19199: sys/suit: Ensure previous thread is stopped before reusing its stack r=benpicco a=chrysn
### Contribution description
Closes: https://github.com/RIOT-OS/RIOT/issues/19195
If the thread has released the mutex but the thread has not terminated (which happens in the situation that would previously have overwritten a still active thread's state), then a warning is shown and the trigger is ignored.
### Testing procedure
This should work before and after:
* `make -C examples/suit_update BOARD=native all term`
* `aiocoap-client coap://'[fe80::3c63:beff:fe85:ca96%tapbr0]'/suit/trigger -m POST --payload 'coap://[2001:db8::]/foo'`
* In parallel, on the RIOT shell, run `suit fetch coap://[2001:db8::]/foo`
* After the first download fails, the second one starts right away ("suit_worker: update failed, hdr invalid" / "suit_worker: started").
Run again with the worker thread on low priority:
```patch
diff --git a/sys/suit/transport/worker.c b/sys/suit/transport/worker.c
index a54022fb28..e26701a64c 100644
--- a/sys/suit/transport/worker.c
+++ b/sys/suit/transport/worker.c
`@@` -70 +70 `@@`
-#define SUIT_COAP_WORKER_PRIO THREAD_PRIORITY_MAIN - 1
+#define SUIT_COAP_WORKER_PRIO THREAD_PRIORITY_MAIN + 1
```
Before, this runs the download once silently (no clue why it doesn't run it twice, but then again, I claim there's concurrent memory access from two thread, so who knows what happens). After, it runs a single download and shows an error message for the second one once the first is complete ("Ignoring SUIT trigger: worker is still busy.").
### Issues/PRs references
This may be made incrementally easier by https://github.com/RIOT-OS/RIOT/pull/19197 -- that PR as it is now would spare us the zombification (because returning would do that), and having a `wait` function would allow us to turn the new error case into a success.
19205: boards/common: add common timer config for GD32VF103 boards r=benpicco a=benpicco
19207: examples/gnrc_border_router: static: use router from advertisements by default r=benpicco a=benpicco
Co-authored-by: chrysn <chrysn@fsfe.org>
Co-authored-by: Benjamin Valentin <benjamin.valentin@bht-berlin.de>
Co-authored-by: Benjamin Valentin <benpicco@beuth-hochschule.de>
19178: nanocoap_sock: store message ID in nanocoap_sock_t r=benpicco a=benpicco
19186: cpu/gd32v: add periph_rtc support r=benpicco a=gschorcht
### Contribution description
This PR provides the `periph_rtc` support and is one of a bunch of follow up PRs that complete the peripheral drivers for GD32VF103.
### Testing procedure
`tests/periph_rtc` should work and should give the following output:
```
Help: Press s to start test, r to print it is ready
START
main(): This is RIOT! (Version: 2023.04-devel-144-gc17695-cpu/gd32v/periph_rtc)
RIOT RTC low-level driver test
This test will display 'Alarm!' every 2 seconds for 4 times
Setting clock to 2020-02-28 23:59:57
Clock value is now 2020-02-28 23:59:57
Setting alarm to 2020-02-28 23:59:59
Alarm is set to 2020-02-28 23:59:59
Alarm cleared at 2020-02-28 23:59:57
No alarm at 2020-02-28 23:59:59
Setting alarm to 2020-02-29 00:00:01
Alarm!
Alarm!
Alarm!
Alarm!
```
### Issues/PRs references
Co-authored-by: Benjamin Valentin <benjamin.valentin@bht-berlin.de>
Co-authored-by: Gunar Schorcht <gunar@schorcht.net>
18472: drivers/mrf24j40: add support for IEEE 802.15.4 Radio HAL r=benpicco a=jia200x
19175: drivers/periph_common/flashpage: fix silent error r=benpicco a=Enoch247
### Contribution description
This patch removes a test that silently hides failed writes to NULL. Instead, assert is used to ensure that the address is not NULL.
### Testing procedure
I am not certain how to update the tests to catch asserts. If this is possible, I will add a test, if someone will point me to a good example to learn from.
### Issues/PRs references
- none
Co-authored-by: Jose Alamos <jose@alamos.cc>
Co-authored-by: Joshua DeWeese <jdeweese@primecontrols.com>
19156: core/compiler_hints: add likely() / unlikely() hints r=kfessel a=benpicco
19174: tests/periph_spi clearly say when init succeeds r=benpicco a=jdavid
When the `tests/periph_spi` program succeeds the output can be interpreted as an error happened.
This PR makes it clearer when it does succeed.
### Contribution description
In `tests/periph_spi`:
- Explicitely say that the init operation was successful
- Rephrase the note to avoid misinterpretations
### Testing procedure
Run the `tests/periph_spi` program.
There is not much to test, just to verify the output, should be like this:
```
2023-01-19 10:42:33,768 # Trying to initialize SPI_DEV(1): mode: 0, clk: 0, cs_port: 0, cs_pin: 0
2023-01-19 10:42:33,777 # (if below the program crashes with a failed assertion, then it means the configuration is not supported)
2023-01-19 10:42:33,779 # Success.
```
### Issues/PRs references
Issue https://github.com/RIOT-OS/RIOT/issues/19025
Co-authored-by: Benjamin Valentin <benjamin.valentin@ml-pa.com>
Co-authored-by: J. David Ibáñez <jdavid.ibp@gmail.com>
19157: sys/shell_lock: do not call strlen, less jumpy r=benpicco a=kfessel
### Contribution description
the current `_safe_strcmp` depends on not being optimized and not being inlined (implicitly given by the -O0), this new one does less (would say not since even O3 had compile results that should not return early or show different runtimes for different secrets).
the runtime of strlen depend on the length of the string (password) therefor it is removed. `ifs` are very jumpy and depend on the contend of password, this avoids `ifs` sadly clang still compiles some boolean statements to if.
with this PR the `__attribute__((optimize("O0")))` should be removable.
### Testing procedure
see https://godbolt.org/z/x35b85cEx
and run the `<RIOT>/tests/shell_lock`
### Issues/PRs references
#19155 made me aware of this function
Co-authored-by: Karl Fessel <karl.fessel@ovgu.de>
18477: gnrc_static: add static network configuration r=miri64 a=benpicco
19101: CI: update check-labels-action r=miri64 a=kaspar030
19155: Revert "sys/pm_layered: pm_(un)block add attribute optimize(3)" r=maribu a=Teufelchen1
Revert "sys/pm_layered: pm_(un)block add attribute optimize(3) -shortens hotpath"
This reverts commit 5447203921.
### Contribution description
Compiling `examples/gnrc_networking_mac` using `TOOLCHAIN=llvm` yields the following error:
```
RIOT/sys/pm_layered/pm.c:77:16: error: unknown attribute 'optimize' ignored [-Werror,-Wunknown-attributes]
__attribute__((optimize(3)))
```
As indicated, this is because the attribute `optimize` is GCC only and not present in LLVM.
Compare the manpages of [GCC](https://gcc.gnu.org/onlinedocs/gcc/Common-Function-Attributes.html) and [LLVM](https://clang.llvm.org/docs/AttributeReference.html).
### Testing procedure
Since this should only affect performance and not behavior, no special testing is needed. I am not aware of any tests in RIOT which could verify that assumption.
### Issues/PRs references
Introduced in #18846
There is another instance of this attribute being used in[ shell_lock.c](6fb340d654/sys/shell_lock/shell_lock.c (L80)). Since the usage is security related, I omit it from this PR.
Co-authored-by: Benjamin Valentin <benjamin.valentin@ml-pa.com>
Co-authored-by: Kaspar Schleiser <kaspar@schleiser.de>
Co-authored-by: Teufelchen1 <bennet.blischke@haw-hamburg.de>
19057: fuzzing: Add uri_parser setup r=benpicco a=Teufelchen1
Hello!
### Contribution description
This PR is a replacement for PR #18802
In this contribution:
* The variable `AFL_FLAGS` is renamed to `FLAGS_FOR_AFL` because AFL is always complaining that `AFL_FLAGS` is not a valid env var for it. While this is not a bug nor an issue, I found it to be annoying.
* A generic input reader is added to simplify building a test harness
* The usage of this reader is demonstrated by adding a harness for fuzzing the uri_parser
(needs squashing after review)
### Testing procedure
Go to `fuzzing/uri_parser` and run `make all-asan` and `make fuzz` to get some action going.
Also mildly interesting: `./dist/tools/compile_test/compile_like_murdock.py -b native -a fuzzing/uri_parser`
### Issues/PRs references
The original PR #18802 is replaced because the generic input reader is present in both PRs but this PoC harness is much simpler.
19151: examples/gcoap: Fix shell parameter validation r=benpicco a=maribu
### Contribution description
Executing the shell command with an URI-Path that doesn't start with a slash results in an assertion error while composing the client side message. This is suboptimal user experience, so add an explicit check for a valid URI-Path and a dedicated error message.
### Testing procedure
#### In `master`
```
$ make BOARD=microbit-v2 -C examples/gcoap flash term
[...]
2023-01-15 22:23:32,512 # coap get [::1] /.well-known/core
2023-01-15 22:23:32,516 # gcoap_cli: sending msg ID 52272, 23 bytes
2023-01-15 22:23:32,520 # gcoap: response Success, code 2.05, 46 bytes
2023-01-15 22:23:32,524 # </cli/stats>;ct=0;rt="count";obs,</riot/board>
> coap get [::1] foo
2023-01-15 22:23:34,763 # coap get [::1] foo
2023-01-15 22:23:34,763 # 2329
2023-01-15 22:23:34,765 # *** RIOT kernel panic:
2023-01-15 22:23:34,767 # FAILED ASSERTION.
2023-01-15 22:23:34,767 #
2023-01-15 22:23:34,775 # pid | name | state Q | pri | stack ( used) ( free) | base addr | current
2023-01-15 22:23:34,784 # - | isr_stack | - - | - | 512 ( 200) ( 312) | 0x20000000 | 0x200001c8
2023-01-15 22:23:34,793 # 1 | main | running Q | 7 | 1536 ( 1072) ( 464) | 0x200006c0 | 0x2000095c
2023-01-15 22:23:34,802 # 2 | 6lo | bl rx _ | 3 | 1024 ( 328) ( 696) | 0x200036c0 | 0x200039c4
2023-01-15 22:23:34,810 # 3 | ipv6 | bl rx _ | 4 | 1024 ( 460) ( 564) | 0x20001294 | 0x20001574
2023-01-15 22:23:34,819 # 4 | udp | bl rx _ | 5 | 512 ( 300) ( 212) | 0x20003e98 | 0x20003f9c
2023-01-15 22:23:34,828 # 5 | coap | bl anyfl _ | 6 | 1112 ( 704) ( 408) | 0x20000e38 | 0x200011c4
2023-01-15 22:23:34,837 # 6 | nrf802154 | bl anyfl _ | 2 | 896 ( 288) ( 608) | 0x20001a90 | 0x20001d54
2023-01-15 22:23:34,843 # | SUM | | | 6616 ( 3352) ( 3264)
2023-01-15 22:23:34,843 #
2023-01-15 22:23:34,844 # *** halted.
2023-01-15 22:23:34,844 #
```
#### This PR
```
$ make BOARD=microbit-v2 -C examples/gcoap flash term
[...]
make: Entering directory '/home/maribu/Repos/software/RIOT/examples/gcoap'
/home/maribu/Repos/software/RIOT/dist/tools/pyterm/pyterm -p "/dev/ttyACM0" -b "115200"
2023-01-15 22:22:27,842 # Connect to serial port /dev/ttyACM0
Welcome to pyterm!
