From 62bd622ffc49008f8e7e7c74d9086a8a1a95a416 Mon Sep 17 00:00:00 2001 From: Rahul Kar <118818625+kar-rahul-aws@users.noreply.github.com> Date: Thu, 5 Jun 2025 23:23:47 +0530 Subject: [PATCH 1/4] Update download locations to outside repository content (#1280) Update curl command to download in a non user accessible folder --- .github/workflows/coverity_scan.yml | 19 +++++++-- .github/workflows/kernel-demos.yml | 51 +++++++++++++++-------- portable/ThirdParty/GCC/ARM_TFM/README.md | 4 +- 3 files changed, 50 insertions(+), 24 deletions(-) diff --git a/.github/workflows/coverity_scan.yml b/.github/workflows/coverity_scan.yml index 803a29ba8..0afc8e2e1 100644 --- a/.github/workflows/coverity_scan.yml +++ b/.github/workflows/coverity_scan.yml @@ -42,11 +42,22 @@ jobs: # ${{ env.stepName }} echo -e "::group::${{ env.bashInfo }} ${{ env.stepName }} ${{ env.bashEnd }}" - wget -nv -qO- https://scan.coverity.com/download/linux64 --post-data "token=${COVERITY_TOKEN}&project=FreeRTOS-Kernel" | tar -zx --one-top-level=cov_scan --strip-components 1 - echo "cov_scan_path=$(pwd)/cov_scan/bin" >> $GITHUB_ENV + wget -nv -q -O "$HOME/cov-analysis.tar.gz" https://scan.coverity.com/download/linux64 --post-data="token=${COVERITY_TOKEN}&project=FreeRTOS-Kernel" + + EXPECTED_MD5="e4418004b073140d67390cffba79c3b2" + GENERATED_MD5=$(md5sum "$HOME/cov-analysis.tar.gz" | awk '{print $1}') - echo "::endgroup::" - echo -e "${{ env.bashPass }} ${{ env.stepName }} ${{ env.bashEnd }} " + if [ "$GENERATED_MD5" = "$EXPECTED_MD5" ]; then + tar -zxf "$HOME/cov-analysis.tar.gz" --one-top-level=cov_scan -C "$HOME" + echo "cov_scan_path=$HOME/cov_scan/bin" >> $GITHUB_ENV + sudo rm -f "$HOME/cov-analysis.tar.gz" + echo "::endgroup::" + echo -e "${{ env.bashPass }} ${{ env.stepName }} ${{ env.bashEnd }} " + else + echo -e "${{ env.bashFail }} MD5 checksum verification failed for cov-analysis.tar.gz ${{ env.bashEnd }}" + echo -e "${{ env.bashFail }} ${{ env.stepName }} ${{ env.bashEnd }}" + exit -1 + fi - env: stepName: Coverity Build diff --git a/.github/workflows/kernel-demos.yml b/.github/workflows/kernel-demos.yml index 404c602b5..9371e9cea 100644 --- a/.github/workflows/kernel-demos.yml +++ b/.github/workflows/kernel-demos.yml @@ -156,14 +156,27 @@ jobs: run: | # ${{ env.stepName }} echo -e "::group::${{ env.bashInfo }} ${{ env.stepName }} ${{ env.bashEnd }}" - curl -L -O https://dr-download.ti.com/software-development/ide-configuration-compiler-or-debugger/MD-LlCjWuAbzH/9.3.1.2/msp430-gcc-full-linux-x64-installer-9.3.1.2.7z sudo apt update -y sudo apt install -y p7zip-full - 7z x ./msp430-gcc-full-linux-x64-installer-9.3.1.2.7z - chmod +x ./msp430-gcc-full-linux-x64-installer-9.3.1.2.run - sudo ./msp430-gcc-full-linux-x64-installer-9.3.1.2.run --prefix /usr/bin/msp430-gcc --mode unattended - echo "::endgroup::" - echo -e "${{ env.bashPass }} ${{ env.stepName }} ${{ env.bashEnd }}" + pushd $HOME + curl -L -o msp430-gcc-full-linux-x64-installer-9.3.1.2.7z https://dr-download.ti.com/software-development/ide-configuration-compiler-or-debugger/MD-LlCjWuAbzH/9.3.1.2/msp430-gcc-full-linux-x64-installer-9.3.1.2.7z + + EXPECTED_MD5="2db2f99b4cd5c541ca0389ee20c67527" + GENERATED_MD5=$(md5sum msp430-gcc-full-linux-x64-installer-9.3.1.2.7z | awk '{print $1}') + + if [ "$GENERATED_MD5" = "$EXPECTED_MD5" ]; then + 7z x ./msp430-gcc-full-linux-x64-installer-9.3.1.2.7z + chmod +x ./msp430-gcc-full-linux-x64-installer-9.3.1.2.run + sudo ./msp430-gcc-full-linux-x64-installer-9.3.1.2.run --prefix /usr/bin/msp430-gcc --mode unattended + echo "::endgroup::" + popd + echo -e "${{ env.bashPass }} ${{ env.stepName }} ${{ env.bashEnd }}" + else + popd + echo -e "${{ env.bashFail }} MD5 checksum verification failed for msp430-gcc-full-linux-x64-installer-9.3.1.2.7z ${{ env.bashEnd }}" + echo -e "${{ env.bashFail }} ${{ env.stepName }} ${{ env.bashEnd }}" + exit -1 + fi - name: Build msp430_GCC Demo shell: bash @@ -211,21 +224,23 @@ jobs: sudo apt install -y autogen gawk libgmp-dev libmpc-dev libmpfr-dev sudo apt install -y patchutils sharutils zlib1g-dev autoconf2.64 + pushd $HOME # Download the mb-gcc toolchain from github - curl -L -O https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/binutils-microblaze_2.35-2021-0623+1_amd64.deb; - curl -L -O https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/gcc-microblaze_10.2.0-2021-0623+2_amd64.deb; - curl -L -O https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/libnewlib-microblaze-dev_3.3.0-2021-0623+3_all.deb; - curl -L -O https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/libnewlib-microblaze-doc_3.3.0-2021-0623+3_all.deb; - curl -L -O https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/libnewlib-microblaze_3.3.0-2021-0623+3_all.deb; - curl -L -O https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/newlib-source_3.3.0-2021-0623+3_all.deb; + curl -L -o binutils-microblaze.deb https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/binutils-microblaze_2.35-2021-0623+1_amd64.deb; + curl -L -o gcc-microblaze.deb https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/gcc-microblaze_10.2.0-2021-0623+2_amd64.deb; + curl -L -o libnewlib-microblaze-dev.deb https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/libnewlib-microblaze-dev_3.3.0-2021-0623+3_all.deb; + curl -L -o libnewlib-microblaze-doc.deb https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/libnewlib-microblaze-doc_3.3.0-2021-0623+3_all.deb; + curl -L -o libnewlib-microblaze.deb https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/libnewlib-microblaze_3.3.0-2021-0623+3_all.deb; + curl -L -o newlib-source.deb https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/newlib-source_3.3.0-2021-0623+3_all.deb; + popd # Install the packages for the toolchain - sudo apt install -y ./binutils-microblaze*.deb; - sudo apt install -y ./gcc-microblaze*.deb; - sudo apt install -y ./libnewlib-microblaze-dev*.deb; - sudo apt install -y ./libnewlib-microblaze-doc*.deb; - sudo apt install -y ./libnewlib-microblaze*.deb; - sudo apt install -y ./newlib-source*.deb; + sudo apt install -y $HOME/binutils-microblaze.deb; + sudo apt install -y $HOME/gcc-microblaze.deb; + sudo apt install -y $HOME/libnewlib-microblaze-dev.deb; + sudo apt install -y $HOME/libnewlib-microblaze-doc.deb; + sudo apt install -y $HOME/libnewlib-microblaze.deb; + sudo apt install -y $HOME/newlib-source.deb; # Validate that the toolchain is in the path and can be called which mb-gcc diff --git a/portable/ThirdParty/GCC/ARM_TFM/README.md b/portable/ThirdParty/GCC/ARM_TFM/README.md index 7df149f54..bc594b156 100644 --- a/portable/ThirdParty/GCC/ARM_TFM/README.md +++ b/portable/ThirdParty/GCC/ARM_TFM/README.md @@ -52,13 +52,13 @@ Kernel runs in the Non-Secure Side. The setting of this macro is decided by the setting in Secure Side which is platform-specific. If the Secure Side enables Non-Secure access to FPU, then this macro can be configured as 0 or 1. Otherwise, this macro can only be configured as 0. Please note that Cortex-M23 does not support FPU. -Please refer to [TF-M documentation](https://tf-m-user-guide.trustedfirmware.org/integration_guide/tfm_fpu_support.html) for FPU usage on the Non-Secure side. +Please refer to [TF-M documentation](https://trustedfirmware-m.readthedocs.io/en/latest/integration_guide/tfm_fpu_support.html) for FPU usage on the Non-Secure side. * `configENABLE_MVE` The setting of this macro is decided by the setting in Secure Side which is platform-specific. If the Secure Side enables Non-Secure access to MVE, then this macro can be configured as 0 or 1. Otherwise, this macro can only be configured as 0. Please note that only Cortex-M55 and Cortex-M85 support MVE. -Please refer to [TF-M documentation](https://tf-m-user-guide.trustedfirmware.org/integration_guide/tfm_fpu_support.html) for MVE usage on the Non-Secure side. +Please refer to [TF-M documentation](https://trustedfirmware-m.readthedocs.io/en/latest/integration_guide/tfm_fpu_support.html) for MVE usage on the Non-Secure side. * `configENABLE_TRUSTZONE` This macro should be configured as 0 because TF-M doesn't use the secure context management function of FreeRTOS. New secure context management might be introduced when TF-M supports multiple secure context. From 0ae0715ac9cdca3527f29285a89b911462d874ba Mon Sep 17 00:00:00 2001 From: Dakshit Babbar <100972343+DakshitBabbar@users.noreply.github.com> Date: Mon, 16 Jun 2025 20:39:05 +0530 Subject: [PATCH 2/4] Update codecov badge url (#1283) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index a6d383add..b4e87ce3b 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ [![CMock Unit Tests](https://github.com/FreeRTOS/FreeRTOS-Kernel/actions/workflows/unit-tests.yml/badge.svg?branch=main&event=push)](https://github.com/FreeRTOS/FreeRTOS-Kernel/actions/workflows/unit-tests.yml?query=branch%3Amain+event%3Apush+workflow%3A%22CMock+Unit+Tests%22++) -[![codecov](https://codecov.io/gh/FreeRTOS/FreeRTOS-Kernel/badge.svg?branch=main)](https://codecov.io/gh/FreeRTOS/FreeRTOS-Kernel) +[![codecov](https://app.codecov.io/gh/FreeRTOS/FreeRTOS-Kernel/badge.svg?branch=main)](https://codecov.io/gh/FreeRTOS/FreeRTOS-Kernel) ## Getting started From a882b105263c1fe53b1386fe17cb8b3ec90a388c Mon Sep 17 00:00:00 2001 From: Florian La Roche Date: Mon, 30 Jun 2025 08:35:46 +0200 Subject: [PATCH 3/4] fix possible NULL pointer dereference after call to configASSERT() (#1284) Compiling with clang static code analysis, possible NULL pointer dereference are found. Since configASSERT() can possibly return and continue "normal" operation, the code in queue.c and stream_buffer.c can be adjusted to avoid NULL pointer exceptions. Signed-off-by: Florian La Roche --- queue.c | 23 ++++++++--------------- stream_buffer.c | 6 ++---- 2 files changed, 10 insertions(+), 19 deletions(-) diff --git a/queue.c b/queue.c index fe06368d3..a967839de 100644 --- a/queue.c +++ b/queue.c @@ -1175,9 +1175,8 @@ BaseType_t xQueueGenericSendFromISR( QueueHandle_t xQueue, traceENTER_xQueueGenericSendFromISR( xQueue, pvItemToQueue, pxHigherPriorityTaskWoken, xCopyPosition ); - configASSERT( pxQueue ); - configASSERT( !( ( pvItemToQueue == NULL ) && ( pxQueue->uxItemSize != ( UBaseType_t ) 0U ) ) ); - configASSERT( !( ( xCopyPosition == queueOVERWRITE ) && ( pxQueue->uxLength != 1 ) ) ); + configASSERT( ( pxQueue != NULL ) && !( ( pvItemToQueue == NULL ) && ( pxQueue->uxItemSize != ( UBaseType_t ) 0U ) ) ); + configASSERT( ( pxQueue != NULL ) && !( ( xCopyPosition == queueOVERWRITE ) && ( pxQueue->uxLength != 1 ) ) ); /* RTOS ports that support interrupt nesting have the concept of a maximum * system call (or maximum API call) interrupt priority. Interrupts that are @@ -1351,16 +1350,14 @@ BaseType_t xQueueGiveFromISR( QueueHandle_t xQueue, * not (i.e. has a task with a higher priority than us been woken by this * post). */ - configASSERT( pxQueue ); - /* xQueueGenericSendFromISR() should be used instead of xQueueGiveFromISR() * if the item size is not 0. */ - configASSERT( pxQueue->uxItemSize == 0 ); + configASSERT( ( pxQueue != NULL ) && ( pxQueue->uxItemSize == 0 ) ); /* Normally a mutex would not be given from an interrupt, especially if * there is a mutex holder, as priority inheritance makes no sense for an - * interrupts, only tasks. */ - configASSERT( !( ( pxQueue->uxQueueType == queueQUEUE_IS_MUTEX ) && ( pxQueue->u.xSemaphore.xMutexHolder != NULL ) ) ); + * interrupt, only tasks. */ + configASSERT( ( pxQueue != NULL ) && !( ( pxQueue->uxQueueType == queueQUEUE_IS_MUTEX ) && ( pxQueue->u.xSemaphore.xMutexHolder != NULL ) ) ); /* RTOS ports that support interrupt nesting have the concept of a maximum * system call (or maximum API call) interrupt priority. Interrupts that are @@ -1895,12 +1892,9 @@ BaseType_t xQueuePeek( QueueHandle_t xQueue, traceENTER_xQueuePeek( xQueue, pvBuffer, xTicksToWait ); - /* Check the pointer is not NULL. */ - configASSERT( ( pxQueue ) ); - /* The buffer into which data is received can only be NULL if the data size * is zero (so no data is copied into the buffer. */ - configASSERT( !( ( ( pvBuffer ) == NULL ) && ( ( pxQueue )->uxItemSize != ( UBaseType_t ) 0U ) ) ); + configASSERT( ( pxQueue != NULL ) && !( ( ( pvBuffer ) == NULL ) && ( ( pxQueue )->uxItemSize != ( UBaseType_t ) 0U ) ) ); /* Cannot block if the scheduler is suspended. */ #if ( ( INCLUDE_xTaskGetSchedulerState == 1 ) || ( configUSE_TIMERS == 1 ) ) @@ -2152,9 +2146,8 @@ BaseType_t xQueuePeekFromISR( QueueHandle_t xQueue, traceENTER_xQueuePeekFromISR( xQueue, pvBuffer ); - configASSERT( pxQueue ); - configASSERT( !( ( pvBuffer == NULL ) && ( pxQueue->uxItemSize != ( UBaseType_t ) 0U ) ) ); - configASSERT( pxQueue->uxItemSize != 0 ); /* Can't peek a semaphore. */ + configASSERT( ( pxQueue != NULL ) && !( ( pvBuffer == NULL ) && ( pxQueue->uxItemSize != ( UBaseType_t ) 0U ) ) ); + configASSERT( ( pxQueue != NULL ) && ( pxQueue->uxItemSize != 0 ) ); /* Can't peek a semaphore. */ /* RTOS ports that support interrupt nesting have the concept of a maximum * system call (or maximum API call) interrupt priority. Interrupts that are diff --git a/stream_buffer.c b/stream_buffer.c index b1f9c0d57..4f13c679b 100644 --- a/stream_buffer.c +++ b/stream_buffer.c @@ -1653,11 +1653,9 @@ void vStreamBufferSetStreamBufferNotificationIndex( StreamBufferHandle_t xStream traceENTER_vStreamBufferSetStreamBufferNotificationIndex( xStreamBuffer, uxNotificationIndex ); - configASSERT( pxStreamBuffer ); - /* There should be no task waiting otherwise we'd never resume them. */ - configASSERT( pxStreamBuffer->xTaskWaitingToReceive == NULL ); - configASSERT( pxStreamBuffer->xTaskWaitingToSend == NULL ); + configASSERT( ( pxStreamBuffer != NULL ) && ( pxStreamBuffer->xTaskWaitingToReceive == NULL ) ); + configASSERT( ( pxStreamBuffer != NULL ) && ( pxStreamBuffer->xTaskWaitingToSend == NULL ) ); /* Check that the task notification index is valid. */ configASSERT( uxNotificationIndex < configTASK_NOTIFICATION_ARRAY_ENTRIES ); From 7225fbcbb94b945555beabfde42f756127b5a42c Mon Sep 17 00:00:00 2001 From: Gaurav-Aggarwal-AWS <33462878+aggarg@users.noreply.github.com> Date: Mon, 30 Jun 2025 18:11:30 +0530 Subject: [PATCH 4/4] Fix datatype of queue item length macros (#1286) The uxItemSize parameter in xQueueGenericCreate and xQueueGeneenericCreateStatic APIs expects a UBaseType_t type. Previously, the semSEMAPHORE_QUEUE_ITEM_LENGTH macro incorrectly cast the value to uint8_t, causing type mismatch warnings. This change resolves the issue by properly casting the value to UBaseType_t. This issue was reported here: https://github.com/FreeRTOS/FreeRTOS-Kernel/issues/1285. Signed-off-by: Gaurav Aggarwal --- include/semphr.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/semphr.h b/include/semphr.h index 8977acadb..7b44d78c0 100644 --- a/include/semphr.h +++ b/include/semphr.h @@ -37,8 +37,8 @@ typedef QueueHandle_t SemaphoreHandle_t; -#define semBINARY_SEMAPHORE_QUEUE_LENGTH ( ( uint8_t ) 1U ) -#define semSEMAPHORE_QUEUE_ITEM_LENGTH ( ( uint8_t ) 0U ) +#define semBINARY_SEMAPHORE_QUEUE_LENGTH ( ( UBaseType_t ) 1U ) +#define semSEMAPHORE_QUEUE_ITEM_LENGTH ( ( UBaseType_t ) 0U ) #define semGIVE_BLOCK_TIME ( ( TickType_t ) 0U )