In order to turn longjmp context-switch safe, it's necessary
to disable interrupts before modifying windowbase and windowstart.
Otherwise, after a context switch, windowstart and windowbase
would be different, leading to a wrongly set windowstart bit due to
longjmp writing it based on the windowbase before the context switch.
This corrupts the registers at the next window overflow reaching
that wrongly set bit.
*Background:*
This PR is related to an issue first observed on ESP-IDF
https://github.com/espressif/esp-idf/issues/5229 and it was, then,
checked on NuttX using a test application.
*The test application:*
To check if the problem affects ESP32, ESP32-S2 and ESP32-S3 on
NuttX, it was created an application based on:
https://en.cppreference.com/w/c/program/longjmp
The application creates 16 tasks (`#define NUMBER_OF_TASKS 16`)
that implements the following daemon:
```
static int setjmp_longjmp_daemon(int argc, char *argv[])
{
for (int i = 0; i < NUMBER_OF_TASKS * 2; i++)
{
jmp_buf env;
volatile int count = 0;
if (setjmp(env) != UINT16_MAX)
{
foo(&env, ++count);
}
}
sem_post(&g_sem);
return EXIT_SUCCESS;
}
```
The main function also initializes a semaphore to avoid application
exiting before tasks return successfully:
```
sem_init(&g_sem, 0, -NUMBER_OF_TASKS);
```
Finally, the round-robin interval was lowered to 1ms to raise the
chances of the longjmp being interrupted by a context switch
(`CONFIG_RR_INTERVAL=1).
This setup was able to reproduce the problem prior to this patch
being applied.
For CONFIG_BUILD_KERNEL using the sched/task/task_exithook implementation
will just not work. It calls user code with kernel privileges which is
a bit of a security issue.
Summary:
- This commit adds R_RISCV_JAL support to arch_elf.c
- The code only checks the immediate value but does not relocate it
because it is done by the compiler.
Impact:
- None
Testing:
- Tested with rv-virt:knsh64 (not merged yet)
Signed-off-by: Masayuki Ishikawa <Masayuki.Ishikawa@jp.sony.com>
The jump instruction relocation had an assert that tests for jumps with
an offset of 0. This makes it so that a while(1); statement causes an
assert because the jump instruction points to the same address, which
is perfectly legal.
Addend was not handled correctly in several reloc types.
Add ADD32/64 + SUB32/64 relocations, for some reason the compiler
I use likes to add them.
After check the official specification of ARM ISA
and Thumb ISA, the arch_setjmp_thumb.S are written
by arm unified assembly language,
so it easy to make it works for ARM and thumb ISA.
Signed-off-by: Huang Qi <huangqi3@xiaomi.com>
Summary:
- This commit adds thumb support to i.MX6
- Also, applies the same coding style to arch_elf.c
Impact:
- i.MX6 only
Testing:
- Tested with sabre-6quad:smp (QEMU, Dev board)
- Tested with sabre-6quad:netnsh (QEMU)
- Tested with sabre-6quad:netknsh (QEMU, not merged yet)
Signed-off-by: Masayuki Ishikawa <Masayuki.Ishikawa@jp.sony.com>
Summary:
- This commit adds thumb support to arch_elf.c
Impact:
- None
Testing:
- Tested with sabre-6quad:netknsh (QEMU, not merged yet)
Signed-off-by: Masayuki Ishikawa <Masayuki.Ishikawa@jp.sony.com>