pthread_mutex.cpp revision ff03a7aaade5826e3708f6e320d0612d4cdbdb72 
1/*
2 * Copyright (C) 2008 The Android Open Source Project
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *  * Redistributions of source code must retain the above copyright
9 *    notice, this list of conditions and the following disclaimer.
10 *  * Redistributions in binary form must reproduce the above copyright
11 *    notice, this list of conditions and the following disclaimer in
12 *    the documentation and/or other materials provided with the
13 *    distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
16 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
17 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
18 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
19 * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
21 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
22 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
23 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
24 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
25 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 */
28
29#include <pthread.h>
30
31#include <errno.h>
32#include <limits.h>
33#include <sys/mman.h>
34#include <unistd.h>
35
36#include "pthread_internal.h"
37
38#include "private/bionic_atomic_inline.h"
39#include "private/bionic_futex.h"
40#include "private/bionic_tls.h"
41
42extern void pthread_debug_mutex_lock_check(pthread_mutex_t *mutex);
43extern void pthread_debug_mutex_unlock_check(pthread_mutex_t *mutex);
44
45/* a mutex is implemented as a 32-bit integer holding the following fields
46 *
47 * bits:     name     description
48 * 31-16     tid      owner thread's tid (recursive and errorcheck only)
49 * 15-14     type     mutex type
50 * 13        shared   process-shared flag
51 * 12-2      counter  counter of recursive mutexes
52 * 1-0       state    lock state (0, 1 or 2)
53 */
54
55/* Convenience macro, creates a mask of 'bits' bits that starts from
56 * the 'shift'-th least significant bit in a 32-bit word.
57 *
58 * Examples: FIELD_MASK(0,4)  -> 0xf
59 *           FIELD_MASK(16,9) -> 0x1ff0000
60 */
61#define  FIELD_MASK(shift,bits)           (((1 << (bits))-1) << (shift))
62
63/* This one is used to create a bit pattern from a given field value */
64#define  FIELD_TO_BITS(val,shift,bits)    (((val) & ((1 << (bits))-1)) << (shift))
65
66/* And this one does the opposite, i.e. extract a field's value from a bit pattern */
67#define  FIELD_FROM_BITS(val,shift,bits)  (((val) >> (shift)) & ((1 << (bits))-1))
68
69/* Mutex state:
70 *
71 * 0 for unlocked
72 * 1 for locked, no waiters
73 * 2 for locked, maybe waiters
74 */
75#define  MUTEX_STATE_SHIFT      0
76#define  MUTEX_STATE_LEN        2
77
78#define  MUTEX_STATE_MASK           FIELD_MASK(MUTEX_STATE_SHIFT, MUTEX_STATE_LEN)
79#define  MUTEX_STATE_FROM_BITS(v)   FIELD_FROM_BITS(v, MUTEX_STATE_SHIFT, MUTEX_STATE_LEN)
80#define  MUTEX_STATE_TO_BITS(v)     FIELD_TO_BITS(v, MUTEX_STATE_SHIFT, MUTEX_STATE_LEN)
81
82#define  MUTEX_STATE_UNLOCKED            0   /* must be 0 to match __PTHREAD_MUTEX_INIT_VALUE */
83#define  MUTEX_STATE_LOCKED_UNCONTENDED  1   /* must be 1 due to atomic dec in unlock operation */
84#define  MUTEX_STATE_LOCKED_CONTENDED    2   /* must be 1 + LOCKED_UNCONTENDED due to atomic dec */
85
86#define  MUTEX_STATE_FROM_BITS(v)    FIELD_FROM_BITS(v, MUTEX_STATE_SHIFT, MUTEX_STATE_LEN)
87#define  MUTEX_STATE_TO_BITS(v)      FIELD_TO_BITS(v, MUTEX_STATE_SHIFT, MUTEX_STATE_LEN)
88
89#define  MUTEX_STATE_BITS_UNLOCKED            MUTEX_STATE_TO_BITS(MUTEX_STATE_UNLOCKED)
90#define  MUTEX_STATE_BITS_LOCKED_UNCONTENDED  MUTEX_STATE_TO_BITS(MUTEX_STATE_LOCKED_UNCONTENDED)
91#define  MUTEX_STATE_BITS_LOCKED_CONTENDED    MUTEX_STATE_TO_BITS(MUTEX_STATE_LOCKED_CONTENDED)
92
93/* return true iff the mutex if locked with no waiters */
94#define  MUTEX_STATE_BITS_IS_LOCKED_UNCONTENDED(v)  (((v) & MUTEX_STATE_MASK) == MUTEX_STATE_BITS_LOCKED_UNCONTENDED)
95
96/* return true iff the mutex if locked with maybe waiters */
97#define  MUTEX_STATE_BITS_IS_LOCKED_CONTENDED(v)   (((v) & MUTEX_STATE_MASK) == MUTEX_STATE_BITS_LOCKED_CONTENDED)
98
99/* used to flip from LOCKED_UNCONTENDED to LOCKED_CONTENDED */
100#define  MUTEX_STATE_BITS_FLIP_CONTENTION(v)      ((v) ^ (MUTEX_STATE_BITS_LOCKED_CONTENDED ^ MUTEX_STATE_BITS_LOCKED_UNCONTENDED))
101
102/* Mutex counter:
103 *
104 * We need to check for overflow before incrementing, and we also need to
105 * detect when the counter is 0
106 */
107#define  MUTEX_COUNTER_SHIFT         2
108#define  MUTEX_COUNTER_LEN           11
109#define  MUTEX_COUNTER_MASK          FIELD_MASK(MUTEX_COUNTER_SHIFT, MUTEX_COUNTER_LEN)
110
111#define  MUTEX_COUNTER_BITS_WILL_OVERFLOW(v)    (((v) & MUTEX_COUNTER_MASK) == MUTEX_COUNTER_MASK)
112#define  MUTEX_COUNTER_BITS_IS_ZERO(v)          (((v) & MUTEX_COUNTER_MASK) == 0)
113
114/* Used to increment the counter directly after overflow has been checked */
115#define  MUTEX_COUNTER_BITS_ONE      FIELD_TO_BITS(1,MUTEX_COUNTER_SHIFT,MUTEX_COUNTER_LEN)
116
117/* Returns true iff the counter is 0 */
118#define  MUTEX_COUNTER_BITS_ARE_ZERO(v)  (((v) & MUTEX_COUNTER_MASK) == 0)
119
120/* Mutex shared bit flag
121 *
122 * This flag is set to indicate that the mutex is shared among processes.
123 * This changes the futex opcode we use for futex wait/wake operations
124 * (non-shared operations are much faster).
125 */
126#define  MUTEX_SHARED_SHIFT    13
127#define  MUTEX_SHARED_MASK     FIELD_MASK(MUTEX_SHARED_SHIFT,1)
128
129/* Mutex type:
130 *
131 * We support normal, recursive and errorcheck mutexes.
132 *
133 * The constants defined here *cannot* be changed because they must match
134 * the C library ABI which defines the following initialization values in
135 * <pthread.h>:
136 *
137 *   __PTHREAD_MUTEX_INIT_VALUE
138 *   __PTHREAD_RECURSIVE_MUTEX_VALUE
139 *   __PTHREAD_ERRORCHECK_MUTEX_INIT_VALUE
140 */
141#define  MUTEX_TYPE_SHIFT      14
142#define  MUTEX_TYPE_LEN        2
143#define  MUTEX_TYPE_MASK       FIELD_MASK(MUTEX_TYPE_SHIFT,MUTEX_TYPE_LEN)
144
145#define  MUTEX_TYPE_NORMAL          0  /* Must be 0 to match __PTHREAD_MUTEX_INIT_VALUE */
146#define  MUTEX_TYPE_RECURSIVE       1
147#define  MUTEX_TYPE_ERRORCHECK      2
148
149#define  MUTEX_TYPE_TO_BITS(t)       FIELD_TO_BITS(t, MUTEX_TYPE_SHIFT, MUTEX_TYPE_LEN)
150
151#define  MUTEX_TYPE_BITS_NORMAL      MUTEX_TYPE_TO_BITS(MUTEX_TYPE_NORMAL)
152#define  MUTEX_TYPE_BITS_RECURSIVE   MUTEX_TYPE_TO_BITS(MUTEX_TYPE_RECURSIVE)
153#define  MUTEX_TYPE_BITS_ERRORCHECK  MUTEX_TYPE_TO_BITS(MUTEX_TYPE_ERRORCHECK)
154
155/* Mutex owner field:
156 *
157 * This is only used for recursive and errorcheck mutexes. It holds the
158 * tid of the owning thread. Note that this works because the Linux
159 * kernel _only_ uses 16-bit values for tids.
160 *
161 * More specifically, it will wrap to 10000 when it reaches over 32768 for
162 * application processes. You can check this by running the following inside
163 * an adb shell session:
164 *
165    OLDPID=$$;
166    while true; do
167    NEWPID=$(sh -c 'echo $$')
168    if [ "$NEWPID" -gt 32768 ]; then
169        echo "AARGH: new PID $NEWPID is too high!"
170        exit 1
171    fi
172    if [ "$NEWPID" -lt "$OLDPID" ]; then
173        echo "****** Wrapping from PID $OLDPID to $NEWPID. *******"
174    else
175        echo -n "$NEWPID!"
176    fi
177    OLDPID=$NEWPID
178    done
179
180 * Note that you can run the same example on a desktop Linux system,
181 * the wrapping will also happen at 32768, but will go back to 300 instead.
182 */
183#define  MUTEX_OWNER_SHIFT     16
184#define  MUTEX_OWNER_LEN       16
185
186#define  MUTEX_OWNER_FROM_BITS(v)    FIELD_FROM_BITS(v,MUTEX_OWNER_SHIFT,MUTEX_OWNER_LEN)
187#define  MUTEX_OWNER_TO_BITS(v)      FIELD_TO_BITS(v,MUTEX_OWNER_SHIFT,MUTEX_OWNER_LEN)
188
189/* Convenience macros.
190 *
191 * These are used to form or modify the bit pattern of a given mutex value
192 */
193
194
195
196/* a mutex attribute holds the following fields
197 *
198 * bits:     name       description
199 * 0-3       type       type of mutex
200 * 4         shared     process-shared flag
201 */
202#define  MUTEXATTR_TYPE_MASK   0x000f
203#define  MUTEXATTR_SHARED_MASK 0x0010
204
205
206int pthread_mutexattr_init(pthread_mutexattr_t *attr)
207{
208    *attr = PTHREAD_MUTEX_DEFAULT;
209    return 0;
210}
211
212int pthread_mutexattr_destroy(pthread_mutexattr_t *attr)
213{
214    *attr = -1;
215    return 0;
216}
217
218int pthread_mutexattr_gettype(const pthread_mutexattr_t *attr, int *type_p)
219{
220    int type = (*attr & MUTEXATTR_TYPE_MASK);
221
222    if (type < PTHREAD_MUTEX_NORMAL || type > PTHREAD_MUTEX_ERRORCHECK) {
223        return EINVAL;
224    }
225
226    *type_p = type;
227    return 0;
228}
229
230int pthread_mutexattr_settype(pthread_mutexattr_t *attr, int type)
231{
232    if (type < PTHREAD_MUTEX_NORMAL || type > PTHREAD_MUTEX_ERRORCHECK ) {
233        return EINVAL;
234    }
235
236    *attr = (*attr & ~MUTEXATTR_TYPE_MASK) | type;
237    return 0;
238}
239
240/* process-shared mutexes are not supported at the moment */
241
242int pthread_mutexattr_setpshared(pthread_mutexattr_t *attr, int  pshared)
243{
244    switch (pshared) {
245    case PTHREAD_PROCESS_PRIVATE:
246        *attr &= ~MUTEXATTR_SHARED_MASK;
247        return 0;
248
249    case PTHREAD_PROCESS_SHARED:
250        /* our current implementation of pthread actually supports shared
251         * mutexes but won't cleanup if a process dies with the mutex held.
252         * Nevertheless, it's better than nothing. Shared mutexes are used
253         * by surfaceflinger and audioflinger.
