With 64 bytes heap and 1 byte allocation on a big heap, we get:
0 1 2 3 4 5 6 7
| h | h | b | b | c | 1 | s | f |
where
- h: chunk0 header
- b: buckets in chunk0
- c: chunk header for the first allocation
- 1: chunk mem
- s: solo free header
- f: end marker / footer
max_chunkid() was returning h->end_chunk - min_chunk_size(h), which is
5 because min_chunk_size() on a big heap is 2. This works if you
don't have the solo free header at 6 and the heap is like:
0 1 2 3 4 5 6
| h | h | b | b | c | 1 | f |
max_chunkid() in this case gives you 6 - 2 = 4, which is the right
chunkid for the last chunk header.
This commit replaces max_chunkid() with h->end_chunk and "<=" (less
than or equal to) with "<" (less than), so that it always compares
against the end maker chunkid, but the code won't touch the end maker
itself.
Signed-off-by: Yasushi SHOJI <yashi@spacecubics.com>
a switch was converted to an if statement and still had a default,
something went really wrong here.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Current "switch" operator with one case replace with the "if"
operator, because every switch statement shall have at least
two case-clauses.
Found as a coding guideline violation (MISRA R16.1) by static
coding scanning tool.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
According to the Zephyr Coding Guideline all switch statements
shall be well-formed.
Added a default labels to switch-clauses without them.
Added comments to the empty default cases.
Found as a coding guideline violation (MISRA R16.1) by static
coding scanning tool.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
An 'if' (expression) construct shall be followed by a compound
statement.
Add braces to improve readability and maintainability.
Found as a coding guideline violation (MISRA R15.6) by static
coding scanning tool.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
Function types shall be in prototype form with named parameters
Found as a coding guideline violation (MISRA R8.2) by static
coding scanning tool.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
Statement "cont = dropped_item != NULL" first checks if "dropped_item"
returns null or not null, then assigns to "cont".
If "dropped_item" is null then "cont = 0",
if "dropped_item" is not null then "cont = 1".
As a result in line below no need to check "dropped_item" again
It is enough to check state of the "cont" variable,
to be sure what returned "dropped_item".
Found as a coding guideline violation (MISRA R4.1) by static
coding scanning tool.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
In code is a variable "chunksz_t chunksz" that has the same name as
function "chunksz_t chunksz()" in the one heap.h file.
Create unique variable name to avoid misreading in the future.
Found as a coding guideline violation (MISRA R5.9) by static
coding scanning tool.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
The K_HEAP_DEFINE macro would allow users to specify heaps that are
too small, leading to potential corruption events (though at least
there were __ASSERTs that would catch this at runtime if enabled).
It would be nice to put the logic to compute this value into the heap
code, but that isn't available in kernel.h (and we don't want to pull
it in as this header is already WAY to thick). So instead we just
hand-compute and document the choice. We can address bitrot problems
with a test.
(Tweaks to heap size asserts and correct size bounds from Nicolas Pitre)
Fixes#33009
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
work_q.c is not being built or used, it was replaced by user_work.c
which now has k_work_user_queue_start.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
File has next violations:
MISRA 11_9_a
Use NULL instead of literal zero (0) as the null-pointer-constant
MISRA 11_9_b
Literal zero (0) shall not be used as the null-pointer-constant
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
File zephyr/lib/os/cbprintf_nano.c had operands with different types.
It caused Rule 10.4 violation.
Both operands of an operator in which the usual arithmetic conversions
are performed shall have the same essential type category.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
coding guidelines 10.4: casting operands to have same types
File zephyr/lib/os/cbprintf_nano.c had operands with different types.
It caused Rule 10.4 violation.
