==2117790==ERROR: AddressSanitizer: global-buffer-overflow on address 0x64d9e3c0 at pc 0x59ac4e16 bp 0xcefe8058 sp 0xcefe8048
READ of size 1 at 0x64d9e3c0 thread T0
#0 0x59ac4e15 in up_nputs sim/up_nputs.c:54
#1 0x59a67e4c in syslog_default_write syslog/syslog_channel.c:220
#2 0x59a67823 in syslog_default_write syslog/syslog_write.c:101
#3 0x59a67f10 in syslog_write syslog/syslog_write.c:153
#4 0x59a651c3 in syslogstream_flush syslog/syslog_stream.c:60
#5 0x59a6564e in syslogstream_addchar syslog/syslog_stream.c:104
#6 0x59a6576f in syslogstream_putc syslog/syslog_stream.c:140
#7 0x5989fc4d in vsprintf_internal stdio/lib_libvsprintf.c:952
#8 0x598a1298 in lib_vsprintf stdio/lib_libvsprintf.c:1379
#9 0x59a64ea4 in nx_vsyslog syslog/vsyslog.c:223
#10 0x598a601a in vsyslog syslog/lib_syslog.c:68
#11 0x59b0e3dc in AIOTJS::logPrintf(int, char const*, ...) src/ajs_log.cpp:45
#12 0x59b03d56 in jse_dump_obj src/jse/quickjs/jse_quickjs.cpp:569
#13 0x59b03ea1 in jse_dump_error1(JSContext*, unsigned long long) src/jse/quickjs/jse_quickjs.cpp:602
#14 0x59b03dd9 in jse_dump_error(JSContext*) src/jse/quickjs/jse_quickjs.cpp:591
#15 0x59bed615 in ferry::DomComponent::callHook(char const*) src/framework/dom/component.cpp:65
#16 0x59bfe0ff in ferry::DomComponent::initialize() src/framework/dom/component.cpp:645
#17 0x59bb141d in dom_create_component(JSContext*, unsigned long long, unsigned long long, unsigned long long) (/home/wangbowen/project/central/vela_miot_bes_m0/bin/audio+0x365c41d)
#18 0x59b4c0d3 in AIOTJS::__createComponent(JSContext*, unsigned long long, int, unsigned long long*) (/home/wangbowen/project/central/vela_miot_bes_m0/bin/audio+0x35f70d3)
#19 0x5a56ec17 in js_call_c_function quickjs/quickjs.c:16108
Signed-off-by: wangbowen6 <wangbowen6@xiaomi.com>
The "p" format specifier already prepends the pointer address with "0x"
when printing.
Signed-off-by: Gustavo Henrique Nihei <gustavo.nihei@espressif.com>
Otherwise we will try to dump the state of the current task, however the
exit handler has already started doing some cleanup and invalidated its
group. Accessing the group from dumponexit will crash.
Signed-off-by: Abdelatif Guettouche <abdelatif.guettouche@espressif.com>
"error: incompatible types when assigning to type 'struct filelist *' from type 'struct filelist'
filelist = tcb->group->tg_filelist;"
Signed-off-by: Abdelatif Guettouche <abdelatif.guettouche@espressif.com>
The xxx_netinitialize is defined to a function only if
CONFIG_NET=y and CONFIG_NETDEV_LATEINIT=n. Otherwise it
is defined to an empty macro.
Signed-off-by: Petro Karashchenko <petro.karashchenko@gmail.com>
## Summary
A lot of linker scripts were listed twice, once for unix, once for windows.
This PR cleans up the logic so they're only listed once.
## Impact
Any opportunity to use a single source of truth and reduce lines of code is a win!
## Testing
CI will test all build
Some toolchains may be built without libm support, but using
such toochain should not generate any errors in case if math
functions are not used in the program
Signed-off-by: Petro Karashchenko <petro.karashchenko@gmail.com>
For example, task is blocked by nxsem_wait(sem1), use nxsem_wait(sem2)
in signal handler, and take sem2 successfully, after exit from signal
handler to task, nxsem_wait(sem1) returns OK, but the correct result
should be -EINTR.
