From 3f78ca987333810f24dcc936beeb601f9dbd7a3f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Baldassari?= Date: Fri, 26 Apr 2024 13:15:15 -0400 Subject: [PATCH] ARC: fault: Fix uninitialized memory access MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Found via static analysis. In fault path when checking for stack overflows, if CONFIG_MULTITHREADING is not set, `guard_end` is left uninitialized and is subsequently used in a comparison. The solution is to simply return `false` in this configuration as stack guards are not configured in the first place. Signed-off-by: François Baldassari --- arch/arc/core/fault.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/arch/arc/core/fault.c b/arch/arc/core/fault.c index f896361ac8..763ed7a2c7 100644 --- a/arch/arc/core/fault.c +++ b/arch/arc/core/fault.c @@ -53,9 +53,8 @@ static const struct z_exc_handle exceptions[] = { */ static bool z_check_thread_stack_fail(const uint32_t fault_addr, uint32_t sp) { - uint32_t guard_end, guard_start; - #if defined(CONFIG_MULTITHREADING) + uint32_t guard_end, guard_start; const struct k_thread *thread = _current; if (!thread) { @@ -90,7 +89,6 @@ static bool z_check_thread_stack_fail(const uint32_t fault_addr, uint32_t sp) guard_end = thread->stack_info.start; guard_start = guard_end - Z_ARC_STACK_GUARD_SIZE; } -#endif /* CONFIG_MULTITHREADING */ /* treat any MPU exceptions within the guard region as a stack * overflow.As some instrustions @@ -101,6 +99,7 @@ static bool z_check_thread_stack_fail(const uint32_t fault_addr, uint32_t sp) if (fault_addr < guard_end && fault_addr >= guard_start) { return true; } +#endif /* CONFIG_MULTITHREADING */ return false; }