• Russ Cox's avatar
    syscall: keep allocated C string live across call to Syscall · cf622d75
    Russ Cox authored
    Given:
    
            p := alloc()
            fn_taking_ptr(p)
    
    p is NOT recorded as live at the call to fn_taking_ptr:
    it's not needed by the code following the call.
    p was passed to fn_taking_ptr, and fn_taking_ptr must keep
    it alive as long as it needs it.
    In practice, fn_taking_ptr will keep its own arguments live
    for as long as the function is executing.
    
    But if instead you have:
    
            p := alloc()
            i := uintptr(unsafe.Pointer(p))
            fn_taking_int(i)
    
    p is STILL NOT recorded as live at the call to fn_taking_int:
    it's not needed by the code following the call.
    fn_taking_int is responsible for keeping its own arguments
    live, but fn_taking_int is written to take an integer, so even
    though fn_taking_int does keep its argument live, that argument
    does not keep the allocated memory live, because the garbage
    collector does not dereference integers.
    
    The shorter form:
    
            p := alloc()
            fn_taking_int(uintptr(unsafe.Pointer(p)))
    
    and the even shorter form:
    
            fn_taking_int(uintptr(unsafe.Pointer(alloc())))
    
    are both the same as the 3-line form above.
    
    syscall.Syscall is like fn_taking_int: it is written to take a list
    of integers, and yet those integers are sometimes pointers.
    If there is no other copy of those pointers being kept live,
    the memory they point at may be garbage collected during
    the call to syscall.Syscall.
    
    This is happening on Solaris: for whatever reason, the timing
    is such that the garbage collector manages to free the string
    argument to the open(2) system call before the system call
    has been invoked.
    
    Change the system call wrappers to insert explicit references
    that will keep the allocations alive in the original frame
    (and therefore preserve the memory) until after syscall.Syscall
    has returned.
    
    Should fix Solaris flakiness.
    
    This is not a problem for cgo, because cgo wrappers have
    correctly typed arguments.
    
    LGTM=iant, khr, aram, rlh
    R=iant, khr, bradfitz, aram, rlh
    CC=dvyukov, golang-codereviews, r
    https://golang.org/cl/139360044
    cf622d75
zsyscall_darwin_amd64.go 31.8 KB