Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

cmd/compile: always nil check interface calls #22703

randall77 opened this issue Nov 13, 2017 · 1 comment

cmd/compile: always nil check interface calls #22703

randall77 opened this issue Nov 13, 2017 · 1 comment


Copy link

@randall77 randall77 commented Nov 13, 2017

package main
type I interface {
func main() {
	var i I

When, I run it, I get:

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x18 pc=0x104b332]

goroutine 1 [running]:
	/Users/khr/gowork/tmp1.go:9 +0x22
exit status 2

Note the faulting address is 0x18. That's the offset of[0]. The code is trying to load the function pointer from a nil itab pointer.
There's a subtle bug here - if an interface has lots of methods, that offset is potentially large enough to not fault when loading from the nil itab. We'll then jump to arbitrary code.

It's even potentially a security risk. I'm not too worried, though, as it requires an interface with >~ pagesize/ptrsize = 512 methods to even present that attack surface.

We do the right thing for methods that we go or defer, see CL 23820. I think we just need to do the nil check for everything. It should be easy to optimize out in the common case.

First reported on golang-nuts:!topic/golang-nuts/MCBYxlaD-08


@bradfitz bradfitz added the NeedsFix label Nov 14, 2017
@bradfitz bradfitz added this to the Go1.10 milestone Nov 14, 2017

This comment has been minimized.

Copy link

@gopherbot gopherbot commented Nov 14, 2017

Change mentions this issue: cmd/compile: always nil check before interface call

@gopherbot gopherbot closed this in fa1f52c Nov 14, 2017
@golang golang locked and limited conversation to collaborators Nov 14, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
3 participants
You can’t perform that action at this time.