u-boot.git/common/dlmalloc.c, branch v2018.07-rc1 Unnamed repository; edit this file 'description' to name the repository. malloc: Use malloc simple before malloc is fully initialized in memalign() 2018-05-26T22:19:19+00:00 Ley Foon Tan ley.foon.tan@intel.com 2018-05-18T10:03:12+00:00 ee038c58d5196dc2eb2be7e08e766c50a7bc2619 Follow implementation in mALLOc(). Check GD_FLG_FULL_MALLOC_INIT flag and use malloc_simple if GD_FLG_FULL_MALLOC_INIT is unset. Adjust the malloc bytes to align with the requested alignment. The original memalign() function will access mchunkptr struct to adjust the alignment if there is misalignment happen, but mchunkptr struct is not being initialized before full malloc is initialized. This cause the system crash. Signed-off-by: Ley Foon Tan <ley.foon.tan@intel.com> Reviewed-by: Marek Vasut <marek.vasut@gmail.com> 
Follow implementation in mALLOc(). Check GD_FLG_FULL_MALLOC_INIT flag and use
malloc_simple if GD_FLG_FULL_MALLOC_INIT is unset. Adjust the malloc bytes
to align with the requested alignment.

The original memalign() function will access mchunkptr struct to adjust the
alignment if there is misalignment happen, but mchunkptr struct is not being
initialized before full malloc is initialized. This cause the system crash.

Signed-off-by: Ley Foon Tan <ley.foon.tan@intel.com>
Reviewed-by: Marek Vasut <marek.vasut@gmail.com>
malloc: don't compare pointers to 0 2017-11-21T01:18:39+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2017-11-10T20:46:34+00:00 a874cac3b45cbb6dd8bad05a5b42912acae6b7e4 0 is not a pointer. So do not compare pointers to 0. Do not return 0 from functions with a pointer return type. Problem identified with Coccinelle. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> 
0 is not a pointer. So do not compare pointers to 0.

Do not return 0 from functions with a pointer return
type.

Problem identified with Coccinelle.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
spl: make SPL and normal u-boot stage use independent SYS_MALLOC_F_LEN 2017-07-27T12:59:03+00:00 Andy Yan andy.yan@rock-chips.com 2017-07-24T09:43:34+00:00 f1896c45cb2f7d8dbed27e784a6459a129fc0762 Some platforms have very limited SRAM to run SPL code, so there may not be the same amount space for a malloc pool before relocation in the SPL stage as the normal U-Boot stage. Make SPL and (the full) U-Boot stage use independent SYS_MALLOC_F_LEN, so the size of pre-relocation malloc pool can be configured memory space independently. Signed-off-by: Andy Yan <andy.yan@rock-chips.com> Reviewed-by: Tom Rini <trini@konsulko.com> Acked-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com> Reviewed-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com> [fixed up commit-message:] Signed-off-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com> 
Some platforms have very limited SRAM to run SPL code, so there may
not be the same amount space for a malloc pool before relocation in
the SPL stage as the normal U-Boot stage.

Make SPL and (the full) U-Boot stage use independent SYS_MALLOC_F_LEN,
so the size of pre-relocation malloc pool can be configured memory
space independently.

Signed-off-by: Andy Yan <andy.yan@rock-chips.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Acked-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Reviewed-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
[fixed up commit-message:]
Signed-off-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
malloc: Turn on DEBUG when enabling unit tests 2017-06-05T18:13:11+00:00 Pantelis Antoniou pantelis.antoniou@konsulko.com 2017-05-25T16:24:06+00:00 4e33316f656bf9a893ad0e828cc9a0acbc0a9d30 Unit tests require mallinfo which in turn requires DEBUG on dlmalloc to be enabled. The dependancy on CONFIG_SANDBOX is wrong. Signed-off-by: Pantelis Antoniou <pantelis.antoniou@konsulko.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Simon Glass <sjg@chromium.org> 
Unit tests require mallinfo which in turn requires DEBUG on
dlmalloc to be enabled.

The dependancy on CONFIG_SANDBOX is wrong.

Signed-off-by: Pantelis Antoniou <pantelis.antoniou@konsulko.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
malloc: improve memalign fragmentation fix 2016-05-23T15:50:17+00:00 Stephen Warren swarren@nvidia.com 2016-04-25T21:55:42+00:00 034eda867f47986e04be13087d193d2c12e3b9aa Commit 4f144a416469 "malloc: work around some memalign fragmentation issues" enhanced memalign() so that it can succeed in more cases where heap fragmentation is present. However, it did not solve as many cases as it could. This patch enhances the code to cover more cases. The alignment code works by allocating more space than the user requests, then adjusting the returned pointer to achieve alignment. In general, one must allocate "alignment" bytes more than the user requested in order to guarantee that alignment is possible. This is what the original code does. The previous enhancement attempted a second allocation if the padded allocation failed, and succeeded if that allocation just happened to be aligned; a fluke that happened often in practice. There are still cases where this could fail, yet where it is still possible to honor the user's allocation request. In particular, if the heap contains a free region that is large enough for the user's request, and for leading padding to ensure alignment, but has no or little space for any trailing padding. In this case, we can make a third(!) allocation attempt after calculating exactly the size of the leading padding required to achieve alignment, which is the minimal over-allocation needed for the overall memalign() operation to succeed if the third and second allocations end up at the same location. This patch isn't checkpatch-clean, since it conforms to the existing coding style in dlmalloc.c, which is different to the rest of U-Boot. Signed-off-by: Stephen Warren <swarren@nvidia.com> Reviewed-by: Tom Rini <trini@konsulko.com> 
Commit 4f144a416469 "malloc: work around some memalign fragmentation
issues" enhanced memalign() so that it can succeed in more cases where
heap fragmentation is present. However, it did not solve as many cases
as it could. This patch enhances the code to cover more cases.

The alignment code works by allocating more space than the user requests,
then adjusting the returned pointer to achieve alignment. In general, one
must allocate "alignment" bytes more than the user requested in order to
guarantee that alignment is possible. This is what the original code does.
The previous enhancement attempted a second allocation if the padded
allocation failed, and succeeded if that allocation just happened to be
aligned; a fluke that happened often in practice. There are still cases
where this could fail, yet where it is still possible to honor the user's
allocation request. In particular, if the heap contains a free region that
is large enough for the user's request, and for leading padding to ensure
alignment, but has no or little space for any trailing padding. In this
case, we can make a third(!) allocation attempt after calculating exactly
the size of the leading padding required to achieve alignment, which is
the minimal over-allocation needed for the overall memalign() operation to
succeed if the third and second allocations end up at the same location.

This patch isn't checkpatch-clean, since it conforms to the existing
coding style in dlmalloc.c, which is different to the rest of U-Boot.

Signed-off-by: Stephen Warren <swarren@nvidia.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
common/dlmalloc.c: Delete content that was moved to malloc.h 2016-04-25T19:10:36+00:00 Robert P. J. Day rpjday@crashcourse.ca 2016-04-21T11:35:55+00:00 4eece2602b6f90e56b900c5ccd0620327c92f4b3 Remove several hundred lines of content surrounded by: #if 0 /* Moved to malloc.h */ ... moved stuff ... #endif /* 0 */ /* Moved to malloc.h */ Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca> Reviewed-by: Tom Rini <trini@konsulko.com> 
Remove several hundred lines of content surrounded by:

#if 0  /* Moved to malloc.h */
... moved stuff ...
#endif /* 0 */                 /* Moved to malloc.h */

Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Reviewed-by: Tom Rini <trini@konsulko.com>
malloc: remove !gd handling 2016-03-08T20:01:47+00:00 Stephen Warren swarren@wwwdotorg.org 2016-03-05T17:30:53+00:00 deff6fb3a7790e93264292982000275e78bb12e5 Following the previous patch, malloc() is never called before gd is set, so we can remove the special-case check for this condition. This reverts commit 854d2b9753e4 "dlmalloc: ensure gd is set for early alloc". Cc: Rabin Vincent <rabin@rab.in> Signed-off-by: Stephen Warren <swarren@wwwdotorg.org> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Simon Glass <sjg@chromium.org> 
Following the previous patch, malloc() is never called before gd is set,
so we can remove the special-case check for this condition.

This reverts commit 854d2b9753e4 "dlmalloc: ensure gd is set for early
alloc".

Cc: Rabin Vincent <rabin@rab.in>
Signed-off-by: Stephen Warren <swarren@wwwdotorg.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
malloc: solve dead code issue in memalign() 2016-02-08T15:22:38+00:00 Stephen Warren swarren@nvidia.com 2016-02-04T18:54:20+00:00 ee05fedc6c89a41cad19b626fcde0b70ad532ea2 The recent change to memalign() caused the allocation failure detection code to be dead code; the "retry" logic is always activated under the same condition that the original failure detection code is, and also fully handles any possible failures. This patch solves the presence of dead code. Two alternatives are possible: a) Delete the now-dead test, and rely on the "retry" path to handle any allocation problems, as it does. b) Make the "retry" path fall through to the existing (currently dead) failure detection code, thus making it not-dead. (b) was chosen since it reduces the diff between U-Boot's and the upstream dlmalloc. This should make it marginally easier to import a new version of dlmalloc in the future. Reported by: Coverity Scan Fixes: 4f144a416469 ("malloc: work around some memalign fragmentation issues") Signed-off-by: Stephen Warren <swarren@nvidia.com> Reviewed-by: Tom Rini <trini@konsulko.com> 
The recent change to memalign() caused the allocation failure detection
code to be dead code; the "retry" logic is always activated under the same
condition that the original failure detection code is, and also fully
handles any possible failures. This patch solves the presence of dead
code.

Two alternatives are possible:

a) Delete the now-dead test, and rely on the "retry" path to handle any
allocation problems, as it does.

b) Make the "retry" path fall through to the existing (currently dead)
failure detection code, thus making it not-dead.

(b) was chosen since it reduces the diff between U-Boot's and the upstream
dlmalloc. This should make it marginally easier to import a new version of
dlmalloc in the future.

Reported by: Coverity Scan
Fixes: 4f144a416469 ("malloc: work around some memalign fragmentation issues")
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
malloc: work around some memalign fragmentation issues 2016-02-01T22:08:43+00:00 Stephen Warren swarren@nvidia.com 2016-01-25T21:03:42+00:00 4f144a416469c6a29127b0656523ae628ea7cbaf Use of memalign can trigger fragmentation issues such as: // Internally, this needs to find a free block quite bit larger than s. // Once the free region is found, any unaligned "padding" immediately // before and after the block is marked free, so that the allocation // takes only s bytes (plus malloc header overhead). p = memalign(a, s); // If there's little fragmentation so far, this allocation is likely // located immediately after p. p2 = malloc(x); free(p); // In theory, this should return the same value for p. However, the hole // left by the free() call is only s in size (plus malloc header overhead) // whereas memalign searches for a larger block in order to guarantee it // can adjust the returned pointer to the alignment requirements. Hence, // the pointer returned, if any, won't be p. If there's little or no space // left after p2, this allocation will fail. p = memalign(a, s); In practice, this issue occurs when running the "dfu" command repeatedly on NVIDIA Tegra boards, since DFU allocates a large 32M data buffer, and then initializes the USB controller. If this is the first time USB has been used in the U-Boot session, this causes a probe of the USB driver, which causes various allocations, including a strdup() of a GPIO name when requesting the VBUS GPIO. When DFU is torn down, the USB driver is left probed, and hence its memory is left allocated. If "dfu" is executed again, allocation of the 32M data buffer fails as described above. In practice, there is a memory hole exactly large enough to hold the 32M data buffer than DFU needs. However, memalign() can't know that in a general way. Given that, it's particularly annoying that the allocation fails! The issue is that memalign() tries to allocate something larger to guarantee the ability to align the returned pointer. This patch modifies memalign() so that if the "general case" over-sized allocation fails, another allocation is attempted, of the exact size the user desired. If that allocation just happens to be aligned in the way the user wants, (and in the case described above, it will be, since the free memory region is located where a previous identical allocation was located), the pointer can be returned. This patch is somewhat related to 806bd245b1ab "dfu: don't keep freeing/reallocating". That patch worked around the issue by removing repeated free/memalign within a single execution of "dfu". However, the same technique can't be applied across multiple invocations, since there's no reason to keep the DFU buffer allocated while DFU isn't running. This patch addresses the root-cause a bit more directly. This problem highlights some of the disadvantages of dynamic allocation and deferred probing of devices. This patch isn't checkpatch-clean, since it conforms to the existing coding style in dlmalloc.c, which is different to the rest of U-Boot. Signed-off-by: Stephen Warren <swarren@nvidia.com> Reviewed-by: Tom Rini <trini@konsulko.com> Acked-by: Lukasz Majewski <l.majewski@samsung.com> 
Use of memalign can trigger fragmentation issues such as:

// Internally, this needs to find a free block quite bit larger than s.
// Once the free region is found, any unaligned "padding" immediately
// before and after the block is marked free, so that the allocation
// takes only s bytes (plus malloc header overhead).
p = memalign(a, s);
// If there's little fragmentation so far, this allocation is likely
// located immediately after p.
p2 = malloc(x);
free(p);
// In theory, this should return the same value for p. However, the hole
// left by the free() call is only s in size (plus malloc header overhead)
// whereas memalign searches for a larger block in order to guarantee it
// can adjust the returned pointer to the alignment requirements. Hence,
// the pointer returned, if any, won't be p. If there's little or no space
// left after p2, this allocation will fail.
p = memalign(a, s);

In practice, this issue occurs when running the "dfu" command repeatedly
on NVIDIA Tegra boards, since DFU allocates a large 32M data buffer, and
then initializes the USB controller. If this is the first time USB has
been used in the U-Boot session, this causes a probe of the USB driver,
which causes various allocations, including a strdup() of a GPIO name
when requesting the VBUS GPIO. When DFU is torn down, the USB driver
is left probed, and hence its memory is left allocated. If "dfu" is
executed again, allocation of the 32M data buffer fails as described
above.

In practice, there is a memory hole exactly large enough to hold the 32M
data buffer than DFU needs. However, memalign() can't know that in a
general way. Given that, it's particularly annoying that the allocation
fails!

The issue is that memalign() tries to allocate something larger to
guarantee the ability to align the returned pointer. This patch modifies
memalign() so that if the "general case" over-sized allocation fails,
another allocation is attempted, of the exact size the user desired. If
that allocation just happens to be aligned in the way the user wants,
(and in the case described above, it will be, since the free memory
region is located where a previous identical allocation was located),
the pointer can be returned.

This patch is somewhat related to 806bd245b1ab "dfu: don't keep
freeing/reallocating". That patch worked around the issue by removing
repeated free/memalign within a single execution of "dfu". However,
the same technique can't be applied across multiple invocations, since
there's no reason to keep the DFU buffer allocated while DFU isn't
running. This patch addresses the root-cause a bit more directly.

This problem highlights some of the disadvantages of dynamic allocation
and deferred probing of devices.

This patch isn't checkpatch-clean, since it conforms to the existing
coding style in dlmalloc.c, which is different to the rest of U-Boot.

Signed-off-by: Stephen Warren <swarren@nvidia.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Acked-by: Lukasz Majewski <l.majewski@samsung.com>
Move initf_malloc() to a common place 2015-04-23T15:05:53+00:00 Simon Glass sjg@chromium.org 2015-02-28T05:06:36+00:00 fb5cf7f16be725aec7ab0016268b3b4e26460bee To allow this function to be used from SPL, move it to the malloc() code. Signed-off-by: Simon Glass <sjg@chromium.org> 
To allow this function to be used from SPL, move it to the malloc()
code.

Signed-off-by: Simon Glass <sjg@chromium.org>