From a65a2bbd8e58cd77dbff8a751dbd6079424beb05 Mon Sep 17 00:00:00 2001 From: Dmitri Shuralyov Date: Wed, 3 Apr 2024 13:16:43 -0400 Subject: [PATCH 01/10] [release-branch.go1.22] all: tidy dependency versioning after release Done with: go get golang.org/x/net@internal-branch.go1.22-vendor go mod tidy go mod vendor go generate net/http # zero diff since CL 576076 already did this For CVE-2023-45288. For #65051. For #66298. Change-Id: I2a0d69145d711a73eda92ef5ad4010c7c435f621 Reviewed-on: https://go-review.googlesource.com/c/go/+/576255 Reviewed-by: Dmitri Shuralyov Auto-Submit: Dmitri Shuralyov TryBot-Bypass: Dmitri Shuralyov Reviewed-by: Than McIntosh --- src/cmd/internal/moddeps/moddeps_test.go | 2 -- src/go.mod | 2 +- src/go.sum | 4 ++-- src/vendor/modules.txt | 2 +- 4 files changed, 4 insertions(+), 6 deletions(-) diff --git a/src/cmd/internal/moddeps/moddeps_test.go b/src/cmd/internal/moddeps/moddeps_test.go index 8adc653a2f4847..3d4c99eecb46ba 100644 --- a/src/cmd/internal/moddeps/moddeps_test.go +++ b/src/cmd/internal/moddeps/moddeps_test.go @@ -33,8 +33,6 @@ import ( // See issues 36852, 41409, and 43687. // (Also see golang.org/issue/27348.) func TestAllDependencies(t *testing.T) { - t.Skip("TODO(#65051): 1.22.2 contains unreleased changes from vendored modules") - goBin := testenv.GoToolPath(t) // Ensure that all packages imported within GOROOT diff --git a/src/go.mod b/src/go.mod index 04bb1b358c4f47..a74fab1e9a51bf 100644 --- a/src/go.mod +++ b/src/go.mod @@ -4,7 +4,7 @@ go 1.22 require ( golang.org/x/crypto v0.16.1-0.20231129163542-152cdb1503eb - golang.org/x/net v0.19.1-0.20240327214321-ae3c50b55fdf + golang.org/x/net v0.19.1-0.20240403170707-76ee45185083 ) require ( diff --git a/src/go.sum b/src/go.sum index 28d78419260690..3cbcd58b5cca1f 100644 --- a/src/go.sum +++ b/src/go.sum @@ -1,7 +1,7 @@ golang.org/x/crypto v0.16.1-0.20231129163542-152cdb1503eb h1:1ceSY7sk6sJuiDREHpfyrqDnDljsLfEP2GuTClhBBfI= golang.org/x/crypto v0.16.1-0.20231129163542-152cdb1503eb/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= -golang.org/x/net v0.19.1-0.20240327214321-ae3c50b55fdf h1:zcMReZfxLPmppTre5oSNPSOgoTRtOplx+QV25LkyAto= -golang.org/x/net v0.19.1-0.20240327214321-ae3c50b55fdf/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= +golang.org/x/net v0.19.1-0.20240403170707-76ee45185083 h1:8tdFD3C1Gb+KNXEUMnvI+1IE/OvT1UG6CuelnIAPIk0= +golang.org/x/net v0.19.1-0.20240403170707-76ee45185083/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= diff --git a/src/vendor/modules.txt b/src/vendor/modules.txt index 8c555d28c5a831..7edc29d7cfc8ec 100644 --- a/src/vendor/modules.txt +++ b/src/vendor/modules.txt @@ -7,7 +7,7 @@ golang.org/x/crypto/cryptobyte/asn1 golang.org/x/crypto/hkdf golang.org/x/crypto/internal/alias golang.org/x/crypto/internal/poly1305 -# golang.org/x/net v0.19.1-0.20240327214321-ae3c50b55fdf +# golang.org/x/net v0.19.1-0.20240403170707-76ee45185083 ## explicit; go 1.18 golang.org/x/net/dns/dnsmessage golang.org/x/net/http/httpguts From d6c972ad41043f38bfa31f3c7036e6d8a3361f2d Mon Sep 17 00:00:00 2001 From: Dmitri Shuralyov Date: Fri, 12 Apr 2024 15:46:09 -0400 Subject: [PATCH 02/10] [release-branch.go1.22] net/http: update bundled golang.org/x/net/http2 Pull in CL 578338: db050b07 http2: send correct LastStreamID in stream-caused GOAWAY For #66668. Fixes #66698. Change-Id: Ie7cbc44cd559eb8bc34f6c4ad4ead678ec2f55ef Reviewed-on: https://go-review.googlesource.com/c/go/+/578358 Reviewed-by: Carlos Amedee Reviewed-by: Dmitri Shuralyov LUCI-TryBot-Result: Go LUCI --- src/go.mod | 2 +- src/go.sum | 4 ++-- src/net/http/h2_bundle.go | 22 +++++++++++++++------- src/vendor/modules.txt | 2 +- 4 files changed, 19 insertions(+), 11 deletions(-) diff --git a/src/go.mod b/src/go.mod index a74fab1e9a51bf..737d78da5d9b40 100644 --- a/src/go.mod +++ b/src/go.mod @@ -4,7 +4,7 @@ go 1.22 require ( golang.org/x/crypto v0.16.1-0.20231129163542-152cdb1503eb - golang.org/x/net v0.19.1-0.20240403170707-76ee45185083 + golang.org/x/net v0.19.1-0.20240412193750-db050b07227e ) require ( diff --git a/src/go.sum b/src/go.sum index 3cbcd58b5cca1f..86d173c9e6ff99 100644 --- a/src/go.sum +++ b/src/go.sum @@ -1,7 +1,7 @@ golang.org/x/crypto v0.16.1-0.20231129163542-152cdb1503eb h1:1ceSY7sk6sJuiDREHpfyrqDnDljsLfEP2GuTClhBBfI= golang.org/x/crypto v0.16.1-0.20231129163542-152cdb1503eb/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= -golang.org/x/net v0.19.1-0.20240403170707-76ee45185083 h1:8tdFD3C1Gb+KNXEUMnvI+1IE/OvT1UG6CuelnIAPIk0= -golang.org/x/net v0.19.1-0.20240403170707-76ee45185083/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= +golang.org/x/net v0.19.1-0.20240412193750-db050b07227e h1:oDnvqaqHo3ho8OChMtkQbQAyp9eqnm3J7JRtt0+Cabc= +golang.org/x/net v0.19.1-0.20240412193750-db050b07227e/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= diff --git a/src/net/http/h2_bundle.go b/src/net/http/h2_bundle.go index 75454dba38e637..c1a2e76ea4d394 100644 --- a/src/net/http/h2_bundle.go +++ b/src/net/http/h2_bundle.go @@ -1894,6 +1894,9 @@ func http2terminalReadFrameError(err error) bool { // returned error is ErrFrameTooLarge. Other errors may be of type // ConnectionError, StreamError, or anything else from the underlying // reader. +// +// If ReadFrame returns an error and a non-nil Frame, the Frame's StreamID +// indicates the stream responsible for the error. func (fr *http2Framer) ReadFrame() (http2Frame, error) { fr.errDetail = nil if fr.lastFrame != nil { @@ -2926,7 +2929,7 @@ func (fr *http2Framer) maxHeaderStringLen() int { // readMetaFrame returns 0 or more CONTINUATION frames from fr and // merge them into the provided hf and returns a MetaHeadersFrame // with the decoded hpack values. -func (fr *http2Framer) readMetaFrame(hf *http2HeadersFrame) (*http2MetaHeadersFrame, error) { +func (fr *http2Framer) readMetaFrame(hf *http2HeadersFrame) (http2Frame, error) { if fr.AllowIllegalReads { return nil, errors.New("illegal use of AllowIllegalReads with ReadMetaHeaders") } @@ -2996,8 +2999,8 @@ func (fr *http2Framer) readMetaFrame(hf *http2HeadersFrame) (*http2MetaHeadersFr log.Printf("http2: header list too large") } // It would be nice to send a RST_STREAM before sending the GOAWAY, - // but the struture of the server's frame writer makes this difficult. - return nil, http2ConnectionError(http2ErrCodeProtocol) + // but the structure of the server's frame writer makes this difficult. + return mh, http2ConnectionError(http2ErrCodeProtocol) } // Also close the connection after any CONTINUATION frame following an @@ -3008,12 +3011,12 @@ func (fr *http2Framer) readMetaFrame(hf *http2HeadersFrame) (*http2MetaHeadersFr log.Printf("http2: invalid header: %v", invalid) } // It would be nice to send a RST_STREAM before sending the GOAWAY, - // but the struture of the server's frame writer makes this difficult. - return nil, http2ConnectionError(http2ErrCodeProtocol) + // but the structure of the server's frame writer makes this difficult. + return mh, http2ConnectionError(http2ErrCodeProtocol) } if _, err := hdec.Write(frag); err != nil { - return nil, http2ConnectionError(http2ErrCodeCompression) + return mh, http2ConnectionError(http2ErrCodeCompression) } if hc.HeadersEnded() { @@ -3030,7 +3033,7 @@ func (fr *http2Framer) readMetaFrame(hf *http2HeadersFrame) (*http2MetaHeadersFr mh.http2HeadersFrame.invalidate() if err := hdec.Close(); err != nil { - return nil, http2ConnectionError(http2ErrCodeCompression) + return mh, http2ConnectionError(http2ErrCodeCompression) } if invalid != nil { fr.errDetail = invalid @@ -5297,6 +5300,11 @@ func (sc *http2serverConn) processFrameFromReader(res http2readFrameResult) bool sc.goAway(http2ErrCodeFlowControl) return true case http2ConnectionError: + if res.f != nil { + if id := res.f.Header().StreamID; id > sc.maxClientStreamID { + sc.maxClientStreamID = id + } + } sc.logf("http2: server connection error from %v: %v", sc.conn.RemoteAddr(), ev) sc.goAway(http2ErrCode(ev)) return true // goAway will handle shutdown diff --git a/src/vendor/modules.txt b/src/vendor/modules.txt index 7edc29d7cfc8ec..9a234e59b10c8c 100644 --- a/src/vendor/modules.txt +++ b/src/vendor/modules.txt @@ -7,7 +7,7 @@ golang.org/x/crypto/cryptobyte/asn1 golang.org/x/crypto/hkdf golang.org/x/crypto/internal/alias golang.org/x/crypto/internal/poly1305 -# golang.org/x/net v0.19.1-0.20240403170707-76ee45185083 +# golang.org/x/net v0.19.1-0.20240412193750-db050b07227e ## explicit; go 1.18 golang.org/x/net/dns/dnsmessage golang.org/x/net/http/httpguts From 12c11770454d95c0add4ce5620d1e0ddde68063c Mon Sep 17 00:00:00 2001 From: "Paul E. Murphy" Date: Mon, 22 Apr 2024 16:16:30 -0500 Subject: [PATCH 03/10] [release-branch.go1.22] cmd/internal/obj/ppc64: fix incorrect int to int64 conversion when checking MOVD opcodes A type conversion from int to int64 was done in the wrong place causing some MOVD $const, Rx operations to be incorrectly transformed on 32 bit hosts cross-compiling for ppc64x. Fixes #67018 Change-Id: I023ba267a8dac6d6bd22f8146c0d9d2d473bc5c1 Reviewed-on: https://go-review.googlesource.com/c/go/+/580796 Reviewed-by: Mauri de Souza Meneguzzo Reviewed-by: Joedian Reid Reviewed-by: Lynn Boger Reviewed-by: Cherry Mui LUCI-TryBot-Result: Go LUCI Reviewed-on: https://go-review.googlesource.com/c/go/+/581455 --- src/cmd/asm/internal/asm/testdata/ppc64.s | 4 ++++ src/cmd/internal/obj/ppc64/obj9.go | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/src/cmd/asm/internal/asm/testdata/ppc64.s b/src/cmd/asm/internal/asm/testdata/ppc64.s index 01052b49e7e65d..f84bc1491439a7 100644 --- a/src/cmd/asm/internal/asm/testdata/ppc64.s +++ b/src/cmd/asm/internal/asm/testdata/ppc64.s @@ -52,6 +52,9 @@ TEXT asmtest(SB),DUPOK|NOSPLIT,$0 // Hex constant 0xFFFFFFFE00000001 MOVD $-8589934591, R5 // 38a0ffff or 0602000038a00001 + // For #66955. Verify this opcode turns into a load and assembles. + MOVD $-6795364578871345152, R5 // 3ca00000e8a50000 or 04100000e4a00000 + MOVD 8(R3), R4 // e8830008 MOVD (R3)(R4), R5 // 7ca4182a MOVD (R3)(R0), R5 // 7ca0182a @@ -90,6 +93,7 @@ TEXT asmtest(SB),DUPOK|NOSPLIT,$0 MOVHBR (R3)(R4), R5 // 7ca41e2c MOVHBR (R3)(R0), R5 // 7ca01e2c MOVHBR (R3), R5 // 7ca01e2c + OR $0, R0, R0 MOVD $foo+4009806848(FP), R5 // 3ca1ef0138a5cc40 or 0600ef0038a1cc40 MOVD $foo(SB), R5 // 3ca0000038a50000 or 0610000038a00000 diff --git a/src/cmd/internal/obj/ppc64/obj9.go b/src/cmd/internal/obj/ppc64/obj9.go index 7e26118bc0a1bc..6fa0f8441c75c5 100644 --- a/src/cmd/internal/obj/ppc64/obj9.go +++ b/src/cmd/internal/obj/ppc64/obj9.go @@ -175,8 +175,8 @@ func progedit(ctxt *obj.Link, p *obj.Prog, newprog obj.ProgAlloc) { // Is this a shifted 16b constant? If so, rewrite it to avoid a creating and loading a constant. val := p.From.Offset shift := bits.TrailingZeros64(uint64(val)) - mask := 0xFFFF << shift - if val&int64(mask) == val || (val>>(shift+16) == -1 && (val>>shift)<>(shift+16) == -1 && (val>>shift)<>shift, Rto; SLD $shift, Rto q := obj.Appendp(p, c.newprog) q.As = ASLD From a7ff78d5854b410f9126c7f807f4bc2fa4234bfd Mon Sep 17 00:00:00 2001 From: Michael Pratt Date: Wed, 24 Apr 2024 11:19:17 -0400 Subject: [PATCH 04/10] [release-branch.go1.22] cmd/compile: bail PGO method lookup on interface types Interface types don't have concrete method implementations, so it does not make sense to attempt a lookup. An interface method would not normally appear in a PGO profile as it has no symbol in the final binary. However it can appear if the method was concrete when the profile was collected and it has since been refactored to an interface method in the code being compiled. The guards here (OTYPE, !Alias, !IsInterface) now match noder.linker.relocObj, which does a similar iteration of all methods. For #67016. Fixes #67017. Change-Id: I858c58929c890ac0b2019fbd7c99f683ab63f8bb Reviewed-on: https://go-review.googlesource.com/c/go/+/581436 LUCI-TryBot-Result: Go LUCI Reviewed-by: Cherry Mui (cherry picked from commit 508e76197842792f87504d9f031ce4f7bf453c4f) Reviewed-on: https://go-review.googlesource.com/c/go/+/581438 --- src/cmd/compile/internal/noder/unified.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/cmd/compile/internal/noder/unified.go b/src/cmd/compile/internal/noder/unified.go index 492b00d256610d..562b2e63140db8 100644 --- a/src/cmd/compile/internal/noder/unified.go +++ b/src/cmd/compile/internal/noder/unified.go @@ -120,6 +120,9 @@ func lookupMethod(pkg *types.Pkg, symName string) (*ir.Func, error) { if name.Alias() { return nil, fmt.Errorf("type sym %v refers to alias", typ) } + if name.Type().IsInterface() { + return nil, fmt.Errorf("type sym %v refers to interface type", typ) + } for _, m := range name.Type().Methods() { if m.Sym == meth { From 3f4af1ff0e0c3a83bc48faee3d1f0282ef4d02f2 Mon Sep 17 00:00:00 2001 From: Michael Pratt Date: Thu, 18 Apr 2024 12:42:43 -0400 Subject: [PATCH 05/10] [release-branch.go1.22] runtime: use bootstrapRand to initialize hashkey The seed for rand is not initialized until after alginit. Before initialization, rand returns a deterministic sequence, making hashkey deterministic across processes. Switch to bootstrapRand, like other early rand calls, such as initialization of aeskeysched. For #66885. Fixes #66886. Change-Id: I5023a9161232b49fda2ebd1d5f9338bbdd17b1fe Reviewed-on: https://go-review.googlesource.com/c/go/+/580136 LUCI-TryBot-Result: Go LUCI Reviewed-by: Keith Randall Reviewed-by: Keith Randall (cherry picked from commit 1a3682b4c1e44f334c5cc8fbad3c28b853c2aff2) Reviewed-on: https://go-review.googlesource.com/c/go/+/580018 --- src/runtime/alg.go | 2 +- src/runtime/map_test.go | 80 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 81 insertions(+), 1 deletion(-) diff --git a/src/runtime/alg.go b/src/runtime/alg.go index eaf9c91490138c..ef4f859c231eca 100644 --- a/src/runtime/alg.go +++ b/src/runtime/alg.go @@ -391,7 +391,7 @@ func alginit() { return } for i := range hashkey { - hashkey[i] = uintptr(rand()) | 1 // make sure these numbers are odd + hashkey[i] = uintptr(bootstrapRand()) | 1 // make sure these numbers are odd } } diff --git a/src/runtime/map_test.go b/src/runtime/map_test.go index 2c51236f16b9f9..c29fb933ee49be 100644 --- a/src/runtime/map_test.go +++ b/src/runtime/map_test.go @@ -8,7 +8,9 @@ import ( "fmt" "internal/abi" "internal/goarch" + "internal/testenv" "math" + "os" "reflect" "runtime" "sort" @@ -1464,3 +1466,81 @@ func TestMapValues(t *testing.T) { } } } + +func computeHash() uintptr { + var v struct{} + return runtime.MemHash(unsafe.Pointer(&v), 0, unsafe.Sizeof(v)) +} + +func subprocessHash(t *testing.T, env string) uintptr { + t.Helper() + + cmd := testenv.CleanCmdEnv(testenv.Command(t, os.Args[0], "-test.run=^TestMemHashGlobalSeed$")) + cmd.Env = append(cmd.Env, "GO_TEST_SUBPROCESS_HASH=1") + if env != "" { + cmd.Env = append(cmd.Env, env) + } + + out, err := cmd.Output() + if err != nil { + t.Fatalf("cmd.Output got err %v want nil", err) + } + + s := strings.TrimSpace(string(out)) + h, err := strconv.ParseUint(s, 10, 64) + if err != nil { + t.Fatalf("Parse output %q got err %v want nil", s, err) + } + return uintptr(h) +} + +// memhash has unique per-process seeds, so hashes should differ across +// processes. +// +// Regression test for https://go.dev/issue/66885. +func TestMemHashGlobalSeed(t *testing.T) { + if os.Getenv("GO_TEST_SUBPROCESS_HASH") != "" { + fmt.Println(computeHash()) + os.Exit(0) + return + } + + testenv.MustHaveExec(t) + + // aeshash and memhashFallback use separate per-process seeds, so test + // both. + t.Run("aes", func(t *testing.T) { + if !*runtime.UseAeshash { + t.Skip("No AES") + } + + h1 := subprocessHash(t, "") + t.Logf("%d", h1) + h2 := subprocessHash(t, "") + t.Logf("%d", h2) + h3 := subprocessHash(t, "") + t.Logf("%d", h3) + + if h1 == h2 && h2 == h3 { + t.Errorf("got duplicate hash %d want unique", h1) + } + }) + + t.Run("noaes", func(t *testing.T) { + env := "" + if *runtime.UseAeshash { + env = "GODEBUG=cpu.aes=off" + } + + h1 := subprocessHash(t, env) + t.Logf("%d", h1) + h2 := subprocessHash(t, env) + t.Logf("%d", h2) + h3 := subprocessHash(t, env) + t.Logf("%d", h3) + + if h1 == h2 && h2 == h3 { + t.Errorf("got duplicate hash %d want unique", h1) + } + }) +} From 93d8777d244962d1b706c0b695c8b72e9702577e Mon Sep 17 00:00:00 2001 From: Ian Lance Taylor Date: Thu, 11 Apr 2024 14:36:25 -0700 Subject: [PATCH 06/10] [release-branch.go1.22] net: check SkipAdditional error result This will avoid a potential endless loop for a corrupt DNS packet. For #66754 Fixes #67040 Change-Id: I46591b3f7695bcc88d2312833e45955f8c129d2b Reviewed-on: https://go-review.googlesource.com/c/go/+/578375 Reviewed-by: Damien Neil LUCI-TryBot-Result: Go LUCI Commit-Queue: Ian Lance Taylor Auto-Submit: Ian Lance Taylor Reviewed-by: Ian Lance Taylor (cherry picked from commit ddfab21e464b9b4c15fe3dc97eb5d93a4932f434) Reviewed-on: https://go-review.googlesource.com/c/go/+/581816 Reviewed-by: David Chase --- src/net/dnsclient_unix.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/net/dnsclient_unix.go b/src/net/dnsclient_unix.go index c291d5eb4f20e0..8b3dd5371aa306 100644 --- a/src/net/dnsclient_unix.go +++ b/src/net/dnsclient_unix.go @@ -267,7 +267,9 @@ func extractExtendedRCode(p dnsmessage.Parser, hdr dnsmessage.Header) dnsmessage if ahdr.Type == dnsmessage.TypeOPT { return ahdr.ExtendedRCode(hdr.RCode) } - p.SkipAdditional() + if err := p.SkipAdditional(); err != nil { + return hdr.RCode + } } } From 9d2e28501c7dea1c0ddde00ac683105d0bfe9f63 Mon Sep 17 00:00:00 2001 From: "khr@golang.org" Date: Fri, 3 May 2024 12:55:34 -0700 Subject: [PATCH 07/10] [release-branch.go1.22] cmd/compile: don't combine loads in generated equality functions ... if the architecture can't do unaligned loads. We already handle this in a few places, but this particular place was added in CL 399542 and missed this additional restriction. Fixes #67212 Change-Id: I45988f11ff3ed45df1c4da3f0931ab1fdb22dbfe Reviewed-on: https://go-review.googlesource.com/c/go/+/583175 Reviewed-by: Cuong Manh Le Auto-Submit: Keith Randall Reviewed-by: Keith Randall LUCI-TryBot-Result: Go LUCI Reviewed-by: Derek Parker Reviewed-by: Cherry Mui (cherry picked from commit 3c72dd513c30df60c0624360e98a77c4ae7ca7c8) Reviewed-on: https://go-review.googlesource.com/c/go/+/583417 --- src/cmd/compile/internal/compare/compare.go | 7 ++++- test/fixedbugs/issue67160.go | 32 +++++++++++++++++++++ 2 files changed, 38 insertions(+), 1 deletion(-) create mode 100644 test/fixedbugs/issue67160.go diff --git a/src/cmd/compile/internal/compare/compare.go b/src/cmd/compile/internal/compare/compare.go index e165cd67dbfebb..cb2f84ef552ec1 100644 --- a/src/cmd/compile/internal/compare/compare.go +++ b/src/cmd/compile/internal/compare/compare.go @@ -148,7 +148,7 @@ func calculateCostForType(t *types.Type) int64 { return EqStructCost(t) case types.TSLICE: // Slices are not comparable. - base.Fatalf("eqStructFieldCost: unexpected slice type") + base.Fatalf("calculateCostForType: unexpected slice type") case types.TARRAY: elemCost := calculateCostForType(t.Elem()) cost = t.NumElem() * elemCost @@ -371,6 +371,11 @@ func eqmem(p, q ir.Node, field int, size int64) ir.Node { } func eqmemfunc(size int64, t *types.Type) (fn *ir.Name, needsize bool) { + if !base.Ctxt.Arch.CanMergeLoads && t.Alignment() < int64(base.Ctxt.Arch.Alignment) && t.Alignment() < t.Size() { + // We can't use larger comparisons if the value might not be aligned + // enough for the larger comparison. See issues 46283 and 67160. + size = 0 + } switch size { case 1, 2, 4, 8, 16: buf := fmt.Sprintf("memequal%d", int(size)*8) diff --git a/test/fixedbugs/issue67160.go b/test/fixedbugs/issue67160.go new file mode 100644 index 00000000000000..be45a61420b7f3 --- /dev/null +++ b/test/fixedbugs/issue67160.go @@ -0,0 +1,32 @@ +// run + +// Copyright 2024 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Test to make sure that we don't try using larger loads for +// generated equality functions on architectures that can't do +// unaligned loads. + +package main + +// T has a big field that wants to be compared with larger loads/stores. +// T is "special" because of the unnamed field, so it needs a generated equality function. +// T is an odd number of bytes in size and has alignment 1. +type T struct { + src [8]byte + _ byte +} + +// U contains 8 copies of T, each at a different %8 alignment. +type U [8]T + +//go:noinline +func f(x, y *U) bool { + return *x == *y +} + +func main() { + var a U + _ = f(&a, &a) +} From 947e43e3711948aa3f4d2bbb55ae51ccf54e7638 Mon Sep 17 00:00:00 2001 From: Cherry Mui Date: Mon, 6 May 2024 20:16:53 +0000 Subject: [PATCH 08/10] [release-branch.go1.22] Revert "cmd/compile: don't combine loads in generated equality functions" This reverts CL 583417. Reason for revert: release branch is currently frozen. Change-Id: Ia6223911e0e124f14509c4bf978d7e37688e3d4c Reviewed-on: https://go-review.googlesource.com/c/go/+/582960 Reviewed-by: Dmitri Shuralyov LUCI-TryBot-Result: Go LUCI --- src/cmd/compile/internal/compare/compare.go | 7 +---- test/fixedbugs/issue67160.go | 32 --------------------- 2 files changed, 1 insertion(+), 38 deletions(-) delete mode 100644 test/fixedbugs/issue67160.go diff --git a/src/cmd/compile/internal/compare/compare.go b/src/cmd/compile/internal/compare/compare.go index cb2f84ef552ec1..e165cd67dbfebb 100644 --- a/src/cmd/compile/internal/compare/compare.go +++ b/src/cmd/compile/internal/compare/compare.go @@ -148,7 +148,7 @@ func calculateCostForType(t *types.Type) int64 { return EqStructCost(t) case types.TSLICE: // Slices are not comparable. - base.Fatalf("calculateCostForType: unexpected slice type") + base.Fatalf("eqStructFieldCost: unexpected slice type") case types.TARRAY: elemCost := calculateCostForType(t.Elem()) cost = t.NumElem() * elemCost @@ -371,11 +371,6 @@ func eqmem(p, q ir.Node, field int, size int64) ir.Node { } func eqmemfunc(size int64, t *types.Type) (fn *ir.Name, needsize bool) { - if !base.Ctxt.Arch.CanMergeLoads && t.Alignment() < int64(base.Ctxt.Arch.Alignment) && t.Alignment() < t.Size() { - // We can't use larger comparisons if the value might not be aligned - // enough for the larger comparison. See issues 46283 and 67160. - size = 0 - } switch size { case 1, 2, 4, 8, 16: buf := fmt.Sprintf("memequal%d", int(size)*8) diff --git a/test/fixedbugs/issue67160.go b/test/fixedbugs/issue67160.go deleted file mode 100644 index be45a61420b7f3..00000000000000 --- a/test/fixedbugs/issue67160.go +++ /dev/null @@ -1,32 +0,0 @@ -// run - -// Copyright 2024 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// Test to make sure that we don't try using larger loads for -// generated equality functions on architectures that can't do -// unaligned loads. - -package main - -// T has a big field that wants to be compared with larger loads/stores. -// T is "special" because of the unnamed field, so it needs a generated equality function. -// T is an odd number of bytes in size and has alignment 1. -type T struct { - src [8]byte - _ byte -} - -// U contains 8 copies of T, each at a different %8 alignment. -type U [8]T - -//go:noinline -func f(x, y *U) bool { - return *x == *y -} - -func main() { - var a U - _ = f(&a, &a) -} From fa0292d252c762ff3de92b87d13417c50704f3a0 Mon Sep 17 00:00:00 2001 From: Roland Shoemaker Date: Thu, 25 Apr 2024 13:09:54 -0700 Subject: [PATCH 09/10] [release-branch.go1.22] cmd/go: disallow -lto_library in LDFLAGS MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The darwin linker allows setting the LTO library with the -lto_library flag. This wasn't caught by our "safe linker flags" check because it was covered by the -lx flag used for linking libraries. This change adds a specific check for excluded flags which otherwise satisfy our existing checks. Loading a mallicious LTO library would allow an attacker to cause the linker to execute abritrary code when "go build" was called. Thanks to Juho Forsén of Mattermost for reporting this issue. Fixes #67119 Fixes #67122 Fixes CVE-2024-24787 Change-Id: I77ac8585efbdbdfd5f39c39ed623b9408a0f9eaf Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/1380 Reviewed-by: Russ Cox Reviewed-by: Damien Neil (cherry picked from commit 9a79141fbbca1105e5c786f15e38741ca7843290) Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/1420 Reviewed-by: Tatiana Bradley Reviewed-on: https://go-review.googlesource.com/c/go/+/583796 Reviewed-by: David Chase LUCI-TryBot-Result: Go LUCI --- src/cmd/go/internal/work/security.go | 19 +++++++++++++++---- .../script/darwin_lto_library_ldflag.txt | 17 +++++++++++++++++ 2 files changed, 32 insertions(+), 4 deletions(-) create mode 100644 src/cmd/go/testdata/script/darwin_lto_library_ldflag.txt diff --git a/src/cmd/go/internal/work/security.go b/src/cmd/go/internal/work/security.go index 88504be6cd6b41..568eecd325bb7f 100644 --- a/src/cmd/go/internal/work/security.go +++ b/src/cmd/go/internal/work/security.go @@ -145,6 +145,12 @@ var validCompilerFlagsWithNextArg = []string{ "-x", } +var invalidLinkerFlags = []*lazyregexp.Regexp{ + // On macOS this means the linker loads and executes the next argument. + // Have to exclude separately because -lfoo is allowed in general. + re(`-lto_library`), +} + var validLinkerFlags = []*lazyregexp.Regexp{ re(`-F([^@\-].*)`), re(`-l([^@\-].*)`), @@ -235,12 +241,12 @@ var validLinkerFlagsWithNextArg = []string{ func checkCompilerFlags(name, source string, list []string) error { checkOverrides := true - return checkFlags(name, source, list, validCompilerFlags, validCompilerFlagsWithNextArg, checkOverrides) + return checkFlags(name, source, list, nil, validCompilerFlags, validCompilerFlagsWithNextArg, checkOverrides) } func checkLinkerFlags(name, source string, list []string) error { checkOverrides := true - return checkFlags(name, source, list, validLinkerFlags, validLinkerFlagsWithNextArg, checkOverrides) + return checkFlags(name, source, list, invalidLinkerFlags, validLinkerFlags, validLinkerFlagsWithNextArg, checkOverrides) } // checkCompilerFlagsForInternalLink returns an error if 'list' @@ -249,7 +255,7 @@ func checkLinkerFlags(name, source string, list []string) error { // external linker). func checkCompilerFlagsForInternalLink(name, source string, list []string) error { checkOverrides := false - if err := checkFlags(name, source, list, validCompilerFlags, validCompilerFlagsWithNextArg, checkOverrides); err != nil { + if err := checkFlags(name, source, list, nil, validCompilerFlags, validCompilerFlagsWithNextArg, checkOverrides); err != nil { return err } // Currently the only flag on the allow list that causes problems @@ -262,7 +268,7 @@ func checkCompilerFlagsForInternalLink(name, source string, list []string) error return nil } -func checkFlags(name, source string, list []string, valid []*lazyregexp.Regexp, validNext []string, checkOverrides bool) error { +func checkFlags(name, source string, list []string, invalid, valid []*lazyregexp.Regexp, validNext []string, checkOverrides bool) error { // Let users override rules with $CGO_CFLAGS_ALLOW, $CGO_CFLAGS_DISALLOW, etc. var ( allow *regexp.Regexp @@ -294,6 +300,11 @@ Args: if allow != nil && allow.FindString(arg) == arg { continue Args } + for _, re := range invalid { + if re.FindString(arg) == arg { // must be complete match + goto Bad + } + } for _, re := range valid { if re.FindString(arg) == arg { // must be complete match continue Args diff --git a/src/cmd/go/testdata/script/darwin_lto_library_ldflag.txt b/src/cmd/go/testdata/script/darwin_lto_library_ldflag.txt new file mode 100644 index 00000000000000..d7acefdbad6386 --- /dev/null +++ b/src/cmd/go/testdata/script/darwin_lto_library_ldflag.txt @@ -0,0 +1,17 @@ +[!GOOS:darwin] skip +[!cgo] skip + +! go build +stderr 'invalid flag in #cgo LDFLAGS: -lto_library' + +-- go.mod -- +module ldflag + +-- main.go -- +package main + +// #cgo CFLAGS: -flto +// #cgo LDFLAGS: -lto_library bad.dylib +import "C" + +func main() {} \ No newline at end of file From adbfb672ba485630d75f8b5598228a63f4af08a4 Mon Sep 17 00:00:00 2001 From: Gopher Robot Date: Tue, 7 May 2024 15:34:35 +0000 Subject: [PATCH 10/10] [release-branch.go1.22] go1.22.3 Change-Id: Ie006d71637a9fa66c225f3fd6cb19dae2a403e76 Reviewed-on: https://go-review.googlesource.com/c/go/+/583856 Auto-Submit: Gopher Robot Reviewed-by: Cherry Mui LUCI-TryBot-Result: Go LUCI Reviewed-by: David Chase --- VERSION | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index 90486b0138b46b..e2a3741add3347 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ -go1.22.2 -time 2024-03-29T15:27:02Z +go1.22.3 +time 2024-05-01T19:49:47Z