Wrong memory alignment calculation in libc-stdlib-stubs.c function OCS_malloc()

[frank-kue]

Describe the bug
In function OCS_malloc() of file src/unit-test-coverage/ut-stubs/src/libc-stdlib-stubs.c the following memory alignment calculation is incorrect:

NextSize  = (NextSize + MPOOL_ALIGN - 1) & ~((size_t)MPOOL_ALIGN);

Note: MPOOL_ALIGN = 16. The last term in the calculation must be: ~((cpuaddr)MPOOL_ALIGN - 1). As example, see the following line which appears earlier in the same function:

PoolStart = (PoolStart + MPOOL_ALIGN - 1) & ~((cpuaddr)MPOOL_ALIGN - 1);

To Reproduce
Reproduction is rather difficult. May I suggest code review instead?

The bug does not appear when I build cFS "out-of-the-box" and run its tests using SIMULATION=native (Linux) nor using SIMULATION=i686-rtems6.

Instead I built cFS for RTEMS 6, ARM architecture and BSP xilinx_zynq_a9_qemu and for a special case (no network, no dynamic loading, etc). The test coverage-vxworks-tasks-testrunner.exe crashed when compiled with -O2 (but not with -O0) at the following point:

    [BEGIN] UNIT TEST

    [BEGIN] 01 SETUP
    [  END] No test cases

    [BEGIN] 01 OS_VxWorks_TaskAPI_Impl_Init
    [ PASS] 01.001 coveragetest-tasks.c:46 - UT_Call_OS_VxWorks_TaskAPI_Impl_Init() (0) == OS_SUCCESS (0)
    [  END] 01 OS_VxWorks_TaskAPI_Impl_Init TOTAL::1     PASS::1     FAIL::0     MIR::0     TSF::0     TTF::0     WARN::0   
    
    [BEGIN] 02 OS_TaskCreate_Impl
    [ PASS] 02.001 coveragetest-tasks.c:75 - OS_TaskCreate_Impl(&token, 0) (-1) == OS_ERROR (-1)
    [ PASS] 02.002 coveragetest-tasks.c:78 - OS_TaskCreate_Impl(&token, OS_FP_ENABLED) (0) == OS_SUCCESS (0)
    [ PASS] 02.003 coveragetest-tasks.c:79 - malloc() called
    [ PASS] 02.004 coveragetest-tasks.c:80 - free() not called
    [ PASS] 02.005 coveragetest-tasks.c:81 - taskInit() called
    [ PASS] 02.006 coveragetest-tasks.c:82 - taskActivate() called
    [ PASS] 02.007 coveragetest-tasks.c:86 - OS_TaskCreate_Impl(&token, OS_FP_ENABLED) (0) == OS_SUCCESS (0)
    [ PASS] 02.008 coveragetest-tasks.c:87 - malloc() not called
    [ PASS] 02.009 coveragetest-tasks.c:88 - free() not called
    [ PASS] 02.010 coveragetest-tasks.c:89 - taskInit() called
    [ PASS] 02.011 coveragetest-tasks.c:90 - taskActivate() called

Expected behavior
The alignment calculation should be correct (i.e. no test should crash due to not permitted memory access).

Code snips
See above.

System observed on:

• QEMU Emulation
• OS: RTEMS 6
• Architecture: ARM
• BSP: xilinx_zynq_a9_qemu
• Version OSAL: 0bd6c42 (with local modifications)
• Version cFS: 35548bc69590f3341ad0fc9c8a70ffea9d68ad44 (with local modifications)

Additional context
None.

Reporter Info
Frank Kuehndel, embedded brains

[frank-kue]

@jphickey @dzbaker Thanks for reviewing this bug, its fix and for merging it.