You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The ring buffer position calculations were using regular arithmetic operations which could overflow. Just like Linux's jiffies, the writer position ran out quickly on i686, and possible to exhaust x86_64's usize in reasonable time. This has been fixed by using wrapping arithmetic operations (wrapping_add and wrapping_sub) to handle position calculations safely.
It's still technically possible that the position wraps all around and make the overrun test to return false negative, but just like the jiffies, we can safely ignore this problem in any production environment.
Improved Writer Overrun Detection
Fixed overrun detection by checking after message construction but before reader position updates. This prevents issues where the frame header might be overwritten by the writer.
Additional Improvements
Added reset method to Reader for recovering from overrun conditions
Improved error handling in example code to handle overrun conditions gracefully
Added explicit position alignment checks for into_writer_at and with_initial_position
Added comprehensive tests for position wrap-around and reader overrun scenarios
For the wrapping arithmetic, it's exactly the same as normal arithmetic if it never wraps around, and the + operator and - operator are wrapping by default on release mode and it panics when overflow occurs on debug. Using wrapping_* will not changes the behavior but just make it clear.
for the wrapping arithmetic, it's exactly the same if it never wraps around, and the + operator and - operator are wrapping by default on release mode and it panics when overflow occurs on debug. Using wrapping_* will not changes the behavior but just make it clear.
fair point; I might need to revise it at some point and split position into lap_count: u32 and lap_position: u64 to ensure we never loose the unique position within the stream; alternatively we can change to checked_add to prevent position overflow
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Position Arithmetic Overflow
The ring buffer position calculations were using regular arithmetic operations which could overflow. Just like Linux's jiffies, the writer position ran out quickly on i686, and possible to exhaust x86_64's
usizein reasonable time. This has been fixed by using wrapping arithmetic operations (wrapping_addandwrapping_sub) to handle position calculations safely.It's still technically possible that the position wraps all around and make the overrun test to return false negative, but just like the jiffies, we can safely ignore this problem in any production environment.
Improved Writer Overrun Detection
Fixed overrun detection by checking after message construction but before reader position updates. This prevents issues where the frame header might be overwritten by the writer.
Additional Improvements
resetmethod to Reader for recovering from overrun conditionsinto_writer_atandwith_initial_position