Re: file offset corruption on 32-bit machines?

Well it would take seriously hard work to make a program that would work
correctly if it was atomic and would break if it isn't. Certainly a
normal program that just tries to seek and read/write should never have
any issue.

I can easily imagine such a program. I think you aren't exercising enough
imagination about the kinds of requirements a program might be
implementing.

That lack of imagination (in all of us) is the reason we shouldn't
tolerate something working not as designed or not as expected just because
we went through every possible use scenario and it didn't matter in any of
them. Just focus on the layer in question.

The easiest way to imagine a program not doing locking and being useful
anyway (as long as the kernel is thread-safe) is to use the same arguments
you use for the kernel doing it: there's a higher level user responsible
for locking. The code in question doesn't guarantee that user writes all
its stuff to the right place, but at least it guarantees that that user's
lack of locking doesn't screw some other user of the file. It does that
by ensuring it never seeks to a place the user doesn't own and that no two
separate users ever access the file at the same time.

I'd even like to accomodate the poor user trying to debug the broken
locking in his application. He sees the file getting corrupted and
immediately thinks, "what if my thread serialization isn't working right?"
But he notices that the corruption isn't consistent with that hypothesis.
He knows he was working with only the beginning and the end of the file
and the corruption happened in the middle. So he wastes a week
considering other hypotheses, including a kernel bug, until someone points
out a paragraph in the lseek() man page that says contrary to all Unix
convention, that particular function and system call is not thread-safe,
and it doesn't necessarily seek to the place mentioned in its argument.

--
Bryan Henderson IBM Almaden Research Center
San Jose CA Filesystems

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Relevant Pages

  • Re: WKCnt6G9v
    ... I was holding to narrow you some of my constant collapses. ... locking with interesting Will until his division lowers extremely. ... corruption in Milton's fish might book some advisory reluctances. ...
    (sci.crypt)
  • Re: Logistical supply systems - efficient? corrupt?
    ... systems of the various armed forces in World War II. ... and especiallyabout their relative corruption. ... I imagine the USSR as having few --- ... The Japanese ...
    (soc.history.war.world-war-ii)
  • Re: Records corrupt in Access 2000+ but not Access 97
    ... In table view, using pessimistic record locking, I get only one record locked. ... Is it sensible for me to untick this box for all my A2000/2003/2007 clients to avoid corruption? ... I can't find any specific cause, but can reliably corrupt a record by clicking Save in the Write Conflict box. ... This is independent of the field edited, the record edited, whether the same field is changed in the 2 FEs, whether the FE is an mdb or mde, if the memo field is removed from the form, if the memo field is removed from the underlying table, and a few other things. ...
    (comp.databases.ms-access)
  • Re: LA - Paddings its pockets with pork, rather than relief money
    ... >> ever imagine or dream about... ... >> Rebuild I-10, under federal control. ... Given the incompetance and corruption of the Bush administration, ... > highway to reduce deaths in Kentucky or West Virginia? ...
    (misc.transport.road)
  • Re: locking
    ... > thread-safe is probably a much bigger task. ... I saw that the routing code seems to use macros for the locking ... Do you use macros everywhere? ... Regarding synchronization -- semaphores can be used to implement mutual ...
    (freebsd-net)