#430 closed defect (fixed)
watchdog timer chain corruption
Reported by: | strauman | Owned by: | Joel Sherrill |
---|---|---|---|
Priority: | highest | Milestone: | 2 |
Component: | score | Version: | 4.6 |
Severity: | critical | Keywords: | |
Cc: | bugs@… | Blocked By: | |
Blocking: |
Description
A missing 'volatile' declaration at an obscure place
could lead to watchdog timer chain corruption if a
tick interrupt happens during the ISR_Flash in
_Watchdog_Insert().
The second diff adds protection to _Watchdog_Adjust() and
_Watchdog_Tickle() which is IMO necessary.
NOTE: new-exception processing PPC BSPs MUST also address PR288.
The 'restart' part of the Watchdog_Insert algorithm didn't
work for me for both reasons:
a) our BSP (powerpc/shared) didn't raise _ISR_Nest_level
(PR288).
b) the compiler optimized the list head into a register
which was not reloaded when the 'restart' branch was
taken.
Release:
RTEMS-4.6.0pre2
How-To-Repeat:
I patched watchdoginsert on the target to jump to a
special version of ISR_Flash (NOTE: needs to be a jump,
subroutine doesn't work because the compiler wouldn't
do the optimization in question).
The special version enabled clock interrupts only and busy looped for 1 tick before disabling clock irqs again.
This enforces taking the 'restart' branch.
Also, disassembly of _Watchdog_Insert() showed that the
list head was not reloaded after jumping to 'restart'.
Attachments (2)
Change History (2)
comment:1 Changed on 07/18/03 at 13:48:17 by Joel Sherrill
Status: | assigned → closed |
---|
State-Changed-From-To: open->closed
State-Changed-Why: Patch applied to trunk and 4.6. branch.