Signed-off-by: Zeng Zhaoxiu <zhaoxiu.zeng@gmail.com>
Gregory Nutt has submitted the SGA
Omni Hoverboards has submitted the SGA
David Sidrane has submitted the ICLA
Mateusz Szafoni has submitted the ICLA
Sebastien Lorquet has submitted the ICLA
Paul Alexander Patience has submitted the ICLA
as a result we can migrate the licenses to Apache.
Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
Error: wqueue/kwork_thread.c:202:3: error: format '%x' expects argument of type 'unsigned int',
but argument 4 has type 'long unsigned int' [-Werror=format=]
snprintf(args, 16, "0x%" PRIxPTR, (uintptr_t)wqueue);
Signed-off-by: Jiuzhu Dong <dongjiuzhu1@xiaomi.com>
Cleaning during `clean_context` had the issue of remaking everything
when `menuconfig` was issued. That's because `menuconfig` has a
`clean_context` on its way.
Signed-off-by: Abdelatif Guettouche <abdelatif.guettouche@espressif.com>
use the same condition check in declaration and reference
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
Change-Id: I7b05316e914708fceeddac394d784ee3720a3c1b
Printf format string requires 2 parameters, but 0
parameter was given. Add these missing parameters.
Signed-off-by: Masanari Iida <standby24x7@gmail.com>
since kernel component should use UTC instead local time
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
Change-Id: Icf939e1ab0af8e577105f539d2553bc67b3b3d10
instead calling kmm_heapmember or umm_heapmember because:
1.The stack supplied by caller may allocate from heap too
2.It's hard to implement these two function in ASan case
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
Change-Id: I196377822b7c4643ab4f29b7c1dc41dcd7c4dab1
All modern desgin support stack pointer and it's also an
important information, so let's standardize this interface.
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
Gregory Nutt is the copyright holder for those files and he has submitted the
SGA as a result we can migrate the licenses to Apache.
Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
arch: Allocate the space from the beginning in up_stack_frame
and modify the affected portion:
1.Correct the stack dump and check
2.Allocate tls_info_s by up_stack_frame too
3.Move the stack fork allocation from arch to sched
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
All supported arch uses a push-down stack:
The stack grows toward lower addresses in memory. The stack pointer
register points to the lowest, valid working address (the "top" of
the stack). Items on the stack are referenced as positive(include zero)
word offsets from sp.
Which means that for stack in the [begin, begin + size):
1.The initial SP point to begin + size
2.push equals sub and then store
3.pop equals load and then add
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
Summary:
- During repeating ostest with sabre-6quad:smp (QEMU),
I noticed that pthread_rwlock_test sometimes stops
- Finally, I found that nxtask_exit() released a critical
section too early before context switching which resulted in
selecting inappropriate TCB
- This commit fixes this issue by moving nxsched_resume_scheduler()
from nxtask_exit() to up_exit() and also removing
spin_setbit() and spin_clrbit() from nxtask_exit()
because the caller holds a critical section
- To be consistent with non-SMP cases, the above changes
were done for all CPU architectures
Impact:
- This commit affects all CPU architectures regardless of SMP
Testing:
- Tested with ostest with the following configs
- sabre-6quad:smp (QEMU, dev board), sabre-6quad:nsh (QEMU)
- spresense:wifi_smp
- sim:smp, sim:ostest
- maix-bit:smp (QEMU)
- esp32-devkitc:smp (QEMU)
- lc823450-xgevk:rndis
Signed-off-by: Masayuki Ishikawa <Masayuki.Ishikawa@jp.sony.com>
root@212cf3f52994:/tools# rx-elf-gcc -dM -E - < /dev/null | grep "__INT.*_TYPE__"|sort
#define __INT16_TYPE__ short int
#define __INT32_TYPE__ long int
#define __INT64_TYPE__ long long int
#define __INT8_TYPE__ signed char
#define __INTMAX_TYPE__ long long int
#define __INTPTR_TYPE__ long int
#define __INT_FAST16_TYPE__ int
#define __INT_FAST32_TYPE__ int
#define __INT_FAST64_TYPE__ long long int
#define __INT_FAST8_TYPE__ int
#define __INT_LEAST16_TYPE__ short int
#define __INT_LEAST32_TYPE__ long int
#define __INT_LEAST64_TYPE__ long long int
#define __INT_LEAST8_TYPE__ signed char
root@212cf3f52994:/tools#