/**************************************************************************** * mm/mm_heap/mm_sem.c * * Licensed to the Apache Software Foundation (ASF) under one or more * contributor license agreements. See the NOTICE file distributed with * this work for additional information regarding copyright ownership. The * ASF licenses this file to you under the Apache License, Version 2.0 (the * "License"); you may not use this file except in compliance with the * License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the * License for the specific language governing permissions and limitations * under the License. * ****************************************************************************/ /**************************************************************************** * Included Files ****************************************************************************/ #include #include #include #include #include #include #include #include "mm_heap/mm.h" /**************************************************************************** * Pre-processor Definitions ****************************************************************************/ /* This is a special value that indicates that there is no holder of the * semaphore. The valid range of PIDs is 0-32767 and any value outside of * that range could be used (except -ESRCH which is a special return value * from getpid()) */ #define NO_HOLDER ((pid_t)-1) /* Define MONITOR_MM_SEMAPHORE to enable semaphore state monitoring */ #ifdef MONITOR_MM_SEMAPHORE # define msemerr _err # define msemwarn _warn # define mseminfo _info #else # define msemerr _none # define msemwarn _none # define mseminfo _none #endif /**************************************************************************** * Public Functions ****************************************************************************/ /**************************************************************************** * Name: mm_seminitialize * * Description: * Initialize the MM mutex * ****************************************************************************/ void mm_seminitialize(FAR struct mm_heap_s *heap) { FAR struct mm_heap_impl_s *heap_impl; DEBUGASSERT(MM_IS_VALID(heap)); heap_impl = heap->mm_impl; /* Initialize the MM semaphore to one (to support one-at-a-time access to * private data sets). */ _SEM_INIT(&heap_impl->mm_semaphore, 0, 1); heap_impl->mm_holder = NO_HOLDER; heap_impl->mm_counts_held = 0; } /**************************************************************************** * Name: mm_trysemaphore * * Description: * Try to take the MM mutex. This is called only from the OS in certain * conditions when it is necessary to have exclusive access to the memory * manager but it is impossible to wait on a semaphore (e.g., the idle * process when it performs its background memory cleanup). * ****************************************************************************/ int mm_trysemaphore(FAR struct mm_heap_s *heap) { FAR struct mm_heap_impl_s *heap_impl; pid_t my_pid = getpid(); int ret; /* getpid() returns the task ID of the task at the head of the ready-to- * run task list. mm_trysemaphore() may be called during context * switches. There are certain situations during context switching when * the OS data structures are in flux and where the current task (i.e., * the task at the head of the ready-to-run task list) is not actually * running. Granting the semaphore access in that case is known to result * in heap corruption as in the following failure scenario. * * ---------------------------- ------------------------------- * TASK A TASK B * ---------------------------- ------------------------------- * Begins memory allocation. * - Holder is set to TASK B * <---- Task B preempted, Task A runs * Task A exits * - Current task set to Task B * Free tcb and stack memory * - Since holder is Task B, * memory manager is re- * entered, and * - Heap is corrupted. * ---------------------------- ------------------------------- * * This is handled by getpid(): If the case where Task B is not actually * running, then getpid() will return the special value -ESRCH. That will * avoid taking the fatal 'if' logic and will fall through to use the * 'else', albeit with a nonsensical PID value. */ DEBUGASSERT(MM_IS_VALID(heap)); heap_impl = heap->mm_impl; if (my_pid < 0) { ret = my_pid; goto errout; } /* Does the current task already hold the semaphore? Is the current * task actually running? */ if (heap_impl->mm_holder == my_pid) { /* Yes, just increment the number of references held by the current * task. */ heap_impl->mm_counts_held++; ret = OK; } else { /* Try to take the semaphore */ ret = _SEM_TRYWAIT(&heap_impl->mm_semaphore); if (ret < 0) { ret = _SEM_ERRVAL(ret); goto errout; } /* We have it. Claim the heap for the current task and return */ heap_impl->mm_holder = my_pid; heap_impl->mm_counts_held = 1; ret = OK; } errout: return ret; } /**************************************************************************** * Name: mm_takesemaphore * * Description: * Take the MM mutex. This is the normal action before all memory * management actions. * ****************************************************************************/ void mm_takesemaphore(FAR struct mm_heap_s *heap) { FAR struct mm_heap_impl_s *heap_impl; pid_t my_pid = getpid(); DEBUGASSERT(MM_IS_VALID(heap)); heap_impl = heap->mm_impl; /* Does the current task already hold the semaphore? */ if (heap_impl->mm_holder == my_pid) { /* Yes, just increment the number of references held by the current * task. */ heap_impl->mm_counts_held++; } else { int ret; /* Take the semaphore (perhaps waiting) */ mseminfo("PID=%d taking\n", my_pid); do { ret = _SEM_WAIT(&heap_impl->mm_semaphore); /* The only case that an error should occur here is if the wait * was awakened by a signal. */ if (ret < 0) { ret = _SEM_ERRVAL(ret); DEBUGASSERT(ret == -EINTR || ret == -ECANCELED); } } while (ret == -EINTR); /* We have it (or some awful, unexpected error occurred). Claim * the semaphore for the current task and return. */ heap_impl->mm_holder = my_pid; heap_impl->mm_counts_held = 1; } mseminfo("Holder=%d count=%d\n", heap_impl->mm_holder, heap_impl->mm_counts_held); } /**************************************************************************** * Name: mm_givesemaphore * * Description: * Release the MM mutex when it is not longer needed. * ****************************************************************************/ void mm_givesemaphore(FAR struct mm_heap_s *heap) { FAR struct mm_heap_impl_s *heap_impl; DEBUGASSERT(MM_IS_VALID(heap)); heap_impl = heap->mm_impl; /* The current task should be holding at least one reference to the * semaphore. */ DEBUGASSERT(heap_impl->mm_holder == getpid()); /* Does the current task hold multiple references to the semaphore */ if (heap_impl->mm_counts_held > 1) { /* Yes, just release one count and return */ heap_impl->mm_counts_held--; mseminfo("Holder=%d count=%d\n", heap_impl->mm_holder, heap_impl->mm_counts_held); } else { /* Nope, this is the last reference held by the current task. */ mseminfo("PID=%d giving\n", getpid()); heap_impl->mm_holder = NO_HOLDER; heap_impl->mm_counts_held = 0; DEBUGVERIFY(_SEM_POST(&heap_impl->mm_semaphore)); } }