This patch ensures that the 'Allocator_avl' releases all memory obtained
from the meta-data allocator at destruction time. If allocations are
still dangling, it produces a warning, hinting at possible memory leaks.
Finally, it properly reverts all 'add_range' operations.
This patch fixes a use-after-free problem raised by the recent ability of
the slab allocator to dynamically release empty slab blocks. The
Rm_session_component::detach function used to rely on the assumption
that the region metadata co-located with the allocator metadata of the
'_map' would stay intact even after a 'free' if the region.
This patch makes sure that the dataspace pool is flushed before
destructing the heap-local allocator-avl instance. With the original
destruction order, the allocator would still contain dangling
allocations on the account of the dataspace pool when destructed. In
practice, this caused no problem because the underlying backing store is
eventually freed on the destruction of the pool. But it triggers a
runtime warning of the allocator since it has become more strict with
regard to dangling allocations.
This commit introduces the new `Component` interface in the form of the
headers base/component.h and base/entrypoint.h. The os/server.h API
has become merely a compatibilty wrapper and will eventually be removed.
The same holds true for os/signal_rpc_dispatcher.h. The mechanism has
moved to base/signal.h and is now called 'Signal_handler'.
Since the patch shuffles headers around, please do a 'make clean' in the
build directory.
Issue #1832
This commit replaces the stateful 'Ipc_client' type with the plain
function 'ipc_call' that takes all the needed state as arguments.
The stateful 'Ipc_server' class is retained but it moved from the public
API to the internal ipc_server.h header. The kernel-specific
implementations were cleaned up and simplified. E.g., the 'wait'
function does no longer exist. The badge and exception code are no
longer carried in the message buffers but are handled in kernel-specific
ways.
Issue #610
Issue #1832
Rust relies on atomic builtins, which are not implemented in libgcc for
ARM. One is implemented in rust, which is sufficient to get the
current rust test to run.
Issue #1899
Check if the binary pointer is valid before attempting to lookup the
symbol. Shared objects with unresolved symbols and missing depencies,
e.g a library that references 'errno' but is not linked against libc,
will now produce an error message when they are loaded by the dynamic
linker.
Fixes#1904.
This patch moves details about the stack allocation and organization
the base-internal headers. Thereby, I replaced the notion of "thread
contexts" by "stacks" as this term is much more intuitive. The fact that
we place thread-specific information at the bottom of the stack is not
worth introducing new terminology.
Issue #1832
By moving the stub implementation to rm_session_client.cc, we can use
the generic base/include/rm_session/client.h for base-linux and
base-nova and merely use platform-specific implementations.
Issue #1832
This patch establishes a common organization of header files
internal to the base framework. The internal headers are located at
'<repository>/src/include/base/internal/'. This structure has been
choosen to make the nature of those headers immediately clear when
included:
#include <base/internal/lock_helper.h>
Issue #1832
This patch integrates the functionality of the former CAP session into
the PD session and unifies the approch of supplementing the generic PD
session with kernel-specific functionality. The latter is achieved by
the new 'Native_pd' interface. The kernel-specific interface can be
obtained via the Pd_session::native_pd accessor function. The
kernel-specific interfaces are named Nova_native_pd, Foc_native_pd, and
Linux_native_pd.
The latter change allowed for to deduplication of the
pd_session_component code among the various base platforms.
To retain API compatibility, we keep the 'Cap_session' and
'Cap_connection' around. But those classes have become mere wrappers
around the PD session interface.
Issue #1841
This patch removes the SIGNAL service from core and moves its
functionality to the PD session. Furthermore, it unifies the PD service
implementation and terminology across the various base platforms.
Issue #1841
Previously, ports that were needed for a scenario and that were not
prepared or outdated, triggered one assertion each during the second
build stage. The commit slots a mechanism in ahead that gathers all
these ports during the first build stage and reports them in form of a
list before the second build stage is entered. This list can be used
directly as argument for tool/ports/prepare_port to prepare respectively
update the ports. If, however, this mechanism is not available, for
example because a target is build without the first build stage, the old
assertion still prevents the target from running into troubles with a
missing port.
Fixes#1872
Enable the ACPI functionality in the platform_drv on hw_x86_64_muen and
provide a simple generated XML report as ROM session in order to make
the PCI configuration space available.
This is a requirement to implement support for MSI on hw_x86_64_muen.
The wrapper functions (e.g., 'Unwind_*' and friends) now have the same signature
as the original function in 'libgcc', reside in a separate C file which is
archived to cxx.lib.a. In supc++.o we prefix the wrapped functions with '_cxx_'.
This also enables support for riscv.
related to #1880
This prevents a sporadic null-pointer dereference in the nic_loopback
test, which occurred once in 100 runs. I'm not sure if there's still a
race window (we may investigate) with context dissolve.
This commit enables multi-processing for all Cortex A9 SoCs we currently
support. Moreover, it thereby enables the L2 cache for i.MX6 that was not
enabled until now. However, the QEMU variants hw_pbxa9 and hw_zynq still
only use 1 core, because the busy cpu synchronization used when initializing
multiple Cortex A9 cores leads to horrible boot times on QEMU.
During this work the CPU initialization in general was reworked. From now
on lots of hardware specifics were put into the 'spec' specific files, some
generic hook functions and abstractions thereby were eliminated. This
results to more lean implementations for instance on non-SMP platforms,
or in the x86 case where cache maintainance is a non-issue.
Due to the fact that memory/cache coherency and SMP are closely coupled
on ARM Cortex A9 this commit combines so different aspects.
Fix#1312Fix#1807
When unblocking a thread in Semaphore::up() while holding the fifo meta-data
lock, it might happen that the lock holder gets destroyed by the one it was
unblocking. This happened for instance in the pthread test in the past, where
thread destruction was synchronized via a semaphore. There is no need to hold
the lock during the unblock operation, so we should do it outside the critical
section.
Fix#1333
Previously we used a pretty slow external clock source for the timer. This
resulted in such a low TICS_PER_MS value that the granularity wasn't
sufficient to find a setup with a precision better than 1 second error per
minute. Now we use the so-called High Frequency Reference Clock as input
with TICS_PER_MS=33333 and the timer precision is significantly < 1 second per
minute.
Fixes#1805
On Linux the linker can now be loaded at arbitrary addresses, this became
necessary for newer kernel versions. The 'linux_arm' target is not supported.
Issue #1728
* enable i915 driver from Linux 3.14.5
* tested for generation 5 till 8 GPUs
The driver can be configured at run-time via the config ROM. Every
connector of the graphic card can be configured separately using the
following syntax
<config>
<connector name="LVDS-11" width="1280" height="800" enabled="true"/>
</config>
Also, when enabled within the intel framebuffer driver configuration like
the following
<config buffered="yes"/>
a simple ram dataspace is propagated to the client and the driver
itselfs copies from that buffer to the framebuffer triggered via refresh
calls. This option is useful to alleviate tearing effects.
The driver distributes all available connectors of the graphic card and
their supported resolutions via a report. It looks like follows
<connectors>
<connector name="LVDS-11" connected="1">
<mode width="1280" height="800" hz="60"/>
...
</connector>
...
</connectors>
The driver distributes the report only if this is stated within its
configuration, like the following
<config>
<report connectors="yes"/>
</config>
Fix#1764
'block_for_signal' and 'pending_signal' now set pending flag in signal context
in order to determine pending signal. The context list is also used by the
'Signal_receiver' during destruction.
Fixes#1738
Currently, when a signal arrives in the main thread, the signal dispatcher is
retrieved and called from the main thread, the dispatcher uses a proxy object
that in turn sends an RPC to the entry point. This becomes a problem when the
entry point destroys the dispatcher object, before the dispatch function has
been called by the main thread. Therefore, the main thread should simply send an
RPC to the entry point upon signal arrival and the dispatching should be handled
solely by the entry point.
Issue #1738
Holding the object pool's lock while trying to obtain an object's lock
can leave to dead-lock situations, when more than one thread tries to
access multiple objects at once (e.g.: when transfer_quota gets called
simultanously by the init and entrypoint thread in core). To circumvent
holding the object pool lock too long, but access object pointers safely
on the other hand, this commit updates the object pool implementation
to use weak pointers during the object retrieval.
Fix#1704
Destroying an object within the scope of a lambda/functor executed
in the object pool's apply function leads potentially to memory corruption.
Within the scope the corresponding object is locked and unlocked when
leaving the scope. Therefore, it is illegal to free the object's memory meanwhile.
This commit eliminates several places in core that destroyed wrongly in
the object pool's scope.
Fix#1713
* Move the Synced_interface from os -> base
* Align the naming of "synchronized" helpers to "Synced_*"
* Move Synced_range_allocator to core's private headers
* Remove the raw() and lock() members from Synced_allocator and
Synced_range_allocator, and re-use the Synced_interface for them
* Make core's Mapped_mem_allocator a friend class of Synced_range_allocator
to enable the needed "unsafe" access of its physical and virtual allocators
Fix#1697
The commit consumes the argument of a unsupported printf command.
