[PATCH] oprofile per-cpu buffer overrun

From: Philippe Elie <phil.el@wanadoo.fr> In a ring buffer controlled by a read and write positions we can't use buffer_size but only buffer_size - 1 entry, the last free entry act as a guard to avoid write pos overrun. This bug was hidden because the writer, oprofile_add_sample(), request one more entry than really needed.

[PATCH] oprofile per-cpu buffer overrun
From: Philippe Elie <phil.el@wanadoo.fr> In a ring buffer controlled by a read and write positions we can't use buffer_size but only buffer_size - 1 entry, the last free entry act as a guard to avoid write pos overrun. This bug was hidden because the writer, oprofile_add_sample(), request one more entry than really needed.
26c8fae2 · Andrew Morton · Linus Torvalds · 2c8aa408 · 26c8fae2
Commit 26c8fae2 authored Feb 03, 2004 by Andrew Morton Committed by Linus Torvalds Feb 03, 2004
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

drivers/oprofile/cpu_buffer.c drivers/oprofile/cpu_buffer.c +2 -2

No files found.
--- a/drivers/oprofile/cpu_buffer.c
+++ b/drivers/oprofile/cpu_buffer.c
@@ -86,9 +86,9 @@ static unsigned long nr_available_slots(struct oprofile_cpu_buffer const * b)
 	unsigned long tail = b->tail_pos;

 	if (tail > head)
-		return tail - head;
+		return (tail - head) - 1;

-	return tail + (b->buffer_size - head);
+	return tail + (b->buffer_size - head) - 1;
 }