nuttx-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GitBox <>
Subject [GitHub] [incubator-nuttx] masayuki2009 opened a new pull request #843: Fix heap corruption
Date Wed, 22 Apr 2020 00:31:52 GMT

masayuki2009 opened a new pull request #843:

   ## Description
   **Describe problem solved by the PR**
   During testing maix-bit:kostest, I found a heap corruption which destroys USR_HEAP->mm_delaylist
which was introduced in This PR fixes
this heap corruption.
   **Describe your solution**
   ```struct mm_delaynode_s *mm_delaylist``` is included in CONFIG_BUILD_PROTECTED. Actually,
it is not accessed from userland but from kernel in protected build mode. However, ```sizeof(struct
mm_heap_s)``` must be correct in userland to avoid heap corruption by accessing to adjacent
memory area.
   **Describe possible alternatives**
   I have no ideas so far.
   **Additional context**
   Please see as well.
   ## Type of change
   - [x] Bug fix (non-breaking change which fixes an issue)
   ## How Has This Been Tested?
   I tested this PR with maix-bit:kostst on qemu.
   The instructions are also updated in this PR.
   **Test Configuration**:
   * Nuttx board/config: maix-bit:kostest, maix-bit:smp
   * Hardware: qemu-system-riscv64
   * Toolchain: riscv64-unknown-elf-gcc 8.3.0
   ## Checklist:
   - [x] My code follows the style guidelines of this project (NEED link to how to run checkpatch)
   - [x] I have performed a self-review of my own code
   - [ ] I have commented my code, particularly in hard-to-understand areas
   - [x] I have made corresponding changes to the documentation
   - [x] My changes generate no new warnings
   - [ ] I have added tests that prove my fix is effective or that my feature works
   - [ ] New and existing unit tests pass locally with my changes
   - [ ] Any dependent changes have been merged and published in downstream modules
   - [ ] I have checked my code and corrected any misspellings (NEED link to how to run checkpatch

This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:

View raw message