fix guarded sample rate of 1 (issue #1085)

2025-05-14 19:19:31 +03:00 · 2025-05-13 15:58:45 -07:00 · 2025-05-13 15:58:45 -07:00 · 72f05e2f07
commit 72f05e2f07
parent a6ecb5c299
3 changed files with 9 additions and 11 deletions
--- a/include/mimalloc/types.h
+++ b/include/mimalloc/types.h
@ -512,7 +512,6 @@ struct mi_heap_s {
  size_t                guarded_size_min;                    // minimal size for guarded objects
  size_t                guarded_size_max;                    // maximal size for guarded objects
  size_t                guarded_sample_rate;                 // sample rate (set to 0 to disable guarded pages)
-  size_t                guarded_sample_seed;                 // starting sample count
  size_t                guarded_sample_count;                // current sample count (counting down to 0)
  #endif
  mi_page_t*            pages_free_direct[MI_PAGES_DIRECT];  // optimize: array where every entry points a page with possibly free blocks in the corresponding queue for that size.
--- a/src/init.c
+++ b/src/init.c
@ -110,7 +110,7 @@ mi_decl_cache_align const mi_heap_t _mi_heap_empty = {
  false,            // can reclaim
  0,                // tag
  #if MI_GUARDED
-  0, 0, 0, 0, 1,    // count is 1 so we never write to it (see `internal.h:mi_heap_malloc_use_guarded`)
+  0, 0, 0, 1,       // count is 1 so we never write to it (see `internal.h:mi_heap_malloc_use_guarded`)
  #endif
  MI_SMALL_PAGES_EMPTY,
  MI_PAGE_QUEUES_EMPTY
@ -153,7 +153,7 @@ mi_decl_cache_align mi_heap_t _mi_heap_main = {
  false,            // can reclaim
  0,                // tag
  #if MI_GUARDED
-  0, 0, 0, 0, 0,
+  0, 0, 0, 0,
  #endif
  MI_SMALL_PAGES_EMPTY,
  MI_PAGE_QUEUES_EMPTY
@ -165,15 +165,14 @@ mi_stats_t _mi_stats_main = { MI_STAT_VERSION, MI_STATS_NULL };

 #if MI_GUARDED
 mi_decl_export void mi_heap_guarded_set_sample_rate(mi_heap_t* heap, size_t sample_rate, size_t seed) {
-  heap->guarded_sample_seed = seed;
-  if (heap->guarded_sample_seed == 0) {
-    heap->guarded_sample_seed = _mi_heap_random_next(heap);
-  }
  heap->guarded_sample_rate  = sample_rate;
-  if (heap->guarded_sample_rate >= 1) {
-    heap->guarded_sample_seed = heap->guarded_sample_seed % heap->guarded_sample_rate;
+  heap->guarded_sample_count = sample_rate;  // count down samples
+  if (heap->guarded_sample_rate > 1) {
+    if (seed == 0) {
+      seed = _mi_heap_random_next(heap);
+    }
+    heap->guarded_sample_count = (seed % heap->guarded_sample_rate) + 1;  // start at random count between 1 and `sample_rate`
  }
-  heap->guarded_sample_count = heap->guarded_sample_seed;  // count down samples
 }

 mi_decl_export void mi_heap_guarded_set_size_bound(mi_heap_t* heap, size_t min, size_t max) {
--- a/test/main-override-static.c
+++ b/test/main-override-static.c
@ -43,7 +43,7 @@ int main() {
  // corrupt_free();
  // block_overflow1();
  // block_overflow2();
-  // test_canary_leak();
+  test_canary_leak();
  // test_aslr();
  // invalid_free();
  // test_reserved();