Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix Infinite Loop in arm_dcache.c #14490

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Fix Infinite Loop in arm_dcache.c #14490

wants to merge 2 commits into from
+1 −2

Conversation

PwnVerse
Copy link
Contributor

Infinite Loop can happen since ways is assigned to an int32_t tmpways. This can cause infinite loop if ways gets a sufficiently large integer.

void up_enable_dcache(void)
{
  uint32_t ways;
  ccr = getreg32(NVIC_CFGCON);
  ways   = CCSIDR_WAYS(ccsidr);          /* (Number of ways) - 1 */

  ARM_DSB();
  do
    {
      int32_t tmpways = ways;

      do
        {
          sw = ((tmpways << wshift) | (sets << sshift));
          putreg32(sw, NVIC_DCISW);
        }
      while (tmpways--);
    }
  while (sets--);
}

@PwnVerse
Fix Infinite Loop in arm_dcache.c
ea8b44e 
Infinite Loop can happen since `ways` is assigned to an `int32_t tmpways`. This can cause infinite loop if `ways` gets a sufficiently large integer.
@github-actions github-actions bot added Arch: arm Issues related to ARM (32-bit) architecture Size: XS The size of the change in this PR is very small labels Oct 24, 2024
xiaoxiang781216
xiaoxiang781216 reviewed Oct 24, 2024
View reviewed changes
arch/arm/src/armv7-m/arm_cache.c Outdated
@@ -529,7 +529,7 @@ void up_enable_dcache(void)
ARM_DSB();
do
{
int32_t tmpways = ways;
uint32_t tmpways = ways;
Copy link
Contributor

@xiaoxiang781216 xiaoxiang781216 Oct 24, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

but no real difference I think?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Atleast it wont be a negetive number anymore right? However I agree that it will still take a very long time to finish

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do you really get a negative number from real device? This register is read only and officially defined by arm:
https://developer.arm.com/documentation/ddi0595/2021-03/AArch32-Registers/CCSIDR--Current-Cache-Size-ID-Register.
CCSIDR_WAYS(ccsidr) expends to (ccsider >> 3) & 0x3ff, it is impossible to become a negative number.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@xiaoxiang781216 xiaoxiang781216 xiaoxiang781216 left review comments

Assignees
No one assigned
Labels
Arch: arm Issues related to ARM (32-bit) architecture Size: XS The size of the change in this PR is very small
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@PwnVerse @xiaoxiang781216