The getcontext() from the __fillcontextx() call in the
check_deferred_signal() returns twice, since handle_signal() emulates
the return from the normal signal handler by sigreturn(2)ing the
passed context. Second return is performed on the destroyed stack
frame, because __fillcontextx() has already returned. This causes
undefined and bad behaviour, usually the victim thread gets SIGSEGV.
Avoid nested frame and the need to return from it by doing direct call
to getcontext() in the check_deferred_signal() and using a new private
libc helper __fillcontextx2() to complement the context with the
extended CPU state if the deferred signal is still present.
The __fillcontextx() is now unused, but is kept to allow older
libthr.so to be used with the new libc.
Mark __fillcontextx() as returning twice [1].
Reported by: pgj
Pointy hat to: kib
Discussed with: dim
Tested by: pgj, dim
Suggested by: jilles [1]
MFC after: 1 week
Change the closeallfds() routine to use closefrom() when it is
available (closefrom() was added to FreeBSD in 8.0-release).
The selection is made at compile-time, as I still compile a
FreeBSD-based version of lpr&friends on other platforms.
While testing I out that (at least on my system) lpd has been
closing 11095 fd's, when there are only 6 fd's open. The old
code took 120 times more clocktime than calling closefrom().
(although that was still less than 2/1000-ths of a second!)
The _MC_HASFPXSTATE and _MC_IA32_HASFPXSTATE flags have the same bit
value on purpose, but the ia32 context handling code is logically more
correct to use the _MC_IA32_HASFPXSTATE name for the flag.
Tested by: dim, pgj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
The ia32_get_mcontext() does not need to set PCB_FULL_IRET. The
usermode context state is not changed by the get operation, and
get_mcontext() does not require full iret as well.
Tested by: dim, pgj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
When handling an exception from the attempt from loading the faulting
context on return from the trap handler, re-enable the interrupts on
i386 and amd64. The trap return path have to disable interrupts since
the sequence of loading the machine state is not atomic. The trap()
function which transfers the control to the special handler would
enable the interrupt, but an iret loads the previous eflags with PSL_I
clear. Then, the special handler calls trap() on its own, which now
sees the original eflags with PSL_I set and does not enable
interrupts.
The end result is that signal delivery and process exiting code could
be executed with interrupts disabled, which is generally wrong and
triggers several assertions.
For amd64, the interrupts are enabled conditionally based on PSL_I in
the eflags of the outer frame, as it is already done for
doreti_iret_fault. For i386, the interrupts are enabled
unconditionally, the ast loop could have opened a window with
interrupts enabled just before the iret anyway.
Reported and tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
David Schultz [Mon, 27 May 2013 08:50:10 +0000 (08:50 +0000)]
Fix some regressions caused by the switch from gcc to clang. The fixes
are workarounds for various symptoms of the problem described in clang
bugs 3929, 8100, 8241, 10409, and 12958.
The regression tests did their job: they failed, someone brought it
up on the mailing lists, and then the issue got ignored for 6 months.
Oops. There may still be some regressions for functions we don't have
test coverage for yet.
Workaround for for a problem seen with ATI Technologies EHCI
controller hardware most likely present on UHCI chipsets aswell. The
bug manifests itself when issuing isochronous transfers and bulk
transfers towards the same device simultaneously. From time to time it
happens that either the completion IRQ was missing or that the
completion IRQ was happening before the ITD/SITD was completely
written back to memory. The workaround assumes that double buffered
isochronous transfers are used, and that a second interrupt is
generated at the beginning of the next isochronous transfer to
complete the previous one. Possibly skipping the interrupt at the last
isochronous frame is possible, but will then break single buffered
isochronous transfers. For now we can live with some extra interrupts.
Adrian Chadd [Sun, 26 May 2013 22:23:39 +0000 (22:23 +0000)]
Migrate ath(4) to now use if_transmit instead of the legacy if_start
and if queue mechanism; also fix up (non-11n) TX fragment handling.
This may result in a bit of a performance drop for now but I plan on
debugging and resolving this at a later stage.
Whilst here, fix the transmit path so fragment transmission works.
The TX fragmentation handling is a bit more special. In order to
correctly transmit TX fragments, there's a bunch of corner cases that
need to be handled:
* They must be transmitted back to back, in the same order..
* .. ie, you need to hold the TX lock whilst transmitting this
set of fragments rather than interleaving it with other MSDUs
destined to other nodes;
* The length of the next fragment is required when transmitting, in
order to correctly set the NAV field in the current frame to the
length of the next frame; which requires ..
* .. that we know the transmit duration of the next frame, which ..
* .. requires us to set the rate of all fragments to the same length,
or make the decision up-front, etc.
To facilitate this, I've added a new ath_buf field to describe the
length of the next fragment. This avoids having to keep the mbuf
chain together. This used to work before my 11n TX path work because
the ath_tx_start() routine would be handed a single mbuf with m_nextpkt
pointing to the next frame, and that would be maintained all the way
up to when the duration calculation was done. This doesn't hold
true any longer - the actual queuing may occur at any point in the
future (think ath_node TID software queuing) so this information
needs to be maintained.
Right now this does work for non-11n frames but it doesn't at all
enforce the same rate control decision for all frames in the fragment.
I plan on fixing this in a followup commit.
RTS/CTS has the same issue, I'll look at fixing this in a subsequent
commit.
Finaly, 11n fragment support requires the driver to have fully
decided what the rate scenario setup is - including 20/40MHz,
short/long GI, STBC, LDPC, number of streams, etc. Right now that
decision is (currently) made _after_ the NAV field value is updated.
I'll fix all of this in subsequent commits.
Tested:
* AR5416, STA, transmitting 11abg fragments
* AR5416, STA, 11n fragments work but the NAV field is incorrect for
the reasons above.
TODO:
* It would be nice to be able to queue mbufs per-node and per-TID so
we can only queue ath_buf entries when it's time to assemble frames
to send to the hardware.
But honestly, we should just do that level of software queue management
in net80211 rather than ath(4), so I'm going to leave this alone for now.
* More thorough AP, mesh and adhoc testing.
* Ensure that net80211 doesn't hand us fragmented frames when A-MPDU has
been negotiated, as we can't do software retransmission of fragments.
* .. set CLRDMASK when transmitting fragments, just to ensure.
Marcel Moolenaar [Sun, 26 May 2013 22:11:13 +0000 (22:11 +0000)]
Unbreak ia64 tinderbox: 64-bit support was made conditional upon
__amd64__, and thus limited. Eliminate 2 trivial conditionals by
casting the 64-bit integral, holding an address, via (uintptr_t)
to (void *) and replace the last remaining check for __amd64__
with a check for __LP64__ instead.
Dimitry Andric [Sun, 26 May 2013 14:14:42 +0000 (14:14 +0000)]
Pull in r182656 from upstream llvm trunk:
LoopVectorize: LoopSimplify can't canonicalize loops with an
indirectbr in it, don't assert on those cases.
Fixes PR16139.
This should fix clang assertion failures when optimizing at -O3, similar
to:
Assertion failed: (TheLoop->getLoopPreheader() && "No preheader!!"),
function canVectorize, file
contrib/llvm/lib/Transforms/Vectorize/LoopVectorize.cpp, line 2171.
Reported by: O. Hartmann <ohartman@zedat.fu-berlin.de>
PR: ports/178332, ports/178977
MFC after: 3 days
Jeremie Le Hen [Sat, 25 May 2013 22:17:14 +0000 (22:17 +0000)]
Rework the comment I initially wrote when SHLIB_LDSCRIPT was introduced.
The build system is really intricate and I had a hard time to remind the
whole picture even when reading my own words. This one will hopefully
be better.
Marcel Moolenaar [Sat, 25 May 2013 18:59:11 +0000 (18:59 +0000)]
Make the malloc(3) family of functions weak and make their non-weak
implementations visible for use by applications. The functions $F that
are now weak symbols are:
allocm, calloc, dallocm, free, malloc, malloc_usable_size,
nallocm, posix_memalign, rallocm, realloc, sallocm
The non-weak implementations of $F are exported as __$F.
Ed Schouten [Sat, 25 May 2013 16:58:12 +0000 (16:58 +0000)]
Fix <uchar.h> in for C++11.
It turns out that in C++11, char16_t and char32_t are built-in types;
language keywords. Just fix this by putting traditional _*_T_DECLARED
blocks around the definitions. We'll just predefine these in
<sys/_types.h>.
