Excerpt from the manual:
If ptr is NULL, then the call is equivalent to malloc(size) [...]
Without this commit, such calls end with a BUS FAULT.
Signed-off-by: Tomasz Gorochowik <tgorochowik@antmicro.com>
Rename reserved function names in the subsys/ subdirectory except
for static _mod_pub_set and _mod_unbind functions in bluetooth mesh
cfg_srv.c which clash with the similarly named global functions.
Signed-off-by: Patrik Flykt <patrik.flykt@intel.com>
Permission management no longer necessary, the former
parameter for the mutex is now simply ignored.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
For some reason we missed _zephyr_fputc in commit
4344e27c26. Rename _zephyr_fputc to just
zephyr_fputc and fixup associated code to build.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Commit 4344e27c26 changed the reserved
function names, but got the naming wrong for fwrite. Just use the
name zephyr_fwrite everywhere.
Fixes#14275
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Update reserved function names starting with one underscore, replacing
them as follows:
'_k_' with 'z_'
'_K_' with 'Z_'
'_handler_' with 'z_handl_'
'_Cstart' with 'z_cstart'
'_Swap' with 'z_swap'
This renaming is done on both global and those static function names
in kernel/include and include/. Other static function names in kernel/
are renamed by removing the leading underscore. Other function names
not starting with any prefix listed above are renamed starting with
a 'z_' or 'Z_' prefix.
Function names starting with two or three leading underscores are not
automatcally renamed since these names will collide with the variants
with two or three leading underscores.
Various generator scripts have also been updated as well as perf,
linker and usb files. These are
drivers/serial/uart_handlers.c
include/linker/kobject-text.ld
kernel/include/syscall_handler.h
scripts/gen_kobject_list.py
scripts/gen_syscall_header.py
Signed-off-by: Patrik Flykt <patrik.flykt@intel.com>
We used to leave byte-long placeholder symbols to ensure
that empty application memory sections did not cause
build errors that were very difficult to understand.
Now we use some relatively portable inline assembly to
generate a symbol, but don't take up any extra space.
The malloc and libc partitions are now only instantiated
if there is some data to put in them.
Fixes: #13923
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This is an integral part of userspace and cannot be used
on its own. Fold into the main userspace configuration.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
* Newlib now defines a special z_newlib_partition containing
all globals relevant to newlib. Most of these are in libc.a
with a heap tracking variable in newlib's hooks.
* Both C libraries now expose a k_mem_partition containing the
bounds of the malloc heap arena. Threads that want to use
libc malloc() will need to add this to their memory domain.
* z_newlib_get_heap_bounds has been removed, in favor of the
memory partition for the heap arena
* ztest now includes the C library partitions in its memory
domain.
* The mem_alloc test now runs in user mode to prove that this
all works for both C libraries.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This patch adds a x86_64 architecture and qemu_x86_64 board to Zephyr.
Only the basic architecture support needed to run 64 bit code is
added; no drivers are added, though a low-level console exists and is
wired to printk().
The support is built on top of a "X86 underkernel" layer, which can be
built in isolation as a unit test on a Linux host.
Limitations:
+ Right now the SDK lacks an x86_64 toolchain. The build will fall
back to a host toolchain if it finds no cross compiler defined,
which is tested to work on gcc 8.2.1 right now.
+ No x87/SSE/AVX usage is allowed. This is a stronger limitation than
other architectures where the instructions work from one thread even
if the context switch code doesn't support it. We are passing
-no-sse to prevent gcc from automatically generating SSE
instructions for non-floating-point purposes, which has the side
effect of changing the ABI. Future work to handle the FPU registers
will need to be combined with an "application" ABI distinct from the
kernel one (or just to require USERSPACE).
+ Paging is enabled (it has to be in long mode), but is a 1:1 mapping
of all memory. No MMU/USERSPACE support yet.
