fuzz: remove potential undefined behavior in chaos harness

The chaos harness has a potential UB bug reported by Miri due to mutable pointer aliasing. The `heap` object has a mutable reference to `HEAP_MEM`, which gets invalidated when calculating `remaining_space`, as it does so through a mut pointer. Thus, using `heap` after using the pointer is technically undefined behavior under Rust's aliasing rules. Fix this by taking a const pointer. Note that it is very unlikely this caused any actual issues under the current state of the compiler. Signed-off-by: Carlos López <[email protected]>
rust-osdev · Nov 6, 2023 · 4149849 · 4149849
1 parent 3c9bafa
commit 4149849
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/fuzz/fuzz_targets/chaos.rs b/fuzz/fuzz_targets/chaos.rs
@@ -82,7 +82,7 @@ fn fuzz(size: u16, actions: Vec<Action>) {
             // safety: new heap size never exceeds MAX_HEAP_SIZE
             unsafe {
                 let remaining_space = HEAP_MEM
-                    .as_mut_ptr()
+                    .as_ptr()
                     .add(MAX_HEAP_SIZE)
                     .offset_from(heap.top());
                 assert!(remaining_space >= 0);