2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
4 * Copyright (c) 2015, 2016 The FreeBSD Foundation
5 * Copyright (c) 2004, David Xu <davidxu@freebsd.org>
6 * Copyright (c) 2002, Jeffrey Roberson <jeff@freebsd.org>
9 * Portions of this software were developed by Konstantin Belousov
10 * under sponsorship from the FreeBSD Foundation.
12 * Redistribution and use in source and binary forms, with or without
13 * modification, are permitted provided that the following conditions
15 * 1. Redistributions of source code must retain the above copyright
16 * notice unmodified, this list of conditions, and the following
18 * 2. Redistributions in binary form must reproduce the above copyright
19 * notice, this list of conditions and the following disclaimer in the
20 * documentation and/or other materials provided with the distribution.
22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
25 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34 #include <sys/cdefs.h>
35 __FBSDID("$FreeBSD$");
37 #include "opt_umtx_profiling.h"
39 #include <sys/param.h>
40 #include <sys/kernel.h>
41 #include <sys/fcntl.h>
43 #include <sys/filedesc.h>
44 #include <sys/limits.h>
46 #include <sys/malloc.h>
48 #include <sys/mutex.h>
51 #include <sys/resource.h>
52 #include <sys/resourcevar.h>
53 #include <sys/rwlock.h>
55 #include <sys/sched.h>
57 #include <sys/sysctl.h>
58 #include <sys/sysent.h>
59 #include <sys/systm.h>
60 #include <sys/sysproto.h>
61 #include <sys/syscallsubr.h>
62 #include <sys/taskqueue.h>
64 #include <sys/eventhandler.h>
67 #include <security/mac/mac_framework.h>
70 #include <vm/vm_param.h>
72 #include <vm/vm_map.h>
73 #include <vm/vm_object.h>
75 #include <machine/atomic.h>
76 #include <machine/cpu.h>
78 #ifdef COMPAT_FREEBSD32
79 #include <compat/freebsd32/freebsd32_proto.h>
83 #define _UMUTEX_WAIT 2
86 #define UPROF_PERC_BIGGER(w, f, sw, sf) \
87 (((w) > (sw)) || ((w) == (sw) && (f) > (sf)))
90 /* Priority inheritance mutex info. */
93 struct thread *pi_owner;
98 /* List entry to link umtx holding by thread */
99 TAILQ_ENTRY(umtx_pi) pi_link;
101 /* List entry in hash */
102 TAILQ_ENTRY(umtx_pi) pi_hashlink;
104 /* List for waiters */
105 TAILQ_HEAD(,umtx_q) pi_blocked;
107 /* Identify a userland lock object */
108 struct umtx_key pi_key;
111 /* A userland synchronous object user. */
113 /* Linked list for the hash. */
114 TAILQ_ENTRY(umtx_q) uq_link;
117 struct umtx_key uq_key;
121 #define UQF_UMTXQ 0x0001
123 /* The thread waits on. */
124 struct thread *uq_thread;
127 * Blocked on PI mutex. read can use chain lock
128 * or umtx_lock, write must have both chain lock and
129 * umtx_lock being hold.
131 struct umtx_pi *uq_pi_blocked;
133 /* On blocked list */
134 TAILQ_ENTRY(umtx_q) uq_lockq;
136 /* Thread contending with us */
137 TAILQ_HEAD(,umtx_pi) uq_pi_contested;
139 /* Inherited priority from PP mutex */
140 u_char uq_inherited_pri;
142 /* Spare queue ready to be reused */
143 struct umtxq_queue *uq_spare_queue;
145 /* The queue we on */
146 struct umtxq_queue *uq_cur_queue;
149 TAILQ_HEAD(umtxq_head, umtx_q);
151 /* Per-key wait-queue */
153 struct umtxq_head head;
155 LIST_ENTRY(umtxq_queue) link;
159 LIST_HEAD(umtxq_list, umtxq_queue);
161 /* Userland lock object's wait-queue chain */
163 /* Lock for this chain. */
166 /* List of sleep queues. */
167 struct umtxq_list uc_queue[2];
168 #define UMTX_SHARED_QUEUE 0
169 #define UMTX_EXCLUSIVE_QUEUE 1
171 LIST_HEAD(, umtxq_queue) uc_spare_queue;
176 /* Chain lock waiters */
179 /* All PI in the list */
180 TAILQ_HEAD(,umtx_pi) uc_pi_list;
182 #ifdef UMTX_PROFILING
188 #define UMTXQ_LOCKED_ASSERT(uc) mtx_assert(&(uc)->uc_lock, MA_OWNED)
191 * Don't propagate time-sharing priority, there is a security reason,
192 * a user can simply introduce PI-mutex, let thread A lock the mutex,
193 * and let another thread B block on the mutex, because B is
194 * sleeping, its priority will be boosted, this causes A's priority to
195 * be boosted via priority propagating too and will never be lowered even
196 * if it is using 100%CPU, this is unfair to other processes.
199 #define UPRI(td) (((td)->td_user_pri >= PRI_MIN_TIMESHARE &&\
200 (td)->td_user_pri <= PRI_MAX_TIMESHARE) ?\
201 PRI_MAX_TIMESHARE : (td)->td_user_pri)
203 #define GOLDEN_RATIO_PRIME 2654404609U
205 #define UMTX_CHAINS 512
207 #define UMTX_SHIFTS (__WORD_BIT - 9)
209 #define GET_SHARE(flags) \
210 (((flags) & USYNC_PROCESS_SHARED) == 0 ? THREAD_SHARE : PROCESS_SHARE)
212 #define BUSY_SPINS 200
216 bool is_abs_real; /* TIMER_ABSTIME && CLOCK_REALTIME* */
221 #ifdef COMPAT_FREEBSD32
223 volatile __lwpid_t m_owner; /* Owner of the mutex */
224 __uint32_t m_flags; /* Flags of the mutex */
225 __uint32_t m_ceilings[2]; /* Priority protect ceiling */
226 __uint32_t m_rb_lnk; /* Robust linkage */
228 __uint32_t m_spare[2];
231 _Static_assert(sizeof(struct umutex) == sizeof(struct umutex32), "umutex32");
232 _Static_assert(__offsetof(struct umutex, m_spare[0]) ==
233 __offsetof(struct umutex32, m_spare[0]), "m_spare32");
236 int umtx_shm_vnobj_persistent = 0;
237 SYSCTL_INT(_kern_ipc, OID_AUTO, umtx_vnode_persistent, CTLFLAG_RWTUN,
238 &umtx_shm_vnobj_persistent, 0,
239 "False forces destruction of umtx attached to file, on last close");
240 static int umtx_max_rb = 1000;
241 SYSCTL_INT(_kern_ipc, OID_AUTO, umtx_max_robust, CTLFLAG_RWTUN,
245 static uma_zone_t umtx_pi_zone;
246 static struct umtxq_chain umtxq_chains[2][UMTX_CHAINS];
247 static MALLOC_DEFINE(M_UMTX, "umtx", "UMTX queue memory");
248 static int umtx_pi_allocated;
250 static SYSCTL_NODE(_debug, OID_AUTO, umtx, CTLFLAG_RW, 0, "umtx debug");
251 SYSCTL_INT(_debug_umtx, OID_AUTO, umtx_pi_allocated, CTLFLAG_RD,
252 &umtx_pi_allocated, 0, "Allocated umtx_pi");
253 static int umtx_verbose_rb = 1;
254 SYSCTL_INT(_debug_umtx, OID_AUTO, robust_faults_verbose, CTLFLAG_RWTUN,
258 #ifdef UMTX_PROFILING
259 static long max_length;
260 SYSCTL_LONG(_debug_umtx, OID_AUTO, max_length, CTLFLAG_RD, &max_length, 0, "max_length");
261 static SYSCTL_NODE(_debug_umtx, OID_AUTO, chains, CTLFLAG_RD, 0, "umtx chain stats");
264 static void abs_timeout_update(struct abs_timeout *timo);
266 static void umtx_shm_init(void);
267 static void umtxq_sysinit(void *);
268 static void umtxq_hash(struct umtx_key *key);
269 static struct umtxq_chain *umtxq_getchain(struct umtx_key *key);
270 static void umtxq_lock(struct umtx_key *key);
271 static void umtxq_unlock(struct umtx_key *key);
272 static void umtxq_busy(struct umtx_key *key);
273 static void umtxq_unbusy(struct umtx_key *key);
274 static void umtxq_insert_queue(struct umtx_q *uq, int q);
275 static void umtxq_remove_queue(struct umtx_q *uq, int q);
276 static int umtxq_sleep(struct umtx_q *uq, const char *wmesg, struct abs_timeout *);
277 static int umtxq_count(struct umtx_key *key);
278 static struct umtx_pi *umtx_pi_alloc(int);
279 static void umtx_pi_free(struct umtx_pi *pi);
280 static int do_unlock_pp(struct thread *td, struct umutex *m, uint32_t flags,
282 static void umtx_thread_cleanup(struct thread *td);
283 static void umtx_exec_hook(void *arg __unused, struct proc *p __unused,
284 struct image_params *imgp __unused);
285 SYSINIT(umtx, SI_SUB_EVENTHANDLER+1, SI_ORDER_MIDDLE, umtxq_sysinit, NULL);
287 #define umtxq_signal(key, nwake) umtxq_signal_queue((key), (nwake), UMTX_SHARED_QUEUE)
288 #define umtxq_insert(uq) umtxq_insert_queue((uq), UMTX_SHARED_QUEUE)
289 #define umtxq_remove(uq) umtxq_remove_queue((uq), UMTX_SHARED_QUEUE)
291 static struct mtx umtx_lock;
293 #ifdef UMTX_PROFILING
295 umtx_init_profiling(void)
297 struct sysctl_oid *chain_oid;
301 for (i = 0; i < UMTX_CHAINS; ++i) {
302 snprintf(chain_name, sizeof(chain_name), "%d", i);
303 chain_oid = SYSCTL_ADD_NODE(NULL,
304 SYSCTL_STATIC_CHILDREN(_debug_umtx_chains), OID_AUTO,
305 chain_name, CTLFLAG_RD, NULL, "umtx hash stats");
306 SYSCTL_ADD_INT(NULL, SYSCTL_CHILDREN(chain_oid), OID_AUTO,
307 "max_length0", CTLFLAG_RD, &umtxq_chains[0][i].max_length, 0, NULL);
308 SYSCTL_ADD_INT(NULL, SYSCTL_CHILDREN(chain_oid), OID_AUTO,
309 "max_length1", CTLFLAG_RD, &umtxq_chains[1][i].max_length, 0, NULL);
314 sysctl_debug_umtx_chains_peaks(SYSCTL_HANDLER_ARGS)
318 struct umtxq_chain *uc;
319 u_int fract, i, j, tot, whole;
320 u_int sf0, sf1, sf2, sf3, sf4;
321 u_int si0, si1, si2, si3, si4;
322 u_int sw0, sw1, sw2, sw3, sw4;
324 sbuf_new(&sb, buf, sizeof(buf), SBUF_FIXEDLEN);
325 for (i = 0; i < 2; i++) {
327 for (j = 0; j < UMTX_CHAINS; ++j) {
328 uc = &umtxq_chains[i][j];
329 mtx_lock(&uc->uc_lock);
330 tot += uc->max_length;
331 mtx_unlock(&uc->uc_lock);
334 sbuf_printf(&sb, "%u) Empty ", i);
336 sf0 = sf1 = sf2 = sf3 = sf4 = 0;
337 si0 = si1 = si2 = si3 = si4 = 0;
338 sw0 = sw1 = sw2 = sw3 = sw4 = 0;
339 for (j = 0; j < UMTX_CHAINS; j++) {
340 uc = &umtxq_chains[i][j];
341 mtx_lock(&uc->uc_lock);
342 whole = uc->max_length * 100;
343 mtx_unlock(&uc->uc_lock);
344 fract = (whole % tot) * 100;
345 if (UPROF_PERC_BIGGER(whole, fract, sw0, sf0)) {
349 } else if (UPROF_PERC_BIGGER(whole, fract, sw1,
354 } else if (UPROF_PERC_BIGGER(whole, fract, sw2,
359 } else if (UPROF_PERC_BIGGER(whole, fract, sw3,
364 } else if (UPROF_PERC_BIGGER(whole, fract, sw4,
371 sbuf_printf(&sb, "queue %u:\n", i);
372 sbuf_printf(&sb, "1st: %u.%u%% idx: %u\n", sw0 / tot,
374 sbuf_printf(&sb, "2nd: %u.%u%% idx: %u\n", sw1 / tot,
376 sbuf_printf(&sb, "3rd: %u.%u%% idx: %u\n", sw2 / tot,
378 sbuf_printf(&sb, "4th: %u.%u%% idx: %u\n", sw3 / tot,
380 sbuf_printf(&sb, "5th: %u.%u%% idx: %u\n", sw4 / tot,
386 sysctl_handle_string(oidp, sbuf_data(&sb), sbuf_len(&sb), req);
392 sysctl_debug_umtx_chains_clear(SYSCTL_HANDLER_ARGS)
394 struct umtxq_chain *uc;
399 error = sysctl_handle_int(oidp, &clear, 0, req);
400 if (error != 0 || req->newptr == NULL)
404 for (i = 0; i < 2; ++i) {
405 for (j = 0; j < UMTX_CHAINS; ++j) {
406 uc = &umtxq_chains[i][j];
407 mtx_lock(&uc->uc_lock);
410 mtx_unlock(&uc->uc_lock);
417 SYSCTL_PROC(_debug_umtx_chains, OID_AUTO, clear,
418 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 0,
419 sysctl_debug_umtx_chains_clear, "I", "Clear umtx chains statistics");
420 SYSCTL_PROC(_debug_umtx_chains, OID_AUTO, peaks,
421 CTLTYPE_STRING | CTLFLAG_RD | CTLFLAG_MPSAFE, 0, 0,
422 sysctl_debug_umtx_chains_peaks, "A", "Highest peaks in chains max length");
426 umtxq_sysinit(void *arg __unused)
430 umtx_pi_zone = uma_zcreate("umtx pi", sizeof(struct umtx_pi),
431 NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, 0);
432 for (i = 0; i < 2; ++i) {
433 for (j = 0; j < UMTX_CHAINS; ++j) {
434 mtx_init(&umtxq_chains[i][j].uc_lock, "umtxql", NULL,
435 MTX_DEF | MTX_DUPOK);
436 LIST_INIT(&umtxq_chains[i][j].uc_queue[0]);
437 LIST_INIT(&umtxq_chains[i][j].uc_queue[1]);
438 LIST_INIT(&umtxq_chains[i][j].uc_spare_queue);
439 TAILQ_INIT(&umtxq_chains[i][j].uc_pi_list);
440 umtxq_chains[i][j].uc_busy = 0;
441 umtxq_chains[i][j].uc_waiters = 0;
442 #ifdef UMTX_PROFILING
443 umtxq_chains[i][j].length = 0;
444 umtxq_chains[i][j].max_length = 0;
448 #ifdef UMTX_PROFILING
449 umtx_init_profiling();
451 mtx_init(&umtx_lock, "umtx lock", NULL, MTX_DEF);
452 EVENTHANDLER_REGISTER(process_exec, umtx_exec_hook, NULL,
453 EVENTHANDLER_PRI_ANY);
462 uq = malloc(sizeof(struct umtx_q), M_UMTX, M_WAITOK | M_ZERO);
463 uq->uq_spare_queue = malloc(sizeof(struct umtxq_queue), M_UMTX,
465 TAILQ_INIT(&uq->uq_spare_queue->head);
466 TAILQ_INIT(&uq->uq_pi_contested);
467 uq->uq_inherited_pri = PRI_MAX;
472 umtxq_free(struct umtx_q *uq)
475 MPASS(uq->uq_spare_queue != NULL);
476 free(uq->uq_spare_queue, M_UMTX);
481 umtxq_hash(struct umtx_key *key)
485 n = (uintptr_t)key->info.both.a + key->info.both.b;
486 key->hash = ((n * GOLDEN_RATIO_PRIME) >> UMTX_SHIFTS) % UMTX_CHAINS;
489 static inline struct umtxq_chain *
490 umtxq_getchain(struct umtx_key *key)
493 if (key->type <= TYPE_SEM)
494 return (&umtxq_chains[1][key->hash]);
495 return (&umtxq_chains[0][key->hash]);
502 umtxq_lock(struct umtx_key *key)
504 struct umtxq_chain *uc;
506 uc = umtxq_getchain(key);
507 mtx_lock(&uc->uc_lock);
514 umtxq_unlock(struct umtx_key *key)
516 struct umtxq_chain *uc;
518 uc = umtxq_getchain(key);
519 mtx_unlock(&uc->uc_lock);
523 * Set chain to busy state when following operation
524 * may be blocked (kernel mutex can not be used).
527 umtxq_busy(struct umtx_key *key)
529 struct umtxq_chain *uc;
531 uc = umtxq_getchain(key);
532 mtx_assert(&uc->uc_lock, MA_OWNED);
536 int count = BUSY_SPINS;
539 while (uc->uc_busy && --count > 0)
545 while (uc->uc_busy) {
547 msleep(uc, &uc->uc_lock, 0, "umtxqb", 0);
558 umtxq_unbusy(struct umtx_key *key)
560 struct umtxq_chain *uc;
562 uc = umtxq_getchain(key);
563 mtx_assert(&uc->uc_lock, MA_OWNED);
564 KASSERT(uc->uc_busy != 0, ("not busy"));
571 umtxq_unbusy_unlocked(struct umtx_key *key)
579 static struct umtxq_queue *
580 umtxq_queue_lookup(struct umtx_key *key, int q)
582 struct umtxq_queue *uh;
583 struct umtxq_chain *uc;
585 uc = umtxq_getchain(key);
586 UMTXQ_LOCKED_ASSERT(uc);
587 LIST_FOREACH(uh, &uc->uc_queue[q], link) {
588 if (umtx_key_match(&uh->key, key))
596 umtxq_insert_queue(struct umtx_q *uq, int q)
598 struct umtxq_queue *uh;
599 struct umtxq_chain *uc;
601 uc = umtxq_getchain(&uq->uq_key);
602 UMTXQ_LOCKED_ASSERT(uc);
603 KASSERT((uq->uq_flags & UQF_UMTXQ) == 0, ("umtx_q is already on queue"));
604 uh = umtxq_queue_lookup(&uq->uq_key, q);
606 LIST_INSERT_HEAD(&uc->uc_spare_queue, uq->uq_spare_queue, link);
608 uh = uq->uq_spare_queue;
609 uh->key = uq->uq_key;
610 LIST_INSERT_HEAD(&uc->uc_queue[q], uh, link);
611 #ifdef UMTX_PROFILING
613 if (uc->length > uc->max_length) {
614 uc->max_length = uc->length;
615 if (uc->max_length > max_length)
616 max_length = uc->max_length;
620 uq->uq_spare_queue = NULL;
622 TAILQ_INSERT_TAIL(&uh->head, uq, uq_link);
624 uq->uq_flags |= UQF_UMTXQ;
625 uq->uq_cur_queue = uh;
630 umtxq_remove_queue(struct umtx_q *uq, int q)
632 struct umtxq_chain *uc;
633 struct umtxq_queue *uh;
635 uc = umtxq_getchain(&uq->uq_key);
636 UMTXQ_LOCKED_ASSERT(uc);
637 if (uq->uq_flags & UQF_UMTXQ) {
638 uh = uq->uq_cur_queue;
639 TAILQ_REMOVE(&uh->head, uq, uq_link);
641 uq->uq_flags &= ~UQF_UMTXQ;
642 if (TAILQ_EMPTY(&uh->head)) {
643 KASSERT(uh->length == 0,
644 ("inconsistent umtxq_queue length"));
645 #ifdef UMTX_PROFILING
648 LIST_REMOVE(uh, link);
650 uh = LIST_FIRST(&uc->uc_spare_queue);
651 KASSERT(uh != NULL, ("uc_spare_queue is empty"));
652 LIST_REMOVE(uh, link);
654 uq->uq_spare_queue = uh;
655 uq->uq_cur_queue = NULL;
660 * Check if there are multiple waiters
663 umtxq_count(struct umtx_key *key)
665 struct umtxq_queue *uh;
667 UMTXQ_LOCKED_ASSERT(umtxq_getchain(key));
668 uh = umtxq_queue_lookup(key, UMTX_SHARED_QUEUE);
675 * Check if there are multiple PI waiters and returns first
679 umtxq_count_pi(struct umtx_key *key, struct umtx_q **first)
681 struct umtxq_queue *uh;
684 UMTXQ_LOCKED_ASSERT(umtxq_getchain(key));
685 uh = umtxq_queue_lookup(key, UMTX_SHARED_QUEUE);
687 *first = TAILQ_FIRST(&uh->head);
694 * Check for possible stops and suspensions while executing a umtx
697 * The sleep argument controls whether the function can handle a stop
698 * request itself or it should return ERESTART and the request is
699 * proceed at the kernel/user boundary in ast.
701 * Typically, when retrying due to casueword(9) failure (rv == 1), we
702 * should handle the stop requests there, with exception of cases when
703 * the thread busied the umtx key, or when functions return
704 * immediately if umtxq_check_susp() returned non-zero. On the other
705 * hand, retrying the whole lock operation, we better not stop there
706 * but delegate the handling to ast.
708 * If the request is for thread termination P_SINGLE_EXIT, we cannot
709 * handle it at all, and simply return EINTR.
712 umtxq_check_susp(struct thread *td, bool sleep)
718 * The check for TDF_NEEDSUSPCHK is racy, but it is enough to
719 * eventually break the lockstep loop.
721 if ((td->td_flags & TDF_NEEDSUSPCHK) == 0)
726 if (P_SHOULDSTOP(p) ||
727 ((p->p_flag & P_TRACED) && (td->td_dbgflags & TDB_SUSPEND))) {
728 if (p->p_flag & P_SINGLE_EXIT)
731 error = sleep ? thread_suspend_check(0) : ERESTART;
738 * Wake up threads waiting on an userland object.
742 umtxq_signal_queue(struct umtx_key *key, int n_wake, int q)
744 struct umtxq_queue *uh;
749 UMTXQ_LOCKED_ASSERT(umtxq_getchain(key));
750 uh = umtxq_queue_lookup(key, q);
752 while ((uq = TAILQ_FIRST(&uh->head)) != NULL) {
753 umtxq_remove_queue(uq, q);
764 * Wake up specified thread.
767 umtxq_signal_thread(struct umtx_q *uq)
770 UMTXQ_LOCKED_ASSERT(umtxq_getchain(&uq->uq_key));
776 tstohz(const struct timespec *tsp)
780 TIMESPEC_TO_TIMEVAL(&tv, tsp);
785 abs_timeout_init(struct abs_timeout *timo, int clockid, int absolute,
786 const struct timespec *timeout)
789 timo->clockid = clockid;
791 timo->is_abs_real = false;
792 abs_timeout_update(timo);
793 timespecadd(&timo->cur, timeout, &timo->end);
795 timo->end = *timeout;
796 timo->is_abs_real = clockid == CLOCK_REALTIME ||
797 clockid == CLOCK_REALTIME_FAST ||
798 clockid == CLOCK_REALTIME_PRECISE;
800 * If is_abs_real, umtxq_sleep will read the clock
801 * after setting td_rtcgen; otherwise, read it here.
803 if (!timo->is_abs_real) {
804 abs_timeout_update(timo);
810 abs_timeout_init2(struct abs_timeout *timo, const struct _umtx_time *umtxtime)
813 abs_timeout_init(timo, umtxtime->_clockid,
814 (umtxtime->_flags & UMTX_ABSTIME) != 0, &umtxtime->_timeout);
818 abs_timeout_update(struct abs_timeout *timo)
821 kern_clock_gettime(curthread, timo->clockid, &timo->cur);
825 abs_timeout_gethz(struct abs_timeout *timo)
829 if (timespeccmp(&timo->end, &timo->cur, <=))
831 timespecsub(&timo->end, &timo->cur, &tts);
832 return (tstohz(&tts));
836 umtx_unlock_val(uint32_t flags, bool rb)
840 return (UMUTEX_RB_OWNERDEAD);
841 else if ((flags & UMUTEX_NONCONSISTENT) != 0)
842 return (UMUTEX_RB_NOTRECOV);
844 return (UMUTEX_UNOWNED);
849 * Put thread into sleep state, before sleeping, check if
850 * thread was removed from umtx queue.
853 umtxq_sleep(struct umtx_q *uq, const char *wmesg, struct abs_timeout *abstime)
855 struct umtxq_chain *uc;
858 if (abstime != NULL && abstime->is_abs_real) {
859 curthread->td_rtcgen = atomic_load_acq_int(&rtc_generation);
860 abs_timeout_update(abstime);
863 uc = umtxq_getchain(&uq->uq_key);
864 UMTXQ_LOCKED_ASSERT(uc);
866 if (!(uq->uq_flags & UQF_UMTXQ)) {
870 if (abstime != NULL) {
871 timo = abs_timeout_gethz(abstime);
878 error = msleep(uq, &uc->uc_lock, PCATCH | PDROP, wmesg, timo);
879 if (error == EINTR || error == ERESTART) {
880 umtxq_lock(&uq->uq_key);
883 if (abstime != NULL) {
884 if (abstime->is_abs_real)
885 curthread->td_rtcgen =
886 atomic_load_acq_int(&rtc_generation);
887 abs_timeout_update(abstime);
889 umtxq_lock(&uq->uq_key);
892 curthread->td_rtcgen = 0;
897 * Convert userspace address into unique logical address.
900 umtx_key_get(const void *addr, int type, int share, struct umtx_key *key)
902 struct thread *td = curthread;
904 vm_map_entry_t entry;
910 if (share == THREAD_SHARE) {
912 key->info.private.vs = td->td_proc->p_vmspace;
913 key->info.private.addr = (uintptr_t)addr;
915 MPASS(share == PROCESS_SHARE || share == AUTO_SHARE);
916 map = &td->td_proc->p_vmspace->vm_map;
917 if (vm_map_lookup(&map, (vm_offset_t)addr, VM_PROT_WRITE,
918 &entry, &key->info.shared.object, &pindex, &prot,
919 &wired) != KERN_SUCCESS) {
923 if ((share == PROCESS_SHARE) ||
924 (share == AUTO_SHARE &&
925 VM_INHERIT_SHARE == entry->inheritance)) {
927 key->info.shared.offset = (vm_offset_t)addr -
928 entry->start + entry->offset;
929 vm_object_reference(key->info.shared.object);
932 key->info.private.vs = td->td_proc->p_vmspace;
933 key->info.private.addr = (uintptr_t)addr;
935 vm_map_lookup_done(map, entry);
946 umtx_key_release(struct umtx_key *key)
949 vm_object_deallocate(key->info.shared.object);
953 * Fetch and compare value, sleep on the address if value is not changed.
956 do_wait(struct thread *td, void *addr, u_long id,
957 struct _umtx_time *timeout, int compat32, int is_private)
959 struct abs_timeout timo;
966 if ((error = umtx_key_get(addr, TYPE_SIMPLE_WAIT,
967 is_private ? THREAD_SHARE : AUTO_SHARE, &uq->uq_key)) != 0)
971 abs_timeout_init2(&timo, timeout);
973 umtxq_lock(&uq->uq_key);
975 umtxq_unlock(&uq->uq_key);
977 error = fueword(addr, &tmp);
981 error = fueword32(addr, &tmp32);
987 umtxq_lock(&uq->uq_key);
990 error = umtxq_sleep(uq, "uwait", timeout == NULL ?
992 if ((uq->uq_flags & UQF_UMTXQ) == 0)
996 } else if ((uq->uq_flags & UQF_UMTXQ) != 0) {
999 umtxq_unlock(&uq->uq_key);
1000 umtx_key_release(&uq->uq_key);
1001 if (error == ERESTART)
1007 * Wake up threads sleeping on the specified address.
1010 kern_umtx_wake(struct thread *td, void *uaddr, int n_wake, int is_private)
1012 struct umtx_key key;
1015 if ((ret = umtx_key_get(uaddr, TYPE_SIMPLE_WAIT,
1016 is_private ? THREAD_SHARE : AUTO_SHARE, &key)) != 0)
1019 umtxq_signal(&key, n_wake);
1021 umtx_key_release(&key);
1026 * Lock PTHREAD_PRIO_NONE protocol POSIX mutex.
1029 do_lock_normal(struct thread *td, struct umutex *m, uint32_t flags,
1030 struct _umtx_time *timeout, int mode)
1032 struct abs_timeout timo;
1034 uint32_t owner, old, id;
1040 if (timeout != NULL)
1041 abs_timeout_init2(&timo, timeout);
1044 * Care must be exercised when dealing with umtx structure. It
1045 * can fault on any access.
1048 rv = fueword32(&m->m_owner, &owner);
1051 if (mode == _UMUTEX_WAIT) {
1052 if (owner == UMUTEX_UNOWNED ||
1053 owner == UMUTEX_CONTESTED ||
1054 owner == UMUTEX_RB_OWNERDEAD ||
1055 owner == UMUTEX_RB_NOTRECOV)
1059 * Robust mutex terminated. Kernel duty is to
1060 * return EOWNERDEAD to the userspace. The
1061 * umutex.m_flags UMUTEX_NONCONSISTENT is set
1062 * by the common userspace code.
1064 if (owner == UMUTEX_RB_OWNERDEAD) {
1065 rv = casueword32(&m->m_owner,
1066 UMUTEX_RB_OWNERDEAD, &owner,
1067 id | UMUTEX_CONTESTED);
1071 MPASS(owner == UMUTEX_RB_OWNERDEAD);
1072 return (EOWNERDEAD); /* success */
1075 rv = umtxq_check_susp(td, false);
1080 if (owner == UMUTEX_RB_NOTRECOV)
1081 return (ENOTRECOVERABLE);
1084 * Try the uncontested case. This should be
1087 rv = casueword32(&m->m_owner, UMUTEX_UNOWNED,
1089 /* The address was invalid. */
1093 /* The acquire succeeded. */
1095 MPASS(owner == UMUTEX_UNOWNED);
1100 * If no one owns it but it is contested try
1104 if (owner == UMUTEX_CONTESTED) {
1105 rv = casueword32(&m->m_owner,
1106 UMUTEX_CONTESTED, &owner,
1107 id | UMUTEX_CONTESTED);
1108 /* The address was invalid. */
1112 MPASS(owner == UMUTEX_CONTESTED);
1116 rv = umtxq_check_susp(td, false);
1122 * If this failed the lock has
1128 /* rv == 1 but not contested, likely store failure */
1129 rv = umtxq_check_susp(td, false);
1134 if (mode == _UMUTEX_TRY)
1138 * If we caught a signal, we have retried and now
1144 if ((error = umtx_key_get(m, TYPE_NORMAL_UMUTEX,
1145 GET_SHARE(flags), &uq->uq_key)) != 0)
1148 umtxq_lock(&uq->uq_key);
1149 umtxq_busy(&uq->uq_key);
1151 umtxq_unlock(&uq->uq_key);
1154 * Set the contested bit so that a release in user space
1155 * knows to use the system call for unlock. If this fails
1156 * either some one else has acquired the lock or it has been
1159 rv = casueword32(&m->m_owner, owner, &old,
1160 owner | UMUTEX_CONTESTED);
1162 /* The address was invalid or casueword failed to store. */
1163 if (rv == -1 || rv == 1) {
1164 umtxq_lock(&uq->uq_key);
1166 umtxq_unbusy(&uq->uq_key);
1167 umtxq_unlock(&uq->uq_key);
1168 umtx_key_release(&uq->uq_key);
1172 rv = umtxq_check_susp(td, false);
1180 * We set the contested bit, sleep. Otherwise the lock changed
1181 * and we need to retry or we lost a race to the thread
1182 * unlocking the umtx.
1184 umtxq_lock(&uq->uq_key);
1185 umtxq_unbusy(&uq->uq_key);
1186 MPASS(old == owner);
1187 error = umtxq_sleep(uq, "umtxn", timeout == NULL ?
1190 umtxq_unlock(&uq->uq_key);
1191 umtx_key_release(&uq->uq_key);
1194 error = umtxq_check_susp(td, false);
1201 * Unlock PTHREAD_PRIO_NONE protocol POSIX mutex.
1204 do_unlock_normal(struct thread *td, struct umutex *m, uint32_t flags, bool rb)
1206 struct umtx_key key;
1207 uint32_t owner, old, id, newlock;
1214 * Make sure we own this mtx.
1216 error = fueword32(&m->m_owner, &owner);
1220 if ((owner & ~UMUTEX_CONTESTED) != id)
1223 newlock = umtx_unlock_val(flags, rb);
1224 if ((owner & UMUTEX_CONTESTED) == 0) {
1225 error = casueword32(&m->m_owner, owner, &old, newlock);
1229 error = umtxq_check_susp(td, false);
1234 MPASS(old == owner);
1238 /* We should only ever be in here for contested locks */
1239 if ((error = umtx_key_get(m, TYPE_NORMAL_UMUTEX, GET_SHARE(flags),
1245 count = umtxq_count(&key);
1249 * When unlocking the umtx, it must be marked as unowned if
1250 * there is zero or one thread only waiting for it.
1251 * Otherwise, it must be marked as contested.
1254 newlock |= UMUTEX_CONTESTED;
1255 error = casueword32(&m->m_owner, owner, &old, newlock);
1257 umtxq_signal(&key, 1);
1260 umtx_key_release(&key);
1266 error = umtxq_check_susp(td, false);
1275 * Check if the mutex is available and wake up a waiter,
1276 * only for simple mutex.
1279 do_wake_umutex(struct thread *td, struct umutex *m)
1281 struct umtx_key key;
1288 error = fueword32(&m->m_owner, &owner);
1292 if ((owner & ~UMUTEX_CONTESTED) != 0 && owner != UMUTEX_RB_OWNERDEAD &&
1293 owner != UMUTEX_RB_NOTRECOV)
1296 error = fueword32(&m->m_flags, &flags);
1300 /* We should only ever be in here for contested locks */
1301 if ((error = umtx_key_get(m, TYPE_NORMAL_UMUTEX, GET_SHARE(flags),
1307 count = umtxq_count(&key);
1310 if (count <= 1 && owner != UMUTEX_RB_OWNERDEAD &&
1311 owner != UMUTEX_RB_NOTRECOV) {
1312 error = casueword32(&m->m_owner, UMUTEX_CONTESTED, &owner,
1316 } else if (error == 1) {
1320 umtx_key_release(&key);
1321 error = umtxq_check_susp(td, false);
1329 if (error == 0 && count != 0) {
1330 MPASS((owner & ~UMUTEX_CONTESTED) == 0 ||
1331 owner == UMUTEX_RB_OWNERDEAD ||
1332 owner == UMUTEX_RB_NOTRECOV);
1333 umtxq_signal(&key, 1);
1337 umtx_key_release(&key);
1342 * Check if the mutex has waiters and tries to fix contention bit.
1345 do_wake2_umutex(struct thread *td, struct umutex *m, uint32_t flags)
1347 struct umtx_key key;
1348 uint32_t owner, old;
1353 switch (flags & (UMUTEX_PRIO_INHERIT | UMUTEX_PRIO_PROTECT |
1357 type = TYPE_NORMAL_UMUTEX;
1359 case UMUTEX_PRIO_INHERIT:
1360 type = TYPE_PI_UMUTEX;
1362 case (UMUTEX_PRIO_INHERIT | UMUTEX_ROBUST):
1363 type = TYPE_PI_ROBUST_UMUTEX;
1365 case UMUTEX_PRIO_PROTECT:
1366 type = TYPE_PP_UMUTEX;
1368 case (UMUTEX_PRIO_PROTECT | UMUTEX_ROBUST):
1369 type = TYPE_PP_ROBUST_UMUTEX;
1374 if ((error = umtx_key_get(m, type, GET_SHARE(flags), &key)) != 0)
1380 count = umtxq_count(&key);
1383 error = fueword32(&m->m_owner, &owner);
1388 * Only repair contention bit if there is a waiter, this means
1389 * the mutex is still being referenced by userland code,
1390 * otherwise don't update any memory.
1392 while (error == 0 && (owner & UMUTEX_CONTESTED) == 0 &&
1393 (count > 1 || (count == 1 && (owner & ~UMUTEX_CONTESTED) != 0))) {
1394 error = casueword32(&m->m_owner, owner, &old,
1395 owner | UMUTEX_CONTESTED);
1401 MPASS(old == owner);
1405 error = umtxq_check_susp(td, false);
1409 if (error == EFAULT) {
1410 umtxq_signal(&key, INT_MAX);
1411 } else if (count != 0 && ((owner & ~UMUTEX_CONTESTED) == 0 ||
1412 owner == UMUTEX_RB_OWNERDEAD || owner == UMUTEX_RB_NOTRECOV))
1413 umtxq_signal(&key, 1);
1416 umtx_key_release(&key);
1420 static inline struct umtx_pi *
1421 umtx_pi_alloc(int flags)
1425 pi = uma_zalloc(umtx_pi_zone, M_ZERO | flags);
1426 TAILQ_INIT(&pi->pi_blocked);
1427 atomic_add_int(&umtx_pi_allocated, 1);
1432 umtx_pi_free(struct umtx_pi *pi)
1434 uma_zfree(umtx_pi_zone, pi);
1435 atomic_add_int(&umtx_pi_allocated, -1);
1439 * Adjust the thread's position on a pi_state after its priority has been
1443 umtx_pi_adjust_thread(struct umtx_pi *pi, struct thread *td)
1445 struct umtx_q *uq, *uq1, *uq2;
1448 mtx_assert(&umtx_lock, MA_OWNED);
1455 * Check if the thread needs to be moved on the blocked chain.
1456 * It needs to be moved if either its priority is lower than
1457 * the previous thread or higher than the next thread.
1459 uq1 = TAILQ_PREV(uq, umtxq_head, uq_lockq);
1460 uq2 = TAILQ_NEXT(uq, uq_lockq);
1461 if ((uq1 != NULL && UPRI(td) < UPRI(uq1->uq_thread)) ||
1462 (uq2 != NULL && UPRI(td) > UPRI(uq2->uq_thread))) {
1464 * Remove thread from blocked chain and determine where
1465 * it should be moved to.
1467 TAILQ_REMOVE(&pi->pi_blocked, uq, uq_lockq);
1468 TAILQ_FOREACH(uq1, &pi->pi_blocked, uq_lockq) {
1469 td1 = uq1->uq_thread;
1470 MPASS(td1->td_proc->p_magic == P_MAGIC);
1471 if (UPRI(td1) > UPRI(td))
1476 TAILQ_INSERT_TAIL(&pi->pi_blocked, uq, uq_lockq);
1478 TAILQ_INSERT_BEFORE(uq1, uq, uq_lockq);
1483 static struct umtx_pi *
1484 umtx_pi_next(struct umtx_pi *pi)
1486 struct umtx_q *uq_owner;
1488 if (pi->pi_owner == NULL)
1490 uq_owner = pi->pi_owner->td_umtxq;
1491 if (uq_owner == NULL)
1493 return (uq_owner->uq_pi_blocked);
1497 * Floyd's Cycle-Finding Algorithm.
1500 umtx_pi_check_loop(struct umtx_pi *pi)
1502 struct umtx_pi *pi1; /* fast iterator */
1504 mtx_assert(&umtx_lock, MA_OWNED);
1509 pi = umtx_pi_next(pi);
1512 pi1 = umtx_pi_next(pi1);
1515 pi1 = umtx_pi_next(pi1);
1525 * Propagate priority when a thread is blocked on POSIX
1529 umtx_propagate_priority(struct thread *td)
1535 mtx_assert(&umtx_lock, MA_OWNED);
1538 pi = uq->uq_pi_blocked;
1541 if (umtx_pi_check_loop(pi))
1546 if (td == NULL || td == curthread)
1549 MPASS(td->td_proc != NULL);
1550 MPASS(td->td_proc->p_magic == P_MAGIC);
1553 if (td->td_lend_user_pri > pri)
1554 sched_lend_user_prio(td, pri);
1562 * Pick up the lock that td is blocked on.
1565 pi = uq->uq_pi_blocked;
1568 /* Resort td on the list if needed. */
1569 umtx_pi_adjust_thread(pi, td);
1574 * Unpropagate priority for a PI mutex when a thread blocked on
1575 * it is interrupted by signal or resumed by others.
1578 umtx_repropagate_priority(struct umtx_pi *pi)
1580 struct umtx_q *uq, *uq_owner;
1581 struct umtx_pi *pi2;
1584 mtx_assert(&umtx_lock, MA_OWNED);
1586 if (umtx_pi_check_loop(pi))
1588 while (pi != NULL && pi->pi_owner != NULL) {
1590 uq_owner = pi->pi_owner->td_umtxq;
1592 TAILQ_FOREACH(pi2, &uq_owner->uq_pi_contested, pi_link) {
1593 uq = TAILQ_FIRST(&pi2->pi_blocked);
1595 if (pri > UPRI(uq->uq_thread))
1596 pri = UPRI(uq->uq_thread);
1600 if (pri > uq_owner->uq_inherited_pri)
1601 pri = uq_owner->uq_inherited_pri;
1602 thread_lock(pi->pi_owner);
1603 sched_lend_user_prio(pi->pi_owner, pri);
1604 thread_unlock(pi->pi_owner);
1605 if ((pi = uq_owner->uq_pi_blocked) != NULL)
1606 umtx_pi_adjust_thread(pi, uq_owner->uq_thread);
1611 * Insert a PI mutex into owned list.
1614 umtx_pi_setowner(struct umtx_pi *pi, struct thread *owner)
1616 struct umtx_q *uq_owner;
1618 uq_owner = owner->td_umtxq;
1619 mtx_assert(&umtx_lock, MA_OWNED);
1620 MPASS(pi->pi_owner == NULL);
1621 pi->pi_owner = owner;
1622 TAILQ_INSERT_TAIL(&uq_owner->uq_pi_contested, pi, pi_link);
1627 * Disown a PI mutex, and remove it from the owned list.
1630 umtx_pi_disown(struct umtx_pi *pi)
1633 mtx_assert(&umtx_lock, MA_OWNED);
1634 TAILQ_REMOVE(&pi->pi_owner->td_umtxq->uq_pi_contested, pi, pi_link);
1635 pi->pi_owner = NULL;
1639 * Claim ownership of a PI mutex.
1642 umtx_pi_claim(struct umtx_pi *pi, struct thread *owner)
1647 mtx_lock(&umtx_lock);
1648 if (pi->pi_owner == owner) {
1649 mtx_unlock(&umtx_lock);
1653 if (pi->pi_owner != NULL) {
1655 * userland may have already messed the mutex, sigh.
1657 mtx_unlock(&umtx_lock);
1660 umtx_pi_setowner(pi, owner);
1661 uq = TAILQ_FIRST(&pi->pi_blocked);
1663 pri = UPRI(uq->uq_thread);
1665 if (pri < UPRI(owner))
1666 sched_lend_user_prio(owner, pri);
1667 thread_unlock(owner);
1669 mtx_unlock(&umtx_lock);
1674 * Adjust a thread's order position in its blocked PI mutex,
1675 * this may result new priority propagating process.
1678 umtx_pi_adjust(struct thread *td, u_char oldpri)
1684 mtx_lock(&umtx_lock);
1686 * Pick up the lock that td is blocked on.
1688 pi = uq->uq_pi_blocked;
1690 umtx_pi_adjust_thread(pi, td);
1691 umtx_repropagate_priority(pi);
1693 mtx_unlock(&umtx_lock);
1697 * Sleep on a PI mutex.
1700 umtxq_sleep_pi(struct umtx_q *uq, struct umtx_pi *pi, uint32_t owner,
1701 const char *wmesg, struct abs_timeout *timo, bool shared)
1703 struct thread *td, *td1;
1707 struct umtxq_chain *uc;
1709 uc = umtxq_getchain(&pi->pi_key);
1713 KASSERT(td == curthread, ("inconsistent uq_thread"));
1714 UMTXQ_LOCKED_ASSERT(umtxq_getchain(&uq->uq_key));
1715 KASSERT(uc->uc_busy != 0, ("umtx chain is not busy"));
1717 mtx_lock(&umtx_lock);
1718 if (pi->pi_owner == NULL) {
1719 mtx_unlock(&umtx_lock);
1720 td1 = tdfind(owner, shared ? -1 : td->td_proc->p_pid);
1721 mtx_lock(&umtx_lock);
1723 if (pi->pi_owner == NULL)
1724 umtx_pi_setowner(pi, td1);
1725 PROC_UNLOCK(td1->td_proc);
1729 TAILQ_FOREACH(uq1, &pi->pi_blocked, uq_lockq) {
1730 pri = UPRI(uq1->uq_thread);
1736 TAILQ_INSERT_BEFORE(uq1, uq, uq_lockq);
1738 TAILQ_INSERT_TAIL(&pi->pi_blocked, uq, uq_lockq);
1740 uq->uq_pi_blocked = pi;
1742 td->td_flags |= TDF_UPIBLOCKED;
1744 umtx_propagate_priority(td);
1745 mtx_unlock(&umtx_lock);
1746 umtxq_unbusy(&uq->uq_key);
1748 error = umtxq_sleep(uq, wmesg, timo);
1751 mtx_lock(&umtx_lock);
1752 uq->uq_pi_blocked = NULL;
1754 td->td_flags &= ~TDF_UPIBLOCKED;
1756 TAILQ_REMOVE(&pi->pi_blocked, uq, uq_lockq);
1757 umtx_repropagate_priority(pi);
1758 mtx_unlock(&umtx_lock);
1759 umtxq_unlock(&uq->uq_key);
1765 * Add reference count for a PI mutex.
1768 umtx_pi_ref(struct umtx_pi *pi)
1771 UMTXQ_LOCKED_ASSERT(umtxq_getchain(&pi->pi_key));
1776 * Decrease reference count for a PI mutex, if the counter
1777 * is decreased to zero, its memory space is freed.
1780 umtx_pi_unref(struct umtx_pi *pi)
1782 struct umtxq_chain *uc;
1784 uc = umtxq_getchain(&pi->pi_key);
1785 UMTXQ_LOCKED_ASSERT(uc);
1786 KASSERT(pi->pi_refcount > 0, ("invalid reference count"));
1787 if (--pi->pi_refcount == 0) {
1788 mtx_lock(&umtx_lock);
1789 if (pi->pi_owner != NULL)
1791 KASSERT(TAILQ_EMPTY(&pi->pi_blocked),
1792 ("blocked queue not empty"));
1793 mtx_unlock(&umtx_lock);
1794 TAILQ_REMOVE(&uc->uc_pi_list, pi, pi_hashlink);
1800 * Find a PI mutex in hash table.
1802 static struct umtx_pi *
1803 umtx_pi_lookup(struct umtx_key *key)
1805 struct umtxq_chain *uc;
1808 uc = umtxq_getchain(key);
1809 UMTXQ_LOCKED_ASSERT(uc);
1811 TAILQ_FOREACH(pi, &uc->uc_pi_list, pi_hashlink) {
1812 if (umtx_key_match(&pi->pi_key, key)) {
1820 * Insert a PI mutex into hash table.
1823 umtx_pi_insert(struct umtx_pi *pi)
1825 struct umtxq_chain *uc;
1827 uc = umtxq_getchain(&pi->pi_key);
1828 UMTXQ_LOCKED_ASSERT(uc);
1829 TAILQ_INSERT_TAIL(&uc->uc_pi_list, pi, pi_hashlink);
1836 do_lock_pi(struct thread *td, struct umutex *m, uint32_t flags,
1837 struct _umtx_time *timeout, int try)
1839 struct abs_timeout timo;
1841 struct umtx_pi *pi, *new_pi;
1842 uint32_t id, old_owner, owner, old;
1848 if ((error = umtx_key_get(m, (flags & UMUTEX_ROBUST) != 0 ?
1849 TYPE_PI_ROBUST_UMUTEX : TYPE_PI_UMUTEX, GET_SHARE(flags),
1853 if (timeout != NULL)
1854 abs_timeout_init2(&timo, timeout);
1856 umtxq_lock(&uq->uq_key);
1857 pi = umtx_pi_lookup(&uq->uq_key);
1859 new_pi = umtx_pi_alloc(M_NOWAIT);
1860 if (new_pi == NULL) {
1861 umtxq_unlock(&uq->uq_key);
1862 new_pi = umtx_pi_alloc(M_WAITOK);
1863 umtxq_lock(&uq->uq_key);
1864 pi = umtx_pi_lookup(&uq->uq_key);
1866 umtx_pi_free(new_pi);
1870 if (new_pi != NULL) {
1871 new_pi->pi_key = uq->uq_key;
1872 umtx_pi_insert(new_pi);
1877 umtxq_unlock(&uq->uq_key);
1880 * Care must be exercised when dealing with umtx structure. It
1881 * can fault on any access.
1885 * Try the uncontested case. This should be done in userland.
1887 rv = casueword32(&m->m_owner, UMUTEX_UNOWNED, &owner, id);
1888 /* The address was invalid. */
1893 /* The acquire succeeded. */
1895 MPASS(owner == UMUTEX_UNOWNED);
1900 if (owner == UMUTEX_RB_NOTRECOV) {
1901 error = ENOTRECOVERABLE;
1906 * Avoid overwriting a possible error from sleep due
1907 * to the pending signal with suspension check result.
1910 error = umtxq_check_susp(td, true);
1915 /* If no one owns it but it is contested try to acquire it. */
1916 if (owner == UMUTEX_CONTESTED || owner == UMUTEX_RB_OWNERDEAD) {
1918 rv = casueword32(&m->m_owner, owner, &owner,
1919 id | UMUTEX_CONTESTED);
1920 /* The address was invalid. */
1927 error = umtxq_check_susp(td, true);
1933 * If this failed the lock could
1940 MPASS(owner == old_owner);
1941 umtxq_lock(&uq->uq_key);
1942 umtxq_busy(&uq->uq_key);
1943 error = umtx_pi_claim(pi, td);
1944 umtxq_unbusy(&uq->uq_key);
1945 umtxq_unlock(&uq->uq_key);
1948 * Since we're going to return an
1949 * error, restore the m_owner to its
1950 * previous, unowned state to avoid
1951 * compounding the problem.
1953 (void)casuword32(&m->m_owner,
1954 id | UMUTEX_CONTESTED, old_owner);
1956 if (error == 0 && old_owner == UMUTEX_RB_OWNERDEAD)
1961 if ((owner & ~UMUTEX_CONTESTED) == id) {
1972 * If we caught a signal, we have retried and now
1978 umtxq_lock(&uq->uq_key);
1979 umtxq_busy(&uq->uq_key);
1980 umtxq_unlock(&uq->uq_key);
1983 * Set the contested bit so that a release in user space
1984 * knows to use the system call for unlock. If this fails
1985 * either some one else has acquired the lock or it has been
1988 rv = casueword32(&m->m_owner, owner, &old, owner |
1991 /* The address was invalid. */
1993 umtxq_unbusy_unlocked(&uq->uq_key);
1998 umtxq_unbusy_unlocked(&uq->uq_key);
1999 error = umtxq_check_susp(td, true);
2004 * The lock changed and we need to retry or we
2005 * lost a race to the thread unlocking the
2006 * umtx. Note that the UMUTEX_RB_OWNERDEAD
2007 * value for owner is impossible there.
2012 umtxq_lock(&uq->uq_key);
2014 /* We set the contested bit, sleep. */
2015 MPASS(old == owner);
2016 error = umtxq_sleep_pi(uq, pi, owner & ~UMUTEX_CONTESTED,
2017 "umtxpi", timeout == NULL ? NULL : &timo,
2018 (flags & USYNC_PROCESS_SHARED) != 0);
2022 error = umtxq_check_susp(td, false);
2027 umtxq_lock(&uq->uq_key);
2029 umtxq_unlock(&uq->uq_key);
2031 umtx_key_release(&uq->uq_key);
2036 * Unlock a PI mutex.
2039 do_unlock_pi(struct thread *td, struct umutex *m, uint32_t flags, bool rb)
2041 struct umtx_key key;
2042 struct umtx_q *uq_first, *uq_first2, *uq_me;
2043 struct umtx_pi *pi, *pi2;
2044 uint32_t id, new_owner, old, owner;
2045 int count, error, pri;
2051 * Make sure we own this mtx.
2053 error = fueword32(&m->m_owner, &owner);
2057 if ((owner & ~UMUTEX_CONTESTED) != id)
2060 new_owner = umtx_unlock_val(flags, rb);
2062 /* This should be done in userland */
2063 if ((owner & UMUTEX_CONTESTED) == 0) {
2064 error = casueword32(&m->m_owner, owner, &old, new_owner);
2068 error = umtxq_check_susp(td, true);
2078 /* We should only ever be in here for contested locks */
2079 if ((error = umtx_key_get(m, (flags & UMUTEX_ROBUST) != 0 ?
2080 TYPE_PI_ROBUST_UMUTEX : TYPE_PI_UMUTEX, GET_SHARE(flags),
2086 count = umtxq_count_pi(&key, &uq_first);
2087 if (uq_first != NULL) {
2088 mtx_lock(&umtx_lock);
2089 pi = uq_first->uq_pi_blocked;
2090 KASSERT(pi != NULL, ("pi == NULL?"));
2091 if (pi->pi_owner != td && !(rb && pi->pi_owner == NULL)) {
2092 mtx_unlock(&umtx_lock);
2095 umtx_key_release(&key);
2096 /* userland messed the mutex */
2099 uq_me = td->td_umtxq;
2100 if (pi->pi_owner == td)
2102 /* get highest priority thread which is still sleeping. */
2103 uq_first = TAILQ_FIRST(&pi->pi_blocked);
2104 while (uq_first != NULL &&
2105 (uq_first->uq_flags & UQF_UMTXQ) == 0) {
2106 uq_first = TAILQ_NEXT(uq_first, uq_lockq);
2109 TAILQ_FOREACH(pi2, &uq_me->uq_pi_contested, pi_link) {
2110 uq_first2 = TAILQ_FIRST(&pi2->pi_blocked);
2111 if (uq_first2 != NULL) {
2112 if (pri > UPRI(uq_first2->uq_thread))
2113 pri = UPRI(uq_first2->uq_thread);
2117 sched_lend_user_prio(td, pri);
2119 mtx_unlock(&umtx_lock);
2121 umtxq_signal_thread(uq_first);
2123 pi = umtx_pi_lookup(&key);
2125 * A umtx_pi can exist if a signal or timeout removed the
2126 * last waiter from the umtxq, but there is still
2127 * a thread in do_lock_pi() holding the umtx_pi.
2131 * The umtx_pi can be unowned, such as when a thread
2132 * has just entered do_lock_pi(), allocated the
2133 * umtx_pi, and unlocked the umtxq.
2134 * If the current thread owns it, it must disown it.
2136 mtx_lock(&umtx_lock);
2137 if (pi->pi_owner == td)
2139 mtx_unlock(&umtx_lock);
2145 * When unlocking the umtx, it must be marked as unowned if
2146 * there is zero or one thread only waiting for it.
2147 * Otherwise, it must be marked as contested.
2151 new_owner |= UMUTEX_CONTESTED;
2153 error = casueword32(&m->m_owner, owner, &old, new_owner);
2155 error = umtxq_check_susp(td, false);
2159 umtxq_unbusy_unlocked(&key);
2160 umtx_key_release(&key);
2163 if (error == 0 && old != owner)
2172 do_lock_pp(struct thread *td, struct umutex *m, uint32_t flags,
2173 struct _umtx_time *timeout, int try)
2175 struct abs_timeout timo;
2176 struct umtx_q *uq, *uq2;
2180 int error, pri, old_inherited_pri, su, rv;
2184 if ((error = umtx_key_get(m, (flags & UMUTEX_ROBUST) != 0 ?
2185 TYPE_PP_ROBUST_UMUTEX : TYPE_PP_UMUTEX, GET_SHARE(flags),
2189 if (timeout != NULL)
2190 abs_timeout_init2(&timo, timeout);
2192 su = (priv_check(td, PRIV_SCHED_RTPRIO) == 0);
2194 old_inherited_pri = uq->uq_inherited_pri;
2195 umtxq_lock(&uq->uq_key);
2196 umtxq_busy(&uq->uq_key);
2197 umtxq_unlock(&uq->uq_key);
2199 rv = fueword32(&m->m_ceilings[0], &ceiling);
2204 ceiling = RTP_PRIO_MAX - ceiling;
2205 if (ceiling > RTP_PRIO_MAX) {
2210 mtx_lock(&umtx_lock);
2211 if (UPRI(td) < PRI_MIN_REALTIME + ceiling) {
2212 mtx_unlock(&umtx_lock);
2216 if (su && PRI_MIN_REALTIME + ceiling < uq->uq_inherited_pri) {
2217 uq->uq_inherited_pri = PRI_MIN_REALTIME + ceiling;
2219 if (uq->uq_inherited_pri < UPRI(td))
2220 sched_lend_user_prio(td, uq->uq_inherited_pri);
2223 mtx_unlock(&umtx_lock);
2225 rv = casueword32(&m->m_owner, UMUTEX_CONTESTED, &owner,
2226 id | UMUTEX_CONTESTED);
2227 /* The address was invalid. */
2233 MPASS(owner == UMUTEX_CONTESTED);
2238 if (owner == UMUTEX_RB_OWNERDEAD) {
2239 rv = casueword32(&m->m_owner, UMUTEX_RB_OWNERDEAD,
2240 &owner, id | UMUTEX_CONTESTED);
2246 MPASS(owner == UMUTEX_RB_OWNERDEAD);
2247 error = EOWNERDEAD; /* success */
2252 * rv == 1, only check for suspension if we
2253 * did not already catched a signal. If we
2254 * get an error from the check, the same
2255 * condition is checked by the umtxq_sleep()
2256 * call below, so we should obliterate the
2257 * error to not skip the last loop iteration.
2260 error = umtxq_check_susp(td, false);
2269 } else if (owner == UMUTEX_RB_NOTRECOV) {
2270 error = ENOTRECOVERABLE;
2277 * If we caught a signal, we have retried and now
2283 umtxq_lock(&uq->uq_key);
2285 umtxq_unbusy(&uq->uq_key);
2286 error = umtxq_sleep(uq, "umtxpp", timeout == NULL ?
2289 umtxq_unlock(&uq->uq_key);
2291 mtx_lock(&umtx_lock);
2292 uq->uq_inherited_pri = old_inherited_pri;
2294 TAILQ_FOREACH(pi, &uq->uq_pi_contested, pi_link) {
2295 uq2 = TAILQ_FIRST(&pi->pi_blocked);
2297 if (pri > UPRI(uq2->uq_thread))
2298 pri = UPRI(uq2->uq_thread);
2301 if (pri > uq->uq_inherited_pri)
2302 pri = uq->uq_inherited_pri;
2304 sched_lend_user_prio(td, pri);
2306 mtx_unlock(&umtx_lock);
2309 if (error != 0 && error != EOWNERDEAD) {
2310 mtx_lock(&umtx_lock);
2311 uq->uq_inherited_pri = old_inherited_pri;
2313 TAILQ_FOREACH(pi, &uq->uq_pi_contested, pi_link) {
2314 uq2 = TAILQ_FIRST(&pi->pi_blocked);
2316 if (pri > UPRI(uq2->uq_thread))
2317 pri = UPRI(uq2->uq_thread);
2320 if (pri > uq->uq_inherited_pri)
2321 pri = uq->uq_inherited_pri;
2323 sched_lend_user_prio(td, pri);
2325 mtx_unlock(&umtx_lock);
2329 umtxq_unbusy_unlocked(&uq->uq_key);
2330 umtx_key_release(&uq->uq_key);
2335 * Unlock a PP mutex.
2338 do_unlock_pp(struct thread *td, struct umutex *m, uint32_t flags, bool rb)
2340 struct umtx_key key;
2341 struct umtx_q *uq, *uq2;
2343 uint32_t id, owner, rceiling;
2344 int error, pri, new_inherited_pri, su;
2348 su = (priv_check(td, PRIV_SCHED_RTPRIO) == 0);
2351 * Make sure we own this mtx.
2353 error = fueword32(&m->m_owner, &owner);
2357 if ((owner & ~UMUTEX_CONTESTED) != id)
2360 error = copyin(&m->m_ceilings[1], &rceiling, sizeof(uint32_t));
2365 new_inherited_pri = PRI_MAX;
2367 rceiling = RTP_PRIO_MAX - rceiling;
2368 if (rceiling > RTP_PRIO_MAX)
2370 new_inherited_pri = PRI_MIN_REALTIME + rceiling;
2373 if ((error = umtx_key_get(m, (flags & UMUTEX_ROBUST) != 0 ?
2374 TYPE_PP_ROBUST_UMUTEX : TYPE_PP_UMUTEX, GET_SHARE(flags),
2381 * For priority protected mutex, always set unlocked state
2382 * to UMUTEX_CONTESTED, so that userland always enters kernel
2383 * to lock the mutex, it is necessary because thread priority
2384 * has to be adjusted for such mutex.
2386 error = suword32(&m->m_owner, umtx_unlock_val(flags, rb) |
2391 umtxq_signal(&key, 1);
2398 mtx_lock(&umtx_lock);
2400 uq->uq_inherited_pri = new_inherited_pri;
2402 TAILQ_FOREACH(pi, &uq->uq_pi_contested, pi_link) {
2403 uq2 = TAILQ_FIRST(&pi->pi_blocked);
2405 if (pri > UPRI(uq2->uq_thread))
2406 pri = UPRI(uq2->uq_thread);
2409 if (pri > uq->uq_inherited_pri)
2410 pri = uq->uq_inherited_pri;
2412 sched_lend_user_prio(td, pri);
2414 mtx_unlock(&umtx_lock);
2416 umtx_key_release(&key);
2421 do_set_ceiling(struct thread *td, struct umutex *m, uint32_t ceiling,
2422 uint32_t *old_ceiling)
2425 uint32_t flags, id, owner, save_ceiling;
2428 error = fueword32(&m->m_flags, &flags);
2431 if ((flags & UMUTEX_PRIO_PROTECT) == 0)
2433 if (ceiling > RTP_PRIO_MAX)
2437 if ((error = umtx_key_get(m, (flags & UMUTEX_ROBUST) != 0 ?
2438 TYPE_PP_ROBUST_UMUTEX : TYPE_PP_UMUTEX, GET_SHARE(flags),
2442 umtxq_lock(&uq->uq_key);
2443 umtxq_busy(&uq->uq_key);
2444 umtxq_unlock(&uq->uq_key);
2446 rv = fueword32(&m->m_ceilings[0], &save_ceiling);
2452 rv = casueword32(&m->m_owner, UMUTEX_CONTESTED, &owner,
2453 id | UMUTEX_CONTESTED);
2460 MPASS(owner == UMUTEX_CONTESTED);
2461 rv = suword32(&m->m_ceilings[0], ceiling);
2462 rv1 = suword32(&m->m_owner, UMUTEX_CONTESTED);
2463 error = (rv == 0 && rv1 == 0) ? 0: EFAULT;
2467 if ((owner & ~UMUTEX_CONTESTED) == id) {
2468 rv = suword32(&m->m_ceilings[0], ceiling);
2469 error = rv == 0 ? 0 : EFAULT;
2473 if (owner == UMUTEX_RB_OWNERDEAD) {
2476 } else if (owner == UMUTEX_RB_NOTRECOV) {
2477 error = ENOTRECOVERABLE;
2482 * If we caught a signal, we have retried and now
2489 * We set the contested bit, sleep. Otherwise the lock changed
2490 * and we need to retry or we lost a race to the thread
2491 * unlocking the umtx.
2493 umtxq_lock(&uq->uq_key);
2495 umtxq_unbusy(&uq->uq_key);
2496 error = umtxq_sleep(uq, "umtxpp", NULL);
2498 umtxq_unlock(&uq->uq_key);
2500 umtxq_lock(&uq->uq_key);
2502 umtxq_signal(&uq->uq_key, INT_MAX);
2503 umtxq_unbusy(&uq->uq_key);
2504 umtxq_unlock(&uq->uq_key);
2505 umtx_key_release(&uq->uq_key);
2506 if (error == 0 && old_ceiling != NULL) {
2507 rv = suword32(old_ceiling, save_ceiling);
2508 error = rv == 0 ? 0 : EFAULT;
2514 * Lock a userland POSIX mutex.
2517 do_lock_umutex(struct thread *td, struct umutex *m,
2518 struct _umtx_time *timeout, int mode)
2523 error = fueword32(&m->m_flags, &flags);
2527 switch (flags & (UMUTEX_PRIO_INHERIT | UMUTEX_PRIO_PROTECT)) {
2529 error = do_lock_normal(td, m, flags, timeout, mode);
2531 case UMUTEX_PRIO_INHERIT:
2532 error = do_lock_pi(td, m, flags, timeout, mode);
2534 case UMUTEX_PRIO_PROTECT:
2535 error = do_lock_pp(td, m, flags, timeout, mode);
2540 if (timeout == NULL) {
2541 if (error == EINTR && mode != _UMUTEX_WAIT)
2544 /* Timed-locking is not restarted. */
2545 if (error == ERESTART)
2552 * Unlock a userland POSIX mutex.
2555 do_unlock_umutex(struct thread *td, struct umutex *m, bool rb)
2560 error = fueword32(&m->m_flags, &flags);
2564 switch (flags & (UMUTEX_PRIO_INHERIT | UMUTEX_PRIO_PROTECT)) {
2566 return (do_unlock_normal(td, m, flags, rb));
2567 case UMUTEX_PRIO_INHERIT:
2568 return (do_unlock_pi(td, m, flags, rb));
2569 case UMUTEX_PRIO_PROTECT:
2570 return (do_unlock_pp(td, m, flags, rb));
2577 do_cv_wait(struct thread *td, struct ucond *cv, struct umutex *m,
2578 struct timespec *timeout, u_long wflags)
2580 struct abs_timeout timo;
2582 uint32_t flags, clockid, hasw;
2586 error = fueword32(&cv->c_flags, &flags);
2589 error = umtx_key_get(cv, TYPE_CV, GET_SHARE(flags), &uq->uq_key);
2593 if ((wflags & CVWAIT_CLOCKID) != 0) {
2594 error = fueword32(&cv->c_clockid, &clockid);
2596 umtx_key_release(&uq->uq_key);
2599 if (clockid < CLOCK_REALTIME ||
2600 clockid >= CLOCK_THREAD_CPUTIME_ID) {
2601 /* hmm, only HW clock id will work. */
2602 umtx_key_release(&uq->uq_key);
2606 clockid = CLOCK_REALTIME;
2609 umtxq_lock(&uq->uq_key);
2610 umtxq_busy(&uq->uq_key);
2612 umtxq_unlock(&uq->uq_key);
2615 * Set c_has_waiters to 1 before releasing user mutex, also
2616 * don't modify cache line when unnecessary.
2618 error = fueword32(&cv->c_has_waiters, &hasw);
2619 if (error == 0 && hasw == 0)
2620 suword32(&cv->c_has_waiters, 1);
2622 umtxq_unbusy_unlocked(&uq->uq_key);
2624 error = do_unlock_umutex(td, m, false);
2626 if (timeout != NULL)
2627 abs_timeout_init(&timo, clockid, (wflags & CVWAIT_ABSTIME) != 0,
2630 umtxq_lock(&uq->uq_key);
2632 error = umtxq_sleep(uq, "ucond", timeout == NULL ?
2636 if ((uq->uq_flags & UQF_UMTXQ) == 0)
2640 * This must be timeout,interrupted by signal or
2641 * surprious wakeup, clear c_has_waiter flag when
2644 umtxq_busy(&uq->uq_key);
2645 if ((uq->uq_flags & UQF_UMTXQ) != 0) {
2646 int oldlen = uq->uq_cur_queue->length;
2649 umtxq_unlock(&uq->uq_key);
2650 suword32(&cv->c_has_waiters, 0);
2651 umtxq_lock(&uq->uq_key);
2654 umtxq_unbusy(&uq->uq_key);
2655 if (error == ERESTART)
2659 umtxq_unlock(&uq->uq_key);
2660 umtx_key_release(&uq->uq_key);
2665 * Signal a userland condition variable.
2668 do_cv_signal(struct thread *td, struct ucond *cv)
2670 struct umtx_key key;
2671 int error, cnt, nwake;
2674 error = fueword32(&cv->c_flags, &flags);
2677 if ((error = umtx_key_get(cv, TYPE_CV, GET_SHARE(flags), &key)) != 0)
2681 cnt = umtxq_count(&key);
2682 nwake = umtxq_signal(&key, 1);
2685 error = suword32(&cv->c_has_waiters, 0);
2692 umtx_key_release(&key);
2697 do_cv_broadcast(struct thread *td, struct ucond *cv)
2699 struct umtx_key key;
2703 error = fueword32(&cv->c_flags, &flags);
2706 if ((error = umtx_key_get(cv, TYPE_CV, GET_SHARE(flags), &key)) != 0)
2711 umtxq_signal(&key, INT_MAX);
2714 error = suword32(&cv->c_has_waiters, 0);
2718 umtxq_unbusy_unlocked(&key);
2720 umtx_key_release(&key);
2725 do_rw_rdlock(struct thread *td, struct urwlock *rwlock, long fflag,
2726 struct _umtx_time *timeout)
2728 struct abs_timeout timo;
2730 uint32_t flags, wrflags;
2731 int32_t state, oldstate;
2732 int32_t blocked_readers;
2733 int error, error1, rv;
2736 error = fueword32(&rwlock->rw_flags, &flags);
2739 error = umtx_key_get(rwlock, TYPE_RWLOCK, GET_SHARE(flags), &uq->uq_key);
2743 if (timeout != NULL)
2744 abs_timeout_init2(&timo, timeout);
2746 wrflags = URWLOCK_WRITE_OWNER;
2747 if (!(fflag & URWLOCK_PREFER_READER) && !(flags & URWLOCK_PREFER_READER))
2748 wrflags |= URWLOCK_WRITE_WAITERS;
2751 rv = fueword32(&rwlock->rw_state, &state);
2753 umtx_key_release(&uq->uq_key);
2757 /* try to lock it */
2758 while (!(state & wrflags)) {
2759 if (__predict_false(URWLOCK_READER_COUNT(state) ==
2760 URWLOCK_MAX_READERS)) {
2761 umtx_key_release(&uq->uq_key);
2764 rv = casueword32(&rwlock->rw_state, state,
2765 &oldstate, state + 1);
2767 umtx_key_release(&uq->uq_key);
2771 MPASS(oldstate == state);
2772 umtx_key_release(&uq->uq_key);
2775 error = umtxq_check_susp(td, true);
2784 /* grab monitor lock */
2785 umtxq_lock(&uq->uq_key);
2786 umtxq_busy(&uq->uq_key);
2787 umtxq_unlock(&uq->uq_key);
2790 * re-read the state, in case it changed between the try-lock above
2791 * and the check below
2793 rv = fueword32(&rwlock->rw_state, &state);
2797 /* set read contention bit */
2798 while (error == 0 && (state & wrflags) &&
2799 !(state & URWLOCK_READ_WAITERS)) {
2800 rv = casueword32(&rwlock->rw_state, state,
2801 &oldstate, state | URWLOCK_READ_WAITERS);
2807 MPASS(oldstate == state);
2811 error = umtxq_check_susp(td, false);
2816 umtxq_unbusy_unlocked(&uq->uq_key);
2820 /* state is changed while setting flags, restart */
2821 if (!(state & wrflags)) {
2822 umtxq_unbusy_unlocked(&uq->uq_key);
2823 error = umtxq_check_susp(td, true);
2831 * Contention bit is set, before sleeping, increase
2832 * read waiter count.
2834 rv = fueword32(&rwlock->rw_blocked_readers,
2837 umtxq_unbusy_unlocked(&uq->uq_key);
2841 suword32(&rwlock->rw_blocked_readers, blocked_readers+1);
2843 while (state & wrflags) {
2844 umtxq_lock(&uq->uq_key);
2846 umtxq_unbusy(&uq->uq_key);
2848 error = umtxq_sleep(uq, "urdlck", timeout == NULL ?
2851 umtxq_busy(&uq->uq_key);
2853 umtxq_unlock(&uq->uq_key);
2856 rv = fueword32(&rwlock->rw_state, &state);
2863 /* decrease read waiter count, and may clear read contention bit */
2864 rv = fueword32(&rwlock->rw_blocked_readers,
2867 umtxq_unbusy_unlocked(&uq->uq_key);
2871 suword32(&rwlock->rw_blocked_readers, blocked_readers-1);
2872 if (blocked_readers == 1) {
2873 rv = fueword32(&rwlock->rw_state, &state);
2875 umtxq_unbusy_unlocked(&uq->uq_key);
2880 rv = casueword32(&rwlock->rw_state, state,
2881 &oldstate, state & ~URWLOCK_READ_WAITERS);
2887 MPASS(oldstate == state);
2891 error1 = umtxq_check_susp(td, false);
2900 umtxq_unbusy_unlocked(&uq->uq_key);
2904 umtx_key_release(&uq->uq_key);
2905 if (error == ERESTART)
2911 do_rw_wrlock(struct thread *td, struct urwlock *rwlock, struct _umtx_time *timeout)
2913 struct abs_timeout timo;
2916 int32_t state, oldstate;
2917 int32_t blocked_writers;
2918 int32_t blocked_readers;
2919 int error, error1, rv;
2922 error = fueword32(&rwlock->rw_flags, &flags);
2925 error = umtx_key_get(rwlock, TYPE_RWLOCK, GET_SHARE(flags), &uq->uq_key);
2929 if (timeout != NULL)
2930 abs_timeout_init2(&timo, timeout);
2932 blocked_readers = 0;
2934 rv = fueword32(&rwlock->rw_state, &state);
2936 umtx_key_release(&uq->uq_key);
2939 while ((state & URWLOCK_WRITE_OWNER) == 0 &&
2940 URWLOCK_READER_COUNT(state) == 0) {
2941 rv = casueword32(&rwlock->rw_state, state,
2942 &oldstate, state | URWLOCK_WRITE_OWNER);
2944 umtx_key_release(&uq->uq_key);
2948 MPASS(oldstate == state);
2949 umtx_key_release(&uq->uq_key);
2953 error = umtxq_check_susp(td, true);
2959 if ((state & (URWLOCK_WRITE_OWNER |
2960 URWLOCK_WRITE_WAITERS)) == 0 &&
2961 blocked_readers != 0) {
2962 umtxq_lock(&uq->uq_key);
2963 umtxq_busy(&uq->uq_key);
2964 umtxq_signal_queue(&uq->uq_key, INT_MAX,
2966 umtxq_unbusy(&uq->uq_key);
2967 umtxq_unlock(&uq->uq_key);
2973 /* grab monitor lock */
2974 umtxq_lock(&uq->uq_key);
2975 umtxq_busy(&uq->uq_key);
2976 umtxq_unlock(&uq->uq_key);
2979 * Re-read the state, in case it changed between the
2980 * try-lock above and the check below.
2982 rv = fueword32(&rwlock->rw_state, &state);
2986 while (error == 0 && ((state & URWLOCK_WRITE_OWNER) ||
2987 URWLOCK_READER_COUNT(state) != 0) &&
2988 (state & URWLOCK_WRITE_WAITERS) == 0) {
2989 rv = casueword32(&rwlock->rw_state, state,
2990 &oldstate, state | URWLOCK_WRITE_WAITERS);
2996 MPASS(oldstate == state);
3000 error = umtxq_check_susp(td, false);
3005 umtxq_unbusy_unlocked(&uq->uq_key);
3009 if ((state & URWLOCK_WRITE_OWNER) == 0 &&
3010 URWLOCK_READER_COUNT(state) == 0) {
3011 umtxq_unbusy_unlocked(&uq->uq_key);
3012 error = umtxq_check_susp(td, false);
3018 rv = fueword32(&rwlock->rw_blocked_writers,
3021 umtxq_unbusy_unlocked(&uq->uq_key);
3025 suword32(&rwlock->rw_blocked_writers, blocked_writers + 1);
3027 while ((state & URWLOCK_WRITE_OWNER) ||
3028 URWLOCK_READER_COUNT(state) != 0) {
3029 umtxq_lock(&uq->uq_key);
3030 umtxq_insert_queue(uq, UMTX_EXCLUSIVE_QUEUE);
3031 umtxq_unbusy(&uq->uq_key);
3033 error = umtxq_sleep(uq, "uwrlck", timeout == NULL ?
