Austin Clements [Thu, 20 Mar 2025 16:16:17 +0000 (12:16 -0400)]
[release-branch.go1.24] testing: detect a stopped timer in B.Loop
Currently, if the user stops the timer in a B.Loop benchmark loop, the
benchmark will run until it hits the timeout and fails.
Fix this by detecting that the timer is stopped and failing the
benchmark right away. We avoid making the fast path more expensive for
this check by "poisoning" the B.Loop iteration counter when the timer
is stopped so that it falls back to the slow path, which can check the
timer.
This causes b to escape from B.Loop, which is totally harmless because
it was already definitely heap-allocated. But it causes the
test/inline_testingbloop.go errorcheck test to fail. I don't think the
escape messages actually mattered to that test, they just had to be
matched. To fix this, we drop the debug level to -m=1, since -m=2
prints a lot of extra information for escaping parameters that we
don't want to deal with, and change one error check to allow b to
escape.
Austin Clements [Thu, 20 Mar 2025 14:26:54 +0000 (10:26 -0400)]
[release-branch.go1.24] testing: detect early return from B.Loop
Currently, if a benchmark function returns prior to B.Loop() returning
false, we'll report a bogus result. While there was no way to detect
this with b.N-style benchmarks, one way b.Loop()-style benchmarks are
more robust is that we *can* detect it.
This CL adds a flag to B that tracks if B.Loop() has finished and
checks it after the benchmark completes. If there was an early exit
(not caused by another error), it reports a B.Error.
For #72974.
Change-Id: I731c1350e6df938c0ffa08fcedc11dc147e78854
Reviewed-on: https://go-review.googlesource.com/c/go/+/659656
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Austin Clements <austin@google.com> Reviewed-by: Michael Pratt <mpratt@google.com> Reviewed-by: Junyang Shao <shaojunyang@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/660557
Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
Austin Clements [Wed, 19 Mar 2025 15:46:41 +0000 (11:46 -0400)]
[release-branch.go1.24] testing: separate b.Loop counter from b.N
Currently, b.Loop uses b.N as the iteration count target. However,
since it updates the target as it goes, the behavior is quite
different from a b.N-style benchmark. To avoid user confusion, this CL
gives b.Loop a separate, unexported iteration count target. It ensures
b.N is 0 within the b.Loop loop to help catch misuses, and commits the
final iteration count to b.N only once the loop is done (as the
documentation states "After Loop returns false, b.N contains the total
number of iterations that ran, so the benchmark may use b.N to compute
other average metrics.")
Since there are now two variables used by b.Loop, we put them in an
unnamed struct. Also, we rename b.loopN to b.loop.i because this
variable tracks the current iteration index (conventionally "i"), not
the target (conventionally "n").
Unfortunately, a simple renaming causes B.Loop to be too large for the
inliner. Thus, we make one simplification to B.Loop to keep it under
the threshold. We're about to lean into that simplification anyway in
a follow-up CL, so this is just temporary.
Michael Pratt [Mon, 17 Mar 2025 12:11:42 +0000 (12:11 +0000)]
[release-branch.go1.24] runtime: skip TestCgoCallbackPprof on platforms with broken profiling
CL 658035 added TestCgoCallbackPprof, which is consistently failing on
solaris. runtime/pprof maintains a list of platforms where CPU profiling
does not work properly. Since this test requires CPU profiling, skip the
this test on those platforms.
For #72870.
For #72876.
For #72872.
Change-Id: I6a6a636cbf6b16abcbba8771178fe1d001be9d9b
Reviewed-on: https://go-review.googlesource.com/c/go/+/658415
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Michael Pratt <mpratt@google.com> Reviewed-by: Michael Knyszek <mknyszek@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/658416
Auto-Submit: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Michael Pratt [Fri, 14 Mar 2025 14:50:25 +0000 (10:50 -0400)]
[release-branch.go1.24] runtime: only set isExtraInC if there are no Go frames left
mp.isExtraInC is intended to indicate that this M has no Go frames at
all; it is entirely executing in C.
If there was a cgocallback to Go and then a cgocall to C, such that the
leaf frames are C, that is fine. e.g., traceback can handle this fine
with SetCgoTraceback (or by simply skipping the C frames).
However, we currently mismanage isExtraInC, unconditionally setting it
on return from cgocallback. This means that if there are two levels of
cgocallback, we end up running Go code with isExtraInC set.
1. C-created thread calls into Go function 1 (via cgocallback).
2. Go function 1 calls into C function 1 (via cgocall).
3. C function 1 calls into Go function 2 (via cgocallback).
4. Go function 2 returns back to C function 1 (returning via the remainder of cgocallback).
5. C function 1 returns back to Go function 1 (returning via the remainder of cgocall).
6. Go function 1 is now running with mp.isExtraInC == true.
The fix is simple; only set isExtraInC on return from cgocallback if
there are no more Go frames. There can't be more Go frames unless there
is an active cgocall out of the Go frames.
For #72870.
Fixes #72872.
Cq-Include-Trybots: luci.golang.try:go1.24-linux-amd64-longtest
Change-Id: I6a6a636c4e7ba75a29639d7036c5af3738033467
Reviewed-on: https://go-review.googlesource.com/c/go/+/658035 Reviewed-by: Cherry Mui <cherryyz@google.com>
Commit-Queue: Michael Pratt <mpratt@google.com>
Auto-Submit: Michael Pratt <mpratt@google.com> Reviewed-by: Michael Knyszek <mknyszek@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
(cherry picked from commit 577bb3d0ce576b2ca311e58dd942f189838b80fc)
Reviewed-on: https://go-review.googlesource.com/c/go/+/658056
Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
Rob Findley [Fri, 7 Mar 2025 18:13:51 +0000 (18:13 +0000)]
[release-branch.go1.24] go/types,types2: allocate the used* maps in initFiles
As described in the associated comment, we need to reallocate usedVars
and usedPkgNames in initFiles, as they are nilled out at the end of
Checker.Files, which may be called multiple times.
For #72122
For #72826
Change-Id: I9f6eb86e072d9d43a8720f6a5e86d827de6006a9
Reviewed-on: https://go-review.googlesource.com/c/go/+/655437
Auto-Submit: Robert Findley <rfindley@google.com> Reviewed-by: Robert Griesemer <gri@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Alan Donovan <adonovan@google.com>
(cherry picked from commit fe9b292b11355af6b5f6e1d9247b88fa134657ed)
Reviewed-on: https://go-review.googlesource.com/c/go/+/657695
Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
TryBot-Bypass: Dmitri Shuralyov <dmitshur@google.com>
Rob Findley [Wed, 19 Feb 2025 22:07:09 +0000 (22:07 +0000)]
[release-branch.go1.24] go/types,types2: externalize used objects
The 'used' field on Var and PkgName is fundamentally an aspect of the
type checking pass: it records when objects are used, for the purposes
of reporting errors for unused variables or package names. While
expedient and performant, recording this information in the types.Object
instances themselves increases the memory footprint of type-checked
packages, and (as we saw in golang/go#71817) can lead to data races when
Objects are reused in follow-up type checking, such as is done with the
CheckExpr and Eval APIs.
Fix this by externalizing the 'used' information into two maps (one for
variables and one for packages) on the types.Checker, so that they are
garbage-collected after type checking, and cannot be a source of data
races.
Benchmarks showed essentially no change in performance.
For #72826
Change-Id: I40daeabe4ecaca3bcb494e2f1c62a04232098e49
Reviewed-on: https://go-review.googlesource.com/c/go/+/650796
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Robert Findley <rfindley@google.com> Reviewed-by: Robert Griesemer <gri@google.com>
(cherry picked from commit 9189921e4759055141b51fdbb8b7b69ee4fdd477)
Reviewed-on: https://go-review.googlesource.com/c/go/+/657675
Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
Jordan Liggitt [Wed, 19 Mar 2025 00:27:07 +0000 (20:27 -0400)]
[release-branch.go1.24] internal/godebugs: fix changed version for winsymlink and winreadlinkvolume to 1.23
https://go.dev/doc/godebug#go-123 documents changes to winsymlink and
winreadlinkvolume in Go 1.23.
This fixes the registered "changed" minor version to Go 1.23,
so that defaults when building a Go 1.22 module are correct.
Fixes #72938
Change-Id: I5d5bf31ca04f9e95208fb0fdaad2232f9db653ff
Reviewed-on: https://go-review.googlesource.com/c/go/+/659035
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
(cherry picked from commit 2e749a645a6d03c7ac11bb172c4591564061b29e)
Reviewed-on: https://go-review.googlesource.com/c/go/+/659036
Auto-Submit: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
Damien Neil [Wed, 26 Feb 2025 21:40:00 +0000 (13:40 -0800)]
[release-branch.go1.24] net/http: reject newlines in chunk-size lines
Unlike request headers, where we are allowed to leniently accept
a bare LF in place of a CRLF, chunked bodies must always use CRLF
line terminators. We were already enforcing this for chunk-data lines;
do so for chunk-size lines as well. Also reject bare CRs anywhere
other than as part of the CRLF terminator.
Fixes CVE-2025-22871
Fixes #72011
For #71988
Change-Id: Ib0e21af5a8ba28c2a1ca52b72af8e2265ec79e4a
Reviewed-on: https://go-review.googlesource.com/c/go/+/652998 Reviewed-by: Jonathan Amsterdam <jba@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
(cherry picked from commit d31c805535f3fde95646ee4d87636aaaea66847b)
Reviewed-on: https://go-review.googlesource.com/c/go/+/657056
Clone the input slice before adjusting NextProtos
to add or remove "http/1.1" and "h2" entries,
so as not to modify a slice that the caller might be using.
(We clone the tls.Config that contains the slice, but
that's a shallow clone.)
For #72100
Fixes #72103
Change-Id: I9f228b8fb6f6f2ca5023179ec114929c002dbda9
Reviewed-on: https://go-review.googlesource.com/c/go/+/654875 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Auto-Submit: Damien Neil <dneil@google.com> Reviewed-by: Jonathan Amsterdam <jba@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/657215
Filippo Valsorda [Wed, 12 Mar 2025 15:36:08 +0000 (16:36 +0100)]
[release-branch.go1.24] crypto/tls: allow P-521 in FIPS 140-3 mode and Go+BoringCrypto
Partially reverts CL 587296, restoring the Go+BoringCrypto 1.23 behavior
in terms of supported curves.
Updates #71757
Fixes #72823
Change-Id: I6a6a465651a8407056fd0fae091d10a945b37997
Reviewed-on: https://go-review.googlesource.com/c/go/+/657135
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: Daniel McCarney <daniel@binaryparadox.net> Reviewed-by: David Chase <drchase@google.com>
David Chase [Wed, 5 Mar 2025 18:44:12 +0000 (13:44 -0500)]
[release-branch.go1.24] cmd/compile: use inline-Pos-based recursion test
Look at the inlining stack of positions for a call site,
if the line/col/file of the call site appears in that
stack, do not inline. This subsumes all the other
recently-added recursive inlining checks, but they are
left in to make this easier+safer to backport.
Fixes #72822
Change-Id: I0f487bb0d4c514015907c649312672b7be464abd
Reviewed-on: https://go-review.googlesource.com/c/go/+/655155 Reviewed-by: Keith Randall <khr@golang.org> Reviewed-by: Keith Randall <khr@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Cuong Manh Le <cuong.manhle.vn@gmail.com>
(cherry picked from commit cad4dca518a3a984bfd6b19ee304a59f51937fd8)
Reviewed-on: https://go-review.googlesource.com/c/go/+/657075
Ian Lance Taylor [Wed, 26 Feb 2025 22:02:14 +0000 (14:02 -0800)]
[release-branch.go1.24] runtime/cgo: avoid errors from -Wdeclaration-after-statement
CL 652181 accidentally missed this iPhone only code.
For #71961
For #71963
Change-Id: I567f8bb38958907442e69494da330d5199d11f54
Reviewed-on: https://go-review.googlesource.com/c/go/+/653137
Commit-Queue: Ian Lance Taylor <iant@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com> Reviewed-by: Michael Pratt <mpratt@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Michael Anthony Knyszek [Wed, 19 Feb 2025 17:28:45 +0000 (17:28 +0000)]
[release-branch.go1.24] runtime: document that cleanups can run concurrently with each other
For #71825.
Fixes #71955.
Change-Id: I25af19eb72d75f13cf661fc47ee5717782785326
Reviewed-on: https://go-review.googlesource.com/c/go/+/652637 Reviewed-by: Keith Randall <khr@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com> Reviewed-by: Keith Randall <khr@google.com>
qiulaidongfeng [Sun, 23 Feb 2025 03:06:17 +0000 (11:06 +0800)]
[release-branch.go1.24] reflect: let Value.Seq return the iteration value correct type
Fixes #71916
For #71905
Change-Id: I50a418f8552e071c6e5011af5b9accc7d41548d0
Reviewed-on: https://go-review.googlesource.com/c/go/+/651855 Reviewed-by: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Michael Pratt <mpratt@google.com>
(cherry picked from commit 194696f1d1f6e5609f96d0fb0192595e7e0f5b90)
Reviewed-on: https://go-review.googlesource.com/c/go/+/652895 Reviewed-by: Michael Knyszek <mknyszek@google.com>
Auto-Submit: Michael Pratt <mpratt@google.com>
Michael Anthony Knyszek [Fri, 21 Feb 2025 15:53:51 +0000 (15:53 +0000)]
[release-branch.go1.24] reflect: correctly handle method values in Seq
Currently method values aren't correctly handled in Seq because we call
canRangeFunc on the reciever type, not the method value type, when we're
handling a method value. reflect.Value.Type has the logic to obtain the
method value type from the Value.
This change slightly refactors reflect.Value.Type into a separate
function so we can obtain the correct type as an abi.Type and pass it
off to canRangeFunc (and canRangeFunc2).
For #71874.
Fixes #71876.
Change-Id: Ie62dfca2a84b8f2f816bb87ff1ed1a58a7bb8122
Reviewed-on: https://go-review.googlesource.com/c/go/+/651416
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Cherry Mui <cherryyz@google.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com>
(cherry picked from commit d93f6df0cc4f33127ef76fa994edd54d7726d0a9)
Reviewed-on: https://go-review.googlesource.com/c/go/+/651515
Michael Pratt [Fri, 21 Feb 2025 15:29:09 +0000 (10:29 -0500)]
[release-branch.go1.24] runtime: use WCLONE when waiting on pidfd test child
As of CL 650835, the pidfd test child no longer sends SIGCHLD on exit.
Per clone(2), "If [the child termination] signal is specified as
anything other than SIGCHLD, then the parent process must specify the
__WALL or __WCLONE options when waiting for the child with wait(2)."
Align with this requirement.
For #71849.
For #71828.
Change-Id: I6a6a636c739e4a59abe1533fe429a433e8588939
Reviewed-on: https://go-review.googlesource.com/c/go/+/651415 Reviewed-by: Ian Lance Taylor <iant@golang.org>
Auto-Submit: Michael Pratt <mpratt@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
(cherry picked from commit e1e65ae3ee5f977c31f3651233cc7ff2a0b579ca)
Reviewed-on: https://go-review.googlesource.com/c/go/+/651476
Michael Pratt [Thu, 20 Feb 2025 19:42:19 +0000 (14:42 -0500)]
[release-branch.go1.24] debug/buildinfo: base64-encode test binaries
Overzealous security scanners don't like the Go 1.17 binary because they
think it has every 1.17 security vulnerability. base64-encode the binary
to hide from them.
I've also extended the instructions to make the binary easier to
reproduce.
Since we do the Go binary, we might as well do the C binary too, as it
apparently makes some virus scanners unhappy.
Fixes #71858.
For #71753.
For #71734.
For #71821.
Change-Id: I6a6a636cccbf5312522f52f27f74eded64048fb7
Reviewed-on: https://go-review.googlesource.com/c/go/+/651175
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Michael Pratt <mpratt@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com> Reviewed-by: Cherry Mui <cherryyz@google.com>
(cherry picked from commit af00524a6c1660e6a66fd975921df40ac1c3a415)
Reviewed-on: https://go-review.googlesource.com/c/go/+/651235
Ian Lance Taylor [Thu, 13 Feb 2025 22:40:01 +0000 (14:40 -0800)]
[release-branch.go1.24] internal/godebugs: add fips140 as an opaque godebug setting
This permits using "godebug fips140=on" in go.mod and
using "//go:debug fips140=on" in the main package.
Change code references to the godebug setting to remove the #
which is no longer required.
For #71666
Fixes #71745
Change-Id: I3a60ecc55b03848dadd6d431eb43137b6df6568b
Reviewed-on: https://go-review.googlesource.com/c/go/+/649495 Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Filippo Valsorda <filippo@golang.org>
(cherry picked from commit 2b43ce0a9d5825d66aa42a6fa9076f2fb9c181ea)
Reviewed-on: https://go-review.googlesource.com/c/go/+/650675
Commit-Queue: Ian Lance Taylor <iant@google.com>
David Chase [Tue, 18 Feb 2025 22:34:24 +0000 (17:34 -0500)]
[release-branch.go1.24] cmd/compile, runtime: use deferreturn as target PC for recover from deferrangefunc
The existing code for recover from deferrangefunc was broken in
several ways.
1. the code following a deferrangefunc call did not check the return
value for an out-of-band value indicating "return now" (i.e., recover
was called)
2. the returned value was delivered using a bespoke ABI that happened
to match on register-ABI platforms, but not on older stack-based
ABI.
3. the returned value was the wrong width (1 word versus 2) and
type/value(integer 1, not a pointer to anything) for deferrangefunc's
any-typed return value (in practice, the OOB value check could catch
this, but still, it's sketchy).
This -- using the deferreturn lookup method already in place for
open-coded defers -- turned out to be a much-less-ugly way of
obtaining the desired transfer of control for recover().
TODO: we also could do this for regular defer, and delete some code.
Fixes #71840
Change-Id: If7d7ea789ad4320821aab3b443759a7d71647ff0
Reviewed-on: https://go-review.googlesource.com/c/go/+/650476
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Cherry Mui <cherryyz@google.com> Reviewed-by: Cuong Manh Le <cuong.manhle.vn@gmail.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/651497
Change-Id: Ice816cf2943c5b6660f05934b4c7ca38545714b0
Reviewed-on: https://go-review.googlesource.com/c/go/+/648520
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: Filippo Valsorda <filippo@golang.org>
Commit-Queue: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
(cherry picked from commit 5f65e5cb56f98381970de5485e704f3c7e20ca9a)
Reviewed-on: https://go-review.googlesource.com/c/go/+/650596 Reviewed-by: Michael Knyszek <mknyszek@google.com>
Cuong Manh Le [Fri, 14 Feb 2025 20:00:27 +0000 (03:00 +0700)]
[release-branch.go1.24] cmd/compile: avoid infinite recursion when inlining closures
CL 630696 changes budget for once-called closures, making them more
inlinable. However, when recursive inlining involve both the closure and
its parent, the inliner goes into an infinite loop:
parent (a closure) -> closure -> parent -> ...
The problem here dues to the closure name mangling, causing the inlined
checking condition failed, since the closure name affects how the
linker symbol generated.
To fix this, just prevent the closure from inlining its parent into
itself, avoid the infinite inlining loop.
Fixes #71829
Change-Id: Ib27626d70f95e5f1c24a3eb1c8e6c3443b7d90c8
Reviewed-on: https://go-review.googlesource.com/c/go/+/649656 Reviewed-by: David Chase <drchase@google.com>
Auto-Submit: Cuong Manh Le <cuong.manhle.vn@gmail.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Michael Knyszek <mknyszek@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/650555
qmuntal [Tue, 18 Feb 2025 10:55:07 +0000 (11:55 +0100)]
[release-branch.go1.24] syscall: don't truncate newly created files on Windows
There is no need for syscall.OpenFile to truncate newly created files.
Some special Windows files, like the NUL device, can't be
truncated, so we should avoid truncating unless it is really necessary.
For #71752
Fixes #71836
Change-Id: I8238048594f706f6a5281053d55cfe3dc898828d
Reviewed-on: https://go-review.googlesource.com/c/go/+/650276
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: Michael Knyszek <mknyszek@google.com>
(cherry picked from commit 4267fd389e941cf197cc3890cc42e474866c0d30)
Reviewed-on: https://go-review.googlesource.com/c/go/+/650597 Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Commit-Queue: Ian Lance Taylor <iant@google.com> Reviewed-by: Quim Muntal <quimmuntal@gmail.com>
Paul Murphy [Wed, 12 Feb 2025 14:45:34 +0000 (08:45 -0600)]
[release-branch.go1.24] runtime: fix usleep on s390x/linux
The timespec argument takes the remainder in nanoseconds, not
microseconds. Convert the remaining time to nsec.
Fixes #71728
Change-Id: I36cbbe3a088830c5e3afcc9516ef42e96ee21268
Reviewed-on: https://go-review.googlesource.com/c/go/+/648915
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Mauri de Souza Meneguzzo <mauri870@gmail.com> Reviewed-by: Axel Busch <axel.busch@ibm.com>
Run-TryBot: Paul Murphy <murp@ibm.com> Reviewed-by: Cherry Mui <cherryyz@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Vishwanatha HD <vishwanatha.hd@ibm.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/649375
Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Quan Tong [Fri, 7 Feb 2025 11:42:26 +0000 (18:42 +0700)]
[release-branch.go1.24] cmd/go: initialize req.Header when loading git credential
Fixes #71687
Change-Id: I3d733a50b4451dfb571aba91a28387ba9e0614dc
Reviewed-on: https://go-review.googlesource.com/c/go/+/647615 Reviewed-by: Michael Matloob <matloob@golang.org> Reviewed-by: Sam Thanawalla <samthanawalla@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
(cherry picked from commit 58834c3ee08ea85b764c7cc3318ce7a68ea92cbd)
Reviewed-on: https://go-review.googlesource.com/c/go/+/648936 Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
TryBot-Bypass: Dmitri Shuralyov <dmitshur@golang.org>
Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
Cherry Mui [Fri, 7 Feb 2025 22:42:02 +0000 (17:42 -0500)]
[release-branch.go1.24] bytes: use "subslice" instead of "substring" in doc comments
The bytes package iterators return subslices, not substrings.
Updates #61901.
Change-Id: Ida91d3e33a0f178edfe9a267861adf4f13f9a965
Reviewed-on: https://go-review.googlesource.com/c/go/+/647875 Reviewed-by: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
(cherry picked from commit ff27d270c9f95178f9749bc8e1f15957b1c1d5b3)
Reviewed-on: https://go-review.googlesource.com/c/go/+/648095 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
TryBot-Bypass: Cherry Mui <cherryyz@google.com>
Michael Anthony Knyszek [Fri, 7 Feb 2025 23:22:50 +0000 (23:22 +0000)]
[release-branch.go1.24] os: hide SetFinalizer from users of Root
Currently Root embeds a root and calls SetFinalizer on &r.root. This
sets the finalizer on the outer root, which is visible to users of
os.Root, and thus they can mutate the finalizer attached to it.
This change modifies Root to not embed its inner root, but rather to
refer to it by pointer. This allows us to set the finalizer on this
independent inner object, preventing users of os.Root from changing the
finalizer. This follows the same pattern as os.File's finalizer.
Fixes #71617.
Change-Id: Ibd199bab1b3c877d5e12ef380fd4647b4e10221f
Reviewed-on: https://go-review.googlesource.com/c/go/+/647876
Auto-Submit: Michael Knyszek <mknyszek@google.com> Reviewed-by: Damien Neil <dneil@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
(cherry picked from commit a704d39b29dfc21599f644909c0f98bbfa745cb4)
Reviewed-on: https://go-review.googlesource.com/c/go/+/648135
TryBot-Bypass: Michael Knyszek <mknyszek@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
thepudds [Thu, 6 Feb 2025 13:07:38 +0000 (08:07 -0500)]
[release-branch.go1.24] weak: prevent unsafe conversions using weak pointers
Prevent conversions between Pointer types,
like we do for sync/atomic.Pointer.
Fixes #71583
Change-Id: I20e83106d8a27996f221e6cd9d52637b0442cea4
Reviewed-on: https://go-review.googlesource.com/c/go/+/647195
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com> Reviewed-by: Michael Knyszek <mknyszek@google.com> Reviewed-by: Cherry Mui <cherryyz@google.com>
(cherry picked from commit 8163ea1458763aa38fa9197e479bd30cb0145429)
Reviewed-on: https://go-review.googlesource.com/c/go/+/647435 Reviewed-by: Carlos Amedee <carlos@golang.org>
TryBot-Bypass: Cherry Mui <cherryyz@google.com>
This change introduced a security issue as @ flags are first resolved as
files by the darwin linker, before their meaning as flags, allowing the
flag filtering logic to be entirely bypassed.
Thanks to Juho Forsén for reporting this issue.
Fixes #71476
Fixes CVE-2025-22867
Change-Id: I3a4b4a6fc534de105d930b8ed5b9900bc94b0c4e
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/1900 Reviewed-by: Russ Cox <rsc@google.com> Reviewed-by: Damien Neil <dneil@google.com>
(cherry picked from commit cc0d725a4168f234ef38859b2d951a50a8fd94b5)
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/1940 Reviewed-by: Neal Patel <nealpatel@google.com>
Commit-Queue: Roland Shoemaker <bracewell@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/646995 Reviewed-by: Carlos Amedee <carlos@golang.org>
TryBot-Bypass: Cherry Mui <cherryyz@google.com>
Carlos Amedee [Fri, 31 Jan 2025 17:45:08 +0000 (12:45 -0500)]
[release-branch.go1.24] all: merge master (37f27fb) into release-branch.go1.24
Conflicts:
- src/cmd/go/testdata/script/goauth_netrc.txt
Merge List:
+ 2025-01-31 37f27fbecd cmd/go: enable fips test and fix caching bug
+ 2025-01-31 77d20838e9 cmd: update golang.org/x/tools to CL 645697, and revendor
+ 2025-01-30 ce7ea0a6a5 cmd/go: refine GOAUTH user parsing to be more strict
+ 2025-01-29 e81f715515 lib/fips140: freeze v1.0.0 FIPS 140 module zip file
+ 2025-01-29 4f48ad5c6b cmd/link/internal/loader: fix linknames from FIPS 140 frozen tree
+ 2025-01-29 1f58ad5d6d Revert "os: employ sendfile(2) for file-to-file copying on Linux when needed"
+ 2025-01-28 90ec9996cb crypto/pbkdf2: add keyLength limit
+ 2025-01-28 62cd7cb6cd crypto/hkdf: check error in TestFIPSServiceIndicator
+ 2025-01-28 7764c502e2 crypto/internal/sysrand: skip TestNoGetrandom without cgo
+ 2025-01-28 50455385b0 internal/coverage: fix bug in text-format coverage output with multiple packages
+ 2025-01-28 28d389ef30 internal/godebug: check error from os.ReadFile in test
+ 2025-01-28 8071f2a169 runtime: mapiter linkname compatibility layer
+ 2025-01-28 78e6f2a1c8 runtime: rename mapiterinit and mapiternext
+ 2025-01-28 4ebd5bf855 internal/goexperiment: update location of baseline experiment in comment
+ 2025-01-27 f8937cb625 archive/zip, archive/tar: writer appends slash to directory names
+ 2025-01-27 11e08d9d96 strconv: adjust comment so that gofmt doesn't mung it
+ 2025-01-27 b9872221cd crypto/internal/fips140/rsa: avoid CAST unsetting the service indicator
+ 2025-01-27 3f791c8dfb crypto/internal/fips140/aes: set FIPS 140 service indicator for CTR and CBC
+ 2025-01-27 e0aeee82f3 crypto/ecdsa: avoid needless ScalarBaseMult in s390x
+ 2025-01-27 f70aa3824b cmd/go: do not call base.fatal for an unset HOME for GOAUTH=netrc
+ 2025-01-27 475e08349d Revert "runtime: Check LSE support on ARM64 at runtime init"
+ 2025-01-27 e2e700f8b1 crypto/internal/boring: keep ECDH public key alive during cgo calls
+ 2025-01-22 608acff847 go/types: avoid importer.Default
+ 2025-01-22 9d21ef3bd4 runtime: fix the equality check in AddCleanup
+ 2025-01-22 5a46b17b5f os: force a goroutine to be scheduled on WASM
+ 2025-01-22 6fc23a3cff crypto/internal/fips140/nistec: make p256NegCond constant time on ppc64le
+ 2025-01-22 70b603f4d2 go/importer: document limitations of this API
+ 2025-01-21 f6d17c5400 net/http: update bundled golang.org/x/net/http2 [generated]
+ 2025-01-21 3aa7c5ef01 testing: fix reference to B.N in docstring
+ 2025-01-20 3f4164f508 runtime: delete out of date comment
+ 2025-01-17 40b3c0e58a internal/coverage: refactor EmitTextual in preparation for bugfix
+ 2025-01-17 87023bb27f go/types, types2: ensure deterministic output when reporting an init cycle
+ 2025-01-17 80bf7d83ed go/types, types2: remove superfluous assertion (fix build)
+ 2025-01-16 1a93e4a2cf lib/time: update to 2025a/2025a
+ 2025-01-16 0b632d26b9 cmd/internal/obj/wasm, runtime: detect wasmexport call before runtime initialization
+ 2025-01-16 6a4effa08b crypto/x509: avoid panic when parsing partial PKCS#1 private keys
+ 2025-01-16 139d6eedae cmd/go: restore netrc preferences for GOAUTH and fix domain lookup
+ 2025-01-16 2b2314e9f6 crypto/x509: properly check for IPv6 hosts in URIs
+ 2025-01-16 6783377295 net/http: persist header stripping across repeated redirects
+ 2025-01-14 368a9ec998 encoding/json: cleanup tests
+ 2025-01-14 bd80d8956f cmd/go/internal/modfetch: do not trust server to send all tags in shallow fetch
+ 2025-01-14 4fa61d6f9c cmd/api: report error in test instead of crashing
+ 2025-01-14 c5e205e928 internal/runtime/maps: re-enable some tests
+ 2025-01-14 befc43655b testing/fstest: fix function name and comment
+ 2025-01-14 c83f2ca4b3 cmd/dist: ignore packages with no Go files in BenchmarkAll
+ 2025-01-13 6da16013ba cmd/go: check go version when parsing go.mod fails
+ 2025-01-13 de9fdc7b71 syscall/js: adjust comments to that gofmt does not change them
+ 2025-01-13 17ed215958 go/types, types2: don't panic when instantiating generic alias with wrong number of type arguments
+ 2025-01-13 c53307c3fd spec: fix grammar issue
+ 2025-01-13 47a56b2b6d encoding/json: add cases to TestUnmarshal for fatal syntactic errors
+ 2025-01-13 7bb192a1c5 encoding/json: always check resulting Go value for unmarshaling
+ 2025-01-12 44a6f817ea cmd/compile: fix write barrier coalescing
+ 2025-01-10 19e923182e crypto/internal/fips140test: add hmac DRBG ACVP tests
+ 2025-01-10 7255b94920 crypto/internal/fips140test: add ML-KEM ACVP tests
+ 2025-01-09 932ec2be8d crypto/rsa: fix GenerateKey flakes for toy-sized keys
+ 2025-01-09 d0c9142ce3 runtime/pprof: hide map runtime frames from heap profiles
+ 2025-01-09 c7c4420ae4 cmd/go: clarify GODEBUG in go help environment
+ 2025-01-09 c6ab13fc43 cmd/go/internal/mmap: reslice to file size on Windows
+ 2025-01-09 f5a89dff67 crypto: fix fips140=only detection of SHA-3
+ 2025-01-08 4225c6cb37 encoding/json: improve fidelity of TestUnmarshal for Numbers
+ 2025-01-08 c87a6f932e crypto/mlkem: merge mlkem768.go and mlkem1024.go to improve godoc
+ 2025-01-08 f57a3a7c04 crypto/mlkem: add example and improve docs
+ 2025-01-08 c9afcbade7 go/types, types2: require iterator yield to return bool (work-around)
+ 2025-01-08 54693a81fd crypto/md5,crypto/sha1: apply fips140=only to Write and Sum, not New
+ 2025-01-08 0cdf8c7a8c crypto/ecdsa: apply fips140=only to deterministic ECDSA hash
+ 2025-01-08 4640e92af7 crypto/rsa: apply fips140=only to opts.Hash in SignPSS
Russ Cox [Sun, 17 Nov 2024 22:17:50 +0000 (17:17 -0500)]
cmd/go: enable fips test and fix caching bug
Enable the cmd/go fips test now that v1.0.0.zip has been checked in.
Will still need to enable the alias half when the alias is checked in.
Also fix a problem that was causing spurious failures, by fixing
repeated unpackings and also disabling modindex reads of the
virtual fips140 snapshot directories.
Fixes #71491.
Change-Id: I7fa21e9bde07ff4eb6c3483e99d49316ee0ea7f0
Reviewed-on: https://go-review.googlesource.com/c/go/+/645835 Reviewed-by: Michael Matloob <matloob@golang.org> Reviewed-by: Sam Thanawalla <samthanawalla@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Filippo Valsorda [Wed, 29 Jan 2025 02:18:01 +0000 (03:18 +0100)]
cmd/link/internal/loader: fix linknames from FIPS 140 frozen tree
blockedLinknames was updated in CL 635676 after the lib/fips140 zip
mechanism was last tested. linknames from crypto/internal/fips140/v1.0.0
need to be allowed if they'd be allowed from crypto/internal/fips140.
Change-Id: I6a6a4656022118d4739ae14831f2ad721951c192
Reviewed-on: https://go-review.googlesource.com/c/go/+/645195 Reviewed-by: Michael Pratt <mpratt@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Roland Shoemaker <roland@golang.org>
Michael Pratt [Mon, 27 Jan 2025 22:05:22 +0000 (14:05 -0800)]
Revert "os: employ sendfile(2) for file-to-file copying on Linux when needed"
This reverts CL 603295.
Reason for revert: can cause child exit_group to hang.
This is not a clean revert. CL 603098 did a major refactoring of the
tests. That refactor is kept, just the sendfile-specific tests are
dropped from the linux tests.
Fixes #71375.
Change-Id: Ic4d6535759667c69a44bd9281bbb33d5b559f591
Reviewed-on: https://go-review.googlesource.com/c/go/+/644895
Auto-Submit: Michael Pratt <mpratt@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Ian Lance Taylor <iant@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com> Reviewed-by: Andy Pan <panjf2000@gmail.com>
Ian Lance Taylor [Thu, 23 Jan 2025 23:50:32 +0000 (15:50 -0800)]
crypto/hkdf: check error in TestFIPSServiceIndicator
I don't know why this code calls panic(err) rather than
t.Fatal(err), but I didn't change it.
Change-Id: I9aa7503c604bd8d4f27cc295e2ec742446906df9
Reviewed-on: https://go-review.googlesource.com/c/go/+/643995 Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com> Reviewed-by: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Filippo Valsorda <filippo@golang.org>
Filippo Valsorda [Thu, 9 Jan 2025 23:06:43 +0000 (00:06 +0100)]
crypto/internal/sysrand: skip TestNoGetrandom without cgo
crypto/internal/sysrand/internal/seccomp needs cgo to disable getrandom.
Before this change, "CGO_ENABLED=0 go test crypto/internal/sysrand"
would fail on Linux.
