diff options
| author | Kartik Agaram <vc@akkartik.com> | 2020-03-22 12:11:49 -0700 |
|---|---|---|
| committer | Kartik Agaram <vc@akkartik.com> | 2020-05-18 00:44:46 -0700 |
| commit | 546a92985f7da2491077d641a2c118b4af7f6913 (patch) | |
| tree | 1e6ab75543a3028e78c9454fbb6bd6b6a076e0ee | |
| parent | 1f38b75e31d713fc72a9d29d360fe5ad66ba22fe (diff) | |
| download | mu-546a92985f7da2491077d641a2c118b4af7f6913.tar.gz | |
start migrating handles to fat pointers
CI will fail from this commit onward. Currently working: $ bootstrap translate init.linux 0[4-7]*.subx 080zero-out.subx -o a.elf && ./a.elf test $ bootstrap run a.elf test $ chmod +x a.elf; ./a.elf test Plan: migrate functions that used to return handles to pass in a new arg of type (addr handle). That's a bit of a weird type. There should be few of these functions. (Open question: do we even want to expose this type in the Mu language?) Functions that just need to read from heap without modifying the handle will receive `(addr T)` or `(handle T)` types as arguments. As I sanitize each new file, I need to update signatures for any new functions and add them to a list. I also need to update calls to any functions on the list.
| -rw-r--r-- | 069allocate.subx | 84 | ||||
| -rw-r--r-- | 070new-stream.subx | 29 | ||||
| -rw-r--r-- | 072slice.subx | 31 | ||||
| -rw-r--r-- | mu-init.subx | 8 |
4 files changed, 116 insertions, 36 deletions
diff --git a/069allocate.subx b/069allocate.subx index 3857ddb8..48d00a36 100644 --- a/069allocate.subx +++ b/069allocate.subx @@ -15,6 +15,9 @@ # carve out chunks of memory and then allocate from them manually using this # very same 'allocate' helper. They just need a new allocation descriptor for # their book-keeping. +# +# Allocations are returned in a handle, which consists of an allocid and a payload. +# The allocid helps detect use-after-free errors. == data @@ -56,18 +59,24 @@ $array-equal-main:end: # Allocate and clear 'n' bytes of memory from an allocation-descriptor 'ad'. # Abort if there isn't enough memory in 'ad'. -allocate: # ad: (addr allocation-descriptor), n: int -> address-or-null/eax: (addr _) +allocate: # ad: (addr allocation-descriptor), n: int, out: (addr handle) # . prologue 55/push-ebp 89/copy 3/mod/direct 5/rm32/ebp . . . 4/r32/esp . . # copy esp to ebp - # eax = allocate-raw(ad, n) + # . save registers + 50/push-eax + # allocate-raw(ad, n, out) # . . push args + ff 6/subop/push 1/mod/*+disp8 5/rm32/ebp . . . . 0x10/disp8 . # push *(ebp+16) ff 6/subop/push 1/mod/*+disp8 5/rm32/ebp . . . . 0xc/disp8 . # push *(ebp+12) ff 6/subop/push 1/mod/*+disp8 5/rm32/ebp . . . . 8/disp8 . # push *(ebp+8) # . . call e8/call allocate-raw/disp32 # . . discard args - 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 8/imm32 # add to esp + 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 0xc/imm32 # add to esp + # eax = out->payload + 8b/copy 1/mod/*+disp8 5/rm32/ebp . . . 0/r32/eax 0x10/disp8 . # copy *(ebp+16) to eax + 8b/copy 1/mod/*+disp8 0/rm32/eax . . . 0/r32/eax 4/disp8 . # copy *(eax+4) to eax # zero-out(eax, n) # . . push args ff 6/subop/push 1/mod/*+disp8 5/rm32/ebp . . . . 0xc/disp8 . # push *(ebp+12) @@ -77,6 +86,8 @@ allocate: # ad: (addr allocation-descriptor), n: int -> address-or-null/eax: (a # . . discard args 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 8/imm32 # add to esp $allocate:end: + # . restore registers + 58/pop-to-eax # . epilogue 89/copy 3/mod/direct 4/rm32/esp . . . 5/r32/ebp . . # copy ebp to esp 5d/pop-to-ebp @@ -84,30 +95,39 @@ $allocate:end: # Claim the next 'n' bytes of memory starting at ad->curr and update ad->curr. # Abort if there isn't enough memory in 'ad'. -allocate-raw: # ad: (addr allocation-descriptor), n: int -> address-or-null/eax: (addr _) +allocate-raw: # ad: (addr allocation-descriptor), n: int, out: (addr handle) # . prologue 55/push-ebp 89/copy 3/mod/direct 5/rm32/ebp . . . 4/r32/esp . . # copy esp to ebp # . save registers + 50/push-eax 51/push-ecx 52/push-edx + 53/push-ebx # ecx = ad 8b/copy 1/mod/*+disp8 5/rm32/ebp . . . 1/r32/ecx 8/disp8 . # copy *(ebp+8) to ecx - # save ad->curr + # edx = out + 8b/copy 1/mod/*+disp8 5/rm32/ebp . . . 2/r32/edx 0x10/disp8 . # copy *(ebp+16) to edx + # ebx = n + 8b/copy 1/mod/*+disp8 5/rm32/ebp . . . 3/r32/ebx 0xc/disp8 . # copy *(ebp+12) to ebx + # out->allocid = 0 + c7 0/subop/copy 0/mod/direct 2/rm32/edx . . . . . 0/imm32 # copy to *edx + # out->payload = ad->curr 8b/copy 0/mod/indirect 1/rm32/ecx . . . 0/r32/eax . . # copy *ecx to eax + 89/copy 1/mod/*+disp8 2/rm32/edx . . . 0/r32/eax 4/disp8 . # copy eax to *(edx+4) # check if there's enough space - # . edx = ad->curr + n - 89/copy 3/mod/direct 2/rm32/edx . . . 0/r32/eax . . # copy eax to edx - 03/add 1/mod/*+disp8 5/rm32/ebp . . . 2/r32/edx 0xc/disp8 . # add *(ebp+12) to edx - 3b/compare 1/mod/*+disp8 1/rm32/ecx . . . 2/r32/edx 4/disp8 . # compare edx with *(ecx+4) + 8d/copy-address 1/mod/*+disp8 4/rm32/sib 0/base/eax 3/index/ebx . 0/r32/eax 4/disp8 . # copy eax+ebx+4 to eax + 3b/compare 1/mod/*+disp8 1/rm32/ecx . . . 0/r32/eax 4/disp8 . # compare eax with *(ecx+4) 73/jump-if->=-signed $allocate-raw:abort/disp8 $allocate-raw:commit: # update ad->curr - 89/copy 0/mod/indirect 1/rm32/ecx . . . 2/r32/edx . . # copy edx to *ecx + 89/copy 0/mod/indirect 1/rm32/ecx . . . 0/r32/eax . . # copy eax to *ecx $allocate-raw:end: # . restore registers + 5b/pop-to-ebx 5a/pop-to-edx 59/pop-to-ecx + 58/pop-to-eax # . epilogue 89/copy 3/mod/direct 4/rm32/esp . . . 5/r32/ebp . . # copy ebp to esp 5d/pop-to-ebp @@ -132,18 +152,25 @@ test-allocate-raw-success: # . prologue 55/push-ebp 89/copy 3/mod/direct 5/rm32/ebp . . . 4/r32/esp . . # copy esp to ebp - # var ad/ecx: allocation-descriptor = {11, 15} - 68/push 0xf/imm32/limit + # var ad/ecx: allocation-descriptor = {11, 32} + 68/push 0x20/imm32/limit 68/push 0xb/imm32/curr 89/copy 3/mod/direct 1/rm32/ecx . . . 4/r32/esp . . # copy esp to ecx - # var eax: (handle byte) = allocate-raw(ad, 3) + # var h/edx: handle = {0, 0} + 68/push 0/imm32 + 68/push 0/imm32 + 89/copy 3/mod/direct 2/rm32/edx . . . 4/r32/esp . . # copy esp to edx + # allocate-raw(ad, 3, h) # . . push args + 52/push-edx 68/push 3/imm32 51/push-ecx # . . call e8/call allocate-raw/disp32 # . . discard args - 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 8/imm32 # add to esp + 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 0xc/imm32 # add to esp + # eax = h->payload + 8b/copy 1/mod/*+disp8 2/rm32/edx . . . 0/r32/eax 4/disp8 . # copy *(edx+4) to eax # check-ints-equal(eax, 11, msg) # . . push args 68/push "F - test-allocate-raw-success: returns current pointer of allocation descriptor"/imm32 @@ -153,10 +180,10 @@ test-allocate-raw-success: e8/call check-ints-equal/disp32 # . . discard args 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 0xc/imm32 # add to esp - # check-ints-equal(ad->curr, 14, msg) + # check-ints-equal(ad->curr, 18, msg) # . . push args 68/push "F - test-allocate-raw-success: updates allocation descriptor"/imm32 - 68/push 0xe/imm32 + 68/push 0x12/imm32 ff 6/subop/push 0/mod/indirect 1/rm32/ecx . . . . . . # push *ecx # . . call e8/call check-ints-equal/disp32 @@ -208,20 +235,25 @@ _pending-test-allocate-raw-failure: c3/return # helper: create a nested allocation descriptor (useful for tests) -allocate-region: # ad: (addr allocation-descriptor), n: int -> new-ad: (handle allocation-descriptor) +allocate-region: # ad: (addr allocation-descriptor), n: int, out: (addr handle allocation-descriptor) # . prologue 55/push-ebp 89/copy 3/mod/direct 5/rm32/ebp . . . 4/r32/esp . . # copy esp to ebp # . save registers + 50/push-eax 51/push-ecx - # eax = allocate(ad, n) + # allocate(ad, n, out) # . . push args + ff 6/subop/push 1/mod/*+disp8 5/rm32/ebp . . . . 0x10/disp8 . # push *(ebp+16) ff 6/subop/push 1/mod/*+disp8 5/rm32/ebp . . . . 0xc/disp8 . # push *(ebp+12) ff 6/subop/push 1/mod/*+disp8 5/rm32/ebp . . . . 8/disp8 . # push *(ebp+8) # . . call e8/call allocate/disp32 # . . discard args - 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 8/imm32 # add to esp + 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 0xc/imm32 # add to esp + # eax = out->payload + 8b/copy 1/mod/*+disp8 5/rm32/ebp . . . 0/r32/eax 0x10/disp8 . # copy *(ebp+16) to eax + 8b/copy 1/mod/*+disp8 0/rm32/eax . . . 0/r32/eax 4/disp8 . # copy *(eax+4) to eax # if (eax == 0) abort 3d/compare-eax-and 0/imm32 74/jump-if-= $allocate-region:abort/disp8 @@ -236,6 +268,7 @@ allocate-region: # ad: (addr allocation-descriptor), n: int -> new-ad: (handle 89/copy 1/mod/*+disp8 0/rm32/eax . . . 1/r32/ecx 4/disp8 . # copy ecx to *(eax+4) # . restore registers 59/pop-to-ecx + 58/pop-to-eax # . epilogue 89/copy 3/mod/direct 4/rm32/esp . . . 5/r32/ebp . . # copy ebp to esp 5d/pop-to-ebp @@ -264,31 +297,36 @@ $allocate-region:abort: # Claim the next 'n+4' bytes of memory and initialize the first 4 to n. # Abort if there isn't enough memory in 'ad'. -allocate-array: # ad: (addr allocation-descriptor), n: int -> result/eax: (addr _) +allocate-array: # ad: (addr allocation-descriptor), n: int, out: (addr handle) # . prologue 55/push-ebp 89/copy 3/mod/direct 5/rm32/ebp . . . 