Actually enforce the size in ChannelPreallocatedAllocator
We were ignoring the size when being asked to allocate. Turns out
Flatbuffers rounds alignment up, so a 300 byte request becomes 304
bytes, corrupting the redzone. Add a bunch of CHECKs here to catch it,
teach EventLoop to catch it, and catch it in the compiler.
Change-Id: I10488a2f96eeb7a955c6da436e6f9de1fcebbd14
diff --git a/aos/events/channel_preallocated_allocator.h b/aos/events/channel_preallocated_allocator.h
index 5ca370b..c4f0eca 100644
--- a/aos/events/channel_preallocated_allocator.h
+++ b/aos/events/channel_preallocated_allocator.h
@@ -34,17 +34,30 @@
~ChannelPreallocatedAllocator() override { CHECK(!is_allocated_); }
// TODO(austin): Read the contract for these.
- uint8_t *allocate(size_t /*size*/) override {
+ uint8_t *allocate(size_t size) override {
if (is_allocated_) {
- LOG(FATAL) << "Can't allocate more memory with a fixed size allocator. "
- "Increase the memory reserved.";
+ LOG(FATAL) << "Can't allocate more memory with a fixed size allocator on "
+ "channel "
+ << configuration::CleanedChannelToString(channel_);
}
+ CHECK_LE(size, size_)
+ << ": Tried to allocate more space than available on channel "
+ << configuration::CleanedChannelToString(channel_);
+
is_allocated_ = true;
return data_;
}
- void deallocate(uint8_t *, size_t) override { is_allocated_ = false; }
+ void deallocate(uint8_t *data, size_t size) override {
+ CHECK_EQ(data, data_)
+ << ": Deallocating data not allocated here on channel "
+ << configuration::CleanedChannelToString(channel_);
+ CHECK_LE(size, size_)
+ << ": Tried to deallocate more space than available on channel "
+ << configuration::CleanedChannelToString(channel_);
+ is_allocated_ = false;
+ }
uint8_t *reallocate_downward(uint8_t * /*old_p*/, size_t /*old_size*/,
size_t new_size, size_t /*in_use_back*/,