As specified by RFC 8018. Also prevent unexpected overflows on 32 bit
systems.
Change-Id: I50c4a177b7d1ebb15f9b3b96e515d93f19d3f68e
Reviewed-on: https://go-review.googlesource.com/c/go/+/644122
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Roland Shoemaker <roland@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Robert Griesemer <gri@google.com>
I don't know why this code calls panic(err) rather than
t.Fatal(err), but I didn't change it.
Change-Id: I9aa7503c604bd8d4f27cc295e2ec742446906df9
Reviewed-on: https://go-review.googlesource.com/c/go/+/643995
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
crypto/internal/sysrand/internal/seccomp needs cgo to disable getrandom.
Before this change, "CGO_ENABLED=0 go test crypto/internal/sysrand"
would fail on Linux.
Change-Id: I6a6a465685b480c846e5479da0659e90ab7f3a65
Reviewed-on: https://go-review.googlesource.com/c/go/+/642737
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Roland Shoemaker <roland@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
In ProcessCoverTestDir pass the selected set of packages to
EmitTextual in addition to EmitPercent, so that when we have runs with
multiple packages selected but without -coverpkg, text format output
for package P was incorrectly including output for P's covered
dependencies. This is in effect an extension of the fix for issue
65570.
Includes a cmd/go script test to verify correct behavior; ideally it
would be nice to locate this test in .../internal/coverage somewhere
but at the moment script tests are only supported for
cmd/{go,compile,link}.
Updates #65570.
Fixes#70244.
Change-Id: Ia0bb10155353aa0f2ead46e81a2aaa71bde4ef82
Reviewed-on: https://go-review.googlesource.com/c/go/+/627316
Reviewed-by: David Chase <drchase@google.com>
Reviewed-by: Michael Knyszek <mknyszek@google.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Auto-Submit: Than McIntosh <thanm@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Change-Id: I4770443c8eaa12add2e04cbf9d18ebfbbd851162
Reviewed-on: https://go-review.googlesource.com/c/go/+/643259
Reviewed-by: Michael Pratt <mpratt@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Commit-Queue: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
This CL reintroduces the various mapiter* linkname functions with a
compatibility layer that is careful to maintain compatibility with users
of the linkname.
The wrappers are straightforward. Callers of these APIs get an extra
layer of indirection, with their hiter containing a pointer to the real
maps.Iter. These users will take a minor performance hit from the extra
allocation, but this approach should have good long-term
maintainability.
Fixes#71408.
Change-Id: I6a6a636c7574bbd670ff5243dfeb63dfba6dc611
Reviewed-on: https://go-review.googlesource.com/c/go/+/643899
Auto-Submit: Michael Pratt <mpratt@google.com>
Reviewed-by: Keith Randall <khr@google.com>
Reviewed-by: Keith Randall <khr@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
mapiterinit allows external linkname. These users must allocate their
own iter struct for initialization by mapiterinit. Since the type is
unexported, they also must define the struct themselves. As a result,
they of course define the struct matching the old hiter definition (in
map_noswiss.go).
The old definition is smaller on 32-bit platforms. On those platforms,
mapiternext will clobber memory outside of the caller's allocation.
On all platforms, the pointer layout between the old hiter and new
maps.Iter does not match. Thus the GC may miss pointers and free
reachable objects early, or it may see non-pointers that look like heap
pointers and throw due to invalid references to free objects.
To avoid these issues, we must keep mapiterinit and mapiternext with the
old hiter definition. The most straightforward way to do this is to use
mapiterinit and mapiternext as a compatibility layer between the old and
new iter types.
The first step to that is to move normal map use off of these functions,
which is what this CL does.
Introduce new mapIterStart and mapIterNext functions that replace the
former functions everywhere in the toolchain. These have the same
behavior as the old functions.
This CL temporarily makes the old functions throw to ensure we don't
have hidden dependencies on them. We cannot remove them entirely because
GOEXPERIMENT=noswissmap still uses the old names, and internal/goobj
requires all builtins to exist regardless of GOEXPERIMENT. The next CL
will introduce the compatibility layer.
I want to avoid using linkname between runtime and reflect, as that
would also allow external linknames. So mapIterStart and mapIterNext are
duplicated in reflect, which can be done trivially, as it imports
internal/runtime/maps.
For #71408.
Change-Id: I6a6a636c6d4bd1392618c67ca648d3f061afe669
Reviewed-on: https://go-review.googlesource.com/c/go/+/643898
Auto-Submit: Michael Pratt <mpratt@google.com>
Reviewed-by: Keith Randall <khr@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Keith Randall <khr@golang.org>
It moved in CL 310731.
Change-Id: I97340848b55e327d3b25949ec3850aec33448bbe
Reviewed-on: https://go-review.googlesource.com/c/go/+/644955
Reviewed-by: Carlos Amedee <carlos@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Michael Knyszek <mknyszek@google.com>
Auto-Submit: Ian Lance Taylor <iant@golang.org>
Fixes#71235
Change-Id: I62aebb9d421db0e4b57ad5cae25c70f47aa5f8f9
GitHub-Last-Rev: 6e0fba07dd
GitHub-Pull-Request: golang/go#71239
Reviewed-on: https://go-review.googlesource.com/c/go/+/642375
Reviewed-by: Jonathan Amsterdam <jba@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Commit-Queue: Ian Lance Taylor <iant@google.com>
Change-Id: I7fe5c6a0521d3c597eae0f3568942df1db9370b1
Reviewed-on: https://go-review.googlesource.com/c/go/+/642497
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Reviewed-by: Robert Griesemer <gri@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Without fipsApproved set, when the CAST runs it sets the service
indicator to false for the whole span.
This is a very late Go 1.24 change, but it is necessary for the frozen
FIPS module, and doesn't impact anything else than the FIPS status
indicator value.
Change-Id: I6a6a46567818135158c3c252b5480431a190572b
Reviewed-on: https://go-review.googlesource.com/c/go/+/644636
Auto-Submit: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Carlos Amedee <carlos@golang.org>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
This is a very late Go 1.24 change, but it is necessary for the frozen
FIPS module, and doesn't impact anything else than the FIPS status
indicator value.
Change-Id: I6a6a4656f1ac94ac46d631c90a206ac8b6ddcf4c
Reviewed-on: https://go-review.googlesource.com/c/go/+/644635
Auto-Submit: Roland Shoemaker <roland@golang.org>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Reviewed-by: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Carlos Amedee <carlos@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
We are running the (slow on s390x) ScalarBaseMult and then discarding
the point because we are reusing randomPoint.
Copied the function 1:1 removing the point computation.
Change-Id: I6a6a46561633ab3bbbaef804481f6c5da15fe2fa
Reviewed-on: https://go-review.googlesource.com/c/go/+/644775
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Auto-Submit: Roland Shoemaker <roland@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Carlos Amedee <carlos@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
This CL silences errors caused by GOAUTH=netrc and HOME being unset.
Instead, we log the error if the -x flag is set.
Cq-Include-Trybots: luci.golang.try:gotip-linux-amd64-longtest,gotip-windows-amd64-longtest
Change-Id: Ibd323769f3562c169ebf559e060e9afbb63047bc
Reviewed-on: https://go-review.googlesource.com/c/go/+/643917
Reviewed-by: Michael Matloob <matloob@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
This reverts CL 610195.
Reason for revert: SIGILL on macOS. See issue #71411.
Updates #69124, #60905.
Fixes#71411.
Change-Id: Ie0624e516dfb32fb13563327bcd7f557e5cba940
Reviewed-on: https://go-review.googlesource.com/c/go/+/644695
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Keith Randall <khr@golang.org>
Reviewed-by: Keith Randall <khr@google.com>
Reviewed-by: Mauri de Souza Meneguzzo <mauri870@gmail.com>
This prevents a possible use-after-free.
Change-Id: I02488206660d38cac5ebf2f11009907ae8f22157
Reviewed-on: https://go-review.googlesource.com/c/go/+/644119
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: David Chase <drchase@google.com>
It uses a throwaway FileSet, so all position info is
wrong, and potentially misleading.
(Various other helpers in go/types testing also use a
throwaway FileSet, and should really accept it as a parameter.)
Fixes#71272
Change-Id: I9d899b987837b4041a299aad5ec266cb4f5d125c
Reviewed-on: https://go-review.googlesource.com/c/go/+/643777
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Robert Griesemer <gri@google.com>
Auto-Submit: Alan Donovan <adonovan@google.com>
This fixes the check that ensures that arg is not equal to ptr in
AddCleanup. This also changes any use of throw to panic in AddCleanup.
Fixes#71316
Change-Id: Ie5a3e0163b254dff44b7fefedf75207ba587b771
Reviewed-on: https://go-review.googlesource.com/c/go/+/643655
Reviewed-by: Cherry Mui <cherryyz@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
The TestRootConcurrentClose test can fail when GOARCH=WASM because of
goroutine starvation. The spawned goroutine will sometimes run in a
loop and never have the main goroutine be scheduled. This causes the
test to fail due to a timeout. This change forces the goroutine to be
scheduled with each iteration of the loop when GOARCH=WASM.
For #71134Fixes#71117
Change-Id: I4fb68907c9ac3b33bd0572d5e5db2974a3379191
Reviewed-on: https://go-review.googlesource.com/c/go/+/640195
Reviewed-by: Michael Knyszek <mknyszek@google.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Carlos Amedee <carlos@golang.org>
Remove the branching instruction from p256NegCond which made it variable
time. The technique used matches that used in p256MovCond.
Fixes#71383
Fixes CVE-2025-22866
Change-Id: Ibc2a46814d856cbbdaf6cc0c5a415ed5d42ca793
Reviewed-on: https://go-review.googlesource.com/c/go/+/643735
Reviewed-by: David Chase <drchase@google.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Paul Murphy <murp@ibm.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Arguably it should be deprecated, but that's a process.
Updates #71272
Change-Id: I69de1f9709c45dfea0fe67d96a7bd15d3df4e2f1
Reviewed-on: https://go-review.googlesource.com/c/go/+/643795
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Robert Findley <rfindley@google.com>
Auto-Submit: Alan Donovan <adonovan@google.com>
Pull in x/net CL 642606 and CL 643256 and regenerate h2_bundle.go:
http2: disable extended CONNECT by default
http2: encode :protocol pseudo-header before regular headers
For #36905.
Fixes#70728.
Fixes#71128.
[git-generate]
go install golang.org/x/build/cmd/updatestd@latest
go install golang.org/x/tools/cmd/bundle@latest
updatestd -goroot=$(pwd) -branch=internal-branch.go1.24-vendor
Change-Id: Id853cb96f8fc410956666f5c3ab4c5889c703503
Reviewed-on: https://go-review.googlesource.com/c/go/+/642398
Reviewed-by: Damien Neil <dneil@google.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>
Currently, a documentation reference to a struct member (such as [B.N])
does not result in it being rendered as a link, and thus the square
brackets remain in the rendered documentation which is mildly confusing.
The issue can be seen at
https://pkg.go.dev/testing@master#hdr-b_N_style_benchmarks
Remove the square brackets to fix.
Change-Id: Id374fd2085bd511018220c5d663650f89672302e
Reviewed-on: https://go-review.googlesource.com/c/go/+/643496
Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Alan Donovan <adonovan@google.com>
Refactor cformat.EmitTextual to accept a package filter (list of
packages to report). This is a no-op in terms of exposed coverage
functionality, but we will need this feature in a subsequent patch.
Updates #70244.
Change-Id: I1e6bcbfb5e68187d4d69d54b667e97bc1fdfa2d4
Reviewed-on: https://go-review.googlesource.com/c/go/+/627315
Reviewed-by: David Chase <drchase@google.com>
Reviewed-by: Michael Knyszek <mknyszek@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Remove an assertion that was overly restrictive and hard to get
correct under all circumstances (i.e., in the presence of incorrect)
code. This matches the code for *Named types in that specific switch.
Fixes#71284.
Change-Id: Ifccf8b73dc70cac9cb1c8b24946d16851d511454
Reviewed-on: https://go-review.googlesource.com/c/go/+/643255
Reviewed-by: Robert Findley <rfindley@google.com>
Auto-Submit: Robert Griesemer <gri@google.com>
Reviewed-by: Robert Griesemer <gri@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Commit generated by update.bash.
For #22487.
Change-Id: Ie5002725b9add75fd22b29ea3a7addbe0151b25c
Reviewed-on: https://go-review.googlesource.com/c/go/+/642020
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Tobias Klauser <tobias.klauser@gmail.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
If a wasmexport function is called from the host before
initializing the Go Wasm module, currently it will likely fail
with a bounds error, because the uninitialized SP is 0, and any
SP decrement will make it out of bounds.
As at least some Wasm runtime doesn't call _initialize by default,
This error can be common. And the bounds error looks confusing to
the users. Therefore, we detect this case and emit a clearer error.
Fixes#71240.
Updates #65199.
Change-Id: I107095f08c76cdceb7781ab0304218eab7029ab6
Reviewed-on: https://go-review.googlesource.com/c/go/+/643115
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Michael Knyszek <mknyszek@google.com>
These keys are off-spec, but have historically been accepted by
ParsePKCS1PrivateKey.
Thanks to Philippe Antoine (Catena cyber) for reporting this issue.
Fixes#71216
Fixes CVE-2025-22865
Change-Id: I6a6a46564156fa32e29e8d6acbec3fbac47c7352
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/1820
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Damien Neil <dneil@google.com>
Commit-Queue: Roland Shoemaker <bracewell@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/643098
Auto-Submit: Michael Knyszek <mknyszek@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Michael Pratt <mpratt@google.com>
Store netrc lines into the credential map backward so that earlier lines
take priority over later lines. This matches Go 1.23 netrc lookup which
stopped at the first match it found.
Additionally, this fixes a security issue related to domain parsing
which could have allowed servers to read credentials belonging to other
servers. The fix was to switch from using path.Dir(currentPrefix) to
strings.Cut(currentPrefix, "/")
Thanks to Juho Forsén of Mattermost for reporting this issue.
Fixes#71249
Fixes CVE-2024-45340
Change-Id: I175a00d6d7f4d31c9e4d79b7cf1c2a0ad35b2781
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/1781
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
Commit-Queue: Roland Shoemaker <bracewell@google.com>
Reviewed-by: Roland Shoemaker <bracewell@google.com>
Reviewed-by: Damien Neil <dneil@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/643097
Reviewed-by: Michael Pratt <mpratt@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com>
When checking URI constraints, use netip.ParseAddr, which understands
zones, unlike net.ParseIP which chokes on them. This prevents zone IDs
from mistakenly satisfying URI constraints.
Thanks to Juho Forsén of Mattermost for reporting this issue.
Fixes#71156
Fixes CVE-2024-45341
Change-Id: Iecac2529f3605382d257996e0fb6d6983547e400
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/1700
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Damien Neil <dneil@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/643096
Reviewed-by: Michael Pratt <mpratt@google.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
When an HTTP redirect changes the host of a request, we drop
sensitive headers such as Authorization from the redirected request.
Fix a bug where a chain of redirects could result in sensitive
headers being sent to the wrong host:
1. request to a.tld with Authorization header
2. a.tld redirects to b.tld
3. request to b.tld with no Authorization header
4. b.tld redirects to b.tld
3. request to b.tld with Authorization header restored
Thanks to Kyle Seely for reporting this issue.
For #70530
Fixes CVE-2024-45336
Change-Id: Ia58a2e10d33d6b0cc7220935e771450e5c34de72
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/1641
Reviewed-by: Roland Shoemaker <bracewell@google.com>
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
Commit-Queue: Roland Shoemaker <bracewell@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/643095
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Michael Pratt <mpratt@google.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com>
Perform minor cleanups in tests to improve printout of diffs
and/or follow modern coding style.
This reduces the amount of diffs between v1 and the v2 prototype.
Change-Id: I019bb9642e2135f2fa3eac6abfa6df91c397aa82
Reviewed-on: https://go-review.googlesource.com/c/go/+/642257
Reviewed-by: Damien Neil <dneil@google.com>
Auto-Submit: Joseph Tsai <joetsai@digital-static.net>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Newer git versions (at least git 2.47.1) do not send all the matching tags
for a shallow fetch of a specific hash anymore. The go command assumes
that git servers do this. Since that assumption is broken, use the local
copy of the remote refs list to augment the tags sent by the server.
This makes the cmd/go/internal/modfetch tests pass again with newer git.
Fixes#71261.
Change-Id: I9fd4f3fd7beeb68a522938599f8f3acd887d0b26
Reviewed-on: https://go-review.googlesource.com/c/go/+/642437
Reviewed-by: Michael Matloob <matloob@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Russ Cox <rsc@golang.org>
https://ci.chromium.org/ui/inv/build-8725798219051312433/test-results?sortby=&groupby=
shows a mysterious failure with this stack:
=== RUN BenchmarkAll
BenchmarkAll
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x7c497f]
goroutine 20 gp=0xc000004000 m=7 mp=0xc000182808 [running]:
panic({0x81c5e0?, 0xabc6b0?})
/home/swarming/.swarming/w/ir/x/w/goroot/src/runtime/panic.go:806 +0x168 fp=0xc00c7ffce0 sp=0xc00c7ffc30 pc=0x4ad4c8
runtime.panicmem(...)
/home/swarming/.swarming/w/ir/x/w/goroot/src/runtime/panic.go:262
runtime.sigpanic()
/home/swarming/.swarming/w/ir/x/w/goroot/src/runtime/signal_unix.go:925 +0x359 fp=0xc00c7ffd40 sp=0xc00c7ffce0 pc=0x4af6d9
cmd/api.(*Walker).export(0xc000034100, 0x0)
/home/swarming/.swarming/w/ir/x/w/goroot/src/cmd/api/main_test.go:193 +0x3f fp=0xc00c7ffe08 sp=0xc00c7ffd40 pc=0x7c497f
cmd/api.BenchmarkAll(0xc000214288)
/home/swarming/.swarming/w/ir/x/w/goroot/src/cmd/api/api_test.go:205 +0x207 fp=0xc00c7ffeb0 sp=0xc00c7ffe08 pc=0x7c1c07
testing.(*B).runN(0xc000214288, 0x1)
/home/swarming/.swarming/w/ir/x/w/goroot/src/testing/benchmark.go:202 +0x291 fp=0xc00c7fff78 sp=0xc00c7ffeb0 pc=0x57e611
testing.(*B).run1.func1()
/home/swarming/.swarming/w/ir/x/w/goroot/src/testing/benchmark.go:224 +0x7c fp=0xc00c7fffe0 sp=0xc00c7fff78 pc=0x57f11c
runtime.goexit({})
/home/swarming/.swarming/w/ir/x/w/goroot/src/runtime/asm_amd64.s:1700 +0x1 fp=0xc00c7fffe8 sp=0xc00c7fffe0 pc=0x4b4a61
created by testing.(*B).run1 in goroutine 1
/home/swarming/.swarming/w/ir/x/w/goroot/src/testing/benchmark.go:217 +0x173
So import_ must have returned an error, making pkg nil. Show that error.
Also do the same at the other calls to import_.
Change-Id: Ie782571c4bda3334a86b303f61969cf1cc7d3c32
Reviewed-on: https://go-review.googlesource.com/c/go/+/642438
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
Re-enable tests for stack-allocated maps and fast map accessors.
Those are implemented now.
Update #54766
Change-Id: I8c019702bd9fb077b2fe3f7c78e8e9e10d2263a6
Reviewed-on: https://go-review.googlesource.com/c/go/+/642376
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Keith Randall <khr@google.com>
Reviewed-by: Michael Pratt <mpratt@google.com>
Auto-Submit: Keith Randall <khr@golang.org>
Change-Id: I17bc68a2e3a96d0dc3d9ddcad40149df37fc4839
Reviewed-on: https://go-review.googlesource.com/c/go/+/642198
Reviewed-by: Ian Lance Taylor <iant@google.com>
Reviewed-by: Damien Neil <dneil@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Auto-Submit: Damien Neil <dneil@google.com>
This case recently started happening on the builders.
The synctest experiment was recently enabled for some targets (CL 642422).
This caused the list of standard packages to include testing/synctest.
However, BenchmarkAll tests for all configurations;
some did not include testing/synctest. That caused the test to crash.
Change-Id: Icade10af147c2e2bcbac25bf744919083db3e70f
Reviewed-on: https://go-review.googlesource.com/c/go/+/642397
Auto-Submit: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Reviewed-by: Russ Cox <rsc@golang.org>
Change-Id: Ic410375987c0f376d0a975e5a6284de10f08b741
Reviewed-on: https://go-review.googlesource.com/c/go/+/642495
Auto-Submit: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Alan Donovan <adonovan@google.com>
Reviewed-by: Michael Knyszek <mknyszek@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
The existing code assumed the type argument count check in
Checker.instance couldn't fail for generic alias types
(matching the code for generic signatures), but it actually
can.
Adjust the code accordingly and document that the result of
Checker.instance may be invalid.
Review all call sites of Checker.instance and make sure we
handle the failure case, or document the code accordingly
(in the case of generic signatures).
When reporting an type argument count error, use the alias
name rather than the alias string representation to match
the error we get for a non-alias type.
While at it, update the manual.go template for ease of use.
Fixes#71198.
Change-Id: I6d19ec6418440e9b49574a2d7dd9825e0af6c2fc
Reviewed-on: https://go-review.googlesource.com/c/go/+/641857
Reviewed-by: Robert Findley <rfindley@google.com>
Reviewed-by: Robert Griesemer <gri@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Robert Griesemer <gri@google.com>
Change-Id: If4d3b3965762c8979d304a82493c9eb1068ee13c
Reviewed-on: https://go-review.googlesource.com/c/go/+/642037
Reviewed-by: Robert Griesemer <gri@google.com>
TryBot-Bypass: Robert Griesemer <gri@google.com>
Reviewed-by: Michael Knyszek <mknyszek@google.com>
Auto-Submit: Robert Griesemer <gri@google.com>
The presence of a syntax error in the input immediately unmarshaling
before unmarshaling into the underlying value.
Otherwise, semantic errors are generally lazily reported and
allow unmarshaling to continue on.
Change-Id: Icf1cfc684e415312d9c8bf739c396ede15299d7d
Reviewed-on: https://go-review.googlesource.com/c/go/+/642295
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Joseph Tsai <joetsai@digital-static.net>
Reviewed-by: Michael Knyszek <mknyszek@google.com>
Even if an error occurs during unmarshal, check the resulting Go value.
The documented API specifies no guarantees on how much of a Go value
will be populated when an error occurs and the "json" package
is technically not bounded by the Go compatibility agreement
to ensure this behavior never changes.
However, there is still value in running checks for
what exactly what is partially mutated in the event of an error
even if this is not guaranteed behavior.
Change-Id: I6e923a31f77768a14c4adfb0d37dbeee5807a4a2
Reviewed-on: https://go-review.googlesource.com/c/go/+/642275
Auto-Submit: Joseph Tsai <joetsai@digital-static.net>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Michael Knyszek <mknyszek@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
We can't coalesce a non-WB store with a subsequent Move, as the
result of the store might be the source of the move.
There's a simple codegen test. Not sure how we might do a real test,
as all the repro's I've come up with are very expensive and unreliable.
Fixes#71228
Change-Id: If18bf181a266b9b90964e2591cd2e61a7168371c
Reviewed-on: https://go-review.googlesource.com/c/go/+/642197
Reviewed-by: Keith Randall <khr@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: David Chase <drchase@google.com>
Adds ACVP test coverage for the hmacDRBG algorithm based on the NIST
spec:
https://pages.nist.gov/ACVP/draft-vassilev-acvp-drbg.html#section-7.2
The HMAC DRBG algorithm in our fips module is a minimal implementation
tailored for use for generating ECDSA nonces and so lives in
crypto/internal/fips140/ecdsa.
In order to be testable by crypto/internal/fips140test this changeset
exports a ecdsa.TestingOnlyNewDrbg() constructor to support the ACVP use-case.
All FIPS-compatible SHA2 and SHA3 digests are tested.
The ACVP capability registration is customized to match the limited
capabilities of our ecdsa-focused impl. Most notably:
* reseedImplemented is false - we expect this impl to be invoked
only once or twice per instantiation and do not support explicit
reseeding.
* predResistanceEnabled is false - this requires reseeding.
* Per mode:
* derFuncEnabled is always false - this is only used by ctrDRBG.
* additionalInputLen is 0 for all modes - this is only used with
preResistanceEnabled.
The other capability values are chosen based on Table 4:
https://pages.nist.gov/ACVP/draft-vassilev-acvp-drbg.html#section-7.4
Updates #69642
Change-Id: Ia58979d691f912e2ed739a05efb719f580fbbf89
Reviewed-on: https://go-review.googlesource.com/c/go/+/639775
Reviewed-by: Michael Pratt <mpratt@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Adds ACVP test coverage for ML-KEM based on the NIST spec:
https://pages.nist.gov/ACVP/draft-celi-acvp-ml-kem.html
Notably we need to update the BoringSSL module version because the
acvptool was only recently updated to support testing ML-KEM.
A few non-test updates are also required for the
crypto/internal/fips140/mlkem package:
* For keyGen tests a new ExpandedBytes768() function is added that
converts a DecapsualtionKey768 struct into the expanded NIST
serialization. The existing Bytes() function returns the
key's seed, while ACVP testing requires the more cumbersome format.
* For decap tests a new TestingOnlyNewDecapsulationKey768()
constructor is added to produce a DecapsulationKey768 struct from the
expanded FIPS 203 serialization provided by the ACVP test vector. The
pre-existing NewDecapsulationKey768() function expects a seed as
input.
The generate1024.go helper is updated to translate the above changes to
the generated mlkem1024.go implementation.
Both of these new functions are exclusively for ACVP usage and so not
present in the public mlkem API. End users should always prefer to work
with seeds.
Updates #69642
Change-Id: I79784f8a8db00a2ddefdcece4b8de50b033c8f69
Reviewed-on: https://go-review.googlesource.com/c/go/+/637439
Reviewed-by: Carlos Amedee <carlos@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: David Chase <drchase@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Could have fixed this some other ways, including inside the FIPS 140-3
module, but this is small and self-contained, clearly not affecting
production non-toy key sizes. This late in the freeze, a surgical fix
felt best.
Fixes#71185
Change-Id: I6a6a465641357c9d6b076c8a520b221be4210ed5
Reviewed-on: https://go-review.googlesource.com/c/go/+/641755
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Russ Cox <rsc@golang.org>
Heap profiles hide "runtime" frames like runtime.mapassign. This broke
in 1.24 because the map implementation moved to internal/runtime/maps,
and runtime/pprof only considered literal "runtime." when looking for
runtime frames.
It would be nice to use cmd/internal/objabi.PkgSpecial to find runtime
packages, but that is hidden away in cmd.
Fixes#71174.
Change-Id: I6a6a636cb42aa17539e47da16854bd3fd8cb1bfe
Reviewed-on: https://go-review.googlesource.com/c/go/+/641775
Auto-Submit: Michael Pratt <mpratt@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Michael Knyszek <mknyszek@google.com>
Roland Shoemaker
Ian Lance Taylor
Filippo Valsorda
Than McIntosh
Michael Pratt
yincong
Sam Thanawalla
Cherry Mui
Alan Donovan
Carlos Amedee
Dmitri Shuralyov
Kir Kolyshkin
Bill Morgan
Wingrez
Robert Griesemer
Tobias Klauser
Roland Shoemaker
Damien Neil
Joe Tsai
Russ Cox
Keith Randall
cuishuang
Sean Liao
Oleksandr Redko
Daniel McCarney