[go-nuts] Calling panic() is corrupting system stack

mariappan balraj Tue, 28 Mar 2023 03:45:02 -0700

Hello Go Experts,

I am observing system stack corruption when panic() is called from go
function. When panic is called from Test4(), as part of
runtime.systemstack_switch(), the RSP and RBP is set in such a way that it
will corrupt the stack.


Rbp = 0x00007ffdb188bd20===> This should be less than 0x7ffdb188bc50. But
it is set to the value which is already used for CGO calls. So it is making
the system stack to corrupt. When the core file is generated, it makes it
unable to debug from the core file using dlv. Can someone please help on
this issue?

RBP 0x7ffdb188bc50 RA 0x45f3f4 runtime.cgocallback
/home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s 1003
RBP 0x7ffdb188bca0 RA 0x4641bd crosscall2
/home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgo/asm_amd64.s 32
RBP 0x7ffdb188bcd0 RA 0x464386 C.Test4 /tmp/go-build/_cgo_export.c 35
RBP 0x7ffdb188bce0 RA 0x464432 C.test1 /home/soomohan/mbalraj/test/hello.go
10
RBP 0x7ffdb188bd00 RA 0x46444d C.test2 /home/soomohan/mbalraj/test/hello.go
15
RBP 0x7ffdb188bd20 RA 0x464468 C.test3 /home/soomohan/mbalraj/test/hello.go
20
RBP 0x7ffdb188bd50 RA 0x4644a7 C._cgo_78b81bbf688e_Cfunc_test3
/tmp/go-build/cgo-gcc-prolog 51

go version
go version go1.20.2 linux/amd64

//hello.go
package main

/*
#include <stdio.h>

extern void Test4(void);

void test1(void) {
   Test4();
}

void test2(void) {
    int val = 2;
    test1();
}

void test3(void) {
    int val = 3;
    test2();
}

void test4(void) {
    printf("Test4()");
}
*/
import "C"

func Test5() {
    C.test4()
}

func main() {
    C.test3()
}

//export.go
package main

import "C"

//export Test4
func Test4() {
    panic("Panic inside Test4")
    //Test5()
}

I have written the following script test.start to debug this issue further
in DLV.
def command_goroutine_start_line(args):
    regs = registers().Regs
    rip = 0
    for reg in regs:
        if reg.Name == "Rbp":
            rbp = int(reg.Value, 16)
        elif reg.Name == "Rip":
            rip = int(reg.Value, 16)

    da = disassemble(StartPC=rip, EndPC=rip+1).Disassemble
    print("RBP 0x%x RIP 0x%x %s %s %s" % (rbp, rip,
da[0].Loc.Function.Name_, da[0].Loc.File, da[0].Loc.Line))

    while True:
        mem = examine_memory(rbp, 8).Mem
        val = 0
        for i in range(len(mem)):
            val <<= 8
            val += mem[len(mem) - i - 1]
        prbp = val

        mem = examine_memory(rbp + 8, 8).Mem
        val = 0
        for i in range(len(mem)):
            val <<= 8
            val += mem[len(mem) - i - 1]
        ra = val

        da = disassemble(StartPC=ra, EndPC=ra+1).Disassemble
        print("RBP 0x%x RA 0x%x %s %s %s" % (prbp, ra,
da[0].Loc.Function.Name_, da[0].Loc.File, da[0].Loc.Line))
        if prbp == 0:
           break
        rbp = prbp

def main():
        dlv_command("config alias goroutine_start_line gsl")

(dlv)bt
RBP 0x0 RA 0x45f5e1 runtime.goexit
/home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s 1599

 0  0x0000000000433b04 in runtime.addOneOpenDeferFrame.func1
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/panic.go:646
 1  0x000000000045f0c0 in runtime.systemstack_switch
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s:463
 2  0x0000000000433a89 in runtime.addOneOpenDeferFrame
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/panic.go:644
 3  0x0000000000434357 in runtime.gopanic
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/panic.go:886
 4  0x00000000004642a7 in main.Test4
    at ./export.go:7
 5  0x000000000046431c in _cgoexp_78b81bbf688e_Test4
    at _cgo_gotypes.go:61
 6  0x000000000040535b in runtime.cgocallbackg1
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgocall.go:315
 7  0x0000000000405079 in runtime.cgocallbackg
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgocall.go:234
 8  0x0000000000461b0f in runtime.cgocallbackg
    at <autogenerated>:1
 9  0x000000000045f3f4 in runtime.cgocallback
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s:998
10  0x0000000000000001 in ???
    at ?:-1
11  0x0000000000464386 in C.Test4
    at /tmp/go-build/_cgo_export.c:33
12  0x0000000000464432 in C.test1
    at ./hello.go:9
13  0x000000000046444d in C.test2
    at ./hello.go:14
14  0x0000000000464468 in C.test3
    at ./hello.go:19
15  0x00000000004644a7 in C._cgo_78b81bbf688e_Cfunc_test3
15  0x00000000004644a7 in C._cgo_78b81bbf688e_Cfunc_test3
    at /tmp/go-build/cgo-gcc-prolog:49
16  0x000000000045f2e4 in runtime.asmcgocall
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s:848
17  0x000000000046448a in C._cgo_78b81bbf688e_Cfunc_test3
    at /tmp/go-build/cgo-gcc-prolog:44
18  0x0000000000404f0a in runtime.cgocall
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgocall.go:167
19  0x0000000000464245 in main._Cfunc_test3
    at _cgo_gotypes.go:39
20  0x00000000004642d7 in main.main
    at ./hello.go:33
21  0x0000000000437073 in runtime.main
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/proc.go:250
22  0x000000000045f5e1 in runtime.goexit
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s:1598

(dlv)source test.star
(dlv)gsl
(dlv) gsl
RBP 0xc000048c68 RIP 0x433b04 runtime.addOneOpenDeferFrame.func1
/home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/panic.go 646
RBP 0xc000048d28 RA 0x434357 runtime.gopanic
/home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/panic.go 905
RBP 0xc000048d48 RA 0x4642a7 main.Test4
/home/soomohan/mbalraj/test/export.go 7
RBP 0xc000048d58 RA 0x46431c _cgoexp_78b81bbf688e_Test4 _cgo_gotypes.go 62
RBP 0xc000048e18 RA 0x40535b runtime.cgocallbackg1
/home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgocall.go 323
RBP 0xc000048ea8 RA 0x405079 runtime.cgocallbackg
/home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgocall.go 240
RBP 0xc000048ed0 RA 0x461b0f runtime.cgocallbackg <autogenerated> 1
RBP 0x7ffdb188bc50 RA 0x45f3f4 runtime.cgocallback
/home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s 1003
RBP 0x7ffdb188bca0 RA 0x4641bd crosscall2
/home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgo/asm_amd64.s 32
RBP 0x7ffdb188bcd0 RA 0x464386 C.Test4 /tmp/go-build/_cgo_export.c 35
RBP 0x7ffdb188bce0 RA 0x464432 C.test1 /home/soomohan/mbalraj/test/hello.go
10
RBP 0x7ffdb188bd00 RA 0x46444d C.test2 /home/soomohan/mbalraj/test/hello.go
15
RBP 0x7ffdb188bd20 RA 0x464468 C.test3 /home/soomohan/mbalraj/test/hello.go
20
RBP 0x7ffdb188bd50 RA 0x4644a7 C._cgo_78b81bbf688e_Cfunc_test3
/tmp/go-build/cgo-gcc-prolog 51
RBP 0xc000048f38 RA 0x45f2e4 runtime.asmcgocall
/home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s 852
RBP 0xc000048f60 RA 0x464245 main._Cfunc_test3 _cgo_gotypes.go 40
RBP 0xc000048f70 RA 0x4642d7 main.main /home/soomohan/mbalraj/test/hello.go
33
RBP 0xc000048fd0 RA 0x437073 runtime.main
/home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/proc.go 260
RBP 0x0 RA 0x45f5e1 runtime.goexit
/home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s 1599

(dlv)si

(dlv)bt
 0  0x000000000045587f in runtime.gentraceback
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/traceback.go:32
 1  0x000000000045f0c0 in runtime.systemstack_switch
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s:463
 2  0x0000000000433a89 in runtime.addOneOpenDeferFrame
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/panic.go:644
 3  0x0000000000434357 in runtime.gopanic
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/panic.go:886
 4  0x00000000004642a7 in main.Test4
    at ./export.go:7
 5  0x000000000046431c in _cgoexp_78b81bbf688e_Test4
    at _cgo_gotypes.go:61
 6  0x000000000040535b in runtime.cgocallbackg1
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgocall.go:315
 7  0x0000000000405079 in runtime.cgocallbackg
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgocall.go:234
 8  0x0000000000461b0f in runtime.cgocallbackg
    at <autogenerated>:1
 9  0x000000000045f3f4 in runtime.cgocallback
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s:998
10  0x0000000000000001 in ???
    at ?:-1
11  0x0000000000464386 in C.Test4
    at /tmp/go-build/_cgo_export.c:33
12  0x0000000000464432 in C.test1
    at ./hello.go:9
13  0x000000000046444d in C.test2
    at ./hello.go:14
14  0x0000000000464468 in C.test3
    at ./hello.go:19
15  0x0000000000433b4b in runtime.addOneOpenDeferFrame.func1
15  0x0000000000433b4b in runtime.addOneOpenDeferFrame.func1
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/panic.go:645
16  0x000000000045f129 in runtime.systemstack
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s:496
17  0x0000000000461da5 in runtime.newproc
    at <autogenerated>:1
18  0x00000000004cc720 in ???
    at ?:-1
19  0x000000000046431c in _cgoexp_78b81bbf688e_Test4
    at _cgo_gotypes.go:61
20  0x000000000040535b in runtime.cgocallbackg1
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgocall.go:315
21  0x0000000000405079 in runtime.cgocallbackg
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgocall.go:234
22  0x0000000000461b0f in runtime.cgocallbackg
    at <autogenerated>:1
23  0x000000000045f3f4 in runtime.cgocallback
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s:998
24  0x000000000045f0c0 in runtime.systemstack_switch
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s:463
25  0x0000000000404f0a in runtime.cgocall
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgocall.go:167
26  0x0000000000464245 in main._Cfunc_test3
    at _cgo_gotypes.go:39
27  0x00000000004642d7 in main.main
    at ./hello.go:33
28  0x0000000000437073 in runtime.main
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/proc.go:250
29  0x000000000045f5e1 in runtime.goexit
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s:1598

(dlv) regs
 (dlv) regs
    Rip = 0x000000000045587f
    Rsp = 0x00007ffdb188ba08
    Rax = 0x000000000040535b
    Rbx = 0x000000c000048d68
    Rcx = 0x0000000000000000
    Rdx = 0x0000000000433b60
    Rsi = 0x0000000000000000
    Rdi = 0x000000c0000061a0
    Rbp = 0x00007ffdb188bd20
     R8 = 0x0000000000000000
     R9 = 0x000000007fffffff
    R10 = 0x00007ffdb188bd80
    R11 = 0x0000000000000000
    R12 = 0x00007ffdb188ba88
    R13 = 0x000000c000048c18
    R14 = 0x00000000004cc720
    R15 = 0x0000000000000000
 Rflags = 0x0000000000000246    [PF ZF IF IOPL=0]
     Es = 0x0000000000000000
     Cs = 0x0000000000000033
     Ss = 0x000000000000002b
     Ds = 0x0000000000000000
     Fs = 0x0000000000000000
     Gs = 0x0000000000000000
Fs_base = 0x000015128ba66740
Gs_base = 0x0000000000000000

Best Regards
Mariappan

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/golang-nuts/CAKKWi6ROmqEq54dnwJmme6D-AZKWM7cexG1_SPpRpz8YUbnBLw%40mail.gmail.com.

[go-nuts] Calling panic() is corrupting system stack

Reply via email to