mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-07-04 10:18:31 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Improve cancellations, randomness, and time

Browse source 
- Exhaustively document cancellation points
- Rename SIGCANCEL to SIGTHR just like BSDs
- Further improve POSIX thread cancellations
- Ensure asynchronous cancellations work correctly
- Elevate the quality of getrandom() and getentropy()
- Make futexes cancel correctly on OpenBSD 6.x and 7.x
- Add reboot.com and shutdown.com to examples directory
- Remove underscore prefix from awesome timespec_*() APIs
- Create assertions that help verify our cancellation points
- Remove bad timespec APIs (cmp generalizes eq/ne/gt/gte/lt/lte)
This commit is contained in:
Justine Tunney 2022-11-05 19:49:41 -07:00
parent 0d7c265392
commit 3f0bcdc3ef
No known key found for this signature in database
GPG key ID: BE714B4575D6E328
173 changed files with 1599 additions and 782 deletions
Download patch file Download diff file Expand all files Collapse all files

1
third_party/nsync/README.cosmo vendored
View file

@ -18,3 +18,4 @@ LOCAL CHANGES
- nsync_malloc_() is implemented as kmalloc()
- nsync_mu_semaphore uses Cosmopolitan Futexes
- block pthread cancellations in nsync_mu_lock_slow_
- support posix thread cancellations in nsync_cv_wait

16
third_party/nsync/compat.S vendored
View file

@ -19,33 +19,33 @@
#include "libc/macros.internal.h"
nsync_time_now:
jmp _timespec_real
jmp timespec_real
.endfn nsync_time_now,globl
nsync_time_add:
jmp _timespec_add
jmp timespec_add
.endfn nsync_time_add,globl
nsync_time_sub:
jmp _timespec_sub
jmp timespec_sub
.endfn nsync_time_sub,globl
nsync_time_cmp:
jmp _timespec_cmp
jmp timespec_cmp
.endfn nsync_time_cmp,globl
nsync_time_ms:
jmp _timespec_frommillis
jmp timespec_frommillis
.endfn nsync_time_ms,globl
nsync_time_us:
jmp _timespec_frommicros
jmp timespec_frommicros
.endfn nsync_time_us,globl
nsync_time_sleep:
jmp _timespec_sleep
jmp timespec_sleep
.endfn nsync_time_us,globl
nsync_time_sleep_until:
jmp _timespec_sleep_until
jmp timespec_sleep_until
.endfn nsync_time_us,globl

14
third_party/nsync/cv.h vendored
View file

@ -114,8 +114,10 @@ void nsync_cv_broadcast(nsync_cv *cv);
return. Equivalent to a call to nsync_mu_wait_with_deadline() with
abs_deadline==nsync_time_no_deadline, and cancel_note==NULL. Callers
should use nsync_cv_wait() in a loop, as with all standard Mesa-style
condition variables. See examples above. */
void nsync_cv_wait(nsync_cv *cv, nsync_mu *mu);
condition variables. See examples above. Returns 0 normally, otherwise
ECANCELED may be returned if calling POSIX thread is cancelled only when
the PTHREAD_CANCEL_MASKED mode is in play. */
int nsync_cv_wait(nsync_cv *cv, nsync_mu *mu);
/* Atomically release "mu" (which must be held on entry) and block the
calling thread on *cv. It then waits until awakened by a call to
@ -124,9 +126,11 @@ void nsync_cv_wait(nsync_cv *cv, nsync_mu *mu);
In all cases, it reacquires "mu", and returns the reason for the call
returned (0, ETIMEDOUT, or ECANCELED). Use
abs_deadline==nsync_time_no_deadline for no deadline, and
cancel_note==NULL for no cancellation. wait_with_deadline() should be
used in a loop, as with all Mesa-style condition variables. See
examples above.
cancel_note==NULL for no nsync cancellations (however POSIX thread
cancellations may still happen, and ECANCELED could still be returned
when the calling thread is cancelled only if PTHREAD_CANCEL_MASKED is
in play). wait_with_deadline() should be used in a loop, as with all
Mesa-style condition variables. See examples above.
There are two reasons for using an absolute deadline, rather than a
relative timeout---these are why pthread_cond_timedwait() also uses

69
third_party/nsync/futex.c vendored
View file

@ -28,6 +28,7 @@
#include "libc/errno.h"
#include "libc/intrin/atomic.h"
#include "libc/intrin/describeflags.internal.h"
#include "libc/intrin/kprintf.h"
#include "libc/intrin/strace.internal.h"
#include "libc/intrin/weaken.h"
#include "libc/limits.h"
@ -38,6 +39,7 @@
#include "libc/sysv/consts/timer.h"
#include "libc/sysv/errfuns.h"
#include "libc/thread/freebsd.internal.h"
#include "libc/thread/posixthread.internal.h"
#include "libc/thread/thread.h"
#include "libc/thread/tls.h"
#include "third_party/nsync/atomic.h"
@ -118,26 +120,26 @@ static int nsync_futex_polyfill_ (atomic_int *w, int expect, struct timespec *ti
int64_t nanos, maxnanos;
struct timespec ts, deadline;
ts = nsync_time_now ();
ts = timespec_real ();
if (!timeout) {
deadline = nsync_time_no_deadline;
deadline = timespec_max;
} else if (FUTEX_TIMEOUT_IS_ABSOLUTE) {
deadline = *timeout;
} else {
deadline = nsync_time_add (ts, *timeout);
deadline = timespec_add (ts, *timeout);
}
nanos = 100;
maxnanos = __SIG_POLLING_INTERVAL_MS * 1000L * 1000;
while (nsync_time_cmp (deadline, ts) > 0) {
ts = nsync_time_add (ts, _timespec_fromnanos (nanos));
if (nsync_time_cmp (ts, deadline) > 0) {
while (timespec_cmp (deadline, ts) > 0) {
ts = timespec_add (ts, timespec_fromnanos (nanos));
if (timespec_cmp (ts, deadline) > 0) {
ts = deadline;
}
if (atomic_load_explicit (w, memory_order_acquire) != expect) {
return 0;
}
if ((rc = nsync_time_sleep_until (ts))) {
if ((rc = timespec_sleep_until (ts))) {
return -rc;
}
if (nanos < maxnanos) {
@ -159,22 +161,22 @@ static int nsync_futex_wait_win32_ (atomic_int *w, int expect, char pshare, stru
if (timeout) {
deadline = *timeout;
} else {
deadline = nsync_time_no_deadline;
deadline = timespec_max;
}
while (!(rc = _check_interrupts (false, 0))) {
now = nsync_time_now ();
if (nsync_time_cmp (now, deadline) > 0) {
now = timespec_real ();
if (timespec_cmp (now, deadline) > 0) {
rc = etimedout();
break;
}
remain = nsync_time_sub (deadline, now);
interval = _timespec_frommillis (__SIG_POLLING_INTERVAL_MS);
wait = nsync_time_cmp (remain, interval) > 0 ? interval : remain;
remain = timespec_sub (deadline, now);
interval = timespec_frommillis (__SIG_POLLING_INTERVAL_MS);
wait = timespec_cmp (remain, interval) > 0 ? interval : remain;
if (atomic_load_explicit (w, memory_order_acquire) != expect) {
break;
}
if (WaitOnAddress (w, &expect, sizeof(int), _timespec_tomillis (wait))) {
if (WaitOnAddress (w, &expect, sizeof(int), timespec_tomillis (wait))) {
break;
} else {
ASSERT (GetLastError () == ETIMEDOUT);
@ -186,6 +188,7 @@ static int nsync_futex_wait_win32_ (atomic_int *w, int expect, char pshare, stru
int nsync_futex_wait_ (atomic_int *w, int expect, char pshare, struct timespec *timeout) {
int e, rc, op, fop;
struct PosixThread *pt = 0;
if (atomic_load_explicit (w, memory_order_acquire) != expect) {
return -EAGAIN;
@ -210,21 +213,31 @@ int nsync_futex_wait_ (atomic_int *w, int expect, char pshare, struct timespec *
} else if (IsFreebsd ()) {
rc = sys_umtx_timedwait_uint (w, expect, pshare, timeout);
} else {
rc = sys_futex_cp (w, op, expect, timeout, 0, FUTEX_WAIT_BITS_);
if (IsOpenbsd() && rc > 0) {
// OpenBSD futex() returns errors as
// positive numbers without setting the
// carry flag. It's an irregular miracle
// because OpenBSD returns ECANCELED if
// futex() is interrupted w/ SA_RESTART
// so we're able to tell it apart from
// PT_MASKED which causes the wrapper
// to put ECANCELED into errno.
if (rc == ECANCELED) {
rc = EINTR;
if (IsOpenbsd()) {
// OpenBSD 6.8 futex() returns errors as
// positive numbers, without setting CF.
// This irregularity is fixed in 7.2 but
// unfortunately OpenBSD futex() defines
// its own ECANCELED condition, and that
// overlaps with our system call wrapper
if ((pt = (struct PosixThread *)__get_tls()->tib_pthread)) {
pt->flags &= ~PT_OPENBSD_KLUDGE;
}
}
rc = sys_futex_cp (w, op, expect, timeout, 0, FUTEX_WAIT_BITS_);
if (IsOpenbsd()) {
// Handle the OpenBSD 6.x irregularity.
if (rc > 0) {
errno = rc;
rc = -1;
}
// Check if ECANCELED came from the kernel
// because a SA_RESTART signal handler was
// invoked, such as our SIGTHR callback.
if (rc == -1 && errno == ECANCELED &&
pt && (~pt->flags & PT_OPENBSD_KLUDGE)) {
errno = EINTR;
}
errno = rc;
rc = -1;
}
}
if (rc == -1) {

17
third_party/nsync/mem/nsync_cv.c vendored
View file

@ -15,6 +15,7 @@
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "libc/calls/cp.internal.h"
#include "libc/str/str.h"
#include "libc/thread/thread.h"
#include "third_party/nsync/atomic.internal.h"
@ -202,6 +203,7 @@ int nsync_cv_wait_with_deadline_generic (nsync_cv *pcv, void *pmu,
int outcome = 0;
waiter *w;
IGNORE_RACES_START ();
BEGIN_CANCELLATION_POINT;
w = nsync_waiter_new_ ();
pthread_cleanup_push((void *)nsync_waiter_free_, w);
ATM_STORE (&w->nw.waiting, 1);
@ -315,6 +317,7 @@ int nsync_cv_wait_with_deadline_generic (nsync_cv *pcv, void *pmu,
}
}
pthread_cleanup_pop(0);
END_CANCELLATION_POINT;
IGNORE_RACES_END ();
return (outcome);
}
@ -444,9 +447,9 @@ void nsync_cv_broadcast (nsync_cv *pcv) {
}
/* Wait with deadline, using an nsync_mu. */
int nsync_cv_wait_with_deadline (nsync_cv *pcv, nsync_mu *pmu,
nsync_time abs_deadline,
nsync_note cancel_note) {
errno_t nsync_cv_wait_with_deadline (nsync_cv *pcv, nsync_mu *pmu,
nsync_time abs_deadline,
nsync_note cancel_note) {
return (nsync_cv_wait_with_deadline_generic (pcv, pmu, &void_mu_lock,
&void_mu_unlock,
abs_deadline, cancel_note));
@ -457,9 +460,11 @@ int nsync_cv_wait_with_deadline (nsync_cv *pcv, nsync_mu *pmu,
wakeup. Then reacquires *pmu, and return. The call is equivalent to a call
to nsync_cv_wait_with_deadline() with abs_deadline==nsync_time_no_deadline, and a NULL
cancel_note. It should be used in a loop, as with all standard Mesa-style
condition variables. See examples above. */
void nsync_cv_wait (nsync_cv *pcv, nsync_mu *pmu) {
nsync_cv_wait_with_deadline (pcv, pmu, nsync_time_no_deadline, NULL);
condition variables. See examples above. Returns 0 normally, otherwise
ECANCELED may be returned if calling POSIX thread is cancelled only when
the PTHREAD_CANCEL_MASKED mode is in play. */
errno_t nsync_cv_wait (nsync_cv *pcv, nsync_mu *pmu) {
return nsync_cv_wait_with_deadline (pcv, pmu, nsync_time_no_deadline, NULL);
}
static nsync_time cv_ready_time (void *v, struct nsync_waiter_s *nw) {

22
third_party/nsync/time.h vendored
View file

@ -17,39 +17,39 @@ COSMOPOLITAN_C_START_
typedef struct timespec nsync_time;
/* A deadline infinitely far in the future. */
#define nsync_time_no_deadline _timespec_max
#define nsync_time_no_deadline timespec_max
/* The zero delay, or an expired deadline. */
#define nsync_time_zero _timespec_zero
#define nsync_time_zero timespec_zero
/* Return the current time since the epoch. */
#define nsync_time_now() _timespec_real()
#define nsync_time_now() timespec_real()
/* Sleep for the specified delay. Returns the unslept time which may be
non-zero if the call was interrupted. */
#define nsync_time_sleep(a) _timespec_sleep(a)
#define nsync_time_sleep(a) timespec_sleep(a)
/* Sleep until the specified time. Returns 0 on success, and EINTR
if the call was interrupted. */
#define nsync_time_sleep_until(a) _timespec_sleep_until(a)
#define nsync_time_sleep_until(a) timespec_sleep_until(a)
/* Return a+b */
#define nsync_time_add(a, b) _timespec_add(a, b)
#define nsync_time_add(a, b) timespec_add(a, b)
/* Return a-b */
#define nsync_time_sub(a, b) _timespec_sub(a, b)
#define nsync_time_sub(a, b) timespec_sub(a, b)
/* Return +ve, 0, or -ve according to whether a>b, a==b, or a<b. */
#define nsync_time_cmp(a, b) _timespec_cmp(a, b)
#define nsync_time_cmp(a, b) timespec_cmp(a, b)
/* Return the specified number of milliseconds as a time. */
#define nsync_time_ms(a) _timespec_frommillis(a)
#define nsync_time_ms(a) timespec_frommillis(a)
/* Return the specified number of microseconds as a time. */
#define nsync_time_us(a) _timespec_frommicros(a)
#define nsync_time_us(a) timespec_frommicros(a)
/* Return the specified number of nanoseconds as a time. */
#define nsync_time_ns(a) _timespec_fromnanos(a)
#define nsync_time_ns(a) timespec_fromnanos(a)
/* Return an nsync_time constructed from second and nanosecond
components */