3036 umtxq_busy(&uq->uq_key);
3037 umtxq_remove_queue(uq, UMTX_EXCLUSIVE_QUEUE);
3038 umtxq_unlock(&uq->uq_key);
3041 rv = fueword32(&rwlock->rw_state, &state);
3048 rv = fueword32(&rwlock->rw_blocked_writers,
3051 umtxq_unbusy_unlocked(&uq->uq_key);
3055 suword32(&rwlock->rw_blocked_writers, blocked_writers-1);
3056 if (blocked_writers == 1) {
3057 rv = fueword32(&rwlock->rw_state, &state);
3059 umtxq_unbusy_unlocked(&uq->uq_key);
3064 rv = casueword32(&rwlock->rw_state, state,
3065 &oldstate, state & ~URWLOCK_WRITE_WAITERS);
3071 MPASS(oldstate == state);
3075 error1 = umtxq_check_susp(td, false);
3077 * We are leaving the URWLOCK_WRITE_WAITERS
3078 * behind, but this should not harm the
3087 rv = fueword32(&rwlock->rw_blocked_readers,
3090 umtxq_unbusy_unlocked(&uq->uq_key);
3095 blocked_readers = 0;
3097 umtxq_unbusy_unlocked(&uq->uq_key);
3100 umtx_key_release(&uq->uq_key);
3101 if (error == ERESTART)
3107 do_rw_unlock(struct thread *td, struct urwlock *rwlock)
3111 int32_t state, oldstate;
3112 int error, rv, q, count;
3115 error = fueword32(&rwlock->rw_flags, &flags);
3118 error = umtx_key_get(rwlock, TYPE_RWLOCK, GET_SHARE(flags), &uq->uq_key);
3122 error = fueword32(&rwlock->rw_state, &state);
3127 if (state & URWLOCK_WRITE_OWNER) {
3129 rv = casueword32(&rwlock->rw_state, state,
3130 &oldstate, state & ~URWLOCK_WRITE_OWNER);
3137 if (!(oldstate & URWLOCK_WRITE_OWNER)) {
3141 error = umtxq_check_susp(td, true);
3147 } else if (URWLOCK_READER_COUNT(state) != 0) {
3149 rv = casueword32(&rwlock->rw_state, state,
3150 &oldstate, state - 1);
3157 if (URWLOCK_READER_COUNT(oldstate) == 0) {
3161 error = umtxq_check_susp(td, true);
3174 if (!(flags & URWLOCK_PREFER_READER)) {
3175 if (state & URWLOCK_WRITE_WAITERS) {
3177 q = UMTX_EXCLUSIVE_QUEUE;
3178 } else if (state & URWLOCK_READ_WAITERS) {
3180 q = UMTX_SHARED_QUEUE;
3183 if (state & URWLOCK_READ_WAITERS) {
3185 q = UMTX_SHARED_QUEUE;
3186 } else if (state & URWLOCK_WRITE_WAITERS) {
3188 q = UMTX_EXCLUSIVE_QUEUE;
3193 umtxq_lock(&uq->uq_key);
3194 umtxq_busy(&uq->uq_key);
3195 umtxq_signal_queue(&uq->uq_key, count, q);
3196 umtxq_unbusy(&uq->uq_key);
3197 umtxq_unlock(&uq->uq_key);
3200 umtx_key_release(&uq->uq_key);
3204 #if defined(COMPAT_FREEBSD9) || defined(COMPAT_FREEBSD10)
3206 do_sem_wait(struct thread *td, struct _usem *sem, struct _umtx_time *timeout)
3208 struct abs_timeout timo;
3210 uint32_t flags, count, count1;
3214 error = fueword32(&sem->_flags, &flags);
3217 error = umtx_key_get(sem, TYPE_SEM, GET_SHARE(flags), &uq->uq_key);
3221 if (timeout != NULL)
3222 abs_timeout_init2(&timo, timeout);
3225 umtxq_lock(&uq->uq_key);
3226 umtxq_busy(&uq->uq_key);
3228 umtxq_unlock(&uq->uq_key);
3229 rv = casueword32(&sem->_has_waiters, 0, &count1, 1);
3231 rv1 = fueword32(&sem->_count, &count);
3232 if (rv == -1 || (rv == 0 && (rv1 == -1 || count != 0)) || rv == 1) {
3233 umtxq_lock(&uq->uq_key);
3234 umtxq_unbusy(&uq->uq_key);
3236 umtxq_unlock(&uq->uq_key);
3238 rv = umtxq_check_susp(td, true);
3246 error = rv == -1 ? EFAULT : 0;
3249 umtxq_lock(&uq->uq_key);
3250 umtxq_unbusy(&uq->uq_key);
3252 error = umtxq_sleep(uq, "usem", timeout == NULL ? NULL : &timo);
3254 if ((uq->uq_flags & UQF_UMTXQ) == 0)
3258 /* A relative timeout cannot be restarted. */
3259 if (error == ERESTART && timeout != NULL &&
3260 (timeout->_flags & UMTX_ABSTIME) == 0)
3263 umtxq_unlock(&uq->uq_key);
3265 umtx_key_release(&uq->uq_key);
3270 * Signal a userland semaphore.
3273 do_sem_wake(struct thread *td, struct _usem *sem)
3275 struct umtx_key key;
3279 error = fueword32(&sem->_flags, &flags);
3282 if ((error = umtx_key_get(sem, TYPE_SEM, GET_SHARE(flags), &key)) != 0)
3286 cnt = umtxq_count(&key);
3289 * Check if count is greater than 0, this means the memory is
3290 * still being referenced by user code, so we can safely
3291 * update _has_waiters flag.
3295 error = suword32(&sem->_has_waiters, 0);
3300 umtxq_signal(&key, 1);
3304 umtx_key_release(&key);
3310 do_sem2_wait(struct thread *td, struct _usem2 *sem, struct _umtx_time *timeout)
3312 struct abs_timeout timo;
3314 uint32_t count, flags;
3318 flags = fuword32(&sem->_flags);
3319 error = umtx_key_get(sem, TYPE_SEM, GET_SHARE(flags), &uq->uq_key);
3323 if (timeout != NULL)
3324 abs_timeout_init2(&timo, timeout);
3327 umtxq_lock(&uq->uq_key);
3328 umtxq_busy(&uq->uq_key);
3330 umtxq_unlock(&uq->uq_key);
3331 rv = fueword32(&sem->_count, &count);
3333 umtxq_lock(&uq->uq_key);
3334 umtxq_unbusy(&uq->uq_key);
3336 umtxq_unlock(&uq->uq_key);
3337 umtx_key_release(&uq->uq_key);
3341 if (USEM_COUNT(count) != 0) {
3342 umtxq_lock(&uq->uq_key);
3343 umtxq_unbusy(&uq->uq_key);
3345 umtxq_unlock(&uq->uq_key);
3346 umtx_key_release(&uq->uq_key);
3349 if (count == USEM_HAS_WAITERS)
3351 rv = casueword32(&sem->_count, 0, &count, USEM_HAS_WAITERS);
3354 umtxq_lock(&uq->uq_key);
3355 umtxq_unbusy(&uq->uq_key);
3357 umtxq_unlock(&uq->uq_key);
3358 umtx_key_release(&uq->uq_key);
3361 rv = umtxq_check_susp(td, true);
3366 umtxq_lock(&uq->uq_key);
3367 umtxq_unbusy(&uq->uq_key);
3369 error = umtxq_sleep(uq, "usem", timeout == NULL ? NULL : &timo);
3371 if ((uq->uq_flags & UQF_UMTXQ) == 0)
3375 if (timeout != NULL && (timeout->_flags & UMTX_ABSTIME) == 0) {
3376 /* A relative timeout cannot be restarted. */
3377 if (error == ERESTART)
3379 if (error == EINTR) {
3380 abs_timeout_update(&timo);
3381 timespecsub(&timo.end, &timo.cur,
3382 &timeout->_timeout);
3386 umtxq_unlock(&uq->uq_key);
3387 umtx_key_release(&uq->uq_key);
3392 * Signal a userland semaphore.
3395 do_sem2_wake(struct thread *td, struct _usem2 *sem)
3397 struct umtx_key key;
3399 uint32_t count, flags;
3401 rv = fueword32(&sem->_flags, &flags);
3404 if ((error = umtx_key_get(sem, TYPE_SEM, GET_SHARE(flags), &key)) != 0)
3408 cnt = umtxq_count(&key);
3411 * If this was the last sleeping thread, clear the waiters
3416 rv = fueword32(&sem->_count, &count);
3417 while (rv != -1 && count & USEM_HAS_WAITERS) {
3418 rv = casueword32(&sem->_count, count, &count,
3419 count & ~USEM_HAS_WAITERS);
3421 rv = umtxq_check_susp(td, true);
3434 umtxq_signal(&key, 1);
3438 umtx_key_release(&key);
3443 umtx_copyin_timeout(const void *addr, struct timespec *tsp)
3447 error = copyin(addr, tsp, sizeof(struct timespec));
3449 if (tsp->tv_sec < 0 ||
3450 tsp->tv_nsec >= 1000000000 ||
3458 umtx_copyin_umtx_time(const void *addr, size_t size, struct _umtx_time *tp)
3462 if (size <= sizeof(struct timespec)) {
3463 tp->_clockid = CLOCK_REALTIME;
3465 error = copyin(addr, &tp->_timeout, sizeof(struct timespec));
3467 error = copyin(addr, tp, sizeof(struct _umtx_time));
3470 if (tp->_timeout.tv_sec < 0 ||
3471 tp->_timeout.tv_nsec >= 1000000000 || tp->_timeout.tv_nsec < 0)
3477 __umtx_op_unimpl(struct thread *td, struct _umtx_op_args *uap)
3480 return (EOPNOTSUPP);
3484 __umtx_op_wait(struct thread *td, struct _umtx_op_args *uap)
3486 struct _umtx_time timeout, *tm_p;
3489 if (uap->uaddr2 == NULL)
3492 error = umtx_copyin_umtx_time(
3493 uap->uaddr2, (size_t)uap->uaddr1, &timeout);
3498 return (do_wait(td, uap->obj, uap->val, tm_p, 0, 0));
3502 __umtx_op_wait_uint(struct thread *td, struct _umtx_op_args *uap)
3504 struct _umtx_time timeout, *tm_p;
3507 if (uap->uaddr2 == NULL)
3510 error = umtx_copyin_umtx_time(
3511 uap->uaddr2, (size_t)uap->uaddr1, &timeout);
3516 return (do_wait(td, uap->obj, uap->val, tm_p, 1, 0));
3520 __umtx_op_wait_uint_private(struct thread *td, struct _umtx_op_args *uap)
3522 struct _umtx_time *tm_p, timeout;
3525 if (uap->uaddr2 == NULL)
3528 error = umtx_copyin_umtx_time(
3529 uap->uaddr2, (size_t)uap->uaddr1, &timeout);
3534 return (do_wait(td, uap->obj, uap->val, tm_p, 1, 1));
3538 __umtx_op_wake(struct thread *td, struct _umtx_op_args *uap)
3541 return (kern_umtx_wake(td, uap->obj, uap->val, 0));
3544 #define BATCH_SIZE 128
3546 __umtx_op_nwake_private(struct thread *td, struct _umtx_op_args *uap)
3548 char *uaddrs[BATCH_SIZE], **upp;
3549 int count, error, i, pos, tocopy;
3551 upp = (char **)uap->obj;
3553 for (count = uap->val, pos = 0; count > 0; count -= tocopy,
3555 tocopy = MIN(count, BATCH_SIZE);
3556 error = copyin(upp + pos, uaddrs, tocopy * sizeof(char *));
3559 for (i = 0; i < tocopy; ++i)
3560 kern_umtx_wake(td, uaddrs[i], INT_MAX, 1);
3567 __umtx_op_wake_private(struct thread *td, struct _umtx_op_args *uap)
3570 return (kern_umtx_wake(td, uap->obj, uap->val, 1));
3574 __umtx_op_lock_umutex(struct thread *td, struct _umtx_op_args *uap)
3576 struct _umtx_time *tm_p, timeout;
3579 /* Allow a null timespec (wait forever). */
3580 if (uap->uaddr2 == NULL)
3583 error = umtx_copyin_umtx_time(
3584 uap->uaddr2, (size_t)uap->uaddr1, &timeout);
3589 return (do_lock_umutex(td, uap->obj, tm_p, 0));
3593 __umtx_op_trylock_umutex(struct thread *td, struct _umtx_op_args *uap)
3596 return (do_lock_umutex(td, uap->obj, NULL, _UMUTEX_TRY));
3600 __umtx_op_wait_umutex(struct thread *td, struct _umtx_op_args *uap)
3602 struct _umtx_time *tm_p, timeout;
3605 /* Allow a null timespec (wait forever). */
3606 if (uap->uaddr2 == NULL)
3609 error = umtx_copyin_umtx_time(
3610 uap->uaddr2, (size_t)uap->uaddr1, &timeout);
3615 return (do_lock_umutex(td, uap->obj, tm_p, _UMUTEX_WAIT));
3619 __umtx_op_wake_umutex(struct thread *td, struct _umtx_op_args *uap)
3622 return (do_wake_umutex(td, uap->obj));
3626 __umtx_op_unlock_umutex(struct thread *td, struct _umtx_op_args *uap)
3629 return (do_unlock_umutex(td, uap->obj, false));
3633 __umtx_op_set_ceiling(struct thread *td, struct _umtx_op_args *uap)
3636 return (do_set_ceiling(td, uap->obj, uap->val, uap->uaddr1));
3640 __umtx_op_cv_wait(struct thread *td, struct _umtx_op_args *uap)
3642 struct timespec *ts, timeout;
3645 /* Allow a null timespec (wait forever). */
3646 if (uap->uaddr2 == NULL)
3649 error = umtx_copyin_timeout(uap->uaddr2, &timeout);
3654 return (do_cv_wait(td, uap->obj, uap->uaddr1, ts, uap->val));
3658 __umtx_op_cv_signal(struct thread *td, struct _umtx_op_args *uap)
3661 return (do_cv_signal(td, uap->obj));
3665 __umtx_op_cv_broadcast(struct thread *td, struct _umtx_op_args *uap)
3668 return (do_cv_broadcast(td, uap->obj));
3672 __umtx_op_rw_rdlock(struct thread *td, struct _umtx_op_args *uap)
3674 struct _umtx_time timeout;
3677 /* Allow a null timespec (wait forever). */
3678 if (uap->uaddr2 == NULL) {
3679 error = do_rw_rdlock(td, uap->obj, uap->val, 0);
3681 error = umtx_copyin_umtx_time(uap->uaddr2,
3682 (size_t)uap->uaddr1, &timeout);
3685 error = do_rw_rdlock(td, uap->obj, uap->val, &timeout);
3691 __umtx_op_rw_wrlock(struct thread *td, struct _umtx_op_args *uap)
3693 struct _umtx_time timeout;
3696 /* Allow a null timespec (wait forever). */
3697 if (uap->uaddr2 == NULL) {
3698 error = do_rw_wrlock(td, uap->obj, 0);
3700 error = umtx_copyin_umtx_time(uap->uaddr2,
3701 (size_t)uap->uaddr1, &timeout);
3705 error = do_rw_wrlock(td, uap->obj, &timeout);
3711 __umtx_op_rw_unlock(struct thread *td, struct _umtx_op_args *uap)
3714 return (do_rw_unlock(td, uap->obj));
