Eliminate pointer_cast()

Since we anticipate address_t not carrying provenance on CHERI, but
rather being vaddr_t there, it doesn't make sense to offer conversion
back to a provenance-carrying pointer.

Thankfully, there is not much to be done here: the uses were few and
could be replaced with the vocabulary of other pointer operations in
ds/address.h

src/ds/address.h

@@ -42,16 +42,6 @@ namespace snmalloc
     return reinterpret_cast<address_t>(ptr);
   }
 
-  /**
-   * Cast from an address back to a pointer of the specified type.  All uses of
-   * this will eventually need auditing for CHERI compatibility.
-   */
-  template<typename T>
-  inline T* pointer_cast(address_t address)
-  {
-    return reinterpret_cast<T*>(address);
-  }
-
   /**
    * Test if a pointer is aligned to a given size, which must be a power of
    * two.
@@ -81,7 +71,8 @@ namespace snmalloc
 #if __has_builtin(__builtin_align_down)
       return static_cast<T*>(__builtin_align_down(p, alignment));
 #else
-      return pointer_cast<T>(bits::align_down(address_cast(p), alignment));
+      return reinterpret_cast<T*>(
+        bits::align_down(reinterpret_cast<uintptr_t>(p), alignment));
 #endif
     }
   }
@@ -102,11 +93,29 @@ namespace snmalloc
 #if __has_builtin(__builtin_align_up)
       return static_cast<T*>(__builtin_align_up(p, alignment));
 #else
-      return pointer_cast<T>(bits::align_up(address_cast(p), alignment));
+      return reinterpret_cast<T*>(
+        bits::align_up(reinterpret_cast<uintptr_t>(p), alignment));
 #endif
     }
   }
 
+  /**
+   * Align a pointer down to a dynamically specified granularity, which must be
+   * a power of two.
+   */
+  template<typename T = void>
+  SNMALLOC_FAST_PATH T* pointer_align_down(void* p, size_t alignment)
+  {
+    SNMALLOC_ASSERT(alignment > 0);
+    SNMALLOC_ASSERT(bits::next_pow2(alignment) == alignment);
+#if __has_builtin(__builtin_align_down)
+    return static_cast<T*>(__builtin_align_down(p, alignment));
+#else
+    return reinterpret_cast<T*>(
+      bits::align_down(reinterpret_cast<uintptr_t>(p), alignment));
+#endif
+  }
+
   /**
    * Align a pointer up to a dynamically specified granularity, which must
    * be a power of two.
@@ -119,7 +128,8 @@ namespace snmalloc
 #if __has_builtin(__builtin_align_up)
     return static_cast<T*>(__builtin_align_up(p, alignment));
 #else
-    return pointer_cast<T>(bits::align_up(address_cast(p), alignment));
+    return reinterpret_cast<T*>(
+      bits::align_up(reinterpret_cast<uintptr_t>(p), alignment));
 #endif
   }
 

src/mem/largealloc.h

@@ -183,10 +183,9 @@ namespace snmalloc
       lazy_decommit_guard.clear();
     }
 
-    void push_space(address_t start, size_t large_class)
+    void push_space(void* p, size_t large_class)
     {
       // All fresh pages so can use "NoZero"
-      void* p = pointer_cast<void>(start);
       if (large_class > 0)
         PAL::template notify_using<NoZero>(p, OS_PAGE_SIZE);
       else
@@ -284,24 +283,24 @@ namespace snmalloc
         if (p == nullptr)
           return nullptr;
 
-        address_t p0 = address_cast(p);
-        address_t start = bits::align_up(p0, align);
-        address_t p1 = p0 + request;
-        address_t end = start + size;
+        void* start = pointer_align_up(p, align);
+        void* p1 = pointer_offset(p, request);
+        void* end = pointer_offset(start, size);
 
-        for (; end < bits::align_down(p1, align); end += size)
+        for (; end < pointer_align_down(p1, align);
+             end = pointer_offset(end, size))
         {
           push_space(end, large_class);
         }
 
         // Put offcuts before alignment into the large stack
-        address_t offcut_end = start;
-        address_t offcut_start;
+        void* offcut_end = start;
+        void* offcut_start;
         for (size_t i = large_class; i > 0;)
         {
           i--;
           size_t offcut_align = bits::one_at_bit(SUPERSLAB_BITS) << i;
-          offcut_start = bits::align_up(p0, offcut_align);
+          offcut_start = pointer_align_up(p, offcut_align);
           if (offcut_start != offcut_end)
           {
             push_space(offcut_start, i);
@@ -315,7 +314,7 @@ namespace snmalloc
         {
           i--;
           auto offcut_align = bits::one_at_bit(SUPERSLAB_BITS) << i;
-          offcut_end = bits::align_down(p1, offcut_align);
+          offcut_end = pointer_align_down(p1, offcut_align);
           if (offcut_start != offcut_end)
           {
             push_space(offcut_start, i);
@@ -323,11 +322,10 @@ namespace snmalloc
           }
         }
 
-        void* result = pointer_cast<void>(start);
         if (committed)
-          PAL::template notify_using<NoZero>(result, size);
+          PAL::template notify_using<NoZero>(start, size);
 
-        return result;
+        return start;
       }
     }
   };

src/mem/superslab.h

@@ -181,8 +181,8 @@ namespace snmalloc
     Slab* alloc_slab(sizeclass_t sizeclass)
     {
       uint8_t h = head;
-      Slab* slab = pointer_cast<Slab>(
-        address_cast(this) + (static_cast<size_t>(h) << SLAB_BITS));
+      Slab* slab = pointer_offset(
+        reinterpret_cast<Slab*>(this), (static_cast<size_t>(h) << SLAB_BITS));
 
       uint8_t n = meta[h].next;