How cross-thread double free detection could work in glibc malloc
Summary
This technical write-up explains how glibc malloc stores allocation metadata, how the tcache works, and how double-free detection is implemented. It then discusses a flaw in cross-thread double-free detection and proposes a one-line patch to check the tcache key during malloc, including notes on patch submission and observed performance impact.