The official mbed C/C++ SDK provides the software platform and libraries to build your applications.

Dependents:   hello SerialTestv11 SerialTestv12 Sierpinski ... more

Issue: race condition in mbed/libraries/USBDevice/USBSerial/CircBuffer.h

The context for the following is

1) serial out from host 2) arriving data is queued by ISR (EP callback) 3) client program pulls data out

void queue(T k) { if (isFull()) { read++; read %= size; } buf[write++] = k; write %= size; }

In the "isFull()" case, this code introduces a race condition between the client and the ISR. Suppose that the client is interrupted pulling out data (has already copied read into a register) and the ISR executes queue a few times. Once execution returns to the client, read will be overwritten with an incorrect value.

Here's getc where the client uses the queue

int USBSerial::_getc() { uint8_t c = 0; while (buf.isEmpty()); buf.dequeue(&c); return c; }

No queue bug in the other direction since putc doesn't use a queue (it appears to send single character packets)

2 comments:

22 Apr 2015

You could try disabling interrupts during the buffer-read section of your code to prevent the ISR from corrupting the read operation.

You could also try atomically reading the data from the circular buffer to a secondary buffer before operating to reduce the time spent between the first and last read operations as well as mitigating the risk of an interrupt during the data transfer from the circular buffer to your secondary buffer.

07 May 2015

I don't want to be rude, but I know how to work around this and furthermore, I know how to fix the bug; however, the point of my post is that this is a bug in the core library and should be addressed by the library maintainers.