Currently there is no way to distinguish between a caller
explicitly asking for a semaphore with a limit that
happens to be `UINT_MAX` and a semaphore that just
has a limit "as large as possible".
Add `K_SEM_MAX_LIMIT`, currently defined to `UINT_MAX`, and akin
to `K_FOREVER` versus just passing some very large wait time.
In addition, the `k_sem_*` APIs were type-confused, where
the internal data structure was `uint32_t`, but the APIs took
and returned `unsigned int`. This changes the underlying data
structure to also use `unsigned int`, as changing the APIs
would be a (potentially) breaking change.
These changes are backwards-compatible, but it is strongly suggested
to take a quick scan for `k_sem_init` and `K_SEM_DEFINE` calls with
`UINT_MAX` (or `UINT32_MAX`) and replace them with `K_SEM_MAX_LIMIT`
where appropriate.
Signed-off-by: James Harris <james.harris@intel.com>
In the arch/arm test suite there are tests running with
CONFIG_NO_OPTIMIZATIONS enabled, and may require a
larger idle thread stack size.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Temporarily save and restore all callee-saved registers
in the sub-routine, not only the frame pointer, to avoid
errors if compiler chooses to use them in the alternative
thread function. The callee-saved regs are restored after
the alternative thread switches back in.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Add a test case for the null pointer dereferencing detection
feature in Cortex-M. The test case is added in arm_interrupt
test suite and the README file is updated accordingly.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
arm_psci test suite is specific to ARM64, while
all other test suites in tests/arch/arm directory
are supported in Cortex-M architecture only. We
move arm_psci to arm64 directory, effectively,
separating tests suites for AARCH32 and AARCH64.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Clear Floating Point Status and Control Register (FPSCR),
to prevent from having the interrupt line set to pending again,
in case FPU IRQ is selected by the test as "Available IRQ line"
Fixes#31982
Signed-off-by: Alexandre Bourdiol <alexandre.bourdiol@st.com>
Enable interrupts before switching to main()
in cortex-m builds with single-thread mode
(CONFIG_MULTITHREADING=n).
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
According to comment memset() should be used instead of memcpy().
There is no need to access to address 0x0.
Fixes#28691
Signed-off-by: Alexandre Bourdiol <alexandre.bourdiol@st.com>
Some test suites depend on determining at run-time
an available IRQ line which can then be used to execute
the test suite. This logic cannot used if the available
IRQ line is not targeting the current security state.
Therefore, filter out the _ns Cortex-m boards from
running these tests suites (i.e. when building with
CONFIG_TRUSTED_EXECUTION_NONSECURE=y) since we can not
contol the target state of the NVIC interrupt lines.
These tests suites test generic ARM features, that do
not depend on TrustZone-M configuration, so it is OK
that they are only executed on ARM platforms without
the NONSECURE configration set.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This commit reworks the .yaml files in Cortex-M
test suites, by grouping the common configuration
under the common: section. This considerably cleans
up the test suite configuration.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Read a volatile status into a local variable to
discard a side effect in assertion. This fixes
an issue reported by Coverity: CID: 214210.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
To improve Zephyr security, I decided to create a test
test_after_syscall_cpu_scrubs_regs
I think necessary to check upon exit of a system call back
to the calling thread, the kernel scrubs CPU registers for sensitive
data.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
Provide a TZ_SAFE_ENTRY_FUNC() macro for wrapping non-secure entry
functions in calls to k_sched_lock()/k_sched_unlock()
Provide a __TZ_WRAP_FUNC() macro which helps in creating a function
that "wraps" another in a preface and postface function call.
int foo(char *arg); // Implemented somewhere else.
int __attribute__((naked)) foo_wrapped(char *arg)
{
WRAP_FUNC(bar, foo, baz);
}
is equivalent to
int foo(char *arg); // Implemented somewhere else.
int foo_wrapped(char *arg)
{
bar();
int res = foo(arg);
baz();
return res;
}
This commit also adds tests for __TZ_WRAP_FUNC().
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
It should be nrfx_power_clock_irq_handler, not nrfx_clock_irq_handler.
The latter is only present as a function if both nrfx CLOCK and POWER
drivers are used and it is then called from the actual IRQ handler,
which is always named nrfx_power_clock_irq_handler (also when only
the nrfx CLOCK driver is used as in case of this test).
Signed-off-by: Andrzej Głąbek <andrzej.glabek@nordicsemi.no>
Remove special handling of the ARM Cortex-M1 DesignStart FPGA reference
design running on the Digilent Arty after CONFIG_NUM_IRQS was reduced
from 8 to 7.
Signed-off-by: Henrik Brix Andersen <henrik@brixandersen.dk>
Extend check to determine a usable ARM NVIC IRQ line to verify that the
IRQ line is not always pending.
Signed-off-by: Henrik Brix Andersen <henrik@brixandersen.dk>
We add a simple test-case for verifying the behavior of the
Cortex-M IRQ target state management. We add an additional
test only for TrustZone-enabled Cortex-M targets running
in Secure mode. We explicitly exclude ARMv8-M platforms that
enable Non-Secure FW build by default from running the test.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Update the driver implementation to use nrfx_clock and nrfx_power
drivers. Update also revisions of the hal_nordic and nrf_hw_models
modules, so that it is actually possible to use those drivers.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Signed-off-by: Andrzej Głąbek <andrzej.glabek@nordicsemi.no>
To debug hard-to-reproduce faults/panics, it's helpful to get the full
register state at the time a fault occurred. This enables recovering
full backtraces and the state of local variables at the time of a
crash.
This PR introduces a new Kconfig option, CONFIG_EXTRA_EXCEPTION_INFO,
to facilitate this use case. The option enables the capturing of the
callee-saved register state (r4-r11 & exc_return) during a fault. The
info is forwarded to `k_sys_fatal_error_handler` in the z_arch_esf_t
parameter. From there, the data can be saved for post-mortem analysis.
To test the functionality a new unit test was added to
tests/arch/arm_interrupt which verifies the register contents passed
in the argument match the state leading up to a crash.
Signed-off-by: Chris Coleman <chris@memfault.com>
Add support for the Cortex-M1 ARM DesignStart FPGA reference design
running on the Digilent Arty development board.
This board uses IRQ 7 (the last IRQ) as a level-detect non-interrupt
signal to determine whether the V2C-DAPLINK shield is installed. This
IRQ line is always pending when the shield is not installed. Use IRQ 6
instead.
Signed-off-by: Henrik Brix Andersen <henrik@brixandersen.dk>
The Data Tightly Coupled Memory (DTCM) of the Cortex-M1 present in the
Cortex-M1 ARM DesignStart FPGA implementation is No-Execute (NX), so
__ramfunc linked in the DTCM will cause a hard fault when executed.
Use the Xilinx Block RAM (bram0) present in the reference design for
demonstrating __ramfunc instead.
Signed-off-by: Henrik Brix Andersen <henrik@brixandersen.dk>
Extend check to determine a usable ARM NVIC IRQ line to verify that the
IRQ line is not always pending.
Signed-off-by: Henrik Brix Andersen <henrik@brixandersen.dk>
Extend check to determine a usable ARM NVIC IRQ line to verify that the
IRQ line is not always pending.
Signed-off-by: Henrik Brix Andersen <henrik@brixandersen.dk>
Add a test that verifies basic ARCH-level functionality
when building Zephyr without support for multithreading.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Add a test suite to validate the Software Vector Relaying
feature for Cortex-M architecture.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This commit fixes Cortex-M header inclusions from the deprecated paths.
The Cortex-M headers were relocated from `include/arch/arm/cortex_m` to
`include/arch/arm/aarch32/cortex_m` by the refactoring done in the
commit d048faacf2.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
... because it is (required).
This makes a difference when building with CMake and forgetting
ZEPHYR_BASE or not registering Zephyr in the CMake package registry.
In this particular case, REQUIRED turns this harmless looking log
statement:
-- Could NOT find Zephyr (missing: Zephyr_DIR)
-- The C compiler identification is GNU 9.3.0
-- The CXX compiler identification is GNU 9.3.0
-- Check for working C compiler: /usr/bin/cc
-- ...
-- ...
-- ...
-- Detecting CXX compile features
-- Detecting CXX compile features - done
CMake Error at CMakeLists.txt:8 (target_sources):
Cannot specify sources for target "app" which is not built by
this project.
... into this louder, clearer, faster and (last but not least) final
error:
CMake Error at CMakeLists.txt:5 (find_package):
Could not find a package configuration file provided by "Zephyr" with
any of the following names:
ZephyrConfig.cmake
zephyr-config.cmake
Add the installation prefix of "Zephyr" to CMAKE_PREFIX_PATH or set
"Zephyr_DIR" to a directory containing one of the above files. If
"Zephyr" provides a separate development package or SDK, be sure it
has been installed.
-- Configuring incomplete, errors occurred!
Signed-off-by: Marc Herbert <marc.herbert@intel.com>
Enhance the sample console output of the arm_interrupt
test, to reflect recent changes in test context as well
as kernel fault handling log output format.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
We add a test case to verify that the Cortex-M fault
handling is able to catch stacking errors explicitly
due to exception entry frame stacking (that is, when
the Cortex-M MCU does not report Data Access Violation
MemManage fault with a valid MMFAR value, but only a
Stacking MemManage fault). We update the README file
accordingly.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This commit renames the `arch.arm.swap.common.fp_sharing` tests to
`arch.arm.swap.common.fpu_sharing`, in order to align with the recent
`CONFIG_FP_SHARING` to `CONFIG_FPU_SHARING` renaming.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
This commit renames the Kconfig `FP_SHARING` symbol to `FPU_SHARING`,
since this symbol specifically refers to the hardware FPU sharing
support by means of FPU context preservation, and the "FP" prefix is
not fully descriptive of that; leaving room for ambiguity.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
This commit renames the Kconfig `FLOAT` symbol to `FPU`, since this
symbol only indicates that the hardware Floating Point Unit (FPU) is
used and does not imply and/or indicate the general availability of
toolchain-level floating point support (i.e. this symbol is not
selected when building for an FPU-less platform that supports floating
point operations through the toolchain-provided software floating point
library).
Moreover, given that the symbol that indicates the availability of FPU
is named `CPU_HAS_FPU`, it only makes sense to use "FPU" in the name of
the symbol that enables the FPU.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
We add a simple test case to verify the behavior
of z_arm_exc_spurious handler. We use the SysTick
interrupt for that so the test is enabled for
platforms that have but do not use the SysTick.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This commit adds a filter to restrict the `arch/arm/arm_runtime_nmi`
test to the ARM Cortex-M platforms only, since this test currently
does not support the Cortex-A and Cortex-R platforms.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
Replace all occurences of BUILD_ASSERT_MSG() with BUILD_ASSERT()
as a result of merging BUILD_ASSERT() and BUILD_ASSERT_MSG().
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
Using find_package to locate Zephyr.
Old behavior was to use $ENV{ZEPHYR_BASE} for inclusion of boiler plate
code.
Whenever an automatic run of CMake happend by the build system / IDE
then it was required that ZEPHYR_BASE was defined.
Using ZEPHYR_BASE only to locate the Zephyr package allows CMake to
cache the base variable and thus allowing subsequent invocation even
if ZEPHYR_BASE is not set in the environment.
It also removes the risk of strange build results if a user switchs
between different Zephyr based project folders and forgetting to reset
ZEPHYR_BASE before running ninja / make.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
Remove a side effect in an assertion check of the
expected reason after spurious interrupt handling.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This reverts commit 8739517107.
Pull Request #23437 was merged by mistake with an invalid manifest.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Replace all occurences of BUILD_ASSERT_MSG() with BUILD_ASSERT()
as a result of merging BUILD_ASSERT() and BUILD_ASSERT_MSG().
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
The set of interrupt stacks is now expressed as an array. We
also define the idle threads and their associated stacks this
way. This allows for iteration in cases where we have multiple
CPUs.
There is now a centralized declaration in kernel_internal.h.
On uniprocessor systems, z_interrupt_stacks has one element
and can be used in the same way as _interrupt_stack.
The IRQ stack for CPU 0 is now set in init.c instead of in
arch code.
The extern definition of the main thread stack is now removed,
this doesn't need to be in a header.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
