How we found a bug in Go's arm64 compiler

Cloudflare discovered a race condition bug in Go's arm64 compiler that caused sporadic panics on arm64 machines due to stack corruption. The bug was triggered by asynchronous preemption between stack pointer adjustments during garbage collection, and has been fixed in go1.23.12, go1.24.6, and go1.25.0. The fix ensures that the stack pointer is always valid by building the offset in a temporary register and then adding that to RSP in a single, indivisible opcode.

Read More