Jorropo [Wed, 4 Dec 2024 03:50:29 +0000 (04:50 +0100)]
sync/atomic: add missing leak tests for And & Or
Theses tests were forgot because when CL 462298 was originally written
And & Or atomics were not available in go.
Git were smart enough to rebase over And's & Or's addition.
After most reviews and before merging it were pointed I should
make theses new intrinsics noescape.
When doing this last minute addition I forgot to add tests.
Change-Id: I457f98315c0aee91d5743058ab76f256856cb782
Reviewed-on: https://go-review.googlesource.com/c/go/+/633416 Reviewed-by: Keith Randall <khr@golang.org> Reviewed-by: Keith Randall <khr@google.com> Reviewed-by: David Chase <drchase@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Jorropo [Wed, 4 Dec 2024 12:07:08 +0000 (13:07 +0100)]
math/rand/v2: replace <= 0 with == 0 for Uint function docs
This harmonize the docs with (*Rand).Uint* functions.
And it make it clearer, I wasn't sure if it would try to interpret
the uint as a signed number somehow, it does not pull any surprises
make that clear.
Change-Id: I5a87a0a5563dbabfc31e536e40ee69b11f5cb6cf
Reviewed-on: https://go-review.googlesource.com/c/go/+/633535
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Commit-Queue: Ian Lance Taylor <iant@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Robert Griesemer <gri@google.com>
Alexey Palazhchenko [Wed, 4 Dec 2024 03:19:08 +0000 (03:19 +0000)]
runtime: remove "hall of shame" comment from public documentation
See https://pkg.go.dev/runtime@go1.23.4#FuncForPC
The updated comment uses the same format as bytes.Repeat and math.Float32bits.
Change-Id: Idfbc38645e6b0f03fb07f294c4c79b997d9a01a1
GitHub-Last-Rev: 00fa155c75fb625be84edeadff49276e6cddc42c
GitHub-Pull-Request: golang/go#70671
Reviewed-on: https://go-review.googlesource.com/c/go/+/633475
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Michael Knyszek <mknyszek@google.com>
Sean Liao [Tue, 3 Dec 2024 22:41:38 +0000 (22:41 +0000)]
sync: document RWMutex locks cannot be upgraded / downgraded
Fixes #38859
Change-Id: I9f4f6fa4cb529aaadfb3812e3a5c0da982a95f68
Reviewed-on: https://go-review.googlesource.com/c/go/+/633415
Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Michael Knyszek <mknyszek@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Robert Griesemer [Tue, 3 Dec 2024 21:55:47 +0000 (13:55 -0800)]
doc/next: minor grammar fix in release notes
For #66626.
For #68545.
Change-Id: I4fe21bdaa9580eb087c849de72e98f6145121dd0
Reviewed-on: https://go-review.googlesource.com/c/go/+/633282 Reviewed-by: Robert Griesemer <gri@google.com>
Auto-Submit: Robert Griesemer <gri@google.com> Reviewed-by: Alan Donovan <adonovan@google.com>
TryBot-Bypass: Robert Griesemer <gri@google.com>
Michael Anthony Knyszek [Mon, 2 Dec 2024 19:10:37 +0000 (19:10 +0000)]
cmd/link/internal/ld: work around FreeBSD 14.1 cmd/cgo test link failure
On FreeBSD 14.1 we fail to link against C code with internal linking.
The symptom is apparently undefined symbols, but explicitly pointing the
linker at compiler-rt for -libgcc fixes the issue. This looks a lot like
the workaround on OpenBSD, but the symptom is different.
--print-libgcc-file-name produces libclang_rt.builtins-x86_64.a which
appears to be an insufficient subset of libcompiler_rt.a.
For #61095.
Change-Id: Iff5affbc923d69c89d671a69d8f4ecaadac42177
Cq-Include-Trybots: luci.golang.try:gotip-freebsd-amd64
Reviewed-on: https://go-review.googlesource.com/c/go/+/632975
Auto-Submit: Michael Knyszek <mknyszek@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Run-TryBot: Michael Knyszek <mknyszek@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com>
Russ Cox [Mon, 2 Dec 2024 22:13:49 +0000 (17:13 -0500)]
crypto/internal/fips140/bigmod: disable race detector on tight loops
These kinds of loops over all words of a Nat
were in assembly in math/big, so the race detector
did not instrument them. Now that they are in Go,
they dramatically slow down crypto code under the
race detector. Disable instrumenting them, just like
if they were still in assembly.
goos: darwin
goarch: arm64
cpu: Apple M3 Pro
race: on
cuishuang [Mon, 2 Dec 2024 10:12:12 +0000 (18:12 +0800)]
sort: add examples for SearchStrings, SliceIsSorted
Change-Id: I80b5c99bd8626be6e347f535579c864a565685db
Reviewed-on: https://go-review.googlesource.com/c/go/+/632775 Reviewed-by: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Michael Knyszek <mknyszek@google.com>
Junyang Shao [Sat, 30 Nov 2024 04:15:07 +0000 (04:15 +0000)]
cmd/compile: fix a premature-deallocation of state in loopreschedchecks
lastMems is free-ed before it's actually used. This results in the pass
breaking: multiple mem phis will present in the instrumented ssa, and
essentially break tighten
pass(https://cs.opensource.google/go/go/+/master:src/cmd/compile/internal/ssa/tighten.go;l=240).
This CL fix that.
Change-Id: I30cf0c3300ed59d1a15d978757a3840fbe04484d
Reviewed-on: https://go-review.googlesource.com/c/go/+/632516
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: David Chase <drchase@google.com> Reviewed-by: Cherry Mui <cherryyz@google.com>
Cherry Mui [Mon, 2 Dec 2024 04:53:23 +0000 (23:53 -0500)]
hash/maphash, cmd/compile: make Comparable[string] not escape its argument
Currently, maphash.Comparable forces its argument to escape if it
contains a pointer, as we cannot hash stack pointers, which will
change when the stack moves. However, for a string, it is actually
okay if its data pointer points to the stack, as the hash depends
on only the content, not the pointer.
Currently there is no way to write this type-dependent escape
logic in Go code. So we implement it in the compiler as an
intrinsic. The compiler can also recognize not just the string
type, but types whose pointers are all string pointers, and make
them not escape.
Fixes #70560.
Change-Id: I3bf219ad71a238d2e35f0ea33de96487bc8cc231
Reviewed-on: https://go-review.googlesource.com/c/go/+/632715 Reviewed-by: David Chase <drchase@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Dmitri Shuralyov [Sun, 1 Dec 2024 22:22:19 +0000 (17:22 -0500)]
testing: consider -N suffix after benchmark name optional
A "-N" suffix is left out when GOMAXPROCS is 1.
Also match at least 1 space (\s+ instead of \s*), remove trailing '.*'
(it's a no-op), and make the test error message style more consistent
while here.
For #61515.
Fixes #70627.
Change-Id: Id0a17478ac31e2934a663dd0d3b1b37f24974989
Cq-Include-Trybots: luci.golang.try:gotip-plan9-386
Reviewed-on: https://go-review.googlesource.com/c/go/+/632655 Reviewed-by: Junyang Shao <shaojunyang@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com>
Filippo Valsorda [Fri, 29 Nov 2024 14:38:48 +0000 (15:38 +0100)]
crypto/x509: keep RSA CRT values in ParsePKCS1PrivateKey
Turns out that recomputing them (and qInv in particular) in constant
time is expensive, so let's not throw them away when they are available.
They are much faster to check, so we now do that on precompute.
Also, thanks to the opaque crypto/internal/fips140/rsa.PrivateKey type,
we now have some assurance that the values we use are always ones we
checked.
Recovers most of the performance loss since CL 630516 in the happy path.
Also, since now we always use the CRT, if necessary by running a
throwaway Precompute, which is now cheap if PrecomputedValues is filled
out, we effectively fixed the JSON round-trip slowdown (#59695).
goos: darwin
goarch: arm64
pkg: crypto/rsa
cpu: Apple M2
│ 3b42687c56 │ f017604bc6-dirty │
│ sec/op │ sec/op vs base │
ParsePKCS8PrivateKey/2048-8 26.76µ ± 1% 65.99µ ± 1% +146.64% (p=0.002 n=6)
Fixes #59695
Updates #69799
For #69536
Change-Id: I507f8c5a32e69ab28990a3bf78959836b9b08cc9
Reviewed-on: https://go-review.googlesource.com/c/go/+/632478
Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: Russ Cox <rsc@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Roland Shoemaker <roland@golang.org>
Filippo Valsorda [Fri, 29 Nov 2024 12:15:11 +0000 (13:15 +0100)]
crypto/rsa: move precomputation to crypto/internal/fips140/rsa
We are severely limited by the crypto/rsa API in a few ways:
- Precompute doesn't return an error, but is the only function allowed
to modify a PrivateKey.
- Clients presumably expect the PrecomputedValues big.Ints to be
populated after Precompute.
- MarshalPKCS1PrivateKey requires the precomputed values, and doesn't
have an error return.
- PrivateKeys with only N, e, and D have worked so far, so they might
have to keep working.
To move precomputation to the FIPS module, we focus on the happy path of
a PrivateKey with two primes where Precompute is called before anything
else, which match ParsePKCS1PrivateKey and GenerateKey.
There is a significant slowdown in the Parse benchmark due to the
constant-time inversion of qInv. This will be addressed in a follow-up
CL that will use (and check) the value in the ASN.1.
Note that the prime product check now moved to checkPrivateKey is broken
(Π should start at 1 not 0) and fixed in CL 632478.
Updates #69799
For #69536
Change-Id: I95a8bc1244755c6d15d7c4eb179135a15608ddd6
Reviewed-on: https://go-review.googlesource.com/c/go/+/632476
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: Russ Cox <rsc@golang.org>
We now require Modulus to be > 1 because we don't want to worry about 1
being out of range. There is no use for a Modulus of 1 anyway, and we
already return an error from NewModulus.
Dmitri Shuralyov [Wed, 27 Nov 2024 16:34:09 +0000 (11:34 -0500)]
doc/next: organize 9-todo.md items by category
Most items that need to be done are tracked in release-blocking issues,
but a few are not. Make it easier to understand and track their status.
For #68545.
Change-Id: I1cb31e67d2d868a82ee592c9adb31bc5dd558d67
Reviewed-on: https://go-review.googlesource.com/c/go/+/632195 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Cherry Mui <cherryyz@google.com>
Tim King [Wed, 27 Nov 2024 21:57:06 +0000 (13:57 -0800)]
doc/next: document buildtag changes
Fixes #64127
Change-Id: I1562953caa3b1b2bc5dd3b7692671e0f3d5d2b9b
Reviewed-on: https://go-review.googlesource.com/c/go/+/632355
Commit-Queue: Tim King <taking@google.com> Reviewed-by: Alan Donovan <adonovan@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Tim King [Wed, 27 Nov 2024 21:13:07 +0000 (13:13 -0800)]
doc/next: document copylock changes
Fixes #66387
Change-Id: Ida9381d1ea83bcceaba460014fac3d0c13ccdbff
Reviewed-on: https://go-review.googlesource.com/c/go/+/632315
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Commit-Queue: Tim King <taking@google.com> Reviewed-by: Alan Donovan <adonovan@google.com>
Robert Griesemer [Wed, 27 Nov 2024 19:36:53 +0000 (11:36 -0800)]
go/types, types2: fix printing of error message with variadic calls
Distinguish between variadic signatures and argument lists to
(possibly variadic) functions and place `...` before or after
the last type in the list of types.
Fixes a panic.
Fixes #70526.
Change-Id: I77aba8f50984a21ebcdb62582030f2d0fe0eb097
Reviewed-on: https://go-review.googlesource.com/c/go/+/632275 Reviewed-by: Alan Donovan <adonovan@google.com>
Auto-Submit: Robert Griesemer <gri@google.com> Reviewed-by: Robert Findley <rfindley@google.com> Reviewed-by: Robert Griesemer <gri@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Dmitri Shuralyov [Tue, 26 Nov 2024 23:59:03 +0000 (18:59 -0500)]
doc/next: update with reviewed output from relnote todo
This is the result of running relnote todo today and reviewing its
output. Most of the remaining items that still need to be added to
Go 1.24 release notes are now tracked in release blocking issues.
For a few where it's less clear, I opted to comment on issues.
A good number of items were proposals that affect golang.org/x repos
and don't need to be mentioned in Go 1.24 release notes; they're now
annotated as such.
For #68545.
Change-Id: I4dc7f6d2cf5ab9e68bce83d01413224f80384e2f
Reviewed-on: https://go-review.googlesource.com/c/go/+/631684
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Cherry Mui <cherryyz@google.com>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Adam Bender [Tue, 26 Nov 2024 01:52:25 +0000 (17:52 -0800)]
os/exec: edit comment to remove invalid link
Update comment to remove link formatting that doesn't turn into a link, because the target field is not a top-level member of the package. Re-word comment slightly.
Change-Id: I43ebd8fb105b772a4362c0c763e6464321a92747
Reviewed-on: https://go-review.googlesource.com/c/go/+/631856 Reviewed-by: Veronica Silina <veronicasilina@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Felix Geisendörfer [Tue, 26 Nov 2024 08:10:22 +0000 (09:10 +0100)]
cmd/trace: also show end stack traces
Fix a regression that appeared in 1.23 when it comes to the stack traces
shown in the trace viewer. In 1.22 and earlier, the viewer was always
showing end stack traces. In 1.23 and later the viewer started to
exclusively show start stack traces.
Showing only the start stack traces made it impossible to see the last
stack trace produced by a goroutine. It also made it hard to understand
why a goroutine went off-cpu, as one had to hunt down the next running
slice of the same goroutine.
Emit end stack traces in addition to start stack traces to fix the
issue.
Fixes #70570
Change-Id: Ib22ea61388c1d94cdbc99fae2d207c4dce011a59
Reviewed-on: https://go-review.googlesource.com/c/go/+/631895
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Michael Pratt <mpratt@google.com>
Auto-Submit: Felix Geisendörfer <felix.geisendoerfer@datadoghq.com> Reviewed-by: Nick Ripley <nick.ripley@datadoghq.com> Reviewed-by: Michael Knyszek <mknyszek@google.com>
Robert Griesemer [Wed, 27 Nov 2024 02:02:56 +0000 (18:02 -0800)]
doc/next: document new language feature (alias type parameters)
For #46477.
For #68545.
Change-Id: I54a36f24167a1f909a865f8f6cf416d7378faa4e
Reviewed-on: https://go-review.googlesource.com/c/go/+/632055 Reviewed-by: Robert Griesemer <gri@google.com>
TryBot-Bypass: Robert Griesemer <gri@google.com>
Auto-Submit: Robert Griesemer <gri@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Roland Shoemaker [Tue, 26 Nov 2024 23:13:49 +0000 (15:13 -0800)]
doc: add note about crypto/x509 serial generation
Fixes #67675
Change-Id: I102c779c2a0ccaf6572be354fec3153a0a0a32eb
Reviewed-on: https://go-review.googlesource.com/c/go/+/631683
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Roland Shoemaker <roland@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Ian Lance Taylor [Tue, 26 Nov 2024 20:52:31 +0000 (12:52 -0800)]
doc/next: add notes for new #cgo annotations
Fixes #56378
Change-Id: Ibeaa5aa67e017be0da8797e4c87abf2ee0249db8
Reviewed-on: https://go-review.googlesource.com/c/go/+/632015
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Ian Lance Taylor <iant@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
Commit-Queue: Ian Lance Taylor <iant@google.com>
Roland Shoemaker [Tue, 26 Nov 2024 18:18:50 +0000 (10:18 -0800)]
doc: add note about x509sha1 removal
Fixes #41682
Change-Id: I73aa4991a6df8dfb90720bd66f2a8a53c3ca3504
Reviewed-on: https://go-review.googlesource.com/c/go/+/631677 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
Auto-Submit: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Damien Neil [Mon, 25 Nov 2024 19:27:33 +0000 (11:27 -0800)]
net/http: test for racing idle conn closure and new requests
TestTransportRemovesH2ConnsAfterIdle is experiencing flaky
failures due to a bug in idle connection handling.
Upon inspection, TestTransportRemovesH2ConnsAfterIdle
is slow and (I think) not currently testing the condition
that it was added to test.
Using the new synctest package, this CL:
- Adds a test for the failure causing flakes in this test.
- Rewrites the existing test to use synctest to avoid sleeps.
- Adds a new test that covers the condition the test was
intended to examine.
The new TestTransportIdleConnRacesRequest exercises the
scenario where a never-used connection is closed by the
idle-conn timer at the same time as a new request attempts
to use it. In this race, the new request should either
successfully use the old connection (superseding the
idle timer) or should use a new connection; it should not
use the closing connection and fail.
TestTransportRemovesConnsAfterIdle verifies that
a connection is reused before the idle timer expires,
and not reused after.
TestTransportRemovesConnsAfterBroken verifies
that a connection is not reused after it encounters
an error. This exercises the bug fixed in CL 196665,
which introduced TestTransportRemovesH2ConnsAfterIdle.
For #70515
Change-Id: Id23026d2903fb15ef9a831b2df71177ea177b096
Reviewed-on: https://go-review.googlesource.com/c/go/+/631795 Reviewed-by: Jonathan Amsterdam <jba@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Damien Neil <dneil@google.com>
Damien Neil [Sat, 23 Nov 2024 01:10:01 +0000 (17:10 -0800)]
net/http: avoid redundant installation of HTTP/2 support in transport
Previously, we'd skip installing the bundled HTTP/2 support
if Transport.TLSNextProto is non-nil.
With the addition of the Transport.Protocols field, we'll
install HTTP/2 if Protocols contains HTTP2, even if TLSNextProto
is non-nil. However, we shouldn't do so if it already contains an
"h2" entry.
Change-Id: Ib086473bb52f1b76d83b1df961d41360c605832c
Reviewed-on: https://go-review.googlesource.com/c/go/+/631395
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Jonathan Amsterdam <jba@google.com>
Auto-Submit: Damien Neil <dneil@google.com>
Conrad Irwin [Fri, 22 Nov 2024 04:03:29 +0000 (21:03 -0700)]
cmd/go: pass os.Args[0] to mod tools
Fixes #70509
Change-Id: I62952c0ac5de456742b7bee3552a0d90238bfde5
Reviewed-on: https://go-review.googlesource.com/c/go/+/631075 Reviewed-by: Michael Matloob <matloob@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Ian Lance Taylor <iant@golang.org>
Dmitri Shuralyov [Fri, 22 Nov 2024 21:01:48 +0000 (16:01 -0500)]
all: update vendored dependencies [generated]
The Go 1.24 code freeze has recently started. This is a time to update
all golang.org/x/... module versions that contribute packages to the
std and cmd modules in the standard library to latest master versions.
For #36905.
[git-generate]
go install golang.org/x/build/cmd/updatestd@latest
go install golang.org/x/tools/cmd/bundle@latest
updatestd -goroot=$(pwd) -branch=master
Change-Id: I1b2e3b63ccc1137256d80c882b99ed26a66cbf6b
Reviewed-on: https://go-review.googlesource.com/c/go/+/631336 Reviewed-by: Cherry Mui <cherryyz@google.com>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
TryBot-Bypass: Dmitri Shuralyov <dmitshur@golang.org>
Carlos Amedee [Wed, 20 Nov 2024 22:20:41 +0000 (17:20 -0500)]
runtime: properly search for cleanups in cleanup.stop
This change modifies the logic which searches for existing cleanups.
The existing search logic sets the next node to the current node
in certain conditions. This would cause future searches to loop
endlessly. The existing loop could convert non-cleanup specials into
cleanups and cause data corruption.
This also changes where we release the m while we are adding a
cleanup. We are currently holding onto an p-specific gcwork after
releasing the m.
Change-Id: I0ac0b304f40910549c8df114e523c89d9f0d7a75
Reviewed-on: https://go-review.googlesource.com/c/go/+/630278
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Carlos Amedee <carlos@golang.org> Reviewed-by: David Chase <drchase@google.com> Reviewed-by: Michael Knyszek <mknyszek@google.com>
Roland Shoemaker [Mon, 7 Oct 2024 22:53:59 +0000 (15:53 -0700)]
crypto/x509: run a subset of the NIST PKI test suite
This vendors the vectors (generated using [0], derived from the
BoringSSL script which generates their test headers) and all of the
certs, but only runs the subset of the suite that is focused on policy
validation.
In the future we may want to run more of the suite, since it is focused
on path validation, not path building, the way it interacts with our
hybrid path builder/validator is kind of complicated.
Russ Cox [Fri, 22 Nov 2024 01:03:18 +0000 (20:03 -0500)]
cmd/compile, cmd/link: FIPS fixes for large programs
1. In cmd/internal/obj, only apply the exclusion list to data symbols.
Text symbols are always fine since they can use PC-relative relocations.
2. In cmd/link, only skip trampolines for text symbols in the same package
with the same type. Before, all text symbols had type STEXT, but now that
there are different sections of STEXT, we can only rely on symbols in the
same package in the same section being close enough not to need
trampolines.
Fixes #70379.
Change-Id: Ifad2bdd6001ad3b5b23e641127554e9ec374715e
Reviewed-on: https://go-review.googlesource.com/c/go/+/631036
Auto-Submit: Russ Cox <rsc@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Dmitri Shuralyov [Fri, 22 Nov 2024 04:39:47 +0000 (23:39 -0500)]
cmd/dist: don't test FIPS when ASAN is on
CL 627603 added a clear error that FIPS+ASAN doesn't work, and
disabled a test in check_test.go. The :gofips140 test variants
in cmd/dist need to be disabled as well.
Remove a return after testing.T.Skipf since it's unreachable.
For #70321.
Fixes #70496.
Change-Id: Ia53830db1260a817aff1a82cbd91b725e0791437
Cq-Include-Trybots: luci.golang.try:gotip-linux-amd64-asan-clang15
Reviewed-on: https://go-review.googlesource.com/c/go/+/631095 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Cherry Mui <cherryyz@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>
Filippo Valsorda [Thu, 21 Nov 2024 20:21:58 +0000 (21:21 +0100)]
crypto/tls: implement X25519MLKEM768
This makes three related changes that work particularly well together
and would require significant extra work to do separately: it replaces
X25519Kyber768Draft00 with X25519MLKEM768, it makes CurvePreferences
ordering crypto/tls-selected, and applies a preference to PQ key
exchange methods over key shares (to mitigate downgrades).
TestHandshakeServerUnsupportedKeyShare was removed because we are not
rejecting unsupported key shares anymore (nor do we select them, and
rejecting them actively is a MAY). It would have been nice to keep the
test to check we still continue successfully, but testClientHelloFailure
is broken in the face of any server-side behavior which requires writing
any other messages back to the client, or reading them.
Updates #69985
Fixes #69393
Change-Id: I58de76f5b8742a9bd4543fd7907c48e038507b19
Reviewed-on: https://go-review.googlesource.com/c/go/+/630775 Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Dmitri Shuralyov [Fri, 22 Nov 2024 02:24:11 +0000 (21:24 -0500)]
net/http: re-enable TestTransportServerProtocols
The h2_bundle.go update was done in CL 631035,
and the test now passes.
Fixes #67816.
Change-Id: Icd54c2774a9e2781e7dc9342ae70c3034eb9bab9
Reviewed-on: https://go-review.googlesource.com/c/go/+/631037
Auto-Submit: Damien Neil <dneil@google.com>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Damien Neil <dneil@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Filippo Valsorda [Fri, 22 Nov 2024 03:21:12 +0000 (04:21 +0100)]
crypto: implement fips140=only mode
Running the test suite in this mode is definitely not an option. Testing
this will probably look like a very long test that tries all functions.
Filed #70514 to track the tests.
For #70123
Change-Id: I6f67de83da37dd1e94e620b7f4f4f6aabe040c41
Reviewed-on: https://go-review.googlesource.com/c/go/+/631018 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Daniel McCarney [Thu, 21 Nov 2024 22:52:50 +0000 (17:52 -0500)]
crypto/mlkem: init package
This commit exposes the crypto/internal/mlkem package as a public crypto
package based on the linked proposal. Since we've already implemented
this internal to the FIPS boundary this largely defers to that
implementation.
Updates #70122
Change-Id: I5ec9c2783c4d44583244c6d16597704a51e9b738
Reviewed-on: https://go-review.googlesource.com/c/go/+/630240 Reviewed-by: Filippo Valsorda <filippo@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Filippo Valsorda [Wed, 20 Nov 2024 17:59:09 +0000 (18:59 +0100)]
crypto/ecdh: revamp FIPS ECDH API
This makes it more similar to the ECDSA API, introducing proper key
types that can correctly "cache" the key check.
The new API also has a better compliance profile. Note how the old
ECDHPnnn functions were not doing the PCT, instead delegating to the
caller an invocation of ImportKeyPnnn.
Change-Id: Ic6cf834427fd790324919b4d92bdaa2aac840016
Reviewed-on: https://go-review.googlesource.com/c/go/+/630098 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: Russ Cox <rsc@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
David Chase [Tue, 19 Nov 2024 22:18:38 +0000 (17:18 -0500)]
cmd/compile: use very high budget for once-called closures
This should make it much more likely that rangefunc
iterators become "plain inline code".
Change-Id: I8026603afdc5249f60cc663c4bc15cb1d26d1c83
Reviewed-on: https://go-review.googlesource.com/c/go/+/630696 Reviewed-by: Keith Randall <khr@golang.org>
Auto-Submit: David Chase <drchase@google.com> Reviewed-by: Keith Randall <khr@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Dmitri Shuralyov [Fri, 22 Nov 2024 00:54:12 +0000 (19:54 -0500)]
all: update golang.org/x/net [generated]
A part of the keeping Go's vendored dependencies and generated code
up to date.
This updates h2_bundle.go with unencrypted HTTP/2 support.
For #36905.
For #67816.
[git-generate]
cd src
go get golang.org/x/net@v0.31.0
go mod tidy
go mod vendor
cd cmd
go get golang.org/x/net@v0.31.0
go mod tidy
go mod vendor
go generate -run=bundle std
Change-Id: I2b77f651b990f260fbe7d551c7a819518f1c983f
Reviewed-on: https://go-review.googlesource.com/c/go/+/631035 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Damien Neil <dneil@google.com>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>
Roland Shoemaker [Sat, 16 Nov 2024 19:17:54 +0000 (11:17 -0800)]
crypto/x509: implement policy validation
Implement support for parsing the various policy related extensions,
and for validating the policy graph for chains.
Policy validation is only run if VerifyOptions.CertificatePolicies is
set. Policy validation is run after chains are built. If the computed
policy graph for a chain is invalid, the chain is removed from the set
of returned chains.
This implements the RFC 5280 algorithm as updated by
RFC 9618 [0].
Fixes #68484
[0] https://www.rfc-editor.org/rfc/rfc9618.html
Change-Id: I576432a47ddc404cba966c2b1995365944b8bd26
Reviewed-on: https://go-review.googlesource.com/c/go/+/628616
Auto-Submit: Roland Shoemaker <roland@golang.org> Reviewed-by: Filippo Valsorda <filippo@golang.org> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Richard Miller [Tue, 19 Nov 2024 12:15:26 +0000 (12:15 +0000)]
os: allow for variant plan9 error messages in TestOpenError
Different Plan 9 file servers may return different error strings
on an attempt to open a directory for writing: EISDIR, EACCES or
EPERM. TestOpenError allows for the first two, but it needs to
allow for EPERM as well.
Fixes #70440
Change-Id: I705cc086e21630ca254499ca922ede78c9901b11
Reviewed-on: https://go-review.googlesource.com/c/go/+/629635
Auto-Submit: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
TryBot-Bypass: Dmitri Shuralyov <dmitshur@golang.org>
Filippo Valsorda [Thu, 21 Nov 2024 18:10:49 +0000 (19:10 +0100)]
crypto/internal/fips140/rsa: support separate MGF1 hash for EncryptOAEP
We might or might not want to expose it, but it makes the internal API
symmetrical, and lets us decide to do it in the future without changing
the FIPS module.
Updates #65716
Change-Id: Iea431a527ab17b9f00dee4da25761cedb2c2eba0
Reviewed-on: https://go-review.googlesource.com/c/go/+/630655
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Russ Cox <rsc@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
Damien Neil [Fri, 22 Nov 2024 00:44:21 +0000 (16:44 -0800)]
net/http: skip test which depends on h2_bundle.go update
For #67816
Change-Id: I9ba3a245d6b18758944ca5e206a15892b2aa6028
Reviewed-on: https://go-review.googlesource.com/c/go/+/630976 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
Auto-Submit: Damien Neil <dneil@google.com>
Youlin Feng [Thu, 14 Nov 2024 16:13:34 +0000 (00:13 +0800)]
cmd/compile: modify CSE to remove redundant OpLocalAddrs
Remove the OpLocalAddrs that are unnecessary in the CSE pass, so the
following passes like DSE and memcombine can do its work better.
Fixes #70300
Change-Id: I600025d49eeadb3ca4f092d614428399750f69bc
Reviewed-on: https://go-review.googlesource.com/c/go/+/628075 Reviewed-by: Keith Randall <khr@google.com> Reviewed-by: David Chase <drchase@google.com>
Auto-Submit: David Chase <drchase@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Keith Randall <khr@golang.org>
Tim King [Thu, 14 Nov 2024 20:04:39 +0000 (12:04 -0800)]
internal/exportdata, cmd/compile/internal/noder: merge export data handling
Unify how go/types, types2, and noder read in unified export data from
GC-created files.
This splits FindExportData into smaller pieces for improved code
sharing.
- FindPackageDefinition finds the package definition file in the ar
archive.
- ReadObjectHeaders reads the object headers.
- ReadExportDataHeader reads the export data format header.
There is a new convenience wrapper ReadUnified that combines all of
these. This documents the expected archive contents.
Updates noder and the importers to use these.
This also adjusts when end-of-section marker ("\n$$\n") checking happens.
Change-Id: Iec2179b0a1ae7f69eb12d077018f731116a77f13
Reviewed-on: https://go-review.googlesource.com/c/go/+/628155 Reviewed-by: Robert Griesemer <gri@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Commit-Queue: Tim King <taking@google.com>
Daniel McCarney [Thu, 21 Nov 2024 01:09:50 +0000 (20:09 -0500)]
crypto/tls: test with FIPS 140-3 TLS mode
For tests that are interested in testing the difference between TLS in
FIPS 140-3 required mode or otherwise two new helpers are introduced,
runWithFIPSEnabled and runWithFIPSDisabled. They take care of forcing
the correct TLS FIPS 140-3 state regardless of the overal GODEBUG=fips
state, and restoring it afterwards.
For the tests that use features or test data not appropriate for
TLS in FIPS 140-3 required mode we add skips. For some tests we can make
them appropriate for both TLS FIPS 140-3 required or not by tweaking some
parameters that weren't important to the subject under test, but would
otherwise preclude TLS FIPS 140-3 required mode (e.g. because they used
TLS 1.0 when the test could use TLS 1.2 instead). For others, switching
test certificates to a RSA 2048 hierarchy is sufficient. We avoid
regenerating the existing RSA 1024 certs as 2048 since it would
invalidate recorded static flow data.
Tests that rely on static message flows (primarily the client and server
handshake) tests are skipped due to FIPS mode being non-deterministic
and inappropriate for this style of testing.
Change-Id: I311f3828dac890bb3ff8ebda6ed73d50f0797110
Reviewed-on: https://go-review.googlesource.com/c/go/+/629736 Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Daniel McCarney [Thu, 14 Nov 2024 19:25:44 +0000 (14:25 -0500)]
crypto/internal/fips/pbkdf2: add CAST testing
Per IG 10 3.A a module implementing PBKDF2 must perform a CAST
on the derivation of a master key. This commit adds the required CAST
test.
The salt length (16 bytes), and output length (14 bytes) for the test
are selected to meet FIPS requirements. The iteration count must be
at least 2 so we use that value exactly for the fastest self-test
allowable.
We test all underlying prerequisite algorithms (HMAC, digest algorithms)
separately.
For #69536
Change-Id: Iba9e87ab89eeec1c73adc7e56016674ac8065c39
Reviewed-on: https://go-review.googlesource.com/c/go/+/623195 Reviewed-by: Filippo Valsorda <filippo@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Roland Shoemaker <roland@golang.org>
Daniel McCarney [Thu, 14 Nov 2024 19:09:13 +0000 (14:09 -0500)]
crypto/internal/fips/pbkdf2: fips import pbkdf2
This commit lifts the internals of crypto/pbkdf2 into
crypto/internal/fips140/pbkdf2, in the FIPS module. The code
remains unchanged except for the following adjustments:
* The hash and hmac imports now come from the FIPS equivalents.
* The FIPS service indicator status is set based on the SP 800-132
requirements for PBKDF2.
For #69536
Change-Id: I61f47a652cef10505a5b40a70be5240b161a97ba
Reviewed-on: https://go-review.googlesource.com/c/go/+/619236
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Derek Parker <parkerderek86@gmail.com> Reviewed-by: Filippo Valsorda <filippo@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Ian Lance Taylor [Thu, 21 Nov 2024 21:09:20 +0000 (13:09 -0800)]
internal/copyright: close files
Fixes #70507
Change-Id: I2ab1f221ebd45fedc70d1fded29b084147eadd28
Reviewed-on: https://go-review.googlesource.com/c/go/+/630815
Auto-Submit: Ian Lance Taylor <iant@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Tim King <taking@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
Damien Neil [Mon, 4 Nov 2024 19:21:04 +0000 (11:21 -0800)]
net/http: add support for unencrypted HTTP/2
Add an UnencryptedHTTP2 protocol value.
Both Server and Transport implement "HTTP/2 with prior knowledge"
as described in RFC 9113, section 3.3. Neither supports the
deprecated HTTP/2 upgrade mechanism (RFC 7540, section 3.2 "h2c").
For Server, UnencryptedHTTP2 controls whether the server
will accept HTTP/2 connections on unencrypted ports.
When enabled, the server checks new connections for
the HTTP/2 preface and routes them appropriately.
For Transport, enabling UnencryptedHTTP2 and disabling HTTP1
causes http:// requests to be made over unencrypted HTTP/2
connections.
For #67816
Change-Id: I2763c4cdec1c2bc6bb8157edb93b94377de8a59b
Reviewed-on: https://go-review.googlesource.com/c/go/+/622976
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Keith Randall <khr@google.com> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Robert Griesemer [Thu, 21 Nov 2024 23:22:39 +0000 (15:22 -0800)]
go/parser: fix typo in tracing output (make trace match function)
Change-Id: Ia79c7c8c4245b1ff8221296bc47bcba257e153e2
Reviewed-on: https://go-review.googlesource.com/c/go/+/630895 Reviewed-by: Tim King <taking@google.com> Reviewed-by: Robert Griesemer <gri@google.com>
Auto-Submit: Robert Griesemer <gri@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
David Chase [Mon, 18 Nov 2024 19:55:12 +0000 (14:55 -0500)]
cmd/compile: refactor inline interleaving
This is intended to simplify future experiments/changes.
It does slightly change the fixedpoint order (across all
functions in a func+closures set or recursive set, but
that seems not to affect tests or benchmarks).
Change-Id: I80bcaabf277b317523e538f5fd4d2ff6dc08c033
Reviewed-on: https://go-review.googlesource.com/c/go/+/630595 Reviewed-by: Keith Randall <khr@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Keith Randall <khr@golang.org>
Michael Pratt [Thu, 21 Nov 2024 18:56:57 +0000 (13:56 -0500)]
reflect: add test of maps with keys larger than key size
This finds the bug fixed in CL 630279.
reflect mutates the SwissMapType of a map[unsafe.Pointer]unsafe.Pointer,
which happened to already have the correct GroupSize for all of the maps
used in the reflect tests.
For #54766.
Change-Id: If4428e1e799598e7512edceb3cefb2ad00cfa712
Reviewed-on: https://go-review.googlesource.com/c/go/+/630676
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Keith Randall <khr@golang.org> Reviewed-by: Keith Randall <khr@google.com>
Auto-Submit: Michael Pratt <mpratt@google.com>
Daniel McCarney [Wed, 20 Nov 2024 21:11:06 +0000 (16:11 -0500)]
crypto/hkdf: init package
This commit imports the x/crypto/hkdf package as a public crypto package
based on the linked proposal. Since we've already implemented this
internal to the FIPS boundary (mod some small changes based on the
proposal discussion) this largely defers to that implementation.
Setting GODEBUG=multipathtcp= [1] has no effects on apps using
ListenTCP or DialTCP directly.
According to the documentation, these functions are supposed to act like
Listen and Dial respectively:
ListenTCP acts like Listen for TCP networks.
DialTCP acts like Dial for TCP networks.
So when reading this, I think we should expect GODEBUG=multipathtcp= to
act on these functions as well.
Also, since #69016, MPTCP is used by default (if supported) with TCP
listeners. Similarly, when ListenTCP is used directly, MPTCP is
unexpectedly not used. It is strange to have a different behaviour.
So now, ListenTCP and DialTCP also check for MPTCP. Those are the exact
same checks that are done in dial.go, see Listen and dialSingle.
[1] https://pkg.go.dev/net#Dialer.SetMultipathTCP
Fixes #70500
Change-Id: I646431a74571668e505493fa8c1b2206bf30ed09
GitHub-Last-Rev: 69a31a1b033497fa219309410f16c4524aa6bba9
GitHub-Pull-Request: golang/go#70501
Reviewed-on: https://go-review.googlesource.com/c/go/+/630715 Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Roland Shoemaker [Wed, 30 Oct 2024 03:22:27 +0000 (20:22 -0700)]
crypto/tls: add server-side ECH
Adds support for server-side ECH.
We make a couple of implementation decisions that are not completely
in-line with the spec. In particular, we don't enforce that the SNI
matches the ECHConfig public_name, and we implement a hybrid
shared/backend mode (rather than shared or split mode, as described in
Section 7). Both of these match the behavior of BoringSSL.
The hybrid server mode will either act as a shared mode server, where-in
the server accepts "outer" client hellos and unwraps them before
processing the "inner" hello, or accepts bare "inner" hellos initially.
This lets the server operate either transparently as a shared mode
server, or a backend server, in Section 7 terminology. This seems like
the best implementation choice for a TLS library.
Fixes #68500
Change-Id: Ife69db7c1886610742e95e76b0ca92587e6d7ed4
Reviewed-on: https://go-review.googlesource.com/c/go/+/623576 Reviewed-by: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Auto-Submit: Roland Shoemaker <roland@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Dmitri Shuralyov [Thu, 21 Nov 2024 17:50:14 +0000 (12:50 -0500)]
internal/copyright: skip testdata and vendor directories only
Using filepath.SkipDir without confirming that d is a directory makes
it prone to taking unintended action if a file (not a directory) with
the same name gets added.
This isn't a problem today, but we shouldn't spend human code review
time checking that this doesn't somehow happen in the future, either.
Change-Id: I29bf203ddef175c3ad23c9ddc10fa934126ac853
Reviewed-on: https://go-review.googlesource.com/c/go/+/630635 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Ian Lance Taylor <iant@google.com>
TryBot-Bypass: Dmitri Shuralyov <dmitshur@golang.org>
Joel Sing [Wed, 14 Aug 2024 16:48:09 +0000 (02:48 +1000)]
cmd/internal/obj/riscv: rework instruction encoding information
Currently, instruction encoding is a slice of encoding types, which
is indexed by a masked version of the riscv64 opcode. Additional
information about some instructions (for example, if an instruction
has a ternary form and if there is an immediate form for an instruction)
is manually specified in other parts of the assembler code.
Rework the instruction encoding information so that we use a table
driven form, providing additional data for each instruction where
relevant. This means that we can simplify other parts of the code
by simply looking up the instruction data and reusing minimal logic.
Change-Id: I7b3b6c61a4868647edf28bd7dbae2150e043ae00
Cq-Include-Trybots: luci.golang.try:gotip-linux-riscv64
Reviewed-on: https://go-review.googlesource.com/c/go/+/622535
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Cherry Mui <cherryyz@google.com> Reviewed-by: Meng Zhuo <mengzhuo1203@gmail.com> Reviewed-by: Mark Ryan <markdryan@rivosinc.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Damien Neil [Thu, 21 Nov 2024 17:20:46 +0000 (09:20 -0800)]
os: drop unnecessary trailing . from symlink targets
Adjust splitPathInRoot to match its documented behavior
of dropping . path components except at the end of the path.
This function takes a prefix, path, and suffix; previously
it would preserve a trailing . at the end of the path
even when joining to a suffix.
The practical effect of this change is that we we'll skip
a pointless open of . when following a symlink under some
circumstances:
- open "a/target"
- "a" is a symlink to "b/."
- previously: we rewrite our path to "b/./target"
- now: we rewrite our path to "b/target"
This is a fairly unimportant edge case, and our observable
behavior isn't changing. The main motivation for this change is
that the overall behavior is more comprehensible if splitPathInRoot
follows its documentation.
Change-Id: I96c6a5e3f489cdac991ba1bd702180d69625bc64
Reviewed-on: https://go-review.googlesource.com/c/go/+/630615 Reviewed-by: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
cuishuang [Wed, 20 Nov 2024 13:56:27 +0000 (21:56 +0800)]
all: fix some function names and typos in comment
Change-Id: I07e7c8eaa5bd4bac0d576b2f2f4cd3f81b0b77a4
Reviewed-on: https://go-review.googlesource.com/c/go/+/630055
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Commit-Queue: Ian Lance Taylor <iant@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com> Reviewed-by: Russ Cox <rsc@golang.org>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Damien Neil [Thu, 21 Nov 2024 16:43:23 +0000 (08:43 -0800)]
os: fix Root tests on Plan9
Fixes #70484
Change-Id: I609834aca3e97bf494565da513cd2b8a83123c89
Reviewed-on: https://go-review.googlesource.com/c/go/+/630216 Reviewed-by: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>