use new a_crash() asm to optimize double-free handler.

gcc generates extremely bad code (7 byte immediate mov) for the old null pointer write approach. it should be generating something like "xor %eax,%eax ; mov %al,(%eax)". in any case, using a dedicated crashing opcode accomplishes the same thing in one byte.

use new a_crash() asm to optimize double-free handler.
gcc generates extremely bad code (7 byte immediate mov) for the old null pointer write approach. it should be generating something like "xor %eax,%eax ; mov %al,(%eax)". in any case, using a dedicated crashing opcode accomplishes the same thing in one byte.
1c8bead3 · Rich Felker · df0b5a49 · 1c8bead3
隐藏空白更改
内联并排

Showing with 2 addition and 2 deletion

src/malloc/malloc.c src/malloc/malloc.c +2 -2

未找到文件。
--- a/src/malloc/malloc.c
+++ b/src/malloc/malloc.c
@@ -394,7 +394,7 @@ void *realloc(void *p, size_t n)
 		size_t oldlen = n0 + extra;
 		size_t newlen = n + extra;
 		/* Crash on realloc of freed chunk */
-		if (extra & 1) *(volatile char *)0=0;
+		if (extra & 1) a_crash();
 		if (newlen < PAGE_SIZE && (new = malloc(n))) {
 			memcpy(new, p, n-OVERHEAD);
 			free(p);
@@ -457,7 +457,7 @@ void free(void *p)
 		char *base = (char *)self - extra;
 		size_t len = CHUNK_SIZE(self) + extra;
 		/* Crash on double free */
-		if (extra & 1) *(volatile char *)0=0;
+		if (extra & 1) a_crash();
 		__munmap(base, len);
 		return;
 	}