Both operands of an operator in which the usual arithmetic conversions
are performed shall have the same essential type category.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
removed cast to int
This introduces bit arrays as a new data type. This is different
than sys_bitfield as it is working on raw arrays of 32-bit
data. The bit arrays encode additional data inside the struct
to avoid going beyond the declared number of bits, and also
provides locking.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Previously, when no overwrite mode was used and there was no space
no packet was dropped. However, it should be allowed to drop skip
packet that may be added as padding at the end of the buffer.
Extended dropping scheme to drop skip packets in no overwrite mode.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Added early return from mpsc_pbuf_alloc when requested size
exceed the buffer capacity. Previously, in that case buffer
was falling into endless loop.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Currently P4WQ supports queues with sets of user-provided
worked threads of arbitrary numbers. These threads are started
immediately upon initialisation.
This patch adds support for 3 more thread implementation options:
1. queue per thread. It adds a K_P4WQ_ARRAY_DEFINE() macro which
initialises an array of queues and threads of the same number.
These threads are then uniquely assigned to respective queues.
2. delayed start. With this option threads aren't started
immediately upon queue initialisation. Instead a new function
k_p4wq_enable_static_thread() has to be called to enable those
threads individually.
3. queue per CPU. With this option the user can assign CPU masks
to threads when calling k_p4wq_enable_static_thread().
Otherwise the cpu_mask parameter to that function is ignored.
Currently enabling this option implies option 2 above. Also so
far to enable queues per CPU the user has to use
K_P4WQ_ARRAY_DEFINE(), which means this option also implies 1
above, but both these restrictions can be relaxed in the
future if required.
Signed-off-by: Guennadi Liakhovetski <guennadi.liakhovetski@linux.intel.com>
Work items in P4WQ currently belong to the user before submission
and after exit from the handler, therefore, unless the handler
re-submits the item, accessing it in p4wq_loop() in such cases
is racy. To fix this we re-define work item ownership. Now the
item belongs to the P4WQ core until the user calls
k_p4wq_wait(). If the work item has its .sync flag set, the
function will sleep until the handler completes processing the
work item or until the timeout expires. If .sync isn't set and
the handler hasn't processed the item yet, the function returns
-EBUSY.
Signed-off-by: Guennadi Liakhovetski <guennadi.liakhovetski@linux.intel.com>
When SMP is disabled, the SMP initialisation level is
undefined, therefore a different level must be used.
Signed-off-by: Guennadi Liakhovetski <guennadi.liakhovetski@linux.intel.com>
Reboot functionality has nothing to do with PM, so move it out to the
subsys/os folder.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
onoff, p4wq, and sem had several places missing final else
statement in the if else if construct. This commit adds
else {} to comply with coding guideline 15.7.
Signed-off-by: Jennifer Williams <jennifer.m.williams@intel.com>
heap* had several places missing final else statement in the
if else if construct. This commit adds else {} to comply with
coding guideline 15.7.
Signed-off-by: Jennifer Williams <jennifer.m.williams@intel.com>
cbprintf_* had several places missing final elsestatement in the
if else if construct. This commit adds else {} to comply with
coding guideline 15.7.
Signed-off-by: Jennifer Williams <jennifer.m.williams@intel.com>
NIOS2 is using _image_rodata_start/_end in its linker script
to mark the boundaries of rodata. So they no loner need
special treatment.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
The lib/os/ had several places missing final else
statement in the if else if construct. This commit adds
else {} or simple refactor to comply with coding guideline 15.7.
- cbprintf_complete.c
- cbprintf_nano.c
- heap-validate.c
- heap.c
- onoff.c
- p4wq.c
- sem.c
Also resolves the checkpatch issue of comments should align * on
each line.
Signed-off-by: Jennifer Williams <jennifer.m.williams@intel.com>
get_child does not return an essentially boolean type, so it has to be
properly checked against a pointer.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Added optional debug prints. Logging cannot be used because
mpsc pbuf is used by the logging.
Added option to clear packet memory after allocation. Option is
enabled in Kconfig.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Added module for storing variable length packets in a ring buffer.
Implementation assumes multiple producing contexts and single consumer.
API provides zero copy functionality with alloc, commit, claim, free
scheme.
Additionally, there are functions optimized for storing single word
packets and packets consisting of a word and a pointer. Buffer can work
in two modes: saturation or overwriting the oldest packets when buffer
has no space to allocate for a new buffer.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
The if ... else if ... construct was missing the final else.
This commit refactors it to comply with coding guideline 15.7.
The logic is to check if used or free, and do not increment
for the reserved chunks (first/last) in the heap.
Signed-off-by: Jennifer Williams <jennifer.m.williams@intel.com>
Allow NULL data buffers to be provided to `ring_buf_get` and
`ring_buf_item_get`, in which case data will be discarded instead of
copied out to the user.
Fixes#33488.
Signed-off-by: Jordan Yates <jordan.yates@data61.csiro.au>
This functions is being called across the tree, no reason why it should
not be a public API.
The current usage violates a few MISRA rules.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Split ARM and ARM64 architectures.
Details:
- CONFIG_ARM64 is decoupled from CONFIG_ARM (not a subset anymore)
- Arch and include AArch64 files are in a dedicated directory
(arch/arm64 and include/arch/arm64)
- AArch64 boards and SoC are moved to soc/arm64 and boards/arm64
- AArch64-specific DTS files are moved to dts/arm64
- The A72 support for the bcm_vk/viper board is moved in the
boards/bcm_vk/viper directory
Signed-off-by: Carlo Caione <ccaione@baylibre.com>
Unified define used for handling sparc case in static and
runtime packaging. Reworked macro for storing argument in
static packaging.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Added parameter to CBPRINTF_STATIC_PACKAGE which indicates buffer
alignment offset compared to CBPRINTF_PACKAGE_ALIGNMENT. When offset
is set to 0, macro assumes that input buffer is aligned to
CBPRINTF_PACKAGE_ALIGNMENT. When offset is positive, macro assumes
that buffer address is shifted by given number of bytes to
CBPRINTF_PACKAGE_ALIGNMENT alignment.
Extended cbprintf_package to use len argument as alignment offset
indicator when calculating length only (package pointer is null).
Features are not available for xtensa platform which seems to
require 16 byte alignment from the package. It is only an assumption
due to lack of the documentation and may be fixed in the future.
Feature allows to avoid unnecessary padding when package is part of
a message and preceeded by a header of a known size. For example,
message header on 32 bit architecture has 12 bytes, long doubles are
not used so cbprintf requires 8 byte alignment. Without alignment
offset indicator, package containing just a string with one argument
would need 4 byte padding after the header and 4 byte padding after
the package. Message would be 32 bytes long. With alignment offset
indication both paddings are not needed and message is only 24 bytes
long.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
This symbol is reserved and usage of reserved symbols violates the
coding guidelines. (MISRA 21.2)
NAME
exp, expf, expl - base-e exponential function
SYNOPSIS
#include <math.h>
double exp(double x);
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
This symbol is reserved and usage of reserved symbols violates the
coding guidelines. (MISRA 21.2)
NAME
fgetpos, fseek, fsetpos, ftell, rewind - reposition a stream
SYNOPSIS
#include <stdio.h>
void rewind(FILE *stream);
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
This symbol is reserved and usage of reserved symbols violates the
coding guidelines. (MISRA 21.2)
NAME
fgetpos, fseek, fsetpos, ftell, rewind - reposition a stream
SYNOPSIS
#include <stdio.h>
void rewind(FILE *stream);
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
The size_t usage, especially in struct z_heap_bucket made the heap
header almost 2x bigger than it needs to be on 64-bit systems.
This prompted me to clean up our type usage to make the code more
efficient and easier to understand. From now on:
- chunkid_t is for absolute chunk position measured in chunk units
- chunksz_t is for chunk sizes measured in chunk units
- size_t is for buffer sizes measured in bytes
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
Yasushi SHOJI