When closing a file handle remove the handle from the handle list
regardless of what the reference count of the key it is pointing to is.
This prevents config store from keeping a handle to file handles that
have gone out of scope.
The function cfstore_delete_ex is written under the assumption that
CFSTORE_REALLOC will never fail if the size is decreasing. Regardless
of the status of CFSTORE_REALLOC the entry is removed from the config
store and zeroed. This works correctly if CFSTORE_REALLOC correctly
updates area_0_tail, but can lead to crashes in the case area_0_tail is
left unchanged. The crash is because when iterating over the config
store data, cfstore_get_next_hkvt is unable to determine the end of
valid data.
This patch fixes this problem by handling the realloc failure case by
updating area_0_tail even if CFSTORE_REALLOC returns NULL. This
patch also adds an assert to check for out of bound entries in when
calling cfstore_get_next_hkvt. This allows an assert to be triggered
if this bug is re-introduced, rather than a crash.
When the config store is powered down area_0_head is freed, but
area_0_len is not set to 0. This causes when cfstore_realloc_ex is
called, since on the first allocation it appears that the config store
size is decreasing, and therefore the data is not initialized.
Since the data is uninitiated various fields such as the reference
can have invalid values. On GCC_ARM built with heap stats enabled
this manifests as a crash due to an invalid reference count.
This patch fixes this problem by setting area_0_len to 0 when the data
is freed.
- flash-journal basicAPI fix for ARM toolchain
- Updated storage-abstraction with version 0.4.7
(commit c7c4a8c52298bbc006a6f53a059fb2599cad73cc).
- https://github.com/ARMmbed/storage-volume-manager at version v0.2.10.
- https://github.com/ARMmbed/mtd-k64f v0.4.2 version of flash.c (imported as storage_driver.c).
- update to CFSTORE to use the storage-volume-manager API to initialize volume manager and
add a volume for CFSTORE to use.
- https://github.com/ARMmbed/flash-journal at version v0.5.3
(commit 4c58165e2fa02c6ed2b9d166a9c96967e81f458f) including readFrom() support.
- Taking flash-journal-strategy-sequential v0.6.7 strategy.c
(commit b11a718761aa9f33679956968a21aaef9179bde1).
- GCC_ARM, ARM and IAR compiler warning fixes for new versions of flash-journal code.
- Fix storage-volume-manager test cases for concurrent access from 2 volumes to use
addresses within the 512-1024kB address range, which is within the cfstore added volume.
- Fix cfstore/storage-volume-manager IAR warnings when building with verbose flag.
- issue 17: Heap corruption.
- issue 23: Handles invalidated when realloc called.
- issue 24: cfstore_find returns error when "previous" parameter is NULL.
- issue 25: Memory leak when out of memory.
With respect to issues 17 and 23:
- A code defect existed for correctly updating cfstore_file_t data structures
under the following conditions:
-- the KV memory area contained some KV's.
-- cfstore calls realloc() to increase the size of the KV area in
memory because:
* A new KV was being added to the KV area, or
* the size of a pre-existing KV was being increased.
-- The returned address from realloc() has changed from before the
call (i.e. the location in memory of the KV area has changed)
e.g. the presence of heap memory objects directly above the KV memory
area in the memory address space causes realloc() to move the KV area
so the newly increased area can be accommodated at contiguous addresses.
-- In this scenario, the cfstore_file_t (structures for open files) head pointers
do not get correctly updated.
-- The defect was fixed by correctly updating the cfstore_file_t:: head pointer.
-- A new add_del test case was added to the scenario where a new KV is being added
to the KV area.
-- A new create test case was added to the scenario where the size of a
pre-existing KV is being increased in size.
- A code defect for suppling a NULL handle as the previous argument to the Find() method
(issue 24).
-- Supply a null handle is valid, but it was being used to check for a valid hkey,
which was incorrect.
-- A new test case was added to check the case of supplying a NULL previous argument
works correctly.
- A code defect for a memory leak under the following conditions (issue 25):
-- When realloc() fails to perform a requested change to the size of the KV area, the
error handling sometimes incorrectly sets cfstore_context_t::area_0_head to NULL.
Cfstore returns a suitable error to the client. If memory had previously been held
at area_0_head, realloc(area_0_head, size) returning NULL means the memory
at area_0_head is still retained.
-- On receiving the error code, the client cleans up including a call to Uninitialize().
This should free the retained but as area_0_head == NULL this is not possible. Hence
a memory leak occurred.
-- This was fixed by not setting area_0_head = NULL on the realloc() failure.
-- A create test case was modified to detect the leaking of memory in this way.
Make the journal object in cfstore_test_startup static since the call
to FlashJournal_initialize keep a copy of this for future use. This fixes
an intermittent crash start started showing up when optimizations
were set to "-os".
Simon Hughes
Marcus Chang
Russ Butler