cmd/asm: don't allow writes outside of a function's stack frame · golang/go#79062

(2 留言) (0 反應) (0 負責人)Go (133,883 star) (19,008 fork)batch import

NeedsInvestigationToolProposalcompiler/runtimehelp wanted

描述

Go version

go1.26.2 linux/amd64

Output of `go env` in your module/workspace:

n/a

What did you do?

Wrote the following amd64 assembly function:

#include "textflag.h"

TEXT ·clobber(SB),NOSPLIT,$8-0
        MOVQ $42, 8(SP)
        RET

What did you see happen?

It compiles.

What did you expect to see?

I think it shouldn't compile. The function declares an 8 byte stack frame, and that stack write is outside of the declared stack frame. Such a write was the cause of https://github.com/golang/go/issues/77250. In that issue, an assembly function overwrote the frame pointer saved at the top of the stack frame, leading to an execution tracer crash when the function returned. The assembler seems to accept any value for the offset of the SP virtual register. I think the same thing might apply to the FP pseudo-register: the function declares the amount of space for arguments and any read outside of that space is probably a bug.

貢獻者指南

技術棧: go
領域: toolingbuild system
議題類型: bug
難度: 4
預計時間: 3-5 days
活動狀態: fresh
清晰度: clear
前置要求: Go assemblycmd/asm internalsstack frame conventions
新手友善度: 20
研究方向: The issue requests validation of stack frame offsets in the Go assembler. Start by examining the parser in src/cmd/asm/internal/asm/parse.go and related files to understand how instruction operands are evaluated. Look at the previous issue #77250 as a reference. The fix should add a check that writes to SP are within the declared stack frame size, and similarly for FP within argument space. Also consider how to handle instructions that manipulate SP directly. Review the assembler's test suite for existing validation examples.

描述