sama3 sam_serial.c USART selection fixes #13

adamfeuer · 2019-12-28T00:48:15Z

Summary

Fixes bugs in USART console selection
Fixes a few typos in the SAMA5D27 README file

Impact

SAMA5 USART console selection should work correctly now

Limitations / TODO

Note! activating UART2 as a console on the SAMA5D27 causes compilation errors because interrupts aren't working right on that chip.
SAMA5D27 console input still not working due to incomplete port – hopefully more changes will come in a future PR

Detail

Looks like these were typos when the port was created

Testing

Manual – compile for a SAMA5D27-XULT board. With UART2 enabled, NuttX doesn't compile.

- so nuttx will get further in the compile

adamfeuer · 2019-12-28T02:38:24Z

@patacongo I moved the pin disambiguation to board.h, thanks for pointing this out.

Anything else to improve or correct?

adamfeuer · 2019-12-31T05:21:24Z

@patacongo Is there anything else fix in this PR before it can be merged?

ASAN trace: ... ==32087==ERROR: AddressSanitizer: heap-buffer-overflow on address 0xf4502120 at pc 0x56673ca3 bp 0xff9b6a08 sp 0xff9b69f8 WRITE of size 1 at 0xf4502120 thread T0 #0 0x56673ca2 in strcpy string/lib_strcpy.c:64 0xf4502120 is located 0 bytes to the right of 8224-byte region [0xf4500100,0xf4502120) allocated by thread T0 here: #0 0xf7a60f54 in malloc (/usr/lib32/libasan.so.4+0xe5f54) #1 0x5667725d in up_create_stack sim/up_createstack.c:135 #2 0x56657ed8 in nxthread_create task/task_create.c:125 #3 0x566580bb in kthread_create task/task_create.c:297 #4 0x5665935f in work_start_highpri wqueue/kwork_hpthread.c:149 #5 0x56656f31 in nx_workqueues init/nx_bringup.c:181 #6 0x56656fc6 in nx_bringup init/nx_bringup.c:436 apache#7 0x56656e95 in nx_start init/nx_start.c:809 apache#8 0x566548d4 in main sim/up_head.c:95 apache#9 0xf763ae80 in __libc_start_main (/lib/i386-linux-gnu/libc.so.6+0x18e80) CALLSTACK: apache#8 0xf79de7a5 in __asan_report_store1 () from /usr/lib32/libasan.so.4 apache#9 0x565fd4d7 in strcpy (dest=0xf4a02121 "", src=0xf5c00895 "k") at string/lib_strcpy.c:64 apache#10 0x565e4eb2 in nxtask_setup_stackargs (tcb=0xf5c00810, argv=0x0) at task/task_setup.c:570 apache#11 0x565e50ff in nxtask_setup_arguments (tcb=0xf5c00810, name=0x5679e580 "hpwork", argv=0x0) at task/task_setup.c:714 apache#12 0x565e414e in nxthread_create (name=0x5679e580 "hpwork", ttype=2 '\002', priority=224, stack=0x0, stack_size=8192, entry=0x565e54e1 <work_hpthread>, argv=0x0) at task/task_create.c:143 apache#13 0x565e42e3 in kthread_create (name=0x5679e580 "hpwork", priority=224, stack_size=8192, entry=0x565e54e1 <work_hpthread>, argv=0x0) at task/task_create.c:297 apache#14 0x565e5557 in work_start_highpri () at wqueue/kwork_hpthread.c:149 apache#15 0x565e3e32 in nx_workqueues () at init/nx_bringup.c:181 apache#16 0x565e3ec7 in nx_bringup () at init/nx_bringup.c:436 apache#17 0x565e3d96 in nx_start () at init/nx_start.c:809 apache#18 0x565e3195 in main (argc=1, argv=0xffe6b954, envp=0xffe6b95c) at sim/up_head.c:95 Change-Id: I096f7952aae67d055daa737e967242eb217ef8ac Signed-off-by: chao.an <anchao@xiaomi.com>

ASAN trace: ... ==32087==ERROR: AddressSanitizer: heap-buffer-overflow on address 0xf4502120 at pc 0x56673ca3 bp 0xff9b6a08 sp 0xff9b69f8 WRITE of size 1 at 0xf4502120 thread T0 #0 0x56673ca2 in strcpy string/lib_strcpy.c:64 0xf4502120 is located 0 bytes to the right of 8224-byte region [0xf4500100,0xf4502120) allocated by thread T0 here: #0 0xf7a60f54 in malloc (/usr/lib32/libasan.so.4+0xe5f54) #1 0x5667725d in up_create_stack sim/up_createstack.c:135 #2 0x56657ed8 in nxthread_create task/task_create.c:125 #3 0x566580bb in kthread_create task/task_create.c:297 #4 0x5665935f in work_start_highpri wqueue/kwork_hpthread.c:149 #5 0x56656f31 in nx_workqueues init/nx_bringup.c:181 #6 0x56656fc6 in nx_bringup init/nx_bringup.c:436 #7 0x56656e95 in nx_start init/nx_start.c:809 #8 0x566548d4 in main sim/up_head.c:95 #9 0xf763ae80 in __libc_start_main (/lib/i386-linux-gnu/libc.so.6+0x18e80) CALLSTACK: #8 0xf79de7a5 in __asan_report_store1 () from /usr/lib32/libasan.so.4 #9 0x565fd4d7 in strcpy (dest=0xf4a02121 "", src=0xf5c00895 "k") at string/lib_strcpy.c:64 #10 0x565e4eb2 in nxtask_setup_stackargs (tcb=0xf5c00810, argv=0x0) at task/task_setup.c:570 #11 0x565e50ff in nxtask_setup_arguments (tcb=0xf5c00810, name=0x5679e580 "hpwork", argv=0x0) at task/task_setup.c:714 #12 0x565e414e in nxthread_create (name=0x5679e580 "hpwork", ttype=2 '\002', priority=224, stack=0x0, stack_size=8192, entry=0x565e54e1 <work_hpthread>, argv=0x0) at task/task_create.c:143 #13 0x565e42e3 in kthread_create (name=0x5679e580 "hpwork", priority=224, stack_size=8192, entry=0x565e54e1 <work_hpthread>, argv=0x0) at task/task_create.c:297 #14 0x565e5557 in work_start_highpri () at wqueue/kwork_hpthread.c:149 #15 0x565e3e32 in nx_workqueues () at init/nx_bringup.c:181 #16 0x565e3ec7 in nx_bringup () at init/nx_bringup.c:436 #17 0x565e3d96 in nx_start () at init/nx_start.c:809 #18 0x565e3195 in main (argc=1, argv=0xffe6b954, envp=0xffe6b95c) at sim/up_head.c:95 Change-Id: I096f7952aae67d055daa737e967242eb217ef8ac Signed-off-by: chao.an <anchao@xiaomi.com>

Deadlock during recursive access if unionfs overlays procfs, check the critical segment only and remove the useless protection part. |#0 unionfs_statfs (mountpt=0xf3df4540, buf=0xf3de2f0c) at unionfs/fs_unionfs.c:2136 ... |#6 0x08069429 in procfs_read (filep=0xf3df4574, buffer=0xf3df4610 "...", buflen=1024) at procfs/fs_procfs.c:412 |apache#7 0x0806c339 in unionfs_read (filep=0xf3de219c, buffer=0xf3df4610 "...", buflen=1024) at unionfs/fs_unionfs.c:1026 original call stack: (gdb) bt |#0 unionfs_statfs (mountpt=0xf3df4540, buf=0xf3de2f0c) at unionfs/fs_unionfs.c:2136 |#1 0x08071629 in mountpoint_filter (node=0xf3df4540, dirpath=0xf3df4a28 "/proc", arg=0xf3de2fc4) at mount/fs_foreachmountpoint.c:119 |#2 0x0807171b in foreach_inodelevel (node=0xf3df4540, info=0xf3df4a20) at inode/fs_foreachinode.c:90 |#3 0x08071898 in foreach_inode (handler=0x8071530 <mountpoint_filter>, arg=0xf3de2fc4) at inode/fs_foreachinode.c:193 |#4 0x080716c1 in foreach_mountpoint (handler=0x8070e2f <blocks_entry>, arg=0xf3de300c) at mount/fs_foreachmountpoint.c:169 |#5 0x08071399 in mount_read (filep=0xf3df4574, buffer=0xf3df4610 "...", buflen=1024) at mount/fs_procfs_mount.c:537 |#6 0x08069429 in procfs_read (filep=0xf3df4574, buffer=0xf3df4610 "...", buflen=1024) at procfs/fs_procfs.c:412 |apache#7 0x0806c339 in unionfs_read (filep=0xf3de219c, buffer=0xf3df4610 "...", buflen=1024) at unionfs/fs_unionfs.c:1026 |apache#8 0x080657a2 in file_read (filep=0xf3de219c, buf=0xf3df4610, nbytes=1024) at vfs/fs_read.c:110 |apache#9 0x0806581a in nx_read (fd=3, buf=0xf3df4610, nbytes=1024) at vfs/fs_read.c:175 |apache#10 0x08065847 in read (fd=3, buf=0xf3df4610, nbytes=1024) at vfs/fs_read.c:206 |apache#11 0x0805a242 in nsh_catfile (vtbl=0xf3df3f10, cmd=0xf3df4378 "df", filepath=0x808d5ed "/proc/fs/blocks") at nsh_fsutils.c:116 |apache#12 0x0805b1de in cmd_df (vtbl=0xf3df3f10, argc=1, argv=0xf3de32c0) at nsh_mntcmds.c:73 |apache#13 0x08056370 in nsh_command (vtbl=0xf3df3f10, argc=1, argv=0xf3de32c0) at nsh_command.c:1061 |apache#14 0x08053b16 in nsh_execute (vtbl=0xf3df3f10, argc=1, argv=0xf3de32c0, redirfile=0x0, oflags=0) at nsh_parse.c:741 |apache#15 0x08055998 in nsh_parse_command (vtbl=0xf3df3f10, cmdline=0xf3df4378 "df") at nsh_parse.c:2578 |apache#16 0x08055a7b in nsh_parse (vtbl=0xf3df3f10, cmdline=0xf3df4378 "df") at nsh_parse.c:2662 |apache#17 0x0805d691 in nsh_session (pstate=0xf3df3f10, login=1 '\001', argc=1, argv=0xf3de34b0) at nsh_session.c:191 |apache#18 0x0805b542 in nsh_consolemain (argc=1, argv=0xf3de34b0) at nsh_consolemain.c:115 |apache#19 0x0805346c in nsh_main (argc=1, argv=0xf3de34b0) at nsh_main.c:168 |apache#20 0x0805075a in nxtask_startup (entrypt=0x805340a <nsh_main>, argc=1, argv=0xf3de34b0) at sched/task_startup.c:165 |apache#21 0x08049713 in nxtask_start () at task/task_start.c:144 |apache#22 0x00000000 in ?? () Change-Id: Ic4c7aff0ea50388a371c525745e817a787dabcca Signed-off-by: chao.an <anchao@xiaomi.com>

Deadlock during recursive access if unionfs overlays procfs, check the critical segment only and remove the useless protection part. |#0 unionfs_statfs (mountpt=0xf3df4540, buf=0xf3de2f0c) at unionfs/fs_unionfs.c:2136 ... |#6 0x08069429 in procfs_read (filep=0xf3df4574, buffer=0xf3df4610 "...", buflen=1024) at procfs/fs_procfs.c:412 |#7 0x0806c339 in unionfs_read (filep=0xf3de219c, buffer=0xf3df4610 "...", buflen=1024) at unionfs/fs_unionfs.c:1026 original call stack: (gdb) bt |#0 unionfs_statfs (mountpt=0xf3df4540, buf=0xf3de2f0c) at unionfs/fs_unionfs.c:2136 |#1 0x08071629 in mountpoint_filter (node=0xf3df4540, dirpath=0xf3df4a28 "/proc", arg=0xf3de2fc4) at mount/fs_foreachmountpoint.c:119 |#2 0x0807171b in foreach_inodelevel (node=0xf3df4540, info=0xf3df4a20) at inode/fs_foreachinode.c:90 |#3 0x08071898 in foreach_inode (handler=0x8071530 <mountpoint_filter>, arg=0xf3de2fc4) at inode/fs_foreachinode.c:193 |#4 0x080716c1 in foreach_mountpoint (handler=0x8070e2f <blocks_entry>, arg=0xf3de300c) at mount/fs_foreachmountpoint.c:169 |#5 0x08071399 in mount_read (filep=0xf3df4574, buffer=0xf3df4610 "...", buflen=1024) at mount/fs_procfs_mount.c:537 |#6 0x08069429 in procfs_read (filep=0xf3df4574, buffer=0xf3df4610 "...", buflen=1024) at procfs/fs_procfs.c:412 |#7 0x0806c339 in unionfs_read (filep=0xf3de219c, buffer=0xf3df4610 "...", buflen=1024) at unionfs/fs_unionfs.c:1026 |#8 0x080657a2 in file_read (filep=0xf3de219c, buf=0xf3df4610, nbytes=1024) at vfs/fs_read.c:110 |#9 0x0806581a in nx_read (fd=3, buf=0xf3df4610, nbytes=1024) at vfs/fs_read.c:175 |#10 0x08065847 in read (fd=3, buf=0xf3df4610, nbytes=1024) at vfs/fs_read.c:206 |#11 0x0805a242 in nsh_catfile (vtbl=0xf3df3f10, cmd=0xf3df4378 "df", filepath=0x808d5ed "/proc/fs/blocks") at nsh_fsutils.c:116 |#12 0x0805b1de in cmd_df (vtbl=0xf3df3f10, argc=1, argv=0xf3de32c0) at nsh_mntcmds.c:73 |#13 0x08056370 in nsh_command (vtbl=0xf3df3f10, argc=1, argv=0xf3de32c0) at nsh_command.c:1061 |#14 0x08053b16 in nsh_execute (vtbl=0xf3df3f10, argc=1, argv=0xf3de32c0, redirfile=0x0, oflags=0) at nsh_parse.c:741 |#15 0x08055998 in nsh_parse_command (vtbl=0xf3df3f10, cmdline=0xf3df4378 "df") at nsh_parse.c:2578 |#16 0x08055a7b in nsh_parse (vtbl=0xf3df3f10, cmdline=0xf3df4378 "df") at nsh_parse.c:2662 |#17 0x0805d691 in nsh_session (pstate=0xf3df3f10, login=1 '\001', argc=1, argv=0xf3de34b0) at nsh_session.c:191 |#18 0x0805b542 in nsh_consolemain (argc=1, argv=0xf3de34b0) at nsh_consolemain.c:115 |#19 0x0805346c in nsh_main (argc=1, argv=0xf3de34b0) at nsh_main.c:168 |#20 0x0805075a in nxtask_startup (entrypt=0x805340a <nsh_main>, argc=1, argv=0xf3de34b0) at sched/task_startup.c:165 |#21 0x08049713 in nxtask_start () at task/task_start.c:144 |#22 0x00000000 in ?? () Change-Id: Ic4c7aff0ea50388a371c525745e817a787dabcca Signed-off-by: chao.an <anchao@xiaomi.com>

