release: bump version to 1.14.3

Bump version to 1.14.3.

Signed-off-by: Anas Nashif <anas.nashif@intel.com>

.buildkite/hooks/post-command

@@ -0,0 +1,12 @@
+#!/bin/bash
+# Copyright (c) 2020 Linaro Limited
+#
+# SPDX-License-Identifier: Apache-2.0
+
+# report disk usage:
+echo "--- $0 disk usage"
+df -h
+docker image prune --all --force
+df -h
+ls
+cat docker-images

.buildkite/hooks/pre-command

@@ -0,0 +1,42 @@
+#!/bin/bash
+# Copyright (c) 2020 Linaro Limited
+#
+# SPDX-License-Identifier: Apache-2.0
+
+# Save off where we started so we can go back there
+WORKDIR=${PWD}
+
+if [ -n "${BUILDKITE_PULL_REQUEST_BASE_BRANCH}" ]; then
+   git fetch -v origin ${BUILDKITE_PULL_REQUEST_BASE_BRANCH}
+   git checkout FETCH_HEAD
+   git config --local user.email "builds@zephyrproject.org"
+   git config --local user.name "Zephyr CI"
+   git merge --no-edit "${BUILDKITE_COMMIT}" || {
+       local merge_result=$?
+       echo "Merge failed: ${merge_result}"
+       git merge --abort
+       exit $merge_result
+   }
+fi
+
+mkdir -p /var/lib/buildkite-agent/zephyr-ccache/
+
+# create cache dirs, no-op if they already exist
+mkdir -p /var/lib/buildkite-agent/zephyr-module-cache/modules
+mkdir -p /var/lib/buildkite-agent/zephyr-module-cache/tools
+mkdir -p /var/lib/buildkite-agent/zephyr-module-cache/bootloader
+
+# Clean cache - if it already exists
+cd /var/lib/buildkite-agent/zephyr-module-cache
+find -type f -not -path "*/.git/*" -not -name ".git" -delete
+
+# Remove any stale locks
+find -name index.lock -delete
+
+# return from where we started so we can find pipeline files from
+# git repo
+cd ${WORKDIR}
+
+# Save off what images was there before and clean things out
+docker images --filter=reference='zephyrprojectrtos/ci' --format "{{.Repository}}:{{.Tag}}" > docker-images
+docker image prune --all --force

.buildkite/pipeline.yml

@@ -0,0 +1,28 @@
+steps:
+  - command:
+    - .buildkite/run.sh
+    env:
+      ZEPHYR_TOOLCHAIN_VARIANT: "zephyr"
+      ZEPHYR_SDK_INSTALL_DIR: "/opt/sdk/zephyr-sdk-0.10.3"
+    parallelism: 20
+    timeout_in_minutes: 120
+    retry:
+      manual: true
+    plugins:
+      - docker#v3.5.0:
+          image: "zephyrprojectrtos/ci:v0.8.2"
+          propagate-environment: true
+          volumes:
+            - "/var/lib/buildkite-agent/git-mirrors:/var/lib/buildkite-agent/git-mirrors"
+            - "/var/lib/buildkite-agent/zephyr-module-cache:/var/lib/buildkite-agent/zephyr-module-cache"
+            - "/var/lib/buildkite-agent/zephyr-ccache:/root/.ccache"
+          workdir: "/workdir/zephyr"
+    agents:
+    - "queue=default"
+
+  - wait: ~
+    continue_on_failure: true
+
+  - plugins:
+      - junit-annotate#v1.7.0:
+          artifacts: sanitycheck-*.xml

.buildkite/run.sh

@@ -0,0 +1,46 @@
+#!/bin/bash
+# Copyright (c) 2020 Linaro Limited
+#
+# SPDX-License-Identifier: Apache-2.0
+
+echo "--- run $0"
+
+git log -n 5 --oneline --decorate --abbrev=12
+
+# Setup module cache
+cd /workdir
+ln -s /var/lib/buildkite-agent/zephyr-module-cache/modules
+ln -s /var/lib/buildkite-agent/zephyr-module-cache/tools
+ln -s /var/lib/buildkite-agent/zephyr-module-cache/bootloader
+cd /workdir/zephyr
+
+export JOB_NUM=$((${BUILDKITE_PARALLEL_JOB}+1))
+
+# ccache stats
+echo ""
+echo "--- ccache stats at start"
+ccache -s
+
+if [ -n "${BUILDKITE_PULL_REQUEST_BASE_BRANCH}" ]; then
+   ./scripts/ci/run_ci.sh  -c -b ${BUILDKITE_PULL_REQUEST_BASE_BRANCH} -r origin \
+	   -m ${JOB_NUM} -M ${BUILDKITE_PARALLEL_JOB_COUNT} -p ${BUILDKITE_PULL_REQUEST}
+else
+   ./scripts/ci/run_ci.sh -c -b ${BUILDKITE_BRANCH} -r origin \
+	   -m ${JOB_NUM} -M ${BUILDKITE_PARALLEL_JOB_COUNT};
+fi;
+
+SANITY_EXIT_STATUS=$?
+
+# Rename sanitycheck junit xml for use with junit-annotate-buildkite-plugin
+mv  ./scripts/sanity_chk/last_sanity.xml sanitycheck-${BUILDKITE_JOB_ID}.xml
+buildkite-agent artifact upload sanitycheck-${BUILDKITE_JOB_ID}.xml
+
+# ccache stats
+echo "--- ccache stats at finish"
+ccache -s
+
+# disk usage
+echo "--- disk usage at finish"
+df -h
+
+exit ${SANITY_EXIT_STATUS}

.github/license_config.yml

@@ -0,0 +1,16 @@
+license:
+  main: apache-2.0
+  report_missing: true
+  category: Permissive
+copyright:
+  check: true
+exclude:
+  extensions:
+    - yml
+    - yaml
+    - html
+    - rst
+    - conf
+    - cfg
+  langs:
+    - HTML

.github/workflows/compliance.yml

@@ -0,0 +1,114 @@
+name: Compliance
+
+on: pull_request
+
+jobs:
+  compliance_job:
+    runs-on: ubuntu-latest
+    name: Run compliance checks on patch series (PR)
+    steps:
+    - name: Checkout the code
+      uses: actions/checkout@v1
+
+    - name: cache-pip
+      uses: actions/cache@v1
+      with:
+        path: ~/.cache/pip
+        key: ${{ runner.os }}-doc-pip
+
+    - name: Install python dependencies
+      run: |
+        pip3 install setuptools
+        pip3 install wheel
+        pip3 install python-magic junitparser gitlint pylint pykwalify
+        pip3 install west
+
+    - name: Run Compliance Tests
+      id: compliance
+      env:
+        BASE_REF: ${{ github.base_ref }}
+      run: |
+        export PATH=$PATH:~/.local/bin
+        export ZEPHYR_BASE=$PWD
+        git config --global user.email "you@example.com"
+        git config --global user.name "Your Name"
+        git rebase origin/${BASE_REF}
+        ./scripts/ci/check_compliance.py -m Codeowners -m Devicetree -m Gitlint -m Identity -m Nits -m pylint -m checkpatch -m Kconfig -c origin/${BASE_REF}.. || true
+
+    - name: upload-results
+      uses: actions/upload-artifact@master
+      continue-on-error: True
+      with:
+        name: compliance.xml
+        path: compliance.xml
+
+    - name: check-warns
+      run: |
+        if [ -s Nits.txt ]; then
+           errors=$(cat Nits.txt)
+           errors="${errors//'%'/'%25'}"
+           errors="${errors//$'\n'/'%0A'}"
+           errors="${errors//$'\r'/'%0D'}"
+           echo "::error file=Nits.txt::$errors"
+           exit=1
+        fi
+        if [ -s checkpatch.txt ]; then
+           errors=$(cat checkpatch.txt)
+           errors="${errors//'%'/'%25'}"
+           errors="${errors//$'\n'/'%0A'}"
+           errors="${errors//$'\r'/'%0D'}"
+           echo "::error file=Checkpatch.txt::$errors"
+           exit=1
+        fi
+        if [ -s Identity.txt ]; then
+           errors=$(cat Identity.txt)
+           errors="${errors//'%'/'%25'}"
+           errors="${errors//$'\n'/'%0A'}"
+           errors="${errors//$'\r'/'%0D'}"
+           echo "::error file=Identity.txt::$errors"
+           exit=1
+        fi
+        if [ -s Gitlint.txt ]; then
+           errors=$(cat Gitlint.txt)
+           errors="${errors//'%'/'%25'}"
+           errors="${errors//$'\n'/'%0A'}"
+           errors="${errors//$'\r'/'%0D'}"
+           echo "::error file=Gitlint.txt::$errors"
+           exit=1
+        fi
+        if [ -s pylint.txt ]; then
+           errors=$(cat pylint.txt)
+           errors="${errors//'%'/'%25'}"
+           errors="${errors//$'\n'/'%0A'}"
+           errors="${errors//$'\r'/'%0D'}"
+           echo "::error file=pylint.txt::$errors"
+           exit=1
+        fi
+        if [ -s Devicetree.txt ]; then
+           errors=$(cat Devicetree.txt)
+           errors="${errors//'%'/'%25'}"
+           errors="${errors//$'\n'/'%0A'}"
+           errors="${errors//$'\r'/'%0D'}"
+           echo "::error file=Devicetree.txt::$errors"
+           exit=1
+        fi
+        if [ -s Kconfig.txt ]; then
+           errors=$(cat Kconfig.txt)
+           errors="${errors//'%'/'%25'}"
+           errors="${errors//$'\n'/'%0A'}"
+           errors="${errors//$'\r'/'%0D'}"
+           echo "::error file=Kconfig.txt::$errors"
+           exit=1
+        fi
+        if [ -s Codeowners.txt ]; then
+           errors=$(cat Codeowners.txt)
+           errors="${errors//'%'/'%25'}"
+           errors="${errors//$'\n'/'%0A'}"
+           errors="${errors//$'\r'/'%0D'}"
+           echo "::error file=Codeowners.txt::$errors"
+           exit=1
+        fi
+
+        if [ ${exit} == 1 ]; then
+          exit 1;
+        fi

.github/workflows/doc-build.yml

@@ -0,0 +1,65 @@
+# Copyright (c) 2020 Linaro Limited.
+# SPDX-License-Identifier: Apache-2.0
+
+name: Documentation GitHub Workflow
+
+on: [pull_request]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Update PATH for west
+      run: |
+        echo "$HOME/.local/bin" >> $GITHUB_PATH
+
+    - name: checkout
+      uses: actions/checkout@v2
+
+    - name: install-pkgs
+      run: |
+        sudo apt-get install -y ninja-build doxygen
+
+    - name: cache-pip
+      uses: actions/cache@v1
+      with:
+        path: ~/.cache/pip
+        key: ${{ runner.os }}-doc-pip
+
+    - name: install-pip
+      run: |
+        pip3 install setuptools
+        pip3 install 'breathe>=4.9.1,<4.15.0' 'docutils>=0.14' \
+                     'sphinx>=1.7.5,<3.0' sphinx_rtd_theme sphinx-tabs \
+                     sphinxcontrib-svg2pdfconverter 'west>=0.6.2'
+        pip3 install pyelftools
+
+    - name: west setup
+      run: |
+        west init -l . || true
+
+    - name: build-docs
+      run: |
+        source zephyr-env.sh
+        make htmldocs
+        tar cvf htmldocs.tar --directory=./doc/_build html
+
+    - name: upload-build
+      uses: actions/upload-artifact@master
+      continue-on-error: True
+      with:
+        name: htmldocs.tar
+        path: htmldocs.tar
+
+    - name: check-warns
+      run: |
+        if [ -s doc/_build/doc.warnings ]; then
+           docwarn=$(cat doc/_build/doc.warnings)
+           docwarn="${docwarn//'%'/'%25'}"
+           docwarn="${docwarn//$'\n'/'%0A'}"
+           docwarn="${docwarn//$'\r'/'%0D'}"
+           # We treat doc warnings as errors
+           echo "::error file=doc.warnings::$docwarn"
+           exit 1
+        fi

.github/workflows/license_check.yml

@@ -0,0 +1,32 @@
+name: Scancode
+
+on: [pull_request]
+
+jobs:
+  scancode_job:
+    runs-on: ubuntu-latest
+    name: Scan code for licenses
+    steps:
+    - name: Checkout the code
+      uses: actions/checkout@v1
+    - name: Scan the code
+      id: scancode
+      uses: zephyrproject-rtos/action_scancode@v3
+      with:
+        directory-to-scan: 'scan/'
+    - name: Artifact Upload
+      uses: actions/upload-artifact@v1
+      with:
+        name: scancode
+        path: ./artifacts
+
+    - name: Verify
+      run: |
+        if [ -s ./artifacts/report.txt ]; then
+          report=$(cat ./artifacts/report.txt)
+          report="${report//'%'/'%25'}"
+          report="${report//$'\n'/'%0A'}"
+          report="${report//$'\r'/'%0D'}"
+          echo "::error file=./artifacts/report.txt::$report"
+          exit 1
+        fi

.known-issues/doc/bluetooth.conf

@@ -48,3 +48,21 @@
 ^(?P=filename):(?P=lineno): WARNING: Invalid definition: Expected end of definition. \[error at [0-9]+]
 ^.*bt_mesh_model.__unnamed__.*
 ^[- \t]*\^
+#
+# Bluetooth mesh pub struct definition
+#
+^(?P<filename>([\-:\\/\w\.])+[/\\]doc[/\\]reference[/\\]bluetooth[/\\]mesh[/\\]access.rst):(?P<lineno>[0-9]+): WARNING: Invalid definition: Expected end of definition. \[error at [0-9]+]
+^.*bt_mesh_model_pub.*
+^[- \t]*\^
+^(?P=filename):(?P=lineno): WARNING: Invalid definition: Expected end of definition. \[error at [0-9]+]
+^.*bt_mesh_model_pub.*
+^[- \t]*\^
+^(?P=filename):(?P=lineno): WARNING: Invalid definition: Expected end of definition. \[error at [0-9]+]
+^.*bt_mesh_model_pub.*
+^[- \t]*\^
+^(?P=filename):(?P=lineno): WARNING: Invalid definition: Expected end of definition. \[error at [0-9]+]
+^.*bt_mesh_model_pub.*
+^[- \t]*\^
+^(?P=filename):(?P=lineno): WARNING: Invalid definition: Expected end of definition. \[error at [0-9]+]
+^.*bt_mesh_model_pub.*
+^[- \t]*\^

.known-issues/doc/duplicate.conf

@@ -1,6 +1,6 @@
 #
-^(?P<filename>([\-:\\/\w\.])+[/\\]doc[/\\]reference[/\\]file_system[/\\]index.rst):(?P<lineno>[0-9]+): WARNING: Duplicate declaration.
+^(?P<filename>([\-:\\/\w\.])+[/\\]doc[/\\]reference[/\\]file_system[/\\]index.rst):(?P<lineno>[0-9]+): WARNING: Duplicate declaration(.*)
 #
-^(?P<filename>([\-:\\/\w\.])+[/\\]doc[/\\]reference[/\\]peripherals[/\\]dma.rst):(?P<lineno>[0-9]+): WARNING: Duplicate declaration.
+^(?P<filename>([\-:\\/\w\.])+[/\\]doc[/\\]reference[/\\]peripherals[/\\]dma.rst):(?P<lineno>[0-9]+): WARNING: Duplicate declaration(.*)
 #
-^(?P<filename>([\-:\\/\w\.])+[/\\]doc[/\\]reference[/\\]peripherals[/\\]sensor.rst):(?P<lineno>[0-9]+): WARNING: Duplicate declaration.
+^(?P<filename>([\-:\\/\w\.])+[/\\]doc[/\\]reference[/\\]peripherals[/\\]sensor.rst):(?P<lineno>[0-9]+): WARNING: Duplicate declaration(.*)

.known-issues/doc/networking.conf

@@ -67,4 +67,4 @@
 #
 # stray duplicate definition warnings
 #
-^(?P<filename>([\-:\\/\w\.])+[/\\]doc[/\\]reference[/\\]networking[/\\]net_if.rst):(?P<lineno>[0-9]+): WARNING: Duplicate declaration.
+^(?P<filename>([\-:\\/\w\.])+[/\\]doc[/\\]reference[/\\]networking[/\\]net_if.rst):(?P<lineno>[0-9]+): WARNING: Duplicate declaration(.*)

.shippable.yml

@@ -4,8 +4,8 @@ compiler: gcc
 
 env:
     global:
-        - SDK=0.10.0
-        - ZEPHYR_SDK_INSTALL_DIR=/opt/sdk/zephyr-sdk-0.10.0
+        - SDK=0.10.3
+        - ZEPHYR_SDK_INSTALL_DIR=/opt/sdk/zephyr-sdk-0.10.3
         - ZEPHYR_TOOLCHAIN_VARIANT=zephyr
         - MATRIX_BUILDS="5"
     matrix:
@@ -21,7 +21,7 @@ build:
         - ${SHIPPABLE_BUILD_DIR}/ccache
     pre_ci_boot:
         image_name: zephyrprojectrtos/ci
-        image_tag: v0.6.4
+        image_tag: v0.8.2
         pull: true
         options: "-e HOME=/home/buildslave --privileged=true --tty --net=bridge --user buildslave"
 
@@ -48,7 +48,11 @@ build:
         else
           ./scripts/ci/run_ci.sh -s -b ${BRANCH} -r origin -m ${MATRIX_BUILD} -M ${MATRIX_BUILDS};
         fi;
-
+branches:
+  only:
+    - master
+    - v*-branch
+    - topic-*
 integrations:
   notifications:
     - integrationName: slack_integration
@@ -70,5 +74,6 @@ integrations:
           - net
           - bluetooth
           - arm
+          - v1.14-branch
       on_success: never
       on_failure: never

CMakeLists.txt

@@ -719,6 +719,7 @@ add_custom_command(
   ${ZEPHYR_BASE}/scripts/gen_kobject_list.py
   --validation-output ${DRV_VALIDATION}
   $<$<BOOL:${CMAKE_VERBOSE_MAKEFILE}>:--verbose>
+  DEPENDS ${ZEPHYR_BASE}/scripts/gen_kobject_list.py
   WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}
   )
 add_custom_target(${DRIVER_VALIDATION_H_TARGET} DEPENDS ${DRV_VALIDATION})
@@ -852,6 +853,10 @@ endif()
 
 if(CONFIG_CODE_DATA_RELOCATION)
    set(MEM_RELOCATAION_LD "${PROJECT_BINARY_DIR}/include/generated/linker_relocate.ld")
+   set(MEM_RELOCATAION_SRAM_DATA_LD
+     "${PROJECT_BINARY_DIR}/include/generated/linker_sram_data_relocate.ld")
+   set(MEM_RELOCATAION_SRAM_BSS_LD
+     "${PROJECT_BINARY_DIR}/include/generated/linker_sram_bss_relocate.ld")
    set(MEM_RELOCATAION_CODE "${PROJECT_BINARY_DIR}/code_relocation.c")
 
    add_custom_command(
@@ -863,6 +868,8 @@ if(CONFIG_CODE_DATA_RELOCATION)
      -d ${APPLICATION_BINARY_DIR}
      -i '$<TARGET_PROPERTY:code_data_relocation_target,COMPILE_DEFINITIONS>'
      -o ${MEM_RELOCATAION_LD}
+     -s ${MEM_RELOCATAION_SRAM_DATA_LD}
+     -b ${MEM_RELOCATAION_SRAM_BSS_LD}
      -c ${MEM_RELOCATAION_CODE}
      DEPENDS app kernel ${ZEPHYR_LIBS_PROPERTY}
      )

CODEOWNERS

@@ -6,11 +6,13 @@
 # Do not use wildcard on all source yet
 # *                                        @galak @nashif
 
+/.github/                                 @nashif @galak
 /.known-issues/                           @inakypg @nashif
+/.buildkite/                              @galak
 /arch/arc/                                @vonhust @ruuddw
 /arch/arm/                                @MaureenHelm @galak
 /arch/arm/core/cortex_m/cmse/             @ioannisg
-/arch/arm/include/cortex_m/cmse/          @ioannisg
+arch/arm/include/cortex_m/cmse.h          @ioannisg
 /soc/arm/                                 @MaureenHelm @galak
 /soc/arm/arm/mps2/                        @fvincenzo
 /soc/arm/atmel_sam/sam4s/                 @fallrisk
@@ -135,6 +137,7 @@
 /drivers/usb/                             @jfischer-phytec-iot @finikorg
 /drivers/usb/device/usb_dc_stm32.c        @ydamigos @loicpoulain
 /drivers/i2c/i2c_ll_stm32*                @ldts @ydamigos
+/drivers/watchdog/wdt_handlers.c          @andrewboie
 /drivers/wifi/                            @jukkar @tbursztyka @pfalcon
 /drivers/wifi/eswifi/                     @loicpoulain
 /dts/arm/st/                              @erwango
@@ -217,6 +220,7 @@
 /lib/gui/                                 @vanwinkeljan
 /lib/os/                                  @andrewboie @andyross
 /lib/posix/                               @pfalcon
+/lib/libc/                                @nashif @andrewboie
 /kernel/device.c                          @andrewboie @andyross @nashif
 /kernel/idle.c                            @andrewboie @andyross @nashif
 /samples/basic/servo_motor/*microbit*     @jhe
@@ -237,6 +241,7 @@
 /samples/subsys/shell/                    @jarz-nordic @nordic-krch
 /samples/subsys/usb/                      @jfischer-phytec-iot @finikorg
 /samples/subsys/power/                    @ramakrishnapallala @pizi-nordic
+/scripts/ci/                              @nashif @galak
 /scripts/coccicheck                       @himanshujha199640 @JuliaLawall
 /scripts/coccinelle/                      @himanshujha199640 @JuliaLawall
 /scripts/elf_helper.py                    @andrewboie
@@ -275,7 +280,9 @@
 /subsys/settings/                         @nvlsianpu
 /subsys/shell/                            @jarz-nordic @nordic-krch
 /subsys/storage/                          @nvlsianpu
+/subsys/testsuite/                        @nashif
 /subsys/usb/                              @jfischer-phytec-iot @finikorg
+/tests/application_development/libcxx/    @pabigot
 /tests/boards/native_posix/               @aescolar
 /tests/boards/intel_s1000_crb/            @rgundi @dcpleung @sathishkuttan
 /tests/bluetooth/                         @sjanc @jhedberg @Vudentz
@@ -287,6 +294,7 @@
 /tests/drivers/spi/                       @tbursztyka
 /tests/drivers/uart/uart_async_api/       @Mierunski
 /tests/kernel/                            @andrewboie @andyross @nashif
+/tests/lib/                               @nashif
 /tests/net/                               @jukkar @tbursztyka @pfalcon
 /tests/net/buf/                           @jukkar @jhedberg @tbursztyka @pfalcon
 /tests/net/lib/                           @jukkar @tbursztyka @pfalcon

VERSION

@@ -1,5 +1,5 @@
 VERSION_MAJOR = 1
 VERSION_MINOR = 14
-PATCHLEVEL = 0
+PATCHLEVEL = 3
 VERSION_TWEAK = 0
 EXTRAVERSION =

arch/arc/core/fast_irq.S

@@ -222,11 +222,36 @@ _firq_reschedule:
 	 * registers from the interrupted thread.
 	 */
 
+#if defined(CONFIG_USERSPACE)
+/* when USERSPACE is configured, here need to consider the case where firq comes
+ * out in user mode, according to ARCv2 ISA and nsim, the following micro ops
+ * will be executed:
+ *	sp<-reg bank1'sp
+ *      switch between sp and _ARC_V2_USER_SP
+ * then:
+ *      sp is the sp of kernel stack of interrupted thread
+ *      _ARC_V2_USER_SP is reg bank1'sp
+ *      the sp of user stack of interrupted thread is reg bank0'sp
+ * if firq comes out in kernel mode, the following micro ops will be executed:
+ *      sp<-reg bank'sp
+ * so, sw needs to do necessary handling to set up the correct sp
+ */
+	lr r0, [_ARC_V2_AUX_IRQ_ACT]
+	bbit0 r0, 31, _firq_from_kernel
+	aex sp, [_ARC_V2_USER_SP]
+	lr r0, [_ARC_V2_STATUS32]
+	and r0, r0, ~_ARC_V2_STATUS32_RB(7)
+	kflag r0
+	aex sp, [_ARC_V2_USER_SP]
+	b _firq_create_irq_stack_frame
+_firq_from_kernel:
+#endif
 	/* chose register bank #0 */
 	lr r0, [_ARC_V2_STATUS32]
 	and r0, r0, ~_ARC_V2_STATUS32_RB(7)
 	kflag r0
 
+_firq_create_irq_stack_frame:
 	/* we're back on the outgoing thread's stack */
 	_create_irq_stack_frame
 
@@ -241,6 +266,24 @@ _firq_reschedule:
 	st ilink, [sp, ___isf_t_pc_OFFSET] /* ilink into pc */
 #endif
 
+#if defined(CONFIG_USERSPACE)
+/*
+ * when USERSPACE is enabled, according to ARCv2 ISA, SP will be switched
+ * if interrupt comes out in user mode, and will be recorded in bit 31
+ * (U bit) of IRQ_ACT. when interrupt exits, SP will be switched back
+ * according to U bit.
+ *
+ * need to remember the user/kernel status of interrupted thread, will be
+ * restored when thread switched back
+ *
+ */
+	lr r4, [_ARC_V2_AUX_IRQ_ACT]
+	and r3, r4, 0x80000000
+	push_s r3
+
+	bclr r4, r4, 31
+	sr r4, [_ARC_V2_AUX_IRQ_ACT]
+#endif
 	mov_s r1, _kernel
 	ld_s r2, [r1, _kernel_offset_to_current]
 
@@ -267,7 +310,15 @@ _firq_reschedule:
 	pop_s r2
 #endif
 
-	ld_s r3, [r2, _thread_offset_to_relinquish_cause]
+#if defined(CONFIG_USERSPACE)
+/*
+ * see comments in regular_irq.S
+ */
+	lr r0, [_ARC_V2_AUX_IRQ_ACT]
+	bclr r0, r0, 31
+	sr r0, [_ARC_V2_AUX_IRQ_ACT]
+#endif
+	ld r3, [r2, _thread_offset_to_relinquish_cause]
 
 	breq r3, _CAUSE_RIRQ, _firq_return_from_rirq
 	nop
@@ -279,7 +330,7 @@ _firq_reschedule:
 .balign 4
 _firq_return_from_coop:
 
-	ld_s r3, [r2, _thread_offset_to_intlock_key]
+	ld r3, [r2, _thread_offset_to_intlock_key]
 	st  0, [r2, _thread_offset_to_intlock_key]
 
 	/* pc into ilink */
@@ -298,19 +349,45 @@ _firq_return_from_coop:
 	or.nz r0, r0, _ARC_V2_STATUS32_IE
 	sr r0, [_ARC_V2_STATUS32_P0]
 
-	ld_s r0, [r2, _thread_offset_to_return_value]
+#ifdef CONFIG_TRACING
+	push_s blink
+	push_s r2
+
+	bl sys_trace_thread_switched_in
+	
+	pop_s r2
+	pop_s blink
+#endif
+
+	ld r0, [r2, _thread_offset_to_return_value]
 	rtie
 
 .balign 4
 _firq_return_from_rirq:
 _firq_return_from_firq:
 
+#if defined(CONFIG_USERSPACE)
+/*
+ * need to recover the user/kernel status of interrupted thread
+ */
+	pop_s r3
+	lr r2, [_ARC_V2_AUX_IRQ_ACT]
+	or r2, r2, r3
+	sr r2, [_ARC_V2_AUX_IRQ_ACT]
+#endif
 	_pop_irq_stack_frame
 
 	ld ilink, [sp, -4] /* status32 into ilink */
 	sr ilink, [_ARC_V2_STATUS32_P0]
 	ld ilink, [sp, -8] /* pc into ilink */
 
+#ifdef CONFIG_TRACING
+	push_s blink
+
+	bl sys_trace_thread_switched_in
+
+	pop_s blink
+#endif
 	/* LP registers are already restored, just switch back to bank 0 */
 	rtie
 

arch/arc/core/fault_s.S

@@ -153,30 +153,35 @@ SECTION_SUBSEC_FUNC(TEXT,__fault,__ev_trap)
 #ifdef CONFIG_USERSPACE
 	cmp ilink, _TRAP_S_CALL_SYSTEM_CALL
 	bne _do_non_syscall_trap
-/* do sys_call */
+	/* do sys_call */
 	mov ilink, K_SYSCALL_LIMIT
 	cmp r6, ilink
-	blt valid_syscall_id
+	blo valid_syscall_id
 
 	mov r0, r6
 	mov r6, K_SYSCALL_BAD
 
 valid_syscall_id:
+	/* create a sys call frame
+	 * caller regs (r0 - 12) are saved in _create_irq_stack_frame
+	 * ok to use them later
+	 */
+	_create_irq_stack_frame
 #ifdef CONFIG_ARC_HAS_SECURE
-	lr ilink, [_ARC_V2_ERSEC_STAT]
-	push ilink
+	lr r0, [_ARC_V2_ERSEC_STAT]
+	st_s r0, [sp, ___isf_t_sec_stat_OFFSET]
 #endif
-	lr ilink, [_ARC_V2_ERET]
-	push ilink
-	lr ilink, [_ARC_V2_ERSTATUS]
-	push ilink
+	lr r0, [_ARC_V2_ERET]
+	st_s r0, [sp, ___isf_t_pc_OFFSET] /* eret into pc */
+	lr r0, [_ARC_V2_ERSTATUS]
+	st_s r0, [sp, ___isf_t_status32_OFFSET]
 
 
-	bclr ilink, ilink, _ARC_V2_STATUS32_U_BIT
-	sr ilink, [_ARC_V2_ERSTATUS]
+	bclr r0, r0, _ARC_V2_STATUS32_U_BIT
+	sr r0, [_ARC_V2_ERSTATUS]
 
-	mov ilink, _arc_do_syscall
-	sr ilink, [_ARC_V2_ERET]
+	mov r0, _arc_do_syscall
+	sr r0, [_ARC_V2_ERET]
 
 	rtie
 

arch/arc/core/isr_wrapper.S

@@ -337,6 +337,12 @@ _skip_sys_power_save_idle_exit:
 SECTION_FUNC(TEXT, _isr_demux)
 	push_s r3
 
+/* according to ARCv2 ISA, r25, r30 are caller-saved
+ * scratch registers, possibly used by interrupt handlers
+ */
+	push r25
+	push r30
+
 #ifdef CONFIG_EXECUTION_BENCHMARKING
 	bl read_timer_start_of_isr
 #endif
@@ -368,6 +374,8 @@ irq_hint_handled:
 	jl_s.d [r1]
 	ld_s r0, [r0] /* delay slot: ISR parameter into r0  */
 
+	pop r30
+	pop r25
 	/* back from ISR, jump to exit stub */
 	pop_s r3
 	j_s [r3]

arch/arc/core/mpu/arc_mpu_v3_internal.h

@@ -586,7 +586,7 @@ int arc_core_mpu_buffer_validate(void *addr, size_t size, int write)
 {
 	int r_index;
 
-
+	unsigned int key = z_arch_irq_lock();
 	/*
 	 * For ARC MPU v3, overlapping is not supported.
 	 * we can stop the iteration immediately once we find the
@@ -596,13 +596,16 @@ int arc_core_mpu_buffer_validate(void *addr, size_t size, int write)
 	/*  match and the area is in one region */
 	if (r_index >= 0 && r_index == _mpu_probe((u32_t)addr + (size - 1))) {
 		if (_is_user_accessible_region(r_index, write)) {
-			return 0;
+			r_index = 0;
 		} else {
-			return -EPERM;
+			r_index = -EPERM;
 		}
+	} else {
+		r_index = -EPERM;
 	}
+	z_arch_irq_unlock(key);
 
-	return -EPERM;
+	return r_index;
 }
 #endif /* CONFIG_USERSPACE */
 

arch/arc/core/regular_irq.S

@@ -152,6 +152,24 @@ SECTION_FUNC(TEXT, _rirq_exit)
 .balign 4
 _rirq_reschedule:
 
+#if defined(CONFIG_USERSPACE)
+/*
+ * when USERSPACE is enabled, according to ARCv2 ISA, SP will be switched
+ * if interrupt comes out in user mode, and will be recorded in bit 31
+ * (U bit) of IRQ_ACT. when interrupt exits, SP will be switched back
+ * according to U bit.
+ *
+ * need to remember the user/kernel status of interrupted thread, will be
+ * restored when thread switched back
+ *
+ */
+	lr r4, [_ARC_V2_AUX_IRQ_ACT]
+	and r3, r4, 0x80000000
+	push_s r3
+
+	bclr r4, r4, 31
+	sr r4, [_ARC_V2_AUX_IRQ_ACT]
+#endif
 	/* _save_callee_saved_regs expects outgoing thread in r2 */
 	_save_callee_saved_regs
 
@@ -181,7 +199,8 @@ _rirq_common_interrupt_swap:
 	pop_s r2
 #endif
 
-	ld_s r3, [r2, _thread_offset_to_relinquish_cause]
+
+	ld r3, [r2, _thread_offset_to_relinquish_cause]
 
 	breq r3, _CAUSE_RIRQ, _rirq_return_from_rirq
 	nop
@@ -201,7 +220,7 @@ _rirq_return_from_coop:
 
 	/* update status32.ie (explanation in firq_exit:_firq_return_from_coop) */
 
-	ld_s r3, [r2, _thread_offset_to_intlock_key]
+	ld r3, [r2, _thread_offset_to_intlock_key]
 	st  0, [r2, _thread_offset_to_intlock_key]
 	cmp r3, 0
 	or.ne r0, r0, _ARC_V2_STATUS32_IE
@@ -212,7 +231,7 @@ _rirq_return_from_coop:
 	sub sp, sp, ___isf_t_pc_OFFSET
 
 	/* update return value on stack */
-	ld_s r0, [r2, _thread_offset_to_return_value]
+	ld r0, [r2, _thread_offset_to_return_value]
 	st_s r0, [sp, ___isf_t_r0_OFFSET]
 
 	/* reset zero-overhead loops */
@@ -234,11 +253,31 @@ _rirq_return_from_coop:
 
 	/* fall through to rtie instruction */
 
+	/* stack now has the IRQ stack frame layout, pointing to sp */
+	/* rtie will pop the rest from the stack */
+	rtie
+
 #endif /* CONFIG_PREEMPT_ENABLED */
 
 .balign 4
 _rirq_return_from_firq:
 _rirq_return_from_rirq:
+#if defined(CONFIG_USERSPACE)
+/*
+ * need to recover the user/kernel status of interrupted thread
+ */
+	pop_s r3
+	lr r2, [_ARC_V2_AUX_IRQ_ACT]
+	or r2, r2, r3
+	sr r2, [_ARC_V2_AUX_IRQ_ACT]
+#endif
+#ifdef CONFIG_TRACING
+	push_s blink
+
+	bl sys_trace_thread_switched_in
+
+	pop_s blink
+#endif
 _rirq_no_reschedule:
 
 	rtie

arch/arc/core/swap.S

@@ -82,7 +82,7 @@ SECTION_FUNC(TEXT, __swap)
 	ld_s r2, [r1, _kernel_offset_to_current]
 
 	/* save intlock key */
-	st_s r0, [r2, _thread_offset_to_intlock_key]
+	st r0, [r2, _thread_offset_to_intlock_key]
 	st _CAUSE_COOP, [r2, _thread_offset_to_relinquish_cause]
 
 	/*
@@ -92,7 +92,7 @@ SECTION_FUNC(TEXT, __swap)
          * z_set_thread_return_value().
          */
 	ld r3, [_k_neg_eagain]
-	st_s r3, [r2, _thread_offset_to_return_value]
+	st r3, [r2, _thread_offset_to_return_value]
 
 	/*
 	 * Save status32 and blink on the stack before the callee-saved registers.
@@ -142,7 +142,7 @@ SECTION_FUNC(TEXT, __swap)
 	pop_s r2
 #endif
 
-	ld_s r3, [r2, _thread_offset_to_relinquish_cause]
+	ld r3, [r2, _thread_offset_to_relinquish_cause]
 
 	breq r3, _CAUSE_RIRQ, _swap_return_from_rirq
 	nop
@@ -154,9 +154,9 @@ SECTION_FUNC(TEXT, __swap)
 .balign 4
 _swap_return_from_coop:
 
-	ld_s r1, [r2, _thread_offset_to_intlock_key]
+	ld r1, [r2, _thread_offset_to_intlock_key]
 	st  0, [r2, _thread_offset_to_intlock_key]
-	ld_s r0, [r2, _thread_offset_to_return_value]
+	ld r0, [r2, _thread_offset_to_return_value]
 
 	lr ilink, [_ARC_V2_STATUS32]
 	bbit1 ilink, _ARC_V2_STATUS32_AE_BIT, _return_from_exc
@@ -176,6 +176,18 @@ return_loc:
 	pop_s r3    /* status32 into r3 */
 	kflag r3    /* write status32 */
 
+#ifdef CONFIG_TRACING
+	push_s blink
+	push_s r1
+	push_s r0
+
+	bl sys_trace_thread_switched_in
+
+	pop_s r0
+	pop_s r1
+	pop_s blink
+#endif
+
 	j_s.d [blink] /* always execute delay slot */
 	seti r1       /* delay slot */
 
@@ -184,6 +196,15 @@ return_loc:
 _swap_return_from_rirq:
 _swap_return_from_firq:
 
+#if defined(CONFIG_USERSPACE)
+/*
+ * need to recover the user/kernel status of interrupted thread
+ */
+	pop_s r3
+	lr r2, [_ARC_V2_AUX_IRQ_ACT]
+	or r2, r2, r3
+	sr r2, [_ARC_V2_AUX_IRQ_ACT]
+#endif
 	lr r3, [_ARC_V2_STATUS32]
 	bbit1 r3, _ARC_V2_STATUS32_AE_BIT, _return_from_exc_irq
 
@@ -199,13 +220,17 @@ _swap_return_from_firq:
 #endif
 
 	lr r3, [_ARC_V2_AUX_IRQ_ACT]
-	brne r3, 0, _swap_already_in_irq
-
 	/* use lowest interrupt priority */
 	or r3, r3, (1<<(CONFIG_NUM_IRQ_PRIO_LEVELS-1))
 	sr r3, [_ARC_V2_AUX_IRQ_ACT]
 
-_swap_already_in_irq:
+#ifdef CONFIG_TRACING
+	push_s blink
+
+	bl sys_trace_thread_switched_in
+
+	pop_s blink
+#endif
 	rtie
 
 .balign 4
@@ -226,6 +251,13 @@ _return_from_exc:
 	sr ilink, [_ARC_V2_ERSTATUS]
 	add_s sp, sp, ___isf_t_status32_OFFSET - ___isf_t_pc_OFFSET + 4
 
+#ifdef CONFIG_TRACING
+	push_s blink
+
+	bl sys_trace_thread_switched_in
+
+	pop_s blink
+#endif
 	rtie
 
 

arch/arc/core/userspace.S

@@ -153,12 +153,14 @@ _arc_go_to_user_space:
 
 	mov r1, z_thread_entry_wrapper
 
-	/* fake exception return */
-	kflag _ARC_V2_STATUS32_AE
-
 	sr r0, [_ARC_V2_ERSTATUS]
 	sr r1, [_ARC_V2_ERET]
 
+	/* fake exception return */
+	lr r0, [_ARC_V2_STATUS32]
+	bset r0, r0, _ARC_V2_STATUS32_AE_BIT
+	kflag r0
+
 #ifdef CONFIG_ARC_HAS_SECURE
 	lr r0, [_ARC_V2_SEC_STAT]
 	/* the mode returns from exception return is secure mode */
@@ -202,40 +204,47 @@ return_loc_userspace_enter:
  *
  */
 SECTION_FUNC(TEXT, _arc_do_syscall)
-	/* r0-r5: arg1-arg6, r6 is call id */
-	/* the call id is already checked in trap_s handler */
-	push_s blink
+	/*
+	 * r0-r5: arg1-arg6, r6 is call id which is already checked in
+	 * trap_s handler, r7 is the system call stack frame pointer
+	 * need to recover r0, r1, r2 because they will be modified in
+	 * _create_irq_stack_frame. If a specific syscall frame (different
+	 * with irq stack frame) is defined, the cover of r0, r1, r2 can be
+	 * optimized.
+	 */
+	ld_s r0, [sp, ___isf_t_r0_OFFSET]
+	ld_s r1, [sp, ___isf_t_r1_OFFSET]
+	ld_s r2, [sp, ___isf_t_r2_OFFSET]
+
+	mov r7, sp
 
 	mov blink, _k_syscall_table
 	ld.as r6, [blink, r6]
 
 	jl [r6]
 
-	/*
-	 * no need to clear callee regs, as they will be saved and restored
-	 * automatically
-	 */
-	clear_scratch_regs
+	/* save return value */
+	st_s r0, [sp, ___isf_t_r0_OFFSET]
 
 	mov r29, 0
 	mov r30, 0
 
-	pop_s blink
-
 	/* through fake exception return, go back to the caller */
-	kflag _ARC_V2_STATUS32_AE
+	lr r0, [_ARC_V2_STATUS32]
+	bset r0, r0, _ARC_V2_STATUS32_AE_BIT
+	kflag r0
 
-	/* the status and return address are saved in trap_s handler */
-	pop r6
-	sr r6, [_ARC_V2_ERSTATUS]
-	pop r6
-	sr r6, [_ARC_V2_ERET]
 #ifdef CONFIG_ARC_HAS_SECURE
-	pop r6
-	sr r6, [_ARC_V2_ERSEC_STAT]
+	ld_s r0, [sp, ___isf_t_sec_stat_OFFSET]
+	sr r0, [_ARC_V2_ERSEC_STAT]
 #endif
+	ld_s r0, [sp, ___isf_t_status32_OFFSET]
+	sr r0, [_ARC_V2_ERSTATUS]
 
-	mov r6, 0
+	ld_s r0, [sp, ___isf_t_pc_OFFSET] /* eret into pc */
+	sr r0, [_ARC_V2_ERET]
+
+	_pop_irq_stack_frame
 
 	rtie
 

arch/arm/core/cortex_m/mpu/Kconfig

@@ -44,4 +44,23 @@ config MPU_ALLOW_FLASH_WRITE
 	help
 	  Enable this to allow MPU RWX access to flash memory
 
+config CUSTOM_SECTION_ALIGN
+	bool "Custom Section Align"
+	depends on ARM_MPU
+	help
+	  MPU_REQUIRES_POWER_OF_TWO_ALIGNMENT(ARMv7-M) sometimes cause memory
+	  wasting in linker scripts defined memory sections. Use this symbol
+	  to guarantee user custom section align size to avoid more memory used
+	  for respect alignment. But that needs carefully configure MPU region
+	  and sub-regions(ARMv7-M) to cover this feature.
+
+config CUSTOM_SECTION_MIN_ALIGN_SIZE
+	int "Custom Section Align Size"
+	default 32
+	help
+	  Custom algin size of memory section in linker scripts. Usually
+	  it should consume less alignment memory. Alougth this alignment
+	  size is configured by users, it must also respect the power of
+	  two regulation if hardware requires.
+
 endif # CPU_HAS_MPU

arch/arm/core/cortex_m/mpu/arm_mpu_v7_internal.h

@@ -151,8 +151,16 @@ static inline u32_t mpu_region_get_size(u32_t index)
  */
 static inline int is_enabled_region(u32_t index)
 {
+	/* Lock IRQs to ensure RNR value is correct when reading RASR. */
+	unsigned int key;
+	u32_t rasr;
+
+	key = irq_lock();
 	MPU->RNR = index;
-	return (MPU->RASR & MPU_RASR_ENABLE_Msk) ? 1 : 0;
+	rasr = MPU->RASR;
+	irq_unlock(key);
+
+	return (rasr & MPU_RASR_ENABLE_Msk) ? 1 : 0;
 }
 
 /* Only a single bit is set for all user accessible permissions.
@@ -169,8 +177,16 @@ static inline int is_enabled_region(u32_t index)
  */
 static inline u32_t get_region_ap(u32_t r_index)
 {
+	/* Lock IRQs to ensure RNR value is correct when reading RASR. */
+	unsigned int key;
+	u32_t rasr;
+
+	key = irq_lock();
 	MPU->RNR = r_index;
-	return (MPU->RASR & MPU_RASR_AP_Msk) >> MPU_RASR_AP_Pos;
+	rasr = MPU->RASR;
+	irq_unlock(key);
+
+	return (rasr & MPU_RASR_AP_Msk) >> MPU_RASR_AP_Pos;
 }
 
 /**
@@ -184,14 +200,29 @@ static inline int is_in_region(u32_t r_index, u32_t start, u32_t size)
 	u32_t r_addr_start;
 	u32_t r_size_lshift;
 	u32_t r_addr_end;
+	u32_t end;
 
+	/* Lock IRQs to ensure RNR value is correct when reading RBAR, RASR. */
+	unsigned int key;
+	u32_t rbar, rasr;
+
+	key = irq_lock();
 	MPU->RNR = r_index;
-	r_addr_start = MPU->RBAR & MPU_RBAR_ADDR_Msk;
-	r_size_lshift = ((MPU->RASR & MPU_RASR_SIZE_Msk) >>
+	rbar = MPU->RBAR;
+	rasr = MPU->RASR;
+	irq_unlock(key);
+
+	r_addr_start = rbar & MPU_RBAR_ADDR_Msk;
+	r_size_lshift = ((rasr & MPU_RASR_SIZE_Msk) >>
 			MPU_RASR_SIZE_Pos) + 1;
 	r_addr_end = r_addr_start + (1UL << r_size_lshift) - 1;
 
-	if (start >= r_addr_start && (start + size - 1) <= r_addr_end) {
+	size = size == 0 ? 0 : size - 1;
+	if (__builtin_add_overflow(start, size, &end)) {
+		return 0;
+	}
+
+	if ((start >= r_addr_start) && (end <= r_addr_end)) {
 		return 1;
 	}
 

arch/arm/core/cortex_m/mpu/nxp_mpu.c

@@ -429,11 +429,17 @@ static inline int is_in_region(u32_t r_index, u32_t start, u32_t size)
 {
 	u32_t r_addr_start;
 	u32_t r_addr_end;
+	u32_t end;
 
 	r_addr_start = SYSMPU->WORD[r_index][0];
 	r_addr_end = SYSMPU->WORD[r_index][1];
 
-	if (start >= r_addr_start && (start + size - 1) <= r_addr_end) {
+	size = size == 0 ? 0 : size - 1;
+	if (__builtin_add_overflow(start, size, &end)) {
+		return 0;
+	}
+
+	if ((start >= r_addr_start) && (end <= r_addr_end)) {
 		return 1;
 	}
 

arch/arm/core/cortex_m/prep_c.c

@@ -22,7 +22,6 @@
 #include <linker/linker-defs.h>
 #include <kernel_internal.h>
 #include <arch/arm/cortex_m/cmsis.h>
-#include <cortex_m/stack.h>
 
 #if defined(__GNUC__)
 /*
@@ -37,44 +36,6 @@
 
 #include <string.h>
 
-static inline void switch_sp_to_psp(void)
-{
-	__set_CONTROL(__get_CONTROL() | CONTROL_SPSEL_Msk);
-	/*
-	 * When changing the stack pointer, software must use an ISB instruction
-	 * immediately after the MSR instruction. This ensures that instructions
-	 * after the ISB instruction execute using the new stack pointer.
-	 */
-	__ISB();
-}
-
-static inline void set_and_switch_to_psp(void)
-{
-	u32_t process_sp;
-
-	process_sp = (u32_t)&_interrupt_stack + CONFIG_ISR_STACK_SIZE;
-	__set_PSP(process_sp);
-	switch_sp_to_psp();
-}
-
-void lock_interrupts(void)
-{
-#if defined(CONFIG_ARMV6_M_ARMV8_M_BASELINE)
-	__disable_irq();
-#elif defined(CONFIG_ARMV7_M_ARMV8_M_MAINLINE)
-	__set_BASEPRI(_EXC_IRQ_DEFAULT_PRIO);
-#else
-#error Unknown ARM architecture
-#endif /* CONFIG_ARMV6_M_ARMV8_M_BASELINE */
-}
-
-#ifdef CONFIG_INIT_STACKS
-static inline void init_stacks(void)
-{
-	memset(&_interrupt_stack, 0xAA, CONFIG_ISR_STACK_SIZE);
-}
-#endif
-
 #ifdef CONFIG_CPU_CORTEX_M_HAS_VTOR
 
 #ifdef CONFIG_XIP
@@ -168,14 +129,6 @@ extern void z_IntLibInit(void);
 #endif
 void _PrepC(void)
 {
-#ifdef CONFIG_INIT_STACKS
-	init_stacks();
-#endif
-	/*
-	 * Set PSP and use it to boot without using MSP, so that it
-	 * gets set to _interrupt_stack during initialization.
-	 */
-	set_and_switch_to_psp();
 	relocate_vector_table();
 	enable_floating_point();
 	z_bss_zero();

arch/arm/core/cortex_m/reset.S

@@ -19,6 +19,8 @@
 _ASM_FILE_PROLOGUE
 
 GTEXT(__reset)
+GTEXT(memset)
+GDATA(_interrupt_stack)
 #if defined(CONFIG_PLATFORM_SPECIFIC_INIT)
 GTEXT(_PlatformInit)
 #endif
@@ -61,12 +63,46 @@ SECTION_SUBSEC_FUNC(TEXT,_reset_section,__start)
 #endif
 
