Merged
Conversation
Member
bradfitz
commented
Apr 7, 2026
bradfitz
commented
- [release-branch.go1.26] runtime: fix printfloat, printcomplex buffer sizes
- [release-branch.go1.26] cmd/compile: fix bloop test
- [release-branch.go1.26] cmd/compile/internal/typecheck: simplify tcSliceHeader
- [release-branch.go1.26] net: correctly handle non-nil empty cmsg buffer on windows
- [release-branch.go1.26] net/http: restore accidentally removed package doc
- [release-branch.go1.26] runtime/poll: fix race condition in Window's SendFile
- [release-branch.go1.26] cmd/go/internal/cache: update trim timestamp before trimming
- [release-branch.go1.26] test/convert5: skip mipsle
- [release-branch.go1.26] internal/poll: move rsan to heap on windows
- [release-branch.go1.26] builtin: update new function comment
- [release-branch.go1.26] builtin: incorporate all feedback into doc string for new
- [release-branch.go1.26] cmd/fix: pull in CL 755980
- [release-branch.go1.26] doc: remove template use in godebug.md
- [release-branch.go1.26] test/fixedbugs: remove issue46234 test timeout
- [release-branch.go1.26] runtime: fix value of ENOSYS on mips from 38 to 89
- [release-branch.go1.26] cmd/compile: gate instrumentEnterExit on NoRaceFunc check
- [release-branch.go1.26] cmd/compile: skip race detector test failure for unsupported VMA
- [release-branch.go1.26] cmd/compile: ternary rewrite of rewrite should skip, not panic
- [release-branch.go1.26] net/url: reattach package doc comment
- [release-branch.go1.26] cmd/compile: handle zero-sized values more generally
- [release-branch.go1.26] cmd/compile: treat all zero-sized values as SSA-able
- [release-branch.go1.26] cmd/compile: fix internal compiler error: bad write barrier type
- [release-branch.go1.26] cmd/link: skip special symbols for label symbol generation
- [release-branch.go1.26] runtime/race: apply LLVM zero-initialization fix
- [release-branch.go1.26] crypto/x509: hoist policy pruning out of loop
- [release-branch.go1.26] crypto/x509: fix signature checking limit
- [release-branch.go1.26] net/url: permit colons in the host subcomponent of non-http/https URLs
- [release-branch.go1.26] internal/syscall/unix: properly support AT_SYMLINK_NOFOLLOW on Linux
- [release-branch.go1.26] html/template: properly track JS template literal brace depth across contexts
- [release-branch.go1.26] crypto/x509: fix wildcard constraint map case sensitivity
- [release-branch.go1.26] cmd/compile: fix mem access overlap detection
- [release-branch.go1.26] cmd/compile: fix loopbce overflow check logic
- [release-branch.go1.26] archive/tar: limit the number of old GNU sparse format entries
- [release-branch.go1.26] crypto/tls: prevent deadlock when client sends multiple key update messages
- [release-branch.go1.26] cmd/go: disallow cgo trust boundary bypass
- [release-branch.go1.26] go1.26.2
…sizes The buffers added in CL 716002 for printfloat64 and printcomplex128 are too small to fit the longest formatted values. For values that are too long, AppendFloat allocates, which may cause a crash for prints in places in the runtime where allocation is not allowed. Updates golang#77854. Fixes golang#77856. Change-Id: I6a6a636cc2fc5cae9fda25f10b28fd641aa1ff28 Reviewed-on: https://go-review.googlesource.com/c/go/+/749947 Reviewed-by: Russ Cox <rsc@golang.org> Auto-Submit: Michael Pratt <mpratt@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Michael Knyszek <mknyszek@google.com> (cherry picked from commit cc1241f) Reviewed-on: https://go-review.googlesource.com/c/go/+/750760 Reviewed-by: Mark Freeman <markfreeman@google.com> Reviewed-by: Cherry Mui <cherryyz@google.com>
Backport of CL 749660. It isn't a simple cherry pick because there was a refactor at tip. Fixes golang#77838 Change-Id: I761c441e82d41d1a7d7c91313401913bb5454546 Reviewed-on: https://go-review.googlesource.com/c/go/+/751240 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Junyang Shao <shaojunyang@google.com> Reviewed-by: Keith Randall <khr@google.com>
…iceHeader types2 handles all constant-related bounds checks in user Go code now, so it's safe to remove all constants checking in tcSliceHeader function. Fixed golang#77922 Change-Id: Ibc137c84792d4898eb073cdeabac175684f73746 Reviewed-on: https://go-review.googlesource.com/c/go/+/751040 Reviewed-by: Keith Randall <khr@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Cherry Mui <cherryyz@google.com> Reviewed-by: Keith Randall <khr@golang.org> Auto-Submit: Cuong Manh Le <cuong.manhle.vn@gmail.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/753601 Reviewed-by: Mark Freeman <markfreeman@google.com>
…er on windows Updates golang#77875 Fixes golang#77885 Change-Id: I0ed91be7ed10c04ddea3af55548a8dbf0be5f3a8 Reviewed-on: https://go-review.googlesource.com/c/go/+/750420 Reviewed-by: Quim Muntal <quimmuntal@gmail.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: David Chase <drchase@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> (cherry picked from commit 9e0b568) Reviewed-on: https://go-review.googlesource.com/c/go/+/753060 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
…e doc Remove a blank line which accidentally crept in between the package doc comment and the package line. For golang#77948 Fixes golang#77950 Change-Id: I6b513c1e9ea97d2a4b3c6f7b9b10092a6a6a6964 Reviewed-on: https://go-review.googlesource.com/c/go/+/751463 Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Cherry Mui <cherryyz@google.com>
…SendFile The destination of SendFile is a socket, which doesn't support file offsets. There is no need to keep track of the file offset, and doing so causes a race between SendFile and Read. While here, make sure that SendFile tests do call poll.SendFile. Updates golang#78015 Fixes golang#78019 Change-Id: I8cce45c0c110e848d9bdbc5ba340b92ca041f0a4 Reviewed-on: https://go-review.googlesource.com/c/go/+/752860 Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Alex Brainman <alex.brainman@gmail.com> Reviewed-by: Mark Freeman <markfreeman@google.com> (cherry picked from commit d3651c5) Reviewed-on: https://go-review.googlesource.com/c/go/+/754082 Reviewed-by: Cherry Mui <cherryyz@google.com>
…before trimming This reduces the chance that multiple go commands running in CI will try to trim at the same time, causing contention and slowing things down. For golang#76314 Fixes golang#78058 Change-Id: I3edf818fc9583795f3f51b715fdbe75b6a6a6964 Reviewed-on: https://go-review.googlesource.com/c/go/+/753240 Reviewed-by: Michael Matloob <matloob@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Michael Matloob <matloob@google.com> Reviewed-by: Alan Donovan <adonovan@google.com> (cherry picked from commit 2a5890c) Reviewed-on: https://go-review.googlesource.com/c/go/+/753701 Reviewed-by: Mark Freeman <markfreeman@google.com> Reviewed-by: Cherry Mui <cherryyz@google.com>
It's broken on 32-bit architectures, and mips (be) has been in the skip list. mipsle is somehow forgotten, so add it. Updates golang#67304 Fixes golang#77836 Change-Id: I6d12185c21c37d0524d245e0a7025e30add1fb6b Reviewed-on: https://go-review.googlesource.com/c/go/+/743740 Reviewed-by: Julian Zhu <jz531210@gmail.com> Reviewed-by: Keith Randall <khr@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> (cherry picked from commit d3ddc48) Reviewed-on: https://go-review.googlesource.com/c/go/+/749620 Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
According to https://learn.microsoft.com/en-us/windows/win32/api/winsock2/nf-winsock2-wsarecvfrom, the memory pointed to by lpFromlen must remain available during the overlapped I/O, and therefore cannot be allocated on the stack. CL 685417 moved the rsan field out of the operation struct and placed it on stack, which violates the above requirement and causes stack corruption. Unfortunately, it is no longer possible to cleanly revert CL 685417. Instead of attempting to revert it, this CL bundles rsan together with rsa in the same sync.Pool. The new wsaRsa struct is still in the same size class, so no additional overhead is introduced by this change. Fixes golang#78041. Change-Id: I5ffbccb332515116ddc03fb7c40ffc9293cad2ab Reviewed-on: https://go-review.googlesource.com/c/go/+/753040 Reviewed-by: Quim Muntal <quimmuntal@gmail.com> Reviewed-by: Cherry Mui <cherryyz@google.com> Commit-Queue: Cherry Mui <cherryyz@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/753480 Reviewed-by: Mark Freeman <markfreeman@google.com>
The function comment for new does not reflect the recent change in behaviour since Go 1.26. For golang#77584. For golang#77586. Change-Id: I501d701adb5a1c2ff4b559c243ba07bbef4940d9 Reviewed-on: https://go-review.googlesource.com/c/go/+/746561 Reviewed-by: Alan Donovan <adonovan@google.com> Auto-Submit: Alan Donovan <adonovan@google.com> Reviewed-by: Michael Podtserkovskii <michaelpo@meta.com> Reviewed-by: David Chase <drchase@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> (cherry picked from commit 8d5e574) Reviewed-on: https://go-review.googlesource.com/c/go/+/758220 Auto-Submit: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Robert Griesemer <gri@google.com>
…ring for new The previously submitted CL didn't include some of the feedback that was provided on the CL. Specifically, it didn't mention the behavior of `new` for untyped constant arguments. For golang#77584. Fixes golang#77586. Change-Id: I1668a79a655246e5a55a4741a6c564b7dd6707c3 Reviewed-on: https://go-review.googlesource.com/c/go/+/749061 Reviewed-by: Robert Griesemer <gri@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Alan Donovan <adonovan@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> (cherry picked from commit 5c7d8a3) Reviewed-on: https://go-review.googlesource.com/c/go/+/758221 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
Fixes golang#78191. [git-generate] cd src/cmd go get golang.org/x/tools@internal-branch.go1.26-vendor # v0.39.1-0.20260323181443-4f499ecaa91d go mod tidy go mod vendor Change-Id: I1162398e037c774f71421ede8c6ae8656a54eea6 Reviewed-on: https://go-review.googlesource.com/c/go/+/758300 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Alan Donovan <adonovan@google.com> Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
This file used to be implicitly a template prior to CL 733500, but now it's no longer a template. The only template use here can be trivially expressed with pure Markdown syntax, so do that. (The alternative path would be to set 'template: true' explicitly.) For golang#78211. Fixes golang#78253. Change-Id: I66970f0d081b4e80e8d330330ad17a5702364391 Reviewed-on: https://go-review.googlesource.com/c/go/+/756560 Reviewed-by: Carlos Amedee <carlos@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Sean Liao <sean@liao.dev> (cherry picked from commit f9bdf58) Reviewed-on: https://go-review.googlesource.com/c/go/+/757420 Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
issue46234 is flaky on slow machines due to the possibility of running into the constant timeout. Delete it in favor of timeouts applied at a higher level. Note that that test timeout already got increased from 30s to 45s in CL 382774, but it was still not enough. For golang#50973. Fixes golang#78319. Cq-Include-Trybots: luci.golang.try:go1.26-darwin-amd64_15,go1.26-darwin-amd64_14 Change-Id: I809249a05c6ca65fb6c44375c8de5758f21dbb91 Reviewed-on: https://go-review.googlesource.com/c/go/+/747520 Auto-Submit: Quim Muntal <quimmuntal@gmail.com> Reviewed-by: Cherry Mui <cherryyz@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> (cherry picked from commit b0057a4) Reviewed-on: https://go-review.googlesource.com/c/go/+/758640 Reviewed-by: David Chase <drchase@google.com> Auto-Submit: Dmitri Shuralyov <dmitshur@google.com> TryBot-Bypass: Dmitri Shuralyov <dmitshur@golang.org>
…to 89 Fixes golang#77731 Change-Id: Iaca444e2d5f9e19fd2de38414b357b41471a668c Reviewed-on: https://go-review.googlesource.com/c/go/+/747663 Reviewed-by: Carlos Amedee <carlos@golang.org> Auto-Submit: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Mark Freeman <markfreeman@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
…ceFunc check The NoRaceFunc flag is meant to suppress racefuncenter/racefuncexit instrumentation for packages like internal/runtime/atomic. However, instrumentEnterExit was set unconditionally when -race was enabled, outside the NoRaceFunc guard. This caused generic functions from NoRaceFunc packages (e.g. atomic.(*Pointer[T]).Store) to receive racefuncenter calls when instantiated in other packages, leading to a segfault during early runtime init before the race runtime is ready. Move the instrumentEnterExit assignment inside the NoRaceFunc check so both memory and enter/exit instrumentation are suppressed together. Fixes golang#77799 Change-Id: Id03bb9c422d36e2e88ecdf165ad3b1a4700a935c Reviewed-on: https://go-review.googlesource.com/c/go/+/748260 Auto-Submit: Keith Randall <khr@golang.org> Reviewed-by: David Chase <drchase@google.com> Reviewed-by: Keith Randall <khr@golang.org> Reviewed-by: Keith Randall <khr@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> (cherry picked from commit 7622275) Reviewed-on: https://go-review.googlesource.com/c/go/+/752360 Reviewed-by: Derek Parker <parkerderek86@gmail.com> Reviewed-by: Mark Freeman <markfreeman@google.com> Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
