From 0fb627f2149f85659ccb0ce27140bee8151b37ed Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 26 Feb 2025 10:15:13 +1100 Subject: [PATCH 1/2] HAL_ChibiOS: added code for finding null ptr write errors gives a crash dump for easier analysis. Don't enable on production aircraft --- libraries/AP_HAL_ChibiOS/Scheduler.cpp | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/libraries/AP_HAL_ChibiOS/Scheduler.cpp b/libraries/AP_HAL_ChibiOS/Scheduler.cpp index 5d4717eee002f..9b050c7fbbe58 100644 --- a/libraries/AP_HAL_ChibiOS/Scheduler.cpp +++ b/libraries/AP_HAL_ChibiOS/Scheduler.cpp @@ -623,6 +623,19 @@ void Scheduler::check_low_memory_is_zero() } #pragma GCC diagnostic pop } + +#if 0 + /* + enable this on H7 to make writes to the first 1k of RAM on H7 + produce a hard fault and crash dump + */ + mpuConfigureRegion(MPU_REGION_7, + 0x0, + MPU_RASR_ATTR_AP_RO_RO | + MPU_RASR_SIZE_1K | + MPU_RASR_ENABLE); + mpuEnable(MPU_CTRL_PRIVDEFENA | MPU_CTRL_ENABLE); +#endif } #endif // STM32H7 From cb67ae5a9e733070a99151066feb94fd8e67d271 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 26 Feb 2025 10:26:49 +1100 Subject: [PATCH 2/2] HAL_ChibiOS: protect chEvtSignal from null waiter This fixes #29370 --- libraries/AP_HAL_ChibiOS/RCOutput.cpp | 5 +++-- libraries/AP_HAL_ChibiOS/RCOutput_bdshot.cpp | 12 +++++++++--- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/libraries/AP_HAL_ChibiOS/RCOutput.cpp b/libraries/AP_HAL_ChibiOS/RCOutput.cpp index 3e14fbd112316..a698bbc7cff92 100644 --- a/libraries/AP_HAL_ChibiOS/RCOutput.cpp +++ b/libraries/AP_HAL_ChibiOS/RCOutput.cpp @@ -1842,10 +1842,11 @@ __RAMFUNC__ void RCOutput::dma_unlock(virtual_timer_t* vt, void *p) pwm_group *group = (pwm_group *)p; group->dshot_state = DshotState::IDLE; - if (group->dshot_waiter != nullptr) { + auto *waiter = group->dshot_waiter; + if (waiter != nullptr) { // tell the waiting process we've done the DMA. Note that // dshot_waiter can be null if we have cancelled the send - chEvtSignalI(group->dshot_waiter, group->dshot_event_mask); + chEvtSignalI(waiter, group->dshot_event_mask); } chSysUnlockFromISR(); } diff --git a/libraries/AP_HAL_ChibiOS/RCOutput_bdshot.cpp b/libraries/AP_HAL_ChibiOS/RCOutput_bdshot.cpp index 801512a687d7d..50b4fec75a212 100644 --- a/libraries/AP_HAL_ChibiOS/RCOutput_bdshot.cpp +++ b/libraries/AP_HAL_ChibiOS/RCOutput_bdshot.cpp @@ -515,8 +515,11 @@ __RAMFUNC__ void RCOutput::bdshot_finish_dshot_gcr_transaction(virtual_timer_t* // although it should be possible to start the next DMAR transaction concurrently with receiving // telemetry, in practice it seems to interfere with the DMA engine if (group->shared_up_dma && group->bdshot.enabled) { - // next dshot pulse can go out now - chEvtSignalI(group->dshot_waiter, DSHOT_CASCADE); + auto *waiter = group->dshot_waiter; + if (waiter != nullptr) { + // next dshot pulse can go out now + chEvtSignalI(waiter, DSHOT_CASCADE); + } } #endif // if using input capture DMA and sharing the UP and CH channels then clean up @@ -541,7 +544,10 @@ __RAMFUNC__ void RCOutput::bdshot_finish_dshot_gcr_transaction(virtual_timer_t* } // tell the waiting process we've done the DMA - chEvtSignalI(group->dshot_waiter, group->dshot_event_mask); + auto *waiter = group->dshot_waiter; + if (waiter != nullptr) { + chEvtSignalI(waiter, group->dshot_event_mask); + } #ifdef HAL_GPIO_LINE_GPIO56 TOGGLE_PIN_DEBUG(56); #endif