Hi, During the test, I've got a system crash (hardfault) when running os_test.
After debugging with jtag+gdb, I found that crash occurred at line 283 of mm_realloc() (mm_realloc.c). Hardfault cause was "accessing invalid memory area". This is because realloc logic uses new size (not the original size) when copying data to new target. For example, original size is 32 and realloc 1024, then current logic will try 1024 memcpy and this try crosses the end of valid memory and produce memory faults. (or just grap other processes memory if it is valid memory area). Simple code reordering should fix this issue (line 273 - 283). ================ From /* Now we want to return newnode */ oldnode = newnode; oldsize = newnode->size; /* Now we have to move the user contents 'down' in memory. memcpy * should be safe for this. */ newmem = (FAR void *)((FAR char *)newnode + SIZEOF_MM_ALLOCNODE); memcpy(newmem, oldmem, oldsize - SIZEOF_MM_ALLOCNODE); To /* Now we have to move the user contents 'down' in memory. memcpy * should be safe for this. */ newmem = (FAR void *)((FAR char *)newnode + SIZEOF_MM_ALLOCNODE); memcpy(newmem, oldmem, oldsize - SIZEOF_MM_ALLOCNODE); /* Now we want to return newnode */ oldnode = newnode; oldsize = newnode->size; ================ That means use orignal size (oldsize) when memcpy. Thansk Kwonsk
