Propagate `n * size` as the size of the failed allocation
instead of just `size` when heap_caps_calloc() fails since
`n * size` is the actual number of bytes that the heap
component tried to allocate.
The integrity_walker now calls the integrity check hook to control
free AND used blocks of memory in the TLSF pool. This integrity walker
function is called from tlsf_check_pool.
This commit creates a patch of integrity_walker function to update the
outdated implementation in the ROM.
This commit updates the tlsf submodule to include the modification made in the component
aiming to perform integrity check on all blocks (not only the free ones).
Added test to test the fix in test_apps/heap_tests.
Fixes https://github.com/espressif/esp-idf/issues/12231
The commit fixes the case:
If variables in RTC RAM have been moved around by the linker,
they will be filled with garbage data. Any reset other than OTA would work fine
because the variables would still be initialized from the initial bootup.
So now system time will be valid even after OTA.
Closes https://github.com/espressif/esp-idf/issues/9448
When light (or comprehensive) poisoning is enabled, the size requested by the user for allocation
is extended by a few bytes to store the canary header and footer. heap_caps_get_allocated_size() should
return the original size asked by the user (without the additional canary bytes).
test_malloc.c extended with a new test assuring that heap_caps_get_allocated_size() returns the proper size
regardless of the degree of poisoning.
If memory protection is enabled on esp32c3 and esp32s3, we don't want to the heap component to see
the startup stack memory as D/IRAM but as DRAM only. Introduce a new type to make this possible in
the same fashion the regular D/IRAM regions are handled.
The tlsf now checks for size validity when creating a new heap.
The check previously done in multi_heap_register_impl() is no longer
valid since the tlsf_size() is not known at this time (as the metadata
size is linked ot the size of the memory region passed as parameter
when calling tlsf_create_with_pool())
The tlsf_create_with_pool() will return a null pointer if the size
of the memory is not big enough to hold the metadata overhead and
at least a small block.
Update the test according to the changes in TLSF API
On xtensa architecture, the call to __assert_func uses a reference to __func__ that can
sometimes be placed in flash. Since the __asert_func can be called from functions in IRAM
the check_callgraph script can report an error when checking for invalid calls from IRAM
to flash sections. However, the __asert_func prevents this scenario at runtime so the
check_callgraph script reports a 'flas positive' situation. For this reasson, all references
to __func__$x found prior to a call to __assert_func are droped in the parsing of the rtl files.
this commits:
- adds build-time test to check that no call to flash regions are done from IRAM functions
- resolves problems related to IRAM function using content in flash memory
- update heap_caps_alloc_failed to use a default function name in DRAM
when necessary instead of creating a function name variable in DRAM for
each call of heap_caps_alloc_failed. This allows to save some extra bytes
in RAM.
This commits adds a internal.md file in the heap directory to clarify the idea behind
which functions is placed in IRAM or in flash.
A section in mem_alloc.rst documentation is added to specify which functions from the
heap component API can be used in interrupt handlers.
This commit aims to place in the IRAM section only the functions that
are relevent for performance instead of placing the entire content of
multi_heap.c, mullti_heap_poisoning.c and tlsf.c in the IRAM.
All the partition handling API functions and data-types were moved from the 'spi_flash' component to the new one named 'esp_partition'. See Storage 5.x migration guide for more details
Previously, condition_4 was making impossible the valid scenario
start > heap_start && end == heap_end.
Now, the end == heap_end and start == heap_start case is handled
separately allowing the case start > heap_start && ned == heap_end
to be considered a valid scenario
This commit extends the heap test set by adding a test to check corruption
detection in free memory block.
For each byte of the free block memory, the test changes the value of the byte,
call multi_heap_check(), make sure that the function returns 'corruption detected'
only when comprehensive poisoning is set, restore the good value of the byte, calls
multi_heap_check() again and make sure that it returns 'OK'.
The tlsf implementation in the ROM does not provide a mechanism
to register a callback to be called in by tlsf_check().
This commit is creating a patch of the tlsf implementation to provide
a definition of the function allowing to register the callback called
in tlsf_check() and add the call of this callback in tlsf_check().
This patch is only compiled for target(s) with ESP_ROM_HAS_HEAP_TLSF
set and ESP_ROM_TLSF_CHECK_PATCH set. For all the other configurations
the environment remains unchanged by those modifications.
Add the definition of tlsf_check_hook() in multi_heap if MULTI_HEAP_POISONING
is set. This definition calls the multi_heap_internal_check_block_poisoning()
to check the memory of a free block for corruption. If the light poisoinng is
set this function returns true. If the comprehensive poisoning is set, this
function will check that all byte of memory in the memory chunk passed as parameter
are set to the right FILL pattern.
Don't call heap_caps_alloc_failed() for malloc(0) and calloc(0), because it is not an error.
Improve handling of malloc(0) and calloc(0).
Merges https://github.com/espressif/esp-idf/pull/9517
- The declaration is moved to esp_rom/include/esp32c2/rom/tlsf.h.
- multi_heap_poisoning.h now includes rom/tlsf.h instead of declaring
tlsf_poison_fill_pfunc_set().
Note: If more targets will support an implementation of the TLSF in ROM,
esp_rom will be extended with new headers in the respective target directories
but multi_heap_poisoning.h will remain unchanged.
When CONFIG_SPIRAM is set, the TLSF_MAX_POOL_SIZE is set to SOC_EXTRAM_DATA_SIZE
which caused the TLSF_MAX_POOL_SIZE to be bigger than 16MB.
This commit fixes the issue by adding an extra else if case to cover this configuration.
- include headers from the tlsf submodule only when CONFIG_HEAP_TLSF_USE_ROM_IMPL is not set
- remove usage of the tlsf_t type in the multi_heap.c
- add missing declaration of tlsf_poison_fill_pfunc_set() in multi_heap_poisoning.c
- define headers from tlsf submodule as private
- update the linker file in the heap component to the new naming of the tlsf file
- update the copyright docuementation to reference the submodule in github (https://github.com/espressif/tlsf)
- remove deleted files from the check_copyright_ignore.txt
As the tlsf implementation is a fork from https://github.com/mattconte/tlsf,
the sources are moved to a separate repository and used as a submodule in the esp-idf instead.
In this commit:
- Removing TLSF related files and using tlsf submodule instead.
- Adding components/heap/tlsf_platform.h header gathering all IDF specifics.
- The multi_heap_poisoning.c provides the declaration of the
function block_absorb_post_hook() definied weak in the TLSF repository.
- The tlsf_platform.h includes the tlsf_common.h file after the definition
of FL_INDEX_MAX_PLATFORM macro to make sure that this macro will be available
in tlsf_common.h without having to include tlaf_platform.h from IDF in the
tlsf_common.h header from the TLSF repository.
- Add missing include from tlsf_block_functions.h in the multi_heap.c file.
Change related to the changes made in TLSF repository (tlsf_block_functions.h
no longer included in tlsf.h)
