84 million requests a second means even rare bugs appear often. We'll reveal how we discovered a race condition in the Go arm64 compiler and got it fixed.

Cloudflare's platform is a leading provider of internet security and performance solutions, offering insights into web security, content delivery, and DNS management. Through documentation, blog posts, and webinars, Cloudflare provides insights into protecting websites and applications from cyber threats and improving performance. Developers and IT professionals can learn about CDN (Content Delivery Network), DDoS mitigation, and firewall configurations to secure and accelerate web traffic.

Cloudflare

Cloudflare discovered a race condition in Go's arm64 compiler that caused sporadic crashes during stack unwinding. The bug occurred when async preemption interrupted a split stack pointer adjustment in function epilogues, leaving the stack in an invalid state. Through systematic debugging involving coredumps, disassembly analysis, and reproducer creation, they traced crashes to a one-instruction race where the runtime preempted between two ADD opcodes adjusting RSP. The fix ensures stack pointer modifications happen atomically by building offsets in temporary registers first.

How we found a bug in Go's arm64 compiler

A single-instruction race condition window