Moe Charm (CI)
c2f104618f
Fix critical TLS drain memory leak causing potential double-free
## Root Cause
TLS drain was dropping pointers when SuperSlab lookup or slab_idx validation failed:
- Pop pointer from TLS SLL
- Lookup/validation fails
- continue → LEAK! Pointer never returned to any freelist
## Impact
Memory leak + potential double allocation:
1. Pointer P popped but leaked
2. Same address P reallocated from carve/other source
3. User frees P again → duplicate detection → ABORT
## Fix
**Before (BUGGY)**:
```c
if (!ss || invalid_slab_idx) {
continue; // ← LEAK!
}
```
**After (FIXED)**:
```c
if (!ss || invalid_slab_idx) {
// Push back to TLS SLL head (retry later)
tiny_next_write(class_idx, base, g_tls_sll[class_idx].head);
g_tls_sll[class_idx].head = base;
g_tls_sll[class_idx].count++;
break; // Stop draining to avoid infinite retry
}
```
## Files Changed
- core/box/tls_sll_drain_box.h: Fix 2 leak sites (SS lookup + slab_idx validation)
- docs/analysis/LARSON_DOUBLE_FREE_INVESTIGATION.md: Investigation report
## Related
- Larson double-free investigation (47% crash rate)
- Commit e4868bf23: Freelist header write + abort() on duplicate
- ChatGPT analysis: Larson benchmark code is correct (no user bug)
2025-11-27 06:49:38 +09:00
..
2025-11-09 18:55:50 +09:00
2025-11-09 18:55:50 +09:00
2025-11-07 01:27:04 +09:00
2025-11-20 07:32:30 +09:00
2025-11-16 06:36:02 +09:00
2025-11-20 07:32:30 +09:00
2025-11-13 06:50:20 +09:00
2025-11-13 01:45:30 +09:00
2025-11-22 08:43:18 +09:00
2025-11-26 12:33:49 +09:00
2025-11-13 01:45:30 +09:00
2025-11-20 02:01:52 +09:00
2025-11-21 23:00:24 +09:00
2025-11-26 12:33:49 +09:00
2025-11-07 01:27:04 +09:00
2025-11-07 01:27:04 +09:00
2025-11-26 12:33:49 +09:00
2025-11-07 01:27:04 +09:00
2025-11-21 23:00:24 +09:00
2025-11-26 12:33:49 +09:00
2025-11-07 01:27:04 +09:00
2025-11-20 07:32:30 +09:00
2025-11-26 12:33:49 +09:00
2025-11-07 01:27:04 +09:00
2025-11-17 02:47:58 +09:00
2025-11-27 04:35:47 +09:00
2025-11-17 02:47:58 +09:00
2025-11-15 22:08:51 +09:00
2025-11-27 03:41:07 +09:00
2025-11-16 07:51:37 +09:00
2025-11-26 17:12:41 +09:00
2025-11-22 03:30:47 +09:00
2025-11-17 02:47:58 +09:00
2025-11-07 01:27:04 +09:00
2025-11-15 23:00:21 +09:00
2025-11-07 01:27:04 +09:00
2025-11-27 03:18:33 +09:00
2025-11-20 07:32:30 +09:00
2025-11-12 02:45:00 +09:00
2025-11-12 02:45:00 +09:00
2025-11-27 03:41:07 +09:00
2025-11-26 12:33:49 +09:00
2025-11-07 01:27:04 +09:00
2025-11-17 02:47:58 +09:00
2025-11-17 02:47:58 +09:00
2025-11-17 02:47:58 +09:00
2025-11-17 02:47:58 +09:00
2025-11-11 01:47:06 +09:00
2025-11-06 21:54:12 +09:00
2025-11-06 21:54:12 +09:00
2025-11-06 21:54:12 +09:00
2025-11-07 01:27:04 +09:00
2025-11-07 01:27:04 +09:00
2025-11-07 01:27:04 +09:00
2025-11-07 01:27:04 +09:00
2025-11-07 01:27:04 +09:00
2025-11-06 21:54:12 +09:00
2025-11-20 07:32:30 +09:00
2025-11-26 12:33:49 +09:00
2025-11-13 01:45:30 +09:00
2025-11-13 06:50:20 +09:00
2025-11-22 03:30:47 +09:00
2025-11-20 07:32:30 +09:00
2025-11-20 07:32:30 +09:00
2025-11-27 03:41:07 +09:00
2025-11-20 07:32:30 +09:00
2025-11-20 07:32:30 +09:00
2025-11-20 07:32:30 +09:00
2025-11-21 04:56:48 +09:00
2025-11-17 05:29:08 +09:00
2025-11-16 07:51:37 +09:00
2025-11-16 05:48:59 +09:00
2025-11-21 23:00:24 +09:00
2025-11-20 07:32:30 +09:00
2025-11-20 07:32:30 +09:00
2025-11-20 07:32:30 +09:00
2025-11-20 07:32:30 +09:00
2025-11-20 07:32:30 +09:00
2025-11-22 02:46:57 +09:00
2025-11-20 07:32:30 +09:00
2025-11-20 07:32:30 +09:00
2025-11-21 13:44:05 +09:00
2025-11-20 07:32:30 +09:00
2025-11-21 13:44:05 +09:00
2025-11-26 12:33:49 +09:00
2025-11-12 02:45:00 +09:00
2025-11-20 07:32:30 +09:00
2025-11-20 07:32:30 +09:00
2025-11-21 13:44:05 +09:00
2025-11-20 07:32:30 +09:00
2025-11-20 07:32:30 +09:00
2025-11-20 07:32:30 +09:00
2025-11-27 05:57:22 +09:00
2025-11-27 06:49:38 +09:00
2025-11-22 06:50:38 +09:00
2025-11-17 02:47:58 +09:00
2025-11-26 12:33:49 +09:00
2025-11-17 02:47:58 +09:00