On Sun, 26 Nov 2006, David Brownell wrote: > On Sunday 26 November 2006 6:46 pm, Alan Stern wrote: > > On Sun, 26 Nov 2006, David Brownell wrote: > > > > > On Thursday 23 November 2006 6:19 am, Oliver Neukum wrote: > > > > Hi, > > > > > > > > gl620a uses a buffer within a struct. This can corrupt memory on > > > > machines > > > > that are not cache coherent. > > > > > > How could it possibly corrupt memory? > > > > It would be more accurate to say that it could corrupt the contents of the > > buffer during an input operation. I don't think it matters as far as > > output is concerned... > > The question still remains: how could this corruption happen?
The driver starts an input operation to the buffer embedded in the struct. As part of that the core calls dma_map_single(), which flushes the cache line(s) containing the buffer. During the input operation a DMA transfer stores data from the device in the buffer. Meanwhile the driver still needs to access other parts of the struct. They share the same cache line as parts of the buffer. As a result the cache line gets filled again, possibly before the DMA has taken place. Now the cache is full but it doesn't have the data sent by the device. When the input operation finishes, the CPU won't see the correct data in the buffer -- it will see the stale data in the cache. If the CPU does a write to the struct it could even overwrite the correct data with the stale cached data. Alan Stern ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ [email protected] To unsubscribe, use the last form field at: https://lists.sourceforge.net/lists/listinfo/linux-usb-devel
