checkptr has special case logic for recognizing the pattern (*[Big]T)(ptr)[:n:n]. In particular, instead of diagnosing whether (*[Big]T)(ptr) is an invalid conversion, it diagnoses (*[n]T)(ptr).
However, currently the checkptr instrumentation is inserted before the slice operation has validated n <= Big, so it's possible to have false positive throws in cases that should just be panics.
For example:
package main
import "unsafe"
func main() {
s := make([]int64, 100)
p := unsafe.Pointer(&s[0])
n := 1000
_ = (*[10]int64)(p)[:n:n] // throws; should just panic
}
This issue has existed since checkptr's inclusion in Go 1.14, and I'm not aware of any user reports about it. It's also easy to workaround.
Marking for Go 1.18.
checkptr has special case logic for recognizing the pattern
(*[Big]T)(ptr)[:n:n]. In particular, instead of diagnosing whether(*[Big]T)(ptr)is an invalid conversion, it diagnoses(*[n]T)(ptr).However, currently the checkptr instrumentation is inserted before the slice operation has validated
n <= Big, so it's possible to have false positive throws in cases that should just be panics.For example:
This issue has existed since checkptr's inclusion in Go 1.14, and I'm not aware of any user reports about it. It's also easy to workaround.
Marking for Go 1.18.