tests/lib/heap_align: improve test some more

Nicolas Pitre · Nicolas Pitre · commit 91973eda7be6 · 2025-03-12T20:43:42.000-04:00
- Make sure the align-and-rewind feature is explicitly tested.

- Clobber memory at allocation edges to catch off-by-one type errors.

Signed-off-by: Nicolas Pitre &lt;npitre@baylibre.com&gt;
diff --git a/tests/lib/heap_align/src/main.c b/tests/lib/heap_align/src/main.c
@@ -14,6 +14,44 @@ uint8_t __aligned(8) heapmem[HEAP_SZ];
 /* Heap metadata sizes */
 uint8_t *heap_start, *heap_end;
 
+static void fill(void *mem, size_t size)
+{
+	uint32_t *word32 = mem;
+
+	/*
+	 * No need to fill the entire memory block. Only touching the edges
+	 * is sufficient to trip heap validation with off-by-one errors.
+	 * Strictly speaking we may overflow the boundary if given size
+	 * is not a multiple of 4 but the actual allocation is always
+	 * rounded up to at least the next 4-byte boundary anyway.
+	 */
+	if (size != 0) {
+		word32[0] = 0;
+		word32[(size - 1)/4] = 0;
+	}
+}
+
+/*
+ * The align argument may contain a "rewind" bit.
+ * See comment in sys_heap_aligned_alloc().
+ */
+static bool alignment_ok(void *ptr, size_t align)
+{
+	uintptr_t addr = (uintptr_t)ptr;
+	size_t rew;
+
+	/* split rewind bit from alignment */
+	rew = (align & -align);
+	rew = (rew == align) ? 0 : rew;
+	align -= rew;
+
+	/* undo the pointer rewind */
+	addr += rew;
+
+	/* validate pointer alignment */
+	return (addr & (align - 1)) == 0;
+}
+
 /* Note that this test is making whitebox assumptions about the
  * behavior of the heap in order to exercise coverage of the
  * underlying code: that chunk headers are 8 bytes, that heap chunks
@@ -24,25 +62,34 @@ static void check_heap_align(struct sys_heap *h,
 			     size_t prefix, size_t align, size_t size)
 {
 	void *p, *q, *r, *s;
+	size_t suffix;
 
 	p = sys_heap_alloc(h, prefix);
 	zassert_true(prefix == 0 || p != NULL, "prefix allocation failed");
 
 	q = sys_heap_aligned_alloc(h, align, size);
 	zassert_true(q != NULL, "first aligned allocation failed");
-	zassert_true((((uintptr_t)q) & (align - 1)) == 0, "block not aligned");
+	zassert_true(alignment_ok(q, align), "block not aligned");
 
 	r = sys_heap_aligned_alloc(h, align, size);
 	zassert_true(r != NULL, "second aligned allocation failed");
-	zassert_true((((uintptr_t)r) & (align - 1)) == 0, "block not aligned");
+	zassert_true(alignment_ok(r, align), "block not aligned");
 
 	/* Make sure ALL the split memory goes back into the heap and
 	 * we can allocate the full remaining suffix
 	 */
-	s = sys_heap_alloc(h, (heap_end - (uint8_t *)r) - size - 8);
+	suffix = (heap_end - (uint8_t *)r) - size - 8;
+	s = sys_heap_alloc(h, suffix);
 	zassert_true(s != NULL, "suffix allocation failed (%zd/%zd/%zd)",
 				prefix, align, size);
 
+	/* Touch some of the allocated memory */
+	fill(p, prefix);
+	fill(q, size);
+	fill(r, size);
+	fill(s, suffix);
+	zassert_true(sys_heap_validate(h), "heap invalid");
+
 	sys_heap_free(h, p);
 	sys_heap_free(h, q);
 	sys_heap_free(h, r);
@@ -76,8 +123,12 @@ ZTEST(lib_heap_align, test_aligned_alloc)
 
 	for (size_t align = 8; align < HEAP_SZ / 4; align *= 2) {
 		for (size_t prefix = 0; prefix <= align; prefix += 8) {
-			for (size_t size = 8; size <= align; size += 8) {
+			for (size_t size = 4; size <= align; size += 12) {
 				check_heap_align(&heap, prefix, align, size);
+				for (size_t rew = 4; rew < MIN(align, 32); rew *= 2) {
+					check_heap_align(&heap, prefix,
+							 align | rew, size);
+				}
 			}
 		}
 	}