3717 #if defined(COMPAT_FREEBSD9) || defined(COMPAT_FREEBSD10)
3719 __umtx_op_sem_wait(struct thread *td, struct _umtx_op_args *uap)
3721 struct _umtx_time *tm_p, timeout;
3724 /* Allow a null timespec (wait forever). */
3725 if (uap->uaddr2 == NULL)
3728 error = umtx_copyin_umtx_time(
3729 uap->uaddr2, (size_t)uap->uaddr1, &timeout);
3734 return (do_sem_wait(td, uap->obj, tm_p));
3738 __umtx_op_sem_wake(struct thread *td, struct _umtx_op_args *uap)
3741 return (do_sem_wake(td, uap->obj));
3746 __umtx_op_wake2_umutex(struct thread *td, struct _umtx_op_args *uap)
3749 return (do_wake2_umutex(td, uap->obj, uap->val));
3753 __umtx_op_sem2_wait(struct thread *td, struct _umtx_op_args *uap)
3755 struct _umtx_time *tm_p, timeout;
3759 /* Allow a null timespec (wait forever). */
3760 if (uap->uaddr2 == NULL) {
3764 uasize = (size_t)uap->uaddr1;
3765 error = umtx_copyin_umtx_time(uap->uaddr2, uasize, &timeout);
3770 error = do_sem2_wait(td, uap->obj, tm_p);
3771 if (error == EINTR && uap->uaddr2 != NULL &&
3772 (timeout._flags & UMTX_ABSTIME) == 0 &&
3773 uasize >= sizeof(struct _umtx_time) + sizeof(struct timespec)) {
3774 error = copyout(&timeout._timeout,
3775 (struct _umtx_time *)uap->uaddr2 + 1,
3776 sizeof(struct timespec));
3786 __umtx_op_sem2_wake(struct thread *td, struct _umtx_op_args *uap)
3789 return (do_sem2_wake(td, uap->obj));
3792 #define USHM_OBJ_UMTX(o) \
3793 ((struct umtx_shm_obj_list *)(&(o)->umtx_data))
3795 #define USHMF_REG_LINKED 0x0001
3796 #define USHMF_OBJ_LINKED 0x0002
3797 struct umtx_shm_reg {
3798 TAILQ_ENTRY(umtx_shm_reg) ushm_reg_link;
3799 LIST_ENTRY(umtx_shm_reg) ushm_obj_link;
3800 struct umtx_key ushm_key;
3801 struct ucred *ushm_cred;
3802 struct shmfd *ushm_obj;
3807 LIST_HEAD(umtx_shm_obj_list, umtx_shm_reg);
3808 TAILQ_HEAD(umtx_shm_reg_head, umtx_shm_reg);
3810 static uma_zone_t umtx_shm_reg_zone;
3811 static struct umtx_shm_reg_head umtx_shm_registry[UMTX_CHAINS];
3812 static struct mtx umtx_shm_lock;
3813 static struct umtx_shm_reg_head umtx_shm_reg_delfree =
3814 TAILQ_HEAD_INITIALIZER(umtx_shm_reg_delfree);
3816 static void umtx_shm_free_reg(struct umtx_shm_reg *reg);
3819 umtx_shm_reg_delfree_tq(void *context __unused, int pending __unused)
3821 struct umtx_shm_reg_head d;
3822 struct umtx_shm_reg *reg, *reg1;
3825 mtx_lock(&umtx_shm_lock);
3826 TAILQ_CONCAT(&d, &umtx_shm_reg_delfree, ushm_reg_link);
3827 mtx_unlock(&umtx_shm_lock);
3828 TAILQ_FOREACH_SAFE(reg, &d, ushm_reg_link, reg1) {
3829 TAILQ_REMOVE(&d, reg, ushm_reg_link);
3830 umtx_shm_free_reg(reg);
3834 static struct task umtx_shm_reg_delfree_task =
3835 TASK_INITIALIZER(0, umtx_shm_reg_delfree_tq, NULL);
3837 static struct umtx_shm_reg *
3838 umtx_shm_find_reg_locked(const struct umtx_key *key)
3840 struct umtx_shm_reg *reg;
3841 struct umtx_shm_reg_head *reg_head;
3843 KASSERT(key->shared, ("umtx_p_find_rg: private key"));
3844 mtx_assert(&umtx_shm_lock, MA_OWNED);
3845 reg_head = &umtx_shm_registry[key->hash];
3846 TAILQ_FOREACH(reg, reg_head, ushm_reg_link) {
3847 KASSERT(reg->ushm_key.shared,
3848 ("non-shared key on reg %p %d", reg, reg->ushm_key.shared));
3849 if (reg->ushm_key.info.shared.object ==
3850 key->info.shared.object &&
3851 reg->ushm_key.info.shared.offset ==
3852 key->info.shared.offset) {
3853 KASSERT(reg->ushm_key.type == TYPE_SHM, ("TYPE_USHM"));
3854 KASSERT(reg->ushm_refcnt > 0,
3855 ("reg %p refcnt 0 onlist", reg));
3856 KASSERT((reg->ushm_flags & USHMF_REG_LINKED) != 0,
3857 ("reg %p not linked", reg));
3865 static struct umtx_shm_reg *
3866 umtx_shm_find_reg(const struct umtx_key *key)
3868 struct umtx_shm_reg *reg;
3870 mtx_lock(&umtx_shm_lock);
3871 reg = umtx_shm_find_reg_locked(key);
3872 mtx_unlock(&umtx_shm_lock);
3877 umtx_shm_free_reg(struct umtx_shm_reg *reg)
3880 chgumtxcnt(reg->ushm_cred->cr_ruidinfo, -1, 0);
3881 crfree(reg->ushm_cred);
3882 shm_drop(reg->ushm_obj);
3883 uma_zfree(umtx_shm_reg_zone, reg);
3887 umtx_shm_unref_reg_locked(struct umtx_shm_reg *reg, bool force)
3891 mtx_assert(&umtx_shm_lock, MA_OWNED);
3892 KASSERT(reg->ushm_refcnt > 0, ("ushm_reg %p refcnt 0", reg));
3894 res = reg->ushm_refcnt == 0;
3896 if ((reg->ushm_flags & USHMF_REG_LINKED) != 0) {
3897 TAILQ_REMOVE(&umtx_shm_registry[reg->ushm_key.hash],
3898 reg, ushm_reg_link);
3899 reg->ushm_flags &= ~USHMF_REG_LINKED;
3901 if ((reg->ushm_flags & USHMF_OBJ_LINKED) != 0) {
3902 LIST_REMOVE(reg, ushm_obj_link);
3903 reg->ushm_flags &= ~USHMF_OBJ_LINKED;
3910 umtx_shm_unref_reg(struct umtx_shm_reg *reg, bool force)
3916 object = reg->ushm_obj->shm_object;
3917 VM_OBJECT_WLOCK(object);
3918 object->flags |= OBJ_UMTXDEAD;
3919 VM_OBJECT_WUNLOCK(object);
3921 mtx_lock(&umtx_shm_lock);
3922 dofree = umtx_shm_unref_reg_locked(reg, force);
3923 mtx_unlock(&umtx_shm_lock);
3925 umtx_shm_free_reg(reg);
3929 umtx_shm_object_init(vm_object_t object)
3932 LIST_INIT(USHM_OBJ_UMTX(object));
3936 umtx_shm_object_terminated(vm_object_t object)
3938 struct umtx_shm_reg *reg, *reg1;
3941 if (LIST_EMPTY(USHM_OBJ_UMTX(object)))
3945 mtx_lock(&umtx_shm_lock);
3946 LIST_FOREACH_SAFE(reg, USHM_OBJ_UMTX(object), ushm_obj_link, reg1) {
3947 if (umtx_shm_unref_reg_locked(reg, true)) {
3948 TAILQ_INSERT_TAIL(&umtx_shm_reg_delfree, reg,
3953 mtx_unlock(&umtx_shm_lock);
3955 taskqueue_enqueue(taskqueue_thread, &umtx_shm_reg_delfree_task);
3959 umtx_shm_create_reg(struct thread *td, const struct umtx_key *key,
3960 struct umtx_shm_reg **res)
3962 struct umtx_shm_reg *reg, *reg1;
3966 reg = umtx_shm_find_reg(key);
3971 cred = td->td_ucred;
3972 if (!chgumtxcnt(cred->cr_ruidinfo, 1, lim_cur(td, RLIMIT_UMTXP)))
3974 reg = uma_zalloc(umtx_shm_reg_zone, M_WAITOK | M_ZERO);
3975 reg->ushm_refcnt = 1;
3976 bcopy(key, ®->ushm_key, sizeof(*key));
3977 reg->ushm_obj = shm_alloc(td->td_ucred, O_RDWR);
3978 reg->ushm_cred = crhold(cred);
3979 error = shm_dotruncate(reg->ushm_obj, PAGE_SIZE);
3981 umtx_shm_free_reg(reg);
3984 mtx_lock(&umtx_shm_lock);
3985 reg1 = umtx_shm_find_reg_locked(key);
3987 mtx_unlock(&umtx_shm_lock);
3988 umtx_shm_free_reg(reg);
3993 TAILQ_INSERT_TAIL(&umtx_shm_registry[key->hash], reg, ushm_reg_link);
3994 LIST_INSERT_HEAD(USHM_OBJ_UMTX(key->info.shared.object), reg,
3996 reg->ushm_flags = USHMF_REG_LINKED | USHMF_OBJ_LINKED;
3997 mtx_unlock(&umtx_shm_lock);
4003 umtx_shm_alive(struct thread *td, void *addr)
4006 vm_map_entry_t entry;
4013 map = &td->td_proc->p_vmspace->vm_map;
4014 res = vm_map_lookup(&map, (uintptr_t)addr, VM_PROT_READ, &entry,
4015 &object, &pindex, &prot, &wired);
4016 if (res != KERN_SUCCESS)
4021 ret = (object->flags & OBJ_UMTXDEAD) != 0 ? ENOTTY : 0;
4022 vm_map_lookup_done(map, entry);
4031 umtx_shm_reg_zone = uma_zcreate("umtx_shm", sizeof(struct umtx_shm_reg),
4032 NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, 0);
4033 mtx_init(&umtx_shm_lock, "umtxshm", NULL, MTX_DEF);
4034 for (i = 0; i < nitems(umtx_shm_registry); i++)
4035 TAILQ_INIT(&umtx_shm_registry[i]);
4039 umtx_shm(struct thread *td, void *addr, u_int flags)
4041 struct umtx_key key;
4042 struct umtx_shm_reg *reg;
4046 if (__bitcount(flags & (UMTX_SHM_CREAT | UMTX_SHM_LOOKUP |
4047 UMTX_SHM_DESTROY| UMTX_SHM_ALIVE)) != 1)
4049 if ((flags & UMTX_SHM_ALIVE) != 0)
4050 return (umtx_shm_alive(td, addr));
4051 error = umtx_key_get(addr, TYPE_SHM, PROCESS_SHARE, &key);
4054 KASSERT(key.shared == 1, ("non-shared key"));
4055 if ((flags & UMTX_SHM_CREAT) != 0) {
4056 error = umtx_shm_create_reg(td, &key, ®);
4058 reg = umtx_shm_find_reg(&key);
4062 umtx_key_release(&key);
4065 KASSERT(reg != NULL, ("no reg"));
4066 if ((flags & UMTX_SHM_DESTROY) != 0) {
4067 umtx_shm_unref_reg(reg, true);
4071 error = mac_posixshm_check_open(td->td_ucred,
4072 reg->ushm_obj, FFLAGS(O_RDWR));
4075 error = shm_access(reg->ushm_obj, td->td_ucred,
4079 error = falloc_caps(td, &fp, &fd, O_CLOEXEC, NULL);
4081 shm_hold(reg->ushm_obj);
4082 finit(fp, FFLAGS(O_RDWR), DTYPE_SHM, reg->ushm_obj,
4084 td->td_retval[0] = fd;
4088 umtx_shm_unref_reg(reg, false);
4093 __umtx_op_shm(struct thread *td, struct _umtx_op_args *uap)
4096 return (umtx_shm(td, uap->uaddr1, uap->val));
4100 umtx_robust_lists(struct thread *td, struct umtx_robust_lists_params *rbp)
4103 td->td_rb_list = rbp->robust_list_offset;
4104 td->td_rbp_list = rbp->robust_priv_list_offset;
4105 td->td_rb_inact = rbp->robust_inact_offset;
4110 __umtx_op_robust_lists(struct thread *td, struct _umtx_op_args *uap)
4112 struct umtx_robust_lists_params rb;
4115 if (uap->val > sizeof(rb))
4117 bzero(&rb, sizeof(rb));
4118 error = copyin(uap->uaddr1, &rb, uap->val);
4121 return (umtx_robust_lists(td, &rb));
4124 typedef int (*_umtx_op_func)(struct thread *td, struct _umtx_op_args *uap);
4126 static const _umtx_op_func op_table[] = {
4127 [UMTX_OP_RESERVED0] = __umtx_op_unimpl,
4128 [UMTX_OP_RESERVED1] = __umtx_op_unimpl,
4129 [UMTX_OP_WAIT] = __umtx_op_wait,
4130 [UMTX_OP_WAKE] = __umtx_op_wake,
4131 [UMTX_OP_MUTEX_TRYLOCK] = __umtx_op_trylock_umutex,
4132 [UMTX_OP_MUTEX_LOCK] = __umtx_op_lock_umutex,
4133 [UMTX_OP_MUTEX_UNLOCK] = __umtx_op_unlock_umutex,
4134 [UMTX_OP_SET_CEILING] = __umtx_op_set_ceiling,
4135 [UMTX_OP_CV_WAIT] = __umtx_op_cv_wait,
4136 [UMTX_OP_CV_SIGNAL] = __umtx_op_cv_signal,
4137 [UMTX_OP_CV_BROADCAST] = __umtx_op_cv_broadcast,
4138 [UMTX_OP_WAIT_UINT] = __umtx_op_wait_uint,
4139 [UMTX_OP_RW_RDLOCK] = __umtx_op_rw_rdlock,
4140 [UMTX_OP_RW_WRLOCK] = __umtx_op_rw_wrlock,
4141 [UMTX_OP_RW_UNLOCK] = __umtx_op_rw_unlock,
4142 [UMTX_OP_WAIT_UINT_PRIVATE] = __umtx_op_wait_uint_private,
4143 [UMTX_OP_WAKE_PRIVATE] = __umtx_op_wake_private,
4144 [UMTX_OP_MUTEX_WAIT] = __umtx_op_wait_umutex,
4145 [UMTX_OP_MUTEX_WAKE] = __umtx_op_wake_umutex,
4146 #if defined(COMPAT_FREEBSD9) || defined(COMPAT_FREEBSD10)
4147 [UMTX_OP_SEM_WAIT] = __umtx_op_sem_wait,
4148 [UMTX_OP_SEM_WAKE] = __umtx_op_sem_wake,
4150 [UMTX_OP_SEM_WAIT] = __umtx_op_unimpl,
4151 [UMTX_OP_SEM_WAKE] = __umtx_op_unimpl,
4153 [UMTX_OP_NWAKE_PRIVATE] = __umtx_op_nwake_private,
4154 [UMTX_OP_MUTEX_WAKE2] = __umtx_op_wake2_umutex,
4155 [UMTX_OP_SEM2_WAIT] = __umtx_op_sem2_wait,
4156 [UMTX_OP_SEM2_WAKE] = __umtx_op_sem2_wake,
4157 [UMTX_OP_SHM] = __umtx_op_shm,
4158 [UMTX_OP_ROBUST_LISTS] = __umtx_op_robust_lists,
4162 sys__umtx_op(struct thread *td, struct _umtx_op_args *uap)
4165 if ((unsigned)uap->op < nitems(op_table))
4166 return (*op_table[uap->op])(td, uap);
4170 #ifdef COMPAT_FREEBSD32
4177 struct umtx_time32 {
4178 struct timespec32 timeout;
4184 umtx_copyin_timeout32(void *addr, struct timespec *tsp)
4186 struct timespec32 ts32;
4189 error = copyin(addr, &ts32, sizeof(struct timespec32));
4191 if (ts32.tv_sec < 0 ||
4192 ts32.tv_nsec >= 1000000000 ||
4196 tsp->tv_sec = ts32.tv_sec;
4197 tsp->tv_nsec = ts32.tv_nsec;
4204 umtx_copyin_umtx_time32(const void *addr, size_t size, struct _umtx_time *tp)
4206 struct umtx_time32 t32;
4209 t32.clockid = CLOCK_REALTIME;
4211 if (size <= sizeof(struct timespec32))
4212 error = copyin(addr, &t32.timeout, sizeof(struct timespec32));
4214 error = copyin(addr, &t32, sizeof(struct umtx_time32));
4217 if (t32.timeout.tv_sec < 0 ||
4218 t32.timeout.tv_nsec >= 1000000000 || t32.timeout.tv_nsec < 0)
4220 tp->_timeout.tv_sec = t32.timeout.tv_sec;
4221 tp->_timeout.tv_nsec = t32.timeout.tv_nsec;
4222 tp->_flags = t32.flags;
4223 tp->_clockid = t32.clockid;
4228 __umtx_op_wait_compat32(struct thread *td, struct _umtx_op_args *uap)
4230 struct _umtx_time *tm_p, timeout;
4233 if (uap->uaddr2 == NULL)
4236 error = umtx_copyin_umtx_time32(uap->uaddr2,
4237 (size_t)uap->uaddr1, &timeout);
4242 return (do_wait(td, uap->obj, uap->val, tm_p, 1, 0));
4246 __umtx_op_lock_umutex_compat32(struct thread *td, struct _umtx_op_args *uap)
4248 struct _umtx_time *tm_p, timeout;
4251 /* Allow a null timespec (wait forever). */
4252 if (uap->uaddr2 == NULL)
4255 error = umtx_copyin_umtx_time32(uap->uaddr2,
4256 (size_t)uap->uaddr1, &timeout);
4261 return (do_lock_umutex(td, uap->obj, tm_p, 0));
4265 __umtx_op_wait_umutex_compat32(struct thread *td, struct _umtx_op_args *uap)
4267 struct _umtx_time *tm_p, timeout;
4270 /* Allow a null timespec (wait forever). */
4271 if (uap->uaddr2 == NULL)
4274 error = umtx_copyin_umtx_time32(uap->uaddr2,
4275 (size_t)uap->uaddr1, &timeout);
4280 return (do_lock_umutex(td, uap->obj, tm_p, _UMUTEX_WAIT));
4284 __umtx_op_cv_wait_compat32(struct thread *td, struct _umtx_op_args *uap)
4286 struct timespec *ts, timeout;
4289 /* Allow a null timespec (wait forever). */
4290 if (uap->uaddr2 == NULL)
4293 error = umtx_copyin_timeout32(uap->uaddr2, &timeout);
4298 return (do_cv_wait(td, uap->obj, uap->uaddr1, ts, uap->val));
4302 __umtx_op_rw_rdlock_compat32(struct thread *td, struct _umtx_op_args *uap)
4304 struct _umtx_time timeout;
4307 /* Allow a null timespec (wait forever). */
4308 if (uap->uaddr2 == NULL) {
4309 error = do_rw_rdlock(td, uap->obj, uap->val, 0);
4311 error = umtx_copyin_umtx_time32(uap->uaddr2,
4312 (size_t)uap->uaddr1, &timeout);
4315 error = do_rw_rdlock(td, uap->obj, uap->val, &timeout);
4321 __umtx_op_rw_wrlock_compat32(struct thread *td, struct _umtx_op_args *uap)
4323 struct _umtx_time timeout;
4326 /* Allow a null timespec (wait forever). */
4327 if (uap->uaddr2 == NULL) {
4328 error = do_rw_wrlock(td, uap->obj, 0);
4330 error = umtx_copyin_umtx_time32(uap->uaddr2,
4331 (size_t)uap->uaddr1, &timeout);
4334 error = do_rw_wrlock(td, uap->obj, &timeout);
4340 __umtx_op_wait_uint_private_compat32(struct thread *td, struct _umtx_op_args *uap)
4342 struct _umtx_time *tm_p, timeout;
4345 if (uap->uaddr2 == NULL)
4348 error = umtx_copyin_umtx_time32(
4349 uap->uaddr2, (size_t)uap->uaddr1,&timeout);
4354 return (do_wait(td, uap->obj, uap->val, tm_p, 1, 1));
4357 #if defined(COMPAT_FREEBSD9) || defined(COMPAT_FREEBSD10)
4359 __umtx_op_sem_wait_compat32(struct thread *td, struct _umtx_op_args *uap)
4361 struct _umtx_time *tm_p, timeout;
4364 /* Allow a null timespec (wait forever). */
4365 if (uap->uaddr2 == NULL)
4368 error = umtx_copyin_umtx_time32(uap->uaddr2,
4369 (size_t)uap->uaddr1, &timeout);
4374 return (do_sem_wait(td, uap->obj, tm_p));
4379 __umtx_op_sem2_wait_compat32(struct thread *td, struct _umtx_op_args *uap)
4381 struct _umtx_time *tm_p, timeout;
4385 /* Allow a null timespec (wait forever). */
4386 if (uap->uaddr2 == NULL) {
4390 uasize = (size_t)uap->uaddr1;
4391 error = umtx_copyin_umtx_time32(uap->uaddr2, uasize, &timeout);
4396 error = do_sem2_wait(td, uap->obj, tm_p);
4397 if (error == EINTR && uap->uaddr2 != NULL &&
4398 (timeout._flags & UMTX_ABSTIME) == 0 &&
4399 uasize >= sizeof(struct umtx_time32) + sizeof(struct timespec32)) {
4400 struct timespec32 remain32 = {
4401 .tv_sec = timeout._timeout.tv_sec,
4402 .tv_nsec = timeout._timeout.tv_nsec
4404 error = copyout(&remain32,
4405 (struct umtx_time32 *)uap->uaddr2 + 1,
4406 sizeof(struct timespec32));
4416 __umtx_op_nwake_private32(struct thread *td, struct _umtx_op_args *uap)
4418 uint32_t uaddrs[BATCH_SIZE], **upp;
4419 int count, error, i, pos, tocopy;
4421 upp = (uint32_t **)uap->obj;
4423 for (count = uap->val, pos = 0; count > 0; count -= tocopy,
4425 tocopy = MIN(count, BATCH_SIZE);
4426 error = copyin(upp + pos, uaddrs, tocopy * sizeof(uint32_t));
4429 for (i = 0; i < tocopy; ++i)
4430 kern_umtx_wake(td, (void *)(intptr_t)uaddrs[i],
4437 struct umtx_robust_lists_params_compat32 {
4438 uint32_t robust_list_offset;
4439 uint32_t robust_priv_list_offset;
4440 uint32_t robust_inact_offset;
4444 __umtx_op_robust_lists_compat32(struct thread *td, struct _umtx_op_args *uap)
4446 struct umtx_robust_lists_params rb;
4447 struct umtx_robust_lists_params_compat32 rb32;
4450 if (uap->val > sizeof(rb32))
4452 bzero(&rb, sizeof(rb));
4453 bzero(&rb32, sizeof(rb32));
4454 error = copyin(uap->uaddr1, &rb32, uap->val);
4457 rb.robust_list_offset = rb32.robust_list_offset;
4458 rb.robust_priv_list_offset = rb32.robust_priv_list_offset;
4459 rb.robust_inact_offset = rb32.robust_inact_offset;
4460 return (umtx_robust_lists(td, &rb));
4463 static const _umtx_op_func op_table_compat32[] = {
4464 [UMTX_OP_RESERVED0] = __umtx_op_unimpl,
4465 [UMTX_OP_RESERVED1] = __umtx_op_unimpl,
4466 [UMTX_OP_WAIT] = __umtx_op_wait_compat32,
4467 [UMTX_OP_WAKE] = __umtx_op_wake,
4468 [UMTX_OP_MUTEX_TRYLOCK] = __umtx_op_trylock_umutex,
4469 [UMTX_OP_MUTEX_LOCK] = __umtx_op_lock_umutex_compat32,
4470 [UMTX_OP_MUTEX_UNLOCK] = __umtx_op_unlock_umutex,
4471 [UMTX_OP_SET_CEILING] = __umtx_op_set_ceiling,
4472 [UMTX_OP_CV_WAIT] = __umtx_op_cv_wait_compat32,
4473 [UMTX_OP_CV_SIGNAL] = __umtx_op_cv_signal,
4474 [UMTX_OP_CV_BROADCAST] = __umtx_op_cv_broadcast,
4475 [UMTX_OP_WAIT_UINT] = __umtx_op_wait_compat32,
4476 [UMTX_OP_RW_RDLOCK] = __umtx_op_rw_rdlock_compat32,
4477 [UMTX_OP_RW_WRLOCK] = __umtx_op_rw_wrlock_compat32,
4478 [UMTX_OP_RW_UNLOCK] = __umtx_op_rw_unlock,
4479 [UMTX_OP_WAIT_UINT_PRIVATE] = __umtx_op_wait_uint_private_compat32,
4480 [UMTX_OP_WAKE_PRIVATE] = __umtx_op_wake_private,
4481 [UMTX_OP_MUTEX_WAIT] = __umtx_op_wait_umutex_compat32,
4482 [UMTX_OP_MUTEX_WAKE] = __umtx_op_wake_umutex,
4483 #if defined(COMPAT_FREEBSD9) || defined(COMPAT_FREEBSD10)
4484 [UMTX_OP_SEM_WAIT] = __umtx_op_sem_wait_compat32,
4485 [UMTX_OP_SEM_WAKE] = __umtx_op_sem_wake,
4487 [UMTX_OP_SEM_WAIT] = __umtx_op_unimpl,
4488 [UMTX_OP_SEM_WAKE] = __umtx_op_unimpl,
4490 [UMTX_OP_NWAKE_PRIVATE] = __umtx_op_nwake_private32,
4491 [UMTX_OP_MUTEX_WAKE2] = __umtx_op_wake2_umutex,
4492 [UMTX_OP_SEM2_WAIT] = __umtx_op_sem2_wait_compat32,
4493 [UMTX_OP_SEM2_WAKE] = __umtx_op_sem2_wake,
4494 [UMTX_OP_SHM] = __umtx_op_shm,
4495 [UMTX_OP_ROBUST_LISTS] = __umtx_op_robust_lists_compat32,
4499 freebsd32__umtx_op(struct thread *td, struct freebsd32__umtx_op_args *uap)
4502 if ((unsigned)uap->op < nitems(op_table_compat32)) {
4503 return (*op_table_compat32[uap->op])(td,
4504 (struct _umtx_op_args *)uap);
4511 umtx_thread_init(struct thread *td)
4514 td->td_umtxq = umtxq_alloc();
4515 td->td_umtxq->uq_thread = td;
4519 umtx_thread_fini(struct thread *td)
4522 umtxq_free(td->td_umtxq);
4526 * It will be called when new thread is created, e.g fork().
4529 umtx_thread_alloc(struct thread *td)
4534 uq->uq_inherited_pri = PRI_MAX;
4536 KASSERT(uq->uq_flags == 0, ("uq_flags != 0"));
4537 KASSERT(uq->uq_thread == td, ("uq_thread != td"));
4538 KASSERT(uq->uq_pi_blocked == NULL, ("uq_pi_blocked != NULL"));
4539 KASSERT(TAILQ_EMPTY(&uq->uq_pi_contested), ("uq_pi_contested is not empty"));
4545 * Clear robust lists for all process' threads, not delaying the
4546 * cleanup to thread_exit hook, since the relevant address space is
4547 * destroyed right now.
4550 umtx_exec_hook(void *arg __unused, struct proc *p,
4551 struct image_params *imgp __unused)
4555 KASSERT(p == curproc, ("need curproc"));
4556 KASSERT((p->p_flag & P_HADTHREADS) == 0 ||
4557 (p->p_flag & P_STOPPED_SINGLE) != 0,
4558 ("curproc must be single-threaded"));
4560 * There is no need to lock the list as only this thread can be
4563 FOREACH_THREAD_IN_PROC(p, td) {
4564 KASSERT(td == curthread ||
4565 ((td->td_flags & TDF_BOUNDARY) != 0 && TD_IS_SUSPENDED(td)),
4566 ("running thread %p %p", p, td));
4567 umtx_thread_cleanup(td);
4568 td->td_rb_list = td->td_rbp_list = td->td_rb_inact = 0;
4573 * thread_exit() hook.
4576 umtx_thread_exit(struct thread *td)
4579 umtx_thread_cleanup(td);
4583 umtx_read_uptr(struct thread *td, uintptr_t ptr, uintptr_t *res)
4586 #ifdef COMPAT_FREEBSD32
4591 #ifdef COMPAT_FREEBSD32
4592 if (SV_PROC_FLAG(td->td_proc, SV_ILP32)) {
4593 error = fueword32((void *)ptr, &res32);
4599 error = fueword((void *)ptr, &res1);
4609 umtx_read_rb_list(struct thread *td, struct umutex *m, uintptr_t *rb_list)
4611 #ifdef COMPAT_FREEBSD32
4612 struct umutex32 m32;
4614 if (SV_PROC_FLAG(td->td_proc, SV_ILP32)) {
4615 memcpy(&m32, m, sizeof(m32));
4616 *rb_list = m32.m_rb_lnk;
4619 *rb_list = m->m_rb_lnk;
4623 umtx_handle_rb(struct thread *td, uintptr_t rbp, uintptr_t *rb_list, bool inact)
4628 KASSERT(td->td_proc == curproc, ("need current vmspace"));
4629 error = copyin((void *)rbp, &m, sizeof(m));
4632 if (rb_list != NULL)
4633 umtx_read_rb_list(td, &m, rb_list);
4634 if ((m.m_flags & UMUTEX_ROBUST) == 0)
4636 if ((m.m_owner & ~UMUTEX_CONTESTED) != td->td_tid)
4637 /* inact is cleared after unlock, allow the inconsistency */
4638 return (inact ? 0 : EINVAL);
4639 return (do_unlock_umutex(td, (struct umutex *)rbp, true));
4643 umtx_cleanup_rb_list(struct thread *td, uintptr_t rb_list, uintptr_t *rb_inact,
4652 error = umtx_read_uptr(td, rb_list, &rbp);
4653 for (i = 0; error == 0 && rbp != 0 && i < umtx_max_rb; i++) {
4654 if (rbp == *rb_inact) {
4659 error = umtx_handle_rb(td, rbp, &rbp, inact);
4661 if (i == umtx_max_rb && umtx_verbose_rb) {
4662 uprintf("comm %s pid %d: reached umtx %smax rb %d\n",
4663 td->td_proc->p_comm, td->td_proc->p_pid, name, umtx_max_rb);
4665 if (error != 0 && umtx_verbose_rb) {
4666 uprintf("comm %s pid %d: handling %srb error %d\n",
4667 td->td_proc->p_comm, td->td_proc->p_pid, name, error);
4672 * Clean up umtx data.
4675 umtx_thread_cleanup(struct thread *td)
4682 * Disown pi mutexes.
4686 if (uq->uq_inherited_pri != PRI_MAX ||
4687 !TAILQ_EMPTY(&uq->uq_pi_contested)) {
4688 mtx_lock(&umtx_lock);
4689 uq->uq_inherited_pri = PRI_MAX;
4690 while ((pi = TAILQ_FIRST(&uq->uq_pi_contested)) != NULL) {
4691 pi->pi_owner = NULL;
4692 TAILQ_REMOVE(&uq->uq_pi_contested, pi, pi_link);
4694 mtx_unlock(&umtx_lock);
4696 sched_lend_user_prio_cond(td, PRI_MAX);
4699 if (td->td_rb_inact == 0 && td->td_rb_list == 0 && td->td_rbp_list == 0)
4703 * Handle terminated robust mutexes. Must be done after
4704 * robust pi disown, otherwise unlock could see unowned
4707 rb_inact = td->td_rb_inact;
4709 (void)umtx_read_uptr(td, rb_inact, &rb_inact);
4710 umtx_cleanup_rb_list(td, td->td_rb_list, &rb_inact, "");
4711 umtx_cleanup_rb_list(td, td->td_rbp_list, &rb_inact, "priv ");
4713 (void)umtx_handle_rb(td, rb_inact, NULL, true);
projects / FreeBSD / FreeBSD.git / blob