     /* lock interrupts: will get unlocked when switch to main task */
-    bl	lock_interrupts
+#if defined(CONFIG_ARMV6_M_ARMV8_M_BASELINE)
+    cpsid i
+#elif defined(CONFIG_ARMV7_M_ARMV8_M_MAINLINE)
+    movs.n r0, #_EXC_IRQ_DEFAULT_PRIO
+    msr BASEPRI, r0
+#else
+#error Unknown ARM architecture
+#endif
+
 #ifdef CONFIG_WDOG_INIT
     /* board-specific watchdog initialization is necessary */
     bl _WdogInit
 #endif
 
+#ifdef CONFIG_INIT_STACKS
+    ldr r0, =_interrupt_stack
+    ldr r1, =0xaa
+    ldr r2, =CONFIG_ISR_STACK_SIZE
+    bl memset
+#endif
+
+    /*
+     * Set PSP and use it to boot without using MSP, so that it
+     * gets set to _interrupt_stack during initialization.
+     */
+    ldr r0, =_interrupt_stack
+    ldr r1, =CONFIG_ISR_STACK_SIZE
+    adds r0, r0, r1
+    msr PSP, r0
+    mrs r0, CONTROL
+    movs r1, #2
+    orrs r0, r1 /* CONTROL_SPSEL_Msk */
+    msr CONTROL, r0
+    /*
+     * When changing the stack pointer, software must use an ISB instruction
+     * immediately after the MSR instruction. This ensures that instructions
+     * after the ISB instruction execute using the new stack pointer.
+     */
+    isb
+
     /*
      * 'bl' jumps the furthest of the branch instructions that are
      * supported on all platforms. So it is used when jumping to _PrepC

arch/arm/core/swap_helper.S

@@ -383,7 +383,7 @@ _oops:
 
 #if CONFIG_USERSPACE
     /*
-     * System call will setup a jump to the _do_arm_syscall function
+     * System call will setup a jump to the z_arm_do_syscall() function
      * when the SVC returns via the bx lr.
      *
      * There is some trickery involved here because we have to preserve
@@ -408,15 +408,20 @@ _do_syscall:
     ldr r1, =z_arm_do_syscall
     str r1, [r0, #24]   /* overwrite the PC to point to z_arm_do_syscall */
 
-    /* validate syscall limit, only set priv mode if valid */
+    /* validate syscall limit */
     ldr ip, =K_SYSCALL_LIMIT
     cmp r6, ip
-    blt valid_syscall_id
+    /* The supplied syscall_id must be lower than the limit
+     * (Requires unsigned integer comparison)
+     */
+    blo valid_syscall_id
 
-    /* bad syscall id.  Set arg0 to bad id and set call_id to SYSCALL_BAD */
+    /* bad syscall id.  Set arg1 to bad id and set call_id to SYSCALL_BAD */
     str r6, [r0, #0]
     ldr r6, =K_SYSCALL_BAD
 
+    /* Bad syscalls treated as valid syscalls with ID K_SYSCALL_BAD. */
+
 valid_syscall_id:
     push {r0, r1}
     ldr r0, =_kernel

arch/arm/core/thread.c

@@ -62,6 +62,15 @@ void z_new_thread(struct k_thread *thread, k_thread_stack_t *stack,
 
 	Z_ASSERT_VALID_PRIO(priority, pEntry);
 
+#if CONFIG_MPU_REQUIRES_POWER_OF_TWO_ALIGNMENT && CONFIG_USERSPACE
+	/* This is required to work-around the case where the thread
+	 * is created without using K_THREAD_STACK_SIZEOF() macro in
+	 * k_thread_create(). If K_THREAD_STACK_SIZEOF() is used, the
+	 * Guard size has already been take out of stackSize.
+	 */
+	stackSize -= MPU_GUARD_ALIGN_AND_SIZE;
+#endif
+
 #if defined(CONFIG_USERSPACE)
 	/* Truncate the stack size to align with the MPU region granularity.
 	 * This is done proactively to account for the case when the thread
@@ -85,14 +94,6 @@ void z_new_thread(struct k_thread *thread, k_thread_stack_t *stack,
 #endif /* CONFIG_THREAD_USERSPACE_LOCAL_DATA */
 #endif /* CONFIG_USERSPACE */
 
-#if CONFIG_MPU_REQUIRES_POWER_OF_TWO_ALIGNMENT && CONFIG_USERSPACE
-	/* This is required to work-around the case where the thread
-	 * is created without using K_THREAD_STACK_SIZEOF() macro in
-	 * k_thread_create(). If K_THREAD_STACK_SIZEOF() is used, the
-	 * Guard size has already been take out of stackSize.
-	 */
-	stackSize -= MPU_GUARD_ALIGN_AND_SIZE;
-#endif
 	stackEnd = pStackMem + stackSize;
 
 	struct __esf *pInitCtx;
@@ -282,11 +283,11 @@ u32_t z_check_thread_stack_fail(const u32_t fault_addr, const u32_t psp)
 		}
 	}
 #else /* CONFIG_USERSPACE */
-	if (IS_MPU_GUARD_VIOLATION(thread->stack_info.start,
+	if (IS_MPU_GUARD_VIOLATION(thread->stack_info.start -
+			MPU_GUARD_ALIGN_AND_SIZE,
 			fault_addr, psp)) {
 		/* Thread stack corruption */
-		return thread->stack_info.start +
-			MPU_GUARD_ALIGN_AND_SIZE;
+		return thread->stack_info.start;
 	}
 #endif /* CONFIG_USERSPACE */
 

arch/arm/core/userspace.S

@@ -178,6 +178,44 @@ SECTION_FUNC(TEXT,z_arm_userspace_enter)
  *
  */
 SECTION_FUNC(TEXT, z_arm_do_syscall)
+
+    /* The function is executing in privileged mode. This implies that we
+     * shall not be allowed to use the thread's default unprivileged stack,
+     * (i.e push to or pop from it), to avoid a possible stack corruption.
+     *
+     * Rationale: since we execute in PRIV mode and no MPU guard or PSPLIM
+     * register is guarding the end of the default stack, we won't be able
+     * to detect any stack overflows.
+     */
+
+#if defined(CONFIG_BUILTIN_STACK_GUARD)
+    /* clear stack pointer limit before setting the PSP */
+    mov ip, #0
+    msr PSPLIM, ip
+#endif
+
+    /* setup privileged stack */
+    ldr ip, =_kernel
+    ldr ip, [ip, #_kernel_offset_to_current]
+    ldr ip, [ip, #_thread_offset_to_priv_stack_start]    /* priv stack ptr */
+    add ip, #CONFIG_PRIVILEGED_STACK_SIZE
+
+    /* Store current SP and LR at the beginning of the priv stack */
+    subs ip, #8
+    str sp, [ip, #0]
+    str lr, [ip, #4]
+
+    /* switch to privileged stack */
+    msr PSP, ip
+
+#if defined(CONFIG_BUILTIN_STACK_GUARD)
+    /* Set stack pointer limit (needed in privileged mode) */
+    ldr ip, =_kernel
+    ldr ip, [ip, #_kernel_offset_to_current]
+    ldr ip, [ip, #_thread_offset_to_priv_stack_start]    /* priv stack ptr */
+    msr PSPLIM, ip
+#endif
+
     /*
      * r0-r5 contain arguments
      * r6 contains call_id
@@ -188,47 +226,15 @@ SECTION_FUNC(TEXT, z_arm_do_syscall)
     bne valid_syscall
 
     /* BAD SYSCALL path */
-    /* fixup stack frame on unprivileged stack, adding ssf */
+    /* fixup stack frame on the privileged stack, adding ssf */
     mov ip, sp
     push {r4,r5,ip,lr}
     b dispatch_syscall
 
 valid_syscall:
-    /* setup privileged stack */
-    push {r6}
-    ldr r6, =_kernel
-    ldr r6, [r6, #_kernel_offset_to_current]
-    ldr ip, [r6, #_thread_offset_to_priv_stack_start]    /* priv stack ptr */
-    ldr r6, =CONFIG_PRIVILEGED_STACK_SIZE
-    add ip, r6
-    pop {r6}
-    subs ip, #8
-    str sp, [ip, #0]
-    str lr, [ip, #4]
-
-#if defined(CONFIG_BUILTIN_STACK_GUARD)
-    /* clear stack pointer limit before setting the PSP */
-    push {r3}
-    mov r3, #0
-    msr PSPLIM, r3
-    pop {r3}
-#endif
-
-    /* switch to privileged stack */
-    msr PSP, ip
-
-#if defined(CONFIG_BUILTIN_STACK_GUARD)
-    /* Set stack pointer limit (needed in privileged mode) */
-    push {r6}
-    ldr r6, =_kernel
-    ldr r6, [r6, #_kernel_offset_to_current]
-    ldr r6, [r6, #_thread_offset_to_priv_stack_start]    /* priv stack ptr */
-    msr PSPLIM, r6
-    pop {r6}
-#endif
-
+    mov ip, sp
     /* push args to complete stack frame */
-    push {r4,r5}
+    push {r4,r5,ip}
 
 dispatch_syscall:
     ldr ip, =_k_syscall_table
@@ -239,7 +245,7 @@ dispatch_syscall:
     blx ip
 
     /* restore LR */
-    ldr lr, [sp,#12]
+    ldr lr, [sp,#16]
 
 #if defined(CONFIG_BUILTIN_STACK_GUARD)
     /* clear stack limit (stack protection not required in user mode) */
@@ -248,7 +254,7 @@ dispatch_syscall:
 #endif
 
     /* set stack back to unprivileged stack */
-    ldr ip, [sp,#8]
+    ldr ip, [sp,#12]
     msr PSP, ip
 
     push {r0, r1}

arch/arm/include/kernel_arch_func.h

@@ -69,7 +69,7 @@ z_arch_switch_to_main_thread(struct k_thread *main_thread,
 	start_of_main_stack =
 		Z_THREAD_STACK_BUFFER(main_stack) + main_stack_size;
 #endif
-	start_of_main_stack = (void *)STACK_ROUND_DOWN(start_of_main_stack);
+	start_of_main_stack = (char *)STACK_ROUND_DOWN(start_of_main_stack);
 
 #ifdef CONFIG_TRACING
 	z_sys_trace_thread_switched_out();

arch/posix/core/posix_core.c

@@ -72,6 +72,8 @@ struct threads_table_el {
 	bool running;     /* Is this the currently running thread */
 	pthread_t thread; /* Actual pthread_t as returned by native kernel */
 	int thead_cnt; /* For debugging: Unique, consecutive, thread number */
+	/* Pointer to the status kept in the Zephyr thread stack */
+	posix_thread_status_t *t_status;
 };
 
 static struct threads_table_el *threads_table;
@@ -260,11 +262,11 @@ static void posix_cleanup_handler(void *arg)
  */
 static void *posix_thread_starter(void *arg)
 {
-	posix_thread_status_t *ptr = (posix_thread_status_t *) arg;
+	int thread_idx = (intptr_t)arg;
 
 	PC_DEBUG("Thread [%i] %i: %s: Starting\n",
-		threads_table[ptr->thread_idx].thead_cnt,
-		ptr->thread_idx,
+		threads_table[thread_idx].thead_cnt,
+		thread_idx,
 		__func__);
 
 	/*
@@ -286,18 +288,20 @@ static void *posix_thread_starter(void *arg)
 	pthread_cleanup_push(posix_cleanup_handler, arg);
 
 	PC_DEBUG("Thread [%i] %i: %s: After start mutex (hav mut)\n",
-		threads_table[ptr->thread_idx].thead_cnt,
-		ptr->thread_idx,
+		threads_table[thread_idx].thead_cnt,
+		thread_idx,
 		__func__);
 
 	/*
 	 * The thread would try to execute immediately, so we block it
 	 * until allowed
 	 */
-	posix_wait_until_allowed(ptr->thread_idx);
+	posix_wait_until_allowed(thread_idx);
 
 	posix_new_thread_pre_start();
 
+	posix_thread_status_t *ptr = threads_table[thread_idx].t_status;
+
 	z_thread_entry(ptr->entry_point, ptr->arg1, ptr->arg2, ptr->arg3);
 
 	/*
@@ -306,13 +310,13 @@ static void *posix_thread_starter(void *arg)
 	 */
 	/* LCOV_EXCL_START */
 	posix_print_trace(PREFIX"Thread [%i] %i [%lu] ended!?!\n",
-			threads_table[ptr->thread_idx].thead_cnt,
-			ptr->thread_idx,
+			threads_table[thread_idx].thead_cnt,
+			thread_idx,
 			pthread_self());
 
 
-	threads_table[ptr->thread_idx].running = false;
-	threads_table[ptr->thread_idx].state = FAILED;
+	threads_table[thread_idx].running = false;
+	threads_table[thread_idx].state = FAILED;
 
 	pthread_cleanup_pop(1);
 
@@ -370,16 +374,18 @@ void posix_new_thread(posix_thread_status_t *ptr)
 	threads_table[t_slot].state = USED;
 	threads_table[t_slot].running = false;
 	threads_table[t_slot].thead_cnt = thread_create_count++;
+	threads_table[t_slot].t_status = ptr;
 	ptr->thread_idx = t_slot;
 
 	PC_SAFE_CALL(pthread_create(&threads_table[t_slot].thread,
 				  NULL,
 				  posix_thread_starter,
-				  (void *)ptr));
+				  (void *)(intptr_t)t_slot));
 
-	PC_DEBUG("created thread [%i] %i [%lu]\n",
+	PC_DEBUG("%s created thread [%i] %i [%lu]\n",
+		__func__,
 		threads_table[t_slot].thead_cnt,
-		ptr->thread_idx,
+		t_slot,
 		threads_table[t_slot].thread);
 
 }

arch/x86_64/CMakeLists.txt

@@ -11,4 +11,7 @@ add_subdirectory(core)
 
 zephyr_compile_options(${X86_64_BASE_CFLAGS} -mx32)
 
-zephyr_link_libraries(-mx32)
+zephyr_link_libraries(
+    -mx32
+    ${LINKERFLAGPREFIX},-melf32_x86_64
+)

arch/x86_64/core/CMakeLists.txt

@@ -48,6 +48,7 @@ add_custom_command(
     -T ${CMAKE_CURRENT_SOURCE_DIR}/xuk-stub32.ld
     ${CMAKE_CURRENT_BINARY_DIR}/xuk-stub32.o
     -o ${CMAKE_CURRENT_BINARY_DIR}/xuk-stub32.elf
+    ${LINKERFLAGPREFIX},-melf_i386
   COMMAND ${CMAKE_OBJCOPY} -O binary
     ${CMAKE_CURRENT_BINARY_DIR}/xuk-stub32.elf
     ${incdir}/xuk-stub32.bin
@@ -70,4 +71,5 @@ add_custom_command(
   COMMAND ${CMAKE_C_COMPILER} -m32 -T ${CMAKE_CURRENT_SOURCE_DIR}/xuk64.ld
           -Wl,--build-id=none -nostdlib -nodefaultlibs -nostartfiles
           -o ${qkernel_file} ${CMAKE_CURRENT_BINARY_DIR}/zephyr-qemu.o
+          ${LINKERFLAGPREFIX},-melf_i386
   )

boards/arc/iotdk/iotdk_defconfig

@@ -12,4 +12,5 @@ CONFIG_ARCV2_TIMER=y
 CONFIG_CONSOLE=y
 CONFIG_UART_CONSOLE=y
 CONFIG_SERIAL=y
-CONFIG_UART_INTERRUPT_DRIVEN=y
+CONFIG_UART_INTERRUPT_DRIVEN=y
+CONFIG_ARC_MPU_ENABLE=y

boards/arm/96b_argonkey/doc/index.rst

@@ -13,9 +13,9 @@ This board acts as a sensor hub platform for all 96Boards compliant
 family products. It can also be used as a standalone board.
 
 .. figure:: img/96b_argonkey.jpg
-     :width: 557px
+     :width: 540px
      :align: center
-     :height: 480px
+     :height: 558px
      :alt: 96Boards Argonkey
 
      96Boards Argonkey
@@ -76,6 +76,9 @@ features:
 | I2C       | on-chip    | i2c                                 |
 +-----------+------------+-------------------------------------+
 
+More information about the board can be found at the
+`ARGONKEY website`_.
+
 The default board configuration can be found in the defconfig file:
 
         ``boards/arm/96b_argonkey/96b_argonkey_defconfig``
@@ -223,6 +226,9 @@ References
 
 .. target-notes::
 
+.. _ARGONKEY website:
+   https://www.st.com/en/evaluation-tools/steval-mki187v1.html
+
 .. _AN2606:
    https://www.st.com/resource/en/application_note/cd00167594.pdf
 

boards/arm/bl652_dvk/board.cmake

@@ -1,6 +1,6 @@
 # SPDX-License-Identifier: Apache-2.0
 
-board_runner_args(nrfjprog "--nrf-family=NRF52")
+board_runner_args(nrfjprog "--nrf-family=NRF52" "--softreset")
 board_runner_args(jlink "--device=nrf52" "--speed=4000")
 include(${ZEPHYR_BASE}/boards/common/nrfjprog.board.cmake)
 include(${ZEPHYR_BASE}/boards/common/jlink.board.cmake)

boards/arm/bl654_dvk/board.cmake

@@ -1,6 +1,6 @@
 # SPDX-License-Identifier: Apache-2.0
 
-board_runner_args(nrfjprog "--nrf-family=NRF52")
+board_runner_args(nrfjprog "--nrf-family=NRF52" "--softreset")
 board_runner_args(jlink "--device=nrf52" "--speed=4000")
 include(${ZEPHYR_BASE}/boards/common/nrfjprog.board.cmake)
 include(${ZEPHYR_BASE}/boards/common/jlink.board.cmake)

boards/arm/efr32mg_sltb004a/efr32mg_sltb004a_defconfig

@@ -12,6 +12,6 @@ CONFIG_SERIAL=y
 CONFIG_CORTEX_M_SYSTICK=y
 CONFIG_GPIO=y
 CONFIG_SYS_CLOCK_HW_CYCLES_PER_SEC=38400000
-CONFIG_CMU_HFCLK_HFRCO=y
+CONFIG_CMU_HFCLK_HFXO=y
 CONFIG_SOC_GECKO_EMU_DCDC=y
 CONFIG_SOC_GECKO_EMU_DCDC_MODE_ON=y

boards/arm/mimxrt1020_evk/mimxrt1020_evk.dts

@@ -6,7 +6,7 @@
 
 /dts-v1/;
 
-#include <nxp/nxp_rt.dtsi>
+#include <nxp/nxp_rt1020.dtsi>
 
 / {
 	model = "NXP MIMXRT1020-EVK board";

boards/arm/nrf52840_pca10059/nrf52840_pca10059_defconfig

@@ -22,3 +22,4 @@ CONFIG_CONSOLE=y
 
 # additional board options
 CONFIG_GPIO_AS_PINRESET=y
+CONFIG_NFCT_PINS_AS_GPIOS=y

boards/arm/reel_board/board.c

@@ -37,6 +37,11 @@ static int board_reel_board_init(struct device *dev)
 		(GPIO_PIN_CNF_INPUT_Disconnect << GPIO_PIN_CNF_INPUT_Pos) |
 		(GPIO_PIN_CNF_PULL_Pullup << GPIO_PIN_CNF_PULL_Pos) |
 		(GPIO_PIN_CNF_DIR_Input << GPIO_PIN_CNF_DIR_Pos);
+	gpio->PIN_CNF[DT_NORDIC_NRF_UART_0_TX_PIN] =
+		(GPIO_PIN_CNF_INPUT_Disconnect << GPIO_PIN_CNF_INPUT_Pos) |
+		(GPIO_PIN_CNF_PULL_Pullup << GPIO_PIN_CNF_PULL_Pos) |
+		(GPIO_PIN_CNF_DIR_Input << GPIO_PIN_CNF_DIR_Pos);
+
 
 	return 0;
 }

boards/arm/stm32f4_disco/stm32f4_disco.yaml

@@ -6,7 +6,7 @@ toolchain:
   - zephyr
   - gnuarmemb
   - xtools
-ram: 320
+ram: 128
 flash: 1024
 supported:
   - pwm

boards/x86_64/qemu_x86_64/qemu_x86_64.yaml

@@ -6,5 +6,6 @@ arch: x86_64
 toolchain:
   - zephyr
   - host
+  - xtools
 testing:
   default: true

cmake/app/boilerplate.cmake

@@ -291,6 +291,7 @@ foreach(root ${BOARD_ROOT})
 
   if(DEFINED SHIELD)
     foreach(s ${SHIELD_AS_LIST})
+      list(REMOVE_ITEM SHIELD ${s})
       list(FIND SHIELD_LIST ${s} _idx)
       if (NOT _idx EQUAL -1)
         list(GET shields_refs_list ${_idx} s_path)

cmake/dts.cmake

@@ -12,12 +12,20 @@ file(MAKE_DIRECTORY ${PROJECT_BINARY_DIR}/include/generated)
 # CMake configure-time.
 #
 # See ~/zephyr/doc/dts
-set(GENERATED_DTS_BOARD_UNFIXED_H    ${PROJECT_BINARY_DIR}/include/generated/generated_dts_board_unfixed.h)
-set(GENERATED_DTS_BOARD_CONF ${PROJECT_BINARY_DIR}/include/generated/generated_dts_board.conf)
+set(GENERATED_DTS_BOARD_UNFIXED_H ${PROJECT_BINARY_DIR}/include/generated/generated_dts_board_unfixed.h)
+set(GENERATED_DTS_BOARD_CONF      ${PROJECT_BINARY_DIR}/include/generated/generated_dts_board.conf)
+
 set_ifndef(DTS_SOURCE ${BOARD_DIR}/${BOARD}.dts)
 set_ifndef(DTS_COMMON_OVERLAYS ${ZEPHYR_BASE}/dts/common/common.dts)
-set_ifndef(DTS_APP_BINDINGS ${APPLICATION_SOURCE_DIR}/dts/bindings)
-set_ifndef(DTS_APP_INCLUDE ${APPLICATION_SOURCE_DIR}/dts)
+
+# 'DTS_ROOT' is a list of directories where a directory tree with DT
+# files may be found. It always includes the application directory and
+# ${ZEPHYR_BASE}.
+list(APPEND
+  DTS_ROOT
+  ${APPLICATION_SOURCE_DIR}
+  ${ZEPHYR_BASE}
+  )
 
 set(dts_files
   ${DTS_SOURCE}
@@ -64,6 +72,33 @@ if(SUPPORTS_DTS)
     math(EXPR i "${i}+1")
   endforeach()
 
+  foreach(dts_root ${DTS_ROOT})
+    foreach(dts_root_path
+        include
+        dts/common
+        dts/${ARCH}
+        dts
+        )
+      set(full_path ${dts_root}/${dts_root_path})
+      if(EXISTS ${full_path})
+        list(APPEND
+          DTS_ROOT_SYSTEM_INCLUDE_DIRS
+          -isystem ${full_path}
+          )
+      endif()
+    endforeach()
+  endforeach()
+
+  foreach(dts_root ${DTS_ROOT})
+    set(full_path ${dts_root}/dts/bindings)
+    if(EXISTS ${full_path})
+      list(APPEND
+        DTS_ROOT_BINDINGS
+        ${full_path}
+        )
+    endif()
+  endforeach()
+
   # TODO: Cut down on CMake configuration time by avoiding
   # regeneration of generated_dts_board_unfixed.h on every configure. How
   # challenging is this? What are the dts dependencies? We run the
@@ -77,12 +112,8 @@ if(SUPPORTS_DTS)
     COMMAND ${CMAKE_C_COMPILER}
     -x assembler-with-cpp
     -nostdinc
-    -isystem ${DTS_APP_INCLUDE}
-    -isystem ${ZEPHYR_BASE}/include
-    -isystem ${ZEPHYR_BASE}/dts/${ARCH}
-    -isystem ${ZEPHYR_BASE}/dts
+    ${DTS_ROOT_SYSTEM_INCLUDE_DIRS}
     ${DTC_INCLUDE_FLAG_FOR_DTS}  # include the DTS source and overlays
-    -I${ZEPHYR_BASE}/dts/common
     ${NOSYSDEF_CFLAG}
     -D__DTS__
     -P
@@ -124,13 +155,9 @@ if(SUPPORTS_DTS)
     message(FATAL_ERROR "command failed with return code: ${ret}")
   endif()
 
-  if(NOT EXISTS ${DTS_APP_BINDINGS})
-    set(DTS_APP_BINDINGS)
-  endif()
-
   set(CMD_EXTRACT_DTS_INCLUDES ${PYTHON_EXECUTABLE} ${ZEPHYR_BASE}/scripts/dts/extract_dts_includes.py
     --dts ${BOARD}.dts_compiled
-    --yaml ${ZEPHYR_BASE}/dts/bindings ${DTS_APP_BINDINGS}
+    --yaml ${DTS_ROOT_BINDINGS}
     --keyvalue ${GENERATED_DTS_BOARD_CONF}
     --include ${GENERATED_DTS_BOARD_UNFIXED_H}
     --old-alias-names

cmake/generic_toolchain.cmake

@@ -49,8 +49,10 @@ set(ZEPHYR_TOOLCHAIN_VARIANT ${ZEPHYR_TOOLCHAIN_VARIANT} CACHE STRING "Zephyr to
 assert(ZEPHYR_TOOLCHAIN_VARIANT "Zephyr toolchain variant invalid: please set the ZEPHYR_TOOLCHAIN_VARIANT-variable")
 
 # Pick host system's toolchain if we are targeting posix
-if((${ARCH} STREQUAL "posix") OR (${ARCH} STREQUAL "x86_64"))
-  set(ZEPHYR_TOOLCHAIN_VARIANT "host")
+if(${ARCH} STREQUAL "posix")
+  if(NOT "${ZEPHYR_TOOLCHAIN_VARIANT}" STREQUAL "llvm")
+    set(ZEPHYR_TOOLCHAIN_VARIANT "host")
+  endif()
 endif()
 
 # Configure the toolchain based on what SDK/toolchain is in use.

cmake/host-tools.cmake

@@ -25,7 +25,7 @@ else()
   # via pypi, which will result in a single line of output.
   string(REGEX REPLACE "\n" ";" west_version_output "${west_version_output}")
   foreach(item ${west_version_output})
-    if("${item}" MATCHES ".*v([0-9]+[.][0-9]+[.][0-9]+)")
+    if("${item}" MATCHES "^[^\/\\]*v([0-9]+[.][0-9]+[.][0-9]+)")
       set(west_version "${CMAKE_MATCH_1}")
       if(${west_version} VERSION_LESS ${MIN_WEST_VERSION})
         message(FATAL_ERROR "The detected west version is unsupported.\n\

cmake/kobj.cmake

@@ -22,6 +22,7 @@ function(gen_kobj gen_dir_out)
     --kobj-otype-output ${KOBJ_OTYPE}
     --kobj-size-output ${KOBJ_SIZE}
     $<$<BOOL:${CMAKE_VERBOSE_MAKEFILE}>:--verbose>
+    DEPENDS $ENV{ZEPHYR_BASE}/scripts/gen_kobject_list.py
     WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}
     )
   add_custom_target(${KOBJ_TYPES_H_TARGET} DEPENDS ${KOBJ_TYPES} ${KOBJ_OTYPE})

cmake/toolchain/xtools/target.cmake

@@ -13,6 +13,7 @@ set(CROSS_COMPILE_TARGET_riscv32 riscv32-zephyr-elf)
 set(CROSS_COMPILE_TARGET_mips     mipsel-zephyr-elf)
 set(CROSS_COMPILE_TARGET_xtensa   xtensa-zephyr-elf)
 set(CROSS_COMPILE_TARGET_arc         arc-zephyr-elf)
+set(CROSS_COMPILE_TARGET_x86_64   x86_64-zephyr-elf)
 
 set(CROSS_COMPILE_TARGET ${CROSS_COMPILE_TARGET_${ARCH}})
 set(SYSROOT_TARGET       ${CROSS_COMPILE_TARGET})
@@ -29,4 +30,7 @@ if("${ARCH}" STREQUAL "xtensa")
 
   LIST(APPEND TOOLCHAIN_LIBS hal)
   LIST(APPEND LIB_INCLUDE_DIR -L${SYSROOT_DIR}/lib)
+elseif("${ARCH}" STREQUAL "x86_64")
+  list(APPEND TOOLCHAIN_C_FLAGS -mx32)
+  list(APPEND TOOLCHAIN_LD_FLAGS -mx32)
 endif()

cmake/toolchain/zephyr/0.10/generic.cmake

@@ -9,4 +9,8 @@ set(SYSROOT_TARGET       i586-${TOOLCHAIN_VENDOR}-elf)
 
 set(CROSS_COMPILE ${TOOLCHAIN_HOME}/${CROSS_COMPILE_TARGET}/bin/${CROSS_COMPILE_TARGET}-)
 set(SYSROOT_DIR ${ZEPHYR_SDK_INSTALL_DIR}/sysroots/${SYSROOT_TARGET}/usr)
-set(TOOLCHAIN_HAS_NEWLIB ON CACHE BOOL "True if toolchain supports newlib")
+if("${ARCH}" STREQUAL "x86_64")
+	set(TOOLCHAIN_HAS_NEWLIB OFF CACHE BOOL "True if toolchain supports newlib")
+else()
+	set(TOOLCHAIN_HAS_NEWLIB ON CACHE BOOL "True if toolchain supports newlib")
+endif()

cmake/toolchain/zephyr/0.10/target.cmake

@@ -13,6 +13,7 @@ set(CROSS_COMPILE_TARGET_riscv32 riscv32-zephyr-elf)
 set(CROSS_COMPILE_TARGET_mips     mipsel-zephyr-elf)
 set(CROSS_COMPILE_TARGET_xtensa   xtensa-zephyr-elf)
 set(CROSS_COMPILE_TARGET_arc         arc-zephyr-elf)
+set(CROSS_COMPILE_TARGET_x86_64   x86_64-zephyr-elf)
 
 set(CROSS_COMPILE_TARGET ${CROSS_COMPILE_TARGET_${ARCH}})
 set(SYSROOT_TARGET       ${CROSS_COMPILE_TARGET})
@@ -28,5 +29,8 @@ if("${ARCH}" STREQUAL "xtensa")
 
   LIST(APPEND TOOLCHAIN_LIBS hal)
   LIST(APPEND LIB_INCLUDE_DIR -L${SYSROOT_DIR}/lib)
+elseif("${ARCH}" STREQUAL "x86_64")
+  list(APPEND TOOLCHAIN_C_FLAGS -mx32)
+  list(APPEND TOOLCHAIN_LD_FLAGS -mx32)
 endif()
 set(SYSROOT_DIR   ${TOOLCHAIN_HOME}/${SYSROOT_TARGET}/${SYSROOT_TARGET})

cmake/toolchain/zephyr/generic.cmake

@@ -1,3 +1,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
-include(${ZEPHYR_BASE}/cmake/toolchain/zephyr/${SDK_VERSION}/generic.cmake)
+if (NOT ZEPHYR_SDK_INSTALL_DIR)
+  message(FATAL_ERROR "ZEPHYR_SDK_INSTALL_DIR must be set")
+endif()
+
+include(${ZEPHYR_BASE}/cmake/toolchain/zephyr/${SDK_MAJOR_MINOR}/generic.cmake)

cmake/toolchain/zephyr/host-tools.cmake

@@ -34,6 +34,7 @@ file(READ ${sdk_version_path} SDK_VERSION_PRE1)
 string(REGEX REPLACE "-.*" "" SDK_VERSION_PRE2 ${SDK_VERSION_PRE1})
 # Strip any trailing spaces/newlines from the version string
 string(STRIP ${SDK_VERSION_PRE2} SDK_VERSION)
+string(REGEX MATCH "([0-9]*).([0-9]*)" SDK_MAJOR_MINOR ${SDK_VERSION})
 if(${REQUIRED_SDK_VER} VERSION_GREATER ${SDK_VERSION})
   message(FATAL_ERROR "The SDK version you are using is too old, please update your SDK.
 You need at least SDK version ${REQUIRED_SDK_VER}.
@@ -43,4 +44,4 @@ https://github.com/zephyrproject-rtos/sdk-ng/releases/download/v${REQUIRED_SDK_V
 ")
 endif()
 
-include(${ZEPHYR_BASE}/cmake/toolchain/zephyr/${SDK_VERSION}/host-tools.cmake)
+include(${ZEPHYR_BASE}/cmake/toolchain/zephyr/${SDK_MAJOR_MINOR}/host-tools.cmake)

cmake/toolchain/zephyr/target.cmake

@@ -1,3 +1,3 @@
 # SPDX-License-Identifier: Apache-2.0
 
-include(${ZEPHYR_BASE}/cmake/toolchain/zephyr/${SDK_VERSION}/target.cmake)
+include(${ZEPHYR_BASE}/cmake/toolchain/zephyr/${SDK_MAJOR_MINOR}/target.cmake)

doc/_templates/layout.html

@@ -2,7 +2,7 @@
 {% block document %}
   {% if is_release %}
     <div class="wy-alert wy-alert-danger">
-      The <a href="/{{ pagename }}.html">latest development version</a>
+      The <a href="/latest/{{ pagename }}.html">latest development version</a>
       of this page may be more current than this released {{ version }} version.
     </div>
   {% endif %}

doc/application/index.rst

@@ -510,12 +510,12 @@ again.
 .. _application_debugging:
 .. _custom_board_definition:
 
-Custom Board and SOC Definitions
-********************************
+Custom Board, DeviceTree and SOC Definitions
+********************************************
 
-In cases where the board or platform you are developing for is not yet supported
-by Zephyr, you can add the board and SOC definition to your application and
-build for this board or SOC without having to add them to the Zephyr tree.
+In cases where the board or platform you are developing for is not yet
+supported by Zephyr, you can add board, DeviceTree and SOC definitions
+to your application without having to add them to the Zephyr tree.
 
 The structure needed to support out-of-tree board and SOC development
 is similar to how boards and SOCs are maintained in the Zephyr tree. By using
@@ -644,6 +644,29 @@ Zephyr binary into your application directory.
 You can also define the ``SOC_ROOT`` variable in the application
 :file:`CMakeLists.txt` file.
 
+DeviceTree Definitions
+======================
+
+Additional DeviceTree directory trees, or DTS_ROOTs, can be added by
+creating this directory tree:
+
+    dts/bindings/
+    dts/common/
+    dts/arm/
+    include/
+
+Where 'arm' is changed to the appropriate architecture. Each directory
+is optional. The binding directory contains bindings and the other
+directories contain files that can be included from DT sources.
+
+Once the directory structure is in place, you can use it by specifying
+its location through the ``DTS_ROOT`` CMake Cache variable::
+
+   cmake -DDTS_ROOT=<path to dts root>
+
+You can also define the variable in the application
+:file:`CMakeLists.txt` file.
+
 .. _ext-projs:
 
 Modules (External projects)

doc/extensions/zephyr/link-roles.py

@@ -14,7 +14,7 @@ from local_util import run_cmd_get_output
 def get_github_rev():
     tag = run_cmd_get_output('git describe --exact-match')
     if tag:
-        return tag
+        return tag.decode("utf-8")
     else:
         return 'master'
 

doc/getting_started/index.rst

@@ -42,11 +42,14 @@ First, install the ``west`` binary and bootstrapper:
 .. code-block:: console
 
    # Linux
-   pip3 install --user west
+   pip3 install --user west~=0.5.8
 
    # macOS and Windows
    pip3 install west
 
+(Later versions of west than v0.5.x may also work with Zephyr v1.14, but that
+was the version in use at the time of release.)
+
 .. note::
    See :ref:`gs_python_deps` for additional clarfication on using the
    ``--user`` switch.
@@ -71,7 +74,7 @@ Next, clone the Zephyr source code repositories from GitHub using the
 
 .. code-block:: console
 
-   west init zephyrproject
+   west init zephyrproject --mr v1.14.1
    cd zephyrproject
    west update
 

doc/guides/bluetooth/bluetooth-qual.rst

@@ -20,10 +20,28 @@ Host qualifications
      - Link
      - Qualifying Company
 
+   * - 1.14.x
+     - `QDID 139258 <https://launchstudio.bluetooth.com/ListingDetails/95152>`__
+     - The Linux Foundation
+
    * - 1.13
      - `QDID 119517 <https://launchstudio.bluetooth.com/ListingDetails/70189>`__
      - Nordic
 
+Mesh qualifications
+===================
+
+.. list-table::
+   :header-rows: 1
+
+   * - Zephyr version
+     - Link
+     - Qualifying Company
+
+   * - 1.14.x
+     - `QDID 139259 <https://launchstudio.bluetooth.com/ListingDetails/95153>`__
+     - The Linux Foundation
+
 Controller qualifications
 =========================
 
@@ -35,15 +53,20 @@ Controller qualifications
      - Qualifying Company
      - Compatible Hardware
 
+   * - 1.14.x
+     - `QDID 135679 <https://launchstudio.bluetooth.com/ListingDetails/90777>`__
+     - Nordic
+     - nRF52x
+
    * - 1.9 to 1.13
      - `QDID 101395 <https://launchstudio.bluetooth.com/ListingDetails/25166>`__
      - Nordic
      - nRF52x
 
-PICS Features
+ICS Features
 *************
 
-The PICS features for each supported protocol & profile can be found in
+The ICS features for each supported protocol & profile can be found in
 the following documents:
 
 .. toctree::
@@ -54,5 +77,5 @@ the following documents:
    l2cap-pics.rst
    sm-pics.rst
    rfcomm-pics.rst
-
+   mesh-pics.rst
 

doc/guides/bluetooth/gap-pics.rst

@@ -1,7 +1,7 @@
-GAP PICS
-********
+GAP ICS
+*******
 
-PTS version: 7.2.0
+PTS version: 7.4.1
 
 \* - different than PTS defaults
 
@@ -30,11 +30,9 @@ Version Configuration
 ==============	==============	=======================================
 Parameter Name	Selected	Description
 ==============	==============	=======================================
-TSPC_GAP_0A_1	False (*)	Core Specification Addendum 3 (CSA3) (C.1)
-TSPC_GAP_0A_2	False (*)	Core Specification Addendum 4 (CSA4) (C.2)
-TSPC_GAP_0A_3	False (*)	Core Spec version 4.1 (Core v4.1) (C.3)
-TSPC_GAP_0A_4	True		Core Spec version 4.2 (Core v4.2) (C.4)
-TSPC_GAP_0A_5	False (*)	Core Spec version 5.0 (Core v5.0) (C.4)
+TSPC_GAP_0A_4	False (*)	Core Spec version 4.2 (Core v4.2) (C.4)
+TSPC_GAP_0A_5	False (*)	Core Spec version 5.0 (Core v5.0) (C.5)
+TSPC_GAP_0A_6	True		Core Spec version 5.1 (Core v5.1) (C.6)
 ==============	==============	=======================================
 
 
@@ -157,7 +155,6 @@ TSPC_GAP_8_2	True		Scannable Undirected Event (O)
 TSPC_GAP_8_3	False (*)	Non-Connectable and Non-Scannable
 				Directed Event (C.1)
 TSPC_GAP_8_4	False (*)	Scannable Directed Event (C.1)
-
 ==============	==============	=======================================
 
 
@@ -171,20 +168,20 @@ TSPC_GAP_8A_1	True		AD Type-Service UUID (O)
 TSPC_GAP_8A_2	True		AD Type-Local Name (O)
 TSPC_GAP_8A_3	True		AD Type-Flags (O)
 TSPC_GAP_8A_4	True		AD Type-Manufacturer Specific Data (O)
-TSPC_GAP_8A_5	False (*)	AD Type-TX Power Level (O)
+TSPC_GAP_8A_5	True		AD Type-TX Power Level (O)
 TSPC_GAP_8A_6	False (*)	AD Type-Security Manager Out of Band
 				(OOB) (C.1)
-TSPC_GAP_8A_7	False (*)	AD Type-Security manager TK Value (O)
-TSPC_GAP_8A_8	False (*)	AD Type-Slave Connection Interval Range (O)
-TSPC_GAP_8A_9	False (*)	AD Type-Service Solicitation (O)
+TSPC_GAP_8A_7	True		AD Type-Security manager TK Value (O)
+TSPC_GAP_8A_8	True		AD Type-Slave Connection Interval Range (O)
+TSPC_GAP_8A_9	True		AD Type-Service Solicitation (O)
 TSPC_GAP_8A_10	True		AD Type-Service Data (O)
 TSPC_GAP_8A_11	True		AD Type-Appearance (O)
-TSPC_GAP_8A_12	False (*)	AD Type-Public Target Address (O)
-TSPC_GAP_8A_13	False (*)	AD Type-Random Target Address (O)
-TSPC_GAP_8A_14	False (*)	AD Type-Advertising Interval (O)
-TSPC_GAP_8A_15	False (*)	AD Type-LE Bluetooth Device Address (O)
-TSPC_GAP_8A_16	False (*)	AD Type-LE Role (O)
-TSPC_GAP_8A_17	False (*)	AD Type-URI (C.3)
+TSPC_GAP_8A_12	True		AD Type-Public Target Address (O)
+TSPC_GAP_8A_13	True		AD Type-Random Target Address (O)
+TSPC_GAP_8A_14	True		AD Type-Advertising Interval (O)
+TSPC_GAP_8A_15	True		AD Type-LE Bluetooth Device Address (O)
+TSPC_GAP_8A_16	True		AD Type-LE Role (O)
+TSPC_GAP_8A_17	True		AD Type-URI (C.3)
 ==============	==============	=======================================
 
 
@@ -217,7 +214,7 @@ Parameter Name	Selected	Description
 TSPC_GAP_11_1	True		Privacy Feature v1.0 (O)
 TSPC_GAP_11_2	True		Resolvable Private Address Generation
 				Procedure (C.1)
-TSPC_GAP_11_3	False (*)	Non-Resolvable Private Address Generation
+TSPC_GAP_11_3	True		Non-Resolvable Private Address Generation
 				Procedure (C.2)
 ==============	==============	=======================================
 
@@ -294,7 +291,7 @@ Observer Privacy Feature
 Parameter Name	Selected	Description
 ==============	==============	=======================================
 TSPC_GAP_17_1	True		Privacy Feature v1.0 (O)
-TSPC_GAP_17_2	False (*)	Non-Resolvable Private Address Generation
+TSPC_GAP_17_2	True		Non-Resolvable Private Address Generation
 				Procedure (C.1)
 TSPC_GAP_17_3	True		Resolvable Private Address Resolution
 				Procedure (C.2)
@@ -367,20 +364,20 @@ TSPC_GAP_20A_1	True		AD Type-Service UUID (C.1)
 TSPC_GAP_20A_2	True		AD Type-Local Name (C.1)
 TSPC_GAP_20A_3	True		AD Type-Flags (C.2)
 TSPC_GAP_20A_4	True		AD Type-Manufacturer Specific Data (C.1)
-TSPC_GAP_20A_5	False (*)	AD Type-TX Power Level (C.1)
+TSPC_GAP_20A_5	True		AD Type-TX Power Level (C.1)
 TSPC_GAP_20A_6	False (*)	AD Type-Security Manager Out of Band (OOB)
 				(C.3)
-TSPC_GAP_20A_7	False (*)	AD Type-Security manager TK Value (C.1)
-TSPC_GAP_20A_8	False (*)	AD Type-Slave Connection Interval Range (C.1)
-TSPC_GAP_20A_9	False (*)	AD Type-Service Solicitation (C.1)
+TSPC_GAP_20A_7	True		AD Type-Security manager TK Value (C.1)
+TSPC_GAP_20A_8	True		AD Type-Slave Connection Interval Range (C.1)
+TSPC_GAP_20A_9	True		AD Type-Service Solicitation (C.1)
 TSPC_GAP_20A_10	True		AD Type-Service Data (C.1)
 TSPC_GAP_20A_11	True		AD Type-Appearance (C.1)
-TSPC_GAP_20A_12	False (*)	AD Type-Public Target Address (C.1)
-TSPC_GAP_20A_13	False (*)	AD Type-Random Target Address (C.1)
-TSPC_GAP_20A_14	False (*)	AD Type-Advertising Interval (C.1)
-TSPC_GAP_20A_15	False (*)	AD Type-LE Bluetooth Device Address (C.1)
-TSPC_GAP_20A_16	False (*)	AD Type-LE Role (C.1)
-TSPC_GAP_20A_17	False (*)	AD Type-URI (C.4)
+TSPC_GAP_20A_12	True		AD Type-Public Target Address (C.1)
+TSPC_GAP_20A_13	True		AD Type-Random Target Address (C.1)
+TSPC_GAP_20A_14	True		AD Type-Advertising Interval (C.1)
+TSPC_GAP_20A_15	True		AD Type-LE Bluetooth Device Address (C.1)
+TSPC_GAP_20A_16	True		AD Type-LE Role (C.1)
+TSPC_GAP_20A_17	True		AD Type-URI (C.4)
 ===============	=============	=======================================
 
 
@@ -463,7 +460,7 @@ TSPC_GAP_25_7	True		Authenticated Pairing
 TSPC_GAP_25_8	True		Unauthenticated Pairing
 				(LE security mode 1 level 2) (C.1)
 TSPC_GAP_25_9	True		LE Security Mode 1 Level 4 (C.3)
-TSPC_GAP_25_10	False (*)	Secure Connections Only Mode  (C.4)
+TSPC_GAP_25_10	True		Secure Connections Only Mode  (C.4)
 ==============	==============	=======================================
 
 
@@ -493,12 +490,31 @@ TSPC_GAP_27_1	True		Device Name (M)
 TSPC_GAP_27_2	True		Appearance (M)
 TSPC_GAP_27_3	False (*)	Peripheral Privacy Flag (C.1)
 TSPC_GAP_27_4	False (*)	Reconnection Address (C.2)
-TSPC_GAP_27_5	False (*)	Peripheral Preferred Connection Parameters
+TSPC_GAP_27_5	True		Peripheral Preferred Connection Parameters
 				(C.3)
-TSPC_GAP_27_6	False (*)	Writable Device Name (C.3)
+TSPC_GAP_27_6	True		Writable Device Name (C.3)
 TSPC_GAP_27_7	False (*)	Writable Appearance (C.3)
 TSPC_GAP_27_8	False (*)	Writable Peripheral Privacy Flag (C.4)
-TSPC_GAP_27_9	False (*)	Central Address Resolution (C.5)
+TSPC_GAP_27_9	True		Central Address Resolution (C.5)
+==============	==============	=======================================
+
+
+Periodic Advertising Modes and Procedures
+=========================================
+
+==============	==============	=======================================
+Parameter Name	Selected	Description
+==============	==============	=======================================
+TSPC_GAP_27A_1	False (*)	Periodic Advertising Synchronization
+				Transfer procedure (C.1)
+TSPC_GAP_27A_2	False (*)	Periodic Advertising Synchronization
+				Establishment procedure over an LE
+				connection without listening for periodic
+				advertising (C.2)
+TSPC_GAP_27A_3	False (*)	Periodic Advertising Synchronization
+				Establishment procedure over an LE
+				connection with listening for periodic
+				advertising (C.3)
 ==============	==============	=======================================
 
 
@@ -552,7 +568,7 @@ TSPC_GAP_31_6	True		Termination Procedure (M)
 TSPC_GAP_31_7	False (*)	LE Ping Procedure (C.1)
 TSPC_GAP_31_8	True		Slave Initiated Feature Exchange Procedure
 				(C.2)
-TSPC_GAP_31_9	False (*)	Connection Parameter Request Procedure (C.3)
+TSPC_GAP_31_9	True		Connection Parameter Request Procedure (C.3)
 TSPC_GAP_31_10	True		Data Length Update Procedure (C.4)
 TSPC_GAP_31_11	True		PHY Update Procedure (C.5)
 TSPC_GAP_31_12	False (*)	Minimum Number Of Used Channels Procedure (C.5)
@@ -627,7 +643,7 @@ Central Privacy Feature
 Parameter Name	Selected	Description
 ==============	==============	=======================================
 TSPC_GAP_36_1	True		Privacy Feature v1.0 (O)
-TSPC_GAP_36_2	False (*)	Non-Resolvable Private Address Generation
+TSPC_GAP_36_2	True		Non-Resolvable Private Address Generation
 				Procedure (C.1)
 TSPC_GAP_36_3	True		Resolvable Private Address Resolution
 				Procedure (C.2)
@@ -650,6 +666,25 @@ TSPC_GAP_37_3	True		Central Address Resolution  (C.1)
 ==============	==============	=======================================
 
 
+Periodic Advertising Modes and Procedures
+=========================================
+
+==============	==============	=======================================
+Parameter Name	Selected	Description
+==============	==============	=======================================
+TSPC_GAP_37A_1	False (*)	Periodic Advertising Synchronization
+				Transfer procedure (C.1)
+TSPC_GAP_37A_2	False (*)	Periodic Advertising Synchronization
+				Establishment procedure over an LE
+				connection without listening for
+				periodic advertising
+TSPC_GAP_37A_3	False (*)	Periodic Advertising Synchronization
+				Establishment procedure over an LE
+				connection with listening for periodic
+				advertising
+==============	==============	=======================================
+
+
 BR/EDR/LE Roles
 ===============
 
