spinlock: Make SPIN_VALIDATE a Kconfig option. SPIN_VALIDATE is, as it was previously, enabled per default when having less than 4 CPUs and either having no flash or a flash size greater than 32kB. Small targets, which needs to have asserts enabled, can chose to have the spinlock validation enabled or not and thereby decide whether the overhead added is acceptable or not. Signed-off-by: Danny Oerndrup <daor@demant.com>

commit: c9d78401cc35976fafaad758f2ab6338e04bbbcf [log] [tgz]
author: Danny Oerndrup <daor@demant.com> Fri Dec 13 11:24:56 2019 +0100
committer: Anas Nashif <anas.nashif@intel.com> Fri Dec 20 19:51:16 2019 -0500
tree: c43243cbefc83b4aaca53e3c5f2cc2d9fbca4003
parent: e181e1b7734e448dc6017d9d7d837931e8939f66 [diff]
diff --git a/include/spinlock.h b/include/spinlock.h
index cb69f0e..2f5ef58 100644
--- a/include/spinlock.h
+++ b/include/spinlock.h

@@ -10,23 +10,17 @@
 
 /* There's a spinlock validation framework available when asserts are
  * enabled.  It adds a relatively hefty overhead (about 3k or so) to
- * kernel code size, don't use on platforms known to be small. (Note
- * we're using the kconfig value here.  This isn't defined for every
- * board, but the default of zero works well as an "infinity"
- * fallback.  There is a DT_FLASH_SIZE parameter too, but that seems
- * even more poorly supported.
+ * kernel code size, don't use on platforms known to be small.
  */
-#if (CONFIG_FLASH_SIZE == 0) || (CONFIG_FLASH_SIZE > 32)
-#if defined(CONFIG_ASSERT) && (CONFIG_MP_NUM_CPUS < 4)
+#ifdef CONFIG_SPIN_VALIDATE
 #include <sys/__assert.h>
 #include <stdbool.h>
 struct k_spinlock;
 bool z_spin_lock_valid(struct k_spinlock *l);
 bool z_spin_unlock_valid(struct k_spinlock *l);
 void z_spin_lock_set_owner(struct k_spinlock *l);
-#define SPIN_VALIDATE
-#endif
-#endif
+BUILD_ASSERT_MSG(CONFIG_MP_NUM_CPUS < 4, "Too many CPUs for mask");
+#endif /* CONFIG_SPIN_VALIDATE */
 
 struct k_spinlock_key {
 	int key;
@@ -39,15 +33,16 @@
 	atomic_t locked;
 #endif
 
-#ifdef SPIN_VALIDATE
+#ifdef CONFIG_SPIN_VALIDATE
 	/* Stores the thread that holds the lock with the locking CPU
 	 * ID in the bottom two bits.
 	 */
 	uintptr_t thread_cpu;
 #endif
 
-#if defined(CONFIG_CPLUSPLUS) && !defined(CONFIG_SMP) && !defined(SPIN_VALIDATE)
-	/* If CONFIG_SMP and SPIN_VALIDATE are both not defined
+#if defined(CONFIG_CPLUSPLUS) && !defined(CONFIG_SMP) && \
+	!defined(CONFIG_SPIN_VALIDATE)
+	/* If CONFIG_SMP and CONFIG_SPIN_VALIDATE are both not defined
 	 * the k_spinlock struct will have no members. The result
 	 * is that in C sizeof(k_spinlock) is 0 and in C++ it is 1.
 	 *
@@ -75,7 +70,7 @@
 	 */
 	k.key = arch_irq_lock();
 
-#ifdef SPIN_VALIDATE
+#ifdef CONFIG_SPIN_VALIDATE
 	__ASSERT(z_spin_lock_valid(l), "Recursive spinlock");
 #endif
 
@@ -84,7 +79,7 @@
 	}
 #endif
 
-#ifdef SPIN_VALIDATE
+#ifdef CONFIG_SPIN_VALIDATE
 	z_spin_lock_set_owner(l);
 #endif
 	return k;
@@ -94,7 +89,7 @@
 					k_spinlock_key_t key)
 {
 	ARG_UNUSED(l);
-#ifdef SPIN_VALIDATE
+#ifdef CONFIG_SPIN_VALIDATE
 	__ASSERT(z_spin_unlock_valid(l), "Not my spinlock!");
 #endif
 
@@ -117,7 +112,7 @@
 static ALWAYS_INLINE void k_spin_release(struct k_spinlock *l)
 {
 	ARG_UNUSED(l);
-#ifdef SPIN_VALIDATE
+#ifdef CONFIG_SPIN_VALIDATE
 	__ASSERT(z_spin_unlock_valid(l), "Not my spinlock!");
 #endif
 #ifdef CONFIG_SMP

diff --git a/kernel/sched.c b/kernel/sched.c
index 1e96909..fa0433b 100644
--- a/kernel/sched.c
+++ b/kernel/sched.c

@@ -650,7 +650,7 @@
 #endif
 			_current_cpu->swap_ok = 0;
 			set_current(th);
-#ifdef SPIN_VALIDATE
+#ifdef CONFIG_SPIN_VALIDATE
 			/* Changed _current!  Update the spinlock
 			 * bookeeping so the validation doesn't get
 			 * confused when the "wrong" thread tries to

diff --git a/kernel/thread.c b/kernel/thread.c
index ef50f13..17f03dd 100644
--- a/kernel/thread.c
+++ b/kernel/thread.c

@@ -853,7 +853,7 @@
 /* These spinlock assertion predicates are defined here because having
  * them in spinlock.h is a giant header ordering headache.
  */
-#ifdef SPIN_VALIDATE
+#ifdef CONFIG_SPIN_VALIDATE
 bool z_spin_lock_valid(struct k_spinlock *l)
 {
 	uintptr_t thread_cpu = l->thread_cpu;
@@ -879,8 +879,7 @@
 {
 	l->thread_cpu = _current_cpu->id | (uintptr_t)_current;
 }
-
-#endif
+#endif /* CONFIG_SPIN_VALIDATE */
 
 int z_impl_k_float_disable(struct k_thread *thread)
 {

diff --git a/subsys/debug/Kconfig b/subsys/debug/Kconfig
index 43865e9..86b6251 100644
--- a/subsys/debug/Kconfig
+++ b/subsys/debug/Kconfig

@@ -163,6 +163,16 @@
 	  Level 1: on + warning in every file that includes __assert.h
 	  Level 2: on + no warning
 
+config SPIN_VALIDATE
+	bool "Enable spinlock validation"
+	depends on ASSERT
+	depends on MP_NUM_CPUS < 4
+	default y if !FLASH || FLASH_SIZE > 32
+	help
+	  There's a spinlock validation framework available when asserts are
+	  enabled. It adds a relatively hefty overhead (about 3k or so) to
+	  kernel code size, don't use on platforms known to be small.
+
 config FORCE_NO_ASSERT
 	bool "Force-disable no assertions"
 	help
commit	c9d78401cc35976fafaad758f2ab6338e04bbbcf	[log] [tgz]
author	Danny Oerndrup <daor@demant.com>	Fri Dec 13 11:24:56 2019 +0100
committer	Anas Nashif <anas.nashif@intel.com>	Fri Dec 20 19:51:16 2019 -0500
tree	c43243cbefc83b4aaca53e3c5f2cc2d9fbca4003
parent	e181e1b7734e448dc6017d9d7d837931e8939f66 [diff]