The current implementations of memcpy and memset are optimized for
performance and use a word based loop before the byte based loop.
Add a config option that skips the word based loop. This saves 120
bytes on the Cortex-M0+ which is worthwhile on small apps like a
bootloader.
Enable by default if SIZE_OPTIMIZATIONS is set.
Signed-off-by: Michael Hope <mlhx@google.com>
Add an explanation comment, so no one in the future
will try to change that part of the code.
Add parasoft tags to suppress a violation in static analysis tool
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
With 64 bytes heap and 1 byte allocation on a big heap, we get:
0 1 2 3 4 5 6 7
| h | h | b | b | c | 1 | s | f |
where
- h: chunk0 header
- b: buckets in chunk0
- c: chunk header for the first allocation
- 1: chunk mem
- s: solo free header
- f: end marker / footer
max_chunkid() was returning h->end_chunk - min_chunk_size(h), which is
5 because min_chunk_size() on a big heap is 2. This works if you
don't have the solo free header at 6 and the heap is like:
0 1 2 3 4 5 6
| h | h | b | b | c | 1 | f |
max_chunkid() in this case gives you 6 - 2 = 4, which is the right
chunkid for the last chunk header.
This commit replaces max_chunkid() with h->end_chunk and "<=" (less
than or equal to) with "<" (less than), so that it always compares
against the end maker chunkid, but the code won't touch the end maker
itself.
Signed-off-by: Yasushi SHOJI <yashi@spacecubics.com>
a switch was converted to an if statement and still had a default,
something went really wrong here.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Current "switch" operator with one case replace with the "if"
operator, because every switch statement shall have at least
two case-clauses.
Found as a coding guideline violation (MISRA R16.1) by static
coding scanning tool.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
According to the Zephyr Coding Guideline all switch statements
shall be well-formed.
Added a default labels to switch-clauses without them.
Added comments to the empty default cases.
Found as a coding guideline violation (MISRA R16.1) by static
coding scanning tool.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
An 'if' (expression) construct shall be followed by a compound
statement.
Add braces to improve readability and maintainability.
Found as a coding guideline violation (MISRA R15.6) by static
coding scanning tool.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
Function types shall be in prototype form with named parameters
Found as a coding guideline violation (MISRA R8.2) by static
coding scanning tool.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
This commit adds a new `CONFIG_NEWLIB_MIN_REQUIRED_HEAP_SIZE` config
that allows user to specify the minimum required heap size for the
newlib heap, and makes `malloc_prepare` validate that the memory space
available for the newlib heap is greater than this value.
The default minimum required heap size values were empiricially
determined, so as to allow the basic standard C functions such as
`printf` and `scanf` to work properly.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
The time() function works correctly with the minimal libc, but always
returns -1 with the newlib libc. This is due to the _gettimeofday hook
being implemented that way.
Fix that by calling gettimeofday in the _gettimeofday hook instead of
returning -1.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
In a primitive SYS_SLIST_FOR_EACH_NODE check for null was
after dereferencing. Place check for null of the "thread_spec_data"
before its dereferencing.
Found as a coding guideline violation (MISRA R4.1) by static
coding scanning tool.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
Statement "cont = dropped_item != NULL" first checks if "dropped_item"
returns null or not null, then assigns to "cont".
If "dropped_item" is null then "cont = 0",
if "dropped_item" is not null then "cont = 1".
As a result in line below no need to check "dropped_item" again
It is enough to check state of the "cont" variable,
to be sure what returned "dropped_item".
Found as a coding guideline violation (MISRA R4.1) by static
coding scanning tool.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
In code is a variable "chunksz_t chunksz" that has the same name as
function "chunksz_t chunksz()" in the one heap.h file.
Create unique variable name to avoid misreading in the future.
Found as a coding guideline violation (MISRA R5.9) by static
coding scanning tool.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
Our minimal C library makes an alias of UINT*_C() to
be __UINT*_C() and INT*_C() to __INT*_C(). However,
in mwdt, these are not defined by default, so define
them ourselves. We have similar fix for xcc: #31962
Signed-off-by: Watson Zeng <zhiwei@synopsys.com>
The K_HEAP_DEFINE macro would allow users to specify heaps that are
too small, leading to potential corruption events (though at least
there were __ASSERTs that would catch this at runtime if enabled).
It would be nice to put the logic to compute this value into the heap
code, but that isn't available in kernel.h (and we don't want to pull
it in as this header is already WAY to thick). So instead we just
hand-compute and document the choice. We can address bitrot problems
with a test.
(Tweaks to heap size asserts and correct size bounds from Nicolas Pitre)
Fixes#33009
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
work_q.c is not being built or used, it was replaced by user_work.c
which now has k_work_user_queue_start.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
This commit removes the lock inside the newlib internal `_sbrk`
function, which is called by `malloc` when additional heap memory is
needed.
This lock is no longer required because any calls to the `malloc`
function are synchronised by the `__malloc_lock` and `__malloc_unlock`
functions.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
This commit adds a lock implementation for the newlib heap memory
management functions (`malloc` and `free`).
The `__malloc_lock` and `__malloc_unlock` functions are called by the
newlib `malloc` and `free` functions to synchronise access to the heap
region.
Without this lock, making use of the `malloc` and `free` functions from
multiple threads will result in the corruption of the heap region.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
File has next violations:
MISRA 11_9_a
Use NULL instead of literal zero (0) as the null-pointer-constant
MISRA 11_9_b
Literal zero (0) shall not be used as the null-pointer-constant
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
File zephyr/lib/os/cbprintf_nano.c had operands with different types.
It caused Rule 10.4 violation.
Both operands of an operator in which the usual arithmetic conversions
are performed shall have the same essential type category.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
coding guidelines 10.4: casting operands to have same types
File zephyr/lib/os/cbprintf_nano.c had operands with different types.
It caused Rule 10.4 violation.
Both operands of an operator in which the usual arithmetic conversions
are performed shall have the same essential type category.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
removed cast to int
Do basic preparations for building code for ARCv3 HS6x
* add ISA_ARCV3 and CPU_HS6X config options
* add off_t type support for __ARC64__
* use elf64-littlearc format for linking
* use arc64 mcpu for CPU_HS6X
Signed-off-by: Eugeniy Paltsev <Eugeniy.Paltsev@synopsys.com>
Signed-off-by: Evgeniy Paltsev <PaltsevEvgeniy@gmail.com>
This introduces bit arrays as a new data type. This is different
than sys_bitfield as it is working on raw arrays of 32-bit
data. The bit arrays encode additional data inside the struct
to avoid going beyond the declared number of bits, and also
provides locking.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Previously, when no overwrite mode was used and there was no space
no packet was dropped. However, it should be allowed to drop skip
packet that may be added as padding at the end of the buffer.
Extended dropping scheme to drop skip packets in no overwrite mode.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Added early return from mpsc_pbuf_alloc when requested size
exceed the buffer capacity. Previously, in that case buffer
was falling into endless loop.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Currently P4WQ supports queues with sets of user-provided
worked threads of arbitrary numbers. These threads are started
immediately upon initialisation.
This patch adds support for 3 more thread implementation options:
1. queue per thread. It adds a K_P4WQ_ARRAY_DEFINE() macro which
initialises an array of queues and threads of the same number.
These threads are then uniquely assigned to respective queues.
2. delayed start. With this option threads aren't started
immediately upon queue initialisation. Instead a new function
k_p4wq_enable_static_thread() has to be called to enable those
threads individually.
3. queue per CPU. With this option the user can assign CPU masks
to threads when calling k_p4wq_enable_static_thread().
Otherwise the cpu_mask parameter to that function is ignored.
Currently enabling this option implies option 2 above. Also so
far to enable queues per CPU the user has to use
K_P4WQ_ARRAY_DEFINE(), which means this option also implies 1
above, but both these restrictions can be relaxed in the
future if required.
Signed-off-by: Guennadi Liakhovetski <guennadi.liakhovetski@linux.intel.com>
Work items in P4WQ currently belong to the user before submission
and after exit from the handler, therefore, unless the handler
re-submits the item, accessing it in p4wq_loop() in such cases
is racy. To fix this we re-define work item ownership. Now the
item belongs to the P4WQ core until the user calls
k_p4wq_wait(). If the work item has its .sync flag set, the
function will sleep until the handler completes processing the
work item or until the timeout expires. If .sync isn't set and
the handler hasn't processed the item yet, the function returns
-EBUSY.
Signed-off-by: Guennadi Liakhovetski <guennadi.liakhovetski@linux.intel.com>
When SMP is disabled, the SMP initialisation level is
undefined, therefore a different level must be used.
Signed-off-by: Guennadi Liakhovetski <guennadi.liakhovetski@linux.intel.com>
Reboot functionality has nothing to do with PM, so move it out to the
subsys/os folder.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
onoff, p4wq, and sem had several places missing final else
statement in the if else if construct. This commit adds
else {} to comply with coding guideline 15.7.
Signed-off-by: Jennifer Williams <jennifer.m.williams@intel.com>
heap* had several places missing final else statement in the
if else if construct. This commit adds else {} to comply with
coding guideline 15.7.
Signed-off-by: Jennifer Williams <jennifer.m.williams@intel.com>
cbprintf_* had several places missing final elsestatement in the
if else if construct. This commit adds else {} to comply with
coding guideline 15.7.
Signed-off-by: Jennifer Williams <jennifer.m.williams@intel.com>
NIOS2 is using _image_rodata_start/_end in its linker script
to mark the boundaries of rodata. So they no loner need
special treatment.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
The lib/os/ had several places missing final else
statement in the if else if construct. This commit adds
else {} or simple refactor to comply with coding guideline 15.7.
- cbprintf_complete.c
- cbprintf_nano.c
- heap-validate.c
- heap.c
- onoff.c
- p4wq.c
- sem.c
Also resolves the checkpatch issue of comments should align * on
each line.
Signed-off-by: Jennifer Williams <jennifer.m.williams@intel.com>
get_child does not return an essentially boolean type, so it has to be
properly checked against a pointer.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Move cmsis OS apis under subsystem/portability. Those are not libraries
and only serve to provide a level of abstraction using the CMSIS OS APIs
to existing Zephyr interfaces.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Added optional debug prints. Logging cannot be used because
mpsc pbuf is used by the logging.
Added option to clear packet memory after allocation. Option is
enabled in Kconfig.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Michael Hope