@@ -756,13 +791,3 @@ TSPC_GAP_45_2	False (*)	Simultaneous BR/EDR and LE Transports - BR/EDR
 				Master to the same device (C.1)
 ==============	==============	=======================================
 
-
-==============	==============	=======================================
-Parameter Name	Selected	Description
-==============	==============	=======================================
-TSPC_GATT_1_1	True		GATT Client Role (O)
-TSPC_GATT_1_2	True		GATT Server Role (O)
-TSPC_SM_1_1	True		Master Role (Initiator)
-TSPC_SM_1_2	True		Slave Role (Responder)
-TSPC_SM_2_4	False (*)	OOB supported (O)
-==============	==============	=======================================

doc/guides/bluetooth/gatt-pics.rst

@@ -1,7 +1,7 @@
-GATT PICS
-=========
+GATT ICS
+********
 
-PTS version: 7.2.0
+PTS version: 7.4.1
 
 \* - different than PTS defaults
 
@@ -35,7 +35,7 @@ TSPC_GATT_1a_3	True		GATT Server over LE (C.3)
 TSPC_GATT_1a_4	False		GATT Server over BR/EDR (C.4)
 TSPC_GATT_1a_5	False		Complete GATT Client layer over LE (C.5)
 TSPC_GATT_1a_6	False		Complete GATT Client layer over BR/EDR (C.6)
-TSPC_GATT_1a_7	False		Complete GATT Server layer over LE (C.7)
+TSPC_GATT_1a_7	True		Complete GATT Server layer over LE (C.7)
 TSPC_GATT_1a_8	False		Complete GATT Server layer over BR/EDR (C.8)
 ==============	===========	============================================
 
@@ -59,7 +59,7 @@ Generic Attribute Profile Support
 Parameter Name	Selected	Description
 ==============	===========	============================================
 TSPC_GATT_3_1	True		Client: Exchange MTU (C.1)
-TSPC_GATT_3_2	False (*)	Client: Discover All Primary Services (C.1)
+TSPC_GATT_3_2	True		Client: Discover All Primary Services (C.1)
 TSPC_GATT_3_3	True		Client: Discover Primary Services Service
 				UUID (C.1)
 TSPC_GATT_3_4	True		Client: Find Included Services (C.1)
@@ -69,7 +69,7 @@ TSPC_GATT_3_6	True		Client: Discover Characteristics by UUID (C.1)
 TSPC_GATT_3_7	True		Client: Discover All Characteristic Descriptors
 				(C.1)
 TSPC_GATT_3_8	True		Client: Read Characteristic Value (C.1)
-TSPC_GATT_3_9	False (*)	Client: Read using Characteristic UUID (C.1)
+TSPC_GATT_3_9	True		Client: Read using Characteristic UUID (C.1)
 TSPC_GATT_3_10	True		Client: Read Long Characteristic Values (C.1)
 TSPC_GATT_3_11	True		Client: Read Multiple Characteristic
 				Values (C.1)
@@ -89,6 +89,9 @@ TSPC_GATT_3_22	True		Client: Write Long Characteristic Descriptors
 				(C.1)
 TSPC_GATT_3_23	True		Client: Service Changed Characteristic (M)
 TSPC_GATT_3_24	False (*)	Client: Configured Broadcast (C.3)
+TSPC_GATT_3_25	False (*)	Client: Client Supported Features Characteristic
+				(C.4)
+TSPC_GATT_3_26	False (*)	Client: Database Hash Characteristic (C.4)
 ==============	===========	============================================
 
 
@@ -181,6 +184,9 @@ TSPC_GATT_4_22	True		Server: Write Long Characteristic
 TSPC_GATT_4_23	True		Server: Service Changed Characteristic (C.1)
 TSPC_GATT_4_24	False (*)	Server: Configured Broadcast (C.5)
 TSPC_GATT_4_25	False (*)	Server: Execute Write Request with empty queue (C.7)
+TSPC_GATT_4_26	True		Server: Client Supported Features Characteristic
+				(C.9)
+TSPC_GATT_4_27	True    	Server: Database Hash Characteristic (C.8)
 ==============	===========	============================================
 
 
@@ -235,8 +241,8 @@ TSPC_GATT_4B_38	True		Server: Characteristic Format: struct (M)
 ===============	===========	============================================
 
 
-Generic Attribute Profile Service - SDP Interoperability
-========================================================
+SDP Interoperability
+====================
 
 ==============	===========	============================================
 Parameter Name	Selected	Description
@@ -274,12 +280,3 @@ TSPC_GATT_8_1	False (*)	Support for Multiple ATT bearers from same
 				device (C.1)
 ==============	===========	============================================
 
-
-Device Configuration
-====================
-
-==============	===========	============================================
-Parameter Name	Selected	Description
-==============	===========	============================================
-TSPC_GAP_0_2	True		LE (C.2)
-==============	===========	============================================

doc/guides/bluetooth/l2cap-pics.rst

@@ -1,12 +1,12 @@
-L2CAP PICS
-==========
+L2CAP ICS
+*********
 
-PTS version: 7.2.0
+PTS version: 7.4.1
 
 * - different than PTS defaults
 
-Device Configuration
-====================
+L2CAP Transport Configuration
+=============================
 
 ================	===========	=======================================
 Parameter Name		Selected	Description
@@ -97,7 +97,7 @@ TSPC_L2CAP_2_42		True		Send Connection Parameter Update Request
 TSPC_L2CAP_2_43		True		Send Connection Parameter Update
 					Response
 TSPC_L2CAP_2_44		False (*)	Extended Flow Specification for AMP
-TSPC_L2CAP_2_45		True		Send disconnect request command
+TSPC_L2CAP_2_45		False (*)	Send disconnect request command
 TSPC_L2CAP_2_45a	True		Send disconnect request command - LE
 TSCP_L2CAP_2_46		True		Support LE Credit Based Flow Control
 					Mode
@@ -141,3 +141,4 @@ TSPC_L2CAP_3_15		False (*)	Negotiate and support service type
 TSPC_L2CAP_3_16		True		Support Multiple Simultaneous LE Data
 					Channels
 ================	===========	=======================================
+

doc/guides/bluetooth/mesh-pics.rst

@@ -0,0 +1,312 @@
+.. _mesh-pics:
+
+MESH ICS
+********
+
+PTS version: 7.4.1
+
+\* - different than PTS defaults
+
+\^ - field not available on PTS
+
+M - mandatory
+
+O - optional
+
+
+Major Profile Version (X.Y)
+===========================
+
+==============	==============	=======================================
+Parameter Name	Selected	Description
+==============	==============	=======================================
+TSPC_MESH_0_1	True		Mesh v1.0 (M)
+==============	==============	=======================================
+
+
+Minor Profile Version (X.Y.Z)
+=============================
+
+==============	==============	=======================================
+Parameter Name	Selected	Description
+==============	==============	=======================================
+TSPC_MESH_0A_1	True		Erratum 10395 (C.1)
+TSPC_MESH_0A_2	True		Mesh v1.0.1 (C.2)
+==============	==============	=======================================
+
+
+Bluetooth Core Specification v4.0 and Later
+===========================================
+
+==============	==============	=======================================
+Parameter Name	Selected	Description
+==============	==============	=======================================
+TSPC_MESH_1_1	True		Core Specification 4.0 or later version (M)
+==============	==============	=======================================
+
+
+Roles
+=====
+
+==============	==============	=======================================
+Parameter Name	Selected	Description
+==============	==============	=======================================
+TSPC_MESH_2_1	True		Node (C.1)
+TSPC_MESH_2_2	False (*)	Provisioner (C.1)
+==============	==============	=======================================
+
+
+Node Capabilities - Bearers
+===========================
+
+==============	==============	=======================================
+Parameter Name	Selected	Description
+==============	==============	=======================================
+TSPC_MESH_3_1	True		Advertising Bearer (C.1)
+TSPC_MESH_3_2	True		GATT Bearer (C.1)
+==============	==============	=======================================
+
+
+Provisioning
+============
+
+==============	==============	=======================================
+Parameter Name	Selected	Description
+==============	==============	=======================================
+TSPC_MESH_4_1	True		PB-ADV (C.1)
+TSPC_MESH_4_2	True		PB-GATT (C.2)
+TSPC_MESH_4_3	True		Device UUID (C.3)
+TSPC_MESH_4_4	True		Sending Unprovisioned Device Beacon (C.4)
+TSPC_MESH_4_5	True		Generic Provisioning Layer (C.3)
+TSPC_MESH_4_6	True		Provisioning Protocol (C.3)
+TSPC_MESH_4_7	False (*)	Provisioning: Public Key OOB (C.5)
+TSPC_MESH_4_8	True		Provisioning: Public Key No OOB (C.5)
+TSPC_MESH_4_9	True		Provisioning: Authentication Output OOB (C.6)
+TSPC_MESH_4_10	False (*)	Provisioning: Authentication Input OOB (C.6)
+TSPC_MESH_4_11	False (*)	Provisioning: Authentication Static OOB (C.6)
+TSPC_MESH_4_12	True		Provisioning: Authentication No OOB (C.3)
+==============	==============	=======================================
+
+
+Node Capabilities - Network Layer
+=================================
+
+==============	==============	=======================================
+Parameter Name	Selected	Description
+==============	==============	=======================================
+TSPC_MESH_5_1	True		Transmitting and Receiving Secured Network
+				Layer Messages (M)
+TSPC_MESH_5_2	True		Relay Feature (C.1)
+TSPC_MESH_5_3	True		Network Message Cache (C.2)
+==============	==============	=======================================
+
+
+Node Capabilities - Lower Transport Layer
+=========================================
+
+==============	==============	=======================================
+Parameter Name	Selected	Description
+==============	==============	=======================================
+TSPC_MESH_6_1	True		Transmitting and Receiving a Lower Transport
+				PDU (M)
+TSPC_MESH_6_2	True		Segmentation and Reassembly Behavior (M)
+TSPC_MESH_6_3	True		Friend Cache (C.1)
+==============	==============	=======================================
+
+
+Node Capabilities - Upper Transport Layer
+=========================================
+
+==============	==============	=======================================
+Parameter Name	Selected	Description
+==============	==============	=======================================
+TSPC_MESH_7_1	True		Transmitting a Secured Access Payload (M)
+TSPC_MESH_7_2	True		Receiving a Secured Upper Transport PDU (M)
+TSPC_MESH_7_3	True		Friend Feature (C.1)
+TSPC_MESH_7_4	True		Low Power Feature (C.1)
+TSPC_MESH_7_5	True		Heartbeat (M)
+==============	==============	=======================================
+
+
+Node Capabilities - Access Layer
+================================
+
+==============	==============	=======================================
+Parameter Name	Selected	Description
+==============	==============	=======================================
+TSPC_MESH_8_1	True		Transmitting and Receiving an Access Layer
+				Message (M)
+==============	==============	=======================================
+
+
+Node Capabilities - Security
+============================
+
+==============	==============	=======================================
+Parameter Name	Selected	Description
+==============	==============	=======================================
+TSPC_MESH_9_1	True		Message Replay Protection (M)
+==============	==============	=======================================
+
+
+Node Capabilities - Mesh Management
+===================================
+
+==============	==============	=======================================
+Parameter Name	Selected	Description
+==============	==============	=======================================
+TSPC_MESH_10_1	True		Secure Network Beacon (M)
+TSPC_MESH_10_2	True		Key Refresh Procedure (M)
+TSPC_MESH_10_3	True		IV Update Procedure (M)
+TSPC_MESH_10_4	True		IV Index Recovery Procedure (M)
+==============	==============	=======================================
+
+
+Node Capabilities - Foundation Mesh Models
+==========================================
+
+==============	==============	=======================================
+Parameter Name	Selected	Description
+==============	==============	=======================================
+TSPC_MESH_11_1	True		Configuration Server Model (M)
+TSPC_MESH_11_2	True		Health Server Model (M)
+TSPC_MESH_11_3	False (*)	Configuration Client Model (O)
+TSPC_MESH_11_4	False (*)	Health Client Model (O)
+==============	==============	=======================================
+
+
+Node Capabilities - Proxy
+=========================
+
+==============	==============	=======================================
+Parameter Name	Selected	Description
+==============	==============	=======================================
+TSPC_MESH_12_1	True		Proxy Server (C.1)
+TSPC_MESH_12_2	True		GATT Server (C.2)
+TSPC_MESH_12_3	True		Advertising with Network ID (C.2)
+TSPC_MESH_12_4	True		Advertising with Node Identity (C.2)
+TSPC_MESH_12_5	False (*)	Proxy Client (C.3)
+TSPC_MESH_12_6	False (*)	GATT Client (C.4)
+==============	==============	=======================================
+
+
+Mesh GATT Services
+==================
+
+==============	==============	=======================================
+Parameter Name	Selected	Description
+==============	==============	=======================================
+TSPC_MESH_13_1	True		Mesh Provisioning Service (C.1)
+TSPC_MESH_13_2	True		Mesh Proxy Service (C.2)
+==============	==============	=======================================
+
+
+GATT Server Requirements
+========================
+
+==============	==============	=======================================
+Parameter Name	Selected	Description
+==============	==============	=======================================
+TSPC_MESH_14_1	True		Discover All Primary Services (M)
+TSPC_MESH_14_2	True		Discover Primary Services by Service UUID (M)
+TSPC_MESH_14_3	True		Write without Response (M)
+TSPC_MESH_14_4	True		Notification (M)
+TSPC_MESH_14_5	True		Write Characteristic Descriptors (M)
+==============	==============	=======================================
+
+
+GATT Client Requirements
+========================
+
+==============	==============	=======================================
+Parameter Name	Selected	Description
+==============	==============	=======================================
+TSPC_MESH_15_1	False (*)	Discover All Primary Services (C.1)
+TSPC_MESH_15_2	False (*)	Discover Primary Services by Service UUID (C.1)
+TSPC_MESH_15_3	False (*)	Write without Response (M)
+TSPC_MESH_15_4	False (*)	Notification (M)
+TSPC_MESH_15_5	False (*)	Write Characteristic Descriptors (M)
+==============	==============	=======================================
+
+
+GAP Requirements
+================
+
+==============	==============	=======================================
+Parameter Name	Selected	Description
+==============	==============	=======================================
+TSPC_MESH_16_1	True		Broadcaster (C.1)
+TSPC_MESH_16_2	True		Observer (C.1)
+TSPC_MESH_16_3	True		Peripheral (C.2)
+TSPC_MESH_16_4	True		Peripheral - Security Mode 1 (C.2)
+TSPC_MESH_16_5	False (*)	Central (C.3)
+TSPC_MESH_16_6	False (*)	Central - Security Mode 1 (C.3)
+==============	==============	=======================================
+
+
+Provisioner - Bearers
+=====================
+
+==============	==============	=======================================
+Parameter Name	Selected	Description
+==============	==============	=======================================
+TSPC_MESH_17_1	False (*)	Advertising Bearer (C.1)
+TSPC_MESH_17_2	False (*)	GATT Bearer (C.1)
+==============	==============	=======================================
+
+
+Provisioner - Provisioning
+==========================
+
+===============	==============	=======================================
+Parameter Name	Selected	Description
+===============	==============	=======================================
+TSPC_MESH_18_1	False (*)	Receiving Unprovisioned Device Beacon (C.1)
+TSPC_MESH_18_2	False (*)	PB-ADV (C.1)
+TSPC_MESH_18_3	False (*)	Generic Provisioning Layer (M)
+TSPC_MESH_18_4	False (*)	Provisioning Protocol (M)
+TSPC_MESH_18_5	False (*)	PB-GATT (C.2)
+TSPC_MESH_18_6	False (*)	GATT Client (C.2)
+TSPC_MESH_18_7	False (*)	Provisioning: Public Key OOB (M)
+TSPC_MESH_18_8	False (*)	Provisioning: Public Key No OOB (M)
+TSPC_MESH_18_9	False (*)	Provisioning: Authentication Output OOB (M)
+TSPC_MESH_18_10	False (*)	Provisioning: Authentication Input OOB (M)
+TSPC_MESH_18_11	False (*)	Provisioning: Authentication Static or No OOB (M)
+===============	==============	=======================================
+
+
+Provisioner - Mesh Management
+=============================
+
+==============	==============	=======================================
+Parameter Name	Selected	Description
+==============	==============	=======================================
+TSPC_MESH_19_1	False (*)	Receiving Secure Network Beacon (M)
+==============	==============	=======================================
+
+
+GATT Client Requirements
+========================
+
+==============	==============	=======================================
+Parameter Name	Selected	Description
+==============	==============	=======================================
+TSPC_MESH_20_1	False (*)	Discover All Primary Services (C.1)
+TSPC_MESH_20_2	False (*)	Discover Primary Services by Service UUID (C.1)
+TSPC_MESH_20_3	False (*)	Write without Response (M)
+TSPC_MESH_20_4	False (*)	Notification (M)
+TSPC_MESH_20_5	False (*)	Write Characteristic Descriptors (M)
+==============	==============	=======================================
+
+
+GAP Requirements
+================
+
+==============	==============	=======================================
+Parameter Name	Selected	Description
+==============	==============	=======================================
+TSPC_MESH_21_1	False (*)	Broadcaster (C.1)
+TSPC_MESH_21_2	False (*)	Observer (C.1)
+TSPC_MESH_21_3	False (*)	Central (C.2)
+TSPC_MESH_21_4	False (*)	Central - Security Mode 1 (C.2)
+==============	==============	=======================================

doc/guides/bluetooth/sm-pics.rst

@@ -1,7 +1,7 @@
-SM PICS
-*******
+SM ICS
+******
 
-PTS version: 7.2.0
+PTS version: 7.4.1
 
 \* - different than PTS defaults
 
@@ -33,7 +33,7 @@ TSPC_SM_2_1	True		Authenticated MITM protection (O)
 TSPC_SM_2_2	True		Unauthenticated no MITM protection (C.1)
 TSPC_SM_2_3	True		No security requirements (M)
 TSPC_SM_2_4	False		OOB supported (O)
-TSPC_SM_2_5	True		LE Secure Connections (C.2)
+TSPC_SM_2_5	True		Slave Role (Responder) (C.2)
 ===============	===========	=======================================
 
 
@@ -69,7 +69,7 @@ TSPC_SM_5_1	True		Encryption Setup using STK (C.3)
 TSPC_SM_5_2	True		Encryption Setup using LTK (O)
 TSPC_SM_5_3	True		Slave Initiated Security (C.1)
 TSPC_SM_5_4	True		Slave Initiated Security - Master response(C.2)
-TSPC_SM_5_5	True		Link Key Conversion Function h7 (C.4)
+TSPC_SM_5_5	False (*)	Link Key Conversion Function h7 (C.4)
 ===============	===========	=======================================
 
 

doc/guides/west/build-flash-debug.rst

@@ -73,6 +73,18 @@ Additionally you can specify the build system target using the ``--target``
 You can list all targets with ``ninja help`` (or ``west build -t help``) inside
 the build folder.
 
+A clean build can be triggered by using the ``--pristine`` (or ``-p``) option.
+This is particularly handy if you want to switch source dirs or boards without
+using a different build dir::
+
+  west build -b qemu_x86 samples/philosophers
+  west build -p -b reel_board samples/hello_world
+
+If you are unsure about whether the command-line parameters you supply to
+``west build`` require a clean build you can let west decide for you by using
+the ``auto`` setting in the ``--pristine`` option::
+
+  west build -p auto -b reel_board samples/hello_world
 
 Finally, you can add additional arguments to the CMake invocation performed by
 ``west build`` by supplying additional parameters (after a ``--``) to the
@@ -93,6 +105,33 @@ a CMake re-run using the ``-c`` (or ``--cmake``) option::
 
   west build -c
 
+Configuration Options
+=====================
+
+You can :ref:`configure <west-config-cmd>` ``west build`` using these options.
+
+.. NOTE: docs authors: keep this table sorted alphabetically
+
+.. list-table::
+   :widths: 10 30
+   :header-rows: 1
+
+   * - Option
+     - Description
+   * - ``build.pristine``
+     - String. Controls the way in which ``west build`` may clean the build
+       folder before building. Can take the following values:
+
+         - ``never`` (default): Never automatically make the build folder
+           pristine.
+         - ``auto``:  ``west build`` will automatically make the build folder
+           pristine before building, if a build system is present and the build
+           would fail otherwise (e.g. the user has specified a different board
+           or application from the one previously used to make the build
+           directory).
+         - ``always``: Always make the build folder pristine before building, if
+           a build system is present.
+
 .. _west-flashing:
 
 Flashing: ``west flash``

doc/reference/storage/fcb/fcb.rst

@@ -0,0 +1,74 @@
+.. _fcb-manual:
+
+Flash Circular Buffer (FCB)
+###########################
+
+Flash circular buffer provides an abstraction through which you can treat
+flash like a FIFO. You append entries to the end, and read data from the
+beginning.
+
+Description
+***********
+
+Entries in the flash contain the length of the entry, the data within
+the entry, and checksum over the entry contents.
+
+Storage of entries in flash is done in a FIFO fashion. When you
+request space for the next entry, space is located at the end of the
+used area. When you start reading, the first entry served is the
+oldest entry in flash.
+
+Entries can be appended to the end of the area until storage space is
+exhausted. You have control over what happens next; either erase oldest
+block of data, thereby freeing up some space, or stop writing new data
+until existing data has been collected. FCB treats underlying storage as
+an array of flash sectors; when it erases old data, it does this a
+sector at a time.
+
+Entries in the flash are checksummed. That is how FCB detects whether
+writing entry to flash completed ok. It will skip over entries which
+don't have a valid checksum.
+
+Usage
+*****
+
+To add an entry to circular buffer:
+
+- Call `fcb_append` to get the location where data can be written. If
+  this fails due to lack of space, you can call `fcb_rotate` to erase
+  the oldest sector which will make the space. And then call `fcb_append`
+  again.
+- Use `flash_area_write` to write entry contents.
+- Call `fcb_append_finish` when done. This completes the writing of the
+  entry by calculating the checksum.
+
+To read contents of the circular buffer:
+
+- Call `fcb_walk` with a pointer to your callback function.
+- Within callback function copy in data from the entry using
+  `flash_area_read`. You can tell when all data from within a sector
+  has been read by monitoring the returned entry's area pointer. Then you
+  can call `fcb_rotate`, if you're done with that data.
+
+Alternatively:
+
+- Call `fcb_getnext` with 0 in entry offset to get the pointer to
+  the oldest entry.
+- Use `flash_area_read` to read entry contents.
+- Call `fcb_getnext` with pointer to current entry to get the next one.
+  And so on.
+
+API Reference
+*************
+
+The FCB subsystem APIs are provided by ``fcb.h``:
+
+Data structures
+===============
+.. doxygengroup:: fcb_data_structures
+   :project: Zephyr
+
+API functions
+=============
+.. doxygengroup:: fcb_api
+   :project: Zephyr

doc/reference/storage/index.rst

@@ -10,3 +10,4 @@ Storage
    nvs/nvs.rst
    disk/sdhc.rst
    flash_map/flash_map.rst
+   fcb/fcb.rst

doc/releases/release-notes-1.14.rst

@@ -2,9 +2,445 @@
 
 .. _zephyr_1.14:
 
-Zephyr Kernel 1.14.0
+Zephyr 1.14.3
 ####################
 
+This is an LTS maintenance release with fixes.
+
+Security Vulnerability Related
+******************************
+
+The following security vulnerabilities (CVEs) were addressed in this
+release:
+
+* CVE-2020-10066
+* CVE-2020-10069
+* CVE-2020-13601
+* CVE-2020-13602
+
+More detailed information can be found in:
+https://docs.zephyrproject.org/latest/security/vulnerabilities.html
+
+Issues Fixed
+************
+
+These GitHub issues were addressed since the previous 1.14.0 tagged
+release:
+
+.. comment  List derived from GitHub Issue query: ...
+   * :github:`issuenumber` - issue title
+
+* :github:`18334` - DNS resolution is broken for some addresses in master/2.0-pre
+* :github:`19917` - Bluetooth: Controller: Missing LL_ENC_RSP after HCI LTK Negative Reply
+* :github:`21107` - LL_ASSERT and 'Imprecise data bus error' in LL Controller
+* :github:`21257` - tests/net/net_pkt failed on mimxrt1050_evk board.
+* :github:`21299` - bluetooth: Controller does not release buffer on central side after peripheral reset
+* :github:`21601` - '!radio_is_ready()' failed
+* :github:`21756` - tests/kernel/obj_tracing failed on mec15xxevb_assy6853 board.
+* :github:`22968` - Bluetooth: controller: LEGACY: ASSERTION failure on invalid packet sequence
+* :github:`23069` - Bluetooth: controller: Assert in data length update procedure
+* :github:`23109` - LL.TS Test LL/CON/SLA/BV-129-C fails (split)
+* :github:`23805` - Bluetooth: controller: Switching to non conn adv fails for Mesh LPN
+* :github:`24601` - Bluetooth: Mesh: Config Client's net_key_status pulls two key indexes, should pull one.
+* :github:`25518` - settings_fcb: Fix storing the data
+* :github:`25519` - wrong debug function cause kinds of building error
+* :github:`26080` - gPTP time sync fails if having more than one port
+* :github:`28151` - gPTP should allow user setting of priority1 and priority2 fields used in BMCA
+* :github:`28177` - gPTP gptp_priority_vector struct field ordering is wrong
+* :github:`29386` - unexpected behavior when doing syscall with 7 or more arguments
+* :github:`29858` - Bluetooth: Mesh: RPL cleared on LPN disconnect
+* :github:`32430` - Bluetooth: thread crashes when configuring a non 0 Slave Latency
+* :github:`32898` - Bluetooth: controller: Control PDU buffer leak into Data PDU buffer pool
+* :github:`18598` - tests/net/trickle failed on multiple platforms
+* :github:`22751` - STM32F407 I2C driver hangs
+* :github:`24300` - tests/net/trickle failed on frdm_k64f and sam_e70_xplained with v1.14 branch.
+* :github:`24750` - need API to get list of succeed initialization device or add initialization status flag in struct device
+* :github:`24970` - ieee802154 l2: no length check in frame validation
+* :github:`25314` - Bluetooth: controller: legacy: Backport conformance test related changes
+* :github:`25350` - Bluetooth: controller: Data transmission delayed by slave latency
+* :github:`26499` - usermode: random: backport random syscall
+* :github:`26595` - tests/kernel/obj_tracing thread counting issue with 1.14 branch.
+* :github:`27771` - iotdk: cpu_stats function doesn't work as expected
+* :github:`35983` - Bluetooth: controller: Check length field of scan response data
+
+Zephyr 1.14.2
+####################
+
+This is an LTS maintenance release with fixes.
+
+Security Vulnerability Related
+******************************
+
+The following security vulnerabilities (CVEs) were addressed in this
+release:
+
+* CVE-2020-10019
+* CVE-2020-10021
+* CVE-2020-10022
+* CVE-2020-10023
+* CVE-2020-10024
+* CVE-2020-10027
+* CVE-2020-10028
+
+More detailed information can be found in:
+https://docs.zephyrproject.org/latest/security/vulnerabilities.html
+
+Issues Fixed
+************
+
+These GitHub issues were addressed since the previous 1.14.0 tagged
+release:
+
+.. comment  List derived from GitHub Issue query: ...
+   * :github:`issuenumber` - issue title
+
+* :github:`11617` - net: ipv4: udp: broadcast delivery not supported
+* :github:`11743` - logging: add user mode access
+* :github:`14459` - usb: samples: mass: doesn't build with FLASH overlay
+* :github:`15119` - GPIO callback not disabled from an interrupt
+* :github:`15339` - RISC-V: RV32M1: Load access fault when accessing GPIO port E
+* :github:`15354` - counter: stm32: Issue with LSE clock source selection
+* :github:`15373` - IPv4 link local packets are not sent with ARP ethernet type
+* :github:`15443` - usb_dc_stm32: Missing semaphore initialization and missing pin remapping configuration
+* :github:`15444` - Error initiating sdhc disk
+* :github:`15497` - USB DFU: STM32: usb dfu mode doesn't work
+* :github:`15507` - NRF52840: usb composite MSC + HID (with CONFIG_ENABLE_HID_INT_OUT_EP)
+* :github:`15526` - Unhandled identity in bt_conn_create_slave_le
+* :github:`15558` - support for power-of-two MPUs on non-XIP systems
+* :github:`15601` - pwm: nRF default prescalar value is wrong
+* :github:`15603` - Unable to use C++ Standard Library
+* :github:`15605` - Unaligned memory access by ldrd
+* :github:`15678` - Watchdog peripheral api docs aren't generated correctly.
+* :github:`15698` - bluetooth: bt_conn: No proper ID handling
+* :github:`15733` - Bluetooth: controller: Central Encryption setup overlaps Length Request procedure
+* :github:`15794` - mps2_an385 crashes if CONFIG_INIT_STACKS=y and CONFIG_COVERAGE=y
+* :github:`15817` - nrf52: HFXO is not turned off as expected
+* :github:`15904` - concerns with use of CONFIG_BT_MESH_RPL_STORE_TIMEOUT in examples
+* :github:`15911` - Stack size is smaller than it should be
+* :github:`15975` - Openthread - fault with dual network interfaces
+* :github:`16001` - ARC iotdk supports MPU and fpu in hardware but not enabled in kconfig
+* :github:`16002` - the spi base reg address in arc_iot.dtsi has an error
+* :github:`16010` - Coverage reporting fails on many tests
+* :github:`16012` - Source IP address for DHCP renewal messages is unset
+* :github:`16046` - modules are being processed too late.
+* :github:`16080` - Zephyr UART shell crashes on start if main() is blocked
+* :github:`16089` - Mcux Ethernet driver does not detect carrier anymore (it's alway on)
+* :github:`16090` - mpu align support for code relocation on non-XIP system
+* :github:`16143` - posix: clock_settime calculates the base time incorrectly
+* :github:`16155` - drivers: can: wrong value used for filter mode set
+* :github:`16257` - net: icmpv4: Zephyr sends echo reply with multicast source address
+* :github:`16307` - cannot move location counter backwards error happen
+* :github:`16323` - net: ipv6: tcp: unexpected reply to malformed HBH in TCP/IPv6 SYN
+* :github:`16339` - openthread: off-by-one error when calculating ot_flash_offset for settings
+* :github:`16354` - net: ipv6: Zephyr does not reply to fragmented packet
+* :github:`16375` - net: ipv4: udp: Zephyr does not reply to a valid datagram with checksum zero
+* :github:`16379` - net: ipv6: udp: Zephyr replies with illegal UDP checksum zero
+* :github:`16411` - bad regex for west version check in host-tools.cmake
+* :github:`16412` - on reel_board the consumption increases because TX pin is floating
+* :github:`16413` - Missing dependency in cmake
+* :github:`16414` - Backport west build --pristine
+* :github:`16415` - Build errors with C++
+* :github:`16416` - sram size for RT1015 and RT1020 needs to be update.
+* :github:`16417` - issues with can filter mode set
+* :github:`16418` - drivers: watchdog: sam0: check if timeout is valid
+* :github:`16419` - Bluetooth: XTAL feature regression
+* :github:`16478` - Bluetooth: Improper bonded peers handling
+* :github:`16570` - [Coverity CID :198877]Null pointer dereferences in /subsys/net/ip/net_if.c
+* :github:`16577` - [Coverity CID :198870]Error handling issues in /subsys/net/lib/lwm2m/lwm2m_obj_firmware_pull.c
+* :github:`16581` - [Coverity CID :198866]Null pointer dereferences in /subsys/net/lib/dns/llmnr_responder.c
+* :github:`16584` - [Coverity CID :198863]Error handling issues in /subsys/net/lib/sntp/sntp.c
+* :github:`16600` - Bluetooth: Mesh: Proxy SAR timeout is not implemented
+* :github:`16602` - Bluetooth: GATT Discovery: Descriptor Discovery by range Seg Fault
+* :github:`16639` - eth: pinging frdm k64f eventually leads to unresponsive ethernet device
+* :github:`16678` - LPN establishment of Friendship never completes if there is no response to the initial Friend Poll
+* :github:`16711` - Settings reworked to const char processing
+* :github:`16734` - Bluetooth: GATT: Writing 1 byte to a CCC access invalid memory
+* :github:`16745` - PTHREAD_MUTEX_DEFINE(): don't store into the _k_mutex section
+* :github:`16746` - boards: nrf52840_pca10059: Configure NFC pins as GPIOs by default
+* :github:`16749` - IRQ_CONNECT and irq_enable calls in the SiFive UART driver is misconfigured
+* :github:`16750` - counter:  lack of interrupt when CC=0
+* :github:`16760` - K_THREAD_STACK_EXTERN() confuses gen_kobject_list.py
+* :github:`16779` - [Zephyr v1.14] ARM: fix the start address of MPU guard in stack-fail checking (when building with no user mode)
+* :github:`16799` - Bluetooth: L2CAP: Interpretation of SCID and DCID in Disconnect is wrong
+* :github:`16861` - nRF52: UARTE: Data corruption right after resuming device
+* :github:`16864` - Bluetooth: Mesh: Rx buffer exhaustion causes deadlock
+* :github:`16893` - Bluetooth: Multiple local IDs, privacy problem
+* :github:`16943` - Missing test coverage for lib/os/crc*.c
+* :github:`16944` - Insufficient test coverage for lib/os/json.c
+* :github:`17031` - Compiler warnings in settings module in Zephyr 1.14
+* :github:`17038` - code relocation generating different memory layout cause user mode not working
+* :github:`17041` - [1.14] Bluetooth: Mesh: RPL handling is not in line with the spec
+* :github:`17055` - net: Incorrect data length after the connection is established
+* :github:`17057` - Bluetooth: Mesh: Implementation doesn't conform to latest errata and 1.0.1 version
+* :github:`17092` - Bluetooth: GAP/IDLE/NAMP/BV-01-C requires Read by UUID
+* :github:`17170` - x86_64 crash with spinning child thread
+* :github:`17171` - Insufficient code coverage for lib/os/fdtable.c
+* :github:`17177` - ARM: userspace/test_bad_syscall fails on ARMv8-M
+* :github:`17190` - net-mgmt should pass info element size to callback
+* :github:`17250` - After first GC operation the 1st sector had become scratch and the 2nd sector had became write sector.
+* :github:`17251` - w25q: erase operations must be erase-size aligned
+* :github:`17262` - insufficient code coverage for lib/os/base64.c
+* :github:`17288` - Bluetooth: controller: Fix handling of L2CAP start frame with zero PDU length
+* :github:`17294` - DB corruption when adding/removing service
+* :github:`17337` - ArmV7-M mpu sub region alignment
+* :github:`17338` - kernel objects address check in elf_helper.py
+* :github:`17368` - Time Slicing cause system sleep short time
+* :github:`17399` - LwM2M: Can't use an alternate mbedtls implementation
+* :github:`17401` - LwM2M: requires that CONFIG_NET_IPV* be enabled (can't use 100% offloaded IP stack)
+* :github:`17415` - Settings Module - settings_line_val_read() returning -EINVAL instead of 0 for deleted setting entries
+* :github:`17427` - net: IPv4/UDP datagram with zero src addr and TTL causes Zephyr to segfault
+* :github:`17450` - net: IPv6/UDP datagram with unspecified addr and zero hop limit causes Zephyr to quit
+* :github:`17463` - Bluetooth: API limits usage of MITM flags in Pairing Request
+* :github:`17534` - Race condition in GATT API.
+* :github:`17595` - two userspace tests fail if stack canaries are enabled in board configuration
+* :github:`17600` - Enable Mesh Friend support in Bluetooth tester application
+* :github:`17613` - POSIX arch: occasional failures of tests/kernel/sched/schedule_api on CI
+* :github:`17630` - efr32mg_sltb004a tick clock error
+* :github:`17723` - Advertiser never clears state flags
+* :github:`17732` - cannot use bt_conn_security in connected callback
+* :github:`17764` - Broken link to latest development version of docs
+* :github:`17802` - [zephyr 1.14] Address type 0x02 is used by LE Create Connection in device privacy mode
+* :github:`17820` - Mesh  bug report In access.c
+* :github:`17838` - state DEVICE_PM_LOW_POWER_STATE of Device Power Management
+* :github:`17843` - Bluetooth: controller: v1.14.x release conformance test failures
+* :github:`17857` - GATT: Incorrect byte order for GATT database hash
+* :github:`17861` - Tester application lacks BTP Discover All Primary Services handler
+* :github:`17880` - Unable to re-connect to privacy enabled peer when using stack generated Identity
+* :github:`17944` - [zephyr 1.14]  LE Enhanced Connection Complete indicates Resolved Public once connected to Public peer address
+* :github:`17948` - Bluetooth: privacy: Reconnection issue
+* :github:`17967` - drivers/pwm/pwm_api test failed on frdm_k64f board.
+* :github:`17971` - [zephyr 1.14] Unable to register GATT service that was unregistered before
+* :github:`17979` - Security level cannot be elevated after re-connection with privacy
+* :github:`18021` - Socket vtable can access null pointer callback function
+* :github:`18090` - [zephyr 1.14][MESH/NODE/FRND/FN/BV-08-C] Mesh Friend queues more messages than indicates it's Friend Cache
+* :github:`18178` - BLE Mesh When Provisioning Use Input OOB Method
+* :github:`18183` - [zephyr 1.14][GATT/SR/GAS/BV-07-C] GATT Server does not inform change-unaware client about DB changes
+* :github:`18297` - Bluetooth: SMP: Pairing issues
+* :github:`18306` - Unable to reconnect paired devices with controller privacy disabled (host privacy enabled)
+* :github:`18308` - net: TCP/IPv6 set of fragmented packets causes Zephyr to quit
+* :github:`18394` - [Coverity CID :203464]Memory - corruptions in /subsys/net/l2/ethernet/gptp/gptp_mi.c
+* :github:`18462` - potential buffer overrun in logging infrastructure
+* :github:`18580` - Bluetooth: Security fail on initial pairing
+* :github:`18658` - Bluetooth BR/EDR encryption key negotiation vulnerability
+* :github:`18739` - k_uptime_get_32() does not behave as documented
+* :github:`18935` - [Zephyr 1.14] drivers: flash: spi_nor: Problematic write with page boundaries
+* :github:`18961` - [Coverity CID :203912]Error handling issues in /samples/net/sockets/coap_client/src/coap-client.c
+* :github:`19015` - Bluetooth: Mesh: Node doesn't respond to "All Proxies" address
+* :github:`19038` - [zephyr branch 1.14 and master -stm32-netusb]:errors when i view RNDIS Device‘s properties on Windows 10
+* :github:`19059` - i2c_ll_stm32_v2: nack on write is not handled correctly
+* :github:`19103` - zsock_accept_ctx blocks even when O_NONBLOCK is specified
+* :github:`19165` - zephyr_file generates bad links on branches
+* :github:`19263` - Bluetooth: Mesh: Friend Clear Procedure Timeout
+* :github:`19515` - Bluetooth: Controller: assertion failed
+* :github:`19612` - ICMPv6 packet is routed to wrong interface when peer is not found in neighbor cache
+* :github:`19678` - Noticeable delay between processing multiple client connection requests (200ms+)
+* :github:`19889` - Buffer leak in GATT for Write Without Response and Notifications
+* :github:`19982` - Periodically wake up log process thread consume more power
+* :github:`20042` - Telnet can connect only once
+* :github:`20100` - Slave PTP clock time is updated with large value when Master PTP Clock time has changed
+* :github:`20229` - cmake: add --divide to GNU assembler options for x86
+* :github:`20299` - bluetooth: host: Connection not being unreferenced when using CCC match callback
+* :github:`20313` - Zperf documentation points to wrong iPerf varsion
+* :github:`20811` - spi driver
+* :github:`20970` - Bluetooth: Mesh: seg_tx_reset in the transport layer
+* :github:`21131` - Bluetooth: host: Subscriptions not removed upon unpair
+* :github:`21306` - ARC: syscall register save/restore needs backport to 1.14
+* :github:`21431` - missing async uart.h system calls
+* :github:`21432` - watchdog subsystem has no system calls
+* :github:`22275` - arm: cortex-R & M: CONFIG_USERSPACE: intermittent Memory region write access failures
+* :github:`22280` - incorrect linker routing
+* :github:`23153` - Binding AF_PACKET socket second time will fail with multiple network interfaces
+* :github:`23339` - tests/kernel/sched/schedule_api failed on mps2_an385 with v1.14 branch.
+* :github:`23346` - bl65x_dvk boards do not reset after flashing
+
+Zephyr 1.14.1
+####################
+
+This is an LTS maintenance release with fixes, as well as Bluetooth
+qualification listings for the Bluetooth protocol stack included in Zephyr.
+
+Security Vulnerability Related
+******************************
+
+The following security vulnerability (CVE) was addressed in this
+release:
+
+* Fixes CVE-2019-9506: The Bluetooth BR/EDR specification up to and
+  including version 5.1 permits sufficiently low encryption key length
+  and does not prevent an attacker from influencing the key length
+  negotiation. This allows practical brute-force attacks (aka "KNOB")
+  that can decrypt traffic and inject arbitrary ciphertext without the
+  victim noticing.
+
+Bluetooth
+*********
+
+* Qualification:
+
+  * 1.14.x Host subsystem qualified with QDID 139258
+  * 1.14.x Mesh subsystem qualified with QDID 139259
+  * 1.14.x Controller component qualified on Nordic nRF52 with QDID 135679
+
+Issues Fixed
+************
+
+These GitHub issues were addressed since the previous 1.14.0 tagged
+release:
+
+.. comment  List derived from GitHub Issue query: ...
+   * :github:`issuenumber` - issue title
+
+* :github:`11617` - net: ipv4: udp: broadcast delivery not supported
+* :github:`11743` - logging: add user mode access
+* :github:`14459` - usb: samples: mass: doesn't build with FLASH overlay
+* :github:`15279` - mempool alignment might cause a memory block allocated twice
+* :github:`15339` - RISC-V: RV32M1: Load access fault when accessing GPIO port E
+* :github:`15354` - counter: stm32: Issue with LSE clock source selection
+* :github:`15373` - IPv4 link local packets are not sent with ARP ethernet type
+* :github:`15443` - usb_dc_stm32: Missing semaphore initialization and missing pin remapping configuration
+* :github:`15444` - Error initiating sdhc disk
+* :github:`15497` - USB DFU: STM32: usb dfu mode doesn't work
+* :github:`15507` - NRF52840: usb composite MSC + HID (with CONFIG_ENABLE_HID_INT_OUT_EP)
+* :github:`15526` - Unhandled identity in bt_conn_create_slave_le
+* :github:`15558` - support for power-of-two MPUs on non-XIP systems
+* :github:`15601` - pwm: nRF default prescalar value is wrong
+* :github:`15603` - Unable to use C++ Standard Library
+* :github:`15605` - Unaligned memory access by ldrd
+* :github:`15606` - trickle.c can't work for multiple triggerings
+* :github:`15678` - Watchdog peripheral api docs aren't generated correctly.
+* :github:`15698` - bluetooth: bt_conn: No proper ID handling
+* :github:`15733` - Bluetooth: controller: Central Encryption setup overlaps Length Request procedure
+* :github:`15794` - mps2_an385 crashes if CONFIG_INIT_STACKS=y and CONFIG_COVERAGE=y
+* :github:`15817` - nrf52: HFXO is not turned off as expected
+* :github:`15904` - concerns with use of CONFIG_BT_MESH_RPL_STORE_TIMEOUT in examples
+* :github:`15911` - Stack size is smaller than it should be
+* :github:`15975` - Openthread - fault with dual network interfaces
+* :github:`16001` - ARC iotdk supports MPU and fpu in hardware but not enabled in kconfig
+* :github:`16002` - the spi base reg address in arc_iot.dtsi has an error
+* :github:`16010` - Coverage reporting fails on many tests
+* :github:`16012` - Source IP address for DHCP renewal messages is unset
+* :github:`16027` - support for no-flash systems
+* :github:`16046` - modules are being processed too late.
+* :github:`16090` - mpu align support for code relocation on non-XIP system
+* :github:`16107` - Using bt_gatt_read() with 'by_uuid' method returns 3 extra bytes
+* :github:`16143` - posix: clock_settime calculates the base time incorrectly
+* :github:`16155` - drivers: can: wrong value used for filter mode set
+* :github:`16257` - net: icmpv4: Zephyr sends echo reply with multicast source address
+* :github:`16307` - cannot move location counter backwards error happen
+* :github:`16323` - net: ipv6: tcp: unexpected reply to malformed HBH in TCP/IPv6 SYN
+* :github:`16339` - openthread: off-by-one error when calculating ot_flash_offset for settings
+* :github:`16354` - net: ipv6: Zephyr does not reply to fragmented packet
+* :github:`16375` - net: ipv4: udp: Zephyr does not reply to a valid datagram with checksum zero
+* :github:`16379` - net: ipv6: udp: Zephyr replies with illegal UDP checksum zero
+* :github:`16411` - bad regex for west version check in host-tools.cmake
+* :github:`16412` - on reel_board the consumption increases because TX pin is floating
+* :github:`16413` - Missing dependency in cmake
+* :github:`16414` - Backport west build --pristine
+* :github:`16415` - Build errors with C++
+* :github:`16416` - sram size for RT1015 and RT1020 needs to be update.
+* :github:`16417` - issues with can filter mode set
+* :github:`16418` - drivers: watchdog: sam0: check if timeout is valid
+* :github:`16419` - Bluetooth: XTAL feature regression
+* :github:`16478` - Bluetooth: Improper bonded peers handling
+* :github:`16570` - [Coverity CID :198877]Null pointer dereferences in /subsys/net/ip/net_if.c
+* :github:`16577` - [Coverity CID :198870]Error handling issues in /subsys/net/lib/lwm2m/lwm2m_obj_firmware_pull.c
+* :github:`16581` - [Coverity CID :198866]Null pointer dereferences in /subsys/net/lib/dns/llmnr_responder.c
+* :github:`16584` - [Coverity CID :198863]Error handling issues in /subsys/net/lib/sntp/sntp.c
+* :github:`16594` - net: dns: Zephyr is unable to unpack mDNS answers produced by another Zephyr node
+* :github:`16600` - Bluetooth: Mesh: Proxy SAR timeout is not implemented
+* :github:`16602` - Bluetooth: GATT Discovery: Descriptor Discovery by range Seg Fault
+* :github:`16639` - eth: pinging frdm k64f eventually leads to unresponsive ethernet device
+* :github:`16678` - LPN establishment of Friendship never completes if there is no response to the initial Friend Poll
+* :github:`16711` - Settings reworked to const char processing
+* :github:`16734` - Bluetooth: GATT: Writing 1 byte to a CCC access invalid memory
+* :github:`16745` - PTHREAD_MUTEX_DEFINE(): don't store into the _k_mutex section
+* :github:`16746` - boards: nrf52840_pca10059: Configure NFC pins as GPIOs by default
+* :github:`16749` - IRQ_CONNECT and irq_enable calls in the SiFive UART driver is misconfigured
+* :github:`16750` - counter:  lack of interrupt when CC=0
+* :github:`16760` - K_THREAD_STACK_EXTERN() confuses gen_kobject_list.py
+* :github:`16779` - [Zephyr v1.14] ARM: fix the start address of MPU guard in stack-fail checking (when building with no user mode)
+* :github:`16799` - Bluetooth: L2CAP: Interpretation of SCID and DCID in Disconnect is wrong
+* :github:`16864` - Bluetooth: Mesh: Rx buffer exhaustion causes deadlock
+* :github:`16893` - Bluetooth: Multiple local IDs, privacy problem
+* :github:`16943` - Missing test coverage for lib/os/crc\*.c
+* :github:`16944` - Insufficient test coverage for lib/os/json.c
+* :github:`17031` - Compiler warnings in settings module in Zephyr 1.14
+* :github:`17038` - code relocation generating different memory layout cause user mode not working
+* :github:`17041` - [1.14] Bluetooth: Mesh: RPL handling is not in line with the spec
+* :github:`17055` - net: Incorrect data length after the connection is established
+* :github:`17057` - Bluetooth: Mesh: Implementation doesn't conform to latest errata and 1.0.1 version
+* :github:`17092` - Bluetooth: GAP/IDLE/NAMP/BV-01-C requires Read by UUID
+* :github:`17170` - x86_64 crash with spinning child thread
+* :github:`17177` - ARM: userspace/test_bad_syscall fails on ARMv8-M
+* :github:`17190` - net-mgmt should pass info element size to callback
+* :github:`17250` - After first GC operation the 1st sector had become scratch and the 2nd sector had became write sector.
+* :github:`17251` - w25q: erase operations must be erase-size aligned
+* :github:`17262` - insufficient code coverage for lib/os/base64.c
+* :github:`17288` - Bluetooth: controller: Fix handling of L2CAP start frame with zero PDU length
+* :github:`17294` - DB corruption when adding/removing service
+* :github:`17337` - ArmV7-M mpu sub region alignment
+* :github:`17338` - kernel objects address check in elf_helper.py
+* :github:`17368` - Time Slicing cause system sleep short time
+* :github:`17399` - LwM2M: Can't use an alternate mbedtls implementation
+* :github:`17401` - LwM2M: requires that CONFIG_NET_IPV\* be enabled (can't use 100% offloaded IP stack)
+* :github:`17415` - Settings Module - settings_line_val_read() returning -EINVAL instead of 0 for deleted setting entries
+* :github:`17427` - net: IPv4/UDP datagram with zero src addr and TTL causes Zephyr to segfault
+* :github:`17450` - net: IPv6/UDP datagram with unspecified addr and zero hop limit causes Zephyr to quit
+* :github:`17463` - Bluetooth: API limits usage of MITM flags in Pairing Request
+* :github:`17534` - Race condition in GATT API.
+* :github:`17564` - Missing stdlib.h include when C++ standard library is used.
+* :github:`17595` - two userspace tests fail if stack canaries are enabled in board configuration
+* :github:`17600` - Enable Mesh Friend support in Bluetooth tester application
+* :github:`17613` - POSIX arch: occasional failures of tests/kernel/sched/schedule_api on CI
+* :github:`17723` - Advertiser never clears state flags
+* :github:`17732` - cannot use bt_conn_security in connected callback
+* :github:`17764` - Broken link to latest development version of docs
+* :github:`17789` - Bluetooth: host: conn.c missing parameter copy
+* :github:`17802` - [zephyr 1.14] Address type 0x02 is used by LE Create Connection in device privacy mode
+* :github:`17809` - Bluetooth Mesh message cached too early when LPN
+* :github:`17820` - Mesh  bug report In access.c
+* :github:`17821` - Mesh Bug on access.c
+* :github:`17843` - Bluetooth: controller: v1.14.x release conformance test failures
+* :github:`17857` - GATT: Incorrect byte order for GATT database hash
+* :github:`17861` - Tester application lacks BTP Discover All Primary Services handler
+* :github:`17880` - Unable to re-connect to privacy enabled peer when using stack generated Identity
+* :github:`17882` - [zephyr 1.14]  Database Out of Sync error is not returned as expected
+* :github:`17907` - BLE Mesh when resend use GATT bearer
+* :github:`17932` - BLE Mesh When Friend Send Seg Message To LPN
+* :github:`17936` - Bluetooth: Mesh: The canceled buffer is not free, causing a memory leak
+* :github:`17944` - [zephyr 1.14]  LE Enhanced Connection Complete indicates Resolved Public once connected to Public peer address
+* :github:`17948` - Bluetooth: privacy: Reconnection issue
+* :github:`17971` - [zephyr 1.14] Unable to register GATT service that was unregistered before
+* :github:`17977` - BLE Mesh When IV Update Procedure
+* :github:`17979` - Security level cannot be elevated after re-connection with privacy
+* :github:`18013` - BLE Mesh On Net Buffer free issue
+* :github:`18021` - Socket vtable can access null pointer callback function
+* :github:`18090` - [zephyr 1.14][MESH/NODE/FRND/FN/BV-08-C] Mesh Friend queues more messages than indicates it's Friend Cache
+* :github:`18150` - [zephyr 1.14] Host does not change the RPA
+* :github:`18178` - BLE Mesh When Provisioning Use Input OOB Method
+* :github:`18183` - [zephyr 1.14][GATT/SR/GAS/BV-07-C] GATT Server does not inform change-unaware client about DB changes
+* :github:`18194` - [zephyr 1.14][MESH/NODE/CFG/HBP/BV-05-C] Zephyr does not send Heartbeat message on friendship termination
+* :github:`18297` - Bluetooth: SMP: Pairing issues
+* :github:`18306` - Unable to reconnect paired devices with controller privacy disabled (host privacy enabled)
+* :github:`18308` - net: TCP/IPv6 set of fragmented packets causes Zephyr to quit
+* :github:`18394` - [Coverity CID :203464]Memory - corruptions in /subsys/net/l2/ethernet/gptp/gptp_mi.c
+* :github:`18462` - potential buffer overrun in logging infrastructure
+* :github:`18522` - BLE: Mesh: When transport send seg_msg to LPN
+* :github:`18580` - Bluetooth: Security fail on initial pairing
+* :github:`18658` - Bluetooth BR/EDR encryption key negotiation vulnerability
+* :github:`18739` - k_uptime_get_32() does not behave as documented
+* :github:`18813` - fs: nvs: Cannot delete entries
+* :github:`18873` - zsock_socket() should support proto==0
+* :github:`18935` - [Zephyr 1.14] drivers: flash: spi_nor: Problematic write with page boundaries
+* :github:`18961` - [Coverity CID :203912]Error handling issues in /samples/net/sockets/coap_client/src/coap-client.c
+* :github:`19015` - Bluetooth: Mesh: Node doesn't respond to "All Proxies" address
+* :github:`19165` - zephyr_file generates bad links on branches
+* :github:`19181` - sock_set_flag implementation in sock_internal.h does not work for 64 bit pointers
+* :github:`19191` - problem with implementation of sock_set_flag
+
+Zephyr 1.14.0
+##############
+
 We are pleased to announce the release of Zephyr kernel version 1.14.0.
 
 Major enhancements with this release include:

doc/zephyr.doxyfile.in

@@ -229,12 +229,6 @@ ALIASES                = "rst=\verbatim embed:rst" \
 
 ALIASES 	       += "req=\xrefitem req \"Requirement\" \"Requirements\" "
 
-# This tag can be used to specify a number of word-keyword mappings (TCL only).
-# A mapping has the form "name=value". For example adding "class=itcl::class"
-# will allow you to use the command class in the itcl::class meaning.
-
-TCL_SUBST              = YES
-
 # Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C sources
 # only. Doxygen will then generate output that is more tailored for C. For
 # instance, some of the names that are used will be different. The list of all
@@ -762,8 +756,7 @@ INPUT                  = @ZEPHYR_BASE@/include/ \
                          @ZEPHYR_BASE@/include/arch/nios2/ \
                          @ZEPHYR_BASE@/lib/libc/minimal/include/ \
                          @ZEPHYR_BASE@/include/net/dns_resolve.h \
-			 @ZEPHYR_BASE@/subsys/testsuite/ztest/include/ \
-			 @ZEPHYR_BASE@/tests/kernel/
+			 @ZEPHYR_BASE@/subsys/testsuite/ztest/include/
 
 # This tag can be used to specify the character encoding of the source files
 # that doxygen parses. Internally doxygen uses the UTF-8 encoding. Doxygen uses
@@ -839,7 +832,7 @@ EXCLUDE_PATTERNS       =
 
 # Hide internal names (starting with an underscore, and doxygen-generated names
 # for nested unnamed unions that don't generate meaningful sphinx output anyway.
-EXCLUDE_SYMBOLS        = _*  *.__unnamed__
+EXCLUDE_SYMBOLS        = _*  *.__unnamed__ z_* Z_*
 
 # The EXAMPLE_PATH tag can be used to specify one or more files or directories
 # that contain example code fragments that are included (see the \include
@@ -2066,12 +2059,6 @@ EXTERNAL_GROUPS        = YES
 
 EXTERNAL_PAGES         = YES
 
-# The PERL_PATH should be the absolute path and name of the perl script
-# interpreter (i.e. the result of 'which perl').
-# The default file (with absolute path) is: /usr/bin/perl.
-
-PERL_PATH              = /usr/bin/perl
-
 #---------------------------------------------------------------------------
 # Configuration options related to the dot tool
 #---------------------------------------------------------------------------
@@ -2085,15 +2072,6 @@ PERL_PATH              = /usr/bin/perl
 
 CLASS_DIAGRAMS         = NO
 
-# You can define message sequence charts within doxygen comments using the \msc
-# command. Doxygen will then run the mscgen tool (see:
-# http://www.mcternan.me.uk/mscgen/)) to produce the chart and insert it in the
-# documentation. The MSCGEN_PATH tag allows you to specify the directory where
-# the mscgen tool resides. If left empty the tool is assumed to be found in the
-# default search path.
-
-MSCGEN_PATH            =
-
 # You can include diagrams made with dia in doxygen documentation. Doxygen will
 # then run dia to produce the diagram and insert it in the documentation. The
 # DIA_PATH tag allows you to specify the directory where the dia binary resides.

drivers/bluetooth/hci/h4.c

@@ -165,16 +165,11 @@ static struct net_buf *get_rx(int timeout)
 {
 	BT_DBG("type 0x%02x, evt 0x%02x", rx.type, rx.evt.evt);
 
-	if (rx.type == H4_EVT && (rx.evt.evt == BT_HCI_EVT_CMD_COMPLETE ||
-				  rx.evt.evt == BT_HCI_EVT_CMD_STATUS)) {
-		return bt_buf_get_cmd_complete(timeout);
+	if (rx.type == H4_EVT) {
+		return bt_buf_get_evt(rx.evt.evt, rx.discardable, timeout);
 	}
 
-	if (rx.type == H4_ACL) {
-		return bt_buf_get_rx(BT_BUF_ACL_IN, timeout);
-	} else {
-		return bt_buf_get_rx(BT_BUF_EVT, timeout);
-	}
+	return bt_buf_get_rx(BT_BUF_ACL_IN, timeout);
 }
 
 static void rx_thread(void *p1, void *p2, void *p3)

drivers/bluetooth/hci/h5.c

@@ -408,16 +408,7 @@ static inline struct net_buf *get_evt_buf(u8_t evt)
 {
 	struct net_buf *buf;
 
-	switch (evt) {
-	case BT_HCI_EVT_CMD_COMPLETE:
-	case BT_HCI_EVT_CMD_STATUS:
-		buf = bt_buf_get_cmd_complete(K_NO_WAIT);
-		break;
-	default:
-		buf = bt_buf_get_rx(BT_BUF_EVT, K_NO_WAIT);
-		break;
-	}
-
+	buf = bt_buf_get_evt(evt, false, K_NO_WAIT);
 	if (buf) {
 		net_buf_add_u8(h5.rx_buf, evt);
 	}

drivers/bluetooth/hci/spi.c

@@ -353,12 +353,9 @@ static void bt_spi_rx_thread(void)
 					/* Vendor events are currently unsupported */
 					bt_spi_handle_vendor_evt(rxmsg);
 					continue;
-				case BT_HCI_EVT_CMD_COMPLETE:
-				case BT_HCI_EVT_CMD_STATUS:
-					buf = bt_buf_get_cmd_complete(K_FOREVER);
-					break;
 				default:
-					buf = bt_buf_get_rx(BT_BUF_EVT, K_FOREVER);
+					buf = bt_buf_get_evt(rxmsg[EVT_HEADER_EVENT],
+							     false, K_FOREVER);
 					break;
 				}
 

drivers/bluetooth/hci/userchan.c

@@ -57,16 +57,11 @@ static int bt_dev_index = -1;
 
 static struct net_buf *get_rx(const u8_t *buf)
 {
-	if (buf[0] == H4_EVT && (buf[1] == BT_HCI_EVT_CMD_COMPLETE ||
-				 buf[1] == BT_HCI_EVT_CMD_STATUS)) {
-		return bt_buf_get_cmd_complete(K_FOREVER);
+	if (buf[0] == H4_EVT) {
+		return bt_buf_get_evt(buf[1], false, K_FOREVER);
 	}
 
-	if (buf[0] == H4_ACL) {
-		return bt_buf_get_rx(BT_BUF_ACL_IN, K_FOREVER);
-	} else {
-		return bt_buf_get_rx(BT_BUF_EVT, K_FOREVER);
-	}
+	return bt_buf_get_rx(BT_BUF_ACL_IN, K_FOREVER);
 }
 
 static bool uc_ready(void)

drivers/can/stm32_can.c

@@ -571,15 +571,15 @@ static void can_stm32_set_filter_bank(int filter_nr,
 
 static inline void can_stm32_set_mode_scale(enum can_filter_type filter_type,
 					    u32_t *mode_reg, u32_t *scale_reg,
-					    int  filter_nr)
+					    int  bank_nr)
 {
-	u32_t mode_reg_bit  = (filter_type & 0x01) << filter_nr;
-	u32_t scale_reg_bit = (filter_type >>   1) << filter_nr;
+	u32_t mode_reg_bit  = (filter_type & 0x01) << bank_nr;
+	u32_t scale_reg_bit = (filter_type >>   1) << bank_nr;
 
-	*mode_reg &= ~(1 << filter_nr);
+	*mode_reg &= ~(1 << bank_nr);
 	*mode_reg |= mode_reg_bit;
 
-	*scale_reg &= ~(1 << filter_nr);
+	*scale_reg &= ~(1 << bank_nr);
 	*scale_reg |= scale_reg_bit;
 }
 
@@ -699,7 +699,7 @@ static inline int can_stm32_set_filter(const struct zcan_filter *filter,
 		u32_t scale_reg = can->FS1R;
 
 		can_stm32_set_mode_scale(filter_type, &mode_reg, &scale_reg,
-					 filter_nr);
+					 bank_nr);
 
 		shift_width = filter_in_bank[filter_type] - filter_in_bank[bank_mode];
 

drivers/counter/Kconfig.stm32_rtc

@@ -36,7 +36,7 @@ if !SOC_SERIES_STM32F4X
 
 choice COUNTER_RTC_STM32_LSE_DRIVE
 	prompt "LSE oscillator drive capability"
-	depends on RTC_STM32_CLOCK_LSE
+	depends on COUNTER_RTC_STM32_CLOCK_LSE
 
 config COUNTER_RTC_STM32_LSE_DRIVE_LOW
 	bool "Low"

drivers/counter/counter_ll_stm32_rtc.c

@@ -275,10 +275,14 @@ static int rtc_stm32_init(struct device *dev)
 
 #else /* CONFIG_COUNTER_RTC_STM32_CLOCK_LSE */
 
-#ifndef(CONFIG_SOC_SERIES_STM32F4X)
+#if !defined(CONFIG_SOC_SERIES_STM32F4X) &&	\
+	!defined(CONFIG_SOC_SERIES_STM32F2X)
+
 	LL_RCC_LSE_SetDriveCapability(
 		CONFIG_COUNTER_RTC_STM32_LSE_DRIVE_STRENGTH);
-#endif /* !CONFIG_SOC_SERIES_STM32F4X */
+
+#endif /* !CONFIG_SOC_SERIES_STM32F4X && !CONFIG_SOC_SERIES_STM32F2X */
+
 	LL_RCC_LSE_Enable();
 
 	/* Wait until LSE is ready */

drivers/counter/counter_nrfx_rtc.c

@@ -99,6 +99,15 @@ static int counter_nrfx_set_alarm(struct device *dev, u8_t chan_id,
 	nrfx_config->ch_data[chan_id].callback = alarm_cfg->callback;
 	nrfx_config->ch_data[chan_id].user_data = alarm_cfg->user_data;
 
+	if ((cc_val == 0) &&
+	    (get_dev_data(dev)->top != counter_get_max_top_value(dev))) {
+		/* From Product Specification: If a CC register value is 0 when
+		 * a CLEAR task is set, this will not trigger a COMPARE event.
+		 */
+		LOG_INST_INF(nrfx_config->log,
+				"Attempt to set CC to 0, delayed to 1.");
+		cc_val++;
+	}
 	nrfx_rtc_cc_set(rtc, ID_TO_CC(chan_id), cc_val, true);
 
 	return 0;

drivers/crypto/CMakeLists.txt

@@ -1,6 +1,5 @@
 # SPDX-License-Identifier: Apache-2.0
 
-zephyr_link_interface_ifdef(CONFIG_MBEDTLS mbedTLS)
 zephyr_library()
 zephyr_library_sources_ifdef(CONFIG_CRYPTO_TINYCRYPT_SHIM	crypto_tc_shim.c)
 zephyr_library_sources_ifdef(CONFIG_CRYPTO_ATAES132A		crypto_ataes132a.c)

drivers/entropy/entropy_sam.c

@@ -18,7 +18,7 @@ struct trng_sam_dev_cfg {
 #define DEV_CFG(dev) \
 	((const struct trng_sam_dev_cfg *const)(dev)->config->config_info)
 
-static int entropy_sam_wait_ready(Trng *const trng)
+static int entropy_sam_wait_ready(Trng * const trng, u32_t flags)
 {
 	/* According to the reference manual, the generator provides
 	 * one 32-bit random value every 84 peripheral clock cycles.
@@ -36,14 +36,23 @@ static int entropy_sam_wait_ready(Trng *const trng)
 			return -ETIMEDOUT;
 		}
 
-		k_yield();
+		if ((flags & ENTROPY_BUSYWAIT) == 0U) {
+			/* This internal function is used by both get_entropy,
+			 * and get_entropy_isr APIs. The later may call this
+			 * function with the ENTROPY_BUSYWAIT flag set. In
+			 * that case make no assumption that the kernel is
+			 * initialized when the function is called; so, just
+			 * do busy-wait for the random data to be ready.
+			 */
+			k_yield();
+		}
 	}
 
 	return 0;
 }
 
-static int entropy_sam_get_entropy(struct device *dev, u8_t *buffer,
-				   u16_t length)
+static int entropy_sam_get_entropy_internal(struct device *dev, u8_t *buffer,
+				   u16_t length, u32_t flags)
 {
 	Trng *const trng = DEV_CFG(dev)->regs;
 
@@ -52,7 +61,7 @@ static int entropy_sam_get_entropy(struct device *dev, u8_t *buffer,
 		u32_t value;
 		int res;
 
-		res = entropy_sam_wait_ready(trng);
+		res = entropy_sam_wait_ready(trng, flags);
 		if (res < 0) {
 			return res;
 		}
@@ -68,6 +77,60 @@ static int entropy_sam_get_entropy(struct device *dev, u8_t *buffer,
 	return 0;
 }
 
+static int entropy_sam_get_entropy(struct device *dev, u8_t *buffer,
+				   u16_t length)
+{
+	return entropy_sam_get_entropy_internal(dev, buffer, length, 0);
+}
+
+static int entropy_sam_get_entropy_isr(struct device *dev, u8_t *buffer,
+				   u16_t length, u32_t flags)
+{
+	u16_t cnt = length;
+
+
+	if ((flags & ENTROPY_BUSYWAIT) == 0U) {
+
+		/* No busy wait; return whatever data is available. */
+
+		Trng * const trng = DEV_CFG(dev)->regs;
+
+		do {
+			size_t to_copy;
+			u32_t value;
+
+			if (!(trng->TRNG_ISR & TRNG_ISR_DATRDY)) {
+
+				/* Data not ready */
+				break;
+			}
+
+			value = trng->TRNG_ODATA;
+			to_copy = MIN(length, sizeof(value));
+
+			memcpy(buffer, &value, to_copy);
+			buffer += to_copy;
+			length -= to_copy;
+
+		} while (length > 0);
+
+		return cnt - length;
+
+	} else {
+		/* Allowed to busy-wait */
+		int ret =
+			entropy_sam_get_entropy_internal(dev,
+				buffer, length, flags);
+
+		if (ret == 0) {
+			/* Data retrieved successfully. */
+			return cnt;
+		}
+
+		return ret;
+	}
+}
+
 static int entropy_sam_init(struct device *dev)
 {
 	Trng *const trng = DEV_CFG(dev)->regs;
@@ -82,7 +145,8 @@ static int entropy_sam_init(struct device *dev)
 }
 
 static const struct entropy_driver_api entropy_sam_api = {
-	.get_entropy = entropy_sam_get_entropy
+	.get_entropy = entropy_sam_get_entropy,
+	.get_entropy_isr = entropy_sam_get_entropy_isr
 };
 
 static const struct trng_sam_dev_cfg trng_sam_cfg = {

drivers/ethernet/eth_mcux.c

@@ -26,6 +26,7 @@ LOG_MODULE_REGISTER(LOG_MODULE_NAME);
 #include <net/net_if.h>
 #include <net/ethernet.h>
 #include <ethernet/eth_stats.h>
+#include <random/rand32.h>
 
 #if defined(CONFIG_PTP_CLOCK_MCUX)
 #include <ptp_clock.h>
@@ -326,8 +327,12 @@ static void eth_mcux_phy_event(struct eth_context *context)
 					  kENET_MiiReadValidFrame);
 			context->link_up = link_up;
 			context->phy_state = eth_mcux_phy_state_read_duplex;
-			net_eth_carrier_on(context->iface);
-			k_sleep(USEC_PER_MSEC);
+
+			/* Network interface might be NULL at this point */
+			if (context->iface) {
+				net_eth_carrier_on(context->iface);
+				k_sleep(USEC_PER_MSEC);
+			}
 		} else if (!link_up && context->link_up) {
 			LOG_INF("Link down");
 			context->link_up = link_up;

drivers/ethernet/eth_native_posix.c

@@ -23,6 +23,7 @@ LOG_MODULE_REGISTER(LOG_MODULE_NAME);
 #include <stdbool.h>
 #include <errno.h>
 #include <stddef.h>
+#include <random/rand32.h>
 
 #include <net/net_pkt.h>
 #include <net/net_core.h>

drivers/ethernet/eth_sam_gmac.c

@@ -28,6 +28,7 @@ LOG_MODULE_REGISTER(LOG_MODULE_NAME);
 #include <device.h>
 #include <misc/__assert.h>
 #include <misc/util.h>
+#include <random/rand32.h>
 #include <errno.h>
 #include <stdbool.h>
 #include <net/net_pkt.h>

drivers/ethernet/eth_stm32_hal.c

@@ -20,6 +20,7 @@ LOG_MODULE_REGISTER(LOG_MODULE_NAME);
 #include <net/ethernet.h>
 #include <ethernet/eth_stats.h>
 #include <soc.h>
+#include <random/rand32.h>
 #include <misc/printk.h>
 #include <clock_control.h>
 #include <clock_control/stm32_clock_control.h>

drivers/flash/flash_stm32.c

@@ -1,6 +1,7 @@
 /*
  * Copyright (c) 2017 Linaro Limited
  * Copyright (c) 2017 BayLibre, SAS.
+ * Copyright (c) 2019 Centaur Analytics, Inc
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -16,21 +17,26 @@
 
 /* STM32F0: maximum erase time of 40ms for a 2K sector */
 #if defined(CONFIG_SOC_SERIES_STM32F0X)
-#define STM32_FLASH_TIMEOUT	(K_MSEC(40))
+#define STM32_FLASH_MAX_ERASE_TIME	(K_MSEC(40))
 /* STM32F3: maximum erase time of 40ms for a 2K sector */
 #elif defined(CONFIG_SOC_SERIES_STM32F3X)
-#define STM32_FLASH_TIMEOUT	(K_MSEC(40))
+#define STM32_FLASH_MAX_ERASE_TIME	(K_MSEC(40))
 /* STM32F4: maximum erase time of 4s for a 128K sector */
 #elif defined(CONFIG_SOC_SERIES_STM32F4X)
-#define STM32_FLASH_TIMEOUT	(K_MSEC(4000))
+#define STM32_FLASH_MAX_ERASE_TIME	(K_MSEC(4000))
 /* STM32F7: maximum erase time of 4s for a 256K sector */
 #elif defined(CONFIG_SOC_SERIES_STM32F7X)
-#define STM32_FLASH_TIMEOUT	(K_MSEC(4000))
+#define STM32_FLASH_MAX_ERASE_TIME	(K_MSEC(4000))
 /* STM32L4: maximum erase time of 24.47ms for a 2K sector */
 #elif defined(CONFIG_SOC_SERIES_STM32L4X)
-#define STM32_FLASH_TIMEOUT	(K_MSEC(25))
+#define STM32_FLASH_MAX_ERASE_TIME	(K_MSEC(25))
 #endif
 
+/* Let's wait for double the max erase time to be sure that the operation is
+ * completed.
+ */
+#define STM32_FLASH_TIMEOUT	(2 * STM32_FLASH_MAX_ERASE_TIME)
+
 /*
  * This is named flash_stm32_sem_take instead of flash_stm32_lock (and
  * similarly for flash_stm32_sem_give) to avoid confusion with locking

drivers/flash/spi_flash_w25qxxdv.c

@@ -342,17 +342,19 @@ static int spi_flash_wb_erase(struct device *dev, off_t offset, size_t size)
 			break;
 		}
 
-		if (size_remaining >= W25QXXDV_BLOCK_SIZE) {
+		if ((size_remaining >= W25QXXDV_BLOCK_SIZE) &&
+			((new_offset & (W25QXXDV_BLOCK_SIZE - 1)) == 0)) {
 			ret = spi_flash_wb_erase_internal(dev, new_offset,
-							  W25QXXDV_BLOCK_SIZE);
+							W25QXXDV_BLOCK_SIZE);
 			new_offset += W25QXXDV_BLOCK_SIZE;
 			size_remaining -= W25QXXDV_BLOCK_SIZE;
 			continue;
 		}
 
