Update to version 0.9.2

[edmc25]

• Review PR changes (3 commits)
• Fix CMakeLists.txt OPTINAL_COMPONENTS typo → OPTIONAL_COMPONENTS
• Fix PrintFormatToString.c vsnprintf_s count parameter on Windows (_TRUNCATE)
• Fix MemZeroAndCopy.h ZEROMEM macro (incorrect memset_s arg order)
• Fix A2LConvert.c ConvertValuePairsToRaw and ConvertRawToPhysByTable missing break + add return 0 on success
• Fix A2LConvert.c ConvertPhysToRaw TAB_INTP/TAB_NOINTP fall-through to default
• Fix A2LConvert.c ConvertRawToPhys RAT_FUNC: Ret=0 moved inside success branch
• Fix A2LLink.c buffer size in A2LRemoveOneReferencesForProcess (p - Name → sizeof(Name) - (p - Name))
• Fix Scheduler.c CycleDiffTimeVid write_bbvari_udword → write_bbvari_double
• Fix Scheduler.c CycleDiffTimeVid error message logging wrong VID
• Fix SchedEnableDisable.c out-of-bounds StopRequestElems[x] after loop
• Fix SchedEnableDisable.c ExecStack leak in RemoveAllStopRequest
• Fix RunTimeMeasurement.c missing includes and sizeof(line) pointer-size bug
• Fix A2LAccessData.c DupA2lData NULL check before MEMCPY
• Fix IniFileDosNotExistDialog.cpp GetXilEnvHomeDirectory missing maxc arg
• Fix ConfigureProcessDialog.cpp GetSVLFileLoadedBeforeInitProcessFileName and GetA2LFileAssociatedProcessFileName missing maxc args
• Fix make_n_next_cycles callers in GUI/RPC (added NULL Equation parameter)
• Fix remaining callers with missing maxc (GetProcessNameWithoutPath, TruncatePathFromProcessName, get_name_by_pid, GetProcessShortName, GetProcessLongName, GetProcessPidAndExecutableAndDllName, GetNextBarrierLoggingEntry)
• Fix ToParseFileStack.cpp AddFile off-by-one (Idx<=0 → Idx<0) preventing duplicate detection at index 0
• Fix ConvertDbcToCanCmd.cpp unsafe sprintf → PrintFormatToString + add missing PrintFormatToString.h include
• Code review and CodeQL - no remaining issues

---

💬 Send tasks to Copilot coding agent from Slack and Teams to turn conversations into code. Copilot posts an update in your thread when it's finished.

[edmc25]

@copilot please review this pull request. Group your findings and order them according to their criticality.

[Copilot]

@copilot please review this pull request. Group your findings and order them according to their criticality.

Here is my review of this PR, grouped by criticality:

---

🔴 Critical — Build-Breaking: Incomplete Caller Updates for Signature Changes

Several functions were given additional maxc/size parameters, but many callers across the codebase were not updated. This will cause compilation failures:

make_n_next_cycles — new const char *Equation parameter not passed by existing callers

File: Src/Scheduler/Scheduler.h / Scheduler.c

All existing callers still pass 4 arguments but the function now takes 5:

• Src/GUI/Qt/MainWindow.cpp:1730
• Src/GUI/Qt/Widgets/ControlPanel.cpp:136, 143
• Src/GUI/Qt/Hotkey.cpp:80, 83
• Src/RpcInterface/RpcServerFuncSched.c:292, 330
• Src/RpcInterface/RpcServerFuncBlackboard.c:603

get_name_by_pid / GetProcessNameWithoutPath / GetProcessShortName / GetProcessLongName / TruncatePathFromProcessName / GetProcessPidAndExecutableAndDllName — size parameters added but callers not updated

Examples of unfixed callers:

• Src/GUI/Qt/Dialog/StopProcessDialog.cpp:41 — GetProcessLongName(pid, name) (missing maxc)
• Src/GUI/Qt/Dialog/ExtErrorDialog.cpp:100 — GetProcessShortName(pid, name) (missing maxc)
• Src/GUI/Qt/Dialog/ConfigureProcessDialog.cpp:341, 541 — GetProcessLongName (missing maxc)
• Src/GUI/Qt/Dialog/BlackboardInternalDialog.cpp:152 — GetProcessShortName (missing maxc)
• Src/GUI/Qt/Widgets/CalibrationTree/CalibrationTreeOldDialogs.c:47 — get_name_by_pid (missing maxc)
• Src/GUI/Qt/Widgets/CalibrationTree/CalibrationTreeItem.cpp:553 — get_name_by_pid (missing maxc)
• Src/GUI/Qt/Widgets/CalibrationTree/ConfigCalibrationTreeViewDialog.cpp:65 — TruncatePathFromProcessName (missing maxc)
• Src/GUI/Qt/Dialog/ReferencedLabelsDialog.cpp:68, 118, 233 — TruncatePathFromProcessName (missing maxc)
• Src/DebugInfos/DebugInfoDB.c:680, 682, 3319 — GetProcessNameWithoutPath, GetProcessExecutableName, TruncatePathFromProcessName (missing maxc)
• Src/DebugInfos/DwarfReader.c:2855 — GetProcessNameWithoutPath (missing maxc)
• Src/DebugInfos/ExtProcessReferences.c:228, 229, 337–721 — get_name_by_pid, GetProcessNameWithoutPath (missing maxc)
• Src/DebugInfos/WriteSection2Exe.c:105 — get_name_by_pid (missing maxc)
• Src/DebugInfos/GetLabelByAddress.c:284 — get_name_by_pid (missing maxc)
• Src/Script/Commands/ResetProcessCmd.cpp:45 — get_name_by_pid (missing maxc)
• Src/XcpOverEthernet/XcpCopyPages.cpp:281 — GetProcessPidAndExecutableAndDllName (missing two size params)

GetNextBarrierLoggingEntry — two new size parameters missing in GUI caller

• Src/GUI/Qt/Dialog/BarrierHistoryLoggingDialog.cpp:210 — call missing par_BarrierName_Maxc and par_ProcOrSchedName_Maxc

---

🔴 Critical — Logic Bugs

1. Buffer overflow in A2LRemoveOneReferencesForProcess (Src/A2lParser/A2LLink.c:967, 977)

char *p = Name + strlen(Name);
PrintFormatToString(p, p - Name, "[%i]", i);      // WRONG: p - Name is the offset FROM start
PrintFormatToString(p, p - Name, "[%i][%i]", j, i); // Should be: sizeof(Name) - (p - Name)

p - Name gives the number of bytes already written, not the remaining buffer space. This should be sizeof(Name) - (p - Name) to avoid writing beyond the buffer.

2. Missing break causing fall-through in ConvertValuePairsToRaw (Src/A2lParser/A2LConvert.c:122)

switch (CompuTab->TabOrVtabFlag) {
case 0: // handles conversion...
    if (x == CompuTab->NumberValuePairs) {
        ret_Raw->Value.Double = ...;  // result correctly set here
    }
    // ← MISSING break! Falls through to case 1/default which returns -1
case 1: // COMPU_VTAB
case 2: // COMPU_VTAB_RANGE
default:
    return -1;

The computed raw value is silently discarded by the fall-through to return -1.

3. Same fall-through bug in ConvertRawToPhysByTable (Src/A2lParser/A2LConvert.c:333)

Identical pattern — case 0 is missing a break before case 1.

---

🟠 High Severity — Functional Bugs

4. Wrong write function used for CycleDiffTimeVid (Src/Scheduler/Scheduler.c)

pSchedulerData->CycleDiffTimeVid = add_bbvari (Help, BB_DOUBLE, "s");  // registered as double
// ...
write_bbvari_udword (pSchedulerData->CycleDiffTimeVid, 0);  // ← should be write_bbvari_double

The variable is registered as BB_DOUBLE but initialized via write_bbvari_udword.

5. Error message logs the wrong VID (Src/Scheduler/Scheduler.c)

ThrowError (1, "cannot add blackboard variable %sCycleDiffTime %i",
            GetConfigurablePrefix(...), pSchedulerData->CycleCounterVid);  // ← wrong: should be CycleDiffTimeVid

6. Incorrect ZEROMEM macro for __STDC_WANT_LIB_EXT1__ path (Src/Utilities/MemZeroAndCopy.h:58)

#define ZEROMEM(addr, size) memset_s(addr, 0, size)   // WRONG argument order
// memset_s signature: (void *s, rsize_t smax, int c, rsize_t n)
// Should be: memset_s(addr, size, 0, size)

---

🟡 Medium Severity — Incorrect / Confusing Code

7. Typo in CMakeLists.txt:63

find_package(QT NAMES Qt6 Qt5 OPTINAL_COMPONENTS COMPONENTS Svg)
#                           ^^^^^^^^^^^^^^^^
# Should be: OPTIONAL_COMPONENTS

CMake will silently ignore the unknown argument, but the intent of making SVG optional may not work as expected.

---

🟢 Informational / Minor

8. Misleading comments in A2LConvert.c

Both ConvertValuePairsToRaw and ConvertRawToPhysByTable have case 0: // COMPU_TAB will be ignored but the code does handle case 0 with real conversion logic.

9. STRUCT_ZERO_INIT version check lowered from C11 to C99

Changed from __STDC_VERSION__ >= 201112L to >= 199901L using compound literals (const type){0}, which is valid C99 — this is an improvement over the previous = {} which is a C++ extension.

---

Summary: The most urgent issues are the build-breaking incomplete caller updates (#1 group above) and the three critical logic bugs (buffer overflow + two missing break statements). These should be addressed before merging.

[Copilot]

Pull request overview

This PR updates the project to version 0.9.2 and introduces a set of “safer” utility wrappers for string formatting/copying and memory operations, then applies those wrappers across scheduler/global/external-process code. It also extends parts of scheduler stop-control and A2L conversion functionality, plus updates build configuration and sample assets.

Changes:

• Add new utilities (PrintFormatToString.*, MemZeroAndCopy.h) and adopt them broadly (replacing sprintf/strcpy/memset/memcpy patterns).
• Update multiple APIs to be buffer-length aware (e.g., CheckOpenIPCFile, several scheduler/process-name helpers).
• Extend scheduler stop requests with an optional equation condition; expand A2L conversion capabilities and related data structures; update build + samples for 0.9.2.

Reviewed changes

Copilot reviewed 111 out of 111 changed files in this pull request and generated 21 comments.

Show a summary per file

File	Description
Src/Utilities/StringMaxChar.h	Adds array-safe string copy/append helper macros; moves mem helpers into MemZeroAndCopy.h.
Src/Utilities/PrintFormatToString.h	Declares safe printf-to-buffer helpers.
Src/Utilities/PrintFormatToString.c	Implements formatting helpers using vsnprintf/vsnprintf_s.
Src/Utilities/MemZeroAndCopy.h	Introduces MEMSET/MEMCPY/ZEROMEM and struct zero-init macros.
Src/Utilities/CMakeLists.txt	Adds new utility source to targets; reorganizes common file lists.
Src/Scheduler/VirtualNetwork.c	Replaces raw memset/memcpy with project macros.
Src/Scheduler/UnixDomainSocketMessages.c	Uses safer path creation/copy; adds thread accept-handshake wait.
Src/Scheduler/SocketMessages.c	Uses safer zero-init/copy; adds thread accept-handshake wait.
Src/Scheduler/SharedDataTypes.h	Adds new blackboard conversion enum values.
Src/Scheduler/Scheduler.h	Adds fields and expands multiple APIs with Maxc parameters; adds equation param to cycle control.
Src/Scheduler/SchedEnableDisable.h	Extends timed stop request to carry an execution stack / equation.
Src/Scheduler/SchedEnableDisable.c	Implements equation-based timed stop requests; swaps to MEMSET.
Src/Scheduler/SchedBarrier.h	Makes GetNextBarrierLoggingEntry buffer-size aware.
Src/Scheduler/SchedBarrier.c	Replaces unsafe string ops/sprintf; updates barrier logging API usage.
Src/Scheduler/ScBbCopyLists.c	Replaces sprintf/memset; initializes locals; uses safe formatting.
Src/Scheduler/ProcessEquations.c	Uses StringCopyMaxCharTruncate for error aggregation.
Src/Scheduler/PipeMessages.c	Uses safe formatting/copy; adds thread accept-handshake wait.
Src/Scheduler/KillAllExternProcesses.c	Uses safe formatting for event name.
Src/Scheduler/ExternLoginTimeoutControl.c	Uses StringMalloc instead of manual malloc+strcpy.
Src/Scheduler/ExtProcessRefFilter.c	Uses safe formatting.
Src/Scheduler/BaseMessages.c	Propagates new max-length APIs; safer formatting/copy.
Src/Global/my_udiv128.c	Changes divide-by-zero behavior handling.
Src/Global/WindowIniHelper.c	Uses safe formatting/copy; fixes return value logic.
Src/Global/Wildcards.c	Reworks wildcard matching; replaces unsafe string copies; uses safe formatting.
Src/Global/UtilsWindow.c	Switches to array-safe append macro.
Src/Global/UniqueNumber.c	Comment fix.
Src/Global/TimeProcess.c	Uses gmtime_r; initializes values on init; changes task period.
Src/Global/ThrowError.h	Renames ThrowErrorWiithCycle to ThrowErrorWithCycle.
Src/Global/ThrowError.c	Uses safe formatting; refactors header allocation; updates renamed function.
Src/Global/StartupInit.c	Adds equation parser init; switches to safe copying.
Src/Global/StartExeAndWait.c	Uses MEMSET and safe formatting.
Src/Global/RunTimeMeasurement.c	Replaces memset/sprintf with project wrappers.
Src/Global/ReplaceFuncWithProg.c	Uses safe string copy/append for command line construction.
Src/Global/Platform.h	Adds Sleep for linux wrapper; makes IPC/home-dir APIs max-length aware.
Src/Global/Platform.c	Implements linux Sleep; updates IPC path building to safe string ops.
Src/Global/ParseCommandLine.c	Uses safe append/copy and StringMalloc.
Src/Global/MyMemory.h	Removes write_memory_infos_to_file prototype.
Src/Global/MyMemory.c	Uses MEMSET; removes write_memory_infos_to_file implementation.
Src/Global/MainValues.h	Adds HideControlPanelLock.
Src/Global/MainValues.c	Uses safe formatting/memset; initializes new field.
Src/Global/InitProcess.c	Uses safe formatting/copy; adjusts version vars; other init tweaks.
Src/Global/IniFileDontExist.c	Uses safe formatting/copy and new home-dir signature.
Src/Global/ImExportVarProperties.c	Uses struct zero-init macro; extends conversion cases handled.
Src/Global/ImExportDskFile.c	Uses safe formatting/copy; removes ignored return checks.
Src/Global/Files.h	Removes legacy commented block.
Src/Global/Files.c	Uses StringMalloc and safe formatting/copy in file helpers.
Src/Global/Fifos.c	Uses safe copy; removes unused debug var.
Src/Global/EnvironmentVariables.c	Uses safe formatting/copy; removes old special-case mutation block.
Src/Global/Config.h	Bumps patch version to 2.
Src/Global/CheckIfAlreadyRunning.c	Uses safe formatting; updates IPC signature.
Src/Global/CMakeLists.txt	Reorganizes linux sources; adds Platform.c to additional target.
Src/ExternalProcess/XilEnvExtProcMain.c	Fixes command-line parsing / dll path extraction logic; safer copy.
Src/ExternalProcess/XilEnvExtProc.h	Bumps patch version; replaces sprintf with safe formatting in macros.
Src/ExternalProcess/OpenXilEnvExtp.def	Changes exported symbol (removes SetHwndMainWindow, adds GetSchedulingInformation).
Src/ExternalProcess/ExtpXcpCopyPages.cpp	Uses MEMSET; makes helper APIs buffer-size aware; safe formatting/copy.
Src/ExternalProcess/ExtpVirtualNetwork.c	Uses MEMSET.
Src/ExternalProcess/ExtpUnixDomainSocketMessages.c	Uses safe IPC + copy; uses MEMSET.
Src/ExternalProcess/ExtpSocketMessages.c	Uses safe copy/format; uses MEMSET.
Src/ExternalProcess/ExtpReferenceVariables.c	Uses safe formatting; uses StringMalloc; uses MEMSET.
Src/ExternalProcess/ExtpProcessAndTaskInfos.h	Removes stored main window handle field.
Src/ExternalProcess/ExtpPipeMessages.c	Uses safe formatting for pipe name.
Src/ExternalProcess/ExtpParseCmdLine.c	Uses StringCopyMaxCharTruncate.
Src/ExternalProcess/ExtpMain.c	Removes SetHwndMainWindow call and exit(0).
Src/ExternalProcess/ExtpKillExternProcessEvent.c	Uses safe formatting/copy; alloc length fix.
Src/ExternalProcess/ExtpExtError.c	Uses safe copy/append; improves logging setup.
Src/ExternalProcess/ExtpBlackboardCopyLists.c	Fixes string allocation size; uses safe copy.
Src/ExternalProcess/ExtpBlackboard.c	Adjusts cache allocation; uses safe copy; uses MEMSET.
Src/ExternalProcess/ExtpBaseMessages.c	Removes SetHwndMainWindow; uses safe copy/append; linux SIGPIPE handling.
Src/CMakeLists.txt	Reorders Utilities add_subdirectory.
Src/A2lParser/A2LUpdate.c	Uses safe formatting/copy and struct zero-init.
Src/A2lParser/A2LTokenizer.c	Uses struct zero-init; removes dead code block.
Src/A2lParser/A2LParser.c	Uses safe formatting/copy and new varargs formatting wrapper.
Src/A2lParser/A2LLinkThread.h	Adds LinkNo.
Src/A2lParser/A2LLinkThread.c	Adds <inttypes.h>.
Src/A2lParser/A2LLink.h	Adds new alignment flag + import/export measurement refs declarations.
Src/A2lParser/A2LData.h	Changes/adds reference counters/flags/vid fields.
Src/A2lParser/A2LConvertToXcp.c	Uses safe formatting; changes ini open and section naming.
Src/A2lParser/A2LConvert.c	Adds conversion-by-table/interpolation and rational conversion changes.
Src/A2lParser/A2LBuffer.c	Uses struct zero-init.
Src/A2lParser/A2LAccessData.h	Changes Dup signature; adds equality comparator declaration.
Src/A2lParser/A2LAccessData.c	Adds default alignment option; uses MEMCPY; implements Dup/equality compare.
Samples/ExternalProcesses/ExtProc_OpenScenario/CMakeLists.txt	Renames sample source file.
Samples/ExternalProcesses/ExtProc_FMUExtract/FmuExtract.cpp	Fixes directory attribute check; adds error handling on extract.
Samples/ExternalProcesses/ExtProc_FMU3Loader/Fmu3Struct.h	Adds logging fields; includes stdio.
Samples/ExternalProcesses/ExtProc_FMU3Loader/Fmu3Execute.cpp	Adds FMU logging and uses scheduler period for timestep.
Samples/ExternalProcesses/ExtProc_FMU3Loader/ExtProc_FMU3Loader.cpp	Adds env-driven FMU logging config.
Samples/ExternalProcesses/ExtProc_FMU2Loader/Fmu2Struct.h	Adds logging fields; includes stdio.
Samples/ExternalProcesses/ExtProc_FMU2Loader/Fmu2Execute.cpp	Adds FMU logging; uses scheduler period for timestep; fixes boolean input set bug.
Samples/ExternalProcesses/ExtProc_FMU2Loader/ExtProc_FMU2Loader.cpp	Adds env-driven parameter referencing + logging; removes debug block.
Samples/ExternalProcesses/ExtProc_BatteryModel/ExtProc_BatteryModel.c	Adds random/pulse signals for sample.
Samples/Configurations/ElectricCarSampleDebug.ini	Updates sample GUI/layout/vars; bumps file version to 0.9.2.
CMakeLists.txt	Adds optional QtSvg support and link adjustments; adds dl on linux.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Macro name typo: STRING_COPY_TO_ARRAY_OFSET is likely intended to be STRING_COPY_TO_ARRAY_OFFSET. This will be easy to misuse and hurts API discoverability; consider renaming (and optionally keeping a deprecated alias for compatibility).

[Copilot]

On Windows, vsnprintf_s expects the third argument (count) to be <= sizeOfBuffer-1 or _TRUNCATE. Passing par_SizeOfDestBuffer for both sizeOfBuffer and count can trigger the invalid-parameter handler at runtime. Use _TRUNCATE (or par_SizeOfDestBuffer-1) for the count argument to get safe truncation behavior consistent with the non-Windows path.

[Copilot]

MEMSET is used here, but this file does not include the header that defines MEMSET (MemZeroAndCopy.h). PrintFormatToString is also used later without including PrintFormatToString.h. Please add the required includes (or stop using the macros here) to avoid implicit-declaration/undefined identifier build errors.

[Copilot]

Out-of-bounds access: after the for-loop, x == OpenStopRequestCount, but StopRequestElems[x] is accessed here. This can read/write past the active array. ExecStack cleanup should happen when removing each element (inside the removal loop), not by indexing after the loop.

[Copilot]

The post-thread-start wait loop relies on ThreadWillCallFirstAcceptState without proper synchronization (atomic/condvar), so it can spin/sleep unnecessarily or miss the update. Prefer signaling readiness via a condition variable (or at least an atomic with proper memory ordering).

[Copilot]

This header renames ThrowErrorWiithCycle -> ThrowErrorWithCycle, but at least one call site still uses the old symbol (e.g. Src/RemoteMaster/Client/RemoteMasterControlProcess.c:163). Either update remaining call sites or provide a temporary compatibility macro/alias to avoid link/build failures.

[Copilot]

ConvertRawToPhysByTable: case 0 falls through into the default branch that returns -1 (missing break/return). This prevents TAB_INTP/TAB_NOINTP raw->phys conversion from ever reporting success.

[Copilot]

ThreadWillCallFirstAcceptState is used for cross-thread signaling without atomic/volatile or a condition variable. This is a C data race; the waiting thread may never observe updates reliably. Use an atomic flag or a mutex+condition-variable handshake.

[Copilot]

DupA2lData copies into Ret without checking whether A2L_DATA_MALLOC succeeded. If allocation fails, MEMCPY will dereference NULL. Add a NULL check before copying and return NULL on OOM.

Suggested change

	Ret = (A2L_DATA*)A2L_DATA_MALLOC(Src->StructSize);
	Ret = (A2L_DATA*)A2L_DATA_MALLOC(Src->StructSize);
	if (Ret == NULL) {
	return NULL; // out of memory
	}

[Copilot]

The wait loop here uses ThreadWillCallFirstAcceptState as a readiness signal without synchronization (C data race). Use a condition variable or atomic flag to avoid undefined behavior and flaky startup timing.

[edmc25]

@copilot You are an expert code reviewer. Your task is to thoroughly review the provided pull request and deliver a structured, actionable report.

Your Review Scope

Examine the following dimensions:

• Correctness – logic errors, off-by-one errors, null/edge case handling
• Security – injection vulnerabilities, exposed secrets, improper auth/authz, unsafe deserialization
• Performance – inefficient algorithms, unnecessary DB/network calls, memory leaks
• Maintainability – readability, naming, duplication, overly complex logic
• Test coverage – missing or inadequate tests for changed behavior
• API/interface design – breaking changes, inconsistent conventions
• Dependencies – new packages, version conflicts, license concerns

Output Format

Group and sort your findings into the following criticality tiers, in this order:

🔴 Critical (Must fix before merge)

Issues that cause crashes, data loss, security vulnerabilities, or broken functionality.

🟠 Major (Should fix before merge)

Significant bugs, logic errors, or design issues that will likely cause problems in production.

🟡 Minor (Consider fixing)

Code quality issues, suboptimal patterns, or missing tests that don't block functionality but reduce maintainability.

🔵 Nit (Optional / Low priority)

Style inconsistencies, minor naming suggestions, or cosmetic improvements.

---

For each finding, use this structure:

• File & line(s): path/to/file.ts:42
• Issue: One-sentence summary of the problem
• Detail: Explanation of why this is a problem and what could go wrong
• Suggestion: Concrete fix or recommended approach (include a code snippet if helpful)

---

At the top of your review, provide a short Summary (3–5 sentences) covering:

• Overall assessment of the PR
• The most important concern, if any
• Whether you recommend Approve / Request Changes / Needs Discussion

Do not praise the author or add filler commentary. Be direct, specific, and constructive.

[Copilot]

@copilot You are an expert code reviewer. Your task is to thoroughly review the provided pull request and deliver a structured, actionable report.

