If a valid profile is scaled such that the samples/counts become 0,
an empty graph in which the compiler complain that we never saw a start line
since the graph has no nodes which is a misleading error message.
src/cmd/internal/pgo/pprof.go was modified to check if the graph is empty
return an empty profile.
GitHub-Pull-Request: golang/go#73640
Change-Id: If3f7ab8af6fcf77b2e29ae1df154f87bee377ab0
Reviewed-on: https://go-review.googlesource.com/c/go/+/725120
Reviewed-by: Michael Pratt <mpratt@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Carlos Amedee <carlos@golang.org>
Auto-Submit: Michael Pratt <mpratt@google.com>
When CL 533258 added frame pointer support for the block and mutex
profiles, it deferred skipping/inline expansion, similar to the
execution tracer. The first frame indicated whether this expansion was
needed by holding either the number of frames to skip (implying inline
expansion) or the logicalStackSentinel placeholder to indicate that no
extra handling is needed. However, CL 598515 switched to doing the
skipping/inline expansion at sample time. After this, the sentinel value
is unused. This CL removes the sentinel from runtime lock profiling,
correcting an oversight from that CL. This didn't cause any problems
since post-processing would just ignore the bogus sentinel value; this
is just a cleanup.
Change-Id: Idbec11f57ac7a57426cd8a064782c4fe6a6a6964
Reviewed-on: https://go-review.googlesource.com/c/go/+/726040
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Michael Pratt <mpratt@google.com>
Reviewed-by: Carlos Amedee <carlos@golang.org>
This change rewrites and simplifies the relro handling.
We eliminate the separate relro SymKind values and the complex
shifting of symbol kinds. Instead, we put the possible relro data
into their own sections, and make those sections relro when appropriate.
We put type descriptors and their associated data into a
new .go.type section. As part of this we change the runtime.etypes
symbol to be the end of the new section, rather than the end of
rodata as it was before.
We put function descriptors into a new .go.func section.
Ordinary rodata relro stays in the .data.rel.ro section.
We stop making the typelink section relro, as it only contains
offsets and never has dynamic relocations.
We drop the typerel:* and go:funcdescrel symbols.
For #76038
Change-Id: I7aab7cfad3f2623ff06c09a70b756fe1e43f4169
Reviewed-on: https://go-review.googlesource.com/c/go/+/723580
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Reviewed-by: Keith Randall <khr@google.com>
Reviewed-by: Keith Randall <khr@golang.org>
Auto-Submit: Ian Lance Taylor <iant@golang.org>
The generic SSA representation uses explicit extension and
truncation operations to change widths of values. The map
intrinsics were playing somewhat fast and loose with this
requirement. Fix that, and add a check to make sure we
don't regress.
I don't think there is a triggerable bug here, but I ran into
this with some prove pass modifications, where
cmd/compile/internal/ssa/prove.go:isCleanExt (and/or its uses)
is actually wrong when this invariant is not maintained.
Change-Id: Idb7be6e691e2dbf6d7af6584641c3227c5c64bf5
Reviewed-on: https://go-review.googlesource.com/c/go/+/731300
Reviewed-by: Carlos Amedee <carlos@golang.org>
Reviewed-by: Cuong Manh Le <cuong.manhle.vn@gmail.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Michael Pratt <mpratt@google.com>
Process:
- Disable unicode TestProperties.
- Run UNICODE_VERSION=17.0.0 go -C ../src/golang.org/x/text generate
- Run go generate strconv
- Update unicode TestProperties by hand to add missing test cases.
This will break x/text using the main repo until the corresponding
x/text CL is submitted. It should not break anything else.
For #77266.
Change-Id: Ia3ffb5a81e212b991714eef70eebfca98a0c8aab
Reviewed-on: https://go-review.googlesource.com/c/go/+/737420
Reviewed-by: Rob Pike <r@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
TryBot-Bypass: Russ Cox <rsc@golang.org>
The json/v2 working group decided to commit to no default representation
for time.Duration for the foreseeable future.
Thus, we can remove the issue reference in the error message.
If JavaScript (TC39) formally adopts the Temporal.Duration type,
which uses ISO 8601 as the JSON representation for a duration,
we may consider changing the default.
Switching from no default to some default in the future
is generally a compatible change.
Updates #71631
Change-Id: I6f71a0fa97dcefba56aab0c0ddf445d9d38f6e58
Reviewed-on: https://go-review.googlesource.com/c/go/+/735080
Reviewed-by: Michael Pratt <mpratt@google.com>
Reviewed-by: Damien Neil <dneil@google.com>
Auto-Submit: Joseph Tsai <joetsai@digital-static.net>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
The StaticInit pass asserts that the operand of &v is a global,
but this is not so for the &autotemp desugaring of new(expr).
(The variable has by that point escaped to the heap, so
the object code calls runtime.newobject. A future optimization
would be to statically allocate the variable when it is safe
and advantageous to do so.)
Thanks to khr for suggesting the fix.
+ static test
Fixes#77237
Change-Id: I71b34a1353fe0f3e297beab9851f8f87d765d8f1
Reviewed-on: https://go-review.googlesource.com/c/go/+/737680
Reviewed-by: Keith Randall <khr@golang.org>
Reviewed-by: Keith Randall <khr@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Constructing the zip index (which is done once when first opening
a file in an archive) can consume large amounts of CPU when
processing deeply-nested directory paths.
Switch to a less inefficient algorithm.
Thanks to Jakub Ciolek for reporting this issue.
goos: darwin
goarch: arm64
pkg: archive/zip
cpu: Apple M4 Pro
│ /tmp/bench.0 │ /tmp/bench.1 │
│ sec/op │ sec/op vs base │
ReaderOneDeepDir-14 25983.62m ± 2% 46.01m ± 2% -99.82% (p=0.000 n=8)
ReaderManyDeepDirs-14 16.221 ± 1% 2.763 ± 6% -82.96% (p=0.000 n=8)
ReaderManyShallowFiles-14 130.3m ± 1% 128.8m ± 2% -1.20% (p=0.003 n=8)
geomean 3.801 253.9m -93.32%
Fixes#77102
Fixes CVE-2025-61728
Change-Id: I2c9c864be01b2a2769eb67fbab1b250aeb8f6c42
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/3060
Reviewed-by: Nicholas Husin <husin@google.com>
Reviewed-by: Neal Patel <nealpatel@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/736713
Auto-Submit: Michael Pratt <mpratt@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Junyang Shao <shaojunyang@google.com>
net/url does not currently limit the number of query parameters parsed by
url.ParseQuery or URL.Query.
When parsing a application/x-www-form-urlencoded form,
net/http.Request.ParseForm will parse up to 10 MB of query parameters.
An input consisting of a large number of small, unique parameters can
cause excessive memory consumption.
We now limit the number of query parameters parsed to 10000 by default.
The limit can be adjusted by setting GODEBUG=urlmaxqueryparams=<n>.
Setting urlmaxqueryparams to 0 disables the limit.
Thanks to jub0bs for reporting this issue.
Fixes#77101
Fixes CVE-2025-61726
Change-Id: Iee3374c7ee2d8586dbf158536d3ade424203ff66
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/3020
Reviewed-by: Nicholas Husin <husin@google.com>
Reviewed-by: Neal Patel <nealpatel@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/736712
Auto-Submit: Michael Pratt <mpratt@google.com>
Reviewed-by: Junyang Shao <shaojunyang@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
In various situations, the toolchain invokes VCS commands. Some of these
commands take arbitrary input, either provided by users or fetched from
external sources. To prevent potential command injection vulnerabilities
or misinterpretation of arguments as flags, this change updates the VCS
commands to use various techniques to separate flags from positional
arguments, and to directly associate flags with their values.
Additionally, we update the environment variable for Mercurial to use
`HGPLAIN=+strictflags`, which is the more explicit way to disable user
configurations (intended or otherwise) that might interfere with command
execution.
We also now disallow version strings from being prefixed with '-' or
'/', as doing so opens us up to making the same mistake again in the
future. As far as we know there are currently ~0 public modules affected
by this.
While I was working on cmd/go/internal/vcs, I also noticed that a
significant portion of the commands being implemented were dead code.
In order to reduce the maintenance burden and surface area for potential
issues, I removed the dead code for unused commands.
We should probably follow up with a more structured change to make it
harder to accidentally re-introduce these issues in the future, but for
now this addresses the issue at hand.
Thanks to splitline (@splitline) from DEVCORE Research Team for
reporting this issue.
Fixes CVE-2025-68119
Fixes#77099
Change-Id: I9d9f4ee05b95be49fe14edf71a1b8e6c0784378e
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/3260
Reviewed-by: Damien Neil <dneil@google.com>
Reviewed-by: Nicholas Husin <husin@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/736710
Auto-Submit: Michael Pratt <mpratt@google.com>
Reviewed-by: Junyang Shao <shaojunyang@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Once a tls.Config is used, it is not safe to mutate. We provide the
Clone method in order to allow users to copy and modify a Config that
is in use.
If Config.SessionTicketKey is not populated, and if
Config.SetSessionTicketKeys has not been called, we automatically
populate and rotate session ticket keys. Clone was previously copying
these keys into the new Config, meaning that two Configs could share
the same auto-rotated session ticket keys. This could allow sessions to
be resumed across different Configs, which may have completely different
configurations.
This change updates Clone to not copy the auto-rotated session ticket
keys.
Additionally, when resuming a session, check that not just that the leaf
certificate is unexpired, but that the entire certificate chain is still
unexpired.
Fixes#77113
Fixes CVE-2025-68121
Change-Id: I011df7329de83068d11b3f0c793763692d018a98
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/3300
Reviewed-by: Damien Neil <dneil@google.com>
Reviewed-by: Nicholas Husin <husin@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/736709
Auto-Submit: Michael Pratt <mpratt@google.com>
Reviewed-by: Junyang Shao <shaojunyang@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
