diff options
| author | Randall Spangler <rspangler@chromium.org> | 2013-11-07 10:53:12 -0800 |
|---|---|---|
| committer | chrome-internal-fetch <chrome-internal-fetch@google.com> | 2013-11-07 22:35:56 +0000 |
| commit | e2f851aae244c0c233064192c79f46fe0744e58f (patch) | |
| tree | bb06eb8551f7affc6c2ee3352c11cdc7679b31ff /core | |
| parent | a5d2fa9fb4fde97bced002c1ab886612a5b8f84a (diff) | |
| download | chrome-ec-e2f851aae244c0c233064192c79f46fe0744e58f.tar.gz | |
Enable stack overflow checking on all context switches
Changes somewhere in the recent past have caused I2C operations to
consume more stack space. The current failure mode is that after some
debug command or infrequent battery operation, the system fails.
Clean up and enable stack overflow detection by default, and add a
debug command (disabled by default) to verify overflow detection
works.
This adds several instructions to each context switch, but it's still
fairly inexpensive, and represents only a few percent increase in the
size of svc_handler(). That's better than silent failures.
BUG=chrome-os-partner:23938
BRANCH=none
TEST=Enable CONFIG_CMD_STACKOVERFLOW, then run the 'stackoverflow' command.
This should cause a stack overflow to be detected in the CONSOLE task.
Change-Id: I9303aee5bd9318f1d92838b399d15fb8f6a2bbf9
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/176113
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Diffstat (limited to 'core')
| -rw-r--r-- | core/cortex-m/panic.c | 2 | ||||
| -rw-r--r-- | core/cortex-m/task.c | 41 |
2 files changed, 40 insertions, 3 deletions
diff --git a/core/cortex-m/panic.c b/core/cortex-m/panic.c index 310a9d5a53..95344bbb07 100644 --- a/core/cortex-m/panic.c +++ b/core/cortex-m/panic.c @@ -327,7 +327,7 @@ static void panic_show_process_stack(const struct panic_data *pdata) /** * Display a message and reboot */ -static void panic_reboot(void) +void panic_reboot(void) { panic_puts("\n\nRebooting...\n"); system_reset(0); diff --git a/core/cortex-m/task.c b/core/cortex-m/task.c index 8ffb807b48..687572eabe 100644 --- a/core/cortex-m/task.c +++ b/core/cortex-m/task.c @@ -231,8 +231,13 @@ void svc_handler(int desched, task_id_t resched) #endif current = current_task; -#ifdef CONFIG_OVERFLOW_DETECT - ASSERT(*current->stack == STACK_UNUSED_VALUE); + +#ifdef CONFIG_DEBUG_STACK_OVERFLOW + if (*current->stack != STACK_UNUSED_VALUE) { + panic_printf("\n\nStack overflow in %s task!\n", + task_names[current - tasks]); + panic_reboot(); + } #endif if (desched && !current->events) { @@ -562,6 +567,38 @@ DECLARE_CONSOLE_COMMAND(taskready, command_task_ready, "Print/set ready tasks", NULL); +#ifdef CONFIG_CMD_STACKOVERFLOW +static void stack_overflow_recurse(int n) +{ + ccprintf("+%d", n); + + /* + * Force task context switch, since that's where we do stack overflow + * checking. + */ + msleep(10); + + stack_overflow_recurse(n+1); + + /* + * Do work after the recursion, or else the compiler uses tail-chaining + * and we don't actually consume additional stack. + */ + ccprintf("-%d", n); +} + +static int command_stackoverflow(int argc, char **argv) +{ + ccprintf("Recursing 0,"); + stack_overflow_recurse(1); + return EC_SUCCESS; +} +DECLARE_CONSOLE_COMMAND(stackoverflow, command_stackoverflow, + NULL, + "Recurse until stack overflow", + NULL); +#endif /* CONFIG_CMD_STACKOVERFLOW */ + void task_pre_init(void) { uint32_t *stack_next = (uint32_t *)task_stacks; |