Commit 4d1ab2d8 authored by Shenghou Ma's avatar Shenghou Ma Committed by Minux Ma

runtime: re-enable TestNewProc0 on android/arm and fix heap corruption

The problem is not actually specific to android/arm. Linux/ARM's
runtime.clone set the stack pointer to child_stk-4 before calling
the fn. And then when fn returns, it tries to write to 4(R13) to
provide argument for runtime.exit, which is just beyond the allocated
child stack, and thus it will corrupt the heap randomly or trigger
segfault if that memory happens to be unmapped.

While we're at here, shorten the test polling interval to 0.1s to
speed up the test (it was only checking at 1s interval, which means
the test takes at least 1s).

Fixes #10548.

Change-Id: I57cd63232022b113b6cd61e987b0684ebcce930a
Reviewed-on: https://go-review.googlesource.com/9457Reviewed-by: default avatarDavid Crawshaw <crawshaw@golang.org>
parent 06946aad
...@@ -24,13 +24,8 @@ func newOSProcCreated() { ...@@ -24,13 +24,8 @@ func newOSProcCreated() {
// Can't be run with -race because it inserts calls into newOSProcCreated() // Can't be run with -race because it inserts calls into newOSProcCreated()
// that require a valid G/M. // that require a valid G/M.
func TestNewOSProc0(t *testing.T) { func TestNewOSProc0(t *testing.T) {
if runtime.GOOS == "android" && runtime.GOARCH == "arm" {
// newosproc0 does not work for android/arm.
// See issue 10548.
t.Skipf("skipping on %v", runtime.GOOS)
}
runtime.NewOSProc0(0x800000, unsafe.Pointer(runtime.FuncPC(newOSProcCreated))) runtime.NewOSProc0(0x800000, unsafe.Pointer(runtime.FuncPC(newOSProcCreated)))
check := time.NewTicker(1 * time.Second) check := time.NewTicker(100 * time.Millisecond)
defer check.Stop() defer check.Stop()
end := time.After(5 * time.Second) end := time.After(5 * time.Second)
for { for {
......
...@@ -308,6 +308,7 @@ nog: ...@@ -308,6 +308,7 @@ nog:
BL (R0) BL (R0)
// It shouldn't return. If it does, exit that thread. // It shouldn't return. If it does, exit that thread.
SUB $16, R13 // restore the stack pointer to avoid memory corruption
MOVW $0, R0 MOVW $0, R0
MOVW R0, 4(R13) MOVW R0, 4(R13)
BL runtime·exit1(SB) BL runtime·exit1(SB)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment