[dev.unified] all: merge master (462b78f) into dev.unified

Merge List:

+ 2022-07-27 462b78f misc/cgo/test: use fewer threads in TestSetgidStress in long mode
+ 2022-07-27 055113e math/big: check buffer lengths in GobDecode
+ 2022-07-27 4248146 net: document UDPConn.ReadFromUDPAddrPort's AddrPort result more
+ 2022-07-26 faf4e97 net: fix WriteMsgUDPAddrPort addr handling
+ 2022-07-26 caa225d doc/go1.19: note that updated race syso files require GNU ld 2.26
+ 2022-07-26 ceefd3a bytes: document that Reader.Reset affects the result of Size
+ 2022-07-26 3e97294 runtime/cgo: use frame address to set g0 stack bound
+ 2022-07-25 24dc27a cmd/compile: fix blank label code
+ 2022-07-25 9fcc8b2 runtime: fix runtime.Breakpoint() on windows/arm64
+ 2022-07-25 795a88d cmd/go: add space after comma in 'go help test'
+ 2022-07-25 9eb3992 doc/go1.19: minor fixes
+ 2022-07-25 dcea1ee time: clarify documentation for allowed formats and add tests to prove them
+ 2022-07-25 37c8112 internal/fuzz: fix typo in function comments
+ 2022-07-25 850d547 doc/go1.19: expand crypto release notes
+ 2022-07-24 64f2829 runtime: fix typo in function comments
+ 2022-07-24 2ff563a cmd/compile/internal/noder: correct spelling errors for instantiation
+ 2022-07-22 c5da4fb cmd/compile: make jump table symbol local
+ 2022-07-22 774fa58 A+C: delete AUTHORS and CONTRIBUTORS
+ 2022-07-21 2d655fb unsafe: document when Sizeof/Offsetof/Alignof are not constant
+ 2022-07-21 076c3d7 net/http: remove accidental heading in Head documentation
+ 2022-07-21 c4a6d30 cmd/dist: enable race detector test on S390X
+ 2022-07-20 244c8b0 cmd/cgo: allow cgo to pass strings or []bytes bigger than 1<<30
+ 2022-07-20 df38614 test: use go tool from tree, not path
+ 2022-07-20 bb1749b cmd/compile: improve GOAMD64=v1 violation test
+ 2022-07-19 176b63e crypto/internal/nistec,debug/gosym: fix typos

Change-Id: I96e5d60039381691dffd841e58927f0afff8c544

doc/go1.19.html

@@ -322,16 +322,58 @@ <h3 id="minor_library_changes">Minor changes to the library</h3>
   </dd>
 </dl><!-- archive/zip -->
 
+<dl id="crypto/elliptic"><dt><a href="/pkg/crypto/elliptic/">crypto/elliptic</a></dt>
+  <dd>
+    <p><!-- CL 382995 -->
+      Operating on invalid curve points (those for which the
+      <code>IsOnCurve</code> method returns false, and which are never returned
+      by <code>Unmarshal</code> or by a <code>Curve</code> method operating on a
+      valid point) has always been undefined behavior and can lead to key
+      recovery attacks. If an invalid point is supplied to
+      <a href="/pkg/crypto/elliptic/#Marshal"><code>Marshal</code></a>,
+      <a href="/pkg/crypto/elliptic/#MarshalCompressed"><code>MarshalCompressed</code></a>,
+      <a href="/pkg/crypto/elliptic/#Curve.Add"><code>Add</code></a>,
+      <a href="/pkg/crypto/elliptic/#Curve.Double"><code>Double</code></a>, or
+      <a href="/pkg/crypto/elliptic/#Curve.ScalarMult"><code>ScalarMult</code></a>,
+      they will now panic.
+    </p>
+
+    <p><!-- golang.org/issue/52182 -->
+      <code>ScalarBaseMult</code> operations on the <code>P224</code>,
+      <code>P384</code>, and <code>P521</code> curves are now up to three
+      times faster, leading to similar speedups in some ECDSA operations. The
+      generic (not platform optimized) <code>P256</code> implementation was
+      replaced with one derived from a formally verified model; this might
+      lead to significant slowdowns on 32-bit platforms.
+    </p>
+  </dd>
+</dl><!-- crypto/elliptic -->
+
 <dl id="crypto/rand"><dt><a href="/pkg/crypto/rand/">crypto/rand</a></dt>
   <dd>
     <p><!-- CL 370894 --><!-- CL 390038 -->
       <a href="/pkg/crypto/rand/#Read"><code>Read</code></a> no longer buffers
-      random data obtained from the operating system between calls.
+      random data obtained from the operating system between calls. Applications
+      that perform many small reads at high frequency might choose to wrap
+      <a href="/pkg/crypto/rand/#Reader"><code>Reader</code></a> in a
+      <a href="/pkg/bufio/#Reader"><code>bufio.Reader</code></a> for performance
+      reasons, taking care to use
+      <a href="/pkg/io/#ReadFull"><code>io.ReadFull</code></a>
+      to ensure no partial reads occur.
     </p>
 
     <p><!-- CL 375215 -->
       On Plan 9, <code>Read</code> has been reimplemented, replacing the ANSI
-      X9.31 algorithm with fast key erasure.
+      X9.31 algorithm with a fast key erasure generator.
+    </p>
+
+    <p><!-- CL 391554 --><!-- CL 387554 -->
+      The <a href="/pkg/crypto/rand/#Prime"><code>Prime</code></a>
+      implementation was simplified. This will lead to different outputs for the
+      same random stream compared to the previous implementation. The internals
+      of <code>Prime</code> are not stable, should not be relied upon not to
+      change, and the output is now intentionally non-deterministic with respect
+      to the input stream.
     </p>
   </dd>
 </dl><!-- crypto/rand -->
@@ -364,6 +406,19 @@ <h3 id="minor_library_changes">Minor changes to the library</h3>
       <code>CreateCertificate</code> no longer accepts negative serial numbers.
     </p>
 
+    <p><!-- CL 399827 -->
+      <code>CreateCertificate</code> will not emit an empty SEQUENCE anymore
+      when the produced certificate has no extensions.
+    </p>
+
+    <p><!-- CL 396774 -->
+      Removal of the <code>x509sha1=1</code> <code>GODEBUG</code> option,
+      originally planned for Go 1.19, has been rescheduled to a future release.
+      Applications using it should work on migrating. Practical attacks against
+      SHA-1 have been demonstrated since 2017 and publicly trusted Certificate
+      Authorities have not issued SHA-1 certificates since 2015.
+    </p>
+
     <p><!-- CL 383215 -->
       <a href="/pkg/crypto/x509/#ParseCertificate"><code>ParseCertificate</code></a>
       and <a href="/pkg/crypto/x509/#ParseCertificateRequest"><code>ParseCertificateRequest</code></a>
@@ -373,33 +428,34 @@ <h3 id="minor_library_changes">Minor changes to the library</h3>
     <p><!-- https://go.dev/issue/46057 --><!-- https://go.dev/issue/35044 --><!-- CL 398237 --><!-- CL 400175 --><!-- CL 388915 -->
       The new <a href="/pkg/crypto/x509/#CertPool.Clone"><code>CertPool.Clone</code></a>
       and <a href="/pkg/crypto/x509/#CertPool.Equal"><code>CertPool.Equal</code></a>
-      methods allow cloning a <code>CertPool</code> and checking the equality of two
+      methods allow cloning a <code>CertPool</code> and checking the equivalence of two
       <code>CertPool</code>s respectively.
     </p>
 
     <p><!-- https://go.dev/issue/50674 --><!-- CL 390834 -->
       The new function <a href="/pkg/crypto/x509/#ParseRevocationList"><code>ParseRevocationList</code></a>
       provides a faster, safer to use CRL parser which returns a
       <a href="/pkg/crypto/x509/#RevocationList"><code>RevocationList</code></a>.
-      To support this addition, <code>RevocationList</code> adds new fields
+      Parsing a CRL also populates the new <code>RevocationList</code> fields
       <code>RawIssuer</code>, <code>Signature</code>,
-      <code>AuthorityKeyId</code>, and <code>Extensions</code>.
-
+      <code>AuthorityKeyId</code>, and <code>Extensions</code>, which are ignored by
+      <a href="/pkg/crypto/x509/#CreateRevocationList"><code>CreateRevocationList</code></a>.
+    </p><p>
       The new method <a href="/pkg/crypto/x509/#RevocationList.CheckSignatureFrom"><code>RevocationList.CheckSignatureFrom</code></a>
       checks that the signature on a CRL is a valid signature from a
       <a href="/pkg/crypto/x509/#Certificate"><code>Certificate</code></a>.
-
-      With the new CRL functionality, the existing functions
-      <a href="/pkg/crypto/x509/#ParseCRL"><code>ParseCRL</code></a> and
-      <a href="/pkg/crypto/x509/#ParseDERCRL"><code>ParseDERCRL</code></a> are deprecated.
-      Additionally the method <a href="/pkg/crypto/x509#Certificate.CheckCRLSignature"><code>Certificate.CheckCRLSignature</code></a>
-      is deprecated.
+    </p><p>
+      The <a href="/pkg/crypto/x509/#ParseCRL"><code>ParseCRL</code></a> and
+      <a href="/pkg/crypto/x509/#ParseDERCRL"><code>ParseDERCRL</code></a> functions
+      are now deprecated in favor of <code>ParseRevocationList</code>.
+      The <a href="/pkg/crypto/x509#Certificate.CheckCRLSignature"><code>Certificate.CheckCRLSignature</code></a>
+      method is deprecated in favor of <code>RevocationList.CheckSignatureFrom</code>.
     </p>
 
-    <p><!-- CL 389555 -->
-      When building paths, <a href="/pkg/crypto/x509/#Certificate.Verify"><code>Certificate.Verify</code></a>
-      now considers certificates to be equal when the subjects, public keys, and SANs
-      are all equal. Before, it required byte-for-byte equality.
+    <p><!-- CL 389555, CL 401115, CL 403554 -->
+      The path builder of <a href="/pkg/crypto/x509/#Certificate.Verify"><code>Certificate.Verify</code></a>
+      was overhauled and should now produce better chains and/or be more efficient in complicated scenarios.
+      Name constraints are now also enforced on non-leaf certificates.
     </p>
   </dd>
 </dl><!-- crypto/x509 -->
@@ -415,14 +471,14 @@ <h3 id="minor_library_changes">Minor changes to the library</h3>
   </dd>
 </dl><!-- crypto/x509/pkix -->
 
-<dl id="debug"><dt><a href="/pkg/debug/">debug</a></dt>
+<dl id="debug/elf"><dt><a href="/pkg/debug/elf">debug/elf</a></dt>
   <dd>
     <p><!-- CL 396735 -->
       The new <code>EM_LONGARCH</code> and <code>R_LARCH_*</code> constants
       support the loong64 port.
     </p>
   </dd>
-</dl><!-- debug -->
+</dl><!-- debug/elf -->
 
 <dl id="debug/pe"><dt><a href="/pkg/debug/pe/">debug/pe</a></dt>
   <dd>
@@ -816,7 +872,8 @@ <h3 id="minor_library_changes">Minor changes to the library</h3>
       Compared to v2, it is now typically 1.5x to 2x faster, uses half
       as much memory, and it supports an unlimited number of
       goroutines.
-      On Linux, the race detector now requires at least glibc version 2.17.
+      On Linux, the race detector now requires at least glibc version
+      2.17 and GNU binutils 2.26.
     </p>
 
     <p><!-- CL 336549 -->
@@ -851,9 +908,9 @@ <h3 id="minor_library_changes">Minor changes to the library</h3>
     </p>
     <p><!-- https://go.dev/issue/50340 --><!-- CL 396514 -->
       The new function
-      <a href="/pkg/sort/#Find">Find</a>
+      <a href="/pkg/sort/#Find"><code>Find</code></a>
       is like
-      <a href="/pkg/sort/#Search">Search</a>
+      <a href="/pkg/sort/#Search"><code>Search</code></a>
       but often easier to use: it returns an additional boolean reporting whether an equal value was found.
     </p>
   </dd>
@@ -883,7 +940,7 @@ <h3 id="minor_library_changes">Minor changes to the library</h3>
     </p>
 
     <p><!-- CL 391434 -->
-      On AIX and Solaris, <code>Getrusage</code> is now defined.
+      On AIX and Solaris, <a href="/pkg/syscall/#Getrusage"><code>Getrusage</code></a> is now defined.
     </p>
   </dd>
 </dl><!-- syscall -->

misc/cgo/test/setgid2_linux.go

@@ -20,10 +20,7 @@ import (
 )
 
 func testSetgidStress(t *testing.T) {
-	var N = 1000
-	if testing.Short() {
-		N = 50
-	}
+	const N = 50
 	ch := make(chan int, N)
 	for i := 0; i < N; i++ {
 		go func() {

misc/cgo/testplugin/plugin_test.go

@@ -307,6 +307,12 @@ func TestIssue52937(t *testing.T) {
 	goCmd(t, "build", "-buildmode=plugin", "-o", "issue52937.so", "./issue52937/main.go")
 }
 
+func TestIssue53989(t *testing.T) {
+	goCmd(t, "build", "-buildmode=plugin", "-o", "issue53989.so", "./issue53989/plugin.go")
+	goCmd(t, "build", "-o", "issue53989.exe", "./issue53989/main.go")
+	run(t, "./issue53989.exe")
+}
+
 func TestForkExec(t *testing.T) {
 	// Issue 38824: importing the plugin package causes it hang in forkExec on darwin.
 

misc/cgo/testplugin/testdata/issue53989/main.go

@@ -0,0 +1,32 @@
+// Copyright 2022 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Issue 53989: the use of jump table caused a function
+// from the plugin jumps in the middle of the function
+// to the function with the same name in the main
+// executable. As these two functions may be compiled
+// differently as plugin needs to be PIC, this causes
+// crash.
+
+package main
+
+import (
+	"plugin"
+
+	"testplugin/issue53989/p"
+)
+
+func main() {
+	p.Square(7) // call the function in main executable
+
+	p, err := plugin.Open("issue53989.so")
+	if err != nil {
+		panic(err)
+	}
+	f, err := p.Lookup("Square")
+	if err != nil {
+		panic(err)
+	}
+	f.(func(int))(7) // call the plugin one
+}

misc/cgo/testplugin/testdata/issue53989/p/p.go

@@ -0,0 +1,52 @@
+// Copyright 2022 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package p
+
+import (
+	"fmt"
+	"runtime"
+)
+
+var y int
+
+//go:noinline
+func Square(x int) {
+	var pc0, pc1 [1]uintptr
+	runtime.Callers(1, pc0[:]) // get PC at entry
+
+	// a switch using jump table
+	switch x {
+	case 1:
+		y = 1
+	case 2:
+		y = 4
+	case 3:
+		y = 9
+	case 4:
+		y = 16
+	case 5:
+		y = 25
+	case 6:
+		y = 36
+	case 7:
+		y = 49
+	case 8:
+		y = 64
+	default:
+		panic("too large")
+	}
+
+	// check PC is in the same function
+	runtime.Callers(1, pc1[:])
+	if pc1[0] < pc0[0] || pc1[0] > pc0[0]+1000000 {
+		fmt.Printf("jump across DSO boundary. pc0=%x, pc1=%x\n", pc0[0], pc1[0])
+		panic("FAIL")
+	}
+
+	if y != x*x {
+		fmt.Printf("x=%d y=%d!=%d\n", x, y, x*x)
+		panic("FAIL")
+	}
+}

misc/cgo/testplugin/testdata/issue53989/plugin.go

@@ -0,0 +1,13 @@
+// Copyright 2022 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package main
+
+import "testplugin/issue53989/p"
+
+func Square(x int) { // export Square for plugin
+	p.Square(x)
+}
+
+func main() {}

src/bytes/reader.go

@@ -32,8 +32,7 @@ func (r *Reader) Len() int {
 
 // Size returns the original length of the underlying byte slice.
 // Size is the number of bytes available for reading via ReadAt.
-// The returned value is always the same and is not affected by calls
-// to any other method.
+// The result is unaffected by any method calls except Reset.
 func (r *Reader) Size() int64 { return int64(len(r.s)) }
 
 // Read implements the io.Reader interface.

src/cmd/cgo/out.go

@@ -1653,10 +1653,18 @@ const cStringDef = `
 // freed, such as by calling C.free (be sure to include stdlib.h
 // if C.free is needed).
 func _Cfunc_CString(s string) *_Ctype_char {
+	if len(s)+1 <= 0 {
+		panic("string too large")
+	}
 	p := _cgo_cmalloc(uint64(len(s)+1))
-	pp := (*[1<<30]byte)(p)
-	copy(pp[:], s)
-	pp[len(s)] = 0
+	sliceHeader := struct {
+		p   unsafe.Pointer
+		len int
+		cap int
+	}{p, len(s)+1, len(s)+1}
+	b := *(*[]byte)(unsafe.Pointer(&sliceHeader))
+	copy(b, s)
+	b[len(s)] = 0
 	return (*_Ctype_char)(p)
 }
 `
@@ -1670,8 +1678,13 @@ const cBytesDef = `
 // if C.free is needed).
 func _Cfunc_CBytes(b []byte) unsafe.Pointer {
 	p := _cgo_cmalloc(uint64(len(b)))
-	pp := (*[1<<30]byte)(p)
-	copy(pp[:], b)
+	sliceHeader := struct {
+		p   unsafe.Pointer
+		len int
+		cap int
+	}{p, len(b), len(b)}
+	s := *(*[]byte)(unsafe.Pointer(&sliceHeader))
+	copy(s, b)
 	return p
 }
 `

src/cmd/compile/internal/amd64/versions_test.go

@@ -242,12 +242,31 @@ var featureToOpcodes = map[string][]string{
 	// go tool objdump doesn't include a [QL] on popcnt instructions, until CL 351889
 	// native objdump doesn't include [QL] on linux.
 	"popcnt": {"popcntq", "popcntl", "popcnt"},
-	"bmi1":   {"andnq", "andnl", "andn", "blsiq", "blsil", "blsi", "blsmskq", "blsmskl", "blsmsk", "blsrq", "blsrl", "blsr", "tzcntq", "tzcntl", "tzcnt"},
-	"bmi2":   {"sarxq", "sarxl", "sarx", "shlxq", "shlxl", "shlx", "shrxq", "shrxl", "shrx"},
-	"sse41":  {"roundsd"},
-	"fma":    {"vfmadd231sd"},
-	"movbe":  {"movbeqq", "movbeq", "movbell", "movbel", "movbe"},
-	"lzcnt":  {"lzcntq", "lzcntl", "lzcnt"},
+	"bmi1": {
+		"andnq", "andnl", "andn",
+		"blsiq", "blsil", "blsi",
+		"blsmskq", "blsmskl", "blsmsk",
+		"blsrq", "blsrl", "blsr",
+		"tzcntq", "tzcntl", "tzcnt",
+	},
+	"bmi2": {
+		"sarxq", "sarxl", "sarx",
+		"shlxq", "shlxl", "shlx",
+		"shrxq", "shrxl", "shrx",
+	},
+	"sse41": {
+		"roundsd",
+		"pinsrq", "pinsrl", "pinsrd", "pinsrb", "pinsr",
+		"pextrq", "pextrl", "pextrd", "pextrb", "pextr",
+		"pminsb", "pminsd", "pminuw", "pminud", // Note: ub and sw are ok.
+		"pmaxsb", "pmaxsd", "pmaxuw", "pmaxud",
+		"pmovzxbw", "pmovzxbd", "pmovzxbq", "pmovzxwd", "pmovzxwq", "pmovzxdq",
+		"pmovsxbw", "pmovsxbd", "pmovsxbq", "pmovsxwd", "pmovsxwq", "pmovsxdq",
+		"pblendvb",
+	},
+	"fma":   {"vfmadd231sd"},
+	"movbe": {"movbeqq", "movbeq", "movbell", "movbel", "movbe"},
+	"lzcnt": {"lzcntq", "lzcntl", "lzcnt"},
 }
 
 // Test to use POPCNT instruction, if available

src/cmd/compile/internal/noder/stencil.go

@@ -623,7 +623,7 @@ func checkFetchBody(nameNode *ir.Name) {
 	}
 }
 
-// getInstantiation gets the instantiantion and dictionary of the function or method nameNode
+// getInstantiation gets the instantiation and dictionary of the function or method nameNode
 // with the type arguments shapes. If the instantiated function is not already
 // cached, then it calls genericSubst to create the new instantiation.
 func (g *genInst) getInstantiation(nameNode *ir.Name, shapes []*types.Type, isMeth bool) *instInfo {