It would be enough to use relaxed ordering here if it weren't for
the mutex, which we also need to store and retrieve. To ensure the
pthread_cond_broadcast() call sees the store, use release and acquire
as appropriate. Thankfully, both of these are on the slow paths.
This implementation does not use locking or condition variables
internally; it's purely based on atomics and futexes.
Notably, concurrent sem_wait() and sem_post() calls can run *completely
in parallel* without slowing each other down, as long as there are empty
slots for them all to succeed without blocking.
Additionally, sem_wait() never executes an atomic operation with release
ordering, and sem_post() never executes an atomic operation with acquire
ordering (unless you count the syscall). This means the compiler and the
hardware are free to reorder code *into* the critical section.
This implementation features a fast path for pthread_cond_signal() and
pthread_cond_broadcast() for the case there's no thread waiting, and
does not exhibit the "thundering herd" issue in
pthread_cond_broadcast().
Fixes https://github.com/SerenityOS/serenity/issues/8432
These are convinient wrappers over the most used futex operations.
futex_wait() also does some smarts for timeout and clock handling.
Use the new futex_wait() instead of a similar private helper in
LibPthread.
This adds two new arguments to the thread_exit system call which let
a thread unmap an arbitrary VM range on thread exit. LibPthread
uses this functionality to unmap the thread stack.
Fixes#7267.
Problem:
- `static` variables consume memory and sometimes are less
optimizable.
- `static const` variables can be `constexpr`, usually.
- `static` function-local variables require an initialization check
every time the function is run.
Solution:
- If a global `static` variable is only used in a single function then
move it into the function and make it non-`static` and `constexpr`.
- Make all global `static` variables `constexpr` instead of `const`.
- Change function-local `static const[expr]` variables to be just
`constexpr`.
With those partially implemented I can start to clone the SerenityOS
git repository via HTTPS.
The download still fails half-way through because SSL_read returns
an error for reasons I haven't investigated yet.
This change implements the pthread user space spinlock API. The
stress-ng Port requires a functioning version to work correctly.
To facilitate the requirements of the posix specification for the API
we implement the spinlock so that the owning tid is the value stored
in the spinlock. This gives us the proper ownership semantics needed
to implement the proper error handling.
If we get an absolute time passed to one of the pthread_*wait methods,
this is not an absolute monotonic time but rather an absolute wall
time. This means that we also need to pass FUTEX_CLOCK_REALTIME to the
futex syscall to ensure we're not using the monotonic clock.
SPDX License Identifiers are a more compact / standardized
way of representing file license information.
See: https://spdx.dev/resources/use/#identifiers
This was done with the `ambr` search and replace tool.
ambr --no-parent-ignore --key-from-file --rep-from-file key.txt rep.txt *
GCC will insert various calls to pthread functions when compiling
C++ code with static initializers, even when the user doesn't link
their program against libpthread explicitly.
This is used to make static initializers thread-safe, e.g. when
building a library that does not itself use thread functionality
and thus does not link against libpthread - but is intended to
be used with other code that does use libpthread explicitly.
This makes these symbols available in libc.
Semaphores with values greater than one didn't work because whoever
called sem_wait() first held the semaphore's mutex until a matching
sem_post() call.
Other callers then wouldn't be able to acquire the semaphore even
if the semaphore's value was still greater than zero at that point.
(...and ASSERT_NOT_REACHED => VERIFY_NOT_REACHED)
Since all of these checks are done in release builds as well,
let's rename them to VERIFY to prevent confusion, as everyone is
used to assertions being compiled out in release.
We can introduce a new ASSERT macro that is specifically for debug
checks, but I'm doing this wholesale conversion first since we've
accumulated thousands of these already, and it's not immediately
obvious which ones are suitable for ASSERT.
POSIX explicitly allows providing nullptr's, and our __pthread_*() implementation
stores and calls the provided functions as-is, without checking for nullptr.
This required a bit of rearchitecture, as pthread_atfork() required a
mutex, and duplicating a mutex impl for it was silly.
As such, this patch moves some standalone bits of pthread into LibC and
uses those to implement atfork().
It should be noted that for programs that don't use atfork(), this
mechanism only costs two atomic loads (as opposed to the normal mutex
lock+unlock) :^)
This implementation is pretty damn dumb, and probably has more bugs than
features.
But for the time being, it seems to work. however, we should definitely
replace it with a good implementation sometime very soon :^)
This achieves two things:
- Programs can now intentionally perform arbitrary syscalls by calling
syscall(). This allows us to work on things like syscall fuzzing.
- It restricts the ability of userspace to make syscalls to a single
4KB page of code. In order to call the kernel directly, an attacker
must now locate this page and call through it.
This adds support for FUTEX_WAKE_OP, FUTEX_WAIT_BITSET, FUTEX_WAKE_BITSET,
FUTEX_REQUEUE, and FUTEX_CMP_REQUEUE, as well well as global and private
futex and absolute/relative timeouts against the appropriate clock. This
also changes the implementation so that kernel resources are only used when
a thread is blocked on a futex.
Global futexes are implemented as offsets in VMObjects, so that different
processes can share a futex against the same VMObject despite potentially
being mapped at different virtual addresses.
