Fix buffer overflow issue from PR #10128, since the sizeof
xcpt_reg_t is different on 32/64 bit platform.
Signed-off-by: chenxiaoyi <chenxiaoyi@xiaomi.com>
add set/get_power operation for sim_framebuffer to avoid assert
in fb_ioctl(cmd= FBIOSET_POWER/FBIOGET_POWER)
Signed-off-by: wangbowen6 <wangbowen6@xiaomi.com>
The window opens when the fb opens and closes when the fb closes.
test step: run fb demo, 1. ./nuttx 2. fb
Signed-off-by: jianglianfang <jianglianfang@xiaomi.com>
when executing ioctl AUDIOIOC_GETBUFFERINFO,the priv->pcm is still NULL,
so it will return -ENXIO,we can remove this check at the start of ioctl
and add in the case where it is used.
Signed-off-by: shipei <shipei@xiaomi.com>
When supporting high-priority interrupts, updating the
g_running_tasks within a high-priority interrupt may be
cause problems. The g_running_tasks should only be updated
when it is determined that a task context switch has occurred.
Signed-off-by: zhangyuan21 <zhangyuan21@xiaomi.com>
1. add lib_fork api in libs/libc, we need a fork() api to implement the
fork relative method, such as pthread_atfork
2. rename the assembly fork entry function name to up_fork(), and rename
the up_fork() to arch specific name, such as
sim_fork()/arm_fork()/mips_fork() etc.
Signed-off-by: guoshichao <guoshichao@xiaomi.com>
1. as we can use fork to implement vfork, so we rename the vfork to
fork, and use the fork method as the base to implement vfork method
2. create the vfork function as a libc function based on fork
function
Signed-off-by: guoshichao <guoshichao@xiaomi.com>
1. Update all CMakeLists.txt to adapt to new layout
2. Fix cmake build break
3. Update all new file license
4. Fully compatible with current compilation environment(use configure.sh or cmake as you choose)
------------------
How to test
From within nuttx/. Configure:
cmake -B build -DBOARD_CONFIG=sim/nsh -GNinja
cmake -B build -DBOARD_CONFIG=sim:nsh -GNinja
cmake -B build -DBOARD_CONFIG=sabre-6quad/smp -GNinja
cmake -B build -DBOARD_CONFIG=lm3s6965-ek/qemu-flat -GNinja
(or full path in custom board) :
cmake -B build -DBOARD_CONFIG=$PWD/boards/sim/sim/sim/configs/nsh -GNinja
This uses ninja generator (install with sudo apt install ninja-build). To build:
$ cmake --build build
menuconfig:
$ cmake --build build -t menuconfig
--------------------------
2. cmake/build: reformat the cmake style by cmake-format
https://github.com/cheshirekow/cmake_format
$ pip install cmakelang
$ for i in `find -name CMakeLists.txt`;do cmake-format $i -o $i;done
$ for i in `find -name *\.cmake`;do cmake-format $i -o $i;done
Co-authored-by: Matias N <matias@protobits.dev>
Signed-off-by: chao an <anchao@xiaomi.com>
if config_walltime_signal is enabled, NuttX_sim will receive a lot of
signals, the socket api will break and errno will be EINTR, masking irq
before calling the host socket api will avoid this problem.
Signed-off-by: zhanghongyu <zhanghongyu@xiaomi.com>
Add a new field to record the global on the basis of mm_backtrace.
