Current code implement CONFIG_MAX_PTHREAD_COUNT as the maximum number
of POSIX threads that can ever be created, rather than the maximum
number of active POSIX threads. Use pthread_state of struct posix_thread
to track the state of posix thread in posix_thread_pool so that we can
reuse the unused posix thread.
Fixes#15516.
Signed-off-by: Wentong Wu <wentong.wu@intel.com>
According to POSIX, that's the header which defines this function.
Similarly, nothing in POSIX indicates that <time.h> should have
access to struct timeval, so it's removed (it's made accessible
to <sys/time.h> via <sys/_timeval.h> introduced earlier).
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
This is implementation-level header which defines struct timeval, and
intended to be included by headers which need this structure. This
implementation scheme is compatible with Newlib, and thus provides a
step to use minlibc vs Newlib interchangeably.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Set to same default as regular stacks. This doesn't use
any extra memory until CMSIS_V2_THREAD_DYNAMIC_MAX_COUNT
is set. 0 is not a valid default if that is set.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Depending on configuration, this value could end up as
a variable and not an array symbol, causing a crash if
newlib decides to call _sbrk on behalf of a user thread,
which needs to perform arithmetic on it.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Excerpt from the manual:
If ptr is NULL, then the call is equivalent to malloc(size) [...]
Without this commit, such calls end with a BUS FAULT.
Signed-off-by: Tomasz Gorochowik <tgorochowik@antmicro.com>
Update the files which contain no license information with the
'Apache-2.0' SPDX license identifier. Many source files in the tree are
missing licensing information, which makes it harder for compliance
tools to determine the correct license.
By default all files without license information are under the default
license of Zephyr, which is Apache version 2.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Rename reserved function names in the subsys/ subdirectory except
for static _mod_pub_set and _mod_unbind functions in bluetooth mesh
cfg_srv.c which clash with the similarly named global functions.
Signed-off-by: Patrik Flykt <patrik.flykt@intel.com>
Permission management no longer necessary, the former
parameter for the mutex is now simply ignored.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
For systems without userspace enabled, these work the same
as a k_mutex.
For systems with userspace, the sys_mutex may exist in user
memory. It is still tracked as a kernel object, but has an
underlying k_mutex that is looked up in the kernel object
table.
Future enhancements will optimize sys_mutex to not require
syscalls for uncontended sys_mutexes, using atomic ops
instead.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
MISRA-C 8.10.2 defines essential operand types and how to handle them
through rules 10.1 .. 10.5. This commit adds an U to unsigned constants
to avoid implicit casts and make if/while statements evaluate a boolean
to avoid other types being casted to boolean.
MISRA-C rules 10.1, 10.2 and 10.3
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
fs_dirent.name is MAX_FILE_NAME + 1 bytes long, not PATH_MAX. Just
fixing it to avoid access invalid memory.
Coverity CID: 186037
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
We are reverting the changes in commit
55b3f05932 given build errors are seen
when fcntl.h is included, as it declares fcntl() as a non-static
function. The same function cannot be declared as both static and
non-static.
Instead, we avoid redefining fcntl() in lib/os/fdtable.c specifically
for case of the SimpleLink family, til we have support for the new
socket_op_vtable.
Signed-off-by: Vincent Wan <vincent.wan@linaro.org>
Do not perform early level usage check. This can lead to situation
where block is seen as available on level when it was taken from
the other context.
Fixes: #14504
Signed-off-by: Pawel Dunaj <pawel.dunaj@nordicsemi.no>
Some function return values were not handled. Added assert in case
those functions return error. It is possible only if same ring buffer
instance is used without any protection from multiple contexts.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Maybe this is some "just in case" thing that got copied around. There's
no need to have a blank line at the beginning or end of Kconfig files.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
When we build with newlib we don't set -nostdinc. In that case make
sure that we leave it to the toolchain to set the system include paths.
The one exception to leaving to the toolchain to set the system include
paths is the path to the newlib headers. Since we build
with -ffreestanding we need to make sure the newlib header path is the
before the toolchain headers. Otherwise the toolchain's 'freestanding'
headers get picked up and that causes issues (for example getting PRI*64
defined properly from inttypes.h due to __STDC_HOSTED__ being '0').
For newlib we accomplish this by having the only system header specified
by zephyr_system_include_directories() being just the newlib headers.
Note: for minlibc we leave things alone as things just happen to work as
the -I include of the libc headers takes precedence over -isystem so we
get the libc headers over the toolchain ones. For the newlib case it
appears that setting both -I and -isystem for the same dir causes the
-I to be ignored.
Fixes#14310
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Configure lvgl defaults for imx rt boards in their respective board
defconfigs rather than the lvgl sample application.
Signed-off-by: Maureen Helm <maureen.helm@nxp.com>
For some reason we missed _zephyr_fputc in commit
4344e27c26. Rename _zephyr_fputc to just
zephyr_fputc and fixup associated code to build.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Commit 4344e27c26 changed the reserved
function names, but got the naming wrong for fwrite. Just use the
name zephyr_fwrite everywhere.
Fixes#14275
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Update reserved function names starting with one underscore, replacing
them as follows:
'_k_' with 'z_'
'_K_' with 'Z_'
'_handler_' with 'z_handl_'
'_Cstart' with 'z_cstart'
'_Swap' with 'z_swap'
This renaming is done on both global and those static function names
in kernel/include and include/. Other static function names in kernel/
are renamed by removing the leading underscore. Other function names
not starting with any prefix listed above are renamed starting with
a 'z_' or 'Z_' prefix.
Function names starting with two or three leading underscores are not
automatcally renamed since these names will collide with the variants
with two or three leading underscores.
Various generator scripts have also been updated as well as perf,
linker and usb files. These are
drivers/serial/uart_handlers.c
include/linker/kobject-text.ld
kernel/include/syscall_handler.h
scripts/gen_kobject_list.py
scripts/gen_syscall_header.py
Signed-off-by: Patrik Flykt <patrik.flykt@intel.com>
Prevent speculative attacks with out-of-bounds fd
values.
Won't affect code generation for systems that don't
enable CONFIG_BOUNDS_CHECK_BYPASS_MITIGATION.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Changed the print format for unsigned 32-bit variables that produced
warnings when compiled with newlib instead of the standard C library.
Chose to replace %d with PRIu32 because the latter is more portable
and adapts to the types of the standard C libraries.
Tested with and without newlib, and with sanitycheck.
Signed-off-by: Dennis Wildmark <dennis.wildmark@assaabloy.com>
Appears within an 'if LVGL'.
'if FOO' is just shorthand for adding 'depends on FOO' to each item
within the 'if'. Dependencies on menus work similarly. There are no
"conditional includes" in Kconfig, so 'if FOO' has no special meaning
around a source. Conditional includes wouldn't be possible, because an
if condition could include (directly or indirectly) forward references
to symbols not defined yet.
Tip: When adding a symbol, check its dependencies in the menuconfig
('ninja menuconfig', then / to jump to the symbol). The menuconfig also
shows how the file with the symbol got included, so if you see
duplicated dependencies, it's easy to hunt down where they come from.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Remove case ranges from printk in order to clean up GNUisms
and make the code standards compliant.
Signed-off-by: Patrik Flykt <patrik.flykt@intel.com>
We used to leave byte-long placeholder symbols to ensure
that empty application memory sections did not cause
build errors that were very difficult to understand.
Now we use some relatively portable inline assembly to
generate a symbol, but don't take up any extra space.
The malloc and libc partitions are now only instantiated
if there is some data to put in them.
Fixes: #13923
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Added __weak keyword to to support overriding assert_post_action().
This allows system designers to change/augment the assert behaviour,
i.e. add logging to persistant storage of program counter, line
number etc, and/or change reboot behaviour.
Signed-off-by: Tim Sørensen (TIMS) <tims@oticon.com>
Exactly one caller of pthread_barrier_wait() should receive a return
value of PTHREAD_BARRIER_SERIAL_WAIT; all others should receive zero
(or an error code). Added a test to match.
Fixes: #9953
Signed-off-by: Charles E. Youse <charles.youse@intel.com>
MISRA-C says that char type should not be used in arithmetically as the
data doesn't represent numbers.
MISRA-C rules 10.1 and 10.2
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
MISRA rules (see #11425) forbid recursive algorithms. In the case of
rb_walk(), it's not actually used anywhere but a test right now, so we
can simply disable the API when CONFIG_MISRA_SANE is defined. Mempool
had a (IMHO, fairly clever) tail recursive loop in bfree_recombine()
which can be trivially transformed into an only slightly uglier
iterative version.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
MISRA rules (see #9892) forbid alloca() and family, even though those
features can be valuable performance and memory size optimizations
useful to Zephyr.
Introduce a MISRA_SANE kconfig, which when true enables a gcc error
condition whenever a variable length array is used.
When enabled, the mempool code will use a theoretical-maximum array
size on the stack instead of one tailored to the current pool
configuration.
The rbtree code will do similarly, but because the theoretical maximum
is quite a bit larger (236 bytes on 32 bit platforms) the array is
placed into struct rbtree instead so it can live in static data (and
also so I don't have to go and retune all the test stack sizes!).
Current code only uses at most two of these (one in the scheduler when
SCHED_SCALABLE is selected, and one for dynamic kernel objects when
USERSPACE and DYNAMIC_OBJECTS are set).
This tunable is false by default, but is selected in a single test (a
subcase of tests/kernel/common) for coverage. Note that the I2C and
SPI subsystems contain uncorrected VLAs, so a few platforms need to be
blacklisted with a filter.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
These get references by newlib builds in other toolchains, e.g.
gnuarmemb, and lack of them breaks linking. Tested that
tests/posix/fs and tests/posix/common actually work with these
changes.
Fixes: #13906
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Some more were added since the cleanup pass in June 2018. See e.g.
commit 2d50da70a1 ("drivers: ipm: Kconfig: Remove redundant 'default n'
properties") for a motivation. It also avoids people wondering whether
or not they need to put in 'default n'.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
_impl__zephyr_write() was renamed to _impl__zephyr_write_stdout().
This wasn't caught by CI because we didn't have POSIX tests build
for newlib, but now we have.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
In case newlib is enabled, but POSIX subsys isn't, there're adhoc
implementations of read() and write() which work only with adhoc
stdin/stdout emulation layer. These are backed by system calls named
like "read" and "write". Rename all these functions and syscalls to
explicitly mention stdin/stdout in the names, to free namespace
for the implementation of generic read/write syscalls which will
integrate with POSIX fdtable.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
The intent of this Kconfig is to allow libc stdout
functions like printf() to send their output to the
active console driver instead of discarding it.
This somehow evolved into preferring to use
printf() instead of printk() for all test case output
if enabled. Libc printf() implementation for both
minimal libc and newlib use considerably more stack
space than printk(), with nothing gained by using
them.
Remove all instances where we are conditionally
sending test case output based on this config, enable
it by default, and adjust a few tests that disabled
this because they were blowing stack.
printk() and vprintk() now work as expected for
unit_testing targets, they are just wrappers for
host printf().
Fixes: #13701
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Also, for now x86_64 does not support newlib, so do not enable newlib
for this arch until we have a solution.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
With newer newlib we get a build error with mqueue.h realted to mode_t.
Let's just let newlib define mode_t and have minimal libc also define
it in sys/types.h. So we remove the duplicated definition in
posix/unistd.h.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
This is an integral part of userspace and cannot be used
on its own. Fold into the main userspace configuration.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
We need a generic name for the partition containing
essential C library globals. We're going to need to
add the stack canary guard to this area so user mode
can read it.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Both SDK 0.10.0-beta2 and the ARM gcc 2018q2 run into a build issue with
newlib and conflict definitions of mode_t type.
First we need to add some ifdef protection if mode_t is already defined
and set _MODE_T_DECLARED if we are the first to define it.
Secondarily, we rename include/posix/sys/types.h to
include/posix/posix_types.h so that we aren't getting a name collusion
with the system sys/types.h and that we can easily and clearily include
it (which we need to do to pull in the info from newlib).
Fixes: #12224
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
For now we are disabling support for POSIX lib on native posix arch. We
need to cleanup and support POSIX lib cleanly for hardware targets.
Once that is working properly we can look to support the feature on
native posix arch.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
There are issues using lowercase min and max macros when compiling a C++
application with a third-party toolchain such as GNU ARM Embedded when
using some STL headers i.e. <chrono>.
This is because there are actual C++ functions called min and max
defined in some of the STL headers and these macros interfere with them.
By changing the macros to UPPERCASE, which is consistent with almost all
other pre-processor macros this naming conflict is avoided.
All files that use these macros have been updated.
Signed-off-by: Carlos Stuart <carlosstuart1970@gmail.com>
Just like with _Swap(), we need two variants of these utilities which
can atomically release a lock and context switch. The naming shifts
(for byte count reasons) to _reschedule/_pend_curr, and both have an
_irqlock variant which takes the traditional locking.
Just refactoring. No logic changes.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Implements osThreadJoin and osThreadDetach.
This implementation uses a semaphore to signal when a thread is
exiting so any join operations are signalled to continue. It supports
multiple join operations on a single thread, and ensures joins are
aborted if a thread is detached.
Signed-off-by: Carlos Stuart <carlosstuart1970@gmail.com>
This was never a long-term solution, more of a gross hack
to get test cases working until we could figure out a good
end-to-end solution for memory domains that generated
appropriate linker sections. Now that we have this with
the app shared memory feature, and have converted all tests
to remove it, delete this feature.
To date all userspace APIs have been tagged as 'experimental'
which sidesteps deprecation policies.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
* Newlib now defines a special z_newlib_partition containing
all globals relevant to newlib. Most of these are in libc.a
with a heap tracking variable in newlib's hooks.
* Both C libraries now expose a k_mem_partition containing the
bounds of the malloc heap arena. Threads that want to use
libc malloc() will need to add this to their memory domain.
* z_newlib_get_heap_bounds has been removed, in favor of the
memory partition for the heap arena
* ztest now includes the C library partitions in its memory
domain.
* The mem_alloc test now runs in user mode to prove that this
all works for both C libraries.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
If an unitialized/zeroed optional attribute was passed to osThreadNew
the priority would be osThreadNone i.e. uninitialized. This causes an
ASSERT to be hit as the priority isn't valid (it is not between
osPriorityIdle and osPriorityISR).
The fix checks the passed in priority is not osPriorityNone and assigns
osPriorityNormal. This is the correct CMSIS behaviour.
The ASSERT will still be hit if the priority is invalid (<0).
Signed-off-by: Carlos Stuart <carlosstuart1970@gmail.com>
Fixed an issue whereby if an attribute structure was passed into a CMSIS
RTOS v2 'new' function with an invalid address i.e. NULL assigned to the
name (char*) member the memcpy at the end of each new function
would cause a segmentation fault i.e. read from an invalid
address.
This has been fixed by checking if the name is NULL and using the
default name from the init struct if it is. This is the same name
that would be used if not passing in the optional attr function
argument.
Changed the memcpy to strncpy to ensure that the copy does not read
beyond the end of the source string and changed the length from 16 to 15
(by means of a `sizeof(...)-1`) of the destination buffer to ensure that
it will always be nul-terminated.
Signed-off-by: Carlos Stuart <carlosstuart1970@gmail.com>
Implemented dynamic thread stacks for CMSIS threads by declaring an
array of default sized thread stacks. Allocation cannot be done on the
heap as some architectures require strict alignment for stacks so the
macro must be used to define the stack to ensure most compatibility.
Added a Kconfig variable to limit the number of dynamic threads on the
system (they also count towards total CMSIS thread count). This is so a
developer can have fine grained control over how many dynamic threads
can be allocated because all their stacks must be allocated up front so
could use a lot of memory needlessly if oversubscribed. The default
value is 0 which effectively disabled dynamic threads but also reduces
the memory impact to almost none.
Fixed an assert bug where thread_num was being tested against the
maximum allowed CMSIS threads - it previous checked for less than or
equal which actually (due to when the increment happens) allowed there
to be one more thread. The check now correctly uses less than and only
allowed up to the defined maximum.
Signed-off-by: Carlos Stuart <carlosstuart1970@gmail.com>
Implemented dynamic allocation of memory pools in a similar to manner to
what was already implemented for message queues. Added all the same
checks on size vs. maximum allowed and current heap.
Added an additional Kconfig variable to define the maximum size of a
dynamically allocated memory pool.
Signed-off-by: Carlos Stuart <carlosstuart1970@gmail.com>
Added some additional checks when creating a message queue to ensure the
size of the queue does not exceed the size of the buffer passed in via
the optional attributes.
Added a new Kconfig option to limit the maximum size of a message queue
dynamically allocated on the heap.
Added a check to ensure the heap is at least large enough to hold a
maximum size dynamically allocated queue.
Signed-off-by: Carlos Stuart <carlosstuart1970@gmail.com>
Added Kconfig dependency that NUM_PREEMPT_PRIORITIES must be at least
osPriorityISR (56). This was enforced by a build assert message but not
decribed in the Kconfig.
Signed-off-by: Carlos Stuart <carlosstuart1970@gmail.com>
After #12732, 6904501173
asserts call k_panic.
Before this, the POSIX arch had its own hack in the
__ASSERT_POST implementation to terminate the process instead
of spining forever.
But the POSIX arch does implement k_panic properly, so there
is no need anymore for this hack.
=> Remove the special treatment for POSIX ARCH
Signed-off-by: Alberto Escolar Piedras <alpi@oticon.com>
Replaced forever loop in assert with call to a function.
In post_assert_action() function, k_panic is called.
Forever loop was preventing logs to be printed and had behavior
ependent on the context (low prioriy thread - system continue to
ork, irq - system is blocked).
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
lib/ was starting to get messy and inconsitent. Files being either
dumped in the root or in sub-directories without a clear plan.
Move all library components into one single folder and call it 'os'.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
mq_maxmsg and mq_msgsize are defined to be of
type long in POSIX standard. So use long for
variables that hold its value in mq_open().
Signed-off-by: Niranjhana N <niranjhana.n@intel.com>
This patch adds a x86_64 architecture and qemu_x86_64 board to Zephyr.
Only the basic architecture support needed to run 64 bit code is
added; no drivers are added, though a low-level console exists and is
wired to printk().
The support is built on top of a "X86 underkernel" layer, which can be
built in isolation as a unit test on a Linux host.
Limitations:
+ Right now the SDK lacks an x86_64 toolchain. The build will fall
back to a host toolchain if it finds no cross compiler defined,
which is tested to work on gcc 8.2.1 right now.
+ No x87/SSE/AVX usage is allowed. This is a stronger limitation than
other architectures where the instructions work from one thread even
if the context switch code doesn't support it. We are passing
-no-sse to prevent gcc from automatically generating SSE
instructions for non-floating-point purposes, which has the side
effect of changing the ABI. Future work to handle the FPU registers
will need to be combined with an "application" ABI distinct from the
kernel one (or just to require USERSPACE).
+ Paging is enabled (it has to be in long mode), but is a 1:1 mapping
of all memory. No MMU/USERSPACE support yet.
+ We are building with -mno-red-zone for stack size reasons, but this
is a valuable optimization. Enabling it requires automatic stack
switching, which requires a TSS, which means it has to happen after
MMU support.
+ The OS runs in 64 bit mode, but for compatibility reasons is
compiled to the 32 bit "X32" ABI. So while the full 64 bit
registers and instruction set are available, C pointers are 32 bits
long and Zephyr is constrained to run in the bottom 4G of memory.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Added glue logic to interface Zephyr with LittlevGL GUI library
This includes:
* KConfig options for all lvgl options
* Kernel & user space memory management
* Zephyr to lvgl FS call mapping
* Color space conversion function
Signed-off-by: Jan Van Winkel <jan.van_winkel@dxplore.eu>
Following the standard GCC RISC-V convetion use __riscv for the RISC-V
specific define:
41d6b10e96/gcc/config/riscv/riscv-c.c (L37)
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Used as a checksum on command messages when talking with MMC cards.
Implemented using the unwound bytewise implementation from
https://en.wikipedia.org/wiki/Computation_of_cyclic_redundancy_checks
which is a good mix of size and speed.
The API and naming matches lib/crc7.c in Linux.
Signed-off-by: Michael Hope <mlhx@google.com>
If any of the Zephyr version numbers went beyond 99, the "%2d" printf
specifiers would expand to fit and the string would run over the
memory on the stack used for os_str[].
Recent GCC versions (remember native_posix and x86_64 use the host
compiler) were actually detecting this and correctly issuing a warning
(but only if the 3-digit char value would overflow the actual array
size!), which was breaking sanitycheck for me on Fedora 28 and Ubuntu
18.04 build hosts. Pretty impresive warning.
As it happens this was wasteful anyway; we were spending bytes on the
stack (and in rodata to store the constant which, and the cycles
needed to copy it into place on the stack where it would be
overwritten immediately) when we could just snprintf() directly into
the buffer the user gave us.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Thread Flags are used to trigger execution states between threads.
These APIs provide functionalities like set, clear and wait.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
Events are used to trigger execution states between threads.
These APIs provide functionalities like event set, clear and
wait.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
These APIs allow creating, allocating and freeing of mempools.
Note: "Mempool" in CMSIS actually means memslabs in Zephyr.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
These APIs provide the support of virtual timers. All timers
can be started, restarted, or stopped. Timers can be configured
as one-shot or periodic.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
APIs to introduce wait i.e osDelay and osDelayUntil are defined
here. They are analogous to k_sleep in the kernel.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
Implement support for Kernel management APIs like
osKernelInitialize, osKernelGetTickCount, osKernelGetSysTimerCount
etc.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
According with MISRA-C the value returned by a non-void function has
to be used. As memcpy return is almost useless, we are explicitly
ignoring it.
MISRA-C rule 17.7
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
ioctl() just dispatches to the corresponding vmethod of an fd.
fcntl() handles fdtable-level operations (so far doesn't handle
actually, returning "not implemented" error), and forwards
fd-specific operations to ioctl vmethod just the same (i.e.
ioctl and fcntl operations share the same namespace, but otherwise
disjoint).
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
As extend fdtable usage to more cases, there regularly arises a need
to forward ioctl/fcntl arguments to another ioctl vmethod, which is
complicated because it defined as taking variadic arguments. The only
portable solution is to convert variadic arguments to va_list at the
first point of entry from client code, and then pass va_list around.
To facilitate calling ioctl with variadic arguments from system code,
z_fdtable_call_ioctl() helper function is added.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
The function atomic_set return the previous value of the
target. Sometimes this value is irrelevant, e.g when initializing a
variable.
As MISRA-C rule 17.7 requires that the value returned by a non-void
function must be used, we have to explicitly ignore some cases.
MISRA-C rule 17.7
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
This allows for workqueues to be started in user mode.
No additional kernel objects or system calls are defined
other than starting the workqueue in user mode; for
permission purposes the embedded queue and thread objects
are sufficient.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Similar to the last patch, there was a spot in block recombination
where the lock would be released while the combined block was being
held allocated. That means that when recombining a single top-level
block, it was possible for the entire heap to look allocated.
Make the combination and re-addition of the larger block atomic.
Requires a little surgery to the structure of the code, so this is a
little more involved than the earlier fix.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
The mempool operations need to be atomic, but because of latency
concerns (the allocator is intended for use in an ISR) the locking was
designed to be as minimal as possible. And it... mostly got it right.
All the list handling was correctly synchronized. The merging of four
child blocks into a parent block was atomic. The splitting of a block
into four children was atomic.
BUT: there was a moment between the allocation of a large block and
the re-addition of its three unused children where the lock was being
released. This meant that another context (e.g. an ISR that just
fired, interrupting the existing call to k_mem_pool_alloc()) would see
some memory "missing" that wasn't actually allocated. And if this
happens to have been the top level block, it's entirely possible that
the whole heap looks empty, even though the other allocator might have
been doing only the smallest allocation!
Fix that by making the "remove a block then add back the three
children we don't use" into an atomic step. We can still relax the
lock between levels as we split the subblocks further.
(Finally, note that this trick allows a somewhat cleaner API as we can
do our "retry due to race" step internally by walking back up the
block size list instead of forcing our caller to do it via that weird
-EAGAIN return value.)
Fixes#11022
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
These changes were obtained by running a script created by
Ulf Magnusson <Ulf.Magnusson@nordicsemi.no> for the following
specification:
1. Read the contents of all dts_fixup.h files in Zephyr
2. Check the left-hand side of the #define macros (i.e. the X in
#define X Y)
3. Check if that name is also the name of a Kconfig option
3.a If it is, then do nothing
3.b If it is not, then replace CONFIG_ with DT_ or add DT_ if it
has neither of these two prefixes
4. Replace the use of the changed #define in the code itself
(.c, .h, .ld)
Additionally, some tweaks had to be added to this script to catch some
of the macros used in the code in a parameterized form, e.g.:
- CONFIG_GPIO_STM32_GPIO##__SUFFIX##_BASE_ADDRESS
- CONFIG_UART_##idx##_TX_PIN
- I2C_SBCON_##_num##_BASE_ADDR
and to prevent adding DT_ prefix to the following symbols:
- FLASH_START
- FLASH_SIZE
- SRAM_START
- SRAM_SIZE
- _ROM_ADDR
- _ROM_SIZE
- _RAM_ADDR
- _RAM_SIZE
which are surprisingly also defined in some dts_fixup.h files.
Finally, some manual corrections had to be done as well:
- name##_IRQ -> DT_##name##_IRQ in uart_stm32.c
Signed-off-by: Andrzej Głąbek <andrzej.glabek@nordicsemi.no>
Private kernel data structure which should not be accessible to
userspace threads. Mark with __kernel.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
FD method tables contain function pointers, and thus should be
const and reside in ROM. This patch fixes all cases of FD vtable
definitions: for POSIX FS API and for sockets.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
If we don't have Newlib, the more or less POSIX library, it's unclear
how to deal with POSIX stdin/stdout/stderr at all.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
This is simplistic implementation which just redirects to (likewise
simplistic) implementation in lib/libc/newlib/libc-hooks.c. This
should be replaced with bindings to "real console", but what should
be a "real console" is so far discussed, at the RFC stage.
This implementation goes into the fdtable.c itself to keep all those
things nicely static. (This is again likely will change when we have
"real console", but again, it's so far not clear where it would
belong, so at least avoid creating random files to be deleted later).
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
read/write/etc. are defined in case CONFIG_POSIX_API is defined, and
we shouldn't provide duplicates.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
All the handling of POSIX file descriptors is now done by fdtable.c.
fs.c still manages its own table of file structures of the underlying
fs lib.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
The table allows to wrap read/write (i.e. POSIX-compatible) semantics
of any I/O object in POSIX-compatible fd (file descriptor) handling.
Intended I/O objects include files, sockets, special devices, etc.
The table table itself consists of (underlying obj*, function table*)
pairs, where function table provides entries for read(), write, and
generalized ioctl(), where generalized ioctl handles all other
operations, up to and including closing of the underlying I/O object.
Fixes: #7405
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
k_poll_signal was being used by both, struct and function. Besides
this being extremely error prone it is also a MISRA-C violation.
Changing the function to contain a verb, since it performs an action
and the struct will be a noun. This pattern must be formalized and
followed and across the project.
MISRA-C rules 5.7 and 5.9
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Fix a compile warning if we build using int types defined to match the
compiler. We get the following warnings:
lib/mempool/mempool.c: In function ‘sys_mem_pool_alloc’:
lib/mempool/mempool.c:317:48: warning: passing argument 3 of ‘_sys_mem_pool_block_alloc’ from incompatible pointer type [-Wincompatible-pointer-types]
if (_sys_mem_pool_block_alloc(&p->base, size, &level, &block,
^
lib/mempool/mempool.c:221:5: note: expected ‘u32_t * {aka long unsigned int *}’ but argument is of type ‘int *’
int _sys_mem_pool_block_alloc(struct sys_mem_pool_base *p, size_t size,
^~~~~~~~~~~~~~~~~~~~~~~~~
lib/mempool/mempool.c:317:56: warning: passing argument 4 of ‘_sys_mem_pool_block_alloc’ from incompatible pointer type [-Wincompatible-pointer-types]
if (_sys_mem_pool_block_alloc(&p->base, size, &level, &block,
^
lib/mempool/mempool.c:221:5: note: expected ‘u32_t * {aka long unsigned int *}’ but argument is of type ‘int *’
int _sys_mem_pool_block_alloc(struct sys_mem_pool_base *p, size_t size,
^~~~~~~~~~~~~~~~~~~~~~~~~
Make local variables block & level u32_t to match what
_sys_mem_pool_block_alloc expects.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
This reverts commit 25fb2302f1.
The bluetooth l2cap code was using these errno values but changed to
using more standard EPERM instead, so lets remove the defines since
nothing uses them.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
write() function is not supposed to change buffer passed to it, so
propagate const pointer param to all write-like functions used/defined
in this file.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Some third-party components include this file without really needing
any symbols from it. Presence of this file allows to build them
against minimal libc, whereas previously they forced Newlib.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Placing it at sys/fcntl.h was due to mimicking internal newlib's
layout, but what we need is this file at the standard location,
for reuse.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Extended ring buffer to allow storing raw bytes in it. API has been
extended keeping 'data item' mode untouched.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Deprecate API prefixed with sys_ring_buf_ and rename it
to ring_buf_item_ since this API is not a typical ring buffer
but ring buffer of data items (metadata + 32bit words).
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
For read/write/lseek, use size_t and off_t types, as mandated by
POSIX:
http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/unistd.h.html
Also, prototypes of unistd.h functions should not depend on
CONFIG_POSIX_FS, as (many) of them deal with generic I/O, not with
files in filesystem per se.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Fixed some Kconfig inconsistencies around THREAD_CUSTOM_DATA,
POLL and NUM_PREEMPT_PRIORITIES.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
It so happened that previously CONFIG_PTHREAD_IPC served this role.
But pthreads and IPC is only parts of POSIX, orthogonal to other
services.
Move CONFIG_POSIX_FS, etc. out from CONFIG_PTHREAD_IPC.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Calling pthread_join() with current thread would lead
to deadlock. Adding check for it and to return
appropriate error code.
Signed-off-by: Spoorthi K <spoorthi.k@intel.com>
Under GNU C, sizeof(void) = 1. This commit merely makes it explicit u8.
Pointer arithmetics over void types is:
* A GNU C extension
* Not supported by Clang
* Illegal across all ISO C standards
See also: https://gcc.gnu.org/onlinedocs/gcc/Pointer-Arith.html
Signed-off-by: Mark Ruvald Pedersen <mped@oticon.com>
ENOTSUP is not being used correctly in
pthread_attr_setschedparam(), hence
replaced its check for EINVAL instead.
Signed-off-by: Niranjhana N <niranjhana.n@intel.com>
Added EAGAIN error code in pthread_create()
with fixing the EINVAL return as it is
limited to attribute checking.
Signed-off-by: Niranjhana N <niranjhana.n@intel.com>
Added return of ESRCH error code in
pthread_getschedparam() when the
specified thread could not be found.
Signed-off-by: Niranjhana N <niranjhana.n@intel.com>
Change APIs that essentially return a boolean expression - 0 for
false and 1 for true - to return a bool.
MISRA-C rule 14.4
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Make if statement using pointers explicitly check whether the value is
NULL or not.
The C standard does not say that the null pointer is the same as the
pointer to memory address 0 and because of this is a good practice
always compare with the macro NULL.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Any word started with underscore followed by and uppercase letter or a
second underscore is a reserved word according with C99.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
The return of memset is never checked. This patch explicitly ignore
the return to avoid MISRA-C violations.
The only directory excluded directory was ext/* since it contains
only imported code.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Contains defines enough to compile BSD Sockets subsystem. Values are
compatible with Newlib.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Add a private variable `rt_clock_base` that can be used to determine a
real-time clock by using the `k_uptime_get` clock. Once `clock_settime`
is added, this can allow us to have a meaningful real time clock.
Signed-off-by: David Brown <david.brown@linaro.org>
Provide an implementation of gettimeofday(). This uses clock_gettime()
with the CLOCK_REALTIME parameter, which is currently unimplemented, but
will allow clients to call this function once this functionality has
been implemented.
Signed-off-by: David Brown <david.brown@linaro.org>
Use the asynchronous version of mbox_put instead of the
synchronous one. Also, add an error check in osMailPut.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
Add few missing NULL checks to avoid crash. Also, minor
refactor of signal code and disable osFeature_Wait to
signify osWait function not implemented.
Signed-off-by: Praful Swarnakar <praful.swarnakar@intel.com>
k_msg_get returns only three possible values, and
osErrorValue is not in osMessageGet spec, hence
removing this unhit else case.
Signed-off-by: Niranjhana N <niranjhana.n@intel.com>
The memory occupied by posix_thread objects are not significant.
Hence, no point in using dynamic allocation.
Addresses #8717.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
stacksize is an unsigned integer and hence there's no need to
check whether it is >= 0 since it is always true. This fixes
the Github issue #9637.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
Replace an else-if case in osSemaphoreWait with
else to account for both EBUSY and EAGAIN return
values from k_sem_take. The return value would be
0 for osSemaphoreWait in both cases.
Signed-off-by: Niranjhana N <niranjhana.n@intel.com>
When a mempool is created with a large number of maximum-size blocks,
the logic for initializing max_inline_level (i.e. when to union the
bitmask with the pointer and when to use the pointer directly) was
wrong. The default state was "zero", which implies that level 0
should be inlined, but that's wrong with >32 base blocks.
Additionally, the type was unsigned, making the "level zero is a
pointer" situation impossible to represent.
Fixes#6727
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Add osErrorTimeoutResource as return value when message
cannot be put in queue during waiting period. Also set
message value only when message is received.
Signed-off-by: Niranjhana N <niranjhana.n@intel.com>
Several code guidelines recommend using uppercase L instead of letter
l (ell) because it can easily be confused with the digit 1 (one).
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Fix the osSignalWait timeout calculation in cases when
waiting on more than one signal event.
Signed-off-by: Praful Swarnakar <praful.swarnakar@intel.com>
Consistently use
config FOO
bool/int/hex/string "Prompt text"
instead of
config FOO
bool/int/hex/string
prompt "Prompt text"
(...and a bunch of other variations that e.g. swapped the order of the
type and the 'prompt', or put other properties between them).
The shorthand is fully equivalent to using 'prompt'. It saves lines and
avoids tricking people into thinking there is some semantic difference.
Most of the grunt work was done by a modified version of
https://unix.stackexchange.com/questions/26284/how-can-i-use-sed-to-replace-a-multi-line-string/26290#26290, but some
of the rarer variations had to be converted manually.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Signals are used to trigger execution states between threads.
These APIs provide functionalities like signal set, clear and
wait.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
These APIs allow creating, allocating and freeing
of mempools.
Note: "Mempool" in CMSIS actually means memslabs in Zephyr.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
These APIs provide the support of virtual timers. All timers
can be started, restarted, or stopped. Timers can be configured
as one-shot or periodic.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
This API is used to fetch the kernel system timer as 32-bit value.
This is analogous to k_cycle_get_32 in the kernel.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
The read/write implementations call directly into the console drivers
using the hook mechanism, causing faults if invoked from user mode.
Add system calls for read() and write() such that we do a privilege
elevation first.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
The stdout console implementations for minimal libc call directly into
the various console drivers (depending on what specifc hooks are
registered) causing faults when invoked from user mode. This happens,
for example, when using printf() which eventually ends up calling
fputc().
The proper solution is to ensure privileges have been elevated before
the _stdout_hook is called. This was already done for printk().
puts() and fputs() have now been re-defined in terms of the
fputc() and fwrite() functions, which are now system calls.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
The errno "variable" is required to be thread-specific.
It gets defined to a macro which dereferences a pointer
returned by a kernel function.
In user mode, we cannot simply read/write the thread struct.
We do not have thread-local storage mechanism, so for now
use the lowest address of the thread stack to store this
value, since this is guaranteed to be read/writable by
a user thread.
The downside of this approach is potential stack corruption
if the stack pointer goes down this far but does not exceed
the location, since a fault won't be generated in this case.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Added 4 new pthread_key APIs for thread-specific data
key creation, deletion, setting and getting the values.
Added a key list to the posix_struct for threads.
Added pthread_once API.
Signed-off-by: Niranjhana N <niranjhana.n@intel.com>
We utilize defines like -ESHUTDOWN in the network stack. To support
this errno value with newlib we need to enable
__LINUX_ERRNO_EXTENSIONS__.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
If we use newlib the isdigit (and other similar functions) return an
error as char can possibly be viewed as signed:
usr/include/ctype.h:57:54: error: array subscript has type ‘char’ [-Werror=char-subscripts]
#define __ctype_lookup(__c) ((__ctype_ptr__+sizeof(""[__c]))[(int)(__c)])
Explicity cast to unsigned char so we deal with both this warning and
possible warning when -Wpointer-sign is enabled.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
For some reason %F wasn't supported initially. Its simple enough to
handle the case difference in infinity and NaN handling to add support
for %F.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
The C standard says that %f should use '[-]inf' or '[-]infinity' (which
style is implementation defined) for infinity handling and '[-]nan' for
NaN.
We where adding a '+' and had the wrong case for 'inf' and 'nan'.
Before -> After
+INF -> inf
-INF -> -inf
NaN -> nan
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
For %{e,E,g,G} conversion specifiers the C standard says the exponent
contains at least two digits, and only as many digits are necessary. So
instead of 1.234000e-001 we should have 1.234000e-01.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
memcpy copies upto (rc-1)th index but the write of NULL character
to the string is at (rc+1)th index skipping (rc)th index.
The fix addresses this as well.
CID: 186491
Fixes Issue #8280
Signed-off-by: Subramanian Meenakshi Sundaram <subbu147@gmail.com>
Bool symbols implicitly default to 'n'.
A 'default n' can make sense e.g. in a Kconfig.defconfig file, if you
want to override a 'default y' on the base definition of the symbol. It
isn't used like that on any of these symbols though.
Also simplify the default on STDOUT_CONSOLE. Defaults can be arbitrary
expressions, not just fixed values.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
The charmap table used by strncasecmp() not only used precious 256
bytes of ROM, it also had wrong mappings outside the ASCII range
(123..218).
Rewrite strncasecmp() to call tolower() instead; might be a tiny wee
little bit slower than the current version, but it's not used in any
performance-sensitive parts of the code to justify the waste.
This reduces the ROM footprint for the ws_echo_server sample by ~224
bytes.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Both variables were used (with the same value) interchangeably
throughout CMake files and per the discussion in GH issue,
ZEPHYR_BASE is preferred.
Also add a comment with explanation of one vs. the other.
Tested by building hello_world for several boards ensuring no errors.
Fixes#7173.
Signed-off-by: Alex Tereschenko <alext.mkrs@gmail.com>
lib/libc/minimal/source/CMakeLists.txt and
lib/libc/minimal/source/stdout/CMakeLists.txt was introduced in
12f8f7616 but it is not used by the build system. CMakeLists.txt in
the parent dir lib/libc/minimal/CMakeLists.txt adds C files to the
target with the lines like:
${CMAKE_CURRENT_SOURCE_DIR}/source/stdlib/atoi.c
${CMAKE_CURRENT_SOURCE_DIR}/source/stdlib/strtol.c
To make other empty CMakeLists.txt explicit, this commit adds a
comment line to them.
Signed-off-by: Yasushi SHOJI <y-shoji@ispace-inc.com>
'default N' should have been 'default n', though they happen to have the
same effect here, due to undefined Kconfig symbols ('N') evaluating to
'n' in a boolean sense.
Kconfig bool symbols implicitly default to 'n', so remove the default
rather than fixing it.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
The minimal libc source files have been added to 'app'. The Zephyr
build system should not be adding source files to the 'app' library
unless necessary.
This patch creates a new Zephyr CMake Library in lib/libc/minimal and
adds the sources to it.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
Use k_uptime_get() to compute both tv_sec and tv_nsec members
of timespec structure.
Fixes#8009
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
Make sure the name string is NULL terminated in the readdir().
CID: 186037
Fixes Issue #7733
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
When we introduced NEWLIB_LIBC_ALIGNED_HEAP_SIZE in commit
42a2c96422. We accidently had the Kconfig
symbol depend on CONFIG_MPU_REQUIRES_POWER_OF_TWO_ALIGNMENT the leading
'CONFIG_' shouldn't exist.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
The pthread mutex changes went in with an adaptation to build with the
new wait queue API, but they did it by using the old dlist hooks
directly through typecasting and union assignment. That... is sort of
the opposite of the intent to having the new API be abstracted. The
pthread code worked, but failed once wait queues (on x86) stopped
being dlists.
Simple fix once I saw the problem, anyway.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
The scheduler priq implementation was taking advantage of a subtle
behavior of the way the tree presents the order of its arguments (the
node being inserted is always first). But it turns out the tree got
that wrong in one spot.
As this was subtle voodoo to begin with, it should have been
documented first. Similarly add a little code to the test case to
guarantee this in the future.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
This constant should be defined in limits.h. Define it in limits.h in
the minimal libc, and use the definition found in newlib's includes.
Values in newlib includes range from 1024 to 4096.
The rationale is that all code should use the same value; having
buffers specified with different sizes will lead to interoperability
and out of bounds array writes.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Add IEEE 1003.1 Posix Style file system API support.
These API's will internally use corresponding Zephyr
File System API's.
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
There were multiple spots where code was using the _wait_q_t
abstraction as a synonym for a dlist and doing direct list management
on them with the dlist APIs. Refactor _wait_q_t into a proper opaque
struct (not a typedef for sys_dlist_t) and write a simple wrapper API
for the existing usages. Now replacement of wait_q with a different
data structure is much cleaner.
Note that there were some SYS_DLIST_FOR_EACH_SAFE loops in mailbox.c
that got replaced by the normal/non-safe macro. While these loops do
mutate the list in the code body, they always do an early return in
those circumstances instead of returning into the macro'd for() loop,
so the _SAFE usage was needless.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Works mostly like the list enumeration macros. Implemented by fairly
clever alloca trickery and some subtle "next node" logic. More
convenient for many uses, can be early-exited, but has somewhat larger
code size than rb_walk().
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
The implementation of fwrite() in the minimal libc does not increment
the source pointer, and thus always print the same character.
Signed-off-by: Florian Vaussard <florian.vaussard@gmail.com>
pthread_attr_init() should not return EBUSY as per POSIX spec
so fixed this by return ENOMEM if the attr pointer is NULL.
Also fixed the attribute initialization logic by copying the
init_pthread_attrs to the attr.
Fixes Issue #7480
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
The _thread_entry() is not really a part of the kernel but a part of
the zephyr's C runtime support library. Hence moving just the
function to lib/thread_entry.c
Signed-off-by: Adithya Baglody <adithya.nagaraj.baglody@intel.com>
MPU devices that enforce power-of-two alignment now
specify the size of the buffer used for the newlib heap.
This buffer will be properly aligned and a pointer
exposed in a kernel header, such that it can be added
to a user thread's memory domain configuration if
necessary.
MPU devices that don't have these restrictions allocate
the heap as normal.
In all cases, if an MPU/MMU region needs to be programmed,
the z_newlib_get_heap_bounds() API will return the necessary
information.
Given how precious MPU regions are, no automatic programming
of the MPU is done; applications will need to do this as
needed in their memory domain configurations.
On x86, the x86 MMU-specific code has been moved to arch/x86
using the new z_newlib_get_heap_bounds() API.
Fixes: #6814
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Newlib uses any RAM between _end and the bounds of physical
RAM for the _sbrk() heap. Set up a user-writable region
so that this works properly on x86.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Calling POSIX exit() function in Zephyr w/newlib leads to printing
"exit" to stdout followed by infinite loop. That message was
printed without a newline though, leading to confusing artifacts
in the console output.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
This trades a little bit over 40 bytes (on x86) of text for a lot of
savings in rodata. This is accomplished by using bitfields to pack the
field name length, offset, alignment, and the type tag into a single
32-bit unsigned integer instead of scattering this information into
four different integers.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Fix potential overflow of interger expression for by fixing
variable type to s64_t.
CID: 185275
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
The POSIX layer had a simple ready_one_thread() utility. Move this to
the scheduler API (with a prepended underscore -- it's an internal
API) so that it can be synchronized along with the rest of the
scheduler.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Almost everywhere this was called, it was immediately followed by
_abort_thread_timeout(), for obvious reasons. The only exceptions
were in timeout and k_timer expiration (unifying these two would be
another good cleanup), which are peripheral parts of the scheduler and
can plausibly use a more "internal" API.
So make the common case the default, and expose the old behavior as
_unpend_thread_no_timeout(). (Along with identical changes for
_unpend_first_thread) Saves code bytes and simplifies scheduler
surface area for future synchronization work.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Originally, pthread_cond_signal() was written to yield even in
circumstances where the current thread is at a cooperative priority
and would not expect to be context-switched out until it blocks. This
makes sense, as in most cases you want the newly signaled thread to
get a chance to run as soon as possible.
On further reflection (and also because it complicates the scheduler),
I think that's wrong. The point to cooperative scheduling is that it
allows the cooperative code to make synchronization assumptions about
exactly when it might yield to other threads, and having arbitrary
APIs be "preemption points" like this complicates that analysis
significantly.
Use _reschedule() like other code does.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Now that other work has eliminated the two cases where we had to do a
reschedule "but yield even if we are cooperative", we can squash both
down to a single _reschedule() function which does almost exactly what
legacy _Swap() did, but wrapped as a proper scheduler API.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Recent changes have eliminated most use of _Swap() in favor of higher
level scheduler abstractions. We can remove the header too.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Everywhere the current thread is pended, the code is going to have to
do a _Swap() soon afterward, yet the scheduler API exposed these as
separate steps. Unify this pattern everywhere it appears, which saves
some code bytes and gets _Swap() out of the general scheduler API at
zero cost.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
There was a somewhat promiscuous pattern in the kernel where IPC
mechanisms would do something that might effect the current thread
choice, then check _must_switch_threads() (or occasionally
__must_switch_threads -- don't ask, the distinction is being replaced
by real English words), sometimes _is_in_isr() (but not always, even
in contexts where that looks like it would be a mistake), and then
call _Swap() if everything is OK, otherwise releasing the irq_lock().
Sometimes this was done directly, sometimes via the inverted test,
sometimes (poll, heh) by doing the test when the thread state was
modified and then needlessly passing the result up the call stack to
the point of the _Swap().
And some places were just calling _reschedule_threads(), which did all
this already.
Unify all this madness. The old _reschedule_threads() function has
split into two variants: _reschedule_yield() and
_reschedule_noyield(). The latter is the "normal" one that respects
the cooperative priority of the current thread (i.e. it won't switch
out even if there is a higher priority thread ready -- the current
thread has to pend itself first), the former is used in the handful of
places where code was doing a swap unconditionally, just to preserve
precise behavior across the refactor. I'm not at all convinced it
should exist...
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
The compiler can remove the NULL check since the dereference happens
before it (and assume that the pointer is always valid).
Coverity-Id: 185281
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Returns true if the specified node is in the tree. Allows the tree to
be used for "set" style semantics along with a lessthan_fn that simply
compares the nodes by their address.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
A balanced tree implementation for Zephyr as we grow into bigger
regimes where simpler data structures aren't appropriate.
This implements an intrusive balanced tree that guarantees O(log2(N))
runtime for all operations and amortized O(1) behavior for creation
and destruction of whole trees. The algorithms and naming are
conventional per existing academic and didactic implementations, c.f.:
https://en.wikipedia.org/wiki/Red%E2%80%93black_tree
The implementation is size-optimized to prioritize runtime memory
usage. The data structure is intrusive, which is to say the struct
rbnode handle is intended to be placed in a separate struct the same
way other such structures (e.g. Zephyr's dlist list) and requires no
data pointer to be stored in the node. The color bit is unioned with
a pointer (fairly common for such libraries). Most notably, there is
no "parent" pointer stored in the node, the upper structure of the
tree being generated dynamically via a stack as the tree is recursed.
So the overall memory overhead of a node is just two pointers,
identical with a doubly-linked list.
Code size above dlist is about 2-2.5k on most architectures, which is
significant by Zephyr standards but probably still worthwhile in many
situations.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Move posix layer from 'kernel' to 'lib' folder as it is not
a core kernel feature.
Fixed posix header file dependencies as part of the move and
also removed NEWLIBC related macros from posix headers.
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
We would like to offer the capability to have memory pool heap data
structures that are usable from user mode threads. The current
k_mem_pool implementation uses IRQ locking and system-wide membership
lists that make it incompatible with user mode constraints.
However, much of the existing memory pool code can be abstracted to some
common functions that are used by both k_mem_pool and the new
sys_mem_pool implementations.
The sys_mem_pool implementation has the following differences:
* The alloc/free APIs work directly with pointers, no internal memory
block structures are exposed to the end user. A pointer to the source
pool is provided for allocation, but freeing memory just requires the
pointer and nothing else.
* k_mem_pool uses IRQ locks and required very fine-grained locking in
order to not affect system latency. sys_mem_pools just use a semaphore
to protect the pool data structures at the API level, since there aren't
implications for system responsiveness with this kind of concurrency
control.
* sys_mem_pools do not support the notion of timeouts for requesting
memory.
* sys_mem_pools are specified at compile time with macros, just like
kernel memory pools. Alternative forms of specification at runtime
will be a later enhancement.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
As per the Apache v2 License, state changes made to the original code in
the modified version of the files.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Since base64 is such a simple and commonly used feature it makes no
sense to build the whole of mbedTLS for it. Instead take the
implementation that comes with mbedTLS and import it as a native library
outside of ext/ for all to use directly.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
* ring_bufffer is in lib, so move the Kconfig out of the kernel.
* move one Kconfig used for json to lib/Kconfig alongside other
Kconfigs.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
This is a minor change that makes the data pointer const and shifts
the length to a size_t to match the other CRC functions.
Signed-off-by: Michael Hope <mlhx@google.com>
We want to support other toolchain not based on GCC, so the variable is
confusing, use ZEPHYR_TOOLCHAIN_VARIANT instead.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
The existing version of crc16_ccitt() is actually CRC-16/AUG-CCITT and
gives different results to Linux, Contiki, and the CRC unit in the
SAM0 SOC. This version matches Linux.
Note that this is an incompatible API change.
Signed-off-by: Michael Hope <mlhx@google.com>
Enable stdio to work by default if Newlib is used as libc - it's
reasonable expectation that if full-fledged libc (like Newlib) is
selected, then printf() works out of the box.
Fixes: #5566
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Add abs function to the minimal libc. This is present in
NEWLIB_LIBC, but adding it here avoid to make a dependency
with NEWLIB_LIBC.
Signed-off-by: Vincent Veron <vincent.veron@st.com>
CROSS_COMPILE is a KBuild feature that was dropped during the CMake
migration. It is now re-introduced. Documentation for it is still
lacking, but at least it now behaves as expected.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
This code is commonly used in the Linux kernel for reporting a
retryable error like a failed CRC. This name and value is already
present in Linux and newlib.
Signed-off-by: Michael Hope <mlhx@google.com>
When building a native application, we use the host provided libc, so do
not build minimal libc or newlib.
Signed-off-by: Alberto Escolar Piedras <alpi@oticon.com>
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Introducing CMake is an important step in a larger effort to make
Zephyr easy to use for application developers working on different
platforms with different development environment needs.
Simplified, this change retains Kconfig as-is, and replaces all
Makefiles with CMakeLists.txt. The DSL-like Make language that KBuild
offers is replaced by a set of CMake extentions. These extentions have
either provided simple one-to-one translations of KBuild features or
introduced new concepts that replace KBuild concepts.
This is a breaking change for existing test infrastructure and build
scripts that are maintained out-of-tree. But for FW itself, no porting
should be necessary.
For users that just want to continue their work with minimal
disruption the following should suffice:
Install CMake 3.8.2+
Port any out-of-tree Makefiles to CMake.
Learn the absolute minimum about the new command line interface:
$ cd samples/hello_world
$ mkdir build && cd build
$ cmake -DBOARD=nrf52_pca10040 ..
$ cd build
$ make
PR: zephyrproject-rtos#4692
docs: http://docs.zephyrproject.org/getting_started/getting_started.html
Signed-off-by: Sebastian Boe <sebastian.boe@nordicsemi.no>
The C11 standard requires this. From 7.2 "Diagnostics <assert.h>"
paragraph 1:
> The header <assert.h> defines the assert and static_assert macros...
paragraph 3:
> The macro
> static_assert
> expands to _Static_assert.
Since static_assert is a keyword in C++11, don't define it if C++.
Signed-off-by: Thiago Macieira <thiago.macieira@intel.com>
The C standard requires assert() to be a void result, so you
could write something like:
return assert(x), x;
From the C11 standard (7.2 Diagnostic <assert.h>):
> If NDEBUG is defined as a macro name at the point in the source file
> where <assert.h> is included, the assert macro is defined simply as
> #define assert(ignore) ((void)0)
Signed-off-by: Thiago Macieira <thiago.macieira@intel.com>
This was causing an unaligned pointer read on some architectures,
leading to crashes. This could be alternatively solved by rounding
the size to the nearest power of 2, but this wouldn't work with
packed structs.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
This appears to be a bug in GCC: when an anonymous union contains
anonymous structs, GCC issues a warning that a field in one of the
anonymous structs has not been initialized. Fix by making the
structs not anonymous.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
append_bytes_to_buf() already writes a NUL byte; no need to call
append_bytes() again with "" and size 1.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
This header is included by some files provided by ESP-IDF. Nothing
from this header file is actually used: it's only being added allow
things to compile with the minimal libc.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Since JSON_OBJ_DESCR_ARRAY is suitable only for arrays of primitives,
add JSON_OBJ_DESCR_OBJ_ARRAY (and a ..._NAMED variant), to allow users
to handle arrays of objects.
Having a macro is important, given the unintuitive space optimization
used for storing the offset to the structure element containing the
number of elements in the array.
Signed-off-by: Marti Bolivar <marti.bolivar@linaro.org>
This function currently fails when decoding an array with number of
elements exactly equal to the maximum available in the struct.
To fix this, move the check for if the current field is past the end
of the array to just before attempting to decode a value. This allows
the last element to be followed by a JSON_TOK_LIST_END token in the
case that the array is full, and the function to return success.
Signed-off-by: Marti Bolivar <marti.bolivar@linaro.org>
The JSON library doesn't properly encode arrays whose elements are of
object type. Fix that.
This fix avoids allocating a temporary descriptor on the stack, and
keeps the size of struct json_obj_descr unchanged, by preserving an
unintuitive size optimization made by the library. See the comments
in the patch for more details.
Signed-off-by: Marti Bolivar <marti.bolivar@linaro.org>
This (and JSON_OBJ_DESCR_ARRAY_NAMED) are really intended for handling
arrays of primitive type only. They don't allow users to declare
descriptors for arrays of objects. Clarify this in the Doxygen.
Signed-off-by: Marti Bolivar <marti.bolivar@linaro.org>
Move all characters to "char" type: no implicit conversions between
"unsigned char", "u8_t", etc.
Tested with ISSM 2016.2.085.
Jira: ZEP-2159
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
The set of valid JSON field names is larger than the set of C
identifiers. This can result in structure field names which pack
decoded JSON values which necessarily differ from the field names in
the JSON.
Support this by adding _NAMED variants to each of the JSON_OBJ_DESCR_*
helper macros. For example, JSON_OBJ_DESCR_PRIM_NAMED allows users to
declare a descriptor field for a primitive type, whose structure field
name is different from the JSON field name.
Signed-off-by: Marti Bolivar <marti.bolivar@linaro.org>
Newlib names this function __errno(), so if we want Zephyr to work
with Newlib seamlessly, it's better to just follow Newlib's naming
convention for Zephyr's own minimal libc.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Currently, json_escape() allocates a temporary buffer on the stack
that's the size of the string being escaped.
Stack space is precious and longer JSON strings can run into the
hundreds of bytes, so re-implement this routine to escape in place.
Signed-off-by: Marti Bolivar <marti.bolivar@linaro.org>
There are already helper macros for declaring descriptor fields of
object and array type. Add one for primitive types as well.
The fact that the JSON test code defines one proves that it's useful,
so there should be one provided for other users.
Signed-off-by: Marti Bolivar <marti.bolivar@linaro.org>
Convert code to use u{8,16,32,64}_t and s{8,16,32,64}_t instead of C99
integer types.
Jira: ZEP-2051
Change-Id: I74bc6384c4090f4ae322e3aa151874f583a5fe73
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
This is a start to move away from the C99 {u}int{8,16,32,64}_t types to
Zephyr defined u{8,16,32,64}_t and s{8,16,32,64}_t. This allows Zephyr
to define the sized types in a consistent manor across all the
architectures we support and not conflict with what various compilers
and libc might do with regards to the C99 types.
We introduce <zephyr/types.h> as part of this and have it include
<stdint.h> for now until we transition all the code away from the C99
types.
We go with u{8,16,32,64}_t and s{8,16,32,64}_t as there are some
existing variables defined u8 & u16 as well as to be consistent with
Zephyr naming conventions.
Jira: ZEP-2051
Change-Id: I451fed0623b029d65866622e478225dfab2c0ca8
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
If we use newlib the isdigit (and other similar functions) return an
error as char can possibly be viewed as signed:
usr/include/ctype.h:57:54: error: array subscript has type ‘char’ [-Werror=char-subscripts]
#define __ctype_lookup(__c) ((__ctype_ptr__+sizeof(""[__c]))[(int)(__c)])
Being explicit about the char being unsigned char deals with this.
Change-Id: If2416218220ef5b29f1a69470cbcc6b4fd49ef86
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Boolean values were being decoded using the descriptor type rather than
the value type.
Jira: ZEP-1607
Change-Id: I0c9324ee705af973ccf738e92785820c3a5fb692
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
The function to ignore spaces was not being called, so some tokens had
whitespace in the beginning. They were correctly lexed, but parsing
could eventually fail.
Jira: ZEP-1607
Change-Id: I796596143895fa0fa652641f56af9a03e7a65b7a
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Comparing *endptr with '\0' will always be true before replacing
*token->end with prev_end.
Jira: ZEP-1607
Change-Id: I224129586e15380d3919bfba3db4fcf38c28cb07
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
It has been suggested in a review to use a simple function with a
switch statement instead of the table trick.
Jira: ZEP-1607
Change-Id: I5290de175021bfa8642334548ece8266d4c137f0
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Roll the loop in an accept_run() function and use it to match "rue" and
"alse" depending on the first character of the token. Use that to lex
"ull" after finding "n" as well. This reduces the code slightly.
Jira: ZEP-1607
Change-Id: Iec8ff6ae2fb79e7fe65d476d1574c5943d23e14f
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Serializing an object in JSON is quite tricky to do by hand, and with
an array of descriptor structs, there's enough information to do that
programatically.
The encoder takes a callback function, so that one can be written to
write bytes to, for instance, a struct net_buf. This way, there's no
guesswork to determine the buffer size, reducing the possibility of
overflowing the stack.
Jira: ZEP-1607
Change-Id: I5ccf1012e46c1db32fcfdf2ecee4a1ef44c927d5
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Parse arrays and nested objects.
Array parsing is limited to items of the same type, and requires an array
with fixed number of elements. Elements can be of any type supported by
the parser, including arrays and objects.
The return value of json_obj_parse() won't be that helpful: the nth bit
will only be set if the object has been fully decoded.
Jira: ZEP-1607
Change-Id: I472e402ae3f36a1bd1505decc0313f74cbfa2e07
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
This is a minimal JSON parser (and string encoder helper). This has
been originally written for the NATS client sample project, but since
it's a generic bit of code, it's also being provided as a library
outside the NATS application source.
It's limited (no support for arrays, nested objects, only integer
numbers, etc), but it is sufficient for the NATS protocol to work.
Jira: ZEP-1012
Change-Id: Ibfe64aa1884e8763576ec5862f77e81b4fd54b69
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Add __printf_like attribute to printf style functions in minimal libc to
enable the compiler checking this provides. We fixup the associated
issues that are now found by utilizing these checks.
Change-Id: I74ac0d0345782463d9fb454f7161d6b4af211ba5
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
The isalnum() primitive is used by the NATS protocol implementation to
vaildate some of the inputs.
This uses primitives that were already in place.
Change-Id: Ib53eeb7ae002a42f5b6aa8d4fc61baca029a042d
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Dummy time.h to fulfill the compilations requirements of certain
libraries i.e. mbedTLS
Change-Id: I07e66dbf07337b935dabe9eecdf1be3850bbf394
Signed-off-by: Sergio Rodriguez <sergio.sf.rodriguez@intel.com>
This patch adds in the include to get the CONFIG_SRAM definitions on
systems which are using device tree generation.
Change-Id: Ie61efbcdfc900a2c682a2fb8bbaecb61071a20f8
Signed-off-by: Andy Gross <andy.gross@linaro.org>
As it turns out Xtensa SDK headers also define _Restrict, causing
havoc. As this was intended to be a private macro, rename it to something
less likely to cause a collision.
Change-Id: I0a7501a1af8cf87efb096872a91a7b44bd2bbdca
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Each GCC target backend is at liberty to define its own SIZE_TYPE. GCC
uses this for various purposes, not lease it drives the machinery that
spits out format specifier diagnostics when format specifiers are
applied to objects with inappropriate type. GCC exposes the current
definition of SIZE_TYPE via the preprocessor symbol __SIZE_TYPE__.
The GCC build processes also generates various standard library header
files that directyle expose stanard types in a form consistent with
the current configuration of GCC. Conventionally standard library
build processes (for glibc and newlib) pick up the header files
generated by the GCC build.
In the minimal libc we have no such build process, we don't pick up
the header files that the GCC build process generated. Instead we
define our own alternative header files and align them with GCC
manually.
The current definition of ssize_t in minimal libc is out of step with
GCC which means that any use of the %z[du] format modifier will issue
a diagnostic.
We replace the open coded architecture detection in minimal libc and
use GCCs __SIZE_TYPE__ directly.
Change-Id: I63b5e17bee4f4ab83d49e492e58efd3bafe76807
Signed-off-by: Marcus Shawcroft <marcus.shawcroft@arm.com>
tests: fs: Fix printf warning when using newlib
Current code uses %ld format specifier to print data of
type ssize_t. This causes type warnings when built with
newlib. The correct format specifier to be used for
ssize_t is %zd.
Change-Id: I02a3c628e3d6e8a36a09cd694220406d8faf1730
Signed-off-by: Ramesh Thomas <ramesh.thomas@intel.com>
