If `pthread_exit()` is called from a `k_thread`, then we would
previously trigger an assertion. The problem with that, is that
is POSIX is acting as a compatibility layer.
Given that it is a reasonable expectation to have the calling
thread exit or abort when calling `pthread_exit()`, lets do just
that.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
Modify the signature of the k_mem_slab_free() function with a new one,
replacing the old void **mem with void *mem as a parameter.
The following function:
void k_mem_slab_free(struct k_mem_slab *slab, void **mem);
has the wrong signature. mem is only used as a regular pointer, so there
is no need to use a double-pointer. The correct signature should be:
void k_mem_slab_free(struct k_mem_slab *slab, void *mem);
The issue with the current signature, although functional, is that it is
extremely confusing. I myself, a veteran Zephyr developer, was confused
by this parameter when looking at it recently.
All in-tree uses of the function have been adapted.
Fixes#61888.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Implements the posix clock_nanosleep function, where both relative
and absolute sleeps are made as absolute sleeps.
The nanosleep() function is a special case of clock_nanosleep(),
and so has been refactored to simply call it.
Signed-off-by: Tom Finet <tom.codeninja@gmail.com>
* `struct sigevent` is not type-defined
* `union sigval` is not type-defined
* `struct sigevent` must include `sigev_notify_attributes`
For more information, see https://bit.ly/3YfnELI
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
extends the char buffer in the strsignal function to cover the
entire range of `int`
Had to use `-INT_MAX` as the compiler resolves
```
STRINGIFY(INT_MIN)
```
to:
```
(-2147483647 - 1)
```
instead of:
```
-2147483648
```
Signed-off-by: Yong Cong Sin <ycsin@meta.com>
The normative spec for `pthread_mutex_timedlock()` says that
it should return `ETIMEDOUT` when a timeout occurs. However,
currently it returns `EAGAIN`, which reflects what is returned
by `k_mutex_lock()`.
Inspect and update the return value to account for this slight
difference.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
Ensure that the thread return value is set by `pthread_join()`
when `status` is non-NULL.
Additionally, we have an opportunity to synchronously clean
up thread stacks in `pthread_join()`, which is preferable.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
Discovered this while implementing c11 threads, but there
was a regression recently that made it so that `pthread_join()`
would report success when attempting to join a thread that had
been detached with `pthread_detach()`.
Technically now that is undefined behaviour, but historically,
we have reported `EINVAL`, which was the older specified
return value.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
This change allows users to call pthread_create() with
the pthread_attr_t argument equal to NULL.
If Zephyr is configured with `CONFIG_DYNAMIC_THREAD`, then a
suitable thread stack will be allocated via
k_thread_stack_alloc(). The allocated thread stack is
automatically freed via k_thread_stack_free().
This makes the Zephyr implementation of pthread_create()
compliant with the normative spec.
Signed-off-by: Christopher Friedt <chrisfriedt@gmail.com>
Since the argument is a 32-bit unsigned int, all possible
values satisfy the condition that intval < UINT64_MAX - 1.
Remove the redundant conditional.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
Multiple reader threads unlocking the read lock simultaneously might
cause the program hang because it's possible that no thread is
identified as the last one to active the writer thread.
To fix the issue, swap the k_sem_give sequence.
Signed-off-by: Jaxson Han <jaxson.han@arm.com>
The `pthread_once_lock` `k_mutex` is statically initialized and
only visible within file scope. Coverity identified it as unsafe
because the return values of `pthread_mutex_lock()` and
`pthread_mutex_unlock()` were unchecked. However, if those
functions were to fail here, it would be indicative that
something far worse has happened.
In any case, we add assertions that these functions
succeed rather than silently ignoring with `(void)`, which
ensures that we have coverage when assertions are enabled,
in test, while removing unneeded code with assertions disable,
in production.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
The `struct k_spinlock` size is zero bytes under certain
circumstances. This is a bit of a problem, because it breaks a
number of assumptions about things in C.
That should be fixed when #59922 is addressed.
This change is just a hotfix to correct the specific condition
where we will need workarounds in other source files.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
This change is setting up for switching over to proper POSIX
option requirements, feature test macros, and a dependency
structure that is reflective of the standard.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
Most of the posix source files can be easily identified by a
short name. I.e. most of the `pthread_` prefixed files do not
need the `pthread_` prefix.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
A significant enough portion of these files has been
changed to justify adding Meta copyright as well as
that of the original author.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
Fixes#58911. Previously the stat command returned
information on the filesystem, but not the file itself.
Because block size is still set this function is
backwards compatible with the previous faulty
behavior.
Signed-off-by: Vincent van Beveren <v.van.beveren@nikhef.nl>
The POSIX API compatibility shim can be used for some
of the POSIX ARCH targets.
Narrow the Kconfig filtering accordingly.
Note that the recommended configuration when building
with the native simulator is still to use an embedded
C library. Using the host C library will in some cases
cause undesired behaviour.
Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
Fix a regression introduced by commit e6eb0a705b ("posix: eventfd: revise
locking, signaling, and allocation"), which was a complete rewrite stating
that:
The `wait_q` and `k_poll_signal` entries were removed from
`struct eventfd` as they were unnecessary.
In fact, `k_poll_signal` (both `read_sig` and `write_sig`) were used to
wake-up blocking `poll()` invocation in another thread. This is no longer
the case now, i.e. `poll(..., POLLIN)` does not return after calling
`eventfd_write()` on the observed (polled) FD.
Fix this regression by bringing back `read_sig` and `write_sig` to very
similar state as it was before.
Fixes: e6eb0a705b ("posix: eventfd: revise locking, signaling, and
allocation")
Signed-off-by: Marcin Niestroj <m.niestroj@emb.dev>
This adds a few line use zephyr_syscall_header() to include
headers containing syscall function prototypes.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Previously, the `posix_internal.h` header needed to be exposed
to the application because we had non-trivial details for
most posix types (pthread, mutex, cond, ...). Since most of
those have been simplified to a typedef'ed integer, we
no longer need to expose that header to the applicaiton.
Additionally, it means that we can adopt normalized
header order in posix.
Additionally, keep more implementation details hidden
and prefer the static keyword on internal symbols where
possible.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
To enable testing, introduce `CONFIG_PTHREAD_CREATE_BARRIER`.
Some observations were made that running several Qemu SMP targets
concurrently could lead to synchronization problems. On such
targets, it was found that the synchronization issues were
mitigated by introducing a `pthread_barrier_t` shared between
`pthread_create()` and the spawned thread.
It is suggested to enable the option when running many
SMP tests concurrently in several parallel Qemu processes,
e.g. with `twister`.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
Previously, pthreads suffered from some race conditions.
This was almost inevitable given that it was maintained in
parallel to Zephyr's threading and synchronization API.
The unfortunate side-effect of with that is that it did not
receive the reliability and other improvements that
`k_thread`s did.
Here, we perform a significant update of pthread code so
that it depends directly on public Zephyr API. With that,
we reuse as many concepts as possible and pthreads benefits for
free from any improvement made to Zephyr's threading and
synchronization APIs.
Included with this change, we
* implement state with `ready_q`, `run_q`, and `done_q`
* use `pthread_barrier_wait()` to sync `pthread_create()`
* synchronize internal state with a spinlock
These pthreads are considerably more reliable than
before.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
The internal representation of `pthread_cond_t`,
`struct posix_cond`, is an identical clone of `struct k_condvar`
but without the benefit of being able to use all of the
existing `k_condvar_*()` suite of functions.
The first step in the right direction was switching
the external representation of `pthread_cond_t` to a simple
`int`. Let's take the next step in the right direction, which
is getting rid of `struct posix_cond`.
For now, let's keep this change as a simple type
substitution. Eventually, we should be able to fully switch
to Zephyr API internally.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
The internal representation of `pthread_mutex_t`,
`struct posix_mutex`, is basically a clone of `struct k_mutex`
but without the benefit of being able to use all of the
existing `k_mutex_*()` suite of functions.
The first step in the right direction was switching
the external representation of `pthread_mutex_t` to a simple
`int`. Let's take the next step in the right direction, which
is getting rid of `struct posix_mutex`.
The only significant difference between `struct k_mutex` and
`struct posix_mutex` is that the latter needs a `type` field.
Since there were a fixed number of `struct posix_mutex`, we
can just externalize the `type` field and reuse
`struct k_mutex` as-is.
For now, let's keep this change as a simple type
substitution. Eventually, we should be able to fully switch
to Zephyr API internally.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
Previously pthread_barrier_t was implemented in terms of wait
queues and internal scheduler functions.
This introduced some obstacles and inconsistency. In order
to be more consistent, rely only on Zephyr's public API and
reuse as many concepts as possible.
Deprecate `PTHREAD_BARRIER_DEFINE()` since it's non-standard.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
Deprecate `EFD_IN_USE` and `EFD_FLAGS_SET` as they are not
specified as part of any public `eventfd()` API.
While those are being deprecated, use `_INTERNAL` variants.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
TL;DR - a complete rewrite.
Previously, the prototypical `eventfd()` usage (one thread
performing a blocking `read()`, followed by another thread
performing a `write()`) would deadlock Zephyr. This shortcoming
has existed in Zephyr's `eventfd()` implementation from the
start and the suggested workaround was to use `poll()`.
However, that is not sufficient for integrating 3rd-party
libraries that may rely on proper `eventfd()` blocking
operations such as `eventfd_read()` and `eventfd_write()`.
The culprit was the per-fdtable-entry `struct k_mutex`.
Here we perform a minor revision of the locking strategy
and employ `k_condvar_broadcast()` and `k_condvar_wait()`
to signal and wait on the holder of a given `struct k_mutex`.
It is important to note, however, that the primary means of
synchronizing the eventfd state is actually the eventfd
spinlock. The fdtable mutex and condition variable are mainly
used for the purposes of blocking io (r,w,close) and are not
used in the code path of non-blocking reads.
The `wait_q` and `k_poll_signal` entries were removed from
`struct eventfd` as they were unnecessary.
Additionally, switch to using a bitarray because it is
possibly faster than linear search for allocating and
deallocating eventfd resources.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
There is no major benefit to haveing `eventfd_read()` and
`eventfd_write()` as `static inline` functions and it is
arguably much easier to solve the deadlock bug when they
are not `inline`.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
Until now iterable sections APIs have been part of the toolchain
(common) headers. They are not strictly related to a toolchain, they
just rely on linker providing support for sections. Most files relied on
indirect includes to access the API, now, it is included as needed.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
Have eventfd Kconfig select POLL is the code utilizes the polling
API. We get a link error for tests/lib/fdtable/libraries.os.fdtable
when building on arm-clang without this.
Signed-off-by: Kumar Gala <kumar.gala@intel.com>
The `SCHED_OTHER` scheduling priority is mandatory as part of
POSIX. It must be numerically distinct from `SCHED_FIFO`,
`SCHED_RR`, and `SCHED_SPORADIC`, but is implementation-
defined and may behave identically to `SCHED_FIFO` or
`SCHED_RR`.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
MISRA Rule 5.7 requires uniqueness of tag identifiers. Shell is
frequently problematic because many code uses `const struct shell
*shell`. This causes CI noise every time one of these shell files is
edited, so let's update all of them with `const struct shell *sh`
instead.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
The init infrastructure, found in `init.h`, is currently used by:
- `SYS_INIT`: to call functions before `main`
- `DEVICE_*`: to initialize devices
They are all sorted according to an initialization level + a priority.
`SYS_INIT` calls are really orthogonal to devices, however, the required
function signature requires a `const struct device *dev` as a first
argument. The only reason for that is because the same init machinery is
used by devices, so we have something like:
```c
struct init_entry {
int (*init)(const struct device *dev);
/* only set by DEVICE_*, otherwise NULL */
const struct device *dev;
}
```
As a result, we end up with such weird/ugly pattern:
```c
static int my_init(const struct device *dev)
{
/* always NULL! add ARG_UNUSED to avoid compiler warning */
ARG_UNUSED(dev);
...
}
```
This is really a result of poor internals isolation. This patch proposes
a to make init entries more flexible so that they can accept sytem
initialization calls like this:
```c
static int my_init(void)
{
...
}
```
This is achieved using a union:
```c
union init_function {
/* for SYS_INIT, used when init_entry.dev == NULL */
int (*sys)(void);
/* for DEVICE*, used when init_entry.dev != NULL */
int (*dev)(const struct device *dev);
};
struct init_entry {
/* stores init function (either for SYS_INIT or DEVICE*)
union init_function init_fn;
/* stores device pointer for DEVICE*, NULL for SYS_INIT. Allows
* to know which union entry to call.
*/
const struct device *dev;
}
```
This solution **does not increase ROM usage**, and allows to offer clean
public APIs for both SYS_INIT and DEVICE*. Note that however, init
machinery keeps a coupling with devices.
**NOTE**: This is a breaking change! All `SYS_INIT` functions will need
to be converted to the new signature. See the script offered in the
following commit.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
init: convert SYS_INIT functions to the new signature
Conversion scripted using scripts/utils/migrate_sys_init.py.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
manifest: update projects for SYS_INIT changes
Update modules with updated SYS_INIT calls:
- hal_ti
- lvgl
- sof
- TraceRecorderSource
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
tests: devicetree: devices: adjust test
Adjust test according to the recently introduced SYS_INIT
infrastructure.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
tests: kernel: threads: adjust SYS_INIT call
Adjust to the new signature: int (*init_fn)(void);
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
* add opening and closing braces around several blocks
* convert dos line endings to unix
* move assignments out of conditionals
* ensure adequate spacing after control blocks
Signed-off-by: Chris Friedt <cfriedt@meta.com>
Although the eventfd API is not (yet) a part of POSIX,
it's pretty well ubiquitous on POSIX systems now.
Enable it by default when `CONFIG_POSIX_API=y`.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
The `getopt()` function is part of POSIX and should be
available when applications choose to enable general POSIX
API support.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
With the `<zephyr/posix/...> prefix, it became
exponentially more difficult to integrate 3rd-party
libraries that depend on the POSIX API.
Standard POSIX headers should be available in standard
include paths - and that should most certainly the case
when `CONFIG_POSIX_API=y`.
With this change:
* When `CONFIG_POSIX_API=y`
- applications have explicitly chosen to use
POSIX APIs.
- all standard POSIX includes are in the default
include path.
* When `CONFIG_POSIX_API=n`
- applications *may* include POSIX headers
explicitly with the namespaced prefix
- e.g. `#include <zephyr/posix/unistd.h>`
- individual Kconfig options can be used to
enable POSIX features selectively, such as
`getopt` or `eventfd`.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
The remaining types that needed to be harmonized between
Newlib and Zephyr's POSIX definitions are:
* `struct sched_param`
- don't re-define if using minimal libc
* `pthread_attr_t`
- convert to `struct pthread_attr`
- define type if using minimal libc
- assert acceptible object size
* `pthread_mutexattr_t`
- convert to `struct pthread_mutexattr`
- define type if using minimal libc
- assert acceptible object size
* `pthred_condattr_t`
- convert to `struct pthread_condattr`
- define type if using minimal libc
- assert acceptible object size
* `pthread_once_t`
- adopt newlib definition
- define type if using minimal libc
Signed-off-by: Chris Friedt <cfriedt@meta.com>
Define `PTHREAD_CREATE_DETACHED` and
`PTHREAD_CREATE_JOINABLE` to be compatible with the Newlib
definitions.
This is a temporary workaround for #51211 until Newlib
headers are pulled in.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
The `fcntl.h` header has never been a part of ISO C so move it to
`include/zephyr/posix`.
To ensure a smooth migration, a header was left in
`lib/libc/minimal/include` that prints a deprecation warning.
Users should either include `<zephyr/posix/fcntl.h>` or switch to
`CONFIG_POSIX_API=y`.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
The `sys/stat.h` header has never been a part of ISO C so move it
to `zephyr/include/posix/sys/`.
To ensure a smooth migration, leave a stub header in
`lib/libc/minimal/include/sys/` that prints a deprecation warning
suggesting developers either include `<zephyr/posix/sys/stat.h>`
or use `CONFIG_POSIX_API=y`.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
The previous method used to calculate seconds in `clock_gettime()`
seemed to have an inaccuracy that grew with time causing the
seconds to be off by an order of magnitude when ticks would roll
over.
This change fixes the method used to calculate seconds.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
should be able to configure the time spent waiting
for available resources when calling timer_create()
to not cause a hiccup in applications that require
faster response times than the original hard-coded 100 ms.
Signed-off-by: Nicholas Lowell <nlowell@lexmark.com>
Declarations for `getopt()` should be in `<unistd.h>`
according to the spec. The extended versions `getopt_long()`
and `getopt_long_only()` are declared in `<getopt.h>`.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
This seems to have caused build failures in spite of CI being
green in PR 52653.
This reverts commit fc92eb1b37.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
Declarations for `getopt()` should be in `<unistd.h>`
according to the spec. The extended versions `getopt_long()`
and `getopt_long_only()` are declared in `<getopt.h>`.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
The original implementation of `usleep()` was not compliant
to the POSIX spec in 3 ways.
- calling thread may not be suspended (because `k_busy_wait()`
was previously used for short durations)
- if `usecs` > 1000000, previously we did not return -1 or set
`errno` to `EINVAL`
- if interrupted, previously we did not return -1 or set
`errno` to `EINTR`
This change addresses those issues to make `usleep()` more
POSIX-compliant.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
In the case that `sleep()` is interrupted, the POSIX spec requires
it to return the number of "unslept" seconds (i.e. the number of
seconds requested minus the number of seconds actually slept).
Since `k_sleep()` already returns the amount of "unslept" time
in ms, we can simply use that.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
Consistent with the change of `pthread_t`, `pthread_mutex_t`,
and `pthread_cond_t` to `uint32_t`, we can now also abstract
`pthread_key_t` as `uint32_t` and separate the implementation
detail, hidden from POSIX API consumers.
This change introduces `CONFIG_MAX_PTHREAD_KEY_COUNT`.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
None of the operations that `pthread_key_sem` protected were
blocking, so simply make it a spinlock.
Also made the lock static.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
Consistent with the change of `pthread_t` from
`struct posix_thread` to `uint32_t`, we can now also abstract
`pthread_cond_t` as `uint32_t` and separate `struct posix_cond`
as an implementation detail, hidden from POSIX API consumers.
This change deprecates `PTHREAD_COND_DEFINE()` in favour of the
(standardized) `PTHREAD_COND_INITIALIZER`.
This change introduces `CONFIG_MAX_PTHREAD_COND_COUNT`.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
Previously, `pthread_cond_init()` could not actually fail, and
destroying condition variables was a no-op, and it was missing
in `pthread_exit()`.
However, with the change of `pthread_cond_t` to `uint32_t`, and
since those are embedded inside of `struct posix_thread` for the
time being, the pthread code needs to keep track that it is
relinquishes used condition variables when a thread completes.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
Previously `PTHREAD_MUTEX_MASK_INIT` was used to mark a
`pthread_mutex_t` as initialized.
The same needs to be done for `pthread_cond_t` and likely others.
Rather than copy-pasting that and a number of inlines that
duplicate the same functionality, simply make it more generic.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
Consistent with the change of `pthread_t` from
`struct posix_thread` to `uint32_t`, we can now also abstract
`pthread_mutex_t` as `uint32_t` and separate `struct posix_mutex`
as an implementation detail, hidden from POSIX API consumers.
This change deprecates `PTHREAD_MUTEX_DEFINE()` in favour of the
(standardized) `PTHREAD_MUTEX_INITIALIZER`.
This change introduces `CONFIG_MAX_PTHREAD_MUTEX_COUNT`.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
Previously, `pthread_mutex_init()` could not actually fail, and
destroying mutexes was a no-op, so it was missing in a couple of
places.
However, with the change of `pthread_mutex_t` to `uint32_t`, and
since those are embedded inside of `struct posix_thread` for the
time being, the pthread code needs to keep track that it is
relinquishes used mutex resources when a thread completes.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
The `pthread_create()` function is not a cancellation point and
iterating over / mutating `posix_thread_pool` is not a blocking
operation, so use a spinlock for the internal `pthread_pool_lock`.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
The `struct pthread` and `enum pthread_state` are actually
implementation details specific to Zephyr.
Let's limit the scope where that level of detail is visible.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
In the interest of reducing any layering concerns,
avoid using POSIX locking primitives where necessary.
Note: it is not safe to use a spinlock here, as the
callback function to `pthread_once()` may itself be
a cancellation point.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
Several other widely-used pthread implementations
abstract `pthread_t` as `uint32_t`. The benefit
there is that we avoid passing around a pointer to
an internal structure (implementation detail).
Additionally, this removes the alias from `k_tid_t`
to `pthread_t` inside of `struct pthread_mutex`.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
As of today <zephyr/zephyr.h> is 100% equivalent to <zephyr/kernel.h>.
This patch proposes to then include <zephyr/kernel.h> instead of
<zephyr/zephyr.h> since it is more clear that you are including the
Kernel APIs and (probably) nothing else. <zephyr/zephyr.h> sounds like a
catch-all header that may be confusing. Most applications need to
include a bunch of other things to compile, e.g. driver headers or
subsystem headers like BT, logging, etc.
The idea of a catch-all header in Zephyr is probably not feasible
anyway. Reason is that Zephyr is not a library, like it could be for
example `libpython`. Zephyr provides many utilities nowadays: a kernel,
drivers, subsystems, etc and things will likely grow. A catch-all header
would be massive, difficult to keep up-to-date. It is also likely that
an application will only build a small subset. Note that subsystem-level
headers may use a catch-all approach to make things easier, though.
NOTE: This patch is **NOT** removing the header, just removing its usage
in-tree. I'd advocate for its deprecation (add a #warning on it), but I
understand many people will have concerns.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
If a thread is joined using `pthread_join()`, then the
internal state would be set to `PTHREAD_EXITED`.
Previously, `pthread_create()` would only consider pthreads
with internal state `PTHREAD_TERMINATED` as candidates for new
threads. However, that causes a descriptor leak.
We should be able to reuse a single thread an infinite number
of times.
Here, we also consider threads with internal state
`PTHREAD_EXITED` as candiates in `pthread_create()`.
Fixes#47609
Signed-off-by: Christopher Friedt <cfriedt@fb.com>
Following zephyr's style guideline, all if statements, including single
line statements shall have braces.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
In the Zephyr implementation, `sem_timedwait()` uses a
potentially wildly different timebase for comparison via
`k_uptime_get()` (uptime in ms).
The standard specifies `CLOCK_REALTIME`. However, the real-time
clock can be modified to an arbitrary value via clock_settime()
and there is no guarantee that it will always reflect uptime.
This change ensures that `sem_timedwait()` uses a more
consistent timebase for comparison.
Fixes#46807
Signed-off-by: Christopher Friedt <chrisfriedt@gmail.com>
In order to bring consistency in-tree, migrate all lib code to the new
prefix <zephyr/...>. Note that the conversion has been scripted, refer
to zephyrproject-rtos#45388 for more details.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
Move include paths and add new target_include_directories to support
backwards compatibility:
* /include -> /include/zephyr
example: <irq.h> -> <zephyr/irq.h>
Issue #41543
Signed-off-by: Yuval Peress <peress@google.com>
As described in
https://pubs.opengroup.org/onlinepubs/7908799/xsh/pthread_once.html.
The behavior of pthread_once() is undefined if once_control has
automatic storage duration or is not initialized by PTHREAD_ONCE_INIT
However, in Zephyr, the implementation is incorrect. If the init value
is PTHREAD_ONCE_INIT, the program will never run the init_func.
Signed-off-by: Jaxson Han <jaxson.han@arm.com>
Algorithm was converting uptime to nanoseconds which can easily
lead to overflows. Changed algorithm to use milliseconds and
nanoseconds for remainder only.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
According to Kconfig guidelines, boolean prompts must not start with
"Enable...". The following command has been used to automate the changes
in this patch:
sed -i "s/bool \"[Ee]nables\? \(\w\)/bool \"\U\1/g" **/Kconfig*
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
It was noted that `pthread_cond_wait()` would always return
ETIMEDOUT, even when successful (and no timeout should ever
occur with `K_FOREVER`).
The z_sched_wake() / z_sched_wake_all() / z_sched_wait() API
are used here with a swap return value of 0 to indicate
success.
Fixes#41284
Signed-off-by: Christopher Friedt <chrisfriedt@gmail.com>
Getopt has been rework in this way that calling it does not require
extra state parameter and its execution is thread safe.
Global parameters describing the state of the getopt function have been
made available to ensure full API compatibility in using this library.
However, referencing these global variables directly is not thread
safe. In order to get the state of the getopt function for the thread
that is currently using it, call: getopt_state_get();
Extended the library with getopt_long and getopt_long_only functions.
Moved getopt libary from utils to posix.
Signed-off-by: Jakub Rzeszutko <jakub.rzeszutko@nordicsemi.no>
We shouldn't use swapping with an interrupt lock held
as it works incorrectly on SMP platforms.
Fix that by replacing irq_lock with spinlock for pthread
subsystem.
NOTE: we fix that in a simple way with single spinlock
for mutex / cond_var / barrier. That could be improved
later (i.e. split it for several spinlocks).
Signed-off-by: Eugeniy Paltsev <Eugeniy.Paltsev@synopsys.com>
Signed-off-by: Evgeniy Paltsev <PaltsevEvgeniy@gmail.com>
In a primitive SYS_SLIST_FOR_EACH_NODE check for null was
after dereferencing. Place check for null of the "thread_spec_data"
before its dereferencing.
Found as a coding guideline violation (MISRA R4.1) by static
coding scanning tool.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
The identifiers used in the declaration and definition of a function
shall be identical [MISRAC2012-RULE_8_3-b]
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Several internal APIs wrote thread attributes (return value, mainly)
_after_ calling `z_ready_thread`. This is unsafe, at least in SMP,
because another core could have already picked up and run the thread.
Fixes#32800.
Signed-off-by: James Harris <james.harris@intel.com>
The commit adds initialization of fs_dir_t variables in preparation
for fs_opendir function change that will require fs_dir_t object, passed
to the function, to be initialized before first usage.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
The commit adds initializations of fs_file_t variables in preparation
for fs_open function change that will require fs_file_t object, passed
to the function, to be initialized before first usage.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
directly convert ticks to nsecs in the clock_* posix
functions which will provide the best resolution the
system allows
Signed-off-by: Nicholas Lowell <nlowell@lexmark.com>
This commit eliminates a compilation error by passing int to va_arg
rather than mode_t on SPARC.
Newlib sys/_types.h defines mode_t for SPARC as:
typedef unsigned short __mode_t;
GCC 10.2.0 gave the following error message and suggested solution:
mqueue.c: In function 'mq_open':
mqueue.c:61:21: error: 'mode_t' {aka 'short unsigned int'} is promoted
to 'int' when passed through '...' [-Werror]
61 | mode = va_arg(va, mode_t);
| ^
mqueue.c:61:21: note: (so you should pass 'int' not 'mode_t' {aka 'short
unsigned int'} to 'va_arg')
Signed-off-by: Martin Åberg <martin.aberg@gaisler.com>
Code should be using k_spinlock_key_t and not 'struct k_spinlock_key'.
With recent change to redefine struct k_spinlock_key we see this code
break because it wasn't using the correct type.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Using fopen() in application failed to build when configured with
CONFIG_NEWLIB_LIBC=y
CONFIG_POSIX_API=y
Signed-off-by: Arnaud Mouiche <arnaud.mouiche@invoxia.com>
The eventfd implementation suffers from various shortcomings
and it is not thread safe.
This commit addresses the following aspects of eventfd:
* make read() and write() atomic in respect to each other
* POLLIN after creating eventfd with initval != 0 shall be set
* blocking and nonblocking modes shall have the same effect on poll()
* add support for POLLOUT
Signed-off-by: Rafał Kuźnia <rafal.kuznia@nordicsemi.no>
We must round up to the nearest microsecond in order to fulfill the
nanosleep(2) API requirement of sleeping for *at least* that many
nanoseconds.
The only platform with an upper-bound check right now is Nordic.
Fixes#28483
Signed-off-by: Christopher Friedt <chrisfriedt@gmail.com>
Do not route close() calls via ioctl() as that is error prone
and quite pointless. Instead create a callback for close() in
fdtable and use it directly.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Include directories for ${ARCH} is not specified correctly.
Several places in Zephyr, the include directories are specified as:
${ZEPHYR_BASE}/arch/${ARCH}/include
the correct line is:
${ARCH_DIR}/${ARCH}/include
to correctly support out of tree archs.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
The fs_open flags has been changed to accept open flags, which requires
changes to open(...) to support the new flags.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
The commit changes signature of open function from:
int open(const char *name, int flags)
to
int open(const char *name, int flags, ...)
