From 09f439bcc2fbe574dd619fcb97b617912dde63a6 Mon Sep 17 00:00:00 2001 From: tangyuxin <462747508@qq.com> Date: Sat, 1 Jan 2022 19:13:13 +0800 Subject: [PATCH] [memheap] Fix 64 bit potential risk --- components/finsh/msh.c | 2 +- include/rtdef.h | 6 ++--- include/rtthread.h | 12 +++++----- src/kservice.c | 6 ++--- src/memheap.c | 54 +++++++++++++++++++++++------------------- 5 files changed, 43 insertions(+), 37 deletions(-) diff --git a/components/finsh/msh.c b/components/finsh/msh.c index 47ee1efa59..27e937f750 100644 --- a/components/finsh/msh.c +++ b/components/finsh/msh.c @@ -71,7 +71,7 @@ MSH_CMD_EXPORT_ALIAS(cmd_ps, ps, List threads in the system.); #ifdef RT_USING_HEAP int cmd_free(int argc, char **argv) { - rt_uint32_t total = 0, used = 0, max_used = 0; + rt_size_t total = 0, used = 0, max_used = 0; rt_memory_info(&total, &used, &max_used); rt_kprintf("total : %d\n", total); diff --git a/include/rtdef.h b/include/rtdef.h index a018ceb21d..6d47d18a2c 100644 --- a/include/rtdef.h +++ b/include/rtdef.h @@ -927,9 +927,9 @@ struct rt_memheap void *start_addr; /**< pool start address and size */ - rt_uint32_t pool_size; /**< pool size */ - rt_uint32_t available_size; /**< available size */ - rt_uint32_t max_used_size; /**< maximum allocated size */ + rt_size_t pool_size; /**< pool size */ + rt_size_t available_size; /**< available size */ + rt_size_t max_used_size; /**< maximum allocated size */ struct rt_memheap_item *block_list; /**< used block list */ diff --git a/include/rtthread.h b/include/rtthread.h index 120f565f3e..4d4c93fd5e 100644 --- a/include/rtthread.h +++ b/include/rtthread.h @@ -266,9 +266,9 @@ void *rt_calloc(rt_size_t count, rt_size_t size); void *rt_malloc_align(rt_size_t size, rt_size_t align); void rt_free_align(void *ptr); -void rt_memory_info(rt_uint32_t *total, - rt_uint32_t *used, - rt_uint32_t *max_used); +void rt_memory_info(rt_size_t *total, + rt_size_t *used, + rt_size_t *max_used); #if defined(RT_USING_SLAB) && defined(RT_USING_SLAB_AS_HEAP) void *rt_page_alloc(rt_size_t npages); @@ -308,9 +308,9 @@ void *rt_memheap_alloc(struct rt_memheap *heap, rt_size_t size); void *rt_memheap_realloc(struct rt_memheap *heap, void *ptr, rt_size_t newsize); void rt_memheap_free(void *ptr); void rt_memheap_info(struct rt_memheap *heap, - rt_uint32_t *total, - rt_uint32_t *used, - rt_uint32_t *max_used); + rt_size_t *total, + rt_size_t *used, + rt_size_t *max_used); #endif #ifdef RT_USING_SLAB diff --git a/src/kservice.c b/src/kservice.c index fa0da4c7c4..ca4fb9c088 100644 --- a/src/kservice.c +++ b/src/kservice.c @@ -1558,9 +1558,9 @@ RTM_EXPORT(rt_free); * * @param max_used is a pointer to get the maximum memory used. */ -RT_WEAK void rt_memory_info(rt_uint32_t *total, - rt_uint32_t *used, - rt_uint32_t *max_used) +RT_WEAK void rt_memory_info(rt_size_t *total, + rt_size_t *used, + rt_size_t *max_used) { rt_base_t level; diff --git a/src/memheap.c b/src/memheap.c index 62b42f73ed..71e43580f4 100644 --- a/src/memheap.c +++ b/src/memheap.c @@ -27,7 +27,7 @@ /* dynamic pool magic and mask */ #define RT_MEMHEAP_MAGIC 0x1ea01ea0 -#define RT_MEMHEAP_MASK 0xfffffffe +#define RT_MEMHEAP_MASK 0xFFFFFFFE #define RT_MEMHEAP_USED 0x01 #define RT_MEMHEAP_FREED 0x00 @@ -38,6 +38,16 @@ #define MEMITEM_SIZE(item) ((rt_ubase_t)item->next - (rt_ubase_t)item - RT_MEMHEAP_SIZE) #define MEMITEM(ptr) (struct rt_memheap_item*)((rt_uint8_t*)ptr - RT_MEMHEAP_SIZE) +static void _remove_next_ptr(struct rt_memheap_item *next_ptr) +{ + /* Fix the crash problem after opening Oz optimization on ac6 */ + /* Fix IAR compiler warning */ + next_ptr->next_free->prev_free = next_ptr->prev_free; + next_ptr->prev_free->next_free = next_ptr->next_free; + next_ptr->next->prev = next_ptr->prev; + next_ptr->prev->next = next_ptr->next; +} + /** * @brief This function initializes a piece of memory called memheap. * @@ -173,7 +183,7 @@ RTM_EXPORT(rt_memheap_detach); void *rt_memheap_alloc(struct rt_memheap *heap, rt_size_t size) { rt_err_t result; - rt_uint32_t free_size; + rt_size_t free_size; struct rt_memheap_item *header_ptr; RT_ASSERT(heap != RT_NULL); @@ -382,8 +392,7 @@ void *rt_memheap_realloc(struct rt_memheap *heap, void *ptr, rt_size_t newsize) if (newsize > oldsize) { void *new_ptr; - /* Fix the crash problem after opening Oz optimization on ac6 */ - volatile struct rt_memheap_item *next_ptr; + struct rt_memheap_item *next_ptr; if (heap->locked == RT_FALSE) { @@ -432,10 +441,7 @@ void *rt_memheap_realloc(struct rt_memheap *heap, void *ptr, rt_size_t newsize) next_ptr->next_free, next_ptr->prev_free)); - next_ptr->next_free->prev_free = next_ptr->prev_free; - next_ptr->prev_free->next_free = next_ptr->next_free; - next_ptr->next->prev = next_ptr->prev; - next_ptr->prev->next = next_ptr->next; + _remove_next_ptr(next_ptr); /* build a new one on the right place */ next_ptr = (struct rt_memheap_item *)((char *)ptr + newsize); @@ -593,13 +599,13 @@ void rt_memheap_free(void *ptr) rt_err_t result; struct rt_memheap *heap; struct rt_memheap_item *header_ptr, *new_ptr; - rt_uint32_t insert_header; + rt_bool_t insert_header; /* NULL check */ if (ptr == RT_NULL) return; /* set initial status as OK */ - insert_header = 1; + insert_header = RT_TRUE; new_ptr = RT_NULL; header_ptr = (struct rt_memheap_item *) ((rt_uint8_t *)ptr - RT_MEMHEAP_SIZE); @@ -657,7 +663,7 @@ void rt_memheap_free(void *ptr) /* move header pointer to previous. */ header_ptr = header_ptr->prev; /* don't insert header to free list */ - insert_header = 0; + insert_header = RT_FALSE; } /* determine if the block can be merged with the next neighbor. */ @@ -685,10 +691,10 @@ void rt_memheap_free(void *ptr) { struct rt_memheap_item *n = heap->free_list->next_free;; #if defined(RT_MEMHEAP_BSET_MODE) - rt_uint32_t blk_size = MEMITEM_SIZE(header_ptr); + rt_size_t blk_size = MEMITEM_SIZE(header_ptr); for (;n != heap->free_list; n = n->next_free) { - rt_uint32_t m = MEMITEM_SIZE(n); + rt_size_t m = MEMITEM_SIZE(n); if (blk_size <= m) { break; @@ -732,9 +738,9 @@ RTM_EXPORT(rt_memheap_free); * @param max_used is a pointer to get the maximum memory used. */ void rt_memheap_info(struct rt_memheap *heap, - rt_uint32_t *total, - rt_uint32_t *used, - rt_uint32_t *max_used) + rt_size_t *total, + rt_size_t *used, + rt_size_t *max_used) { rt_err_t result; @@ -898,10 +904,10 @@ int memheapcheck(int argc, char *argv[]) break; } /* check next and prev */ - if (!((rt_uint32_t)item->next <= (rt_uint32_t)((rt_uint32_t)heap->start_addr + heap->pool_size) && - (rt_uint32_t)item->prev >= (rt_uint32_t)heap->start_addr) && - (rt_uint32_t)item->next == RT_ALIGN((rt_uint32_t)item->next, RT_ALIGN_SIZE) && - (rt_uint32_t)item->prev == RT_ALIGN((rt_uint32_t)item->prev, RT_ALIGN_SIZE)) + if (!((rt_ubase_t)item->next <= (rt_ubase_t)((rt_ubase_t)heap->start_addr + heap->pool_size) && + (rt_ubase_t)item->prev >= (rt_ubase_t)heap->start_addr) && + (rt_ubase_t)item->next == RT_ALIGN((rt_ubase_t)item->next, RT_ALIGN_SIZE) && + (rt_ubase_t)item->prev == RT_ALIGN((rt_ubase_t)item->prev, RT_ALIGN_SIZE)) { has_bad = RT_TRUE; break; @@ -919,7 +925,7 @@ int memheapcheck(int argc, char *argv[]) { rt_kprintf("Memory block wrong:\n"); rt_kprintf("name: %s\n", heap->parent.name); - rt_kprintf("item: 0x%08x\n", item); + rt_kprintf("item: 0x%p\n", item); } return 0; } @@ -948,7 +954,7 @@ int memheaptrace(int argc, char *argv[]) /* memheap dump */ rt_kprintf("\nmemory heap address:\n"); rt_kprintf("name : %s\n", mh->parent.name); - rt_kprintf("heap_ptr: 0x%08x\n", mh->start_addr); + rt_kprintf("heap_ptr: 0x%p\n", mh->start_addr); rt_kprintf("free : 0x%08x\n", mh->available_size); rt_kprintf("max_used: 0x%08x\n", mh->max_used_size); rt_kprintf("size : 0x%08x\n", mh->pool_size); @@ -960,7 +966,7 @@ int memheaptrace(int argc, char *argv[]) { if ((header_ptr->magic & RT_MEMHEAP_MASK) != RT_MEMHEAP_MAGIC) { - rt_kprintf("[0x%08x - incorrect magic: 0x%08x\n", + rt_kprintf("[0x%p - incorrect magic: 0x%08x\n", header_ptr, header_ptr->magic); break; } @@ -969,7 +975,7 @@ int memheaptrace(int argc, char *argv[]) if (block_size < 0) break; - rt_kprintf("[0x%08x - ", header_ptr); + rt_kprintf("[0x%p - ", header_ptr); if (block_size < 1024) rt_kprintf("%5d", block_size); else if (block_size < 1024 * 1024)