A previous size optimization capped the pthread_attr_t stacksize
property at 65536. Some Zephyr users felt that was not large
enough for specific use cases.
Modify struct pthread_attr to support large stack sizes by
default with the flexibility to allow users to vary the number
of bits used for both stacksizes and guardsizes.
The default guardsize remains zero sinze Zephyr's stack
allocators already pad stacks with a guard area based on other
config parameters, and since Zephyr is already designed to
support both SW and HW stack protection at the kernel layer.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
Move various utilities out of lib into own folder for better assignement
and management in the maintainer file. lib/os has become another dumping
ground for everything and it the Kconfig and contents in that folder
became difficult to manage, configure and test.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Implement pthread_getguardsize() and pthread_setguardsize().
pthread_getguardsize() and pthread_setguardsize() are required
by the POSIX_THREADS_EXT Option Group as detailed in Section
E.1 of IEEE-1003.1-2017. However, they were formerly part of
XSI_THREADS_EXT.
The XSI_THREADS_EXT Option Group was required for PSE51, PSE52,
PSE53, and PSE54 conformance.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
This change reduces the space occupied by struct pthread_attr
which is the internal type used for pthread_attr_t.
We cap the stack size at 16 bits (so up to 65536 bytes) and
since a stack size of 0 is invalid, we can encode the stack
size by simply subtracting 1 or adding 1 when setting or
getting.
The schedpolicy is capped at 2 bits and initialized,
cancellable, and detached are given 1 bit.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
Use the new HEAP_MEM_POOL_ADD_SIZE_ prefix to construct a minimum
requirement for posix message queue usage. This way we can remove the
"special case" default values from the HEAP_MEM_POOL_SIZE Kconfig
definition.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
All x86 boards have so far set a custom heap memory pool size because of
their dependency on ACPI. It makes more sense to introduce a new
ACPI-specific option, utilizing the recently added
HEAP_MEM_POOL_ADD_SIZE_ Kconfig option prefix, and adjust the default
value as necessary for each board.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add function walking though all DMAR subtables, at the moment only
first subtable is taking into account, which causes bugs for some
boards.
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Since pthread_once() is both the initializer and executor of
pthread_once_t, it can have maximally two states. Since the
implementation in Zephyr previously aimed to maximize libc
compatibility, we opted to use the definition of pthread_once_t
from newlib, which is a structure with two ints.
It does not make sense to use 64 bits to manage 2 possible
states. The control for that should effectively be a bool.
We maintain compatibility with newlib by asserting (at build
time), that newlib's pthread_once_t is larger than Zephyr's
new struct pthread_once (which just contains a bool).
This allows us to delete the non-standard pthread_key.h
header file (finally).
Reuse the pthread_pool_lock in order to synchronize the related
init function (so that it is only called maximally once from any
thread). The spinlock is only used to test the state and the
init function is not called with the spinlock held.
The alternative was to use an atomic inside of
struct pthread_once. But again, that could be up to 64-bits with
Zephyr's atomics implementation.
Ideally we would use C11 generics or something to support atomics
on 8, 16, 32, and 64-bit primitives.
Lastly, also update declarations for C11 threads as they mostly
mirror our pthread implementation.
This needed to be done as a single commit in order to ensure
continuity of build.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
Split heap-validate.c into smaller chunks. We have been adding all kind
of new APIs under this file and building it unconditionally whether
those APIs are needed/used or not. Many of those APIs have nothing to do
with the validation part.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
The string "" is of type '(const char *)', so add a cast over to
'(char *)' to clean up source code.
Signed-off-by: Florian La Roche <Florian.LaRoche@gmail.com>
pthread_sigmask() is required by the POSIX_THREADS_BASE
Option Group as detailed in Section E.1 of IEEE-1003.1-2017.
The POSIX_THREADS_BASE Option Group is required for PSE51,
PSE52, PSE53, and PSE54 conformance, and is otherwise mandatory
for any POSIX conforming system as per Section A.2.1.3 of
IEEE-1003-1.2017.
Currently, setting a pthread signal mask has no effect.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
When CONFIG_POSIX_SIGNAL=n, default CONFIG_POSIX_RTSIG_MAX to
0 so that the `sigset_t` type can be defined.
