safely abort on exec of uninitialized mem or addr 0

include/fh_config.h

@@ -7,8 +7,8 @@
 #ifndef FORTH_FH_CONFIG_H
 #define FORTH_FH_CONFIG_H
 
-#define DATA_STACK_DEPTH 16
-#define RETURN_STACK_DEPTH 16
+#define DATA_STACK_DEPTH 256
+#define RETURN_STACK_DEPTH 256
 #define MAX_NAME_LEN 32
 #define HEAP_SIZE (1024*1024)
 #define MAXLINE 65535

include/fh_error.h

@@ -30,7 +30,7 @@ enum fh_error {
   FH_ERR_NOT_APPLICABLE,
   FH_ERR_PICTNUM_FULL,
   FH_ERR_BAD_DEFER,
-  FH_ERR_ABORT, // technical error used to abort from nested input source
+  FH_ERR_BAD_OPCODE,
   FH_ERR_MAX,
 };
 

src/fh_error.c

@@ -23,7 +23,7 @@ static const char *errornames[FH_ERR_MAX] = {
     [FH_ERR_PICTNUM_FULL] = "PICTNUM_FULL",
     [FH_ERR_NOT_APPLICABLE] = "NOT_APPLICABLE",
     [FH_ERR_BAD_DEFER] = "BAD_DEFER",
-    [FH_ERR_ABORT] = "ABORT",
+    [FH_ERR_BAD_OPCODE] = "BAD_OPCODE",
 };
 
 /** Get error name from code, returns Unknown if not defined */

src/fh_runtime.c

@@ -161,6 +161,12 @@ enum fh_error w_user_word(struct fh_thread_s *fh, const struct fh_word_s *w0)
   }
   // make sure it's aligned
   fh->execptr = WORDALIGNED(fh->execptr);
+  
+  if (fh->execptr == 0 || fh->execptr > fh->here) {
+    LOGE("Bad execptr value 0x%08x", fh->execptr);
+    return FH_ERR_ILLEGAL_FETCH;
+  }
+  
   const struct fh_instruction_s *instr = fh_instr_at(fh, fh->execptr);
   if (!instr) {
     LOGE("Execution pointer out of bounds!");
@@ -431,6 +437,7 @@ enum fh_error w_user_word(struct fh_thread_s *fh, const struct fh_word_s *w0)
 
     default:
       LOGE("Run handler not implemented for instr opcode %d", instr->kind);
+      return FH_ERR_BAD_OPCODE;
   }
 
   end: