There's more I could list here, but the mapping becomes more complicated
and more fragile. I think this is sufficient to start with.
Fixes#46846.
Change-Id: I6803486a64888b2f38e244b8e2175ad064d648ed
Reviewed-on: https://go-review.googlesource.com/c/go/+/504115
Reviewed-by: Michael Pratt <mpratt@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Michael Knyszek <mknyszek@google.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com>
Running go test -parallel=1 -v, these are the top 10 tests:
PASS: TestScript/mod_invalid_version 40.14s
PASS: TestScript/build_cache_output 46.82s
PASS: TestScript/get_legacy 48.69s
PASS: TestTestCache 58.44s
PASS: TestScript/mod_get_direct 62.88s
PASS: TestScript/build_pgo_auto_multi 63.49s
PASS: TestScript/build_pgo_auto 70.69s
PASS: TestScript/gcflags_patterns 95.17s
PASS: TestScript/mod_list_compiled_concurrent 124.31s
PASS: TestScript/vet_flags 202.85s
Change the top 5 not to run builds at all, so they don't
have to use -a or clear the go build cache.
mod_get_direct should be replaced with a vcs-test test.
mod_invalid_version should be replaced with a vcs-test test.
get_legacy should be deleted eventually.
Change-Id: Id67c458b1a96c912d89cbece341372c2ef5ee082
Reviewed-on: https://go-review.googlesource.com/c/go/+/504536
Reviewed-by: Bryan Mills <bcmills@google.com>
Run-TryBot: Russ Cox <rsc@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
n.TypeCheck() == 3 is never true now, in n.SetTypecheck(x), when x > 2,
it panic.
Change-Id: Ic876680435d4536eb63dcedee20a07ccdf918b91
Reviewed-on: https://go-review.googlesource.com/c/go/+/504435
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Matthew Dempsky <mdempsky@google.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Run-TryBot: Matthew Dempsky <mdempsky@google.com>
Auto-Submit: Matthew Dempsky <mdempsky@google.com>
It said that Attrs with an empty key are ignored.
In fact, zero Attrs are ignored.
Fixes#60870.
Change-Id: I221d3a25b0f0cc9001e06e9cc76bab29292c0741
Reviewed-on: https://go-review.googlesource.com/c/go/+/504535
Run-TryBot: Jonathan Amsterdam <jba@google.com>
Reviewed-by: Alan Donovan <adonovan@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Size is defined as returning -1 if the type is not fixed-size.
Before this CL cases like Size((*[]int)(nil)) would crash.
Fixes#60892
Change-Id: Iee8e20a0aee24b542b78cb4160c3b2c5a3eb02c2
Reviewed-on: https://go-review.googlesource.com/c/go/+/504575
Auto-Submit: Ian Lance Taylor <iant@golang.org>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Robert Griesemer <gri@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Bryan Mills <bcmills@google.com>
Try to avoid fixes from automatic spell checkers.
Change-Id: I1d134fb2721decffa865a3f4d78bca4fce8e8fee
Reviewed-on: https://go-review.googlesource.com/c/go/+/502658
Reviewed-by: Ian Lance Taylor <iant@google.com>
Reviewed-by: Bryan Mills <bcmills@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
We do not index std as a whole module ever.
When working in the main Go repo, files in package change often,
so we don't want to pay the cost of reindexing all of std when what
we really need is just to reindex strings. Per-package indexing
works better for that case.
When using a released Go toolchain, we don't have to worry about
the whole module changing, but if we switch to whole-module indexing
at that point, we have the potential for bugs that only happen in
released toolchains. Probably not worth the risk.
For similar reasons, we don't index the current work module as
a whole module (individual packages are changing), so we use the heuristic
that we only do whole-module indexing in the module cache.
The new toolchain modules live in the module cache, though, and
our heuristic was causing whole-module indexing for them.
As predicted, enabling whole-module indexing for std when it's
completely untested does in fact lead to bugs (a very minor one).
This CL turns off whole-module indexing for std even when it is
in the module cache, to bring toolchain module behavior back in
line with the other ways to run toolchains.
For #57001.
Change-Id: I5012dc713f566846eb4b2848facc7f75bc956eb9
Reviewed-on: https://go-review.googlesource.com/c/go/+/504119
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Bryan Mills <bcmills@google.com>
Auto-Submit: Russ Cox <rsc@golang.org>
Run-TryBot: Russ Cox <rsc@golang.org>
They have to be renamed to _go.mod to make a valid module.
Copy them back to go.mod so that 'go test cmd' has a better
chance of working.
For #57001.
Change-Id: Ied6f0dd77928996ab322a55c5606d7f75431e362
Reviewed-on: https://go-review.googlesource.com/c/go/+/504118
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Bryan Mills <bcmills@google.com>
Auto-Submit: Russ Cox <rsc@golang.org>
Run-TryBot: Russ Cox <rsc@golang.org>
Modules cannot contain go.mod files except at the root
(and we don't keep one at the root). Rename the other go.mod
files to _go.mod.
dl2mod, which we used to convert all the old releases,
did this renaming, but it was missed when porting that
code to distpack.
For #57001.
Fixes#60847.
Change-Id: I4d646b96b5be15df3b79193e254ddc9b11cc8734
Reviewed-on: https://go-review.googlesource.com/c/go/+/503979
Auto-Submit: Russ Cox <rsc@golang.org>
Run-TryBot: Russ Cox <rsc@golang.org>
Reviewed-by: Heschi Kreinick <heschi@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Bryan Mills <bcmills@google.com>
There is a chicken and egg problem with always requiring
the checksum database for toolchain module downloads, since the
checksum database populates its entry by doing its own module
download.
Don't require the checksum database for GOPROXY=file:/// (for local testing)
and when running on the Go module mirror.
For #60847.
Change-Id: I5d67d585169ae0fa73109df233baae8ba5fe5dd3
Reviewed-on: https://go-review.googlesource.com/c/go/+/503978
Reviewed-by: Bryan Mills <bcmills@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Auto-Submit: Russ Cox <rsc@golang.org>
Run-TryBot: Russ Cox <rsc@golang.org>
This is intended for the specific case of 'fmahash=qn' where someone
wants to disable fma without all the hash-search-handshake output.
There are cases where arm64, ppc64, and s390x users might want to do
this.
Change-Id: Iaf46c68a00d7c9f7f82fd98a4548b72610f84bed
Reviewed-on: https://go-review.googlesource.com/c/go/+/503776
Run-TryBot: David Chase <drchase@google.com>
Reviewed-by: Russ Cox <rsc@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Change-Id: I6db8ce8d7e0a1cb3d955493fa49eb7dff372eb38
Reviewed-on: https://go-review.googlesource.com/c/go/+/504375
Run-TryBot: Ian Lance Taylor <iant@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
When make slice of retractions, it should have initial length zero, to append more VersionIntervals.
Currently without the zero length, the capacity used will be doubled after the appending, looks like a bug.
Change-Id: Id3acaeffe557ca1d15c864b0377a66fee3a41f6c
GitHub-Last-Rev: ed5fd5f678
GitHub-Pull-Request: golang/go#60354
Reviewed-on: https://go-review.googlesource.com/c/go/+/497118
Auto-Submit: Bryan Mills <bcmills@google.com>
Reviewed-by: Bryan Mills <bcmills@google.com>
Run-TryBot: Bryan Mills <bcmills@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Fixes#34396
Change-Id: I35c4e3447f84e349adf7edba92ccb19b324bfe14
GitHub-Last-Rev: 4f06764109
GitHub-Pull-Request: golang/go#60763
Reviewed-on: https://go-review.googlesource.com/c/go/+/502815
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Run-TryBot: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
cmd/distpack deletes that module from its distribution.
For #24904.
Change-Id: I69dd328d0f790a49db7a053d703ae985d9ebe9e4
Reviewed-on: https://go-review.googlesource.com/c/go/+/504060
Reviewed-by: Ian Lance Taylor <iant@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Bryan Mills <bcmills@google.com>
Auto-Submit: Bryan Mills <bcmills@google.com>
cmd/distpack removes GOROOT/test from its archive of the distribution.
For #24904.
Change-Id: Ifde441f048f8af52f8973555b196ab0520b48ab7
Reviewed-on: https://go-review.googlesource.com/c/go/+/504057
Auto-Submit: Bryan Mills <bcmills@google.com>
Run-TryBot: Bryan Mills <bcmills@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@google.com>
cmd/distpack removes GOROOT/test, so skip the test if it isn't there.
For #24904.
Change-Id: Iac381517d0540056b2ccea0dc1bd716113b18468
Reviewed-on: https://go-review.googlesource.com/c/go/+/504117
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Bryan Mills <bcmills@google.com>
Run-TryBot: Bryan Mills <bcmills@google.com>
GOROOT/test is pruned out by cmd/distpack. It isn't really needed for
the test anyway; the test can instead use the "src/unicode" subdirectory,
which is even within the same module.
This test was previously adjusted in CL 13467045 and CL 31859.
Unlike in previous iterations of the test, the directories used in
this revision are covered by the Go 1 compatibility policy and thus
unlikely to disappear.
For #24904.
Change-Id: I156ae18354bcbc2ddd8d22b210f16ba1e97cd5d1
Reviewed-on: https://go-review.googlesource.com/c/go/+/504116
Auto-Submit: Bryan Mills <bcmills@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Bryan Mills <bcmills@google.com>
Otherwise, gccgo tests may be quietly skipped.
For #60798
Change-Id: Iaad6b53c95ad4d407b917d8f62978979b82a4e81
Reviewed-on: https://go-review.googlesource.com/c/go/+/503495
Reviewed-by: Ian Lance Taylor <iant@google.com>
Reviewed-by: Bryan Mills <bcmills@google.com>
Run-TryBot: Paul Murphy <murp@ibm.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
RemoteAddr can return nil in some cases, this fix prevents a panic.
I chatted with @neild about this beforehand, but what's happening in our
case is that a connection comes in to the HTTP server which is then
immediately closed (we discovered this issue by accident using nmap).
The network implementation that we're using (it happens to be gVisor
via its gonet adaptor) is returning nil from RemoteAddr(), presumably
as there is no remote at that point.
But, ultimately, since RemoteAddr returns an interface it is always
possible for it to return nil, and indeed conn.RemoteAddr in this file
does exactly that if the conn is not ok.
Change-Id: Ibe67ae6e30b68e2776df5ee2911bf5f1dc539641
GitHub-Last-Rev: ff3505d1d0
GitHub-Pull-Request: golang/go#60823
Reviewed-on: https://go-review.googlesource.com/c/go/+/503656
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Damien Neil <dneil@google.com>
Run-TryBot: Damien Neil <dneil@google.com>
Reviewed-by: Bryan Mills <bcmills@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
The main change here is fixing the panic where it was called even when
req.Body was nil. It might also work better to keep the req.Body.Close
calls closer after req.Body is read, so do that too.
Calling readableStreamPull.Release on a js.Func with a zero value
is currently a no-op, but it seems better to avoid it anyway.
Also remove readableStreamStart, readableStreamCancel while here.
They were used in the initial but not final patch set of CL 458395.
Fixes#60809.
Change-Id: I6ff2e3b6ec2cd4b0c9c67939903e32908312db8d
Reviewed-on: https://go-review.googlesource.com/c/go/+/503676
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Johan Brandhorst-Satzkorn <johan.brandhorst@gmail.com>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Bryan Mills <bcmills@google.com>
Run-TryBot: Dmitri Shuralyov <dmitshur@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
This change adds a test highlighting an issue with the fstest.TestFS
test suite which occurred when the fs.FS implementation would expose
directories returning unordered directory entries from their ReadDir
method.
--- FAIL: TestShuffledFS (0.00s)
testfs_test.go:76: testing fs.Sub(fsys, tmp): TestFS found errors:
.: Glob(`*e*`): wrong output:
extra: one
missing: one
The issue came from having the wrong variable passed to the checkGlob
method. There are two variables named list and list2, the latter is
sorted, and the checkGlob method expects a sorted list but was passed
list instead of list2.
Change-Id: I5e49dccf14077e7d1fee51687eb6a5eeb0330c16
Reviewed-on: https://go-review.googlesource.com/c/go/+/503175
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Ian Lance Taylor <iant@google.com>
Reviewed-by: Bryan Mills <bcmills@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Currently ArenaNew expects the type passed in to be a *T and it returns
a *T. This does not match the function's documentation.
Since this is an experiment, change ArenaNew to match the documentation.
This more closely aligns ArenaNew with arena.New. (Takes a type T,
returns a *T value.)
Note that this is a breaking change. However, as far as pkg.go.dev can
tell, there's exactly one package using it in the open source world.
Also, add smoke test for the exported API, which is just a wrapper
around the internal API. Clearly there's enough room for error here that
it should be tested, but we don't need thorough tests at this layer
because that already exists in the runtime. We just need to make sure it
basically works.
Fixes#60528.
Change-Id: I673cc4609378380ef80648b0c2eb2928e73f49c9
Reviewed-on: https://go-review.googlesource.com/c/go/+/501860
Run-TryBot: Michael Knyszek <mknyszek@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
The go command recognizes when a program named go_$GOOS_$GOARCH_exec
is in PATH. There are two such programs living in GOROOT/misc/wasm.
Like GOROOT/bin/{go,gofmt} and GOROOT/pkg/tool/**, these programs
need to have the executable bit set to do their job, so set it.
Comparing a distpack produced before and after this change shows that
the pack.go file is modified, the two go_{js,wasip1}_wasm_exec programs
have the new file mode, and there are no other changes, as expected.
The mode change is relevant to the binary and source distributions only.
No change to the module zip since it doesn't include GOROOT/misc at all,
so no effect on previously created toolchain modules whose checksums
are already recorded in the Go checksum database and cannot be changed.
(Other than by changing their "v0.0.1" version, but that's expensive.)
Fixes#60843.
Change-Id: I799b6aacff59c0785cb7743cbd17dda5a9ef91be
Reviewed-on: https://go-review.googlesource.com/c/go/+/503975
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Bryan Mills <bcmills@google.com>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>
In racecallatomic, we do a load before calling into TSAN, so if
the address is invalid we fault on the Go stack. We currently use
a 8-byte load instruction, regardless of the data size that the
atomic operation is performed on. So if, say, we are doing a
LoadUint32 at an address that is the last 4 bytes of a memory
mapping, we may fault unexpectedly. Do a 1-byte load instead.
(Ideally we should do a load with the right size, so we fault
correctly if we're given an unaligned address for a wide load
across a page boundary. Leave that for another CL.)
Fix AMD64, ARM64, and PPC64. The code already uses 1-byte load
on S390X.
Should fix#60825.
Change-Id: I3dee93eb08ba180c85e86a9d2e71b5b520e8dcf0
Reviewed-on: https://go-review.googlesource.com/c/go/+/503937
Run-TryBot: Cherry Mui <cherryyz@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Than McIntosh <thanm@google.com>
Reviewed-by: David Chase <drchase@google.com>
When 'go list -cover' is run in a way that triggers package builds
(for example, -export), ensure that the build step actually includes
coverage instrumentation as part of the config. Without this we will
wind up with incorrect build IDs.
Fixes#60755.
Change-Id: Ic84ab9e301d075bee5ff9d6828370a1708be0035
Reviewed-on: https://go-review.googlesource.com/c/go/+/502877
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Bryan Mills <bcmills@google.com>
Run-TryBot: Than McIntosh <thanm@google.com>
The Fetch API was meant to only be disabled in tests.
Since wasm_exec.js defines a global 'process' object,
it ended up being disabled anywhere that script is used.
Make the heuristic stricter so that it's less likely to
trigger anywhere but when testing js/wasm using Node.js.
For #57613.
Fixes#60808.
Change-Id: Ief8def802b466ef4faad16daccefcfd72e4398b8
Reviewed-on: https://go-review.googlesource.com/c/go/+/503675
TryBot-Result: Gopher Robot <gobot@golang.org>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Johan Brandhorst-Satzkorn <johan.brandhorst@gmail.com>
Run-TryBot: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Damien Neil <dneil@google.com>
For #59488Fixes#60616
Change-Id: Idf9f42d7d868999664652dd7b478684a474f1d96
Reviewed-on: https://go-review.googlesource.com/c/go/+/501355
Reviewed-by: David Chase <drchase@google.com>
Reviewed-by: Rob Pike <r@golang.org>
Run-TryBot: Ian Lance Taylor <iant@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
types2 have already errored about any spec-required overflows, and
division by zero. CL 469595 unintentionally fixed typecheck not to error
about overflows, but zero division is still be checked during tcArith.
This causes unsafe operations with variable size failed to compile,
instead of raising runtime error.
