From af8f4062c24cb36af4dc24fbaffd23aa7f7bde36 Mon Sep 17 00:00:00 2001 From: Cherry Zhang Date: Sat, 9 Feb 2019 23:31:59 -0500 Subject: runtime: scan gp._panic in stack scan In runtime.gopanic, the _panic object p is stack allocated and referenced from gp._panic. With stack objects, p on stack is dead at the point preprintpanics runs. gp._panic points to p, but stack scan doesn't look at gp. Heap scan of gp does look at gp._panic, but it stops and ignores the pointer as it points to the stack. So whatever p points to may be collected and clobbered. We need to scan gp._panic explicitly during stack scan. To test it reliably, we introduce a GODEBUG mode "clobberfree", which clobbers the memory content when the GC frees an object. Fixes #30150. Change-Id: I11128298f03a89f817faa221421a9d332b41dced Reviewed-on: https://go-review.googlesource.com/c/161778 Run-TryBot: Cherry Zhang TryBot-Result: Gobot Gobot Reviewed-by: Keith Randall Reviewed-by: Austin Clements --- src/runtime/testdata/testprog/crash.go | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'src/runtime/testdata') diff --git a/src/runtime/testdata/testprog/crash.go b/src/runtime/testdata/testprog/crash.go index 4d83132198..c4990cdda9 100644 --- a/src/runtime/testdata/testprog/crash.go +++ b/src/runtime/testdata/testprog/crash.go @@ -11,6 +11,7 @@ import ( func init() { register("Crash", Crash) + register("DoublePanic", DoublePanic) } func test(name string) { @@ -43,3 +44,23 @@ func Crash() { testInNewThread("second-new-thread") test("main-again") } + +type P string + +func (p P) String() string { + // Try to free the "YYY" string header when the "XXX" + // panic is stringified. + runtime.GC() + runtime.GC() + runtime.GC() + return string(p) +} + +// Test that panic message is not clobbered. +// See issue 30150. +func DoublePanic() { + defer func() { + panic(P("YYY")) + }() + panic(P("XXX")) +} -- cgit v1.3