From 88a32c8d9f326ee33568bf04d3d1c5d84a3b4b8b Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Tue, 20 Aug 2019 10:54:06 -0700 Subject: [PATCH 01/27] WIP: Initial overlay of upstream version of umm_malloc over our current version w/o any edits. Using files from: https://github.com/rhempel/umm_malloc/tree/master/src https://github.com/rhempel/c-helper-macros/tree/develop The following file remanents from our old version were removed: umm_malloc.cpp, umm_performance.h, umm_performance.cpp, and umm_stats.h This is intended to be a "compare to" for changes made to upstream version. --- cores/esp8266/umm_malloc/README.md | 109 +- cores/esp8266/umm_malloc/dbglog/LICENSE | 21 + cores/esp8266/umm_malloc/dbglog/README.txt | 1 + cores/esp8266/umm_malloc/dbglog/dbglog.h | 98 + cores/esp8266/umm_malloc/umm_info.c | 152 ++ cores/esp8266/umm_malloc/umm_integrity.c | 132 ++ cores/esp8266/umm_malloc/umm_malloc.c | 621 ++++++ cores/esp8266/umm_malloc/umm_malloc.cpp | 1958 ----------------- cores/esp8266/umm_malloc/umm_malloc.h | 37 +- cores/esp8266/umm_malloc/umm_malloc_cfg.h | 161 +- .../umm_malloc/umm_malloc_cfg_example.h | 176 ++ cores/esp8266/umm_malloc/umm_performance.cpp | 81 - cores/esp8266/umm_malloc/umm_performance.h | 85 - cores/esp8266/umm_malloc/umm_poison.c | 230 ++ cores/esp8266/umm_malloc/umm_stats.h | 36 - 15 files changed, 1578 insertions(+), 2320 deletions(-) create mode 100644 cores/esp8266/umm_malloc/dbglog/LICENSE create mode 100644 cores/esp8266/umm_malloc/dbglog/README.txt create mode 100644 cores/esp8266/umm_malloc/dbglog/dbglog.h create mode 100644 cores/esp8266/umm_malloc/umm_info.c create mode 100644 cores/esp8266/umm_malloc/umm_integrity.c create mode 100644 cores/esp8266/umm_malloc/umm_malloc.c delete mode 100644 cores/esp8266/umm_malloc/umm_malloc.cpp create mode 100644 cores/esp8266/umm_malloc/umm_malloc_cfg_example.h delete mode 100644 cores/esp8266/umm_malloc/umm_performance.cpp delete mode 100644 cores/esp8266/umm_malloc/umm_performance.h create mode 100644 cores/esp8266/umm_malloc/umm_poison.c delete mode 100644 cores/esp8266/umm_malloc/umm_stats.h diff --git a/cores/esp8266/umm_malloc/README.md b/cores/esp8266/umm_malloc/README.md index 1c7805a1cb..23eddcaf8b 100644 --- a/cores/esp8266/umm_malloc/README.md +++ b/cores/esp8266/umm_malloc/README.md @@ -10,18 +10,18 @@ might get expensive. ## Acknowledgements -Joerg Wunsch and the avr-libc provided the first malloc() implementation +Joerg Wunsch and the avr-libc provided the first `malloc()` implementation that I examined in detail. -http://www.nongnu.org/avr-libc +`http://www.nongnu.org/avr-libc` Doug Lea's paper on malloc() was another excellent reference and provides a lot of detail on advanced memory management techniques such as binning. -http://g.oswego.edu/dl/html/malloc.html +`http://g.oswego.edu/dl/html/malloc.html` Bill Dittman provided excellent suggestions, including macros to support -using these functions in critical sections, and for optimizing realloc() +using these functions in critical sections, and for optimizing `realloc()` further by checking to see if the previous block was free and could be used for the new block size. This can help to reduce heap fragmentation significantly. @@ -30,11 +30,73 @@ Yaniv Ankin suggested that a way to dump the current heap condition might be useful. I combined this with an idea from plarroy to also allow checking a free pointer to make sure it's valid. +Dimitry Frank contributed many helpful additions to make things more +robust including a user specified config file and a method of testing +the integrity of the data structures. + +## Usage + +Copy the `umm_malloc_cfg_example.h` file to `umm_malloc_cfg.h` and +make the changes required to support your application. + +The following `#define`s must be set to something useful for the +library to work at all + +- `UMM_MALLOC_CFG_HEAP_ADDR` must be set to the symbol representing + the starting address of the heap. The heap must be + aligned on the natural boundary size of the processor. +- `UMM_MALLOC_CFG_HEAP_SIZE` must be set to the size of the heap. + The heap size must be a multiple of the natural boundary size of + the processor. + +The fit algorithm is defined as either: + +- `UMM_BEST_FIT` which scans the entire free list and looks + for either an exact fit or the smallest block that will + satisfy the request. This is the default fit method. +- `UMM_FIRST_FIT` which scans the entire free list and looks + for the first block that satisfies the request. + +The following `#define`s are disabled by default and should +remain disabled for production use. They are helpful when +testing allocation errors (which are normally due to bugs in +the application code) or for running the test suite when +making changes to the code. + +You can define them in your compiler command line or uncomment +the corresponding entries is `umm_malloc_cfg.h`: + +- `UMM_INFO` is used to include code that allows dumping + the entire heap structure (helpful when there's a problem). + +- `UMM_INTEGRITY_CHECK` is used to include code that + performs an integrity check on the heap structure. It's + up to you to call the `umm_integrity_check()` function. + +- `UMM_POISON_CHECK` is used to include code that + adds some bytes around the memory being allocated that + are filled with known data. If the data is not intact + when the block is checked, then somone has written outside + of the memory block they have been allocated. It is up + to you to call the `umm_poison_check()` function. + +## API + +The following functions are available for your application: + +- `void *umm_malloc( size_t size );` +- `void *umm_calloc( size_t num, size_t size );` +- `void *umm_realloc( void *ptr, size_t size );` +- `void umm_free( void *ptr );` + +They have exactly the same semantics as the corresponding standard library +functions. + ## Background The memory manager assumes the following things: -1. The standard POSIX compliant malloc/realloc/free semantics are used +1. The standard POSIX compliant malloc/calloc/realloc/free semantics are used 1. All memory used by the manager is allocated at link time, it is aligned on a 32 bit boundary, it is contiguous, and its extent (start and end address) is filled in by the linker. @@ -45,17 +107,17 @@ The fastest linked list implementations use doubly linked lists so that its possible to insert and delete blocks in constant time. This memory manager keeps track of both free and used blocks in a doubly linked list. -Most memory managers use some kind of list structure made up of pointers +Most memory managers use a list structure made up of pointers to keep track of used - and sometimes free - blocks of memory. In an embedded system, this can get pretty expensive as each pointer can use up to 32 bits. -In most embedded systems there is no need for managing large blocks -of memory dynamically, so a full 32 bit pointer based data structure +In most embedded systems there is no need for managing a large quantity +of memory block dynamically, so a full 32 bit pointer based data structure for the free and used block lists is wasteful. A block of memory on the free list would use 16 bytes just for the pointers! -This memory management library sees the malloc heap as an array of blocks, +This memory management library sees the heap as an array of blocks, and uses block numbers to keep track of locations. The block numbers are 15 bits - which allows for up to 32767 blocks of memory. The high order bit marks a block as being either free or in use, which will be explained @@ -75,7 +137,7 @@ can always add more data bytes to the body of the memory block at the expense of free block size overhead. There are a lot of little features and optimizations in this memory -management system that makes it especially suited to small embedded, but +management system that makes it especially suited to small systems, and the best way to appreciate them is to review the data structures and algorithms used, so let's get started. @@ -124,10 +186,9 @@ Where: - n is the index of the next block in the heap - p is the index of the previous block in the heap -Note that the free list information is gone, because it's now being used to -store actual data for the application. It would have been nice to store -the next and previous free list indexes as well, but that would be a waste -of space. If we had even 500 items in use, that would be 2,000 bytes for +Note that the free list information is gone because it's now +being used to store actual data for the application. If we had +even 500 items in use, that would be 2,000 bytes for free list information. We simply can't afford to waste that much. The address of the `...` area is what is returned to the application @@ -143,7 +204,7 @@ described. `...` between memory blocks indicates zero or more additional blocks are allocated for use by the upper block. -And while we're talking about "upper" and "lower" blocks, we should make +While we're talking about "upper" and "lower" blocks, we should make a comment about adresses. In the diagrams, a block higher up in the picture is at a lower address. And the blocks grow downwards their block index increases as does their physical address. @@ -166,24 +227,27 @@ we're at the end of the list! At this point, the malloc has a special test that checks if the current block index is 0, which it is. This special case initializes the free -list to point at block index 1. +list to point at block index 1 and then points block 1 to the +last block (lf) on the heap. ``` BEFORE AFTER +----+----+----+----+ +----+----+----+----+ -0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 1 | 0 | +0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 1 | 1 | +----+----+----+----+ +----+----+----+----+ +----+----+----+----+ - 1 | 0 | 0 | 0 | 0 | + 1 |*lf | 0 | 0 | 0 | + +----+----+----+----+ + ... + +----+----+----+----+ + lf | 0 | 1 | 0 | 0 | +----+----+----+----+ ``` The heap is now ready to complete the first malloc operation. - -### Operation of malloc when we have reached the end of the free list and -there is no block large enough to accommodate the request. +### Operation of malloc when we have reached the end of the free list and there is no block large enough to accommodate the request. This happens at the very first malloc operation, or any time the free list is traversed and no free block large enough for the request is @@ -306,8 +370,7 @@ else ``` Step 1 of the free operation checks if the next block is free, and if it -is then insert this block into the free list and assimilate the next block -with this one. +is assimilate the next block with this one. Note that c is the block we are freeing up, cf is the free block that follows it. diff --git a/cores/esp8266/umm_malloc/dbglog/LICENSE b/cores/esp8266/umm_malloc/dbglog/LICENSE new file mode 100644 index 0000000000..25e9200540 --- /dev/null +++ b/cores/esp8266/umm_malloc/dbglog/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2016 Ralph Hempel + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/cores/esp8266/umm_malloc/dbglog/README.txt b/cores/esp8266/umm_malloc/dbglog/README.txt new file mode 100644 index 0000000000..54f86e148c --- /dev/null +++ b/cores/esp8266/umm_malloc/dbglog/README.txt @@ -0,0 +1 @@ +Downloaded from: https://github.com/rhempel/c-helper-macros/tree/develop diff --git a/cores/esp8266/umm_malloc/dbglog/dbglog.h b/cores/esp8266/umm_malloc/dbglog/dbglog.h new file mode 100644 index 0000000000..16f57236ce --- /dev/null +++ b/cores/esp8266/umm_malloc/dbglog/dbglog.h @@ -0,0 +1,98 @@ +/* ---------------------------------------------------------------------------- + * dbglog.h - A set of macros that cleans up code that needs to produce debug + * or log information. + * + * Many embedded systems still put a premium on code space and therefore need + * a way to conditionally compile in debug code. Yes, it can lead to code that + * runs differently depending on whether the debug code is cmpiled in or not + * but you need to be able to evaluate the tradeoff. + * + * See copyright notice in LICENSE.TXT + * ---------------------------------------------------------------------------- + * NOTE WELL that this file may be included multiple times - this allows you + * to set the trace level #define DBGLOG_LEVEL x + * + * To update which of the DBGLOG macros are compiled in, you must redefine the + * DBGLOG_LEVEL macro and the inlcude the dbglog.h file again, like this: + * + * #undef DBGLOG_LEVEL + * #define DBGLOG_LEVEL 6 + * #include "dbglog/dbglog.txt" + * + * To handle multiple inclusion, we need to first undefine any macros we define + * so that the compiler does not warn us that we are changing a macro. + * ---------------------------------------------------------------------------- + * The DBGLOG_LEVEL and DBGLOG_FUNCTION should be defined BEFORE this + * file is included or else the following defaults are used: + * + * #define DBGLOG_LEVEL 0 + * #define DBGLOG_FUNCTION printf + * ---------------------------------------------------------------------------- + * There are macros to handle the following decreasing levels of detail: + * + * 6 = TRACE + * 5 = DEBUG + * 4 = CRITICAL + * 3 = ERROR + * 2 = WARNING + * 1 = INFO + * 0 = FORCE - The DBGLOG_FUNCTION is always compiled in and is called only when + * the first parameter to the macro is non-0 + * ---------------------------------------------------------------------------- + */ + +#undef DBGLOG_TRACE +#undef DBGLOG_DEBUG +#undef DBGLOG_CRITICAL +#undef DBGLOG_ERROR +#undef DBGLOG_WARNING +#undef DBGLOG_INFO +#undef DBGLOG_FORCE + +#ifndef DBGLOG_LEVEL +# define DBGLOG_LEVEL 0 +#endif + +#ifndef DBGLOG_FUNCTION +# define DBGLOG_FUNCTION printf +#endif + +/* ------------------------------------------------------------------------- */ + +#if DBGLOG_LEVEL >= 6 +# define DBGLOG_TRACE(format, ...) DBGLOG_FUNCTION(format, ## __VA_ARGS__) +#else +# define DBGLOG_TRACE(format, ...) +#endif + +#if DBGLOG_LEVEL >= 5 +# define DBGLOG_DEBUG(format, ...) DBGLOG_FUNCTION(format, ## __VA_ARGS__) +#else +# define DBGLOG_DEBUG(format, ...) +#endif + +#if DBGLOG_LEVEL >= 4 +# define DBGLOG_CRITICAL(format, ...) DBGLOG_FUNCTION(format, ## __VA_ARGS__) +#else +# define DBGLOG_CRITICAL(format, ...) +#endif + +#if DBGLOG_LEVEL >= 3 +# define DBGLOG_ERROR(format, ...) DBGLOG_FUNCTION(format, ## __VA_ARGS__) +#else +# define DBGLOG_ERROR(format, ...) +#endif + +#if DBGLOG_LEVEL >= 2 +# define DBGLOG_WARNING(format, ...) DBGLOG_FUNCTION(format, ## __VA_ARGS__) +#else +# define DBGLOG_WARNING(format, ...) +#endif + +#if DBGLOG_LEVEL >= 1 +# define DBGLOG_INFO(format, ...) DBGLOG_FUNCTION(format, ## __VA_ARGS__) +#else +# define DBGLOG_INFO(format, ...) +#endif + +#define DBGLOG_FORCE(force, format, ...) {if(force) {DBGLOG_FUNCTION(format, ## __VA_ARGS__);}} diff --git a/cores/esp8266/umm_malloc/umm_info.c b/cores/esp8266/umm_malloc/umm_info.c new file mode 100644 index 0000000000..6868c00e8d --- /dev/null +++ b/cores/esp8266/umm_malloc/umm_info.c @@ -0,0 +1,152 @@ +#ifdef UMM_INFO + +/* ---------------------------------------------------------------------------- + * One of the coolest things about this little library is that it's VERY + * easy to get debug information about the memory heap by simply iterating + * through all of the memory blocks. + * + * As you go through all the blocks, you can check to see if it's a free + * block by looking at the high order bit of the next block index. You can + * also see how big the block is by subtracting the next block index from + * the current block number. + * + * The umm_info function does all of that and makes the results available + * in the ummHeapInfo structure. + * ---------------------------------------------------------------------------- + */ + +UMM_HEAP_INFO ummHeapInfo; + +void *umm_info( void *ptr, int force ) { + + unsigned short int blockNo = 0; + + /* Protect the critical section... */ + UMM_CRITICAL_ENTRY(); + + /* + * Clear out all of the entries in the ummHeapInfo structure before doing + * any calculations.. + */ + memset( &ummHeapInfo, 0, sizeof( ummHeapInfo ) ); + + DBGLOG_FORCE( force, "+----------+-------+--------+--------+-------+--------+--------+\n" ); + DBGLOG_FORCE( force, "|0x%08lx|B %5i|NB %5i|PB %5i|Z %5i|NF %5i|PF %5i|\n", + (unsigned long)(&UMM_BLOCK(blockNo)), + blockNo, + UMM_NBLOCK(blockNo) & UMM_BLOCKNO_MASK, + UMM_PBLOCK(blockNo), + (UMM_NBLOCK(blockNo) & UMM_BLOCKNO_MASK )-blockNo, + UMM_NFREE(blockNo), + UMM_PFREE(blockNo) ); + + /* + * Now loop through the block lists, and keep track of the number and size + * of used and free blocks. The terminating condition is an nb pointer with + * a value of zero... + */ + + blockNo = UMM_NBLOCK(blockNo) & UMM_BLOCKNO_MASK; + + while( UMM_NBLOCK(blockNo) & UMM_BLOCKNO_MASK ) { + size_t curBlocks = (UMM_NBLOCK(blockNo) & UMM_BLOCKNO_MASK )-blockNo; + + ++ummHeapInfo.totalEntries; + ummHeapInfo.totalBlocks += curBlocks; + + /* Is this a free block? */ + + if( UMM_NBLOCK(blockNo) & UMM_FREELIST_MASK ) { + ++ummHeapInfo.freeEntries; + ummHeapInfo.freeBlocks += curBlocks; + + if (ummHeapInfo.maxFreeContiguousBlocks < curBlocks) { + ummHeapInfo.maxFreeContiguousBlocks = curBlocks; + } + + DBGLOG_FORCE( force, "|0x%08lx|B %5i|NB %5i|PB %5i|Z %5u|NF %5i|PF %5i|\n", + (unsigned long)(&UMM_BLOCK(blockNo)), + blockNo, + UMM_NBLOCK(blockNo) & UMM_BLOCKNO_MASK, + UMM_PBLOCK(blockNo), + (unsigned int)curBlocks, + UMM_NFREE(blockNo), + UMM_PFREE(blockNo) ); + + /* Does this block address match the ptr we may be trying to free? */ + + if( ptr == &UMM_BLOCK(blockNo) ) { + + /* Release the critical section... */ + UMM_CRITICAL_EXIT(); + + return( ptr ); + } + } else { + ++ummHeapInfo.usedEntries; + ummHeapInfo.usedBlocks += curBlocks; + + DBGLOG_FORCE( force, "|0x%08lx|B %5i|NB %5i|PB %5i|Z %5u|\n", + (unsigned long)(&UMM_BLOCK(blockNo)), + blockNo, + UMM_NBLOCK(blockNo) & UMM_BLOCKNO_MASK, + UMM_PBLOCK(blockNo), + (unsigned int)curBlocks ); + } + + blockNo = UMM_NBLOCK(blockNo) & UMM_BLOCKNO_MASK; + } + + /* + * Update the accounting totals with information from the last block, the + * rest must be free! + */ + + { + size_t curBlocks = UMM_NUMBLOCKS-blockNo; + ummHeapInfo.freeBlocks += curBlocks; + ummHeapInfo.totalBlocks += curBlocks; + + if (ummHeapInfo.maxFreeContiguousBlocks < curBlocks) { + ummHeapInfo.maxFreeContiguousBlocks = curBlocks; + } + } + + DBGLOG_FORCE( force, "|0x%08lx|B %5i|NB %5i|PB %5i|Z %5i|NF %5i|PF %5i|\n", + (unsigned long)(&UMM_BLOCK(blockNo)), + blockNo, + UMM_NBLOCK(blockNo) & UMM_BLOCKNO_MASK, + UMM_PBLOCK(blockNo), + UMM_NUMBLOCKS-blockNo, + UMM_NFREE(blockNo), + UMM_PFREE(blockNo) ); + + DBGLOG_FORCE( force, "+----------+-------+--------+--------+-------+--------+--------+\n" ); + + DBGLOG_FORCE( force, "Total Entries %5i Used Entries %5i Free Entries %5i\n", + ummHeapInfo.totalEntries, + ummHeapInfo.usedEntries, + ummHeapInfo.freeEntries ); + + DBGLOG_FORCE( force, "Total Blocks %5i Used Blocks %5i Free Blocks %5i\n", + ummHeapInfo.totalBlocks, + ummHeapInfo.usedBlocks, + ummHeapInfo.freeBlocks ); + + DBGLOG_FORCE( force, "+--------------------------------------------------------------+\n" ); + + /* Release the critical section... */ + UMM_CRITICAL_EXIT(); + + return( NULL ); +} + +/* ------------------------------------------------------------------------ */ + +size_t umm_free_heap_size( void ) { + umm_info(NULL, 0); + return (size_t)ummHeapInfo.freeBlocks * sizeof(umm_block); +} + +/* ------------------------------------------------------------------------ */ +#endif diff --git a/cores/esp8266/umm_malloc/umm_integrity.c b/cores/esp8266/umm_malloc/umm_integrity.c new file mode 100644 index 0000000000..27dad7f52e --- /dev/null +++ b/cores/esp8266/umm_malloc/umm_integrity.c @@ -0,0 +1,132 @@ +/* integrity check (UMM_INTEGRITY_CHECK) {{{ */ +#if defined(UMM_INTEGRITY_CHECK) +/* + * Perform integrity check of the whole heap data. Returns 1 in case of + * success, 0 otherwise. + * + * First of all, iterate through all free blocks, and check that all backlinks + * match (i.e. if block X has next free block Y, then the block Y should have + * previous free block set to X). + * + * Additionally, we check that each free block is correctly marked with + * `UMM_FREELIST_MASK` on the `next` pointer: during iteration through free + * list, we mark each free block by the same flag `UMM_FREELIST_MASK`, but + * on `prev` pointer. We'll check and unmark it later. + * + * Then, we iterate through all blocks in the heap, and similarly check that + * all backlinks match (i.e. if block X has next block Y, then the block Y + * should have previous block set to X). + * + * But before checking each backlink, we check that the `next` and `prev` + * pointers are both marked with `UMM_FREELIST_MASK`, or both unmarked. + * This way, we ensure that the free flag is in sync with the free pointers + * chain. + */ +int umm_integrity_check(void) { + int ok = 1; + unsigned short int prev; + unsigned short int cur; + + if (umm_heap == NULL) { + umm_init(); + } + + /* Iterate through all free blocks */ + prev = 0; + while(1) { + cur = UMM_NFREE(prev); + + /* Check that next free block number is valid */ + if (cur >= UMM_NUMBLOCKS) { + printf("heap integrity broken: too large next free num: %d " + "(in block %d, addr 0x%lx)\n", cur, prev, + (unsigned long)&UMM_NBLOCK(prev)); + ok = 0; + goto clean; + } + if (cur == 0) { + /* No more free blocks */ + break; + } + + /* Check if prev free block number matches */ + if (UMM_PFREE(cur) != prev) { + printf("heap integrity broken: free links don't match: " + "%d -> %d, but %d -> %d\n", + prev, cur, cur, UMM_PFREE(cur)); + ok = 0; + goto clean; + } + + UMM_PBLOCK(cur) |= UMM_FREELIST_MASK; + + prev = cur; + } + + /* Iterate through all blocks */ + prev = 0; + while(1) { + cur = UMM_NBLOCK(prev) & UMM_BLOCKNO_MASK; + + /* Check that next block number is valid */ + if (cur >= UMM_NUMBLOCKS) { + printf("heap integrity broken: too large next block num: %d " + "(in block %d, addr 0x%lx)\n", cur, prev, + (unsigned long)&UMM_NBLOCK(prev)); + ok = 0; + goto clean; + } + if (cur == 0) { + /* No more blocks */ + break; + } + + /* make sure the free mark is appropriate, and unmark it */ + if ((UMM_NBLOCK(cur) & UMM_FREELIST_MASK) + != (UMM_PBLOCK(cur) & UMM_FREELIST_MASK)) + { + printf("heap integrity broken: mask wrong at addr 0x%lx: n=0x%x, p=0x%x\n", + (unsigned long)&UMM_NBLOCK(cur), + (UMM_NBLOCK(cur) & UMM_FREELIST_MASK), + (UMM_PBLOCK(cur) & UMM_FREELIST_MASK) + ); + ok = 0; + goto clean; + } + + /* make sure the block list is sequential */ + if (cur <= prev ) { + printf("heap integrity broken: next block %d is before prev this one " + "(in block %d, addr 0x%lx)\n", cur, prev, + (unsigned long)&UMM_NBLOCK(prev)); + ok = 0; + goto clean; + } + +/* unmark */ + UMM_PBLOCK(cur) &= UMM_BLOCKNO_MASK; + + /* Check if prev block number matches */ + if (UMM_PBLOCK(cur) != prev) { + printf("heap integrity broken: block links don't match: " + "%d -> %d, but %d -> %d\n", + prev, cur, cur, UMM_PBLOCK(cur)); + ok = 0; + goto clean; + } + + prev = cur; + } + +clean: + if (!ok){ + UMM_HEAP_CORRUPTION_CB(); + } + return ok; +} + +#endif +/* }}} */ + + + diff --git a/cores/esp8266/umm_malloc/umm_malloc.c b/cores/esp8266/umm_malloc/umm_malloc.c new file mode 100644 index 0000000000..9faec2afc1 --- /dev/null +++ b/cores/esp8266/umm_malloc/umm_malloc.c @@ -0,0 +1,621 @@ +/* ---------------------------------------------------------------------------- + * umm_malloc.c - a memory allocator for embedded systems (microcontrollers) + * + * See LICENSE for copyright notice + * See README.md for acknowledgements and description of internals + * ---------------------------------------------------------------------------- + * + * R.Hempel 2007-09-22 - Original + * R.Hempel 2008-12-11 - Added MIT License biolerplate + * - realloc() now looks to see if previous block is free + * - made common operations functions + * R.Hempel 2009-03-02 - Added macros to disable tasking + * - Added function to dump heap and check for valid free + * pointer + * R.Hempel 2009-03-09 - Changed name to umm_malloc to avoid conflicts with + * the mm_malloc() library functions + * - Added some test code to assimilate a free block + * with the very block if possible. Complicated and + * not worth the grief. + * D.Frank 2014-04-02 - Fixed heap configuration when UMM_TEST_MAIN is NOT set, + * added user-dependent configuration file umm_malloc_cfg.h + * R.Hempel 2016-12-04 - Add support for Unity test framework + * - Reorganize source files to avoid redundant content + * - Move integrity and poison checking to separate file + * R.Hempel 2017-12-29 - Fix bug in realloc when requesting a new block that + * results in OOM error - see Issue 11 + * ---------------------------------------------------------------------------- + */ + +#include +#include + +#include "umm_malloc.h" + +#include "umm_malloc_cfg.h" /* user-dependent */ + +/* Use the default DBGLOG_LEVEL and DBGLOG_FUNCTION */ + +#define DBGLOG_LEVEL 0 + +#include "dbglog/dbglog.h" + +/* ------------------------------------------------------------------------- */ + +UMM_H_ATTPACKPRE typedef struct umm_ptr_t { + unsigned short int next; + unsigned short int prev; +} UMM_H_ATTPACKSUF umm_ptr; + + +UMM_H_ATTPACKPRE typedef struct umm_block_t { + union { + umm_ptr used; + } header; + union { + umm_ptr free; + unsigned char data[4]; + } body; +} UMM_H_ATTPACKSUF umm_block; + +#define UMM_FREELIST_MASK (0x8000) +#define UMM_BLOCKNO_MASK (0x7FFF) + +/* ------------------------------------------------------------------------- */ + +umm_block *umm_heap = NULL; +unsigned short int umm_numblocks = 0; + +#define UMM_NUMBLOCKS (umm_numblocks) + +/* ------------------------------------------------------------------------ */ + +#define UMM_BLOCK(b) (umm_heap[b]) + +#define UMM_NBLOCK(b) (UMM_BLOCK(b).header.used.next) +#define UMM_PBLOCK(b) (UMM_BLOCK(b).header.used.prev) +#define UMM_NFREE(b) (UMM_BLOCK(b).body.free.next) +#define UMM_PFREE(b) (UMM_BLOCK(b).body.free.prev) +#define UMM_DATA(b) (UMM_BLOCK(b).body.data) + +/* ------------------------------------------------------------------------- + * There are additional files that may be included here - normally it's + * not a good idea to include .c files but in this case it keeps the + * main umm_malloc file clear and prevents issues with exposing internal + * data structures to other programs. + * ------------------------------------------------------------------------- + */ + +#include "umm_integrity.c" +#include "umm_poison.c" +#include "umm_info.c" + +/* ------------------------------------------------------------------------ */ + +static unsigned short int umm_blocks( size_t size ) { + + /* + * The calculation of the block size is not too difficult, but there are + * a few little things that we need to be mindful of. + * + * When a block removed from the free list, the space used by the free + * pointers is available for data. That's what the first calculation + * of size is doing. + */ + + if( size <= (sizeof(((umm_block *)0)->body)) ) + return( 1 ); + + /* + * If it's for more than that, then we need to figure out the number of + * additional whole blocks the size of an umm_block are required. + */ + + size -= ( 1 + (sizeof(((umm_block *)0)->body)) ); + + return( 2 + size/(sizeof(umm_block)) ); +} + +/* ------------------------------------------------------------------------ */ +/* + * Split the block `c` into two blocks: `c` and `c + blocks`. + * + * - `new_freemask` should be `0` if `c + blocks` used, or `UMM_FREELIST_MASK` + * otherwise. + * + * Note that free pointers are NOT modified by this function. + */ +static void umm_split_block( unsigned short int c, + unsigned short int blocks, + unsigned short int new_freemask ) { + + UMM_NBLOCK(c+blocks) = (UMM_NBLOCK(c) & UMM_BLOCKNO_MASK) | new_freemask; + UMM_PBLOCK(c+blocks) = c; + + UMM_PBLOCK(UMM_NBLOCK(c) & UMM_BLOCKNO_MASK) = (c+blocks); + UMM_NBLOCK(c) = (c+blocks); +} + +/* ------------------------------------------------------------------------ */ + +static void umm_disconnect_from_free_list( unsigned short int c ) { + /* Disconnect this block from the FREE list */ + + UMM_NFREE(UMM_PFREE(c)) = UMM_NFREE(c); + UMM_PFREE(UMM_NFREE(c)) = UMM_PFREE(c); + + /* And clear the free block indicator */ + + UMM_NBLOCK(c) &= (~UMM_FREELIST_MASK); +} + +/* ------------------------------------------------------------------------ + * The umm_assimilate_up() function assumes that UMM_NBLOCK(c) does NOT + * have the UMM_FREELIST_MASK bit set! + */ + +static void umm_assimilate_up( unsigned short int c ) { + + if( UMM_NBLOCK(UMM_NBLOCK(c)) & UMM_FREELIST_MASK ) { + /* + * The next block is a free block, so assimilate up and remove it from + * the free list + */ + + DBGLOG_DEBUG( "Assimilate up to next block, which is FREE\n" ); + + /* Disconnect the next block from the FREE list */ + + umm_disconnect_from_free_list( UMM_NBLOCK(c) ); + + /* Assimilate the next block with this one */ + + UMM_PBLOCK(UMM_NBLOCK(UMM_NBLOCK(c)) & UMM_BLOCKNO_MASK) = c; + UMM_NBLOCK(c) = UMM_NBLOCK(UMM_NBLOCK(c)) & UMM_BLOCKNO_MASK; + } +} + +/* ------------------------------------------------------------------------ + * The umm_assimilate_down() function assumes that UMM_NBLOCK(c) does NOT + * have the UMM_FREELIST_MASK bit set! + */ + +static unsigned short int umm_assimilate_down( unsigned short int c, unsigned short int freemask ) { + + UMM_NBLOCK(UMM_PBLOCK(c)) = UMM_NBLOCK(c) | freemask; + UMM_PBLOCK(UMM_NBLOCK(c)) = UMM_PBLOCK(c); + + return( UMM_PBLOCK(c) ); +} + +/* ------------------------------------------------------------------------- */ + +void umm_init( void ) { + /* init heap pointer and size, and memset it to 0 */ + umm_heap = (umm_block *)UMM_MALLOC_CFG_HEAP_ADDR; + umm_numblocks = (UMM_MALLOC_CFG_HEAP_SIZE / sizeof(umm_block)); + memset(umm_heap, 0x00, UMM_MALLOC_CFG_HEAP_SIZE); + + /* setup initial blank heap structure */ + { + /* index of the 0th `umm_block` */ + const unsigned short int block_0th = 0; + /* index of the 1st `umm_block` */ + const unsigned short int block_1th = 1; + /* index of the latest `umm_block` */ + const unsigned short int block_last = UMM_NUMBLOCKS - 1; + + /* setup the 0th `umm_block`, which just points to the 1st */ + UMM_NBLOCK(block_0th) = block_1th; + UMM_NFREE(block_0th) = block_1th; + UMM_PFREE(block_0th) = block_1th; + + /* + * Now, we need to set the whole heap space as a huge free block. We should + * not touch the 0th `umm_block`, since it's special: the 0th `umm_block` + * is the head of the free block list. It's a part of the heap invariant. + * + * See the detailed explanation at the beginning of the file. + */ + + /* + * 1th `umm_block` has pointers: + * + * - next `umm_block`: the latest one + * - prev `umm_block`: the 0th + * + * Plus, it's a free `umm_block`, so we need to apply `UMM_FREELIST_MASK` + * + * And it's the last free block, so the next free block is 0. + */ + UMM_NBLOCK(block_1th) = block_last | UMM_FREELIST_MASK; + UMM_NFREE(block_1th) = 0; + UMM_PBLOCK(block_1th) = block_0th; + UMM_PFREE(block_1th) = block_0th; + + /* + * latest `umm_block` has pointers: + * + * - next `umm_block`: 0 (meaning, there are no more `umm_blocks`) + * - prev `umm_block`: the 1st + * + * It's not a free block, so we don't touch NFREE / PFREE at all. + */ + UMM_NBLOCK(block_last) = 0; + UMM_PBLOCK(block_last) = block_1th; + } +} + +/* ------------------------------------------------------------------------ */ + +void umm_free( void *ptr ) { + + unsigned short int c; + + /* If we're being asked to free a NULL pointer, well that's just silly! */ + + if( (void *)0 == ptr ) { + DBGLOG_DEBUG( "free a null pointer -> do nothing\n" ); + + return; + } + + /* + * FIXME: At some point it might be a good idea to add a check to make sure + * that the pointer we're being asked to free up is actually within + * the umm_heap! + * + * NOTE: See the new umm_info() function that you can use to see if a ptr is + * on the free list! + */ + + /* Protect the critical section... */ + UMM_CRITICAL_ENTRY(); + + /* Figure out which block we're in. Note the use of truncated division... */ + + c = (((char *)ptr)-(char *)(&(umm_heap[0])))/sizeof(umm_block); + + DBGLOG_DEBUG( "Freeing block %6i\n", c ); + + /* Now let's assimilate this block with the next one if possible. */ + + umm_assimilate_up( c ); + + /* Then assimilate with the previous block if possible */ + + if( UMM_NBLOCK(UMM_PBLOCK(c)) & UMM_FREELIST_MASK ) { + + DBGLOG_DEBUG( "Assimilate down to next block, which is FREE\n" ); + + c = umm_assimilate_down(c, UMM_FREELIST_MASK); + } else { + /* + * The previous block is not a free block, so add this one to the head + * of the free list + */ + + DBGLOG_DEBUG( "Just add to head of free list\n" ); + + UMM_PFREE(UMM_NFREE(0)) = c; + UMM_NFREE(c) = UMM_NFREE(0); + UMM_PFREE(c) = 0; + UMM_NFREE(0) = c; + + UMM_NBLOCK(c) |= UMM_FREELIST_MASK; + } + + /* Release the critical section... */ + UMM_CRITICAL_EXIT(); +} + +/* ------------------------------------------------------------------------ */ + +void *umm_malloc( size_t size ) { + unsigned short int blocks; + unsigned short int blockSize = 0; + + unsigned short int bestSize; + unsigned short int bestBlock; + + unsigned short int cf; + + if (umm_heap == NULL) { + umm_init(); + } + + /* + * the very first thing we do is figure out if we're being asked to allocate + * a size of 0 - and if we are we'll simply return a null pointer. if not + * then reduce the size by 1 byte so that the subsequent calculations on + * the number of blocks to allocate are easier... + */ + + if( 0 == size ) { + DBGLOG_DEBUG( "malloc a block of 0 bytes -> do nothing\n" ); + + return( (void *)NULL ); + } + + /* Protect the critical section... */ + UMM_CRITICAL_ENTRY(); + + blocks = umm_blocks( size ); + + /* + * Now we can scan through the free list until we find a space that's big + * enough to hold the number of blocks we need. + * + * This part may be customized to be a best-fit, worst-fit, or first-fit + * algorithm + */ + + cf = UMM_NFREE(0); + + bestBlock = UMM_NFREE(0); + bestSize = 0x7FFF; + + while( cf ) { + blockSize = (UMM_NBLOCK(cf) & UMM_BLOCKNO_MASK) - cf; + + DBGLOG_TRACE( "Looking at block %6i size %6i\n", cf, blockSize ); + +#if defined UMM_BEST_FIT + if( (blockSize >= blocks) && (blockSize < bestSize) ) { + bestBlock = cf; + bestSize = blockSize; + } +#elif defined UMM_FIRST_FIT + /* This is the first block that fits! */ + if( (blockSize >= blocks) ) + break; +#else +# error "No UMM_*_FIT is defined - check umm_malloc_cfg.h" +#endif + + cf = UMM_NFREE(cf); + } + + if( 0x7FFF != bestSize ) { + cf = bestBlock; + blockSize = bestSize; + } + + if( UMM_NBLOCK(cf) & UMM_BLOCKNO_MASK && blockSize >= blocks ) { + /* + * This is an existing block in the memory heap, we just need to split off + * what we need, unlink it from the free list and mark it as in use, and + * link the rest of the block back into the freelist as if it was a new + * block on the free list... + */ + + if( blockSize == blocks ) { + /* It's an exact fit and we don't neet to split off a block. */ + DBGLOG_DEBUG( "Allocating %6i blocks starting at %6i - exact\n", blocks, cf ); + + /* Disconnect this block from the FREE list */ + + umm_disconnect_from_free_list( cf ); + + } else { + /* It's not an exact fit and we need to split off a block. */ + DBGLOG_DEBUG( "Allocating %6i blocks starting at %6i - existing\n", blocks, cf ); + + /* + * split current free block `cf` into two blocks. The first one will be + * returned to user, so it's not free, and the second one will be free. + */ + umm_split_block( cf, blocks, UMM_FREELIST_MASK /*new block is free*/ ); + + /* + * `umm_split_block()` does not update the free pointers (it affects + * only free flags), but effectively we've just moved beginning of the + * free block from `cf` to `cf + blocks`. So we have to adjust pointers + * to and from adjacent free blocks. + */ + + /* previous free block */ + UMM_NFREE( UMM_PFREE(cf) ) = cf + blocks; + UMM_PFREE( cf + blocks ) = UMM_PFREE(cf); + + /* next free block */ + UMM_PFREE( UMM_NFREE(cf) ) = cf + blocks; + UMM_NFREE( cf + blocks ) = UMM_NFREE(cf); + } + } else { + /* Out of memory */ + + DBGLOG_DEBUG( "Can't allocate %5i blocks\n", blocks ); + + /* Release the critical section... */ + UMM_CRITICAL_EXIT(); + + return( (void *)NULL ); + } + + /* Release the critical section... */ + UMM_CRITICAL_EXIT(); + + return( (void *)&UMM_DATA(cf) ); +} + +/* ------------------------------------------------------------------------ */ + +void *umm_realloc( void *ptr, size_t size ) { + + unsigned short int blocks; + unsigned short int blockSize; + unsigned short int prevBlockSize = 0; + unsigned short int nextBlockSize = 0; + + unsigned short int c; + + size_t curSize; + + if (umm_heap == NULL) { + umm_init(); + } + + /* + * This code looks after the case of a NULL value for ptr. The ANSI C + * standard says that if ptr is NULL and size is non-zero, then we've + * got to work the same a malloc(). If size is also 0, then our version + * of malloc() returns a NULL pointer, which is OK as far as the ANSI C + * standard is concerned. + */ + + if( ((void *)NULL == ptr) ) { + DBGLOG_DEBUG( "realloc the NULL pointer - call malloc()\n" ); + + return( umm_malloc(size) ); + } + + /* + * Now we're sure that we have a non_NULL ptr, but we're not sure what + * we should do with it. If the size is 0, then the ANSI C standard says that + * we should operate the same as free. + */ + + if( 0 == size ) { + DBGLOG_DEBUG( "realloc to 0 size, just free the block\n" ); + + umm_free( ptr ); + + return( (void *)NULL ); + } + + /* + * Otherwise we need to actually do a reallocation. A naiive approach + * would be to malloc() a new block of the correct size, copy the old data + * to the new block, and then free the old block. + * + * While this will work, we end up doing a lot of possibly unnecessary + * copying. So first, let's figure out how many blocks we'll need. + */ + + blocks = umm_blocks( size ); + + /* Figure out which block we're in. Note the use of truncated division... */ + + c = (((char *)ptr)-(char *)(&(umm_heap[0])))/sizeof(umm_block); + + /* Figure out how big this block is ... the free bit is not set :-) */ + + blockSize = (UMM_NBLOCK(c) - c); + + /* Figure out how many bytes are in this block */ + + curSize = (blockSize*sizeof(umm_block))-(sizeof(((umm_block *)0)->header)); + + /* Protect the critical section... */ + UMM_CRITICAL_ENTRY(); + + /* Now figure out if the previous and/or next blocks are free as well as + * their sizes - this will help us to minimize special code later when we + * decide if it's possible to use the adjacent blocks. + * + * We set prevBlockSize and nextBlockSize to non-zero values ONLY if they + * are free! + */ + + if ((UMM_NBLOCK(UMM_NBLOCK(c)) & UMM_FREELIST_MASK)) { + nextBlockSize = (UMM_NBLOCK(UMM_NBLOCK(c)) & UMM_BLOCKNO_MASK) - UMM_NBLOCK(c); + } + + if ((UMM_NBLOCK(UMM_PBLOCK(c)) & UMM_FREELIST_MASK)) { + prevBlockSize = (c - UMM_PBLOCK(c)); + } + + DBGLOG_DEBUG( "realloc blocks %i blockSize %i nextBlockSize %i prevBlockSize %i\n", blocks, blockSize, nextBlockSize, prevBlockSize ); + + /* + * Ok, now that we're here we know how many blocks we want and the current + * blockSize. The prevBlockSize and nextBlockSize are set and we can figure + * out the best strategy for the new allocation as follows: + * + * 1. If the new block is the same size or smaller than the current block do + * nothing. + * 2. If the next block is free and adding it to the current block gives us + * enough memory, assimilate the next block. + * 3. If the prev block is free and adding it to the current block gives us + * enough memory, remove the previous block from the free list, assimilate + * it, copy to the new block. + * 4. If the prev and next blocks are free and adding them to the current + * block gives us enough memory, assimilate the next block, remove the + * previous block from the free list, assimilate it, copy to the new block. + * 5. Otherwise try to allocate an entirely new block of memory. If the + * allocation works free the old block and return the new pointer. If + * the allocation fails, return NULL and leave the old block intact. + * + * All that's left to do is decide if the fit was exact or not. If the fit + * was not exact, then split the memory block so that we use only the requested + * number of blocks and add what's left to the free list. + */ + + if (blockSize >= blocks) { + DBGLOG_DEBUG( "realloc the same or smaller size block - %i, do nothing\n", blocks ); + /* This space intentionally left blank */ + } else if ((blockSize + nextBlockSize) >= blocks) { + DBGLOG_DEBUG( "realloc using next block - %i\n", blocks ); + umm_assimilate_up( c ); + blockSize += nextBlockSize; + } else if ((prevBlockSize + blockSize) >= blocks) { + DBGLOG_DEBUG( "realloc using prev block - %i\n", blocks ); + umm_disconnect_from_free_list( UMM_PBLOCK(c) ); + c = umm_assimilate_down(c, 0); + memmove( (void *)&UMM_DATA(c), ptr, curSize ); + ptr = (void *)&UMM_DATA(c); + blockSize += prevBlockSize; + } else if ((prevBlockSize + blockSize + nextBlockSize) >= blocks) { + DBGLOG_DEBUG( "realloc using prev and next block - %i\n", blocks ); + umm_assimilate_up( c ); + umm_disconnect_from_free_list( UMM_PBLOCK(c) ); + c = umm_assimilate_down(c, 0); + memmove( (void *)&UMM_DATA(c), ptr, curSize ); + ptr = (void *)&UMM_DATA(c); + blockSize += (prevBlockSize + nextBlockSize); + } else { + DBGLOG_DEBUG( "realloc a completely new block %i\n", blocks ); + void *oldptr = ptr; + if( (ptr = umm_malloc( size )) ) { + DBGLOG_DEBUG( "realloc %i to a bigger block %i, copy, and free the old\n", blockSize, blocks ); + memcpy( ptr, oldptr, curSize ); + umm_free( oldptr ); + } else { + DBGLOG_DEBUG( "realloc %i to a bigger block %i failed - return NULL and leave the old block!\n", blockSize, blocks ); + /* This space intentionally left blnk */ + } + blockSize = blocks; + } + + /* Now all we need to do is figure out if the block fit exactly or if we + * need to split and free ... + */ + + if (blockSize > blocks ) { + DBGLOG_DEBUG( "split and free %i blocks from %i\n", blocks, blockSize ); + umm_split_block( c, blocks, 0 ); + umm_free( (void *)&UMM_DATA(c+blocks) ); + } + + /* Release the critical section... */ + UMM_CRITICAL_EXIT(); + + return( ptr ); +} + +/* ------------------------------------------------------------------------ */ + +void *umm_calloc( size_t num, size_t item_size ) { + void *ret; + + ret = umm_malloc((size_t)(item_size * num)); + + if (ret) + memset(ret, 0x00, (size_t)(item_size * num)); + + return ret; +} + +/* ------------------------------------------------------------------------ */ + diff --git a/cores/esp8266/umm_malloc/umm_malloc.cpp b/cores/esp8266/umm_malloc/umm_malloc.cpp deleted file mode 100644 index 13930a828e..0000000000 --- a/cores/esp8266/umm_malloc/umm_malloc.cpp +++ /dev/null @@ -1,1958 +0,0 @@ -/* ---------------------------------------------------------------------------- - * umm_malloc.c - a memory allocator for embedded systems (microcontrollers) - * - * See copyright notice in LICENSE.TXT - * ---------------------------------------------------------------------------- - * - * R.Hempel 2007-09-22 - Original - * R.Hempel 2008-12-11 - Added MIT License biolerplate - * - realloc() now looks to see if previous block is free - * - made common operations functions - * R.Hempel 2009-03-02 - Added macros to disable tasking - * - Added function to dump heap and check for valid free - * pointer - * R.Hempel 2009-03-09 - Changed name to umm_malloc to avoid conflicts with - * the mm_malloc() library functions - * - Added some test code to assimilate a free block - * with the very block if possible. Complicated and - * not worth the grief. - * D.Frank 2014-04-02 - Fixed heap configuration when UMM_TEST_MAIN is NOT set, - * added user-dependent configuration file umm_malloc_cfg.h - * ---------------------------------------------------------------------------- - * - * Note: when upgrading this file with upstream code, replace all %i with %d in - * printf format strings. ets_printf doesn't handle %i. - * - * ---------------------------------------------------------------------------- - * - * This is a memory management library specifically designed to work with the - * ARM7 embedded processor, but it should work on many other 32 bit processors, - * as well as 16 and 8 bit devices. - * - * ACKNOWLEDGEMENTS - * - * Joerg Wunsch and the avr-libc provided the first malloc() implementation - * that I examined in detail. - * - * http: *www.nongnu.org/avr-libc - * - * Doug Lea's paper on malloc() was another excellent reference and provides - * a lot of detail on advanced memory management techniques such as binning. - * - * http: *g.oswego.edu/dl/html/malloc.html - * - * Bill Dittman provided excellent suggestions, including macros to support - * using these functions in critical sections, and for optimizing realloc() - * further by checking to see if the previous block was free and could be - * used for the new block size. This can help to reduce heap fragmentation - * significantly. - * - * Yaniv Ankin suggested that a way to dump the current heap condition - * might be useful. I combined this with an idea from plarroy to also - * allow checking a free pointer to make sure it's valid. - * - * ---------------------------------------------------------------------------- - * - * The memory manager assumes the following things: - * - * 1. The standard POSIX compliant malloc/realloc/free semantics are used - * 2. All memory used by the manager is allocated at link time, it is aligned - * on a 32 bit boundary, it is contiguous, and its extent (start and end - * address) is filled in by the linker. - * 3. All memory used by the manager is initialized to 0 as part of the - * runtime startup routine. No other initialization is required. - * - * The fastest linked list implementations use doubly linked lists so that - * its possible to insert and delete blocks in constant time. This memory - * manager keeps track of both free and used blocks in a doubly linked list. - * - * Most memory managers use some kind of list structure made up of pointers - * to keep track of used - and sometimes free - blocks of memory. In an - * embedded system, this can get pretty expensive as each pointer can use - * up to 32 bits. - * - * In most embedded systems there is no need for managing large blocks - * of memory dynamically, so a full 32 bit pointer based data structure - * for the free and used block lists is wasteful. A block of memory on - * the free list would use 16 bytes just for the pointers! - * - * This memory management library sees the malloc heap as an array of blocks, - * and uses block numbers to keep track of locations. The block numbers are - * 15 bits - which allows for up to 32767 blocks of memory. The high order - * bit marks a block as being either free or in use, which will be explained - * later. - * - * The result is that a block of memory on the free list uses just 8 bytes - * instead of 16. - * - * In fact, we go even one step futher when we realize that the free block - * index values are available to store data when the block is allocated. - * - * The overhead of an allocated block is therefore just 4 bytes. - * - * Each memory block holds 8 bytes, and there are up to 32767 blocks - * available, for about 256K of heap space. If that's not enough, you - * can always add more data bytes to the body of the memory block - * at the expense of free block size overhead. - * - * There are a lot of little features and optimizations in this memory - * management system that makes it especially suited to small embedded, but - * the best way to appreciate them is to review the data structures and - * algorithms used, so let's get started. - * - * ---------------------------------------------------------------------------- - * - * We have a general notation for a block that we'll use to describe the - * different scenarios that our memory allocation algorithm must deal with: - * - * +----+----+----+----+ - * c |* n | p | nf | pf | - * +----+----+----+----+ - * - * Where - c is the index of this block - * * is the indicator for a free block - * n is the index of the next block in the heap - * p is the index of the previous block in the heap - * nf is the index of the next block in the free list - * pf is the index of the previous block in the free list - * - * The fact that we have forward and backward links in the block descriptors - * means that malloc() and free() operations can be very fast. It's easy - * to either allocate the whole free item to a new block or to allocate part - * of the free item and leave the rest on the free list without traversing - * the list from front to back first. - * - * The entire block of memory used by the heap is assumed to be initialized - * to 0. The very first block in the heap is special - it't the head of the - * free block list. It is never assimilated with a free block (more on this - * later). - * - * Once a block has been allocated to the application, it looks like this: - * - * +----+----+----+----+ - * c | n | p | ... | - * +----+----+----+----+ - * - * Where - c is the index of this block - * n is the index of the next block in the heap - * p is the index of the previous block in the heap - * - * Note that the free list information is gone, because it's now being used to - * store actual data for the application. It would have been nice to store - * the next and previous free list indexes as well, but that would be a waste - * of space. If we had even 500 items in use, that would be 2,000 bytes for - * free list information. We simply can't afford to waste that much. - * - * The address of the ... area is what is returned to the application - * for data storage. - * - * The following sections describe the scenarios encountered during the - * operation of the library. There are two additional notation conventions: - * - * ?? inside a pointer block means that the data is irrelevant. We don't care - * about it because we don't read or modify it in the scenario being - * described. - * - * ... between memory blocks indicates zero or more additional blocks are - * allocated for use by the upper block. - * - * And while we're talking about "upper" and "lower" blocks, we should make - * a comment about adresses. In the diagrams, a block higher up in the - * picture is at a lower address. And the blocks grow downwards their - * block index increases as does their physical address. - * - * Finally, there's one very important characteristic of the individual - * blocks that make up the heap - there can never be two consecutive free - * memory blocks, but there can be consecutive used memory blocks. - * - * The reason is that we always want to have a short free list of the - * largest possible block sizes. By always assimilating a newly freed block - * with adjacent free blocks, we maximize the size of each free memory area. - * - *--------------------------------------------------------------------------- - * - * Operation of malloc right after system startup - * - * As part of the system startup code, all of the heap has been cleared. - * - * During the very first malloc operation, we start traversing the free list - * starting at index 0. The index of the next free block is 0, which means - * we're at the end of the list! - * - * At this point, the malloc has a special test that checks if the current - * block index is 0, which it is. This special case initializes the free - * list to point at block index 1. - * - * BEFORE AFTER - * - * +----+----+----+----+ +----+----+----+----+ - * 0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 1 | 0 | - * +----+----+----+----+ +----+----+----+----+ - * +----+----+----+----+ - * 1 | 0 | 0 | 0 | 0 | - * +----+----+----+----+ - * - * The heap is now ready to complete the first malloc operation. - * - * ---------------------------------------------------------------------------- - * - * Operation of malloc when we have reached the end of the free list and - * there is no block large enough to accommodate the request. - * - * This happens at the very first malloc operation, or any time the free - * list is traversed and no free block large enough for the request is - * found. - * - * The current block pointer will be at the end of the free list, and we - * know we're at the end of the list because the nf index is 0, like this: - * - * BEFORE AFTER - * - * +----+----+----+----+ +----+----+----+----+ - * pf |*?? | ?? | cf | ?? | pf |*?? | ?? | lf | ?? | - * +----+----+----+----+ +----+----+----+----+ - * ... ... - * +----+----+----+----+ +----+----+----+----+ - * p | cf | ?? | ... | p | cf | ?? | ... | - * +----+----+----+----+ +----+----+----+----+ - * +----+----+----+----+ +----+----+----+----+ - * cf | 0 | p | 0 | pf | c | lf | p | ... | - * +----+----+----+----+ +----+----+----+----+ - * +----+----+----+----+ - * lf | 0 | cf | 0 | pf | - * +----+----+----+----+ - * - * As we walk the free list looking for a block of size b or larger, we get - * to cf, which is the last item in the free list. We know this because the - * next index is 0. - * - * So we're going to turn cf into the new block of memory, and then create - * a new block that represents the last free entry (lf) and adjust the prev - * index of lf to point at the block we just created. We also need to adjust - * the next index of the new block (c) to point to the last free block. - * - * Note that the next free index of the pf block must point to the new lf - * because cf is no longer a free block! - * - * ---------------------------------------------------------------------------- - * - * Operation of malloc when we have found a block (cf) that will fit the - * current request of b units exactly. - * - * This one is pretty easy, just clear the free list bit in the current - * block and unhook it from the free list. - * - * BEFORE AFTER - * - * +----+----+----+----+ +----+----+----+----+ - * pf |*?? | ?? | cf | ?? | pf |*?? | ?? | nf | ?? | - * +----+----+----+----+ +----+----+----+----+ - * ... ... - * +----+----+----+----+ +----+----+----+----+ - * p | cf | ?? | ... | p | cf | ?? | ... | - * +----+----+----+----+ +----+----+----+----+ - * +----+----+----+----+ +----+----+----+----+ Clear the free - * cf |* n | p | nf | pf | cf | n | p | .. | list bit here - * +----+----+----+----+ +----+----+----+----+ - * +----+----+----+----+ +----+----+----+----+ - * n | ?? | cf | ... | n | ?? | cf | ... | - * +----+----+----+----+ +----+----+----+----+ - * ... ... - * +----+----+----+----+ +----+----+----+----+ - * nf |*?? | ?? | ?? | cf | nf | ?? | ?? | ?? | pf | - * +----+----+----+----+ +----+----+----+----+ - * - * Unhooking from the free list is accomplished by adjusting the next and - * prev free list index values in the pf and nf blocks. - * - * ---------------------------------------------------------------------------- - * - * Operation of malloc when we have found a block that will fit the current - * request of b units with some left over. - * - * We'll allocate the new block at the END of the current free block so we - * don't have to change ANY free list pointers. - * - * BEFORE AFTER - * - * +----+----+----+----+ +----+----+----+----+ - * pf |*?? | ?? | cf | ?? | pf |*?? | ?? | cf | ?? | - * +----+----+----+----+ +----+----+----+----+ - * ... ... - * +----+----+----+----+ +----+----+----+----+ - * p | cf | ?? | ... | p | cf | ?? | ... | - * +----+----+----+----+ +----+----+----+----+ - * +----+----+----+----+ +----+----+----+----+ - * cf |* n | p | nf | pf | cf |* c | p | nf | pf | - * +----+----+----+----+ +----+----+----+----+ - * +----+----+----+----+ This is the new - * c | n | cf | .. | block at cf+b - * +----+----+----+----+ - * +----+----+----+----+ +----+----+----+----+ - * n | ?? | cf | ... | n | ?? | c | ... | - * +----+----+----+----+ +----+----+----+----+ - * ... ... - * +----+----+----+----+ +----+----+----+----+ - * nf |*?? | ?? | ?? | cf | nf | ?? | ?? | ?? | pf | - * +----+----+----+----+ +----+----+----+----+ - * - * This one is prety easy too, except we don't need to mess with the - * free list indexes at all becasue we'll allocate the new block at the - * end of the current free block. We do, however have to adjust the - * indexes in cf, c, and n. - * - * ---------------------------------------------------------------------------- - * - * That covers the initialization and all possible malloc scenarios, so now - * we need to cover the free operation possibilities... - * - * The operation of free depends on the position of the current block being - * freed relative to free list items immediately above or below it. The code - * works like this: - * - * if next block is free - * assimilate with next block already on free list - * if prev block is free - * assimilate with prev block already on free list - * else - * put current block at head of free list - * - * ---------------------------------------------------------------------------- - * - * Step 1 of the free operation checks if the next block is free, and if it - * is then insert this block into the free list and assimilate the next block - * with this one. - * - * Note that c is the block we are freeing up, cf is the free block that - * follows it. - * - * BEFORE AFTER - * - * +----+----+----+----+ +----+----+----+----+ - * pf |*?? | ?? | cf | ?? | pf |*?? | ?? | nf | ?? | - * +----+----+----+----+ +----+----+----+----+ - * ... ... - * +----+----+----+----+ +----+----+----+----+ - * p | c | ?? | ... | p | c | ?? | ... | - * +----+----+----+----+ +----+----+----+----+ - * +----+----+----+----+ +----+----+----+----+ This block is - * c | cf | p | ... | c | nn | p | ... | disconnected - * +----+----+----+----+ +----+----+----+----+ from free list, - * +----+----+----+----+ assimilated with - * cf |*nn | c | nf | pf | the next, and - * +----+----+----+----+ ready for step 2 - * +----+----+----+----+ +----+----+----+----+ - * nn | ?? | cf | ?? | ?? | nn | ?? | c | ... | - * +----+----+----+----+ +----+----+----+----+ - * ... ... - * +----+----+----+----+ +----+----+----+----+ - * nf |*?? | ?? | ?? | cf | nf |*?? | ?? | ?? | pf | - * +----+----+----+----+ +----+----+----+----+ - * - * Take special note that the newly assimilated block (c) is completely - * disconnected from the free list, and it does not have its free list - * bit set. This is important as we move on to step 2 of the procedure... - * - * ---------------------------------------------------------------------------- - * - * Step 2 of the free operation checks if the prev block is free, and if it - * is then assimilate it with this block. - * - * Note that c is the block we are freeing up, pf is the free block that - * precedes it. - * - * BEFORE AFTER - * - * +----+----+----+----+ +----+----+----+----+ This block has - * pf |* c | ?? | nf | ?? | pf |* n | ?? | nf | ?? | assimilated the - * +----+----+----+----+ +----+----+----+----+ current block - * +----+----+----+----+ - * c | n | pf | ... | - * +----+----+----+----+ - * +----+----+----+----+ +----+----+----+----+ - * n | ?? | c | ... | n | ?? | pf | ?? | ?? | - * +----+----+----+----+ +----+----+----+----+ - * ... ... - * +----+----+----+----+ +----+----+----+----+ - * nf |*?? | ?? | ?? | pf | nf |*?? | ?? | ?? | pf | - * +----+----+----+----+ +----+----+----+----+ - * - * Nothing magic here, except that when we're done, the current block (c) - * is gone since it's been absorbed into the previous free block. Note that - * the previous step guarantees that the next block (n) is not free. - * - * ---------------------------------------------------------------------------- - * - * Step 3 of the free operation only runs if the previous block is not free. - * it just inserts the current block to the head of the free list. - * - * Remember, 0 is always the first block in the memory heap, and it's always - * head of the free list! - * - * BEFORE AFTER - * - * +----+----+----+----+ +----+----+----+----+ - * 0 | ?? | ?? | nf | 0 | 0 | ?? | ?? | c | 0 | - * +----+----+----+----+ +----+----+----+----+ - * ... ... - * +----+----+----+----+ +----+----+----+----+ - * p | c | ?? | ... | p | c | ?? | ... | - * +----+----+----+----+ +----+----+----+----+ - * +----+----+----+----+ +----+----+----+----+ - * c | n | p | .. | c |* n | p | nf | 0 | - * +----+----+----+----+ +----+----+----+----+ - * +----+----+----+----+ +----+----+----+----+ - * n | ?? | c | ... | n | ?? | c | ... | - * +----+----+----+----+ +----+----+----+----+ - * ... ... - * +----+----+----+----+ +----+----+----+----+ - * nf |*?? | ?? | ?? | 0 | nf |*?? | ?? | ?? | c | - * +----+----+----+----+ +----+----+----+----+ - * - * Again, nothing spectacular here, we're simply adjusting a few pointers - * to make the most recently freed block the first item in the free list. - * - * That's because finding the previous free block would mean a reverse - * traversal of blocks until we found a free one, and it's just easier to - * put it at the head of the list. No traversal is needed. - * - * ---------------------------------------------------------------------------- - * - * Finally, we can cover realloc, which has the following basic operation. - * - * The first thing we do is assimilate up with the next free block of - * memory if possible. This step might help if we're resizing to a bigger - * block of memory. It also helps if we're downsizing and creating a new - * free block with the leftover memory. - * - * First we check to see if the next block is free, and we assimilate it - * to this block if it is. If the previous block is also free, and if - * combining it with the current block would satisfy the request, then we - * assimilate with that block and move the current data down to the new - * location. - * - * Assimilating with the previous free block and moving the data works - * like this: - * - * BEFORE AFTER - * - * +----+----+----+----+ +----+----+----+----+ - * pf |*?? | ?? | cf | ?? | pf |*?? | ?? | nf | ?? | - * +----+----+----+----+ +----+----+----+----+ - * ... ... - * +----+----+----+----+ +----+----+----+----+ - * cf |* c | ?? | nf | pf | c | n | ?? | ... | The data gets - * +----+----+----+----+ +----+----+----+----+ moved from c to - * +----+----+----+----+ the new data area - * c | n | cf | ... | in cf, then c is - * +----+----+----+----+ adjusted to cf - * +----+----+----+----+ +----+----+----+----+ - * n | ?? | c | ... | n | ?? | c | ?? | ?? | - * +----+----+----+----+ +----+----+----+----+ - * ... ... - * +----+----+----+----+ +----+----+----+----+ - * nf |*?? | ?? | ?? | cf | nf |*?? | ?? | ?? | pf | - * +----+----+----+----+ +----+----+----+----+ - * - * - * Once we're done that, there are three scenarios to consider: - * - * 1. The current block size is exactly the right size, so no more work is - * needed. - * - * 2. The current block is bigger than the new required size, so carve off - * the excess and add it to the free list. - * - * 3. The current block is still smaller than the required size, so malloc - * a new block of the correct size and copy the current data into the new - * block before freeing the current block. - * - * The only one of these scenarios that involves an operation that has not - * yet been described is the second one, and it's shown below: - * - * BEFORE AFTER - * - * +----+----+----+----+ +----+----+----+----+ - * p | c | ?? | ... | p | c | ?? | ... | - * +----+----+----+----+ +----+----+----+----+ - * +----+----+----+----+ +----+----+----+----+ - * c | n | p | ... | c | s | p | ... | - * +----+----+----+----+ +----+----+----+----+ - * +----+----+----+----+ This is the - * s | n | c | .. | new block at - * +----+----+----+----+ c+blocks - * +----+----+----+----+ +----+----+----+----+ - * n | ?? | c | ... | n | ?? | s | ... | - * +----+----+----+----+ +----+----+----+----+ - * - * Then we call free() with the adress of the data portion of the new - * block (s) which adds it to the free list. - * - * ---------------------------------------------------------------------------- - */ - -#include -#include -#include - -#include "umm_malloc.h" - -#include "umm_malloc_cfg.h" /* user-dependent */ - -extern "C" { - -#undef memcpy -#undef memmove -#undef memset -#define memcpy ets_memcpy -#define memmove ets_memmove -#define memset ets_memset - -// From UMM, the last caller of a malloc/realloc/calloc which failed: -extern void *umm_last_fail_alloc_addr; -extern int umm_last_fail_alloc_size; - -#ifndef UMM_FIRST_FIT -# ifndef UMM_BEST_FIT -# define UMM_BEST_FIT -# endif -#endif - -#ifndef DBG_LOG_LEVEL -# undef DBG_LOG_LEVEL -# define DBG_LOG_LEVEL 0 -#else -# undef DBG_LOG_LEVEL -# define DBG_LOG_LEVEL DBG_LOG_LEVEL -#endif - -/* -Changes for July 2019: - - Correct critical section with interrupt level preserving and nest support - alternative. Replace ets_intr_lock()/ets_intr_unlock() with uint32_t - oldValue=xt_rsil(3)/xt_wrs(oldValue). Added UMM_CRITICAL_DECL macro to define - storage for current state. Expanded UMM_CRITICAL_... to use unique - identifiers. This helpt facilitate gather function specific timing - information. - - Replace printf with something that is ROM or IRAM based so that a printf - that occurs during an ISR malloc/new does not cause a crash. To avoid any - reentry issue it should also avoid doing malloc lib calls. - - Refactor realloc to avoid memcpy/memmove while in critical section. This is - only effective when realloc is called with interrupts enabled. The copy - process alone can take over 10us (when copying more than ~498 bytes with a - 80MHz CPU clock). It would be good practice for an ISR to avoid realloc. - Note, while doing this might initially sound scary, this appears to be very - stable. It ran on my troublesome sketch for over 3 weeks until I got back from - vacation and flashed an update. Troublesome sketch - runs ESPAsyncTCP, with - modified fauxmo emulation for 10 devices. It receives lost of Network traffic - related to uPnP scans, which includes lots of TCP connects disconnects RSTs - related to uPnP discovery. - - Locking is no longer nested in realloc, due to refactoring for reduced IRQ - off time. - - I have clocked umm_info critical lock time taking as much as 180us. A common - use for the umm_info call is to get the free heap result. It is common - to try and closely monitor free heap as a method to detect memory leaks. - This may result in frequent calls to umm_info. There has not been a clear - test case that shows an issue yet; however, I and others think they are or - have had crashes related to this. - - I have added code that updates a current free heap value from _umm_malloc, - _umm_realloc, and _umm_free. Removing the need to do a long interrupts - disabled calculation via umm_info. - - Build optional, min/max time measurements for locks held while in info, - malloc, realloc, and free. Also, maintains a count of how many times each is - called with INTLEVEL set. - - */ - -/* -- dbglog {{{ */ - -/* ---------------------------------------------------------------------------- - * A set of macros that cleans up code that needs to produce debug - * or log information. - * - * See copyright notice in LICENSE.TXT - * ---------------------------------------------------------------------------- - * - * There are macros to handle the following decreasing levels of detail: - * - * 6 = TRACE - * 5 = DEBUG - * 4 = CRITICAL - * 3 = ERROR - * 2 = WARNING - * 1 = INFO - * 0 = FORCE - The printf is always compiled in and is called only when - * the first parameter to the macro is non-0 - * - * ---------------------------------------------------------------------------- - * - * The following #define should be set up before this file is included so - * that we can be sure that the correct macros are defined. - * - * #define DBG_LOG_LEVEL x - * ---------------------------------------------------------------------------- - */ - -#undef DBG_LOG_TRACE -#undef DBG_LOG_DEBUG -#undef DBG_LOG_CRITICAL -#undef DBG_LOG_ERROR -#undef DBG_LOG_WARNING -#undef DBG_LOG_INFO -#undef DBG_LOG_FORCE - -/* ------------------------------------------------------------------------- */ - -#if DBG_LOG_LEVEL >= 6 -# define DBG_LOG_TRACE( format, ... ) DBGLOG_FUNCTION( format, ## __VA_ARGS__ ) -#else -# define DBG_LOG_TRACE( format, ... ) -#endif - -#if DBG_LOG_LEVEL >= 5 -# define DBG_LOG_DEBUG( format, ... ) DBGLOG_FUNCTION( format, ## __VA_ARGS__ ) -#else -# define DBG_LOG_DEBUG( format, ... ) -#endif - -#if DBG_LOG_LEVEL >= 4 -# define DBG_LOG_CRITICAL( format, ... ) DBGLOG_FUNCTION( format, ## __VA_ARGS__ ) -#else -# define DBG_LOG_CRITICAL( format, ... ) -#endif - -#if DBG_LOG_LEVEL >= 3 -# define DBG_LOG_ERROR( format, ... ) DBGLOG_FUNCTION( format, ## __VA_ARGS__ ) -#else -# define DBG_LOG_ERROR( format, ... ) -#endif - -#if DBG_LOG_LEVEL >= 2 -# define DBG_LOG_WARNING( format, ... ) DBGLOG_FUNCTION( format, ## __VA_ARGS__ ) -#else -# define DBG_LOG_WARNING( format, ... ) -#endif - -#if DBG_LOG_LEVEL >= 1 -# define DBG_LOG_INFO( format, ... ) DBGLOG_FUNCTION( format, ## __VA_ARGS__ ) -#else -# define DBG_LOG_INFO( format, ... ) -#endif - -#define DBG_LOG_FORCE( force, format, ... ) {if(force) {DBGLOG_FUNCTION( format, ## __VA_ARGS__ );}} - -/* }}} */ - -/* ------------------------------------------------------------------------- */ - -UMM_H_ATTPACKPRE typedef struct umm_ptr_t { - unsigned short int next; - unsigned short int prev; -} UMM_H_ATTPACKSUF umm_ptr; - - -UMM_H_ATTPACKPRE typedef struct umm_block_t { - union { - umm_ptr used; - } header; - union { - umm_ptr free; - unsigned char data[4]; - } body; -} UMM_H_ATTPACKSUF umm_block; - -#define UMM_FREELIST_MASK (0x8000) -#define UMM_BLOCKNO_MASK (0x7FFF) - -/* ------------------------------------------------------------------------- */ - -#ifdef UMM_REDEFINE_MEM_FUNCTIONS -# define umm_free free -# define umm_malloc malloc -# define umm_calloc calloc -# define umm_realloc realloc -#endif - -umm_block *umm_heap = NULL; -unsigned short int umm_numblocks = 0; - -#define UMM_NUMBLOCKS (umm_numblocks) - -/* ------------------------------------------------------------------------ */ - -#define UMM_BLOCK(b) (umm_heap[b]) - -#define UMM_NBLOCK(b) (UMM_BLOCK(b).header.used.next) -#define UMM_PBLOCK(b) (UMM_BLOCK(b).header.used.prev) -#define UMM_NFREE(b) (UMM_BLOCK(b).body.free.next) -#define UMM_PFREE(b) (UMM_BLOCK(b).body.free.prev) -#define UMM_DATA(b) (UMM_BLOCK(b).body.data) - -/* - * This does not look safe, no access locks. It currently is not being - * built, so not an immediate issue. - 06/10/19 - */ -/* integrity check (UMM_INTEGRITY_CHECK) {{{ */ -#if defined(UMM_INTEGRITY_CHECK) -/* - * Perform integrity check of the whole heap data. Returns 1 in case of - * success, 0 otherwise. - * - * First of all, iterate through all free blocks, and check that all backlinks - * match (i.e. if block X has next free block Y, then the block Y should have - * previous free block set to X). - * - * Additionally, we check that each free block is correctly marked with - * `UMM_FREELIST_MASK` on the `next` pointer: during iteration through free - * list, we mark each free block by the same flag `UMM_FREELIST_MASK`, but - * on `prev` pointer. We'll check and unmark it later. - * - * Then, we iterate through all blocks in the heap, and similarly check that - * all backlinks match (i.e. if block X has next block Y, then the block Y - * should have previous block set to X). - * - * But before checking each backlink, we check that the `next` and `prev` - * pointers are both marked with `UMM_FREELIST_MASK`, or both unmarked. - * This way, we ensure that the free flag is in sync with the free pointers - * chain. - */ -static int integrity_check(void) { - int ok = 1; - unsigned short int prev; - unsigned short int cur; - - if (umm_heap == NULL) { - umm_init(); - } - - /* Iterate through all free blocks */ - prev = 0; - while(1) { - cur = UMM_NFREE(prev); - - /* Check that next free block number is valid */ - if (cur >= UMM_NUMBLOCKS) { - DBGLOG_FUNCTION("heap integrity broken: too large next free num: %d " - "(in block %d, addr 0x%lx)\n", cur, prev, - (unsigned long)&UMM_NBLOCK(prev)); - ok = 0; - goto clean; - } - if (cur == 0) { - /* No more free blocks */ - break; - } - - /* Check if prev free block number matches */ - if (UMM_PFREE(cur) != prev) { - DBGLOG_FUNCTION("heap integrity broken: free links don't match: " - "%d -> %d, but %d -> %d\n", - prev, cur, cur, UMM_PFREE(cur)); - ok = 0; - goto clean; - } - - UMM_PBLOCK(cur) |= UMM_FREELIST_MASK; - - prev = cur; - } - - /* Iterate through all blocks */ - prev = 0; - while(1) { - cur = UMM_NBLOCK(prev) & UMM_BLOCKNO_MASK; - - /* Check that next block number is valid */ - if (cur >= UMM_NUMBLOCKS) { - DBGLOG_FUNCTION("heap integrity broken: too large next block num: %d " - "(in block %d, addr 0x%lx)\n", cur, prev, - (unsigned long)&UMM_NBLOCK(prev)); - ok = 0; - goto clean; - } - if (cur == 0) { - /* No more blocks */ - break; - } - - /* make sure the free mark is appropriate, and unmark it */ - if ((UMM_NBLOCK(cur) & UMM_FREELIST_MASK) - != (UMM_PBLOCK(cur) & UMM_FREELIST_MASK)) - { - DBGLOG_FUNCTION("heap integrity broken: mask wrong at addr 0x%lx: n=0x%x, p=0x%x\n", - (unsigned long)&UMM_NBLOCK(cur), - (UMM_NBLOCK(cur) & UMM_FREELIST_MASK), - (UMM_PBLOCK(cur) & UMM_FREELIST_MASK) - ); - ok = 0; - goto clean; - } - - /* unmark */ - UMM_PBLOCK(cur) &= UMM_BLOCKNO_MASK; - - /* Check if prev block number matches */ - if (UMM_PBLOCK(cur) != prev) { - DBGLOG_FUNCTION("heap integrity broken: block links don't match: " - "%d -> %d, but %d -> %d\n", - prev, cur, cur, UMM_PBLOCK(cur)); - ok = 0; - goto clean; - } - - prev = cur; - } - -clean: - if (!ok){ - UMM_HEAP_CORRUPTION_CB(); - } - return ok; -} - -#define INTEGRITY_CHECK() integrity_check() -#else -/* - * Integrity check is disabled, so just define stub macro - */ -#define INTEGRITY_CHECK() 1 -#endif -/* }}} */ - -/* poisoning (UMM_POISON) {{{ */ -#if defined(UMM_POISON) -#define POISON_BYTE (0xa5) - -/* - * Yields a size of the poison for the block of size `s`. - * If `s` is 0, returns 0. - */ -#define POISON_SIZE(s) ( \ - (s) ? \ - (UMM_POISON_SIZE_BEFORE + UMM_POISON_SIZE_AFTER + \ - sizeof(UMM_POISONED_BLOCK_LEN_TYPE) \ - ) : 0 \ - ) - -/* - * Print memory contents starting from given `ptr` - */ -static void dump_mem ( const unsigned char *ptr, size_t len ) { - while (len--) { - DBGLOG_FUNCTION(" 0x%.2x", (unsigned int)(*ptr++)); - } -} - -/* - * Put poison data at given `ptr` and `poison_size` - */ -static void put_poison( unsigned char *ptr, size_t poison_size ) { - memset(ptr, POISON_BYTE, poison_size); -} - -/* - * Check poison data at given `ptr` and `poison_size`. `where` is a pointer to - * a string, either "before" or "after", meaning, before or after the block. - * - * If poison is there, returns 1. - * Otherwise, prints the appropriate message, and returns 0. - */ -static int check_poison( const unsigned char *ptr, size_t poison_size, - const char *where) { - size_t i; - int ok = 1; - - for (i = 0; i < poison_size; i++) { - if (ptr[i] != POISON_BYTE) { - ok = 0; - break; - } - } - - if (!ok) { - DBGLOG_FUNCTION("there is no poison %s the block. " - "Expected poison address: 0x%lx, actual data:", - where, (unsigned long)ptr); - dump_mem(ptr, poison_size); - DBGLOG_FUNCTION("\n"); - } - - return ok; -} - -/* - * Check if a block is properly poisoned. Must be called only for non-free - * blocks. - */ -static int check_poison_block( umm_block *pblock ) { - int ok = 1; - - if (pblock->header.used.next & UMM_FREELIST_MASK) { - DBGLOG_FUNCTION("check_poison_block is called for free block 0x%lx\n", - (unsigned long)pblock); - } else { - /* the block is used; let's check poison */ - unsigned char *pc = (unsigned char *)pblock->body.data; - unsigned char *pc_cur; - - pc_cur = pc + sizeof(UMM_POISONED_BLOCK_LEN_TYPE); - if (!check_poison(pc_cur, UMM_POISON_SIZE_BEFORE, "before")) { - DBGLOG_FUNCTION("block start: %08x\n", pc + sizeof(UMM_POISONED_BLOCK_LEN_TYPE) + UMM_POISON_SIZE_BEFORE); - UMM_HEAP_CORRUPTION_CB(); - ok = 0; - goto clean; - } - - pc_cur = pc + *((UMM_POISONED_BLOCK_LEN_TYPE *)pc) - UMM_POISON_SIZE_AFTER; - if (!check_poison(pc_cur, UMM_POISON_SIZE_AFTER, "after")) { - DBGLOG_FUNCTION("block start: %08x\n", pc + sizeof(UMM_POISONED_BLOCK_LEN_TYPE) + UMM_POISON_SIZE_BEFORE); - UMM_HEAP_CORRUPTION_CB(); - ok = 0; - goto clean; - } - } - -clean: - return ok; -} - -/* - * Iterates through all blocks in the heap, and checks poison for all used - * blocks. - */ -static int check_poison_all_blocks(void) { - int ok = 1; - unsigned short int blockNo = 0; - - if (umm_heap == NULL) { - umm_init(); - } - - /* Now iterate through the blocks list */ - blockNo = UMM_NBLOCK(blockNo) & UMM_BLOCKNO_MASK; - - while( UMM_NBLOCK(blockNo) & UMM_BLOCKNO_MASK ) { - if ( !(UMM_NBLOCK(blockNo) & UMM_FREELIST_MASK) ) { - /* This is a used block (not free), so, check its poison */ - ok = check_poison_block(&UMM_BLOCK(blockNo)); - if (!ok){ - break; - } - } - - blockNo = UMM_NBLOCK(blockNo) & UMM_BLOCKNO_MASK; - } - - return ok; -} - -/* - * Takes a pointer returned by actual allocator function (`_umm_malloc` or - * `_umm_realloc`), puts appropriate poison, and returns adjusted pointer that - * should be returned to the user. - * - * `size_w_poison` is a size of the whole block, including a poison. - */ -static void *get_poisoned( void *vptr, size_t size_w_poison ) { - unsigned char *ptr = (unsigned char *)vptr; - if (size_w_poison != 0 && ptr != NULL) { - - /* Put exact length of the user's chunk of memory */ - memcpy(ptr, &size_w_poison, sizeof(UMM_POISONED_BLOCK_LEN_TYPE)); - - /* Poison beginning and the end of the allocated chunk */ - put_poison(ptr + sizeof(UMM_POISONED_BLOCK_LEN_TYPE), - UMM_POISON_SIZE_BEFORE); - put_poison(ptr + size_w_poison - UMM_POISON_SIZE_AFTER, - UMM_POISON_SIZE_AFTER); - - /* Return pointer at the first non-poisoned byte */ - return ptr + sizeof(UMM_POISONED_BLOCK_LEN_TYPE) + UMM_POISON_SIZE_BEFORE; - } else { - return ptr; - } -} - -/* - * Takes "poisoned" pointer (i.e. pointer returned from `get_poisoned()`), - * and checks that the poison of this particular block is still there. - * - * Returns unpoisoned pointer, i.e. actual pointer to the allocated memory. - */ -static void *get_unpoisoned( void *vptr ) { - unsigned char *ptr = (unsigned char *)vptr; - if (ptr != NULL) { - unsigned short int c; - - ptr -= (sizeof(UMM_POISONED_BLOCK_LEN_TYPE) + UMM_POISON_SIZE_BEFORE); - - /* Figure out which block we're in. Note the use of truncated division... */ - c = (((char *)ptr)-(char *)(&(umm_heap[0])))/sizeof(umm_block); - - check_poison_block(&UMM_BLOCK(c)); - } - - return ptr; -} - -#define CHECK_POISON_ALL_BLOCKS() check_poison_all_blocks() -#define GET_POISONED(ptr, size) get_poisoned(ptr, size) -#define GET_UNPOISONED(ptr) get_unpoisoned(ptr) - -#else -/* - * Integrity check is disabled, so just define stub macros - */ -#define POISON_SIZE(s) 0 -#define CHECK_POISON_ALL_BLOCKS() 1 -#define GET_POISONED(ptr, size) (ptr) -#define GET_UNPOISONED(ptr) (ptr) -#endif -/* }}} */ - -/* ---------------------------------------------------------------------------- - * One of the coolest things about this little library is that it's VERY - * easy to get debug information about the memory heap by simply iterating - * through all of the memory blocks. - * - * As you go through all the blocks, you can check to see if it's a free - * block by looking at the high order bit of the next block index. You can - * also see how big the block is by subtracting the next block index from - * the current block number. - * - * The umm_info function does all of that and makes the results available - * in the ummHeapInfo structure. - * ---------------------------------------------------------------------------- - */ - -UMM_HEAP_INFO ummHeapInfo; - -void ICACHE_FLASH_ATTR *umm_info( void *ptr, int force ) { - UMM_CRITICAL_DECL(id_info); - - unsigned short int blockNo = 0; - - if (umm_heap == NULL) { - umm_init(); - } - - /* Protect the critical section... */ - UMM_CRITICAL_ENTRY(id_info); - - /* - * Clear out all of the entries in the ummHeapInfo structure before doing - * any calculations.. - */ - memset( &ummHeapInfo, 0, sizeof( ummHeapInfo ) ); - - DBG_LOG_FORCE( force, "\n\nDumping the umm_heap...\n" ); - - DBG_LOG_FORCE( force, "|0x%08lx|B %5d|NB %5d|PB %5d|Z %5d|NF %5d|PF %5d|\n", - (unsigned long)(&UMM_BLOCK(blockNo)), - blockNo, - UMM_NBLOCK(blockNo) & UMM_BLOCKNO_MASK, - UMM_PBLOCK(blockNo), - (UMM_NBLOCK(blockNo) & UMM_BLOCKNO_MASK )-blockNo, - UMM_NFREE(blockNo), - UMM_PFREE(blockNo) ); - - /* - * Now loop through the block lists, and keep track of the number and size - * of used and free blocks. The terminating condition is an nb pointer with - * a value of zero... - */ - - blockNo = UMM_NBLOCK(blockNo) & UMM_BLOCKNO_MASK; - - while( UMM_NBLOCK(blockNo) & UMM_BLOCKNO_MASK ) { - size_t curBlocks = (UMM_NBLOCK(blockNo) & UMM_BLOCKNO_MASK )-blockNo; - - ++ummHeapInfo.totalEntries; - ummHeapInfo.totalBlocks += curBlocks; - - /* Is this a free block? */ - - if( UMM_NBLOCK(blockNo) & UMM_FREELIST_MASK ) { - ++ummHeapInfo.freeEntries; - ummHeapInfo.freeBlocks += curBlocks; - ummHeapInfo.freeSize2 += (unsigned int)curBlocks - * (unsigned int)sizeof(umm_block) - * (unsigned int)curBlocks - * (unsigned int)sizeof(umm_block); - - if (ummHeapInfo.maxFreeContiguousBlocks < curBlocks) { - ummHeapInfo.maxFreeContiguousBlocks = curBlocks; - } - - DBG_LOG_FORCE( force, "|0x%08lx|B %5d|NB %5d|PB %5d|Z %5u|NF %5d|PF %5d|\n", - (unsigned long)(&UMM_BLOCK(blockNo)), - blockNo, - UMM_NBLOCK(blockNo) & UMM_BLOCKNO_MASK, - UMM_PBLOCK(blockNo), - (unsigned int)curBlocks, - UMM_NFREE(blockNo), - UMM_PFREE(blockNo) ); - - /* Does this block address match the ptr we may be trying to free? */ - - if( ptr == &UMM_BLOCK(blockNo) ) { - - /* Release the critical section... */ - UMM_CRITICAL_EXIT(id_info); - - return( ptr ); - } - } else { - ++ummHeapInfo.usedEntries; - ummHeapInfo.usedBlocks += curBlocks; - - DBG_LOG_FORCE( force, "|0x%08lx|B %5d|NB %5d|PB %5d|Z %5u|\n", - (unsigned long)(&UMM_BLOCK(blockNo)), - blockNo, - UMM_NBLOCK(blockNo) & UMM_BLOCKNO_MASK, - UMM_PBLOCK(blockNo), - (unsigned int)curBlocks ); - } - - blockNo = UMM_NBLOCK(blockNo) & UMM_BLOCKNO_MASK; - } - - /* - * Update the accounting totals with information from the last block, the - * rest must be free! - */ - - { - size_t curBlocks = UMM_NUMBLOCKS-blockNo; - ummHeapInfo.freeBlocks += curBlocks; - ummHeapInfo.totalBlocks += curBlocks; - - if (ummHeapInfo.maxFreeContiguousBlocks < curBlocks) { - ummHeapInfo.maxFreeContiguousBlocks = curBlocks; - } - } - - DBG_LOG_FORCE( force, "|0x%08lx|B %5d|NB %5d|PB %5d|Z %5d|NF %5d|PF %5d|\n", - (unsigned long)(&UMM_BLOCK(blockNo)), - blockNo, - UMM_NBLOCK(blockNo) & UMM_BLOCKNO_MASK, - UMM_PBLOCK(blockNo), - UMM_NUMBLOCKS-blockNo, - UMM_NFREE(blockNo), - UMM_PFREE(blockNo) ); - - DBG_LOG_FORCE( force, "Total Entries %5d Used Entries %5d Free Entries %5d\n", - ummHeapInfo.totalEntries, - ummHeapInfo.usedEntries, - ummHeapInfo.freeEntries ); - - DBG_LOG_FORCE( force, "Total Blocks %5d Used Blocks %5d Free Blocks %5d\n", - ummHeapInfo.totalBlocks, - ummHeapInfo.usedBlocks, - ummHeapInfo.freeBlocks ); - - if (ummHeapInfo.freeBlocks == ummStats.free_blocks) { - DBG_LOG_FORCE( force, "\nheap info Free blocks and heap statistics Free blocks match.\n"); - } else { - DBG_LOG_FORCE( force, "\nheap info Free blocks %5d != heap statistics Free Blocks %5d\n\n", - ummHeapInfo.freeBlocks, - ummStats.free_blocks ); - } - - DBG_LOG_FORCE( force, "\numm heap statistics:\n"); - DBG_LOG_FORCE( force, " Free Space %5u\n", ummStats.free_blocks * sizeof(umm_block)); - DBG_LOG_FORCE( force, " Low Watermark %5u\n", ummStats.free_blocks_min * sizeof(umm_block)); - DBG_LOG_FORCE( force, " MAX Alloc Request %5u\n", ummStats.alloc_max_size); - DBG_LOG_FORCE( force, " OOM Count %5u\n", ummStats.oom_count); - DBG_LOG_FORCE( force, " Size of umm_block %5u\n", sizeof(umm_block)); - - /* Release the critical section... */ - UMM_CRITICAL_EXIT(id_info); - - return( NULL ); -} - -/* ------------------------------------------------------------------------ */ - -static unsigned short int umm_blocks( size_t size ) { - - /* - * The calculation of the block size is not too difficult, but there are - * a few little things that we need to be mindful of. - * - * When a block removed from the free list, the space used by the free - * pointers is available for data. That's what the first calculation - * of size is doing. - */ - - if( size <= (sizeof(((umm_block *)0)->body)) ) - return( 1 ); - - /* - * If it's for more than that, then we need to figure out the number of - * additional whole blocks the size of an umm_block are required. - */ - - size -= ( 1 + (sizeof(((umm_block *)0)->body)) ); - - return( 2 + size/(sizeof(umm_block)) ); -} - -/* ------------------------------------------------------------------------ */ - -/* - * Split the block `c` into two blocks: `c` and `c + blocks`. - * - * - `cur_freemask` should be `0` if `c` used, or `UMM_FREELIST_MASK` - * otherwise. - * - `new_freemask` should be `0` if `c + blocks` used, or `UMM_FREELIST_MASK` - * otherwise. - * - * Note that free pointers are NOT modified by this function. - */ -static void umm_make_new_block( unsigned short int c, - unsigned short int blocks, - unsigned short int cur_freemask, unsigned short int new_freemask ) { - - UMM_NBLOCK(c+blocks) = (UMM_NBLOCK(c) & UMM_BLOCKNO_MASK) | new_freemask; - UMM_PBLOCK(c+blocks) = c; - - UMM_PBLOCK(UMM_NBLOCK(c) & UMM_BLOCKNO_MASK) = (c+blocks); - UMM_NBLOCK(c) = (c+blocks) | cur_freemask; -} - -/* ------------------------------------------------------------------------ */ - -static void umm_disconnect_from_free_list( unsigned short int c ) { - /* Disconnect this block from the FREE list */ - - UMM_NFREE(UMM_PFREE(c)) = UMM_NFREE(c); - UMM_PFREE(UMM_NFREE(c)) = UMM_PFREE(c); - - /* And clear the free block indicator */ - - UMM_NBLOCK(c) &= (~UMM_FREELIST_MASK); -} - -/* ------------------------------------------------------------------------ */ - -static void umm_assimilate_up( unsigned short int c ) { - - if( UMM_NBLOCK(UMM_NBLOCK(c)) & UMM_FREELIST_MASK ) { - /* - * The next block is a free block, so assimilate up and remove it from - * the free list - */ - - DBG_LOG_DEBUG( "Assimilate up to next block, which is FREE\n" ); - - /* Disconnect the next block from the FREE list */ - - umm_disconnect_from_free_list( UMM_NBLOCK(c) ); - - /* Assimilate the next block with this one */ - - UMM_PBLOCK(UMM_NBLOCK(UMM_NBLOCK(c)) & UMM_BLOCKNO_MASK) = c; - UMM_NBLOCK(c) = UMM_NBLOCK(UMM_NBLOCK(c)) & UMM_BLOCKNO_MASK; - } -} - -/* ------------------------------------------------------------------------ */ - -static unsigned short int umm_assimilate_down( unsigned short int c, unsigned short int freemask ) { - - UMM_NBLOCK(UMM_PBLOCK(c)) = UMM_NBLOCK(c) | freemask; - UMM_PBLOCK(UMM_NBLOCK(c)) = UMM_PBLOCK(c); - - return( UMM_PBLOCK(c) ); -} - -/* ------------------------------------------------------------------------- */ -/* This function called only one time during OS startup after flash is */ -/* enabled. No need to keep it in IRAM. */ -void ICACHE_FLASH_ATTR umm_init( void ) { - /* init heap pointer and size, and memset it to 0 */ - umm_heap = (umm_block *)UMM_MALLOC_CFG__HEAP_ADDR; - umm_numblocks = (UMM_MALLOC_CFG__HEAP_SIZE / sizeof(umm_block)); - memset(umm_heap, 0x00, UMM_MALLOC_CFG__HEAP_SIZE); - - /* setup initial blank heap structure */ - { - /* index of the 0th `umm_block` */ - const unsigned short int block_0th = 0; - /* index of the 1st `umm_block` */ - const unsigned short int block_1th = 1; - /* index of the latest `umm_block` */ - const unsigned short int block_last = UMM_NUMBLOCKS - 1; - - /* init ummStats */ - ummStats.free_blocks = ummStats.free_blocks_min = block_last; - - /* setup the 0th `umm_block`, which just points to the 1st */ - UMM_NBLOCK(block_0th) = block_1th; - UMM_NFREE(block_0th) = block_1th; - - /* - * Now, we need to set the whole heap space as a huge free block. We should - * not touch the 0th `umm_block`, since it's special: the 0th `umm_block` - * is the head of the free block list. It's a part of the heap invariant. - * - * See the detailed explanation at the beginning of the file. - */ - - /* - * 1th `umm_block` has pointers: - * - * - next `umm_block`: the latest one - * - prev `umm_block`: the 0th - * - * Plus, it's a free `umm_block`, so we need to apply `UMM_FREELIST_MASK` - * - * And it's the last free block, so the next free block is 0. - */ - UMM_NBLOCK(block_1th) = block_last | UMM_FREELIST_MASK; - UMM_NFREE(block_1th) = 0; - UMM_PBLOCK(block_1th) = block_0th; - UMM_PFREE(block_1th) = block_0th; - - /* - * latest `umm_block` has pointers: - * - * - next `umm_block`: 0 (meaning, there are no more `umm_blocks`) - * - prev `umm_block`: the 1st - * - * It's not a free block, so we don't touch NFREE / PFREE at all. - */ - UMM_NBLOCK(block_last) = 0; - UMM_PBLOCK(block_last) = block_1th; - } -} - -/* ------------------------------------------------------------------------ */ - -static void _umm_free( void *ptr ) { - UMM_CRITICAL_DECL(id_free); - - unsigned short int c; - - /* If we're being asked to free a NULL pointer, well that's just silly! */ - - if( (void *)0 == ptr ) { - DBG_LOG_DEBUG( "free a null pointer -> do nothing\n" ); - - return; - } - - /* - * FIXME: At some point it might be a good idea to add a check to make sure - * that the pointer we're being asked to free up is actually within - * the umm_heap! - * - * NOTE: See the new umm_info() function that you can use to see if a ptr is - * on the free list! - */ - - /* Figure out which block we're in. Note the use of truncated division... */ - - c = (((char *)ptr)-(char *)(&(umm_heap[0])))/sizeof(umm_block); - - DBG_LOG_DEBUG( "Freeing block %6d\n", c ); - - /* Protect the critical section... */ - UMM_CRITICAL_ENTRY(id_free); - - /* Update heap statistics */ - ummStats.free_blocks += (UMM_NBLOCK(c) - c); - - /* Now let's assimilate this block with the next one if possible. */ - - umm_assimilate_up( c ); - - /* Then assimilate with the previous block if possible */ - - if( UMM_NBLOCK(UMM_PBLOCK(c)) & UMM_FREELIST_MASK ) { - - DBG_LOG_DEBUG( "Assimilate down to next block, which is FREE\n" ); - - c = umm_assimilate_down(c, UMM_FREELIST_MASK); - } else { - /* - * The previous block is not a free block, so add this one to the head - * of the free list - */ - - DBG_LOG_DEBUG( "Just add to head of free list\n" ); - - UMM_PFREE(UMM_NFREE(0)) = c; - UMM_NFREE(c) = UMM_NFREE(0); - UMM_PFREE(c) = 0; - UMM_NFREE(0) = c; - - UMM_NBLOCK(c) |= UMM_FREELIST_MASK; - } - -#if 0 - /* - * The following is experimental code that checks to see if the block we just - * freed can be assimilated with the very last block - it's pretty convoluted in - * terms of block index manipulation, and has absolutely no effect on heap - * fragmentation. I'm not sure that it's worth including but I've left it - * here for posterity. - */ - - if( 0 == UMM_NBLOCK(UMM_NBLOCK(c) & UMM_BLOCKNO_MASK ) ) { - - if( UMM_PBLOCK(UMM_NBLOCK(c) & UMM_BLOCKNO_MASK) != UMM_PFREE(UMM_NBLOCK(c) & UMM_BLOCKNO_MASK) ) { - UMM_NFREE(UMM_PFREE(UMM_NBLOCK(c) & UMM_BLOCKNO_MASK)) = c; - UMM_NFREE(UMM_PFREE(c)) = UMM_NFREE(c); - UMM_PFREE(UMM_NFREE(c)) = UMM_PFREE(c); - UMM_PFREE(c) = UMM_PFREE(UMM_NBLOCK(c) & UMM_BLOCKNO_MASK); - } - - UMM_NFREE(c) = 0; - UMM_NBLOCK(c) = 0; - } -#endif - - /* Release the critical section... */ - UMM_CRITICAL_EXIT(id_free); -} - -/* ------------------------------------------------------------------------ */ - -static void *_umm_malloc( size_t size ) { - UMM_CRITICAL_DECL(id_malloc); - - unsigned short int blocks; - unsigned short int blockSize = 0; - - unsigned short int bestSize; - unsigned short int bestBlock; - - unsigned short int cf; - - if (umm_heap == NULL) { - umm_init(); - } - - /* - * the very first thing we do is figure out if we're being asked to allocate - * a size of 0 - and if we are we'll simply return a null pointer. if not - * then reduce the size by 1 byte so that the subsequent calculations on - * the number of blocks to allocate are easier... - */ - - if( 0 == size ) { - DBG_LOG_DEBUG( "malloc a block of 0 bytes -> do nothing\n" ); - - return( (void *)NULL ); - } - - if ( size > ummStats.alloc_max_size ) - ummStats.alloc_max_size = size; - - blocks = umm_blocks( size ); - - /* - * Now we can scan through the free list until we find a space that's big - * enough to hold the number of blocks we need. - * - * This part may be customized to be a best-fit, worst-fit, or first-fit - * algorithm - */ - - /* Protect the critical section... */ - UMM_CRITICAL_ENTRY(id_malloc); - - cf = UMM_NFREE(0); - - bestBlock = UMM_NFREE(0); - bestSize = 0x7FFF; - - while( cf ) { - blockSize = (UMM_NBLOCK(cf) & UMM_BLOCKNO_MASK) - cf; - - DBG_LOG_TRACE( "Looking at block %6d size %6d\n", cf, blockSize ); - -#if defined UMM_FIRST_FIT - /* This is the first block that fits! */ - if( (blockSize >= blocks) ) - break; -#elif defined UMM_BEST_FIT - if( (blockSize >= blocks) && (blockSize < bestSize) ) { - bestBlock = cf; - bestSize = blockSize; - } -#endif - - cf = UMM_NFREE(cf); - } - - if( 0x7FFF != bestSize ) { - cf = bestBlock; - blockSize = bestSize; - } - - if( UMM_NBLOCK(cf) & UMM_BLOCKNO_MASK && blockSize >= blocks ) { - /* - * This is an existing block in the memory heap, we just need to split off - * what we need, unlink it from the free list and mark it as in use, and - * link the rest of the block back into the freelist as if it was a new - * block on the free list... - */ - - if( blockSize == blocks ) { - /* It's an exact fit and we don't neet to split off a block. */ - DBG_LOG_DEBUG( "Allocating %6d blocks starting at %6d - exact\n", blocks, cf ); - - /* Disconnect this block from the FREE list */ - - umm_disconnect_from_free_list( cf ); - - } else { - /* It's not an exact fit and we need to split off a block. */ - DBG_LOG_DEBUG( "Allocating %6d blocks starting at %6d - existing\n", blocks, cf ); - - /* - * split current free block `cf` into two blocks. The first one will be - * returned to user, so it's not free, and the second one will be free. - */ - umm_make_new_block( cf, blocks, - 0/*`cf` is not free*/, - UMM_FREELIST_MASK/*new block is free*/); - - /* - * `umm_make_new_block()` does not update the free pointers (it affects - * only free flags), but effectively we've just moved beginning of the - * free block from `cf` to `cf + blocks`. So we have to adjust pointers - * to and from adjacent free blocks. - */ - - /* previous free block */ - UMM_NFREE( UMM_PFREE(cf) ) = cf + blocks; - UMM_PFREE( cf + blocks ) = UMM_PFREE(cf); - - /* next free block */ - UMM_PFREE( UMM_NFREE(cf) ) = cf + blocks; - UMM_NFREE( cf + blocks ) = UMM_NFREE(cf); - } - - /* Update heap statistics */ - ummStats.free_blocks -= blocks; - if (ummStats.free_blocks < ummStats.free_blocks_min) - ummStats.free_blocks_min = ummStats.free_blocks; - - } else { - ummStats.oom_count += 1; - - /* Release the critical section... */ - UMM_CRITICAL_EXIT(id_malloc); - - /* Out of memory */ - - DBG_LOG_DEBUG( "Can't allocate %5d blocks\n", blocks ); - - return( (void *)NULL ); - } - - /* Release the critical section... */ - UMM_CRITICAL_EXIT(id_malloc); - - return( (void *)&UMM_DATA(cf) ); -} - -/* ------------------------------------------------------------------------ */ - -static void *_umm_realloc( void *ptr, size_t size ) { - UMM_CRITICAL_DECL(id_realloc); - - unsigned short int blocks; - unsigned short int blockSize; - unsigned short int c; - - size_t curSize; - - if (umm_heap == NULL) { - umm_init(); - } - - /* - * This code looks after the case of a NULL value for ptr. The ANSI C - * standard says that if ptr is NULL and size is non-zero, then we've - * got to work the same a malloc(). If size is also 0, then our version - * of malloc() returns a NULL pointer, which is OK as far as the ANSI C - * standard is concerned. - */ - - if( ((void *)NULL == ptr) ) { - DBG_LOG_DEBUG( "realloc the NULL pointer - call malloc()\n" ); - - return( _umm_malloc(size) ); - } - - /* - * Now we're sure that we have a non_NULL ptr, but we're not sure what - * we should do with it. If the size is 0, then the ANSI C standard says that - * we should operate the same as free. - */ - - if( 0 == size ) { - DBG_LOG_DEBUG( "realloc to 0 size, just free the block\n" ); - - _umm_free( ptr ); - - return( (void *)NULL ); - } - - if ( size > ummStats.alloc_max_size ) - ummStats.alloc_max_size = size; - - /* - * Defer starting critical section. - * - * Initially we should be safe without a critical section as long as we are - * referencing values that are within our allocation as constants. - * And only reference values that will not change, while the redefintions of - * the allocations around us change. - * - * Example UMM_PBLOCK() could be change by a call to malloc from an ISR. - * On the other hand UMM_NBLOCK() is safe returns an address of the next - * block. The calculation is all based on information within our allocation - * that remains constant, until we change it. - * - * As long as we don't try to modify the next block or walk the chain of - * blocks we are okay. - * - * When called by an "interrupts enabled" type caller, it bears the - * responsibility to not call again, with the allocate we are currently - * working on. I think this is a normal expectation. I could be wrong. - * Such a situation would involve a function that is called from foreground - * and ISR context. Such code would already have to be re-entrant. This - * change may expand the corner cases for such a function. - * - */ - - /* - * Otherwise we need to actually do a reallocation. A naiive approach - * would be to malloc() a new block of the correct size, copy the old data - * to the new block, and then free the old block. - * - * While this will work, we end up doing a lot of possibly unnecessary - * copying. So first, let's figure out how many blocks we'll need. - */ - - blocks = umm_blocks( size ); - - /* Figure out which block we're in. Note the use of truncated division... */ - - c = (((char *)ptr)-(char *)(&(umm_heap[0])))/sizeof(umm_block); - - /* Figure out how big this block is... */ - - blockSize = (UMM_NBLOCK(c) - c); - - /* Figure out how many bytes are in this block */ - - curSize = (blockSize*sizeof(umm_block))-(sizeof(((umm_block *)0)->header)); - - /* - * Ok, now that we're here, we know the block number of the original chunk - * of memory, and we know how much new memory we want, and we know the original - * block size... - */ - - if( blockSize == blocks ) { - /* This space intentionally left blank - return the original pointer! */ - - DBG_LOG_DEBUG( "realloc the same size block - %d, do nothing\n", blocks ); - - return( ptr ); - } - - /* Now we need a critical section... */ - UMM_CRITICAL_ENTRY(id_realloc); - - /* - * Now we have a block size that could be bigger or smaller. Either - * way, try to assimilate up to the next block before doing anything... - * - * If it's still too small, we have to free it anyways and it will save the - * assimilation step later in free :-) - */ - - if( UMM_NBLOCK(UMM_NBLOCK(c)) & UMM_FREELIST_MASK ) { - // This will often be most of the free heap. The excess is - // restored when umm_free() is called before returning. - ummStats.free_blocks -= - (UMM_NBLOCK(UMM_NBLOCK(c)) & UMM_BLOCKNO_MASK) - UMM_NBLOCK(c); - umm_assimilate_up( c ); - } - - /* - * Now check if it might help to assimilate down, but don't actually - * do the downward assimilation unless the resulting block will hold the - * new request! If this block of code runs, then the new block will - * either fit the request exactly, or be larger than the request. - */ - - if( (UMM_NBLOCK(UMM_PBLOCK(c)) & UMM_FREELIST_MASK) && - (blocks <= (UMM_NBLOCK(c)-UMM_PBLOCK(c))) ) { - - /* Check if the resulting block would be big enough... */ - - DBG_LOG_DEBUG( "realloc() could assimilate down %d blocks - fits!\n\r", c-UMM_PBLOCK(c) ); - - /* - * Calculate the number of blocks to keep while the information is - * still available. - */ - - unsigned short int prevBlockSize = c - UMM_PBLOCK(c); - ummStats.free_blocks -= prevBlockSize; - unsigned short int prelimBlockSize = blockSize + prevBlockSize; - if(prelimBlockSize < blocks) - prelimBlockSize = blocks; - - /* Disconnect the previous block from the FREE list */ - - umm_disconnect_from_free_list( UMM_PBLOCK(c) ); - - /* - * Connect the previous block to the next block ... and then - * realign the current block pointer - */ - - c = umm_assimilate_down(c, 0); - - /* - * Currently all or most of the heap has been grabbed. Do an early split of - * allocation down to the amount needed to do a successful move operation. - * This will allow an alloc/new from a ISR to succeed while a memmove is - * running. - */ - if( (UMM_NBLOCK(c) - c) > prelimBlockSize ) { - umm_make_new_block( c, prelimBlockSize, 0, 0 ); - _umm_free( (void *)&UMM_DATA(c+prelimBlockSize) ); - } - - // This is the lowest low that may be seen by an ISR doing an alloc/new - if( ummStats.free_blocks < ummStats.free_blocks_min ) - ummStats.free_blocks_min = ummStats.free_blocks; - - /* - * For the ESP8266 interrupts should not be off for more than 10us. - * An unprotect/protect around memmove should be safe to do here. - * All variables used are on the stack. - */ - - UMM_CRITICAL_EXIT(id_realloc); - - /* - * Move the bytes down to the new block we just created, but be sure to move - * only the original bytes. - */ - - memmove( (void *)&UMM_DATA(c), ptr, curSize ); - - /* And don't forget to adjust the pointer to the new block location! */ - - ptr = (void *)&UMM_DATA(c); - - /* Now resume critical section... */ - UMM_CRITICAL_ENTRY(id_realloc); - } - - /* Now calculate the block size again...and we'll have three cases */ - - blockSize = (UMM_NBLOCK(c) - c); - - if( blockSize == blocks ) { - /* This space intentionally left blank - return the original pointer! */ - - DBG_LOG_DEBUG( "realloc the same size block - %d, do nothing\n", blocks ); - - } else if (blockSize > blocks ) { - /* - * New block is smaller than the old block, so just make a new block - * at the end of this one and put it up on the free list... - */ - - DBG_LOG_DEBUG( "realloc %d to a smaller block %d, shrink and free the leftover bits\n", blockSize, blocks ); - - umm_make_new_block( c, blocks, 0, 0 ); - _umm_free( (void *)&UMM_DATA(c+blocks) ); - } else { - /* New block is bigger than the old block... */ - - /* Finish up without critical section */ - UMM_CRITICAL_EXIT(id_realloc); - - void *oldptr = ptr; - - DBG_LOG_DEBUG( "realloc %d to a bigger block %d, make new, copy, and free the old\n", blockSize, blocks ); - - /* - * Now _umm_malloc() a new/ one, copy the old data to the new block, and - * free up the old block, but only if the malloc was sucessful! - */ - - if( (ptr = _umm_malloc( size )) ) { - memcpy( ptr, oldptr, curSize ); - _umm_free( oldptr ); - } else { - ummStats.oom_count += 1; // Needs atomic - } - return( ptr ); - - } - - if (ummStats.free_blocks < ummStats.free_blocks_min) - ummStats.free_blocks_min = ummStats.free_blocks; - - /* Release the critical section... */ - UMM_CRITICAL_EXIT(id_realloc); - - return( ptr ); -} - -/* ------------------------------------------------------------------------ */ - -void *umm_malloc( size_t size ) { - void *ret; - - /* check poison of each blocks, if poisoning is enabled */ - if (!CHECK_POISON_ALL_BLOCKS()) { - return NULL; - } - - /* check full integrity of the heap, if this check is enabled */ - if (!INTEGRITY_CHECK()) { - return NULL; - } - - size += POISON_SIZE(size); - - ret = _umm_malloc( size ); - if (0 != size && 0 == ret) { - umm_last_fail_alloc_addr = __builtin_return_address(0); - umm_last_fail_alloc_size = size; - } - - ret = GET_POISONED(ret, size); - - return ret; -} - -/* ------------------------------------------------------------------------ */ - -void *umm_calloc( size_t num, size_t item_size ) { - void *ret; - size_t size = item_size * num; - - /* check poison of each blocks, if poisoning is enabled */ - if (!CHECK_POISON_ALL_BLOCKS()) { - return NULL; - } - - /* check full integrity of the heap, if this check is enabled */ - if (!INTEGRITY_CHECK()) { - return NULL; - } - - size += POISON_SIZE(size); - ret = _umm_malloc(size); - if (ret) { - memset(ret, 0x00, size); - } - if (0 != size && 0 == ret) { - umm_last_fail_alloc_addr = __builtin_return_address(0); - umm_last_fail_alloc_size = size; - } - - ret = GET_POISONED(ret, size); - - return ret; -} - -/* ------------------------------------------------------------------------ */ - -void *umm_realloc( void *ptr, size_t size ) { - void *ret; - - ptr = GET_UNPOISONED(ptr); - - /* check poison of each blocks, if poisoning is enabled */ - if (!CHECK_POISON_ALL_BLOCKS()) { - return NULL; - } - - /* check full integrity of the heap, if this check is enabled */ - if (!INTEGRITY_CHECK()) { - return NULL; - } - - size += POISON_SIZE(size); - ret = _umm_realloc( ptr, size ); - if (0 != size && 0 == ret) { - umm_last_fail_alloc_addr = __builtin_return_address(0); - umm_last_fail_alloc_size = size; - } - - ret = GET_POISONED(ret, size); - - return ret; -} - -/* ------------------------------------------------------------------------ */ - -void umm_free( void *ptr ) { - - ptr = GET_UNPOISONED(ptr); - - /* check poison of each blocks, if poisoning is enabled */ - if (!CHECK_POISON_ALL_BLOCKS()) { - return; - } - - /* check full integrity of the heap, if this check is enabled */ - if (!INTEGRITY_CHECK()) { - return; - } - - _umm_free( ptr ); -} - -/* ------------------------------------------------------------------------ */ - -size_t ICACHE_FLASH_ATTR umm_free_heap_size( void ) { - return (size_t)ummStats.free_blocks * sizeof(umm_block); -} - -size_t ICACHE_FLASH_ATTR umm_free_heap_size_min( void ) { - return (size_t)ummStats.free_blocks_min * sizeof(umm_block); -} - -size_t ICACHE_FLASH_ATTR umm_free_heap_size_min_reset( void ) { - ummStats.free_blocks_min = ummStats.free_blocks; - return (size_t)ummStats.free_blocks_min * sizeof(umm_block); -} - -size_t ICACHE_FLASH_ATTR umm_max_block_size( void ) { - umm_info(NULL, 0); - return ummHeapInfo.maxFreeContiguousBlocks * sizeof(umm_block); -} - -size_t ICACHE_FLASH_ATTR umm_block_size( void ) { - return sizeof(umm_block); -} - -}; - -/* ------------------------------------------------------------------------ */ diff --git a/cores/esp8266/umm_malloc/umm_malloc.h b/cores/esp8266/umm_malloc/umm_malloc.h index fcb1ade824..33fd307afc 100644 --- a/cores/esp8266/umm_malloc/umm_malloc.h +++ b/cores/esp8266/umm_malloc/umm_malloc.h @@ -10,45 +10,12 @@ /* ------------------------------------------------------------------------ */ -#include "umm_malloc_cfg.h" /* user-dependent */ - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct UMM_HEAP_INFO_t { - unsigned short int totalEntries; - unsigned short int usedEntries; - unsigned short int freeEntries; - - unsigned short int totalBlocks; - unsigned short int usedBlocks; - unsigned short int freeBlocks; - - unsigned short int maxFreeContiguousBlocks; - - unsigned int freeSize2; -} -UMM_HEAP_INFO; - -extern UMM_HEAP_INFO ummHeapInfo; - -void umm_init( void ); - -void *umm_info( void *ptr, int force ); - +void umm_init( void ); void *umm_malloc( size_t size ); void *umm_calloc( size_t num, size_t size ); void *umm_realloc( void *ptr, size_t size ); -void umm_free( void *ptr ); - -size_t umm_free_heap_size( void ); -size_t umm_max_block_size( void ); -size_t umm_block_size( void ); +void umm_free( void *ptr ); -#ifdef __cplusplus -} -#endif /* ------------------------------------------------------------------------ */ diff --git a/cores/esp8266/umm_malloc/umm_malloc_cfg.h b/cores/esp8266/umm_malloc/umm_malloc_cfg.h index 39d5897cc9..6a5a7fc80b 100644 --- a/cores/esp8266/umm_malloc/umm_malloc_cfg.h +++ b/cores/esp8266/umm_malloc/umm_malloc_cfg.h @@ -5,30 +5,6 @@ #ifndef _UMM_MALLOC_CFG_H #define _UMM_MALLOC_CFG_H -#include -#ifdef __cplusplus -extern "C" { -#endif - -#include -#include -#include - -#include "c_types.h" -#include "umm_performance.h" -#include "umm_stats.h" - -#undef DBGLOG_FUNCTION -#if defined(DEBUG_ESP_PORT) || defined(DEBUG_ESP_ISR) -int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2))); -// Note, _isr_safe_printf_P will not handle additional string arguments in -// PROGMEM. Only the 1st parameter, fmt, is supported in PROGMEM. -#define DBGLOG_FUNCTION(fmt, ...) _isr_safe_printf_P(PSTR(fmt), ##__VA_ARGS__) -#else -// Macro to place constant strings into PROGMEM and print them properly -#define DBGLOG_FUNCTION(fmt, ...) printf(PSTR(fmt), ## __VA_ARGS__ ) -#endif - /* * There are a number of defines you can set at compile time that affect how * the memory allocator will operate. @@ -37,19 +13,7 @@ int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2) * * -D UMM_TEST_MAIN * - * Set this if you want to compile in the test suite at the end of this file. - * - * If you leave this define unset, then you might want to set another one: - * - * -D UMM_REDEFINE_MEM_FUNCTIONS - * - * If you leave this define unset, then the function names are left alone as - * umm_malloc() umm_free() and umm_realloc() so that they cannot be confused - * with the C runtime functions malloc() free() and realloc() - * - * If you do set this define, then the function names become malloc() - * free() and realloc() so that they can be used as the C runtime functions - * in an embedded environment. + * Set this if you want to compile in the test suite * * -D UMM_BEST_FIT (defualt) * @@ -75,45 +39,51 @@ int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2) * ---------------------------------------------------------------------------- */ -///////////////////////////////////////////////// -#ifdef DEBUG_ESP_OOM +extern char test_umm_heap[]; -#define MEMLEAK_DEBUG +/* Start addresses and the size of the heap */ +#define UMM_MALLOC_CFG_HEAP_ADDR (test_umm_heap) +#define UMM_MALLOC_CFG_HEAP_SIZE 0x10000 -// umm_*alloc are not renamed to *alloc +/* A couple of macros to make packing structures less compiler dependent */ -void *umm_malloc( size_t size ); -void *umm_calloc( size_t num, size_t size ); -void *umm_realloc( void *ptr, size_t size ); -#define umm_free free -#define umm_zalloc(s) umm_calloc(1,s) +#define UMM_H_ATTPACKPRE +#define UMM_H_ATTPACKSUF __attribute__((__packed__)) -void* malloc_loc (size_t s, const char* file, int line); -void* calloc_loc (size_t n, size_t s, const char* file, int line); -void* realloc_loc (void* p, size_t s, const char* file, int line); +#define UMM_BEST_FIT +#undef UMM_FIRST_FIT -// *alloc are macro calling *alloc_loc calling+checking umm_*alloc() -// they are defined at the bottom of this file +/* + * -D UMM_INFO : + * + * Enables a dup of the heap contents and a function to return the total + * heap size that is unallocated - note this is not the same as the largest + * unallocated block on the heap! + */ -///////////////////////////////////////////////// -#else // !defined(ESP_DEBUG_OOM) +#define UMM_INFO - // umm_*alloc are renamed to *alloc - #define UMM_REDEFINE_MEM_FUNCTIONS +#ifdef UMM_INFO + typedef struct UMM_HEAP_INFO_t { + unsigned short int totalEntries; + unsigned short int usedEntries; + unsigned short int freeEntries; -#endif + unsigned short int totalBlocks; + unsigned short int usedBlocks; + unsigned short int freeBlocks; - #define UMM_BEST_FIT + unsigned short int maxFreeContiguousBlocks; + } + UMM_HEAP_INFO; -/* Start addresses and the size of the heap */ -extern char _heap_start[]; -#define UMM_MALLOC_CFG__HEAP_ADDR ((uint32_t)&_heap_start) -#define UMM_MALLOC_CFG__HEAP_SIZE ((size_t)(0x3fffc000 - UMM_MALLOC_CFG__HEAP_ADDR)) + extern UMM_HEAP_INFO ummHeapInfo; -/* A couple of macros to make packing structures less compiler dependent */ + void *umm_info( void *ptr, int force ); + size_t umm_free_heap_size( void ); -#define UMM_H_ATTPACKPRE -#define UMM_H_ATTPACKSUF __attribute__((__packed__)) +#else +#endif /* * A couple of macros to make it easier to protect the memory allocator @@ -125,22 +95,8 @@ extern char _heap_start[]; * called from within umm_malloc() */ - -#if defined(UMM_CRITICAL_PERIOD_ANALYZE) - -#define UMM_CRITICAL_DECL(tag) uint32_t _saved_ps_##tag -#define UMM_CRITICAL_ENTRY(tag) _critical_entry(&time_stats.tag, &_saved_ps_##tag) -#define UMM_CRITICAL_EXIT(tag) _critical_exit(&time_stats.tag, &_saved_ps_##tag) - -#else - -// This method preserves the intlevel on entry and restores the -// original intlevel at exit. -#define UMM_CRITICAL_DECL(tag) uint32_t _saved_ps_##tag -#define UMM_CRITICAL_ENTRY(tag) _saved_ps_##tag = xt_rsil(DEFAULT_CRITICAL_SECTION_INTLEVEL) -#define UMM_CRITICAL_EXIT(tag) xt_wsr_ps(_saved_ps_##tag) - -#endif +#define UMM_CRITICAL_ENTRY() +#define UMM_CRITICAL_EXIT() /* * -D UMM_INTEGRITY_CHECK : @@ -155,9 +111,17 @@ extern char _heap_start[]; * 4 bytes, so there might be some trailing "extra" bytes which are not checked * for corruption. */ -/* + #define UMM_INTEGRITY_CHECK -*/ + +#ifdef UMM_INTEGRITY_CHECK + int umm_integrity_check( void ); +# define INTEGRITY_CHECK() umm_integrity_check() + extern void umm_corruption(void); +# define UMM_HEAP_CORRUPTION_CB() printf( "Heap Corruption!" ) +#else +# define INTEGRITY_CHECK() 0 +#endif /* * -D UMM_POISON : @@ -187,28 +151,21 @@ extern char _heap_start[]; * callback is called: `UMM_HEAP_CORRUPTION_CB()` */ -#if defined(DEBUG_ESP_PORT) || defined(DEBUG_ESP_CORE) -#define UMM_POISON -#endif +#define UMM_POISON_CHECK #define UMM_POISON_SIZE_BEFORE 4 -#define UMM_POISON_SIZE_AFTER 4 -#define UMM_POISONED_BLOCK_LEN_TYPE uint32_t - -#define UMM_HEAP_CORRUPTION_CB() panic() - -#ifdef __cplusplus -} +#define UMM_POISON_SIZE_AFTER 4 +#define UMM_POISONED_BLOCK_LEN_TYPE short + +#ifdef UMM_POISON_CHECK + void *umm_poison_malloc( size_t size ); + void *umm_poison_calloc( size_t num, size_t size ); + void *umm_poison_realloc( void *ptr, size_t size ); + void umm_poison_free( void *ptr ); + int umm_poison_check( void ); +# define POISON_CHECK() umm_poison_check() +#else +# define POISON_CHECK() 0 #endif #endif /* _UMM_MALLOC_CFG_H */ - -#ifdef DEBUG_ESP_OOM -// this must be outside from "#ifndef _UMM_MALLOC_CFG_H" -// because Arduino.h's does #undef *alloc -// Arduino.h recall us to redefine them -#include -#define malloc(s) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; malloc_loc(s, mem_debug_file, __LINE__); }) -#define calloc(n,s) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; calloc_loc(n, s, mem_debug_file, __LINE__); }) -#define realloc(p,s) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; realloc_loc(p, s, mem_debug_file, __LINE__); }) -#endif /* DEBUG_ESP_OOM */ diff --git a/cores/esp8266/umm_malloc/umm_malloc_cfg_example.h b/cores/esp8266/umm_malloc/umm_malloc_cfg_example.h new file mode 100644 index 0000000000..ae3ecfde47 --- /dev/null +++ b/cores/esp8266/umm_malloc/umm_malloc_cfg_example.h @@ -0,0 +1,176 @@ +/* + * Configuration for umm_malloc + */ + +#ifndef _UMM_MALLOC_CFG_H +#define _UMM_MALLOC_CFG_H + +/* + * There are a number of defines you can set at compile time that affect how + * the memory allocator will operate. + * You can set them in your config file umm_malloc_cfg.h. + * In GNU C, you also can set these compile time defines like this: + * + * -D UMM_TEST_MAIN + * + * Set this if you want to compile in the test suite + * + * -D UMM_BEST_FIT (defualt) + * + * Set this if you want to use a best-fit algorithm for allocating new + * blocks + * + * -D UMM_FIRST_FIT + * + * Set this if you want to use a first-fit algorithm for allocating new + * blocks + * + * -D UMM_DBG_LOG_LEVEL=n + * + * Set n to a value from 0 to 6 depending on how verbose you want the debug + * log to be + * + * ---------------------------------------------------------------------------- + * + * Support for this library in a multitasking environment is provided when + * you add bodies to the UMM_CRITICAL_ENTRY and UMM_CRITICAL_EXIT macros + * (see below) + * + * ---------------------------------------------------------------------------- + */ + + +/* Start addresses and the size of the heap */ +#define UMM_MALLOC_CFG_HEAP_ADDR /* TODO */ +#define UMM_MALLOC_CFG_HEAP_SIZE /* TODO */ + +/* A couple of macros to make packing structures less compiler dependent */ + +#define UMM_H_ATTPACKPRE +#define UMM_H_ATTPACKSUF __attribute__((__packed__)) + +#define UMM_BEST_FIT +#undef UMM_FIRST_FIT + +/* + * -D UMM_INFO : + * + * Enables a dup of the heap contents and a function to return the total + * heap size that is unallocated - note this is not the same as the largest + * unallocated block on the heap! + */ + +/* +#define UMM_INFO +*/ + +#ifdef UMM_INFO + typedef struct UMM_HEAP_INFO_t { + unsigned short int totalEntries; + unsigned short int usedEntries; + unsigned short int freeEntries; + + unsigned short int totalBlocks; + unsigned short int usedBlocks; + unsigned short int freeBlocks; + + unsigned short int maxFreeContiguousBlocks; + } + UMM_HEAP_INFO; + + extern UMM_HEAP_INFO ummHeapInfo; + + void *umm_info( void *ptr, int force ); + size_t umm_free_heap_size( void ); + +#else +#endif + +/* + * A couple of macros to make it easier to protect the memory allocator + * in a multitasking system. You should set these macros up to use whatever + * your system uses for this purpose. You can disable interrupts entirely, or + * just disable task switching - it's up to you + * + * NOTE WELL that these macros MUST be allowed to nest, because umm_free() is + * called from within umm_malloc() + */ + +#define UMM_CRITICAL_ENTRY() +#define UMM_CRITICAL_EXIT() + +/* + * -D UMM_INTEGRITY_CHECK : + * + * Enables heap integrity check before any heap operation. It affects + * performance, but does NOT consume extra memory. + * + * If integrity violation is detected, the message is printed and user-provided + * callback is called: `UMM_HEAP_CORRUPTION_CB()` + * + * Note that not all buffer overruns are detected: each buffer is aligned by + * 4 bytes, so there might be some trailing "extra" bytes which are not checked + * for corruption. + */ + +/* +#define UMM_INTEGRITY_CHECK +*/ + +#ifdef UMM_INTEGRITY_CHECK + int umm_integrity_check( void ); +# define INTEGRITY_CHECK() umm_integrity_check() + extern void umm_corruption(void); +# define UMM_HEAP_CORRUPTION_CB() printf( "Heap Corruption!" ) +#else +# define INTEGRITY_CHECK() 0 +#endif + +/* + * -D UMM_POISON : + * + * Enables heap poisoning: add predefined value (poison) before and after each + * allocation, and check before each heap operation that no poison is + * corrupted. + * + * Other than the poison itself, we need to store exact user-requested length + * for each buffer, so that overrun by just 1 byte will be always noticed. + * + * Customizations: + * + * UMM_POISON_SIZE_BEFORE: + * Number of poison bytes before each block, e.g. 2 + * UMM_POISON_SIZE_AFTER: + * Number of poison bytes after each block e.g. 2 + * UMM_POISONED_BLOCK_LEN_TYPE + * Type of the exact buffer length, e.g. `short` + * + * NOTE: each allocated buffer is aligned by 4 bytes. But when poisoning is + * enabled, actual pointer returned to user is shifted by + * `(sizeof(UMM_POISONED_BLOCK_LEN_TYPE) + UMM_POISON_SIZE_BEFORE)`. + * It's your responsibility to make resulting pointers aligned appropriately. + * + * If poison corruption is detected, the message is printed and user-provided + * callback is called: `UMM_HEAP_CORRUPTION_CB()` + */ + +/* +#define UMM_POISON_CHECK +*/ + +#define UMM_POISON_SIZE_BEFORE 4 +#define UMM_POISON_SIZE_AFTER 4 +#define UMM_POISONED_BLOCK_LEN_TYPE short + +#ifdef UMM_POISON_CHECK + void *umm_poison_malloc( size_t size ); + void *umm_poison_calloc( size_t num, size_t size ); + void *umm_poison_realloc( void *ptr, size_t size ); + void umm_poison_free( void *ptr ); + int umm_poison_check( void ); +# define POISON_CHECK() umm_poison_check() +#else +# define POISON_CHECK() 0 +#endif + +#endif /* _UMM_MALLOC_CFG_H */ diff --git a/cores/esp8266/umm_malloc/umm_performance.cpp b/cores/esp8266/umm_malloc/umm_performance.cpp deleted file mode 100644 index 4b9ec4e6b3..0000000000 --- a/cores/esp8266/umm_malloc/umm_performance.cpp +++ /dev/null @@ -1,81 +0,0 @@ -/* - * umm_malloc performance measurments and ESP specifics - */ - -#include -#include -#include -#include -#include "umm_performance.h" -#include "umm_stats.h" - -extern "C" { - -UMM_STATS ummStats = {0, 0, 0, 0}; - -#ifdef UMM_CRITICAL_PERIOD_ANALYZE -struct _UMM_TIME_STATS time_stats = { - {0xFFFFFFFF, 0U, 0U, 0U}, - {0xFFFFFFFF, 0U, 0U, 0U}, - {0xFFFFFFFF, 0U, 0U, 0U}, - {0xFFFFFFFF, 0U, 0U, 0U} }; - -bool ICACHE_FLASH_ATTR get_umm_get_perf_data(struct _UMM_TIME_STATS *p, size_t size) { - if (p && sizeof(time_stats) == size) { - uint32_t save_ps = xt_rsil(DEFAULT_CRITICAL_SECTION_INTLEVEL); - memcpy(p, &time_stats, size); - xt_wsr_ps(save_ps); - return true; - } - return false; -} -#endif - -#if defined(DEBUG_ESP_PORT) || defined(DEBUG_ESP_ISR) -/* - Printing from the malloc routines is tricky. Since a lot of library calls - will want to do malloc. - - Objective: To be able to print "last gasp" diagnostic messages - when interrupts are disabled and w/o availability of heap resources. -*/ - -// ROM _putc1, ignores CRs and sends CR/LF for LF, newline. -// Always returns character sent. -int constexpr (*_rom_putc1)(int) = (int (*)(int))0x40001dcc; -void uart_buff_switch(uint8_t); - -int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2))); -int ICACHE_RAM_ATTR _isr_safe_printf_P(const char *fmt, ...) { -#ifdef DEBUG_ESP_PORT -#define VALUE(x) __STRINGIFY(x) - // Preprocessor and compiler together will optimize away the if. - if (strcmp("Serial1", VALUE(DEBUG_ESP_PORT)) == 0) { - uart_buff_switch(1U); - } else { - uart_buff_switch(0U); - } -#else - uart_buff_switch(0U); // Side effect, clears RX FIFO -#endif - /* - To use ets_strlen() and ets_memcpy() safely with PROGMEM, flash storage, - the PROGMEM address must be word (4 bytes) aligned. The destination - address for ets_memcpy must also be word-aligned. We also round the - buf_len up to the nearest word boundary. So that all transfers will be - whole words. - */ - size_t str_len = ets_strlen(fmt); - size_t buf_len = (str_len + 1 + 3) & ~0x03U; - char ram_buf[buf_len] __attribute__ ((aligned(4))); - ets_memcpy(ram_buf, fmt, buf_len); - va_list argPtr; - va_start(argPtr, fmt); - int result = ets_vprintf(_rom_putc1, ram_buf, argPtr); - va_end(argPtr); - return result; -} - -#endif - -}; diff --git a/cores/esp8266/umm_malloc/umm_performance.h b/cores/esp8266/umm_malloc/umm_performance.h deleted file mode 100644 index 5d6ae24c61..0000000000 --- a/cores/esp8266/umm_malloc/umm_performance.h +++ /dev/null @@ -1,85 +0,0 @@ -/* - * umm_malloc performance measurments and ESP specifics - */ - -#ifndef _UMM_PERFORMANCE_H -#define _UMM_PERFORMANCE_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * -D UMM_CRITICAL_PERIOD_ANALYZE : - * - * Build option to collect timing usage data on critical section usage in - * functions: info, malloc, realloc. Collects MIN, MAX, and number of time - * IRQs were disabled at request time. Note, for realloc MAX disabled time - * will not include the time from calling malloc and/or free. - * Examine code for specifics on what info is available and how to access. -*/ -// #define UMM_CRITICAL_PERIOD_ANALYZE - - -/* - Per Devyte, the core currently doesn't support masking a specific interrupt - level. That doesn't mean it can't be implemented, only that at this time - locking is implemented as all or nothing. - https://github.com/esp8266/Arduino/issues/6246#issuecomment-508612609 - - So for now we default to all, 15. - */ -#ifndef DEFAULT_CRITICAL_SECTION_INTLEVEL -#define DEFAULT_CRITICAL_SECTION_INTLEVEL 15 -#endif - -#if defined(UMM_CRITICAL_PERIOD_ANALYZE) -// This option adds support for gathering time locked data -typedef struct _TIME_STAT { - uint32_t min; - uint32_t max; - uint32_t start; - uint32_t intlevel; -} time_stat_t; - -struct _UMM_TIME_STATS { - time_stat_t id_malloc; - time_stat_t id_realloc; - time_stat_t id_free; - time_stat_t id_info; -}; - -extern struct _UMM_TIME_STATS time_stats; - -bool get_umm_get_perf_data(struct _UMM_TIME_STATS *p, size_t size); - -static inline void _critical_entry(time_stat_t *p, uint32_t *saved_ps) { - *saved_ps = xt_rsil(DEFAULT_CRITICAL_SECTION_INTLEVEL); - if (0U != (*saved_ps & 0x0FU)) { - p->intlevel += 1U; - } - - p->start = esp_get_cycle_count(); -} - -static inline void _critical_exit(time_stat_t *p, uint32_t *saved_ps) { - uint32_t elapse = esp_get_cycle_count() - p->start; - if (elapse < p->min) - p->min = elapse; - - if (elapse > p->max) - p->max = elapse; - - xt_wsr_ps(*saved_ps); -} -#endif - -#if defined(DEBUG_ESP_PORT) || defined(DEBUG_ESP_ISR) -int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2))); -#endif - -#ifdef __cplusplus -} -#endif - -#endif /* _UMM_PERFORMANCE_H */ diff --git a/cores/esp8266/umm_malloc/umm_poison.c b/cores/esp8266/umm_malloc/umm_poison.c new file mode 100644 index 0000000000..141c381621 --- /dev/null +++ b/cores/esp8266/umm_malloc/umm_poison.c @@ -0,0 +1,230 @@ +/* poisoning (UMM_POISON_CHECK) {{{ */ +#if defined(UMM_POISON_CHECK) +#define POISON_BYTE (0xa5) + +/* + * Yields a size of the poison for the block of size `s`. + * If `s` is 0, returns 0. + */ +static size_t poison_size(size_t s) { + return(s ? (UMM_POISON_SIZE_BEFORE + + sizeof(UMM_POISONED_BLOCK_LEN_TYPE) + + UMM_POISON_SIZE_AFTER) + : 0); +} + +/* + * Print memory contents starting from given `ptr` + */ +static void dump_mem ( const unsigned char *ptr, size_t len ) { + while (len--) { + DBGLOG_ERROR(" 0x%.2x", (unsigned int)(*ptr++)); + } +} + +/* + * Put poison data at given `ptr` and `poison_size` + */ +static void put_poison( unsigned char *ptr, size_t poison_size ) { + memset(ptr, POISON_BYTE, poison_size); +} + +/* + * Check poison data at given `ptr` and `poison_size`. `where` is a pointer to + * a string, either "before" or "after", meaning, before or after the block. + * + * If poison is there, returns 1. + * Otherwise, prints the appropriate message, and returns 0. + */ +static int check_poison( const unsigned char *ptr, size_t poison_size, + const char *where) { + size_t i; + int ok = 1; + + for (i = 0; i < poison_size; i++) { + if (ptr[i] != POISON_BYTE) { + ok = 0; + break; + } + } + + if (!ok) { + DBGLOG_ERROR( "No poison %s block at: 0x%lx, actual data:", where, (unsigned long)ptr); + dump_mem(ptr, poison_size); + DBGLOG_ERROR( "\n" ); + } + + return ok; +} + +/* + * Check if a block is properly poisoned. Must be called only for non-free + * blocks. + */ +static int check_poison_block( umm_block *pblock ) { + int ok = 1; + + if (pblock->header.used.next & UMM_FREELIST_MASK) { + DBGLOG_ERROR( "check_poison_block is called for free block 0x%lx\n", (unsigned long)pblock); + } else { + /* the block is used; let's check poison */ + unsigned char *pc = (unsigned char *)pblock->body.data; + unsigned char *pc_cur; + + pc_cur = pc + sizeof(UMM_POISONED_BLOCK_LEN_TYPE); + if (!check_poison(pc_cur, UMM_POISON_SIZE_BEFORE, "before")) { + ok = 0; + goto clean; + } + + pc_cur = pc + *((UMM_POISONED_BLOCK_LEN_TYPE *)pc) - UMM_POISON_SIZE_AFTER; + if (!check_poison(pc_cur, UMM_POISON_SIZE_AFTER, "after")) { + ok = 0; + goto clean; + } + } + +clean: + return ok; +} + +/* + * Takes a pointer returned by actual allocator function (`umm_malloc` or + * `umm_realloc`), puts appropriate poison, and returns adjusted pointer that + * should be returned to the user. + * + * `size_w_poison` is a size of the whole block, including a poison. + */ +static void *get_poisoned( unsigned char *ptr, size_t size_w_poison ) { + if (size_w_poison != 0 && ptr != NULL) { + + /* Poison beginning and the end of the allocated chunk */ + put_poison(ptr + sizeof(UMM_POISONED_BLOCK_LEN_TYPE), + UMM_POISON_SIZE_BEFORE); + put_poison(ptr + size_w_poison - UMM_POISON_SIZE_AFTER, + UMM_POISON_SIZE_AFTER); + + /* Put exact length of the user's chunk of memory */ + *(UMM_POISONED_BLOCK_LEN_TYPE *)ptr = (UMM_POISONED_BLOCK_LEN_TYPE)size_w_poison; + + /* Return pointer at the first non-poisoned byte */ + return ptr + sizeof(UMM_POISONED_BLOCK_LEN_TYPE) + UMM_POISON_SIZE_BEFORE; + } else { + return ptr; + } +} + +/* + * Takes "poisoned" pointer (i.e. pointer returned from `get_poisoned()`), + * and checks that the poison of this particular block is still there. + * + * Returns unpoisoned pointer, i.e. actual pointer to the allocated memory. + */ +static void *get_unpoisoned( unsigned char *ptr ) { + if (ptr != NULL) { + unsigned short int c; + + ptr -= (sizeof(UMM_POISONED_BLOCK_LEN_TYPE) + UMM_POISON_SIZE_BEFORE); + + /* Figure out which block we're in. Note the use of truncated division... */ + c = (((char *)ptr)-(char *)(&(umm_heap[0])))/sizeof(umm_block); + + check_poison_block(&UMM_BLOCK(c)); + } + + return ptr; +} + +/* }}} */ + +/* ------------------------------------------------------------------------ */ + +void *umm_poison_malloc( size_t size ) { + void *ret; + + size += poison_size(size); + + ret = umm_malloc( size ); + + ret = get_poisoned(ret, size); + + return ret; +} + +/* ------------------------------------------------------------------------ */ + +void *umm_poison_calloc( size_t num, size_t item_size ) { + void *ret; + size_t size = item_size * num; + + size += poison_size(size); + + ret = umm_malloc(size); + + if (NULL != ret) + memset(ret, 0x00, size); + + ret = get_poisoned(ret, size); + + return ret; +} + +/* ------------------------------------------------------------------------ */ + +void *umm_poison_realloc( void *ptr, size_t size ) { + void *ret; + + ptr = get_unpoisoned(ptr); + + size += poison_size(size); + ret = umm_realloc( ptr, size ); + + ret = get_poisoned(ret, size); + + return ret; +} + +/* ------------------------------------------------------------------------ */ + +void umm_poison_free( void *ptr ) { + + ptr = get_unpoisoned(ptr); + + umm_free( ptr ); +} + +/* + * Iterates through all blocks in the heap, and checks poison for all used + * blocks. + */ + +int umm_poison_check(void) { + int ok = 1; + unsigned short int cur; + + if (umm_heap == NULL) { + umm_init(); + } + + /* Now iterate through the blocks list */ + cur = UMM_NBLOCK(0) & UMM_BLOCKNO_MASK; + + while( UMM_NBLOCK(cur) & UMM_BLOCKNO_MASK ) { + if ( !(UMM_NBLOCK(cur) & UMM_FREELIST_MASK) ) { + /* This is a used block (not free), so, check its poison */ + ok = check_poison_block(&UMM_BLOCK(cur)); + if (!ok){ + break; + } + } + + cur = UMM_NBLOCK(cur) & UMM_BLOCKNO_MASK; + } + + return ok; +} + +/* ------------------------------------------------------------------------ */ + +#endif + diff --git a/cores/esp8266/umm_malloc/umm_stats.h b/cores/esp8266/umm_malloc/umm_stats.h deleted file mode 100644 index f2aae9875f..0000000000 --- a/cores/esp8266/umm_malloc/umm_stats.h +++ /dev/null @@ -1,36 +0,0 @@ -/* - * umm_malloc heap statistics - */ - -#ifndef _UMM_STATS_H -#define _UMM_STATS_H - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct UMM_STATS_t { - unsigned short int free_blocks; - unsigned short int free_blocks_min; - size_t alloc_max_size; - size_t oom_count; -} UMM_STATS; -extern UMM_STATS ummStats; - -size_t ICACHE_FLASH_ATTR umm_free_heap_size_min( void ); -size_t ICACHE_FLASH_ATTR umm_free_heap_size_min_reset( void ); - -inline size_t umm_get_max_alloc_size( void ) { - return ummStats.alloc_max_size; -} - -inline size_t umm_get_oom_count( void ) { - return ummStats.oom_count; -} - - -#ifdef __cplusplus -} -#endif - -#endif /* _UMM_STATS_H */ From b50864265307db0226cf87761e6ae32a5f95915c Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Tue, 20 Aug 2019 11:29:48 -0700 Subject: [PATCH 02/27] WIP: upstream version of umm_malloc customized for Arduino ESP8266 Core See comments at the top of umm_malloc.cpp for a summary of changes so far. Added support for integrity check and poison check to refactored heap.cpp. --- cores/esp8266/heap.cpp | 241 ++++++---- cores/esp8266/umm_malloc/isr_safe_printf.cpp | 171 +++++++ cores/esp8266/umm_malloc/umm_info.c | 73 ++- cores/esp8266/umm_malloc/umm_integrity.c | 18 +- cores/esp8266/umm_malloc/umm_local.c | 90 ++++ cores/esp8266/umm_malloc/umm_local.h | 17 + cores/esp8266/umm_malloc/umm_malloc.c | 205 ++++++++- cores/esp8266/umm_malloc/umm_malloc.cpp | 99 ++++ cores/esp8266/umm_malloc/umm_malloc.h | 10 + cores/esp8266/umm_malloc/umm_malloc_cfg.h | 456 ++++++++++++++++++- cores/esp8266/umm_malloc/umm_performance.h | 23 + cores/esp8266/umm_malloc/umm_poison.c | 31 +- 12 files changed, 1273 insertions(+), 161 deletions(-) create mode 100644 cores/esp8266/umm_malloc/isr_safe_printf.cpp create mode 100644 cores/esp8266/umm_malloc/umm_local.c create mode 100644 cores/esp8266/umm_malloc/umm_local.h create mode 100644 cores/esp8266/umm_malloc/umm_malloc.cpp create mode 100644 cores/esp8266/umm_malloc/umm_performance.h diff --git a/cores/esp8266/heap.cpp b/cores/esp8266/heap.cpp index b0bd908614..05fe25740b 100644 --- a/cores/esp8266/heap.cpp +++ b/cores/esp8266/heap.cpp @@ -8,37 +8,96 @@ #include #include + extern "C" { +#if defined( UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) +#define __umm_malloc(s) umm_poison_malloc(s) +#define __umm_calloc(n,s) umm_poison_calloc(n,s) +#define __umm_realloc_fl(p,s,f,l) umm_poison_realloc_fl(p,s,f,l) +#define __umm_free_fl(p,f,l) umm_poison_free_fl(p,f,l) + +#ifdef UMM_POISON_CHECK_LITE +#define POISON_CHECK__ABORT() do {} while(0) +#define POISON_CHECK__PANIC_FL(file, line) do { (void)file; (void)line; } while(0) + +#else // Full heap poison check at every malloc libary call. +#define POISON_CHECK__ABORT() \ + do { \ + if ( ! POISON_CHECK() ) \ + abort(); \ + } while(0) + +#define POISON_CHECK__PANIC_FL(file, line) \ + do { \ + if ( ! POISON_CHECK() ) \ + __panic_func(file, line, ""); \ + } while(0) +#endif + +#undef realloc +#undef free + +#else // ! UMM_POISON_CHECK +#define __umm_malloc(s) malloc(s) +#define __umm_calloc(n,s) calloc(n,s) +#define __umm_realloc_fl(p,s,f,l) realloc(p,s) +#define __umm_free_fl(p,f,l) free(p) + +#define POISON_CHECK__ABORT() do {} while(0) +#define POISON_CHECK__PANIC_FL(file, line) do { (void)file; (void)line; } while(0) +#endif // UMM_POISON_CHECK + // Debugging helper, last allocation which returned NULL void *umm_last_fail_alloc_addr = NULL; int umm_last_fail_alloc_size = 0; + +#ifdef UMM_INTEGRITY_CHECK +#define INTEGRITY_CHECK__ABORT() \ + do { \ + if ( ! INTEGRITY_CHECK() ) \ + abort(); \ + } while(0) + +#define INTEGRITY_CHECK__PANIC_FL(file, line) \ + do { \ + if ( ! INTEGRITY_CHECK() ) \ + __panic_func(file, line, ""); \ + } while(0) + +#else // ! UMM_INTEGRITY_CHECK +#define INTEGRITY_CHECK__ABORT() do {} while(0) +#define INTEGRITY_CHECK__PANIC_FL(file, line) do { (void)file; (void)line; } while(0) + +#endif // UMM_INTEGRITY_CHECK + +#define PTR_CHECK__LOG_LAST_FAIL(p, s, a) \ + if(0 != (s) && 0 == p)\ + {\ + umm_last_fail_alloc_addr = a;\ + umm_last_fail_alloc_size = s;\ + } + void* _malloc_r(struct _reent* unused, size_t size) { (void) unused; void *ret = malloc(size); - if (0 != size && 0 == ret) { - umm_last_fail_alloc_addr = __builtin_return_address(0); - umm_last_fail_alloc_size = size; - } + PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0)) return ret; } void _free_r(struct _reent* unused, void* ptr) { (void) unused; - return free(ptr); + free(ptr); } void* _realloc_r(struct _reent* unused, void* ptr, size_t size) { (void) unused; void *ret = realloc(ptr, size); - if (0 != size && 0 == ret) { - umm_last_fail_alloc_addr = __builtin_return_address(0); - umm_last_fail_alloc_size = size; - } + PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0)) return ret; } @@ -46,42 +105,19 @@ void* _calloc_r(struct _reent* unused, size_t count, size_t size) { (void) unused; void *ret = calloc(count, size); - if (0 != (count * size) && 0 == ret) { - umm_last_fail_alloc_addr = __builtin_return_address(0); - umm_last_fail_alloc_size = count * size; - } + PTR_CHECK__LOG_LAST_FAIL(ret, count * size, __builtin_return_address(0)) return ret; } -void ICACHE_RAM_ATTR vPortFree(void *ptr, const char* file, int line) -{ - (void) file; - (void) line; - free(ptr); -} - -#ifdef DEBUG_ESP_OOM - -void* ICACHE_RAM_ATTR pvPortMalloc(size_t size, const char* file, int line) -{ - return malloc_loc(size, file, line); -} - -void* ICACHE_RAM_ATTR pvPortCalloc(size_t count, size_t size, const char* file, int line) -{ - return calloc_loc(count, size, file, line); -} - -void* ICACHE_RAM_ATTR pvPortRealloc(void *ptr, size_t size, const char* file, int line) -{ - return realloc_loc(ptr, size, file, line); -} -void* ICACHE_RAM_ATTR pvPortZalloc(size_t size, const char* file, int line) -{ - return calloc_loc(1, size, file, line); -} +#define PTR_CHECK__LOG_LAST_FAIL(p, s, a) \ + if(0 != (s) && 0 == p)\ + {\ + umm_last_fail_alloc_addr = a;\ + umm_last_fail_alloc_size = s;\ + } +#ifdef DEBUG_ESP_OOM #undef malloc #undef calloc #undef realloc @@ -90,96 +126,115 @@ static const char oom_fmt[] PROGMEM STORE_ATTR = ":oom(%d)@?\n"; static const char oom_fmt_1[] PROGMEM STORE_ATTR = ":oom(%d)@"; static const char oom_fmt_2[] PROGMEM STORE_ATTR = ":%d\n"; -void* malloc (size_t s) +void ICACHE_RAM_ATTR print_loc(size_t size, const char* file, int line) { - void* ret = umm_malloc(s); - if (!ret) - os_printf(oom_fmt, (int)s); - return ret; + DBGLOG_FUNCTION_P(oom_fmt_1, (int)size); + DBGLOG_FUNCTION_P(file); + DBGLOG_FUNCTION_P(oom_fmt_2, line); } -void* calloc (size_t n, size_t s) -{ - void* ret = umm_calloc(n, s); - if (!ret) - os_printf(oom_fmt, (int)s); - return ret; -} +#define OOM_CHECK__PRINT_OOM(p, f, s) if (!p) DBGLOG_FUNCTION_P(f, s) +#define OOM_CHECK__PRINT_LOC(p, s, f, l) if (!p) print_loc(s, f, l) -void* realloc (void* p, size_t s) -{ - void* ret = umm_realloc(p, s); - if (!ret) - os_printf(oom_fmt, (int)s); - return ret; -} +#else // ! DEBUG_ESP_OOM + +#if 1 +//C Skip OOM check of pvPort... . It cost 64 more bytes of IRAM to turn on. +//C Was not previously enabled. +#undef PTR_CHECK__LOG_LAST_FAIL +#define PTR_CHECK__LOG_LAST_FAIL(p, s, a) +#endif -void print_loc (size_t s, const char* file, int line) +#define OOM_CHECK__PRINT_OOM(p, f, s) +#define OOM_CHECK__PRINT_LOC(p, s, f, l) +#endif + +#if defined(DEBUG_ESP_OOM) || defined(UMM_CHECK_POISON) || defined(UMM_POISON_CHECK_LITE) || defined(UMM_INTEGRITY_CHECK) + +void* ICACHE_RAM_ATTR malloc(size_t size) { - os_printf(oom_fmt_1, (int)s); - os_printf(file); - os_printf(oom_fmt_2, line); + INTEGRITY_CHECK__ABORT(); + POISON_CHECK__ABORT(); + void* ret = __umm_malloc(size); + PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0)); + OOM_CHECK__PRINT_OOM(ret, oom_fmt, (int)size); + return ret; } -void* malloc_loc (size_t s, const char* file, int line) +void* ICACHE_RAM_ATTR calloc(size_t count, size_t size) { - void* ret = umm_malloc(s); - if (!ret) - print_loc(s, file, line); + INTEGRITY_CHECK__ABORT(); + POISON_CHECK__ABORT(); + void* ret = __umm_calloc(count, size); + PTR_CHECK__LOG_LAST_FAIL(ret, count * size, __builtin_return_address(0)); + OOM_CHECK__PRINT_OOM(ret, oom_fmt, (int)size); return ret; } -void* calloc_loc (size_t n, size_t s, const char* file, int line) +void* ICACHE_RAM_ATTR realloc(void* ptr, size_t size) { - void* ret = umm_calloc(n, s); - if (!ret) - print_loc(s, file, line); + INTEGRITY_CHECK__ABORT(); + void* ret = __umm_realloc_fl(ptr, size, NULL, 0); + POISON_CHECK__ABORT(); + PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0)); + OOM_CHECK__PRINT_OOM(ret, oom_fmt, (int)size); return ret; } -void* realloc_loc (void* p, size_t s, const char* file, int line) +void ICACHE_RAM_ATTR free(void* p) { - void* ret = umm_realloc(p, s); - if (!ret) - print_loc(s, file, line); - return ret; + INTEGRITY_CHECK__ABORT(); + __umm_free_fl(p, NULL, 0); + POISON_CHECK__ABORT(); } +#endif -#else void* ICACHE_RAM_ATTR pvPortMalloc(size_t size, const char* file, int line) { - (void) file; - (void) line; - return malloc(size); + INTEGRITY_CHECK__PANIC_FL(file, line); + POISON_CHECK__PANIC_FL(file, line); + void* ret = __umm_malloc(size); + PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0)); + OOM_CHECK__PRINT_LOC(ret, size, file, line); + return ret; } void* ICACHE_RAM_ATTR pvPortCalloc(size_t count, size_t size, const char* file, int line) { - (void) file; - (void) line; - return calloc(count, size); + INTEGRITY_CHECK__PANIC_FL(file, line); + POISON_CHECK__PANIC_FL(file, line); + void* ret = __umm_calloc(count, size); + PTR_CHECK__LOG_LAST_FAIL(ret, count * size, __builtin_return_address(0)); + OOM_CHECK__PRINT_LOC(ret, size, file, line); + return ret; } void* ICACHE_RAM_ATTR pvPortRealloc(void *ptr, size_t size, const char* file, int line) { - (void) file; - (void) line; - return realloc(ptr, size); + INTEGRITY_CHECK__PANIC_FL(file, line); + void* ret = __umm_realloc_fl(ptr, size, file, line); + POISON_CHECK__PANIC_FL(file, line); + PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0)); + OOM_CHECK__PRINT_LOC(ret, size, file, line); + return ret; } void* ICACHE_RAM_ATTR pvPortZalloc(size_t size, const char* file, int line) { - (void) file; - (void) line; - return calloc(1, size); + INTEGRITY_CHECK__PANIC_FL(file, line); + POISON_CHECK__PANIC_FL(file, line); + void* ret = __umm_calloc(1, size); + PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0)); + OOM_CHECK__PRINT_LOC(ret, size, file, line); + return ret; } -#endif // !defined(DEBUG_ESP_OOM) - -size_t xPortGetFreeHeapSize(void) +void ICACHE_RAM_ATTR vPortFree(void *ptr, const char* file, int line) { - return umm_free_heap_size(); + INTEGRITY_CHECK__PANIC_FL(file, line); + POISON_CHECK__PANIC_FL(file, line); + __umm_free_fl(ptr, file, line); } size_t ICACHE_RAM_ATTR xPortWantedSizeAlign(size_t size) diff --git a/cores/esp8266/umm_malloc/isr_safe_printf.cpp b/cores/esp8266/umm_malloc/isr_safe_printf.cpp new file mode 100644 index 0000000000..327f366538 --- /dev/null +++ b/cores/esp8266/umm_malloc/isr_safe_printf.cpp @@ -0,0 +1,171 @@ +/* + * isr_safe_printf.cpp - Intended for diagnostic printing from a restricted setting. + * + * Meant to be a print from anywhere and work. There will be more limitations + * than your typical printf function. + * + * Still researching options for printing. + */ + +/* + Printing from the malloc routines is tricky. Since a print library + might call *alloc. Then recusion may follow as each error call may fail + into another error and so on. + + Objective: To be able to print "last gasp" diagnostic messages + when interrupts are disabled and w/o availability of heap resources. + + Considerations: + * can be called from ISR + * can be called from malloc code, cannot use malloc + * can be called from malloc code that was called from an ISR + * can be called from with in a critical section, eg. xt_rsil(15); + * this may be effectively the same as being called from an ISR? + + Knowns: + * ets_printf - For RTOS SDK they replaced this function with one in the SDK. + Most of the problems I can see with ets_printf center around not being + able to maintain a port to thread context. That is you cannot have one + thread using one port while another thread uses the other. In the no OS + case we cannot have one area of code using one port and another area of + code using the other port. Most of the ROM printf functions are not built + to support this kind of usage. Things get especially dangerous when you + try to use the ...external_printf stuff. + * ets_vprintf - by it self is safe. + * newlibc printf - not safe - lives in flash. + * newlibc snprintf - not safe - lives in flash. + * builtin putc1 print function - Is installed when you use + ets_install_uart_printf. Which calls ets_install_putc1. The selection of UART + is performed by calling uart_buff_switch with 0 for UART0 and 1 for UART1. + This should work for our purpose here, if handled as follows: + * call uart_buff_switch at each printf call to reselect UART + * use a stack buffer to hold a copy the PROGMEM string to print from. + * use ets_vprintf for printing with putc1 function. + + Research TODO, Unknowns: + * ets_printf_plus - is it safe? + * check if it uses alloc? the old versions used malloc for PROGMEM, if + that fails, they try to use the stack for PROGMEM. + * confirmed it is in IRAM in SDK! + * Is there a problem with the ROM "serial print functions"? + Rtos SDK does not use them. igrr also didn't use them in ...postmortem. + See "ets_printf" above. + + */ + +#include +#include +#include +#include + +extern "C" { + +#if 1 + + +int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2))); +// Note, _isr_safe_printf_P will not handle additional string arguments in +// PROGMEM. Only the 1st parameter, fmt, is supported in PROGMEM. +#define ISR_PRINTF(fmt, ...) _isr_safe_printf_P(PSTR(fmt), ##__VA_ARGS__) +#define ISR_PRINTF_P(fmt, ...) _isr_safe_printf_P(fmt, ##__VA_ARGS__) + +//D int (*f)(int) ets_install_uart_printf(void); +//D int (*_rom_putc1)(int) = (int (*)(int))0x40001dcc; + +// ROM _putc1, ignores CRs and sends CR/LF for LF, newline. +// Always returns character sent. +typedef int (*fptr_t)(int); +fptr_t ets_install_uart_printf(void); +void uart_buff_switch(uint8_t); + +int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2))); +int ICACHE_RAM_ATTR _isr_safe_printf_P(const char *fmt, ...) { + // This will replace, if any, the UART handler that was installed by uart.cpp + // calls ets_install_putc1. + fptr_t _rom_putc1 = ets_install_uart_printf(); +#ifdef DEBUG_ESP_PORT +#define VALUE(x) __STRINGIFY(x) + // Preprocessor and compiler together will optimize away the if. + if (strcmp("Serial1", VALUE(DEBUG_ESP_PORT)) == 0) { + uart_buff_switch(1U); + } else { + uart_buff_switch(0U); + } +#else + uart_buff_switch(0U); // Side effect, clears RX FIFO +#endif + /* + To use ets_strlen() and ets_memcpy() safely with PROGMEM, flash storage, + the PROGMEM address must be word (4 bytes) aligned. The destination + address for ets_memcpy must also be word-aligned. We also round the + buf_len up to the nearest word boundary. So that all transfers will be + whole words. + */ + size_t str_len = ets_strlen(fmt); + size_t buf_len = (str_len + 1 + 3) & ~0x03U; + char ram_buf[buf_len] __attribute__ ((aligned(4))); + ets_memcpy(ram_buf, fmt, buf_len); + va_list argPtr; + va_start(argPtr, fmt); + int result = ets_vprintf(_rom_putc1, ram_buf, argPtr); + va_end(argPtr); + return result; +} +#endif + +#if 0 +// Alternate print driver + +#ifdef DEBUG_ESP_PORT +#define VALUE(x) __STRINGIFY(x) + +void ICACHE_RAM_ATTR uart_write_char_d(char c) { + // Preprocessor and compiler together will optimize away the if. + if (strcmp("Serial", VALUE(DEBUG_ESP_PORT)) == 0) { + // USS - get uart{0,1} status word + // USTXC - bit offset to TX FIFO count, 8 bit field + // USF - Uart FIFO + // Wait for space for two or more characters. + while (((USS(0) >> USTXC) & 0xff) >= 0x7e) { } + + if (c == '\n') { + USF(0) = '\r'; + } + USF(0) = c; + } else { + while (((USS(1) >> USTXC) & 0xff) >= 0x7e) { } + + if (c == '\n') { + USF(1) = '\r'; + } + USF(1) = c; + } +} +#else // ! DEBUG_ESP_PORT +void ICACHE_RAM_ATTR uart_write_char_d(char c) { + uart0_write_char_d(c); + uart1_write_char_d(c); +} + +void ICACHE_RAM_ATTR uart0_write_char_d(char c) { + while (((USS(0) >> USTXC) & 0xff)) { } + + if (c == '\n') { + USF(0) = '\r'; + } + USF(0) = c; +} + +void ICACHE_RAM_ATTR uart1_write_char_d(char c) { + while (((USS(1) >> USTXC) & 0xff) >= 0x7e) { } + + if (c == '\n') { + USF(1) = '\r'; + } + USF(1) = c; +} +#endif + +#endif + +}; diff --git a/cores/esp8266/umm_malloc/umm_info.c b/cores/esp8266/umm_malloc/umm_info.c index 6868c00e8d..dc19dd189b 100644 --- a/cores/esp8266/umm_malloc/umm_info.c +++ b/cores/esp8266/umm_malloc/umm_info.c @@ -18,11 +18,16 @@ UMM_HEAP_INFO ummHeapInfo; void *umm_info( void *ptr, int force ) { + UMM_CRITICAL_DECL(id_info); unsigned short int blockNo = 0; + if (umm_heap == NULL) { + umm_init(); + } + /* Protect the critical section... */ - UMM_CRITICAL_ENTRY(); + UMM_CRITICAL_ENTRY(id_info); /* * Clear out all of the entries in the ummHeapInfo structure before doing @@ -31,7 +36,7 @@ void *umm_info( void *ptr, int force ) { memset( &ummHeapInfo, 0, sizeof( ummHeapInfo ) ); DBGLOG_FORCE( force, "+----------+-------+--------+--------+-------+--------+--------+\n" ); - DBGLOG_FORCE( force, "|0x%08lx|B %5i|NB %5i|PB %5i|Z %5i|NF %5i|PF %5i|\n", + DBGLOG_FORCE( force, "|0x%08lx|B %5d|NB %5d|PB %5d|Z %5d|NF %5d|PF %5d|\n", (unsigned long)(&UMM_BLOCK(blockNo)), blockNo, UMM_NBLOCK(blockNo) & UMM_BLOCKNO_MASK, @@ -59,12 +64,16 @@ void *umm_info( void *ptr, int force ) { if( UMM_NBLOCK(blockNo) & UMM_FREELIST_MASK ) { ++ummHeapInfo.freeEntries; ummHeapInfo.freeBlocks += curBlocks; + ummHeapInfo.freeSize2 += (unsigned int)curBlocks + * (unsigned int)sizeof(umm_block) + * (unsigned int)curBlocks + * (unsigned int)sizeof(umm_block); if (ummHeapInfo.maxFreeContiguousBlocks < curBlocks) { ummHeapInfo.maxFreeContiguousBlocks = curBlocks; } - DBGLOG_FORCE( force, "|0x%08lx|B %5i|NB %5i|PB %5i|Z %5u|NF %5i|PF %5i|\n", + DBGLOG_FORCE( force, "|0x%08lx|B %5d|NB %5d|PB %5d|Z %5u|NF %5d|PF %5d|\n", (unsigned long)(&UMM_BLOCK(blockNo)), blockNo, UMM_NBLOCK(blockNo) & UMM_BLOCKNO_MASK, @@ -78,7 +87,7 @@ void *umm_info( void *ptr, int force ) { if( ptr == &UMM_BLOCK(blockNo) ) { /* Release the critical section... */ - UMM_CRITICAL_EXIT(); + UMM_CRITICAL_EXIT(id_info); return( ptr ); } @@ -86,7 +95,7 @@ void *umm_info( void *ptr, int force ) { ++ummHeapInfo.usedEntries; ummHeapInfo.usedBlocks += curBlocks; - DBGLOG_FORCE( force, "|0x%08lx|B %5i|NB %5i|PB %5i|Z %5u|\n", + DBGLOG_FORCE( force, "|0x%08lx|B %5d|NB %5d|PB %5d|Z %5u|\n", (unsigned long)(&UMM_BLOCK(blockNo)), blockNo, UMM_NBLOCK(blockNo) & UMM_BLOCKNO_MASK, @@ -112,7 +121,7 @@ void *umm_info( void *ptr, int force ) { } } - DBGLOG_FORCE( force, "|0x%08lx|B %5i|NB %5i|PB %5i|Z %5i|NF %5i|PF %5i|\n", + DBGLOG_FORCE( force, "|0x%08lx|B %5d|NB %5d|PB %5d|Z %5d|NF %5d|PF %5d|\n", (unsigned long)(&UMM_BLOCK(blockNo)), blockNo, UMM_NBLOCK(blockNo) & UMM_BLOCKNO_MASK, @@ -123,30 +132,74 @@ void *umm_info( void *ptr, int force ) { DBGLOG_FORCE( force, "+----------+-------+--------+--------+-------+--------+--------+\n" ); - DBGLOG_FORCE( force, "Total Entries %5i Used Entries %5i Free Entries %5i\n", + DBGLOG_FORCE( force, "Total Entries %5d Used Entries %5d Free Entries %5d\n", ummHeapInfo.totalEntries, ummHeapInfo.usedEntries, ummHeapInfo.freeEntries ); - DBGLOG_FORCE( force, "Total Blocks %5i Used Blocks %5i Free Blocks %5i\n", + DBGLOG_FORCE( force, "Total Blocks %5d Used Blocks %5d Free Blocks %5d\n", ummHeapInfo.totalBlocks, ummHeapInfo.usedBlocks, ummHeapInfo.freeBlocks ); DBGLOG_FORCE( force, "+--------------------------------------------------------------+\n" ); +#ifdef UMM_STATS + if (ummHeapInfo.freeBlocks == ummStats.free_blocks) { + DBGLOG_FORCE( force, "heap info Free blocks and heap statistics Free blocks match.\n"); + } else { + DBGLOG_FORCE( force, "\nheap info Free blocks %5d != heap statistics Free Blocks %5d\n\n", + ummHeapInfo.freeBlocks, + ummStats.free_blocks ); + } + DBGLOG_FORCE( force, "+--------------------------------------------------------------+\n" ); + + DBGLOG_FORCE( force, "umm heap statistics:\n"); + DBGLOG_FORCE( force, " Free Space %5u\n", ummStats.free_blocks * sizeof(umm_block)); +#if defined(UMM_STATS_FULL) + DBGLOG_FORCE( force, " Low Watermark %5u\n", ummStats.free_blocks_min * sizeof(umm_block)); + DBGLOG_FORCE( force, " Low Watermark RSZ %5u\n", ummStats.free_blocks_isr_min * sizeof(umm_block)); + DBGLOG_FORCE( force, " MAX Alloc Request %5u\n", ummStats.alloc_max_size); + DBGLOG_FORCE( force, " OOM Count %5u\n", ummStats.oom_count); +#endif + DBGLOG_FORCE( force, " Size of umm_block %5u\n", sizeof(umm_block)); +#endif + + DBGLOG_FORCE( force, "+--------------------------------------------------------------+\n" ); + /* Release the critical section... */ - UMM_CRITICAL_EXIT(); + UMM_CRITICAL_EXIT(id_info); return( NULL ); } /* ------------------------------------------------------------------------ */ -size_t umm_free_heap_size( void ) { +size_t umm_free_heap_size_info( void ) { umm_info(NULL, 0); return (size_t)ummHeapInfo.freeBlocks * sizeof(umm_block); } +size_t umm_max_block_size( void ) { + umm_info(NULL, 0); + return ummHeapInfo.maxFreeContiguousBlocks * sizeof(umm_block); +} + /* ------------------------------------------------------------------------ */ #endif + +#if defined(UMM_STATS) || defined(UMM_INFO) +size_t umm_block_size( void ) { + return sizeof(umm_block); +} +#endif + +#ifdef UMM_STATS + +UMM_STATISTICS ummStats; + +// Complete call path in IRAM +size_t umm_free_heap_size_lw( void ) { + return (size_t)ummStats.free_blocks * sizeof(umm_block); +} +#endif diff --git a/cores/esp8266/umm_malloc/umm_integrity.c b/cores/esp8266/umm_malloc/umm_integrity.c index 27dad7f52e..71460bee1f 100644 --- a/cores/esp8266/umm_malloc/umm_integrity.c +++ b/cores/esp8266/umm_malloc/umm_integrity.c @@ -23,6 +23,7 @@ * chain. */ int umm_integrity_check(void) { + UMM_CRITICAL_DECL(id_integrity); int ok = 1; unsigned short int prev; unsigned short int cur; @@ -33,12 +34,13 @@ int umm_integrity_check(void) { /* Iterate through all free blocks */ prev = 0; + UMM_CRITICAL_ENTRY(id_integrity); while(1) { cur = UMM_NFREE(prev); /* Check that next free block number is valid */ if (cur >= UMM_NUMBLOCKS) { - printf("heap integrity broken: too large next free num: %d " + DBGLOG_FUNCTION("heap integrity broken: too large next free num: %d " "(in block %d, addr 0x%lx)\n", cur, prev, (unsigned long)&UMM_NBLOCK(prev)); ok = 0; @@ -51,7 +53,7 @@ int umm_integrity_check(void) { /* Check if prev free block number matches */ if (UMM_PFREE(cur) != prev) { - printf("heap integrity broken: free links don't match: " + DBGLOG_FUNCTION("heap integrity broken: free links don't match: " "%d -> %d, but %d -> %d\n", prev, cur, cur, UMM_PFREE(cur)); ok = 0; @@ -70,7 +72,7 @@ int umm_integrity_check(void) { /* Check that next block number is valid */ if (cur >= UMM_NUMBLOCKS) { - printf("heap integrity broken: too large next block num: %d " + DBGLOG_FUNCTION("heap integrity broken: too large next block num: %d " "(in block %d, addr 0x%lx)\n", cur, prev, (unsigned long)&UMM_NBLOCK(prev)); ok = 0; @@ -85,7 +87,7 @@ int umm_integrity_check(void) { if ((UMM_NBLOCK(cur) & UMM_FREELIST_MASK) != (UMM_PBLOCK(cur) & UMM_FREELIST_MASK)) { - printf("heap integrity broken: mask wrong at addr 0x%lx: n=0x%x, p=0x%x\n", + DBGLOG_FUNCTION("heap integrity broken: mask wrong at addr 0x%lx: n=0x%x, p=0x%x\n", (unsigned long)&UMM_NBLOCK(cur), (UMM_NBLOCK(cur) & UMM_FREELIST_MASK), (UMM_PBLOCK(cur) & UMM_FREELIST_MASK) @@ -96,7 +98,7 @@ int umm_integrity_check(void) { /* make sure the block list is sequential */ if (cur <= prev ) { - printf("heap integrity broken: next block %d is before prev this one " + DBGLOG_FUNCTION("heap integrity broken: next block %d is before prev this one " "(in block %d, addr 0x%lx)\n", cur, prev, (unsigned long)&UMM_NBLOCK(prev)); ok = 0; @@ -108,7 +110,7 @@ int umm_integrity_check(void) { /* Check if prev block number matches */ if (UMM_PBLOCK(cur) != prev) { - printf("heap integrity broken: block links don't match: " + DBGLOG_FUNCTION("heap integrity broken: block links don't match: " "%d -> %d, but %d -> %d\n", prev, cur, cur, UMM_PBLOCK(cur)); ok = 0; @@ -119,6 +121,7 @@ int umm_integrity_check(void) { } clean: + UMM_CRITICAL_EXIT(id_integrity); if (!ok){ UMM_HEAP_CORRUPTION_CB(); } @@ -127,6 +130,3 @@ int umm_integrity_check(void) { #endif /* }}} */ - - - diff --git a/cores/esp8266/umm_malloc/umm_local.c b/cores/esp8266/umm_malloc/umm_local.c new file mode 100644 index 0000000000..82dc7dc96a --- /dev/null +++ b/cores/esp8266/umm_malloc/umm_local.c @@ -0,0 +1,90 @@ +/* + * Local Additions/Enhancements + * + */ +#if defined(UMM_CRITICAL_METRICS) +/* + * umm_malloc performance measurments for critical sections + */ +UMM_TIME_STATS time_stats = { + {0xFFFFFFFF, 0U, 0U, 0U}, + {0xFFFFFFFF, 0U, 0U, 0U}, + {0xFFFFFFFF, 0U, 0U, 0U}, +#ifdef UMM_INFO + {0xFFFFFFFF, 0U, 0U, 0U}, +#endif +#ifdef UMM_POISON_CHECK + {0xFFFFFFFF, 0U, 0U, 0U}, +#endif +#ifdef UMM_INTEGRITY_CHECK + {0xFFFFFFFF, 0U, 0U, 0U}, +#endif + {0xFFFFFFFF, 0U, 0U, 0U} }; + +bool ICACHE_FLASH_ATTR get_umm_get_perf_data(UMM_TIME_STATS *p, size_t size) +{ + UMM_CRITICAL_DECL(id_no_tag, true); + if (p && sizeof(time_stats) == size) + { + UMM_CRITICAL_ENTRY(id_no_tag); + memcpy(p, &time_stats, size); + UMM_CRITICAL_EXIT(id_no_tag); + return true; + } + return false; +} +#endif + +#if defined(UMM_POISON_CHECK) +// Alternate functions from upstream +int umm_poison_check_result; + +/* ------------------------------------------------------------------------ */ + +void *umm_poison_realloc_fl(void *ptr, size_t size, const char* file, int line) +{ + void *ret; + + umm_poison_check_result = 1; + ptr = get_unpoisoned(ptr); + if (!umm_poison_check_result) + { + if (file) + __panic_func(file, line, ""); + else + abort(); + } + + size += poison_size(size); + ret = umm_realloc(ptr, size); + + ret = get_poisoned(ret, size); + + return ret; +} + +/* ------------------------------------------------------------------------ */ + +void umm_poison_free_fl(void *ptr, const char* file, int line) +{ + umm_poison_check_result = 1; + ptr = get_unpoisoned(ptr); + if (!umm_poison_check_result) + { + if (file) + __panic_func(file, line, ""); + else + abort(); + } + + umm_free(ptr); +} +#endif + +#if defined(UMM_STATS) || defined(UMM_STATS_FULL) +size_t umm_free_heap_size( void ) __attribute__ ((alias("umm_free_heap_size_lw"))); +size_t xPortGetFreeHeapSize(void) __attribute__ ((alias("umm_free_heap_size_lw"))); +#elif defined(UMM_INFO) +size_t umm_free_heap_size( void ) __attribute__ ((alias("umm_free_heap_size_info"))); +size_t xPortGetFreeHeapSize(void) __attribute__ ((alias("umm_free_heap_size_info"))); +#endif diff --git a/cores/esp8266/umm_malloc/umm_local.h b/cores/esp8266/umm_malloc/umm_local.h new file mode 100644 index 0000000000..299418da00 --- /dev/null +++ b/cores/esp8266/umm_malloc/umm_local.h @@ -0,0 +1,17 @@ +#ifndef _UMM_LOCAL_H +#define _UMM_LOCAL_H +/* + * A home for local items exclusive to umm_malloc.c and not to be shared in + * umm_malloc_cfg.h. And, not for upstream version. + * + */ +#if defined(DEBUG_ESP_OOM) || defined(UMM_CHECK_POISON) || defined(UMM_POISON_CHECK_LITE) || defined(UMM_INTEGRITY_CHECK) +#else + +#define umm_malloc(s) malloc(s) +#define umm_calloc(n,s) calloc(n,s) +#define umm_realloc(p,s) realloc(p,s) +#define umm_free(p) free(p) +#endif + +#endif diff --git a/cores/esp8266/umm_malloc/umm_malloc.c b/cores/esp8266/umm_malloc/umm_malloc.c index 9faec2afc1..3256c54c0a 100644 --- a/cores/esp8266/umm_malloc/umm_malloc.c +++ b/cores/esp8266/umm_malloc/umm_malloc.c @@ -27,6 +27,12 @@ * ---------------------------------------------------------------------------- */ +/* + * This guards against Arduino IDE build dependencies from compiling the .c + * directly, outside of umm_malloc.cpp. + */ +#if defined(UMM_MALLOC_C) + #include #include @@ -36,10 +42,14 @@ /* Use the default DBGLOG_LEVEL and DBGLOG_FUNCTION */ +#ifndef DBGLOG_LEVEL #define DBGLOG_LEVEL 0 +#endif #include "dbglog/dbglog.h" +#include "umm_local.h" // target-dependent supplemental + /* ------------------------------------------------------------------------- */ UMM_H_ATTPACKPRE typedef struct umm_ptr_t { @@ -89,6 +99,7 @@ unsigned short int umm_numblocks = 0; #include "umm_integrity.c" #include "umm_poison.c" #include "umm_info.c" +#include "umm_local.c" // target-dependent supplemental features /* ------------------------------------------------------------------------ */ @@ -205,6 +216,15 @@ void umm_init( void ) { /* index of the latest `umm_block` */ const unsigned short int block_last = UMM_NUMBLOCKS - 1; +#ifdef UMM_STATS + /* init ummStats.free_blocks */ +#if defined(UMM_STATS_FULL) + ummStats.free_blocks_min = + ummStats.free_blocks_isr_min = +#endif + ummStats.free_blocks = block_last; +#endif + /* setup the 0th `umm_block`, which just points to the 1st */ UMM_NBLOCK(block_0th) = block_1th; UMM_NFREE(block_0th) = block_1th; @@ -249,6 +269,7 @@ void umm_init( void ) { /* ------------------------------------------------------------------------ */ void umm_free( void *ptr ) { + UMM_CRITICAL_DECL(id_free); unsigned short int c; @@ -269,14 +290,17 @@ void umm_free( void *ptr ) { * on the free list! */ - /* Protect the critical section... */ - UMM_CRITICAL_ENTRY(); - /* Figure out which block we're in. Note the use of truncated division... */ c = (((char *)ptr)-(char *)(&(umm_heap[0])))/sizeof(umm_block); - DBGLOG_DEBUG( "Freeing block %6i\n", c ); + DBGLOG_DEBUG( "Freeing block %6d\n", c ); + + /* Protect the critical section... */ + UMM_CRITICAL_ENTRY(id_free); + + /* Update stats Free Block count */ + STATS__FREE_BLOCKS_UPDATE(UMM_NBLOCK(c) - c); /* Now let's assimilate this block with the next one if possible. */ @@ -306,12 +330,14 @@ void umm_free( void *ptr ) { } /* Release the critical section... */ - UMM_CRITICAL_EXIT(); + UMM_CRITICAL_EXIT(id_free); } /* ------------------------------------------------------------------------ */ void *umm_malloc( size_t size ) { + UMM_CRITICAL_DECL(id_malloc); + unsigned short int blocks; unsigned short int blockSize = 0; @@ -337,11 +363,13 @@ void *umm_malloc( size_t size ) { return( (void *)NULL ); } - /* Protect the critical section... */ - UMM_CRITICAL_ENTRY(); + STATS__ALLOC_REQUEST(id_malloc, size); blocks = umm_blocks( size ); + /* Protect the critical section... */ + UMM_CRITICAL_ENTRY(id_malloc); + /* * Now we can scan through the free list until we find a space that's big * enough to hold the number of blocks we need. @@ -358,7 +386,7 @@ void *umm_malloc( size_t size ) { while( cf ) { blockSize = (UMM_NBLOCK(cf) & UMM_BLOCKNO_MASK) - cf; - DBGLOG_TRACE( "Looking at block %6i size %6i\n", cf, blockSize ); + DBGLOG_TRACE( "Looking at block %6d size %6d\n", cf, blockSize ); #if defined UMM_BEST_FIT if( (blockSize >= blocks) && (blockSize < bestSize) ) { @@ -391,7 +419,7 @@ void *umm_malloc( size_t size ) { if( blockSize == blocks ) { /* It's an exact fit and we don't neet to split off a block. */ - DBGLOG_DEBUG( "Allocating %6i blocks starting at %6i - exact\n", blocks, cf ); + DBGLOG_DEBUG( "Allocating %6d blocks starting at %6d - exact\n", blocks, cf ); /* Disconnect this block from the FREE list */ @@ -399,7 +427,7 @@ void *umm_malloc( size_t size ) { } else { /* It's not an exact fit and we need to split off a block. */ - DBGLOG_DEBUG( "Allocating %6i blocks starting at %6i - existing\n", blocks, cf ); + DBGLOG_DEBUG( "Allocating %6d blocks starting at %6d - existing\n", blocks, cf ); /* * split current free block `cf` into two blocks. The first one will be @@ -422,19 +450,23 @@ void *umm_malloc( size_t size ) { UMM_PFREE( UMM_NFREE(cf) ) = cf + blocks; UMM_NFREE( cf + blocks ) = UMM_NFREE(cf); } + + STATS__FREE_BLOCKS_UPDATE( -blocks ); + STATS__FREE_BLOCKS_MIN(); } else { /* Out of memory */ + STATS__OOM_UPDATE(); - DBGLOG_DEBUG( "Can't allocate %5i blocks\n", blocks ); + DBGLOG_DEBUG( "Can't allocate %5d blocks\n", blocks ); /* Release the critical section... */ - UMM_CRITICAL_EXIT(); + UMM_CRITICAL_EXIT(id_malloc); return( (void *)NULL ); } /* Release the critical section... */ - UMM_CRITICAL_EXIT(); + UMM_CRITICAL_EXIT(id_malloc); return( (void *)&UMM_DATA(cf) ); } @@ -442,6 +474,7 @@ void *umm_malloc( size_t size ) { /* ------------------------------------------------------------------------ */ void *umm_realloc( void *ptr, size_t size ) { + UMM_CRITICAL_DECL(id_realloc); unsigned short int blocks; unsigned short int blockSize; @@ -484,6 +517,8 @@ void *umm_realloc( void *ptr, size_t size ) { return( (void *)NULL ); } + STATS__ALLOC_REQUEST(id_realloc, size); + /* * Otherwise we need to actually do a reallocation. A naiive approach * would be to malloc() a new block of the correct size, copy the old data @@ -508,7 +543,7 @@ void *umm_realloc( void *ptr, size_t size ) { curSize = (blockSize*sizeof(umm_block))-(sizeof(((umm_block *)0)->header)); /* Protect the critical section... */ - UMM_CRITICAL_ENTRY(); + UMM_CRITICAL_ENTRY(id_realloc); /* Now figure out if the previous and/or next blocks are free as well as * their sizes - this will help us to minimize special code later when we @@ -526,8 +561,9 @@ void *umm_realloc( void *ptr, size_t size ) { prevBlockSize = (c - UMM_PBLOCK(c)); } - DBGLOG_DEBUG( "realloc blocks %i blockSize %i nextBlockSize %i prevBlockSize %i\n", blocks, blockSize, nextBlockSize, prevBlockSize ); + DBGLOG_DEBUG( "realloc blocks %d blockSize %d nextBlockSize %d prevBlockSize %d\n", blocks, blockSize, nextBlockSize, prevBlockSize ); +#if defined(UMM_REALLOC_MINIMIZE_COPY) /* * Ok, now that we're here we know how many blocks we want and the current * blockSize. The prevBlockSize and nextBlockSize are set and we can figure @@ -551,55 +587,176 @@ void *umm_realloc( void *ptr, size_t size ) { * was not exact, then split the memory block so that we use only the requested * number of blocks and add what's left to the free list. */ - if (blockSize >= blocks) { DBGLOG_DEBUG( "realloc the same or smaller size block - %i, do nothing\n", blocks ); /* This space intentionally left blank */ } else if ((blockSize + nextBlockSize) >= blocks) { DBGLOG_DEBUG( "realloc using next block - %i\n", blocks ); umm_assimilate_up( c ); + STATS__FREE_BLOCKS_UPDATE( - nextBlockSize ); blockSize += nextBlockSize; } else if ((prevBlockSize + blockSize) >= blocks) { DBGLOG_DEBUG( "realloc using prev block - %i\n", blocks ); umm_disconnect_from_free_list( UMM_PBLOCK(c) ); c = umm_assimilate_down(c, 0); + STATS__FREE_BLOCKS_UPDATE( - prevBlockSize ); + STATS__FREE_BLOCKS_ISR_MIN(); + blockSize += prevBlockSize; + UMM_CRITICAL_SUSPEND(id_realloc); memmove( (void *)&UMM_DATA(c), ptr, curSize ); ptr = (void *)&UMM_DATA(c); - blockSize += prevBlockSize; + UMM_CRITICAL_RESUME(id_realloc); } else if ((prevBlockSize + blockSize + nextBlockSize) >= blocks) { - DBGLOG_DEBUG( "realloc using prev and next block - %i\n", blocks ); + DBGLOG_DEBUG( "realloc using prev and next block - %d\n", blocks ); umm_assimilate_up( c ); umm_disconnect_from_free_list( UMM_PBLOCK(c) ); c = umm_assimilate_down(c, 0); + STATS__FREE_BLOCKS_UPDATE( - prevBlockSize - nextBlockSize ); +#ifdef UMM_LIGHTWEIGHT_CPU + if ((prevBlockSize + blockSize + nextBlockSize) > blocks) { + umm_split_block( c, blocks, 0 ); + umm_free( (void *)&UMM_DATA(c+blocks) ); + } + STATS__FREE_BLOCKS_ISR_MIN(); + blockSize = blocks; +#else + blockSize += (prevBlockSize + nextBlockSize); +#endif + UMM_CRITICAL_SUSPEND(id_realloc); memmove( (void *)&UMM_DATA(c), ptr, curSize ); ptr = (void *)&UMM_DATA(c); - blockSize += (prevBlockSize + nextBlockSize); + UMM_CRITICAL_RESUME(id_realloc); } else { + UMM_CRITICAL_SUSPEND(id_realloc); DBGLOG_DEBUG( "realloc a completely new block %i\n", blocks ); void *oldptr = ptr; if( (ptr = umm_malloc( size )) ) { DBGLOG_DEBUG( "realloc %i to a bigger block %i, copy, and free the old\n", blockSize, blocks ); memcpy( ptr, oldptr, curSize ); umm_free( oldptr ); + blockSize = blocks; + UMM_CRITICAL_RESUME(id_realloc); } else { DBGLOG_DEBUG( "realloc %i to a bigger block %i failed - return NULL and leave the old block!\n", blockSize, blocks ); /* This space intentionally left blnk */ + UMM_CRITICAL_RESUME(id_realloc); + STATS__OOM_UPDATE(); } - blockSize = blocks; } - +#elif defined(UMM_REALLOC_DEFRAG) + /* + * Ok, now that we're here we know how many blocks we want and the current + * blockSize. The prevBlockSize and nextBlockSize are set and we can figure + * out the best strategy for the new allocation. The following strategy is + * focused on defragging the heap: + * + * 1. If the new block is the same size or smaller than the current block do + * nothing. + * 2. If the prev is free and adding it to the current and next block + * gives us enough memory, proceed, note that next block may not be + * available. + * a. Remove the previous block from the free list, assimilate it. + * b. If new block gives enough memory, copy to the new block. + * c. Else assimilate the next block, copy to the new block. + * 3. If the next block is free and adding it to the current block gives us + * enough memory, assimilate the next block. + * 4. Otherwise try to allocate an entirely new block of memory. If the + * allocation works free the old block and return the new pointer. If + * the allocation fails, return NULL and leave the old block intact. + * + * All that's left to do is decide if the fit was exact or not. If the fit + * was not exact, then split the memory block so that we use only the + * requested number of blocks and add what's left to the free list. + */ + if (blockSize >= blocks) { // 1 + DBGLOG_DEBUG( "realloc the same or smaller size block - %d, do nothing\n", blocks ); + /* This space intentionally left blank */ + } else if (prevBlockSize && (prevBlockSize + blockSize + nextBlockSize) >= blocks) { // 2 + umm_disconnect_from_free_list( UMM_PBLOCK(c) ); + c = umm_assimilate_down(c, 0); + STATS__FREE_BLOCKS_UPDATE( - prevBlockSize ); + blockSize += prevBlockSize; + if (blockSize >= blocks) { + DBGLOG_DEBUG( "realloc using prev block - %d\n", blocks ); + STATS__FREE_BLOCKS_ISR_MIN(); + } else { + DBGLOG_DEBUG( "realloc using prev and next block - %d\n", blocks ); + umm_assimilate_up( c ); + STATS__FREE_BLOCKS_UPDATE( - nextBlockSize ); + blockSize += nextBlockSize; +#ifdef UMM_LIGHTWEIGHT_CPU + if (blockSize > blocks) { + umm_split_block( c, blocks, 0 ); + umm_free( (void *)&UMM_DATA(c+blocks) ); + } + STATS__FREE_BLOCKS_ISR_MIN(); + blockSize = blocks; +#endif + } + UMM_CRITICAL_SUSPEND(id_realloc); + memmove( (void *)&UMM_DATA(c), ptr, curSize ); + ptr = (void *)&UMM_DATA(c); + UMM_CRITICAL_RESUME(id_realloc); + } else if ((blockSize + nextBlockSize) >= blocks) { // 3 + DBGLOG_DEBUG( "realloc using next block - %d\n", blocks ); + umm_assimilate_up( c ); + STATS__FREE_BLOCKS_UPDATE(-nextBlockSize); + blockSize += nextBlockSize; + } else { // 4 + UMM_CRITICAL_SUSPEND(id_realloc); + DBGLOG_DEBUG( "realloc a completely new block %d\n", blocks ); + void *oldptr = ptr; + if( (ptr = umm_malloc( size )) ) { + DBGLOG_DEBUG( "realloc %d to a bigger block %d, copy, and free the old\n", blockSize, blocks ); + memcpy( ptr, oldptr, curSize ); + umm_free( oldptr); + blockSize = blocks; + UMM_CRITICAL_RESUME(id_realloc); + } else { + DBGLOG_DEBUG( "realloc %d to a bigger block %d failed - return NULL and leave the old block!\n", blockSize, blocks ); + /* This space intentionally left blnk */ + UMM_CRITICAL_RESUME(id_realloc); + STATS__OOM_UPDATE(); + } + } +#else +#warning "Neither UMM_REALLOC_DEFRAG nor UMM_REALLOC_MINIMIZE_COPY is defined - check umm_malloc_cfg.h" + /* An always copy just for comparison */ + if (blockSize >= blocks) { + DBGLOG_DEBUG( "realloc the same or smaller size block - %d, do nothing\n", blocks ); + /* This space intentionally left blank */ + } else { + UMM_CRITICAL_SUSPEND(id_realloc); + DBGLOG_DEBUG( "realloc a completely new block %d\n", blocks ); + void *oldptr = ptr; + if( (ptr = umm_malloc( size )) ) { + DBGLOG_DEBUG( "realloc %d to a bigger block %d, copy, and free the old\n", blockSize, blocks ); + memcpy( ptr, oldptr, curSize ); + umm_free( oldptr ); + blockSize = blocks; + UMM_CRITICAL_RESUME(id_realloc); + } else { + DBGLOG_DEBUG( "realloc %d to a bigger block %d failed - return NULL and leave the old block!\n", blockSize, blocks ); + /* This space intentionally left blnk */ + UMM_CRITICAL_RESUME(id_realloc); + STATS__OOM_UPDATE(); + } + } +#endif /* Now all we need to do is figure out if the block fit exactly or if we * need to split and free ... */ if (blockSize > blocks ) { - DBGLOG_DEBUG( "split and free %i blocks from %i\n", blocks, blockSize ); + DBGLOG_DEBUG( "split and free %d blocks from %d\n", blocks, blockSize ); umm_split_block( c, blocks, 0 ); umm_free( (void *)&UMM_DATA(c+blocks) ); } + STATS__FREE_BLOCKS_MIN(); + /* Release the critical section... */ - UMM_CRITICAL_EXIT(); + UMM_CRITICAL_EXIT(id_realloc); return( ptr ); } @@ -618,4 +775,4 @@ void *umm_calloc( size_t num, size_t item_size ) { } /* ------------------------------------------------------------------------ */ - +#endif diff --git a/cores/esp8266/umm_malloc/umm_malloc.cpp b/cores/esp8266/umm_malloc/umm_malloc.cpp new file mode 100644 index 0000000000..dcc0ee5d6c --- /dev/null +++ b/cores/esp8266/umm_malloc/umm_malloc.cpp @@ -0,0 +1,99 @@ +/* + * Itemized changes started July 22, 2019 + * AUG 1, 2019 compiles with OOM, UMM_POISON_CHECK, and appears to be working. + * + * local changes for upstream umm_malloc: + * + * In malloc.c + * Added `#if defined(...)` to cover all of umm_malloc.c. + * Suround DBGLOG_LEVEL with #ifndef... Now defined value in umm_malloc_cfg.h + * + * umm_free() - moved critical section to start after safe calculations. + * + * umm_malloc() - moved critical section to start after umm_blocks() + * computations are based on contants that don't change, calling + * argument excepted. + * + * umm_realloc() - Added UMM_CRITICAL_SUSPEND()/UMM_CRITICAL_RESUME() for + * when lightweight locks are available. eg. sti/cli. Single threaded + * single CPU case. + * + * umm_realloc() - appears to have been refactored to minimize memmove + * and memcpy. The old version would always combine an adjacent block in the + * direction of the start of the heap when available and do a memmove. This + * had a defragging effect. This appears to have been replaced with an + * attempt to minimize copy when possible. + * + * Added heap stats tracking. + * + * + * In umm_info.c + * umm_info() - Added UMM_CRITICAL_DECL(id_info), updated critical sections + * with tag. + * Carried forward: Added NULL ptr check at beginning (umm_malloc.c). - Mar 8, 2016 + * + * + * In umm_poison.c: + * Resolved C++ compiler error reported on get_poisoned(), and + * get_unpoisoned(). They now take in void * arg instead of unsigned char *. + * + * In umm_integrity.c: + * Replaced printf with DBGLOG_FUNCTION. This needs to be a malloc free + * function and ISR safe. + * Add critical sections. + * + * In umm_malloc_cfg.h: + * Added macro UMM_CRITICAL_SUSPEND()/UMM_CRITICAL_RESUME() + * + * + * Globally change across all files %i to %d: umm_info.c, umm_malloc.c, + * + * + * Notes, + * + * umm_integrity_check() is called by macro INTEGRITY_CHECK which returns 1 + * on success. No corruption. Does a time consuming scan of the whole heap. It + * will call UMM_HEAP_CORRUPTION_CB if an error is found. + * + * umm_poison_check(), formerly known as check_poison_all_blocks(), + * is called by macro POISON_CHECK which returns 1 on success. No corruption. + * Does a time consuming scan of all active allocations for modified poison. + * It does *NOT* call UMM_HEAP_CORRUPTION_CB if an error is found. + * The option description says it does! + * + * umm_poison_realloc() and umm_poison_free() no longer call the macro + * UMM_HEAP_CORRUPTION_CB on poison error. Just a printf message is generated. + * ? What do we want to do here? I have added code for detecting the error + * and generating a panic; however, it creates more minor upstream changes. + * I am not sure what behavior you want? + * + * For upstream umm_malloc "# define POISON_CHECK() 0" should have been 1 + * add to list to report. + */ +/* + * Current Deltas from the old umm_malloc + * + * umm_posion check for a given *alloc - failure no longer panics. + * option to run full poison check at each *alloc call, not present + * option to run full interity check at each *alloc call, not present + * upstream code does not call panic from poison_check_block. + * + */ + + +extern "C" { + +#define UMM_MALLOC_C + +#if 1 +#undef memcpy +#undef memmove +#undef memset +#define memcpy ets_memcpy +#define memmove ets_memmove +#define memset ets_memset +#endif + +#include "umm_malloc.c" + +}; diff --git a/cores/esp8266/umm_malloc/umm_malloc.h b/cores/esp8266/umm_malloc/umm_malloc.h index 33fd307afc..725ab5eee4 100644 --- a/cores/esp8266/umm_malloc/umm_malloc.h +++ b/cores/esp8266/umm_malloc/umm_malloc.h @@ -10,12 +10,22 @@ /* ------------------------------------------------------------------------ */ +//C This include is not in upstream nether are the #ifdef __cplusplus +#include "umm_malloc_cfg.h" /* user-dependent */ + +#ifdef __cplusplus +extern "C" { +#endif + void umm_init( void ); void *umm_malloc( size_t size ); void *umm_calloc( size_t num, size_t size ); void *umm_realloc( void *ptr, size_t size ); void umm_free( void *ptr ); +#ifdef __cplusplus +} +#endif /* ------------------------------------------------------------------------ */ diff --git a/cores/esp8266/umm_malloc/umm_malloc_cfg.h b/cores/esp8266/umm_malloc/umm_malloc_cfg.h index 6a5a7fc80b..041d2ebacd 100644 --- a/cores/esp8266/umm_malloc/umm_malloc_cfg.h +++ b/cores/esp8266/umm_malloc/umm_malloc_cfg.h @@ -1,10 +1,26 @@ /* - * Configuration for umm_malloc + * Configuration for umm_malloc - target Arduino ESP8266 core + * + * Changes specific to a target platform go here. + * */ #ifndef _UMM_MALLOC_CFG_H #define _UMM_MALLOC_CFG_H +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +#include +#include +#include + +#include "c_types.h" + /* * There are a number of defines you can set at compile time that affect how * the memory allocator will operate. @@ -39,11 +55,25 @@ * ---------------------------------------------------------------------------- */ -extern char test_umm_heap[]; +///////////////////////////////////////////////// +#undef DBGLOG_FUNCTION +#undef DBGLOG_FUNCTION_P +#if 1 +int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2))); +// Note, _isr_safe_printf_P will not handle additional string arguments in +// PROGMEM. Only the 1st parameter, fmt, is supported in PROGMEM. +#define DBGLOG_FUNCTION(fmt, ...) _isr_safe_printf_P(PSTR(fmt), ##__VA_ARGS__) +#define DBGLOG_FUNCTION_P(fmt, ...) _isr_safe_printf_P(fmt, ##__VA_ARGS__) +#else +#define DBGLOG_FUNCTION(fmt, ...) printf(PSTR(fmt), ##__VA_ARGS__) +#define DBGLOG_FUNCTION_P(fmt, ...) printf_P(fmt, ##__VA_ARGS__) +#endif +///////////////////////////////////////////////// /* Start addresses and the size of the heap */ -#define UMM_MALLOC_CFG_HEAP_ADDR (test_umm_heap) -#define UMM_MALLOC_CFG_HEAP_SIZE 0x10000 +extern char _heap_start[]; +#define UMM_MALLOC_CFG_HEAP_ADDR ((uint32_t)&_heap_start[0]) +#define UMM_MALLOC_CFG_HEAP_SIZE ((size_t)(0x3fffc000 - UMM_MALLOC_CFG_HEAP_ADDR)) /* A couple of macros to make packing structures less compiler dependent */ @@ -74,17 +104,193 @@ extern char test_umm_heap[]; unsigned short int freeBlocks; unsigned short int maxFreeContiguousBlocks; + + unsigned int freeSize2; } UMM_HEAP_INFO; extern UMM_HEAP_INFO ummHeapInfo; - void *umm_info( void *ptr, int force ); - size_t umm_free_heap_size( void ); + void ICACHE_FLASH_ATTR *umm_info( void *ptr, int force ); + size_t ICACHE_FLASH_ATTR umm_free_heap_size_info( void ); + size_t ICACHE_FLASH_ATTR umm_max_block_size( void ); + size_t ICACHE_FLASH_ATTR umm_block_size( void ); #else #endif +/* + * -D UMM_STATS : + * + * This option provides a lightweight alternative to using `umm_info` just for + * getting `umm_free_heap_size`. With this option, a "free blocks" value is + * updated on each call to malloc/free/realloc. This option does not offer all + * the information that `umm_info` would have generated. + * + * This option is good for cases where the free heap is checked frequently. An + * example is when an app closely monitors free heap to detect memory leaks. In + * this case a single-core CPUs interrupt processing would have suffered the + * most. + */ +/* +#define UMM_STATS_FULL + */ + #define UMM_STATS + +#ifdef UMM_STATS + +typedef struct UMM_STATISTICS_t { + unsigned short int free_blocks; +#ifdef UMM_STATS_FULL + unsigned short int free_blocks_min; + unsigned short int free_blocks_isr_min; + size_t alloc_max_size; + size_t id_malloc_count; + size_t id_realloc_count; + size_t oom_count; +#endif +} +UMM_STATISTICS; +extern UMM_STATISTICS ummStats; + +size_t umm_free_heap_size_lw( void ); + +#define STATS__FREE_BLOCKS_UPDATE(s) ummStats.free_blocks += (s) + +#ifdef UMM_STATS_FULL +#define STATS__FREE_BLOCKS_MIN() \ + if (ummStats.free_blocks < ummStats.free_blocks_min) \ + ummStats.free_blocks_min = ummStats.free_blocks + +static inline size_t ICACHE_FLASH_ATTR umm_free_heap_size_lw_min( void ) { + return (size_t)ummStats.free_blocks_min * umm_block_size(); +} + +static inline size_t ICACHE_FLASH_ATTR umm_free_heap_size_min_reset( void ) { + ummStats.free_blocks_min = ummStats.free_blocks; + return (size_t)ummStats.free_blocks_min * umm_block_size(); +} + +static inline size_t ICACHE_FLASH_ATTR umm_free_heap_size_min( void ) { + return ummStats.free_blocks_min * umm_block_size(); +} + +static inline size_t ICACHE_FLASH_ATTR umm_free_heap_size_isr_min( void ) { + return ummStats.free_blocks_isr_min * umm_block_size(); +} + +static inline size_t ICACHE_FLASH_ATTR umm_get_max_alloc_size( void ) { + return ummStats.alloc_max_size; +} + +static inline size_t ICACHE_FLASH_ATTR umm_get_malloc_count( void ) { + return ummStats.id_malloc_count; +} + +static inline size_t ICACHE_FLASH_ATTR umm_get_realloc_count( void ) { + return ummStats.id_realloc_count; +} + +static inline size_t ICACHE_FLASH_ATTR umm_get_oom_count( void ) { + return ummStats.oom_count; +} + +//C TODO: Needs a new name. ISR is too specific to our use. For upstream +//C needs to indicate it is related to a temporary low, created during a +//C realloc that includes memmove/copy. +#define STATS__FREE_BLOCKS_ISR_MIN() \ + if (ummStats.free_blocks < ummStats.free_blocks_isr_min) \ + ummStats.free_blocks_isr_min = ummStats.free_blocks + +#define STATS__ALLOC_REQUEST(tag, s) \ +{ \ + ummStats.tag##_count += 1; \ + if (ummStats.alloc_max_size < s) \ + ummStats.alloc_max_size = s; \ +} + +#define STATS__OOM_UPDATE() ummStats.oom_count += 1 +#endif + +#else // ! UMM_STATS +#define STATS__FREE_BLOCKS_UPDATE(s) (void)(s) +#endif + +#if !defined(UMM_STATS_FULL) +#define STATS__FREE_BLOCKS_MIN() (void)0 +#define STATS__FREE_BLOCKS_ISR_MIN() (void)0 +#define STATS__ALLOC_REQUEST(tag, s) (void)(s) +#define STATS__OOM_UPDATE() (void)0 +#endif + +#if defined(UMM_STATS) || defined(UMM_STATS_FULL) || defined(UMM_INFO) +size_t umm_free_heap_size( void ); +#endif + +/* + Per Devyte, the core currently doesn't support masking a specific interrupt + level. That doesn't mean it can't be implemented, only that at this time + locking is implemented as all or nothing. + https://github.com/esp8266/Arduino/issues/6246#issuecomment-508612609 + + So for now we default to all, 15. + */ +#ifndef DEFAULT_CRITICAL_SECTION_INTLEVEL +#define DEFAULT_CRITICAL_SECTION_INTLEVEL 15 +#endif + +/* + * -D UMM_CRITICAL_METRICS + * + * Build option to collect timing usage data on critical section usage in + * functions: info, malloc, realloc. Collects MIN, MAX, and number of time IRQs + * were disabled at request time. Note, for realloc MAX disabled time will not + * include the time from calling malloc and/or free when UMM_LIGHTWEIGHT_CPU is + * defined. Examine code for specifics on what info is available and how to + * access. +*/ +/* +#define UMM_CRITICAL_METRICS + */ + +#if defined(UMM_CRITICAL_METRICS) +// This option adds support for gathering time locked data + +typedef struct UMM_TIME_STAT_t { + uint32_t min; + uint32_t max; + uint32_t start; + uint32_t intlevel; +} +UMM_TIME_STAT; + +typedef struct UMM_TIME_STATS_t UMM_TIME_STATS; + +extern UMM_TIME_STATS time_stats; + +bool get_umm_get_perf_data(UMM_TIME_STATS *p, size_t size); + +static inline void _critical_entry(UMM_TIME_STAT *p, uint32_t *saved_ps) { + *saved_ps = xt_rsil(DEFAULT_CRITICAL_SECTION_INTLEVEL); + if (0U != (*saved_ps & 0x0FU)) { + p->intlevel += 1U; + } + + p->start = esp_get_cycle_count(); +} + +static inline void _critical_exit(UMM_TIME_STAT *p, uint32_t *saved_ps) { + uint32_t elapse = esp_get_cycle_count() - p->start; + if (elapse < p->min) + p->min = elapse; + + if (elapse > p->max) + p->max = elapse; + + xt_wsr_ps(*saved_ps); +} +#endif + /* * A couple of macros to make it easier to protect the memory allocator * in a multitasking system. You should set these macros up to use whatever @@ -95,8 +301,66 @@ extern char test_umm_heap[]; * called from within umm_malloc() */ -#define UMM_CRITICAL_ENTRY() -#define UMM_CRITICAL_EXIT() +#if defined(UMM_CRITICAL_METRICS) +#define UMM_CRITICAL_DECL(tag) uint32_t _saved_ps_##tag +#define UMM_CRITICAL_ENTRY(tag)_critical_entry(&time_stats.tag, &_saved_ps_##tag) +#define UMM_CRITICAL_EXIT(tag) _critical_exit(&time_stats.tag, &_saved_ps_##tag) + +#else // ! UMM_CRITICAL_METRICS + // This method preserves the intlevel on entry and restores the + // original intlevel at exit. +#define UMM_CRITICAL_DECL(tag) uint32_t _saved_ps_##tag +#define UMM_CRITICAL_ENTRY(tag) _saved_ps_##tag = xt_rsil(DEFAULT_CRITICAL_SECTION_INTLEVEL) +#define UMM_CRITICAL_EXIT(tag) xt_wsr_ps(_saved_ps_##tag) +#endif + + /* + * -D UMM_LIGHTWEIGHT_CPU + * + * The use of this macro is hardware/application specific. + * + * With some CPUs, the only available method for locking are the instructions + * for interrupts disable/enable. These macros are meant for lightweight single + * CPU systems that are sensitive to interrupts being turned off for too long. A + * typically UMM_CRITICAL_ENTRY would save current IRQ state then disable IRQs. + * Then UMM_CRITICAL_EXIT would restore previous IRQ state. This option adds + * additional critical entry/exit points by the method of defining the macros + * UMM_CRITICAL_SUSPEND and UMM_CRITICAL_RESUME to the values of + * UMM_CRITICAL_EXIT and UMM_CRITICAL_ENTRY. These additional exit/entries + * allow time to service interrupts during the reentrant sections of the code. + * Also, using these macros will relieve the nesting requirement. + * + * These macros should probably not be used on multicore CPUs. Hardware locking + * methods sometimes carry higher overhead and may not be suitable for frequent + * calling. + */ +/* + */ +#define UMM_LIGHTWEIGHT_CPU + +#ifdef UMM_LIGHTWEIGHT_CPU +#define UMM_CRITICAL_SUSPEND(tag) UMM_CRITICAL_EXIT(tag) +#define UMM_CRITICAL_RESUME(tag) UMM_CRITICAL_ENTRY(tag) +#define UMM_NEED_LOCK_LW_CPU true +#else +#define UMM_CRITICAL_SUSPEND(tag) do {} while(0) +#define UMM_CRITICAL_RESUME(tag) do {} while(0) +#define UMM_NEED_LOCK_LW_CPU true +#endif + +/* + * -D UMM_REALLOC_MINIMIZE_COPY or + * -D UMM_REALLOC_DEFRAG + * + * Pick one of these two stratagies. UMM_REALLOC_MINIMIZE_COPY grows upward or + * shrinks an allocation, avoiding copy when possible. UMM_REALLOC_DEFRAG gives + * priority with growing the revised allocation toward the beginning of the heap + * when possible. + */ +/* +#define UMM_REALLOC_MINIMIZE_COPY +*/ +#define UMM_REALLOC_DEFRAG /* * -D UMM_INTEGRITY_CHECK : @@ -112,19 +376,65 @@ extern char test_umm_heap[]; * for corruption. */ +/* + * Not normally enabled. Full intergity check may exceed 10us. + */ +/* #define UMM_INTEGRITY_CHECK + */ #ifdef UMM_INTEGRITY_CHECK int umm_integrity_check( void ); # define INTEGRITY_CHECK() umm_integrity_check() extern void umm_corruption(void); -# define UMM_HEAP_CORRUPTION_CB() printf( "Heap Corruption!" ) +# define UMM_HEAP_CORRUPTION_CB() DBGLOG_FUNCTION( "Heap Corruption!" ) #else # define INTEGRITY_CHECK() 0 #endif + +///////////////////////////////////////////////// + +#if defined(DEBUG_ESP_PORT) || defined(DEBUG_ESP_CORE) +#define UMM_POISON_CHECK + +// less agressive checking, checks at realloc and free only. +#define UMM_POISON_CHECK_LITE +// Note, UMM_POISON is deprecated +#define UMM_POISON +#endif + +#if defined(UMM_POISON_CHECK) || defined(UMM_INTEGRITY_CHECK) || defined(UMM_POISON_CHECK_LITE) +#if !defined(DBGLOG_LEVEL) || DBGLOG_LEVEL < 3 +// All debug prints in UMM_POISON_CHECK are level 3 +#undef DBGLOG_LEVEL +#define DBGLOG_LEVEL 3 +#endif +#endif + + +#if defined(UMM_CRITICAL_METRICS) +struct UMM_TIME_STATS_t { + UMM_TIME_STAT id_malloc; + UMM_TIME_STAT id_realloc; + UMM_TIME_STAT id_free; +#ifdef UMM_INFO + UMM_TIME_STAT id_info; +#endif +#ifdef UMM_POISON_CHECK + UMM_TIME_STAT id_poison; +#endif +#ifdef UMM_INTEGRITY_CHECK + UMM_TIME_STAT id_integrity; +#endif + UMM_TIME_STAT id_no_tag; +}; +#endif +///////////////////////////////////////////////// + /* - * -D UMM_POISON : + * -D UMM_POISON_CHECK : + * -D UMM_POISON_CHECK_LITE * * Enables heap poisoning: add predefined value (poison) before and after each * allocation, and check before each heap operation that no poison is @@ -149,23 +459,141 @@ extern char test_umm_heap[]; * * If poison corruption is detected, the message is printed and user-provided * callback is called: `UMM_HEAP_CORRUPTION_CB()` + * + * UMM_POISON_CHECK - does a global heap check on all active allocation at + * every alloc API call. May exceed 10us due to critical section with IRQs + * disabled. + * + * UMM_POISON_CHECK_LITE - only checks the allocation presented at realloc() + * and free(). + * */ +/* + * Compatibility for deprecated UMM_POISON + */ +#if defined(UMM_POISON) && !defined(UMM_POISON_CHECK) +#define UMM_POISON_CHECK_LITE +#endif + +#if defined(DEBUG_ESP_PORT) || defined(DEBUG_ESP_CORE) +#if !defined(UMM_POISON_CHECK) && !defined(UMM_POISON_CHECK_LITE) +/* #define UMM_POISON_CHECK + */ + #define UMM_POISON_CHECK_LITE +#endif +#endif #define UMM_POISON_SIZE_BEFORE 4 #define UMM_POISON_SIZE_AFTER 4 -#define UMM_POISONED_BLOCK_LEN_TYPE short +#define UMM_POISONED_BLOCK_LEN_TYPE uint32_t -#ifdef UMM_POISON_CHECK +#if defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) void *umm_poison_malloc( size_t size ); void *umm_poison_calloc( size_t num, size_t size ); void *umm_poison_realloc( void *ptr, size_t size ); void umm_poison_free( void *ptr ); int umm_poison_check( void ); -# define POISON_CHECK() umm_poison_check() + // Local Additions to better report location in code of the caller. + void *umm_poison_realloc_fl( void *ptr, size_t size, const char* file, int line ); + void umm_poison_free_fl( void *ptr, const char* file, int line ); + extern int umm_poison_check_result; + // UMM_HEAP_CORRUPTION_CB was missing for umm_poison... + // TODO: recheck this assertion and find when. + // Introduced new CB specific for umm_poison +# define UMM_HEAP_POISON_CB() umm_poison_check_result = 0 + #if defined(UMM_POISON_CHECK_LITE) + /* + * We can safely do individual poison checks at free and realloc and stay + * under 10us or close. + */ + # define POISON_CHECK() 1 + #else + /* Not normally enabled. A full heap poison check may exceed 10us. */ + # define POISON_CHECK() umm_poison_check() + #endif #else -# define POISON_CHECK() 0 +# define POISON_CHECK() 1 +# define UMM_HEAP_POISON_CB() do{}while(0) +#endif + + + +// #define UMM_HEAP_CORRUPTION_CB() panic() + +///////////////////////////////////////////////// +#ifdef DEBUG_ESP_OOM + +#define MEMLEAK_DEBUG + +// umm_*alloc are not renamed to *alloc +// Assumes umm_malloc.h has already been included. + +#define umm_zalloc(s) umm_calloc(1,s) + +void* malloc_loc (size_t s, const char* file, int line); +void* calloc_loc (size_t n, size_t s, const char* file, int line); +void* realloc_loc (void* p, size_t s, const char* file, int line); +// *alloc are macro calling *alloc_loc calling+checking umm_*alloc() +// they are defined at the bottom of this file + +///////////////////////////////////////////////// + +#elif defined(UMM_POISON_CHECK) +void* realloc_loc (void* p, size_t s, const char* file, int line); +void free_loc (void* p, const char* file, int line); +#else // !defined(ESP_DEBUG_OOM) +#endif + +#ifdef __cplusplus +} #endif #endif /* _UMM_MALLOC_CFG_H */ + +#ifdef DEBUG_ESP_OOM +// this must be outside from "#ifndef _UMM_MALLOC_CFG_H" +// because Arduino.h's does #undef *alloc +// Arduino.h recall us to redefine them +#include +// Reuse pvPort* calls, since they already support passing location information. +extern "C" { +void* ICACHE_RAM_ATTR pvPortMalloc(size_t size, const char* file, int line); +void* ICACHE_RAM_ATTR pvPortCalloc(size_t count, size_t size, const char* file, int line); +void* ICACHE_RAM_ATTR pvPortRealloc(void *ptr, size_t size, const char* file, int line); +void* ICACHE_RAM_ATTR pvPortZalloc(size_t size, const char* file, int line); +void ICACHE_RAM_ATTR vPortFree(void *ptr, const char* file, int line); +}; +#define malloc(s) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; pvPortMalloc(s, mem_debug_file, __LINE__); }) +#define calloc(n,s) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; pvPortCalloc(n, s, mem_debug_file, __LINE__); }) +#define realloc(p,s) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; pvPortRealloc(p, s, mem_debug_file, __LINE__); }) + #if defined(UMM_POISON_CHECK) + #if 0 + #define free(p) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; vPortFree(p, mem_debug_file, __LINE__); }) + #endif + #endif + +#elif defined(UMM_POISON_CHECK) +#include +extern "C" { +void* ICACHE_RAM_ATTR pvPortRealloc(void *ptr, size_t size, const char* file, int line); +void ICACHE_RAM_ATTR vPortFree(void *ptr, const char* file, int line); +}; +#define realloc(p,s) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; pvPortRealloc(p, s, mem_debug_file, __LINE__); }) +#if 0 +//C +/* + Problem, I would like to report the file and line number with the umm poison + event as close as possible to the event. The #define method works for malloc, + calloc, and realloc those names are not as generic as free. A #define free + captures too much. Classes with methods called free are included :( + Inline functions would report the address of the inline function in the .h + not where they are called. + + Anybody know a trick to make this work? +*/ +#define free(p) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; vPortFree(p, mem_debug_file, __LINE__); }) +#endif + +#endif /* DEBUG_ESP_OOM */ diff --git a/cores/esp8266/umm_malloc/umm_performance.h b/cores/esp8266/umm_malloc/umm_performance.h new file mode 100644 index 0000000000..dfd0b2db69 --- /dev/null +++ b/cores/esp8266/umm_malloc/umm_performance.h @@ -0,0 +1,23 @@ +/* + * umm_malloc performance measurments and ESP specifics + * + * Features rejected by upstream umm_malloc will move here from + * umm_malloc_cfg.h. Respective code will move to umm_local.c when possible. + * + */ + +#ifndef _UMM_PERFORMANCE_H +#define _UMM_PERFORMANCE_H + +#ifdef __cplusplus +extern "C" { +#endif + + + + +#ifdef __cplusplus +} +#endif + +#endif /* _UMM_PERFORMANCE_H */ diff --git a/cores/esp8266/umm_malloc/umm_poison.c b/cores/esp8266/umm_malloc/umm_poison.c index 141c381621..5379b2c24d 100644 --- a/cores/esp8266/umm_malloc/umm_poison.c +++ b/cores/esp8266/umm_malloc/umm_poison.c @@ -95,7 +95,9 @@ static int check_poison_block( umm_block *pblock ) { * * `size_w_poison` is a size of the whole block, including a poison. */ -static void *get_poisoned( unsigned char *ptr, size_t size_w_poison ) { +static void *get_poisoned( void *v_ptr, size_t size_w_poison ) { + unsigned char *ptr = (unsigned char *)v_ptr; + if (size_w_poison != 0 && ptr != NULL) { /* Poison beginning and the end of the allocated chunk */ @@ -108,10 +110,10 @@ static void *get_poisoned( unsigned char *ptr, size_t size_w_poison ) { *(UMM_POISONED_BLOCK_LEN_TYPE *)ptr = (UMM_POISONED_BLOCK_LEN_TYPE)size_w_poison; /* Return pointer at the first non-poisoned byte */ - return ptr + sizeof(UMM_POISONED_BLOCK_LEN_TYPE) + UMM_POISON_SIZE_BEFORE; - } else { - return ptr; + ptr += sizeof(UMM_POISONED_BLOCK_LEN_TYPE) + UMM_POISON_SIZE_BEFORE; } + + return (void *)ptr; } /* @@ -120,7 +122,9 @@ static void *get_poisoned( unsigned char *ptr, size_t size_w_poison ) { * * Returns unpoisoned pointer, i.e. actual pointer to the allocated memory. */ -static void *get_unpoisoned( unsigned char *ptr ) { +static void *get_unpoisoned( void *v_ptr ) { + unsigned char *ptr = (unsigned char *)v_ptr; + if (ptr != NULL) { unsigned short int c; @@ -129,10 +133,12 @@ static void *get_unpoisoned( unsigned char *ptr ) { /* Figure out which block we're in. Note the use of truncated division... */ c = (((char *)ptr)-(char *)(&(umm_heap[0])))/sizeof(umm_block); - check_poison_block(&UMM_BLOCK(c)); + if (!check_poison_block(&UMM_BLOCK(c))) { + UMM_HEAP_POISON_CB(); + } } - return ptr; + return (void *)ptr; } /* }}} */ @@ -160,7 +166,7 @@ void *umm_poison_calloc( size_t num, size_t item_size ) { size += poison_size(size); ret = umm_malloc(size); - + if (NULL != ret) memset(ret, 0x00, size); @@ -199,13 +205,16 @@ void umm_poison_free( void *ptr ) { */ int umm_poison_check(void) { + UMM_CRITICAL_DECL(id_poison); int ok = 1; unsigned short int cur; - + if (umm_heap == NULL) { umm_init(); } + UMM_CRITICAL_ENTRY(id_poison); + /* Now iterate through the blocks list */ cur = UMM_NBLOCK(0) & UMM_BLOCKNO_MASK; @@ -220,11 +229,11 @@ int umm_poison_check(void) { cur = UMM_NBLOCK(cur) & UMM_BLOCKNO_MASK; } + UMM_CRITICAL_EXIT(id_poison); return ok; } - + /* ------------------------------------------------------------------------ */ #endif - From d7363e01cc6cc883a1e535c5c1884e946ba08443 Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Fri, 23 Aug 2019 14:52:30 -0700 Subject: [PATCH 03/27] Resoved Travis CI - issue --- cores/esp8266/umm_malloc/umm_malloc_cfg.h | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/cores/esp8266/umm_malloc/umm_malloc_cfg.h b/cores/esp8266/umm_malloc/umm_malloc_cfg.h index 041d2ebacd..97370b270a 100644 --- a/cores/esp8266/umm_malloc/umm_malloc_cfg.h +++ b/cores/esp8266/umm_malloc/umm_malloc_cfg.h @@ -552,19 +552,20 @@ void free_loc (void* p, const char* file, int line); #endif /* _UMM_MALLOC_CFG_H */ +#ifdef __cplusplus +extern "C" { +#endif #ifdef DEBUG_ESP_OOM // this must be outside from "#ifndef _UMM_MALLOC_CFG_H" // because Arduino.h's does #undef *alloc // Arduino.h recall us to redefine them #include // Reuse pvPort* calls, since they already support passing location information. -extern "C" { void* ICACHE_RAM_ATTR pvPortMalloc(size_t size, const char* file, int line); void* ICACHE_RAM_ATTR pvPortCalloc(size_t count, size_t size, const char* file, int line); void* ICACHE_RAM_ATTR pvPortRealloc(void *ptr, size_t size, const char* file, int line); void* ICACHE_RAM_ATTR pvPortZalloc(size_t size, const char* file, int line); void ICACHE_RAM_ATTR vPortFree(void *ptr, const char* file, int line); -}; #define malloc(s) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; pvPortMalloc(s, mem_debug_file, __LINE__); }) #define calloc(n,s) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; pvPortCalloc(n, s, mem_debug_file, __LINE__); }) #define realloc(p,s) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; pvPortRealloc(p, s, mem_debug_file, __LINE__); }) @@ -576,10 +577,10 @@ void ICACHE_RAM_ATTR vPortFree(void *ptr, const char* file, int line); #elif defined(UMM_POISON_CHECK) #include -extern "C" { + void* ICACHE_RAM_ATTR pvPortRealloc(void *ptr, size_t size, const char* file, int line); void ICACHE_RAM_ATTR vPortFree(void *ptr, const char* file, int line); -}; + #define realloc(p,s) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; pvPortRealloc(p, s, mem_debug_file, __LINE__); }) #if 0 //C @@ -597,3 +598,7 @@ void ICACHE_RAM_ATTR vPortFree(void *ptr, const char* file, int line); #endif #endif /* DEBUG_ESP_OOM */ + +#ifdef __cplusplus +} +#endif From 57b65abfedf6559868ee7fa9c8533a32e7ca2a44 Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Tue, 27 Aug 2019 10:13:23 -0700 Subject: [PATCH 04/27] Corrected #ifdef's for UMM_STATS/UMM_STATS_FULL --- cores/esp8266/umm_malloc/umm_info.c | 8 ++-- cores/esp8266/umm_malloc/umm_malloc.c | 2 +- cores/esp8266/umm_malloc/umm_malloc_cfg.h | 50 ++++++++++++----------- 3 files changed, 31 insertions(+), 29 deletions(-) diff --git a/cores/esp8266/umm_malloc/umm_info.c b/cores/esp8266/umm_malloc/umm_info.c index dc19dd189b..1a0a4815dc 100644 --- a/cores/esp8266/umm_malloc/umm_info.c +++ b/cores/esp8266/umm_malloc/umm_info.c @@ -144,7 +144,7 @@ void *umm_info( void *ptr, int force ) { DBGLOG_FORCE( force, "+--------------------------------------------------------------+\n" ); -#ifdef UMM_STATS +#if defined(UMM_STATS) || defined(UMM_STATS_FULL) if (ummHeapInfo.freeBlocks == ummStats.free_blocks) { DBGLOG_FORCE( force, "heap info Free blocks and heap statistics Free blocks match.\n"); } else { @@ -158,14 +158,14 @@ void *umm_info( void *ptr, int force ) { DBGLOG_FORCE( force, " Free Space %5u\n", ummStats.free_blocks * sizeof(umm_block)); #if defined(UMM_STATS_FULL) DBGLOG_FORCE( force, " Low Watermark %5u\n", ummStats.free_blocks_min * sizeof(umm_block)); - DBGLOG_FORCE( force, " Low Watermark RSZ %5u\n", ummStats.free_blocks_isr_min * sizeof(umm_block)); + DBGLOG_FORCE( force, " Low Watermark ISR %5u\n", ummStats.free_blocks_isr_min * sizeof(umm_block)); DBGLOG_FORCE( force, " MAX Alloc Request %5u\n", ummStats.alloc_max_size); DBGLOG_FORCE( force, " OOM Count %5u\n", ummStats.oom_count); #endif DBGLOG_FORCE( force, " Size of umm_block %5u\n", sizeof(umm_block)); + DBGLOG_FORCE( force, "+--------------------------------------------------------------+\n" ); #endif - DBGLOG_FORCE( force, "+--------------------------------------------------------------+\n" ); /* Release the critical section... */ UMM_CRITICAL_EXIT(id_info); @@ -194,7 +194,7 @@ size_t umm_block_size( void ) { } #endif -#ifdef UMM_STATS +#if defined(UMM_STATS) || defined(UMM_STATS_FULL) UMM_STATISTICS ummStats; diff --git a/cores/esp8266/umm_malloc/umm_malloc.c b/cores/esp8266/umm_malloc/umm_malloc.c index 3256c54c0a..15d67de9bd 100644 --- a/cores/esp8266/umm_malloc/umm_malloc.c +++ b/cores/esp8266/umm_malloc/umm_malloc.c @@ -216,8 +216,8 @@ void umm_init( void ) { /* index of the latest `umm_block` */ const unsigned short int block_last = UMM_NUMBLOCKS - 1; -#ifdef UMM_STATS /* init ummStats.free_blocks */ +#if defined(UMM_STATS) || defined(UMM_STATS_FULL) #if defined(UMM_STATS_FULL) ummStats.free_blocks_min = ummStats.free_blocks_isr_min = diff --git a/cores/esp8266/umm_malloc/umm_malloc_cfg.h b/cores/esp8266/umm_malloc/umm_malloc_cfg.h index 97370b270a..0d555e83c2 100644 --- a/cores/esp8266/umm_malloc/umm_malloc_cfg.h +++ b/cores/esp8266/umm_malloc/umm_malloc_cfg.h @@ -133,11 +133,14 @@ extern char _heap_start[]; * most. */ /* -#define UMM_STATS_FULL */ #define UMM_STATS -#ifdef UMM_STATS +#ifdef DEBUG_ESP_PORT +#define UMM_STATS_FULL +#endif + +#if defined(UMM_STATS) || defined(UMM_STATS_FULL) typedef struct UMM_STATISTICS_t { unsigned short int free_blocks; @@ -157,11 +160,31 @@ size_t umm_free_heap_size_lw( void ); #define STATS__FREE_BLOCKS_UPDATE(s) ummStats.free_blocks += (s) +#else // not UMM_STATS or UMM_STATS_FULL +#define STATS__FREE_BLOCKS_UPDATE(s) (void)(s) +#endif + #ifdef UMM_STATS_FULL #define STATS__FREE_BLOCKS_MIN() \ if (ummStats.free_blocks < ummStats.free_blocks_min) \ ummStats.free_blocks_min = ummStats.free_blocks +//C TODO: Needs a new name. ISR is too specific to our use. For upstream +//C needs to indicate it is related to a temporary low, created during a +//C realloc that includes memmove/copy. +#define STATS__FREE_BLOCKS_ISR_MIN() \ + if (ummStats.free_blocks < ummStats.free_blocks_isr_min) \ + ummStats.free_blocks_isr_min = ummStats.free_blocks + +#define STATS__ALLOC_REQUEST(tag, s) \ +{ \ + ummStats.tag##_count += 1; \ + if (ummStats.alloc_max_size < s) \ + ummStats.alloc_max_size = s; \ +} + +#define STATS__OOM_UPDATE() ummStats.oom_count += 1 + static inline size_t ICACHE_FLASH_ATTR umm_free_heap_size_lw_min( void ) { return (size_t)ummStats.free_blocks_min * umm_block_size(); } @@ -195,28 +218,7 @@ static inline size_t ICACHE_FLASH_ATTR umm_get_oom_count( void ) { return ummStats.oom_count; } -//C TODO: Needs a new name. ISR is too specific to our use. For upstream -//C needs to indicate it is related to a temporary low, created during a -//C realloc that includes memmove/copy. -#define STATS__FREE_BLOCKS_ISR_MIN() \ - if (ummStats.free_blocks < ummStats.free_blocks_isr_min) \ - ummStats.free_blocks_isr_min = ummStats.free_blocks - -#define STATS__ALLOC_REQUEST(tag, s) \ -{ \ - ummStats.tag##_count += 1; \ - if (ummStats.alloc_max_size < s) \ - ummStats.alloc_max_size = s; \ -} - -#define STATS__OOM_UPDATE() ummStats.oom_count += 1 -#endif - -#else // ! UMM_STATS -#define STATS__FREE_BLOCKS_UPDATE(s) (void)(s) -#endif - -#if !defined(UMM_STATS_FULL) +#else // Not UMM_STATS_FULL #define STATS__FREE_BLOCKS_MIN() (void)0 #define STATS__FREE_BLOCKS_ISR_MIN() (void)0 #define STATS__ALLOC_REQUEST(tag, s) (void)(s) From 71b10fdbf33982b55d9bec0eb21eea4397d9b3c9 Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Tue, 3 Sep 2019 15:09:07 -0700 Subject: [PATCH 05/27] Corrected UMM_REALLOC_DEFRAG option to be more like the original umm_realloc. Updated some comments and changed method of defining _rom_putc1. --- cores/esp8266/umm_malloc/isr_safe_printf.cpp | 24 +++++++++++--------- cores/esp8266/umm_malloc/umm_malloc.c | 21 +++++++++-------- 2 files changed, 24 insertions(+), 21 deletions(-) diff --git a/cores/esp8266/umm_malloc/isr_safe_printf.cpp b/cores/esp8266/umm_malloc/isr_safe_printf.cpp index 327f366538..2e6c517d1a 100644 --- a/cores/esp8266/umm_malloc/isr_safe_printf.cpp +++ b/cores/esp8266/umm_malloc/isr_safe_printf.cpp @@ -31,7 +31,7 @@ code using the other port. Most of the ROM printf functions are not built to support this kind of usage. Things get especially dangerous when you try to use the ...external_printf stuff. - * ets_vprintf - by it self is safe. + * ets_vprintf - by itself is safe. * newlibc printf - not safe - lives in flash. * newlibc snprintf - not safe - lives in flash. * builtin putc1 print function - Is installed when you use @@ -41,12 +41,16 @@ * call uart_buff_switch at each printf call to reselect UART * use a stack buffer to hold a copy the PROGMEM string to print from. * use ets_vprintf for printing with putc1 function. + * os_printf_plus looks interesting. It is in IRAM. If no heap is available it + will use up to 64 bytes of stack space to copy a PROGMEM fmt for printing. + Issues: + * Printing is turned off by system_set_os_print + * putc1 needs to be in IRAM - this is a uart.cpp issue + * Need to force system_get_free_heap_size to return 0 during critical periods. + * won't work for umm_info it prints over 64 characters. + * along with umm_info there are other debug messages that exceed 64 characters. Research TODO, Unknowns: - * ets_printf_plus - is it safe? - * check if it uses alloc? the old versions used malloc for PROGMEM, if - that fails, they try to use the stack for PROGMEM. - * confirmed it is in IRAM in SDK! * Is there a problem with the ROM "serial print functions"? Rtos SDK does not use them. igrr also didn't use them in ...postmortem. See "ets_printf" above. @@ -72,17 +76,15 @@ int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2) //D int (*f)(int) ets_install_uart_printf(void); //D int (*_rom_putc1)(int) = (int (*)(int))0x40001dcc; -// ROM _putc1, ignores CRs and sends CR/LF for LF, newline. +// Boot ROM _putc1, ignores CRs and sends CR/LF for LF, newline. // Always returns character sent. -typedef int (*fptr_t)(int); -fptr_t ets_install_uart_printf(void); +typedef int (*fp_putc_t)(int); +#define _rom_putc1 ((fp_putc_t)0x40001dcc) + void uart_buff_switch(uint8_t); int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2))); int ICACHE_RAM_ATTR _isr_safe_printf_P(const char *fmt, ...) { - // This will replace, if any, the UART handler that was installed by uart.cpp - // calls ets_install_putc1. - fptr_t _rom_putc1 = ets_install_uart_printf(); #ifdef DEBUG_ESP_PORT #define VALUE(x) __STRINGIFY(x) // Preprocessor and compiler together will optimize away the if. diff --git a/cores/esp8266/umm_malloc/umm_malloc.c b/cores/esp8266/umm_malloc/umm_malloc.c index 15d67de9bd..9bff3ad737 100644 --- a/cores/esp8266/umm_malloc/umm_malloc.c +++ b/cores/esp8266/umm_malloc/umm_malloc.c @@ -650,14 +650,15 @@ void *umm_realloc( void *ptr, size_t size ) { * out the best strategy for the new allocation. The following strategy is * focused on defragging the heap: * - * 1. If the new block is the same size or smaller than the current block do - * nothing. - * 2. If the prev is free and adding it to the current and next block - * gives us enough memory, proceed, note that next block may not be - * available. + * 1. If the prev is free and adding it to the current, or current and next + * block, gives us enough memory, proceed. Note, that next block may not + * be available. * a. Remove the previous block from the free list, assimilate it. - * b. If new block gives enough memory, copy to the new block. + * b. If this new block gives enough memory, copy to the new block. + * Note, this includes the case of same size or smaller block. * c. Else assimilate the next block, copy to the new block. + * 2. If the new block is the same size or smaller than the current block do + * nothing. * 3. If the next block is free and adding it to the current block gives us * enough memory, assimilate the next block. * 4. Otherwise try to allocate an entirely new block of memory. If the @@ -668,10 +669,7 @@ void *umm_realloc( void *ptr, size_t size ) { * was not exact, then split the memory block so that we use only the * requested number of blocks and add what's left to the free list. */ - if (blockSize >= blocks) { // 1 - DBGLOG_DEBUG( "realloc the same or smaller size block - %d, do nothing\n", blocks ); - /* This space intentionally left blank */ - } else if (prevBlockSize && (prevBlockSize + blockSize + nextBlockSize) >= blocks) { // 2 + if (prevBlockSize && (prevBlockSize + blockSize + nextBlockSize) >= blocks) { // 1 umm_disconnect_from_free_list( UMM_PBLOCK(c) ); c = umm_assimilate_down(c, 0); STATS__FREE_BLOCKS_UPDATE( - prevBlockSize ); @@ -697,6 +695,9 @@ void *umm_realloc( void *ptr, size_t size ) { memmove( (void *)&UMM_DATA(c), ptr, curSize ); ptr = (void *)&UMM_DATA(c); UMM_CRITICAL_RESUME(id_realloc); + } else if (blockSize >= blocks) { // 2 + DBGLOG_DEBUG( "realloc the same or smaller size block - %d, do nothing\n", blocks ); + /* This space intentionally left blank */ } else if ((blockSize + nextBlockSize) >= blocks) { // 3 DBGLOG_DEBUG( "realloc using next block - %d\n", blocks ); umm_assimilate_up( c ); From 79fe67f1d1a82604cd08b2abb3806bf185050187 Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Wed, 4 Sep 2019 18:59:31 -0700 Subject: [PATCH 06/27] Updated UMM_POISON_CHECK_LITE - Expanded the poison check on the current allocation to include its nearest allocated neighbors in the heap. That is to say, if the nearest neighbor is free, then the next one over is checked. And this is done in both directions. umm_malloc() will also checks the neighbors of the selected allocation before use. Merged umm_malloc.c into umm_malloc.cpp. Added additional stats for debug build. On going comment cleanup. Removed #if 0 block from isr_safe_printf. Corrected mistyped UMM_POISON_CHECK UMM_CHECK_POISON. Corrected other conditional build issues. --- cores/esp8266/heap.cpp | 2 +- cores/esp8266/umm_malloc/isr_safe_printf.cpp | 64 +- cores/esp8266/umm_malloc/umm_local.c | 118 ++- cores/esp8266/umm_malloc/umm_local.h | 14 +- cores/esp8266/umm_malloc/umm_malloc.c | 779 -------------- cores/esp8266/umm_malloc/umm_malloc.cpp | 955 ++++++++++++++++-- cores/esp8266/umm_malloc/umm_malloc_cfg.h | 178 ++-- .../umm_malloc/umm_malloc_cfg_example.h | 176 ---- cores/esp8266/umm_malloc/umm_poison.c | 6 +- 9 files changed, 1092 insertions(+), 1200 deletions(-) delete mode 100644 cores/esp8266/umm_malloc/umm_malloc.c delete mode 100644 cores/esp8266/umm_malloc/umm_malloc_cfg_example.h diff --git a/cores/esp8266/heap.cpp b/cores/esp8266/heap.cpp index 05fe25740b..a9d4845d05 100644 --- a/cores/esp8266/heap.cpp +++ b/cores/esp8266/heap.cpp @@ -149,7 +149,7 @@ void ICACHE_RAM_ATTR print_loc(size_t size, const char* file, int line) #define OOM_CHECK__PRINT_LOC(p, s, f, l) #endif -#if defined(DEBUG_ESP_OOM) || defined(UMM_CHECK_POISON) || defined(UMM_POISON_CHECK_LITE) || defined(UMM_INTEGRITY_CHECK) +#if defined(DEBUG_ESP_OOM) || defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) || defined(UMM_INTEGRITY_CHECK) void* ICACHE_RAM_ATTR malloc(size_t size) { diff --git a/cores/esp8266/umm_malloc/isr_safe_printf.cpp b/cores/esp8266/umm_malloc/isr_safe_printf.cpp index 2e6c517d1a..9ca573f2d3 100644 --- a/cores/esp8266/umm_malloc/isr_safe_printf.cpp +++ b/cores/esp8266/umm_malloc/isr_safe_printf.cpp @@ -64,18 +64,15 @@ extern "C" { +//C This #if 1 changes once the best print option from ISR is determined. #if 1 - int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2))); // Note, _isr_safe_printf_P will not handle additional string arguments in // PROGMEM. Only the 1st parameter, fmt, is supported in PROGMEM. #define ISR_PRINTF(fmt, ...) _isr_safe_printf_P(PSTR(fmt), ##__VA_ARGS__) #define ISR_PRINTF_P(fmt, ...) _isr_safe_printf_P(fmt, ##__VA_ARGS__) -//D int (*f)(int) ets_install_uart_printf(void); -//D int (*_rom_putc1)(int) = (int (*)(int))0x40001dcc; - // Boot ROM _putc1, ignores CRs and sends CR/LF for LF, newline. // Always returns character sent. typedef int (*fp_putc_t)(int); @@ -85,6 +82,8 @@ void uart_buff_switch(uint8_t); int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2))); int ICACHE_RAM_ATTR _isr_safe_printf_P(const char *fmt, ...) { + +//C This #ifdef block is obsolete if the PR for ets_putc UART selection is approved. #ifdef DEBUG_ESP_PORT #define VALUE(x) __STRINGIFY(x) // Preprocessor and compiler together will optimize away the if. @@ -96,6 +95,8 @@ int ICACHE_RAM_ATTR _isr_safe_printf_P(const char *fmt, ...) { #else uart_buff_switch(0U); // Side effect, clears RX FIFO #endif +//C - end + /* To use ets_strlen() and ets_memcpy() safely with PROGMEM, flash storage, the PROGMEM address must be word (4 bytes) aligned. The destination @@ -115,59 +116,4 @@ int ICACHE_RAM_ATTR _isr_safe_printf_P(const char *fmt, ...) { } #endif -#if 0 -// Alternate print driver - -#ifdef DEBUG_ESP_PORT -#define VALUE(x) __STRINGIFY(x) - -void ICACHE_RAM_ATTR uart_write_char_d(char c) { - // Preprocessor and compiler together will optimize away the if. - if (strcmp("Serial", VALUE(DEBUG_ESP_PORT)) == 0) { - // USS - get uart{0,1} status word - // USTXC - bit offset to TX FIFO count, 8 bit field - // USF - Uart FIFO - // Wait for space for two or more characters. - while (((USS(0) >> USTXC) & 0xff) >= 0x7e) { } - - if (c == '\n') { - USF(0) = '\r'; - } - USF(0) = c; - } else { - while (((USS(1) >> USTXC) & 0xff) >= 0x7e) { } - - if (c == '\n') { - USF(1) = '\r'; - } - USF(1) = c; - } -} -#else // ! DEBUG_ESP_PORT -void ICACHE_RAM_ATTR uart_write_char_d(char c) { - uart0_write_char_d(c); - uart1_write_char_d(c); -} - -void ICACHE_RAM_ATTR uart0_write_char_d(char c) { - while (((USS(0) >> USTXC) & 0xff)) { } - - if (c == '\n') { - USF(0) = '\r'; - } - USF(0) = c; -} - -void ICACHE_RAM_ATTR uart1_write_char_d(char c) { - while (((USS(1) >> USTXC) & 0xff) >= 0x7e) { } - - if (c == '\n') { - USF(1) = '\r'; - } - USF(1) = c; -} -#endif - -#endif - }; diff --git a/cores/esp8266/umm_malloc/umm_local.c b/cores/esp8266/umm_malloc/umm_local.c index 82dc7dc96a..2917343570 100644 --- a/cores/esp8266/umm_malloc/umm_local.c +++ b/cores/esp8266/umm_malloc/umm_local.c @@ -23,7 +23,7 @@ UMM_TIME_STATS time_stats = { bool ICACHE_FLASH_ATTR get_umm_get_perf_data(UMM_TIME_STATS *p, size_t size) { - UMM_CRITICAL_DECL(id_no_tag, true); + UMM_CRITICAL_DECL(id_no_tag); if (p && sizeof(time_stats) == size) { UMM_CRITICAL_ENTRY(id_no_tag); @@ -35,25 +35,99 @@ bool ICACHE_FLASH_ATTR get_umm_get_perf_data(UMM_TIME_STATS *p, size_t size) } #endif -#if defined(UMM_POISON_CHECK) -// Alternate functions from upstream -int umm_poison_check_result; +// Alternate Poison functions + +#if defined(UMM_POISON_CHECK_LITE) +// We skip this when doing the full poison check. + +static int check_poison_neighbors( unsigned short cur ) { + unsigned short int c; + + if ( 0 == cur ) + return 1; + + c = UMM_PBLOCK(cur) & UMM_BLOCKNO_MASK; + while( c && (UMM_NBLOCK(c) & UMM_BLOCKNO_MASK) ) { + /* + There can be up to 1 free block neighbor in either direction. + This loop should self limit to 2 passes, due to heap design. + i.e. Adjacent free space is always consolidated. + */ + if ( !(UMM_NBLOCK(c) & UMM_FREELIST_MASK) ) { + if ( !check_poison_block(&UMM_BLOCK(c)) ) + return 0; + + break; + } + + c = UMM_PBLOCK(c) & UMM_BLOCKNO_MASK; + } + + c = UMM_NBLOCK(cur) & UMM_BLOCKNO_MASK; + while( (UMM_NBLOCK(c) & UMM_BLOCKNO_MASK) ) { + if ( !(UMM_NBLOCK(c) & UMM_FREELIST_MASK) ) { + if ( !check_poison_block(&UMM_BLOCK(c)) ) + return 0; + + break; + } + + c = UMM_NBLOCK(c) & UMM_BLOCKNO_MASK; + } + + return 1; +} +#endif + +#if defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) /* ------------------------------------------------------------------------ */ -void *umm_poison_realloc_fl(void *ptr, size_t size, const char* file, int line) -{ - void *ret; +static void *get_unpoisoned_check_neighbors( void *v_ptr, const char* file, int line ) { + unsigned char *ptr = (unsigned char *)v_ptr; - umm_poison_check_result = 1; - ptr = get_unpoisoned(ptr); - if (!umm_poison_check_result) - { - if (file) - __panic_func(file, line, ""); - else - abort(); + if (ptr != NULL) { + + ptr -= (sizeof(UMM_POISONED_BLOCK_LEN_TYPE) + UMM_POISON_SIZE_BEFORE); + +#if defined(UMM_POISON_CHECK_LITE) + UMM_CRITICAL_DECL(id_poison); + unsigned short int c; + bool poison = false; + + /* Figure out which block we're in. Note the use of truncated division... */ + c = (((char *)ptr)-(char *)(&(umm_heap[0])))/sizeof(umm_block); + + UMM_CRITICAL_ENTRY(id_poison); + poison = check_poison_block(&UMM_BLOCK(c)) && check_poison_neighbors(c); + UMM_CRITICAL_EXIT(id_poison); + + if (!poison) { + if (file) { + __panic_func(file, line, ""); + } else { + abort(); + } } +#else + /* + * No need to check poison here. POISON_CHECK() has already done a + * full heap check. + */ + (void)file; + (void)line; +#endif + } + + return (void *)ptr; +} + +/* ------------------------------------------------------------------------ */ + +void *umm_poison_realloc_fl(void *ptr, size_t size, const char* file, int line) { + void *ret; + + ptr = get_unpoisoned_check_neighbors(ptr, file, line); size += poison_size(size); ret = umm_realloc(ptr, size); @@ -65,17 +139,9 @@ void *umm_poison_realloc_fl(void *ptr, size_t size, const char* file, int line) /* ------------------------------------------------------------------------ */ -void umm_poison_free_fl(void *ptr, const char* file, int line) -{ - umm_poison_check_result = 1; - ptr = get_unpoisoned(ptr); - if (!umm_poison_check_result) - { - if (file) - __panic_func(file, line, ""); - else - abort(); - } +void umm_poison_free_fl(void *ptr, const char* file, int line) { + + ptr = get_unpoisoned_check_neighbors(ptr, file, line); umm_free(ptr); } diff --git a/cores/esp8266/umm_malloc/umm_local.h b/cores/esp8266/umm_malloc/umm_local.h index 299418da00..54c6c70289 100644 --- a/cores/esp8266/umm_malloc/umm_local.h +++ b/cores/esp8266/umm_malloc/umm_local.h @@ -5,7 +5,15 @@ * umm_malloc_cfg.h. And, not for upstream version. * */ -#if defined(DEBUG_ESP_OOM) || defined(UMM_CHECK_POISON) || defined(UMM_POISON_CHECK_LITE) || defined(UMM_INTEGRITY_CHECK) + +#undef memcpy +#undef memmove +#undef memset +#define memcpy ets_memcpy +#define memmove ets_memmove +#define memset ets_memset + +#if defined(DEBUG_ESP_OOM) || defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) || defined(UMM_INTEGRITY_CHECK) #else #define umm_malloc(s) malloc(s) @@ -14,4 +22,8 @@ #define umm_free(p) free(p) #endif +#if defined(UMM_POISON_CHECK_LITE) +static int check_poison_neighbors( unsigned short cur ); +#endif + #endif diff --git a/cores/esp8266/umm_malloc/umm_malloc.c b/cores/esp8266/umm_malloc/umm_malloc.c deleted file mode 100644 index 9bff3ad737..0000000000 --- a/cores/esp8266/umm_malloc/umm_malloc.c +++ /dev/null @@ -1,779 +0,0 @@ -/* ---------------------------------------------------------------------------- - * umm_malloc.c - a memory allocator for embedded systems (microcontrollers) - * - * See LICENSE for copyright notice - * See README.md for acknowledgements and description of internals - * ---------------------------------------------------------------------------- - * - * R.Hempel 2007-09-22 - Original - * R.Hempel 2008-12-11 - Added MIT License biolerplate - * - realloc() now looks to see if previous block is free - * - made common operations functions - * R.Hempel 2009-03-02 - Added macros to disable tasking - * - Added function to dump heap and check for valid free - * pointer - * R.Hempel 2009-03-09 - Changed name to umm_malloc to avoid conflicts with - * the mm_malloc() library functions - * - Added some test code to assimilate a free block - * with the very block if possible. Complicated and - * not worth the grief. - * D.Frank 2014-04-02 - Fixed heap configuration when UMM_TEST_MAIN is NOT set, - * added user-dependent configuration file umm_malloc_cfg.h - * R.Hempel 2016-12-04 - Add support for Unity test framework - * - Reorganize source files to avoid redundant content - * - Move integrity and poison checking to separate file - * R.Hempel 2017-12-29 - Fix bug in realloc when requesting a new block that - * results in OOM error - see Issue 11 - * ---------------------------------------------------------------------------- - */ - -/* - * This guards against Arduino IDE build dependencies from compiling the .c - * directly, outside of umm_malloc.cpp. - */ -#if defined(UMM_MALLOC_C) - -#include -#include - -#include "umm_malloc.h" - -#include "umm_malloc_cfg.h" /* user-dependent */ - -/* Use the default DBGLOG_LEVEL and DBGLOG_FUNCTION */ - -#ifndef DBGLOG_LEVEL -#define DBGLOG_LEVEL 0 -#endif - -#include "dbglog/dbglog.h" - -#include "umm_local.h" // target-dependent supplemental - -/* ------------------------------------------------------------------------- */ - -UMM_H_ATTPACKPRE typedef struct umm_ptr_t { - unsigned short int next; - unsigned short int prev; -} UMM_H_ATTPACKSUF umm_ptr; - - -UMM_H_ATTPACKPRE typedef struct umm_block_t { - union { - umm_ptr used; - } header; - union { - umm_ptr free; - unsigned char data[4]; - } body; -} UMM_H_ATTPACKSUF umm_block; - -#define UMM_FREELIST_MASK (0x8000) -#define UMM_BLOCKNO_MASK (0x7FFF) - -/* ------------------------------------------------------------------------- */ - -umm_block *umm_heap = NULL; -unsigned short int umm_numblocks = 0; - -#define UMM_NUMBLOCKS (umm_numblocks) - -/* ------------------------------------------------------------------------ */ - -#define UMM_BLOCK(b) (umm_heap[b]) - -#define UMM_NBLOCK(b) (UMM_BLOCK(b).header.used.next) -#define UMM_PBLOCK(b) (UMM_BLOCK(b).header.used.prev) -#define UMM_NFREE(b) (UMM_BLOCK(b).body.free.next) -#define UMM_PFREE(b) (UMM_BLOCK(b).body.free.prev) -#define UMM_DATA(b) (UMM_BLOCK(b).body.data) - -/* ------------------------------------------------------------------------- - * There are additional files that may be included here - normally it's - * not a good idea to include .c files but in this case it keeps the - * main umm_malloc file clear and prevents issues with exposing internal - * data structures to other programs. - * ------------------------------------------------------------------------- - */ - -#include "umm_integrity.c" -#include "umm_poison.c" -#include "umm_info.c" -#include "umm_local.c" // target-dependent supplemental features - -/* ------------------------------------------------------------------------ */ - -static unsigned short int umm_blocks( size_t size ) { - - /* - * The calculation of the block size is not too difficult, but there are - * a few little things that we need to be mindful of. - * - * When a block removed from the free list, the space used by the free - * pointers is available for data. That's what the first calculation - * of size is doing. - */ - - if( size <= (sizeof(((umm_block *)0)->body)) ) - return( 1 ); - - /* - * If it's for more than that, then we need to figure out the number of - * additional whole blocks the size of an umm_block are required. - */ - - size -= ( 1 + (sizeof(((umm_block *)0)->body)) ); - - return( 2 + size/(sizeof(umm_block)) ); -} - -/* ------------------------------------------------------------------------ */ -/* - * Split the block `c` into two blocks: `c` and `c + blocks`. - * - * - `new_freemask` should be `0` if `c + blocks` used, or `UMM_FREELIST_MASK` - * otherwise. - * - * Note that free pointers are NOT modified by this function. - */ -static void umm_split_block( unsigned short int c, - unsigned short int blocks, - unsigned short int new_freemask ) { - - UMM_NBLOCK(c+blocks) = (UMM_NBLOCK(c) & UMM_BLOCKNO_MASK) | new_freemask; - UMM_PBLOCK(c+blocks) = c; - - UMM_PBLOCK(UMM_NBLOCK(c) & UMM_BLOCKNO_MASK) = (c+blocks); - UMM_NBLOCK(c) = (c+blocks); -} - -/* ------------------------------------------------------------------------ */ - -static void umm_disconnect_from_free_list( unsigned short int c ) { - /* Disconnect this block from the FREE list */ - - UMM_NFREE(UMM_PFREE(c)) = UMM_NFREE(c); - UMM_PFREE(UMM_NFREE(c)) = UMM_PFREE(c); - - /* And clear the free block indicator */ - - UMM_NBLOCK(c) &= (~UMM_FREELIST_MASK); -} - -/* ------------------------------------------------------------------------ - * The umm_assimilate_up() function assumes that UMM_NBLOCK(c) does NOT - * have the UMM_FREELIST_MASK bit set! - */ - -static void umm_assimilate_up( unsigned short int c ) { - - if( UMM_NBLOCK(UMM_NBLOCK(c)) & UMM_FREELIST_MASK ) { - /* - * The next block is a free block, so assimilate up and remove it from - * the free list - */ - - DBGLOG_DEBUG( "Assimilate up to next block, which is FREE\n" ); - - /* Disconnect the next block from the FREE list */ - - umm_disconnect_from_free_list( UMM_NBLOCK(c) ); - - /* Assimilate the next block with this one */ - - UMM_PBLOCK(UMM_NBLOCK(UMM_NBLOCK(c)) & UMM_BLOCKNO_MASK) = c; - UMM_NBLOCK(c) = UMM_NBLOCK(UMM_NBLOCK(c)) & UMM_BLOCKNO_MASK; - } -} - -/* ------------------------------------------------------------------------ - * The umm_assimilate_down() function assumes that UMM_NBLOCK(c) does NOT - * have the UMM_FREELIST_MASK bit set! - */ - -static unsigned short int umm_assimilate_down( unsigned short int c, unsigned short int freemask ) { - - UMM_NBLOCK(UMM_PBLOCK(c)) = UMM_NBLOCK(c) | freemask; - UMM_PBLOCK(UMM_NBLOCK(c)) = UMM_PBLOCK(c); - - return( UMM_PBLOCK(c) ); -} - -/* ------------------------------------------------------------------------- */ - -void umm_init( void ) { - /* init heap pointer and size, and memset it to 0 */ - umm_heap = (umm_block *)UMM_MALLOC_CFG_HEAP_ADDR; - umm_numblocks = (UMM_MALLOC_CFG_HEAP_SIZE / sizeof(umm_block)); - memset(umm_heap, 0x00, UMM_MALLOC_CFG_HEAP_SIZE); - - /* setup initial blank heap structure */ - { - /* index of the 0th `umm_block` */ - const unsigned short int block_0th = 0; - /* index of the 1st `umm_block` */ - const unsigned short int block_1th = 1; - /* index of the latest `umm_block` */ - const unsigned short int block_last = UMM_NUMBLOCKS - 1; - - /* init ummStats.free_blocks */ -#if defined(UMM_STATS) || defined(UMM_STATS_FULL) -#if defined(UMM_STATS_FULL) - ummStats.free_blocks_min = - ummStats.free_blocks_isr_min = -#endif - ummStats.free_blocks = block_last; -#endif - - /* setup the 0th `umm_block`, which just points to the 1st */ - UMM_NBLOCK(block_0th) = block_1th; - UMM_NFREE(block_0th) = block_1th; - UMM_PFREE(block_0th) = block_1th; - - /* - * Now, we need to set the whole heap space as a huge free block. We should - * not touch the 0th `umm_block`, since it's special: the 0th `umm_block` - * is the head of the free block list. It's a part of the heap invariant. - * - * See the detailed explanation at the beginning of the file. - */ - - /* - * 1th `umm_block` has pointers: - * - * - next `umm_block`: the latest one - * - prev `umm_block`: the 0th - * - * Plus, it's a free `umm_block`, so we need to apply `UMM_FREELIST_MASK` - * - * And it's the last free block, so the next free block is 0. - */ - UMM_NBLOCK(block_1th) = block_last | UMM_FREELIST_MASK; - UMM_NFREE(block_1th) = 0; - UMM_PBLOCK(block_1th) = block_0th; - UMM_PFREE(block_1th) = block_0th; - - /* - * latest `umm_block` has pointers: - * - * - next `umm_block`: 0 (meaning, there are no more `umm_blocks`) - * - prev `umm_block`: the 1st - * - * It's not a free block, so we don't touch NFREE / PFREE at all. - */ - UMM_NBLOCK(block_last) = 0; - UMM_PBLOCK(block_last) = block_1th; - } -} - -/* ------------------------------------------------------------------------ */ - -void umm_free( void *ptr ) { - UMM_CRITICAL_DECL(id_free); - - unsigned short int c; - - /* If we're being asked to free a NULL pointer, well that's just silly! */ - - if( (void *)0 == ptr ) { - DBGLOG_DEBUG( "free a null pointer -> do nothing\n" ); - - return; - } - - /* - * FIXME: At some point it might be a good idea to add a check to make sure - * that the pointer we're being asked to free up is actually within - * the umm_heap! - * - * NOTE: See the new umm_info() function that you can use to see if a ptr is - * on the free list! - */ - - /* Figure out which block we're in. Note the use of truncated division... */ - - c = (((char *)ptr)-(char *)(&(umm_heap[0])))/sizeof(umm_block); - - DBGLOG_DEBUG( "Freeing block %6d\n", c ); - - /* Protect the critical section... */ - UMM_CRITICAL_ENTRY(id_free); - - /* Update stats Free Block count */ - STATS__FREE_BLOCKS_UPDATE(UMM_NBLOCK(c) - c); - - /* Now let's assimilate this block with the next one if possible. */ - - umm_assimilate_up( c ); - - /* Then assimilate with the previous block if possible */ - - if( UMM_NBLOCK(UMM_PBLOCK(c)) & UMM_FREELIST_MASK ) { - - DBGLOG_DEBUG( "Assimilate down to next block, which is FREE\n" ); - - c = umm_assimilate_down(c, UMM_FREELIST_MASK); - } else { - /* - * The previous block is not a free block, so add this one to the head - * of the free list - */ - - DBGLOG_DEBUG( "Just add to head of free list\n" ); - - UMM_PFREE(UMM_NFREE(0)) = c; - UMM_NFREE(c) = UMM_NFREE(0); - UMM_PFREE(c) = 0; - UMM_NFREE(0) = c; - - UMM_NBLOCK(c) |= UMM_FREELIST_MASK; - } - - /* Release the critical section... */ - UMM_CRITICAL_EXIT(id_free); -} - -/* ------------------------------------------------------------------------ */ - -void *umm_malloc( size_t size ) { - UMM_CRITICAL_DECL(id_malloc); - - unsigned short int blocks; - unsigned short int blockSize = 0; - - unsigned short int bestSize; - unsigned short int bestBlock; - - unsigned short int cf; - - if (umm_heap == NULL) { - umm_init(); - } - - /* - * the very first thing we do is figure out if we're being asked to allocate - * a size of 0 - and if we are we'll simply return a null pointer. if not - * then reduce the size by 1 byte so that the subsequent calculations on - * the number of blocks to allocate are easier... - */ - - if( 0 == size ) { - DBGLOG_DEBUG( "malloc a block of 0 bytes -> do nothing\n" ); - - return( (void *)NULL ); - } - - STATS__ALLOC_REQUEST(id_malloc, size); - - blocks = umm_blocks( size ); - - /* Protect the critical section... */ - UMM_CRITICAL_ENTRY(id_malloc); - - /* - * Now we can scan through the free list until we find a space that's big - * enough to hold the number of blocks we need. - * - * This part may be customized to be a best-fit, worst-fit, or first-fit - * algorithm - */ - - cf = UMM_NFREE(0); - - bestBlock = UMM_NFREE(0); - bestSize = 0x7FFF; - - while( cf ) { - blockSize = (UMM_NBLOCK(cf) & UMM_BLOCKNO_MASK) - cf; - - DBGLOG_TRACE( "Looking at block %6d size %6d\n", cf, blockSize ); - -#if defined UMM_BEST_FIT - if( (blockSize >= blocks) && (blockSize < bestSize) ) { - bestBlock = cf; - bestSize = blockSize; - } -#elif defined UMM_FIRST_FIT - /* This is the first block that fits! */ - if( (blockSize >= blocks) ) - break; -#else -# error "No UMM_*_FIT is defined - check umm_malloc_cfg.h" -#endif - - cf = UMM_NFREE(cf); - } - - if( 0x7FFF != bestSize ) { - cf = bestBlock; - blockSize = bestSize; - } - - if( UMM_NBLOCK(cf) & UMM_BLOCKNO_MASK && blockSize >= blocks ) { - /* - * This is an existing block in the memory heap, we just need to split off - * what we need, unlink it from the free list and mark it as in use, and - * link the rest of the block back into the freelist as if it was a new - * block on the free list... - */ - - if( blockSize == blocks ) { - /* It's an exact fit and we don't neet to split off a block. */ - DBGLOG_DEBUG( "Allocating %6d blocks starting at %6d - exact\n", blocks, cf ); - - /* Disconnect this block from the FREE list */ - - umm_disconnect_from_free_list( cf ); - - } else { - /* It's not an exact fit and we need to split off a block. */ - DBGLOG_DEBUG( "Allocating %6d blocks starting at %6d - existing\n", blocks, cf ); - - /* - * split current free block `cf` into two blocks. The first one will be - * returned to user, so it's not free, and the second one will be free. - */ - umm_split_block( cf, blocks, UMM_FREELIST_MASK /*new block is free*/ ); - - /* - * `umm_split_block()` does not update the free pointers (it affects - * only free flags), but effectively we've just moved beginning of the - * free block from `cf` to `cf + blocks`. So we have to adjust pointers - * to and from adjacent free blocks. - */ - - /* previous free block */ - UMM_NFREE( UMM_PFREE(cf) ) = cf + blocks; - UMM_PFREE( cf + blocks ) = UMM_PFREE(cf); - - /* next free block */ - UMM_PFREE( UMM_NFREE(cf) ) = cf + blocks; - UMM_NFREE( cf + blocks ) = UMM_NFREE(cf); - } - - STATS__FREE_BLOCKS_UPDATE( -blocks ); - STATS__FREE_BLOCKS_MIN(); - } else { - /* Out of memory */ - STATS__OOM_UPDATE(); - - DBGLOG_DEBUG( "Can't allocate %5d blocks\n", blocks ); - - /* Release the critical section... */ - UMM_CRITICAL_EXIT(id_malloc); - - return( (void *)NULL ); - } - - /* Release the critical section... */ - UMM_CRITICAL_EXIT(id_malloc); - - return( (void *)&UMM_DATA(cf) ); -} - -/* ------------------------------------------------------------------------ */ - -void *umm_realloc( void *ptr, size_t size ) { - UMM_CRITICAL_DECL(id_realloc); - - unsigned short int blocks; - unsigned short int blockSize; - unsigned short int prevBlockSize = 0; - unsigned short int nextBlockSize = 0; - - unsigned short int c; - - size_t curSize; - - if (umm_heap == NULL) { - umm_init(); - } - - /* - * This code looks after the case of a NULL value for ptr. The ANSI C - * standard says that if ptr is NULL and size is non-zero, then we've - * got to work the same a malloc(). If size is also 0, then our version - * of malloc() returns a NULL pointer, which is OK as far as the ANSI C - * standard is concerned. - */ - - if( ((void *)NULL == ptr) ) { - DBGLOG_DEBUG( "realloc the NULL pointer - call malloc()\n" ); - - return( umm_malloc(size) ); - } - - /* - * Now we're sure that we have a non_NULL ptr, but we're not sure what - * we should do with it. If the size is 0, then the ANSI C standard says that - * we should operate the same as free. - */ - - if( 0 == size ) { - DBGLOG_DEBUG( "realloc to 0 size, just free the block\n" ); - - umm_free( ptr ); - - return( (void *)NULL ); - } - - STATS__ALLOC_REQUEST(id_realloc, size); - - /* - * Otherwise we need to actually do a reallocation. A naiive approach - * would be to malloc() a new block of the correct size, copy the old data - * to the new block, and then free the old block. - * - * While this will work, we end up doing a lot of possibly unnecessary - * copying. So first, let's figure out how many blocks we'll need. - */ - - blocks = umm_blocks( size ); - - /* Figure out which block we're in. Note the use of truncated division... */ - - c = (((char *)ptr)-(char *)(&(umm_heap[0])))/sizeof(umm_block); - - /* Figure out how big this block is ... the free bit is not set :-) */ - - blockSize = (UMM_NBLOCK(c) - c); - - /* Figure out how many bytes are in this block */ - - curSize = (blockSize*sizeof(umm_block))-(sizeof(((umm_block *)0)->header)); - - /* Protect the critical section... */ - UMM_CRITICAL_ENTRY(id_realloc); - - /* Now figure out if the previous and/or next blocks are free as well as - * their sizes - this will help us to minimize special code later when we - * decide if it's possible to use the adjacent blocks. - * - * We set prevBlockSize and nextBlockSize to non-zero values ONLY if they - * are free! - */ - - if ((UMM_NBLOCK(UMM_NBLOCK(c)) & UMM_FREELIST_MASK)) { - nextBlockSize = (UMM_NBLOCK(UMM_NBLOCK(c)) & UMM_BLOCKNO_MASK) - UMM_NBLOCK(c); - } - - if ((UMM_NBLOCK(UMM_PBLOCK(c)) & UMM_FREELIST_MASK)) { - prevBlockSize = (c - UMM_PBLOCK(c)); - } - - DBGLOG_DEBUG( "realloc blocks %d blockSize %d nextBlockSize %d prevBlockSize %d\n", blocks, blockSize, nextBlockSize, prevBlockSize ); - -#if defined(UMM_REALLOC_MINIMIZE_COPY) - /* - * Ok, now that we're here we know how many blocks we want and the current - * blockSize. The prevBlockSize and nextBlockSize are set and we can figure - * out the best strategy for the new allocation as follows: - * - * 1. If the new block is the same size or smaller than the current block do - * nothing. - * 2. If the next block is free and adding it to the current block gives us - * enough memory, assimilate the next block. - * 3. If the prev block is free and adding it to the current block gives us - * enough memory, remove the previous block from the free list, assimilate - * it, copy to the new block. - * 4. If the prev and next blocks are free and adding them to the current - * block gives us enough memory, assimilate the next block, remove the - * previous block from the free list, assimilate it, copy to the new block. - * 5. Otherwise try to allocate an entirely new block of memory. If the - * allocation works free the old block and return the new pointer. If - * the allocation fails, return NULL and leave the old block intact. - * - * All that's left to do is decide if the fit was exact or not. If the fit - * was not exact, then split the memory block so that we use only the requested - * number of blocks and add what's left to the free list. - */ - if (blockSize >= blocks) { - DBGLOG_DEBUG( "realloc the same or smaller size block - %i, do nothing\n", blocks ); - /* This space intentionally left blank */ - } else if ((blockSize + nextBlockSize) >= blocks) { - DBGLOG_DEBUG( "realloc using next block - %i\n", blocks ); - umm_assimilate_up( c ); - STATS__FREE_BLOCKS_UPDATE( - nextBlockSize ); - blockSize += nextBlockSize; - } else if ((prevBlockSize + blockSize) >= blocks) { - DBGLOG_DEBUG( "realloc using prev block - %i\n", blocks ); - umm_disconnect_from_free_list( UMM_PBLOCK(c) ); - c = umm_assimilate_down(c, 0); - STATS__FREE_BLOCKS_UPDATE( - prevBlockSize ); - STATS__FREE_BLOCKS_ISR_MIN(); - blockSize += prevBlockSize; - UMM_CRITICAL_SUSPEND(id_realloc); - memmove( (void *)&UMM_DATA(c), ptr, curSize ); - ptr = (void *)&UMM_DATA(c); - UMM_CRITICAL_RESUME(id_realloc); - } else if ((prevBlockSize + blockSize + nextBlockSize) >= blocks) { - DBGLOG_DEBUG( "realloc using prev and next block - %d\n", blocks ); - umm_assimilate_up( c ); - umm_disconnect_from_free_list( UMM_PBLOCK(c) ); - c = umm_assimilate_down(c, 0); - STATS__FREE_BLOCKS_UPDATE( - prevBlockSize - nextBlockSize ); -#ifdef UMM_LIGHTWEIGHT_CPU - if ((prevBlockSize + blockSize + nextBlockSize) > blocks) { - umm_split_block( c, blocks, 0 ); - umm_free( (void *)&UMM_DATA(c+blocks) ); - } - STATS__FREE_BLOCKS_ISR_MIN(); - blockSize = blocks; -#else - blockSize += (prevBlockSize + nextBlockSize); -#endif - UMM_CRITICAL_SUSPEND(id_realloc); - memmove( (void *)&UMM_DATA(c), ptr, curSize ); - ptr = (void *)&UMM_DATA(c); - UMM_CRITICAL_RESUME(id_realloc); - } else { - UMM_CRITICAL_SUSPEND(id_realloc); - DBGLOG_DEBUG( "realloc a completely new block %i\n", blocks ); - void *oldptr = ptr; - if( (ptr = umm_malloc( size )) ) { - DBGLOG_DEBUG( "realloc %i to a bigger block %i, copy, and free the old\n", blockSize, blocks ); - memcpy( ptr, oldptr, curSize ); - umm_free( oldptr ); - blockSize = blocks; - UMM_CRITICAL_RESUME(id_realloc); - } else { - DBGLOG_DEBUG( "realloc %i to a bigger block %i failed - return NULL and leave the old block!\n", blockSize, blocks ); - /* This space intentionally left blnk */ - UMM_CRITICAL_RESUME(id_realloc); - STATS__OOM_UPDATE(); - } - } -#elif defined(UMM_REALLOC_DEFRAG) - /* - * Ok, now that we're here we know how many blocks we want and the current - * blockSize. The prevBlockSize and nextBlockSize are set and we can figure - * out the best strategy for the new allocation. The following strategy is - * focused on defragging the heap: - * - * 1. If the prev is free and adding it to the current, or current and next - * block, gives us enough memory, proceed. Note, that next block may not - * be available. - * a. Remove the previous block from the free list, assimilate it. - * b. If this new block gives enough memory, copy to the new block. - * Note, this includes the case of same size or smaller block. - * c. Else assimilate the next block, copy to the new block. - * 2. If the new block is the same size or smaller than the current block do - * nothing. - * 3. If the next block is free and adding it to the current block gives us - * enough memory, assimilate the next block. - * 4. Otherwise try to allocate an entirely new block of memory. If the - * allocation works free the old block and return the new pointer. If - * the allocation fails, return NULL and leave the old block intact. - * - * All that's left to do is decide if the fit was exact or not. If the fit - * was not exact, then split the memory block so that we use only the - * requested number of blocks and add what's left to the free list. - */ - if (prevBlockSize && (prevBlockSize + blockSize + nextBlockSize) >= blocks) { // 1 - umm_disconnect_from_free_list( UMM_PBLOCK(c) ); - c = umm_assimilate_down(c, 0); - STATS__FREE_BLOCKS_UPDATE( - prevBlockSize ); - blockSize += prevBlockSize; - if (blockSize >= blocks) { - DBGLOG_DEBUG( "realloc using prev block - %d\n", blocks ); - STATS__FREE_BLOCKS_ISR_MIN(); - } else { - DBGLOG_DEBUG( "realloc using prev and next block - %d\n", blocks ); - umm_assimilate_up( c ); - STATS__FREE_BLOCKS_UPDATE( - nextBlockSize ); - blockSize += nextBlockSize; -#ifdef UMM_LIGHTWEIGHT_CPU - if (blockSize > blocks) { - umm_split_block( c, blocks, 0 ); - umm_free( (void *)&UMM_DATA(c+blocks) ); - } - STATS__FREE_BLOCKS_ISR_MIN(); - blockSize = blocks; -#endif - } - UMM_CRITICAL_SUSPEND(id_realloc); - memmove( (void *)&UMM_DATA(c), ptr, curSize ); - ptr = (void *)&UMM_DATA(c); - UMM_CRITICAL_RESUME(id_realloc); - } else if (blockSize >= blocks) { // 2 - DBGLOG_DEBUG( "realloc the same or smaller size block - %d, do nothing\n", blocks ); - /* This space intentionally left blank */ - } else if ((blockSize + nextBlockSize) >= blocks) { // 3 - DBGLOG_DEBUG( "realloc using next block - %d\n", blocks ); - umm_assimilate_up( c ); - STATS__FREE_BLOCKS_UPDATE(-nextBlockSize); - blockSize += nextBlockSize; - } else { // 4 - UMM_CRITICAL_SUSPEND(id_realloc); - DBGLOG_DEBUG( "realloc a completely new block %d\n", blocks ); - void *oldptr = ptr; - if( (ptr = umm_malloc( size )) ) { - DBGLOG_DEBUG( "realloc %d to a bigger block %d, copy, and free the old\n", blockSize, blocks ); - memcpy( ptr, oldptr, curSize ); - umm_free( oldptr); - blockSize = blocks; - UMM_CRITICAL_RESUME(id_realloc); - } else { - DBGLOG_DEBUG( "realloc %d to a bigger block %d failed - return NULL and leave the old block!\n", blockSize, blocks ); - /* This space intentionally left blnk */ - UMM_CRITICAL_RESUME(id_realloc); - STATS__OOM_UPDATE(); - } - } -#else -#warning "Neither UMM_REALLOC_DEFRAG nor UMM_REALLOC_MINIMIZE_COPY is defined - check umm_malloc_cfg.h" - /* An always copy just for comparison */ - if (blockSize >= blocks) { - DBGLOG_DEBUG( "realloc the same or smaller size block - %d, do nothing\n", blocks ); - /* This space intentionally left blank */ - } else { - UMM_CRITICAL_SUSPEND(id_realloc); - DBGLOG_DEBUG( "realloc a completely new block %d\n", blocks ); - void *oldptr = ptr; - if( (ptr = umm_malloc( size )) ) { - DBGLOG_DEBUG( "realloc %d to a bigger block %d, copy, and free the old\n", blockSize, blocks ); - memcpy( ptr, oldptr, curSize ); - umm_free( oldptr ); - blockSize = blocks; - UMM_CRITICAL_RESUME(id_realloc); - } else { - DBGLOG_DEBUG( "realloc %d to a bigger block %d failed - return NULL and leave the old block!\n", blockSize, blocks ); - /* This space intentionally left blnk */ - UMM_CRITICAL_RESUME(id_realloc); - STATS__OOM_UPDATE(); - } - } -#endif - /* Now all we need to do is figure out if the block fit exactly or if we - * need to split and free ... - */ - - if (blockSize > blocks ) { - DBGLOG_DEBUG( "split and free %d blocks from %d\n", blocks, blockSize ); - umm_split_block( c, blocks, 0 ); - umm_free( (void *)&UMM_DATA(c+blocks) ); - } - - STATS__FREE_BLOCKS_MIN(); - - /* Release the critical section... */ - UMM_CRITICAL_EXIT(id_realloc); - - return( ptr ); -} - -/* ------------------------------------------------------------------------ */ - -void *umm_calloc( size_t num, size_t item_size ) { - void *ret; - - ret = umm_malloc((size_t)(item_size * num)); - - if (ret) - memset(ret, 0x00, (size_t)(item_size * num)); - - return ret; -} - -/* ------------------------------------------------------------------------ */ -#endif diff --git a/cores/esp8266/umm_malloc/umm_malloc.cpp b/cores/esp8266/umm_malloc/umm_malloc.cpp index dcc0ee5d6c..5f94f9bb83 100644 --- a/cores/esp8266/umm_malloc/umm_malloc.cpp +++ b/cores/esp8266/umm_malloc/umm_malloc.cpp @@ -1,99 +1,886 @@ -/* - * Itemized changes started July 22, 2019 - * AUG 1, 2019 compiles with OOM, UMM_POISON_CHECK, and appears to be working. - * - * local changes for upstream umm_malloc: - * - * In malloc.c - * Added `#if defined(...)` to cover all of umm_malloc.c. - * Suround DBGLOG_LEVEL with #ifndef... Now defined value in umm_malloc_cfg.h - * - * umm_free() - moved critical section to start after safe calculations. - * - * umm_malloc() - moved critical section to start after umm_blocks() - * computations are based on contants that don't change, calling - * argument excepted. - * - * umm_realloc() - Added UMM_CRITICAL_SUSPEND()/UMM_CRITICAL_RESUME() for - * when lightweight locks are available. eg. sti/cli. Single threaded - * single CPU case. - * - * umm_realloc() - appears to have been refactored to minimize memmove - * and memcpy. The old version would always combine an adjacent block in the - * direction of the start of the heap when available and do a memmove. This - * had a defragging effect. This appears to have been replaced with an - * attempt to minimize copy when possible. - * - * Added heap stats tracking. - * - * - * In umm_info.c - * umm_info() - Added UMM_CRITICAL_DECL(id_info), updated critical sections - * with tag. - * Carried forward: Added NULL ptr check at beginning (umm_malloc.c). - Mar 8, 2016 - * - * - * In umm_poison.c: - * Resolved C++ compiler error reported on get_poisoned(), and - * get_unpoisoned(). They now take in void * arg instead of unsigned char *. +/* ---------------------------------------------------------------------------- + * umm_malloc.c - a memory allocator for embedded systems (microcontrollers) * - * In umm_integrity.c: - * Replaced printf with DBGLOG_FUNCTION. This needs to be a malloc free - * function and ISR safe. - * Add critical sections. + * See LICENSE for copyright notice + * See README.md for acknowledgements and description of internals + * ---------------------------------------------------------------------------- * - * In umm_malloc_cfg.h: - * Added macro UMM_CRITICAL_SUSPEND()/UMM_CRITICAL_RESUME() - * - * - * Globally change across all files %i to %d: umm_info.c, umm_malloc.c, - * - * - * Notes, - * - * umm_integrity_check() is called by macro INTEGRITY_CHECK which returns 1 - * on success. No corruption. Does a time consuming scan of the whole heap. It - * will call UMM_HEAP_CORRUPTION_CB if an error is found. - * - * umm_poison_check(), formerly known as check_poison_all_blocks(), - * is called by macro POISON_CHECK which returns 1 on success. No corruption. - * Does a time consuming scan of all active allocations for modified poison. - * It does *NOT* call UMM_HEAP_CORRUPTION_CB if an error is found. - * The option description says it does! - * - * umm_poison_realloc() and umm_poison_free() no longer call the macro - * UMM_HEAP_CORRUPTION_CB on poison error. Just a printf message is generated. - * ? What do we want to do here? I have added code for detecting the error - * and generating a panic; however, it creates more minor upstream changes. - * I am not sure what behavior you want? - * - * For upstream umm_malloc "# define POISON_CHECK() 0" should have been 1 - * add to list to report. + * R.Hempel 2007-09-22 - Original + * R.Hempel 2008-12-11 - Added MIT License biolerplate + * - realloc() now looks to see if previous block is free + * - made common operations functions + * R.Hempel 2009-03-02 - Added macros to disable tasking + * - Added function to dump heap and check for valid free + * pointer + * R.Hempel 2009-03-09 - Changed name to umm_malloc to avoid conflicts with + * the mm_malloc() library functions + * - Added some test code to assimilate a free block + * with the very block if possible. Complicated and + * not worth the grief. + * D.Frank 2014-04-02 - Fixed heap configuration when UMM_TEST_MAIN is NOT set, + * added user-dependent configuration file umm_malloc_cfg.h + * R.Hempel 2016-12-04 - Add support for Unity test framework + * - Reorganize source files to avoid redundant content + * - Move integrity and poison checking to separate file + * R.Hempel 2017-12-29 - Fix bug in realloc when requesting a new block that + * results in OOM error - see Issue 11 + * ---------------------------------------------------------------------------- */ + + /***************************************************************************** + * + * A log listing changes made for local adaptation of newer upstream + * umm_malloc - started July 22, 2019. + * + * AUG 1, 2019 compiles with OOM, UMM_POISON_CHECK, and appears to be working. + * + * In umm_malloc.c + * Renamed to umm_malloc.cpp + * + * Added `extern "C" { ...b};` around code. + + * Surround DBGLOG_LEVEL with #ifndef... Now defined value in umm_malloc_cfg.h + * + * umm_free() - moved critical section to start after safe calculations. + * + * umm_malloc() - moved critical section to start after umm_blocks() + * computations are based on constants that don't change, calling + * argument excepted. + * + * umm_realloc() - Added UMM_CRITICAL_SUSPEND()/UMM_CRITICAL_RESUME() for + * when lightweight locks are available. eg. sti/cli. Single threaded + * single CPU case. + * + * umm_realloc() - appears to have been refactored to minimize memmove + * and memcpy. The old version would always combine an adjacent block in the + * direction of the start of the heap when available and do a memmove. This + * had a defragging effect. This appears to have been replaced with an + * attempt to minimize copy when possible. + * + * Added heap stats tracking. + * + * + * In umm_info.c + * umm_info() - Added UMM_CRITICAL_DECL(id_info), updated critical sections + * with tag. + * Carried forward: Added NULL ptr check at beginning (umm_malloc.c). - Mar 8, 2016 + * + * + * In umm_poison.c: + * Resolved C++ compiler error reported on get_poisoned(), and + * get_unpoisoned(). They now take in void * arg instead of unsigned char *. + * Added #if ... || defined(UMM_POISON_CHECK_LITE) to the conditional. + * + * In umm_integrity.c: + * Replaced printf with DBGLOG_FUNCTION. This needs to be a malloc free + * function and ISR safe. + * Added critical sections. + * + * In umm_malloc_cfg.h: + * Added macro UMM_CRITICAL_SUSPEND()/UMM_CRITICAL_RESUME() + * + * + * Globally change across all files %i to %d: umm_info.c, umm_malloc.c, + * + * + * Notes, + * + * umm_integrity_check() is called by macro INTEGRITY_CHECK which returns 1 + * on success. No corruption. Does a time consuming scan of the whole heap. + * It will call UMM_HEAP_CORRUPTION_CB if an error is found. + * + * umm_poison_check(), formerly known as check_poison_all_blocks(), + * is called by macro POISON_CHECK which returns 1 on success for no + * corruption. Does a time consuming scan of all active allocations for + * modified poison. The new upstream version does *NOT* call + * UMM_HEAP_CORRUPTION_CB if an error is found. The option description says + * it does! + * + * umm_poison_realloc() and umm_poison_free() no longer call the macro + * UMM_HEAP_CORRUPTION_CB on poison error. Just a printf message is + * generated. I have added alternative functions umm_poison_free_fl, + * umm_poison_realloc_fl, and get_unpoisoned_check_neighbors in + * umm_local.cpp. These expand the poison check on the current allocation to + * include its nearest allocated neighbors in the heap. + * + * umm_malloc() has been extended to call check_poison_neighbors for the + * allocation it selects, conditionally for UMM_POISON_CHECK_LITE. + * + * For upstream umm_malloc "# define POISON_CHECK() 0" should have been 1 + * add to list to report. + */ + /* + * Current Deltas from the old umm_malloc + * + * umm_posion check for a given *alloc - failure - no longer panics. + * + * option to run full poison check at each *alloc call, not present + * + * option to run full interity check at each *alloc call, not present + * + * upstream code does not call panic from poison_check_block. + * + * Defragmenting effect of realloc is gone. It now minimizes copy. This + * may have been an accident during code cleanup. + * + */ + + /* - * Current Deltas from the old umm_malloc + * Added for using with Arduino ESP8266 and handling renameing to umm_malloc.cpp + */ +extern "C" { + +#include +#include + +#include "umm_malloc.h" + +#include "umm_malloc_cfg.h" /* user-dependent */ + +/* Use the default DBGLOG_LEVEL and DBGLOG_FUNCTION */ + +#ifndef DBGLOG_LEVEL +#define DBGLOG_LEVEL 0 +#endif + +#include "dbglog/dbglog.h" + +#include "umm_local.h" // target-dependent supplemental + +/* ------------------------------------------------------------------------- */ + +UMM_H_ATTPACKPRE typedef struct umm_ptr_t { + unsigned short int next; + unsigned short int prev; +} UMM_H_ATTPACKSUF umm_ptr; + + +UMM_H_ATTPACKPRE typedef struct umm_block_t { + union { + umm_ptr used; + } header; + union { + umm_ptr free; + unsigned char data[4]; + } body; +} UMM_H_ATTPACKSUF umm_block; + +#define UMM_FREELIST_MASK (0x8000) +#define UMM_BLOCKNO_MASK (0x7FFF) + +/* ------------------------------------------------------------------------- */ + +umm_block *umm_heap = NULL; +unsigned short int umm_numblocks = 0; + +#define UMM_NUMBLOCKS (umm_numblocks) + +/* ------------------------------------------------------------------------ */ + +#define UMM_BLOCK(b) (umm_heap[b]) + +#define UMM_NBLOCK(b) (UMM_BLOCK(b).header.used.next) +#define UMM_PBLOCK(b) (UMM_BLOCK(b).header.used.prev) +#define UMM_NFREE(b) (UMM_BLOCK(b).body.free.next) +#define UMM_PFREE(b) (UMM_BLOCK(b).body.free.prev) +#define UMM_DATA(b) (UMM_BLOCK(b).body.data) + +/* ------------------------------------------------------------------------- + * There are additional files that may be included here - normally it's + * not a good idea to include .c files but in this case it keeps the + * main umm_malloc file clear and prevents issues with exposing internal + * data structures to other programs. + * ------------------------------------------------------------------------- + */ + +#include "umm_integrity.c" +#include "umm_poison.c" +#include "umm_info.c" +#include "umm_local.c" // target-dependent supplemental features + +/* ------------------------------------------------------------------------ */ + +static unsigned short int umm_blocks( size_t size ) { + + /* + * The calculation of the block size is not too difficult, but there are + * a few little things that we need to be mindful of. + * + * When a block removed from the free list, the space used by the free + * pointers is available for data. That's what the first calculation + * of size is doing. + */ + + if( size <= (sizeof(((umm_block *)0)->body)) ) + return( 1 ); + + /* + * If it's for more than that, then we need to figure out the number of + * additional whole blocks the size of an umm_block are required. + */ + + size -= ( 1 + (sizeof(((umm_block *)0)->body)) ); + + return( 2 + size/(sizeof(umm_block)) ); +} + +/* ------------------------------------------------------------------------ */ +/* + * Split the block `c` into two blocks: `c` and `c + blocks`. * - * umm_posion check for a given *alloc - failure no longer panics. - * option to run full poison check at each *alloc call, not present - * option to run full interity check at each *alloc call, not present - * upstream code does not call panic from poison_check_block. + * - `new_freemask` should be `0` if `c + blocks` used, or `UMM_FREELIST_MASK` + * otherwise. * + * Note that free pointers are NOT modified by this function. */ +static void umm_split_block( unsigned short int c, + unsigned short int blocks, + unsigned short int new_freemask ) { + UMM_NBLOCK(c+blocks) = (UMM_NBLOCK(c) & UMM_BLOCKNO_MASK) | new_freemask; + UMM_PBLOCK(c+blocks) = c; -extern "C" { + UMM_PBLOCK(UMM_NBLOCK(c) & UMM_BLOCKNO_MASK) = (c+blocks); + UMM_NBLOCK(c) = (c+blocks); +} + +/* ------------------------------------------------------------------------ */ + +static void umm_disconnect_from_free_list( unsigned short int c ) { + /* Disconnect this block from the FREE list */ + + UMM_NFREE(UMM_PFREE(c)) = UMM_NFREE(c); + UMM_PFREE(UMM_NFREE(c)) = UMM_PFREE(c); + + /* And clear the free block indicator */ + + UMM_NBLOCK(c) &= (~UMM_FREELIST_MASK); +} + +/* ------------------------------------------------------------------------ + * The umm_assimilate_up() function assumes that UMM_NBLOCK(c) does NOT + * have the UMM_FREELIST_MASK bit set! + */ + +static void umm_assimilate_up( unsigned short int c ) { + + if( UMM_NBLOCK(UMM_NBLOCK(c)) & UMM_FREELIST_MASK ) { + /* + * The next block is a free block, so assimilate up and remove it from + * the free list + */ + + DBGLOG_DEBUG( "Assimilate up to next block, which is FREE\n" ); + + /* Disconnect the next block from the FREE list */ + + umm_disconnect_from_free_list( UMM_NBLOCK(c) ); -#define UMM_MALLOC_C + /* Assimilate the next block with this one */ -#if 1 -#undef memcpy -#undef memmove -#undef memset -#define memcpy ets_memcpy -#define memmove ets_memmove -#define memset ets_memset + UMM_PBLOCK(UMM_NBLOCK(UMM_NBLOCK(c)) & UMM_BLOCKNO_MASK) = c; + UMM_NBLOCK(c) = UMM_NBLOCK(UMM_NBLOCK(c)) & UMM_BLOCKNO_MASK; + } +} + +/* ------------------------------------------------------------------------ + * The umm_assimilate_down() function assumes that UMM_NBLOCK(c) does NOT + * have the UMM_FREELIST_MASK bit set! + */ + +static unsigned short int umm_assimilate_down( unsigned short int c, unsigned short int freemask ) { + + UMM_NBLOCK(UMM_PBLOCK(c)) = UMM_NBLOCK(c) | freemask; + UMM_PBLOCK(UMM_NBLOCK(c)) = UMM_PBLOCK(c); + + return( UMM_PBLOCK(c) ); +} + +/* ------------------------------------------------------------------------- */ + +void umm_init( void ) { + /* init heap pointer and size, and memset it to 0 */ + umm_heap = (umm_block *)UMM_MALLOC_CFG_HEAP_ADDR; + umm_numblocks = (UMM_MALLOC_CFG_HEAP_SIZE / sizeof(umm_block)); + memset(umm_heap, 0x00, UMM_MALLOC_CFG_HEAP_SIZE); + + /* setup initial blank heap structure */ + { + /* index of the 0th `umm_block` */ + const unsigned short int block_0th = 0; + /* index of the 1st `umm_block` */ + const unsigned short int block_1th = 1; + /* index of the latest `umm_block` */ + const unsigned short int block_last = UMM_NUMBLOCKS - 1; + + /* init ummStats.free_blocks */ +#if defined(UMM_STATS) || defined(UMM_STATS_FULL) +#if defined(UMM_STATS_FULL) + ummStats.free_blocks_min = + ummStats.free_blocks_isr_min = #endif + ummStats.free_blocks = block_last; +#endif + + /* setup the 0th `umm_block`, which just points to the 1st */ + UMM_NBLOCK(block_0th) = block_1th; + UMM_NFREE(block_0th) = block_1th; + UMM_PFREE(block_0th) = block_1th; + + /* + * Now, we need to set the whole heap space as a huge free block. We should + * not touch the 0th `umm_block`, since it's special: the 0th `umm_block` + * is the head of the free block list. It's a part of the heap invariant. + * + * See the detailed explanation at the beginning of the file. + */ + + /* + * 1th `umm_block` has pointers: + * + * - next `umm_block`: the latest one + * - prev `umm_block`: the 0th + * + * Plus, it's a free `umm_block`, so we need to apply `UMM_FREELIST_MASK` + * + * And it's the last free block, so the next free block is 0. + */ + UMM_NBLOCK(block_1th) = block_last | UMM_FREELIST_MASK; + UMM_NFREE(block_1th) = 0; + UMM_PBLOCK(block_1th) = block_0th; + UMM_PFREE(block_1th) = block_0th; + + /* + * latest `umm_block` has pointers: + * + * - next `umm_block`: 0 (meaning, there are no more `umm_blocks`) + * - prev `umm_block`: the 1st + * + * It's not a free block, so we don't touch NFREE / PFREE at all. + */ + UMM_NBLOCK(block_last) = 0; + UMM_PBLOCK(block_last) = block_1th; + } +} + +/* ------------------------------------------------------------------------ */ + +void umm_free( void *ptr ) { + UMM_CRITICAL_DECL(id_free); + + unsigned short int c; + + /* If we're being asked to free a NULL pointer, well that's just silly! */ + + if( (void *)0 == ptr ) { + DBGLOG_DEBUG( "free a null pointer -> do nothing\n" ); + STATS__NULL_FREE_REQUEST(id_free); + + return; + } + + STATS__FREE_REQUEST(id_free); + /* + * FIXME: At some point it might be a good idea to add a check to make sure + * that the pointer we're being asked to free up is actually within + * the umm_heap! + * + * NOTE: See the new umm_info() function that you can use to see if a ptr is + * on the free list! + */ + + /* Figure out which block we're in. Note the use of truncated division... */ + + c = (((char *)ptr)-(char *)(&(umm_heap[0])))/sizeof(umm_block); + + DBGLOG_DEBUG( "Freeing block %6d\n", c ); + + /* Protect the critical section... */ + UMM_CRITICAL_ENTRY(id_free); + + /* Update stats Free Block count */ + STATS__FREE_BLOCKS_UPDATE(UMM_NBLOCK(c) - c); + + /* Now let's assimilate this block with the next one if possible. */ + + umm_assimilate_up( c ); + + /* Then assimilate with the previous block if possible */ + + if( UMM_NBLOCK(UMM_PBLOCK(c)) & UMM_FREELIST_MASK ) { + + DBGLOG_DEBUG( "Assimilate down to next block, which is FREE\n" ); + + c = umm_assimilate_down(c, UMM_FREELIST_MASK); + } else { + /* + * The previous block is not a free block, so add this one to the head + * of the free list + */ + + DBGLOG_DEBUG( "Just add to head of free list\n" ); + + UMM_PFREE(UMM_NFREE(0)) = c; + UMM_NFREE(c) = UMM_NFREE(0); + UMM_PFREE(c) = 0; + UMM_NFREE(0) = c; + + UMM_NBLOCK(c) |= UMM_FREELIST_MASK; + } + + /* Release the critical section... */ + UMM_CRITICAL_EXIT(id_free); +} + +/* ------------------------------------------------------------------------ */ + +void *umm_malloc( size_t size ) { + UMM_CRITICAL_DECL(id_malloc); + + unsigned short int blocks; + unsigned short int blockSize = 0; + + unsigned short int bestSize; + unsigned short int bestBlock; + + unsigned short int cf; + + if (umm_heap == NULL) { + umm_init(); + } + + /* + * the very first thing we do is figure out if we're being asked to allocate + * a size of 0 - and if we are we'll simply return a null pointer. if not + * then reduce the size by 1 byte so that the subsequent calculations on + * the number of blocks to allocate are easier... + */ + + + if( 0 == size ) { + DBGLOG_DEBUG( "malloc a block of 0 bytes -> do nothing\n" ); + STATS__ZERO_ALLOC_REQUEST(id_malloc, size); + + return( (void *)NULL ); + } + + STATS__ALLOC_REQUEST(id_malloc, size); + + blocks = umm_blocks( size ); + + /* Protect the critical section... */ + UMM_CRITICAL_ENTRY(id_malloc); + + /* + * Now we can scan through the free list until we find a space that's big + * enough to hold the number of blocks we need. + * + * This part may be customized to be a best-fit, worst-fit, or first-fit + * algorithm + */ + + cf = UMM_NFREE(0); + + bestBlock = UMM_NFREE(0); + bestSize = 0x7FFF; + + while( cf ) { + blockSize = (UMM_NBLOCK(cf) & UMM_BLOCKNO_MASK) - cf; + + DBGLOG_TRACE( "Looking at block %6d size %6d\n", cf, blockSize ); + +#if defined UMM_BEST_FIT + if( (blockSize >= blocks) && (blockSize < bestSize) ) { + bestBlock = cf; + bestSize = blockSize; + } +#elif defined UMM_FIRST_FIT + /* This is the first block that fits! */ + if( (blockSize >= blocks) ) + break; +#else +# error "No UMM_*_FIT is defined - check umm_malloc_cfg.h" +#endif + + cf = UMM_NFREE(cf); + } + + if( 0x7FFF != bestSize ) { + cf = bestBlock; + blockSize = bestSize; + } + + POISON_CHECK_NEIGHBORS(cf); + + if( UMM_NBLOCK(cf) & UMM_BLOCKNO_MASK && blockSize >= blocks ) { + /* + * This is an existing block in the memory heap, we just need to split off + * what we need, unlink it from the free list and mark it as in use, and + * link the rest of the block back into the freelist as if it was a new + * block on the free list... + */ + + if( blockSize == blocks ) { + /* It's an exact fit and we don't neet to split off a block. */ + DBGLOG_DEBUG( "Allocating %6d blocks starting at %6d - exact\n", blocks, cf ); + + /* Disconnect this block from the FREE list */ + + umm_disconnect_from_free_list( cf ); + + } else { + /* It's not an exact fit and we need to split off a block. */ + DBGLOG_DEBUG( "Allocating %6d blocks starting at %6d - existing\n", blocks, cf ); + + /* + * split current free block `cf` into two blocks. The first one will be + * returned to user, so it's not free, and the second one will be free. + */ + umm_split_block( cf, blocks, UMM_FREELIST_MASK /*new block is free*/ ); + + /* + * `umm_split_block()` does not update the free pointers (it affects + * only free flags), but effectively we've just moved beginning of the + * free block from `cf` to `cf + blocks`. So we have to adjust pointers + * to and from adjacent free blocks. + */ + + /* previous free block */ + UMM_NFREE( UMM_PFREE(cf) ) = cf + blocks; + UMM_PFREE( cf + blocks ) = UMM_PFREE(cf); + + /* next free block */ + UMM_PFREE( UMM_NFREE(cf) ) = cf + blocks; + UMM_NFREE( cf + blocks ) = UMM_NFREE(cf); + } + + STATS__FREE_BLOCKS_UPDATE( -blocks ); + STATS__FREE_BLOCKS_MIN(); + } else { + /* Out of memory */ + STATS__OOM_UPDATE(); + + DBGLOG_DEBUG( "Can't allocate %5d blocks\n", blocks ); + + /* Release the critical section... */ + UMM_CRITICAL_EXIT(id_malloc); + + return( (void *)NULL ); + } + + /* Release the critical section... */ + UMM_CRITICAL_EXIT(id_malloc); + + return( (void *)&UMM_DATA(cf) ); +} + +/* ------------------------------------------------------------------------ */ + +void *umm_realloc( void *ptr, size_t size ) { + UMM_CRITICAL_DECL(id_realloc); + + unsigned short int blocks; + unsigned short int blockSize; + unsigned short int prevBlockSize = 0; + unsigned short int nextBlockSize = 0; + + unsigned short int c; + + size_t curSize; + + if (umm_heap == NULL) { + umm_init(); + } + + /* + * This code looks after the case of a NULL value for ptr. The ANSI C + * standard says that if ptr is NULL and size is non-zero, then we've + * got to work the same a malloc(). If size is also 0, then our version + * of malloc() returns a NULL pointer, which is OK as far as the ANSI C + * standard is concerned. + */ + + if( ((void *)NULL == ptr) ) { + DBGLOG_DEBUG( "realloc the NULL pointer - call malloc()\n" ); + + return( umm_malloc(size) ); + } + + /* + * Now we're sure that we have a non_NULL ptr, but we're not sure what + * we should do with it. If the size is 0, then the ANSI C standard says that + * we should operate the same as free. + */ + + + if( 0 == size ) { + DBGLOG_DEBUG( "realloc to 0 size, just free the block\n" ); + STATS__ZERO_ALLOC_REQUEST(id_realloc, size); + + umm_free( ptr ); + + return( (void *)NULL ); + } + + STATS__ALLOC_REQUEST(id_realloc, size); + + /* + * Otherwise we need to actually do a reallocation. A naiive approach + * would be to malloc() a new block of the correct size, copy the old data + * to the new block, and then free the old block. + * + * While this will work, we end up doing a lot of possibly unnecessary + * copying. So first, let's figure out how many blocks we'll need. + */ + + blocks = umm_blocks( size ); + + /* Figure out which block we're in. Note the use of truncated division... */ + + c = (((char *)ptr)-(char *)(&(umm_heap[0])))/sizeof(umm_block); + + /* Figure out how big this block is ... the free bit is not set :-) */ + + blockSize = (UMM_NBLOCK(c) - c); + + /* Figure out how many bytes are in this block */ + + curSize = (blockSize*sizeof(umm_block))-(sizeof(((umm_block *)0)->header)); + + /* Protect the critical section... */ + UMM_CRITICAL_ENTRY(id_realloc); + + /* Now figure out if the previous and/or next blocks are free as well as + * their sizes - this will help us to minimize special code later when we + * decide if it's possible to use the adjacent blocks. + * + * We set prevBlockSize and nextBlockSize to non-zero values ONLY if they + * are free! + */ + + if ((UMM_NBLOCK(UMM_NBLOCK(c)) & UMM_FREELIST_MASK)) { + nextBlockSize = (UMM_NBLOCK(UMM_NBLOCK(c)) & UMM_BLOCKNO_MASK) - UMM_NBLOCK(c); + } + + if ((UMM_NBLOCK(UMM_PBLOCK(c)) & UMM_FREELIST_MASK)) { + prevBlockSize = (c - UMM_PBLOCK(c)); + } + + DBGLOG_DEBUG( "realloc blocks %d blockSize %d nextBlockSize %d prevBlockSize %d\n", blocks, blockSize, nextBlockSize, prevBlockSize ); + +#if defined(UMM_REALLOC_MINIMIZE_COPY) + /* + * Ok, now that we're here we know how many blocks we want and the current + * blockSize. The prevBlockSize and nextBlockSize are set and we can figure + * out the best strategy for the new allocation as follows: + * + * 1. If the new block is the same size or smaller than the current block do + * nothing. + * 2. If the next block is free and adding it to the current block gives us + * enough memory, assimilate the next block. + * 3. If the prev block is free and adding it to the current block gives us + * enough memory, remove the previous block from the free list, assimilate + * it, copy to the new block. + * 4. If the prev and next blocks are free and adding them to the current + * block gives us enough memory, assimilate the next block, remove the + * previous block from the free list, assimilate it, copy to the new block. + * 5. Otherwise try to allocate an entirely new block of memory. If the + * allocation works free the old block and return the new pointer. If + * the allocation fails, return NULL and leave the old block intact. + * + * All that's left to do is decide if the fit was exact or not. If the fit + * was not exact, then split the memory block so that we use only the requested + * number of blocks and add what's left to the free list. + */ + if (blockSize >= blocks) { + DBGLOG_DEBUG( "realloc the same or smaller size block - %i, do nothing\n", blocks ); + /* This space intentionally left blank */ + } else if ((blockSize + nextBlockSize) >= blocks) { + DBGLOG_DEBUG( "realloc using next block - %i\n", blocks ); + umm_assimilate_up( c ); + STATS__FREE_BLOCKS_UPDATE( - nextBlockSize ); + blockSize += nextBlockSize; + } else if ((prevBlockSize + blockSize) >= blocks) { + DBGLOG_DEBUG( "realloc using prev block - %i\n", blocks ); + umm_disconnect_from_free_list( UMM_PBLOCK(c) ); + c = umm_assimilate_down(c, 0); + STATS__FREE_BLOCKS_UPDATE( - prevBlockSize ); + STATS__FREE_BLOCKS_ISR_MIN(); + blockSize += prevBlockSize; + UMM_CRITICAL_SUSPEND(id_realloc); + memmove( (void *)&UMM_DATA(c), ptr, curSize ); + ptr = (void *)&UMM_DATA(c); + UMM_CRITICAL_RESUME(id_realloc); + } else if ((prevBlockSize + blockSize + nextBlockSize) >= blocks) { + DBGLOG_DEBUG( "realloc using prev and next block - %d\n", blocks ); + umm_assimilate_up( c ); + umm_disconnect_from_free_list( UMM_PBLOCK(c) ); + c = umm_assimilate_down(c, 0); + STATS__FREE_BLOCKS_UPDATE( - prevBlockSize - nextBlockSize ); +#ifdef UMM_LIGHTWEIGHT_CPU + if ((prevBlockSize + blockSize + nextBlockSize) > blocks) { + umm_split_block( c, blocks, 0 ); + umm_free( (void *)&UMM_DATA(c+blocks) ); + } + STATS__FREE_BLOCKS_ISR_MIN(); + blockSize = blocks; +#else + blockSize += (prevBlockSize + nextBlockSize); +#endif + UMM_CRITICAL_SUSPEND(id_realloc); + memmove( (void *)&UMM_DATA(c), ptr, curSize ); + ptr = (void *)&UMM_DATA(c); + UMM_CRITICAL_RESUME(id_realloc); + } else { + UMM_CRITICAL_SUSPEND(id_realloc); + DBGLOG_DEBUG( "realloc a completely new block %i\n", blocks ); + void *oldptr = ptr; + if( (ptr = umm_malloc( size )) ) { + DBGLOG_DEBUG( "realloc %i to a bigger block %i, copy, and free the old\n", blockSize, blocks ); + memcpy( ptr, oldptr, curSize ); + umm_free( oldptr ); + blockSize = blocks; + UMM_CRITICAL_RESUME(id_realloc); + } else { + DBGLOG_DEBUG( "realloc %i to a bigger block %i failed - return NULL and leave the old block!\n", blockSize, blocks ); + /* This space intentionally left blnk */ + UMM_CRITICAL_RESUME(id_realloc); + STATS__OOM_UPDATE(); + } + } +#elif defined(UMM_REALLOC_DEFRAG) + /* + * Ok, now that we're here we know how many blocks we want and the current + * blockSize. The prevBlockSize and nextBlockSize are set and we can figure + * out the best strategy for the new allocation. The following strategy is + * focused on defragging the heap: + * + * 1. If the prev is free and adding it to the current, or current and next + * block, gives us enough memory, proceed. Note, that next block may not + * be available. + * a. Remove the previous block from the free list, assimilate it. + * b. If this new block gives enough memory, copy to the new block. + * Note, this includes the case of same size or smaller block. + * c. Else assimilate the next block, copy to the new block. + * 2. If the new block is the same size or smaller than the current block do + * nothing. + * 3. If the next block is free and adding it to the current block gives us + * enough memory, assimilate the next block. + * 4. Otherwise try to allocate an entirely new block of memory. If the + * allocation works free the old block and return the new pointer. If + * the allocation fails, return NULL and leave the old block intact. + * + * All that's left to do is decide if the fit was exact or not. If the fit + * was not exact, then split the memory block so that we use only the + * requested number of blocks and add what's left to the free list. + */ + if (prevBlockSize && (prevBlockSize + blockSize + nextBlockSize) >= blocks) { // 1 + umm_disconnect_from_free_list( UMM_PBLOCK(c) ); + c = umm_assimilate_down(c, 0); + STATS__FREE_BLOCKS_UPDATE( - prevBlockSize ); + blockSize += prevBlockSize; + if (blockSize >= blocks) { + DBGLOG_DEBUG( "realloc using prev block - %d\n", blocks ); + STATS__FREE_BLOCKS_ISR_MIN(); + } else { + DBGLOG_DEBUG( "realloc using prev and next block - %d\n", blocks ); + umm_assimilate_up( c ); + STATS__FREE_BLOCKS_UPDATE( - nextBlockSize ); + blockSize += nextBlockSize; +#ifdef UMM_LIGHTWEIGHT_CPU + if (blockSize > blocks) { + umm_split_block( c, blocks, 0 ); + umm_free( (void *)&UMM_DATA(c+blocks) ); + } + STATS__FREE_BLOCKS_ISR_MIN(); + blockSize = blocks; +#endif + } + UMM_CRITICAL_SUSPEND(id_realloc); + memmove( (void *)&UMM_DATA(c), ptr, curSize ); + ptr = (void *)&UMM_DATA(c); + UMM_CRITICAL_RESUME(id_realloc); + } else if (blockSize >= blocks) { // 2 + DBGLOG_DEBUG( "realloc the same or smaller size block - %d, do nothing\n", blocks ); + /* This space intentionally left blank */ + } else if ((blockSize + nextBlockSize) >= blocks) { // 3 + DBGLOG_DEBUG( "realloc using next block - %d\n", blocks ); + umm_assimilate_up( c ); + STATS__FREE_BLOCKS_UPDATE(-nextBlockSize); + blockSize += nextBlockSize; + } else { // 4 + UMM_CRITICAL_SUSPEND(id_realloc); + DBGLOG_DEBUG( "realloc a completely new block %d\n", blocks ); + void *oldptr = ptr; + if( (ptr = umm_malloc( size )) ) { + DBGLOG_DEBUG( "realloc %d to a bigger block %d, copy, and free the old\n", blockSize, blocks ); + memcpy( ptr, oldptr, curSize ); + umm_free( oldptr); + blockSize = blocks; + UMM_CRITICAL_RESUME(id_realloc); + } else { + DBGLOG_DEBUG( "realloc %d to a bigger block %d failed - return NULL and leave the old block!\n", blockSize, blocks ); + /* This space intentionally left blnk */ + UMM_CRITICAL_RESUME(id_realloc); + STATS__OOM_UPDATE(); + } + } +#else +#warning "Neither UMM_REALLOC_DEFRAG nor UMM_REALLOC_MINIMIZE_COPY is defined - check umm_malloc_cfg.h" + /* An always copy option just for performance/fragmentation comparison */ + if (blockSize >= blocks) { + DBGLOG_DEBUG( "realloc the same or smaller size block - %d, do nothing\n", blocks ); + /* This space intentionally left blank */ + } else { + UMM_CRITICAL_SUSPEND(id_realloc); + DBGLOG_DEBUG( "realloc a completely new block %d\n", blocks ); + void *oldptr = ptr; + if( (ptr = umm_malloc( size )) ) { + DBGLOG_DEBUG( "realloc %d to a bigger block %d, copy, and free the old\n", blockSize, blocks ); + memcpy( ptr, oldptr, curSize ); + umm_free( oldptr ); + blockSize = blocks; + UMM_CRITICAL_RESUME(id_realloc); + } else { + DBGLOG_DEBUG( "realloc %d to a bigger block %d failed - return NULL and leave the old block!\n", blockSize, blocks ); + /* This space intentionally left blnk */ + UMM_CRITICAL_RESUME(id_realloc); + STATS__OOM_UPDATE(); + } + } +#endif + /* Now all we need to do is figure out if the block fit exactly or if we + * need to split and free ... + */ + + if (blockSize > blocks ) { + DBGLOG_DEBUG( "split and free %d blocks from %d\n", blocks, blockSize ); + umm_split_block( c, blocks, 0 ); + umm_free( (void *)&UMM_DATA(c+blocks) ); + } + + STATS__FREE_BLOCKS_MIN(); + + /* Release the critical section... */ + UMM_CRITICAL_EXIT(id_realloc); + + return( ptr ); +} + +/* ------------------------------------------------------------------------ */ + +void *umm_calloc( size_t num, size_t item_size ) { + void *ret; + + ret = umm_malloc((size_t)(item_size * num)); + + if (ret) + memset(ret, 0x00, (size_t)(item_size * num)); + + return ret; +} -#include "umm_malloc.c" +/* ------------------------------------------------------------------------ */ }; diff --git a/cores/esp8266/umm_malloc/umm_malloc_cfg.h b/cores/esp8266/umm_malloc/umm_malloc_cfg.h index 0d555e83c2..030e65d9d4 100644 --- a/cores/esp8266/umm_malloc/umm_malloc_cfg.h +++ b/cores/esp8266/umm_malloc/umm_malloc_cfg.h @@ -58,6 +58,8 @@ extern "C" { ///////////////////////////////////////////////// #undef DBGLOG_FUNCTION #undef DBGLOG_FUNCTION_P + +//C This #if 1 changes once the best print option from ISR is determined #if 1 int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2))); // Note, _isr_safe_printf_P will not handle additional string arguments in @@ -133,57 +135,86 @@ extern char _heap_start[]; * most. */ /* +#define UMM_STATS +#define UMM_STATS_FULL */ - #define UMM_STATS -#ifdef DEBUG_ESP_PORT +#if defined(DEBUG_ESP_PORT) && !defined(UMM_STATS) && !defined(UMM_STATS_FULL) #define UMM_STATS_FULL +#elif !defined(UMM_STATS) && !defined(UMM_STATS_FULL) +#define UMM_STATS #endif #if defined(UMM_STATS) || defined(UMM_STATS_FULL) typedef struct UMM_STATISTICS_t { unsigned short int free_blocks; + size_t oom_count; #ifdef UMM_STATS_FULL unsigned short int free_blocks_min; unsigned short int free_blocks_isr_min; size_t alloc_max_size; + size_t last_alloc_size; size_t id_malloc_count; + size_t id_malloc_zero_count; size_t id_realloc_count; - size_t oom_count; + size_t id_realloc_zero_count; + size_t id_free_count; + size_t id_free_null_count; #endif } UMM_STATISTICS; extern UMM_STATISTICS ummStats; +#define STATS__FREE_BLOCKS_UPDATE(s) ummStats.free_blocks += (s) +#define STATS__OOM_UPDATE() ummStats.oom_count += 1 + size_t umm_free_heap_size_lw( void ); -#define STATS__FREE_BLOCKS_UPDATE(s) ummStats.free_blocks += (s) +static inline size_t ICACHE_FLASH_ATTR umm_get_oom_count( void ) { + return ummStats.oom_count; +} #else // not UMM_STATS or UMM_STATS_FULL #define STATS__FREE_BLOCKS_UPDATE(s) (void)(s) +#define STATS__OOM_UPDATE() (void)0 #endif #ifdef UMM_STATS_FULL #define STATS__FREE_BLOCKS_MIN() \ +do { \ if (ummStats.free_blocks < ummStats.free_blocks_min) \ - ummStats.free_blocks_min = ummStats.free_blocks + ummStats.free_blocks_min = ummStats.free_blocks; \ +} while(false) -//C TODO: Needs a new name. ISR is too specific to our use. For upstream -//C needs to indicate it is related to a temporary low, created during a -//C realloc that includes memmove/copy. #define STATS__FREE_BLOCKS_ISR_MIN() \ +do { \ if (ummStats.free_blocks < ummStats.free_blocks_isr_min) \ - ummStats.free_blocks_isr_min = ummStats.free_blocks + ummStats.free_blocks_isr_min = ummStats.free_blocks; \ +} while(false) #define STATS__ALLOC_REQUEST(tag, s) \ -{ \ +do { \ ummStats.tag##_count += 1; \ + ummStats.last_alloc_size = s; \ if (ummStats.alloc_max_size < s) \ ummStats.alloc_max_size = s; \ -} +} while(false) -#define STATS__OOM_UPDATE() ummStats.oom_count += 1 +#define STATS__ZERO_ALLOC_REQUEST(tag, s) \ +do { \ + ummStats.tag##_zero_count += 1; \ +} while(false) + +#define STATS__NULL_FREE_REQUEST(tag) \ +do { \ + ummStats.tag##_null_count += 1; \ +} while(false) + +#define STATS__FREE_REQUEST(tag) \ +do { \ + ummStats.tag##_count += 1; \ +} while(false) static inline size_t ICACHE_FLASH_ATTR umm_free_heap_size_lw_min( void ) { return (size_t)ummStats.free_blocks_min * umm_block_size(); @@ -206,23 +237,41 @@ static inline size_t ICACHE_FLASH_ATTR umm_get_max_alloc_size( void ) { return ummStats.alloc_max_size; } +static inline size_t ICACHE_FLASH_ATTR umm_get_last_alloc_size( void ) { + return ummStats.last_alloc_size; +} + static inline size_t ICACHE_FLASH_ATTR umm_get_malloc_count( void ) { return ummStats.id_malloc_count; } +static inline size_t ICACHE_FLASH_ATTR umm_get_malloc_zero_count( void ) { + return ummStats.id_malloc_zero_count; +} + static inline size_t ICACHE_FLASH_ATTR umm_get_realloc_count( void ) { return ummStats.id_realloc_count; } -static inline size_t ICACHE_FLASH_ATTR umm_get_oom_count( void ) { - return ummStats.oom_count; +static inline size_t ICACHE_FLASH_ATTR umm_get_realloc_zero_count( void ) { + return ummStats.id_realloc_zero_count; +} + +static inline size_t ICACHE_FLASH_ATTR umm_get_free_count( void ) { + return ummStats.id_free_count; +} + +static inline size_t ICACHE_FLASH_ATTR umm_get_free_null_count( void ) { + return ummStats.id_free_null_count; } #else // Not UMM_STATS_FULL -#define STATS__FREE_BLOCKS_MIN() (void)0 -#define STATS__FREE_BLOCKS_ISR_MIN() (void)0 -#define STATS__ALLOC_REQUEST(tag, s) (void)(s) -#define STATS__OOM_UPDATE() (void)0 +#define STATS__FREE_BLOCKS_MIN() (void)0 +#define STATS__FREE_BLOCKS_ISR_MIN() (void)0 +#define STATS__ALLOC_REQUEST(tag, s) (void)(s) +#define STATS__ZERO_ALLOC_REQUEST(tag, s) (void)(s) +#define STATS__NULL_FREE_REQUEST(tag) (void)0 +#define STATS__FREE_REQUEST(tag) (void)0 #endif #if defined(UMM_STATS) || defined(UMM_STATS_FULL) || defined(UMM_INFO) @@ -356,8 +405,8 @@ static inline void _critical_exit(UMM_TIME_STAT *p, uint32_t *saved_ps) { * * Pick one of these two stratagies. UMM_REALLOC_MINIMIZE_COPY grows upward or * shrinks an allocation, avoiding copy when possible. UMM_REALLOC_DEFRAG gives - * priority with growing the revised allocation toward the beginning of the heap - * when possible. + * priority with growing the revised allocation toward an adjacent hole in the + * direction of the beginning of the heap when possible. */ /* #define UMM_REALLOC_MINIMIZE_COPY @@ -394,44 +443,6 @@ static inline void _critical_exit(UMM_TIME_STAT *p, uint32_t *saved_ps) { # define INTEGRITY_CHECK() 0 #endif - -///////////////////////////////////////////////// - -#if defined(DEBUG_ESP_PORT) || defined(DEBUG_ESP_CORE) -#define UMM_POISON_CHECK - -// less agressive checking, checks at realloc and free only. -#define UMM_POISON_CHECK_LITE -// Note, UMM_POISON is deprecated -#define UMM_POISON -#endif - -#if defined(UMM_POISON_CHECK) || defined(UMM_INTEGRITY_CHECK) || defined(UMM_POISON_CHECK_LITE) -#if !defined(DBGLOG_LEVEL) || DBGLOG_LEVEL < 3 -// All debug prints in UMM_POISON_CHECK are level 3 -#undef DBGLOG_LEVEL -#define DBGLOG_LEVEL 3 -#endif -#endif - - -#if defined(UMM_CRITICAL_METRICS) -struct UMM_TIME_STATS_t { - UMM_TIME_STAT id_malloc; - UMM_TIME_STAT id_realloc; - UMM_TIME_STAT id_free; -#ifdef UMM_INFO - UMM_TIME_STAT id_info; -#endif -#ifdef UMM_POISON_CHECK - UMM_TIME_STAT id_poison; -#endif -#ifdef UMM_INTEGRITY_CHECK - UMM_TIME_STAT id_integrity; -#endif - UMM_TIME_STAT id_no_tag; -}; -#endif ///////////////////////////////////////////////// /* @@ -466,9 +477,11 @@ struct UMM_TIME_STATS_t { * every alloc API call. May exceed 10us due to critical section with IRQs * disabled. * - * UMM_POISON_CHECK_LITE - only checks the allocation presented at realloc() - * and free(). - * + * UMM_POISON_CHECK_LITE - checks the allocation presented at realloc() + * and free(). Expands the poison check on the current allocation to + * include its nearest allocated neighbors in the heap. + * umm_malloc() will also checks the neighbors of the selected allocation + * before use. */ /* @@ -500,30 +513,55 @@ struct UMM_TIME_STATS_t { // Local Additions to better report location in code of the caller. void *umm_poison_realloc_fl( void *ptr, size_t size, const char* file, int line ); void umm_poison_free_fl( void *ptr, const char* file, int line ); - extern int umm_poison_check_result; - // UMM_HEAP_CORRUPTION_CB was missing for umm_poison... - // TODO: recheck this assertion and find when. - // Introduced new CB specific for umm_poison -# define UMM_HEAP_POISON_CB() umm_poison_check_result = 0 #if defined(UMM_POISON_CHECK_LITE) /* * We can safely do individual poison checks at free and realloc and stay * under 10us or close. */ # define POISON_CHECK() 1 + # define POISON_CHECK_NEIGHBORS(c) \ + do {\ + if(!check_poison_neighbors(c)) \ + panic();\ + } while(false) #else /* Not normally enabled. A full heap poison check may exceed 10us. */ # define POISON_CHECK() umm_poison_check() + # define POISON_CHECK_NEIGHBORS(c) do{}while(false) #endif #else # define POISON_CHECK() 1 -# define UMM_HEAP_POISON_CB() do{}while(0) +# define POISON_CHECK_NEIGHBORS(c) do{}while(false) #endif +///////////////////////////////////////////////// -// #define UMM_HEAP_CORRUPTION_CB() panic() +#if defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) || defined(UMM_INTEGRITY_CHECK) +#if !defined(DBGLOG_LEVEL) || DBGLOG_LEVEL < 3 +// All debug prints in UMM_POISON_CHECK are level 3 +#undef DBGLOG_LEVEL +#define DBGLOG_LEVEL 3 +#endif +#endif +#if defined(UMM_CRITICAL_METRICS) +struct UMM_TIME_STATS_t { + UMM_TIME_STAT id_malloc; + UMM_TIME_STAT id_realloc; + UMM_TIME_STAT id_free; +#ifdef UMM_INFO + UMM_TIME_STAT id_info; +#endif +#if defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) + UMM_TIME_STAT id_poison; +#endif +#ifdef UMM_INTEGRITY_CHECK + UMM_TIME_STAT id_integrity; +#endif + UMM_TIME_STAT id_no_tag; +}; +#endif ///////////////////////////////////////////////// #ifdef DEBUG_ESP_OOM @@ -571,13 +609,13 @@ void ICACHE_RAM_ATTR vPortFree(void *ptr, const char* file, int line); #define malloc(s) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; pvPortMalloc(s, mem_debug_file, __LINE__); }) #define calloc(n,s) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; pvPortCalloc(n, s, mem_debug_file, __LINE__); }) #define realloc(p,s) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; pvPortRealloc(p, s, mem_debug_file, __LINE__); }) - #if defined(UMM_POISON_CHECK) + #if defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) #if 0 #define free(p) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; vPortFree(p, mem_debug_file, __LINE__); }) #endif #endif -#elif defined(UMM_POISON_CHECK) +#elif defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) #include void* ICACHE_RAM_ATTR pvPortRealloc(void *ptr, size_t size, const char* file, int line); diff --git a/cores/esp8266/umm_malloc/umm_malloc_cfg_example.h b/cores/esp8266/umm_malloc/umm_malloc_cfg_example.h deleted file mode 100644 index ae3ecfde47..0000000000 --- a/cores/esp8266/umm_malloc/umm_malloc_cfg_example.h +++ /dev/null @@ -1,176 +0,0 @@ -/* - * Configuration for umm_malloc - */ - -#ifndef _UMM_MALLOC_CFG_H -#define _UMM_MALLOC_CFG_H - -/* - * There are a number of defines you can set at compile time that affect how - * the memory allocator will operate. - * You can set them in your config file umm_malloc_cfg.h. - * In GNU C, you also can set these compile time defines like this: - * - * -D UMM_TEST_MAIN - * - * Set this if you want to compile in the test suite - * - * -D UMM_BEST_FIT (defualt) - * - * Set this if you want to use a best-fit algorithm for allocating new - * blocks - * - * -D UMM_FIRST_FIT - * - * Set this if you want to use a first-fit algorithm for allocating new - * blocks - * - * -D UMM_DBG_LOG_LEVEL=n - * - * Set n to a value from 0 to 6 depending on how verbose you want the debug - * log to be - * - * ---------------------------------------------------------------------------- - * - * Support for this library in a multitasking environment is provided when - * you add bodies to the UMM_CRITICAL_ENTRY and UMM_CRITICAL_EXIT macros - * (see below) - * - * ---------------------------------------------------------------------------- - */ - - -/* Start addresses and the size of the heap */ -#define UMM_MALLOC_CFG_HEAP_ADDR /* TODO */ -#define UMM_MALLOC_CFG_HEAP_SIZE /* TODO */ - -/* A couple of macros to make packing structures less compiler dependent */ - -#define UMM_H_ATTPACKPRE -#define UMM_H_ATTPACKSUF __attribute__((__packed__)) - -#define UMM_BEST_FIT -#undef UMM_FIRST_FIT - -/* - * -D UMM_INFO : - * - * Enables a dup of the heap contents and a function to return the total - * heap size that is unallocated - note this is not the same as the largest - * unallocated block on the heap! - */ - -/* -#define UMM_INFO -*/ - -#ifdef UMM_INFO - typedef struct UMM_HEAP_INFO_t { - unsigned short int totalEntries; - unsigned short int usedEntries; - unsigned short int freeEntries; - - unsigned short int totalBlocks; - unsigned short int usedBlocks; - unsigned short int freeBlocks; - - unsigned short int maxFreeContiguousBlocks; - } - UMM_HEAP_INFO; - - extern UMM_HEAP_INFO ummHeapInfo; - - void *umm_info( void *ptr, int force ); - size_t umm_free_heap_size( void ); - -#else -#endif - -/* - * A couple of macros to make it easier to protect the memory allocator - * in a multitasking system. You should set these macros up to use whatever - * your system uses for this purpose. You can disable interrupts entirely, or - * just disable task switching - it's up to you - * - * NOTE WELL that these macros MUST be allowed to nest, because umm_free() is - * called from within umm_malloc() - */ - -#define UMM_CRITICAL_ENTRY() -#define UMM_CRITICAL_EXIT() - -/* - * -D UMM_INTEGRITY_CHECK : - * - * Enables heap integrity check before any heap operation. It affects - * performance, but does NOT consume extra memory. - * - * If integrity violation is detected, the message is printed and user-provided - * callback is called: `UMM_HEAP_CORRUPTION_CB()` - * - * Note that not all buffer overruns are detected: each buffer is aligned by - * 4 bytes, so there might be some trailing "extra" bytes which are not checked - * for corruption. - */ - -/* -#define UMM_INTEGRITY_CHECK -*/ - -#ifdef UMM_INTEGRITY_CHECK - int umm_integrity_check( void ); -# define INTEGRITY_CHECK() umm_integrity_check() - extern void umm_corruption(void); -# define UMM_HEAP_CORRUPTION_CB() printf( "Heap Corruption!" ) -#else -# define INTEGRITY_CHECK() 0 -#endif - -/* - * -D UMM_POISON : - * - * Enables heap poisoning: add predefined value (poison) before and after each - * allocation, and check before each heap operation that no poison is - * corrupted. - * - * Other than the poison itself, we need to store exact user-requested length - * for each buffer, so that overrun by just 1 byte will be always noticed. - * - * Customizations: - * - * UMM_POISON_SIZE_BEFORE: - * Number of poison bytes before each block, e.g. 2 - * UMM_POISON_SIZE_AFTER: - * Number of poison bytes after each block e.g. 2 - * UMM_POISONED_BLOCK_LEN_TYPE - * Type of the exact buffer length, e.g. `short` - * - * NOTE: each allocated buffer is aligned by 4 bytes. But when poisoning is - * enabled, actual pointer returned to user is shifted by - * `(sizeof(UMM_POISONED_BLOCK_LEN_TYPE) + UMM_POISON_SIZE_BEFORE)`. - * It's your responsibility to make resulting pointers aligned appropriately. - * - * If poison corruption is detected, the message is printed and user-provided - * callback is called: `UMM_HEAP_CORRUPTION_CB()` - */ - -/* -#define UMM_POISON_CHECK -*/ - -#define UMM_POISON_SIZE_BEFORE 4 -#define UMM_POISON_SIZE_AFTER 4 -#define UMM_POISONED_BLOCK_LEN_TYPE short - -#ifdef UMM_POISON_CHECK - void *umm_poison_malloc( size_t size ); - void *umm_poison_calloc( size_t num, size_t size ); - void *umm_poison_realloc( void *ptr, size_t size ); - void umm_poison_free( void *ptr ); - int umm_poison_check( void ); -# define POISON_CHECK() umm_poison_check() -#else -# define POISON_CHECK() 0 -#endif - -#endif /* _UMM_MALLOC_CFG_H */ diff --git a/cores/esp8266/umm_malloc/umm_poison.c b/cores/esp8266/umm_malloc/umm_poison.c index 5379b2c24d..f08887675d 100644 --- a/cores/esp8266/umm_malloc/umm_poison.c +++ b/cores/esp8266/umm_malloc/umm_poison.c @@ -1,5 +1,5 @@ /* poisoning (UMM_POISON_CHECK) {{{ */ -#if defined(UMM_POISON_CHECK) +#if defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) #define POISON_BYTE (0xa5) /* @@ -133,9 +133,7 @@ static void *get_unpoisoned( void *v_ptr ) { /* Figure out which block we're in. Note the use of truncated division... */ c = (((char *)ptr)-(char *)(&(umm_heap[0])))/sizeof(umm_block); - if (!check_poison_block(&UMM_BLOCK(c))) { - UMM_HEAP_POISON_CB(); - } + check_poison_block(&UMM_BLOCK(c)); } return (void *)ptr; From 5ded134f480b701954d1e8c8f3084b99a5d257c0 Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Sat, 7 Sep 2019 22:36:42 -0700 Subject: [PATCH 07/27] Updated printing in heap.cpp to behave the way os_printf did. Updated printing in heap.cpp to behave the way os_printf would have with regards to system_set_os_print. ie. setDebugOutput enable/disables printing Expanded #ifdef fenceing of .c files to prevent Arduino IDE from building them outside of the .cpp file they are included in. Corrected more conditional building issues. Remaining concern - umm_info(0, true) printing - does it need an ISR safe method, all printing is done from within a critical sectionn with rsil(15)? Or should be have the print option disabled for non-debug builds. ie. Debug port: "Disabled" --- cores/esp8266/heap.cpp | 4 ++- cores/esp8266/umm_malloc/isr_safe_printf.cpp | 3 +- cores/esp8266/umm_malloc/umm_info.c | 2 ++ cores/esp8266/umm_malloc/umm_integrity.c | 2 +- cores/esp8266/umm_malloc/umm_local.c | 4 +++ cores/esp8266/umm_malloc/umm_malloc.cpp | 3 ++ cores/esp8266/umm_malloc/umm_malloc_cfg.h | 32 ++++++++++---------- cores/esp8266/umm_malloc/umm_poison.c | 2 ++ 8 files changed, 32 insertions(+), 20 deletions(-) diff --git a/cores/esp8266/heap.cpp b/cores/esp8266/heap.cpp index a9d4845d05..fc803d72c0 100644 --- a/cores/esp8266/heap.cpp +++ b/cores/esp8266/heap.cpp @@ -128,12 +128,14 @@ static const char oom_fmt_2[] PROGMEM STORE_ATTR = ":%d\n"; void ICACHE_RAM_ATTR print_loc(size_t size, const char* file, int line) { + if (system_get_os_print()) { DBGLOG_FUNCTION_P(oom_fmt_1, (int)size); DBGLOG_FUNCTION_P(file); DBGLOG_FUNCTION_P(oom_fmt_2, line); + } } -#define OOM_CHECK__PRINT_OOM(p, f, s) if (!p) DBGLOG_FUNCTION_P(f, s) +#define OOM_CHECK__PRINT_OOM(p, f, s) if (!p && system_get_os_print()) DBGLOG_FUNCTION_P(f, s) #define OOM_CHECK__PRINT_LOC(p, s, f, l) if (!p) print_loc(s, f, l) #else // ! DEBUG_ESP_OOM diff --git a/cores/esp8266/umm_malloc/isr_safe_printf.cpp b/cores/esp8266/umm_malloc/isr_safe_printf.cpp index 9ca573f2d3..d6053477b7 100644 --- a/cores/esp8266/umm_malloc/isr_safe_printf.cpp +++ b/cores/esp8266/umm_malloc/isr_safe_printf.cpp @@ -64,8 +64,7 @@ extern "C" { -//C This #if 1 changes once the best print option from ISR is determined. -#if 1 +#if defined(DEBUG_ESP_PORT) || defined(DEBUG_ESP_OOM) || defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2))); // Note, _isr_safe_printf_P will not handle additional string arguments in diff --git a/cores/esp8266/umm_malloc/umm_info.c b/cores/esp8266/umm_malloc/umm_info.c index 1a0a4815dc..287f53c7b2 100644 --- a/cores/esp8266/umm_malloc/umm_info.c +++ b/cores/esp8266/umm_malloc/umm_info.c @@ -1,3 +1,4 @@ +#if defined(BUILD_UMM_MALLOC_C) #ifdef UMM_INFO /* ---------------------------------------------------------------------------- @@ -203,3 +204,4 @@ size_t umm_free_heap_size_lw( void ) { return (size_t)ummStats.free_blocks * sizeof(umm_block); } #endif +#endif diff --git a/cores/esp8266/umm_malloc/umm_integrity.c b/cores/esp8266/umm_malloc/umm_integrity.c index 71460bee1f..4814e84803 100644 --- a/cores/esp8266/umm_malloc/umm_integrity.c +++ b/cores/esp8266/umm_malloc/umm_integrity.c @@ -1,5 +1,5 @@ /* integrity check (UMM_INTEGRITY_CHECK) {{{ */ -#if defined(UMM_INTEGRITY_CHECK) +#if defined(UMM_INTEGRITY_CHECK) && defined(BUILD_UMM_MALLOC_C) /* * Perform integrity check of the whole heap data. Returns 1 in case of * success, 0 otherwise. diff --git a/cores/esp8266/umm_malloc/umm_local.c b/cores/esp8266/umm_malloc/umm_local.c index 2917343570..b5ee4eb99d 100644 --- a/cores/esp8266/umm_malloc/umm_local.c +++ b/cores/esp8266/umm_malloc/umm_local.c @@ -2,6 +2,8 @@ * Local Additions/Enhancements * */ +#if defined(BUILD_UMM_MALLOC_C) + #if defined(UMM_CRITICAL_METRICS) /* * umm_malloc performance measurments for critical sections @@ -154,3 +156,5 @@ size_t xPortGetFreeHeapSize(void) __attribute__ ((alias("umm_free_heap_size_lw") size_t umm_free_heap_size( void ) __attribute__ ((alias("umm_free_heap_size_info"))); size_t xPortGetFreeHeapSize(void) __attribute__ ((alias("umm_free_heap_size_info"))); #endif + +#endif diff --git a/cores/esp8266/umm_malloc/umm_malloc.cpp b/cores/esp8266/umm_malloc/umm_malloc.cpp index 5f94f9bb83..2fb9089dbd 100644 --- a/cores/esp8266/umm_malloc/umm_malloc.cpp +++ b/cores/esp8266/umm_malloc/umm_malloc.cpp @@ -129,6 +129,9 @@ /* * Added for using with Arduino ESP8266 and handling renameing to umm_malloc.cpp */ + +#define BUILD_UMM_MALLOC_C + extern "C" { #include diff --git a/cores/esp8266/umm_malloc/umm_malloc_cfg.h b/cores/esp8266/umm_malloc/umm_malloc_cfg.h index 030e65d9d4..bc2d3a53d1 100644 --- a/cores/esp8266/umm_malloc/umm_malloc_cfg.h +++ b/cores/esp8266/umm_malloc/umm_malloc_cfg.h @@ -55,22 +55,6 @@ extern "C" { * ---------------------------------------------------------------------------- */ -///////////////////////////////////////////////// -#undef DBGLOG_FUNCTION -#undef DBGLOG_FUNCTION_P - -//C This #if 1 changes once the best print option from ISR is determined -#if 1 -int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2))); -// Note, _isr_safe_printf_P will not handle additional string arguments in -// PROGMEM. Only the 1st parameter, fmt, is supported in PROGMEM. -#define DBGLOG_FUNCTION(fmt, ...) _isr_safe_printf_P(PSTR(fmt), ##__VA_ARGS__) -#define DBGLOG_FUNCTION_P(fmt, ...) _isr_safe_printf_P(fmt, ##__VA_ARGS__) -#else -#define DBGLOG_FUNCTION(fmt, ...) printf(PSTR(fmt), ##__VA_ARGS__) -#define DBGLOG_FUNCTION_P(fmt, ...) printf_P(fmt, ##__VA_ARGS__) -#endif -///////////////////////////////////////////////// /* Start addresses and the size of the heap */ extern char _heap_start[]; @@ -534,6 +518,22 @@ static inline void _critical_exit(UMM_TIME_STAT *p, uint32_t *saved_ps) { # define POISON_CHECK_NEIGHBORS(c) do{}while(false) #endif +///////////////////////////////////////////////// +#undef DBGLOG_FUNCTION +#undef DBGLOG_FUNCTION_P + +#if defined(DEBUG_ESP_PORT) || defined(DEBUG_ESP_OOM) || defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) +int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2))); +// Note, _isr_safe_printf_P will not handle additional string arguments in +// PROGMEM. Only the 1st parameter, fmt, is supported in PROGMEM. +#define DBGLOG_FUNCTION(fmt, ...) _isr_safe_printf_P(PSTR(fmt), ##__VA_ARGS__) +#define DBGLOG_FUNCTION_P(fmt, ...) _isr_safe_printf_P(fmt, ##__VA_ARGS__) +#else +#define DBGLOG_FUNCTION(fmt, ...) printf(PSTR(fmt), ##__VA_ARGS__) +#define DBGLOG_FUNCTION_P(fmt, ...) printf_P(fmt, ##__VA_ARGS__) +#endif + +//C What about printing from umm_info - does it need to be ISR safe ///////////////////////////////////////////////// diff --git a/cores/esp8266/umm_malloc/umm_poison.c b/cores/esp8266/umm_malloc/umm_poison.c index f08887675d..e78712d05b 100644 --- a/cores/esp8266/umm_malloc/umm_poison.c +++ b/cores/esp8266/umm_malloc/umm_poison.c @@ -1,4 +1,5 @@ /* poisoning (UMM_POISON_CHECK) {{{ */ +#if defined(BUILD_UMM_MALLOC_C) #if defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) #define POISON_BYTE (0xa5) @@ -235,3 +236,4 @@ int umm_poison_check(void) { /* ------------------------------------------------------------------------ */ #endif +#endif From 2a1923eff80683cea118cea3fad09aac55a003e0 Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Sun, 8 Sep 2019 10:21:24 -0700 Subject: [PATCH 08/27] Merged latest, 2019-09-07, from upstream umm_malloc * R.Hempel 2019-09-07 - Separate the malloc() and free() functionality into * wrappers that use critical section protection macros * and static core functions that assume they are * running in a protected con text. Thanks @devyte --- cores/esp8266/umm_malloc/umm_info.c | 5 +- cores/esp8266/umm_malloc/umm_integrity.c | 4 +- cores/esp8266/umm_malloc/umm_malloc.cpp | 151 +++++++++++++--------- cores/esp8266/umm_malloc/umm_malloc_cfg.h | 45 +++++-- cores/esp8266/umm_malloc/umm_poison.c | 6 +- 5 files changed, 131 insertions(+), 80 deletions(-) diff --git a/cores/esp8266/umm_malloc/umm_info.c b/cores/esp8266/umm_malloc/umm_info.c index 287f53c7b2..10d503aff5 100644 --- a/cores/esp8266/umm_malloc/umm_info.c +++ b/cores/esp8266/umm_malloc/umm_info.c @@ -1,4 +1,5 @@ #if defined(BUILD_UMM_MALLOC_C) + #ifdef UMM_INFO /* ---------------------------------------------------------------------------- @@ -36,6 +37,7 @@ void *umm_info( void *ptr, int force ) { */ memset( &ummHeapInfo, 0, sizeof( ummHeapInfo ) ); + DBGLOG_FORCE( force, "\n" ); DBGLOG_FORCE( force, "+----------+-------+--------+--------+-------+--------+--------+\n" ); DBGLOG_FORCE( force, "|0x%08lx|B %5d|NB %5d|PB %5d|Z %5d|NF %5d|PF %5d|\n", (unsigned long)(&UMM_BLOCK(blockNo)), @@ -204,4 +206,5 @@ size_t umm_free_heap_size_lw( void ) { return (size_t)ummStats.free_blocks * sizeof(umm_block); } #endif -#endif + +#endif // defined(BUILD_UMM_MALLOC_C) diff --git a/cores/esp8266/umm_malloc/umm_integrity.c b/cores/esp8266/umm_malloc/umm_integrity.c index 4814e84803..ff3cb24a1a 100644 --- a/cores/esp8266/umm_malloc/umm_integrity.c +++ b/cores/esp8266/umm_malloc/umm_integrity.c @@ -1,5 +1,6 @@ +#if defined(BUILD_UMM_MALLOC_C) /* integrity check (UMM_INTEGRITY_CHECK) {{{ */ -#if defined(UMM_INTEGRITY_CHECK) && defined(BUILD_UMM_MALLOC_C) +#if defined(UMM_INTEGRITY_CHECK) /* * Perform integrity check of the whole heap data. Returns 1 in case of * success, 0 otherwise. @@ -130,3 +131,4 @@ int umm_integrity_check(void) { #endif /* }}} */ +#endif // defined(BUILD_UMM_MALLOC_C) diff --git a/cores/esp8266/umm_malloc/umm_malloc.cpp b/cores/esp8266/umm_malloc/umm_malloc.cpp index 2fb9089dbd..665a8ac789 100644 --- a/cores/esp8266/umm_malloc/umm_malloc.cpp +++ b/cores/esp8266/umm_malloc/umm_malloc.cpp @@ -24,6 +24,10 @@ * - Move integrity and poison checking to separate file * R.Hempel 2017-12-29 - Fix bug in realloc when requesting a new block that * results in OOM error - see Issue 11 + * R.Hempel 2019-09-07 - Separate the malloc() and free() functionality into + * wrappers that use critical section protection macros + * and static core functions that assume they are + * running in a protected con text. Thanks @devyte * ---------------------------------------------------------------------------- */ @@ -367,22 +371,15 @@ void umm_init( void ) { } } -/* ------------------------------------------------------------------------ */ +/* ------------------------------------------------------------------------ + * Must be called only from within critical sections guarded by + * UMM_CRITICAL_ENTRY() and UMM_CRITICAL_EXIT(). + */ -void umm_free( void *ptr ) { - UMM_CRITICAL_DECL(id_free); +static void umm_free_core( void *ptr ) { unsigned short int c; - /* If we're being asked to free a NULL pointer, well that's just silly! */ - - if( (void *)0 == ptr ) { - DBGLOG_DEBUG( "free a null pointer -> do nothing\n" ); - STATS__NULL_FREE_REQUEST(id_free); - - return; - } - STATS__FREE_REQUEST(id_free); /* * FIXME: At some point it might be a good idea to add a check to make sure @@ -399,9 +396,6 @@ void umm_free( void *ptr ) { DBGLOG_DEBUG( "Freeing block %6d\n", c ); - /* Protect the critical section... */ - UMM_CRITICAL_ENTRY(id_free); - /* Update stats Free Block count */ STATS__FREE_BLOCKS_UPDATE(UMM_NBLOCK(c) - c); @@ -431,50 +425,53 @@ void umm_free( void *ptr ) { UMM_NBLOCK(c) |= UMM_FREELIST_MASK; } - - /* Release the critical section... */ - UMM_CRITICAL_EXIT(id_free); } /* ------------------------------------------------------------------------ */ -void *umm_malloc( size_t size ) { - UMM_CRITICAL_DECL(id_malloc); +void umm_free( void *ptr ) { + UMM_CRITICAL_DECL(id_free); - unsigned short int blocks; - unsigned short int blockSize = 0; + if (umm_heap == NULL) { + umm_init(); + } - unsigned short int bestSize; - unsigned short int bestBlock; + /* If we're being asked to free a NULL pointer, well that's just silly! */ - unsigned short int cf; + if( (void *)0 == ptr ) { + DBGLOG_DEBUG( "free a null pointer -> do nothing\n" ); + STATS__NULL_FREE_REQUEST(id_free); - if (umm_heap == NULL) { - umm_init(); + return; } - /* - * the very first thing we do is figure out if we're being asked to allocate - * a size of 0 - and if we are we'll simply return a null pointer. if not - * then reduce the size by 1 byte so that the subsequent calculations on - * the number of blocks to allocate are easier... - */ + /* Free the memory withing a protected critical section */ + UMM_CRITICAL_ENTRY(id_free); - if( 0 == size ) { - DBGLOG_DEBUG( "malloc a block of 0 bytes -> do nothing\n" ); - STATS__ZERO_ALLOC_REQUEST(id_malloc, size); + umm_free_core( ptr ); - return( (void *)NULL ); - } + UMM_CRITICAL_EXIT(id_free); +} + +/* ------------------------------------------------------------------------ + * Must be called only from within critical sections guarded by + * UMM_CRITICAL_ENTRY() and UMM_CRITICAL_EXIT(). + */ + +static void *umm_malloc_core( size_t size ) { + unsigned short int blocks; + unsigned short int blockSize = 0; + + unsigned short int bestSize; + unsigned short int bestBlock; + + unsigned short int cf; STATS__ALLOC_REQUEST(id_malloc, size); blocks = umm_blocks( size ); - /* Protect the critical section... */ - UMM_CRITICAL_ENTRY(id_malloc); - /* * Now we can scan through the free list until we find a space that's big * enough to hold the number of blocks we need. @@ -566,16 +563,46 @@ void *umm_malloc( size_t size ) { DBGLOG_DEBUG( "Can't allocate %5d blocks\n", blocks ); - /* Release the critical section... */ - UMM_CRITICAL_EXIT(id_malloc); - return( (void *)NULL ); } - /* Release the critical section... */ + return( (void *)&UMM_DATA(cf) ); +} + +/* ------------------------------------------------------------------------ */ + +void *umm_malloc( size_t size ) { + UMM_CRITICAL_DECL(id_malloc); + + void *ptr = NULL; + + if (umm_heap == NULL) { + umm_init(); + } + + /* + * the very first thing we do is figure out if we're being asked to allocate + * a size of 0 - and if we are we'll simply return a null pointer. if not + * then reduce the size by 1 byte so that the subsequent calculations on + * the number of blocks to allocate are easier... + */ + + if( 0 == size ) { + DBGLOG_DEBUG( "malloc a block of 0 bytes -> do nothing\n" ); + STATS__ZERO_ALLOC_REQUEST(id_malloc, size); + + return( ptr ); + } + + /* Allocate the memory withing a protected critical section */ + + UMM_CRITICAL_ENTRY(id_malloc); + + ptr = umm_malloc_core( size ); + UMM_CRITICAL_EXIT(id_malloc); - return( (void *)&UMM_DATA(cf) ); + return( ptr ); } /* ------------------------------------------------------------------------ */ @@ -724,7 +751,7 @@ void *umm_realloc( void *ptr, size_t size ) { #ifdef UMM_LIGHTWEIGHT_CPU if ((prevBlockSize + blockSize + nextBlockSize) > blocks) { umm_split_block( c, blocks, 0 ); - umm_free( (void *)&UMM_DATA(c+blocks) ); + umm_free_core( (void *)&UMM_DATA(c+blocks) ); } STATS__FREE_BLOCKS_ISR_MIN(); blockSize = blocks; @@ -736,19 +763,18 @@ void *umm_realloc( void *ptr, size_t size ) { ptr = (void *)&UMM_DATA(c); UMM_CRITICAL_RESUME(id_realloc); } else { - UMM_CRITICAL_SUSPEND(id_realloc); DBGLOG_DEBUG( "realloc a completely new block %i\n", blocks ); void *oldptr = ptr; - if( (ptr = umm_malloc( size )) ) { + if( (ptr = umm_malloc_core( size )) ) { DBGLOG_DEBUG( "realloc %i to a bigger block %i, copy, and free the old\n", blockSize, blocks ); + UMM_CRITICAL_SUSPEND(id_realloc); memcpy( ptr, oldptr, curSize ); - umm_free( oldptr ); - blockSize = blocks; UMM_CRITICAL_RESUME(id_realloc); + umm_free_core( oldptr ); + blockSize = blocks; } else { DBGLOG_DEBUG( "realloc %i to a bigger block %i failed - return NULL and leave the old block!\n", blockSize, blocks ); /* This space intentionally left blnk */ - UMM_CRITICAL_RESUME(id_realloc); STATS__OOM_UPDATE(); } } @@ -794,7 +820,7 @@ void *umm_realloc( void *ptr, size_t size ) { #ifdef UMM_LIGHTWEIGHT_CPU if (blockSize > blocks) { umm_split_block( c, blocks, 0 ); - umm_free( (void *)&UMM_DATA(c+blocks) ); + umm_free_core( (void *)&UMM_DATA(c+blocks) ); } STATS__FREE_BLOCKS_ISR_MIN(); blockSize = blocks; @@ -813,19 +839,18 @@ void *umm_realloc( void *ptr, size_t size ) { STATS__FREE_BLOCKS_UPDATE(-nextBlockSize); blockSize += nextBlockSize; } else { // 4 - UMM_CRITICAL_SUSPEND(id_realloc); DBGLOG_DEBUG( "realloc a completely new block %d\n", blocks ); void *oldptr = ptr; - if( (ptr = umm_malloc( size )) ) { + if( (ptr = umm_malloc_core( size )) ) { DBGLOG_DEBUG( "realloc %d to a bigger block %d, copy, and free the old\n", blockSize, blocks ); + UMM_CRITICAL_SUSPEND(id_realloc); memcpy( ptr, oldptr, curSize ); - umm_free( oldptr); - blockSize = blocks; UMM_CRITICAL_RESUME(id_realloc); + umm_free_core( oldptr); + blockSize = blocks; } else { DBGLOG_DEBUG( "realloc %d to a bigger block %d failed - return NULL and leave the old block!\n", blockSize, blocks ); /* This space intentionally left blnk */ - UMM_CRITICAL_RESUME(id_realloc); STATS__OOM_UPDATE(); } } @@ -836,15 +861,15 @@ void *umm_realloc( void *ptr, size_t size ) { DBGLOG_DEBUG( "realloc the same or smaller size block - %d, do nothing\n", blocks ); /* This space intentionally left blank */ } else { - UMM_CRITICAL_SUSPEND(id_realloc); DBGLOG_DEBUG( "realloc a completely new block %d\n", blocks ); void *oldptr = ptr; - if( (ptr = umm_malloc( size )) ) { + if( (ptr = umm_malloc_core( size )) ) { DBGLOG_DEBUG( "realloc %d to a bigger block %d, copy, and free the old\n", blockSize, blocks ); + UMM_CRITICAL_SUSPEND(id_realloc); memcpy( ptr, oldptr, curSize ); - umm_free( oldptr ); - blockSize = blocks; UMM_CRITICAL_RESUME(id_realloc); + umm_free_core( oldptr ); + blockSize = blocks; } else { DBGLOG_DEBUG( "realloc %d to a bigger block %d failed - return NULL and leave the old block!\n", blockSize, blocks ); /* This space intentionally left blnk */ @@ -860,7 +885,7 @@ void *umm_realloc( void *ptr, size_t size ) { if (blockSize > blocks ) { DBGLOG_DEBUG( "split and free %d blocks from %d\n", blocks, blockSize ); umm_split_block( c, blocks, 0 ); - umm_free( (void *)&UMM_DATA(c+blocks) ); + umm_free_core( (void *)&UMM_DATA(c+blocks) ); } STATS__FREE_BLOCKS_MIN(); diff --git a/cores/esp8266/umm_malloc/umm_malloc_cfg.h b/cores/esp8266/umm_malloc/umm_malloc_cfg.h index bc2d3a53d1..55e3527f83 100644 --- a/cores/esp8266/umm_malloc/umm_malloc_cfg.h +++ b/cores/esp8266/umm_malloc/umm_malloc_cfg.h @@ -55,11 +55,20 @@ extern "C" { * ---------------------------------------------------------------------------- */ +#ifdef TEST_BUILD +extern char test_umm_heap[]; +#endif +#ifdef TEST_BUILD +/* Start addresses and the size of the heap */ +#define UMM_MALLOC_CFG_HEAP_ADDR (test_umm_heap) +#define UMM_MALLOC_CFG_HEAP_SIZE 0x10000 +#else /* Start addresses and the size of the heap */ extern char _heap_start[]; #define UMM_MALLOC_CFG_HEAP_ADDR ((uint32_t)&_heap_start[0]) #define UMM_MALLOC_CFG_HEAP_SIZE ((size_t)(0x3fffc000 - UMM_MALLOC_CFG_HEAP_ADDR)) +#endif /* A couple of macros to make packing structures less compiler dependent */ @@ -336,17 +345,29 @@ static inline void _critical_exit(UMM_TIME_STAT *p, uint32_t *saved_ps) { * called from within umm_malloc() */ -#if defined(UMM_CRITICAL_METRICS) -#define UMM_CRITICAL_DECL(tag) uint32_t _saved_ps_##tag -#define UMM_CRITICAL_ENTRY(tag)_critical_entry(&time_stats.tag, &_saved_ps_##tag) -#define UMM_CRITICAL_EXIT(tag) _critical_exit(&time_stats.tag, &_saved_ps_##tag) - -#else // ! UMM_CRITICAL_METRICS - // This method preserves the intlevel on entry and restores the - // original intlevel at exit. -#define UMM_CRITICAL_DECL(tag) uint32_t _saved_ps_##tag -#define UMM_CRITICAL_ENTRY(tag) _saved_ps_##tag = xt_rsil(DEFAULT_CRITICAL_SECTION_INTLEVEL) -#define UMM_CRITICAL_EXIT(tag) xt_wsr_ps(_saved_ps_##tag) +#ifdef TEST_BUILD + extern int umm_critical_depth; + extern int umm_max_critical_depth; + #define UMM_CRITICAL_ENTRY() {\ + ++umm_critical_depth; \ + if (umm_critical_depth > umm_max_critical_depth) { \ + umm_max_critical_depth = umm_critical_depth; \ + } \ + } + #define UMM_CRITICAL_EXIT() (umm_critical_depth--) +#else + #if defined(UMM_CRITICAL_METRICS) + #define UMM_CRITICAL_DECL(tag) uint32_t _saved_ps_##tag + #define UMM_CRITICAL_ENTRY(tag)_critical_entry(&time_stats.tag, &_saved_ps_##tag) + #define UMM_CRITICAL_EXIT(tag) _critical_exit(&time_stats.tag, &_saved_ps_##tag) + + #else // ! UMM_CRITICAL_METRICS + // This method preserves the intlevel on entry and restores the + // original intlevel at exit. + #define UMM_CRITICAL_DECL(tag) uint32_t _saved_ps_##tag + #define UMM_CRITICAL_ENTRY(tag) _saved_ps_##tag = xt_rsil(DEFAULT_CRITICAL_SECTION_INTLEVEL) + #define UMM_CRITICAL_EXIT(tag) xt_wsr_ps(_saved_ps_##tag) + #endif #endif /* @@ -376,11 +397,9 @@ static inline void _critical_exit(UMM_TIME_STAT *p, uint32_t *saved_ps) { #ifdef UMM_LIGHTWEIGHT_CPU #define UMM_CRITICAL_SUSPEND(tag) UMM_CRITICAL_EXIT(tag) #define UMM_CRITICAL_RESUME(tag) UMM_CRITICAL_ENTRY(tag) -#define UMM_NEED_LOCK_LW_CPU true #else #define UMM_CRITICAL_SUSPEND(tag) do {} while(0) #define UMM_CRITICAL_RESUME(tag) do {} while(0) -#define UMM_NEED_LOCK_LW_CPU true #endif /* diff --git a/cores/esp8266/umm_malloc/umm_poison.c b/cores/esp8266/umm_malloc/umm_poison.c index e78712d05b..760ce1802c 100644 --- a/cores/esp8266/umm_malloc/umm_poison.c +++ b/cores/esp8266/umm_malloc/umm_poison.c @@ -1,5 +1,6 @@ -/* poisoning (UMM_POISON_CHECK) {{{ */ #if defined(BUILD_UMM_MALLOC_C) + +/* poisoning (UMM_POISON_CHECK) {{{ */ #if defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) #define POISON_BYTE (0xa5) @@ -236,4 +237,5 @@ int umm_poison_check(void) { /* ------------------------------------------------------------------------ */ #endif -#endif + +#endif // defined(BUILD_UMM_MALLOC_C) From f68a64f3887185d7e7a2c795fe1ceea24f9d8e87 Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Sun, 8 Sep 2019 15:18:45 -0700 Subject: [PATCH 09/27] Resolved issue where OOM selected w/ Debug port: "Disabled" caused hang. With OOM selected w/ Debug port: "Disabled" you can now use Serial.setDebugOutput(true); to enable OOM message displaying. This is the behavior previously available with os_printf. commit rev 1 --- cores/esp8266/heap.cpp | 61 ++++++++++---------- cores/esp8266/umm_malloc/isr_safe_printf.cpp | 2 +- cores/esp8266/umm_malloc/umm_malloc.cpp | 2 +- cores/esp8266/umm_malloc/umm_malloc_cfg.h | 1 - 4 files changed, 33 insertions(+), 33 deletions(-) diff --git a/cores/esp8266/heap.cpp b/cores/esp8266/heap.cpp index fc803d72c0..4846d4f60b 100644 --- a/cores/esp8266/heap.cpp +++ b/cores/esp8266/heap.cpp @@ -7,46 +7,53 @@ #include "umm_malloc/umm_malloc.h" #include #include - +#include extern "C" { -#if defined( UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) +#if defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) #define __umm_malloc(s) umm_poison_malloc(s) #define __umm_calloc(n,s) umm_poison_calloc(n,s) #define __umm_realloc_fl(p,s,f,l) umm_poison_realloc_fl(p,s,f,l) #define __umm_free_fl(p,f,l) umm_poison_free_fl(p,f,l) -#ifdef UMM_POISON_CHECK_LITE -#define POISON_CHECK__ABORT() do {} while(0) -#define POISON_CHECK__PANIC_FL(file, line) do { (void)file; (void)line; } while(0) - -#else // Full heap poison check at every malloc libary call. -#define POISON_CHECK__ABORT() \ - do { \ - if ( ! POISON_CHECK() ) \ - abort(); \ - } while(0) +#undef realloc +#undef free -#define POISON_CHECK__PANIC_FL(file, line) \ - do { \ - if ( ! POISON_CHECK() ) \ - __panic_func(file, line, ""); \ - } while(0) -#endif +#elif defined(DEBUG_ESP_OOM) +#define __umm_malloc(s) umm_malloc(s) +#define __umm_calloc(n,s) umm_calloc(n,s) +#define __umm_realloc_fl(p,s,f,l) umm_realloc(p,s) +#define __umm_free_fl(p,f,l) umm_free(p) #undef realloc #undef free -#else // ! UMM_POISON_CHECK +#else // ! UMM_POISON_CHECK && ! DEBUG_ESP_OOM #define __umm_malloc(s) malloc(s) #define __umm_calloc(n,s) calloc(n,s) #define __umm_realloc_fl(p,s,f,l) realloc(p,s) #define __umm_free_fl(p,f,l) free(p) +#endif -#define POISON_CHECK__ABORT() do {} while(0) -#define POISON_CHECK__PANIC_FL(file, line) do { (void)file; (void)line; } while(0) -#endif // UMM_POISON_CHECK + +#if defined(UMM_POISON_CHECK) + #define POISON_CHECK__ABORT() \ + do { \ + if ( ! POISON_CHECK() ) \ + abort(); \ + } while(0) + + #define POISON_CHECK__PANIC_FL(file, line) \ + do { \ + if ( ! POISON_CHECK() ) \ + __panic_func(file, line, ""); \ + } while(0) + +#else // No full heap poison checking. + #define POISON_CHECK__ABORT() do {} while(0) + #define POISON_CHECK__PANIC_FL(file, line) do { (void)file; (void)line; } while(0) +#endif // Debugging helper, last allocation which returned NULL void *umm_last_fail_alloc_addr = NULL; @@ -109,14 +116,6 @@ void* _calloc_r(struct _reent* unused, size_t count, size_t size) return ret; } - -#define PTR_CHECK__LOG_LAST_FAIL(p, s, a) \ - if(0 != (s) && 0 == p)\ - {\ - umm_last_fail_alloc_addr = a;\ - umm_last_fail_alloc_size = s;\ - } - #ifdef DEBUG_ESP_OOM #undef malloc #undef calloc @@ -128,6 +127,8 @@ static const char oom_fmt_2[] PROGMEM STORE_ATTR = ":%d\n"; void ICACHE_RAM_ATTR print_loc(size_t size, const char* file, int line) { + (void)size; + (void)line; if (system_get_os_print()) { DBGLOG_FUNCTION_P(oom_fmt_1, (int)size); DBGLOG_FUNCTION_P(file); diff --git a/cores/esp8266/umm_malloc/isr_safe_printf.cpp b/cores/esp8266/umm_malloc/isr_safe_printf.cpp index d6053477b7..b31dd1ab91 100644 --- a/cores/esp8266/umm_malloc/isr_safe_printf.cpp +++ b/cores/esp8266/umm_malloc/isr_safe_printf.cpp @@ -61,7 +61,7 @@ #include #include #include - +#include "umm_malloc_cfg.h" extern "C" { #if defined(DEBUG_ESP_PORT) || defined(DEBUG_ESP_OOM) || defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) diff --git a/cores/esp8266/umm_malloc/umm_malloc.cpp b/cores/esp8266/umm_malloc/umm_malloc.cpp index 665a8ac789..6071b2de60 100644 --- a/cores/esp8266/umm_malloc/umm_malloc.cpp +++ b/cores/esp8266/umm_malloc/umm_malloc.cpp @@ -836,7 +836,7 @@ void *umm_realloc( void *ptr, size_t size ) { } else if ((blockSize + nextBlockSize) >= blocks) { // 3 DBGLOG_DEBUG( "realloc using next block - %d\n", blocks ); umm_assimilate_up( c ); - STATS__FREE_BLOCKS_UPDATE(-nextBlockSize); + STATS__FREE_BLOCKS_UPDATE( - nextBlockSize ); blockSize += nextBlockSize; } else { // 4 DBGLOG_DEBUG( "realloc a completely new block %d\n", blocks ); diff --git a/cores/esp8266/umm_malloc/umm_malloc_cfg.h b/cores/esp8266/umm_malloc/umm_malloc_cfg.h index 55e3527f83..301c6e6ada 100644 --- a/cores/esp8266/umm_malloc/umm_malloc_cfg.h +++ b/cores/esp8266/umm_malloc/umm_malloc_cfg.h @@ -551,7 +551,6 @@ int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2) #define DBGLOG_FUNCTION(fmt, ...) printf(PSTR(fmt), ##__VA_ARGS__) #define DBGLOG_FUNCTION_P(fmt, ...) printf_P(fmt, ##__VA_ARGS__) #endif - //C What about printing from umm_info - does it need to be ISR safe ///////////////////////////////////////////////// From 9fcf27b084b59002ee9b1036307cd2f987c2071c Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Sun, 8 Sep 2019 21:15:39 -0700 Subject: [PATCH 10/27] Fixed realloc OOM bug introduced due to confusing code, added comment for future. umm_info(NULL, true) is now treated as a debug option that is enabled by Arduino IDE->tools `Debug port: "Serial"`, etc. It now prints when DEBUG_ESP_PORT or UMM_INFO_PRINT are defined. Cleanup comments and some conditionals. --- cores/esp8266/heap.cpp | 4 +-- cores/esp8266/umm_malloc/isr_safe_printf.cpp | 2 +- cores/esp8266/umm_malloc/umm_local.h | 8 +++++ cores/esp8266/umm_malloc/umm_malloc.cpp | 16 +++++++--- cores/esp8266/umm_malloc/umm_malloc_cfg.h | 31 +++++++++++++++++--- 5 files changed, 50 insertions(+), 11 deletions(-) diff --git a/cores/esp8266/heap.cpp b/cores/esp8266/heap.cpp index 4846d4f60b..c36c5d37a2 100644 --- a/cores/esp8266/heap.cpp +++ b/cores/esp8266/heap.cpp @@ -142,8 +142,8 @@ void ICACHE_RAM_ATTR print_loc(size_t size, const char* file, int line) #else // ! DEBUG_ESP_OOM #if 1 -//C Skip OOM check of pvPort... . It cost 64 more bytes of IRAM to turn on. -//C Was not previously enabled. +//C Skip OOM logging of last fail for malloc/... and pvPort... . +//C It cost 64 more bytes of IRAM to turn on. And was not previously enabled. #undef PTR_CHECK__LOG_LAST_FAIL #define PTR_CHECK__LOG_LAST_FAIL(p, s, a) #endif diff --git a/cores/esp8266/umm_malloc/isr_safe_printf.cpp b/cores/esp8266/umm_malloc/isr_safe_printf.cpp index b31dd1ab91..109539deb4 100644 --- a/cores/esp8266/umm_malloc/isr_safe_printf.cpp +++ b/cores/esp8266/umm_malloc/isr_safe_printf.cpp @@ -64,7 +64,7 @@ #include "umm_malloc_cfg.h" extern "C" { -#if defined(DEBUG_ESP_PORT) || defined(DEBUG_ESP_OOM) || defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) +#if defined(DEBUG_ESP_ISR) int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2))); // Note, _isr_safe_printf_P will not handle additional string arguments in diff --git a/cores/esp8266/umm_malloc/umm_local.h b/cores/esp8266/umm_malloc/umm_local.h index 54c6c70289..2ee54ccf59 100644 --- a/cores/esp8266/umm_malloc/umm_local.h +++ b/cores/esp8266/umm_malloc/umm_local.h @@ -13,6 +13,14 @@ #define memmove ets_memmove #define memset ets_memset +#if !defined(UMM_INFO_PRINT) +/* This will stop umm_info from printing. + * At this time DBGLOG_FORCE is only used by umm_info. + */ +#undef DBGLOG_FORCE +#define DBGLOG_FORCE(force, format, ...) {(void)force; (void)format;} +#endif + #if defined(DEBUG_ESP_OOM) || defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) || defined(UMM_INTEGRITY_CHECK) #else diff --git a/cores/esp8266/umm_malloc/umm_malloc.cpp b/cores/esp8266/umm_malloc/umm_malloc.cpp index 6071b2de60..65eb74be0c 100644 --- a/cores/esp8266/umm_malloc/umm_malloc.cpp +++ b/cores/esp8266/umm_malloc/umm_malloc.cpp @@ -771,12 +771,15 @@ void *umm_realloc( void *ptr, size_t size ) { memcpy( ptr, oldptr, curSize ); UMM_CRITICAL_RESUME(id_realloc); umm_free_core( oldptr ); - blockSize = blocks; } else { DBGLOG_DEBUG( "realloc %i to a bigger block %i failed - return NULL and leave the old block!\n", blockSize, blocks ); /* This space intentionally left blnk */ STATS__OOM_UPDATE(); } + /* This is not accurate for OOM case; however, it will work for + * stopping a call to free before return. + */ + blockSize = blocks; } #elif defined(UMM_REALLOC_DEFRAG) /* @@ -847,12 +850,15 @@ void *umm_realloc( void *ptr, size_t size ) { memcpy( ptr, oldptr, curSize ); UMM_CRITICAL_RESUME(id_realloc); umm_free_core( oldptr); - blockSize = blocks; } else { DBGLOG_DEBUG( "realloc %d to a bigger block %d failed - return NULL and leave the old block!\n", blockSize, blocks ); /* This space intentionally left blnk */ STATS__OOM_UPDATE(); } + /* This is not accurate for OOM case; however, it will work for + * stopping a call to free before return. + */ + blockSize = blocks; } #else #warning "Neither UMM_REALLOC_DEFRAG nor UMM_REALLOC_MINIMIZE_COPY is defined - check umm_malloc_cfg.h" @@ -869,13 +875,15 @@ void *umm_realloc( void *ptr, size_t size ) { memcpy( ptr, oldptr, curSize ); UMM_CRITICAL_RESUME(id_realloc); umm_free_core( oldptr ); - blockSize = blocks; } else { DBGLOG_DEBUG( "realloc %d to a bigger block %d failed - return NULL and leave the old block!\n", blockSize, blocks ); /* This space intentionally left blnk */ - UMM_CRITICAL_RESUME(id_realloc); STATS__OOM_UPDATE(); } + /* This is not accurate for OOM case; however, it will work for + * stopping a call to free before return. + */ + blockSize = blocks; } #endif /* Now all we need to do is figure out if the block fit exactly or if we diff --git a/cores/esp8266/umm_malloc/umm_malloc_cfg.h b/cores/esp8266/umm_malloc/umm_malloc_cfg.h index 301c6e6ada..5dc19f1ec3 100644 --- a/cores/esp8266/umm_malloc/umm_malloc_cfg.h +++ b/cores/esp8266/umm_malloc/umm_malloc_cfg.h @@ -114,6 +114,23 @@ extern char _heap_start[]; #else #endif +/* + * -D UMM_INFO_PRINT + * + * umm_info(NULL, true) is used to print a debug view of heap information to the + * debug port. It has to walk the heap and print out information while in a + * critical section. This requires that the print function be able to print w/o + * doing malloc calls and from an IRQ disabled context. This requires extra IRAM + * based code for printing. Without this define `umm_info(NULL, true)` will + * not print. + * + * UMM_INFO_PRINT is enabled as part of selecting `Debug port: "Serial" or + * "Serial1"`. To make available all the time use '-D UMM_INFO_PRINT`. + */ +#if defined(DEBUG_ESP_PORT) && !defined(UMM_INFO_PRINT) +#define UMM_INFO_PRINT +#endif + /* * -D UMM_STATS : * @@ -541,17 +558,23 @@ static inline void _critical_exit(UMM_TIME_STAT *p, uint32_t *saved_ps) { #undef DBGLOG_FUNCTION #undef DBGLOG_FUNCTION_P -#if defined(DEBUG_ESP_PORT) || defined(DEBUG_ESP_OOM) || defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) +#if defined(DEBUG_ESP_PORT) || defined(DEBUG_ESP_OOM) || \ + defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) || \ + defined(UMM_INFO_PRINT) || defined(UMM_INTEGRITY_CHECK) + +#ifndef DEBUG_ESP_ISR +#define DEBUG_ESP_ISR +#endif + int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2))); // Note, _isr_safe_printf_P will not handle additional string arguments in // PROGMEM. Only the 1st parameter, fmt, is supported in PROGMEM. #define DBGLOG_FUNCTION(fmt, ...) _isr_safe_printf_P(PSTR(fmt), ##__VA_ARGS__) #define DBGLOG_FUNCTION_P(fmt, ...) _isr_safe_printf_P(fmt, ##__VA_ARGS__) #else -#define DBGLOG_FUNCTION(fmt, ...) printf(PSTR(fmt), ##__VA_ARGS__) -#define DBGLOG_FUNCTION_P(fmt, ...) printf_P(fmt, ##__VA_ARGS__) +#define DBGLOG_FUNCTION(fmt, ...) do { (void)fmt; } while(false) +#define DBGLOG_FUNCTION_P(fmt, ...) do { (void)fmt; } while(false) #endif -//C What about printing from umm_info - does it need to be ISR safe ///////////////////////////////////////////////// From f438e025283bfa7cd040ae53f368f0fae3df4883 Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Fri, 27 Sep 2019 15:43:21 -0700 Subject: [PATCH 11/27] Updated to track PRs for various print definitions. Cleaned up comments --- cores/esp8266/umm_malloc/isr_safe_printf.cpp | 82 +------------------- cores/esp8266/umm_malloc/isr_safe_printf.h | 20 +++++ cores/esp8266/umm_malloc/umm_malloc.cpp | 45 ++++++++++- cores/esp8266/umm_malloc/umm_malloc_cfg.h | 10 +-- 4 files changed, 71 insertions(+), 86 deletions(-) create mode 100644 cores/esp8266/umm_malloc/isr_safe_printf.h diff --git a/cores/esp8266/umm_malloc/isr_safe_printf.cpp b/cores/esp8266/umm_malloc/isr_safe_printf.cpp index 109539deb4..4edf684026 100644 --- a/cores/esp8266/umm_malloc/isr_safe_printf.cpp +++ b/cores/esp8266/umm_malloc/isr_safe_printf.cpp @@ -6,57 +6,6 @@ * * Still researching options for printing. */ - -/* - Printing from the malloc routines is tricky. Since a print library - might call *alloc. Then recusion may follow as each error call may fail - into another error and so on. - - Objective: To be able to print "last gasp" diagnostic messages - when interrupts are disabled and w/o availability of heap resources. - - Considerations: - * can be called from ISR - * can be called from malloc code, cannot use malloc - * can be called from malloc code that was called from an ISR - * can be called from with in a critical section, eg. xt_rsil(15); - * this may be effectively the same as being called from an ISR? - - Knowns: - * ets_printf - For RTOS SDK they replaced this function with one in the SDK. - Most of the problems I can see with ets_printf center around not being - able to maintain a port to thread context. That is you cannot have one - thread using one port while another thread uses the other. In the no OS - case we cannot have one area of code using one port and another area of - code using the other port. Most of the ROM printf functions are not built - to support this kind of usage. Things get especially dangerous when you - try to use the ...external_printf stuff. - * ets_vprintf - by itself is safe. - * newlibc printf - not safe - lives in flash. - * newlibc snprintf - not safe - lives in flash. - * builtin putc1 print function - Is installed when you use - ets_install_uart_printf. Which calls ets_install_putc1. The selection of UART - is performed by calling uart_buff_switch with 0 for UART0 and 1 for UART1. - This should work for our purpose here, if handled as follows: - * call uart_buff_switch at each printf call to reselect UART - * use a stack buffer to hold a copy the PROGMEM string to print from. - * use ets_vprintf for printing with putc1 function. - * os_printf_plus looks interesting. It is in IRAM. If no heap is available it - will use up to 64 bytes of stack space to copy a PROGMEM fmt for printing. - Issues: - * Printing is turned off by system_set_os_print - * putc1 needs to be in IRAM - this is a uart.cpp issue - * Need to force system_get_free_heap_size to return 0 during critical periods. - * won't work for umm_info it prints over 64 characters. - * along with umm_info there are other debug messages that exceed 64 characters. - - Research TODO, Unknowns: - * Is there a problem with the ROM "serial print functions"? - Rtos SDK does not use them. igrr also didn't use them in ...postmortem. - See "ets_printf" above. - - */ - #include #include #include @@ -66,36 +15,8 @@ extern "C" { #if defined(DEBUG_ESP_ISR) -int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2))); -// Note, _isr_safe_printf_P will not handle additional string arguments in -// PROGMEM. Only the 1st parameter, fmt, is supported in PROGMEM. -#define ISR_PRINTF(fmt, ...) _isr_safe_printf_P(PSTR(fmt), ##__VA_ARGS__) -#define ISR_PRINTF_P(fmt, ...) _isr_safe_printf_P(fmt, ##__VA_ARGS__) - -// Boot ROM _putc1, ignores CRs and sends CR/LF for LF, newline. -// Always returns character sent. -typedef int (*fp_putc_t)(int); -#define _rom_putc1 ((fp_putc_t)0x40001dcc) - -void uart_buff_switch(uint8_t); - int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2))); int ICACHE_RAM_ATTR _isr_safe_printf_P(const char *fmt, ...) { - -//C This #ifdef block is obsolete if the PR for ets_putc UART selection is approved. -#ifdef DEBUG_ESP_PORT -#define VALUE(x) __STRINGIFY(x) - // Preprocessor and compiler together will optimize away the if. - if (strcmp("Serial1", VALUE(DEBUG_ESP_PORT)) == 0) { - uart_buff_switch(1U); - } else { - uart_buff_switch(0U); - } -#else - uart_buff_switch(0U); // Side effect, clears RX FIFO -#endif -//C - end - /* To use ets_strlen() and ets_memcpy() safely with PROGMEM, flash storage, the PROGMEM address must be word (4 bytes) aligned. The destination @@ -109,10 +30,11 @@ int ICACHE_RAM_ATTR _isr_safe_printf_P(const char *fmt, ...) { ets_memcpy(ram_buf, fmt, buf_len); va_list argPtr; va_start(argPtr, fmt); - int result = ets_vprintf(_rom_putc1, ram_buf, argPtr); + int result = ets_vprintf(ets_uart_putc1, ram_buf, argPtr); va_end(argPtr); return result; } + #endif }; diff --git a/cores/esp8266/umm_malloc/isr_safe_printf.h b/cores/esp8266/umm_malloc/isr_safe_printf.h new file mode 100644 index 0000000000..a8db93fdbb --- /dev/null +++ b/cores/esp8266/umm_malloc/isr_safe_printf.h @@ -0,0 +1,20 @@ +#ifndef ISR_SAFE_PRINTF_H +#define ISR_SAFE_PRINTF_H +#include +#include +#include + +extern "C" { +/* + ISR Safe to call for debugging. Not really safe to use all the time. The + problem is going over 10us with interrupts disabled. It takes 86.8us to send + one 8 bit character with start and stop bit at 115200 bps. +*/ +int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2))); +// Note, _isr_safe_printf_P will not handle additional string arguments in +// PROGMEM. Only the 1st parameter, fmt, is supported in PROGMEM. +#define ISR_PRINTF(fmt, ...) _isr_safe_printf_P(PSTR(fmt), ##__VA_ARGS__) +#define ISR_PRINTF_P(fmt, ...) _isr_safe_printf_P(fmt, ##__VA_ARGS__) +} + +#endif \ No newline at end of file diff --git a/cores/esp8266/umm_malloc/umm_malloc.cpp b/cores/esp8266/umm_malloc/umm_malloc.cpp index 65eb74be0c..1efdc814ab 100644 --- a/cores/esp8266/umm_malloc/umm_malloc.cpp +++ b/cores/esp8266/umm_malloc/umm_malloc.cpp @@ -42,7 +42,7 @@ * Renamed to umm_malloc.cpp * * Added `extern "C" { ...b};` around code. - + * * Surround DBGLOG_LEVEL with #ifndef... Now defined value in umm_malloc_cfg.h * * umm_free() - moved critical section to start after safe calculations. @@ -86,6 +86,11 @@ * * Globally change across all files %i to %d: umm_info.c, umm_malloc.c, * + * Added a #ifdef BUILD_UMM_MALLOC_C fence to prevent Arduino IDE from building + * the various .c files that are #included into umm_malloc.cpp. They are + * normally enabled by #define in umm_malloc_cfg.h. In this + * case it builds fine; however, if the define is global, the IDE will try and + * build the .c by itself. * * Notes, * @@ -128,7 +133,45 @@ * may have been an accident during code cleanup. * */ +/* This block will be used for the PR description: + +This updates the heap management library, umm_malloc, to the current upstream +version at https://github.com/rhempel/umm_malloc. Some reorganizing and new code +was needed to use the new version. + +This is a list of note worthy changes: + +UMM_POISON - now has a lite option as well as the previous intensive check +option. The code for running the full poison test at the call of the various +alloc functions was removed in the upstream version. In this port the missing +code was added to heap.cpp and umm_local.cpp. +* UMM_POISON - appears to have been partially changed to UMM_POISON_CHECK, + I treat it as depricated and used UMM_POISON_CHECK, when needed. + However, the Arduino Core's references to UMM_POISON were replaced with + UMM_POISON_CHECK_LITE. +* UMM_POISON_CHECK_LITE - Less intense, it just checks poison on active + neighboring allocations. +* UMM_POISON_CHECK - Full heap intensive check of poison + +UMM_INFO_PRINT - This new define makes building UMM_INFO with printing +capability, optional. When umm_info(NULL, true) is used to print a debug view of +heap information to the debug port, it has to walk the heap and print out +information, while in a critical section. This requires that the print function +be able to print w/o doing malloc calls and from an IRQ disabled context. It +also requires more IRAM to handle printing. Without this define +`umm_info(NULL, true)` will not print. +* UMM_INFO_PRINT is enabled as part of selecting `Debug port: "Serial" or +* "Serial1"`. To make available all the time use '-D UMM_INFO_PRINT`. + +A cautionary note, on the use of UMM_INTEGRITY_CHECK, UMM_POISON_CHECK, and +UMM_INFO_PRINT. All of these run with IRQs disabled, for periods that can go +into 100's of us. With umm_info(NULL, true) that may go into seconds, depending +on the serial interface speed and the number of memory allocations present. Use +UMM_INTEGRITY_CHECK, UMM_POISON_CHECK, and UMM_INFO_PRINT sparingly. +If you want to see numbers for the disabled time, explore using +UMM_CRITICAL_METRICS in umm_malloc_cfg.h. + */ /* * Added for using with Arduino ESP8266 and handling renameing to umm_malloc.cpp diff --git a/cores/esp8266/umm_malloc/umm_malloc_cfg.h b/cores/esp8266/umm_malloc/umm_malloc_cfg.h index 5dc19f1ec3..0aa51abdda 100644 --- a/cores/esp8266/umm_malloc/umm_malloc_cfg.h +++ b/cores/esp8266/umm_malloc/umm_malloc_cfg.h @@ -10,6 +10,7 @@ #include #include +#include "isr_safe_printf.h" #ifdef __cplusplus extern "C" { @@ -566,11 +567,10 @@ static inline void _critical_exit(UMM_TIME_STAT *p, uint32_t *saved_ps) { #define DEBUG_ESP_ISR #endif -int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2))); -// Note, _isr_safe_printf_P will not handle additional string arguments in +// Note, ISR_PRINTF_P will not handle additional string arguments in // PROGMEM. Only the 1st parameter, fmt, is supported in PROGMEM. -#define DBGLOG_FUNCTION(fmt, ...) _isr_safe_printf_P(PSTR(fmt), ##__VA_ARGS__) -#define DBGLOG_FUNCTION_P(fmt, ...) _isr_safe_printf_P(fmt, ##__VA_ARGS__) +#define DBGLOG_FUNCTION(fmt, ...) ISR_PRINTF(fmt, ##__VA_ARGS__) +#define DBGLOG_FUNCTION_P(fmt, ...) ISR_PRINTF_P(fmt, ##__VA_ARGS__) #else #define DBGLOG_FUNCTION(fmt, ...) do { (void)fmt; } while(false) #define DBGLOG_FUNCTION_P(fmt, ...) do { (void)fmt; } while(false) @@ -668,7 +668,7 @@ void ICACHE_RAM_ATTR vPortFree(void *ptr, const char* file, int line); /* Problem, I would like to report the file and line number with the umm poison event as close as possible to the event. The #define method works for malloc, - calloc, and realloc those names are not as generic as free. A #define free + calloc, and realloc those names are not as generic as "free". A #define free captures too much. Classes with methods called free are included :( Inline functions would report the address of the inline function in the .h not where they are called. From 35c6868ba6afc8abddf13a6e419fefa402d76c4a Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Sat, 28 Sep 2019 09:23:40 -0700 Subject: [PATCH 12/27] Added missing "#ifdef __cplusplus" --- cores/esp8266/umm_malloc/isr_safe_printf.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/cores/esp8266/umm_malloc/isr_safe_printf.h b/cores/esp8266/umm_malloc/isr_safe_printf.h index a8db93fdbb..fb785102f4 100644 --- a/cores/esp8266/umm_malloc/isr_safe_printf.h +++ b/cores/esp8266/umm_malloc/isr_safe_printf.h @@ -4,7 +4,10 @@ #include #include +#ifdef __cplusplus extern "C" { +#endif + /* ISR Safe to call for debugging. Not really safe to use all the time. The problem is going over 10us with interrupts disabled. It takes 86.8us to send @@ -15,6 +18,9 @@ int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2) // PROGMEM. Only the 1st parameter, fmt, is supported in PROGMEM. #define ISR_PRINTF(fmt, ...) _isr_safe_printf_P(PSTR(fmt), ##__VA_ARGS__) #define ISR_PRINTF_P(fmt, ...) _isr_safe_printf_P(fmt, ##__VA_ARGS__) + +#ifdef __cplusplus } +#endif #endif \ No newline at end of file From 47563cdf9165fd8c79423f600babf0783f01543a Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Sun, 29 Sep 2019 13:23:21 -0700 Subject: [PATCH 13/27] Reorganize local enhancements More comment cleanups Added Status TODOs marks for upstream --- cores/esp8266/umm_malloc/umm_info.c | 29 +------- cores/esp8266/umm_malloc/umm_local.c | 45 +++++++++++- cores/esp8266/umm_malloc/umm_local.h | 4 + cores/esp8266/umm_malloc/umm_malloc.cpp | 17 ++--- cores/esp8266/umm_malloc/umm_malloc_cfg.h | 90 ++++++++++++----------- 5 files changed, 101 insertions(+), 84 deletions(-) diff --git a/cores/esp8266/umm_malloc/umm_info.c b/cores/esp8266/umm_malloc/umm_info.c index 10d503aff5..96a0f89bee 100644 --- a/cores/esp8266/umm_malloc/umm_info.c +++ b/cores/esp8266/umm_malloc/umm_info.c @@ -157,18 +157,8 @@ void *umm_info( void *ptr, int force ) { } DBGLOG_FORCE( force, "+--------------------------------------------------------------+\n" ); - DBGLOG_FORCE( force, "umm heap statistics:\n"); - DBGLOG_FORCE( force, " Free Space %5u\n", ummStats.free_blocks * sizeof(umm_block)); -#if defined(UMM_STATS_FULL) - DBGLOG_FORCE( force, " Low Watermark %5u\n", ummStats.free_blocks_min * sizeof(umm_block)); - DBGLOG_FORCE( force, " Low Watermark ISR %5u\n", ummStats.free_blocks_isr_min * sizeof(umm_block)); - DBGLOG_FORCE( force, " MAX Alloc Request %5u\n", ummStats.alloc_max_size); - DBGLOG_FORCE( force, " OOM Count %5u\n", ummStats.oom_count); + print_stats(force); #endif - DBGLOG_FORCE( force, " Size of umm_block %5u\n", sizeof(umm_block)); - DBGLOG_FORCE( force, "+--------------------------------------------------------------+\n" ); -#endif - /* Release the critical section... */ UMM_CRITICAL_EXIT(id_info); @@ -178,7 +168,7 @@ void *umm_info( void *ptr, int force ) { /* ------------------------------------------------------------------------ */ -size_t umm_free_heap_size_info( void ) { +size_t umm_free_heap_size( void ) { umm_info(NULL, 0); return (size_t)ummHeapInfo.freeBlocks * sizeof(umm_block); } @@ -189,22 +179,7 @@ size_t umm_max_block_size( void ) { } /* ------------------------------------------------------------------------ */ -#endif -#if defined(UMM_STATS) || defined(UMM_INFO) -size_t umm_block_size( void ) { - return sizeof(umm_block); -} -#endif - -#if defined(UMM_STATS) || defined(UMM_STATS_FULL) - -UMM_STATISTICS ummStats; - -// Complete call path in IRAM -size_t umm_free_heap_size_lw( void ) { - return (size_t)ummStats.free_blocks * sizeof(umm_block); -} #endif #endif // defined(BUILD_UMM_MALLOC_C) diff --git a/cores/esp8266/umm_malloc/umm_local.c b/cores/esp8266/umm_malloc/umm_local.c index b5ee4eb99d..7aec30b41d 100644 --- a/cores/esp8266/umm_malloc/umm_local.c +++ b/cores/esp8266/umm_malloc/umm_local.c @@ -149,12 +149,51 @@ void umm_poison_free_fl(void *ptr, const char* file, int line) { } #endif +/* ------------------------------------------------------------------------ */ + +#if defined(UMM_STATS) || defined(UMM_STATS_FULL) || defined(UMM_INFO) +size_t umm_block_size( void ) { + return sizeof(umm_block); +} +#endif + +#if defined(UMM_STATS) || defined(UMM_STATS_FULL) +UMM_STATISTICS ummStats; + +// Keep complete call path in IRAM +size_t umm_free_heap_size_lw( void ) { + return (size_t)ummStats.free_blocks * sizeof(umm_block); +} +#endif + +/* + I assume xPortGetFreeHeapSize needs to be in IRAM. Since + system_get_free_heap_size is in IRAM. Which would mean, umm_free_heap_size() + in flash, was not a safe alternative for returning the same information. +*/ #if defined(UMM_STATS) || defined(UMM_STATS_FULL) -size_t umm_free_heap_size( void ) __attribute__ ((alias("umm_free_heap_size_lw"))); size_t xPortGetFreeHeapSize(void) __attribute__ ((alias("umm_free_heap_size_lw"))); #elif defined(UMM_INFO) -size_t umm_free_heap_size( void ) __attribute__ ((alias("umm_free_heap_size_info"))); -size_t xPortGetFreeHeapSize(void) __attribute__ ((alias("umm_free_heap_size_info"))); +#warning "No ISR safe function available to implement xPortGetFreeHeapSize()" +size_t xPortGetFreeHeapSize(void) __attribute__ ((alias("umm_free_heap_size"))); #endif +#if defined(UMM_STATS) || defined(UMM_STATS_FULL) +void print_stats(int force) { + DBGLOG_FORCE( force, "umm heap statistics:\n"); + DBGLOG_FORCE( force, " Free Space %5u\n", ummStats.free_blocks * sizeof(umm_block)); + DBGLOG_FORCE( force, " OOM Count %5u\n", ummStats.oom_count); +#if defined(UMM_STATS_FULL) + DBGLOG_FORCE( force, " Low Watermark %5u\n", ummStats.free_blocks_min * sizeof(umm_block)); + DBGLOG_FORCE( force, " Low Watermark ISR %5u\n", ummStats.free_blocks_isr_min * sizeof(umm_block)); + DBGLOG_FORCE( force, " MAX Alloc Request %5u\n", ummStats.alloc_max_size); +#endif + DBGLOG_FORCE( force, " Size of umm_block %5u\n", sizeof(umm_block)); + DBGLOG_FORCE( force, "+--------------------------------------------------------------+\n" ); +} #endif + + +#endif // BUILD_UMM_MALLOC_C + + diff --git a/cores/esp8266/umm_malloc/umm_local.h b/cores/esp8266/umm_malloc/umm_local.h index 2ee54ccf59..2c66e22d63 100644 --- a/cores/esp8266/umm_malloc/umm_local.h +++ b/cores/esp8266/umm_malloc/umm_local.h @@ -34,4 +34,8 @@ static int check_poison_neighbors( unsigned short cur ); #endif +#if defined(UMM_STATS) || defined(UMM_STATS_FULL) +void ICACHE_FLASH_ATTR print_stats(int force); +#endif + #endif diff --git a/cores/esp8266/umm_malloc/umm_malloc.cpp b/cores/esp8266/umm_malloc/umm_malloc.cpp index 1efdc814ab..185478004b 100644 --- a/cores/esp8266/umm_malloc/umm_malloc.cpp +++ b/cores/esp8266/umm_malloc/umm_malloc.cpp @@ -41,15 +41,10 @@ * In umm_malloc.c * Renamed to umm_malloc.cpp * - * Added `extern "C" { ...b};` around code. + * Added `extern "C" { ... };` around code. * - * Surround DBGLOG_LEVEL with #ifndef... Now defined value in umm_malloc_cfg.h - * - * umm_free() - moved critical section to start after safe calculations. - * - * umm_malloc() - moved critical section to start after umm_blocks() - * computations are based on constants that don't change, calling - * argument excepted. + * Surround DBGLOG_LEVEL with #ifndef... Define value of DBGLOG_LEVEL + * from umm_malloc_cfg.h * * umm_realloc() - Added UMM_CRITICAL_SUSPEND()/UMM_CRITICAL_RESUME() for * when lightweight locks are available. eg. sti/cli. Single threaded @@ -119,7 +114,7 @@ * add to list to report. */ /* - * Current Deltas from the old umm_malloc + * New upstream umm_malloc feature delta's from the old umm_malloc we were using: * * umm_posion check for a given *alloc - failure - no longer panics. * @@ -132,8 +127,10 @@ * Defragmenting effect of realloc is gone. It now minimizes copy. This * may have been an accident during code cleanup. * + * In one form or another these features have been restored in the + * reintegration of the upstream umm_malloc into the Arduino ESP8266 Core. */ -/* This block will be used for the PR description: +/* This block will be used for the non-WIP PR description: This updates the heap management library, umm_malloc, to the current upstream version at https://github.com/rhempel/umm_malloc. Some reorganizing and new code diff --git a/cores/esp8266/umm_malloc/umm_malloc_cfg.h b/cores/esp8266/umm_malloc/umm_malloc_cfg.h index 0aa51abdda..fd037bba72 100644 --- a/cores/esp8266/umm_malloc/umm_malloc_cfg.h +++ b/cores/esp8266/umm_malloc/umm_malloc_cfg.h @@ -108,10 +108,8 @@ extern char _heap_start[]; extern UMM_HEAP_INFO ummHeapInfo; void ICACHE_FLASH_ATTR *umm_info( void *ptr, int force ); - size_t ICACHE_FLASH_ATTR umm_free_heap_size_info( void ); + size_t ICACHE_FLASH_ATTR umm_free_heap_size( void ); size_t ICACHE_FLASH_ATTR umm_max_block_size( void ); - size_t ICACHE_FLASH_ATTR umm_block_size( void ); - #else #endif @@ -127,13 +125,16 @@ extern char _heap_start[]; * * UMM_INFO_PRINT is enabled as part of selecting `Debug port: "Serial" or * "Serial1"`. To make available all the time use '-D UMM_INFO_PRINT`. + * + * Status: Local Enhancement - addresses platform specific issue. */ -#if defined(DEBUG_ESP_PORT) && !defined(UMM_INFO_PRINT) +#if defined(DEBUG_ESP_PORT) && !defined(UMM_INFO_PRINT) && defined(UMM_INFO) #define UMM_INFO_PRINT #endif /* * -D UMM_STATS : + * -D UMM_STATS_FULL * * This option provides a lightweight alternative to using `umm_info` just for * getting `umm_free_heap_size`. With this option, a "free blocks" value is @@ -144,18 +145,31 @@ extern char _heap_start[]; * example is when an app closely monitors free heap to detect memory leaks. In * this case a single-core CPUs interrupt processing would have suffered the * most. + * + * UMM_STATS_FULL provides additional heap statistics. It can be used to gain + * additional insight into heap usage. This option would add an additional 132 + * bytes of IRAM. + * + * Status: TODO: Needs to be proposed for upstream. */ /* #define UMM_STATS #define UMM_STATS_FULL */ -#if defined(DEBUG_ESP_PORT) && !defined(UMM_STATS) && !defined(UMM_STATS_FULL) -#define UMM_STATS_FULL -#elif !defined(UMM_STATS) && !defined(UMM_STATS_FULL) +/* + * For the ESP8266 we want at lest UMM_STATS built, so we have an ISR safe + * function to call for implementing xPortGetFreeHeapSize(), because umm_info() + * is in flash. + */ +#if !defined(UMM_STATS) && !defined(UMM_STATS_FULL) #define UMM_STATS #endif +#if defined(UMM_STATS) && defined(UMM_STATS_FULL) +#undef UMM_STATS +#endif + #if defined(UMM_STATS) || defined(UMM_STATS_FULL) typedef struct UMM_STATISTICS_t { @@ -191,6 +205,10 @@ static inline size_t ICACHE_FLASH_ATTR umm_get_oom_count( void ) { #define STATS__OOM_UPDATE() (void)0 #endif +#if defined(UMM_STATS) || defined(UMM_STATS_FULL) || defined(UMM_INFO) +size_t ICACHE_FLASH_ATTR umm_block_size( void ); +#endif + #ifdef UMM_STATS_FULL #define STATS__FREE_BLOCKS_MIN() \ do { \ @@ -285,10 +303,6 @@ static inline size_t ICACHE_FLASH_ATTR umm_get_free_null_count( void ) { #define STATS__FREE_REQUEST(tag) (void)0 #endif -#if defined(UMM_STATS) || defined(UMM_STATS_FULL) || defined(UMM_INFO) -size_t umm_free_heap_size( void ); -#endif - /* Per Devyte, the core currently doesn't support masking a specific interrupt level. That doesn't mean it can't be implemented, only that at this time @@ -306,11 +320,12 @@ size_t umm_free_heap_size( void ); * * Build option to collect timing usage data on critical section usage in * functions: info, malloc, realloc. Collects MIN, MAX, and number of time IRQs - * were disabled at request time. Note, for realloc MAX disabled time will not - * include the time from calling malloc and/or free when UMM_LIGHTWEIGHT_CPU is - * defined. Examine code for specifics on what info is available and how to - * access. -*/ + * were disabled at request time. Note, for realloc MAX disabled time will + * include the time spent in calling malloc and/or free. Examine code for + * specifics on what info is available and how to access. + * + * Status: TODO: Needs to be proposed for upstream. + */ /* #define UMM_CRITICAL_METRICS */ @@ -402,11 +417,12 @@ static inline void _critical_exit(UMM_TIME_STAT *p, uint32_t *saved_ps) { * UMM_CRITICAL_SUSPEND and UMM_CRITICAL_RESUME to the values of * UMM_CRITICAL_EXIT and UMM_CRITICAL_ENTRY. These additional exit/entries * allow time to service interrupts during the reentrant sections of the code. - * Also, using these macros will relieve the nesting requirement. * - * These macros should probably not be used on multicore CPUs. Hardware locking - * methods sometimes carry higher overhead and may not be suitable for frequent - * calling. + * Performance may be impacked if used with multicore CPUs. The higher frquency + * of locking and unlocking may be an issue with locking methods that have a + * high overhead. + * + * Status: TODO: Needs to be proposed for upstream. */ /* */ @@ -428,6 +444,10 @@ static inline void _critical_exit(UMM_TIME_STAT *p, uint32_t *saved_ps) { * shrinks an allocation, avoiding copy when possible. UMM_REALLOC_DEFRAG gives * priority with growing the revised allocation toward an adjacent hole in the * direction of the beginning of the heap when possible. + * + * Status: TODO: These are new options introduced to optionally restore the + * previous defrag propery of realloc. The issue has been raised in the upstream + * repo. No response at this time. Based on response, may propose for upstream. */ /* #define UMM_REALLOC_MINIMIZE_COPY @@ -503,6 +523,11 @@ static inline void _critical_exit(UMM_TIME_STAT *p, uint32_t *saved_ps) { * include its nearest allocated neighbors in the heap. * umm_malloc() will also checks the neighbors of the selected allocation * before use. + * + * Status: TODO?: UMM_POISON_CHECK_LITE is a new option. We could propose for + * upstream; however, the upstream version has much of the framework for calling + * poison check on each alloc call refactored out. Not sure how this will be + * received. */ /* @@ -571,6 +596,7 @@ static inline void _critical_exit(UMM_TIME_STAT *p, uint32_t *saved_ps) { // PROGMEM. Only the 1st parameter, fmt, is supported in PROGMEM. #define DBGLOG_FUNCTION(fmt, ...) ISR_PRINTF(fmt, ##__VA_ARGS__) #define DBGLOG_FUNCTION_P(fmt, ...) ISR_PRINTF_P(fmt, ##__VA_ARGS__) + #else #define DBGLOG_FUNCTION(fmt, ...) do { (void)fmt; } while(false) #define DBGLOG_FUNCTION_P(fmt, ...) do { (void)fmt; } while(false) @@ -646,38 +672,14 @@ void* ICACHE_RAM_ATTR pvPortMalloc(size_t size, const char* file, int line); void* ICACHE_RAM_ATTR pvPortCalloc(size_t count, size_t size, const char* file, int line); void* ICACHE_RAM_ATTR pvPortRealloc(void *ptr, size_t size, const char* file, int line); void* ICACHE_RAM_ATTR pvPortZalloc(size_t size, const char* file, int line); -void ICACHE_RAM_ATTR vPortFree(void *ptr, const char* file, int line); #define malloc(s) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; pvPortMalloc(s, mem_debug_file, __LINE__); }) #define calloc(n,s) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; pvPortCalloc(n, s, mem_debug_file, __LINE__); }) #define realloc(p,s) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; pvPortRealloc(p, s, mem_debug_file, __LINE__); }) - #if defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) - #if 0 - #define free(p) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; vPortFree(p, mem_debug_file, __LINE__); }) - #endif - #endif #elif defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) #include - void* ICACHE_RAM_ATTR pvPortRealloc(void *ptr, size_t size, const char* file, int line); -void ICACHE_RAM_ATTR vPortFree(void *ptr, const char* file, int line); - #define realloc(p,s) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; pvPortRealloc(p, s, mem_debug_file, __LINE__); }) -#if 0 -//C -/* - Problem, I would like to report the file and line number with the umm poison - event as close as possible to the event. The #define method works for malloc, - calloc, and realloc those names are not as generic as "free". A #define free - captures too much. Classes with methods called free are included :( - Inline functions would report the address of the inline function in the .h - not where they are called. - - Anybody know a trick to make this work? -*/ -#define free(p) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; vPortFree(p, mem_debug_file, __LINE__); }) -#endif - #endif /* DEBUG_ESP_OOM */ #ifdef __cplusplus From 5560f6b6454bda6bf4b8fb54a417017c09b823c0 Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Mon, 30 Sep 2019 16:07:02 -0700 Subject: [PATCH 14/27] Print notice message for the need of -DUMM_INFO_PRINT --- cores/esp8266/heap.cpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/cores/esp8266/heap.cpp b/cores/esp8266/heap.cpp index c36c5d37a2..5dfb9d643f 100644 --- a/cores/esp8266/heap.cpp +++ b/cores/esp8266/heap.cpp @@ -247,6 +247,9 @@ size_t ICACHE_RAM_ATTR xPortWantedSizeAlign(size_t size) void system_show_malloc(void) { +#if !defined(UMM_INFO_PRINT) + ::printf(PSTR("\nTo use \"system_show_malloc()\", you need to build with the \"-DUMM_INFO_PRINT\" option.\n")); +#endif umm_info(NULL, 1); } From 0b89ce7a04abd819f2f6813e24a088a4454e6abc Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Mon, 30 Sep 2019 16:13:37 -0700 Subject: [PATCH 15/27] This updates the heap management library, umm_malloc, to the current upstream version at https://github.com/rhempel/umm_malloc. Some reorganizing and new code was needed to use the new version. This is a list of note worthy changes: UMM_POISON - now has a lite option as well as the previous intensive check option. The code for running the full poison test at the call of the various alloc functions was removed in the upstream version. In this port the missing code was added to heap.cpp and umm_local.cpp. * UMM_POISON - appears to have been partially changed to UMM_POISON_CHECK, I treat it as depricated and used UMM_POISON_CHECK, when needed. However, the Arduino Core's references to UMM_POISON were replaced with UMM_POISON_CHECK_LITE. * UMM_POISON_CHECK_LITE - Less intense, it just checks poison on active neighboring allocations. * UMM_POISON_CHECK - Full heap intensive check of poison UMM_INFO_PRINT - This new define makes building UMM_INFO with printing capability, optional. When umm_info(NULL, true) is used to print a debug view of heap information to the debug port, it has to walk the heap and print out information, while in a critical section. This requires that the print function be able to print w/o doing malloc calls and from an IRQ disabled context. It also requires more IRAM to handle printing. Without this define `umm_info(NULL, true)` will not print. * UMM_INFO_PRINT is enabled as part of selecting `Debug port: "Serial" or * "Serial1"`. To make available all the time use '-D UMM_INFO_PRINT`. A cautionary note, on the use of UMM_INTEGRITY_CHECK, UMM_POISON_CHECK, and UMM_INFO_PRINT. All of these run with IRQs disabled, for periods that can go into 100's of us. With umm_info(NULL, true) that may go into seconds, depending on the serial interface speed and the number of memory allocations present. Use UMM_INTEGRITY_CHECK, UMM_POISON_CHECK, and UMM_INFO_PRINT sparingly. If you want to see numbers for the disabled time, explore using UMM_CRITICAL_METRICS in umm_malloc_cfg.h. --- cores/esp8266/umm_malloc/umm_malloc.cpp | 39 ------------------------- 1 file changed, 39 deletions(-) diff --git a/cores/esp8266/umm_malloc/umm_malloc.cpp b/cores/esp8266/umm_malloc/umm_malloc.cpp index 185478004b..a065db6c86 100644 --- a/cores/esp8266/umm_malloc/umm_malloc.cpp +++ b/cores/esp8266/umm_malloc/umm_malloc.cpp @@ -130,45 +130,6 @@ * In one form or another these features have been restored in the * reintegration of the upstream umm_malloc into the Arduino ESP8266 Core. */ -/* This block will be used for the non-WIP PR description: - -This updates the heap management library, umm_malloc, to the current upstream -version at https://github.com/rhempel/umm_malloc. Some reorganizing and new code -was needed to use the new version. - -This is a list of note worthy changes: - -UMM_POISON - now has a lite option as well as the previous intensive check -option. The code for running the full poison test at the call of the various -alloc functions was removed in the upstream version. In this port the missing -code was added to heap.cpp and umm_local.cpp. -* UMM_POISON - appears to have been partially changed to UMM_POISON_CHECK, - I treat it as depricated and used UMM_POISON_CHECK, when needed. - However, the Arduino Core's references to UMM_POISON were replaced with - UMM_POISON_CHECK_LITE. -* UMM_POISON_CHECK_LITE - Less intense, it just checks poison on active - neighboring allocations. -* UMM_POISON_CHECK - Full heap intensive check of poison - -UMM_INFO_PRINT - This new define makes building UMM_INFO with printing -capability, optional. When umm_info(NULL, true) is used to print a debug view of -heap information to the debug port, it has to walk the heap and print out -information, while in a critical section. This requires that the print function -be able to print w/o doing malloc calls and from an IRQ disabled context. It -also requires more IRAM to handle printing. Without this define -`umm_info(NULL, true)` will not print. -* UMM_INFO_PRINT is enabled as part of selecting `Debug port: "Serial" or -* "Serial1"`. To make available all the time use '-D UMM_INFO_PRINT`. - -A cautionary note, on the use of UMM_INTEGRITY_CHECK, UMM_POISON_CHECK, and -UMM_INFO_PRINT. All of these run with IRQs disabled, for periods that can go -into 100's of us. With umm_info(NULL, true) that may go into seconds, depending -on the serial interface speed and the number of memory allocations present. Use -UMM_INTEGRITY_CHECK, UMM_POISON_CHECK, and UMM_INFO_PRINT sparingly. -If you want to see numbers for the disabled time, explore using -UMM_CRITICAL_METRICS in umm_malloc_cfg.h. - - */ /* * Added for using with Arduino ESP8266 and handling renameing to umm_malloc.cpp From 7e859c561bcc7b00141227fa936e4ca0d4288397 Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Mon, 30 Sep 2019 16:13:37 -0700 Subject: [PATCH 16/27] This updates the heap management library, umm_malloc, to the current upstream version at https://github.com/rhempel/umm_malloc. Some reorganizing and new code was needed to use the new version. This is a list of note worthy changes: UMM_POISON - now has a lite option as well as the previous intensive check option. The code for running the full poison test at the call of the various alloc functions was removed in the upstream version. In this port the missing code was added to heap.cpp and umm_local.cpp. * UMM_POISON - appears to have been partially changed to UMM_POISON_CHECK, I treat it as depricated and used UMM_POISON_CHECK, when needed. However, the Arduino Core's references to UMM_POISON were replaced with UMM_POISON_CHECK_LITE. * UMM_POISON_CHECK_LITE - Less intense, it just checks poison on active neighboring allocations. * UMM_POISON_CHECK - Full heap intensive check of poison UMM_INFO_PRINT - This new define makes building UMM_INFO with printing capability, optional. When umm_info(NULL, true) is used to print a debug view of heap information to the debug port, it has to walk the heap and print out information, while in a critical section. This requires that the print function be able to print w/o doing malloc calls and from an IRQ disabled context. It also requires more IRAM to handle printing. Without this define `umm_info(NULL, true)` will not print. * UMM_INFO_PRINT is enabled as part of selecting `Debug port: "Serial" or * "Serial1"`. To make available all the time use '-D UMM_INFO_PRINT`. A cautionary note, on the use of UMM_INTEGRITY_CHECK, UMM_POISON_CHECK, and UMM_INFO_PRINT. All of these run with IRQs disabled, for periods that can go into 100's of us. With umm_info(NULL, true) that may go into seconds, depending on the serial interface speed and the number of memory allocations present. Use UMM_INTEGRITY_CHECK, UMM_POISON_CHECK, and UMM_INFO_PRINT sparingly. If you want to see numbers for the disabled time, explore using UMM_CRITICAL_METRICS in umm_malloc_cfg.h. --- cores/esp8266/umm_malloc/umm_malloc.cpp | 39 ------------------------- 1 file changed, 39 deletions(-) diff --git a/cores/esp8266/umm_malloc/umm_malloc.cpp b/cores/esp8266/umm_malloc/umm_malloc.cpp index 185478004b..a065db6c86 100644 --- a/cores/esp8266/umm_malloc/umm_malloc.cpp +++ b/cores/esp8266/umm_malloc/umm_malloc.cpp @@ -130,45 +130,6 @@ * In one form or another these features have been restored in the * reintegration of the upstream umm_malloc into the Arduino ESP8266 Core. */ -/* This block will be used for the non-WIP PR description: - -This updates the heap management library, umm_malloc, to the current upstream -version at https://github.com/rhempel/umm_malloc. Some reorganizing and new code -was needed to use the new version. - -This is a list of note worthy changes: - -UMM_POISON - now has a lite option as well as the previous intensive check -option. The code for running the full poison test at the call of the various -alloc functions was removed in the upstream version. In this port the missing -code was added to heap.cpp and umm_local.cpp. -* UMM_POISON - appears to have been partially changed to UMM_POISON_CHECK, - I treat it as depricated and used UMM_POISON_CHECK, when needed. - However, the Arduino Core's references to UMM_POISON were replaced with - UMM_POISON_CHECK_LITE. -* UMM_POISON_CHECK_LITE - Less intense, it just checks poison on active - neighboring allocations. -* UMM_POISON_CHECK - Full heap intensive check of poison - -UMM_INFO_PRINT - This new define makes building UMM_INFO with printing -capability, optional. When umm_info(NULL, true) is used to print a debug view of -heap information to the debug port, it has to walk the heap and print out -information, while in a critical section. This requires that the print function -be able to print w/o doing malloc calls and from an IRQ disabled context. It -also requires more IRAM to handle printing. Without this define -`umm_info(NULL, true)` will not print. -* UMM_INFO_PRINT is enabled as part of selecting `Debug port: "Serial" or -* "Serial1"`. To make available all the time use '-D UMM_INFO_PRINT`. - -A cautionary note, on the use of UMM_INTEGRITY_CHECK, UMM_POISON_CHECK, and -UMM_INFO_PRINT. All of these run with IRQs disabled, for periods that can go -into 100's of us. With umm_info(NULL, true) that may go into seconds, depending -on the serial interface speed and the number of memory allocations present. Use -UMM_INTEGRITY_CHECK, UMM_POISON_CHECK, and UMM_INFO_PRINT sparingly. -If you want to see numbers for the disabled time, explore using -UMM_CRITICAL_METRICS in umm_malloc_cfg.h. - - */ /* * Added for using with Arduino ESP8266 and handling renameing to umm_malloc.cpp From 2d26ccb9351e3c0768e4a06d97a9e2d0a5dce828 Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Mon, 30 Sep 2019 18:48:52 -0700 Subject: [PATCH 17/27] Updated upstream TODO --- cores/esp8266/umm_malloc/umm_malloc_cfg.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cores/esp8266/umm_malloc/umm_malloc_cfg.h b/cores/esp8266/umm_malloc/umm_malloc_cfg.h index fd037bba72..e91f8b6be5 100644 --- a/cores/esp8266/umm_malloc/umm_malloc_cfg.h +++ b/cores/esp8266/umm_malloc/umm_malloc_cfg.h @@ -324,7 +324,8 @@ static inline size_t ICACHE_FLASH_ATTR umm_get_free_null_count( void ) { * include the time spent in calling malloc and/or free. Examine code for * specifics on what info is available and how to access. * - * Status: TODO: Needs to be proposed for upstream. + * Status: TODO: Needs to be proposed for upstream. Also should include updates + * to UMM_POISON_CHECK and UMM_INTEGRITY_CHECK to include a critical section. */ /* #define UMM_CRITICAL_METRICS From 966812a18fdab5b112d7964ddd1f91d1079bc1a3 Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Tue, 1 Oct 2019 16:09:19 -0700 Subject: [PATCH 18/27] Changes on printing to comply with new understanding of SPI bus availability from an ISR vs forground with INTLEVEL 15. --- cores/esp8266/heap.cpp | 42 +++++++++++++------- cores/esp8266/umm_malloc/isr_safe_printf.cpp | 6 ++- cores/esp8266/umm_malloc/isr_safe_printf.h | 2 + cores/esp8266/umm_malloc/umm_local.c | 16 ++++++++ cores/esp8266/umm_malloc/umm_local.h | 23 ++++++++--- cores/esp8266/umm_malloc/umm_malloc_cfg.h | 35 ++-------------- cores/esp8266/umm_malloc/umm_performance.h | 23 ----------- 7 files changed, 72 insertions(+), 75 deletions(-) delete mode 100644 cores/esp8266/umm_malloc/umm_performance.h diff --git a/cores/esp8266/heap.cpp b/cores/esp8266/heap.cpp index 5dfb9d643f..5750984029 100644 --- a/cores/esp8266/heap.cpp +++ b/cores/esp8266/heap.cpp @@ -121,22 +121,39 @@ void* _calloc_r(struct _reent* unused, size_t count, size_t size) #undef calloc #undef realloc -static const char oom_fmt[] PROGMEM STORE_ATTR = ":oom(%d)@?\n"; -static const char oom_fmt_1[] PROGMEM STORE_ATTR = ":oom(%d)@"; -static const char oom_fmt_2[] PROGMEM STORE_ATTR = ":%d\n"; +#define DEBUG_HEAP_PRINTF ets_uart_printf void ICACHE_RAM_ATTR print_loc(size_t size, const char* file, int line) { (void)size; (void)line; if (system_get_os_print()) { - DBGLOG_FUNCTION_P(oom_fmt_1, (int)size); - DBGLOG_FUNCTION_P(file); - DBGLOG_FUNCTION_P(oom_fmt_2, line); + DEBUG_HEAP_PRINTF(":oom(%d)@", (int)size); + + bool inISR = ETS_INTR_WITHINISR(); + if (inISR && (uint32_t)file >= 0x40200000) { + DEBUG_HEAP_PRINTF("%p", file); + } else if (!inISR && (uint32_t)file >= 0x40200000) { + char buf[ets_strlen(file)] __attribute__ ((aligned(4))); + ets_strcpy(buf, file); + DEBUG_HEAP_PRINTF(buf); + } else { + DEBUG_HEAP_PRINTF(file); + } + + DEBUG_HEAP_PRINTF(":%d\n", line); } } -#define OOM_CHECK__PRINT_OOM(p, f, s) if (!p && system_get_os_print()) DBGLOG_FUNCTION_P(f, s) +void ICACHE_RAM_ATTR print_oom_size(size_t size) +{ + (void)size; + if (system_get_os_print()) { + DEBUG_HEAP_PRINTF(":oom(%d)@?\n", (int)size); + } +} + +#define OOM_CHECK__PRINT_OOM(p, s) if (!p) print_oom_size(s) #define OOM_CHECK__PRINT_LOC(p, s, f, l) if (!p) print_loc(s, f, l) #else // ! DEBUG_ESP_OOM @@ -148,7 +165,7 @@ void ICACHE_RAM_ATTR print_loc(size_t size, const char* file, int line) #define PTR_CHECK__LOG_LAST_FAIL(p, s, a) #endif -#define OOM_CHECK__PRINT_OOM(p, f, s) +#define OOM_CHECK__PRINT_OOM(p, s) #define OOM_CHECK__PRINT_LOC(p, s, f, l) #endif @@ -160,7 +177,7 @@ void* ICACHE_RAM_ATTR malloc(size_t size) POISON_CHECK__ABORT(); void* ret = __umm_malloc(size); PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0)); - OOM_CHECK__PRINT_OOM(ret, oom_fmt, (int)size); + OOM_CHECK__PRINT_OOM(ret, size); return ret; } @@ -170,7 +187,7 @@ void* ICACHE_RAM_ATTR calloc(size_t count, size_t size) POISON_CHECK__ABORT(); void* ret = __umm_calloc(count, size); PTR_CHECK__LOG_LAST_FAIL(ret, count * size, __builtin_return_address(0)); - OOM_CHECK__PRINT_OOM(ret, oom_fmt, (int)size); + OOM_CHECK__PRINT_OOM(ret, size); return ret; } @@ -180,7 +197,7 @@ void* ICACHE_RAM_ATTR realloc(void* ptr, size_t size) void* ret = __umm_realloc_fl(ptr, size, NULL, 0); POISON_CHECK__ABORT(); PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0)); - OOM_CHECK__PRINT_OOM(ret, oom_fmt, (int)size); + OOM_CHECK__PRINT_OOM(ret, size); return ret; } @@ -247,9 +264,6 @@ size_t ICACHE_RAM_ATTR xPortWantedSizeAlign(size_t size) void system_show_malloc(void) { -#if !defined(UMM_INFO_PRINT) - ::printf(PSTR("\nTo use \"system_show_malloc()\", you need to build with the \"-DUMM_INFO_PRINT\" option.\n")); -#endif umm_info(NULL, 1); } diff --git a/cores/esp8266/umm_malloc/isr_safe_printf.cpp b/cores/esp8266/umm_malloc/isr_safe_printf.cpp index 4edf684026..8f29dc934f 100644 --- a/cores/esp8266/umm_malloc/isr_safe_printf.cpp +++ b/cores/esp8266/umm_malloc/isr_safe_printf.cpp @@ -13,10 +13,14 @@ #include "umm_malloc_cfg.h" extern "C" { -#if defined(DEBUG_ESP_ISR) +#if 0 //defined(DEBUG_ESP_ISR) int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2))); int ICACHE_RAM_ATTR _isr_safe_printf_P(const char *fmt, ...) { + if (ETS_INTR_WITHINISR() && (uint32_t)fmt >= 0x40200000) { + ets_uart_printf("\nCannot print flash string, %p, from ISR\n", fmt); + return 0; + } /* To use ets_strlen() and ets_memcpy() safely with PROGMEM, flash storage, the PROGMEM address must be word (4 bytes) aligned. The destination diff --git a/cores/esp8266/umm_malloc/isr_safe_printf.h b/cores/esp8266/umm_malloc/isr_safe_printf.h index fb785102f4..314a2403f8 100644 --- a/cores/esp8266/umm_malloc/isr_safe_printf.h +++ b/cores/esp8266/umm_malloc/isr_safe_printf.h @@ -8,6 +8,7 @@ extern "C" { #endif +#if 0 /* ISR Safe to call for debugging. Not really safe to use all the time. The problem is going over 10us with interrupts disabled. It takes 86.8us to send @@ -18,6 +19,7 @@ int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2) // PROGMEM. Only the 1st parameter, fmt, is supported in PROGMEM. #define ISR_PRINTF(fmt, ...) _isr_safe_printf_P(PSTR(fmt), ##__VA_ARGS__) #define ISR_PRINTF_P(fmt, ...) _isr_safe_printf_P(fmt, ##__VA_ARGS__) +#endif #ifdef __cplusplus } diff --git a/cores/esp8266/umm_malloc/umm_local.c b/cores/esp8266/umm_malloc/umm_local.c index 7aec30b41d..b984e86b86 100644 --- a/cores/esp8266/umm_malloc/umm_local.c +++ b/cores/esp8266/umm_malloc/umm_local.c @@ -194,6 +194,22 @@ void print_stats(int force) { #endif + +int ICACHE_FLASH_ATTR umm_info_safe_printf_P(const char *fmt, ...) { + /* + To use ets_strlen() and ets_strcpy() safely with PROGMEM, flash storage, + the PROGMEM address must be word (4 bytes) aligned. The destination + address for ets_memcpy must also be word-aligned. + */ + char ram_buf[ets_strlen(fmt)] __attribute__ ((aligned(4))); + ets_strcpy(ram_buf, fmt); + va_list argPtr; + va_start(argPtr, fmt); + int result = ets_vprintf(ets_uart_putc1, ram_buf, argPtr); + va_end(argPtr); + return result; +} + #endif // BUILD_UMM_MALLOC_C diff --git a/cores/esp8266/umm_malloc/umm_local.h b/cores/esp8266/umm_malloc/umm_local.h index 2c66e22d63..c2f05a57dc 100644 --- a/cores/esp8266/umm_malloc/umm_local.h +++ b/cores/esp8266/umm_malloc/umm_local.h @@ -3,6 +3,7 @@ /* * A home for local items exclusive to umm_malloc.c and not to be shared in * umm_malloc_cfg.h. And, not for upstream version. + * Also used to redefine defines made in upstream files we donet want to edit. * */ @@ -13,13 +14,17 @@ #define memmove ets_memmove #define memset ets_memset -#if !defined(UMM_INFO_PRINT) -/* This will stop umm_info from printing. - * At this time DBGLOG_FORCE is only used by umm_info. + +/* + * This redefines DBGLOG_FORCE defined in dbglog/dbglog.h + * Just for printing from umm_info() which is assumed to always be called from + * non-ISR. Thus SPI bus is available to handle cache-miss and reading a flash + * string while INTLEVEL is non-zero. */ #undef DBGLOG_FORCE -#define DBGLOG_FORCE(force, format, ...) {(void)force; (void)format;} -#endif +#define DBGLOG_FORCE(force, format, ...) {if(force) {UMM_INFO_PRINTF(format, ## __VA_ARGS__);}} +// #define DBGLOG_FORCE(force, format, ...) {if(force) {::printf(PSTR(format), ## __VA_ARGS__);}} + #if defined(DEBUG_ESP_OOM) || defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) || defined(UMM_INTEGRITY_CHECK) #else @@ -30,12 +35,20 @@ #define umm_free(p) free(p) #endif + #if defined(UMM_POISON_CHECK_LITE) static int check_poison_neighbors( unsigned short cur ); #endif + #if defined(UMM_STATS) || defined(UMM_STATS_FULL) void ICACHE_FLASH_ATTR print_stats(int force); #endif + + +int ICACHE_FLASH_ATTR umm_info_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2))); +#define UMM_INFO_PRINTF(fmt, ...) umm_info_safe_printf_P(PSTR(fmt), ##__VA_ARGS__) + + #endif diff --git a/cores/esp8266/umm_malloc/umm_malloc_cfg.h b/cores/esp8266/umm_malloc/umm_malloc_cfg.h index e91f8b6be5..ec1b951ddf 100644 --- a/cores/esp8266/umm_malloc/umm_malloc_cfg.h +++ b/cores/esp8266/umm_malloc/umm_malloc_cfg.h @@ -10,7 +10,7 @@ #include #include -#include "isr_safe_printf.h" +#include #ifdef __cplusplus extern "C" { @@ -113,25 +113,6 @@ extern char _heap_start[]; #else #endif -/* - * -D UMM_INFO_PRINT - * - * umm_info(NULL, true) is used to print a debug view of heap information to the - * debug port. It has to walk the heap and print out information while in a - * critical section. This requires that the print function be able to print w/o - * doing malloc calls and from an IRQ disabled context. This requires extra IRAM - * based code for printing. Without this define `umm_info(NULL, true)` will - * not print. - * - * UMM_INFO_PRINT is enabled as part of selecting `Debug port: "Serial" or - * "Serial1"`. To make available all the time use '-D UMM_INFO_PRINT`. - * - * Status: Local Enhancement - addresses platform specific issue. - */ -#if defined(DEBUG_ESP_PORT) && !defined(UMM_INFO_PRINT) && defined(UMM_INFO) -#define UMM_INFO_PRINT -#endif - /* * -D UMM_STATS : * -D UMM_STATS_FULL @@ -587,20 +568,10 @@ static inline void _critical_exit(UMM_TIME_STAT *p, uint32_t *saved_ps) { #if defined(DEBUG_ESP_PORT) || defined(DEBUG_ESP_OOM) || \ defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) || \ - defined(UMM_INFO_PRINT) || defined(UMM_INTEGRITY_CHECK) - -#ifndef DEBUG_ESP_ISR -#define DEBUG_ESP_ISR -#endif - -// Note, ISR_PRINTF_P will not handle additional string arguments in -// PROGMEM. Only the 1st parameter, fmt, is supported in PROGMEM. -#define DBGLOG_FUNCTION(fmt, ...) ISR_PRINTF(fmt, ##__VA_ARGS__) -#define DBGLOG_FUNCTION_P(fmt, ...) ISR_PRINTF_P(fmt, ##__VA_ARGS__) - + defined(UMM_INTEGRITY_CHECK) +#define DBGLOG_FUNCTION(fmt, ...) ets_uart_printf(fmt, ##__VA_ARGS__) #else #define DBGLOG_FUNCTION(fmt, ...) do { (void)fmt; } while(false) -#define DBGLOG_FUNCTION_P(fmt, ...) do { (void)fmt; } while(false) #endif ///////////////////////////////////////////////// diff --git a/cores/esp8266/umm_malloc/umm_performance.h b/cores/esp8266/umm_malloc/umm_performance.h deleted file mode 100644 index dfd0b2db69..0000000000 --- a/cores/esp8266/umm_malloc/umm_performance.h +++ /dev/null @@ -1,23 +0,0 @@ -/* - * umm_malloc performance measurments and ESP specifics - * - * Features rejected by upstream umm_malloc will move here from - * umm_malloc_cfg.h. Respective code will move to umm_local.c when possible. - * - */ - -#ifndef _UMM_PERFORMANCE_H -#define _UMM_PERFORMANCE_H - -#ifdef __cplusplus -extern "C" { -#endif - - - - -#ifdef __cplusplus -} -#endif - -#endif /* _UMM_PERFORMANCE_H */ From 3669bf5a853c5493732fb949b24aee5ce7a04dbb Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Tue, 1 Oct 2019 16:12:29 -0700 Subject: [PATCH 19/27] Removed no longer needed files. --- cores/esp8266/umm_malloc/isr_safe_printf.cpp | 44 -------------------- cores/esp8266/umm_malloc/isr_safe_printf.h | 28 ------------- 2 files changed, 72 deletions(-) delete mode 100644 cores/esp8266/umm_malloc/isr_safe_printf.cpp delete mode 100644 cores/esp8266/umm_malloc/isr_safe_printf.h diff --git a/cores/esp8266/umm_malloc/isr_safe_printf.cpp b/cores/esp8266/umm_malloc/isr_safe_printf.cpp deleted file mode 100644 index 8f29dc934f..0000000000 --- a/cores/esp8266/umm_malloc/isr_safe_printf.cpp +++ /dev/null @@ -1,44 +0,0 @@ -/* - * isr_safe_printf.cpp - Intended for diagnostic printing from a restricted setting. - * - * Meant to be a print from anywhere and work. There will be more limitations - * than your typical printf function. - * - * Still researching options for printing. - */ -#include -#include -#include -#include -#include "umm_malloc_cfg.h" -extern "C" { - -#if 0 //defined(DEBUG_ESP_ISR) - -int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2))); -int ICACHE_RAM_ATTR _isr_safe_printf_P(const char *fmt, ...) { - if (ETS_INTR_WITHINISR() && (uint32_t)fmt >= 0x40200000) { - ets_uart_printf("\nCannot print flash string, %p, from ISR\n", fmt); - return 0; - } - /* - To use ets_strlen() and ets_memcpy() safely with PROGMEM, flash storage, - the PROGMEM address must be word (4 bytes) aligned. The destination - address for ets_memcpy must also be word-aligned. We also round the - buf_len up to the nearest word boundary. So that all transfers will be - whole words. - */ - size_t str_len = ets_strlen(fmt); - size_t buf_len = (str_len + 1 + 3) & ~0x03U; - char ram_buf[buf_len] __attribute__ ((aligned(4))); - ets_memcpy(ram_buf, fmt, buf_len); - va_list argPtr; - va_start(argPtr, fmt); - int result = ets_vprintf(ets_uart_putc1, ram_buf, argPtr); - va_end(argPtr); - return result; -} - -#endif - -}; diff --git a/cores/esp8266/umm_malloc/isr_safe_printf.h b/cores/esp8266/umm_malloc/isr_safe_printf.h deleted file mode 100644 index 314a2403f8..0000000000 --- a/cores/esp8266/umm_malloc/isr_safe_printf.h +++ /dev/null @@ -1,28 +0,0 @@ -#ifndef ISR_SAFE_PRINTF_H -#define ISR_SAFE_PRINTF_H -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#if 0 -/* - ISR Safe to call for debugging. Not really safe to use all the time. The - problem is going over 10us with interrupts disabled. It takes 86.8us to send - one 8 bit character with start and stop bit at 115200 bps. -*/ -int _isr_safe_printf_P(const char *fmt, ...) __attribute__((format(printf, 1, 2))); -// Note, _isr_safe_printf_P will not handle additional string arguments in -// PROGMEM. Only the 1st parameter, fmt, is supported in PROGMEM. -#define ISR_PRINTF(fmt, ...) _isr_safe_printf_P(PSTR(fmt), ##__VA_ARGS__) -#define ISR_PRINTF_P(fmt, ...) _isr_safe_printf_P(fmt, ##__VA_ARGS__) -#endif - -#ifdef __cplusplus -} -#endif - -#endif \ No newline at end of file From be66ae7514de6c337cffcccb7b7565ef7b54234f Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Tue, 1 Oct 2019 17:39:06 -0700 Subject: [PATCH 20/27] OOM build option now saves file and line number for post mortem reporting. --- cores/esp8266/core_esp8266_postmortem.cpp | 12 ++++++- cores/esp8266/heap.cpp | 42 ++++++++++++++++------- 2 files changed, 40 insertions(+), 14 deletions(-) diff --git a/cores/esp8266/core_esp8266_postmortem.cpp b/cores/esp8266/core_esp8266_postmortem.cpp index 0b254b9b73..0486ee5735 100644 --- a/cores/esp8266/core_esp8266_postmortem.cpp +++ b/cores/esp8266/core_esp8266_postmortem.cpp @@ -62,6 +62,10 @@ static int s_user_reset_reason = REASON_DEFAULT_RST; // From UMM, the last caller of a malloc/realloc/calloc which failed: extern void *umm_last_fail_alloc_addr; extern int umm_last_fail_alloc_size; +#if defined(DEBUG_ESP_OOM) +extern const char *umm_last_fail_alloc_file; +extern int umm_last_fail_alloc_line; +#endif static void raise_exception() __attribute__((noreturn)); @@ -181,7 +185,13 @@ void __wrap_system_restart_local() { // Use cap-X formatting to ensure the standard EspExceptionDecoder doesn't match the address if (umm_last_fail_alloc_addr) { - ets_printf_P(PSTR("\nlast failed alloc call: %08X(%d)\n"), (uint32_t)umm_last_fail_alloc_addr, umm_last_fail_alloc_size); +#if defined(DEBUG_ESP_OOM) + ets_printf_P(PSTR("\nlast failed alloc call: %08X(%d)@%S:%d\n"), + (uint32_t)umm_last_fail_alloc_addr, umm_last_fail_alloc_size, + umm_last_fail_alloc_file, umm_last_fail_alloc_line); +#else + ets_printf_P(PSTR("\nlast failed alloc call: %08X(%d)\n"), (uint32_t)umm_last_fail_alloc_addr, umm_last_fail_alloc_size); +#endif } custom_crash_callback( &rst_info, sp_dump + offset, stack_end ); diff --git a/cores/esp8266/heap.cpp b/cores/esp8266/heap.cpp index 5750984029..1972ad21cd 100644 --- a/cores/esp8266/heap.cpp +++ b/cores/esp8266/heap.cpp @@ -58,7 +58,10 @@ extern "C" { // Debugging helper, last allocation which returned NULL void *umm_last_fail_alloc_addr = NULL; int umm_last_fail_alloc_size = 0; - +#if defined(DEBUG_ESP_OOM) +const char *umm_last_fail_alloc_file = NULL; +int umm_last_fail_alloc_line = 0; +#endif #ifdef UMM_INTEGRITY_CHECK #define INTEGRITY_CHECK__ABORT() \ @@ -79,18 +82,31 @@ int umm_last_fail_alloc_size = 0; #endif // UMM_INTEGRITY_CHECK -#define PTR_CHECK__LOG_LAST_FAIL(p, s, a) \ +#if defined(DEBUG_ESP_OOM) +#define PTR_CHECK__LOG_LAST_FAIL(p, s, a, f, l) \ + if(0 != (s) && 0 == p)\ + {\ + umm_last_fail_alloc_addr = a;\ + umm_last_fail_alloc_size = s;\ + umm_last_fail_alloc_file = f;\ + umm_last_fail_alloc_line = l;\ + } +#else +#define PTR_CHECK__LOG_LAST_FAIL(p, s, a, f, l) \ + (void)f;\ + (void)l;\ if(0 != (s) && 0 == p)\ {\ umm_last_fail_alloc_addr = a;\ umm_last_fail_alloc_size = s;\ } +#endif void* _malloc_r(struct _reent* unused, size_t size) { (void) unused; void *ret = malloc(size); - PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0)) + PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0), NULL, 0); return ret; } @@ -104,7 +120,7 @@ void* _realloc_r(struct _reent* unused, void* ptr, size_t size) { (void) unused; void *ret = realloc(ptr, size); - PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0)) + PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0), NULL, 0); return ret; } @@ -112,7 +128,7 @@ void* _calloc_r(struct _reent* unused, size_t count, size_t size) { (void) unused; void *ret = calloc(count, size); - PTR_CHECK__LOG_LAST_FAIL(ret, count * size, __builtin_return_address(0)) + PTR_CHECK__LOG_LAST_FAIL(ret, count * size, __builtin_return_address(0), NULL, 0); return ret; } @@ -132,7 +148,7 @@ void ICACHE_RAM_ATTR print_loc(size_t size, const char* file, int line) bool inISR = ETS_INTR_WITHINISR(); if (inISR && (uint32_t)file >= 0x40200000) { - DEBUG_HEAP_PRINTF("%p", file); + DEBUG_HEAP_PRINTF("File: %p", file); } else if (!inISR && (uint32_t)file >= 0x40200000) { char buf[ets_strlen(file)] __attribute__ ((aligned(4))); ets_strcpy(buf, file); @@ -176,7 +192,7 @@ void* ICACHE_RAM_ATTR malloc(size_t size) INTEGRITY_CHECK__ABORT(); POISON_CHECK__ABORT(); void* ret = __umm_malloc(size); - PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0)); + PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0), NULL, 0); OOM_CHECK__PRINT_OOM(ret, size); return ret; } @@ -186,7 +202,7 @@ void* ICACHE_RAM_ATTR calloc(size_t count, size_t size) INTEGRITY_CHECK__ABORT(); POISON_CHECK__ABORT(); void* ret = __umm_calloc(count, size); - PTR_CHECK__LOG_LAST_FAIL(ret, count * size, __builtin_return_address(0)); + PTR_CHECK__LOG_LAST_FAIL(ret, count * size, __builtin_return_address(0), NULL, 0); OOM_CHECK__PRINT_OOM(ret, size); return ret; } @@ -196,7 +212,7 @@ void* ICACHE_RAM_ATTR realloc(void* ptr, size_t size) INTEGRITY_CHECK__ABORT(); void* ret = __umm_realloc_fl(ptr, size, NULL, 0); POISON_CHECK__ABORT(); - PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0)); + PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0), NULL, 0); OOM_CHECK__PRINT_OOM(ret, size); return ret; } @@ -215,7 +231,7 @@ void* ICACHE_RAM_ATTR pvPortMalloc(size_t size, const char* file, int line) INTEGRITY_CHECK__PANIC_FL(file, line); POISON_CHECK__PANIC_FL(file, line); void* ret = __umm_malloc(size); - PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0)); + PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0), file, line); OOM_CHECK__PRINT_LOC(ret, size, file, line); return ret; } @@ -225,7 +241,7 @@ void* ICACHE_RAM_ATTR pvPortCalloc(size_t count, size_t size, const char* file, INTEGRITY_CHECK__PANIC_FL(file, line); POISON_CHECK__PANIC_FL(file, line); void* ret = __umm_calloc(count, size); - PTR_CHECK__LOG_LAST_FAIL(ret, count * size, __builtin_return_address(0)); + PTR_CHECK__LOG_LAST_FAIL(ret, count * size, __builtin_return_address(0), file, line); OOM_CHECK__PRINT_LOC(ret, size, file, line); return ret; } @@ -235,7 +251,7 @@ void* ICACHE_RAM_ATTR pvPortRealloc(void *ptr, size_t size, const char* file, in INTEGRITY_CHECK__PANIC_FL(file, line); void* ret = __umm_realloc_fl(ptr, size, file, line); POISON_CHECK__PANIC_FL(file, line); - PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0)); + PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0), file, line); OOM_CHECK__PRINT_LOC(ret, size, file, line); return ret; } @@ -245,7 +261,7 @@ void* ICACHE_RAM_ATTR pvPortZalloc(size_t size, const char* file, int line) INTEGRITY_CHECK__PANIC_FL(file, line); POISON_CHECK__PANIC_FL(file, line); void* ret = __umm_calloc(1, size); - PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0)); + PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0), file, line); OOM_CHECK__PRINT_LOC(ret, size, file, line); return ret; } From 3b805779acc01cfa3b16a601f5eff7d2e44d873d Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Sat, 5 Oct 2019 13:39:18 -0700 Subject: [PATCH 21/27] Missed change. --- cores/esp8266/heap.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cores/esp8266/heap.cpp b/cores/esp8266/heap.cpp index 1972ad21cd..3ead6342d1 100644 --- a/cores/esp8266/heap.cpp +++ b/cores/esp8266/heap.cpp @@ -178,7 +178,7 @@ void ICACHE_RAM_ATTR print_oom_size(size_t size) //C Skip OOM logging of last fail for malloc/... and pvPort... . //C It cost 64 more bytes of IRAM to turn on. And was not previously enabled. #undef PTR_CHECK__LOG_LAST_FAIL -#define PTR_CHECK__LOG_LAST_FAIL(p, s, a) +#define PTR_CHECK__LOG_LAST_FAIL(p, s, a, f, l) #endif #define OOM_CHECK__PRINT_OOM(p, s) From 46b61fbd8abbb6118674ed82b07843386dce1b2e Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Wed, 9 Oct 2019 17:21:35 -0700 Subject: [PATCH 22/27] Consolated upstream integration comments into Notes.h. This helps keep these comments separated from the upstream code and to avoid getting lost. I'll expand this as I think of and remember more. --- cores/esp8266/umm_malloc/Notes.h | 190 ++++++++++++++++++++++++ cores/esp8266/umm_malloc/umm_malloc.cpp | 107 +------------ 2 files changed, 197 insertions(+), 100 deletions(-) create mode 100644 cores/esp8266/umm_malloc/Notes.h diff --git a/cores/esp8266/umm_malloc/Notes.h b/cores/esp8266/umm_malloc/Notes.h new file mode 100644 index 0000000000..5e9918f33b --- /dev/null +++ b/cores/esp8266/umm_malloc/Notes.h @@ -0,0 +1,190 @@ +#if 0 +/* +PR text description: + +upstream version of `umm_malloc` customized for Arduino ESP8266 Core + +This updates the heap management library, umm_malloc, to the current upstream +version at https://github.com/rhempel/umm_malloc. Some reorganizing and new code +was needed to use the new version. + +This is a list of noteworthy changes: + +UMM_POISON - now has a lite option as well as the previous intensive check +option. The code for running the full poison test at the call of the various +alloc functions was removed in the upstream version. In this port, the missing +code was added to heap.cpp and umm_local.cpp. +* UMM_POISON - appears to have been partially changed to UMM_POISON_CHECK, + I treat it as deprecated and used UMM_POISON_CHECK when needed. + However, the Arduino Core's references to UMM_POISON were replaced with + UMM_POISON_CHECK_LITE. +* UMM_POISON_CHECK_LITE - Less intense, it just checks poison on active + neighboring allocations. +* UMM_POISON_CHECK - Full heap intensive check of poison + +A cautionary note, on the use of UMM_INTEGRITY_CHECK, UMM_POISON_CHECK, and +UMM_INFO_PRINT. All of these run with IRQs disabled, for periods that can go +into 100's of us. With umm_info(NULL, true) that may go into seconds, depending +on the serial interface speed and the number of memory allocations present. Use +UMM_INTEGRITY_CHECK, UMM_POISON_CHECK, and UMM_INFO_PRINT sparingly. +If you want to see numbers for the disabled time, explore using +UMM_CRITICAL_METRICS in umm_malloc_cfg.h. + + +=============================================================================== + + New upstream umm_malloc feature delta's from the old umm_malloc we were using: + + umm_posion check for a given *alloc - failure - no longer panics. + + option to run full poison check at each *alloc call, not present + + option to run full interity check at each *alloc call, not present + + upstream code does not call panic from poison_check_block. + + Defragmenting effect of realloc is gone. It now minimizes copy. This + may have been an accident during code cleanup. + + In one form or another these features have been restored in the + reintegration of the upstream umm_malloc into the Arduino ESP8266 Core. + +=============================================================================== + + A list of changes made for local adaptation of newer upstream umm_malloc. + + In umm_malloc.c + Renamed to umm_malloc.cpp + Added `extern "C" { ... };` around code. + Surround DBGLOG_LEVEL with #ifndef... Define value of DBGLOG_LEVEL from + umm_malloc_cfg.h + umm_realloc() - Added UMM_CRITICAL_SUSPEND()/UMM_CRITICAL_RESUME() for when + lightweight locks are available. eg. sti/cli. Single threaded single CPU + case. + umm_realloc() - appears to have been refactored to minimize memmove and + memcpy. The old version would always combine an adjacent block in the + direction of the start of the heap when available and do a memmove. This + had a defragging effect. This appears to have been replaced with an attempt + to minimize copy when possible. + Added heap stats tracking. + + In umm_info.c + umm_info() - Added UMM_CRITICAL_DECL(id_info), updated critical sections + with tag. + Carried forward: Added NULL ptr check at beginning (umm_malloc.c). + + In umm_poison.c: + Resolved C++ compiler error reported on get_poisoned(), and get_unpoisoned(). + They now take in void * arg instead of unsigned char *. + Added #if ... || defined(UMM_POISON_CHECK_LITE) to the conditional. + + In umm_integrity.c: + Replaced printf with DBGLOG_FUNCTION. This needs to be a malloc free + function and ISR safe. + Added critical sections. + + In umm_malloc_cfg.h: + Added macro UMM_CRITICAL_SUSPEND()/UMM_CRITICAL_RESUME() + + Globally change across all files %i to %d: umm_info.c, umm_malloc.c, + Added a #ifdef BUILD_UMM_MALLOC_C fence to prevent Arduino IDE from building + the various .c files that are #included into umm_malloc.cpp. They are + normally enabled by #define in umm_malloc_cfg.h. In this + case it builds fine; however, if the define is global, the IDE will try and + build the .c by itself. + + Notes, + umm_integrity_check() is called by macro INTEGRITY_CHECK which returns 1 + on success. No corruption. Does a time consuming scan of the whole heap. + It will call UMM_HEAP_CORRUPTION_CB if an error is found. + + umm_poison_check(), formerly known as check_poison_all_blocks(), + is called by macro POISON_CHECK which returns 1 on success for no + corruption. Does a time consuming scan of all active allocations for + modified poison. The new upstream version does *NOT* call + UMM_HEAP_CORRUPTION_CB if an error is found. The option description says + it does! + + umm_poison_realloc() and umm_poison_free() no longer call the macro + UMM_HEAP_CORRUPTION_CB on poison error. Just a printf message is + generated. I have added alternative functions umm_poison_free_fl, + umm_poison_realloc_fl, and get_unpoisoned_check_neighbors in + umm_local.cpp. These expand the poison check on the current allocation to + include its nearest allocated neighbors in the heap. + + umm_malloc() has been extended to call check_poison_neighbors for the + allocation it selects, conditionally for UMM_POISON_CHECK_LITE. + + For upstream umm_malloc "# define POISON_CHECK() 0" should have been 1 + add to list to report. + + +============================================================================== + +Notes from searching for the best print option + +Printing from the malloc routines is tricky. Since a print library +might call *alloc. Then recusion may follow as each error call may fail +into another error and so on. + +Objective: To be able to print "last gasp" diagnostic messages +when interrupts are disabled and w/o availability of heap resources. + +It turns out things are more complicated than that. There are three cases for +printing: + + 1. Printing detailed heap info through `umm_info(NULL, 1);`. This function + resides in flash and can only be called from non-ISR context. It can use + PROGMEM strings. Because SPI bus will not be busy when called from foreground. + Because printing is done from IRQ_LEVEL 15, printf function must be in iRAM or + ROM. + > I don't think I full understand how this can work. If `umm_info` is called + > and not full cached and we raise IRQ_LEVEL 15, how is a cache-miss handled? + > Interrupts? Some hidden internal interrupt? If we can handle cache-miss then + > other flash based functions can be used for printing here. + + 2. Printing diagnostic messages possibly from from ISR context. + + 3. Printing diagnostic messages from `heap.cpp` these printf's need to check + `system_get_os_print()` to confirm debug-output is enabled just as + `os_printf()` did. + +Considerations: +* can be called from ISR +* can be called from malloc code, cannot use malloc +* can be called from malloc code that was called from an ISR +* can be called from with in a critical section, eg. xt_rsil(15); + * this may be effectively the same as being called from an ISR? + +Knowns: +* ets_printf - For RTOS SDK they replaced this function with one in the SDK. + Most of the problems I can see with ets_printf center around not being + able to maintain a port to thread context. That is you cannot have one + thread using one port while another thread uses the other. In the no OS + case we cannot have one area of code using one port and another area of + code using the other port. Most of the ROM printf functions are not built + to support this kind of usage. Things get especially dangerous when you + try to use the ets_external_printf stuff. +* ets_vprintf - by itself is safe. +* newlibc printf - not safe - lives in flash. +* newlibc snprintf - not safe - lives in flash. +* builtin putc1 print function - Is installed when you use + ets_install_uart_printf. Which calls ets_install_putc1. The selection of UART + is performed by calling uart_buff_switch with 0 for UART0 and 1 for UART1. + This should work for our purpose here, if handled as follows: + * call uart_buff_switch at each printf call to reselect UART + * use a stack buffer to hold a copy the PROGMEM string to print from. + * use ets_vprintf for printing with putc1 function. +* os_printf_plus looks interesting. It is in IRAM. If no heap is available it + will use up to 64 bytes of stack space to copy a PROGMEM fmt for printing. + Issues: + * Printing is turned off by system_set_os_print + * putc1 needs to be in IRAM - this is a uart.cpp issue + * Need to force system_get_free_heap_size to return 0 during critical periods. + * won't work for umm_info it prints over 64 characters. + * along with umm_info there are other debug messages that exceed 64 characters. +* ets_uart_printf - Appears safe. Just no PROGMEM support. Uses + uart_buff_switch to select UART. + +*/ +#endif diff --git a/cores/esp8266/umm_malloc/umm_malloc.cpp b/cores/esp8266/umm_malloc/umm_malloc.cpp index a065db6c86..5feaa2edea 100644 --- a/cores/esp8266/umm_malloc/umm_malloc.cpp +++ b/cores/esp8266/umm_malloc/umm_malloc.cpp @@ -31,106 +31,13 @@ * ---------------------------------------------------------------------------- */ - /***************************************************************************** - * - * A log listing changes made for local adaptation of newer upstream - * umm_malloc - started July 22, 2019. - * - * AUG 1, 2019 compiles with OOM, UMM_POISON_CHECK, and appears to be working. - * - * In umm_malloc.c - * Renamed to umm_malloc.cpp - * - * Added `extern "C" { ... };` around code. - * - * Surround DBGLOG_LEVEL with #ifndef... Define value of DBGLOG_LEVEL - * from umm_malloc_cfg.h - * - * umm_realloc() - Added UMM_CRITICAL_SUSPEND()/UMM_CRITICAL_RESUME() for - * when lightweight locks are available. eg. sti/cli. Single threaded - * single CPU case. - * - * umm_realloc() - appears to have been refactored to minimize memmove - * and memcpy. The old version would always combine an adjacent block in the - * direction of the start of the heap when available and do a memmove. This - * had a defragging effect. This appears to have been replaced with an - * attempt to minimize copy when possible. - * - * Added heap stats tracking. - * - * - * In umm_info.c - * umm_info() - Added UMM_CRITICAL_DECL(id_info), updated critical sections - * with tag. - * Carried forward: Added NULL ptr check at beginning (umm_malloc.c). - Mar 8, 2016 - * - * - * In umm_poison.c: - * Resolved C++ compiler error reported on get_poisoned(), and - * get_unpoisoned(). They now take in void * arg instead of unsigned char *. - * Added #if ... || defined(UMM_POISON_CHECK_LITE) to the conditional. - * - * In umm_integrity.c: - * Replaced printf with DBGLOG_FUNCTION. This needs to be a malloc free - * function and ISR safe. - * Added critical sections. - * - * In umm_malloc_cfg.h: - * Added macro UMM_CRITICAL_SUSPEND()/UMM_CRITICAL_RESUME() - * - * - * Globally change across all files %i to %d: umm_info.c, umm_malloc.c, - * - * Added a #ifdef BUILD_UMM_MALLOC_C fence to prevent Arduino IDE from building - * the various .c files that are #included into umm_malloc.cpp. They are - * normally enabled by #define in umm_malloc_cfg.h. In this - * case it builds fine; however, if the define is global, the IDE will try and - * build the .c by itself. - * - * Notes, - * - * umm_integrity_check() is called by macro INTEGRITY_CHECK which returns 1 - * on success. No corruption. Does a time consuming scan of the whole heap. - * It will call UMM_HEAP_CORRUPTION_CB if an error is found. - * - * umm_poison_check(), formerly known as check_poison_all_blocks(), - * is called by macro POISON_CHECK which returns 1 on success for no - * corruption. Does a time consuming scan of all active allocations for - * modified poison. The new upstream version does *NOT* call - * UMM_HEAP_CORRUPTION_CB if an error is found. The option description says - * it does! - * - * umm_poison_realloc() and umm_poison_free() no longer call the macro - * UMM_HEAP_CORRUPTION_CB on poison error. Just a printf message is - * generated. I have added alternative functions umm_poison_free_fl, - * umm_poison_realloc_fl, and get_unpoisoned_check_neighbors in - * umm_local.cpp. These expand the poison check on the current allocation to - * include its nearest allocated neighbors in the heap. - * - * umm_malloc() has been extended to call check_poison_neighbors for the - * allocation it selects, conditionally for UMM_POISON_CHECK_LITE. - * - * For upstream umm_malloc "# define POISON_CHECK() 0" should have been 1 - * add to list to report. - */ - /* - * New upstream umm_malloc feature delta's from the old umm_malloc we were using: - * - * umm_posion check for a given *alloc - failure - no longer panics. - * - * option to run full poison check at each *alloc call, not present - * - * option to run full interity check at each *alloc call, not present - * - * upstream code does not call panic from poison_check_block. - * - * Defragmenting effect of realloc is gone. It now minimizes copy. This - * may have been an accident during code cleanup. - * - * In one form or another these features have been restored in the - * reintegration of the upstream umm_malloc into the Arduino ESP8266 Core. - */ - +/* + * This include is nothing but comments about thoughts and observations made + * while updating the Arduino ESP8266 Core, with the new upstream umm_malloc. + * It is added here as an include so that it does not get lost and to avoid + * cluttering up the code with a huge block comment. + */ + #include "Notes.h" /* * Added for using with Arduino ESP8266 and handling renameing to umm_malloc.cpp */ From e9401c71f23a5bb8c3a600869314c09f676e476a Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Wed, 9 Oct 2019 20:02:57 -0700 Subject: [PATCH 23/27] Comment updates. --- cores/esp8266/umm_malloc/Notes.h | 58 ++++++++++++++++++++------------ 1 file changed, 37 insertions(+), 21 deletions(-) diff --git a/cores/esp8266/umm_malloc/Notes.h b/cores/esp8266/umm_malloc/Notes.h index 5e9918f33b..7d4c9ca8cc 100644 --- a/cores/esp8266/umm_malloc/Notes.h +++ b/cores/esp8266/umm_malloc/Notes.h @@ -1,5 +1,11 @@ #if 0 /* + * This .h is nothing but comments about thoughts and observations made while + * updating the Arduino ESP8266 Core, with the new upstream umm_malloc. It is + * added as a .h so that it does not get lost and to avoid cluttering up the + * code with a huge block comment. + + PR text description: upstream version of `umm_malloc` customized for Arduino ESP8266 Core @@ -52,7 +58,7 @@ UMM_CRITICAL_METRICS in umm_malloc_cfg.h. =============================================================================== A list of changes made for local adaptation of newer upstream umm_malloc. - + In umm_malloc.c Renamed to umm_malloc.cpp Added `extern "C" { ... };` around code. @@ -67,25 +73,25 @@ UMM_CRITICAL_METRICS in umm_malloc_cfg.h. had a defragging effect. This appears to have been replaced with an attempt to minimize copy when possible. Added heap stats tracking. - + In umm_info.c umm_info() - Added UMM_CRITICAL_DECL(id_info), updated critical sections with tag. Carried forward: Added NULL ptr check at beginning (umm_malloc.c). - + In umm_poison.c: Resolved C++ compiler error reported on get_poisoned(), and get_unpoisoned(). They now take in void * arg instead of unsigned char *. Added #if ... || defined(UMM_POISON_CHECK_LITE) to the conditional. - + In umm_integrity.c: Replaced printf with DBGLOG_FUNCTION. This needs to be a malloc free function and ISR safe. Added critical sections. - + In umm_malloc_cfg.h: Added macro UMM_CRITICAL_SUSPEND()/UMM_CRITICAL_RESUME() - + Globally change across all files %i to %d: umm_info.c, umm_malloc.c, Added a #ifdef BUILD_UMM_MALLOC_C fence to prevent Arduino IDE from building the various .c files that are #included into umm_malloc.cpp. They are @@ -97,24 +103,24 @@ UMM_CRITICAL_METRICS in umm_malloc_cfg.h. umm_integrity_check() is called by macro INTEGRITY_CHECK which returns 1 on success. No corruption. Does a time consuming scan of the whole heap. It will call UMM_HEAP_CORRUPTION_CB if an error is found. - + umm_poison_check(), formerly known as check_poison_all_blocks(), is called by macro POISON_CHECK which returns 1 on success for no corruption. Does a time consuming scan of all active allocations for modified poison. The new upstream version does *NOT* call UMM_HEAP_CORRUPTION_CB if an error is found. The option description says it does! - + umm_poison_realloc() and umm_poison_free() no longer call the macro UMM_HEAP_CORRUPTION_CB on poison error. Just a printf message is generated. I have added alternative functions umm_poison_free_fl, umm_poison_realloc_fl, and get_unpoisoned_check_neighbors in umm_local.cpp. These expand the poison check on the current allocation to include its nearest allocated neighbors in the heap. - + umm_malloc() has been extended to call check_poison_neighbors for the allocation it selects, conditionally for UMM_POISON_CHECK_LITE. - + For upstream umm_malloc "# define POISON_CHECK() 0" should have been 1 add to list to report. @@ -130,31 +136,41 @@ into another error and so on. Objective: To be able to print "last gasp" diagnostic messages when interrupts are disabled and w/o availability of heap resources. -It turns out things are more complicated than that. There are three cases for -printing: +It turns out things are more complicated than that. These are three cases for +printing from the heap and the current solution.: 1. Printing detailed heap info through `umm_info(NULL, 1);`. This function resides in flash and can only be called from non-ISR context. It can use PROGMEM strings. Because SPI bus will not be busy when called from foreground. - Because printing is done from IRQ_LEVEL 15, printf function must be in iRAM or - ROM. - > I don't think I full understand how this can work. If `umm_info` is called - > and not full cached and we raise IRQ_LEVEL 15, how is a cache-miss handled? - > Interrupts? Some hidden internal interrupt? If we can handle cache-miss then - > other flash based functions can be used for printing here. - + + At this time it is assumed that, while running from foreground, a cache-miss + at INTLEVEL 15 can be handled. The key factor being the SPI bus is not + busy at the time of the cache-miss. It is not clear what gets invoked to + process the cache-miss. A software vector call? A hardware assisted transfer? + In any case `umm_info_safe_printf_P()` is also in flash. + + The focus here is to print w/o allocating memory and use strings + in flash to preserve DRAM. + 2. Printing diagnostic messages possibly from from ISR context. - + + Use `ets_uart_printf()` in boot ROM. + 3. Printing diagnostic messages from `heap.cpp` these printf's need to check `system_get_os_print()` to confirm debug-output is enabled just as `os_printf()` did. + Do test calls to `system_get_os_print()` and call `ets_uart_printf()` + in boot ROM when debug print allowed. + Considerations: * can be called from ISR * can be called from malloc code, cannot use malloc * can be called from malloc code that was called from an ISR -* can be called from with in a critical section, eg. xt_rsil(15); +* can be called from within a critical section, eg. xt_rsil(15); * this may be effectively the same as being called from an ISR? + Update: Current thinking is that from foreground we have more leeway + than an ISR. Knowns: * ets_printf - For RTOS SDK they replaced this function with one in the SDK. From 648c0284972f18f5254b0e76a0eb13023af3825c Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Thu, 10 Oct 2019 12:36:20 -0700 Subject: [PATCH 24/27] Notes update. --- cores/esp8266/umm_malloc/Notes.h | 47 +++++++++++++++++++++++++++++++- 1 file changed, 46 insertions(+), 1 deletion(-) diff --git a/cores/esp8266/umm_malloc/Notes.h b/cores/esp8266/umm_malloc/Notes.h index 7d4c9ca8cc..b18388a5d3 100644 --- a/cores/esp8266/umm_malloc/Notes.h +++ b/cores/esp8266/umm_malloc/Notes.h @@ -143,7 +143,7 @@ printing from the heap and the current solution.: resides in flash and can only be called from non-ISR context. It can use PROGMEM strings. Because SPI bus will not be busy when called from foreground. - At this time it is assumed that, while running from foreground, a cache-miss + At this time it is believed that, while running from foreground, a cache-miss at INTLEVEL 15 can be handled. The key factor being the SPI bus is not busy at the time of the cache-miss. It is not clear what gets invoked to process the cache-miss. A software vector call? A hardware assisted transfer? @@ -202,5 +202,50 @@ printing from the heap and the current solution.: * ets_uart_printf - Appears safe. Just no PROGMEM support. Uses uart_buff_switch to select UART. +=============================================================================== + +heap.cpp is the entry point for most of the heap API calls. +It is a merge point for abstracted heap API calls, such as _malloc_r, +pvPortMalloc, and malloc. Thin wrappers are created here for these entry points +and others. The wrappers call through to equivalent umm_malloc entry-point. +These wrappers also provide the access points to do debug options, like OOM, +Integrity Check, and Poison Check. + +-DEBUG_ESP_OOM or select `Debug Level: "OOM"` from the IDE. +This option will add extra code to save information on the last OOM event. If +your code is built with the `Debug port: "Serial"` option, debug messages will +print on OOM events. You do not have to do `Debug port: "Serial"` to get OOM +debug messages. From within your code, you can make a call to +`Serial.debugOutput(true);` to enable OOM printing. Of course for this to work +your code must be built with `Debug Level: "OOM"` or equal. + +-DUUM_POISON is now the same as -DUMM_POISON_CHECK_LITE +This is new behavior with this updated. UMM_POISON_CHECK_LITE - checks the +allocation presented at realloc() and free(). Expands the poison check on the +current allocation to include its nearest allocated neighbors in the heap. +umm_malloc() will also check the neighbors of the selected allocation before +use. + +For more details and options search on UMM_POISON_CHECK in `umm_malloc_cfg.h` + +TODO: provide some interesting numbers on the time to perform: +* UMM_POISON_CHECK +* UMM_INTEGRITY_CHECK +* umm_info(NUll, 0) built with and without print capability +* umm_info(NUll, 1) printing a report to Serial device. + +=============================================================================== + +Enhancement ideas: + 1. Add tagging to heap allocations. Redefine UMM_POISONED_BLOCK_LEN_TYPE, + expand it to include an element for the calling address of allocating + requester. Expand umm_info(NULL, 1) to print the respective address with each + active allocation. The difficulty here will be the ever-growing complexity of + overlapping build options. I think it would be easiest to build this in with + and expand the UMM_POISON_CHECK_LITE option. + + 2. A build option to not have printing, from umm_info() compiled in. This can + save on the execution time spent with interrupts disabled. + */ #endif From eb5a7ca4fed9c3a9f7e4328e7a9b695cd614a91e Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Wed, 23 Oct 2019 17:11:46 -0700 Subject: [PATCH 25/27] Changes to heap.cpp - Refactored macro PTR_CHECK__LOG_LAST_FAIL. Replaced macros __umm_... with uppercase versions. Corrected misplaced POISON_CHECK__PANIC_FL macro in realloc. Added debug free options for OOM and Poison to umm_malloc_cfg.h Updated Notes.h. Lines that start with "//C" are meant to flag reviewer's attention. --- cores/esp8266/heap.cpp | 91 ++++++++++++++--------- cores/esp8266/umm_malloc/Notes.h | 15 ++-- cores/esp8266/umm_malloc/umm_malloc.h | 2 +- cores/esp8266/umm_malloc/umm_malloc_cfg.h | 28 +++++++ 4 files changed, 90 insertions(+), 46 deletions(-) diff --git a/cores/esp8266/heap.cpp b/cores/esp8266/heap.cpp index 3ead6342d1..e339ed762f 100644 --- a/cores/esp8266/heap.cpp +++ b/cores/esp8266/heap.cpp @@ -12,28 +12,28 @@ extern "C" { #if defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) -#define __umm_malloc(s) umm_poison_malloc(s) -#define __umm_calloc(n,s) umm_poison_calloc(n,s) -#define __umm_realloc_fl(p,s,f,l) umm_poison_realloc_fl(p,s,f,l) -#define __umm_free_fl(p,f,l) umm_poison_free_fl(p,f,l) +#define UMM_MALLOC(s) umm_poison_malloc(s) +#define UMM_CALLOC(n,s) umm_poison_calloc(n,s) +#define UMM_REALLOC_FL(p,s,f,l) umm_poison_realloc_fl(p,s,f,l) +#define UMM_FREE_FL(p,f,l) umm_poison_free_fl(p,f,l) #undef realloc #undef free #elif defined(DEBUG_ESP_OOM) -#define __umm_malloc(s) umm_malloc(s) -#define __umm_calloc(n,s) umm_calloc(n,s) -#define __umm_realloc_fl(p,s,f,l) umm_realloc(p,s) -#define __umm_free_fl(p,f,l) umm_free(p) +#define UMM_MALLOC(s) umm_malloc(s) +#define UMM_CALLOC(n,s) umm_calloc(n,s) +#define UMM_REALLOC_FL(p,s,f,l) umm_realloc(p,s) +#define UMM_FREE_FL(p,f,l) umm_free(p) #undef realloc #undef free #else // ! UMM_POISON_CHECK && ! DEBUG_ESP_OOM -#define __umm_malloc(s) malloc(s) -#define __umm_calloc(n,s) calloc(n,s) -#define __umm_realloc_fl(p,s,f,l) realloc(p,s) -#define __umm_free_fl(p,f,l) free(p) +#define UMM_MALLOC(s) malloc(s) +#define UMM_CALLOC(n,s) calloc(n,s) +#define UMM_REALLOC_FL(p,s,f,l) realloc(p,s) +#define UMM_FREE_FL(p,f,l) free(p) #endif @@ -83,21 +83,35 @@ int umm_last_fail_alloc_line = 0; #endif // UMM_INTEGRITY_CHECK #if defined(DEBUG_ESP_OOM) -#define PTR_CHECK__LOG_LAST_FAIL(p, s, a, f, l) \ +#define PTR_CHECK__LOG_LAST_FAIL_FL(p, s, f, l) \ if(0 != (s) && 0 == p)\ {\ - umm_last_fail_alloc_addr = a;\ + umm_last_fail_alloc_addr = __builtin_return_address(0);\ umm_last_fail_alloc_size = s;\ umm_last_fail_alloc_file = f;\ umm_last_fail_alloc_line = l;\ } +#define PTR_CHECK__LOG_LAST_FAIL(p, s) \ + if(0 != (s) && 0 == p)\ + {\ + umm_last_fail_alloc_addr = __builtin_return_address(0);\ + umm_last_fail_alloc_size = s;\ + umm_last_fail_alloc_file = NULL;\ + umm_last_fail_alloc_line = 0;\ + } #else -#define PTR_CHECK__LOG_LAST_FAIL(p, s, a, f, l) \ +#define PTR_CHECK__LOG_LAST_FAIL_FL(p, s, f, l) \ (void)f;\ (void)l;\ if(0 != (s) && 0 == p)\ {\ - umm_last_fail_alloc_addr = a;\ + umm_last_fail_alloc_addr = __builtin_return_address(0);\ + umm_last_fail_alloc_size = s;\ + } +#define PTR_CHECK__LOG_LAST_FAIL(p, s) \ + if(0 != (s) && 0 == p)\ + {\ + umm_last_fail_alloc_addr = __builtin_return_address(0);\ umm_last_fail_alloc_size = s;\ } #endif @@ -106,7 +120,7 @@ void* _malloc_r(struct _reent* unused, size_t size) { (void) unused; void *ret = malloc(size); - PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0), NULL, 0); + PTR_CHECK__LOG_LAST_FAIL(ret, size); return ret; } @@ -120,7 +134,7 @@ void* _realloc_r(struct _reent* unused, void* ptr, size_t size) { (void) unused; void *ret = realloc(ptr, size); - PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0), NULL, 0); + PTR_CHECK__LOG_LAST_FAIL(ret, size); return ret; } @@ -128,7 +142,7 @@ void* _calloc_r(struct _reent* unused, size_t count, size_t size) { (void) unused; void *ret = calloc(count, size); - PTR_CHECK__LOG_LAST_FAIL(ret, count * size, __builtin_return_address(0), NULL, 0); + PTR_CHECK__LOG_LAST_FAIL(ret, count * size); return ret; } @@ -156,7 +170,7 @@ void ICACHE_RAM_ATTR print_loc(size_t size, const char* file, int line) } else { DEBUG_HEAP_PRINTF(file); } - + DEBUG_HEAP_PRINTF(":%d\n", line); } } @@ -175,10 +189,13 @@ void ICACHE_RAM_ATTR print_oom_size(size_t size) #else // ! DEBUG_ESP_OOM #if 1 +//C - to be discussed - is this what you want? //C Skip OOM logging of last fail for malloc/... and pvPort... . //C It cost 64 more bytes of IRAM to turn on. And was not previously enabled. +#undef PTR_CHECK__LOG_LAST_FAIL_FL +#define PTR_CHECK__LOG_LAST_FAIL_FL(p, s, f, l) #undef PTR_CHECK__LOG_LAST_FAIL -#define PTR_CHECK__LOG_LAST_FAIL(p, s, a, f, l) +#define PTR_CHECK__LOG_LAST_FAIL(p, s) #endif #define OOM_CHECK__PRINT_OOM(p, s) @@ -191,8 +208,8 @@ void* ICACHE_RAM_ATTR malloc(size_t size) { INTEGRITY_CHECK__ABORT(); POISON_CHECK__ABORT(); - void* ret = __umm_malloc(size); - PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0), NULL, 0); + void* ret = UMM_MALLOC(size); + PTR_CHECK__LOG_LAST_FAIL(ret, size); OOM_CHECK__PRINT_OOM(ret, size); return ret; } @@ -201,8 +218,8 @@ void* ICACHE_RAM_ATTR calloc(size_t count, size_t size) { INTEGRITY_CHECK__ABORT(); POISON_CHECK__ABORT(); - void* ret = __umm_calloc(count, size); - PTR_CHECK__LOG_LAST_FAIL(ret, count * size, __builtin_return_address(0), NULL, 0); + void* ret = UMM_CALLOC(count, size); + PTR_CHECK__LOG_LAST_FAIL(ret, count * size); OOM_CHECK__PRINT_OOM(ret, size); return ret; } @@ -210,9 +227,9 @@ void* ICACHE_RAM_ATTR calloc(size_t count, size_t size) void* ICACHE_RAM_ATTR realloc(void* ptr, size_t size) { INTEGRITY_CHECK__ABORT(); - void* ret = __umm_realloc_fl(ptr, size, NULL, 0); + void* ret = UMM_REALLOC_FL(ptr, size, NULL, 0); POISON_CHECK__ABORT(); - PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0), NULL, 0); + PTR_CHECK__LOG_LAST_FAIL(ret, size); OOM_CHECK__PRINT_OOM(ret, size); return ret; } @@ -220,7 +237,7 @@ void* ICACHE_RAM_ATTR realloc(void* ptr, size_t size) void ICACHE_RAM_ATTR free(void* p) { INTEGRITY_CHECK__ABORT(); - __umm_free_fl(p, NULL, 0); + UMM_FREE_FL(p, NULL, 0); POISON_CHECK__ABORT(); } #endif @@ -230,8 +247,8 @@ void* ICACHE_RAM_ATTR pvPortMalloc(size_t size, const char* file, int line) { INTEGRITY_CHECK__PANIC_FL(file, line); POISON_CHECK__PANIC_FL(file, line); - void* ret = __umm_malloc(size); - PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0), file, line); + void* ret = UMM_MALLOC(size); + PTR_CHECK__LOG_LAST_FAIL_FL(ret, size, file, line); OOM_CHECK__PRINT_LOC(ret, size, file, line); return ret; } @@ -240,8 +257,8 @@ void* ICACHE_RAM_ATTR pvPortCalloc(size_t count, size_t size, const char* file, { INTEGRITY_CHECK__PANIC_FL(file, line); POISON_CHECK__PANIC_FL(file, line); - void* ret = __umm_calloc(count, size); - PTR_CHECK__LOG_LAST_FAIL(ret, count * size, __builtin_return_address(0), file, line); + void* ret = UMM_CALLOC(count, size); + PTR_CHECK__LOG_LAST_FAIL_FL(ret, count * size, file, line); OOM_CHECK__PRINT_LOC(ret, size, file, line); return ret; } @@ -249,9 +266,9 @@ void* ICACHE_RAM_ATTR pvPortCalloc(size_t count, size_t size, const char* file, void* ICACHE_RAM_ATTR pvPortRealloc(void *ptr, size_t size, const char* file, int line) { INTEGRITY_CHECK__PANIC_FL(file, line); - void* ret = __umm_realloc_fl(ptr, size, file, line); POISON_CHECK__PANIC_FL(file, line); - PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0), file, line); + void* ret = UMM_REALLOC_FL(ptr, size, file, line); + PTR_CHECK__LOG_LAST_FAIL_FL(ret, size, file, line); OOM_CHECK__PRINT_LOC(ret, size, file, line); return ret; } @@ -260,8 +277,8 @@ void* ICACHE_RAM_ATTR pvPortZalloc(size_t size, const char* file, int line) { INTEGRITY_CHECK__PANIC_FL(file, line); POISON_CHECK__PANIC_FL(file, line); - void* ret = __umm_calloc(1, size); - PTR_CHECK__LOG_LAST_FAIL(ret, size, __builtin_return_address(0), file, line); + void* ret = UMM_CALLOC(1, size); + PTR_CHECK__LOG_LAST_FAIL_FL(ret, size, file, line); OOM_CHECK__PRINT_LOC(ret, size, file, line); return ret; } @@ -270,7 +287,7 @@ void ICACHE_RAM_ATTR vPortFree(void *ptr, const char* file, int line) { INTEGRITY_CHECK__PANIC_FL(file, line); POISON_CHECK__PANIC_FL(file, line); - __umm_free_fl(ptr, file, line); + UMM_FREE_FL(ptr, file, line); } size_t ICACHE_RAM_ATTR xPortWantedSizeAlign(size_t size) diff --git a/cores/esp8266/umm_malloc/Notes.h b/cores/esp8266/umm_malloc/Notes.h index b18388a5d3..b67127132a 100644 --- a/cores/esp8266/umm_malloc/Notes.h +++ b/cores/esp8266/umm_malloc/Notes.h @@ -28,14 +28,13 @@ code was added to heap.cpp and umm_local.cpp. neighboring allocations. * UMM_POISON_CHECK - Full heap intensive check of poison -A cautionary note, on the use of UMM_INTEGRITY_CHECK, UMM_POISON_CHECK, and -UMM_INFO_PRINT. All of these run with IRQs disabled, for periods that can go -into 100's of us. With umm_info(NULL, true) that may go into seconds, depending -on the serial interface speed and the number of memory allocations present. Use -UMM_INTEGRITY_CHECK, UMM_POISON_CHECK, and UMM_INFO_PRINT sparingly. -If you want to see numbers for the disabled time, explore using -UMM_CRITICAL_METRICS in umm_malloc_cfg.h. - +A cautionary note, on the use of UMM_INTEGRITY_CHECK and UMM_POISON_CHECK, and +umm_info(). All of these run with IRQs disabled, for periods that can go into +100's of us. With umm_info(NULL, true) that may go into seconds, depending on +the serial interface speed and the number of memory allocations present. Use +UMM_INTEGRITY_CHECK, UMM_POISON_CHECK, and umm_info() sparingly. If you want to +see numbers for the disabled time, explore using UMM_CRITICAL_METRICS in +umm_malloc_cfg.h. =============================================================================== diff --git a/cores/esp8266/umm_malloc/umm_malloc.h b/cores/esp8266/umm_malloc/umm_malloc.h index 725ab5eee4..4c68b72027 100644 --- a/cores/esp8266/umm_malloc/umm_malloc.h +++ b/cores/esp8266/umm_malloc/umm_malloc.h @@ -10,7 +10,7 @@ /* ------------------------------------------------------------------------ */ -//C This include is not in upstream nether are the #ifdef __cplusplus +//C This include is not in upstream neither are the #ifdef __cplusplus #include "umm_malloc_cfg.h" /* user-dependent */ #ifdef __cplusplus diff --git a/cores/esp8266/umm_malloc/umm_malloc_cfg.h b/cores/esp8266/umm_malloc/umm_malloc_cfg.h index ec1b951ddf..9d41d96b4e 100644 --- a/cores/esp8266/umm_malloc/umm_malloc_cfg.h +++ b/cores/esp8266/umm_malloc/umm_malloc_cfg.h @@ -644,14 +644,42 @@ void* ICACHE_RAM_ATTR pvPortMalloc(size_t size, const char* file, int line); void* ICACHE_RAM_ATTR pvPortCalloc(size_t count, size_t size, const char* file, int line); void* ICACHE_RAM_ATTR pvPortRealloc(void *ptr, size_t size, const char* file, int line); void* ICACHE_RAM_ATTR pvPortZalloc(size_t size, const char* file, int line); +void ICACHE_RAM_ATTR vPortFree(void *ptr, const char* file, int line); + #define malloc(s) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; pvPortMalloc(s, mem_debug_file, __LINE__); }) #define calloc(n,s) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; pvPortCalloc(n, s, mem_debug_file, __LINE__); }) #define realloc(p,s) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; pvPortRealloc(p, s, mem_debug_file, __LINE__); }) +#if defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) +#define dbg_heap_free(p) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; vPortFree(p, mem_debug_file, __LINE__); }) +#else +#define dbg_heap_free(p) free(p) +#endif + #elif defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) #include void* ICACHE_RAM_ATTR pvPortRealloc(void *ptr, size_t size, const char* file, int line); #define realloc(p,s) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; pvPortRealloc(p, s, mem_debug_file, __LINE__); }) + +void ICACHE_RAM_ATTR vPortFree(void *ptr, const char* file, int line); +//C - to be discussed +/* + Problem, I would like to report the file and line number with the umm poison + event as close as possible to the event. The #define method works for malloc, + calloc, and realloc those names are not as generic as free. A #define free + captures too much. Classes with methods called free are included :( + Inline functions would report the address of the inline function in the .h + not where they are called. + + Anybody know a trick to make this work? + + Create dbg_heap_free() as an alternative for free() when you need a little + more help in debugging the more challenging problems. +*/ +#define dbg_heap_free(p) ({ static const char mem_debug_file[] PROGMEM STORE_ATTR = __FILE__; vPortFree(p, mem_debug_file, __LINE__); }) + +#else +#define dbg_heap_free(p) free(p) #endif /* DEBUG_ESP_OOM */ #ifdef __cplusplus From 3c77efe5c687bc2b547d7b5faba345b7812ebd8e Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Thu, 24 Oct 2019 10:49:31 -0700 Subject: [PATCH 26/27] Corrected Full Poison Check's placement and documented the thinking behind its placement and Integrity Checks placement with relation to the *alloc function. Just so I don't forget again :/ --- cores/esp8266/heap.cpp | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/cores/esp8266/heap.cpp b/cores/esp8266/heap.cpp index e339ed762f..cf4195c9f4 100644 --- a/cores/esp8266/heap.cpp +++ b/cores/esp8266/heap.cpp @@ -203,7 +203,24 @@ void ICACHE_RAM_ATTR print_oom_size(size_t size) #endif #if defined(DEBUG_ESP_OOM) || defined(UMM_POISON_CHECK) || defined(UMM_POISON_CHECK_LITE) || defined(UMM_INTEGRITY_CHECK) +/* + The thinking behind the ordering of Integrity Check, Full Poison Check, and + the specific *alloc function. + 1. Integrity Check - verifies the heap management information is not corrupt. + This allows any other testing, that walks the heap, to run safely. + + 2. Place Full Poison Check before or after a specific *alloc function? + a. After, when the *alloc function operates on an existing allocation. + b. Before, when the *alloc function creates a new, not modified, allocation. + + In a free() or realloc() call, the focus is on their allocation. It is + checked 1st and reported on 1ST if an error exists. Full Posion Check is + done after. + + For malloc(), calloc(), and zalloc() Full Posion Check is done 1st since + these functions do not modify an existing allocation. +*/ void* ICACHE_RAM_ATTR malloc(size_t size) { INTEGRITY_CHECK__ABORT(); @@ -266,8 +283,8 @@ void* ICACHE_RAM_ATTR pvPortCalloc(size_t count, size_t size, const char* file, void* ICACHE_RAM_ATTR pvPortRealloc(void *ptr, size_t size, const char* file, int line) { INTEGRITY_CHECK__PANIC_FL(file, line); - POISON_CHECK__PANIC_FL(file, line); void* ret = UMM_REALLOC_FL(ptr, size, file, line); + POISON_CHECK__PANIC_FL(file, line); PTR_CHECK__LOG_LAST_FAIL_FL(ret, size, file, line); OOM_CHECK__PRINT_LOC(ret, size, file, line); return ret; @@ -286,8 +303,8 @@ void* ICACHE_RAM_ATTR pvPortZalloc(size_t size, const char* file, int line) void ICACHE_RAM_ATTR vPortFree(void *ptr, const char* file, int line) { INTEGRITY_CHECK__PANIC_FL(file, line); - POISON_CHECK__PANIC_FL(file, line); UMM_FREE_FL(ptr, file, line); + POISON_CHECK__PANIC_FL(file, line); } size_t ICACHE_RAM_ATTR xPortWantedSizeAlign(size_t size) From 0eaa613d9ebee3ef894a8eca9d0a2e514f15f75c Mon Sep 17 00:00:00 2001 From: M Hightower <27247790+mhightower83@users.noreply.github.com> Date: Mon, 28 Oct 2019 23:03:37 -0700 Subject: [PATCH 27/27] Fixed typos --- cores/esp8266/umm_malloc/Notes.h | 5 +++-- cores/esp8266/umm_malloc/README.md | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/cores/esp8266/umm_malloc/Notes.h b/cores/esp8266/umm_malloc/Notes.h index b67127132a..e9d96b1e83 100644 --- a/cores/esp8266/umm_malloc/Notes.h +++ b/cores/esp8266/umm_malloc/Notes.h @@ -129,7 +129,7 @@ umm_malloc_cfg.h. Notes from searching for the best print option Printing from the malloc routines is tricky. Since a print library -might call *alloc. Then recusion may follow as each error call may fail +might call *alloc. Then recursion may follow as each error call may fail into another error and so on. Objective: To be able to print "last gasp" diagnostic messages @@ -188,6 +188,7 @@ printing from the heap and the current solution.: is performed by calling uart_buff_switch with 0 for UART0 and 1 for UART1. This should work for our purpose here, if handled as follows: * call uart_buff_switch at each printf call to reselect UART + * Update: uart_buff_switch is now updated by uart_set_debug() in uart.cpp * use a stack buffer to hold a copy the PROGMEM string to print from. * use ets_vprintf for printing with putc1 function. * os_printf_plus looks interesting. It is in IRAM. If no heap is available it @@ -196,7 +197,7 @@ printing from the heap and the current solution.: * Printing is turned off by system_set_os_print * putc1 needs to be in IRAM - this is a uart.cpp issue * Need to force system_get_free_heap_size to return 0 during critical periods. - * won't work for umm_info it prints over 64 characters. + * won't work for umm_info if it prints over 64 characters. * along with umm_info there are other debug messages that exceed 64 characters. * ets_uart_printf - Appears safe. Just no PROGMEM support. Uses uart_buff_switch to select UART. diff --git a/cores/esp8266/umm_malloc/README.md b/cores/esp8266/umm_malloc/README.md index 23eddcaf8b..f81aa09ccc 100644 --- a/cores/esp8266/umm_malloc/README.md +++ b/cores/esp8266/umm_malloc/README.md @@ -113,7 +113,7 @@ embedded system, this can get pretty expensive as each pointer can use up to 32 bits. In most embedded systems there is no need for managing a large quantity -of memory block dynamically, so a full 32 bit pointer based data structure +of memory blocks dynamically, so a full 32 bit pointer based data structure for the free and used block lists is wasteful. A block of memory on the free list would use 16 bytes just for the pointers!