lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 17 Jun 2009 18:42:14 +0800
From:	qingbo yuan <yuanbor.maillist@...il.com>
To:	linux-kernel@...r.kernel.org
Subject: surpring results of test_and_set_bit() and test_and_clear_bit() 
	functions in Linux-2.6.25 kernel at x86_64 architecture

hi,all
I recently encountered a strange phenomenon about test_and_set_bit()
and test_and_clear_bit().
Here are the comments about these functions in Linux-2.6.25 kernel at
x86_64 architecture:

/**
 * test_and_set_bit - Set a bit and return its old value
 */

/**
 * test_and_clear_bit - Clear a bit and return its old value
 */

According to the comments, if the old value is '0', then these
functions will return 0 to the caller, and
if the old value is '1', then these functions will return 1. However,
in my experiment, if the old value is '1', I got -1 instead of 1. Here
is the code:

void generos_test_bitmap(void)
{
 int cur,ret_clear,ret_set;
 unsigned long bitmap =0x3721;
 for(cur = find_first_bit(&bitmap,BITS_PER_LONG);cur <
BITS_PER_LONG;cur = find_next_bit(&bitmap, BITS_PER_LONG, cur + 1)){
  ret_clear  = test_and_set_bit(cur, &bitmap);
  ret_set  = test_and_clear_bit(cur, &bitmap);
  printk("test_and_set bit [%d] ret [%d]\n",cur,ret_set);
  printk("test_and_clear bit [%d] ret [%d]\n\n\n",cur,ret_clear);
 }
}

And here is the results:
test_and_set bit [0] ret [-1]
test_and_clear bit [0] ret [-1]
test_and_set bit [5] ret [-1]
test_and_clear bit [5] ret [-1]
test_and_set bit [8] ret [-1]
test_and_clear bit [8] ret [-1]
test_and_set bit [9] ret [-1]
test_and_clear bit [9] ret [-1]
test_and_set bit [10] ret [-1]
test_and_clear bit [10] ret [-1]
test_and_set bit [12] ret [-1]
test_and_clear bit [12] ret [-1]
test_and_set bit [13] ret [-1]
test_and_clear bit [13] ret [-1]

Interesting! Let's take a look at the definition of these funtions in
Linux-2.6.25:
 static inline int test_and_set_bit(int nr, volatile void *addr)
{
 int oldbit;
 asm volatile(LOCK_PREFIX "bts %2,%1\n\t"
       "sbb %0,%0"
       : "=r" (oldbit), ADDR
       : "Ir" (nr) : "memory");
 return oldbit;
}

static inline int test_and_clear_bit(int nr, volatile void *addr)
{
 int oldbit;
 asm volatile(LOCK_PREFIX "btr %2,%1\n\t"
       "sbb %0,%0"
       : "=r" (oldbit), ADDR
       : "Ir" (nr) : "memory");
 return oldbit;
}

1. bts and btr set/clear the bit and copy the old value to CF flag.
2. sbb %0,%0 equals (%0-(%0+CF)) -> %0
3. %0 -> oldbit

So, if the old bit is '0', these functions return 0;
      if the old bit is '1', these functions return -1;
Both of these functions were right if the comments modified as
"test_and_set_bit - Set a bit and return its opposite old value".

Can anybody point out what problems exist in my analysis?
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