see the [runtime documentation](/pkg/runtime#hdr-Environment_Variables)
and the [go command documentation](/cmd/go#hdr-Build_and_test_caching).
+### Go 1.23
+
+Go 1.23 changed the mode bits reported by [`os.Lstat`](/pkg/os#Lstat) and [`os.Stat`](/pkg/os#Stat)
+for reparse points, which can be controlled with the `winsymlink` setting.
+As of Go 1.23 (`winsymlink=1`), mount points no longer have [`os.ModeSymlink`](/pkg/os#ModeSymlink)
+set, and reparse points that are not symlinks, Unix sockets, or dedup files now
+always have [`os.ModeIrregular`](/pkg/os#ModeIrregular) set. As a result of these changes,
+[`filepath.EvalSymlinks`](/pkg/path/filepath#EvalSymlinks) no longer evaluates
+mount points, which was a source of many inconsistencies and bugs.
+At previous versions (`winsymlink=0`), mount points are treated as symlinks,
+and other reparse points with non-default [`os.ModeType`](/pkg/os#ModeType) bits
+(such as [`os.ModeDir`](/pkg/os#ModeDir)) do not have the `ModeIrregular` bit set.
+
### Go 1.22
Go 1.22 adds a configurable limit to control the maximum acceptable RSA key size
--- /dev/null
+On Windows, the mode bits reported by [`os.Lstat`](/pkg/os#Lstat) and [`os.Stat`](/pkg/os#Stat)
+for reparse points changed. Mount points no longer have [`os.ModeSymlink`](/pkg/os#ModeSymlink) set,
+and reparse points that are not symlinks, Unix sockets, or dedup files now
+always have [`os.ModeIrregular`](/pkg/os#ModeIrregular) set.
+This behavior is controlled by the `winsymlink` setting.
+For Go 1.23, it defaults to `winsymlink=1`.
+Previous versions default to `winsymlink=0`.
--- /dev/null
+On Windows, [`filepath.EvalSymlinks`](/pkg/path/filepath#EvalSymlinks) no longer evaluates
+mount points, which was a source of many inconsistencies and bugs.
+This behavior is controlled by the `winsymlink` setting.
+For Go 1.23, it defaults to `winsymlink=1`.
+Previous versions default to `winsymlink=0`.
{Name: "tlsmaxrsasize", Package: "crypto/tls"},
{Name: "tlsrsakex", Package: "crypto/tls", Changed: 22, Old: "1"},
{Name: "tlsunsafeekm", Package: "crypto/tls", Changed: 22, Old: "1"},
+ {Name: "winsymlink", Package: "os", Changed: 22, Old: "0"},
{Name: "x509sha1", Package: "crypto/x509"},
{Name: "x509usefallbackroots", Package: "crypto/x509"},
{Name: "x509usepolicies", Package: "crypto/x509"},
import (
"errors"
"fmt"
+ "internal/godebug"
"internal/poll"
"internal/syscall/windows"
"internal/syscall/windows/registry"
"unsafe"
)
+var winsymlink = godebug.New("winsymlink")
+
// For TestRawConnReadWrite.
type syscallDescriptor = syscall.Handle
}
type dirLinkTest struct {
- name string
- mklink func(link, target string) error
- issueNo int // correspondent issue number (for broken tests)
+ name string
+ mklink func(link, target string) error
+ issueNo int // correspondent issue number (for broken tests)
+ isMountPoint bool
}
func testDirLinks(t *testing.T, tests []dirLinkTest) {
t.Errorf("failed to stat link %v: %v", link, err)
continue
}
- if !fi1.IsDir() {
- t.Errorf("%q should be a directory", link)
+ if tp := fi1.Mode().Type(); tp != fs.ModeDir {
+ t.Errorf("Stat(%q) is type %v; want %v", link, tp, fs.ModeDir)
continue
}
if fi1.Name() != filepath.Base(link) {
t.Errorf("failed to lstat link %v: %v", link, err)
continue
}
- if m := fi2.Mode(); m&fs.ModeSymlink == 0 {
- t.Errorf("%q should be a link, but is not (mode=0x%x)", link, uint32(m))
- continue
+ var wantType fs.FileMode
+ if test.isMountPoint && winsymlink.Value() != "0" {
+ // Mount points are reparse points, and we no longer treat them as symlinks.
+ wantType = fs.ModeIrregular
+ } else {
+ // This is either a real symlink, or a mount point treated as a symlink.
+ wantType = fs.ModeSymlink
}
- if m := fi2.Mode(); m&fs.ModeDir != 0 {
- t.Errorf("%q should be a link, not a directory (mode=0x%x)", link, uint32(m))
- continue
+ if tp := fi2.Mode().Type(); tp != wantType {
+ t.Errorf("Lstat(%q) is type %v; want %v", link, tp, fs.ModeDir)
}
}
}
var tests = []dirLinkTest{
{
// Create link similar to what mklink does, by inserting \??\ at the front of absolute target.
- name: "standard",
+ name: "standard",
+ isMountPoint: true,
mklink: func(link, target string) error {
var t reparseData
t.addSubstituteName(`\??\` + target)
},
{
// Do as junction utility https://learn.microsoft.com/en-us/sysinternals/downloads/junction does - set PrintNameLength to 0.
- name: "have_blank_print_name",
+ name: "have_blank_print_name",
+ isMountPoint: true,
mklink: func(link, target string) error {
var t reparseData
t.addSubstituteName(`\??\` + target)
if mklinkSupportsJunctionLinks {
tests = append(tests,
dirLinkTest{
- name: "use_mklink_cmd",
+ name: "use_mklink_cmd",
+ isMountPoint: true,
mklink: func(link, target string) error {
output, err := testenv.Command(t, "cmd", "/c", "mklink", "/J", link, target).CombinedOutput()
if err != nil {
if lfi.Name() != pythonExeName {
t.Errorf("Stat %s: got %q, but wanted %q", pythonPath, lfi.Name(), pythonExeName)
}
- if m := lfi.Mode(); m&fs.ModeSymlink != 0 {
- t.Errorf("%q should be a file, not a link (mode=0x%x)", pythonPath, uint32(m))
- }
- if m := lfi.Mode(); m&fs.ModeDir != 0 {
- t.Errorf("%q should be a file, not a directory (mode=0x%x)", pythonPath, uint32(m))
- }
- if m := lfi.Mode(); m&fs.ModeIrregular == 0 {
+ if tp := lfi.Mode().Type(); tp != fs.ModeIrregular {
// A reparse point is not a regular file, but we don't have a more appropriate
// ModeType bit for it, so it should be marked as irregular.
- t.Errorf("%q should not be a regular file (mode=0x%x)", pythonPath, uint32(m))
+ t.Errorf("%q should not be a an irregular file (mode=0x%x)", pythonPath, uint32(tp))
}
if sfi.Name() != pythonExeName {
package os
import (
+ "internal/godebug"
"internal/syscall/windows"
"sync"
"syscall"
// and https://learn.microsoft.com/en-us/windows/win32/fileio/reparse-point-tags.
func (fs *fileStat) isReparseTagNameSurrogate() bool {
// True for IO_REPARSE_TAG_SYMLINK and IO_REPARSE_TAG_MOUNT_POINT.
- return fs.ReparseTag&0x20000000 != 0
-}
-
-func (fs *fileStat) isSymlink() bool {
- // As of https://go.dev/cl/86556, we treat MOUNT_POINT reparse points as
- // symlinks because otherwise certain directory junction tests in the
- // path/filepath package would fail.
- //
- // However,
- // https://learn.microsoft.com/en-us/windows/win32/fileio/hard-links-and-junctions
- // seems to suggest that directory junctions should be treated like hard
- // links, not symlinks.
- //
- // TODO(bcmills): Get more input from Microsoft on what the behavior ought to
- // be for MOUNT_POINT reparse points.
-
- return fs.ReparseTag == syscall.IO_REPARSE_TAG_SYMLINK ||
- fs.ReparseTag == windows.IO_REPARSE_TAG_MOUNT_POINT
+ return fs.FileAttributes&syscall.FILE_ATTRIBUTE_REPARSE_POINT != 0 && fs.ReparseTag&0x20000000 != 0
}
func (fs *fileStat) Size() int64 {
return int64(fs.FileSizeHigh)<<32 + int64(fs.FileSizeLow)
}
+var winsymlink = godebug.New("winsymlink")
+
func (fs *fileStat) Mode() (m FileMode) {
+ if winsymlink.Value() == "0" {
+ return fs.modePreGo1_23()
+ }
+ if fs.FileAttributes&syscall.FILE_ATTRIBUTE_READONLY != 0 {
+ m |= 0444
+ } else {
+ m |= 0666
+ }
+
+ // Windows reports the FILE_ATTRIBUTE_DIRECTORY bit for reparse points
+ // that refer to directories, such as symlinks and mount points.
+ // However, we follow symlink POSIX semantics and do not set the mode bits.
+ // This allows users to walk directories without following links
+ // by just calling "fi, err := os.Lstat(name); err == nil && fi.IsDir()".
+ // Note that POSIX only defines the semantics for symlinks, not for
+ // mount points or other surrogate reparse points, but we treat them
+ // the same way for consistency. Also, mount points can contain infinite
+ // loops, so it is not safe to walk them without special handling.
+ if !fs.isReparseTagNameSurrogate() {
+ if fs.FileAttributes&syscall.FILE_ATTRIBUTE_DIRECTORY != 0 {
+ m |= ModeDir | 0111
+ }
+
+ switch fs.filetype {
+ case syscall.FILE_TYPE_PIPE:
+ m |= ModeNamedPipe
+ case syscall.FILE_TYPE_CHAR:
+ m |= ModeDevice | ModeCharDevice
+ }
+ }
+
+ if fs.FileAttributes&syscall.FILE_ATTRIBUTE_REPARSE_POINT != 0 {
+ switch fs.ReparseTag {
+ case syscall.IO_REPARSE_TAG_SYMLINK:
+ m |= ModeSymlink
+ case windows.IO_REPARSE_TAG_AF_UNIX:
+ m |= ModeSocket
+ case windows.IO_REPARSE_TAG_DEDUP:
+ // If the Data Deduplication service is enabled on Windows Server, its
+ // Optimization job may convert regular files to IO_REPARSE_TAG_DEDUP
+ // whenever that job runs.
+ //
+ // However, DEDUP reparse points remain similar in most respects to
+ // regular files: they continue to support random-access reads and writes
+ // of persistent data, and they shouldn't add unexpected latency or
+ // unavailability in the way that a network filesystem might.
+ //
+ // Go programs may use ModeIrregular to filter out unusual files (such as
+ // raw device files on Linux, POSIX FIFO special files, and so on), so
+ // to avoid files changing unpredictably from regular to irregular we will
+ // consider DEDUP files to be close enough to regular to treat as such.
+ default:
+ m |= ModeIrregular
+ }
+ }
+ return
+}
+
+// modePreGo1_23 returns the FileMode for the fileStat, using the pre-Go 1.23
+// logic for determining the file mode.
+// The logic is subtle and not well-documented, so it is better to keep it
+// separate from the new logic.
+func (fs *fileStat) modePreGo1_23() (m FileMode) {
if fs.FileAttributes&syscall.FILE_ATTRIBUTE_READONLY != 0 {
m |= 0444
} else {
m |= 0666
}
- if fs.isSymlink() {
+ if fs.ReparseTag == syscall.IO_REPARSE_TAG_SYMLINK ||
+ fs.ReparseTag == windows.IO_REPARSE_TAG_MOUNT_POINT {
return m | ModeSymlink
}
if fs.FileAttributes&syscall.FILE_ATTRIBUTE_DIRECTORY != 0 {
}
if m&ModeType == 0 {
if fs.ReparseTag == windows.IO_REPARSE_TAG_DEDUP {
- // If the Data Deduplication service is enabled on Windows Server, its
- // Optimization job may convert regular files to IO_REPARSE_TAG_DEDUP
- // whenever that job runs.
- //
- // However, DEDUP reparse points remain similar in most respects to
- // regular files: they continue to support random-access reads and writes
- // of persistent data, and they shouldn't add unexpected latency or
- // unavailability in the way that a network filesystem might.
- //
- // Go programs may use ModeIrregular to filter out unusual files (such as
- // raw device files on Linux, POSIX FIFO special files, and so on), so
- // to avoid files changing unpredictably from regular to irregular we will
- // consider DEDUP files to be close enough to regular to treat as such.
+ // See comment in fs.Mode.
} else {
m |= ModeIrregular
}
}
}
}
+
+func TestEvalSymlinksTooManyLinks(t *testing.T) {
+ testenv.MustHaveSymlink(t)
+ dir := filepath.Join(t.TempDir(), "dir")
+ err := os.Symlink(dir, dir)
+ if err != nil {
+ t.Fatal(err)
+ }
+ _, err = filepath.EvalSymlinks(dir)
+ if err == nil {
+ t.Fatal("expected error, got nil")
+ }
+}
import (
"flag"
"fmt"
+ "internal/godebug"
"internal/testenv"
"io/fs"
"os"
testWalkMklink(t, "D")
}
+func createMountPartition(t *testing.T, vhd string, args string) []byte {
+ testenv.MustHaveExecPath(t, "powershell")
+ t.Cleanup(func() {
+ cmd := testenv.Command(t, "powershell", "-Command", fmt.Sprintf("Dismount-VHD %q", vhd))
+ out, err := cmd.CombinedOutput()
+ if err != nil {
+ if t.Skipped() {
+ // Probably failed to dismount because we never mounted it in
+ // the first place. Log the error, but ignore it.
+ t.Logf("%v: %v (skipped)\n%s", cmd, err, out)
+ } else {
+ // Something went wrong, and we don't want to leave dangling VHDs.
+ // Better to fail the test than to just log the error and continue.
+ t.Errorf("%v: %v\n%s", cmd, err, out)
+ }
+ }
+ })
+
+ script := filepath.Join(t.TempDir(), "test.ps1")
+ cmd := strings.Join([]string{
+ "$ErrorActionPreference = \"Stop\"",
+ fmt.Sprintf("$vhd = New-VHD -Path %q -SizeBytes 3MB -Fixed", vhd),
+ "$vhd | Mount-VHD",
+ fmt.Sprintf("$vhd = Get-VHD %q", vhd),
+ "$vhd | Get-Disk | Initialize-Disk -PartitionStyle GPT",
+ "$part = $vhd | Get-Disk | New-Partition -UseMaximumSize -AssignDriveLetter:$false",
+ "$vol = $part | Format-Volume -FileSystem NTFS",
+ args,
+ }, "\n")
+
+ err := os.WriteFile(script, []byte(cmd), 0666)
+ if err != nil {
+ t.Fatal(err)
+ }
+ output, err := testenv.Command(t, "powershell", "-File", script).CombinedOutput()
+ if err != nil {
+ // This can happen if Hyper-V is not installed or enabled.
+ t.Skip("skipping test because failed to create VHD: ", err, string(output))
+ }
+ return output
+}
+
+var winsymlink = godebug.New("winsymlink")
+
+func TestEvalSymlinksJunctionToVolumeID(t *testing.T) {
+ // Test that EvalSymlinks resolves a directory junction which
+ // is mapped to volumeID (instead of drive letter). See go.dev/issue/39786.
+ if winsymlink.Value() == "0" {
+ t.Skip("skipping test because winsymlink is not enabled")
+ }
+ t.Parallel()
+
+ output, _ := exec.Command("cmd", "/c", "mklink", "/?").Output()
+ if !strings.Contains(string(output), " /J ") {
+ t.Skip("skipping test because mklink command does not support junctions")
+ }
+
+ tmpdir := tempDirCanonical(t)
+ vhd := filepath.Join(tmpdir, "Test.vhdx")
+ output = createMountPartition(t, vhd, "Write-Host $vol.Path -NoNewline")
+ vol := string(output)
+
+ dirlink := filepath.Join(tmpdir, "dirlink")
+ output, err := testenv.Command(t, "cmd", "/c", "mklink", "/J", dirlink, vol).CombinedOutput()
+ if err != nil {
+ t.Fatalf("failed to run mklink %v %v: %v %q", dirlink, vol, err, output)
+ }
+ got, err := filepath.EvalSymlinks(dirlink)
+ if err != nil {
+ t.Fatal(err)
+ }
+ if got != dirlink {
+ t.Errorf(`EvalSymlinks(%q): got %q, want %q`, dirlink, got, dirlink)
+ }
+}
+
+func TestEvalSymlinksMountPointRecursion(t *testing.T) {
+ // Test that EvalSymlinks doesn't follow recursive mount points.
+ // See go.dev/issue/40176.
+ if winsymlink.Value() == "0" {
+ t.Skip("skipping test because winsymlink is not enabled")
+ }
+ t.Parallel()
+
+ tmpdir := tempDirCanonical(t)
+ dirlink := filepath.Join(tmpdir, "dirlink")
+ err := os.Mkdir(dirlink, 0755)
+ if err != nil {
+ t.Fatal(err)
+ }
+
+ vhd := filepath.Join(tmpdir, "Test.vhdx")
+ createMountPartition(t, vhd, fmt.Sprintf("$part | Add-PartitionAccessPath -AccessPath %q\n", dirlink))
+
+ got, err := filepath.EvalSymlinks(dirlink)
+ if err != nil {
+ t.Fatal(err)
+ }
+ if got != dirlink {
+ t.Errorf(`EvalSymlinks(%q): got %q, want %q`, dirlink, got, dirlink)
+ }
+}
+
func TestNTNamespaceSymlink(t *testing.T) {
output, _ := exec.Command("cmd", "/c", "mklink", "/?").Output()
if !strings.Contains(string(output), " /J ") {
if err != nil {
t.Fatal(err)
}
- if want := vol + `\`; got != want {
+ var want string
+ if winsymlink.Value() == "0" {
+ want = vol + `\`
+ } else {
+ want = dirlink
+ }
+ if got != want {
t.Errorf(`EvalSymlinks(%q): got %q, want %q`, dirlink, got, want)
}
t.Fatal(err)
}
- target += file[len(filepath.VolumeName(file)):]
+ target = filepath.Join(target, file[len(filepath.VolumeName(file)):])
filelink := filepath.Join(tmpdir, "filelink")
output, err = exec.Command("cmd", "/c", "mklink", filelink, target).CombinedOutput()
if err != nil {
t.Fatal(err)
}
- if want := file; got != want {
+ want = file
+ if got != want {
t.Errorf(`EvalSymlinks(%q): got %q, want %q`, filelink, got, want)
}
}
The number of non-default behaviors executed by the crypto/tls
package due to a non-default GODEBUG=tlsunsafeekm=... setting.
+ /godebug/non-default-behavior/winsymlink:events
+ The number of non-default behaviors executed by the os package
+ due to a non-default GODEBUG=winsymlink=... setting.
+
/godebug/non-default-behavior/x509sha1:events
The number of non-default behaviors executed by the crypto/x509
package due to a non-default GODEBUG=x509sha1=... setting.