When using alloc, the field is incremented by 1,
so that the memory usage can be dumped within the range
Signed-off-by: anjiahao <anjiahao@xiaomi.com>
to avoid the infinite recusive dispatch:
*0 myhandler (signo=27, info=0xf3e38b9c, context=0x0) at ltp/testcases/open_posix_testsuite/conformance/interfaces/sigqueue/7-1.c:39
*1 0x58f1c39e in nxsig_deliver (stcb=0xf4e20f40) at signal/sig_deliver.c:167
*2 0x58fa0664 in up_schedule_sigaction (tcb=0xf4e20f40, sigdeliver=0x58f1bab5 <nxsig_deliver>) at sim/sim_schedulesigaction.c:88
*3 0x58f19907 in nxsig_queue_action (stcb=0xf4e20f40, info=0xf4049334) at signal/sig_dispatch.c:115
*4 0x58f1b089 in nxsig_tcbdispatch (stcb=0xf4e20f40, info=0xf4049334) at signal/sig_dispatch.c:435
*5 0x58f31853 in nxsig_unmask_pendingsignal () at signal/sig_unmaskpendingsignal.c:104
*6 0x58f1ca09 in nxsig_deliver (stcb=0xf4e20f40) at signal/sig_deliver.c:199
*7 0x58fa0664 in up_schedule_sigaction (tcb=0xf4e20f40, sigdeliver=0x58f1bab5 <nxsig_deliver>) at sim/sim_schedulesigaction.c:88
*8 0x58f19907 in nxsig_queue_action (stcb=0xf4e20f40, info=0xf4049304) at signal/sig_dispatch.c:115
*9 0x58f1b089 in nxsig_tcbdispatch (stcb=0xf4e20f40, info=0xf4049304) at signal/sig_dispatch.c:435
*10 0x58f31853 in nxsig_unmask_pendingsignal () at signal/sig_unmaskpendingsignal.c:104
*11 0x58f1ca09 in nxsig_deliver (stcb=0xf4e20f40) at signal/sig_deliver.c:199
*12 0x58fa0664 in up_schedule_sigaction (tcb=0xf4e20f40, sigdeliver=0x58f1bab5 <nxsig_deliver>) at sim/sim_schedulesigaction.c:88
*13 0x58f19907 in nxsig_queue_action (stcb=0xf4e20f40, info=0xf40492d4) at signal/sig_dispatch.c:115
*14 0x58f1b089 in nxsig_tcbdispatch (stcb=0xf4e20f40, info=0xf40492d4) at signal/sig_dispatch.c:435
*15 0x58f31853 in nxsig_unmask_pendingsignal () at signal/sig_unmaskpendingsignal.c:104
*16 0x58f1ca09 in nxsig_deliver (stcb=0xf4e20f40) at signal/sig_deliver.c:199
*17 0x58fa0664 in up_schedule_sigaction (tcb=0xf4e20f40, sigdeliver=0x58f1bab5 <nxsig_deliver>) at sim/sim_schedulesigaction.c:88
*18 0x58f19907 in nxsig_queue_action (stcb=0xf4e20f40, info=0xf40492a4) at signal/sig_dispatch.c:115
*19 0x58f1b089 in nxsig_tcbdispatch (stcb=0xf4e20f40, info=0xf40492a4) at signal/sig_dispatch.c:435
*20 0x58f31853 in nxsig_unmask_pendingsignal () at signal/sig_unmaskpendingsignal.c:104
*21 0x58f1ca09 in nxsig_deliver (stcb=0xf4e20f40) at signal/sig_deliver.c:199
*22 0x58fa0664 in up_schedule_sigaction (tcb=0xf4e20f40, sigdeliver=0x58f1bab5 <nxsig_deliver>) at sim/sim_schedulesigaction.c:88
*23 0x58f19907 in nxsig_queue_action (stcb=0xf4e20f40, info=0xf4049274) at signal/sig_dispatch.c:115
*24 0x58f1b089 in nxsig_tcbdispatch (stcb=0xf4e20f40, info=0xf4049274) at signal/sig_dispatch.c:435
*25 0x58f31853 in nxsig_unmask_pendingsignal () at signal/sig_unmaskpendingsignal.c:104
*26 0x58f1ca09 in nxsig_deliver (stcb=0xf4e20f40) at signal/sig_deliver.c:199
*27 0x58fa0664 in up_schedule_sigaction (tcb=0xf4e20f40, sigdeliver=0x58f1bab5 <nxsig_deliver>) at sim/sim_schedulesigaction.c:88
*28 0x58f19907 in nxsig_queue_action (stcb=0xf4e20f40, info=0xf4049244) at signal/sig_dispatch.c:115
*29 0x58f1b089 in nxsig_tcbdispatch (stcb=0xf4e20f40, info=0xf4049244) at signal/sig_dispatch.c:435
*30 0x58f31853 in nxsig_unmask_pendingsignal () at signal/sig_unmaskpendingsignal.c:104
*31 0x58f1ca09 in nxsig_deliver (stcb=0xf4e20f40) at signal/sig_deliver.c:199
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
Devices connected to the same USB bus should have unique function addresses.
This was not true for root hubs with multiple ports. After this change,
enumeration is more reliable on the sama5d3-xplained board when both root hub
ports are used.
