Ian Lance Taylor [Fri, 24 Feb 2023 23:52:58 +0000 (15:52 -0800)]
cmd/link: don't emit PAX_FLAGS segment on Linux
We started emitting this segment in 2012 in CL 6326054 for #47.
It disabled three kinds of protection: mprotect, randexec, and emutramp.
The randexec protection was deprecated some time ago, replaced by PIE.
The emutramp and mprotect protection was because we used to rely on being
able to create writable executable memory to implement function closures,
but that is not true since https://go.dev/s/go11func was implemented.
Change-Id: I5e3a5279d76d642b0423d26195b891479a235763
Reviewed-on: https://go-review.googlesource.com/c/go/+/471199
Run-TryBot: Ian Lance Taylor <iant@golang.org>
Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com>
Filippo Valsorda [Mon, 13 Feb 2023 14:16:27 +0000 (15:16 +0100)]
crypto/internal/nistec: reduce P-256 scalar
Unlike the rest of nistec, the P-256 assembly doesn't use complete
addition formulas, meaning that p256PointAdd[Affine]Asm won't return the
correct value if the two inputs are equal.
This was (undocumentedly) ignored in the scalar multiplication loops
because as long as the input point is not the identity and the scalar is
lower than the order of the group, the addition inputs can't be the same.
As part of the math/big rewrite, we went however from always reducing
the scalar to only checking its length, under the incorrect assumption
that the scalar multiplication loop didn't require reduction.
Added a reduction, and while at it added it in P256OrdInverse, too, to
enforce a universal reduction invariant on p256OrdElement values.
Note that if the input point is the infinity, the code currently still
relies on undefined behavior, but that's easily tested to behave
acceptably, and will be addressed in a future CL.
Fixes #58647
Fixes CVE-2023-24532
(Filed with the "safe APIs like complete addition formulas are good" dept.)
Joe Tsai [Mon, 20 Feb 2023 03:05:12 +0000 (19:05 -0800)]
encoding/json: use append-like operations for encoding
As part of the effort to rely less on bytes.Buffer,
switch most operations to use more natural append-like operations.
This makes it easier to swap bytes.Buffer out with a buffer type
that only needs to support a minimal subset of operations.
As a simplification, we can remove the use of the scratch buffer
and use the available capacity of the buffer itself as the scratch.
Also, declare an inlineable mayAppendQuote function to conditionally
append a double-quote if necessary.
There is a slight performance gain across the board due to
the elimination of the scratch buffer. Appends are done directly
into the unused capacity of the underlying buffer,
avoiding an additional copy. See #53685
Updates #27735
Change-Id: Icf6d612a7f7a51ecd10097af092762dd1225d49e
Reviewed-on: https://go-review.googlesource.com/c/go/+/469558 Reviewed-by: Daniel Martí <mvdan@mvdan.cc>
Auto-Submit: Joseph Tsai <joetsai@digital-static.net> Reviewed-by: Bryan Mills <bcmills@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@google.com>
Run-TryBot: Joseph Tsai <joetsai@digital-static.net>
Joe Tsai [Mon, 20 Feb 2023 01:37:02 +0000 (17:37 -0800)]
encoding/json: unify encodeState.string and encodeState.stringBytes
This is part of the effort to reduce direct reliance on bytes.Buffer
so that we can use a buffer with better pooling characteristics.
Unify these two methods as a single version that uses generics
to reduce duplicated logic. Unfortunately, we lack a generic
version of utf8.DecodeRune (see #56948), so we cast []byte to string.
The []byte variant is slightly slower for multi-byte unicode since
casting results in a stack-allocated copy operation.
Fortunately, this code path is used only for TextMarshalers.
We can also delete TestStringBytes, which exists to ensure
that the two duplicate implementations remain in sync.
There is a very slight performance degradation for CodeEncoder
due to an increase in allocation sizes. However, the number of allocations
did not change. This is likely due to remote effects of the growth rate
differences between bytes.Buffer and the builtin append function.
We shouldn't overly rely on the growth rate of bytes.Buffer anyways
since that is subject to possibly change in #51462.
As the benchtime increases, the alloc/op goes down indicating
that the amortized memory cost is fixed.
Updates #27735
Change-Id: Ie35e480e292fe082d7986e0a4d81212c1d4202b3
Reviewed-on: https://go-review.googlesource.com/c/go/+/469556
Run-TryBot: Joseph Tsai <joetsai@digital-static.net> Reviewed-by: Bryan Mills <bcmills@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Daniel Martí <mvdan@mvdan.cc>
Auto-Submit: Joseph Tsai <joetsai@digital-static.net>
Joe Tsai [Mon, 20 Feb 2023 01:11:46 +0000 (17:11 -0800)]
encoding/json: use append for Compact and Indent
This is part of the effort to reduce direct reliance on bytes.Buffer
so that we can use a buffer with better pooling characteristics.
Avoid direct use of bytes.Buffer in Compact and Indent and
instead modify the logic to rely only on append.
This avoids reliance on the bytes.Buffer.Truncate method,
which makes switching to a custom buffer implementation easier.
Performance:
name old time/op new time/op delta
EncodeMarshaler 25.5ns ± 8% 25.7ns ± 9% ~ (p=0.724 n=10+10)
name old alloc/op new alloc/op delta
EncodeMarshaler 4.00B ± 0% 4.00B ± 0% ~ (all equal)
name old allocs/op new allocs/op delta
EncodeMarshaler 1.00 ± 0% 1.00 ± 0% ~ (all equal)
Updates #27735
Change-Id: I8cded03fab7651d43b5a238ee721f3472530868e
Reviewed-on: https://go-review.googlesource.com/c/go/+/469555
Run-TryBot: Joseph Tsai <joetsai@digital-static.net> Reviewed-by: Daniel Martí <mvdan@mvdan.cc>
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Joseph Tsai <joetsai@digital-static.net> Reviewed-by: Bryan Mills <bcmills@google.com>
Joel Sing [Sun, 8 Jan 2023 17:21:37 +0000 (04:21 +1100)]
cmd/internal/obj/arm64: factor out code generation for addition of 12 bit immediates
Factor out and simplify code that generates the addition of a 12 bit immediate
(the addition of a negative value is still handled via subtraction). This also
fixes the mishandling of the case where v is 0.
Change-Id: I6040f33d2fec87b772272531b3bf02390ae7f200
Reviewed-on: https://go-review.googlesource.com/c/go/+/461141
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Eric Fang <eric.fang@arm.com> Reviewed-by: Than McIntosh <thanm@google.com>
Run-TryBot: Joel Sing <joel@sing.id.au> Reviewed-by: Cherry Mui <cherryyz@google.com>
qmuntal [Wed, 8 Feb 2023 13:28:18 +0000 (14:28 +0100)]
runtime: use explicit NOFRAME on netbsd/amd64
This CL marks some netbsd assembly functions as NOFRAME to avoid
relying on the implicit amd64 NOFRAME heuristic, where NOSPLIT functions
without stack were also marked as NOFRAME.
While here, and thanks to CL 466355, `asm_netbsd_amd64.s` can
be deleted in favor of `asm9_unix2_amd64.s`, which makes better
use of the frame pointer.
Updates #58378
Change-Id: Iff554b664ec25f2bb6ec198c0f684590b359c383
Reviewed-on: https://go-review.googlesource.com/c/go/+/466396 Reviewed-by: Than McIntosh <thanm@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com>
Run-TryBot: Quim Muntal <quimmuntal@gmail.com>
Mateusz Poliwczak [Thu, 23 Feb 2023 19:03:00 +0000 (19:03 +0000)]
net/url: simplify values Get
Checking if v == nil is unnecessary, nil map always return the zero value of the value type.
Change-Id: I9c5499bc7db72c4c62e02013ba7f9a6ee4795c09
GitHub-Last-Rev: 03fc2330e2ae568eafeb4d2e25e3f3535491062a
GitHub-Pull-Request: golang/go#58662
Reviewed-on: https://go-review.googlesource.com/c/go/+/470736
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Run-TryBot: Ian Lance Taylor <iant@golang.org> Reviewed-by: Than McIntosh <thanm@google.com>
Run-TryBot: Ian Lance Taylor <iant@google.com>
qmuntal [Wed, 8 Feb 2023 13:08:20 +0000 (14:08 +0100)]
runtime: use explicit NOFRAME on freebsd/amd64
This CL marks some freebsd assembly functions as NOFRAME to avoid
relying on the implicit amd64 NOFRAME heuristic, where NOSPLIT functions
without stack were also marked as NOFRAME.
Updates #58378
Change-Id: Ibd00748946f1137e165293df7da73278cb673bbd
Reviewed-on: https://go-review.googlesource.com/c/go/+/466395 Reviewed-by: Than McIntosh <thanm@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com>
Run-TryBot: Quim Muntal <quimmuntal@gmail.com>
Keith Randall [Tue, 1 Nov 2022 23:46:43 +0000 (16:46 -0700)]
cmd/compile: batch write barrier calls
Have the write barrier call return a pointer to a buffer into which
the generated code records pointers that need write barrier treatment.
Change-Id: I7871764298e0aa1513de417010c8d46b296b199e
Reviewed-on: https://go-review.googlesource.com/c/go/+/447781 Reviewed-by: Keith Randall <khr@google.com>
Run-TryBot: Keith Randall <khr@golang.org>
TryBot-Bypass: Keith Randall <khr@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com>
Adin Scannell [Thu, 23 Feb 2023 22:22:29 +0000 (22:22 +0000)]
runtime: fix linkname signature for godebug
This signature uses the wrong type for the passed function, which
will be saved in the internal runtime map. Since the functions are
likely compatible (uint64 return versus int64), this may work but
should generally be fixed.
This is other instance of #58440.
Change-Id: Ied82e554745ef72eefeb5be540605809ffa06533
Reviewed-on: https://go-review.googlesource.com/c/go/+/470915 Reviewed-by: Michael Pratt <mpratt@google.com>
Run-TryBot: Michael Pratt <mpratt@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Auto-Submit: Michael Pratt <mpratt@google.com>
Paul E. Murphy [Tue, 27 Sep 2022 18:13:10 +0000 (13:13 -0500)]
cmd/compile: rework unbounded shift lowering on PPC64
This reduces unbounded shift latency by one cycle, and may
generate less instructions in some cases.
When there is a choice whether to use doubleword or word shifts, use
doubleword shifts. Doubleword shifts have fewer hardware scheduling
restrictions across P8/P9/P10.
Likewise, rework the shift sequence to allow the compare/shift/overshift
values to compute in parallel, then choose the correct value.
Some ANDCCconst rules also need reworked to ensure they simplify when
used for their flag value. This commonly occurs when prove fails to
identify a bounded shift (e.g foo32<<uint(x&31)).
Change-Id: Ifc6ff4a865d68675e57745056db414b0eb6f2d34
Reviewed-on: https://go-review.googlesource.com/c/go/+/442597
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Lynn Boger <laboger@linux.vnet.ibm.com> Reviewed-by: Than McIntosh <thanm@google.com>
Run-TryBot: Paul Murphy <murp@ibm.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Michael Pratt [Wed, 22 Feb 2023 22:50:20 +0000 (17:50 -0500)]
cmd/compile: adjust inlined DW_AT_call_line by //line
insertInlCall mistakenly uses the absolute line number of the call
rather than the relative line number (adjusted by //line). Switch to the
correct line number.
The call filename was already correct.
Fixes #58648
Change-Id: Id8d1848895233e972d8cfe9c5789a88e62d06556
Reviewed-on: https://go-review.googlesource.com/c/go/+/470876 Reviewed-by: Than McIntosh <thanm@google.com>
Run-TryBot: Michael Pratt <mpratt@google.com>
Auto-Submit: Michael Pratt <mpratt@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com>
A later CL will add additional test cases for CallFile and CallLine with
a //line directive. The parameter/variable checks have nothing to do
with line numbers and will only serve to make the test more difficult to
follow, so split this single mega-test into two: one for testing
file/line and the other for testing parameters/variables.
There are a few additional minor changes:
1. A missing AttrName is now an error.
2. Check added for AttrCallLine, which was previously untested.
For #58648.
Change-Id: I35e75ead766bcf910c58eb20541769349841f2b5
Reviewed-on: https://go-review.googlesource.com/c/go/+/470875
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Than McIntosh <thanm@google.com>
Auto-Submit: Michael Pratt <mpratt@google.com> Reviewed-by: Than McIntosh <thanm@google.com> Reviewed-by: Cherry Mui <cherryyz@google.com>
Russ Cox [Thu, 23 Feb 2023 13:37:08 +0000 (08:37 -0500)]
cmd/dist: default to GOARM=7 on all non-arm systems
If you run make.bash on an arm system without GOARM set,
we sniff the local system to find the maximum default GOARM
that will actually work on that system. That's fine, and we can
keep doing that.
But the story for cross-compiling is weirder.
If we build a windows/amd64 toolchain and then use it to
cross-compile linux/arm binaries, we get GOARM=7 binaries.
Do the same on a linux/amd64 system and you get GOARM=5 binaries.
This clearly makes no sense, and worse it makes the builds
non-reproducible in a subtle way.
This CL simplifies the logic and improves reproducibility by
defaulting to GOARM=7 any time we wouldn't sniff the local system.
On go.dev/dl we serve a linux-armv6l distribution with a default GOARM=6.
That is built by setting GOARM=6 during make.bash, so it is unaffected
by this CL and will continue to be GOARM=6.
qmuntal [Wed, 8 Feb 2023 09:27:20 +0000 (10:27 +0100)]
runtime: use explicit NOFRAME on dragonfly/amd64
This CL marks some dragonfly assembly functions as NOFRAME to avoid
relying on the implicit amd64 NOFRAME heuristic, where NOSPLIT functions
without stack were also marked as NOFRAME.
Updates #58378
Change-Id: I832a1a78d68a49f11df3b03fa9d50d4796bcac03
Reviewed-on: https://go-review.googlesource.com/c/go/+/466355
Run-TryBot: Quim Muntal <quimmuntal@gmail.com> Reviewed-by: Than McIntosh <thanm@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com>
Dmitri Goutnik [Wed, 22 Feb 2023 15:58:14 +0000 (10:58 -0500)]
syscall: add ptracePtr that accepts pointer arg as unsafe.Pointer
The existing ptrace wrapper accepts pointer argument as an uintptr which
often points to the memory allocated in Go. This violates unsafe.Pointer safety
rules.
Fixes #58387
Change-Id: Iab12122c495953f94ea00c2a61654a818a464205
Reviewed-on: https://go-review.googlesource.com/c/go/+/470299
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Dmitri Goutnik <dgoutnik@gmail.com> Reviewed-by: Bryan Mills <bcmills@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Dmitri Goutnik <dgoutnik@gmail.com>
Russ Cox [Mon, 30 Jan 2023 19:23:48 +0000 (14:23 -0500)]
cmd/go: enable vet directive analyzer during 'go test'
For #56986, run the new directive analyzer during 'go test',
to diagnose problems that would otherwise be missed,
like //go:debug appearing in the wrong place in a file
or in the wrong files.
Russ Cox [Tue, 29 Nov 2022 20:43:08 +0000 (15:43 -0500)]
cmd/go: set default GODEBUG for main packages
For #56986, change the go command to compute and set the
default GODEBUG settings for each main package, based on
the work module's go version and the //go:debug lines in the
main package.
Russ Cox [Tue, 29 Nov 2022 18:30:50 +0000 (13:30 -0500)]
cmd/go, go/build: parse directives in file headers
For #56986, go/build needs to report up to cmd/go
about //go:debug lines found in the source code.
Rather than make a special case for //go:debug,
this change gathers all top-level directives above the
package line and includes them in the result.
The go command's module index must match go/build,
so this CL contains the code to update the index as well.
A future CL will use the //go:debug lines to prepare the default
GODEBUG settings, as well as rejecting such lines in non-main
packages.
Joel Sing [Sun, 8 Jan 2023 18:22:20 +0000 (05:22 +1100)]
cmd/internal/obj/arm64: use more appropriate types for olsr12u
This allows for a large number of casts to be removed at call sites.
Change-Id: Id929f6c7155b0b59a2bcdf43144de95a007b8a48
Reviewed-on: https://go-review.googlesource.com/c/go/+/461139
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Than McIntosh <thanm@google.com> Reviewed-by: Cherry Mui <cherryyz@google.com>
Run-TryBot: Joel Sing <joel@sing.id.au> Reviewed-by: Eric Fang <eric.fang@arm.com>
Joel Sing [Sat, 7 Jan 2023 15:03:30 +0000 (02:03 +1100)]
cmd/internal/obj/arm64: invert SP check
Check for REGSP use before checking for invalid instructions. This simplifies
the code and avoids duplicated op generation.
Change-Id: I302e3b54a29742f2c48024b25162200f5966cfaa
Reviewed-on: https://go-review.googlesource.com/c/go/+/461138
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Eric Fang <eric.fang@arm.com> Reviewed-by: Than McIntosh <thanm@google.com>
Run-TryBot: Joel Sing <joel@sing.id.au> Reviewed-by: Cherry Mui <cherryyz@google.com>
Joel Sing [Sat, 7 Jan 2023 07:40:56 +0000 (18:40 +1100)]
cmd/internal/obj/arm64: use obj.REG_NONE where appropriate
When referring to an unspecified register, use obj.REG_NONE rather than 0.
This has the same result but is more readable.
Change-Id: I56b541a3abc3c2c0e3ce1de21a624da0b21c485a
Reviewed-on: https://go-review.googlesource.com/c/go/+/461137 Reviewed-by: Eric Fang <eric.fang@arm.com>
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Than McIntosh <thanm@google.com>
Run-TryBot: Joel Sing <joel@sing.id.au> Reviewed-by: Cherry Mui <cherryyz@google.com>
Joel Sing [Sat, 7 Jan 2023 07:36:38 +0000 (18:36 +1100)]
cmd/internal/obj/arm64: remove bogus omovlit return value check
omovlit never returns zero, so it does not make any sense to check for that.
Additionally, no other call site does this.
Change-Id: I5769dcdb557bed4ec4d727abe0869a1549fcf04c
Reviewed-on: https://go-review.googlesource.com/c/go/+/461136 Reviewed-by: Cherry Mui <cherryyz@google.com> Reviewed-by: Than McIntosh <thanm@google.com> Reviewed-by: Eric Fang <eric.fang@arm.com>
Run-TryBot: Joel Sing <joel@sing.id.au>
TryBot-Result: Gopher Robot <gobot@golang.org>
Joel Sing [Sun, 8 Jan 2023 17:31:47 +0000 (04:31 +1100)]
cmd/internal/obj/arm64: remove spurious assignments with OR
Use = rather than |= when assigning to an op variable.
Change-Id: I142c9fb3aa6f4b48875710100c05ab640e21933a
Reviewed-on: https://go-review.googlesource.com/c/go/+/461135 Reviewed-by: Eric Fang <eric.fang@arm.com> Reviewed-by: Than McIntosh <thanm@google.com>
Run-TryBot: Joel Sing <joel@sing.id.au>
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com>
Ian Lance Taylor [Wed, 22 Feb 2023 21:00:14 +0000 (13:00 -0800)]
debug/macho: don't crash if dynamic symtab with no symtab
No test case because the problem can only happen for invalid data. Let
the fuzzer find cases like this.
For #47653
Fixes #58642
Change-Id: I19fee0dc9bd6239b520c15182b8f1e57bb0049bb
Reviewed-on: https://go-review.googlesource.com/c/go/+/470397 Reviewed-by: Ian Lance Taylor <iant@google.com>
Run-TryBot: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Bryan Mills <bcmills@google.com>
Cherry Mui [Tue, 21 Feb 2023 22:34:41 +0000 (17:34 -0500)]
cmd/link: default to external linking with cgo std packages
Previously, when a program depends on cgo packages in the standard
library (e.g. net, os/user) but not otherwise use cgo, we default
to internal linking mode. As we shipped pre-built cgo-using packages
in Go distributions, we don't require a C compiler to build those
packages. Then, by using internal linking we can link programs
using those packages without requiring a C toolchain.
As of Go 1.20, we stopped shipping those pre-built packages. If a
user doesn't have a C toolchain, they will use the non-cgo version
of the package. If they have a C toolchain, they can get cgo-using
packages but they can link with the external linker as well. So
there is no strong need to be able to link the cgo version of the
packages without a C toolchain. This CL makes it default to
external linking mode.
Fixes #58619.
Fixes #58620.
Change-Id: I62d3744c2b82ce734813c0e303e417d85dd29868
Reviewed-on: https://go-review.googlesource.com/c/go/+/470298
Run-TryBot: Cherry Mui <cherryyz@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Than McIntosh <thanm@google.com>
qmuntal [Wed, 8 Feb 2023 08:40:44 +0000 (09:40 +0100)]
runtime: use explicit NOFRAME on linux/amd64
This CL marks some linux assembly functions as NOFRAME to avoid relying
on the implicit amd64 NOFRAME heuristic, where NOSPLIT functions
without stack were also marked as NOFRAME.
Updates #58378
Change-Id: I7792cff4f6e539bfa56c02868f2965088ca1975a
Reviewed-on: https://go-review.googlesource.com/c/go/+/466316 Reviewed-by: Than McIntosh <thanm@google.com> Reviewed-by: Cherry Mui <cherryyz@google.com>
Run-TryBot: Quim Muntal <quimmuntal@gmail.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Harald Böhm [Sun, 27 Nov 2022 14:34:28 +0000 (15:34 +0100)]
syscall: add jail support to ForkExec on FreeBSD
Introduce a new SysProcAttr member called Jail on FreeBSD. This allows
supplying an existing jail's ID to which the child process is attached
before calling the exec system call.
Fixes #46259
Change-Id: Ie282e5b83429131f9a9e1e27cfcb3bcc995d1d4d
Reviewed-on: https://go-review.googlesource.com/c/go/+/458335
Run-TryBot: Ian Lance Taylor <iant@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Dmitri Goutnik <dgoutnik@gmail.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Samuel Karp <samuelkarp@google.com>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
Archana R [Mon, 13 Feb 2023 12:18:59 +0000 (06:18 -0600)]
runtime: improve memclr on ppc64x/power10
Rewrite memclr asm function to use the new power10 instruction stxvl
or the store vector with length which can specify the number of bytes
to be stored in a register, thereby avoiding loops to store the tail
end bytes.
On power9 and power8 the code remains unchanged.
The performance for all sizes<16 improve on power10 with this change.
Ian Lance Taylor [Tue, 21 Feb 2023 23:00:01 +0000 (23:00 +0000)]
Revert "internal/poll: drop redundant ENOSYS in CopyFileRange"
This reverts CL 428555.
Reason for revert: It appears that even a newer kernel can get
ENOSYS from copy_file_range.
Fixes #58592
Change-Id: Ib8dd1be61544f54bf652a99dc0b449109f8f50ed
Reviewed-on: https://go-review.googlesource.com/c/go/+/470016 Reviewed-by: Andy Pan <panjf2000@gmail.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Auto-Submit: Ian Lance Taylor <iant@golang.org> Reviewed-by: Than McIntosh <thanm@google.com> Reviewed-by: Bryan Mills <bcmills@google.com>
Run-TryBot: Ian Lance Taylor <iant@golang.org> Reviewed-by: Tobias Klauser <tobias.klauser@gmail.com>
rohnnyjoy [Sat, 18 Feb 2023 04:37:17 +0000 (04:37 +0000)]
cmd/go: return an early error from queryImport when in vendor mode
The current behavior for -mod=vendor is to let QueryPackages run and
fail from queryImport: "cannot query module due to -mod=vendor".
This has the side effect of allowing "go: finding module for package"
to be printed to stderr. Instead of this, return an error before
running QueryPackages.
Joel Sing [Mon, 6 Jun 2022 20:08:51 +0000 (06:08 +1000)]
cmd/link: add internal linking support for calling SDYNIMPORT on mips64
Add internal linking support for calling SDYNIMPORT symbols on mips64. This adds
code to generate appropriate PLT and GOT entries, along with the various dynamic
entries needed for the dynamic loader.
Updates #36435, #46178
Change-Id: I783e0d028510ca2bca82bcbc745f2375770813fe
Reviewed-on: https://go-review.googlesource.com/c/go/+/415815 Reviewed-by: Rong Zhang <rongrong@oss.cipunited.com>
Run-TryBot: Ian Lance Taylor <iant@google.com>
Run-TryBot: Joel Sing <joel@sing.id.au> Reviewed-by: Ian Lance Taylor <iant@google.com> Reviewed-by: Than McIntosh <thanm@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Robert Griesemer [Tue, 21 Feb 2023 22:42:18 +0000 (14:42 -0800)]
go/types, types2: point out type parameters with predeclared names in errors
If a type parameter has the same name as a predeclared type, error
messages can be very confusing. In these rare cases, explicitly
point out where the type parameter is declared (types2) or that it
is a type parameter (go/types).
(We can't point out where the type parameter is declared in go/types
because we don't have access to the file set in the type writer at
the moment.)
Fixes #58611.
Change-Id: I5c150c2b0afae5fad320821e7e5935090dc2ef4c
Reviewed-on: https://go-review.googlesource.com/c/go/+/470075 Reviewed-by: Robert Findley <rfindley@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Robert Griesemer <gri@google.com> Reviewed-by: Robert Griesemer <gri@google.com>
Auto-Submit: Robert Griesemer <gri@google.com>
Dmitri Goutnik [Mon, 20 Feb 2023 11:55:42 +0000 (06:55 -0500)]
syscall: introduce IoctlPtr for exec_unix tests
Avoid passing Go pointers as uintptr in exec_unix_test.go by introducing
syscall.IoctlPtr() which accepts arg as unsafe.Pointer.
For #44834
Fixes #58609
Change-Id: I6d0ded023e5f3c9989783aee7075bb88100d9ec2
Reviewed-on: https://go-review.googlesource.com/c/go/+/469675
Run-TryBot: Dmitri Goutnik <dgoutnik@gmail.com> Reviewed-by: Bryan Mills <bcmills@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Run-TryBot: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Ian Lance Taylor [Tue, 21 Feb 2023 18:14:20 +0000 (10:14 -0800)]
debug/macho: use saferio to read symbol table strings
No test case because the problem can only happen for invalid data. Let
the fuzzer find cases like this.
For #47653
Fixes #58603
Change-Id: I67fc45365c1a5b0b4b381f541bf2fee8ce8ddc3a
Reviewed-on: https://go-review.googlesource.com/c/go/+/469895
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Ian Lance Taylor <iant@google.com> Reviewed-by: Bryan Mills <bcmills@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
Wayne Zuo [Tue, 8 Nov 2022 07:39:27 +0000 (15:39 +0800)]
cmd/internal/obj/riscv: optimize loading large immediate with trailing zeros
This CL can avoid a memory load for some immediate.
Reduce binary size slightly.
compilecmp HEAD~1 -> HEAD
HEAD~1 (9860faa512): math/big: remove underscores from Binomial docs
HEAD (ac85312f10): cmd/internal/obj/riscv: optimize loading large immediate with many trailing zeros
platform: linux/riscv64
Change-Id: I8615c7830ebfee0386f95d0c0fc4d29dc0b4c7fb
Reviewed-on: https://go-review.googlesource.com/c/go/+/448635 Reviewed-by: Cherry Mui <cherryyz@google.com>
Run-TryBot: Wayne Zuo <wdvxdr@golangcn.org>
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Michael Pratt <mpratt@google.com> Reviewed-by: Joel Sing <joel@sing.id.au>
Anuraag Agrawal [Mon, 20 Feb 2023 00:38:44 +0000 (00:38 +0000)]
strconv: add Atoi test cases with characters less than '0'
Change-Id: I35c0fe4e7e11b694ef07687d5e0532a2ab9ba213
GitHub-Last-Rev: e0a28f42367c2685d80bcc5c45294c0d2eae77fe
GitHub-Pull-Request: golang/go#58575
Reviewed-on: https://go-review.googlesource.com/c/go/+/469035
Auto-Submit: Robert Griesemer <gri@google.com>
Run-TryBot: Robert Griesemer <gri@google.com>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@google.com>
Run-TryBot: Ian Lance Taylor <iant@google.com> Reviewed-by: Robert Griesemer <gri@google.com>
Joel Sing [Fri, 17 Feb 2023 18:45:34 +0000 (05:45 +1100)]
runtime/cgo: restore correct build tags for linux/mips*
The linux build tags were incorrectly removed from these files by CL 460538.
Restore the correct build tags so that they are only included in builds
for linux/mips* platforms.
Change-Id: I21d8802b0252688d8e2228cf904b47d90b253485
Reviewed-on: https://go-review.googlesource.com/c/go/+/469175 Reviewed-by: Cherry Mui <cherryyz@google.com>
Run-TryBot: Joel Sing <joel@sing.id.au>
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@google.com>
Keith Randall [Tue, 1 Nov 2022 21:18:09 +0000 (14:18 -0700)]
cmd/compile: move raw writes out of write barrier code
Previously, the write barrier calls themselves did the actual
writes to memory. Instead, move those writes out to a common location
that both the wb-enabled and wb-disabled code paths share.
This enables us to optimize the write barrier path without having
to worry about performing the actual writes.
Change-Id: Ia71ab651908ec124cc33141afb52e4ca19733ac6
Reviewed-on: https://go-review.googlesource.com/c/go/+/447780 Reviewed-by: Michael Knyszek <mknyszek@google.com>
TryBot-Bypass: Keith Randall <khr@golang.org>
Run-TryBot: Keith Randall <khr@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com>
Keith Randall [Wed, 26 Oct 2022 00:58:07 +0000 (17:58 -0700)]
runtime: remove the restriction that write barrier ptrs come in pairs
Future CLs will remove the invariant that pointers are always put in
the write barrier in pairs.
The behavior of the assembly code changes a bit, where instead of writing
the pointers unconditionally and then checking for overflow, check for
overflow first and then write the pointers.
Also changed the write barrier flush function to not take the src/dst
as arguments.
Change-Id: I2ef708038367b7b82ea67cbaf505a1d5904c775c
Reviewed-on: https://go-review.googlesource.com/c/go/+/447779
Run-TryBot: Keith Randall <khr@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com> Reviewed-by: Michael Knyszek <mknyszek@google.com>
TryBot-Bypass: Keith Randall <khr@golang.org>
Dmitri Goutnik [Fri, 17 Feb 2023 16:44:16 +0000 (11:44 -0500)]
cmd/api: add API checks for freebsd/riscv64
The freebsd/riscv64 port was added in go1.20, make cmd/api aware of it and
backfill API files.
For #58582
Change-Id: I242b161cdb6221c8f60a1868c6435be26fca0078
Reviewed-on: https://go-review.googlesource.com/c/go/+/469135
Run-TryBot: Dmitri Goutnik <dgoutnik@gmail.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Run-TryBot: Ian Lance Taylor <iant@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com> Reviewed-by: Bryan Mills <bcmills@google.com>
Morten Linderud [Thu, 16 Feb 2023 14:37:50 +0000 (14:37 +0000)]
cmd/cgo: include seed string with -frandom-seed for lto
cgo is built with -flto the symbols in runtime/cgo is going to include random numbers which would make builds unreproducible.
Settings -frandom-seeds ensures this is consistent across builds, and to ensure we always use a reproducible seed across builds we use the actionID as the seed string.
runtime/cgo built with "-frandom-seed=OFEc9OKoUMJwh3-5yFCH" would output the following:
Dmitri Goutnik [Fri, 17 Feb 2023 16:19:49 +0000 (11:19 -0500)]
cmd/api: add API checks for freebsd/arm64
The freebsd/arm64 port was added in go1.14, make cmd/api aware of it and
backfill API files.
For #58582
Change-Id: I8b25c6cf5a66611d90d225762b257679a4abface
Reviewed-on: https://go-review.googlesource.com/c/go/+/469115 Reviewed-by: Bryan Mills <bcmills@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Run-TryBot: Dmitri Goutnik <dgoutnik@gmail.com>
Run-TryBot: Ian Lance Taylor <iant@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Keith Randall [Wed, 15 Feb 2023 18:21:52 +0000 (10:21 -0800)]
cmd/compile: ensure constant folding of pointer arithmetic remains a pointer
For c + nil, we want the result to still be of pointer type.
Fixes ppc64le build failure with CL 468455, in issue33724.go.
The problem in that test is that it requires a nil check to be
scheduled before the corresponding load. This normally happens fine
because we prioritize nil checks. If we have nilcheck(p) and load(p),
once p is scheduled the nil check will always go before the load.
The issue we saw in 33724 is that when p is a nil pointer, we ended up
with two different p's, an int64(0) as the argument to the nil check
and an (*Outer)(0) as the argument to the load. Those two zeroes don't
get CSEd, so if the (*Outer)(0) happens to get scheduled first, the
load can end up before the nilcheck.
Fix this by always having constant arithmetic preserve the pointerness
of the value, so that both zeroes are of type *Outer and get CSEd.
Update #58482
Update #33724
Change-Id: Ib9b8c0446f1690b574e0f3c0afb9934efbaf3513
Reviewed-on: https://go-review.googlesource.com/c/go/+/468615 Reviewed-by: Keith Randall <khr@google.com>
Run-TryBot: Keith Randall <khr@golang.org> Reviewed-by: David Chase <drchase@google.com>
TryBot-Bypass: Keith Randall <khr@golang.org>
Kir Kolyshkin [Thu, 16 Feb 2023 00:47:40 +0000 (16:47 -0800)]
syscall: Faccessat: check for CAP_DAC_OVERRIDE on Linux
CL 416115 added using faccessat2(2) from syscall.Faccessat on Linux
(which is the only true way to implement AT_EACCESS flag handing),
if available. If not available, it uses some heuristics to mimic the
kernel behavior, mostly taken from glibc (see CL 126415).
Next, CL 414824 added using the above call (via unix.Eaccess) to
exec.LookPath in order to check if the binary can really be executed.
As a result, in a very specific scenario, described below,
syscall.Faccessat (and thus exec.LookPath) mistakenly tells that the
binary can not be executed, while in reality it can be. This makes
this bug a regression in Go 1.20.
This scenario involves all these conditions:
- no faccessat2 support available (i.e. either Linux kernel < 5.8,
or a seccomp set up to disable faccessat2);
- the current user is not root (i.e. geteuid() != 0);
- CAP_DAC_OVERRIDE capability is set for the current process;
- the file to be executed does not have executable permission
bit set for either the current EUID or EGID;
- the file to be executed have at least one executable bit set.
Unfortunately, this set of conditions was observed in the wild -- a
container run as a non-root user with the binary file owned by root with
executable permission set for a user only [1]. Essentially it means it
is not as rare as it may seem.
Now, CAP_DAC_OVERRIDE essentially makes the kernel bypass most of the
checks, so execve(2) and friends work the same was as for root user,
i.e. if at least one executable bit it set, the permission to execute
is granted (see generic_permission() function in the Linux kernel).
Modify the code to check for CAP_DAC_OVERRIDE and mimic the kernel
behavior for permission checks.
Change-Id: I82a7e757ab3fd3d0193690a65c3b48fee46ff067
Reviewed-on: https://go-review.googlesource.com/c/go/+/468735 Reviewed-by: Damien Neil <dneil@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Ian Lance Taylor [Wed, 15 Feb 2023 22:05:22 +0000 (14:05 -0800)]
cmd/link: don't switch to gold on ARM Linux
The bug in GNU ld appears to have been fixed in GNU binutils 2.28 by
GNU binutils revision 5522f910cb539905d6adfdceab208ddfa5e84557.
(This may have been accidental as the ChangeLog for the fix makes
no reference to it; the fix is from
https://sourceware.org/bugzilla/show_bug.cgi?id=19962).
Continue using gold on arm64, at least for now, because as reported in
issue #22040 GNU ld still fails there.
For #15696
For #22040
Change-Id: I5534bb8b5680daf536a7941aba5c701e8a4138ab
Reviewed-on: https://go-review.googlesource.com/c/go/+/468655 Reviewed-by: Ian Lance Taylor <iant@google.com>
Run-TryBot: Ian Lance Taylor <iant@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Than McIntosh <thanm@google.com>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
Oleksandr Redko [Sun, 12 Feb 2023 13:37:00 +0000 (15:37 +0200)]
src: rename unexported errors by adding prefix err
By convention, use `err` as prefix for variables of type `error`.
Change-Id: I9401d5d47e994a27be245b2c8b1edd55cdd52db1
Reviewed-on: https://go-review.googlesource.com/c/go/+/467536
Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Robert Griesemer <gri@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@google.com>
Run-TryBot: Ian Lance Taylor <iant@google.com>
Instead of keeping track of in which blocks write barriers complete,
introduce a new op that marks the exact memory state where the
write barrier completes.
For future use. This allows us to move some of the write barrier code
to between the start of the merging block and the WBend marker.
Change-Id: If3809b260292667d91bf0ee18d7b4d0eb1e929f0
Reviewed-on: https://go-review.googlesource.com/c/go/+/447777 Reviewed-by: Keith Randall <khr@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com>
Run-TryBot: Keith Randall <khr@golang.org>
Keith Randall [Mon, 9 Jan 2023 22:29:49 +0000 (14:29 -0800)]
cmd/compile: share compiler allocations of similar shapes
Use the same allocator for, e.g., []int32 and []int8. Anything with
similar base shapes and be coerced into a single allocator, which helps
reuse memory more often.
There is not much unsafe in the compiler currently. This adds quite a bit,
joining cmd/compiler/internal/base/mapfile_mmap.go and some unsafe.Sizeof calls.
Change-Id: I95d6d6e47c42b9f0a45f3556f4d7605735e65d99
Reviewed-on: https://go-review.googlesource.com/c/go/+/461084 Reviewed-by: Michael Pratt <mpratt@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: David Chase <drchase@google.com>
Run-TryBot: Keith Randall <khr@golang.org>
Will Hawkins [Mon, 19 Dec 2022 16:49:33 +0000 (11:49 -0500)]
net/http: support streaming POST content in wasm
With new releases of Chrome, Opera and Deno it is possible to stream the
body of a POST request. Add support for using that interface when it is
available.
Change-Id: Ib23d63cd3dea634bd9e267abf4e9a9bfa9c525ad
Reviewed-on: https://go-review.googlesource.com/c/go/+/458395
Auto-Submit: Johan Brandhorst-Satzkorn <johan.brandhorst@gmail.com> Reviewed-by: Michael Pratt <mpratt@google.com>
Run-TryBot: Dmitri Shuralyov <dmitshur@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Johan Brandhorst-Satzkorn <johan.brandhorst@gmail.com>
Akhil Indurti [Sat, 11 Feb 2023 03:08:14 +0000 (19:08 -0800)]
math: add Compare and Compare32
This change introduces the Compare and Compare32 functions
based on the total-ordering predicate in IEEE-754, section 5.10.
In particular,
* -NaN is ordered before any other value
* +NaN is ordered after any other value
* -0 is ordered before +0
* All other values are ordered the usual way
Change-Id: I5c9c77430a2872f380688c1b0a66f2105b77d5ac
Reviewed-on: https://go-review.googlesource.com/c/go/+/467515 Reviewed-by: WANG Xuerui <git@xen0n.name>
Run-TryBot: Ian Lance Taylor <iant@golang.org> Reviewed-by: Lynn Boger <laboger@linux.vnet.ibm.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Run-TryBot: Ian Lance Taylor <iant@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com> Reviewed-by: Michael Pratt <mpratt@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Bryan C. Mills [Thu, 9 Feb 2023 21:35:04 +0000 (16:35 -0500)]
cmd/go: fuzz test splitPkgConfigOutput and fix minor bugs
In reviewing CL 466875, I noticed that the implementation of
splitPkgConfigOutput from CL 86541 referred to another specific
implementation, and that implementation has had recent changes to fix
deviations from the POSIX specification for shell argument parsing.
Curious about those changes, I decided to fuzz the function to check
whether it agreed in practice with the way a real shell parses
arguments in POSIX mode. It turned out to deviate in several edge
cases, such as backslash-escapes within single quotes, quoted empty
strings, and carriage returns. (We do not expect to see carriage
returns in pkg-config output anyway, but the quote handling might
matter.)
This change updates the implementation to refer to the POSIX
documentation instead of another implementation, and confirms the
behavior with a fuzz test. It may introduce minor deviations from the
pkgconf implementation that was previously used as a reference, but if
so it is plausible that those could be fixed upstream in pkgconf
(like the other recent changes there).
Michael Anthony Knyszek [Wed, 4 Jan 2023 05:20:58 +0000 (05:20 +0000)]
runtime: check for overflow in sweep assist
The sweep assist computation is intentionally racy for performance,
since the specifics of sweep assist aren't super sensitive to error.
However, if overflow occurs when computing the live heap delta, we can
end up with a massive sweep target that causes the sweep assist to sweep
until sweep termination, causing severe latency issues. In fact, because
heapLive doesn't always increase monotonically then anything that
flushes mcaches will cause _all_ allocating goroutines to inevitably get
stuck in sweeping.
Consider the following scenario:
1. SetGCPercent is called, updating sweepHeapLiveBasis to heapLive.
2. Very shortly after, ReadMemStats is called, flushing mcaches and
decreasing heapLive below the value sweepHeapLiveBasis was set to.
3. Every allocating goroutine goes to refill its mcache, calls into
deductSweepCredit for sweep assist, and gets stuck sweeping until
the sweep phase ends.
Fix this by just checking for overflow in the delta live heap calculation
and if it would overflow, pick a small delta live heap. This probably
means that no sweeping will happen at all, but that's OK. This is a
transient state and the runtime will recover as soon as heapLive
increases again.
Note that deductSweepCredit doesn't check overflow on other operations
but that's OK: those operations are signed and extremely unlikely to
overflow. The subtraction targeted by this CL is only a problem because
it's unsigned. An alternative fix would be to make the operation signed,
but being explicit about the overflow situation seems worthwhile.
Fixes #57523.
Change-Id: Ib18f71f53468e913548aac6e5358830c72ef0215
Reviewed-on: https://go-review.googlesource.com/c/go/+/460376
Auto-Submit: Michael Knyszek <mknyszek@google.com> Reviewed-by: Michael Pratt <mpratt@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Michael Knyszek <mknyszek@google.com>
Ian Lance Taylor [Tue, 14 Feb 2023 17:38:18 +0000 (09:38 -0800)]
slices: skip TestGrow allocation test if noopt
Change-Id: Ie444367c6bb16ed78482d1786b546e6daa63444a
Reviewed-on: https://go-review.googlesource.com/c/go/+/468196 Reviewed-by: Bryan Mills <bcmills@google.com>
Run-TryBot: Ian Lance Taylor <iant@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@google.com>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Roland Shoemaker [Wed, 14 Dec 2022 17:43:16 +0000 (09:43 -0800)]
crypto/tls: replace all usages of BytesOrPanic
Message marshalling makes use of BytesOrPanic a lot, under the
assumption that it will never panic. This assumption was incorrect, and
specifically crafted handshakes could trigger panics. Rather than just
surgically replacing the usages of BytesOrPanic in paths that could
panic, replace all usages of it with proper error returns in case there
are other ways of triggering panics which we didn't find.
In one specific case, the tree routed by expandLabel, we replace the
usage of BytesOrPanic, but retain a panic. This function already
explicitly panicked elsewhere, and returning an error from it becomes
rather painful because it requires changing a large number of APIs.
The marshalling is unlikely to ever panic, as the inputs are all either
fixed length, or already limited to the sizes required. If it were to
panic, it'd likely only be during development. A close inspection shows
no paths for a user to cause a panic currently.
This patches ends up being rather large, since it requires routing
errors back through functions which previously had no error returns.
Where possible I've tried to use helpers that reduce the verbosity
of frequently repeated stanzas, and to make the diffs as minimal as
possible.
Thanks to Marten Seemann for reporting this issue.
Fixes #58001
Fixes CVE-2022-41724
Change-Id: Ieb55867ef0a3e1e867b33f09421932510cb58851
Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1679436 Reviewed-by: Julie Qiu <julieqiu@google.com>
TryBot-Result: Security TryBots <security-trybots@go-security-trybots.iam.gserviceaccount.com>
Run-TryBot: Roland Shoemaker <bracewell@google.com> Reviewed-by: Damien Neil <dneil@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/468125
Run-TryBot: Michael Pratt <mpratt@google.com> Reviewed-by: Than McIntosh <thanm@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Auto-Submit: Michael Pratt <mpratt@google.com>
Damien Neil [Wed, 25 Jan 2023 17:27:01 +0000 (09:27 -0800)]
mime/multipart: limit memory/inode consumption of ReadForm
Reader.ReadForm is documented as storing "up to maxMemory bytes + 10MB"
in memory. Parsed forms can consume substantially more memory than
this limit, since ReadForm does not account for map entry overhead
and MIME headers.
In addition, while the amount of disk memory consumed by ReadForm can
be constrained by limiting the size of the parsed input, ReadForm will
create one temporary file per form part stored on disk, potentially
consuming a large number of inodes.
Update ReadForm's memory accounting to include part names,
MIME headers, and map entry overhead.
Update ReadForm to store all on-disk file parts in a single
temporary file.
Files returned by FileHeader.Open are documented as having a concrete
type of *os.File when a file is stored on disk. The change to use a
single temporary file for all parts means that this is no longer the
case when a form contains more than a single file part stored on disk.
The previous behavior of storing each file part in a separate disk
file may be reenabled with GODEBUG=multipartfiles=distinct.
Update Reader.NextPart and Reader.NextRawPart to set a 10MiB cap
on the size of MIME headers.
Thanks to Jakob Ackermann (@das7pad) for reporting this issue.
Fixes #58006
Fixes CVE-2022-41725
Change-Id: Ibd780a6c4c83ac8bcfd3cbe344f042e9940f2eab
Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1714276 Reviewed-by: Julie Qiu <julieqiu@google.com>
TryBot-Result: Security TryBots <security-trybots@go-security-trybots.iam.gserviceaccount.com> Reviewed-by: Roland Shoemaker <bracewell@google.com>
Run-TryBot: Damien Neil <dneil@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/468124
Auto-Submit: Michael Pratt <mpratt@google.com>
Run-TryBot: Michael Pratt <mpratt@google.com> Reviewed-by: Than McIntosh <thanm@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Damien Neil [Tue, 13 Dec 2022 00:43:37 +0000 (16:43 -0800)]
path/filepath: do not Clean("a/../c:/b") into c:\b on Windows
Do not permit Clean to convert a relative path into one starting
with a drive reference. This change causes Clean to insert a .
path element at the start of a path when the original path does not
start with a volume name, and the first path element would contain
a colon.
This may introduce a spurious but harmless . path element under
some circumstances. For example, Clean("a/../b:/../c") becomes `.\c`.
This reverts CL 401595, since the change here supersedes the one
in that CL.
Thanks to RyotaK (https://twitter.com/ryotkak) for reporting this issue.
Fixes #57274
Fixes CVE-2022-41722
Change-Id: I837446285a03aa74c79d7642720e01f354c2ca17
Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1675249 Reviewed-by: Roland Shoemaker <bracewell@google.com>
Run-TryBot: Damien Neil <dneil@google.com> Reviewed-by: Julie Qiu <julieqiu@google.com>
TryBot-Result: Security TryBots <security-trybots@go-security-trybots.iam.gserviceaccount.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/468123
Run-TryBot: Michael Pratt <mpratt@google.com> Reviewed-by: Than McIntosh <thanm@google.com>
Auto-Submit: Michael Pratt <mpratt@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
cui fliter [Tue, 14 Feb 2023 14:42:38 +0000 (22:42 +0800)]
all: fix some comments
Change-Id: I16ec916b47de2f417b681c8abff5a1375ddf491b
Reviewed-on: https://go-review.googlesource.com/c/go/+/468055
Run-TryBot: Ian Lance Taylor <iant@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Matthew Dempsky [Mon, 13 Feb 2023 22:40:01 +0000 (14:40 -0800)]
go/internal/gcimporter: restore Go 1.19 Package.SetImports behavior
This CL is a port of go.dev/cl/465936 from the x/tools importer, which
changes the unified importer to (1) only call Package.SetImports on
the main package being imported (not any transitively imported
packages), and (2) to only populate it with any packages that were
referenced by the exported API.
With these changes, it should behave identically to how the indexed
importer worked in Go 1.19. It will also allow eventually dropping the
serialized import DAG from the export data format, which should help
with export data file sizes somewhat.
Updates #54096.
Updates #58296.
Change-Id: I70d252a19cada3333ed59b16d1df2abc5a4cff73
Reviewed-on: https://go-review.googlesource.com/c/go/+/467896 Reviewed-by: Alan Donovan <adonovan@google.com>
Run-TryBot: Matthew Dempsky <mdempsky@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Ian Lance Taylor [Fri, 10 Feb 2023 21:52:37 +0000 (13:52 -0800)]
slices: new package
This copies parts of x/exp/slices into the standard library.
We omit all functions that depend on constraints.Ordered,
and the Func variants of all such functions. In particular this
omits the various Sort and Search functions.
Fixes #57433
Change-Id: I3c28f4c2e6bd1e3c9ad70e120a0dd68065388f77
Reviewed-on: https://go-review.googlesource.com/c/go/+/467417
Run-TryBot: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Eli Bendersky <eliben@google.com>
Run-TryBot: Ian Lance Taylor <iant@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Than McIntosh [Mon, 13 Feb 2023 15:13:57 +0000 (10:13 -0500)]
cmd/link/internal/ld: fix text section splitting for ARM
Fix a problem with trampoline generation for ARM that was causing link
failures when building selected k8s targets. Representative error
(this is coming from the external linker):
go.go:(.text+...): relocation truncated to fit: R_ARM_CALL against `runtime.duffcopy'
The Go linker is supposed to be limiting text section size for ARM to
0x1c00000 bytes, however due to a problem in the tramp generation
phase this limit wasn't being enforced.
Updates #58428.
Fixes #58425.
Change-Id: I4e778bdcbebeab607a6e626b354ca5109e52a1aa
Reviewed-on: https://go-review.googlesource.com/c/go/+/467715
Run-TryBot: Than McIntosh <thanm@google.com> Reviewed-by: David Chase <drchase@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Change-Id: Ie81062997289d622756881acdd11af66611cd778
GitHub-Last-Rev: 5ef07542b47f243d5a66ef166c74db0348fd2c80
GitHub-Pull-Request: golang/go#58473
Reviewed-on: https://go-review.googlesource.com/c/go/+/467518 Reviewed-by: Ian Lance Taylor <iant@google.com> Reviewed-by: Than McIntosh <thanm@google.com>
Run-TryBot: Ian Lance Taylor <iant@google.com>
TryBot-Bypass: Ian Lance Taylor <iant@golang.org>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Ian Lance Taylor [Fri, 10 Feb 2023 22:47:07 +0000 (14:47 -0800)]
cmd/dist: use a copy of platform.BuildModeSupported
The dist tool already includes a similar duplicate of BuildModeSupported.
Replace it with an exact copy, to make it easier to maintain going forward.
Change-Id: Id14a6c5a48f92d843e02218d87cc62c6b001923b
Reviewed-on: https://go-review.googlesource.com/c/go/+/467495 Reviewed-by: Bryan Mills <bcmills@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
Run-TryBot: Ian Lance Taylor <iant@google.com>
Joel Sing [Sat, 17 Sep 2022 15:43:20 +0000 (01:43 +1000)]
internal/bytealg: simplify and improve compare on riscv64
Remove some unnecessary loops and pull the comparison code out from the
compare/loop code. Add an unaligned 8 byte comparison, which reads 8 bytes
from each input before comparing them. This gives a reasonable gain in
performance for the large unaligned case.
Max Altgelt [Fri, 10 Feb 2023 10:38:42 +0000 (11:38 +0100)]
runtime: Allow handling of EXCEPTION_IN_PAGE_ERROR
Currently, access faults on memory mapped files on Windows (e.g.
from the drive the memory mapped file is on being ejected) cause
a runtime fault that can not be caught by debug.SetPanicOnFault.
On Unix systems, on the other hand, this causes a SIGBUS signal,
which can be caught by debug.SetPanicOnFault. Given that the
documentation of debug.SetPanicOnFault mentions handling memory
mapped files, this is arguably the correct behaviour.
Add handling, analogous to SIGBUS, to EXCEPTION_IN_PAGE_ERROR
on Windows, to allow for users to handle this error.
Fixes #58457
Change-Id: Ic7695fc01271f3552782089ac75c403d5279811f
Reviewed-on: https://go-review.googlesource.com/c/go/+/467195 Reviewed-by: David Chase <drchase@google.com> Reviewed-by: Quim Muntal <quimmuntal@gmail.com>
Run-TryBot: David Chase <drchase@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Russ Cox <rsc@golang.org> Reviewed-by: Alex Brainman <alex.brainman@gmail.com>