• Austin Clements's avatar
    runtime: avoid race between SIGPROF traceback and stack barriers · 87f97c73
    Austin Clements authored
    The following sequence of events can lead to the runtime attempting an
    out-of-bounds access on a stack barrier slice:
    
    1. A SIGPROF comes in on a thread while the G on that thread is in
       _Gsyscall. The sigprof handler calls gentraceback, which saves a
       local copy of the G's stkbar slice. Currently the G has no stack
       barriers, so this slice is empty.
    
    2. On another thread, the GC concurrently scans the stack of the
       goroutine being profiled (it considers it stopped because it's in
       _Gsyscall) and installs stack barriers.
    
    3. Back on the sigprof thread, gentraceback comes across a stack
       barrier in the stack and attempts to look it up in its (zero
       length) copy of G's old stkbar slice, which causes an out-of-bounds
       access.
    
    This commit fixes this by adding a simple cas spin to synchronize the
    SIGPROF handler with stack barrier insertion.
    
    In general I would prefer that this synchronization be done through
    the G status, since that's how stack scans are otherwise synchronized,
    but adding a new lock is a much smaller change and G statuses are full
    of subtlety.
    
    Fixes #11863.
    
    Change-Id: Ie89614a6238bb9c6a5b1190499b0b48ec759eaf7
    Reviewed-on: https://go-review.googlesource.com/12748Reviewed-by: default avatarRuss Cox <rsc@golang.org>
    87f97c73
proc1.go 99.3 KB