From owner-freebsd-hackers@FreeBSD.ORG Wed Oct 8 02:51:12 2003 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8D75E16A4B3; Wed, 8 Oct 2003 02:51:12 -0700 (PDT) Received: from mailhub.fokus.fraunhofer.de (mailhub.fokus.fraunhofer.de [193.174.154.14]) by mx1.FreeBSD.org (Postfix) with ESMTP id 965FC43FB1; Wed, 8 Oct 2003 02:51:10 -0700 (PDT) (envelope-from brandt@fokus.fraunhofer.de) Received: from beagle (beagle [193.175.132.100])h989p6S11794; Wed, 8 Oct 2003 11:51:06 +0200 (MEST) Date: Wed, 8 Oct 2003 11:51:06 +0200 (CEST) From: Harti Brandt To: Pawel Jakub Dawidek In-Reply-To: <20031008083059.GA520@garage.freebsd.pl> Message-ID: <20031008114506.I63940@beagle.fokus.fraunhofer.de> References: <20031008083059.GA520@garage.freebsd.pl> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-hackers@freebsd.org cc: hsu@freebsd.org cc: rwatson@freebsd.org Subject: Re: Dynamic reads without locking. X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Oct 2003 09:51:12 -0000 On Wed, 8 Oct 2003, Pawel Jakub Dawidek wrote: PJD>Hello hackers... PJD> PJD>I'm wondering... PJD>Jeffrey Hsu was talking about this at BSDCon03. PJD>There is no need to lock data when we just made simple read, for example: PJD> PJD> mtx_lock(&foo_mtx); PJD> foo = 5; PJD> mtx_unlock(&foo_mtx); PJD>but only: PJD> bar = foo; PJD> PJD>IMHO this is quite dangerous. PJD>Let's see: PJD> PJD> thread1 thread2 PJD> mtx_lock(&foo_mtx); PJD> foo = data_from_user; PJD> bar = foo; PJD> foo &= MASK; PJD> mtx_unlock(&foo_mtx); PJD> PJD>In this case we have really dangerous race if data from user are PJD>safe only when we made 'and' operation on them. PJD>OR of course we can just store wrong value in 'bar' and this could PJD>be case of different problems. PJD> PJD>So I'm not sure now if I understand everything well. We can't just say PJD>'We never split such writes. We always do: foo = (data_from_user & MASK)', PJD>because author of some 3rd party kernel module will be sure that when PJD>he locks writes to some variable this operation is safe and he could PJD>split such writes and in kernel could be dynamic read without lock. PJD> PJD>Does this make any sense? You need to lock when reading if you insist on consistent data. Even a simple read may be non-atomic (this should be the case for 64bit operations on all our platforms). So you need to do mtx_lock(&foo_mtx); bar = foo; mtx_unlock(&foo_mtx); if foo is a datatype that is not guaranteed to be red atomically. For 8-bit data you should be safe without the lock on any architecture. I'm not sure for 16 and 32 bit, but for 64-bit you need the look for all our architectures, I think. If you don't care about occasionally reading false data (for statistics or such stuff) you can go without the lock. harti -- harti brandt, http://www.fokus.fraunhofer.de/research/cc/cats/employees/hartmut.brandt/private brandt@fokus.fraunhofer.de, harti@freebsd.org