On xtensa architecture, the call to __assert_func uses a reference to __func__ that can
sometimes be placed in flash. Since the __asert_func can be called from functions in IRAM
the check_callgraph script can report an error when checking for invalid calls from IRAM
to flash sections. However, the __asert_func prevents this scenario at runtime so the
check_callgraph script reports a 'flas positive' situation. For this reasson, all references
to __func__$x found prior to a call to __assert_func are droped in the parsing of the rtl files.
this commits:
- adds build-time test to check that no call to flash regions are done from IRAM functions
- resolves problems related to IRAM function using content in flash memory
- update heap_caps_alloc_failed to use a default function name in DRAM
when necessary instead of creating a function name variable in DRAM for
each call of heap_caps_alloc_failed. This allows to save some extra bytes
in RAM.
This commits adds a internal.md file in the heap directory to clarify the idea behind
which functions is placed in IRAM or in flash.
A section in mem_alloc.rst documentation is added to specify which functions from the
heap component API can be used in interrupt handlers.
This commit aims to place in the IRAM section only the functions that
are relevent for performance instead of placing the entire content of
multi_heap.c, mullti_heap_poisoning.c and tlsf.c in the IRAM.
- When PSRAM is enabled, the heap integrity check APIs
(`heap_caps_check_integrity` and `heap_caps_check_integrity_all`)
take more time to execute and keep the interrupts disabled for a
longer time.
The tlsf now checks for size validity when creating a new heap.
The check previously done in multi_heap_register_impl() is no longer
valid since the tlsf_size() is not known at this time (as the metadata
size is linked ot the size of the memory region passed as parameter
when calling tlsf_create_with_pool())
The tlsf_create_with_pool() will return a null pointer if the size
of the memory is not big enough to hold the metadata overhead and
at least a small block.
Update the test according to the changes in TLSF API
- update the target and host tests to consider the new TLSF api and the metadata size
only when the target is not using the rom implementation of the TLSF
Previously, condition_4 was making impossible the valid scenario
start > heap_start && end == heap_end.
Now, the end == heap_end and start == heap_start case is handled
separately allowing the case start > heap_start && ned == heap_end
to be considered a valid scenario
This commit extends the heap test set by adding a test to check corruption
detection in free memory block.
For each byte of the free block memory, the test changes the value of the byte,
call multi_heap_check(), make sure that the function returns 'corruption detected'
only when comprehensive poisoning is set, restore the good value of the byte, calls
multi_heap_check() again and make sure that it returns 'OK'.
The tlsf implementation in the ROM does not provide a mechanism
to register a callback to be called in by tlsf_check().
This commit is creating a patch of the tlsf implementation to provide
a definition of the function allowing to register the callback called
in tlsf_check() and add the call of this callback in tlsf_check().
This patch is only compiled for target(s) with ESP_ROM_HAS_HEAP_TLSF
set and ESP_ROM_TLSF_CHECK_PATCH set. For all the other configurations
the environment remains unchanged by those modifications.
Add the definition of tlsf_check_hook() in multi_heap if MULTI_HEAP_POISONING
is set. This definition calls the multi_heap_internal_check_block_poisoning()
to check the memory of a free block for corruption. If the light poisoinng is
set this function returns true. If the comprehensive poisoning is set, this
function will check that all byte of memory in the memory chunk passed as parameter
are set to the right FILL pattern.
Don't call heap_caps_alloc_failed() for malloc(0) and calloc(0), because it is not an error.
Improve handling of malloc(0) and calloc(0).
Merges https://github.com/espressif/esp-idf/pull/9517
bugfix: esp32s3 DCache data memory is retention dma inaccessible
Closes IDFCI-1409, IDFCI-1410, IDFCI-1411, IDFCI-1412, and IDFCI-1413
See merge request espressif/esp-idf!19365
- The declaration is moved to esp_rom/include/esp32c2/rom/tlsf.h.
- multi_heap_poisoning.h now includes rom/tlsf.h instead of declaring
tlsf_poison_fill_pfunc_set().
Note: If more targets will support an implementation of the TLSF in ROM,
esp_rom will be extended with new headers in the respective target directories
but multi_heap_poisoning.h will remain unchanged.
When CONFIG_SPIRAM is set, the TLSF_MAX_POOL_SIZE is set to SOC_EXTRAM_DATA_SIZE
which caused the TLSF_MAX_POOL_SIZE to be bigger than 16MB.
This commit fixes the issue by adding an extra else if case to cover this configuration.
- include headers from the tlsf submodule only when CONFIG_HEAP_TLSF_USE_ROM_IMPL is not set
- remove usage of the tlsf_t type in the multi_heap.c
- add missing declaration of tlsf_poison_fill_pfunc_set() in multi_heap_poisoning.c
- define headers from tlsf submodule as private
- update the linker file in the heap component to the new naming of the tlsf file
- update the copyright docuementation to reference the submodule in github (https://github.com/espressif/tlsf)
- remove deleted files from the check_copyright_ignore.txt
As the tlsf implementation is a fork from https://github.com/mattconte/tlsf,
the sources are moved to a separate repository and used as a submodule in the esp-idf instead.
In this commit:
- Removing TLSF related files and using tlsf submodule instead.
- Adding components/heap/tlsf_platform.h header gathering all IDF specifics.
- The multi_heap_poisoning.c provides the declaration of the
function block_absorb_post_hook() definied weak in the TLSF repository.
