wingo pushed a commit to branch wip-inline-digits
in repository guile.
commit 0e505b7036611787c4ed1926c53cefc3ac308826
Author: Andy Wingo <[email protected]>
AuthorDate: Thu Jan 6 10:28:12 2022 +0100
Fix type confusion in heap-numbers-equal? calls from VM
When heap-numbers-equal? is called from eqv?, we have already ensured
that the both objects have the same heap type. However when called by
the VM, the precondition is just that both are heap numbers -- not
necessarily of the same type. Fix to add an additional check in
heap-numbers-equal?. Could cause crashers!
* libguile/eq.c (scm_i_heap_numbers_equal_p): Add additional check.
---
libguile/eq.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/libguile/eq.c b/libguile/eq.c
index bf18cda88..5d8c19a71 100644
--- a/libguile/eq.c
+++ b/libguile/eq.c
@@ -159,7 +159,14 @@ scm_i_fraction_equalp (SCM x, SCM y)
int
scm_i_heap_numbers_equal_p (SCM x, SCM y)
{
- if (SCM_IMP (x)) abort();
+ // Precondition: both X and Y are heap numbers.
+ if (!(SCM_HEAP_OBJECT_P (x) && SCM_HEAP_OBJECT_P (y)))
+ abort();
+ // eqv? already checks that the heap tags are the same, but we are
+ // also called by the VM, which only ensures that both values are
+ // numbers. So check tags here too.
+ if (SCM_CELL_TYPE (x) != SCM_CELL_TYPE (y))
+ return 0;
switch (SCM_TYP16 (x))
{
case scm_tc16_big:
