[go-nuts] Re: Calling panic() is corrupting system stack

mariappan balraj Thu, 30 Mar 2023 02:23:19 -0700

Hello Go Experts,

When panic() is called from Go function, in the below call sequence,
runtime.unwindm() [which is defer function of  runtime.cgocallbackg1] is
called. This function is unwinding the system stack. Later, as part of the
function addOneOpenDeferFrame(), systemstack() is called to run a function
in the system stack. This will use the stack which is allocated for C
function calls. This makes stack unwinding impossible in case of panic() is
called. Can someone please help me to fix this issue?


(dlv) bt
 0  0x00000000004054e6 in runtime.unwindm
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgocall.go:326
 1  0x0000000000405446 in runtime.cgocallbackg1.func3
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgocall.go:304
 2  0x00000000004340c8 in runtime.deferCallSave
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/panic.go:796
 3  0x0000000000433fa5 in runtime.runOpenDeferFrame
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/panic.go:769
 4  0x0000000000434332 in runtime.gopanic
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/panic.go:884
 5  0x00000000004642a7 in main.Test4
    at ./export.go:7
    at ./export.go:7
 6  0x000000000046431c in _cgoexp_78b81bbf688e_Test4
    at _cgo_gotypes.go:61
 7  0x000000000040535b in runtime.cgocallbackg1
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgocall.go:315
 8  0x0000000000405079 in runtime.cgocallbackg
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgocall.go:234
 9  0x0000000000461b0f in runtime.cgocallbackg
    at <autogenerated>:1
10  0x000000000045f3f4 in runtime.cgocallback
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s:998
11  0x00000000004641bd in crosscall2
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgo/asm_amd64.s:30
12  0x0000000000464386 in C.Test4
    at /tmp/go-build/_cgo_export.c:33
13  0x0000000000464432 in C.test1
    at ./hello.go:9
14  0x000000000046444d in C.test2
    at ./hello.go:14
15  0x0000000000464468 in C.test3
15  0x0000000000464468 in C.test3
    at ./hello.go:19
16  0x00000000004644a7 in C._cgo_78b81bbf688e_Cfunc_test3
    at /tmp/go-build/cgo-gcc-prolog:49
17  0x000000000045f2e4 in runtime.asmcgocall
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s:848
18  0x000000000046448a in C._cgo_78b81bbf688e_Cfunc_test3
    at /tmp/go-build/cgo-gcc-prolog:44
19  0x0000000000404f0a in runtime.cgocall
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgocall.go:167
20  0x0000000000464245 in main._Cfunc_test3
    at _cgo_gotypes.go:39
21  0x00000000004642d7 in main.main
    at ./hello.go:33
22  0x0000000000437073 in runtime.main
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/proc.go:250
23  0x000000000045f5e1 in runtime.goexit
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s:1598

254 func cgocallbackg1(fn, frame unsafe.Pointer, ctxt uintptr) {
304         defer unwindm(&restore)

326 func unwindm(restore *bool) {
327         if *restore {
328                 // Restore sp saved by cgocallback during
329                 // unwind of g's stack (see comment at top of file).
330                 mp := acquirem()
331                 sched := &mp.g0.sched
332                 sched.sp = *(*uintptr)(unsafe.Pointer(sched.sp +
alignUp(sys.MinFrameSize, sys.StackAlign)))

(dlv)
> runtime.addOneOpenDeferFrame()
/home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/panic.go:642 (PC:
0x433a45)
Warning: debugging optimized function
   637: func addOneOpenDeferFrame(gp *g, pc uintptr, sp unsafe.Pointer) {
   638:         var prevDefer *_defer
   639:         if sp == nil {
   640:                 prevDefer = gp._defer
   641:                 pc = prevDefer.framepc
=> 642:                 sp = unsafe.Pointer(prevDefer.sp)
   643:         }
   644:         systemstack(func() {
   645:                 gentraceback(pc, uintptr(sp), 0, gp, 0, nil,
0x7fffffff,
   646:                         func(frame *stkframe, unused
unsafe.Pointer) bool {
   647:                                 if prevDefer != nil && prevDefer.sp
== frame.sp {
(dlv) bt
 0  0x0000000000433a45 in runtime.addOneOpenDeferFrame
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/panic.go:642
 1  0x0000000000434357 in runtime.gopanic
    at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/panic.go:886
 2  0x00000000004642a7 in main.Test4
    at ./export.go:7

On Tue, Mar 28, 2023 at 4:14 PM mariappan balraj <mariappan.bal...@gmail.com>
wrote:

> Hello Go Experts,
>
> I am observing system stack corruption when panic() is called from go
> function. When panic is called from Test4(), as part of
> runtime.systemstack_switch(), the RSP and RBP is set in such a way that it
> will corrupt the stack.
>
> Rbp = 0x00007ffdb188bd20===> This should be less than 0x7ffdb188bc50. But
> it is set to the value which is already used for CGO calls. So it is making
> the system stack to corrupt. When the core file is generated, it makes it
> unable to debug from the core file using dlv. Can someone please help on
> this issue?
>
> RBP 0x7ffdb188bc50 RA 0x45f3f4 runtime.cgocallback
> /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s 1003
> RBP 0x7ffdb188bca0 RA 0x4641bd crosscall2
> /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgo/asm_amd64.s 32
> RBP 0x7ffdb188bcd0 RA 0x464386 C.Test4 /tmp/go-build/_cgo_export.c 35
> RBP 0x7ffdb188bce0 RA 0x464432 C.test1
> /home/soomohan/mbalraj/test/hello.go 10
> RBP 0x7ffdb188bd00 RA 0x46444d C.test2
> /home/soomohan/mbalraj/test/hello.go 15
> RBP 0x7ffdb188bd20 RA 0x464468 C.test3
> /home/soomohan/mbalraj/test/hello.go 20
> RBP 0x7ffdb188bd50 RA 0x4644a7 C._cgo_78b81bbf688e_Cfunc_test3
> /tmp/go-build/cgo-gcc-prolog 51
>
> go version
> go version go1.20.2 linux/amd64
>
> //hello.go
> package main
>
> /*
> #include <stdio.h>
>
> extern void Test4(void);
>
> void test1(void) {
>    Test4();
> }
>
> void test2(void) {
>     int val = 2;
>     test1();
> }
>
> void test3(void) {
>     int val = 3;
>     test2();
> }
>
> void test4(void) {
>     printf("Test4()");
> }
> */
> import "C"
>
> func Test5() {
>     C.test4()
> }
>
> func main() {
>     C.test3()
> }
>
> //export.go
> package main
>
> import "C"
>
> //export Test4
> func Test4() {
>     panic("Panic inside Test4")
>     //Test5()
> }
>
> I have written the following script test.start to debug this issue further
> in DLV.
> def command_goroutine_start_line(args):
>     regs = registers().Regs
>     rip = 0
>     for reg in regs:
>         if reg.Name == "Rbp":
>             rbp = int(reg.Value, 16)
>         elif reg.Name == "Rip":
>             rip = int(reg.Value, 16)
>
>     da = disassemble(StartPC=rip, EndPC=rip+1).Disassemble
>     print("RBP 0x%x RIP 0x%x %s %s %s" % (rbp, rip,
> da[0].Loc.Function.Name_, da[0].Loc.File, da[0].Loc.Line))
>
>     while True:
>         mem = examine_memory(rbp, 8).Mem
>         val = 0
>         for i in range(len(mem)):
>             val <<= 8
>             val += mem[len(mem) - i - 1]
>         prbp = val
>
>         mem = examine_memory(rbp + 8, 8).Mem
>         val = 0
>         for i in range(len(mem)):
>             val <<= 8
>             val += mem[len(mem) - i - 1]
>         ra = val
>
>         da = disassemble(StartPC=ra, EndPC=ra+1).Disassemble
>         print("RBP 0x%x RA 0x%x %s %s %s" % (prbp, ra,
> da[0].Loc.Function.Name_, da[0].Loc.File, da[0].Loc.Line))
>         if prbp == 0:
>            break
>         rbp = prbp
>
> def main():
>         dlv_command("config alias goroutine_start_line gsl")
>
> (dlv)bt
> RBP 0x0 RA 0x45f5e1 runtime.goexit
> /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s 1599
>
>  0  0x0000000000433b04 in runtime.addOneOpenDeferFrame.func1
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/panic.go:646
>  1  0x000000000045f0c0 in runtime.systemstack_switch
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s:463
>  2  0x0000000000433a89 in runtime.addOneOpenDeferFrame
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/panic.go:644
>  3  0x0000000000434357 in runtime.gopanic
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/panic.go:886
>  4  0x00000000004642a7 in main.Test4
>     at ./export.go:7
>  5  0x000000000046431c in _cgoexp_78b81bbf688e_Test4
>     at _cgo_gotypes.go:61
>  6  0x000000000040535b in runtime.cgocallbackg1
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgocall.go:315
>  7  0x0000000000405079 in runtime.cgocallbackg
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgocall.go:234
>  8  0x0000000000461b0f in runtime.cgocallbackg
>     at <autogenerated>:1
>  9  0x000000000045f3f4 in runtime.cgocallback
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s:998
> 10  0x0000000000000001 in ???
>     at ?:-1
> 11  0x0000000000464386 in C.Test4
>     at /tmp/go-build/_cgo_export.c:33
> 12  0x0000000000464432 in C.test1
>     at ./hello.go:9
> 13  0x000000000046444d in C.test2
>     at ./hello.go:14
> 14  0x0000000000464468 in C.test3
>     at ./hello.go:19
> 15  0x00000000004644a7 in C._cgo_78b81bbf688e_Cfunc_test3
> 15  0x00000000004644a7 in C._cgo_78b81bbf688e_Cfunc_test3
>     at /tmp/go-build/cgo-gcc-prolog:49
> 16  0x000000000045f2e4 in runtime.asmcgocall
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s:848
> 17  0x000000000046448a in C._cgo_78b81bbf688e_Cfunc_test3
>     at /tmp/go-build/cgo-gcc-prolog:44
> 18  0x0000000000404f0a in runtime.cgocall
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgocall.go:167
> 19  0x0000000000464245 in main._Cfunc_test3
>     at _cgo_gotypes.go:39
> 20  0x00000000004642d7 in main.main
>     at ./hello.go:33
> 21  0x0000000000437073 in runtime.main
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/proc.go:250
> 22  0x000000000045f5e1 in runtime.goexit
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s:1598
>
> (dlv)source test.star
> (dlv)gsl
> (dlv) gsl
> RBP 0xc000048c68 RIP 0x433b04 runtime.addOneOpenDeferFrame.func1
> /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/panic.go 646
> RBP 0xc000048d28 RA 0x434357 runtime.gopanic
> /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/panic.go 905
> RBP 0xc000048d48 RA 0x4642a7 main.Test4
> /home/soomohan/mbalraj/test/export.go 7
> RBP 0xc000048d58 RA 0x46431c _cgoexp_78b81bbf688e_Test4 _cgo_gotypes.go 62
> RBP 0xc000048e18 RA 0x40535b runtime.cgocallbackg1
> /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgocall.go 323
> RBP 0xc000048ea8 RA 0x405079 runtime.cgocallbackg
> /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgocall.go 240
> RBP 0xc000048ed0 RA 0x461b0f runtime.cgocallbackg <autogenerated> 1
> RBP 0x7ffdb188bc50 RA 0x45f3f4 runtime.cgocallback
> /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s 1003
> RBP 0x7ffdb188bca0 RA 0x4641bd crosscall2
> /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgo/asm_amd64.s 32
> RBP 0x7ffdb188bcd0 RA 0x464386 C.Test4 /tmp/go-build/_cgo_export.c 35
> RBP 0x7ffdb188bce0 RA 0x464432 C.test1
> /home/soomohan/mbalraj/test/hello.go 10
> RBP 0x7ffdb188bd00 RA 0x46444d C.test2
> /home/soomohan/mbalraj/test/hello.go 15
> RBP 0x7ffdb188bd20 RA 0x464468 C.test3
> /home/soomohan/mbalraj/test/hello.go 20
> RBP 0x7ffdb188bd50 RA 0x4644a7 C._cgo_78b81bbf688e_Cfunc_test3
> /tmp/go-build/cgo-gcc-prolog 51
> RBP 0xc000048f38 RA 0x45f2e4 runtime.asmcgocall
> /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s 852
> RBP 0xc000048f60 RA 0x464245 main._Cfunc_test3 _cgo_gotypes.go 40
> RBP 0xc000048f70 RA 0x4642d7 main.main
> /home/soomohan/mbalraj/test/hello.go 33
> RBP 0xc000048fd0 RA 0x437073 runtime.main
> /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/proc.go 260
> RBP 0x0 RA 0x45f5e1 runtime.goexit
> /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s 1599
>
> (dlv)si
>
> (dlv)bt
>  0  0x000000000045587f in runtime.gentraceback
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/traceback.go:32
>  1  0x000000000045f0c0 in runtime.systemstack_switch
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s:463
>  2  0x0000000000433a89 in runtime.addOneOpenDeferFrame
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/panic.go:644
>  3  0x0000000000434357 in runtime.gopanic
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/panic.go:886
>  4  0x00000000004642a7 in main.Test4
>     at ./export.go:7
>  5  0x000000000046431c in _cgoexp_78b81bbf688e_Test4
>     at _cgo_gotypes.go:61
>  6  0x000000000040535b in runtime.cgocallbackg1
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgocall.go:315
>  7  0x0000000000405079 in runtime.cgocallbackg
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgocall.go:234
>  8  0x0000000000461b0f in runtime.cgocallbackg
>     at <autogenerated>:1
>  9  0x000000000045f3f4 in runtime.cgocallback
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s:998
> 10  0x0000000000000001 in ???
>     at ?:-1
> 11  0x0000000000464386 in C.Test4
>     at /tmp/go-build/_cgo_export.c:33
> 12  0x0000000000464432 in C.test1
>     at ./hello.go:9
> 13  0x000000000046444d in C.test2
>     at ./hello.go:14
> 14  0x0000000000464468 in C.test3
>     at ./hello.go:19
> 15  0x0000000000433b4b in runtime.addOneOpenDeferFrame.func1
> 15  0x0000000000433b4b in runtime.addOneOpenDeferFrame.func1
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/panic.go:645
> 16  0x000000000045f129 in runtime.systemstack
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s:496
> 17  0x0000000000461da5 in runtime.newproc
>     at <autogenerated>:1
> 18  0x00000000004cc720 in ???
>     at ?:-1
> 19  0x000000000046431c in _cgoexp_78b81bbf688e_Test4
>     at _cgo_gotypes.go:61
> 20  0x000000000040535b in runtime.cgocallbackg1
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgocall.go:315
> 21  0x0000000000405079 in runtime.cgocallbackg
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgocall.go:234
> 22  0x0000000000461b0f in runtime.cgocallbackg
>     at <autogenerated>:1
> 23  0x000000000045f3f4 in runtime.cgocallback
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s:998
> 24  0x000000000045f0c0 in runtime.systemstack_switch
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s:463
> 25  0x0000000000404f0a in runtime.cgocall
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/cgocall.go:167
> 26  0x0000000000464245 in main._Cfunc_test3
>     at _cgo_gotypes.go:39
> 27  0x00000000004642d7 in main.main
>     at ./hello.go:33
> 28  0x0000000000437073 in runtime.main
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/proc.go:250
> 29  0x000000000045f5e1 in runtime.goexit
>     at /home/soomohan/mbalraj/GO/go1.20.2/go/src/runtime/asm_amd64.s:1598
>
> (dlv) regs
>  (dlv) regs
>     Rip = 0x000000000045587f
>     Rsp = 0x00007ffdb188ba08
>     Rax = 0x000000000040535b
>     Rbx = 0x000000c000048d68
>     Rcx = 0x0000000000000000
>     Rdx = 0x0000000000433b60
>     Rsi = 0x0000000000000000
>     Rdi = 0x000000c0000061a0
>     Rbp = 0x00007ffdb188bd20
>      R8 = 0x0000000000000000
>      R9 = 0x000000007fffffff
>     R10 = 0x00007ffdb188bd80
>     R11 = 0x0000000000000000
>     R12 = 0x00007ffdb188ba88
>     R13 = 0x000000c000048c18
>     R14 = 0x00000000004cc720
>     R15 = 0x0000000000000000
>  Rflags = 0x0000000000000246    [PF ZF IF IOPL=0]
>      Es = 0x0000000000000000
>      Cs = 0x0000000000000033
>      Ss = 0x000000000000002b
>      Ds = 0x0000000000000000
>      Fs = 0x0000000000000000
>      Gs = 0x0000000000000000
> Fs_base = 0x000015128ba66740
> Gs_base = 0x0000000000000000
>
> Best Regards
> Mariappan
>

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/golang-nuts/CAKKWi6T8WsGXBH%3DODZMfaswT1sj4oHKagAv4_wYKX%3DGufBMj5Q%40mail.gmail.com.

[go-nuts] Re: Calling panic() is corrupting system stack

Reply via email to