From 01688daca63c3775f07f908268af99bd3d3c9386 Mon Sep 17 00:00:00 2001
From: Daniel McCarney <daniel@binaryparadox.net>
Date: Wed, 19 Feb 2025 12:39:32 -0500
Subject: [PATCH] crypto/tls: support bogo -wait-for-debugger

When this command line flag is provided to the BoGo runner it will:

* Disable some timeouts
* Limit concurrency to 1 worker at a time
* Pass the -wait-for-debugger flag to the shim process
* Print the PID of the shim process to status output

On the shim-side, we need to react to -wait-for-debugger by sending
ourselves a SIGSTOP signal. When a debugger attaches to the shim the
process will be resumed.

This makes it possible to debug both the runner side and the shim side
of a BoGo interaction without resorting to print style debugging.

Since SIGSTOP is not a signal we can use on Windows this functionality
is limited to unix builds.

Updates #72006

Change-Id: Iafa08cf71830cdfde3e6ee4826914236e3cd7e57
Reviewed-on: https://go-review.googlesource.com/c/go/+/650737
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Junyang Shao <shaojunyang@google.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
---
 src/crypto/tls/bogo_shim_notunix_test.go | 11 +++++++++++
 src/crypto/tls/bogo_shim_test.go         |  8 ++++++++
 src/crypto/tls/bogo_shim_unix_test.go    | 18 ++++++++++++++++++
 3 files changed, 37 insertions(+)
 create mode 100644 src/crypto/tls/bogo_shim_notunix_test.go
 create mode 100644 src/crypto/tls/bogo_shim_unix_test.go

diff --git a/src/crypto/tls/bogo_shim_notunix_test.go b/src/crypto/tls/bogo_shim_notunix_test.go
new file mode 100644
index 0000000000..2dcb5c09df
--- /dev/null
+++ b/src/crypto/tls/bogo_shim_notunix_test.go
@@ -0,0 +1,11 @@
+// Copyright 2025 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !unix || wasm
+
+package tls
+
+func pauseProcess() {
+	panic("-wait-for-debugger not supported on this OS")
+}
diff --git a/src/crypto/tls/bogo_shim_test.go b/src/crypto/tls/bogo_shim_test.go
index 569e627373..25367eef61 100644
--- a/src/crypto/tls/bogo_shim_test.go
+++ b/src/crypto/tls/bogo_shim_test.go
@@ -98,6 +98,8 @@ var (
 
 	verifyPeer = flag.Bool("verify-peer", false, "")
 	_          = flag.Bool("use-custom-verify-callback", false, "")
+
+	waitForDebugger = flag.Bool("wait-for-debugger", false, "")
 )
 
 type stringSlice []string
@@ -309,6 +311,12 @@ func bogoShim() {
 			}
 		}
 
+		// If we were instructed to wait for a debugger, then send SIGSTOP to ourselves.
+		// When the debugger attaches it will continue the process.
+		if *waitForDebugger {
+			pauseProcess()
+		}
+
 		for {
 			buf := make([]byte, 500)
 			var n int
diff --git a/src/crypto/tls/bogo_shim_unix_test.go b/src/crypto/tls/bogo_shim_unix_test.go
new file mode 100644
index 0000000000..3b5f5f92c2
--- /dev/null
+++ b/src/crypto/tls/bogo_shim_unix_test.go
@@ -0,0 +1,18 @@
+// Copyright 2025 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build unix && !wasm
+
+package tls
+
+import (
+	"os"
+	"syscall"
+)
+
+func pauseProcess() {
+	pid := os.Getpid()
+	process, _ := os.FindProcess(pid)
+	process.Signal(syscall.SIGSTOP)
+}
-- 
2.51.0