This libgo patch by Cherry Zhang scans the write barrier buffer
conservatively. In gccgo, we insert the write barriers in the
frontend, and so we cannot completely prevent write barriers on stack
writes. So it is possible for a bad pointer appearing in the write
barrier buffer. When flushing the write barrier, treat it the same as
scanning the stack. In particular, don't mark a pointer if it does
not point to an allocated object. We already have similar logic in
greyobject. With this, hopefully, we can prevent an unallocated
object from being marked completely. Bootstrapped and ran Go
testsuite on x86_64-pc-linux-gnu. Committed to mainline.
Ian
Index: gcc/go/gofrontend/MERGE
===================================================================
--- gcc/go/gofrontend/MERGE (revision 274591)
+++ gcc/go/gofrontend/MERGE (working copy)
@@ -1,4 +1,4 @@
-0f6d673d5b1a3474c3424cb6994ae8ff9baed255
+838f926c93898767f0337122725a4f52a1335186
The first line of this file holds the git revision number of the last
merge done from the gofrontend repository.
Index: libgo/go/runtime/mwbbuf.go
===================================================================
--- libgo/go/runtime/mwbbuf.go (revision 274169)
+++ libgo/go/runtime/mwbbuf.go (working copy)
@@ -285,10 +285,17 @@ func wbBufFlush1(_p_ *p) {
// path to reduce the rate of flushes?
continue
}
- obj, span, objIndex := findObject(ptr, 0, 0, false)
+ obj, span, objIndex := findObject(ptr, 0, 0, !usestackmaps)
if obj == 0 {
continue
}
+ if span.isFree(objIndex) {
+ // For gccgo, it is possible that we have a write
barrier
+ // writing to unintialized stack memory. So we could see
+ // a bad pointer in the write barrier buffer. Don't mark
+ // it in this case.
+ continue
+ }
// TODO: Consider making two passes where the first
// just prefetches the mark bits.
mbits := span.markBitsForIndex(objIndex)