Currently existing two argument invocations should not require any
rework.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
So far semaphore was used with possible values in range 0 to
UINT32_MAX. Each write resulted in semaphore increment. As an example
after two writes and single read eventfd counter was correctly zeroed,
but semaphore counter was not. This means that poll() signalled at this
stage POLLIN (semaphore counter was > 0), but it clearly should
not (eventfd counter == 0). Blocking version of read() was also
returning immediately, returning 0 as previous eventfd counter.
Change read_sem to be a binary semaphore, which counter represents
eventfd counter being zero (when semaphore counter == 0) or
non-zero (when semaphore counter == 1). Try to take the semaphore in
eventfd read() and decrement eventfd counter when semaphore was ready.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Search for unused eventfd object and just remember its instance in loop
body. Initialize object later, to make it distinct from "search
phase". This change is basically an improvement for readability.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Mostly trivial search-and-replace, except for pthread_rwlock.c, where
we need spread timeout over 2 semaphore operations.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
This implements a file descriptor used for event notification that
behaves like the eventfd in Linux.
The eventfd supports nonblocking operation by setting the EFD_NONBLOCK
flag and semaphore operation by settings the EFD_SEMAPHORE flag.
The major use case for this is when using poll() and the sockets that
you poll are dynamic. When a new socket needs to be added to the poll,
there must be some way to wake the thread and update the pollfds before
calling poll again. One way to solve it is to have a timeout set in the
poll call and only update the pollfds during a timeout but that is not
a very nice solution. By instead including an eventfd in the pollfds,
it is possible to wake the polling thread by simply writing to the
eventfd.
Signed-off-by: Tobias Svehagen <tobias.svehagen@gmail.com>
Fix thread fault, on user mode, when reading variable rt_clock_base.
For the moment, clock_settime is left without system call:
we don't want to expose clock_settime without figuring out access
control
Signed-off-by: Julien D'Ascenzio <julien.dascenzio@paratronic.fr>
Add a k_timeout_t type, and use it everywhere that kernel API
functions were accepting a millisecond timeout argument. Instead of
forcing milliseconds everywhere (which are often not integrally
representable as system ticks), do the conversion to ticks at the
point where the timeout is created. This avoids an extra unit
conversion in some application code, and allows us to express the
timeout in units other than milliseconds to achieve greater precision.
The existing K_MSEC() et. al. macros now return initializers for a
k_timeout_t.
The K_NO_WAIT and K_FOREVER constants have now become k_timeout_t
values, which means they cannot be operated on as integers.
Applications which have their own APIs that need to inspect these
vs. user-provided timeouts can now use a K_TIMEOUT_EQ() predicate to
test for equality.
Timer drivers, which receive an integer tick count in ther
z_clock_set_timeout() functions, now use the integer-valued
K_TICKS_FOREVER constant instead of K_FOREVER.
For the initial release, to preserve source compatibility, a
CONFIG_LEGACY_TIMEOUT_API kconfig is provided. When true, the
k_timeout_t will remain a compatible 32 bit value that will work with
any legacy Zephyr application.
Some subsystems present timeout (or timeout-like) values to their own
users as APIs that would re-use the kernel's own constants and
conventions. These will require some minor design work to adapt to
the new scheme (in most cases just using k_timeout_t directly in their
own API), and they have not been changed in this patch, instead
selecting CONFIG_LEGACY_TIMEOUT_API via kconfig. These subsystems
include: CAN Bus, the Microbit display driver, I2S, LoRa modem
drivers, the UART Async API, Video hardware drivers, the console
subsystem, and the network buffer abstraction.
k_sleep() now takes a k_timeout_t argument, with a k_msleep() variant
provided that works identically to the original API.
Most of the changes here are just type/configuration management and
documentation, but there are logic changes in mempool, where a loop
that used a timeout numerically has been reworked using a new
z_timeout_end_calc() predicate. Also in queue.c, a (when POLL was
enabled) a similar loop was needlessly used to try to retry the
k_poll() call after a spurious failure. But k_poll() does not fail
spuriously, so the loop was removed.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Kernel timeouts have always been a 32 bit integer despite the
existence of generation macros, and existing code has been
inconsistent about using them. Upcoming commits are going to make the
timeout arguments opaque, so fix things up to be rigorously correct.
Changes include:
+ Adding a K_TIMEOUT_EQ() macro for code that needs to compare timeout
values for equality (e.g. with K_FOREVER or K_NO_WAIT).
+ Adding a k_msleep() synonym for k_sleep() which can continue to take
integral arguments as k_sleep() moves away to timeout arguments.
+ Pervasively using the K_MSEC(), K_SECONDS(), et. al. macros to
generate timeout arguments.
+ Removing the usage of K_NO_WAIT as the final argument to
K_THREAD_DEFINE(). This is just a count of milliseconds and we need
to use a zero.
This patch include no logic changes and should not affect generated
code at all.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Replace all occurences of BUILD_ASSERT_MSG() with BUILD_ASSERT()
as a result of merging BUILD_ASSERT() and BUILD_ASSERT_MSG().
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
This reverts commit 8739517107.
Pull Request #23437 was merged by mistake with an invalid manifest.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Replace all occurences of BUILD_ASSERT_MSG() with BUILD_ASSERT()
as a result of merging BUILD_ASSERT() and BUILD_ASSERT_MSG().
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
Adding the ability to set and get pthread names by defining
some non-standard extension functions that were first
introduced by Glibc.
Similar to zephyr thread naming, these allow for thread
tracking and debugging even when using the more portable
posix API.
Though Glibc was the originator, the current POSIX functions
have return codes based on Oracle's adopted spec, so these
functions follow suit. The Oracle and Glibc function
prototypes match.
Signed-off-by: Nicholas Lowell <nlowell@lexmark.com>
timespec_to_timeoutms calls clock_gettime that requires
CONFIG_POSIX_CLOCK. ifdef this function to avoid undefined reference.
Fixes#20137
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
I think people might be reading differences into 'if' and 'depends on'
that aren't there, like maybe 'if' being needed to "hide" a symbol,
while 'depends on' just adds a dependency.
There are no differences between 'if' and 'depends on'. 'if' is just a
shorthand for 'depends on'. They work the same when it comes to creating
implicit menus too.
The way symbols get "hidden" is through their dependencies not being
satisfied ('if'/'depends on' get copied up as a dependency on the
prompt).
Since 'if' and 'depends on' are the same, an 'if' with just a single
symbol in it can be replaced with a 'depends on'. IMO, it's best to
avoid 'if' there as a style choice too, because it confuses people into
thinking there's deep Kconfig magic going on that requires 'if'.
Going for 'depends on' can also remove some nested 'if's, which
generates nicer symbol information and docs, because nested 'if's really
are so simple/dumb that they just add the dependencies from both 'if's
to all symbols within.
Replace a bunch of single-symbol 'if's with 'depends on' to despam the
Kconfig files a bit and make it clearer how things work. Also do some
other minor related dependency refactoring.
The replacement isn't complete. Will fix up the rest later. Splitting it
a bit to make it more manageable.
(Everything above is true for choices, menus, and comments as well.)