Without the commit - a subsequent command uses the argument of the preceding
command, which may cause memory corruption or page faults for sequences using
string commands, e.g.
Genode::printf("%#x %s\n", 0x20, "Test");
'#' is not supported by Genode::printf. In this scenario a pagefault at
address 0x20 is caused.
Fixes#1701
Instead of holding SPEC-variable dependent files and directories inline
within the repository structure, move them into 'spec' subdirectories
at the corresponding levels, e.g.:
repos/base/include/spec
repos/base/mk/spec
repos/base/lib/mk/spec
repos/base/src/core/spec
...
Moreover, this commit removes the 'platform' directories. That term was
used in an overloaded sense. All SPEC-relative 'platform' directories are
now named 'spec'. Other files, like for instance those related to the
kernel/architecture specific startup library, where moved from 'platform'
directories to explicit, more meaningful places like e.g.: 'src/lib/startup'.
Fix#1673
Instead of returning pointers to locked objects via a lookup function,
the new object pool implementation restricts object access to
functors resp. lambda expressions that are applied to the objects
within the pool itself.
Fix#884Fix#1658
With the introducation of the Audio_in session interface it makes
sense to rename the current available audio drivers. At the moment
only the dde_bsd audio_drv supports Audio_out as well as Audio_in.
The Linux audio_drv only supports Audio_out (there is no demand for
Audio_in support currently) but is renamed nonetheless to make it
easiert to write generic run scripts.
Issue #1644.
For most platforms except of NOVA a distinction between pager entrypoint
and pager activation is not needed, and only exists due to historical
reasons. Moreover, the pager thread's execution path is almost identical
between most platforms excluding NOVA, HW, and Fisco.OC. Therefore,
this commit unifies the pager loop for the other platforms, and removes
the pager activation class.
Increase internal chunk size of heap only if an allocation succeeded
beforehand. Otherwise the chunk size increases with every unsuccessful
invocation and a upgrade of the used ram session will be insufficient and of
no use at all.
Fixes#1632
Moves the Bios Data Area header from base-hw to base. Modifies the
base-nova core console that it uses the header as replacement for
the previous BDA bit logic.
Ref #1625
Introduces a class Unmanaged_singleton_constructor that can be declared as
friend to be able to call unmanaged_singleton on classes with a private
constructor. Enables the appliance of the singleton pattern.
Ref #1625
This commit eliminates the mutual interlaced taking of destruction lock,
list lock and weak pointer locks that could lead to a dead-lock situation
when a lock pointer was tried to construct while a weak object is in
destruction progress.
Now, all weak pointers are invalidated and dequeued at the very
beginning of the weak object's destruction. Moreover, before a weak pointer
gets invalidated during destruction of a weak object, it gets dequeued, and
the list lock is freed again to avoid the former dead-lock.
Fix#1607
Up to now it was not possible to trace threads that use a different
Cpu_session rather than env()->cpu_session() (as done by VirtualBox).
This problem is now solved by setting the Cpu_session explicitly when
creating the event logger and attaching the trace control area when
creating the thread.
Fixes#1618.
Add a test where a locked pointer shall be taken during object destruction.
Moreover, extend the run-script so it runs on different platforms with
"real" timers.
We set 'ld -z max-page-size' to 4KiB to prevent the linker from aligning
the text segment to any built-in default (e.g., 4MiB on x86_64 or 64KiB
on ARM). Otherwise, the padding bytes are wasted at the beginning of the
final binary.
The recent change of the TRACE session interface triggered the
following warning:
/home/no/src/genode/repos/base/include/base/ipc.h:79:4: warning: ‘ret’ may be used uninitialized in this function [-Wmaybe-uninitialized]
*reinterpret_cast<T *>(&_sndbuf[_write_offset]) = value;
^
In file included from /home/no/src/genode/repos/base/src/core/include/trace/session_component.h:19:0,
from /home/no/src/genode/repos/base/src/core/trace_session_component.cc:15:
/home/no/src/genode/repos/base/include/base/rpc_server.h:132:42: note: ‘ret’ was declared here
typename This_rpc_function::Ret_type ret;
The warning occurs for basic return types (like size_t), which are
indeed not initialized. The variable gets its value assigned by the
corresponding 'call_member' overload, to which the variable is passed as
reference. But the compiler apparently is not able to detect this assignment.
Declaring 'ret' with a C++11-style default initializer fixes the warning.
