Add builtin implementation for std targets.

[Dirbaio]

This adds an std Cargo feature that enables a critical-section implementation for std.

IMO this is the only impl that we should have "builtin". Rust's std is essentially "stable forever" so the impl won't need breaking changes, and it should work soundly on all targets where std is supported.

Note this uses Rust 1.63's "const Mutex::new()", so this makes our MSRV effectively that for std targets. I think it should be acceptable.

[eldruin]

Seems fine to me but I am no expert on CS. Maybe @adamgreig could review?
I noticed now that there is no MSRV notice or CI job at all here.
Being such a foundational crate I think we should have one, even if it is 1.63.
It's definitely not a breaking change if there was none before, right? 😉

[Dirbaio]

Added 1.63 MSRV notice to the README.

It's definitely not a breaking change if there was none before, right?

😂 It's not breaking anyway because 1.63 is only actually required if you enable the std feature, which didn't exist before.

[reitermarkus]

Some small suggestions, but in general looks good to me.

[Dirbaio]

Thanks @reitermarkus for the review, I've incorporated the feedback.

[eldruin]

Could you also add this feature to the test CI workflow?

[adamgreig]

• I don't like the asymmetry in acquire being "lock, then store true to cell" while release is "unlock, then store false to cell", but I appreciate that since the cell is thread-local and the thread can't pre-empt itself it probably doesn't matter that another thread might have taken the mutex between us unlocking it and us storing false back to the cell. Indeed it means we hold the mutex lock for very slightly less time which is probably beneficial. But, it's more "obvious" to keep the lock until we've cleared the cell. What do you think?
• Otherwise the std impl all seems fine to me 👍
• We should document the new feature in the README so that it also appears in the library documentation. Probably in the "providing an implementation" section. It could briefly explain how it's implemented too.
• I think it's fine for the std impl to require 1.63 and obviously therefore bump the MSRV, but I wonder if it would be kind to have a lower MSRV without the std feature, or at least mention it, as 1.63 is so new and we're basically rolling this out across the whole embedded ecosystem. Since we'll probably add a CI test case for the feature, that one can build with the higher MSRV, and the other case could use the lower one. Dunno.

[Dirbaio]

(@eldruin) Could you also add this feature to the test CI workflow?

I didn't because it runs the doctests showing how to set an impl, which then fails duplicate symbol errors because there's also the std impl. IMO it should be fine since there are no tests other than the doctests anyway.

(@adamgreig) But, it's more "obvious" to keep the lock until we've cleared the cell. What do you think?

Actually, we can also set the flag before acquiring the mutex. This way it's symmetric! :)
I've added some comments highlighting the fact that it's fine due to being thread local.

(@adamgreig) We should document the new feature in the README so that it also appears in the library documentation. Probably in the "providing an implementation" section. It could briefly explain how it's implemented too.

Done

(@adamgreig) I think it's fine for the std impl to require 1.63 and obviously therefore bump the MSRV, but I wonder if it would be kind to have a lower MSRV without the std feature

SGTM. Documented MSRV as 1.54 without std, 1.63 with. Added CI checks for both. (1.54 needed for #[doc(include_str!())] support)

[Dirbaio]

For some reason 1.54 doesn't like #[transparent] on RestoreState, so I've removed it.

error[E0690]: transparent struct needs exactly one non-zero-sized field, but has 0
   --> src/lib.rs:123:1
    |
123 | pub struct RestoreState(RawRestoreState);
    | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ needs exactly one non-zero-sized field, but has 0

[notgull]

I think it's because RawRestoreState can be a (), and ZSTs can't be the only field in a transparent struct.

[Dirbaio]

Yeah, but that was fine in 1.63 🤷 Either way, I think not having it is fine, it's very unlikely it'll result in worse code. Ssee #20 (comment)

[eldruin]

(@eldruin) Could you also add this feature to the test CI workflow?

I didn't because it runs the doctests showing how to set an impl, which then fails duplicate symbol errors because there's also the std impl. IMO it should be fine since there are no tests other than the doctests anyway.

Hmm, you can gate the doctest code with something like:

# #[cfg(not(feature = "std"))]
# {
// ... actual doctest code
# }

[Dirbaio]

Done (it's slightly abominable, but works...)

[adamgreig]

Thanks for the updates, LGTM.

[eldruin]

Alright, thank you everybody!
bors r+

[bors]

👎 Rejected by code reviews

[eldruin]

Ach, @reitermarkus could you review this again?

[Dirbaio]

bors r+

[bors]

👎 Rejected by code reviews

[Dirbaio]

ugh, why does a "neutral" review with comments count as "rejected"?

[Dirbaio]

bors r+

[bors]

👎 Rejected by code reviews