Detected by tweaking the Kconfiglib parsing code. It's impossible to
detect after parsing, because 'if' turns into 'depends on'.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Remove leading/trailing blank lines in .c, .h, .py, .rst, .yml, and
.yaml files.
Will avoid failures with the new CI test in
https://github.com/zephyrproject-rtos/ci-tools/pull/112, though it only
checks changed files.
Move the 'target-notes' target in boards/xtensa/odroid_go/doc/index.rst
to get rid of the trailing blank line there. It was probably misplaced.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Promote the private z_arch_* namespace, which specifies
the interface between the core kernel and the
architecture code, to a new top-level namespace named
arch_*.
This allows our documentation generation to create
online documentation for this set of interfaces,
and this set of interfaces is worth treating in a
more formal way anyway.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This commit refactors kernel and arch headers to establish a boundary
between private and public interface headers.
The refactoring strategy used in this commit is detailed in the issue
This commit introduces the following major changes:
1. Establish a clear boundary between private and public headers by
removing "kernel/include" and "arch/*/include" from the global
include paths. Ideally, only kernel/ and arch/*/ source files should
reference the headers in these directories. If these headers must be
used by a component, these include paths shall be manually added to
the CMakeLists.txt file of the component. This is intended to
discourage applications from including private kernel and arch
headers either knowingly and unknowingly.
- kernel/include/ (PRIVATE)
This directory contains the private headers that provide private
kernel definitions which should not be visible outside the kernel
and arch source code. All public kernel definitions must be added
to an appropriate header located under include/.
- arch/*/include/ (PRIVATE)
This directory contains the private headers that provide private
architecture-specific definitions which should not be visible
outside the arch and kernel source code. All public architecture-
specific definitions must be added to an appropriate header located
under include/arch/*/.
- include/ AND include/sys/ (PUBLIC)
This directory contains the public headers that provide public
kernel definitions which can be referenced by both kernel and
application code.
- include/arch/*/ (PUBLIC)
This directory contains the public headers that provide public
architecture-specific definitions which can be referenced by both
kernel and application code.
2. Split arch_interface.h into "kernel-to-arch interface" and "public
arch interface" divisions.
- kernel/include/kernel_arch_interface.h
* provides private "kernel-to-arch interface" definition.
* includes arch/*/include/kernel_arch_func.h to ensure that the
interface function implementations are always available.
* includes sys/arch_interface.h so that public arch interface
definitions are automatically included when including this file.
- arch/*/include/kernel_arch_func.h
* provides architecture-specific "kernel-to-arch interface"
implementation.
* only the functions that will be used in kernel and arch source
files are defined here.
- include/sys/arch_interface.h
* provides "public arch interface" definition.
* includes include/arch/arch_inlines.h to ensure that the
architecture-specific public inline interface function
implementations are always available.
- include/arch/arch_inlines.h
* includes architecture-specific arch_inlines.h in
include/arch/*/arch_inline.h.
- include/arch/*/arch_inline.h
* provides architecture-specific "public arch interface" inline
function implementation.
* supersedes include/sys/arch_inline.h.
3. Refactor kernel and the existing architecture implementations.
- Remove circular dependency of kernel and arch headers. The
following general rules should be observed:
* Never include any private headers from public headers
* Never include kernel_internal.h in kernel_arch_data.h
* Always include kernel_arch_data.h from kernel_arch_func.h
* Never include kernel.h from kernel_struct.h either directly or
indirectly. Only add the kernel structures that must be referenced
from public arch headers in this file.
- Relocate syscall_handler.h to include/ so it can be used in the
public code. This is necessary because many user-mode public codes
reference the functions defined in this header.
- Relocate kernel_arch_thread.h to include/arch/*/thread.h. This is
necessary to provide architecture-specific thread definition for
'struct k_thread' in kernel.h.
- Remove any private header dependencies from public headers using
the following methods:
* If dependency is not required, simply omit
* If dependency is required,
- Relocate a portion of the required dependencies from the
private header to an appropriate public header OR
- Relocate the required private header to make it public.
This commit supersedes #20047, addresses #19666, and fixes#3056.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
Use this short header style in all Kconfig files:
# <description>
# <copyright>
# <license>
...
Also change all <description>s from
# Kconfig[.extension] - Foo-related options
to just
# Foo-related options
It's clear enough that it's about Kconfig.
The <description> cleanup was done with this command, along with some
manual cleanup (big letter at the start, etc.)
git ls-files '*Kconfig*' | \
xargs sed -i -E '1 s/#\s*Kconfig[\w.-]*\s*-\s*/# /'
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Clean up space errors and use a consistent style throughout the Kconfig
files. This makes reading the Kconfig files more distraction-free, helps
with grepping, and encourages the same style getting copied around
everywhere (meaning another pass hopefully won't be needed).
Go for the most common style:
- Indent properties with a single tab, including for choices.
Properties on choices work exactly the same syntactically as
properties on symbols, so not sure how the no-indentation thing
happened.
- Indent help texts with a tab followed by two spaces
- Put a space between 'config' and the symbol name, not a tab. This
also helps when grepping for definitions.
- Do '# A comment' instead of '#A comment'
I tweaked Kconfiglib a bit to find most of the stuff.
Some help texts were reflowed to 79 columns with 'gq' in Vim as well,
though not all, because I was afraid I'd accidentally mess up
formatting.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Use the int_literal_to_timeout Coccinelle script to convert literal
integer arguments for kernel API timeout parameters to the standard
timeout value representations.
Signed-off-by: Peter Bigot <peter.bigot@nordicsemi.no>
z_set_thread_return_value is part of the core kernel -> arch
interface and has been renamed to z_arch_thread_return_value_set.
z_set_thread_return_value_with_data renamed to
z_thread_return_value_set_with_data for consistency.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Stop linking interface libraries against zephyr_interface. This is
cargo cult code that in practice does nothing.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
Allow to enable individual POSIX components, like Pthreads.
CONFIG_POSIX_API now just enables all of individual POSIX components,
and sets up environment suitable to easily port POSIX applications to
Zephyr.
Fixes: #12965
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
To make sure that entry in fs.c:desc_array[] is freed. Note that
freeing an entry in fdtable is handled by generic implementation
of close().
Fixes: #17231
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
pthread_mutex_init() just redirects to Zephyr kernel primitive, for
initializing structure fields. So, use the knowledge that it can't
fail (for as long as structure pointer is initialized, and here it's
from pre-allocated array), and ignore return value of
pthread_mutex_init()
Coverity-CID: 203542
Fixes: #18371
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Similar to how other sub-libraries are defined in Zephyr tree, e.g.
"fs", "lgvl", etc. This is supposed to help with the need to
explicitly add posix include path to each and every application using
POSIX subsys.
Fixes: #15627
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Historically, it used to be "PTHREAD", which is no longer true, as
POSIX subsys offers much more functionality than just Pthreads. Use
detailed name, like "posix_subsys", to avoid possible confusion with
ARCH_POSIX-related matters.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
move misc/slist.h to sys/slist.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
move misc/printk.h to sys/printk.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
move misc/fdtable.h to sys/fdtable.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
move atomic.h to sys/atomic.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Previous version calculated rt_clock_base incorrectly by subtracting
clock_gettime from the specified time. Effectively the following
formula was used.
rt_clock_base := new_time - clock_gettime()
This is clearly incorrect when we consider what should happen if we
call clock_settime with the result of clock_gettime. It ought to be
approximately a no-op, but instead we end up zeroing the clock.
rt_clock_base := clock_gettime() - clock_gettime() = 0
This patch fixes clock_settime by instead using k_uptime_get to
calculate rt_clock_base, like so:
rt_clock_base := new_time - k_uptime_get()
Trying the earlier thought experiment we get:
rt_clock_base := clock_gettime() - k_uptime_get()
Using the definition of clock_gettime this expands to:
rt_clock_base := (rt_clock_base + k_uptime_get()) - k_uptime_get()
The two k_uptime_get() terms cancel out, leaving:
rt_clock_base := rt_clock_base
I.e. the no-op that we expect when calling clock_settime with
the result of clock_gettime.
Note: The bug is only observable when rt_clock_base is non-zero.
So when clock_settime is called for the first time, it will appear
to work correctly since rt_clock_base is initialized to 0.
Signed-off-by: Alexander Mihajlovic <alexander.mihajlovic@endian.se>
Current code implement CONFIG_MAX_PTHREAD_COUNT as the maximum number
of POSIX threads that can ever be created, rather than the maximum
number of active POSIX threads. Use pthread_state of struct posix_thread
to track the state of posix thread in posix_thread_pool so that we can
reuse the unused posix thread.
Fixes#15516.
Signed-off-by: Wentong Wu <wentong.wu@intel.com>
According to POSIX, that's the header which defines this function.
Similarly, nothing in POSIX indicates that <time.h> should have
access to struct timeval, so it's removed (it's made accessible
to <sys/time.h> via <sys/_timeval.h> introduced earlier).
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Update the files which contain no license information with the
'Apache-2.0' SPDX license identifier. Many source files in the tree are
missing licensing information, which makes it harder for compliance
tools to determine the correct license.
By default all files without license information are under the default
license of Zephyr, which is Apache version 2.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
fs_dirent.name is MAX_FILE_NAME + 1 bytes long, not PATH_MAX. Just
fixing it to avoid access invalid memory.
Coverity CID: 186037
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Update reserved function names starting with one underscore, replacing
them as follows:
'_k_' with 'z_'
'_K_' with 'Z_'
'_handler_' with 'z_handl_'
'_Cstart' with 'z_cstart'
'_Swap' with 'z_swap'
This renaming is done on both global and those static function names
in kernel/include and include/. Other static function names in kernel/
are renamed by removing the leading underscore. Other function names
not starting with any prefix listed above are renamed starting with
a 'z_' or 'Z_' prefix.
Function names starting with two or three leading underscores are not
automatcally renamed since these names will collide with the variants
with two or three leading underscores.
Various generator scripts have also been updated as well as perf,
linker and usb files. These are
drivers/serial/uart_handlers.c
include/linker/kobject-text.ld
kernel/include/syscall_handler.h
scripts/gen_kobject_list.py
scripts/gen_syscall_header.py
Signed-off-by: Patrik Flykt <patrik.flykt@intel.com>
Exactly one caller of pthread_barrier_wait() should receive a return
value of PTHREAD_BARRIER_SERIAL_WAIT; all others should receive zero
(or an error code). Added a test to match.
Fixes: #9953
Signed-off-by: Charles E. Youse <charles.youse@intel.com>
Both SDK 0.10.0-beta2 and the ARM gcc 2018q2 run into a build issue with
newlib and conflict definitions of mode_t type.
First we need to add some ifdef protection if mode_t is already defined
and set _MODE_T_DECLARED if we are the first to define it.
Secondarily, we rename include/posix/sys/types.h to
include/posix/posix_types.h so that we aren't getting a name collusion
with the system sys/types.h and that we can easily and clearily include
it (which we need to do to pull in the info from newlib).
Fixes: #12224
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
For now we are disabling support for POSIX lib on native posix arch. We
need to cleanup and support POSIX lib cleanly for hardware targets.
Once that is working properly we can look to support the feature on
native posix arch.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Just like with _Swap(), we need two variants of these utilities which
can atomically release a lock and context switch. The naming shifts
(for byte count reasons) to _reschedule/_pend_curr, and both have an
_irqlock variant which takes the traditional locking.
Just refactoring. No logic changes.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
mq_maxmsg and mq_msgsize are defined to be of
type long in POSIX standard. So use long for
variables that hold its value in mq_open().
Signed-off-by: Niranjhana N <niranjhana.n@intel.com>
According with MISRA-C the value returned by a non-void function has
to be used. As memcpy return is almost useless, we are explicitly
ignoring it.
MISRA-C rule 17.7
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
As extend fdtable usage to more cases, there regularly arises a need
to forward ioctl/fcntl arguments to another ioctl vmethod, which is
complicated because it defined as taking variadic arguments. The only
portable solution is to convert variadic arguments to va_list at the
first point of entry from client code, and then pass va_list around.
To facilitate calling ioctl with variadic arguments from system code,
z_fdtable_call_ioctl() helper function is added.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
The function atomic_set return the previous value of the
target. Sometimes this value is irrelevant, e.g when initializing a
variable.
As MISRA-C rule 17.7 requires that the value returned by a non-void
function must be used, we have to explicitly ignore some cases.
MISRA-C rule 17.7
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
All the handling of POSIX file descriptors is now done by fdtable.c.
fs.c still manages its own table of file structures of the underlying
fs lib.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
The table allows to wrap read/write (i.e. POSIX-compatible) semantics
of any I/O object in POSIX-compatible fd (file descriptor) handling.
Intended I/O objects include files, sockets, special devices, etc.
The table table itself consists of (underlying obj*, function table*)
pairs, where function table provides entries for read(), write, and
generalized ioctl(), where generalized ioctl handles all other
operations, up to and including closing of the underlying I/O object.
Fixes: #7405
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
For read/write/lseek, use size_t and off_t types, as mandated by
POSIX:
http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/unistd.h.html
Also, prototypes of unistd.h functions should not depend on
CONFIG_POSIX_FS, as (many) of them deal with generic I/O, not with
files in filesystem per se.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
It so happened that previously CONFIG_PTHREAD_IPC served this role.
But pthreads and IPC is only parts of POSIX, orthogonal to other
services.
Move CONFIG_POSIX_FS, etc. out from CONFIG_PTHREAD_IPC.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Calling pthread_join() with current thread would lead
to deadlock. Adding check for it and to return
appropriate error code.
Signed-off-by: Spoorthi K <spoorthi.k@intel.com>
ENOTSUP is not being used correctly in
pthread_attr_setschedparam(), hence
replaced its check for EINVAL instead.
Signed-off-by: Niranjhana N <niranjhana.n@intel.com>
Added EAGAIN error code in pthread_create()
with fixing the EINVAL return as it is
limited to attribute checking.
Signed-off-by: Niranjhana N <niranjhana.n@intel.com>
Added return of ESRCH error code in
pthread_getschedparam() when the
specified thread could not be found.
Signed-off-by: Niranjhana N <niranjhana.n@intel.com>
The return of memset is never checked. This patch explicitly ignore
the return to avoid MISRA-C violations.
The only directory excluded directory was ext/* since it contains
only imported code.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Add a private variable `rt_clock_base` that can be used to determine a
real-time clock by using the `k_uptime_get` clock. Once `clock_settime`
is added, this can allow us to have a meaningful real time clock.
Signed-off-by: David Brown <david.brown@linaro.org>
Provide an implementation of gettimeofday(). This uses clock_gettime()
with the CLOCK_REALTIME parameter, which is currently unimplemented, but
will allow clients to call this function once this functionality has
been implemented.
Signed-off-by: David Brown <david.brown@linaro.org>
The memory occupied by posix_thread objects are not significant.
Hence, no point in using dynamic allocation.
Addresses #8717.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
Consistently use
config FOO
bool/int/hex/string "Prompt text"
instead of
config FOO
bool/int/hex/string
prompt "Prompt text"
(...and a bunch of other variations that e.g. swapped the order of the
type and the 'prompt', or put other properties between them).
The shorthand is fully equivalent to using 'prompt'. It saves lines and
avoids tricking people into thinking there is some semantic difference.
Most of the grunt work was done by a modified version of
https://unix.stackexchange.com/questions/26284/how-can-i-use-sed-to-replace-a-multi-line-string/26290#26290, but some
of the rarer variations had to be converted manually.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Added 4 new pthread_key APIs for thread-specific data
key creation, deletion, setting and getting the values.
Added a key list to the posix_struct for threads.
Added pthread_once API.
Signed-off-by: Niranjhana N <niranjhana.n@intel.com>
memcpy copies upto (rc-1)th index but the write of NULL character
to the string is at (rc+1)th index skipping (rc)th index.
The fix addresses this as well.
CID: 186491
Fixes Issue #8280
Signed-off-by: Subramanian Meenakshi Sundaram <subbu147@gmail.com>
Bool symbols implicitly default to 'n'.
A 'default n' can make sense e.g. in a Kconfig.defconfig file, if you
want to override a 'default y' on the base definition of the symbol. It
isn't used like that on any of these symbols though.
Also simplify the default on STDOUT_CONSOLE. Defaults can be arbitrary
expressions, not just fixed values.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Both variables were used (with the same value) interchangeably
throughout CMake files and per the discussion in GH issue,
ZEPHYR_BASE is preferred.
Also add a comment with explanation of one vs. the other.
Tested by building hello_world for several boards ensuring no errors.
Fixes#7173.
Signed-off-by: Alex Tereschenko <alext.mkrs@gmail.com>
Use k_uptime_get() to compute both tv_sec and tv_nsec members
of timespec structure.
Fixes#8009
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
Make sure the name string is NULL terminated in the readdir().
CID: 186037
Fixes Issue #7733
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
The pthread mutex changes went in with an adaptation to build with the
new wait queue API, but they did it by using the old dlist hooks
directly through typecasting and union assignment. That... is sort of
the opposite of the intent to having the new API be abstracted. The
pthread code worked, but failed once wait queues (on x86) stopped
being dlists.
Simple fix once I saw the problem, anyway.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
This constant should be defined in limits.h. Define it in limits.h in
the minimal libc, and use the definition found in newlib's includes.
Values in newlib includes range from 1024 to 4096.
The rationale is that all code should use the same value; having
buffers specified with different sizes will lead to interoperability
and out of bounds array writes.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Add IEEE 1003.1 Posix Style file system API support.
These API's will internally use corresponding Zephyr
File System API's.
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
There were multiple spots where code was using the _wait_q_t
abstraction as a synonym for a dlist and doing direct list management
on them with the dlist APIs. Refactor _wait_q_t into a proper opaque
struct (not a typedef for sys_dlist_t) and write a simple wrapper API
for the existing usages. Now replacement of wait_q with a different
data structure is much cleaner.
Note that there were some SYS_DLIST_FOR_EACH_SAFE loops in mailbox.c
that got replaced by the normal/non-safe macro. While these loops do
mutate the list in the code body, they always do an early return in
those circumstances instead of returning into the macro'd for() loop,
so the _SAFE usage was needless.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
pthread_attr_init() should not return EBUSY as per POSIX spec
so fixed this by return ENOMEM if the attr pointer is NULL.
Also fixed the attribute initialization logic by copying the
init_pthread_attrs to the attr.
Fixes Issue #7480
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
Fix potential overflow of interger expression for by fixing
variable type to s64_t.
CID: 185275
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
The POSIX layer had a simple ready_one_thread() utility. Move this to
the scheduler API (with a prepended underscore -- it's an internal
API) so that it can be synchronized along with the rest of the
scheduler.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Almost everywhere this was called, it was immediately followed by
_abort_thread_timeout(), for obvious reasons. The only exceptions
were in timeout and k_timer expiration (unifying these two would be
another good cleanup), which are peripheral parts of the scheduler and
can plausibly use a more "internal" API.
So make the common case the default, and expose the old behavior as
_unpend_thread_no_timeout(). (Along with identical changes for
_unpend_first_thread) Saves code bytes and simplifies scheduler
surface area for future synchronization work.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Originally, pthread_cond_signal() was written to yield even in
circumstances where the current thread is at a cooperative priority
and would not expect to be context-switched out until it blocks. This
makes sense, as in most cases you want the newly signaled thread to
get a chance to run as soon as possible.
On further reflection (and also because it complicates the scheduler),
I think that's wrong. The point to cooperative scheduling is that it
allows the cooperative code to make synchronization assumptions about
exactly when it might yield to other threads, and having arbitrary
APIs be "preemption points" like this complicates that analysis
significantly.
Use _reschedule() like other code does.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Now that other work has eliminated the two cases where we had to do a
reschedule "but yield even if we are cooperative", we can squash both
down to a single _reschedule() function which does almost exactly what
legacy _Swap() did, but wrapped as a proper scheduler API.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Recent changes have eliminated most use of _Swap() in favor of higher
level scheduler abstractions. We can remove the header too.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Everywhere the current thread is pended, the code is going to have to
do a _Swap() soon afterward, yet the scheduler API exposed these as
separate steps. Unify this pattern everywhere it appears, which saves
some code bytes and gets _Swap() out of the general scheduler API at
zero cost.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
There was a somewhat promiscuous pattern in the kernel where IPC
mechanisms would do something that might effect the current thread
choice, then check _must_switch_threads() (or occasionally
__must_switch_threads -- don't ask, the distinction is being replaced
by real English words), sometimes _is_in_isr() (but not always, even
in contexts where that looks like it would be a mistake), and then
call _Swap() if everything is OK, otherwise releasing the irq_lock().
Sometimes this was done directly, sometimes via the inverted test,
sometimes (poll, heh) by doing the test when the thread state was
modified and then needlessly passing the result up the call stack to
the point of the _Swap().
And some places were just calling _reschedule_threads(), which did all
this already.
Unify all this madness. The old _reschedule_threads() function has
split into two variants: _reschedule_yield() and
_reschedule_noyield(). The latter is the "normal" one that respects
the cooperative priority of the current thread (i.e. it won't switch
out even if there is a higher priority thread ready -- the current
thread has to pend itself first), the former is used in the handful of
places where code was doing a swap unconditionally, just to preserve
precise behavior across the refactor. I'm not at all convinced it
should exist...
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
The compiler can remove the NULL check since the dereference happens
before it (and assume that the pointer is always valid).
Coverity-Id: 185281
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Move posix layer from 'kernel' to 'lib' folder as it is not
a core kernel feature.
Fixed posix header file dependencies as part of the move and
also removed NEWLIBC related macros from posix headers.
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>