~ chicken-core (chicken-5) 9455d4e4985769032a13294360b0498f118cee5d
commit 9455d4e4985769032a13294360b0498f118cee5d
Author: Peter Bex <peter@more-magic.net>
AuthorDate: Sat Oct 17 16:44:25 2015 +0200
Commit: Evan Hanson <evhan@foldling.org>
CommitDate: Mon Oct 26 09:37:10 2015 +1300
Try to detect corrupted data before performing GC_REALLOC.
If an "impossible" object in the stack or heap: one that has a size
that's larger than the memory area that contains it, we know we have a
data corruption on our hands. Panic immediately instead of going in
for the reallocating GC. This prevents the memory state from being
mutated any more, which may help in debugging.
Signed-off-by: Evan Hanson <evhan@foldling.org>
diff --git a/runtime.c b/runtime.c
index dda983c7..af108254 100644
--- a/runtime.c
+++ b/runtime.c
@@ -3627,6 +3627,11 @@ C_regparm void C_fcall really_mark(C_word *x)
bytes = (h & C_BYTEBLOCK_BIT) ? n : n * sizeof(C_word);
if(((C_byte *)p2 + bytes + sizeof(C_word)) > tospace_limit) {
+ /* Detect impossibilities before GC_REALLOC to preserve state: */
+ if (C_in_stackp((C_word)p) && bytes > stack_size)
+ panic(C_text("Detected corrupted data in stack"));
+ if (C_in_heapp((C_word)p) && bytes > (heap_size / 2))
+ panic(C_text("Detected corrupted data in heap"));
if(C_heap_size_is_fixed)
panic(C_text("out of memory - heap full"));
Trap