You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The logging path crosses task boundaries on RTOS: application tasks call SolidSyslog_Log, a service task calls SolidSyslog_Service, and integrator-supplied callbacks (string functions, clock, error handler, onSwitch) can fire from yet other tasks. Some reentrancy is handled by construction (per-call SolidSyslogFormatter on the caller's stack; SolidSyslogAtomicCounter for sequenceId; mutex-protected SolidSyslogBuffer). Some is documented contract (single global error handler slot). And some is actually broken — see the first child story.
This epic exists to:
Audit the current state once, end to end.
Document which parts of the API are reentrant by construction, which require integrator contract, and which have actual bugs.
Fix the bugs.
Tighten the contract where it's currently implicit.
Likely children (refine when we pick this up)
OriginSd shared scratch fix — first child, filed as a story under this epic.
Reentrancy audit doc — enumerate every object in the logging path, classify each.
SolidSyslogSwitchingSendercurrentIndex race — UART task writes while Service task reads; plain int, tear-free on most platforms but UB by the C standard.
Callback contract clarity — the integrator's reentrancy obligations for string/clock/error/onSwitch callbacks are currently implicit. Make them explicit in the public-header audience table in CLAUDE.md and in each header.
Possibly in scope, possibly its own thing
Whether the SD pattern itself should be restructured (base class / helper) — that decision sits on the OriginSd bug story.
Whether the error handler slot should grow synchronisation, or stay documented-as-not-synchronised.
Hot-swap config during send → currently slated for the future Reconfiguration epic; revisit the boundary.
Not started. Will be picked up after the memory-consumption sequence (CMake-sizing epic, static-create discussion). Exact slot TBD. Refine as we get closer.
Motivation
The logging path crosses task boundaries on RTOS: application tasks call
SolidSyslog_Log, a service task callsSolidSyslog_Service, and integrator-supplied callbacks (string functions, clock, error handler,onSwitch) can fire from yet other tasks. Some reentrancy is handled by construction (per-callSolidSyslogFormatteron the caller's stack;SolidSyslogAtomicCounterfor sequenceId; mutex-protectedSolidSyslogBuffer). Some is documented contract (single global error handler slot). And some is actually broken — see the first child story.This epic exists to:
Likely children (refine when we pick this up)
SolidSyslogSwitchingSendercurrentIndexrace — UART task writes while Service task reads; plainint, tear-free on most platforms but UB by the C standard.CLAUDE.mdand in each header.Possibly in scope, possibly its own thing
Out of scope
Open questions
feat!bump, or can they go as docs?Status
Not started. Will be picked up after the memory-consumption sequence (CMake-sizing epic, static-create discussion). Exact slot TBD. Refine as we get closer.