Dmitri Shuralyov [Fri, 22 Nov 2024 00:54:12 +0000 (19:54 -0500)]
all: update golang.org/x/net [generated]
A part of the keeping Go's vendored dependencies and generated code
up to date.
This updates h2_bundle.go with unencrypted HTTP/2 support.
For #36905.
For #67816.
[git-generate]
cd src
go get golang.org/x/net@v0.31.0
go mod tidy
go mod vendor
cd cmd
go get golang.org/x/net@v0.31.0
go mod tidy
go mod vendor
go generate -run=bundle std
Change-Id: I2b77f651b990f260fbe7d551c7a819518f1c983f
Reviewed-on: https://go-review.googlesource.com/c/go/+/631035 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Damien Neil <dneil@google.com>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>
Roland Shoemaker [Sat, 16 Nov 2024 19:17:54 +0000 (11:17 -0800)]
crypto/x509: implement policy validation
Implement support for parsing the various policy related extensions,
and for validating the policy graph for chains.
Policy validation is only run if VerifyOptions.CertificatePolicies is
set. Policy validation is run after chains are built. If the computed
policy graph for a chain is invalid, the chain is removed from the set
of returned chains.
This implements the RFC 5280 algorithm as updated by
RFC 9618 [0].
Fixes #68484
[0] https://www.rfc-editor.org/rfc/rfc9618.html
Change-Id: I576432a47ddc404cba966c2b1995365944b8bd26
Reviewed-on: https://go-review.googlesource.com/c/go/+/628616
Auto-Submit: Roland Shoemaker <roland@golang.org> Reviewed-by: Filippo Valsorda <filippo@golang.org> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Richard Miller [Tue, 19 Nov 2024 12:15:26 +0000 (12:15 +0000)]
os: allow for variant plan9 error messages in TestOpenError
Different Plan 9 file servers may return different error strings
on an attempt to open a directory for writing: EISDIR, EACCES or
EPERM. TestOpenError allows for the first two, but it needs to
allow for EPERM as well.
Fixes #70440
Change-Id: I705cc086e21630ca254499ca922ede78c9901b11
Reviewed-on: https://go-review.googlesource.com/c/go/+/629635
Auto-Submit: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
TryBot-Bypass: Dmitri Shuralyov <dmitshur@golang.org>
Filippo Valsorda [Thu, 21 Nov 2024 18:10:49 +0000 (19:10 +0100)]
crypto/internal/fips140/rsa: support separate MGF1 hash for EncryptOAEP
We might or might not want to expose it, but it makes the internal API
symmetrical, and lets us decide to do it in the future without changing
the FIPS module.
Updates #65716
Change-Id: Iea431a527ab17b9f00dee4da25761cedb2c2eba0
Reviewed-on: https://go-review.googlesource.com/c/go/+/630655
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Russ Cox <rsc@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
Damien Neil [Fri, 22 Nov 2024 00:44:21 +0000 (16:44 -0800)]
net/http: skip test which depends on h2_bundle.go update
For #67816
Change-Id: I9ba3a245d6b18758944ca5e206a15892b2aa6028
Reviewed-on: https://go-review.googlesource.com/c/go/+/630976 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
Auto-Submit: Damien Neil <dneil@google.com>
Youlin Feng [Thu, 14 Nov 2024 16:13:34 +0000 (00:13 +0800)]
cmd/compile: modify CSE to remove redundant OpLocalAddrs
Remove the OpLocalAddrs that are unnecessary in the CSE pass, so the
following passes like DSE and memcombine can do its work better.
Fixes #70300
Change-Id: I600025d49eeadb3ca4f092d614428399750f69bc
Reviewed-on: https://go-review.googlesource.com/c/go/+/628075 Reviewed-by: Keith Randall <khr@google.com> Reviewed-by: David Chase <drchase@google.com>
Auto-Submit: David Chase <drchase@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Keith Randall <khr@golang.org>
Tim King [Thu, 14 Nov 2024 20:04:39 +0000 (12:04 -0800)]
internal/exportdata, cmd/compile/internal/noder: merge export data handling
Unify how go/types, types2, and noder read in unified export data from
GC-created files.
This splits FindExportData into smaller pieces for improved code
sharing.
- FindPackageDefinition finds the package definition file in the ar
archive.
- ReadObjectHeaders reads the object headers.
- ReadExportDataHeader reads the export data format header.
There is a new convenience wrapper ReadUnified that combines all of
these. This documents the expected archive contents.
Updates noder and the importers to use these.
This also adjusts when end-of-section marker ("\n$$\n") checking happens.
Change-Id: Iec2179b0a1ae7f69eb12d077018f731116a77f13
Reviewed-on: https://go-review.googlesource.com/c/go/+/628155 Reviewed-by: Robert Griesemer <gri@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Commit-Queue: Tim King <taking@google.com>
Daniel McCarney [Thu, 21 Nov 2024 01:09:50 +0000 (20:09 -0500)]
crypto/tls: test with FIPS 140-3 TLS mode
For tests that are interested in testing the difference between TLS in
FIPS 140-3 required mode or otherwise two new helpers are introduced,
runWithFIPSEnabled and runWithFIPSDisabled. They take care of forcing
the correct TLS FIPS 140-3 state regardless of the overal GODEBUG=fips
state, and restoring it afterwards.
For the tests that use features or test data not appropriate for
TLS in FIPS 140-3 required mode we add skips. For some tests we can make
them appropriate for both TLS FIPS 140-3 required or not by tweaking some
parameters that weren't important to the subject under test, but would
otherwise preclude TLS FIPS 140-3 required mode (e.g. because they used
TLS 1.0 when the test could use TLS 1.2 instead). For others, switching
test certificates to a RSA 2048 hierarchy is sufficient. We avoid
regenerating the existing RSA 1024 certs as 2048 since it would
invalidate recorded static flow data.
Tests that rely on static message flows (primarily the client and server
handshake) tests are skipped due to FIPS mode being non-deterministic
and inappropriate for this style of testing.
Change-Id: I311f3828dac890bb3ff8ebda6ed73d50f0797110
Reviewed-on: https://go-review.googlesource.com/c/go/+/629736 Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Daniel McCarney [Thu, 14 Nov 2024 19:25:44 +0000 (14:25 -0500)]
crypto/internal/fips/pbkdf2: add CAST testing
Per IG 10 3.A a module implementing PBKDF2 must perform a CAST
on the derivation of a master key. This commit adds the required CAST
test.
The salt length (16 bytes), and output length (14 bytes) for the test
are selected to meet FIPS requirements. The iteration count must be
at least 2 so we use that value exactly for the fastest self-test
allowable.
We test all underlying prerequisite algorithms (HMAC, digest algorithms)
separately.
For #69536
Change-Id: Iba9e87ab89eeec1c73adc7e56016674ac8065c39
Reviewed-on: https://go-review.googlesource.com/c/go/+/623195 Reviewed-by: Filippo Valsorda <filippo@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Roland Shoemaker <roland@golang.org>
Daniel McCarney [Thu, 14 Nov 2024 19:09:13 +0000 (14:09 -0500)]
crypto/internal/fips/pbkdf2: fips import pbkdf2
This commit lifts the internals of crypto/pbkdf2 into
crypto/internal/fips140/pbkdf2, in the FIPS module. The code
remains unchanged except for the following adjustments:
* The hash and hmac imports now come from the FIPS equivalents.
* The FIPS service indicator status is set based on the SP 800-132
requirements for PBKDF2.
For #69536
Change-Id: I61f47a652cef10505a5b40a70be5240b161a97ba
Reviewed-on: https://go-review.googlesource.com/c/go/+/619236
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Derek Parker <parkerderek86@gmail.com> Reviewed-by: Filippo Valsorda <filippo@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Ian Lance Taylor [Thu, 21 Nov 2024 21:09:20 +0000 (13:09 -0800)]
internal/copyright: close files
Fixes #70507
Change-Id: I2ab1f221ebd45fedc70d1fded29b084147eadd28
Reviewed-on: https://go-review.googlesource.com/c/go/+/630815
Auto-Submit: Ian Lance Taylor <iant@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Tim King <taking@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
Damien Neil [Mon, 4 Nov 2024 19:21:04 +0000 (11:21 -0800)]
net/http: add support for unencrypted HTTP/2
Add an UnencryptedHTTP2 protocol value.
Both Server and Transport implement "HTTP/2 with prior knowledge"
as described in RFC 9113, section 3.3. Neither supports the
deprecated HTTP/2 upgrade mechanism (RFC 7540, section 3.2 "h2c").
For Server, UnencryptedHTTP2 controls whether the server
will accept HTTP/2 connections on unencrypted ports.
When enabled, the server checks new connections for
the HTTP/2 preface and routes them appropriately.
For Transport, enabling UnencryptedHTTP2 and disabling HTTP1
causes http:// requests to be made over unencrypted HTTP/2
connections.
For #67816
Change-Id: I2763c4cdec1c2bc6bb8157edb93b94377de8a59b
Reviewed-on: https://go-review.googlesource.com/c/go/+/622976
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Keith Randall <khr@google.com> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Robert Griesemer [Thu, 21 Nov 2024 23:22:39 +0000 (15:22 -0800)]
go/parser: fix typo in tracing output (make trace match function)
Change-Id: Ia79c7c8c4245b1ff8221296bc47bcba257e153e2
Reviewed-on: https://go-review.googlesource.com/c/go/+/630895 Reviewed-by: Tim King <taking@google.com> Reviewed-by: Robert Griesemer <gri@google.com>
Auto-Submit: Robert Griesemer <gri@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
David Chase [Mon, 18 Nov 2024 19:55:12 +0000 (14:55 -0500)]
cmd/compile: refactor inline interleaving
This is intended to simplify future experiments/changes.
It does slightly change the fixedpoint order (across all
functions in a func+closures set or recursive set, but
that seems not to affect tests or benchmarks).
Change-Id: I80bcaabf277b317523e538f5fd4d2ff6dc08c033
Reviewed-on: https://go-review.googlesource.com/c/go/+/630595 Reviewed-by: Keith Randall <khr@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Keith Randall <khr@golang.org>
Michael Pratt [Thu, 21 Nov 2024 18:56:57 +0000 (13:56 -0500)]
reflect: add test of maps with keys larger than key size
This finds the bug fixed in CL 630279.
reflect mutates the SwissMapType of a map[unsafe.Pointer]unsafe.Pointer,
which happened to already have the correct GroupSize for all of the maps
used in the reflect tests.
For #54766.
Change-Id: If4428e1e799598e7512edceb3cefb2ad00cfa712
Reviewed-on: https://go-review.googlesource.com/c/go/+/630676
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Keith Randall <khr@golang.org> Reviewed-by: Keith Randall <khr@google.com>
Auto-Submit: Michael Pratt <mpratt@google.com>
Daniel McCarney [Wed, 20 Nov 2024 21:11:06 +0000 (16:11 -0500)]
crypto/hkdf: init package
This commit imports the x/crypto/hkdf package as a public crypto package
based on the linked proposal. Since we've already implemented this
internal to the FIPS boundary (mod some small changes based on the
proposal discussion) this largely defers to that implementation.
Setting GODEBUG=multipathtcp= [1] has no effects on apps using
ListenTCP or DialTCP directly.
According to the documentation, these functions are supposed to act like
Listen and Dial respectively:
ListenTCP acts like Listen for TCP networks.
DialTCP acts like Dial for TCP networks.
So when reading this, I think we should expect GODEBUG=multipathtcp= to
act on these functions as well.
Also, since #69016, MPTCP is used by default (if supported) with TCP
listeners. Similarly, when ListenTCP is used directly, MPTCP is
unexpectedly not used. It is strange to have a different behaviour.
So now, ListenTCP and DialTCP also check for MPTCP. Those are the exact
same checks that are done in dial.go, see Listen and dialSingle.
[1] https://pkg.go.dev/net#Dialer.SetMultipathTCP
Fixes #70500
Change-Id: I646431a74571668e505493fa8c1b2206bf30ed09
GitHub-Last-Rev: 69a31a1b033497fa219309410f16c4524aa6bba9
GitHub-Pull-Request: golang/go#70501
Reviewed-on: https://go-review.googlesource.com/c/go/+/630715 Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Roland Shoemaker [Wed, 30 Oct 2024 03:22:27 +0000 (20:22 -0700)]
crypto/tls: add server-side ECH
Adds support for server-side ECH.
We make a couple of implementation decisions that are not completely
in-line with the spec. In particular, we don't enforce that the SNI
matches the ECHConfig public_name, and we implement a hybrid
shared/backend mode (rather than shared or split mode, as described in
Section 7). Both of these match the behavior of BoringSSL.
The hybrid server mode will either act as a shared mode server, where-in
the server accepts "outer" client hellos and unwraps them before
processing the "inner" hello, or accepts bare "inner" hellos initially.
This lets the server operate either transparently as a shared mode
server, or a backend server, in Section 7 terminology. This seems like
the best implementation choice for a TLS library.
Fixes #68500
Change-Id: Ife69db7c1886610742e95e76b0ca92587e6d7ed4
Reviewed-on: https://go-review.googlesource.com/c/go/+/623576 Reviewed-by: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Auto-Submit: Roland Shoemaker <roland@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Dmitri Shuralyov [Thu, 21 Nov 2024 17:50:14 +0000 (12:50 -0500)]
internal/copyright: skip testdata and vendor directories only
Using filepath.SkipDir without confirming that d is a directory makes
it prone to taking unintended action if a file (not a directory) with
the same name gets added.
This isn't a problem today, but we shouldn't spend human code review
time checking that this doesn't somehow happen in the future, either.
Change-Id: I29bf203ddef175c3ad23c9ddc10fa934126ac853
Reviewed-on: https://go-review.googlesource.com/c/go/+/630635 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Ian Lance Taylor <iant@google.com>
TryBot-Bypass: Dmitri Shuralyov <dmitshur@golang.org>
Joel Sing [Wed, 14 Aug 2024 16:48:09 +0000 (02:48 +1000)]
cmd/internal/obj/riscv: rework instruction encoding information
Currently, instruction encoding is a slice of encoding types, which
is indexed by a masked version of the riscv64 opcode. Additional
information about some instructions (for example, if an instruction
has a ternary form and if there is an immediate form for an instruction)
is manually specified in other parts of the assembler code.
Rework the instruction encoding information so that we use a table
driven form, providing additional data for each instruction where
relevant. This means that we can simplify other parts of the code
by simply looking up the instruction data and reusing minimal logic.
Change-Id: I7b3b6c61a4868647edf28bd7dbae2150e043ae00
Cq-Include-Trybots: luci.golang.try:gotip-linux-riscv64
Reviewed-on: https://go-review.googlesource.com/c/go/+/622535
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Cherry Mui <cherryyz@google.com> Reviewed-by: Meng Zhuo <mengzhuo1203@gmail.com> Reviewed-by: Mark Ryan <markdryan@rivosinc.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Damien Neil [Thu, 21 Nov 2024 17:20:46 +0000 (09:20 -0800)]
os: drop unnecessary trailing . from symlink targets
Adjust splitPathInRoot to match its documented behavior
of dropping . path components except at the end of the path.
This function takes a prefix, path, and suffix; previously
it would preserve a trailing . at the end of the path
even when joining to a suffix.
The practical effect of this change is that we we'll skip
a pointless open of . when following a symlink under some
circumstances:
- open "a/target"
- "a" is a symlink to "b/."
- previously: we rewrite our path to "b/./target"
- now: we rewrite our path to "b/target"
This is a fairly unimportant edge case, and our observable
behavior isn't changing. The main motivation for this change is
that the overall behavior is more comprehensible if splitPathInRoot
follows its documentation.
Change-Id: I96c6a5e3f489cdac991ba1bd702180d69625bc64
Reviewed-on: https://go-review.googlesource.com/c/go/+/630615 Reviewed-by: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
cuishuang [Wed, 20 Nov 2024 13:56:27 +0000 (21:56 +0800)]
all: fix some function names and typos in comment
Change-Id: I07e7c8eaa5bd4bac0d576b2f2f4cd3f81b0b77a4
Reviewed-on: https://go-review.googlesource.com/c/go/+/630055
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Commit-Queue: Ian Lance Taylor <iant@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com> Reviewed-by: Russ Cox <rsc@golang.org>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Damien Neil [Thu, 21 Nov 2024 16:43:23 +0000 (08:43 -0800)]
os: fix Root tests on Plan9
Fixes #70484
Change-Id: I609834aca3e97bf494565da513cd2b8a83123c89
Reviewed-on: https://go-review.googlesource.com/c/go/+/630216 Reviewed-by: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Cherry Mui [Thu, 21 Nov 2024 20:42:48 +0000 (15:42 -0500)]
hash/maphash: simplify pointer size checks
Use internal/goarch.PtrSize, instead of unsafe.Sizeof(uintptr(0)).
Change-Id: If501ae9853ed384c4b9485e2c3b0aeba03c17685
Reviewed-on: https://go-review.googlesource.com/c/go/+/630795
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Cherry Mui <cherryyz@google.com>
Xiaolin Zhao [Mon, 18 Nov 2024 08:15:36 +0000 (16:15 +0800)]
cmd/compile/internal/ssa: make _gen an actual submodule and skip it in TestStdlib
After tools CL 612038, the package astutil stops being vendored, but
_gen/rulegen.go needs to import this package.
In particular, after update golang.org/x/tools, the package astutil
is deleted from the vendor directory, and got error when run TestStdlib
in longtest. So in this CL, we make _gen an actual submodule and
skip it in TestStdlib.
Change-Id: I76f77b66427f6490b4746698711a6e307ad2ba79
Reviewed-on: https://go-review.googlesource.com/c/go/+/629015
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Cherry Mui <cherryyz@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: abner chenc <chenguoqi@loongson.cn>
Daniel McCarney [Thu, 14 Nov 2024 18:38:14 +0000 (13:38 -0500)]
crypto/pbkdf2: init package
This commit imports the x/crypto/pbkdf2 package as described in the
linked proposal. The code is unchanged with the exception of a few
small updates to reflect feedback from the proposal comment period:
* the Key function is made generic over a hash.Hash
* the h function is moved to be the first argument
* keyLen is renamed to keyLength
* an error return is added
* the unit tests were moved to the pbkdf2_test package
Updates #69488
Change-Id: If72f854daeb65a5c7fbe45ebd341e63a33340624
Reviewed-on: https://go-review.googlesource.com/c/go/+/628135 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Russ Cox <rsc@golang.org>
Michael Matloob [Thu, 21 Nov 2024 18:16:43 +0000 (13:16 -0500)]
cmd/go/internal/tool: set Internal.ExeName on tool's package
While the cached name of an executable is set based on the base name of
the package path, the executable produced as the output of link doesn't
have ExeName set on it and is just called a.out (with a .exe suffix on
Windows). Set ExeName so that the first time the binary is run, from the
directory link is run in, it has the right name for ps.
cmd/internal/obj/ppc64: support for decimal floating point instructions
1. Support for decimal arithmetic quad instructions of powerpc: DADDQ, DSUBQ, DMULQ
and DDIVQ.
2. Support for decimal compare ordered, unordered, quad instructions of powerpc:
DCMPU, DCMPO, DCMPUQ, and DCMPOQ.
Change-Id: I32a15a7f0a127b022b1f43d376e0ab0f7e9dd108
Cq-Include-Trybots: luci.golang.try:gotip-linux-ppc64_power10,gotip-linux-ppc64_power8,gotip-linux-ppc64le_power8,gotip-linux-ppc64le_power9,gotip-linux-ppc64le_power10
Reviewed-on: https://go-review.googlesource.com/c/go/+/623036
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Paul Murphy <murp@ibm.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Paul Murphy <murp@ibm.com> Reviewed-by: Cherry Mui <cherryyz@google.com>
qiulaidongfeng [Wed, 20 Nov 2024 16:01:36 +0000 (00:01 +0800)]
cmd/go: fix -changed don`t print when GOFIPS140 is non-default
See https://github.com/golang/go/issues/70200#issuecomment-2468562595,
GOFIPS140 value when building the toolchain (off when not set)
is the default value for GOFIPS140,
it is buildcfg.defaultGOFIPS140,
export as buildcfg.DefaultGOFIPS140 that can be used in the cmd/go.
For #70200
Change-Id: I5a4873a718eeefda8e65bfab51d9d3d5ad2c21b6
Reviewed-on: https://go-review.googlesource.com/c/go/+/629996 Reviewed-by: Michael Matloob <matloob@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Filippo Valsorda <filippo@golang.org>
Daniel McCarney [Mon, 18 Nov 2024 21:18:56 +0000 (22:18 +0100)]
crypto/tls: FIPS 140-3 mode
Consolidates handling of FIPS 140-3 considerations for the tls package.
Considerations specific to certificates are now handled in tls instead
of x509 to limit the area-of-effect of FIPS as much as possible.
Boringcrypto specific prefixes are renamed as appropriate.
Maksym Sobolyev [Wed, 20 Nov 2024 19:27:40 +0000 (19:27 +0000)]
runtime: utilize EVFILT_USER more effectively
Re-work kqueue_event wakeup logic to use one-shot events. In an
event of waking up a wrong thread, simply re-post the event.
This saves close to 1 system call per wakeup on average, since
chances of non-blocking poller picking it up is pretty low.
Change-Id: I202d0d57a31d91ac5354ea075215f647c65790d3
GitHub-Last-Rev: e707d4732683702bd2989f07230a2f34354c288b
GitHub-Pull-Request: golang/go#70408
Reviewed-on: https://go-review.googlesource.com/c/go/+/628975
Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Russ Cox [Thu, 21 Nov 2024 13:00:06 +0000 (08:00 -0500)]
cmd/go: sort "no test files" test results into normal ordering
The code takes care to print test results during "go test ./..."
in the package order, delaying prints until it's that package's
turn, even when tests run in parallel. For some reason, the
prints about the test not running were not included in that,
making them print out of order. Fix that, printing that result
with the usual result printer.
This is particularly noticeable during all.bash when we start
letting cmd/dist vet packages without tests.
Change-Id: If07f9fe5a6fac2b57b24d599126b451357a164e2
Reviewed-on: https://go-review.googlesource.com/c/go/+/630416
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Sam Thanawalla <samthanawalla@google.com>
Russ Cox [Wed, 20 Nov 2024 13:01:57 +0000 (08:01 -0500)]
cmd/dist: vet non-test packages in short mode
Pass all packages to go test, even if they don't have test files,
so that go test can still run vet.
I just got burned by a vet error in a package without a test
showing up when I added an (unrelated) test.
There are not enough packages without tests to be worth
the "savings" of not letting the go command vet those packages.
For #60463.
Change-Id: Ib9258655151144dce6a51deeae73d651aa46cb2c
Reviewed-on: https://go-review.googlesource.com/c/go/+/630015
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Russ Cox [Wed, 20 Nov 2024 14:23:40 +0000 (09:23 -0500)]
cmd/dist: adjust FIPS 140 tests
An earlier CL moved the actual test from crypto/internal/fips/check
to crypto/internal/fipstest (now crypto/internal/fips140test),
so this cmd/dist check has been doing nothing for a little while.
Fix it to do what it intends.
Also run the actual crypto package tests in FIPS mode in long mode.
Change-Id: Iea8113376b95ec068a459cb8f3d0e77d3e2340f6
Reviewed-on: https://go-review.googlesource.com/c/go/+/630116 Reviewed-by: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Michael Pratt [Thu, 21 Nov 2024 14:51:44 +0000 (09:51 -0500)]
reflect: set swissmap GroupSize
This was missed in CL 627716.
For #54766.
Change-Id: Ib987efa8abe6e89367e2e1b71a33b64ac6b01b1f
Reviewed-on: https://go-review.googlesource.com/c/go/+/630279 Reviewed-by: Keith Randall <khr@google.com> Reviewed-by: Keith Randall <khr@golang.org>
Auto-Submit: Michael Pratt <mpratt@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Michael Matloob [Thu, 21 Nov 2024 14:55:32 +0000 (14:55 +0000)]
cmd/go remove base.ShortPathConservative
This CL rolls forward CL 630276, fixing the issues with the longtest builders that required the revert in CL 630317.
The change this CL makes compared to CL 630276 is adding the
shortPathErrorList function to rewrite the paths in the modfile.Errors
in a modfile.ErrorList using base.ShortPath and calling it on the error
returned from modfile.Parse.
The following is the commit message from the original change:
This CL first removes the base.ShortPathConservative function. It had
two classes of uses. The first was in opening files where the paths end
up in error messages. In all those cases, the non-shortened paths are
used to open the files, and ShortPath is only used for the error
messages. The second is in base.RelPaths. RelPaths will now call
ShortPath for each of the paths passed in instead of calling
RelConservative and then doing the same check as ShortPath to see if the
path is shorter.
To avoid the possibility of incorrect relative paths ending up in error
messages (that might have command lines suggested for users to run), and
to avoid the possibility of incorrect relative paths appearing in the
output of base.RelPaths, base.ShortPaths always does an os.SameFile
check to make sure that the relative path its providing is actually
correct. Since this makes ShortPath slower than just manipulating paths
(because we need to stat the files), we need to be continue to enforce
that ShortPath is only called for error messages (with the exception of
base.RelPaths and its callers).
This is a simpler way of solving the problem that base.ShortPaths
intended to solve.
For #68383
Change-Id: Ibcefb343535bd82999916b2282e9b512bb683433
Cq-Include-Trybots: luci.golang.try:gotip-windows-amd64-longtest,gotip-linux-amd64-longtest
Reviewed-on: https://go-review.googlesource.com/c/go/+/630280
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Sam Thanawalla <samthanawalla@google.com>
Damien Neil [Thu, 21 Nov 2024 01:00:57 +0000 (17:00 -0800)]
os: recognize EFTYPE, EINVAL as a refusal to open a symlink
NetBSD returns EFTYPE when opening a symlink with O_NOFOLLOW.
Dragonfly seems to return EINVAL. Only check for EINVAL on Dragonfly,
since that seems like a bit of a broad net.
Change-Id: I031357816f1fe4c370373001207e65996087597f
Reviewed-on: https://go-review.googlesource.com/c/go/+/630396
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Keith Randall [Thu, 21 Nov 2024 01:48:30 +0000 (17:48 -0800)]
cmd/compile: fix rewrite rules for multiply/add
x - (y - c) == (x - y) + c, not (x - y) - c. Oops.
Fixes #70481
Change-Id: I0e54d8e65dd9843c6b92c543ac69d69ee21f617c
Reviewed-on: https://go-review.googlesource.com/c/go/+/630397
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: David Chase <drchase@google.com> Reviewed-by: Keith Randall <khr@google.com> Reviewed-by: Jakub Ciolek <jakub@ciolek.dev>
Auto-Submit: Keith Randall <khr@golang.org>
Michael Matloob [Fri, 13 Sep 2024 15:06:06 +0000 (11:06 -0400)]
cmd/go: cache executables built for go run
This change implements executable caching. It always caches the outputs of
link steps used by go run. To do so we need to make a few changes:
The first is that we want to cache binaries in a slightly different
location than we cache other outputs. The reason for doing so is so that
the name of the file could be the name of the program built. Instead of
placing the files in $GOCACHE/<two digit prefix>/<hash>-d, we place them
in $GOCACHE/<two digit prefix>/<hash>-d/<executable name>. This is done
by adding a new function called PutExecutable that works differently
from Put in two ways: first, it causes the binaries to written 0777
rather than 0666 so they can be executed. Second, PutExecutable also
writes its outputs to a new location in a directory with the output id
based name, with the file named based on p.Internal.ExeName or otherwise
the base name of the package (plus the .exe suffix on Windows).
