Threads that are sleeping forever may be woken up with
k_wakeup(), this shouldn't fail assertions.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
LCOV/gcovr doesn't understand what CODE_UNREACHABLE means.
Adding LCOV_EXCL_LINE to the macro definition unfortunately
doesn't work.
Exclude a bit of code which spins endlessly when multi-
threading is disabled that runs after the coverage report
is dumped.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
We don't get any coverage past when we dump the coverage data,
so exclude the end of the function and move setting the main
thread as nonessential to immediately before the coverage dump.
The comment was also amended.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
data copying and bss zero are called from arch code
before z_cstart(), and coverage data gathering doesn't
work properly at that point. Not all arches use this
code anyway, some do it in optimized assembly instead.
Weak main() is also excluded; it does nothing and every
test overrides it.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
The k_stack data type cannot be u32_t on a 64-bit system as it is
often used to store pointers. Let's define a dedicated type for stack
data values, namely stack_data_t, which can be adjusted accordingly.
For now it is defined to uintptr_t which is the integer type large
enough to hold a pointer, meaning it is equivalent to u32_t on 32-bit
systems and u64_t on 64-bit systems.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
We introduce k_float_disable() system call, to allow threads to
disable floating point context preservation. The system call is
to be used in FP Sharing Registers mode (CONFIG_FP_SHARING=y).
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Change removes tracing hooks before threads are initialized
and thread switched out hook for ARM before first time switching
to main thread.
Signed-off-by: Marek Pieta <Marek.Pieta@nordicsemi.no>
Given that the section name and boundary simbols can be inferred from
the struct object name, it makes sense to create an iterator that
abstracts away the access details and reduce the possibility for
mistakes.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
This name collides with one in the bt subsystem, and wasn't named in
proper zephyrese anyway.
Fixes#16604
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
We had both kernel and os as domains covering low level layers, just use
one and fix the issue of the os domain not being registered.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
The internal "reschedule" API has always understood the idea that it
might run in a ISR context where it can't swap. But it has always
been happy to swap away when in thread mode, even when the environment
contains an outer lock that would NOT be expecting to swap! As it
happened, the way irq locks are implemented (they store flag state
that can be restored without context) this would "work" even though it
was completely breaking the synchronization promise made by the outer
lock.
But now, with spinlocks, the error gets detected (albeit in a clumsy
way) in debug builds. The unexpected swap triggers SPIN_VALIDATE
failures in later threads (this gets reported as a "recursive" lock,
but what actually happened is that another thread got to run before
the lock was released and tried to grab the same lock).
Fix this so that swap can only be called in a situation where the irq
lock key it was passed would have the effect of unmasking interrupts.
Note that this is a real behavioral change that affects when swaps
occur: it's not impossible that there is code out there that actually
relies on this "lock breaking reschedule" for correct behavior. But
our previous implementation was irredeemably broken and I don't know
how to address that.
Fixes#16273
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
The z_reschedule() call (as of the accompanying fix) will not swap
away from a thread if called with a nested irq lock held.
But for the specific case of aborting the current thread, we
absolutely need to swap regardless of how many locks the thread that
just aborted might have held. So call z_swap() explicitly here.
This preserves the existing z_reschedule() call in other circumstances
for compatibility with existing test cases, but adds a note explaining
why it's there when the only obvious reason for it is already covered.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
We do have a multi-architecture latency benchmark now, this one was x86
only, was never used or compiled in and is out-dated.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
This stores a combination of a pointer and a CPU number in the low
2 bits. On 64-bit systems, the pointer part won't fit in an int.
Let's use uintptr_t for this purpose.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
Memory boundaries are declared as extern char arrays which can be used
directly rather than casting their addresses. The cast to u32_t also
breaks 64-bit builds.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
- Delete CONFIG_TEST_USERSPACE=n no-ops because it's the default
since commit 7b1ee5cf13
- Some tests have a "userspace" tag pretending to TEST_USERSPACE but
don't and vice versa: fix missing or spurious "userspace" tags in
testcase.yaml files.
Tests have a _spurious_ "userspace" tag when they PASS this command
cause none should pass:
./scripts/sanitycheck --tag=userspace -p qemu_x86 \
--extra-args=CONFIG_TEST_USERSPACE=n \
--extra-args=CONFIG_USERSPACE=n | tee userspace.log
All tests run by this command must either fail to build or fail to run
with some userspace related error. Shortcut to look at all test
failures:
zephyr_failure_logs() {
awk '/see.*log/ {print $2}' "$@"
}
Tests _missing_ "userspace" tag FAIL to either build or to run with some
userspace related error when running this:
./scripts/sanitycheck --exclude=userspace -p qemu_x86 \
--extra-args=CONFIG_TEST_USERSPACE=n \
--extra-args=CONFIG_USERSPACE=n | tee excludeuserspace.log
Note the detection methods above are not 100% perfect because some
flexible tests like tests/kernel/queue/src/main.c evade them with #ifdef
CONFIG_USERSPACE smarts. Considering they never break, it is purely the
test author's decision to include or not such flexible tests in the
"userspace" subset.
Signed-off-by: Marc Herbert <marc.herbert@intel.com>
Remove a redundant #ifdef CONFIG_MULTITHREADING guard
for a code block already inside CONFIG_MULTITHREADING.
Add some inline #endif comments for ease of reading.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
For architectures with custom swap to main, currently:
- arm
- posix
we are now using K_THREAD_STACK_SIZEOF macro to pass the
main thread stack size to z_arch_switch_to_main_thread().
This does not introduce any behavioral changes for posix;
the K_THREAD_STACK_SIZEOF() simply returns the sizeof()
the stack object. For Arm, this allows us to clean-up one
more occurence of CONFIG_MPU_REQUIRES_POWER_OF_TWO_ALIGNMENT
in kernel_arch_func.h.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
If the system sets its clock frequency at runtime, this is
stored in a variable that can't be directly read by user
mode. For this case only, add a system call to fetch its
value and modify the definition of
sys_clock_hw_cycles_per_sec() to use it.
Since this is now a system call, store in a temporary variable
inside z_ms_to_ticks(). The syscall overhead only applies
when called from user mode, other contexts are completely
inlined.
Added stub syscall header for mocking framework, to get rid
of inclusion errors.
Fixes: #16238
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Add k_usleep() API, analogous to k_sleep(), excepting that the argument
is in microseconds rather than milliseconds.
Signed-off-by: Charles E. Youse <charles.youse@intel.com>
Current z_impl_k_sleep() does double duty, converting between units
specified by the API and ticks, as well as implementing the sleeping
mechanism itself. This patch separates the API from the mechanism,
so that sleeps need not be tied to millisecond timescales.
Signed-off-by: Charles E. Youse <charles.youse@intel.com>
When compiling the kernel with CONFIG_SYS_CLOCK_TICKS_PER_SEC=0,
the CONFIG_SYS_CLOCK_EXISTS internal variable is unset.
This completely disables timer handling in the kernel, but a couple of
spots missed the required conditional compilation.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Use the new math_extras functions instead of calling builtins directly.
Change a few local variables to size_t after checking that all uses of
the variable actually expects a size_t.
Signed-off-by: Jakob Olesen <jolesen@fb.com>
k_stack_alloc_init() was creating a buffer that was 4 times
too small to support the requested number of entries, since
each entry in a k_stack is a u32_t.
Fixes: #15911
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
We are just at the knife edge with 512, with stack
overflows being observed with stack canaries enabled.
Given the special case for the idle thread stack size
on this arch, seems reasonable to increase it here
for that arch.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
When some header are included into C++ source file, this kind of
compilations errors are generated:
error: invalid conversion from 'void*'
to 'u32_t*' {aka 'unsigned int*'} [-fpermissive]
Signed-off-by: Benoit Leforestier <benoit.leforestier@gmail.com>
Update the name of mem-domain API function to add a partition
so that it complies with the 'z_' prefix convention. Correct
the function documentation.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
STACK_POINTER_RANDOM depends on a random generator, this can be either a
non-random generator (used for testing purpose) or a real random
generator. Make this dependency explicitly in Kconfig to avoid linking
problems.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
We don't actually need spinlocks here.
For user_copy(), we are checking that the pointer/size passed in
from user mode represents an area that the thread can read or
write to. Then we do a memcpy into the kernel-side buffer,
which is used from then on. It's OK if another thread scribbles
on the buffer contents during the copy, as we have not yet
begun any examination of its contents yet.
For the z_user_string*_copy() functions, it's also possible
that another thread could scribble on the string contents,
but we do no analysis of the string other than to establish
a length. We just need to ensure that when these functions
exit, the copied string is NULL terminated.
For SMP, the spinlocks are removed as they will not prevent a
thread running on another CPU from changing the buffer/string
contents, we just need to safely deal with that possibility.
For UP, the locks do prevent another thread from stepping
in, but it's better to just safely deal with it rather than
affect the interrupt latency of the system.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
The struct _caller_saved is not used. Most architectures put
automatically the registers onto stack, in others architectures the
exception code does it.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
The struct _kernel_ach exists only because ARC' s port needed it, in
all other ports this was defined as an empty struct. Turns out that
this struct is not required even for ARC anymore, this is a legacy
code from nanokernel time.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
revert commit 3e255e968 which is to adjust stack size
on qemu_x86 platform for coverage test, but break other
platform's CI test.
Fixes: #15379.
Signed-off-by: Wentong Wu <wentong.wu@intel.com>
for SDK 0.10.0, it consumes more stack size when coverage
enabled, so adjust stack size to fix stack overflow issue.
Fixes: #15206.
Signed-off-by: Wentong Wu <wentong.wu@intel.com>
Update the files which contain no license information with the
'Apache-2.0' SPDX license identifier. Many source files in the tree are
missing licensing information, which makes it harder for compliance
tools to determine the correct license.
By default all files without license information are under the default
license of Zephyr, which is Apache version 2.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
If a test tries to create a user thread, and the platform
suppors user mode, and CONFIG_TEST_USERSPACE has not been
enabled, fail an assertion.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This macro is slated for complete removal, as it's not possible
on arches with an MPU stack guard to know the true buffer bounds
without also knowing the runtime state of its associated thread.
As removing this completely would be invasive to where we are
in the 1.14 release, demote to a private kernel Z_ API instead.
The current way that the macro is being used internally will
not cause any undue harm, we just don't want any external code
depending on it.
The final work to remove this (and overhaul stack specification in
general) will take place in 1.15 in the context of #14269Fixes: #14766
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
for SDK 0.10.0, it consumes more stack size when coverage enabled
on qemu_x86 and mps2_an385 platform, adjust stack size for most of
the test cases, otherwise there will be stack overflow.
Fixes: #14500.
Signed-off-by: Wentong Wu <wentong.wu@intel.com>
Rename reserved function names in arch/ subdirectory. The Python
script gen_priv_stacks.py was updated to follow the 'z_' prefix
naming.
Signed-off-by: Patrik Flykt <patrik.flykt@intel.com>
For systems without userspace enabled, these work the same
as a k_mutex.
For systems with userspace, the sys_mutex may exist in user
memory. It is still tracked as a kernel object, but has an
underlying k_mutex that is looked up in the kernel object
table.
Future enhancements will optimize sys_mutex to not require
syscalls for uncontended sys_mutexes, using atomic ops
instead.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Checking the stack sentinel may abort the current thread,
make this check before we determine what the next thread
to run is.
Fixes: #15037
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
There are some remaining code from object monitoring which simply
expands to empty loop macros. Remove them as they are not
functional anyway.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Clarify the warning in the help for CONFIG_MULTITHREADING to make it
clear that many things will break if this is set to 'n'.
Signed-off-by: David Brown <david.brown@linaro.org>
Andrew Boie