Add FMC SDRAM for STM32H7x3 chip #22
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
raiden00pl
reviewed
Jan 2, 2020
raiden00pl
reviewed
Jan 2, 2020
raiden00pl
reviewed
Jan 2, 2020
raiden00pl
reviewed
Jan 2, 2020
raiden00pl
reviewed
Jan 2, 2020
raiden00pl
reviewed
Jan 2, 2020
raiden00pl
reviewed
Jan 2, 2020
raiden00pl
reviewed
Jan 2, 2020
raiden00pl
reviewed
Jan 2, 2020
raiden00pl
reviewed
Jan 2, 2020
raiden00pl
reviewed
Jan 2, 2020
raiden00pl
reviewed
Jan 2, 2020
raiden00pl
approved these changes
Jan 2, 2020
Member
raiden00pl
left a comment
raiden00pl
left a comment
There was a problem hiding this comment.
Looks OK for me. Thanks for contribution ;]
acassis
pushed a commit
that referenced
this pull request
Jan 2, 2020
Author: Alan Carvalho de Assis <acassis@gmail.com>
Run all .h and .c files modified in last PR through nxstyle.
Author: Minamiya_Natsuki <yukihiratype2@gmail.com>
Add FMC SDRAM for STM32H7x3 chip (#22)
* Add FMC SDRAM for STM32H7x3 chip
* Add FMC SDRAM for STM32H7x7
* Nuttx Coding Standard requires one declaration per line
* should be __ARCH_ARM_SRC_STM32H7_STM32_FMC_H
* fix bad alignment
* fix typo
* fix typo
* people can't live in furture
* fix comment line length
* fix more comment line length
* fix aligenment
* fix typo
patacongo
pushed a commit
that referenced
this pull request
Jan 3, 2020
Author: Alan Carvalho de Assis <acassis@gmail.com>
Run all .h and .c files modified in last PR through nxstyle.
Author: Minamiya_Natsuki <yukihiratype2@gmail.com>
Add FMC SDRAM for STM32H7x3 chip (#22)
* Add FMC SDRAM for STM32H7x3 chip
* Add FMC SDRAM for STM32H7x7
* Nuttx Coding Standard requires one declaration per line
* should be __ARCH_ARM_SRC_STM32H7_STM32_FMC_H
* fix bad alignment
* fix typo
* fix typo
* people can't live in furture
* fix comment line length
* fix more comment line length
* fix aligenment
* fix typo
donghengqaz
pushed a commit
to donghengqaz/incubator-nuttx
that referenced
this pull request
Jul 20, 2020
…xample_test xtensa/esp32: Support wifi example test in nuttx-apps
anchao
added a commit
to anchao/nuttx
that referenced
this pull request
Dec 14, 2020
Deadlock during recursive access if unionfs overlays procfs, check the critical segment only and remove the useless protection part. |#0 unionfs_statfs (mountpt=0xf3df4540, buf=0xf3de2f0c) at unionfs/fs_unionfs.c:2136 ... |#6 0x08069429 in procfs_read (filep=0xf3df4574, buffer=0xf3df4610 "...", buflen=1024) at procfs/fs_procfs.c:412 |apache#7 0x0806c339 in unionfs_read (filep=0xf3de219c, buffer=0xf3df4610 "...", buflen=1024) at unionfs/fs_unionfs.c:1026 original call stack: (gdb) bt |#0 unionfs_statfs (mountpt=0xf3df4540, buf=0xf3de2f0c) at unionfs/fs_unionfs.c:2136 |#1 0x08071629 in mountpoint_filter (node=0xf3df4540, dirpath=0xf3df4a28 "/proc", arg=0xf3de2fc4) at mount/fs_foreachmountpoint.c:119 |#2 0x0807171b in foreach_inodelevel (node=0xf3df4540, info=0xf3df4a20) at inode/fs_foreachinode.c:90 |#3 0x08071898 in foreach_inode (handler=0x8071530 <mountpoint_filter>, arg=0xf3de2fc4) at inode/fs_foreachinode.c:193 |#4 0x080716c1 in foreach_mountpoint (handler=0x8070e2f <blocks_entry>, arg=0xf3de300c) at mount/fs_foreachmountpoint.c:169 |#5 0x08071399 in mount_read (filep=0xf3df4574, buffer=0xf3df4610 "...", buflen=1024) at mount/fs_procfs_mount.c:537 |#6 0x08069429 in procfs_read (filep=0xf3df4574, buffer=0xf3df4610 "...", buflen=1024) at procfs/fs_procfs.c:412 |apache#7 0x0806c339 in unionfs_read (filep=0xf3de219c, buffer=0xf3df4610 "...", buflen=1024) at unionfs/fs_unionfs.c:1026 |apache#8 0x080657a2 in file_read (filep=0xf3de219c, buf=0xf3df4610, nbytes=1024) at vfs/fs_read.c:110 |apache#9 0x0806581a in nx_read (fd=3, buf=0xf3df4610, nbytes=1024) at vfs/fs_read.c:175 |apache#10 0x08065847 in read (fd=3, buf=0xf3df4610, nbytes=1024) at vfs/fs_read.c:206 |apache#11 0x0805a242 in nsh_catfile (vtbl=0xf3df3f10, cmd=0xf3df4378 "df", filepath=0x808d5ed "/proc/fs/blocks") at nsh_fsutils.c:116 |apache#12 0x0805b1de in cmd_df (vtbl=0xf3df3f10, argc=1, argv=0xf3de32c0) at nsh_mntcmds.c:73 |apache#13 0x08056370 in nsh_command (vtbl=0xf3df3f10, argc=1, argv=0xf3de32c0) at nsh_command.c:1061 |apache#14 0x08053b16 in nsh_execute (vtbl=0xf3df3f10, argc=1, argv=0xf3de32c0, redirfile=0x0, oflags=0) at nsh_parse.c:741 |apache#15 0x08055998 in nsh_parse_command (vtbl=0xf3df3f10, cmdline=0xf3df4378 "df") at nsh_parse.c:2578 |apache#16 0x08055a7b in nsh_parse (vtbl=0xf3df3f10, cmdline=0xf3df4378 "df") at nsh_parse.c:2662 |apache#17 0x0805d691 in nsh_session (pstate=0xf3df3f10, login=1 '\001', argc=1, argv=0xf3de34b0) at nsh_session.c:191 |apache#18 0x0805b542 in nsh_consolemain (argc=1, argv=0xf3de34b0) at nsh_consolemain.c:115 |apache#19 0x0805346c in nsh_main (argc=1, argv=0xf3de34b0) at nsh_main.c:168 |apache#20 0x0805075a in nxtask_startup (entrypt=0x805340a <nsh_main>, argc=1, argv=0xf3de34b0) at sched/task_startup.c:165 |apache#21 0x08049713 in nxtask_start () at task/task_start.c:144 |apache#22 0x00000000 in ?? () Change-Id: Ic4c7aff0ea50388a371c525745e817a787dabcca Signed-off-by: chao.an <anchao@xiaomi.com>
anchao
added a commit
to anchao/nuttx
that referenced
this pull request
Dec 14, 2020
Deadlock during recursive access if unionfs overlays procfs, check the critical segment only and remove the useless protection part. |#0 unionfs_statfs (mountpt=0xf3df4540, buf=0xf3de2f0c) at unionfs/fs_unionfs.c:2136 ... |#6 0x08069429 in procfs_read (filep=0xf3df4574, buffer=0xf3df4610 "...", buflen=1024) at procfs/fs_procfs.c:412 |apache#7 0x0806c339 in unionfs_read (filep=0xf3de219c, buffer=0xf3df4610 "...", buflen=1024) at unionfs/fs_unionfs.c:1026 original call stack: (gdb) bt |#0 unionfs_statfs (mountpt=0xf3df4540, buf=0xf3de2f0c) at unionfs/fs_unionfs.c:2136 |#1 0x08071629 in mountpoint_filter (node=0xf3df4540, dirpath=0xf3df4a28 "/proc", arg=0xf3de2fc4) at mount/fs_foreachmountpoint.c:119 |#2 0x0807171b in foreach_inodelevel (node=0xf3df4540, info=0xf3df4a20) at inode/fs_foreachinode.c:90 |#3 0x08071898 in foreach_inode (handler=0x8071530 <mountpoint_filter>, arg=0xf3de2fc4) at inode/fs_foreachinode.c:193 |#4 0x080716c1 in foreach_mountpoint (handler=0x8070e2f <blocks_entry>, arg=0xf3de300c) at mount/fs_foreachmountpoint.c:169 |#5 0x08071399 in mount_read (filep=0xf3df4574, buffer=0xf3df4610 "...", buflen=1024) at mount/fs_procfs_mount.c:537 |#6 0x08069429 in procfs_read (filep=0xf3df4574, buffer=0xf3df4610 "...", buflen=1024) at procfs/fs_procfs.c:412 |apache#7 0x0806c339 in unionfs_read (filep=0xf3de219c, buffer=0xf3df4610 "...", buflen=1024) at unionfs/fs_unionfs.c:1026 |apache#8 0x080657a2 in file_read (filep=0xf3de219c, buf=0xf3df4610, nbytes=1024) at vfs/fs_read.c:110 |apache#9 0x0806581a in nx_read (fd=3, buf=0xf3df4610, nbytes=1024) at vfs/fs_read.c:175 |apache#10 0x08065847 in read (fd=3, buf=0xf3df4610, nbytes=1024) at vfs/fs_read.c:206 |apache#11 0x0805a242 in nsh_catfile (vtbl=0xf3df3f10, cmd=0xf3df4378 "df", filepath=0x808d5ed "/proc/fs/blocks") at nsh_fsutils.c:116 |apache#12 0x0805b1de in cmd_df (vtbl=0xf3df3f10, argc=1, argv=0xf3de32c0) at nsh_mntcmds.c:73 |apache#13 0x08056370 in nsh_command (vtbl=0xf3df3f10, argc=1, argv=0xf3de32c0) at nsh_command.c:1061 |apache#14 0x08053b16 in nsh_execute (vtbl=0xf3df3f10, argc=1, argv=0xf3de32c0, redirfile=0x0, oflags=0) at nsh_parse.c:741 |apache#15 0x08055998 in nsh_parse_command (vtbl=0xf3df3f10, cmdline=0xf3df4378 "df") at nsh_parse.c:2578 |apache#16 0x08055a7b in nsh_parse (vtbl=0xf3df3f10, cmdline=0xf3df4378 "df") at nsh_parse.c:2662 |apache#17 0x0805d691 in nsh_session (pstate=0xf3df3f10, login=1 '\001', argc=1, argv=0xf3de34b0) at nsh_session.c:191 |apache#18 0x0805b542 in nsh_consolemain (argc=1, argv=0xf3de34b0) at nsh_consolemain.c:115 |apache#19 0x0805346c in nsh_main (argc=1, argv=0xf3de34b0) at nsh_main.c:168 |apache#20 0x0805075a in nxtask_startup (entrypt=0x805340a <nsh_main>, argc=1, argv=0xf3de34b0) at sched/task_startup.c:165 |apache#21 0x08049713 in nxtask_start () at task/task_start.c:144 |apache#22 0x00000000 in ?? () Change-Id: Ic4c7aff0ea50388a371c525745e817a787dabcca Signed-off-by: chao.an <anchao@xiaomi.com>
xiaoxiang781216
pushed a commit
that referenced
this pull request
Dec 15, 2020
Deadlock during recursive access if unionfs overlays procfs, check the critical segment only and remove the useless protection part. |#0 unionfs_statfs (mountpt=0xf3df4540, buf=0xf3de2f0c) at unionfs/fs_unionfs.c:2136 ... |#6 0x08069429 in procfs_read (filep=0xf3df4574, buffer=0xf3df4610 "...", buflen=1024) at procfs/fs_procfs.c:412 |#7 0x0806c339 in unionfs_read (filep=0xf3de219c, buffer=0xf3df4610 "...", buflen=1024) at unionfs/fs_unionfs.c:1026 original call stack: (gdb) bt |#0 unionfs_statfs (mountpt=0xf3df4540, buf=0xf3de2f0c) at unionfs/fs_unionfs.c:2136 |#1 0x08071629 in mountpoint_filter (node=0xf3df4540, dirpath=0xf3df4a28 "/proc", arg=0xf3de2fc4) at mount/fs_foreachmountpoint.c:119 |#2 0x0807171b in foreach_inodelevel (node=0xf3df4540, info=0xf3df4a20) at inode/fs_foreachinode.c:90 |#3 0x08071898 in foreach_inode (handler=0x8071530 <mountpoint_filter>, arg=0xf3de2fc4) at inode/fs_foreachinode.c:193 |#4 0x080716c1 in foreach_mountpoint (handler=0x8070e2f <blocks_entry>, arg=0xf3de300c) at mount/fs_foreachmountpoint.c:169 |#5 0x08071399 in mount_read (filep=0xf3df4574, buffer=0xf3df4610 "...", buflen=1024) at mount/fs_procfs_mount.c:537 |#6 0x08069429 in procfs_read (filep=0xf3df4574, buffer=0xf3df4610 "...", buflen=1024) at procfs/fs_procfs.c:412 |#7 0x0806c339 in unionfs_read (filep=0xf3de219c, buffer=0xf3df4610 "...", buflen=1024) at unionfs/fs_unionfs.c:1026 |#8 0x080657a2 in file_read (filep=0xf3de219c, buf=0xf3df4610, nbytes=1024) at vfs/fs_read.c:110 |#9 0x0806581a in nx_read (fd=3, buf=0xf3df4610, nbytes=1024) at vfs/fs_read.c:175 |#10 0x08065847 in read (fd=3, buf=0xf3df4610, nbytes=1024) at vfs/fs_read.c:206 |#11 0x0805a242 in nsh_catfile (vtbl=0xf3df3f10, cmd=0xf3df4378 "df", filepath=0x808d5ed "/proc/fs/blocks") at nsh_fsutils.c:116 |#12 0x0805b1de in cmd_df (vtbl=0xf3df3f10, argc=1, argv=0xf3de32c0) at nsh_mntcmds.c:73 |#13 0x08056370 in nsh_command (vtbl=0xf3df3f10, argc=1, argv=0xf3de32c0) at nsh_command.c:1061 |#14 0x08053b16 in nsh_execute (vtbl=0xf3df3f10, argc=1, argv=0xf3de32c0, redirfile=0x0, oflags=0) at nsh_parse.c:741 |#15 0x08055998 in nsh_parse_command (vtbl=0xf3df3f10, cmdline=0xf3df4378 "df") at nsh_parse.c:2578 |#16 0x08055a7b in nsh_parse (vtbl=0xf3df3f10, cmdline=0xf3df4378 "df") at nsh_parse.c:2662 |#17 0x0805d691 in nsh_session (pstate=0xf3df3f10, login=1 '\001', argc=1, argv=0xf3de34b0) at nsh_session.c:191 |#18 0x0805b542 in nsh_consolemain (argc=1, argv=0xf3de34b0) at nsh_consolemain.c:115 |#19 0x0805346c in nsh_main (argc=1, argv=0xf3de34b0) at nsh_main.c:168 |#20 0x0805075a in nxtask_startup (entrypt=0x805340a <nsh_main>, argc=1, argv=0xf3de34b0) at sched/task_startup.c:165 |#21 0x08049713 in nxtask_start () at task/task_start.c:144 |#22 0x00000000 in ?? () Change-Id: Ic4c7aff0ea50388a371c525745e817a787dabcca Signed-off-by: chao.an <anchao@xiaomi.com>
anchao
added a commit
to anchao/nuttx
that referenced
this pull request
Aug 1, 2022
The free node is still in use after kasan_poison(), the node member access will cause the assert report by kasan. | (gdb) bt | #0 kasan_report (addr=1743265406637584896, size=140737337053680, is_write=46) at kasan/kasan.c:97 | #1 0x0000555555607bdd in __asan_loadN_noabort (addr=140737272831420, size=4) at kasan/kasan.c:289 | #2 0x0000555555607cd7 in __asan_load4_noabort (addr=140737272831420) at kasan/kasan.c:323 | #3 0x00005555556061ef in gmtime_r (timep=0x7ffff3275dbc, result=0x7ffff3275e10) at time/lib_gmtimer.c:301 | #4 0x000055555560e507 in sim_rtc_rdtime (lower=0x55555576b780 <g_sim_rtc>, rtctime=0x7ffff3275e10) at sim/up_rtc.c:77 | #5 0x00005555555fcbdb in up_rtc_gettime (tp=0x7ffff3275ef0) at timers/arch_rtc.c:128 | #6 0x00005555555f08b4 in clock_systime_timespec (ts=0x7ffff3275ef0) at clock/clock_systime_timespec.c:72 | apache#7 0x00005555555ecc77 in note_common (tcb=0x7ffff31d2180, note=0x7ffff3275f80, length=21 '\025', type=18 '\022') at sched/sched_note.c:144 | apache#8 0x00005555555ed706 in sched_note_syscall_enter (nr=1, argc=0) at sched/sched_note.c:765 | apache#9 0x000055555560eb37 in __wrap_getpid () at wraps/WRAP_getpid.c:26 | apache#10 0x0000555555608d1c in mm_takesemaphore (heap=0x7ffff30ae000) at mm_heap/mm_sem.c:127 | apache#11 0x0000555555609477 in mm_free (heap=0x7ffff30ae000, mem=0x7ffff3265b80) at mm_heap/mm_free.c:89 | apache#12 0x00005555556070c5 in free (mem=0x7ffff3265b80) at umm_heap/umm_free.c:49 | apache#13 0x000055555560c3b0 in up_release_stack (dtcb=0x7ffff31e4b00, ttype=0 '\000') at sim/up_releasestack.c:67 | apache#14 0x00005555555f2515 in nxsched_release_tcb (tcb=0x7ffff31e4b00, ttype=0 '\000') at sched/sched_releasetcb.c:134 | apache#15 0x00005555556bdf0c in nxtask_terminate (pid=4, nonblocking=true) at task/task_terminate.c:184 | apache#16 0x00005555556bdb0f in nxtask_exit () at task/task_exit.c:168 | apache#17 0x000055555566e05f in up_exit (status=0) at sim/up_exit.c:64 | apache#18 0x000055555564f454 in _exit (status=0) at task/exit.c:78 | apache#19 0x000055555560ea89 in __wrap__exit (parm1=0) at wraps/WRAP__exit.c:27 | apache#20 0x00005555555eb288 in exit (status=0) at stdlib/lib_exit.c:54 | apache#21 0x00005555555fe2cc in nxtask_startup (entrypt=0x555555670c34 <critmon_start_main>, argc=1, argv=0x7ffff3265bb0) at sched/task_startup.c:70 | apache#22 0x00005555555f02a0 in nxtask_start () at task/task_start.c:134 | apache#23 0x0000000000000000 in ?? () Signed-off-by: chao.an <anchao@xiaomi.com>
anchao
added a commit
to anchao/nuttx
that referenced
this pull request
Aug 1, 2022
The free node is still in use after kasan_poison(), the node member access will cause the assert report by kasan. | (gdb) bt | #0 kasan_report (addr=1743265406637584896, size=140737337053680, is_write=46) at kasan/kasan.c:97 | #1 0x0000555555607bdd in __asan_loadN_noabort (addr=140737272831420, size=4) at kasan/kasan.c:289 | #2 0x0000555555607cd7 in __asan_load4_noabort (addr=140737272831420) at kasan/kasan.c:323 | #3 0x00005555556061ef in gmtime_r (timep=0x7ffff3275dbc, result=0x7ffff3275e10) at time/lib_gmtimer.c:301 | #4 0x000055555560e507 in sim_rtc_rdtime (lower=0x55555576b780 <g_sim_rtc>, rtctime=0x7ffff3275e10) at sim/up_rtc.c:77 | #5 0x00005555555fcbdb in up_rtc_gettime (tp=0x7ffff3275ef0) at timers/arch_rtc.c:128 | #6 0x00005555555f08b4 in clock_systime_timespec (ts=0x7ffff3275ef0) at clock/clock_systime_timespec.c:72 | apache#7 0x00005555555ecc77 in note_common (tcb=0x7ffff31d2180, note=0x7ffff3275f80, length=21 '\025', type=18 '\022') at sched/sched_note.c:144 | apache#8 0x00005555555ed706 in sched_note_syscall_enter (nr=1, argc=0) at sched/sched_note.c:765 | apache#9 0x000055555560eb37 in __wrap_getpid () at wraps/WRAP_getpid.c:26 | apache#10 0x0000555555608d1c in mm_takesemaphore (heap=0x7ffff30ae000) at mm_heap/mm_sem.c:127 | apache#11 0x0000555555609477 in mm_free (heap=0x7ffff30ae000, mem=0x7ffff3265b80) at mm_heap/mm_free.c:89 | apache#12 0x00005555556070c5 in free (mem=0x7ffff3265b80) at umm_heap/umm_free.c:49 | apache#13 0x000055555560c3b0 in up_release_stack (dtcb=0x7ffff31e4b00, ttype=0 '\000') at sim/up_releasestack.c:67 | apache#14 0x00005555555f2515 in nxsched_release_tcb (tcb=0x7ffff31e4b00, ttype=0 '\000') at sched/sched_releasetcb.c:134 | apache#15 0x00005555556bdf0c in nxtask_terminate (pid=4, nonblocking=true) at task/task_terminate.c:184 | apache#16 0x00005555556bdb0f in nxtask_exit () at task/task_exit.c:168 | apache#17 0x000055555566e05f in up_exit (status=0) at sim/up_exit.c:64 | apache#18 0x000055555564f454 in _exit (status=0) at task/exit.c:78 | apache#19 0x000055555560ea89 in __wrap__exit (parm1=0) at wraps/WRAP__exit.c:27 | apache#20 0x00005555555eb288 in exit (status=0) at stdlib/lib_exit.c:54 | apache#21 0x00005555555fe2cc in nxtask_startup (entrypt=0x555555670c34 <critmon_start_main>, argc=1, argv=0x7ffff3265bb0) at sched/task_startup.c:70 | apache#22 0x00005555555f02a0 in nxtask_start () at task/task_start.c:134 | apache#23 0x0000000000000000 in ?? () Signed-off-by: chao.an <anchao@xiaomi.com>
anchao
added a commit
to anchao/nuttx
that referenced
this pull request
Aug 1, 2022
The free node is still in use after kasan_poison(), the node member access will cause the assert report by kasan. | (gdb) bt | #0 kasan_report (addr=1743265406637584896, size=140737337053680, is_write=46) at kasan/kasan.c:97 | #1 0x0000555555607bdd in __asan_loadN_noabort (addr=140737272831420, size=4) at kasan/kasan.c:289 | #2 0x0000555555607cd7 in __asan_load4_noabort (addr=140737272831420) at kasan/kasan.c:323 | #3 0x00005555556061ef in gmtime_r (timep=0x7ffff3275dbc, result=0x7ffff3275e10) at time/lib_gmtimer.c:301 | #4 0x000055555560e507 in sim_rtc_rdtime (lower=0x55555576b780 <g_sim_rtc>, rtctime=0x7ffff3275e10) at sim/up_rtc.c:77 | #5 0x00005555555fcbdb in up_rtc_gettime (tp=0x7ffff3275ef0) at timers/arch_rtc.c:128 | #6 0x00005555555f08b4 in clock_systime_timespec (ts=0x7ffff3275ef0) at clock/clock_systime_timespec.c:72 | apache#7 0x00005555555ecc77 in note_common (tcb=0x7ffff31d2180, note=0x7ffff3275f80, length=21 '\025', type=18 '\022') at sched/sched_note.c:144 | apache#8 0x00005555555ed706 in sched_note_syscall_enter (nr=1, argc=0) at sched/sched_note.c:765 | apache#9 0x000055555560eb37 in __wrap_getpid () at wraps/WRAP_getpid.c:26 | apache#10 0x0000555555608d1c in mm_takesemaphore (heap=0x7ffff30ae000) at mm_heap/mm_sem.c:127 | apache#11 0x0000555555609477 in mm_free (heap=0x7ffff30ae000, mem=0x7ffff3265b80) at mm_heap/mm_free.c:89 | apache#12 0x00005555556070c5 in free (mem=0x7ffff3265b80) at umm_heap/umm_free.c:49 | apache#13 0x000055555560c3b0 in up_release_stack (dtcb=0x7ffff31e4b00, ttype=0 '\000') at sim/up_releasestack.c:67 | apache#14 0x00005555555f2515 in nxsched_release_tcb (tcb=0x7ffff31e4b00, ttype=0 '\000') at sched/sched_releasetcb.c:134 | apache#15 0x00005555556bdf0c in nxtask_terminate (pid=4, nonblocking=true) at task/task_terminate.c:184 | apache#16 0x00005555556bdb0f in nxtask_exit () at task/task_exit.c:168 | apache#17 0x000055555566e05f in up_exit (status=0) at sim/up_exit.c:64 | apache#18 0x000055555564f454 in _exit (status=0) at task/exit.c:78 | apache#19 0x000055555560ea89 in __wrap__exit (parm1=0) at wraps/WRAP__exit.c:27 | apache#20 0x00005555555eb288 in exit (status=0) at stdlib/lib_exit.c:54 | apache#21 0x00005555555fe2cc in nxtask_startup (entrypt=0x555555670c34 <critmon_start_main>, argc=1, argv=0x7ffff3265bb0) at sched/task_startup.c:70 | apache#22 0x00005555555f02a0 in nxtask_start () at task/task_start.c:134 | apache#23 0x0000000000000000 in ?? () Signed-off-by: chao.an <anchao@xiaomi.com>
anchao
added a commit
to anchao/nuttx
that referenced
this pull request
Aug 1, 2022
The free node is still in use after kasan_poison(), the node member access will cause the assert report by kasan. | (gdb) bt | #0 kasan_report (addr=1743265406637584896, size=140737337053680, is_write=46) at kasan/kasan.c:97 | #1 0x0000555555607bdd in __asan_loadN_noabort (addr=140737272831420, size=4) at kasan/kasan.c:289 | #2 0x0000555555607cd7 in __asan_load4_noabort (addr=140737272831420) at kasan/kasan.c:323 | #3 0x00005555556061ef in gmtime_r (timep=0x7ffff3275dbc, result=0x7ffff3275e10) at time/lib_gmtimer.c:301 | #4 0x000055555560e507 in sim_rtc_rdtime (lower=0x55555576b780 <g_sim_rtc>, rtctime=0x7ffff3275e10) at sim/up_rtc.c:77 | #5 0x00005555555fcbdb in up_rtc_gettime (tp=0x7ffff3275ef0) at timers/arch_rtc.c:128 | #6 0x00005555555f08b4 in clock_systime_timespec (ts=0x7ffff3275ef0) at clock/clock_systime_timespec.c:72 | apache#7 0x00005555555ecc77 in note_common (tcb=0x7ffff31d2180, note=0x7ffff3275f80, length=21 '\025', type=18 '\022') at sched/sched_note.c:144 | apache#8 0x00005555555ed706 in sched_note_syscall_enter (nr=1, argc=0) at sched/sched_note.c:765 | apache#9 0x000055555560eb37 in __wrap_getpid () at wraps/WRAP_getpid.c:26 | apache#10 0x0000555555608d1c in mm_takesemaphore (heap=0x7ffff30ae000) at mm_heap/mm_sem.c:127 | apache#11 0x0000555555609477 in mm_free (heap=0x7ffff30ae000, mem=0x7ffff3265b80) at mm_heap/mm_free.c:89 | apache#12 0x00005555556070c5 in free (mem=0x7ffff3265b80) at umm_heap/umm_free.c:49 | apache#13 0x000055555560c3b0 in up_release_stack (dtcb=0x7ffff31e4b00, ttype=0 '\000') at sim/up_releasestack.c:67 | apache#14 0x00005555555f2515 in nxsched_release_tcb (tcb=0x7ffff31e4b00, ttype=0 '\000') at sched/sched_releasetcb.c:134 | apache#15 0x00005555556bdf0c in nxtask_terminate (pid=4, nonblocking=true) at task/task_terminate.c:184 | apache#16 0x00005555556bdb0f in nxtask_exit () at task/task_exit.c:168 | apache#17 0x000055555566e05f in up_exit (status=0) at sim/up_exit.c:64 | apache#18 0x000055555564f454 in _exit (status=0) at task/exit.c:78 | apache#19 0x000055555560ea89 in __wrap__exit (parm1=0) at wraps/WRAP__exit.c:27 | apache#20 0x00005555555eb288 in exit (status=0) at stdlib/lib_exit.c:54 | apache#21 0x00005555555fe2cc in nxtask_startup (entrypt=0x555555670c34 <critmon_start_main>, argc=1, argv=0x7ffff3265bb0) at sched/task_startup.c:70 | apache#22 0x00005555555f02a0 in nxtask_start () at task/task_start.c:134 | apache#23 0x0000000000000000 in ?? () Signed-off-by: chao.an <anchao@xiaomi.com>
anchao
added a commit
to anchao/nuttx
that referenced
this pull request
Aug 1, 2022
The free node is still in use after kasan_poison(), the node member access will cause the assert report by kasan. | (gdb) bt | #0 kasan_report (addr=1743265406637584896, size=140737337053680, is_write=46) at kasan/kasan.c:97 | #1 0x0000555555607bdd in __asan_loadN_noabort (addr=140737272831420, size=4) at kasan/kasan.c:289 | #2 0x0000555555607cd7 in __asan_load4_noabort (addr=140737272831420) at kasan/kasan.c:323 | #3 0x00005555556061ef in gmtime_r (timep=0x7ffff3275dbc, result=0x7ffff3275e10) at time/lib_gmtimer.c:301 | #4 0x000055555560e507 in sim_rtc_rdtime (lower=0x55555576b780 <g_sim_rtc>, rtctime=0x7ffff3275e10) at sim/up_rtc.c:77 | #5 0x00005555555fcbdb in up_rtc_gettime (tp=0x7ffff3275ef0) at timers/arch_rtc.c:128 | #6 0x00005555555f08b4 in clock_systime_timespec (ts=0x7ffff3275ef0) at clock/clock_systime_timespec.c:72 | apache#7 0x00005555555ecc77 in note_common (tcb=0x7ffff31d2180, note=0x7ffff3275f80, length=21 '\025', type=18 '\022') at sched/sched_note.c:144 | apache#8 0x00005555555ed706 in sched_note_syscall_enter (nr=1, argc=0) at sched/sched_note.c:765 | apache#9 0x000055555560eb37 in __wrap_getpid () at wraps/WRAP_getpid.c:26 | apache#10 0x0000555555608d1c in mm_takesemaphore (heap=0x7ffff30ae000) at mm_heap/mm_sem.c:127 | apache#11 0x0000555555609477 in mm_free (heap=0x7ffff30ae000, mem=0x7ffff3265b80) at mm_heap/mm_free.c:89 | apache#12 0x00005555556070c5 in free (mem=0x7ffff3265b80) at umm_heap/umm_free.c:49 | apache#13 0x000055555560c3b0 in up_release_stack (dtcb=0x7ffff31e4b00, ttype=0 '\000') at sim/up_releasestack.c:67 | apache#14 0x00005555555f2515 in nxsched_release_tcb (tcb=0x7ffff31e4b00, ttype=0 '\000') at sched/sched_releasetcb.c:134 | apache#15 0x00005555556bdf0c in nxtask_terminate (pid=4, nonblocking=true) at task/task_terminate.c:184 | apache#16 0x00005555556bdb0f in nxtask_exit () at task/task_exit.c:168 | apache#17 0x000055555566e05f in up_exit (status=0) at sim/up_exit.c:64 | apache#18 0x000055555564f454 in _exit (status=0) at task/exit.c:78 | apache#19 0x000055555560ea89 in __wrap__exit (parm1=0) at wraps/WRAP__exit.c:27 | apache#20 0x00005555555eb288 in exit (status=0) at stdlib/lib_exit.c:54 | apache#21 0x00005555555fe2cc in nxtask_startup (entrypt=0x555555670c34 <critmon_start_main>, argc=1, argv=0x7ffff3265bb0) at sched/task_startup.c:70 | apache#22 0x00005555555f02a0 in nxtask_start () at task/task_start.c:134 | apache#23 0x0000000000000000 in ?? () Signed-off-by: chao.an <anchao@xiaomi.com>
