[haiku-development] Re: SLAB documentation
- From: Lucian Adrian Grijincu <lucian.grijincu@xxxxxxxxx>
- To: haiku-development@xxxxxxxxxxxxx
- Date: Sun, 18 Jul 2010 23:53:24 +0300
On Sun, Jul 11, 2010 at 12:11 PM, Ingo Weinhold <ingo_weinhold@xxxxxx> wrote:
> Double free()s could be detected (somewhat expensively) by
> iterating through the free objects list.
I was thinking of an implementation that would be more time-efficient,
but has a space-trade off.
Only when double-free() checks are in place, each object gains another
N bytes. These take a values F if the object is free and A if the
object is allocated.
If the object has any other value we have a buffer overflow.
If we try to allocate the object and it's value is A -- somethings
wrong with the allocator
If we try to free the object and it's value is F -- the programmer has
double freed an object.
--
Another double free() implementation that doesn't occupy anything, and
is faster than just iterating through the free list:
The first N bytes of each object are set to a value F when the object
is free()d.
When an object is freed we look at the object's value. If it's F,
there may be two causes:
* double free or
* the user has set the value F on the first N bytes of the object.
Increase the size of N and make the value F something more awkward
(for example, 0, 1, 0xffff would not be very good as these values are
used a lot).
Because we can't rule each other out, we have to check the free list.
But if the value of N is big enough and F is awkward enough this
search should only be done rarely for non-double-free objects.
Which do you think is acceptable?
--
.
..: Lucian
Other related posts:
