1 | /**
|
---|
2 | * @file
|
---|
3 | * Dynamic memory manager
|
---|
4 | *
|
---|
5 | * This is a lightweight replacement for the standard C library malloc().
|
---|
6 | *
|
---|
7 | * If you want to use the standard C library malloc() instead, define
|
---|
8 | * MEM_LIBC_MALLOC to 1 in your lwipopts.h
|
---|
9 | *
|
---|
10 | * To let mem_malloc() use pools (prevents fragmentation and is much faster than
|
---|
11 | * a heap but might waste some memory), define MEM_USE_POOLS to 1, define
|
---|
12 | * MEMP_USE_CUSTOM_POOLS to 1 and create a file "lwippools.h" that includes a list
|
---|
13 | * of pools like this (more pools can be added between _START and _END):
|
---|
14 | *
|
---|
15 | * Define three pools with sizes 256, 512, and 1512 bytes
|
---|
16 | * LWIP_MALLOC_MEMPOOL_START
|
---|
17 | * LWIP_MALLOC_MEMPOOL(20, 256)
|
---|
18 | * LWIP_MALLOC_MEMPOOL(10, 512)
|
---|
19 | * LWIP_MALLOC_MEMPOOL(5, 1512)
|
---|
20 | * LWIP_MALLOC_MEMPOOL_END
|
---|
21 | */
|
---|
22 |
|
---|
23 | /*
|
---|
24 | * Copyright (c) 2001-2004 Swedish Institute of Computer Science.
|
---|
25 | * All rights reserved.
|
---|
26 | *
|
---|
27 | * Redistribution and use in source and binary forms, with or without modification,
|
---|
28 | * are permitted provided that the following conditions are met:
|
---|
29 | *
|
---|
30 | * 1. Redistributions of source code must retain the above copyright notice,
|
---|
31 | * this list of conditions and the following disclaimer.
|
---|
32 | * 2. Redistributions in binary form must reproduce the above copyright notice,
|
---|
33 | * this list of conditions and the following disclaimer in the documentation
|
---|
34 | * and/or other materials provided with the distribution.
|
---|
35 | * 3. The name of the author may not be used to endorse or promote products
|
---|
36 | * derived from this software without specific prior written permission.
|
---|
37 | *
|
---|
38 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
|
---|
39 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
---|
40 | * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
|
---|
41 | * SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
|
---|
42 | * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
|
---|
43 | * OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
---|
44 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
---|
45 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
|
---|
46 | * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
|
---|
47 | * OF SUCH DAMAGE.
|
---|
48 | *
|
---|
49 | * This file is part of the lwIP TCP/IP stack.
|
---|
50 | *
|
---|
51 | * Author: Adam Dunkels <adam@sics.se>
|
---|
52 | * Simon Goldschmidt
|
---|
53 | *
|
---|
54 | */
|
---|
55 |
|
---|
56 | #include "lwip/opt.h"
|
---|
57 | #include "lwip/mem.h"
|
---|
58 | #include "lwip/def.h"
|
---|
59 | #include "lwip/sys.h"
|
---|
60 | #include "lwip/stats.h"
|
---|
61 | #include "lwip/err.h"
|
---|
62 |
|
---|
63 | #include <string.h>
|
---|
64 |
|
---|
65 | #if MEM_LIBC_MALLOC
|
---|
66 | #include <stdlib.h> /* for malloc()/free() */
|
---|
67 | #endif
|
---|
68 |
|
---|
69 | /* This is overridable for tests only... */
|
---|
70 | #ifndef LWIP_MEM_ILLEGAL_FREE
|
---|
71 | #define LWIP_MEM_ILLEGAL_FREE(msg) LWIP_ASSERT(msg, 0)
|
---|
72 | #endif
|
---|
73 |
|
---|
74 | #define MEM_STATS_INC_LOCKED(x) SYS_ARCH_LOCKED(MEM_STATS_INC(x))
|
---|
75 | #define MEM_STATS_INC_USED_LOCKED(x, y) SYS_ARCH_LOCKED(MEM_STATS_INC_USED(x, y))
|
---|
76 | #define MEM_STATS_DEC_USED_LOCKED(x, y) SYS_ARCH_LOCKED(MEM_STATS_DEC_USED(x, y))
|
---|
77 |
|
---|
78 | #if MEM_OVERFLOW_CHECK
|
---|
79 | #define MEM_SANITY_OFFSET MEM_SANITY_REGION_BEFORE_ALIGNED
|
---|
80 | #define MEM_SANITY_OVERHEAD (MEM_SANITY_REGION_BEFORE_ALIGNED + MEM_SANITY_REGION_AFTER_ALIGNED)
|
---|
81 | #else
|
---|
82 | #define MEM_SANITY_OFFSET 0
|
---|
83 | #define MEM_SANITY_OVERHEAD 0
|
---|
84 | #endif
|
---|
85 |
|
---|
86 | #if MEM_OVERFLOW_CHECK || MEMP_OVERFLOW_CHECK
|
---|
87 | /**
|
---|
88 | * Check if a mep element was victim of an overflow or underflow
|
---|
89 | * (e.g. the restricted area after/before it has been altered)
|
---|
90 | *
|
---|
91 | * @param p the mem element to check
|
---|
92 | * @param size allocated size of the element
|
---|
93 | * @param descr1 description of the element source shown on error
|
---|
94 | * @param descr2 description of the element source shown on error
|
---|
95 | */
|
---|
96 | void
|
---|
97 | mem_overflow_check_raw(void *p, size_t size, const char *descr1, const char *descr2)
|
---|
98 | {
|
---|
99 | #if MEM_SANITY_REGION_AFTER_ALIGNED || MEM_SANITY_REGION_BEFORE_ALIGNED
|
---|
100 | u16_t k;
|
---|
101 | u8_t *m;
|
---|
102 |
|
---|
103 | #if MEM_SANITY_REGION_AFTER_ALIGNED > 0
|
---|
104 | m = (u8_t *)p + size;
|
---|
105 | for (k = 0; k < MEM_SANITY_REGION_AFTER_ALIGNED; k++) {
|
---|
106 | if (m[k] != 0xcd) {
|
---|
107 | char errstr[128];
|
---|
108 | snprintf(errstr, sizeof(errstr), "detected mem overflow in %s%s", descr1, descr2);
|
---|
109 | LWIP_ASSERT(errstr, 0);
|
---|
110 | }
|
---|
111 | }
|
---|
112 | #endif /* MEM_SANITY_REGION_AFTER_ALIGNED > 0 */
|
---|
113 |
|
---|
114 | #if MEM_SANITY_REGION_BEFORE_ALIGNED > 0
|
---|
115 | m = (u8_t *)p - MEM_SANITY_REGION_BEFORE_ALIGNED;
|
---|
116 | for (k = 0; k < MEM_SANITY_REGION_BEFORE_ALIGNED; k++) {
|
---|
117 | if (m[k] != 0xcd) {
|
---|
118 | char errstr[128];
|
---|
119 | snprintf(errstr, sizeof(errstr), "detected mem underflow in %s%s", descr1, descr2);
|
---|
120 | LWIP_ASSERT(errstr, 0);
|
---|
121 | }
|
---|
122 | }
|
---|
123 | #endif /* MEM_SANITY_REGION_BEFORE_ALIGNED > 0 */
|
---|
124 | #else
|
---|
125 | LWIP_UNUSED_ARG(p);
|
---|
126 | LWIP_UNUSED_ARG(desc);
|
---|
127 | LWIP_UNUSED_ARG(descr);
|
---|
128 | #endif
|
---|
129 | }
|
---|
130 |
|
---|
131 | /**
|
---|
132 | * Initialize the restricted area of a mem element.
|
---|
133 | */
|
---|
134 | void
|
---|
135 | mem_overflow_init_raw(void *p, size_t size)
|
---|
136 | {
|
---|
137 | #if MEM_SANITY_REGION_BEFORE_ALIGNED > 0 || MEM_SANITY_REGION_AFTER_ALIGNED > 0
|
---|
138 | u8_t *m;
|
---|
139 | #if MEM_SANITY_REGION_BEFORE_ALIGNED > 0
|
---|
140 | m = (u8_t *)p - MEM_SANITY_REGION_BEFORE_ALIGNED;
|
---|
141 | memset(m, 0xcd, MEM_SANITY_REGION_BEFORE_ALIGNED);
|
---|
142 | #endif
|
---|
143 | #if MEM_SANITY_REGION_AFTER_ALIGNED > 0
|
---|
144 | m = (u8_t *)p + size;
|
---|
145 | memset(m, 0xcd, MEM_SANITY_REGION_AFTER_ALIGNED);
|
---|
146 | #endif
|
---|
147 | #else /* MEM_SANITY_REGION_BEFORE_ALIGNED > 0 || MEM_SANITY_REGION_AFTER_ALIGNED > 0 */
|
---|
148 | LWIP_UNUSED_ARG(p);
|
---|
149 | LWIP_UNUSED_ARG(desc);
|
---|
150 | #endif /* MEM_SANITY_REGION_BEFORE_ALIGNED > 0 || MEM_SANITY_REGION_AFTER_ALIGNED > 0 */
|
---|
151 | }
|
---|
152 | #endif /* MEM_OVERFLOW_CHECK || MEMP_OVERFLOW_CHECK */
|
---|
153 |
|
---|
154 | #if MEM_LIBC_MALLOC || MEM_USE_POOLS
|
---|
155 |
|
---|
156 | /** mem_init is not used when using pools instead of a heap or using
|
---|
157 | * C library malloc().
|
---|
158 | */
|
---|
159 | void
|
---|
160 | mem_init(void)
|
---|
161 | {
|
---|
162 | }
|
---|
163 |
|
---|
164 | /** mem_trim is not used when using pools instead of a heap or using
|
---|
165 | * C library malloc(): we can't free part of a pool element and the stack
|
---|
166 | * support mem_trim() to return a different pointer
|
---|
167 | */
|
---|
168 | void *
|
---|
169 | mem_trim(void *mem, mem_size_t size)
|
---|
170 | {
|
---|
171 | LWIP_UNUSED_ARG(size);
|
---|
172 | return mem;
|
---|
173 | }
|
---|
174 | #endif /* MEM_LIBC_MALLOC || MEM_USE_POOLS */
|
---|
175 |
|
---|
176 | #if MEM_LIBC_MALLOC
|
---|
177 | /* lwIP heap implemented using C library malloc() */
|
---|
178 |
|
---|
179 | /* in case C library malloc() needs extra protection,
|
---|
180 | * allow these defines to be overridden.
|
---|
181 | */
|
---|
182 | #ifndef mem_clib_free
|
---|
183 | #define mem_clib_free free
|
---|
184 | #endif
|
---|
185 | #ifndef mem_clib_malloc
|
---|
186 | #define mem_clib_malloc malloc
|
---|
187 | #endif
|
---|
188 | #ifndef mem_clib_calloc
|
---|
189 | #define mem_clib_calloc calloc
|
---|
190 | #endif
|
---|
191 |
|
---|
192 | #if LWIP_STATS && MEM_STATS
|
---|
193 | #define MEM_LIBC_STATSHELPER_SIZE LWIP_MEM_ALIGN_SIZE(sizeof(mem_size_t))
|
---|
194 | #else
|
---|
195 | #define MEM_LIBC_STATSHELPER_SIZE 0
|
---|
196 | #endif
|
---|
197 |
|
---|
198 | /**
|
---|
199 | * Allocate a block of memory with a minimum of 'size' bytes.
|
---|
200 | *
|
---|
201 | * @param size is the minimum size of the requested block in bytes.
|
---|
202 | * @return pointer to allocated memory or NULL if no free memory was found.
|
---|
203 | *
|
---|
204 | * Note that the returned value must always be aligned (as defined by MEM_ALIGNMENT).
|
---|
205 | */
|
---|
206 | void *
|
---|
207 | mem_malloc(mem_size_t size)
|
---|
208 | {
|
---|
209 | void *ret = mem_clib_malloc(size + MEM_LIBC_STATSHELPER_SIZE);
|
---|
210 | if (ret == NULL) {
|
---|
211 | MEM_STATS_INC_LOCKED(err);
|
---|
212 | } else {
|
---|
213 | LWIP_ASSERT("malloc() must return aligned memory", LWIP_MEM_ALIGN(ret) == ret);
|
---|
214 | #if LWIP_STATS && MEM_STATS
|
---|
215 | *(mem_size_t *)ret = size;
|
---|
216 | ret = (u8_t *)ret + MEM_LIBC_STATSHELPER_SIZE;
|
---|
217 | MEM_STATS_INC_USED_LOCKED(used, size);
|
---|
218 | #endif
|
---|
219 | }
|
---|
220 | return ret;
|
---|
221 | }
|
---|
222 |
|
---|
223 | /** Put memory back on the heap
|
---|
224 | *
|
---|
225 | * @param rmem is the pointer as returned by a previous call to mem_malloc()
|
---|
226 | */
|
---|
227 | void
|
---|
228 | mem_free(void *rmem)
|
---|
229 | {
|
---|
230 | LWIP_ASSERT("rmem != NULL", (rmem != NULL));
|
---|
231 | LWIP_ASSERT("rmem == MEM_ALIGN(rmem)", (rmem == LWIP_MEM_ALIGN(rmem)));
|
---|
232 | #if LWIP_STATS && MEM_STATS
|
---|
233 | rmem = (u8_t *)rmem - MEM_LIBC_STATSHELPER_SIZE;
|
---|
234 | MEM_STATS_DEC_USED_LOCKED(used, *(mem_size_t *)rmem);
|
---|
235 | #endif
|
---|
236 | mem_clib_free(rmem);
|
---|
237 | }
|
---|
238 |
|
---|
239 | #elif MEM_USE_POOLS
|
---|
240 |
|
---|
241 | /* lwIP heap implemented with different sized pools */
|
---|
242 |
|
---|
243 | /**
|
---|
244 | * Allocate memory: determine the smallest pool that is big enough
|
---|
245 | * to contain an element of 'size' and get an element from that pool.
|
---|
246 | *
|
---|
247 | * @param size the size in bytes of the memory needed
|
---|
248 | * @return a pointer to the allocated memory or NULL if the pool is empty
|
---|
249 | */
|
---|
250 | void *
|
---|
251 | mem_malloc(mem_size_t size)
|
---|
252 | {
|
---|
253 | void *ret;
|
---|
254 | struct memp_malloc_helper *element = NULL;
|
---|
255 | memp_t poolnr;
|
---|
256 | mem_size_t required_size = size + LWIP_MEM_ALIGN_SIZE(sizeof(struct memp_malloc_helper));
|
---|
257 |
|
---|
258 | for (poolnr = MEMP_POOL_FIRST; poolnr <= MEMP_POOL_LAST; poolnr = (memp_t)(poolnr + 1)) {
|
---|
259 | /* is this pool big enough to hold an element of the required size
|
---|
260 | plus a struct memp_malloc_helper that saves the pool this element came from? */
|
---|
261 | if (required_size <= memp_pools[poolnr]->size) {
|
---|
262 | element = (struct memp_malloc_helper *)memp_malloc(poolnr);
|
---|
263 | if (element == NULL) {
|
---|
264 | /* No need to DEBUGF or ASSERT: This error is already taken care of in memp.c */
|
---|
265 | #if MEM_USE_POOLS_TRY_BIGGER_POOL
|
---|
266 | /** Try a bigger pool if this one is empty! */
|
---|
267 | if (poolnr < MEMP_POOL_LAST) {
|
---|
268 | continue;
|
---|
269 | }
|
---|
270 | #endif /* MEM_USE_POOLS_TRY_BIGGER_POOL */
|
---|
271 | MEM_STATS_INC_LOCKED(err);
|
---|
272 | return NULL;
|
---|
273 | }
|
---|
274 | break;
|
---|
275 | }
|
---|
276 | }
|
---|
277 | if (poolnr > MEMP_POOL_LAST) {
|
---|
278 | LWIP_ASSERT("mem_malloc(): no pool is that big!", 0);
|
---|
279 | MEM_STATS_INC_LOCKED(err);
|
---|
280 | return NULL;
|
---|
281 | }
|
---|
282 |
|
---|
283 | /* save the pool number this element came from */
|
---|
284 | element->poolnr = poolnr;
|
---|
285 | /* and return a pointer to the memory directly after the struct memp_malloc_helper */
|
---|
286 | ret = (u8_t *)element + LWIP_MEM_ALIGN_SIZE(sizeof(struct memp_malloc_helper));
|
---|
287 |
|
---|
288 | #if MEMP_OVERFLOW_CHECK || (LWIP_STATS && MEM_STATS)
|
---|
289 | /* truncating to u16_t is safe because struct memp_desc::size is u16_t */
|
---|
290 | element->size = (u16_t)size;
|
---|
291 | MEM_STATS_INC_USED_LOCKED(used, element->size);
|
---|
292 | #endif /* MEMP_OVERFLOW_CHECK || (LWIP_STATS && MEM_STATS) */
|
---|
293 | #if MEMP_OVERFLOW_CHECK
|
---|
294 | /* initialize unused memory (diff between requested size and selected pool's size) */
|
---|
295 | memset((u8_t *)ret + size, 0xcd, memp_pools[poolnr]->size - size);
|
---|
296 | #endif /* MEMP_OVERFLOW_CHECK */
|
---|
297 | return ret;
|
---|
298 | }
|
---|
299 |
|
---|
300 | /**
|
---|
301 | * Free memory previously allocated by mem_malloc. Loads the pool number
|
---|
302 | * and calls memp_free with that pool number to put the element back into
|
---|
303 | * its pool
|
---|
304 | *
|
---|
305 | * @param rmem the memory element to free
|
---|
306 | */
|
---|
307 | void
|
---|
308 | mem_free(void *rmem)
|
---|
309 | {
|
---|
310 | struct memp_malloc_helper *hmem;
|
---|
311 |
|
---|
312 | LWIP_ASSERT("rmem != NULL", (rmem != NULL));
|
---|
313 | LWIP_ASSERT("rmem == MEM_ALIGN(rmem)", (rmem == LWIP_MEM_ALIGN(rmem)));
|
---|
314 |
|
---|
315 | /* get the original struct memp_malloc_helper */
|
---|
316 | /* cast through void* to get rid of alignment warnings */
|
---|
317 | hmem = (struct memp_malloc_helper *)(void *)((u8_t *)rmem - LWIP_MEM_ALIGN_SIZE(sizeof(struct memp_malloc_helper)));
|
---|
318 |
|
---|
319 | LWIP_ASSERT("hmem != NULL", (hmem != NULL));
|
---|
320 | LWIP_ASSERT("hmem == MEM_ALIGN(hmem)", (hmem == LWIP_MEM_ALIGN(hmem)));
|
---|
321 | LWIP_ASSERT("hmem->poolnr < MEMP_MAX", (hmem->poolnr < MEMP_MAX));
|
---|
322 |
|
---|
323 | MEM_STATS_DEC_USED_LOCKED(used, hmem->size);
|
---|
324 | #if MEMP_OVERFLOW_CHECK
|
---|
325 | {
|
---|
326 | u16_t i;
|
---|
327 | LWIP_ASSERT("MEM_USE_POOLS: invalid chunk size",
|
---|
328 | hmem->size <= memp_pools[hmem->poolnr]->size);
|
---|
329 | /* check that unused memory remained untouched (diff between requested size and selected pool's size) */
|
---|
330 | for (i = hmem->size; i < memp_pools[hmem->poolnr]->size; i++) {
|
---|
331 | u8_t data = *((u8_t *)rmem + i);
|
---|
332 | LWIP_ASSERT("MEM_USE_POOLS: mem overflow detected", data == 0xcd);
|
---|
333 | }
|
---|
334 | }
|
---|
335 | #endif /* MEMP_OVERFLOW_CHECK */
|
---|
336 |
|
---|
337 | /* and put it in the pool we saved earlier */
|
---|
338 | memp_free(hmem->poolnr, hmem);
|
---|
339 | }
|
---|
340 |
|
---|
341 | #else /* MEM_USE_POOLS */
|
---|
342 | /* lwIP replacement for your libc malloc() */
|
---|
343 |
|
---|
344 | /**
|
---|
345 | * The heap is made up as a list of structs of this type.
|
---|
346 | * This does not have to be aligned since for getting its size,
|
---|
347 | * we only use the macro SIZEOF_STRUCT_MEM, which automatically aligns.
|
---|
348 | */
|
---|
349 | struct mem {
|
---|
350 | /** index (-> ram[next]) of the next struct */
|
---|
351 | mem_size_t next;
|
---|
352 | /** index (-> ram[prev]) of the previous struct */
|
---|
353 | mem_size_t prev;
|
---|
354 | /** 1: this area is used; 0: this area is unused */
|
---|
355 | u8_t used;
|
---|
356 | #if MEM_OVERFLOW_CHECK
|
---|
357 | /** this keeps track of the user allocation size for guard checks */
|
---|
358 | mem_size_t user_size;
|
---|
359 | #endif
|
---|
360 | };
|
---|
361 |
|
---|
362 | /** All allocated blocks will be MIN_SIZE bytes big, at least!
|
---|
363 | * MIN_SIZE can be overridden to suit your needs. Smaller values save space,
|
---|
364 | * larger values could prevent too small blocks to fragment the RAM too much. */
|
---|
365 | #ifndef MIN_SIZE
|
---|
366 | #define MIN_SIZE 12
|
---|
367 | #endif /* MIN_SIZE */
|
---|
368 | /* some alignment macros: we define them here for better source code layout */
|
---|
369 | #define MIN_SIZE_ALIGNED LWIP_MEM_ALIGN_SIZE(MIN_SIZE)
|
---|
370 | #define SIZEOF_STRUCT_MEM LWIP_MEM_ALIGN_SIZE(sizeof(struct mem))
|
---|
371 | #define MEM_SIZE_ALIGNED LWIP_MEM_ALIGN_SIZE(MEM_SIZE)
|
---|
372 |
|
---|
373 | /** If you want to relocate the heap to external memory, simply define
|
---|
374 | * LWIP_RAM_HEAP_POINTER as a void-pointer to that location.
|
---|
375 | * If so, make sure the memory at that location is big enough (see below on
|
---|
376 | * how that space is calculated). */
|
---|
377 | #ifndef LWIP_RAM_HEAP_POINTER
|
---|
378 | /** the heap. we need one struct mem at the end and some room for alignment */
|
---|
379 | LWIP_DECLARE_MEMORY_ALIGNED(ram_heap, MEM_SIZE_ALIGNED + (2U * SIZEOF_STRUCT_MEM));
|
---|
380 | #define LWIP_RAM_HEAP_POINTER ram_heap
|
---|
381 | #endif /* LWIP_RAM_HEAP_POINTER */
|
---|
382 |
|
---|
383 | /** pointer to the heap (ram_heap): for alignment, ram is now a pointer instead of an array */
|
---|
384 | static u8_t *ram;
|
---|
385 | /** the last entry, always unused! */
|
---|
386 | static struct mem *ram_end;
|
---|
387 |
|
---|
388 | /** concurrent access protection */
|
---|
389 | #if !NO_SYS
|
---|
390 | static sys_mutex_t mem_mutex;
|
---|
391 | #endif
|
---|
392 |
|
---|
393 | #if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT
|
---|
394 |
|
---|
395 | static volatile u8_t mem_free_count;
|
---|
396 |
|
---|
397 | /* Allow mem_free from other (e.g. interrupt) context */
|
---|
398 | #define LWIP_MEM_FREE_DECL_PROTECT() SYS_ARCH_DECL_PROTECT(lev_free)
|
---|
399 | #define LWIP_MEM_FREE_PROTECT() SYS_ARCH_PROTECT(lev_free)
|
---|
400 | #define LWIP_MEM_FREE_UNPROTECT() SYS_ARCH_UNPROTECT(lev_free)
|
---|
401 | #define LWIP_MEM_ALLOC_DECL_PROTECT() SYS_ARCH_DECL_PROTECT(lev_alloc)
|
---|
402 | #define LWIP_MEM_ALLOC_PROTECT() SYS_ARCH_PROTECT(lev_alloc)
|
---|
403 | #define LWIP_MEM_ALLOC_UNPROTECT() SYS_ARCH_UNPROTECT(lev_alloc)
|
---|
404 | #define LWIP_MEM_LFREE_VOLATILE volatile
|
---|
405 |
|
---|
406 | #else /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */
|
---|
407 |
|
---|
408 | /* Protect the heap only by using a mutex */
|
---|
409 | #define LWIP_MEM_FREE_DECL_PROTECT()
|
---|
410 | #define LWIP_MEM_FREE_PROTECT() sys_mutex_lock(&mem_mutex)
|
---|
411 | #define LWIP_MEM_FREE_UNPROTECT() sys_mutex_unlock(&mem_mutex)
|
---|
412 | /* mem_malloc is protected using mutex AND LWIP_MEM_ALLOC_PROTECT */
|
---|
413 | #define LWIP_MEM_ALLOC_DECL_PROTECT()
|
---|
414 | #define LWIP_MEM_ALLOC_PROTECT()
|
---|
415 | #define LWIP_MEM_ALLOC_UNPROTECT()
|
---|
416 | #define LWIP_MEM_LFREE_VOLATILE
|
---|
417 |
|
---|
418 | #endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */
|
---|
419 |
|
---|
420 | /** pointer to the lowest free block, this is used for faster search */
|
---|
421 | static struct mem * LWIP_MEM_LFREE_VOLATILE lfree;
|
---|
422 |
|
---|
423 | #if MEM_SANITY_CHECK
|
---|
424 | static void mem_sanity(void);
|
---|
425 | #define MEM_SANITY() mem_sanity()
|
---|
426 | #else
|
---|
427 | #define MEM_SANITY()
|
---|
428 | #endif
|
---|
429 |
|
---|
430 | #if MEM_OVERFLOW_CHECK
|
---|
431 | static void
|
---|
432 | mem_overflow_init_element(struct mem *mem, mem_size_t user_size)
|
---|
433 | {
|
---|
434 | void *p = (u8_t *)mem + SIZEOF_STRUCT_MEM + MEM_SANITY_OFFSET;
|
---|
435 | mem->user_size = user_size;
|
---|
436 | mem_overflow_init_raw(p, user_size);
|
---|
437 | }
|
---|
438 |
|
---|
439 | static void
|
---|
440 | mem_overflow_check_element(struct mem *mem)
|
---|
441 | {
|
---|
442 | void *p = (u8_t *)mem + SIZEOF_STRUCT_MEM + MEM_SANITY_OFFSET;
|
---|
443 | mem_overflow_check_raw(p, mem->user_size, "heap", "");
|
---|
444 | }
|
---|
445 | #else /* MEM_OVERFLOW_CHECK */
|
---|
446 | #define mem_overflow_init_element(mem, size)
|
---|
447 | #define mem_overflow_check_element(mem)
|
---|
448 | #endif /* MEM_OVERFLOW_CHECK */
|
---|
449 |
|
---|
450 | static struct mem *
|
---|
451 | ptr_to_mem(mem_size_t ptr)
|
---|
452 | {
|
---|
453 | return (struct mem *)(void *)&ram[ptr];
|
---|
454 | }
|
---|
455 |
|
---|
456 | static mem_size_t
|
---|
457 | mem_to_ptr(void *mem)
|
---|
458 | {
|
---|
459 | return (mem_size_t)((u8_t *)mem - ram);
|
---|
460 | }
|
---|
461 |
|
---|
462 | /**
|
---|
463 | * "Plug holes" by combining adjacent empty struct mems.
|
---|
464 | * After this function is through, there should not exist
|
---|
465 | * one empty struct mem pointing to another empty struct mem.
|
---|
466 | *
|
---|
467 | * @param mem this points to a struct mem which just has been freed
|
---|
468 | * @internal this function is only called by mem_free() and mem_trim()
|
---|
469 | *
|
---|
470 | * This assumes access to the heap is protected by the calling function
|
---|
471 | * already.
|
---|
472 | */
|
---|
473 | static void
|
---|
474 | plug_holes(struct mem *mem)
|
---|
475 | {
|
---|
476 | struct mem *nmem;
|
---|
477 | struct mem *pmem;
|
---|
478 |
|
---|
479 | LWIP_ASSERT("plug_holes: mem >= ram", (u8_t *)mem >= ram);
|
---|
480 | LWIP_ASSERT("plug_holes: mem < ram_end", (u8_t *)mem < (u8_t *)ram_end);
|
---|
481 | LWIP_ASSERT("plug_holes: mem->used == 0", mem->used == 0);
|
---|
482 |
|
---|
483 | /* plug hole forward */
|
---|
484 | LWIP_ASSERT("plug_holes: mem->next <= MEM_SIZE_ALIGNED", mem->next <= MEM_SIZE_ALIGNED);
|
---|
485 |
|
---|
486 | nmem = ptr_to_mem(mem->next);
|
---|
487 | if (mem != nmem && nmem->used == 0 && (u8_t *)nmem != (u8_t *)ram_end) {
|
---|
488 | /* if mem->next is unused and not end of ram, combine mem and mem->next */
|
---|
489 | if (lfree == nmem) {
|
---|
490 | lfree = mem;
|
---|
491 | }
|
---|
492 | mem->next = nmem->next;
|
---|
493 | if (nmem->next != MEM_SIZE_ALIGNED) {
|
---|
494 | ptr_to_mem(nmem->next)->prev = mem_to_ptr(mem);
|
---|
495 | }
|
---|
496 | }
|
---|
497 |
|
---|
498 | /* plug hole backward */
|
---|
499 | pmem = ptr_to_mem(mem->prev);
|
---|
500 | if (pmem != mem && pmem->used == 0) {
|
---|
501 | /* if mem->prev is unused, combine mem and mem->prev */
|
---|
502 | if (lfree == mem) {
|
---|
503 | lfree = pmem;
|
---|
504 | }
|
---|
505 | pmem->next = mem->next;
|
---|
506 | if (mem->next != MEM_SIZE_ALIGNED) {
|
---|
507 | ptr_to_mem(mem->next)->prev = mem_to_ptr(pmem);
|
---|
508 | }
|
---|
509 | }
|
---|
510 | }
|
---|
511 |
|
---|
512 | /**
|
---|
513 | * Zero the heap and initialize start, end and lowest-free
|
---|
514 | */
|
---|
515 | void
|
---|
516 | mem_init(void)
|
---|
517 | {
|
---|
518 | struct mem *mem;
|
---|
519 |
|
---|
520 | LWIP_ASSERT("Sanity check alignment",
|
---|
521 | (SIZEOF_STRUCT_MEM & (MEM_ALIGNMENT - 1)) == 0);
|
---|
522 |
|
---|
523 | /* align the heap */
|
---|
524 | ram = (u8_t *)LWIP_MEM_ALIGN(LWIP_RAM_HEAP_POINTER);
|
---|
525 | /* initialize the start of the heap */
|
---|
526 | mem = (struct mem *)(void *)ram;
|
---|
527 | mem->next = MEM_SIZE_ALIGNED;
|
---|
528 | mem->prev = 0;
|
---|
529 | mem->used = 0;
|
---|
530 | /* initialize the end of the heap */
|
---|
531 | ram_end = ptr_to_mem(MEM_SIZE_ALIGNED);
|
---|
532 | ram_end->used = 1;
|
---|
533 | ram_end->next = MEM_SIZE_ALIGNED;
|
---|
534 | ram_end->prev = MEM_SIZE_ALIGNED;
|
---|
535 | MEM_SANITY();
|
---|
536 |
|
---|
537 | /* initialize the lowest-free pointer to the start of the heap */
|
---|
538 | lfree = (struct mem *)(void *)ram;
|
---|
539 |
|
---|
540 | MEM_STATS_AVAIL(avail, MEM_SIZE_ALIGNED);
|
---|
541 |
|
---|
542 | if (sys_mutex_new(&mem_mutex) != ERR_OK) {
|
---|
543 | LWIP_ASSERT("failed to create mem_mutex", 0);
|
---|
544 | }
|
---|
545 | }
|
---|
546 |
|
---|
547 | /* Check if a struct mem is correctly linked.
