go: cmd/vet: "possible misuse of unsafe.Pointer" check false positive rate may be too high

What version of Go are you using (`go version`)?

$ go version
go version go1.15 darwin/amd64

Does this issue reproduce with the latest release?

What operating system and processor architecture are you using (`go env`)?

go env Output

$ go env
GO111MODULE=""
GOARCH="amd64"
GOBIN=""
GOCACHE="/Users/hajimehoshi/Library/Caches/go-build"
GOENV="/Users/hajimehoshi/Library/Application Support/go/env"
GOEXE=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="darwin"
GOINSECURE=""
GOMODCACHE="/Users/hajimehoshi/go/pkg/mod"
GONOPROXY=""
GONOSUMDB=""
GOOS="darwin"
GOPATH="/Users/hajimehoshi/go"
GOPRIVATE=""
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/usr/local/go"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/usr/local/go/pkg/tool/darwin_amd64"
GCCGO="gccgo"
AR="ar"
CC="clang"
CXX="clang++"
CGO_ENABLED="1"
GOMOD="/Users/hajimehoshi/ebiten/go.mod"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fno-caret-diagnostics -Qunused-arguments -fmessage-length=0 -fdebug-prefix-map=/var/folders/60/khbk2xqn1c5bml1byjn89dwc0000gn/T/go-build111042416=/tmp/go-build -gno-record-gcc-switches -fno-common"

What did you do?

mkdir tmp
cd tmp
go mod init foo
GOOS=windows go vet golang.org/x/sys/windows

What did you expect to see?

No warnings

What did you see instead?

$ GOOS=windows go vet golang.org/x/sys/windows
go: finding module for package golang.org/x/sys/windows
go: found golang.org/x/sys/windows in golang.org/x/sys v0.0.0-20200831180312-196b9ba8737a
# golang.org/x/sys/windows
../go/pkg/mod/golang.org/x/sys@v0.0.0-20200831180312-196b9ba8737a/windows/env_windows.go:42:39: possible misuse of unsafe.Pointer
../go/pkg/mod/golang.org/x/sys@v0.0.0-20200831180312-196b9ba8737a/windows/zsyscall_windows.go:1412:19: possible misuse of unsafe.Pointer
../go/pkg/mod/golang.org/x/sys@v0.0.0-20200831180312-196b9ba8737a/windows/zsyscall_windows.go:1547:18: possible misuse of unsafe.Pointer
../go/pkg/mod/golang.org/x/sys@v0.0.0-20200831180312-196b9ba8737a/windows/zsyscall_windows.go:1553:32: possible misuse of unsafe.Pointer
../go/pkg/mod/golang.org/x/sys@v0.0.0-20200831180312-196b9ba8737a/windows/zsyscall_windows.go:1809:27: possible misuse of unsafe.Pointer
../go/pkg/mod/golang.org/x/sys@v0.0.0-20200831180312-196b9ba8737a/windows/zsyscall_windows.go:1863:27: possible misuse of unsafe.Pointer
../go/pkg/mod/golang.org/x/sys@v0.0.0-20200831180312-196b9ba8737a/windows/zsyscall_windows.go:3114:17: possible misuse of unsafe.Pointer
../go/pkg/mod/golang.org/x/sys@v0.0.0-20200831180312-196b9ba8737a/windows/zsyscall_windows.go:3141:17: possible misuse of unsafe.Pointer
../go/pkg/mod/golang.org/x/sys@v0.0.0-20200831180312-196b9ba8737a/windows/zsyscall_windows.go:3169:18: possible misuse of unsafe.Pointer
../go/pkg/mod/golang.org/x/sys@v0.0.0-20200831180312-196b9ba8737a/windows/zsyscall_windows.go:3453:40: possible misuse of unsafe.Pointer
../go/pkg/mod/golang.org/x/sys@v0.0.0-20200831180312-196b9ba8737a/windows/zsyscall_windows.go:3459:19: possible misuse of unsafe.Pointer
../go/pkg/mod/golang.org/x/sys@v0.0.0-20200831180312-196b9ba8737a/windows/zsyscall_windows.go:3465:27: possible misuse of unsafe.Pointer

About this issue

Original URL
State: open
Created 4 years ago
Reactions: 1
Comments: 16 (9 by maintainers)

Commits related to this issue

Drop "go vet" from CI due to false positives See golang/go#41205 — committed to FiloSottile/mkcert by FiloSottile 2 years ago
Bump baseline Go versions to 1.18. Update actions to v3. Go vet is commented out due to false positives in golang/go#41205. PiperOrigin-RevId: 492508300 — committed to google/certtostore by ItsMattL 2 years ago
Bump baseline Go versions to 1.18. Update actions to v3. Go vet is commented out due to false positives in golang/go#41205. PiperOrigin-RevId: 492508300 — committed to google/certtostore by ItsMattL 2 years ago
Bump baseline Go versions to 1.18. Update actions to v3. Go vet is commented out due to false positives in golang/go#41205. PiperOrigin-RevId: 492508300 — committed to google/certtostore by ItsMattL 2 years ago
Bump baseline Go versions to 1.18. Update actions to v3. Go vet is commented out due to false positives in golang/go#41205. PiperOrigin-RevId: 493685245 — committed to google/certtostore by ItsMattL 2 years ago
unix: add missing address operator in initxattrdest The purpose of the _zero variable is to provide a valid address for a pointer to an array of length zero. All other uses of the variable take its a... — committed to golang/sys by bcmills a year ago
unix: fix a use-after-free bug in PtraceIO on freebsd In CL 419915, both pointer fields of the PtraceIoDesc struct were converted to type uintptr to address golang/go#54113. However, that change was... — committed to golang/sys by bcmills a year ago
windows: use unsafe.Add instead of pointer arithmetic on a uintptr The existing uintptr arithmetic is arguably valid because the environment block is not located within the Go heap (see golang/go#586... — committed to golang/sys by bcmills a year ago

Most upvoted comments

I think there’s still an issue. As we have already known these (uintptr usages of Syscall) are detected as false positives, the unsafe.Pointer rule and go-vet should be updated. Based on the vet’s documentation, the rate of false positive (and negative) must be very small, right?

hajimehoshi on Sep 4, 2020

Note that the current very-high-confidence vet checks are already enabled during go test. In the long term we are working toward enabling all of them, once they are high enough confidence. This one in particular we may adjust or may just never enable. But for CI purposes, I would suggest that you rely on “go test”.

rsc on Sep 15, 2020

go-vet’s false positive happens not only on x/sys/windows but also on my library using Syscall. IIUC, as Syscall returns uintptr, it is impossible to use them as a pointer without violating the unsafe.Pointer rule (is that correct?).

Now I cannot run go-vet for my library on Windows CI due to this issue. I’d be happy if go-vet could avoid such false positives.

hajimehoshi on Sep 3, 2020

The check is “possible misuse of unsafe.Pointer”, not “misuse of unsafe.Pointer”. Based on Russ’s comment, I understand there is no actual misuse of unsafe.Pointer in the golang.org/x/sys/windows package.

I’ll retitle this to be about cmd/vet then, but I agree this may be working as intended. The presence of a “possible …” check in vet is incompatible with running in CI systems such that any trigger fails the build.

dmitshur on Sep 3, 2020