Call to osThreadTerminate is guarded by local_id check, to avoid parameter error fault when deleting or terminating Thread object that was not started.
armcc fopen allocated a mutex using the retargeted system-level
_mutex_initialize function. Interestingly, malloc also uses this
same _mutex_initialization function, which prevents a full solution
relying on malloc. The solution previously implemented involved using
the rtx mutex pool for the first 8 mutexes, then falling back on
malloc.
The previous implementation relied on osMutexNew returning an error
on out-of-memory. An unrelated change causes osMutexNew to instead
assert (except for release mode). This meant if you exceed 8 system-
level mutexes in armcc you will hit an assert. Since the filesystem
code can call fopen an unlimited number of times, this is a problem.
Solution is to keep track of which static mutexes we've allocated, so
we know before calling osMutexNew if we need to call malloc.
Also _mutex_free never deallocated the malloced mutexes, which would
cause fopen to leak memory.
Various RTOS classes were storing their CMSIS-RTOS creation attribute
structure as a member, when it's not required after construction. Reduce
memory by eliminating this member.
uVisor doesn't set the PSP of the target thread. The RTOS sets the PSP
of the target thread from the target thread's TCB. However, when
interrupts of higher priority than PendSV happen between the call to
uVisor to switch boxes, and the RTOS setting PSP, the uVisor vIRQ
interrupt handler will attempt to use an invalid PSP (the PSP from
before the box and thread switch). This leads to a crash. Make box and
thread switching atomic by disabling interrupts immediately before the
box switching until immediately after the new PSP is set.
OsEventObserver objects expect a context to be maintained per thread on
their behalf. Add this context to the thread control block and extend
the thread creation functions with the ability to supply a context.
Add the OsEventObserver mechanism. A client interested in receiving
notifications on certain OS events can register to receive notifications
with osRegisterForOsEvents. This is useful for clients like the secure
memory allocator, which observes thread switching events in order to
swap in and out different memory allocator objects.
mbed OS used older RTX4 version and with osThreadDef accepting only 3
parameters, to preserve compatibility we hardcode the 'instances'
parameter to 1.
Ensure both the stack and stack size used in the Thread class are
aligned to 8 bytes. This prevents the runtime error
"Thread 0 error -11: Unknown" due to incorrect stack alignment.
The current mbed-os drivers rely on a tickrate of 1ms for timing.
This means that if OS_TICK_FREQ is set to any value other than 1000
then mbed-os driver will no longer delay for the correct amount of
time. To prevent this from happening this patch triggers a compile
time error if a tickrate other than 1m is used.
The osKernelGetTickCount() is the only function to get kernel tick information,
however it's not allowed to access in ISR.
It's already enabled in API v2.1.1.
Some Cortex-M0 devices, such as the nrf51, don't have the SysTick.
Instead, these targets use a software interrupt to simulate SysTick.
Add the hooks in the tickless code to support these devices. Targets
which do not have SysTick should now define NO_SYSTICK in targets.json
and implement mbed_get_m0_tick_irqn to add os suport.
This patch also removes os tick handling from the existing devices
(nrf51) since this is now handled in common code.
Add support for tickless by replacing RTX's SysTick timer code with
with code which uses an mbed timer along with suspending and
resuming the kernel in the idle loop. Tickless is enabled on a
per-target basis by defining the macro MBED_TICKLESS.
Make calls to cmsis-os to get thread state, stack size, and max stack
usage rather than accessing internal RTX data directly. Wrap RTX5
specific code in OS_BACKEND_RTX5.
Also refactor the code to use mbed types rather than RTX types:
os_timer_t -> mbed_rtos_storage_timer_t
os_event_flags_t -> mbed_rtos_storage_event_flags_t
osRtxMutex_t -> mbed_rtos_storage_thread_t
Update directory structure to include RTX for only cortex targets, and
for all cortex targets. This patch accomplishes this by moving mbed-os
specific RTX files and RTX itself into rtos/TARGET_CORTEX along with
removing TARGET_CORTEX_M from the RTX5 directory.
The old directory structure:
rtos/rtx5/<mbed-os specific RTX files>
rtos/rtx5/TARGET_CORTEX_M/*
rtos/rtx4/*
rtos/<mbed-os specific RTX files>
Is re-arranged to:
rtos/TARGET_CORTEX/rtx5/*
rtos/TARGET_CORTEX/rtx4/*
rtos/TARGET_CORTEX/<mbed-os specific rtx files>
This both encapsulates RTX code more cleanly and makes it easier to
experiment with non-cortex cmsis-os2 backends, such as a posix
based cmsis-os2 backend.
Note - A potentially better name for the CORTEX_M directory would be
something like FEATURE_RTX5 since this directory only contains RTX5
related files. This cannot be done because there is not an easy way
to turn this feature on, since it cannot be done from mbed_lib.json.
Provide fix for pool buffer size: pool block size must be
a multiple of 4 bytes.
Add assertion to forbid creation of MemoryPool object with queue size equal to 0.
Update description of free() function. Add information about
statuses returned by this function.
The prev-pointer of the running threads mutex list was not set when
multiple mutexes are acquired at a time. This leads to a corrupted list
if the mutexes are not freed in reversed order.
Original commit for CMSIS_5:
commit 729f6ab08540342b7de7612fac103539d5b2f168
Author: Jonatan Antoni <jonatan.antoni@arm.com>
Date: Wed Apr 19 15:38:43 2017 +0200
Before rtx 5, the max count on semaphores was UINT16_MAX, aftewards it
was decreased to 1024 with an assert on overflow.
This is especially problematic for semaphores used for signaling, since
there is no replacement currently available in C++.
The stack required for the idle thread is highly dependent on the
target because it will call the sleep function which is target
specific.
While 256 bytes of stack is enough for most targets, others like the
NRF52840 might require more.
With this change, target maintainers can specify the idle thread stack
size in their mbed_rtx.h file.
uVisor doesn't set the PSP of the target thread. The RTOS sets the PSP
of the target thread from the target thread's TCB. However, when
interrupts of higher priority than PendSV happen between the call to
uVisor to switch boxes, and the RTOS setting PSP, the uVisor vIRQ
interrupt handler will attempt to use an invalid PSP (the PSP from
before the box and thread switch). This leads to a crash. Make box and
thread switching atomic by disabling interrupts immediately before the
box switching until immediately after the new PSP is set.
Add the attribute flash to enable priority inheritance and robust mode.
The robust flag allows mutexes held by terminated threads to be
properly released.
Wrap the file mbed_rtos_storage.h in extern "C". This allows the
functions inside rtx_lib.h to have correct definitions when included
in a C++ file.
This is required for the RTX5 error trapping.
OsEventObserver objects expect a context to be maintained per thread on
their behalf. Add this context to the thread control block and extend
the thread creation functions with the ability to supply a context.
Add the OsEventObserver mechanism. A client interested in receiving
notifications on certain OS events can register to receive notifications
with osRegisterForOsEvents. This is useful for clients like the secure
memory allocator, which observes thread switching events in order to
swap in and out different memory allocator objects.
Remove the RTOS and CMSIS files in preperation for CMSIS 5. Note that
the RTOS heap ad stack test is left since this is still applicable to
RTX5. This file can be found here:
rtos\rtx\TARGET_CORTEX_M\TESTS\memory\heap_and_stack\main.cpp
If the free memory on a device is small enough then the calculation to
determine heap size could underflow to a large value. If this happens
then malloc will never return failure and instead will cause a crash on
allocation. This patch prevents the underflow so malloc works as
expected even with low amounts of free memory.
Calling Thread::start multiple times leads to undefined behavior since
the Thread class was not designed to handle being restarted. Return an
error code if Thread::start is called a second time to prevent this
behavior.
In CI, I receive an mbed assert of stack stats by running the following commands. Its assert is TIMEOUT.
mbed test -m RZ_A1H -t GCC_ARM -DMBED_STACK_STATS_ENABLED=1 --clean --compile
mbed test -m RZ_A1H -t GCC_ARM --run -n tests-mbed_drivers-stl_features -v
So, I fixed the process of related to stack stats (osThreadInfoStackMax).The Detail contents is here.
https://github.com/ARMmbed/mbed-os/issues/3273#issuecomment-268407191
* [RZ/A1H]Support RTX v4.80 for Cortex-A and a few Malloc API
PR to update RTX to v4.80 for Cortex-A.
In the latest CI test, three tests result in an error. The cause is mainly three points
- Unsupport RTX v4.80 for Cortex-A
- Insufficient stack size of thread defined in test
- A few Lack of Malloc API in GCC
Therefore, I supported to these. For the stack size for test, @Russ already supported in PR #3362.
Reference for issue of test error is here.
https://github.com/ARMmbed/mbed-os/issues/3273
Reference for PR to update RTX for Cortex-M.
https://github.com/ARMmbed/mbed-os/pull/1702
* Revert "[RZ/A1H]Support RTX v4.80 for Cortex-A and a few Malloc API"
This reverts commit e71f79aaf2.
* [RZ/A1H]Support RTX v4.80 for Cortex-A and a few Malloc API
PR to update RTX to v4.80 for Cortex-A.
In the latest CI test, three tests result in an error. The cause is mainly three points
- Unsupport RTX v4.80 for Cortex-A
- Insufficient stack size of thread defined in test
- A few Lack of Malloc API in GCC
Therefore, I supported to these. For the stack size for test, @c1728p9 already supported in PR #3362.
Reference for issue of test error is here.
https://github.com/ARMmbed/mbed-os/issues/3273
Reference for PR to update RTX for Cortex-M.
https://github.com/ARMmbed/mbed-os/pull/1702
to mbed SDK as there are targets with Cortex-M4. This is similar to the implementation already
done for GCC ARM
Signed-off-by: Mahadevan Mahesh <Mahesh.Mahadevan@nxp.com>
Various toolchains supported in MBED don't followthe same initialization
steps. This can have impacts on platform behavior.
For STM32, it is needed to call the HAL_Init() _after_ the RAM has been
initialized (sdata from flash / zero initialized data) and _before_ the C++
objects are being created, especially if those objects require support
of tickers for instance.
In GCC and IAR, this was done in previous commit to avoid HAL_Init()
to be called twice.
In ARM this there is no hook defined in MBED yet to place the call.
The proposal is to take benefit of the library's
_platform_post_stackheap_init function that is going to be called before
__rt_lib_init where the C++ object init is done (__cpp_initialize__aeabi_)
In case of mbed with rtos, the __rt_entry is redefined so we need to add
the call to _platform_post_stackheap_init.
This series should solve issue reported here:
STM32 (At least F401) breaks if Tickers are activated in a global object #2115
[XDOT_L151] copy new target CMSIS files from NZ32_SC151 target
[XDOT_L151] remove Modtronix code, add HardFault_Handler, update clock configuration to match xDot hardware
[XDOT_L151] copy new target HAL files from NZ32_SC151 target
[XDOT_L151] update HAL to match xDot hardware
[XDOT_L151] add xdot_eeprom.* and xdot_low_power.* files
[XDOT_L151] add RTOS support for target
Conflicts:
rtos/rtx/TARGET_CORTEX_M/RTX_Conf_CM.c
[XDOT_L151] match NUCLEO_L152RE startup code for GCC_ARM so RTOS works
[XDOT_L151] fix GPIO write failure
[XDOT_L151] add XDOT_L151CC target to targets.json
[XDOT_L151] change xDot default stack size to 256 bytes and main stack size to 1.5kB
[XDOT_L151] update PinNames.h to match rev E hardware - no change to external pinout
[XDOT_L151] update style in custom xDot HAL files
Conflicts:
rtos/rtx/TARGET_CORTEX_M/RTX_CM_lib.h
rtos/rtx/TARGET_CORTEX_M/RTX_Conf_CM.c
Before:
Callback<void()> a = callback(obj, member)
Callback<void()> b = callback(context, function)
After:
Callback<void()> a = callback(obj, member)
Callback<void()> b = callback(function, context)
This ordering is more intuitive based on feedback from users. This order
was initially considered but proved problematic when integrated with
other variable arguments in attach functions.
With `callback` as a separate convenience function, this style
no longer presents a problem.
Before, rtx calls would hard fault in critical sections when an svc
instruction was attempted with interrupts disabled.
Required changes:
- Added check for CPSR I bit in cortex A rtx
- Added check for PRIMASK in cortex M rtx
- Modified critical sections in cortex M rtx to be recursive
(already recursive in cortex A)
Disintegrate global RTX target config. Move per-target fragment
to mbed_rtx.h under each vendor's directory.
One mbed_rtx.h is defined for each vendor at this moment, however,
the granularity of mbed_rtx.h can be per-chip, or per-board
if necessary.
Signed-off-by: Tony Wu <tung7970@gmail.com>
Update the Thread::start function to gracefully handle the failed
creation of a thread when there are no TCBs left. This patch does
the following:
1. Set memory handles to NULL after free to prevent double free
2. Post to the release semaphore so anything that tries to join this
thread will join immediately
3. Remove dead return path since the new operator should never
return NULL (it should trap instead)
Add an RTX hook which gets called when a thread terminates. Add
the function Thread::attach_terminate_hook() to allow users to attach
a hook to this event at runtime.
Add the function osThreadGetInfo to allow various Thread information
to be queried. This includes stack size and maximum stack usage among
other things.
Note - for Cortex-A devices the worst case stack usage is not
available.
Add the functions osThreadsEnumStart, osThreadEnumNext and
osThreadEnumFree to allow enumeration of running threads. Protect
thread creation, thread exit and thread termination with a mutex
so threads are not created or destroyed while an enumeration is
ongoing.
In Thread::terminate() release the join semaphore before terminating
the thread. This allows the join semaphore to be properly signaled in
the case where a thread is terminating itself.
In rtos/rtx/TARGET_CORTEX_M/RTX_CM_lib.h, Image$$ARM_LIB_HEAP$$Base/Image$$ARM_LIB_HEAP$$Length will cause zero memory allocation.
Fix it with Image$$ARM_LIB_HEAP$$ZI$$Base/Image$$ARM_LIB_HEAP$$ZI$$Length. This is to place heap at external SRAM.
User feedback indicated that the previous deprecation notices
were confusing and mislead migration from the old style of thread
spawning.
The deprecation notices were updated to emphasize the replacement
functions, and examples of correct usage were added in the doxygen.
Additionally, the following changes were don to avoid combinatorial
explosion in function overloads as a result of adding cv-qualifiers:
- Added convenience function for inferred type
- Deprecated callback overloads qhere cv-qualifiers are not scalable
Supported overloads:
callback(void (*f)(A...));
callback(const Callback<R(A...)> &);
callback(T *t, void (*f)(T*, A...));
callback(const T *t, void (*f)(const T*, A...));
callback(volatile T *t, void (*f)(volatile T*, A...));
callback(const volatile T *t, void (*f)(const volatile T*, A...));
callback(T *t, void (T::*f)(A...));
callback(const T *t, void (T::*f)(A...) const);
callback(volatile T *t, void (T::*f)(A...) volatile);
callback(const volatile T *t, void (T::*f)(A...) const volatile);
Silence the following compiler warning:
[Warning] RTX_CM_lib.h@807,5: implicit declaration of function 'atexit' [-Wimplicit-function-declaration]
Signed-off-by: Tony Wu <tonywu@realtek.com>
From the discussion on issue #2068:
Functions marked deprecated in the mbed library should notate when
the deprecation was started to allow efficient removal once a set
amount of time has expired.
