Even if the code used to limit the precision to the on-stack buffer
size, it was still possible to do:
printf("%f", 1.0e300);
which would overflow the stack and crash the program. Let fix this issue
and remove the precision limitation by recording the number of zeroes to
insert while converting the value and generating those zeroes only
when outputting the data.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
Zero-padding of integers took place in the on-stack buffer before
justification. Let's perform that padding on the fly while sending
out data instead.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
The z_prf() function currently allocates a 200-byte buffer on the
stack to copy strings into, and then perform left/right alignment
and padding. Not only this is a pretty large chunk of stack usage,
but this imposes limitations on field width and string length. Also
the string is copied not only once but _thrice_ making this code
less than optimal.
Let's rework the code to get rid of both the field width limit and
string length limit, as well as the two extra memory copy instances.
While at it, let's fixes printf("%08s", "abcd") which used to
produce "0000abcd".
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
Mimic the glibc behavior when encountering an unknown conversion
specifier rather than silently skipping it.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
This makes for nicer code by avoiding repetitions of the same pattern.
Changes to come will make more use of it.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
Some cleanups before further changes:
- Remove dead leftover from the "case 's'" code.
- Remove needless parents and casts.
- Remove "register" qualifier as it is ignored. The compiler knows
better these days.
- Adjust tabs assuming standard 8-columns tab spacing.
- Make multi-line comments start with "/*" on a line of its own.
- Make the format string const to match prototypes in other files.
- Declare boolean variable and parameters as bool.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
This reverts commit 2a63e342f4.
This needs to be reverted as otherwise the type of ssize_t will be
"unsigned long" which is not correct.
(gdb) ptype ssize_t
type = unsigned long
For example this check would fail in that case
ssize_t foo(void)
{
return -1;
}
...
if (foo() < 0) {
printk("This is never called\n");
}
Fixes#17378
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Compilers (at least gcc and clang) already provide max value definitions
for basic types. It makes sense to rely on them to properly support
both 32-bit and 64-bit builds.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
Minimum alignment and rounding must be done on a word boundary. Let's
replace _ALIGN4() with WB_UP() which is equivalent on 32-bit targets,
and 64-bit aware.
Also enforce a minimal alignment on the memory pool. This is making
a difference mostly on64-bit targets where the widely used 4-byte
alignment is not sufficient.
The _ALIGN4() macro has no users left so it is removed.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
move misc/util.h to sys/util.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
move misc/mempool.h to sys/mempool.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
move misc/math_extras.h to sys/math_extras.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
move misc/libc-hooks.h to sys/libc-hooks.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
move misc/errno_private.h to sys/errno_private.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
move misc/__assert.h to sys/__assert.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
This adds the necessary bits to utilize the x86_64 toolchain
built by sdk-ng for x86_64 when toolchain variant is either
zephyr or xtools. This allows decoupling the builds from
the host toolchain.
Newlib is also available with this toolchain so remove
the Kconfig restriction on CONFIG_NEWLIB_LIBC.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
types.h was wrongly defining unsigned as signed and following
undefining it. This definition was not being used anywhere though.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
In ARM builds with support for user mode, i.e. with
CONFIG_USERSPACE=y, we need to align the beginning
of the heap space, to respect the ARM MPU region
alignment requirements.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
USED_RAM_END_ADDR is not used when Kconfig option
CONFIG_NEWLIB_LIBC_ALIGNED_HEAP_SIZE is defined,
therefore, we do not need to define the macro in
that specific case.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Compilers (at least gcc and clang) already provide definitions to
create standard types and their range. For example, __INT16_TYPE__ is
normally defined as a short to be used with the int16_t typedef, and
__INT16_MAX__ is defined as 32767. So it makes sense to rely on them
rather than hardcoding our own, especially for the fast types where
the compiler itself knows what basic type is best.
Using compiler provided definitions makes even more sense when dealing
with 64-bit targets where some types such as intptr_t and size_t must
have a different size and range. Those definitions are then adjusted
by the compiler directly.
However there are two cases for which we should override those
definitions:
* The __INT32_TYPE__ definition on 32-bit targets vary between an int
and a long int depending on the architecture and configuration.
Notably, all compilers shipped with the Zephyr SDK, except for the
i586-zephyr-elfiamcu variant, define __INT32_TYPE__ to a long int.
Whereas, all Linux configurations for gcc, both 32-bit and 64-bit,
always define __INT32_TYPE__ as an int. Having variability here is
not welcome as pointers to a long int and to an int are not deemed
compatible by the compiler, and printing an int32_t defined with a
long using %d makes the compiler to complain, even if they're the
same size on 32-bit targets. Given that an int is always 32 bits
on all targets we might care about, and given that Zephyr hardcoded
int32_t to an int before, then we just redefine __INT32_TYPE__ and
derrivatives to an int to keep the peace in the code.