254         */
255        *attr |= MUTEXATTR_SHARED_MASK;
256        return 0;
257    }
258    return EINVAL;
259}
260
261int pthread_mutexattr_getpshared(const pthread_mutexattr_t* attr, int* pshared) {
262    *pshared = (*attr & MUTEXATTR_SHARED_MASK) ? PTHREAD_PROCESS_SHARED : PTHREAD_PROCESS_PRIVATE;
263    return 0;
264}
265
266int pthread_mutex_init(pthread_mutex_t* mutex, const pthread_mutexattr_t* attr) {
267    if (__predict_true(attr == NULL)) {
268        mutex->value = MUTEX_TYPE_BITS_NORMAL;
269        return 0;
270    }
271
272    int value = 0;
273    if ((*attr & MUTEXATTR_SHARED_MASK) != 0) {
274        value |= MUTEX_SHARED_MASK;
275    }
276
277    switch (*attr & MUTEXATTR_TYPE_MASK) {
278    case PTHREAD_MUTEX_NORMAL:
279        value |= MUTEX_TYPE_BITS_NORMAL;
280        break;
281    case PTHREAD_MUTEX_RECURSIVE:
282        value |= MUTEX_TYPE_BITS_RECURSIVE;
283        break;
284    case PTHREAD_MUTEX_ERRORCHECK:
285        value |= MUTEX_TYPE_BITS_ERRORCHECK;
286        break;
287    default:
288        return EINVAL;
289    }
290
291    mutex->value = value;
292    return 0;
293}
294
295
296/*
297 * Lock a non-recursive mutex.
298 *
299 * As noted above, there are three states:
300 *   0 (unlocked, no contention)
301 *   1 (locked, no contention)
302 *   2 (locked, contention)
303 *
304 * Non-recursive mutexes don't use the thread-id or counter fields, and the
305 * "type" value is zero, so the only bits that will be set are the ones in
306 * the lock state field.
307 */
308static __inline__ void
309_normal_lock(pthread_mutex_t*  mutex, int shared)
310{
311    /* convenience shortcuts */
312    const int unlocked           = shared | MUTEX_STATE_BITS_UNLOCKED;
313    const int locked_uncontended = shared | MUTEX_STATE_BITS_LOCKED_UNCONTENDED;
314    /*
315     * The common case is an unlocked mutex, so we begin by trying to
316     * change the lock's state from 0 (UNLOCKED) to 1 (LOCKED).
317     * __bionic_cmpxchg() returns 0 if it made the swap successfully.
318     * If the result is nonzero, this lock is already held by another thread.
319     */
320    if (__bionic_cmpxchg(unlocked, locked_uncontended, &mutex->value) != 0) {
321        const int locked_contended = shared | MUTEX_STATE_BITS_LOCKED_CONTENDED;
322        /*
323         * We want to go to sleep until the mutex is available, which
324         * requires promoting it to state 2 (CONTENDED). We need to
325         * swap in the new state value and then wait until somebody wakes us up.
326         *
327         * __bionic_swap() returns the previous value.  We swap 2 in and
328         * see if we got zero back; if so, we have acquired the lock.  If
329         * not, another thread still holds the lock and we wait again.
330         *
331         * The second argument to the __futex_wait() call is compared
332         * against the current value.  If it doesn't match, __futex_wait()
333         * returns immediately (otherwise, it sleeps for a time specified
334         * by the third argument; 0 means sleep forever).  This ensures
335         * that the mutex is in state 2 when we go to sleep on it, which
336         * guarantees a wake-up call.
337         */
338        while (__bionic_swap(locked_contended, &mutex->value) != unlocked)
339            __futex_wait_ex(&mutex->value, shared, locked_contended, 0);
340    }
341    ANDROID_MEMBAR_FULL();
342}
343
344/*
345 * Release a non-recursive mutex.  The caller is responsible for determining
346 * that we are in fact the owner of this lock.
347 */
348static __inline__ void
349_normal_unlock(pthread_mutex_t*  mutex, int shared)
350{
351    ANDROID_MEMBAR_FULL();
352
353    /*
354     * The mutex state will be 1 or (rarely) 2.  We use an atomic decrement
355     * to release the lock.  __bionic_atomic_dec() returns the previous value;
356     * if it wasn't 1 we have to do some additional work.
357     */
358    if (__bionic_atomic_dec(&mutex->value) != (shared|MUTEX_STATE_BITS_LOCKED_UNCONTENDED)) {
359        /*
360         * Start by releasing the lock.  The decrement changed it from
361         * "contended lock" to "uncontended lock", which means we still
362         * hold it, and anybody who tries to sneak in will push it back
363         * to state 2.
364         *
365         * Once we set it to zero the lock is up for grabs.  We follow
366         * this with a __futex_wake() to ensure that one of the waiting
367         * threads has a chance to grab it.
368         *
369         * This doesn't cause a race with the swap/wait pair in
370         * _normal_lock(), because the __futex_wait() call there will
371         * return immediately if the mutex value isn't 2.
372         */
373        mutex->value = shared;
374
375        /*
376         * Wake up one waiting thread.  We don't know which thread will be
377         * woken or when it'll start executing -- futexes make no guarantees
378         * here.  There may not even be a thread waiting.
379         *
380         * The newly-woken thread will replace the 0 we just set above
381         * with 2, which means that when it eventually releases the mutex
382         * it will also call FUTEX_WAKE.  This results in one extra wake
383         * call whenever a lock is contended, but lets us avoid forgetting
384         * anyone without requiring us to track the number of sleepers.
385         *
386         * It's possible for another thread to sneak in and grab the lock
387         * between the zero assignment above and the wake call below.  If
388         * the new thread is "slow" and holds the lock for a while, we'll
389         * wake up a sleeper, which will swap in a 2 and then go back to
390         * sleep since the lock is still held.  If the new thread is "fast",
391         * running to completion before we call wake, the thread we
392         * eventually wake will find an unlocked mutex and will execute.
393         * Either way we have correct behavior and nobody is orphaned on
394         * the wait queue.
395         */
396        __futex_wake_ex(&mutex->value, shared, 1);
397    }
398}
399
400/* This common inlined function is used to increment the counter of an
401 * errorcheck or recursive mutex.
402 *
403 * For errorcheck mutexes, it will return EDEADLK
404 * If the counter overflows, it will return EAGAIN
405 * Otherwise, it atomically increments the counter and returns 0
406 * after providing an acquire barrier.
407 *
408 * mtype is the current mutex type
409 * mvalue is the current mutex value (already loaded)
410 * mutex pointers to the mutex.
411 */
412static __inline__ __attribute__((always_inline)) int
413_recursive_increment(pthread_mutex_t* mutex, int mvalue, int mtype)
414{
415    if (mtype == MUTEX_TYPE_BITS_ERRORCHECK) {
416        /* trying to re-lock a mutex we already acquired */
417        return EDEADLK;
418    }
419
420    /* Detect recursive lock overflow and return EAGAIN.
421     * This is safe because only the owner thread can modify the
422     * counter bits in the mutex value.
423     */
424    if (MUTEX_COUNTER_BITS_WILL_OVERFLOW(mvalue)) {
425        return EAGAIN;
426    }
427
428    /* We own the mutex, but other threads are able to change
429     * the lower bits (e.g. promoting it to "contended"), so we
430     * need to use an atomic cmpxchg loop to update the counter.
431     */
432    for (;;) {
433        /* increment counter, overflow was already checked */
434        int newval = mvalue + MUTEX_COUNTER_BITS_ONE;
435        if (__predict_true(__bionic_cmpxchg(mvalue, newval, &mutex->value) == 0)) {
436            /* mutex is still locked, not need for a memory barrier */
437            return 0;
438        }
439        /* the value was changed, this happens when another thread changes
440         * the lower state bits from 1 to 2 to indicate contention. This
441         * cannot change the counter, so simply reload and try again.
442         */
443        mvalue = mutex->value;
444    }
445}
446
447int pthread_mutex_lock(pthread_mutex_t* mutex) {
448    int mvalue, mtype, tid, shared;
449
450    mvalue = mutex->value;
451    mtype = (mvalue & MUTEX_TYPE_MASK);
452    shared = (mvalue & MUTEX_SHARED_MASK);
453
454    /* Handle non-recursive case first */
455    if ( __predict_true(mtype == MUTEX_TYPE_BITS_NORMAL) ) {
456        _normal_lock(mutex, shared);
457        return 0;
458    }
459
460    /* Do we already own this recursive or error-check mutex ? */
461    tid = __get_thread()->tid;
462    if ( tid == MUTEX_OWNER_FROM_BITS(mvalue) )
463        return _recursive_increment(mutex, mvalue, mtype);
464
465    /* Add in shared state to avoid extra 'or' operations below */
466    mtype |= shared;
467
468    /* First, if the mutex is unlocked, try to quickly acquire it.
