[PATCH v2 13/13] score: INTERNAL_ERROR_IDLE_THREAD_STACK_TOO_SMALL

Sebastian Huber sebastian.huber at embedded-brains.de
Thu Oct 6 08:23:32 UTC 2022


Ensure that the IDLE storage allocator did allocate a suffiently large area.

Update #3835.
Update #4524.
---
 cpukit/include/rtems/score/interr.h           |   3 +-
 cpukit/sapi/src/interrtext.c                  |   3 +-
 cpukit/score/src/threadcreateidle.c           |   4 +
 .../fatal-idle-thread-stack-too-small.yml     |  20 ++
 spec/build/testsuites/validation/grp.yml      |   2 +
 testsuites/sptests/spinternalerror02/init.c   |   2 +-
 .../tr-fatal-idle-thread-stack-too-small.c    | 175 ++++++++++++++++++
 .../tr-fatal-idle-thread-stack-too-small.h    |  84 +++++++++
 .../ts-fatal-idle-thread-stack-too-small.c    |  97 ++++++++++
 9 files changed, 387 insertions(+), 3 deletions(-)
 create mode 100644 spec/build/testsuites/validation/fatal-idle-thread-stack-too-small.yml
 create mode 100644 testsuites/validation/tr-fatal-idle-thread-stack-too-small.c
 create mode 100644 testsuites/validation/tr-fatal-idle-thread-stack-too-small.h
 create mode 100644 testsuites/validation/ts-fatal-idle-thread-stack-too-small.c

diff --git a/cpukit/include/rtems/score/interr.h b/cpukit/include/rtems/score/interr.h
index f21e8d58a1..003e80e0bd 100644
--- a/cpukit/include/rtems/score/interr.h
+++ b/cpukit/include/rtems/score/interr.h
@@ -230,7 +230,8 @@ typedef enum {
   INTERNAL_ERROR_TOO_LARGE_TLS_SIZE = 41,
   INTERNAL_ERROR_RTEMS_INIT_TASK_CONSTRUCT_FAILED = 42,
   INTERNAL_ERROR_IDLE_THREAD_CREATE_FAILED = 43,
-  INTERNAL_ERROR_NO_MEMORY_FOR_IDLE_TASK_STORAGE = 44
+  INTERNAL_ERROR_NO_MEMORY_FOR_IDLE_TASK_STORAGE = 44,
+  INTERNAL_ERROR_IDLE_THREAD_STACK_TOO_SMALL = 45
 } Internal_errors_Core_list;
 
 typedef CPU_Uint32ptr Internal_errors_t;
diff --git a/cpukit/sapi/src/interrtext.c b/cpukit/sapi/src/interrtext.c
index e828a82051..34b51419cf 100644
--- a/cpukit/sapi/src/interrtext.c
+++ b/cpukit/sapi/src/interrtext.c
@@ -85,7 +85,8 @@ static const char *const internal_error_text[] = {
   "INTERNAL_ERROR_TOO_LARGE_TLS_SIZE",
   "INTERNAL_ERROR_RTEMS_INIT_TASK_CONSTRUCT_FAILED",
   "INTERNAL_ERROR_IDLE_THREAD_CREATE_FAILED",
-  "INTERNAL_ERROR_NO_MEMORY_FOR_IDLE_TASK_STORAGE"
+  "INTERNAL_ERROR_NO_MEMORY_FOR_IDLE_TASK_STORAGE",
+  "INTERNAL_ERROR_IDLE_THREAD_STACK_TOO_SMALL"
 };
 
 const char *rtems_internal_error_text( rtems_fatal_code error )
diff --git a/cpukit/score/src/threadcreateidle.c b/cpukit/score/src/threadcreateidle.c
index 04565f910b..cb15d5cc3c 100644
--- a/cpukit/score/src/threadcreateidle.c
+++ b/cpukit/score/src/threadcreateidle.c
@@ -84,6 +84,10 @@ static void _Thread_Create_idle_for_CPU(
     &config.stack_size
   );
 
+  if ( config.stack_size < storage_size ) {
+    _Internal_error( INTERNAL_ERROR_IDLE_THREAD_STACK_TOO_SMALL );
+  }
+
   /*
    *  The entire workspace is zeroed during its initialization.  Thus, all
    *  fields not explicitly assigned were explicitly zeroed by
diff --git a/spec/build/testsuites/validation/fatal-idle-thread-stack-too-small.yml b/spec/build/testsuites/validation/fatal-idle-thread-stack-too-small.yml
new file mode 100644
index 0000000000..11be4d7a8d
--- /dev/null
+++ b/spec/build/testsuites/validation/fatal-idle-thread-stack-too-small.yml
@@ -0,0 +1,20 @@
+SPDX-License-Identifier: CC-BY-SA-4.0 OR BSD-2-Clause
+build-type: test-program
+cflags: []
+copyrights:
+- Copyright (C) 2022 embedded brains GmbH (http://www.embedded-brains.de)
+cppflags: []
+cxxflags: []
+enabled-by: true
+features: c cprogram
+includes: []
+ldflags: []
+links: []
+source:
+- testsuites/validation/tr-fatal-idle-thread-stack-too-small.c
+- testsuites/validation/ts-fatal-idle-thread-stack-too-small.c
+stlib: []
+target: testsuites/validation/ts-fatal-idle-thread-stack-too-small.exe
+type: build
+use-after: []
+use-before: []
diff --git a/spec/build/testsuites/validation/grp.yml b/spec/build/testsuites/validation/grp.yml
index 7a5fbb1c90..42e546636b 100644
--- a/spec/build/testsuites/validation/grp.yml
+++ b/spec/build/testsuites/validation/grp.yml
@@ -19,6 +19,8 @@ links:
   uid: fatal-boot-processor-not-assigned-to-scheduler
 - role: build-dependency
   uid: fatal-idle-thread-create-failed
+- role: build-dependency
+  uid: fatal-idle-thread-stack-too-small
 - role: build-dependency
   uid: fatal-init-task-construct-failed
 - role: build-dependency
diff --git a/testsuites/sptests/spinternalerror02/init.c b/testsuites/sptests/spinternalerror02/init.c
index 475e31e085..2d2f080d25 100644
--- a/testsuites/sptests/spinternalerror02/init.c
+++ b/testsuites/sptests/spinternalerror02/init.c
@@ -49,7 +49,7 @@ static void test_internal_error_text(void)
   } while ( text != text_last );
 
   rtems_test_assert(
-    error - 3 == INTERNAL_ERROR_NO_MEMORY_FOR_IDLE_TASK_STORAGE
+    error - 3 == INTERNAL_ERROR_IDLE_THREAD_STACK_TOO_SMALL
   );
 }
 
diff --git a/testsuites/validation/tr-fatal-idle-thread-stack-too-small.c b/testsuites/validation/tr-fatal-idle-thread-stack-too-small.c
new file mode 100644
index 0000000000..b5a191b0a2
--- /dev/null
+++ b/testsuites/validation/tr-fatal-idle-thread-stack-too-small.c
@@ -0,0 +1,175 @@
+/* SPDX-License-Identifier: BSD-2-Clause */
+
+/**
+ * @file
+ *
+ * @ingroup RTEMSTestCaseScoreThreadValFatalIdleThreadStackTooSmall
+ */
+
+/*
+ * Copyright (C) 2022 embedded brains GmbH (http://www.embedded-brains.de)
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * This file is part of the RTEMS quality process and was automatically
+ * generated.  If you find something that needs to be fixed or
+ * worded better please post a report or patch to an RTEMS mailing list
+ * or raise a bug report:
+ *
+ * https://www.rtems.org/bugs.html
+ *
+ * For information on updating and regenerating please refer to the How-To
+ * section in the Software Requirements Engineering chapter of the
+ * RTEMS Software Engineering manual.  The manual is provided as a part of
+ * a release.  For development sources please refer to the online
+ * documentation at:
+ *
+ * https://docs.rtems.org
+ */
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#include <rtems.h>
+
+#include "tr-fatal-idle-thread-stack-too-small.h"
+
+#include <rtems/test.h>
+
+/**
+ * @defgroup RTEMSTestCaseScoreThreadValFatalIdleThreadStackTooSmall \
+ *   spec:/score/thread/val/fatal-idle-thread-stack-too-small
+ *
+ * @ingroup RTEMSTestSuiteTestsuitesFatalIdleThreadStackTooSmall
+ *
+ * @brief Tests a fatal error caused by a too small idle thread stack size.
+ *
+ * This test case performs the following actions:
+ *
+ * - The test action is carried out by configuring a thread-local storage
+ *   demand which leads to a too small idle thread stack size.
+ *
+ *   - Check that the expected fatal source is present.
+ *
+ *   - Check that the expected fatal code is present.
+ *
+ *   - Check the configured value of CONFIGURE_IDLE_TASK_STORAGE_SIZE.
+ *
+ * @{
+ */
+
+/**
+ * @brief Test context for
+ *   spec:/score/thread/val/fatal-idle-thread-stack-too-small test case.
+ */
+typedef struct {
+  /**
+   * @brief This member contains a copy of the corresponding
+   *   ScoreThreadValFatalIdleThreadStackTooSmall_Run() parameter.
+   */
+  rtems_fatal_source source;
+
+  /**
+   * @brief This member contains a copy of the corresponding
+   *   ScoreThreadValFatalIdleThreadStackTooSmall_Run() parameter.
+   */
+  rtems_fatal_code code;
+} ScoreThreadValFatalIdleThreadStackTooSmall_Context;
+
+static ScoreThreadValFatalIdleThreadStackTooSmall_Context
+  ScoreThreadValFatalIdleThreadStackTooSmall_Instance;
+
+static T_fixture ScoreThreadValFatalIdleThreadStackTooSmall_Fixture = {
+  .setup = NULL,
+  .stop = NULL,
+  .teardown = NULL,
+  .scope = NULL,
+  .initial_context = &ScoreThreadValFatalIdleThreadStackTooSmall_Instance
+};
+
+/**
+ * @brief The test action is carried out by configuring a thread-local storage
+ *   demand which leads to a too small idle thread stack size.
+ */
+static void ScoreThreadValFatalIdleThreadStackTooSmall_Action_0(
+  ScoreThreadValFatalIdleThreadStackTooSmall_Context *ctx
+)
+{
+  /* Nothing to do */
+
+  /*
+   * Check that the expected fatal source is present.
+   */
+  T_step_eq_int( 0, ctx->source, INTERNAL_ERROR_CORE );
+
+  /*
+   * Check that the expected fatal code is present.
+   */
+  T_step_eq_ulong(
+    1,
+    ctx->code,
+    INTERNAL_ERROR_IDLE_THREAD_STACK_TOO_SMALL
+  );
+
+  /*
+   * Check the configured value of CONFIGURE_IDLE_TASK_STORAGE_SIZE.
+   */
+  T_step_eq_sz(
+    2,
+    _Stack_Allocator_allocate_for_idle_storage_size,
+    RTEMS_ALIGN_UP(
+      RTEMS_TASK_STORAGE_SIZE(
+        RTEMS_MINIMUM_STACK_SIZE,
+        RTEMS_DEFAULT_ATTRIBUTES
+      ),
+      CPU_INTERRUPT_STACK_ALIGNMENT
+    )
+  );
+}
+
+void ScoreThreadValFatalIdleThreadStackTooSmall_Run(
+  rtems_fatal_source source,
+  rtems_fatal_code   code
+)
+{
+  ScoreThreadValFatalIdleThreadStackTooSmall_Context *ctx;
+
+  ctx = &ScoreThreadValFatalIdleThreadStackTooSmall_Instance;
+  ctx->source = source;
+  ctx->code = code;
+
+  ctx = T_case_begin(
+    "ScoreThreadValFatalIdleThreadStackTooSmall",
+    &ScoreThreadValFatalIdleThreadStackTooSmall_Fixture
+  );
+
+  T_plan( 3 );
+
+  ScoreThreadValFatalIdleThreadStackTooSmall_Action_0( ctx );
+
+  T_case_end();
+}
+
+/** @} */
diff --git a/testsuites/validation/tr-fatal-idle-thread-stack-too-small.h b/testsuites/validation/tr-fatal-idle-thread-stack-too-small.h
new file mode 100644
index 0000000000..4d7aac4598
--- /dev/null
+++ b/testsuites/validation/tr-fatal-idle-thread-stack-too-small.h
@@ -0,0 +1,84 @@
+/* SPDX-License-Identifier: BSD-2-Clause */
+
+/**
+ * @file
+ *
+ * @ingroup RTEMSTestCaseScoreThreadValFatalIdleThreadStackTooSmall
+ */
+
+/*
+ * Copyright (C) 2022 embedded brains GmbH (http://www.embedded-brains.de)
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * This file is part of the RTEMS quality process and was automatically
+ * generated.  If you find something that needs to be fixed or
+ * worded better please post a report or patch to an RTEMS mailing list
+ * or raise a bug report:
+ *
+ * https://www.rtems.org/bugs.html
+ *
+ * For information on updating and regenerating please refer to the How-To
+ * section in the Software Requirements Engineering chapter of the
+ * RTEMS Software Engineering manual.  The manual is provided as a part of
+ * a release.  For development sources please refer to the online
+ * documentation at:
+ *
+ * https://docs.rtems.org
+ */
+
+#ifndef _TR_FATAL_IDLE_THREAD_STACK_TOO_SMALL_H
+#define _TR_FATAL_IDLE_THREAD_STACK_TOO_SMALL_H
+
+#include <rtems.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * @addtogroup RTEMSTestCaseScoreThreadValFatalIdleThreadStackTooSmall
+ *
+ * @{
+ */
+
+/**
+ * @brief Runs the parameterized test case.
+ *
+ * @param source is the fatal source.
+ *
+ * @param code is the fatal code.
+ */
+void ScoreThreadValFatalIdleThreadStackTooSmall_Run(
+  rtems_fatal_source source,
+  rtems_fatal_code   code
+);
+
+/** @} */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _TR_FATAL_IDLE_THREAD_STACK_TOO_SMALL_H */
diff --git a/testsuites/validation/ts-fatal-idle-thread-stack-too-small.c b/testsuites/validation/ts-fatal-idle-thread-stack-too-small.c
new file mode 100644
index 0000000000..048f073338
--- /dev/null
+++ b/testsuites/validation/ts-fatal-idle-thread-stack-too-small.c
@@ -0,0 +1,97 @@
+/* SPDX-License-Identifier: BSD-2-Clause */
+
+/**
+ * @file
+ *
+ * @ingroup RTEMSTestSuiteTestsuitesFatalIdleThreadStackTooSmall
+ */
+
+/*
+ * Copyright (C) 2021 embedded brains GmbH (http://www.embedded-brains.de)
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * This file is part of the RTEMS quality process and was automatically
+ * generated.  If you find something that needs to be fixed or
+ * worded better please post a report or patch to an RTEMS mailing list
+ * or raise a bug report:
+ *
+ * https://www.rtems.org/bugs.html
+ *
+ * For information on updating and regenerating please refer to the How-To
+ * section in the Software Requirements Engineering chapter of the
+ * RTEMS Software Engineering manual.  The manual is provided as a part of
+ * a release.  For development sources please refer to the online
+ * documentation at:
+ *
+ * https://docs.rtems.org
+ */
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#include "tr-fatal-idle-thread-stack-too-small.h"
+
+#include <rtems/test.h>
+
+/**
+ * @defgroup RTEMSTestSuiteTestsuitesFatalIdleThreadStackTooSmall \
+ *   spec:/testsuites/fatal-idle-thread-stack-too-small
+ *
+ * @ingroup RTEMSTestSuites
+ *
+ * @brief This validation test suite contains a test case which triggers a
+ *   fatal error during system initialization.
+ *
+ * @{
+ */
+
+const char rtems_test_name[] = "FatalIdleThreadStackTooSmall";
+
+#define FATAL_SYSINIT_RUN ScoreThreadValFatalIdleThreadStackTooSmall_Run
+
+static _Thread_local volatile uint8_t zero[ RTEMS_MINIMUM_STACK_SIZE ];
+
+static void Init( rtems_task_argument arg )
+{
+  (void) arg;
+  rtems_fatal( RTEMS_FATAL_SOURCE_EXIT, zero[ 0 ] + 1 );
+}
+
+#define CONFIGURE_APPLICATION_DOES_NOT_NEED_CLOCK_DRIVER
+
+#define CONFIGURE_MAXIMUM_TASKS 1
+
+#define CONFIGURE_MINIMUM_TASKS_WITH_USER_PROVIDED_STORAGE 1
+
+#define CONFIGURE_INIT_TASK_PRIORITY 0
+
+#define CONFIGURE_INIT_TASK_CONSTRUCT_STORAGE_SIZE RTEMS_MINIMUM_STACK_SIZE
+
+#define CONFIGURE_RTEMS_INIT_TASKS_TABLE
+
+#include "ts-fatal-sysinit.h"
+
+/** @} */
-- 
2.35.3



More information about the devel mailing list