Testing pointers for validity (C/C++)

Update for clarification: The problem is not with stale, freed or uninitialized pointers; instead, I'm implementing an API that takes pointers from the caller (like a pointer to a string, a file handle, etc.). The caller can send (in purpose or by mistake) an invalid value as the pointer. How do I prevent a crash?

You can't make that check. There is simply no way you can check whether a pointer is "valid". You have to trust that when people use a function that takes a pointer, those people know what they are doing. If they pass you 0x4211 as a pointer value, then you have to trust it points to address 0x4211. And if they "accidentally" hit an object, then even if you would use some scary operation system function (IsValidPtr or whatever), you would still slip into a bug and not fail fast.

Start using null pointers for signaling this kind of thing and tell the user of your library that they should not use pointers if they tend to accidentally pass invalid pointers, seriously :)

Here are three easy ways for a C program under Linux to get introspective about the status of the memory in which it is running, and why the question has appropriate sophisticated answers in some contexts.

1. After calling getpagesize() and rounding the pointer to a pageboundary, you can call mincore() to find out if a page is valid andif it happens to be part of the process working set. Note that this requiressome kernel resources, so you should benchmark it and determine ifcalling this function is really appropriate in your api. If your apiis going to be handling interrupts, or reading from serial portsinto memory, it is appropriate to call this to avoid unpredictablebehaviors.
2. After calling stat() to determine if there is a /proc/self directory available, you can fopen and read through /proc/self/mapsto find information about the region in which a pointer resides.Study the man page for proc, the process information pseudo-filesystem. Obviously this is relatively expensive, but you might beable to get away with caching the result of the parse into an arrayyou can efficiently lookup using a binary search. Also consider the/proc/self/smaps. If your api is for high-performance computing thenthe program will want to know about the /proc/self/numa which isdocumented under the man page for numa, the non-uniform memoryarchitecture.
3. The get_mempolicy(MPOL_F_ADDR) call is appropriate for high performance computing api work where there are multiple threads ofexecution and you are managing your work to have affinity for non-uniform memoryas it relates to the cpu cores and socket resources. Such an apiwill of course also tell you if a pointer is valid.

Under Microsoft Windows there is the function QueryWorkingSetEx that is documented under the Process Status API (also in the NUMA API).As a corollary to sophisticated NUMA API programming this function will also let you do simple "testing pointers for validity (C/C++)" work, as such it is unlikely to be deprecated for at least 15 years.

Preventing a crash caused by the caller sending in an invalid pointer is a good way to make silent bugs that are hard to find.

Isn't it better for the programmer using your API to get a clear message that his code is bogus by crashing it rather than hiding it?