Posix implementation layer

[youvedeep]

Currently Zephyr does not support POSIX APIs. This patch patch provides a compatibility layer for supporting POSIX1003.1 PSE52. patch series use Zephyr APIs as foundation and provides a layer to map POSIX APIs to ZEPHYR APIs.

[codecov-io]

Codecov Report

Merging #5667 into master will increase coverage by 0.13%.
The diff coverage is 62%.

@@            Coverage Diff             @@
##           master    #5667      +/-   ##
==========================================
+ Coverage   53.14%   53.28%   +0.13%     
==========================================
  Files         412      424      +12     
  Lines       40148    40729     +581     
  Branches     7733     7845     +112     
==========================================
+ Hits        21338    21702     +364     
- Misses      15675    15817     +142     
- Partials     3135     3210      +75

Impacted Files	Coverage Δ
kernel/posix/pthread_cond.c	82.75% <0%> (ø)	⬆️
include/posix/time.h	100% <100%> (ø)
kernel/posix/pthread_mutex.c	57.14% <100%> (ø)	⬆️
include/posix/pthread.h	100% <100%> (+28.57%)	⬆️
include/posix/posix_sched.h	100% <100%> (ø)
kernel/posix/pthread_sched.c	41.66% <41.66%> (ø)
kernel/posix/timer.c	46.98% <46.98%> (ø)
kernel/posix/pthread.c	61.5% <61.5%> (ø)
tests/kernel/posix/pthread/src/pthread.c	61.85% <61.85%> (ø)
tests/kernel/posix/pthread_join/src/pthread.c	64.7% <64.7%> (ø)
... and 18 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update a73e8fa...9ae6024. Read the comment docs.

[aescolar]

Please add all these functions also to posix_cheats.h
Otherwise you prevent the POSIX arch port from using the host ones.
It wouldn't harm adding also the ones you included as static inlines in the header, in case somebody would change them later to normal/global definitions.

[aescolar]

Also these 2, and any other which is in the POSIX API

[lpereira]

Please review my comments on the other pthread PR; some of the issues there were not addressed in this PR.

(I did not review this fully.)

[lpereira]

Please see comments on #5494 about this. Structs should be initialized like so:

static const struct foo = {
   .bar = 3,
   .baz = 4,
   .quux = SOME_CONSTANT,
};

This way, you can get rid of comments, and if the order of elements change (due to packing reasons, implementing new features, etc), you can be sure that the values that were set before will continue to be set in the future; unset values will be initialized to 0 by the compiler.

[lpereira]

Typo: maximu

[lpereira]

This should be an atomic_val_t.

[lpereira]

Between creating a thread and incrementing the value, preemption might occur. This will cause a race condition that will lead to either invalid memory access, or elements being skipped in the threads array (and two elements being initialized in the same spot).

A way to fix this is to peruse the fact that atomic_inc() will return the previous value, which is the one you want to use as an index to the threads array:

atomic_val_t index = atomic_inc(&thread_count);
if (index < CONFIG_MAX_PTHREAD_COUNT) {
    ...  &threads[index] ...
}

There's no race condition here, because index is guaranteed to be below CONFIG_MAX_PTHREAD_COUNT, even if preemption occurs: no other thread will use the same index. (That's why index here is not static like thread_count is.)

[youvedeep]

Thanks @lpereira I will take care of this.

[youvedeep]

Addressed comments from @lpereira and @aescolar-ot in new patch version.

[lpereira]

You can apply De Morgan's Law here and simplify this expression.

[youvedeep]

Sure I will change it to - if((policy != SCHED_FIFO) && (policy != SCHED_RR)))

[lpereira]

No need for the extra parenthesis.

[lpereira]

This function can't return a negative value on success; that's how the API is defined, and how code using it will expect it to behave.

A solution is not to have priorities mapping 1:1 between Zephyr and POSIX. You can derive the formula for the proper mapping like so:

• Consider two points in the space: (x0, y0) and (x1, y1). The X axis is the POSIX priority, and the Y axis is the Zephyr priority.
• Find two points, P1 and P2, that maps the minimum priority in Zephyr (that's a negative value) to a value that's acceptable in POSIX (say, 1). Do the same for P2, for the maximum value.
• Calculate the slope: m = (y1 - y0) / (x1 - x0)
• Use the calculated slope in the line equation: y - y0 = m(x - x0), where y0 and x0 are the coordinates from P1
• Isolate y or x depending on which direction you want to go (Zephyr -> POSIX or POSIX -> Zephyr). If you're calculating y, any x in the line is valid (could be even x0), and vice versa.
• It's important to round m to the nearest integer, to not use floating point math here. It shouldn't matter if it's ceiled or floored; just make sure that you'll never get a negative x.

[youvedeep]

As per my understanding if a function returns a negative value then it should set errno to 0.
because of which I was putting 0 as ERROR code.

https://www.unix.com/man-page/posix/3posix/sched_get_priority_min/

[lpereira]

That's the opposite: if the function returns -1, errno must be set; otherwise, errno isn't touched (see RETURN VALUE in the linked man page).

Per the POSIX specification, only a return value of -1 will signal error. However, a lot of code will verify error conditions by testing the sign bit (i.e. checking if the return value is < 0 rather than == -1), as it often generates slightly tighter code.

Being a compatibility layer, it's best to assume that any function returning -1 per the specification will also return a negative number (whatever it is) on error, and 0 or a positive value on success. Returning any value from 0 to INT_MAX is fine for these functions, as long as they're consistent with each other, and that the functions to set the priorities are also consistent with these priority values.

[youvedeep]

Looking at documentation @ https://www.systutorials.com/docs/linux/man/2-sched_get_priority_max/#index, (Looks like man page for IEEE Std 1003.13-2003 is silent on number of priorities level in POSIX https://www.unix.com/man-page/posix/3posix/sched_get_priority_min/)-
As per POSIX :-

1. Higher the numerical value Priority, Higher the priority. Something like a thread with priority 5 will have higher priority than a thread with priority 1. (something opposite of Zephyr).
2. There should be at least 32 priority levels, but this can vary based on other standards. I think we can avoid this as for RTOS this may be too high number of priority levels.

I think we can not use the slope technique to map Zephyr priort levels to POSIX prioirty levels as this may create confusion/issues. Let us assume (Numerical lower priority has Higher Priority than numberical high only for example).
Let us take an example - If we have premptive based scheduling enabled with
Zephyr_Max_ priority = 15
Zephyr_Min_ priority = 0
Now mapping this range to POSIX_MAX = 31, POSIX_MIN=0.
Let us say that a POSIX compliant application has 3 threads with priority 2, 3, 4. then it may be expected that 1 has higher priority than 2 and so on.
But internally :-
Thread 1 ==> POSIX_PPRIOITY = 2 mapped to ZEPHYR_PRIORTY = 1
Thread 2 ==> POSIX_PPRIOITY = 3 mapped to ZEPHYR_PRIORTY = 1
Thread 3 ==> POSIX_PPRIOITY = 4 mapped to ZEPHYR_PRIORTY = 2
So this may give undesirable results. So i think there should be 1:1 or n:m (n>= m) mapping between POSIX and ZEPHYR .

I think we can map ZEPHYR_PRIORITY to POSIX_PRIORTY :-

For Preemptive_thread :-
posix_priorty= (CONFIG_NUM_PREEMPT_PRIORITIES - 1) - zephyr_priorty
*-1 to keep maximum priority reserved for highest priority thread.
This will make POSIX_MIN_PRIORITY = 0 and POSIX_MAX_PRIORTY = CONFIG_MAX_APPLICATION_PRIORITY

For COOPERATIVE scheduling policy:-
posix_application_priority = (-1 * zephyr_priority) +1 . (cooperative priorities are -ive).

[lpereira]

Do we have a pthread_join()?

[youvedeep]

As of now we do not have pthread_join(). We need to figure out how to implement it. Before that we will target other POSIX APIs.

[lpereira]

One way to do this is the following:

struct pthread {
    struct k_thread thread;
    void *retval;
};

typedef pthread_t struct pthread;

This way, it's possible to use type-punning to convert between a struct k_thread and a struct pthread. And, for pthreads, it's possible to set/obtain the return value. So, this function could be implemented like so:

static void pthread_exit(void *retval)
{
        pthread_t *self = (pthread_t *)k_current_get();

        self->retval = retval;

        k_thread_abort(self);
}

Then, pthread_join() will get the retval from pthread_t. Calling pthread_exit() should also give a mutex that pthread_join() is waiting on, before it aborts itself.

[youvedeep]

Yes I got your Idea, but I wanted to enhance it to be compatible with pthread_join after first set of patch merge.

For making pthread_join() we need to have 2 members (mutex and Condition variable to signal the state exit). But before that i am waiting for my first set of patches to be merged. I am planning to take this as enhancement,
struct pthread {
struct k_thread thread;
void retval;
pthread_mutex_t state_lock; / Locks the state. /
pthread_cond_t state_cond; / Signalled when the state changes. */
};

[lpereira]

There are some spelling/typos in the commit messages as well; please fix them.

[andrewboie]

Why is this PR and #5494 both open for review at the same time, they have the same code in them!
This is wasting developer time, clean up your stuff and send for review in one or more PRs that are completely disjoint.

[andrewboie]

how was this value arrived at?

[youvedeep]

I just went through the Zephyr Code base and looked that 256 is least stack size used by a thread.

[youvedeep]

Hi @andrewboie Sorry for confusion. But i have mentioned clearly on PR #5494 that discussion for this patch is moved to #5667.
@nashif requested to merge all POSIX related patches into 1 PR and for that I created this PR later.
To avoid confusion, I have closed other POSIX related PRs.

[andrewboie]

You don't need this value at all unless I'm missing something.
It only seems to be used for the defaults which have a NULL stack pointer anyway,
Just use NULL for the default stack pointer and 0 for the size. There is no actual minimum. I have a stack in a double fault handler which is about 12 bytes in size.

[youvedeep]

hmm got it, So basically your suggestion to to define stack_size as 0, something like stack pointer. Let the user provide stack_size along with stack pointer,

[andrewboie]

Hi @andrewboie Sorry for confusion. But i have mentioned clearly on PR #5494 that discussion for this patch is moved to #5667.

Don't have multiple open PRs with the same code. Just don't do it. Close one of them.

[youvedeep]

Guys, Can you please please provide quick review comments on this PR as this is targeted for Release 1.11

[lpereira]

I can't seem to find any reference to PTHREAD_CANCELABLE. Is this documented somewhere?

[lpereira]

Why is this prefixed with THREAD_? If someone includes pthread.h, this will pollute their namespace with things that are not POSIX-specific. There doesn't seem to exist any THREAD_INIT_FLAGS in Linux as well, so I don't know why is this defined in the header file.

[lpereira]

Nitpick, but please use _ to separate words in variable names: init_pthread_attrs.

Also, this shouldn't be in the header file; there will be multiple copies of it if it's included multiple times. Define it inside pthread_attr_init() instead, even if you have to move it to a .c file.

[lpereira]

Functions that are implementation details should be in the .c file.

[lpereira]

The error here should always be ENOSYS, since it's just a stub. Returning EINVAL does not help the user figure out what's wrong.

[lpereira]

Nitpick: please remove the excessive parenthesis.

[lpereira]

Nitpick: please remove the excessive parenthesis.

[youvedeep]

I feel removing internal braces (if (policy != SCHED_FIFO && policy != SCHED_RR) ) will lose the readability. So keeping the braces is better. What is your thought ?

[lpereira]

I don't have strong opinions on this -- I find it less visually polluted without the parenthesis, and don't see any readability issues without them. It's just a nitpick, we can agree to disagree.

[lpereira]

Nitpick: Missing newline before function.

[lpereira]

BTW, I was thinking: can't we just use a memory pool for this? It's possible to return a handle to a pool when the thread ends. Doing it this way, there's no way to recycle a pthread struct: once the system runs out of them, they're gone.

[youvedeep]

Hi @lpereira I will take this as enhancement after M2 milestone.

[lpereira]

Please avoid comments that are not adding any value. If a line says foo_init(&foo), don't say /* Initializes foo */. Comments should document the intent of the code or things that are not obvious just from reading the code itself.

[lpereira]

The patches are looking better, but I don't think they're ready to be merged yet.

[lpereira]

Use an else if here.

[youvedeep]

PTHREAD_JOINABLE and PTHREAD_EXITED are not implemented through ifelse as status of thread will change from PTHREAD_JOINABLE --> PTHREAD_EXITED on pthread_cond_broadcast (inside pthread_exit).
Example :

1. Thread T1 calls pthread_join for thread T2.
2. Thread T1 waits at pthread_cond_wait as T2 has not exited.
   .
   .
3. Thread T2 calls pthread_exit and it updates self->state and retvalue. and calls pthread_cond_broadcast.
4. Now thread T1 receives the condition variable.
5. It enters into pthread->state == PTHREAD_EXITED and gets the return value,

So a thread need to enter into both the conditions, so it has not been put through else if.

[lpereira]

This should return 0 here

[youvedeep]

when the state if thread will change from PTHREAD_JOINABLE to PTHREAD_EXITED. it will pass through pthread->state == PTHREAD_EXITED) and will eventually return 0.

detailed explanation in previous comment.

[lpereira]

For this function, it might be better to have a int ret that's set by each block comparing with pthread->state. This will reduce its size slightly, and have only one mutex_unlock/return block.

[youvedeep]

Addressed.

[youvedeep]

Addressed comments received (except @andrew's comment to fix mutex Object issue). Can you please review it further and provide feedbacks.

[youvedeep]

1. implemented memory allocation for pthread object using mempool.
2. Added pthread_cancel test.

[youvedeep]

Guys Can you please give further comments or provide feedback on this PR?

[lpereira]

Looking a lot better, thanks!

[lpereira]

Comments such as these should be in the comment block that doxygen will find. Users are not expected to look at the implementation to find out why the function is returning EINVAL.

[youvedeep]

Addressed
sure I put comment in doxygen.

[lpereira]

Why sizeof(sizeof(T))?

[youvedeep]

Addressed.
This is a typo, thanks for catching it. I will fix this.

[lpereira]

Put in doxychain currently.

This is still an issue: if pthread_setcancelstate() is called from a thread that's not a pthread, it'll access memory that it shouldn't access (in the best case scenario; it's undefined behavior, so who knows what's going to happen.)

This is an issue with all functions that call pthread_self().

If we're not going to fix this -- which is a big issue, IMO -- at least comment in the pthread_self() Doxygen block that the results of calling it outside a thread created with pthread_create() are undefined.

[lpereira]

Nothing is returned to this memory pool; we'll still run out of pthread handles.

I remember threads having a callback function that got called whenever they were destroyed. Can't we used that to return something to the pool? It might be only for threads that are aborted, which is fine; pthread_exit() can schedule a call to k_mem_pool_free() (it can't call it directly).

[youvedeep]

Not Addressed. Need to figure out solution for this.

Currently I am not returning back to mem pool becuase we need to keep pthread object to handle
pthread_join requests. If we will free the space then pthread_join will have issue.

But I agree we need to figure out a way to return back to mem pool on pthread termination. I can explore it further. But even when k_thread is destroyed, we may need to access pthread object such as retval, pthtread state, statue_mutex to address pthread_join.

[youvedeep]

Addressed comments from @lpereira .
Also Added 2 patches for :
POSIX Timer APIs (12/13)
POSIX timer test API (13/13)