This change amounts to using one usbhost_devaddr_s object per root hub
instead of one per root hub port. For the majority of boards only one
root hub port is available so no change in behavior should be expected.
in SMP, signal processing cannot be nested, we use xcp.sigdeliver to identify whether there is currently a signal being processed, but this state does not match the actual situation
One possible scenario is that signal processing has already been completed, but an interrupt occurs, resulting in xcp.sigdeliver not being correctly set to NULL,
At this point, a new signal arrives, which can only be placed in the queue and cannot be processed immediately
Our solution is that signal processing and signal complete status are set in the same critical section, which can ensure status synchronization
Signed-off-by: hujun5 <hujun5@xiaomi.com>
Follow the change: https://github.com/apache/nuttx/pull/9151,
if MM_CUSTOMIZE_MANAGER is enabled, heap memory manager in host is used,
for example in sim:asan build.
malloc and related allocation APIs will fall back to host_realloc,
do not free memory of zero-length reallocation. So memory allocations
return valid pointer when request zero size in all sim build.
call stack:
malloc() (mm/umm_heap/umm_malloc.c)
mm_malloc() (arch/sim/src/sim/sim_heap.c)
mm_realloc() (arch/sim/src/sim/sim_heap.c)
host_realloc() (arch/sim/src/sim/posix/sim_hostmemory.c)
host_memalign() (arch/sim/src/sim/posix/sim_hostmemory.c)
Signed-off-by: fangxinyong <fangxinyong@xiaomi.com>
The fast-unwind implementation of leak-sanitizer will obtain the
current stack top/bottom and frame address(Stack Pointer) for
backtrace calculation:
https://github.com/gcc-mirror/gcc/blob/releases/gcc-13/libsanitizer/lsan/lsan.cpp#L39-L42
Since the scheduling mechanism of NuttX sim is coroutine
(setjmp/longjmp), if the Stack Pointer is switched, the fast-unwind
will unable to get the available address, so the memory leaks on the
system/application side that cannot be caught normally. This PR will
disable fast-unwind by default to avoid unwind failure.
Signed-off-by: chao an <anchao@xiaomi.com>
If CONFIG_MM_CUSTOMIZE_MANAGER enabled on sim, malloc/mmap is bypassed to glibc, so the memory allocated without execution permisson.
For this case, CONFIG_ARCH_USE_TEXT_HEAP can be used.
Signed-off-by: Huang Qi <huangqi3@xiaomi.com>
If this option is enabled, the working path of nuttx will be modified to the folder where the nuttx file is located.
Signed-off-by: yinshengkai <yinshengkai@xiaomi.com>
In the previous implementation, PerformanceCounter would cause overflow
after running for a long time, This commit will separate the calculation
of the sec/ms part to avoid this issue, Reference:
https://github.com/cygwin/cygwin/blob/main/winsup/cygwin/clock.cc#L194-L217
Signed-off-by: chao an <anchao@xiaomi.com>
sim_x11events should process all x11 events in each event loop,
otherwise it will cause events to accumulate in the queue and affect the interaction.
Signed-off-by: pengyiqiang <pengyiqiang@xiaomi.com>
Updating Simulator for macOS
macOS requires genromfs and X11 Libraries to run Simulators.
* Added instructions to install genromfs
* Added instructions to install X11
Adding Xorg Server
The linker was unable to identify the location of X11 libraries.
removed -L/opt/X11/lib from ln 145
Updating Changes to streamline with other Hosts
user_main: vfork() test
=================================================================
==3754757==ERROR: AddressSanitizer: stack-buffer-underflow on address 0xae9126f0 at pc 0x56845661 bp 0xae912570 sp 0xae912560
READ of size 1 at 0xae9126f0 thread T0
#0 0x56845660 in memcpy string/lib_memcpy.c:44
#1 0x56b70f61 in up_vfork sim/sim_vfork.c:133
#2 0x567c0b85 in vfork (/home/ligd/platform/sim/nuttx/nuttx+0x26bb85)
0xae9126f0 is located 73456 bytes inside of 73728-byte region [0xae900800,0xae912800)
allocated by thread T0 here:
#0 0xf7ab1c2f in __interceptor_posix_memalign ../../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:226
SUMMARY: AddressSanitizer: stack-buffer-underflow string/lib_memcpy.c:44 in memcpy
Signed-off-by: ligd <liguiding1@xiaomi.com>
sim/sim_doirq.c: In function 'sim_doirq':
Error: sim/sim_doirq.c:79:10: error: function may return address of local variable [-Werror=return-local-addr]
79 | return regs;
| ^~~~
sim/sim_doirq.c:44:14: note: declared here
44 | xcpt_reg_t tmp[XCPTCONTEXT_REGS];
| ^~~
Signed-off-by: ligd <liguiding1@xiaomi.com>
(0)Allocating 3 bytes aligned to 0x00000001
=================================================================
==1461685==ERROR: AddressSanitizer: invalid alignment requested in posix_memalign: 1, alignment must be a power of two and a multiple of sizeof(void*) == 4 (thread T0)
#0 0xf7ab1c2f in __interceptor_posix_memalign ../../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:226
Signed-off-by: ligd <liguiding1@xiaomi.com>
In order to make compilation warnings and errors easier to be found out,
this commit will disable the printing of the compilation process as much
as possible, and also if you want to restore the log information of the
compilation process, please enable verbose build on command line:
$ make V=0
OR
$ make V=1
| V=0: Exit silent mode
| V=1,2: Enable echo of commands
| V=2: Enable bug/verbose options in tools and scripts
Signed-off-by: chao an <anchao@xiaomi.com>
NuttX kernel should not use the syscall functions, especially after
enabling CONFIG_SCHED_INSTRUMENTATION_SYSCALL, all system functions
will be traced to backend, which will impact system performance.
Signed-off-by: chao an <anchao@xiaomi.com>
/usr/bin/ld: sim_hostusrsock.o: in function `host_usrsock_loop':
arch/sim/src/sim/posix/sim_hostusrsock.c:514: undefined reference to `usrsock_event_callback'
Signed-off-by: chao an <anchao@xiaomi.com>
/usr/bin/ld: nuttx.rel: in function `mallinfo_task':
nuttx/mm/umm_heap/umm_mallinfo.c:67: undefined reference to `mm_mallinfo_task'
Signed-off-by: dongjiuzhu1 <dongjiuzhu1@xiaomi.com>
do simple copy to instead of memset and memcpy operation because
they have been instrumented, if you access the posion area,
the system will crash.
Signed-off-by: dongjiuzhu1 <dongjiuzhu1@xiaomi.com>
Move `SIM_I2CBUS_ID` and `SIM_SPIDEV_NAME` from board to arch.
This allows you not to rely on board configuration.
Signed-off-by: xinbingnan <xinbingnan@xiaomi.com>
In file included from sim/sim_netdriver.c:73:
sim/sim_netdriver.c: In function ‘netdriver_ifup’:
sim/sim_netdriver.c:284:32: error: ‘struct net_driver_s’ has no member named ‘d_ipaddr’; did you mean ‘d_ipv6addr’?
284 | sim_netdev_ifup(devidx, dev->d_ipaddr);
| ^~~~~~~~
sim/sim_internal.h:279:67: note: in definition of macro ‘sim_netdev_ifup’
279 | # define sim_netdev_ifup(idx,ifaddr) sim_tapdev_ifup(idx,ifaddr)
|
Signed-off-by: chao an <anchao@xiaomi.com>
It takes about 10 cycles to obtain the task list according to the task
status. In most cases, we know the task status, so we can directly
add the task from the specified task list to reduce time consuming.
It takes about 10 cycles to obtain the task list according to the task
status. In most cases, we know the task status, so we can directly
delete the task from the specified task list to reduce time consuming.
In the past, header file paths were generated by the incdir command
Now they are generated by concatenating environment variables
In this way, when executing makefile, no shell command will be executed,
it will improve the speed of executing makfile
Signed-off-by: yinshengkai <yinshengkai@xiaomi.com>
In host route mode (bridge mode disabled), the d_pktsize of TAP device is not initialized and will be set to CONFIG_NET_ETH_PKTSIZE in netdev_register, while the MTU on host side keeps at 1500. Input packets larger than CONFIG_NET_ETH_PKTSIZE will be dropped because 'IP packet shorter than length in IP header'.
This patch fix this issue by reading MTU from host side and set as d_pktsize, just the same as what is done in bridge mode.
Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
When devif_loopback handles a packet (like a ping targeting at this dev), it does not call the txdone callback, breaking the tx pipeline and may left some packets unhandled, delayed until next transmit on the network interface.
Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
Share one worker between multiple simulated network devices may work most of the time, but sometimes breaks the tx pipeline when sending packets on more than one interface at the same time, and leaves some packets unprocessed in network stack, delayed until next transmit on the network interface. The rx process is likely delayed in packet processing under similar situation, so keep g_avail_work and g_recv_work the same number as interfaces.
dev0 tx1 avail tx1 done
v v
work dev0 tx1 -> dev0 tx1 -> empty -> dev1 tx2 -> dev1 tx3 -> empty
^ ^ ^ ^
dev1 tx2 avail (failed to queue) tx3 avail tx2 done tx3 done
Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
Support more than one TAP device for debugging (future) NAT and FORWARD, left WPCAP and VPNKit unchanged (force number to 1).
Although we can support at most 31 interfaces, limit to 8 like CONFIG_TUN_NINTERFACES.
Signed-off-by: wengzhe <wengzhe@xiaomi.com>
stderr is a file stream pointer not a function name. Having
it in the renaming list may introduce linking error.
Signed-off-by: gaojiawei <gaojiawei@xiaomi.com>
Situation:
Assume we have 2 cpus, and busy run task0.
CPU0 CPU1
task0 -> task1 task2 -> task0
1. remove task0 form runninglist
2. take task1 as new tcb
3. add task0 to blocklist
4. clear spinlock
4.1 remove task2 form runninglist
4.2 take task0 as new tcb
4.3 add task2 to blocklist
4.4 use svc ISR swith to task0
4.5 crash
5. use svc ISR swith to task1
Fix:
Move clear spinlock to the end of svc ISR
Signed-off-by: ligd <liguiding1@xiaomi.com>
==2117790==ERROR: AddressSanitizer: global-buffer-overflow on address 0x64d9e3c0 at pc 0x59ac4e16 bp 0xcefe8058 sp 0xcefe8048
READ of size 1 at 0x64d9e3c0 thread T0
#0 0x59ac4e15 in up_nputs sim/up_nputs.c:54
#1 0x59a67e4c in syslog_default_write syslog/syslog_channel.c:220
#2 0x59a67823 in syslog_default_write syslog/syslog_write.c:101
#3 0x59a67f10 in syslog_write syslog/syslog_write.c:153
#4 0x59a651c3 in syslogstream_flush syslog/syslog_stream.c:60
#5 0x59a6564e in syslogstream_addchar syslog/syslog_stream.c:104
#6 0x59a6576f in syslogstream_putc syslog/syslog_stream.c:140
#7 0x5989fc4d in vsprintf_internal stdio/lib_libvsprintf.c:952
#8 0x598a1298 in lib_vsprintf stdio/lib_libvsprintf.c:1379
#9 0x59a64ea4 in nx_vsyslog syslog/vsyslog.c:223
#10 0x598a601a in vsyslog syslog/lib_syslog.c:68
#11 0x59b0e3dc in AIOTJS::logPrintf(int, char const*, ...) src/ajs_log.cpp:45
#12 0x59b03d56 in jse_dump_obj src/jse/quickjs/jse_quickjs.cpp:569
#13 0x59b03ea1 in jse_dump_error1(JSContext*, unsigned long long) src/jse/quickjs/jse_quickjs.cpp:602
#14 0x59b03dd9 in jse_dump_error(JSContext*) src/jse/quickjs/jse_quickjs.cpp:591
#15 0x59bed615 in ferry::DomComponent::callHook(char const*) src/framework/dom/component.cpp:65
#16 0x59bfe0ff in ferry::DomComponent::initialize() src/framework/dom/component.cpp:645
#17 0x59bb141d in dom_create_component(JSContext*, unsigned long long, unsigned long long, unsigned long long) (/home/wangbowen/project/central/vela_miot_bes_m0/bin/audio+0x365c41d)
#18 0x59b4c0d3 in AIOTJS::__createComponent(JSContext*, unsigned long long, int, unsigned long long*) (/home/wangbowen/project/central/vela_miot_bes_m0/bin/audio+0x35f70d3)
#19 0x5a56ec17 in js_call_c_function quickjs/quickjs.c:16108
Signed-off-by: wangbowen6 <wangbowen6@xiaomi.com>