documentation says giving a semaphore can release IRQ lock #29610
Comments
|
@andrewboie @andyross can this documented-but-not-expected release of a lock actually happen as described? |
pabigot
added
question
and removed
bug
|
The more I think about it the more likely it seems this is the intended behavior, so I've reduced this to a question. |
|
I think the documentation is wrong. There are 3 entry points for rescheduling: static inline void z_reschedule_unlocked(void)
{
(void) z_reschedule_irqlock(arch_irq_lock());
}
void z_reschedule(struct k_spinlock *lock, k_spinlock_key_t key)
{
if (resched(key.key) && need_swap()) {
z_swap(lock, key);
} else {
k_spin_unlock(lock, key);
}
}
void z_reschedule_irqlock(uint32_t key)
{
if (resched(key)) {
z_swap_irqlock(key);
} else {
irq_unlock(key);
}
}For the spinlock case, it's expected that the particular lock passed in is released at context switch, this is by design. Otherwise, if interrupts were disabled on the current CPU (because irqs were locked, or we were holding some other spinlock), the check in static inline int resched(uint32_t key)
{
#ifdef CONFIG_SMP
_current_cpu->swap_ok = 0;
#endif
return arch_irq_unlocked(key) && !arch_is_in_isr();
}So I believe we're fine in the code and the docs are wrong. |
|
@andrewboie I'm concerned about cases like: AFAICT (haven't tested) if a higher priority thread is waiting on For this case the |
|
I tried to explain this, but let me re-state in terms of the example you provided. The
I just said this isn't true based on code inspection...
Please have some supporting data if we're going to raise alarm bells about this. |
|
@andrewboie Thanks; I've done some testing and proposed a rewording based on what I observe. It may still be wrong in some nuanced way, but at least it doesn't incorrectly claim that giving a semaphore can steal an irqlock. |
|
This issue has been marked as stale because it has been open (more than) 60 days with no activity. Remove the stale label or add a comment saying that you would like to have the label removed otherwise this issue will automatically be closed in 14 days. Note, that you can always re-open a closed issue at any time. |
|
This issue has been marked as stale because it has been open (more than) 60 days with no activity. Remove the stale label or add a comment saying that you would like to have the label removed otherwise this issue will automatically be closed in 14 days. Note, that you can always re-open a closed issue at any time. |
|
This is the last time I'm removing stale from this; #29800 needs to get some attention. |
|
This issue has been marked as stale because it has been open (more than) 60 days with no activity. Remove the stale label or add a comment saying that you would like to have the label removed otherwise this issue will automatically be closed in 14 days. Note, that you can always re-open a closed issue at any time. |
pabigot
added
bug
|
Consensus was the documentation is wrong, so one last attempt to get this addressed. |
The documentation for preventing interrupts includes:
This is wrong, no? Giving a semaphore when interrupts are masked is not supposed to release the interrupt mask, even if doing so makes a higher priority thread ready. But I'm not sure that's true if it's being given from the context of a preemptible thread.
If the same behavior applies to spin-locks on uniprocessors I think that's a big problem.
The text was updated successfully, but these errors were encountered: