Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MPU fault during application startup #14471

Closed
nordic-krch opened this issue Mar 13, 2019 · 2 comments
Closed

MPU fault during application startup #14471

nordic-krch opened this issue Mar 13, 2019 · 2 comments
Assignees
@ioannisg
Labels
bug The issue is a bug, or the PR is fixing a bug priority: high High impact/importance bug
Milestone
v1.14.0

Comments

@nordic-krch
Copy link
Contributor

Describe the bug
Application can hit mpu fault before starting main thread. This is caused by stack misuse. In function z_arch_switch_to_main_thread thread entry is provided as forth argument (_main). Then within the function stack pointer is changed:

zephyr/arch/arm/include/kernel_arch_func.h

Line 106 in 269935d

__set_PSP((u32_t)start_of_main_stack);

After stack is changed, call to thread entry occurs which is using _main as the argument. If variable is stored on stack, it will be fetched from stack but at that point this is already different stack and value is corrupted:

zephyr/arch/arm/include/kernel_arch_func.h

Line 115 in 269935d

z_thread_entry(_main, 0, 0, 0);

So _main variable will be corrupted.

To Reproduce
Modify hello_world example by using following prj.conf:

CONFIG_MPU_STACK_GUARD=y
CONFIG_NO_OPTIMIZATIONS=y
CONFIG_LOG=y

Steps to reproduce the behavior:

  1. mkdir build; cd build
  2. cmake -GNinja -DBOARD=nrf52840_pca10056 ..
  3. ninja flash
  4. See error
Fatal fault in essential thread! Spinning...
***** MPU FAULT *****
  Instruction Access Violation
***** Hardware exception *****
Current thread ID = 0x200005d8
Faulting instruction address = 0x20001b48
Fatal fault in essential thread! Spinning...

Expected behavior
Sample should start.

Impact
Suddenly system crashes during initialization.
@nordic-krch nordic-krch added the bug The issue is a bug, or the PR is fixing a bug label Mar 13, 2019
@ioannisg
Copy link
Member

Going to look into this.

@ioannisg
Copy link
Member

Yes, this looks like a bug. It was, probably, inserted when we refactored this file to look like a C file, instead of assembly code.

@carlescufi carlescufi changed the title Mpu fault during application startup MPU fault during application startup Mar 13, 2019
@carlescufi carlescufi added the priority: medium Medium impact/importance bug label Mar 13, 2019
@andrewboie andrewboie added this to the v1.14.0 milestone Mar 13, 2019
@ioannisg ioannisg mentioned this issue Mar 14, 2019
Merged
ioannisg added a commit to ioannisg/zephyr that referenced this issue Mar 14, 2019
@ioannisg
arch: arm: revert back to use assembly to jump to main thread
4c22089 
This commit partially reverts the changes introduced in
(bbe1a19), where the PSP
modification, the interrupt enabling, and the branch to main
thread were refactored in C functions. This introduced an issue
with stack usage when compiling without any optimization.
Reverting to use assembly functions to jump to main thread
ensures, now, that the pointer to main() is preserved intact
while changing the PSP and passed correctly to z_thread_entry().

Fixes zephyrproject-rtos#14471.

Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
@ioannisg ioannisg added priority: high High impact/importance bug and removed priority: medium Medium impact/importance bug labels Mar 14, 2019
galak pushed a commit that referenced this issue Mar 14, 2019
@ioannisg @galak
arch: arm: revert back to use assembly to jump to main thread
78618fb 
This commit partially reverts the changes introduced in
(bbe1a19), where the PSP
modification, the interrupt enabling, and the branch to main
thread were refactored in C functions. This introduced an issue
with stack usage when compiling without any optimization.
Reverting to use assembly functions to jump to main thread
ensures, now, that the pointer to main() is preserved intact
while changing the PSP and passed correctly to z_thread_entry().

Fixes #14471.

Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ioannisg ioannisg

Labels
bug The issue is a bug, or the PR is fixing a bug priority: high High impact/importance bug
Projects
None yet
Milestone
v1.14.0
Development

No branches or pull requests
4 participants
@ioannisg @andrewboie @carlescufi @nordic-krch