Merge branch 'bugfix/bootloader_stack_smash' into 'master'

Fix crashes when >approx 185KB of DRAM is statically allocated See merge request !983
2017-07-17 14:11:35 +08:00 · 2017-07-17 14:11:35 +08:00 · e50870c2dc
parent f824829a13 99fe61716c
commit e50870c2dc
6 changed files with 32 additions and 12 deletions
--- a/components/bootloader/src/main/bootloader_start.c
+++ b/components/bootloader/src/main/bootloader_start.c
@ -520,6 +520,13 @@ static void unpack_load_app(const esp_partition_pos_t* partition)
               bootloader RAM... */

            if (end_addr < 0x40000000) {
+                if (end_addr > 0x3FFE0000) {
+                    /* Temporary workaround for an ugly crash, until we allow >192KB of static DRAM */
+                    ESP_LOGE(TAG, "DRAM segment %d (start 0x%08x end 0x%08x) too large for IDF to boot",
+                             segment, start_addr, end_addr);
+                    return;
+                }
+
                sp = (intptr_t)get_sp();
                if (end_addr > sp) {
                    ESP_LOGE(TAG, "Segment %d end address %08x overlaps bootloader stack %08x - can't load",
--- a/components/esp32/cpu_start.c
+++ b/components/esp32/cpu_start.c
@ -68,12 +68,12 @@
 #define STRINGIFY(s) STRINGIFY2(s)
 #define STRINGIFY2(s) #s

-void start_cpu0(void) __attribute__((weak, alias("start_cpu0_default")));
-void start_cpu0_default(void) IRAM_ATTR;
+void start_cpu0(void) __attribute__((weak, alias("start_cpu0_default"))) __attribute__((noreturn));
+void start_cpu0_default(void) IRAM_ATTR __attribute__((noreturn));
 #if !CONFIG_FREERTOS_UNICORE
-static void IRAM_ATTR call_start_cpu1();
-void start_cpu1(void) __attribute__((weak, alias("start_cpu1_default")));
-void start_cpu1_default(void) IRAM_ATTR;
+static void IRAM_ATTR call_start_cpu1() __attribute__((noreturn));
+void start_cpu1(void) __attribute__((weak, alias("start_cpu1_default"))) __attribute__((noreturn));
+void start_cpu1_default(void) IRAM_ATTR __attribute__((noreturn));
 static bool app_cpu_started = false;
 #endif //!CONFIG_FREERTOS_UNICORE

@ -126,6 +126,13 @@ void IRAM_ATTR call_start_cpu0()
        esp_panic_wdt_stop();
    }

+    // Temporary workaround for an ugly crash, until we allow > 192KB of static DRAM
+    if ((intptr_t)&_bss_end > 0x3FFE0000) {
+        // Can't use assert() or logging here because there's no .bss
+        ets_printf("ERROR: Static .bss section extends past 0x3FFE0000. IDF cannot boot.\n");
+        abort();
+    }
+
    //Clear BSS. Please do not attempt to do any complex stuff (like early logging) before this.
    memset(&_bss_start, 0, (&_bss_end - &_bss_start) * sizeof(_bss_start));

@ -281,11 +288,13 @@ void start_cpu0_default(void)
    esp_core_dump_init();
 #endif

-    xTaskCreatePinnedToCore(&main_task, "main",
-            ESP_TASK_MAIN_STACK, NULL,
-            ESP_TASK_MAIN_PRIO, NULL, 0);
+    portBASE_TYPE res = xTaskCreatePinnedToCore(&main_task, "main",
+                                                ESP_TASK_MAIN_STACK, NULL,
+                                                ESP_TASK_MAIN_PRIO, NULL, 0);
+    assert(res == pdTRUE);
    ESP_LOGI(TAG, "Starting scheduler on PRO CPU.");
    vTaskStartScheduler();
+    abort(); /* Only get to here if not enough free heap to start scheduler */
 }

 #if !CONFIG_FREERTOS_UNICORE
@ -312,6 +321,7 @@ void start_cpu1_default(void)

    ESP_EARLY_LOGI(TAG, "Starting scheduler on APP CPU.");
    xPortStartScheduler();
+    abort(); /* Only get to here if FreeRTOS somehow very broken */
 }
 #endif //!CONFIG_FREERTOS_UNICORE

--- a/components/esp32/dport_access.c
+++ b/components/esp32/dport_access.c
@ -173,7 +173,8 @@ static void dport_access_init_core(void *arg)
 /*  Defer initialisation until after scheduler is running */
 void esp_dport_access_int_init(void)
 {
-    xTaskCreatePinnedToCore(&dport_access_init_core, "dport", configMINIMAL_STACK_SIZE, NULL, 5, NULL, xPortGetCoreID());
+    portBASE_TYPE res = xTaskCreatePinnedToCore(&dport_access_init_core, "dport", configMINIMAL_STACK_SIZE, NULL, 5, NULL, xPortGetCoreID());
+    assert(res == pdTRUE);
 }

 void esp_dport_access_int_deinit(void)
--- a/components/esp32/ipc.c
+++ b/components/esp32/ipc.c
@ -80,8 +80,9 @@ void esp_ipc_init()
    const char* task_names[2] = {"ipc0", "ipc1"};
    for (int i = 0; i < portNUM_PROCESSORS; ++i) {
        s_ipc_sem[i] = xSemaphoreCreateBinary();
-        xTaskCreatePinnedToCore(ipc_task, task_names[i], CONFIG_IPC_TASK_STACK_SIZE, (void*) i,
-                                configMAX_PRIORITIES - 1, &s_ipc_tasks[i], i);
+        portBASE_TYPE res = xTaskCreatePinnedToCore(ipc_task, task_names[i], CONFIG_IPC_TASK_STACK_SIZE, (void*) i,
+                                                    configMAX_PRIORITIES - 1, &s_ipc_tasks[i], i);
+        assert(res == pdTRUE);
    }
 }

--- a/components/esp32/task_wdt.c
+++ b/components/esp32/task_wdt.c
@ -202,7 +202,7 @@ void esp_task_wdt_init() {
 #if CONFIG_TASK_WDT_CHECK_IDLE_TASK
    esp_register_freertos_idle_hook(idle_hook);
 #endif
-    esp_intr_alloc(ETS_TG0_WDT_LEVEL_INTR_SOURCE, 0, task_wdt_isr, NULL, NULL);
+    ESP_ERROR_CHECK( esp_intr_alloc(ETS_TG0_WDT_LEVEL_INTR_SOURCE, 0, task_wdt_isr, NULL, NULL) );
 }


--- a/components/spi_flash/cache_utils.c
+++ b/components/spi_flash/cache_utils.c
@ -48,6 +48,7 @@ static volatile int s_flash_op_cpu = -1;
 void spi_flash_init_lock()
 {
    s_flash_op_mutex = xSemaphoreCreateMutex();
+    assert(s_flash_op_mutex != NULL);
 }

 void spi_flash_op_lock()