469     * In the optimistic case where this works, set the state to 1 to
470     * indicate locked with no contention */
471    if (mvalue == mtype) {
472        int newval = MUTEX_OWNER_TO_BITS(tid) | mtype | MUTEX_STATE_BITS_LOCKED_UNCONTENDED;
473        if (__bionic_cmpxchg(mvalue, newval, &mutex->value) == 0) {
474            ANDROID_MEMBAR_FULL();
475            return 0;
476        }
477        /* argh, the value changed, reload before entering the loop */
478        mvalue = mutex->value;
479    }
480
481    for (;;) {
482        int newval;
483
484        /* if the mutex is unlocked, its value should be 'mtype' and
485         * we try to acquire it by setting its owner and state atomically.
486         * NOTE: We put the state to 2 since we _know_ there is contention
487         * when we are in this loop. This ensures all waiters will be
488         * unlocked.
489         */
490        if (mvalue == mtype) {
491            newval = MUTEX_OWNER_TO_BITS(tid) | mtype | MUTEX_STATE_BITS_LOCKED_CONTENDED;
492            /* TODO: Change this to __bionic_cmpxchg_acquire when we
493             *        implement it to get rid of the explicit memory
494             *        barrier below.
495             */
496            if (__predict_false(__bionic_cmpxchg(mvalue, newval, &mutex->value) != 0)) {
497                mvalue = mutex->value;
498                continue;
499            }
500            ANDROID_MEMBAR_FULL();
501            return 0;
502        }
503
504        /* the mutex is already locked by another thread, if its state is 1
505         * we will change it to 2 to indicate contention. */
506        if (MUTEX_STATE_BITS_IS_LOCKED_UNCONTENDED(mvalue)) {
507            newval = MUTEX_STATE_BITS_FLIP_CONTENTION(mvalue); /* locked state 1 => state 2 */
508            if (__predict_false(__bionic_cmpxchg(mvalue, newval, &mutex->value) != 0)) {
509                mvalue = mutex->value;
510                continue;
511            }
512            mvalue = newval;
513        }
514
515        /* wait until the mutex is unlocked */
516        __futex_wait_ex(&mutex->value, shared, mvalue, NULL);
517
518        mvalue = mutex->value;
519    }
520    /* NOTREACHED */
521}
522
523int pthread_mutex_unlock(pthread_mutex_t* mutex) {
524    int mvalue, mtype, tid, shared;
525
526    mvalue = mutex->value;
527    mtype  = (mvalue & MUTEX_TYPE_MASK);
528    shared = (mvalue & MUTEX_SHARED_MASK);
529
530    /* Handle common case first */
531    if (__predict_true(mtype == MUTEX_TYPE_BITS_NORMAL)) {
532        _normal_unlock(mutex, shared);
533        return 0;
534    }
535
536    /* Do we already own this recursive or error-check mutex ? */
537    tid = __get_thread()->tid;
538    if ( tid != MUTEX_OWNER_FROM_BITS(mvalue) )
539        return EPERM;
540
541    /* If the counter is > 0, we can simply decrement it atomically.
542     * Since other threads can mutate the lower state bits (and only the
543     * lower state bits), use a cmpxchg to do it.
544     */
545    if (!MUTEX_COUNTER_BITS_IS_ZERO(mvalue)) {
546        for (;;) {
547            int newval = mvalue - MUTEX_COUNTER_BITS_ONE;
548            if (__predict_true(__bionic_cmpxchg(mvalue, newval, &mutex->value) == 0)) {
549                /* success: we still own the mutex, so no memory barrier */
550                return 0;
551            }
552            /* the value changed, so reload and loop */
553            mvalue = mutex->value;
554        }
555    }
556
557    /* the counter is 0, so we're going to unlock the mutex by resetting
558     * its value to 'unlocked'. We need to perform a swap in order
559     * to read the current state, which will be 2 if there are waiters
560     * to awake.
