While building the CodeSamples/datastruct/Issaquah/ directory, I can see
a couple instances of this warning:
In function ‘free_treenode_cache’,
inlined from ‘tree_remove_all’ at tree.c:102:2,
inlined from ‘tree_free’ at tree.c:128:2:
tree.c:251:9: warning: ‘free’ called on pointer ‘trp’ with nonzero offset 96 [-Wfree-nonheap-object]
251 | free(tnp);
| ^~~~~~~~~
I took a look and tried to understand what was happening:
- tree_remove_all() calls free_treenode_cache() on it's input, which ends
up free()'ing it (!BAD_MALLOC)
- It makes sense in most treenodes, since they are allocated with
alloc_treenode_cache() and the malloc() output is the same as the free()
input.
- tree_free() calls tree_remove_all() on &trp->max, which ends up trying
to free() this same address.
- trp is a struct treeroot, which is composed of 2 treenodes: min & max
- The output of malloc() for trp ends up being different from the address
used for free(), since &trp->max is used instead, and there is an offset
since max is the second element of struct treeroot.
To solve this while keeping the tree_remove_all() generic, move
struct traceroot->max to be the first element, and guarantee the address
used for free() is the same returned by malloc().
Signed-off-by: Leonardo Bras <leobras.c@xxxxxxxxx>
---
CodeSamples/datastruct/Issaquah/tree.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/CodeSamples/datastruct/Issaquah/tree.h b/CodeSamples/datastruct/Issaquah/tree.h
index f007558a..bbe5e7c1 100644
--- a/CodeSamples/datastruct/Issaquah/tree.h
+++ b/CodeSamples/datastruct/Issaquah/tree.h
@@ -48,8 +48,8 @@ struct treenode {
* Root of a tree.
*/
struct treeroot {
- struct treenode min;
struct treenode max;
+ struct treenode min;
} __attribute__((__aligned__(CACHE_LINE_SIZE)));
void treenode_wire_call_rcu(void);
--
2.41.0
