Open tuurke63 opened 6 years ago
maximmasiutin
commented
6 years ago Hello tuurke63,
The idea to turn it on or off at runtime has a drawback that in involves branching, and braching is getting more and more expensive in modern CPU. Linear execution flow is rewarded in modern CPUs.
-- Best regards, Maxim Masiutin Director Ritlabs, SRL www.ritlabs.com
tuurke63
commented
6 years ago Hello maximmasiutin,
There are many hundred "if" statements in FastMM4 and every one is a branch... I think one or two extra wouldn't matter too much. Besides, the whole feature could be completely linked out with an IFDEF for those who don't want to use it.
Nowadays, in the age of Spectre/Meltdown vulnerabilities one can't be too careful, therefore I'd be happy if I could use the feature. Also it's terribly easy to produce a dump of a process and read whatever legible text fragments remained in the working set.
maximmasiutin
commented
6 years ago Hello,
It would have been nice to have freed memory cleared periodically but not necessarily on each free, because on virtual machines zeroized memory can be shared. Also, on Windows 10 and on Windows Server 2016 zeroized memory can be easily compressed. -- Best regards, Maxim Masiutin Director Ritlabs, SRL www.ritlabs.com
Hello all, I have a request for a new feature. Unfortunately I don't know the ins and outs of FastMM4 well enough to implement it myself. It would be nice if someone would pick up this idea.
While the secrecy feature "AlwaysClearFreedMemory" (that overwrites memory with zeroes before it is released) works well, it is not terribly useful because it costs too much CPU power. Unfortunately this feature is controlled by a global $define so it's either on or off all the time.
It would be so much better if this option could simply be switched on and off in code! That way, a programmer could simply enable the feature before executing any sensitive code (password routines etc) and disable it again when secrecy is no longer vital. In order to be thread safe, the controlling variable would need to be an (atomic) counter.