Added locking to posix read(), write(), close()
for additional protection.
In read() missing lock would create uneven calls to locking
mechanism in sockets.c after k_condvar_wait().
That results in socket lock not ever being unlocked
Signed-off-by: Daniel Nejezchleb <dnejezchleb@hwg.cz>
It was noted that `pthread_cond_wait()` would always return
ETIMEDOUT, even when successful (and no timeout should ever
occur with `K_FOREVER`).
The z_sched_wake() / z_sched_wake_all() / z_sched_wait() API
are used here with a swap return value of 0 to indicate
success.
Fixes#41284
Signed-off-by: Christopher Friedt <chrisfriedt@gmail.com>
Use rodata region markers to detect if string is read only on
sparc. It was previously disabled but now can be used.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
As described in #42403, there was an issue with the existing crc16_ansi()
implementation, since it was not calculating the CRC-16-ANSI (aka
CRC-16-MODBUS). This is because the existing crc16() function only
supported non-reflected input and output (and the CRC-16-ANSI requires
reflection on both) and also it did not seem to support correctly inial
seeds different from 0x0000 (and, again, the CRC-16-ANSI requires 0xffff
as an initial seed).
This commit replaces the existing crc16() with a functional pair,
crc16() and crc16_reflect(), that also work with any poly, any initial seed
and allow to select whether reflection is performed.
It also adapts crc16_ansi() so that it actually returns the correct CRC.
Fixes#42403.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
This adds to the cbprintf_packaged library to allow external
formatters to be used by the way of callback. This will allow
logging backends to use their own formatter for output if
needed.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Fixed a dependency from printk.h to logging headers which in
certain configurations could lead to circular dependencies.
Cleaned up printk.c to call z_log_vprintk from vprintk.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Refactoring to remove code redundancy caused by splitted
handling based on USERSPACE enabled.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Calling gettimeofday() from _gettimeofday() in a non-Posix build
environment can result in a recursive call loop, causing a stack
overflow. Modify _gettimeofday() to return -1 for non-posix systems
(the previous behaviour that was added in #22508).
Fixes#41095
Signed-off-by: Binu Jacob <bjj@planetinnovation.com.au>
- Abstract buffer offset computation for better code clarity.
- Rework the logic around rw/ro strings to simplify the logic and
to guard against overflows even when only computing the needed buffer
size.
- Use modulus to simplify alignment tests (generated assembly is
the same).
- Avoid CBPRINTF_ prefixes for local macro names
- Better pointer types to reduce cast usage.
- Add more comments.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
MIPS (Microprocessor without Interlocked Pipelined Stages) is a
instruction set architecture (ISA) developed by MIPS Computer
Systems, now MIPS Technologies.
This commit provides MIPS architecture support to Zephyr. It is
compatible with the MIPS32 Release 1 specification.
Signed-off-by: Antony Pavlov <antonynpavlov@gmail.com>
It's not uncommon to have Zephyr running in environments where it
shares a memory bus with a foreign/non-Zephyr system (both the older
Intel Quark and cAVS audio DSP systems share this property). In those
circumstances, it would be nice to have a utility that allows an
arbitrary-sized chunk of that memory to be used as a unidirectional
buffered byte stream without requiring complicated driver support.
sys_winstream is one such abstraction.
This code is lockless, it makes no synchronization demands of the OS
or hardware beyond memory ordering[1]. It implements a simple
file/socket-style read/write API. It produces small code and is high
performance (e.g. a read or write on Xtensa is about 60 cycles plus
one per byte copied). It's bidirectional, with no internal Zephyr
dependencies (allowing it to be easily ported to the foreign system).
And it's quite a bit simpler (especially for the reader) than the
older cAVS trace protocol it's designed to replace.
[1] Which means that right now it won't work reliably on arm64 until
we add a memory barrier framework to Zephyr! See notes in the code;
the locations for the barriers are present, but there's no utility to
call.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
For functions returning nothing, there is no need to document
with @return, as Doxgen complains about "documented empty
return type of ...".
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Two issues were found:
- subtracting rewinding value from head could result in negative value
- calling ring_buf_put_claim after tail got rewinded but before head
got rewinded resulted in error.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
This adds similar ability of sys_multi_heap to the memory blocks
allocator, where a choice function can be used to select
which allocator (of a group) is used for memory block allocation.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
This introduces yet another memory blocks allocator where:
() All memory blocks have a single fixed size.
() Multiple blocks can be allocated or freed at the same time.
() A group of blocks allocated together may not be contiguous.
This is useful for operations such as scatter-gather DMA
transfers.
() Bookkeeping of allocated blocks is done outside of
the associated buffer (unlike memory slab). This allows
the buffer to reside in memory regions where these can be
powered down to conserve energy.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Add the kconfig option so that the utf8.c file can be
conditionally compile, and only for the applications
that need it.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Add a function to copy a UTF-8 encoded string that
ensure correct truncation of the string if the source
is larger than the destination, as well as ensuring that
the resulting destination string is NULL-terminated.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Add a function that can properly truncate UTF-8 strings
without leaving unterminated started characters,
as UTF-8 characters can be 1-4 bytes long.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
This changes CONFIG_HEAP_LISTENER to be a hidden kconfig so that
the actual heap implementation can select it to enable
notifications. Each heap implementations will have their own
kconfigs to enable heap listener functionality so that app
can be built to only listen to certain heap implementations.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
This extends the heap_listener to cover more events,
specifically, allocation, free and realloc.
Note that typedef are used so the callback can be
documented.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Add a parameter to the resize callback to also take the heap ID.
This allows a single callback to be used for multiple heaps if
so desired.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Getopt has been rework in this way that calling it does not require
extra state parameter and its execution is thread safe.
Global parameters describing the state of the getopt function have been
made available to ensure full API compatibility in using this library.
However, referencing these global variables directly is not thread
safe. In order to get the state of the getopt function for the thread
that is currently using it, call: getopt_state_get();
Extended the library with getopt_long and getopt_long_only functions.
Moved getopt libary from utils to posix.
Signed-off-by: Jakub Rzeszutko <jakub.rzeszutko@nordicsemi.no>
* add generic heap event listener module that can be used
for notifying an application of heap-related events
* use the listener module in newlib libc hooks
* add a unit test
Signed-off-by: Damian Krolik <damian.krolik@nordicsemi.no>
Removed unused functions, or moved inside #ifdefs.
This allows using -Werror=unused-function on the clang compiler. Tested
by building the ChromeOS EC on all supported platforms with
-Werror=unused-functions.
Signed-off-by: Jeremy Bettis <jbettis@google.com>
It is not possible completely remove options like
LVGL_DISPLAY_DEV_NAME without heavy reworking of LVGL support
because lvgl_init needs the name of the device, and
LVGL_*_RES_MAX options to define internal buffers.
Signed-off-by: Johann Fischer <johann.fischer@nordicsemi.no>
- Remove the weak symbol definition
- Notify about the capability of disabling via a selected Kconfig option
(CONFIG_SYSTEM_TIMER_HAS_DISABLE_SUPPORT)
- Provide a dummy inline function when the functionality is not
available
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
The library supports encoding JSON objects and arrays as well as
parsing JSON objects. Introduce a new function json_arr_parse() adding
support for parsing top-level JSON arrays.
Signed-off-by: Markus Fuchs <markus.fuchs@ch.sauter-bc.com>
add functions to get the sys_heap runtime statistics,
include total free bytes, total allocated bytes.
Signed-off-by: Chen Peng1 <peng1.chen@intel.com>
This change implements qsort() for the minimal libc via Heapsort.
Heapsort time complexity is O(n log(n)) in the best, average,
and worst cases. It is O(1) in space complexity (i.e. sorts
in-place) and is iterative rather than recursive. Heapsort is
not stable (i.e. does not preserve order of identical elements).
On cortex-m0, this implementation occupies ~240 bytes.
Fixes#28896
Signed-off-by: Christopher Friedt <chrisfriedt@gmail.com>
This lets the toolchain header files determine how to use "restrict"
instead of having that decision down in the minimal libc library.
Signed-off-by: Bradley Bolen <bbolen@lexmark.com>
In function smf_execute_ancestor_exit_actions, variables
"tmp_state" and "target_parent" are set but not used.
Twister passed:
twister -T tests/lib/smf/
Signed-off-by: Sam Hurst <sbh1187@gmail.com>
The "small" heap is is way sufficient for most 32-bit systems.
Let's provide the option to have only one type of heap allowing for
smaller and faster heap code due to not having a bunch of runtime
conditionals based on the heap size.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
The shared multi-heap memory pool manager uses the multi-heap allocator
to manage a set of reserved memory regions with different capabilities /
attributes (cacheable, non-cacheable, etc...) defined in the DT.
The user can request allocation from the shared pool specifying the
capability / attribute of interest for the memory (cacheable /
non-cacheable memory, etc...)
Signed-off-by: Carlo Caione <ccaione@baylibre.com>
Add a simple internal block size predicate to expose the internal
memory region reserved for an allocation. The immediate use case is
cache-incoherent systems wanting to do an invalidate of freed memory,
but it might be useful for apps doing e.g. string processing to better
optimize size changes, etc...
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Add an application agnostic State Machine Framework library to
Zephyr that provides an easy way for developers to integrate
state machines into their application.
Twister passed:
twister -T tests/lib/smf/
Signed-off-by: Sam Hurst <sbh1187@gmail.com>
This is a simple wrapper allowing multiple sys_heap regions to be
unified under a single allocation API. Sometimes apps need the
ability to share multiple discontiguous regions in a single "heap", or
to have memory of different "types" be allocated heuristically based
on usage (e.g. cacheability, latency, power...). This allows a
user-specified function to select the underlying memory to use for
each application.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Implement the iscntrl() function, which returns whether a character is a
control one or not.
Ref: https://en.cppreference.com/w/c/string/byte/iscntrl
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
The commit 9bd1483afeb18f4225ec7b0340b0d4e20efb7d01 was added as a
workaround for the Xtensa initial malloc failure bug.
This bug has been fixed in the Zephyr SDK 0.13.1 release and therefore
this workaround is no longer needed.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
When the sof module code was build, it was found that
PI was not defined in the minimal library.
Here are some mathematical constant definitions to avoid build errors.
Signed-off-by: Yang XiaoHua <yangxiaohuamail@gmail.com>
C implicit promotion rules will want to make floats into doubles very
easily. Zephyr build will generate warnings when this flag,
`-Wdouble-promotion`, is enabled with GCC
Signed-off-by: Ryan McClelland <ryanmcclelland@fb.com>
This commit removes the `z_` prefix from the stdio syscall functions
(`z_zephyr_write_stdout` and `z_zephyr_read_stdin`) since it is
redundant and does not align with the convention used by the equivalent
minimal libc syscall functions (e.g. `zephyr_fputc` and
`zephyr_fwrite`).
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
The newlib `write()` and `read()` functions must call the
`z_zephyr_write_stdout()` and `z_zephyr_read_stdin()` syscall functions
in order to function properly in a user mode context.
The existing incorrect implementation was copied off the newlib hooks
implementation, which was corrected in the previous commit.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
The commit 4344e27c26 changed the syscall
function invocation in the `write()` and `read()` functions to the
direct syscall implementation function invocation by mistake.
The newlib `write()` and `read()` functions must call the
`z_zephyr_write_stdout()` and `z_zephyr_read_stdin()` syscall functions
in order to function properly in a user mode context.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
When CONFIG_USERSPACE is turned off, the POOL_SECTION will be located in
.data section. This will increase the target binary size. Since the
memory pool is for malloc() use and it doesn't need for initial values,
locate it in the .bss section to reduce binary size.
Signed-off-by: Dylan Hung <dylan_hung@aspeedtech.com>
Change-Id: Iee52ac06a48414c083518c79775fe31334eab674
ARC MWDT libraries require to implement locking interface
otherwise not all of functionality is guarantee to be
thread-safe.
So, let's implement locking interface.
Signed-off-by: Eugeniy Paltsev <Eugeniy.Paltsev@synopsys.com>
Signed-off-by: Evgeniy Paltsev <PaltsevEvgeniy@gmail.com>
We shouldn't use swapping with an interrupt lock held
as it works incorrectly on SMP platforms.
Fix that by replacing irq_lock with spinlock for pthread
subsystem.
NOTE: we fix that in a simple way with single spinlock
for mutex / cond_var / barrier. That could be improved
later (i.e. split it for several spinlocks).
Signed-off-by: Eugeniy Paltsev <Eugeniy.Paltsev@synopsys.com>
Signed-off-by: Evgeniy Paltsev <PaltsevEvgeniy@gmail.com>
There might be a sign extension when a long is promoted to
int_value_type and the former type is smaller than the later.
This produces the wrong output if the specified format is unsigned.
Let's avoid this problem by handling signed and unsigned cases
explicitly. When the type already matches int_value_type then the
compiler is smart enough to recognize the redundancy and removes
unneeded duplications automatically, meaning that the code will stay
small when code size matters.
A similar issue also existed in the restricted %llu case.
The fix is the same as above.
Those fixes exposed wrong results in the printk.c test with %llx
so fix that as well.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
For the Xtensa platforms (e.g. qemu_xtensa), the first `malloc` call
may fail if the newlib heap base address is such that the first `sbrk`
call returns a 4096-byte aligned address.
Here we add a workaround for Xtensa that allocates and immediately
frees a 16-byte memory block during initialisation so that all
subsequent `malloc` calls succeed.
This commit needs to be reverted once the issue #38258 is fixed.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
Default weak _exit implementation from ARC MWDT libs
calls _exit_halt from startup libs. As we are going to
get rid of startup libs usage let's implement _exit
stub.
Signed-off-by: Eugeniy Paltsev <Eugeniy.Paltsev@synopsys.com>
Signed-off-by: Evgeniy Paltsev <PaltsevEvgeniy@gmail.com>
The stub file threading_weak.c has been added containing weak stub
implementation of threading related kernel functions.
The file is needed for armlink.
When linking with armlink the linker will resolve undefined symbols for
all undefined functions even if those functions the reference the
undefined symbol is never actually called.
This file provides weak stub implementations that are compiled when
CONFIG_MULTITHREADING=n to ensure proper linking.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
Support for ARM Compiler C library.
This commit add support for the ARM Compiler C libary in:
- Kconfig
- libc/armstdc
A new Kconfig symbol is added to allow a toolchain to specify if they
support linking with the minimal C library.
Also the CMake variable `TOOLCHAIN_HAS_NEWLIB` is exported to Kconfig
so that CONFIG_NEWLIB_LIBS can only be enabled if the toolchain has
newlib.
The armclang toolchain selects the CMake scatter file generator and
disables support for the LD linker template which is not supported by
armlink.
For the ARM Compiler C library, a corresponding lib/libc/armstc/ folder
with a minimal implementation to work with the ARM Compiler C library
is added.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
Cleanup and preparation commit for linker script generator.
Zephyr linker scripts provides start and end symbols for each larger
areas in the linker script.
The symbols _image_rom_start and _image_rom_end corresponds to the group
ROMABLE_REGION defined in the ld linker scripts.
The symbols _image_rodata_start and _image_rodata_end is not placed as
independent group but covers common-rom.ld, thread-local-storage.ld,
kobject-rom.ld and snippets-rodata.ld.
This commit align those names and prepares for generation of groups in
linker scripts.
The symbols describing the ROMABLE_REGION will be renamed to:
_image_rom_start -> __rom_region_start
_image_rom_end -> __rom_region_end
The rodata will also use the group symbol notation as:
_image_rodata_start -> __rodata_region_start
_image_rodata_end -> __rodata_region_end
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
Suppress violation, because it is a deliberated deviation.
Noticed, that my previous PR #36420 comments were not correctly
detected by a static analysis tool. Only the first one item
"MISRAC2012-RULE_20_4-a" was detected and suppressed.
Change comment style, so each item will be suppressed.
Comment style defined in PR #36911 as the most suitable
for the analysis tool.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
Ring buffer claims that no synchronization is needed
when there is a single producer and single consumer.
However, recent changes have broken that promise since
indexes rewind mechanism was modifing head and tail
when consuming. Patch fixes that by spliting rewinding
of indexes so that producer rewinds tail only and
consumer rewinds head.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Implement _istty hook as it is required for proper setup of
STDIN/STDOUT/STDERR buffering.
Signed-off-by: Eugeniy Paltsev <Eugeniy.Paltsev@synopsys.com>
Signed-off-by: Evgeniy Paltsev <PaltsevEvgeniy@gmail.com>
ARC MWDT toolchain misses stdout hooks implementation and
itimerspec structure in timespec header. Let's add them in
arcmwdt compatibility layer.
The implementation was inspired by libc-hooks.c for NEWLIB.
Signed-off-by: Eugeniy Paltsev <Eugeniy.Paltsev@synopsys.com>
Signed-off-by: Evgeniy Paltsev <PaltsevEvgeniy@gmail.com>
This migrates all the current iterable section usages to the external
API, dropping the "Z_" prefix:
Z_ITERABLE_SECTION_ROM
Z_ITERABLE_SECTION_ROM_GC_ALLOWED
Z_ITERABLE_SECTION_RAM
Z_ITERABLE_SECTION_RAM_GC_ALLOWED
Z_STRUCT_SECTION_ITERABLE
Z_STRUCT_SECTION_ITERABLE_ALTERNATE
Z_STRUCT_SECTION_FOREACH
Signed-off-by: Fabio Baltieri <fabiobaltieri@google.com>
This commit adds the newlib retargetable locking interface function
implementations in order to make newlib functions thread safe.
The newlib retargetable locking interface is internally called by the
standard C library functions provided by newlib to synchronise access
to the internal shared resources.
By default, the retargetable locking interface functions defined within
the newlib library are no-op. When multi-threading is enabled (i.e.
`CONFIG_MULTITHREADING=y`), the Zephyr-side retargetable locking
interface implementations override the default newlib implementation
and provide locking mechanism.
The retargetable locking interface may be called with either a static
(`__lock__...`) or a dynamic lock.
The static locks are statically allocated and initialised immediately
after kernel initialisation by `newlib_locks_prepare`.
The dynamic locks are allocated and de-allocated through the
`__retargetable_lock_init[_recursive]` and
`__retarget_lock_close_[recurisve]` functions as necessary by the
newlib functions. These locks are allocated in the newlib heap using
the `malloc` function when userspace is not enabled -- this is safe
because the internal multi-threaded malloc lock implementations
(`__malloc_lock` and `__malloc_unlock`) call the retargetable locking
interface with a static lock (`__lock__malloc_recursive_mutex`). When
userspace is enabled, the dynamic locks are allocated and freed through
`k_object_alloc` and `k_object_release`.
Note that the lock implementations used here are `k_mutex` and `k_sem`
instead of `sys_mutex` and `sys_sem` because the Zephyr kernel does not
currently support dynamic allocation of the latter. These locks should
be updated to use `sys_mutex` and `sys_sem` when the Zephyr becomes
capable of dynamically allocating them in the future.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
Fix conversion drifts for large deltas by only applying float
operations when the skew requires it. This helps because not all
integers are representable as floats, so large integers are
neccessarily quantised when performing float operations.
When required, floating-point operations are now performed on doubles
instead of floats.
Fixes#37263.
Signed-off-by: Jordan Yates <jordan.yates@data61.csiro.au>
We cache the current thread ID in a thread-local variable
at thread entry, and have k_current_get() return that,
eliminating system call overhead for this API.
DL: changed _current to use z_current_get() as it is
being used during boot where TLS is not available.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Add ring_buf_size_get() to get the number of bytes currently available
in the ring buffer.
Add ring_buf_peek() to read data from the head of a ring buffer without
removal.
Fixes#37145
Signed-off-by: Christopher Friedt <chrisfriedt@gmail.com>
Added support for conversion from a standard package which contains
pointers to read only strings to fully self-contained (fsc) package.
Fsc package contains all strings associated with the package thus
access to read only strings is not needed to format a string.
In order to allow conversion to fsc package, standard package must
contain locations of all string pointers within the package. Appending
that information is optional and is controlled by flags parameter
which was added to packaging API. If option flag is set then
package contains header, arguments, locations of read only strings and
transient strings (each prefixed with string argument location).
Package header has been extended with field which contains number of
read only string locations.
A function for conversion to fsc package has been added
(cbprintf_fsc_package()).
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
In file crc16_sw.c essential type of LHS operand (16 bit) is wider than
essential type of composite expression in RHS operand (8 bit).
In crc32c_sw.c and crc32_sw.c Essential type of LHS operand (32 bit) is
wider than essential type of composite expression in RHS operand (8 bit)
Found as a coding guideline violation (MISRA R10.7) by static
coding scanning tool.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
Prevent CONFIG_CBPRINTF_STATIC_PACKAGE_CHECK_ALIGNMENT when LOG_PRINTK.
Prevent use of assert in cbprintf header when printk is redirected
to logging. Enabling it would lead to circular header includes and
compilation failure.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
rand() and srand() are pseudo-random number generator functions
defined in ISO C. This implementation uses the Linear Congruential
Generator (LCG) algorithm with the following parameters, which are the
same as used in GNU Libc "TYPE_0" algorithm.
Modulus 2^31
Multiplier 1103515245
Increment 12345
Output Bits 30..0
Note that the default algorithm used by GNU Libc is not TYPE_0, and
TYPE_0 should be selected first by an initstate() call as shown below.
All global variables in a C library must be routed to a memory
partition in order to be used by user-mode applications when
CONFIG_USERSPACE is enabled. Thus, srand_seed is marked as
such. z_libc_partition is originally used by the Newlib C library but
it's generic enough to be used by either the minimal libc or the
newlib.
All other functions in the Minimal C library, however, don't require
global variables/states. Unconditionally using z_libc_partition with
the minimal libc might be a problem for applications utilizing many
custom memory partitions on platforms with a limited number of MPU
regions (eg. Cortex M0/M3). This commit introduces a kconfig option
CONFIG_MINIMAL_LIBC_RAND so that applications can enable the
functions if needed. The option is disabled by default.
Because this commit _does_ implement rand() and srand(), our coding
guideline check on GitHub Action finds it as a violation.
Error: lib/libc/minimal/include/stdlib.h:45:WARNING: Violation to
rule 21.2 (Should not used a reserved identifier) - srand
But this is false positive.
The following is a simple test program for LCG with GNU Libc.
#include <stdio.h>
#include <stdlib.h>
int main()
{
static char state[8];
/* Switch GLIBC to use LCG/TYPE_0 generator type. */
initstate(0, state, sizeof(state));
srand(1); /* Or any other value. */
printf("%d\n", rand());
printf("%d\n", rand());
return 0;
}
See initstate(3p) for more detail about how to use LCG in GLIBC.
Signed-off-by: Yasushi SHOJI <yashi@spacecubics.com>
The current implementations of memcpy and memset are optimized for
performance and use a word based loop before the byte based loop.
Add a config option that skips the word based loop. This saves 120
bytes on the Cortex-M0+ which is worthwhile on small apps like a
bootloader.
Enable by default if SIZE_OPTIMIZATIONS is set.
Signed-off-by: Michael Hope <mlhx@google.com>
Add an explanation comment, so no one in the future
will try to change that part of the code.
