Bugs in the Raspberry Pi BSP

Joel Sherrill joel.sherrill at OARcorp.com
Mon Apr 8 14:49:26 UTC 2013


On 4/8/2013 9:22 AM, Alan Cudmore wrote:
> This weekend, I was putting together an example for the Raspberry Pi 
> which includes a ramdisk, nvramdisk, shell with most commands enabled, 
> and a few of the samples built in.
>
> While much of the code I run works, I have run into a few problems.
> Some examples:
> 1. If I type "ls" on the shell, it works. If I type "ls -l" the shell 
> ( and I guess the board ) locks up. I could probably start some tasks 
> to see if it's just the shell that stops.
>
> 2. If I type in an incorrect command like "helo" rather than "help" 
> the shell will lock up.
>
> 3. If I try to copy a file "cp shell-init shell-init2"  The shell 
> seems to lock up. This is in the base imfs file system.
>
(2) looks like a very easy and suspicious case. The command lookup is a 
simple
search of a list after splitting the command line into argc/argv. From 
shell_cmdset.c:

rtems_shell_cmd_t * rtems_shell_lookup_cmd(const char * cmd) {
   rtems_shell_cmd_t * shell_cmd;
   shell_cmd=rtems_shell_first_cmd;
   while (shell_cmd) {
    if (!strcmp(shell_cmd->name,cmd)) return shell_cmd;
    shell_cmd=shell_cmd->next;
   };
   return NULL;
}

Notice that it depends on finding a NULL at the end of the list of
commands.

I am guessing you don't have a NULL there and the question
is why.

strcmp is also dangerous given that it is processing arbitrary
user input. But you aren't pushing a buffer overflow here.
> But many other things still work. I can create a 32MB ramdisk, format 
> it with RFS, mount it and fill it up with test files. I was even able 
> to copy a file on the RFS ramdisk.
>
> I was thinking that the shell issues might be due to a very basic 
> polled console driver. It might not be behaving the way a proper 
> termios compatible console driver should.
>
It is using the libchip console framework and thus is using termios.
You have to have the clock tick device driver running though since if
you don't have input, then the termios polled code will sleep for 1
tick.

If you forgot to enable the clock driver on cases with user input,
this would lock the system up.
> I think it's time to get a jtag setup for this board because I really 
> cannot tell what is going on.
>
> Alan
>
>


-- 
Joel Sherrill, Ph.D.             Director of Research & Development
joel.sherrill at OARcorp.com        On-Line Applications Research
Ask me about RTEMS: a free RTOS  Huntsville AL 35805
Support Available                (256) 722-9985




More information about the users mailing list