http://www.iar.com/Global/Resources/Developers_Toolbox/Building_and_debugging/Mastering_stack_and_heap_for_system_reliability.pdf

1. Introduction

The stack and the heap are fundamental to an embedded system. Setting up the stack and the heap
properly is essential to system stability and reliability. Incorrectly used, they may cause your system to
wreak havoc in the strangest ways. Stack and heap memory must be allocated statically by the
programmer. Calculating the stack space is notoriously difficult for all but the smallest embedded
systems, and underestimating stack usage can lead to serious runtime errors which can be difficult to
find. On the other hand, overestimating stack usage means a waste of memory resources. Worst case
maximum stack depth is very useful information in most embedded projects, as it greatly simplifies
estimates of how much stack an application will need. Heap memory overflows gracefully but this is of
no real comfort as few embedded applications are able to recover in such extreme out-of-memory
conditions.

2. A short introduction to stack and heap

2.1 Scope

The focus in this article is on reliable stack and heap design, and how to minimize stack and heap in a
safe way.

Desktop systems and embedded systems share some common stack and heap design errors and
considerations, but differ completely in many other aspects. One example of a difference between these
environments is the available memory. Windows and Linux default to 1 and 8 Mbytes of stack space; a
number that can be increased even more. Heap space is only limited by the available physical memory
and/or page file size. Embedded systems, on the other hand, have very limited memory resources
especially when it comes to RAM space. There is clearly a need to minimize stack and heap in this
restricted memory environment. Common to small embedded systems is that there is no virtual memory
mechanism; allocation of stack, heap and global data (i.e. variables, TCP/IP, USB buffers, etc) is static
and performed at the time when the application is built.

We will address the special issues that arise in small embedded systems. We will not cover how to
protect the stack and heap against attacks. This is a hot topic on desktop and mobile devices and is
likely to be a threat to embedded systems as well in the future, if it isn’t already.

2.2 Stretching the limits

Stretching the limits in everyday life can sometimes be rewarding but can also put you in trouble.
Stretching the limits in programming when it comes to allocated data will definitely put you in trouble.
Luckily, the trouble may hit you directly or during system testing, but it might also manifest itself when it
is too late and the product has been delivered to thousands of customers or deployed in a remote
environment.

Overflowing allocated data can occur in all three storage areas; global, stack and heap memory. Writing
to arrays or pointer references can cause accesses outside of the memory allocated to the object.
Some array accesses can be validated by static analysis, for example by the compiler itself or a MISRA
C checker:

int array[];
array[] = 0x1234;

When the array index is a variable expression, static analysis can no longer find all problems. Pointer
references are also hard to trace by static analysis:

int* p = malloc( * sizeof(int));
p += ;
*p = 0x1234;

Runtime methods to catch object overflow errors have been available for desktop systems for a long
time, Purify, Insure++, and Valgrind, to name a few. These tools work by instrumenting the application
code to validate memory references at runtime. This comes at the price of slowing down application
execution speed dramatically and increasing code size, and has thus not become a usable method for
small embedded systems.

2.3 Stack

The stack is the memory area where a program stores, for example:

• local variables
• return addresses
• function arguments
• compiler temporaries
• interrupt contexts
The life span of variables on the stack is limited to the duration of the
function. As soon as the function returns, the used stack memory will be free
for use by subsequent function calls.

Stack memory has to be allocated statically by the programmer. The stack
usually grows downwards in memory and if the memory area allocated for
the stack isn’t large enough, the executing code writes to the area allocated
below the stack and an overflow situation occurs. The area written to is
usually the area where global and static variables are stored. So,
underestimated stack usage can lead to serious runtime errors like
overwritten variables, wild pointers, and corrupted return addresses. All of
these errors can be very difficult to find. On the other hand, overestimating
stack usage means a waste of memory resources.

We will highlight some methods that can be used to reliably calculate the
required stack size and detect stack related problems.

2.4 Heap

The heap is where the dynamic memory of the system is located. Dynamic memory and the heap can in
many cases be considered optional in small embedded systems. Dynamic memory makes memory
sharing possible between different pieces of a program. When one module does not need its allocated
memory anymore, it simply returns it to the memory allocator to be reused by some other module.

Some examples of data that is placed on the heap include:

• Transient data objects
• C++ new/delete
• C++ STL containers
• C++ exceptions
Calculating heap space ranges from difficult to impossible in larger systems, because of the dynamic
behavior of the application. Moreover there is not much tool support in the embedded world for
measuring heap utilization, but we will discuss some methods.

It is important to maintain heap integrity. Allocated data space is typically interspersed with critical
memory allocator housekeeping data. Bad use of allocated data space will not only risk the corruption of
other data space but may also corrupt the entire memory allocator and most likely crash the application.
We will discuss some methods to aid checking for heap integrity.

Another aspect to consider is that the real-time performance of the heap is not deterministic. Memory
allocation time depends on such factors as previous use and the requested data space size. This is
hardly on the wish list for the cycle-driven embedded developer.

Even if the heap is a ccore topic in this article, the general guideline is to minimize heap usage in small embedded systems.

Mastering stack and heap for system reliability的更多相关文章

  1. 堆栈 & Stack and Heap

    What's the difference between a stack and a heap? The differences between the stack and the heap can ...

  2. JVM的stack和heap,JVM内存模型,垃圾回收策略,分代收集,增量收集

    (转自:http://my.oschina.net/u/436879/blog/85478) 在JVM中,内存分为两个部分,Stack(栈)和Heap(堆),这里,我们从JVM的内存管理原理的角度来认 ...

  3. stack与heap、new的内存分配、static对象。(effective c++ 04)

    阅读effective c++ 04 (30页) 提到的static对象和堆与栈对象."不同编译单元内定义的non-local static对象". 了解一下.    目录 sta ...

  4. DSP中-stack和-heap的作用

    -stack           0x00000800-heap            0x00000800 stack - 又称系统栈(system stack),用于: 保存函数调用后的返回地址; ...

  5. 【转】JVM运行原理及JVM中的Stack和Heap的实现过程

    来自: http://blog.csdn.net//u011067360/article/details/46047521 Java语言写的源程序通过Java编译器,编译成与平台无关的‘字节码程序’( ...

  6. 图解.NET Stack和Heap的本质区别

    现在越来越觉得对.NET基本概念的理解和掌握对于提升编程水平的重要性,先从.NET的 Stack(栈)和Heap(堆)说起,计算机的内存可以分为代码块内存,stack内存和heap内存.代码块内存是在 ...

  7. JVM运行原理及Stack和Heap的实现过程

    Java语言写的源程序通过Java编译器,编译成与平台无关的‘字节码程序’(.class文件,也就是0,1二进制程序),然后在OS之上的Java解释器中解释执行,而JVM是java的核心和基础,在ja ...

  8. Java虚拟机:JVM中的Stack和Heap

    简单的了解一下JVM中的栈和堆 在JVM中,内存分为两个部分,Stack(栈)和Heap(堆),这里,我们从JVM的内存管理原理的角度来认识Stack和Heap,并通过这些原理认清Java中静态方法和 ...

  9. 深入Java虚拟机:JVM中的Stack和Heap

    在JVM中,内存分为两个部分,Stack(栈)和Heap(堆),这里,我们从JVM的内存管理原理的角度来认识Stack和Heap,并通过这些原理认清Java中静态方法和静态属性的问题. 一般,JVM的 ...

随机推荐

  1. [ python ] 正则表达式及re模块

    正则表达式 正则表达式描述: 正则表达式是对字符串操作的一种逻辑公式,就是用事先定义好的一些特定字符.及这些特定字符的组合,组成一个‘规则字符串’,这个‘规则字符串’用来    表达对字符串的一种过滤 ...

  2. Oracle常用sql语句(二)之组函数、多表查询

    DML(数据操纵语言) INSERT .UPDATE. DELETE 插入操作:INSERT: 语法: INSERT INTO 表名(列名1,列名2 ...)VALUES(列值1,列值2...); 注 ...

  3. GPS 与 北斗 初步对比

    一.脉冲 GPS每秒可获得一次卫星星历电文,秒脉冲的误差服从正态分布,锁住的可用卫星达到四颗以上时,授时脉冲的1精度在100 ns以内:当锁住的可用卫星少于四颗时,解算方程组的信息不够充分,授时精度将 ...

  4. 深度学习方法(十):卷积神经网络结构变化——Maxout Networks,Network In Network,Global Average Pooling

    欢迎转载,转载请注明:本文出自Bin的专栏blog.csdn.net/xbinworld. 技术交流QQ群:433250724,欢迎对算法.技术感兴趣的同学加入. 最近接下来几篇博文会回到神经网络结构 ...

  5. gtk+学习笔记(二)

    如何创建一个按钮呢,直接贴代码把,有详细的注释. #include<gtk/gtk.h> gint data_count=; void on_button_clicked (GtkWidg ...

  6. Java 如何获取系统时间

    Java 如何获取系统时间 import java.text.SimpleDateFormat; import java.util.Date; public class Test { public s ...

  7. .NET 社区汇总

    英文社区: 名称:MSDN 地址:http://msdn.microsoft.com/zh-cn/default.aspx 描述:这个网站是大家学.Net的初始网站,也是.net方面官方和权威的资料, ...

  8. win2008 r2 服务器php+mysql+sqlserver2008运行环境配置(从安装、优化、安全等)

    这篇文章主要介绍了win2008 r2 服务器php+mysql+sqlserver2008运行环境配置(从安装.优化.安全等),需要的朋友可以参考下 win2008 r2 安装 http://www ...

  9. XML和HTML的区别

    1.很多新手程序员总是会问HTML和XML有什么区别,接下来就解释一下: 什么是XML? XML 指可扩展标记语言(EXtensible Markup Language). XML 是一种很像HTML ...

  10. SCU 4445 Right turn

    模拟. 每次找一下即将要遇到的那个点,这个数据范围可以暴力找,自己的写的时候二分了一下.如果步数大于$4*n$一定是$-1$. #include<bits/stdc++.h> using ...