miri/shims/unix/freebsd/sync.rs
1//! Contains FreeBSD-specific synchronization functions
2
3use core::time::Duration;
4
5use rustc_abi::FieldIdx;
6
7use crate::concurrency::sync::{FutexRef, SyncObj};
8use crate::*;
9
10pub struct FreeBsdFutex {
11 futex: FutexRef,
12}
13
14impl SyncObj for FreeBsdFutex {}
15
16/// Extended variant of the `timespec` struct.
17pub struct UmtxTime {
18 timeout: Duration,
19 abs_time: bool,
20 timeout_clock: TimeoutClock,
21}
22
23impl<'tcx> EvalContextExt<'tcx> for crate::MiriInterpCx<'tcx> {}
24pub trait EvalContextExt<'tcx>: crate::MiriInterpCxExt<'tcx> {
25 /// Implementation of the FreeBSD [`_umtx_op`](https://man.freebsd.org/cgi/man.cgi?query=_umtx_op&sektion=2&manpath=FreeBSD+14.2-RELEASE+and+Ports) syscall.
26 /// This is used for futex operations on FreeBSD.
27 ///
28 /// `obj`: a pointer to the futex object (can be a lot of things, mostly *AtomicU32)
29 /// `op`: the futex operation to run
30 /// `val`: the current value of the object as a `c_long` (for wait/wake)
31 /// `uaddr`: `op`-specific optional parameter, pointer-sized integer or pointer to an `op`-specific struct
32 /// `uaddr2`: `op`-specific optional parameter, pointer-sized integer or pointer to an `op`-specific struct
33 /// `dest`: the place this syscall returns to, 0 for success, -1 for failure
34 ///
35 /// # Note
36 /// Curently only the WAIT and WAKE operations are implemented.
37 fn _umtx_op(
38 &mut self,
39 obj: &OpTy<'tcx>,
40 op: &OpTy<'tcx>,
41 val: &OpTy<'tcx>,
42 uaddr: &OpTy<'tcx>,
43 uaddr2: &OpTy<'tcx>,
44 dest: &MPlaceTy<'tcx>,
45 ) -> InterpResult<'tcx> {
46 let this = self.eval_context_mut();
47
48 let obj = this.read_pointer(obj)?;
49 let op = this.read_scalar(op)?.to_i32()?;
50 let val = this.read_target_usize(val)?;
51 let uaddr = this.read_target_usize(uaddr)?;
52 let uaddr2 = this.read_pointer(uaddr2)?;
53
54 let wait = this.eval_libc_i32("UMTX_OP_WAIT");
55 let wait_uint = this.eval_libc_i32("UMTX_OP_WAIT_UINT");
56 let wait_uint_private = this.eval_libc_i32("UMTX_OP_WAIT_UINT_PRIVATE");
57
58 let wake = this.eval_libc_i32("UMTX_OP_WAKE");
59 let wake_private = this.eval_libc_i32("UMTX_OP_WAKE_PRIVATE");
60
61 let timespec_layout = this.libc_ty_layout("timespec");
62 let umtx_time_layout = this.libc_ty_layout("_umtx_time");
63 assert!(
64 timespec_layout.size != umtx_time_layout.size,
65 "`struct timespec` and `struct _umtx_time` should have different sizes."
66 );
67
68 match op {
69 // UMTX_OP_WAIT_UINT and UMTX_OP_WAIT_UINT_PRIVATE only differ in whether they work across
70 // processes or not. For Miri, we can treat them the same.
71 op if op == wait || op == wait_uint || op == wait_uint_private => {
72 let obj_layout =
73 if op == wait { this.machine.layouts.isize } else { this.machine.layouts.u32 };
74 let obj = this.ptr_to_mplace(obj, obj_layout);
75
76 // Read the Linux futex wait implementation in Miri to understand why this fence is needed.
77 this.atomic_fence(AtomicFenceOrd::SeqCst)?;
78 let obj_val = this
79 .read_scalar_atomic(&obj, AtomicReadOrd::Acquire)?
80 .to_bits(obj_layout.size)?; // isize and u32 can have different sizes
81
82 if obj_val == u128::from(val) {
83 // This cannot fail since we already did an atomic acquire read on that pointer.
84 // Acquire reads are only allowed on mutable memory.
85 let futex_ref = this
86 .get_sync_or_init(obj.ptr(), |_| FreeBsdFutex { futex: Default::default() })
87 .unwrap()
88 .futex
89 .clone();
90
91 // From the manual:
92 // The timeout is specified by passing either the address of `struct timespec`, or its
93 // extended variant, `struct _umtx_time`, as the `uaddr2` argument of _umtx_op().
94 // They are distinguished by the `uaddr` value, which must be equal
95 // to the size of the structure pointed to by `uaddr2`, casted to uintptr_t.
96 let timeout = if this.ptr_is_null(uaddr2)? {
97 // no timeout parameter
98 None
99 } else {
100 if uaddr == umtx_time_layout.size.bytes() {
101 // `uaddr2` points to a `struct _umtx_time`.
102 let umtx_time_place = this.ptr_to_mplace(uaddr2, umtx_time_layout);
103
104 let Some(umtx_time) = this.read_umtx_time(&umtx_time_place)? else {
105 return this.set_last_error_and_return(LibcError("EINVAL"), dest);
106 };
107
108 let anchor = if umtx_time.abs_time {
109 TimeoutAnchor::Absolute
110 } else {
111 TimeoutAnchor::Relative
112 };
113
114 Some((umtx_time.timeout_clock, anchor, umtx_time.timeout))
115 } else if uaddr == timespec_layout.size.bytes() {
116 // RealTime clock can't be used in isolation mode.
117 this.check_no_isolation("`_umtx_op` with `timespec` timeout")?;
118
119 // `uaddr2` points to a `struct timespec`.
120 let timespec = this.ptr_to_mplace(uaddr2, timespec_layout);
121 let Some(duration) = this.read_timespec(×pec)? else {
122 return this.set_last_error_and_return(LibcError("EINVAL"), dest);
123 };
124
125 // FreeBSD does not seem to document which clock is used when the timeout
126 // is passed as a `struct timespec*`. Based on discussions online and the source
127 // code (umtx_copyin_umtx_time() in kern_umtx.c), it seems to default to CLOCK_REALTIME,
128 // so that's what we also do.
129 // Discussion in golang: https://github.com/golang/go/issues/17168#issuecomment-250235271
130 Some((TimeoutClock::RealTime, TimeoutAnchor::Relative, duration))
131 } else {
132 return this.set_last_error_and_return(LibcError("EINVAL"), dest);
133 }
134 };
135
136 let dest = dest.clone();
137 this.futex_wait(
138 futex_ref,
139 u32::MAX, // we set the bitset to include all bits
140 timeout,
141 callback!(
142 @capture<'tcx> {
143 dest: MPlaceTy<'tcx>,
144 }
145 |ecx, unblock: UnblockKind| match unblock {
146 UnblockKind::Ready => {
147 // From the manual:
148 // If successful, all requests, except UMTX_SHM_CREAT and UMTX_SHM_LOOKUP
149 // sub-requests of the UMTX_OP_SHM request, will return zero.
150 ecx.write_int(0, &dest)
151 }
152 UnblockKind::TimedOut => {
153 ecx.set_last_error_and_return(LibcError("ETIMEDOUT"), &dest)
154 }
155 }
156 ),
157 );
158 interp_ok(())
159 } else {
160 // The manual doesn’t specify what should happen if the futex value doesn’t match the expected one.
161 // On FreeBSD 14.2, testing shows that WAIT operations return 0 even when the value is incorrect.
162 this.write_int(0, dest)?;
163 interp_ok(())
164 }
165 }
166 // UMTX_OP_WAKE and UMTX_OP_WAKE_PRIVATE only differ in whether they work across
167 // processes or not. For Miri, we can treat them the same.
168 op if op == wake || op == wake_private => {
169 let Some(futex_ref) =
170 this.get_sync_or_init(obj, |_| FreeBsdFutex { futex: Default::default() })
171 else {
172 // From Linux implemenation:
173 // No AllocId, or no live allocation at that AllocId.
174 // Return an error code. (That seems nicer than silently doing something non-intuitive.)
175 // This means that if an address gets reused by a new allocation,
176 // we'll use an independent futex queue for this... that seems acceptable.
177 return this.set_last_error_and_return(LibcError("EFAULT"), dest);
178 };
179 let futex_ref = futex_ref.futex.clone();
180
181 // Saturating cast for when usize is smaller than u64.
182 let count = usize::try_from(val).unwrap_or(usize::MAX);
183
184 // Read the Linux futex wake implementation in Miri to understand why this fence is needed.
185 this.atomic_fence(AtomicFenceOrd::SeqCst)?;
186
187 // `_umtx_op` doesn't return the amount of woken threads.
188 let _woken = this.futex_wake(
189 &futex_ref,
190 u32::MAX, // we set the bitset to include all bits
191 count,
192 )?;
193
194 // From the manual:
195 // If successful, all requests, except UMTX_SHM_CREAT and UMTX_SHM_LOOKUP
196 // sub-requests of the UMTX_OP_SHM request, will return zero.
197 this.write_int(0, dest)?;
198 interp_ok(())
199 }
200 op => {
201 throw_unsup_format!("Miri does not support `_umtx_op` syscall with op={}", op)
202 }
203 }
204 }
205
206 /// Parses a `_umtx_time` struct.
207 /// Returns `None` if the underlying `timespec` struct is invalid.
208 fn read_umtx_time(&mut self, ut: &MPlaceTy<'tcx>) -> InterpResult<'tcx, Option<UmtxTime>> {
209 let this = self.eval_context_mut();
210 // Only flag allowed is UMTX_ABSTIME.
211 let abs_time = this.eval_libc_u32("UMTX_ABSTIME");
212
213 let timespec_place = this.project_field(ut, FieldIdx::from_u32(0))?;
214 // Inner `timespec` must still be valid.
215 let Some(duration) = this.read_timespec(×pec_place)? else { return interp_ok(None) };
216
217 let flags_place = this.project_field(ut, FieldIdx::from_u32(1))?;
218 let flags = this.read_scalar(&flags_place)?.to_u32()?;
219 let abs_time_flag = flags == abs_time;
220
221 let clock_id_place = this.project_field(ut, FieldIdx::from_u32(2))?;
222 let clock_id = this.read_scalar(&clock_id_place)?;
223 let Some(timeout_clock) = this.parse_clockid(clock_id) else {
224 throw_unsup_format!("unsupported clock")
225 };
226 if timeout_clock == TimeoutClock::RealTime {
227 this.check_no_isolation("`_umtx_op` with `CLOCK_REALTIME`")?;
228 }
229
230 interp_ok(Some(UmtxTime { timeout: duration, abs_time: abs_time_flag, timeout_clock }))
231 }
232}