xiaoxiang781216
pushed a commit
that referenced
this pull request
Aug 1, 2022
The free node is still in use after kasan_poison(), the node member access will cause the assert report by kasan. | (gdb) bt | #0 kasan_report (addr=1743265406637584896, size=140737337053680, is_write=46) at kasan/kasan.c:97 | #1 0x0000555555607bdd in __asan_loadN_noabort (addr=140737272831420, size=4) at kasan/kasan.c:289 | #2 0x0000555555607cd7 in __asan_load4_noabort (addr=140737272831420) at kasan/kasan.c:323 | #3 0x00005555556061ef in gmtime_r (timep=0x7ffff3275dbc, result=0x7ffff3275e10) at time/lib_gmtimer.c:301 | #4 0x000055555560e507 in sim_rtc_rdtime (lower=0x55555576b780 <g_sim_rtc>, rtctime=0x7ffff3275e10) at sim/up_rtc.c:77 | #5 0x00005555555fcbdb in up_rtc_gettime (tp=0x7ffff3275ef0) at timers/arch_rtc.c:128 | #6 0x00005555555f08b4 in clock_systime_timespec (ts=0x7ffff3275ef0) at clock/clock_systime_timespec.c:72 | #7 0x00005555555ecc77 in note_common (tcb=0x7ffff31d2180, note=0x7ffff3275f80, length=21 '\025', type=18 '\022') at sched/sched_note.c:144 | #8 0x00005555555ed706 in sched_note_syscall_enter (nr=1, argc=0) at sched/sched_note.c:765 | #9 0x000055555560eb37 in __wrap_getpid () at wraps/WRAP_getpid.c:26 | #10 0x0000555555608d1c in mm_takesemaphore (heap=0x7ffff30ae000) at mm_heap/mm_sem.c:127 | #11 0x0000555555609477 in mm_free (heap=0x7ffff30ae000, mem=0x7ffff3265b80) at mm_heap/mm_free.c:89 | #12 0x00005555556070c5 in free (mem=0x7ffff3265b80) at umm_heap/umm_free.c:49 | #13 0x000055555560c3b0 in up_release_stack (dtcb=0x7ffff31e4b00, ttype=0 '\000') at sim/up_releasestack.c:67 | #14 0x00005555555f2515 in nxsched_release_tcb (tcb=0x7ffff31e4b00, ttype=0 '\000') at sched/sched_releasetcb.c:134 | #15 0x00005555556bdf0c in nxtask_terminate (pid=4, nonblocking=true) at task/task_terminate.c:184 | #16 0x00005555556bdb0f in nxtask_exit () at task/task_exit.c:168 | #17 0x000055555566e05f in up_exit (status=0) at sim/up_exit.c:64 | #18 0x000055555564f454 in _exit (status=0) at task/exit.c:78 | #19 0x000055555560ea89 in __wrap__exit (parm1=0) at wraps/WRAP__exit.c:27 | #20 0x00005555555eb288 in exit (status=0) at stdlib/lib_exit.c:54 | #21 0x00005555555fe2cc in nxtask_startup (entrypt=0x555555670c34 <critmon_start_main>, argc=1, argv=0x7ffff3265bb0) at sched/task_startup.c:70 | #22 0x00005555555f02a0 in nxtask_start () at task/task_start.c:134 | #23 0x0000000000000000 in ?? () Signed-off-by: chao.an <anchao@xiaomi.com>
Uthedris
pushed a commit
to Uthedris/nuttx
that referenced
this pull request
Aug 16, 2022
The free node is still in use after kasan_poison(), the node member access will cause the assert report by kasan. | (gdb) bt | #0 kasan_report (addr=1743265406637584896, size=140737337053680, is_write=46) at kasan/kasan.c:97 | apache#1 0x0000555555607bdd in __asan_loadN_noabort (addr=140737272831420, size=4) at kasan/kasan.c:289 | apache#2 0x0000555555607cd7 in __asan_load4_noabort (addr=140737272831420) at kasan/kasan.c:323 | apache#3 0x00005555556061ef in gmtime_r (timep=0x7ffff3275dbc, result=0x7ffff3275e10) at time/lib_gmtimer.c:301 | apache#4 0x000055555560e507 in sim_rtc_rdtime (lower=0x55555576b780 <g_sim_rtc>, rtctime=0x7ffff3275e10) at sim/up_rtc.c:77 | apache#5 0x00005555555fcbdb in up_rtc_gettime (tp=0x7ffff3275ef0) at timers/arch_rtc.c:128 | apache#6 0x00005555555f08b4 in clock_systime_timespec (ts=0x7ffff3275ef0) at clock/clock_systime_timespec.c:72 | apache#7 0x00005555555ecc77 in note_common (tcb=0x7ffff31d2180, note=0x7ffff3275f80, length=21 '\025', type=18 '\022') at sched/sched_note.c:144 | apache#8 0x00005555555ed706 in sched_note_syscall_enter (nr=1, argc=0) at sched/sched_note.c:765 | apache#9 0x000055555560eb37 in __wrap_getpid () at wraps/WRAP_getpid.c:26 | apache#10 0x0000555555608d1c in mm_takesemaphore (heap=0x7ffff30ae000) at mm_heap/mm_sem.c:127 | apache#11 0x0000555555609477 in mm_free (heap=0x7ffff30ae000, mem=0x7ffff3265b80) at mm_heap/mm_free.c:89 | apache#12 0x00005555556070c5 in free (mem=0x7ffff3265b80) at umm_heap/umm_free.c:49 | apache#13 0x000055555560c3b0 in up_release_stack (dtcb=0x7ffff31e4b00, ttype=0 '\000') at sim/up_releasestack.c:67 | apache#14 0x00005555555f2515 in nxsched_release_tcb (tcb=0x7ffff31e4b00, ttype=0 '\000') at sched/sched_releasetcb.c:134 | apache#15 0x00005555556bdf0c in nxtask_terminate (pid=4, nonblocking=true) at task/task_terminate.c:184 | apache#16 0x00005555556bdb0f in nxtask_exit () at task/task_exit.c:168 | apache#17 0x000055555566e05f in up_exit (status=0) at sim/up_exit.c:64 | apache#18 0x000055555564f454 in _exit (status=0) at task/exit.c:78 | apache#19 0x000055555560ea89 in __wrap__exit (parm1=0) at wraps/WRAP__exit.c:27 | apache#20 0x00005555555eb288 in exit (status=0) at stdlib/lib_exit.c:54 | apache#21 0x00005555555fe2cc in nxtask_startup (entrypt=0x555555670c34 <critmon_start_main>, argc=1, argv=0x7ffff3265bb0) at sched/task_startup.c:70 | apache#22 0x00005555555f02a0 in nxtask_start () at task/task_start.c:134 | apache#23 0x0000000000000000 in ?? () Signed-off-by: chao.an <anchao@xiaomi.com>
anchao
added a commit
to anchao/nuttx
that referenced
this pull request
Jan 10, 2023
tg_info is still in use after task_uninit_info() unifies lib_stream_* with life cycle of task info to avoid this issue. |apache#10 0xf7abec89 in __asan::__asan_report_load2 (addr=4100993760) at ../../../../src/libsanitizer/asan/asan_rtl.cpp:119 |apache#11 0x5677356a in nxsem_destroy (sem=0xf47032e0) at semaphore/sem_destroy.c:73 |apache#12 0x56773695 in sem_destroy (sem=0xf47032e0) at semaphore/sem_destroy.c:120 |apache#13 0x5676faa2 in nxmutex_destroy (mutex=0xf47032e0) at include/nuttx/mutex.h:126 |apache#14 0x567a3430 in lib_stream_release (group=0xf4901ba0) at stdio/lib_libstream.c:98 |apache#15 0x5676da75 in group_release (group=0xf4901ba0) at group/group_leave.c:162 |apache#16 0x5676e51c in group_leave (tcb=0xf5377740) at group/group_leave.c:360 |apache#17 0x569fe79b in nxtask_exithook (tcb=0xf5377740, status=0) at task/task_exithook.c:455 |apache#18 0x569f90b9 in _exit (status=0) at task/exit.c:82 |apache#19 0x56742680 in exit (status=0) at stdlib/lib_exit.c:61 |apache#20 0x56a69c78 in iperf_showusage (progname=0xf2f28838 "iperf", exitcode=0) at iperf_main.c:91 |apache#21 0x56a6a6ec in iperf_main (argc=1, argv=0xf2f28830) at iperf_main.c:140 |apache#22 0x5679c148 in nxtask_startup (entrypt=0x56a69c78 <iperf_main>, argc=1, argv=0xf2f28830) at sched/task_startup.c:70 |apache#23 0x56767f58 in nxtask_start () at task/task_start.c:134 Signed-off-by: chao an <anchao@xiaomi.com>
anchao
added a commit
to anchao/nuttx
that referenced
this pull request
Jan 10, 2023
