diff --git a/furi/core/memmgr_heap.c b/furi/core/memmgr_heap.c index 3ce0558a3b..9ac6fc7ffc 100644 --- a/furi/core/memmgr_heap.c +++ b/furi/core/memmgr_heap.c @@ -500,7 +500,7 @@ void vPortFree(void* pv) { * overwritten in a heap block. */ if(heapSUBTRACT_WILL_UNDERFLOW(pxLink->xBlockSize, xHeapStructSize) == 0) { (void)memset( - puc + xHeapStructSize, 0, pxLink->xBlockSize - xHeapStructSize); + puc + xHeapStructSize, 0xDD, pxLink->xBlockSize - xHeapStructSize); } } #endif diff --git a/furi/core/semaphore.c b/furi/core/semaphore.c index d05b9bf092..513c3a122d 100644 --- a/furi/core/semaphore.c +++ b/furi/core/semaphore.c @@ -104,6 +104,8 @@ FuriStatus furi_semaphore_release(FuriSemaphore* instance) { stat = FuriStatusOk; + FURI_CRITICAL_ENTER(); + if(FURI_IS_IRQ_MODE()) { yield = pdFALSE; @@ -123,6 +125,8 @@ FuriStatus furi_semaphore_release(FuriSemaphore* instance) { furi_event_loop_link_notify(&instance->event_loop_link, FuriEventLoopEventIn); } + FURI_CRITICAL_EXIT(); + return stat; } diff --git a/targets/f7/furi_hal/furi_hal_interrupt.c b/targets/f7/furi_hal/furi_hal_interrupt.c index f93248eb8e..8bdd26a0ec 100644 --- a/targets/f7/furi_hal/furi_hal_interrupt.c +++ b/targets/f7/furi_hal/furi_hal_interrupt.c @@ -314,6 +314,8 @@ void MemManage_Handler(void) { } void BusFault_Handler(void) { + const char* crash_msg = "BusFault"; + furi_log_puts("\r\n" _FURI_LOG_CLR_E "Bus fault:\r\n"); if(FURI_BIT(SCB->CFSR, SCB_CFSR_LSPERR_Pos)) { furi_log_puts(" - lazy stacking for exception entry\r\n"); @@ -351,11 +353,13 @@ void BusFault_Handler(void) { if(busfault_address == (uint32_t)NULL) { furi_log_puts(" -- NULL pointer dereference\r\n"); + } else if(busfault_address >= 0xDDDDDDDD && busfault_address <= 0xDDDEDDDD) { + crash_msg = "Possible use-after-free"; } } furi_log_puts(_FURI_LOG_CLR_RESET); - furi_crash("BusFault"); + furi_crash(crash_msg); } void UsageFault_Handler(void) {