From 9e8fa1e99c2003cee53a6630aea9d8a3627492ab Mon Sep 17 00:00:00 2001
From: Austin Clements <austin@google.com>
Date: Fri, 17 Jun 2016 11:07:56 -0400
Subject: [PATCH] runtime: eliminate poisonStack checks

We haven't used poisonStack since we switched to 1-bit stack maps
(4d0f3a1), but the checks are still there. However, nothing prevents
us from genuinely allocating an object at this address on 32-bit and
causing the runtime to crash claiming that it's found a bad pointer.

Since we're not using poisonStack anyway, just pull it out.

Fixes #15831.

Change-Id: Ia6ef604675b8433f75045e369f5acd4644a5bb38
Reviewed-on: https://go-review.googlesource.com/24211
Run-TryBot: Austin Clements <austin@google.com>
Reviewed-by: Keith Randall <khr@golang.org>
---
 src/runtime/mbarrier.go | 4 ++--
 src/runtime/stack.go    | 3 +--
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/src/runtime/mbarrier.go b/src/runtime/mbarrier.go
index 637d9b886a1..bf75934ed6e 100644
--- a/src/runtime/mbarrier.go
+++ b/src/runtime/mbarrier.go
@@ -145,7 +145,7 @@ func writebarrierptr(dst *uintptr, src uintptr) {
 	if !writeBarrier.needed {
 		return
 	}
-	if src != 0 && (src < sys.PhysPageSize || src == poisonStack) {
+	if src != 0 && src < sys.PhysPageSize {
 		systemstack(func() {
 			print("runtime: writebarrierptr *", dst, " = ", hex(src), "\n")
 			throw("bad pointer in write barrier")
@@ -164,7 +164,7 @@ func writebarrierptr_nostore(dst *uintptr, src uintptr) {
 	if !writeBarrier.needed {
 		return
 	}
-	if src != 0 && (src < sys.PhysPageSize || src == poisonStack) {
+	if src != 0 && src < sys.PhysPageSize {
 		systemstack(func() { throw("bad pointer in write barrier") })
 	}
 	writebarrierptr_nostore1(dst, src)
diff --git a/src/runtime/stack.go b/src/runtime/stack.go
index ee2797e1443..b14b4005d80 100644
--- a/src/runtime/stack.go
+++ b/src/runtime/stack.go
@@ -127,7 +127,6 @@ const (
 
 const (
 	uintptrMask = 1<<(8*sys.PtrSize) - 1
-	poisonStack = uintptrMask & 0x6868686868686868
 
 	// Goroutine preemption request.
 	// Stored into g->stackguard0 to cause split stack check failure.
@@ -594,7 +593,7 @@ func adjustpointers(scanp unsafe.Pointer, cbv *bitvector, adjinfo *adjustinfo, f
 			pp := (*uintptr)(add(scanp, i*sys.PtrSize))
 		retry:
 			p := *pp
-			if f != nil && 0 < p && p < _PageSize && debug.invalidptr != 0 || p == poisonStack {
+			if f != nil && 0 < p && p < _PageSize && debug.invalidptr != 0 {
 				// Looks like a junk value in a pointer slot.
 				// Live analysis wrong?
 				getg().m.traceback = 2