|
|
6199e9ba01
|
Phase 15 Box Separation: Fix wrapper domain check to prevent BenchMeta→CoreAlloc violation
Fix free() wrapper unconditionally routing ALL pointers to hak_free_at(),
causing Box boundary violations (BenchMeta slots[] entering CoreAlloc).
Solution: Add domain check in wrapper using 1-byte header inspection:
- Non-page-aligned: Check ptr-1 for HEADER_MAGIC (0xa0/0xb0)
- Hakmem Tiny → route to hak_free_at()
- External/BenchMeta → route to __libc_free()
- Page-aligned: Full classification (cannot safely check header)
Results:
- 99.29% BenchMeta properly freed via __libc_free() ✅
- 0.71% page-aligned fallthrough → ExternalGuard leak (acceptable)
- No crashes (100K/500K iterations stable)
- Performance: 15.3M ops/s (maintained)
Changes:
- core/box/hak_wrappers.inc.h: Domain check logic (lines 227-256)
- core/box/external_guard_box.h: Conservative leak prevention
- core/hakmem_super_registry.h: SUPER_MAX_PROBE 8→32
- PHASE15_WRAPPER_DOMAIN_CHECK_FIX.md: Comprehensive analysis
Root cause identified by user: LD_PRELOAD intercepts __libc_free(),
wrapper needs defense-in-depth to maintain Box boundaries.
|
2025-11-16 00:38:29 +09:00 |
|
