3fbf12487c
There are several subsystems and boards which require a relatively large
system heap (used by k_malloc()) to function properly. This became even
more notable with the recent introduction of the ACPICA library, which
causes ACPI-using boards to require a system heap of up to several
megabytes in size.
Until now, subsystems and boards have tried to solve this by having
Kconfig overlays which modify the default value of HEAP_MEM_POOL_SIZE.
This works ok, except when applications start explicitly setting values
in their prj.conf files:
$ git grep CONFIG_HEAP_MEM_POOL_SIZE= tests samples|wc -l
157
The vast majority of values set by current sample or test applications
is much too small for subsystems like ACPI, which results in the
application not being able to run on such boards.
To solve this situation, we introduce support for subsystems to specify
their own custom system heap size requirement. Subsystems do
this by defining Kconfig options with the prefix HEAP_MEM_POOL_ADD_SIZE_.
The final value of the system heap is the sum of the custom
minimum requirements, or the value existing HEAP_MEM_POOL_SIZE option,
whichever is greater.
We also introduce a new HEAP_MEM_POOL_IGNORE_MIN Kconfig option which
applications can use to force a lower value than what subsystems have
specficied, however this behavior is disabled by default.
Whenever the minimum is greater than the requested value a CMake warning
will be issued in the build output.
This patch ends up modifying several places outside of kernel code,
since the presence of the system heap is no longer detected using a
non-zero CONFIG_HEAP_MEM_POOL_SIZE value, rather it's now detected using
a new K_HEAP_MEM_POOL_SIZE value that's evaluated at build.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
266 lines
7.3 KiB
C
266 lines
7.3 KiB
C
/*
|
|
* Copyright (c) 2018 Intel Corporation
|
|
*
|
|
* SPDX-License-Identifier: Apache-2.0
|
|
*/
|
|
#ifndef ZEPHYR_KERNEL_INCLUDE_KSWAP_H_
|
|
#define ZEPHYR_KERNEL_INCLUDE_KSWAP_H_
|
|
|
|
#include <ksched.h>
|
|
#include <zephyr/spinlock.h>
|
|
#include <zephyr/sys/barrier.h>
|
|
#include <kernel_arch_func.h>
|
|
|
|
#ifdef CONFIG_STACK_SENTINEL
|
|
extern void z_check_stack_sentinel(void);
|
|
#else
|
|
#define z_check_stack_sentinel() /**/
|
|
#endif
|
|
|
|
extern struct k_spinlock sched_spinlock;
|
|
|
|
/* In SMP, the irq_lock() is a spinlock which is implicitly released
|
|
* and reacquired on context switch to preserve the existing
|
|
* semantics. This means that whenever we are about to return to a
|
|
* thread (via either z_swap() or interrupt/exception return!) we need
|
|
* to restore the lock state to whatever the thread's counter
|
|
* expects.
|
|
*/
|
|
void z_smp_release_global_lock(struct k_thread *thread);
|
|
|
|
/* context switching and scheduling-related routines */
|
|
#ifdef CONFIG_USE_SWITCH
|
|
|
|
/* Spin, with the scheduler lock held (!), on a thread that is known
|
|
* (!!) to have released the lock and be on a path where it will
|
|
* deterministically (!!!) reach arch_switch() in very small constant
|
|
* time.
|
|
*
|
|
* This exists to treat an unavoidable SMP race when threads swap --
|
|
* their thread record is in the queue (and visible to other CPUs)
|
|
* before arch_switch() finishes saving state. We must spin for the
|
|
* switch handle before entering a new thread. See docs on
|
|
* arch_switch().
|
|
*
|
|
* Stated differently: there's a chicken and egg bug with the question
|
|
* of "is a thread running or not?". The thread needs to mark itself
|
|
* "not running" from its own context, but at that moment it obviously
|
|
* is still running until it reaches arch_switch()! Locking can't
|
|
* treat this because the scheduler lock can't be released by the
|
|
* switched-to thread, which is going to (obviously) be running its
|
|
* own code and doesn't know it was switched out.
|
|
*/
|
|
static inline void z_sched_switch_spin(struct k_thread *thread)
|
|
{
|
|
#ifdef CONFIG_SMP
|
|
volatile void **shp = (void *)&thread->switch_handle;
|
|
|
|
while (*shp == NULL) {
|
|
arch_spin_relax();
|
|
}
|
|
/* Read barrier: don't allow any subsequent loads in the
|
|
* calling code to reorder before we saw switch_handle go
|
|
* non-null.
|
|
*/
|
|
barrier_dmem_fence_full();
|
|
#endif
|
|
}
|
|
|
|
/* New style context switching. arch_switch() is a lower level
|
|
* primitive that doesn't know about the scheduler or return value.
|
|
* Needed for SMP, where the scheduler requires spinlocking that we
|
|
* don't want to have to do in per-architecture assembly.
|
|
*
|
|
* Note that is_spinlock is a compile-time construct which will be
|
|
* optimized out when this function is expanded.
|
|
*/
|
|
static ALWAYS_INLINE unsigned int do_swap(unsigned int key,
|
|
struct k_spinlock *lock,
|
|
bool is_spinlock)
|
|
{
|
|
ARG_UNUSED(lock);
|
|
struct k_thread *new_thread, *old_thread;
|
|
|
|
#ifdef CONFIG_SPIN_VALIDATE
|
|
/* Make sure the key acts to unmask interrupts, if it doesn't,
|
|
* then we are context switching out of a nested lock
|
|
* (i.e. breaking the lock of someone up the stack) which is
|
|
* forbidden! The sole exception are dummy threads used
|
|
* during initialization (where we start with interrupts
|
|
* masked and switch away to begin scheduling) and the case of
|
|
* a dead current thread that was just aborted (where the
|
|
* damage was already done by the abort anyway).
|
|
*
|
|
* (Note that this is disabled on ARM64, where system calls
|
|
* can sometimes run with interrupts masked in ways that don't
|
|
* represent lock state. See #35307)
|
|
*/
|
|
# ifndef CONFIG_ARM64
|
|
__ASSERT(arch_irq_unlocked(key) ||
|
|
_current->base.thread_state & (_THREAD_DUMMY | _THREAD_DEAD),
|
|
"Context switching while holding lock!");
|
|
# endif
|
|
#endif
|
|
|
|
old_thread = _current;
|
|
|
|
z_check_stack_sentinel();
|
|
|
|
old_thread->swap_retval = -EAGAIN;
|
|
|
|
/* We always take the scheduler spinlock if we don't already
|
|
* have it. We "release" other spinlocks here. But we never
|
|
* drop the interrupt lock.
|
|
*/
|
|
if (is_spinlock && lock != NULL && lock != &sched_spinlock) {
|
|
k_spin_release(lock);
|
|
}
|
|
if (!is_spinlock || lock != &sched_spinlock) {
|
|
(void) k_spin_lock(&sched_spinlock);
|
|
}
|
|
|
|
new_thread = z_swap_next_thread();
|
|
|
|
if (new_thread != old_thread) {
|
|
z_sched_usage_switch(new_thread);
|
|
|
|
#ifdef CONFIG_SMP
|
|
_current_cpu->swap_ok = 0;
|
|
new_thread->base.cpu = arch_curr_cpu()->id;
|
|
|
|
if (!is_spinlock) {
|
|
z_smp_release_global_lock(new_thread);
|
|
}
|
|
#endif
|
|
z_thread_mark_switched_out();
|
|
z_sched_switch_spin(new_thread);
|
|
_current_cpu->current = new_thread;
|
|
|
|
#ifdef CONFIG_TIMESLICING
|
|
z_reset_time_slice(new_thread);
|
|
#endif
|
|
|
|
#ifdef CONFIG_SPIN_VALIDATE
|
|
z_spin_lock_set_owner(&sched_spinlock);
|
|
#endif
|
|
|
|
arch_cohere_stacks(old_thread, NULL, new_thread);
|
|
|
|
#ifdef CONFIG_SMP
|
|
/* Now add _current back to the run queue, once we are
|
|
* guaranteed to reach the context switch in finite
|
|
* time. See z_sched_switch_spin().
|
|
*/
|
|
z_requeue_current(old_thread);
|
|
#endif
|
|
void *newsh = new_thread->switch_handle;
|
|
|
|
if (IS_ENABLED(CONFIG_SMP)) {
|
|
/* Active threads must have a null here. And
|
|
* it must be seen before the scheduler lock
|
|
* is released!
|
|
*/
|
|
new_thread->switch_handle = NULL;
|
|
barrier_dmem_fence_full(); /* write barrier */
|
|
}
|
|
k_spin_release(&sched_spinlock);
|
|
arch_switch(newsh, &old_thread->switch_handle);
|
|
} else {
|
|
k_spin_release(&sched_spinlock);
|
|
}
|
|
|
|
if (is_spinlock) {
|
|
arch_irq_unlock(key);
|
|
} else {
|
|
irq_unlock(key);
|
|
}
|
|
|
|
return _current->swap_retval;
|
|
}
|
|
|
|
static inline int z_swap_irqlock(unsigned int key)
|
|
{
|
|
return do_swap(key, NULL, false);
|
|
}
|
|
|
|
static inline int z_swap(struct k_spinlock *lock, k_spinlock_key_t key)
|
|
{
|
|
return do_swap(key.key, lock, true);
|
|
}
|
|
|
|
static inline void z_swap_unlocked(void)
|
|
{
|
|
(void) do_swap(arch_irq_lock(), NULL, true);
|
|
}
|
|
|
|
#else /* !CONFIG_USE_SWITCH */
|
|
|
|
extern int arch_swap(unsigned int key);
|
|
|
|
static inline void z_sched_switch_spin(struct k_thread *thread)
|
|
{
|
|
ARG_UNUSED(thread);
|
|
}
|
|
|
|
static inline int z_swap_irqlock(unsigned int key)
|
|
{
|
|
int ret;
|
|
z_check_stack_sentinel();
|
|
ret = arch_swap(key);
|
|
return ret;
|
|
}
|
|
|
|
/* If !USE_SWITCH, then spinlocks are guaranteed degenerate as we
|
|
* can't be in SMP. The k_spin_release() call is just for validation
|
|
* handling.
|
|
*/
|
|
static ALWAYS_INLINE int z_swap(struct k_spinlock *lock, k_spinlock_key_t key)
|
|
{
|
|
k_spin_release(lock);
|
|
return z_swap_irqlock(key.key);
|
|
}
|
|
|
|
static inline void z_swap_unlocked(void)
|
|
{
|
|
(void) z_swap_irqlock(arch_irq_lock());
|
|
}
|
|
|
|
#endif /* !CONFIG_USE_SWITCH */
|
|
|
|
/**
|
|
* Set up a "dummy" thread, used at early initialization to launch the
|
|
* first thread on a CPU.
|
|
*
|
|
* Needs to set enough fields such that the context switching code can
|
|
* use it to properly store state, which will just be discarded.
|
|
*
|
|
* The memory of the dummy thread can be completely uninitialized.
|
|
*/
|
|
static inline void z_dummy_thread_init(struct k_thread *dummy_thread)
|
|
{
|
|
dummy_thread->base.thread_state = _THREAD_DUMMY;
|
|
#ifdef CONFIG_SCHED_CPU_MASK
|
|
dummy_thread->base.cpu_mask = -1;
|
|
#endif
|
|
dummy_thread->base.user_options = K_ESSENTIAL;
|
|
#ifdef CONFIG_THREAD_STACK_INFO
|
|
dummy_thread->stack_info.start = 0U;
|
|
dummy_thread->stack_info.size = 0U;
|
|
#endif
|
|
#ifdef CONFIG_USERSPACE
|
|
dummy_thread->mem_domain_info.mem_domain = &k_mem_domain_default;
|
|
#endif
|
|
#if (K_HEAP_MEM_POOL_SIZE > 0)
|
|
k_thread_system_pool_assign(dummy_thread);
|
|
#else
|
|
dummy_thread->resource_pool = NULL;
|
|
#endif
|
|
|
|
#ifdef CONFIG_TIMESLICE_PER_THREAD
|
|
dummy_thread->base.slice_ticks = 0;
|
|
#endif
|
|
|
|
_current_cpu->current = dummy_thread;
|
|
}
|
|
#endif /* ZEPHYR_KERNEL_INCLUDE_KSWAP_H_ */
|