sync/atomic: atomic.Pointer[T] can be misused with type conversions. #56603
Comments
mateusz834
changed the title
gopherbot
added
the
compiler/runtime
|
To disallow this we would need something like that: type Pointer[T any] struct {
// We need this field to disallow type conversion.
// See issue golang/go#56603 for more details.
_ T
_ noCopy
v unsafe.Pointer
}But it will probably increase the size of the struct. Edit: type noTypeConversion[T any] struct{}
type Pointer[T any] struct {
// We need this field to disallow type conversion.
// See issue golang/go#56603 for more details.
_ noTypeConversion[T]
(...)
}Note: This is obviously a breaking change, but I don't think that we want to allow that kind of misuse. |
|
Change https://go.dev/cl/448275 mentions this issue: |
mknyszek
added
the
NeedsInvestigation
|
CC @rsc I agree any such type conversion should at least be forced to go through something that says "unsafe." The one concern I would have with this is breaking backwards compatibility. Programs will fail to compile that previously compiled successfully. |
|
@mknyszek I think that most people using generics don't even know that this kind of conversions is allowed (I discovered them recently by a mistake). |
|
It looks the code only runs well with Go 1.19.1, but panics with 1.19, 1.19.2 and 1.19.3. [edit], Ah, the program panics randomly, with any Go 1.19 versions. |
That may be true, but it only takes one upstream dependency breaking to break a whole bunch of code. That being said, this seems serious enough that it's worth breaking programs over. @aclements also pointed out to me that it's a compile error not a runtime error so the issue will be much more immediately apparent to whoever runs into it. |
|
Should this be backported to 1.19.4? |
|
@gopherbot Please backport to 1.19. This will make it less likely for people to write invalid type conversions with generic atomic types. |
|
Backport issue(s) opened: #56638 (for 1.19). Remember to create the cherry-pick CL(s) as soon as the patch is submitted to master, according to https://go.dev/wiki/MinorReleases. |
|
Change https://go.dev/cl/448518 mentions this issue: |
…mic.Pointer[T] For #56603. Fixes #56638. Change-Id: I6af9d80201025ae4028bfaa4a62e5de9ac0c501d GitHub-Last-Rev: e6ed5e1 GitHub-Pull-Request: #56604 Reviewed-on: https://go-review.googlesource.com/c/go/+/448275 Reviewed-by: Michael Knyszek <mknyszek@google.com> Run-TryBot: Ian Lance Taylor <iant@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@google.com> (cherry picked from commit 6bead8f) Reviewed-on: https://go-review.googlesource.com/c/go/+/448518 Run-TryBot: Michael Knyszek <mknyszek@google.com>
|
Change https://go.dev/cl/450655 mentions this issue: |
For #56603, CL 448275 added a _ [0]T field to atomic.Pointer, so that different kinds of atomic.Pointer are not convertible. Unfortunately, that breaks code like: type List struct { Next atomic.Pointer[List] } which should be valid, just as using Next *List is valid. Instead, we get: ./atomic_test.go:2533:6: invalid recursive type List ./atomic_test.go:2533:6: List refers to ./atomic_test.go:2534:13: "sync/atomic".Pointer refers to ./atomic_test.go:2533:6: List Fix by using _[0]*T instead. Change-Id: Icc4c83c691d35961d20cb14b824223d6c779ac5e Reviewed-on: https://go-review.googlesource.com/c/go/+/450655 Run-TryBot: Russ Cox <rsc@golang.org> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Michael Knyszek <mknyszek@google.com>
|
We should also backport the CL 450655 for go 1.19.4. |
|
Sent https://go.dev/cl/452438. |
|
Change https://go.dev/cl/452438 mentions this issue: |
|
@mknyszek we should get this submitted before go 1.19.4 |
dmitshur
added
NeedsFix
…mic.Pointer[T] For golang#56603. Fixes golang#56638. Change-Id: I6af9d80201025ae4028bfaa4a62e5de9ac0c501d GitHub-Last-Rev: e6ed5e1 GitHub-Pull-Request: golang#56604 Reviewed-on: https://go-review.googlesource.com/c/go/+/448275 Reviewed-by: Michael Knyszek <mknyszek@google.com> Run-TryBot: Ian Lance Taylor <iant@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@google.com> (cherry picked from commit 6bead8f) Reviewed-on: https://go-review.googlesource.com/c/go/+/448518 Run-TryBot: Michael Knyszek <mknyszek@google.com>
…ters again For #56603, CL 448275 added a _ [0]T field to atomic.Pointer, so that different kinds of atomic.Pointer are not convertible. Unfortunately, that breaks code like: type List struct { Next atomic.Pointer[List] } which should be valid, just as using Next *List is valid. Instead, we get: ./atomic_test.go:2533:6: invalid recursive type List ./atomic_test.go:2533:6: List refers to ./atomic_test.go:2534:13: "sync/atomic".Pointer refers to ./atomic_test.go:2533:6: List Fix by using _[0]*T instead. For #56638. Fixes #57124. Change-Id: Icc4c83c691d35961d20cb14b824223d6c779ac5e Reviewed-on: https://go-review.googlesource.com/c/go/+/450655 Run-TryBot: Russ Cox <rsc@golang.org> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Michael Knyszek <mknyszek@google.com> (cherry picked from commit b14cf3d) Reviewed-on: https://go-review.googlesource.com/c/go/+/452438 Reviewed-by: Cherry Mui <cherryyz@google.com> Run-TryBot: Michael Pratt <mpratt@google.com> Reviewed-by: Michael Pratt <mpratt@google.com>
This sample (on my system) produces a segfault:
So we basically done a unsafe type conversion without using the unsafe package.
The text was updated successfully, but these errors were encountered: