[test_subscriber-12] /opt/ros/master/src/eclipse-cyclonedds/cyclonedds/src/ddsrt/src/mh3.c:28:53: runtime error: applying zero offset to null pointer
[test_subscriber-12] SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /opt/ros/master/src/eclipse-cyclonedds/cyclonedds/src/ddsrt/src/mh3.c:28:53 in
Signed-off-by: Dan Rose <dan@digilabs.io>
* Don't pass null to memcmp
```
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /opt/ros/master/src/ros2/rmw_cyclonedds/rmw_cyclonedds_cpp/include/rmw_cyclonedds_cpp/serdes.hpp:135:3 in
/opt/ros/master/src/eclipse-cyclonedds/cyclonedds/src/core/ddsi/src/ddsi_sertopic_default.c:41:15: runtime error: null pointer passed as argument 1, which is declared to never be null
/usr/include/string.h:64:33: note: nonnull attribute specified here
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /opt/ros/master/src/eclipse-cyclonedds/cyclonedds/src/core/ddsi/src/ddsi_sertopic_default.c:41:15 in
/opt/ros/master/src/eclipse-cyclonedds/cyclonedds/src/core/ddsi/src/ddsi_sertopic_default.c:41:31: runtime error: null pointer passed as argument 2, which is declared to never be null
/usr/include/string.h:64:33: note: nonnull attribute specified here
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /opt/ros/master/src/eclipse-cyclonedds/cyclonedds/src/core/ddsi/src/ddsi_sertopic_default.c:41:31 in
/opt/ros/master/src/eclipse-cyclonedds/cyclonedds/src/core/ddsi/src/ddsi_sertopic_default.c:45:15: runtime error: null pointer passed as argument 1, which is declared to never be null
/usr/include/string.h:64:33: note: nonnull attribute specified here
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /opt/ros/master/src/eclipse-cyclonedds/cyclonedds/src/core/ddsi/src/ddsi_sertopic_default.c:45:15 in
/opt/ros/master/src/eclipse-cyclonedds/cyclonedds/src/core/ddsi/src/ddsi_sertopic_default.c:45:30: runtime error: null pointer passed as argument 2, which is declared to never be null
/usr/include/string.h:64:33: note: nonnull attribute specified here
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /opt/ros/master/src/eclipse-cyclonedds/cyclonedds/src/core/ddsi/src/ddsi_sertopic_default.c:45:30 in
```
Signed-off-by: Dan Rose <dan@digilabs.io>
* clearer non-null check
Signed-off-by: Dan Rose <dan@digilabs.io>
The thread_states array resets the "state" to ZERO on thread termination
to indicate that the slot was unused, but it leaves the thread id
unchanged because some platforms don't have a defined value that will
never be used as a thread id. A consequence is that a newly created
thread may result in multiple slots containing their own thread id, but
generally there will only be one that is not in state ZERO.
However, the code for create_thread used to set the state to ALIVE prior
to creating the thread, and so if the events get scheduled like:
1. thread A: X.state = ALIVE
2. create new thread B, storing tid in X.tid
3. thread A: Y.state = ALIVE
4. new thread B: lookup self (and cache pointer)
5. create new thread C, storing tid in Y.tid
6. new thread C: lookup self (and cache pointer)
Then B will observe two slots in the ALIVE state, with X.tid certain to
match and Y.tid undefined (and hence possibly matching). It may
therefore pick Y. C will (in this schedule) of course always choose Y.
They cache the pointer and never look at X and Y again, except for
updating their virtual clocks.
These virtual clocks are updated non-atomically (by design it is private
to the thread) and so if both B & C use Y they can end up racing each
other in updating the virtual clock and cause the nesting level of the
"awake" state controlling garbage collection to get stuck (or wrap
around, or do other horrible things). The consequence can be anything,
from a somewhat benign variant where GC effectively stops and some
operations (deleting readers and writers and shutting down) block
forever, to use-after-free and the undefined behaviour that implies.
This commit avoids looking up the slot in the newly created threads,
instead passing the correct address in the argument. It also adds an
intermediate state INIT that serves to reserve the slot until the new
thread is actually running. It does make the look-up safe (if one were
to do it), and as it is essentially free and gives more insight in the
state of the system when viewed from a debugger, it appears a useful
addition.
Signed-off-by: Erik Boasson <eb@ilities.com>
```
/opt/ros/master/src/eclipse-cyclonedds/cyclonedds/src/tools/pubsub/common.c:586:28: warning: implicit conversion from 'long' to 'double' changes value from 9223372036854775807 to 9223372036854775808 [-Wimplicit-int-float-conversion]
if(nanosec > nextafter(INT64_MAX, 0)) {
~~~~~~~~~ ^~~~~~~~~
/usr/include/stdint.h:134:22: note: expanded from macro 'INT64_MAX'
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/include/stdint.h:116:24: note: expanded from macro '__INT64_C'
^~~~~~
<scratch space>:345:1: note: expanded from here
9223372036854775807L
^~~~~~~~~~~~~~~~~~~~
1 warning generated.
```
Signed-off-by: Dan Rose <dan@digilabs.io>
gcc 5.4 correctly warned that a null pointer was being passed into the
entity-specific "set_qos" function when changing a topic QoS, where that
parameter was tagged as "non-null". As it was never dereferenced in
this case the resulting behaviour was still correct.
It turns out that the entire function was overly complicated and that
simply passing the entity pointer round allows eliminating a few
arguments as well.
(Oddly none of the more modern toolchains used pick this up.)
Signed-off-by: Erik Boasson <eb@ilities.com>
the destination cache of the network stack is in a certain state. The issue
is resolved by binding unicast sockets (incoming unicast and all outgoing
traffic) to the address of the interface instead of inaddr_any (0.0.0.0).
