[En-Nut-Discussion] Event API
Matthias Ringwald
mringwal at inf.ethz.ch
Wed Oct 27 12:50:28 CEST 2004
Hi there,
On 27.10.2004, at 10:02, Harald Kipp wrote:
>
>>
>> NutEventInit/Reset/Clear:
>>
>> NutEnterCritical()
>> theEvent = 0
>> NutExitCritical()
>
> Matthias' post let me think about NutEventBroadcast().
> Do we need a critical section in the SIGNALED case?
I'd say, there should be a critical section no matter if SIGNALED or
not.
> I assume, we don't, but I'm not sure.
>
> int NutEventBroadcast(HANDLE * qhp)
> {
> int rc = 0;
>
> if (*qhp == SIGNALED) { <---- UNPROTECTED
> *qhp = 0; <---- UNPROTECTED
> else
> while (*qhp)
> rc += NutEventPost(qhp);
>
> return rc;
> }
Examples (although pathological)
A: qhq == 0
Thread A enters NutEventBroadcast
> if (*qhp == SIGNALED) { <---- UNPROTECTED
reads one byte of *qhp (it's a 16 bit pointer)
interrupt is triggered
interrupt call NutEventPostAsync
*qhp is set in such a way that the second byte of *qhp matches SIGNALED
(afaik 0xffff)
here one could argue, that Ethernut per default has no mem at 0xffxx
and structs
might not be on odd addresses. so this should work in practice, at
least in theory it's unclean.
B: qhp == SIGNALED
Thread A enters NutEventBroadcast
> if (*qhp == SIGNALED) { <---- UNPROTECTED
> *qhp = 0; <---- UNPROTECTED
after first byte write interrupt is triggered so
*qhp = 0xffXX of 0xXXff
interrupt call NutEventPostAsync and *qph != SIGNALED, so thread *qhp
is woken
=> CRASH
wrapping up: yes, for SIGNALED case critical section is a must, for the
other it would be better/cleaner.
btw. we use 64k RAM, so that a thread struct at 0xffXX is not
impossible.
harald, will you add a critical section here?
otherwise, I have to!
cheers,
matthias
More information about the En-Nut-Discussion
mailing list