[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

problem with memory allocation

Hi Joel, hi everybody

During the port of RDBG on powerPc target, we have seen that a
problem occured with the socket (unable to bind).

I have investigated and found it seems to be a problem with malloc.
The returned value is in a memory space which is already allocated.

This happens during the MALLOC located in the function socreate
(file uipc_socket.c). A pointer in a network stucture is corrupted 
by the bzero because the returned address belongs to the structure.

I have several questions to understand better some mechanism to
try to solve our problem :

1 - Where does the memory allocated by a malloc come from :
    the workspace or the heap ?

    My heap is from 0x60000 to 0x3f7ffff.
    My workspace is from 3f80000 to the memory end.
  
    When rtems_bsdnet_malloc is called, the returned value is in
    the heap.
    When malloc is called directly (in my dec21140 driver, due to
    undef malloc and free), the returned value is in the workspace.

2 - How does the malloc mechanism work ?

    I have seen that the heap is seen as a region. To obtain memory,
    a call to Region_Allocate_Segment is performed, which called
    _Heap_Allocate. 
    I have not well understood the Heap management (block, circular
    buffers,... ?)    

3 - When is the workspace used ?

4 - When is the heap used ?

FYI, all this code works well on pc386, our other target.

Thanks in advance.

-- Emmanuel
       |        Emmanuel RAGUET          |  
     _ | CANON CRF - Communication Dept. | _  
    / )|    Tel: +33(0)2 99 87 96 47     |( \
   / / |    Fax: +33(0)2 99 84 11 30     | \ \
 _( (_ |  _  http://www.crf.canon.fr  _  | _) )_
(((\ \>|_/ )_________________________( \_|</ /))) 
(\\\\ \_/ /                           \ \_/ ////)
 \       /                             \       /
  \    _/                               \_    / 
  /   /                                   \   \