On Tue, Sep 27, 2016 at 01:03:48PM -0500, Yong Bakos wrote: > From: Yong Bakos <yba...@humanoriented.com> > > Explicitly set the data member to an invalid memory address during > wl_array_release, such that re-using a freed wl_array without re-initializing > causes a crash. In addition, this pointer assignment makes wl_array_release > testable. > > Define a constant for the invalid memory address, and add documentation about > this behavior, starting at libwayland version 1.13.
I actually did a similar thing in our internal codebase recently (although my focus was catching double-free). I used a small stack var as a sentinel, and set freed vars to its address with an assert first to make sure it wasn't already that. My implementation translated here would be roughly: in src/wayland-private.h: #ifndef NDEBUG extern char wl_array_sentinel; # define WL_ARRAY_POISON_PTR ((void*) &wl_array_sentinel) #else # define WL_ARRAY_POISON_PTR NULL #endif in src/wayland-util.c: #ifndef NDEBUG char wl_array_sentinel; #endif in wl_array_release(), before `free(array->data)`: assert(array->data != WL_ARRAY_POISON_PTR); (same could be added in `wl_array_{add,copy}()`) The benefit of this is that you know the address isn't used by something else, and a char should be cheap enough to not have any impact :) Cheers, Eric _______________________________________________ wayland-devel mailing list wayland-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/wayland-devel