9c48398f49
This patch fixes a rare but serious bug. The Go garbage collector only examines Go stacks. When Go code calls a function that is not written in Go, it first calls syscall.Entersyscall. Entersyscall records the position of the Go stack pointer and saves a copy of all the registers. If the garbage collector runs while the thread is executing the non-Go code, the garbage collector fetches the stack pointer and registers from the saved location. Entersyscall saves the registers using the getcontext function. Unfortunately I didn't consider the possibility that Entersyscall might itself change a register before calling getcontext. This only matters for callee-saved registers, as caller-saved registers would be visible on the saved stack. And it only matters if Entersyscall is compiled to save and modify a callee-saved register before it calls getcontext. And it only matters if a garbage collection occurs while the non-Go code is executing. And it only matters if the only copy of a valid Go pointer happens to be in the callee-saved register when Entersyscall is called. When all those conditions are true, the Go pointer might get collected incorrectly, leading to memory corruption. This patch tries to avoid the problem by splitting Entersyscall into two functions. The first is a simple function that just calls getcontext and then calls the rest of Entersyscall. This should fix the problem, provided the simple Entersyscall function does not itself modify any callee-saved registers before calling getcontext. That seems to be true on the systems I checked. But since the argument to getcontext is an offset from a TLS variable, it won't be true on a system which needs to save callee-saved registers in order to get the address of a TLS variable. I don't know why any system would work that way, but I don't know how to rule it out. I think that on any such system this will have to be implemented in assembler. I can't put the ucontext_t structure on the stack, because this function can not split stacks, and the ucontext_t structure is large enough that it could cause a stack overflow. From-SVN: r208390 |
||
|---|---|---|
| boehm-gc | ||
| config | ||
| contrib | ||
| fixincludes | ||
| gcc | ||
| gnattools | ||
| include | ||
| INSTALL | ||
| intl | ||
| libada | ||
| libatomic | ||
| libbacktrace | ||
| libcilkrts | ||
| libcpp | ||
| libdecnumber | ||
| libffi | ||
| libgcc | ||
| libgfortran | ||
| libgo | ||
| libgomp | ||
| libiberty | ||
| libitm | ||
| libjava | ||
| libobjc | ||
| libquadmath | ||
| libsanitizer | ||
| libssp | ||
| libstdc++-v3 | ||
| libvtv | ||
| lto-plugin | ||
| maintainer-scripts | ||
| zlib | ||
| .dir-locals.el | ||
| .gitignore | ||
| ABOUT-NLS | ||
| ChangeLog | ||
| ChangeLog.tree-ssa | ||
| compile | ||
| config-ml.in | ||
| config.guess | ||
| config.rpath | ||
| config.sub | ||
| configure | ||
| configure.ac | ||
| COPYING | ||
| COPYING3 | ||
| COPYING3.LIB | ||
| COPYING.LIB | ||
| COPYING.RUNTIME | ||
| depcomp | ||
| install-sh | ||
| libtool-ldflags | ||
| libtool.m4 | ||
| lt~obsolete.m4 | ||
| ltgcc.m4 | ||
| ltmain.sh | ||
| ltoptions.m4 | ||
| ltsugar.m4 | ||
| ltversion.m4 | ||
| MAINTAINERS | ||
| Makefile.def | ||
| Makefile.in | ||
| Makefile.tpl | ||
| missing | ||
| mkdep | ||
| mkinstalldirs | ||
| move-if-change | ||
| README | ||
| symlink-tree | ||
| ylwrap | ||
This directory contains the GNU Compiler Collection (GCC). The GNU Compiler Collection is free software. See the files whose names start with COPYING for copying permission. The manuals, and some of the runtime libraries, are under different terms; see the individual source files for details. The directory INSTALL contains copies of the installation information as HTML and plain text. The source of this information is gcc/doc/install.texi. The installation information includes details of what is included in the GCC sources and what files GCC installs. See the file gcc/doc/gcc.texi (together with other files that it includes) for usage and porting information. An online readable version of the manual is in the files gcc/doc/gcc.info*. See http://gcc.gnu.org/bugs/ for how to report bugs usefully. Copyright years on GCC source files may be listed using range notation, e.g., 1987-2012, indicating that every year in the range, inclusive, is a copyrightable year that could otherwise be listed individually.