From: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
To: Tom Zanussi <tzanussi@gmail.com>
Cc: penberg@cs.helsinki.fi, akpm@linux-foundation.org,
compudj@krystal.dyndns.org, linux-kernel@vger.kernel.org,
righi.andrea@gmail.com
Subject: Re: [PATCH 1/3] relay: Fix 4 off-by-one errors occuring when writing to a CPU buffer.
Date: Sat, 14 Jun 2008 17:52:23 +0300 [thread overview]
Message-ID: <20080614175223.4d3c6084@linux360.ro> (raw)
In-Reply-To: <1213418437.8237.51.camel@charm-linux>
On Fri, 13 Jun 2008 23:40:37 -0500
Tom Zanussi <tzanussi@gmail.com> wrote:
> I'm wondering if the all-zeroes at the end of the buffer might be
> another case of the all-zeroes you were seeing due to cross-cpu
> reading you decribed in the other patch. In any case, I'm pretty
> sure this patch isn't doing what you think it is, and don't see how
> it could have fixed the problem (see below). There may still be a
> bug somewhere, but it would be good to be able to reproduce it. Does
> it happen even when running on a single cpu?
Hi,
I noticed this problem after adding those spinlocks. As far as I can
tell, having (offset == subbuf_size + 1) at any given moment allows the
read() handler to see inconsistent offsets:
1. writer sets offset = subbuf_size + 1
2. writer releases spinlock
3. read() acquires spinlock and reads the wrong offset
4. read() releases spinlock
5. next writer corrects the offset at the next write
> This case, offset being 1 larger than the subbuf size, is how we note
> a full sub-buffer, so changing this will break full-subbuffer cases.
No, it won't. Maximum length messages result in the following condition:
start + offset == subbuf_size
This happens because a buffer of length subbuf_size actually ranges
from zero to (subbuf_size - 1) in regard to how it is addressed. Then,
subbuf_size + 1 isn't just outside the bounds, but one more byte off.
"Visual" example:
subbuf_size = 4
|[ ][ ][ ][ ]|[ ]
0 1 2 3 subbuf_size
So, a full subbufer means offset equals subbuf_size, that is, the next
empty slot is just outside the subbuffer.
Eduard
next prev parent reply other threads:[~2008-06-14 14:53 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-06-13 1:09 [PATCH 1/3] relay: Fix 4 off-by-one errors occuring when writing to a CPU buffer Eduard - Gabriel Munteanu
2008-06-14 4:40 ` Tom Zanussi
2008-06-14 14:52 ` Eduard - Gabriel Munteanu [this message]
2008-06-16 5:22 ` Tom Zanussi
2008-06-21 2:06 ` Eduard - Gabriel Munteanu
2008-07-24 5:09 ` Tom Zanussi
2008-07-30 17:48 ` Eduard - Gabriel Munteanu
2008-08-13 6:16 ` Tom Zanussi
2008-08-14 16:35 ` Eduard - Gabriel Munteanu
2008-08-15 4:31 ` Tom Zanussi
-- strict thread matches above, loose matches on Subject: below --
2008-06-12 20:26 Eduard - Gabriel Munteanu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080614175223.4d3c6084@linux360.ro \
--to=eduard.munteanu@linux360.ro \
--cc=akpm@linux-foundation.org \
--cc=compudj@krystal.dyndns.org \
--cc=linux-kernel@vger.kernel.org \
--cc=penberg@cs.helsinki.fi \
--cc=righi.andrea@gmail.com \
--cc=tzanussi@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.