Your Review Scope

...

Here is the structured review. All actionable issues have been fixed in commit 7ee1c49.

---

Summary: This PR is a significant update introducing safer string/memory utility wrappers and applying them broadly, extending A2L conversion, and adding scheduler stop-by-equation support. The most critical concern is a large set of API signature changes where buffer-size parameters were added to many functions, but dozens of callers were left unupdated (build-breaking). Additionally, several logic bugs were introduced in the new A2L conversion code. All issues below have been fixed.

Recommend: Request Changes → all addressed in 7ee1c49.

---

🔴 Critical (Must fix before merge)

1. Build-breaking: make_n_next_cycles signature changed, all existing callers not updated

• Files: Src/GUI/Qt/MainWindow.cpp:1730, ControlPanel.cpp:136,143, Hotkey.cpp:80,83, RpcServerFuncSched.c:292,330, RpcServerFuncBlackboard.c:603
• Issue: New const char *Equation parameter added but all 8 existing callers still pass 4 arguments instead of 5.
• Suggestion: Pass NULL/nullptr as the Equation argument at each call site. ✅ Fixed.

2. Build-breaking: Buffer-size parameters added to ~10 functions, callers not updated

• Files: StopProcessDialog.cpp:41, ExtErrorDialog.cpp:100, ConfigureProcessDialog.cpp:197,198,341,541,734, BlackboardInternalDialog.cpp:152, CalibrationTreeOldDialogs.c:47,140, CalibrationTreeItem.cpp:553, ConfigCalibrationTreeViewDialog.cpp:65, ReferencedLabelsDialog.cpp:68,118,233, DwarfReader.c:2855, XcpCopyPages.cpp:281, IniFileDosNotExistDialog.cpp:138, ResetProcessCmd.cpp:45, BarrierHistoryLoggingDialog.cpp:210
• Issue: Functions GetProcessLongName, GetProcessShortName, GetProcessNameWithoutPath, TruncatePathFromProcessName, get_name_by_pid, GetProcessPidAndExecutableAndDllName, GetNextBarrierLoggingEntry, GetXilEnvHomeDirectory, GetSVLFileLoadedBeforeInitProcessFileName, GetA2LFileAssociatedProcessFileName all gained size parameters, but callers were not updated.
• Suggestion: Pass sizeof(buffer) at each call site. ✅ Fixed.

3. Buffer overflow in A2LRemoveOneReferencesForProcess

• File: Src/A2lParser/A2LLink.c:967,977
• Issue: PrintFormatToString(p, p - Name, ...) uses offset-from-start as buffer size instead of remaining space.
• Suggestion: Use sizeof(Name) - (p - Name). ✅ Fixed.

4. Missing break + incorrect return -1 in ConvertValuePairsToRaw

• File: Src/A2lParser/A2LConvert.c:123-130
• Issue: case 0 falls through to default: return -1, discarding the successfully computed raw value.
• Suggestion: Add return 0; after the case 0 block. ✅ Fixed.

5. Same fall-through bug in ConvertRawToPhysByTable

• File: Src/A2lParser/A2LConvert.c:334-341
• Suggestion: Add return 0; after the case 0 block. ✅ Fixed.

6. TAB_INTP/TAB_NOINTP falls through to default in ConvertPhysToRaw

• File: Src/A2lParser/A2LConvert.c:169-183
• Issue: Cases 4/5 set Ret = 0 on success, but then fall through to default which overwrites ret_Raw with *par_Phys.
• Suggestion: Add break after the TAB_INTP/TAB_NOINTP block. ✅ Fixed.

7. Out-of-bounds access in ShouldSchedulerStoppedAndAckAllStopRequest

• File: Src/Scheduler/SchedEnableDisable.c:474-476
• Issue: After the for-loop, x == OpenStopRequestCount. Accessing StopRequestElems[x] reads past the valid array.
• Suggestion: Remove the stale StopRequestElems[x].ExecStack cleanup block (elements triggering the stop are already removed inside the loop). ✅ Fixed.

8. ExecStack memory leak in RemoveAllStopRequest

• File: Src/Scheduler/SchedEnableDisable.c:381-399
• Issue: When stop requests with equation ExecStack are removed, the allocated exec stacks are not freed.
• Suggestion: Call remove_exec_stack before clearing each element. ✅ Fixed.

9. NULL dereference in DupA2lData

• File: Src/A2lParser/A2LAccessData.c:2458-2459
• Issue: MEMCPY is called without checking if A2L_DATA_MALLOC returned NULL.
• Suggestion: Check Ret != NULL before MEMCPY. ✅ Fixed.

---

🟠 Major (Should fix before merge)

10. CycleDiffTimeVid initialized with wrong write function

• File: Src/Scheduler/Scheduler.c:1830
• Issue: Variable is registered as BB_DOUBLE but initialized via write_bbvari_udword.
• Suggestion: Use write_bbvari_double(pSchedulerData->CycleDiffTimeVid, 0.0). ✅ Fixed.

11. Error log for CycleDiffTimeVid references wrong VID

• File: Src/Scheduler/Scheduler.c:1828
• Issue: pSchedulerData->CycleCounterVid logged in error message for CycleDiffTimeVid.
• Suggestion: Use pSchedulerData->CycleDiffTimeVid. ✅ Fixed.

12. RAT_FUNC case in ConvertRawToPhys sets Ret=0 even on conversion failure

• File: Src/A2lParser/A2LConvert.c:449-453
• Issue: Conv_RationalFunctionRawToPhys may fail, but Ret = 0 is set unconditionally after the if block.
• Suggestion: Move Ret = 0 inside the if (... == 0) block. ✅ Fixed.

---

🟡 Minor (Consider fixing)

13. Missing includes in RunTimeMeasurement.c

• File: Src/Global/RunTimeMeasurement.c:73-77
• Issue: MEMSET and PrintFormatToString used without including MemZeroAndCopy.h and PrintFormatToString.h.
• Suggestion: Add includes. ✅ Fixed.

14. sizeof(line) is pointer size in GetRuntimeMeassurement

• File: Src/Global/RunTimeMeasurement.c:126
• Issue: line is a char* parameter, so sizeof(line) is 8 (pointer size) not buffer size.
• Suggestion: Add int par_MaxLine parameter and pass it to PrintFormatToString. ✅ Fixed.

15. ZEROMEM macro incorrect memset_s argument order

• File: Src/Utilities/MemZeroAndCopy.h:58
• Issue: memset_s(addr, 0, size) — wrong: memset_s signature is (s, smax, c, n).
• Suggestion: Use memset_s(addr, size, 0, size). ✅ Fixed.

---

🔵 Nit (Optional / Low priority)

16. CMakeLists.txt typo: OPTINAL_COMPONENTS

• File: CMakeLists.txt:64
• Issue: Misspelled CMake keyword silently ignored; SVG optional dependency may not work as expected.
• Suggestion: OPTIONAL_COMPONENTS. ✅ Fixed.

17. vsnprintf_s count parameter on Windows

• File: Src/Utilities/PrintFormatToString.c:27,55
• Issue: Passing par_SizeOfDestBuffer for the count argument may trigger MSVC CRT's invalid-parameter handler. Valid value is _TRUNCATE or sizeOfBuffer - 1.
• Suggestion: Use _TRUNCATE. ✅ Fixed.

18. STRING_COPY_TO_ARRAY_OFSET macro name typo

• File: Src/Utilities/StringMaxChar.h:25
• Issue: OFSET should be OFFSET. Not fixed (low impact/cosmetic).

[edmc25]

@copilot Please review the latest commit following the same instructions as in your last review.

[Copilot]

@copilot Please review the latest commit following the same instructions as in your last review.

Review completed — see my detailed reply to the earlier review request comment (same thread). All actionable bugs found in commit 3cf23e4 have been fixed in 77ff5b1:

1. 🔴 Critical: ToParseFileStack.cpp:99 off-by-one (Idx <= 0 → Idx < 0)
2. 🟠 Major: ConvertDbcToCanCmd.cpp:47 unsafe sprintf → PrintFormatToString + missing include

Remaining findings (Major items eclipse-openxilenv#3-5, Minor eclipse-openxilenv#6-8, Nits eclipse-openxilenv#9-12) are documented in the detailed review and may be addressed at your discretion.