* The confusion also exists with __INTPTR_TYPE__. Looking again at the
Zephyr SDK, it is defined as an int, even even when __INT32_TYPE__ is
initially a long int. One notable exception is i586-zephyr-elf where
__INTPTR_TYPE__ is a long int even when using -m32. On 64-bit targets
this is always a long int. So let's redefine __INTPTR_TYPE__ to always
be a long int on Zephyr which simplifies the code, works for both
32-bit and 64-bit targets, and mimics what the Linux kernel does.
Only a few print format strings needed adjustment.
In those two cases, there is a safeguard to ensure the type we're
enforcing has the right size and fail the build otherwise.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
This allows for printing long long values. Because the code size
increase may be significant, this is made optional on 32-bit targets.
On 64-bit targets this doesn't change the code much as longs and
long longs are the same size so it is always enabled in that case.
The test on MAXFLD has to be adjusted accordingly. Yet, its minimum
value wasn't large enough to store a full-scale octal value, so this
is fixed as well.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
On 64-bit systems the most notable difference is due to longs and
pointers being 64-bit wide. Therefore there must be a distinction
between ints and longs.
This patch:
- Make support functions take a long rather than an int as this can
carry both longs and ints just fine.
- Use unsigned values in _to_x() to cover the full unsigned range
and avoid sign-extending big values. Negative values are already
converted to unsigned after printing the minus sign. This also makes
division and modulus operations slightly faster.
- Remove excessive casts around va_arg() and use proper types with it.
- Implement the l and z length modifiers as they're significant on
64-bit targets. While at it, throw in the z modifier as well.
Since they all come down to 32-bit values on 32-bit targets, the
added code should get optimized away as duplicate by the compiler
in that case.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
Casting a pointer to an int produces warnings with 64-bit targets.
Furthermore, an int is not always the optimal memory element that
can be copied in that case.
Let's use uintptr_t to cast pointers to integers for alignment
determination purposes, and mem_word_t to denote the optimal memory
"word" that can be copied on the platform.
The mem_word_t definition is equivalent to uintptr_t by default.
However, some 32-bit targets such as ARM platforms with the LDRD/STRD
instructions could benefit from word_t being an uint64_t.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
Per guidelines, all statements should have braces around them. We do not
have a CI check for this, so a few went in unnoticed.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Add an option for building with newlib-nano library.
The newlib-nano library for ARM embedded processors is a part of the
GNU Tools for ARM Embedded Processors.
Add mem_alloc tests with newlib nano.
Signed-off-by: Benoit Leforestier <benoit.leforestier@gmail.com>
Use the new math_extras functions instead of calling builtins directly.
Change a few local variables to size_t after checking that all uses of
the variable actually expects a size_t.
Signed-off-by: Jakob Olesen <jolesen@fb.com>
This is implementation-level header which defines struct timeval, and
intended to be included by headers which need this structure. This
implementation scheme is compatible with Newlib, and thus provides a
step to use minlibc vs Newlib interchangeably.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Depending on configuration, this value could end up as
a variable and not an array symbol, causing a crash if
newlib decides to call _sbrk on behalf of a user thread,
which needs to perform arithmetic on it.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Excerpt from the manual:
If ptr is NULL, then the call is equivalent to malloc(size) [...]
Without this commit, such calls end with a BUS FAULT.
Signed-off-by: Tomasz Gorochowik <tgorochowik@antmicro.com>
Update the files which contain no license information with the
'Apache-2.0' SPDX license identifier. Many source files in the tree are
missing licensing information, which makes it harder for compliance
tools to determine the correct license.
By default all files without license information are under the default
license of Zephyr, which is Apache version 2.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Rename reserved function names in the subsys/ subdirectory except
for static _mod_pub_set and _mod_unbind functions in bluetooth mesh
cfg_srv.c which clash with the similarly named global functions.
Signed-off-by: Patrik Flykt <patrik.flykt@intel.com>
Permission management no longer necessary, the former
parameter for the mutex is now simply ignored.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
When we build with newlib we don't set -nostdinc. In that case make
sure that we leave it to the toolchain to set the system include paths.
The one exception to leaving to the toolchain to set the system include
paths is the path to the newlib headers. Since we build
with -ffreestanding we need to make sure the newlib header path is the
before the toolchain headers. Otherwise the toolchain's 'freestanding'
headers get picked up and that causes issues (for example getting PRI*64
defined properly from inttypes.h due to __STDC_HOSTED__ being '0').
For newlib we accomplish this by having the only system header specified
by zephyr_system_include_directories() being just the newlib headers.
Note: for minlibc we leave things alone as things just happen to work as
the -I include of the libc headers takes precedence over -isystem so we
get the libc headers over the toolchain ones. For the newlib case it
appears that setting both -I and -isystem for the same dir causes the
-I to be ignored.
Fixes#14310
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
For some reason we missed _zephyr_fputc in commit
4344e27c26. Rename _zephyr_fputc to just
zephyr_fputc and fixup associated code to build.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Commit 4344e27c26 changed the reserved
function names, but got the naming wrong for fwrite. Just use the
name zephyr_fwrite everywhere.
Fixes#14275
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Update reserved function names starting with one underscore, replacing
them as follows:
'_k_' with 'z_'
'_K_' with 'Z_'
'_handler_' with 'z_handl_'
'_Cstart' with 'z_cstart'
'_Swap' with 'z_swap'
This renaming is done on both global and those static function names
in kernel/include and include/. Other static function names in kernel/
are renamed by removing the leading underscore. Other function names
not starting with any prefix listed above are renamed starting with
a 'z_' or 'Z_' prefix.
Function names starting with two or three leading underscores are not
automatcally renamed since these names will collide with the variants
with two or three leading underscores.
Various generator scripts have also been updated as well as perf,
linker and usb files. These are
drivers/serial/uart_handlers.c
include/linker/kobject-text.ld
kernel/include/syscall_handler.h
scripts/gen_kobject_list.py
scripts/gen_syscall_header.py
Signed-off-by: Patrik Flykt <patrik.flykt@intel.com>
We used to leave byte-long placeholder symbols to ensure
that empty application memory sections did not cause
build errors that were very difficult to understand.
Now we use some relatively portable inline assembly to
generate a symbol, but don't take up any extra space.
The malloc and libc partitions are now only instantiated
if there is some data to put in them.
Fixes: #13923
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
MISRA-C says that char type should not be used in arithmetically as the
data doesn't represent numbers.
MISRA-C rules 10.1 and 10.2
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
In case newlib is enabled, but POSIX subsys isn't, there're adhoc
implementations of read() and write() which work only with adhoc
stdin/stdout emulation layer. These are backed by system calls named
like "read" and "write". Rename all these functions and syscalls to
explicitly mention stdin/stdout in the names, to free namespace
for the implementation of generic read/write syscalls which will
integrate with POSIX fdtable.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
The intent of this Kconfig is to allow libc stdout
functions like printf() to send their output to the
active console driver instead of discarding it.
This somehow evolved into preferring to use
printf() instead of printk() for all test case output
if enabled. Libc printf() implementation for both
minimal libc and newlib use considerably more stack
space than printk(), with nothing gained by using
them.
Remove all instances where we are conditionally
sending test case output based on this config, enable
it by default, and adjust a few tests that disabled
this because they were blowing stack.
printk() and vprintk() now work as expected for
unit_testing targets, they are just wrappers for
host printf().
Fixes: #13701
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Also, for now x86_64 does not support newlib, so do not enable newlib
for this arch until we have a solution.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
With newer newlib we get a build error with mqueue.h realted to mode_t.
Let's just let newlib define mode_t and have minimal libc also define
it in sys/types.h. So we remove the duplicated definition in
posix/unistd.h.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
This is an integral part of userspace and cannot be used
on its own. Fold into the main userspace configuration.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
We need a generic name for the partition containing
essential C library globals. We're going to need to
add the stack canary guard to this area so user mode
can read it.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This was never a long-term solution, more of a gross hack
to get test cases working until we could figure out a good
end-to-end solution for memory domains that generated
appropriate linker sections. Now that we have this with
the app shared memory feature, and have converted all tests
to remove it, delete this feature.
To date all userspace APIs have been tagged as 'experimental'
which sidesteps deprecation policies.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
* Newlib now defines a special z_newlib_partition containing
all globals relevant to newlib. Most of these are in libc.a
with a heap tracking variable in newlib's hooks.
* Both C libraries now expose a k_mem_partition containing the
bounds of the malloc heap arena. Threads that want to use
libc malloc() will need to add this to their memory domain.
* z_newlib_get_heap_bounds has been removed, in favor of the
memory partition for the heap arena
* ztest now includes the C library partitions in its memory
domain.
* The mem_alloc test now runs in user mode to prove that this
all works for both C libraries.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This patch adds a x86_64 architecture and qemu_x86_64 board to Zephyr.
Only the basic architecture support needed to run 64 bit code is
added; no drivers are added, though a low-level console exists and is
wired to printk().
The support is built on top of a "X86 underkernel" layer, which can be
built in isolation as a unit test on a Linux host.
Limitations:
+ Right now the SDK lacks an x86_64 toolchain. The build will fall
back to a host toolchain if it finds no cross compiler defined,
which is tested to work on gcc 8.2.1 right now.
+ No x87/SSE/AVX usage is allowed. This is a stronger limitation than
other architectures where the instructions work from one thread even
if the context switch code doesn't support it. We are passing
-no-sse to prevent gcc from automatically generating SSE
instructions for non-floating-point purposes, which has the side
effect of changing the ABI. Future work to handle the FPU registers
will need to be combined with an "application" ABI distinct from the
kernel one (or just to require USERSPACE).
+ Paging is enabled (it has to be in long mode), but is a 1:1 mapping
of all memory. No MMU/USERSPACE support yet.
+ We are building with -mno-red-zone for stack size reasons, but this
is a valuable optimization. Enabling it requires automatic stack
switching, which requires a TSS, which means it has to happen after
MMU support.
+ The OS runs in 64 bit mode, but for compatibility reasons is
compiled to the 32 bit "X32" ABI. So while the full 64 bit
registers and instruction set are available, C pointers are 32 bits
long and Zephyr is constrained to run in the bottom 4G of memory.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Following the standard GCC RISC-V convetion use __riscv for the RISC-V
specific define:
41d6b10e96/gcc/config/riscv/riscv-c.c (L37)
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
ioctl() just dispatches to the corresponding vmethod of an fd.
fcntl() handles fdtable-level operations (so far doesn't handle
actually, returning "not implemented" error), and forwards
fd-specific operations to ioctl vmethod just the same (i.e.
ioctl and fcntl operations share the same namespace, but otherwise
disjoint).
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
These changes were obtained by running a script created by
Ulf Magnusson <Ulf.Magnusson@nordicsemi.no> for the following
specification:
1. Read the contents of all dts_fixup.h files in Zephyr
2. Check the left-hand side of the #define macros (i.e. the X in
#define X Y)
3. Check if that name is also the name of a Kconfig option
3.a If it is, then do nothing
3.b If it is not, then replace CONFIG_ with DT_ or add DT_ if it
has neither of these two prefixes
4. Replace the use of the changed #define in the code itself
(.c, .h, .ld)
Additionally, some tweaks had to be added to this script to catch some
of the macros used in the code in a parameterized form, e.g.:
- CONFIG_GPIO_STM32_GPIO##__SUFFIX##_BASE_ADDRESS
- CONFIG_UART_##idx##_TX_PIN
- I2C_SBCON_##_num##_BASE_ADDR
and to prevent adding DT_ prefix to the following symbols:
- FLASH_START
- FLASH_SIZE
- SRAM_START
- SRAM_SIZE
- _ROM_ADDR
- _ROM_SIZE
- _RAM_ADDR
- _RAM_SIZE
which are surprisingly also defined in some dts_fixup.h files.
Finally, some manual corrections had to be done as well:
- name##_IRQ -> DT_##name##_IRQ in uart_stm32.c
Signed-off-by: Andrzej Głąbek <andrzej.glabek@nordicsemi.no>
read/write/etc. are defined in case CONFIG_POSIX_API is defined, and
we shouldn't provide duplicates.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
This reverts commit 25fb2302f1.
The bluetooth l2cap code was using these errno values but changed to
using more standard EPERM instead, so lets remove the defines since
nothing uses them.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
write() function is not supposed to change buffer passed to it, so
propagate const pointer param to all write-like functions used/defined
in this file.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Some third-party components include this file without really needing
any symbols from it. Presence of this file allows to build them
against minimal libc, whereas previously they forced Newlib.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Placing it at sys/fcntl.h was due to mimicking internal newlib's
layout, but what we need is this file at the standard location,
for reuse.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Under GNU C, sizeof(void) = 1. This commit merely makes it explicit u8.
Pointer arithmetics over void types is:
* A GNU C extension
* Not supported by Clang
* Illegal across all ISO C standards
See also: https://gcc.gnu.org/onlinedocs/gcc/Pointer-Arith.html
Signed-off-by: Mark Ruvald Pedersen <mped@oticon.com>
Make if statement using pointers explicitly check whether the value is
NULL or not.
The C standard does not say that the null pointer is the same as the
pointer to memory address 0 and because of this is a good practice
always compare with the macro NULL.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Any word started with underscore followed by and uppercase letter or a
second underscore is a reserved word according with C99.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
The return of memset is never checked. This patch explicitly ignore
the return to avoid MISRA-C violations.
The only directory excluded directory was ext/* since it contains
only imported code.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Contains defines enough to compile BSD Sockets subsystem. Values are
compatible with Newlib.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Several code guidelines recommend using uppercase L instead of letter
l (ell) because it can easily be confused with the digit 1 (one).
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Consistently use
config FOO
bool/int/hex/string "Prompt text"
instead of
config FOO
bool/int/hex/string
prompt "Prompt text"
(...and a bunch of other variations that e.g. swapped the order of the
type and the 'prompt', or put other properties between them).
The shorthand is fully equivalent to using 'prompt'. It saves lines and
avoids tricking people into thinking there is some semantic difference.
Most of the grunt work was done by a modified version of
https://unix.stackexchange.com/questions/26284/how-can-i-use-sed-to-replace-a-multi-line-string/26290#26290, but some
of the rarer variations had to be converted manually.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
The read/write implementations call directly into the console drivers
using the hook mechanism, causing faults if invoked from user mode.
Add system calls for read() and write() such that we do a privilege
elevation first.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
The stdout console implementations for minimal libc call directly into
the various console drivers (depending on what specifc hooks are
registered) causing faults when invoked from user mode. This happens,
for example, when using printf() which eventually ends up calling
fputc().
The proper solution is to ensure privileges have been elevated before
the _stdout_hook is called. This was already done for printk().
puts() and fputs() have now been re-defined in terms of the
fputc() and fwrite() functions, which are now system calls.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
The errno "variable" is required to be thread-specific.
It gets defined to a macro which dereferences a pointer
returned by a kernel function.
In user mode, we cannot simply read/write the thread struct.
We do not have thread-local storage mechanism, so for now
use the lowest address of the thread stack to store this
value, since this is guaranteed to be read/writable by
a user thread.
The downside of this approach is potential stack corruption
if the stack pointer goes down this far but does not exceed
the location, since a fault won't be generated in this case.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
We utilize defines like -ESHUTDOWN in the network stack. To support
this errno value with newlib we need to enable
__LINUX_ERRNO_EXTENSIONS__.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
For some reason %F wasn't supported initially. Its simple enough to
handle the case difference in infinity and NaN handling to add support
for %F.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
The C standard says that %f should use '[-]inf' or '[-]infinity' (which
style is implementation defined) for infinity handling and '[-]nan' for
NaN.
We where adding a '+' and had the wrong case for 'inf' and 'nan'.
Before -> After
+INF -> inf
-INF -> -inf
NaN -> nan
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
For %{e,E,g,G} conversion specifiers the C standard says the exponent
contains at least two digits, and only as many digits are necessary. So
instead of 1.234000e-001 we should have 1.234000e-01.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Bool symbols implicitly default to 'n'.
A 'default n' can make sense e.g. in a Kconfig.defconfig file, if you
want to override a 'default y' on the base definition of the symbol. It
isn't used like that on any of these symbols though.
Also simplify the default on STDOUT_CONSOLE. Defaults can be arbitrary
expressions, not just fixed values.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
The charmap table used by strncasecmp() not only used precious 256
bytes of ROM, it also had wrong mappings outside the ASCII range
(123..218).
Rewrite strncasecmp() to call tolower() instead; might be a tiny wee
little bit slower than the current version, but it's not used in any
performance-sensitive parts of the code to justify the waste.
This reduces the ROM footprint for the ws_echo_server sample by ~224
bytes.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
lib/libc/minimal/source/CMakeLists.txt and
lib/libc/minimal/source/stdout/CMakeLists.txt was introduced in
12f8f7616 but it is not used by the build system. CMakeLists.txt in
the parent dir lib/libc/minimal/CMakeLists.txt adds C files to the
target with the lines like:
${CMAKE_CURRENT_SOURCE_DIR}/source/stdlib/atoi.c
${CMAKE_CURRENT_SOURCE_DIR}/source/stdlib/strtol.c
To make other empty CMakeLists.txt explicit, this commit adds a
comment line to them.
Signed-off-by: Yasushi SHOJI <y-shoji@ispace-inc.com>
The minimal libc source files have been added to 'app'. The Zephyr
build system should not be adding source files to the 'app' library
unless necessary.
This patch creates a new Zephyr CMake Library in lib/libc/minimal and
adds the sources to it.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
When we introduced NEWLIB_LIBC_ALIGNED_HEAP_SIZE in commit
42a2c96422. We accidently had the Kconfig
symbol depend on CONFIG_MPU_REQUIRES_POWER_OF_TWO_ALIGNMENT the leading
'CONFIG_' shouldn't exist.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
This constant should be defined in limits.h. Define it in limits.h in
the minimal libc, and use the definition found in newlib's includes.
Values in newlib includes range from 1024 to 4096.
The rationale is that all code should use the same value; having
buffers specified with different sizes will lead to interoperability
and out of bounds array writes.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Add IEEE 1003.1 Posix Style file system API support.
These API's will internally use corresponding Zephyr
File System API's.
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
The implementation of fwrite() in the minimal libc does not increment
the source pointer, and thus always print the same character.
Signed-off-by: Florian Vaussard <florian.vaussard@gmail.com>
MPU devices that enforce power-of-two alignment now
specify the size of the buffer used for the newlib heap.
This buffer will be properly aligned and a pointer
exposed in a kernel header, such that it can be added
to a user thread's memory domain configuration if
necessary.
MPU devices that don't have these restrictions allocate
the heap as normal.
In all cases, if an MPU/MMU region needs to be programmed,
the z_newlib_get_heap_bounds() API will return the necessary
information.
