in the _rirq_return_from_coop, a fake irq stack frame is created.
But the value of lp_start, lp_end, lp_count are not set correctly.
When rtie is executed, the zero-overhead loop will be enabled, if
the pc crosses the value of lp_end and lp_count is not zero. The pc
will jump to lp_start. This will break down the system.
This commit fixs this bug and set the correct value of lp_start, lp_end
and lp_count(only need to set lp_count).
Signed-off-by: Wayne Ren <wei.ren@synopsys.com>
This function returns an essential boolean type, just changing the
signature to return a boolean type.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
This commit removes the priv_stack_size field from the _thread_arch
on arc architecture as there is no code using value stored in this
variable.
Signed-off-by: Piotr Zięcik <piotr.ziecik@nordicsemi.no>
This commit exposes k_mem_partition_attr_t outside User Mode, so
we can use struct k_mem_partition for defining memory partitions
outside the scope of user space (for example, to describe thread
stack guards or no-cacheable MPU regions). A requirement is that
the Zephyr build supports Memory protection. To signify this, a
new hidden, all-architecture Kconfig symbol is defined (MPU). In
the wake of exposing k_mem_partition_attr_t, the commit exposes
the MPU architecture-specific access permission attribute macros
outside the User space context (for all ARCHs), so they can be
used in a more generic way.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
The system tick count is a 64 bit quantity that gets updated from
interrupt context, meaning that it's dangerously non-atomic and has to
be locked. The core kernel clock code did this right.
But the value was also exposed to the rest of the universe as a global
variable, and virtually nothing else was doing this correctly. Even
in the timer ISRs themselves, the interrupts may be themselves
preempted (most of our architectures support nested interrupts) by
code that wants to set timeouts and inspect system uptime.
Define a z_tick_{get,set}() API, eliminate the old variable, and make
sure everyone uses the right mechanism.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
This was another "global variable" API. Give it function syntax too.
Also add a warning, because on nRF devices (at least) the cycle clock
runs in kHz and is too slow to give a precise answer here.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Added LOG_PANIC to fault handlers to ensure that log is flush and
logger processes messages in a blocking way in fault handler.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
The fake exception return is used to jump to user mode.
So the init status of user thread is in exception mode.
Signed-off-by: Wayne Ren <wei.ren@synopsys.com>
stack check bit of status32/sec_stat will be cleared
automically in exception entry.
so remove the redundent codes
Signed-off-by: Wayne Ren <wei.ren@synopsys.com>
Move to more generic tracing hooks that can be implemented in different
ways and do not interfere with the kernel.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
The benchmark application timing_info needs certain hooks to be
present in the kernel to get the accurate measurements. This
patch adds these hook at all the required locations.
Signed-off-by: Adithya Baglody <adithya.nagaraj.baglody@intel.com>
This enables reserving little space on the top of stack to store
data local to thread when CONFIG_USERSPACE. The first customer
of this is errno.
Note that ARC, due to how it lays out the user stack and
privilege stack, sets the pointer itself rather than
relying on the common way.
Fixes: #9067
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
irq_lock returns an unsigned int, though, several places was using
signed int. This commit fix this behaviour.
In order to avoid this error happens again, a coccinelle script was
added and can be used to check violations.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
There exist two symbols that became equivalent when PR #9383 was
merged; _SYSCALL_LIMIT and K_SYSCALL_LIMIT. This patch deprecates the
redundant _SYSCALL_LIMIT symbol.
_SYSCALL_LIMIT was initally introduced because before PR #9383 was
merged K_SYSCALL_LIMIT was an enum, which couldn't be included into
assembly files. PR #9383 converted it into a define, which can be
included into assembly files, making _SYSCALL_LIMIT redundant.
Likewise for _SYSCALL_BAD.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
Consistently use
config FOO
bool/int/hex/string "Prompt text"
instead of
config FOO
bool/int/hex/string
prompt "Prompt text"
(...and a bunch of other variations that e.g. swapped the order of the
type and the 'prompt', or put other properties between them).
The shorthand is fully equivalent to using 'prompt'. It saves lines and
avoids tricking people into thinking there is some semantic difference.
Most of the grunt work was done by a modified version of
https://unix.stackexchange.com/questions/26284/how-can-i-use-sed-to-replace-a-multi-line-string/26290#26290, but some
of the rarer variations had to be converted manually.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
This code path for returning from an exception wasn't
updating ERET with ESF->pc, resulting in any updates to
the PC by the fault handler being ignored.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Bool symbols implicitly default to 'n'.
A 'default n' can make sense e.g. in a Kconfig.defconfig file, if you
want to override a 'default y' on the base definition of the symbol. It
isn't used like that on any of these symbols though.
Also fix the 'default' on XIP. Due to Zephyr's prefer-later-defaults
behavior, it was always set to 'y' (when the dependencies were
satisfied).
