Skip to content

Commit cc29e4a

Browse files
committed
Fixed: handle non-Go-heap pointers correctly under Go 1.25
1 parent 1bf40c1 commit cc29e4a

1 file changed

Lines changed: 13 additions & 1 deletion

File tree

internal/widget/gpu/reader_windows.go

Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -470,12 +470,24 @@ func (r *pdhReader) forEachCounterInstance(handle uintptr, fn func(name string,
470470
}
471471

472472
itemSize := unsafe.Sizeof(pdhFmtCountervalueItemDouble{})
473+
bufEnd := uintptr(unsafe.Pointer(&buffer[0])) + uintptr(len(buffer))
473474
for i := uint32(0); i < itemCount; i++ {
474475
item := (*pdhFmtCountervalueItemDouble)(unsafe.Pointer(&buffer[uintptr(i)*itemSize]))
475476
if item.szName == nil {
476477
continue
477478
}
478-
name := syscall.UTF16ToString(unsafe.Slice(item.szName, 256))
479+
// szName points within buffer; bound the slice to not exceed the allocation.
480+
// Without this, a hardcoded length like 256 can extend past the buffer end,
481+
// which Go 1.25's checkptr rejects as straddling multiple allocations.
482+
nameAddr := uintptr(unsafe.Pointer(item.szName))
483+
maxChars := int((bufEnd - nameAddr) / 2) // uint16 = 2 bytes
484+
if maxChars <= 0 {
485+
continue
486+
}
487+
if maxChars > 256 {
488+
maxChars = 256
489+
}
490+
name := syscall.UTF16ToString(unsafe.Slice(item.szName, maxChars))
479491
fn(name, item)
480492
}
481493
}

0 commit comments

Comments
 (0)