|
---|
548 | * If not, double-free is a possible reason.
|
---|
549 | */
|
---|
550 | static int
|
---|
551 | mem_link_valid(struct mem *mem)
|
---|
552 | {
|
---|
553 | struct mem *nmem, *pmem;
|
---|
554 | mem_size_t rmem_idx;
|
---|
555 | rmem_idx = mem_to_ptr(mem);
|
---|
556 | nmem = ptr_to_mem(mem->next);
|
---|
557 | pmem = ptr_to_mem(mem->prev);
|
---|
558 | if ((mem->next > MEM_SIZE_ALIGNED) || (mem->prev > MEM_SIZE_ALIGNED) ||
|
---|
559 | ((mem->prev != rmem_idx) && (pmem->next != rmem_idx)) ||
|
---|
560 | ((nmem != ram_end) && (nmem->prev != rmem_idx))) {
|
---|
561 | return 0;
|
---|
562 | }
|
---|
563 | return 1;
|
---|
564 | }
|
---|
565 |
|
---|
566 | #if MEM_SANITY_CHECK
|
---|
567 | static void
|
---|
568 | mem_sanity(void)
|
---|
569 | {
|
---|
570 | struct mem *mem;
|
---|
571 | u8_t last_used;
|
---|
572 |
|
---|
573 | /* begin with first element here */
|
---|
574 | mem = (struct mem *)ram;
|
---|
575 | LWIP_ASSERT("heap element used valid", (mem->used == 0) || (mem->used == 1));
|
---|
576 | last_used = mem->used;
|
---|
577 | LWIP_ASSERT("heap element prev ptr valid", mem->prev == 0);
|
---|
578 | LWIP_ASSERT("heap element next ptr valid", mem->next <= MEM_SIZE_ALIGNED);
|
---|
579 | LWIP_ASSERT("heap element next ptr aligned", LWIP_MEM_ALIGN(ptr_to_mem(mem->next) == ptr_to_mem(mem->next)));
|
---|
580 |
|
---|
581 | /* check all elements before the end of the heap */
|
---|
582 | for (mem = ptr_to_mem(mem->next);
|
---|
583 | ((u8_t *)mem > ram) && (mem < ram_end);
|
---|
584 | mem = ptr_to_mem(mem->next)) {
|
---|
585 | LWIP_ASSERT("heap element aligned", LWIP_MEM_ALIGN(mem) == mem);
|
---|
586 | LWIP_ASSERT("heap element prev ptr valid", mem->prev <= MEM_SIZE_ALIGNED);
|
---|
587 | LWIP_ASSERT("heap element next ptr valid", mem->next <= MEM_SIZE_ALIGNED);
|
---|
588 | LWIP_ASSERT("heap element prev ptr aligned", LWIP_MEM_ALIGN(ptr_to_mem(mem->prev) == ptr_to_mem(mem->prev)));
|
---|
589 | LWIP_ASSERT("heap element next ptr aligned", LWIP_MEM_ALIGN(ptr_to_mem(mem->next) == ptr_to_mem(mem->next)));
|
---|
590 |
|
---|
591 | if (last_used == 0) {
|
---|
592 | /* 2 unused elements in a row? */
|
---|
593 | LWIP_ASSERT("heap element unused?", mem->used == 1);
|
---|
594 | } else {
|
---|
595 | LWIP_ASSERT("heap element unused member", (mem->used == 0) || (mem->used == 1));
|
---|
596 | }
|
---|
597 |
|
---|
598 | LWIP_ASSERT("heap element link valid", mem_link_valid(mem));
|
---|
599 |
|
---|
600 | /* used/unused altering */
|
---|
601 | last_used = mem->used;
|
---|
602 | }
|
---|
603 | LWIP_ASSERT("heap end ptr sanity", mem == ptr_to_mem(MEM_SIZE_ALIGNED));
|
---|
604 | LWIP_ASSERT("heap element used valid", mem->used == 1);
|
---|
605 | LWIP_ASSERT("heap element prev ptr valid", mem->prev == MEM_SIZE_ALIGNED);
|
---|
606 | LWIP_ASSERT("heap element next ptr valid", mem->next == MEM_SIZE_ALIGNED);
|
---|
607 | }
|
---|
608 | #endif /* MEM_SANITY_CHECK */
|
---|
609 |
|
---|
610 | /**
|
---|
611 | * Put a struct mem back on the heap
|
---|
612 | *
|
---|
613 | * @param rmem is the data portion of a struct mem as returned by a previous
|
---|
614 | * call to mem_malloc()
|
---|
615 | */
|
---|
616 | void
|
---|
617 | mem_free(void *rmem)
|
---|
618 | {
|
---|
619 | struct mem *mem;
|
---|
620 | LWIP_MEM_FREE_DECL_PROTECT();
|
---|
621 |
|
---|
622 | if (rmem == NULL) {
|
---|
623 | LWIP_DEBUGF(MEM_DEBUG | LWIP_DBG_TRACE | LWIP_DBG_LEVEL_SERIOUS, ("mem_free(p == NULL) was called.\n"));
|
---|
624 | return;
|
---|
625 | }
|
---|
626 | if ((((mem_ptr_t)rmem) & (MEM_ALIGNMENT - 1)) != 0) {
|
---|
627 | LWIP_MEM_ILLEGAL_FREE("mem_free: sanity check alignment");
|
---|
628 | LWIP_DEBUGF(MEM_DEBUG | LWIP_DBG_LEVEL_SEVERE, ("mem_free: sanity check alignment\n"));
|
---|
629 | /* protect mem stats from concurrent access */
|
---|
630 | MEM_STATS_INC_LOCKED(illegal);
|
---|
631 | return;
|
---|
632 | }
|
---|
633 |
|
---|
634 | /* Get the corresponding struct mem: */
|
---|
635 | /* cast through void* to get rid of alignment warnings */
|
---|
636 | mem = (struct mem *)(void *)((u8_t *)rmem - (SIZEOF_STRUCT_MEM + MEM_SANITY_OFFSET));
|
---|
637 |
|
---|
638 | if ((u8_t *)mem < ram || (u8_t *)rmem + MIN_SIZE_ALIGNED > (u8_t *)ram_end) {
|
---|
639 | LWIP_MEM_ILLEGAL_FREE("mem_free: illegal memory");
|
---|
640 | LWIP_DEBUGF(MEM_DEBUG | LWIP_DBG_LEVEL_SEVERE, ("mem_free: illegal memory\n"));
|
---|
641 | /* protect mem stats from concurrent access */
|
---|
642 | MEM_STATS_INC_LOCKED(illegal);
|
---|
643 | return;
|
---|
644 | }
|
---|
645 | #if MEM_OVERFLOW_CHECK
|
---|
646 | mem_overflow_check_element(mem);
|
---|
647 | #endif
|
---|
648 | /* protect the heap from concurrent access */
|
---|
649 | LWIP_MEM_FREE_PROTECT();
|
---|
650 | /* mem has to be in a used state */
|
---|
651 | if (!mem->used) {
|
---|
652 | LWIP_MEM_ILLEGAL_FREE("mem_free: illegal memory: double free");
|
---|
653 | LWIP_MEM_FREE_UNPROTECT();
|
---|
654 | LWIP_DEBUGF(MEM_DEBUG | LWIP_DBG_LEVEL_SEVERE, ("mem_free: illegal memory: double free?\n"));
|
---|
655 | /* protect mem stats from concurrent access */
|
---|
656 | MEM_STATS_INC_LOCKED(illegal);
|
---|
657 | return;
|
---|
658 | }
|
---|
659 |
|
---|
660 | if (!mem_link_valid(mem)) {
|
---|
661 | LWIP_MEM_ILLEGAL_FREE("mem_free: illegal memory: non-linked: double free");
|
---|
662 | LWIP_MEM_FREE_UNPROTECT();
|
---|