tg_info is still in use after task_uninit_info() unifies lib_stream_* with life cycle of task info to avoid this issue. | ==1940861==ERROR: AddressSanitizer: heap-use-after-free on address 0xf47032e0 at pc 0x5676dc4f bp 0xf2f38c68 sp 0xf2f38c58 | |apache#10 0xf7abec89 in __asan::__asan_report_load2 (addr=4100993760) at ../../../../src/libsanitizer/asan/asan_rtl.cpp:119 |apache#11 0x5677356a in nxsem_destroy (sem=0xf47032e0) at semaphore/sem_destroy.c:73 |apache#12 0x56773695 in sem_destroy (sem=0xf47032e0) at semaphore/sem_destroy.c:120 |apache#13 0x5676faa2 in nxmutex_destroy (mutex=0xf47032e0) at include/nuttx/mutex.h:126 |apache#14 0x567a3430 in lib_stream_release (group=0xf4901ba0) at stdio/lib_libstream.c:98 |apache#15 0x5676da75 in group_release (group=0xf4901ba0) at group/group_leave.c:162 |apache#16 0x5676e51c in group_leave (tcb=0xf5377740) at group/group_leave.c:360 |apache#17 0x569fe79b in nxtask_exithook (tcb=0xf5377740, status=0) at task/task_exithook.c:455 |apache#18 0x569f90b9 in _exit (status=0) at task/exit.c:82 |apache#19 0x56742680 in exit (status=0) at stdlib/lib_exit.c:61 |apache#20 0x56a69c78 in iperf_showusage (progname=0xf2f28838 "iperf", exitcode=0) at iperf_main.c:91 |apache#21 0x56a6a6ec in iperf_main (argc=1, argv=0xf2f28830) at iperf_main.c:140 |apache#22 0x5679c148 in nxtask_startup (entrypt=0x56a69c78 <iperf_main>, argc=1, argv=0xf2f28830) at sched/task_startup.c:70 |apache#23 0x56767f58 in nxtask_start () at task/task_start.c:134 Signed-off-by: chao an <anchao@xiaomi.com>
anchao
added a commit
to anchao/nuttx
that referenced
this pull request
Jan 10, 2023
tg_info is still in use after task_uninit_info(), unifies lib_stream_* with life cycle of task info to avoid this issue. | ==1940861==ERROR: AddressSanitizer: heap-use-after-free on address 0xf47032e0 at pc 0x5676dc4f bp 0xf2f38c68 sp 0xf2f38c58 | |apache#10 0xf7abec89 in __asan::__asan_report_load2 (addr=4100993760) at ../../../../src/libsanitizer/asan/asan_rtl.cpp:119 |apache#11 0x5677356a in nxsem_destroy (sem=0xf47032e0) at semaphore/sem_destroy.c:73 |apache#12 0x56773695 in sem_destroy (sem=0xf47032e0) at semaphore/sem_destroy.c:120 |apache#13 0x5676faa2 in nxmutex_destroy (mutex=0xf47032e0) at include/nuttx/mutex.h:126 |apache#14 0x567a3430 in lib_stream_release (group=0xf4901ba0) at stdio/lib_libstream.c:98 |apache#15 0x5676da75 in group_release (group=0xf4901ba0) at group/group_leave.c:162 |apache#16 0x5676e51c in group_leave (tcb=0xf5377740) at group/group_leave.c:360 |apache#17 0x569fe79b in nxtask_exithook (tcb=0xf5377740, status=0) at task/task_exithook.c:455 |apache#18 0x569f90b9 in _exit (status=0) at task/exit.c:82 |apache#19 0x56742680 in exit (status=0) at stdlib/lib_exit.c:61 |apache#20 0x56a69c78 in iperf_showusage (progname=0xf2f28838 "iperf", exitcode=0) at iperf_main.c:91 |apache#21 0x56a6a6ec in iperf_main (argc=1, argv=0xf2f28830) at iperf_main.c:140 |apache#22 0x5679c148 in nxtask_startup (entrypt=0x56a69c78 <iperf_main>, argc=1, argv=0xf2f28830) at sched/task_startup.c:70 |apache#23 0x56767f58 in nxtask_start () at task/task_start.c:134 Signed-off-by: chao an <anchao@xiaomi.com>
xiaoxiang781216
pushed a commit
that referenced
this pull request
Jan 10, 2023
tg_info is still in use after task_uninit_info(), unifies lib_stream_* with life cycle of task info to avoid this issue. | ==1940861==ERROR: AddressSanitizer: heap-use-after-free on address 0xf47032e0 at pc 0x5676dc4f bp 0xf2f38c68 sp 0xf2f38c58 | |#10 0xf7abec89 in __asan::__asan_report_load2 (addr=4100993760) at ../../../../src/libsanitizer/asan/asan_rtl.cpp:119 |#11 0x5677356a in nxsem_destroy (sem=0xf47032e0) at semaphore/sem_destroy.c:73 |#12 0x56773695 in sem_destroy (sem=0xf47032e0) at semaphore/sem_destroy.c:120 |#13 0x5676faa2 in nxmutex_destroy (mutex=0xf47032e0) at include/nuttx/mutex.h:126 |#14 0x567a3430 in lib_stream_release (group=0xf4901ba0) at stdio/lib_libstream.c:98 |#15 0x5676da75 in group_release (group=0xf4901ba0) at group/group_leave.c:162 |#16 0x5676e51c in group_leave (tcb=0xf5377740) at group/group_leave.c:360 |#17 0x569fe79b in nxtask_exithook (tcb=0xf5377740, status=0) at task/task_exithook.c:455 |#18 0x569f90b9 in _exit (status=0) at task/exit.c:82 |#19 0x56742680 in exit (status=0) at stdlib/lib_exit.c:61 |#20 0x56a69c78 in iperf_showusage (progname=0xf2f28838 "iperf", exitcode=0) at iperf_main.c:91 |#21 0x56a6a6ec in iperf_main (argc=1, argv=0xf2f28830) at iperf_main.c:140 |#22 0x5679c148 in nxtask_startup (entrypt=0x56a69c78 <iperf_main>, argc=1, argv=0xf2f28830) at sched/task_startup.c:70 |#23 0x56767f58 in nxtask_start () at task/task_start.c:134 Signed-off-by: chao an <anchao@xiaomi.com>
chenzhihong007
pushed a commit
to hpmicro/nuttx
that referenced
this pull request
Mar 8, 2023
tg_info is still in use after task_uninit_info(), unifies lib_stream_* with life cycle of task info to avoid this issue. | ==1940861==ERROR: AddressSanitizer: heap-use-after-free on address 0xf47032e0 at pc 0x5676dc4f bp 0xf2f38c68 sp 0xf2f38c58 | |apache#10 0xf7abec89 in __asan::__asan_report_load2 (addr=4100993760) at ../../../../src/libsanitizer/asan/asan_rtl.cpp:119 |apache#11 0x5677356a in nxsem_destroy (sem=0xf47032e0) at semaphore/sem_destroy.c:73 |apache#12 0x56773695 in sem_destroy (sem=0xf47032e0) at semaphore/sem_destroy.c:120 |apache#13 0x5676faa2 in nxmutex_destroy (mutex=0xf47032e0) at include/nuttx/mutex.h:126 |apache#14 0x567a3430 in lib_stream_release (group=0xf4901ba0) at stdio/lib_libstream.c:98 |apache#15 0x5676da75 in group_release (group=0xf4901ba0) at group/group_leave.c:162 |apache#16 0x5676e51c in group_leave (tcb=0xf5377740) at group/group_leave.c:360 |apache#17 0x569fe79b in nxtask_exithook (tcb=0xf5377740, status=0) at task/task_exithook.c:455 |apache#18 0x569f90b9 in _exit (status=0) at task/exit.c:82 |apache#19 0x56742680 in exit (status=0) at stdlib/lib_exit.c:61 |apache#20 0x56a69c78 in iperf_showusage (progname=0xf2f28838 "iperf", exitcode=0) at iperf_main.c:91 |apache#21 0x56a6a6ec in iperf_main (argc=1, argv=0xf2f28830) at iperf_main.c:140 |apache#22 0x5679c148 in nxtask_startup (entrypt=0x56a69c78 <iperf_main>, argc=1, argv=0xf2f28830) at sched/task_startup.c:70 |apache#23 0x56767f58 in nxtask_start () at task/task_start.c:134 Signed-off-by: chao an <anchao@xiaomi.com>
pwnall
pushed a commit
to pwnall/nuttx
that referenced
this pull request
Oct 23, 2024
Deadlock during recursive access if unionfs overlays procfs, check the critical segment only and remove the useless protection part. |#0 unionfs_statfs (mountpt=0xf3df4540, buf=0xf3de2f0c) at unionfs/fs_unionfs.c:2136 ... |apache#6 0x08069429 in procfs_read (filep=0xf3df4574, buffer=0xf3df4610 "...", buflen=1024) at procfs/fs_procfs.c:412 |apache#7 0x0806c339 in unionfs_read (filep=0xf3de219c, buffer=0xf3df4610 "...", buflen=1024) at unionfs/fs_unionfs.c:1026 original call stack: (gdb) bt |#0 unionfs_statfs (mountpt=0xf3df4540, buf=0xf3de2f0c) at unionfs/fs_unionfs.c:2136 |apache#1 0x08071629 in mountpoint_filter (node=0xf3df4540, dirpath=0xf3df4a28 "/proc", arg=0xf3de2fc4) at mount/fs_foreachmountpoint.c:119 |apache#2 0x0807171b in foreach_inodelevel (node=0xf3df4540, info=0xf3df4a20) at inode/fs_foreachinode.c:90 |apache#3 0x08071898 in foreach_inode (handler=0x8071530 <mountpoint_filter>, arg=0xf3de2fc4) at inode/fs_foreachinode.c:193 |apache#4 0x080716c1 in foreach_mountpoint (handler=0x8070e2f <blocks_entry>, arg=0xf3de300c) at mount/fs_foreachmountpoint.c:169 |apache#5 0x08071399 in mount_read (filep=0xf3df4574, buffer=0xf3df4610 "...", buflen=1024) at mount/fs_procfs_mount.c:537 |apache#6 0x08069429 in procfs_read (filep=0xf3df4574, buffer=0xf3df4610 "...", buflen=1024) at procfs/fs_procfs.c:412 |apache#7 0x0806c339 in unionfs_read (filep=0xf3de219c, buffer=0xf3df4610 "...", buflen=1024) at unionfs/fs_unionfs.c:1026 |apache#8 0x080657a2 in file_read (filep=0xf3de219c, buf=0xf3df4610, nbytes=1024) at vfs/fs_read.c:110 |apache#9 0x0806581a in nx_read (fd=3, buf=0xf3df4610, nbytes=1024) at vfs/fs_read.c:175 |apache#10 0x08065847 in read (fd=3, buf=0xf3df4610, nbytes=1024) at vfs/fs_read.c:206 |apache#11 0x0805a242 in nsh_catfile (vtbl=0xf3df3f10, cmd=0xf3df4378 "df", filepath=0x808d5ed "/proc/fs/blocks") at nsh_fsutils.c:116 |apache#12 0x0805b1de in cmd_df (vtbl=0xf3df3f10, argc=1, argv=0xf3de32c0) at nsh_mntcmds.c:73 |apache#13 0x08056370 in nsh_command (vtbl=0xf3df3f10, argc=1, argv=0xf3de32c0) at nsh_command.c:1061 |apache#14 0x08053b16 in nsh_execute (vtbl=0xf3df3f10, argc=1, argv=0xf3de32c0, redirfile=0x0, oflags=0) at nsh_parse.c:741 |apache#15 0x08055998 in nsh_parse_command (vtbl=0xf3df3f10, cmdline=0xf3df4378 "df") at nsh_parse.c:2578 |apache#16 0x08055a7b in nsh_parse (vtbl=0xf3df3f10, cmdline=0xf3df4378 "df") at nsh_parse.c:2662 |apache#17 0x0805d691 in nsh_session (pstate=0xf3df3f10, login=1 '\001', argc=1, argv=0xf3de34b0) at nsh_session.c:191 |apache#18 0x0805b542 in nsh_consolemain (argc=1, argv=0xf3de34b0) at nsh_consolemain.c:115 |apache#19 0x0805346c in nsh_main (argc=1, argv=0xf3de34b0) at nsh_main.c:168 |apache#20 0x0805075a in nxtask_startup (entrypt=0x805340a <nsh_main>, argc=1, argv=0xf3de34b0) at sched/task_startup.c:165 |apache#21 0x08049713 in nxtask_start () at task/task_start.c:144 |apache#22 0x00000000 in ?? () Change-Id: Ic4c7aff0ea50388a371c525745e817a787dabcca Signed-off-by: chao.an <anchao@xiaomi.com>
zhhyu7
added a commit
to zhhyu7/incubator-nuttx
that referenced
this pull request
Oct 29, 2024
current sizeof(struct sockaddr_in) is 66
arp/arp_table.c:241:28: runtime error: member access within misaligned address 0xe5f134e6 for type 'struct sockaddr_in', which requires 4 byte alignment
0xe5f134e6: note: pointer points here
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
^
#0 0x543287c1 in arp_get_arpreq arp/arp_table.c:241
#1 0x5432a11f in arp_snapshot arp/arp_table.c:574
#2 0x5435f0be in netlink_fill_arptable netlink/netlink_route.c:547
apache#3 0x5435ffca in netlink_get_neighbor netlink/netlink_route.c:715
apache#4 0x54360116 in netlink_get_neighborlist netlink/netlink_route.c:743
apache#5 0x54363b20 in netlink_route_sendto netlink/netlink_route.c:1382
apache#6 0x542ef1b1 in netlink_sendmsg netlink/netlink_sockif.c:625
apache#7 0x542be94d in psock_sendmsg socket/sendmsg.c:96
apache#8 0x542bc94b in psock_sendto socket/sendto.c:134
apache#9 0x542bcb28 in sendto socket/sendto.c:247
apache#10 0x542bc5ea in send socket/send.c:163
apache#11 0x542aa715 in netlib_get_arptable /home/mi/gaofengzhi/code/dev1025/apps/netutils/netlib/netlib_getarptab.c:152
apache#12 0x54279109 in cmd_arp /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_netcmds.c:1197
apache#13 0x54257faf in nsh_command /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_command.c:1263
apache#14 0x54231982 in nsh_execute /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_parse.c:718
apache#15 0x5423da42 in nsh_parse_command /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_parse.c:2619
apache#16 0x5423e12a in nsh_parse /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_parse.c:2706
apache#17 0x5424088f in nsh_session /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_session.c:245
apache#18 0x5422efc9 in nsh_consolemain /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_consolemain.c:75
apache#19 0x5419e89f in nsh_main /home/mi/gaofengzhi/code/dev1025/apps/system/nsh/nsh_main.c:74
apache#20 0x54067ee1 in nxtask_startup sched/task_startup.c:70
apache#21 0x53f366c6 in nxtask_start task/task_start.c:116
apache#22 0x5409e1a4 in pre_start sim/sim_initialstate.c:52
Signed-off-by: zhanghongyu <zhanghongyu@xiaomi.com>
zhhyu7
added a commit
to zhhyu7/incubator-nuttx
that referenced
this pull request
Oct 29, 2024
current sizeof(struct sockaddr_in) is 66
arp/arp_table.c:241:28: runtime error: member access within misaligned address 0xe5f134e6 for type 'struct sockaddr_in', which requires 4 byte alignment
0xe5f134e6: note: pointer points here
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
^
#0 0x543287c1 in arp_get_arpreq arp/arp_table.c:241
#1 0x5432a11f in arp_snapshot arp/arp_table.c:574
#2 0x5435f0be in netlink_fill_arptable netlink/netlink_route.c:547
apache#3 0x5435ffca in netlink_get_neighbor netlink/netlink_route.c:715
apache#4 0x54360116 in netlink_get_neighborlist netlink/netlink_route.c:743
apache#5 0x54363b20 in netlink_route_sendto netlink/netlink_route.c:1382
apache#6 0x542ef1b1 in netlink_sendmsg netlink/netlink_sockif.c:625
apache#7 0x542be94d in psock_sendmsg socket/sendmsg.c:96
apache#8 0x542bc94b in psock_sendto socket/sendto.c:134
apache#9 0x542bcb28 in sendto socket/sendto.c:247
apache#10 0x542bc5ea in send socket/send.c:163
apache#11 0x542aa715 in netlib_get_arptable /home/mi/gaofengzhi/code/dev1025/apps/netutils/netlib/netlib_getarptab.c:152
apache#12 0x54279109 in cmd_arp /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_netcmds.c:1197
apache#13 0x54257faf in nsh_command /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_command.c:1263
apache#14 0x54231982 in nsh_execute /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_parse.c:718
apache#15 0x5423da42 in nsh_parse_command /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_parse.c:2619
apache#16 0x5423e12a in nsh_parse /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_parse.c:2706
apache#17 0x5424088f in nsh_session /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_session.c:245
apache#18 0x5422efc9 in nsh_consolemain /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_consolemain.c:75
apache#19 0x5419e89f in nsh_main /home/mi/gaofengzhi/code/dev1025/apps/system/nsh/nsh_main.c:74
apache#20 0x54067ee1 in nxtask_startup sched/task_startup.c:70
apache#21 0x53f366c6 in nxtask_start task/task_start.c:116
apache#22 0x5409e1a4 in pre_start sim/sim_initialstate.c:52
Signed-off-by: zhanghongyu <zhanghongyu@xiaomi.com>
xiaoxiang781216
pushed a commit
that referenced
this pull request
Oct 29, 2024
current sizeof(struct sockaddr_in) is 66
arp/arp_table.c:241:28: runtime error: member access within misaligned address 0xe5f134e6 for type 'struct sockaddr_in', which requires 4 byte alignment
0xe5f134e6: note: pointer points here
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
^
#0 0x543287c1 in arp_get_arpreq arp/arp_table.c:241
#1 0x5432a11f in arp_snapshot arp/arp_table.c:574
#2 0x5435f0be in netlink_fill_arptable netlink/netlink_route.c:547
#3 0x5435ffca in netlink_get_neighbor netlink/netlink_route.c:715
#4 0x54360116 in netlink_get_neighborlist netlink/netlink_route.c:743
#5 0x54363b20 in netlink_route_sendto netlink/netlink_route.c:1382
#6 0x542ef1b1 in netlink_sendmsg netlink/netlink_sockif.c:625
#7 0x542be94d in psock_sendmsg socket/sendmsg.c:96
#8 0x542bc94b in psock_sendto socket/sendto.c:134
#9 0x542bcb28 in sendto socket/sendto.c:247
#10 0x542bc5ea in send socket/send.c:163
#11 0x542aa715 in netlib_get_arptable /home/mi/gaofengzhi/code/dev1025/apps/netutils/netlib/netlib_getarptab.c:152
#12 0x54279109 in cmd_arp /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_netcmds.c:1197
#13 0x54257faf in nsh_command /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_command.c:1263
#14 0x54231982 in nsh_execute /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_parse.c:718
#15 0x5423da42 in nsh_parse_command /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_parse.c:2619
#16 0x5423e12a in nsh_parse /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_parse.c:2706
#17 0x5424088f in nsh_session /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_session.c:245
#18 0x5422efc9 in nsh_consolemain /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_consolemain.c:75
#19 0x5419e89f in nsh_main /home/mi/gaofengzhi/code/dev1025/apps/system/nsh/nsh_main.c:74
#20 0x54067ee1 in nxtask_startup sched/task_startup.c:70
#21 0x53f366c6 in nxtask_start task/task_start.c:116
#22 0x5409e1a4 in pre_start sim/sim_initialstate.c:52
Signed-off-by: zhanghongyu <zhanghongyu@xiaomi.com>
JaeheeKwon
pushed a commit
to JaeheeKwon/nuttx
that referenced
this pull request
Nov 28, 2024
current sizeof(struct sockaddr_in) is 66
arp/arp_table.c:241:28: runtime error: member access within misaligned address 0xe5f134e6 for type 'struct sockaddr_in', which requires 4 byte alignment
0xe5f134e6: note: pointer points here
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
^
#0 0x543287c1 in arp_get_arpreq arp/arp_table.c:241
apache#1 0x5432a11f in arp_snapshot arp/arp_table.c:574
apache#2 0x5435f0be in netlink_fill_arptable netlink/netlink_route.c:547
apache#3 0x5435ffca in netlink_get_neighbor netlink/netlink_route.c:715
apache#4 0x54360116 in netlink_get_neighborlist netlink/netlink_route.c:743
apache#5 0x54363b20 in netlink_route_sendto netlink/netlink_route.c:1382
apache#6 0x542ef1b1 in netlink_sendmsg netlink/netlink_sockif.c:625
apache#7 0x542be94d in psock_sendmsg socket/sendmsg.c:96
apache#8 0x542bc94b in psock_sendto socket/sendto.c:134
apache#9 0x542bcb28 in sendto socket/sendto.c:247
apache#10 0x542bc5ea in send socket/send.c:163
apache#11 0x542aa715 in netlib_get_arptable /home/mi/gaofengzhi/code/dev1025/apps/netutils/netlib/netlib_getarptab.c:152
apache#12 0x54279109 in cmd_arp /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_netcmds.c:1197
apache#13 0x54257faf in nsh_command /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_command.c:1263
apache#14 0x54231982 in nsh_execute /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_parse.c:718
apache#15 0x5423da42 in nsh_parse_command /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_parse.c:2619
apache#16 0x5423e12a in nsh_parse /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_parse.c:2706
apache#17 0x5424088f in nsh_session /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_session.c:245
apache#18 0x5422efc9 in nsh_consolemain /home/mi/gaofengzhi/code/dev1025/apps/nshlib/nsh_consolemain.c:75
apache#19 0x5419e89f in nsh_main /home/mi/gaofengzhi/code/dev1025/apps/system/nsh/nsh_main.c:74
apache#20 0x54067ee1 in nxtask_startup sched/task_startup.c:70
apache#21 0x53f366c6 in nxtask_start task/task_start.c:116
apache#22 0x5409e1a4 in pre_start sim/sim_initialstate.c:52
Signed-off-by: zhanghongyu <zhanghongyu@xiaomi.com>
XuNeo
added a commit
to XuNeo/incubator-nuttx
that referenced
this pull request
Feb 12, 2025
The memory should be unpoisoned for usage and poison after no use. Test: cmake -Bbuild -GNinja -DBOARD_CONFIG=mps3-an547:nsh ninja -C build qemu-system-arm -M mps3-an547 -m 2G -nographic -kernel build/nuttx Before the fix: apache#6 0x0000b95e in _assert (filename=0x47d3c "/arch/arm/src/armv8-m/arm_busfault.c", linenum=115, msg=0x47d34 "panic", regs=0x1006b14) at /home/neo/projects/nuttx/nuttx/sched/misc/assert.c:910 apache#7 0x00001000 in arm_busfault (irq=3, context=0x1006b14, arg=0x0 <up_ndelay>) at /home/neo/projects/nuttx/nuttx/arch/arm/src/armv8-m/arm_busfault.c:115 apache#8 0x0000167a in arm_hardfault (irq=3, context=0x1006b14, arg=0x0 <up_ndelay>) at /home/neo/projects/nuttx/nuttx/arch/arm/src/armv8-m/arm_hardfault.c:97 apache#9 0x0000af74 in irq_dispatch (irq=3, context=0x1006b14) at /home/neo/projects/nuttx/nuttx/sched/irq/irq_dispatch.c:144 apache#10 0x000004b2 in arm_doirq (irq=3, regs=0x1006b14) at /home/neo/projects/nuttx/nuttx/arch/arm/src/armv8-m/arm_doirq.c:111 apache#11 0x000003a6 in exception_common () at /home/neo/projects/nuttx/nuttx/arch/arm/src/armv8-m/arm_exception.S:218 apache#12 0x00009568 in kasan_show_memory (addr=0x60000000 "", size=1, dumpsize=80) at /home/neo/projects/nuttx/nuttx/mm/kasan/hook.c:161 apache#13 0x0000961e in kasan_report (addr=0x60000000, size=1, is_write=false, return_address=0x40d1d <memcmp+28>) at /home/neo/projects/nuttx/nuttx/mm/kasan/hook.c:180 apache#14 0x00009818 in kasan_check_report (addr=0x60000000, size=1, is_write=false, return_address=0x40d1d <memcmp+28>) at /home/neo/projects/nuttx/nuttx/mm/kasan/hook.c:246 apache#15 0x000098a2 in __asan_load1_noabort (addr=0x60000000) at /home/neo/projects/nuttx/nuttx/mm/kasan/hook.c:403 apache#16 0x00040d1c in memcmp (s1=0x60000000, s2=0x53204, n=7) at /home/neo/projects/nuttx/nuttx/libs/libc/string/lib_memcmp.c:47 apache#17 0x0003862a in romfs_fsconfigure (rm=0x1007038, data=0x0 <__asan_store16>) at /home/neo/projects/nuttx/nuttx/fs/romfs/fs_romfsutil.c:976 apache#18 0x000378c0 in romfs_bind (blkdriver=0x1007008, data=0x0 <__asan_store16>, handle=0x1006e58) at /home/neo/projects/nuttx/nuttx/fs/romfs/fs_romfs.c:1192 apache#19 0x00032388 in nx_mount (source=0x53da4 "/dev/ram1", target=0x53d9c "/pic", filesystemtype=0x53d94 "romfs", mountflags=1, data=0x0 <__asan_store16>) at /home/neo/projects/nuttx/nuttx/fs/mount/fs_mount.c:432 apache#20 0x00046b1a in mps3_bringup () at /home/neo/projects/nuttx/nuttx/boards/arm/mps/mps3-an547/src/mps3_bringup.c:90 apache#21 0x00046b6e in board_app_initialize (arg=0) at /home/neo/projects/nuttx/nuttx/boards/arm/mps/mps3-an547/src/mps3_bringup.c:236 apache#22 0x00046a00 in boardctl (cmd=65281, arg=0) at /home/neo/projects/nuttx/nuttx/boards/boardctl.c:370 apache#23 0x0001d0d8 in nsh_initialize () at /home/neo/projects/nuttx/apps/nshlib/nsh_init.c:149 apache#24 0x00016e3e in nsh_main (argc=1, argv=0x1005f48) at /home/neo/projects/nuttx/apps/system/nsh/nsh_main.c:71 apache#25 0x0001a6fc in nxtask_startup (entrypt=0x16e11 <nsh_main>, argc=1, argv=0x1005f48) at /home/neo/projects/nuttx/nuttx/libs/libc/sched/task_startup.c:72 apache#26 0x000137de in nxtask_start () at /home/neo/projects/nuttx/nuttx/sched/task/task_start.c:116 apache#27 0x00000000 in ?? () kasan_report: kasan detected a read access error, address at 0x60000000,size is 1, return address: 0x40d1d kasan_show_memory: Shadow bytes around the buggy address: arm_hardfault: Hard Fault escalation: arm_busfault: PANIC!!! Bus Fault: arm_busfault: IRQ: 3 regs: 0x1006b14 arm_busfault: BASEPRI: 00000080 PRIMASK: 00000000 IPSR: 00000003 CONTROL: 00000000 arm_busfault: CFSR: 00008200 HFSR: 40000000 DFSR: 00000000 BFAR: 5fffffb0 AFSR: 00000000 arm_busfault: Bus Fault Reason: arm_busfault: Precise data bus error dump_assert_info: Current Version: NuttX 12.8.0 381d3fe Feb 12 2025 09:16:55 arm dump_assert_info: Assertion failed panic: at file: /arch/arm/src/armv8-m/arm_busfault.c:115 task: nsh_main process: nsh_main 0x16e11 After: No crash. Change-Id: I743783025aa2e8b77a8439d0e8601ab24bc3e109 Signed-off-by: xuxingliang <xuxingliang@xiaomi.com>
XuNeo
added a commit
to XuNeo/incubator-nuttx
that referenced
this pull request
Feb 12, 2025
The memory should be unpoisoned for usage and poison after no use. Test: cmake -Bbuild -GNinja -DBOARD_CONFIG=mps3-an547:nsh ninja -C build qemu-system-arm -M mps3-an547 -m 2G -nographic -kernel build/nuttx Before the fix: apache#6 0x0000b95e in _assert (filename=0x47d3c "/arch/arm/src/armv8-m/arm_busfault.c", linenum=115, msg=0x47d34 "panic", regs=0x1006b14) at /home/neo/projects/nuttx/nuttx/sched/misc/assert.c:910 apache#7 0x00001000 in arm_busfault (irq=3, context=0x1006b14, arg=0x0 <up_ndelay>) at /home/neo/projects/nuttx/nuttx/arch/arm/src/armv8-m/arm_busfault.c:115 apache#8 0x0000167a in arm_hardfault (irq=3, context=0x1006b14, arg=0x0 <up_ndelay>) at /home/neo/projects/nuttx/nuttx/arch/arm/src/armv8-m/arm_hardfault.c:97 apache#9 0x0000af74 in irq_dispatch (irq=3, context=0x1006b14) at /home/neo/projects/nuttx/nuttx/sched/irq/irq_dispatch.c:144 apache#10 0x000004b2 in arm_doirq (irq=3, regs=0x1006b14) at /home/neo/projects/nuttx/nuttx/arch/arm/src/armv8-m/arm_doirq.c:111 apache#11 0x000003a6 in exception_common () at /home/neo/projects/nuttx/nuttx/arch/arm/src/armv8-m/arm_exception.S:218 apache#12 0x00009568 in kasan_show_memory (addr=0x60000000 "", size=1, dumpsize=80) at /home/neo/projects/nuttx/nuttx/mm/kasan/hook.c:161 apache#13 0x0000961e in kasan_report (addr=0x60000000, size=1, is_write=false, return_address=0x40d1d <memcmp+28>) at /home/neo/projects/nuttx/nuttx/mm/kasan/hook.c:180 apache#14 0x00009818 in kasan_check_report (addr=0x60000000, size=1, is_write=false, return_address=0x40d1d <memcmp+28>) at /home/neo/projects/nuttx/nuttx/mm/kasan/hook.c:246 apache#15 0x000098a2 in __asan_load1_noabort (addr=0x60000000) at /home/neo/projects/nuttx/nuttx/mm/kasan/hook.c:403 apache#16 0x00040d1c in memcmp (s1=0x60000000, s2=0x53204, n=7) at /home/neo/projects/nuttx/nuttx/libs/libc/string/lib_memcmp.c:47 apache#17 0x0003862a in romfs_fsconfigure (rm=0x1007038, data=0x0 <__asan_store16>) at /home/neo/projects/nuttx/nuttx/fs/romfs/fs_romfsutil.c:976 apache#18 0x000378c0 in romfs_bind (blkdriver=0x1007008, data=0x0 <__asan_store16>, handle=0x1006e58) at /home/neo/projects/nuttx/nuttx/fs/romfs/fs_romfs.c:1192 apache#19 0x00032388 in nx_mount (source=0x53da4 "/dev/ram1", target=0x53d9c "/pic", filesystemtype=0x53d94 "romfs", mountflags=1, data=0x0 <__asan_store16>) at /home/neo/projects/nuttx/nuttx/fs/mount/fs_mount.c:432 apache#20 0x00046b1a in mps3_bringup () at /home/neo/projects/nuttx/nuttx/boards/arm/mps/mps3-an547/src/mps3_bringup.c:90 apache#21 0x00046b6e in board_app_initialize (arg=0) at /home/neo/projects/nuttx/nuttx/boards/arm/mps/mps3-an547/src/mps3_bringup.c:236 apache#22 0x00046a00 in boardctl (cmd=65281, arg=0) at /home/neo/projects/nuttx/nuttx/boards/boardctl.c:370 apache#23 0x0001d0d8 in nsh_initialize () at /home/neo/projects/nuttx/apps/nshlib/nsh_init.c:149 apache#24 0x00016e3e in nsh_main (argc=1, argv=0x1005f48) at /home/neo/projects/nuttx/apps/system/nsh/nsh_main.c:71 apache#25 0x0001a6fc in nxtask_startup (entrypt=0x16e11 <nsh_main>, argc=1, argv=0x1005f48) at /home/neo/projects/nuttx/nuttx/libs/libc/sched/task_startup.c:72 apache#26 0x000137de in nxtask_start () at /home/neo/projects/nuttx/nuttx/sched/task/task_start.c:116 apache#27 0x00000000 in ?? () kasan_report: kasan detected a read access error, address at 0x60000000,size is 1, return address: 0x40d1d kasan_show_memory: Shadow bytes around the buggy address: arm_hardfault: Hard Fault escalation: arm_busfault: PANIC!!! Bus Fault: arm_busfault: IRQ: 3 regs: 0x1006b14 arm_busfault: BASEPRI: 00000080 PRIMASK: 00000000 IPSR: 00000003 CONTROL: 00000000 arm_busfault: CFSR: 00008200 HFSR: 40000000 DFSR: 00000000 BFAR: 5fffffb0 AFSR: 00000000 arm_busfault: Bus Fault Reason: arm_busfault: Precise data bus error dump_assert_info: Current Version: NuttX 12.8.0 381d3fe Feb 12 2025 09:16:55 arm dump_assert_info: Assertion failed panic: at file: /arch/arm/src/armv8-m/arm_busfault.c:115 task: nsh_main process: nsh_main 0x16e11 After: No crash. Change-Id: I743783025aa2e8b77a8439d0e8601ab24bc3e109 Signed-off-by: xuxingliang <xuxingliang@xiaomi.com>
XuNeo
added a commit
to XuNeo/incubator-nuttx
that referenced
this pull request
Feb 12, 2025
The memory should be unpoisoned for usage and poison after no use. Test: cmake -Bbuild -GNinja -DBOARD_CONFIG=mps3-an547:nsh ninja -C build qemu-system-arm -M mps3-an547 -m 2G -nographic -kernel build/nuttx Before the fix: apache#6 0x0000b95e in _assert (filename=0x47d3c "/arch/arm/src/armv8-m/arm_busfault.c", linenum=115, msg=0x47d34 "panic", regs=0x1006b14) at /home/neo/projects/nuttx/nuttx/sched/misc/assert.c:910 apache#7 0x00001000 in arm_busfault (irq=3, context=0x1006b14, arg=0x0 <up_ndelay>) at /home/neo/projects/nuttx/nuttx/arch/arm/src/armv8-m/arm_busfault.c:115 apache#8 0x0000167a in arm_hardfault (irq=3, context=0x1006b14, arg=0x0 <up_ndelay>) at /home/neo/projects/nuttx/nuttx/arch/arm/src/armv8-m/arm_hardfault.c:97 apache#9 0x0000af74 in irq_dispatch (irq=3, context=0x1006b14) at /home/neo/projects/nuttx/nuttx/sched/irq/irq_dispatch.c:144 apache#10 0x000004b2 in arm_doirq (irq=3, regs=0x1006b14) at /home/neo/projects/nuttx/nuttx/arch/arm/src/armv8-m/arm_doirq.c:111 apache#11 0x000003a6 in exception_common () at /home/neo/projects/nuttx/nuttx/arch/arm/src/armv8-m/arm_exception.S:218 apache#12 0x00009568 in kasan_show_memory (addr=0x60000000 "", size=1, dumpsize=80) at /home/neo/projects/nuttx/nuttx/mm/kasan/hook.c:161 apache#13 0x0000961e in kasan_report (addr=0x60000000, size=1, is_write=false, return_address=0x40d1d <memcmp+28>) at /home/neo/projects/nuttx/nuttx/mm/kasan/hook.c:180 apache#14 0x00009818 in kasan_check_report (addr=0x60000000, size=1, is_write=false, return_address=0x40d1d <memcmp+28>) at /home/neo/projects/nuttx/nuttx/mm/kasan/hook.c:246 apache#15 0x000098a2 in __asan_load1_noabort (addr=0x60000000) at /home/neo/projects/nuttx/nuttx/mm/kasan/hook.c:403 apache#16 0x00040d1c in memcmp (s1=0x60000000, s2=0x53204, n=7) at /home/neo/projects/nuttx/nuttx/libs/libc/string/lib_memcmp.c:47 apache#17 0x0003862a in romfs_fsconfigure (rm=0x1007038, data=0x0 <__asan_store16>) at /home/neo/projects/nuttx/nuttx/fs/romfs/fs_romfsutil.c:976 apache#18 0x000378c0 in romfs_bind (blkdriver=0x1007008, data=0x0 <__asan_store16>, handle=0x1006e58) at /home/neo/projects/nuttx/nuttx/fs/romfs/fs_romfs.c:1192 apache#19 0x00032388 in nx_mount (source=0x53da4 "/dev/ram1", target=0x53d9c "/pic", filesystemtype=0x53d94 "romfs", mountflags=1, data=0x0 <__asan_store16>) at /home/neo/projects/nuttx/nuttx/fs/mount/fs_mount.c:432 apache#20 0x00046b1a in mps3_bringup () at /home/neo/projects/nuttx/nuttx/boards/arm/mps/mps3-an547/src/mps3_bringup.c:90 apache#21 0x00046b6e in board_app_initialize (arg=0) at /home/neo/projects/nuttx/nuttx/boards/arm/mps/mps3-an547/src/mps3_bringup.c:236 apache#22 0x00046a00 in boardctl (cmd=65281, arg=0) at /home/neo/projects/nuttx/nuttx/boards/boardctl.c:370 apache#23 0x0001d0d8 in nsh_initialize () at /home/neo/projects/nuttx/apps/nshlib/nsh_init.c:149 apache#24 0x00016e3e in nsh_main (argc=1, argv=0x1005f48) at /home/neo/projects/nuttx/apps/system/nsh/nsh_main.c:71 apache#25 0x0001a6fc in nxtask_startup (entrypt=0x16e11 <nsh_main>, argc=1, argv=0x1005f48) at /home/neo/projects/nuttx/nuttx/libs/libc/sched/task_startup.c:72 apache#26 0x000137de in nxtask_start () at /home/neo/projects/nuttx/nuttx/sched/task/task_start.c:116 apache#27 0x00000000 in ?? () kasan_report: kasan detected a read access error, address at 0x60000000,size is 1, return address: 0x40d1d kasan_show_memory: Shadow bytes around the buggy address: arm_hardfault: Hard Fault escalation: arm_busfault: PANIC!!! Bus Fault: arm_busfault: IRQ: 3 regs: 0x1006b14 arm_busfault: BASEPRI: 00000080 PRIMASK: 00000000 IPSR: 00000003 CONTROL: 00000000 arm_busfault: CFSR: 00008200 HFSR: 40000000 DFSR: 00000000 BFAR: 5fffffb0 AFSR: 00000000 arm_busfault: Bus Fault Reason: arm_busfault: Precise data bus error dump_assert_info: Current Version: NuttX 12.8.0 381d3fe Feb 12 2025 09:16:55 arm dump_assert_info: Assertion failed panic: at file: /arch/arm/src/armv8-m/arm_busfault.c:115 task: nsh_main process: nsh_main 0x16e11 After: No crash. Signed-off-by: xuxingliang <xuxingliang@xiaomi.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The STM32H7 chip's FMC is different from F7 or F4. H7 doesn't have BUSY register, instead, H7 requires set FMCEN on FMC_BCR1 after configured FMC registers.