-
-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Does not work with alloc-cortex-m
#62
Comments
However, this space is shared with the stack (which grows downward from the end of the memory region.) Therefore, a growing stack may overwrite the heap (and .bss, .data). This is exactly the issue solved by
But as you can see, So, currenty, you are right: As far as I can tell, it would not be difficult to reserve some space for the heap. It may be as easy as adding some configurable value to |
Will flip-link work correctly if you place your heap in a dedicated section and tell alloc-cortex-m to use that section? The whole premise of flip-link is to ensure that stack overflows cause a hard fault and are easy to detect, but the whole premise of alloc-cortex-m seems to be that stack and heap grow towards each other. I think it is these concepts that are incompatible. |
I only skimmed over the source code of
So, if The stack will still grow downwards, and the heap upwards. I think this would be compatible with Of course, the heap size configured by the call to But that's not much different from the behavior without flip-link: Instead of memory corruption by the collision of heap+stack, one would get a HardFault because the heap would reach the end of RAM. It's still the responsibility of the developer to set the heap size appropriately. Additionally, |
To crib your picture:
|
Exactly. |
Of course. I was thinking of newly which uses the |
The easiest solution is probably to have a |
@Sympatron, in principle, that should work. However, be careful with that |
We might be able to fix that using a |
You could put it in the block that inits the allocator. You do still technically have two references in flight at the same time, but it's a very short window. {
static mut HEAP: [u8; NNN] = [0; NNN];
allocator.init(&mut HEAP, ...);
} |
@jannic That's why If you want to be extra safe you can use something like what @jonathanpallant suggested or encapsulate it in a separate crate to make it impossible to reference directly.
|
flip-link (https://github.com/knurling-rs/flip-link) moves the stack to the bottom of the ram, so that we can reliably detect when running out of stack space. As per knurling-rs/flip-link#62 this requires using alloc-cortex-m differently, using a static allocation (in .bss)
flip-link (https://github.com/knurling-rs/flip-link) moves the stack to the bottom of the ram, so that we can reliably detect when running out of stack space. As per knurling-rs/flip-link#62 this requires using alloc-cortex-m differently, using a static allocation (in .bss)
flip-link (https://github.com/knurling-rs/flip-link) moves the stack to the bottom of the ram, so that we can reliably detect when running out of stack space. As per knurling-rs/flip-link#62 this requires using alloc-cortex-m differently, using a static allocation (in .bss)
flip-link (https://github.com/knurling-rs/flip-link) moves the stack to the bottom of the ram, so that we can reliably detect when running out of stack space. As per knurling-rs/flip-link#62 this requires using alloc-cortex-m differently, using a static allocation (in .bss)
When I try to use
alloc-cortex-m
in the following fashion:Then the program panics immediately upon trying to initialize the heap, and the heap start address appears to be wrong (I am using the STM32F411, so SRAM begins at
0x2000 0000
and ends at0x2002 0000
).If I disable
flip-link
by commenting out"-C", "linker=flip-link"
in.cargo/config.toml
, then this panic does not happen, and a more reasonable start address is printed:It has occurred to me that the point of
flip-link
is to allow stack overflow errors to be caught by relying on the stack crashing into the RAM boundary. Does this mean thatflip-link
is incompatible with the use of a heap, or does the heap need to be placed above the stack in memory? If it's the latter, how would I achieve that?The text was updated successfully, but these errors were encountered: