The `pthread_once_lock` `k_mutex` is statically initialized and
only visible within file scope. Coverity identified it as unsafe
because the return values of `pthread_mutex_lock()` and
`pthread_mutex_unlock()` were unchecked. However, if those
functions were to fail here, it would be indicative that
something far worse has happened.
In any case, we add assertions that these functions
succeed rather than silently ignoring with `(void)`, which
ensures that we have coverage when assertions are enabled,
in test, while removing unneeded code with assertions disable,
in production.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
A significant enough portion of these files has been
changed to justify adding Meta copyright as well as
that of the original author.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
Previously, the `posix_internal.h` header needed to be exposed
to the application because we had non-trivial details for
most posix types (pthread, mutex, cond, ...). Since most of
those have been simplified to a typedef'ed integer, we
no longer need to expose that header to the applicaiton.
Additionally, it means that we can adopt normalized
header order in posix.
Additionally, keep more implementation details hidden
and prefer the static keyword on internal symbols where
possible.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
To enable testing, introduce `CONFIG_PTHREAD_CREATE_BARRIER`.
Some observations were made that running several Qemu SMP targets
concurrently could lead to synchronization problems. On such
targets, it was found that the synchronization issues were
mitigated by introducing a `pthread_barrier_t` shared between
`pthread_create()` and the spawned thread.
It is suggested to enable the option when running many
SMP tests concurrently in several parallel Qemu processes,
e.g. with `twister`.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
Previously, pthreads suffered from some race conditions.
This was almost inevitable given that it was maintained in
parallel to Zephyr's threading and synchronization API.
The unfortunate side-effect of with that is that it did not
receive the reliability and other improvements that
`k_thread`s did.
Here, we perform a significant update of pthread code so
that it depends directly on public Zephyr API. With that,
we reuse as many concepts as possible and pthreads benefits for
free from any improvement made to Zephyr's threading and
synchronization APIs.
Included with this change, we
* implement state with `ready_q`, `run_q`, and `done_q`
* use `pthread_barrier_wait()` to sync `pthread_create()`
* synchronize internal state with a spinlock
These pthreads are considerably more reliable than
before.
Signed-off-by: Christopher Friedt <cfriedt@meta.com>
The `SCHED_OTHER` scheduling priority is mandatory as part of
POSIX. It must be numerically distinct from `SCHED_FIFO`,
`SCHED_RR`, and `SCHED_SPORADIC`, but is implementation-
defined and may behave identically to `SCHED_FIFO` or
`SCHED_RR`.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
The init infrastructure, found in `init.h`, is currently used by:
- `SYS_INIT`: to call functions before `main`
- `DEVICE_*`: to initialize devices
They are all sorted according to an initialization level + a priority.
`SYS_INIT` calls are really orthogonal to devices, however, the required
function signature requires a `const struct device *dev` as a first
argument. The only reason for that is because the same init machinery is
used by devices, so we have something like:
```c
struct init_entry {
int (*init)(const struct device *dev);
/* only set by DEVICE_*, otherwise NULL */
const struct device *dev;
}
```
As a result, we end up with such weird/ugly pattern:
```c
static int my_init(const struct device *dev)
{
/* always NULL! add ARG_UNUSED to avoid compiler warning */
ARG_UNUSED(dev);
...
}
```
This is really a result of poor internals isolation. This patch proposes
a to make init entries more flexible so that they can accept sytem
initialization calls like this:
```c
static int my_init(void)
{
...
}
```
This is achieved using a union:
```c
union init_function {
/* for SYS_INIT, used when init_entry.dev == NULL */
int (*sys)(void);
/* for DEVICE*, used when init_entry.dev != NULL */
int (*dev)(const struct device *dev);
};
struct init_entry {
/* stores init function (either for SYS_INIT or DEVICE*)
union init_function init_fn;
/* stores device pointer for DEVICE*, NULL for SYS_INIT. Allows
* to know which union entry to call.
*/
const struct device *dev;
}
```
This solution **does not increase ROM usage**, and allows to offer clean
public APIs for both SYS_INIT and DEVICE*. Note that however, init
machinery keeps a coupling with devices.
**NOTE**: This is a breaking change! All `SYS_INIT` functions will need
to be converted to the new signature. See the script offered in the
following commit.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
init: convert SYS_INIT functions to the new signature
Conversion scripted using scripts/utils/migrate_sys_init.py.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
manifest: update projects for SYS_INIT changes
Update modules with updated SYS_INIT calls:
- hal_ti
- lvgl
- sof
- TraceRecorderSource
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
tests: devicetree: devices: adjust test
Adjust test according to the recently introduced SYS_INIT
infrastructure.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
tests: kernel: threads: adjust SYS_INIT call
Adjust to the new signature: int (*init_fn)(void);
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
The remaining types that needed to be harmonized between
Newlib and Zephyr's POSIX definitions are:
* `struct sched_param`
- don't re-define if using minimal libc
* `pthread_attr_t`
- convert to `struct pthread_attr`
- define type if using minimal libc
- assert acceptible object size
* `pthread_mutexattr_t`
- convert to `struct pthread_mutexattr`
- define type if using minimal libc
- assert acceptible object size
* `pthred_condattr_t`
- convert to `struct pthread_condattr`
- define type if using minimal libc
- assert acceptible object size
* `pthread_once_t`
- adopt newlib definition
- define type if using minimal libc
Signed-off-by: Chris Friedt <cfriedt@meta.com>
Define `PTHREAD_CREATE_DETACHED` and
`PTHREAD_CREATE_JOINABLE` to be compatible with the Newlib
definitions.
This is a temporary workaround for #51211 until Newlib
headers are pulled in.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
Previously, `pthread_cond_init()` could not actually fail, and
destroying condition variables was a no-op, and it was missing
in `pthread_exit()`.
However, with the change of `pthread_cond_t` to `uint32_t`, and
since those are embedded inside of `struct posix_thread` for the
time being, the pthread code needs to keep track that it is
relinquishes used condition variables when a thread completes.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
Previously, `pthread_mutex_init()` could not actually fail, and
destroying mutexes was a no-op, so it was missing in a couple of
places.
However, with the change of `pthread_mutex_t` to `uint32_t`, and
since those are embedded inside of `struct posix_thread` for the
time being, the pthread code needs to keep track that it is
relinquishes used mutex resources when a thread completes.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
The `pthread_create()` function is not a cancellation point and
iterating over / mutating `posix_thread_pool` is not a blocking
operation, so use a spinlock for the internal `pthread_pool_lock`.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
In the interest of reducing any layering concerns,
avoid using POSIX locking primitives where necessary.
Note: it is not safe to use a spinlock here, as the
callback function to `pthread_once()` may itself be
a cancellation point.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
Several other widely-used pthread implementations
abstract `pthread_t` as `uint32_t`. The benefit
there is that we avoid passing around a pointer to
an internal structure (implementation detail).
Additionally, this removes the alias from `k_tid_t`
to `pthread_t` inside of `struct pthread_mutex`.
Signed-off-by: Chris Friedt <cfriedt@meta.com>
If a thread is joined using `pthread_join()`, then the
internal state would be set to `PTHREAD_EXITED`.
Previously, `pthread_create()` would only consider pthreads
with internal state `PTHREAD_TERMINATED` as candidates for new
threads. However, that causes a descriptor leak.
We should be able to reuse a single thread an infinite number
of times.
Here, we also consider threads with internal state
`PTHREAD_EXITED` as candiates in `pthread_create()`.
Fixes#47609
Signed-off-by: Christopher Friedt <cfriedt@fb.com>
In order to bring consistency in-tree, migrate all lib code to the new
prefix <zephyr/...>. Note that the conversion has been scripted, refer
to zephyrproject-rtos#45388 for more details.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
As described in
https://pubs.opengroup.org/onlinepubs/7908799/xsh/pthread_once.html.
The behavior of pthread_once() is undefined if once_control has
automatic storage duration or is not initialized by PTHREAD_ONCE_INIT
However, in Zephyr, the implementation is incorrect. If the init value
is PTHREAD_ONCE_INIT, the program will never run the init_func.
Signed-off-by: Jaxson Han <jaxson.han@arm.com>
In a primitive SYS_SLIST_FOR_EACH_NODE check for null was
after dereferencing. Place check for null of the "thread_spec_data"
before its dereferencing.
Found as a coding guideline violation (MISRA R4.1) by static
coding scanning tool.
Signed-off-by: Maksim Masalski <maksim.masalski@intel.com>
Mostly trivial search-and-replace, except for pthread_rwlock.c, where
we need spread timeout over 2 semaphore operations.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Adding the ability to set and get pthread names by defining
some non-standard extension functions that were first
introduced by Glibc.
Similar to zephyr thread naming, these allow for thread
tracking and debugging even when using the more portable
posix API.
Though Glibc was the originator, the current POSIX functions
have return codes based on Oracle's adopted spec, so these
functions follow suit. The Oracle and Glibc function
prototypes match.
Signed-off-by: Nicholas Lowell <nlowell@lexmark.com>
pthread_mutex_init() just redirects to Zephyr kernel primitive, for
initializing structure fields. So, use the knowledge that it can't
fail (for as long as structure pointer is initialized, and here it's
from pre-allocated array), and ignore return value of
pthread_mutex_init()
Coverity-CID: 203542
Fixes: #18371
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
move misc/slist.h to sys/slist.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
move atomic.h to sys/atomic.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Current code implement CONFIG_MAX_PTHREAD_COUNT as the maximum number
of POSIX threads that can ever be created, rather than the maximum
number of active POSIX threads. Use pthread_state of struct posix_thread
to track the state of posix thread in posix_thread_pool so that we can
reuse the unused posix thread.
Fixes#15516.
Signed-off-by: Wentong Wu <wentong.wu@intel.com>
According with MISRA-C the value returned by a non-void function has
to be used. As memcpy return is almost useless, we are explicitly
ignoring it.
MISRA-C rule 17.7
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Calling pthread_join() with current thread would lead
to deadlock. Adding check for it and to return
appropriate error code.
Signed-off-by: Spoorthi K <spoorthi.k@intel.com>
ENOTSUP is not being used correctly in
pthread_attr_setschedparam(), hence
replaced its check for EINVAL instead.
Signed-off-by: Niranjhana N <niranjhana.n@intel.com>
Added EAGAIN error code in pthread_create()
with fixing the EINVAL return as it is
limited to attribute checking.
Signed-off-by: Niranjhana N <niranjhana.n@intel.com>
Added return of ESRCH error code in
pthread_getschedparam() when the
specified thread could not be found.
Signed-off-by: Niranjhana N <niranjhana.n@intel.com>
The memory occupied by posix_thread objects are not significant.
Hence, no point in using dynamic allocation.
Addresses #8717.
Signed-off-by: Rajavardhan Gundi <rajavardhan.gundi@intel.com>
Added 4 new pthread_key APIs for thread-specific data
key creation, deletion, setting and getting the values.
Added a key list to the posix_struct for threads.
Added pthread_once API.
Signed-off-by: Niranjhana N <niranjhana.n@intel.com>
pthread_attr_init() should not return EBUSY as per POSIX spec
so fixed this by return ENOMEM if the attr pointer is NULL.
Also fixed the attribute initialization logic by copying the
init_pthread_attrs to the attr.
Fixes Issue #7480
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
Move posix layer from 'kernel' to 'lib' folder as it is not
a core kernel feature.
Fixed posix header file dependencies as part of the move and
also removed NEWLIBC related macros from posix headers.
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
