Golang sys/windows: windows.PSAPI_WORKING_SET_EX_INFORMATION data structure does not match the Windows api

Go version

go version go1.23.1 windows/amd64

Output of go env in your module/workspace:

set GO111MODULE=
set GOARCH=amd64
set GOBIN=
set GOCACHE=C:\Users\xxx\AppData\Local\go-build
set GOENV=C:\Users\xxx\AppData\Roaming\go\env
set GOEXE=.exe
set GOEXPERIMENT=
set GOFLAGS=
set GOHOSTARCH=amd64
set GOHOSTOS=windows
set GOINSECURE=
set GOMODCACHE=C:\Users\xxx\go\pkg\mod
set GONOPROXY=
set GONOSUMDB=
set GOOS=windows
set GOPATH=C:\Users\xxx\go
set GOPRIVATE=
set GOPROXY=https://proxy.golang.org,direct
set GOROOT=C:\Program Files\Go
set GOSUMDB=sum.golang.org
set GOTMPDIR=
set GOTOOLCHAIN=auto
set GOTOOLDIR=C:\Program Files\Go\pkg\tool\windows_amd64
set GOVCS=
set GOVERSION=go1.23.1
set GODEBUG=
set GOTELEMETRY=local
set GOTELEMETRYDIR=C:\Users\xxx\AppData\Roaming\go\telemetry
set GCCGO=gccgo
set GOAMD64=v1
set AR=ar
set CC=gcc
set CXX=g++
set CGO_ENABLED=1
set GOMOD=C:\Users\xxx\sys\go.mod
set GOWORK=
set CGO_CFLAGS=-O2 -g
set CGO_CPPFLAGS=
set CGO_CXXFLAGS=-O2 -g
set CGO_FFLAGS=-O2 -g
set CGO_LDFLAGS=-O2 -g
set PKG_CONFIG=pkg-config
set GOGCCFLAGS=-m64 -mthreads -Wl,--no-gc-sections -fmessage-length=0 -ffile-prefix-map=C:\Users\xxx\AppData\Local\Temp\go-build1920934976=/tmp/go-build -gno-record-gcc-switches

What did you do?

1. PSAPI_WORKING_SET_EX_BLOCK is 8 bytes on a 64-bit operating system and 4 bytes on a 32-bit operating system(see ms official docpsapi/ns-psapi-psapi_working_set_ex_block), should use uintptr instead of uint64

windows/syscall_windows.go#L1784-L1785

// PSAPI_WORKING_SET_EX_BLOCK contains extended working set information for a page.
type PSAPI_WORKING_SET_EX_BLOCK uint64

2. VirtualAddress shouldnt use Pointer , it's not always be a valid address(memory changes mid-operation or when using QueryWorkingSetEx for another process), which can cause a GC panic.

windows/syscall_windows.go#L1844-L1850

// PSAPI_WORKING_SET_EX_INFORMATION contains extended working set information for a process.
type PSAPI_WORKING_SET_EX_INFORMATION struct {
    // The virtual address.
    VirtualAddress Pointer
    // A PSAPI_WORKING_SET_EX_BLOCK union that indicates the attributes of the page at VirtualAddress.
    VirtualAttributes PSAPI_WORKING_SET_EX_BLOCK
}

This is a demo to reproduce the panic: https://github.com/dangodangodango/VirtualQueryEx panic:

runtime: marked free object in span 0x1675beda1a8, elemsize=192 freeindex=1 (bad use of unsafe.Pointer? try -d=checkptr)
0xc000000000 alloc unmarked
0xc0000000c0 free  unmarked
0xc000000180 free  unmarked
0xc000000240 free  unmarked
0xc000000300 free  unmarked
0xc0000003c0 free  unmarked
0xc000000480 free  unmarked
0xc000000540 free  unmarked
0xc000000600 free  unmarked
0xc0000006c0 free  unmarked
0xc000000780 free  unmarked
0xc000000840 free  unmarked
0xc000000900 free  unmarked
0xc0000009c0 free  unmarked
0xc000000a80 free  unmarked
0xc000000b40 free  unmarked
0xc000000c00 free  unmarked
0xc000000cc0 free  unmarked
0xc000000d80 free  unmarked
0xc000000e40 free  unmarked
0xc000000f00 free  unmarked
0xc000000fc0 free  marked   zombie
0x000000c000000fc0:  0x0000000000000000  0x0000000000000000
0x000000c000000fd0:  0x0000000000000000  0x0000000000000000
0x000000c000000fe0:  0x0000000000000000  0x0000000000000000
0x000000c000000ff0:  0x0000000000000000  0x0000000000000000
0x000000c000001000:  0x0000000000000000  0x0000000000000000
0x000000c000001010:  0x0000000000000000  0x0000000000000000
0x000000c000001020:  0x0000000000000000  0x0000000000000000
0x000000c000001030:  0x0000000000000000  0x0000000000000000
0x000000c000001040:  0x0000000000000000  0x0000000000000000
0x000000c000001050:  0x0000000000000000  0x0000000000000000
0x000000c000001060:  0x0000000000000000  0x0000000000000000
0x000000c000001070:  0x0000000000000000  0x0000000000000000
0xc000001080 free  unmarked
0xc000001140 free  unmarked
0xc000001200 free  unmarked
0xc0000012c0 free  unmarked
0xc000001380 free  unmarked
0xc000001440 free  unmarked
0xc000001500 free  unmarked
0xc0000015c0 free  unmarked
0xc000001680 free  unmarked
0xc000001740 free  unmarked
0xc000001800 free  unmarked
0xc0000018c0 free  unmarked
0xc000001980 free  unmarked
0xc000001a40 free  unmarked
0xc000001b00 free  unmarked
0xc000001bc0 free  unmarked
0xc000001c80 free  unmarked
0xc000001d40 free  unmarked
0xc000001e00 free  unmarked
0xc000001ec0 free  unmarked
fatal error: found pointer to free object

runtime stack:
runtime.throw({0x744a1d?, 0xc000001080?})
        C:/Program Files/Go/src/runtime/panic.go:1067 +0x4d fp=0x5ddffff640 sp=0x5ddffff610 pc=0x6d548d
runtime.(*mspan).reportZombies(0x1675beda1a8)
        C:/Program Files/Go/src/runtime/mgcsweep.go:890 +0x2ea fp=0x5ddffff6c0 sp=0x5ddffff640 pc=0x692eea
runtime.(*sweepLocked).sweep(0x5d00000000?, 0x0)
        C:/Program Files/Go/src/runtime/mgcsweep.go:658 +0xb68 fp=0x5ddffff7e0 sp=0x5ddffff6c0 pc=0x692528
runtime.(*mcentral).uncacheSpan(0x5ddffff820?, 0x5ddffff878?)
        C:/Program Files/Go/src/runtime/mcentral.go:236 +0x98 fp=0x5ddffff808 sp=0x5ddffff7e0 pc=0x682598
runtime.(*mcache).releaseAll(0x1675bed0108)
        C:/Program Files/Go/src/runtime/mcache.go:291 +0x13e fp=0x5ddffff870 sp=0x5ddffff808 pc=0x681efe
runtime.(*mcache).prepareForSweep(0x1675bed0108)
        C:/Program Files/Go/src/runtime/mcache.go:328 +0x35 fp=0x5ddffff898 sp=0x5ddffff870 pc=0x681ff5
runtime.acquirep(0xc000034008)
        C:/Program Files/Go/src/runtime/proc.go:5840 +0x2a fp=0x5ddffff8c0 sp=0x5ddffff898 pc=0x6b2aca
runtime.stopm()
        C:/Program Files/Go/src/runtime/proc.go:2886 +0xb5 fp=0x5ddffff8f0 sp=0x5ddffff8c0 pc=0x6abef5
runtime.findRunnable()
        C:/Program Files/Go/src/runtime/proc.go:3622 +0xd5c fp=0x5ddffffa68 sp=0x5ddffff8f0 pc=0x6ad93c
runtime.schedule()
        C:/Program Files/Go/src/runtime/proc.go:3995 +0xb1 fp=0x5ddffffaa0 sp=0x5ddffffa68 pc=0x6aea11
runtime.park_m(0xc00005e000)
        C:/Program Files/Go/src/runtime/proc.go:4102 +0x1eb fp=0x5ddffffaf8 sp=0x5ddffffaa0 pc=0x6aee2b
runtime.mcall()
        C:/Program Files/Go/src/runtime/asm_amd64.s:459 +0x53 fp=0x5ddffffb10 sp=0x5ddffffaf8 pc=0x6da653

What did you see happen?

panic

What did you expect to see?

not panic

Comment From: gabyhelp

Related Issues

• cmd/cgo, runtime: panic error when using 'fmt' and dll #21138 (closed)
• cmd/link: panic opening c-shared DLL on windows #26084 (closed)
• go build use -asan it panic. #69225 (closed)
• Go build dll on Windows cause random panic. #34168 (closed)
• There was a panic when golang built the DLL and then used golang to call the DLL #49184 (closed)
• cmd/go: panic: runtime error: invalid memory address or nil pointer dereference during type checking in `go generate` #66670 (closed)
• syscall: panic within syscall_windows.go Readlink #15978 (closed)
• runtime: bad pointer! #8848 (closed)
• syscall: panic calling Windows system call in 1.7, worked in 1.6 #17908 (closed)
• x/exp/shiny: fatal error: found bad pointer in Go heap (darwin/amd64/gldriver) #17971 (closed)

_{(Emoji vote if this was helpful or unhelpful; more detailed feedback welcome in this discussion.)}