Merge branch 'bugfix/malloc_failure' into 'master'

heap: Fix race condition causing malloc() to fail under some conditions See merge request !1424
2017-10-19 21:30:26 +08:00 · 2017-10-19 21:30:26 +08:00 · 6cc8099610
commit 6cc8099610
--- a/components/heap/multi_heap.c
+++ b/components/heap/multi_heap.c
@ -347,12 +347,22 @@ void *multi_heap_malloc_impl(multi_heap_handle_t heap, size_t size)
    size_t best_size = SIZE_MAX;
    size = ALIGN_UP(size);

-    if (size == 0 || heap == NULL || heap->free_bytes < size) {
+    if (size == 0 || heap == NULL) {
        return NULL;
    }

    multi_heap_internal_lock(heap);

+    /* Note: this check must be done while holding the lock as both
+       malloc & realloc may temporarily shrink the free_bytes value
+       before they split a large block. This can result in false negatives,
+       especially if the heap is unfragmented.
+    */
+    if (heap->free_bytes < size) {
+        MULTI_HEAP_UNLOCK(heap->lock);
+        return NULL;
+    }
+
    /* Find best free block to perform the allocation in */
    prev = &heap->first_block;
    for (heap_block_t *b = heap->first_block.next_free; b != NULL; b = b->next_free) {