目录
背景知识
源码阅读
create_thread
ALLOCATE_STACK
线程栈
背景知识
我们知道在Linux中使用线程相关的函数时需要在使用gcc编译时带上-lpthread选项,这就是因为pthread一系列函数不是Linux提供的系统调用,而是一个库。
下面来详细讨论一下这个库到底做了什么,它是如何给我们提供对线程的相关操作函数的。
首先需要知道,Linux在设计的时候没有线程的概念,也就是没有一个叫做thread的struct结构体,这是因为线程的很多行为属性,与进程高度相似,比如他们都要被调度,都有时间片,都要被操作系统管理起来,而就是这样高度相似的两个东西,如果再为线程单独写一个结构体,会增加很多具有重复性的代码,不利于维护,因此Linux是用进程来模拟线程的,也就是描述进程和线程的是同一个结构体,这样可以直接复用进程的很多代码。将这种模拟线程的进程称为轻量级线程(LWP)。
问题就出在Linux操作系统只有LWP的概念,没有线程的概念,但是用户需要使用的是线程,这时就需要封装Linux提供的相关系统调用,为用户营造出线程的假象,库提供的线程又称为用户级线程。既然叫用户级线程,也就是说,只要你想,甚至你自己也可以封装出自己的线程。
有了这些背景知识后,我们从源码入手,再来详细了解创建线程到底做了什么。
源码阅读
来看一下glibc2.4版本pthread_create创建相关的关键部分代码,篇幅限制,将省略的代码用...替代
//路径:nptl/pthread_create.c
int
__pthread_create_2_1 (newthread, attr, start_routine, arg)pthread_t *newthread;const pthread_attr_t *attr;void *(*start_routine) (void *);void *arg;
{STACK_VARIABLES;//线程属性设置const struct pthread_attr *iattr = (struct pthread_attr *) attr;//我们一般会传NULLif (iattr == NULL)/* Is this the best idea? On NUMA machines this could meanaccessing far-away memory. */iattr = &default_attr;//库用来描述线程的结构体tcbstruct pthread *pd = NULL;//申请线程的tcb空间,之后详细说明int err = ALLOCATE_STACK (iattr, &pd);.../* Store the address of the start routine and the parameter. Sincewe do not start the function directly the stillborn thread willget the information from its thread descriptor. *///向tcb中填充线程将要执行的函数的地址和参数pd->start_routine = start_routine;pd->arg = arg;//省略了一系列对标志位的处理...//将tcb地址作为线程id传出,所以上层拿到的线程id是一个地址*newthread = (pthread_t) pd;/* Remember whether the thread is detached or not. In case of anerror we have to free the stacks of non-detached stillbornthreads. *///检查线程属性是否分离bool is_detached = IS_DETACHED (pd);/* Start the thread. *///创建线程的关键函数,之后详细说明err = create_thread (pd, iattr, STACK_VARIABLES_ARGS);if (err != 0){/* Something went wrong. Free the resources. */if (!is_detached){errout:__deallocate_stack (pd);}return err;}return 0;
}前六行是函数的声明,包含函数名,返回值和参数列表,这是一种在ANIC C标准(C89)前的C写法,是为了保持兼容性。
这个函数实际上主要完成了创建线程tcb,向tcb填充字段,对标志位的处理等一系列预处理工作,然后调用create_thread函数开始创建线程。
ALLOCATE_STACK和create_thread我们将会详细说明
线程属性
struct pthread_attr
{/* Scheduler parameters and priority. */struct sched_param schedparam;int schedpolicy;/* Various flags like detachstate, scope, etc. */int flags;/* Size of guard area. */size_t guardsize;/* Stack handling. */void *stackaddr;size_t stacksize;/* Affinity map. */cpu_set_t *cpuset;size_t cpusetsize;
};线程tcb
struct pthread
{.../* Thread ID - which is also a 'is this thread descriptor (andtherefore stack) used' flag. */pid_t tid;.../* True if the user provided the stack. */bool user_stack;...//线程的返回值//我们调用pthread_join时就会读取该结构体的这个字段/* The result of the thread function. */void *result;.../* Start position of the code to be executed and the argument passedto the function. */void *(*start_routine) (void *);void *arg;.../* If nonzero pointer to area allocated for the stack and itssize. */void *stackblock;size_t stackblock_size;...
};create_thread
// nptl/sysdeps/pthread/create_thread.c
static int
create_thread (struct pthread *pd, const struct pthread_attr *attr,STACK_VARIABLES_PARMS)
{.../* Actually create the thread. */int res = do_clone (pd, attr, clone_flags, start_thread,STACK_VARIABLES_ARGS, stopped);if (res == 0 && stopped)/* And finally restart the new thread. */lll_unlock (pd->lock);return res;
}
create_thread函数最关键的就是调用了do_clone,再来看看do_clone
# define ARCH_CLONE __clone
static int
do_clone (struct pthread *pd, const struct pthread_attr *attr,int clone_flags, int (*fct) (void *), STACK_VARIABLES_PARMS,int stopped)
{...//执行特定体系结构下的clone函数if (ARCH_CLONE (fct, STACK_VARIABLES_ARGS, clone_flags,pd, &pd->tid, TLS_VALUE, &pd->tid) == -1){atomic_decrement (&__nptl_nthreads); /* Oops, we lied for a second. *//* Failed. If the thread is detached, remove the TCB here sincethe caller cannot do this. The caller remembered the threadas detached and cannot reverify that it is not since it mustnot access the thread descriptor again. */if (IS_DETACHED (pd))__deallocate_stack (pd);return errno;}...
