08.09.2014 02:51, Clemens Ladisch wrote:
Alexander E. Patrakov wrote:
The consensus is that rewind_safeguard is a workaround for an ALSA bug.
I do not agree with this consensus.
OK, disagreements are what this thread is for :)
This information should come from snd_pcm_rewindable() from the hw plugin. I.e., on a hw device, it should not be equal to snd_pcm_mmap_hw_avail(). [...] the safeguard should be ideally equal to the granularity of hardware pointer updates.
When snd_pcm_rewindable() is called, it uses the last reported hardware pointer position, which is the boundary between safe-to-rewrite and already-used data. Subtracting the amount of one pointer update step makes it safe for the next pointer update, but it is not known how much time will elapse until the hardware does this update. This time might be too small for the software to have any chance, or even zero, but it is also possible that there is still enough time to do the rewriting up until the reported boundary. And if the software is too slow, it is even possible that two or more pointer updates happen, which would have required a larger safeguard.
I disagree with the words "boundary between safe-to-rewrite and already-used data". They describe a point that hardware knows, but software cannot know. My viewpoint is that, even with a perfect scheduler, known-safe-to-rewrite and known-already-used data are not separated with a point. See below for an example.
You indeed have a strong argument for keeping the safeguard in PulseAudio as a protection against scheduler glitches, but look what happens on ymfpci. Having read David's email, I understand that it is not the same reason why the safeguard has been originally added.
On ymfpci, interrupts (that don't correspond 1:1 to periods) happen every 5 ms, and pointer (which is a hardware register) is updated only during interrupts by the hardware.
|---------|---------P----h----p---------|-a-------|---------|
Here each character corresponds to 0.5 ms, "-" means nothing interesting, "|", "P" and "p" mark interrupt positions, "h" marks the place where the card reads the sound data from (i.e. the true boundary between safe-to-rewrite and already-used data). Thus, the interrupt at "P" has already happened, but the interrupt at "p" hasn't. "a" is the application write pointer.
So, what should alsa-lib return for snd_pcm_avail() and snd_pcm_rewind()? The driver only knows that "P" is already used, can infer that "p" isn't used yet, and knows nothing about samples in the middle.
For snd_pcm_avail(), it can only say that the application may only write up to "P" from the left. Everything else would be a possible lie leading to not-yet-played data possibly being overwritten.
For snd_pcm_rewindable(), it can only say that the application may try to go to "p" from the right. Everything further to the left is at risk of being already-played, even with a perfect scheduler and infinitely fast CPU.
In other words: the snd_pcm_mmap_hw_avail() value is possibly ouf of date, but due to the real-time nature of hardware pointer updates, it is not possible to define a safeguard that would be more correct. Writing the buffer near the DMA pointer is always racy.
Correct. The problem is that, on some cards, the uncertainty here (described above) is an order of magnitude bigger than typical scheduler glitches, and depends on sound card hardware. I don't want to introduce an unnecessarily-big safeguard for all sound cards because of a few bad ones.
So it looks like we need both the hardware-independent safeguard in PulseAudio (against scheduler glitches) and the hardware-dependent safeguard in alsa-lib (against known imprecise reporting by the card).
The only somewhat reliable way to determine if a rewrite is successful is to check _afterwards_ whether the hardware pointer has advanced by too much.
PulseAudio does that in addition to the safeguard.
[...] On cards where pointer updates happen only on interrupts, the driver should not configure the card in such a way that one period visible to the userspace corresponds to one interrupt. Instead, it should always configure the card for the minimum possible period size, and report only part of the period interrupts to period_elapsed().
Such stupid DMA controllers are typically found on mobile devices, which cannot afford extraneous interrupts.
Thanks for the information, I didn't know that, and hereby retract the quoted proposal.
Still, to support this type of stupid DMA controllers properly, we need a vocabulary of such weirdnesses and an agreed-upon way to communicate them from the kernel to userspace. I don't think that I can build such vocabulary.
=== On the programmer expectations ===
Some people, including at least Andrew Eikum and Clemens Ladisch, at least once in the past expressed the opinion that amounts to "any plugin that does not allow random access is, as far as the ALSA API is concerned, buggy" (quoting http://permalink.gmane.org/gmane.linux.alsa.devel/122159 ), i.e. they are maybe asking for the impossible.
This was merely a description of the current API and its implementation, which assume that all devices/plugins have a rewritable ring buffer. I am fully aware that this assumption is wrong.
OK. Now I see that in your case it was a misinterpretation from my side - sorry for that! But this doesn't cancel the attitude "if a function is documented without any caveats, it must always work, usefully" that I have seen from others. So I'll put a documentation patch on my TODO list.