There is a false positive in asan of gcc-13, we need to mask it to ensure that other parts work properly
sanitizer_common/sanitizer_common_interceptors.inc:
// FIXME: under ASan the call below may write to freed memory and corrupt
// its metadata. See
// https://github.com/google/sanitizers/issues/321.
==572161==ERROR: AddressSanitizer: dynamic-stack-buffer-overflow on address 0xed3d3f00 at pc 0xef46af64 bp 0xed3d3de8 sp 0xed3d39bc
WRITE of size 128 at 0xed3d3f00 thread T0
#0 0xef46af63 in __interceptor_pthread_sigmask ../../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:4419
#1 0x5486aa7d in up_irq_save sim/posix/sim_hostirq.c:97
Signed-off-by: yinshengkai <yinshengkai@xiaomi.com>
It can only read the contents of the first buffer, so fblen should be changed to ensure that it can read the second buffer as well.
Signed-off-by: jianglianfang <jianglianfang@xiaomi.com>
Summary:
1. Add nuttx/atomic.h in include
2. Use nuttx/atomic.h instead of stdatomic.h in the nuttx directory
Signed-off-by: chenrun1 <chenrun1@xiaomi.com>
sim/posix/sim_alsa.c:728:24: runtime error: member
access within null pointer of type 'const struct sim_codec_ops_s'
Signed-off-by: jinxiuxu <jinxiuxu@xiaomi.com>
when the vsync comes, fb drivers should call fb_vsync_pollnotify to notify POLLPRI, so that users can catch the synchronization time of vsync and do something.
Signed-off-by: jianglianfang <jianglianfang@xiaomi.com>
==263401==ERROR: AddressSanitizer: stack-use-after-return on address 0xf515f260 at pc 0x042434f0 bp 0x9ac24e78 sp 0x9ac24e68
WRITE of size 4 at 0xf515f260 thread T0
#0 0x42434ef in nxsem_get_value semaphore/sem_getvalue.c:65
#1 0x413110d in work_thread wqueue/kwork_thread.c:195
#2 0x412c4f6 in nxtask_start task/task_start.c:129
#3 0x427b1fc in pre_start sim/sim_initialstate.c:52
Address 0xf515f260 is located in stack of thread T0 at offset 32 in frame
#0 0x928c9e3 in host_settimer sim/posix/sim_hosttime.c:104
This frame has 1 object(s):
[32, 48) 'it' (line 105) <== Memory access at offset 32 is inside this variable
HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork
(longjmp and C++ exceptions *are* supported)
Signed-off-by: cuiziwei <cuiziwei@xiaomi.com>
This commit adds missing add_link_options to specify sanitizers
also during linking stage.
Signed-off-by: Daniel Jasinski <jasinskidaniel95szcz@gmail.com>
This adds explicit `void mm_free_delaylist(heap)` interface so that
to force freeing the heap's delaylist.
Signed-off-by: Yanfeng Liu <yfliu2008@qq.com>
The link script of NuttX Simulator is generated through compilation
options. This PR will support configure special data sections in
kconfig to meet the support of 3rd party applications.
we need to follow the syntax of linker script. In 3rd-party applications, some data will be labeled as section:
| a.c:
| struct task_s a __attribute__((section(".data.custom.taska")));
| b.c:
| struct task_s b __attribute__((section(".data.custom.taskb")));
Data of the same type struct can be placed in a fixed location to reduce the overhead caused by searching:
| .data :
| {
| _custom_data_table_start = .;
| KEEP(*(.data.custom.*))
| _custom_data_table_end = .;
| }
Such section declare can be configured via Kconfig in the PR:
| CONFIG_SIM_CUSTOM_DATA_SECTION=" .data : { _custom_data_table_start = .; KEEP(*(.data.custom.*)) _custom_data_table_end = .; } "
Signed-off-by: chao an <anchao@lixiang.com>
sometimes ubsan work with asan trigger a mistake report, make it
possible to export library with ubsan, and bypass runtime feature.
Signed-off-by: buxiasen <buxiasen@xiaomi.com>
Only in the non-critical region, nuttx can the respond to the irq and not hold the lock
When returning from the irq, there is no need to check whether the lock needs to be restored
test:
We can use qemu for testing.
compiling
make distclean -j20; ./tools/configure.sh -l qemu-armv8a:nsh_smp ;make -j20
running
qemu-system-aarch64 -cpu cortex-a53 -smp 4 -nographic -machine virt,virtualization=on,gic-version=3 -net none -chardev stdio,id=con,mux=on -serial chardev:con -mon chardev=con,mode=readline -kernel ./nuttx
Signed-off-by: hujun5 <hujun5@xiaomi.com>
when repeatedly enabling and disabling string-controlled configurations,
the generated toolchain configuration may be incorrect.
Signed-off-by: xuxin19 <xuxin19@xiaomi.com>
Extracting global variable information using scripts:
kasan_global.py:
1. Extract the global variable information provided by the -- param asan globals=1 option
2. Generate shadow regions for global variable out of bounds detection
Makefile:
1. Implement multiple links, embed the shadow area into the program, and call it by the Kasan module
Signed-off-by: W-M-R <mike_0528@163.com>