[release-branch.go1.24] go1.24.12

Change-Id: I10f61b9036c64c5cbd760cc9f8db67344d373686
Reviewed-on: https://go-review.googlesource.com/c/go/+/736762
Reviewed-by: Michael Pratt <mpratt@google.com>
Auto-Submit: Gopher Robot <gobot@golang.org>
TryBot-Bypass: Gopher Robot <gobot@golang.org>
Reviewed-by: Junyang Shao <shaojunyang@google.com>

VERSION

@@ -0,0 +1,2 @@
+go1.24.12
+time 2026-01-08T21:56:04Z

api/go1.24.txt

@@ -106,33 +106,26 @@ pkg debug/elf, const VER_FLG_INFO = 4 #63952
 pkg debug/elf, const VER_FLG_INFO DynamicVersionFlag #63952
 pkg debug/elf, const VER_FLG_WEAK = 2 #63952
 pkg debug/elf, const VER_FLG_WEAK DynamicVersionFlag #63952
-pkg debug/elf, const VerFlagGlobal = 2 #63952
-pkg debug/elf, const VerFlagGlobal SymbolVersionFlag #63952
-pkg debug/elf, const VerFlagHidden = 4 #63952
-pkg debug/elf, const VerFlagHidden SymbolVersionFlag #63952
-pkg debug/elf, const VerFlagLocal = 1 #63952
-pkg debug/elf, const VerFlagLocal SymbolVersionFlag #63952
-pkg debug/elf, const VerFlagNone = 0 #63952
-pkg debug/elf, const VerFlagNone SymbolVersionFlag #63952
 pkg debug/elf, method (*File) DynamicVersionNeeds() ([]DynamicVersionNeed, error) #63952
 pkg debug/elf, method (*File) DynamicVersions() ([]DynamicVersion, error) #63952
 pkg debug/elf, type DynamicVersion struct #63952
 pkg debug/elf, type DynamicVersion struct, Deps []string #63952
 pkg debug/elf, type DynamicVersion struct, Flags DynamicVersionFlag #63952
+pkg debug/elf, type DynamicVersion struct, Name string #63952
 pkg debug/elf, type DynamicVersion struct, Index uint16 #63952
-pkg debug/elf, type DynamicVersion struct, Version uint16 #63952
 pkg debug/elf, type DynamicVersionDep struct #63952
 pkg debug/elf, type DynamicVersionDep struct, Dep string #63952
 pkg debug/elf, type DynamicVersionDep struct, Flags DynamicVersionFlag #63952
-pkg debug/elf, type DynamicVersionDep struct, Other uint16 #63952
+pkg debug/elf, type DynamicVersionDep struct, Index uint16 #63952
 pkg debug/elf, type DynamicVersionFlag uint16 #63952
 pkg debug/elf, type DynamicVersionNeed struct #63952
 pkg debug/elf, type DynamicVersionNeed struct, Name string #63952
 pkg debug/elf, type DynamicVersionNeed struct, Needs []DynamicVersionDep #63952
-pkg debug/elf, type DynamicVersionNeed struct, Version uint16 #63952
-pkg debug/elf, type Symbol struct, VersionFlags SymbolVersionFlag #63952
-pkg debug/elf, type Symbol struct, VersionIndex int16 #63952
-pkg debug/elf, type SymbolVersionFlag uint8 #63952
+pkg debug/elf, type Symbol struct, HasVersion bool #63952
+pkg debug/elf, type Symbol struct, VersionIndex VersionIndex #63952
+pkg debug/elf, method (VersionIndex) Index() uint16 #63952
+pkg debug/elf, method (VersionIndex) IsHidden() bool #63952
+pkg debug/elf, type VersionIndex uint16 #63952
 pkg encoding, type BinaryAppender interface { AppendBinary } #62384
 pkg encoding, type BinaryAppender interface, AppendBinary([]uint8) ([]uint8, error) #62384
 pkg encoding, type TextAppender interface { AppendText } #62384

codereview.cfg

@@ -1 +1,2 @@
-branch: master
+branch: release-branch.go1.24
+parent-branch: master

doc/go_spec.html

@@ -1,6 +1,6 @@
 <!--{
 	"Title": "The Go Programming Language Specification",
-	"Subtitle": "Language version go1.24 (Nov 20, 2024)",
+	"Subtitle": "Language version go1.24 (Dec 30, 2024)",
 	"Path": "/ref/spec"
 }-->
 
@@ -798,7 +798,6 @@ If a variable has not yet been assigned a value, its value is the
 <a href="#The_zero_value">zero value</a> for its type.
 </p>
 
-
 <h2 id="Types">Types</h2>
 
 <p>
@@ -810,12 +809,12 @@ from existing types.
 </p>
 
 <pre class="ebnf">
-Type      = TypeName [ TypeArgs ] | TypeLit | "(" Type ")" .
-TypeName  = identifier | QualifiedIdent .
-TypeArgs  = "[" TypeList [ "," ] "]" .
-TypeList  = Type { "," Type } .
-TypeLit   = ArrayType | StructType | PointerType | FunctionType | InterfaceType |
-            SliceType | MapType | ChannelType .
+Type     = TypeName [ TypeArgs ] | TypeLit | "(" Type ")" .
+TypeName = identifier | QualifiedIdent .
+TypeArgs = "[" TypeList [ "," ] "]" .
+TypeList = Type { "," Type } .
+TypeLit  = ArrayType | StructType | PointerType | FunctionType | InterfaceType |
+           SliceType | MapType | ChannelType .
 </pre>
 
 <p>
@@ -1200,7 +1199,7 @@ type (
 <p>
 A pointer type denotes the set of all pointers to <a href="#Variables">variables</a> of a given
 type, called the <i>base type</i> of the pointer.
-The value of an uninitialized pointer is <code>nil</code>.
+The <a href="#Representation_of_values">value</a> of an uninitialized pointer is <code>nil</code>.
 </p>
 
 <pre class="ebnf">
@@ -1216,18 +1215,18 @@ BaseType    = Type .
 <h3 id="Function_types">Function types</h3>
 
 <p>
-A function type denotes the set of all functions with the same parameter
-and result types. The value of an uninitialized variable of function type
-is <code>nil</code>.
+A function type denotes the set of all functions with the same parameter and result types.
+The <a href="#Representation_of_values">value</a> of an uninitialized variable of function
+type is <code>nil</code>.
 </p>
 
 <pre class="ebnf">
-FunctionType   = "func" Signature .
-Signature      = Parameters [ Result ] .
-Result         = Parameters | Type .
-Parameters     = "(" [ ParameterList [ "," ] ] ")" .
-ParameterList  = ParameterDecl { "," ParameterDecl } .
-ParameterDecl  = [ IdentifierList ] [ "..." ] Type .
+FunctionType  = "func" Signature .
+Signature     = Parameters [ Result ] .
+Result        = Parameters | Type .
+Parameters    = "(" [ ParameterList [ "," ] ] ")" .
+ParameterList = ParameterDecl { "," ParameterDecl } .
+ParameterDecl = [ IdentifierList ] [ "..." ] Type .
 </pre>
 
 <p>
@@ -1267,7 +1266,8 @@ An interface type defines a <i>type set</i>.
 A variable of interface type can store a value of any type that is in the type
 set of the interface. Such a type is said to
 <a href="#Implementing_an_interface">implement the interface</a>.
-The value of an uninitialized variable of interface type is <code>nil</code>.
+The <a href="#Representation_of_values">value</a> of an uninitialized variable of
+interface type is <code>nil</code>.
 </p>
 
 <pre class="ebnf">
@@ -1630,12 +1630,12 @@ implements the interface.
 A map is an unordered group of elements of one type, called the
 element type, indexed by a set of unique <i>keys</i> of another type,
 called the key type.
-The value of an uninitialized map is <code>nil</code>.
+The <a href="#Representation_of_values">value</a> of an uninitialized map is <code>nil</code>.
 </p>
 
 <pre class="ebnf">
-MapType     = "map" "[" KeyType "]" ElementType .
-KeyType     = Type .
+MapType = "map" "[" KeyType "]" ElementType .
+KeyType = Type .
 </pre>
 
 <p>
@@ -1693,7 +1693,7 @@ to communicate by
 <a href="#Send_statements">sending</a> and
 <a href="#Receive_operator">receiving</a>
 values of a specified element type.
-The value of an uninitialized channel is <code>nil</code>.
+The <a href="#Representation_of_values">value</a> of an uninitialized channel is <code>nil</code>.
 </p>
 
 <pre class="ebnf">
@@ -1772,6 +1772,57 @@ received in the order sent.
 
 <h2 id="Properties_of_types_and_values">Properties of types and values</h2>
 
+<h3 id="Representation_of_values">Representation of values</h3>
+
+<p>
+Values of predeclared types (see below for the interfaces <code>any</code>
+and <code>error</code>), arrays, and structs are self-contained:
+Each such value contains a complete copy of all its data,
+and <a href="#Variables">variables</a> of such types store the entire value.
+For instance, an array variable provides the storage (the variables)
+for all elements of the array.
+The respective <a href="#The_zero_value">zero values</a> are specific to the
+value's types; they are never <code>nil</code>.
+</p>
+
+<p>
+Non-nil pointer, function, slice, map, and channel values contain references
+to underlying data which may be shared by multiple values:
+</p>
+
+<ul>
+<li>
+	A pointer value is a reference to the variable holding
+	the pointer base type value.
+</li>
+<li>
+	A function value contains references to the (possibly
+	<a href="#Function_literals">anonymous</a>) function
+	and enclosed variables.
+</li>
+<li>
+	A slice value contains the slice length, capacity, and
+	a reference to its <a href="#Slice_types">underlying array</a>.
+</li>
+<li>
+	A map or channel value is a reference to the implementation-specific
+	data structure of the map or channel.
+</li>
+</ul>
+
+<p>
+An interface value may be self-contained or contain references to underlying data
+depending on the interface's <a href="#Variables">dynamic type</a>.
+The predeclared identifier <code>nil</code> is the zero value for types whose values
+can contain references.
+</p>
+
+<p>
+When multiple values share underlying data, changing one value may change another.
+For instance, changing an element of a <a href="#Slice_types">slice</a> will change
+that element in the underlying array for all slices that share the array.
+</p>
+
 <h3 id="Underlying_types">Underlying types</h3>
 
 <p>
@@ -2176,7 +2227,7 @@ within matching brace brackets.
 </p>
 
 <pre class="ebnf">
-Block = "{" StatementList "}" .
+Block         = "{" StatementList "}" .
 StatementList = { Statement ";" } .
 </pre>
 
@@ -2233,8 +2284,8 @@ and like the blank identifier it does not introduce a new binding.
 </p>
 
 <pre class="ebnf">
-Declaration   = ConstDecl | TypeDecl | VarDecl .
-TopLevelDecl  = Declaration | FunctionDecl | MethodDecl .
+Declaration  = ConstDecl | TypeDecl | VarDecl .
+TopLevelDecl = Declaration | FunctionDecl | MethodDecl .
 </pre>
 
 <p>
@@ -2679,9 +2730,9 @@ in square brackets rather than parentheses
 </p>
 
 <pre class="ebnf">
-TypeParameters  = "[" TypeParamList [ "," ] "]" .
-TypeParamList   = TypeParamDecl { "," TypeParamDecl } .
-TypeParamDecl   = IdentifierList TypeConstraint .
+TypeParameters = "[" TypeParamList [ "," ] "]" .
+TypeParamList  = TypeParamDecl { "," TypeParamDecl } .
+TypeParamDecl  = IdentifierList TypeConstraint .
 </pre>
 
 <p>
@@ -2819,7 +2870,7 @@ values or variables, or components of other, non-interface types.
 
 <p>
 A type argument <code>T</code><i> satisfies</i> a type constraint <code>C</code>
-if <code>T</code> is an element of the type set defined by <code>C</code>; i.e.,
+if <code>T</code> is an element of the type set defined by <code>C</code>; in other words,
 if <code>T</code> <a href="#Implementing_an_interface">implements</a> <code>C</code>.
 As an exception, a <a href="#Comparison_operators">strictly comparable</a>
 type constraint may also be satisfied by a <a href="#Comparison_operators">comparable</a>
@@ -2869,8 +2920,8 @@ binds corresponding identifiers to them, and gives each a type and an initial va
 </p>
 
 <pre class="ebnf">
-VarDecl     = "var" ( VarSpec | "(" { VarSpec ";" } ")" ) .
-VarSpec     = IdentifierList ( Type [ "=" ExpressionList ] | "=" ExpressionList ) .
+VarDecl = "var" ( VarSpec | "(" { VarSpec ";" } ")" ) .
+VarSpec = IdentifierList ( Type [ "=" ExpressionList ] | "=" ExpressionList ) .
 </pre>
 
 <pre>
@@ -2899,7 +2950,7 @@ initialization value in the assignment.
 If that value is an untyped constant, it is first implicitly
 <a href="#Conversions">converted</a> to its <a href="#Constants">default type</a>;
 if it is an untyped boolean value, it is first implicitly converted to type <code>bool</code>.
-The predeclared value <code>nil</code> cannot be used to initialize a variable
+The predeclared identifier <code>nil</code> cannot be used to initialize a variable
 with no explicit type.
 </p>
 
@@ -3210,15 +3261,15 @@ Each element may optionally be preceded by a corresponding key.
 </p>
 
 <pre class="ebnf">
-CompositeLit  = LiteralType LiteralValue .
-LiteralType   = StructType | ArrayType | "[" "..." "]" ElementType |
-                SliceType | MapType | TypeName [ TypeArgs ] .
-LiteralValue  = "{" [ ElementList [ "," ] ] "}" .
-ElementList   = KeyedElement { "," KeyedElement } .
-KeyedElement  = [ Key ":" ] Element .
-Key           = FieldName | Expression | LiteralValue .
-FieldName     = identifier .
-Element       = Expression | LiteralValue .
+CompositeLit = LiteralType LiteralValue .
+LiteralType  = StructType | ArrayType | "[" "..." "]" ElementType |
+               SliceType | MapType | TypeName [ TypeArgs ] .
+LiteralValue = "{" [ ElementList [ "," ] ] "}" .
+ElementList  = KeyedElement { "," KeyedElement } .
+KeyedElement = [ Key ":" ] Element .
+Key          = FieldName | Expression | LiteralValue .
+FieldName    = identifier .
+Element      = Expression | LiteralValue .
 </pre>
 
 <p>
@@ -3450,22 +3501,21 @@ Primary expressions are the operands for unary and binary expressions.
 </p>
 
 <pre class="ebnf">
-PrimaryExpr =
-	Operand |
-	Conversion |
-	MethodExpr |
-	PrimaryExpr Selector |
-	PrimaryExpr Index |
-	PrimaryExpr Slice |
-	PrimaryExpr TypeAssertion |
-	PrimaryExpr Arguments .
+PrimaryExpr   = Operand |
+                Conversion |
+                MethodExpr |
+                PrimaryExpr Selector |
+                PrimaryExpr Index |
+                PrimaryExpr Slice |
+                PrimaryExpr TypeAssertion |
+                PrimaryExpr Arguments .
 
-Selector       = "." identifier .
-Index          = "[" Expression [ "," ] "]" .
-Slice          = "[" [ Expression ] ":" [ Expression ] "]" |
-                 "[" [ Expression ] ":" Expression ":" Expression "]" .
-TypeAssertion  = "." "(" Type ")" .
-Arguments      = "(" [ ( ExpressionList | Type [ "," ExpressionList ] ) [ "..." ] [ "," ] ] ")" .
+Selector      = "." identifier .
+Index         = "[" Expression [ "," ] "]" .
+Slice         = "[" [ Expression ] ":" [ Expression ] "]" |
+                "[" [ Expression ] ":" Expression ":" Expression "]" .
+TypeAssertion = "." "(" Type ")" .
+Arguments     = "(" [ ( ExpressionList | Type [ "," ExpressionList ] ) [ "..." ] [ "," ] ] ")" .
 </pre>
 
 
@@ -3638,8 +3688,8 @@ argument that is the receiver of the method.
 </p>
 
 <pre class="ebnf">
-MethodExpr    = ReceiverType "." MethodName .
-ReceiverType  = Type .
+MethodExpr   = ReceiverType "." MethodName .
+ReceiverType = Type .
 </pre>
 
 <p>
@@ -4230,8 +4280,7 @@ calls <code>f</code> with arguments <code>a1, a2, … an</code>.
 Except for one special case, arguments must be single-valued expressions
 <a href="#Assignability">assignable</a> to the parameter types of
 <code>F</code> and are evaluated before the function is called.
-The type of the expression is the result type
-of <code>F</code>.
+The type of the expression is the result type of <code>F</code>.
 A method invocation is similar but the method itself
 is specified as a selector upon a value of the receiver type for
 the method.
@@ -4252,9 +4301,14 @@ or used as a function value.
 <p>
 In a function call, the function value and arguments are evaluated in
 <a href="#Order_of_evaluation">the usual order</a>.
-After they are evaluated, the parameters of the call are passed by value to the function
+After they are evaluated, new storage is allocated for the function's
+<a href="#Variables">variables</a>, which includes its parameters
+and results.
+Then, the arguments of the call are <i>passed</i> to the function,
+which means that they are <a href="#Assignment_statements">assigned</a>
+to their corresponding function parameters,
 and the called function begins execution.
-The return parameters of the function are passed by value
+The return parameters of the function are passed
 back to the caller when the function returns.
 </p>
 
@@ -4268,9 +4322,9 @@ As a special case, if the return values of a function or method
 <code>g</code> are equal in number and individually
 assignable to the parameters of another function or method
 <code>f</code>, then the call <code>f(g(<i>parameters_of_g</i>))</code>
-will invoke <code>f</code> after binding the return values of
-<code>g</code> to the parameters of <code>f</code> in order.  The call
-of <code>f</code> must contain no parameters other than the call of <code>g</code>,
+will invoke <code>f</code> after passing the return values of
+<code>g</code> to the parameters of <code>f</code> in order.
+The call of <code>f</code> must contain no parameters other than the call of <code>g</code>,
 and <code>g</code> must have at least one return value.
 If <code>f</code> has a final <code>...</code> parameter, it is
 assigned the return values of <code>g</code> that remain after
@@ -4316,7 +4370,7 @@ If <code>f</code> is <a href="#Function_types">variadic</a> with a final
 parameter <code>p</code> of type <code>...T</code>, then within <code>f</code>
 the type of <code>p</code> is equivalent to type <code>[]T</code>.
 If <code>f</code> is invoked with no actual arguments for <code>p</code>,
-the value passed to <code>p</code> is <code>nil</code>.
+the value <a href="#Calls">passed</a> to <code>p</code> is <code>nil</code>.
 Otherwise, the value passed is a new slice
 of type <code>[]T</code> with a new underlying array whose successive elements
 are the actual arguments, which all must be <a href="#Assignability">assignable</a>
@@ -5632,6 +5686,8 @@ myString([]myRune{0x1f30e})              // "\U0001f30e" == "🌎"
 <li>
 Converting a value of a string type to a slice of bytes type
 yields a non-nil slice whose successive elements are the bytes of the string.
+The <a href="#Length_and_capacity">capacity</a> of the resulting slice is
+implementation-specific and may be larger than the slice length.
 
 <pre>
 []byte("hellø")             // []byte{'h', 'e', 'l', 'l', '\xc3', '\xb8'}
@@ -5647,6 +5703,8 @@ bytes("hellø")              // []byte{'h', 'e', 'l', 'l', '\xc3', '\xb8'}
 <li>
 Converting a value of a string type to a slice of runes type
 yields a slice containing the individual Unicode code points of the string.
+The <a href="#Length_and_capacity">capacity</a> of the resulting slice is
+implementation-specific and may be larger than the slice length.
 
 <pre>
 []rune(myString("白鵬翔"))   // []rune{0x767d, 0x9d6c, 0x7fd4}
@@ -5848,7 +5906,7 @@ Otherwise, when evaluating the <a href="#Operands">operands</a> of an
 expression, assignment, or
 <a href="#Return_statements">return statement</a>,
 all function calls, method calls,
-<a href="#Receive operator">receive operations</a>,
+<a href="#Receive_operator">receive operations</a>,
 and <a href="#Logical_operators">binary logical operations</a>
 are evaluated in lexical left-to-right order.
 </p>
@@ -5916,11 +5974,10 @@ Statements control execution.
 </p>
 
 <pre class="ebnf">
-Statement =
-	Declaration | LabeledStmt | SimpleStmt |
-	GoStmt | ReturnStmt | BreakStmt | ContinueStmt | GotoStmt |
-	FallthroughStmt | Block | IfStmt | SwitchStmt | SelectStmt | ForStmt |
-	DeferStmt .
+Statement  = Declaration | LabeledStmt | SimpleStmt |
+             GoStmt | ReturnStmt | BreakStmt | ContinueStmt | GotoStmt |
+             FallthroughStmt | Block | IfStmt | SwitchStmt | SelectStmt | ForStmt |
+             DeferStmt .
 
 SimpleStmt = EmptyStmt | ExpressionStmt | SendStmt | IncDecStmt | Assignment | ShortVarDecl .
 </pre>
@@ -6132,7 +6189,7 @@ matching number of variables.
 <pre class="ebnf">
 Assignment = ExpressionList assign_op ExpressionList .
 
-assign_op = [ add_op | mul_op ] "=" .
+assign_op  = [ add_op | mul_op ] "=" .
 </pre>
 
 <p>
@@ -6261,6 +6318,26 @@ to the type of the operand to which it is assigned, with the following special c
 </li>
 </ol>
 
+<p>
+When a value is assigned to a variable, only the data that is stored in the variable
+is replaced. If the value contains a <a href="#Representation_of_values">reference</a>,
+the assignment copies the reference but does not make a copy of the referenced data
+(such as the underlying array of a slice).
+</p>
+
+<pre>
+var s1 = []int{1, 2, 3}
+var s2 = s1                    // s2 stores the slice descriptor of s1
+s1 = s1[:1]                    // s1's length is 1 but it still shares its underlying array with s2
+s2[0] = 42                     // setting s2[0] changes s1[0] as well
+fmt.Println(s1, s2)            // prints [42] [42 2 3]
+
+var m1 = make(map[string]int)
+var m2 = m1                    // m2 stores the map descriptor of m1
+m1["foo"] = 42                 // setting m1["foo"] changes m2["foo"] as well
+fmt.Println(m2["foo"])         // prints 42
+</pre>
+
 <h3 id="If_statements">If statements</h3>
 
 <p>
@@ -6548,7 +6625,7 @@ The iteration may be controlled by a single condition, a "for" clause, or a "ran
 </p>
 
 <pre class="ebnf">
-ForStmt = "for" [ Condition | ForClause | RangeClause ] Block .
+ForStmt   = "for" [ Condition | ForClause | RangeClause ] Block .
 Condition = Expression .
 </pre>
 
@@ -6580,8 +6657,8 @@ an increment or decrement statement. The init statement may be a
 
 <pre class="ebnf">
 ForClause = [ InitStmt ] ";" [ Condition ] ";" [ PostStmt ] .
-InitStmt = SimpleStmt .
-PostStmt = SimpleStmt .
+InitStmt  = SimpleStmt .
+PostStmt  = SimpleStmt .
 </pre>
 
 <pre>
@@ -7909,7 +7986,7 @@ types, variables, and constants.
 </p>
 
 <pre class="ebnf">
-SourceFile       = PackageClause ";" { ImportDecl ";" } { TopLevelDecl ";" } .
+SourceFile = PackageClause ";" { ImportDecl ";" } { TopLevelDecl ";" } .
 </pre>
 
 <h3 id="Package_clause">Package clause</h3>
@@ -7920,8 +7997,8 @@ to which the file belongs.
 </p>
 
 <pre class="ebnf">
-PackageClause  = "package" PackageName .
-PackageName    = identifier .
+PackageClause = "package" PackageName .
+PackageName   = identifier .
 </pre>
 
 <p>
@@ -7950,9 +8027,9 @@ that specifies the package to be imported.
 </p>
 
 <pre class="ebnf">
-ImportDecl       = "import" ( ImportSpec | "(" { ImportSpec ";" } ")" ) .
-ImportSpec       = [ "." | PackageName ] ImportPath .
-ImportPath       = string_lit .
+ImportDecl = "import" ( ImportSpec | "(" { ImportSpec ";" } ")" ) .
+ImportSpec = [ "." | PackageName ] ImportPath .
+ImportPath = string_lit .
 </pre>
 
 <p>
@@ -8437,7 +8514,7 @@ var p ptr = nil
 <p>
 The functions <code>Alignof</code> and <code>Sizeof</code> take an expression <code>x</code>
 of any type and return the alignment or size, respectively, of a hypothetical variable <code>v</code>
-as if <code>v</code> was declared via <code>var v = x</code>.
+as if <code>v</code> were declared via <code>var v = x</code>.
 </p>
 <p>
 The function <code>Offsetof</code> takes a (possibly parenthesized) <a href="#Selectors">selector</a>

doc/godebug.md

@@ -151,8 +151,36 @@ for example,
 see the [runtime documentation](/pkg/runtime#hdr-Environment_Variables)
 and the [go command documentation](/cmd/go#hdr-Build_and_test_caching).
 
+### Go 1.26
+
+Go 1.26 added a new `httpcookiemaxnum` setting that controls the maximum number
+of cookies that net/http will accept when parsing HTTP headers. If the number of
+cookie in a header exceeds the number set in `httpcookiemaxnum`, cookie parsing
+will fail early. The default value is `httpcookiemaxnum=3000`. Setting
+`httpcookiemaxnum=0` will allow the cookie parsing to accept an indefinite
+number of cookies. To avoid denial of service attacks, this setting and default
+was backported to Go 1.25.2 and Go 1.24.8.
+
+Go 1.26 added a new `urlmaxqueryparams` setting that controls the maximum number
+of query parameters that net/url will accept when parsing a URL-encoded query string.
+If the number of parameters exceeds the number set in `urlmaxqueryparams`,
+parsing will fail early. The default value is `urlmaxqueryparams=10000`.
+Setting `urlmaxqueryparams=0`bles the limit. To avoid denial of service attacks,
+this setting and default was backported to Go 1.25.4 and Go 1.24.10.
+
 ### Go 1.24
 
+Go 1.24 added a new `fips140` setting that controls whether the Go
+Cryptographic Module operates in FIPS 140-3 mode.
+The possible values are:
+- "off": no special support for FIPS 140-3 mode. This is the default.
+- "on": the Go Cryptographic Module operates in FIPS 140-3 mode.
+- "only": like "on", but cryptographic algorithms not approved by
+  FIPS 140-3 return an error or panic.
+For more information, see [FIPS 140-3 Compliance](/doc/security/fips140).
+This setting is fixed at program startup time, and can't be modified
+by changing the `GODEBUG` environment variable after the program starts.
+
 Go 1.24 changed the global [`math/rand.Seed`](/pkg/math/rand/#Seed) to be a
 no-op. This behavior is controlled by the `randseednop` setting.
 For Go 1.24 it defaults to `randseednop=1`.
@@ -213,6 +241,10 @@ use and validate the CRT parameters in the encoded private key. This behavior
 can be controlled with the `x509rsacrt` setting. Using `x509rsacrt=0` restores
 the Go 1.23 behavior.
 
+Go 1.24.5 disabled build information stamping when multiple VCS are detected due
+to concerns around VCS injection attacks. This behavior can be renabled with the
+setting `allowmultiplevcs=1`.
+
 ### Go 1.23
 
 Go 1.23 changed the channels created by package time to be unbuffered

doc/initial/1-intro.md

@@ -1,9 +1,3 @@
-<!--
-NOTE: In this document and others in this directory, the convention is to
-set fixed-width phrases with non-fixed-width spaces, as in
-`hello` `world`.
--->
-
 <style>
   main ul li { margin: 0.5em 0; }
 </style>

lib/fips140/Makefile

@@ -27,7 +27,7 @@ default:
 # copy and edit the 'go run' command by hand to use a different branch.
 v%.zip:
 	git fetch origin master
-	go run ../../src/cmd/go/internal/fips140/mkzip.go -b master v$*
+	go run ../../src/cmd/go/internal/fips140/mkzip.go v$*
 
 # normally mkzip refuses to overwrite an existing zip file.
 # make v1.2.3.rm removes the zip file and and unpacked

lib/fips140/fips140.sum

@@ -9,3 +9,4 @@
 #
 #	go test cmd/go/internal/fips140 -update
 #
+v1.0.0-c2097c7c.zip daf3614e0406f67ae6323c902db3f953a1effb199142362a039e7526dfb9368b

lib/fips140/inprocess.txt

@@ -0,0 +1 @@
+v1.0.0-c2097c7c

lib/fips140/v1.0.0.txt

@@ -0,0 +1 @@
+v1.0.0-c2097c7c

lib/time/update.bash

@@ -24,8 +24,8 @@
 # in the CL match the update.bash in the CL.
 
 # Versions to use.
-CODE=2024b
-DATA=2024b
+CODE=2025a
+DATA=2025a
 
 set -e
 

src/archive/tar/common.go

@@ -39,6 +39,7 @@ var (
 	errMissData        = errors.New("archive/tar: sparse file references non-existent data")
 	errUnrefData       = errors.New("archive/tar: sparse file contains unreferenced data")
 	errWriteHole       = errors.New("archive/tar: write non-NUL byte in sparse hole")
+	errSparseTooLong   = errors.New("archive/tar: sparse map too long")
 )
 
 type headerError []string

src/archive/tar/reader.go

@@ -531,12 +531,17 @@ func readGNUSparseMap1x0(r io.Reader) (sparseDatas, error) {
 		cntNewline int64
 		buf        bytes.Buffer
 		blk        block
+		totalSize  int
 	)
 
 	// feedTokens copies data in blocks from r into buf until there are
 	// at least cnt newlines in buf. It will not read more blocks than needed.
 	feedTokens := func(n int64) error {
 		for cntNewline < n {
+			totalSize += len(blk)
+			if totalSize > maxSpecialFileSize {
+				return errSparseTooLong
+			}
 			if _, err := mustReadFull(r, blk[:]); err != nil {
 				return err
 			}
@@ -569,8 +574,8 @@ func readGNUSparseMap1x0(r io.Reader) (sparseDatas, error) {
 	}
 
 	// Parse for all member entries.
-	// numEntries is trusted after this since a potential attacker must have
-	// committed resources proportional to what this library used.
+	// numEntries is trusted after this since feedTokens limits the number of
+	// tokens based on maxSpecialFileSize.
 	if err := feedTokens(2 * numEntries); err != nil {
 		return nil, err
 	}

src/archive/tar/reader_test.go

@@ -621,6 +621,11 @@ func TestReader(t *testing.T) {
 			},
 			Format: FormatPAX,
 		}},
+	}, {
+		// Small compressed file that uncompresses to
+		// a file with a very large GNU 1.0 sparse map.
+		file: "testdata/gnu-sparse-many-zeros.tar.bz2",
+		err:  errSparseTooLong,
 	}}
 
 	for _, v := range vectors {

src/archive/tar/writer.go

@@ -424,6 +424,9 @@ func (tw *Writer) AddFS(fsys fs.FS) error {
 			return err
 		}
 		h.Name = name
+		if d.IsDir() {
+			h.Name += "/"
+		}
 		if err := tw.WriteHeader(h); err != nil {
 			return err
 		}

src/archive/tar/writer_test.go

@@ -1382,7 +1382,11 @@ func TestWriterAddFS(t *testing.T) {
 			t.Fatal(err)
 		}
 
-		if hdr.Name != name {
+		tmpName := name
+		if entryInfo.IsDir() {
+			tmpName += "/"
+		}
+		if hdr.Name != tmpName {
 			t.Errorf("test fs has filename %v; archive header has %v",
 				name, hdr.Name)
 		}

src/archive/zip/reader.go

@@ -830,7 +830,16 @@ func (r *Reader) initFileList() {
 				continue
 			}
 
-			for dir := path.Dir(name); dir != "."; dir = path.Dir(dir) {
+			dir := name
+			for {
+				if idx := strings.LastIndex(dir, "/"); idx < 0 {
+					break
+				} else {
+					dir = dir[:idx]
+				}
+				if dirs[dir] {
+					break
+				}
 				dirs[dir] = true
 			}
 

src/archive/zip/reader_test.go

@@ -8,6 +8,7 @@ import (
 	"bytes"
 	"encoding/binary"
 	"encoding/hex"
+	"fmt"
 	"internal/obscuretestdata"
 	"io"
 	"io/fs"
@@ -1832,3 +1833,83 @@ func TestBaseOffsetPlusOverflow(t *testing.T) {
 	// as the section reader offset & size were < 0.
 	NewReader(bytes.NewReader(data), int64(len(data))+1875)
 }
+
+func BenchmarkReaderOneDeepDir(b *testing.B) {
+	var buf bytes.Buffer
+	zw := NewWriter(&buf)
+
+	for i := range 4000 {
+		name := strings.Repeat("a/", i) + "data"
+		zw.CreateHeader(&FileHeader{
+			Name:   name,
+			Method: Store,
+		})
+	}
+
+	if err := zw.Close(); err != nil {
+		b.Fatal(err)
+	}
+	data := buf.Bytes()
+
+	for b.Loop() {
+		zr, err := NewReader(bytes.NewReader(data), int64(len(data)))
+		if err != nil {
+			b.Fatal(err)
+		}
+		zr.Open("does-not-exist")
+	}
+}
+
+func BenchmarkReaderManyDeepDirs(b *testing.B) {
+	var buf bytes.Buffer
+	zw := NewWriter(&buf)
+
+	for i := range 2850 {
+		name := fmt.Sprintf("%x", i)
+		name = strings.Repeat("/"+name, i+1)[1:]
+
+		zw.CreateHeader(&FileHeader{
+			Name:   name,
+			Method: Store,
+		})
+	}
+
+	if err := zw.Close(); err != nil {
+		b.Fatal(err)
+	}
+	data := buf.Bytes()
+
+	for b.Loop() {
+		zr, err := NewReader(bytes.NewReader(data), int64(len(data)))
+		if err != nil {
+			b.Fatal(err)
+		}
+		zr.Open("does-not-exist")
+	}
+}
+
+func BenchmarkReaderManyShallowFiles(b *testing.B) {
+	var buf bytes.Buffer
+	zw := NewWriter(&buf)
+
+	for i := range 310000 {
+		name := fmt.Sprintf("%v", i)
+		zw.CreateHeader(&FileHeader{
+			Name:   name,
+			Method: Store,
+		})
+	}
+
+	if err := zw.Close(); err != nil {
+		b.Fatal(err)
+	}
+	data := buf.Bytes()
+
+	for b.Loop() {
+		zr, err := NewReader(bytes.NewReader(data), int64(len(data)))
+		if err != nil {
+			b.Fatal(err)
+		}
+		zr.Open("does-not-exist")
+	}
+}

src/archive/zip/writer.go

@@ -520,6 +520,9 @@ func (w *Writer) AddFS(fsys fs.FS) error {
 			return err
 		}
 		h.Name = name
+		if d.IsDir() {
+			h.Name += "/"
+		}
 		h.Method = Deflate
 		fw, err := w.CreateHeader(h)
 		if err != nil {

src/archive/zip/writer_test.go

@@ -633,7 +633,7 @@ func TestWriterAddFS(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	// Add subfolder into fsys to match what we'll read from the tar.
+	// Add subfolder into fsys to match what we'll read from the zip.
 	tests = append(tests[:2:2], WriteTest{Name: "subfolder", Mode: 0o555 | os.ModeDir}, tests[2])
 
 	// read it back
@@ -642,6 +642,9 @@ func TestWriterAddFS(t *testing.T) {
 		t.Fatal(err)
 	}
 	for i, wt := range tests {
+		if wt.Mode.IsDir() {
+			wt.Name += "/"
+		}
 		testReadFile(t, r.File[i], &wt)
 	}
 }

src/builtin/builtin.go

@@ -162,12 +162,12 @@ func delete(m map[Type]Type1, key Type)
 
 // The len built-in function returns the length of v, according to its type:
 //
-//	Array: the number of elements in v.
-//	Pointer to array: the number of elements in *v (even if v is nil).
-//	Slice, or map: the number of elements in v; if v is nil, len(v) is zero.
-//	String: the number of bytes in v.
-//	Channel: the number of elements queued (unread) in the channel buffer;
-//	         if v is nil, len(v) is zero.
+//   - Array: the number of elements in v.
+//   - Pointer to array: the number of elements in *v (even if v is nil).
+//   - Slice, or map: the number of elements in v; if v is nil, len(v) is zero.
+//   - String: the number of bytes in v.
+//   - Channel: the number of elements queued (unread) in the channel buffer;
+//     if v is nil, len(v) is zero.
 //
 // For some arguments, such as a string literal or a simple array expression, the
 // result can be a constant. See the Go language specification's "Length and
@@ -176,12 +176,12 @@ func len(v Type) int
 
 // The cap built-in function returns the capacity of v, according to its type:
 //
-//	Array: the number of elements in v (same as len(v)).
-//	Pointer to array: the number of elements in *v (same as len(v)).
-//	Slice: the maximum length the slice can reach when resliced;
-//	if v is nil, cap(v) is zero.
-//	Channel: the channel buffer capacity, in units of elements;
-//	if v is nil, cap(v) is zero.
+//   - Array: the number of elements in v (same as len(v)).
+//   - Pointer to array: the number of elements in *v (same as len(v)).
+//   - Slice: the maximum length the slice can reach when resliced;
+//     if v is nil, cap(v) is zero.
+//   - Channel: the channel buffer capacity, in units of elements;
+//     if v is nil, cap(v) is zero.
 //
 // For some arguments, such as a simple array expression, the result can be a
 // constant. See the Go language specification's "Length and capacity" section for
@@ -194,18 +194,18 @@ func cap(v Type) int
 // argument, not a pointer to it. The specification of the result depends on
 // the type:
 //
-//	Slice: The size specifies the length. The capacity of the slice is
-//	equal to its length. A second integer argument may be provided to
-//	specify a different capacity; it must be no smaller than the
-//	length. For example, make([]int, 0, 10) allocates an underlying array
-//	of size 10 and returns a slice of length 0 and capacity 10 that is
-//	backed by this underlying array.
-//	Map: An empty map is allocated with enough space to hold the
-//	specified number of elements. The size may be omitted, in which case
-//	a small starting size is allocated.
-//	Channel: The channel's buffer is initialized with the specified
-//	buffer capacity. If zero, or the size is omitted, the channel is
-//	unbuffered.
+//   - Slice: The size specifies the length. The capacity of the slice is
+//     equal to its length. A second integer argument may be provided to
+//     specify a different capacity; it must be no smaller than the
+//     length. For example, make([]int, 0, 10) allocates an underlying array
+//     of size 10 and returns a slice of length 0 and capacity 10 that is
+//     backed by this underlying array.
+//   - Map: An empty map is allocated with enough space to hold the
+//     specified number of elements. The size may be omitted, in which case
+//     a small starting size is allocated.
+//   - Channel: The channel's buffer is initialized with the specified
+//     buffer capacity. If zero, or the size is omitted, the channel is
+//     unbuffered.
 func make(t Type, size ...IntegerType) Type
 
 // The max built-in function returns the largest value of a fixed number of
@@ -247,7 +247,7 @@ func imag(c ComplexType) FloatType
 // to the zero value of the respective element type. If the argument
 // type is a type parameter, the type parameter's type set must
 // contain only map or slice types, and clear performs the operation
-// implied by the type argument.
+// implied by the type argument. If t is nil, clear is a no-op.
 func clear[T ~[]Type | ~map[Type]Type1](t T)
 
 // The close built-in function closes a channel, which must be either

src/bytes/iter.go

@@ -67,26 +67,26 @@ func splitSeq(s, sep []byte, sepSave int) iter.Seq[[]byte] {
 	}
 }
 
-// SplitSeq returns an iterator over all substrings of s separated by sep.
-// The iterator yields the same strings that would be returned by Split(s, sep),
-// but without constructing the slice.
+// SplitSeq returns an iterator over all subslices of s separated by sep.
+// The iterator yields the same subslices that would be returned by [Split](s, sep),
+// but without constructing a new slice containing the subslices.
 // It returns a single-use iterator.
 func SplitSeq(s, sep []byte) iter.Seq[[]byte] {
 	return splitSeq(s, sep, 0)
 }
 
-// SplitAfterSeq returns an iterator over substrings of s split after each instance of sep.
-// The iterator yields the same strings that would be returned by SplitAfter(s, sep),
-// but without constructing the slice.
+// SplitAfterSeq returns an iterator over subslices of s split after each instance of sep.
+// The iterator yields the same subslices that would be returned by [SplitAfter](s, sep),
+// but without constructing a new slice containing the subslices.
 // It returns a single-use iterator.
 func SplitAfterSeq(s, sep []byte) iter.Seq[[]byte] {
 	return splitSeq(s, sep, len(sep))
 }
 
-// FieldsSeq returns an iterator over substrings of s split around runs of
-// whitespace characters, as defined by unicode.IsSpace.
-// The iterator yields the same strings that would be returned by Fields(s),
-// but without constructing the slice.
+// FieldsSeq returns an iterator over subslices of s split around runs of
+// whitespace characters, as defined by [unicode.IsSpace].
+// The iterator yields the same subslices that would be returned by [Fields](s),
+// but without constructing a new slice containing the subslices.
 func FieldsSeq(s []byte) iter.Seq[[]byte] {
 	return func(yield func([]byte) bool) {
 		start := -1
@@ -116,10 +116,10 @@ func FieldsSeq(s []byte) iter.Seq[[]byte] {
 	}
 }
 
-// FieldsFuncSeq returns an iterator over substrings of s split around runs of
+// FieldsFuncSeq returns an iterator over subslices of s split around runs of
 // Unicode code points satisfying f(c).
-// The iterator yields the same strings that would be returned by FieldsFunc(s),
-// but without constructing the slice.
+// The iterator yields the same subslices that would be returned by [FieldsFunc](s),
+// but without constructing a new slice containing the subslices.
 func FieldsFuncSeq(s []byte, f func(rune) bool) iter.Seq[[]byte] {
 	return func(yield func([]byte) bool) {
 		start := -1

src/cmd/api/api_test.go

@@ -57,7 +57,10 @@ func TestGolden(t *testing.T) {
 		// TODO(gri) remove extra pkg directory eventually
 		goldenFile := filepath.Join("testdata", "src", "pkg", fi.Name(), "golden.txt")
 		w := NewWalker(nil, "testdata/src/pkg")
-		pkg, _ := w.import_(fi.Name())
+		pkg, err := w.import_(fi.Name())
+		if err != nil {
+			t.Fatalf("import %s: %v", fi.Name(), err)
+		}
 		w.export(pkg)
 
 		if *updateGolden {
@@ -201,7 +204,13 @@ func BenchmarkAll(b *testing.B) {
 		for _, context := range contexts {
 			w := NewWalker(context, filepath.Join(testenv.GOROOT(b), "src"))
 			for _, name := range w.stdPackages {
-				pkg, _ := w.import_(name)
+				pkg, err := w.import_(name)
+				if _, nogo := err.(*build.NoGoError); nogo {
+					continue
+				}
+				if err != nil {
+					b.Fatalf("import %s (%s-%s): %v", name, context.GOOS, context.GOARCH, err)
+				}
 				w.export(pkg)
 			}
 			w.Features()
@@ -239,8 +248,7 @@ func TestIssue21181(t *testing.T) {
 		w := NewWalker(context, "testdata/src/issue21181")
 		pkg, err := w.import_("p")
 		if err != nil {
-			t.Fatalf("%s: (%s-%s) %s %v", err, context.GOOS, context.GOARCH,
-				pkg.Name(), w.imported)
+			t.Fatalf("import %s (%s-%s): %v", "p", context.GOOS, context.GOARCH, err)
 		}
 		w.export(pkg)
 	}

src/cmd/cgo/doc.go

@@ -796,7 +796,7 @@ Instead, the build process generates an object file using dynamic
 linkage to the desired libraries. The main function is provided by
 _cgo_main.c:
 
-	int main() { return 0; }
+	int main(int argc, char **argv) { return 0; }
 	void crosscall2(void(*fn)(void*), void *a, int c, uintptr_t ctxt) { }
 	uintptr_t _cgo_wait_runtime_init_done(void) { return 0; }
 	void _cgo_release_context(uintptr_t ctxt) { }

src/cmd/cgo/internal/test/issue42018_windows.go

@@ -27,6 +27,7 @@ func test42018(t *testing.T) {
 	recurseHWND(400, hwnd, uintptr(unsafe.Pointer(&i)))
 }
 
+//go:noinline
 func recurseHANDLE(n int, p C.HANDLE, v uintptr) {
 	if n > 0 {
 		recurseHANDLE(n-1, p, v)
@@ -36,6 +37,7 @@ func recurseHANDLE(n int, p C.HANDLE, v uintptr) {
 	}
 }
 
+//go:noinline
 func recurseHWND(n int, p C.HWND, v uintptr) {
 	if n > 0 {
 		recurseHWND(n-1, p, v)

src/cmd/cgo/internal/testsanitizers/asan_test.go

@@ -42,6 +42,8 @@ func TestASAN(t *testing.T) {
 		{src: "asan_global3_fail.go", memoryAccessError: "global-buffer-overflow", errorLocation: "asan_global3_fail.go:13"},
 		{src: "asan_global4_fail.go", memoryAccessError: "global-buffer-overflow", errorLocation: "asan_global4_fail.go:21"},
 		{src: "asan_global5.go"},
+		{src: "asan_global_asm"},
+		{src: "asan_global_asm2_fail", memoryAccessError: "global-buffer-overflow", errorLocation: "main.go:17"},
 		{src: "arena_fail.go", memoryAccessError: "use-after-poison", errorLocation: "arena_fail.go:26", experiments: []string{"arenas"}},
 	}
 	for _, tc := range cases {

src/cmd/cgo/internal/testsanitizers/cc_test.go

@@ -536,7 +536,7 @@ func (c *config) checkRuntime() (skip bool, err error) {
 
 // srcPath returns the path to the given file relative to this test's source tree.
 func srcPath(path string) string {
-	return filepath.Join("testdata", path)
+	return "./testdata/" + path
 }
 
 // A tempDir manages a temporary directory within a test.

src/cmd/cgo/internal/testsanitizers/testdata/asan_global_asm/asm.s

@@ -0,0 +1,8 @@
+// Copyright 2025 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+#include "textflag.h"
+
+DATA	·x(SB)/8, $123
+GLOBL	·x(SB), NOPTR, $8

src/cmd/cgo/internal/testsanitizers/testdata/asan_global_asm/main.go

@@ -0,0 +1,11 @@
+// Copyright 2025 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package main
+
+var x uint64
+
+func main() {
+	println(x)
+}

src/cmd/cgo/internal/testsanitizers/testdata/asan_global_asm2_fail/asm.s

@@ -0,0 +1,8 @@
+// Copyright 2025 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+#include "textflag.h"
+
+DATA	·x(SB)/8, $123
+GLOBL	·x(SB), NOPTR, $8

src/cmd/cgo/internal/testsanitizers/testdata/asan_global_asm2_fail/main.go

@@ -0,0 +1,20 @@
+// Copyright 2025 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package main
+
+import "unsafe"
+
+var x uint64
+
+func main() {
+	bar(&x)
+}
+
+func bar(a *uint64) {
+	p := (*uint64)(unsafe.Add(unsafe.Pointer(a), 1*unsafe.Sizeof(uint64(1))))
+	if *p == 10 { // BOOM
+		println("its value is 10")
+	}
+}

src/cmd/cgo/out.go

@@ -59,7 +59,7 @@ func (p *Package) writeDefs() {
 
 	// Write C main file for using gcc to resolve imports.
 	fmt.Fprintf(fm, "#include <stddef.h>\n") // For size_t below.
-	fmt.Fprintf(fm, "int main() { return 0; }\n")
+	fmt.Fprintf(fm, "int main(int argc __attribute__((unused)), char **argv __attribute__((unused))) { return 0; }\n")
 	if *importRuntimeCgo {
 		fmt.Fprintf(fm, "void crosscall2(void(*fn)(void*) __attribute__((unused)), void *a __attribute__((unused)), int c __attribute__((unused)), size_t ctxt __attribute__((unused))) { }\n")
 		fmt.Fprintf(fm, "size_t _cgo_wait_runtime_init_done(void) { return 0; }\n")

src/cmd/compile/doc.go

@@ -15,7 +15,7 @@ the package and about types used by symbols imported by the package from
 other packages. It is therefore not necessary when compiling client C of
 package P to read the files of P's dependencies, only the compiled output of P.
 
-Command Line
+# Command Line
 
 Usage:
 
@@ -150,14 +150,21 @@ Flags to debug the compiler itself:
 	-w
 		Debug type checking.
 
-Compiler Directives
+# Compiler Directives
 
 The compiler accepts directives in the form of comments.
-To distinguish them from non-directive comments, directives
-require no space between the comment opening and the name of the directive. However, since
-they are comments, tools unaware of the directive convention or of a particular
+Each directive must be placed its own line, with only leading spaces and tabs
+allowed before the comment, and there must be no space between the comment
+opening and the name of the directive, to distinguish it from a regular comment.
+Tools unaware of the directive convention or of a particular
 directive can skip over a directive like any other comment.
+
+Other than the line directive, which is a historical special case;
+all other compiler directives are of the form
+//go:name, indicating that they are defined by the Go toolchain.
 */
+// # Line Directives
+//
 // Line directives come in several forms:
 //
 // 	//line :line
@@ -197,12 +204,9 @@ directive can skip over a directive like any other comment.
 // Line directives typically appear in machine-generated code, so that compilers and debuggers
 // will report positions in the original input to the generator.
 /*
-The line directive is a historical special case; all other directives are of the form
-//go:name, indicating that they are defined by the Go toolchain.
-Each directive must be placed its own line, with only leading spaces and tabs
-allowed before the comment.
-Each directive applies to the Go code that immediately follows it,
-which typically must be a declaration.
+# Function Directives
+
+A function directive applies to the Go function that immediately follows it.
 
 	//go:noescape
 
@@ -245,6 +249,8 @@ It specifies that the function must omit its usual stack overflow check.
 This is most commonly used by low-level runtime code invoked
 at times when it is unsafe for the calling goroutine to be preempted.
 
+# Linkname Directive
+
 	//go:linkname localname [importpath.name]
 
 The //go:linkname directive conventionally precedes the var or func
@@ -295,17 +301,34 @@ The declaration of lower.f may also have a linkname directive with a
 single argument, f. This is optional, but helps alert the reader that
 the function is accessed from outside the package.
 
+# WebAssembly Directives
+
 	//go:wasmimport importmodule importname
 
 The //go:wasmimport directive is wasm-only and must be followed by a
-function declaration.
+function declaration with no body.
 It specifies that the function is provided by a wasm module identified
-by ``importmodule`` and ``importname``.
+by ``importmodule'' and ``importname''. For example,
 
 	//go:wasmimport a_module f
 	func g()
 
-The types of parameters and return values to the Go function are translated to
+causes g to refer to the WebAssembly function f from module a_module.
+
+	//go:wasmexport exportname
+
+The //go:wasmexport directive is wasm-only and must be followed by a
+function definition.
+It specifies that the function is exported to the wasm host as ``exportname''.
+For example,
+
+	//go:wasmexport h
+	func hWasm() { ... }
+
+make Go function hWasm available outside this WebAssembly module as h.
+
+For both go:wasmimport and go:wasmexport,
+the types of parameters and return values to the Go function are translated to
 Wasm according to the following table:
 
     Go types        Wasm types
@@ -318,24 +341,12 @@ Wasm according to the following table:
     pointer         i32 (more restrictions below)
     string          (i32, i32) (only permitted as a parameters, not a result)
 
+Any other parameter types are disallowed by the compiler.
+
 For a pointer type, its element type must be a bool, int8, uint8, int16, uint16,
 int32, uint32, int64, uint64, float32, float64, an array whose element type is
 a permitted pointer element type, or a struct, which, if non-empty, embeds
-structs.HostLayout, and contains only fields whose types are permitted pointer
+[structs.HostLayout], and contains only fields whose types are permitted pointer
 element types.
-
-Any other parameter types are disallowed by the compiler.
-
-	//go:wasmexport exportname
-
-The //go:wasmexport directive is wasm-only and must be followed by a
-function definition.
-It specifies that the function is exported to the wasm host as ``exportname``.
-
-	//go:wasmexport f
-	func g()
-
-The types of parameters and return values to the Go function are permitted and
-translated to Wasm in the same way as //go:wasmimport functions.
 */
 package main

src/cmd/compile/internal/inline/inl.go

@@ -42,6 +42,7 @@ import (
 	"cmd/compile/internal/types"
 	"cmd/internal/obj"
 	"cmd/internal/pgo"
+	"cmd/internal/src"
 )
 
 // Inlining budget parameters, gathered in one place
@@ -169,19 +170,8 @@ func CanInlineFuncs(funcs []*ir.Func, profile *pgoir.Profile) {
 	}
 
 	ir.VisitFuncsBottomUp(funcs, func(funcs []*ir.Func, recursive bool) {
-		numfns := numNonClosures(funcs)
-
 		for _, fn := range funcs {
-			if !recursive || numfns > 1 {
-				// We allow inlining if there is no
-				// recursion, or the recursion cycle is
-				// across more than one function.
-				CanInline(fn, profile)
-			} else {
-				if base.Flag.LowerM > 1 && fn.OClosure == nil {
-					fmt.Printf("%v: cannot inline %v: recursive\n", ir.Line(fn), fn.Nname)
-				}
-			}
+			CanInline(fn, profile)
 			if inlheur.Enabled() {
 				analyzeFuncProps(fn, profile)
 			}
@@ -974,6 +964,16 @@ func inlineCostOK(n *ir.CallExpr, caller, callee *ir.Func, bigCaller, closureCal
 	return true, 0, metric, hot
 }
 
+// parsePos returns all the inlining positions and the innermost position.
+func parsePos(pos src.XPos, posTmp []src.Pos) ([]src.Pos, src.Pos) {
+	ctxt := base.Ctxt
+	ctxt.AllPos(pos, func(p src.Pos) {
+		posTmp = append(posTmp, p)
+	})
+	l := len(posTmp) - 1
+	return posTmp[:l], posTmp[l]
+}
+
 // canInlineCallExpr returns true if the call n from caller to callee
 // can be inlined, plus the score computed for the call expr in question,
 // and whether the callee is hot according to PGO.
@@ -1001,12 +1001,15 @@ func canInlineCallExpr(callerfn *ir.Func, n *ir.CallExpr, callee *ir.Func, bigCa
 		return false, 0, false
 	}
 
-	if callee == callerfn {
-		// Can't recursively inline a function into itself.
-		if log && logopt.Enabled() {
-			logopt.LogOpt(n.Pos(), "cannotInlineCall", "inline", fmt.Sprintf("recursive call to %s", ir.FuncName(callerfn)))
+	callees, calleeInner := parsePos(n.Pos(), make([]src.Pos, 0, 10))
+
+	for _, p := range callees {
+		if p.Line() == calleeInner.Line() && p.Col() == calleeInner.Col() && p.AbsFilename() == calleeInner.AbsFilename() {
+			if log && logopt.Enabled() {
+				logopt.LogOpt(n.Pos(), "cannotInlineCall", "inline", fmt.Sprintf("recursive call to %s", ir.FuncName(callerfn)))
+			}
+			return false, 0, false
 		}
-		return false, 0, false
 	}
 
 	if base.Flag.Cfg.Instrumenting && types.IsNoInstrumentPkg(callee.Sym().Pkg) {

src/cmd/compile/internal/inline/interleaved/interleaved.go

@@ -253,7 +253,7 @@ func (s *inlClosureState) mark(n ir.Node) ir.Node {
 
 	if isTestingBLoop(n) {
 		// No inlining nor devirtualization performed on b.Loop body
-		if base.Flag.LowerM > 1 {
+		if base.Flag.LowerM > 0 {
 			fmt.Printf("%v: skip inlining within testing.B.loop for %v\n", ir.Line(n), n)
 		}
 		// We still want to explore inlining opportunities in other parts of ForStmt.

src/cmd/compile/internal/ssa/_gen/AMD64Ops.go

@@ -886,8 +886,8 @@ func init() {
 				inputs:   []regMask{buildReg("DI")},
 				clobbers: buildReg("DI"),
 			},
-			faultOnNilArg0: true,
-			unsafePoint:    true, // FP maintenance around DUFFCOPY can be clobbered by interrupts
+			//faultOnNilArg0: true, // Note: removed for 73748. TODO: reenable at some point
+			unsafePoint: true, // FP maintenance around DUFFCOPY can be clobbered by interrupts
 		},
 
 		// arg0 = address of memory to zero
@@ -924,10 +924,10 @@ func init() {
 				inputs:   []regMask{buildReg("DI"), buildReg("SI")},
 				clobbers: buildReg("DI SI X0"), // uses X0 as a temporary
 			},
-			clobberFlags:   true,
-			faultOnNilArg0: true,
-			faultOnNilArg1: true,
-			unsafePoint:    true, // FP maintenance around DUFFCOPY can be clobbered by interrupts
+			clobberFlags: true,
+			//faultOnNilArg0: true, // Note: removed for 73748. TODO: reenable at some point
+			//faultOnNilArg1: true,
+			unsafePoint: true, // FP maintenance around DUFFCOPY can be clobbered by interrupts
 		},
 
 		// arg0 = destination pointer

src/cmd/compile/internal/ssa/_gen/ARM64.rules

@@ -1148,10 +1148,12 @@
 (SUB a l:(MNEGW x y)) && v.Type.Size() <= 4 && l.Uses==1 && clobber(l) => (MADDW a x y)
 
 // madd/msub can't take constant arguments, so do a bit of reordering if a non-constant is available.
-(ADD a p:(ADDconst [c] m:((MUL|MULW|MNEG|MNEGW) _ _))) && p.Uses==1 && m.Uses==1 => (ADDconst [c] (ADD <v.Type> a m))
-(ADD a p:(SUBconst [c] m:((MUL|MULW|MNEG|MNEGW) _ _))) && p.Uses==1 && m.Uses==1 => (SUBconst [c] (ADD <v.Type> a m))
-(SUB a p:(ADDconst [c] m:((MUL|MULW|MNEG|MNEGW) _ _))) && p.Uses==1 && m.Uses==1 => (SUBconst [c] (SUB <v.Type> a m))
-(SUB a p:(SUBconst [c] m:((MUL|MULW|MNEG|MNEGW) _ _))) && p.Uses==1 && m.Uses==1 => (ADDconst [c] (SUB <v.Type> a m))
+// Note: don't reorder arithmetic concerning pointers, as we must ensure that
+// no intermediate computations are invalid pointers.
+(ADD <t> a p:(ADDconst [c] m:((MUL|MULW|MNEG|MNEGW) _ _))) && p.Uses==1 && m.Uses==1 && !t.IsPtrShaped() => (ADDconst [c] (ADD <v.Type> a m))
+(ADD <t> a p:(SUBconst [c] m:((MUL|MULW|MNEG|MNEGW) _ _))) && p.Uses==1 && m.Uses==1 && !t.IsPtrShaped() => (SUBconst [c] (ADD <v.Type> a m))
+(SUB <t> a p:(ADDconst [c] m:((MUL|MULW|MNEG|MNEGW) _ _))) && p.Uses==1 && m.Uses==1 && !t.IsPtrShaped() => (SUBconst [c] (SUB <v.Type> a m))
+(SUB <t> a p:(SUBconst [c] m:((MUL|MULW|MNEG|MNEGW) _ _))) && p.Uses==1 && m.Uses==1 && !t.IsPtrShaped() => (ADDconst [c] (SUB <v.Type> a m))
 
 // optimize ADCSflags, SBCSflags and friends
 (ADCSflags x y (Select1 <types.TypeFlags> (ADDSconstflags [-1] (ADCzerocarry <typ.UInt64> c)))) => (ADCSflags x y c)

src/cmd/compile/internal/ssa/_gen/ARM64Ops.go

@@ -536,8 +536,8 @@ func init() {
 				inputs:   []regMask{buildReg("R20")},
 				clobbers: buildReg("R16 R17 R20 R30"),
 			},
-			faultOnNilArg0: true,
-			unsafePoint:    true, // FP maintenance around DUFFZERO can be clobbered by interrupts
+			//faultOnNilArg0: true, // Note: removed for 73748. TODO: reenable at some point
+			unsafePoint: true, // FP maintenance around DUFFZERO can be clobbered by interrupts
 		},
 
 		// large zeroing
@@ -577,9 +577,9 @@ func init() {
 				inputs:   []regMask{buildReg("R21"), buildReg("R20")},
 				clobbers: buildReg("R16 R17 R20 R21 R26 R30"),
 			},
-			faultOnNilArg0: true,
-			faultOnNilArg1: true,
-			unsafePoint:    true, // FP maintenance around DUFFCOPY can be clobbered by interrupts
+			//faultOnNilArg0: true, // Note: removed for 73748. TODO: reenable at some point
+			//faultOnNilArg1: true,
+			unsafePoint: true, // FP maintenance around DUFFCOPY can be clobbered by interrupts
 		},
 
 		// large move

src/cmd/compile/internal/ssa/_gen/rulegen.go

@@ -5,7 +5,8 @@
 // This program generates Go code that applies rewrite rules to a Value.
 // The generated code implements a function of type func (v *Value) bool
 // which reports whether if did something.
-// Ideas stolen from Swift: http://www.hpl.hp.com/techreports/Compaq-DEC/WRL-2000-2.html
+// Ideas stolen from the Swift Java compiler:
+// https://bitsavers.org/pdf/dec/tech_reports/WRL-2000-2.pdf
 
 package main
 

src/cmd/compile/internal/ssa/func.go

@@ -41,11 +41,12 @@ type Func struct {
 	ABISelf        *abi.ABIConfig // ABI for function being compiled
 	ABIDefault     *abi.ABIConfig // ABI for rtcall and other no-parsed-signature/pragma functions.
 
-	scheduled   bool  // Values in Blocks are in final order
-	laidout     bool  // Blocks are ordered
-	NoSplit     bool  // true if function is marked as nosplit.  Used by schedule check pass.
-	dumpFileSeq uint8 // the sequence numbers of dump file. (%s_%02d__%s.dump", funcname, dumpFileSeq, phaseName)
-	IsPgoHot    bool
+	scheduled         bool  // Values in Blocks are in final order
+	laidout           bool  // Blocks are ordered
+	NoSplit           bool  // true if function is marked as nosplit.  Used by schedule check pass.
+	dumpFileSeq       uint8 // the sequence numbers of dump file. (%s_%02d__%s.dump", funcname, dumpFileSeq, phaseName)
+	IsPgoHot          bool
+	HasDeferRangeFunc bool // if true, needs a deferreturn so deferrangefunc can use it for recover() return PC
 
 	// when register allocation is done, maps value ids to locations
 	RegAlloc []Location

src/cmd/compile/internal/ssa/opGen.go

@@ -13777,11 +13777,10 @@ var opcodeTable = [...]opInfo{
 		},
 	},
 	{
-		name:           "DUFFZERO",
-		auxType:        auxInt64,
-		argLen:         2,
-		faultOnNilArg0: true,
-		unsafePoint:    true,
+		name:        "DUFFZERO",
+		auxType:     auxInt64,
+		argLen:      2,
+		unsafePoint: true,
 		reg: regInfo{
 			inputs: []inputInfo{
 				{0, 128}, // DI
@@ -13851,13 +13850,11 @@ var opcodeTable = [...]opInfo{
 		},
 	},
 	{
-		name:           "DUFFCOPY",
-		auxType:        auxInt64,
-		argLen:         3,
-		clobberFlags:   true,
-		faultOnNilArg0: true,
-		faultOnNilArg1: true,
-		unsafePoint:    true,
+		name:         "DUFFCOPY",
+		auxType:      auxInt64,
+		argLen:       3,
+		clobberFlags: true,
+		unsafePoint:  true,
 		reg: regInfo{
 			inputs: []inputInfo{
 				{0, 128}, // DI
@@ -22970,11 +22967,10 @@ var opcodeTable = [...]opInfo{
 		},
 	},
 	{
-		name:           "DUFFZERO",
-		auxType:        auxInt64,
-		argLen:         2,
-		faultOnNilArg0: true,
-		unsafePoint:    true,
+		name:        "DUFFZERO",
+		auxType:     auxInt64,
+		argLen:      2,
+		unsafePoint: true,
 		reg: regInfo{
 			inputs: []inputInfo{
 				{0, 1048576}, // R20
@@ -22996,12 +22992,10 @@ var opcodeTable = [...]opInfo{
 		},
 	},
 	{
-		name:           "DUFFCOPY",
-		auxType:        auxInt64,
-		argLen:         3,
-		faultOnNilArg0: true,
-		faultOnNilArg1: true,
-		unsafePoint:    true,
+		name:        "DUFFCOPY",
+		auxType:     auxInt64,
+		argLen:      3,
+		unsafePoint: true,
 		reg: regInfo{
 			inputs: []inputInfo{
 				{0, 2097152}, // R21

src/cmd/compile/internal/ssa/prove.go

@@ -552,8 +552,9 @@ func (ft *factsTable) newLimit(v *Value, newLim limit) bool {
 	}
 
 	if lim.unsat() {
+		r := !ft.unsat
 		ft.unsat = true
-		return true
+		return r
 	}
 
 	// Check for recursion. This normally happens because in unsatisfiable

src/cmd/compile/internal/ssa/regalloc.go

@@ -1670,6 +1670,7 @@ func (s *regAllocState) regalloc(f *Func) {
 				}
 				tmpReg = s.allocReg(m, &tmpVal)
 				s.nospill |= regMask(1) << tmpReg
+				s.tmpused |= regMask(1) << tmpReg
 			}
 
 			// Now that all args are in regs, we're ready to issue the value itself.

src/cmd/compile/internal/ssa/rewrite.go

@@ -1470,6 +1470,11 @@ func GetPPC64Shiftme(auxint int64) int64 {
 // operation.  Masks can also extend from the msb and wrap to
 // the lsb too.  That is, the valid masks are 32 bit strings
 // of the form: 0..01..10..0 or 1..10..01..1 or 1...1
+//
+// Note: This ignores the upper 32 bits of the input. When a
+// zero extended result is desired (e.g a 64 bit result), the
+// user must verify the upper 32 bits are 0 and the mask is
+// contiguous (that is, non-wrapping).
 func isPPC64WordRotateMask(v64 int64) bool {
 	// Isolate rightmost 1 (if none 0) and add.
 	v := uint32(v64)
@@ -1480,6 +1485,16 @@ func isPPC64WordRotateMask(v64 int64) bool {
 	return (v&vp == 0 || vn&vpn == 0) && v != 0
 }
 
