justan0th3rstud3nt
/
garble
mirror of https://github.com/burrowers/garble
1
0
Fork 0
Code Issues 1 Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
release-v0.12
ci-test
literalRecheck
v0.12.1
v0.12.0
v0.11.0
v0.10.1
v0.10.0
v0.9.3
v0.9.2
v0.9.1
v0.9.0
v0.8.0
v0.7.2
v0.7.1
v0.7.0
v0.6.0
v0.5.1
v0.5.0
v0.4.0
v0.3.0
v0.2.0
v0.1.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7bb040e635'
${ noResults }
garble/testdata/script/cgo.txtar

123 lines
2.0 KiB
Plaintext
Raw Normal View History Unescape Escape

CI: test on GOARCH=386 Note that this cross-compilation disables cgo by default, and so the cgo.txt test script isn't run on GOARCH=386. That seems fine for now, as the test isn't arch-specific. This testing uncovered one build failure in internal/literals; the comparison between int and math.MaxUint32 is invalid on 32-bit. To fix that build failure, use int64 consistently. One test also incorrectly assumed amd64; it now supports 386 too. For any other architecture, it's being skipped for now. I also had to increase the -race test timeout, as it usually takes 8-9m on GitHub Actions, and the timeout would sometimes trigger. Finally, use "go env" rather than "go version" on CI, which gives us much more useful information, and also includes Go's own version now via GOVERSION. Fixes #426.
3 years ago
[!cgo] skip 'this test requires cgo to be enabled'
initial support for cgo I'm sure that the added test case doesn't cover many edge cases, but it's a start. Fixes #12.
4 years ago
garble build
fix TODOs about code which is now unused The _gomod_.go file inserted by the Go toolchain no longer shows up; it's likely that either the -trimpath or -buildvcs=false flags are preventing that extra bit of work from happening entirely. The modinfo.txt test ensures that we're not breaking, and the inner lines of code weren't hit as part of `go test`. It also appears that we don't need to avoid obfuscating functions defined with an `//export` directive. This is likely because cgo runs as a pre-process step compared to the compiler, so us removing the directive later does not make a difference. We might need to revisit this in the future if we implement obfuscating Go code instead of builds, e.g. `garble export`. Just in case, I've expanded the cgo.txt test to also include one more kind of cgo integration: an "import C" block including a C header file. Either of these changes are slightly risky, as our tests don't cover all edge cases. We've just done a release, so now is the time to try them.
2 years ago
! stderr 'warning' # check that the C toolchain is happy
initial support for cgo I'm sure that the added test case doesn't cover many edge cases, but it's a start. Fixes #12.
4 years ago
exec ./main
test importing a C struct type This seems to work so far, but we weren't testing it. For #384.
3 years ago
cmp stdout main.stdout
obfuscate cgo-generated-Go filenames It's not a problem to leak filenames like _cgo_gotypes.go, but it is a problem when it includes the import path: $ strings main | grep _cgo_gotypes test/main/_cgo_gotypes.go Here, "test/main" is the module path, which we want to hide. We hadn't caught this before because the cgo.txt test did not check that module paths aren't being leaked - it does now. The fix is rather simple; we let printFile handle cgo-generated files. We used to avoid that due to compiler errors, as the compiler only allows some special cgo comment directives to work in cgo-generated code, to prevent misuse in user code. The fix is rather easy: the obfuscated filenames should begin with "_cgo_" to appease the compiler's check.
2 years ago
! binsubstr main$exe 'PortedField' 'test/main'
initial support for cgo I'm sure that the added test case doesn't cover many edge cases, but it's a start. Fixes #12.
4 years ago
[short] stop # no need to verify this with -short
support reverse on packages using cgo The reverse feature relied on `GoFiles` from `go list`, but that list may not be enough to typecheck a package: typecheck error: $WORK/main.go:3:15: undeclared name: longMain `go help list` shows: GoFiles []string // .go source files (excluding CgoFiles, TestGoFiles, XTestGoFiles) CgoFiles []string // .go source files that import "C" CompiledGoFiles []string // .go files presented to compiler (when using -compiled) In other words, to mimic the same list of Go files fed to the compiler, we want CompiledGoFiles. Note that, since the cgo files show up as generated files, we currently do not support reversing their filenames. That is left as a TODO for now. Updates #555.
2 years ago
# Ensure that reversing works with cgo.
env GARBLE_TEST_REVERSING=true
exec ./main
cp stdout reversing.stdout
stdin reversing.stdout
garble reverse .
cmp stdout reversed.stdout
env GARBLE_TEST_REVERSING=false
Strip all filename and position info when -tiny is passed (#128) Co-authored-by: pagran <pagran@protonmail.com> Co-authored-by: lu4p <lu4p@pm.me>
4 years ago
garble -tiny build
exec ./main
test importing a C struct type This seems to work so far, but we weren't testing it. For #384.
3 years ago
cmp stdout main.stdout
Strip all filename and position info when -tiny is passed (#128) Co-authored-by: pagran <pagran@protonmail.com> Co-authored-by: lu4p <lu4p@pm.me>
4 years ago
initial support for cgo I'm sure that the added test case doesn't cover many edge cases, but it's a start. Fixes #12.
4 years ago
go build
fix TODOs about code which is now unused The _gomod_.go file inserted by the Go toolchain no longer shows up; it's likely that either the -trimpath or -buildvcs=false flags are preventing that extra bit of work from happening entirely. The modinfo.txt test ensures that we're not breaking, and the inner lines of code weren't hit as part of `go test`. It also appears that we don't need to avoid obfuscating functions defined with an `//export` directive. This is likely because cgo runs as a pre-process step compared to the compiler, so us removing the directive later does not make a difference. We might need to revisit this in the future if we implement obfuscating Go code instead of builds, e.g. `garble export`. Just in case, I've expanded the cgo.txt test to also include one more kind of cgo integration: an "import C" block including a C header file. Either of these changes are slightly risky, as our tests don't cover all edge cases. We've just done a release, so now is the time to try them.
2 years ago
! stderr 'warning' # check that the C toolchain is happy
initial support for cgo I'm sure that the added test case doesn't cover many edge cases, but it's a start. Fixes #12.
4 years ago
exec ./main
test importing a C struct type This seems to work so far, but we weren't testing it. For #384.
3 years ago
cmp stdout main.stdout
stop loading obfuscated type information from deps If package P1 imports package P2, P1 needs to know which names from P2 weren't obfuscated. For instance, if P2 declares T2 and does "reflect.TypeOf(T2{...})", then P2 won't obfuscate the name T2, and neither should P1. This information should flow from P2 to P1, as P2 builds before P1. We do this via obfuscatedTypesPackage; P1 loads the type information of the obfuscated version of P2, and does a lookup for T2. If T2 exists, then it wasn't obfuscated. This mechanism has served us well, but it has downsides: 1) It wastes CPU; we load the type information for the entire package. 2) It's complex; for instance, we need KnownObjectFiles as an extra. 3) It makes our code harder to understand, as we load both the original and obfuscated type informaiton. Instead, we now have each package record what names were not obfuscated as part of its cachedOuput file. Much like KnownObjectFiles, the map records incrementally through the import graph, to avoid having to load cachedOutput files for indirect dependencies. We shouldn't need to worry about those maps getting large; we only skip obfuscating declared names in a few uncommon scenarios, such as the use of reflection or cgo's "//export". Since go/types is relatively allocation-heavy, and the export files contain a lot of data, we get a nice speed-up: name old time/op new time/op delta Build-16 11.5s ± 2% 11.1s ± 3% -3.77% (p=0.008 n=5+5) name old bin-B new bin-B delta Build-16 5.15M ± 0% 5.15M ± 0% ~ (all equal) name old cached-time/op new cached-time/op delta Build-16 375ms ± 3% 341ms ± 6% -8.96% (p=0.008 n=5+5) name old sys-time/op new sys-time/op delta Build-16 283ms ±17% 289ms ±13% ~ (p=0.841 n=5+5) name old user-time/op new user-time/op delta Build-16 687ms ± 6% 664ms ± 7% ~ (p=0.548 n=5+5) Fixes #456. Updates #475.
2 years ago
binsubstr main$exe 'privateAdd'
initial support for cgo I'm sure that the added test case doesn't cover many edge cases, but it's a start. Fixes #12.
4 years ago
-- go.mod --
make selection of packages configurable via GOPRIVATE Carefully select a default that will do the right thing when inside a module, as well as when building ad-hoc packages. This means we no longer need to look at the compiler's -std flag, which is nice. Also replace foo.com/ with test/, as per golang/go#37641. Fixes #7.
4 years ago
module test/main
testdata: don't let tests rely on rewriting mod files In Go 1.15, if a dependency is required but not listed in go.mod/go.sum, it's resolved and added automatically. This is changing in 1.16. From that release, one will have to explicitly update the mod files via 'go mod tidy' or 'go get'. To get ahead of the curve, start using -mod=readonly to get the same behavior in 1.15, and fix all existing tests. The only tests that failed were imports.txt and syntax.txt, the only ones to require other modules. But since we're here, let's add the 'go' line to all go.mod files as well.
4 years ago
drop support for Go 1.19 Now that we're done with garble v0.9.x, v0.10 will only support Go 1.20 as a minimum version.
1 year ago
go 1.20
initial support for cgo I'm sure that the added test case doesn't cover many edge cases, but it's a start. Fixes #12.
4 years ago
-- main.go --
package main
support reverse on packages using cgo The reverse feature relied on `GoFiles` from `go list`, but that list may not be enough to typecheck a package: typecheck error: $WORK/main.go:3:15: undeclared name: longMain `go help list` shows: GoFiles []string // .go source files (excluding CgoFiles, TestGoFiles, XTestGoFiles) CgoFiles []string // .go source files that import "C" CompiledGoFiles []string // .go files presented to compiler (when using -compiled) In other words, to mimic the same list of Go files fed to the compiler, we want CompiledGoFiles. Note that, since the cgo files show up as generated files, we currently do not support reversing their filenames. That is left as a TODO for now. Updates #555.
2 years ago
func main() {
regularFunc()
cgoFunc()
}
-- regular_main.go --
package main
import (
"fmt"
"os"
"runtime"
)
func regularFunc() {
if os.Getenv("GARBLE_TEST_REVERSING") == "true" {
_, filename, _, _ := runtime.Caller(0)
fmt.Println("regular filename:", filename)
}
}
-- cgo_main.go --
package main
import (
"fmt"
"os"
"os/user"
"runtime"
)
fix a link issue when obfuscating complex cgo packages The added test case, which is obfuscating and linking os/user, would fail before this fix: > garble build [stderr] # test/main /usr/lib/go/pkg/tool/linux_amd64/link: running gcc failed: exit status 1 /usr/bin/ld: $WORK/.tmp/go-link-073246656/go.o: in function `Chz0Yfs2._cgo_cmalloc': go.go:(.text+0x993cc): undefined reference to `Chz0Yfs2.runtime_throw' /usr/bin/ld: $WORK/.tmp/go-link-073246656/go.o: in function `Chz0Yfs2.tDfhQ8uK': go.go:(.text+0x99801): undefined reference to `Chz0Yfs2._cgo_runtime_gostring' /usr/bin/ld: go.go:(.text+0x9982a): undefined reference to `Chz0Yfs2._cgo_runtime_gostring' /usr/bin/ld: go.go:(.text+0x99853): undefined reference to `Chz0Yfs2._cgo_runtime_gostring' collect2: error: ld returned 1 exit status The reason is that we would alter the linkname directives of cgo-generated code, but we would not obfuscate the code itself at all. The generated code would end up being transformed into: //go:linkname zh_oKZIy runtime.throw func runtime_throw(string) One can clearly see the error there; handleDirectives obfuscated the local linkname name, but since transformGo didn't run, the actual Go declaration was not obfuscated in the same way. Thus, the linker fails to find a function body for runtime_throw, and fails. The solution is simple: handleDirectives assumes that it's running on code being obfuscated, so only run it when transformGo is running. We can also remove the cgo skip check in handleDirectives, as it never runs on cgo-generated code now. Fixes a number of build errors that have been noticed since 907aebd770.
3 years ago
initial support for cgo I'm sure that the added test case doesn't cover many edge cases, but it's a start. Fixes #12.
4 years ago
/*
fix TODOs about code which is now unused The _gomod_.go file inserted by the Go toolchain no longer shows up; it's likely that either the -trimpath or -buildvcs=false flags are preventing that extra bit of work from happening entirely. The modinfo.txt test ensures that we're not breaking, and the inner lines of code weren't hit as part of `go test`. It also appears that we don't need to avoid obfuscating functions defined with an `//export` directive. This is likely because cgo runs as a pre-process step compared to the compiler, so us removing the directive later does not make a difference. We might need to revisit this in the future if we implement obfuscating Go code instead of builds, e.g. `garble export`. Just in case, I've expanded the cgo.txt test to also include one more kind of cgo integration: an "import C" block including a C header file. Either of these changes are slightly risky, as our tests don't cover all edge cases. We've just done a release, so now is the time to try them.
2 years ago
#include "separate.h"
initial support for cgo I'm sure that the added test case doesn't cover many edge cases, but it's a start. Fixes #12.
4 years ago
static int privateAdd(int a, int b) {
return a + b;
}
keep cgo-exported Go names non-obfuscated Otherwise, the added test case would fail, as we don't modify the C code and so there would be a name mismatch. In the far future we might start modifying Go names in C code, similar to what we did for Go assembly, but right now that seems out of scope and too complex. An easier fix is to simply record those (hopefully few) names in ignoreObjects. While at it, recordReflectArgs started to really outgrow its name, as it also collected expressions used as constants for literal obfuscation. Give it a better name. Fixes #366.
3 years ago
extern void goCallback();
static void callGoCallback() {
goCallback();
fix TODOs about code which is now unused The _gomod_.go file inserted by the Go toolchain no longer shows up; it's likely that either the -trimpath or -buildvcs=false flags are preventing that extra bit of work from happening entirely. The modinfo.txt test ensures that we're not breaking, and the inner lines of code weren't hit as part of `go test`. It also appears that we don't need to avoid obfuscating functions defined with an `//export` directive. This is likely because cgo runs as a pre-process step compared to the compiler, so us removing the directive later does not make a difference. We might need to revisit this in the future if we implement obfuscating Go code instead of builds, e.g. `garble export`. Just in case, I've expanded the cgo.txt test to also include one more kind of cgo integration: an "import C" block including a C header file. Either of these changes are slightly risky, as our tests don't cover all edge cases. We've just done a release, so now is the time to try them.
2 years ago
separateFunction();
keep cgo-exported Go names non-obfuscated Otherwise, the added test case would fail, as we don't modify the C code and so there would be a name mismatch. In the far future we might start modifying Go names in C code, similar to what we did for Go assembly, but right now that seems out of scope and too complex. An easier fix is to simply record those (hopefully few) names in ignoreObjects. While at it, recordReflectArgs started to really outgrow its name, as it also collected expressions used as constants for literal obfuscation. Give it a better name. Fixes #366.
3 years ago
}
test importing a C struct type This seems to work so far, but we weren't testing it. For #384.
3 years ago
struct portedStruct {
stop loading obfuscated type information from deps If package P1 imports package P2, P1 needs to know which names from P2 weren't obfuscated. For instance, if P2 declares T2 and does "reflect.TypeOf(T2{...})", then P2 won't obfuscate the name T2, and neither should P1. This information should flow from P2 to P1, as P2 builds before P1. We do this via obfuscatedTypesPackage; P1 loads the type information of the obfuscated version of P2, and does a lookup for T2. If T2 exists, then it wasn't obfuscated. This mechanism has served us well, but it has downsides: 1) It wastes CPU; we load the type information for the entire package. 2) It's complex; for instance, we need KnownObjectFiles as an extra. 3) It makes our code harder to understand, as we load both the original and obfuscated type informaiton. Instead, we now have each package record what names were not obfuscated as part of its cachedOuput file. Much like KnownObjectFiles, the map records incrementally through the import graph, to avoid having to load cachedOutput files for indirect dependencies. We shouldn't need to worry about those maps getting large; we only skip obfuscating declared names in a few uncommon scenarios, such as the use of reflection or cgo's "//export". Since go/types is relatively allocation-heavy, and the export files contain a lot of data, we get a nice speed-up: name old time/op new time/op delta Build-16 11.5s ± 2% 11.1s ± 3% -3.77% (p=0.008 n=5+5) name old bin-B new bin-B delta Build-16 5.15M ± 0% 5.15M ± 0% ~ (all equal) name old cached-time/op new cached-time/op delta Build-16 375ms ± 3% 341ms ± 6% -8.96% (p=0.008 n=5+5) name old sys-time/op new sys-time/op delta Build-16 283ms ±17% 289ms ±13% ~ (p=0.841 n=5+5) name old user-time/op new user-time/op delta Build-16 687ms ± 6% 664ms ± 7% ~ (p=0.548 n=5+5) Fixes #456. Updates #475.
2 years ago
char* PortedField;
test importing a C struct type This seems to work so far, but we weren't testing it. For #384.
3 years ago
};
initial support for cgo I'm sure that the added test case doesn't cover many edge cases, but it's a start. Fixes #12.
4 years ago
*/
import "C"
support reverse on packages using cgo The reverse feature relied on `GoFiles` from `go list`, but that list may not be enough to typecheck a package: typecheck error: $WORK/main.go:3:15: undeclared name: longMain `go help list` shows: GoFiles []string // .go source files (excluding CgoFiles, TestGoFiles, XTestGoFiles) CgoFiles []string // .go source files that import "C" CompiledGoFiles []string // .go files presented to compiler (when using -compiled) In other words, to mimic the same list of Go files fed to the compiler, we want CompiledGoFiles. Note that, since the cgo files show up as generated files, we currently do not support reversing their filenames. That is left as a TODO for now. Updates #555.
2 years ago
func cgoFunc() {
test importing a C struct type This seems to work so far, but we weren't testing it. For #384.
3 years ago
fmt.Println(C.privateAdd(C.int(1), C.int(2)))
fix a link issue when obfuscating complex cgo packages The added test case, which is obfuscating and linking os/user, would fail before this fix: > garble build [stderr] # test/main /usr/lib/go/pkg/tool/linux_amd64/link: running gcc failed: exit status 1 /usr/bin/ld: $WORK/.tmp/go-link-073246656/go.o: in function `Chz0Yfs2._cgo_cmalloc': go.go:(.text+0x993cc): undefined reference to `Chz0Yfs2.runtime_throw' /usr/bin/ld: $WORK/.tmp/go-link-073246656/go.o: in function `Chz0Yfs2.tDfhQ8uK': go.go:(.text+0x99801): undefined reference to `Chz0Yfs2._cgo_runtime_gostring' /usr/bin/ld: go.go:(.text+0x9982a): undefined reference to `Chz0Yfs2._cgo_runtime_gostring' /usr/bin/ld: go.go:(.text+0x99853): undefined reference to `Chz0Yfs2._cgo_runtime_gostring' collect2: error: ld returned 1 exit status The reason is that we would alter the linkname directives of cgo-generated code, but we would not obfuscate the code itself at all. The generated code would end up being transformed into: //go:linkname zh_oKZIy runtime.throw func runtime_throw(string) One can clearly see the error there; handleDirectives obfuscated the local linkname name, but since transformGo didn't run, the actual Go declaration was not obfuscated in the same way. Thus, the linker fails to find a function body for runtime_throw, and fails. The solution is simple: handleDirectives assumes that it's running on code being obfuscated, so only run it when transformGo is running. We can also remove the cgo skip check in handleDirectives, as it never runs on cgo-generated code now. Fixes a number of build errors that have been noticed since 907aebd770.
3 years ago
_, _ = user.Current()
keep cgo-exported Go names non-obfuscated Otherwise, the added test case would fail, as we don't modify the C code and so there would be a name mismatch. In the far future we might start modifying Go names in C code, similar to what we did for Go assembly, but right now that seems out of scope and too complex. An easier fix is to simply record those (hopefully few) names in ignoreObjects. While at it, recordReflectArgs started to really outgrow its name, as it also collected expressions used as constants for literal obfuscation. Give it a better name. Fixes #366.
3 years ago
stop loading obfuscated type information from deps If package P1 imports package P2, P1 needs to know which names from P2 weren't obfuscated. For instance, if P2 declares T2 and does "reflect.TypeOf(T2{...})", then P2 won't obfuscate the name T2, and neither should P1. This information should flow from P2 to P1, as P2 builds before P1. We do this via obfuscatedTypesPackage; P1 loads the type information of the obfuscated version of P2, and does a lookup for T2. If T2 exists, then it wasn't obfuscated. This mechanism has served us well, but it has downsides: 1) It wastes CPU; we load the type information for the entire package. 2) It's complex; for instance, we need KnownObjectFiles as an extra. 3) It makes our code harder to understand, as we load both the original and obfuscated type informaiton. Instead, we now have each package record what names were not obfuscated as part of its cachedOuput file. Much like KnownObjectFiles, the map records incrementally through the import graph, to avoid having to load cachedOutput files for indirect dependencies. We shouldn't need to worry about those maps getting large; we only skip obfuscating declared names in a few uncommon scenarios, such as the use of reflection or cgo's "//export". Since go/types is relatively allocation-heavy, and the export files contain a lot of data, we get a nice speed-up: name old time/op new time/op delta Build-16 11.5s ± 2% 11.1s ± 3% -3.77% (p=0.008 n=5+5) name old bin-B new bin-B delta Build-16 5.15M ± 0% 5.15M ± 0% ~ (all equal) name old cached-time/op new cached-time/op delta Build-16 375ms ± 3% 341ms ± 6% -8.96% (p=0.008 n=5+5) name old sys-time/op new sys-time/op delta Build-16 283ms ±17% 289ms ±13% ~ (p=0.841 n=5+5) name old user-time/op new user-time/op delta Build-16 687ms ± 6% 664ms ± 7% ~ (p=0.548 n=5+5) Fixes #456. Updates #475.
2 years ago
st := C.struct_portedStruct{}
fmt.Println(st.PortedField == nil)
test importing a C struct type This seems to work so far, but we weren't testing it. For #384.
3 years ago
keep cgo-exported Go names non-obfuscated Otherwise, the added test case would fail, as we don't modify the C code and so there would be a name mismatch. In the far future we might start modifying Go names in C code, similar to what we did for Go assembly, but right now that seems out of scope and too complex. An easier fix is to simply record those (hopefully few) names in ignoreObjects. While at it, recordReflectArgs started to really outgrow its name, as it also collected expressions used as constants for literal obfuscation. Give it a better name. Fixes #366.
3 years ago
C.callGoCallback()
}
//export goCallback
func goCallback() {
test importing a C struct type This seems to work so far, but we weren't testing it. For #384.
3 years ago
fmt.Println("go callback")
support reverse on packages using cgo The reverse feature relied on `GoFiles` from `go list`, but that list may not be enough to typecheck a package: typecheck error: $WORK/main.go:3:15: undeclared name: longMain `go help list` shows: GoFiles []string // .go source files (excluding CgoFiles, TestGoFiles, XTestGoFiles) CgoFiles []string // .go source files that import "C" CompiledGoFiles []string // .go files presented to compiler (when using -compiled) In other words, to mimic the same list of Go files fed to the compiler, we want CompiledGoFiles. Note that, since the cgo files show up as generated files, we currently do not support reversing their filenames. That is left as a TODO for now. Updates #555.
2 years ago
// TODO: support reversing filenames in cgo files
if false && os.Getenv("GARBLE_TEST_REVERSING") == "true" {
_, filename, _, _ := runtime.Caller(0)
fmt.Println("cgo filename:", filename)
}
initial support for cgo I'm sure that the added test case doesn't cover many edge cases, but it's a start. Fixes #12.
4 years ago
}
fix TODOs about code which is now unused The _gomod_.go file inserted by the Go toolchain no longer shows up; it's likely that either the -trimpath or -buildvcs=false flags are preventing that extra bit of work from happening entirely. The modinfo.txt test ensures that we're not breaking, and the inner lines of code weren't hit as part of `go test`. It also appears that we don't need to avoid obfuscating functions defined with an `//export` directive. This is likely because cgo runs as a pre-process step compared to the compiler, so us removing the directive later does not make a difference. We might need to revisit this in the future if we implement obfuscating Go code instead of builds, e.g. `garble export`. Just in case, I've expanded the cgo.txt test to also include one more kind of cgo integration: an "import C" block including a C header file. Either of these changes are slightly risky, as our tests don't cover all edge cases. We've just done a release, so now is the time to try them.
2 years ago
-- separate.h --
void separateFunction();
-- separate.c --
#include "_cgo_export.h"
void separateFunction() {
goCallback();
}
test importing a C struct type This seems to work so far, but we weren't testing it. For #384.
