Currently a test is failing.
```
twister -i -p qemu_cortex_a9 \
-s tests/kernel/fatal/exception/kernel.common.stack_sentinel
```
Disable those temporarily until a fix is in place.
Signed-off-by: Christopher Friedt <chrisfriedt@gmail.com>
Add consideration of aarch32 Cortex-A CPUs to a test case in which
architecture-specific assembly instructions are used in order to
explicitly trigger an exception. This test case already considers
aarch32 Cortex-R CPUs, the same instruction will be used by
Cortex-A CPUs.
Signed-off-by: Immo Birnbaum <Immo.Birnbaum@Weidmueller.com>
For hardware stack overflow test, pin the whole stack if
demand paging is enabled and generic sections are not all present
at boot. The whole stack may not be in memory at the time of
test, which would result in double fault (exception being
handled + page fault). So make sure the stack is in physical
memory and mapped before doing any tests.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Move to CMake 3.20.0.
At the Toolchain WG it was decided to move to CMake 3.20.0.
The main reason for increasing CMake version is better toolchain
support.
Better toolchain support is added in the following CMake versions:
- armclang, CMake 3.15
- Intel oneAPI, CMake 3.20
- IAR, CMake 3.15 and 3.20
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
Introduce the fpu tag to tests that explicitly enable
the FPU and FPU_SHARING Kconfig options. The tag could
be used to run all FPU-related tests in the tree.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This test takes an interrupt lock and tries to call z_swap_unlocked()
while holding it. That's not legal (in the general case it means
you're breaking a caller's lock!), though in this particular case it
was safe because we'll never return to this.
Regardless, there is a natural z_swap_irqlock() that releases the lock
atomically. Use that.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Added test which verifies that when multithreading is disabled
exception as correctly handled by the kernel.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Improve the test case of CPU exception.
Add equivalence classes and input partition testing
when give an integer reason code.
Signed-off-by: Ying ming <mingx.ying@intel.com>
This platform has a tiny handful of remaining tests that fail. We
will track them as issues, but let's exclude them from integration
testing to allow full runs to complete. Often a hung device in one
test will break an entire twister run.
Tests with known (and tracked) failures:
samples/application_development/external_lib
samples/posix/eventfd
samples/userspace/hello_world_user
tests/kernel/fatal/message_capture
tests/net/socket/socketpair
tests/portability/cmsis_rtos_v2
These tests never fail in isolated testing, but are reliable timeouts
when run in sequence in a big twister run. It's possible that the bug
here may be in twister or the flash/serial scripts:
tests/crypto/tinycrypt
tests/subsys/logging/log_immediate
tests/subsys/logging/log_output
See: #32836
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Enable CONFIG_TEST in the message_capture test suite.
This allows certain Kconfig configurations, depending
on TEST, to be enabled.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Clean up logging menuconfig by grouping configuration into
sections like: mode, processing configuration, backends.
Additionlly, removed LOG_ENABLE_FANCY_OUTPUT_FORMATTING which is no
longer in use.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
The "sentinel" variant of this test runs the same code, but enables
the stack sentinel feature. Inexplicably, it's also disabling
TICKLESS_KERNEL, forcing a timer interrupt at every tick boundary.
That doesn't seem to be required for any test functionality I can see.
And worse, by changing that setting without adjusting the tick rate,
it runs afoul of more modern platforms which were designed with
tickless operation in mind. Specifically, the intel_adsp platforms
have a default tick rate of 50 kHz, which is just too fast for
reasonable operation. It leaves almost no time available for
application code and something falls behind and fails.
Just remove it.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Use of a printk that supports floating point changes the stack
requirements causing kernel.common.stack_protection_arm_fpu_sharing to
fail. The test doesn't need this capability so revert to nano
formatting.
Signed-off-by: Peter Bigot <peter.bigot@nordicsemi.no>
The memset in the 'blow_up_stack' function can be optimized
away as it is called in the end of the function on the buffer
allocated on the stack (so it has 'no' effect on program
execution)
The 'stack_smasher' call can be optimized away as it's results
isn't used anywhere and stack_smasher function has no visible
side effects.
Fix that by disabling optimization on these functions.
Signed-off-by: Eugeniy Paltsev <Eugeniy.Paltsev@synopsys.com>
Some ARM platforms, now, enable HW Stack Protection by
default in the Board definition. So if some tests
need to run without stack protection, it is not
sufficient to disable TEST_HW_STACK_PROTECTION;
we need to explicitly disable HW_STACK_PROTECTION.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
- They all had the wrong prototype and hard-casts can sometimes
lead to problems
- Several renamed to something more descriptive
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Add regex in testcase.yaml to verify the kernel will dump
thread id information and error type when exception occurs.
Signed-off-by: Ying ming <mingx.ying@intel.com>
Modify the location of the test case file because new
test cases need to be submitted. If the old test
cases are not in a folder, CI will fail and
prompts "the command exited with status 1".
Signed-off-by: Ying ming <mingx.ying@intel.com>
HW Stack protection is required to successfully run the
stack overflow-related tests, so guard all these tests
inside #ifdef CONFIG_HW_STACK_PROTECTION. Otherwise this
test-suite fails for platforms that implement USERSPACE
but do not have HW_STACK_PROTECTION capability.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
... because it is (required).
This makes a difference when building with CMake and forgetting
ZEPHYR_BASE or not registering Zephyr in the CMake package registry.
In this particular case, REQUIRED turns this harmless looking log
statement:
-- Could NOT find Zephyr (missing: Zephyr_DIR)
-- The C compiler identification is GNU 9.3.0
-- The CXX compiler identification is GNU 9.3.0
-- Check for working C compiler: /usr/bin/cc
-- ...
-- ...
-- ...
-- Detecting CXX compile features
-- Detecting CXX compile features - done
CMake Error at CMakeLists.txt:8 (target_sources):
Cannot specify sources for target "app" which is not built by
this project.
... into this louder, clearer, faster and (last but not least) final
error:
CMake Error at CMakeLists.txt:5 (find_package):
Could not find a package configuration file provided by "Zephyr" with
any of the following names:
ZephyrConfig.cmake
zephyr-config.cmake
Add the installation prefix of "Zephyr" to CMAKE_PREFIX_PATH or set
"Zephyr_DIR" to a directory containing one of the above files. If
"Zephyr" provides a separate development package or SDK, be sure it
has been installed.
-- Configuring incomplete, errors occurred!
Signed-off-by: Marc Herbert <marc.herbert@intel.com>
This commit renames the `kernel.common.stack_protection_arm_fp_sharing`
test to `kernel.common.stack_protection_arm_fpu_sharing`, in order to
align with the recent `CONFIG_FP_SHARING` to `CONFIG_FPU_SHARING`
renaming.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
This commit renames the Kconfig `FP_SHARING` symbol to `FPU_SHARING`,
since this symbol specifically refers to the hardware FPU sharing
support by means of FPU context preservation, and the "FP" prefix is
not fully descriptive of that; leaving room for ambiguity.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
This commit renames the Kconfig `FLOAT` symbol to `FPU`, since this
symbol only indicates that the hardware Floating Point Unit (FPU) is
used and does not imply and/or indicate the general availability of
toolchain-level floating point support (i.e. this symbol is not
selected when building for an FPU-less platform that supports floating
point operations through the toolchain-provided software floating point
library).
Moreover, given that the symbol that indicates the availability of FPU
is named `CPU_HAS_FPU`, it only makes sense to use "FPU" in the name of
the symbol that enables the FPU.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
Using find_package to locate Zephyr.
Old behavior was to use $ENV{ZEPHYR_BASE} for inclusion of boiler plate
code.
Whenever an automatic run of CMake happend by the build system / IDE
then it was required that ZEPHYR_BASE was defined.
Using ZEPHYR_BASE only to locate the Zephyr package allows CMake to
cache the base variable and thus allowing subsequent invocation even
if ZEPHYR_BASE is not set in the environment.
It also removes the risk of strange build results if a user switchs
between different Zephyr based project folders and forgetting to reset
ZEPHYR_BASE before running ninja / make.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
Initialization of local variable 'illegal' can't be optimized, or the
program will jump to the memory contains random value which causes the
unexpected behavior. Add volatile to local variable 'illegal' to prevent
compiler optimization.
Signed-off-by: Jim Shu <cwshu@andestech.com>
This commit refactors kernel and arch headers to establish a boundary
between private and public interface headers.
The refactoring strategy used in this commit is detailed in the issue
This commit introduces the following major changes:
1. Establish a clear boundary between private and public headers by
removing "kernel/include" and "arch/*/include" from the global
include paths. Ideally, only kernel/ and arch/*/ source files should
reference the headers in these directories. If these headers must be
used by a component, these include paths shall be manually added to
the CMakeLists.txt file of the component. This is intended to
discourage applications from including private kernel and arch
headers either knowingly and unknowingly.
- kernel/include/ (PRIVATE)
This directory contains the private headers that provide private
kernel definitions which should not be visible outside the kernel
and arch source code. All public kernel definitions must be added
to an appropriate header located under include/.
- arch/*/include/ (PRIVATE)
This directory contains the private headers that provide private
architecture-specific definitions which should not be visible
outside the arch and kernel source code. All public architecture-
specific definitions must be added to an appropriate header located
under include/arch/*/.
- include/ AND include/sys/ (PUBLIC)
This directory contains the public headers that provide public
kernel definitions which can be referenced by both kernel and
application code.
- include/arch/*/ (PUBLIC)
This directory contains the public headers that provide public
architecture-specific definitions which can be referenced by both
kernel and application code.
2. Split arch_interface.h into "kernel-to-arch interface" and "public
arch interface" divisions.
- kernel/include/kernel_arch_interface.h
* provides private "kernel-to-arch interface" definition.
* includes arch/*/include/kernel_arch_func.h to ensure that the
interface function implementations are always available.
* includes sys/arch_interface.h so that public arch interface
definitions are automatically included when including this file.
- arch/*/include/kernel_arch_func.h
* provides architecture-specific "kernel-to-arch interface"
implementation.
* only the functions that will be used in kernel and arch source
files are defined here.
- include/sys/arch_interface.h
* provides "public arch interface" definition.
* includes include/arch/arch_inlines.h to ensure that the
architecture-specific public inline interface function
implementations are always available.
- include/arch/arch_inlines.h
* includes architecture-specific arch_inlines.h in
include/arch/*/arch_inline.h.
- include/arch/*/arch_inline.h
* provides architecture-specific "public arch interface" inline
function implementation.
* supersedes include/sys/arch_inline.h.
3. Refactor kernel and the existing architecture implementations.
- Remove circular dependency of kernel and arch headers. The
following general rules should be observed:
* Never include any private headers from public headers
* Never include kernel_internal.h in kernel_arch_data.h
* Always include kernel_arch_data.h from kernel_arch_func.h
* Never include kernel.h from kernel_struct.h either directly or
indirectly. Only add the kernel structures that must be referenced
from public arch headers in this file.
- Relocate syscall_handler.h to include/ so it can be used in the
public code. This is necessary because many user-mode public codes
reference the functions defined in this header.
- Relocate kernel_arch_thread.h to include/arch/*/thread.h. This is
necessary to provide architecture-specific thread definition for
'struct k_thread' in kernel.h.
- Remove any private header dependencies from public headers using
the following methods:
* If dependency is not required, simply omit
* If dependency is required,
- Relocate a portion of the required dependencies from the
private header to an appropriate public header OR
- Relocate the required private header to make it public.
This commit supersedes #20047, addresses #19666, and fixes#3056.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
There are two set of code supporting x86_64: x86_64 using x32 ABI,
and x86 long mode, and this consolidates both into one x86_64
architecture and SoC supporting truly 64-bit mode.
() Removes the x86_64:x32 architecture and SoC, and replaces
them with the existing x86 long mode arch and SoC.
() Replace qemu_x86_64 with qemu_x86_long as qemu_x86_64.
() Updates samples and tests to remove reference to
qemu_x86_long.
() Renames CONFIG_X86_LONGMODE to CONFIG_X86_64.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
We add a test-case in kernel/fatal test suite, to test that
the application developer can induce a SW-generated exception
with any 'reason' value.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Use the int_literal_to_timeout Coccinelle script to convert literal
integer arguments for kernel API timeout parameters to the standard
timeout value representations.
Signed-off-by: Peter Bigot <peter.bigot@nordicsemi.no>
Disabling SMP mode for certain tests was a one-release thing, done to
avoid having to triage every test independently (MANY are not
SMP-safe), and with the knowledge that it was probably hiding bugs in
the kernel.
Turn it on pervasively. Tests are treated with a combination of
flagging specific cases as "1cpu" where we have short-running tests
that can be independently run in an otherwise SMP environment, and via
setting CONFIG_MP_NUM_CPUS=1 where that's not possible (which still
runs the full SMP kernel config, but with only one CPU available).
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
In stack_sentinel_timer(), the timer should not be allocated on the
stack. If it gets added to the list of timeouts by k_timer_start,
then an unexpected exception may occur when the timer expires since it
may have been overwritten.
Signed-off-by: Vincent Wan <vincent.wan@linaro.org>
System call arguments, at the arch layer, are single words. So
passing wider values requires splitting them into two registers at
call time. This gets even more complicated for values (e.g
k_timeout_t) that may have different sizes depending on configuration.
This patch adds a feature to gen_syscalls.py to detect functions with
wide arguments and automatically generates code to split/unsplit them.
Unfortunately the current scheme of Z_SYSCALL_DECLARE_* macros won't
work with functions like this, because for N arguments (our current
maximum N is 10) there are 2^N possible configurations of argument
widths. So this generates the complete functions for each handler and
wrapper, effectively doing in python what was originally done in the
preprocessor.
Another complexity is that traditional the z_hdlr_*() function for a
system call has taken the raw list of word arguments, which does not
work when some of those arguments must be 64 bit types. So instead of
using a single Z_SYSCALL_HANDLER macro, this splits the job of
z_hdlr_*() into two steps: An automatically-generated unmarshalling
function, z_mrsh_*(), which then calls a user-supplied verification
function z_vrfy_*(). The verification function is typesafe, and is a
simple C function with exactly the same argument and return signature
as the syscall impl function. It is also not responsible for
validating the pointers to the extra parameter array or a wide return
value, that code gets automatically generated.
This commit includes new vrfy/msrh handling for all syscalls invoked
during CI runs. Future commits will port the less testable code.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Several user mode tests cannot run on twr_ke18f because
either the platform does not have a sufficient number of
MPU regions required for the tests, or, the tests also
require HW stack protection (which has been, by default,
excluded in user mode tests for twr_ke18f board). We
excluded the board from all those tests.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
With the upcoming riscv64 support, it is best to use "riscv" as the
subdirectory name and common symbols as riscv32 and riscv64 support
code is almost identical. Then later decide whether 32-bit or 64-bit
compilation is wanted.
Redirects for the web documentation are also included.
Then zephyrbot complained about this:
"
New files added that are not covered in CODEOWNERS:
dts/riscv/microsemi-miv.dtsi
dts/riscv/riscv32-fe310.dtsi
Please add one or more entries in the CODEOWNERS file to cover
those files
"
So I assigned them to those who created them. Feel free to readjust
as necessary.
Signed-off-by: Nicolas Pitre <npitre@baylibre.com>
This is now called z_arch_esf_t, conforming to our naming
convention.
This needs to remain a typedef due to how our offset generation
header mechanism works.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
* z_NanoFatalErrorHandler() is now moved to common kernel code
and renamed z_fatal_error(). Arches dump arch-specific info
before calling.
* z_SysFatalErrorHandler() is now moved to common kernel code
and renamed k_sys_fatal_error_handler(). It is now much simpler;
the default policy is simply to lock interrupts and halt the system.
If an implementation of this function returns, then the currently
running thread is aborted.
* New arch-specific APIs introduced:
- z_arch_system_halt() simply powers off or halts the system.
* We now have a standard set of fatal exception reason codes,
namespaced under K_ERR_*
* CONFIG_SIMPLE_FATAL_ERROR_HANDLER deleted
* LOG_PANIC() calls moved to k_sys_fatal_error_handler()
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
HW stack protection in ARMv8-M is implemented by default
with the built-in stack guard mechanism. Therefore, by
default all tests for ARMv8-M will use the built-in stack
overflow mechanism (CONFIG_BUILTIN_STACK_GUARD is set in
tests). However, we would like have some coverage on the
MPU stack guard mechanism for ARMv8-M. The added test case
manually disables BUILTIN_STACK_GUARD and enables the
MPU_STACK_GUARD option, to provide that test coverage.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
CONFIG_TEST_HW_STACK_PROTECTION is set by default in tests,
and that one selects HW_STACK_PROTECTION option. Therefore,
we do not need to set that one explicitly in the test project
configuration files. We clean up some redundant occurrences of
CONFIG_HW_STACK_PROTECTION=y from the tree.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Test the HW stack protection feature for threads that are
pre-tagged as FPU users, when building with support for FP
shared registers mode (CONFIG_FP_SHARING=y).
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
For the ARM architecture we would like to test the HW
Stack Protection feature when building with support for
FP shared registers mode (CONFIG_FP_SHARING=y), as a
means of increasing coverage.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
We would like to test the HW stack protection feature in ARM
builds with no user-mode support, i.e. CONFIG_USERSPACE=n. For
that we add a new test-case in tests/kernel/fatal test suite.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This commit adds a test in tests/kernel/fatal test-suite, which checks
that the HW stack overflow detection works as expected during a user
thread system call.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Contrary to the comment in code, this test is NOT, in fact, compiled
with a traditional ticked kernel. Spinning won't work reliably
because interrupts won't necessarily be delivered when you expect.
This test case would fail spuriously as I moved things around when
debugging.
Doing it right (using a k_timer in this case) is actually less code
anyway.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