+// Test if this mask is a valid, contiguous bitmask which can be
+// represented by a RLWNM mask and also clears the upper 32 bits
+// of the register.
+func isPPC64WordRotateMaskNonWrapping(v64 int64) bool {
+	// Isolate rightmost 1 (if none 0) and add.
+	v := uint32(v64)
+	vp := (v & -v) + v
+	return (v&vp == 0) && v != 0 && uint64(uint32(v64)) == uint64(v64)
+}
+
 // Compress mask and shift into single value of the form
 // me | mb<<8 | rotate<<16 | nbits<<24 where me and mb can
 // be used to regenerate the input mask.
@@ -1589,7 +1604,7 @@ func mergePPC64AndSrdi(m, s int64) int64 {
 	if rv&uint64(mask) != 0 {
 		return 0
 	}
-	if !isPPC64WordRotateMask(mask) {
+	if !isPPC64WordRotateMaskNonWrapping(mask) {
 		return 0
 	}
 	return encodePPC64RotateMask((32-s)&31, mask, 32)
@@ -1604,7 +1619,7 @@ func mergePPC64AndSldi(m, s int64) int64 {
 	if rv&uint64(mask) != 0 {
 		return 0
 	}
-	if !isPPC64WordRotateMask(mask) {
+	if !isPPC64WordRotateMaskNonWrapping(mask) {
 		return 0
 	}
 	return encodePPC64RotateMask(s&31, mask, 32)

src/cmd/compile/internal/ssa/rewriteARM64.go

@@ -1331,10 +1331,11 @@ func rewriteValueARM64_OpARM64ADD(v *Value) bool {
 		}
 		break
 	}
-	// match: (ADD a p:(ADDconst [c] m:(MUL _ _)))
-	// cond: p.Uses==1 && m.Uses==1
+	// match: (ADD <t> a p:(ADDconst [c] m:(MUL _ _)))
+	// cond: p.Uses==1 && m.Uses==1 && !t.IsPtrShaped()
 	// result: (ADDconst [c] (ADD <v.Type> a m))
 	for {
+		t := v.Type
 		for _i0 := 0; _i0 <= 1; _i0, v_0, v_1 = _i0+1, v_1, v_0 {
 			a := v_0
 			p := v_1
@@ -1343,7 +1344,7 @@ func rewriteValueARM64_OpARM64ADD(v *Value) bool {
 			}
 			c := auxIntToInt64(p.AuxInt)
 			m := p.Args[0]
-			if m.Op != OpARM64MUL || !(p.Uses == 1 && m.Uses == 1) {
+			if m.Op != OpARM64MUL || !(p.Uses == 1 && m.Uses == 1 && !t.IsPtrShaped()) {
 				continue
 			}
 			v.reset(OpARM64ADDconst)
@@ -1355,10 +1356,11 @@ func rewriteValueARM64_OpARM64ADD(v *Value) bool {
 		}
 		break
 	}
-	// match: (ADD a p:(ADDconst [c] m:(MULW _ _)))
-	// cond: p.Uses==1 && m.Uses==1
+	// match: (ADD <t> a p:(ADDconst [c] m:(MULW _ _)))
+	// cond: p.Uses==1 && m.Uses==1 && !t.IsPtrShaped()
 	// result: (ADDconst [c] (ADD <v.Type> a m))
 	for {
+		t := v.Type
 		for _i0 := 0; _i0 <= 1; _i0, v_0, v_1 = _i0+1, v_1, v_0 {
 			a := v_0
 			p := v_1
@@ -1367,7 +1369,7 @@ func rewriteValueARM64_OpARM64ADD(v *Value) bool {
 			}
 			c := auxIntToInt64(p.AuxInt)
 			m := p.Args[0]
-			if m.Op != OpARM64MULW || !(p.Uses == 1 && m.Uses == 1) {
+			if m.Op != OpARM64MULW || !(p.Uses == 1 && m.Uses == 1 && !t.IsPtrShaped()) {
 				continue
 			}
 			v.reset(OpARM64ADDconst)
@@ -1379,10 +1381,11 @@ func rewriteValueARM64_OpARM64ADD(v *Value) bool {
 		}
 		break
 	}
-	// match: (ADD a p:(ADDconst [c] m:(MNEG _ _)))
-	// cond: p.Uses==1 && m.Uses==1
+	// match: (ADD <t> a p:(ADDconst [c] m:(MNEG _ _)))
+	// cond: p.Uses==1 && m.Uses==1 && !t.IsPtrShaped()
 	// result: (ADDconst [c] (ADD <v.Type> a m))
 	for {
+		t := v.Type
 		for _i0 := 0; _i0 <= 1; _i0, v_0, v_1 = _i0+1, v_1, v_0 {
 			a := v_0
 			p := v_1
@@ -1391,7 +1394,7 @@ func rewriteValueARM64_OpARM64ADD(v *Value) bool {
 			}
 			c := auxIntToInt64(p.AuxInt)
 			m := p.Args[0]
-			if m.Op != OpARM64MNEG || !(p.Uses == 1 && m.Uses == 1) {
+			if m.Op != OpARM64MNEG || !(p.Uses == 1 && m.Uses == 1 && !t.IsPtrShaped()) {
 				continue
 			}
 			v.reset(OpARM64ADDconst)
@@ -1403,10 +1406,11 @@ func rewriteValueARM64_OpARM64ADD(v *Value) bool {
 		}
 		break
 	}
-	// match: (ADD a p:(ADDconst [c] m:(MNEGW _ _)))
-	// cond: p.Uses==1 && m.Uses==1
+	// match: (ADD <t> a p:(ADDconst [c] m:(MNEGW _ _)))
+	// cond: p.Uses==1 && m.Uses==1 && !t.IsPtrShaped()
 	// result: (ADDconst [c] (ADD <v.Type> a m))
 	for {
+		t := v.Type
 		for _i0 := 0; _i0 <= 1; _i0, v_0, v_1 = _i0+1, v_1, v_0 {
 			a := v_0
 			p := v_1
@@ -1415,7 +1419,7 @@ func rewriteValueARM64_OpARM64ADD(v *Value) bool {
 			}
 			c := auxIntToInt64(p.AuxInt)
 			m := p.Args[0]
-			if m.Op != OpARM64MNEGW || !(p.Uses == 1 && m.Uses == 1) {
+			if m.Op != OpARM64MNEGW || !(p.Uses == 1 && m.Uses == 1 && !t.IsPtrShaped()) {
 				continue
 			}
 			v.reset(OpARM64ADDconst)
@@ -1427,10 +1431,11 @@ func rewriteValueARM64_OpARM64ADD(v *Value) bool {
 		}
 		break
 	}
-	// match: (ADD a p:(SUBconst [c] m:(MUL _ _)))
-	// cond: p.Uses==1 && m.Uses==1
+	// match: (ADD <t> a p:(SUBconst [c] m:(MUL _ _)))
+	// cond: p.Uses==1 && m.Uses==1 && !t.IsPtrShaped()
 	// result: (SUBconst [c] (ADD <v.Type> a m))
 	for {
+		t := v.Type
 		for _i0 := 0; _i0 <= 1; _i0, v_0, v_1 = _i0+1, v_1, v_0 {
 			a := v_0
 			p := v_1
@@ -1439,7 +1444,7 @@ func rewriteValueARM64_OpARM64ADD(v *Value) bool {
 			}
 			c := auxIntToInt64(p.AuxInt)
 			m := p.Args[0]
-			if m.Op != OpARM64MUL || !(p.Uses == 1 && m.Uses == 1) {
+			if m.Op != OpARM64MUL || !(p.Uses == 1 && m.Uses == 1 && !t.IsPtrShaped()) {
 				continue
 			}
 			v.reset(OpARM64SUBconst)
@@ -1451,10 +1456,11 @@ func rewriteValueARM64_OpARM64ADD(v *Value) bool {
 		}
 		break
 	}
-	// match: (ADD a p:(SUBconst [c] m:(MULW _ _)))
-	// cond: p.Uses==1 && m.Uses==1
+	// match: (ADD <t> a p:(SUBconst [c] m:(MULW _ _)))
+	// cond: p.Uses==1 && m.Uses==1 && !t.IsPtrShaped()
 	// result: (SUBconst [c] (ADD <v.Type> a m))
 	for {
+		t := v.Type
 		for _i0 := 0; _i0 <= 1; _i0, v_0, v_1 = _i0+1, v_1, v_0 {
 			a := v_0
 			p := v_1
@@ -1463,7 +1469,7 @@ func rewriteValueARM64_OpARM64ADD(v *Value) bool {
 			}
 			c := auxIntToInt64(p.AuxInt)
 			m := p.Args[0]
-			if m.Op != OpARM64MULW || !(p.Uses == 1 && m.Uses == 1) {
+			if m.Op != OpARM64MULW || !(p.Uses == 1 && m.Uses == 1 && !t.IsPtrShaped()) {
 				continue
 			}
 			v.reset(OpARM64SUBconst)
@@ -1475,10 +1481,11 @@ func rewriteValueARM64_OpARM64ADD(v *Value) bool {
 		}
 		break
 	}
-	// match: (ADD a p:(SUBconst [c] m:(MNEG _ _)))
-	// cond: p.Uses==1 && m.Uses==1
+	// match: (ADD <t> a p:(SUBconst [c] m:(MNEG _ _)))
+	// cond: p.Uses==1 && m.Uses==1 && !t.IsPtrShaped()
 	// result: (SUBconst [c] (ADD <v.Type> a m))
 	for {
+		t := v.Type
 		for _i0 := 0; _i0 <= 1; _i0, v_0, v_1 = _i0+1, v_1, v_0 {
 			a := v_0
 			p := v_1
@@ -1487,7 +1494,7 @@ func rewriteValueARM64_OpARM64ADD(v *Value) bool {
 			}
 			c := auxIntToInt64(p.AuxInt)
 			m := p.Args[0]
-			if m.Op != OpARM64MNEG || !(p.Uses == 1 && m.Uses == 1) {
+			if m.Op != OpARM64MNEG || !(p.Uses == 1 && m.Uses == 1 && !t.IsPtrShaped()) {
 				continue
 			}
 			v.reset(OpARM64SUBconst)
@@ -1499,10 +1506,11 @@ func rewriteValueARM64_OpARM64ADD(v *Value) bool {
 		}
 		break
 	}
-	// match: (ADD a p:(SUBconst [c] m:(MNEGW _ _)))
-	// cond: p.Uses==1 && m.Uses==1
+	// match: (ADD <t> a p:(SUBconst [c] m:(MNEGW _ _)))
+	// cond: p.Uses==1 && m.Uses==1 && !t.IsPtrShaped()
 	// result: (SUBconst [c] (ADD <v.Type> a m))
 	for {
+		t := v.Type
 		for _i0 := 0; _i0 <= 1; _i0, v_0, v_1 = _i0+1, v_1, v_0 {
 			a := v_0
 			p := v_1
@@ -1511,7 +1519,7 @@ func rewriteValueARM64_OpARM64ADD(v *Value) bool {
 			}
 			c := auxIntToInt64(p.AuxInt)
 			m := p.Args[0]
-			if m.Op != OpARM64MNEGW || !(p.Uses == 1 && m.Uses == 1) {
+			if m.Op != OpARM64MNEGW || !(p.Uses == 1 && m.Uses == 1 && !t.IsPtrShaped()) {
 				continue
 			}
 			v.reset(OpARM64SUBconst)
@@ -16604,10 +16612,11 @@ func rewriteValueARM64_OpARM64SUB(v *Value) bool {
 		v.AddArg3(a, x, y)
 		return true
 	}
-	// match: (SUB a p:(ADDconst [c] m:(MUL _ _)))
-	// cond: p.Uses==1 && m.Uses==1
+	// match: (SUB <t> a p:(ADDconst [c] m:(MUL _ _)))
+	// cond: p.Uses==1 && m.Uses==1 && !t.IsPtrShaped()
 	// result: (SUBconst [c] (SUB <v.Type> a m))
 	for {
+		t := v.Type
 		a := v_0
 		p := v_1
 		if p.Op != OpARM64ADDconst {
@@ -16615,7 +16624,7 @@ func rewriteValueARM64_OpARM64SUB(v *Value) bool {
 		}
 		c := auxIntToInt64(p.AuxInt)
 		m := p.Args[0]
-		if m.Op != OpARM64MUL || !(p.Uses == 1 && m.Uses == 1) {
+		if m.Op != OpARM64MUL || !(p.Uses == 1 && m.Uses == 1 && !t.IsPtrShaped()) {
 			break
 		}
 		v.reset(OpARM64SUBconst)
@@ -16625,10 +16634,11 @@ func rewriteValueARM64_OpARM64SUB(v *Value) bool {
 		v.AddArg(v0)
 		return true
 	}
-	// match: (SUB a p:(ADDconst [c] m:(MULW _ _)))
-	// cond: p.Uses==1 && m.Uses==1
+	// match: (SUB <t> a p:(ADDconst [c] m:(MULW _ _)))
+	// cond: p.Uses==1 && m.Uses==1 && !t.IsPtrShaped()
 	// result: (SUBconst [c] (SUB <v.Type> a m))
 	for {
+		t := v.Type
 		a := v_0
 		p := v_1
 		if p.Op != OpARM64ADDconst {
@@ -16636,7 +16646,7 @@ func rewriteValueARM64_OpARM64SUB(v *Value) bool {
 		}
 		c := auxIntToInt64(p.AuxInt)
 		m := p.Args[0]
-		if m.Op != OpARM64MULW || !(p.Uses == 1 && m.Uses == 1) {
+		if m.Op != OpARM64MULW || !(p.Uses == 1 && m.Uses == 1 && !t.IsPtrShaped()) {
 			break
 		}
 		v.reset(OpARM64SUBconst)
@@ -16646,10 +16656,11 @@ func rewriteValueARM64_OpARM64SUB(v *Value) bool {
 		v.AddArg(v0)
 		return true
 	}
-	// match: (SUB a p:(ADDconst [c] m:(MNEG _ _)))
-	// cond: p.Uses==1 && m.Uses==1
+	// match: (SUB <t> a p:(ADDconst [c] m:(MNEG _ _)))
+	// cond: p.Uses==1 && m.Uses==1 && !t.IsPtrShaped()
 	// result: (SUBconst [c] (SUB <v.Type> a m))
 	for {
+		t := v.Type
 		a := v_0
 		p := v_1
 		if p.Op != OpARM64ADDconst {
@@ -16657,7 +16668,7 @@ func rewriteValueARM64_OpARM64SUB(v *Value) bool {
 		}
 		c := auxIntToInt64(p.AuxInt)
 		m := p.Args[0]
-		if m.Op != OpARM64MNEG || !(p.Uses == 1 && m.Uses == 1) {
+		if m.Op != OpARM64MNEG || !(p.Uses == 1 && m.Uses == 1 && !t.IsPtrShaped()) {
 			break
 		}
 		v.reset(OpARM64SUBconst)
@@ -16667,10 +16678,11 @@ func rewriteValueARM64_OpARM64SUB(v *Value) bool {
 		v.AddArg(v0)
 		return true
 	}
-	// match: (SUB a p:(ADDconst [c] m:(MNEGW _ _)))
-	// cond: p.Uses==1 && m.Uses==1
+	// match: (SUB <t> a p:(ADDconst [c] m:(MNEGW _ _)))
+	// cond: p.Uses==1 && m.Uses==1 && !t.IsPtrShaped()
 	// result: (SUBconst [c] (SUB <v.Type> a m))
 	for {
+		t := v.Type
 		a := v_0
 		p := v_1
 		if p.Op != OpARM64ADDconst {
@@ -16678,7 +16690,7 @@ func rewriteValueARM64_OpARM64SUB(v *Value) bool {
 		}
 		c := auxIntToInt64(p.AuxInt)
 		m := p.Args[0]
-		if m.Op != OpARM64MNEGW || !(p.Uses == 1 && m.Uses == 1) {
+		if m.Op != OpARM64MNEGW || !(p.Uses == 1 && m.Uses == 1 && !t.IsPtrShaped()) {
 			break
 		}
 		v.reset(OpARM64SUBconst)
@@ -16688,10 +16700,11 @@ func rewriteValueARM64_OpARM64SUB(v *Value) bool {
 		v.AddArg(v0)
 		return true
 	}
-	// match: (SUB a p:(SUBconst [c] m:(MUL _ _)))
-	// cond: p.Uses==1 && m.Uses==1
+	// match: (SUB <t> a p:(SUBconst [c] m:(MUL _ _)))
+	// cond: p.Uses==1 && m.Uses==1 && !t.IsPtrShaped()
 	// result: (ADDconst [c] (SUB <v.Type> a m))
 	for {
+		t := v.Type
 		a := v_0
 		p := v_1
 		if p.Op != OpARM64SUBconst {
@@ -16699,7 +16712,7 @@ func rewriteValueARM64_OpARM64SUB(v *Value) bool {
 		}
 		c := auxIntToInt64(p.AuxInt)
 		m := p.Args[0]
-		if m.Op != OpARM64MUL || !(p.Uses == 1 && m.Uses == 1) {
+		if m.Op != OpARM64MUL || !(p.Uses == 1 && m.Uses == 1 && !t.IsPtrShaped()) {
 			break
 		}
 		v.reset(OpARM64ADDconst)
@@ -16709,10 +16722,11 @@ func rewriteValueARM64_OpARM64SUB(v *Value) bool {
 		v.AddArg(v0)
 		return true
 	}
-	// match: (SUB a p:(SUBconst [c] m:(MULW _ _)))
-	// cond: p.Uses==1 && m.Uses==1
+	// match: (SUB <t> a p:(SUBconst [c] m:(MULW _ _)))
+	// cond: p.Uses==1 && m.Uses==1 && !t.IsPtrShaped()
 	// result: (ADDconst [c] (SUB <v.Type> a m))
 	for {
+		t := v.Type
 		a := v_0
 		p := v_1
 		if p.Op != OpARM64SUBconst {
@@ -16720,7 +16734,7 @@ func rewriteValueARM64_OpARM64SUB(v *Value) bool {
 		}
 		c := auxIntToInt64(p.AuxInt)
 		m := p.Args[0]
-		if m.Op != OpARM64MULW || !(p.Uses == 1 && m.Uses == 1) {
+		if m.Op != OpARM64MULW || !(p.Uses == 1 && m.Uses == 1 && !t.IsPtrShaped()) {
 			break
 		}
 		v.reset(OpARM64ADDconst)
@@ -16730,10 +16744,11 @@ func rewriteValueARM64_OpARM64SUB(v *Value) bool {
 		v.AddArg(v0)
 		return true
 	}
-	// match: (SUB a p:(SUBconst [c] m:(MNEG _ _)))
-	// cond: p.Uses==1 && m.Uses==1
+	// match: (SUB <t> a p:(SUBconst [c] m:(MNEG _ _)))
+	// cond: p.Uses==1 && m.Uses==1 && !t.IsPtrShaped()
 	// result: (ADDconst [c] (SUB <v.Type> a m))
 	for {
+		t := v.Type
 		a := v_0
 		p := v_1
 		if p.Op != OpARM64SUBconst {
@@ -16741,7 +16756,7 @@ func rewriteValueARM64_OpARM64SUB(v *Value) bool {
 		}
 		c := auxIntToInt64(p.AuxInt)
 		m := p.Args[0]
-		if m.Op != OpARM64MNEG || !(p.Uses == 1 && m.Uses == 1) {
+		if m.Op != OpARM64MNEG || !(p.Uses == 1 && m.Uses == 1 && !t.IsPtrShaped()) {
 			break
 		}
 		v.reset(OpARM64ADDconst)
@@ -16751,10 +16766,11 @@ func rewriteValueARM64_OpARM64SUB(v *Value) bool {
 		v.AddArg(v0)
 		return true
 	}
-	// match: (SUB a p:(SUBconst [c] m:(MNEGW _ _)))
-	// cond: p.Uses==1 && m.Uses==1
+	// match: (SUB <t> a p:(SUBconst [c] m:(MNEGW _ _)))
+	// cond: p.Uses==1 && m.Uses==1 && !t.IsPtrShaped()
 	// result: (ADDconst [c] (SUB <v.Type> a m))
 	for {
+		t := v.Type
 		a := v_0
 		p := v_1
 		if p.Op != OpARM64SUBconst {
@@ -16762,7 +16778,7 @@ func rewriteValueARM64_OpARM64SUB(v *Value) bool {
 		}
 		c := auxIntToInt64(p.AuxInt)
 		m := p.Args[0]
-		if m.Op != OpARM64MNEGW || !(p.Uses == 1 && m.Uses == 1) {
+		if m.Op != OpARM64MNEGW || !(p.Uses == 1 && m.Uses == 1 && !t.IsPtrShaped()) {
 			break
 		}
 		v.reset(OpARM64ADDconst)

src/cmd/compile/internal/ssa/sccp.go

@@ -511,6 +511,10 @@ func (t *worklist) propagate(block *Block) {
 				branchIdx = 1 - condLattice.val.AuxInt
 			} else {
 				branchIdx = condLattice.val.AuxInt
+				if branchIdx < 0 || branchIdx >= int64(len(block.Succs)) {
+					// unreachable code, do nothing then
+					break
+				}
 			}
 			t.edges = append(t.edges, block.Succs[branchIdx])
 		} else {

src/cmd/compile/internal/ssa/tighten.go

@@ -118,18 +118,21 @@ func tighten(f *Func) {
 
 		// If the target location is inside a loop,
 		// move the target location up to just before the loop head.
-		for _, b := range f.Blocks {
-			origloop := loops.b2l[b.ID]
-			for _, v := range b.Values {
-				t := target[v.ID]
-				if t == nil {
-					continue
-				}
-				targetloop := loops.b2l[t.ID]
-				for targetloop != nil && (origloop == nil || targetloop.depth > origloop.depth) {
-					t = idom[targetloop.header.ID]
-					target[v.ID] = t
-					targetloop = loops.b2l[t.ID]
+		if !loops.hasIrreducible {
+			// Loop info might not be correct for irreducible loops. See issue 75569.
+			for _, b := range f.Blocks {
+				origloop := loops.b2l[b.ID]
+				for _, v := range b.Values {
+					t := target[v.ID]
+					if t == nil {
+						continue
+					}
+					targetloop := loops.b2l[t.ID]
+					for targetloop != nil && (origloop == nil || targetloop.depth > origloop.depth) {
+						t = idom[targetloop.header.ID]
+						target[v.ID] = t
+						targetloop = loops.b2l[t.ID]
+					}
 				}
 			}
 		}

src/cmd/compile/internal/ssa/writebarrier.go

@@ -252,6 +252,7 @@ func writebarrier(f *Func) {
 		var start, end int
 		var nonPtrStores int
 		values := b.Values
+		hasMove := false
 	FindSeq:
 		for i := len(values) - 1; i >= 0; i-- {
 			w := values[i]
@@ -263,6 +264,9 @@ func writebarrier(f *Func) {
 					end = i + 1
 				}
 				nonPtrStores = 0
+				if w.Op == OpMoveWB {
+					hasMove = true
+				}
 			case OpVarDef, OpVarLive:
 				continue
 			case OpStore:
@@ -273,6 +277,17 @@ func writebarrier(f *Func) {
 				if nonPtrStores > 2 {
 					break FindSeq
 				}
+				if hasMove {
+					// We need to ensure that this store happens
+					// before we issue a wbMove, as the wbMove might
+					// use the result of this store as its source.
+					// Even though this store is not write-barrier
+					// eligible, it might nevertheless be the store
+					// of a pointer to the stack, which is then the
+					// source of the move.
+					// See issue 71228.
+					break FindSeq
+				}
 			default:
 				if last == nil {
 					continue

src/cmd/compile/internal/ssagen/ssa.go

@@ -4433,6 +4433,9 @@ func (s *state) call(n *ir.CallExpr, k callKind, returnResultAddr bool, deferExt
 					callABI = s.f.ABI1
 				}
 			}
+			if fn := n.Fun.Sym().Name; n.Fun.Sym().Pkg == ir.Pkgs.Runtime && fn == "deferrangefunc" {
+				s.f.HasDeferRangeFunc = true
+			}
 			break
 		}
 		closure = s.expr(fn)
@@ -5452,12 +5455,15 @@ func (s *state) referenceTypeBuiltin(n *ir.UnaryExpr, x *ssa.Value) *ssa.Value {
 	if n.X.Type().IsChan() && n.Op() == ir.OCAP {
 		s.Fatalf("cannot inline cap(chan)") // must use runtime.chancap now
 	}
+	if n.X.Type().IsMap() && n.Op() == ir.OCAP {
+		s.Fatalf("cannot inline cap(map)") // cap(map) does not exist
+	}
 	// if n == nil {
 	//   return 0
 	// } else {
-	//   // len
-	//   return *((*int)n)
-	//   // cap
+	//   // len, the actual loadType depends
+	//   return int(*((*loadType)n))
+	//   // cap (chan only, not used for now)
 	//   return *(((*int)n)+1)
 	// }
 	lenType := n.Type()
@@ -5485,7 +5491,9 @@ func (s *state) referenceTypeBuiltin(n *ir.UnaryExpr, x *ssa.Value) *ssa.Value {
 	case ir.OLEN:
 		if buildcfg.Experiment.SwissMap && n.X.Type().IsMap() {
 			// length is stored in the first word.
-			s.vars[n] = s.load(lenType, x)
+			loadType := reflectdata.SwissMapType().Field(0).Type // uint64
+			load := s.load(loadType, x)
+			s.vars[n] = s.conv(nil, load, loadType, lenType) // integer conversion doesn't need Node
 		} else {
 			// length is stored in the first word for map/chan
 			s.vars[n] = s.load(lenType, x)
@@ -6561,10 +6569,13 @@ func genssa(f *ssa.Func, pp *objw.Progs) {
 		// nop (which will never execute) after the call.
 		Arch.Ginsnop(s.pp)
 	}
-	if openDeferInfo != nil {
+	if openDeferInfo != nil || f.HasDeferRangeFunc {
 		// When doing open-coded defers, generate a disconnected call to
 		// deferreturn and a return. This will be used to during panic
 		// recovery to unwind the stack and return back to the runtime.
+		//
+		// deferrangefunc needs to be sure that at least one of these exists;
+		// if all returns are dead-code eliminated, there might not be.
 		s.pp.NextLive = s.livenessMap.DeferReturn
 		p := s.pp.Prog(obj.ACALL)
 		p.To.Type = obj.TYPE_MEM

src/cmd/compile/internal/syntax/testdata/issue70974.go

@@ -0,0 +1,17 @@
+// Copyright 2025 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package p
+
+func _() {
+M:
+L:
+	for range 0 {
+		break L
+		break /* ERROR invalid break label M */ M
+	}
+	for range 0 {
+		break /* ERROR invalid break label L */ L
+	}
+}

src/cmd/compile/internal/test/inl_test.go

@@ -230,6 +230,9 @@ func TestIntendedInlining(t *testing.T) {
 			"(*Pointer[go.shape.int]).Store",
 			"(*Pointer[go.shape.int]).Swap",
 		},
+		"testing": {
+			"(*B).Loop",
+		},
 	}
 
 	if !goexperiment.SwissMap {

src/cmd/compile/internal/typecheck/_builtin/runtime.go

@@ -152,12 +152,14 @@ func mapassign_fast32ptr(mapType *byte, hmap map[any]any, key unsafe.Pointer) (v
 func mapassign_fast64(mapType *byte, hmap map[any]any, key uint64) (val *any)
 func mapassign_fast64ptr(mapType *byte, hmap map[any]any, key unsafe.Pointer) (val *any)
 func mapassign_faststr(mapType *byte, hmap map[any]any, key string) (val *any)
-func mapiterinit(mapType *byte, hmap map[any]any, hiter *any)
+func mapiterinit(mapType *byte, hmap map[any]any, hiter *any)  // old maps
+func mapIterStart(mapType *byte, hmap map[any]any, hiter *any) // swiss maps
 func mapdelete(mapType *byte, hmap map[any]any, key *any)
 func mapdelete_fast32(mapType *byte, hmap map[any]any, key uint32)
 func mapdelete_fast64(mapType *byte, hmap map[any]any, key uint64)
 func mapdelete_faststr(mapType *byte, hmap map[any]any, key string)
-func mapiternext(hiter *any)
+func mapiternext(hiter *any) // old maps
+func mapIterNext(hiter *any) // swiss maps
 func mapclear(mapType *byte, hmap map[any]any)
 
 // *byte is really *runtime.Type

src/cmd/compile/internal/typecheck/builtin.go

@@ -131,11 +131,13 @@ var runtimeDecls = [...]struct {
 	{"mapassign_fast64ptr", funcTag, 96},
 	{"mapassign_faststr", funcTag, 89},
 	{"mapiterinit", funcTag, 97},
+	{"mapIterStart", funcTag, 97},
 	{"mapdelete", funcTag, 97},
 	{"mapdelete_fast32", funcTag, 98},
 	{"mapdelete_fast64", funcTag, 99},
 	{"mapdelete_faststr", funcTag, 100},
 	{"mapiternext", funcTag, 101},
+	{"mapIterNext", funcTag, 101},
 	{"mapclear", funcTag, 102},
 	{"makechan64", funcTag, 104},
 	{"makechan", funcTag, 105},

src/cmd/compile/internal/types2/README.md

@@ -56,7 +56,7 @@ The tests are in:
 Tests are .go files annotated with `/* ERROR "msg" */` or `/* ERRORx "msg" */`
 comments (or the respective line comment form).
 For each such error comment, typechecking the respective file is expected to
-report an error at the position of the syntactic token _immediately preceeding_
+report an error at the position of the syntactic token _immediately preceding_
 the comment.
 For `ERROR`, the `"msg"` string must be a substring of the error message
 reported by the typechecker;

src/cmd/compile/internal/types2/api.go

@@ -208,11 +208,19 @@ type Info struct {
 	//
 	// The Types map does not record the type of every identifier,
 	// only those that appear where an arbitrary expression is
-	// permitted. For instance, the identifier f in a selector
-	// expression x.f is found only in the Selections map, the
-	// identifier z in a variable declaration 'var z int' is found
-	// only in the Defs map, and identifiers denoting packages in
-	// qualified identifiers are collected in the Uses map.
+	// permitted. For instance:
+	// - an identifier f in a selector expression x.f is found
+	//   only in the Selections map;
+	// - an identifier z in a variable declaration 'var z int'
+	//   is found only in the Defs map;
+	// - an identifier p denoting a package in a qualified
+	//   identifier p.X is found only in the Uses map.
+	//
+	// Similarly, no type is recorded for the (synthetic) FuncType
+	// node in a FuncDecl.Type field, since there is no corresponding
+	// syntactic function type expression in the source in this case
+	// Instead, the function type is found in the Defs.map entry for
+	// the corresponding function declaration.
 	Types map[syntax.Expr]TypeAndValue
 
 	// If StoreTypesInSyntax is set, type information identical to

src/cmd/compile/internal/types2/assignments.go

@@ -204,7 +204,7 @@ func (check *Checker) lhsVar(lhs syntax.Expr) Type {
 			// dot-imported variables.
 			if w, _ := obj.(*Var); w != nil && w.pkg == check.pkg {
 				v = w
-				v_used = v.used
+				v_used = check.usedVars[v]
 			}
 		}
 	}
@@ -213,7 +213,7 @@ func (check *Checker) lhsVar(lhs syntax.Expr) Type {
 	check.expr(nil, &x, lhs)
 
 	if v != nil {
-		v.used = v_used // restore v.used
+		check.usedVars[v] = v_used // restore v.used
 	}
 
 	if x.mode == invalid || !isValid(x.typ) {

src/cmd/compile/internal/types2/call.go

@@ -142,6 +142,9 @@ func (check *Checker) instantiateSignature(pos syntax.Pos, expr syntax.Expr, typ
 		}()
 	}
 
+	// For signatures, Checker.instance will always succeed because the type argument
+	// count is correct at this point (see assertion above); hence the type assertion
+	// to *Signature will always succeed.
 	inst := check.instance(pos, typ, targs, nil, check.context()).(*Signature)
 	assert(inst.TypeParams().Len() == 0) // signature is not generic anymore
 	check.recordInstance(expr, targs, inst)
@@ -684,7 +687,7 @@ func (check *Checker) selector(x *operand, e *syntax.SelectorExpr, def *TypeName
 		if pname, _ := obj.(*PkgName); pname != nil {
 			assert(pname.pkg == check.pkg)
 			check.recordUse(ident, pname)
-			pname.used = true
+			check.usedPkgNames[pname] = true
 			pkg := pname.imported
 
 			var exp Object
@@ -969,13 +972,13 @@ func (check *Checker) use1(e syntax.Expr, lhs bool) bool {
 				// dot-imported variables.
 				if w, _ := obj.(*Var); w != nil && w.pkg == check.pkg {
 					v = w
-					v_used = v.used
+					v_used = check.usedVars[v]
 				}
 			}
 		}
 		check.exprOrType(&x, n, true)
 		if v != nil {
-			v.used = v_used // restore v.used
+			check.usedVars[v] = v_used // restore v.used
 		}
 	case *syntax.ListExpr:
 		return check.useN(n.ElemList, lhs)

src/cmd/compile/internal/types2/check.go

@@ -162,6 +162,8 @@ type Checker struct {
 	dotImportMap  map[dotImportKey]*PkgName  // maps dot-imported objects to the package they were dot-imported through
 	brokenAliases map[*TypeName]bool         // set of aliases with broken (not yet determined) types
 	unionTypeSets map[*Union]*_TypeSet       // computed type sets for union types
+	usedVars      map[*Var]bool              // set of used variables
+	usedPkgNames  map[*PkgName]bool          // set of used package names
 	mono          monoGraph                  // graph for detecting non-monomorphizable instantiation loops
 
 	firstErr error                    // first error encountered
@@ -285,12 +287,14 @@ func NewChecker(conf *Config, pkg *Package, info *Info) *Checker {
 	// (previously, pkg.goVersion was mutated here: go.dev/issue/61212)
 
 	return &Checker{
-		conf:   conf,
-		ctxt:   conf.Context,
-		pkg:    pkg,
-		Info:   info,
-		objMap: make(map[Object]*declInfo),
-		impMap: make(map[importKey]*Package),
+		conf:         conf,
+		ctxt:         conf.Context,
+		pkg:          pkg,
+		Info:         info,
+		objMap:       make(map[Object]*declInfo),
+		impMap:       make(map[importKey]*Package),
+		usedVars:     make(map[*Var]bool),
+		usedPkgNames: make(map[*PkgName]bool),
 	}
 }
 
@@ -298,6 +302,8 @@ func NewChecker(conf *Config, pkg *Package, info *Info) *Checker {
 // The provided files must all belong to the same package.
 func (check *Checker) initFiles(files []*syntax.File) {
 	// start with a clean slate (check.Files may be called multiple times)
+	// TODO(gri): what determines which fields are zeroed out here, vs at the end
+	// of checkFiles?
 	check.files = nil
 	check.imports = nil
 	check.dotImportMap = nil
@@ -309,6 +315,13 @@ func (check *Checker) initFiles(files []*syntax.File) {
 	check.objPath = nil
 	check.cleaners = nil
 
+	// We must initialize usedVars and usedPkgNames both here and in NewChecker,
+	// because initFiles is not called in the CheckExpr or Eval codepaths, yet we
+	// want to free this memory at the end of Files ('used' predicates are
+	// only needed in the context of a given file).
+	check.usedVars = make(map[*Var]bool)
+	check.usedPkgNames = make(map[*PkgName]bool)
+
 	// determine package name and collect valid files
 	pkg := check.pkg
 	for _, file := range files {
@@ -482,8 +495,11 @@ func (check *Checker) checkFiles(files []*syntax.File) {
 	check.seenPkgMap = nil
 	check.brokenAliases = nil
 	check.unionTypeSets = nil
+	check.usedVars = nil
+	check.usedPkgNames = nil
 	check.ctxt = nil
 
+	// TODO(gri): shouldn't the cleanup above occur after the bailout?
 	// TODO(gri) There's more memory we should release at this point.
 }
 

src/cmd/compile/internal/types2/initorder.go

@@ -10,6 +10,7 @@ import (
 	"fmt"
 	. "internal/types/errors"
 	"slices"
+	"sort"
 )
 
 // initOrder computes the Info.InitOrder for package variables.
@@ -139,7 +140,16 @@ func findPath(objMap map[Object]*declInfo, from, to Object, seen map[Object]bool
 	}
 	seen[from] = true
 
+	// sort deps for deterministic result
+	var deps []Object
 	for d := range objMap[from].deps {
+		deps = append(deps, d)
+	}
+	sort.Slice(deps, func(i, j int) bool {
+		return deps[i].order() < deps[j].order()
+	})
+
+	for _, d := range deps {
 		if d == to {
 			return []Object{d}
 		}

src/cmd/compile/internal/types2/instantiate.go

@@ -74,7 +74,8 @@ func Instantiate(ctxt *Context, orig Type, targs []Type, validate bool) (Type, e
 // instance instantiates the given original (generic) function or type with the
 // provided type arguments and returns the resulting instance. If an identical
 // instance exists already in the given contexts, it returns that instance,
-// otherwise it creates a new one.
+// otherwise it creates a new one. If there is an error (such as wrong number
+// of type arguments), the result is Typ[Invalid].
 //
 // If expanding is non-nil, it is the Named instance type currently being
 // expanded. If ctxt is non-nil, it is the context associated with the current
@@ -133,9 +134,13 @@ func (check *Checker) instance(pos syntax.Pos, orig genericType, targs []Type, e
 			assert(expanding == nil) // Alias instances cannot be reached from Named types
 		}
 
+		// verify type parameter count (see go.dev/issue/71198 for a test case)
 		tparams := orig.TypeParams()
-		// TODO(gri) investigate if this is needed (type argument and parameter count seem to be correct here)
-		if !check.validateTArgLen(pos, orig.String(), tparams.Len(), len(targs)) {
+		if !check.validateTArgLen(pos, orig.obj.Name(), tparams.Len(), len(targs)) {
+			// TODO(gri) Consider returning a valid alias instance with invalid
+			//           underlying (aliased) type to match behavior of *Named
+			//           types. Then this function will never return an invalid
+			//           result.
 			return Typ[Invalid]
 		}
 		if tparams.Len() == 0 {

src/cmd/compile/internal/types2/object.go

@@ -242,13 +242,12 @@ func (a *object) cmp(b *object) int {
 type PkgName struct {
 	object
 	imported *Package
-	used     bool // set if the package was used
 }
 
 // NewPkgName returns a new PkgName object representing an imported package.
 // The remaining arguments set the attributes found with all Objects.
 func NewPkgName(pos syntax.Pos, pkg *Package, name string, imported *Package) *PkgName {
-	return &PkgName{object{nil, pos, pkg, name, Typ[Invalid], 0, black, nopos}, imported, false}
+	return &PkgName{object{nil, pos, pkg, name, Typ[Invalid], 0, black, nopos}, imported}
 }
 
 // Imported returns the package that was imported.
@@ -331,10 +330,10 @@ func (obj *TypeName) IsAlias() bool {
 // A Variable represents a declared variable (including function parameters and results, and struct fields).
 type Var struct {
 	object
+	origin   *Var // if non-nil, the Var from which this one was instantiated
 	embedded bool // if set, the variable is an embedded struct field, and name is the type name
 	isField  bool // var is struct field
-	used     bool // set if the variable was used
-	origin   *Var // if non-nil, the Var from which this one was instantiated
+	isParam  bool // var is a param, for backport of 'used' check to go1.24 (go.dev/issue/72826)
 }
 
 // NewVar returns a new variable.
@@ -345,7 +344,7 @@ func NewVar(pos syntax.Pos, pkg *Package, name string, typ Type) *Var {
 
 // NewParam returns a new variable representing a function parameter.
 func NewParam(pos syntax.Pos, pkg *Package, name string, typ Type) *Var {
-	return &Var{object: object{nil, pos, pkg, name, typ, 0, colorFor(typ), nopos}, used: true} // parameters are always 'used'
+	return &Var{object: object{nil, pos, pkg, name, typ, 0, colorFor(typ), nopos}, isParam: true}
 }
 
 // NewField returns a new variable representing a struct field.

src/cmd/compile/internal/types2/resolver.go

@@ -295,7 +295,7 @@ func (check *Checker) collectObjects() {
 
 				if imp.fake {
 					// match 1.17 cmd/compile (not prescribed by spec)
-					pkgName.used = true
+					check.usedPkgNames[pkgName] = true
 				}
 
 				// add import to file scope
@@ -715,7 +715,7 @@ func (check *Checker) unusedImports() {
 	// (initialization), use the blank identifier as explicit package name."
 
 	for _, obj := range check.imports {
-		if !obj.used && obj.name != "_" {
+		if obj.name != "_" && !check.usedPkgNames[obj] {
 			check.errorUnusedPkg(obj)
 		}
 	}

src/cmd/compile/internal/types2/signature.go

@@ -174,7 +174,7 @@ func (check *Checker) collectRecv(rparam *syntax.Field, scopePos syntax.Pos) (*V
 	} else {
 		// If there are type parameters, rbase must denote a generic base type.
 		// Important: rbase must be resolved before declaring any receiver type
-		// parameters (wich may have the same name, see below).
+		// parameters (which may have the same name, see below).
 		var baseType *Named // nil if not valid
 		var cause string
 		if t := check.genericType(rbase, &cause); isValid(t) {

src/cmd/compile/internal/types2/sizeof_test.go

@@ -36,7 +36,7 @@ func TestSizeof(t *testing.T) {
 		{term{}, 12, 24},
 
 		// Objects
-		{PkgName{}, 64, 104},
+		{PkgName{}, 60, 96},
 		{Const{}, 64, 104},
 		{TypeName{}, 56, 88},
 		{Var{}, 64, 104},

src/cmd/compile/internal/types2/stmt.go

@@ -58,7 +58,7 @@ func (check *Checker) usage(scope *Scope) {
 	var unused []*Var
 	for name, elem := range scope.elems {
 		elem = resolve(name, elem)
-		if v, _ := elem.(*Var); v != nil && !v.used {
+		if v, _ := elem.(*Var); v != nil && !v.isParam && !check.usedVars[v] {
 			unused = append(unused, v)
 		}
 	}
@@ -824,10 +824,10 @@ func (check *Checker) typeSwitchStmt(inner stmtContext, s *syntax.SwitchStmt, gu
 	if lhs != nil {
 		var used bool
 		for _, v := range lhsVars {
-			if v.used {
+			if check.usedVars[v] {
 				used = true
 			}
-			v.used = true // avoid usage error when checking entire function
+			check.usedVars[v] = true // avoid usage error when checking entire function
 		}
 		if !used {
 			check.softErrorf(lhs, UnusedVar, "%s declared and not used", lhs.Value)
@@ -934,7 +934,7 @@ func (check *Checker) rangeStmt(inner stmtContext, s *syntax.ForStmt, rclause *s
 			if typ == nil || typ == Typ[Invalid] {
 				// typ == Typ[Invalid] can happen if allowVersion fails.
 				obj.typ = Typ[Invalid]
-				obj.used = true // don't complain about unused variable
+				check.usedVars[obj] = true // don't complain about unused variable
 				continue
 			}
 
@@ -1057,8 +1057,13 @@ func rangeKeyVal(typ Type, allowVersion func(goVersion) bool) (key, val Type, ca
 			return bad("func must be func(yield func(...) bool): argument is not func")
 		case cb.Params().Len() > 2:
 			return bad("func must be func(yield func(...) bool): yield func has too many parameters")
-		case cb.Results().Len() != 1 || !isBoolean(cb.Results().At(0).Type()):
-			return bad("func must be func(yield func(...) bool): yield func does not return bool")
+		case cb.Results().Len() != 1 || !Identical(cb.Results().At(0).Type(), universeBool):
+			// see go.dev/issues/71131, go.dev/issues/71164
+			if cb.Results().Len() == 1 && isBoolean(cb.Results().At(0).Type()) {
+				return bad("func must be func(yield func(...) bool): yield func returns user-defined boolean, not bool")
+			} else {
+				return bad("func must be func(yield func(...) bool): yield func does not return bool")
+			}
 		}
 		assert(cb.Recv() == nil)
 		// determine key and value types, if any

src/cmd/compile/internal/types2/testdata/local/issue71254.go

@@ -0,0 +1,14 @@
+// Copyright 2025 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package p
+
+const (
+	B /* ERROR "initialization cycle: B refers to itself" */ = A + B
+	A /* ERRORx "initialization cycle for A\\s+.*A refers to B\\s+.*B refers to A" */ = A + B
+
+	C /* ERRORx "initialization cycle for C\\s+.*C refers to D\\s+.*D refers to C" */ = E + D
+	D /* ERRORx "initialization cycle for D\\s+.*D refers to C\\s+.*C refers to D" */ = E + C
+	E = D + C
+)

src/cmd/compile/internal/types2/testdata/manual.go

@@ -1,4 +1,4 @@
-// Copyright 2024 The Go Authors. All rights reserved.
+// Copyright 2025 The Go Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 

src/cmd/compile/internal/types2/typexpr.go

@@ -55,7 +55,7 @@ func (check *Checker) ident(x *operand, e *syntax.Name, def *TypeName, wantType
 		// avoid "declared but not used" errors
 		// (don't use Checker.use - we don't want to evaluate too much)
 		if v, _ := obj.(*Var); v != nil && v.pkg == check.pkg /* see Checker.use1 */ {
-			v.used = true
+			check.usedVars[v] = true
 		}
 		return
 	}
@@ -83,7 +83,7 @@ func (check *Checker) ident(x *operand, e *syntax.Name, def *TypeName, wantType
 	// (This code is only needed for dot-imports. Without them,
 	// we only have to mark variables, see *Var case below).
 	if pkgName := check.dotImportMap[dotImportKey{scope, obj.Name()}]; pkgName != nil {
-		pkgName.used = true
+		check.usedPkgNames[pkgName] = true
 	}
 
 	switch obj := obj.(type) {
@@ -120,7 +120,7 @@ func (check *Checker) ident(x *operand, e *syntax.Name, def *TypeName, wantType
 		// from other packages to avoid potential race conditions with
 		// dot-imported variables.
 		if obj.pkg == check.pkg {
-			obj.used = true
+			check.usedVars[obj] = true
 		}
 		check.addDeclDep(obj)
 		if !isValid(typ) {
@@ -423,11 +423,6 @@ func setDefType(def *TypeName, typ Type) {
 	if def != nil {
 		switch t := def.typ.(type) {
 		case *Alias:
-			// t.fromRHS should always be set, either to an invalid type
-			// in the beginning, or to typ in certain cyclic declarations.
-			if t.fromRHS != Typ[Invalid] && t.fromRHS != typ {
-				panic(sprintf(nil, true, "t.fromRHS = %s, typ = %s\n", t.fromRHS, typ))
-			}
 			t.fromRHS = typ
 		case *Basic:
 			assert(t == Typ[Invalid])
@@ -475,9 +470,14 @@ func (check *Checker) instantiatedType(x syntax.Expr, xlist []syntax.Expr, def *
 	}
 
 	// create instance
-	// The instance is not generic anymore as it has type arguments, but it still
-	// satisfies the genericType interface because it has type parameters, too.
-	inst := check.instance(x.Pos(), gtyp, targs, nil, check.context()).(genericType)
+	// The instance is not generic anymore as it has type arguments, but unless
+	// instantiation failed, it still satisfies the genericType interface because
+	// it has type parameters, too.
+	ityp := check.instance(x.Pos(), gtyp, targs, nil, check.context())
+	inst, _ := ityp.(genericType)
+	if inst == nil {
+		return Typ[Invalid]
+	}
 
 	// For Named types, orig.tparams may not be set up, so we need to do expansion later.
 	check.later(func() {

src/cmd/compile/internal/types2/universe.go

@@ -21,6 +21,7 @@ var Unsafe *Package
 
 var (
 	universeIota       Object
+	universeBool       Type
 	universeByte       Type // uint8 alias, but has name "byte"
 	universeRune       Type // int32 alias, but has name "rune"
 	universeAnyNoAlias *TypeName
@@ -275,6 +276,7 @@ func init() {
 	defPredeclaredFuncs()
 
 	universeIota = Universe.Lookup("iota")
+	universeBool = Universe.Lookup("bool").Type()
 	universeByte = Universe.Lookup("byte").Type()
 	universeRune = Universe.Lookup("rune").Type()
 	universeError = Universe.Lookup("error").Type()

src/cmd/compile/internal/walk/range.go

@@ -244,19 +244,24 @@ func walkRange(nrange *ir.RangeStmt) ir.Node {
 		// depends on layout of iterator struct.
 		// See cmd/compile/internal/reflectdata/reflect.go:MapIterType
 		var keysym, elemsym *types.Sym
+		var iterInit, iterNext string
 		if buildcfg.Experiment.SwissMap {
 			keysym = th.Field(0).Sym
 			elemsym = th.Field(1).Sym // ditto
+			iterInit = "mapIterStart"
+			iterNext = "mapIterNext"
 		} else {
 			keysym = th.Field(0).Sym
 			elemsym = th.Field(1).Sym // ditto
+			iterInit = "mapiterinit"
+			iterNext = "mapiternext"
 		}
 
-		fn := typecheck.LookupRuntime("mapiterinit", t.Key(), t.Elem(), th)
+		fn := typecheck.LookupRuntime(iterInit, t.Key(), t.Elem(), th)
 		init = append(init, mkcallstmt1(fn, reflectdata.RangeMapRType(base.Pos, nrange), ha, typecheck.NodAddr(hit)))
 		nfor.Cond = ir.NewBinaryExpr(base.Pos, ir.ONE, ir.NewSelectorExpr(base.Pos, ir.ODOT, hit, keysym), typecheck.NodNil())
 
-		fn = typecheck.LookupRuntime("mapiternext", th)
+		fn = typecheck.LookupRuntime(iterNext, th)
 		nfor.Post = mkcallstmt1(fn, typecheck.NodAddr(hit))
 
 		key := ir.NewStarExpr(base.Pos, typecheck.ConvNop(ir.NewSelectorExpr(base.Pos, ir.ODOT, hit, keysym), types.NewPtr(t.Key())))

src/cmd/covdata/dump.go

@@ -331,7 +331,7 @@ func (d *dstate) Finish() {
 			d.format.EmitFuncs(os.Stdout)
 		}
 		if d.textfmtoutf != nil {
-			if err := d.format.EmitTextual(d.textfmtoutf); err != nil {
+			if err := d.format.EmitTextual(nil, d.textfmtoutf); err != nil {
 				fatal("writing to %s: %v", *textfmtoutflag, err)
 			}
 		}

src/cmd/dist/test.go

@@ -876,16 +876,18 @@ func (t *tester) registerTests() {
 	}
 
 	if t.extLink() && !t.compileOnly {
-		t.registerTest("external linking, -buildmode=exe",
-			&goTest{
-				variant:   "exe_external",
-				timeout:   60 * time.Second,
-				buildmode: "exe",
-				ldflags:   "-linkmode=external",
-				env:       []string{"CGO_ENABLED=1"},
-				pkg:       "crypto/internal/fips140test",
-				runTests:  "TestFIPSCheck",
-			})
+		if goos != "android" { // Android does not support non-PIE linking
+			t.registerTest("external linking, -buildmode=exe",
+				&goTest{
+					variant:   "exe_external",
+					timeout:   60 * time.Second,
+					buildmode: "exe",
+					ldflags:   "-linkmode=external",
+					env:       []string{"CGO_ENABLED=1"},
+					pkg:       "crypto/internal/fips140test",
+					runTests:  "TestFIPSCheck",
+				})
+		}
 		if t.externalLinkPIE() && !disablePIE {
 			t.registerTest("external linking, -buildmode=pie",
 				&goTest{
@@ -1795,6 +1797,8 @@ func isEnvSet(evar string) bool {
 }
 
 func (t *tester) fipsSupported() bool {
+	// Keep this in sync with [crypto/internal/fips140.Supported].
+
 	// Use GOFIPS140 or GOEXPERIMENT=boringcrypto, but not both.
 	if strings.Contains(goexperiment, "boringcrypto") {
 		return false
@@ -1808,6 +1812,7 @@ func (t *tester) fipsSupported() bool {
 	case goarch == "wasm",
 		goos == "windows" && goarch == "386",
 		goos == "windows" && goarch == "arm",
+		goos == "openbsd",
 		goos == "aix":
 		return false
 	}

src/cmd/go.mod

@@ -11,7 +11,7 @@ require (
 	golang.org/x/sys v0.28.0
 	golang.org/x/telemetry v0.0.0-20241204182053-c0ac0e154df3
 	golang.org/x/term v0.27.0
-	golang.org/x/tools v0.28.0
+	golang.org/x/tools v0.28.1-0.20250131145412-98746475647e
 )
 
 require (

src/cmd/go.sum

@@ -22,7 +22,7 @@ golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q=
 golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM=
 golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
 golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
-golang.org/x/tools v0.28.0 h1:WuB6qZ4RPCQo5aP3WdKZS7i595EdWqWR8vqJTlwTVK8=
-golang.org/x/tools v0.28.0/go.mod h1:dcIOrVd3mfQKTgrDVQHqCPMWy6lnhfhtX3hLXYVLfRw=
+golang.org/x/tools v0.28.1-0.20250131145412-98746475647e h1:6Kzwg7JxW2HRWToKpIKqlpF8l8XMasoALX3OcAMdgL8=
+golang.org/x/tools v0.28.1-0.20250131145412-98746475647e/go.mod h1:dcIOrVd3mfQKTgrDVQHqCPMWy6lnhfhtX3hLXYVLfRw=
 rsc.io/markdown v0.0.0-20240306144322-0bf8f97ee8ef h1:mqLYrXCXYEZOop9/Dbo6RPX11539nwiCNBb1icVPmw8=
 rsc.io/markdown v0.0.0-20240306144322-0bf8f97ee8ef/go.mod h1:8xcPgWmwlZONN1D9bjxtHEjrUtSEa3fakVF8iaewYKQ=

src/cmd/go/alldocs.go

@@ -739,11 +739,6 @@
 //
 // For more about specifying packages, see 'go help packages'.
 //
-// This text describes the behavior of get using modules to manage source
-// code and dependencies. If instead the go command is running in GOPATH
-// mode, the details of get's flags and effects change, as does 'go help get'.
-// See 'go help gopath-get'.
-//
 // See also: go build, go install, go clean, go mod.
 //
 // # Compile and install packages and dependencies
@@ -2186,7 +2181,7 @@
 // fields of all events to reconstruct the text format output, as it would
 // have appeared from go build without the -json flag.
 //
-// Note that there may also be non-JSON error text on stdnard error, even
+// Note that there may also be non-JSON error text on standard error, even
 // with the -json flag. Typically, this indicates an early, serious error.
 // Consumers should be robust to this.
 //
@@ -2250,7 +2245,7 @@
 //
 // The second is the SWIG program, which is a general tool for
 // interfacing between languages. For information on SWIG see
-// http://swig.org/. When running go build, any file with a .swig
+// https://swig.org/. When running go build, any file with a .swig
 // extension will be passed to SWIG. Any file with a .swigcxx extension
 // will be passed to SWIG with the -c++ option.
 //
@@ -2338,9 +2333,14 @@
 //	GOCACHE
 //		The directory where the go command will store cached
 //		information for reuse in future builds.
+//	GOCACHEPROG
+//		A command (with optional space-separated flags) that implements an
+//		external go command build cache.
+//		See 'go doc cmd/go/internal/cacheprog'.
 //	GODEBUG
-//		Enable various debugging facilities. See https://go.dev/doc/godebug
-//		for details.
+//		Enable various debugging facilities for programs built with Go,
+//		including the go command. Cannot be set using 'go env -w'.
+//		See https://go.dev/doc/godebug for details.
 //	GOENV
 //		The location of the Go environment configuration file.
 //		Cannot be set using 'go env -w'.
@@ -2448,6 +2448,11 @@
 //	GOARM
 //		For GOARCH=arm, the ARM architecture for which to compile.
 //		Valid values are 5, 6, 7.
+//		When the Go tools are built on an arm system,
+//		the default value is set based on what the build system supports.
+//		When the Go tools are not built on an arm system
+//		(that is, when building a cross-compiler),
+//		the default value is 7.
 //		The value can be followed by an option specifying how to implement floating point instructions.
 //		Valid options are ,softfloat (default for 5) and ,hardfloat (default for 6 and 7).
 //	GOARM64
@@ -2612,7 +2617,7 @@
 //		Example: Data
 //
 //	If the server responds with any 4xx code, the go command will write the
-//	following to the programs' stdin:
+//	following to the program's stdin:
 //		Response      = StatusLine { HeaderLine } BlankLine .
 //		StatusLine    = Protocol Space Status '\n' .
 //		Protocol      = /* HTTP protocol */ .
@@ -2627,8 +2632,7 @@
 //		Content-Type: text/plain; charset=utf-8
 //		Date: Thu, 07 Nov 2024 18:43:09 GMT
 //
-//	Note: at least for HTTP 1.1, the contents written to stdin can be parsed
-//	as an HTTP response.
+//	Note: it is safe to use net/http.ReadResponse to parse this input.
 //
 // Before the first HTTPS fetch, the go command will invoke each GOAUTH
 // command in the list with no additional arguments and no input.
@@ -2969,11 +2973,7 @@
 // same meta tag and then git clone https://code.org/r/p/exproj into
 // GOPATH/src/example.org.
 //
-// When using GOPATH, downloaded packages are written to the first directory
-// listed in the GOPATH environment variable.
-// (See 'go help gopath-get' and 'go help gopath'.)
-//
-// When using modules, downloaded packages are stored in the module cache.
+// Downloaded packages are stored in the module cache.
 // See https://golang.org/ref/mod#module-cache.
 //
 // When using modules, an additional variant of the go-import meta tag is

src/cmd/go/internal/auth/auth.go

@@ -12,7 +12,6 @@ import (
 	"log"
 	"net/http"
 	"os"
-	"path"
 	"path/filepath"
 	"slices"
 	"strings"
@@ -71,9 +70,15 @@ func runGoAuth(client *http.Client, res *http.Response, url string) {
 		case "netrc":
 			lines, err := readNetrc()
 			if err != nil {
-				base.Fatalf("go: could not parse netrc (GOAUTH=%s): %v", cfg.GOAUTH, err)
+				cmdErrs = append(cmdErrs, fmt.Errorf("GOAUTH=%s: %v", command, err))
+				continue
 			}
-			for _, l := range lines {
+			// Process lines in reverse so that if the same machine is listed
+			// multiple times, we end up saving the earlier one
+			// (overwriting later ones). This matches the way the go command
+			// worked before GOAUTH.
+			for i := len(lines) - 1; i >= 0; i-- {
+				l := lines[i]
 				r := http.Request{Header: make(http.Header)}
 				r.SetBasicAuth(l.login, l.password)
 				storeCredential(l.machine, r.Header)
@@ -123,7 +128,8 @@ func runGoAuth(client *http.Client, res *http.Response, url string) {
 	// If no GOAUTH command provided a credential for the given url
 	// and an error occurred, log the error.
 	if cfg.BuildX && url != "" {
-		if ok := loadCredential(&http.Request{}, url); !ok && len(cmdErrs) > 0 {
+		req := &http.Request{Header: make(http.Header)}
+		if ok := loadCredential(req, url); !ok && len(cmdErrs) > 0 {
 			log.Printf("GOAUTH encountered errors for %s:", url)
 			for _, err := range cmdErrs {
 				log.Printf("  %v", err)
@@ -137,11 +143,13 @@ func runGoAuth(client *http.Client, res *http.Response, url string) {
 func loadCredential(req *http.Request, url string) bool {
 	currentPrefix := strings.TrimPrefix(url, "https://")
 	// Iteratively try prefixes, moving up the path hierarchy.
-	for currentPrefix != "/" && currentPrefix != "." && currentPrefix != "" {
+	for {
 		headers, ok := credentialCache.Load(currentPrefix)
 		if !ok {
-			// Move to the parent directory.
-			currentPrefix = path.Dir(currentPrefix)
+			currentPrefix, _, ok = strings.Cut(currentPrefix, "/")
+			if !ok {
+				return false
+			}
 			continue
 		}
 		for key, values := range headers.(http.Header) {
@@ -151,7 +159,6 @@ func loadCredential(req *http.Request, url string) bool {
 		}
 		return true
 	}
-	return false
 }
 
 // storeCredential caches or removes credentials (represented by HTTP headers)

src/cmd/go/internal/auth/auth_test.go

@@ -25,7 +25,29 @@ func TestCredentialCache(t *testing.T) {
 		got := &http.Request{Header: make(http.Header)}
 		ok := loadCredential(got, tc.machine)
 		if !ok || !reflect.DeepEqual(got.Header, want.Header) {
-			t.Errorf("loadCredential:\nhave %q\nwant %q", got.Header, want.Header)
+			t.Errorf("loadCredential(%q):\nhave %q\nwant %q", tc.machine, got.Header, want.Header)
+		}
+	}
+
+	// Having stored those credentials, we should be able to look up longer URLs too.
+	extraCases := []netrcLine{
+		{"https://api.github.com/foo", "user", "pwd"},
+		{"https://api.github.com/foo/bar/baz", "user", "pwd"},
+		{"https://example.com/abc", "", ""},
+		{"https://example.com/?/../api.github.com/", "", ""},
+		{"https://example.com/?/../api.github.com", "", ""},
+		{"https://example.com/../api.github.com/", "", ""},
+		{"https://example.com/../api.github.com", "", ""},
+	}
+	for _, tc := range extraCases {
+		want := http.Request{Header: make(http.Header)}
+		if tc.login != "" {
+			want.SetBasicAuth(tc.login, tc.password)
+		}
+		got := &http.Request{Header: make(http.Header)}
+		loadCredential(got, tc.machine)
+		if !reflect.DeepEqual(got.Header, want.Header) {
+			t.Errorf("loadCredential(%q):\nhave %q\nwant %q", tc.machine, got.Header, want.Header)
 		}
 	}
 }

src/cmd/go/internal/auth/httputils.go

@@ -0,0 +1,173 @@
+// Copyright 2019 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Code copied from x/net/http/httpguts/httplex.go
+package auth
+
+var isTokenTable = [256]bool{
+	'!':  true,
+	'#':  true,
+	'$':  true,
+	'%':  true,
+	'&':  true,
+	'\'': true,
+	'*':  true,
+	'+':  true,
+	'-':  true,
+	'.':  true,
+	'0':  true,
+	'1':  true,
+	'2':  true,
+	'3':  true,
+	'4':  true,
+	'5':  true,
+	'6':  true,
+	'7':  true,
+	'8':  true,
+	'9':  true,
+	'A':  true,
+	'B':  true,
+	'C':  true,
+	'D':  true,
+	'E':  true,
+	'F':  true,
+	'G':  true,
+	'H':  true,
+	'I':  true,
+	'J':  true,
+	'K':  true,
+	'L':  true,
+	'M':  true,
+	'N':  true,
+	'O':  true,
+	'P':  true,
+	'Q':  true,
+	'R':  true,
+	'S':  true,
+	'T':  true,
+	'U':  true,
+	'W':  true,
+	'V':  true,
+	'X':  true,
+	'Y':  true,
+	'Z':  true,
+	'^':  true,
+	'_':  true,
+	'`':  true,
+	'a':  true,
+	'b':  true,
+	'c':  true,
+	'd':  true,
+	'e':  true,
+	'f':  true,
+	'g':  true,
+	'h':  true,
+	'i':  true,
+	'j':  true,
+	'k':  true,
+	'l':  true,
+	'm':  true,
+	'n':  true,
+	'o':  true,
+	'p':  true,
+	'q':  true,
+	'r':  true,
+	's':  true,
+	't':  true,
+	'u':  true,
+	'v':  true,
+	'w':  true,
+	'x':  true,
+	'y':  true,
+	'z':  true,
+	'|':  true,
+	'~':  true,
+}
+
+// isLWS reports whether b is linear white space, according
+// to http://www.w3.org/Protocols/rfc2616/rfc2616-sec2.html#sec2.2
+//
+//	LWS            = [CRLF] 1*( SP | HT )
+func isLWS(b byte) bool { return b == ' ' || b == '\t' }
+
+// isCTL reports whether b is a control byte, according
+// to http://www.w3.org/Protocols/rfc2616/rfc2616-sec2.html#sec2.2
+//
+//	CTL            = <any US-ASCII control character
+//	                 (octets 0 - 31) and DEL (127)>
+func isCTL(b byte) bool {
+	const del = 0x7f // a CTL
+	return b < ' ' || b == del
+}
+
+// validHeaderFieldName reports whether v is a valid HTTP/1.x header name.
+// HTTP/2 imposes the additional restriction that uppercase ASCII
+// letters are not allowed.
+//
+// RFC 7230 says:
+//
+//	header-field   = field-name ":" OWS field-value OWS
+//	field-name     = token
+//	token          = 1*tchar
+//	tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" / "+" / "-" / "." /
+//	        "^" / "_" / "`" / "|" / "~" / DIGIT / ALPHA
+func validHeaderFieldName(v string) bool {
+	if len(v) == 0 {
+		return false
+	}
+	for i := 0; i < len(v); i++ {
+		if !isTokenTable[v[i]] {
+			return false
+		}
+	}
+	return true
+}
+
+// validHeaderFieldValue reports whether v is a valid "field-value" according to
+// http://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4.2 :
+//
+//	message-header = field-name ":" [ field-value ]
+//	field-value    = *( field-content | LWS )
+//	field-content  = <the OCTETs making up the field-value
+//	                 and consisting of either *TEXT or combinations
+//	                 of token, separators, and quoted-string>
+//
+// http://www.w3.org/Protocols/rfc2616/rfc2616-sec2.html#sec2.2 :
+//
+//	TEXT           = <any OCTET except CTLs,
+//	                  but including LWS>
+//	LWS            = [CRLF] 1*( SP | HT )
+//	CTL            = <any US-ASCII control character
+//	                 (octets 0 - 31) and DEL (127)>
+//
+// RFC 7230 says:
+//
+//	field-value    = *( field-content / obs-fold )
+//	obj-fold       =  N/A to http2, and deprecated
+//	field-content  = field-vchar [ 1*( SP / HTAB ) field-vchar ]
+//	field-vchar    = VCHAR / obs-text
+//	obs-text       = %x80-FF
+//	VCHAR          = "any visible [USASCII] character"
+//
+// http2 further says: "Similarly, HTTP/2 allows header field values
+// that are not valid. While most of the values that can be encoded
+// will not alter header field parsing, carriage return (CR, ASCII
+// 0xd), line feed (LF, ASCII 0xa), and the zero character (NUL, ASCII
+// 0x0) might be exploited by an attacker if they are translated
+// verbatim. Any request or response that contains a character not
+// permitted in a header field value MUST be treated as malformed
+// (Section 8.1.2.6). Valid characters are defined by the
+// field-content ABNF rule in Section 3.2 of [RFC7230]."
+//
+// This function does not (yet?) properly handle the rejection of
+// strings that begin or end with SP or HTAB.
+func validHeaderFieldValue(v string) bool {
+	for i := 0; i < len(v); i++ {
+		b := v[i]
+		if isCTL(b) && !isLWS(b) {
+			return false
+		}
+	}
+	return true
+}

src/cmd/go/internal/auth/userauth.go

@@ -6,14 +6,11 @@
 package auth
 
 import (
-	"bufio"
-	"bytes"
 	"cmd/internal/quoted"
 	"fmt"
-	"io"
 	"maps"
 	"net/http"
-	"net/textproto"
+	"net/url"
 	"os/exec"
 	"strings"
 )
@@ -42,7 +39,7 @@ func runAuthCommand(command string, url string, res *http.Response) (map[string]
 	if err != nil {
 		return nil, fmt.Errorf("could not run command %s: %v\n%s", command, err, cmd.Stderr)
 	}
-	credentials, err := parseUserAuth(bytes.NewReader(out))
+	credentials, err := parseUserAuth(string(out))
 	if err != nil {
 		return nil, fmt.Errorf("cannot parse output of GOAUTH command %s: %v", command, err)
 	}
@@ -54,53 +51,47 @@ func runAuthCommand(command string, url string, res *http.Response) (map[string]
 // or an error if the data does not follow the expected format.
 // Returns an nil error and an empty map if the data is empty.
 // See the expected format in 'go help goauth'.
-func parseUserAuth(data io.Reader) (map[string]http.Header, error) {
+func parseUserAuth(data string) (map[string]http.Header, error) {
 	credentials := make(map[string]http.Header)
-	reader := textproto.NewReader(bufio.NewReader(data))
-	for {
-		// Return the processed credentials if the reader is at EOF.
-		if _, err := reader.R.Peek(1); err == io.EOF {
-			return credentials, nil
+	for data != "" {
+		var line string
+		var ok bool
+		var urls []string
+		// Parse URLS first.
+		for {
+			line, data, ok = strings.Cut(data, "\n")
+			if !ok {
+				return nil, fmt.Errorf("invalid format: missing empty line after URLs")
+			}
+			if line == "" {
+				break
+			}
+			u, err := url.ParseRequestURI(line)
+			if err != nil {
+				return nil, fmt.Errorf("could not parse URL %s: %v", line, err)
+			}
+			urls = append(urls, u.String())
 		}
-		urls, err := readURLs(reader)
-		if err != nil {
-			return nil, err
-		}
-		if len(urls) == 0 {
-			return nil, fmt.Errorf("invalid format: expected url prefix")
-		}
-		mimeHeader, err := reader.ReadMIMEHeader()
-		if err != nil {
-			return nil, err
-		}
-		header := http.Header(mimeHeader)
-		// Process the block (urls and headers).
-		credentialMap := mapHeadersToPrefixes(urls, header)
-		maps.Copy(credentials, credentialMap)
-	}
-}
-
-// readURLs reads URL prefixes from the given reader until an empty line
-// is encountered or an error occurs. It returns the list of URLs or an error
-// if the format is invalid.
-func readURLs(reader *textproto.Reader) (urls []string, err error) {
-	for {
-		line, err := reader.ReadLine()
-		if err != nil {
-			return nil, err
-		}
-		trimmedLine := strings.TrimSpace(line)
-		if trimmedLine != line {
-			return nil, fmt.Errorf("invalid format: leading or trailing white space")
-		}
-		if strings.HasPrefix(line, "https://") {
-			urls = append(urls, line)
-		} else if line == "" {
-			return urls, nil
-		} else {
-			return nil, fmt.Errorf("invalid format: expected url prefix or empty line")
+		// Parse Headers second.
+		header := make(http.Header)
+		for {
+			line, data, ok = strings.Cut(data, "\n")
+			if !ok {
+				return nil, fmt.Errorf("invalid format: missing empty line after headers")
+			}
+			if line == "" {
+				break
+			}
+			name, value, ok := strings.Cut(line, ": ")
+			value = strings.TrimSpace(value)
+			if !ok || !validHeaderFieldName(name) || !validHeaderFieldValue(value) {
+				return nil, fmt.Errorf("invalid format: invalid header line")
+			}
+			header.Add(name, value)
 		}
+		maps.Copy(credentials, mapHeadersToPrefixes(urls, header))
 	}
+	return credentials, nil
 }
 
 // mapHeadersToPrefixes returns a mapping of prefix → http.Header without
@@ -127,8 +118,8 @@ func buildCommand(command string) (*exec.Cmd, error) {
 func writeResponseToStdin(cmd *exec.Cmd, res *http.Response) error {
 	var output strings.Builder
 	output.WriteString(res.Proto + " " + res.Status + "\n")
-	if err := res.Header.Write(&output); err != nil {
-		return err
+	for k, v := range res.Header {
+		output.WriteString(k + ": " + strings.Join(v, ", ") + "\n")
 	}
 	output.WriteString("\n")
 	cmd.Stdin = strings.NewReader(output.String())

src/cmd/go/internal/auth/userauth_test.go

@@ -7,7 +7,6 @@ package auth
 import (
 	"net/http"
 	"reflect"
-	"strings"
 	"testing"
 )
 
@@ -40,7 +39,7 @@ Data: Test567
 			"Test567",
 		},
 	}
-	credentials, err := parseUserAuth(strings.NewReader(data))
+	credentials, err := parseUserAuth(data)
 	if err != nil {
 		t.Errorf("parseUserAuth(%s): %v", data, err)
 	}
@@ -100,10 +99,55 @@ Authorization: Basic GVuc2VzYW1lYWxhZGRpbjpvc
 Authorization: Basic 1lYWxhZGRplW1lYWxhZGRpbs
 Data: Test567
 
+`,
+		// Continuation in URL line
+		`https://example.com/
+ Authorization: Basic YWxhZGRpbjpvcGVuc2VzYW1l
+`,
+
+		// Continuation in header line
+		`https://example.com
+
+Authorization: Basic YWxhZGRpbjpvcGVuc2VzYW1l
+ Authorization: Basic jpvcGVuc2VzYW1lYWxhZGRpb
+`,
+
+		// Continuation in multiple header lines
+		`https://example.com
+
+Authorization: Basic YWxhZGRpbjpvcGVuc2VzYW1l
+ Authorization: Basic jpvcGVuc2VzYW1lYWxhZGRpb
+ Authorization: Basic dGhpc2lzYWxvbmdzdHJpbmc=
+`,
+
+		// Continuation with mixed spacing
+		`https://example.com
+
+Authorization: Basic YWxhZGRpbjpvcGVuc2VzYW1l
+  Authorization: Basic jpvcGVuc2VzYW1lYWxhZGRpb
+`,
+
+		// Continuation with tab character
+		`https://example.com
+
+Authorization: Basic YWxhZGRpbjpvcGVuc2VzYW1l
+        Authorization: Basic jpvcGVuc2VzYW1lYWxhZGRpb
+`,
+		// Continuation at the start of a block
+		` https://example.com
+
+Authorization: Basic YWxhZGRpbjpvcGVuc2VzYW1l
+`,
+
+		// Continuation after a blank line
+		`https://example.com
+
+
+Authorization: Basic YWxhZGRpbjpvcGVuc2VzYW1l
 `,
 	}
 	for _, tc := range testCases {
-		if credentials, err := parseUserAuth(strings.NewReader(tc)); err == nil {
+		if credentials, err := parseUserAuth(tc); err == nil {
 			t.Errorf("parseUserAuth(%s) should have failed, but got: %v", tc, credentials)
 		}
 	}
@@ -132,7 +176,7 @@ Data: Test567
 			"Test567",
 		},
 	}
-	credentials, err := parseUserAuth(strings.NewReader(data))
+	credentials, err := parseUserAuth(data)
 	if err != nil {
 		t.Errorf("parseUserAuth(%s): %v", data, err)
 	}
@@ -146,7 +190,7 @@ func TestParseUserAuthEmptyHeader(t *testing.T) {
 	data := "https://example.com\n\n\n"
 	// Build the expected header
 	header := http.Header{}
-	credentials, err := parseUserAuth(strings.NewReader(data))
+	credentials, err := parseUserAuth(data)
 	if err != nil {
 		t.Errorf("parseUserAuth(%s): %v", data, err)
 	}
@@ -159,7 +203,7 @@ func TestParseUserAuthEmptyHeader(t *testing.T) {
 func TestParseUserAuthEmpty(t *testing.T) {
 	data := ``
 	// Build the expected header
-	credentials, err := parseUserAuth(strings.NewReader(data))
+	credentials, err := parseUserAuth(data)
 	if err != nil {
 		t.Errorf("parseUserAuth(%s) should have succeeded", data)
 	}

src/cmd/go/internal/cache/cache.go

@@ -38,8 +38,8 @@ type Cache interface {
 	// Get returns the cache entry for the provided ActionID.
 	// On miss, the error type should be of type *entryNotFoundError.
 	//
-	// After a success call to Get, OutputFile(Entry.OutputID) must
-	// exist on disk for until Close is called (at the end of the process).
+	// After a successful call to Get, OutputFile(Entry.OutputID) must
+	// exist on disk until Close is called (at the end of the process).
 	Get(ActionID) (Entry, error)
 
 	// Put adds an item to the cache.
@@ -50,14 +50,14 @@ type Cache interface {
 	// As a special case, if the ReadSeeker is of type noVerifyReadSeeker,
 	// the verification from GODEBUG=goverifycache=1 is skipped.
 	//
-	// After a success call to Get, OutputFile(Entry.OutputID) must
-	// exist on disk for until Close is called (at the end of the process).
+	// After a successful call to Put, OutputFile(OutputID) must
+	// exist on disk until Close is called (at the end of the process).
 	Put(ActionID, io.ReadSeeker) (_ OutputID, size int64, _ error)
 
 	// Close is called at the end of the go process. Implementations can do
 	// cache cleanup work at this phase, or wait for and report any errors from
-	// background cleanup work started earlier. Any cache trimming should in one
-	// process should not violate cause the invariants of this interface to be
+	// background cleanup work started earlier. Any cache trimming in one
+	// process should not cause the invariants of this interface to be
 	// violated in another process. Namely, a cache trim from one process should
 	// not delete an ObjectID from disk that was recently Get or Put from
 	// another process. As a rule of thumb, don't trim things used in the last
@@ -296,19 +296,19 @@ func GetBytes(c Cache, id ActionID) ([]byte, Entry, error) {
 // GetMmap looks up the action ID in the cache and returns
 // the corresponding output bytes.
 // GetMmap should only be used for data that can be expected to fit in memory.
-func GetMmap(c Cache, id ActionID) ([]byte, Entry, error) {
+func GetMmap(c Cache, id ActionID) ([]byte, Entry, bool, error) {
 	entry, err := c.Get(id)
 	if err != nil {
-		return nil, entry, err
+		return nil, entry, false, err
 	}
-	md, err := mmap.Mmap(c.OutputFile(entry.OutputID))
+	md, opened, err := mmap.Mmap(c.OutputFile(entry.OutputID))
 	if err != nil {
-		return nil, Entry{}, err
+		return nil, Entry{}, opened, err
 	}
 	if int64(len(md.Data)) != entry.Size {
-		return nil, Entry{}, &entryNotFoundError{Err: errors.New("file incomplete")}
+		return nil, Entry{}, true, &entryNotFoundError{Err: errors.New("file incomplete")}
 	}
-	return md.Data, entry, nil
+	return md.Data, entry, true, nil
 }
 
 // OutputFile returns the name of the cache file storing output with the given OutputID.

src/cmd/go/internal/cache/default.go

@@ -54,8 +54,8 @@ func initDefaultCache() Cache {
 		base.Fatalf("failed to initialize build cache at %s: %s\n", dir, err)
 	}
 
-	if v := cfg.Getenv("GOCACHEPROG"); v != "" {
-		return startCacheProg(v, diskCache)
+	if cfg.GOCACHEPROG != "" {
+		return startCacheProg(cfg.GOCACHEPROG, diskCache)
 	}
 
 	return diskCache

src/cmd/go/internal/cache/prog.go

@@ -7,6 +7,7 @@ package cache
 import (
 	"bufio"
 	"cmd/go/internal/base"
+	"cmd/go/internal/cacheprog"
 	"cmd/internal/quoted"
 	"context"
 	"crypto/sha256"
@@ -38,7 +39,7 @@ type ProgCache struct {
 
 	// can are the commands that the child process declared that it supports.
 	// This is effectively the versioning mechanism.
-	can map[ProgCmd]bool
+	can map[cacheprog.Cmd]bool
 
 	// fuzzDirCache is another Cache implementation to use for the FuzzDir
 	// method. In practice this is the default GOCACHE disk-based
@@ -55,7 +56,7 @@ type ProgCache struct {
 
 	mu         sync.Mutex // guards following fields
 	nextID     int64
-	inFlight   map[int64]chan<- *ProgResponse
+	inFlight   map[int64]chan<- *cacheprog.Response
 	outputFile map[OutputID]string // object => abs path on disk
 
 	// writeMu serializes writing to the child process.
@@ -63,95 +64,6 @@ type ProgCache struct {
 	writeMu sync.Mutex
 }
 
-// ProgCmd is a command that can be issued to a child process.
-//
-// If the interface needs to grow, we can add new commands or new versioned
-// commands like "get2".
-type ProgCmd string
-
-const (
-	cmdGet   = ProgCmd("get")
-	cmdPut   = ProgCmd("put")
-	cmdClose = ProgCmd("close")
-)
-
-// ProgRequest is the JSON-encoded message that's sent from cmd/go to
-// the GOCACHEPROG child process over stdin. Each JSON object is on its
-// own line. A ProgRequest of Type "put" with BodySize > 0 will be followed
-// by a line containing a base64-encoded JSON string literal of the body.
-type ProgRequest struct {
-	// ID is a unique number per process across all requests.
-	// It must be echoed in the ProgResponse from the child.
-	ID int64
-
-	// Command is the type of request.
-	// The cmd/go tool will only send commands that were declared
-	// as supported by the child.
-	Command ProgCmd
-
-	// ActionID is non-nil for get and puts.
-	ActionID []byte `json:",omitempty"` // or nil if not used
-
-	// OutputID is set for Type "put".
-	//
-	// Prior to Go 1.24, when GOCACHEPROG was still an experiment, this was
-	// accidentally named ObjectID. It was renamed to OutputID in Go 1.24.
-	OutputID []byte `json:",omitempty"` // or nil if not used
-
-	// Body is the body for "put" requests. It's sent after the JSON object
-	// as a base64-encoded JSON string when BodySize is non-zero.
-	// It's sent as a separate JSON value instead of being a struct field
-	// send in this JSON object so large values can be streamed in both directions.
-	// The base64 string body of a ProgRequest will always be written
-	// immediately after the JSON object and a newline.
-	Body io.Reader `json:"-"`
-
-	// BodySize is the number of bytes of Body. If zero, the body isn't written.
-	BodySize int64 `json:",omitempty"`
-
-	// ObjectID is the accidental spelling of OutputID that was used prior to Go
-	// 1.24.
-	//
-	// Deprecated: use OutputID. This field is only populated temporarily for
-	// backwards compatibility with Go 1.23 and earlier when
-	// GOEXPERIMENT=gocacheprog is set. It will be removed in Go 1.25.
-	ObjectID []byte `json:",omitempty"`
-}
-
-// ProgResponse is the JSON response from the child process to cmd/go.
-//
-// With the exception of the first protocol message that the child writes to its
-// stdout with ID==0 and KnownCommands populated, these are only sent in
-// response to a ProgRequest from cmd/go.
-//
-// ProgResponses can be sent in any order. The ID must match the request they're
-// replying to.
-type ProgResponse struct {
-	ID  int64  // that corresponds to ProgRequest; they can be answered out of order
-	Err string `json:",omitempty"` // if non-empty, the error
-
-	// KnownCommands is included in the first message that cache helper program
-	// writes to stdout on startup (with ID==0). It includes the
-	// ProgRequest.Command types that are supported by the program.
-	//
-	// This lets us extend the protocol gracefully over time (adding "get2",
-	// etc), or fail gracefully when needed. It also lets us verify the program
-	// wants to be a cache helper.
-	KnownCommands []ProgCmd `json:",omitempty"`
-
-	// For Get requests.
-
-	Miss     bool       `json:",omitempty"` // cache miss
-	OutputID []byte     `json:",omitempty"`
-	Size     int64      `json:",omitempty"` // in bytes
-	Time     *time.Time `json:",omitempty"` // an Entry.Time; when the object was added to the docs
-
-	// DiskPath is the absolute path on disk of the ObjectID corresponding
-	// a "get" request's ActionID (on cache hit) or a "put" request's
-	// provided ObjectID.
-	DiskPath string `json:",omitempty"`
-}
-
 // startCacheProg starts the prog binary (with optional space-separated flags)
 // and returns a Cache implementation that talks to it.
 //
@@ -183,6 +95,8 @@ func startCacheProg(progAndArgs string, fuzzDirCache Cache) Cache {
 		base.Fatalf("StdinPipe to GOCACHEPROG: %v", err)
 	}
 	cmd.Stderr = os.Stderr
+	// On close, we cancel the context. Rather than killing the helper,
+	// close its stdin.
 	cmd.Cancel = in.Close
 
 	if err := cmd.Start(); err != nil {
@@ -197,14 +111,14 @@ func startCacheProg(progAndArgs string, fuzzDirCache Cache) Cache {
 		stdout:       out,
 		stdin:        in,
 		bw:           bufio.NewWriter(in),
-		inFlight:     make(map[int64]chan<- *ProgResponse),
+		inFlight:     make(map[int64]chan<- *cacheprog.Response),
 		outputFile:   make(map[OutputID]string),
 		readLoopDone: make(chan struct{}),
 	}
 
 	// Register our interest in the initial protocol message from the child to
 	// us, saying what it can do.
-	capResc := make(chan *ProgResponse, 1)
+	capResc := make(chan *cacheprog.Response, 1)
 	pc.inFlight[0] = capResc
 
 	pc.jenc = json.NewEncoder(pc.bw)
@@ -219,7 +133,7 @@ func startCacheProg(progAndArgs string, fuzzDirCache Cache) Cache {
 		case <-timer.C:
 			log.Printf("# still waiting for GOCACHEPROG %v ...", prog)
 		case capRes := <-capResc:
-			can := map[ProgCmd]bool{}
+			can := map[cacheprog.Cmd]bool{}
 			for _, cmd := range capRes.KnownCommands {
 				can[cmd] = true
 			}
@@ -236,9 +150,15 @@ func (c *ProgCache) readLoop(readLoopDone chan<- struct{}) {
 	defer close(readLoopDone)
 	jd := json.NewDecoder(c.stdout)
 	for {
-		res := new(ProgResponse)
+		res := new(cacheprog.Response)
 		if err := jd.Decode(res); err != nil {
 			if c.closing.Load() {
+				c.mu.Lock()
+				for _, ch := range c.inFlight {
+					close(ch)
+				}
+				c.inFlight = nil
+				c.mu.Unlock()
 				return // quietly
 			}
 			if err == io.EOF {
@@ -261,13 +181,18 @@ func (c *ProgCache) readLoop(readLoopDone chan<- struct{}) {
 	}
 }
 
-func (c *ProgCache) send(ctx context.Context, req *ProgRequest) (*ProgResponse, error) {
-	resc := make(chan *ProgResponse, 1)
+var errCacheprogClosed = errors.New("GOCACHEPROG program closed unexpectedly")
+
+func (c *ProgCache) send(ctx context.Context, req *cacheprog.Request) (*cacheprog.Response, error) {
+	resc := make(chan *cacheprog.Response, 1)
 	if err := c.writeToChild(req, resc); err != nil {
 		return nil, err
 	}
 	select {
 	case res := <-resc:
+		if res == nil {
+			return nil, errCacheprogClosed
+		}
 		if res.Err != "" {
 			return nil, errors.New(res.Err)
 		}
@@ -277,8 +202,11 @@ func (c *ProgCache) send(ctx context.Context, req *ProgRequest) (*ProgResponse,
 	}
 }
 
-func (c *ProgCache) writeToChild(req *ProgRequest, resc chan<- *ProgResponse) (err error) {
+func (c *ProgCache) writeToChild(req *cacheprog.Request, resc chan<- *cacheprog.Response) (err error) {
 	c.mu.Lock()
+	if c.inFlight == nil {
+		return errCacheprogClosed
+	}
 	c.nextID++
 	req.ID = c.nextID
 	c.inFlight[req.ID] = resc
@@ -287,7 +215,9 @@ func (c *ProgCache) writeToChild(req *ProgRequest, resc chan<- *ProgResponse) (e
 	defer func() {
 		if err != nil {
 			c.mu.Lock()
-			delete(c.inFlight, req.ID)
+			if c.inFlight != nil {
+				delete(c.inFlight, req.ID)
+			}
 			c.mu.Unlock()
 		}
 	}()
@@ -328,7 +258,7 @@ func (c *ProgCache) writeToChild(req *ProgRequest, resc chan<- *ProgResponse) (e
 }
 
 func (c *ProgCache) Get(a ActionID) (Entry, error) {
-	if !c.can[cmdGet] {
+	if !c.can[cacheprog.CmdGet] {
 		// They can't do a "get". Maybe they're a write-only cache.
 		//
 		// TODO(bradfitz,bcmills): figure out the proper error type here. Maybe
@@ -338,8 +268,8 @@ func (c *ProgCache) Get(a ActionID) (Entry, error) {
 		// error types on the Cache interface.
 		return Entry{}, &entryNotFoundError{}
 	}
-	res, err := c.send(c.ctx, &ProgRequest{
-		Command:  cmdGet,
+	res, err := c.send(c.ctx, &cacheprog.Request{
+		Command:  cacheprog.CmdGet,
 		ActionID: a[:],
 	})
 	if err != nil {
@@ -395,7 +325,7 @@ func (c *ProgCache) Put(a ActionID, file io.ReadSeeker) (_ OutputID, size int64,
 		return OutputID{}, 0, err
 	}
 
-	if !c.can[cmdPut] {
+	if !c.can[cacheprog.CmdPut] {
 		// Child is a read-only cache. Do nothing.
 		return out, size, nil
 	}
@@ -407,8 +337,8 @@ func (c *ProgCache) Put(a ActionID, file io.ReadSeeker) (_ OutputID, size int64,
 		deprecatedValue = out[:]
 	}
 
-	res, err := c.send(c.ctx, &ProgRequest{
-		Command:  cmdPut,
+	res, err := c.send(c.ctx, &cacheprog.Request{
+		Command:  cacheprog.CmdPut,
 		ActionID: a[:],
 		OutputID: out[:],
 		ObjectID: deprecatedValue, // TODO(bradfitz): remove in Go 1.25
@@ -432,10 +362,16 @@ func (c *ProgCache) Close() error {
 	// First write a "close" message to the child so it can exit nicely
 	// and clean up if it wants. Only after that exchange do we cancel
 	// the context that kills the process.
-	if c.can[cmdClose] {
-		_, err = c.send(c.ctx, &ProgRequest{Command: cmdClose})
+	if c.can[cacheprog.CmdClose] {
+		_, err = c.send(c.ctx, &cacheprog.Request{Command: cacheprog.CmdClose})
+		if errors.Is(err, errCacheprogClosed) {
+			// Allow the child to quit without responding to close.
+			err = nil
+		}
 	}
+	// Cancel the context, which will close the helper's stdin.
 	c.ctxCancel()
+	// Wait until the helper closes its stdout.
 	<-c.readLoopDone
 	return err
 }

src/cmd/go/internal/cacheprog/cacheprog.go

@@ -0,0 +1,137 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package cacheprog defines the protocol for a GOCACHEPROG program.
+//
+// By default, the go command manages a build cache stored in the file system
+// itself. GOCACHEPROG can be set to the name of a command (with optional
+// space-separated flags) that implements the go command build cache externally.
+// This permits defining a different cache policy.
+//
+// The go command will start the GOCACHEPROG as a subprocess and communicate
+// with it via JSON messages over stdin/stdout. The subprocess's stderr will be
+// connected to the go command's stderr.
+//
+// The subprocess should immediately send a [Response] with its capabilities.
+// After that, the go command will send a stream of [Request] messages and the
+// subprocess should reply to each [Request] with a [Response] message.
+package cacheprog
+
+import (
+	"io"
+	"time"
+)
+
+// Cmd is a command that can be issued to a child process.
+//
+// If the interface needs to grow, the go command can add new commands or new
+// versioned commands like "get2" in the future. The initial [Response] from
+// the child process indicates which commands it supports.
+type Cmd string
+
+const (
+	// CmdPut tells the cache program to store an object in the cache.
+	//
+	// [Request.ActionID] is the cache key of this object. The cache should
+	// store [Request.OutputID] and [Request.Body] under this key for a
+	// later "get" request. It must also store the Body in a file in the local
+	// file system and return the path to that file in [Response.DiskPath],
+	// which must exist at least until a "close" request.
+	CmdPut = Cmd("put")
+
+	// CmdGet tells the cache program to retrieve an object from the cache.
+	//
+	// [Request.ActionID] specifies the key of the object to get. If the
+	// cache does not contain this object, it should set [Response.Miss] to
+	// true. Otherwise, it should populate the fields of [Response],
+	// including setting [Response.OutputID] to the OutputID of the original
+	// "put" request and [Response.DiskPath] to the path of a local file
+	// containing the Body of the original "put" request. That file must
+	// continue to exist at least until a "close" request.
+	CmdGet = Cmd("get")
+
+	// CmdClose requests that the cache program exit gracefully.
+	//
+	// The cache program should reply to this request and then exit
+	// (thus closing its stdout).
+	CmdClose = Cmd("close")
+)
+
+// Request is the JSON-encoded message that's sent from the go command to
+// the GOCACHEPROG child process over stdin. Each JSON object is on its own
+// line. A ProgRequest of Type "put" with BodySize > 0 will be followed by a
+// line containing a base64-encoded JSON string literal of the body.
+type Request struct {
+	// ID is a unique number per process across all requests.
+	// It must be echoed in the Response from the child.
+	ID int64
+
+	// Command is the type of request.
+	// The go command will only send commands that were declared
+	// as supported by the child.
+	Command Cmd
+
+	// ActionID is the cache key for "put" and "get" requests.
+	ActionID []byte `json:",omitempty"` // or nil if not used
+
+	// OutputID is stored with the body for "put" requests.
+	//
+	// Prior to Go 1.24, when GOCACHEPROG was still an experiment, this was
+	// accidentally named ObjectID. It was renamed to OutputID in Go 1.24.
+	OutputID []byte `json:",omitempty"` // or nil if not used
+
+	// Body is the body for "put" requests. It's sent after the JSON object
+	// as a base64-encoded JSON string when BodySize is non-zero.
+	// It's sent as a separate JSON value instead of being a struct field
+	// send in this JSON object so large values can be streamed in both directions.
+	// The base64 string body of a Request will always be written
+	// immediately after the JSON object and a newline.
+	Body io.Reader `json:"-"`
+
+	// BodySize is the number of bytes of Body. If zero, the body isn't written.
+	BodySize int64 `json:",omitempty"`
+
+	// ObjectID is the accidental spelling of OutputID that was used prior to Go
+	// 1.24.
+	//
+	// Deprecated: use OutputID. This field is only populated temporarily for
+	// backwards compatibility with Go 1.23 and earlier when
+	// GOEXPERIMENT=gocacheprog is set. It will be removed in Go 1.25.
+	ObjectID []byte `json:",omitempty"`
+}
+
+// Response is the JSON response from the child process to the go command.
+//
+// With the exception of the first protocol message that the child writes to its
+// stdout with ID==0 and KnownCommands populated, these are only sent in
+// response to a Request from the go command.
+//
+// Responses can be sent in any order. The ID must match the request they're
+// replying to.
+type Response struct {
+	ID  int64  // that corresponds to Request; they can be answered out of order
+	Err string `json:",omitempty"` // if non-empty, the error
+
+	// KnownCommands is included in the first message that cache helper program
+	// writes to stdout on startup (with ID==0). It includes the
+	// Request.Command types that are supported by the program.
+	//
+	// This lets the go command extend the protocol gracefully over time (adding
+	// "get2", etc), or fail gracefully when needed. It also lets the go command
+	// verify the program wants to be a cache helper.
+	KnownCommands []Cmd `json:",omitempty"`
+
+	// For "get" requests.
+
+	Miss     bool       `json:",omitempty"` // cache miss
+	OutputID []byte     `json:",omitempty"` // the ObjectID stored with the body
+	Size     int64      `json:",omitempty"` // body size in bytes
+	Time     *time.Time `json:",omitempty"` // when the object was put in the cache (optional; used for cache expiration)
+
+	// For "get" and "put" requests.
+
+	// DiskPath is the absolute path on disk of the body corresponding to a
+	// "get" (on cache hit) or "put" request's ActionID.
+	DiskPath string `json:",omitempty"`
+}

src/cmd/go/internal/cfg/cfg.go

@@ -425,8 +425,9 @@ var (
 	GOROOTpkg string
 	GOROOTsrc string
 
-	GOBIN                         = Getenv("GOBIN")
-	GOMODCACHE, GOMODCACHEChanged = EnvOrAndChanged("GOMODCACHE", gopathDir("pkg/mod"))
+	GOBIN                           = Getenv("GOBIN")
+	GOCACHEPROG, GOCACHEPROGChanged = EnvOrAndChanged("GOCACHEPROG", "")
+	GOMODCACHE, GOMODCACHEChanged   = EnvOrAndChanged("GOMODCACHE", gopathDir("pkg/mod"))
 
 	// Used in envcmd.MkEnv and build ID computations.
 	GOARM64, goARM64Changed     = EnvOrAndChanged("GOARM64", buildcfg.DefaultGOARM64)

src/cmd/go/internal/envcmd/env.go

@@ -85,6 +85,7 @@ func MkEnv() []cfg.EnvVar {
 		{Name: "GOAUTH", Value: cfg.GOAUTH, Changed: cfg.GOAUTHChanged},
 		{Name: "GOBIN", Value: cfg.GOBIN},
 		{Name: "GOCACHE"},
+		{Name: "GOCACHEPROG", Value: cfg.GOCACHEPROG, Changed: cfg.GOCACHEPROGChanged},
 		{Name: "GODEBUG", Value: os.Getenv("GODEBUG")},
 		{Name: "GOENV", Value: envFile, Changed: envFileChanged},
 		{Name: "GOEXE", Value: cfg.ExeSuffix},

src/cmd/go/internal/fips140/fips140.go

@@ -40,14 +40,8 @@
 //
 //	GOFIPS140=latest go build -work my/binary
 //
-// will leave fips.o behind in $WORK/b001. Auditors like to be able to
-// see that file. Accordingly, when [Enabled] returns true,
-// [cmd/go/internal/work.Builder.useCache] arranges never to cache linker
-// output, so that the link step always runs, and fips.o is always left
-// behind in the link step. If this proves too slow, we could always
-// cache fips.o as an extra link output and then restore it when -work is
-// set, but we went a very long time never caching link steps at all, so
-// not caching them in FIPS mode seems perfectly fine.
+// will leave fips.o behind in $WORK/b001
+// (unless the build result is cached, of course).
 //
 // When GOFIPS140 is set to something besides off and latest, [Snapshot]
 // returns true, indicating that the build should replace the latest copy
@@ -119,6 +113,14 @@ func Init() {
 	if Snapshot() {
 		fsys.Bind(Dir(), filepath.Join(cfg.GOROOT, "src/crypto/internal/fips140"))
 	}
+
+	// ExperimentErr != nil if GOEXPERIMENT failed to parse. Typically
+	// cmd/go main will exit in this case, but it is allowed during
+	// toolchain selection, as the GOEXPERIMENT may be valid for the
+	// selected toolchain version.
+	if cfg.ExperimentErr == nil && cfg.Experiment.BoringCrypto && Enabled() {
+		base.Fatalf("go: cannot use GOFIPS140 with GOEXPERIMENT=boringcrypto")
+	}
 }
 
 var initDone bool

src/cmd/go/internal/fips140/mkzip.go

@@ -27,10 +27,10 @@ import (
 	"log"
 	"os"
 	"path/filepath"
-	"regexp"
 	"strings"
 
 	"golang.org/x/mod/module"
+	"golang.org/x/mod/semver"
 	modzip "golang.org/x/mod/zip"
 )
 
@@ -61,7 +61,7 @@ func main() {
 
 	// Must have valid version, and must not overwrite existing file.
 	version := flag.Arg(0)
-	if !regexp.MustCompile(`^v\d+\.\d+\.\d+$`).MatchString(version) {
+	if semver.Canonical(version) != version {
 		log.Fatalf("invalid version %q; must be vX.Y.Z", version)
 	}
 	if _, err := os.Stat(version + ".zip"); err == nil {
@@ -95,6 +95,7 @@ func main() {
 
 	var zbuf2 bytes.Buffer
 	zw := zip.NewWriter(&zbuf2)
+	foundVersion := false
 	for _, f := range zr.File {
 		// golang.org/fips140@v1.2.3/dir/file.go ->
 		// golang.org/fips140@v1.2.3/fips140/v1.2.3/dir/file.go
@@ -102,6 +103,34 @@ func main() {
 			f.Name = "golang.org/fips140@" + version + "/fips140/" + version +
 				strings.TrimPrefix(f.Name, "golang.org/fips140@"+version)
 		}
+		// Inject version in [crypto/internal/fips140.Version].
+		if f.Name == "golang.org/fips140@"+version+"/fips140/"+version+"/fips140.go" {
+			rf, err := f.Open()
+			if err != nil {
+				log.Fatal(err)
+			}
+			contents, err := io.ReadAll(rf)
+			if err != nil {
+				log.Fatal(err)
+			}
+			returnLine := `return "latest" //mkzip:version`
+			if !bytes.Contains(contents, []byte(returnLine)) {
+				log.Fatalf("did not find %q in fips140.go", returnLine)
+			}
+			// Use only the vX.Y.Z part of a possible vX.Y.Z-hash version.
+			v, _, _ := strings.Cut(version, "-")
+			newLine := `return "` + v + `"`
+			contents = bytes.ReplaceAll(contents, []byte(returnLine), []byte(newLine))
+			wf, err := zw.Create(f.Name)
+			if err != nil {
+				log.Fatal(err)
+			}
+			if _, err := wf.Write(contents); err != nil {
+				log.Fatal(err)
+			}
+			foundVersion = true
+			continue
+		}
 		wf, err := zw.CreateRaw(&f.FileHeader)
 		if err != nil {
 			log.Fatal(err)
@@ -117,6 +146,9 @@ func main() {
 	if err := zw.Close(); err != nil {
 		log.Fatal(err)
 	}
+	if !foundVersion {
+		log.Fatal("did not find fips140.go file")
+	}
 
 	err = os.WriteFile(version+".zip", zbuf2.Bytes(), 0666)
 	if err != nil {

src/cmd/go/internal/gover/mod.go

@@ -109,6 +109,9 @@ func ModIsPrefix(path, vers string) bool {
 // The caller is assumed to have checked that ModIsValid(path, vers) is true.
 func ModIsPrerelease(path, vers string) bool {
 	if IsToolchain(path) {
+		if path == "toolchain" {
+			return IsPrerelease(FromToolchain(vers))
+		}
 		return IsPrerelease(vers)
 	}
 	return semver.Prerelease(vers) != ""

src/cmd/go/internal/help/helpdoc.go

@@ -17,7 +17,7 @@ information on how to use it see the cgo documentation (go doc cmd/cgo).
 
 The second is the SWIG program, which is a general tool for
 interfacing between languages. For information on SWIG see
-http://swig.org/. When running go build, any file with a .swig
+https://swig.org/. When running go build, any file with a .swig
 extension will be passed to SWIG. Any file with a .swigcxx extension
 will be passed to SWIG with the -c++ option.
 
@@ -270,11 +270,7 @@ the go tool will verify that https://example.org/?go-get=1 contains the
 same meta tag and then git clone https://code.org/r/p/exproj into
 GOPATH/src/example.org.
 
-When using GOPATH, downloaded packages are written to the first directory
-listed in the GOPATH environment variable.
-(See 'go help gopath-get' and 'go help gopath'.)
-
-When using modules, downloaded packages are stored in the module cache.
+Downloaded packages are stored in the module cache.
 See https://golang.org/ref/mod#module-cache.
 
 When using modules, an additional variant of the go-import meta tag is
@@ -510,9 +506,14 @@ General-purpose environment variables:
 	GOCACHE
 		The directory where the go command will store cached
 		information for reuse in future builds.
+	GOCACHEPROG
+		A command (with optional space-separated flags) that implements an
+		external go command build cache.
+		See 'go doc cmd/go/internal/cacheprog'.
 	GODEBUG
-		Enable various debugging facilities. See https://go.dev/doc/godebug
-		for details.
+		Enable various debugging facilities for programs built with Go,
+		including the go command. Cannot be set using 'go env -w'.
+		See https://go.dev/doc/godebug for details.
 	GOENV
 		The location of the Go environment configuration file.
 		Cannot be set using 'go env -w'.
@@ -620,6 +621,11 @@ Architecture-specific environment variables:
 	GOARM
 		For GOARCH=arm, the ARM architecture for which to compile.
 		Valid values are 5, 6, 7.
+		When the Go tools are built on an arm system,
+		the default value is set based on what the build system supports.
+		When the Go tools are not built on an arm system
+		(that is, when building a cross-compiler),
+		the default value is 7.
 		The value can be followed by an option specifying how to implement floating point instructions.
 		Valid options are ,softfloat (default for 5) and ,hardfloat (default for 6 and 7).
 	GOARM64
@@ -1029,7 +1035,7 @@ command
 		Example: Data
 
 	If the server responds with any 4xx code, the go command will write the
-	following to the programs' stdin:
+	following to the program's stdin:
 		Response      = StatusLine { HeaderLine } BlankLine .
 		StatusLine    = Protocol Space Status '\n' .
 		Protocol      = /* HTTP protocol */ .
@@ -1044,8 +1050,7 @@ command
 		Content-Type: text/plain; charset=utf-8
 		Date: Thu, 07 Nov 2024 18:43:09 GMT
 
-	Note: at least for HTTP 1.1, the contents written to stdin can be parsed
-	as an HTTP response.
+	Note: it is safe to use net/http.ReadResponse to parse this input.
 
 Before the first HTTPS fetch, the go command will invoke each GOAUTH
 command in the list with no additional arguments and no input.
@@ -1097,7 +1102,7 @@ Furthermore, as with TestEvent, parsers can simply concatenate the Output
 fields of all events to reconstruct the text format output, as it would
 have appeared from go build without the -json flag.
 
-Note that there may also be non-JSON error text on stdnard error, even
+Note that there may also be non-JSON error text on standard error, even
 with the -json flag. Typically, this indicates an early, serious error.
 Consumers should be robust to this.
 	`,

src/cmd/go/internal/load/pkg.go

@@ -2474,7 +2474,6 @@ func (p *Package) setBuildInfo(ctx context.Context, autoVCS bool) {
 	var repoDir string
 	var vcsCmd *vcs.Cmd
 	var err error
-	const allowNesting = true
 
 	wantVCS := false
 	switch cfg.BuildBuildvcs {
@@ -2494,7 +2493,7 @@ func (p *Package) setBuildInfo(ctx context.Context, autoVCS bool) {
 			// (so the bootstrap toolchain packages don't even appear to be in GOROOT).
 			goto omitVCS
 		}
-		repoDir, vcsCmd, err = vcs.FromDir(base.Cwd(), "", allowNesting)
+		repoDir, vcsCmd, err = vcs.FromDir(base.Cwd(), "")
 		if err != nil && !errors.Is(err, os.ErrNotExist) {
 			setVCSError(err)
 			return
@@ -2517,10 +2516,11 @@ func (p *Package) setBuildInfo(ctx context.Context, autoVCS bool) {
 	}
 	if repoDir != "" && vcsCmd.Status != nil {
 		// Check that the current directory, package, and module are in the same
-		// repository. vcs.FromDir allows nested Git repositories, but nesting
-		// is not allowed for other VCS tools. The current directory may be outside
-		// p.Module.Dir when a workspace is used.
-		pkgRepoDir, _, err := vcs.FromDir(p.Dir, "", allowNesting)
+		// repository. vcs.FromDir disallows nested VCS and multiple VCS in the
+		// same repository, unless the GODEBUG allowmultiplevcs is set. The
+		// current directory may be outside p.Module.Dir when a workspace is
+		// used.
+		pkgRepoDir, _, err := vcs.FromDir(p.Dir, "")
 		if err != nil {
 			setVCSError(err)
 			return
@@ -2532,7 +2532,7 @@ func (p *Package) setBuildInfo(ctx context.Context, autoVCS bool) {
 			}
 			goto omitVCS
 		}
-		modRepoDir, _, err := vcs.FromDir(p.Module.Dir, "", allowNesting)
+		modRepoDir, _, err := vcs.FromDir(p.Module.Dir, "")
 		if err != nil {
 			setVCSError(err)
 			return
@@ -2571,7 +2571,12 @@ func (p *Package) setBuildInfo(ctx context.Context, autoVCS bool) {
 		vers := revInfo.Version
 		if vers != "" {
 			if st.Uncommitted {
-				vers += "+dirty"
+				// SemVer build metadata is dot-separated https://semver.org/#spec-item-10
+				if strings.HasSuffix(vers, "+incompatible") {
+					vers += ".dirty"
+				} else {
+					vers += "+dirty"
+				}
 			}
 			info.Main.Version = vers
 		}
@@ -3068,7 +3073,15 @@ func setPGOProfilePath(pkgs []*Package) {
 // CheckPackageErrors prints errors encountered loading pkgs and their
 // dependencies, then exits with a non-zero status if any errors were found.
 func CheckPackageErrors(pkgs []*Package) {
-	var anyIncomplete bool
+	PackageErrors(pkgs, func(p *Package) {
+		DefaultPrinter().Errorf(p, "%v", p.Error)
+	})
+	base.ExitIfErrors()
+}
+
+// PackageErrors calls report for errors encountered loading pkgs and their dependencies.
+func PackageErrors(pkgs []*Package, report func(*Package)) {
+	var anyIncomplete, anyErrors bool
 	for _, pkg := range pkgs {
 		if pkg.Incomplete {
 			anyIncomplete = true
@@ -3078,11 +3091,14 @@ func CheckPackageErrors(pkgs []*Package) {
 		all := PackageList(pkgs)
 		for _, p := range all {
 			if p.Error != nil {
-				DefaultPrinter().Errorf(p, "%v", p.Error)
+				report(p)
+				anyErrors = true
 			}
 		}
 	}
-	base.ExitIfErrors()
+	if anyErrors {
+		return
+	}
 
 	// Check for duplicate loads of the same package.
 	// That should be impossible, but if it does happen then
@@ -3105,7 +3121,9 @@ func CheckPackageErrors(pkgs []*Package) {
 		}
 		seen[key] = true
 	}
-	base.ExitIfErrors()
+	if len(reported) > 0 {
+		base.ExitIfErrors()
+	}
 }
 
 // mainPackagesOnly filters out non-main packages matched only by arguments

src/cmd/go/internal/mmap/mmap.go

@@ -22,10 +22,11 @@ type Data struct {
 }
 
 // Mmap maps the given file into memory.
-func Mmap(file string) (Data, error) {
+func Mmap(file string) (Data, bool, error) {
 	f, err := os.Open(file)
 	if err != nil {
-		return Data{}, err
+		return Data{}, false, err
 	}
-	return mmapFile(f)
+	data, err := mmapFile(f)
+	return data, true, err
 }

src/cmd/go/internal/mmap/mmap_test.go

@@ -0,0 +1,32 @@
+// Copyright 2025 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package mmap
+
+import (
+	"bytes"
+	"testing"
+)
+
+// TestMmap does a round trip to make sure the slice returned by
+// mmap contains the same data as was written to the file. It's
+// a test on one of the issues in #71059: on Windows we were
+// returning a slice containing all the data in the mmapped pages,
+// which could be longer than the file.
+func TestMmap(t *testing.T) {
+	// Use an already existing file as our test data. Avoid creating
+	// a temporary file so that we don't have to close the mapping on
+	// Windows before deleting the file during test cleanup.
+	f := "testdata/small_file.txt"
+
+	want := []byte("This file is shorter than 4096 bytes.\n")
+
+	data, _, err := Mmap(f)
+	if err != nil {
+		t.Fatalf("calling Mmap: %v", err)
+	}
+	if !bytes.Equal(data.Data, want) {
+		t.Fatalf("mmapped data slice: got %q; want %q", data.Data, want)
+	}
+}

src/cmd/go/internal/mmap/mmap_windows.go

@@ -37,5 +37,11 @@ func mmapFile(f *os.File) (Data, error) {
 		return Data{}, fmt.Errorf("VirtualQuery %s: %w", f.Name(), err)
 	}
 	data := unsafe.Slice((*byte)(unsafe.Pointer(addr)), int(info.RegionSize))
-	return Data{f, data}, nil
+	if len(data) < int(size) {
+		// In some cases, especially on 386, we may not receive a in incomplete mapping:
+		// one that is shorter than the file itself. Return an error in those cases because
+		// incomplete mappings are not useful.
+		return Data{}, fmt.Errorf("mmapFile: received incomplete mapping of file")
+	}
+	return Data{f, data[:int(size)]}, nil
 }

src/cmd/go/internal/mmap/testdata/small_file.txt

@@ -0,0 +1 @@
+This file is shorter than 4096 bytes.

src/cmd/go/internal/modfetch/cache.go

@@ -113,6 +113,13 @@ func DownloadDir(ctx context.Context, m module.Version) (string, error) {
 		return dir, err
 	}
 
+	// Special case: ziphash is not required for the golang.org/fips140 module,
+	// because it is unpacked from a file in GOROOT, not downloaded.
+	// We've already checked that it's not a partial unpacking, so we're happy.
+	if m.Path == "golang.org/fips140" {
+		return dir, nil
+	}
+
 	// Check if a .ziphash file exists. It should be created before the
 	// zip is extracted, but if it was deleted (by another program?), we need
 	// to re-calculate it. Note that checkMod will repopulate the ziphash

src/cmd/go/internal/modfetch/codehost/git.go

@@ -649,7 +649,21 @@ func (r *gitRepo) statLocal(ctx context.Context, version, rev string) (*RevInfo,
 			}
 		}
 	}
-	sort.Strings(info.Tags)
+
+	// Git 2.47.1 does not send the tags during shallow clone anymore
+	// (perhaps the exact version that changed behavior is an earlier one),
+	// so we have to also add tags from the refs list we fetched with ls-remote.
+	if refs, err := r.loadRefs(ctx); err == nil {
+		for ref, h := range refs {
+			if h == hash {
+				if tag, found := strings.CutPrefix(ref, "refs/tags/"); found {
+					info.Tags = append(info.Tags, tag)
+				}
+			}
+		}
+	}
+	slices.Sort(info.Tags)
+	info.Tags = slices.Compact(info.Tags)
 
 	// Used hash as info.Version above.
 	// Use caller's suggested version if it appears in the tag list