==2117790==ERROR: AddressSanitizer: global-buffer-overflow on address 0x64d9e3c0 at pc 0x59ac4e16 bp 0xcefe8058 sp 0xcefe8048
READ of size 1 at 0x64d9e3c0 thread T0
#0 0x59ac4e15 in up_nputs sim/up_nputs.c:54
#1 0x59a67e4c in syslog_default_write syslog/syslog_channel.c:220
#2 0x59a67823 in syslog_default_write syslog/syslog_write.c:101
#3 0x59a67f10 in syslog_write syslog/syslog_write.c:153
#4 0x59a651c3 in syslogstream_flush syslog/syslog_stream.c:60
#5 0x59a6564e in syslogstream_addchar syslog/syslog_stream.c:104
#6 0x59a6576f in syslogstream_putc syslog/syslog_stream.c:140
#7 0x5989fc4d in vsprintf_internal stdio/lib_libvsprintf.c:952
#8 0x598a1298 in lib_vsprintf stdio/lib_libvsprintf.c:1379
#9 0x59a64ea4 in nx_vsyslog syslog/vsyslog.c:223
#10 0x598a601a in vsyslog syslog/lib_syslog.c:68
#11 0x59b0e3dc in AIOTJS::logPrintf(int, char const*, ...) src/ajs_log.cpp:45
#12 0x59b03d56 in jse_dump_obj src/jse/quickjs/jse_quickjs.cpp:569
#13 0x59b03ea1 in jse_dump_error1(JSContext*, unsigned long long) src/jse/quickjs/jse_quickjs.cpp:602
#14 0x59b03dd9 in jse_dump_error(JSContext*) src/jse/quickjs/jse_quickjs.cpp:591
#15 0x59bed615 in ferry::DomComponent::callHook(char const*) src/framework/dom/component.cpp:65
#16 0x59bfe0ff in ferry::DomComponent::initialize() src/framework/dom/component.cpp:645
#17 0x59bb141d in dom_create_component(JSContext*, unsigned long long, unsigned long long, unsigned long long) (/home/wangbowen/project/central/vela_miot_bes_m0/bin/audio+0x365c41d)
#18 0x59b4c0d3 in AIOTJS::__createComponent(JSContext*, unsigned long long, int, unsigned long long*) (/home/wangbowen/project/central/vela_miot_bes_m0/bin/audio+0x35f70d3)
#19 0x5a56ec17 in js_call_c_function quickjs/quickjs.c:16108
Signed-off-by: wangbowen6 <wangbowen6@xiaomi.com>
Summary:
- I noticed that the kernel heap area overlaps the PGPOOL
- This commit fixes this issue
Impact:
- None
Testing:
- Tested with sabre-6quad:netknsh
Signed-off-by: Masayuki Ishikawa <Masayuki.Ishikawa@jp.sony.com>
so the user could disable the full image instrumentation,
but enable the instrumentation by files or directories.
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
so the user could disable the full image instrumentation,
but enable the instrumentation by files or directories.
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
without UBSan
```
text data bss dec hex filename
85612 208 142258 228078 37aee nuttx
```
with UBSan:
```
text data bss dec hex filename
194290 98164 208634 501088 7a560 nuttx
```
```c
int main(int argc, FAR char *argv[])
{
uint32_t ptr[32];
printf("Hello, World!! %lu\n", ptr[64]);
return 0;
}
```
Try to run this sample:
```
nsh> hello
ubsan_prologue: ================================================================================
ubsan_prologue: UBSAN: array-index-out-of-bounds in hello_main.c:39:37
__ubsan_handle_out_of_bounds: index 64 is out of range for type 'uint32_t [32]'
ubsan_epilogue: ================================================================================
Hello, World!! 1070182368
nsh>
```
Signed-off-by: Huang Qi <huangqi3@xiaomi.com>
This patch fixes missing comma, found by cppcheck.
rp2040_i2c_slave.c:259:0: error: failed to expand 'modbits_reg32',
Wrong number of parameters for macro 'modbits_reg32'.
Signed-off-by: Masanari Iida <standby24x7@gmail.com>
This patch fixes unbuffered mode so it actually works.
Also, patch contains fixes for possible bugs that could result in
deadlock or system hang in certain situations.
Signed-off-by: Michał Łyszczek <michal.lyszczek@bofc.pl>
Summary:
- This commit applies the following imxrt_enet.c changes to imx_enet.c
commit 522a949ed5
Author: David Sidrane <David.Sidrane@NscDg.com>
Date: Wed Jul 13 11:00:11 2022 -0700
imxrt:enet Better interrupt state handeling
- NOTE: I also fixed typo and compile error in the above commit
Impact:
- imx_enet.c
Testing:
- Tested with qemu-6.2
Signed-off-by: Masayuki Ishikawa <Masayuki.Ishikawa@jp.sony.com>
Summary:
- This commit applies the following imxrt_enet.c changes to imx_enet.c
commit 81f03a9151
Author: David Sidrane <David.Sidrane@NscDg.com>
Date: Tue Mar 15 14:27:51 2022 -0700
imxrt:ETH Add Support for ETH2
Impact:
- imx_enet.c
Testing:
- Tested with qemu-6.2
Signed-off-by: Masayuki Ishikawa <Masayuki.Ishikawa@jp.sony.com>
This change adds support for the following features:
- injected channels (default: 0)
- ADC resolution (default: 12bit)
- ADC low-level operations
- ADC external triggers
- custom ADC interrupts
- ADC sample time configuration
- configurable ADC SCAN mode (default on if DMA)
- configurable ADC DMA mode (default: one shot mode)
- reset the ADC block only if all ADC instances are closed
This change adds support for the following features:
1. PWM complementary outputs
2. interface for low-level PWM operations
3. support for all PWM channel modes
4. support for internal PWM channels (TIM1/TIM8)
5. support for PWM channel polarity and IDLE state
6. support for TRGO and BREAK
Kientis:edma Cleanup
Kinetis:EDMA Interrupt on last TCD
Kintis:edma remove dcache operations on passed data
Data can be chained in TCD and both read and write
can be in the chain. So the dmach ttype is not
relevent for all; the TCDs. Therefor we only perform
dcache operations on internal strutures, The caller
must perform dcache operations on their data.
kinetis:EDMA TCD Alignment of 32 Bytes to support Scatter/Gather
Summary:
- I noticed that ps shows incorrect stack usage when running
getprime in the background.
- With CONFIG_ARCH_ADDRENV=y, a user task including pthread
allocates its stack in the user space that needs to be
accessed with a correct address environment.
- This commit fixes this issue.
Impact:
- CONFIG_ARCH_ADDRENV=y only
Testing:
- Tested with sabre-6quad:knsh on qemu-6.2
Signed-off-by: Masayuki Ishikawa <Masayuki.Ishikawa@jp.sony.com>
ld: arch/libarch.a(cxd56_allocateheap.c.obj): in function `up_allocate_heap':
arch/arm/src/cxd56xx/cxd56_allocateheap.c:113: multiple definition of `up_allocate_heap'; arch/libarch.a(arm_allocateheap.c.obj):
arch/arm/src/common/arm_allocateheap.c:110: first defined here
Signed-off-by: chao.an <anchao@xiaomi.com>
arch/arm/src/common/arm_hostfs.c: In function 'host_read':
arch/arm/src/common/arm_hostfs.c:156:24:
warning: passing argument 1 of 'up_invalidate_dcache' makes integer from pointer without a cast [-Wint-conversion]
156 | up_invalidate_dcache(buf, buf + count);
| ^~~
| |
| void *
In file included from arch/arm/src/common/arm_hostfs.c:26:
include/nuttx/cache.h:261:37: note: expected 'uintptr_t' {aka 'unsigned int'} but argument is of type 'void *'
261 | void up_invalidate_dcache(uintptr_t start, uintptr_t end);
| ~~~~~~~~~~^~~~~
Signed-off-by: chao.an <anchao@xiaomi.com>