uxCriticalNesting is initialized to a large value at the start and set
to zero when the scheduler is started (xPortStartScheduler). As a
result, before the scheduler is started, a pair of enter/exit critical
section will leave the interrupts disabled because uxCriticalNesting
will not reach zero in the vPortExitCritical function. This is done to
ensure that the interrupts remain disabled from the time first FreeRTOS
API is called to the time when the scheduler is started. The scheduler
starting code is expected to enure that interrupts are enabled before
the first task starts executing.
Cortex-M33 ports were not enabling interrupts before starting the first
task and as a result, the first task was started with interrupts
disabled. This PR fixes the issue by ensuring that interrupts are
enabled before the first task is started.
magicse7en [Mon, 26 Oct 2020 18:47:21 +0000 (02:47 +0800)]
Xtensa: fix the coproc_area incorrect issue (#117)
* Xtensa: fix the coproc_area incorrect issue
foss-xtensa/amazon-freertos#2 mentioned a issue:
1.
In function pxPortInitialiseStack(StackType_t *pxTopOfStack....)
p = (uint32_t *)(((uint32_t) pxTopOfStack - XT_CP_SIZE) & ~0xf);
In function prvInitialiseNewTask (file: task.c)
pxTopOfStack = (pxStack + (ulStackDepth - 1)) & (~portBYTE_ALIGNMENT_MASK)
So the co-processor area is at
p = (uint32_t *)(((uint32_t)((pxStack + (ulStackDepth - 1)) & (~portBYTE_ALIGNMENT_MASK)) - XT_CP_SIZE) & ~0xf);
2.
In function vPortStoreTaskMPUSettings( .... , StackType_t pxBottomOfStack ...)
xMPUSettings->coproc_area = (StackType_t)((((uint32_t)(pxBottomOfStack + usStackDepth - 1)) - XT_CP_SIZE) & ~0xf);
The p is coproc_area that should be equal to xMPUSettings->coproc_area.
For example, assume pxStack is 0xa0000000, ulStackDepth is 0x2000,
portBYTE_ALIGNMENT_MASK is 0x7f, XT_CP_SIZE is 0x100.
The p = (uint32_t)(((uint32_t)((pxStack + (ulStackDepth - 1)) & (~portBYTE_ALIGNMENT_MASK)) - XT_CP_SIZE) & ~0xf)
= 0xa0001e80
The xMPUSettings->coproc_area = (StackType_t)((((uint32_t)(pxStack+ usStackDepth - 1)) - XT_CP_SIZE ) & ~0xf)
= 0xa0001ef0
Obviously, the p is not equal to the xMPUSettings->coproc_area, which will cause context switching error.
In function pxPortInitialiseStack of port.c:
sp = ( StackType_t * ) ( ( ( UBaseType_t ) ( pxTopOfStack + 1 ) - XT_CP_SIZE - XT_STK_FRMSZ ) & ~0xf );
We assume XT_CP_SIZE is 0xE4, XT_STK_FRMSZ is 0xA0, pxTopOfStack is 0xA0000000, sp is 0x9FFFFE80.
From port.c, we know the frame->a1 as below:
frame->a1 = ( UBaseType_t ) sp + XT_STK_FRMSZ; /* physical top of stack frame */
So frame->a1 is 0x9FFFFF20. Therefore the interrupt stack frame range is 0x9FFFFE80 ~ 0x9FFFFF20.
The coproc_area is: p = ( uint32_t * ) ( ( ( uint32_t ) pxTopOfStack - XT_CP_SIZE ) & ~0xf );
So its value is 0x9FFFFF10. Obviously, the interrupt stack frame overlaps the coproc_area.
Co-authored-by: Carl Lundin <53273776+lundinc2@users.noreply.github.com>
Gaurav-Aggarwal-AWS [Fri, 23 Oct 2020 00:09:35 +0000 (17:09 -0700)]
Fix missed yield in xTaskResumeFromISR (#207)
If a higher priority task than the currently running task was resumed
using xTaskResumeFromISR and the user chose to ignore the return value
of xTaskResumeFromISR to initiate a context switch using
portYIELD_FROM_ISR, we were not doing the context switch on the next run
of the scheduler. This change fixes this by marking a yield as pending
to ensure that the context switch is performed on the next run of the
scheduler.
RichardBarry [Sun, 11 Oct 2020 21:04:49 +0000 (14:04 -0700)]
Recently vTaskDelayUntil() was updated to xTaskDelayUntil() because the function now returns a value. The PR didn't make the same change in the MPU port, or update the constants required to include the xTaskDelayUntil() function in the build. (#199)
This PR:
Changes the INCLUDE_vTaskDelayUntil compile time constant to INCLUDE_xTaskDelayUntil.
Updates FreeRTOS.h to ensure backward compatibility for projects that already have INCLUDE_vTaskDelayUntil defined.
Updates the MPU prototypes, wrapper and implementation to use the updated xTaskDelayUntil() function.
Tests to be checked into the FreeRTOS/FreeRTOS repository after this PR.
RichardBarry [Sun, 11 Oct 2020 04:47:54 +0000 (21:47 -0700)]
xStreamBufferSend() caps the maximum amount of data a stream buffer can send to the maximum capacity of the buffer - however the value to which the length is capped was wrong, and is correct by this check in. Likewise when sending to a message buffer if the send length is too long the block time is set to 0 to ensure the sending task does not wait indefinitely for the impossible send to complete - but the length check was wrong, and is corrected by this check in. (#195)
Reda Maher [Tue, 6 Oct 2020 01:06:51 +0000 (03:06 +0200)]
Posix: Fix no task switching issue if a task ended its main function (#184)
* Posix: Fix no task switching issue if a task ended
When the main function of a task exits, no task switching happened.
This is because all the remaining tasks are waiting on the condition
variable. The fix is to trigger a task switch and mark the exiting
task as "Dying" to be suspened and exited properly from the scheduler.
* Posix: Assert and stop if the Task function returned
* Posix: just assert if a task returned from its main function
Co-authored-by: alfred gedeon <alfred2g@hotmail.com>
Reda Maher [Tue, 29 Sep 2020 21:06:10 +0000 (23:06 +0200)]
Posix: Free the allocated memory after deleting a task or ending the scheduler (#181)
* Posix: Free Idle task resources after ending the scheduler
In case of using Posix simulator and ending the scheduler, it does
not free the resources allocated by the idle task. This
causes the memory checkers (Valgrind, Address Sanitizers, ..) to
complain.
* Posix: Free the condition variable memory in the correct place
In case of deleting a task from another task, the deletion happens
immediately and the thread is canceled but the memory allocated by
the task condition variable is not freed. This causes the memory
checkers (Valgrind, Address sanitizers, ..) to complain.
* Posix: End Timer thread and free its resources after ending the scheduler
Fix Stack alignment for Microchip PIC32MX port (#182)
* Fix Stack alignment for Microchip PIC32MX port
The stack of a task was not 8 byte aligned. Adding one more unused space
at the beginning of task stack (before simulated context) ensures that
the stack is 8 byte aligned. The stack (with simulated context) of a
newly created task looks like the following:
NoMaY (a user of Japan.RenesasRulz.com) [Mon, 28 Sep 2020 07:09:49 +0000 (16:09 +0900)]
Maintenance: Add readme.txt in each Renesas RX folder to show recommended port (#152)
* Maintenance: Add readme.txt in each Renesas RX folder to show recomended port
* Update readme.txt in each Renesas RX folder regarding to Notes *1 and *2 (both are RX100 port)
Introduce Trusted Firmware M support in Kernel on ARM Cortex M33 (#108)
This port adds the support that FreeRTOS applications can call the secure
services in Trusted Firmware M(TF-M) via PSA Platform Security
Architecture(PSA) API based on Arm Cortex-M33 platform with GCC compiler.
More information:
PSA - https://www.arm.com/why-arm/architecture/platform-security-architecture
TF-M - https://git.trustedfirmware.org/trusted-firmware-m.git/
Simon Beaudoin [Mon, 10 Aug 2020 16:55:04 +0000 (12:55 -0400)]
Update stream_buffer.c (#94)
Add necessary checks when sending data to the stream/message buffer in order to avoid a task deadlock when attempting to write a longer stream/message than the underlying buffer can write.
Simon Beaudoin [Mon, 10 Aug 2020 16:46:39 +0000 (12:46 -0400)]
Fix race condition when tracing is enabled (#95)
* Update port.c
I discovered a very snicky and tricky race condition scenario when integrating tracealyzer code into our project.
A little background on CortexR5 : When the IRQ line (comming from the interrupt controller, to which every peripheral IRQ lines connect) of the processor rises and the IRQ Enable bit in the status register of the CPU permits it, the CPU traps into interrupt mode. Several things happen. First, the CPU finishes the instruction it was performing. Second, it places the content of the CPSR register into the SPSR_irq register. And third, the mode of the CPU is changed to IRQ_Mode and /!\ THE IRQ ENABLE BIT IN CPSR_irq IS AUTOMATICALLY CLEARED /!\. The reason is to ensure that upon landing into IRQ code, we find ourselves automatically in a critical section because we cannot be interrupted again because the bit is cleared. The programmer can, if he wants, re-enable IRQs inside IRQ code itself to allow interrupt nesting. But it has to be wanted and meditated.
Now, inside portASM.S, at the end of 'FreeRTOS_IRQ_Handler' assembly function, a call to 'vTaskSwitchContextConst' is made if the variable 'ulPortYieldRequired' was set by someone while executing the interrupt. Before branching to that function, a 'CPSID i' instruction was placed to ensure that interrupts are disabled in case someone re-enabled it. Inside 'vTaskSwitchContext', there is the macro 'traceTASK_SWITCHED_OUT' that gets populated when tracing is enabled.
The bug is right there.. If the macro is populated and inside that macro there is a matching call to 'ulPortSetInterruptMask' and 'vPortClearInterruptMask', a race condition can occure is there is a OS Tick timer interrupt waiting at the interrupt controller's door. Upon calling 'vTaskSwitchContext', the interrupts are not masked in the interrupt controller, the only barrier against the CPU servicing that tick interrupt while already performing the function is that the IRQ Enable bit cleared. 'ulPortSetInterruptMask'
does what's its supposed to do, but doesn't take into account the IRQ Enable bit in CPSR. Wheter or not the bit was cleared, the function sets it at the end. When calling the matching 'vPortClearInterruptMask', the function clears the interrupt mask in the interrupt controller. Because the IRQ Enable bit (that was cleared) has been set no matter what in 'ulPortSetInterruptMask', the CPU services the OS Tick Interrupt right away.
The bug is there : instead of completing the 'vTaskSwitchContext' function, the CPU re-enters the switch context path right after 'traceTASK_SWITCHED_OUT' thus corrupting the CPU state and eventually triggering either an undefined instruction, data or instruction abort.
* Update port.c
Error on my part, this is the right inline asm code to retreive CPSR register
RichardBarry [Sun, 9 Aug 2020 23:18:57 +0000 (16:18 -0700)]
Fix: Two one line fixes, xTaskCheckForTimeOut() and ulTaskGenericNotifyValueClear(). (#82)
ulTaskGenericNotifyValueClear() returned the notification value of the
currently running task, not the target task. Now it returns the
notification value of the target task.
Some users expected xTaskCheckForTimeOut() to clear the 'last wake time'
value each time a timeout occurred, whereas it only did that in one path.
It now clears the last wake time in all paths that return that a timeout
occurred.
Gaurav-Aggarwal-AWS [Sun, 9 Aug 2020 01:37:14 +0000 (18:37 -0700)]
Allow application to override TEX,S,C and B bits for Flash and RAM (#113)
The TEX, Shareable (S), Cacheable (C) and Bufferable (B) bits define
the memory type, and where necessary the cacheable and shareable
properties of the memory region.
The default values for these bits, as configured in our MPU ports, are
sometimes not suitable for application. One such example is when the MCU
has a cache, the application writer may not want to mark the memory as
shareable to avoid disabling the cache. This change allows the
application writer to override default vales for TEX, S C and B bits for
Flash and RAM in their FreeRTOSConfig.h. The following two new
configurations are introduced:
- configTEX_S_C_B_FLASH
- configTEX_S_C_B_SRAM
If undefined, the default values for the above configurations are
TEX=000, S=1, C=1, B=1. This ensures backward compatibility.
Change the xRunningPrivileged check from "!=true" to "==false" (#109)
The expected behaviour of portIS_PRIVILEGED is:
- return 0 if the processor is not running privileged.
- return 1 if the processor is running privileged.
Some TI ports do not return 1 when the processor is running privileged
causing the following check to fail: if( xRunningPrivileged != pdTRUE )
This commit change the check to: if( xRunningPrivileged == pdFALSE ). It
ensures that the check is successful even on the ports which return incorrect
value from portIS_PRIVILEGED when the processor is running privileged.
See https://forums.freertos.org/t/kernel-bug-nested-mpu-wrapper-calls-generate-an-exception/10391
Add support for 16 MPU regions to Cortex-M4 MPU ports (#96)
ARMv7-M supports 8 or 16 MPU regions. FreeRTOS Cortex-M4 MPU ports so
far assumed 8 regions. This change adds support for 16 MPU regions. The
hardware with 16 MPU regions must define configTOTAL_MPU_REGIONS to 16
in their FreeRTOSConfig.h.
If left undefined, it defaults to 8 for backward compatibility.
Some of the privileged symbols were not being placed in their respective
sections. This commit addresses those and places them in
privileged_functions or privileged_data section.
Add support for privileged heap to ARMV8-M ports (#85)
If xTaskCreate API is used to create a task, the task's stack is
allocated on heap using pvPortMalloc. This places the task's stack
in the privileged data section, if the heap is placed in the
privileged data section.
We use a separate MPU region to grant a task access to its stack.
If the task's stack is in the privileged data section, this results in
overlapping MPU regions as privileged data section is already protected
using a separate MPU region. ARMv8-M does not allow overlapping MPU
regions and this results in a fault. This commit ensures to not use a
separate MPU region for the task's stack if it lies within the
privileged data section.
Note that if the heap memory is placed in the privileged data section,
the xTaskCreate API cannot be used to create an unprivileged task as
the task's stack will be in the privileged data section and the task
won't have access to it. xTaskCreateRestricted and
xTaskCreateRestrictedStatic API should be used to create unprivileged
tasks.
Gaurav-Aggarwal-AWS [Wed, 10 Jun 2020 17:03:11 +0000 (10:03 -0700)]
Fix out of offset errors when LTO is enabled (#71)
When Link Time Optimization (LTO) is enabled, some of the LDR
instructions result in out of range access. The reason is that the
default generated literal pool is too far and not within the permissible
range of 4K.
This commit adds LTORG assembly instructions at required places to
ensure that access to literals remain in the permissible range of 4K.
begriffs.com / projects / freertos / log