diff options
author | Rickard Green <[email protected]> | 2017-04-25 10:13:09 +0200 |
---|---|---|
committer | GitHub <[email protected]> | 2017-04-25 10:13:09 +0200 |
commit | 0eb103aa9e05b88e4c4337973b16ed2a7e0039f7 (patch) | |
tree | da372ee52a26c4070f4457a21f991f2913ef0d34 | |
parent | b8fa7ec8c0f737b678d6bc89a5dfca0aafc74956 (diff) | |
parent | 59c67fd2fb8a83efadbcd3c88db0128c968ddca5 (diff) | |
download | otp-0eb103aa9e05b88e4c4337973b16ed2a7e0039f7.tar.gz otp-0eb103aa9e05b88e4c4337973b16ed2a7e0039f7.tar.bz2 otp-0eb103aa9e05b88e4c4337973b16ed2a7e0039f7.zip |
Merge pull request #1417 from mikpe/erts-erl_mseg-bad-cache-indexing
erl_mseg.c: don't use invalid indices in - > cache_powered_node[]
OTP-14360
-rw-r--r-- | erts/emulator/sys/common/erl_mseg.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/erts/emulator/sys/common/erl_mseg.c b/erts/emulator/sys/common/erl_mseg.c index 1e05fd3490..d1895f3793 100644 --- a/erts/emulator/sys/common/erl_mseg.c +++ b/erts/emulator/sys/common/erl_mseg.c @@ -87,6 +87,7 @@ static const int debruijn[32] = { #define CACHE_AREAS (32 - MSEG_ALIGN_BITS) +/* FIXME: segment sizes > 2 GB result in bogus negative indices */ #define SIZE_TO_CACHE_AREA_IDX(S) (LOG2((S)) - MSEG_ALIGN_BITS) #define MAX_CACHE_SIZE (30) @@ -396,6 +397,9 @@ static ERTS_INLINE int cache_bless_segment(ErtsMsegAllctr_t *ma, void *seg, UWor if (MSEG_FLG_IS_2POW(flags)) { int ix = SIZE_TO_CACHE_AREA_IDX(size); + if (ix < 0) + return 0; + ASSERT(ix < CACHE_AREAS); ASSERT((1 << (ix + MSEG_ALIGN_BITS)) == size); @@ -471,6 +475,9 @@ static ERTS_INLINE void *cache_get_segment(ErtsMsegAllctr_t *ma, UWord *size_p, ASSERT(IS_2POW(size)); + if (ix < 0) + return NULL; + for( i = ix; i < CACHE_AREAS; i++) { if (erts_circleq_is_empty(&(ma->cache_powered_node[i]))) |