ArduPilot/ardupilot
1
0
Fork 0
mirror of https://github.com/ArduPilot/ardupilot.git synced 2026-02-05 14:56:25 -06:00
Code Issues Packages Projects Releases 82 Wiki Activity
70,864 Commits 67 Branches 532 Tags
Commit Graph

43 Commits

Author SHA1 Message Date
Thomas Watson
2fccf2c1be AP_Scripting: remove old setjmp workarounds 
No longer necessary; verified with a debugger. These were also never
applied to Cortex-M4.
 2025-12-25 07:07:08 +11:00
Thomas Watson
83ee6fc583 AP_Scripting: use ap_setjmp 
It properly saves and restores the floating point registers.
 2025-12-25 07:07:08 +11:00
Thomas Watson
3e76fd681c AP_Scripting: drop utf8 string parsing and formatting 
Difficult to imagine a use-case and substitutable with raw hex
characters.
 2025-07-15 09:58:44 +10:00
Thomas Watson
81fdbae3ea AP_Scripting: remove utf8 library 
Difficult to imagine a use-case and easy to re-implement.

Saves 1280 bytes.
 2025-07-15 09:58:44 +10:00
Thomas Watson
6b3e37698f AP_Scripting: use native implementation of luaO_ceillog2 
Using a builtin instruction (on Cortex M3/M4/M7) saves 268 bytes.

Tested that the result is the same for all values:

  ```c
  #include <stdio.h>
  #include <limits.h>
  #include <inttypes.h>

  int cl2_new(unsigned int x) {
    const int bitwidth = CHAR_BIT*sizeof(x);
    x--;
    const int clz = x ? __builtin_clz(x) : bitwidth; // clz(0) is undefined
    return bitwidth-clz;
  }

  int cl2_old(unsigned int x) {
    static const uint8_t log_2[256] = {  /* log_2[i] = ceil(log2(i - 1)) */
      0,1,2,2,3,3,3,3,4,4,4,4,4,4,4,4,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,
      6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,
      7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
      7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
      8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
      8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
      8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
      8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8
    };
    int l = 0;
    x--;
    while (x >= 256) { l += 8; x >>= 8; }
    return l + log_2[x];
  }

  int main(int argc, char** argv) {
      for (unsigned int i=1; i!=0; i++) { // 0 is not in the domain
          int v_new = cl2_new(i);
          int v_old = cl2_old(i);
          if (v_new != v_old) {
              printf("%u: %d != %d\n", i, v_new, v_old);
              break;
          }
      }
  }
  ```
 2025-07-14 15:58:32 -05:00
Christian Clauss
7351a858b5 AP_Scripting: Fix ‘buff’ may be used uninitialized 
Fixes: #30623
* #30623

Initialized the `buff` to remove a frequent warning in our GitHub Actions.
```diff
-  char buff[LUA_TMPNAMBUFSIZE];
+  char buff[LUA_TMPNAMBUFSIZE] = {0};
```
 2025-07-13 17:14:25 +10:00
Thomas Watson
232f6524f6 AP_Scripting: patch vendored Lua to 5.3.6 
In particular this fixes some exceedingly rare/impossible
use-after-frees.

Add the new docs from the distribution and clarify where we get our code
from. To maintain our alterations, the following patches have been
applied to the source from upstream's repository (1221e987...75ea9ccb)
to bring the source up to date:

* Bug: Long brackets with a huge number of '=' causes overflow

  A long bracket with too many equal signs can overflow the 'int' used for
  the counting and some arithmetic done on the value. Changing the counter
  to 'size_t' avoids that. (Because what is counted goes to a buffer, an
  overflow in the counter will first raise a buffer-overflow error.)

* Fixed bug in 'lua_upvaluejoin'

  Bug-fix: joining an upvalue with itself could cause a use-after-free
  crash.

