gpa: Fix GeneralPurposeAllocator double free stack traces #19987
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Nice work! |
Frojdholm
commented
May 17, 2024
Comment on lines
1406
to
1410
| // the metadata tracking system relies on alloc_cursor of empty buckets | ||
| // being set to the slot count so that we can get back the size class. | ||
| const empty_bucket = GPA.searchBucket(&gpa.empty_buckets, @intFromPtr(small.ptr), null).?; | ||
| try std.testing.expect(@divExact(page_size, empty_bucket.alloc_cursor) == size_class); | ||
|
|
There was a problem hiding this comment.
Not sure if this test should be included in this PR, but I found it not obvious that this was the way to extract the size_class from an empty bucket. It's hidden away in a branch of the free function and if this invariant changes the metadata tracking system will break.
There was a problem hiding this comment.
How about adding a function to BucketHeader, something like:
/// Only valid for buckets within `empty_buckets`, and relies on the `alloc_cursor`
/// of empty buckets being set to `slot_count` when they are added to `empty_buckets`
fn sizeClassOfEmptyBucket(bucket: *BucketHeader) usize {
// alloc_cursor was set to slot count when bucket added to empty_buckets
// so we can get the size_class
return @divExact(page_size, bucket.alloc_cursor);
}and then using that everywhere this @divExact(page_size, bucket.alloc_cursor) calculation is done?
Empty buckets have their `alloc_cursor` set to `slot_count` to allow the size class to be calculated later. This happens deep within the free function. This adds a helper and a test to verify that the size class of empty buckets is indeed recoverable.
The wrong `size_class` was used when fetching stack traces from empty buckets. The `size_class` would always be the maximum value after exhausting the search of active buckets rather than the actual `size_class` of the allocation.
Frojdholm
force-pushed
the
fix-gpa-double-free-stack-traces
branch
from
d543a28
to
762e2a4
Compare
Frojdholm
changed the title
Frojdholm
commented
May 18, 2024
|
|
||
| /// Only valid for buckets within `empty_buckets`, and relies on the `alloc_cursor` | ||
| /// of empty buckets being set to `slot_count` when they are added to `empty_buckets` | ||
| fn emptyBucketSizeClass(bucket: *BucketHeader) usize { |
|
Thanks! |
andrewrk
added a commit
that referenced
this pull request
May 22, 2024
…aces gpa: Fix GeneralPurposeAllocator double free stack traces
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #19978
I wrote the following program to test different allocation sizes