…for unsupported VMA For golang#77799. For golang#78219. Change-Id: I021df668bfc18081e71faaab2e4bad607873bf4d Reviewed-on: https://go-review.googlesource.com/c/go/+/756780 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Meidan Li <limeidan@loongson.cn> Reviewed-by: Robert Griesemer <gri@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> (cherry picked from commit 9ec1d8f) Reviewed-on: https://go-review.googlesource.com/c/go/+/759161 Auto-Submit: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Cherry Mui <cherryyz@google.com>
…d skip, not panic The panic was unnecessary, if there's nothing to rewrite, just do nothing. Added a debug message for this to help with testing; it seems (from accidentally perturbing the test away from failure) to be somewhat rare, so likely okay to mingle with the other debugging output. Fixes golang#77773. Change-Id: I676396f4bb530cb6b55dfe543ad489f84710900d Reviewed-on: https://go-review.googlesource.com/c/go/+/749241 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Keith Randall <khr@google.com> Reviewed-by: Cherry Mui <cherryyz@google.com> (cherry picked from commit 89d92fc) Reviewed-on: https://go-review.googlesource.com/c/go/+/750860 Reviewed-by: Mark Freeman <markfreeman@google.com> Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
Fixes golang#78330 For golang#78326 Change-Id: I70a411c33820f6498bec5f4e4a4ec7666a6a6964 Reviewed-on: https://go-review.googlesource.com/c/go/+/758880 Auto-Submit: Nicholas Husin <nsh@golang.org> Reviewed-by: Nicholas Husin <husin@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Nicholas Husin <nsh@golang.org> (cherry picked from commit fb592a1) Reviewed-on: https://go-review.googlesource.com/c/go/+/758921 Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
…nerally Introduce a new zero-arg op, Empty, which builds a zero-sized value. This is like ArrayMake0 but can make more general zero-sized values, like those of type [2][0]int. Needed for the subsequent CL. Update golang#77809 Change-Id: If928e9677be5d40a4e2d7501dada66e062319711 Reviewed-on: https://go-review.googlesource.com/c/go/+/747761 Reviewed-by: Junyang Shao <shaojunyang@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: David Chase <drchase@google.com> (cherry picked from commit b48b200) Reviewed-on: https://go-review.googlesource.com/c/go/+/749063 Reviewed-by: Keith Randall <khr@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
…SA-able Might as well, we don't need any registers for such values. Update golang#77809 Change-Id: Iedc1bc3f13662b043b183228bcc1dc4e6c91da81 Reviewed-on: https://go-review.googlesource.com/c/go/+/747780 Reviewed-by: Junyang Shao <shaojunyang@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: David Chase <drchase@google.com> (cherry picked from commit 0886e65) Reviewed-on: https://go-review.googlesource.com/c/go/+/749064 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Auto-Submit: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Keith Randall <khr@google.com>
… write barrier type This change fixes an issue where the compiler panics with 'bad write barrier type' for zero-sized arrays. The loops in storeTypeScalars and storeTypePtrs erroneously processed zero-sized arrays causing invalid operations. This ignores them. Fixes golang#77809 Change-Id: I0db1b924fc63a75f1bed7488e2dc54d2de5dc0b2 Reviewed-on: https://go-review.googlesource.com/c/go/+/749380 Reviewed-by: Keith Randall <khr@google.com> Auto-Submit: Keith Randall <khr@golang.org> Reviewed-by: David Chase <drchase@google.com> Reviewed-by: Keith Randall <khr@golang.org> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> (cherry picked from commit 244b156) Reviewed-on: https://go-review.googlesource.com/c/go/+/750823 Reviewed-by: Mark Freeman <markfreeman@google.com> Auto-Submit: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Cherry Mui <cherryyz@google.com>
…ol generation Some special symbols, e.g. funcdata symbols, don't have a section set, because they are laid out as part of the top-level go:func.* symbol. Similarly, other non-top-level symbols are part of some top-level symbols. There is no relocation directly targetting those symbols, so there is no need to generate label symbols for them. Updates golang#77593. Fixes golang#78239. (No in-tree test as it needs a function with very large funcdata.) Change-Id: I4aac4d0438bd64ac60b9baa3c2c66bb11f03c404 Reviewed-on: https://go-review.googlesource.com/c/go/+/756060 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Ian Lance Taylor <iant@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> (cherry picked from commit 0520d3f) Reviewed-on: https://go-review.googlesource.com/c/go/+/759180 Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
Upstream TSAN had bug that could result in use of uninitialized memory on Go threads that don't have any TSAN events. For example, if the thread only ever runs the GC. This bug was fixed upstream in llvm/llvm-project@cdfdb06. In https://go.dev/issue/78059 we have reports of actual Go crashes due to this bug. Update the prebuilt race sysos to incorporate this fix. The fix is applied as a single patch on top of the existing LLVM revisions to minimize risk of this CL, making it safe to backport. A later CL can update to a newer version of LLVM. Note that all of the patch files are identical. CL 756620 makes racebuild add a unique patch file for each architecture in the event that some arches need distinct patches. linux-loong64 failed race.bash when building the new syso, though they were just timeouts, perhaps from a slow builder. linux-riscv64 is not updated because its builder is too slow (https://go.dev/issue/78258). linux-ppc64le is not updated because its builder is missing curl (https://go.dev/issue/78210). openbsd-amd64 is not updated because its builder is missing unzip (https://go.dev/issue/78212). netbsd-amd64 is not updated because it does not have a LUCI builder (https://go.dev/issue/61121). For golang#78059. Fixes golang#78087. Cq-Include-Trybots: luci.golang.try:go1.26-linux-amd64-longtest-race,go1.26-darwin-arm64-race,go1.26-darwin-amd64-race,go1.26-freebsd-amd64-race,go1.26-windows-amd64-race,go1.26-linux-s390x-race,go1.26-linux-arm64-race,go1.26-linux-loong64 Change-Id: I5404cb88af9d86b56b385801f8a9ed106a6a6964 Reviewed-on: https://go-review.googlesource.com/c/go/+/757521 Reviewed-by: Carlos Amedee <carlos@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com> TryBot-Bypass: Michael Pratt <mpratt@google.com> (cherry picked from commit 325eedb) Reviewed-on: https://go-review.googlesource.com/c/go/+/758161 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
We only need to do this once, not once per mapping. Thanks to Jakub Ciolek for reporting this issue. Updates golang#78281 Fixes golang#78360 Fixes CVE-2026-32281 Change-Id: Ic26f5f14d2a5e42ca8c24b8ae47bc3c5cc601863 Reviewed-on: https://go-review.googlesource.com/c/go/+/758061 Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Neal Patel <nealpatel@google.com> Reviewed-by: Jakub Ciolek <jakub@ciolek.dev> (cherry picked from commit 312541b) Reviewed-on: https://go-review.googlesource.com/c/go/+/759220 Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
We added the "is this cert already in the chain" check (alreadyInChain) to considerCandidates before the signature limit. considerCandidates bails out when we exceed the signature check, but buildChains keeps calling considerCandidates until it exhausts all potential parents. In the case where a large number of certificates look to have signed each other (e.g. all have subject==issuerSubject and the same key), alreadyInChain is not particularly cheap, meaning even though we hit our "this is too much work" limit, we still do a lot of work. Move alreadyInChain after the signature limit, and also return a sentinel error, and check it in buildChains so we can break out of the loop early if we aren't actually going to do any more work. Thanks to Jakub Ciolek for reporting this issue. Updates golang#78282 Fixes golang#78362 Fixes CVE-2026-32280 Change-Id: Ie6f05c6ba3b0a40c21f64f7c4f846e74fae3b10e Reviewed-on: https://go-review.googlesource.com/c/go/+/758320 Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: Neal Patel <nealpatel@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Jakub Ciolek <jakub@ciolek.dev> (cherry picked from commit 26d8a90) Reviewed-on: https://go-review.googlesource.com/c/go/+/759201 Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
…nt of non-http/https URLs Too many systems seem to rely on net/url accepting invalid URLs with colons in the host subcomponent. Rather than adding exceptions for each (PostgreSQL, MongoDB, Redis, etc.), limit the strict validation to http/https only. This backport CL also includes test-only changes from CL 751360. For golang#78077 Fixes golang#78111 Change-Id: I851c82eb3505297013269d71dc626a4c1c202c82 Reviewed-on: https://go-review.googlesource.com/c/go/+/758900 Reviewed-by: Roland Shoemaker <roland@golang.org> Auto-Submit: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/759662 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Damien Neil <dneil@google.com> Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
…MLINK_NOFOLLOW on Linux On Linux, the fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag. Change the Linux Fchmodat function to use the fstatat2 syscall (added in Linux 6.6) when available. When fstatat2 is not available, use the same workaround as GNU libc and musl, which is to open the target file with O_PATH and then chmod it via /proc/self/fd. This change fixes an os.Root escape, where Root.Chmod could follow a symlink and act on a file outside of the root. Root.Chmod checks to see if its target is a symlink before calling fchmodat, so this escape requires the target to be replaced with a symlink in between the initial check and the fchmodat. Thanks to Uuganbayar Lkhamsuren (https://github.com/uug4na) for reporting this issue. Fixes CVE-2026-32282 Fixes golang#78293 Change-Id: Ie487be1a853b341a77b42ae0c59301d46a6a6964 Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/3900 Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: Neal Patel <nealpatel@google.com> Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/3981 Commit-Queue: Damien Neil <dneil@google.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/763542 Auto-Submit: Gopher Robot <gobot@golang.org> Reviewed-by: Junyang Shao <shaojunyang@google.com> Reviewed-by: David Chase <drchase@google.com> TryBot-Bypass: Gopher Robot <gobot@golang.org>
…eral brace depth across contexts Properly track JS template literal brace depth across branches/ranges, and prevent accidental re-use of escape analysis by including the brace depth in the stringification/mangling for contexts. Fixes golang#78331 Fixes CVE-2026-32289 Change-Id: I9f3f47c29e042220b18e4d3299db7a3fae4207fa Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/3882 Reviewed-by: Neal Patel <nealpatel@google.com> Reviewed-by: Nicholas Husin <husin@google.com> Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/3983 Reviewed-by: Damien Neil <dneil@google.com> Commit-Queue: Damien Neil <dneil@google.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/763543 Reviewed-by: Junyang Shao <shaojunyang@google.com> Reviewed-by: David Chase <drchase@google.com> Auto-Submit: Gopher Robot <gobot@golang.org> TryBot-Bypass: Gopher Robot <gobot@golang.org>
… sensitivity When applying excluded constraints to wildcard DNS SANs, the constraint checking implementation did not normalize the case of the constraint nor the SAN, which could lead to incorrect constraint checking results. This change lowercases both the constraint and the SAN before checking for matches, ensuring that constraint checking is case-insensitive as intended. Thanks to Riyas from Saintgits College of Engineering for reporting this issue. Fixes golang#78332 Fixes CVE-2026-33810 Change-Id: Id27792c8ed4c40f2810bad8dbd8d5d520cb465bb Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/3860 Reviewed-by: Neal Patel <nealpatel@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/3984 Commit-Queue: Damien Neil <dneil@google.com> Reviewed-by: Nicholas Husin <husin@google.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/763544 Auto-Submit: Gopher Robot <gobot@golang.org> Reviewed-by: David Chase <drchase@google.com> Reviewed-by: Junyang Shao <shaojunyang@google.com> TryBot-Bypass: Gopher Robot <gobot@golang.org>
When a no-op interface conversion is wrapped around the rhs of an assignment, the memory overlap detection logic in the compiler failed to peel down conversion to see the actual pointer, causing an incorrect no-overlapping determination. Thanks to Jakub Ciolek for reporting this issue. Fixes golang#78371 Fixes CVE-2026-27144 Change-Id: I55ff0806b099e1447bdbfba7fde6c6597db5d65c Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/3780 Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: Neal Patel <nealpatel@google.com> Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/4001 Commit-Queue: Damien Neil <dneil@google.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/763545 TryBot-Bypass: Gopher Robot <gobot@golang.org> Reviewed-by: Junyang Shao <shaojunyang@google.com> Reviewed-by: David Chase <drchase@google.com> Auto-Submit: Gopher Robot <gobot@golang.org>
addWillOverflow and subWillOverflow has an implicit assumption that y is positive, using it outside of addU and subU is really incorrect. This CL fixes those incorrect usage to use the correct logic in place. Thanks to Jakub Ciolek for reporting this issue. Fixes golang#78333 Fixes CVE-2026-27143 Change-Id: I263e8e7ac227e2a68109eb7bbd45f66569ed22ec Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/3700 Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: Neal Patel <nealpatel@google.com> Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/3986 Commit-Queue: Damien Neil <dneil@google.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/763546 Reviewed-by: David Chase <drchase@google.com> Auto-Submit: Gopher Robot <gobot@golang.org> Reviewed-by: Junyang Shao <shaojunyang@google.com> TryBot-Bypass: Gopher Robot <gobot@golang.org>
…se format entries We did not set a limit on the maximum size of sparse maps in the old GNU sparse format. Set a limit based on the cumulative size of the extension blocks used to encode the map (consistent with how we limit the sparse map size for other formats). Add an additional limit to the total number of sparse file entries, regardless of encoding, to all sparse formats. Thanks to Colin Walters (walters@verbum.org), Uuganbayar Lkhamsuren (https://github.com/uug4na), and Jakub Ciolek for reporting this issue. Fixes golang#78301 Fixes CVE-2026-32288 Change-Id: I84877345d7b41cc60c58771860ba70e16a6a6964 Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/3901 Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: Roland Shoemaker <bracewell@google.com> Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/4020 Reviewed-by: Neal Patel <nealpatel@google.com> Commit-Queue: Damien Neil <dneil@google.com> Reviewed-by: Nicholas Husin <husin@google.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/763547 Auto-Submit: Gopher Robot <gobot@golang.org> Reviewed-by: Junyang Shao <shaojunyang@google.com> TryBot-Bypass: Gopher Robot <gobot@golang.org> Reviewed-by: David Chase <drchase@google.com>
…s multiple key update messages When we made setReadTrafficSecret send an alert when there are pending handshake messages, we introduced a deadlock when the client sends multiple key update messages that request a response, as handleKeyUpdate will lock the mutex, and defer the unlocking until the end of the function, but setReadTrafficSecret called sendAlert in the failure case, which also tries to lock the mutex. Add an argument to setReadTrafficSecret which lets the caller indicate if the mutex is already locked, and if so, call sendAlertLocked instead of sendAlert. Thanks to Jakub Ciolek for reporting this issue. Fixes golang#78334 Fixes CVE-2026-32283 Change-Id: Id8e56974233c910e0d66ba96eafbd2ea57832610 Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/3881 Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: Nicholas Husin <husin@google.com> Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/4004 Reviewed-on: https://go-review.googlesource.com/c/go/+/763548 Auto-Submit: Gopher Robot <gobot@golang.org> Reviewed-by: Junyang Shao <shaojunyang@google.com> TryBot-Bypass: Gopher Robot <gobot@golang.org> Reviewed-by: David Chase <drchase@google.com>
The cgo compiler implicitly trusts generated files with 'cgo' prefixes; thus, SWIG files containing 'cgo' in their names will cause bypass of the trust boundary, leading to code smuggling or arbitrary code execution. The cgo compiler will now produce an error if it encounters any SWIG files containing this prefix. Thanks to Juho Forsén of Mattermost for reporting this issue. Fixes golang#78335 Fixes CVE-2026-27140 Change-Id: I44185a84e07739b3b347efdb86be7d8fa560b030 Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/3520 Reviewed-by: Nicholas Husin <husin@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/4021 Commit-Queue: Damien Neil <dneil@google.com> Reviewed-by: Neal Patel <nealpatel@google.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/763549 TryBot-Bypass: Gopher Robot <gobot@golang.org> Reviewed-by: David Chase <drchase@google.com> Auto-Submit: Gopher Robot <gobot@golang.org> Reviewed-by: Junyang Shao <shaojunyang@google.com>
Change-Id: I7f99e65c01c25ff7b5efed6c2aa124c52d0a977f Reviewed-on: https://go-review.googlesource.com/c/go/+/763682 Auto-Submit: Gopher Robot <gobot@golang.org> TryBot-Bypass: Gopher Robot <gobot@golang.org> Reviewed-by: Junyang Shao <shaojunyang@google.com> Reviewed-by: David Chase <drchase@google.com>
creachadair
approved these changes
Apr 7, 2026
Member
creachadair
left a comment
creachadair
left a comment
There was a problem hiding this comment.
LGTM, but it looks like this hasn't been tagged on dl yet, do we want to wait for that?
Member
Correction, it's linked on the downloads, it's just the VERSION that hasn't updated yet. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.