diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2021-02-28 12:18:18 +0100 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2021-03-04 19:59:23 +0000 |
commit | 77505c25d83a2130011736d6a2a915eaa3ae230a (patch) | |
tree | 2d5c6a161512e47c7ae356a36aadad6e37cdafc7 /src/syscall | |
parent | 9d88a9e2bf89068238ed02a0c960e58f547bb102 (diff) | |
download | go-77505c25d83a2130011736d6a2a915eaa3ae230a.tar.gz go-77505c25d83a2130011736d6a2a915eaa3ae230a.zip |
syscall: treat proc thread attribute lists as unsafe.Pointers
It turns out that the proc thread update function doesn't actually
allocate new memory for its arguments and instead just copies the
pointer values into the preallocated memory. Since we were allocating
that memory as []byte, the garbage collector didn't scan it for pointers
to Go allocations and freed them. We _could_ fix this by requiring that
all users of this use runtime.KeepAlive for everything they pass to the
update function, but that seems harder than necessary. Instead, we can
just do the allocation as []unsafe.Pointer, which means the GC can
operate as intended and not free these from beneath our feet. In order
to ensure this remains true, we also add a test for this.
Fixes #44662.
Change-Id: Ib392ba8ceacacec94b11379919c8179841cba29f
Reviewed-on: https://go-review.googlesource.com/c/go/+/297389
Trust: Jason A. Donenfeld <Jason@zx2c4.com>
Trust: Alex Brainman <alex.brainman@gmail.com>
Trust: Bryan C. Mills <bcmills@google.com>
Run-TryBot: Jason A. Donenfeld <Jason@zx2c4.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Diffstat (limited to 'src/syscall')
-rw-r--r-- | src/syscall/exec_windows.go | 4 | ||||
-rw-r--r-- | src/syscall/export_windows_test.go | 11 | ||||
-rw-r--r-- | src/syscall/syscall_windows.go | 5 | ||||
-rw-r--r-- | src/syscall/syscall_windows_test.go | 36 | ||||
-rw-r--r-- | src/syscall/types_windows.go | 8 | ||||
-rw-r--r-- | src/syscall/zsyscall_windows.go | 2 |
6 files changed, 60 insertions, 6 deletions
diff --git a/src/syscall/exec_windows.go b/src/syscall/exec_windows.go index 7b73cf1f6f..b20a27d28b 100644 --- a/src/syscall/exec_windows.go +++ b/src/syscall/exec_windows.go @@ -340,7 +340,7 @@ func StartProcess(argv0 string, argv []string, attr *ProcAttr) (pid int, handle si.ShowWindow = SW_HIDE } if sys.ParentProcess != 0 { - err = updateProcThreadAttribute(si.ProcThreadAttributeList, 0, _PROC_THREAD_ATTRIBUTE_PARENT_PROCESS, uintptr(unsafe.Pointer(&sys.ParentProcess)), unsafe.Sizeof(sys.ParentProcess), 0, nil) + err = updateProcThreadAttribute(si.ProcThreadAttributeList, 0, _PROC_THREAD_ATTRIBUTE_PARENT_PROCESS, unsafe.Pointer(&sys.ParentProcess), unsafe.Sizeof(sys.ParentProcess), nil, nil) if err != nil { return 0, 0, err } @@ -351,7 +351,7 @@ func StartProcess(argv0 string, argv []string, attr *ProcAttr) (pid int, handle fd = append(fd, sys.AdditionalInheritedHandles...) // Do not accidentally inherit more than these handles. - err = updateProcThreadAttribute(si.ProcThreadAttributeList, 0, _PROC_THREAD_ATTRIBUTE_HANDLE_LIST, uintptr(unsafe.Pointer(&fd[0])), uintptr(len(fd))*unsafe.Sizeof(fd[0]), 0, nil) + err = updateProcThreadAttribute(si.ProcThreadAttributeList, 0, _PROC_THREAD_ATTRIBUTE_HANDLE_LIST, unsafe.Pointer(&fd[0]), uintptr(len(fd))*unsafe.Sizeof(fd[0]), nil, nil) if err != nil { return 0, 0, err } diff --git a/src/syscall/export_windows_test.go b/src/syscall/export_windows_test.go new file mode 100644 index 0000000000..a72a1ee391 --- /dev/null +++ b/src/syscall/export_windows_test.go @@ -0,0 +1,11 @@ +// Copyright 2021 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package syscall + +var NewProcThreadAttributeList = newProcThreadAttributeList +var UpdateProcThreadAttribute = updateProcThreadAttribute +var DeleteProcThreadAttributeList = deleteProcThreadAttributeList + +const PROC_THREAD_ATTRIBUTE_HANDLE_LIST = _PROC_THREAD_ATTRIBUTE_HANDLE_LIST diff --git a/src/syscall/syscall_windows.go b/src/syscall/syscall_windows.go index cc8dc487d3..05a7d3027d 100644 --- a/src/syscall/syscall_windows.go +++ b/src/syscall/syscall_windows.go @@ -286,7 +286,7 @@ func NewCallbackCDecl(fn interface{}) uintptr { //sys CreateHardLink(filename *uint16, existingfilename *uint16, reserved uintptr) (err error) [failretval&0xff==0] = CreateHardLinkW //sys initializeProcThreadAttributeList(attrlist *_PROC_THREAD_ATTRIBUTE_LIST, attrcount uint32, flags uint32, size *uintptr) (err error) = InitializeProcThreadAttributeList //sys deleteProcThreadAttributeList(attrlist *_PROC_THREAD_ATTRIBUTE_LIST) = DeleteProcThreadAttributeList -//sys updateProcThreadAttribute(attrlist *_PROC_THREAD_ATTRIBUTE_LIST, flags uint32, attr uintptr, value uintptr, size uintptr, prevvalue uintptr, returnedsize *uintptr) (err error) = UpdateProcThreadAttribute +//sys updateProcThreadAttribute(attrlist *_PROC_THREAD_ATTRIBUTE_LIST, flags uint32, attr uintptr, value unsafe.Pointer, size uintptr, prevvalue unsafe.Pointer, returnedsize *uintptr) (err error) = UpdateProcThreadAttribute // syscall interface implementation for other packages @@ -1256,7 +1256,8 @@ func newProcThreadAttributeList(maxAttrCount uint32) (*_PROC_THREAD_ATTRIBUTE_LI } return nil, err } - al := (*_PROC_THREAD_ATTRIBUTE_LIST)(unsafe.Pointer(&make([]byte, size)[0])) + // size is guaranteed to be ≥1 by initializeProcThreadAttributeList. + al := (*_PROC_THREAD_ATTRIBUTE_LIST)(unsafe.Pointer(&make([]unsafe.Pointer, (size+ptrSize-1)/ptrSize)[0])) err = initializeProcThreadAttributeList(al, maxAttrCount, 0, &size) if err != nil { return nil, err diff --git a/src/syscall/syscall_windows_test.go b/src/syscall/syscall_windows_test.go index a9ae54752b..d5e8d58b5a 100644 --- a/src/syscall/syscall_windows_test.go +++ b/src/syscall/syscall_windows_test.go @@ -7,8 +7,11 @@ package syscall_test import ( "os" "path/filepath" + "runtime" "syscall" "testing" + "time" + "unsafe" ) func TestWin32finddata(t *testing.T) { @@ -75,3 +78,36 @@ func TestTOKEN_ALL_ACCESS(t *testing.T) { t.Errorf("TOKEN_ALL_ACCESS = %x, want 0xF01FF", syscall.TOKEN_ALL_ACCESS) } } + +func TestProcThreadAttributeListPointers(t *testing.T) { + list, err := syscall.NewProcThreadAttributeList(1) + if err != nil { + t.Errorf("unable to create ProcThreadAttributeList: %v", err) + } + done := make(chan struct{}) + fds := make([]syscall.Handle, 20) + runtime.SetFinalizer(&fds[0], func(*syscall.Handle) { + close(done) + }) + err = syscall.UpdateProcThreadAttribute(list, 0, syscall.PROC_THREAD_ATTRIBUTE_HANDLE_LIST, unsafe.Pointer(&fds[0]), uintptr(len(fds))*unsafe.Sizeof(fds[0]), nil, nil) + if err != nil { + syscall.DeleteProcThreadAttributeList(list) + t.Errorf("unable to update ProcThreadAttributeList: %v", err) + return + } + runtime.GC() + runtime.GC() + select { + case <-done: + t.Error("ProcThreadAttributeList was garbage collected unexpectedly") + default: + } + syscall.DeleteProcThreadAttributeList(list) + runtime.GC() + runtime.GC() + select { + case <-done: + case <-time.After(time.Second): + t.Error("ProcThreadAttributeList was not garbage collected after a second") + } +} diff --git a/src/syscall/types_windows.go b/src/syscall/types_windows.go index 384b5b4f2c..31fe7664c9 100644 --- a/src/syscall/types_windows.go +++ b/src/syscall/types_windows.go @@ -4,6 +4,8 @@ package syscall +import "unsafe" + const ( // Windows errors. ERROR_FILE_NOT_FOUND Errno = 2 @@ -491,7 +493,11 @@ type StartupInfo struct { } type _PROC_THREAD_ATTRIBUTE_LIST struct { - _ [1]byte + // This is of type unsafe.Pointer, not of type byte or uintptr, because + // the contents of it is mostly a list of pointers, and in most cases, + // that's a list of pointers to Go-allocated objects. In order to keep + // the GC from collecting these objects, we declare this as unsafe.Pointer. + _ [1]unsafe.Pointer } const ( diff --git a/src/syscall/zsyscall_windows.go b/src/syscall/zsyscall_windows.go index b08e6ac5c2..10d0f54e8c 100644 --- a/src/syscall/zsyscall_windows.go +++ b/src/syscall/zsyscall_windows.go @@ -1115,7 +1115,7 @@ func UnmapViewOfFile(addr uintptr) (err error) { return } -func updateProcThreadAttribute(attrlist *_PROC_THREAD_ATTRIBUTE_LIST, flags uint32, attr uintptr, value uintptr, size uintptr, prevvalue uintptr, returnedsize *uintptr) (err error) { +func updateProcThreadAttribute(attrlist *_PROC_THREAD_ATTRIBUTE_LIST, flags uint32, attr uintptr, value unsafe.Pointer, size uintptr, prevvalue unsafe.Pointer, returnedsize *uintptr) (err error) { r1, _, e1 := Syscall9(procUpdateProcThreadAttribute.Addr(), 7, uintptr(unsafe.Pointer(attrlist)), uintptr(flags), uintptr(attr), uintptr(value), uintptr(size), uintptr(prevvalue), uintptr(unsafe.Pointer(returnedsize)), 0, 0) if r1 == 0 { err = errnoErr(e1) |