FD (file descriptor) is widely used in system software development,
and almost all implementations of posix os (including nuttx) use FD as an index.
the value of fd needs to be allocated starting from the minimum available value of 3, and each process has a copy,
so the same fd value is very easy to reuse in the program.
In multi threaded or multi process environments without address isolation,
If the ownership, global variables, and competition relationships of fd are not properly handled,
there may be issues with fd duplication or accidental closure.
Further leading to the following issues, which are difficult to troubleshoot.
1. Security vulnerability: the fd we wrote is not the expected fd and will be accessed by hackers to obtain data
2. Program exceptions or crashes: write or read fd failures, and program logic errors
3. The structured file XML or database is damaged: the data format written to the database is not the expected format.
The implementation principle of fdsan is based on the implementation of Android
https://android.googlesource.com/platform/bionic/+/master/docs/fdsan.md
Signed-off-by: hujun5 <hujun5@xiaomi.com>
The setbuffer() function is a wrapper around setvbuf() which
enables full buffering on a buffer allocated by the caller, assuming
buffer is not a null pointer.
Use lib_get_stream() to fetch stdin/stdout/stderr,
since is more easy to works with other language by function call
than export native C structure memory layout.
Signed-off-by: Huang Qi <huangqi3@xiaomi.com>
This is preparation for flushing streams from user space, like it should
be done.
- Move tg_streamlist (group, kernel space) ->
ta_streamlist (TLS, user space)
- Access stream list via tg_info in kernel
- Access stream list via TLS in user space
- Remove / rename nxsched_get_streams -> lib_getstreams
- Remove system call for nxsched_get_streams
"The number of characters written if successful or negative value if an error occurred.
If the resulting string gets truncated due to buf_size limit, function returns the total
number of characters (not including the terminating null-byte) which would have been written,
if the limit was not imposed." --- https://en.cppreference.com/w/c/io/vfprintf
Signed-off-by: jihandong <jihandong@xiaomi.com>
such as code: double value = +0x1.000000000000080000000000p-600;
printf("Hello, World!! %.7g:f64\n", value);
expected output : Hello, World!! 2.40992e-181:f64
but real output : Hello, World!! 2.40992e-B1:f64
the reason: we want printf "18", but the flag of character is 'B'
and 'B' is '0'+18,so printf 'B';
but just format the low 32bits if CONFIG_LIBC_LONG_LONG isn't enabled to
avoid to expand the code space to much.
Note: the size will increase 192 bytes on stm32_tiny:nsh.
Before the change:
text data bss dec hex filename
41444 184 1656 43284 a914 nuttx
After the change:
text data bss dec hex filename
41636 184 1656 43476 a9d4 nuttx
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
and remove CONFIG_LIBC_LONG_LONG option to simplify the usage.
note: the size will increase 668
before change:
text data bss dec hex filename
168440 348 4480 173268 2a4d4 nuttx
after change:
text data bss dec hex filename
169108 348 4480 173936 2a770 nuttx
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
The "p" format specifier already prepends the pointer address with
"0x" when printing.
Signed-off-by: Gustavo Henrique Nihei <gustavo.nihei@espressif.com>
