diff options
Diffstat (limited to 'projects/cros-ec/patches/veyron/0005-cortex-m0-Use-assembly-exception-handlers-for-task-s.patch')
| -rw-r--r-- | projects/cros-ec/patches/veyron/0005-cortex-m0-Use-assembly-exception-handlers-for-task-s.patch | 219 |
1 files changed, 219 insertions, 0 deletions
diff --git a/projects/cros-ec/patches/veyron/0005-cortex-m0-Use-assembly-exception-handlers-for-task-s.patch b/projects/cros-ec/patches/veyron/0005-cortex-m0-Use-assembly-exception-handlers-for-task-s.patch new file mode 100644 index 00000000..f0175825 --- /dev/null +++ b/projects/cros-ec/patches/veyron/0005-cortex-m0-Use-assembly-exception-handlers-for-task-s.patch @@ -0,0 +1,219 @@ +From 9dd7ae82d3f3fa9dae31a442365e233a0b44cce3 Mon Sep 17 00:00:00 2001 +From: Paul Kocialkowski <contact@paulk.fr> +Date: Sat, 23 Jul 2016 14:17:32 +0200 +Subject: [PATCH 6/6] cortex-m0: Use assembly exception handlers for task + switching + +The way Cortex processors handle exceptions allows writing exception +routines directly in C, as return from exception is handled by providing +a special value for the link register. + +However, it is not safe to do this when doing context switching. In +particular, C handlers may push some general-purpose registers that +are used by the handler and pop them later, even when context switch +has happened in the meantime. While the processor will restore {r0-r3} +from the stack when returning from an exception, the C handler code +may push, use and pop another register, such as r4. + +It turns out that GCC 4.8 would generally only use r3 in svc_handler and +pendsv_handler, but newer versions tend to use r4, thus clobbering r4 +that was restored from the context switch and leading up to a fault +when r4 is used by the task code. + +An occurrence of this behaviour takes place with GCC > 4.8 in __wait_evt, +where "me" is stored in r4, which gets clobbered after an exception +triggers pendsv_handler. The exception handler uses r4 internally, does +a context switch and then restores the previous value of r4, which is +not restored by the processor's internal, thus clobbering r4. +This ends up with the following assertion failure: +'tskid < TASK_ID_COUNT' in timer_cancel() at common/timer.c:137 + +For this reason, it is safer to have assembly routines for exception +handlers that do context switching. + +BUG=chromium:631514 +BRANCH=None +TEST=Build and run speedy EC with a recent GCC version + +Change-Id: Ib068bc12ce2204aee3e0f563efcb94f15aa87013 +Signed-off-by: Paul Kocialkowski <contact@paulk.fr> +--- + core/cortex-m0/switch.S | 81 ++++++++++++++++++++++++++++++++++--------------- + core/cortex-m0/task.c | 27 +---------------- + 2 files changed, 58 insertions(+), 50 deletions(-) + +diff --git a/core/cortex-m0/switch.S b/core/cortex-m0/switch.S +index 95ea29e..d4b47cd 100644 +--- a/core/cortex-m0/switch.S ++++ b/core/cortex-m0/switch.S +@@ -7,12 +7,52 @@ + + #include "config.h" + ++#define CPU_SCB_ICSR 0xe000ed04 ++ + .text + + .syntax unified + .code 16 + + /** ++ * Start the task scheduling. r0 is a pointer to task_stack_ready, which is ++ * set to 1 after the task stack is set up. ++ */ ++.global __task_start ++.thumb_func ++__task_start: ++ ldr r2,=scratchpad @ area used as dummy thread stack for the first switch ++ movs r3, #2 @ use : priv. mode / thread stack / no floating point ++ adds r2, #17*4 @ put the pointer at the top of the stack ++ movs r1, #0 @ __Schedule parameter : re-schedule nothing ++ msr psp, r2 @ setup a thread stack up to the first context switch ++ movs r2, #1 ++ isb @ ensure the write is done ++ msr control, r3 ++ movs r3, r0 ++ movs r0, #0 @ __Schedule parameter : de-schedule nothing ++ isb @ ensure the write is done ++ str r2, [r3] @ Task scheduling is now active ++ bl __schedule @ execute the task with the highest priority ++ /* we should never return here */ ++ movs r0, #1 @ set to EC_ERROR_UNKNOWN ++ bx lr ++ ++/** ++ * SVC exception handler ++ */ ++.global svc_handler ++.thumb_func ++svc_handler: ++ push {lr} @ save link register ++ bl __svc_handler @ call svc handler helper ++ ldr r3,=current_task @ load the current task's address ++ ldr r1, [r3] @ load the current task ++ cmp r0, r1 @ compare with previous task returned by helper ++ beq svc_handler_return @ return if they are the same ++ /* continue to __switchto to switch to the new task */ ++ ++/** + * Task context switching + * + * Change the task scheduled after returning from the exception. +@@ -30,8 +70,6 @@ + * r8, r9, r10, r11, r4, r5, r6, r7, r0, r1, r2, r3, r12, lr, pc, psr + * additional registers <|> exception frame + */ +-.global __switchto +-.thumb_func + __switchto: + mrs r2, psp @ get the task stack where the context has been saved + mov r3, sp +@@ -53,29 +91,24 @@ __switchto: + mov r11, r7 + ldmia r2!, {r4-r7} @ restore r4-r7 for the next task context + msr psp, r2 @ set the process stack pointer to exception context +- bx lr @ return from exception ++ ++svc_handler_return: ++ pop {pc} @ return from exception or return to caller + + /** +- * Start the task scheduling. r0 is a pointer to task_stack_ready, which is +- * set to 1 after the task stack is set up. ++ * PendSVC exception handler + */ +-.global __task_start ++.global pendsv_handler + .thumb_func +-__task_start: +- ldr r2,=scratchpad @ area used as dummy thread stack for the first switch +- movs r3, #2 @ use : priv. mode / thread stack / no floating point +- adds r2, #17*4 @ put the pointer at the top of the stack +- movs r1, #0 @ __Schedule parameter : re-schedule nothing +- msr psp, r2 @ setup a thread stack up to the first context switch +- movs r2, #1 +- isb @ ensure the write is done +- msr control, r3 +- movs r3, r0 +- movs r0, #0 @ __Schedule parameter : de-schedule nothing +- isb @ ensure the write is done +- str r2, [r3] @ Task scheduling is now active +- bl __schedule @ execute the task with the highest priority +- /* we should never return here */ +- movs r0, #1 @ set to EC_ERROR_UNKNOWN +- bx lr +- ++pendsv_handler: ++ push {lr} @ save link register ++ ldr r0, =#CPU_SCB_ICSR @ load CPU_SCB_ICSR's address ++ movs r1, #1 @ prepare left shift (1 << 27) ++ lsls r1, #27 @ shift the bit ++ str r1, [r0] @ clear pending flag ++ cpsid i @ ensure we have priority 0 during re-scheduling ++ movs r1, #0 @ desched nothing ++ movs r0, #0 @ resched nothing ++ bl svc_handler @ re-schedule the highest priority task ++ cpsie i @ leave priority 0 ++ pop {pc} @ return from exception +diff --git a/core/cortex-m0/task.c b/core/cortex-m0/task.c +index e51621b..f96ccf8 100644 +--- a/core/cortex-m0/task.c ++++ b/core/cortex-m0/task.c +@@ -57,7 +57,6 @@ static uint32_t task_switches; /* Number of times active task changed */ + static uint32_t irq_dist[CONFIG_IRQ_COUNT]; /* Distribution of IRQ calls */ + #endif + +-extern void __switchto(task_ *from, task_ *to); + extern int __task_start(int *task_stack_ready); + + #ifndef CONFIG_LOW_POWER_IDLE +@@ -120,7 +119,7 @@ uint8_t task_stacks[0 + /* Reserve space to discard context on first context switch. */ + uint32_t scratchpad[17]; + +-static task_ *current_task = (task_ *)scratchpad; ++task_ *current_task = (task_ *)scratchpad; + + /* + * Bitmap of all tasks ready to be run. +@@ -242,18 +241,6 @@ task_ *__svc_handler(int desched, task_id_t resched) + return current; + } + +-void svc_handler(int desched, task_id_t resched) +-{ +- /* +- * The layout of the this routine (and the __svc_handler companion one) +- * ensures that we are getting the right tail call optimization from +- * the compiler. +- */ +- task_ *prev = __svc_handler(desched, resched); +- if (current_task != prev) +- __switchto(prev, current_task); +-} +- + void __schedule(int desched, int resched) + { + register int p0 asm("r0") = desched; +@@ -262,18 +249,6 @@ void __schedule(int desched, int resched) + asm("svc 0" : : "r"(p0), "r"(p1)); + } + +-void pendsv_handler(void) +-{ +- /* Clear pending flag */ +- CPU_SCB_ICSR = (1 << 27); +- +- /* ensure we have priority 0 during re-scheduling */ +- __asm__ __volatile__("cpsid i"); +- /* re-schedule the highest priority task */ +- svc_handler(0, 0); +- __asm__ __volatile__("cpsie i"); +-} +- + #ifdef CONFIG_TASK_PROFILING + void task_start_irq_handler(void *excep_return) + { +-- +2.9.0 + |