mirror
/
go
mirror of https://github.com/golang/go.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
The Go programming language
63,237 Commits 63 Branches 451 Tags 660 MiB
Go 94.3%
Assembly 5.3%
C 0.2%
Shell 0.1%
Go to file
Keith Randall dbaa2d3e65 cmd/compile: do nil check before calling duff functions, on arm64 and amd64 
On these platforms, we set up a frame pointer record below
the current stack pointer, so when we're in duffcopy or duffzero,
we get a reasonable traceback. See #73753.

But because this frame pointer record is below SP, it is vulnerable.
Anything that adds a new stack frame to the stack might clobber it.
Which actually happens in #73748 on amd64. I have not yet come across
a repro on arm64, but might as well be safe here.

The only real situation this could happen is when duffzero or duffcopy
is passed a nil pointer. So we can just avoid the problem by doing the
nil check outside duffzero/duffcopy. That way we never add a frame
below duffzero/duffcopy. (Most other ways to get a new frame below the
current one, like async preempt or debugger-generated calls, don't
apply to duffzero/duffcopy because they are runtime functions; we're
not allowed to preempt there.)

Longer term, we should stop putting stuff below SP. #73753 will
include that as part of its remit. But that's not for 1.25, so we'll
do the simple thing for 1.25 for this issue.

Fixes #73748

Change-Id: I913c49ee46dcaee8fb439415a4531f7b59d0f612
Reviewed-on: https://go-review.googlesource.com/c/go/+/676916
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Reviewed-by: Keith Randall <khr@google.com>
 		2025-05-28 20:35:09 -07:00
.github .github: update language change proposal template 2024-08-08 19:02:29 +00:00
api go/ast: deprecate FilterPackage, PackageExports, MergePackageFiles 2025-05-27 10:26:20 -07:00
doc doc/next: add release note for riscv64 plugin build mode 2025-05-28 13:47:19 -07:00
lib lib/time: update to 2025b/2025b 2025-05-28 09:03:11 -07:00
misc misc/linkcheck: remove unused tool 2025-03-20 04:38:55 -07:00
src cmd/compile: do nil check before calling duff functions, on arm64 and amd64 2025-05-28 20:35:09 -07:00
test cmd/compile: do nil check before calling duff functions, on arm64 and amd64 2025-05-28 20:35:09 -07:00
.gitattributes
.gitignore runtime,internal: move runtime/internal/sys to internal/runtime/sys 2024-07-23 19:05:35 +00:00
CONTRIBUTING.md
LICENSE LICENSE: update per Google Legal 2024-08-09 14:54:31 +00:00
PATENTS
README.md README: fix CC BY license name 2024-07-22 17:45:27 +00:00
SECURITY.md SECURITY.md: update the Reporting a Vulnerability link 2023-09-22 21:17:24 +00:00
codereview.cfg
go.env cmd/go: additional doc-inspired tests and bug fixes 2023-06-06 19:18:46 +00:00

README.md

The Go Programming Language

Go is an open source programming language that makes it easy to build simple, reliable, and efficient software.

Gopher image Gopher image by Renee French, licensed under Creative Commons 4.0 Attribution license.

Our canonical Git repository is located at https://go.googlesource.com/go. There is a mirror of the repository at https://github.com/golang/go.

Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.

Download and Install

Binary Distributions

Official binary distributions are available at https://go.dev/dl/.

After downloading a binary release, visit https://go.dev/doc/install for installation instructions.

Install From Source

If a binary distribution is not available for your combination of operating system and architecture, visit https://go.dev/doc/install/source for source installation instructions.

Contributing

Go is the work of thousands of contributors. We appreciate your help!

To contribute, please read the contribution guidelines at https://go.dev/doc/contribute.

Note that the Go project uses the issue tracker for bug reports and proposals only. See https://go.dev/wiki/Questions for a list of places to ask questions about the Go language.