|
|
3a2e466af1
|
Add lightweight Fail-Fast layer to Gatekeeper Boxes
Core Changes:
- Modified: core/box/tiny_free_gate_box.h
* Added address range check in tiny_free_gate_try_fast() (line 142)
* Catches obviously invalid pointers (addr < 4096)
* Rejects fast path for garbage pointers, delegates to slow path
* Logs [TINY_FREE_GATE_RANGE_INVALID] (debug-only, max 8 messages)
* Cost: ~1 cycle (comparison + unlikely branch)
* Behavior: Fails safe by delegating to hak_tiny_free() slow path
- Modified: core/box/tiny_alloc_gate_box.h
* Added range check for malloc_tiny_fast() return value (line 143)
* Debug-only: Checks if returned user_ptr has addr < 4096
* On failure: Logs [TINY_ALLOC_GATE_RANGE_INVALID] and calls abort()
* Release build: Entire check compiled out (zero overhead)
* Rationale: Invalid allocator return is catastrophic - fail immediately
Design Rationale:
- Early detection of memory corruption/undefined behavior
- Conservative threshold (4096) captures NULL and kernel space
- Free path: Graceful degradation (delegate to slow path)
- Alloc path: Hard fail (allocator corruption is non-recoverable)
- Zero performance impact in production (Release) builds
- Debug-only diagnostic output prevents log spam
Fail-Fast Strategy:
- Layer 3a: Address range sanity check (always enabled)
* Rejects addr < 4096 (NULL, low memory garbage)
* Free: delegates to slow path (safe fallback)
* Alloc: aborts (corruption indicator)
- Layer 3b: Detailed Bridge/Header validation (ENV-controlled)
* Traditional HAKMEM_TINY_FREE_GATE_DIAG / HAKMEM_TINY_ALLOC_GATE_DIAG
* For advanced debugging and observability
Testing:
- Compilation: RELEASE=0 and RELEASE=1 both successful
- Smoke tests: 3/3 passed (simple_alloc, loop 10M, pool_tls)
- Performance: No regressions detected
- Address threshold (4096): Conservative, minimizes false positives
- Verified via Task agent (PASS verdict)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
|
2025-12-04 12:36:32 +09:00 |
|
|
|
de9c512971
|
Add Tiny Free Gatekeeper Box for unified free entry point
Core Changes:
- New file: core/box/tiny_free_gate_box.h
* Thin wrapper around hak_tiny_free_fast_v2() with diagnostic hooks
* TinyFreeGateContext structure for USER→BASE + Bridge + Guard information
* tiny_free_gate_classify() - Detects header/meta class mismatches
* tiny_free_gate_try_fast() - Main gatekeeper function
* Zero performance impact when diagnostics disabled
* Future-ready for Guard injection
- Modified: core/box/hak_free_api.inc.h
* Added #include "tiny_free_gate_box.h" (line 12)
* Integrated gatekeeper into bench fast path (lines 113-120)
* Integrated gatekeeper into main DOMAIN_TINY path (lines 145-152)
* Proper #if HAKMEM_TINY_HEADER_CLASSIDX guards maintained
Design Rationale:
- Consolidates free path entry point: USER→BASE conversion and Bridge
classification happen at a single location
- Allows diagnostic hooks without affecting hot path performance
- Maintains backward compatibility: existing behavior unchanged when
diagnostics disabled
- Box Theory compliant: Clear separation of concerns, single responsibility
Testing:
- All smoke tests pass (test_simple_alloc, test_malloc_free_loop, test_pool_tls)
- No regressions in existing functionality
- Verified via Task agent (PASS verdict)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
|
2025-12-04 11:58:37 +09:00 |
|
