Re: [BUG] usb: cdc-wdm: Missing barriers in ad-hoc lockless buffer

Next message: Jens Emil Schulz Ostergaard: "Re: [PATCH net-next 1/8] net: dsa: add tag driver for LAN9645X"
Previous message: Krzysztof Wilczy&#x144;ski: "Re: [PATCH phy-next 22/22] MAINTAINERS: add regex for linux-phy"
In reply to: Gui-Dong Han: "Re: [BUG] usb: cdc-wdm: Missing barriers in ad-hoc lockless buffer"
Next in thread: Gui-Dong Han: "Re: [BUG] usb: cdc-wdm: Missing barriers in ad-hoc lockless buffer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Oliver Neukum

Date: Thu Mar 05 2026 - 08:02:26 EST

On 05.03.26 13:28, Gui-Dong Han wrote:

Specifically, wdm_read() accesses ->length and then ->flags, often
without holding ->iuspin. Similarly, wdm_in_callback() involves
multiple accesses to both.

I am indeed nervous about this pattern. Without barriers, changes to
these associated fields made on one CPU might be observed in a
completely different order on another CPU.

OK, I rechecked. And indeed it seems to me like setting WDM_OVERFLOW
and WDM_READ could be reordered with respect to each other in
wdm_in_callback() and that must not happen.
What do you think?

Regards
Oliver