This also opens up the possibility to define char16_t in other header
files, if ever needed (e.g. if we would gain a <ctype.h> for
char16_t/char32_t).
Ed Schouten [Sat, 25 May 2013 12:13:54 +0000 (12:13 +0000)]
Make some tiny improvements to iconv_open().
- Remove an unneeded variable.
- Fix whitespace bugs.
- Fix typoes in comment.
- Improve string handling a bit. Don't handroll strstr() and don't
terminate a strdup()'ed string. Instead, simply strndup() the part we
need.
Ed Schouten [Sat, 25 May 2013 12:11:20 +0000 (12:11 +0000)]
Only call free() on something we allocated.
If we were already provided a struct _citrus_iconv (e.g. through
iconv_open_into()), we should not call free() in case io_init_context()
fails. Instead, call it on the pointer of the allocated object, which
will be NULL in case of iconv_open_into().
Adrian Chadd [Sat, 25 May 2013 06:28:30 +0000 (06:28 +0000)]
Fix net80211 fragment creation.
When creating fragment frames, the header length should honour the
DATAPAD flag.
This fixes the fragments that are queued to the ath(4) driver but it
doesn't yet fix fragment transmission. That requires further changes
to the ath(4) transmit path. Well, strictly speaking, it requires
further changes to _all_ wifi driver transmit paths, but this is at least
a start.
Stefan Eßer [Fri, 24 May 2013 18:54:52 +0000 (18:54 +0000)]
The error handling for writes to the target file could lead to the final
fclose() being skipped. Fix this by using boolean "&" and "|" instead of
short-cut operators "&&" and "||".
While here, increment the last part of the version string. The reason is
the fixed output file selection logic in pch.c, which was committed as
r250943, yesterday.
Marcel Moolenaar [Fri, 24 May 2013 15:53:13 +0000 (15:53 +0000)]
Fix building on slightly older -current and stable systems after
the switch to bmake. The rescue bits are built via crunchgen,
which didn't respect the MAKE environment variable until r237574
(i.e. ~11 months ago). This resulted in a failure due to bmake's
internal -J flag being passed around and not being understood by
the standard (i.e. host's) make.
Note that the failure is conditional upon having the jobServer
feature enabled within bmake.
Assign the rv variable a success code if the pager was not asked for
the page. Using an error code from the previous processed page caused
zeroing of the valid page, when e.g. the previous page was not
available in the pager.
Reported by: lstewart
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Achim Leubner [Fri, 24 May 2013 09:22:43 +0000 (09:22 +0000)]
Driver 'aacraid' added. Supports Adaptec by PMC RAID controller families Series 6, 7, 8 and upcoming products. Older Adaptec RAID controller families are supported by the 'aac' driver.
Mark Johnston [Fri, 24 May 2013 03:29:32 +0000 (03:29 +0000)]
The fasttrap provider cleans up probes asynchronously when a process with
USDT probes exits. This was previously done with a callout; however, it is
possible to sleep while holding the DTrace mutexes, so a panic will occur
on INVARIANTS kernels if the callout handler can't immediately acquire one
of these mutexes. This panic will be frequently triggered on systems where
a USDT-enabled program (perl, for instance) is often run.
This revision changes the fasttrap cleanup mechanism so that a dedicated
thread is used instead of a callout. The old behaviour is otherwise
preserved.
Julian Elischer [Fri, 24 May 2013 02:18:37 +0000 (02:18 +0000)]
Initialising the new fibnum field to a known value turns out to
be a GOOD IDEA (TM).
Apparently MOST users set this (e.g. tcp and friends) but there are a few
users that just assume that it is a sensible value but then go on to read it.
These include SCTP, pf and the FLOWTABLE option (and maybe others).
Stefan Eßer [Thu, 23 May 2013 20:57:20 +0000 (20:57 +0000)]
Fix target selection logic, which did not comply with the man page.
Instead of using the file with the least order of path name components,
shortest filename and finally the shortest basename (with the search
stopping as soon as one of these conditions is true), the first filename
checked was used as the reference, and another filename was only selected
if all of the above comparisons are in favour of the latter file.
This was wrong, because filenames with path less components were only
considered, if both of the other conditions were true as well. In fact,
the first filename to be checked had good chances to be selected in the
end, since it only needed to be better with regard to any one of the
three criteria ...