4/r32/esp . . # copy esp to ebp # . save registers + 50/push-eax 51/push-ecx 52/push-edx # ecx = n 8b/copy 1/mod/*+disp8 5/rm32/ebp . . . 1/r32/ecx 0xc/disp8 . # copy *(ebp+12) to ecx # var size/edx: int = n+4 8d/copy-address 1/mod/*+disp8 1/rm32/ecx . . . 2/r32/edx 4/disp8 . # copy ecx+4 to edx - # result = allocate(ad, size) + # allocate(ad, size, out) # . . push args + ff 6/subop/push 1/mod/*+disp8 5/rm32/ebp . . . . 0x10/disp8 . # push *(ebp+16) 52/push-edx ff 6/subop/push 1/mod/*+disp8 5/rm32/ebp . . . . 8/disp8 . # push *(ebp+8) # . . call e8/call allocate/disp32 # . . discard args - 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 8/imm32 # add to esp - # *result = n + 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 0xc/imm32 # add to esp + # *out->payload = n + 8b/copy 1/mod/*+disp8 5/rm32/ebp . . . 0/r32/eax 0x10/disp8 . # copy *(ebp+16) to eax + 8b/copy 1/mod/*+disp8 0/rm32/eax . . . 0/r32/eax 4/disp8 . # copy *(eax+4) to eax 89/copy 0/mod/indirect 0/rm32/eax . . . 1/r32/ecx . . # copy ecx to *eax $allocate-array:end: # . restore registers 5a/pop-to-edx 59/pop-to-ecx + 58/pop-to-eax # . epilogue 89/copy 3/mod/direct 4/rm32/esp . . . 5/r32/ebp . . # copy ebp to esp 5d/pop-to-ebp diff --git a/070new-stream.subx b/070new-stream.subx index 5474175b..b4326096 100644 --- a/070new-stream.subx +++ b/070new-stream.subx @@ -5,11 +5,12 @@ # . op subop mod rm32 base index scale r32 # . 1-3 bytes 3 bits 2 bits 3 bits 3 bits 3 bits 2 bits 2 bits 0/1/2/4 bytes 0/1/2/4 bytes -new-stream: # ad: (addr allocation-descriptor), length: int, elemsize: int -> address/eax: (handle stream _) +new-stream: # ad: (addr allocation-descriptor), length: int, elemsize: int, out: (handle stream _) # . prologue 55/push-ebp 89/copy 3/mod/direct 5/rm32/ebp . . . 4/r32/esp . . # copy esp to ebp # . save registers + 50/push-eax 52/push-edx # var n/eax: int = elemsize * length + 12 (for read, write and size) # . eax = elemsize @@ -24,14 +25,20 @@ new-stream: # ad: (addr allocation-descriptor), length: int, elemsize: int -> a 89/copy 3/mod/direct 2/rm32/edx . . . 0/r32/eax . . # copy eax to edx # . eax += 12 05/add-to-eax 0xc/imm32 - # var eax: (handle stream _) = allocate(ad, n) + # allocate(ad, n, out) # . . push args + ff 6/subop/push 1/mod/*+disp8 5/rm32/ebp . . . . 0x14/disp8 . # push *(ebp+20) 50/push-eax ff 6/subop/push 1/mod/*+disp8 5/rm32/ebp . . . . 8/disp8 . # push *(ebp+8) # . . call e8/call allocate/disp32 # . . discard args - 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 8/imm32 # add to esp + 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 0xc/imm32 # add to esp + # eax = out->payload + 8b/copy 1/mod/*+disp8 5/rm32/ebp . . . 0/r32/eax 0x14/disp8 . # copy *(ebp+20) to eax + 8b/copy 1/mod/*+disp8 0/rm32/eax . . . 0/r32/eax 4/disp8 . # copy *(eax+4) to eax + # skip payload->allocid + 05/add-to-eax 4/imm32 # eax->size = elemsize*length 89/copy 1/mod/*+disp8 0/rm32/eax . . . 2/r32/edx 8/disp8 . # copy edx to *(eax+8) # clear-stream(eax) @@ -44,6 +51,7 @@ new-stream: # ad: (addr allocation-descriptor), length: int, elemsize: int -> a $new-stream:end: # . restore registers 5a/pop-to-edx + 58/pop-to-eax # . epilogue 89/copy 3/mod/direct 4/rm32/esp . . . 5/r32/ebp . . # copy ebp to esp 5d/pop-to-ebp @@ -82,15 +90,22 @@ test-new-stream: 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 8/imm32 # add to esp # var start/edx = ad->curr 8b/copy 0/mod/indirect 1/rm32/ecx . . . 2/r32/edx . . # copy *ecx to edx - # var eax: (handle stream byte) = new-stream(heap, 3, 2) + # var h/ebx: (handle stream byte) + 68/push 0/imm32 + 68/push 0/imm32 + 89/copy 3/mod/direct 3/rm32/ebx . . . 4/r32/esp . . # copy esp to ebx + # new-stream(heap, 3, 2, h) # . . push args + 53/push-ebx 68/push 2/imm32 68/push 3/imm32 51/push-ecx # . . call e8/call new-stream/disp32 # . . discard args - 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 0xc/imm32 # add to esp + 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 0x10/imm32 # add to esp + # eax = out->payload + 8b/copy 1/mod/*+disp8 3/rm32/ebx . . . 0/r32/eax 4/disp8 . # copy *(ebx+4) to eax # check-ints-equal(eax, edx, msg) # . . push args 68/push "F - test-new-stream: returns current pointer of allocation descriptor"/imm32 @@ -100,6 +115,8 @@ test-new-stream: e8/call check-ints-equal/disp32 # . . discard args 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 0xc/imm32 # add to esp + # skip payload->allocid + 05/add-to-eax 4/imm32 # check-ints-equal(eax->size, 6, msg) # . . push args 68/push "F - test-new-stream: sets size correctly"/imm32 @@ -110,6 +127,8 @@ test-new-stream: # . . discard args 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 0xc/imm32 # add to esp # the rest is delegated to clear-stream() so we won't bother checking it + # . reclaim locals + 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 0x10/imm32 # add to esp # . epilogue 89/copy 3/mod/direct 4/rm32/esp . . . 5/r32/ebp . . # copy ebp to esp 5d/pop-to-ebp diff --git a/072slice.subx b/072slice.subx index 39820594..cfe519b7 100644 --- a/072slice.subx +++ b/072slice.subx @@ -1041,11 +1041,12 @@ test-write-slice-buffered: c3/return # copy a slice into a new (dynamically allocated) string -slice-to-string: # ad: (addr allocation-descriptor), in: (addr slice) -> out/eax: (addr array byte) +slice-to-string: # ad: (addr allocation-descriptor), in: (addr slice), out: (handle array byte) # . prologue 55/push-ebp 89/copy 3/mod/direct 5/rm32/ebp . . . 4/r32/esp . . # copy esp to ebp # . save registers + 50/push-eax 51/push-ecx 52/push-edx 53/push-ebx @@ -1060,14 +1061,20 @@ slice-to-string: # ad: (addr allocation-descriptor), in: (addr slice) -> out/ea 89/copy 3/mod/direct 1/rm32/ecx . . . 3/r32/ebx . . # copy ebx to ecx 29/subtract 3/mod/direct 1/rm32/ecx . . . 