Update to Go 1.26.5#172
Merged
Merged
Conversation
os.Chdir notifies the testlog hook with the new working directory, but (*File).Chdir does not, so cmd/go's test cache loses track of the cwd when a test uses (*File).Chdir to restore the previous directory (as testing.T.Chdir does in its cleanup). Subsequent relative paths from later tests in the same package are then resolved against the wrong directory in computeTestInputsID, and the cache fails to invalidate when those files change. Fix it by emitting the same testlog Chdir entry from (*File).Chdir after a successful Fchdir, mirroring os.Chdir. Fixes golang#79039. Updates golang#79019. Change-Id: I7099d3a1d2ce3e5f4882a0e93c4d642f23f7eca8 Reviewed-on: https://go-review.googlesource.com/c/go/+/771960 LUCI-TryBot-Result: golang-scoped@luci-project-accounts.iam.gserviceaccount.com <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Michael Pratt <mpratt@google.com> (cherry picked from commit c7e6da5) Reviewed-on: https://go-review.googlesource.com/c/go/+/784242 Auto-Submit: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Mark Freeman <markfreeman@google.com>
FIPS140 crypto files will be bound into the virtual filesystem using the fsys package. So IsStandardPackage needs to use fsys.ReadDir to check that the fips140 packages are standard packages rather than os.ReadDir because os.ReadDir doesn't know about the overlay. It would be nice if we could pass in a io/fs.FS to IsStandardPackage but the FS paths are slash paths and don't play well with windows paths. So we pass in ReadDir instead. Maybe in the future we could create an alternative interface to pass the filesystem through but that's a bigger project. For golang#73649 Fixes golang#79721 Change-Id: I576f03cfc52a63cec0598e058e1354676a6a6964 Reviewed-on: https://go-review.googlesource.com/c/go/+/762581 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Michael Matloob <matloob@google.com> Auto-Submit: Michael Matloob <matloob@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org> (cherry picked from commit be193f3) Reviewed-on: https://go-review.googlesource.com/c/go/+/784861 Auto-Submit: Dmitri Shuralyov <dmitshur@google.com> LUCI-TryBot-Result: golang-scoped@luci-project-accounts.iam.gserviceaccount.com <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Mark Freeman <markfreeman@google.com>
…text.Canceled For golang#77639 Fixes golang#79499 Change-Id: I90e5d6f68c02749ac6e407f1c3565312efafb033 Reviewed-on: https://go-review.googlesource.com/c/go/+/779860 Reviewed-by: David Chase <drchase@google.com> LUCI-TryBot-Result: golang-scoped@luci-project-accounts.iam.gserviceaccount.com <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: Florian Lehner <lehner.florian86@gmail.com> Auto-Submit: Ian Lance Taylor <iant@golang.org> (cherry picked from commit 8494d25) Reviewed-on: https://go-review.googlesource.com/c/go/+/784100 Reviewed-by: Junyang Shao <shaojunyang@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org> Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
…entea The KMOVB instruction (in scan_amd64.s) requires that flag. Fixes golang#79920 Change-Id: Id03285932589e349c7a2cc214dc7ea5b448c0a39 Reviewed-on: https://go-review.googlesource.com/c/go/+/788600 Reviewed-by: Keith Randall <khr@google.com> LUCI-TryBot-Result: golang-scoped@luci-project-accounts.iam.gserviceaccount.com <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Michael Pratt <mpratt@google.com> Auto-Submit: Keith Randall <khr@google.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/788860 Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
…o a whole multiple of element size The allocator doesn't accept total sizes that are not a multiple of the element size. Fixes golang#80007 Change-Id: I177d67c1ecc15ec9d09b160bbcc2bfb7a3a1891f Reviewed-on: https://go-review.googlesource.com/c/go/+/790600 Reviewed-by: Cuong Manh Le <cuong.manhle.vn@gmail.com> Reviewed-by: Keith Randall <khr@google.com> LUCI-TryBot-Result: golang-scoped@luci-project-accounts.iam.gserviceaccount.com <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> (cherry picked from commit 1a15699) Reviewed-on: https://go-review.googlesource.com/c/go/+/791260 Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
