Re: [PATCH] rust: sync: add lazy initialization methods to SetOnce

[Gary Guo]

On Sun Feb 15, 2026 at 8:27 PM GMT, Andreas Hindborg wrote:
> Add methods to get a reference to the contained value or populate the
> SetOnce if empty. The new `as_ref_or_populate` method accepts a value
> directly, while `as_ref_or_populate_with` accepts a fallible closure,
> allowing for lazy initialization that may fail. Both methods spin-wait
> if another thread is concurrently initializing the container.
>
> Also add `populate_with` which takes a fallible closure and serves as
> the implementation basis for the other populate methods.

Hi Andreas, in an earlier call I mentioned that I'm working on getting SetOnce
to work with pin-init, the capability of which I think is a superset of you have
here.

The API I have is

impl<T> SetOnce<T> {
    pub fn init<E>(&self, init: impl Init<T, E>) -> Result<&T, InitError<E>>;
    pub fn pin_init<E>(self, Pin<&Self>, init: impl PinInit<T, E>) -> Result<&T, InitError<E>>;
}

To achieve what you need with a function, you can simply write:

    set_once.init(pin_init::init_scope(your_fn))

The patch that implement the API is here:
https://github.com/nbdd0121/linux/commit/4aabdbcf20b11626c253f203745b1d55c37ab2ee
in tree
https://github.com/nbdd0121/linux/tree/lazy_revocable_nova_wip/

which I haven't submitted to the list as the user side of this API isn't ready.

Best,
Gary

>
> Signed-off-by: Andreas Hindborg <a.hindborg@xxxxxxxxxx>
> ---
>  rust/kernel/sync/set_once.rs | 53 ++++++++++++++++++++++++++++++++++++++------
>  1 file changed, 46 insertions(+), 7 deletions(-)
>
> diff --git a/rust/kernel/sync/set_once.rs b/rust/kernel/sync/set_once.rs
> index bdba601807d8b..9e3c4be4047f8 100644
> --- a/rust/kernel/sync/set_once.rs
> +++ b/rust/kernel/sync/set_once.rs
> @@ -2,11 +2,14 @@
>  
>  //! A container that can be initialized at most once.
>  
> -use super::atomic::{
> -    ordering::{Acquire, Relaxed, Release},
> -    Atomic,
> -};
>  use core::{cell::UnsafeCell, mem::MaybeUninit};
> +use kernel::{
> +    error::Result,
> +    sync::atomic::{
> +        ordering::{Acquire, Relaxed, Release},
> +        Atomic,
> +    },
> +};
>  
>  /// A container that can be populated at most once. Thread safe.
>  ///
> @@ -76,10 +79,46 @@ pub fn as_ref(&self) -> Option<&T> {
>          }
>      }
>  
> +    /// Get a reference to the contained object, or populate the [`SetOnce`]
> +    /// with the value returned by `callable` and return a reference to that
> +    /// object.
> +    pub fn as_ref_or_populate_with(&self, callable: impl FnOnce() -> Result<T>) -> Result<&T> {
> +        if !self.populate_with(callable)? {
> +            while self.init.load(Acquire) != 2 {
> +                core::hint::spin_loop();
> +            }
> +        }
> +
> +        // SAFETY: By the type invariants of `Self`, `self.init == 2` means that `self.value`
> +        // is initialized and valid for shared access.
> +        Ok(unsafe { &*self.value.get().cast() })
> +    }
> +
> +    /// Get a reference to the contained object, or populate the [`SetOnce`]
> +    /// with `value` and return a reference to that object.
> +    pub fn as_ref_or_populate(&self, value: T) -> &T {
> +        if !self.populate(value) {
> +            while self.init.load(Acquire) != 2 {
> +                core::hint::spin_loop();
> +            }
> +        }
> +
> +        // SAFETY: By the type invariants of `Self`, `self.init == 2` means that `self.value`
> +        // is initialized and valid for shared access.
> +        unsafe { &*self.value.get().cast() }
> +    }
> +
>      /// Populate the [`SetOnce`].
>      ///
>      /// Returns `true` if the [`SetOnce`] was successfully populated.
>      pub fn populate(&self, value: T) -> bool {
> +        self.populate_with(|| Ok(value)).expect("Cannot error")
> +    }
> +
> +    /// Populate the [`SetOnce`] with the value returned by `callable`.
> +    ///
> +    /// Returns `true` if the [`SetOnce`] was successfully populated.
> +    pub fn populate_with(&self, callable: impl FnOnce() -> Result<T>) -> Result<bool> {
>          // INVARIANT: If the swap succeeds:
>          //  - We increase `init`.
>          //  - We write the valid value `1` to `init`.
> @@ -88,16 +127,16 @@ pub fn populate(&self, value: T) -> bool {
>          if let Ok(0) = self.init.cmpxchg(0, 1, Relaxed) {
>              // SAFETY: By the type invariants of `Self`, the fact that we succeeded in writing `1`
>              // to `self.init` means we obtained exclusive access to `self.value`.
> -            unsafe { core::ptr::write(self.value.get().cast(), value) };
> +            unsafe { core::ptr::write(self.value.get().cast(), callable()?) };
>              // INVARIANT:
>              //  - We increase `init`.
>              //  - We write the valid value `2` to `init`.
>              //  - We release our exclusive access to `self.value` and it is now valid for shared
>              //    access.
>              self.init.store(2, Release);
> -            true
> +            Ok(true)
>          } else {
> -            false
> +            Ok(false)
>          }
>      }
>  
>
> ---
> base-commit: 05f7e89ab9731565d8a62e3b5d1ec206485eeb0b
> change-id: 20260215-set-once-lazy-c73fc34a55d9
>
> Best regards,