We used to leave byte-long placeholder symbols to ensure
that empty application memory sections did not cause
build errors that were very difficult to understand.
Now we use some relatively portable inline assembly to
generate a symbol, but don't take up any extra space.
The malloc and libc partitions are now only instantiated
if there is some data to put in them.
Fixes: #13923
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Added __weak keyword to to support overriding assert_post_action().
This allows system designers to change/augment the assert behaviour,
i.e. add logging to persistant storage of program counter, line
number etc, and/or change reboot behaviour.
Signed-off-by: Tim Sørensen (TIMS) <tims@oticon.com>
Exactly one caller of pthread_barrier_wait() should receive a return
value of PTHREAD_BARRIER_SERIAL_WAIT; all others should receive zero
(or an error code). Added a test to match.
Fixes: #9953
Signed-off-by: Charles E. Youse <charles.youse@intel.com>
MISRA-C says that char type should not be used in arithmetically as the
data doesn't represent numbers.
MISRA-C rules 10.1 and 10.2
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
MISRA rules (see #11425) forbid recursive algorithms. In the case of
rb_walk(), it's not actually used anywhere but a test right now, so we
can simply disable the API when CONFIG_MISRA_SANE is defined. Mempool
had a (IMHO, fairly clever) tail recursive loop in bfree_recombine()
which can be trivially transformed into an only slightly uglier
iterative version.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
MISRA rules (see #9892) forbid alloca() and family, even though those
features can be valuable performance and memory size optimizations
useful to Zephyr.
Introduce a MISRA_SANE kconfig, which when true enables a gcc error
condition whenever a variable length array is used.
When enabled, the mempool code will use a theoretical-maximum array
size on the stack instead of one tailored to the current pool
configuration.
The rbtree code will do similarly, but because the theoretical maximum
is quite a bit larger (236 bytes on 32 bit platforms) the array is
placed into struct rbtree instead so it can live in static data (and
also so I don't have to go and retune all the test stack sizes!).
Current code only uses at most two of these (one in the scheduler when
SCHED_SCALABLE is selected, and one for dynamic kernel objects when
USERSPACE and DYNAMIC_OBJECTS are set).
This tunable is false by default, but is selected in a single test (a
subcase of tests/kernel/common) for coverage. Note that the I2C and
SPI subsystems contain uncorrected VLAs, so a few platforms need to be
blacklisted with a filter.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
These get references by newlib builds in other toolchains, e.g.
gnuarmemb, and lack of them breaks linking. Tested that
tests/posix/fs and tests/posix/common actually work with these
changes.
Fixes: #13906
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Some more were added since the cleanup pass in June 2018. See e.g.
commit 2d50da70a1 ("drivers: ipm: Kconfig: Remove redundant 'default n'
properties") for a motivation. It also avoids people wondering whether
or not they need to put in 'default n'.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
_impl__zephyr_write() was renamed to _impl__zephyr_write_stdout().
This wasn't caught by CI because we didn't have POSIX tests build
for newlib, but now we have.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
In case newlib is enabled, but POSIX subsys isn't, there're adhoc
implementations of read() and write() which work only with adhoc
stdin/stdout emulation layer. These are backed by system calls named
like "read" and "write". Rename all these functions and syscalls to
explicitly mention stdin/stdout in the names, to free namespace
for the implementation of generic read/write syscalls which will
integrate with POSIX fdtable.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
The intent of this Kconfig is to allow libc stdout
functions like printf() to send their output to the
active console driver instead of discarding it.
This somehow evolved into preferring to use
printf() instead of printk() for all test case output
if enabled. Libc printf() implementation for both
minimal libc and newlib use considerably more stack
space than printk(), with nothing gained by using
them.
Remove all instances where we are conditionally
sending test case output based on this config, enable
it by default, and adjust a few tests that disabled
this because they were blowing stack.
printk() and vprintk() now work as expected for
unit_testing targets, they are just wrappers for
host printf().
Fixes: #13701
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Also, for now x86_64 does not support newlib, so do not enable newlib
for this arch until we have a solution.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
With newer newlib we get a build error with mqueue.h realted to mode_t.
Let's just let newlib define mode_t and have minimal libc also define
it in sys/types.h. So we remove the duplicated definition in
posix/unistd.h.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
This is an integral part of userspace and cannot be used
on its own. Fold into the main userspace configuration.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
We need a generic name for the partition containing
essential C library globals. We're going to need to
add the stack canary guard to this area so user mode
can read it.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Both SDK 0.10.0-beta2 and the ARM gcc 2018q2 run into a build issue with
newlib and conflict definitions of mode_t type.
First we need to add some ifdef protection if mode_t is already defined
and set _MODE_T_DECLARED if we are the first to define it.
