The copy constructor of Signal did not copy the Signal::Data contents of
the copy source. This bug could survive undetected because the compiler
can optimize code in a way, that copy constructor and destructor are not
necessary when returning by value from simple functions. I assume that
it creates the object in CPU registers instead of RAM and reuses it
instead of copying it to save time. This way the bug triggered first
after wait_for_signal was changed in a way that avoided optimization.
ref #912
In hybrid mode, all programs are dynamic executables and ld.lib.so is
not supported. Therefore, only the "static" variant of the test can be
build and executed.
This change allows for the testing of cli_monitor's automatic resource
balancing by executing the following command:
start ram_eater --ram-limit 1G --count 5
The command starts 5 instances of a RAM-eating process, which is,
however, able to yield resources when instructed. The RAM quota for the
processes gets automatically extended because of the overly large limit
of 1 GiB, which is far more than CLI monitor's RAM resources (100 MiB).
When the RAM usage hits the preservation limit, CLI monitor broadcasts
yield requests to each ram_eater instance, which allow the scenario to
remain alive.
If a local thread is attempted to be 'pause'd via cpu_session, don't wait
until it gets into the recalled state. If the caller is lucky it is, if not
return only the stack pointer.
Avoids deadlocking of the gdb when attached to a process running a server.
Issue #478
The 'pause' call on base-nova assumes that a thread can solely block in its
associated semaphore. Main reason is that so core can unblock a thread in order
that the recall exception gets delivered and the register state can be
obtained.
Unfortunately the signal session implementation creates a semaphore, which is
unknown by the pager code. Instead create the semaphore via the pager of the
thread, so that the pager can unblock the signal thread when a pause is issued.
Issue #478
If a thread caused a page fault and later on get be paused, then it left
the recall handler immediately due to the pause call instead of staying
in this handler.
Add some (complicated) state machine to detect and handle the case. Still not
waterproof, especially server threads may never get recalled if they never get
a IPC from the outside.
Fixes#478
This patch introduces new commands for dynamically balancing RAM between
subsystems. The 'status' command prints a table with the RAM status of
each subsystem. The 'ram' command changes the quota or a quota limit of
a given subsystem. The quota limit can be defined to allow the on-demand
expansion of the quota. Finally, the 'yield' command can be used to
instruct a subsystem to yield a specified amount of resources.
For trying out the new commands, a so-called 'ram_eater' example has
been added to the 'terminal_mux.run' scenario. This program simulates a
subsystem with a growing demand for resources, yet with the capability
to yield resources when instructed by the parent (i.e., cli_monitor).
Besides implementing the new features, the patch splits the
implementation of 'cli_monitor' into multiple files.
In order to be able to dynamically balance resources of slaves, we need
to provide an accessor to the slave's RAM session and a way to issue
yield requests.
The new 'String' buffer type is meant to replace the manually created
character buffers that are scattered throughout Genode. It plainly holds
a null-terminated string to be stored as a member variable (e.g., a
session label) or passed as RPC argument. It is not intended to become a
string API.