Type '/exit' to exit.
coap get [::1] /.well-known/core
2023-01-15 22:22:40,042 # coap get [::1] /.well-known/core
2023-01-15 22:22:40,046 # gcoap_cli: sending msg ID 25182, 23 bytes
2023-01-15 22:22:40,050 # gcoap: response Success, code 2.05, 46 bytes
2023-01-15 22:22:40,054 # </cli/stats>;ct=0;rt="count";obs,</riot/board>
> coap get [::1] foo
2023-01-15 22:22:43,858 # coap get [::1] foo
2023-01-15 22:22:43,862 # ERROR: URI-Path must start with a "/"
2023-01-15 22:22:43,866 # usage: coap <get|post|put|ping|proxy|info>
```
### Issues/PRs references
None
Co-authored-by: Teufelchen1 <bennet.blischke@haw-hamburg.de>
Co-authored-by: Marian Buschsieweke <marian.buschsieweke@ovgu.de>
19010: bootloaders/riotboot: add tinyUSB DFU support r=benpicco a=gschorcht
### Contribution description
This PR provides
- the tinyUSB DFU and DFU Runtime support and
- the `riotboot_tinyusb_dfu` bootloader that uses the tinyUSB DFU mode to flash new application images.
~This PR includes PR #18983 for now to be compilable.~
### Testing procedure
1. Use any board that supports the `riotboot´ and `tinyusb_device` features and flash the bootloader first, for example
```
BOARD=nucleo-f767zi make -C bootloaders/riotboot_tinyusb_dfu flash
```
and check that the `riotboot_tinyusb_dfu` bootloader is in DFU mode:
```
dfu-util --list
```
3. Flash a first application using the following command:
```
FEATURES_REQUIRED=riotboot USEMODULE=tinyusb_dfu BOARD=nucleo-f767zi \
make -C tests/saul PROGRAMMER=dfu-util riotboot/flash-slot0
```
and check that the application starts and is seen as upgradable:
```
dfu-util --list
```
4. Restart the node in bootloader DFU mode by:
```
dfu-util -e
```
Flash a second application, for example
```
FEATURES_REQUIRED=riotboot USEMODULE=tinyusb_dfu BOARD=nucleo-f767zi \
make -C tests/shell PROGRAMMER=dfu-util riotboot/flash-slot1
```
and check that the second application starts and is seen as upgradable:
```
dfu-util --list
```
### Issues/PRs references
~Depends on PR #18983~
19149: SECURITY: Describe that declassification is an option r=benpicco a=chrysn
### Contribution description
Our security policy does not contain provisions for the case when what is reported is not what we consider an actual security issue. As it is described now, everything reported through security@ would go through the full treatment, including a point release.
I'm not sure it belongs into the text itself (as it's more about how security reporters interact with the project than internals), but declassification should IMO be backed at least by 3 maintainers, and no strong NACK.
### Issues/PRs references
#19141 followed that procedure after some chat on it on the maintainers channel. (In the discussion, I proposed declassification, with 2.5 people supporting it and one "I was about to, but can we be sure nobody is using it?" voice).
Co-authored-by: Gunar Schorcht <gunar@schorcht.net>
Co-authored-by: chrysn <chrysn@fsfe.org>
17066: sys/irq: Add C++ wrapper using RAII r=maribu a=jenswet
### Contribution description
This adds a C++ wrapper around the `irq.h` API. The wrapper uses RAII to accomplish a convenient and bug resistent use.
A little background: I'm currently writing my master thesis on using C++ for embedded development, at the working group that `@maribu` is part of. For that I will try to add better C++ support to several parts of RIOT and then do some benchmarking and metrics to compare it with the C implementation. For example, I also plan to add a wrapper around i2c, a std::cout drop-in replacement and probably some more about networks or threads.
### Testing procedure
I've added a unit test to verify that the IRQ wrapper calls the original `irq` functions as expected. As C++ and wrapper testing isn't done much so far in this project, I've added two additional headers to ease testing:
1. #17076 - fake functions framework, already merged
2. As there is no framework for C++ unit tests yet, I've added something for this too. Unfortunately the existing frameworks like GoogleTest, CppUTest or CppUnit don't easily compile for embedded or are difficult to integrate in to the RIOT build process. That's why I wrote some (simple) helper functions and macros inspired by the above frameworks. That allows to create C++ tests based on a fixture class with set up and tear down methods. It also allows some simple assertions and is easily extendable for other use cases. It wraps some of the fff functionality too.
