Conversation
jvoisin
reviewed
Mar 15, 2026
| zone_lookup_table_t zone_lookup_table[(SMALL_SIZE_MAX >> 4) + 4]; | ||
| /* For chunk sizes >= 1024 our bitmap size is smaller | ||
| * than a page. This optimization preallocates pages to | ||
| * than a page. This optimization preallocates pages tog |
Comment on lines
+1077
to
+1080
| /* Pre-lock hot path: scan the thread-local zone cache using only | ||
| * thread-local data (chunk_size comparison and pointer read). No | ||
| * zone struct fields are dereferenced here. Validation happens | ||
| * under the lock via is_zone_usable(). */ |
Contributor
There was a problem hiding this comment.
It would be nice to document what is scanned for I think.
|
|
||
| if(_root->big_zone_used == NULL) { | ||
| LOG_AND_ABORT("There are no big zones allocated"); | ||
| UNLOCK_BIG_ZONE_USED(); |
Contributor
There was a problem hiding this comment.
This looks like a functional change to me, instead of simply an optimization, isn't it?
Comment on lines
+2162
to
+2163
| #if DEBUG || FUZZ_MODE | ||
| _verify_zone(&_root->zones[i]); |
Contributor
There was a problem hiding this comment.
Huh, isn't this a security property?
Owner
Author
There was a problem hiding this comment.
No this is only called from the destructor which verifies heap consistency when the program exits. Useful for debugging but not release.
| return OK; | ||
| } | ||
| #endif | ||
| int main(void) {} |
Contributor
There was a problem hiding this comment.
Shouldn't it be in an #else?
Comment on lines
+364
to
+365
| ## Build a performance-optimized library with the most expensive security | ||
| ## features disabled. Intended for benchmarking and performance measurement. |
Contributor
There was a problem hiding this comment.
Hey, sounds like cheating to me :P
| * If `SANITIZE_CHUNKS` is set all user chunks are cleared when passed to `iso_free` with the constant `0xde`. | ||
| * When freeing a chunk the canary in adjacent chunks above/below are verified. | ||
| * Some important zone metadata pointers are masked in-between `iso_alloc` and `iso_free` operations. | ||
| * When `MASK_PTRS` is enabled (default) the `user_pages_start` and `bitmap_start` pointers stored in zone metadata are XOR'd with a per-zone random secret between alloc and free operations, making them useless to an attacker who reads or corrupts zone metadata. |
Contributor
There was a problem hiding this comment.
It would be nice to explicit where the "per-zone random secret" is stored.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Numerous performance improvements and long overdue bug fixes