2/r32/edx . . # subtract edx from ecx 81 0/subop/add 3/mod/direct 1/rm32/ecx . . . . . 4/imm32 # add to ecx - # var out/eax: (handle array byte) = allocate(ad, size) + # allocate(ad, size, out) # . . push args + ff 6/subop/push 1/mod/*+disp8 5/rm32/ebp . . . . 0x10/disp8 . # push *(ebp+16) 51/push-ecx ff 6/subop/push 1/mod/*+disp8 5/rm32/ebp . . . . 8/disp8 . # push *(ebp+8) # . . call e8/call allocate/disp32 # . . discard args - 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 8/imm32 # add to esp + 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 0xc/imm32 # add to esp + # eax = out->payload + 8b/copy 1/mod/*+disp8 5/rm32/ebp . . . 0/r32/eax 0x10/disp8 . # copy *(ebp+16) to eax + 8b/copy 1/mod/*+disp8 0/rm32/eax . . . 0/r32/eax 4/disp8 . # copy *(eax+4) to eax + # skip payload->allocid + 05/add-to-eax 4/imm32 # if (eax == 0) abort 3d/compare-eax-and 0/imm32 74/jump-if-= $slice-to-string:abort/disp8 @@ -1099,6 +1106,7 @@ $slice-to-string:end: 5b/pop-to-ebx 5a/pop-to-edx 59/pop-to-ecx + 58/pop-to-eax # . epilogue 89/copy 3/mod/direct 4/rm32/esp . . . 5/r32/ebp . . # copy ebp to esp 5d/pop-to-ebp @@ -1144,15 +1152,24 @@ test-slice-to-string: 51/push-ecx 50/push-eax 89/copy 3/mod/direct 1/rm32/ecx . . . 4/r32/esp . . # copy esp to ecx - # eax = slice-to-string(heap, slice) + # var h/ebx: (handle array byte) + 68/push 0/imm32 + 68/push 0/imm32 + 89/copy 3/mod/direct 3/rm32/ebx . . . 4/r32/esp . . # copy esp to ebx + # slice-to-string(heap, slice, h) # . . push args + 53/push-ebx 51/push-ecx 52/push-edx # . . call e8/call slice-to-string/disp32 # . . discard args - 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 8/imm32 # add to esp -#? # dump word-slice {{{ + 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 0xc/imm32 # add to esp + # eax = h->payload + 8b/copy 1/mod/*+disp8 3/rm32/ebx . . . 0/r32/eax 4/disp8 . # copy *(ebx+4) to eax + # skip payload->allocid + 05/add-to-eax 4/imm32 +#? # dump eax {{{ #? # . write(2/stderr, "AA: ") #? # . . push args #? 68/push "AA: "/imm32 @@ -1195,6 +1212,8 @@ test-slice-to-string: e8/call check-ints-equal/disp32 # . . discard args 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 0xc/imm32 # add to esp + # . reclaim locals + 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 0x18/imm32 # add to esp # . epilogue 89/copy 3/mod/direct 4/rm32/esp . . . 5/r32/ebp . . # copy ebp to esp 5d/pop-to-ebp diff --git a/mu-init.subx b/mu-init.subx index 2377822e..74d90b7a 100644 --- a/mu-init.subx +++ b/mu-init.subx @@ -27,9 +27,13 @@ $Entry:initialize-args: 8b/-> *esi 2/r32/edx # argc is in words; convert it to bytes c1/shift 4/subop/left %edx 2/imm8 + # var tmp/eax: handle + 68/push 0/imm32 + 68/push 0/imm32 + 89/<- %eax 4/r32/esp # var args/edi: (addr array (addr array byte)) - (allocate-array Heap %edx) # => eax - 89/<- %edi 0/r32/eax + (allocate-array Heap %edx %eax) + 8b/-> *(eax+4) 7/r32/edi # var curr/ecx: (addr kernel-string) = argv 8d/copy-address *(esi+4) 1/r32/ecx # var max/edx: (addr kernel-string) = argv+4+argc |