Also define RTSIG_MAX.
This allows native_sim and other platforms to build without
error.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
Export some symbols for loadable modules. Also add an
EXPORT_SYSCALL() helper macro for exporting system calls by their
official names.
Signed-off-by: Guennadi Liakhovetski <guennadi.liakhovetski@linux.intel.com>
To align with other supported POSIX features, add logging to
pthread key to provide better error reporting and diagnostics.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
pthread_cleanup_push() and pthread_cleanup_pop() are required
by the POSIX_THREADS_BASE Option Group as detailed in Section
E.1 of IEEE-1003.1-2017.
The POSIX_THREADS_BASE Option Group is required for PSE51,
PSE52, PSE53, and PSE54 conformance, and is otherwise mandatory
for any POSIX conforming system as per Section A.2.1.3 of
IEEE-1003-1.2017.
In this change, we require the addition of a dedicated
pthread_key_t that will not be available for applilcation usage.
Rather than including that as part of
CONFIG_MAX_PTHREAD_KEY_COUNT, we increase the storage by 1 in
order to be least invasive from the application perspective.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
Initialize the variable to zero. I don't think there is any way
out of this function without it being initialized, so IMHO it's
a false positive.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
Zephyr must support all functionality of the XSI_THREADS_EXT
subprofiling option group in order to claim it supports that
subprofiling option group.
The XSI_THREADS_EXT option group is critical to be able to
run POSIX threads with statically allocated thread stacks, which
has been a feature of the implementation since it was initially
added.
The pthread_getconcurrency() and pthread_setconcurrency()
functions are the only remaining, unimplemented functions of
the XSI_THREADS_EXT option group.
Implement pthread_getconcurrency() and pthread_setconcurrency()
via the more "posixly correct" interpretation of the
specification.
I.e. as the pthread_t:k_thread relationship is 1:1 and not M:N,
Zephyr does not support multiplexing of user threads on top of
schedulable kernel entities (i.e. "user threads" are directly
mapped to native threads, just like linuxthreads or NPTL are in
Linux).
For that reason, to be "posixly correct", we should save the
provided value via pthread_setconcurrency(), in the absense of
errors, and also return that same value back via
pthread_getconcurrency(), even though that serves zero purpose
in Zephyr for the foreseeable future.
Note: the specification also states
"an implementation can always ignore any calls to
pthread_setconcurrency() and return a constant for
pthread_getconcurrency()."
For that reason, the implementation may be revisited at a later
time when when considering optimizations and when there is a
better system in place for documenting deviations.
Any such optimization should be explicitly controlled via
Kconfig.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
pthread_setcanceltype() is required by the POSIX_THREADS_BASE
Option Group as detailed in Section E.1 of IEEE-1003.1-2017.
The POSIX_THREADS_BASE Option Group is required for PSE51,
PSE52, PSE53, and PSE54 conformance, and is otherwise mandatory
for any POSIX conforming system as per Section A.2.1.3 of
IEEE-1003-1.2017.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
_PTHREAD_CANCEL_POS is an implementation detail and should not
be defined in the global scope. Furthermore, _PTHREAD_CANCEL_POS
uses a reserved identifier (underscore followed by capital
letter).
Adjust definitions so that the implementation detail is only
used in the implementation and not in the interface.
Additionally, modify naming so that the non-standard macro does
not use a reserved identifier.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
* "identity" functions grouped more closely
* posix_thread_pool_init() should be adjacent to the SYS_INIT()
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
Previously, `pthread_key_delete()` was only ever deleting key 0
rather than the key corresponding to the provided argument.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
pthread_atfork() is required by the POSIX_THREADS_BASE
Option Group as detailed in Section E.1 of IEEE-1003.1-2017.
The POSIX_THREADS_BASE Option Group is required for PSE51,
PSE52, PSE53, and PSE54 conformance, and is otherwise
mandatory for any POSIX conforming system as per Section
A.2.1.3 of IEEE-1003-1.2017.
Since Zephyr does not yet support processes and (by extension)
fork(), this implementation includes a deviation and should be
categorized as producing undefined behaviour.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
Add a Kconfig option to tell whether or not using thread
local storage to store current thread.
The function using it can be called from ISR and using
TLS variables in this context may (should ???) not be
allowed
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Picolibc's 'minimal' printf mode reduces functionality and size even more
than the 'integer' mode. Use this where memory is at a premium and where
the application knows that it does not require exact printf semantics.
1.8.5 adds two more printf variants, 'long long' and 'minimal'. The 'long
long' variant is the same as the 'integer' variant but with long long
support enabled. The 'minimal' variant reduces functionality and size even
more than the 'integer' mode. Applications can use this where memory is at
a premium and where the application does not require exact printf
semantics.
With these two added variants, the SDK has enough options so that all of
the cbprintf modes can be supported with the pre-compiled bits:
1. CBPRINTF_NANO - picolibc's 'minimal' variant
2. CBPRINTF_REDUCED_INTEGRAL - picolibc's 'integer' variant
3. CBPRINTF_FULL_INTEGRAL - picolibc's 'long long' variant
4. CBPRINTF_FB_SUPPORT - picolibc's 'double' variant
This patch makes the cbprintf Kconfig values drive the default picolibc
variant, disables picolibc variants not capable of supporting the required
cbprintf level, but allows applications to select more functionality in
picolibc than cbprintf requires.
Note that this depends on the SDK including picolibc 1.8.5. Without that,
selecting the 'minimal' or 'long long' variant in Zephyr will end up with
the default variant from picolibc, which is the full version with floating
point support. When using the module things will work as specified.
Signed-off-by: Keith Packard <keithp@keithp.com>
This option in picolibc switches the assert macro between a chatty version
and one which provides no information at all. This latter mode avoids
placing the associated strings in memory.
The Zephyr option is PICOLIBC_ASSERT_VERBOSE and it is disable by default.
Signed-off-by: Keith Packard <keithp@keithp.com>
CBPRINTF_FULL_INTEGRAL doesn't happen to explicitly conflict with
CBPRINTF_NANO, but when CBPRINTF_NANO is enabled, there's no long long I/O
support provided.
Allow picolibc long-long I/O support to also be elided when CBPRINTF_NANO
is enabled to save similar amounts of space.
Signed-off-by: Keith Packard <keithp@keithp.com>
* Picolibc doesn't provide the %a-only mode.
* On advice from security experts, who report numerous vulnerabilities
caused by %n in printf specifiers, picolibc never supports this
feature.
* Picolibc doesn't use cbprintf for C-library compatible functions,
instead it provides aliases for the *printfcb functions using stdio
names.
Signed-off-by: Keith Packard <keithp@keithp.com>
Do not enable subsystem/driver shell modules by default and stop abusing
CONFIG_SHELL_MINIMAL, which is internal to the shell subsystem, to decide
when to enable a driver shell.
The list of shell modules has grown considerably through the
years. Enabling CONFIG_SHELL for doing e.g. an interactive debug session
leads to a large number of shell modules also being enabled unless
explicitly disabled, which again leads to non-negligible increases in
RAM/ROM usage.
This commit attempts to establish a policy of subsystem/driver shell
modules being disabled by default, requiring the user/application to
explicitly enable only those needed.
Signed-off-by: Henrik Brix Andersen <hebad@vestas.com>
This moves the k_* memory management functions from sys/ into
kernel/ includes, as there are kernel public APIs. The z_*
functions are further separated into the kernel internal
header directory.
Also made a quick change to doxygen to group sys_mem_* into
the OS Memory Management group so they will appear in doc.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
This change capitalizes on newly added support for dynamic
thread stacks and the existing pthread support to provide
an implementation of the ISO C11 `<threads.h>` API.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
This prevents the compiler from optimizing calloc into an
infinite recursive call.
For example a call to malloc + memset zero at GCC -O2 will be
replaced by a call to calloc. This causes infinite recursion
if the function being implemented *is* calloc.
fno-builtin-malloc forces the compiler to avoid this optimization.
Signed-off-by: Grant Ramsay <gramsay@enphaseenergy.com>
The picolibc module can be built without thread local storage support if
desired. Allow that by using 'imply' instead of 'select'. However, when
using the toolchain picolibc, we assume that TLS will be enabled wherever
supported, so make sure we match by adding a 'select' for this case.
Signed-off-by: Keith Packard <keithp@keithp.com>
