altos/stm: Validate current task SP in interrupt by looking at PSP

We use a separate stack pointer for task code, which means we can verify that it is in range in any interrupt handler. This adds checks for the task stack (under #ifdef DEBUG) that run in ao_wakeup as well as at every timer interrupt. Signed-off-by: Keith Packard <keithp@keithp.com>
author: Keith Packard <keithp@keithp.com> 2016-03-26 15:54:24 -0700
committer: Keith Packard <keithp@keithp.com> 2016-03-26 16:07:20 -0700
commit: 4fa71ecf168e275b24534a5a20e3dd4e178c7bbd (patch)
tree: d3d042dbb8a3dff4d3133959db64dd6d90055c0d /src/stm/ao_arch_funcs.h
parent: 6a9546413d6a236c010e806b50506d870961d074 (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/src/stm/ao_arch_funcs.h b/src/stm/ao_arch_funcs.h
index 02b344b1..6b38032c 100644
--- a/src/stm/ao_arch_funcs.h
+++ b/src/stm/ao_arch_funcs.h
@@ -366,6 +366,22 @@ static inline void ao_arch_restore_stack(void) {
 #define HAS_SAMPLE_PROFILE 0
 #endif
 
+#if DEBUG
+#define HAS_ARCH_VALIDATE_CUR_STACK	1
+
+static inline void
+ao_validate_cur_stack(void)
+{
+	uint8_t		*psp;
+
+	asm("mrs %0,psp" : "=&r" (psp));
+	if (ao_cur_task &&
+	    psp <= ao_cur_task->stack &&
+	    psp >= ao_cur_task->stack - 256)
+		ao_panic(AO_PANIC_STACK);
+}
+#endif
+
 #if !HAS_SAMPLE_PROFILE
 #define HAS_ARCH_START_SCHEDULER	1
author	Keith Packard <keithp@keithp.com>	2016-03-26 15:54:24 -0700
committer	Keith Packard <keithp@keithp.com>	2016-03-26 16:07:20 -0700
commit	4fa71ecf168e275b24534a5a20e3dd4e178c7bbd (patch)
tree	d3d042dbb8a3dff4d3133959db64dd6d90055c0d /src/stm/ao_arch_funcs.h
parent	6a9546413d6a236c010e806b50506d870961d074 (diff)