mirror of
https://github.com/golang/go
synced 2024-11-18 07:54:55 -07:00
32a84c99e1
Taking the live variable set from the last return point is problematic. See #40629 for details, but there may not be a return point, or it may be before the final defer. Additionally, keeping track of the last call as a *Value doesn't quite work. If it is dead-code eliminated, the storage for the Value is reused for some other random instruction. Its live variable information, if it is available at all, is wrong. Instead, just mark all the open-defer argument slots as live throughout the function. (They are already zero-initialized.) Fixes #40629 Change-Id: Ie456c7db3082d0de57eaa5234a0f32525a1cce13 Reviewed-on: https://go-review.googlesource.com/c/go/+/247522 Run-TryBot: Keith Randall <khr@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Dan Scales <danscales@google.com>
70 lines
1.2 KiB
Go
70 lines
1.2 KiB
Go
// run
|
|
|
|
// Copyright 2020 The Go Authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
package main
|
|
|
|
import "fmt"
|
|
|
|
const N = 40
|
|
|
|
func main() {
|
|
var x [N]int // stack-allocated memory
|
|
for i := range x {
|
|
x[i] = 0x999
|
|
}
|
|
|
|
// This defer checks to see if x is uncorrupted.
|
|
defer func(p *[N]int) {
|
|
recover()
|
|
for i := range p {
|
|
if p[i] != 0x999 {
|
|
for j := range p {
|
|
fmt.Printf("p[%d]=0x%x\n", j, p[j])
|
|
}
|
|
panic("corrupted stack variable")
|
|
}
|
|
}
|
|
}(&x)
|
|
|
|
// This defer starts a new goroutine, which will (hopefully)
|
|
// overwrite x on the garbage stack.
|
|
defer func() {
|
|
c := make(chan bool)
|
|
go func() {
|
|
useStack(1000)
|
|
c <- true
|
|
}()
|
|
<-c
|
|
|
|
}()
|
|
|
|
// This defer causes a stack copy.
|
|
// The old stack is now garbage.
|
|
defer func() {
|
|
useStack(1000)
|
|
}()
|
|
|
|
// Trigger a segfault.
|
|
*g = 0
|
|
|
|
// Make the return statement unreachable.
|
|
// That makes the stack map at the deferreturn call empty.
|
|
// In particular, the argument to the first defer is not
|
|
// marked as a pointer, so it doesn't get adjusted
|
|
// during the stack copy.
|
|
for {
|
|
}
|
|
}
|
|
|
|
var g *int64
|
|
|
|
func useStack(n int) {
|
|
if n == 0 {
|
|
return
|
|
}
|
|
useStack(n - 1)
|
|
}
|