Add parasoft tags to suppress a violation in static analysis tool
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
With 64 bytes heap and 1 byte allocation on a big heap, we get:
0 1 2 3 4 5 6 7
| h | h | b | b | c | 1 | s | f |
where
- h: chunk0 header
- b: buckets in chunk0
- c: chunk header for the first allocation
- 1: chunk mem
- s: solo free header
- f: end marker / footer
max_chunkid() was returning h->end_chunk - min_chunk_size(h), which is
5 because min_chunk_size() on a big heap is 2. This works if you
don't have the solo free header at 6 and the heap is like:
0 1 2 3 4 5 6
| h | h | b | b | c | 1 | f |
max_chunkid() in this case gives you 6 - 2 = 4, which is the right
chunkid for the last chunk header.
This commit replaces max_chunkid() with h->end_chunk and "<=" (less
than or equal to) with "<" (less than), so that it always compares
against the end maker chunkid, but the code won't touch the end maker
itself.
Signed-off-by: Yasushi SHOJI <yashi@spacecubics.com>
a switch was converted to an if statement and still had a default,
something went really wrong here.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Current "switch" operator with one case replace with the "if"
operator, because every switch statement shall have at least
two case-clauses.
Found as a coding guideline violation (MISRA R16.1) by static
coding scanning tool.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
According to the Zephyr Coding Guideline all switch statements
shall be well-formed.
Added a default labels to switch-clauses without them.
Added comments to the empty default cases.
Found as a coding guideline violation (MISRA R16.1) by static
coding scanning tool.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
An 'if' (expression) construct shall be followed by a compound
statement.
Add braces to improve readability and maintainability.
Found as a coding guideline violation (MISRA R15.6) by static
coding scanning tool.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
Function types shall be in prototype form with named parameters
Found as a coding guideline violation (MISRA R8.2) by static
coding scanning tool.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
This commit adds a new `CONFIG_NEWLIB_MIN_REQUIRED_HEAP_SIZE` config
that allows user to specify the minimum required heap size for the
newlib heap, and makes `malloc_prepare` validate that the memory space
available for the newlib heap is greater than this value.
The default minimum required heap size values were empiricially
determined, so as to allow the basic standard C functions such as
`printf` and `scanf` to work properly.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
The time() function works correctly with the minimal libc, but always
returns -1 with the newlib libc. This is due to the _gettimeofday hook
being implemented that way.
Fix that by calling gettimeofday in the _gettimeofday hook instead of
returning -1.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
In a primitive SYS_SLIST_FOR_EACH_NODE check for null was
after dereferencing. Place check for null of the "thread_spec_data"
before its dereferencing.
Found as a coding guideline violation (MISRA R4.1) by static
coding scanning tool.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
Statement "cont = dropped_item != NULL" first checks if "dropped_item"
returns null or not null, then assigns to "cont".
If "dropped_item" is null then "cont = 0",
if "dropped_item" is not null then "cont = 1".
As a result in line below no need to check "dropped_item" again
It is enough to check state of the "cont" variable,
to be sure what returned "dropped_item".
Found as a coding guideline violation (MISRA R4.1) by static
coding scanning tool.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
In code is a variable "chunksz_t chunksz" that has the same name as
function "chunksz_t chunksz()" in the one heap.h file.
Create unique variable name to avoid misreading in the future.
Found as a coding guideline violation (MISRA R5.9) by static
coding scanning tool.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
Our minimal C library makes an alias of UINT*_C() to
be __UINT*_C() and INT*_C() to __INT*_C(). However,
in mwdt, these are not defined by default, so define
them ourselves. We have similar fix for xcc: #31962
Signed-off-by: Watson Zeng <zhiwei@synopsys.com>
The K_HEAP_DEFINE macro would allow users to specify heaps that are
too small, leading to potential corruption events (though at least
there were __ASSERTs that would catch this at runtime if enabled).
It would be nice to put the logic to compute this value into the heap
code, but that isn't available in kernel.h (and we don't want to pull
it in as this header is already WAY to thick). So instead we just
hand-compute and document the choice. We can address bitrot problems
with a test.
(Tweaks to heap size asserts and correct size bounds from Nicolas Pitre)
Fixes#33009
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