Given how precious MPU regions are, no automatic programming
of the MPU is done; applications will need to do this as
needed in their memory domain configurations.
On x86, the x86 MMU-specific code has been moved to arch/x86
using the new z_newlib_get_heap_bounds() API.
Fixes: #6814
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Newlib uses any RAM between _end and the bounds of physical
RAM for the _sbrk() heap. Set up a user-writable region
so that this works properly on x86.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Calling POSIX exit() function in Zephyr w/newlib leads to printing
"exit" to stdout followed by infinite loop. That message was
printed without a newline though, leading to confusing artifacts
in the console output.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
We want to support other toolchain not based on GCC, so the variable is
confusing, use ZEPHYR_TOOLCHAIN_VARIANT instead.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Enable stdio to work by default if Newlib is used as libc - it's
reasonable expectation that if full-fledged libc (like Newlib) is
selected, then printf() works out of the box.
Fixes: #5566
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Add abs function to the minimal libc. This is present in
NEWLIB_LIBC, but adding it here avoid to make a dependency
with NEWLIB_LIBC.
Signed-off-by: Vincent Veron <vincent.veron@st.com>
CROSS_COMPILE is a KBuild feature that was dropped during the CMake
migration. It is now re-introduced. Documentation for it is still
lacking, but at least it now behaves as expected.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
This code is commonly used in the Linux kernel for reporting a
retryable error like a failed CRC. This name and value is already
present in Linux and newlib.
Signed-off-by: Michael Hope <mlhx@google.com>
When building a native application, we use the host provided libc, so do
not build minimal libc or newlib.
Signed-off-by: Alberto Escolar Piedras <alpi@oticon.com>
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Introducing CMake is an important step in a larger effort to make
Zephyr easy to use for application developers working on different
platforms with different development environment needs.
Simplified, this change retains Kconfig as-is, and replaces all
Makefiles with CMakeLists.txt. The DSL-like Make language that KBuild
offers is replaced by a set of CMake extentions. These extentions have
either provided simple one-to-one translations of KBuild features or
introduced new concepts that replace KBuild concepts.
This is a breaking change for existing test infrastructure and build
scripts that are maintained out-of-tree. But for FW itself, no porting
should be necessary.
For users that just want to continue their work with minimal
disruption the following should suffice:
Install CMake 3.8.2+
Port any out-of-tree Makefiles to CMake.
Learn the absolute minimum about the new command line interface:
$ cd samples/hello_world
$ mkdir build && cd build
$ cmake -DBOARD=nrf52_pca10040 ..
$ cd build
$ make
PR: zephyrproject-rtos#4692
docs: http://docs.zephyrproject.org/getting_started/getting_started.html
Signed-off-by: Sebastian Boe <sebastian.boe@nordicsemi.no>
The C11 standard requires this. From 7.2 "Diagnostics <assert.h>"
paragraph 1:
> The header <assert.h> defines the assert and static_assert macros...
paragraph 3:
> The macro
> static_assert
> expands to _Static_assert.
Since static_assert is a keyword in C++11, don't define it if C++.
Signed-off-by: Thiago Macieira <thiago.macieira@intel.com>
The C standard requires assert() to be a void result, so you
could write something like:
return assert(x), x;
From the C11 standard (7.2 Diagnostic <assert.h>):
> If NDEBUG is defined as a macro name at the point in the source file
> where <assert.h> is included, the assert macro is defined simply as
> #define assert(ignore) ((void)0)
Signed-off-by: Thiago Macieira <thiago.macieira@intel.com>
This header is included by some files provided by ESP-IDF. Nothing
from this header file is actually used: it's only being added allow
things to compile with the minimal libc.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Newlib names this function __errno(), so if we want Zephyr to work
with Newlib seamlessly, it's better to just follow Newlib's naming
convention for Zephyr's own minimal libc.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Add __printf_like attribute to printf style functions in minimal libc to
enable the compiler checking this provides. We fixup the associated
issues that are now found by utilizing these checks.
Change-Id: I74ac0d0345782463d9fb454f7161d6b4af211ba5
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
The isalnum() primitive is used by the NATS protocol implementation to
vaildate some of the inputs.
This uses primitives that were already in place.
Change-Id: Ib53eeb7ae002a42f5b6aa8d4fc61baca029a042d
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Dummy time.h to fulfill the compilations requirements of certain
libraries i.e. mbedTLS
Change-Id: I07e66dbf07337b935dabe9eecdf1be3850bbf394
Signed-off-by: Sergio Rodriguez <sergio.sf.rodriguez@intel.com>
This patch adds in the include to get the CONFIG_SRAM definitions on
systems which are using device tree generation.
Change-Id: Ie61efbcdfc900a2c682a2fb8bbaecb61071a20f8
Signed-off-by: Andy Gross <andy.gross@linaro.org>
As it turns out Xtensa SDK headers also define _Restrict, causing
havoc. As this was intended to be a private macro, rename it to something
less likely to cause a collision.
Change-Id: I0a7501a1af8cf87efb096872a91a7b44bd2bbdca
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Each GCC target backend is at liberty to define its own SIZE_TYPE. GCC
uses this for various purposes, not lease it drives the machinery that
spits out format specifier diagnostics when format specifiers are
applied to objects with inappropriate type. GCC exposes the current
definition of SIZE_TYPE via the preprocessor symbol __SIZE_TYPE__.
The GCC build processes also generates various standard library header
files that directyle expose stanard types in a form consistent with
the current configuration of GCC. Conventionally standard library
build processes (for glibc and newlib) pick up the header files
generated by the GCC build.
In the minimal libc we have no such build process, we don't pick up
the header files that the GCC build process generated. Instead we
define our own alternative header files and align them with GCC
manually.
The current definition of ssize_t in minimal libc is out of step with
GCC which means that any use of the %z[du] format modifier will issue
a diagnostic.
We replace the open coded architecture detection in minimal libc and
use GCCs __SIZE_TYPE__ directly.
Change-Id: I63b5e17bee4f4ab83d49e492e58efd3bafe76807
Signed-off-by: Marcus Shawcroft <marcus.shawcroft@arm.com>
tests: fs: Fix printf warning when using newlib
Current code uses %ld format specifier to print data of
type ssize_t. This causes type warnings when built with
newlib. The correct format specifier to be used for
ssize_t is %zd.
Change-Id: I02a3c628e3d6e8a36a09cd694220406d8faf1730
Signed-off-by: Ramesh Thomas <ramesh.thomas@intel.com>
Replace the existing Apache 2.0 boilerplate header with an SPDX tag
throughout the zephyr code tree. This patch was generated via a
script run over the master branch.
Also updated doc/porting/application.rst that had a dependency on
line numbers in a literal include.
Manually updated subsys/logging/sys_log.c that had a malformed
header in the original file. Also cleanup several cases that already
had a SPDX tag and we either got a duplicate or missed updating.
Jira: ZEP-1457
Change-Id: I6131a1d4ee0e58f5b938300c2d2fc77d2e69572c
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
added USED_RAM_SIZE and MAX_HEAP_SIZE definitions for
SOC_RISCV32_QEMU and SOC_RISCV32_PULPINO.
Otherwise, not passing sanitycheck
Change-Id: Ia32b12e1694dc472e9f7f9eb10c5f2e12e928c3a
Signed-off-by: Jean-Paul Etienne <fractalclone@gmail.com>
Moved all libc Kconfigs to where the code is and remove the default
Kconfig for selecting the minimal libc. Minimal libc is now the default
if nothing else is configured in.
Removed the options for extended libc, this obviously was restricting
features in the minimal libc without a good reason, most of the
functions are available directly when using newlib, so there is no
reason why we need to restrict those in minimal libc.
Jira: ZEP-1440
Change-Id: If0a3adf4314e2ebdf0e139dee3eb4f47ce07aa89
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
snprintf() implements the ability to foce a negative value through the
(unsigned) size_t len parameter to allow the formatter to use a
maximum size string.
This is point less, we don't have as much memory and this is a recipe
for all kinds of vulnerabilities.
Kill the whole thing, the testcase it represents and thank Coverity
for finding this thing. Whatever use it had before, it has no more.
Change-Id: If422246548664699d8aa328a1b9304ef13cab7ea
Coverity-ID: 131625
Coverity-ID: 131626
Signed-off-by: Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com>
Coverity reported a block of deadcode in _prf() that seems to be a
leftover carcass from a previous time. Replaced with a comment in case
someone decides it was needed back.
Change-Id: Id97e84f3279f807e6188371f27f6af157e6d5038
Coverity-ID: 131631
Signed-off-by: Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com>
This is a tentative fix for CID 93807, a valid Coverity warning;
however the code is valid too.
We can choose to silence the warning or rewrite the code in a way that
makes it more verbose but keeps Coverity happy.
Coverity complains about doing an implicit fallthrough in switch case
statement. I prefer patching the code to make it explicit, as the
compiler will optimize out, to avoid having to constantly filter out
the checker's warnings.
Coverity-CID: 93807
Change-Id: I7be334d48567bf52fc2b21de043310e0f73b72db
Signed-off-by: Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com>
EWOULDBLOCK is an old error code from BSD. Not much uses it, and on basically
all modern systems it's defined to the same value as EAGAIN, which is the
System V value for the same condition.
Jira: ZEP-982
Change-Id: I5435ce55fa47f5bd2fac5d881b5b195b025f48a2
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
According to commit b71a8a4591 and Jira: ZEP-733
(libc: remove stddef.h which is provided by the compiler),
the stddef.h in zephyr code is removed and it's provided
by the compiler. The original stddef.h includes two head
files, null.h and size_t.h, which are also useless now.
So remove these two deprecated files, in case conflicting
definition.
Change-Id: Ie7163fdbd23c32759425b50f3deff2a57cc051a9
Signed-off-by: Qiu Peiyang <peiyangx.qiu@intel.com>
Remove the function wrappers around the 64 bit math and just use C
syntax natively, combining ops where appropriate (e.g. there was a
sequence implementing "(x<<2+x)<<2" to do "multiply by 10"). The
_ldiv5 and _rlrshift routines are non-standard ops that provide useful
abstraction, so they remain as separate functions.
Change-Id: I4d83847348fdd7be09887b833c8ccbd2aa1e4182
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
The _to_float() implementation had a somewhat kludgey hand-written 64
bit math implementation, which is unhelpful on Zephyr as all our
toolchains provide a working uint64_t runtime. This is at best just
dupicated code from libgcc, and at worst less efficient.
This patch replaces the existing 64 bit minilibrary but keeps the
uint32_t[2] API as is for ease of validation and review.
One exception is _ldiv5, a specialized divide-by-five implementation.
The 64 bit division routines are large on some architectures (ARM and
ARC in particular), not pulled in by a default Zephyr build, and will
swamp the benefit from this patch. So this includes a
refactored/improved _ldiv5 which leverages libgcc for multiword shifts
instead of just using raw division.
Note also the "noinline" attribute on _ladd(). This is a workaround
for an apparent compiler bug when built with -Og or -Os (hand-hacking
the Makefiles to build with -O0 works), perhaps due to my aliasing the
int array with a long long. This will go away in phase 2.
Change-Id: I63e8c82dabe2bfaa75b63ddb59e5f11d51be538e
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
The _to_float routine was apparently written to be able to take a 32
bit float bit representationa as well as a 64 bit double. But in a
printf routine, that can never happen per the C standard (where floats
are always promoted to doubles in varargs context).
This was just hard-configured to 1 at the top of the file, and nothing
else in the project sets "DOUBLE" to try to change it. Just remove
it. If we ever want code to convert a float to a double in memory so
we can use this routine, we have it in libgcc. Or even in hardware on
the FPU where available.
Change-Id: I796814c0fce3ce96faa34fde8da411a28c826699
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Hex, octal and decimal all had separately implemented reduction loops
to generate strings. With only a little work these can all be unified
to a single implementation that works with an arbitrary base.
Performance is probably a little lower owing to the fact that
hex/octal now requires a division per character, and the extra
"reverse the string" trick at the end of the conversion. But code
size savings are substantial.
Change-Id: I11ff376aeca1483f974d328271e19918221b2a41
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
The 'z' length specifier is the appropriate one to be used with size_t
(%zu) and ssize_t (%zd) types. Having support for this in our libc
means that we can utilize the compiler format string checks
(__printf_like) without getting warnings of incorrect format
specifiers for size_t and ssize_t variables.
Change-Id: I73fec0145692e0a59934cab548caf24c1c16a3df
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This implements a subset of the standard inttypes.h, based on what
other functionality exists in minimal libc.
Change-Id: Ib5685a6da13768ee46acbfca734d145f7018b9e0
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
The default offsetof() implementation generates a warning
(variably modified <variable> at file scope) when used in
to define the size of an array. By using this builtin with
GCC we avoid the warning and make sure no variable-size
arrays are used.
Change-Id: Iae215f777241f7daaa061067230086dffaa8311d
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
This is an adaptation of
net/ip/tinydtls/platform-specific/config-zephyr.h to allow external
imports such as KSDK to include assert.h.
Change-Id: I0afee37deb79447363037ba6b4bb9cdbc629be3a
Signed-off-by: Maureen Helm <maureen.helm@nxp.com>
The strstr function finds the first occurrence of a substring
in another string, null terminated strings are not compared, this
function is added for compability for porting other libraries (like
mbedtls)
Jira: ZEP-327
Origin: http://www.leidinger.net/freebsd/dox/libkern/html/d3/d29/
strstr_8c_source.html
Change-Id: I52aac218ce0bd86373ec60f5afc49a92c85f6319
Signed-off-by: Sergio Rodriguez <sergio.sf.rodriguez@intel.com>
We get these out of system.h instead. A clause in libc-hooks.c
for newlib added since we don't get RAM size from
CONFIG_SRAM_BASE_ADDRESS.
Change-Id: Ic35113395b951f625e8e29658afe19c525037964
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Some variants of newlib build and expect namespace protected stubs
(typically having an underscore prefix). To support such newlib variants
change all the stubs to the namespace protect version and use function
aliases to support the nonprotected namespace version.
Change-Id: I6a4162eca949afec96b152ffe6f60b87c4496c4d
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
