Golang程序  |  65行  |  1.28 KB

// run

// Copyright 2018 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

// Make sure return values aren't scanned until they
// are initialized, when calling functions and methods
// via reflect.

package main

import (
	"reflect"
	"runtime"
	"unsafe"
)

var badPtr uintptr

var sink []byte

func init() {
	// Allocate large enough to use largeAlloc.
	b := make([]byte, 1<<16-1)
	sink = b // force heap allocation
	//  Any space between the object and the end of page is invalid to point to.
	badPtr = uintptr(unsafe.Pointer(&b[len(b)-1])) + 1
}

func f(d func() *byte) *byte {
	// Initialize callee args section with a bad pointer.
	g(badPtr)

	// Then call a function which returns a pointer.
	// That return slot starts out holding a bad pointer.
	return d()
}

//go:noinline
func g(x uintptr) {
}

type T struct {
}

func (t *T) Foo() *byte {
	runtime.GC()
	return nil
}

func main() {
	// Functions
	d := reflect.MakeFunc(reflect.TypeOf(func() *byte { return nil }),
		func(args []reflect.Value) []reflect.Value {
			runtime.GC()
			return []reflect.Value{reflect.ValueOf((*byte)(nil))}
		}).Interface().(func() *byte)
	f(d)

	// Methods
	e := reflect.ValueOf(&T{}).Method(0).Interface().(func() *byte)
	f(e)
}