Change-Id: I6a6a465685b480c846e5479da0659e90ab7f3a65
Reviewed-on: https://go-review.googlesource.com/c/go/+/642737 Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Roland Shoemaker <roland@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
Than McIntosh [Tue, 12 Nov 2024 17:32:39 +0000 (12:32 -0500)]
internal/coverage: fix bug in text-format coverage output with multiple packages
In ProcessCoverTestDir pass the selected set of packages to
EmitTextual in addition to EmitPercent, so that when we have runs with
multiple packages selected but without -coverpkg, text format output
for package P was incorrectly including output for P's covered
dependencies. This is in effect an extension of the fix for issue
65570.
Includes a cmd/go script test to verify correct behavior; ideally it
would be nice to locate this test in .../internal/coverage somewhere
but at the moment script tests are only supported for
cmd/{go,compile,link}.
Updates #65570.
Fixes #70244.
Change-Id: Ia0bb10155353aa0f2ead46e81a2aaa71bde4ef82
Reviewed-on: https://go-review.googlesource.com/c/go/+/627316 Reviewed-by: David Chase <drchase@google.com> Reviewed-by: Michael Knyszek <mknyszek@google.com> Reviewed-by: Cherry Mui <cherryyz@google.com>
Auto-Submit: Than McIntosh <thanm@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Ian Lance Taylor [Fri, 24 Jan 2025 01:37:29 +0000 (17:37 -0800)]
internal/godebug: check error from os.ReadFile in test
Change-Id: I4770443c8eaa12add2e04cbf9d18ebfbbd851162
Reviewed-on: https://go-review.googlesource.com/c/go/+/643259 Reviewed-by: Michael Pratt <mpratt@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Commit-Queue: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Michael Pratt [Fri, 24 Jan 2025 21:29:13 +0000 (16:29 -0500)]
runtime: mapiter linkname compatibility layer
This CL reintroduces the various mapiter* linkname functions with a
compatibility layer that is careful to maintain compatibility with users
of the linkname.
The wrappers are straightforward. Callers of these APIs get an extra
layer of indirection, with their hiter containing a pointer to the real
maps.Iter. These users will take a minor performance hit from the extra
allocation, but this approach should have good long-term
maintainability.
Fixes #71408.
Change-Id: I6a6a636c7574bbd670ff5243dfeb63dfba6dc611
Reviewed-on: https://go-review.googlesource.com/c/go/+/643899
Auto-Submit: Michael Pratt <mpratt@google.com> Reviewed-by: Keith Randall <khr@google.com> Reviewed-by: Keith Randall <khr@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Michael Pratt [Fri, 24 Jan 2025 18:34:26 +0000 (13:34 -0500)]
runtime: rename mapiterinit and mapiternext
mapiterinit allows external linkname. These users must allocate their
own iter struct for initialization by mapiterinit. Since the type is
unexported, they also must define the struct themselves. As a result,
they of course define the struct matching the old hiter definition (in
map_noswiss.go).
The old definition is smaller on 32-bit platforms. On those platforms,
mapiternext will clobber memory outside of the caller's allocation.
On all platforms, the pointer layout between the old hiter and new
maps.Iter does not match. Thus the GC may miss pointers and free
reachable objects early, or it may see non-pointers that look like heap
pointers and throw due to invalid references to free objects.
To avoid these issues, we must keep mapiterinit and mapiternext with the
old hiter definition. The most straightforward way to do this is to use
mapiterinit and mapiternext as a compatibility layer between the old and
new iter types.
The first step to that is to move normal map use off of these functions,
which is what this CL does.
Introduce new mapIterStart and mapIterNext functions that replace the
former functions everywhere in the toolchain. These have the same
behavior as the old functions.
This CL temporarily makes the old functions throw to ensure we don't
have hidden dependencies on them. We cannot remove them entirely because
GOEXPERIMENT=noswissmap still uses the old names, and internal/goobj
requires all builtins to exist regardless of GOEXPERIMENT. The next CL
will introduce the compatibility layer.
I want to avoid using linkname between runtime and reflect, as that
would also allow external linknames. So mapIterStart and mapIterNext are
duplicated in reflect, which can be done trivially, as it imports
internal/runtime/maps.
For #71408.
Change-Id: I6a6a636c6d4bd1392618c67ca648d3f061afe669
Reviewed-on: https://go-review.googlesource.com/c/go/+/643898
Auto-Submit: Michael Pratt <mpratt@google.com> Reviewed-by: Keith Randall <khr@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Keith Randall <khr@golang.org>
Ian Lance Taylor [Tue, 28 Jan 2025 04:41:55 +0000 (20:41 -0800)]
internal/goexperiment: update location of baseline experiment in comment
It moved in CL 310731.
Change-Id: I97340848b55e327d3b25949ec3850aec33448bbe
Reviewed-on: https://go-review.googlesource.com/c/go/+/644955 Reviewed-by: Carlos Amedee <carlos@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Michael Knyszek <mknyszek@google.com>
Auto-Submit: Ian Lance Taylor <iant@golang.org>
yincong [Wed, 22 Jan 2025 02:23:08 +0000 (02:23 +0000)]
archive/zip, archive/tar: writer appends slash to directory names
Fixes #71235
Change-Id: I62aebb9d421db0e4b57ad5cae25c70f47aa5f8f9
GitHub-Last-Rev: 6e0fba07dd128e20e32a3a6258edf80ee91d4690
GitHub-Pull-Request: golang/go#71239
Reviewed-on: https://go-review.googlesource.com/c/go/+/642375 Reviewed-by: Jonathan Amsterdam <jba@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Commit-Queue: Ian Lance Taylor <iant@google.com>
Ian Lance Taylor [Mon, 13 Jan 2025 18:28:19 +0000 (10:28 -0800)]
strconv: adjust comment so that gofmt doesn't mung it
Change-Id: I7fe5c6a0521d3c597eae0f3568942df1db9370b1
Reviewed-on: https://go-review.googlesource.com/c/go/+/642497
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Robert Griesemer <gri@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Filippo Valsorda [Mon, 27 Jan 2025 13:21:43 +0000 (14:21 +0100)]
crypto/internal/fips140/rsa: avoid CAST unsetting the service indicator
Without fipsApproved set, when the CAST runs it sets the service
indicator to false for the whole span.
This is a very late Go 1.24 change, but it is necessary for the frozen
FIPS module, and doesn't impact anything else than the FIPS status
indicator value.
Change-Id: I6a6a46567818135158c3c252b5480431a190572b
Reviewed-on: https://go-review.googlesource.com/c/go/+/644636
Auto-Submit: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Roland Shoemaker <roland@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: Carlos Amedee <carlos@golang.org> Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Filippo Valsorda [Mon, 27 Jan 2025 13:18:02 +0000 (14:18 +0100)]
crypto/internal/fips140/aes: set FIPS 140 service indicator for CTR and CBC
This is a very late Go 1.24 change, but it is necessary for the frozen
FIPS module, and doesn't impact anything else than the FIPS status
indicator value.
Change-Id: I6a6a4656f1ac94ac46d631c90a206ac8b6ddcf4c
Reviewed-on: https://go-review.googlesource.com/c/go/+/644635
Auto-Submit: Roland Shoemaker <roland@golang.org> Reviewed-by: Daniel McCarney <daniel@binaryparadox.net> Reviewed-by: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Carlos Amedee <carlos@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Cherry Mui [Mon, 27 Jan 2025 17:11:36 +0000 (09:11 -0800)]
Revert "runtime: Check LSE support on ARM64 at runtime init"
This reverts CL 610195.
Reason for revert: SIGILL on macOS. See issue #71411.
Updates #69124, #60905.
Fixes #71411.
Change-Id: Ie0624e516dfb32fb13563327bcd7f557e5cba940
Reviewed-on: https://go-review.googlesource.com/c/go/+/644695
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Keith Randall <khr@golang.org> Reviewed-by: Keith Randall <khr@google.com> Reviewed-by: Mauri de Souza Meneguzzo <mauri870@gmail.com>
Carlos Amedee [Fri, 3 Jan 2025 21:53:32 +0000 (16:53 -0500)]
os: force a goroutine to be scheduled on WASM
The TestRootConcurrentClose test can fail when GOARCH=WASM because of
goroutine starvation. The spawned goroutine will sometimes run in a
loop and never have the main goroutine be scheduled. This causes the
test to fail due to a timeout. This change forces the goroutine to be
scheduled with each iteration of the loop when GOARCH=WASM.
For #71134
Fixes #71117
Change-Id: I4fb68907c9ac3b33bd0572d5e5db2974a3379191
Reviewed-on: https://go-review.googlesource.com/c/go/+/640195 Reviewed-by: Michael Knyszek <mknyszek@google.com> Reviewed-by: Cherry Mui <cherryyz@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Carlos Amedee <carlos@golang.org>
Pull in x/net CL 642606 and CL 643256 and regenerate h2_bundle.go:
http2: disable extended CONNECT by default
http2: encode :protocol pseudo-header before regular headers
For #36905.
Fixes #70728.
Fixes #71128.
[git-generate]
go install golang.org/x/build/cmd/updatestd@latest
go install golang.org/x/tools/cmd/bundle@latest
updatestd -goroot=$(pwd) -branch=internal-branch.go1.24-vendor
Change-Id: Id853cb96f8fc410956666f5c3ab4c5889c703503
Reviewed-on: https://go-review.googlesource.com/c/go/+/642398 Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>
Kir Kolyshkin [Tue, 21 Jan 2025 01:38:26 +0000 (17:38 -0800)]
testing: fix reference to B.N in docstring
Currently, a documentation reference to a struct member (such as [B.N])
does not result in it being rendered as a link, and thus the square
brackets remain in the rendered documentation which is mildly confusing.
The issue can be seen at
https://pkg.go.dev/testing@master#hdr-b_N_style_benchmarks
Remove the square brackets to fix.
Change-Id: Id374fd2085bd511018220c5d663650f89672302e
Reviewed-on: https://go-review.googlesource.com/c/go/+/643496 Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Alan Donovan <adonovan@google.com>
Than McIntosh [Tue, 12 Nov 2024 17:12:44 +0000 (12:12 -0500)]
internal/coverage: refactor EmitTextual in preparation for bugfix
Refactor cformat.EmitTextual to accept a package filter (list of
packages to report). This is a no-op in terms of exposed coverage
functionality, but we will need this feature in a subsequent patch.
Updates #70244.
Change-Id: I1e6bcbfb5e68187d4d69d54b667e97bc1fdfa2d4
Reviewed-on: https://go-review.googlesource.com/c/go/+/627315 Reviewed-by: David Chase <drchase@google.com> Reviewed-by: Michael Knyszek <mknyszek@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Remove an assertion that was overly restrictive and hard to get
correct under all circumstances (i.e., in the presence of incorrect)
code. This matches the code for *Named types in that specific switch.
Fixes #71284.
Change-Id: Ifccf8b73dc70cac9cb1c8b24946d16851d511454
Reviewed-on: https://go-review.googlesource.com/c/go/+/643255 Reviewed-by: Robert Findley <rfindley@google.com>
Auto-Submit: Robert Griesemer <gri@google.com> Reviewed-by: Robert Griesemer <gri@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Cherry Mui [Thu, 16 Jan 2025 18:56:15 +0000 (13:56 -0500)]
cmd/internal/obj/wasm, runtime: detect wasmexport call before runtime initialization
If a wasmexport function is called from the host before
initializing the Go Wasm module, currently it will likely fail
with a bounds error, because the uninitialized SP is 0, and any
SP decrement will make it out of bounds.
As at least some Wasm runtime doesn't call _initialize by default,
This error can be common. And the bounds error looks confusing to
the users. Therefore, we detect this case and emit a clearer error.
Fixes #71240.
Updates #65199.
Change-Id: I107095f08c76cdceb7781ab0304218eab7029ab6
Reviewed-on: https://go-review.googlesource.com/c/go/+/643115
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Michael Knyszek <mknyszek@google.com>
Sam Thanawalla [Wed, 8 Jan 2025 20:38:32 +0000 (20:38 +0000)]
[release-branch.go1.24] cmd/go: restore netrc preferences for GOAUTH and fix domain lookup
Store netrc lines into the credential map backward so that earlier lines
take priority over later lines. This matches Go 1.23 netrc lookup which
stopped at the first match it found.
Additionally, this fixes a security issue related to domain parsing
which could have allowed servers to read credentials belonging to other
servers. The fix was to switch from using path.Dir(currentPrefix) to
strings.Cut(currentPrefix, "/")
Thanks to Juho Forsén of Mattermost for reporting this issue.
Fixes #71249
Fixes CVE-2024-45340
Change-Id: I175a00d6d7f4d31c9e4d79b7cf1c2a0ad35b2781
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/1781 Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
Commit-Queue: Roland Shoemaker <bracewell@google.com> Reviewed-by: Roland Shoemaker <bracewell@google.com> Reviewed-by: Damien Neil <dneil@google.com>
(cherry picked from commit 76833d221aa3ccc978b6f41bd24e26babf771375)
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/1840
Reviewed-on: https://go-review.googlesource.com/c/go/+/643101 Reviewed-by: Michael Pratt <mpratt@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com>
Damien Neil [Fri, 22 Nov 2024 20:34:11 +0000 (12:34 -0800)]
[release-branch.go1.24] net/http: persist header stripping across repeated redirects
When an HTTP redirect changes the host of a request, we drop
sensitive headers such as Authorization from the redirected request.
Fix a bug where a chain of redirects could result in sensitive
headers being sent to the wrong host:
1. request to a.tld with Authorization header
2. a.tld redirects to b.tld
3. request to b.tld with no Authorization header
4. b.tld redirects to b.tld
3. request to b.tld with Authorization header restored
Thanks to Kyle Seely for reporting this issue.
For #70530
Fixes #71212
Fixes CVE-2024-45336
Change-Id: Ia58a2e10d33d6b0cc7220935e771450e5c34de72
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/1641 Reviewed-by: Roland Shoemaker <bracewell@google.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
Commit-Queue: Roland Shoemaker <bracewell@google.com>
(cherry picked from commit 2889169b87a61f1218a02994feb80fd3d8bfa87c)
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/1766
Reviewed-on: https://go-review.googlesource.com/c/go/+/643100
Auto-Submit: Michael Knyszek <mknyszek@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Michael Pratt <mpratt@google.com>
Roland Shoemaker [Mon, 9 Dec 2024 19:31:22 +0000 (11:31 -0800)]
[release-branch.go1.24] crypto/x509: properly check for IPv6 hosts in URIs
When checking URI constraints, use netip.ParseAddr, which understands
zones, unlike net.ParseIP which chokes on them. This prevents zone IDs
from mistakenly satisfying URI constraints.
Thanks to Juho Forsén of Mattermost for reporting this issue.
For #71156
Fixes #71209
Fixes CVE-2024-45341
Change-Id: Iecac2529f3605382d257996e0fb6d6983547e400
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/1700 Reviewed-by: Tatiana Bradley <tatianabradley@google.com> Reviewed-by: Damien Neil <dneil@google.com>
(cherry picked from commit 22ca55d396ba801e6ae9b2bd67a059fcb30562fd)
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/1800
Commit-Queue: Roland Shoemaker <bracewell@google.com> Reviewed-by: Roland Shoemaker <bracewell@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/643099
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com> Reviewed-by: Michael Pratt <mpratt@google.com>
Sam Thanawalla [Wed, 8 Jan 2025 20:38:32 +0000 (20:38 +0000)]
cmd/go: restore netrc preferences for GOAUTH and fix domain lookup
Store netrc lines into the credential map backward so that earlier lines
take priority over later lines. This matches Go 1.23 netrc lookup which
stopped at the first match it found.
Additionally, this fixes a security issue related to domain parsing
which could have allowed servers to read credentials belonging to other
servers. The fix was to switch from using path.Dir(currentPrefix) to
strings.Cut(currentPrefix, "/")
Thanks to Juho Forsén of Mattermost for reporting this issue.
Fixes #71249
Fixes CVE-2024-45340
Change-Id: I175a00d6d7f4d31c9e4d79b7cf1c2a0ad35b2781
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/1781 Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
Commit-Queue: Roland Shoemaker <bracewell@google.com> Reviewed-by: Roland Shoemaker <bracewell@google.com> Reviewed-by: Damien Neil <dneil@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/643097 Reviewed-by: Michael Pratt <mpratt@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com>
Roland Shoemaker [Mon, 9 Dec 2024 19:31:22 +0000 (11:31 -0800)]
crypto/x509: properly check for IPv6 hosts in URIs
When checking URI constraints, use netip.ParseAddr, which understands
zones, unlike net.ParseIP which chokes on them. This prevents zone IDs
from mistakenly satisfying URI constraints.
Thanks to Juho Forsén of Mattermost for reporting this issue.
Fixes #71156
Fixes CVE-2024-45341
Change-Id: Iecac2529f3605382d257996e0fb6d6983547e400
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/1700 Reviewed-by: Tatiana Bradley <tatianabradley@google.com> Reviewed-by: Damien Neil <dneil@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/643096 Reviewed-by: Michael Pratt <mpratt@google.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Damien Neil [Fri, 22 Nov 2024 20:34:11 +0000 (12:34 -0800)]
net/http: persist header stripping across repeated redirects
When an HTTP redirect changes the host of a request, we drop
sensitive headers such as Authorization from the redirected request.
Fix a bug where a chain of redirects could result in sensitive
headers being sent to the wrong host:
1. request to a.tld with Authorization header
2. a.tld redirects to b.tld
3. request to b.tld with no Authorization header
4. b.tld redirects to b.tld
3. request to b.tld with Authorization header restored
Thanks to Kyle Seely for reporting this issue.
For #70530
Fixes CVE-2024-45336
Change-Id: Ia58a2e10d33d6b0cc7220935e771450e5c34de72
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/1641 Reviewed-by: Roland Shoemaker <bracewell@google.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
Commit-Queue: Roland Shoemaker <bracewell@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/643095
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Michael Pratt <mpratt@google.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com>
Joe Tsai [Tue, 14 Jan 2025 20:43:27 +0000 (12:43 -0800)]
encoding/json: cleanup tests
Perform minor cleanups in tests to improve printout of diffs
and/or follow modern coding style.
This reduces the amount of diffs between v1 and the v2 prototype.
Change-Id: I019bb9642e2135f2fa3eac6abfa6df91c397aa82
Reviewed-on: https://go-review.googlesource.com/c/go/+/642257 Reviewed-by: Damien Neil <dneil@google.com>
Auto-Submit: Joseph Tsai <joetsai@digital-static.net>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Russ Cox [Tue, 14 Jan 2025 04:00:14 +0000 (23:00 -0500)]
cmd/go/internal/modfetch: do not trust server to send all tags in shallow fetch
Newer git versions (at least git 2.47.1) do not send all the matching tags
for a shallow fetch of a specific hash anymore. The go command assumes
that git servers do this. Since that assumption is broken, use the local
copy of the remote refs list to augment the tags sent by the server.
This makes the cmd/go/internal/modfetch tests pass again with newer git.
Fixes #71261.
Change-Id: I9fd4f3fd7beeb68a522938599f8f3acd887d0b26
Reviewed-on: https://go-review.googlesource.com/c/go/+/642437 Reviewed-by: Michael Matloob <matloob@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Russ Cox <rsc@golang.org>
So import_ must have returned an error, making pkg nil. Show that error.
Also do the same at the other calls to import_.
Change-Id: Ie782571c4bda3334a86b303f61969cf1cc7d3c32
Reviewed-on: https://go-review.googlesource.com/c/go/+/642438
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
Keith Randall [Tue, 14 Jan 2025 00:21:29 +0000 (16:21 -0800)]
internal/runtime/maps: re-enable some tests
Re-enable tests for stack-allocated maps and fast map accessors.
Those are implemented now.
Update #54766
Change-Id: I8c019702bd9fb077b2fe3f7c78e8e9e10d2263a6
Reviewed-on: https://go-review.googlesource.com/c/go/+/642376
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Keith Randall <khr@google.com> Reviewed-by: Michael Pratt <mpratt@google.com>
Auto-Submit: Keith Randall <khr@golang.org>
cuishuang [Mon, 13 Jan 2025 17:11:22 +0000 (01:11 +0800)]
testing/fstest: fix function name and comment
Change-Id: I17bc68a2e3a96d0dc3d9ddcad40149df37fc4839
Reviewed-on: https://go-review.googlesource.com/c/go/+/642198 Reviewed-by: Ian Lance Taylor <iant@google.com> Reviewed-by: Damien Neil <dneil@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Auto-Submit: Damien Neil <dneil@google.com>
Ian Lance Taylor [Tue, 14 Jan 2025 14:58:32 +0000 (06:58 -0800)]
cmd/dist: ignore packages with no Go files in BenchmarkAll
This case recently started happening on the builders.
The synctest experiment was recently enabled for some targets (CL 642422).
This caused the list of standard packages to include testing/synctest.
However, BenchmarkAll tests for all configurations;
some did not include testing/synctest. That caused the test to crash.
Change-Id: Icade10af147c2e2bcbac25bf744919083db3e70f
Reviewed-on: https://go-review.googlesource.com/c/go/+/642397
Auto-Submit: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Ian Lance Taylor <iant@google.com> Reviewed-by: Russ Cox <rsc@golang.org>