Provide fix for pool buffer size: pool block size must be
a multiple of 4 bytes.
Add assertion to forbid creation of MemoryPool object with queue size equal to 0.
Update description of free() function. Add information about
statuses returned by this function.
The prev-pointer of the running threads mutex list was not set when
multiple mutexes are acquired at a time. This leads to a corrupted list
if the mutexes are not freed in reversed order.
Original commit for CMSIS_5:
commit 729f6ab08540342b7de7612fac103539d5b2f168
Author: Jonatan Antoni <jonatan.antoni@arm.com>
Date: Wed Apr 19 15:38:43 2017 +0200
Before rtx 5, the max count on semaphores was UINT16_MAX, aftewards it
was decreased to 1024 with an assert on overflow.
This is especially problematic for semaphores used for signaling, since
there is no replacement currently available in C++.
The stack required for the idle thread is highly dependent on the
target because it will call the sleep function which is target
specific.
While 256 bytes of stack is enough for most targets, others like the
NRF52840 might require more.
With this change, target maintainers can specify the idle thread stack
size in their mbed_rtx.h file.
uVisor doesn't set the PSP of the target thread. The RTOS sets the PSP
of the target thread from the target thread's TCB. However, when
interrupts of higher priority than PendSV happen between the call to
uVisor to switch boxes, and the RTOS setting PSP, the uVisor vIRQ
interrupt handler will attempt to use an invalid PSP (the PSP from
before the box and thread switch). This leads to a crash. Make box and
thread switching atomic by disabling interrupts immediately before the
box switching until immediately after the new PSP is set.
Add the attribute flash to enable priority inheritance and robust mode.
The robust flag allows mutexes held by terminated threads to be
properly released.
Wrap the file mbed_rtos_storage.h in extern "C". This allows the
functions inside rtx_lib.h to have correct definitions when included
in a C++ file.
This is required for the RTX5 error trapping.
OsEventObserver objects expect a context to be maintained per thread on
their behalf. Add this context to the thread control block and extend
the thread creation functions with the ability to supply a context.
Add the OsEventObserver mechanism. A client interested in receiving
notifications on certain OS events can register to receive notifications
with osRegisterForOsEvents. This is useful for clients like the secure
memory allocator, which observes thread switching events in order to
swap in and out different memory allocator objects.
Remove the RTOS and CMSIS files in preperation for CMSIS 5. Note that
the RTOS heap ad stack test is left since this is still applicable to
RTX5. This file can be found here:
rtos\rtx\TARGET_CORTEX_M\TESTS\memory\heap_and_stack\main.cpp
If the free memory on a device is small enough then the calculation to
determine heap size could underflow to a large value. If this happens
then malloc will never return failure and instead will cause a crash on
allocation. This patch prevents the underflow so malloc works as
expected even with low amounts of free memory.
Calling Thread::start multiple times leads to undefined behavior since
the Thread class was not designed to handle being restarted. Return an
error code if Thread::start is called a second time to prevent this
behavior.
In CI, I receive an mbed assert of stack stats by running the following commands. Its assert is TIMEOUT.
mbed test -m RZ_A1H -t GCC_ARM -DMBED_STACK_STATS_ENABLED=1 --clean --compile
mbed test -m RZ_A1H -t GCC_ARM --run -n tests-mbed_drivers-stl_features -v
So, I fixed the process of related to stack stats (osThreadInfoStackMax).The Detail contents is here.
https://github.com/ARMmbed/mbed-os/issues/3273#issuecomment-268407191
* [RZ/A1H]Support RTX v4.80 for Cortex-A and a few Malloc API
PR to update RTX to v4.80 for Cortex-A.
In the latest CI test, three tests result in an error. The cause is mainly three points
- Unsupport RTX v4.80 for Cortex-A
- Insufficient stack size of thread defined in test
- A few Lack of Malloc API in GCC
Therefore, I supported to these. For the stack size for test, @Russ already supported in PR #3362.
Reference for issue of test error is here.
https://github.com/ARMmbed/mbed-os/issues/3273
Reference for PR to update RTX for Cortex-M.
https://github.com/ARMmbed/mbed-os/pull/1702
* Revert "[RZ/A1H]Support RTX v4.80 for Cortex-A and a few Malloc API"
This reverts commit e71f79aaf2.
* [RZ/A1H]Support RTX v4.80 for Cortex-A and a few Malloc API
PR to update RTX to v4.80 for Cortex-A.
In the latest CI test, three tests result in an error. The cause is mainly three points
- Unsupport RTX v4.80 for Cortex-A
- Insufficient stack size of thread defined in test
- A few Lack of Malloc API in GCC
Therefore, I supported to these. For the stack size for test, @c1728p9 already supported in PR #3362.
Reference for issue of test error is here.
https://github.com/ARMmbed/mbed-os/issues/3273
Reference for PR to update RTX for Cortex-M.
https://github.com/ARMmbed/mbed-os/pull/1702
to mbed SDK as there are targets with Cortex-M4. This is similar to the implementation already
done for GCC ARM
Signed-off-by: Mahadevan Mahesh <Mahesh.Mahadevan@nxp.com>
Various toolchains supported in MBED don't followthe same initialization
steps. This can have impacts on platform behavior.
For STM32, it is needed to call the HAL_Init() _after_ the RAM has been
initialized (sdata from flash / zero initialized data) and _before_ the C++
objects are being created, especially if those objects require support
of tickers for instance.
In GCC and IAR, this was done in previous commit to avoid HAL_Init()
to be called twice.
In ARM this there is no hook defined in MBED yet to place the call.
The proposal is to take benefit of the library's
_platform_post_stackheap_init function that is going to be called before
__rt_lib_init where the C++ object init is done (__cpp_initialize__aeabi_)
In case of mbed with rtos, the __rt_entry is redefined so we need to add
the call to _platform_post_stackheap_init.
This series should solve issue reported here:
STM32 (At least F401) breaks if Tickers are activated in a global object #2115
[XDOT_L151] copy new target CMSIS files from NZ32_SC151 target
[XDOT_L151] remove Modtronix code, add HardFault_Handler, update clock configuration to match xDot hardware
[XDOT_L151] copy new target HAL files from NZ32_SC151 target
[XDOT_L151] update HAL to match xDot hardware
[XDOT_L151] add xdot_eeprom.* and xdot_low_power.* files
[XDOT_L151] add RTOS support for target
Conflicts:
rtos/rtx/TARGET_CORTEX_M/RTX_Conf_CM.c
[XDOT_L151] match NUCLEO_L152RE startup code for GCC_ARM so RTOS works
[XDOT_L151] fix GPIO write failure
[XDOT_L151] add XDOT_L151CC target to targets.json
[XDOT_L151] change xDot default stack size to 256 bytes and main stack size to 1.5kB
[XDOT_L151] update PinNames.h to match rev E hardware - no change to external pinout
[XDOT_L151] update style in custom xDot HAL files
Conflicts:
rtos/rtx/TARGET_CORTEX_M/RTX_CM_lib.h
rtos/rtx/TARGET_CORTEX_M/RTX_Conf_CM.c
Before:
Callback<void()> a = callback(obj, member)
Callback<void()> b = callback(context, function)
After:
Callback<void()> a = callback(obj, member)
Callback<void()> b = callback(function, context)
This ordering is more intuitive based on feedback from users. This order
was initially considered but proved problematic when integrated with
other variable arguments in attach functions.
With `callback` as a separate convenience function, this style
no longer presents a problem.
Before, rtx calls would hard fault in critical sections when an svc
instruction was attempted with interrupts disabled.
Required changes:
- Added check for CPSR I bit in cortex A rtx
- Added check for PRIMASK in cortex M rtx
- Modified critical sections in cortex M rtx to be recursive
(already recursive in cortex A)
Disintegrate global RTX target config. Move per-target fragment
to mbed_rtx.h under each vendor's directory.
One mbed_rtx.h is defined for each vendor at this moment, however,
the granularity of mbed_rtx.h can be per-chip, or per-board
if necessary.
Signed-off-by: Tony Wu <tung7970@gmail.com>
Update the Thread::start function to gracefully handle the failed
creation of a thread when there are no TCBs left. This patch does
the following:
1. Set memory handles to NULL after free to prevent double free
2. Post to the release semaphore so anything that tries to join this
thread will join immediately
3. Remove dead return path since the new operator should never
return NULL (it should trap instead)
Add an RTX hook which gets called when a thread terminates. Add
the function Thread::attach_terminate_hook() to allow users to attach
a hook to this event at runtime.
Add the function osThreadGetInfo to allow various Thread information
to be queried. This includes stack size and maximum stack usage among
other things.
Note - for Cortex-A devices the worst case stack usage is not
available.
Add the functions osThreadsEnumStart, osThreadEnumNext and
osThreadEnumFree to allow enumeration of running threads. Protect
thread creation, thread exit and thread termination with a mutex
so threads are not created or destroyed while an enumeration is
ongoing.
In Thread::terminate() release the join semaphore before terminating
the thread. This allows the join semaphore to be properly signaled in
the case where a thread is terminating itself.
In rtos/rtx/TARGET_CORTEX_M/RTX_CM_lib.h, Image$$ARM_LIB_HEAP$$Base/Image$$ARM_LIB_HEAP$$Length will cause zero memory allocation.
Fix it with Image$$ARM_LIB_HEAP$$ZI$$Base/Image$$ARM_LIB_HEAP$$ZI$$Length. This is to place heap at external SRAM.
User feedback indicated that the previous deprecation notices
were confusing and mislead migration from the old style of thread
spawning.
The deprecation notices were updated to emphasize the replacement
functions, and examples of correct usage were added in the doxygen.
Additionally, the following changes were don to avoid combinatorial
explosion in function overloads as a result of adding cv-qualifiers:
- Added convenience function for inferred type
- Deprecated callback overloads qhere cv-qualifiers are not scalable
Supported overloads:
callback(void (*f)(A...));
callback(const Callback<R(A...)> &);
callback(T *t, void (*f)(T*, A...));
callback(const T *t, void (*f)(const T*, A...));
callback(volatile T *t, void (*f)(volatile T*, A...));
callback(const volatile T *t, void (*f)(const volatile T*, A...));
callback(T *t, void (T::*f)(A...));
callback(const T *t, void (T::*f)(A...) const);
callback(volatile T *t, void (T::*f)(A...) volatile);
callback(const volatile T *t, void (T::*f)(A...) const volatile);
Silence the following compiler warning:
[Warning] RTX_CM_lib.h@807,5: implicit declaration of function 'atexit' [-Wimplicit-function-declaration]
Signed-off-by: Tony Wu <tonywu@realtek.com>
From the discussion on issue #2068:
Functions marked deprecated in the mbed library should notate when
the deprecation was started to allow efficient removal once a set
amount of time has expired.
Added the following macro:
MBED_DEPRECATED_SINCE("version", "message string")
Example usage:
MBED_DEPRECATED_SINCE("v5.1", "don't foo any more, bar instead")
void foo(int arg);
Adopted in existing deprecations:
- FunctionPointer
- RtosTimer
- Thread
The config store tests use more than 2K of the interrupt stack, causing
an overflow. This patch bumps the K64F interrupt stack size to 4K
for ARMCC and GCC. The IAR interrupt stack is left untouched since
it is 32K.
Test the following components of the heap and stacks:
-Heap and interrupt stack are at the expected locations
-Entire heap can be used
-Heap limit is properly enforced and returns NULL when out of
of memory
Since the heap and stack are no longer shared, stack checking on the
main thread can be turned back on. This allows stack overflows on the
main thread to be caught quickly.
With the latest K64F linker file the initial stack is out of sync
with INITIAL_SP when uVisor is not present. This patch removes
the incorrect declaration.
Set well defined limits for the heap and configure GCC and ARMCC to
correctly check these. IAR already correctly checked its heap.
This also statically declares the main thread stack so the
linker is responsible for its placement.
Add a mutex to the thread object to protect its internal data. Prevent
making OS calls with a thread ID that has been terminated. This thread
ID can be reused by another thread, leading to undefined behavior if it
is used after termination.
Update the function Thread::join to use a semaphore to
determine when the thread finishes. This both avoids polling and
prevents a freed TCB from being accessed.
In cmsis_os.h OS_TIMERS is undefined unless the timer thread is
disabled, in which case it is defined to 0. When comparing against
an undefined value, the undefined value will evaluate as if it were
0. Because of this the MAIN_THREAD_ID was always set to 0x1.
This patch fixes that problem by checking if OS_TIMERS is defined
before comparing it to 0.
This problem only effects IAR since it has a different heap/stack
layout. GCC_ARM and ARM have a dedicated stack region so
the presence of a guard word and stack checking does not cause
problems.
This problem manifested on the NRF51_DK in the pull request
https://github.com/mbedmicro/mbed/pull/2211
as a c_strings test failure on floating point. This is because the
guard word of the main stack overlapped with standard library
data used by sprintf and corrupted it.
Currently Semaphore can not be instantiated without an explicit count
as a constructor argument. This limits where Semaphores can be declared
and requires explicit initialization in several annoying places, such
as in member variables and SingletonPtr targets.
This adds a default count of 0, which has shown to be the most common
initial value used for semaphores.
Create the wrapper class SingletonPtr. This provides a safe way to
declare and use singletons. This class allows both the lazy
initialization of a singleton, and allows the singleton to be
garbage collected by the linker if it is never referenced.
This patch also updates the HAL to use SingletonPtr when declaring
singleton mutexes.
Fixes#2059. As reported, if timer thread is not created, the main thread
id is 0x01. We introduce MAIN_THREAD_ID macro to define the id. We shall consider,
if we keep this in a variable.
I placed MAIN_THREAD_ID in cmsis_os.h as that header is safe to include within RTX, not like
RTX_Config.h or RTX_CM_Lib.h).
Thread-spawning constructors hide errors and may lead to complex
program state when a thread is declared.
The explicit Thread::start member function should be used to spawn
a thread.
uVisor requires the SVCall to have priority 0, while RTX allows it to be
the second lowest priority level in the system (after PendSV).
This commit makes sure that the SVCall priority is not changed if uVisor
is present. The PendSV priority is not affected.
We changed the stack size of main thread for RZ_A1H.
We changed "OS_MAINSTKSIZE" from 2048 to 4096.
Because stack shortage was found in the automatic test by the CI System .
This patch enables RTOS support on Beetle.
It contains:
* Updated Beetle Startup code for ARMCC
* Modified SysTick Driver
* RTOS specific configuration parameters
* RTOS specific test suite enablement
Signed-off-by: Vincenzo Frascino <vincenzo.frascino@arm.com>
When the malloc lock and unlock functions are inside a library they
conflict with the standard libraries weak version of these functions.
This is because of the way weak references are handled by the linker.
This patch renames the lock and unlock functions defined inside RTX
so they do not conflict. A thunk inside retarget.cpp then calls the
RTX functions. This problem does not occur with retarget.cpp since
it is always build into an object file rather than a library file.
The define OS_TCB_SIZE does not match the real stack size. This
leaves the system with less than OS_TASKCNT TCBs and prevents
a single thread configuration. This updates OS_TCB_SIZE to the
correct value to fix the problem.
The main stack ends at the start of the heap. In some configurations
this causes the guard word to be overwritten when memory is allocated.
This causes an OS error in RTX since it appears that the main stack
overflowed.
This patch moves the main stack to the upper 1/4th of the heap which
prevents the guard word from getting overwritten.
The rtx SVC_Handler for IAR clobbers r0-r3 despite the number of
arguments. However, in the SVC calls, the __swi function is declared
with fewer arguments. IAR doesn't understand that the other registers are
clobbered and stores variables in r0-r3 when multiple SVCs are
dispatched in a single function.
This bug was noticed in osThreadExit, which hard-faults on IAR,
preventing any threads from exiting.
Prevent a switch to a NULL target thread by setting the new task to run
to be the idle task. Otherwise, we get nasty usage fault because we
would be returning from the rt_sys_init SVC with a PSP of 0x20.
Wrap software_init_hook so that it can be used or extended from outside the
RTOS. This is desirable so that code can be added to the software_init_hook
without making the RTOS depend on new features or libraries.
Add the OsEventObserver mechanism. A client interested in receiving
notifications on certain OS events can register to receive notifications
with osRegisterForOsEvents. This is useful for clients like the secure
memory allocator, which observes thread switching events in order to swap
in and out different memory allocator objects.
softdevice.
The call stack of the soft device can be 0x600 (1536) bytes long, by
adjusting the stack to a value of 2048 bytes, their is enough room for
the softdevice and RTX kernel to live together in the main stack.
Random issues due to stack overflow were visible with the previous value.
The NRF51 doesn't have a systick. When the MCU doesn't have a systick, the
HAL has to export several functions which will be use by the kernel to
manage the tick:
* os_tick_init provides the initialization function for the alternative
hardware timer.
* os_tick_val returns the current value of the alternative hardware timer.
* os_tick_ovf returns the overflow flag of the alternative hardware timer.
* os_tick_irqack is an interrupt acknowledge function that is called to
confirm the alternative hardware timer interrupt.
The HAL should also call OS_Tick_Handler needs to be called as the
hardware timer interrupt function.
In the case of the NRF51, two RTCs are available:
* RTC0: reserved for soft device
* RTC1: used by us_ticker.
RTC1 is a 4 channels timers, channel 0 is used for us_ticker, and
in this port channel 1 is used for tick generation.
Implementation notes:
* RTC1_IRQHandler: has to be written in assembly otherwise a stack
overflow will occur because the function OS_Tick_Handler never
returns. This function is called when RTC1 channel IRQ is triggered.
* tick generation has been optimised for a tick with a duration of
1000us.
* us_ticker can still be compiled and used without RTX enabled.
More information about alternative timer as RTX Kernel Timer:
https://www.keil.com/pack/doc/CMSIS/RTX/html/_timer_tick.html
Add lock functions so that malloc and environment variable access are
thread safe. Add the compiler option "-o thread-safe" to use the full
version of newlib which is thread safe.
Note that this patch does NOT make file access thread safe.
Add the locks and flags necessary to make the IAR standard library
thread safe. These changes consist of:
-Add compiler flag "--guard_calls" to ensure C++ function-static
variables with dynamic initializers are initialized in a
thread safe manner
-Add the linker flag "--threaded_lib" so the thread safe version of
the standard library is used
-Implement mutex functions required for IAR thread safety
-Create a set of stub functions in retarget.c for when the rtos is not present
Added an #ifndef directive to the __MBED_CMSIS_RTOS_CM and __CMSIS_RTOS macro definitions in order to prevent "Incompatible redefinition of macro" warnings from the online compiler.
- Allows threads to started separately from when they are declared,
avoiding the need to dynamically allocate threads at runtime.
- Allows multiple threads to join without forceful termination. Allowing
threads to synchronize on cleanup.
Przemyslaw Stekiel
Bartek Szatkowski
YarivCol
Jimmy Brisson
Russ Butler
Kevin Gilbert
Vincent Coubard
Christopher Haster
Martin Kojtal
Jaeden Amero
Bartosz Szatkowski
Yuguo Zou
Russ Butler
Anna Bridge
Sam Grove
Wolfgang Betz
TomoYamanaka
Sarah Marsh
sarahmarshy
Mahadevan Mahesh
Laurent MEUNIER
Mike Fiore
Rob Meades
jeromecoutant
Tony Wu
Russ Butler
andreas.larsson
ohagendorf
Michel Jaouen
ccli8
Alessandro Angelino
Radhika
Jeremy Brodt
Tony Wu
Martin Kojtal
Neil Thiessen
Laurent Meunier
Michel JAOUEN
svastm
Niklas Hauser
Brian Daniels
Vincenzo Frascino
Niklas Hauser
Steven Cooreman
Mihail Stoyanov