Hunt down UB

jamesmunns · jamesmunns · commit 7a03f759bc9e · 2022-06-25T02:31:07.000+02:00
diff --git a/src/hole.rs b/src/hole.rs
@@ -96,12 +96,14 @@ impl HoleList {
     pub fn allocate_first_fit(&mut self, layout: Layout) -> Result<(NonNull<u8>, Layout), ()> {
         let aligned_layout = Self::align_layout(layout);
 
-        allocate_first_fit(&mut self.first, aligned_layout).map(|holeinfo| {
-            (
-                NonNull::new(holeinfo.addr as *mut u8).unwrap(),
-                aligned_layout,
-            )
-        })
+        let _ = allocate_first_fit(&mut self.first, aligned_layout);
+        // .map(|holeinfo| {
+        //     (
+        //         NonNull::new(holeinfo.addr).unwrap(),
+        //         aligned_layout,
+        //     )
+        // })
+        Err(())
     }
 
     /// Frees the allocation given by `ptr` and `layout`.
@@ -147,7 +149,7 @@ impl Hole {
     /// Returns basic information about the hole.
     fn info(&mut self) -> HoleInfo {
         HoleInfo {
-            addr: self as *mut _ as *mut u8,
+            addr: self as *mut Hole,
             size: self.size,
         }
     }
@@ -156,10 +158,16 @@ impl Hole {
 /// Basic information about a hole.
 #[derive(Debug, Clone, Copy)]
 struct HoleInfo {
-    addr: *mut u8,
+    addr: *mut Hole,
     size: usize,
 }
 
+impl HoleInfo {
+    pub fn addr_u8(&self) -> *mut u8 {
+        self.addr.cast()
+    }
+}
+
 /// The result returned by `split_hole` and `allocate_first_fit`. Contains the address and size of
 /// the allocation (in the `info` field), and the front and back padding.
 struct Allocation {
@@ -177,17 +185,17 @@ fn split_hole(hole: HoleInfo, required_layout: Layout) -> Option<Allocation> {
     let required_size = required_layout.size();
     let required_align = required_layout.align();
 
-    let (aligned_addr, front_padding) = if hole.addr == align_up(hole.addr, required_align) {
+    let (aligned_addr, front_padding) = if hole.addr_u8() == align_up(hole.addr_u8(), required_align) {
         // hole has already the required alignment
         (hole.addr, None)
     } else {
         // the required alignment causes some padding before the allocation
-        let aligned_addr = align_up(hole.addr.wrapping_add(HoleList::min_size()), required_align);
+        let aligned_addr = align_up(hole.addr_u8().wrapping_add(HoleList::min_size()), required_align).cast::<Hole>();
         (
             aligned_addr,
             Some(HoleInfo {
                 addr: hole.addr,
-                size: unsafe { aligned_addr.offset_from(hole.addr) }
+                size: unsafe { aligned_addr.cast::<u8>().offset_from(hole.addr_u8()) }
                     .try_into()
                     .unwrap(),
             }),
@@ -253,9 +261,23 @@ fn allocate_first_fit(mut previous: &mut Hole, layout: Layout) -> Result<HoleInf
                 // previous - front_padding
                 // front_padding - back_padding
                 // back_padding - previous.next
-                previous.next = previous.next.as_mut().unwrap().next.take();
+                let prev = previous as *mut Hole as usize;
+                println!("prev: {:016X}..{:016X}", prev, prev + previous.size);
+                if let Some(padding) = allocation.back_padding {
+                    let back = padding.addr as usize;
+                    println!("back: {:016X}..{:016X}", back, back + padding.size);
+                }
+                if let Some(next) = previous.next.as_mut() {
+                    let nxt = (*next) as *mut Hole as usize;
+                    println!("next: {:016X}..{:016X}", nxt, nxt + next.size);
+                }
+                panic!();
+
+                let new_next = previous.next.as_mut().unwrap().next.take();
+
+                previous.next = new_next;
                 if let Some(padding) = allocation.front_padding {
-                    let ptr = padding.addr as *mut Hole;
+                    let ptr = padding.addr;
                     unsafe {
                         ptr.write(Hole {
                             size: padding.size,
@@ -266,7 +288,7 @@ fn allocate_first_fit(mut previous: &mut Hole, layout: Layout) -> Result<HoleInf
                     previous = move_helper(previous).next.as_mut().unwrap();
                 }
                 if let Some(padding) = allocation.back_padding {
-                    let ptr = padding.addr as *mut Hole;
+                    let ptr = padding.addr;
                     unsafe {
                         ptr.write(Hole {
                             size: padding.size,
@@ -318,7 +340,7 @@ fn deallocate(mut hole: &mut Hole, addr: *mut u8, mut size: usize) {
         match next_hole_info {
             Some(next)
                 if hole_addr.wrapping_offset(hole.size.try_into().unwrap()) == addr
-                    && addr.wrapping_offset(size.try_into().unwrap()) == next.addr =>
+                    && addr.wrapping_offset(size.try_into().unwrap()) == next.addr_u8() =>
             {
                 // block fills the gap between this hole and the next hole
                 // before:  ___XXX____YYYYY____    where X is this hole and Y the next hole
@@ -338,7 +360,7 @@ fn deallocate(mut hole: &mut Hole, addr: *mut u8, mut size: usize) {
 
                 hole.size += size; // merge the F block to this X block
             }
-            Some(next) if addr.wrapping_offset(size.try_into().unwrap()) == next.addr => {
+            Some(next) if addr.wrapping_offset(size.try_into().unwrap()) == next.addr_u8() => {
                 // block is right before the next hole but there is used memory before it
                 // before:  ___XXX______YYYYY____    where X is this hole and Y the next hole
                 // after:   ___XXX__FFFFYYYYY____    where F is the freed block
@@ -347,7 +369,7 @@ fn deallocate(mut hole: &mut Hole, addr: *mut u8, mut size: usize) {
                 size += next.size; // free the merged F/Y block in next iteration
                 continue;
             }
-            Some(next) if next.addr <= addr => {
+            Some(next) if next.addr_u8() <= addr => {
                 // block is behind the next hole, so we delegate it to the next hole
                 // before:  ___XXX__YYYYY________    where X is this hole and Y the next hole
                 // after:   ___XXX__YYYYY__FFFF__    where F is the freed block
diff --git a/src/lib.rs b/src/lib.rs
@@ -5,7 +5,7 @@
 )]
 #![no_std]
 
-#[cfg(test)]
+// #[cfg(test)]
 #[macro_use]
 extern crate std;
 
diff --git a/src/test.rs b/src/test.rs
@@ -253,8 +253,8 @@ fn align_from_small_to_big() {
 
     // allocate 28 bytes so that the heap end is only 4 byte aligned
     assert!(heap.allocate_first_fit(layout_1.clone()).is_ok());
-    // try to allocate a 8 byte aligned block
-    assert!(heap.allocate_first_fit(layout_2.clone()).is_ok());
+    // // try to allocate a 8 byte aligned block
+    // assert!(heap.allocate_first_fit(layout_2.clone()).is_ok());
 }
 
 #[test]

Original file line number	Diff line number	Diff line change
`@@ -253,8 +253,8 @@ fn align_from_small_to_big() {`
`253`	`253`
`254`	`254`	`// allocate 28 bytes so that the heap end is only 4 byte aligned`
`255`	`255`	`assert!(heap.allocate_first_fit(layout_1.clone()).is_ok());`
`256`		`- // try to allocate a 8 byte aligned block`
`257`		`- assert!(heap.allocate_first_fit(layout_2.clone()).is_ok());`
	`256`	`+ // // try to allocate a 8 byte aligned block`
	`257`	`+ // assert!(heap.allocate_first_fit(layout_2.clone()).is_ok());`
`258`	`258`	`}`
`259`	`259`
`260`	`260`	`#[test]`