561     *
562     * TODO: Change this to __bionic_swap_release when we implement it
563     *        to get rid of the explicit memory barrier below.
564     */
565    ANDROID_MEMBAR_FULL();  /* RELEASE BARRIER */
566    mvalue = __bionic_swap(mtype | shared | MUTEX_STATE_BITS_UNLOCKED, &mutex->value);
567
568    /* Wake one waiting thread, if any */
569    if (MUTEX_STATE_BITS_IS_LOCKED_CONTENDED(mvalue)) {
570        __futex_wake_ex(&mutex->value, shared, 1);
571    }
572    return 0;
573}
574
575int pthread_mutex_trylock(pthread_mutex_t* mutex) {
576    int mvalue, mtype, tid, shared;
577
578    mvalue = mutex->value;
579    mtype  = (mvalue & MUTEX_TYPE_MASK);
580    shared = (mvalue & MUTEX_SHARED_MASK);
581
582    /* Handle common case first */
583    if ( __predict_true(mtype == MUTEX_TYPE_BITS_NORMAL) )
584    {
585        if (__bionic_cmpxchg(shared|MUTEX_STATE_BITS_UNLOCKED,
586                             shared|MUTEX_STATE_BITS_LOCKED_UNCONTENDED,
587                             &mutex->value) == 0) {
588            ANDROID_MEMBAR_FULL();
589            return 0;
590        }
591
592        return EBUSY;
593    }
594
595    /* Do we already own this recursive or error-check mutex ? */
596    tid = __get_thread()->tid;
597    if ( tid == MUTEX_OWNER_FROM_BITS(mvalue) )
598        return _recursive_increment(mutex, mvalue, mtype);
599
600    /* Same as pthread_mutex_lock, except that we don't want to wait, and
601     * the only operation that can succeed is a single cmpxchg to acquire the
602     * lock if it is released / not owned by anyone. No need for a complex loop.
603     */
604    mtype |= shared | MUTEX_STATE_BITS_UNLOCKED;
605    mvalue = MUTEX_OWNER_TO_BITS(tid) | mtype | MUTEX_STATE_BITS_LOCKED_UNCONTENDED;
606
607    if (__predict_true(__bionic_cmpxchg(mtype, mvalue, &mutex->value) == 0)) {
608        ANDROID_MEMBAR_FULL();
609        return 0;
610    }
611
612    return EBUSY;
613}
614
615static int __pthread_mutex_timedlock(pthread_mutex_t* mutex, const timespec* abs_timeout, clockid_t clock) {
616  timespec ts;
617
618  int mvalue = mutex->value;
619  int mtype  = (mvalue & MUTEX_TYPE_MASK);
620  int shared = (mvalue & MUTEX_SHARED_MASK);
621
622  // Handle common case first.
623  if (__predict_true(mtype == MUTEX_TYPE_BITS_NORMAL)) {
624    const int unlocked           = shared | MUTEX_STATE_BITS_UNLOCKED;
625    const int locked_uncontended = shared | MUTEX_STATE_BITS_LOCKED_UNCONTENDED;
626    const int locked_contended   = shared | MUTEX_STATE_BITS_LOCKED_CONTENDED;
627
628    // Fast path for uncontended lock. Note: MUTEX_TYPE_BITS_NORMAL is 0.
629    if (__bionic_cmpxchg(unlocked, locked_uncontended, &mutex->value) == 0) {
630      ANDROID_MEMBAR_FULL();
631      return 0;
632    }
633
634    // Loop while needed.
635    while (__bionic_swap(locked_contended, &mutex->value) != unlocked) {
636      if (__timespec_from_absolute(&ts, abs_timeout, clock) < 0) {
637        return ETIMEDOUT;
638      }
639      __futex_wait_ex(&mutex->value, shared, locked_contended, &ts);
640    }
641    ANDROID_MEMBAR_FULL();
642    return 0;
643  }
644
645  // Do we already own this recursive or error-check mutex?
646  pid_t tid = __get_thread()->tid;
647  if (tid == MUTEX_OWNER_FROM_BITS(mvalue)) {
648    return _recursive_increment(mutex, mvalue, mtype);
649  }
650
651  // The following implements the same loop as pthread_mutex_lock_impl
652  // but adds checks to ensure that the operation never exceeds the
653  // absolute expiration time.
