[PR] arch/arm: Fix crash when using memcpy/memset as RAMFUNCS [nuttx]

Wed, 19 Mar 2025 05:10:18 -0700 


alexcekay opened a new pull request, #16019:
URL: https://github.com/apache/nuttx/pull/16019

   ## Summary
   
   Add `no_builtin` for `memcpy/memset` to the startup code of boards
   with `CONFIG_ARCH_RAMFUNCS`, because certain compilers call `memcpy/memset`
   instead of the explicit `for` loop. This will cause a crash if 
`memcpy/memset`
   are mapped to RAM because the function that copies them to RAM is called 
later,
   resulting in undefined code being executed.
   
   ## Impact
   - Using `memcpy/memset` as RAMFUNCS is possible
   
   ## Testing
   
   - The problem was observed with the following compiler: `arm-none-eabi-gcc 
(15:13.2.rel1-2) 13.2.1 20231009`
     - This is the default `arm-none-eabi-gcc` that is currently used on Ubuntu 
Noble 
   - Was tested with a STM32F765
   
   ### Testing logs before
   Before the patch there was a call to `memset` in the startup:
   ```
   0  0x000006c4 in memset (s=0x20021b00 <g_intstackalloc>, c=c@entry=0, 
n=91844) at /home/alex/[...]/nuttx/libs/libc/string/lib_memset.c:73
   #1  0x0800a804 in __start () at 
/home/alex/[...]/nuttx/arch/arm/src/stm32f7/stm32_start.c:194
   #2  0x08000306 in ?? ()
   ```
   As can be seen the address of `memset` it is in non initialized storage.
   
   ### Testing logs after
   After the patch there is no more call to `memset/memcpy`:
   ```
   #0  __start () at 
/home/alex/[...]/nuttx/arch/arm/src/stm32f7/stm32_start.c:196
   #1  0x08000306 in ?? ()
   ```
   ```
      0x0800a834 <+80>:    bl      0x814039c <stm32_boardinitialize()>          
                                                                                
                                               
      0x0800a838 <+84>:    bl      0x800a884 <up_enable_icache>                 
                                                                                
                                               
      0x0800a83c <+88>:    bl      0x800a8ac <up_enable_dcache>                 
                                                                                
                                               
      0x0800a840 <+92>:    bl      0x800b894 <arm_earlyserialinit>              
                                                                                
                                               
      0x0800a844 <+96>:    bl      0x800d290 <nx_start>                         
                                                                                
                                               
   => 0x0800a848 <+100>:   str.w   r1, [r3], #4                                 
                                                                                
                                               
      0x0800a84c <+104>:   b.n     0x800a7f0 <__start+12>
      0x0800a84e <+106>:   ldr.w   r0, [r2], #4
      0x0800a852 <+110>:   str.w   r0, [r3], #4
      0x0800a856 <+114>:   b.n     0x800a7fa <__start+22>
      0x0800a858 <+116>:   ldr.w   r0, [r2], #4
      0x0800a85c <+120>:   str.w   r0, [r3], #4
      0x0800a860 <+124>:   b.n     0x800a804 <__start+32>
   ```
   This way a successful boot is possible.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscr...@nuttx.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Reply via email to