VELAPLATFO-1942 -apache#9 0xf7abf899 in __asan::__asan_report_load2 (addr=4072681776) at ../../../../../src/libsanitizer/asan/asan_rtl.cc:117 -apache#10 0x5693f718 in inode_release (node=0xf2c03124) at inode/fs_inoderelease.c:69 -apache#11 0x568ea61b in file_close (filep=0xf55fedd0) at vfs/fs_close.c:79 -apache#12 0x568e7e56 in nx_close (fd=3) at inode/fs_files.c:528 -apache#13 0x568e7f0e in close (fd=3) at inode/fs_files.c:562 -apache#14 0x56e76c39 in epoll_close (epfd=3) at vfs/fs_epoll.c:252 -apache#15 0x56c33829 in sensor_service_delete (ctrl=0x578b8540 <control>) at src/common.c:439 -apache#16 0x56a0561e in sensor_middle_service_main (argc=1, argv=0xf55de820) at sensor_main.c:118 -apache#17 0x56878675 in nxtask_startup (entrypt=0x56a054cc <sensor_middle_service_main>, argc=1, argv=0xf55de820) at sched/task_startup.c:70 -apache#18 0x5684427a in nxtask_start () at task/task_start.c:133 -apache#19 0xdeadbeef in ?? () reason: epoll_close -> close -> epoll_do_close (free inode) -> inode_release (reuse inode, crash) fix: use the global inode to match the fd which will return to user. like the g_sock_inode in fs/socket/socket.c Change-Id: I0096ac691ce9cf4169d1fb8bfa6d27a8c1ee7d52 Signed-off-by: ligd <liguiding1@xiaomi.com>

-apache#9 0xf7abf899 in __asan::__asan_report_load2 (addr=4072681776) at ../../../../../src/libsanitizer/asan/asan_rtl.cc:117 -apache#10 0x5693f718 in inode_release (node=0xf2c03124) at inode/fs_inoderelease.c:69 -apache#11 0x568ea61b in file_close (filep=0xf55fedd0) at vfs/fs_close.c:79 -apache#12 0x568e7e56 in nx_close (fd=3) at inode/fs_files.c:528 -apache#13 0x568e7f0e in close (fd=3) at inode/fs_files.c:562 -apache#14 0x56e76c39 in epoll_close (epfd=3) at vfs/fs_epoll.c:252 -apache#15 0x56c33829 in sensor_service_delete (ctrl=0x578b8540 <control>) at src/common.c:439 -apache#16 0x56a0561e in sensor_middle_service_main (argc=1, argv=0xf55de820) at sensor_main.c:118 -apache#17 0x56878675 in nxtask_startup (entrypt=0x56a054cc <sensor_middle_service_main>, argc=1, argv=0xf55de820) at sched/task_startup.c:70 -apache#18 0x5684427a in nxtask_start () at task/task_start.c:133 -apache#19 0xdeadbeef in ?? () reason: epoll_close -> close -> epoll_do_close (free inode) -> inode_release (reuse inode, crash) fix: use the global inode to match the fd which will return to user. like the g_sock_inode in fs/socket/socket.c Signed-off-by: ligd <liguiding1@xiaomi.com>

-#9 0xf7abf899 in __asan::__asan_report_load2 (addr=4072681776) at ../../../../../src/libsanitizer/asan/asan_rtl.cc:117 -#10 0x5693f718 in inode_release (node=0xf2c03124) at inode/fs_inoderelease.c:69 -#11 0x568ea61b in file_close (filep=0xf55fedd0) at vfs/fs_close.c:79 -#12 0x568e7e56 in nx_close (fd=3) at inode/fs_files.c:528 -#13 0x568e7f0e in close (fd=3) at inode/fs_files.c:562 -#14 0x56e76c39 in epoll_close (epfd=3) at vfs/fs_epoll.c:252 -#15 0x56c33829 in sensor_service_delete (ctrl=0x578b8540 <control>) at src/common.c:439 -#16 0x56a0561e in sensor_middle_service_main (argc=1, argv=0xf55de820) at sensor_main.c:118 -#17 0x56878675 in nxtask_startup (entrypt=0x56a054cc <sensor_middle_service_main>, argc=1, argv=0xf55de820) at sched/task_startup.c:70 -#18 0x5684427a in nxtask_start () at task/task_start.c:133 -#19 0xdeadbeef in ?? () reason: epoll_close -> close -> epoll_do_close (free inode) -> inode_release (reuse inode, crash) fix: use the global inode to match the fd which will return to user. like the g_sock_inode in fs/socket/socket.c Signed-off-by: ligd <liguiding1@xiaomi.com>

new root Makefile

The free node is still in use after kasan_poison(), the node member access will cause the assert report by kasan. | (gdb) bt | #0 kasan_report (addr=1743265406637584896, size=140737337053680, is_write=46) at kasan/kasan.c:97 | #1 0x0000555555607bdd in __asan_loadN_noabort (addr=140737272831420, size=4) at kasan/kasan.c:289 | #2 0x0000555555607cd7 in __asan_load4_noabort (addr=140737272831420) at kasan/kasan.c:323 | #3 0x00005555556061ef in gmtime_r (timep=0x7ffff3275dbc, result=0x7ffff3275e10) at time/lib_gmtimer.c:301 | #4 0x000055555560e507 in sim_rtc_rdtime (lower=0x55555576b780 <g_sim_rtc>, rtctime=0x7ffff3275e10) at sim/up_rtc.c:77 | #5 0x00005555555fcbdb in up_rtc_gettime (tp=0x7ffff3275ef0) at timers/arch_rtc.c:128 | #6 0x00005555555f08b4 in clock_systime_timespec (ts=0x7ffff3275ef0) at clock/clock_systime_timespec.c:72 | apache#7 0x00005555555ecc77 in note_common (tcb=0x7ffff31d2180, note=0x7ffff3275f80, length=21 '\025', type=18 '\022') at sched/sched_note.c:144 | apache#8 0x00005555555ed706 in sched_note_syscall_enter (nr=1, argc=0) at sched/sched_note.c:765 | apache#9 0x000055555560eb37 in __wrap_getpid () at wraps/WRAP_getpid.c:26 | apache#10 0x0000555555608d1c in mm_takesemaphore (heap=0x7ffff30ae000) at mm_heap/mm_sem.c:127 | apache#11 0x0000555555609477 in mm_free (heap=0x7ffff30ae000, mem=0x7ffff3265b80) at mm_heap/mm_free.c:89 | apache#12 0x00005555556070c5 in free (mem=0x7ffff3265b80) at umm_heap/umm_free.c:49 | apache#13 0x000055555560c3b0 in up_release_stack (dtcb=0x7ffff31e4b00, ttype=0 '\000') at sim/up_releasestack.c:67 | apache#14 0x00005555555f2515 in nxsched_release_tcb (tcb=0x7ffff31e4b00, ttype=0 '\000') at sched/sched_releasetcb.c:134 | apache#15 0x00005555556bdf0c in nxtask_terminate (pid=4, nonblocking=true) at task/task_terminate.c:184 | apache#16 0x00005555556bdb0f in nxtask_exit () at task/task_exit.c:168 | apache#17 0x000055555566e05f in up_exit (status=0) at sim/up_exit.c:64 | apache#18 0x000055555564f454 in _exit (status=0) at task/exit.c:78 | apache#19 0x000055555560ea89 in __wrap__exit (parm1=0) at wraps/WRAP__exit.c:27 | apache#20 0x00005555555eb288 in exit (status=0) at stdlib/lib_exit.c:54 | apache#21 0x00005555555fe2cc in nxtask_startup (entrypt=0x555555670c34 <critmon_start_main>, argc=1, argv=0x7ffff3265bb0) at sched/task_startup.c:70 | apache#22 0x00005555555f02a0 in nxtask_start () at task/task_start.c:134 | apache#23 0x0000000000000000 in ?? () Signed-off-by: chao.an <anchao@xiaomi.com>

tg_info is still in use after task_uninit_info(), unifies lib_stream_* with life cycle of task info to avoid this issue. | ==1940861==ERROR: AddressSanitizer: heap-use-after-free on address 0xf47032e0 at pc 0x5676dc4f bp 0xf2f38c68 sp 0xf2f38c58 | |apache#10 0xf7abec89 in __asan::__asan_report_load2 (addr=4100993760) at ../../../../src/libsanitizer/asan/asan_rtl.cpp:119 |apache#11 0x5677356a in nxsem_destroy (sem=0xf47032e0) at semaphore/sem_destroy.c:73 |apache#12 0x56773695 in sem_destroy (sem=0xf47032e0) at semaphore/sem_destroy.c:120 |apache#13 0x5676faa2 in nxmutex_destroy (mutex=0xf47032e0) at include/nuttx/mutex.h:126 |apache#14 0x567a3430 in lib_stream_release (group=0xf4901ba0) at stdio/lib_libstream.c:98 |apache#15 0x5676da75 in group_release (group=0xf4901ba0) at group/group_leave.c:162 |apache#16 0x5676e51c in group_leave (tcb=0xf5377740) at group/group_leave.c:360 |apache#17 0x569fe79b in nxtask_exithook (tcb=0xf5377740, status=0) at task/task_exithook.c:455 |apache#18 0x569f90b9 in _exit (status=0) at task/exit.c:82 |apache#19 0x56742680 in exit (status=0) at stdlib/lib_exit.c:61 |apache#20 0x56a69c78 in iperf_showusage (progname=0xf2f28838 "iperf", exitcode=0) at iperf_main.c:91 |apache#21 0x56a6a6ec in iperf_main (argc=1, argv=0xf2f28830) at iperf_main.c:140 |apache#22 0x5679c148 in nxtask_startup (entrypt=0x56a69c78 <iperf_main>, argc=1, argv=0xf2f28830) at sched/task_startup.c:70 |apache#23 0x56767f58 in nxtask_start () at task/task_start.c:134 Signed-off-by: chao an <anchao@xiaomi.com>

Redefine built-in command (info thread/thread/c) to compatible with developer habits Test board: ./tools/configure.sh -E lm3s6965-ek:qemu-flat 1. start qemu: qemu-system-arm -M lm3s6965evb -device loader,file=nuttx -serial mon:stdio -nographic -s 2. gdb attach: gdb-multiarch -ix tools/nuttx-gdbinit nuttx -ex "target extended-remote localhost:1234" 3. show thread info and callstack: | (gdb) info thread | * 0 Thread 0x20001548 (Name: Idle Task, State: Running, Priority: 0, Stack: 1000) PC: 0x9eee in up_idle() | 1 Thread 0x20005058 (Name: hpwork, State: Waiting,Semaphore, Priority: 224, Stack: 1992) PC: 0xa124 in up_switch_context() | 2 Thread 0x20005c20 (Name: nsh_main, State: Waiting,Semaphore, Priority: 100, Stack: 2000) PC: 0xa124 in up_switch_context() | 3 Thread 0x20006b30 (Name: NTP daemon, State: Waiting,Semaphore, Priority: 100, Stack: 1952) PC: 0xa124 in up_switch_context() | 4 Thread 0x200086f0 (Name: telnetd, State: Waiting,Semaphore, Priority: 100, Stack: 2008) PC: 0xa124 in up_switch_context() | (gdb) bt | #0 0x00009eee in up_idle () at chip/common/tiva_idle.c:62 | #1 0x00003dd2 in nx_start () at init/nx_start.c:698 | #2 0x00000190 in __start () at chip/common/lmxx_tm4c_start.c:177 | (gdb) thread 4 | 4 Thread 0x200086f0 (Name: telnetd, State: Waiting,Semaphore, Priority: 100, Stack: 2008) PC: 0xa124 in up_switch_context() | (gdb) bt | #0 up_switch_context (tcb=0x20001548 <g_idletcb>, rtcb=rtcb@entry=0x200086f0) at common/arm_switchcontext.c:95 | #1 0x0000453a in nxsem_wait (sem=sem@entry=0x2000916c) at semaphore/sem_wait.c:176 | #2 0x0000197e in _net_timedwait (sem=sem@entry=0x2000916c, interruptible=interruptible@entry=true, timeout=timeout@entry=4294967295) at utils/net_lock.c:101 | #3 0x0000198e in net_sem_timedwait (sem=sem@entry=0x2000916c, timeout=timeout@entry=4294967295) at utils/net_lock.c:242 | #4 0x00001996 in net_sem_wait (sem=sem@entry=0x2000916c) at utils/net_lock.c:330 | #5 0x00025f84 in psock_tcp_accept (psock=<optimized out>, addr=<optimized out>, addrlen=<optimized out>, newconn=newconn@entry=0x2000956c) at tcp/tcp_accept.c:274 | #6 0x00025432 in inet_accept (psock=<optimized out>, addr=<optimized out>, addrlen=<optimized out>, newsock=0x20009568, flags=0) at inet/inet_sockif.c:1443 | apache#7 0x00027a10 in psock_accept (psock=0x200044b8, addr=addr@entry=0x2000921c, addrlen=addrlen@entry=0x2000920c, newsock=newsock@entry=0x20009568, flags=flags@entry=0) at socket/accept.c:149 | apache#8 0x00027a8c in accept4 (sockfd=sockfd@entry=3, addr=addr@entry=0x2000921c, addrlen=addrlen@entry=0x2000920c, flags=flags@entry=0) at socket/accept.c:280 | apache#9 0x0002a256 in accept (sockfd=sockfd@entry=3, addr=addr@entry=0x2000921c, addrlen=addrlen@entry=0x2000920c) at net/lib_accept.c:50 | apache#10 0x0001efaa in telnetd_daemon (config=config@entry=0x20009290) at telnetd_daemon.c:200 | apache#11 0x0001e508 in telnetd_main (argc=1, argv=0x20008af8) at telnetd.c:98 | apache#12 0x00008486 in nxtask_startup (entrypt=0x1e4bd <telnetd_main>, entrypt@entry=0x1 <up_putc>, argc=1, argv=0x20008af8) at sched/task_startup.c:70 | apache#13 0x000056d2 in nxtask_start () at task/task_start.c:134 | apache#14 0x00000000 in ?? () | (gdb) c Signed-off-by: chao an <anchao@xiaomi.com>

Redefine built-in command (info thread/thread/c) to compatible with developer habits Test board: ./tools/configure.sh -E lm3s6965-ek:qemu-flat 1. start qemu: qemu-system-arm -M lm3s6965evb -device loader,file=nuttx -serial mon:stdio -nographic -s 2. gdb attach: gdb-multiarch -ix tools/nuttx-gdbinit nuttx -ex "target extended-remote localhost:1234" 3. show thread info and callstack: | (gdb) info thread | * 0 Thread 0x20001548 (Name: Idle Task, State: Running, Priority: 0, Stack: 1000) PC: 0x9eee in up_idle() | 1 Thread 0x20005058 (Name: hpwork, State: Waiting,Semaphore, Priority: 224, Stack: 1992) PC: 0xa124 in up_switch_context() | 2 Thread 0x20005c20 (Name: nsh_main, State: Waiting,Semaphore, Priority: 100, Stack: 2000) PC: 0xa124 in up_switch_context() | 3 Thread 0x20006b30 (Name: NTP daemon, State: Waiting,Semaphore, Priority: 100, Stack: 1952) PC: 0xa124 in up_switch_context() | 4 Thread 0x200086f0 (Name: telnetd, State: Waiting,Semaphore, Priority: 100, Stack: 2008) PC: 0xa124 in up_switch_context() | (gdb) bt | #0 0x00009eee in up_idle () at chip/common/tiva_idle.c:62 | #1 0x00003dd2 in nx_start () at init/nx_start.c:698 | #2 0x00000190 in __start () at chip/common/lmxx_tm4c_start.c:177 | (gdb) thread 4 | 4 Thread 0x200086f0 (Name: telnetd, State: Waiting,Semaphore, Priority: 100, Stack: 2008) PC: 0xa124 in up_switch_context() | (gdb) bt | #0 up_switch_context (tcb=0x20001548 <g_idletcb>, rtcb=rtcb@entry=0x200086f0) at common/arm_switchcontext.c:95 | #1 0x0000453a in nxsem_wait (sem=sem@entry=0x2000916c) at semaphore/sem_wait.c:176 | #2 0x0000197e in _net_timedwait (sem=sem@entry=0x2000916c, interruptible=interruptible@entry=true, timeout=timeout@entry=4294967295) at utils/net_lock.c:101 | #3 0x0000198e in net_sem_timedwait (sem=sem@entry=0x2000916c, timeout=timeout@entry=4294967295) at utils/net_lock.c:242 | #4 0x00001996 in net_sem_wait (sem=sem@entry=0x2000916c) at utils/net_lock.c:330 | #5 0x00025f84 in psock_tcp_accept (psock=<optimized out>, addr=<optimized out>, addrlen=<optimized out>, newconn=newconn@entry=0x2000956c) at tcp/tcp_accept.c:274 | #6 0x00025432 in inet_accept (psock=<optimized out>, addr=<optimized out>, addrlen=<optimized out>, newsock=0x20009568, flags=0) at inet/inet_sockif.c:1443 | #7 0x00027a10 in psock_accept (psock=0x200044b8, addr=addr@entry=0x2000921c, addrlen=addrlen@entry=0x2000920c, newsock=newsock@entry=0x20009568, flags=flags@entry=0) at socket/accept.c:149 | #8 0x00027a8c in accept4 (sockfd=sockfd@entry=3, addr=addr@entry=0x2000921c, addrlen=addrlen@entry=0x2000920c, flags=flags@entry=0) at socket/accept.c:280 | #9 0x0002a256 in accept (sockfd=sockfd@entry=3, addr=addr@entry=0x2000921c, addrlen=addrlen@entry=0x2000920c) at net/lib_accept.c:50 | #10 0x0001efaa in telnetd_daemon (config=config@entry=0x20009290) at telnetd_daemon.c:200 | #11 0x0001e508 in telnetd_main (argc=1, argv=0x20008af8) at telnetd.c:98 | #12 0x00008486 in nxtask_startup (entrypt=0x1e4bd <telnetd_main>, entrypt@entry=0x1 <up_putc>, argc=1, argv=0x20008af8) at sched/task_startup.c:70 | #13 0x000056d2 in nxtask_start () at task/task_start.c:134 | #14 0x00000000 in ?? () | (gdb) c Signed-off-by: chao an <anchao@xiaomi.com>

…_pairs=2 ================================================================= ==2920138==ERROR: AddressSanitizer: invalid-pointer-pair: 0x603000000130 0x000000000000 #0 0x5602d3c6a89d in qsort stdlib/lib_qsort.c:180 #1 0x5602d3c28928 in romfs_cachenode romfs/fs_romfsutil.c:503 #2 0x5602d3c2854d in romfs_cachenode romfs/fs_romfsutil.c:486 #3 0x5602d3c2b056 in romfs_fsconfigure romfs/fs_romfsutil.c:777 #4 0x5602d3c24856 in romfs_bind romfs/fs_romfs.c:1111 #5 0x5602d3bf5179 in nx_mount mount/fs_mount.c:427 #6 0x5602d3bf5796 in mount mount/fs_mount.c:539 apache#7 0x5602d3bc1154 in nsh_romfsetc apps/nshlib/nsh_romfsetc.c:110 apache#8 0x5602d3b8f38d in nsh_initialize apps/nshlib/nsh_init.c:127 apache#9 0x5602d3b8f2b7 in nsh_main apps/system/nsh/nsh_main.c:69 apache#10 0x5602d3b7a3a6 in nxtask_startup sched/task_startup.c:70 apache#11 0x5602d3b5de89 in nxtask_start task/task_start.c:134 0x603000000130 is located 0 bytes inside of 32-byte region [0x603000000130,0x603000000150) allocated by thread T0 here: #0 0x7fcdac74793c in __interceptor_posix_memalign ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:226 #1 0x5602d3c9024e in host_memalign sim/posix/sim_hostmemory.c:180 #2 0x5602d3c907d2 in host_realloc sim/posix/sim_hostmemory.c:222 #3 0x5602d3b8aaff in mm_realloc sim/sim_heap.c:262 #4 0x5602d3b87a6a in realloc umm_heap/umm_realloc.c:91 #5 0x5602d3c280c4 in romfs_cachenode romfs/fs_romfsutil.c:466 #6 0x5602d3c2854d in romfs_cachenode romfs/fs_romfsutil.c:486 apache#7 0x5602d3c2b056 in romfs_fsconfigure romfs/fs_romfsutil.c:777 apache#8 0x5602d3c24856 in romfs_bind romfs/fs_romfs.c:1111 apache#9 0x5602d3bf5179 in nx_mount mount/fs_mount.c:427 apache#10 0x5602d3bf5796 in mount mount/fs_mount.c:539 apache#11 0x5602d3bc1154 in nsh_romfsetc apps/nshlib/nsh_romfsetc.c:110 apache#12 0x5602d3b8f38d in nsh_initialize apps/nshlib/nsh_init.c:127 apache#13 0x5602d3b8f2b7 in nsh_main apps/system/nsh/nsh_main.c:69 apache#14 0x5602d3b7a3a6 in nxtask_startup sched/task_startup.c:70 apache#15 0x5602d3b5de89 in nxtask_start task/task_start.c:134 Address 0x000000000000 is a wild pointer. SUMMARY: AddressSanitizer: invalid-pointer-pair stdlib/lib_qsort.c:180 in qsort ==2920138==ABORTING Aborted (core dumped) Signed-off-by: chao an <anchao@xiaomi.com>

…_pairs=2 ================================================================= ==2920138==ERROR: AddressSanitizer: invalid-pointer-pair: 0x603000000130 0x000000000000 #0 0x5602d3c6a89d in qsort stdlib/lib_qsort.c:180 #1 0x5602d3c28928 in romfs_cachenode romfs/fs_romfsutil.c:503 #2 0x5602d3c2854d in romfs_cachenode romfs/fs_romfsutil.c:486 #3 0x5602d3c2b056 in romfs_fsconfigure romfs/fs_romfsutil.c:777 #4 0x5602d3c24856 in romfs_bind romfs/fs_romfs.c:1111 #5 0x5602d3bf5179 in nx_mount mount/fs_mount.c:427 #6 0x5602d3bf5796 in mount mount/fs_mount.c:539 #7 0x5602d3bc1154 in nsh_romfsetc apps/nshlib/nsh_romfsetc.c:110 #8 0x5602d3b8f38d in nsh_initialize apps/nshlib/nsh_init.c:127 #9 0x5602d3b8f2b7 in nsh_main apps/system/nsh/nsh_main.c:69 #10 0x5602d3b7a3a6 in nxtask_startup sched/task_startup.c:70 #11 0x5602d3b5de89 in nxtask_start task/task_start.c:134 0x603000000130 is located 0 bytes inside of 32-byte region [0x603000000130,0x603000000150) allocated by thread T0 here: #0 0x7fcdac74793c in __interceptor_posix_memalign ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:226 #1 0x5602d3c9024e in host_memalign sim/posix/sim_hostmemory.c:180 #2 0x5602d3c907d2 in host_realloc sim/posix/sim_hostmemory.c:222 #3 0x5602d3b8aaff in mm_realloc sim/sim_heap.c:262 #4 0x5602d3b87a6a in realloc umm_heap/umm_realloc.c:91 #5 0x5602d3c280c4 in romfs_cachenode romfs/fs_romfsutil.c:466 #6 0x5602d3c2854d in romfs_cachenode romfs/fs_romfsutil.c:486 #7 0x5602d3c2b056 in romfs_fsconfigure romfs/fs_romfsutil.c:777 #8 0x5602d3c24856 in romfs_bind romfs/fs_romfs.c:1111 #9 0x5602d3bf5179 in nx_mount mount/fs_mount.c:427 #10 0x5602d3bf5796 in mount mount/fs_mount.c:539 #11 0x5602d3bc1154 in nsh_romfsetc apps/nshlib/nsh_romfsetc.c:110 #12 0x5602d3b8f38d in nsh_initialize apps/nshlib/nsh_init.c:127 #13 0x5602d3b8f2b7 in nsh_main apps/system/nsh/nsh_main.c:69 #14 0x5602d3b7a3a6 in nxtask_startup sched/task_startup.c:70 #15 0x5602d3b5de89 in nxtask_start task/task_start.c:134 Address 0x000000000000 is a wild pointer. SUMMARY: AddressSanitizer: invalid-pointer-pair stdlib/lib_qsort.c:180 in qsort ==2920138==ABORTING Aborted (core dumped) Signed-off-by: chao an <anchao@xiaomi.com>

How to setup coredump ? 1. Build config coredump: $ ./tools/configure.sh ./boards/arm/imx6/sabre-6quad/configs/coredump $ make 2. Run qemu and get the coredump snapshot: $ qemu-system-arm -semihosting -M sabrelite -m 1024 -smp 4 -nographic -kernel ./nuttx -s ABCDGHIJKNOPQ NuttShell (NSH) NuttX-10.4.0 nsh> coredump [CPU0] [ 6] Start coredump: [CPU0] [ 6] 5A5601013D03FF077F454C4601010100C0000304002800C00D003420036000070400053400200008200A4000000420030034C024200001D8092004E00200601A [CPU0] [ 6] 060C0000E85D831040030018200E400300072003403C601F06100000F8518310400340574003E0041F00142003025683106003A000E0081F005A201B4003A000 [CPU0] [ 6] E0071F03987F831040030060200E4003E0041F209003288A8310400300B820104003E0041F061C0000D09283104003609C2003C01F00202006007C2003000320 [CPU0] [ 6] 0308435055302049444C45200BE02700E0333BE01B0040A70094200340CFE0576BE0070040730006200340000424A782101420030474A482102020074137400B [CPU0] [ 6] 0030200B4027422309F51880108E8A80107F0161AA600040BFE102670031E01FBF4053E00300E0233BE02B0040A7E10267E02C6B403BE05700436B019319A167 [CPU0] [ 6] 200F20005A560100A703FF010000200000202003007C20030003200308435055322049444C45200BE0170000022003E00300E0233BE02B0040A7009420030001 [CPU0] [ 6] 2003E02F6BE007B3E04C00025683102005E0080040BFE102670033E01FBF402FE00300E0233BE02B0040A7E10267E02C6BE007B3E04C00005AE1196706687077 [CPU0] [ 6] 6F726B00E01CBF00042003E00300A03BE0500040A7C167A06BE01CA7E00300E007B3E0170042FF05BC748310785C213B00005A560100F303FF0A000074A48210 [CPU0] [ 6] 38748310242007010100E00D0008987F8310998C8010A4200303FF000020201260004008007C200300032003076E73685F6D61696E200AE0180000052003E003 [CPU0] [ 6] 00E0233BE02B0040A70094200340DFE02F6BE007B3E0170000022003078480831088998310200A0200F08E2007200FC1674003400004CC8A8310042007006420 [CPU0] [ 6] 030028200BE1176707636F726564756D70200AE0180000062003E00300E0233BE02B0040A7C167E02F6BE007B3E017000BDC458310E0988310780A0000415B03 [CPU0] [ 6] 6C9A8310416B408B4133408F01788F217BA000405F00B0202F02EB21816003035F0000602012E0EB000100005A5601002103FF0E000000005E831000A27C3F00 [CPU0] [ 6] 005080200DE0FF00E0FF00E0FF00E0CA000100005A5601001203FF010000E0FF00E0FF00E0FF00E0DA000100005A5601005403FF01000020000838748310D037 [CPU0] [ 6] 8310DF200B0487328010C8200B400F400720120000400B00AB2017005F200B04432B80101520030002200B0101012004E00600028137806033E0FF00E0FF00E0 [CPU0] [ 6] FF00E083000100005A560100F203FF010000600007808310BC8F8310DF200A088732801084FFFFFFA0200F0006200F04848A83105F200704E92D8110F1200340 [CPU0] [ 6] 1303108C8310202200FF200A0900988E8310FD248010F7A01B061BD3801054AC826033C0004023403304CDD2801001200FE00300030FA2801020061200C15080 [CPU0] [ 6] 103081821089678010A18E8310B35CE0092B400F0333EC8010404F4003200EE0640040C34003407B0D08F781107F7B801071F28010A99480C340000291938060 [CPU0] [ 6] 2340AB4003400B05A1928010F883E005AF01F99080DF40174003009DA00F00642003400F0071A00F013F692063200B018D37E00163E0FF00E0FF00E02E000100 [CPU0] [ 6] 005A5601003A03FF010000600003589083102006E0080001F092801707636F726564756D70200A600003EFBEADDEE0FF03E0FF03E0FF03E01B032342E07A0001 [CPU0] [ 6] 00005A560101C003FF010000E095000BF08E83100927801054AC8210400B201201005F2003400BE00717E0CB0040DBE007E7E00FFF40170055200F0043201720 [CPU0] [ 6] 0A6023401F4017400006111D8010207183600F047D40831018200B4023E003470794818210D91A8010E0174701E43FE00173403306F49A8310DF4C8160170448 [CPU0] [ 6] 99831041201704CE1F841002200704CD3F81100C2007049D34811040201B200A05002EF781106C200B008D200B001D201F05893E81107978806F000A200300D8 [CPU0] [ 6] 204F01D57B800F00882027400300F1E0020F009F202B40434027C06B122F798010789B8310F803000008040000C89683600F04277A80108C200700BC2037202A [CPU0] [ 6] 01008F202B20060200D092200F000820082003006C20470730A7821000FCFFFF201160000533208110D0072008201F410340230020202301B12220BB200B2019 [CPU0] [ 6] 010006200301992420DF0323000001200B01001C805740034037400340420000208F60000504000534002040166000046BE88110F0213F200A000040AB00FF20 [CPU0] [ 6] 0000E120E7400B020B188160174000400F201A00FF402B048517811065200340FB201260B000FD203303F7528110408300A9A00700E84083E00200033F698010 [CPU0] [ 6] 401B018D37814720005A5601000800090100006000010000 [CPU0] [ 6] Finish coredump (Compression Enabled). 3. Copy the hex body and save to file: $ cat elf.dump [CPU0] [ 6] 5A5601013D03FF077F454C4601010100C0000304002800C00D003420036000070400053400200008200A4000000420030034C024200001D8092004E00200601A ... [CPU0] [ 6] 401B018D37814720005A5601000800090100006000010000 4. Run tools/coredump.py to convert hex dump to elf coredump: $ ./tools/coredump.py elf.dump Chunk #1 is compressed, 317 bytes (original size: 1023 bytes) ... Chunk apache#10 is compressed, 8 bytes (original size: 9 bytes) $ ls elf.core elf.core 5. Pass core(elf.core) and bin elf(nuttx) to gdb: !!(Toolchain(arm-none-eabi-gdb) version must be newer than 11.3) !! $ arm-none-eabi-gdb -c elf.core nuttx GNU gdb (Arm GNU Toolchain 11.3.Rel1) 12.1.90.20220802-git ... Reading symbols from nuttx... [New process 6] [New process 1] [New process 2] [New process 3] [New process 4] [New process 5] [New process 6] Core was generated by `'. #0 0x10808a8e in up_idle () at chip/imx_idle.c:61 61 } [Current thread is 1 (process 6)] (gdb) (gdb) info thread Id Target Id Frame * 1 process 6 0x10808a8e in up_idle () at chip/imx_idle.c:61 2 process 1 0x10808a8e in up_idle () at chip/imx_idle.c:61 3 process 2 0x00000000 in ?? () 4 process 3 0x00000000 in ?? () 5 process 4 up_switch_context (tcb=0x1082a474 <g_idletcb>, rtcb=rtcb@entry=0x10837438) at common/arm_switchcontext.c:95 6 process 5 up_switch_context (tcb=0x10838ef0, rtcb=rtcb@entry=0x10838000) at common/arm_switchcontext.c:95 7 process 6 elf_emit_tcb_note (cinfo=0x10839a6c, tcb=0x10838ef0) at libelf/libelf_coredump.c:272 (gdb) thread 6 [Switching to thread 6 (process 5)] #0 up_switch_context (tcb=0x10838ef0, rtcb=rtcb@entry=0x10838000) at common/arm_switchcontext.c:95 95 arm_switchcontext(&rtcb->xcp.regs, tcb->xcp.regs); (gdb) bt #0 up_switch_context (tcb=0x10838ef0, rtcb=rtcb@entry=0x10838000) at common/arm_switchcontext.c:95 #1 0x10803286 in nxsem_wait (sem=0x10838fbc) at semaphore/sem_wait.c:176 #2 0x10812de8 in nxsched_waitpid (pid=pid@entry=6, stat_loc=stat_loc@entry=0x10838a84, options=options@entry=4) at sched/sched_waitpid.c:169 #3 0x10812df6 in waitpid (pid=pid@entry=6, stat_loc=stat_loc@entry=0x10838a84, options=options@entry=4) at sched/sched_waitpid.c:639 #4 0x1080d31a in nsh_builtin (vtbl=vtbl@entry=0x10838c10, cmd=0x10838e98 <error: Cannot access memory at address 0x10838e98>, argv=argv@entry=0x10838adc, redirfile=redirfile@entry=0x0, oflags=oflags@entry=0) at nsh_builtin.c:162 #5 0x1080a20e in nsh_execute (oflags=0, redirfile=0x0, argv=0x10838adc, argc=1, vtbl=0x10838c10) at nsh_parse.c:641 #6 nsh_parse_command (vtbl=vtbl@entry=0x10838c10, cmdline=<optimized out>) at nsh_parse.c:2742 apache#7 0x1080a510 in nsh_parse (vtbl=vtbl@entry=0x10838c10, cmdline=cmdline@entry=0x10838e98 <error: Cannot access memory at address 0x10838e98>) at nsh_parse.c:2826 apache#8 0x10809390 in nsh_session (pstate=0x10838c10, login=login@entry=1, argc=argc@entry=1, argv=argv@entry=0x108383f8) at nsh_session.c:245 apache#9 0x108090f8 in nsh_consolemain (argc=argc@entry=1, argv=argv@entry=0x108383f8) at nsh_consolemain.c:71 apache#10 0x1080909c in nsh_main (argc=1, argv=0x108383f8) at nsh_main.c:74 apache#11 0x1080693e in nxtask_startup (entrypt=0x10809071 <nsh_main>, argc=1, argv=0x108383f8) at sched/task_startup.c:70 apache#12 0x1080378c in nxtask_start () at task/task_start.c:134 apache#13 0x00000000 in ?? () Backtrace stopped: previous frame identical to this frame (corrupt stack?) Signed-off-by: chao an <anchao@xiaomi.com>

How to setup coredump ? 1. Build config coredump: $ ./tools/configure.sh ./boards/arm/imx6/sabre-6quad/configs/coredump $ make 2. Run qemu and get the coredump snapshot: $ qemu-system-arm -semihosting -M sabrelite -m 1024 -smp 4 -nographic -kernel ./nuttx -s ABCDGHIJKNOPQ NuttShell (NSH) NuttX-10.4.0 nsh> coredump [CPU0] [ 6] Start coredump: [CPU0] [ 6] 5A5601013D03FF077F454C4601010100C0000304002800C00D003420036000070400053400200008200A4000000420030034C024200001D8092004E00200601A [CPU0] [ 6] 060C0000E85D831040030018200E400300072003403C601F06100000F8518310400340574003E0041F00142003025683106003A000E0081F005A201B4003A000 [CPU0] [ 6] E0071F03987F831040030060200E4003E0041F209003288A8310400300B820104003E0041F061C0000D09283104003609C2003C01F00202006007C2003000320 [CPU0] [ 6] 0308435055302049444C45200BE02700E0333BE01B0040A70094200340CFE0576BE0070040730006200340000424A782101420030474A482102020074137400B [CPU0] [ 6] 0030200B4027422309F51880108E8A80107F0161AA600040BFE102670031E01FBF4053E00300E0233BE02B0040A7E10267E02C6B403BE05700436B019319A167 [CPU0] [ 6] 200F20005A560100A703FF010000200000202003007C20030003200308435055322049444C45200BE0170000022003E00300E0233BE02B0040A7009420030001 [CPU0] [ 6] 2003E02F6BE007B3E04C00025683102005E0080040BFE102670033E01FBF402FE00300E0233BE02B0040A7E10267E02C6BE007B3E04C00005AE1196706687077 [CPU0] [ 6] 6F726B00E01CBF00042003E00300A03BE0500040A7C167A06BE01CA7E00300E007B3E0170042FF05BC748310785C213B00005A560100F303FF0A000074A48210 [CPU0] [ 6] 38748310242007010100E00D0008987F8310998C8010A4200303FF000020201260004008007C200300032003076E73685F6D61696E200AE0180000052003E003 [CPU0] [ 6] 00E0233BE02B0040A70094200340DFE02F6BE007B3E0170000022003078480831088998310200A0200F08E2007200FC1674003400004CC8A8310042007006420 [CPU0] [ 6] 030028200BE1176707636F726564756D70200AE0180000062003E00300E0233BE02B0040A7C167E02F6BE007B3E017000BDC458310E0988310780A0000415B03 [CPU0] [ 6] 6C9A8310416B408B4133408F01788F217BA000405F00B0202F02EB21816003035F0000602012E0EB000100005A5601002103FF0E000000005E831000A27C3F00 [CPU0] [ 6] 005080200DE0FF00E0FF00E0FF00E0CA000100005A5601001203FF010000E0FF00E0FF00E0FF00E0DA000100005A5601005403FF01000020000838748310D037 [CPU0] [ 6] 8310DF200B0487328010C8200B400F400720120000400B00AB2017005F200B04432B80101520030002200B0101012004E00600028137806033E0FF00E0FF00E0 [CPU0] [ 6] FF00E083000100005A560100F203FF010000600007808310BC8F8310DF200A088732801084FFFFFFA0200F0006200F04848A83105F200704E92D8110F1200340 [CPU0] [ 6] 1303108C8310202200FF200A0900988E8310FD248010F7A01B061BD3801054AC826033C0004023403304CDD2801001200FE00300030FA2801020061200C15080 [CPU0] [ 6] 103081821089678010A18E8310B35CE0092B400F0333EC8010404F4003200EE0640040C34003407B0D08F781107F7B801071F28010A99480C340000291938060 [CPU0] [ 6] 2340AB4003400B05A1928010F883E005AF01F99080DF40174003009DA00F00642003400F0071A00F013F692063200B018D37E00163E0FF00E0FF00E02E000100 [CPU0] [ 6] 005A5601003A03FF010000600003589083102006E0080001F092801707636F726564756D70200A600003EFBEADDEE0FF03E0FF03E0FF03E01B032342E07A0001 [CPU0] [ 6] 00005A560101C003FF010000E095000BF08E83100927801054AC8210400B201201005F2003400BE00717E0CB0040DBE007E7E00FFF40170055200F0043201720 [CPU0] [ 6] 0A6023401F4017400006111D8010207183600F047D40831018200B4023E003470794818210D91A8010E0174701E43FE00173403306F49A8310DF4C8160170448 [CPU0] [ 6] 99831041201704CE1F841002200704CD3F81100C2007049D34811040201B200A05002EF781106C200B008D200B001D201F05893E81107978806F000A200300D8 [CPU0] [ 6] 204F01D57B800F00882027400300F1E0020F009F202B40434027C06B122F798010789B8310F803000008040000C89683600F04277A80108C200700BC2037202A [CPU0] [ 6] 01008F202B20060200D092200F000820082003006C20470730A7821000FCFFFF201160000533208110D0072008201F410340230020202301B12220BB200B2019 [CPU0] [ 6] 010006200301992420DF0323000001200B01001C805740034037400340420000208F60000504000534002040166000046BE88110F0213F200A000040AB00FF20 [CPU0] [ 6] 0000E120E7400B020B188160174000400F201A00FF402B048517811065200340FB201260B000FD203303F7528110408300A9A00700E84083E00200033F698010 [CPU0] [ 6] 401B018D37814720005A5601000800090100006000010000 [CPU0] [ 6] Finish coredump (Compression Enabled). 3. Copy the hex body and save to file: $ cat elf.dump [CPU0] [ 6] 5A5601013D03FF077F454C4601010100C0000304002800C00D003420036000070400053400200008200A4000000420030034C024200001D8092004E00200601A ... [CPU0] [ 6] 401B018D37814720005A5601000800090100006000010000 4. Run tools/coredump.py to convert hex dump to elf coredump: $ ./tools/coredump.py elf.dump Chunk #1 is compressed, 317 bytes (original size: 1023 bytes) ... Chunk #10 is compressed, 8 bytes (original size: 9 bytes) $ ls elf.core elf.core 5. Pass core(elf.core) and bin elf(nuttx) to gdb: !!(Toolchain(arm-none-eabi-gdb) version must be newer than 11.3) !! $ arm-none-eabi-gdb -c elf.core nuttx GNU gdb (Arm GNU Toolchain 11.3.Rel1) 12.1.90.20220802-git ... Reading symbols from nuttx... [New process 6] [New process 1] [New process 2] [New process 3] [New process 4] [New process 5] [New process 6] Core was generated by `'. #0 0x10808a8e in up_idle () at chip/imx_idle.c:61 61 } [Current thread is 1 (process 6)] (gdb) (gdb) info thread Id Target Id Frame * 1 process 6 0x10808a8e in up_idle () at chip/imx_idle.c:61 2 process 1 0x10808a8e in up_idle () at chip/imx_idle.c:61 3 process 2 0x00000000 in ?? () 4 process 3 0x00000000 in ?? () 5 process 4 up_switch_context (tcb=0x1082a474 <g_idletcb>, rtcb=rtcb@entry=0x10837438) at common/arm_switchcontext.c:95 6 process 5 up_switch_context (tcb=0x10838ef0, rtcb=rtcb@entry=0x10838000) at common/arm_switchcontext.c:95 7 process 6 elf_emit_tcb_note (cinfo=0x10839a6c, tcb=0x10838ef0) at libelf/libelf_coredump.c:272 (gdb) thread 6 [Switching to thread 6 (process 5)] #0 up_switch_context (tcb=0x10838ef0, rtcb=rtcb@entry=0x10838000) at common/arm_switchcontext.c:95 95 arm_switchcontext(&rtcb->xcp.regs, tcb->xcp.regs); (gdb) bt #0 up_switch_context (tcb=0x10838ef0, rtcb=rtcb@entry=0x10838000) at common/arm_switchcontext.c:95 #1 0x10803286 in nxsem_wait (sem=0x10838fbc) at semaphore/sem_wait.c:176 #2 0x10812de8 in nxsched_waitpid (pid=pid@entry=6, stat_loc=stat_loc@entry=0x10838a84, options=options@entry=4) at sched/sched_waitpid.c:169 #3 0x10812df6 in waitpid (pid=pid@entry=6, stat_loc=stat_loc@entry=0x10838a84, options=options@entry=4) at sched/sched_waitpid.c:639 #4 0x1080d31a in nsh_builtin (vtbl=vtbl@entry=0x10838c10, cmd=0x10838e98 <error: Cannot access memory at address 0x10838e98>, argv=argv@entry=0x10838adc, redirfile=redirfile@entry=0x0, oflags=oflags@entry=0) at nsh_builtin.c:162 #5 0x1080a20e in nsh_execute (oflags=0, redirfile=0x0, argv=0x10838adc, argc=1, vtbl=0x10838c10) at nsh_parse.c:641 #6 nsh_parse_command (vtbl=vtbl@entry=0x10838c10, cmdline=<optimized out>) at nsh_parse.c:2742 #7 0x1080a510 in nsh_parse (vtbl=vtbl@entry=0x10838c10, cmdline=cmdline@entry=0x10838e98 <error: Cannot access memory at address 0x10838e98>) at nsh_parse.c:2826 #8 0x10809390 in nsh_session (pstate=0x10838c10, login=login@entry=1, argc=argc@entry=1, argv=argv@entry=0x108383f8) at nsh_session.c:245 #9 0x108090f8 in nsh_consolemain (argc=argc@entry=1, argv=argv@entry=0x108383f8) at nsh_consolemain.c:71 #10 0x1080909c in nsh_main (argc=1, argv=0x108383f8) at nsh_main.c:74 #11 0x1080693e in nxtask_startup (entrypt=0x10809071 <nsh_main>, argc=1, argv=0x108383f8) at sched/task_startup.c:70 #12 0x1080378c in nxtask_start () at task/task_start.c:134 #13 0x00000000 in ?? () Backtrace stopped: previous frame identical to this frame (corrupt stack?) Signed-off-by: chao an <anchao@xiaomi.com>

How to setup coredump ? 1. Build config coredump: $ ./tools/configure.sh ./boards/arm/imx6/sabre-6quad/configs/coredump $ make 2. Run qemu and get the coredump snapshot: $ qemu-system-arm -semihosting -M sabrelite -m 1024 -smp 4 -nographic -kernel ./nuttx -s ABCDGHIJKNOPQ NuttShell (NSH) NuttX-10.4.0 nsh> coredump [CPU0] [ 6] Start coredump: [CPU0] [ 6] 5A5601013D03FF077F454C4601010100C0000304002800C00D003420036000070400053400200008200A4000000420030034C024200001D8092004E00200601A [CPU0] [ 6] 060C0000E85D831040030018200E400300072003403C601F06100000F8518310400340574003E0041F00142003025683106003A000E0081F005A201B4003A000 [CPU0] [ 6] E0071F03987F831040030060200E4003E0041F209003288A8310400300B820104003E0041F061C0000D09283104003609C2003C01F00202006007C2003000320 [CPU0] [ 6] 0308435055302049444C45200BE02700E0333BE01B0040A70094200340CFE0576BE0070040730006200340000424A782101420030474A482102020074137400B [CPU0] [ 6] 0030200B4027422309F51880108E8A80107F0161AA600040BFE102670031E01FBF4053E00300E0233BE02B0040A7E10267E02C6B403BE05700436B019319A167 [CPU0] [ 6] 200F20005A560100A703FF010000200000202003007C20030003200308435055322049444C45200BE0170000022003E00300E0233BE02B0040A7009420030001 [CPU0] [ 6] 2003E02F6BE007B3E04C00025683102005E0080040BFE102670033E01FBF402FE00300E0233BE02B0040A7E10267E02C6BE007B3E04C00005AE1196706687077 [CPU0] [ 6] 6F726B00E01CBF00042003E00300A03BE0500040A7C167A06BE01CA7E00300E007B3E0170042FF05BC748310785C213B00005A560100F303FF0A000074A48210 [CPU0] [ 6] 38748310242007010100E00D0008987F8310998C8010A4200303FF000020201260004008007C200300032003076E73685F6D61696E200AE0180000052003E003 [CPU0] [ 6] 00E0233BE02B0040A70094200340DFE02F6BE007B3E0170000022003078480831088998310200A0200F08E2007200FC1674003400004CC8A8310042007006420 [CPU0] [ 6] 030028200BE1176707636F726564756D70200AE0180000062003E00300E0233BE02B0040A7C167E02F6BE007B3E017000BDC458310E0988310780A0000415B03 [CPU0] [ 6] 6C9A8310416B408B4133408F01788F217BA000405F00B0202F02EB21816003035F0000602012E0EB000100005A5601002103FF0E000000005E831000A27C3F00 [CPU0] [ 6] 005080200DE0FF00E0FF00E0FF00E0CA000100005A5601001203FF010000E0FF00E0FF00E0FF00E0DA000100005A5601005403FF01000020000838748310D037 [CPU0] [ 6] 8310DF200B0487328010C8200B400F400720120000400B00AB2017005F200B04432B80101520030002200B0101012004E00600028137806033E0FF00E0FF00E0 [CPU0] [ 6] FF00E083000100005A560100F203FF010000600007808310BC8F8310DF200A088732801084FFFFFFA0200F0006200F04848A83105F200704E92D8110F1200340 [CPU0] [ 6] 1303108C8310202200FF200A0900988E8310FD248010F7A01B061BD3801054AC826033C0004023403304CDD2801001200FE00300030FA2801020061200C15080 [CPU0] [ 6] 103081821089678010A18E8310B35CE0092B400F0333EC8010404F4003200EE0640040C34003407B0D08F781107F7B801071F28010A99480C340000291938060 [CPU0] [ 6] 2340AB4003400B05A1928010F883E005AF01F99080DF40174003009DA00F00642003400F0071A00F013F692063200B018D37E00163E0FF00E0FF00E02E000100 [CPU0] [ 6] 005A5601003A03FF010000600003589083102006E0080001F092801707636F726564756D70200A600003EFBEADDEE0FF03E0FF03E0FF03E01B032342E07A0001 [CPU0] [ 6] 00005A560101C003FF010000E095000BF08E83100927801054AC8210400B201201005F2003400BE00717E0CB0040DBE007E7E00FFF40170055200F0043201720 [CPU0] [ 6] 0A6023401F4017400006111D8010207183600F047D40831018200B4023E003470794818210D91A8010E0174701E43FE00173403306F49A8310DF4C8160170448 [CPU0] [ 6] 99831041201704CE1F841002200704CD3F81100C2007049D34811040201B200A05002EF781106C200B008D200B001D201F05893E81107978806F000A200300D8 [CPU0] [ 6] 204F01D57B800F00882027400300F1E0020F009F202B40434027C06B122F798010789B8310F803000008040000C89683600F04277A80108C200700BC2037202A [CPU0] [ 6] 01008F202B20060200D092200F000820082003006C20470730A7821000FCFFFF201160000533208110D0072008201F410340230020202301B12220BB200B2019 [CPU0] [ 6] 010006200301992420DF0323000001200B01001C805740034037400340420000208F60000504000534002040166000046BE88110F0213F200A000040AB00FF20 [CPU0] [ 6] 0000E120E7400B020B188160174000400F201A00FF402B048517811065200340FB201260B000FD203303F7528110408300A9A00700E84083E00200033F698010 [CPU0] [ 6] 401B018D37814720005A5601000800090100006000010000 [CPU0] [ 6] Finish coredump (Compression Enabled). 3. Copy the hex body and save to file: $ cat elf.dump [CPU0] [ 6] 5A5601013D03FF077F454C4601010100C0000304002800C00D003420036000070400053400200008200A4000000420030034C024200001D8092004E00200601A ... [CPU0] [ 6] 401B018D37814720005A5601000800090100006000010000 4. Run tools/coredump.py to convert hex dump to elf coredump: $ ./tools/coredump.py elf.dump Chunk apache#1 is compressed, 317 bytes (original size: 1023 bytes) ... Chunk apache#10 is compressed, 8 bytes (original size: 9 bytes) $ ls elf.core elf.core 5. Pass core(elf.core) and bin elf(nuttx) to gdb: !!(Toolchain(arm-none-eabi-gdb) version must be newer than 11.3) !! $ arm-none-eabi-gdb -c elf.core nuttx GNU gdb (Arm GNU Toolchain 11.3.Rel1) 12.1.90.20220802-git ... Reading symbols from nuttx... [New process 6] [New process 1] [New process 2] [New process 3] [New process 4] [New process 5] [New process 6] Core was generated by `'. #0 0x10808a8e in up_idle () at chip/imx_idle.c:61 61 } [Current thread is 1 (process 6)] (gdb) (gdb) info thread Id Target Id Frame * 1 process 6 0x10808a8e in up_idle () at chip/imx_idle.c:61 2 process 1 0x10808a8e in up_idle () at chip/imx_idle.c:61 3 process 2 0x00000000 in ?? () 4 process 3 0x00000000 in ?? () 5 process 4 up_switch_context (tcb=0x1082a474 <g_idletcb>, rtcb=rtcb@entry=0x10837438) at common/arm_switchcontext.c:95 6 process 5 up_switch_context (tcb=0x10838ef0, rtcb=rtcb@entry=0x10838000) at common/arm_switchcontext.c:95 7 process 6 elf_emit_tcb_note (cinfo=0x10839a6c, tcb=0x10838ef0) at libelf/libelf_coredump.c:272 (gdb) thread 6 [Switching to thread 6 (process 5)] #0 up_switch_context (tcb=0x10838ef0, rtcb=rtcb@entry=0x10838000) at common/arm_switchcontext.c:95 95 arm_switchcontext(&rtcb->xcp.regs, tcb->xcp.regs); (gdb) bt #0 up_switch_context (tcb=0x10838ef0, rtcb=rtcb@entry=0x10838000) at common/arm_switchcontext.c:95 apache#1 0x10803286 in nxsem_wait (sem=0x10838fbc) at semaphore/sem_wait.c:176 apache#2 0x10812de8 in nxsched_waitpid (pid=pid@entry=6, stat_loc=stat_loc@entry=0x10838a84, options=options@entry=4) at sched/sched_waitpid.c:169 apache#3 0x10812df6 in waitpid (pid=pid@entry=6, stat_loc=stat_loc@entry=0x10838a84, options=options@entry=4) at sched/sched_waitpid.c:639 apache#4 0x1080d31a in nsh_builtin (vtbl=vtbl@entry=0x10838c10, cmd=0x10838e98 <error: Cannot access memory at address 0x10838e98>, argv=argv@entry=0x10838adc, redirfile=redirfile@entry=0x0, oflags=oflags@entry=0) at nsh_builtin.c:162 apache#5 0x1080a20e in nsh_execute (oflags=0, redirfile=0x0, argv=0x10838adc, argc=1, vtbl=0x10838c10) at nsh_parse.c:641 apache#6 nsh_parse_command (vtbl=vtbl@entry=0x10838c10, cmdline=<optimized out>) at nsh_parse.c:2742 apache#7 0x1080a510 in nsh_parse (vtbl=vtbl@entry=0x10838c10, cmdline=cmdline@entry=0x10838e98 <error: Cannot access memory at address 0x10838e98>) at nsh_parse.c:2826 apache#8 0x10809390 in nsh_session (pstate=0x10838c10, login=login@entry=1, argc=argc@entry=1, argv=argv@entry=0x108383f8) at nsh_session.c:245 apache#9 0x108090f8 in nsh_consolemain (argc=argc@entry=1, argv=argv@entry=0x108383f8) at nsh_consolemain.c:71 apache#10 0x1080909c in nsh_main (argc=1, argv=0x108383f8) at nsh_main.c:74 apache#11 0x1080693e in nxtask_startup (entrypt=0x10809071 <nsh_main>, argc=1, argv=0x108383f8) at sched/task_startup.c:70 apache#12 0x1080378c in nxtask_start () at task/task_start.c:134 apache#13 0x00000000 in ?? () Backtrace stopped: previous frame identical to this frame (corrupt stack?) Signed-off-by: chao an <anchao@xiaomi.com>

Redefine built-in command (info thread/thread/c) to compatible with developer habits Test board: ./tools/configure.sh -E lm3s6965-ek:qemu-flat 1. start qemu: qemu-system-arm -M lm3s6965evb -device loader,file=nuttx -serial mon:stdio -nographic -s 2. gdb attach: gdb-multiarch -ix tools/nuttx-gdbinit nuttx -ex "target extended-remote localhost:1234" 3. show thread info and callstack: | (gdb) info thread | * 0 Thread 0x20001548 (Name: Idle Task, State: Running, Priority: 0, Stack: 1000) PC: 0x9eee in up_idle() | 1 Thread 0x20005058 (Name: hpwork, State: Waiting,Semaphore, Priority: 224, Stack: 1992) PC: 0xa124 in up_switch_context() | 2 Thread 0x20005c20 (Name: nsh_main, State: Waiting,Semaphore, Priority: 100, Stack: 2000) PC: 0xa124 in up_switch_context() | 3 Thread 0x20006b30 (Name: NTP daemon, State: Waiting,Semaphore, Priority: 100, Stack: 1952) PC: 0xa124 in up_switch_context() | 4 Thread 0x200086f0 (Name: telnetd, State: Waiting,Semaphore, Priority: 100, Stack: 2008) PC: 0xa124 in up_switch_context() | (gdb) bt | #0 0x00009eee in up_idle () at chip/common/tiva_idle.c:62 | #1 0x00003dd2 in nx_start () at init/nx_start.c:698 | #2 0x00000190 in __start () at chip/common/lmxx_tm4c_start.c:177 | (gdb) thread 4 | 4 Thread 0x200086f0 (Name: telnetd, State: Waiting,Semaphore, Priority: 100, Stack: 2008) PC: 0xa124 in up_switch_context() | (gdb) bt | #0 up_switch_context (tcb=0x20001548 <g_idletcb>, rtcb=rtcb@entry=0x200086f0) at common/arm_switchcontext.c:95 | #1 0x0000453a in nxsem_wait (sem=sem@entry=0x2000916c) at semaphore/sem_wait.c:176 | #2 0x0000197e in _net_timedwait (sem=sem@entry=0x2000916c, interruptible=interruptible@entry=true, timeout=timeout@entry=4294967295) at utils/net_lock.c:101 | #3 0x0000198e in net_sem_timedwait (sem=sem@entry=0x2000916c, timeout=timeout@entry=4294967295) at utils/net_lock.c:242 | #4 0x00001996 in net_sem_wait (sem=sem@entry=0x2000916c) at utils/net_lock.c:330 | #5 0x00025f84 in psock_tcp_accept (psock=<optimized out>, addr=<optimized out>, addrlen=<optimized out>, newconn=newconn@entry=0x2000956c) at tcp/tcp_accept.c:274 | #6 0x00025432 in inet_accept (psock=<optimized out>, addr=<optimized out>, addrlen=<optimized out>, newsock=0x20009568, flags=0) at inet/inet_sockif.c:1443 | apache#7 0x00027a10 in psock_accept (psock=0x200044b8, addr=addr@entry=0x2000921c, addrlen=addrlen@entry=0x2000920c, newsock=newsock@entry=0x20009568, flags=flags@entry=0) at socket/accept.c:149 | apache#8 0x00027a8c in accept4 (sockfd=sockfd@entry=3, addr=addr@entry=0x2000921c, addrlen=addrlen@entry=0x2000920c, flags=flags@entry=0) at socket/accept.c:280 | apache#9 0x0002a256 in accept (sockfd=sockfd@entry=3, addr=addr@entry=0x2000921c, addrlen=addrlen@entry=0x2000920c) at net/lib_accept.c:50 | apache#10 0x0001efaa in telnetd_daemon (config=config@entry=0x20009290) at telnetd_daemon.c:200 | apache#11 0x0001e508 in telnetd_main (argc=1, argv=0x20008af8) at telnetd.c:98 | apache#12 0x00008486 in nxtask_startup (entrypt=0x1e4bd <telnetd_main>, entrypt@entry=0x1 <up_putc>, argc=1, argv=0x20008af8) at sched/task_startup.c:70 | apache#13 0x000056d2 in nxtask_start () at task/task_start.c:134 | apache#14 0x00000000 in ?? () | (gdb) c Change-Id: Iff0992976890236f3629c3bb3ab763fb4f625fa1 Signed-off-by: chao an <anchao@xiaomi.com>

…_pairs=2 ================================================================= ==2920138==ERROR: AddressSanitizer: invalid-pointer-pair: 0x603000000130 0x000000000000 #0 0x5602d3c6a89d in qsort stdlib/lib_qsort.c:180 #1 0x5602d3c28928 in romfs_cachenode romfs/fs_romfsutil.c:503 #2 0x5602d3c2854d in romfs_cachenode romfs/fs_romfsutil.c:486 #3 0x5602d3c2b056 in romfs_fsconfigure romfs/fs_romfsutil.c:777 #4 0x5602d3c24856 in romfs_bind romfs/fs_romfs.c:1111 #5 0x5602d3bf5179 in nx_mount mount/fs_mount.c:427 #6 0x5602d3bf5796 in mount mount/fs_mount.c:539 apache#7 0x5602d3bc1154 in nsh_romfsetc apps/nshlib/nsh_romfsetc.c:110 apache#8 0x5602d3b8f38d in nsh_initialize apps/nshlib/nsh_init.c:127 apache#9 0x5602d3b8f2b7 in nsh_main apps/system/nsh/nsh_main.c:69 apache#10 0x5602d3b7a3a6 in nxtask_startup sched/task_startup.c:70 apache#11 0x5602d3b5de89 in nxtask_start task/task_start.c:134 0x603000000130 is located 0 bytes inside of 32-byte region [0x603000000130,0x603000000150) allocated by thread T0 here: #0 0x7fcdac74793c in __interceptor_posix_memalign ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:226 #1 0x5602d3c9024e in host_memalign sim/posix/sim_hostmemory.c:180 #2 0x5602d3c907d2 in host_realloc sim/posix/sim_hostmemory.c:222 #3 0x5602d3b8aaff in mm_realloc sim/sim_heap.c:262 #4 0x5602d3b87a6a in realloc umm_heap/umm_realloc.c:91 #5 0x5602d3c280c4 in romfs_cachenode romfs/fs_romfsutil.c:466 #6 0x5602d3c2854d in romfs_cachenode romfs/fs_romfsutil.c:486 apache#7 0x5602d3c2b056 in romfs_fsconfigure romfs/fs_romfsutil.c:777 apache#8 0x5602d3c24856 in romfs_bind romfs/fs_romfs.c:1111 apache#9 0x5602d3bf5179 in nx_mount mount/fs_mount.c:427 apache#10 0x5602d3bf5796 in mount mount/fs_mount.c:539 apache#11 0x5602d3bc1154 in nsh_romfsetc apps/nshlib/nsh_romfsetc.c:110 apache#12 0x5602d3b8f38d in nsh_initialize apps/nshlib/nsh_init.c:127 apache#13 0x5602d3b8f2b7 in nsh_main apps/system/nsh/nsh_main.c:69 apache#14 0x5602d3b7a3a6 in nxtask_startup sched/task_startup.c:70 apache#15 0x5602d3b5de89 in nxtask_start task/task_start.c:134 Address 0x000000000000 is a wild pointer. SUMMARY: AddressSanitizer: invalid-pointer-pair stdlib/lib_qsort.c:180 in qsort ==2920138==ABORTING Aborted (core dumped) Signed-off-by: chao an <anchao@xiaomi.com>