Both of this is obviously not required for the initial reason of this PR. But I'd like to provide unit tests for the features that I suggest to introduce where possible. So I'd appreciate some feedback on that too. If you'd prefer a PR without or different tests please let me know.
You can run the test `irq_cpp` locally or on the CI to test the implementation.
Please feel free to give feedback or suggest improvements!
Co-authored-by: Jens Wetterich <jens@wetterich-net.de>
18763: sys/tiny_strerror: add missing error codes r=benpicco a=maribu
### Contribution description
When double-checking the error codes provided by newlib by default (without magic defines, such as `__LINUX_ERRNO_EXTENSIONS__` or `__CYGWIN__`), some where still missing in `tiny_strerror()`. This adds the missing ones.
This in turn showed that three errno codes were missing in the avr-libc compat `errno.h`, which are added as well.
### Testing procedure
Murdock should double check that the added errno codes indeed are defined by default.
### Issues/PRs references
None
Co-authored-by: Marian Buschsieweke <marian.buschsieweke@ovgu.de>
19141: shell/rtc: Fix out of bounds access; document error behavior r=maribu a=chrysn
### Contribution description
### Testing procedure
Should be trivial enough, especially as the difference is hard to spot interactively.
On native, run the default example (and wait for the traffic to settle).
Then, run
```
> rtc poweron
> rtc settime 2022-01-01 00:00:00
> rtc settime 2022-99-01 00:00:00
```
Both still work, but the latter doesn't access unassigned memory any more
### Issues/PRs references
This fixes an issue that was submitted anonymously.
Co-authored-by: chrysn <chrysn@fsfe.org>
When double-checking the error codes provided by newlib by default
(without magic defines, such as `__LINUX_ERRNO_EXTENSIONS__` or
`__CYGWIN__`), some where still missing in `tiny_strerror()`. This
adds the missing ones.
17810: drivers/slipdev: implement sleep states r=benpicco a=benpicco
18348: sys/net/gnrc/pktbuf_static: make use of alignas() r=maribu a=maribu
### Contribution description
Since we are now using C11, we can make use of `alignas()` provided by `<stdalign.h>` to make the alignment code easier to read.
### Testing procedure
I didn't expect this to change binaries, but is safes 4 bytes. `elf_diff` shows that the compiler (at least GCC 11.3.0) was not able to detect that `gnrc_pktbuf_static_buf` was just an alias for `_pktbuf_buf`. That makes sense since it would be hard without LTO to rule out external writes to `gnrc_pktbuf_static_buf`, unless one would have added a `const` (to the pointer, not to the data the pointer points to).
The [output of `elf_diff`](https://mari-bu.de/pr_18348_gnrc_pktbuf_static_elf_diff.html) looks otherwise quite unscary.
Also:
```
$ make BOARD=nucleo-f767zi -C tests/unittests/ tests-pktbuf flash test
make: Entering directory '/home/maribu/Repos/software/RIOT/tests/unittests'
Building application "tests_unittests" for "nucleo-f767zi" with MCU "stm32".
[...]
Welcome to pyterm!
Type '/exit' to exit.
READY
s
START
.............................................
OK (45 tests)
make: Leaving directory '/home/maribu/Repos/software/RIOT/tests/unittests'
```
### Issues/PRs references
None
19120: CI: seperate check-labels and check-commits workflows r=maribu a=kaspar030
Co-authored-by: Benjamin Valentin <benjamin.valentin@ml-pa.com>
Co-authored-by: Marian Buschsieweke <marian.buschsieweke@ovgu.de>
Co-authored-by: Kaspar Schleiser <kaspar@schleiser.de>
19106: core/lib: Add macros/utils.h header r=aabadie a=maribu
### Contribution description
The macros CONCAT(), MIN(), and MAX() are defined over and over again in RIOT's code base. This de-duplicates the code by moving the macros to a common place.
### Testing procedure
Generated binaries don't change, as this only a de-duplication of macros that doesn't change their definition.
### Issues/PRs references
None
Co-authored-by: Marian Buschsieweke <marian.buschsieweke@ovgu.de>
