Mirrors_Framework/nuttx
1
0
Fork 0
mirror of https://github.com/apache/nuttx.git synced 2026-06-06 08:36:24 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

mm: fix memory corruption when loop create/exit thread in SMP mode

Browse Source 
Root casue:
when do thread exit, need add free stack operation to mm_delaylist,
but in SMP mode, CPU0 thread1 exit, at this time, CPU1 call malloc
and free mm_delaylist.

Fix:
Divide mm_delaylist for per CPU in SMP mode.

Change-Id: Ibf7d04614ea2f99fb5b506356b7346a0d94f0590
Signed-off-by: ligd <liguiding1@xiaomi.com>
This commit is contained in:
ligd
2021-06-21 16:20:44 +08:00
committed by liguiding1
parent 772044bbdf
commit dcea2afd7e
6 changed files with 31 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files
arch/sim/src/sim/up_heap.c
+12 -6
View File
@@ -48,7 +48,11 @@ struct mm_delaynode_s
struct mm_heap_impl_s
{
struct mm_delaynode_s *mm_delaylist;
#ifdef CONFIG_SMP
struct mm_delaynode_s *mm_delaylist[CONFIG_SMP_NCPUS];
#else
struct mm_delaynode_s *mm_delaylist[1];
#endif
};
/****************************************************************************
@@ -65,8 +69,8 @@ static void mm_add_delaylist(FAR struct mm_heap_s *heap, FAR void *mem)
flags = enter_critical_section();
tmp->flink = heap->mm_impl->mm_delaylist;
heap->mm_impl->mm_delaylist = tmp;
tmp->flink = heap->mm_impl->mm_delaylist[up_cpu_index()];
heap->mm_impl->mm_delaylist[up_cpu_index()] = tmp;
leave_critical_section(flags);
}
@@ -83,8 +87,8 @@ static void mm_free_delaylist(FAR struct mm_heap_s *heap)
flags = enter_critical_section();
tmp = heap->mm_impl->mm_delaylist;
heap->mm_impl->mm_delaylist = NULL;
tmp = heap->mm_impl->mm_delaylist[up_cpu_index()];
heap->mm_impl->mm_delaylist[up_cpu_index()] = NULL;
leave_critical_section(flags);
@@ -137,7 +141,9 @@ void mm_initialize(FAR struct mm_heap_s *heap, FAR void *heap_start,
FAR struct mm_heap_impl_s *impl;
impl = host_memalign(sizeof(FAR void *), sizeof(*impl));
impl->mm_delaylist = NULL;
DEBUGASSERT(impl);
memset(impl, 0, sizeof(struct mm_heap_impl_s));
heap->mm_impl = impl;
}
mm/mm_heap/mm.h
+5 -1
View File
@@ -202,7 +202,11 @@ struct mm_heap_impl_s
/* Free delay list, for some situation can't do free immdiately */
FAR struct mm_delaynode_s *mm_delaylist;
#ifdef CONFIG_SMP
FAR struct mm_delaynode_s *mm_delaylist[CONFIG_SMP_NCPUS];
#else
FAR struct mm_delaynode_s *mm_delaylist[1];
#endif
};
/* Functions contained in mm_sem.c ******************************************/
mm/mm_heap/mm_free.c
+2 -2
View File
@@ -50,8 +50,8 @@ static void mm_add_delaylist(FAR struct mm_heap_s *heap, FAR void *mem)
flags = enter_critical_section();
tmp->flink = heap_impl->mm_delaylist;
heap_impl->mm_delaylist = tmp;
tmp->flink = heap_impl->mm_delaylist[up_cpu_index()];
heap_impl->mm_delaylist[up_cpu_index()] = tmp;
leave_critical_section(flags);
}
mm/mm_heap/mm_initialize.c
+1 -11
View File
@@ -191,20 +191,10 @@ void mm_initialize(FAR struct mm_heap_s *heap, FAR void *heapstart,
/* Set up global variables */
heap_impl->mm_heapsize = 0;
#if CONFIG_MM_REGIONS > 1
heap_impl->mm_nregions = 0;
#endif
/* Initialize mm_delaylist */
heap_impl->mm_delaylist = NULL;
memset(heap_impl, 0, sizeof(struct mm_heap_impl_s));
/* Initialize the node array */
memset(heap_impl->mm_nodelist, 0,
sizeof(struct mm_freenode_s) * MM_NNODES);
for (i = 1; i < MM_NNODES; i++)
{
heap_impl->mm_nodelist[i - 1].flink = &heap_impl->mm_nodelist[i];
mm/mm_heap/mm_malloc.c
+2 -2
View File
@@ -59,8 +59,8 @@ static void mm_free_delaylist(FAR struct mm_heap_s *heap)
flags = enter_critical_section();
tmp = heap_impl->mm_delaylist;
heap_impl->mm_delaylist = NULL;
tmp = heap_impl->mm_delaylist[up_cpu_index()];
heap_impl->mm_delaylist[up_cpu_index()] = NULL;
leave_critical_section(flags);
mm/tlsf/mm_tlsf.c
+9 -5
View File
@@ -87,7 +87,11 @@ struct mm_heap_impl_s
/* Free delay list, for some situation can't do free immdiately */
FAR struct mm_delaynode_s *mm_delaylist;
#ifdef CONFIG_SMP
struct mm_delaynode_s *mm_delaylist[CONFIG_SMP_NCPUS];
#else
struct mm_delaynode_s *mm_delaylist[1];
#endif
};
/****************************************************************************
@@ -306,8 +310,8 @@ static void mm_add_delaylist(FAR struct mm_heap_s *heap, FAR void *mem)
flags = enter_critical_section();
tmp->flink = impl->mm_delaylist;
impl->mm_delaylist = tmp;
tmp->flink = impl->mm_delaylist[up_cpu_index()];
impl->mm_delaylist[up_cpu_index()] = tmp;
leave_critical_section(flags);
}
@@ -331,8 +335,8 @@ static void mm_free_delaylist(FAR struct mm_heap_s *heap)
flags = enter_critical_section();
tmp = impl->mm_delaylist;
impl->mm_delaylist = NULL;
tmp = impl->mm_delaylist[up_cpu_index()];
impl->mm_delaylist[up_cpu_index()] = NULL;
leave_critical_section(flags);