==2117790==ERROR: AddressSanitizer: global-buffer-overflow on address 0x64d9e3c0 at pc 0x59ac4e16 bp 0xcefe8058 sp 0xcefe8048
READ of size 1 at 0x64d9e3c0 thread T0
#0 0x59ac4e15 in up_nputs sim/up_nputs.c:54
#1 0x59a67e4c in syslog_default_write syslog/syslog_channel.c:220
#2 0x59a67823 in syslog_default_write syslog/syslog_write.c:101
#3 0x59a67f10 in syslog_write syslog/syslog_write.c:153
#4 0x59a651c3 in syslogstream_flush syslog/syslog_stream.c:60
#5 0x59a6564e in syslogstream_addchar syslog/syslog_stream.c:104
#6 0x59a6576f in syslogstream_putc syslog/syslog_stream.c:140
#7 0x5989fc4d in vsprintf_internal stdio/lib_libvsprintf.c:952
#8 0x598a1298 in lib_vsprintf stdio/lib_libvsprintf.c:1379
#9 0x59a64ea4 in nx_vsyslog syslog/vsyslog.c:223
#10 0x598a601a in vsyslog syslog/lib_syslog.c:68
#11 0x59b0e3dc in AIOTJS::logPrintf(int, char const*, ...) src/ajs_log.cpp:45
#12 0x59b03d56 in jse_dump_obj src/jse/quickjs/jse_quickjs.cpp:569
#13 0x59b03ea1 in jse_dump_error1(JSContext*, unsigned long long) src/jse/quickjs/jse_quickjs.cpp:602
#14 0x59b03dd9 in jse_dump_error(JSContext*) src/jse/quickjs/jse_quickjs.cpp:591
#15 0x59bed615 in ferry::DomComponent::callHook(char const*) src/framework/dom/component.cpp:65
#16 0x59bfe0ff in ferry::DomComponent::initialize() src/framework/dom/component.cpp:645
#17 0x59bb141d in dom_create_component(JSContext*, unsigned long long, unsigned long long, unsigned long long) (/home/wangbowen/project/central/vela_miot_bes_m0/bin/audio+0x365c41d)
#18 0x59b4c0d3 in AIOTJS::__createComponent(JSContext*, unsigned long long, int, unsigned long long*) (/home/wangbowen/project/central/vela_miot_bes_m0/bin/audio+0x35f70d3)
#19 0x5a56ec17 in js_call_c_function quickjs/quickjs.c:16108
Signed-off-by: wangbowen6 <wangbowen6@xiaomi.com>
The "p" format specifier already prepends the pointer address with "0x"
when printing.
Signed-off-by: Gustavo Henrique Nihei <gustavo.nihei@espressif.com>
Using the Kconfig macro does not work for RISC-V target, as there the
user heap follows .data/.bss and does not obey any Kconfig provided
boundary.
Added stubs for ARM and Z80 also.
Selecting this option will pass "-Map=$(TOPDIR)$(DELIM)nuttx.map" to ld
when linking NuttX ELF. That file can be useful for verifying
and debugging magic section games, and for seeing which
pieces of code get eliminated with DEBUG_OPT_UNUSED_SECTIONS.
Signed-off-by: chao.an <anchao@xiaomi.com>
Enable this option to optimization the unused input sections with the
linker by compiling with " -ffunction-sections -fdata-sections ", and
linking with " --gc-sections ".
Signed-off-by: chao.an <anchao@xiaomi.com>
Otherwise we will try to dump the state of the current task, however the
exit handler has already started doing some cleanup and invalidated its
group. Accessing the group from dumponexit will crash.
Signed-off-by: Abdelatif Guettouche <abdelatif.guettouche@espressif.com>
"error: incompatible types when assigning to type 'struct filelist *' from type 'struct filelist'
filelist = tcb->group->tg_filelist;"
Signed-off-by: Abdelatif Guettouche <abdelatif.guettouche@espressif.com>
The xxx_netinitialize is defined to a function only if
CONFIG_NET=y and CONFIG_NETDEV_LATEINIT=n. Otherwise it
is defined to an empty macro.
Signed-off-by: Petro Karashchenko <petro.karashchenko@gmail.com>
For example, task is blocked by nxsem_wait(sem1), use nxsem_wait(sem2)
in signal handler, and take sem2 successfully, after exit from signal
handler to task, nxsem_wait(sem1) returns OK, but the correct result
should be -EINTR.
Signed-off-by: Zeng Zhaoxiu <zhaoxiu.zeng@gmail.com>
Gregory Nutt has submitted the SGA
Omni Hoverboards has submitted the SGA
David Sidrane has submitted the ICLA
Mateusz Szafoni has submitted the ICLA
Sebastien Lorquet has submitted the ICLA
Paul Alexander Patience has submitted the ICLA
as a result we can migrate the licenses to Apache.
Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
This reverts commit 45672c269d.
Because:
* It's very confusing to have cc as LD.
* I don't see what "-nostartfiles -nodefaultlibs" in LDFLAGS are
supposed to do when we use LD directly. It would be simpler to
remove them from our LDFLAGS.
Cleaning during `clean_context` had the issue of remaking everything
when `menuconfig` was issued. That's because `menuconfig` has a
`clean_context` on its way.
Signed-off-by: Abdelatif Guettouche <abdelatif.guettouche@espressif.com>
use the same condition check in declaration and reference
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
Change-Id: I7b05316e914708fceeddac394d784ee3720a3c1b
since kernel component should use UTC instead local time
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
Change-Id: Icf939e1ab0af8e577105f539d2553bc67b3b3d10
instead calling kmm_heapmember or umm_heapmember because:
1.The stack supplied by caller may allocate from heap too
2.It's hard to implement these two function in ASan case
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
Change-Id: I196377822b7c4643ab4f29b7c1dc41dcd7c4dab1
All modern desgin support stack pointer and it's also an
important information, so let's standardize this interface.
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
arch: Allocate the space from the beginning in up_stack_frame
and modify the affected portion:
1.Correct the stack dump and check
2.Allocate tls_info_s by up_stack_frame too
3.Move the stack fork allocation from arch to sched
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
All supported arch uses a push-down stack:
The stack grows toward lower addresses in memory. The stack pointer
register points to the lowest, valid working address (the "top" of
the stack). Items on the stack are referenced as positive(include zero)
word offsets from sp.
Which means that for stack in the [begin, begin + size):
1.The initial SP point to begin + size
2.push equals sub and then store
3.pop equals load and then add
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
IRQs cannot be individually disabled on the eZ80, so using
`up_disable_irq()` had no effect. This left the IRQ handler being
constantly triggered without the lower half handler running.
The macro for EMAC stats was incompatible with Clang. The simplified
form gives identical results under ZDS-II.
The MII clock speed must be set before trying to read MII registers.
It's now done before resetting the PHY using the Mode Control Register.
MII initialization waited on the auto-neogotiate restart bit being set
but PHY hardware is frequently fast enough to have cleared the bit
before the first read of it. It now instead just waits on auto-negotiate
completing. The MII poll loop now uses `up_mdelay` because it was far
too fast at 50MHz using a busy loop, giving time for a link to be
established.
Bad packets are now processed enough to release their buffers back to
the EMAC hardware.
A few typos, unused variables, and other miscellaneous issues were also
fixed.
Summary:
- During repeating ostest with sabre-6quad:smp (QEMU),
I noticed that pthread_rwlock_test sometimes stops
- Finally, I found that nxtask_exit() released a critical
section too early before context switching which resulted in
selecting inappropriate TCB
- This commit fixes this issue by moving nxsched_resume_scheduler()
from nxtask_exit() to up_exit() and also removing
spin_setbit() and spin_clrbit() from nxtask_exit()
because the caller holds a critical section
- To be consistent with non-SMP cases, the above changes
were done for all CPU architectures
Impact:
- This commit affects all CPU architectures regardless of SMP
Testing:
- Tested with ostest with the following configs
- sabre-6quad:smp (QEMU, dev board), sabre-6quad:nsh (QEMU)
- spresense:wifi_smp
- sim:smp, sim:ostest
- maix-bit:smp (QEMU)
- esp32-devkitc:smp (QEMU)
- lc823450-xgevk:rndis
Signed-off-by: Masayuki Ishikawa <Masayuki.Ishikawa@jp.sony.com>
In the current compilation environment, the recursive assignment(=) for compile
flags will be delayed until every file is actually need to be compile.
For example:
--------------------------------------------------------------------------------
arch/arm/src/Makefile:
INCLUDES += ${shell $(INCDIR) "$(CC)" $(ARCH_SRCDIR)$(DELIM)chip}
INCLUDES += ${shell $(INCDIR) "$(CC)" $(ARCH_SRCDIR)$(DELIM)common}
INCLUDES += ${shell $(INCDIR) "$(CC)" $(ARCH_SRCDIR)$(DELIM)$(ARCH_SUBDIR)}
INCLUDES += ${shell $(INCDIR) "$(CC)" $(TOPDIR)$(DELIM)sched}
CPPFLAGS += $(INCLUDES) $(EXTRAFLAGS)
CFLAGS += $(INCLUDES) $(EXTRAFLAGS)
CXXFLAGS += $(INCLUDES) $(EXTRAFLAGS)
AFLAGS += $(INCLUDES) $(EXTRAFLAGS)
--------------------------------------------------------------------------------
All compilation options will be included recursively,
which will be delayed until the compilation options are actually used:
tools/Config.mk:
--------------------------------------------------------------------------------
define COMPILE
@echo "CC: $1"
$(Q) $(CC) -c $(CFLAGS) $($(strip $1)_CFLAGS) $1 -o $2
endef
--------------------------------------------------------------------------------
All compile flags to be reexecuted $(INCDIR) as long as one file needs to be compiled,
but in fact, the compilation options have not changed in the current directory.
So the we recommand to change the syntax of assignment
From
Recursive (=)
To
Simple (:=)
In this way, we can ensure that all compilation options are expanded only once and reducing repeated works.
Signed-off-by: chao.an <anchao@xiaomi.com>
and remove the special handling in the stack dump
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
Change-Id: Ia1ef9a427bd4c7f6cee9838d0445f29cfaca3998