EmbeddedRelated.com
Forums
The 2024 Embedded Online Conference
   Forums    More Forums    comp.arch.embedded  

Disabling interrupts to protect data

Started by KIRAN October 26, 2009
Hi Guys,

I am working on some RTOS, in which I see lot of interrupts "enabling"
and "disabling" code in most of the RTOS API's to protect kernel data.
For example, Semaphore API's, Message Queue APIs, Runtime memory
management API's. Is enabling / disabling interrupts only to protect
the kernel data? Why  I am asking this is whenever interrupts are
disabled, I am scared of losing timer interrupts. Any input is
appreciated?


Regards,
Kiran
Reply by D Yuniskis October 26, 20092009-10-26
KIRAN wrote:


> I am working on some RTOS, in which I see lot of interrupts "enabling"
> and "disabling" code in most of the RTOS API's to protect kernel data.
> For example, Semaphore API's, Message Queue APIs, Runtime memory
> management API's. Is enabling / disabling interrupts only to protect
> the kernel data? Why  I am asking this is whenever interrupts are
> disabled, I am scared of losing timer interrupts. Any input is
> appreciated?


A common approach to providing an atomic operation.
Some CPUs don't need this.

If it is done correctly, the critical region will be very
small (temporally).  You shouldn't *lose* a timer interrupt
(nor any other) as the hardware should latch the interrupt
and you will respond to it as soon as the critical region
passes.  (a few instructions?)

If the critical region is much longer than this, the OS
implementation is sloppy.
Reply by Tim Wescott October 26, 20092009-10-26
On Mon, 26 Oct 2009 10:34:33 -0700, D Yuniskis wrote:


> KIRAN wrote:
> 
>> I am working on some RTOS, in which I see lot of interrupts "enabling"
>> and "disabling" code in most of the RTOS API's to protect kernel data.
>> For example, Semaphore API's, Message Queue APIs, Runtime memory
>> management API's. Is enabling / disabling interrupts only to protect
>> the kernel data? Why  I am asking this is whenever interrupts are
>> disabled, I am scared of losing timer interrupts. Any input is
>> appreciated?
> 
> A common approach to providing an atomic operation. Some CPUs don't need
> this.
> 
> If it is done correctly, the critical region will be very small
> (temporally).  You shouldn't *lose* a timer interrupt (nor any other) as
> the hardware should latch the interrupt and you will respond to it as
> soon as the critical region passes.  (a few instructions?)
> 
> If the critical region is much longer than this, the OS implementation
> is sloppy.


... or your timer period is too short for that RTOS/processor combination.

One man's meat...

-- 
www.wescottdesign.com
Reply by Tim Wescott October 26, 20092009-10-26
On Mon, 26 Oct 2009 10:11:45 -0700, KIRAN wrote:


> Hi Guys,
> 
> I am working on some RTOS, in which I see lot of interrupts "enabling"
> and "disabling" code in most of the RTOS API's to protect kernel data.
> For example, Semaphore API's, Message Queue APIs, Runtime memory
> management API's. Is enabling / disabling interrupts only to protect the
> kernel data? Why  I am asking this is whenever interrupts are disabled,
> I am scared of losing timer interrupts. Any input is appreciated?


It's par for the course, and pretty much necessary on most processors.

Interrupt controllers don't forget that they've been interrupted -- so if 
the timer pops off in the middle of a critical block the interrupt will 
get latched, and vectored to as soon as the OS exits the critical code.  

You'll only have a problem if you get _two_ timer interrupts in the space 
of one critical block.  If this happens then you're pushing that 
particular RTOS/processor combination too hard, and you need to re-think 
some architectural decisions.

-- 
www.wescottdesign.com
Reply by Vladimir Vassilevsky October 26, 20092009-10-26

D Yuniskis wrote:

> KIRAN wrote:
> 
>> I am working on some RTOS, in which I see lot of interrupts "enabling"
>> and "disabling" code in most of the RTOS API's to protect kernel data.



> A common approach to providing an atomic operation.
> Some CPUs don't need this.


Some OSes claim that they never disable interrupts, however from what I 
have seen it was all very impractical. Once you have more or less 
sophisticated structure of threads and interrupts, you've got to have 
critical parts with the interrupts disabled.


Vladimir Vassilevsky
DSP and Mixed Signal Design Consultant
http://www.abvolt.com
Reply by FreeRTOS info October 26, 20092009-10-26
> Some OSes claim that they never disable interrupts, however from what I 
> have seen it was all very impractical. 


I have seen this claim too - but when you look closely you find it is 
achieved by having the kernel itself execute with the absolute highest 
interrupt priority - so the effect on lower priority interrupts is 
exactly as if interrupts had been disabled.  So while the claim is not 
incorrect, it is somewhat deliberately misleading.  People who are that 
good at marketing should not be engineers.

[disclaimer - I don't know this to be the case for all systems that make 
this claim, just the ones I know about]

-- 

Regards,
Richard.

+ http://www.FreeRTOS.org
Designed for Microcontrollers.
More than 7000 downloads per month.
Reply by D Yuniskis October 26, 20092009-10-26
Vladimir Vassilevsky wrote:

> 
> 
> D Yuniskis wrote:
>> KIRAN wrote:
>>
>>> I am working on some RTOS, in which I see lot of interrupts "enabling"
>>> and "disabling" code in most of the RTOS API's to protect kernel data.
> 
>> A common approach to providing an atomic operation.
>> Some CPUs don't need this.
> 
> Some OSes claim that they never disable interrupts, however from what I 
> have seen it was all very impractical. Once you have more or less 
> sophisticated structure of threads and interrupts, you've got to have 
> critical parts with the interrupts disabled.


You only need to disable interrupts if an interrupt context
can access those "shared objects" *without* observing whatever
other "mutex" mechanism you are using.

It *can* be done.  But, it is a lot trickier than just
a tiny little critical region.

E.g., if the jiffy comes along (perhaps the most notable
active element that *would* be interrupt spawned and asynchronously
compete for access to those strctures), it has to notice that a
critical region has been entered (by whatever it has interrupted!)
and then "schedule" a defered activation.  So, the jiffy
terminates as expected.  The interrupted routine (probably
an OS action) finishes up what it was working on, then,
examines a flag to see if it can "simply return" or if it has
to process some deferred "activity" (i.e. those things that the
jiffy *would* have done had it been fortunate enough to come
along "outside" that critical region.
Reply by D Yuniskis October 26, 20092009-10-26
Tim Wescott wrote:

> On Mon, 26 Oct 2009 10:34:33 -0700, D Yuniskis wrote:
> 
>> KIRAN wrote:
>>
>>> I am working on some RTOS, in which I see lot of interrupts "enabling"
>>> and "disabling" code in most of the RTOS API's to protect kernel data.
>>> For example, Semaphore API's, Message Queue APIs, Runtime memory
>>> management API's. Is enabling / disabling interrupts only to protect
>>> the kernel data? Why  I am asking this is whenever interrupts are
>>> disabled, I am scared of losing timer interrupts. Any input is
>>> appreciated?
>> A common approach to providing an atomic operation. Some CPUs don't need
>> this.
>>
>> If it is done correctly, the critical region will be very small
>> (temporally).  You shouldn't *lose* a timer interrupt (nor any other) as
>> the hardware should latch the interrupt and you will respond to it as
>> soon as the critical region passes.  (a few instructions?)
>>
>> If the critical region is much longer than this, the OS implementation
>> is sloppy.
> 
> .... or your timer period is too short for that RTOS/processor combination.


I look at it as the RTOS not having been designed "lean enough"
(to keep with the meat analogy  :> )


> One man's meat...
Reply by FreeRTOS info October 26, 20092009-10-26
D Yuniskis wrote:

> and then "schedule" a defered activation.  So, the jiffy
> terminates as expected.  The interrupted routine (probably
> an OS action) finishes up what it was working on, then,
> examines a flag to see if it can "simply return" or if it has
> to process some deferred "activity" 


...and how are you protecting access to the flag - or are you assuming 
the hardware supports atomic read-modify-writes on variables - or that 
the hardware supports atomic semaphore type operations?

-- 

Regards,
Richard.

+ http://www.FreeRTOS.org
Designed for Microcontrollers.
More than 7000 downloads per month.
Reply by D Yuniskis October 26, 20092009-10-26
FreeRTOS info wrote:

> D Yuniskis wrote:
>> and then "schedule" a defered activation.  So, the jiffy
>> terminates as expected.  The interrupted routine (probably
>> an OS action) finishes up what it was working on, then,
>> examines a flag to see if it can "simply return" or if it has
>> to process some deferred "activity" 
> 
> ....and how are you protecting access to the flag - or are you assuming 
> the hardware supports atomic read-modify-writes on variables - or that 
> the hardware supports atomic semaphore type operations?


Assuming you don't have a second processor...

ever hear of a "Test and Set" instruction?
You might also like... (promoted content)
Check out Memfault's New Sandbox!
Check out Memfault's New Sandbox!
Check out Memfault's New Sandbox!
The 2024 Embedded Online Conference - Register Early and Save with Promo Code ER2024!
The 2024 Embedded Online Conference - Register Early and Save with Promo Code ER2024!
The 2024 Embedded Online Conference - Register Early and Save with Promo Code ER2024!
The 2024 Embedded Online Conference