Commit graph

66 commits

Author SHA1 Message Date
William Wilgus
40355caefd buflib_shrink use NULL to signal start isn't changing
Change-Id: Id3e86d3860b8ed860dc6dcbc394b1b8f9f3274b5
2023-01-13 09:50:29 -05:00
Aidan MacDonald
719d48afc4 buflib: Refactor various debugging features
Gate buflib_get_data() checking, debug printing, and buflib
integrity checks behind individual defines in buflib.h, and
turn them all off by default. If needed, they can be turned
on manually when compiling.

The buflib debug menu is only available if debug printing is
enabled, so after this commit it will no longer be included
in normal builds -- it isn't very useful to end users.

Change-Id: Iab25b7852bc7c5592ce04c9c45762046a87d5bc3
2023-01-13 10:32:57 +00:00
Aidan MacDonald
e492b51d83 buflib: Remove block start / end distinction
Removing the variable-length name in the middle of buflib metadata
makes it a lot easier to deal with.

Change-Id: I6eaf236c2285cae40fb6ff0fa5acf827972cdd8b
2023-01-13 10:32:57 +00:00
Aidan MacDonald
5a3ee83555 buflib: Remove CRC checks
The CRC is a fairly useless safety check because we already
have specific checks to validate the metadata, and CRCs are
only verified before calling the move callback. Removing the
check should not significantly reduce buflib's robustness.

Change-Id: Ica99bd92fc514819b4fd9f359b4272e581020f75
2023-01-13 10:32:57 +00:00
Aidan MacDonald
31f03d9433 buflib: Optimize away the BSIZE metadata field
Now that allocations are unnamed, BSIZE is a constant.

Change-Id: Iab52cbebe426ea0d12f428582347e20ed243367f
2023-01-13 10:32:56 +00:00
Aidan MacDonald
1e9ad3ca0d Remove buflib allocation names, part two
Remove allocation names from the buflib API and fix up all callers.

Change-Id: I3df922e258d5f0d711d70e72b56b4ed634fb0f5a
2023-01-13 10:32:54 +00:00
Aidan MacDonald
3301c5aa6d Remove buflib allocation names, part one
Remove the name handling code, but leave the allocation structure
otherwise untouched; it's as if all callers provided a NULL name.
The public API still accepts names but names are no longer stored
or returned.

Change-Id: I6c4defcdfd255774f02030949a0fd731477e6a54
2023-01-13 05:12:17 -05:00
Aidan MacDonald
5f2ca6718d Revert "buflib.c strip path from alloc name"
The font code expects the full path to be stored in the
buflib alloc so this breaks eg. saving the glyph cache.

This reverts commit 2b4a4070c9.

Change-Id: I53844c39b34b14f7c8e5999825c1d012fa3f74dc
2022-12-23 19:59:06 +00:00
William Wilgus
2b4a4070c9 buflib.c strip path from alloc name
Change-Id: I6a0f1cc9037fcbe0245d94b4c77ba4ec08378434
2022-12-20 18:10:44 -05:00
William Wilgus
f6c719d7ec replace strlcpy with strmemccpy
replace applicable calls to strlcpy with calls to strmemccpy
which null terminates on truncation

in theory the strmemccpy calls should be slightly faster since they
don't traverse the rest of the source string on truncation
but I seriously doubt there is too much of that going on in the code base

Change-Id: Ia0251514e36a6242bbf3f03c5e0df123aba60ed2
2022-11-14 23:56:16 -05:00
William Wilgus
12ef045fdf move buflib_free invalid handle check to the function
allow buflib_free to check for invalid or already freed handles
within the function -- remove all the invalid handle guards thru core_free

Change-Id: Ibdcbc82760fc93b674c42283fca420d94907df8e
2022-10-15 09:26:58 -04:00
Aidan MacDonald
f47aa584a8 buflib: add pin/unpin operation
An allocation is pinned by calling buflib_pin() to up its pin count.
The pin count is like a reference count: when above 0, buflib won't
move the allocation and won't call its move callbacks. This makes it
safe to hold the pointer returned by buflib_get_data() across yields
or allocations.

Note that pinned allocations can still shrink because there are some
use cases where this would be valid, if buffer users coordinate with
the shrink callback.

Change-Id: I0d0c2a8ac7d891d3ad6b3d0eb80c5b5a1b4b9a9d
2022-09-19 15:09:51 -04:00
Aidan MacDonald
ecfec3e9bf buflib: add handle_to_block_end
Change-Id: I598cf32bc8cd08ab4bca3827645e0a38b284468f
2022-09-19 15:09:51 -04:00
Aidan MacDonald
88b21731fc buflib: enable all paranoia checks
Since allocation is infrequent in Rockbox enabling the extra
checks to catch memory corruption is probably worth the time
and code size cost.

Change-Id: If0d701421054328c57b69e4d0af30759d799d158
2022-09-19 15:09:51 -04:00
Aidan MacDonald
8f896b14d3 buflib: remove the 'name' member from union buflib_data
Using a length 1 char array to point to the name buffer triggers
a -Warray-bounds warning from GCC when fortified strcpy is used.

This type of construct isn't safe in general -- if the compiler
makes assumptions based on the array bound it can create subtle
bugs when accessing the array out of bounds.

Instead, add a function get_block_name() which returns a pointer
to the name field by casting. This suppresses the warning and it
should be a bit more portable.

Change-Id: I25d4f46f799022ad0ec23bef0218f7595cc741ea
2022-09-19 15:09:51 -04:00
Aidan MacDonald
6e9b1b344b buflib: remove buflib_print_allocs / buflib_print_blocks
These don't have any users and there is already another way to
print blocks (which is actually used by the debug menu).

Change-Id: Ic6a4f874c6499c42bc046e8af3e4aaddc9e68276
2022-09-19 15:09:51 -04:00
Aidan MacDonald
59edcc57a2 buflib: omit CRC field if CRC paranoia is not enabled
If we don't check or generate CRCs then the CRC field can be left
out of the header, which reduces buflib overhead slightly.

Change-Id: I08b4cf77a701d8f6da453e019a0373d858a79ae4
2022-09-19 15:09:51 -04:00
Aidan MacDonald
dcc4e54b77 buflib: refactor CRC checks as paranoia
Move CRC checking and updating behind a paranoia bit, like the
other checks, so it can be enabled and disabled.

Change-Id: Icff66c842cbd5af2d99aa91e6c40447a64e6d4b2
2022-09-19 15:09:51 -04:00
Aidan MacDonald
f82f3044a7 buflib: add paranoia checks for handles
Handle checks ensure that the data in the handle table points
within buflib memory and checks handle entry pointers in block
headers before dereferencing them.

Change-Id: Ic16f1b81c1a0ea63c0e7f48d87938293b75c2419
2022-09-19 15:09:51 -04:00
Aidan MacDonald
73b9b227eb buflib: add block length paranoia checks for loops
Tighten up checking by adding length checks to loops which
ensure the iteration stays within bounds. Check is disabled
by default and can be enabled using a BUFLIB_PARANOIA bit.

Change-Id: I35e911e0878797d5ebf732be548ca659f6910fe0
2022-09-19 15:09:51 -04:00
Aidan MacDonald
b12427741a buflib: clean up and refactor to improve maintainability
Buflib is written with a lot of hardcoded offsets to header fields,
arbitrary pointer arithmetic, and similar but not quite duplicated
code, making maintenance a nightmare.

Most of the pointer arithmetic involving header fields is replaced
by indexing from two well-defined pointers, the block start and end
pointers. The start pointer points to the first header field, and
he end pointer is one past the end of the header.

Hardcoded field indices are replaced by two enums. Forward indices
(fidx_XXX) are used to access fields from a block start pointer and
negated backward indices (-bidx_XXX) are used to index from a block
end pointer. There is no overlap between the indices because of the
variable length name field in the middle of the header. The length
of the fixed fields in the block header is now a #define'd constant
rather than being open coded.

There is now a function to acquire the block end pointer from the
user data pointer (ie. the pointer stored in the handle table). The
old code was not consistent in this; some functions would handle a
non-aligned user pointer, which may occur as a result of shrinking,
while other uses just assumed the user pointer was aligned.

Block CRC calculations have also been factored out to a function
that accepts block start and end pointers.

Change-Id: I6a7e8a8c58aec6c6eaf0e5021400032d8e5f841e
2022-09-19 15:09:51 -04:00
Aidan MacDonald
fdde6bb5a7 buflib: optimize getting start of block from end of block
The block header has a variable length due to the embedded name.
The name length is stored at the back of the header after the
name, in order to allow finding the start of the header if only
the user data pointer is known (eg. from the handle table).

The name length is actually not interesting in itself; storing
the total length of the block header instead is marginally more
efficient, saving one addition in handle_to_block().

Instead the extra arithmetic must be done by buflib_get_name(),
which is a much less common operation than handle_to_block().

Change-Id: Ia339a1d2f556a11a49deae0871203e70548bd234
2022-09-19 15:09:51 -04:00
Aidan MacDonald
ef476ba298 buflib: correct a confusingly indented comment
Change-Id: I9ef13d697c4abb81883d4a47273e69fcc2dafe37
2022-09-19 15:09:51 -04:00
Aidan MacDonald
c8365b2bdd buflib: fix bug in handle_table_shrink
The way it iterated over the handle table is unsafe if *every*
handle is free, leading to an out of bounds access.

This is a contrived example, but the bug can be triggered by
making several allocations, freeing them out of order so that
the handle table remains uncompacted, and then triggering a
compaction using buflib_alloc_maximum().

Change-Id: I879e2f0b223e6ca596769610ac46f4edf1107f5c
2022-09-19 15:09:51 -04:00
Aidan MacDonald
4d3bf1c446 buflib: add comment in handle_alloc, remove a dead store
It isn't obvious why the "handle->val = -1" at the end of handle_alloc
is needed so add an explanatory comment. But "handle->val = 1" prior to
calling handle_free is simply a dead store.

Change-Id: I9ab4e96e87e940cfd1a2ed56f089287821669c73
2022-09-19 15:09:51 -04:00
Aidan MacDonald
840f6b79c7 buflib: update first_free_handle in handle_alloc
Since we're scanning the handle table for the first free slot,
we know none of the scanned slots are free. Use that knowledge
to update first_free_handle and avoid rescanning filled slots
again when the next handle is allocated.

Change-Id: I457372f66c231168cfffa7e905d1e9fb80002f5f
2022-09-19 15:09:51 -04:00
Aidan MacDonald
f622bcfe4f buflib: fix buflib_context_relocate alignment check
Use the standard IS_ALIGNED macro and check alignment against
sizeof(buflib_data), as it can be greater than 4 bytes if we're
on a 64-bit platform (eg. simulator).

Change-Id: I15110937d1f2978e733d169050de9531fe218214
2022-09-19 15:09:51 -04:00
Aidan MacDonald
bcaa9465e9 buflib: optimize find_block_before
Exiting the loop implies next_block == block, so remove that check.
The check ret < block is false only if block is the first block, which
can be checked before the loop, saving a few cycles in that case.

Change-Id: Id493b5259a23a35a70b09dfe4bc4eacaf420760c
2022-09-19 15:09:51 -04:00
Aidan MacDonald
e8faf2f2ad buflib: add a common dummy callbacks struct & use it
There are various allocations that can't be moved or shrunk.
Provide a global callback struct for this use case instead of
making each caller declare its own dummy struct.

Also fixed ROLO and x1000 installer code which incorrectly
used movable allocations.

Change-Id: I00088396b9826e02e69a4a33477fe1a7816374f1
2022-02-12 10:24:32 -05:00
William Wilgus
8577d5aea3 Buflib_init Bugfix Minsize
when buflib_init is called with a buffer smaller than
sizeof(union buflib_data); size will be zero
Later when the alloc fails buflib will keep try to free items
in order to satisify the request this crashes in the sim
I suspect this behavior holds true on device as well
but I havent verified this as of yet.

patch adds minimal overhead to the buflib and panics when the size is too small

Change-Id: I46e510367fc1cac19ce01ee6f92d8cf0d65ef914
2020-07-15 13:29:21 +00:00
William Wilgus
976831e667 Buflib add range checks blocks and crc_slot raise panic if out of range
Change-Id: I81df5c145a8cb003827a5423f484f70333e2472e
2019-01-04 06:47:20 +01:00
Thomas Jarosch
bce72e6f2c buflib: Switch from term "cookie" to "metadata"
The documentation of buflib first mentions metadata
and then changes to "cookie" without explaining it.

Fix it by sticking to metadata.

Change-Id: I0b36b18f4f2590132901c10326481975f8b9b9da
2015-01-02 19:26:03 +01:00
Thomas Jarosch
66df5f3891 Improve core_alloc() / buflib_alloc() documentation
Document the fact that buffers are movable by default.
Care must be taken to not pass them to functions that yield().

Also clarify other things:
- Passing NULL as "ops" to buflib_alloc_ex() causes
  buffers to be movable by default (but not shrinkable).

- If you want shrinkable buffers during compaction,
  you have to provide a shrink callback.

- To disable buffer movement, you have to pass NULL
  for the move_callback inside the callback structure.

- The concept of default callbacks was removed
  long ago, remove the only reference of it.

Change-Id: I3bf0ea6b08b507d80a19f3c2c835aca32b3f7800
2015-01-02 18:51:15 +01:00
Thomas Jarosch
9076b433d1 PictureFlow: Add move callback for buflib allocations
If we don't provide a callback to buflib_alloc(),
the buffer is always movable (to reduce fragmentation).

Since we pass our buffer to functions that call yield(),
this could lead to memory corruption on buflib compaction.

Change-Id: Id1fad1822479d692551c55cb8bc87cea7b78f759
2015-01-01 23:49:41 +01:00
Thomas Jarosch
09f7bb82ca Add missing newline in debug output
Change-Id: Ifd67dbcc80db328391464ec93316c48f914bc590
2014-12-30 00:17:38 +01:00
Thomas Jarosch
da5a36d6d2 Document 'union buflib_data'
Change-Id: Ia98fa8e7887338d6c0b7a5795a0ae5c7a13014ba
2014-12-29 23:49:12 +01:00
Thomas Martitz
4ce39f7e73 buflib: Add a define telling the per-alloc overhead.
This allows buflib clients to more accurately estimate the total memory usage.
It's still not 100% accurate because the handle table grows in blocks, thus
buflib might use more memory that caused by allocations directly.

Change-Id: I68338bb94f510ad188fcb588aebf895b5f9197c5
2014-02-02 19:40:38 +01:00
Thomas Martitz
4ce1deacfd buflib: Properly support allocations without any name, to avoid wasting space
in micro-allocation scenarios.

Change-Id: I97a065bcfba8e0fda9b1670445e839e267c769c8
2014-02-02 19:40:38 +01:00
Thomas Martitz
d66346789c buflib: Check the validity of of handles passed to buflib_get_data() in DEBUG builds.
Change-Id: Ic274bfb4a8e1a1a10f9a54186b9173dbc0faa4c8
2014-02-02 16:59:29 +01:00
Thomas Martitz
d608d2203a buflib: Abstract panicf() into buflib_panic().
Change-Id: I4968a9bc290e10e30a77c36c19f694e286e7ef22
2014-02-02 16:59:29 +01:00
Marcin Bukat
7ab237b025 buflib: Add crc field protecting buflib cookie integrity
This should catch the case of buffer misuse which results
in corrupted cookie of next allocation. The check is performed
on move_block() so it may be a bit late.

There is buflib_check_valid() provided which checks the
integrity of all cookies for given context.
On DEBUG build with --sdl-thread this check is carried out
for core_ctx on every context switch to catch problems earlier.

Change-Id: I999d4576084592394e3dbd3bdf0f32935ff5f601
Reviewed-on: http://gerrit.rockbox.org/711
Reviewed-by: Thomas Martitz <kugel@rockbox.org>
2014-01-16 10:17:39 +01:00
Thomas Martitz
281d1fadb3 Do not include kernel.h in system.h.
system.h doesn't need it on its own and this change makes it less
dependant on Rockbox internals.

Change-Id: I4e1e4108a52a7b599627a829204eb82b392fc6d6
2014-01-05 19:35:23 +01:00
Thomas Martitz
64b9e1fa7b buflib: Add buflib_context_relocate().
This function relocates a buflib back buffer, updating pointers in struct
buflib_context. It does not move any data by itself.

The intended use-case is buflib-on-buflib, where a buflib back buffer is
allocated with buflib and attempted to be moved. The move_callback() can call
this and return BUFLIB_CB_OK on success. No move_callback() is called for the
subordinate buflib buffer, therefore it must not contain non-movable
allocations. The caller is generally responsible moving the data and all its
implications.

Change-Id: I869219f9cff786a172c9e917a5f34470073892e6
2013-12-22 23:11:32 +01:00
Thomas Martitz
d25a512caf buflib: Try harder in buflib_alloc_maximum().
This function will now ask shrinkable allocations to give up all of their
memory. With future support of playback.c this can be used as a safe
replacement for audio_get_buffer().

Change-Id: I290a51d2c75254e66baf5698c41dc444dea6247a
2013-12-22 23:11:32 +01:00
Thomas Martitz
af4e408555 buflib: Change buflib_available() and add buflib_allocatable().
buflib_allocatable() is what buflib_available() was before (it was in fact
simply renamed). It returns the largest contiguous block of memory. This
can be allocated and will definitely succeed, although larger allocations
may also succeed if the buffer can be compacted and shrinked.

buflib_available() now counts all free bytes, contiguous or not. This
better matches the description and how the caller use it.

Change-Id: I511e4eb5f4cf1821d957b3f4ef8a685ce40fe289
Reviewed-on: http://gerrit.rockbox.org/481
Reviewed-by: Thomas Martitz <kugel@rockbox.org>
Tested-by: Thomas Martitz <kugel@rockbox.org>
2013-07-07 10:46:07 +02:00
Thomas Martitz
46ea8bfe7c buflib: Allow handle to be freed entirely during the shrink callback.
Change-Id: I3a069dcb99bbd4022faf37596b03beb926d2ea82
Reviewed-on: http://gerrit.rockbox.org/480
Reviewed-by: Thomas Martitz <kugel@rockbox.org>
Tested-by: Thomas Martitz <kugel@rockbox.org>
2013-06-24 15:24:34 +02:00
Michael Sevakis
b7e0e1a0a3 buflib: Remove compulsory IRQ disable during buffer move.
It can cause excessively long interrupt outages if moving a larger
buffer and disrupt audio where DMA is not at a higher interrupt priority
such as FIQ.

Some targets, like Gigabeat S, have very low audio interrupt latency
requirements and will even channel swap if they are missed. Pictureflow
will make the issue very obvious. Even then, moves could take
milliseconds or more depending on the buffer size which is far too long
for any target.

Change-Id: I8e7817213e901da67c36b7eb25d7cb1c1e3ba802
Reviewed-on: http://gerrit.rockbox.org/472
Reviewed-by: Michael Sevakis <jethead71@rockbox.org>
Tested-by: Michael Sevakis <jethead71@rockbox.org>
2013-05-23 18:25:29 +02:00
Michael Sevakis
7e3e9b9289 Stop the BDEBUGF format warnings in buflib.c
Change-Id: I63881da2b857cf4e462f7730f9cd54dc1743fc2f
2012-05-02 17:37:10 -04:00
Michael Sevakis
0d568bb6ce Stop lame warnings about braces and empty body of 'if' statement.
Change-Id: I9f0e3d047a91a8f49d5c64f961f8fff054f37099
2012-05-02 17:30:32 -04:00
Michael Sevakis
da6cebb6b0 Use buflib for the allocation of voice PCM resources.
Buffers are not allocated and thread is not created until the first
call where voice is required.

Adds a different callback (sync_callback) to buflib so that other
sorts of synchonization are possible, such as briefly locking-out the
PCM callback for a buffer move. It's sort of a messy addition but it
is needed so voice decoding won't have to be stopped when its buffer
is moved.

Change-Id: I4d4d8c35eed5dd15fb7ee7df9323af3d036e92b3
2012-05-02 17:22:28 -04:00