Marcel Moolenaar [Thu, 23 May 2013 19:47:37 +0000 (19:47 +0000)]
Change the copyright notice to a standard BSD 2-clause license and assign
ownership to the FreeBSD foundation for the years this file has been in
the FreeBSD repository.
This file was originally created by Juniper as part of upgrading to FreeBSD
4.10 (which had no MIPS support) and held functions found on other machines
It grew actual functionality over time. The functionaliy was copied from
other architectures and ported to MIPS on a as-needed basis.
Approved by: Mark Baushke (Juniper IP)
Approved by: Megan Sugiyama (Juniper legal)
Pointed out by: jmallett@
Requested by: core (jhb@)
pmap_enter_locked() implementation was very ambiguous and confusing.
Rearrange it so that each part of the mapping creation is separated.
Avoid walking through the redundant conditions.
Extract vector_page specific PTE setup from normal PTE setting.
Submitted by: Zbigniew Bodek <zbb@semihalf.com>
Sponsored by: The FreeBSD Foundation, Semihalf
Stop using PVF_MOD, PVF_REF & PVF_EXEC flags in pv_entry, use PTE.
Using PVF_MOD, PVF_REF and PVF_EXEC is redundant as we can get the proper
info from PTE bits.
When the mapping is marked as executable and has been referenced we assume
that it has been executed. Similarly, when the mapping is set to be writable
and is referenced, it must have been due to write access to it.
PVF_MOD and PVF_REF flags are kept just for pmap_clearbit() usage,
to pass the information on which bit should be cleared.
Submitted by: Zbigniew Bodek <zbb@semihalf.com>
Sponsored by: The FreeBSD Foundation, Semihalf
Improve, optimize and clean-up ARMv6/v7 memory management related code.
Use pmap_find_pv if needed instead of multiplying its code throughout
pmap-v6.
Avoid possible NULL pointer dereference in pmap_enter_locked()
When trying to get m->md.pv_memattr, make sure that m != NULL,
in particular that vector_page is set to be NULL.
Do not set PGA_REFERENCED flag in pmap_enter_pv().
On ARM any new page reference will result in either entering the new
mapping by calling pmap_enter, etc. or fixing-up the existing mapping in
pmap_fault_fixup().
Therefore we set PGA_REFERENCED flag in the earlier mentioned cases and
setting it later in pmap_enter_pv() is just waste of cycles.
Delete unused pm_pdir pointer from the pmap structure.
Rearrange brackets in the fault cause detection in trap.c
Place the brackets correctly in order to see course of the conditions
instantaneously.
Unify naming in pmap-v6.c and improve style
Use naming common for whole pmap and compatible with other pmaps,
improve style where possible:
pm -> pmap
pg -> m
opg -> om
*pt -> *ptep
*pte -> *ptep
*pde -> *pdep
Submitted by: Zbigniew Bodek <zbb@semihalf.com>
Sponsored by: The FreeBSD Foundation, Semihalf
Switch to AP[2:1] access permissions model. Store "referenced"
bit in PTE.
Enable Access Flag in CPU control. With AF enabled each valid mapping
needs to have referenced bit in PTE set in order to be able to cache
it in the TLB.
AP[0] bit is to be used as reference flag.
All access permissions are encoded by AP[2:1] wherein AP[1] is in fact
"user enable" and AP[2](APX) is "write disable".
All mappings are always set to be valid. Reference emulation is performed
by setting/clearing reference flag in PTE.
md.pvh_attrs are no longer necessary however pv_flags are still being used
for now.
Marking vm_page as "dirty" or "referenced" is being performed on:
- page or flag fault servicing in pmap_fault_fixup(), basing on the fault
type
- vm_fault servicing in pmap_enter() according to the desired protections
and faulty access type
Redundant page marking has been removed as on ARM we know exactly when the
particular page is referenced or is going to be written.
Submitted by: Zbigniew Bodek <zbb@semihalf.com>
Sponsored by: The FreeBSD Foundation, Semihalf
Justin T. Gibbs [Wed, 22 May 2013 19:22:44 +0000 (19:22 +0000)]
Fix loss of the emulated keyboard on Xen PV HVM domains.
xen/xenbus/xenbusb.c:
In xenbusb_probe_children(), do not modify the XenBus state of
devices for which we have no PV driver support. An emulated device
we do support may share this backend. Hide the node from XenBus
instead.
This prevents closing the vkbd device, which Qemu's emulated keyboard
device is using as the source for keyboard events.
Tested with qemu-xen-traditional, qemu-xen and qemu stubdomains, all
working as expected.
Luigi Rizzo [Wed, 22 May 2013 16:32:18 +0000 (16:32 +0000)]
Increase the (arbitrary) limit for the number of packets per tick
from 1k to 20k The previous value was good 10 years ago, but not
anymore now.
More importantly, lots of good surprises:
polling is incredibly effective under virtualization, and not only
prevents livelock but also saves most of the VM exit overhead in
receive mode.
Using polling, a FreeBSD instance under qemu-kvm remains perfectly
responsive even when bombed with 10 Mpps over an emulated e1000,
and happily processes 1.7 Mpps through ipfw.
Note that some incompatibilities still remain: e.g. polling is not
(yet) compatible with netmap, and seems to freeze the guest when
kern.polling.idle_poll=1
Kirk McKusick [Wed, 22 May 2013 00:57:22 +0000 (00:57 +0000)]
Add missing buffer releases (brelse) after bread calls that return
an error. One could argue that returning a buffer even when it is
not valid is incorrect, but bread has always returned a buffer
valid or not.
Kirk McKusick [Wed, 22 May 2013 00:40:26 +0000 (00:40 +0000)]
Null a pointer after it is freed so that when it is returned
the return value is NULL. Based on the returned flags, the
return value should never be inspected in the case where NULL
is returned, but it is good coding practice not to return a
pointer to freed memory.
Attilio Rao [Tue, 21 May 2013 20:38:19 +0000 (20:38 +0000)]
o Relax locking assertions for vm_page_find_least()
o Relax locking assertions for pmap_enter_object() and add them also
to architectures that currently don't have any
o Introduce VM_OBJECT_LOCK_DOWNGRADE() which is basically a downgrade
operation on the per-object rwlock
o Use all the mechanisms above to make vm_map_pmap_enter() to work
mostl of the times only with readlocks.
Ed Schouten [Tue, 21 May 2013 19:59:37 +0000 (19:59 +0000)]
Add <uchar.h>.
The <uchar.h> header, part of C11, adds a small number of utility
functions for 16/32-bit "universal" characters, which may or may not be
UTF-16/32. As our wchar_t is already ISO 10646, simply add light-weight
wrappers around wcrtomb() and mbrtowc().
While there, also add (non-yet-standard) _l functions, similar to the
ones we already have for the other locale-dependent functions.
Jung-uk Kim [Tue, 21 May 2013 19:11:11 +0000 (19:11 +0000)]
Apply still relevant local changes.
r124183: Work around a `label defined but not used' warning.
r179549: De-register declarations.
r179657: De-register declarations in non-dot-c files.
r181269: Mark yy_fatal_error() as __dead2.
r228992: Spelling fixes.
r240518: Correct double "the the".
Adrian Chadd [Tue, 21 May 2013 18:02:54 +0000 (18:02 +0000)]
Enable the use of TDMA on an 802.11n channel (with aggregation disabled,
of course.)
There's a few things that needed to happen:
* In case someone decides to set the beacon transmission rate to be
at an MCS rate, use the MCS-aware version of the duration calculation
to figure out how long the received beacon frame was.
* If TxOP enforcing is available on the hardware and we're doing TDMA,
enable it after a reset and set the TDMA guard interval to zero.
This seems to behave fine.
TODO:
* Although I haven't yet seen packet loss, the PHY errors that would be
triggered (specifically Transmit-Override-Receive) aren't enabled
by the 11n HAL. I'll have to do some work to enable these PHY errors
for debugging.
What broke:
* My recent changes to the TX queue handling has resulted in the driver
not keeping the hardware queue properly filled when doing non-aggregate
traffic. I have a patch to commit soon which fixes this situation
(albeit by reminding me about how my ath driver locking isn't working
out, sigh.)
So if you want to test this without updating to the next set of patches
that I commit, just bump the sysctl dev.ath.X.hwq_limit from 2 to 32.
Tested:
* AR5416 <-> AR5416, with ampdu disabled, HT40, 5GHz, MCS12+Short-GI.
I saw 30mbit/sec in both directions using a bidirectional UDP test.