crypto/tls: support bogo -wait-for-debugger

When this command line flag is provided to the BoGo runner it will:

* Disable some timeouts
* Limit concurrency to 1 worker at a time
* Pass the -wait-for-debugger flag to the shim process
* Print the PID of the shim process to status output

On the shim-side, we need to react to -wait-for-debugger by sending
ourselves a SIGSTOP signal. When a debugger attaches to the shim the
process will be resumed.

This makes it possible to debug both the runner side and the shim side
of a BoGo interaction without resorting to print style debugging.

Since SIGSTOP is not a signal we can use on Windows this functionality
is limited to unix builds.

Updates #72006

Change-Id: Iafa08cf71830cdfde3e6ee4826914236e3cd7e57
Reviewed-on: https://go-review.googlesource.com/c/go/+/650737
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Junyang Shao <shaojunyang@google.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>

diff --git a/src/crypto/tls/bogo_shim_notunix_test.go b/src/crypto/tls/bogo_shim_notunix_test.go
new file mode 100644 (file)
index 0000000..2dcb5c0
--- /dev/null
+++ b/src/crypto/tls/bogo_shim_notunix_test.go
@@ -0,0 +1,11 @@
+// Copyright 2025 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !unix || wasm
+
+package tls
+
+func pauseProcess() {
+       panic("-wait-for-debugger not supported on this OS")
+}

diff --git a/src/crypto/tls/bogo_shim_test.go b/src/crypto/tls/bogo_shim_test.go
index 569e627373695a0866c6b00ed967034f2d38218c..25367eef615bec98804ebb382e4ba87523dec365 100644 (file)
--- a/src/crypto/tls/bogo_shim_test.go
+++ b/src/crypto/tls/bogo_shim_test.go
@@ -98,6 +98,8 @@ var (
 
        verifyPeer = flag.Bool("verify-peer", false, "")
        _          = flag.Bool("use-custom-verify-callback", false, "")
+
+       waitForDebugger = flag.Bool("wait-for-debugger", false, "")
 )
 
 type stringSlice []string
@@ -309,6 +311,12 @@ func bogoShim() {
                        }
                }
 
+               // If we were instructed to wait for a debugger, then send SIGSTOP to ourselves.
+               // When the debugger attaches it will continue the process.
+               if *waitForDebugger {
+                       pauseProcess()
+               }
+
                for {
                        buf := make([]byte, 500)
                        var n int

diff --git a/src/crypto/tls/bogo_shim_unix_test.go b/src/crypto/tls/bogo_shim_unix_test.go
new file mode 100644 (file)
index 0000000..3b5f5f9
--- /dev/null
+++ b/src/crypto/tls/bogo_shim_unix_test.go
@@ -0,0 +1,18 @@
+// Copyright 2025 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build unix && !wasm
+
+package tls
+
+import (
+       "os"
+       "syscall"
+)
+
+func pauseProcess() {
+       pid := os.Getpid()
+       process, _ := os.FindProcess(pid)
+       process.Signal(syscall.SIGSTOP)
+}