It'd be interesting to compare the overhead that comes from enabling malloc security features (quarantine, etc.) vs. tracing GC. There has to be some point at which the lines cross and adding more mitigations is more expensive than just using a good tracing GC.
Conversation
Replying to
When you mentioned security, I thought of blackhat.com/docs/us-16/mat and github.com/microsoft/mima can be built in secure mode, adding guard pages, rand allocs, encr free lists, etc. to protect against various heap vuln. The perf penalty is usually around 10% on avg (benchmarked).
1
3
There's a huge range in the amount of hardening an allocator can do. The mimalloc secure mode only has cheap but low value implementations of hardening features. It's not representative of the costs of doing substantial hardening in an allocator.
It still uses inline metadata (free lists, etc.) with only a very weak probabilistic mitigation against corruption. It only uses guard pages to protect the out-of-line metadata, not heap data. It doesn't have quarantines, partitions, zero-on-free or any other expensive features.
1
1
6
Significant hardening will make a micro-benchmark of small allocations an order of magnitude slower (or more). It rules out thread caches or typical lock-free approaches. Need a single, uniform answer to whether an allocation slot is quarantined, freed, etc. and other things.
1
1
7
Show replies