runtime: validate all calls to SetFinalizer

This change moves the check for a change in the memory management
system to after the SetFinalizer parameters have been validated.
Moving the check ensures that invalid parameters will never pass the
validation checks.

Change-Id: I9f1d3454f891f7b147c0d86b6720297172e08ef9
Reviewed-on: https://go-review.googlesource.com/c/go/+/625035
Reviewed-by: Michael Knyszek <mknyszek@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>

diff --git a/src/runtime/mfinal.go b/src/runtime/mfinal.go
index a926a8ec357c4fc581c19e2f0ebd0550fd4e97c4..238820fc06323094d21a65988782434c5277b5e4 100644 (file)
--- a/src/runtime/mfinal.go
+++ b/src/runtime/mfinal.go
@@ -409,11 +409,6 @@ func blockUntilEmptyFinalizerQueue(timeout int64) bool {
 // need to use appropriate synchronization, such as mutexes or atomic updates,
 // to avoid read-write races.
 func SetFinalizer(obj any, finalizer any) {
-       if debug.sbrk != 0 {
-               // debug.sbrk never frees memory, so no finalizers run
-               // (and we don't have the data structures to record them).
-               return
-       }
        e := efaceOf(&obj)
        etyp := e._type
        if etyp == nil {
@@ -426,11 +421,15 @@ func SetFinalizer(obj any, finalizer any) {
        if ot.Elem == nil {
                throw("nil elem type!")
        }
-
        if inUserArenaChunk(uintptr(e.data)) {
                // Arena-allocated objects are not eligible for finalizers.
                throw("runtime.SetFinalizer: first argument was allocated into an arena")
        }
+       if debug.sbrk != 0 {
+               // debug.sbrk never frees memory, so no finalizers run
+               // (and we don't have the data structures to record them).
+               return
+       }
 
        // find the containing object
        base, span, _ := findObject(uintptr(e.data), 0, 0)