Fixes#60601
Change-Id: I7bea2821099556835c920713397f7c5d8a4025ac
Reviewed-on: https://go-review.googlesource.com/c/go/+/501735
Auto-Submit: Cuong Manh Le <cuong.manhle.vn@gmail.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Keith Randall <khr@golang.org>
Run-TryBot: Cuong Manh Le <cuong.manhle.vn@gmail.com>
Reviewed-by: Keith Randall <khr@google.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
I unintentionally flipped them in CL 446795.
For #56490Fixes#60801
Change-Id: I57586bec052e1b2cc61513870ce24dd6ce17e56b
Reviewed-on: https://go-review.googlesource.com/c/go/+/503575
Reviewed-by: Ian Lance Taylor <iant@google.com>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Rob Pike <r@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Run-TryBot: Ian Lance Taylor <iant@google.com>
Reviewed-by: Bryan Mills <bcmills@google.com>
TestIssue29837 takes a long time to run, ~150s on my laptop
and ~40s on CI builders.
While here, warm up the go list cache in parallel, which reduces the
test time by ~10%.
Change-Id: Ib8d45b086453ee03e6c9f3f070d6f6b0d324bfd4
Reviewed-on: https://go-review.googlesource.com/c/go/+/502095
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Bryan Mills <bcmills@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Quim Muntal <quimmuntal@gmail.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
The encoding of instructions "FMOVD F1, ZR" and "FMOVS F1, ZR" is wrong,
the assembler encodes them as "FMOVD F1, F31" and "FMOVS F1, F31". This
CL fixes the bug.
Change-Id: I2d31520b58f9950ce2534a04f4a3275bf103a673
Reviewed-on: https://go-review.googlesource.com/c/go/+/503135
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: David Chase <drchase@google.com>
Run-TryBot: Eric Fang <eric.fang@arm.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Previously if there was something invalid about the package list
cmd/go would crash rather than reporting a useful error.
For #60798
Change-Id: I502facf41442ab49217405b5b1874fff52a6d416
Reviewed-on: https://go-review.googlesource.com/c/go/+/503496
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Bryan Mills <bcmills@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Previously we used the highest Go build tag found in the build
configuration, which matches gover.Local for development toolchains
(it is always a bare language version), but is too low for releases.
Updates #57001.
Change-Id: I74c2f7ab06231858eee99ecd11ed3759853e01ed
Reviewed-on: https://go-review.googlesource.com/c/go/+/503537
Reviewed-by: Ian Lance Taylor <iant@google.com>
Run-TryBot: Bryan Mills <bcmills@google.com>
Auto-Submit: Bryan Mills <bcmills@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Rather than using the external network and real-world chains for testing
the integrations with platform verifiers, use a synthetic test root.
This changes adds a constrained root and key pair to the tree, and adds
a test suite that verifies certificates issued from that root. These
tests are only executed if the root is detected in the trust store. For
reference, the script used to generate the root and key is attached to
the bottom of this commit message.
This change leaves the existing windows/darwin TestPlatformVerifier
tests in place, since the trybots do not currently have the test root in
place, and as such cannot run the suite. Once the builder images have
the root integrated, we can remove the old flaky tests, and the trybots
will begin running the new suite automatically.
Updates #52108
-- gen.go --
package main
import (
"crypto/ecdsa"
"crypto/elliptic"
"crypto/rand"
"crypto/x509"
"crypto/x509/pkix"
"encoding/pem"
"flag"
"log"
"math/big"
"net"
"os"
"time"
)
func writePEM(pemType string, der []byte, path string) error {
enc := pem.EncodeToMemory(&pem.Block{
Type: pemType,
Bytes: der,
})
return os.WriteFile(path, enc, 0666)
}
func main() {
certPath := flag.String("cert-path", "platform_root_cert.pem", "Path to write certificate PEM")
keyPath := flag.String("key-path", "platform_root_key.pem", "Path to write key PEM")
flag.Parse()
key, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
if err != nil {
log.Fatalf("ecdsa.GenerateKey failed: %s", err)
}
now := time.Now()
tmpl := &x509.Certificate{
SerialNumber: big.NewInt(9009),
Subject: pkix.Name{
CommonName: "Go platform verifier testing root",
},
NotBefore: now.Add(-time.Hour),
NotAfter: now.Add(time.Hour * 24 * 365 * 5),
IsCA: true,
BasicConstraintsValid: true,
PermittedDNSDomainsCritical: true,
// PermittedDNSDomains restricts the names in certificates issued from this root to *.testing.golang.invalid.
// The .invalid TLD is, per RFC 2606, reserved for testing, and as such anything issued for this certificate
// should never be valid in the real world.
PermittedDNSDomains: []string{"testing.golang.invalid"},
// ExcludedIPRanges prevents any certificate issued from this root that contains an IP address in both the full
// IPv4 and IPv6 ranges from being considered valid.
ExcludedIPRanges: []*net.IPNet{{IP: make([]byte, 4), Mask: make([]byte, 4)}, {IP: make([]byte, 16), Mask: make([]byte, 16)}},
KeyUsage: x509.KeyUsageCertSign,
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
}
certDER, err := x509.CreateCertificate(rand.Reader, tmpl, tmpl, key.Public(), key)
if err != nil {
log.Fatalf("x509.CreateCertificate failed: %s", err)
}
keyDER, err := x509.MarshalECPrivateKey(key)
if err != nil {
log.Fatalf("x509.MarshalECPrivateKey failed: %s", err)
}
if err := writePEM("CERTIFICATE", certDER, *certPath); err != nil {
log.Fatalf("failed to write certificate PEM: %s", err)
}
if err := writePEM("EC PRIVATE KEY", keyDER, *keyPath); err != nil {
log.Fatalf("failed to write key PEM: %s", err)
}
}
Change-Id: If7c4a9f18466662a60fea5443e603232a9260026
Reviewed-on: https://go-review.googlesource.com/c/go/+/488855
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Auto-Submit: Roland Shoemaker <roland@golang.org>
Reviewed-by: Bryan Mills <bcmills@google.com>
Run-TryBot: Roland Shoemaker <roland@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Make all functions use a constraint S ~[]E even if they don't return
the slice type. This makes explicitly instantiating the functions more
consistent: you don't have to remember which take ~[]E and which do not.
It also permits inferring the type when passing one of these functions
to some other function that is using a named slice type.
Fixes#60546
Change-Id: Ib3435255d0177fdbf03455ae527d08599b1ce012
Reviewed-on: https://go-review.googlesource.com/c/go/+/502955
Reviewed-by: Ian Lance Taylor <iant@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Robert Griesemer <gri@google.com>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Axel Wagner <axel.wagner.hh@googlemail.com>
Reviewed-by: Eli Bendersky <eliben@google.com>
Run-TryBot: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Change-Id: I9f008dba7ba6e30f0e62647482a3ed0b51bc1ad0
Reviewed-on: https://go-review.googlesource.com/c/go/+/502997
Reviewed-by: Robert Findley <rfindley@google.com>
Reviewed-by: Robert Griesemer <gri@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
TryBot-Bypass: Robert Griesemer <gri@google.com>
Address a panic that was caused by net.Dial/net.Listen entering the fake
network stack and assuming that the addresses would be of type *TCPAddr,
where in fact they could have been *UDPAddr or *UnixAddr as well.
The fix consist in implementing the fake network facility for udp and
unix addresses, preventing the assumed type assertion to TCPAddr from
triggering a panic. New tests are added to verify that using the fake
network from the exported functions of the net package satisfies the
minimal requirement of being able to create a listener and establish a
connection for all the supported network types.
Fixes#60012Fixes#60739
Change-Id: I2688f1a0a7c6c9894ad3d137a5d311192c77a9b2
Reviewed-on: https://go-review.googlesource.com/c/go/+/502315
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Johan Brandhorst-Satzkorn <johan.brandhorst@gmail.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>
Change-Id: I869ebcd9a134d0010e419dc51b6f91eddeaa0bbd
GitHub-Last-Rev: 0fc44edaea
GitHub-Pull-Request: golang/go#60764
Reviewed-on: https://go-review.googlesource.com/c/go/+/502835
Reviewed-by: Ian Lance Taylor <iant@google.com>
Run-TryBot: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Fix spelling errors discovered using https://github.com/codespell-project/codespell. Errors in data files and vendored packages are ignored.
Change-Id: I83c7818222f2eea69afbd270c15b7897678131dc
GitHub-Last-Rev: 3491615b1b
GitHub-Pull-Request: golang/go#60758
Reviewed-on: https://go-review.googlesource.com/c/go/+/502576
Auto-Submit: Michael Pratt <mpratt@google.com>
Run-TryBot: Michael Pratt <mpratt@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Michael Pratt <mpratt@google.com>