From: Elias Oltmanns <eo@nebensachen.de>
To: Tejun Heo <tj@kernel.org>
Cc: Jeff Garzik <jeff@garzik.org>,
linux-ide@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 2/2 v3] libata: Implement disk shock protection support
Date: Sat, 20 Sep 2008 13:12:46 +0200 [thread overview]
Message-ID: <87wsh75avl.fsf@denkblock.local> (raw)
In-Reply-To: <87abe37462.fsf@denkblock.local> (Elias Oltmanns's message of "Sat, 20 Sep 2008 07:54:45 +0200")
[ Readding LKML which I dropped when starting this thread for some
inexplicable reason. ]
Elias Oltmanns <eo@nebensachen.de> wrote:
> Tejun Heo <tj@kernel.org> wrote:
>>> +static ssize_t ata_scsi_park_store(struct device *device,
>>> + struct device_attribute *attr,
>>> + const char *buf, size_t len)
>>> +{
>> ...
>>> + complete_all(&ap->park_req_pending);
>>
>> Sorry to catching this this late but calling complete_all() twice will
>> overflow the done counter. I think complete() should just work here,
>> no?
>
> Sorry for missing that in the first place, rather embarrassing that. I
> had just assumed that the done counter was set to an absolute value
> rather than added to. I really think that this is what we actually want,
> so, perhaps, a seperate patch for Ingo or someone is in order?
By the way, this doesn't really matter in our particular case. The
reason is that we only care about whether park_req_pending.done is equal
or unequal to zero. Since UINT_MAX is of the form 2n+1 (where n is some
interger value), calling complete_all() m times may overflow but will
still result in a non-zero value provided that m is smaller than n.
Assuming that m != 0 is even, we have:
m * n < m / 2 * (2 * n + 2).
Additionally, we have:
(m / 2 - 1) * (2 * n + 2) == (m - 2) * (n + 1) == m * n + m - (2 * n + 2).
This means that for 0 < m < UINT_MAX (and m even) we get:
m * n > (m / 2 - 1) * (2 * n + 2)
and consequently
m * n % (UINT_MAX + 1) == m * n - (m / 2) * (2 * n + 2) == 2 * n + 2 - m
== UINT_MAX + 1 - m.
Now consider the case that m is odd:
m * n < (m + 1) / 2 * (2 * n + 2).
But
(m - 1) / 2 * (2 * n + 2) == (m - 1) * (n + 1) == m * n + m - n - 1.
For m <= n (and m odd) we get:
m * n >= (m - 1) / 2 * (2 * n + 2)
and consequently
m * n % (UINT_MAX + 1) == m * n - (m - 1) / 2 * (2 * n + 2) == n + 1 - m.
This proves that the done counter will be non-zero if we call
complete_all() at least once and up to (UINT_MAX - 1) / 2 times. So,
I'll add some more comments about clearing ATA_EH_PARK and why it's
needed and then resend the patch. Mind you, I still think that
complete_all() should be changed. I'll take a look at other use cases in
the kernel and see whether overflowing is an issue there.
Regards,
Elias
next prev parent reply other threads:[~2008-09-20 11:13 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-09-19 21:41 Disk shock protection in libata Elias Oltmanns
2008-09-19 21:46 ` [PATCH 1/2 v3] Introduce ata_id_has_unload() Elias Oltmanns
2008-09-29 4:34 ` Jeff Garzik
2008-09-19 21:48 ` [PATCH 2/2 v3] libata: Implement disk shock protection support Elias Oltmanns
2008-09-20 4:47 ` Tejun Heo
2008-09-20 5:54 ` Elias Oltmanns
2008-09-20 11:12 ` Elias Oltmanns [this message]
2008-09-20 21:44 ` [PATCH 2/2 v4] " Elias Oltmanns
2008-09-20 23:55 ` Tejun Heo
2008-09-21 9:54 ` [PATCH 2/2 v5] " Elias Oltmanns
2008-09-21 9:58 ` Tejun Heo
2008-09-21 9:51 ` [PATCH 2/2 v3] " Elias Oltmanns
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87wsh75avl.fsf@denkblock.local \
--to=eo@nebensachen.de \
--cc=jeff@garzik.org \
--cc=linux-ide@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=tj@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.