663 | LWIP_DEBUGF(MEM_DEBUG | LWIP_DBG_LEVEL_SEVERE, ("mem_free: illegal memory: non-linked: double free?\n"));
|
---|
664 | /* protect mem stats from concurrent access */
|
---|
665 | MEM_STATS_INC_LOCKED(illegal);
|
---|
666 | return;
|
---|
667 | }
|
---|
668 |
|
---|
669 | /* mem is now unused. */
|
---|
670 | mem->used = 0;
|
---|
671 |
|
---|
672 | if (mem < lfree) {
|
---|
673 | /* the newly freed struct is now the lowest */
|
---|
674 | lfree = mem;
|
---|
675 | }
|
---|
676 |
|
---|
677 | MEM_STATS_DEC_USED(used, mem->next - (mem_size_t)(((u8_t *)mem - ram)));
|
---|
678 |
|
---|
679 | /* finally, see if prev or next are free also */
|
---|
680 | plug_holes(mem);
|
---|
681 | MEM_SANITY();
|
---|
682 | #if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT
|
---|
683 | mem_free_count = 1;
|
---|
684 | #endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */
|
---|
685 | LWIP_MEM_FREE_UNPROTECT();
|
---|
686 | }
|
---|
687 |
|
---|
688 | /**
|
---|
689 | * Shrink memory returned by mem_malloc().
|
---|
690 | *
|
---|
691 | * @param rmem pointer to memory allocated by mem_malloc the is to be shrinked
|
---|
692 | * @param new_size required size after shrinking (needs to be smaller than or
|
---|
693 | * equal to the previous size)
|
---|
694 | * @return for compatibility reasons: is always == rmem, at the moment
|
---|
695 | * or NULL if newsize is > old size, in which case rmem is NOT touched
|
---|
696 | * or freed!
|
---|
697 | */
|
---|
698 | void *
|
---|
699 | mem_trim(void *rmem, mem_size_t new_size)
|
---|
700 | {
|
---|
701 | mem_size_t size, newsize;
|
---|
702 | mem_size_t ptr, ptr2;
|
---|
703 | struct mem *mem, *mem2;
|
---|
704 | /* use the FREE_PROTECT here: it protects with sem OR SYS_ARCH_PROTECT */
|
---|
705 | LWIP_MEM_FREE_DECL_PROTECT();
|
---|
706 |
|
---|
707 | /* Expand the size of the allocated memory region so that we can
|
---|
708 | adjust for alignment. */
|
---|
709 | newsize = (mem_size_t)LWIP_MEM_ALIGN_SIZE(new_size);
|
---|
710 | if (newsize < MIN_SIZE_ALIGNED) {
|
---|
711 | /* every data block must be at least MIN_SIZE_ALIGNED long */
|
---|
712 | newsize = MIN_SIZE_ALIGNED;
|
---|
713 | }
|
---|
714 | #if MEM_OVERFLOW_CHECK
|
---|
715 | newsize += MEM_SANITY_REGION_BEFORE_ALIGNED + MEM_SANITY_REGION_AFTER_ALIGNED;
|
---|
716 | #endif
|
---|
717 | if ((newsize > MEM_SIZE_ALIGNED) || (newsize < new_size)) {
|
---|
718 | return NULL;
|
---|
719 | }
|
---|
720 |
|
---|
721 | LWIP_ASSERT("mem_trim: legal memory", (u8_t *)rmem >= (u8_t *)ram &&
|
---|
722 | (u8_t *)rmem < (u8_t *)ram_end);
|
---|
723 |
|
---|
724 | if ((u8_t *)rmem < (u8_t *)ram || (u8_t *)rmem >= (u8_t *)ram_end) {
|
---|
725 | LWIP_DEBUGF(MEM_DEBUG | LWIP_DBG_LEVEL_SEVERE, ("mem_trim: illegal memory\n"));
|
---|
726 | /* protect mem stats from concurrent access */
|
---|
727 | MEM_STATS_INC_LOCKED(illegal);
|
---|
728 | return rmem;
|
---|
729 | }
|
---|
730 | /* Get the corresponding struct mem ... */
|
---|
731 | /* cast through void* to get rid of alignment warnings */
|
---|
732 | mem = (struct mem *)(void *)((u8_t *)rmem - (SIZEOF_STRUCT_MEM + MEM_SANITY_OFFSET));
|
---|
733 | #if MEM_OVERFLOW_CHECK
|
---|
734 | mem_overflow_check_element(mem);
|
---|
735 | #endif
|
---|
736 | /* ... and its offset pointer */
|
---|
737 | ptr = mem_to_ptr(mem);
|
---|
738 |
|
---|
739 | size = (mem_size_t)((mem_size_t)(mem->next - ptr) - (SIZEOF_STRUCT_MEM + MEM_SANITY_OVERHEAD));
|
---|
740 | LWIP_ASSERT("mem_trim can only shrink memory", newsize <= size);
|
---|
741 | if (newsize > size) {
|
---|
742 | /* not supported */
|
---|
743 | return NULL;
|
---|
744 | }
|
---|
745 | if (newsize == size) {
|
---|
746 | /* No change in size, simply return */
|
---|
747 | return rmem;
|
---|
748 | }
|
---|
749 |
|
---|
750 | /* protect the heap from concurrent access */
|
---|
751 | LWIP_MEM_FREE_PROTECT();
|
---|
752 |
|
---|
753 | mem2 = ptr_to_mem(mem->next);
|
---|
754 | if (mem2->used == 0) {
|
---|
755 | /* The next struct is unused, we can simply move it at little */
|
---|
756 | mem_size_t next;
|
---|
757 | LWIP_ASSERT("invalid next ptr", mem->next != MEM_SIZE_ALIGNED);
|
---|
758 | /* remember the old next pointer */
|
---|
759 | next = mem2->next;
|
---|
760 | /* create new struct mem which is moved directly after the shrinked mem */
|
---|
761 | ptr2 = (mem_size_t)(ptr + SIZEOF_STRUCT_MEM + newsize);
|
---|
762 | if (lfree == mem2) {
|
---|
763 | lfree = ptr_to_mem(ptr2);
|
---|
764 | }
|
---|
765 | mem2 = ptr_to_mem(ptr2);
|
---|
766 | mem2->used = 0;
|
---|
767 | /* restore the next pointer */
|
---|
768 | mem2->next = next;
|
---|
769 | /* link it back to mem */
|
---|
770 | mem2->prev = ptr;
|
---|
771 | /* link mem to it */
|
---|
772 | mem->next = ptr2;
|
---|
773 | /* last thing to restore linked list: as we have moved mem2,
|
---|
774 | * let 'mem2->next->prev' point to mem2 again. but only if mem2->next is not
|
---|
775 | * the end of the heap */
|
---|
776 | if (mem2->next != MEM_SIZE_ALIGNED) {
|
---|
777 | ptr_to_mem(mem2->next)->prev = ptr2;
|
---|
778 | }
|
---|
779 | MEM_STATS_DEC_USED(used, (size - newsize));
|
---|
780 | /* no need to plug holes, we've already done that */
|
---|
781 | } else if (newsize + SIZEOF_STRUCT_MEM + MIN_SIZE_ALIGNED <= size) {
|
---|
782 | /* Next struct is used but there's room for another struct mem with
|
---|
783 | * at least MIN_SIZE_ALIGNED of data.
|
---|
784 | * Old size ('size') must be big enough to contain at least 'newsize' plus a struct mem
|
---|
785 | * ('SIZEOF_STRUCT_MEM') with some data ('MIN_SIZE_ALIGNED').
|
---|
786 | * @todo we could leave out MIN_SIZE_ALIGNED. We would create an empty
|
---|
787 | * region that couldn't hold data, but when mem->next gets freed,
|
---|
788 | * the 2 regions would be combined, resulting in more free memory */
|
---|
789 | ptr2 = (mem_size_t)(ptr + SIZEOF_STRUCT_MEM + newsize);
|
---|
790 | LWIP_ASSERT("invalid next ptr", mem->next != MEM_SIZE_ALIGNED);
|
---|
791 | mem2 = ptr_to_mem(ptr2);
|
---|
792 | if (mem2 < lfree) {
|
---|
793 | lfree = mem2;
|
---|
794 | }
|
---|
795 | mem2->used = 0;
|
---|
796 | mem2->next = mem->next;
|
---|
797 | mem2->prev = ptr;
|
---|
798 | mem->next = ptr2;
|
---|
799 | if (mem2->next != MEM_SIZE_ALIGNED) {
|
---|
800 | ptr_to_mem(mem2->next)->prev = ptr2;
|
---|
801 | }
|
---|
802 | MEM_STATS_DEC_USED(used, (size - newsize));
|
---|
803 | /* the original mem->next is used, so no need to plug holes! */
|
---|
804 | }
|
---|
805 | /* else {
|
---|
806 | next struct mem is used but size between mem and mem2 is not big enough
|
---|
807 | to create another struct mem
|
---|
808 | -> don't do anyhting.
|
---|
809 | -> the remaining space stays unused since it is too small
|
---|
810 | } */
|
---|
811 | #if MEM_OVERFLOW_CHECK
|
---|
812 | mem_overflow_init_element(mem, new_size);
|
---|
813 | #endif
|
---|
814 | MEM_SANITY();
|
---|
815 | #if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT
|
---|
816 | mem_free_count = 1;
|
---|
817 | #endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */
|
---|
818 | LWIP_MEM_FREE_UNPROTECT();
|
---|
819 | return rmem;
|
---|
820 | }
|
---|
821 |
|
---|
822 | /**
|
---|
823 | * Allocate a block of memory with a minimum of 'size' bytes.
|
---|
824 | *
|
---|
825 | * @param size_in is the minimum size of the requested block in bytes.
|
---|
826 | * @return pointer to allocated memory or NULL if no free memory was found.
|
---|
827 | *
|
---|
828 | * Note that the returned value will always be aligned (as defined by MEM_ALIGNMENT).
|
---|
829 | */
|
---|
830 | void *
|
---|
831 | mem_malloc(mem_size_t size_in)
|
---|
832 | {
|
---|
833 | mem_size_t ptr, ptr2, size;
|
---|
834 | struct mem *mem, *mem2;
|
---|
835 | #if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT
|
---|
836 | u8_t local_mem_free_count = 0;
|
---|
837 | #endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */
|
---|
838 | LWIP_MEM_ALLOC_DECL_PROTECT();
|
---|
839 |
|
---|
840 | if (size_in == 0) {
|
---|
841 | return NULL;
|
---|
842 | }
|
---|
843 |
|
---|
844 | /* Expand the size of the allocated memory region so that we can
|
---|
845 | adjust for alignment. */
|
---|
846 | size = (mem_size_t)LWIP_MEM_ALIGN_SIZE(size_in);
|
---|
847 | if (size < MIN_SIZE_ALIGNED) {
|
---|
848 | /* every data block must be at least MIN_SIZE_ALIGNED long */
|
---|
849 | size = MIN_SIZE_ALIGNED;
|
---|
850 | }
|
---|
851 | #if MEM_OVERFLOW_CHECK
|
---|
852 | size += MEM_SANITY_REGION_BEFORE_ALIGNED + MEM_SANITY_REGION_AFTER_ALIGNED;
|
---|
853 | #endif
|
---|
854 | if ((size > MEM_SIZE_ALIGNED) || (size < size_in)) {
|
---|
855 | return NULL;
|
---|
856 | }
|
---|
857 |
|
---|
858 | /* protect the heap from concurrent access */
|
---|
859 | sys_mutex_lock(&mem_mutex);
|
---|
860 | LWIP_MEM_ALLOC_PROTECT();
|
---|
861 | #if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT
|
---|
862 | /* run as long as a mem_free disturbed mem_malloc or mem_trim */
|
---|
863 | do {
|
---|
864 | local_mem_free_count = 0;
|
---|
865 | #endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */
|
---|
866 |
|
---|
867 | /* Scan through the heap searching for a free block that is big enough,
|
---|
868 | * beginning with the lowest free block.
|
---|
869 | */
|
---|
870 | for (ptr = mem_to_ptr(lfree); ptr < MEM_SIZE_ALIGNED - size;
|
---|
871 | ptr = ptr_to_mem(ptr)->next) {
|
---|
872 | mem = ptr_to_mem(ptr);
|
---|
873 | #if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT
|
---|
874 | mem_free_count = 0;
|
---|
875 | LWIP_MEM_ALLOC_UNPROTECT();
|
---|
876 | /* allow mem_free or mem_trim to run */
|
---|
877 | LWIP_MEM_ALLOC_PROTECT();
|
---|
878 | if (mem_free_count != 0) {
|
---|
879 | /* If mem_free or mem_trim have run, we have to restart since they
|
---|
880 | could have altered our current struct mem. */
|
---|
881 | local_mem_free_count = 1;
|
---|
882 | break;
|
---|
883 | }
|
---|
884 | #endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */
|
---|
885 |
|
---|
886 | if ((!mem->used) &&
|
---|
887 | (mem->next - (ptr + SIZEOF_STRUCT_MEM)) >= size) {
|
---|
888 | /* mem is not used and at least perfect fit is possible:
|
---|
889 | * mem->next - (ptr + SIZEOF_STRUCT_MEM) gives us the 'user data size' of mem */
|
---|
890 |
|
---|
891 | if (mem->next - (ptr + SIZEOF_STRUCT_MEM) >= (size + SIZEOF_STRUCT_MEM + MIN_SIZE_ALIGNED)) {
|
---|
892 | /* (in addition to the above, we test if another struct mem (SIZEOF_STRUCT_MEM) containing
|
---|
893 | * at least MIN_SIZE_ALIGNED of data also fits in the 'user data space' of 'mem')
|
---|
894 | * -> split large block, create empty remainder,
|
---|
895 | * remainder must be large enough to contain MIN_SIZE_ALIGNED data: if
|
---|
896 | * mem->next - (ptr + (2*SIZEOF_STRUCT_MEM)) == size,
|
---|
897 | * struct mem would fit in but no data between mem2 and mem2->next
|
---|
898 | * @todo we could leave out MIN_SIZE_ALIGNED. We would create an empty
|
---|
899 | * region that couldn't hold data, but when mem->next gets freed,
|
---|
900 | * the 2 regions would be combined, resulting in more free memory
|
---|
901 | */
|
---|
902 | ptr2 = (mem_size_t)(ptr + SIZEOF_STRUCT_MEM + size);
|
---|
903 | LWIP_ASSERT("invalid next ptr",ptr2 != MEM_SIZE_ALIGNED);
|
---|
904 | /* create mem2 struct */
|
---|
905 | mem2 = ptr_to_mem(ptr2);
|
---|
906 | mem2->used = 0;
|
---|
907 | mem2->next = mem->next;
|
---|
908 | mem2->prev = ptr;
|
---|
909 | /* and insert it between mem and mem->next */
|
---|
910 | mem->next = ptr2;
|
---|
911 | mem->used = 1;
|
---|
912 |
|
---|
913 | if (mem2->next != MEM_SIZE_ALIGNED) {
|
---|
914 | ptr_to_mem(mem2->next)->prev = ptr2;
|
---|
915 | }
|
---|
916 | MEM_STATS_INC_USED(used, (size + SIZEOF_STRUCT_MEM));
|
---|
917 | } else {
|
---|
918 | /* (a mem2 struct does no fit into the user data space of mem and mem->next will always
|
---|
919 | * be used at this point: if not we have 2 unused structs in a row, plug_holes should have
|
---|
920 | * take care of this).
|
---|
921 | * -> near fit or exact fit: do not split, no mem2 creation
|
---|
922 | * also can't move mem->next directly behind mem, since mem->next
|
---|
923 | * will always be used at this point!
|
---|
924 | */
|
---|
925 | mem->used = 1;
|
---|
926 | MEM_STATS_INC_USED(used, mem->next - mem_to_ptr(mem));
|
---|
927 | }
|
---|
928 | #if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT
|
---|
929 | mem_malloc_adjust_lfree:
|
---|
930 | #endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */
|
---|
931 | if (mem == lfree) {
|
---|
932 | struct mem *cur = lfree;
|
---|
933 | /* Find next free block after mem and update lowest free pointer */
|
---|
934 | while (cur->used && cur != ram_end) {
|
---|
935 | #if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT
|
---|
936 | mem_free_count = 0;
|
---|
937 | LWIP_MEM_ALLOC_UNPROTECT();
|
---|
938 | /* prevent high interrupt latency... */
|
---|
939 | LWIP_MEM_ALLOC_PROTECT();
|
---|
940 | if (mem_free_count != 0) {
|
---|
941 | /* If mem_free or mem_trim have run, we have to restart since they
|
---|
942 | could have altered our current struct mem or lfree. */
|
---|
943 | goto mem_malloc_adjust_lfree;
|
---|
944 | }
|
---|
945 | #endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */
|
---|
946 | cur = ptr_to_mem(cur->next);
|
---|
947 | }
|
---|
948 | lfree = cur;
|
---|
949 | LWIP_ASSERT("mem_malloc: !lfree->used", ((lfree == ram_end) || (!lfree->used)));
|
---|
950 | }
|
---|
951 | LWIP_MEM_ALLOC_UNPROTECT();
|
---|
952 | sys_mutex_unlock(&mem_mutex);
|
---|
953 | LWIP_ASSERT("mem_malloc: allocated memory not above ram_end.",
|
---|
954 | (mem_ptr_t)mem + SIZEOF_STRUCT_MEM + size <= (mem_ptr_t)ram_end);
|
---|
955 | LWIP_ASSERT("mem_malloc: allocated memory properly aligned.",
|
---|
956 | ((mem_ptr_t)mem + SIZEOF_STRUCT_MEM) % MEM_ALIGNMENT == 0);
|
---|
957 | LWIP_ASSERT("mem_malloc: sanity check alignment",
|
---|
958 | (((mem_ptr_t)mem) & (MEM_ALIGNMENT - 1)) == 0);
|
---|
959 |
|
---|
960 | #if MEM_OVERFLOW_CHECK
|
---|
961 | mem_overflow_init_element(mem, size_in);
|
---|
962 | #endif
|
---|
963 | MEM_SANITY();
|
---|
964 | return (u8_t *)mem + SIZEOF_STRUCT_MEM + MEM_SANITY_OFFSET;
|
---|
965 | }
|
---|
966 | }
|
---|
967 | #if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT
|
---|
968 | /* if we got interrupted by a mem_free, try again */
|
---|
969 | } while (local_mem_free_count != 0);
|
---|
970 | #endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */
|
---|
971 | MEM_STATS_INC(err);
|
---|
972 | LWIP_MEM_ALLOC_UNPROTECT();
|
---|
973 | sys_mutex_unlock(&mem_mutex);
|
---|
974 | LWIP_DEBUGF(MEM_DEBUG | LWIP_DBG_LEVEL_SERIOUS, ("mem_malloc: could not allocate %"S16_F" bytes\n", (s16_t)size));
|
---|
975 | return NULL;
|
---|
976 | }
|
---|
977 |
|
---|
978 | #endif /* MEM_USE_POOLS */
|
---|
979 |
|
---|
980 | #if MEM_LIBC_MALLOC && (!LWIP_STATS || !MEM_STATS)
|
---|
981 | void *
|
---|
982 | mem_calloc(mem_size_t count, mem_size_t size)
|
---|
983 | {
|
---|
984 | return mem_clib_calloc(count, size);
|
---|
985 | }
|
---|
986 |
|
---|
987 | #else /* MEM_LIBC_MALLOC && (!LWIP_STATS || !MEM_STATS) */
|
---|
988 | /**
|
---|
989 | * Contiguously allocates enough space for count objects that are size bytes
|
---|
990 | * of memory each and returns a pointer to the allocated memory.
|
---|
991 | *
|
---|
992 | * The allocated memory is filled with bytes of value zero.
|
---|
993 | *
|
---|
994 | * @param count number of objects to allocate
|
---|
995 | * @param size size of the objects to allocate
|
---|
996 | * @return pointer to allocated memory / NULL pointer if there is an error
|
---|
997 | */
|
---|
998 | void *
|
---|
999 | mem_calloc(mem_size_t count, mem_size_t size)
|
---|
1000 | {
|
---|
1001 | void *p;
|
---|
1002 | size_t alloc_size = (size_t)count * (size_t)size;
|
---|
1003 |
|
---|
1004 | if ((size_t)(mem_size_t)alloc_size != alloc_size) {
|
---|
1005 | LWIP_DEBUGF(MEM_DEBUG | LWIP_DBG_LEVEL_SERIOUS, ("mem_calloc: could not allocate %"SZT_F" bytes\n", alloc_size));
|
---|
1006 | return NULL;
|
---|
1007 | }
|
---|
1008 |
|
---|
1009 | /* allocate 'count' objects of size 'size' */
|
---|
1010 | p = mem_malloc((mem_size_t)alloc_size);
|
---|
1011 | if (p) {
|
---|
1012 | /* zero the memory */
|
---|
1013 | memset(p, 0, alloc_size);
|
---|
1014 | }
|
---|
1015 | return p;
|
---|
1016 | }
|
---|
1017 | #endif /* MEM_LIBC_MALLOC && (!LWIP_STATS || !MEM_STATS) */
|
---|