The mempool mistakenly considers the heap memory as its own
The recurring scenario only occurs in mempool_deinit
test code in hello_main:
int main(int argc, FAR char *argv[])
{
void *a = malloc(1024*64);
void *d[16];
void *heap = mm_initialize("123", a, 1024 * 64);
for (int i = 0; i < 16; i++)
{
d[i] = mm_malloc(heap,32);
}
for (int i = 0; i < 16; i++)
{
if (d[i] != NULL)
mm_free(heap,d[i]);
}
mm_uninitialize(heap);
free(a);
return 0;
}
and crash backtrace
0 _assert (filename=0x4ea20 "mempool/mempool.c", linenum=373, msg=0x0 <up_perf_convert>, regs=0x0 <up_perf_convert>)
at misc/assert.c:551
1 0x0000a32c in __assert (filename=0x4ea20 "mempool/mempool.c", linenum=373, msg=0x0 <mempool_multiple_foreach>)
at assert/lib_assert.c:36
2 0x0000f92c in mempool_release (pool=0x100e7a0, blk=0x100ff80) at mempool/mempool.c:373
3 0x000109ce in mempool_multiple_free (mpool=0x100e6f8, blk=0x100ff80) at mempool/mempool_multiple.c:648
4 0x0000deac in mm_delayfree (heap=0x100e090, mem=0x1010000, delay=false) at mm_heap/mm_free.c:83
5 0x0000e21c in mm_free (heap=0x100e090, mem=0x1010000) at mm_heap/mm_free.c:242
6 0x0001021c in mempool_multiple_free_chunk (mpool=0x100e6f8, ptr=0x1010000) at mempool/mempool_multiple.c:222
7 0x0001048e in mempool_multiple_free_callback (pool=0x100e7a0, addr=0x1010080) at mempool/mempool_multiple.c:291
8 0x0000ff6e in mempool_deinit (pool=0x100e7a0) at mempool/mempool.c:644
9 0x00010cba in mempool_multiple_deinit (mpool=0x100e6f8) at mempool/mempool_multiple.c:883
10 0x0000dd0c in mm_uninitialize (heap=0x100e090) at mm_heap/mm_initialize.c:326
11 0x0002c742 in hello_main (argc=1, argv=0x100d050) at hello_main.c:54
12 0x0000a83e in nxtask_startup (entrypt=0x2c6a5 <hello_main>, argc=1, argv=0x100d050) at sched/task_startup.c:70
13 0x00005272 in nxtask_start () at task/task_start.c:112
Signed-off-by: anjiahao <anjiahao@xiaomi.com>
remove alist, switch to a convenient way to traverse
the physical address directly.
At the same time, we can use `gurad` to mark whether
it is free or alloc or out of bounds check
Signed-off-by: anjiahao <anjiahao@xiaomi.com>
the mempool_alloc and mempool_free function are duplicate with the
mempool method that provided in optee_os, in order to port optee_os, so
we rename the mempool related functions in nuttx
Signed-off-by: guoshichao <guoshichao@xiaomi.com>
Add a common method to format backtrace to buffer, so it can be used by both mm, fs and other possoble modules.
Signed-off-by: fangpeina <fangpeina@xiaomi.com>
make possible enable pool, but disabled in system heap.
also compatible for further extra heap use/not use pool.
Now use MM_HEAP_MEMPOOL_THRESHOLD -1 to indicate pool disabled.
Signed-off-by: buxiasen <buxiasen@xiaomi.com>
If malloc chunk fails, and if malloc fails to dump all memory,
it will cause deadlock in multiple_mempool_info
Signed-off-by: anjiahao <anjiahao@xiaomi.com>
1. command "memdump leak" can dump the leacked memory node;
2. fix the leak memory stat bug in memory manager;
Signed-off-by: wangbowen6 <wangbowen6@xiaomi.com>
1. Update all CMakeLists.txt to adapt to new layout
2. Fix cmake build break
3. Update all new file license
4. Fully compatible with current compilation environment(use configure.sh or cmake as you choose)
------------------
How to test
From within nuttx/. Configure:
cmake -B build -DBOARD_CONFIG=sim/nsh -GNinja
cmake -B build -DBOARD_CONFIG=sim:nsh -GNinja
cmake -B build -DBOARD_CONFIG=sabre-6quad/smp -GNinja
cmake -B build -DBOARD_CONFIG=lm3s6965-ek/qemu-flat -GNinja
(or full path in custom board) :
cmake -B build -DBOARD_CONFIG=$PWD/boards/sim/sim/sim/configs/nsh -GNinja
This uses ninja generator (install with sudo apt install ninja-build). To build:
$ cmake --build build
menuconfig:
$ cmake --build build -t menuconfig
--------------------------
2. cmake/build: reformat the cmake style by cmake-format
https://github.com/cheshirekow/cmake_format
$ pip install cmakelang
$ for i in `find -name CMakeLists.txt`;do cmake-format $i -o $i;done
$ for i in `find -name *\.cmake`;do cmake-format $i -o $i;done
Co-authored-by: Matias N <matias@protobits.dev>
Signed-off-by: chao an <anchao@xiaomi.com>
Add a new field to record the global on the basis of mm_backtrace.
When using alloc, the field is incremented by 1,
so that the memory usage can be dumped within the range
Signed-off-by: anjiahao <anjiahao@xiaomi.com>
This change introduce 2 items:
1. If the size of the space requested is 0, the behavior is implementation-defined:
either a null pointer shall be returned, or the behavior shall be as if the size
were some non-zero value, except that the behavior is undefined if the returned
pointer is used to access an object.
Change the behavior to be similar to Linux and Android and allocates an object
of a minimum size instead of returning null pointer.
https://pubs.opengroup.org/onlinepubs/9699919799/functions/malloc.htmlhttps://pubs.opengroup.org/onlinepubs/9699919799/functions/calloc.htmlhttps://pubs.opengroup.org/onlinepubs/9699919799/functions/realloc.html
2. The description of realloc() has been modified from previous versions of this
standard to align with the ISO/IEC 9899:1999 standard. Previous versions explicitly
permitted a call to realloc (p, 0) to free the space pointed to by p and return
a null pointer. While this behavior could be interpreted as permitted by this
version of the standard, the C language committee have indicated that this
interpretation is incorrect. Applications should assume that if realloc() returns
a null pointer, the space pointed to by p has not been freed. Since this could lead
to double-frees, implementations should also set errno if a null pointer actually
indicates a failure, and applications should only free the space if errno was changed.
Do not free memory of zero-length reallocation is requested
https://pubs.opengroup.org/onlinepubs/9699919799/functions/realloc.html
Co-authored-by: fangxinyong <fangxinyong@xiaomi.com>
Signed-off-by: Petro Karashchenko <petro.karashchenko@gmail.com>