5332 } else { 5333 jio_fprintf(stderr, 5334 "Could not open pause file '%s', continuing immediately.\n", filename); 5335 } 5336 } 5337 5338 5339 // Refer to the comments in os_solaris.cpp park-unpark. The next two 5340 // comment paragraphs are worth repeating here: 5341 // 5342 // Assumption: 5343 // Only one parker can exist on an event, which is why we allocate 5344 // them per-thread. Multiple unparkers can coexist. 5345 // 5346 // _Event serves as a restricted-range semaphore. 5347 // -1 : thread is blocked, i.e. there is a waiter 5348 // 0 : neutral: thread is running or ready, 5349 // could have been signaled after a wait started 5350 // 1 : signaled - thread is running or ready 5351 // 5352 // Beware -- Some versions of NPTL embody a flaw where pthread_cond_timedwait() can 5353 // hang indefinitely. For instance NPTL 0.60 on 2.4.21-4ELsmp is vulnerable. 5354 // For specifics regarding the bug see GLIBC BUGID 261237 : 5355 // http://www.mail-archive.com/debian-glibc@lists.debian.org/msg10837.html. 5356 // Briefly, pthread_cond_timedwait() calls with an expiry time that's not in the future 5357 // will either hang or corrupt the condvar, resulting in subsequent hangs if the condvar 5358 // is used. (The simple C test-case provided in the GLIBC bug report manifests the 5359 // hang). The JVM is vulernable via sleep(), Object.wait(timo), LockSupport.parkNanos() 5360 // and monitorenter when we're using 1-0 locking. All those operations may result in 5361 // calls to pthread_cond_timedwait(). Using LD_ASSUME_KERNEL to use an older version 5362 // of libpthread avoids the problem, but isn't practical. 5363 // 5364 // Possible remedies: 5365 // 5366 // 1. Establish a minimum relative wait time. 50 to 100 msecs seems to work. 5367 // This is palliative and probabilistic, however. If the thread is preempted 5368 // between the call to compute_abstime() and pthread_cond_timedwait(), more 5369 // than the minimum period may have passed, and the abstime may be stale (in the 5370 // past) resultin in a hang. Using this technique reduces the odds of a hang 5371 // but the JVM is still vulnerable, particularly on heavily loaded systems. 5372 // 5373 // 2. Modify park-unpark to use per-thread (per ParkEvent) pipe-pairs instead 5374 // of the usual flag-condvar-mutex idiom. The write side of the pipe is set 5375 // NDELAY. unpark() reduces to write(), park() reduces to read() and park(timo) 5376 // reduces to poll()+read(). This works well, but consumes 2 FDs per extant 5377 // thread. 5378 // 5379 // 3. Embargo pthread_cond_timedwait() and implement a native "chron" thread 5380 // that manages timeouts. We'd emulate pthread_cond_timedwait() by enqueuing 5381 // a timeout request to the chron thread and then blocking via pthread_cond_wait(). 5382 // This also works well. In fact it avoids kernel-level scalability impediments 5383 // on certain platforms that don't handle lots of active pthread_cond_timedwait() 5384 // timers in a graceful fashion. 5385 // 5386 // 4. When the abstime value is in the past it appears that control returns 5387 // correctly from pthread_cond_timedwait(), but the condvar is left corrupt. 5388 // Subsequent timedwait/wait calls may hang indefinitely. Given that, we 5389 // can avoid the problem by reinitializing the condvar -- by cond_destroy() 5390 // followed by cond_init() -- after all calls to pthread_cond_timedwait(). 5391 // It may be possible to avoid reinitialization by checking the return 5392 // value from pthread_cond_timedwait(). In addition to reinitializing the 5393 // condvar we must establish the invariant that cond_signal() is only called 5394 // within critical sections protected by the adjunct mutex. This prevents 5395 // cond_signal() from "seeing" a condvar that's in the midst of being 5396 // reinitialized or that is corrupt. Sadly, this invariant obviates the 5397 // desirable signal-after-unlock optimization that avoids futile context switching. 5398 // 5399 // I'm also concerned that some versions of NTPL might allocate an auxilliary 5400 // structure when a condvar is used or initialized. cond_destroy() would 5401 // release the helper structure. Our reinitialize-after-timedwait fix 5402 // put excessive stress on malloc/free and locks protecting the c-heap. 5403 // 5404 // We currently use (4). See the WorkAroundNTPLTimedWaitHang flag. 5405 // It may be possible to refine (4) by checking the kernel and NTPL verisons 5406 // and only enabling the work-around for vulnerable environments. 5407 5408 // utility to compute the abstime argument to timedwait: 5409 // millis is the relative timeout time 5410 // abstime will be the absolute timeout time 5411 // TODO: replace compute_abstime() with unpackTime() 5412 5413 static struct timespec* compute_abstime(timespec* abstime, jlong millis) { 5414 if (millis < 0) millis = 0; 5415 5416 jlong seconds = millis / 1000; 5417 millis %= 1000; 5418 if (seconds > 50000000) { // see man cond_timedwait(3T) 5419 seconds = 50000000; 5420 } 5421 5422 if (os::supports_monotonic_clock()) { 5423 struct timespec now; 5424 int status = os::Linux::clock_gettime(CLOCK_MONOTONIC, &now); 5425 assert_status(status == 0, status, "clock_gettime"); 5426 abstime->tv_sec = now.tv_sec + seconds; 5512 int status = pthread_mutex_lock(_mutex); 5513 assert_status(status == 0, status, "mutex_lock"); 5514 guarantee(_nParked == 0, "invariant"); 5515 ++_nParked; 5516 5517 // Object.wait(timo) will return because of 5518 // (a) notification 5519 // (b) timeout 5520 // (c) thread.interrupt 5521 // 5522 // Thread.interrupt and object.notify{All} both call Event::set. 5523 // That is, we treat thread.interrupt as a special case of notification. 5524 // We ignore spurious OS wakeups unless FilterSpuriousWakeups is false. 5525 // We assume all ETIME returns are valid. 5526 // 5527 // TODO: properly differentiate simultaneous notify+interrupt. 5528 // In that case, we should propagate the notify to another waiter. 5529 5530 while (_Event < 0) { 5531 status = pthread_cond_timedwait(_cond, _mutex, &abst); 5532 if (status != 0 && WorkAroundNPTLTimedWaitHang) { 5533 pthread_cond_destroy(_cond); 5534 pthread_cond_init(_cond, os::Linux::condAttr()); 5535 } 5536 assert_status(status == 0 || status == EINTR || 5537 status == ETIME || status == ETIMEDOUT, 5538 status, "cond_timedwait"); 5539 if (!FilterSpuriousWakeups) break; // previous semantics 5540 if (status == ETIME || status == ETIMEDOUT) break; 5541 // We consume and ignore EINTR and spurious wakeups. 5542 } 5543 --_nParked; 5544 if (_Event >= 0) { 5545 ret = OS_OK; 5546 } 5547 _Event = 0; 5548 status = pthread_mutex_unlock(_mutex); 5549 assert_status(status == 0, status, "mutex_unlock"); 5550 assert(_nParked == 0, "invariant"); 5551 // Paranoia to ensure our locked and lock-free paths interact 5552 // correctly with each other. 5553 OrderAccess::fence(); 5554 return ret; 5555 } 5559 // 0 => 1 : just return 5560 // 1 => 1 : just return 5561 // -1 => either 0 or 1; must signal target thread 5562 // That is, we can safely transition _Event from -1 to either 5563 // 0 or 1. 5564 // See also: "Semaphores in Plan 9" by Mullender & Cox 5565 // 5566 // Note: Forcing a transition from "-1" to "1" on an unpark() means 5567 // that it will take two back-to-back park() calls for the owning 5568 // thread to block. This has the benefit of forcing a spurious return 5569 // from the first park() call after an unpark() call which will help 5570 // shake out uses of park() and unpark() without condition variables. 5571 5572 if (Atomic::xchg(1, &_Event) >= 0) return; 5573 5574 // Wait for the thread associated with the event to vacate 5575 int status = pthread_mutex_lock(_mutex); 5576 assert_status(status == 0, status, "mutex_lock"); 5577 int AnyWaiters = _nParked; 5578 assert(AnyWaiters == 0 || AnyWaiters == 1, "invariant"); 5579 if (AnyWaiters != 0 && WorkAroundNPTLTimedWaitHang) { 5580 AnyWaiters = 0; 5581 pthread_cond_signal(_cond); 5582 } 5583 status = pthread_mutex_unlock(_mutex); 5584 assert_status(status == 0, status, "mutex_unlock"); 5585 if (AnyWaiters != 0) { 5586 // Note that we signal() *after* dropping the lock for "immortal" Events. 5587 // This is safe and avoids a common class of futile wakeups. In rare 5588 // circumstances this can cause a thread to return prematurely from 5589 // cond_{timed}wait() but the spurious wakeup is benign and the victim 5590 // will simply re-test the condition and re-park itself. 5591 // This provides particular benefit if the underlying platform does not 5592 // provide wait morphing. 5593 status = pthread_cond_signal(_cond); 5594 assert_status(status == 0, status, "cond_signal"); 5595 } 5596 } 5597 5598 5599 // JSR166 5600 // ------------------------------------------------------- 5601 5602 // The solaris and linux implementations of park/unpark are fairly 5740 5741 #ifdef ASSERT 5742 // Don't catch signals while blocked; let the running threads have the signals. 5743 // (This allows a debugger to break into the running thread.) 5744 sigset_t oldsigs; 5745 sigset_t* allowdebug_blocked = os::Linux::allowdebug_blocked_signals(); 5746 pthread_sigmask(SIG_BLOCK, allowdebug_blocked, &oldsigs); 5747 #endif 5748 5749 OSThreadWaitState osts(thread->osthread(), false /* not Object.wait() */); 5750 jt->set_suspend_equivalent(); 5751 // cleared by handle_special_suspend_equivalent_condition() or java_suspend_self() 5752 5753 assert(_cur_index == -1, "invariant"); 5754 if (time == 0) { 5755 _cur_index = REL_INDEX; // arbitrary choice when not timed 5756 status = pthread_cond_wait(&_cond[_cur_index], _mutex); 5757 } else { 5758 _cur_index = isAbsolute ? ABS_INDEX : REL_INDEX; 5759 status = pthread_cond_timedwait(&_cond[_cur_index], _mutex, &absTime); 5760 if (status != 0 && WorkAroundNPTLTimedWaitHang) { 5761 pthread_cond_destroy(&_cond[_cur_index]); 5762 pthread_cond_init(&_cond[_cur_index], isAbsolute ? NULL : os::Linux::condAttr()); 5763 } 5764 } 5765 _cur_index = -1; 5766 assert_status(status == 0 || status == EINTR || 5767 status == ETIME || status == ETIMEDOUT, 5768 status, "cond_timedwait"); 5769 5770 #ifdef ASSERT 5771 pthread_sigmask(SIG_SETMASK, &oldsigs, NULL); 5772 #endif 5773 5774 _counter = 0; 5775 status = pthread_mutex_unlock(_mutex); 5776 assert_status(status == 0, status, "invariant"); 5777 // Paranoia to ensure our locked and lock-free paths interact 5778 // correctly with each other and Java-level accesses. 5779 OrderAccess::fence(); 5780 5781 // If externally suspended while waiting, re-suspend 5782 if (jt->handle_special_suspend_equivalent_condition()) { 5783 jt->java_suspend_self(); 5784 } 5785 } 5786 5787 void Parker::unpark() { 5788 int status = pthread_mutex_lock(_mutex); 5789 assert(status == 0, "invariant"); 5790 const int s = _counter; 5791 _counter = 1; 5792 if (s < 1) { 5793 // thread might be parked 5794 if (_cur_index != -1) { 5795 // thread is definitely parked 5796 if (WorkAroundNPTLTimedWaitHang) { 5797 status = pthread_cond_signal(&_cond[_cur_index]); 5798 assert(status == 0, "invariant"); 5799 status = pthread_mutex_unlock(_mutex); 5800 assert(status == 0, "invariant"); 5801 } else { 5802 // must capture correct index before unlocking 5803 int index = _cur_index; 5804 status = pthread_mutex_unlock(_mutex); 5805 assert(status == 0, "invariant"); 5806 status = pthread_cond_signal(&_cond[index]); 5807 assert(status == 0, "invariant"); 5808 } 5809 } else { 5810 pthread_mutex_unlock(_mutex); 5811 assert(status == 0, "invariant"); 5812 } 5813 } else { 5814 pthread_mutex_unlock(_mutex); 5815 assert(status == 0, "invariant"); 5816 } 5817 } 5818 5819 5820 extern char** environ; 5821 5822 // Run the specified command in a separate process. Return its exit value, 5823 // or -1 on failure (e.g. can't fork a new process). 5824 // Unlike system(), this function can be called from signal handler. It 5825 // doesn't block SIGINT et al. 5826 int os::fork_and_exec(char* cmd) { 5827 const char * argv[4] = {"sh", "-c", cmd, NULL}; 5828 | 5332 } else { 5333 jio_fprintf(stderr, 5334 "Could not open pause file '%s', continuing immediately.\n", filename); 5335 } 5336 } 5337 5338 5339 // Refer to the comments in os_solaris.cpp park-unpark. The next two 5340 // comment paragraphs are worth repeating here: 5341 // 5342 // Assumption: 5343 // Only one parker can exist on an event, which is why we allocate 5344 // them per-thread. Multiple unparkers can coexist. 5345 // 5346 // _Event serves as a restricted-range semaphore. 5347 // -1 : thread is blocked, i.e. there is a waiter 5348 // 0 : neutral: thread is running or ready, 5349 // could have been signaled after a wait started 5350 // 1 : signaled - thread is running or ready 5351 // 5352 5353 // utility to compute the abstime argument to timedwait: 5354 // millis is the relative timeout time 5355 // abstime will be the absolute timeout time 5356 // TODO: replace compute_abstime() with unpackTime() 5357 5358 static struct timespec* compute_abstime(timespec* abstime, jlong millis) { 5359 if (millis < 0) millis = 0; 5360 5361 jlong seconds = millis / 1000; 5362 millis %= 1000; 5363 if (seconds > 50000000) { // see man cond_timedwait(3T) 5364 seconds = 50000000; 5365 } 5366 5367 if (os::supports_monotonic_clock()) { 5368 struct timespec now; 5369 int status = os::Linux::clock_gettime(CLOCK_MONOTONIC, &now); 5370 assert_status(status == 0, status, "clock_gettime"); 5371 abstime->tv_sec = now.tv_sec + seconds; 5457 int status = pthread_mutex_lock(_mutex); 5458 assert_status(status == 0, status, "mutex_lock"); 5459 guarantee(_nParked == 0, "invariant"); 5460 ++_nParked; 5461 5462 // Object.wait(timo) will return because of 5463 // (a) notification 5464 // (b) timeout 5465 // (c) thread.interrupt 5466 // 5467 // Thread.interrupt and object.notify{All} both call Event::set. 5468 // That is, we treat thread.interrupt as a special case of notification. 5469 // We ignore spurious OS wakeups unless FilterSpuriousWakeups is false. 5470 // We assume all ETIME returns are valid. 5471 // 5472 // TODO: properly differentiate simultaneous notify+interrupt. 5473 // In that case, we should propagate the notify to another waiter. 5474 5475 while (_Event < 0) { 5476 status = pthread_cond_timedwait(_cond, _mutex, &abst); 5477 assert_status(status == 0 || status == EINTR || 5478 status == ETIME || status == ETIMEDOUT, 5479 status, "cond_timedwait"); 5480 if (!FilterSpuriousWakeups) break; // previous semantics 5481 if (status == ETIME || status == ETIMEDOUT) break; 5482 // We consume and ignore EINTR and spurious wakeups. 5483 } 5484 --_nParked; 5485 if (_Event >= 0) { 5486 ret = OS_OK; 5487 } 5488 _Event = 0; 5489 status = pthread_mutex_unlock(_mutex); 5490 assert_status(status == 0, status, "mutex_unlock"); 5491 assert(_nParked == 0, "invariant"); 5492 // Paranoia to ensure our locked and lock-free paths interact 5493 // correctly with each other. 5494 OrderAccess::fence(); 5495 return ret; 5496 } 5500 // 0 => 1 : just return 5501 // 1 => 1 : just return 5502 // -1 => either 0 or 1; must signal target thread 5503 // That is, we can safely transition _Event from -1 to either 5504 // 0 or 1. 5505 // See also: "Semaphores in Plan 9" by Mullender & Cox 5506 // 5507 // Note: Forcing a transition from "-1" to "1" on an unpark() means 5508 // that it will take two back-to-back park() calls for the owning 5509 // thread to block. This has the benefit of forcing a spurious return 5510 // from the first park() call after an unpark() call which will help 5511 // shake out uses of park() and unpark() without condition variables. 5512 5513 if (Atomic::xchg(1, &_Event) >= 0) return; 5514 5515 // Wait for the thread associated with the event to vacate 5516 int status = pthread_mutex_lock(_mutex); 5517 assert_status(status == 0, status, "mutex_lock"); 5518 int AnyWaiters = _nParked; 5519 assert(AnyWaiters == 0 || AnyWaiters == 1, "invariant"); 5520 status = pthread_mutex_unlock(_mutex); 5521 assert_status(status == 0, status, "mutex_unlock"); 5522 if (AnyWaiters != 0) { 5523 // Note that we signal() *after* dropping the lock for "immortal" Events. 5524 // This is safe and avoids a common class of futile wakeups. In rare 5525 // circumstances this can cause a thread to return prematurely from 5526 // cond_{timed}wait() but the spurious wakeup is benign and the victim 5527 // will simply re-test the condition and re-park itself. 5528 // This provides particular benefit if the underlying platform does not 5529 // provide wait morphing. 5530 status = pthread_cond_signal(_cond); 5531 assert_status(status == 0, status, "cond_signal"); 5532 } 5533 } 5534 5535 5536 // JSR166 5537 // ------------------------------------------------------- 5538 5539 // The solaris and linux implementations of park/unpark are fairly 5677 5678 #ifdef ASSERT 5679 // Don't catch signals while blocked; let the running threads have the signals. 5680 // (This allows a debugger to break into the running thread.) 5681 sigset_t oldsigs; 5682 sigset_t* allowdebug_blocked = os::Linux::allowdebug_blocked_signals(); 5683 pthread_sigmask(SIG_BLOCK, allowdebug_blocked, &oldsigs); 5684 #endif 5685 5686 OSThreadWaitState osts(thread->osthread(), false /* not Object.wait() */); 5687 jt->set_suspend_equivalent(); 5688 // cleared by handle_special_suspend_equivalent_condition() or java_suspend_self() 5689 5690 assert(_cur_index == -1, "invariant"); 5691 if (time == 0) { 5692 _cur_index = REL_INDEX; // arbitrary choice when not timed 5693 status = pthread_cond_wait(&_cond[_cur_index], _mutex); 5694 } else { 5695 _cur_index = isAbsolute ? ABS_INDEX : REL_INDEX; 5696 status = pthread_cond_timedwait(&_cond[_cur_index], _mutex, &absTime); 5697 } 5698 _cur_index = -1; 5699 assert_status(status == 0 || status == EINTR || 5700 status == ETIME || status == ETIMEDOUT, 5701 status, "cond_timedwait"); 5702 5703 #ifdef ASSERT 5704 pthread_sigmask(SIG_SETMASK, &oldsigs, NULL); 5705 #endif 5706 5707 _counter = 0; 5708 status = pthread_mutex_unlock(_mutex); 5709 assert_status(status == 0, status, "invariant"); 5710 // Paranoia to ensure our locked and lock-free paths interact 5711 // correctly with each other and Java-level accesses. 5712 OrderAccess::fence(); 5713 5714 // If externally suspended while waiting, re-suspend 5715 if (jt->handle_special_suspend_equivalent_condition()) { 5716 jt->java_suspend_self(); 5717 } 5718 } 5719 5720 void Parker::unpark() { 5721 int status = pthread_mutex_lock(_mutex); 5722 assert(status == 0, "invariant"); 5723 const int s = _counter; 5724 _counter = 1; 5725 if (s < 1) { 5726 // thread might be parked 5727 if (_cur_index != -1) { 5728 // thread is definitely parked 5729 // must capture correct index before unlocking 5730 int index = _cur_index; 5731 status = pthread_mutex_unlock(_mutex); 5732 assert(status == 0, "invariant"); 5733 status = pthread_cond_signal(&_cond[index]); 5734 assert(status == 0, "invariant"); 5735 } else { 5736 pthread_mutex_unlock(_mutex); 5737 assert(status == 0, "invariant"); 5738 } 5739 } else { 5740 pthread_mutex_unlock(_mutex); 5741 assert(status == 0, "invariant"); 5742 } 5743 } 5744 5745 5746 extern char** environ; 5747 5748 // Run the specified command in a separate process. Return its exit value, 5749 // or -1 on failure (e.g. can't fork a new process). 5750 // Unlike system(), this function can be called from signal handler. It 5751 // doesn't block SIGINT et al. 5752 int os::fork_and_exec(char* cmd) { 5753 const char * argv[4] = {"sh", "-c", cmd, NULL}; 5754 |