+ We are building with -mno-red-zone for stack size reasons, but this
is a valuable optimization. Enabling it requires automatic stack
switching, which requires a TSS, which means it has to happen after
MMU support.
+ The OS runs in 64 bit mode, but for compatibility reasons is
compiled to the 32 bit "X32" ABI. So while the full 64 bit
registers and instruction set are available, C pointers are 32 bits
long and Zephyr is constrained to run in the bottom 4G of memory.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Under GNU C, sizeof(void) = 1. This commit merely makes it explicit u8.
Pointer arithmetics over void types is:
* A GNU C extension
* Not supported by Clang
* Illegal across all ISO C standards
See also: https://gcc.gnu.org/onlinedocs/gcc/Pointer-Arith.html
Signed-off-by: Mark Ruvald Pedersen <mped@oticon.com>
Make if statement using pointers explicitly check whether the value is
NULL or not.
The C standard does not say that the null pointer is the same as the
pointer to memory address 0 and because of this is a good practice
always compare with the macro NULL.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
The return of memset is never checked. This patch explicitly ignore
the return to avoid MISRA-C violations.
The only directory excluded directory was ext/* since it contains
only imported code.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
The stdout console implementations for minimal libc call directly into
the various console drivers (depending on what specifc hooks are
registered) causing faults when invoked from user mode. This happens,
for example, when using printf() which eventually ends up calling
fputc().
The proper solution is to ensure privileges have been elevated before
the _stdout_hook is called. This was already done for printk().
puts() and fputs() have now been re-defined in terms of the
fputc() and fwrite() functions, which are now system calls.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
For some reason %F wasn't supported initially. Its simple enough to
handle the case difference in infinity and NaN handling to add support
for %F.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
The C standard says that %f should use '[-]inf' or '[-]infinity' (which
style is implementation defined) for infinity handling and '[-]nan' for
NaN.
We where adding a '+' and had the wrong case for 'inf' and 'nan'.
Before -> After
+INF -> inf
-INF -> -inf
NaN -> nan
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
For %{e,E,g,G} conversion specifiers the C standard says the exponent
contains at least two digits, and only as many digits are necessary. So
instead of 1.234000e-001 we should have 1.234000e-01.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
The charmap table used by strncasecmp() not only used precious 256
bytes of ROM, it also had wrong mappings outside the ASCII range
(123..218).
Rewrite strncasecmp() to call tolower() instead; might be a tiny wee
little bit slower than the current version, but it's not used in any
performance-sensitive parts of the code to justify the waste.
This reduces the ROM footprint for the ws_echo_server sample by ~224
bytes.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
lib/libc/minimal/source/CMakeLists.txt and
lib/libc/minimal/source/stdout/CMakeLists.txt was introduced in
12f8f7616 but it is not used by the build system. CMakeLists.txt in
the parent dir lib/libc/minimal/CMakeLists.txt adds C files to the
target with the lines like:
${CMAKE_CURRENT_SOURCE_DIR}/source/stdlib/atoi.c
${CMAKE_CURRENT_SOURCE_DIR}/source/stdlib/strtol.c
To make other empty CMakeLists.txt explicit, this commit adds a
comment line to them.
Signed-off-by: Yasushi SHOJI <y-shoji@ispace-inc.com>
The implementation of fwrite() in the minimal libc does not increment
the source pointer, and thus always print the same character.
Signed-off-by: Florian Vaussard <florian.vaussard@gmail.com>
Introducing CMake is an important step in a larger effort to make
Zephyr easy to use for application developers working on different
platforms with different development environment needs.
Simplified, this change retains Kconfig as-is, and replaces all
Makefiles with CMakeLists.txt. The DSL-like Make language that KBuild
offers is replaced by a set of CMake extentions. These extentions have
either provided simple one-to-one translations of KBuild features or
introduced new concepts that replace KBuild concepts.
This is a breaking change for existing test infrastructure and build
scripts that are maintained out-of-tree. But for FW itself, no porting
should be necessary.
