If thread 1 is executing kasan_unpoison but a scheduling occurs and the block is trampled upon, the displayed backtracking may still be from the previously allocated backtracking
Signed-off-by: wangmingrong1 <wangmingrong1@xiaomi.com>
This allows mapping pages from others than the running task. Obiously
this can only be done with proper preparations (the task in question
cannot exit before the mapping is released).
Of course, there is an error here, that is, the conditional judgment of
ifeq ($(CONFIG_LTO_NONE),n)
CFLAGS += -fno-lto
endif
is wrong, it should be judged as "ifneq ($(CONFIG_LTO_NONE),)"
Signed-off-by: wangmingrong1 <wangmingrong1@xiaomi.com>
The search algorithm does not work with the ctz approach at all, if there
is a free range of granules that does not fit a specific allocation (i.e.
the granule allocation is fragmented) it will cause an infinite loop as
the algorithm will try to find free space from the same (free) starting
granule, causing an infinite loop.
The clz approach works for all cases, it will find the last used granule
and the search will continue from the next free granule.
Also, offsetting a full GAT must be sizeof(gat[0] - 1), which is 31 in
this case. The reason is that the upper level search function increments
the value by +1.
reason:
1: spin_lock_init and spin_initialize have similar functionalities.
2: spin_lock and spin_unlock should be called in matching pairs.
Signed-off-by: hujun5 <hujun5@xiaomi.com>
The original code did the speedup only from the other direction (from end
to start). If the starting GAT index has reservations, they are not skipped
as a bunch, but instead the GAT is iterated bit-by-bit, causing a massive
performance issue.
Fix this by:
- Skipping full GATs right away
- Skipping all of the reserved bits from the starting GAT as a bunch
reason:
Since we decoupled counting and sem count,
we changed the meanings of three key global variables:
g_iob_count: A positive number indicates the available number
of IOBs, while a negative number indicates the number of waiters in iob_alloc (when throttle == false).
g_throttle_wait: Represents the number of waiters in
iob_alloc (when throttle == true), and it will not be negative.
g_qentry_wait: Represents the number of waiters for
qentry, and it will not be negative.
Signed-off-by: hujun5 <hujun5@xiaomi.com>
reason:
We decouple semcount from business logic
by using an independent counting variable,
which allows us to remove critical sections in many cases.
Signed-off-by: hujun5 <hujun5@xiaomi.com>
1. Calling CLEAN on these folders did not have any effect
2. bin,kbin will be created during the context construction process
Signed-off-by: wangmingrong1 <wangmingrong1@xiaomi.com>
This patch fixed userspace headers conflict. Architecture-related definition and API should not be exposed to users.
Signed-off-by: ouyangxiangzhen <ouyangxiangzhen@xiaomi.com>
`g_iob_sem.semcount` is both manually changed in iob source code and api
nxsem_xxx.
nxsem related API uses critical_section to ensure sem value is modified
correctly. If iob using spin lock and modify sem value in the same time,
it's not safe.
This PR revert the spin lock change and uses critical section to align
with what nxsem uses.
1. When dynamically loading, the read-only data of arm64 architecture is accessed through PC offset. When opening the tag kasan, because the PC value does not have a tag, accessing the read-only data will be detected with a tag mismatch error.
2. uninitial heap use 0xff poison, initial heap use 1-254 unpoison.
Signed-off-by: wangmingrong1 <wangmingrong1@xiaomi.com>
mempool is always be compiled, so when enable BACKTRACE but not enable
memdpool, the MM_HEAP_MEMPOOL_BACKTRACE_SKIP is not defined
mempool_add_backtrace() will compiled failed.
Signed-off-by: Bowen Wang <wangbowen6@xiaomi.com>
1. add IS_ALIGNED() definitions for NuttX;
2. replace all the ALIGN_UP() and ALIGN_DOWN() to use common
align implementation;
Signed-off-by: Bowen Wang <wangbowen6@xiaomi.com>
The unaligned address is used in kasan_register, but the aligned address is used in kasan_unregister.
The mismatch between the addr value and mm_heapstart will result in a crash due to the inability to unregister correctly.
Signed-off-by: yinshengkai <yinshengkai@xiaomi.com>
The address needs to be reset only when comparing addition, subtraction, multiplication and division addresses. Otherwise, the original address is always returned or saved.
Signed-off-by: wangmingrong1 <wangmingrong1@xiaomi.com>
