The compiler warning was:
../../../cpukit/libmisc/rtems-fdt/rtems-fdt.c:267:5: warning:
'strncpy' specified bound depends on the length of the source argument
267 | strncpy(path, name, namelen);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
It turns out that the `strncpy()` nor the buffer `path` is needed when
one uses `strncmp()` instead of `strcmp()`. This needs some change to
the algorithm but has the advantage that `name` is never truncated
to the size of the buffer `path`.
Prevent a call to _SMP_lock_Stats_register_or_max_section_time(). This fixes a
thread stack corruption in case RTEMS_PROFILING and RTEMS_SMP is enabled.
Close#4157.
Add a workaround for Cortex-A9 Errata 845369: A short loop including a DMB
instruction might cause a denial of service on another which executes a CP15
broadcast operation.
Close#4115.
Add a workaround for Cortex-A9 Errata 845369: Under Very Rare Timing
Circumstances Transition into Streaming Mode Might Create Data Corruption.
Update #4115.
The compiler warning was:
../../../cpukit/libmisc/rtems-fdt/rtems-fdt.c:267:5: warning:
'strncpy' specified bound depends on the length of the source argument
267 | strncpy(path, name, namelen);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
It turns out that the `strncpy()` nor the buffer `path` is needed when
one uses `strncmp()` instead of `strcmp()`. This needs some change to
the algorithm but has the advantage that `name` is never truncated
to the size of the buffer `path`.
Note:
rtems-fdt.c, rtems-fdt-shell.c and cpukit/include/rtems/rtems-fdt.h
seem to be dead code. They implement a shell command `fdt` but that
command is not part of the shell nor of any macro in
cpukit/include/rtems/shellconfig.h.
Using strlcpy() instead of strncpy():
1) Prevents the compiler warnings
2) Ensures, the string is NUL terminated.
3) Avoids that strncpy() unnecessary fills the unused part of the buffer with
0 bytes.
(Note that realpath() also returns NULL if the file does not exist - that
happens always if someone creates a new file with the editor of the shell.)
This is an illegal use of strcpy() because one is not allowed to
use this function with overlapping source and destination buffers;
whereas memmove() is explicitly designed to handle such cases.
The copiler warning was:
../../../cpukit/libmisc/shell/shell.c:626:13: warning:
'strcpy' accessing between 1 and 2147483645 bytes at offsets
0 and [1, 2147483647] may overlap up to 2147483644 bytes at
offset [1, 2147483644] [-Wrestrict]
This patch fixes a compiler warning:
../../../testsuites/fstests/fsdosfsname01/init.c:430:19: warning:
'%s' directive output may be truncated writing up to 6424 bytes into
a region of size 257 [-Wformat-truncation=]
The buffer 'dirname' is exactly large enough so that no truncation
can ever occur. Using the return value of snprintf() is an official
supported way to suppress the warning.
I considered the comment of Joel Sherrill about not replacing snprintf():
https://lists.rtems.org/pipermail/devel/2020-September/062113.html
This fixes warnings like this:
warning: implicit declaration of function 'rtems_interrupt_disable'
warning: implicit declaration of function 'rtems_interrupt_enable'
warning: implicit declaration of function 'rtems_interrupt_flash'
When I use the 'shell' from the fileio sample with the command below:
env QEMU_AUDIO_DRV="none" \
qemu-system-arm -no-reboot -net none -nographic -M realview-pbx-a9 \
-m 256M \
-kernel build/arm/realview_pbx_a9_qemu/testsuites/samples/fileio.exe
The executable crashes with an "BLOWN STACK!!!" as soon as I try to login
as 'root' with password. (The logins without password work fine.)
Increasing the stack size of the affected thread a bit solves the issue.
Hence, I suggest this patch.
My config.ini was
[arm/realview_pbx_a9_qemu]
RTEMS_DEBUG = True
RTEMS_NETWORKING = True
RTEMS_POSIX_API = True
RTEMS_SMP = True
BUILD_TESTS = True
RTEMS origin.master at a479686c11Close#4143
The shell has an 'fdisk' command which has sub-commands 'mount' and 'unmount'.
These two sub-commands have a bug which causes them to be not able
to mount anything. This proposed patch removes the buggy file
cpukit/libblock/src/bdpart-mount.c and the mount/unmount commands
from 'fdisk' as bug fix. The 'fdisk' command itself is not removed.
The reasons for removing the sub-commands (instead of fixing the issue) are:
1) The bug has been introduced on 2010-May-31 with commit
29e92b090c. Since ten years no one
can use this feature, nor has anybody complained about it.
2) Besides of the 'fdisk' 'mount' sub-command, the shell has the
usual 'mount' and 'unmount' commands which can serve as
substitutes.
3) There are additional minor issues (see further down) which needed to
be addressed when the file will be kept.
What follows below is the precise bug description.
The bug is in function rtems_bdpart_mount() which is only be used
by the 'fdisk' shell command to mount all partitions of a disk with a
single command:
> fdisk DISK_NAME mount
> mounts the file system of each partition of the disk
>
> fdisk DISK_NAME unmount
> unmounts the file system of each partition of the disk
The whole command does not work because in file
cpukit/libblock/src/bdpart-mount.c line 103 specifies the file system type
of each partition to be "msdos". Yet, "msdos" does not exist. The name
must be "dosfs".
Beside of this fundamental problem, there are more issues with the code
in bdpart-mount.c:
1) The function returns RTEMS_SUCCESSFUL despite the mount always fails.
2) The reason for errors is not written to the terminal.
3) The directory '/mnt' is created but not deleted later on (failure or not).
3) There is no documentation about this special 'fdisk' feature in the
RTEMS Shell Guide ('fdisk' is mentioned but its documentation is a
bit short):
https://docs.rtems.org/branches/master/shell/
file_and_directory.html#fdisk-format-disk
4) Only "msdos" formatted partitions can be mounted and all partitions
are mounted read-only. This is hard coded and cannot be changed by
options. Moreover, there is no information about this to the user of
the shell (i.e. using 'fdisk' mount requires insider knowledge).
How to reproduce:
1) For testing, I use the 'testsuites/samples/fileio.exe' sample with qemu:
> cd rtems
> env QEMU_AUDIO_DRV="none" qemu-system-arm -net none -nographic \
> -M realview-pbx-a9 -m 256M -kernel \
> build/arm/realview_pbx_a9_qemu/testsuites/samples/fileio.exe
2) Type any key to stop the timer and enter the sample tool.
Type 's' to enter the shell, login as 'root' with the password
shown in the terminal.
3) Type the following shell commands (they create a RAM disk,
partition it, register it, format it and try to mount it):
> mkrd
> fdisk /dev/rda fat32 16 write mbr
> fdisk /dev/rda register
> mkdos /dev/rda1
> fdisk /dev/rda mount
4) The last line above is the command which fails - without an error
message. There exists a '/mnt' directory but no '/mnt/rda1' directory
as it should be:
> ls -la /mnt
5) If you change line 103 of 'cpukit/libblock/src/bdpart-mount.c'
from "msdos" to "dosfs", compile and build the executable and
re-run the above test, '/mnt/rda1' exists (but the file system
is mounted read-only).
Close#4131
This is actually an illegal use of strcpy() because one is not allowed to
use this function with overlapping source and destination buffers; whereas
memmove() is explicitly designed to handle such cases.
The compiler warning was:
../../../cpukit/libmisc/monitor/mon-editor.c:342:15: warning:
'strcpy' accessing 1 byte at offsets [0, 75] and [0, 75] overlaps
1 byte at offset [0, 74] [-Wrestrict]
This fixes the following compiler warning:
testsuites/psxtests/psxndbm01/init.c:221:3: warning: 'strncpy' output truncated
before terminating nul copying 5 bytes from a string of the same length
221 | strncpy( test_strings, "Hello", 5 );
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In addition, the comments from Sebastian Huber on an old version of
such a patch have been taken into account:
1) The use of `sizeof()` in `key.dsize = sizeof( test_strings );` is wrong.
2) There is no need to allocate the string. One can simply use a string
constant.
(See https://lists.rtems.org/pipermail/devel/2020-August/061418.html)
The manager documentation is a consolidation of the comments in Doxygen
markup and the documentation sources in Sphinx markup. The
documentation was transfered to interface specification items. This
header file was generated from the items by a script.
Change license to BSD-2-Clause according to file histories and
documentation re-licensing agreement.
Update #3899.
Update #3993.
This fixes the compiler warning below.
../../../cpukit/mghttpd/mongoose.c:1919:45: warning:
'.gz' directive output may be truncated writing 3 bytes into a region
of size between 1 and 255 [-Wformat-truncation=]
This patch does not only fix the compiler warning below. memcpy() is the
better function at this place as the terminating NUL character is never
copied here. Instead more characters will be appended to the
'logical_disk_name' later on.
../../../cpukit/libblock/src/bdpart-register.c:41:5:
warning: 'strncpy' output truncated before terminating nul copying
as many bytes from a string as its length [-Wstringop-truncation]
The strlcpy() function ensures there is always a NUL character
at the end of the string. Hence it is safer as strncpy() and it avoids the
compiler warning
Fix a compiler warning about a missing prototype.
If you wonder why the function name is not `static`:
The code in the file only serves a test where the dynamic object loader
(aka dlopen()) should handle duplicated symbols in an archive.
testsuites/libtests/dl10/dl10-o6.c:14:5: warning: no previous prototype
for 'rtems_main_o5' [-Wmissing-prototypes]
14 | int rtems_main_o5 (void)
| ^~~~~~~~~~~~~
rtems_name is a four byte integer.
Giving an rtems_name as value instead of a pointer to ctrace_task_name_add()
fixes not only the compiler warning but it is also a bit more safe
For those who have asked for the warning:
../../../cpukit/libmisc/capture/capture_support.c:352:49: warning:
taking address of packed member of 'struct rtems_capture_task_record'
may result in an unaligned pointer value [-Waddress-of-packed-member]
352 | ctrace_task_name_add (rec_out->task_id, &task_rec.name);
| ^~~~~~~~~~~~~~
Provide RTEMS_NO_RETURN also in case RTEMS_DEBUG is defined to prevent errors
like this:
error: no return statement in function returning non-void [-Werror=return-type]
Use C11 and C++11 standard means to declare a no-return function.
Close#4122.
