fix(fl): add icache invalidate after upload/write to prevent stale code execution

Upload and write commands only flushed dcache but did not invalidate
icache. On platforms with instruction cache (Cortex-M7, etc.), the CPU
could fetch stale instructions from icache after code was uploaded to
RAM, causing Precise data bus errors when executing patched functions
via dpatch/tpatch.

- Add fl_invalidate_icache_cb_t callback and invalidate_icache_cb field
- Call fl_invalidate_icache() after fl_flush_dcache() in upload/write
- Register up_invalidate_icache in NuttX port
- Add 7 test cases for dcache flush and icache invalidate verification

Author: FASTSHIFT

App/func_loader/fl.c

@@ -71,6 +71,12 @@ void fl_flush_dcache(fl_context_t* ctx, const void* addr, size_t len) {
     }
 }
 
+void fl_invalidate_icache(fl_context_t* ctx, const void* addr, size_t len) {
+    if (ctx->invalidate_icache_cb) {
+        ctx->invalidate_icache_cb((uintptr_t)addr, (uintptr_t)addr + len);
+    }
+}
+
 /**
  * @brief  Check if [addr, addr+len) is a safe memory range
  * @note   Rejects NULL pointer and address overflow (wrapping past 0xFFFFFFFF)

App/func_loader/fl.h

@@ -55,6 +55,7 @@ typedef void (*fl_output_cb_t)(void* user, const char* str);
 typedef void* (*fl_malloc_cb_t)(size_t size);
 typedef void (*fl_free_cb_t)(void* ptr);
 typedef void (*fl_flush_dcache_cb_t)(uintptr_t start, uintptr_t end);
+typedef void (*fl_invalidate_icache_cb_t)(uintptr_t start, uintptr_t end);
 
 /**
  * @brief Slot state for tracking injection info
@@ -84,6 +85,9 @@ typedef struct fl_context_s {
     /* Cache flush callback (optional, for platforms with dcache) */
     fl_flush_dcache_cb_t flush_dcache_cb;
 
+    /* ICache invalidate callback (optional, for platforms with icache) */
+    fl_invalidate_icache_cb_t invalidate_icache_cb;
+
     /* Internal state (managed by fl_init) */
     bool is_inited;         /* true after first fl_init() call */
     uintptr_t last_alloc;   /* Last dynamic allocation address */

App/func_loader/fl_cmd.h

@@ -78,6 +78,11 @@ bool fl_verify_crc(int crc, uint16_t calc);
  */
 void fl_flush_dcache(fl_context_t* ctx, const void* addr, size_t len);
 
+/**
+ * @brief  Invalidate instruction cache for a memory region
+ */
+void fl_invalidate_icache(fl_context_t* ctx, const void* addr, size_t len);
+
 /**
  * @brief  Check if [addr, addr+len) is a safe memory range
  * @return true if the range is safe to access

App/func_loader/fl_cmd_mem.c

@@ -121,6 +121,9 @@ fl_error_t fl_cmd_upload(fl_context_t* ctx, const cmd_args_t* args) {
     /* Flush data cache after upload to ensure code is visible to CPU */
     fl_flush_dcache(ctx, dest, n);
 
+    /* Invalidate instruction cache to prevent stale code execution */
+    fl_invalidate_icache(ctx, dest, n);
+
     fl_response(true, "Uploaded %d bytes to 0x%lX", n, (unsigned long)dest);
     return FL_OK;
 }
@@ -218,6 +221,9 @@ fl_error_t fl_cmd_write(fl_context_t* ctx, const cmd_args_t* args) {
     /* Flush data cache */
     fl_flush_dcache(ctx, dest, n);
 
+    /* Invalidate instruction cache */
+    fl_invalidate_icache(ctx, dest, n);
+
     fl_response(true, "WRITE %d bytes to 0x%lX", n, (unsigned long)args->addr);
     return FL_OK;
 }

App/func_loader/fl_port_nuttx.c

@@ -83,6 +83,11 @@ static void nuttx_flush_dcache_cb(uintptr_t start, uintptr_t end) {
     up_flush_dcache(start, end);
 }
 
+/* Invalidate icache callback */
+static void nuttx_invalidate_icache_cb(uintptr_t start, uintptr_t end) {
+    up_invalidate_icache(start, end);
+}
+
 /* ==========================================================================
  * Memory Allocation Configuration
  * ========================================================================== */
@@ -211,6 +216,7 @@ int main(int argc, char** argv) {
         fl_init_default(&ctx);
         ctx.output_cb = nuttx_output_cb;
         ctx.flush_dcache_cb = nuttx_flush_dcache_cb;
+        ctx.invalidate_icache_cb = nuttx_invalidate_icache_cb;
 
         /* Initialize allocator */
         nuttx_alloc_init();

App/tests/mock_hardware.c

@@ -171,3 +171,19 @@ void mock_free(void* ptr) {
     (void)ptr; /* Simple bump allocator, no actual free */
     g_mock_call_stats.free_count++;
 }
+
+/* ============================================================================
+ * Mock Cache Callbacks
+ * ============================================================================ */
+
+void mock_flush_dcache(uintptr_t start, uintptr_t end) {
+    g_mock_call_stats.flush_dcache_count++;
+    g_mock_call_stats.last_dcache_start = start;
+    g_mock_call_stats.last_dcache_end = end;
+}
+
+void mock_invalidate_icache(uintptr_t start, uintptr_t end) {
+    g_mock_call_stats.invalidate_icache_count++;
+    g_mock_call_stats.last_icache_start = start;
+    g_mock_call_stats.last_icache_end = end;
+}

App/tests/mock_hardware.h

@@ -58,6 +58,12 @@ typedef struct {
     uint32_t free_count;
     size_t total_allocated;
     size_t total_freed;
+    uint32_t flush_dcache_count;
+    uint32_t invalidate_icache_count;
+    uintptr_t last_dcache_start;
+    uintptr_t last_dcache_end;
+    uintptr_t last_icache_start;
+    uintptr_t last_icache_end;
 } mock_call_stats_t;
 
 extern mock_call_stats_t g_mock_call_stats;
@@ -112,6 +118,13 @@ void mock_heap_reset(void);
 void* mock_malloc(size_t size);
 void mock_free(void* ptr);
 
+/* ============================================================================
+ * Mock Cache Callbacks (for fl_context_t)
+ * ============================================================================ */
+
+void mock_flush_dcache(uintptr_t start, uintptr_t end);
+void mock_invalidate_icache(uintptr_t start, uintptr_t end);
+
 #ifdef __cplusplus
 }
 #endif

App/tests/test_fl.c

@@ -2040,6 +2040,158 @@ void test_loader_cmd_enable_crc_mismatch(void) {
     TEST_ASSERT(mock_output_contains("CRC mismatch"));
 }
 
+/* ============================================================================
+ * Cache Flush / ICache Invalidate Tests
+ * ============================================================================ */
+
+static void setup_loader_with_cache(void) {
+    setup_loader();
+    test_ctx.flush_dcache_cb = mock_flush_dcache;
+    test_ctx.invalidate_icache_cb = mock_invalidate_icache;
+}
+
+void test_loader_upload_flushes_dcache(void) {
+    setup_loader_with_cache();
+    fl_init(&test_ctx);
+
+    const char* alloc_argv[] = {"fl", "--cmd", "alloc", "--size", "64"};
+    fl_exec_cmd(&test_ctx, 5, alloc_argv);
+
+    mock_reset_call_stats();
+
+    const char* argv[] = {"fl", "--cmd", "upload", "--addr", "0", "--data", "AQIDBA=="};
+    fl_error_t result = fl_exec_cmd(&test_ctx, 7, argv);
+
+    TEST_ASSERT_EQUAL(FL_OK, result);
+    const mock_call_stats_t* stats = mock_get_call_stats();
+    TEST_ASSERT(stats->flush_dcache_count >= 1);
+    TEST_ASSERT(stats->last_dcache_start != 0);
+    TEST_ASSERT(stats->last_dcache_end > stats->last_dcache_start);
+}
+
+void test_loader_upload_invalidates_icache(void) {
+    setup_loader_with_cache();
+    fl_init(&test_ctx);
+
+    const char* alloc_argv[] = {"fl", "--cmd", "alloc", "--size", "64"};
+    fl_exec_cmd(&test_ctx, 5, alloc_argv);
+
+    mock_reset_call_stats();
+
+    const char* argv[] = {"fl", "--cmd", "upload", "--addr", "0", "--data", "AQIDBA=="};
+    fl_error_t result = fl_exec_cmd(&test_ctx, 7, argv);
+
+    TEST_ASSERT_EQUAL(FL_OK, result);
+    const mock_call_stats_t* stats = mock_get_call_stats();
+    TEST_ASSERT(stats->invalidate_icache_count >= 1);
+    TEST_ASSERT(stats->last_icache_start != 0);
+    TEST_ASSERT(stats->last_icache_end > stats->last_icache_start);
+}
+
+void test_loader_upload_cache_range_matches(void) {
+    setup_loader_with_cache();
+    fl_init(&test_ctx);
+
+    const char* alloc_argv[] = {"fl", "--cmd", "alloc", "--size", "64"};
+    fl_exec_cmd(&test_ctx, 5, alloc_argv);
+
+    uintptr_t alloc_addr = test_ctx.last_alloc;
+    mock_reset_call_stats();
+
+    /* Upload 4 bytes at offset 0 */
+    const char* argv[] = {"fl", "--cmd", "upload", "--addr", "0", "--data", "AQIDBA=="};
+    fl_exec_cmd(&test_ctx, 7, argv);
+
+    const mock_call_stats_t* stats = mock_get_call_stats();
+    /* dcache and icache should cover the same range */
+    TEST_ASSERT_EQUAL_HEX(alloc_addr, stats->last_dcache_start);
+    TEST_ASSERT_EQUAL_HEX(alloc_addr + 4, stats->last_dcache_end);
+    TEST_ASSERT_EQUAL_HEX(alloc_addr, stats->last_icache_start);
+    TEST_ASSERT_EQUAL_HEX(alloc_addr + 4, stats->last_icache_end);
+}
+
+void test_loader_write_flushes_dcache(void) {
+    setup_loader_with_cache();
+    fl_init(&test_ctx);
+
+    const char* alloc_argv[] = {"fl", "--cmd", "alloc", "--size", "64"};
+    fl_exec_cmd(&test_ctx, 5, alloc_argv);
+
+    uintptr_t alloc_addr = test_ctx.last_alloc;
+    char addr_str[32];
+    snprintf(addr_str, sizeof(addr_str), "0x%lX", (unsigned long)alloc_addr);
+
+    mock_reset_call_stats();
+
+    const char* argv[] = {"fl", "--cmd", "write", "--addr", addr_str, "--data", "AQIDBA=="};
+    fl_error_t result = fl_exec_cmd(&test_ctx, 7, argv);
+
+    TEST_ASSERT_EQUAL(FL_OK, result);
+    const mock_call_stats_t* stats = mock_get_call_stats();
+    TEST_ASSERT(stats->flush_dcache_count >= 1);
+}
+
+void test_loader_write_invalidates_icache(void) {
+    setup_loader_with_cache();
+    fl_init(&test_ctx);
+
+    const char* alloc_argv[] = {"fl", "--cmd", "alloc", "--size", "64"};
+    fl_exec_cmd(&test_ctx, 5, alloc_argv);
+
+    uintptr_t alloc_addr = test_ctx.last_alloc;
+    char addr_str[32];
+    snprintf(addr_str, sizeof(addr_str), "0x%lX", (unsigned long)alloc_addr);
+
+    mock_reset_call_stats();
+
+    const char* argv[] = {"fl", "--cmd", "write", "--addr", addr_str, "--data", "AQIDBA=="};
+    fl_error_t result = fl_exec_cmd(&test_ctx, 7, argv);
+
+    TEST_ASSERT_EQUAL(FL_OK, result);
+    const mock_call_stats_t* stats = mock_get_call_stats();
+    TEST_ASSERT(stats->invalidate_icache_count >= 1);
+}
+
+void test_loader_no_cache_cb_no_crash(void) {
+    /* Without cache callbacks set, upload/write should still work */
+    setup_loader();
+    fl_init(&test_ctx);
+
+    /* Ensure no cache callbacks */
+    TEST_ASSERT(test_ctx.flush_dcache_cb == NULL);
+    TEST_ASSERT(test_ctx.invalidate_icache_cb == NULL);
+
+    const char* alloc_argv[] = {"fl", "--cmd", "alloc", "--size", "64"};
+    fl_exec_cmd(&test_ctx, 5, alloc_argv);
+
+    const char* argv[] = {"fl", "--cmd", "upload", "--addr", "0", "--data", "AQIDBA=="};
+    fl_error_t result = fl_exec_cmd(&test_ctx, 7, argv);
+
+    TEST_ASSERT_EQUAL(FL_OK, result);
+}
+
+void test_loader_upload_offset_cache_range(void) {
+    setup_loader_with_cache();
+    fl_init(&test_ctx);
+
+    const char* alloc_argv[] = {"fl", "--cmd", "alloc", "--size", "128"};
+    fl_exec_cmd(&test_ctx, 5, alloc_argv);
+
+    uintptr_t alloc_addr = test_ctx.last_alloc;
+    mock_reset_call_stats();
+
+    /* Upload 4 bytes at offset 16 */
+    const char* argv[] = {"fl", "--cmd", "upload", "--addr", "16", "--data", "AQIDBA=="};
+    fl_exec_cmd(&test_ctx, 7, argv);
+
+    const mock_call_stats_t* stats = mock_get_call_stats();
+    /* Cache range should be alloc_addr+16 to alloc_addr+20 */
+    TEST_ASSERT_EQUAL_HEX(alloc_addr + 16, stats->last_dcache_start);
+    TEST_ASSERT_EQUAL_HEX(alloc_addr + 20, stats->last_dcache_end);
+    TEST_ASSERT_EQUAL_HEX(alloc_addr + 16, stats->last_icache_start);
+    TEST_ASSERT_EQUAL_HEX(alloc_addr + 20, stats->last_icache_end);
+}
+
 /* ============================================================================
  * Test Runner
  * ============================================================================ */
@@ -2196,4 +2348,14 @@ void run_loader_tests(void) {
     RUN_TEST(test_loader_cmd_enable_with_crc);
     RUN_TEST(test_loader_cmd_enable_crc_mismatch);
     TEST_SUITE_END();
+
+    TEST_SUITE_BEGIN("func_loader - Cache Flush / ICache Invalidate");
+    RUN_TEST(test_loader_upload_flushes_dcache);
+    RUN_TEST(test_loader_upload_invalidates_icache);
+    RUN_TEST(test_loader_upload_cache_range_matches);
+    RUN_TEST(test_loader_write_flushes_dcache);
+    RUN_TEST(test_loader_write_invalidates_icache);
+    RUN_TEST(test_loader_no_cache_cb_no_crash);
+    RUN_TEST(test_loader_upload_offset_cache_range);
+    TEST_SUITE_END();
 }