Added the following macro:
MBED_DEPRECATED_SINCE("version", "message string")
Example usage:
MBED_DEPRECATED_SINCE("v5.1", "don't foo any more, bar instead")
void foo(int arg);
Adopted in existing deprecations:
- FunctionPointer
- RtosTimer
- Thread
The config store tests use more than 2K of the interrupt stack, causing
an overflow. This patch bumps the K64F interrupt stack size to 4K
for ARMCC and GCC. The IAR interrupt stack is left untouched since
it is 32K.
Test the following components of the heap and stacks:
-Heap and interrupt stack are at the expected locations
-Entire heap can be used
-Heap limit is properly enforced and returns NULL when out of
of memory
Since the heap and stack are no longer shared, stack checking on the
main thread can be turned back on. This allows stack overflows on the
main thread to be caught quickly.
With the latest K64F linker file the initial stack is out of sync
with INITIAL_SP when uVisor is not present. This patch removes
the incorrect declaration.
Set well defined limits for the heap and configure GCC and ARMCC to
correctly check these. IAR already correctly checked its heap.
This also statically declares the main thread stack so the
linker is responsible for its placement.
Add a mutex to the thread object to protect its internal data. Prevent
making OS calls with a thread ID that has been terminated. This thread
ID can be reused by another thread, leading to undefined behavior if it
is used after termination.
Update the function Thread::join to use a semaphore to
determine when the thread finishes. This both avoids polling and
prevents a freed TCB from being accessed.
In cmsis_os.h OS_TIMERS is undefined unless the timer thread is
disabled, in which case it is defined to 0. When comparing against
an undefined value, the undefined value will evaluate as if it were
0. Because of this the MAIN_THREAD_ID was always set to 0x1.
This patch fixes that problem by checking if OS_TIMERS is defined
before comparing it to 0.
This problem only effects IAR since it has a different heap/stack
layout. GCC_ARM and ARM have a dedicated stack region so
the presence of a guard word and stack checking does not cause
problems.
This problem manifested on the NRF51_DK in the pull request
https://github.com/mbedmicro/mbed/pull/2211
as a c_strings test failure on floating point. This is because the
guard word of the main stack overlapped with standard library
data used by sprintf and corrupted it.
Currently Semaphore can not be instantiated without an explicit count
as a constructor argument. This limits where Semaphores can be declared
and requires explicit initialization in several annoying places, such
as in member variables and SingletonPtr targets.
This adds a default count of 0, which has shown to be the most common
initial value used for semaphores.
Create the wrapper class SingletonPtr. This provides a safe way to
declare and use singletons. This class allows both the lazy
initialization of a singleton, and allows the singleton to be
garbage collected by the linker if it is never referenced.
This patch also updates the HAL to use SingletonPtr when declaring
singleton mutexes.
Fixes#2059. As reported, if timer thread is not created, the main thread
id is 0x01. We introduce MAIN_THREAD_ID macro to define the id. We shall consider,
if we keep this in a variable.
I placed MAIN_THREAD_ID in cmsis_os.h as that header is safe to include within RTX, not like
RTX_Config.h or RTX_CM_Lib.h).
Thread-spawning constructors hide errors and may lead to complex
program state when a thread is declared.
The explicit Thread::start member function should be used to spawn
a thread.
uVisor requires the SVCall to have priority 0, while RTX allows it to be
the second lowest priority level in the system (after PendSV).
This commit makes sure that the SVCall priority is not changed if uVisor
is present. The PendSV priority is not affected.
We changed the stack size of main thread for RZ_A1H.
We changed "OS_MAINSTKSIZE" from 2048 to 4096.
Because stack shortage was found in the automatic test by the CI System .