On darwin, rawSyscall, rawSyscall6, and rawSyscall9 are Go functions (not assembly as on Linux) that get race-detector instrumentation. When forkAndExecInChild calls rawSyscall in the forked child process, the TSan ThreadState pointer is invalid, causing SIGSEGV in TraceSwitchPartImpl. Add //go:norace to these functions so the race detector does not instrument them. Also update the stale comment in exec_libc2.go that referred to rawSyscall as assembly. For golang#79804. Fixes golang#79806. Change-Id: Ia1d5ffea9bc9729ce5392daaf00b45ab1f779d71 GitHub-Last-Rev: 21d5744 GitHub-Pull-Request: golang#79805 Reviewed-on: https://go-review.googlesource.com/c/go/+/786620 Reviewed-by: Cherry Mui <cherryyz@google.com> LUCI-TryBot-Result: golang-scoped@luci-project-accounts.iam.gserviceaccount.com <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Quim Muntal <quimmuntal@gmail.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org> (cherry picked from commit 0607ffa) Reviewed-on: https://go-review.googlesource.com/c/go/+/791800 Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
…CST on PPC64 Updates golang#79186 Fixes golang#79879 Change-Id: If7e298270ac6252b092371725d6a96aa871bf919 Reviewed-on: https://go-review.googlesource.com/c/go/+/774020 LUCI-TryBot-Result: golang-scoped@luci-project-accounts.iam.gserviceaccount.com <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Cherry Mui <cherryyz@google.com> Reviewed-by: Jayanth Krishnamurthy <jayanth.krishnamurthy@ibm.com> Auto-Submit: Jorropo <jorropo.pgm@gmail.com> Reviewed-by: Paul Murphy <paumurph@redhat.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/793901 Auto-Submit: Junyang Shao <shaojunyang@google.com> Reviewed-by: Junyang Shao <shaojunyang@google.com> Reviewed-by: Keith Randall <khr@google.com> Reviewed-by: Keith Randall <khr@golang.org>
…rnel release strings Synology kernels can have a "_" in their uname version. Make the parsing more tolerant. And also don't throw during init if we fail to parse the kernel version. Instead, fall back to probing. (We can't probe all the time, because seccomp filters on some platforms like Android kill the process if we call a verbotenen system call) This regressed in CL 758902 (forked from CL 751340) on 2026-03-24, which started calling parseRelease unconditionally during osinit on 32-bit Linux. Updates golang#79612 Fixes golang#79893 Change-Id: I98f61b94e54c7b9d08029f3aef664bdda9ec7f69 Reviewed-on: https://go-review.googlesource.com/c/go/+/781800 Reviewed-by: Jorropo <jorropo.pgm@gmail.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: Michael Pratt <mpratt@google.com> LUCI-TryBot-Result: golang-scoped@luci-project-accounts.iam.gserviceaccount.com <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/793960 Auto-Submit: Junyang Shao <shaojunyang@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Junyang Shao <shaojunyang@google.com>
The CNAME record for www.iana.org seems to have been changed, causing test failures. Change the test to just use www.golang.org, so we have more control and awareness of such changes in the future. For golang#80212 Fixes golang#80217 Change-Id: I7b11bb8f90fe366db019dab1f8d9a1cf6a6a6964 Reviewed-on: https://go-review.googlesource.com/c/go/+/795841 LUCI-TryBot-Result: golang-scoped@luci-project-accounts.iam.gserviceaccount.com <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Nicholas Husin <husin@google.com> Reviewed-by: Junyang Shao <shaojunyang@google.com> Auto-Submit: Junyang Shao <shaojunyang@google.com>
When using ECH, do not include the PSK extension in the outer hello. Including the PSK extension allows for a degradation in privacy, as an on-path attacker can harvest outer client hellos, and then construct new hellos using the PSK extension and arbitrary guessed SNI values, replaying them to the target server. If the server rejects the PSK, the handshake will continue, but if the PSK is accepted, the binder check will fail. Thanks to Coia Prant (github.com/rbqvq) for reporting this issue. Fixes CVE-2026-42505 Updates golang#79282 Fixes golang#80175 Change-Id: Ib3a3c948106a57c1b07b9e61a58cbf757848be18 Reviewed-on: https://go-review.googlesource.com/c/go/+/775960 Auto-Submit: Roland Shoemaker <roland@golang.org> TryBot-Bypass: Roland Shoemaker <roland@golang.org> Reviewed-by: Daniel McCarney <daniel@binaryparadox.net> Reviewed-by: Carlos Amedee <carlos@golang.org> (cherry picked from commit 137b806) Reviewed-on: https://go-review.googlesource.com/c/go/+/794921 TryBot-Bypass: Junyang Shao <shaojunyang@google.com> Reviewed-by: Junyang Shao <shaojunyang@google.com> Commit-Queue: Roland Shoemaker <roland@golang.org> Auto-Submit: Junyang Shao <shaojunyang@google.com> Commit-Queue: Junyang Shao <shaojunyang@google.com>
… in Root
This change fixes a significant mechanism by which
operations in a Root can escape the root.
The implementation of Root on platforms supporting the openat
family of functions assumed that openat(parent, "f/", O_NOFOLLOW)
would not resolve symlinks in "f". This is not correct; the
trailing slash causes f to be resolved.
This permits Root operations to escape when the target filename
ends in a slash and the target is a symlink to a directory outside the
root. This does not permit directly accessing non-directory files
outside a root, since the trailing slash adds a requirement that the
target be a directory. However, under some circumstances an attacker
might exploit this flaw to access non-directory files outside
a root, for example by first renaming a directory outside the root
to a location within it and then accessing files within that directory.
This change adjusts Root's handling of slash-terminated paths.
Trailing slashes are removed from the path at the start of an
operation, and the presence of slashes is tracked as a boolean.
Slashes are never reattached to a path component.
In addition, the doInRoot helper function now automatically
handles trailing slashes in a POSIX-compatible fashion.
When a path ends in one or more slashes:
- symlinks in the final component are resolved; and
- the final path component after symlink resolutions
must reference a directory.
This change also adds a new sets of tests to exercise Root's
behavior in a wider variety of circumstances. These tests
run through a matrix of file configurations, such as:
- path "target", a regular file
- path "dir/../target", a directory
- path "target/", a symlink to "dir/../target/", which does not exist
- etc.
These tests execute Root operations and the corresponding unrooted
operation, validate specific expected results for some configurations,
and verify that the rooted and unrooted versions of the operation
produce the same result.
Thanks to Mundur (https://github.com/M0nd0R) for reporting this issue.
Fixes golang#79005
Fixes CVE-2026-39822
Change-Id: I34072ab63f2367baf236592f11143f4e6a6a6964
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/4740
Reviewed-by: Neal Patel <nealpatel@google.com>
Reviewed-by: Roland Shoemaker <bracewell@google.com>
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/4840
Reviewed-on: https://go-review.googlesource.com/c/go/+/797661
Reviewed-by: Junyang Shao <shaojunyang@google.com>
Auto-Submit: Gopher Robot <gobot@golang.org>
TryBot-Bypass: Gopher Robot <gobot@golang.org>
Reviewed-by: David Chase <drchase@google.com>
Change-Id: I87dc3d84cde11db83a0d88a60262a38fc429838d Reviewed-on: https://go-review.googlesource.com/c/go/+/797740 Auto-Submit: Gopher Robot <gobot@golang.org> Reviewed-by: David Chase <drchase@google.com> Reviewed-by: Junyang Shao <shaojunyang@google.com> TryBot-Bypass: Gopher Robot <gobot@golang.org>
bradfitz
approved these changes
Jul 8, 2026
bradfitz
left a comment
Member
There was a problem hiding this comment.
Probably not useful except for major rebase work, but if you want: run "/path/to/this/new/go test" in https://github.com/tailscale/tsgotest for more Tailscale-Go-specific test coverage.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.