Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

encoding/gob: panic decoding into local type, received remote type #62117

Closed
vkjon opened this issue Aug 17, 2023 · 7 comments
Closed

encoding/gob: panic decoding into local type, received remote type #62117

vkjon opened this issue Aug 17, 2023 · 7 comments
Assignees
@panjf2000
Labels
NeedsFix The path to resolution is known, but the work has not been done.
Milestone
Go1.22

Comments

@vkjon
Copy link

vkjon commented Aug 17, 2023

What version of Go are you using (go version)?

$ go version
go version go1.21.0 linux/amd64

Does this issue reproduce with the latest release?

yes

What operating system and processor architecture are you using (go env)?

go env Output
$ go env
GO111MODULE=''
GOARCH='amd64'
GOBIN=''
GOCACHE='/home/vscode/.cache/go-build'
GOENV='/home/vscode/.config/go/env'
GOEXE=''
GOEXPERIMENT=''
GOFLAGS=''
GOHOSTARCH='amd64'
GOHOSTOS='linux'
GOINSECURE=''
GOMODCACHE='/go/pkg/mod'
GONOPROXY=''
GONOSUMDB=''
GOOS='linux'
GOPATH='/go'
GOPRIVATE=''
GOPROXY='https://proxy.golang.org,direct'
GOROOT='/usr/local/go'
GOSUMDB='sum.golang.org'
GOTMPDIR=''
GOTOOLCHAIN='auto'
GOTOOLDIR='/usr/local/go/pkg/tool/linux_amd64'
GOVCS=''
GOVERSION='go1.21.0'
GCCGO='gccgo'
GOAMD64='v1'
AR='ar'
CC='gcc'
CXX='g++'
CGO_ENABLED='1'
GOMOD='/dev/null'
GOWORK=''
CGO_CFLAGS='-O2 -g'
CGO_CPPFLAGS=''
CGO_CXXFLAGS='-O2 -g'
CGO_FFLAGS='-O2 -g'
CGO_LDFLAGS='-O2 -g'
PKG_CONFIG='pkg-config'
GOGCCFLAGS='-fPIC -m64 -pthread -Wl,--no-gc-sections -fmessage-length=0 -ffile-prefix-map=/tmp/go-build318203347=/tmp/go-build -gno-record-gcc-switches'

What did you do?

Decode downstream gob into a local type.

What did you expect to see?

gob: decoding into local type *[]*struct {}, received remote type

What did you see instead?

panic: runtime error: index out of range [64] with length 64 [recovered]
	panic: runtime error: index out of range [64] with length 64 [recovered]
	panic: runtime error: index out of range [64] with length 64

goroutine 1 [running]:
encoding/gob.catchError(0xc000108070)
	/usr/local/go-faketime/src/encoding/gob/error.go:38 +0x6d
panic({0x4b5c20?, 0xc00001a030?})
	/usr/local/go-faketime/src/runtime/panic.go:914 +0x21f
encoding/gob.catchError(0xc0001198c8)
	/usr/local/go-faketime/src/encoding/gob/error.go:38 +0x6d
panic({0x4b5c20?, 0xc00001a030?})
	/usr/local/go-faketime/src/runtime/panic.go:914 +0x21f
encoding/gob.(*Decoder).typeString(0xc000108000?, 0x4e4480?)
	/usr/local/go-faketime/src/encoding/gob/decode.go:1085 +0x1e9
encoding/gob.(*Decoder).compileSingle(0x1800000700?, 0x40, 0xc00001cdc0)
	/usr/local/go-faketime/src/encoding/gob/decode.go:1100 +0x365
encoding/gob.(*Decoder).compileDec(0xc000108000, 0x40, 0xc00001cdc0)
	/usr/local/go-faketime/src/encoding/gob/decode.go:1132 +0x257
encoding/gob.(*Decoder).getDecEnginePtr(0xc000108000, 0x4a48a0?, 0xc00001cdc0)
	/usr/local/go-faketime/src/encoding/gob/decode.go:1189 +0x12a
encoding/gob.(*Decoder).decodeValue(0xc000108000, 0x446e00?, {0x4a48a0?, 0xc000010258?, 0xc000016601?})
	/usr/local/go-faketime/src/encoding/gob/decode.go:1234 +0xfd
encoding/gob.(*Decoder).DecodeValue(0xc000108000, {0x4a48a0?, 0xc000010258?, 0x0?})
	/usr/local/go-faketime/src/encoding/gob/decoder.go:229 +0x196
encoding/gob.(*Decoder).Decode(0xc000108000, {0x4a48a0?, 0xc000010258?})
	/usr/local/go-faketime/src/encoding/gob/decoder.go:204 +0x125
main.main()
	/tmp/sandbox717720055/prog.go:14 +0xbb
@dmitshur dmitshur added the NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. label Aug 17, 2023
@dmitshur dmitshur added this to the Backlog milestone Aug 17, 2023
@dmitshur
Copy link
Contributor

Thanks for reporting.

If I understand correctly, this only happens with Go 1.21.0 but not in Go 1.20 and older, right?

CC @robpike.

@vkjon
Copy link
Author

vkjon commented Aug 17, 2023

I didn't think to test with an older versions. You are correct, go1.20 does not panic.

@dmitshur
Copy link
Contributor

Also CC @mvdan.

@gopherbot
Copy link

Change https://go.dev/cl/520757 mentions this issue: encoding/gob: prevent panic from index out of range in Decoder.typeString

@panjf2000 panjf2000 self-assigned this Aug 18, 2023
@panjf2000 panjf2000 added the NeedsFix The path to resolution is known, but the work has not been done. label Aug 18, 2023
@gopherbot gopherbot removed the NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. label Aug 18, 2023
@dmitshur dmitshur modified the milestones: Backlog, Go1.22 Aug 18, 2023
@panjf2000
Copy link
Member

@gopherbot please consider this for backport to 1.21, this issue may have a wide impact.

@gopherbot
Copy link

Backport issue(s) opened: #62154 (for 1.21).

Remember to create the cherry-pick CL(s) as soon as the patch is submitted to master, according to https://go.dev/wiki/MinorReleases.

@gopherbot gopherbot mentioned this issue Aug 19, 2023
Closed
@gopherbot
Copy link

Change https://go.dev/cl/521156 mentions this issue: [release-branch.go1.21] encoding/gob: prevent panic from index out of range in Decoder.typeString

cellularmitosis pushed a commit to cellularmitosis/go that referenced this issue Aug 24, 2023
@panjf2000 @cellularmitosis
encoding/gob: prevent panic from index out of range in Decoder.typeSt…
3b6ed3c 
…ring

I believe this bug is introduced by CL 460543 which optimizes the allocations
by changing the type of `idToType` from map to slice, but didn't update the
access code in `Decoder.typeString` that is safe for map but not for slice.

Fixes golang#62117

Change-Id: I0f2e4cc2f34c54dada1f83458ba512a6fde6dcbe
Reviewed-on: https://go-review.googlesource.com/c/go/+/520757
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Run-TryBot: Andy Pan <panjf2000@gmail.com>
Auto-Submit: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Daniel Martí <mvdan@mvdan.cc>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Run-TryBot: Ian Lance Taylor <iant@google.com>
gopherbot pushed a commit that referenced this issue Aug 25, 2023
@panjf2000 @gopherbot
[release-branch.go1.21] encoding/gob: prevent panic from index out of…
745b81b 
… range in Decoder.typeString

I believe this bug is introduced by CL 460543 which optimizes the allocations
by changing the type of `idToType` from map to slice, but didn't update the
access code in `Decoder.typeString` that is safe for map but not for slice.

For #62117
Fixes #62154

Change-Id: I0f2e4cc2f34c54dada1f83458ba512a6fde6dcbe
Reviewed-on: https://go-review.googlesource.com/c/go/+/520757
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Run-TryBot: Andy Pan <panjf2000@gmail.com>
Auto-Submit: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Daniel Martí <mvdan@mvdan.cc>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Run-TryBot: Ian Lance Taylor <iant@google.com>
(cherry picked from commit ba626ac)
Reviewed-on: https://go-review.googlesource.com/c/go/+/521156
Run-TryBot: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Bryan Mills <bcmills@google.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@panjf2000 panjf2000

Labels
NeedsFix The path to resolution is known, but the work has not been done.
Projects
None yet
Milestone
Go1.22
Development

No branches or pull requests
4 participants
@dmitshur @panjf2000 @gopherbot @vkjon