runtime: Better detection of memory allocation request overflow.

From-SVN: r191840

libgo/runtime/chan.c

@@ -3,6 +3,8 @@
 // license that can be found in the LICENSE file.
 
 #include "runtime.h"
+#include "arch.h"
+#include "malloc.h"
 #include "go-type.h"
 
 #define	NOSELGEN	1
@@ -88,7 +90,7 @@ runtime_makechan_c(ChanType *t, int64 hint)
 	
 	elem = t->__element_type;
 
-	if(hint < 0 || (int32)hint != hint || (elem->__size > 0 && (uintptr)hint > ((uintptr)-1) / elem->__size))
+	if(hint < 0 || (int32)hint != hint || (elem->__size > 0 && (uintptr)hint > MaxMem / elem->__size))
 		runtime_panicstring("makechan: size out of range");
 
 	n = sizeof(*c);

libgo/runtime/go-append.c

@@ -54,6 +54,9 @@ __go_append (struct __go_open_array a, void *bvalues, uintptr_t bcount,
 	  while (m < count);
 	}
 
+      if ((uintptr) m > MaxMem / element_size)
+	runtime_panicstring ("growslice: cap out of range");
+
       n = __go_alloc (m * element_size);
       __builtin_memcpy (n, a.__values, a.__count * element_size);
 

libgo/runtime/go-make-slice.c

@@ -37,7 +37,7 @@ __go_make_slice2 (const struct __go_type_descriptor *td, uintptr_t len,
   if (cap < len
       || (uintptr_t) icap != cap
       || (std->__element_type->__size > 0
-	  && cap > (uintptr_t) -1U / std->__element_type->__size))
+	  && cap > MaxMem / std->__element_type->__size))
     runtime_panicstring ("makeslice: cap out of range");
 
   ret.__count = ilen;

libgo/runtime/malloc.h

@@ -128,6 +128,15 @@ enum
 	MaxGcproc = 4,
 };
 
+// Maximum memory allocation size, a hint for callers.
+// This must be a #define instead of an enum because it
+// is so large.
+#if __SIZEOF_POINTER__ == 8
+#define	MaxMem	(16ULL<<30)	/* 16 GB */
+#else
+#define	MaxMem	((uintptr)-1)
+#endif
+
 // A generic linked list of blocks.  (Typically the block is bigger than sizeof(MLink).)
 struct MLink
 {