Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

rebis-dev: Fix Heap::compute_pstr_size being off by one cell #2759

Open
wants to merge 13 commits into
base: rebis-dev
Choose a base branch
from
Open

rebis-dev: Fix Heap::compute_pstr_size being off by one cell #2759

wants to merge 13 commits into from

Conversation

adri326
Copy link
Contributor

@adri326 adri326 commented Jan 7, 2025
edited
Loading

So it looks like my fix for segfault around heap and PStr had an off-by-one error in the logic for compute_pstr_size, which this PR fixes.
This off-by-one error was compounded by a second off-by-one error within the logic of build_functor!() (some parts did not account for the [] atom appended to PStrs), which happened to cancel out with the previous, invalid implementation of compute_pstr_size.

This does not address #2757 (and I would prefer to fix that issue in a separate PR, so that we can get the unit tests of rebis-dev back in order), though the logic for compute_pstr_size should coincide with the corrected behavior of #2757. The test cases I've added here ought to be tweaked once the correct behavior is set in stone.

Now Heap::compute_pstr_size accurately measures the number of bytes needed by Heap::allocate_pstr (except in the instances of #2757).
I've also simplified the logic a bit, and cleaned up the affected tests of build_functor :)

mthom and others added 11 commits October 26, 2024 12:44
@mthom
restore ubuntu testing to ci.yml with rust version 1.77
3141b2d
@mthom
remove Term
fa1b052
@mthom
variable revision
a8c0c5d
@mthom
introduce bespoke Heap type for in-heap partial strings
62bea56
@mthom
unmark_cell_bits! in push_literal (mthom#2645)
dfe41eb
@mthom
dereference clause_clause value, reserve more parser space (mthom#2579)
afd3be1
@adri326
Fix Heap::drop not accounting for null-initialized HeapInner
d695198
@adri326
Fix allocate_pstr randomly refusing to properly allocate memory
eb16e54 
This one was a toughie: it turns out that using `ptr::align_of()`` was
a bad idea, since the buffer in `Heap` itself is not aligned to
`Heap::heap_cell_alignment()`, so `ptr::align_of()` would sometimes
return lower values than expected.

That made for an heisenbug: if the alignment of the heap happened to be 4,
then the bug wouldn't trigger.
@adri326
Fix benches imports
cbde0d7
@mthom
Merge pull request mthom#2735 from adri326/rebis-dev-fix-benches
ff04343 
rebis-dev: Fix imports for benches
@mthom
Merge pull request mthom#2729 from adri326/rebis-dev-fix-miri
2458005 
rebis-dev: Fix UB detected by miri in tests
triska
triska reviewed Jan 7, 2025
View reviewed changes
@adri326
Copy link
Contributor Author

adri326 commented Jan 8, 2025

It turns out that I had missed one instance of the issue spotted in #2729: scan_slice_to_str wrongly assumed that Heap.inner.ptr was aligned to Heap::heap_cell_alignment().

I've rewritten it (and renamed it to the more accurate scan_pstr_at) to not rely on this incorrect assumption anymore, and to reduce the number of unsafe code needed in it and around it, by expressing it in terms of HeapView instead.

To make it easy to use it in the implementations of SizedHeap, I've introduced a small AsHeapView trait, currently only local to this module.

@adri326 adri326 mentioned this pull request Jan 12, 2025
Open
@adri326
Fix off-by-one errors around PStr size computation
2546976 
- Fix Heap::compute_pstr_size being off at len=0, len=n*align and null bytes
  (compute_pstr_size now more accurately reflects the behavior of allocate_pstr).
- Add debug assertion for the behaviour of compute_pstr_size
- Fix off-by-one errors in build_functor
@adri326
Rewrite scan_slice_to_str to be safe and correct, add AsHeapView trai…
5e08d4d 
…t to deduplicate unsafe code

scan_slice_to_str was close to being safe already, but the code using it needed to be unsafe,
and the safety of scan_slice_to_str was hinging on the correctness of the caller unsafe block.

It also wrongly assumed that Heap.inner.ptr was aligned to Heap::heap_cell_alignment().

Instead, I have rewritten `scan_slice_to_str` (and renamed it to the more accurate name
`scan_pstr_at`), to fix the incorrect computation caused by this wrong assumption,
and to reduce the unsafe blocks to their minimum, whose safety I could then prove.

The invariants of Heap remain to be fully vetted, as some of the code in this module remain
~wildly unsafe~ :)
@adri326 adri326 force-pushed the fix-compute_pstr_size branch from 8c856bd to 5e08d4d Compare January 12, 2025 11:07
@adri326 adri326 changed the title Fix Heap::compute_pstr_size being off by one cell rebis-dev: Fix Heap::compute_pstr_size being off by one cell Feb 4, 2025
@triska
Copy link
Contributor

triska commented Feb 17, 2025

A few CI tests apparently fail, I hope at least the formatting would be easy to resolve.

@adri326
Copy link
Contributor Author

adri326 commented Feb 18, 2025

The formatting issue is omnipresent on rebis-dev, running carfo fmt gives me a few thousands of lines of diff (I made that mistake multiple times). I would prefer if @mthom pushed a cargo fmt commit on rebis-dev and I can then work through the rebase of my branches

@adri326 adri326 mentioned this pull request Feb 21, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@triska triska triska left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@adri326 @triska @mthom