654  mtype |= shared;
655
656  // First try a quick lock.
657  if (mvalue == mtype) {
658    mvalue = MUTEX_OWNER_TO_BITS(tid) | mtype | MUTEX_STATE_BITS_LOCKED_UNCONTENDED;
659    if (__predict_true(__bionic_cmpxchg(mtype, mvalue, &mutex->value) == 0)) {
660      ANDROID_MEMBAR_FULL();
661      return 0;
662    }
663    mvalue = mutex->value;
664  }
665
666  while (true) {
667    // If the value is 'unlocked', try to acquire it directly.
668    // NOTE: put state to 2 since we know there is contention.
669    if (mvalue == mtype) { // Unlocked.
670      mvalue = MUTEX_OWNER_TO_BITS(tid) | mtype | MUTEX_STATE_BITS_LOCKED_CONTENDED;
671      if (__bionic_cmpxchg(mtype, mvalue, &mutex->value) == 0) {
672        ANDROID_MEMBAR_FULL();
673        return 0;
674      }
675      // The value changed before we could lock it. We need to check
676      // the time to avoid livelocks, reload the value, then loop again.
677      if (__timespec_from_absolute(&ts, abs_timeout, clock) < 0) {
678        return ETIMEDOUT;
679      }
680
681      mvalue = mutex->value;
682      continue;
683    }
684
685    // The value is locked. If 'uncontended', try to switch its state
686    // to 'contented' to ensure we get woken up later.
687    if (MUTEX_STATE_BITS_IS_LOCKED_UNCONTENDED(mvalue)) {
688      int newval = MUTEX_STATE_BITS_FLIP_CONTENTION(mvalue);
689      if (__bionic_cmpxchg(mvalue, newval, &mutex->value) != 0) {
690        // This failed because the value changed, reload it.
691        mvalue = mutex->value;
692      } else {
693        // This succeeded, update mvalue.
694        mvalue = newval;
695      }
696    }
697
698    // Check time and update 'ts'.
699    if (__timespec_from_absolute(&ts, abs_timeout, clock) < 0) {
700      return ETIMEDOUT;
701    }
702
703    // Only wait to be woken up if the state is '2', otherwise we'll
704    // simply loop right now. This can happen when the second cmpxchg
705    // in our loop failed because the mutex was unlocked by another thread.
706    if (MUTEX_STATE_BITS_IS_LOCKED_CONTENDED(mvalue)) {
707      if (__futex_wait_ex(&mutex->value, shared, mvalue, &ts) == -ETIMEDOUT) {
708        return ETIMEDOUT;
709      }
710      mvalue = mutex->value;
711    }
712  }
713  /* NOTREACHED */
714}
715
716#if !defined(__LP64__)
717extern "C" int pthread_mutex_lock_timeout_np(pthread_mutex_t* mutex, unsigned ms) {
718  timespec abs_timeout;
719  clock_gettime(CLOCK_MONOTONIC, &abs_timeout);
720  abs_timeout.tv_sec  += ms / 1000;
721  abs_timeout.tv_nsec += (ms % 1000) * 1000000;
722  if (abs_timeout.tv_nsec >= 1000000000) {
723    abs_timeout.tv_sec++;
724    abs_timeout.tv_nsec -= 1000000000;
725  }
726
727  int error = __pthread_mutex_timedlock(mutex, &abs_timeout, CLOCK_MONOTONIC);
728  if (error == ETIMEDOUT) {
729    error = EBUSY;
730  }
731  return error;
732}
733#endif
734
735int pthread_mutex_timedlock(pthread_mutex_t* mutex, const timespec* abs_timeout) {
736  return __pthread_mutex_timedlock(mutex, abs_timeout, CLOCK_REALTIME);
737}
738
739int pthread_mutex_destroy(pthread_mutex_t* mutex) {
740  // Use trylock to ensure that the mutex is valid and not already locked.
741  int error = pthread_mutex_trylock(mutex);
742  if (error != 0) {
743    return error;
744  }
745  mutex->value = 0xdead10cc;
746  return 0;
747}
748