From c59426f60ddfa85104dff79a5f2c3fabc23f6180 Mon Sep 17 00:00:00 2001 From: Patrick Georgi Date: Fri, 26 Jan 2024 19:47:29 +0100 Subject: [PATCH] malloc/memalign: Return NULL if the request is too large It's what this function family is defined to do, we currently don't usually run into the case (see: not too many die() instances going around), it's more useful to try to recover, and the JPEG parser can run into it if the work buffer size exceeds the remaining heap, whereas its sole user (the bootsplash code) knows what to do when seeing a NULL. Use xmalloc() if you want an allocation that either works or dies. tl;dr: That code path isn't usually taken. Right now it crashes. With this patch it _might_ survive. There is a use-case for doing it like that now. Change-Id: I262fbad7daae0ca3aab583fda00665a2592deaa8 Signed-off-by: Patrick Georgi Reviewed-on: https://review.coreboot.org/c/coreboot/+/80226 Tested-by: build bot (Jenkins) Reviewed-by: Martin L Roth Reviewed-by: Eric Lai --- src/lib/malloc.c | 5 ++++- tests/lib/malloc-test.c | 14 ++++---------- 2 files changed, 8 insertions(+), 11 deletions(-) diff --git a/src/lib/malloc.c b/src/lib/malloc.c index 052a53e568..30298064d9 100644 --- a/src/lib/malloc.c +++ b/src/lib/malloc.c @@ -44,7 +44,10 @@ void *memalign(size_t boundary, size_t size) p, free_mem_ptr); printk(BIOS_ERR, "but free_mem_end_ptr is %p\n", free_mem_end_ptr); - die("Error! %s: Out of memory (free_mem_ptr >= free_mem_end_ptr)", __func__); + printk(BIOS_ERR, "Error! %s: Out of memory " + "(free_mem_ptr >= free_mem_end_ptr)", + __func__); + return NULL; } MALLOCDBG("%s %p\n", __func__, p); diff --git a/tests/lib/malloc-test.c b/tests/lib/malloc-test.c index 452d74f888..f5d528e1c4 100644 --- a/tests/lib/malloc-test.c +++ b/tests/lib/malloc-test.c @@ -34,11 +34,6 @@ TEST_REGION(test_heap, TEST_HEAP_SZ); TEST_SYMBOL(_heap, _test_heap); TEST_SYMBOL(_eheap, _etest_heap); -void die(const char *msg, ...) -{ - function_called(); -} - static int setup_test(void **state) { free_mem_ptr = &_heap; @@ -56,9 +51,8 @@ static int setup_calloc_test(void **state) static void test_malloc_out_of_memory(void **state) { - /* Expect die() call if out of memory */ - expect_function_call(die); - cb_malloc(TEST_HEAP_SZ); + void *ptr = cb_malloc(TEST_HEAP_SZ); + assert_ptr_equal(ptr, NULL); } static void test_malloc_zero(void **state) @@ -102,8 +96,8 @@ static void test_memalign_different_alignments(void **state) static void test_memalign_out_of_memory(void **state) { - expect_function_call(die); - cb_memalign(16, TEST_HEAP_SZ); + void *ptr = cb_memalign(16, TEST_HEAP_SZ); + assert_ptr_equal(ptr, NULL); } static void test_memalign_zero(void **state)