From: bugzilla-daemon@kernel.org
To: linux-usb@vger.kernel.org
Subject: [Bug 220272] Latent race condition in USB code unveiled with optimized memset_64.S
Date: Tue, 01 Jul 2025 17:50:33 +0000 [thread overview]
Message-ID: <bug-220272-208809-KreA6zwP0b@https.bugzilla.kernel.org/> (raw)
In-Reply-To: <bug-220272-208809@https.bugzilla.kernel.org/>
https://bugzilla.kernel.org/show_bug.cgi?id=220272
--- Comment #23 from Alan Stern (stern@rowland.harvard.edu) ---
Well, the new traces are a little more helpful but not much.
There is essentially no difference between the initialization portions of the
two traces. The difference shows up when you start moving the mouse. In both
traces the mouse sends data to the computer. In the working case, the data
contains what you would expect: information about the mouse position and button
presses. But in the failure case, the data contains nothing but 0's.
Here's where the data starts in the working trace:
ffffa25a535589c0 74469528 S Ii:1:006:1 -115:1 7 <
ffffa25a535589c0 76172178 C Ii:1:006:1 0:1 7 = 000000ff ff0000
ffffa25a535589c0 76172197 S Ii:1:006:1 -115:1 7 <
ffffa25a535589c0 76174062 C Ii:1:006:1 0:1 7 = 000000ff ff0000
ffffa25a535589c0 76174078 S Ii:1:006:1 -115:1 7 <
ffffa25a535589c0 76176189 C Ii:1:006:1 0:1 7 = 000000ff ff0000
ffffa25a535589c0 76176218 S Ii:1:006:1 -115:1 7 <
ffffa25a535589c0 76178108 C Ii:1:006:1 0:1 7 = 000000fd ff0000
ffffa25a535589c0 76178128 S Ii:1:006:1 -115:1 7 <
ffffa25a535589c0 76180102 C Ii:1:006:1 0:1 7 = 000000fc ff0000
ffffa25a535589c0 76180126 S Ii:1:006:1 -115:1 7 <
ffffa25a535589c0 76182070 C Ii:1:006:1 0:1 7 = 000000f9 ff0000
ffffa25a535589c0 76182086 S Ii:1:006:1 -115:1 7 <
ffffa25a535589c0 76184066 C Ii:1:006:1 0:1 7 = 000100f7 ff0000
ffffa25a535589c0 76184081 S Ii:1:006:1 -115:1 7 <
ffffa25a535589c0 76186083 C Ii:1:006:1 0:1 7 = 000200f5 ff0000
You can see the changing values in the two right-hand columns.
Here's the corresponding portion from the failure trace:
ffffa25a53558780 40179815 C Ii:1:004:1 0:1 7 = 00000000 000000
ffffa25a53558780 40179828 S Ii:1:004:1 -115:1 7 <
ffffa25a53558780 40181774 C Ii:1:004:1 0:1 7 = 00000000 000000
ffffa25a53558780 40181787 S Ii:1:004:1 -115:1 7 <
ffffa25a53558780 40183769 C Ii:1:004:1 0:1 7 = 00000000 000000
ffffa25a53558780 40183782 S Ii:1:004:1 -115:1 7 <
ffffa25a53558780 40185773 C Ii:1:004:1 0:1 7 = 00000000 000000
ffffa25a53558780 40185783 S Ii:1:004:1 -115:1 7 <
ffffa25a53558780 40187792 C Ii:1:004:1 0:1 7 = 00000000 000000
ffffa25a53558780 40187799 S Ii:1:004:1 -115:1 7 <
ffffa25a53558780 40189792 C Ii:1:004:1 0:1 7 = 00000000 000000
ffffa25a53558780 40189798 S Ii:1:004:1 -115:1 7 <
ffffa25a53558780 40191705 C Ii:1:004:1 0:1 7 = 00000000 000000
ffffa25a53558780 40191716 S Ii:1:004:1 -115:1 7 <
ffffa25a53558780 40192702 C Ii:1:004:1 0:1 7 = 00000000 000000
ffffa25a53558780 40192705 S Ii:1:004:1 -115:1 7 <
ffffa25a53558780 40193717 C Ii:1:004:1 0:1 7 = 00000000 000000
There's nothing to indicate why the mouse is misbehaving in this way. Maybe it
just needs to be initialized twice before it will work right. Whatever the
reason is, it certainly looks like the fault is in the mouse, not in the
computer's software.
Have you tried using the mouse on a different computer or under a different
operating system?
Also, can you try getting a trace equivalent to the failure one here, but with
the standard memset implementation rather than your improved one?
--
You may reply to this email to add a comment.
You are receiving this mail because:
You are watching the assignee of the bug.
next prev parent reply other threads:[~2025-07-01 17:50 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-26 11:39 [Bug 220272] New: Latent race condition in USB code unveiled with optimized memset_64.S bugzilla-daemon
2025-06-26 14:04 ` Greg KH
2025-06-26 14:05 ` [Bug 220272] " bugzilla-daemon
2025-06-26 14:30 ` bugzilla-daemon
2025-06-26 16:02 ` bugzilla-daemon
2025-06-26 16:20 ` bugzilla-daemon
2025-06-26 16:51 ` bugzilla-daemon
2025-06-26 16:53 ` bugzilla-daemon
2025-06-27 8:28 ` bugzilla-daemon
2025-06-27 9:17 ` bugzilla-daemon
2025-06-27 15:52 ` bugzilla-daemon
2025-06-27 16:08 ` bugzilla-daemon
2025-06-27 17:36 ` bugzilla-daemon
2025-06-28 7:22 ` bugzilla-daemon
2025-06-28 16:11 ` bugzilla-daemon
2025-06-28 17:26 ` bugzilla-daemon
2025-06-29 14:19 ` bugzilla-daemon
2025-06-30 8:57 ` bugzilla-daemon
2025-06-30 9:17 ` bugzilla-daemon
2025-06-30 14:26 ` bugzilla-daemon
2025-06-30 14:35 ` bugzilla-daemon
2025-06-30 16:51 ` bugzilla-daemon
2025-06-30 18:38 ` bugzilla-daemon
2025-06-30 19:22 ` bugzilla-daemon
2025-07-01 17:50 ` bugzilla-daemon [this message]
2025-07-02 5:48 ` bugzilla-daemon
2025-07-02 6:02 ` bugzilla-daemon
2025-07-02 8:06 ` bugzilla-daemon
2025-07-02 14:12 ` bugzilla-daemon
2025-07-02 17:20 ` bugzilla-daemon
2025-07-02 17:38 ` bugzilla-daemon
2025-07-10 20:46 ` bugzilla-daemon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-220272-208809-KreA6zwP0b@https.bugzilla.kernel.org/ \
--to=bugzilla-daemon@kernel.org \
--cc=linux-usb@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox