFS with TII's real applications WITH CONFIG_BUILD_FLAT smp, CONFIG_BUILD_KERNEL smp, CONFIG_BUILD_KERNEL single-core. Also executed ostest on rv-virt:nsh and on real HW (MPFS smp 4 cores, CONFIG_BUILD_FLAT).

All look still good after adding the nxmutex patch.

[pussuw]

A mutex does not have a count. This logic and the logic in nxsem_reset is redundant. Setting the holder to NO_HOLDER should suffice ?

Also, I'm having a hard time trying to figure out what is nxmutex_reset supposed to do ?

[jlaitine]

Yes me too. I implemented it in a way that it does the same thing as before.

I hate the whole "reset" thing for mutex. If you can figure out what nxmutex_reset does in

nuttx/drivers/serial/serial.c

Line 2253 in 8832136

nxmutex_reset(&dev->xmit.lock);

, I am more than happy to remove this abomination.

Otherwise I am not ready to do that yet.

[pussuw]

I need to re-read this nxmutex_reset stuff with a clear mind. It's late.. Goes to tomorrow.

[pussuw]

Does NXSEM_MRESET have a meaning any longer ? I don't think (the old function) nxmutex_is_reset semantics are needed anymore.

[jlaitine]

Basically, it is only used to enable the DEBUGASSERT in sem_post, which checks that the posting task is the actual holder of the mutex. The "reset" does the posting from another thread.

Again, I am more than happy to remove the reset altogether, if you just tell me what to do with the serial driver.

[pussuw]

Maybe I don't understand the use case well enough, but one option IF a non-owner thread tries to post from nxmutex_reset, it could just take ownership of the mutex there and then post. But what is the use case for this I wonder ? Sounds like asking for trouble tbh.

[jlaitine]

Going around the reset again.... I DO want to remove it. But I don't understand why it is there in that serial driver, and I implemented it in the way that it works as before. So I don't want to remove it before someone removes that from the serial driver.

[pussuw]

Yup, it's the part that has me most baffled. Just because I don't understand what it's supposed to do. I do get what it did before. Keeping the existing functionality as close as possible is a fair choice.

[jlaitine]

Yes, sticking to that for now... all my attempts to remove it caused havoc, especially with USB CDCACM (in the drone mavlink over USB). Replicating the functionality of nxmutex_reset just does the trick for now. Eventually I got fed up with debugging USB and serial drivers. There has to be some design flaw in the serial if one needs to "reset" mutexes, I just couldn't wrap my head around that yet, I am currently working on a bit too many things at the same time....

[pussuw]

In case of mutex, only 1 can hold a reference, the holder itself. Should the call to nxsem_canceled be omitted when dealing with mutexes ?

[jlaitine]

There may be several tasks blocked on a mutex, and one of them can be deleted while holding the mutex. Again, keeping the existing functionality...

[pussuw]

In this case tcb is waiting for this mutex. The only thing that needs to be done is to remove it from the SEM_WAITLIST. If the waitlist becomes empty, then clear block mask ?

[jlaitine]

Yes. But the issue here is, that I can't remove it from the SEM_WAITLIST here. It is done afterwards. So the loop above does exactly that, it checks if there will be other tasks left after this upcoming removal from the waitlist.

[pussuw]

A mutex does not have a count, what is the use case for nxmutex_reset ?

[jlaitine]

nuttx/drivers/serial/serial.c

Line 2253 in 8832136

nxmutex_reset(&dev->xmit.lock);

[pussuw]

I still think NXSEM_MRESET has no meaning anymore

[jlaitine]

argh. no comment. I will remove it if you remove the use of nxmutex_reset, deal?

[pussuw]

Won't 1 call to nxsem_post mark the next in SEM_WAITLIST as the owner, and then trying to post from here fails again ?

[jlaitine]

There is special handling in nxsem_post for posting with value "NXSEM_MRESET | NXSEM_MBLOCKS_BIT", and the nxsem post returns with the same.

Again, removing the reset would be preferred. But now it works as it did before with "nxmutex" code

[pussuw]

Is there a race condition here, should this logic be in nxsem_post ?

[jlaitine]

Can you clarify where do you see the race?

This is the correct place where you know that this task is the holder of the mutex (unless the wait failed of course, hence checking the error - timed wait functions still need to work for mutexes even though signals can't interrupt them). It has just acquired it and is running - and still inside the critical section with the blocking bit set.

The only reason why sem_post needs to set the holder (apart from releasing the last holder of the mutex when no other is blocked) is, that the task who is being posted may be blocked by something else. If some higher priority task again acquires (and blocks on) the mutex, the sem_wait needs to allocate and store the holder structure.

But it always needs to be set here still.

[pussuw]

I don't see a race here, I'm asking if there can be one since I know that for counting semaphores the holder is set in nxsem_wait_irq and in sem_post, presumably for reasons. This is different from that.

You wrote this code, I don't know how it works. I cant tell by looking at it for ~30 minutes either. This is why I ask questions, since you know the implementation better.

[jlaitine]

Yes, thanks for asking, the discussion clarifies things for others as well.

I believe the only "sane" place to set the mutex holder TID is really when it gets out of sem_wait and really holding the mutex. This is after all the priority adjustments and what not.

Setting it in sem_post is more dubious, but it must be set to something else than the TID which just posted. One could arque that the most proper value to set in sem post would be "NXSEM_NO_MHOLDER | NXSEM_MBLOCKS_BIT", since at that point no other threads who have acquired the mutex are running. However, this would require special handling again in sem_wait; if while everyone, who acquired the mutex before, are blocked for some reason and some other thread blocks on the mutex again, one would need special handling for that value. So basically, setting any TID from waiting list is fine - you don't really need to know which one of those will wake up. Picking the one from the top of the waitlist is basically the same thing as what is done with counting semaphores.