* Fixed typos in comments

* Fixed missing GC barriers in compiler and undump

  While building a new prototype, the GC needs barriers for every object
  (strings and nested prototypes) that is attached to the new prototype.

* Updated release number and copyright year

* Fixed bug: invalid mode can crash 'io.popen'

* Fixed bug: Negation overflow in getlocal/setlocal

* 'realloc' can fail when shrinking a block

  According to ISO C, 'realloc' can fail when shrinking a block. If that
  happens, 'l_alloc' simply ignores the fail and returns the original
  block.

* Fixed bug of long strings in binary chunks

  When "undumping" a long string, the function 'LoadVector' can call the
  reader function, which can run the garbage collector, which can collect
  the string being read. So, the string must be anchored during the call
  to 'LoadVector'.
 2025-02-22 14:45:30 +00:00
Eric Katzfey
45d1a0954e AP_Scripting: Fix method of accessing character string to fix Qurt compiler warning 2024-11-19 14:12:25 +11:00
Thomas Watson
8b63488431 AP_Scripting: remove dependency on tmpnam 
tmpnam is never linked and not necessary, and naming it/redefining it
introduces problems on platforms that do have a definition.
 2024-09-24 22:49:18 +10:00
Thomas Watson
dc4d1bacdd AP_Scripting: adjust string metatable setup to fix sandbox integrity 
In Lua, strings are the only type that come with a default metatable.
The metatable must be shared by all string objects, and it is set to be
the `string` library table each time that library is opened. In
Ardupilot's scripting engine, the last script to load then has access to
the string metatable as the library is opened fresh for each script, as
its `string` library will have been set to the metatable.

Therefore, if two scripts are loaded, A first and B second, and script B
executes e.g. `string.byte = "haha"`, then `string.byte()` and
`s:byte()` for script B are broken. Because the metatable is shared,
this also breaks `s:byte()` for script A, which violates the integrity
of the sandbox.

Fix the issue by disabling the metatable setup functionality when the
string libary is opened, then manually opening an additional copy of the
library (which won't be given to any script) and setting it as the
string metatable during intialization.

This will break any script that modifies the string metatable for
constructive purposes, but such a script could have been broken if it
weren't the only script running anyway.
 2024-07-30 10:54:00 +10:00
Thomas Watson
3a834e83c7 AP_Scripting: reference script environment directly 
Referencing the original function to run is of questionable value and
the only user uses it to grab the script environent from the upvalues.

Instead, use a reference to the script environment table directly.
 2024-07-30 10:33:56 +10:00
Andrew Tridgell
188df1312d AP_Scripting: fixed float register save/restore in setjmp/longjmp 
the register save must happen before the setjmp() call, which means
outside of the LUAI_TRY() macro. We also should be saving all 32
floating point registers
 2024-05-15 06:47:44 +10:00
Iampete1
b7dd432409 AP_Scripting: allow loading moduels from ROMFS 2024-02-27 10:17:43 +11:00
Andrew Tridgell
f8097379cb AP_Scripting: prevent a code path to abort() in scripting 
if scripting can't find an error handler it can call abort(). We don't
ever want to do that in ArduPilot
 2024-02-21 12:09:48 +11:00
Andrew Tridgell
b3240ac243 AP_Scripting: use gmtime_r() instead of gmtime() 
using gmtime_r makes gmtime thread safe
 2024-02-21 12:09:48 +11:00
bugobliterator
a497c06e83 AP_Scripting: stash and restore FPU register context in LUAI_TRY 
this fixes an issue where a lua library function triggers an exception
after it does a math operation which changes the floating point
registers on M7 MCUs (such as STM32H7). An example is math.random()
which calls math_random(), which pre-calculates a double value before
checking if the arguments to the call are valid. When it then checks
and finds invalid values the exception longjmp does not restore the
floating point registers.
 2023-07-07 07:51:02 +10:00
bugobliterator
306b14d8dc AP_Scripting: add require with sandbox inheritence 2023-04-28 12:36:08 +10:00
Andrew Tridgell
615838a7d4 AP_Scripting: ensure new user data is zero 
this prevents use of uninitialised data for user objects created in
lua, giving more predictable behaviour
 2023-03-10 14:13:55 +11:00
Andrew Tridgell
2863f3954b AP_Scripting: remove support for loading binary luac 
this saves about 2k of flash
 2022-11-28 06:23:29 +11:00
Andrew Tridgell
65746de112 AP_Scripting: enable load() function in lua scripts 
can be used to parse user supplied lua
 2022-11-28 06:23:29 +11:00
Andrew Tridgell
7a03160590 AP_Scripting: capitalise the SCR_HEAP_SIZE parm 2022-10-31 15:14:27 +11:00
Andrew Tridgell
b5b1aee954 AP_Scripting: fixed use of clock and time in lua 
not available on stm32
 2022-10-06 10:45:49 +11:00
Hwurzburg
72a927343a AP_Scripting: make LUA memory panic more helpful 2021-08-09 16:34:09 +10:00
Andrew Tridgell
ba45d32c7e AP_Scripting: avoid a error in lua with gcc 10.2 on STM32 with -Werror 2021-08-04 15:48:23 +10:00
Andy Piper
a592d76866 AP_Scripting: fix compile on clang 10 2020-11-25 09:28:06 +11:00
Andrew Tridgell
c8e604a730 AP_Scripting: fixed gcc 9.x build 2020-11-13 14:30:11 +11:00
Michael du Breuil
1a1a5e69dd AP_Scripting: Add setmetatable back to the lua sandbox 2020-10-27 10:25:56 +11:00
Andy Piper
9fef5b1e94 AP_Scripting: remove compile errors and warnings 2020-09-22 09:37:02 +10:00
Andrew Tridgell
e9a4a74e7b AP_Scripting: suppress cast-align warnings in Lua interpreter 
this is externally maintained code that makes heavy use of casting
 2020-07-10 13:31:27 +10:00
Andrew Tridgell
6222649e37 AP_Scripting: avoid build warnings 2020-04-28 10:32:23 +10:00
Michael du Breuil
75b133926f AP_Scripting: Cleanups to remove false posive warnings 2020-03-28 21:16:09 +11:00
bugobliterator
edaf9fa086 AP_Scripting: remove unused user of realloc from lua 2020-03-24 10:32:14 +11:00
Michael du Breuil
c1a599d0bd AP_Scripting: Reduce memory associated with the sandbox 2020-02-18 10:38:09 +11:00
Andrew Tridgell
b577787f68 AP_Scripting: use AP_Filesystem API 2019-08-27 15:40:43 +10:00
Michael du Breuil
6e7367b86f AP_Scripting: Reduce lua stack usage 2019-07-19 09:34:05 +09:00
Michael du Breuil
17e258d347 AP_Scripting: Reenable file IO 2019-04-26 08:07:19 +10:00
Michael du Breuil
f1d5269f9e AP_Scritping: remove more libraries from the sandbox 2019-04-11 23:03:20 -07:00
Michael du Breuil
c3e11fd34d AP_Scripting: Reduce stack allocated buffer size to reduce warnings 
about large frame size
 2019-02-01 14:31:05 -07:00
Michael du Breuil
d38dde82fe Lua: revert including lmem 2018-12-31 19:25:23 -07:00
Michael du Breuil
19a8c5a6ed AP_Scripting: Run multiple scripts at once 2018-11-14 01:41:35 +00:00
Michael du Breuil
beaa069082 AP_Scripting: Disable lua coroutines 2018-10-30 16:17:03 -07:00
Michael du Breuil
e421599e4f AP_Scripting: Hide lua IO for now 2018-10-09 10:08:52 +11:00
Michael du Breuil
513e5946bb AP_Scripting: Add Lua 5.3.5 source 2018-10-09 10:08:52 +11:00