Use `do { ... } while (false)' instead of `do { ... } while (0)'.
Use comparisons with zero instead of implicitly testing integers.
Use comparisons with NULL instead of implicitly testing pointers.
Use comparisons with NUL instead of implicitly testing plain chars.
Use `bool' instead of `int' to represent Boolean values.
Use `while (true)' instead of `while (1)' to express infinite loops.
Signed-off-by: frei tycho <tfrei@baumer.com>
This aligns abort() and exit() definitions with other libc.
Without 'noreturn' attribute, compilers have to assume that we will
return from these functions which can lead to surprising errors like
'error: non-void function does not return a value'.
Signed-off-by: Patryk Duda <patrykd@google.com>
The spin loop in _exit() needs a Z_SPIN_DELAY() for the
posix architecture, so it does not hang the whole
executable on that infinite loop but only the thread
that exit'ed.
Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
Compiling using clang fails with following error:
error: unannotated fall-through between switch labels
[-Werror,-Wimplicit-fallthrough]
Actually, missing 'break' statement is not an error here because
the next label is 'default' which contains 'break' only. For the same
reason we can add it to silence the compiler.
Signed-off-by: Patryk Duda <pdk@semihalf.com>
BSD-3-Clause-UC is not a valid license name and spdx validator
generates a Warning! when detected. Most probably a typo from
old version of strtoll.c licenced as BSD-4-Clause-UC.
see commit: 570ed08
Signed-off-by: Lucian Zala <zala.lucian@gmail.com>
Move the abort implementation into common so its shared among the
libc. As part of this start using the common abort on newlib.
Signed-off-by: Kumar Gala <kumar.gala@intel.com>
This will (eventually) permit use of a common malloc implementation with
other C libraries, reducing the amount of Zephyr-specific code required
to support each C library.
Signed-off-by: Keith Packard <keithp@keithp.com>
The init infrastructure, found in `init.h`, is currently used by:
- `SYS_INIT`: to call functions before `main`
- `DEVICE_*`: to initialize devices
They are all sorted according to an initialization level + a priority.
`SYS_INIT` calls are really orthogonal to devices, however, the required
function signature requires a `const struct device *dev` as a first
argument. The only reason for that is because the same init machinery is
used by devices, so we have something like:
```c
struct init_entry {
int (*init)(const struct device *dev);
/* only set by DEVICE_*, otherwise NULL */
const struct device *dev;
}
```
As a result, we end up with such weird/ugly pattern:
```c
static int my_init(const struct device *dev)
{
/* always NULL! add ARG_UNUSED to avoid compiler warning */
ARG_UNUSED(dev);
...
}
```
This is really a result of poor internals isolation. This patch proposes
a to make init entries more flexible so that they can accept sytem
initialization calls like this:
```c
static int my_init(void)
{
...
}
```
This is achieved using a union:
```c
union init_function {
/* for SYS_INIT, used when init_entry.dev == NULL */
int (*sys)(void);
/* for DEVICE*, used when init_entry.dev != NULL */
int (*dev)(const struct device *dev);
};
struct init_entry {
/* stores init function (either for SYS_INIT or DEVICE*)
union init_function init_fn;
/* stores device pointer for DEVICE*, NULL for SYS_INIT. Allows
* to know which union entry to call.
*/
const struct device *dev;
}
```
This solution **does not increase ROM usage**, and allows to offer clean
public APIs for both SYS_INIT and DEVICE*. Note that however, init
machinery keeps a coupling with devices.
**NOTE**: This is a breaking change! All `SYS_INIT` functions will need
to be converted to the new signature. See the script offered in the
following commit.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
init: convert SYS_INIT functions to the new signature
Conversion scripted using scripts/utils/migrate_sys_init.py.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
manifest: update projects for SYS_INIT changes
Update modules with updated SYS_INIT calls:
- hal_ti
- lvgl
- sof
- TraceRecorderSource
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
tests: devicetree: devices: adjust test
Adjust test according to the recently introduced SYS_INIT
infrastructure.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
tests: kernel: threads: adjust SYS_INIT call
Adjust to the new signature: int (*init_fn)(void);
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
We get compile warnings of the form:
error: converting the result of
'<<' to a boolean; did you mean
'((__aeabi_ctype_table_ + 1)[(byte)] << 28) != 0'?
[-Werror,-Wint-in-bool-context]
if (!isprint(byte)) {
^
Since isprint (and the other is* functions) return an int, change check
to an explicit test against the return value.
Signed-off-by: Kumar Gala <kumar.gala@intel.com>
Extend capabilities of a minimal libc to support C11 capability
to allocate memory with requested alignment.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
As of today <zephyr/zephyr.h> is 100% equivalent to <zephyr/kernel.h>.
This patch proposes to then include <zephyr/kernel.h> instead of
<zephyr/zephyr.h> since it is more clear that you are including the
Kernel APIs and (probably) nothing else. <zephyr/zephyr.h> sounds like a
catch-all header that may be confusing. Most applications need to
include a bunch of other things to compile, e.g. driver headers or
subsystem headers like BT, logging, etc.
The idea of a catch-all header in Zephyr is probably not feasible
anyway. Reason is that Zephyr is not a library, like it could be for
example `libpython`. Zephyr provides many utilities nowadays: a kernel,
drivers, subsystems, etc and things will likely grow. A catch-all header
would be massive, difficult to keep up-to-date. It is also likely that
an application will only build a small subset. Note that subsystem-level
headers may use a catch-all approach to make things easier, though.
NOTE: This patch is **NOT** removing the header, just removing its usage
in-tree. I'd advocate for its deprecation (add a #warning on it), but I
understand many people will have concerns.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
This commit changes the invocation of the minimal libc malloc
initialisation function such that it is executed during the POST_KERNEL
phase instead of the APPLICATION phase.
This is necessary in order to ensure that the application
initialisation functions (i.e. the functions called during the
APPLICATIION phase) can make use of the libc heap.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
MISRA C:2012 Rule 21.13 (Any value passed to a function in <ctype.h>
shall be representable as an unsigned char or be the value EOF).
Functions in <ctype.h> have undefined behavior if they are called with
any other value. Callers affected by this change are not prepared to
handle EOF anyway. The addition of these casts avoids the issue
and does not result in any performance penalty.
Signed-off-by: Abramo Bagnara <abramo.bagnara@bugseng.com>
Signed-off-by: Simon Hein <SHein@baumer.com>
This commit globally defines the `Z_LIBC_DATA` macro, which is used to
place variables into the libc memory partition, so that it can be
re-used.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
This commit introduces a new configuration called
`CONFIG_MINIMAL_LIBC_NON_REENTRANT_FUNCTIONS`, which enables the
traditional non-reentrant (i.e. not thread-safe) version of the C
standard library functions such as rand() and gmtime() when the
respective configs are enabled.
The non-reentrant functions make use of the globals and require an
additional memory partition (MPU region), which is scarce on low-end
devices, when CONFIG_USERSPACE=y.
The purpose of this option is to classify the MPU resource intensive
functions as a separate category and only enable them when there is a
demand for such.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
This commit adds the `rand_r` function, which is a reentrant (i.e.
thread-safe) version of the `rand` function, such that a thread-safe
variant is always available.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
This commit adds the strtoull function implementation that is licensed
BSD-3-Clause, which is an OSI-approved license, with the modifications
necessary for adoption into the Zephyr minimal C library.
Origin: Newlib
License: BSD 3-Clause
URL: git://sourceware.org/git/newlib-cygwin.git
Commit: 9042d0ce65533a26fc3264206db5828d5692332c
Purpose: strtoull function support in the minimal C library
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
This commit removes the strtoull function implementation that is
licensed BSD-4-Clause-UC, which is not an OSI-approved license.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
This commit adds the strtoll function implementation that is licensed
BSD-3-Clause, which is an OSI-approved license, with the modifications
necessary for adoption into the Zephyr minimal C library.
Origin: Newlib
License: BSD 3-Clause
URL: git://sourceware.org/git/newlib-cygwin.git
Commit: 9042d0ce65533a26fc3264206db5828d5692332c
Purpose: strtoll function support in the minimal C library
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
This commit removes the strtoll function implementation that is
licensed BSD-4-Clause-UC, which is not an OSI-approved license.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
This commit adds the strtoul function implementation that is licensed
BSD-3-Clause, which is an OSI-approved license, with the modifications
necessary for adoption into the Zephyr minimal C library.
Origin: Newlib
License: BSD 3-Clause
URL: git://sourceware.org/git/newlib-cygwin.git
Commit: 9042d0ce65533a26fc3264206db5828d5692332c
Purpose: strtoul function support in the minimal C library
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
This commit removes the strtoul function implementation that is
licensed BSD-4-Clause-UC, which is not an OSI-approved license.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
This commit adds the strtol function implementation that is licensed
BSD-3-Clause, which is an OSI-approved license, with the modifications
necessary for adoption into the Zephyr minimal C library.
Origin: Newlib
License: BSD 3-Clause
URL: git://sourceware.org/git/newlib-cygwin.git
Commit: 9042d0ce65533a26fc3264206db5828d5692332c
Purpose: strtol function support in the minimal C library
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
This commit removes the strtol function implementation that is
licensed BSD-4-Clause-UC, which is not an OSI-approved license.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
In order to bring consistency in-tree, migrate all lib code to the new
prefix <zephyr/...>. Note that the conversion has been scripted, refer
to zephyrproject-rtos#45388 for more details.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
- strtoll() and strtoull() are copies of strtol() and strtoul() with
types changed to long long instead of long.
- added tests
- added documentation
- removed stubs from civetweb sample
Signed-off-by: Gerhard Jörges <joerges@metratec.com>
Remove the cast of the two parameter compare function used by qsort, to
the three parameter callback function used by qsort_r, in order to
ensure compatibility with other toolchains, even those off-tree.
Fixes#42870
Signed-off-by: Danny Oerndrup <daor@demant.com>
This change implements qsort() for the minimal libc via Heapsort.
Heapsort time complexity is O(n log(n)) in the best, average,
and worst cases. It is O(1) in space complexity (i.e. sorts
in-place) and is iterative rather than recursive. Heapsort is
not stable (i.e. does not preserve order of identical elements).
On cortex-m0, this implementation occupies ~240 bytes.
Fixes#28896
Signed-off-by: Christopher Friedt <chrisfriedt@gmail.com>
When CONFIG_USERSPACE is turned off, the POOL_SECTION will be located in
.data section. This will increase the target binary size. Since the
memory pool is for malloc() use and it doesn't need for initial values,
locate it in the .bss section to reduce binary size.
Signed-off-by: Dylan Hung <dylan_hung@aspeedtech.com>
Change-Id: Iee52ac06a48414c083518c79775fe31334eab674
rand() and srand() are pseudo-random number generator functions
defined in ISO C. This implementation uses the Linear Congruential
Generator (LCG) algorithm with the following parameters, which are the
same as used in GNU Libc "TYPE_0" algorithm.
Modulus 2^31
Multiplier 1103515245
Increment 12345
Output Bits 30..0
Note that the default algorithm used by GNU Libc is not TYPE_0, and
TYPE_0 should be selected first by an initstate() call as shown below.
All global variables in a C library must be routed to a memory
partition in order to be used by user-mode applications when
CONFIG_USERSPACE is enabled. Thus, srand_seed is marked as
such. z_libc_partition is originally used by the Newlib C library but
it's generic enough to be used by either the minimal libc or the
newlib.
All other functions in the Minimal C library, however, don't require
global variables/states. Unconditionally using z_libc_partition with
the minimal libc might be a problem for applications utilizing many
custom memory partitions on platforms with a limited number of MPU
regions (eg. Cortex M0/M3). This commit introduces a kconfig option
CONFIG_MINIMAL_LIBC_RAND so that applications can enable the
functions if needed. The option is disabled by default.
Because this commit _does_ implement rand() and srand(), our coding
guideline check on GitHub Action finds it as a violation.
Error: lib/libc/minimal/include/stdlib.h:45:WARNING: Violation to
rule 21.2 (Should not used a reserved identifier) - srand
But this is false positive.
The following is a simple test program for LCG with GNU Libc.
#include <stdio.h>
#include <stdlib.h>
int main()
{
static char state[8];
/* Switch GLIBC to use LCG/TYPE_0 generator type. */
initstate(0, state, sizeof(state));
srand(1); /* Or any other value. */
printf("%d\n", rand());
printf("%d\n", rand());
return 0;
}
See initstate(3p) for more detail about how to use LCG in GLIBC.
Signed-off-by: Yasushi SHOJI <yashi@spacecubics.com>
According to the Zephyr Coding Guideline all switch statements
shall be well-formed.
Added a default labels to switch-clauses without them.
Added comments to the empty default cases.
Found as a coding guideline violation (MISRA R16.1) by static
coding scanning tool.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
- When malloc() is called with a size of 0 we should not set errno
to ENOMEM as there is no actual allocation failure in that case.
This duplicates the realloc() behavior.
- Put unlock_ret assignments on separate lines, otherwise gcc complains
about unused variables when the tests on it are disabled.
- There NULL return added in 952970d6cb are completely pointless.
First, there is no reason for sys_mutex_unlock() to fail, and even
if it did, those returns would be blatent memory leaks. Remove them.
No one should blindly modify code just to make static code
analysers happy.
- Replace all CHECKIF() by explicit assertion statements to uniformize
those checks and drop the NULL returns entirely. We can't return
anything in the free() case, and there are no runtime conditions
for sys_mutex_lock() to sometimes succeed and sometimes fail anyway.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
The identifiers used in the declaration and definition of a function
shall be identical [MISRAC2012-RULE_8_3-b]
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Fix#32938 [Coverity CID :219508] "Unchecked return value in
lib/libc/minimal/source/stdlib/malloc.c"
The Coverity complains about sys_mutex_lock() which returns 0 if
locked. I added also the same check on returned value for
sys_mutex_unlock() which returns 0 if unlocked.
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Commit 40016a6a92 ("libc/minimal: Use a sys_heap for the malloc
implementation") replaced sys_mem_pool_alloc() with sys_heap_alloc().
The problem is that those aren't equivalent. While the former did
guard against concurrent usage, the later doesn't.
Add the same locking around sys_heap_alloc() that used to be implicit
with sys_mem_pool_alloc().
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
The definition for realloc() says that it should return a pointer
to the allocated memory which is suitably aligned for any built-in
type.
Turn sys_heap_realloc() into a sys_heap_aligned_realloc() and use it
with __alignof__(z_max_align_t) to implement realloc() with proper
memory alignment for any platform.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
The definition for malloc() says that it should return a pointer
to the allocated memory which is suitably aligned for any built-in
type. This requirement was lost in commit 0c15627cc1 ("lib: Remove
sys_mem_pool implementation") where the entire memory pool used to
have an explicit alignment of 16.
Fix this by allocating memory with sys_heap_aligned_alloc() using
__alignof__(z_max_align_t) which will automatically get the needed
alignment on each platform.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
reallocarray() is defined in terms of realloc(). From OpenBSD manual
pages:
"Designed for safe allocation of arrays, the reallocarray()
function is similar to realloc() except it operates on nmemb
members of size size and checks for integer overflow in the
calculation nmemb * size."
The return value of sys_heap_realloc() is not compatible with that
of realloc().
Signed-off-by: Martin Åberg <martin.aberg@gaisler.com>
Most of kernel files where declaring os module without providing
log level. Because of that default log level was used instead of
CONFIG_KERNEL_LOG_LEVEL.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
abort() is an important runtime function, oftentimes used to signal
abnormal execution conditions in generic applications. Worse, they
may be used under such circumstances in e.g. compiler support
libraries, in which case lack of implementation of this function
will lead to link error.
Fixes: #29541
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Now that device_api attribute is unmodified at runtime, as well as all
the other attributes, it is possible to switch all device driver
instance to be constant.
A coccinelle rule is used for this:
@r_const_dev_1
disable optional_qualifier
@
@@
-struct device *
+const struct device *
@r_const_dev_2
disable optional_qualifier
@
@@
-struct device * const
+const struct device *
Fixes#27399
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Previously, if the arena size was zero, malloc would always fail.
However, the log message was only visible if debug messages were
enabled. Logging an error will hopefully make it more obvious that
CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE should be >= if the minimal
libc and malloc are both used.
Fixes#26720
Signed-off-by: Christopher Friedt <chrisfriedt@gmail.com>
