- 28 Jan, 2015 19 commits
-
-
Brad Fitzpatrick authored
This should fix the race builders. Change-Id: I9c9e7393d5e29d64ab797e346b34b1fa1dfe6d96 Reviewed-on: https://go-review.googlesource.com/3441Reviewed-by: Dmitry Vyukov <dvyukov@google.com>
-
Dmitry Vyukov authored
net/http/pprof part of tracing functionality: https://docs.google.com/document/u/1/d/1FP5apqzBgr7ahCCgFO-yoVhk4YZrNIDNf9RybngBc14/pub Full change: https://codereview.appspot.com/146920043 Change-Id: I9092028fcbd5e8f97a56f2c155889ccdfb494afb Reviewed-on: https://go-review.googlesource.com/1453Reviewed-by: Russ Cox <rsc@golang.org>
-
Dmitry Vyukov authored
Currently we allocate a new string during []byte->string conversion in string comparison expressions. String allocation is unnecessary in this case, because comparison does memorize the strings for later use. This change uses slicebytetostringtmp to construct temp string directly from []byte buffer and passes it to runtime.eqstring. Change-Id: If00f1faaee2076baa6f6724d245d5b5e0f59b563 Reviewed-on: https://go-review.googlesource.com/3410Reviewed-by: Russ Cox <rsc@golang.org>
-
Dmitry Vyukov authored
Coarse-grained test skips to fix bots. Need to look closer at windows and nacl failures. Change-Id: I767ef1707232918636b33f715459ee3c0349b45e Reviewed-on: https://go-review.googlesource.com/3416Reviewed-by: Aram Hăvărneanu <aram@mgk.ro> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
-
Dmitry Vyukov authored
Escape analysis treats everything assigned to OIND/ODOTPTR as escaping. As the result b escapes in the following code: func (b *Buffer) Foo() { n, m := ... b.buf = b.buf[n:m] } This change recognizes such assignments and ignores them. Update issue #9043. Update issue #7921. There are two similar cases in std lib that benefit from this optimization. First is in archive/zip: type readBuf []byte func (b *readBuf) uint32() uint32 { v := binary.LittleEndian.Uint32(*b) *b = (*b)[4:] return v } Second is in time: type data struct { p []byte error bool } func (d *data) read(n int) []byte { if len(d.p) < n { d.p = nil d.error = true return nil } p := d.p[0:n] d.p = d.p[n:] return p } benchmark old ns/op new ns/op delta BenchmarkCompressedZipGarbage 32431724 32217851 -0.66% benchmark old allocs new allocs delta BenchmarkCompressedZipGarbage 153 143 -6.54% Change-Id: Ia6cd32744e02e36d6d8c19f402f8451101711626 Reviewed-on: https://go-review.googlesource.com/3162Reviewed-by: Keith Randall <khr@golang.org> Reviewed-by: Russ Cox <rsc@golang.org>
-
Dmitry Vyukov authored
Currently all PTRLIT element initializers escape. There is no reason for that. This change links STRUCTLIT to PTRLIT; STRUCTLIT element initializers are already linked to the STRUCTLIT. As the result, PTRLIT element initializers escape when PTRLIT itself escapes. Change-Id: I89ecd8677cbf81addcfd469cd2fd461c0e9bf7dd Reviewed-on: https://go-review.googlesource.com/3031Reviewed-by: Russ Cox <rsc@golang.org>
-
Dmitry Vyukov authored
Change-Id: I832a433f0f2fc10b0a2fea0bfb003a988fc2c81b Reviewed-on: https://go-review.googlesource.com/2039Reviewed-by: Russ Cox <rsc@golang.org>
-
Dmitry Vyukov authored
cmd/go part of tracing functionality: https://docs.google.com/document/u/1/d/1FP5apqzBgr7ahCCgFO-yoVhk4YZrNIDNf9RybngBc14/pub Full change: https://codereview.appspot.com/146920043 Change-Id: If346e11b8029c475b01fbf7172ce1c88171fb1b2 Reviewed-on: https://go-review.googlesource.com/1460Reviewed-by: Russ Cox <rsc@golang.org>
-
Dmitry Vyukov authored
testing part of tracing functionality: https://docs.google.com/document/u/1/d/1FP5apqzBgr7ahCCgFO-yoVhk4YZrNIDNf9RybngBc14/pub Full change: https://codereview.appspot.com/146920043 Change-Id: Ia3c2c4417106937d5775b0e7064db92c1fc36679 Reviewed-on: https://go-review.googlesource.com/1461Reviewed-by: Russ Cox <rsc@golang.org>
-
Dmitry Vyukov authored
runtime/pprof part of tracing functionality: https://docs.google.com/document/u/1/d/1FP5apqzBgr7ahCCgFO-yoVhk4YZrNIDNf9RybngBc14/pub Full change: https://codereview.appspot.com/146920043 Change-Id: I3143a569cbd33576f19ca47308d1ff5200d8c955 Reviewed-on: https://go-review.googlesource.com/1452Reviewed-by: Russ Cox <rsc@golang.org>
-
Dmitry Vyukov authored
Add actual tracing of interesting runtime events. Part of a larger tracing functionality: https://docs.google.com/document/u/1/d/1FP5apqzBgr7ahCCgFO-yoVhk4YZrNIDNf9RybngBc14/pub Full change: https://codereview.appspot.com/146920043 Change-Id: Icccf54aea54e09350bb698ba6bf11532f9fbe6d3 Reviewed-on: https://go-review.googlesource.com/1451Reviewed-by: Russ Cox <rsc@golang.org>
-
Dmitry Vyukov authored
This is first patch of series of patches that implement tracing functionality. Design doc: https://docs.google.com/document/u/1/d/1FP5apqzBgr7ahCCgFO-yoVhk4YZrNIDNf9RybngBc14/pub Full change: https://codereview.appspot.com/146920043 Change-Id: I84588348bb05a6f6a102c230f3bca6380a3419fe Reviewed-on: https://go-review.googlesource.com/1450Reviewed-by: Russ Cox <rsc@golang.org>
-
Dmitry Vyukov authored
For some reason the current conditions require the type to be "uintptr-shaped". This cuts off structs and arrays with a pointer. isdirectiface and width==widthptr is sufficient condition to enable the fast paths. Change-Id: I11842531e7941365413606cfd6c34c202aa14786 Reviewed-on: https://go-review.googlesource.com/3414Reviewed-by: Russ Cox <rsc@golang.org>
-
Dmitry Vyukov authored
Fixes #9691. Change-Id: I22bfc82e05497e91a7b18a668913aed6c723365d Reviewed-on: https://go-review.googlesource.com/3282Reviewed-by: Russ Cox <rsc@golang.org>
-
Dmitry Vyukov authored
Race builders report goroutine leaks after addition of this benchmark: http://build.golang.org/log/18e47f4cbc18ee8db125e1f1157573dd1e333c41 Close idle connection in default transport. Change-Id: I86ff7b2e0972ed47c5ebcb9fce19e7f39d3ff530 Reviewed-on: https://go-review.googlesource.com/3412Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
-
Dmitry Vyukov authored
Call frame allocations can account for significant portion of all allocations in a program, if call is executed in an inner loop (e.g. to process every line in a log). On the other hand, the allocation is easy to remove using sync.Pool since the allocation is strictly scoped. benchmark old ns/op new ns/op delta BenchmarkCall 634 338 -46.69% BenchmarkCall-4 496 167 -66.33% benchmark old allocs new allocs delta BenchmarkCall 1 0 -100.00% BenchmarkCall-4 1 0 -100.00% Update #7818 Change-Id: Icf60cce0a9be82e6171f0c0bd80dee2393db54a7 Reviewed-on: https://go-review.googlesource.com/1954Reviewed-by: Keith Randall <khr@golang.org>
-
Mikio Hara authored
This change extends existing test case to Windows for helping to fix golang.org/issue/5395. Change-Id: Iff077fa98ede511981df513f48d84c19375b3e04 Reviewed-on: https://go-review.googlesource.com/3304Reviewed-by: Alex Brainman <alex.brainman@gmail.com>
-
Russ Cox authored
Pointers change from run to run, making it hard to use the debug output to identify the reason for a changed object file. Change-Id: I0c954da0943092c48686afc99ecf75eba516de6a Reviewed-on: https://go-review.googlesource.com/3352Reviewed-by: Aram Hăvărneanu <aram@mgk.ro> Reviewed-by: Rob Pike <r@golang.org>
-
David Leon Gil authored
ECDSA is unsafe to use if an entropy source produces predictable output for the ephemeral nonces. E.g., [Nguyen]. A simple countermeasure is to hash the secret key, the message, and entropy together to seed a CSPRNG, from which the ephemeral key is derived. Fixes #9452 -- This is a minimalist (in terms of patch size) solution, though not the most parsimonious in its use of primitives: - csprng_key = ChopMD-256(SHA2-512(priv.D||entropy||hash)) - reader = AES-256-CTR(k=csprng_key) This, however, provides at most 128-bit collision-resistance, so that Adv will have a term related to the number of messages signed that is significantly worse than plain ECDSA. This does not seem to be of any practical importance. ChopMD-256(SHA2-512(x)) is used, rather than SHA2-256(x), for two sets of reasons: *Practical:* SHA2-512 has a larger state and 16 more rounds; it is likely non-generically stronger than SHA2-256. And, AFAIK, cryptanalysis backs this up. (E.g., [Biryukov] gives a distinguisher on 47-round SHA2-256 with cost < 2^85.) This is well below a reasonable security-strength target. *Theoretical:* [Coron] and [Chang] show that Chop-MD(F(x)) is indifferentiable from a random oracle for slightly beyond the birthday barrier. It seems likely that this makes a generic security proof that this construction remains UF-CMA is possible in the indifferentiability framework. -- Many thanks to Payman Mohassel for reviewing this construction; any mistakes are mine, however. And, as he notes, reusing the private key in this way means that the generic-group (non-RO) proof of ECDSA's security given in [Brown] no longer directly applies. -- [Brown]: http://www.cacr.math.uwaterloo.ca/techreports/2000/corr2000-54.ps "Brown. The exact security of ECDSA. 2000" [Coron]: https://www.cs.nyu.edu/~puniya/papers/merkle.pdf "Coron et al. Merkle-Damgard revisited. 2005" [Chang]: https://www.iacr.org/archive/fse2008/50860436/50860436.pdf "Chang and Nandi. Improved indifferentiability security analysis of chopMD hash function. 2008" [Biryukov]: http://www.iacr.org/archive/asiacrypt2011/70730269/70730269.pdf "Biryukov et al. Second-order differential collisions for reduced SHA-256. 2011" [Nguyen]: ftp://ftp.di.ens.fr/pub/users/pnguyen/PubECDSA.ps "Nguyen and Shparlinski. The insecurity of the elliptic curve digital signature algorithm with partially known nonces. 2003" New tests: TestNonceSafety: Check that signatures are safe even with a broken entropy source. TestINDCCA: Check that signatures remain non-deterministic with a functional entropy source. Updated "golden" KATs in crypto/tls/testdata that use ECDSA suites. Change-Id: I55337a2fbec2e42a36ce719bd2184793682d678a Reviewed-on: https://go-review.googlesource.com/3340Reviewed-by: Adam Langley <agl@golang.org>
-
- 27 Jan, 2015 10 commits
-
-
Robert Griesemer authored
- fixed Float.Add, Float.Sub - fixed Float.PString to be platform independent - fixed Float.Uint64 - fixed various test outputs TBR: adonovan Change-Id: I9d273b344d4786f1fed18862198b23285c358a39 Reviewed-on: https://go-review.googlesource.com/3321Reviewed-by: Robert Griesemer <gri@golang.org>
-
Dmitry Vyukov authored
The %61 hack was added when runtime was is in C. Now the Go compiler does the optimization. Change-Id: I79c3302ec4b931eaaaaffe75e7101c92bf287fc7 Reviewed-on: https://go-review.googlesource.com/3289Reviewed-by: Keith Randall <khr@golang.org>
-
Dmitry Vyukov authored
BenchmarkClient is intended for profiling the client without the HTTP server code. The server code runs in a subprocess. Change-Id: I9aa128604d0d4e94dc5c0372dc86f962282ed6e8 Reviewed-on: https://go-review.googlesource.com/3164Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
-
Robert Griesemer authored
Change-Id: I73a416291a2374dbb8ce8586f24059f8dce56529 Reviewed-on: https://go-review.googlesource.com/3360Reviewed-by: Alan Donovan <adonovan@google.com>
-
Dmitry Vyukov authored
Consider the following code: s := "(" + string(byteSlice) + ")" Currently we allocate a new string during []byte->string conversion, and pass it to concatstrings. String allocation is unnecessary in this case, because concatstrings does memorize the strings for later use. This change uses slicebytetostringtmp to construct temp string directly from []byte buffer and passes it to concatstrings. I've found few such cases in std lib: s += string(msg[off:off+c]) + "." buf.WriteString("Sec-WebSocket-Accept: " + string(c.accept) + "\r\n") bw.WriteString("Sec-WebSocket-Key: " + string(nonce) + "\r\n") err = xml.Unmarshal([]byte("<Top>"+string(data)+"</Top>"), &logStruct) d.err = d.syntaxError("invalid XML name: " + string(b)) return m, ProtocolError("malformed MIME header line: " + string(kv)) But there are much more in our internal code base. Change-Id: I42f401f317131237ddd0cb9786b0940213af16fb Reviewed-on: https://go-review.googlesource.com/3163Reviewed-by: Keith Randall <khr@golang.org> Reviewed-by: Russ Cox <rsc@golang.org>
-
Dmitry Vyukov authored
This is another case where we can say that the address refers to stack. We create such temps for OSTRUCTLIT initialization. This eliminates a handful of write barriers today. But this come up a prerequisite for another change (capturing vars by value), otherwise we emit writebarriers in writebarrier itself when capture writebarrier arguments by value. Change-Id: Ibba93acd0f5431c5a4c3d90ef1e622cb9a7ff50e Reviewed-on: https://go-review.googlesource.com/3285Reviewed-by: Russ Cox <rsc@golang.org>
-
Dmitry Vyukov authored
Typecheck for range variables before typechecking for range body. Body can refer to new vars declared in for range, so it is preferable to typecheck them before the body. Makes typecheck order consistent between ORANGE and OFOR. This come up during another change that computes some predicates on variables during typechecking. Change-Id: Ic975db61b1fd5b7f9ee78896d4cc7d93c593c532 Reviewed-on: https://go-review.googlesource.com/3284Reviewed-by: Russ Cox <rsc@golang.org>
-
Dmitry Vyukov authored
Half of tests currently crash with GODEBUG=wbshadow. _PageSize is set to 8192. So data can be extended outside of actually mapped region during rounding. Which leads to crash during initial copying to shadow. Use _PhysPageSize instead. Change-Id: Iaa89992bd57f86dafa16b092b53fdc0606213acb Reviewed-on: https://go-review.googlesource.com/3286Reviewed-by: Russ Cox <rsc@golang.org>
-
Dmitry Vyukov authored
Currently we scan maps even if k/v does not contain pointers. This is required because overflow buckets are hanging off the main table. This change introduces a separate array that contains pointers to all overflow buckets and keeps them alive. Buckets themselves are marked as containing no pointers and are not scanned by GC (if k/v does not contain pointers). This brings maps in line with slices and chans -- GC does not scan their contents if elements do not contain pointers. Currently scanning of a map[int]int with 2e8 entries (~8GB heap) takes ~8 seconds. With this change scanning takes negligible time. Update #9477. Change-Id: Id8a04066a53d2f743474cad406afb9f30f00eaae Reviewed-on: https://go-review.googlesource.com/3288Reviewed-by: Keith Randall <khr@golang.org>
-
Dmitry Vyukov authored
runtime/debug test crashes with GOMAXPROCS>1: fatal error: unexpected signal during runtime execution [signal 0xb code=0x1 addr=0x0 pc=0x80521b8] runtime stack: runtime.throw(0x8195028, 0x2a) src/runtime/panic.go:508 +0x71 fp=0x18427f24 sp=0x18427f18 runtime.sigpanic() src/runtime/sigpanic_unix.go:12 +0x53 fp=0x18427f4c sp=0x18427f24 runtime.finq_callback(0x0, 0x0, 0x0, 0x8129140, 0x0) src/runtime/heapdump.go:410 +0x58 fp=0x18427f58 sp=0x18427f4c runtime.iterate_finq(0x81a6860) src/runtime/mfinal.go:89 +0x73 fp=0x18427f78 sp=0x18427f58 