Changeset b59318e in mainline

Timestamp:

2018-06-26T17:34:48Z (6 years ago)

Author:

Jiří Zárevúcky <jiri.zarevucky@…>

Branches:

lfn, master, serial, ticket/834-toolchain-update, topic/msim-upgrade, topic/simplify-dev-export

Children:

ab6edb6

Parents:

f6372be9

git-author:

Jiří Zárevúcky <jiri.zarevucky@…> (2018-06-26 17:01:43)

git-committer:

Jiří Zárevúcky <jiri.zarevucky@…> (2018-06-26 17:34:48)

Message:

Make futex able to time out.

Files:

• abi/include/abi/synch.h (modified) (1 diff)
• kernel/generic/include/proc/thread.h (modified) (1 diff)
• kernel/generic/include/synch/futex.h (modified) (1 diff)
• kernel/generic/include/synch/waitq.h (modified) (1 diff)
• kernel/generic/src/proc/thread.c (modified) (1 diff)
• kernel/generic/src/synch/futex.c (modified) (3 diffs)
• kernel/generic/src/synch/waitq.c (modified) (6 diffs)
• uspace/lib/c/include/futex.h (modified) (3 diffs)

abi/include/abi/synch.h

@@ -45 +45 @@
 /** Interruptible operation. */
 #define SYNCH_FLAGS_INTERRUPTIBLE  (1 << 1)
+/** Futex operation (makes sleep with timeout composable). */
+#define SYNCH_FLAGS_FUTEX          (1 << 2)
 
 #endif

kernel/generic/include/proc/thread.h

@@ -112 +112 @@
         /** If true, the thread can be interrupted from sleep. */
         bool sleep_interruptible;
+
+        /**
+         * If true, and this thread's sleep returns without a wakeup
+         * (timed out or interrupted), waitq ignores the next wakeup.
+         * This is necessary for futex to be able to handle those conditions.
+         */
+        bool sleep_composable;
+
         /** Wait queue in which this thread sleeps. */
         waitq_t *sleep_queue;

kernel/generic/include/synch/futex.h

@@ -53 +53 @@
 
 extern void futex_init(void);
-extern sys_errno_t sys_futex_sleep(uintptr_t);
+extern sys_errno_t sys_futex_sleep(uintptr_t, uintptr_t);
 extern sys_errno_t sys_futex_wakeup(uintptr_t);
 

kernel/generic/include/synch/waitq.h

@@ -62 +62 @@
         int missed_wakeups;
 
+        /** Number of wakeups that need to be ignored due to futex timeout. */
+        int ignore_wakeups;
+
         /** List of sleeping threads for which there was no missed_wakeup. */
         list_t sleepers;

kernel/generic/src/proc/thread.c

@@ -383 +383 @@
         timeout_initialize(&thread->sleep_timeout);
         thread->sleep_interruptible = false;
+        thread->sleep_composable = false;
         thread->sleep_queue = NULL;
         thread->timeout_pending = false;

kernel/generic/src/synch/futex.c

@@ -398 +398 @@
 }
 
-/** Sleep in futex wait queue.
- *
- * @param uaddr         Userspace address of the futex counter.
+/** Sleep in futex wait queue with a timeout.
+ *  If the sleep times out or is interrupted, the next wakeup is ignored.
+ *  The userspace portion of the call must handle this condition.
+ *
+ * @param uaddr         Userspace address of the futex counter.
+ * @param timeout       Maximum number of useconds to sleep. 0 means no limit.
  *
  * @return              If there is no physical mapping for uaddr ENOENT is
@@ -406 +409 @@
  *                      waitq_sleep_timeout().
  */
-sys_errno_t sys_futex_sleep(uintptr_t uaddr)
+sys_errno_t sys_futex_sleep(uintptr_t uaddr, uintptr_t timeout)
 {
         futex_t *futex = get_futex(uaddr);
@@ -417 +420 @@
 #endif
 
-        errno_t rc = waitq_sleep_timeout(
-            &futex->wq, 0, SYNCH_FLAGS_INTERRUPTIBLE, NULL);
+        errno_t rc = waitq_sleep_timeout(&futex->wq, timeout,
+            SYNCH_FLAGS_INTERRUPTIBLE | SYNCH_FLAGS_FUTEX, NULL);
 
 #ifdef CONFIG_UDEBUG

kernel/generic/src/synch/waitq.c

@@ -57 +57 @@
 #include <adt/list.h>
 #include <arch/cycle.h>
+#include <mem.h>
 
 static void waitq_sleep_timed_out(void *);
@@ -71 +72 @@
 void waitq_initialize(waitq_t *wq)
 {
+        memsetb(wq, sizeof(*wq), 0);
         irq_spinlock_initialize(&wq->lock, "wq.lock");
         list_initialize(&wq->sleepers);
-        wq->missed_wakeups = 0;
 }
 
@@ -114 +115 @@
                 thread->saved_context = thread->sleep_timeout_context;
                 do_wakeup = true;
+                if (thread->sleep_composable)
+                        wq->ignore_wakeups++;
                 thread->sleep_queue = NULL;
                 irq_spinlock_unlock(&wq->lock, false);
@@ -176 +179 @@
                 list_remove(&thread->wq_link);
                 thread->saved_context = thread->sleep_interruption_context;
+                if (thread->sleep_composable)
+                        wq->ignore_wakeups++;
                 do_wakeup = true;
                 thread->sleep_queue = NULL;
@@ -393 +398 @@
          */
         irq_spinlock_lock(&THREAD->lock, false);
+
+        THREAD->sleep_composable = (flags & SYNCH_FLAGS_FUTEX);
 
         if (flags & SYNCH_FLAGS_INTERRUPTIBLE) {
@@ -538 +545 @@
         assert(irq_spinlock_locked(&wq->lock));
 
+        if (wq->ignore_wakeups > 0) {
+                if (mode == WAKEUP_FIRST) {
+                        wq->ignore_wakeups--;
+                        return;
+                }
+                wq->ignore_wakeups = 0;
+        }
+
 loop:
         if (list_empty(&wq->sleepers)) {

uspace/lib/c/include/futex.h

@@ -36 +36 @@
 #define LIBC_FUTEX_H_
 
+#include <assert.h>
 #include <atomic.h>
 #include <errno.h>
@@ -98 +99 @@
 }
 
-/** Down the futex.
+/** Down the futex with timeout, composably.
+ *
+ * This means that when the operation fails due to a timeout or being
+ * interrupted, the next futex_up() is ignored, which allows certain kinds of
+ * composition of synchronization primitives.
+ *
+ * In most other circumstances, regular futex_down_timeout() is a better choice.
  *
  * @param futex Futex.
  *
  * @return ENOENT if there is no such virtual address.
+ * @return ETIMEOUT if timeout expires.
  * @return EOK on success.
  * @return Error code from <errno.h> otherwise.
  *
  */
-static inline errno_t futex_down(futex_t *futex)
+static inline errno_t futex_down_composable(futex_t *futex, struct timeval *expires)
 {
+        // TODO: Add tests for this.
+
+        /* No timeout by default. */
+        suseconds_t timeout = 0;
+
+        if (expires) {
+                struct timeval tv;
+                getuptime(&tv);
+                if (tv_gteq(&tv, expires)) {
+                        /* We can't just return ETIMEOUT. That wouldn't be composable. */
+                        timeout = 1;
+                } else {
+                        timeout = tv_sub_diff(expires, &tv);
+                }
+
+                assert(timeout > 0);
+        }
+
         if ((atomic_signed_t) atomic_predec(&futex->val) < 0)
-                return (errno_t) __SYSCALL1(SYS_FUTEX_SLEEP, (sysarg_t) &futex->val.count);
+                return (errno_t) __SYSCALL2(SYS_FUTEX_SLEEP, (sysarg_t) &futex->val.count, (sysarg_t) timeout);
 
         return EOK;
@@ -132 +158 @@
 }
 
+static inline errno_t futex_down_timeout(futex_t *futex, struct timeval *expires)
+{
+        /*
+         * This combination of a "composable" sleep followed by futex_up() on
+         * failure is necessary to prevent breakage due to certain race
+         * conditions.
+         */
+        errno_t rc = futex_down_composable(futex, expires);
+        if (rc != EOK)
+                futex_up(futex);
+        return rc;
+}
+
+/** Down the futex.
+ *
+ * @param futex Futex.
+ *
+ * @return ENOENT if there is no such virtual address.
+ * @return EOK on success.
+ * @return Error code from <errno.h> otherwise.
+ *
+ */
+static inline errno_t futex_down(futex_t *futex)
+{
+        return futex_down_timeout(futex, NULL);
+}
+
 #endif