<div dir="ltr"><div class="gmail_default" style="font-size:small">Hi,</div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small">I am really sorry for sending the wrong patch, the crash happened because of</div><div class="gmail_default" style="font-size:small">wrong arguments to memove, bcopy has src first and dest second whereas it</div><div class="gmail_default" style="font-size:small">is vice versa in memmove. I had fixed this but had sent the old one.</div><div class="gmail_default" style="font-size:small">I am really sorry for the trouble. I'll make sure this doesn't happen again.</div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small">I have sent a v3 please take a look at that. I tested the patch by creating a new</div><div class="gmail_default" style="font-size:small">branch, applying the patch, and then building and testing. So I am sure it will work.</div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small">Thanks,</div><div class="gmail_default" style="font-size:small">Niteesh</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, May 6, 2021 at 7:17 AM Vijay Kumar Banerjee <<a href="mailto:vijay@rtems.org">vijay@rtems.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hi all,<br>
<br>
On Wed, May 5, 2021 at 8:42 AM Gedare Bloom <<a href="mailto:gedare@rtems.org" target="_blank">gedare@rtems.org</a>> wrote:<br>
><br>
> alright looks good. Vijay or Christian please confirm and push if<br>
> you're good with it too.<br>
><br>
ofw01.exe breaks after this patch. This probably needs some more debugging.<br>
<br>
If it helps, I'm pasting the error:<br>
```<br>
*** FATAL ***<br>
fatal source: 9 (RTEMS_FATAL_SOURCE_EXCEPTION)<br>
<br>
R0 = 0x8001e68c R8 = 0x8001e68c<br>
R1 = 0x80104641 R9 = 0x8005b90c<br>
R2 = 0x00000030 R10 = 0x80104640<br>
R3 = 0x80104648 R11 = 0x00000002<br>
R4 = 0x00000008 R12 = 0x8001e68b<br>
R5 = 0x00002ebc SP = 0x801045b8<br>
R6 = 0x80104640 LR = 0x8000d720<br>
R7 = 0x80101e28 PC = 0x80011ba8<br>
CPSR = 0x80000193 VEC = 0x00000004<br>
RTEMS version: 6.0.0.cfabe5d6e9d8b428110732fffb7ff6ee8211de04<br>
RTEMS tools: 10.3.1 20210409 (RTEMS 6, RSB<br>
4e256fc4cb0d91a098d2f3d88c3d302fc0426d56, Newlib 436e475)<br>
executing thread ID: 0x089010001<br>
executing thread name: IDLE<br>
U-Boot SPL 2018.09-00002-g0b54a51eee (Sep 10 2018 - 19:41:39 -0500)<br>
Trying to boot from MMC2<br>
Loading Environment from EXT4...<br>
** Unable to use mmc 0:1 for loading the env **<br>
<br>
```<br>
<br>
Best regards,<br>
Vijay<br>
<br>
> On Wed, May 5, 2021 at 12:52 AM Niteesh G. S. <<a href="mailto:niteesh.gs@gmail.com" target="_blank">niteesh.gs@gmail.com</a>> wrote:<br>
> ><br>
> ><br>
> ><br>
> > On Mon, May 3, 2021 at 11:23 PM Gedare Bloom <<a href="mailto:gedare@rtems.org" target="_blank">gedare@rtems.org</a>> wrote:<br>
> >><br>
> >> Hi Niteesh,<br>
> >><br>
> >> This looks good to me. What/how did you test it?<br>
> ><br>
> > I tested it using the ofw01 test<br>
> > <a href="https://git.rtems.org/rtems/tree/testsuites/libtests/ofw01/init.c" rel="noreferrer" target="_blank">https://git.rtems.org/rtems/tree/testsuites/libtests/ofw01/init.c</a><br>
> > and read EEPROM using i2c.<br>
> ><br>
> >><br>
> >> Gedare<br>
> >><br>
> >> On Sat, May 1, 2021 at 6:31 AM G S Niteesh Babu <<a href="mailto:niteesh.gs@gmail.com" target="_blank">niteesh.gs@gmail.com</a>> wrote:<br>
> >> ><br>
> >> > This patch adds asserts to fix coverity defects<br>
> >> > 1) CID 1474437 (Out-of-bounds access)<br>
> >> > 2) CID 1474436 (Out-of-bounds access)<br>
> >> ><br>
> >> > From manual inspection, out of bounds access cannot occur due to<br>
> >> > bounds checking but coverity fails to detect the checks.<br>
> >> > We are adding asserts as a secondary check.<br>
> >> > ---<br>
> >> > bsps/shared/ofw/ofw.c | 12 +++++++++++-<br>
> >> > 1 file changed, 11 insertions(+), 1 deletion(-)<br>
> >> ><br>
> >> > diff --git a/bsps/shared/ofw/ofw.c b/bsps/shared/ofw/ofw.c<br>
> >> > index f4b8b63931..0e0a7033ab 100644<br>
> >> > --- a/bsps/shared/ofw/ofw.c<br>
> >> > +++ b/bsps/shared/ofw/ofw.c<br>
> >> > @@ -42,6 +42,7 @@<br>
> >> > #include <assert.h><br>
> >> > #include <rtems/sysinit.h><br>
> >> > #include <ofw/ofw_test.h><br>
> >> > +#include <rtems/score/assert.h><br>
> >> ><br>
> >> > static void *fdtp = NULL;<br>
> >> ><br>
> >> > @@ -186,6 +187,7 @@ ssize_t rtems_ofw_get_prop(<br>
> >> > const void *prop;<br>
> >> > int offset;<br>
> >> > int len;<br>
> >> > + int copy_len;<br>
> >> > uint32_t cpuid;<br>
> >> ><br>
> >> > offset = rtems_fdt_phandle_to_offset(node);<br>
> >> > @@ -226,7 +228,9 @@ ssize_t rtems_ofw_get_prop(<br>
> >> > return -1;<br>
> >> > }<br>
> >> ><br>
> >> > - bcopy(prop, buf, MIN(len, bufsize));<br>
> >> > + copy_len = MIN(len, bufsize);<br>
> >> > + _Assert(copy_len <= bufsize);<br>
> >> > + memmove(prop, buf, copy_len);<br>
> >> ><br>
> >> > return len;<br>
> >> > }<br>
> >> > @@ -637,6 +641,12 @@ int rtems_ofw_get_reg(<br>
> >> > range.child_bus = fdt32_to_cpu(ptr[j].child_bus);<br>
> >> > range.size = fdt32_to_cpu(ptr[j].size);<br>
> >> ><br>
> >> > + /**<br>
> >> > + * (buf + size - (sizeof(buf[0]) - 1) is the last valid<br>
> >> > + * address for buf[i]. If buf[i] points to any address larger<br>
> >> > + * than this, it will be an out of bound access<br>
> >> > + */<br>
> >> > + _Assert(&buf[i] < (buf + size - (sizeof(buf[0]) - 1)));<br>
> >> > if (buf[i].start >= range.child_bus &&<br>
> >> > buf[i].start < range.child_bus + range.size) {<br>
> >> > offset = range.parent_bus - range.child_bus;<br>
> >> > --<br>
> >> > 2.17.1<br>
> >> ><br>
</blockquote></div>