Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cpu/cortexm: clear FPU state in cpu_switch_context_exit() #18697

Merged
merged 1 commit into from
Oct 6, 2022
Merged

cpu/cortexm: clear FPU state in cpu_switch_context_exit() #18697

merged 1 commit into from
Oct 6, 2022

Conversation

kaspar030
Copy link
Contributor

@kaspar030 kaspar030 commented Oct 5, 2022
edited
Loading

Contribution description

When an exiting thread that was using the FPU would cause a context switch to a non-FPU-using thread, the lazy stacking could stay activated with outdated info, causing memory corruption:

  1. fpu using thread exits, lands in sched_task_exit
  2. sched_active_thread is set to NULL
  3. cpu_switch_context_exit triggers pendsv
  4. pendsv exception entry creates an extended stack frame, configures lazy stacking with FPCAR pointing to the exiting thread's reserved space
  5. isr_pendsv skips storing the thread context because sched_active_thread is NULL
  6. isr_pendsv, when jumping to a thread that didn't use fpu (thus the restored EXC_RETURN[4] is set), *doesn't restore FPU context
  7. note that lazy stacking was activated due to the thread using FPU, but in ISR, no fpu is used, and the VSTR/VLDR were skipped
  8. next time any fpu is used, the lazy stacking takes place -> the FPU registers get stored to the old thread's reserved space -> memory corruption

Testing procedure

The new test in #18641 triggers this.

Issues/PRs references

#18641

Alternative to #18691.

@kaspar030 kaspar030 added CI: ready for build If set, CI server will compile all applications for all available boards for the labeled PR CI: run tests If set, CI server will run tests on hardware for the labeled PR labels Oct 5, 2022
@kaspar030 kaspar030 requested a review from bergzand as a code owner October 5, 2022 20:23
@kaspar030 kaspar030 requested a review from maribu October 5, 2022 20:23
@github-actions github-actions bot added Area: cpu Area: CPU/MCU ports Platform: ARM Platform: This PR/issue effects ARM-based platforms labels Oct 5, 2022
@maribu maribu enabled auto-merge October 5, 2022 20:26
This was referenced Oct 5, 2022
Merged
Closed
@riot-ci
Copy link

riot-ci commented Oct 5, 2022

Murdock results

✔️ PASSED

5cc43e5 cpu/cortexm: clear FPU state in cpu_switch_context_exit()

Success Failures Total Runtime
1981 0 1981 06m:53s

This only reflects a subset of all builds from https://ci-prod.riot-os.org. Please refer to https://ci.riot-os.org for a complete build for now.

@maribu maribu merged commit 90c9279 into RIOT-OS:master Oct 6, 2022
@maribu maribu added this to the Release 2022.10 milestone Oct 14, 2022
@kaspar030 kaspar030 deleted the cortexm_clear_fpu_state_on_thread_exit branch November 25, 2022 07:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@maribu maribu maribu approved these changes

@bergzand bergzand Awaiting requested review from bergzand bergzand is a code owner

Assignees
No one assigned
Labels
Area: cpu Area: CPU/MCU ports CI: ready for build If set, CI server will compile all applications for all available boards for the labeled PR CI: run tests If set, CI server will run tests on hardware for the labeled PR Platform: ARM Platform: This PR/issue effects ARM-based platforms
Projects
None yet
Milestone
Release 2022.10
Development

Successfully merging this pull request may close these issues.
3 participants
@kaspar030 @riot-ci @maribu