go, branch go1.16.14

[release-branch.go1.16] go1.16.14

2022-02-09T16:29:28Z

Change-Id: Ibab854254bba48eab2396bc35a29ec18993f8720 Reviewed-on: https://go-review.googlesource.com/c/go/+/384495 Trust: Cherry Mui Run-TryBot: Cherry Mui TryBot-Result: Gopher Robot Reviewed-by: Dmitri Shuralyov

[release-branch.go1.16] runtime: set vdsoSP to caller's SP consistently

2022-02-07T22:08:13Z

m.vdsoSP should be set to the SP of the caller of nanotime1, instead of the SP of nanotime1 itself, which matches m.vdsoPC. Otherwise the unmatched vdsoPC and vdsoSP would make the stack trace look like recursive. We already do it correctly on AMD64, 386, and RISCV64. This CL fixes the rest. Also incorporate CL 352509, skipping a flaky test. Updates #47324, #50772. Fixes #50780. Change-Id: I98b6fcfbe9fc6bdd28b8fe2a1299b7c505371dd4 Reviewed-on: https://go-review.googlesource.com/c/go/+/337590 Trust: Cherry Mui Trust: Josh Bleecher Snyder Reviewed-by: Josh Bleecher Snyder (cherry picked from commit 217507eb035933bac6c990844f0d71d6000fd339) Reviewed-on: https://go-review.googlesource.com/c/go/+/380716 Run-TryBot: Cherry Mui TryBot-Result: Gopher Robot Reviewed-by: Michael Knyszek

[release-branch.go1.16] cmd/link: force eager binding when using plugins on darwin

2022-02-07T20:38:28Z

When building/using plugins on darwin, we need to use flat namespace so the same symbol from the main executable and the plugin can be resolved to the same address. Apparently, when using flat namespace the dynamic linker can hang at forkExec when resolving a lazy binding. Work around it by forcing early bindings. Updates #38824. Fixes #50245. Change-Id: I983aa0a0960b15bf3f7871382e8231ee244655f4 Reviewed-on: https://go-review.googlesource.com/c/go/+/372798 Trust: Cherry Mui Reviewed-by: Than McIntosh Reviewed-by: Ian Lance Taylor Run-TryBot: Cherry Mui TryBot-Result: Gopher Robot (cherry picked from commit c5fee935bbb8f02406eb653cfed550593755a1a4) Reviewed-on: https://go-review.googlesource.com/c/go/+/373095

[release-branch.go1.16] crypto/elliptic: make IsOnCurve return false for invalid field elements

2022-02-07T19:24:54Z

Updates #50974 Fixes #50977 Fixes CVE-2022-23806 Change-Id: I0201c2c88f13dd82910985a495973f1683af9259 Reviewed-on: https://go-review.googlesource.com/c/go/+/382855 Trust: Filippo Valsorda Run-TryBot: Filippo Valsorda Reviewed-by: Katie Hockman Trust: Katie Hockman TryBot-Result: Gopher Robot

[release-branch.go1.16] cmd/go/internal/modfetch: do not short-circuit canonical versions

2022-02-07T18:43:40Z

Since at least CL 121857, the conversion logic in (*modfetch).codeRepo.Stat has had a short-circuit to use the version requested by the caller if it successfully resolves and is already canonical. However, we should not use that version if it refers to a branch instead of a tag, because branches (unlike tags) usually do not refer to a single, stable release: a branch named "v1.0.0" may be for the development of the v1.0.0 release, or for the development of patches based on v1.0.0, but only one commit (perhaps at the end of that branch — but possibly not even written yet!) can be that specific version. We already have some logic to prefer tags that are semver-equivalent to the version requested by the caller. That more general case suffices for exact equality too — so we can eliminate the special-case, fixing the bug and (happily!) also somewhat simplifying the code. Updates #35671 Fixes #50686 Fixes CVE-2022-23773 Change-Id: I2fd290190b8a99a580deec7e26d15659b58a50b0 Reviewed-on: https://go-review.googlesource.com/c/go/+/378400 Trust: Bryan Mills Run-TryBot: Bryan Mills Reviewed-by: Russ Cox TryBot-Result: Gopher Robot (cherry picked from commit fa4d9b8e2bc2612960c80474fca83a4c85a974eb) Reviewed-on: https://go-review.googlesource.com/c/go/+/382839

[release-branch.go1.16] cmd/compile: remove incorrect arm,arm64 CMP->CMN transformations

2022-02-07T18:41:46Z

These can go wrong when one of the operands is the minimum integer value. Fixes #50866. Change-Id: I238fe284f60c7ee5aeb9dc9a18e8b1578cdb77d0 Reviewed-on: https://go-review.googlesource.com/c/go/+/381318 Reviewed-by: Keith Randall Reviewed-by: Cherry Mui Trust: David Chase Run-TryBot: David Chase TryBot-Result: Gopher Robot (cherry picked from commit b7b44b3173f151a2313da7072afd25de80511605) Reviewed-on: https://go-review.googlesource.com/c/go/+/381475 Trust: Michael Knyszek Run-TryBot: Cherry Mui

[release-branch.go1.16] cmd/compile: don't elide extension for LoadReg to FP register on MIPS64

2022-02-07T17:28:40Z

For an extension operation like MOVWreg, if the operand is already extended, we optimize the second extension out. Usually a LoadReg of a proper type would come already extended, as a MOVW/MOVWU etc. instruction does. But for a LoadReg to a floating point register, the instruction does not do the extension. So we cannot elide the extension. Updates #50671. Fixes #50682. Change-Id: Id8991df78d5acdecd3fd6138c558428cbd5f6ba3 Reviewed-on: https://go-review.googlesource.com/c/go/+/379236 Trust: Cherry Mui Run-TryBot: Cherry Mui TryBot-Result: Gopher Robot Reviewed-by: David Chase (cherry picked from commit d93ff73ae207763871bee38590242be968b2e743) Reviewed-on: https://go-review.googlesource.com/c/go/+/379515

[release-branch.go1.16] cmd/go: remove mercurial from bitbucket vcs options

2022-02-07T16:30:18Z

Mercurial was deprecated as of July 1, 2020 as per https://bitbucket.org/blog/sunsetting-mercurial-support-in-bitbucket Fixes #50811. Updates #50810. Change-Id: I0d40f84aaa393905cae7c4bed8919b15de9a5f6d Reviewed-on: https://go-review.googlesource.com/c/go/+/371720 Trust: Russ Cox Reviewed-by: Bryan Mills Trust: Bryan Mills (cherry picked from commit 5b1b80beb1a2a9a353738e80777d1e25cfdfa095) Reviewed-on: https://go-review.googlesource.com/c/go/+/380998 Run-TryBot: Bryan Mills TryBot-Result: Gopher Robot Reviewed-by: Ian Lance Taylor Reviewed-by: Emmanuel Odeke

[release-branch.go1.16] debug/pe,debug/macho: add support for DWARF5 sections

2022-02-03T20:56:11Z

Adds the same logic used in debug/elf to load DWARF5 sections. For #49590 Fixes #50721 Change-Id: Iee05b9927a6f521842b330eab8942ade3fc2bd86 Reviewed-on: https://go-review.googlesource.com/c/go/+/363895 Reviewed-by: Ian Lance Taylor Trust: Than McIntosh (cherry picked from commit 6c36c332fefdd433cfe6e6468a2542fc310e9f8a) Reviewed-on: https://go-review.googlesource.com/c/go/+/379915 Trust: Ian Lance Taylor Run-TryBot: Ian Lance Taylor TryBot-Result: Gopher Robot Reviewed-by: Alessandro Arzilli Reviewed-by: Emmanuel Odeke

[release-branch.go1.16] math/big: prevent overflow in (*Rat).SetString

2022-01-28T15:39:20Z

Credit to rsc@ for the original patch. Thanks to the OSS-Fuzz project for discovering this issue and to Emmanuel Odeke (@odeke_et) for reporting it. Updates #50699 Fixes #50700 Fixes CVE-2022-23772 Change-Id: I590395a3d55689625390cf1e58f5f40623b26ee5 Reviewed-on: https://go-review.googlesource.com/c/go/+/379537 Trust: Katie Hockman Run-TryBot: Katie Hockman TryBot-Result: Gopher Robot Reviewed-by: Emmanuel Odeke Reviewed-by: Roland Shoemaker Reviewed-by: Julie Qiu (cherry picked from commit ad345c265916bbf6c646865e4642eafce6d39e78) Reviewed-on: https://go-review.googlesource.com/c/go/+/381337