posix: implement POSIX semaphore interfaces by oI0ck · Pull Request #457 · phoenix-rtos/libphoenix

oI0ck · 2026-01-29T18:07:09Z

Description

This PR introduces implementation of POSIX standard semaphore interfaces.

Types of changes

Bug fix (non-breaking change which fixes an issue)
New feature (non-breaking change which adds functionality)
Breaking change (fix or feature that would cause existing functionality to change)
Chore (refactoring, style fixes, git/CI config, submodule management, no code logic changes)

How Has This Been Tested?

Already covered by automatic testing.
New test added: posix: add posix directory and semaphore tests phoenix-rtos-tests#448
Tested by hand on: ia32-generic-qemu

Checklist:

My change requires a change to the documentation.
I have updated the documentation accordingly.
I have added tests to cover my changes.
All new and existing linter checks and tests passed.
My changes generate no new compilation warnings for any of the targets.

Special treatment

This PR needs additional PRs to work (list the PRs, preferably in merge-order).

posixsrv: implement named semaphore server phoenix-rtos-posixsrv#27

I will merge this PR by myself when appropriate.

gemini-code-assist · 2026-01-29T18:07:28Z

Summary of Changes

Hello @oI0ck, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces comprehensive support for POSIX standard semaphore interfaces within the libphoenix library. It enables developers to use both named and unnamed semaphores for synchronization, integrating with the posixsrv for named semaphore management and extending the core sys/threads functionality for unnamed semaphores. This significantly enhances the concurrency primitives available in the Phoenix-RTOS environment.

Highlights

POSIX Semaphore API: Implemented the full suite of POSIX semaphore functions, including sem_open, sem_close, sem_unlink, sem_init, sem_destroy, sem_wait, sem_trywait, sem_timedwait, sem_post, and sem_getvalue.
Named and Unnamed Semaphores: The implementation distinguishes between named semaphores (managed via inter-process communication with posixsrv) and unnamed semaphores (managed internally).
Core Semaphore Operations: Introduced semaphoreTryDown and semaphoreCount functions in the underlying sys/threads.h and sys/semaphore.c to support the POSIX API.
Messaging Integration: Named semaphores utilize msgSend and ioctl calls to communicate with a posixsrv for their operations, defining specific IOCTL commands (SEM_UP, SEM_DOWN, SEM_DOWN_TRY, SEM_DOWN_TIMEOUT).

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	`/gemini review`	Performs a code review for the current pull request in its current state.
Pull Request Summary	`/gemini summary`	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	`/gemini help`	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

include/semaphore.h

gemini-code-assist

Code Review

This PR introduces POSIX semaphore implementation. The changes are extensive, adding new headers and implementation files for named and unnamed semaphores. The overall structure is good, but I've found several critical issues in the implementation, including race conditions, incorrect logic leading to deadlocks, and potential memory corruption. There are also some areas where the code can be simplified and made more robust. Please address the critical issues before merging.

posix/sem.c

sys/semaphore.c

posix/sem.c

gemini-code-assist · 2026-01-29T18:09:53Z

posix/sem.c

+					memset(path, 0, sizeof(path));
+					strcpy(path, SEMAPHORE_PATH);
+					strcpy(path + strlen(SEMAPHORE_PATH), dent->d_name);


Using multiple strcpy calls to build a path can be fragile and inefficient. Using snprintf is a safer and more readable way to construct file paths, as it protects against buffer overflows.

snprintf(path, sizeof(path), "%s%s", SEMAPHORE_PATH, dent->d_name);

hm yeah, why not snprintf?

I think that it is not worth to have the overhead of parsing the format string when just cating two strings together (ironic to consider this overhead but allocate PATH_MAX on the stack XD).

Though, there is a bug in here because dent->d_name can be PATH_MAX and a path of such length will cause a OOB write here.

I'll change this concatenation to use strlcpy in the next revision.

sys/semaphore.c

github-actions · 2026-01-29T18:26:09Z

Unit Test Results

9 523 tests 8 931 ✅ 52m 28s ⏱️
583 suites 592 💤
1 files 0 ❌

Results for commit f3710e3.

♻️ This comment has been updated with latest results.

include/semaphore.h

julianuziemblo · 2026-02-03T12:59:35Z

sys/semaphore.c

+	if (s != NULL) {
+		ret = mutexTry(s->mutex);
+		if (ret != EOK) {
+			return ret;
+		}
+		else if (s->v <= 0) {
+			ret = -EAGAIN;
+		}
+		else {
+			--s->v;
+		}
+	}
+	else {
+		ret = -EINVAL;
+	}
+
+	mutexUnlock(s->mutex);
+	return ret;


if s == NULL we unlock a mutex that wasn't locked. It should not be an issue, but it's not what should be happening. Seems like we could just return in L105 if s == NULL

julianuziemblo · 2026-02-03T13:04:43Z

sys/semaphore.c

+	else {
+	}


not needed. MISRA only needs it if there's an if ... else if ... block

julianuziemblo · 2026-02-03T13:05:32Z

sys/semaphore.c

+
+	ret = mutexTry(s->mutex);
+	if (ret != EOK) {
+		ret = 0;


returning here would be more readable imo

julianuziemblo · 2026-02-03T13:11:26Z

posix/sem.c

+	else {
+	}


julianuziemblo · 2026-02-03T13:12:23Z

posix/sem.c

+		else {
+		}


julianuziemblo · 2026-02-03T13:39:02Z

posix/sem.c

+				else {
+				}


julianuziemblo · 2026-02-03T13:40:03Z

posix/sem.c

+			else {
+				err = _sem_open(sem);
+			}
+


nitpick: else not needed as if already returns.

julianuziemblo · 2026-02-03T13:42:39Z

posix/sem.c

+		}
+		else {
+			SET_ERRNO(-ENOMEM);
+			return SEM_FAILED;
+		}
+	}
+	else {
+		SET_ERRNO(-EINVAL);
+		return SEM_FAILED;
+	}
+}


nitpick: this seems hard to read. consider handling resources etc. maybe this way:

/* acquire */ val = malloc(...); do { err = call1(); if (err < 0) { break; } err = call2(); if (err < 0) { break; } } while (0); /* cleanup - called always on error */ if (err < 0) { free(val); } return err;

Oh, yeah, I wrote the code around my wrong presumption that each if has to have a matching else at all times.

I'll clean all of this up.

julianuziemblo · 2026-02-03T13:44:09Z

include/semaphore.h

+
+#define SEM_FAILED ((sem_t *)0xDAAB0000)
+
+typedef struct _sem_t {


_sem_t identifier is not used anywhere. If it's not required by POSIX - remove it.

julianuziemblo · 2026-02-03T13:48:14Z

include/sys/semaphore.h

+#define SEMAPHORE_PATH      ("/dev/posix/sem/")
+#define SEMCTL_PATH         ("/dev/posix/semctl")


nitpick: we don't seem to use parenthesis to define string in macros as they interfere with string concatenation by the compiler (we couldn't, for example, write code like const char *path = SEMAPHORE_PATH "my_sem" in the client).

JIRA: RTOS-1088

It might be better to keep OS specific constants in corresponding sys/ headers JIRA: RTOS-1088

JIRA: RTOS-1088

oI0ck requested a review from Darchiv January 29, 2026 18:07

github-actions bot reviewed Jan 29, 2026

View reviewed changes

include/semaphore.h Show resolved Hide resolved

oI0ck mentioned this pull request Jan 29, 2026

posix: add posix directory and semaphore tests phoenix-rtos/phoenix-rtos-tests#448

Open

12 tasks

gemini-code-assist bot reviewed Jan 29, 2026

View reviewed changes

oI0ck force-pushed the michal.lach/sem branch from ba94ea8 to da0f0fd Compare January 29, 2026 18:10

oI0ck marked this pull request as draft January 29, 2026 18:37

oI0ck force-pushed the michal.lach/sem branch from da0f0fd to b6d1928 Compare February 2, 2026 01:07

github-actions bot reviewed Feb 2, 2026

View reviewed changes

include/semaphore.h Outdated Show resolved Hide resolved

oI0ck force-pushed the michal.lach/sem branch from b6d1928 to 20f142f Compare February 2, 2026 01:10

oI0ck marked this pull request as ready for review February 2, 2026 16:06

julianuziemblo reviewed Feb 3, 2026

View reviewed changes

oI0ck force-pushed the michal.lach/sem branch from 20f142f to cf48092 Compare February 10, 2026 13:15

oI0ck and others added 5 commits February 10, 2026 14:19

semaphores: add semaphoreTryDown and semaphoreCount functions

52c2fdb

JIRA: RTOS-1088

posix: implement sem_* family functions

7cf9daf

JIRA: RTOS-1088

sem: move SEM_VALUE_MAX to sys/semaphore.h

6bee499

It might be better to keep OS specific constants in corresponding sys/ headers JIRA: RTOS-1088

include/semaphore.h: remove unused struct name

d7c5d40

JIRA: RTOS-1088

include/sys/semaphore.h: remove parentheses from string constants

f3710e3

JIRA: RTOS-1088

oI0ck force-pushed the michal.lach/sem branch from cf48092 to f3710e3 Compare February 10, 2026 13:19

poxix/sem: consistently return -ENODEV if posixsrv isn't initialized

239fd04

JIRA: RTOS-1088


		#define SEM_FAILED ((sem_t *)0xDAAB0000)

		typedef struct _sem_t {

		#define SEMAPHORE_PATH ("/dev/posix/sem/")
		#define SEMCTL_PATH ("/dev/posix/semctl")

Conversation

oI0ck commented Jan 29, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Description

Types of changes

How Has This Been Tested?

Checklist:

Special treatment

Uh oh!

gemini-code-assist bot commented Jan 29, 2026

Summary of Changes

Highlights

Footnotes

Uh oh!

Uh oh!

gemini-code-assist bot left a comment

Choose a reason for hiding this comment

Code Review

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

gemini-code-assist bot Jan 29, 2026

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

github-actions bot commented Jan 29, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Unit Test Results

Uh oh!

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

oI0ck commented Jan 29, 2026 •

edited

Loading

github-actions bot commented Jan 29, 2026 •

edited

Loading