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
* re-use top of isr stack as exception stack
* bug fixes in irq offload's implementation
* improve kernel oops implementation
Signed-off-by: Wayne Ren <wei.ren@synopsys.com>
This commit improves the reset of arc:
* make the processor in the correct status
* clear interrupt related regs
this may improve or fix#6515
Signed-off-by: Wayne Ren <wei.ren@synopsys.com>
Whether it should hang the system it not decided finally.
But remove it here to let some tests pass.
Fixes#8032
Signed-off-by: Wayne Ren <wei.ren@synopsys.com>
* use a separate stack for exception handling, this
will gurantee the exception handling always work, not
affected by some speical cases, e.g., stack check exception
or mem. protection exception at the exception entry.
* this commit can fix the second case of #8092
* note: the thread switch is still possible in exception
handling, e.g, caused by thread_abort. But the switched out
thread cannot be recovered, as the thread context is not
setup.
Signed-off-by: Wayne Ren <wei.ren@synopsys.com>
The original implementation of CONFIG_THREAD_MONITOR would
try to leverage a thread's initial stack layout to provide
the entry function with arguments for any given thread.
This is problematic:
- Some arches do not have a initial stack layout suitable for
this
- Some arches never enabled this at all (riscv32, nios2)
- Some arches did not enable this properly
- Dropping to user mode would erase or provide incorrect
information.
Just spend a few extra bytes to store this stuff directly
in the k_thread struct and get rid of all the arch-specific
code for this.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
* the original stack check codes have no consideration
for userspace case. This will wrong cause possible stack
check exception.
* this commit refactors the arc stack check support to
support the usperspace.
* this commit fixes#7885. All the failed tests in #7885
are run again to verify this commit. The test results are ok
Signed-off-by: Wayne Ren <wei.ren@synopsys.com>
For user thread, the stack check parameters will cover both
user stack part and privilege stack part. Because in arc, they
are in the same array.
Signed-off-by: Wayne Ren <wei.ren@synopsys.com>
Previously the directory core/mpu/ was getting included on a hidden
kconfig. Now this has been replaced with the Kconfig
CONFIG_ARC_CORE_MPU.
Signed-off-by: Adithya Baglody <adithya.nagaraj.baglody@intel.com>
The metairq feature exposed the fact that all of our arch code (and a
few mistaken spots in the scheduler too) was trying to interpret
"preemptible" threads independently.
As of the scheduler rewrite, that logic is entirely within sched.c and
doing it externally is redundant. And now that "cooperative" threads
can be preempted, it's wrong and produces test failures when used with
metairq threads.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
* blink, fp should not be always cleared
* clean up code format
* use a better way to save and restore ER_SEC_STAT
Signed-off-by: Wayne Ren <wei.ren@synopsys.com>
* current codes use a faked interrupt return to do a thread switch
in exception return.
* so the different between exception return and interrupt return
should be carefully considered.
* when secure is enabled, the sec_stat should also be pushed in
exception entry.
* when secure is enabled, SEC_STAT.IRM must be configured corrrectly
for interrupt return.
* For the case of faked interrupt return in exception return, the
correct value of SEC_STAT.IRM comes from ER_SEC_STAT.ERM.
Signed-off-by: Wayne Ren <wei.ren@synopsys.com>
Normally a syscall would check the current privilege level and then
decide to go to _impl_<syscall> directly or go through a
_handler_<syscall>.
__ZEPHYR_SUPERVISOR__ is a compiler optimization flag which will
make all the system calls from the arch files directly link
to the _impl_<syscall>. Thereby reducing the overhead of checking the
privileges.
In the previous implementation all the source files would be compiled
by zephyr_source() rule. This means that zephyr_* is a catchall CMake
library for source files that can be built purely with the include
paths, defines, and other compiler flags that all zephyr source
files uses. This states that adding one extra compiler flag for only
one complete directory would fail.
This limitation can be overcome by using zephyr_libray* APIs. This
creates a library for the required directories and it also supports
directory level properties.
Hence we use zephyr_library* to create a new library with
macro _ZEPHYR_SUPERVISOR_ for the optimization.
Signed-off-by: Adithya Baglody <adithya.nagaraj.baglody@intel.com>
* call the _check_stack_sentinel in unnested isr
return.
* for firq, _check_stack_sentinel is called in kernel
isr stack because the limitation of banked register
* for normal irq, _check_stak_sentinel is called in
the interruptted thread stack
Signed-off-by: Wayne Ren <wei.ren@synopsys.com>
* For STACK_CANERY, the processor should not hang
* as _SysFatalErrorHandler is always executed in
isr context, so remove k_is_in_isr
* the function should return after k_thread_abort
Signed-off-by: Wayne Ren <wei.ren@synopsys.com>
