cmd/compile: detect unsafe conversions from smaller to larger types

This CL extends the runtime instrumentation for (*T)(ptr) to also
check that the first and last bytes of *(*T)(ptr) are part of the same
heap object.

Updates #22218.
Updates #34959.

Change-Id: I2c8063fe1b7fe6e6145e41c5654cb64dd1c9dd41
Reviewed-on: https://go-review.googlesource.com/c/go/+/201778
Run-TryBot: Matthew Dempsky <mdempsky@google.com>
Reviewed-by: Keith Randall <khr@golang.org>
Reviewed-by: Cuong Manh Le <cuong.manhle.vn@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>

src/cmd/compile/internal/gc/walk.go

@@ -3910,7 +3910,7 @@ func isRuneCount(n *Node) bool {
 }
 
 func walkCheckPtrAlignment(n *Node, init *Nodes) *Node {
-	if n.Type.Elem().Alignment() == 1 {
+	if n.Type.Elem().Alignment() == 1 && n.Type.Elem().Size() == 1 {
 		return n
 	}
 

src/runtime/checkptr.go

@@ -7,14 +7,20 @@ package runtime
 import "unsafe"
 
 type ptrAlign struct {
-	ptr   unsafe.Pointer
-	align uintptr
+	ptr  unsafe.Pointer
+	elem *_type
 }
 
 func checkptrAlignment(p unsafe.Pointer, elem *_type) {
+	// Check that (*T)(p) is appropriately aligned.
 	// TODO(mdempsky): What about fieldAlign?
 	if uintptr(p)&(uintptr(elem.align)-1) != 0 {
-		panic(ptrAlign{p, uintptr(elem.align)})
+		panic(ptrAlign{p, elem})
+	}
+
+	// Check that (*T)(p) doesn't straddle multiple heap objects.
+	if elem.size != 1 && checkptrBase(p) != checkptrBase(add(p, elem.size-1)) {
+		panic(ptrAlign{p, elem})
 	}
 }