X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=bertos%2Fkern%2Fsignal.c;h=71ccf67ada7dd6090ecc5a1420a7580567dda67d;hb=35be7aa348f671b0ed50ee43d903444edc4892af;hp=5abd7062679aeacd91f085741c18db31e71d29f8;hpb=791e167e053bdd9250d34a9a5ccae6ccde4d6679;p=bertos.git

diff --git a/bertos/kern/signal.c b/bertos/kern/signal.c
index 5abd7062..71ccf67a 100644
--- a/bertos/kern/signal.c
+++ b/bertos/kern/signal.c
@@ -26,9 +26,8 @@
  * invalidate any other reasons why the executable file might be covered by
  * the GNU General Public License.
  *
- * Copyright 2004 Develer S.r.l. (http://www.develer.com/)
- * Copyright 1999, 2000, 2001 Bernardo Innocenti <bernie@develer.com>
- *
+ * Copyright 2004, 2008 Develer S.r.l. (http://www.develer.com/)
+ * Copyright 1999, 2000, 2001 Bernie Innocenti <bernie@codewiz.org>
  * -->
  *
  * \brief IPC signals implementation.
@@ -66,10 +65,38 @@
  * particular event has occurred, because the same signal may be
  * delivered twice before the process can notice.
  *
- * Any execution context, including an interrupt handler, can deliver
- * a signal to a process using sig_signal().  Multiple independent signals
- * may be delivered at once with a single invocation of sig_signal(),
- * although this is rarely useful.
+ * Signals can be delivered synchronously via sig_send() or asynchronously via
+ * sig_post().
+ *
+ * In the synchronous case the process is awakened if it was waiting for any
+ * signal and immediately dispatched for execution via a direct context switch,
+ * if its priority is greater than the running process.
+ *
+ * <pre>
+ * - Synchronous-signal delivery:
+ *
+ *     [P1]____sig_send()____proc_wakeup()____[P2]
+ * </pre>
+ *
+ * In the asynchronous case, the process is scheduled for execution as a
+ * consequence of the delivery, but it will be dispatched by the scheduler as
+ * usual, according to the scheduling policy.
+ *
+ * <pre>
+ * - Asynchronous-signal delivery:
+ *
+ *     [P1]____sig_post()____[P1]____proc_schedule()____[P2]
+ * </pre>
+ *
+ * In this way, any execution context, including an interrupt handler, can
+ * deliver a signal to a process. However, synchronous signal delivery from a
+ * non-sleepable context (like an interrupt handler) is forbidden in order to
+ * avoid potential deadlock conditions. Instead, sig_post() can be used from
+ * any context, expecially from interrupt context or when the preemption is
+ * disabled.
+ *
+ * Multiple independent signals may be delivered at once with a single
+ * invocation of sig_send() or sig_post(), although this is rarely useful.
  *
  * \section signal_allocation Signal Allocation
  *
@@ -93,35 +120,41 @@
  *  - Do not sleep between starting the asynchronous task that will fire
  *    SIG_SINGLE, and the call to  sig_wait().
  *  - Do not call system functions that may implicitly sleep, such as
- *    timer_delayTickes().
+ *    timer_delayTicks().
  *
  * \version $Id$
- *
- * \author Bernardo Innocenti <bernie@develer.com>
+ * \author Bernie Innocenti <bernie@codewiz.org>
  */
 
 #include "signal.h"
 
+#include "cfg/cfg_timer.h"
 #include <cfg/debug.h>
-#include <drv/timer.h>
+#include <cfg/depend.h>
+
+#include <cpu/irq.h>
 #include <kern/proc.h>
 #include <kern/proc_p.h>
- 
+
 
 #if CONFIG_KERN_SIGNALS
 
+// Check config dependencies
+CONFIG_DEPEND(CONFIG_KERN_SIGNALS, CONFIG_KERN);
+
 /**
  * Check if any of the signals in \a sigs has occurred and clear them.
+ *
  * \return the signals that have occurred.
  */
 sigmask_t sig_check(sigmask_t sigs)
 {
 	sigmask_t result;
-	cpuflags_t flags;
+	cpu_flags_t flags;
 
 	IRQ_SAVE_DISABLE(flags);
-	result = CurrentProcess->sig_recv & sigs;
-	CurrentProcess->sig_recv &= ~sigs;
+	result = current_process->sig_recv & sigs;
+	current_process->sig_recv &= ~sigs;
 	IRQ_RESTORE(flags);
 
 	return result;
@@ -135,29 +168,53 @@ sigmask_t sig_check(sigmask_t sigs)
 sigmask_t sig_wait(sigmask_t sigs)
 {
 	sigmask_t result;
-	cpuflags_t flags;
 