- The tlsf_platform.h includes the tlsf_common.h file after the definition
of FL_INDEX_MAX_PLATFORM macro to make sure that this macro will be available
in tlsf_common.h without having to include tlaf_platform.h from IDF in the
tlsf_common.h header from the TLSF repository.
- Add missing include from tlsf_block_functions.h in the multi_heap.c file.
Change related to the changes made in TLSF repository (tlsf_block_functions.h
no longer included in tlsf.h)
This commit marks all functions in interrupt_controller_hal.h, cpu_ll.h and cpu_hal.h as deprecated.
Users should use functions from esp_cpu.h instead.
heap_caps_*_prefer functions will now only call heaps_caps_alloc_failed
callback if all attempts to allocation memory fail (and not after each attempt
anymore).
* Closes https://github.com/espressif/esp-idf/issues/9086
Regression was introduced in 32408b718f, which disallowed
addition of heap region with following condition:
`new_start < start && new_end == start`
This caused issues in Bluetooth APIs `esp_bt_mem_release` or `esp_bt_controller_mem_release`.
This commit fixes the problem and also adds API documentation for supported memory address
ranges in heap add region APIs.
A memory region starts from REGION_START and ends at
(REGION_START+SIZE-1).
Prior to this change, the check assumes a to-be-added region starting from REGION_START is invalid. Let's take an easy example:
A memory region: 0x1000~0x10ff
new added region: 0x1000~0x1020
This will be valid.
Valid conditions and invalid conditions are illustrated in the code comment
Fix a bug that could return a chunk of memory smaller than requested,
easily leading to a memory corruption, when the required memory alignment
passed to the allocator is 4.
This commit updates the chip independent system chapters of the
programming guide for esp32s3.
Signed-off-by: Sudeep Mohanty <sudeep.mohanty@espressif.com>
Add TRY_ENTRY_CRITICAL() API to all for timeouts when entering critical sections.
The following port API were added:
- portTRY_ENTER_CRITICAL()
- portTRY_ENTER_CRITICAL_ISR()
- portTRY_ENTER_CRITICAL_SAFE()
Deprecated legacy spinlock API in favor of spinlock.h. The following API were deprecated:
- vPortCPUInitializeMutex()
- vPortCPUAcquireMutex()
- vPortCPUAcquireMutexTimeout()
- vPortCPUReleaseMutex()
Other Changes:
- Added portMUX_INITIALIZE() to replace vPortCPUInitializeMutex()
- The assembly of the critical section functions ends up being about 50 instructions longer,
thus the spinlock test pass threshold had to be increased to account for the extra runtime.
Closes https://github.com/espressif/esp-idf/issues/5301
Software support for PMS module.
Allows controlled memory access to IRAM (R/W/X) and DRAM0 (R/W)
On/locked by default, configurable in Kconfig (esp_system)
Closes https://jira.espressif.com:8443/browse/IDF-2092
* Target components pull in xtensa component directly
* Use CPU HAL where applicable
* Remove unnecessary xtensa headers
* Compilation changes necessary to support non-xtensa gcc types (ie int32_t/uint32_t is no
longer signed/unsigned int).
Changes come from internal branch commit a6723fc
heap: ported tlsf allocator into multi heap
heap_host_tests: added tlsf allocator into host test
heap_host_test: update freebytes after using free
heap_tests: tlsf now passing on host tests without poisoning
multi_heap: added support for memalign using tlsf implementation
heap_caps: removed heap_caps_aligned_free
heap/test: fixed broken aligned alloc test build
heap: added poisoning pattern when blocks are being merged
heap/tests: added timing tests for memory allocation
heap: reduced tlsf structure overhead
heap/tlsf: made all short functions inside of tlsf module as inline to improve timings
heap: moved tlsf heap routines outside of flash memory
newlib: linked multiheap memalign with newlib memalign function
heap: moved block member functions to a separate file so multi_heap can use the functions
heap/test: improved the tlsf timing test
heap/test: added memalign on aligned alloc tests
heap: moved tlsf configuration constants to a separated file
heap: added random allocations test with timings
heap: modified the calculation of heap free bytes
heap: make aligned free true deprecated functions and update their documentation
heap: add extra assert after successive mallocs on small allocation host test
heap: remove legacy aligned alloc implementation.
performance: added malloc and free time performance default values
* changing dependencies from unity->cmock
* added component.mk and Makefile.projbuild
* ignore test dir in gen_esp_err_to_name.py
* added some brief introduction of CMock in IDF
Goal is that multiple faults would be required to bypass a boot-time signature check.
- Also strengthens some address range checks for safe app memory addresses
- Change pre-enable logic to also check the bootloader signature before enabling SBV2 on ESP32
Add some additional checks for invalid sections:
- Sections only partially in DRAM or IRAM are invalid
- If a section is in D/IRAM, allow the possibility only some is in D/IRAM
- Only pass sections that are entirely in the same type of RTC memory region
Configurable option to use IRAM as byte accessible memory (in single core mode) using
load-store (non-word aligned and non-word size IRAM access specific) exception handlers.
This allows to use IRAM for use-cases where certain performance penalty
(upto 170 cpu cycles per load or store operation) is acceptable. Additional configuration
option has been provided to redirect mbedTLS specific in-out content length buffers to
IRAM (in single core mode), allows to save 20KB per TLS connection.