runtime: checkptr incorrectly -race flagging when using &^ arithmetic #40917
Comments
|
@mdempsky Looks like it's passing a zero-length originals array to |
|
Thanks for the report. That test case is correct, so it's definitely an issue that checkptr is reporting a false positive about There's logic in the checkptr instrumentation to try to recognize go/src/cmd/compile/internal/gc/walk.go Line 4006 in 46ca7b5 But it looks like this is probably failing because we've already recursively walked the subexpression and rewritten it into go/src/cmd/compile/internal/gc/walk.go Lines 973 to 976 in 46ca7b5 Probably the easiest fix is to look for --
https://golang.org/pkg/unsafe/#Pointer says:
So I don't think we need to handle |
|
Of note, Probably easiest is to just tweak the error message. |
|
@SnapDragon64 Can you share how you ran into this issue? In particular, do you have real world code that was already using |
|
Change https://golang.org/cl/249477 mentions this issue: |
|
@dmitshur Do you mind weighing in on whether this merits backporting to Go 1.15? Arguments for:
Arguments against:
|
ALTree
added
the
NeedsFix
Yes, we had some real world code using |
|
@gopherbot Please consider for backport to Go 1.15. See my rationale for/against at #40917 (comment). Also, that this affected real user code at #40917 (comment). |
|
Backport issue(s) opened: #40934 (for 1.15). Remember to create the cherry-pick CL(s) as soon as the patch is submitted to master, according to https://golang.org/wiki/MinorReleases. |
|
@mdempsky Thank you for providing useful information for the backporting decision. We've discussed the 1.15 cherry-pick candidate in a release meeting. Per our release policy (see #34536 (comment)), since this bug is also present in Go 1.14, we must either backport to both 1.15+1.14 or neither. Do you think this fix is safe to backport to 1.14 as well? I've tried it locally and saw that it applied cleanly, other than a merge conflict in TestCheckPtr test cases. |
|
@dmitshur Thanks for pointing that policy out to me. Yes, I think it should be safe to backport to 1.14 as well. I just looked at the diff between 1.14 and 1.15 for cmd/compile, and nothing significant changed about either checkptr or the internal Edit: The conflict is just because the we tweaked the error messages in 1.15 to be clearer. None of the underlying logic for when to report errors changed. |
|
Change https://golang.org/cl/249879 mentions this issue: |
|
Change https://golang.org/cl/249838 mentions this issue: |
checkptr has code to recognize &^ expressions, but it didn't take into account that "p &^ x" gets rewritten to "p & ^x" during walk, which resulted in false positive diagnostics. This CL changes walkexpr to mark OANDNOT expressions with Implicit when they're rewritten to OAND, so that walkCheckPtrArithmetic can still recognize them later. It would be slightly more idiomatic to instead mark the OBITNOT expression as Implicit (as it's a compiler-generated Node), but the OBITNOT expression might get constant folded. It's not worth the extra complexity/subtlety of relying on n.Right.Orig, so we set Implicit on the OAND node instead. To atone for this transgression, I add documentation for nodeImplicit. Updates #40917. Fixes #40934. Change-Id: I386304171ad299c530e151e5924f179e9a5fd5b8 Reviewed-on: https://go-review.googlesource.com/c/go/+/249477 Run-TryBot: Matthew Dempsky <mdempsky@google.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Keith Randall <khr@golang.org> Reviewed-by: Cuong Manh Le <cuong.manhle.vn@gmail.com> (cherry picked from commit e94544c) Reviewed-on: https://go-review.googlesource.com/c/go/+/249879 Run-TryBot: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Matthew Dempsky <mdempsky@google.com>
checkptr has code to recognize &^ expressions, but it didn't take into account that "p &^ x" gets rewritten to "p & ^x" during walk, which resulted in false positive diagnostics. This CL changes walkexpr to mark OANDNOT expressions with Implicit when they're rewritten to OAND, so that walkCheckPtrArithmetic can still recognize them later. It would be slightly more idiomatic to instead mark the OBITNOT expression as Implicit (as it's a compiler-generated Node), but the OBITNOT expression might get constant folded. It's not worth the extra complexity/subtlety of relying on n.Right.Orig, so we set Implicit on the OAND node instead. To atone for this transgression, I add documentation for nodeImplicit. Updates #40917. Fixes #40968. Change-Id: I386304171ad299c530e151e5924f179e9a5fd5b8 Reviewed-on: https://go-review.googlesource.com/c/go/+/249477 Run-TryBot: Matthew Dempsky <mdempsky@google.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Keith Randall <khr@golang.org> Reviewed-by: Cuong Manh Le <cuong.manhle.vn@gmail.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/249838 Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
|
@SnapDragon64 Thanks for the issue report. A fix should be included in Go 1.15.1, once it comes out, and then your workaround shouldn't be necessary any further. Please let us know if you run into any further false positives. |
What version of Go are you using (
go version)?Does this issue reproduce with the latest release?
Yes
What did you do?
go run -racethe following code:package main import ( "fmt" "unsafe" ) func main() { a := make([]int, 100) b := unsafe.Pointer(&a) c := unsafe.Pointer(uintptr(b) + 12) fmt.Println(b, c) d := unsafe.Pointer(uintptr(c) - (uintptr(c) & 7)) fmt.Println(d) e := unsafe.Pointer(uintptr(c) &^ 7) fmt.Println(e) }What did you expect to see?
All pointers stay within bounds, so the program should work.
What did you see instead?
Note that the
dpointer arithmetic works fine, andeflags the error, despite the two being logically equivalent.The text was updated successfully, but these errors were encountered: