1
0
mirror of https://github.com/golang/go synced 2024-11-26 14:26:51 -07:00
Commit Graph

48331 Commits

Author SHA1 Message Date
Bryan C. Mills
6db7480f59 cmd/go/internal/modload: in updateLazyRoots, do not require the main module explicitly
Fixes #46078

Change-Id: I8044dac717459f1eeae1d8381a6503f22f9f51ff
Reviewed-on: https://go-review.googlesource.com/c/go/+/319009
Trust: Bryan C. Mills <bcmills@google.com>
Reviewed-by: Jay Conrod <jayconrod@google.com>
2021-05-12 20:20:11 +00:00
Cherry Mui
f93b951f33 cmd/compile/abi-internal.md: fix table format
The table was not rendered correctly because one line missed a
column.

Change-Id: I1373e4e9fb8b8f2dcd9fd0db339083362cce9b71
Reviewed-on: https://go-review.googlesource.com/c/go/+/319291
Trust: Cherry Mui <cherryyz@google.com>
Reviewed-by: Than McIntosh <thanm@google.com>
2021-05-12 17:32:39 +00:00
Ruslan Andreev
3b321a9d12 cmd/compile: add arch-specific inlining for runtime.memmove
This CL add runtime.memmove inlining for AMD64 and ARM64.
According to ssa dump from testcases generic rules can't inline
memmomve properly due to one of the arguments is Phi operation. But this
Phi op will be optimized out by later optimization stages. As a result
memmove can be inlined during arch-specific rules.
The commit add new optimization rules to arch-specific rules that can
inline runtime.memmove if it possible during lowering stage.
Optimization fires 5 times in Go source-code using regabi.

Fixes #41662

Change-Id: Iaffaf4c482d068b5f0683d141863892202cc8824
Reviewed-on: https://go-review.googlesource.com/c/go/+/289151
Reviewed-by: Keith Randall <khr@golang.org>
Run-TryBot: Keith Randall <khr@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Trust: David Chase <drchase@google.com>
2021-05-12 16:23:30 +00:00
Jonathan Swinney
07ff596404 runtime/internal/atomic: add LSE atomics instructions to arm64
As a follow up to an earlier change[1] to add ARMv8+LSE instructions in
the compiler generated atomic intrinsics, make the same change in the
runtime library. Since not all ARMv8 systems support LSE instructions,
they are protected by a feature-flag branch.

[1]: golang.org/cl/234217 commit: ecc3f5112e

Change-Id: I0e2fb22e78d5eddb6547863667a8865946679a00
Reviewed-on: https://go-review.googlesource.com/c/go/+/310591
Reviewed-by: Cherry Mui <cherryyz@google.com>
Run-TryBot: Cherry Mui <cherryyz@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
Trust: Heschi Kreinick <heschi@google.com>
2021-05-12 16:18:01 +00:00
Russ Cox
03886707f9 runtime: fix handling of SPWRITE functions in traceback
It is valid to see SPWRITE functions at the top of a GC stack traceback,
in the case where they self-preempted during the stack growth check
and haven't actually modified SP in a traceback-unfriendly manner yet.
The current check is therefore too aggressive.

isAsyncSafePoint is taking care of not async-preempting SPWRITE functions
because it doesn't async-preempt any assembly functions at all.
But perhaps it will in the future.

To keep a check that SPWRITE assembly functions are not async-preempted,
add one in preemptPark. Then relax the check in traceback to avoid
triggering on self-preempted SPWRITE functions.

The long and short of this is that the assembly we corrected in x/crypto
issue #44269 was incredibly dodgy but not technically incompatible with
the Go runtime. After this change, the original x/crypto assembly no longer
causes GC traceback crashes during "GOGC=1 go test -count=1000".
But we'll still leave the corrected assembly.

This also means that we don't need to worry about diagnosing SPWRITE
assembly functions that may exist in the wild. They will be skipped for
async preemption and no harm no foul.

Fixes #44269, which was open pending some kind of check for
bad SPWRITE functions in the wild. (No longer needed.)

Change-Id: I6000197b62812bbd2cd92da28eab422634cf75a8
Reviewed-on: https://go-review.googlesource.com/c/go/+/317669
Trust: Russ Cox <rsc@golang.org>
Run-TryBot: Russ Cox <rsc@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>
2021-05-12 15:23:09 +00:00
Cherry Mui
e03383a2e2 cmd/link: check mmap error
We already check mmap errors on some code paths, but we missed
one. Add error check there.

Change-Id: Ic0e9cb0eb03c805de40802cfc5d5500e3e065d99
Reviewed-on: https://go-review.googlesource.com/c/go/+/319290
Trust: Cherry Mui <cherryyz@google.com>
Run-TryBot: Cherry Mui <cherryyz@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Than McIntosh <thanm@google.com>
2021-05-12 15:05:12 +00:00
Cherry Mui
af0f8c149e cmd/link: don't cast end address to int32
When linking a very large binary, the section address may not fit
in int32. Don't truncate it.

Change-Id: Ibcc8d74bf5662611949e547ce44ca8b973de383f
Reviewed-on: https://go-review.googlesource.com/c/go/+/319289
Trust: Cherry Mui <cherryyz@google.com>
Run-TryBot: Cherry Mui <cherryyz@google.com>
Reviewed-by: Than McIntosh <thanm@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
2021-05-12 15:04:42 +00:00
Manlio Perillo
485474d204 cmd/go/testdata/script: fix test failing on nocgo builders
The regression test introduced in https://golang.org/cl/318770 broke the
the nocgo builders.

Update the cgo package used in the test to ensure that it can be build
both with cgo enabled and disabled.

Change-Id: Iab0486f0b85ac5e5a22fdf8a1998edd50cbb4d96
Reviewed-on: https://go-review.googlesource.com/c/go/+/319210
Trust: Bryan C. Mills <bcmills@google.com>
Trust: Jay Conrod <jayconrod@google.com>
Reviewed-by: Bryan C. Mills <bcmills@google.com>
Reviewed-by: Jay Conrod <jayconrod@google.com>
Run-TryBot: Bryan C. Mills <bcmills@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
2021-05-12 14:43:27 +00:00
Guilherme Souza
1a0ea1a08b runtime: fix typo in proc.go
Change-Id: I12c0befc5772a5c902a55aeb06a30ec7a34a3bd6
GitHub-Last-Rev: 7d41e1bcb9
GitHub-Pull-Request: golang/go#46112
Reviewed-on: https://go-review.googlesource.com/c/go/+/319053
Reviewed-by: Keith Randall <khr@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
2021-05-12 02:04:57 +00:00
Manlio Perillo
9995c6b50a cmd/go: ignore implicit imports when the -find flag is set
The documentation of the go list -find flag says that the Deps list will
be empty. However the current implementation adds implicit imports when
supporting Cgo or SWIG and when linking a main package.

Update the documentation of PackageOpts.IgnoreImport to clarify that
both explicit and implicit imports are ignored.

Add a regression test.

Fixes #46092

Change-Id: I37847528d84adb7a18eb6ff29e4af4b4318a66fe
Reviewed-on: https://go-review.googlesource.com/c/go/+/318770
Trust: Jay Conrod <jayconrod@google.com>
Trust: Bryan C. Mills <bcmills@google.com>
Run-TryBot: Jay Conrod <jayconrod@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Jay Conrod <jayconrod@google.com>
2021-05-11 21:22:08 +00:00
Filippo Valsorda
9b84814f6e net/http: check that Unicode-aware functions are not used
Change-Id: I398aff06bec95077bfff02bfb067aa949b70c184
Reviewed-on: https://go-review.googlesource.com/c/go/+/318429
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Roberto Clapis <roberto@golang.org>
Trust: Filippo Valsorda <filippo@golang.org>
2021-05-11 18:22:54 +00:00
Michael Pratt
2520e72d3b runtime: hold sched.lock across atomic pidleget/pidleput
As a cleanup, golang.org/cl/307914 unintentionally caused the idle GC
work recheck to drop sched.lock between acquiring a P and committing to
keep it (once a worker G was found).

This is unsafe, as releasing a P requires extra checks once sched.lock
is taken (such as for runSafePointFn). Since checkIdleGCNoP does not
perform these extra checks, we can now race with other users.

In the case of #45975, we may hang with this sequence:

1. M1: checkIdleGCNoP takes sched.lock, gets P1, releases sched.lock.
2. M2: forEachP takes sched.lock, iterates over sched.pidle without
   finding P1, releases sched.lock.
3. M1: checkIdleGCNoP puts P1 back in sched.pidle.
4. M2: forEachP waits forever for P1 to run the safePointFn.

Change back to the old behavior of releasing sched.lock only after we
are certain we will keep the P. Thus if we put it back its removal from
sched.pidle was never visible.

Fixes #45975
For #45916
For #45885
For #45884

Change-Id: I191a1800923b206ccaf96bdcdd0bfdad17b532e9
Reviewed-on: https://go-review.googlesource.com/c/go/+/318569
Trust: Michael Pratt <mpratt@google.com>
Run-TryBot: Michael Pratt <mpratt@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: David Chase <drchase@google.com>
2021-05-11 14:21:06 +00:00
Joel Sing
326a792517 runtime,syscall: simplify openbsd related build tags
openbsd/mips64 is now the only openbsd port that uses non-libc syscall - revise
build tags to reflect this.

Update #36435

Change-Id: I357b2dd2926d058e25e618fcca42c388587598a8
Reviewed-on: https://go-review.googlesource.com/c/go/+/317919
Trust: Joel Sing <joel@sing.id.au>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Run-TryBot: Cherry Mui <cherryyz@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
2021-05-11 02:46:21 +00:00
Roberto Clapis
5c489514bc net/http: switch HTTP1 to ASCII equivalents of string functions
The current implementation uses UTF-aware functions
like strings.EqualFold and strings.ToLower.

This could, in some cases, cause http smuggling.

Change-Id: I0e76a993470a1e1b1b472f4b2859ea0a2b22ada0
Reviewed-on: https://go-review.googlesource.com/c/go/+/308009
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Trust: Roberto Clapis <roberto@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
2021-05-10 23:42:56 +00:00
Roland Shoemaker
dc50683bf7 crypto/elliptic: upgrade from generic curve impl to specific if available
This change alters the CurveParam methods to upgrade from the generic
curve implementation to the specific P224 or P256 implementations when
called on the embedded CurveParams. This removes the trap of using
elliptic.P224().Params() instead of elliptic.P224(), for example, which
results in using the generic implementation instead of the optimized
constant time one. For P224 this is done for all of the CurveParams
methods, except Params, as the optimized implementation covers all
these methods. For P256 this is only done for ScalarMult and
ScalarBaseMult, as despite having implementations of addition and
doubling they aren't exposed and instead the generic implementation is
used. For P256 an additional check that there actually is a specific
implementation is added, as unlike the P224 implementation the P256 one
is only available on certain platforms.

This change takes the simple, fast approach to checking this, it simply
compares pointers. This removes the most obvious class of mistakes
people make, but still allows edge cases where the embedded CurveParams
pointer has been dereferenced (as seen in the unit tests) or when someone
has manually constructed their own CurveParams that matches one of the
standard curves. A more complex approach could be taken to also address
these cases, but it would require directly comparing all of the
CurveParam fields which would, in the worst case, require comparing
against two standard CurveParam sets in the ScalarMult and
ScalarBaseMult paths, which are likely to be the hottest already.

Updates #34648

Change-Id: I82d752f979260394632905c15ffe4f65f4ffa376
Reviewed-on: https://go-review.googlesource.com/c/go/+/233939
Trust: Roland Shoemaker <roland@golang.org>
Trust: Katie Hockman <katie@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Katie Hockman <katie@golang.org>
2021-05-10 19:19:34 +00:00
Tao Qingyun
73d5aef4d1 cmd/internal/objfile: add objabi.SNOPTRDATA to "D"
Change-Id: I65913534a4a3e2cbc0d4b00454dd3092eb908cb5
GitHub-Last-Rev: 39dc0d21b8
GitHub-Pull-Request: golang/go#43151
Reviewed-on: https://go-review.googlesource.com/c/go/+/277452
Run-TryBot: Cherry Mui <cherryyz@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Trust: Heschi Kreinick <heschi@google.com>
2021-05-10 18:10:43 +00:00
Lynn Boger
d9e068d289 runtime/cgo,cmd/internal/obj/ppc64: fix signals with cgo
Recently some tsan tests were enabled on ppc64le which had not
been enabled before. This resulted in failures on systems with
tsan available, and while debugging it was determined that
there were other issues related to the use of signals with cgo.

Signals were not being forwarded within programs linked against
libtsan because the nocgo sigaction was being called for ppc64le
with or without cgo. Adding callCgoSigaction and calling that
allows signals to be registered so that signal forwarding works.

For linux-ppc64 and aix-ppc64, this won't change. On linux-ppc64
there is no cgo. I can't test aix-ppc64 so those owners can enable
it if they want.

In reviewing comments about sigtramp in sys_linux_arm64 it was
noted that a previous issue in arm64 due to missing callee save
registers could also be a problem on ppc64x, so code was added
to save and restore those.

Also, the use of R31 as a temp register in some cases caused an
issue since it is a nonvolatile register in C and was being clobbered
in cases where the C code expected it to be valid. The code sequences to
load these addresses were changed to avoid the use of R31 when loading
such an address.

To get around a vet error, the stubs_ppc64x.go file in runtime
was split into stubs_ppc64.go and stubs_ppc64le.go.

Updates #45040

Change-Id: Ia4ecff950613cbe1b89471790b1d3819d5b5cfb9
Reviewed-on: https://go-review.googlesource.com/c/go/+/306369
Trust: Lynn Boger <laboger@linux.vnet.ibm.com>
Run-TryBot: Lynn Boger <laboger@linux.vnet.ibm.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Carlos Eduardo Seo <carlos.seo@linaro.org>
2021-05-10 17:21:32 +00:00
Jay Conrod
deb3403ff5 go/build: include files with parse errors in GoFiles and other lists
go/build.ImportDir returns a *build.Package with various lists of
files. If a file is invalid for some reason, for example, because it
has a different package name than other files, it's added to
InvalidGoFiles in addition to GoFiles, TestGoFiles, or other lists.

Previously, files with parse errors or build constraint errors were
not included in these lists, which causes problems for tools that use
'go list' since InvalidGoFiles is not printed. With this change, files
with any kind of error are added to one of the GoFiles lists.

Fixes #39986

Change-Id: Iee007b5092293eb4420c8a39ce731805fe32135f
Reviewed-on: https://go-review.googlesource.com/c/go/+/241577
Trust: Jay Conrod <jayconrod@google.com>
Run-TryBot: Jay Conrod <jayconrod@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Bryan C. Mills <bcmills@google.com>
2021-05-10 15:53:43 +00:00
Tobias Klauser
82517acae8 net, runtime: drop macOS 10.12 skip conditions in tests
Go 1.17 requires macOS 10.13 or later. Thus, drop the special cases for
the darwin-amd64-10_12 builder added in CL 202618.

Updates #22019
Updates #23011
Updates #32919

Change-Id: Idef11c213dfb25fd002b7cda6d425cf2e26a2e06
Reviewed-on: https://go-review.googlesource.com/c/go/+/318329
Trust: Tobias Klauser <tobias.klauser@gmail.com>
Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Bryan C. Mills <bcmills@google.com>
2021-05-10 15:49:50 +00:00
Bryan C. Mills
031854117f cmd/go: include packages with InvalidGoFiles when filtering main packages
If a package has files with conflicting package names, go/build
empirically populates the first name encountered and puts the
remaining files in InvalidGoFiles. That foiled our check for packages
whose name is either unpopulated or "main", since the "package main"
could be found in a source file after the first.

Instead, we now treat any package with a nonzero set of InvalidGoFiles
as potentially a main package. This biases toward over-reporting
errors, but we would rather over-report than under-report.

If we fix #45999, we will be able to make these error checks more
precise.

Updates #42088
Fixes #45827
Fixes #39986

Change-Id: I588314341b17961b38660192c2130678dc03023e
Reviewed-on: https://go-review.googlesource.com/c/go/+/317300
Trust: Bryan C. Mills <bcmills@google.com>
Reviewed-by: Jay Conrod <jayconrod@google.com>
2021-05-10 15:48:57 +00:00
Bryan C. Mills
a9edda3788 cmd/go: add a test that reproduces #45827
For #45827

Change-Id: I4d3268d66fb0927161f44b353faef11aa4551e40
Reviewed-on: https://go-review.googlesource.com/c/go/+/317298
Trust: Bryan C. Mills <bcmills@google.com>
Run-TryBot: Bryan C. Mills <bcmills@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Jay Conrod <jayconrod@google.com>
2021-05-10 15:47:52 +00:00
Bryan C. Mills
e18a8b4fb2 go/build: avoid duplicates in InvalidGoFiles
For #45827
For #39986
Updates #45999

Change-Id: I0c919b6a2e56e7003b90425487eafe0f0eadc609
Reviewed-on: https://go-review.googlesource.com/c/go/+/317299
Trust: Bryan C. Mills <bcmills@google.com>
Run-TryBot: Bryan C. Mills <bcmills@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Jay Conrod <jayconrod@google.com>
2021-05-10 15:47:41 +00:00
Keith Randall
287025925f cmd/compile,reflect: allow longer type names
Encode the length of type names and tags in a varint encoding
instead of a fixed 2-byte encoding. This allows lengths longer
than 65535 (which can happen for large unnamed structs).

Removed the alignment check for #14962, it isn't relevant any more
since we're no longer reading pointers directly out of this data
(it is encoded as an offset which is copied out bytewise).

Fixes #44155
Update #14962

Change-Id: I6084f6027e5955dc16777c87b0dd5ea2baa49629
Reviewed-on: https://go-review.googlesource.com/c/go/+/318249
Trust: Keith Randall <khr@golang.org>
Run-TryBot: Keith Randall <khr@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
2021-05-10 13:16:56 +00:00
Joel Sing
c14ecaca81 runtime: skip TestCrashDumpsAllThreads on openbsd/arm
This test is also now flakey on this platform.

Updates #36435
Updates #42464

Change-Id: Idedb81478178ffffe7a9c125a6e8bbd83458f9ab
Reviewed-on: https://go-review.googlesource.com/c/go/+/315794
Trust: Joel Sing <joel@sing.id.au>
Reviewed-by: Cherry Mui <cherryyz@google.com>
2021-05-09 17:07:22 +00:00
Joel Sing
bedf2c4886 runtime,syscall: convert syscall on openbsd/arm to libc
Convert the syscall package on openbsd/arm to use libc rather than performing
direct system calls.

Updates #36435

Change-Id: Iff3a91c959292cbf4e0a09c7fd34efc8e88ff83f
Reviewed-on: https://go-review.googlesource.com/c/go/+/315793
Trust: Joel Sing <joel@sing.id.au>
Reviewed-by: Cherry Mui <cherryyz@google.com>
2021-05-09 17:07:01 +00:00
Joel Sing
603f43cbae runtime: switch runtime to libc for openbsd/arm
Use libc rather than performing direct system calls for the runtime on
openbsd/arm.

Updates #36435

Change-Id: If64a96a61c80b9748792f8a85a8f16ed6ebca91f
Reviewed-on: https://go-review.googlesource.com/c/go/+/315792
Trust: Joel Sing <joel@sing.id.au>
Reviewed-by: Cherry Mui <cherryyz@google.com>
2021-05-09 17:06:45 +00:00
Joel Sing
83df4a590b runtime: switch openbsd/arm locking to libc
Switch openbsd/arm to locking via libc, rather than performing direct
system calls.

Update #36435

Change-Id: I190abb1aa544d2cb406fe412960ec106c9716f87
Reviewed-on: https://go-review.googlesource.com/c/go/+/315791
Trust: Joel Sing <joel@sing.id.au>
Reviewed-by: Cherry Mui <cherryyz@google.com>
2021-05-09 17:05:59 +00:00
Joel Sing
8ec8f6aa87 runtime: switch openbsd/arm to pthreads
This switches openbsd/arm to thread creation via pthreads, rather than doing
direct system calls.

Update #36435

Change-Id: Ia8749e3723a9967905c33b6d93dfd9be797a486c
Reviewed-on: https://go-review.googlesource.com/c/go/+/315790
Trust: Joel Sing <joel@sing.id.au>
Reviewed-by: Cherry Mui <cherryyz@google.com>
2021-05-09 17:05:25 +00:00
Matthew Dempsky
5203357eba cmd/compile: make non-concurrent compiles deterministic again
Spreading function compilation across multiple goroutines results in
non-deterministic output. This is how cmd/compile has historically
behaved for concurrent builds, but is troublesome for non-concurrent
builds, particularly because it interferes with "toolstash -cmp".

I spent some time trying to think of a simple, unified algorithm that
can concurrently schedule work but gracefully degrades to a
deterministic build for single-worker builds, but I couldn't come up
with any. The simplest idea I found was to simply abstract away the
operation of scheduling work so that we can have alternative
deterministic vs concurrent modes.

Change-Id: I08afa00527ce1844432412f4f8553781c4e323df
Reviewed-on: https://go-review.googlesource.com/c/go/+/318229
Trust: Matthew Dempsky <mdempsky@google.com>
Run-TryBot: Matthew Dempsky <mdempsky@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Cuong Manh Le <cuong.manhle.vn@gmail.com>
2021-05-09 02:47:29 +00:00
Filippo Valsorda
ea93e68858 crypto/elliptic: make P-521 scalar multiplication constant time
Like for P-224, we do the constant time selects to hide the
point-at-infinity special cases of addition, but not the P = Q case,
which presumably doesn't happen in normal operations.

Runtime increases by about 50%, as expected, since on average we were
able to skip half the additions, and the additions reasonably amounted
to half the runtime. Still, the Fiat code is so much faster than big.Int
that we're still more than three time faster overall than pre-CL 315271.

name                   old time/op    new time/op    delta
pkg:crypto/elliptic goos:darwin goarch:arm64
ScalarBaseMult/P521-8    4.18ms ± 3%    1.35ms ± 1%  -67.64%  (p=0.000 n=10+10)
ScalarMult/P521-8        4.17ms ± 2%    1.36ms ± 1%  -67.45%  (p=0.000 n=10+10)
pkg:crypto/ecdsa goos:darwin goarch:arm64
Sign/P521-8              4.23ms ± 1%    1.44ms ± 1%  -66.02%  (p=0.000 n=9+10)
Verify/P521-8            8.31ms ± 2%    2.73ms ± 2%  -67.08%  (p=0.000 n=9+9)
GenerateKey/P521-8       4.15ms ± 2%    1.35ms ± 2%  -67.41%  (p=0.000 n=10+10)

Updates #40171

Change-Id: I782f2b7f33dd60af9b3b75e46d920d4cb47f719f
Reviewed-on: https://go-review.googlesource.com/c/go/+/315274
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Trust: Filippo Valsorda <filippo@golang.org>
Trust: Katie Hockman <katie@golang.org>
Reviewed-by: Katie Hockman <katie@golang.org>
2021-05-09 00:08:44 +00:00
Filippo Valsorda
14c3d2aa59 crypto/elliptic: import fiat-crypto P-521 field implementation
Fiat Cryptography (https://github.com/mit-plv/fiat-crypto) is a project
that produces prime order field implementations (the code that does
arithmetic modulo a prime number) based on a formally verified model.

The formal verification covers some of the most subtle and hard to test
parts of an elliptic curve implementation, like carry chains. It would
probably have prevented #20040 and #43786.

This CL imports a 64-bit implementation of the P-521 base field,
replacing the horribly slow and catastrophically variable time big.Int
CurveParams implementation.

The code in p521_fiat64.go is generated reproducibly by fiat-crypto,
building and running the Dockerfile according to the README.

The code in fiat/p521.go is a thin and idiomatic wrapper around the
fiat-crypto code. It includes an Invert method generated with the help
of github.com/mmcloughlin/addchain.

The code in elliptic/p521.go is a line-by-line port of the CurveParams
implementation. Lsh(x, N) was replaced with repeated Add(x, x) calls.
Mul(x, x) was replaced with Square(x). Mod calls were removed, as all
operations are modulo P. Likewise, Add calls to bring values back to
positive were removed. The ScalarMult ladder implementation is now
constant time, copied from p224ScalarMult. Only other notable changes
are adding a p512Point type to keep (x, y, z) together, and making
addJacobian and doubleJacobian methods on that type, with the usual
receiver semantics to save 4 allocations per step.

This amounts to a proof of concept, and is far from a mature elliptic
curve implementation. Here's a non-exhaustive list of things that need
improvement, most of which are pre-existing issues with crypto/elliptic.
Some of these can be fixed without API change, so can't.

- Marshal and Unmarshal still use the slow, variable time big.Int
  arithmetic. The Curve interface does not expose field operations, so
  we'll have to make our own abstraction.

- Point addition uses an incomplete Jacobian formula, which has variable
  time behaviors for points at infinity and equal points. There are
  better, complete formulae these days, but I wanted to keep this CL
  reviewable against the existing code.

- The scalar multiplication ladder is still heavily variable time. This
  is easy to fix and I'll do it in a follow-up CL, but I wanted to keep
  this one easier to review.

- Fundamentally, values have to go in and out of big.Int representation
  when they pass through the Curve interface, which is both slow and
  slightly variable-time.

- There is no scalar field implementation, so crypto/ecdsa ends up using
  big.Int for signing.

- Extending this to P-384 would involve either duplicating all P-521
  code, or coming up with some lower-level interfaces for the base
  field. Even better, generics, which would maybe let us save heap
  allocations due to virtual calls.

- The readability and idiomaticity of the autogenerated code can
  improve, although we have a clear abstraction and well-enforced
  contract, which makes it unlikely we'll have to resort to manually
  modifying the code. See mit-plv/fiat-crypto#949.

- We could also have a 32-bit implementation, since it's almost free to
  have fiat-crypto generate one.

Anyway, it's definitely better than CurveParams, and definitely faster.

name                   old time/op    new time/op    delta
pkg:crypto/elliptic goos:darwin goarch:arm64
ScalarBaseMult/P521-8    4.18ms ± 3%    0.86ms ± 2%  -79.50%  (p=0.000 n=10+9)
ScalarMult/P521-8        4.17ms ± 2%    0.85ms ± 6%  -79.68%  (p=0.000 n=10+10)
pkg:crypto/ecdsa goos:darwin goarch:arm64
Sign/P521-8              4.23ms ± 1%    0.94ms ± 0%  -77.70%  (p=0.000 n=9+8)
Verify/P521-8            8.31ms ± 2%    1.75ms ± 4%  -78.99%  (p=0.000 n=9+10)
GenerateKey/P521-8       4.15ms ± 2%    0.85ms ± 2%  -79.49%  (p=0.000 n=10+9)

name                   old alloc/op   new alloc/op   delta
pkg:crypto/elliptic goos:darwin goarch:arm64
ScalarBaseMult/P521-8    3.06MB ± 3%    0.00MB ± 0%  -99.97%  (p=0.000 n=10+10)
ScalarMult/P521-8        3.05MB ± 1%    0.00MB ± 0%  -99.97%  (p=0.000 n=9+10)
pkg:crypto/ecdsa goos:darwin goarch:arm64
Sign/P521-8              3.03MB ± 0%    0.01MB ± 0%  -99.74%  (p=0.000 n=10+8)
Verify/P521-8            6.06MB ± 1%    0.00MB ± 0%  -99.93%  (p=0.000 n=9+9)
GenerateKey/P521-8       3.02MB ± 0%    0.00MB ± 0%  -99.96%  (p=0.000 n=9+10)

name                   old allocs/op  new allocs/op  delta
pkg:crypto/elliptic goos:darwin goarch:arm64
ScalarBaseMult/P521-8     19.8k ± 3%      0.0k ± 0%  -99.95%  (p=0.000 n=10+10)
ScalarMult/P521-8         19.7k ± 1%      0.0k ± 0%  -99.95%  (p=0.000 n=9+10)
pkg:crypto/ecdsa goos:darwin goarch:arm64
Sign/P521-8               19.6k ± 0%      0.1k ± 0%  -99.63%  (p=0.000 n=10+10)
Verify/P521-8             39.2k ± 1%      0.1k ± 0%  -99.84%  (p=0.000 n=9+10)
GenerateKey/P521-8        19.5k ± 0%      0.0k ± 0%  -99.91%  (p=0.000 n=9+10)

Updates #40171

Change-Id: Ic898b09a2388382bf51ec007d9a79d72d44efe10
Reviewed-on: https://go-review.googlesource.com/c/go/+/315271
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Katie Hockman <katie@golang.org>
Trust: Katie Hockman <katie@golang.org>
Trust: Filippo Valsorda <filippo@golang.org>
2021-05-09 00:08:05 +00:00
Filippo Valsorda
ec4efa4208 crypto/x509: check the private key passed to CreateCertificate
Unfortunately, we can't improve the function signature to refer to
crypto.PrivateKey and crypto.PublicKey, even if they are both
interface{}, because it would break assignments to function types.

Fixes #37845

Change-Id: I627f2ac1e1ba98b128dac5382f9cc2524eaef378
Reviewed-on: https://go-review.googlesource.com/c/go/+/224157
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Trust: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Katie Hockman <katie@golang.org>
2021-05-09 00:07:34 +00:00
David Chase
b38b1b2f9a cmd/compile: manage Slot array better
steals idea from CL 312093

further investigation revealed additional duplicate
slots (equivalent, but not equal), so delete those too.

Rearranged Func.Names to be addresses of slots,
create canonical addresses so that split slots
(which use those addresses to refer to their parent,
and split slots can be further split)
will preserve "equivalent slots are equal".

Removes duplicates, improves metrics for "args at entry".

Change-Id: I5bbdcb50bd33655abcab3d27ad8cdce25499faaf
Reviewed-on: https://go-review.googlesource.com/c/go/+/312292
Trust: David Chase <drchase@google.com>
Run-TryBot: David Chase <drchase@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>
2021-05-08 17:03:18 +00:00
Alberto Donizetti
68327e1aa1 cmd/vendor: upgrade pprof to latest
This change upgrades the vendored pprof to pick up the fix for a
serious issue that made the source view in browser mode blank
(tracked upstream as google/pprof#621).

I also had to patch pprof.go, since one of the upstream commit we
included introduced a breaking change in the file interface (the Base
method is now called ObjAddr and has a different signature).

I've manually verified that the upgrade fixes the aforementioned
issues with the source view.

Fixes #45786

Change-Id: I00659ae539a2ad603758e1f06572374d483b9ddc
Reviewed-on: https://go-review.googlesource.com/c/go/+/318049
Trust: Alberto Donizetti <alb.donizetti@gmail.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
2021-05-08 14:59:49 +00:00
Alex Brainman
4c8f48ed4f syscall: do not change stdio handle inheritance
Before the CL 288297 all Go process handles had to be made
non-inheritable - otherwise they would escape into the child process.
But now this is not necessary.

This CL stops changing inheritance flag of stdint, stdout and stderr
handles.

Fixes #44876

Change-Id: Ib8fcf8066c30282293d96c34486b01b4c04f7116
Reviewed-on: https://go-review.googlesource.com/c/go/+/316269
Trust: Alex Brainman <alex.brainman@gmail.com>
Trust: Jason A. Donenfeld <Jason@zx2c4.com>
Run-TryBot: Alex Brainman <alex.brainman@gmail.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-05-08 05:57:31 +00:00
Filippo Valsorda
9d0819b27c crypto/tls: make cipher suite preference ordering automatic
We now have a (well, two, depending on AES hardware support) universal
cipher suite preference order, based on their security and performance.
Peer and application lists are now treated as filters (and AES hardware
support hints) that are applied to this universal order.

This removes a complex and nuanced decision from the application's
responsibilities, one which we are better equipped to make and which
applications usually don't need to have an opinion about. It also lets
us worry less about what suites we support or enable, because we can be
confident that bad ones won't be selected over good ones.

This also moves 3DES suites to InsecureCipherSuites(), even if they are
not disabled by default. Just because we can keep them as a last resort
it doesn't mean they are secure. Thankfully we had not promised that
Insecure means disabled by default.

Notable test changes:

  - TestCipherSuiteCertPreferenceECDSA was testing that we'd pick the
    right certificate regardless of CipherSuite ordering, which is now
    completely ignored, as tested by TestCipherSuitePreference. Removed.

  - The openssl command of TestHandshakeServerExportKeyingMaterial was
    broken for TLS 1.0 in CL 262857, but its golden file was not
    regenerated, so the test kept passing. It now broke because the
    selected suite from the ones in the golden file changed.

  - In TestAESCipherReordering, "server strongly prefers AES-GCM" is
    removed because there is no way for a server to express a strong
    preference anymore; "client prefers AES-GCM and AES-CBC over ChaCha"
    switched to ChaCha20 when the server lacks AES hardware; and finally
    "client supports multiple AES-GCM" changed to always prefer AES-128
    per the universal preference list.

    * this is going back on an explicit decision from CL 262857, and
      while that client order is weird and does suggest a strong dislike
      for ChaCha20, we have a strong dislike for software AES, so it
      didn't feel worth making the logic more complex

  - All Client-* golden files had to be regenerated because the
    ClientHello cipher suites have changed.
    (Even when Config.CipherSuites was limited to one suite, the TLS 1.3
    default order changed.)

Fixes #45430
Fixes #41476 (as 3DES is now always the last resort)

Change-Id: If5f5d356c0f8d1f1c7542fb06644a478d6bad1e5
Reviewed-on: https://go-review.googlesource.com/c/go/+/314609
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Trust: Filippo Valsorda <filippo@golang.org>
2021-05-08 05:15:48 +00:00
Filippo Valsorda
02ce411821 crypto/x509: remove GODEBUG=x509ignoreCN=0 flag
Common Name and NameConstraintsWithoutSANs are no more.

Fixes #24151 ᕕ(ᐛ)ᕗ

Change-Id: I15058f2a64f981c69e9ee620d3fab00f68967e49
Reviewed-on: https://go-review.googlesource.com/c/go/+/315209
Trust: Filippo Valsorda <filippo@golang.org>
Trust: Katie Hockman <katie@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Katie Hockman <katie@golang.org>
2021-05-08 05:12:07 +00:00
Keith Randall
b211fe0058 cmd/compile: remove bit operations that modify memory directly
These operations (BT{S,R,C}{Q,L}modify) are quite a bit slower than
other ways of doing the same thing.

Without the BTxmodify operations, there are two fallback ways the compiler
performs these operations: AND/OR/XOR operations directly on memory, or
load-BTx-write sequences. The compiler kinda chooses one arbitrarily
depending on rewrite rule application order. Currently, it uses
load-BTx-write for the Const benchmarks and AND/OR/XOR directly to memory
for the non-Const benchmarks. TBD, someone might investigate which of
the two fallback strategies is really better. For now, they are both
better than BTx ops.

name              old time/op  new time/op  delta
BitSet-8          1.09µs ± 2%  0.64µs ± 5%  -41.60%  (p=0.000 n=9+10)
BitClear-8        1.15µs ± 3%  0.68µs ± 6%  -41.00%  (p=0.000 n=10+10)
BitToggle-8       1.18µs ± 4%  0.73µs ± 2%  -38.36%  (p=0.000 n=10+8)
BitSetConst-8     37.0ns ± 7%  25.8ns ± 2%  -30.24%  (p=0.000 n=10+10)
BitClearConst-8   30.7ns ± 2%  25.0ns ±12%  -18.46%  (p=0.000 n=10+10)
BitToggleConst-8  36.9ns ± 1%  23.8ns ± 3%  -35.46%  (p=0.000 n=9+10)

Fixes #45790
Update #45242

Change-Id: Ie33a72dc139f261af82db15d446cd0855afb4e59
Reviewed-on: https://go-review.googlesource.com/c/go/+/318149
Trust: Keith Randall <khr@golang.org>
Run-TryBot: Keith Randall <khr@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Ben Shi <powerman1st@163.com>
2021-05-08 03:27:59 +00:00
Dan Scales
f24eac4771 cmd/compile: improving the documentation of various fields and functions
This is only changes to comments, so should be fine to go into 1.17.

Change-Id: I01e28dc76b03fb3ca846d976f8ac84bc2acb2ea2
Reviewed-on: https://go-review.googlesource.com/c/go/+/318009
Run-TryBot: Dan Scales <danscales@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Cuong Manh Le <cuong.manhle.vn@gmail.com>
Reviewed-by: Matthew Dempsky <mdempsky@google.com>
2021-05-07 21:35:41 +00:00
Joe Tsai
3980c4db19 doc/go1.17: fill in TODO for compress/lzw package
Fixes #46005

Change-Id: I80ca21eb64d245749af62506ba960dbc1726c6c4
Reviewed-on: https://go-review.googlesource.com/c/go/+/318012
Trust: Joe Tsai <joetsai@digital-static.net>
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
2021-05-07 21:01:09 +00:00
Joe Tsai
d80d1427a8 doc/go1.17: fill in TODO for reflect package
Updates #46019

Change-Id: I3025927d949ff72535542e89b83dd830e969c255
Reviewed-on: https://go-review.googlesource.com/c/go/+/318011
Trust: Joe Tsai <joetsai@digital-static.net>
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
2021-05-07 20:44:40 +00:00
Emmanuel T Odeke
af6123a865 doc/go1.17: document encoding/binary.Uvarint max read of 10 bytes
Updates #41185
For #44513.
Fixes #46009

Change-Id: I60f4d891b897809765acc0aace037c78e95bb4f7
Reviewed-on: https://go-review.googlesource.com/c/go/+/317929
Trust: Emmanuel Odeke <emmanuel@orijtech.com>
Reviewed-by: Keith Randall <khr@golang.org>
2021-05-07 18:14:25 +00:00
Joe Tsai
b44c78b8c3 doc/go1.17: fill in TODO for strconv package
Updates #46021

Change-Id: Iaed26b5a1defa6c5d00fb7a3998db56d2f1b96b1
Reviewed-on: https://go-review.googlesource.com/c/go/+/318010
Trust: Joe Tsai <joetsai@digital-static.net>
Trust: Joe Tsai <thebrokentoaster@gmail.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
2021-05-07 17:43:31 +00:00
Paul E. Murphy
9bfa6f75d5 cmd/internal/obj: consolidate MOVB cases with other MOV ops on ppc64
We can consolidate MOVB load handling with other MOV* loads. Only
Optab.Size bytes are copied from the slice returned by asmout. Thus,
we can an unconditionally append an extsb operation to the slice
modified by asmout. This extra instruction will only be copied into
the final instruction stream if Optab.Size is 4 bytes larger, as is
the case with MOVB loads.

This removes three extra special cases when loading a signed
byte.

Change-Id: I71f5324551a06a2c3fa28177109aafbe27f3e4cd
Reviewed-on: https://go-review.googlesource.com/c/go/+/314849
Reviewed-by: Lynn Boger <laboger@linux.vnet.ibm.com>
Reviewed-by: Carlos Eduardo Seo <carlos.seo@linaro.org>
Run-TryBot: Paul Murphy <murp@ibm.com>
TryBot-Result: Go Bot <gobot@golang.org>
Trust: Carlos Eduardo Seo <carlos.seo@linaro.org>
2021-05-07 16:08:24 +00:00
Dmitri Shuralyov
a0eb662d85 doc/go1.17: move language specification TODO to the right place
It was misplaced by the relnote tool.

Also add a TODO for CL 312212, per discussion in golang.org/issue/46020.

For #44513.
For #46020.

Change-Id: I8d766df969f85c351ead18df3e45adb6fb27b7a0
Reviewed-on: https://go-review.googlesource.com/c/go/+/317829
Trust: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Carlos Amedee <carlos@golang.org>
2021-05-07 14:16:52 +00:00
Cherry Mui
bdb8044665 cmd/link: don't include arginfo symbols in symbol table
We recently add arginfo symbols for traceback argument metadata.
Like other metadata symbols (GC bitmaps, opendefer info, etc.),
skip arginfo symbols for symbol table as well.

Fixes #45971.

Change-Id: I7a126b75f70ec88e2170e9a274d968762c7bce56
Reviewed-on: https://go-review.googlesource.com/c/go/+/317769
Trust: Cherry Mui <cherryyz@google.com>
Run-TryBot: Cherry Mui <cherryyz@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Than McIntosh <thanm@google.com>
2021-05-07 14:13:18 +00:00
Robert Griesemer
f5423ea615 cmd/compile/internal/types2: add test case for issue 45985
This is a port of https://golang.org/cl/317471.

Updates #45985.

Change-Id: I539d0fa6f9a77eb2fc169a21c5db9921f8eceb03
Reviewed-on: https://go-review.googlesource.com/c/go/+/317732
Trust: Robert Griesemer <gri@golang.org>
Reviewed-by: Robert Findley <rfindley@google.com>
2021-05-07 03:55:29 +00:00
Andy Pan
832c70e33d internal/poll: cast off the last reference of SplicePipe in test
Updates #45059

Change-Id: I9f377abcc7b77136ae6cf4896b968f73c758b559
Reviewed-on: https://go-review.googlesource.com/c/go/+/317510
Reviewed-by: Bryan C. Mills <bcmills@google.com>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
2021-05-07 02:45:26 +00:00
Rob Findley
d2b03111c4 go/types,cmd/compile/internal/types2: unskip std and cmd in TestStdlib
CL 276272 accidentally skipped everything in TestStdlib while trying to
skip nested submodules of std and cmd.

For now, narrow the skip to just the problematic submodule rather than
trying to generalize. We can re-evaluate if it becomes a pattern to
vendor submodules in this way.

Fixes #46027

Change-Id: Ib355ff80dfbf17c3cf37d128a2f48d4216305267
Reviewed-on: https://go-review.googlesource.com/c/go/+/317869
Trust: Robert Findley <rfindley@google.com>
Run-TryBot: Robert Findley <rfindley@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Robert Griesemer <gri@golang.org>
2021-05-07 02:17:32 +00:00
Rob Findley
9524e93adf go/types: add a test case for issue 45985
The fix for #45985 is a little subtle. Start by committing the (bad)
test case.

For #45985

Change-Id: Ia6625818e9b1c5e869b2c2f724f817c13c9944d1
Reviewed-on: https://go-review.googlesource.com/c/go/+/317471
Trust: Robert Findley <rfindley@google.com>
Run-TryBot: Robert Findley <rfindley@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Robert Griesemer <gri@golang.org>
2021-05-07 02:05:28 +00:00