Set the new configuration option internal/BindUnicastToInterfaceAddr to
false to get the old behavior.
Co-authored-by: Erik Boasson <eb@ilities.com>
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* Fix some typos.
Signed-off-by: ChenYing Kuo <evshary@gmail.com>
* Also update q_config.c, cyclonedds.rnc, cyclonedds.xsd for correct
build.
Signed-off-by: ChenYing Kuo <evshary@gmail.com>
* Remove cdds.md.
Signed-off-by: ChenYing Kuo <evshary@gmail.com>
ddsrt_asprintf did not copy non-English interface names. To fix this memory is
allocated with ddsrt_malloc and UTF-16 encoded interface names are converted to
UTF-8.
Signed-off-by: Jeroen Koekkoek <jeroen@koekkoek.nl>
This adds options to check for "unreasonable" RSS growth, receipt of a
minimum number of samples and having run a minimum number of roundtrips.
Signed-off-by: Erik Boasson <eb@ilities.com>
A keep-last volatile WHC retained data already overwritten by the writer
in the absence of ACKs, introduced by 231cb8c9.
Signed-off-by: Erik Boasson <eb@ilities.com>
The status mask on some readers got reduced to just "data available"
when used in conjunction with a waitset, but the consequence is that the
"subscription matched" listener would be suppressed.
Signed-off-by: Erik Boasson <eb@ilities.com>
This already was leaking out in the interface, so this name change was
needed too. The relationship between plist and xqos being so intimate,
doing the one but not the other made no sense.
Signed-off-by: Erik Boasson <eb@ilities.com>
The name (not its definition) now leaks out in ddsi_sertopic, and the
messy old names really shouldn't pollute the interface any more than
necessary.
Signed-off-by: Erik Boasson <eb@ilities.com>
This also removes the code duplication for the handling delivery from
local vs remote writers. (And it adds a test.)
Signed-off-by: Erik Boasson <eb@ilities.com>
This commit changes the implementation of topics so that multiple topic
entities can exist in a single participant for the same topic.
Different entities may refer to different topic implementations
(sertopics, akin to a type support in the DDS specification). All
entities (for the same participant) always have the same QoS, via the
new "ktopic" table in the participant.
Readers and writers are bound to a topic entity and inherit its
properties. If a topic comes in two definitions, say one for C and one
for C++, one can have a single participant with a reader delivering the
data in C representation and another reader delivering it in C++
representation.
This changes the behaviour of create_topic and find_topic: these now (on
successful return) always return a new entity (and thus with a unique
handle), where previously these would simply return a existing one when
possible.
This also requires some small additions to the sertopic/serdata
interface.
Signed-off-by: Erik Boasson <eb@ilities.com>
* Use the parameter tables to pretty-print QoS and plist, rather than a
hard-coded function supporting only the QoS.
* Support diffing two plists: a single table-driven function can handle
both nn_plist_t and ddsi_qos_t, and it removes the discrepancy between
the two types.
* Log content of discovery samples in trace rather than merely printing
"(plist)"
Signed-off-by: Erik Boasson <eb@ilities.com>
Implement trigger of certificate and permission expiries using the timed callbacks.
Implement directory operations such that trusted CA can be read.
This implements OS abstraction functions such as opendir and stat.
Signed-off-by: Stefan Kimmer <skimmer@s2e-systems.com>
Some of the liveliness qos tests were not using unique topic names
for the tests for local and remote readers. Re-using the participant
for these 2 tests results in unexpected reader-proxywriter matches
in the latter test. Fixed by adding a sequence number in the topic name.
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
This commit adds support for liveliness QoS when using local readers.
The implementation for (liveliness) expiration of writers used here is
similar to that used with proxy writers, and it also supports the three
liveliness kinds (1) automatic, which is trivial when using a local
reader and writer, (2) manual-by-participant and (3) manual-by-topic.
In addition, these changes and fixes are included in this commit:
- Fixed a bug in heartbeat handling in the reader: for manual-by-
participant writers the lease was not updated on reception of a
heartbeat message with liveliness flag set. This is fixed and a
test-case is added.
- Include the liveliness flag in a heartbeat message to the trace
- Trace all lease renewals, including liveliness leases
- Replaced liveliness changed state 'twitch' by 2 subsequent calls
to the status callback
- Added a test for liveliness duration 0 and 1ns (for both local
and remote readers)
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
This commit adds the build-in Access Control plugin that is part of the
DDS Security implementation for Cyclone.
The Access Control Plugin API defines the types and operations necessary
to support an access control mechanism for DDS Domain Participants.
Similar to other builtin plugins, the DDS Security access control plugin
is built as a shared library to allow dynamic library loading on runtime.
This enables DDS participants to use specific plugin implementations with
different configurations.
This commit includes some basic tests for the access control functions.
This initial version of the plugin does not support permissions expiry
(not-valid-after date in permissions configuration).
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Process review comments for access control plugin
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Part 2 of processing review changes for access control
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Add test for topicname dcps, add comment for xml date parser
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Fixed an bug in leap year count for year 2200, changed the rounding for sub-ns fraction and added an additional overflow test in DDS_Security_parse_xml_date
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Signed-off-by: Erik Boasson <eb@ilities.com>
Fix typo in dlopen_unknown test
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Signed-off-by: Erik Boasson <eb@ilities.com>
This works around a termination issue on Windows caused by the process
sometimes being unable to send a packet to itself to wake up a thread
stuck in a blocking read on a socket.
Signed-off-by: Erik Boasson <eb@ilities.com>
