This is an automated email from Gerrit.
"Antonio Borneo <borneo.anto...@gmail.com>" just uploaded a new patch set to
Gerrit, which you can find at https://review.openocd.org/c/openocd/+/7392
-- gerrit
commit 85e05cd372f9ef85cb9f54ce487af6efb4aa83bb
Author: Antonio Borneo <borneo.anto...@gmail.com>
Date: Sat Dec 10 18:19:54 2022 +0100
arm_adi_v5: fix SIGSEGV due to failing re-examine
Commit 35a503b08d14 ("arm_adi_v5: add ap refcount and add get/put
around ap use") modifies the examine functions of mem_ap, cortex_m,
cortex_a and aarch64 by calling dap_put_ap() and then looking again
for the mem-ap and calling dap_get_ap().
This causes an issue if the system is irresponsive and the examine
fails and left the AP pointer to NULL. If the system was already
examined the NULL pointer will cause a SIGSEGV.
Commit b6dad912b85d ("target/cortex_m: prevent segmentation fault
in cortex_m_poll()") proposes a fix for one specific case and only
on cortex_m.
Modify all the examine functions by skipping look-up for the AP if
it was already set in a previous examine; the target's AP is not
supposed to change during runtime.
Remove the partial fix for cortex_m as it is not needed anymore.
Change-Id: I806ec3b1b02fcc76e141c8dd3a65044febbf0a8c
Signed-off-by: Antonio Borneo <borneo.anto...@gmail.com>
Fixes: 35a503b08d14 ("arm_adi_v5: add ap refcount and add get/put around ap
use")
diff --git a/src/target/aarch64.c b/src/target/aarch64.c
index 8592daa167..8e90e64007 100644
--- a/src/target/aarch64.c
+++ b/src/target/aarch64.c
@@ -2546,23 +2546,20 @@ static int aarch64_examine_first(struct target *target)
if (!pc)
return ERROR_FAIL;
- if (armv8->debug_ap) {
- dap_put_ap(armv8->debug_ap);
- armv8->debug_ap = NULL;
- }
-
- if (pc->adiv5_config.ap_num == DP_APSEL_INVALID) {
- /* Search for the APB-AB */
- retval = dap_find_get_ap(swjdp, AP_TYPE_APB_AP,
&armv8->debug_ap);
- if (retval != ERROR_OK) {
- LOG_ERROR("Could not find APB-AP for debug access");
- return retval;
- }
- } else {
- armv8->debug_ap = dap_get_ap(swjdp, pc->adiv5_config.ap_num);
- if (!armv8->debug_ap) {
- LOG_ERROR("Cannot get AP");
- return ERROR_FAIL;
+ if (!armv8->debug_ap) {
+ if (pc->adiv5_config.ap_num == DP_APSEL_INVALID) {
+ /* Search for the APB-AB */
+ retval = dap_find_get_ap(swjdp, AP_TYPE_APB_AP,
&armv8->debug_ap);
+ if (retval != ERROR_OK) {
+ LOG_ERROR("Could not find APB-AP for debug
access");
+ return retval;
+ }
+ } else {
+ armv8->debug_ap = dap_get_ap(swjdp,
pc->adiv5_config.ap_num);
+ if (!armv8->debug_ap) {
+ LOG_ERROR("Cannot get AP");
+ return ERROR_FAIL;
+ }
}
}
diff --git a/src/target/cortex_a.c b/src/target/cortex_a.c
index 7286a305ba..07796d57ca 100644
--- a/src/target/cortex_a.c
+++ b/src/target/cortex_a.c
@@ -2874,23 +2874,20 @@ static int cortex_a_examine_first(struct target *target)
int retval = ERROR_OK;
uint32_t didr, cpuid, dbg_osreg, dbg_idpfr1;
- if (armv7a->debug_ap) {
- dap_put_ap(armv7a->debug_ap);
- armv7a->debug_ap = NULL;
- }
-
- if (pc->ap_num == DP_APSEL_INVALID) {
- /* Search for the APB-AP - it is needed for access to debug
registers */
- retval = dap_find_get_ap(swjdp, AP_TYPE_APB_AP,
&armv7a->debug_ap);
- if (retval != ERROR_OK) {
- LOG_ERROR("Could not find APB-AP for debug access");
- return retval;
- }
- } else {
- armv7a->debug_ap = dap_get_ap(swjdp, pc->ap_num);
- if (!armv7a->debug_ap) {
- LOG_ERROR("Cannot get AP");
- return ERROR_FAIL;
+ if (!armv7a->debug_ap) {
+ if (pc->ap_num == DP_APSEL_INVALID) {
+ /* Search for the APB-AP - it is needed for access to
debug registers */
+ retval = dap_find_get_ap(swjdp, AP_TYPE_APB_AP,
&armv7a->debug_ap);
+ if (retval != ERROR_OK) {
+ LOG_ERROR("Could not find APB-AP for debug
access");
+ return retval;
+ }
+ } else {
+ armv7a->debug_ap = dap_get_ap(swjdp, pc->ap_num);
+ if (!armv7a->debug_ap) {
+ LOG_ERROR("Cannot get AP");
+ return ERROR_FAIL;
+ }
}
}
diff --git a/src/target/cortex_m.c b/src/target/cortex_m.c
index 1863441674..2472e38e20 100644
--- a/src/target/cortex_m.c
+++ b/src/target/cortex_m.c
@@ -879,16 +879,6 @@ static int cortex_m_poll(struct target *target)
struct cortex_m_common *cortex_m = target_to_cm(target);
struct armv7m_common *armv7m = &cortex_m->armv7m;
- /* Check if debug_ap is available to prevent segmentation fault.
- * If the re-examination after an error does not find a MEM-AP
- * (e.g. the target stopped communicating), debug_ap pointer
- * can suddenly become NULL.
- */
- if (!armv7m->debug_ap) {
- target->state = TARGET_UNKNOWN;
- return ERROR_TARGET_NOT_EXAMINED;
- }
-
/* Read from Debug Halting Control and Status Register */
retval = cortex_m_read_dhcsr_atomic_sticky(target);
if (retval != ERROR_OK) {
@@ -2311,23 +2301,20 @@ int cortex_m_examine(struct target *target)
/* hla_target shares the examine handler but does not support
* all its calls */
if (!armv7m->is_hla_target) {
- if (armv7m->debug_ap) {
- dap_put_ap(armv7m->debug_ap);
- armv7m->debug_ap = NULL;
- }
-
- if (cortex_m->apsel == DP_APSEL_INVALID) {
- /* Search for the MEM-AP */
- retval = cortex_m_find_mem_ap(swjdp, &armv7m->debug_ap);
- if (retval != ERROR_OK) {
- LOG_TARGET_ERROR(target, "Could not find MEM-AP
to control the core");
- return retval;
- }
- } else {
- armv7m->debug_ap = dap_get_ap(swjdp, cortex_m->apsel);
- if (!armv7m->debug_ap) {
- LOG_ERROR("Cannot get AP");
- return ERROR_FAIL;
+ if (!armv7m->debug_ap) {
+ if (cortex_m->apsel == DP_APSEL_INVALID) {
+ /* Search for the MEM-AP */
+ retval = cortex_m_find_mem_ap(swjdp,
&armv7m->debug_ap);
+ if (retval != ERROR_OK) {
+ LOG_TARGET_ERROR(target, "Could not
find MEM-AP to control the core");
+ return retval;
+ }
+ } else {
+ armv7m->debug_ap = dap_get_ap(swjdp,
cortex_m->apsel);
+ if (!armv7m->debug_ap) {
+ LOG_ERROR("Cannot get AP");
+ return ERROR_FAIL;
+ }
}
}
diff --git a/src/target/mem_ap.c b/src/target/mem_ap.c
index a662506937..50dc91c7b7 100644
--- a/src/target/mem_ap.c
+++ b/src/target/mem_ap.c
@@ -136,15 +136,12 @@ static int mem_ap_examine(struct target *target)
struct mem_ap *mem_ap = target->arch_info;
if (!target_was_examined(target)) {
- if (mem_ap->ap) {
- dap_put_ap(mem_ap->ap);
- mem_ap->ap = NULL;
- }
-
- mem_ap->ap = dap_get_ap(mem_ap->dap, mem_ap->ap_num);
if (!mem_ap->ap) {
- LOG_ERROR("Cannot get AP");
- return ERROR_FAIL;
+ mem_ap->ap = dap_get_ap(mem_ap->dap, mem_ap->ap_num);
+ if (!mem_ap->ap) {
+ LOG_ERROR("Cannot get AP");
+ return ERROR_FAIL;
+ }
}
target_set_examined(target);
target->state = TARGET_UNKNOWN;
--
