Uploaded image for project: 'Embedded Software & Tools'
  1. Embedded Software & Tools
  2. EXT_EP-10980

IPC: stack corruption of taskWaiter used in RPMessage_getRemoteEndPt

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: High High
    • PDK
    • PDK-12213
    • PROCESSOR_SDK_08.00.00
    • PROCESSOR_SDK_10.00.00
    • Hide
      j721e-evm
      j7200-evm
      j721s2-evm
      j784s4-evm
      Show
      j721e-evm j7200-evm j721s2-evm j784s4-evm

      Description
      The RPMessage_getRemoteEndPtToken() function is used for looking up published end-points. If the function is invoked before any end-point is published, a taskWaiter element is used and added to a global queue that the RPMessage_ctrlMsgTask uses in the RPMessage_processAnnounceMsg() function to wake up the waiting thread.

      The taskWaiter element is actually from the calling thread stack, and being added to a global queue using the stack variables as is. Customer is claiming that the pOsalPrms->lockHIsrGate(module.gateSwi) used to disable interrupts is not protecting against SVC instructions, and causing a stack corruption.

      Resolution
      Added a pool of 256 task waiter elements. During assignment a free one is assigned and added to queue. During free the task waiter element is identified by using proc id, service name and occupancy and same is removed from queue.

            syncuser TI User
            syncuser TI User
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: