diff --git a/mm/mm_heap/mm_addfreechunk.c b/mm/mm_heap/mm_addfreechunk.c index 554851350b5..b40996642e4 100644 --- a/mm/mm_heap/mm_addfreechunk.c +++ b/mm/mm_heap/mm_addfreechunk.c @@ -39,6 +39,8 @@ #include +#include + #include /**************************************************************************** @@ -59,6 +61,9 @@ void mm_addfreechunk(FAR struct mm_heap_s *heap, FAR struct mm_freenode_s *node) FAR struct mm_freenode_s *next; FAR struct mm_freenode_s *prev; + DEBUGASSERT(node->size >= SIZEOF_MM_FREENODE); + DEBUGASSERT((node->preceding & MM_ALLOC_BIT) == 0); + /* Convert the size to a nodelist index */ int ndx = mm_size2ndx(node->size); diff --git a/mm/mm_heap/mm_free.c b/mm/mm_heap/mm_free.c index 95413f2bd9b..8f1afd33111 100644 --- a/mm/mm_heap/mm_free.c +++ b/mm/mm_heap/mm_free.c @@ -77,6 +77,7 @@ void mm_free(FAR struct mm_heap_s *heap, FAR void *mem) */ mm_takesemaphore(heap); + DEBUGASSERT(mm_heapmember(heap, mem)); /* Map the memory chunk into a free node */ diff --git a/mm/mm_heap/mm_initialize.c b/mm/mm_heap/mm_initialize.c index 9382224d075..d9794087569 100644 --- a/mm/mm_heap/mm_initialize.c +++ b/mm/mm_heap/mm_initialize.c @@ -170,6 +170,8 @@ void mm_initialize(FAR struct mm_heap_s *heap, FAR void *heapstart, CHECK_ALLOCNODE_SIZE; CHECK_FREENODE_SIZE; #endif + DEBUGASSERT(MM_MIN_CHUNK >= SIZEOF_MM_FREENODE); + DEBUGASSERT(MM_MIN_CHUNK >= SIZEOF_MM_ALLOCNODE); /* Set up global variables */ diff --git a/mm/mm_heap/mm_mallinfo.c b/mm/mm_heap/mm_mallinfo.c index 86487644c10..ae3d6b84d81 100644 --- a/mm/mm_heap/mm_mallinfo.c +++ b/mm/mm_heap/mm_mallinfo.c @@ -60,6 +60,7 @@ int mm_mallinfo(FAR struct mm_heap_s *heap, FAR struct mallinfo *info) { FAR struct mm_allocnode_s *node; + FAR struct mm_allocnode_s *prev; size_t mxordblk = 0; int ordblks = 0; /* Number of non-inuse chunks */ size_t uordblks = 0; /* Total allocated space */ @@ -84,9 +85,11 @@ int mm_mallinfo(FAR struct mm_heap_s *heap, FAR struct mallinfo *info) mm_takesemaphore(heap); - for (node = heap->mm_heapstart[region]; + for (prev = NULL, node = heap->mm_heapstart[region]; node < heap->mm_heapend[region]; - node = (FAR struct mm_allocnode_s *)((FAR char *)node + node->size)) + prev = node, + node = (FAR struct mm_allocnode_s *) + ((FAR char *)node + node->size)) { minfo("region=%d node=%p size=%u preceding=%u (%c)\n", region, node, (unsigned int)node->size, @@ -97,10 +100,21 @@ int mm_mallinfo(FAR struct mm_heap_s *heap, FAR struct mallinfo *info) if ((node->preceding & MM_ALLOC_BIT) != 0) { + DEBUGASSERT(node->size >= SIZEOF_MM_ALLOCNODE); uordblks += node->size; } else { + FAR struct mm_freenode_s *fnode; + DEBUGASSERT(node->size >= SIZEOF_MM_FREENODE); + fnode = (FAR void *)node; + DEBUGASSERT(fnode->blink->flink == fnode); + DEBUGASSERT(fnode->blink->size <= fnode->size); + DEBUGASSERT(fnode->flink == NULL || + fnode->flink->blink == fnode); + DEBUGASSERT(fnode->flink == NULL || + fnode->flink->size == 0 || + fnode->flink->size >= fnode->size); ordblks++; fordblks += node->size; if (node->size > mxordblk) @@ -108,6 +122,9 @@ int mm_mallinfo(FAR struct mm_heap_s *heap, FAR struct mallinfo *info) mxordblk = node->size; } } + + DEBUGASSERT(prev == NULL || + prev->size == (node->preceding & ~MM_ALLOC_BIT)); } minfo("region=%d node=%p heapend=%p\n", diff --git a/mm/mm_heap/mm_malloc.c b/mm/mm_heap/mm_malloc.c index 5d72eb74a2a..6230e4f8ec5 100644 --- a/mm/mm_heap/mm_malloc.c +++ b/mm/mm_heap/mm_malloc.c @@ -89,6 +89,8 @@ FAR void *mm_malloc(FAR struct mm_heap_s *heap, size_t size) alignsize = MM_ALIGN_UP(size + SIZEOF_MM_ALLOCNODE); DEBUGASSERT(alignsize >= size); /* Check for integer overflow */ + DEBUGASSERT(alignsize >= MM_MIN_CHUNK); + DEBUGASSERT(alignsize >= SIZEOF_MM_FREENODE); /* We need to hold the MM semaphore while we muck with the nodelist. */ @@ -117,6 +119,9 @@ FAR void *mm_malloc(FAR struct mm_heap_s *heap, size_t size) for (node = heap->mm_nodelist[ndx].flink; node && node->size < alignsize; node = node->flink); + { + DEBUGASSERT(node->blink->flink == node); + } /* If we found a node with non-zero size, then this is one to use. Since * the list is ordered, we know that is must be best fitting chunk @@ -183,6 +188,7 @@ FAR void *mm_malloc(FAR struct mm_heap_s *heap, size_t size) ret = (void *)((FAR char *)node + SIZEOF_MM_ALLOCNODE); } + DEBUGASSERT(ret == NULL || mm_heapmember(heap, ret)); mm_givesemaphore(heap); #ifdef CONFIG_MM_FILL_ALLOCATIONS diff --git a/mm/mm_heap/mm_realloc.c b/mm/mm_heap/mm_realloc.c index 54c4aab8a72..8b983b05682 100644 --- a/mm/mm_heap/mm_realloc.c +++ b/mm/mm_heap/mm_realloc.c @@ -114,6 +114,8 @@ FAR void *mm_realloc(FAR struct mm_heap_s *heap, FAR void *oldmem, /* We need to hold the MM semaphore while we muck with the nodelist. */ mm_takesemaphore(heap); + DEBUGASSERT(oldnode->preceding & MM_ALLOC_BIT); + DEBUGASSERT(mm_heapmember(heap, oldmem)); /* Check if this is a request to reduce the size of the allocation. */ @@ -248,6 +250,7 @@ FAR void *mm_realloc(FAR struct mm_heap_s *heap, FAR void *oldmem, */ prev->size -= takeprev; + DEBUGASSERT(prev->size >= SIZEOF_MM_FREENODE); newnode->size = oldsize + takeprev; newnode->preceding = prev->size | MM_ALLOC_BIT; next->preceding = newnode->size | @@ -319,6 +322,7 @@ FAR void *mm_realloc(FAR struct mm_heap_s *heap, FAR void *oldmem, */ newnode->size = nextsize - takenext; + DEBUGASSERT(newnode->size >= SIZEOF_MM_FREENODE); newnode->preceding = oldnode->size; andbeyond->preceding = newnode->size | (andbeyond->preceding & MM_ALLOC_BIT);