Secondarily, we rename include/posix/sys/types.h to
include/posix/posix_types.h so that we aren't getting a name collusion
with the system sys/types.h and that we can easily and clearily include
it (which we need to do to pull in the info from newlib).
Fixes: #12224
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
For now we are disabling support for POSIX lib on native posix arch. We
need to cleanup and support POSIX lib cleanly for hardware targets.
Once that is working properly we can look to support the feature on
native posix arch.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
There are issues using lowercase min and max macros when compiling a C++
application with a third-party toolchain such as GNU ARM Embedded when
using some STL headers i.e. <chrono>.
This is because there are actual C++ functions called min and max
defined in some of the STL headers and these macros interfere with them.
By changing the macros to UPPERCASE, which is consistent with almost all
other pre-processor macros this naming conflict is avoided.
All files that use these macros have been updated.
Signed-off-by: Carlos Stuart <carlosstuart1970@gmail.com>
Just like with _Swap(), we need two variants of these utilities which
can atomically release a lock and context switch. The naming shifts
(for byte count reasons) to _reschedule/_pend_curr, and both have an
_irqlock variant which takes the traditional locking.
Just refactoring. No logic changes.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Implements osThreadJoin and osThreadDetach.
This implementation uses a semaphore to signal when a thread is
exiting so any join operations are signalled to continue. It supports
multiple join operations on a single thread, and ensures joins are
aborted if a thread is detached.
Signed-off-by: Carlos Stuart <carlosstuart1970@gmail.com>
This was never a long-term solution, more of a gross hack
to get test cases working until we could figure out a good
end-to-end solution for memory domains that generated
appropriate linker sections. Now that we have this with
the app shared memory feature, and have converted all tests
to remove it, delete this feature.
To date all userspace APIs have been tagged as 'experimental'
which sidesteps deprecation policies.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
* Newlib now defines a special z_newlib_partition containing
all globals relevant to newlib. Most of these are in libc.a
with a heap tracking variable in newlib's hooks.
* Both C libraries now expose a k_mem_partition containing the
bounds of the malloc heap arena. Threads that want to use
libc malloc() will need to add this to their memory domain.
* z_newlib_get_heap_bounds has been removed, in favor of the
memory partition for the heap arena
* ztest now includes the C library partitions in its memory
domain.
* The mem_alloc test now runs in user mode to prove that this
all works for both C libraries.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
If an unitialized/zeroed optional attribute was passed to osThreadNew
the priority would be osThreadNone i.e. uninitialized. This causes an
ASSERT to be hit as the priority isn't valid (it is not between
osPriorityIdle and osPriorityISR).
The fix checks the passed in priority is not osPriorityNone and assigns
osPriorityNormal. This is the correct CMSIS behaviour.
The ASSERT will still be hit if the priority is invalid (<0).
Signed-off-by: Carlos Stuart <carlosstuart1970@gmail.com>
Fixed an issue whereby if an attribute structure was passed into a CMSIS
RTOS v2 'new' function with an invalid address i.e. NULL assigned to the
name (char*) member the memcpy at the end of each new function
would cause a segmentation fault i.e. read from an invalid
address.
This has been fixed by checking if the name is NULL and using the
default name from the init struct if it is. This is the same name
that would be used if not passing in the optional attr function
argument.
Changed the memcpy to strncpy to ensure that the copy does not read
beyond the end of the source string and changed the length from 16 to 15
(by means of a `sizeof(...)-1`) of the destination buffer to ensure that
it will always be nul-terminated.
Signed-off-by: Carlos Stuart <carlosstuart1970@gmail.com>
Implemented dynamic thread stacks for CMSIS threads by declaring an
array of default sized thread stacks. Allocation cannot be done on the
heap as some architectures require strict alignment for stacks so the
macro must be used to define the stack to ensure most compatibility.
Added a Kconfig variable to limit the number of dynamic threads on the
system (they also count towards total CMSIS thread count). This is so a
developer can have fine grained control over how many dynamic threads
can be allocated because all their stacks must be allocated up front so
could use a lot of memory needlessly if oversubscribed. The default
value is 0 which effectively disabled dynamic threads but also reduces
the memory impact to almost none.
Fixed an assert bug where thread_num was being tested against the
maximum allowed CMSIS threads - it previous checked for less than or
equal which actually (due to when the increment happens) allowed there
to be one more thread. The check now correctly uses less than and only
allowed up to the defined maximum.
Signed-off-by: Carlos Stuart <carlosstuart1970@gmail.com>
Implemented dynamic allocation of memory pools in a similar to manner to
what was already implemented for message queues. Added all the same
checks on size vs. maximum allowed and current heap.
Added an additional Kconfig variable to define the maximum size of a
dynamically allocated memory pool.
Signed-off-by: Carlos Stuart <carlosstuart1970@gmail.com>
Added some additional checks when creating a message queue to ensure the
size of the queue does not exceed the size of the buffer passed in via
the optional attributes.
Added a new Kconfig option to limit the maximum size of a message queue
dynamically allocated on the heap.
Added a check to ensure the heap is at least large enough to hold a
maximum size dynamically allocated queue.
Signed-off-by: Carlos Stuart <carlosstuart1970@gmail.com>
Added Kconfig dependency that NUM_PREEMPT_PRIORITIES must be at least
osPriorityISR (56). This was enforced by a build assert message but not
decribed in the Kconfig.
Signed-off-by: Carlos Stuart <carlosstuart1970@gmail.com>
After #12732, 6904501173
asserts call k_panic.
Before this, the POSIX arch had its own hack in the
__ASSERT_POST implementation to terminate the process instead
of spining forever.
But the POSIX arch does implement k_panic properly, so there
is no need anymore for this hack.
=> Remove the special treatment for POSIX ARCH
Signed-off-by: Alberto Escolar Piedras <alpi@oticon.com>
Replaced forever loop in assert with call to a function.
In post_assert_action() function, k_panic is called.
Forever loop was preventing logs to be printed and had behavior
ependent on the context (low prioriy thread - system continue to
ork, irq - system is blocked).
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
lib/ was starting to get messy and inconsitent. Files being either
dumped in the root or in sub-directories without a clear plan.
Move all library components into one single folder and call it 'os'.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
mq_maxmsg and mq_msgsize are defined to be of
type long in POSIX standard. So use long for
variables that hold its value in mq_open().
Signed-off-by: Niranjhana N <niranjhana.n@intel.com>
This patch adds a x86_64 architecture and qemu_x86_64 board to Zephyr.
Only the basic architecture support needed to run 64 bit code is
added; no drivers are added, though a low-level console exists and is
wired to printk().
The support is built on top of a "X86 underkernel" layer, which can be
built in isolation as a unit test on a Linux host.
Limitations:
+ Right now the SDK lacks an x86_64 toolchain. The build will fall
back to a host toolchain if it finds no cross compiler defined,
which is tested to work on gcc 8.2.1 right now.
+ No x87/SSE/AVX usage is allowed. This is a stronger limitation than
other architectures where the instructions work from one thread even
if the context switch code doesn't support it. We are passing
-no-sse to prevent gcc from automatically generating SSE
instructions for non-floating-point purposes, which has the side
effect of changing the ABI. Future work to handle the FPU registers
will need to be combined with an "application" ABI distinct from the
kernel one (or just to require USERSPACE).
+ Paging is enabled (it has to be in long mode), but is a 1:1 mapping
of all memory. No MMU/USERSPACE support yet.
+ We are building with -mno-red-zone for stack size reasons, but this
is a valuable optimization. Enabling it requires automatic stack
switching, which requires a TSS, which means it has to happen after
MMU support.
+ The OS runs in 64 bit mode, but for compatibility reasons is
compiled to the 32 bit "X32" ABI. So while the full 64 bit
registers and instruction set are available, C pointers are 32 bits
long and Zephyr is constrained to run in the bottom 4G of memory.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Added glue logic to interface Zephyr with LittlevGL GUI library
This includes:
* KConfig options for all lvgl options
* Kernel & user space memory management
* Zephyr to lvgl FS call mapping
* Color space conversion function
Signed-off-by: Jan Van Winkel <jan.van_winkel@dxplore.eu>
Following the standard GCC RISC-V convetion use __riscv for the RISC-V
specific define:
41d6b10e96/gcc/config/riscv/riscv-c.c (L37)
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Used as a checksum on command messages when talking with MMC cards.
Implemented using the unwound bytewise implementation from
https://en.wikipedia.org/wiki/Computation_of_cyclic_redundancy_checks
which is a good mix of size and speed.
The API and naming matches lib/crc7.c in Linux.
Signed-off-by: Michael Hope <mlhx@google.com>
If any of the Zephyr version numbers went beyond 99, the "%2d" printf
specifiers would expand to fit and the string would run over the
memory on the stack used for os_str[].
Recent GCC versions (remember native_posix and x86_64 use the host
compiler) were actually detecting this and correctly issuing a warning
(but only if the 3-digit char value would overflow the actual array
size!), which was breaking sanitycheck for me on Fedora 28 and Ubuntu
18.04 build hosts. Pretty impresive warning.
As it happens this was wasteful anyway; we were spending bytes on the
stack (and in rodata to store the constant which, and the cycles
needed to copy it into place on the stack where it would be
overwritten immediately) when we could just snprintf() directly into
the buffer the user gave us.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Thread Flags are used to trigger execution states between threads.
These APIs provide functionalities like set, clear and wait.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
Events are used to trigger execution states between threads.
These APIs provide functionalities like event set, clear and
wait.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