How to setup coredump ? 1. Build config coredump: $ ./tools/configure.sh ./boards/arm/imx6/sabre-6quad/configs/coredump $ make 2. Run qemu and get the coredump snapshot: $ qemu-system-arm -semihosting -M sabrelite -m 1024 -smp 4 -nographic -kernel ./nuttx -s ABCDGHIJKNOPQ NuttShell (NSH) NuttX-10.4.0 nsh> coredump [CPU0] [ 6] Start coredump: [CPU0] [ 6] 5A5601013D03FF077F454C4601010100C0000304002800C00D003420036000070400053400200008200A4000000420030034C024200001D8092004E00200601A [CPU0] [ 6] 060C0000E85D831040030018200E400300072003403C601F06100000F8518310400340574003E0041F00142003025683106003A000E0081F005A201B4003A000 [CPU0] [ 6] E0071F03987F831040030060200E4003E0041F209003288A8310400300B820104003E0041F061C0000D09283104003609C2003C01F00202006007C2003000320 [CPU0] [ 6] 0308435055302049444C45200BE02700E0333BE01B0040A70094200340CFE0576BE0070040730006200340000424A782101420030474A482102020074137400B [CPU0] [ 6] 0030200B4027422309F51880108E8A80107F0161AA600040BFE102670031E01FBF4053E00300E0233BE02B0040A7E10267E02C6B403BE05700436B019319A167 [CPU0] [ 6] 200F20005A560100A703FF010000200000202003007C20030003200308435055322049444C45200BE0170000022003E00300E0233BE02B0040A7009420030001 [CPU0] [ 6] 2003E02F6BE007B3E04C00025683102005E0080040BFE102670033E01FBF402FE00300E0233BE02B0040A7E10267E02C6BE007B3E04C00005AE1196706687077 [CPU0] [ 6] 6F726B00E01CBF00042003E00300A03BE0500040A7C167A06BE01CA7E00300E007B3E0170042FF05BC748310785C213B00005A560100F303FF0A000074A48210 [CPU0] [ 6] 38748310242007010100E00D0008987F8310998C8010A4200303FF000020201260004008007C200300032003076E73685F6D61696E200AE0180000052003E003 [CPU0] [ 6] 00E0233BE02B0040A70094200340DFE02F6BE007B3E0170000022003078480831088998310200A0200F08E2007200FC1674003400004CC8A8310042007006420 [CPU0] [ 6] 030028200BE1176707636F726564756D70200AE0180000062003E00300E0233BE02B0040A7C167E02F6BE007B3E017000BDC458310E0988310780A0000415B03 [CPU0] [ 6] 6C9A8310416B408B4133408F01788F217BA000405F00B0202F02EB21816003035F0000602012E0EB000100005A5601002103FF0E000000005E831000A27C3F00 [CPU0] [ 6] 005080200DE0FF00E0FF00E0FF00E0CA000100005A5601001203FF010000E0FF00E0FF00E0FF00E0DA000100005A5601005403FF01000020000838748310D037 [CPU0] [ 6] 8310DF200B0487328010C8200B400F400720120000400B00AB2017005F200B04432B80101520030002200B0101012004E00600028137806033E0FF00E0FF00E0 [CPU0] [ 6] FF00E083000100005A560100F203FF010000600007808310BC8F8310DF200A088732801084FFFFFFA0200F0006200F04848A83105F200704E92D8110F1200340 [CPU0] [ 6] 1303108C8310202200FF200A0900988E8310FD248010F7A01B061BD3801054AC826033C0004023403304CDD2801001200FE00300030FA2801020061200C15080 [CPU0] [ 6] 103081821089678010A18E8310B35CE0092B400F0333EC8010404F4003200EE0640040C34003407B0D08F781107F7B801071F28010A99480C340000291938060 [CPU0] [ 6] 2340AB4003400B05A1928010F883E005AF01F99080DF40174003009DA00F00642003400F0071A00F013F692063200B018D37E00163E0FF00E0FF00E02E000100 [CPU0] [ 6] 005A5601003A03FF010000600003589083102006E0080001F092801707636F726564756D70200A600003EFBEADDEE0FF03E0FF03E0FF03E01B032342E07A0001 [CPU0] [ 6] 00005A560101C003FF010000E095000BF08E83100927801054AC8210400B201201005F2003400BE00717E0CB0040DBE007E7E00FFF40170055200F0043201720 [CPU0] [ 6] 0A6023401F4017400006111D8010207183600F047D40831018200B4023E003470794818210D91A8010E0174701E43FE00173403306F49A8310DF4C8160170448 [CPU0] [ 6] 99831041201704CE1F841002200704CD3F81100C2007049D34811040201B200A05002EF781106C200B008D200B001D201F05893E81107978806F000A200300D8 [CPU0] [ 6] 204F01D57B800F00882027400300F1E0020F009F202B40434027C06B122F798010789B8310F803000008040000C89683600F04277A80108C200700BC2037202A [CPU0] [ 6] 01008F202B20060200D092200F000820082003006C20470730A7821000FCFFFF201160000533208110D0072008201F410340230020202301B12220BB200B2019 [CPU0] [ 6] 010006200301992420DF0323000001200B01001C805740034037400340420000208F60000504000534002040166000046BE88110F0213F200A000040AB00FF20 [CPU0] [ 6] 0000E120E7400B020B188160174000400F201A00FF402B048517811065200340FB201260B000FD203303F7528110408300A9A00700E84083E00200033F698010 [CPU0] [ 6] 401B018D37814720005A5601000800090100006000010000 [CPU0] [ 6] Finish coredump (Compression Enabled). 3. Copy the hex body and save to file: $ cat elf.dump [CPU0] [ 6] 5A5601013D03FF077F454C4601010100C0000304002800C00D003420036000070400053400200008200A4000000420030034C024200001D8092004E00200601A ... [CPU0] [ 6] 401B018D37814720005A5601000800090100006000010000 4. Run tools/coredump.py to convert hex dump to elf coredump: $ ./tools/coredump.py elf.dump Chunk #1 is compressed, 317 bytes (original size: 1023 bytes) ... Chunk apache#10 is compressed, 8 bytes (original size: 9 bytes) $ ls elf.core elf.core 5. Pass core(elf.core) and bin elf(nuttx) to gdb: !!(Toolchain(arm-none-eabi-gdb) version must be newer than 11.3) !! $ arm-none-eabi-gdb -c elf.core nuttx GNU gdb (Arm GNU Toolchain 11.3.Rel1) 12.1.90.20220802-git ... Reading symbols from nuttx... [New process 6] [New process 1] [New process 2] [New process 3] [New process 4] [New process 5] [New process 6] Core was generated by `'. #0 0x10808a8e in up_idle () at chip/imx_idle.c:61 61 } [Current thread is 1 (process 6)] (gdb) (gdb) info thread Id Target Id Frame * 1 process 6 0x10808a8e in up_idle () at chip/imx_idle.c:61 2 process 1 0x10808a8e in up_idle () at chip/imx_idle.c:61 3 process 2 0x00000000 in ?? () 4 process 3 0x00000000 in ?? () 5 process 4 up_switch_context (tcb=0x1082a474 <g_idletcb>, rtcb=rtcb@entry=0x10837438) at common/arm_switchcontext.c:95 6 process 5 up_switch_context (tcb=0x10838ef0, rtcb=rtcb@entry=0x10838000) at common/arm_switchcontext.c:95 7 process 6 elf_emit_tcb_note (cinfo=0x10839a6c, tcb=0x10838ef0) at libelf/libelf_coredump.c:272 (gdb) thread 6 [Switching to thread 6 (process 5)] #0 up_switch_context (tcb=0x10838ef0, rtcb=rtcb@entry=0x10838000) at common/arm_switchcontext.c:95 95 arm_switchcontext(&rtcb->xcp.regs, tcb->xcp.regs); (gdb) bt #0 up_switch_context (tcb=0x10838ef0, rtcb=rtcb@entry=0x10838000) at common/arm_switchcontext.c:95 #1 0x10803286 in nxsem_wait (sem=0x10838fbc) at semaphore/sem_wait.c:176 #2 0x10812de8 in nxsched_waitpid (pid=pid@entry=6, stat_loc=stat_loc@entry=0x10838a84, options=options@entry=4) at sched/sched_waitpid.c:169 #3 0x10812df6 in waitpid (pid=pid@entry=6, stat_loc=stat_loc@entry=0x10838a84, options=options@entry=4) at sched/sched_waitpid.c:639 #4 0x1080d31a in nsh_builtin (vtbl=vtbl@entry=0x10838c10, cmd=0x10838e98 <error: Cannot access memory at address 0x10838e98>, argv=argv@entry=0x10838adc, redirfile=redirfile@entry=0x0, oflags=oflags@entry=0) at nsh_builtin.c:162 #5 0x1080a20e in nsh_execute (oflags=0, redirfile=0x0, argv=0x10838adc, argc=1, vtbl=0x10838c10) at nsh_parse.c:641 #6 nsh_parse_command (vtbl=vtbl@entry=0x10838c10, cmdline=<optimized out>) at nsh_parse.c:2742 apache#7 0x1080a510 in nsh_parse (vtbl=vtbl@entry=0x10838c10, cmdline=cmdline@entry=0x10838e98 <error: Cannot access memory at address 0x10838e98>) at nsh_parse.c:2826 apache#8 0x10809390 in nsh_session (pstate=0x10838c10, login=login@entry=1, argc=argc@entry=1, argv=argv@entry=0x108383f8) at nsh_session.c:245 apache#9 0x108090f8 in nsh_consolemain (argc=argc@entry=1, argv=argv@entry=0x108383f8) at nsh_consolemain.c:71 apache#10 0x1080909c in nsh_main (argc=1, argv=0x108383f8) at nsh_main.c:74 apache#11 0x1080693e in nxtask_startup (entrypt=0x10809071 <nsh_main>, argc=1, argv=0x108383f8) at sched/task_startup.c:70 apache#12 0x1080378c in nxtask_start () at task/task_start.c:134 apache#13 0x00000000 in ?? () Backtrace stopped: previous frame identical to this frame (corrupt stack?) Change-Id: Idd3df1e474ff76c645976971b794c7116c841c9a Signed-off-by: chao an <anchao@xiaomi.com>

- support ADC12 (ADC0/ADC1/ADC2) - support ADC16 (ADC3) Signed-off-by: Jiading Xu <Jiading.Xu@hpmicro.com>

==1729315==ERROR: AddressSanitizer: heap-use-after-free on address 0xf0501d60 at pc 0x032ffe43 bp 0xef4ed158 sp 0xef4ed148 READ of size 2 at 0xf0501d60 thread T0 #0 0x32ffe42 in nxsem_wait semaphore/sem_wait.c:94 #1 0x3548cf5 in _net_timedwait utils/net_lock.c:97 #2 0x3548f48 in net_sem_timedwait utils/net_lock.c:236 apache#3 0x3548f8c in net_sem_wait utils/net_lock.c:318 apache#4 0x350124d in local_accept local/local_accept.c:246 apache#5 0x3492719 in psock_accept socket/accept.c:149 apache#6 0x3492bcc in accept4 socket/accept.c:280 apache#7 0x662dc04 in accept net/lib_accept.c:50 apache#8 0x55c81ab in kvdb_loop kvdb/server.c:415 apache#9 0x55c860a in kvdbd_main kvdb/server.c:458 apache#10 0x33d968b in nxtask_startup sched/task_startup.c:70 apache#11 0x32ec039 in nxtask_start task/task_start.c:134 apache#12 0x34109be in pre_start sim/sim_initialstate.c:52 0xf0501d60 is located 288 bytes inside of 420-byte region [0xf0501c40,0xf0501de4) freed by thread T0 here: #0 0xf7aa6a3f in __interceptor_free ../../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:127 #1 0x73aa06e in host_free sim/posix/sim_hostmemory.c:192 #2 0x34131d6 in mm_free sim/sim_heap.c:230 apache#3 0x3409388 in free umm_heap/umm_free.c:49 apache#4 0x35631f3 in local_free local/local_conn.c:225 apache#5 0x3563f75 in local_release local/local_release.c:129 apache#6 0x34f5a32 in local_close local/local_sockif.c:785 apache#7 0x3496ee8 in psock_close socket/net_close.c:102 apache#8 0x36500bc in sock_file_close socket/socket.c:115 apache#9 0x3635f6c in file_close vfs/fs_close.c:74 apache#10 0x3632439 in nx_close_from_tcb inode/fs_files.c:670 apache#11 0x36324f3 in nx_close inode/fs_files.c:697 apache#12 0x3632557 in close inode/fs_files.c:735 apache#13 0x55be289 in property_set_ kvdb/client.c:210 apache#14 0x55c0309 in property_set_int32_ kvdb/common.c:226 apache#15 0x55c03f5 in property_set_int32_oneway kvdb/common.c:236 Signed-off-by: ligd <liguiding1@xiaomi.com>

==1729315==ERROR: AddressSanitizer: heap-use-after-free on address 0xf0501d60 at pc 0x032ffe43 bp 0xef4ed158 sp 0xef4ed148 READ of size 2 at 0xf0501d60 thread T0 #0 0x32ffe42 in nxsem_wait semaphore/sem_wait.c:94 #1 0x3548cf5 in _net_timedwait utils/net_lock.c:97 #2 0x3548f48 in net_sem_timedwait utils/net_lock.c:236 #3 0x3548f8c in net_sem_wait utils/net_lock.c:318 #4 0x350124d in local_accept local/local_accept.c:246 #5 0x3492719 in psock_accept socket/accept.c:149 #6 0x3492bcc in accept4 socket/accept.c:280 #7 0x662dc04 in accept net/lib_accept.c:50 #8 0x55c81ab in kvdb_loop kvdb/server.c:415 #9 0x55c860a in kvdbd_main kvdb/server.c:458 #10 0x33d968b in nxtask_startup sched/task_startup.c:70 #11 0x32ec039 in nxtask_start task/task_start.c:134 #12 0x34109be in pre_start sim/sim_initialstate.c:52 0xf0501d60 is located 288 bytes inside of 420-byte region [0xf0501c40,0xf0501de4) freed by thread T0 here: #0 0xf7aa6a3f in __interceptor_free ../../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:127 #1 0x73aa06e in host_free sim/posix/sim_hostmemory.c:192 #2 0x34131d6 in mm_free sim/sim_heap.c:230 #3 0x3409388 in free umm_heap/umm_free.c:49 #4 0x35631f3 in local_free local/local_conn.c:225 #5 0x3563f75 in local_release local/local_release.c:129 #6 0x34f5a32 in local_close local/local_sockif.c:785 #7 0x3496ee8 in psock_close socket/net_close.c:102 #8 0x36500bc in sock_file_close socket/socket.c:115 #9 0x3635f6c in file_close vfs/fs_close.c:74 #10 0x3632439 in nx_close_from_tcb inode/fs_files.c:670 #11 0x36324f3 in nx_close inode/fs_files.c:697 #12 0x3632557 in close inode/fs_files.c:735 #13 0x55be289 in property_set_ kvdb/client.c:210 #14 0x55c0309 in property_set_int32_ kvdb/common.c:226 #15 0x55c03f5 in property_set_int32_oneway kvdb/common.c:236 Signed-off-by: ligd <liguiding1@xiaomi.com>

Race condition if the remote proc is stoped during initialization phase | #0 0x0249f959 in rpmsg_destroy_ept (ept=0xffffffc0) at open-amp/lib/rpmsg/rpmsg.c:376 | #1 0x024a938c in rpmsg_deinit_vdev (rvdev=0xf2303a48) at open-amp/lib/rpmsg/rpmsg_virtio.c:971 | #2 0x02117e33 in rptun_dev_stop (rproc=0xf2303a04, stop_ns=true) at rptun/rptun.c:891 | #3 0x021181d8 in rptun_do_ioctl (priv=0xf2303a00, cmd=11010, arg=0) at rptun/rptun.c:922 | #4 0x02119722 in rptun_ioctl_foreach (cpuname=0x0, cmd=11010, value=0) at rptun/rptun.c:1086 | #5 0x0211b9df in rptun_poweroff (cpuname=0x0) at rptun/rptun.c:1378 | #6 0x02053aa6 in board_power_off (status=0) at sim/sim_head.c:206 | apache#7 0x0253d65c in boardctl (cmd=65283, arg=0) at boardctl.c:400 | apache#8 0x021eb497 in cmd_poweroff (vtbl=0xef606280, argc=1, argv=0xef9b73e0) at nsh_syscmds.c:356 | apache#9 0x021cdb4d in nsh_command (vtbl=0xef606280, argc=1, argv=0xef9b73e0) at nsh_command.c:1164 | apache#10 0x021baa72 in nsh_execute (vtbl=0xef606280, argc=1, argv=0xef9b73e0, redirfile=0x0, oflags=0) at nsh_parse.c:845 | apache#11 0x021c6b0a in nsh_parse_command (vtbl=0xef606280, cmdline=0xef606708 "poweroff") at nsh_parse.c:2744 | apache#12 0x021c7166 in nsh_parse (vtbl=0xef606280, cmdline=0xef606708 "poweroff") at nsh_parse.c:2828 | apache#13 0x0221fa2f in nsh_session (pstate=0xef606280, login=1, argc=1, argv=0xef7a7860) at nsh_session.c:245 | apache#14 0x021f8c04 in nsh_consolemain (argc=1, argv=0xef7a7860) at nsh_consolemain.c:75 | apache#15 0x021b77eb in nsh_main (argc=1, argv=0xef7a7860) at nsh_main.c:74 | apache#16 0x02166ddf in nxtask_startup (entrypt=0x21b76ca <nsh_main>, argc=1, argv=0xef7a7860) at sched/task_startup.c:70 | apache#17 0x020b363c in nxtask_start () at task/task_start.c:134 Change-Id: I6996b4f7891e9e4452f3182f42360b66bdbc2d4c Signed-off-by: chao an <anchao@xiaomi.com>

