QNX - An Introduction to Adaptive Partitioning Scheduler and How to Bankrupt Partitions

In preparation for my presentation on QNX APS (Adaptive Partitioning Scheduler), I decided to write a blog that goes through what partitions are, how to control resources in QNX, and what APS are. Though a lot of the information is just based on the QNX documentation all put into one page but with examples and referencing other publically available resources (i.e. foundary27, papers, blogs, and what I found from playing around with APS). This page will not go through how to use APS through the Momentics IDE nor will it cover the various C API’s to configure the partition. There’s already a lot to cover, so the C API’s will be potentially covered in another blog post (provided I can muster enough willpower to request and pester QNX for either an educational license or a 30-day trial since I no longer have access to a valid QNX license)

Read More

QNX - The Search for the Release Notes

Looking at QNX for the past 3 months has been enjoyable for the most part. But the thing that annoys me the most is the difficulty of finding the release notes for each QNX SDP. While I do have some internal access to a document that links to all the QNX release notes at work, I found it annoying how it cannot be easily obtained through a google search. (imagine if web search and web indexing services did not exist, the internet would be unnavigatable).

Read More

Dev Blog - Bufferoverflow

Being bored and not wanting to study, I randomly checked up my Github repo and realized the static analyzer flagged a critical vulnerability in my code. For those of you not familiar with static analyzer, it is a security tool that reviews/analyzes code to determine if there are any obvious security vulnerabilities in your code. On Github, there is a pipeline workflow feature that allows you to execute specific scripts/actions for any code changes you push called Github Actions. Github has made it convenient to setup security analysis on your repo. The static analyzer I am using is called CodeQL, a tool created by Github. Here’s an example of the report that was flagged:

Read More