}
ARCH_CLONE是用汇编封装的一个调用clone系统调用的函数
// sysdeps/unix/sysv/linux/x86_64/clone.S
# define ARCH_CLONE __clone
ENTRY (BP_SYM (__clone))/* Sanity check arguments. */movq $-EINVAL,%raxtestq %rdi,%rdi /* no NULL function pointers */jz SYSCALL_ERROR_LABELtestq %rsi,%rsi /* no NULL stack pointers */jz SYSCALL_ERROR_LABEL/* Insert the argument onto the new stack. */subq $16,%rsimovq %rcx,8(%rsi)/* Save the function pointer. It will be popped off in thechild in the ebx frobbing below. */movq %rdi,0(%rsi)/* Do the system call. */movq %rdx, %rdimovq %r8, %rdxmovq %r9, %r8movq 8(%rsp), %r10movl $SYS_ify(clone),%eax //获取系统调用号/* End FDE now, because in the child the unwind info will bewrong. */cfi_endproc;syscall //执行系统调用,要求创建轻量级进程(LWP)testq %rax,%raxjl SYSCALL_ERROR_LABELjz L(thread_start)所以pthread_create封装了clone系统调用来创建轻量级进程
int clone(int (*fn)(void *), void *stack, int flags, void *arg, .../* pid_t *parent_tid, void *tls, pid_t *child_tid */ );clone会创建一个子进程,传入一个函数指针,栈空间的起始地址,一些标志位和用户传入的参数。
我们再回到pthread_create函数中,函数指针和参数由用户指定了,栈的地址在pthread_attr结构体中。
ALLOCATE_STACK
接着我们再来看看空间申请ALLOCATE_STACK的过程
// nptl/allocatestack.c
# define ALLOCATE_STACK(attr, pd) allocate_stack (attr, pd, &stackaddr)// nptl/allocatestack.c
static int
allocate_stack (const struct pthread_attr *attr, struct pthread **pdp,ALLOCATE_STACK_PARMS)
{...//获取栈大小,为0就使用默认值/* Get the stack size from the attribute if it is set. Otherwise weuse the default we determined at start time. */size = attr->stacksize ?: __default_stacksize;//如果用户在线程属性里设置了空间,就直接用,一般我们使用默认/* Get memory for the stack. */if (__builtin_expect (attr->flags & ATTR_FLAG_STACKADDR, 0)){...}else{//开始申请空间,优先使用缓存...//首先尝试从缓存获得空间/* Try to get a stack from the cache. */reqsize = size;pd = get_cached_stack (&size, &mem);if (pd == NULL){/* To avoid aliasing effects on a larger scale than pages weadjust the allocated stack size if necessary. This wayallocations directly following each other will not havealiasing problems. */
#if MULTI_PAGE_ALIASING != 0if ((size % MULTI_PAGE_ALIASING) == 0)size += pagesize_m1 + 1;
#endif//缓存申请失败,就在堆空间申请私有的匿名内存空间,这里mmap类似于mallocmem = mmap (NULL, size, prot,MAP_PRIVATE | MAP_ANONYMOUS | ARCH_MAP_FLAGS, -1, 0);...
#endif//在申请的空间中确定struct thread(tcb)的地址/* Place the thread descriptor at the end of the stack. */
#if TLS_TCB_AT_TPpd = (struct pthread *) ((char *) mem + size - coloring) - 1;
#elif TLS_DTV_AT_TPpd = (struct pthread *) ((((uintptr_t) mem + size - coloring- __static_tls_size)& ~__static_tls_align_m1)- TLS_PRE_TCB_SIZE);
#endif/* Remember the stack-related values. *///记录栈地址和大小pd->stackblock = mem;pd->stackblock_size = size;...//获取线程所属进程的pidpd->pid = THREAD_GETMEM(THREAD_SELF, pid);...//返回struct pthread的地址/* We place the thread descriptor at the end of the stack. */*pdp = pd;#if TLS_TCB_AT_TP/* The stack begins before the TCB and the static TLS block. */stacktop = ((char *) (pd + 1) - __static_tls_size);
#elif TLS_DTV_AT_TPstacktop = (char *) (pd - 1);
#endif#ifdef NEED_SEPARATE_REGISTER_STACK*stack = pd->stackblock;*stacksize = stacktop - *stack;
#else*stack = stacktop;
#endifreturn 0;
}看到这里你一定能明白,我们使用pthread_self获取的线程id和Linux中使用指令查出来的线程id是不一样的,pthread_self获取的线程id是tcb的地址,而linux中查看到的线程id是pid实际上是进程id。
线程栈
对于进程或者说主线程,就是main函数的栈空间,在fork时,就是复制了父进程的stack空间地址,然后写时拷贝以及动态增长,如果扩充超过上限则会段错误。进程栈是唯一可以访问未映射页而不一定报段错误,只有超过上限才报。
对于主线程生成的线程来说,栈有一个事先确定好的大小,不能动态增长,用完了就没了。