For users that just want to continue their work with minimal
disruption the following should suffice:
Install CMake 3.8.2+
Port any out-of-tree Makefiles to CMake.
Learn the absolute minimum about the new command line interface:
$ cd samples/hello_world
$ mkdir build && cd build
$ cmake -DBOARD=nrf52_pca10040 ..
$ cd build
$ make
PR: zephyrproject-rtos#4692
docs: http://docs.zephyrproject.org/getting_started/getting_started.html
Signed-off-by: Sebastian Boe <sebastian.boe@nordicsemi.no>
As it turns out Xtensa SDK headers also define _Restrict, causing
havoc. As this was intended to be a private macro, rename it to something
less likely to cause a collision.
Change-Id: I0a7501a1af8cf87efb096872a91a7b44bd2bbdca
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Replace the existing Apache 2.0 boilerplate header with an SPDX tag
throughout the zephyr code tree. This patch was generated via a
script run over the master branch.
Also updated doc/porting/application.rst that had a dependency on
line numbers in a literal include.
Manually updated subsys/logging/sys_log.c that had a malformed
header in the original file. Also cleanup several cases that already
had a SPDX tag and we either got a duplicate or missed updating.
Jira: ZEP-1457
Change-Id: I6131a1d4ee0e58f5b938300c2d2fc77d2e69572c
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Moved all libc Kconfigs to where the code is and remove the default
Kconfig for selecting the minimal libc. Minimal libc is now the default
if nothing else is configured in.
Removed the options for extended libc, this obviously was restricting
features in the minimal libc without a good reason, most of the
functions are available directly when using newlib, so there is no
reason why we need to restrict those in minimal libc.
Jira: ZEP-1440
Change-Id: If0a3adf4314e2ebdf0e139dee3eb4f47ce07aa89
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
snprintf() implements the ability to foce a negative value through the
(unsigned) size_t len parameter to allow the formatter to use a
maximum size string.
This is point less, we don't have as much memory and this is a recipe
for all kinds of vulnerabilities.
Kill the whole thing, the testcase it represents and thank Coverity
for finding this thing. Whatever use it had before, it has no more.
Change-Id: If422246548664699d8aa328a1b9304ef13cab7ea
Coverity-ID: 131625
Coverity-ID: 131626
Signed-off-by: Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com>
Coverity reported a block of deadcode in _prf() that seems to be a
leftover carcass from a previous time. Replaced with a comment in case
someone decides it was needed back.
Change-Id: Id97e84f3279f807e6188371f27f6af157e6d5038
Coverity-ID: 131631
Signed-off-by: Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com>
This is a tentative fix for CID 93807, a valid Coverity warning;
however the code is valid too.
We can choose to silence the warning or rewrite the code in a way that
makes it more verbose but keeps Coverity happy.
Coverity complains about doing an implicit fallthrough in switch case
statement. I prefer patching the code to make it explicit, as the
compiler will optimize out, to avoid having to constantly filter out
the checker's warnings.
Coverity-CID: 93807
Change-Id: I7be334d48567bf52fc2b21de043310e0f73b72db
Signed-off-by: Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com>
Remove the function wrappers around the 64 bit math and just use C
syntax natively, combining ops where appropriate (e.g. there was a
sequence implementing "(x<<2+x)<<2" to do "multiply by 10"). The
_ldiv5 and _rlrshift routines are non-standard ops that provide useful
abstraction, so they remain as separate functions.
Change-Id: I4d83847348fdd7be09887b833c8ccbd2aa1e4182
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
The _to_float() implementation had a somewhat kludgey hand-written 64
bit math implementation, which is unhelpful on Zephyr as all our
toolchains provide a working uint64_t runtime. This is at best just
dupicated code from libgcc, and at worst less efficient.
This patch replaces the existing 64 bit minilibrary but keeps the
uint32_t[2] API as is for ease of validation and review.
One exception is _ldiv5, a specialized divide-by-five implementation.
The 64 bit division routines are large on some architectures (ARM and
ARC in particular), not pulled in by a default Zephyr build, and will
swamp the benefit from this patch. So this includes a
refactored/improved _ldiv5 which leverages libgcc for multiword shifts
instead of just using raw division.
Note also the "noinline" attribute on _ladd(). This is a workaround
for an apparent compiler bug when built with -Og or -Os (hand-hacking
the Makefiles to build with -O0 works), perhaps due to my aliasing the
int array with a long long. This will go away in phase 2.
Change-Id: I63e8c82dabe2bfaa75b63ddb59e5f11d51be538e
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
The _to_float routine was apparently written to be able to take a 32
bit float bit representationa as well as a 64 bit double. But in a
printf routine, that can never happen per the C standard (where floats
are always promoted to doubles in varargs context).
This was just hard-configured to 1 at the top of the file, and nothing
else in the project sets "DOUBLE" to try to change it. Just remove
it. If we ever want code to convert a float to a double in memory so
we can use this routine, we have it in libgcc. Or even in hardware on
the FPU where available.
Change-Id: I796814c0fce3ce96faa34fde8da411a28c826699
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Hex, octal and decimal all had separately implemented reduction loops
to generate strings. With only a little work these can all be unified
to a single implementation that works with an arbitrary base.
Performance is probably a little lower owing to the fact that
hex/octal now requires a division per character, and the extra
"reverse the string" trick at the end of the conversion. But code
size savings are substantial.
Change-Id: I11ff376aeca1483f974d328271e19918221b2a41
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
The 'z' length specifier is the appropriate one to be used with size_t
(%zu) and ssize_t (%zd) types. Having support for this in our libc
means that we can utilize the compiler format string checks
(__printf_like) without getting warnings of incorrect format
specifiers for size_t and ssize_t variables.
Change-Id: I73fec0145692e0a59934cab548caf24c1c16a3df
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The strstr function finds the first occurrence of a substring
in another string, null terminated strings are not compared, this
function is added for compability for porting other libraries (like
mbedtls)
Jira: ZEP-327
Origin: http://www.leidinger.net/freebsd/dox/libkern/html/d3/d29/
strstr_8c_source.html
Change-Id: I52aac218ce0bd86373ec60f5afc49a92c85f6319
Signed-off-by: Sergio Rodriguez <sergio.sf.rodriguez@intel.com>
When capping the the absolute value of the width modifier in printf(),
it must first be cast to an 'unsigned'. This stems from the fact that
in two's complement, not all negative numbers have a positive counterpart.
Change-Id: I3e6f92f68ab1b8dab48bbf883c5ad4b078a93f87
Signed-off-by: Peter Mitsis <peter.mitsis@windriver.com>
Updates the minimal libc headers for differences between the C and C++
languages. This includes ...
1. Conditionally defining "bool", "true" and "false" as they are
already keywords in C++.
2. Making the definition of NULL language dependent.
3. Using the _Restrict macro instead of the restrict keyword as
restrict exists in C, but not in C++.
4. Changing the definition of size_t so that it is compatible with
what the compiler expects when building the new operator stubs
(as it varies by architecture).
Change-Id: I37ff058a60b90a05f96e9dd6f61d454d143041ce
Signed-off-by: Peter Mitsis <peter.mitsis@windriver.com>
Provides proper access to the per-thread errno variable, by using the
_get_errno() call.
Users can now do:
errno = EINVAL;
printk("errno: %d\n", errno);
Change-Id: I0ef365199656d002623b39b7f45f14f561501375
Signed-off-by: Benjamin Walsh <benjamin.walsh@windriver.com>
The previous implementation mistakenly kept outputting the first
character of the string endlessly.
Change-Id: I299c627a52158218be8e88c952935edb87a636fe
Suggested-by: Tom Yeon <tom.yeon@windriver.com>
Signed-off-by: Allan Stephens <allan.stephens@windriver.com>
Balaji Kulkarni