diff --git a/src/arch/arm/include/arch/memlayout.h b/src/arch/arm/include/arch/memlayout.h index b28e0cfda1..86f5585d00 100644 --- a/src/arch/arm/include/arch/memlayout.h +++ b/src/arch/arm/include/arch/memlayout.h @@ -35,7 +35,9 @@ "TTB subtable region must be evenly divisible by table size!"); /* ARM stacks need 8-byte alignment and stay in one place through ramstage. */ -#define STACK(addr, size) REGION(stack, addr, size, 8) +#define STACK(addr, size) \ + REGION(stack, addr, size, 8) \ + _ = ASSERT(size >= 2K, "stack should be >= 2K, see toolchain.inc"); #define DMA_COHERENT(addr, size) \ REGION(dma_coherent, addr, size, SUPERPAGE_SIZE) \ diff --git a/src/arch/arm64/include/arch/memlayout.h b/src/arch/arm64/include/arch/memlayout.h index 522f1ab324..30db8481f7 100644 --- a/src/arch/arm64/include/arch/memlayout.h +++ b/src/arch/arm64/include/arch/memlayout.h @@ -27,7 +27,9 @@ /* ARM64 stacks need 16-byte alignment. The ramstage will set up its own stacks * in BSS, so this is only used for the SRAM stages. */ #ifdef __PRE_RAM__ -#define STACK(addr, size) REGION(stack, addr, size, 16) +#define STACK(addr, size) \ + REGION(stack, addr, size, 16) \ + _ = ASSERT(size >= 2K, "stack should be >= 2K, see toolchain.inc"); #else #define STACK(addr, size) REGION(preram_stack, addr, size, 16) #endif diff --git a/src/arch/mips/include/arch/memlayout.h b/src/arch/mips/include/arch/memlayout.h index 949317308d..946fcf3a56 100644 --- a/src/arch/mips/include/arch/memlayout.h +++ b/src/arch/mips/include/arch/memlayout.h @@ -24,7 +24,9 @@ /* MIPS stacks need 8-byte alignment and stay in one place through ramstage. */ /* TODO: Double-check that that's the correct alignment for our ABI. */ -#define STACK(addr, size) REGION(stack, addr, size, 8) +#define STACK(addr, size) \ + REGION(stack, addr, size, 8) \ + _ = ASSERT(size >= 2K, "stack should be >= 2K, see toolchain.inc"); #define DMA_COHERENT(addr, size) REGION(dma_coherent, addr, size, 4K) diff --git a/src/drivers/spi/spi_flash.c b/src/drivers/spi/spi_flash.c index 91fd5d3d5f..690b277592 100644 --- a/src/drivers/spi/spi_flash.c +++ b/src/drivers/spi/spi_flash.c @@ -95,6 +95,9 @@ static int spi_flash_cmd_read(struct spi_slave *spi, const u8 *cmd, return ret; } +/* TODO: This code is quite possibly broken and overflowing stacks. Fix ASAP! */ +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Wstack-usage=" int spi_flash_cmd_write(struct spi_slave *spi, const u8 *cmd, size_t cmd_len, const void *data, size_t data_len) { @@ -111,6 +114,7 @@ int spi_flash_cmd_write(struct spi_slave *spi, const u8 *cmd, size_t cmd_len, return ret; } +#pragma GCC diagnostic pop static int spi_flash_cmd_read_array(struct spi_slave *spi, u8 *cmd, size_t cmd_len, u32 offset, diff --git a/src/lib/gpio.c b/src/lib/gpio.c index b185cc2c6a..72bd7eccfd 100644 --- a/src/lib/gpio.c +++ b/src/lib/gpio.c @@ -17,6 +17,7 @@ * Foundation, Inc. */ +#include #include #include #include @@ -53,7 +54,8 @@ int gpio_base3_value(gpio_t gpio[], int num_gpio) int temp; int index; int result = 0; - char value[num_gpio]; + char value[32]; + assert(num_gpio <= 32); /* Enable internal pull up */ for (index = 0; index < num_gpio; ++index) diff --git a/src/vendorcode/google/chromeos/vboot2/verstage.c b/src/vendorcode/google/chromeos/vboot2/verstage.c index 2a2a9564db..7803d39fdf 100644 --- a/src/vendorcode/google/chromeos/vboot2/verstage.c +++ b/src/vendorcode/google/chromeos/vboot2/verstage.c @@ -119,7 +119,7 @@ static int hash_body(struct vb2_context *ctx, struct region_device *fw_main) { uint64_t load_ts; uint32_t expected_size; - MAYBE_STATIC uint8_t block[TODO_BLOCK_SIZE]; + uint8_t block[TODO_BLOCK_SIZE]; size_t block_size = sizeof(block); size_t offset; int rv; diff --git a/toolchain.inc b/toolchain.inc index 89bc55c6bb..eea0560328 100644 --- a/toolchain.inc +++ b/toolchain.inc @@ -74,6 +74,24 @@ CFLAGS_riscv += -ffunction-sections -fdata-sections CFLAGS_x86_64 += -mcmodel=large -mno-red-zone +# Some boards only provide 2K stacks, so storing lots of data there leads to +# problems. Since C rules don't allow us to statically determine the maximum +# stack use, we use 1.5K as heuristic, assuming that we typically have lots +# of tiny stack frames and the odd large one. +# +# Store larger buffers in BSS, use MAYBE_STATIC to share code with __PRE_RAM__ +# on x86. +# Since GCCs detection of dynamic array bounds unfortunately seems to be +# very basic, you'll sometimes have to use a static upper bound for the +# size and an assert() to make sure it's honored (see gpio_base3_value() +# for an example). +# (If you absolutely need a larger stack frame and are 100% sure it cannot +# cause problems, you can whitelist it with #pragma diagnostic.) +CFLAGS_arm += -Wstack-usage=1536 +CFLAGS_arm64 += -Wstack-usage=1536 +CFLAGS_mips += -Wstack-usage=1536 +CFLAGS_riscv += -Wstack-usage=1536 + toolchain_to_dir = \ $(foreach arch,$(ARCH_SUPPORTED),\ $(eval CPPFLAGS_$(arch) += \