The next changes are for writing and reading binaries from the cache. In
cmd/go/internal/work.updateBuildID, which updates build ids to the
content based id and then writes outputs to the cache, we first make the
change to always write the content based id into a binary. This is
because we won't be throwing the binaries away after running them. Then,
if the action is a link action, and we enabled excutable caching for the
action, we write the output to the binary cache.
When reading binaries, in the useCache function, we switch to using the
binary cache, and we also print the cached link outputs (which are
stored using the build action's action id).
Finally, we change go run to execute the built output from the cache.
The support for caching tools defined in a module that are run by go
tool will also use this functionality.
Fixes #69290
For #48429
Change-Id: Ic5f1d3b29d8e9786fd0d564460e3a5f53e951f41
Reviewed-on: https://go-review.googlesource.com/c/go/+/613095 Reviewed-by: Ian Lance Taylor <iant@golang.org> Reviewed-by: Alan Donovan <adonovan@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Method receivers that denote cgo-generated types are not permitted
per issues #60725 and #57926. There's no need to collect such methods
in the first place. Simplify Checker.resolveBaseTypeName so that it
doesn't find a base type name in these cases.
Also, simplify the test case for issue #59944 and update it to use
current cgo-generated output.
For #60725.
For #57926.
For #59944.
Change-Id: I70594daebc3d4d594c5b06be138f66f8927b0e58
Reviewed-on: https://go-review.googlesource.com/c/go/+/630395 Reviewed-by: Robert Findley <rfindley@google.com> Reviewed-by: Robert Griesemer <gri@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Robert Griesemer <gri@google.com>
Robert Griesemer [Wed, 20 Nov 2024 21:57:23 +0000 (13:57 -0800)]
go/types, types: better error message position for invalid receiver errors
Errors related to invalid receivers are based on the receiver base type.
Position the error message at the receiver base type, not the receiver
variable.
Add an additional example with an (invalid) generic receiver type.
Also, fix a panic when the code is run w/o Alias types enabled.
Change-Id: I610df171e4c447bbe03b904937c12e4170508b3b
Reviewed-on: https://go-review.googlesource.com/c/go/+/630376 Reviewed-by: Tim King <taking@google.com>
Auto-Submit: Robert Griesemer <gri@google.com> Reviewed-by: Robert Findley <rfindley@google.com> Reviewed-by: Robert Griesemer <gri@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Ian Lance Taylor [Wed, 20 Nov 2024 22:21:33 +0000 (14:21 -0800)]
cmd/cgo/internal/testsanitizers: use t.TempDir
Change-Id: I6b2c25ab045aaec8bb6c25511b12d178d155fc25
Reviewed-on: https://go-review.googlesource.com/c/go/+/630338 Reviewed-by: Cherry Mui <cherryyz@google.com>
Commit-Queue: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Ian Lance Taylor [Wed, 20 Nov 2024 22:18:58 +0000 (14:18 -0800)]
cmd/cgo/internal/testsanitizers: don't create fuzz corpus
The TestASANFuzz test would sometimes create a fuzz corpus
in testdata/testdata/FuzzReverse. Avoid modifying the source
directory by building the test with "go test -c" and running
it in a temporary directory.
Change-Id: I12e2da4c85165fa35e0dc1aa6b46c6d0fbccaab8
Reviewed-on: https://go-review.googlesource.com/c/go/+/630377
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Cherry Mui <cherryyz@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Commit-Queue: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Rhys Hiltner [Mon, 18 Nov 2024 19:48:28 +0000 (11:48 -0800)]
runtime: clean up new lock2 structure
Simplify some flow control, as suggested on https://go.dev/cl/620435.
The MutexCapture microbenchmark shows a bit of throughput improvement at
moderate levels of contention, and little change to capture and
starvation. (Note that the capture and starvation figures below are in
terms of power-of-two buckets multiplied by throughput, so they either
follow similar patterns or move by a factor of two.)
Change-Id: I36106e1baf8afd132f1568748d1b83b797fa260e
Reviewed-on: https://go-review.googlesource.com/c/go/+/629415 Reviewed-by: Michael Knyszek <mknyszek@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Rhys Hiltner <rhys.hiltner@gmail.com>
Damien Neil [Tue, 19 Nov 2024 02:09:17 +0000 (18:09 -0800)]
os: add OpenInRoot
For #67002
Change-Id: If919ee8a5e3d90e91c7848330762e3254245fba1
Reviewed-on: https://go-review.googlesource.com/c/go/+/629555 Reviewed-by: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Damien Neil [Tue, 19 Nov 2024 01:49:14 +0000 (17:49 -0800)]
os: add Root.FS
For #67002
Change-Id: Ib687c92d645b9172677e5781a3e51ef1a0427c30
Reviewed-on: https://go-review.googlesource.com/c/go/+/629518 Reviewed-by: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Junyang Shao [Wed, 13 Nov 2024 23:34:51 +0000 (07:34 +0800)]
cmd/compile,testing: implement one-time rampup logic for testing.B.Loop
testing.B.Loop now does its own loop scheduling without interaction with b.N.
b.N will be updated to the actual iterations b.Loop controls when b.Loop returns false.
This CL also added tests for fixed iteration count (benchtime=100x case).
This CL also ensured that b.Loop() is inlined.
For #61515
Change-Id: Ia15f4462f4830ef4ec51327520ff59910eb4bb58
Reviewed-on: https://go-review.googlesource.com/c/go/+/627755 Reviewed-by: Michael Pratt <mpratt@google.com>
Commit-Queue: Junyang Shao <shaojunyang@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Cherry Mui <cherryyz@google.com>
Michael Pratt [Mon, 4 Nov 2024 17:41:33 +0000 (12:41 -0500)]
cmd/compile: intrinsify swissmap match calls with SIMD on amd64
Use similar SIMD operations to the ones used in Abseil. We still
using 8-slot groups (even though the XMM registers could handle 16-slot
groups) to keep the implementation simpler (no changes to the memory
layout of maps).
Still, the implementations of matchH2 and matchEmpty are shorter than
the portable version using standard arithmetic operations. They also
return a packed bitset, which avoids the need to shift in bitset.first.
That said, the packed bitset is a downside in cognitive complexity, as
we have to think about two different possible representations. This
doesn't leak out of the API, but we do need to intrinsify bitset to
switch to a compatible implementation.
The compiler's intrinsics don't support intrinsifying methods, so the
implementations move to free functions.
This makes operations between 0-3% faster on my machine. e.g.,
Robert Griesemer [Wed, 20 Nov 2024 20:50:54 +0000 (12:50 -0800)]
doc: document new restriction on cgo-generated method receicer types
Follow-up on CL 629715.
For #60725.
Change-Id: I1b980ad44f73550b633c74fc881c70255e7d8565
Reviewed-on: https://go-review.googlesource.com/c/go/+/630335
Auto-Submit: Robert Griesemer <gri@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com> Reviewed-by: Robert Griesemer <gri@google.com>
TryBot-Bypass: Robert Griesemer <gri@google.com>
Michael Matloob [Wed, 20 Nov 2024 18:39:14 +0000 (13:39 -0500)]
cmd/go: remove base.ShortPathConservative
This CL first removes the base.ShortPathConservative function. It had
two classes of uses. The first was in opening files where the paths end
up in error messages. In all those cases, the non-shortened paths are
used to open the files, and ShortPath is only used for the error
messages. The second is in base.RelPaths. RelPaths will now call
ShortPath for each of the paths passed in instead of calling
RelConservative and then doing the same check as ShortPath to see if the
path is shorter.
To avoid the possibility of incorrect relative paths ending up in error
messages (that might have command lines suggested for users to run), and
to avoid the possibility of incorrect relative paths appearing in the
output of base.RelPaths, base.ShortPaths always does an os.SameFile
check to make sure that the relative path its providing is actually
correct. Since this makes ShortPath slower than just manipulating paths
(because we need to stat the files), we need to be continue to enforce
that ShortPath is only called for error messages (with the exception of
base.RelPaths and its callers).
This is a simpler way of solving the problem that base.ShortPaths
intended to solve.
For #68383
Change-Id: I474f464f51a9acb2250069dea3054b55d95a4ab4
Reviewed-on: https://go-review.googlesource.com/c/go/+/630276
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Sam Thanawalla <samthanawalla@google.com>
Now that crypto/internal/fips140deps has been checked in,
we can enforce the full restrictions in the go command:
crypto/internal/fips can only import crypto/internal, not internal/...
Change-Id: I035470dbd478a5997c37ffabd268117969ed00a5
Reviewed-on: https://go-review.googlesource.com/c/go/+/630135 Reviewed-by: Sam Thanawalla <samthanawalla@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Michael Matloob <matloob@golang.org>
Auto-Submit: Russ Cox <rsc@golang.org>
Russ Cox [Wed, 20 Nov 2024 14:03:35 +0000 (09:03 -0500)]
all: rename crypto/internal/fips to crypto/internal/fips140
Sometimes we've used the 140 suffix (GOFIPS140, crypto/fips140)
and sometimes not (crypto/internal/fips, cmd/go/internal/fips).
Use it always, to avoid having to remember which is which.
Also, there are other FIPS standards, like AES (FIPS 197), SHA-2 (FIPS 180),
and so on, which have nothing to do with FIPS 140. Best to be clear.
For #70123.
Change-Id: I33b29dabd9e8b2703d2af25e428f88bc81c7c307
Reviewed-on: https://go-review.googlesource.com/c/go/+/630115 Reviewed-by: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Russ Cox <rsc@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
qmuntal [Wed, 20 Nov 2024 15:02:03 +0000 (16:02 +0100)]
cmd/cgo/internal/testsanitizers: fix TSAN tests using setarch
Some systems don't have permissions to run setarch, for example
when running in a docker container without the --privileged flag.
This change makes the tests skip the setarch command if it fails.
Fixes #70463
Cq-Include-Trybots: luci.golang.try:gotip-linux-amd64-asan-clang15
Change-Id: I02fbd423ba809f5229b8639c9abe6fd275f32558
Reviewed-on: https://go-review.googlesource.com/c/go/+/630096
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Robert Griesemer [Tue, 19 Nov 2024 18:28:45 +0000 (10:28 -0800)]
go/types, types2: disallow new methods on (aliases to) cgo-generated types
This makes methods on aliases of cgo-generated types a new compiler error.
That is ok because cgo-behavior is not covered by the G1 compatibility
guarantee.
Background: In 2023 we fixed a gopls issue related to this by actually
enabling methods on cgo-generated types in the first place (#59944).
See the discussion in #60725 and this CL for why we believe it is ok
to make this an error now.
Based on a variation of CL 503596 (by Xie Cui).
Fixes #60725.
For #59944.
Change-Id: I7e9e6e1a76447167483a282b268f5183214027c9
Reviewed-on: https://go-review.googlesource.com/c/go/+/629715 Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Robert Griesemer <gri@google.com> Reviewed-by: Robert Findley <rfindley@google.com> Reviewed-by: Robert Griesemer <gri@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Robert Griesemer [Mon, 18 Nov 2024 20:45:17 +0000 (12:45 -0800)]
go/types, types2: disallow new methods on generic alias and instantiated types
If the receiver is an alias declaring type parameters, report
an error and ensure that the receiver type remains invalid.