-	IRQ_SAVE_DISABLE(flags);
+	/* Sleeping with IRQs disabled or preemption forbidden is illegal */
+	IRQ_ASSERT_ENABLED();
+	ASSERT(proc_preemptAllowed());
+
+	/*
+	 * This is subtle: there's a race condition where a concurrent process
+	 * or an interrupt may call sig_send()/sig_post() to set a bit in
+	 * Process.sig_recv just after we have checked for it, but before we've
+	 * set Process.sig_wait to let them know we want to be awaken.
+	 *
+	 * In this case, we'd deadlock with the signal bit already set and the
+	 * process never being reinserted into the ready list.
+	 */
+	IRQ_DISABLE;
 
 	/* Loop until we get at least one of the signals */
-	while (!(result = CurrentProcess->sig_recv & sigs))
+	while (!(result = current_process->sig_recv & sigs))
 	{
-		/* go to sleep and proc_schedule() another process */
-		CurrentProcess->sig_wait = sigs;
-		proc_schedule();
+		/*
+		 * Tell "them" that we want to be awaken when any of these
+		 * signals arrives.
+		 */
+		current_process->sig_wait = sigs;
 
-		/* When we come back here, a signal must be arrived */
-		ASSERT(!CurrentProcess->sig_wait);
-		ASSERT(CurrentProcess->sig_recv);
+		/* Go to sleep and proc_switch() to another process. */
+		proc_switch();
+		/*
+		 * When we come back here, the wait mask must have been
+		 * cleared by someone through sig_send()/sig_post(), and at
+		 * least one of the signals we were expecting must have been
+		 * delivered to us.
+		 */
+		ASSERT(!current_process->sig_wait);
+		ASSERT(current_process->sig_recv & sigs);
 	}
 
 	/* Signals found: clear them and return */
-	CurrentProcess->sig_recv &= ~sigs;
+	current_process->sig_recv &= ~sigs;
 
-	IRQ_RESTORE(flags);
+	IRQ_ENABLE;
 	return result;
 }
 
+#if CONFIG_TIMER_EVENTS
+
+#include <drv/timer.h>
 /**
  * Sleep until any of the signals in \a sigs or \a timeout ticks elapse.
  * If the timeout elapse a SIG_TIMEOUT is added to the received signal(s).
@@ -168,7 +225,7 @@ sigmask_t sig_waitTimeout(sigmask_t sigs, ticks_t timeout)
 {
 	Timer t;
 	sigmask_t res;
-	cpuflags_t flags;
+	cpu_flags_t flags;
 
 	ASSERT(!sig_check(SIG_TIMEOUT));
 	ASSERT(!(sigs & SIG_TIMEOUT));
@@ -188,16 +245,15 @@ sigmask_t sig_waitTimeout(sigmask_t sigs, ticks_t timeout)
 	return res;
 }
 
+#endif // CONFIG_TIMER_EVENTS
 
-/**
- * Send the signals \a sigs to the process \a proc.
- * The process will be awoken if it was waiting for any of them.
- *
- * \note This call is interrupt safe.
- */
-void sig_signal(Process *proc, sigmask_t sigs)
+INLINE void __sig_signal(Process *proc, sigmask_t sigs, bool wakeup)
 {
-	cpuflags_t flags;
+	cpu_flags_t flags;
+
+	if (UNLIKELY(proc == current_process))
+		return;
+
 	IRQ_SAVE_DISABLE(flags);
 
 	/* Set the signals */
@@ -206,13 +262,43 @@ void sig_signal(Process *proc, sigmask_t sigs)
 	/* Check if process needs to be awoken */
 	if (proc->sig_recv & proc->sig_wait)
 	{
-		/* Wake up process and enqueue in ready list */
 		proc->sig_wait = 0;
-		SCHED_ENQUEUE(proc);
+		if (wakeup)
+			proc_wakeup(proc);
+		else
+			SCHED_ENQUEUE_HEAD(proc);
 	}
-
 	IRQ_RESTORE(flags);
 }
 
-#endif /* CONFIG_KERN_SIGNALS */
+/**
+ * Send the signals \a sigs to the process \a proc and immeditaly dispatch it
+ * for execution.
+ *
+ * The process will be awoken if it was waiting for any of them and immediately
+ * dispatched for execution.
+ *
+ * \note This function can't be called from IRQ context, use sig_post()
+ * instead.
+ */
+void sig_send(Process *proc, sigmask_t sigs)
+{
+	ASSERT_USER_CONTEXT();
+	IRQ_ASSERT_ENABLED();
+	ASSERT(proc_preemptAllowed());
 
+	__sig_signal(proc, sigs, true);
+}
+
+/**
+ * Send the signals \a sigs to the process \a proc.
+ * The process will be awoken if it was waiting for any of them.
+ *
+ * \note This call is interrupt safe.
+ */
+void sig_post(Process *proc, sigmask_t sigs)
+{
+	__sig_signal(proc, sigs, false);
+}
+
+#endif /* CONFIG_KERN_SIGNALS */