Race condition if the remote proc is stoped during initialization phase | #0 0x0249f959 in rpmsg_destroy_ept (ept=0xffffffc0) at open-amp/lib/rpmsg/rpmsg.c:376 | #1 0x024a938c in rpmsg_deinit_vdev (rvdev=0xf2303a48) at open-amp/lib/rpmsg/rpmsg_virtio.c:971 | #2 0x02117e33 in rptun_dev_stop (rproc=0xf2303a04, stop_ns=true) at rptun/rptun.c:891 | #3 0x021181d8 in rptun_do_ioctl (priv=0xf2303a00, cmd=11010, arg=0) at rptun/rptun.c:922 | #4 0x02119722 in rptun_ioctl_foreach (cpuname=0x0, cmd=11010, value=0) at rptun/rptun.c:1086 | #5 0x0211b9df in rptun_poweroff (cpuname=0x0) at rptun/rptun.c:1378 | #6 0x02053aa6 in board_power_off (status=0) at sim/sim_head.c:206 | apache#7 0x0253d65c in boardctl (cmd=65283, arg=0) at boardctl.c:400 | apache#8 0x021eb497 in cmd_poweroff (vtbl=0xef606280, argc=1, argv=0xef9b73e0) at nsh_syscmds.c:356 | apache#9 0x021cdb4d in nsh_command (vtbl=0xef606280, argc=1, argv=0xef9b73e0) at nsh_command.c:1164 | apache#10 0x021baa72 in nsh_execute (vtbl=0xef606280, argc=1, argv=0xef9b73e0, redirfile=0x0, oflags=0) at nsh_parse.c:845 | apache#11 0x021c6b0a in nsh_parse_command (vtbl=0xef606280, cmdline=0xef606708 "poweroff") at nsh_parse.c:2744 | apache#12 0x021c7166 in nsh_parse (vtbl=0xef606280, cmdline=0xef606708 "poweroff") at nsh_parse.c:2828 | apache#13 0x0221fa2f in nsh_session (pstate=0xef606280, login=1, argc=1, argv=0xef7a7860) at nsh_session.c:245 | apache#14 0x021f8c04 in nsh_consolemain (argc=1, argv=0xef7a7860) at nsh_consolemain.c:75 | apache#15 0x021b77eb in nsh_main (argc=1, argv=0xef7a7860) at nsh_main.c:74 | apache#16 0x02166ddf in nxtask_startup (entrypt=0x21b76ca <nsh_main>, argc=1, argv=0xef7a7860) at sched/task_startup.c:70 | apache#17 0x020b363c in nxtask_start () at task/task_start.c:134 Signed-off-by: chao an <anchao@xiaomi.com>

Race condition if the remote proc is stoped during initialization phase | #0 0x0249f959 in rpmsg_destroy_ept (ept=0xffffffc0) at open-amp/lib/rpmsg/rpmsg.c:376 | #1 0x024a938c in rpmsg_deinit_vdev (rvdev=0xf2303a48) at open-amp/lib/rpmsg/rpmsg_virtio.c:971 | #2 0x02117e33 in rptun_dev_stop (rproc=0xf2303a04, stop_ns=true) at rptun/rptun.c:891 | #3 0x021181d8 in rptun_do_ioctl (priv=0xf2303a00, cmd=11010, arg=0) at rptun/rptun.c:922 | #4 0x02119722 in rptun_ioctl_foreach (cpuname=0x0, cmd=11010, value=0) at rptun/rptun.c:1086 | #5 0x0211b9df in rptun_poweroff (cpuname=0x0) at rptun/rptun.c:1378 | #6 0x02053aa6 in board_power_off (status=0) at sim/sim_head.c:206 | #7 0x0253d65c in boardctl (cmd=65283, arg=0) at boardctl.c:400 | #8 0x021eb497 in cmd_poweroff (vtbl=0xef606280, argc=1, argv=0xef9b73e0) at nsh_syscmds.c:356 | #9 0x021cdb4d in nsh_command (vtbl=0xef606280, argc=1, argv=0xef9b73e0) at nsh_command.c:1164 | #10 0x021baa72 in nsh_execute (vtbl=0xef606280, argc=1, argv=0xef9b73e0, redirfile=0x0, oflags=0) at nsh_parse.c:845 | #11 0x021c6b0a in nsh_parse_command (vtbl=0xef606280, cmdline=0xef606708 "poweroff") at nsh_parse.c:2744 | #12 0x021c7166 in nsh_parse (vtbl=0xef606280, cmdline=0xef606708 "poweroff") at nsh_parse.c:2828 | #13 0x0221fa2f in nsh_session (pstate=0xef606280, login=1, argc=1, argv=0xef7a7860) at nsh_session.c:245 | #14 0x021f8c04 in nsh_consolemain (argc=1, argv=0xef7a7860) at nsh_consolemain.c:75 | #15 0x021b77eb in nsh_main (argc=1, argv=0xef7a7860) at nsh_main.c:74 | #16 0x02166ddf in nxtask_startup (entrypt=0x21b76ca <nsh_main>, argc=1, argv=0xef7a7860) at sched/task_startup.c:70 | #17 0x020b363c in nxtask_start () at task/task_start.c:134 Signed-off-by: chao an <anchao@xiaomi.com>

Race condition if the remote proc is stoped during initialization phase | #0 0x0249f959 in rpmsg_destroy_ept (ept=0xffffffc0) at open-amp/lib/rpmsg/rpmsg.c:376 | #1 0x024a938c in rpmsg_deinit_vdev (rvdev=0xf2303a48) at open-amp/lib/rpmsg/rpmsg_virtio.c:971 | #2 0x02117e33 in rptun_dev_stop (rproc=0xf2303a04, stop_ns=true) at rptun/rptun.c:891 | #3 0x021181d8 in rptun_do_ioctl (priv=0xf2303a00, cmd=11010, arg=0) at rptun/rptun.c:922 | #4 0x02119722 in rptun_ioctl_foreach (cpuname=0x0, cmd=11010, value=0) at rptun/rptun.c:1086 | #5 0x0211b9df in rptun_poweroff (cpuname=0x0) at rptun/rptun.c:1378 | #6 0x02053aa6 in board_power_off (status=0) at sim/sim_head.c:206 | apache#7 0x0253d65c in boardctl (cmd=65283, arg=0) at boardctl.c:400 | apache#8 0x021eb497 in cmd_poweroff (vtbl=0xef606280, argc=1, argv=0xef9b73e0) at nsh_syscmds.c:356 | apache#9 0x021cdb4d in nsh_command (vtbl=0xef606280, argc=1, argv=0xef9b73e0) at nsh_command.c:1164 | apache#10 0x021baa72 in nsh_execute (vtbl=0xef606280, argc=1, argv=0xef9b73e0, redirfile=0x0, oflags=0) at nsh_parse.c:845 | apache#11 0x021c6b0a in nsh_parse_command (vtbl=0xef606280, cmdline=0xef606708 "poweroff") at nsh_parse.c:2744 | apache#12 0x021c7166 in nsh_parse (vtbl=0xef606280, cmdline=0xef606708 "poweroff") at nsh_parse.c:2828 | apache#13 0x0221fa2f in nsh_session (pstate=0xef606280, login=1, argc=1, argv=0xef7a7860) at nsh_session.c:245 | apache#14 0x021f8c04 in nsh_consolemain (argc=1, argv=0xef7a7860) at nsh_consolemain.c:75 | apache#15 0x021b77eb in nsh_main (argc=1, argv=0xef7a7860) at nsh_main.c:74 | apache#16 0x02166ddf in nxtask_startup (entrypt=0x21b76ca <nsh_main>, argc=1, argv=0xef7a7860) at sched/task_startup.c:70 | apache#17 0x020b363c in nxtask_start () at task/task_start.c:134 Signed-off-by: chao an <anchao@xiaomi.com>

- support ADC12 (ADC0/ADC1/ADC2) - support ADC16 (ADC3) Signed-off-by: Jiading Xu <Jiading.Xu@hpmicro.com>

Race condition if the remote proc is stoped during initialization phase | #0 0x0249f959 in rpmsg_destroy_ept (ept=0xffffffc0) at open-amp/lib/rpmsg/rpmsg.c:376 | apache#1 0x024a938c in rpmsg_deinit_vdev (rvdev=0xf2303a48) at open-amp/lib/rpmsg/rpmsg_virtio.c:971 | apache#2 0x02117e33 in rptun_dev_stop (rproc=0xf2303a04, stop_ns=true) at rptun/rptun.c:891 | apache#3 0x021181d8 in rptun_do_ioctl (priv=0xf2303a00, cmd=11010, arg=0) at rptun/rptun.c:922 | apache#4 0x02119722 in rptun_ioctl_foreach (cpuname=0x0, cmd=11010, value=0) at rptun/rptun.c:1086 | apache#5 0x0211b9df in rptun_poweroff (cpuname=0x0) at rptun/rptun.c:1378 | apache#6 0x02053aa6 in board_power_off (status=0) at sim/sim_head.c:206 | apache#7 0x0253d65c in boardctl (cmd=65283, arg=0) at boardctl.c:400 | apache#8 0x021eb497 in cmd_poweroff (vtbl=0xef606280, argc=1, argv=0xef9b73e0) at nsh_syscmds.c:356 | apache#9 0x021cdb4d in nsh_command (vtbl=0xef606280, argc=1, argv=0xef9b73e0) at nsh_command.c:1164 | apache#10 0x021baa72 in nsh_execute (vtbl=0xef606280, argc=1, argv=0xef9b73e0, redirfile=0x0, oflags=0) at nsh_parse.c:845 | apache#11 0x021c6b0a in nsh_parse_command (vtbl=0xef606280, cmdline=0xef606708 "poweroff") at nsh_parse.c:2744 | apache#12 0x021c7166 in nsh_parse (vtbl=0xef606280, cmdline=0xef606708 "poweroff") at nsh_parse.c:2828 | apache#13 0x0221fa2f in nsh_session (pstate=0xef606280, login=1, argc=1, argv=0xef7a7860) at nsh_session.c:245 | apache#14 0x021f8c04 in nsh_consolemain (argc=1, argv=0xef7a7860) at nsh_consolemain.c:75 | apache#15 0x021b77eb in nsh_main (argc=1, argv=0xef7a7860) at nsh_main.c:74 | apache#16 0x02166ddf in nxtask_startup (entrypt=0x21b76ca <nsh_main>, argc=1, argv=0xef7a7860) at sched/task_startup.c:70 | apache#17 0x020b363c in nxtask_start () at task/task_start.c:134 Signed-off-by: chao an <anchao@xiaomi.com>

starcatio added 8 commits December 28, 2019 00:31

fix uart2port in sam_serial

e89db77

fix the rest of the uarts in sam_serial

f4a99ee

fix some minor typos

716100c

fix typo

e83f784

updating pinmap with default UARTn_RXD, _TXD

9b38412

- so nuttx will get further in the compile

moving UART pin disambiguation to board.h

5df08ca

fixing typo in USART pin docs

dbc2d54

clarified UART pin function in comments

076e6ab

patacongo changed the base branch from dev to master December 31, 2019 14:07

patacongo merged commit 3c2fbe3 into apache:master Dec 31, 2019

anchao mentioned this pull request Jun 15, 2020

arch/stackframe: fix heap buffer overflow #1234

Merged

anchao mentioned this pull request Dec 14, 2020

fs/unionfs: remove excessive protection to avoid deadlock #2532

Merged

zhuyanlinzyl mentioned this pull request Feb 7, 2022

armv7-r/a: bugfix: fix a4 register use but not store in xxx_invalidate/flush/clean_all.S #5367

Merged

GUIDINGLI mentioned this pull request Mar 25, 2022

epoll: fix epoll close error, report by kasan #5846

Merged

tito97sp added a commit to tito97sp/incubator-nuttx that referenced this pull request May 26, 2022

Merge pull request apache#13 from tito97sp/Create-root-makefile

063f562

new root Makefile

anchao mentioned this pull request Aug 1, 2022

mm_heap/kasan: poison free node after return back the heap list #6750

Merged

anchao mentioned this pull request May 8, 2023

libc/qsort: fix invalid-pointer-pair if enable detect_invalid_pointer_pairs=2 #9207

Merged

chenzhihong007 pushed a commit to hpmicro/nuttx that referenced this pull request Aug 1, 2023

arch: add ADC device drivers apache#13

72875c8

- support ADC12 (ADC0/ADC1/ADC2) - support ADC16 (ADC3) Signed-off-by: Jiading Xu <Jiading.Xu@hpmicro.com>

GUIDINGLI mentioned this pull request Sep 23, 2023

local socket: fix accept used after free #10785

Merged

chenzhihong007 pushed a commit to hpmicro/nuttx that referenced this pull request Feb 23, 2024

arch: add ADC device drivers apache#13

bbe0825

- support ADC12 (ADC0/ADC1/ADC2) - support ADC16 (ADC3) Signed-off-by: Jiading Xu <Jiading.Xu@hpmicro.com>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

sama3 sam_serial.c USART selection fixes #13

sama3 sam_serial.c USART selection fixes #13

adamfeuer commented Dec 28, 2019 •

edited

Loading

adamfeuer commented Dec 28, 2019

adamfeuer commented Dec 31, 2019

sama3 sam_serial.c USART selection fixes #13

sama3 sam_serial.c USART selection fixes #13

Conversation

adamfeuer commented Dec 28, 2019 • edited Loading

Summary

Impact

Limitations / TODO

Detail

Testing

adamfeuer commented Dec 28, 2019

adamfeuer commented Dec 31, 2019

adamfeuer commented Dec 28, 2019 •

edited

Loading