Commit Graph

22 Commits

Author SHA1 Message Date
Simon Glass
62d638386c test: Support testing malloc() failures
It is helpful to test that out-of-memory checks work correctly in code
that calls malloc().

Add a simple way to force failure after a given number of malloc() calls.

Fix a header guard to avoid a build error on sandbox_vpl.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Sean Anderson <seanga2@gmail.com>
2022-09-29 16:07:58 -04:00
Sean Anderson
bdaeea1b68 malloc: Annotate allocator for valgrind
This annotates malloc and friends so that valgrind can track the heap. To
do this, we need to follow a few rules:

* Call VALGRIND_MALLOCLIKE_BLOCK whenever we malloc something
* Call VALGRIND_FREELIKE_BLOCK whenever we free something (generally after
  we have done our bookkeeping)
* Call VALGRIND_RESIZEINPLACE_BLOCK whenever we change the size of an
  allocation. We don't record the original request size of a block, and
  neither does valgrind. For this reason, we pretend that the old size of
  the allocation was for 0 bytes. This marks the whole allocaton as
  undefined, so in order to mark all bits correctly, we must make the whole
  new allocation defined with VALGRIND_MAKE_MEM_DEFINED. This may cause us
  to miss some invalid reads, but there is no way to detect these without
  recording the original size of the allocation.

In addition to the above, dlmalloc itself tends to make a lot of accesses
which we know are safe, but which would be unsafe outside of dlmalloc. For
this reason, we provide a suppression file which ignores errors ocurring in
dlmalloc.c

Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-04-11 10:00:30 -04:00
Heinrich Schuchardt
5ad9220bf7 malloc: add SPDX license identifiers
The original code is in the public domain. Licenses/README states that the
general license for U-Boot is GPL 2.0+. So we can mark the malloc code as
GPL 2.0+ too.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-06-23 08:45:03 -04:00
Simon Glass
c197f6e279 malloc: Export malloc_simple_info()
Export this function always so it can be used behind IS_ENABLED() instead
of requiring an #ifdef.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-03-27 15:04:31 +13:00
Heinrich Schuchardt
c6bf4f3898 malloc: adjust memcpy() and memset() definitions.
Compiling the sandbox fails on armv7 due to conflicting definitions of
memcpy() and memset() in include/malloc.h and include/linux/string.h.

Use linux/string.h here.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-02-24 16:51:48 -05:00
Simon Glass
cfda60f99a sandbox: Use a prefix for all allocation functions
In order to allow use of both U-Boot's malloc() and the C library's
version, set a prefix for the allocation functions so that they can
co-exist.

This is only done for sandbox. For other archs everything remains the
same.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-02-05 19:33:46 -07:00
Andreas Dannenberg
4c6be01c27 malloc: Fix memalign not honoring alignment prior to full malloc init
When using memalign() in a scenario where U-Boot is configured for full
malloc support with simple malloc not explicitly enabled and before the
full malloc support is initialized, a memory block is being allocated
and returned without the alignment parameter getting honored.

Fix this issue by replacing the existing memalign pre-full malloc init
logic with a call to memalign_simple() this way ensuring proper alignment
of the returned memory block.

Fixes: ee038c58d5 ("malloc: Use malloc simple before malloc is fully initialized in memalign()")
Signed-off-by: Andreas Dannenberg <dannenberg@ti.com>
Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com>
2019-04-23 17:57:27 -04:00
Simon Glass
7cbd2d2e32 malloc_simple: Add logging of allocations
It is sometimes useful to see what memory is being allocated early during
boot. Add logging to support this, using a new LOGC_ALLOC category.

Signed-off-by: Simon Glass <sjg@chromium.org>
2018-11-29 09:30:05 -07:00
Stephen Warren
2f0bcd4de1 malloc: use hidden visibility
When running sandbox, the following phases occur, each with different
malloc implementations or behaviors:

1) Dynamic linker execution, using the dynamic linker's own malloc()
implementation. This is fully functional.

2) After U-Boot's malloc symbol has been hooked into the GOT, but before
any U-Boot code has run. This phase is entirely non-functional, since
U-Boot's gd symbol is NULL and U-Boot's initf_malloc() and
mem_malloc_init() have not been called.

At least on Ubuntu Xenial, the dynamic linker does make both malloc() and
free() calls during this phase. Currently these free() calls crash since
they dereference gd, which is NULL.

U-Boot itself makes no use of malloc() during this phase.

3) U-Boot execution after gd is set and initf_malloc() has been called.
This is fully functional, albeit via a very simple malloc()
implementation.

4) U-Boot execution after mem_malloc_init() has been called. This is fully
functional with a complete malloc() implementation.

Furthermore, if code that called malloc() during phase 1 calls free() in
phase 3 or later, it is likely that heap corruption will occur, since
U-Boot's malloc implementation will assume the pointer is part of its own
heap, although it isn't. I have not actively observed this happening.

To prevent phase 2 from happening, this patch makes all of U-Boot's malloc
library public symbols have hidden visibility. This prevents them from
being hooked into the GOT, so only code in the U-Boot binary itself
actually calls them; any other code will call into the standard C library
malloc(). This also avoids the "furthermore" issue mentioned above.

I have seen references to this GCC pragma in blog posts from 2008, and
RHEL5's ancient gcc appears to accept it fine, so I believe it's quite
safe to use it without checking gcc version.

Cc: Rabin Vincent <rabin@rab.in>
Signed-off-by: Stephen Warren <swarren@wwwdotorg.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2016-03-08 15:01:47 -05:00
Hans de Goede
1eb0c03c21 malloc_simple: Add Kconfig option for using only malloc_simple in the SPL
common/dlmalloc.c is quite big, both in .text and .data usage, therefor
on some boards the SPL is build to use only malloc_simple.c and not the
dlmalloc.c code. This is done in various include/configs/foo.h with the
following construct:

 #ifdef CONFIG_SPL_BUILD
 #define CONFIG_SYS_MALLOC_SIMPLE
 #endif

This commit introduces a SPL_MALLOC_SIMPLE Kconfig bool which allows
selecting this functionality through Kconfig instead.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Acked-by: Simon Glass <sjg@chromium.org>
2015-10-20 18:40:27 +02:00
Simon Glass
fb5cf7f16b Move initf_malloc() to a common place
To allow this function to be used from SPL, move it to the malloc()
code.

Signed-off-by: Simon Glass <sjg@chromium.org>
2015-04-23 09:05:53 -06:00
Simon Glass
c9356be307 dm: Split the simple malloc() implementation into its own file
The simple malloc() implementation is used when memory is tight. It provides
a simple buffer with an incrementing pointer.

At present the implementation is inside dlmalloc. Move it into its own file
so that it is easier to find.

Rather than using relocation as a signal that the full malloc() is
available, add a special GD_FLG_FULL_MALLOC_INIT flag. This signals that the
simple malloc() should no longer be used.

In some cases, such as SPL, even the code space used by the full malloc() is
wasteful. Add a CONFIG_SYS_MALLOC_SIMPLE option to provide only the simple
malloc. In this case the full malloc is not available at all. It saves about
1KB of code space and about 0.5KB of data on Thumb 2.

Acked-by: Tom Rini <trini@ti.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
2014-11-21 08:12:28 +01:00
York Sun
472d546054 Consolidate bool type
'bool' is defined in random places. This patch consolidates them into a
single header file include/linux/types.h, using stdbool.h introduced in C99.

All other #define, typedef and enum are removed. They are all consistent with
true = 1, false = 0.

Replace FALSE, False with false. Replace TRUE, True with true.
Skip *.py, *.php, lib/* files.

Signed-off-by: York Sun <yorksun@freescale.com>
2013-04-01 16:33:52 -04:00
Gabor Juhos
7b395232da malloc: make malloc_bin_reloc static
On architectures where manual relocation
is needed, the 'malloc_bin_reloc' function
must be called after 'mem_malloc_init'.

Make the 'malloc_bin_reloc' function static
and call it directly from 'mem_malloc_init'
instead of calling that from board_init_{r,f}
functions of the affected architectures.

Signed-off-by: Gabor Juhos <juhosg@openwrt.org>
Cc: Wolfgang Denk <wd@denx.de>
Cc: Andreas Bießmann <andreas.devel@gmail.com>
Cc: Jason Jin <Jason.jin@freescale.com>
Cc: Macpaul Lin <macpaul@andestech.com>
Cc: Daniel Hellstrom <daniel@gaisler.com>
Cc: Daniel Schwierzeck <daniel.schwierzeck@googlemail.com>
2013-02-19 17:01:26 -05:00
Daniel Schwierzeck
00d0d2ad4e malloc: remove extern declarations of malloc_bin_reloc() in board.c files
Declare malloc_bin_reloc() in malloc.h and remove all extern declarations
in various board.c files to get rid of one checkpatch.pl warning.

Signed-off-by: Daniel Schwierzeck <daniel.schwierzeck@googlemail.com>
Cc: Wolfgang Denk <wd@denx.de>
Cc: Andreas Bießmann <andreas.devel@gmail.com>
Cc: Jason Jin <Jason.jin@freescale.com>
Cc: Macpaul Lin <macpaul@andestech.com>
Cc: Daniel Hellstrom <daniel@gaisler.com>
Acked-by: Andreas Bießmann <andreas.devel@gmail.com>
2012-09-26 11:08:32 -07:00
Marek Vasut
213adf6dff Malloc: Fix -Wundef warnings
In file included from arch/arm/lib/board.c:43:0:
include/malloc.h:490:5: warning: "HAVE_MMAP" is not defined [-Wundef]
include/malloc.h:590:5: warning: "HAVE_USR_INCLUDE_MALLOC_H" is not defined [-Wundef]
include/malloc.h:757:5: warning: "HAVE_MMAP" is not defined [-Wundef]

Signed-off-by: Marek Vasut <marek.vasut@gmail.com>
Cc: Wolfgang Denk <wd@denx.de>
2012-08-09 22:04:52 +02:00
Simon Glass
21726a7afc Add assert() for debug assertions
assert() is like BUG_ON() but compiles to nothing unless DEBUG is defined.
This is useful when a condition is an error but a board reset is unlikely
to fix it, so it is better to soldier on in hope. Assertion failures should
be caught during development/test.

It turns out that assert() is defined separately in a few places in U-Boot
with various meanings. This patch cleans up some of these.

Build errors exposed by this change (and defining DEBUG) are also fixed in
this patch.

Signed-off-by: Simon Glass <sjg@chromium.org>
2011-09-10 00:04:01 +02:00
Peter Tyser
d4e8ada0f6 Consolidate arch-specific mem_malloc_init() implementations
Signed-off-by: Peter Tyser <ptyser@xes-inc.com>
2009-09-04 21:47:07 +02:00
Peter Tyser
5e93bd1c9a Consolidate arch-specific sbrk() implementations
Signed-off-by: Peter Tyser <ptyser@xes-inc.com>
2009-09-04 21:45:39 +02:00
Jean-Christophe PLAGNIOL-VILLARD
60a3f404ac malloc.h: protect it against multiple include
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
2009-07-19 21:34:45 +02:00
wdenk
8bde7f776c * Code cleanup:
- remove trailing white space, trailing empty lines, C++ comments, etc.
  - split cmd_boot.c (separate cmd_bdinfo.c and cmd_load.c)

* Patches by Kenneth Johansson, 25 Jun 2003:
  - major rework of command structure
    (work done mostly by Michal Cendrowski and Joakim Kristiansen)
2003-06-27 21:31:46 +00:00
wdenk
5b1d713721 Initial revision 2002-11-03 00:07:02 +00:00