Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fatal error: checkptr: pointer arithmetic result points to invalid allocation #34

Open
XuHuaiyu opened this issue Oct 26, 2021 · 4 comments

Comments

@XuHuaiyu
Copy link

related issue: pingcap/tidb#29086

We got the following error when running go test -race on Go1.15 and go test -race -d=checkptr on Go1.13. Does anyone know why this happens?

fatal error: checkptr: pointer arithmetic result points to invalid allocation

goroutine 1052 [running]:
runtime.throw(0x44c01fb, 0x40)
	/root/go/src/runtime/panic.go:1116 +0x72 fp=0xc000c9fc70 sp=0xc000c9fc40 pc=0x10e8892
runtime.checkptrArithmetic(0xc000c9fd78, 0x0, 0x0, 0x0)
	/root/go/src/runtime/checkptr.go:43 +0xbe fp=0xc000c9fca0 sp=0xc000c9fc70 pc=0x10b755e
github.com/spaolacci/murmur3.Sum32WithSeed(0xc000c9fd78, 0x14, 0x20, 0xc000000000, 0x14)
	/root/go/pkg/mod/github.com/spaolacci/murmur3@v1.1.0/murmur32.go:129 +0x8a fp=0xc000c9fd08 sp=0xc000c9fca0 pc=0x29cbe0a
github.com/spaolacci/murmur3.Sum32(...)
@fracasula
Copy link

Same here with go 1.18

fatal error: checkptr: pointer arithmetic result points to invalid allocation

goroutine 619 [running]:
runtime.throw({0x2bf0282?, 0x4a08f9?})
        /usr/local/go/src/runtime/panic.go:992 +0x71 fp=0xc001876b68 sp=0xc001876b38 pc=0x469d71
runtime.checkptrArithmetic(0x0?, {0x0, 0x0, 0x0?})
        /usr/local/go/src/runtime/checkptr.go:69 +0xaa fp=0xc001876b98 sp=0xc001876b68 pc=0x43a40a
github.com/spaolacci/murmur3.Sum32WithSeed({0xc001876cc0, 0x11, 0x20}, 0x0)
        /home/francesco/go/pkg/mod/github.com/spaolacci/murmur3@v1.1.0/murmur32.go:129 +0x90 fp=0xc001876c00 sp=0xc001876b98 pc=0x23d7b90
github.com/spaolacci/murmur3.Sum32(...)
        /home/francesco/go/pkg/mod/github.com/spaolacci/murmur3@v1.1.0/murmur32.go:111
github.com/rudderlabs/rudder-server/services/pgnotifier.(*PgNotifierT).RunMaintenanceWorker(0x49337c0, {0x39f0c10, 0xc00095e280})
        /home/francesco/Code/rudderstack/rudder-server/services/pgnotifier/pgnotifier.go:427 +0x8c fp=0xc001876e60 sp=0xc001876c00 pc=0x23dd42c

https://github.com/rudderlabs/rudder-server/blob/ae46b0443dc4ef5c094c0f96842db1e9ef45a4da/services/pgnotifier/pgnotifier.go#L427

@slingamn
Copy link

Here's the offending line:

k1 := *(*uint32)(unsafe.Pointer(p))

My understanding of the issue: the sanitizer expects that an unsafe.Pointer should be valid for a full word-sized read. So on a 64-bit arch, a word is 8 bytes long, so when processing the last 4-byte block of the buffer, the 8 bytes starting from the unsafe.Pointer extend 4 bytes past the end of the buffer (even though only the first four bytes will be read, since the unsafe.Pointer is immediately cast to *uint32). So this is a false positive.

The cleanest thing would be to use binary.LittleEndian.Uint32 in place of pointer arithmetic here, but it imposes a slowdown (maybe 20%). I'm surprised the compiler isn't better at handling this...

@mec07
Copy link

mec07 commented Nov 21, 2022

I'm getting the same issue. Here is a really simple test to reproduce it (I'm running golang version 1.19):

package tmp_test

import (
        "testing"

        "github.com/spaolacci/murmur3"
)

func TestMurmur3(t *testing.T) {
        _ = murmur3.Sum32([]byte("deadletter"))
}

@sheregeda
Copy link

Do you have any updates?

See #29 (comment)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

5 participants