You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nuttx.apache.org by gn...@apache.org on 2020/02/18 13:06:21 UTC
[incubator-nuttx] branch master updated: arch: armv7-a: Fix heap
corruption in SMP mode
This is an automated email from the ASF dual-hosted git repository.
gnutt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-nuttx.git
The following commit(s) were added to refs/heads/master by this push:
new e7d44ee arch: armv7-a: Fix heap corruption in SMP mode
e7d44ee is described below
commit e7d44ee16ec785eaf9b1a9fadddab8aa291fcdf5
Author: Masayuki Ishikawa <ma...@gmail.com>
AuthorDate: Tue Feb 18 14:13:04 2020 +0900
arch: armv7-a: Fix heap corruption in SMP mode
Currently up_allocate_heap() assumes that g_idle_topstack points
top of the heap memory. However, g_idle_topstack pointed incorrect
address in SMP mode which resulted in heap corruption. This PR
moves g_idle_topstack at the end of .noinit to avoid this issue.
Signed-off-by: Masayuki Ishikawa <Ma...@jp.sony.com>
---
arch/arm/src/armv7-a/arm_cpuhead.S | 11 ++++++++++-
arch/arm/src/armv7-a/arm_head.S | 2 ++
2 files changed, 12 insertions(+), 1 deletion(-)
diff --git a/arch/arm/src/armv7-a/arm_cpuhead.S b/arch/arm/src/armv7-a/arm_cpuhead.S
index 095b7fd..69e1bc4 100644
--- a/arch/arm/src/armv7-a/arm_cpuhead.S
+++ b/arch/arm/src/armv7-a/arm_cpuhead.S
@@ -494,5 +494,14 @@ g_cpu3_idlestack:
#endif /* CONFIG_SMP_NCPUS > 3 */
#endif /* CONFIG_SMP_NCPUS > 2 */
#endif /* CONFIG_SMP_NCPUS > 1 */
-#endif
+
+ .align 8
+ .globl g_idle_topstack
+ .type g_idle_topstack, object
+
+g_idle_topstack:
+ .long _enoinit
+ .size g_idle_topstack, .-g_idle_topstack
+
+#endif /* CONFIG_SMP */
.end
diff --git a/arch/arm/src/armv7-a/arm_head.S b/arch/arm/src/armv7-a/arm_head.S
index b0d229a..9f1958c 100644
--- a/arch/arm/src/armv7-a/arm_head.S
+++ b/arch/arm/src/armv7-a/arm_head.S
@@ -784,6 +784,7 @@ arm_data_initialize:
* Data section variables
***************************************************************************/
+#ifndef CONFIG_SMP
/* This global variable is unsigned long g_idle_topstack and is
* exported from here only because of its coupling to .Linitparms
* above.
@@ -804,3 +805,4 @@ g_idle_topstack:
.size g_idle_topstack, .-g_idle_topstack
#endif
.end
+#endif