3 years ago
-- main.stdout --
initial support for cgo I'm sure that the added test case doesn't cover many edge cases, but it's a start. Fixes #12.
4 years ago
3
stop loading obfuscated type information from deps If package P1 imports package P2, P1 needs to know which names from P2 weren't obfuscated. For instance, if P2 declares T2 and does "reflect.TypeOf(T2{...})", then P2 won't obfuscate the name T2, and neither should P1. This information should flow from P2 to P1, as P2 builds before P1. We do this via obfuscatedTypesPackage; P1 loads the type information of the obfuscated version of P2, and does a lookup for T2. If T2 exists, then it wasn't obfuscated. This mechanism has served us well, but it has downsides: 1) It wastes CPU; we load the type information for the entire package. 2) It's complex; for instance, we need KnownObjectFiles as an extra. 3) It makes our code harder to understand, as we load both the original and obfuscated type informaiton. Instead, we now have each package record what names were not obfuscated as part of its cachedOuput file. Much like KnownObjectFiles, the map records incrementally through the import graph, to avoid having to load cachedOutput files for indirect dependencies. We shouldn't need to worry about those maps getting large; we only skip obfuscating declared names in a few uncommon scenarios, such as the use of reflection or cgo's "//export". Since go/types is relatively allocation-heavy, and the export files contain a lot of data, we get a nice speed-up: name old time/op new time/op delta Build-16 11.5s ± 2% 11.1s ± 3% -3.77% (p=0.008 n=5+5) name old bin-B new bin-B delta Build-16 5.15M ± 0% 5.15M ± 0% ~ (all equal) name old cached-time/op new cached-time/op delta Build-16 375ms ± 3% 341ms ± 6% -8.96% (p=0.008 n=5+5) name old sys-time/op new sys-time/op delta Build-16 283ms ±17% 289ms ±13% ~ (p=0.841 n=5+5) name old user-time/op new user-time/op delta Build-16 687ms ± 6% 664ms ± 7% ~ (p=0.548 n=5+5) Fixes #456. Updates #475.
2 years ago
true
keep cgo-exported Go names non-obfuscated Otherwise, the added test case would fail, as we don't modify the C code and so there would be a name mismatch. In the far future we might start modifying Go names in C code, similar to what we did for Go assembly, but right now that seems out of scope and too complex. An easier fix is to simply record those (hopefully few) names in ignoreObjects. While at it, recordReflectArgs started to really outgrow its name, as it also collected expressions used as constants for literal obfuscation. Give it a better name. Fixes #366.
3 years ago
go callback
fix TODOs about code which is now unused The _gomod_.go file inserted by the Go toolchain no longer shows up; it's likely that either the -trimpath or -buildvcs=false flags are preventing that extra bit of work from happening entirely. The modinfo.txt test ensures that we're not breaking, and the inner lines of code weren't hit as part of `go test`. It also appears that we don't need to avoid obfuscating functions defined with an `//export` directive. This is likely because cgo runs as a pre-process step compared to the compiler, so us removing the directive later does not make a difference. We might need to revisit this in the future if we implement obfuscating Go code instead of builds, e.g. `garble export`. Just in case, I've expanded the cgo.txt test to also include one more kind of cgo integration: an "import C" block including a C header file. Either of these changes are slightly risky, as our tests don't cover all edge cases. We've just done a release, so now is the time to try them.
2 years ago
go callback
support reverse on packages using cgo The reverse feature relied on `GoFiles` from `go list`, but that list may not be enough to typecheck a package: typecheck error: $WORK/main.go:3:15: undeclared name: longMain `go help list` shows: GoFiles []string // .go source files (excluding CgoFiles, TestGoFiles, XTestGoFiles) CgoFiles []string // .go source files that import "C" CompiledGoFiles []string // .go files presented to compiler (when using -compiled) In other words, to mimic the same list of Go files fed to the compiler, we want CompiledGoFiles. Note that, since the cgo files show up as generated files, we currently do not support reversing their filenames. That is left as a TODO for now. Updates #555.
2 years ago
-- reversed.stdout --
regular filename: test/main/regular_main.go
3
true
go callback
go callback