runtime.dumproots() src/runtime/heapdump.go:448 +0x17a fp=0x18427fa4 sp=0x18427f78 runtime.mdump() src/runtime/heapdump.go:652 +0xbc fp=0x18427fb4 sp=0x18427fa4 runtime.writeheapdump_m(0x3) This happens because runfinq goroutine nils some elements in allfin after execution of finalizers: // drop finalizer queue references to finalized object f.fn = nil f.arg = nil f.ot = nil Then heapdump crashes trying to dereference fn.fn here: func finq_callback(fn *funcval, obj unsafe.Pointer, nret uintptr, fint *_type, ot *ptrtype) { dumpint(tagQueuedFinalizer) dumpint(uint64(uintptr(obj))) dumpint(uint64(uintptr(unsafe.Pointer(fn)))) dumpint(uint64(uintptr(unsafe.Pointer(fn.fn)))) dumpint(uint64(uintptr(unsafe.Pointer(fint)))) dumpint(uint64(uintptr(unsafe.Pointer(ot)))) } Change-Id: I372433c964180d782967be63d4355e568666980d Reviewed-on: https://go-review.googlesource.com/3287Reviewed-by: Keith Randall <khr@golang.org>
-
- 26 Jan, 2015 10 commits
-
-
Adam Langley authored
This reverts commit 8d7bf229. Change-Id: Iad2c74a504d64bcf7ca707b00bda29bc796a2ae9 Reviewed-on: https://go-review.googlesource.com/3320Reviewed-by: Adam Langley <agl@golang.org>
-
David Leon Gil authored
ECDSA is unsafe to use if an entropy source produces predictable output for the ephemeral nonces. E.g., [Nguyen]. A simple countermeasure is to hash the secret key, the message, and entropy together to seed a CSPRNG, from which the ephemeral key is derived. -- This is a minimalist (in terms of patch size) solution, though not the most parsimonious in its use of primitives: - csprng_key = ChopMD-256(SHA2-512(priv.D||entropy||hash)) - reader = AES-256-CTR(k=csprng_key) This, however, provides at most 128-bit collision-resistance, so that Adv will have a term related to the number of messages signed that is significantly worse than plain ECDSA. This does not seem to be of any practical importance. ChopMD-256(SHA2-512(x)) is used, rather than SHA2-256(x), for two sets of reasons: *Practical:* SHA2-512 has a larger state and 16 more rounds; it is likely non-generically stronger than SHA2-256. And, AFAIK, cryptanalysis backs this up. (E.g., [Biryukov] gives a distinguisher on 47-round SHA2-256 with cost < 2^85.) This is well below a reasonable security-strength target. *Theoretical:* [Coron] and [Chang] show that Chop-MD(F(x)) is indifferentiable from a random oracle for slightly beyond the birthday barrier. It seems likely that this makes a generic security proof that this construction remains UF-CMA is possible in the indifferentiability framework. -- Many thanks to Payman Mohassel for reviewing this construction; any mistakes are mine, however. And, as he notes, reusing the private key in this way means that the generic-group (non-RO) proof of ECDSA's security given in [Brown] no longer directly applies. -- [Brown]: http://www.cacr.math.uwaterloo.ca/techreports/2000/corr2000-54.ps "Brown. The exact security of ECDSA. 2000" [Coron]: https://www.cs.nyu.edu/~puniya/papers/merkle.pdf "Coron et al. Merkle-Damgard revisited. 2005" [Chang]: https://www.iacr.org/archive/fse2008/50860436/50860436.pdf "Chang and Nandi. Improved indifferentiability security analysis of chopMD hash function. 2008" [Biryukov]: http://www.iacr.org/archive/asiacrypt2011/70730269/70730269.pdf "Biryukov et al. Second-order differential collisions for reduced SHA-256. 2011" [Nguyen]: ftp://ftp.di.ens.fr/pub/users/pnguyen/PubECDSA.ps "Nguyen and Shparlinski. The insecurity of the elliptic curve digital signature algorithm with partially known nonces. 2003" Fixes #9452 Tests: TestNonceSafety: Check that signatures are safe even with a broken entropy source. TestINDCCA: Check that signatures remain non-deterministic with a functional entropy source. Change-Id: Ie7e04057a3a26e6becb80e845ecb5004bb482745 Reviewed-on: https://go-review.googlesource.com/2422Reviewed-by: Adam Langley <agl@golang.org>
-
Russ Cox authored
The argument is unused in the C code but will be used in the Go translation, because the Prog holds information needed to invoke the right meaning of %A in the ctxt->diag calls in vaddr. Change-Id: I501830f8ea0e909aafd8ec9ef5d7338e109d9548 Reviewed-on: https://go-review.googlesource.com/3041Reviewed-by: Ian Lance Taylor <iant@golang.org> Reviewed-on: https://go-review.googlesource.com/3310Reviewed-by: Russ Cox <rsc@golang.org>
-
Russ Cox authored
Change-Id: I10b781927245a3e9822f9cffe254f226a5b93213 Reviewed-on: https://go-review.googlesource.com/3279Reviewed-by: Russ Cox <rsc@golang.org>
-
Russ Cox authored
- Remove more ? : expressions. - Use uint32 **hash instead of uint32 *hash[] in function argument. - Change array.c API to use int, not int32, to match Go's slices. - Rename strlit to newstrlit, to avoid case-insensitive collision with Strlit. - Fix a few incorrect printf formats. - Rename a few variables from 'len' to n or length. - Eliminate direct string editing building up names like convI2T. Change-Id: I754cf553402ccdd4963e51b7039f589286219c29 Reviewed-on: https://go-review.googlesource.com/3278Reviewed-by: Rob Pike <r@golang.org>
-
Russ Cox authored
cmd/gc contains symbol references into the back end dirs like 6g. It also contains a few files that include the back end header files and are compiled separately for each back end, despite being in cmd/gc. cmd/gc also defines main, which makes at least one reverse symbol reference unavoidable. (Otherwise you can't get into back-end code.) This was all expedient, but it's too tightly coupled, especially for a program written Go. Make cmd/gc into a true library, letting the back end define main and call into cmd/gc after making the necessary references available. cmd/gc being a real library will ease the transition to Go. Change-Id: I4fb9a0e2b11a32f1d024b3c56fc3bd9ee458842c Reviewed-on: https://go-review.googlesource.com/3277Reviewed-by: Rob Pike <r@golang.org>
-
Russ Cox authored
- Change forward reference to struct Node* to void* in liblink. - Use explicit (Node*) casts in cmd/gc to get at that field. - Define struct Array in go.h instead of hiding it in array.c. - Remove some sizeof(uint32), sizeof(uint64) uses. - Remove some ? : expressions. - Rewrite some problematic mid-expression assignments. Change-Id: I308c70140238a0cfffd90e133f86f442cd0e17d4 Reviewed-on: https://go-review.googlesource.com/3276Reviewed-by: Rob Pike <r@golang.org>
-
David du Colombier authored
This change is a recreation of the CL written by Nick Owens on http://golang.org/cl/150730043. If the stat buffer is too short, the kernel informs us by putting the 2-byte size in the buffer, so we read that and try again. This follows the same algorithm as /sys/src/libc/9sys/dirfstat.c. Fixes #8781. Change-Id: I01b4ad3a5e705dd4cab6673c7a119f8bef9bbd7c Reviewed-on: https://go-review.googlesource.com/3281Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
-
Shenghou Ma authored
Change-Id: I06035d949272157bbb7255563b37ac93cbf07f15 Reviewed-on: https://go-review.googlesource.com/3272Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
-
Shenghou Ma authored
Creating a tar containing files with 0000 permission bits is not going to be useful. Change-Id: Ie489c2891c335d32270b18f37b0e32ecdca536a6 Reviewed-on: https://go-review.googlesource.com/3271Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
-
- 25 Jan, 2015 1 commit
-
-
Andrew Ekstedt authored
Change-Id: Ie7031ae37f52ea1f229bfb769daf306d537b3d3e Reviewed-on: https://go-review.googlesource.com/3300Reviewed-by: Minux Ma <minux@golang.org>
-