Collect type parameters etc. as before but do not attempt to
find their constraints or instantiate the receiver type.
The constraints of the type parameters will be invalid by
default. The receiver type will not be (lazily) instantiated
which causes problems with existing invariants.
If a receiver denotes an instantiated (alias or defined) type,
report an error and ensure that the receiver type remains invalid.
While at it, add more comments and bring go/types and types2
closer together where there were differences.
Fixes #70417.
Change-Id: I87ef0b42d2f70464664cacc410f4b7eb1c994241
Reviewed-on: https://go-review.googlesource.com/c/go/+/629080 Reviewed-by: Robert Findley <rfindley@google.com>
Auto-Submit: Robert Griesemer <gri@google.com> Reviewed-by: Robert Griesemer <gri@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Michael Anthony Knyszek [Wed, 20 Nov 2024 19:24:56 +0000 (19:24 +0000)]
runtime: keep cleanup closure alive across adding the cleanup special
This is similar to the weak handle bug in #70455. In short, there's a
window where a heap-allocated value is only visible through a special
that has not been made visible to the GC yet.
For #70455.
Change-Id: Ic2bb2c60d422a5bc5dab8d971cfc26ff6d7622bc
Reviewed-on: https://go-review.googlesource.com/c/go/+/630277
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com> Reviewed-by: Carlos Amedee <carlos@golang.org>
Michael Anthony Knyszek [Wed, 20 Nov 2024 19:12:58 +0000 (19:12 +0000)]
runtime: explicitly keep handle alive during getOrAddWeakHandle
getOrAddWeakHandle is very careful about keeping its input alive across
the operation, but not very careful about keeping the heap-allocated
handle it creates alive. In fact, there's a window in this function
where it is *only* visible via the special. Specifically, the window of
time between when the handle is stored in the special and when the
special actually becomes visible to the GC.
(If we fail to add the special because it already exists, that case is
fine. We don't even use the same handle value, but the one we obtain
from the attached GC-visible special, *and* we return that value, so it
remains live.)
Fixes #70455.
Change-Id: Iadaff0cfb93bcaf61ba2b05be7fa0519c481de82
Reviewed-on: https://go-review.googlesource.com/c/go/+/630315
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com> Reviewed-by: Cherry Mui <cherryyz@google.com> Reviewed-by: Carlos Amedee <carlos@golang.org>
Robert Griesemer [Tue, 19 Nov 2024 04:06:13 +0000 (20:06 -0800)]
spec: document restrictions for method receivers that are aliases
For #70417.
Change-Id: I5e6b3011f356c7ecd8f64f5dcf0a6a77dcb21bbf
Reviewed-on: https://go-review.googlesource.com/c/go/+/629577
Auto-Submit: Robert Griesemer <gri@google.com>
TryBot-Bypass: Robert Griesemer <gri@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com> Reviewed-by: Robert Griesemer <gri@google.com>
Roland Shoemaker [Wed, 20 Nov 2024 19:06:35 +0000 (11:06 -0800)]
doc/godebug: document we removed x509sha1
Change-Id: I4a4ff0b9e0d3584b96e414d60b889d68fa8660c0
Reviewed-on: https://go-review.googlesource.com/c/go/+/630236
Auto-Submit: Roland Shoemaker <roland@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
GenerateKey(nil) is documented to use crypto/rand.Reader, but we didn't
have a test.
While at it, since it's documented to be equivalent to NewKeyFromSeed,
actually implement it that way. This has the probably good side effect
of making it deterministic in FIPS mode. The other GenerateKey use
MaybeReadByte, so can change, but this one is probably worth keeping
deterministic. It's just slightly less compliant, but ok as long as
crypto/rand.Reader is the default one.
Intentionally leaving crypto/internal/fips/ed25519.GenerateKey in, in
case we need to switch to it during the life of the module.
Change-Id: Ic203436ff452bb9740291b9ca17f85aa6ae20b6e
Reviewed-on: https://go-review.googlesource.com/c/go/+/630099
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Brian Gabin [Mon, 21 Oct 2024 04:58:08 +0000 (21:58 -0700)]
cmd/go/testdata/script: restrict test to check only exe name
Avoid test failures caused by 'v2' in user environment paths.
Modify the test to check only the output executable name and ensure it is not 'v2', rather than inspecting the entire path.
Fixes #67989
Change-Id: Ida2131f6c9b41724df1b6b5e31413252c5009d25
Reviewed-on: https://go-review.googlesource.com/c/go/+/621315
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Sam Thanawalla <samthanawalla@google.com> Reviewed-by: Michael Matloob <matloob@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com> Reviewed-by: Sam Thanawalla <samthanawalla@google.com>
Roland Shoemaker [Fri, 15 Nov 2024 15:40:49 +0000 (07:40 -0800)]
cmd/go: enforce -Wl,--push-state logic only when it is a prefix
Make sure we only run the --push-state logic when -Wl,--push-state is a
prefix of the argument, not just present in the argument string.
Thanks to Juho Forsén of Mattermost for reporting this issue.
Change-Id: I799f7854ff680674fd84cf2136fadf70817fc7e2
Reviewed-on: https://go-review.googlesource.com/c/go/+/628415
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Running `go tool` with no arguments will now list built in tools
followed by module defined tools.
Running `go tool X` where X matches either the full package path,
or the last segment of the package path, of a defined tool will
build the tool to a known location and immediately execute it.
For golang/go#48429
Change-Id: I02249df8dad12fb74aa244002f82a81af20e732f
Reviewed-on: https://go-review.googlesource.com/c/go/+/534817 Reviewed-by: Michael Matloob <matloob@golang.org> Reviewed-by: Sam Thanawalla <samthanawalla@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>