Fix issue #6872 - Mutex lock has possibility to fail at runtime (returning status flag) #7423
Conversation
rtos/Mutex.cpp
Outdated
| @@ -55,6 +55,9 @@ osStatus Mutex::lock(uint32_t millisec) { | |||
| if (osOK == status) { | |||
| _count++; | |||
| } | |||
|
|
|||
| MBED_ASSERT(status == osErrorTimeout || status == osOK); | |||
There was a problem hiding this comment.
Unfortunately CMSIS-RTOS can also return "osErrorResource" if the mutex is locked and timeout is 0.
And there should be no error if the timeout specified was 0xffffffff. I think.
The maximally-tight assertion is I think:
MBED_ASSERT(status == osOK ||
(status == osErrorResource && millisec == 0) ||
(status == osErrorTimeout && millisec != osWaitForever));
Note that if adding an assert here, trylock_for can have its removed.
mprse
changed the title
|
@kjbracey-arm Thanks for the review. I followed your suggestion and added
The following questions appeared:
|
|
I was thinking it was premature to actually make the Deprecated-since should say 5.10. Yes, when |
|
Changed definition of |
Isn't this breaking change? I dont see any mention in the commit message but from the discussion and code, looks like it is. If yes, this will need careful consideration and review |
Marked this PR as "breaking change". |
|
@ARMmbed/mbed-os-core ping |
|
ping |
|
|
||
| stat = mutex.lock(); | ||
| TEST_ASSERT_EQUAL(osOK, stat); | ||
| mutex.lock(); |
There was a problem hiding this comment.
We don;t return any status, but how do we verify if recursive lock here was successful or not?
There was a problem hiding this comment.
In the original version returned status has been checked. Since we do not have status now we can only execute two successive locks and two successive unlocks and show that the test case has been executed successfully. We do not have status, but please note that ASSERT has been added to the lock/unlock. In case of failure ASSERT will force the test to fail.
|
|
||
| stat = mutex.unlock(); | ||
| TEST_ASSERT_EQUAL(osOK, stat); | ||
| mutex.unlock(); |
There was a problem hiding this comment.
I am not sure how are we testing lock/unlock success/failure here? Should we modify the test to check from another thread if lock was applied or not and set success/fail based on that.
There was a problem hiding this comment.
ASSERT added in lock/unlock will force the test to fail in case of failure.
I don't think that we need here to use another thread to show that lock/unlock works since we got other test cases which proves that.
|
Once this is rebased, we can start CI. |
mprse
force-pushed
the
mutex_lock_assert
branch
from
efe7914 to
9d37ce9
Compare
Rebased and after consultation with @0xc0170 marked |
|
/morph build |
|
@kjbracey-arm @deepikabhavnani @ARMmbed/mbed-os-core @bulislaw @0xc0170 |
|
I think the deprecation of The main question is what the return type of But we can't deprecate just use of the return value. :( Either we do this now despite lack of deprecation or save it to some 6.0 point, where we'd be okay with a change without deprecation. I don't want to sidestep by use of a |
@mprse Please correct that
I would vote the next major. |
0xc0170
changed the title
|
/morph build |
Build : SUCCESSBuild number : 2985 Triggering tests/morph test |
Test : SUCCESSBuild number : 2744 |
Exporter Build : FAILUREBuild number : 2594 |
|
/morph export-build |
Exporter Build : FAILUREBuild number : 2597 |
|
/morph export-build |
| */ | ||
| osStatus lock(uint32_t millisec=osWaitForever); | ||
| MBED_DEPRECATED_SINCE("mbed-os-5.10.0", "Replaced with lock(), trylock() and trylock_for() functions") |
There was a problem hiding this comment.
Look at exporters failing (this line there, as mbed-os\rtos/Mutex.h(107): error: #79: expected a type specifier)
missing header file inclusion or what is this causing?
|
@mprse please see multiple failures in export. |
Exporter Build : FAILUREBuild number : 2598 |
Perform the following changes: - change definition of `void Mutex::lock(void)` to `osStatus Mutex::lock(void)`. - change definition of `void Mutex::unlock()` to `osStatus Mutex::unlock()`. - use MBED_ERROR1 macro to check the lock/unlock operation status. - add notes in the description of lock/unlock functions: "This function asserts status of the lock/unlock operation (will not return in case of failure). Use of the return value is deprecated, as the return is expected to become void in the future.". - modify/add description of the return value. - remove reference to Mbed 6. - make `lock(millisec)` deprecated in favour of lock(), trylock() and trylock_for() functions.
mprse
force-pushed
the
mutex_lock_assert
branch
from
cc8c2a8 to
fba9c4b
Compare
|
Looks like It was already added before (ac2db7c) and removed by mistake in the last commit while reverting wrong changes. |
|
/morph build |
Build : SUCCESSBuild number : 2991 Triggering tests/morph test |
Test : SUCCESSBuild number : 2754 |
Exporter Build : SUCCESSBuild number : 2602 |
|
Looks good. |
Description
This patch is a partial fix for issue #6872.
This is the first step which adds an assertion, so we get the indication in develop builds, not just debug.
Potentially in the next step we could perform total elimination of the error return in the non-time-limited Mutex claim.
More information can be found here:
https://jira.arm.com/browse/IOTMORF-2350
Pull request type