-		if (size_remaining >= W25QXXDV_BLOCK32K_SIZE) {
+		if ((size_remaining >= W25QXXDV_BLOCK32K_SIZE) &&
+			((new_offset & (W25QXXDV_BLOCK32K_SIZE - 1)) == 0)) {
 			ret = spi_flash_wb_erase_internal(dev, new_offset,
-							  W25QXXDV_BLOCK32K_SIZE);
+							W25QXXDV_BLOCK32K_SIZE);
 			new_offset += W25QXXDV_BLOCK32K_SIZE;
 			size_remaining -= W25QXXDV_BLOCK32K_SIZE;
 			continue;
@@ -360,7 +362,7 @@ static int spi_flash_wb_erase(struct device *dev, off_t offset, size_t size)
 
 		if (size_remaining >= W25QXXDV_SECTOR_SIZE) {
 			ret = spi_flash_wb_erase_internal(dev, new_offset,
-							  W25QXXDV_SECTOR_SIZE);
+							W25QXXDV_SECTOR_SIZE);
 			new_offset += W25QXXDV_SECTOR_SIZE;
 			size_remaining -= W25QXXDV_SECTOR_SIZE;
 			continue;

drivers/flash/spi_nor.c

@@ -21,6 +21,8 @@
 #define SZ_32K  0x8000
 #define SZ_64K  0x10000
 
+#define SPI_NOR_PAGE_SIZE 256
+
 #define MASK_256 0xFF
 #define MASK_4K  0xFFF
 #define MASK_32K 0x7FFF
@@ -125,7 +127,7 @@ static int spi_nor_access(const struct device *const dev,
 #define spi_nor_cmd_write(dev, opcode) \
 	spi_nor_access(dev, opcode, false, 0, NULL, 0, true)
 #define spi_nor_cmd_addr_write(dev, opcode, addr, src, length) \
-	spi_nor_access(dev, opcode, true, addr, src, length, true)
+	spi_nor_access(dev, opcode, true, addr, (void *)src, length, true)
 
 /**
  * @brief Retrieve the Flash JEDEC ID and compare it with the one expected
@@ -175,7 +177,6 @@ static int spi_nor_read(struct device *dev, off_t addr, void *dest,
 	struct spi_nor_data *const driver_data = dev->driver_data;
 	const struct spi_nor_config *params = dev->config->config_info;
 	int ret;
-	int to_read;
 
 	/* should be between 0 and flash size */
 	if ((addr < 0) || (addr + size) >  (params->sector_size
@@ -187,26 +188,10 @@ static int spi_nor_read(struct device *dev, off_t addr, void *dest,
 
 	spi_nor_wait_until_ready(dev);
 
-	while (size) {
-		to_read = size;
-		if (size > params->page_size) {
-			to_read = params->page_size;
-		}
-
-		ret = spi_nor_cmd_addr_read(dev, SPI_NOR_CMD_READ, addr,
-					    dest, to_read);
-		if (ret != 0) {
-			SYNC_UNLOCK();
-			return ret;
-		}
-
-		size -= to_read;
-		addr += to_read;
-		dest = (u8_t *)dest + to_read;
-	}
+	ret = spi_nor_cmd_addr_read(dev, SPI_NOR_CMD_READ, addr, dest, size);
 
 	SYNC_UNLOCK();
-	return 0;
+	return ret;
 }
 
 static int spi_nor_write(struct device *dev, off_t addr, const void *src,
@@ -215,7 +200,6 @@ static int spi_nor_write(struct device *dev, off_t addr, const void *src,
 	struct spi_nor_data *const driver_data = dev->driver_data;
 	const struct spi_nor_config *params = dev->config->config_info;
 	int ret;
-	size_t to_write;
 
 	/* should be between 0 and flash size */
 	if ((addr < 0) || ((size + addr) > (params->sector_size *
@@ -225,25 +209,31 @@ static int spi_nor_write(struct device *dev, off_t addr, const void *src,
 
 	SYNC_LOCK();
 
-	while (size) {
-		/* write enable */
-		spi_nor_cmd_write(dev, SPI_NOR_CMD_WREN);
+	while (size > 0) {
+		size_t to_write = size;
 
-		to_write = size;
-		if (size >= params->page_size) {
-			to_write = params->page_size;
+		/* Don't write more than a page. */
+		if (to_write >= SPI_NOR_PAGE_SIZE) {
+			to_write = SPI_NOR_PAGE_SIZE;
 		}
 
+		/* Don't write across a page boundary */
+		if (((addr + to_write - 1U) / SPI_NOR_PAGE_SIZE)
+		    != (addr / SPI_NOR_PAGE_SIZE)) {
+			to_write = SPI_NOR_PAGE_SIZE - (addr % SPI_NOR_PAGE_SIZE);
+		}
+
+		spi_nor_cmd_write(dev, SPI_NOR_CMD_WREN);
 		ret = spi_nor_cmd_addr_write(dev, SPI_NOR_CMD_PP, addr,
-					     (void *)src, to_write);
+					     src, to_write);
 		if (ret != 0) {
 			SYNC_UNLOCK();
 			return ret;
 		}
 
 		size -= to_write;
+		src = (const u8_t *)src + to_write;
 		addr += to_write;
-		src = (u8_t *)src + to_write;
 
 		spi_nor_wait_until_ready(dev);
 	}

drivers/gpio/gpio_handlers.c

@@ -29,17 +29,20 @@ Z_SYSCALL_HANDLER(gpio_read, port, access_op, pin, value)
 
 Z_SYSCALL_HANDLER(gpio_enable_callback, port, access_op, pin)
 {
+	Z_OOPS(Z_SYSCALL_DRIVER_GPIO(port, enable_callback));
 	return z_impl_gpio_enable_callback((struct device *)port, access_op,
 					  pin);
 }
 
 Z_SYSCALL_HANDLER(gpio_disable_callback, port, access_op, pin)
 {
+	Z_OOPS(Z_SYSCALL_DRIVER_GPIO(port, disable_callback));
 	return z_impl_gpio_disable_callback((struct device *)port, access_op,
 					   pin);
 }
 
 Z_SYSCALL_HANDLER(gpio_get_pending_int, port)
 {
+	Z_OOPS(Z_SYSCALL_DRIVER_GPIO(port, get_pending_int));
 	return z_impl_gpio_get_pending_int((struct device *)port);
 }

drivers/gpio/gpio_nrfx.c

@@ -400,7 +400,25 @@ static u32_t check_level_trigger_pins(struct device *port)
 
 static inline void fire_callbacks(struct device *port, u32_t pins)
 {
-	gpio_fire_callbacks(&get_port_data(port)->callbacks, port, pins);
+	struct gpio_nrfx_data *data = get_port_data(port);
+	sys_slist_t *list = &data->callbacks;
+	struct gpio_callback *cb, *tmp;
+
+	/* Instead of calling the common gpio_fire_callbacks() function,
+	 * iterate the list of callbacks locally, to be able to perform
+	 * additional masking of the pins and to call handlers only for
+	 * the currently enabled callbacks.
+	 */
+	SYS_SLIST_FOR_EACH_CONTAINER_SAFE(list, cb, tmp, node) {
+		/* Check currently enabled callbacks (data->int_en) in each
+		 * iteration, as some callbacks may get disabled also in any
+		 * of the handlers called here.
+		 */
+		if ((cb->pin_mask & pins) & data->int_en) {
+			__ASSERT(cb->handler, "No callback handler!");
+			cb->handler(port, cb, pins);
+		}
+	}
 }
 
 #ifdef CONFIG_GPIO_NRF_P0

drivers/gpio/gpio_rv32m1.c

@@ -12,6 +12,7 @@
 #include <soc.h>
 #include <fsl_common.h>
 #include <fsl_port.h>
+#include <clock_control.h>
 
 #include "gpio_utils.h"
 
@@ -19,6 +20,9 @@ struct gpio_rv32m1_config {
 	GPIO_Type *gpio_base;
 	PORT_Type *port_base;
 	unsigned int flags;
+	char *clock_controller;
+	clock_control_subsys_t clock_subsys;
+	int (*irq_config_func)(struct device *dev);
 };
 
 struct gpio_rv32m1_data {
@@ -228,6 +232,27 @@ static void gpio_rv32m1_port_isr(void *arg)
 	config->port_base->ISFR = 0xFFFFFFFF;
 }
 
+static int gpio_rv32m1_init(struct device *dev)
+{
+	const struct gpio_rv32m1_config *config = dev->config->config_info;
+	struct device *clk;
+	int ret;
+
+	if (config->clock_controller) {
+		clk = device_get_binding(config->clock_controller);
+		if (!clk) {
+			return -ENODEV;
+		}
+
+		ret = clock_control_on(clk, config->clock_subsys);
+
+		if (ret < 0) {
+			return ret;
+		}
+	}
+
+	return config->irq_config_func(dev);
+}
 
 static const struct gpio_driver_api gpio_rv32m1_driver_api = {
 	.config = gpio_rv32m1_configure,
@@ -248,13 +273,21 @@ static const struct gpio_rv32m1_config gpio_rv32m1_porta_config = {
 	.flags = GPIO_INT,
 #else
 	.flags = 0,
+#endif
+	.irq_config_func = gpio_rv32m1_porta_init,
+#ifdef DT_OPENISA_RV32M1_GPIO_GPIO_A_CLOCK_CONTROLLER
+	.clock_controller = DT_OPENISA_RV32M1_GPIO_GPIO_A_CLOCK_CONTROLLER,
+	.clock_subsys = (clock_control_subsys_t)
+			DT_OPENISA_RV32M1_GPIO_GPIO_A_CLOCK_NAME,
+#else
+	.clock_controller = NULL,
 #endif
 };
 
 static struct gpio_rv32m1_data gpio_rv32m1_porta_data;
 
 DEVICE_AND_API_INIT(gpio_rv32m1_porta, DT_OPENISA_RV32M1_GPIO_GPIO_A_LABEL,
-		    gpio_rv32m1_porta_init,
+		    gpio_rv32m1_init,
 		    &gpio_rv32m1_porta_data, &gpio_rv32m1_porta_config,
 		    POST_KERNEL, CONFIG_KERNEL_INIT_PRIORITY_DEFAULT,
 		    &gpio_rv32m1_driver_api);
@@ -285,13 +318,21 @@ static const struct gpio_rv32m1_config gpio_rv32m1_portb_config = {
 	.flags = GPIO_INT,
 #else
 	.flags = 0,
+#endif
+	.irq_config_func = gpio_rv32m1_portb_init,
+#ifdef DT_OPENISA_RV32M1_GPIO_GPIO_B_CLOCK_CONTROLLER
+	.clock_controller = DT_OPENISA_RV32M1_GPIO_GPIO_B_CLOCK_CONTROLLER,
+	.clock_subsys = (clock_control_subsys_t)
+			DT_OPENISA_RV32M1_GPIO_GPIO_B_CLOCK_NAME,
+#else
+	.clock_controller = NULL,
 #endif
 };
 
 static struct gpio_rv32m1_data gpio_rv32m1_portb_data;
 
 DEVICE_AND_API_INIT(gpio_rv32m1_portb, DT_OPENISA_RV32M1_GPIO_GPIO_B_LABEL,
-		    gpio_rv32m1_portb_init,
+		    gpio_rv32m1_init,
 		    &gpio_rv32m1_portb_data, &gpio_rv32m1_portb_config,
 		    POST_KERNEL, CONFIG_KERNEL_INIT_PRIORITY_DEFAULT,
 		    &gpio_rv32m1_driver_api);
@@ -323,12 +364,21 @@ static const struct gpio_rv32m1_config gpio_rv32m1_portc_config = {
 #else
 	.flags = 0,
 #endif
+	.irq_config_func = gpio_rv32m1_portc_init,
+#ifdef DT_OPENISA_RV32M1_GPIO_GPIO_C_CLOCK_CONTROLLER
+	.clock_controller = DT_OPENISA_RV32M1_GPIO_GPIO_C_CLOCK_CONTROLLER,
+	.clock_subsys = (clock_control_subsys_t)
+			DT_OPENISA_RV32M1_GPIO_GPIO_C_CLOCK_NAME,
+#else
+	.clock_controller = NULL,
+#endif
+
 };
 
 static struct gpio_rv32m1_data gpio_rv32m1_portc_data;
 
 DEVICE_AND_API_INIT(gpio_rv32m1_portc, DT_OPENISA_RV32M1_GPIO_GPIO_C_LABEL,
-		    gpio_rv32m1_portc_init,
+		    gpio_rv32m1_init,
 		    &gpio_rv32m1_portc_data, &gpio_rv32m1_portc_config,
 		    POST_KERNEL, CONFIG_KERNEL_INIT_PRIORITY_DEFAULT,
 		    &gpio_rv32m1_driver_api);
@@ -359,13 +409,21 @@ static const struct gpio_rv32m1_config gpio_rv32m1_portd_config = {
 	.flags = GPIO_INT,
 #else
 	.flags = 0,
+#endif
+	.irq_config_func = gpio_rv32m1_portd_init,
+#ifdef DT_OPENISA_RV32M1_GPIO_GPIO_D_CLOCK_CONTROLLER
+	.clock_controller = DT_OPENISA_RV32M1_GPIO_GPIO_D_CLOCK_CONTROLLER,
+	.clock_subsys = (clock_control_subsys_t)
+			DT_OPENISA_RV32M1_GPIO_GPIO_D_CLOCK_NAME,
+#else
+	.clock_controller = NULL,
 #endif
 };
 
 static struct gpio_rv32m1_data gpio_rv32m1_portd_data;
 
 DEVICE_AND_API_INIT(gpio_rv32m1_portd, DT_OPENISA_RV32M1_GPIO_GPIO_D_LABEL,
-		    gpio_rv32m1_portd_init,
+		    gpio_rv32m1_init,
 		    &gpio_rv32m1_portd_data, &gpio_rv32m1_portd_config,
 		    POST_KERNEL, CONFIG_KERNEL_INIT_PRIORITY_DEFAULT,
 		    &gpio_rv32m1_driver_api);
@@ -396,13 +454,21 @@ static const struct gpio_rv32m1_config gpio_rv32m1_porte_config = {
 	.flags = GPIO_INT,
 #else
 	.flags = 0,
+#endif
+	.irq_config_func = gpio_rv32m1_porte_init,
+#ifdef DT_OPENISA_RV32M1_GPIO_GPIO_E_CLOCK_CONTROLLER
+	.clock_controller = DT_OPENISA_RV32M1_GPIO_GPIO_E_CLOCK_CONTROLLER,
+	.clock_subsys = (clock_control_subsys_t)
+			DT_OPENISA_RV32M1_GPIO_GPIO_E_CLOCK_NAME,
+#else
+	.clock_controller = NULL,
 #endif
 };
 
 static struct gpio_rv32m1_data gpio_rv32m1_porte_data;
 
 DEVICE_AND_API_INIT(gpio_rv32m1_porte, DT_OPENISA_RV32M1_GPIO_GPIO_E_LABEL,
-		    gpio_rv32m1_porte_init,
+		    gpio_rv32m1_init,
 		    &gpio_rv32m1_porte_data, &gpio_rv32m1_porte_config,
 		    POST_KERNEL, CONFIG_KERNEL_INIT_PRIORITY_DEFAULT,
 		    &gpio_rv32m1_driver_api);

drivers/i2c/i2c_ll_stm32_v2.c

@@ -284,7 +284,12 @@ static void stm32_i2c_event(struct device *dev)
 	if (LL_I2C_IsActiveFlag_NACK(i2c)) {
 		LL_I2C_ClearFlag_NACK(i2c);
 		data->current.is_nack = 1U;
-		goto end;
+		/*
+		 * AutoEndMode is always disabled in master mode,
+		 * so send a stop condition manually
+		 */
+		LL_I2C_GenerateStopCondition(i2c);
+		return;
 	}
 
 	/* STOP received */

drivers/i2s/i2s_ll_stm32.c

@@ -609,7 +609,7 @@ static void i2s_stm32_isr(void *arg)
 	struct i2s_stm32_data *const dev_data = DEV_DATA(dev);
 	struct stream *stream = &dev_data->rx;
 
-	LOG_ERR("%s: err=%d", __func__, LL_I2S_ReadReg(cfg->i2s, SR));
+	LOG_ERR("%s: err=%d", __func__, (int)LL_I2S_ReadReg(cfg->i2s, SR));
 	stream->state = I2S_STATE_ERROR;
 
 	/* OVR error must be explicitly cleared */

drivers/ieee802154/ieee802154_kw41z.c

@@ -87,8 +87,8 @@ int kw41_dbg_idx;
 #define RADIO_0_IRQ_PRIO		0x0
 #define KW41Z_FCS_LENGTH		2
 #define KW41Z_PSDU_LENGTH		125
-#define KW41Z_OUTPUT_POWER_MAX		2
-#define KW41Z_OUTPUT_POWER_MIN		(-19)
+#define KW41Z_OUTPUT_POWER_MAX		4
+#define KW41Z_OUTPUT_POWER_MIN		(-31)
 
 #define IEEE802154_ACK_LENGTH		5
 
@@ -122,16 +122,28 @@ enum {
 };
 
 /* Lookup table for PA_PWR register */
-static const u8_t pa_pwr_lt[22] = {
-	2, 2, 2, 2, 2, 2,	/* -19:-14 dBm */
-	4, 4, 4,		/* -13:-11 dBm */
-	6, 6, 6,		/* -10:-8 dBm */
-	8, 8,			/* -7:-6 dBm */
-	10, 10,			/* -5:-4 dBm */
-	12,			/* -3 dBm */
-	14, 14,			/* -2:-1 dBm */
-	18, 18,			/* 0:1 dBm */
-	24			/* 2 dBm */
+static const u8_t pa_pwr_lt[] = {
+	1,                   /* -31.1 dBm: -31 */
+	2, 2, 2, 2, 2, 2, 2, /* -25.0 dBm: -30, -29, -28, -27, -26, -25 */
+	4, 4, 4, 4, 4,       /* -19.0 dBm: -24, -23, -22, -21, -20, -19 */
+	6, 6, 6,             /* -15.6 dBm: -18, -17, -16 */
+	8, 8,                /* -13.1 dBm: -15, -14 */
+	10, 10,              /* -11.2 dBm: -13, -12 */
+	12, 12,              /* - 9.6 dBm: -11, -10 */
+	14,                  /* - 8.3 dBm: -9 */
+	16,                  /* - 7.2 dBm: -8 */
+	18,                  /* - 6.2 dBm: -7 */
+	20,                  /* - 5.3 dBm: -6 */
+	22,                  /* - 4.5 dBm: -5 */
+	24,                  /* - 3.8 dBm: -4 */
+	28,                  /* - 2.5 dBm: -3 */
+	30,                  /* - 1.9 dBm: -2 */
+	34,                  /* - 1.0 dBm: -1 */
+	40,                  /* + 0.3 dBm:  0 */
+	44,                  /* + 1.1 dBm: +1 */
+	50,                  /* + 2.1 dBm: +2 */
+	58,                  /* + 3.1 dBm: +3 */
+	62                   /* + 3.5 dBm: +4 */
 };
 
 struct kw41z_context {
@@ -433,13 +445,21 @@ static int kw41z_filter(struct device *dev,
 static int kw41z_set_txpower(struct device *dev, s16_t dbm)
 {
 	if (dbm < KW41Z_OUTPUT_POWER_MIN) {
-		ZLL->PA_PWR = 0;
+		LOG_INF("TX-power %d dBm below min of %d dBm, using %d dBm",
+			    dbm,
+			    KW41Z_OUTPUT_POWER_MIN,
+			    KW41Z_OUTPUT_POWER_MIN);
+		dbm = KW41Z_OUTPUT_POWER_MIN;
 	} else if (dbm > KW41Z_OUTPUT_POWER_MAX) {
-		ZLL->PA_PWR = 30;
-	} else {
-		ZLL->PA_PWR = pa_pwr_lt[dbm - KW41Z_OUTPUT_POWER_MIN];
+		LOG_INF("TX-power %d dBm above max of %d dBm, using %d dBm",
+			    dbm,
+			    KW41Z_OUTPUT_POWER_MAX,
+			    KW41Z_OUTPUT_POWER_MAX);
+		dbm = KW41Z_OUTPUT_POWER_MAX;
 	}
 
+	ZLL->PA_PWR = pa_pwr_lt[dbm - KW41Z_OUTPUT_POWER_MIN];
+
 	return 0;
 }
 

drivers/ieee802154/ieee802154_uart_pipe.c

@@ -15,6 +15,7 @@ LOG_MODULE_REGISTER(LOG_MODULE_NAME);
 #include <kernel.h>
 #include <arch/cpu.h>
 
+#include <random/rand32.h>
 #include <device.h>
 #include <init.h>
 #include <net/net_if.h>

drivers/interrupt_controller/system_apic.c

@@ -18,7 +18,12 @@
 #include <drivers/sysapic.h>
 #include <irq.h>
 
+#ifdef CONFIG_IOAPIC
 #define IS_IOAPIC_IRQ(irq)  (irq < LOAPIC_IRQ_BASE)
+#else
+#define IS_IOAPIC_IRQ(irq)  0
+#endif
+
 #define HARDWARE_IRQ_LIMIT ((LOAPIC_IRQ_BASE + LOAPIC_IRQ_COUNT) - 1)
 
 /**

drivers/modem/wncm14a2a.c

@@ -18,6 +18,7 @@ LOG_MODULE_REGISTER(LOG_DOMAIN);
 #include <gpio.h>
 #include <device.h>
 #include <init.h>
+#include <random/rand32.h>
 
 #include <net/net_context.h>
 #include <net/net_if.h>

drivers/net/slip.c

@@ -30,9 +30,9 @@ LOG_MODULE_REGISTER(LOG_MODULE_NAME);
 #include <net/net_pkt.h>
 #include <net/net_if.h>
 #include <net/net_core.h>
+#include <net/dummy.h>
 #include <console/uart_pipe.h>
-#include <net/ethernet.h>
-#include <net/lldp.h>
+#include <random/rand32.h>
 
 #define SLIP_END     0300
 #define SLIP_ESC     0333
@@ -395,9 +395,13 @@ static void slip_iface_init(struct net_if *iface)
 	struct slip_context *slip = net_if_get_device(iface)->driver_data;
 	struct net_linkaddr *ll_addr;
 
+#if defined(CONFIG_NET_L2_ETHERNET)
 	ethernet_init(iface);
+#endif
 
+#if defined(CONFIG_NET_LLDP)
 	net_lldp_set_lldpdu(iface);
+#endif
 
 	if (slip->init_done) {
 		return;
@@ -429,6 +433,7 @@ use_random_mac:
 
 static struct slip_context slip_context_data;
 
+#if defined(CONFIG_SLIP_TAP)
 static enum ethernet_hw_caps eth_capabilities(struct device *dev)
 {
 	ARG_UNUSED(dev);
@@ -440,7 +445,6 @@ static enum ethernet_hw_caps eth_capabilities(struct device *dev)
 		;
 }
 
-#if defined(CONFIG_SLIP_TAP) && defined(CONFIG_NET_L2_ETHERNET)
 static const struct ethernet_api slip_if_api = {
 	.iface_api.init = slip_iface_init,
 
@@ -458,7 +462,7 @@ ETH_NET_DEVICE_INIT(slip, CONFIG_SLIP_DRV_NAME, slip_init, &slip_context_data,
 #else
 
 static const struct dummy_api slip_if_api = {
-	.iface_init.init = slip_iface_init,
+	.iface_api.init = slip_iface_init,
 
 	.send = slip_send,
 };

drivers/pwm/pwm_nrfx.c

@@ -57,10 +57,11 @@ static u32_t pwm_period_check_and_set(const struct pwm_nrfx_config *config,
 		/* See if there is a prescaler that will make it work: */
 		bool matching_prescaler_found = false;
 
-		/* Go through all available prescaler values on device.
+		/* Go through all available prescaler values on device (skip 0
+		 * here as it is used in the 'else' block).
 		 * nRF52832 has 0-7 (Div1 - Div128)
 		 */
-		for (u8_t prescaler = 0;
+		for (u8_t prescaler = 1;
 		     prescaler <= PWM_PRESCALER_PRESCALER_Msk;
 		     prescaler++) {
 			u32_t new_countertop = period_cycles >> prescaler;
@@ -82,10 +83,10 @@ static u32_t pwm_period_check_and_set(const struct pwm_nrfx_config *config,
 			return -EINVAL;
 		}
 	} else {
-		/* If period_cycles fit with standard prescaler,
-		 * set it directly
+		/* If period_cycles fit the PWM counter without dividing
+		 * the PWM clock, use the zero prescaler.
 		 */
-		data->prescaler = 1U;
+		data->prescaler = 0U;
 		data->countertop = period_cycles;
 		data->period_cycles = period_cycles;
 	}