From 0ad5bc50fb8a406202f512c0b53af6a91233f379 Mon Sep 17 00:00:00 2001
From: Loyen Wang <loyenwang401@gmail.com>
Date: Wed, 4 Sep 2019 07:49:27 -0600
Subject: [PATCH] arch/arm/src/arm/up_fullcontextrestore.S:  When performing
 stability test, the application would cause kernel crash. When I trace the
 stack, I find that register R1 has been changed, and its value is the same as
 register CPSR.  In p_fullcontextrestore.S, the restoration of R0 and R1 is
 not atomic:  'msr cpsr r1 will enable interrupts and the recovery of r0 and
 r1 may be interrupted and the value or R1 may be changed.  Fix is to use a
 single ldmia to restore R0, R1, and return via R15.

---
 arch/arm/src/arm/up_fullcontextrestore.S | 12 +++---------
 1 file changed, 3 insertions(+), 9 deletions(-)

diff --git a/arch/arm/src/arm/up_fullcontextrestore.S b/arch/arm/src/arm/up_fullcontextrestore.S
index 50fdd745dd..2deef8cd1f 100644
--- a/arch/arm/src/arm/up_fullcontextrestore.S
+++ b/arch/arm/src/arm/up_fullcontextrestore.S
@@ -103,16 +103,10 @@ up_fullcontextrestore:
 	ldr	r1, [r0, #(4*REG_CPSR)]	/* Fetch the stored CPSR value */
 	msr	cpsr, r1		/* Set the CPSR */
 
-	/* Now recover r0 and r1 */
-
-	ldr	r0, [sp]
-	ldr	r1, [sp, #4]
-	add	sp, sp, #(2*4)
-
-	/* Then return to the address at the stop of the stack,
-	 * destroying the stack frame
+	/* Now recover r0 and r1. Then return to the address at the stop of
+         * the stack, destroying the stack frame
 	 */
 
-	ldr	pc, [sp], #4
+	ldmia	sp!, {r0-r1, r15}
 	.size up_fullcontextrestore, . - up_fullcontextrestore