[En-Nut-Discussion] Should free test DEADBEEF by default?

Moritz Struebe morty at gmx.net
Tue Apr 22 16:40:01 CEST 2008


Ole Reinhardt schrieb:
> Hi,
>
>   
>>
>> Is there a good reason to/not check the DEADBEEF when freeing mem. After 
>> all it's likely that (1) the boundaries were not obeyed or (2) a wrong 
>> pointer got freed. Shouldn't free just return -1 in this case?
>>     
>
> Normal libc implementation of free defines free as a void function.
>   

I know, but NutHeapFree already returns -1 on double free.

> On the other hand: If you did not obeye the boundaries of your allocated
> memory everthing else will likely fail long before the memory get freed
> again.
>
> Without a mmu you does not have much possibilities to detect buffer
> overflows.
>   

This is what I'm musing about. Once you went past the DEADBEEF you can 
assume that your managed memory is broken and can not be recovered. 
Therefore the most reasonable thing to do, is probably to halt or reset 
the system. *brainstorming* Maybe adding some fatal error function is 
reasonable. This would allow something between the DEBUG overhead and no 
detection at all. I was also thinking of checking the stack when 
dispatching a thread. Of course this probably too late, too, but at 
least it's detected at all.

Cheers
Morty



More information about the En-Nut-Discussion mailing list