The mempool operations need to be atomic, but because of latency
concerns (the allocator is intended for use in an ISR) the locking was
designed to be as minimal as possible. And it... mostly got it right.
All the list handling was correctly synchronized. The merging of four
child blocks into a parent block was atomic. The splitting of a block
into four children was atomic.
BUT: there was a moment between the allocation of a large block and
the re-addition of its three unused children where the lock was being
released. This meant that another context (e.g. an ISR that just
fired, interrupting the existing call to k_mem_pool_alloc()) would see
some memory "missing" that wasn't actually allocated. And if this
happens to have been the top level block, it's entirely possible that
the whole heap looks empty, even though the other allocator might have
been doing only the smallest allocation!
Fix that by making the "remove a block then add back the three
children we don't use" into an atomic step. We can still relax the
lock between levels as we split the subblocks further.
(Finally, note that this trick allows a somewhat cleaner API as we can
do our "retry due to race" step internally by walking back up the
block size list instead of forcing our caller to do it via that weird
-EAGAIN return value.)
Fixes#11022
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
These changes were obtained by running a script created by
Ulf Magnusson <Ulf.Magnusson@nordicsemi.no> for the following
specification:
1. Read the contents of all dts_fixup.h files in Zephyr
2. Check the left-hand side of the #define macros (i.e. the X in
#define X Y)
3. Check if that name is also the name of a Kconfig option
3.a If it is, then do nothing
3.b If it is not, then replace CONFIG_ with DT_ or add DT_ if it
has neither of these two prefixes
4. Replace the use of the changed #define in the code itself
(.c, .h, .ld)
Additionally, some tweaks had to be added to this script to catch some
of the macros used in the code in a parameterized form, e.g.:
- CONFIG_GPIO_STM32_GPIO##__SUFFIX##_BASE_ADDRESS
- CONFIG_UART_##idx##_TX_PIN
- I2C_SBCON_##_num##_BASE_ADDR
and to prevent adding DT_ prefix to the following symbols:
- FLASH_START
- FLASH_SIZE
- SRAM_START
- SRAM_SIZE
- _ROM_ADDR
- _ROM_SIZE
- _RAM_ADDR
- _RAM_SIZE
which are surprisingly also defined in some dts_fixup.h files.
Finally, some manual corrections had to be done as well:
- name##_IRQ -> DT_##name##_IRQ in uart_stm32.c
Signed-off-by: Andrzej Głąbek <andrzej.glabek@nordicsemi.no>
Private kernel data structure which should not be accessible to
userspace threads. Mark with __kernel.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
FD method tables contain function pointers, and thus should be
const and reside in ROM. This patch fixes all cases of FD vtable
definitions: for POSIX FS API and for sockets.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
If we don't have Newlib, the more or less POSIX library, it's unclear
how to deal with POSIX stdin/stdout/stderr at all.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
This is simplistic implementation which just redirects to (likewise
simplistic) implementation in lib/libc/newlib/libc-hooks.c. This
should be replaced with bindings to "real console", but what should
be a "real console" is so far discussed, at the RFC stage.
This implementation goes into the fdtable.c itself to keep all those
things nicely static. (This is again likely will change when we have
"real console", but again, it's so far not clear where it would
belong, so at least avoid creating random files to be deleted later).
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
read/write/etc. are defined in case CONFIG_POSIX_API is defined, and
we shouldn't provide duplicates.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
All the handling of POSIX file descriptors is now done by fdtable.c.
fs.c still manages its own table of file structures of the underlying
fs lib.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
The table allows to wrap read/write (i.e. POSIX-compatible) semantics
of any I/O object in POSIX-compatible fd (file descriptor) handling.
Intended I/O objects include files, sockets, special devices, etc.
The table table itself consists of (underlying obj*, function table*)
pairs, where function table provides entries for read(), write, and
generalized ioctl(), where generalized ioctl handles all other
operations, up to and including closing of the underlying I/O object.
Fixes: #7405
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
k_poll_signal was being used by both, struct and function. Besides
this being extremely error prone it is also a MISRA-C violation.
Changing the function to contain a verb, since it performs an action
and the struct will be a noun. This pattern must be formalized and
followed and across the project.
MISRA-C rules 5.7 and 5.9
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Fix a compile warning if we build using int types defined to match the
compiler. We get the following warnings:
lib/mempool/mempool.c: In function ‘sys_mem_pool_alloc’:
lib/mempool/mempool.c:317:48: warning: passing argument 3 of ‘_sys_mem_pool_block_alloc’ from incompatible pointer type [-Wincompatible-pointer-types]
if (_sys_mem_pool_block_alloc(&p->base, size, &level, &block,
^
lib/mempool/mempool.c:221:5: note: expected ‘u32_t * {aka long unsigned int *}’ but argument is of type ‘int *’
int _sys_mem_pool_block_alloc(struct sys_mem_pool_base *p, size_t size,
^~~~~~~~~~~~~~~~~~~~~~~~~
lib/mempool/mempool.c:317:56: warning: passing argument 4 of ‘_sys_mem_pool_block_alloc’ from incompatible pointer type [-Wincompatible-pointer-types]
if (_sys_mem_pool_block_alloc(&p->base, size, &level, &block,
^
lib/mempool/mempool.c:221:5: note: expected ‘u32_t * {aka long unsigned int *}’ but argument is of type ‘int *’
int _sys_mem_pool_block_alloc(struct sys_mem_pool_base *p, size_t size,
^~~~~~~~~~~~~~~~~~~~~~~~~
Make local variables block & level u32_t to match what
_sys_mem_pool_block_alloc expects.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
This reverts commit 25fb2302f1.
The bluetooth l2cap code was using these errno values but changed to
using more standard EPERM instead, so lets remove the defines since
nothing uses them.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
write() function is not supposed to change buffer passed to it, so
propagate const pointer param to all write-like functions used/defined
in this file.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Some third-party components include this file without really needing
any symbols from it. Presence of this file allows to build them
against minimal libc, whereas previously they forced Newlib.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Placing it at sys/fcntl.h was due to mimicking internal newlib's
layout, but what we need is this file at the standard location,
for reuse.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Extended ring buffer to allow storing raw bytes in it. API has been
extended keeping 'data item' mode untouched.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Deprecate API prefixed with sys_ring_buf_ and rename it
to ring_buf_item_ since this API is not a typical ring buffer
but ring buffer of data items (metadata + 32bit words).
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
For read/write/lseek, use size_t and off_t types, as mandated by
POSIX:
http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/unistd.h.html
Also, prototypes of unistd.h functions should not depend on
CONFIG_POSIX_FS, as (many) of them deal with generic I/O, not with
files in filesystem per se.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Fixed some Kconfig inconsistencies around THREAD_CUSTOM_DATA,
POLL and NUM_PREEMPT_PRIORITIES.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
It so happened that previously CONFIG_PTHREAD_IPC served this role.
But pthreads and IPC is only parts of POSIX, orthogonal to other
services.
Move CONFIG_POSIX_FS, etc. out from CONFIG_PTHREAD_IPC.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Calling pthread_join() with current thread would lead
to deadlock. Adding check for it and to return
appropriate error code.
Signed-off-by: Spoorthi K <spoorthi.k@intel.com>
Under GNU C, sizeof(void) = 1. This commit merely makes it explicit u8.
Pointer arithmetics over void types is:
* A GNU C extension
* Not supported by Clang
* Illegal across all ISO C standards
See also: https://gcc.gnu.org/onlinedocs/gcc/Pointer-Arith.html
Signed-off-by: Mark Ruvald Pedersen <mped@oticon.com>
ENOTSUP is not being used correctly in
pthread_attr_setschedparam(), hence
replaced its check for EINVAL instead.
Signed-off-by: Niranjhana N <niranjhana.n@intel.com>
Added EAGAIN error code in pthread_create()
with fixing the EINVAL return as it is
limited to attribute checking.
Signed-off-by: Niranjhana N <niranjhana.n@intel.com>
Added return of ESRCH error code in
pthread_getschedparam() when the
specified thread could not be found.
Signed-off-by: Niranjhana N <niranjhana.n@intel.com>
Change APIs that essentially return a boolean expression - 0 for
false and 1 for true - to return a bool.
MISRA-C rule 14.4
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Make if statement using pointers explicitly check whether the value is
NULL or not.
The C standard does not say that the null pointer is the same as the
pointer to memory address 0 and because of this is a good practice
always compare with the macro NULL.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Any word started with underscore followed by and uppercase letter or a
second underscore is a reserved word according with C99.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
The return of memset is never checked. This patch explicitly ignore
the return to avoid MISRA-C violations.
The only directory excluded directory was ext/* since it contains
only imported code.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Contains defines enough to compile BSD Sockets subsystem. Values are
compatible with Newlib.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Add a private variable `rt_clock_base` that can be used to determine a
real-time clock by using the `k_uptime_get` clock. Once `clock_settime`
is added, this can allow us to have a meaningful real time clock.
Signed-off-by: David Brown <david.brown@linaro.org>
Provide an implementation of gettimeofday(). This uses clock_gettime()
with the CLOCK_REALTIME parameter, which is currently unimplemented, but
will allow clients to call this function once this functionality has
been implemented.
Signed-off-by: David Brown <david.brown@linaro.org>
Use the asynchronous version of mbox_put instead of the
synchronous one. Also, add an error check in osMailPut.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
Add few missing NULL checks to avoid crash. Also, minor
refactor of signal code and disable osFeature_Wait to
signify osWait function not implemented.
Signed-off-by: Praful Swarnakar <praful.swarnakar@intel.com>
k_msg_get returns only three possible values, and
osErrorValue is not in osMessageGet spec, hence
removing this unhit else case.
Signed-off-by: Niranjhana N <niranjhana.n@intel.com>
The memory occupied by posix_thread objects are not significant.
Hence, no point in using dynamic allocation.
Addresses #8717.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
stacksize is an unsigned integer and hence there's no need to
check whether it is >= 0 since it is always true. This fixes
the Github issue #9637.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
Replace an else-if case in osSemaphoreWait with
else to account for both EBUSY and EAGAIN return
values from k_sem_take. The return value would be
0 for osSemaphoreWait in both cases.
Signed-off-by: Niranjhana N <niranjhana.n@intel.com>
When a mempool is created with a large number of maximum-size blocks,
the logic for initializing max_inline_level (i.e. when to union the
bitmask with the pointer and when to use the pointer directly) was
wrong. The default state was "zero", which implies that level 0
should be inlined, but that's wrong with >32 base blocks.
Additionally, the type was unsigned, making the "level zero is a
pointer" situation impossible to represent.
Fixes#6727
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Add osErrorTimeoutResource as return value when message
cannot be put in queue during waiting period. Also set
message value only when message is received.
Signed-off-by: Niranjhana N <niranjhana.n@intel.com>
Several code guidelines recommend using uppercase L instead of letter
l (ell) because it can easily be confused with the digit 1 (one).
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Fix the osSignalWait timeout calculation in cases when
waiting on more than one signal event.
Signed-off-by: Praful Swarnakar <praful.swarnakar@intel.com>
Consistently use
config FOO
bool/int/hex/string "Prompt text"
instead of
config FOO
bool/int/hex/string
prompt "Prompt text"
(...and a bunch of other variations that e.g. swapped the order of the
type and the 'prompt', or put other properties between them).
The shorthand is fully equivalent to using 'prompt'. It saves lines and
avoids tricking people into thinking there is some semantic difference.
Most of the grunt work was done by a modified version of
https://unix.stackexchange.com/questions/26284/how-can-i-use-sed-to-replace-a-multi-line-string/26290#26290, but some
of the rarer variations had to be converted manually.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Signals are used to trigger execution states between threads.
These APIs provide functionalities like signal set, clear and
wait.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
These APIs allow creating, allocating and freeing
of mempools.
Note: "Mempool" in CMSIS actually means memslabs in Zephyr.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
These APIs provide the support of virtual timers. All timers
can be started, restarted, or stopped. Timers can be configured
as one-shot or periodic.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
This API is used to fetch the kernel system timer as 32-bit value.
This is analogous to k_cycle_get_32 in the kernel.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
The read/write implementations call directly into the console drivers
using the hook mechanism, causing faults if invoked from user mode.
Add system calls for read() and write() such that we do a privilege
elevation first.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
The stdout console implementations for minimal libc call directly into
the various console drivers (depending on what specifc hooks are
registered) causing faults when invoked from user mode. This happens,
for example, when using printf() which eventually ends up calling
fputc().
The proper solution is to ensure privileges have been elevated before
the _stdout_hook is called. This was already done for printk().
puts() and fputs() have now been re-defined in terms of the
fputc() and fwrite() functions, which are now system calls.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
The errno "variable" is required to be thread-specific.
It gets defined to a macro which dereferences a pointer
returned by a kernel function.
In user mode, we cannot simply read/write the thread struct.
We do not have thread-local storage mechanism, so for now
use the lowest address of the thread stack to store this
value, since this is guaranteed to be read/writable by
a user thread.
The downside of this approach is potential stack corruption
if the stack pointer goes down this far but does not exceed
the location, since a fault won't be generated in this case.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Added 4 new pthread_key APIs for thread-specific data
key creation, deletion, setting and getting the values.
Added a key list to the posix_struct for threads.
Added pthread_once API.
Signed-off-by: Niranjhana N <niranjhana.n@intel.com>
We utilize defines like -ESHUTDOWN in the network stack. To support
this errno value with newlib we need to enable
__LINUX_ERRNO_EXTENSIONS__.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
If we use newlib the isdigit (and other similar functions) return an
error as char can possibly be viewed as signed:
usr/include/ctype.h:57:54: error: array subscript has type ‘char’ [-Werror=char-subscripts]
#define __ctype_lookup(__c) ((__ctype_ptr__+sizeof(""[__c]))[(int)(__c)])
Explicity cast to unsigned char so we deal with both this warning and
possible warning when -Wpointer-sign is enabled.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
For some reason %F wasn't supported initially. Its simple enough to
handle the case difference in infinity and NaN handling to add support
for %F.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
The C standard says that %f should use '[-]inf' or '[-]infinity' (which
style is implementation defined) for infinity handling and '[-]nan' for
NaN.
We where adding a '+' and had the wrong case for 'inf' and 'nan'.
Before -> After
+INF -> inf
-INF -> -inf
NaN -> nan
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
For %{e,E,g,G} conversion specifiers the C standard says the exponent
contains at least two digits, and only as many digits are necessary. So
instead of 1.234000e-001 we should have 1.234000e-01.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
memcpy copies upto (rc-1)th index but the write of NULL character
to the string is at (rc+1)th index skipping (rc)th index.
The fix addresses this as well.
CID: 186491
Fixes Issue #8280
Signed-off-by: Subramanian Meenakshi Sundaram <subbu147@gmail.com>
Bool symbols implicitly default to 'n'.
A 'default n' can make sense e.g. in a Kconfig.defconfig file, if you
want to override a 'default y' on the base definition of the symbol. It
isn't used like that on any of these symbols though.
Also simplify the default on STDOUT_CONSOLE. Defaults can be arbitrary
expressions, not just fixed values.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
The charmap table used by strncasecmp() not only used precious 256
bytes of ROM, it also had wrong mappings outside the ASCII range
(123..218).
Rewrite strncasecmp() to call tolower() instead; might be a tiny wee
little bit slower than the current version, but it's not used in any
performance-sensitive parts of the code to justify the waste.
This reduces the ROM footprint for the ws_echo_server sample by ~224
bytes.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Both variables were used (with the same value) interchangeably
throughout CMake files and per the discussion in GH issue,
ZEPHYR_BASE is preferred.
Also add a comment with explanation of one vs. the other.
Tested by building hello_world for several boards ensuring no errors.
Fixes#7173.
Signed-off-by: Alex Tereschenko <alext.mkrs@gmail.com>
lib/libc/minimal/source/CMakeLists.txt and
lib/libc/minimal/source/stdout/CMakeLists.txt was introduced in
12f8f7616 but it is not used by the build system. CMakeLists.txt in
the parent dir lib/libc/minimal/CMakeLists.txt adds C files to the
target with the lines like:
${CMAKE_CURRENT_SOURCE_DIR}/source/stdlib/atoi.c
${CMAKE_CURRENT_SOURCE_DIR}/source/stdlib/strtol.c
To make other empty CMakeLists.txt explicit, this commit adds a
comment line to them.
Signed-off-by: Yasushi SHOJI <y-shoji@ispace-inc.com>
'default N' should have been 'default n', though they happen to have the
same effect here, due to undefined Kconfig symbols ('N') evaluating to
'n' in a boolean sense.
Kconfig bool symbols implicitly default to 'n', so remove the default
rather than fixing it.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
The minimal libc source files have been added to 'app'. The Zephyr
build system should not be adding source files to the 'app' library
unless necessary.
This patch creates a new Zephyr CMake Library in lib/libc/minimal and
adds the sources to it.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
Use k_uptime_get() to compute both tv_sec and tv_nsec members
of timespec structure.
Fixes#8009
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
Make sure the name string is NULL terminated in the readdir().
CID: 186037
Fixes Issue #7733
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
When we introduced NEWLIB_LIBC_ALIGNED_HEAP_SIZE in commit
42a2c96422. We accidently had the Kconfig
symbol depend on CONFIG_MPU_REQUIRES_POWER_OF_TWO_ALIGNMENT the leading
'CONFIG_' shouldn't exist.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
The pthread mutex changes went in with an adaptation to build with the
new wait queue API, but they did it by using the old dlist hooks
directly through typecasting and union assignment. That... is sort of
the opposite of the intent to having the new API be abstracted. The
pthread code worked, but failed once wait queues (on x86) stopped
being dlists.
Simple fix once I saw the problem, anyway.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
The scheduler priq implementation was taking advantage of a subtle
behavior of the way the tree presents the order of its arguments (the
node being inserted is always first). But it turns out the tree got
that wrong in one spot.
As this was subtle voodoo to begin with, it should have been
documented first. Similarly add a little code to the test case to
guarantee this in the future.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Andy Ross