all: update vendored dependencies

This CL does the following:

1. Bundles up golang.org/x/net/internal/httpsfv since h2_bundle.go now
relies on it.
2. Modifies h2_bundle.go import mapping to account for httpsfv package.
3. Updates all vendored dependencies using
golang.org/x/build/cmd/updatestd.

For #75500

Change-Id: Ia2f41ad606092fe20b62f946266190502b146977
Reviewed-on: https://go-review.googlesource.com/c/go/+/738621
Reviewed-by: Nicholas Husin <husin@google.com>
Reviewed-by: Damien Neil <dneil@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>

src/cmd/go.mod

@@ -1,21 +1,21 @@
 module cmd
 
-go 1.26
+go 1.27
 
 require (
-	github.com/google/pprof v0.0.0-20251114195745-4902fdda35c8
-	golang.org/x/arch v0.23.0
-	golang.org/x/build v0.0.0-20251128064159-b9bfd88b30e8
-	golang.org/x/mod v0.30.1-0.20251115032019-269c237cf350
+	github.com/google/pprof v0.0.0-20251213031049-b05bdaca462f
+	golang.org/x/arch v0.23.1-0.20260109160903-657d90bd6695
+	golang.org/x/build v0.0.0-20260122183339-3ba88df37c64
+	golang.org/x/mod v0.32.0
 	golang.org/x/sync v0.19.0
-	golang.org/x/sys v0.39.0
-	golang.org/x/telemetry v0.0.0-20251128220624-abf20d0e57ec
-	golang.org/x/term v0.38.0
-	golang.org/x/tools v0.39.1-0.20251230210517-d44be789a05c
+	golang.org/x/sys v0.40.1-0.20260116220947-d25a7aaff8c2
+	golang.org/x/telemetry v0.0.0-20260116145544-c6413dc483f5
+	golang.org/x/term v0.39.0
+	golang.org/x/tools v0.41.1-0.20260122210857-a60613f0795e
 )
 
 require (
 	github.com/ianlancetaylor/demangle v0.0.0-20250417193237-f615e6bd150b // indirect
-	golang.org/x/text v0.32.0 // indirect
+	golang.org/x/text v0.33.1-0.20260122225119-3264de9174be // indirect
 	rsc.io/markdown v0.0.0-20240306144322-0bf8f97ee8ef // indirect
 )

src/cmd/go.sum

@@ -1,28 +1,28 @@
 github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
 github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
-github.com/google/pprof v0.0.0-20251114195745-4902fdda35c8 h1:3DsUAV+VNEQa2CUVLxCY3f87278uWfIDhJnbdvDjvmE=
-github.com/google/pprof v0.0.0-20251114195745-4902fdda35c8/go.mod h1:I6V7YzU0XDpsHqbsyrghnFZLO1gwK6NPTNvmetQIk9U=
+github.com/google/pprof v0.0.0-20251213031049-b05bdaca462f h1:HU1RgM6NALf/KW9HEY6zry3ADbDKcmpQ+hJedoNGQYQ=
+github.com/google/pprof v0.0.0-20251213031049-b05bdaca462f/go.mod h1:67FPmZWbr+KDT/VlpWtw6sO9XSjpJmLuHpoLmWiTGgY=
 github.com/ianlancetaylor/demangle v0.0.0-20250417193237-f615e6bd150b h1:ogbOPx86mIhFy764gGkqnkFC8m5PJA7sPzlk9ppLVQA=
 github.com/ianlancetaylor/demangle v0.0.0-20250417193237-f615e6bd150b/go.mod h1:gx7rwoVhcfuVKG5uya9Hs3Sxj7EIvldVofAWIUtGouw=
 github.com/yuin/goldmark v1.6.0 h1:boZcn2GTjpsynOsC0iJHnBWa4Bi0qzfJjthwauItG68=
 github.com/yuin/goldmark v1.6.0/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
-golang.org/x/arch v0.23.0 h1:lKF64A2jF6Zd8L0knGltUnegD62JMFBiCPBmQpToHhg=
-golang.org/x/arch v0.23.0/go.mod h1:dNHoOeKiyja7GTvF9NJS1l3Z2yntpQNzgrjh1cU103A=
-golang.org/x/build v0.0.0-20251128064159-b9bfd88b30e8 h1:Mp+uRtHbKFW85lGBTOkOOfkPBz7AUKmZGcflkavmGRM=
-golang.org/x/build v0.0.0-20251128064159-b9bfd88b30e8/go.mod h1:Jx2RBBeTWGRSCwfSZ+w2Hg1f7LjWycsSkx+EciLAmPE=
-golang.org/x/mod v0.30.1-0.20251115032019-269c237cf350 h1:JGDMsCp8NahDR9HSvwrF6V8tzEf87m7Bo4oZ07vRxdU=
-golang.org/x/mod v0.30.1-0.20251115032019-269c237cf350/go.mod h1:lAsf5O2EvJeSFMiBxXDki7sCgAxEUcZHXoXMKT4GJKc=
+golang.org/x/arch v0.23.1-0.20260109160903-657d90bd6695 h1:q45HsUyFzBjBk4mHGgUewJf6KKOkNiWB8wMx0X6elyA=
+golang.org/x/arch v0.23.1-0.20260109160903-657d90bd6695/go.mod h1:dNHoOeKiyja7GTvF9NJS1l3Z2yntpQNzgrjh1cU103A=
+golang.org/x/build v0.0.0-20260122183339-3ba88df37c64 h1:BNhBATNmH/VtzGolB+ksQPPvn6ZyffiR8TmKenqNo+A=
+golang.org/x/build v0.0.0-20260122183339-3ba88df37c64/go.mod h1:3QmSbNil8ZWqC94m80Glej1v8b92gYzPIQPTtSa0c+4=
+golang.org/x/mod v0.32.0 h1:9F4d3PHLljb6x//jOyokMv3eX+YDeepZSEo3mFJy93c=
+golang.org/x/mod v0.32.0/go.mod h1:SgipZ/3h2Ci89DlEtEXWUk/HteuRin+HHhN+WbNhguU=
 golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4=
 golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
-golang.org/x/sys v0.39.0 h1:CvCKL8MeisomCi6qNZ+wbb0DN9E5AATixKsvNtMoMFk=
-golang.org/x/sys v0.39.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
-golang.org/x/telemetry v0.0.0-20251128220624-abf20d0e57ec h1:dRVkWZl6bUOp+oxnOe4BuyhWSIPmt29N4ooHarm7Ic8=
-golang.org/x/telemetry v0.0.0-20251128220624-abf20d0e57ec/go.mod h1:hKdjCMrbv9skySur+Nek8Hd0uJ0GuxJIoIX2payrIdQ=
-golang.org/x/term v0.38.0 h1:PQ5pkm/rLO6HnxFR7N2lJHOZX6Kez5Y1gDSJla6jo7Q=
-golang.org/x/term v0.38.0/go.mod h1:bSEAKrOT1W+VSu9TSCMtoGEOUcKxOKgl3LE5QEF/xVg=
-golang.org/x/text v0.32.0 h1:ZD01bjUt1FQ9WJ0ClOL5vxgxOI/sVCNgX1YtKwcY0mU=
-golang.org/x/text v0.32.0/go.mod h1:o/rUWzghvpD5TXrTIBuJU77MTaN0ljMWE47kxGJQ7jY=
-golang.org/x/tools v0.39.1-0.20251230210517-d44be789a05c h1:0pZej6BQOooNbOfjJEu4v5qx9hdwFX8HnvHCcNXcs2w=
-golang.org/x/tools v0.39.1-0.20251230210517-d44be789a05c/go.mod h1:JnefbkDPyD8UU2kI5fuf8ZX4/yUeh9W877ZeBONxUqQ=
+golang.org/x/sys v0.40.1-0.20260116220947-d25a7aaff8c2 h1:jUsftZdK5NYH1tUlaQUfascfiJtOm7qHnRPWsG6hb4w=
+golang.org/x/sys v0.40.1-0.20260116220947-d25a7aaff8c2/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
+golang.org/x/telemetry v0.0.0-20260116145544-c6413dc483f5 h1:i0p03B68+xC1kD2QUO8JzDTPXCzhN56OLJ+IhHY8U3A=
+golang.org/x/telemetry v0.0.0-20260116145544-c6413dc483f5/go.mod h1:b7fPSJ0pKZ3ccUh8gnTONJxhn3c/PS6tyzQvyqw4iA8=
+golang.org/x/term v0.39.0 h1:RclSuaJf32jOqZz74CkPA9qFuVTX7vhLlpfj/IGWlqY=
+golang.org/x/term v0.39.0/go.mod h1:yxzUCTP/U+FzoxfdKmLaA0RV1WgE0VY7hXBwKtY/4ww=
+golang.org/x/text v0.33.1-0.20260122225119-3264de9174be h1:EwuAS7HtEmZVDSL0zq464yhyVIjdDETleE+K94kfwxg=
+golang.org/x/text v0.33.1-0.20260122225119-3264de9174be/go.mod h1:LuMebE6+rBincTi9+xWTY8TztLzKHc/9C1uBCG27+q8=
+golang.org/x/tools v0.41.1-0.20260122210857-a60613f0795e h1:+CX08Gt13e9ttPSqktf4tM6Ft1hv8yedWyIfcwmakSQ=
+golang.org/x/tools v0.41.1-0.20260122210857-a60613f0795e/go.mod h1:XSY6eDqxVNiYgezAVqqCeihT4j1U2CCsqvH3WhQpnlg=
 rsc.io/markdown v0.0.0-20240306144322-0bf8f97ee8ef h1:mqLYrXCXYEZOop9/Dbo6RPX11539nwiCNBb1icVPmw8=
 rsc.io/markdown v0.0.0-20240306144322-0bf8f97ee8ef/go.mod h1:8xcPgWmwlZONN1D9bjxtHEjrUtSEa3fakVF8iaewYKQ=

src/cmd/vendor/github.com/google/pprof/internal/driver/cli.go

@@ -37,6 +37,7 @@ type source struct {
 	HTTPHostport       string
 	HTTPDisableBrowser bool
 	Comment            string
+	AllFrames          bool
 }
 
 // parseFlags parses the command lines through the specified flags package
@@ -51,7 +52,8 @@ func parseFlags(o *plugin.Options) (*source, []string, error) {
 	flagSymbolize := flag.String("symbolize", "", "Options for profile symbolization")
 	flagBuildID := flag.String("buildid", "", "Override build id for first mapping")
 	flagTimeout := flag.Int("timeout", -1, "Timeout in seconds for fetching a profile")
-	flagAddComment := flag.String("add_comment", "", "Annotation string to record in the profile")
+	flagAddComment := flag.String("add_comment", "", "Free-form annotation to add to the profile")
+	flagAllFrames := flag.Bool("all_frames", false, "Ignore drop_frames and keep_frames regexps")
 	// CPU profile options
 	flagSeconds := flag.Int("seconds", -1, "Length of time for dynamic profiles")
 	// Heap profile options
@@ -145,6 +147,7 @@ func parseFlags(o *plugin.Options) (*source, []string, error) {
 		HTTPHostport:       *flagHTTP,
 		HTTPDisableBrowser: *flagNoBrowser,
 		Comment:            *flagAddComment,
+		AllFrames:          *flagAllFrames,
 	}
 
 	if err := source.addBaseProfiles(*flagBase, *flagDiffBase); err != nil {
@@ -338,6 +341,8 @@ var usageMsgVars = "\n\n" +
 	"                      Port is optional and a randomly available port by default.\n" +
 	"   -no_browser        Skip opening a browser for the interactive web UI.\n" +
 	"   -tools             Search path for object tools\n" +
+	"   -all_frames        Ignore drop_frames and keep_frames regexps in the profile\n" +
+	"                      Rarely needed, mainly used for debugging pprof itself\n" +
 	"\n" +
 	"  Legacy convenience options:\n" +
 	"   -inuse_space           Same as -sample_index=inuse_space\n" +

src/cmd/vendor/github.com/google/pprof/internal/driver/fetch.go

@@ -77,6 +77,11 @@ func fetchProfiles(s *source, o *plugin.Options) (*profile.Profile, error) {
 		}
 	}
 
+	if s.AllFrames {
+		p.DropFrames = ""
+		p.KeepFrames = ""
+	}
+
 	// Symbolize the merged profile.
 	if err := o.Sym.Symbolize(s.Symbolize, m, p); err != nil {
 		return nil, err

src/cmd/vendor/github.com/google/pprof/internal/elfexec/elfexec.go

@@ -316,8 +316,7 @@ func ProgramHeadersForMapping(phdrs []elf.ProgHeader, mapOff, mapSz uint64) []*e
 		// page size is not 4KB, we must try to guess the page size on the system
 		// where the profile was collected, possibly using the architecture
 		// specified in the ELF file header.
-		pageSize       = 4096
-		pageOffsetMask = pageSize - 1
+		pageSize = 4096
 	)
 	mapLimit := mapOff + mapSz
 	var headers []*elf.ProgHeader
@@ -331,12 +330,12 @@ func ProgramHeadersForMapping(phdrs []elf.ProgHeader, mapOff, mapSz uint64) []*e
 		segLimit := p.Off + p.Memsz
 		// The segment must overlap the mapping.
 		if p.Type == elf.PT_LOAD && mapOff < segLimit && p.Off < mapLimit {
-			// If the mapping offset is strictly less than the page aligned segment
-			// offset, then this mapping comes from a different segment, fixes
-			// b/179920361.
+			// If the mapping offset is strictly less than the segment offset aligned
+			// to the segment p_align value then this mapping comes from a different
+			// segment, fixes b/179920361.
 			alignedSegOffset := uint64(0)
-			if p.Off > (p.Vaddr & pageOffsetMask) {
-				alignedSegOffset = p.Off - (p.Vaddr & pageOffsetMask)
+			if p.Off > (p.Vaddr & (p.Align - 1)) {
+				alignedSegOffset = p.Off - (p.Vaddr & (p.Align - 1))
 			}
 			if mapOff < alignedSegOffset {
 				continue

src/cmd/vendor/golang.org/x/arch/riscv64/riscv64asm/inst.go

@@ -516,16 +516,16 @@ type MemOrder uint8
 
 func (memOrder MemOrder) String() string {
 	var str string
-	if memOrder<<7>>7 == 1 {
+	if memOrder&0b1000 != 0 {
 		str += "i"
 	}
-	if memOrder>>1<<7>>7 == 1 {
+	if memOrder&0b0100 != 0 {
 		str += "o"
 	}
-	if memOrder>>2<<7>>7 == 1 {
+	if memOrder&0b0010 != 0 {
 		str += "r"
 	}
-	if memOrder>>3<<7>>7 == 1 {
+	if memOrder&0b0001 != 0 {
 		str += "w"
 	}
 	return str

src/cmd/vendor/golang.org/x/sys/unix/ioctl_signed.go

@@ -6,9 +6,7 @@
 
 package unix
 
-import (
-	"unsafe"
-)
+import "unsafe"
 
 // ioctl itself should not be exposed directly, but additional get/set
 // functions for specific types are permissible.
@@ -28,6 +26,13 @@ func IoctlSetPointerInt(fd int, req int, value int) error {
 	return ioctlPtr(fd, req, unsafe.Pointer(&v))
 }
 
+// IoctlSetString performs an ioctl operation which sets a string value
+// on fd, using the specified request number.
+func IoctlSetString(fd int, req int, value string) error {
+	bs := append([]byte(value), 0)
+	return ioctlPtr(fd, req, unsafe.Pointer(&bs[0]))
+}
+
 // IoctlSetWinsize performs an ioctl on fd with a *Winsize argument.
 //
 // To change fd's window size, the req argument should be TIOCSWINSZ.

src/cmd/vendor/golang.org/x/sys/unix/ioctl_unsigned.go

@@ -6,9 +6,7 @@
 
 package unix
 
-import (
-	"unsafe"
-)
+import "unsafe"
 
 // ioctl itself should not be exposed directly, but additional get/set
 // functions for specific types are permissible.
@@ -28,6 +26,13 @@ func IoctlSetPointerInt(fd int, req uint, value int) error {
 	return ioctlPtr(fd, req, unsafe.Pointer(&v))
 }
 
+// IoctlSetString performs an ioctl operation which sets a string value
+// on fd, using the specified request number.
+func IoctlSetString(fd int, req uint, value string) error {
+	bs := append([]byte(value), 0)
+	return ioctlPtr(fd, req, unsafe.Pointer(&bs[0]))
+}
+
 // IoctlSetWinsize performs an ioctl on fd with a *Winsize argument.
 //
 // To change fd's window size, the req argument should be TIOCSWINSZ.

src/cmd/vendor/golang.org/x/sys/unix/syscall_solaris.go

@@ -1052,14 +1052,6 @@ func IoctlSetIntRetInt(fd int, req int, arg int) (int, error) {
 	return ioctlRet(fd, req, uintptr(arg))
 }
 
-func IoctlSetString(fd int, req int, val string) error {
-	bs := make([]byte, len(val)+1)
-	copy(bs[:len(bs)-1], val)
-	err := ioctlPtr(fd, req, unsafe.Pointer(&bs[0]))
-	runtime.KeepAlive(&bs[0])
-	return err
-}
-
 // Lifreq Helpers
 
 func (l *Lifreq) SetName(name string) error {

src/cmd/vendor/golang.org/x/sys/unix/syscall_unix.go

@@ -367,7 +367,9 @@ func Recvmsg(fd int, p, oob []byte, flags int) (n, oobn int, recvflags int, from
 		iov[0].SetLen(len(p))
 	}
 	var rsa RawSockaddrAny
-	n, oobn, recvflags, err = recvmsgRaw(fd, iov[:], oob, flags, &rsa)
+	if n, oobn, recvflags, err = recvmsgRaw(fd, iov[:], oob, flags, &rsa); err != nil {
+		return
+	}
 	// source address is only specified if the socket is unconnected
 	if rsa.Addr.Family != AF_UNSPEC {
 		from, err = anyToSockaddr(fd, &rsa)
@@ -389,8 +391,10 @@ func RecvmsgBuffers(fd int, buffers [][]byte, oob []byte, flags int) (n, oobn in
 		}
 	}
 	var rsa RawSockaddrAny
-	n, oobn, recvflags, err = recvmsgRaw(fd, iov, oob, flags, &rsa)
-	if err == nil && rsa.Addr.Family != AF_UNSPEC {
+	if n, oobn, recvflags, err = recvmsgRaw(fd, iov, oob, flags, &rsa); err != nil {
+		return
+	}
+	if rsa.Addr.Family != AF_UNSPEC {
 		from, err = anyToSockaddr(fd, &rsa)
 	}
 	return

src/cmd/vendor/golang.org/x/term/terminal.go

@@ -160,7 +160,9 @@ const (
 	keyEnd
 	keyDeleteWord
 	keyDeleteLine
+	keyDelete
 	keyClearScreen
+	keyTranspose
 	keyPasteStart
 	keyPasteEnd
 )
@@ -194,6 +196,8 @@ func bytesToKey(b []byte, pasteActive bool) (rune, []byte) {
 			return keyDeleteLine, b[1:]
 		case 12: // ^L
 			return keyClearScreen, b[1:]
+		case 20: // ^T
+			return keyTranspose, b[1:]
 		case 23: // ^W
 			return keyDeleteWord, b[1:]
 		case 14: // ^N
@@ -228,6 +232,10 @@ func bytesToKey(b []byte, pasteActive bool) (rune, []byte) {
 		}
 	}
 
+	if !pasteActive && len(b) >= 4 && b[0] == keyEscape && b[1] == '[' && b[2] == '3' && b[3] == '~' {
+		return keyDelete, b[4:]
+	}
+
 	if !pasteActive && len(b) >= 6 && b[0] == keyEscape && b[1] == '[' && b[2] == '1' && b[3] == ';' && b[4] == '3' {
 		switch b[5] {
 		case 'C':
@@ -590,7 +598,7 @@ func (t *Terminal) handleKey(key rune) (line string, ok bool) {
 		}
 		t.line = t.line[:t.pos]
 		t.moveCursorToPos(t.pos)
-	case keyCtrlD:
+	case keyCtrlD, keyDelete:
 		// Erase the character under the current position.
 		// The EOF case when the line is empty is handled in
 		// readLine().
@@ -600,6 +608,24 @@ func (t *Terminal) handleKey(key rune) (line string, ok bool) {
 		}
 	case keyCtrlU:
 		t.eraseNPreviousChars(t.pos)
+	case keyTranspose:
+		// This transposes the two characters around the cursor and advances the cursor. Best-effort.
+		if len(t.line) < 2 || t.pos < 1 {
+			return
+		}
+		swap := t.pos
+		if swap == len(t.line) {
+			swap-- // special: at end of line, swap previous two chars
+		}
+		t.line[swap-1], t.line[swap] = t.line[swap], t.line[swap-1]
+		if t.pos < len(t.line) {
+			t.pos++
+		}
+		if t.echo {
+			t.moveCursorToPos(swap - 1)
+			t.writeLine(t.line[swap-1:])
+			t.moveCursorToPos(t.pos)
+		}
 	case keyClearScreen:
 		// Erases the screen and moves the cursor to the home position.
 		t.queue([]rune("\x1b[2J\x1b[H"))

src/cmd/vendor/golang.org/x/text/cases/tables15.0.0.go

@@ -1,6 +1,6 @@
 // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
 
-//go:build go1.21
+//go:build !go1.27
 
 package cases
 

src/cmd/vendor/golang.org/x/text/unicode/norm/forminfo.go

@@ -13,15 +13,18 @@ import "encoding/binary"
 // a rune to a uint16. The values take two forms.  For v >= 0x8000:
 //   bits
 //   15:    1 (inverse of NFD_QC bit of qcInfo)
-//   13..7: qcInfo (see below). isYesD is always true (no decomposition).
+//   12..7: qcInfo (see below). isYesD is always true (no decomposition).
 //    6..0: ccc (compressed CCC value).
 // For v < 0x8000, the respective rune has a decomposition and v is an index
 // into a byte array of UTF-8 decomposition sequences and additional info and
 // has the form:
 //    <header> <decomp_byte>* [<tccc> [<lccc>]]
 // The header contains the number of bytes in the decomposition (excluding this
-// length byte). The two most significant bits of this length byte correspond
-// to bit 5 and 4 of qcInfo (see below).  The byte sequence itself starts at v+1.
+// length byte), with 33 mapped to 31 to fit in 5 bits.
+// (If any 31- or 32-byte decompositions come along, we could switch to using
+// use a general lookup table as long as there are at most 32 distinct lengths.)
+// The three most significant bits of this length byte correspond
+// to bit 5, 4, and 3 of qcInfo (see below).  The byte sequence itself starts at v+1.
 // The byte sequence is followed by a trailing and leading CCC if the values
 // for these are not zero.  The value of v determines which ccc are appended
 // to the sequences.  For v < firstCCC, there are none, for v >= firstCCC,
@@ -32,8 +35,8 @@ import "encoding/binary"
 
 const (
 	qcInfoMask      = 0x3F // to clear all but the relevant bits in a qcInfo
-	headerLenMask   = 0x3F // extract the length value from the header byte
-	headerFlagsMask = 0xC0 // extract the qcInfo bits from the header byte
+	headerLenMask   = 0x1F // extract the length value from the header byte (31 => 33)
+	headerFlagsMask = 0xE0 // extract the qcInfo bits from the header byte
 )
 
 // Properties provides access to normalization properties of a rune.
@@ -109,14 +112,14 @@ func (p Properties) BoundaryAfter() bool {
 	return p.isInert()
 }
 
-// We pack quick check data in 4 bits:
+// We pack quick check data in 6 bits:
 //
 //	5:    Combines forward  (0 == false, 1 == true)
 //	4..3: NFC_QC Yes(00), No (10), or Maybe (11)
 //	2:    NFD_QC Yes (0) or No (1). No also means there is a decomposition.
 //	1..0: Number of trailing non-starters.
 //
-// When all 4 bits are zero, the character is inert, meaning it is never
+// When all 6 bits are zero, the character is inert, meaning it is never
 // influenced by normalization.
 type qcInfo uint8
 
@@ -152,6 +155,9 @@ func (p Properties) Decomposition() []byte {
 	}
 	i := p.index
 	n := decomps[i] & headerLenMask
+	if n == 31 {
+		n = 33
+	}
 	i++
 	return decomps[i : i+uint16(n)]
 }
@@ -260,7 +266,11 @@ func compInfo(v uint16, sz int) Properties {
 	f := (qcInfo(h&headerFlagsMask) >> 2) | 0x4
 	p := Properties{size: uint8(sz), flags: f, index: v}
 	if v >= firstCCC {
-		v += uint16(h&headerLenMask) + 1
+		n := uint16(h & headerLenMask)
+		if n == 31 {
+			n = 33
+		}
+		v += n + 1
 		c := decomps[v]
 		p.tccc = c >> 2
 		p.flags |= qcInfo(c & 0x3)

src/cmd/vendor/golang.org/x/tools/go/analysis/passes/ctrlflow/ctrlflow.go

@@ -16,11 +16,9 @@ import (
 
 	"golang.org/x/tools/go/analysis"
 	"golang.org/x/tools/go/analysis/passes/inspect"
-	"golang.org/x/tools/go/analysis/passes/internal/ctrlflowinternal"
 	"golang.org/x/tools/go/ast/inspector"
 	"golang.org/x/tools/go/cfg"
 	"golang.org/x/tools/go/types/typeutil"
-	"golang.org/x/tools/internal/cfginternal"
 	"golang.org/x/tools/internal/typesinternal"
 )
 
@@ -51,18 +49,19 @@ type CFGs struct {
 	pass      *analysis.Pass       // transient; nil after construction
 }
 
-// TODO(adonovan): add (*CFGs).NoReturn to public API.
-func (c *CFGs) isNoReturn(fn *types.Func) bool {
+// NoReturn reports whether the specified control-flow graph cannot return normally.
+//
+// It is defined for at least all function symbols that appear as the static callee of a
+// CallExpr in the current package, even if the callee was imported from a dependency.
+//
+// The result may incorporate interprocedural information based on induction of
+// the "no return" property over the static call graph within the package.
+// For example, if f simply calls g and g always calls os.Exit, then both f and g may
+// be deemed never to return.
+func (c *CFGs) NoReturn(fn *types.Func) bool {
 	return c.noReturn[fn]
 }
 
-func init() {
-	// Expose the hidden method to callers in x/tools.
-	ctrlflowinternal.NoReturn = func(c any, fn *types.Func) bool {
-		return c.(*CFGs).isNoReturn(fn)
-	}
-}
-
 // CFGs has two maps: funcDecls for named functions and funcLits for
 // unnamed ones. Unlike funcLits, the funcDecls map is not keyed by its
 // syntax node, *ast.FuncDecl, because callMayReturn needs to do a
@@ -154,7 +153,7 @@ func run(pass *analysis.Pass) (any, error) {
 		li := funcLits[lit]
 		if li.cfg == nil {
 			li.cfg = cfg.New(lit.Body, c.callMayReturn)
-			if cfginternal.IsNoReturn(li.cfg) {
+			if li.cfg.NoReturn() {
 				li.noReturn = true
 			}
 		}
@@ -179,12 +178,13 @@ func (c *CFGs) buildDecl(fn *types.Func, di *declInfo) {
 	}
 	di.started = true
 
-	noreturn := isIntrinsicNoReturn(fn)
-
-	if di.decl.Body != nil {
-		di.cfg = cfg.New(di.decl.Body, c.callMayReturn)
-		if cfginternal.IsNoReturn(di.cfg) {
-			noreturn = true
+	noreturn, known := knownIntrinsic(fn)
+	if !known {
+		if di.decl.Body != nil {
+			di.cfg = cfg.New(di.decl.Body, c.callMayReturn)
+			if di.cfg.NoReturn() {
+				noreturn = true
+			}
 		}
 	}
 	if noreturn {
@@ -233,11 +233,46 @@ func (c *CFGs) callMayReturn(call *ast.CallExpr) (r bool) {
 
 var panicBuiltin = types.Universe.Lookup("panic").(*types.Builtin)
 
-// isIntrinsicNoReturn reports whether a function intrinsically never
-// returns because it stops execution of the calling thread.
+// knownIntrinsic reports whether a function intrinsically never
+// returns because it stops execution of the calling thread, or does
+// in fact return, contrary to its apparent body, because it is
+// handled specially by the compiler.
+//
 // It is the base case in the recursion.
-func isIntrinsicNoReturn(fn *types.Func) bool {
+func knownIntrinsic(fn *types.Func) (noreturn, known bool) {
 	// Add functions here as the need arises, but don't allocate memory.
-	return typesinternal.IsFunctionNamed(fn, "syscall", "Exit", "ExitProcess", "ExitThread") ||
-		typesinternal.IsFunctionNamed(fn, "runtime", "Goexit")
+
+	// Functions known intrinsically never to return.
+	if typesinternal.IsFunctionNamed(fn, "syscall", "Exit", "ExitProcess", "ExitThread") ||
+		typesinternal.IsFunctionNamed(fn, "runtime", "Goexit", "fatalthrow", "fatalpanic", "exit") ||
+		// Following staticcheck (see go/ir/exits.go) we include functions
+		// in several popular logging packages whose no-return status is
+		// beyond the analysis to infer.
+		// TODO(adonovan): make this list extensible.
+		typesinternal.IsMethodNamed(fn, "go.uber.org/zap", "Logger", "Fatal", "Panic") ||
+		typesinternal.IsMethodNamed(fn, "go.uber.org/zap", "SugaredLogger", "Fatal", "Fatalw", "Fatalf", "Panic", "Panicw", "Panicf") ||
+		typesinternal.IsMethodNamed(fn, "github.com/sirupsen/logrus", "Logger", "Exit", "Panic", "Panicf", "Panicln") ||
+		typesinternal.IsMethodNamed(fn, "github.com/sirupsen/logrus", "Entry", "Panicf", "Panicln") ||
+		typesinternal.IsFunctionNamed(fn, "k8s.io/klog", "Exit", "ExitDepth", "Exitf", "Exitln", "Fatal", "FatalDepth", "Fatalf", "Fatalln") ||
+		typesinternal.IsFunctionNamed(fn, "k8s.io/klog/v2", "Exit", "ExitDepth", "Exitf", "Exitln", "Fatal", "FatalDepth", "Fatalf", "Fatalln") {
+		return true, true
+	}
+
+	// Compiler intrinsics known to return, contrary to
+	// what analysis of the function body would conclude.
+	//
+	// Not all such intrinsics must be listed here: ctrlflow
+	// considers any function called for its value--such as
+	// crypto/internal/constanttime.bool2Uint8--to potentially
+	// return; only functions called as a statement, for effects,
+	// are no-return candidates.
+	//
+	// Unfortunately this does sometimes mean peering into internals.
+	// Where possible, use the nearest enclosing public API function.
+	if typesinternal.IsFunctionNamed(fn, "internal/abi", "EscapeNonString") ||
+		typesinternal.IsFunctionNamed(fn, "hash/maphash", "Comparable") {
+		return false, true
+	}
+
+	return // unknown
 }

src/cmd/vendor/golang.org/x/tools/go/analysis/passes/internal/ctrlflowinternal/ctrlflowinternal.go

@@ -1,17 +0,0 @@
-// Copyright 2025 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package ctrlflowinternal exposes internals of ctrlflow.
-// It cannot actually depend on symbols from ctrlflow.
-package ctrlflowinternal
-
-import "go/types"
-
-// NoReturn exposes the (*ctrlflow.CFGs).NoReturn method to the buildssa analyzer.
-//
-// You must link [golang.org/x/tools/go/analysis/passes/ctrlflow] into your
-// application for it to be non-nil.
-var NoReturn = func(cfgs any, fn *types.Func) bool {
-	panic("x/tools/go/analysis/passes/ctrlflow is not linked into this application")
-}

src/cmd/vendor/golang.org/x/tools/go/analysis/passes/modernize/doc.go

@@ -469,6 +469,25 @@ The sole use of the finished string must be the last reference to the
 variable s. (It may appear within an intervening loop or function literal,
 since even s.String() is called repeatedly, it does not allocate memory.)
 
+Often the addend is a call to fmt.Sprintf, as in this example:
+
+	var s string
+	for x := range seq {
+		s += fmt.Sprintf("%v", x)
+	}
+
+which, once the suggested fix is applied, becomes:
+
+	var s strings.Builder
+	for x := range seq {
+		s.WriteString(fmt.Sprintf("%v", x))
+	}
+
+The WriteString call can be further simplified to the more efficient
+fmt.Fprintf(&s, "%v", x), avoiding the allocation of an intermediary.
+However, stringsbuilder does not perform this simplification;
+it requires staticcheck analyzer QF1012. (See https://go.dev/issue/76918.)
+
 # Analyzer testingcontext
 
 testingcontext: replace context.WithCancel with t.Context in tests
@@ -484,6 +503,22 @@ with a single call to t.Context(), which was added in Go 1.24.
 This change is only suggested if the `cancel` function is not used
 for any other purpose.
 
+# Analyzer unsafefuncs
+
+unsafefuncs: replace unsafe pointer arithmetic with function calls
+
+The unsafefuncs analyzer simplifies pointer arithmetic expressions by
+replacing them with calls to helper functions such as unsafe.Add,
+added in Go 1.17.
+
+Example:
+
+	unsafe.Pointer(uintptr(ptr) + uintptr(n))
+
+where ptr is an unsafe.Pointer, is replaced by:
+
+	unsafe.Add(ptr, n)
+
 # Analyzer waitgroup
 
 waitgroup: replace wg.Add(1)/go/wg.Done() with wg.Go

src/cmd/vendor/golang.org/x/tools/go/analysis/passes/modernize/modernize.go

@@ -53,6 +53,7 @@ var Suite = []*analysis.Analyzer{
 	StringsSeqAnalyzer,
 	StringsBuilderAnalyzer,
 	TestingContextAnalyzer,
+	unsafeFuncsAnalyzer,
 	WaitGroupAnalyzer,
 }
 
@@ -141,3 +142,5 @@ func lookup(info *types.Info, cur inspector.Cursor, name string) types.Object {
 	_, obj := scope.LookupParent(name, cur.Node().Pos())
 	return obj
 }
+
+func first[T any](x T, _ any) T { return x }

src/cmd/vendor/golang.org/x/tools/go/analysis/passes/modernize/newexpr.go

@@ -25,7 +25,7 @@ import (
 var NewExprAnalyzer = &analysis.Analyzer{
 	Name:      "newexpr",
 	Doc:       analyzerutil.MustExtractDoc(doc, "newexpr"),
-	URL:       "https://pkg.go.dev/golang.org/x/tools/gopls/internal/analysis/modernize#newexpr",
+	URL:       "https://pkg.go.dev/golang.org/x/tools/go/analysis/passes/modernize#newexpr",
 	Requires:  []*analysis.Analyzer{inspect.Analyzer},
 	Run:       run,
 	FactTypes: []analysis.Fact{&newLike{}},

src/cmd/vendor/golang.org/x/tools/go/analysis/passes/modernize/rangeint.go

@@ -18,6 +18,7 @@ import (
 	"golang.org/x/tools/internal/analysis/analyzerutil"
 	typeindexanalyzer "golang.org/x/tools/internal/analysis/typeindex"
 	"golang.org/x/tools/internal/astutil"
+	"golang.org/x/tools/internal/moreiters"
 	"golang.org/x/tools/internal/typesinternal"
 	"golang.org/x/tools/internal/typesinternal/typeindex"
 	"golang.org/x/tools/internal/versions"
@@ -122,9 +123,21 @@ func rangeint(pass *analysis.Pass) (any, error) {
 						continue nextLoop
 					}
 
+					validIncrement := false
 					if inc, ok := loop.Post.(*ast.IncDecStmt); ok &&
 						inc.Tok == token.INC &&
 						astutil.EqualSyntax(compare.X, inc.X) {
+						// Have: i++
+						validIncrement = true
+					} else if assign, ok := loop.Post.(*ast.AssignStmt); ok &&
+						assign.Tok == token.ADD_ASSIGN &&
+						len(assign.Rhs) == 1 && isIntLiteral(info, assign.Rhs[0], 1) &&
+						len(assign.Lhs) == 1 && astutil.EqualSyntax(compare.X, assign.Lhs[0]) {
+						// Have: i += 1
+						validIncrement = true
+					}
+
+					if validIncrement {
 						// Have: for i = 0; i < limit; i++ {}
 
 						// Find references to i within the loop body.
@@ -133,6 +146,14 @@ func rangeint(pass *analysis.Pass) (any, error) {
 						if typesinternal.IsPackageLevel(v) {
 							continue nextLoop
 						}
+
+						// If v is a named result, it is implicitly
+						// used after the loop (go.dev/issue/76880).
+						// TODO(adonovan): use go1.25 v.Kind() == types.ResultVar.
+						if moreiters.Contains(enclosingSignature(curLoop, info).Results().Variables(), v) {
+							continue nextLoop
+						}
+
 						used := false
 						for curId := range curLoop.Child(loop.Body).Preorder((*ast.Ident)(nil)) {
 							id := curId.Node().(*ast.Ident)
@@ -237,7 +258,7 @@ func rangeint(pass *analysis.Pass) (any, error) {
 
 						pass.Report(analysis.Diagnostic{
 							Pos:     init.Pos(),
-							End:     inc.End(),
+							End:     loop.Post.End(),
 							Message: "for loop can be modernized using range over int",
 							SuggestedFixes: []analysis.SuggestedFix{{
 								Message: fmt.Sprintf("Replace for loop with range %s",
@@ -263,7 +284,7 @@ func rangeint(pass *analysis.Pass) (any, error) {
 									// Delete inc.
 									{
 										Pos: limit.End(),
-										End: inc.End(),
+										End: loop.Post.End(),
 									},
 									// Add ")" after limit, if needed.
 									{
@@ -311,6 +332,11 @@ func isScalarLvalue(info *types.Info, curId inspector.Cursor) bool {
 		if v, ok := info.Defs[id]; ok && v.Pos() != id.Pos() {
 			return true // reassignment of i (i, j := 1, 2)
 		}
+	case edge.RangeStmt_Key:
+		rng := cur.Parent().Node().(*ast.RangeStmt)
+		if rng.Tok == token.ASSIGN {
+			return true // "for k, v = range x" is like an AssignStmt to k, v
+		}
 	case edge.IncDecStmt_X:
 		return true // i++, i--
 	case edge.UnaryExpr_X:
@@ -320,3 +346,24 @@ func isScalarLvalue(info *types.Info, curId inspector.Cursor) bool {
 	}
 	return false
 }
+
+// enclosingSignature returns the signature of the innermost
+// function enclosing the syntax node denoted by cur
+// or nil if the node is not within a function.
+//
+// TODO(adonovan): factor with gopls/internal/util/typesutil.EnclosingSignature.
+func enclosingSignature(cur inspector.Cursor, info *types.Info) *types.Signature {
+	if c, ok := enclosingFunc(cur); ok {
+		switch n := c.Node().(type) {
+		case *ast.FuncDecl:
+			if f, ok := info.Defs[n.Name]; ok {
+				return f.Type().(*types.Signature)
+			}
+		case *ast.FuncLit:
+			if f, ok := info.Types[n]; ok {
+				return f.Type.(*types.Signature)
+			}
+		}
+	}
+	return nil
+}

src/cmd/vendor/golang.org/x/tools/go/analysis/passes/modernize/reflect.go

@@ -102,6 +102,23 @@ func reflecttypefor(pass *analysis.Pass) (any, error) {
 			continue // e.g. reflect was dot-imported
 		}
 
+		// Don't offer a fix if the type contains an unnamed struct or unnamed
+		// interface because the replacement would be significantly more verbose.
+		// (See golang/go#76698)
+		if isComplicatedType(t) {
+			continue
+		}
+
+		// Don't offer the fix if the type string is too long. We define "too
+		// long" as more than three times the length of the original expression
+		// and at least 16 characters (a 3x length increase of a very
+		// short expression should not be cause for skipping the fix).
+		oldLen := int(expr.End() - expr.Pos())
+		newLen := len(tstr)
+		if newLen >= 16 && newLen > 3*oldLen {
+			continue
+		}
+
 		// If the call argument contains the last use
 		// of a variable, as in:
 		//	var zero T
@@ -137,3 +154,43 @@ func reflecttypefor(pass *analysis.Pass) (any, error) {
 
 	return nil, nil
 }
+
+// isComplicatedType reports whether type t is complicated, e.g. it is or contains an
+// unnamed struct, interface, or function signature.
+func isComplicatedType(t types.Type) bool {
+	var check func(typ types.Type) bool
+	check = func(typ types.Type) bool {
+		switch t := typ.(type) {
+		case typesinternal.NamedOrAlias:
+			for ta := range t.TypeArgs().Types() {
+				if check(ta) {
+					return true
+				}
+			}
+			return false
+		case *types.Struct, *types.Interface, *types.Signature:
+			// These are complex types with potentially many elements
+			// so we should avoid duplicating their definition.
+			return true
+		case *types.Pointer:
+			return check(t.Elem())
+		case *types.Slice:
+			return check(t.Elem())
+		case *types.Array:
+			return check(t.Elem())
+		case *types.Chan:
+			return check(t.Elem())
+		case *types.Map:
+			return check(t.Key()) || check(t.Elem())
+		case *types.Basic:
+			return false
+		case *types.TypeParam:
+			return false
+		default:
+			// Includes types.Union
+			return true
+		}
+	}
+
+	return check(t)
+}

src/cmd/vendor/golang.org/x/tools/go/analysis/passes/modernize/slices.go

@@ -144,8 +144,7 @@ func appendclipped(pass *analysis.Pass) (any, error) {
 			// https://go.dev/issue/70815#issuecomment-2671572984
 			fileImports := func(path string) bool {
 				return slices.ContainsFunc(file.Imports, func(spec *ast.ImportSpec) bool {
-					value, _ := strconv.Unquote(spec.Path.Value)
-					return value == path
+					return first(strconv.Unquote(spec.Path.Value)) == path
 				})
 			}
 			clonepkg := cond(

src/cmd/vendor/golang.org/x/tools/go/analysis/passes/modernize/stditerators.go

@@ -220,7 +220,7 @@ func stditerators(pass *analysis.Pass) (any, error) {
 			)
 
 			// Analyze enclosing loop.
-			switch ek, _ := curLenCall.ParentEdge(); ek {
+			switch first(curLenCall.ParentEdge()) {
 			case edge.BinaryExpr_Y:
 				// pattern 1: for i := 0; i < x.Len(); i++ { ... }
 				var (

src/cmd/vendor/golang.org/x/tools/go/analysis/passes/modernize/stringsbuilder.go

@@ -5,11 +5,14 @@
 package modernize
 
 import (
+	"cmp"
 	"fmt"
 	"go/ast"
 	"go/constant"
 	"go/token"
 	"go/types"
+	"maps"
+	"slices"
 
 	"golang.org/x/tools/go/analysis"
 	"golang.org/x/tools/go/analysis/passes/inspect"
@@ -61,24 +64,44 @@ func stringsbuilder(pass *analysis.Pass) (any, error) {
 		}
 	}
 
+	lexicalOrder := func(x, y *types.Var) int { return cmp.Compare(x.Pos(), y.Pos()) }
+
+	// File and Pos of last fix edit,
+	// for overlapping fix span detection.
+	var (
+		lastEditFile *ast.File
+		lastEditEnd  token.Pos
+	)
+
 	// Now check each candidate variable's decl and uses.
 nextcand:
-	for v := range candidates {
+	for _, v := range slices.SortedFunc(maps.Keys(candidates), lexicalOrder) {
 		var edits []analysis.TextEdit
 
-		// Check declaration of s:
+		// Check declaration of s has one of these forms:
 		//
 		//    s := expr
 		//    var s [string] [= expr]
+		//    var ( ...; s [string] [= expr] )			(s is last)
 		//
-		// and transform to:
+		// and transform to one of:
 		//
-		//    var s strings.Builder; s.WriteString(expr)
+		//    var   s strings.Builder ; s.WriteString(expr)
+		//    var ( s strings.Builder); s.WriteString(expr)
 		//
 		def, ok := index.Def(v)
 		if !ok {
 			continue
 		}
+
+		// To avoid semantic conflicts, do not offer a fix if its edit
+		// range (ignoring import edits) overlaps a previous fix.
+		// This fixes #76983 and is an ad-hoc mitigation of #76476.
+		file := astutil.EnclosingFile(def)
+		if file == lastEditFile && v.Pos() < lastEditEnd {
+			continue
+		}
+
 		ek, _ := def.ParentEdge()
 		if ek == edge.AssignStmt_Lhs &&
 			len(def.Parent().Node().(*ast.AssignStmt).Lhs) == 1 {
@@ -132,9 +155,20 @@ nextcand:
 			}
 
 		} else if ek == edge.ValueSpec_Names &&
-			len(def.Parent().Node().(*ast.ValueSpec).Names) == 1 {
-			// Have: var s [string] [= expr]
+			len(def.Parent().Node().(*ast.ValueSpec).Names) == 1 &&
+			first(def.Parent().Parent().LastChild()) == def.Parent() {
+			// Have: var   s [string] [= expr]
+			//   or: var ( s [string] [= expr] )
 			// => var s strings.Builder; s.WriteString(expr)
+			//
+			// The LastChild check rejects this case:
+			//   var ( s [string] [= expr]; others... )
+			// =>
+			//   var ( s strings.Builder; others... ); s.WriteString(expr)
+			// since it moves 'expr' across 'others', requiring
+			// reformatting of syntax, which in general is lossy
+			// of comments and vertical space.
+			// We expect this to be rare.
 
 			// Add strings import.
 			prefix, importEdits := refactor.AddImport(
@@ -149,6 +183,8 @@ nextcand:
 				init = spec.Type.End()
 			}
 
+			// Replace (possibly absent) type:
+			//
 			// var s [string]
 			//      ----------------
 			// var s strings.Builder
@@ -159,6 +195,25 @@ nextcand:
 			})
 
 			if len(spec.Values) > 0 && !isEmptyString(pass.TypesInfo, spec.Values[0]) {
+				if decl.Rparen.IsValid() {
+					// var decl with explicit parens:
+					//
+					// var ( ...  =               expr )
+					//           -                     -
+					// var ( ... ); s.WriteString(expr)
+					edits = append(edits, []analysis.TextEdit{
+						{
+							Pos:     init,
+							End:     init,
+							NewText: []byte(")"),
+						},
+						{
+							Pos: spec.Values[0].End(),
+							End: decl.End(),
+						},
+					}...)
+				}
+
 				// =               expr
 				// ----------------    -
 				// ; s.WriteString(expr)
@@ -169,8 +224,8 @@ nextcand:
 						NewText: fmt.Appendf(nil, "; %s.WriteString(", v.Name()),
 					},
 					{
-						Pos:     decl.End(),
-						End:     decl.End(),
+						Pos:     spec.Values[0].End(),
+						End:     spec.Values[0].End(),
 						NewText: []byte(")"),
 					},
 				}...)
@@ -303,6 +358,9 @@ nextcand:
 			continue nextcand // no += in a loop; reject
 		}
 
+		lastEditFile = file
+		lastEditEnd = edits[len(edits)-1].End
+
 		pass.Report(analysis.Diagnostic{
 			Pos:     loopAssign.Pos(),
 			End:     loopAssign.End(),

src/cmd/vendor/golang.org/x/tools/go/analysis/passes/modernize/stringscut.go

@@ -36,7 +36,7 @@ var stringscutAnalyzer = &analysis.Analyzer{
 		typeindexanalyzer.Analyzer,
 	},
 	Run: stringscut,
-	URL: "https://pkg.go.dev/golang.org/x/tools/gopls/internal/analysis/modernize#stringscut",
+	URL: "https://pkg.go.dev/golang.org/x/tools/go/analysis/passes/modernize#stringscut",
 }
 
 func init() {
@@ -345,6 +345,7 @@ func indexArgValid(info *types.Info, index *typeindex.Index, expr ast.Expr, afte
 	switch expr := expr.(type) {
 	case *ast.CallExpr:
 		return types.Identical(tv.Type, byteSliceType) &&
+			info.Types[expr.Fun].IsType() && // make sure this isn't a function that returns a byte slice
 			indexArgValid(info, index, expr.Args[0], afterPos) // check s in []byte(s)
 	case *ast.Ident:
 		sObj := info.Uses[expr]

src/cmd/vendor/golang.org/x/tools/go/analysis/passes/modernize/unsafefuncs.go

@@ -0,0 +1,210 @@
+// Copyright 2025 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package modernize
+
+import (
+	"fmt"
+	"go/ast"
+	"go/token"
+	"go/types"
+
+	"golang.org/x/tools/go/analysis"
+	"golang.org/x/tools/go/analysis/passes/inspect"
+	"golang.org/x/tools/go/ast/edge"
+	"golang.org/x/tools/go/ast/inspector"
+	"golang.org/x/tools/internal/analysis/analyzerutil"
+	"golang.org/x/tools/internal/astutil"
+	"golang.org/x/tools/internal/goplsexport"
+	"golang.org/x/tools/internal/refactor"
+	"golang.org/x/tools/internal/typesinternal"
+	"golang.org/x/tools/internal/versions"
+)
+
+// TODO(adonovan): also support:
+//
+// func String(ptr *byte, len IntegerType) string
+// func StringData(str string) *byte
+// func Slice(ptr *ArbitraryType, len IntegerType) []ArbitraryType
+// func SliceData(slice []ArbitraryType) *ArbitraryType
+
+var unsafeFuncsAnalyzer = &analysis.Analyzer{
+	Name:     "unsafefuncs",
+	Doc:      analyzerutil.MustExtractDoc(doc, "unsafefuncs"),
+	Requires: []*analysis.Analyzer{inspect.Analyzer},
+	Run:      unsafefuncs,
+	URL:      "https://pkg.go.dev/golang.org/x/tools/go/analysis/passes/modernize#unsafefuncs",
+}
+
+func init() {
+	// Export to gopls until this is a published modernizer.
+	goplsexport.UnsafeFuncsModernizer = unsafeFuncsAnalyzer
+}
+
+func unsafefuncs(pass *analysis.Pass) (any, error) {
+	// Short circuit if the package doesn't use unsafe.
+	// (In theory one could use some imported alias of unsafe.Pointer,
+	// but let's ignore that.)
+	if !typesinternal.Imports(pass.Pkg, "unsafe") {
+		return nil, nil
+	}
+
+	var (
+		inspect        = pass.ResultOf[inspect.Analyzer].(*inspector.Inspector)
+		info           = pass.TypesInfo
+		tUnsafePointer = types.Typ[types.UnsafePointer]
+	)
+
+	isInteger := func(t types.Type) bool {
+		basic, ok := t.Underlying().(*types.Basic)
+		return ok && basic.Info()&types.IsInteger != 0
+	}
+
+	// isConversion reports whether e is a conversion T(x).
+	// If so, it returns T and x.
+	isConversion := func(curExpr inspector.Cursor) (t types.Type, x inspector.Cursor) {
+		e := curExpr.Node().(ast.Expr)
+		if conv, ok := ast.Unparen(e).(*ast.CallExpr); ok && len(conv.Args) == 1 {
+			if tv := pass.TypesInfo.Types[conv.Fun]; tv.IsType() {
+				return tv.Type, curExpr.ChildAt(edge.CallExpr_Args, 0)
+			}
+		}
+		return
+	}
+
+	// The general form is where ptr and the result are of type unsafe.Pointer:
+	//
+	// 	unsafe.Pointer(uintptr(ptr) + uintptr(n))
+	// =>
+	// 	unsafe.Add(ptr, n)
+
+	// Search for 'unsafe.Pointer(uintptr + uintptr)'
+	// where the left operand was converted from a pointer.
+	//
+	// (Start from sum, not conversion, as it is not
+	// uncommon to use a local type alias for unsafe.Pointer.)
+	for curSum := range inspect.Root().Preorder((*ast.BinaryExpr)(nil)) {
+		if sum, ok := curSum.Node().(*ast.BinaryExpr); ok &&
+			sum.Op == token.ADD &&
+			types.Identical(info.TypeOf(sum.X), types.Typ[types.Uintptr]) &&
+			astutil.IsChildOf(curSum, edge.CallExpr_Args) {
+			// Have: sum ≡ T(x:...uintptr... + y:...uintptr...)
+			curX := curSum.ChildAt(edge.BinaryExpr_X, -1)
+			curY := curSum.ChildAt(edge.BinaryExpr_Y, -1)
+
+			// Is sum converted to unsafe.Pointer?
+			curResult := curSum.Parent()
+			if t, _ := isConversion(curResult); !(t != nil && types.Identical(t, tUnsafePointer)) {
+				continue
+			}
+			// Have: result ≡ unsafe.Pointer(x:...uintptr... + y:...uintptr...)
+
+			// Is sum.x converted from unsafe.Pointer?
+			_, curPtr := isConversion(curX)
+			if !astutil.CursorValid(curPtr) {
+				continue
+			}
+			ptr := curPtr.Node().(ast.Expr)
+			if !types.Identical(info.TypeOf(ptr), tUnsafePointer) {
+				continue
+			}
+			// Have: result ≡ unsafe.Pointer(x:uintptr(...unsafe.Pointer...) + y:...uintptr...)
+
+			file := astutil.EnclosingFile(curSum)
+			if !analyzerutil.FileUsesGoVersion(pass, file, versions.Go1_17) {
+				continue // unsafe.Add not available in this file
+			}
+
+			// import "unsafe"
+			unsafedot, edits := refactor.AddImport(info, file, "unsafe", "unsafe", "Add", sum.Pos())
+
+			// unsafe.Pointer(x + y)
+			// ---------------     -
+			//                x + y
+			edits = append(edits, deleteConv(curResult)...)
+
+			// uintptr   (ptr) + offset
+			// -----------   ----      -
+			// unsafe.Add(ptr,   offset)
+			edits = append(edits, []analysis.TextEdit{
+				{
+					Pos:     sum.Pos(),
+					End:     ptr.Pos(),
+					NewText: fmt.Appendf(nil, "%sAdd(", unsafedot),
+				},
+				{
+					Pos:     ptr.End(),
+					End:     sum.Y.Pos(),
+					NewText: []byte(", "),
+				},
+				{
+					Pos:     sum.Y.End(),
+					End:     sum.Y.End(),
+					NewText: []byte(")"),
+				},
+			}...)
+
+			// Variant: sum.y operand was converted from another integer type.
+			// Discard the conversion, as Add is generic over integers.
+			//
+			// e.g. unsafe.Pointer(uintptr(ptr) + uintptr(len(s)))
+			//                                    --------      -
+			//      unsafe.Add    (        ptr,           len(s))
+			if t, _ := isConversion(curY); t != nil && isInteger(t) {
+				edits = append(edits, deleteConv(curY)...)
+			}
+
+			pass.Report(analysis.Diagnostic{
+				Pos:     sum.Pos(),
+				End:     sum.End(),
+				Message: "pointer + integer can be simplified using unsafe.Add",
+				SuggestedFixes: []analysis.SuggestedFix{{
+					Message:   "Simplify pointer addition using unsafe.Add",
+					TextEdits: edits,
+				}},
+			})
+		}
+	}
+
+	return nil, nil
+}
+
+// deleteConv returns edits for changing T(x) to x, respecting precedence.
+func deleteConv(cur inspector.Cursor) []analysis.TextEdit {
+	conv := cur.Node().(*ast.CallExpr)
+
+	usesPrec := func(n ast.Node) bool {
+		switch n.(type) {
+		case *ast.BinaryExpr, *ast.UnaryExpr:
+			return true
+		}
+		return false
+	}
+
+	// Be careful not to change precedence of e.g. T(1+2) * 3.
+	// TODO(adonovan): refine this.
+	if usesPrec(cur.Parent().Node()) && usesPrec(conv.Args[0]) {
+		// T(x+y) * z
+		// -
+		//  (x+y) * z
+		return []analysis.TextEdit{{
+			Pos: conv.Fun.Pos(),
+			End: conv.Fun.End(),
+		}}
+	}
+
+	// T(x)
+	// -- -
+	//   x
+	return []analysis.TextEdit{
+		{
+			Pos: conv.Pos(),
+			End: conv.Args[0].Pos(),
+		},
+		{
+			Pos: conv.Args[0].End(),
+			End: conv.End(),
+		},
+	}
+}

src/cmd/vendor/golang.org/x/tools/go/analysis/passes/stdversion/stdversion.go

@@ -99,6 +99,13 @@ func run(pass *analysis.Pass) (any, error) {
 				if obj, ok := pass.TypesInfo.Uses[n]; ok && obj.Pkg() != nil {
 					disallowed := disallowedSymbols(obj.Pkg(), fileVersion)
 					if minVersion, ok := disallowed[origin(obj)]; ok {
+						// Some symbols are accessible before their release but
+						// only with specific build tags unknown to us here.
+						// Avoid false positives in such cases.
+						// TODO(mkalil): move this check into typesinternal.TooNewStdSymbols.
+						if obj.Pkg().Path() == "testing/synctest" && versions.AtLeast(fileVersion, "go1.24") {
+							break // requires go1.24 && goexperiment.synctest || go1.25
+						}
 						noun := "module"
 						if fileVersion != pkgVersion {
 							noun = "file"

src/cmd/vendor/golang.org/x/tools/go/ast/astutil/imports.go

@@ -9,6 +9,7 @@ import (
 	"fmt"
 	"go/ast"
 	"go/token"
+	"reflect"
 	"slices"
 	"strconv"
 	"strings"
@@ -149,7 +150,7 @@ func AddNamedImport(fset *token.FileSet, f *ast.File, name, path string) (added
 	if newImport.Name != nil {
 		newImport.Name.NamePos = pos
 	}
-	newImport.Path.ValuePos = pos
+	updateBasicLitPos(newImport.Path, pos)
 	newImport.EndPos = pos
 
 	// Clean up parens. impDecl contains at least one spec.
@@ -184,7 +185,7 @@ func AddNamedImport(fset *token.FileSet, f *ast.File, name, path string) (added
 		first.Lparen = first.Pos()
 		// Move the imports of the other import declaration to the first one.
 		for _, spec := range gen.Specs {
-			spec.(*ast.ImportSpec).Path.ValuePos = first.Pos()
+			updateBasicLitPos(spec.(*ast.ImportSpec).Path, first.Pos())
 			first.Specs = append(first.Specs, spec)
 		}
 		f.Decls = slices.Delete(f.Decls, i, i+1)
@@ -470,3 +471,17 @@ func Imports(fset *token.FileSet, f *ast.File) [][]*ast.ImportSpec {
 
 	return groups
 }
+
+// updateBasicLitPos updates lit.Pos,
+// ensuring that lit.End (if set) is displaced by the same amount.
+// (See https://go.dev/issue/76395.)
+func updateBasicLitPos(lit *ast.BasicLit, pos token.Pos) {
+	len := lit.End() - lit.Pos()
+	lit.ValuePos = pos
+	// TODO(adonovan): after go1.26, simplify to:
+	//   lit.ValueEnd = pos + len
+	v := reflect.ValueOf(lit).Elem().FieldByName("ValueEnd")
+	if v.IsValid() && v.Int() != 0 {
+		v.SetInt(int64(pos + len))
+	}
+}

src/cmd/vendor/golang.org/x/tools/go/ast/inspector/cursor.go

@@ -453,6 +453,9 @@ func (c Cursor) FindNode(n ast.Node) (Cursor, bool) {
 // rooted at c such that n.Pos() <= start && end <= n.End().
 // (For an *ast.File, it uses the bounds n.FileStart-n.FileEnd.)
 //
+// An empty range (start == end) between two adjacent nodes is
+// considered to belong to the first node.
+//
 // It returns zero if none is found.
 // Precondition: start <= end.
 //
@@ -501,10 +504,17 @@ func (c Cursor) FindByPos(start, end token.Pos) (Cursor, bool) {
 					break // disjoint, after; stop
 				}
 			}
+
 			// Inv: node.{Pos,FileStart} <= start
 			if end <= nodeEnd {
 				// node fully contains target range
 				best = i
+
+				// Don't search beyond end of the first match.
+				// This is important only for an empty range (start=end)
+				// between two adjoining nodes, which would otherwise
+				// match both nodes; we want to match only the first.
+				limit = ev.index
 			} else if nodeEnd < start {
 				i = ev.index // disjoint, before; skip forward
 			}

src/cmd/vendor/golang.org/x/tools/go/ast/inspector/inspector.go

@@ -87,7 +87,7 @@ type event struct {
 // Type can be recovered from the sole bit in typ.
 // [Tried this, wasn't faster. --adonovan]
 
-// Preorder visits all the nodes of the files supplied to New in
+// Preorder visits all the nodes of the files supplied to [New] in
 // depth-first order. It calls f(n) for each node n before it visits
 // n's children.
 //
@@ -133,7 +133,7 @@ func (in *Inspector) Preorder(types []ast.Node, f func(ast.Node)) {
 	}
 }
 
-// Nodes visits the nodes of the files supplied to New in depth-first
+// Nodes visits the nodes of the files supplied to [New] in depth-first
 // order. It calls f(n, true) for each node n before it visits n's
 // children. If f returns true, Nodes invokes f recursively for each
 // of the non-nil children of the node, followed by a call of

src/cmd/vendor/golang.org/x/tools/go/ast/inspector/iter.go

@@ -12,13 +12,31 @@ import (
 )
 
 // PreorderSeq returns an iterator that visits all the
-// nodes of the files supplied to New in depth-first order.
+// nodes of the files supplied to [New] in depth-first order.
 // It visits each node n before n's children.
 // The complete traversal sequence is determined by ast.Inspect.
 //
-// The types argument, if non-empty, enables type-based
-// filtering of events: only nodes whose type matches an
-// element of the types slice are included in the sequence.
+// The types argument, if non-empty, enables type-based filtering:
+// only nodes whose type matches an element of the types slice are
+// included in the sequence.
+//
+// Example:
+//
+//	for call := range in.PreorderSeq((*ast.CallExpr)(nil)) { ... }
+//
+// The [All] function is more convenient if there is exactly one node type:
+//
+//	for call := range All[*ast.CallExpr](in) { ... }
+//
+// See also the newer and more flexible [Cursor] API, which lets you
+// start the traversal at an arbitrary node, and reports each matching
+// node by its Cursor, enabling easier navigation.
+// The above example would be written thus:
+//
+//	for curCall := range in.Root().Preorder((*ast.CallExpr)(nil)) {
+//		call := curCall.Node().(*ast.CallExpr)
+//		...
+//	}
 func (in *Inspector) PreorderSeq(types ...ast.Node) iter.Seq[ast.Node] {
 
 	// This implementation is identical to Preorder,
@@ -53,6 +71,16 @@ func (in *Inspector) PreorderSeq(types ...ast.Node) iter.Seq[ast.Node] {
 // Example:
 //
 //	for call := range All[*ast.CallExpr](in) { ... }
+//
+// See also the newer and more flexible [Cursor] API, which lets you
+// start the traversal at an arbitrary node, and reports each matching
+// node by its Cursor, enabling easier navigation.
+// The above example would be written thus:
+//
+//	for curCall := range in.Root().Preorder((*ast.CallExpr)(nil)) {
+//		call := curCall.Node().(*ast.CallExpr)
+//		...
+//	}
 func All[N interface {
 	*S
 	ast.Node

src/cmd/vendor/golang.org/x/tools/go/cfg/cfg.go

@@ -47,8 +47,6 @@ import (
 	"go/ast"
 	"go/format"
 	"go/token"
-
-	"golang.org/x/tools/internal/cfginternal"
 )
 
 // A CFG represents the control-flow graph of a single function.
@@ -59,6 +57,9 @@ type CFG struct {
 	noreturn bool     // function body lacks a reachable return statement
 }
 
+// NoReturn reports whether the function has no reachable return.
+func (cfg *CFG) NoReturn() bool { return cfg.noreturn }
+
 // A Block represents a basic block: a list of statements and
 // expressions that are always evaluated sequentially.
 //
@@ -184,14 +185,6 @@ func New(body *ast.BlockStmt, mayReturn func(*ast.CallExpr) bool) *CFG {
 	return &CFG{Blocks: b.blocks, noreturn: noreturn}
 }
 
-// isNoReturn reports whether the function has no reachable return.
-// TODO(adonovan): add (*CFG).NoReturn to public API.
-func isNoReturn(_cfg any) bool { return _cfg.(*CFG).noreturn }
-
-func init() {
-	cfginternal.IsNoReturn = isNoReturn // expose to ctrlflow analyzer
-}
-
 func (b *Block) String() string {
 	return fmt.Sprintf("block %d (%s)", b.Index, b.comment(nil))
 }

src/cmd/vendor/golang.org/x/tools/go/types/objectpath/objectpath.go

@@ -29,7 +29,6 @@ import (
 	"strconv"
 	"strings"
 
-	"golang.org/x/tools/internal/aliases"
 	"golang.org/x/tools/internal/typesinternal"
 )
 
@@ -281,10 +280,10 @@ func (enc *Encoder) For(obj types.Object) (Path, error) {
 
 		T := o.Type()
 		if alias, ok := T.(*types.Alias); ok {
-			if r := findTypeParam(obj, aliases.TypeParams(alias), path, opTypeParam); r != nil {
+			if r := findTypeParam(obj, alias.TypeParams(), path, opTypeParam); r != nil {
 				return Path(r), nil
 			}
-			if r := find(obj, aliases.Rhs(alias), append(path, opRhs)); r != nil {
+			if r := find(obj, alias.Rhs(), append(path, opRhs)); r != nil {
 				return Path(r), nil
 			}
 
@@ -694,14 +693,11 @@ func Object(pkg *types.Package, p Path) (types.Object, error) {
 
 		case opRhs:
 			if alias, ok := t.(*types.Alias); ok {
-				t = aliases.Rhs(alias)
-			} else if false && aliases.Enabled() {
-				// The Enabled check is too expensive, so for now we
-				// simply assume that aliases are not enabled.
-				//
+				t = alias.Rhs()
+			} else if false {
 				// Now that go1.24 is assured, we should be able to
-				// replace this with "if true {", but it causes tests
-				// to fail. TODO(adonovan): investigate.
+				// replace this with "if true {", but it causes objectpath
+				// tests to fail. TODO(adonovan): investigate.
 				return nil, fmt.Errorf("cannot apply %q to %s (got %T, want alias)", code, t, t)
 			}
 

src/cmd/vendor/golang.org/x/tools/go/types/typeutil/callee.go

@@ -12,6 +12,7 @@ import (
 
 // Callee returns the named target of a function call, if any:
 // a function, method, builtin, or variable.
+// It returns nil for a T(x) conversion.
 //
 // Functions and methods may potentially have type parameters.
 //

src/cmd/vendor/golang.org/x/tools/internal/aliases/aliases.go

@@ -1,38 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package aliases
-
-import (
-	"go/token"
-	"go/types"
-)
-
-// Package aliases defines backward compatible shims
-// for the types.Alias type representation added in 1.22.
-// This defines placeholders for x/tools until 1.26.
-
-// NewAlias creates a new TypeName in Package pkg that
-// is an alias for the type rhs.
-//
-// The enabled parameter determines whether the resulting [TypeName]'s
-// type is an [types.Alias]. Its value must be the result of a call to
-// [Enabled], which computes the effective value of
-// GODEBUG=gotypesalias=... by invoking the type checker. The Enabled
-// function is expensive and should be called once per task (e.g.
-// package import), not once per call to NewAlias.
-//
-// Precondition: enabled || len(tparams)==0.
-// If materialized aliases are disabled, there must not be any type parameters.
-func NewAlias(enabled bool, pos token.Pos, pkg *types.Package, name string, rhs types.Type, tparams []*types.TypeParam) *types.TypeName {
-	if enabled {
-		tname := types.NewTypeName(pos, pkg, name, nil)
-		SetTypeParams(types.NewAlias(tname, rhs), tparams)
-		return tname
-	}
-	if len(tparams) > 0 {
-		panic("cannot create an alias with type parameters when gotypesalias is not enabled")
-	}
-	return types.NewTypeName(pos, pkg, name, rhs)
-}

src/cmd/vendor/golang.org/x/tools/internal/aliases/aliases_go122.go

@@ -1,80 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package aliases
-
-import (
-	"go/ast"
-	"go/parser"
-	"go/token"
-	"go/types"
-)
-
-// Rhs returns the type on the right-hand side of the alias declaration.
-func Rhs(alias *types.Alias) types.Type {
-	if alias, ok := any(alias).(interface{ Rhs() types.Type }); ok {
-		return alias.Rhs() // go1.23+
-	}
-
-	// go1.22's Alias didn't have the Rhs method,
-	// so Unalias is the best we can do.
-	return types.Unalias(alias)
-}
-
-// TypeParams returns the type parameter list of the alias.
-func TypeParams(alias *types.Alias) *types.TypeParamList {
-	if alias, ok := any(alias).(interface{ TypeParams() *types.TypeParamList }); ok {
-		return alias.TypeParams() // go1.23+
-	}
-	return nil
-}
-
-// SetTypeParams sets the type parameters of the alias type.
-func SetTypeParams(alias *types.Alias, tparams []*types.TypeParam) {
-	if alias, ok := any(alias).(interface {
-		SetTypeParams(tparams []*types.TypeParam)
-	}); ok {
-		alias.SetTypeParams(tparams) // go1.23+
-	} else if len(tparams) > 0 {
-		panic("cannot set type parameters of an Alias type in go1.22")
-	}
-}
-
-// TypeArgs returns the type arguments used to instantiate the Alias type.
-func TypeArgs(alias *types.Alias) *types.TypeList {
-	if alias, ok := any(alias).(interface{ TypeArgs() *types.TypeList }); ok {
-		return alias.TypeArgs() // go1.23+
-	}
-	return nil // empty (go1.22)
-}
-
-// Origin returns the generic Alias type of which alias is an instance.
-// If alias is not an instance of a generic alias, Origin returns alias.
-func Origin(alias *types.Alias) *types.Alias {
-	if alias, ok := any(alias).(interface{ Origin() *types.Alias }); ok {
-		return alias.Origin() // go1.23+
-	}
-	return alias // not an instance of a generic alias (go1.22)
-}
-
-// Enabled reports whether [NewAlias] should create [types.Alias] types.
-//
-// This function is expensive! Call it sparingly.
-func Enabled() bool {
-	// The only reliable way to compute the answer is to invoke go/types.
-	// We don't parse the GODEBUG environment variable, because
-	// (a) it's tricky to do so in a manner that is consistent
-	//     with the godebug package; in particular, a simple
-	//     substring check is not good enough. The value is a
-	//     rightmost-wins list of options. But more importantly:
-	// (b) it is impossible to detect changes to the effective
-	//     setting caused by os.Setenv("GODEBUG"), as happens in
-	//     many tests. Therefore any attempt to cache the result
-	//     is just incorrect.
-	fset := token.NewFileSet()
-	f, _ := parser.ParseFile(fset, "a.go", "package p; type A = int", parser.SkipObjectResolution)
-	pkg, _ := new(types.Config).Check("p", fset, []*ast.File{f}, nil)
-	_, enabled := pkg.Scope().Lookup("A").Type().(*types.Alias)
-	return enabled
-}

src/cmd/vendor/golang.org/x/tools/internal/astutil/util.go

@@ -178,6 +178,9 @@ func (r Range) IsValid() bool { return r.Start.IsValid() && r.Start <= r.EndPos
 //
 // Select returns the enclosing BlockStmt, the f() CallExpr, and the g() CallExpr.
 //
+// If the selection does not wholly enclose any nodes, Select returns an error
+// and invalid start/end nodes, but it may return a valid enclosing node.
+//
 // Callers that require exactly one syntax tree (e.g. just f() or just
 // g()) should check that the returned start and end nodes are
 // identical.
@@ -214,7 +217,12 @@ func Select(curFile inspector.Cursor, start, end token.Pos) (_enclosing, _start,
 		}
 	}
 	if !CursorValid(curStart) {
-		return noCursor, noCursor, noCursor, fmt.Errorf("no syntax selected")
+		// The selection is valid (inside curEnclosing) but contains no
+		// complete nodes. This happens for point selections (start == end),
+		// or selections covering only only spaces, comments, and punctuation
+		// tokens.
+		// Return the enclosing node so the caller can still use the context.
+		return curEnclosing, noCursor, noCursor, fmt.Errorf("invalid selection")
 	}
 	return curEnclosing, curStart, curEnd, nil
 }

src/cmd/vendor/golang.org/x/tools/internal/cfginternal/cfginternal.go

@@ -1,16 +0,0 @@
-// Copyright 2025 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package cfginternal exposes internals of go/cfg.
-// It cannot actually depend on symbols from go/cfg.
-package cfginternal
-
-// IsNoReturn exposes (*cfg.CFG).noReturn to the ctrlflow analyzer.
-// TODO(adonovan): add CFG.NoReturn to the public API.
-//
-// You must link [golang.org/x/tools/go/cfg] into your application for
-// this function to be non-nil.
-var IsNoReturn = func(cfg any) bool {
-	panic("golang.org/x/tools/go/cfg not linked into application")
-}

src/cmd/vendor/golang.org/x/tools/internal/diff/lcs/old.go

@@ -23,9 +23,13 @@ func DiffBytes(a, b []byte) []Diff { return diff(bytesSeqs{a, b}) }
 // DiffRunes returns the differences between two rune sequences.
 func DiffRunes(a, b []rune) []Diff { return diff(runesSeqs{a, b}) }
 
+// DiffLines returns the differences between two string sequences.
+func DiffLines(a, b []string) []Diff { return diff(linesSeqs{a, b}) }
+
+// A limit on how deeply the LCS algorithm should search. The value is just a guess.
+var maxDiffs = 100
+
 func diff(seqs sequences) []Diff {
-	// A limit on how deeply the LCS algorithm should search. The value is just a guess.
-	const maxDiffs = 100
 	diff, _ := compute(seqs, twosided, maxDiffs/2)
 	return diff
 }

src/cmd/vendor/golang.org/x/tools/internal/diff/lcs/sequence.go

@@ -13,63 +13,44 @@ type sequences interface {
 	commonSuffixLen(ai, aj, bi, bj int) int // len(commonSuffix(A[ai:aj], B[bi:bj]))
 }
 
-type stringSeqs struct{ a, b string }
-
-func (s stringSeqs) lengths() (int, int) { return len(s.a), len(s.b) }
-func (s stringSeqs) commonPrefixLen(ai, aj, bi, bj int) int {
-	return commonPrefixLenString(s.a[ai:aj], s.b[bi:bj])
-}
-func (s stringSeqs) commonSuffixLen(ai, aj, bi, bj int) int {
-	return commonSuffixLenString(s.a[ai:aj], s.b[bi:bj])
-}
-
 // The explicit capacity in s[i:j:j] leads to more efficient code.
 
 type bytesSeqs struct{ a, b []byte }
 
 func (s bytesSeqs) lengths() (int, int) { return len(s.a), len(s.b) }
 func (s bytesSeqs) commonPrefixLen(ai, aj, bi, bj int) int {
-	return commonPrefixLenBytes(s.a[ai:aj:aj], s.b[bi:bj:bj])
+	return commonPrefixLen(s.a[ai:aj:aj], s.b[bi:bj:bj])
 }
 func (s bytesSeqs) commonSuffixLen(ai, aj, bi, bj int) int {
-	return commonSuffixLenBytes(s.a[ai:aj:aj], s.b[bi:bj:bj])
+	return commonSuffixLen(s.a[ai:aj:aj], s.b[bi:bj:bj])
 }
 
 type runesSeqs struct{ a, b []rune }
 
 func (s runesSeqs) lengths() (int, int) { return len(s.a), len(s.b) }
 func (s runesSeqs) commonPrefixLen(ai, aj, bi, bj int) int {
-	return commonPrefixLenRunes(s.a[ai:aj:aj], s.b[bi:bj:bj])
+	return commonPrefixLen(s.a[ai:aj:aj], s.b[bi:bj:bj])
 }
 func (s runesSeqs) commonSuffixLen(ai, aj, bi, bj int) int {
-	return commonSuffixLenRunes(s.a[ai:aj:aj], s.b[bi:bj:bj])
+	return commonSuffixLen(s.a[ai:aj:aj], s.b[bi:bj:bj])
+}
+
+type linesSeqs struct{ a, b []string }
+
+func (s linesSeqs) lengths() (int, int) { return len(s.a), len(s.b) }
+func (s linesSeqs) commonPrefixLen(ai, aj, bi, bj int) int {
+	return commonPrefixLen(s.a[ai:aj], s.b[bi:bj])
+}
+func (s linesSeqs) commonSuffixLen(ai, aj, bi, bj int) int {
+	return commonSuffixLen(s.a[ai:aj], s.b[bi:bj])
 }
 
 // TODO(adonovan): optimize these functions using ideas from:
 // - https://go.dev/cl/408116 common.go
 // - https://go.dev/cl/421435 xor_generic.go
 
-// TODO(adonovan): factor using generics when available,
-// but measure performance impact.
-
-// commonPrefixLen* returns the length of the common prefix of a[ai:aj] and b[bi:bj].
-func commonPrefixLenBytes(a, b []byte) int {
-	n := min(len(a), len(b))
-	i := 0
-	for i < n && a[i] == b[i] {
-		i++
-	}
-	return i
-}
-func commonPrefixLenRunes(a, b []rune) int {
-	n := min(len(a), len(b))
-	i := 0
-	for i < n && a[i] == b[i] {
-		i++
-	}
-	return i
-}
-func commonPrefixLenString(a, b string) int {
+// commonPrefixLen returns the length of the common prefix of a[ai:aj] and b[bi:bj].
+func commonPrefixLen[T comparable](a, b []T) int {
 	n := min(len(a), len(b))
 	i := 0
 	for i < n && a[i] == b[i] {
@@ -78,24 +59,8 @@ func commonPrefixLenString(a, b string) int {
 	return i
 }
 
-// commonSuffixLen* returns the length of the common suffix of a[ai:aj] and b[bi:bj].
-func commonSuffixLenBytes(a, b []byte) int {
-	n := min(len(a), len(b))
-	i := 0
-	for i < n && a[len(a)-1-i] == b[len(b)-1-i] {
-		i++
-	}
-	return i
-}
-func commonSuffixLenRunes(a, b []rune) int {
-	n := min(len(a), len(b))
-	i := 0
-	for i < n && a[len(a)-1-i] == b[len(b)-1-i] {
-		i++
-	}
-	return i
-}
-func commonSuffixLenString(a, b string) int {
+// commonSuffixLen returns the length of the common suffix of a[ai:aj] and b[bi:bj].
+func commonSuffixLen[T comparable](a, b []T) int {
 	n := min(len(a), len(b))
 	i := 0
 	for i < n && a[len(a)-1-i] == b[len(b)-1-i] {

src/cmd/vendor/golang.org/x/tools/internal/diff/ndiff.go

@@ -6,11 +6,30 @@ package diff
 
 import (
 	"bytes"
+	"strings"
 	"unicode/utf8"
 
 	"golang.org/x/tools/internal/diff/lcs"
 )
 
+// Lines computes differences between two strings. All edits are at line boundaries.
+func Lines(before, after string) []Edit {
+	beforeLines, bOffsets := splitLines(before)
+	afterLines, _ := splitLines(after)
+	diffs := lcs.DiffLines(beforeLines, afterLines)
+
+	// Convert from LCS diffs to Edits
+	res := make([]Edit, len(diffs))
+	for i, d := range diffs {
+		res[i] = Edit{
+			Start: bOffsets[d.Start],
+			End:   bOffsets[d.End],
+			New:   strings.Join(afterLines[d.ReplStart:d.ReplEnd], ""),
+		}
+	}
+	return res
+}
+
 // Strings computes the differences between two strings.
 // The resulting edits respect rune boundaries.
 func Strings(before, after string) []Edit {

src/cmd/vendor/golang.org/x/tools/internal/diff/unified.go

@@ -7,6 +7,8 @@ package diff
 import (
 	"fmt"
 	"log"
+	"regexp"
+	"strconv"
 	"strings"
 )
 
@@ -114,7 +116,7 @@ func toUnified(fromName, toName string, content string, edits []Edit, contextLin
 	if err != nil {
 		return u, err
 	}
-	lines := splitLines(content)
+	lines, _ := splitLines(content)
 	var h *hunk
 	last := 0
 	toLine := 0
@@ -156,7 +158,8 @@ func toUnified(fromName, toName string, content string, edits []Edit, contextLin
 			last++
 		}
 		if edit.New != "" {
-			for _, content := range splitLines(edit.New) {
+			v, _ := splitLines(edit.New)
+			for _, content := range v {
 				h.lines = append(h.lines, line{kind: opInsert, content: content})
 				toLine++
 			}
@@ -170,12 +173,24 @@ func toUnified(fromName, toName string, content string, edits []Edit, contextLin
 	return u, nil
 }
 
-func splitLines(text string) []string {
-	lines := strings.SplitAfter(text, "\n")
-	if lines[len(lines)-1] == "" {
-		lines = lines[:len(lines)-1]
+// split into lines removing a final empty line,
+// and also return the offsets of the line beginnings.
+func splitLines(text string) ([]string, []int) {
+	var lines []string
+	offsets := []int{0}
+	start := 0
+	for i, r := range text {
+		if r == '\n' {
+			lines = append(lines, text[start:i+1])
+			start = i + 1
+			offsets = append(offsets, start)
+		}
 	}
-	return lines
+	if start < len(text) {
+		lines = append(lines, text[start:])
+		offsets = append(offsets, len(text))
+	}
+	return lines, offsets
 }
 
 func addEqualLines(h *hunk, lines []string, start, end int) int {
@@ -249,3 +264,51 @@ func (u unified) String() string {
 	}
 	return b.String()
 }
+
+// ApplyUnified applies the unified diffs.
+func ApplyUnified(udiffs, bef string) (string, error) {
+	before := strings.Split(bef, "\n")
+	unif := strings.Split(udiffs, "\n")
+	var got []string
+	left := 0
+	// parse and apply the unified diffs
+	for _, l := range unif {
+		if len(l) == 0 {
+			continue // probably the last line (from Split)
+		}
+		switch l[0] {
+		case '@': // The @@ line
+			m := atregexp.FindStringSubmatch(l)
+			fromLine, err := strconv.Atoi(m[1])
+			if err != nil {
+				return "", fmt.Errorf("missing line number in %q", l)
+			}
+			// before is a slice, so0-based; fromLine is 1-based
+			for ; left < fromLine-1; left++ {
+				got = append(got, before[left])
+			}
+		case '+': // add this line
+			if strings.HasPrefix(l, "+++ ") {
+				continue
+			}
+			got = append(got, l[1:])
+		case '-': // delete this line
+			if strings.HasPrefix(l, "--- ") {
+				continue
+			}
+			left++
+		case ' ':
+			return "", fmt.Errorf("unexpected line %q", l)
+		default:
+			return "", fmt.Errorf("impossible unified %q", udiffs)
+		}
+	}
+	// copy any remaining lines
+	for ; left < len(before); left++ {
+		got = append(got, before[left])
+	}
+	return strings.Join(got, "\n"), nil
+}
+
+// The first number in the @@ lines is the line number in the 'before' data
+var atregexp = regexp.MustCompile(`@@ -(\d+).* @@`)

src/cmd/vendor/golang.org/x/tools/internal/facts/imports.go

@@ -7,7 +7,6 @@ package facts
 import (
 	"go/types"
 
-	"golang.org/x/tools/internal/aliases"
 	"golang.org/x/tools/internal/typesinternal"
 )
 
@@ -78,7 +77,7 @@ func importMap(imports []*types.Package) map[string]*types.Package {
 				// variant aspects
 				switch T := T.(type) {
 				case *types.Alias:
-					addType(aliases.Rhs(T))
+					addType(T.Rhs())
 				case *types.Named:
 					addType(T.Underlying())
 					for method := range T.Methods() {

src/cmd/vendor/golang.org/x/tools/internal/goplsexport/export.go

@@ -13,4 +13,5 @@ var (
 	StdIteratorsModernizer *analysis.Analyzer // = modernize.stditeratorsAnalyzer
 	PlusBuildModernizer    *analysis.Analyzer // = modernize.plusbuildAnalyzer
 	StringsCutModernizer   *analysis.Analyzer // = modernize.stringscutAnalyzer
+	UnsafeFuncsModernizer  *analysis.Analyzer // = modernize.unsafeFuncsAnalyzer
 )

src/cmd/vendor/golang.org/x/tools/internal/stdlib/deps.go

@@ -12,364 +12,366 @@ type pkginfo struct {
 }
 
 var deps = [...]pkginfo{
-	{"archive/tar", "\x03p\x03F=\x01\n\x01$\x01\x01\x02\x05\b\x02\x01\x02\x02\f"},
-	{"archive/zip", "\x02\x04f\a\x03\x13\x021=\x01+\x05\x01\x0f\x03\x02\x0e\x04"},
-	{"bufio", "\x03p\x86\x01D\x14"},
-	{"bytes", "s+[\x03\fG\x02\x02"},
+	{"archive/tar", "\x03q\x03F=\x01\n\x01$\x01\x01\x02\x05\b\x02\x01\x02\x02\r"},
+	{"archive/zip", "\x02\x04g\a\x03\x13\x021=\x01+\x05\x01\x0f\x03\x02\x0f\x04"},
+	{"bufio", "\x03q\x86\x01D\x15"},
+	{"bytes", "t+[\x03\fH\x02\x02"},
 	{"cmp", ""},
-	{"compress/bzip2", "\x02\x02\xf5\x01A"},
-	{"compress/flate", "\x02q\x03\x83\x01\f\x033\x01\x03"},
-	{"compress/gzip", "\x02\x04f\a\x03\x15nT"},
-	{"compress/lzw", "\x02q\x03\x83\x01"},
-	{"compress/zlib", "\x02\x04f\a\x03\x13\x01o"},
-	{"container/heap", "\xbb\x02"},
+	{"compress/bzip2", "\x02\x02\xf6\x01A"},
+	{"compress/flate", "\x02r\x03\x83\x01\f\x033\x01\x03"},
+	{"compress/gzip", "\x02\x04g\a\x03\x15nU"},
+	{"compress/lzw", "\x02r\x03\x83\x01"},
+	{"compress/zlib", "\x02\x04g\a\x03\x13\x01o"},
+	{"container/heap", "\xbc\x02"},
 	{"container/list", ""},
 	{"container/ring", ""},
-	{"context", "s\\p\x01\r"},
-	{"crypto", "\x89\x01pC"},
-	{"crypto/aes", "\x10\n\t\x99\x02"},
-	{"crypto/cipher", "\x03 \x01\x01 \x12\x1c,Z"},
-	{"crypto/des", "\x10\x15 .,\x9d\x01\x03"},
-	{"crypto/dsa", "E\x04*\x86\x01\r"},
-	{"crypto/ecdh", "\x03\v\f\x10\x04\x17\x04\x0e\x1c\x86\x01"},
-	{"crypto/ecdsa", "\x0e\x05\x03\x04\x01\x10\b\v\x06\x01\x04\r\x01\x1c\x86\x01\r\x05K\x01"},
-	{"crypto/ed25519", "\x0e\x1e\x12\a\v\a\x1c\x86\x01C"},
-	{"crypto/elliptic", "3@\x86\x01\r9"},
-	{"crypto/fips140", "\"\x05"},
-	{"crypto/hkdf", "/\x15\x01.\x16"},
-	{"crypto/hmac", "\x1a\x16\x14\x01\x122"},
-	{"crypto/internal/boring", "\x0e\x02\rl"},
-	{"crypto/internal/boring/bbig", "\x1a\xec\x01M"},
-	{"crypto/internal/boring/bcache", "\xc0\x02\x13"},
+	{"context", "t\\p\x01\x0e"},
+	{"crypto", "\x8a\x01pC"},
+	{"crypto/aes", "\x10\v\t\x99\x02"},
+	{"crypto/cipher", "\x03!\x01\x01 \x12\x1c,Z"},
+	{"crypto/des", "\x10\x16 .,\x9d\x01\x03"},
+	{"crypto/dsa", "F\x03+\x86\x01\r"},
+	{"crypto/ecdh", "\x03\v\r\x10\x04\x17\x03\x0f\x1c\x86\x01"},
+	{"crypto/ecdsa", "\x0e\x05\x03\x05\x01\x10\b\v\x06\x01\x03\x0e\x01\x1c\x86\x01\r\x05L\x01"},
+	{"crypto/ed25519", "\x0e\x1f\x12\a\x03\b\a\x1cI=C"},
+	{"crypto/elliptic", "4@\x86\x01\r9"},
+	{"crypto/fips140", "#\x05\x95\x01\x98\x01"},
+	{"crypto/hkdf", "0\x15\x01.\x16"},
+	{"crypto/hmac", "\x1b\x16\x14\x01\x122"},
+	{"crypto/hpke", "\x03\v\x02\x03\x04\x01\f\x01\x05\x1f\x05\a\x01\x01\x1d\x03\x13\x16\x9b\x01\x1c"},
+	{"crypto/internal/boring", "\x0e\x02\x0el"},
+	{"crypto/internal/boring/bbig", "\x1b\xec\x01N"},
+	{"crypto/internal/boring/bcache", "\xc1\x02\x14"},
 	{"crypto/internal/boring/sig", ""},
 	{"crypto/internal/constanttime", ""},
-	{"crypto/internal/cryptotest", "\x03\r\n\b&\x0f\x19\x06\x13\x12 \x04\x06\t\x19\x01\x11\x11\x1b\x01\a\x05\b\x03\x05\v"},
-	{"crypto/internal/entropy", "J"},
-	{"crypto/internal/entropy/v1.0.0", "C0\x95\x018\x13"},
-	{"crypto/internal/fips140", "B1\xbf\x01\v\x16"},
-	{"crypto/internal/fips140/aes", "\x03\x1f\x03\x02\x14\x05\x01\x01\x06+\x95\x014"},
-	{"crypto/internal/fips140/aes/gcm", "\"\x01\x02\x02\x02\x12\x05\x01\a+\x92\x01"},
-	{"crypto/internal/fips140/alias", "\xd3\x02"},
-	{"crypto/internal/fips140/bigmod", "'\x19\x01\a+\x95\x01"},
-	{"crypto/internal/fips140/check", "\"\x0e\a\t\x02\xb7\x01Z"},
-	{"crypto/internal/fips140/check/checktest", "'\x8b\x02!"},
-	{"crypto/internal/fips140/drbg", "\x03\x1e\x01\x01\x04\x14\x05\t\x01)\x86\x01\x0f7\x01"},
-	{"crypto/internal/fips140/ecdh", "\x03\x1f\x05\x02\n\r3\x86\x01\x0f7"},
-	{"crypto/internal/fips140/ecdsa", "\x03\x1f\x04\x01\x02\a\x03\x06:\x16pF"},
-	{"crypto/internal/fips140/ed25519", "\x03\x1f\x05\x02\x04\f:\xc9\x01\x03"},
-	{"crypto/internal/fips140/edwards25519", "\x1e\t\a\x123\x95\x017"},
-	{"crypto/internal/fips140/edwards25519/field", "'\x14\x053\x95\x01"},
-	{"crypto/internal/fips140/hkdf", "\x03\x1f\x05\t\a<\x16"},
-	{"crypto/internal/fips140/hmac", "\x03\x1f\x15\x01\x01:\x16"},
-	{"crypto/internal/fips140/mldsa", "\x03\x1b\x04\x05\x02\x0e\x01\x03\x053\x95\x017"},
-	{"crypto/internal/fips140/mlkem", "\x03\x1f\x05\x02\x0f\x03\x053\xcc\x01"},
-	{"crypto/internal/fips140/nistec", "\x1e\t\r\f3\x95\x01*\r\x14"},
-	{"crypto/internal/fips140/nistec/fiat", "'\x148\x95\x01"},
-	{"crypto/internal/fips140/pbkdf2", "\x03\x1f\x05\t\a<\x16"},
-	{"crypto/internal/fips140/rsa", "\x03\x1b\x04\x04\x01\x02\x0e\x01\x01\x028\x16pF"},
-	{"crypto/internal/fips140/sha256", "\x03\x1f\x1e\x01\a+\x16\x7f"},
-	{"crypto/internal/fips140/sha3", "\x03\x1f\x19\x05\x012\x95\x01K"},
-	{"crypto/internal/fips140/sha512", "\x03\x1f\x1e\x01\a+\x16\x7f"},
-	{"crypto/internal/fips140/ssh", "'b"},
-	{"crypto/internal/fips140/subtle", "\x1e\a\x1b\xc8\x01"},
-	{"crypto/internal/fips140/tls12", "\x03\x1f\x05\t\a\x02:\x16"},
-	{"crypto/internal/fips140/tls13", "\x03\x1f\x05\b\b\t3\x16"},
-	{"crypto/internal/fips140cache", "\xb2\x02\r&"},
+	{"crypto/internal/cryptotest", "\x03\r\v\b%\x10\x19\x06\x13\x12 \x04\x06\t\x19\x01\x11\x11\x1b\x01\a\x05\b\x03\x05\f"},
+	{"crypto/internal/entropy", "K"},
+	{"crypto/internal/entropy/v1.0.0", "D0\x95\x018\x14"},
+	{"crypto/internal/fips140", "C1\xbf\x01\v\x17"},
+	{"crypto/internal/fips140/aes", "\x03 \x03\x02\x14\x05\x01\x01\x05,\x95\x014"},
+	{"crypto/internal/fips140/aes/gcm", "#\x01\x02\x02\x02\x12\x05\x01\x06,\x92\x01"},
+	{"crypto/internal/fips140/alias", "\xd5\x02"},
+	{"crypto/internal/fips140/bigmod", "(\x19\x01\x06,\x95\x01"},
+	{"crypto/internal/fips140/check", "#\x0e\a\t\x02\xb7\x01["},
+	{"crypto/internal/fips140/check/checktest", "(\x8b\x02\""},
+	{"crypto/internal/fips140/drbg", "\x03\x1f\x01\x01\x04\x14\x05\n)\x86\x01\x0f7\x01"},
+	{"crypto/internal/fips140/ecdh", "\x03 \x05\x02\n\r3\x86\x01\x0f7"},
+	{"crypto/internal/fips140/ecdsa", "\x03 \x04\x01\x02\a\x03\x06:\x16pF"},
+	{"crypto/internal/fips140/ed25519", "\x03 \x05\x02\x04\f:\xc9\x01\x03"},
+	{"crypto/internal/fips140/edwards25519", "\x1f\t\a\x123\x95\x017"},
+	{"crypto/internal/fips140/edwards25519/field", "(\x14\x053\x95\x01"},
+	{"crypto/internal/fips140/hkdf", "\x03 \x05\t\a<\x16"},
+	{"crypto/internal/fips140/hmac", "\x03 \x15\x01\x01:\x16"},
+	{"crypto/internal/fips140/mldsa", "\x03\x1c\x04\x05\x02\x0e\x01\x03\x053\x95\x017"},
+	{"crypto/internal/fips140/mlkem", "\x03 \x05\x02\x0f\x03\x053\xcc\x01"},
+	{"crypto/internal/fips140/nistec", "\x1f\t\r\f3\x95\x01*\r\x15"},
+	{"crypto/internal/fips140/nistec/fiat", "(\x148\x95\x01"},
+	{"crypto/internal/fips140/pbkdf2", "\x03 \x05\t\a<\x16"},
+	{"crypto/internal/fips140/rsa", "\x03\x1c\x04\x04\x01\x02\x0e\x01\x01\x028\x16pF"},
+	{"crypto/internal/fips140/sha256", "\x03 \x1e\x01\x06,\x16\x7f"},
+	{"crypto/internal/fips140/sha3", "\x03 \x19\x05\x012\x95\x01L"},
+	{"crypto/internal/fips140/sha512", "\x03 \x1e\x01\x06,\x16\x7f"},
+	{"crypto/internal/fips140/ssh", "(b"},
+	{"crypto/internal/fips140/subtle", "\x1f\a\x1b\xc8\x01"},
+	{"crypto/internal/fips140/tls12", "\x03 \x05\t\a\x02:\x16"},
+	{"crypto/internal/fips140/tls13", "\x03 \x05\b\b\t3\x16"},
+	{"crypto/internal/fips140cache", "\xb3\x02\r'"},
 	{"crypto/internal/fips140deps", ""},
-	{"crypto/internal/fips140deps/byteorder", "\x9f\x01"},
-	{"crypto/internal/fips140deps/cpu", "\xb4\x01\a"},
-	{"crypto/internal/fips140deps/godebug", "\xbc\x01"},
-	{"crypto/internal/fips140deps/time", "\xcd\x02"},
-	{"crypto/internal/fips140hash", "8\x1d4\xca\x01"},
-	{"crypto/internal/fips140only", ")\x0e\x01\x01P3="},
+	{"crypto/internal/fips140deps/byteorder", "\xa0\x01"},
+	{"crypto/internal/fips140deps/cpu", "\xb5\x01\a"},
+	{"crypto/internal/fips140deps/godebug", "\xbd\x01"},
+	{"crypto/internal/fips140deps/time", "\xcf\x02"},
+	{"crypto/internal/fips140hash", "9\x1d4\xcb\x01"},
+	{"crypto/internal/fips140only", "\x17\x13\x0e\x01\x01Pp"},
 	{"crypto/internal/fips140test", ""},
-	{"crypto/internal/hpke", "\x03\v\x01\x01\x03\x055\x03\x04\x01\x01\x16\a\x03\x13\xcc\x01"},
-	{"crypto/internal/impl", "\xbd\x02"},
-	{"crypto/internal/randutil", "\xf9\x01\x12"},
-	{"crypto/internal/sysrand", "sq! \r\r\x01\x01\f\x06"},
-	{"crypto/internal/sysrand/internal/seccomp", "s"},
-	{"crypto/md5", "\x0e7.\x16\x16i"},
-	{"crypto/mlkem", "\x0e$"},
-	{"crypto/mlkem/mlkemtest", "2\x1b&"},
-	{"crypto/pbkdf2", "5\x0f\x01.\x16"},
-	{"crypto/rand", "\x1a\b\a\x1c\x04\x01)\x86\x01\rM"},
-	{"crypto/rc4", "% .\xc9\x01"},
-	{"crypto/rsa", "\x0e\f\x01\v\x10\x0e\x01\x04\a\a\x1c\x03\x133=\f\x01"},
-	{"crypto/sha1", "\x0e\f+\x03+\x16\x16\x15T"},
-	{"crypto/sha256", "\x0e\f\x1dR"},
-	{"crypto/sha3", "\x0e*Q\xca\x01"},
-	{"crypto/sha512", "\x0e\f\x1fP"},
-	{"crypto/subtle", "\x1e\x1d\x9f\x01X"},
-	{"crypto/tls", "\x03\b\x02\x01\x01\x01\x01\x02\x01\x01\x01\x02\x01\x01\t\x01\x0e\n\x01\n\x05\x04\x01\x01\x01\x01\x02\x01\x02\x01\x17\x02\x03\x13\x16\x15\b=\x16\x16\r\b\x01\x01\x01\x02\x01\r\x06\x02\x01\x0f"},
-	{"crypto/tls/internal/fips140tls", "\x17\xa9\x02"},
-	{"crypto/x509", "\x03\v\x01\x01\x01\x01\x01\x01\x01\x016\x06\x01\x01\x02\x05\x0e\x06\x02\x02\x03F\x03:\x01\x02\b\x01\x01\x02\a\x10\x05\x01\x06\a\b\x02\x01\x02\x0e\x02\x01\x01\x02\x03\x01"},
-	{"crypto/x509/pkix", "i\x06\a\x90\x01G"},
-	{"database/sql", "\x03\nP\x16\x03\x83\x01\v\a\"\x05\b\x02\x03\x01\r\x02\x02\x02"},
-	{"database/sql/driver", "\rf\x03\xb7\x01\x0f\x11"},
-	{"debug/buildinfo", "\x03]\x02\x01\x01\b\a\x03g\x1a\x02\x01+\x0f\x1f"},
-	{"debug/dwarf", "\x03i\a\x03\x83\x011\x11\x01\x01"},
-	{"debug/elf", "\x03\x06V\r\a\x03g\x1b\x01\f \x17\x01\x16"},
-	{"debug/gosym", "\x03i\n\xc5\x01\x01\x01\x02"},
-	{"debug/macho", "\x03\x06V\r\ng\x1c,\x17\x01"},
-	{"debug/pe", "\x03\x06V\r\a\x03g\x1c,\x17\x01\x16"},
-	{"debug/plan9obj", "l\a\x03g\x1c,"},
-	{"embed", "s+B\x19\x01S"},
+	{"crypto/internal/impl", "\xbe\x02"},
+	{"crypto/internal/rand", "\x1b\x0f s=["},
+	{"crypto/internal/randutil", "\xfa\x01\x12"},
+	{"crypto/internal/sysrand", "tq! \r\r\x01\x01\r\x06"},
+	{"crypto/internal/sysrand/internal/seccomp", "t"},
+	{"crypto/md5", "\x0e8.\x16\x16i"},
+	{"crypto/mlkem", "\x0e%"},
+	{"crypto/mlkem/mlkemtest", "3\x13\b&"},
+	{"crypto/pbkdf2", "6\x0f\x01.\x16"},
+	{"crypto/rand", "\x1b\x0f\x1c\x03+\x86\x01\rN"},
+	{"crypto/rc4", "& .\xc9\x01"},
+	{"crypto/rsa", "\x0e\r\x01\v\x10\x0e\x01\x03\b\a\x1c\x03\x133=\f\x01"},
+	{"crypto/sha1", "\x0e\r+\x02,\x16\x16\x15T"},
+	{"crypto/sha256", "\x0e\r\x1dR"},
+	{"crypto/sha3", "\x0e+Q\xcb\x01"},
+	{"crypto/sha512", "\x0e\r\x1fP"},
+	{"crypto/subtle", "\x1f\x1d\x9f\x01z"},
+	{"crypto/tls", "\x03\b\x02\x01\x01\x01\x01\x02\x01\x01\x01\x02\x01\x01\x01\t\x01\x18\x01\x0f\x01\x03\x01\x01\x01\x01\x02\x01\x02\x01\x17\x02\x03\x13\x16\x15\b=\x16\x16\r\b\x01\x01\x01\x02\x01\x0e\x06\x02\x01\x0f"},
+	{"crypto/tls/internal/fips140tls", "\x17\xaa\x02"},
+	{"crypto/x509", "\x03\v\x01\x01\x01\x01\x01\x01\x01\x017\x06\x01\x01\x02\x05\x0e\x06\x02\x02\x03F\x03:\x01\x02\b\x01\x01\x02\a\x10\x05\x01\x06\a\b\x02\x01\x02\x0f\x02\x01\x01\x02\x03\x01"},
+	{"crypto/x509/pkix", "j\x06\a\x90\x01H"},
+	{"database/sql", "\x03\nQ\x16\x03\x83\x01\v\a\"\x05\b\x02\x03\x01\x0e\x02\x02\x02"},
+	{"database/sql/driver", "\rg\x03\xb7\x01\x0f\x12"},
+	{"debug/buildinfo", "\x03^\x02\x01\x01\b\a\x03g\x1a\x02\x01+\x0f "},
+	{"debug/dwarf", "\x03j\a\x03\x83\x011\x11\x01\x01"},
+	{"debug/elf", "\x03\x06W\r\a\x03g\x1b\x01\f \x17\x01\x17"},
+	{"debug/gosym", "\x03j\n$\xa1\x01\x01\x01\x02"},
+	{"debug/macho", "\x03\x06W\r\ng\x1c,\x17\x01"},
+	{"debug/pe", "\x03\x06W\r\a\x03g\x1c,\x17\x01\x17"},
+	{"debug/plan9obj", "m\a\x03g\x1c,"},
+	{"embed", "t+B\x19\x01T"},
 	{"embed/internal/embedtest", ""},
 	{"encoding", ""},
-	{"encoding/ascii85", "\xf9\x01C"},
-	{"encoding/asn1", "\x03p\x03g(\x01'\r\x02\x01\x10\x03\x01"},
-	{"encoding/base32", "\xf9\x01A\x02"},
-	{"encoding/base64", "\x9f\x01ZA\x02"},
-	{"encoding/binary", "s\x86\x01\f(\r\x05"},
-	{"encoding/csv", "\x02\x01p\x03\x83\x01D\x12\x02"},
-	{"encoding/gob", "\x02e\x05\a\x03g\x1c\v\x01\x03\x1d\b\x12\x01\x0f\x02"},
-	{"encoding/hex", "s\x03\x83\x01A\x03"},
-	{"encoding/json", "\x03\x01c\x04\b\x03\x83\x01\f(\r\x02\x01\x02\x10\x01\x01\x02"},
-	{"encoding/pem", "\x03h\b\x86\x01A\x03"},
-	{"encoding/xml", "\x02\x01d\f\x03\x83\x014\x05\n\x01\x02\x10\x02"},
-	{"errors", "\xcf\x01\x84\x01"},
-	{"expvar", "pLA\b\v\x15\r\b\x02\x03\x01\x11"},
-	{"flag", "g\f\x03\x83\x01,\b\x05\b\x02\x01\x10"},
-	{"fmt", "sF'\x19\f \b\r\x02\x03\x12"},
-	{"go/ast", "\x03\x01r\x0f\x01s\x03)\b\r\x02\x01\x12\x02"},
-	{"go/build", "\x02\x01p\x03\x01\x02\x02\b\x02\x01\x17\x1f\x04\x02\b\x1c\x13\x01+\x01\x04\x01\a\b\x02\x01\x12\x02\x02"},
-	{"go/build/constraint", "s\xc9\x01\x01\x12\x02"},
-	{"go/constant", "v\x10\x7f\x01\x024\x01\x02\x12"},
-	{"go/doc", "\x04r\x01\x05\n=61\x10\x02\x01\x12\x02"},
-	{"go/doc/comment", "\x03s\xc4\x01\x01\x01\x01\x12\x02"},
-	{"go/format", "\x03s\x01\f\x01\x02sD"},
-	{"go/importer", "x\a\x01\x02\x04\x01r9"},
-	{"go/internal/gccgoimporter", "\x02\x01]\x13\x03\x04\f\x01p\x02,\x01\x05\x11\x01\f\b"},
-	{"go/internal/gcimporter", "\x02t\x10\x010\x05\r0,\x15\x03\x02"},
-	{"go/internal/scannerhooks", "\x86\x01"},
-	{"go/internal/srcimporter", "v\x01\x01\v\x03\x01r,\x01\x05\x12\x02\x14"},
-	{"go/parser", "\x03p\x03\x01\x02\b\x04\x01s\x01+\x06\x12"},
-	{"go/printer", "v\x01\x02\x03\ns\f \x15\x02\x01\x02\v\x05\x02"},
-	{"go/scanner", "\x03s\v\x05s2\x10\x01\x13\x02"},
-	{"go/token", "\x04r\x86\x01>\x02\x03\x01\x0f\x02"},
-	{"go/types", "\x03\x01\x06i\x03\x01\x03\t\x03\x024\x063\x04\x03\t \x06\a\b\x01\x01\x01\x02\x01\x0f\x02\x02"},
-	{"go/version", "\xc1\x01|"},
-	{"hash", "\xf9\x01"},
-	{"hash/adler32", "s\x16\x16"},
-	{"hash/crc32", "s\x16\x16\x15\x8b\x01\x01\x13"},
-	{"hash/crc64", "s\x16\x16\xa0\x01"},
-	{"hash/fnv", "s\x16\x16i"},
-	{"hash/maphash", "\x89\x01\x11<}"},
-	{"html", "\xbd\x02\x02\x12"},
-	{"html/template", "\x03m\x06\x19-=\x01\n!\x05\x01\x02\x03\f\x01\x02\f\x01\x03\x02"},
-	{"image", "\x02q\x1fg\x0f4\x03\x01"},
+	{"encoding/ascii85", "\xfa\x01C"},
+	{"encoding/asn1", "\x03q\x03g(\x01'\r\x02\x01\x11\x03\x01"},
+	{"encoding/base32", "\xfa\x01A\x02"},
+	{"encoding/base64", "\xa0\x01ZA\x02"},
+	{"encoding/binary", "t\x86\x01\f(\r\x05"},
+	{"encoding/csv", "\x02\x01q\x03\x83\x01D\x13\x02"},
+	{"encoding/gob", "\x02f\x05\a\x03g\x1c\v\x01\x03\x1d\b\x12\x01\x10\x02"},
+	{"encoding/hex", "t\x03\x83\x01A\x03"},
+	{"encoding/json", "\x03\x01d\x04\b\x03\x83\x01\f(\r\x02\x01\x02\x11\x01\x01\x02"},
+	{"encoding/pem", "\x03i\b\x86\x01A\x03"},
+	{"encoding/xml", "\x02\x01e\f\x03\x83\x014\x05\n\x01\x02\x11\x02"},
+	{"errors", "\xd0\x01\x85\x01"},
+	{"expvar", "qLA\b\v\x15\r\b\x02\x03\x01\x12"},
+	{"flag", "h\f\x03\x83\x01,\b\x05\b\x02\x01\x11"},
+	{"fmt", "tF'\x19\f \b\r\x02\x03\x13"},
+	{"go/ast", "\x03\x01s\x0f\x01s\x03)\b\r\x02\x01\x13\x02"},
+	{"go/build", "\x02\x01q\x03\x01\x02\x02\b\x02\x01\x17\x1f\x04\x02\b\x1c\x13\x01+\x01\x04\x01\a\b\x02\x01\x13\x02\x02"},
+	{"go/build/constraint", "t\xc9\x01\x01\x13\x02"},
+	{"go/constant", "w\x10\x7f\x01\x024\x01\x02\x13"},
+	{"go/doc", "\x04s\x01\x05\n=61\x10\x02\x01\x13\x02"},
+	{"go/doc/comment", "\x03t\xc4\x01\x01\x01\x01\x13\x02"},
+	{"go/format", "\x03t\x01\f\x01\x02sD"},
+	{"go/importer", "y\a\x01\x02\x04\x01r9"},
+	{"go/internal/gccgoimporter", "\x02\x01^\x13\x03\x04\f\x01p\x02,\x01\x05\x11\x01\r\b"},
+	{"go/internal/gcimporter", "\x02u\x10\x010\x05\r0,\x15\x03\x02"},
+	{"go/internal/scannerhooks", "\x87\x01"},
+	{"go/internal/srcimporter", "w\x01\x01\v\x03\x01r,\x01\x05\x12\x02\x15"},
+	{"go/parser", "\x03q\x03\x01\x02\b\x04\x01s\x01+\x06\x12"},
+	{"go/printer", "w\x01\x02\x03\ns\f \x15\x02\x01\x02\f\x05\x02"},
+	{"go/scanner", "\x03t\v\x05s2\x10\x01\x14\x02"},
+	{"go/token", "\x04s\x86\x01>\x02\x03\x01\x10\x02"},
+	{"go/types", "\x03\x01\x06j\x03\x01\x03\t\x03\x024\x063\x04\x03\t \x06\a\b\x01\x01\x01\x02\x01\x10\x02\x02"},
+	{"go/version", "\xc2\x01|"},
+	{"hash", "\xfa\x01"},
+	{"hash/adler32", "t\x16\x16"},
+	{"hash/crc32", "t\x16\x16\x15\x8b\x01\x01\x14"},
+	{"hash/crc64", "t\x16\x16\xa0\x01"},
+	{"hash/fnv", "t\x16\x16i"},
+	{"hash/maphash", "\x8a\x01\x11<~"},
+	{"html", "\xbe\x02\x02\x13"},
+	{"html/template", "\x03n\x06\x19-=\x01\n!\x05\x01\x02\x03\f\x01\x02\r\x01\x03\x02"},
+	{"image", "\x02r\x1fg\x0f4\x03\x01"},
 	{"image/color", ""},
-	{"image/color/palette", "\x92\x01"},
-	{"image/draw", "\x91\x01\x01\x04"},
-	{"image/gif", "\x02\x01\x05k\x03\x1b\x01\x01\x01\vZ\x0f"},
-	{"image/internal/imageutil", "\x91\x01"},
-	{"image/jpeg", "\x02q\x1e\x01\x04c"},
-	{"image/png", "\x02\ac\n\x13\x02\x06\x01gC"},
-	{"index/suffixarray", "\x03i\a\x86\x01\f+\n\x01"},
-	{"internal/abi", "\xbb\x01\x98\x01"},
-	{"internal/asan", "\xd3\x02"},
-	{"internal/bisect", "\xb2\x02\r\x01"},
-	{"internal/buildcfg", "vHg\x06\x02\x05\n\x01"},
-	{"internal/bytealg", "\xb4\x01\x9f\x01"},
+	{"image/color/palette", "\x93\x01"},
+	{"image/draw", "\x92\x01\x01\x04"},
+	{"image/gif", "\x02\x01\x05l\x03\x1b\x01\x01\x01\vZ\x0f"},
+	{"image/internal/imageutil", "\x92\x01"},
+	{"image/jpeg", "\x02r\x1e\x01\x04c"},
+	{"image/png", "\x02\ad\n\x13\x02\x06\x01gC"},
+	{"index/suffixarray", "\x03j\a\x86\x01\f+\n\x01"},
+	{"internal/abi", "\xbc\x01\x99\x01"},
+	{"internal/asan", "\xd5\x02"},
+	{"internal/bisect", "\xb3\x02\r\x01"},
+	{"internal/buildcfg", "wHg\x06\x02\x05\n\x01"},
+	{"internal/bytealg", "\xb5\x01\xa0\x01"},
 	{"internal/byteorder", ""},
 	{"internal/cfg", ""},
-	{"internal/cgrouptest", "v[T\x06\x0f\x02\x01\x04\x01"},
-	{"internal/chacha8rand", "\x9f\x01\x15\a\x98\x01"},
+	{"internal/cgrouptest", "w[T\x06\x0f\x02\x01\x04\x01"},
+	{"internal/chacha8rand", "\xa0\x01\x15\a\x99\x01"},
 	{"internal/copyright", ""},
 	{"internal/coverage", ""},
 	{"internal/coverage/calloc", ""},
-	{"internal/coverage/cfile", "p\x06\x17\x17\x01\x02\x01\x01\x01\x01\x01\x01\x01\"\x02',\x06\a\n\x01\x03\r\x06"},
-	{"internal/coverage/cformat", "\x04r.\x04Q\v6\x01\x02\r"},
-	{"internal/coverage/cmerge", "v.a"},
-	{"internal/coverage/decodecounter", "l\n.\v\x02H,\x17\x17"},
-	{"internal/coverage/decodemeta", "\x02j\n\x17\x17\v\x02H,"},
-	{"internal/coverage/encodecounter", "\x02j\n.\f\x01\x02F\v!\x15"},
-	{"internal/coverage/encodemeta", "\x02\x01i\n\x13\x04\x17\r\x02F,."},
-	{"internal/coverage/pods", "\x04r.\x81\x01\x06\x05\n\x02\x01"},
-	{"internal/coverage/rtcov", "\xd3\x02"},
-	{"internal/coverage/slicereader", "l\n\x83\x01Z"},
-	{"internal/coverage/slicewriter", "v\x83\x01"},
-	{"internal/coverage/stringtab", "v9\x04F"},
+	{"internal/coverage/cfile", "q\x06\x17\x17\x01\x02\x01\x01\x01\x01\x01\x01\x01\"\x02',\x06\a\n\x01\x03\x0e\x06"},
+	{"internal/coverage/cformat", "\x04s.\x04Q\v6\x01\x02\x0e"},
+	{"internal/coverage/cmerge", "w.a"},
+	{"internal/coverage/decodecounter", "m\n.\v\x02H,\x17\x18"},
+	{"internal/coverage/decodemeta", "\x02k\n\x17\x17\v\x02H,"},
+	{"internal/coverage/encodecounter", "\x02k\n.\f\x01\x02F\v!\x15"},
+	{"internal/coverage/encodemeta", "\x02\x01j\n\x13\x04\x17\r\x02F,/"},
+	{"internal/coverage/pods", "\x04s.\x81\x01\x06\x05\n\x02\x01"},
+	{"internal/coverage/rtcov", "\xd5\x02"},
+	{"internal/coverage/slicereader", "m\n\x83\x01["},
+	{"internal/coverage/slicewriter", "w\x83\x01"},
+	{"internal/coverage/stringtab", "w9\x04F"},
 	{"internal/coverage/test", ""},
 	{"internal/coverage/uleb128", ""},
-	{"internal/cpu", "\xd3\x02"},
-	{"internal/dag", "\x04r\xc4\x01\x03"},
-	{"internal/diff", "\x03s\xc5\x01\x02"},
-	{"internal/exportdata", "\x02\x01p\x03\x02e\x1c,\x01\x05\x11\x01\x02"},
-	{"internal/filepathlite", "s+B\x1a@"},
-	{"internal/fmtsort", "\x04\xa9\x02\r"},
-	{"internal/fuzz", "\x03\nG\x18\x04\x03\x03\x01\f\x036=\f\x03\x1d\x01\x05\x02\x05\n\x01\x02\x01\x01\f\x04\x02"},
+	{"internal/cpu", "\xd5\x02"},
+	{"internal/dag", "\x04s\xc4\x01\x03"},
+	{"internal/diff", "\x03t\xc5\x01\x02"},
+	{"internal/exportdata", "\x02\x01q\x03\x02e\x1c,\x01\x05\x11\x01\x02"},
+	{"internal/filepathlite", "t+B\x1a@"},
+	{"internal/fmtsort", "\x04\xaa\x02\r"},
+	{"internal/fuzz", "\x03\nH\x18\x04\x03\x03\x01\f\x036=\f\x03\x1d\x01\x05\x02\x05\n\x01\x02\x01\x01\r\x04\x02"},
 	{"internal/goarch", ""},
-	{"internal/godebug", "\x9c\x01!\x82\x01\x01\x13"},
+	{"internal/godebug", "\x9d\x01!\x82\x01\x01\x14"},
 	{"internal/godebugs", ""},
 	{"internal/goexperiment", ""},
 	{"internal/goos", ""},
-	{"internal/goroot", "\xa5\x02\x01\x05\x12\x02"},
+	{"internal/goroot", "\xa6\x02\x01\x05\x12\x02"},
 	{"internal/gover", "\x04"},
 	{"internal/goversion", ""},
-	{"internal/lazyregexp", "\xa5\x02\v\r\x02"},
-	{"internal/lazytemplate", "\xf9\x01,\x18\x02\f"},
-	{"internal/msan", "\xd3\x02"},
+	{"internal/lazyregexp", "\xa6\x02\v\r\x02"},
+	{"internal/lazytemplate", "\xfa\x01,\x18\x02\r"},
+	{"internal/msan", "\xd5\x02"},
 	{"internal/nettrace", ""},
-	{"internal/obscuretestdata", "k\x8e\x01,"},
-	{"internal/oserror", "s"},
-	{"internal/pkgbits", "\x03Q\x18\a\x03\x04\fs\r\x1f\r\n\x01"},
+	{"internal/obscuretestdata", "l\x8e\x01,"},
+	{"internal/oserror", "t"},
+	{"internal/pkgbits", "\x03R\x18\a\x03\x04\fs\r\x1f\r\n\x01"},
 	{"internal/platform", ""},
-	{"internal/poll", "sl\x05\x159\r\x01\x01\f\x06"},
-	{"internal/profile", "\x03\x04l\x03\x83\x017\n\x01\x01\x01\x10"},
+	{"internal/poll", "tl\x05\x159\r\x01\x01\r\x06"},
+	{"internal/profile", "\x03\x04m\x03\x83\x017\n\x01\x01\x01\x11"},
 	{"internal/profilerecord", ""},
-	{"internal/race", "\x9a\x01\xb9\x01"},
-	{"internal/reflectlite", "\x9a\x01!;<!"},
-	{"internal/runtime/atomic", "\xbb\x01\x98\x01"},
-	{"internal/runtime/cgroup", "\x9e\x01=\x04t"},
-	{"internal/runtime/exithook", "\xd0\x01\x83\x01"},
-	{"internal/runtime/gc", "\xbb\x01"},
-	{"internal/runtime/gc/internal/gen", "\nb\n\x18k\x04\v\x1d\b\x10\x02"},
-	{"internal/runtime/gc/scan", "\xb4\x01\a\x18\ay"},
-	{"internal/runtime/maps", "\x9a\x01\x01 \n\t\t\x03y"},
-	{"internal/runtime/math", "\xbb\x01"},
+	{"internal/race", "\x9b\x01\xba\x01"},
+	{"internal/reflectlite", "\x9b\x01!;<\""},
+	{"internal/runtime/atomic", "\xbc\x01\x99\x01"},
+	{"internal/runtime/cgroup", "\x9f\x01=\x04u"},
+	{"internal/runtime/exithook", "\xd1\x01\x84\x01"},
+	{"internal/runtime/gc", "\xbc\x01"},
+	{"internal/runtime/gc/internal/gen", "\nc\n\x18k\x04\v\x1d\b\x10\x02"},
+	{"internal/runtime/gc/scan", "\xb5\x01\a\x18\az"},
+	{"internal/runtime/maps", "\x9b\x01\x01 \n\t\t\x03z"},
+	{"internal/runtime/math", "\xbc\x01"},
 	{"internal/runtime/pprof/label", ""},
 	{"internal/runtime/startlinetest", ""},
-	{"internal/runtime/sys", "\xbb\x01\x04"},
-	{"internal/runtime/syscall/linux", "\xbb\x01\x98\x01"},
+	{"internal/runtime/sys", "\xbc\x01\x04"},
+	{"internal/runtime/syscall/linux", "\xbc\x01\x99\x01"},
 	{"internal/runtime/wasitest", ""},
-	{"internal/saferio", "\xf9\x01Z"},
-	{"internal/singleflight", "\xbf\x02"},
-	{"internal/strconv", "\x88\x02K"},
-	{"internal/stringslite", "\x9e\x01\xb5\x01"},
-	{"internal/sync", "\x9a\x01!\x13r\x13"},
-	{"internal/synctest", "\x9a\x01\xb9\x01"},
-	{"internal/syscall/execenv", "\xc1\x02"},
-	{"internal/syscall/unix", "\xb2\x02\x0e\x01\x12"},
-	{"internal/sysinfo", "\x02\x01\xb1\x01E,\x18\x02"},
+	{"internal/saferio", "\xfa\x01["},
+	{"internal/singleflight", "\xc0\x02"},
+	{"internal/strconv", "\x89\x02L"},
+	{"internal/stringslite", "\x9f\x01\xb6\x01"},
+	{"internal/sync", "\x9b\x01!\x13r\x14"},
+	{"internal/synctest", "\x9b\x01\xba\x01"},
+	{"internal/syscall/execenv", "\xc2\x02"},
+	{"internal/syscall/unix", "\xb3\x02\x0e\x01\x13"},
+	{"internal/sysinfo", "\x02\x01\xb2\x01E,\x18\x02"},
 	{"internal/syslist", ""},
-	{"internal/testenv", "\x03\nf\x02\x01*\x1b\x0f0+\x01\x05\a\n\x01\x02\x02\x01\v"},
-	{"internal/testhash", "\x03\x86\x01p\x118\v"},
-	{"internal/testlog", "\xbf\x02\x01\x13"},
-	{"internal/testpty", "s\x03\xaf\x01"},
-	{"internal/trace", "\x02\x01\x01\x06b\a\x03w\x03\x03\x06\x03\t5\x01\x01\x01\x10\x06"},
-	{"internal/trace/internal/testgen", "\x03i\nu\x03\x02\x03\x011\v\r\x10"},
-	{"internal/trace/internal/tracev1", "\x03\x01h\a\x03}\x06\f5\x01"},
-	{"internal/trace/raw", "\x02j\nz\x03\x06C\x01\x12"},
-	{"internal/trace/testtrace", "\x02\x01p\x03q\x04\x03\x05\x01\x05,\v\x02\b\x02\x01\x05"},
+	{"internal/testenv", "\x03\ng\x02\x01*\x1b\x0f0+\x01\x05\a\n\x01\x02\x02\x01\f"},
+	{"internal/testhash", "\x03\x87\x01p\x118\f"},
+	{"internal/testlog", "\xc0\x02\x01\x14"},
+	{"internal/testpty", "t\x03\xaf\x01"},
+	{"internal/trace", "\x02\x01\x01\x06c\a\x03w\x03\x03\x06\x03\t+\n\x01\x01\x01\x11\x06"},
+	{"internal/trace/internal/testgen", "\x03j\nu\x03\x02\x03\x011\v\r\x11"},
+	{"internal/trace/internal/tracev1", "\x03\x01i\a\x03}\x06\f5\x01"},
+	{"internal/trace/raw", "\x02k\nz\x03\x06C\x01\x13"},
+	{"internal/trace/testtrace", "\x02\x01q\x03q\x04\x03\x05\x01\x05,\v\x02\b\x02\x01\x05"},
 	{"internal/trace/tracev2", ""},
-	{"internal/trace/traceviewer", "\x02c\v\x06\x1a<\x1f\a\a\x04\b\v\x15\x01\x05\a\n\x01\x02\x0e"},
+	{"internal/trace/traceviewer", "\x02d\v\x06\x1a<\x1f\a\a\x04\b\v\x15\x01\x05\a\n\x01\x02\x0f"},
 	{"internal/trace/traceviewer/format", ""},
-	{"internal/trace/version", "vz\t"},
-	{"internal/txtar", "\x03s\xaf\x01\x18"},
-	{"internal/types/errors", "\xbc\x02"},
-	{"internal/unsafeheader", "\xd3\x02"},
-	{"internal/xcoff", "_\r\a\x03g\x1c,\x17\x01"},
-	{"internal/zstd", "l\a\x03\x83\x01\x0f"},
-	{"io", "s\xcc\x01"},
-	{"io/fs", "s+*11\x10\x13\x04"},
-	{"io/ioutil", "\xf9\x01\x01+\x15\x03"},
-	{"iter", "\xce\x01d!"},
-	{"log", "v\x83\x01\x05'\r\r\x01\r"},
+	{"internal/trace/version", "wz\t"},
+	{"internal/txtar", "\x03t\xaf\x01\x18"},
+	{"internal/types/errors", "\xbd\x02"},
+	{"internal/unsafeheader", "\xd5\x02"},
+	{"internal/xcoff", "`\r\a\x03g\x1c,\x17\x01"},
+	{"internal/zstd", "m\a\x03\x83\x01\x0f"},
+	{"io", "t\xcc\x01"},
+	{"io/fs", "t+*11\x10\x14\x04"},
+	{"io/ioutil", "\xfa\x01\x01+\x15\x03"},
+	{"iter", "\xcf\x01d\""},
+	{"log", "w\x83\x01\x05'\r\r\x01\x0e"},
 	{"log/internal", ""},
-	{"log/slog", "\x03\nZ\t\x03\x03\x83\x01\x04\x01\x02\x02\x03(\x05\b\x02\x01\x02\x01\r\x02\x02\x02"},
+	{"log/slog", "\x03\n[\t\x03\x03\x83\x01\x04\x01\x02\x02\x03(\x05\b\x02\x01\x02\x01\x0e\x02\x02\x02"},
 	{"log/slog/internal", ""},
-	{"log/slog/internal/benchmarks", "\rf\x03\x83\x01\x06\x03:\x11"},
-	{"log/slog/internal/buffer", "\xbf\x02"},
-	{"log/syslog", "s\x03\x87\x01\x12\x16\x18\x02\x0e"},
-	{"maps", "\xfc\x01W"},
-	{"math", "\xb4\x01TK"},
-	{"math/big", "\x03p\x03)\x15E\f\x03\x020\x02\x01\x02\x14"},
-	{"math/big/internal/asmgen", "\x03\x01r\x92\x012\x03"},
-	{"math/bits", "\xd3\x02"},
-	{"math/cmplx", "\x85\x02\x03"},
-	{"math/rand", "\xbc\x01I:\x01\x13"},
-	{"math/rand/v2", "s,\x03c\x03K"},
-	{"mime", "\x02\x01h\b\x03\x83\x01\v!\x15\x03\x02\x10\x02"},
-	{"mime/multipart", "\x02\x01M#\x03F=\v\x01\a\x02\x15\x02\x06\x0f\x02\x01\x16"},
-	{"mime/quotedprintable", "\x02\x01s\x83\x01"},
-	{"net", "\x04\tf+\x1e\n\x05\x13\x01\x01\x04\x15\x01%\x06\r\b\x05\x01\x01\f\x06\a"},
-	{"net/http", "\x02\x01\x03\x01\x04\x02C\b\x13\x01\a\x03F=\x01\x03\a\x01\x03\x02\x02\x01\x02\x06\x02\x01\x01\n\x01\x01\x05\x01\x02\x05\b\x01\x01\x01\x02\x01\r\x02\x02\x02\b\x01\x01\x01"},
-	{"net/http/cgi", "\x02V\x1b\x03\x83\x01\x04\a\v\x01\x13\x01\x01\x01\x04\x01\x05\x02\b\x02\x01\x10\x0e"},
-	{"net/http/cookiejar", "\x04o\x03\x99\x01\x01\b\a\x05\x16\x03\x02\x0e\x04"},
-	{"net/http/fcgi", "\x02\x01\n_\a\x03\x83\x01\x16\x01\x01\x14\x18\x02\x0e"},
-	{"net/http/httptest", "\x02\x01\nK\x02\x1b\x01\x83\x01\x04\x12\x01\n\t\x02\x17\x01\x02\x0e\x0e"},
-	{"net/http/httptrace", "\rKnI\x14\n "},
-	{"net/http/httputil", "\x02\x01\nf\x03\x83\x01\x04\x0f\x03\x01\x05\x02\x01\v\x01\x19\x02\x01\r\x0e"},
-	{"net/http/internal", "\x02\x01p\x03\x83\x01"},
-	{"net/http/internal/ascii", "\xbd\x02\x12"},
-	{"net/http/internal/httpcommon", "\rf\x03\x9f\x01\x0e\x01\x17\x01\x01\x02\x1c\x02"},
-	{"net/http/internal/testcert", "\xbd\x02"},
-	{"net/http/pprof", "\x02\x01\ni\x19-\x02\x0e-\x04\x13\x14\x01\r\x04\x03\x01\x02\x01\x10"},
+	{"log/slog/internal/benchmarks", "\rg\x03\x83\x01\x06\x03:\x12"},
+	{"log/slog/internal/buffer", "\xc0\x02"},
+	{"log/syslog", "t\x03\x87\x01\x12\x16\x18\x02\x0f"},
+	{"maps", "\xfd\x01X"},
+	{"math", "\xb5\x01TL"},
+	{"math/big", "\x03q\x03)\x15E\f\x03\x020\x02\x01\x02\x15"},
+	{"math/big/internal/asmgen", "\x03\x01s\x92\x012\x03"},
+	{"math/bits", "\xd5\x02"},
+	{"math/cmplx", "\x86\x02\x03"},
+	{"math/rand", "\xbd\x01I:\x01\x14"},
+	{"math/rand/v2", "t,\x03c\x03L"},
+	{"mime", "\x02\x01i\b\x03\x83\x01\v!\x15\x03\x02\x11\x02"},
+	{"mime/multipart", "\x02\x01N#\x03F=\v\x01\a\x02\x15\x02\x06\x0f\x02\x01\x17"},
+	{"mime/quotedprintable", "\x02\x01t\x83\x01"},
+	{"net", "\x04\tg+\x1e\n\x05\x13\x01\x01\x04\x15\x01%\x06\r\b\x05\x01\x01\r\x06\a"},
+	{"net/http", "\x02\x01\x03\x01\x04\x02D\b\x13\x01\a\x03F=\x01\x03\a\x01\x03\x02\x02\x01\x02\x06\x02\x01\x01\n\x01\x01\x05\x01\x02\x05\b\x01\x01\x01\x02\x01\x0e\x02\x02\x02\b\x01\x01\x01"},
+	{"net/http/cgi", "\x02W\x1b\x03\x83\x01\x04\a\v\x01\x13\x01\x01\x01\x04\x01\x05\x02\b\x02\x01\x11\x0e"},
+	{"net/http/cookiejar", "\x04p\x03\x99\x01\x01\b\a\x05\x16\x03\x02\x0f\x04"},
+	{"net/http/fcgi", "\x02\x01\n`\a\x03\x83\x01\x16\x01\x01\x14\x18\x02\x0f"},
+	{"net/http/httptest", "\x02\x01\nL\x02\x1b\x01\x83\x01\x04\x12\x01\n\t\x02\x17\x01\x02\x0f\x0e"},
+	{"net/http/httptrace", "\rLnI\x14\n!"},
+	{"net/http/httputil", "\x02\x01\ng\x03\x83\x01\x04\x0f\x03\x01\x05\x02\x01\v\x01\x19\x02\x01\x0e\x0e"},
+	{"net/http/internal", "\x02\x01q\x03\x83\x01"},
+	{"net/http/internal/ascii", "\xbe\x02\x13"},
+	{"net/http/internal/httpcommon", "\rg\x03\x9f\x01\x0e\x01\x17\x01\x01\x02\x1d\x02"},
+	{"net/http/internal/testcert", "\xbe\x02"},
+	{"net/http/pprof", "\x02\x01\nj\x19-\x02\x0e-\x04\x13\x14\x01\r\x04\x03\x01\x02\x01\x11"},
 	{"net/internal/cgotest", ""},
-	{"net/internal/socktest", "v\xc9\x01\x02"},
-	{"net/mail", "\x02q\x03\x83\x01\x04\x0f\x03\x14\x1a\x02\x0e\x04"},
-	{"net/netip", "\x04o+\x01f\x034\x16"},
-	{"net/rpc", "\x02l\x05\x03\x10\ni\x04\x12\x01\x1d\r\x03\x02"},
-	{"net/rpc/jsonrpc", "p\x03\x03\x83\x01\x16\x11\x1f"},
-	{"net/smtp", "\x193\f\x13\b\x03\x83\x01\x16\x14\x1a"},
-	{"net/textproto", "\x02\x01p\x03\x83\x01\f\n-\x01\x02\x14"},
-	{"net/url", "s\x03Fc\v\x10\x02\x01\x16"},
-	{"os", "s+\x01\x19\x03\x10\x14\x01\x03\x01\x05\x10\x018\b\x05\x01\x01\f\x06"},
-	{"os/exec", "\x03\nfI'\x01\x15\x01+\x06\a\n\x01\x04\f"},
-	{"os/exec/internal/fdtest", "\xc1\x02"},
-	{"os/signal", "\r\x98\x02\x15\x05\x02"},
-	{"os/user", "\x02\x01p\x03\x83\x01,\r\n\x01\x02"},
-	{"path", "s+\xb3\x01"},
-	{"path/filepath", "s+\x1aB+\r\b\x03\x04\x10"},
-	{"plugin", "s"},
-	{"reflect", "s'\x04\x1d\x13\b\x04\x05\x17\x06\t-\n\x03\x10\x02\x02"},
+	{"net/internal/socktest", "w\xc9\x01\x02"},
+	{"net/mail", "\x02r\x03\x83\x01\x04\x0f\x03\x14\x1a\x02\x0f\x04"},
+	{"net/netip", "\x04p+\x01f\x034\x17"},
+	{"net/rpc", "\x02m\x05\x03\x10\ni\x04\x12\x01\x1d\r\x03\x02"},
+	{"net/rpc/jsonrpc", "q\x03\x03\x83\x01\x16\x11\x1f"},
+	{"net/smtp", "\x194\f\x13\b\x03\x83\x01\x16\x14\x1a"},
+	{"net/textproto", "\x02\x01q\x03\x83\x01\f\n-\x01\x02\x15"},
+	{"net/url", "t\x03Fc\v\x10\x02\x01\x17"},
+	{"os", "t+\x01\x19\x03\x10\x14\x01\x03\x01\x05\x10\x018\b\x05\x01\x01\r\x06"},
+	{"os/exec", "\x03\ngI'\x01\x15\x01+\x06\a\n\x01\x03\x01\r"},
+	{"os/exec/internal/fdtest", "\xc2\x02"},
+	{"os/signal", "\r\x99\x02\x15\x05\x02"},
+	{"os/user", "\x02\x01q\x03\x83\x01,\r\n\x01\x02"},
+	{"path", "t+\xb4\x01"},
+	{"path/filepath", "t+\x1aB+\r\b\x03\x04\x11"},
+	{"plugin", "t"},
+	{"reflect", "t'\x04\x1d\x13\b\x04\x05\x17\x06\t-\n\x03\x11\x02\x02"},
 	{"reflect/internal/example1", ""},
 	{"reflect/internal/example2", ""},
-	{"regexp", "\x03\xf6\x018\t\x02\x01\x02\x10\x02"},
-	{"regexp/syntax", "\xba\x02\x01\x01\x01\x02\x10\x02"},
-	{"runtime", "\x9a\x01\x04\x01\x03\f\x06\a\x02\x01\x01\x0e\x03\x01\x01\x01\x02\x01\x01\x01\x02\x01\x04\x01\x10\x18K"},
-	{"runtime/coverage", "\xa6\x01S"},
-	{"runtime/debug", "vUZ\r\b\x02\x01\x10\x06"},
-	{"runtime/metrics", "\xbd\x01H-!"},
-	{"runtime/pprof", "\x02\x01\x01\x03\x06_\a\x03$$\x0f\v!\f \r\b\x01\x01\x01\x02\x02\t\x03\x06"},
-	{"runtime/race", "\xb8\x02"},
+	{"regexp", "\x03\xf7\x018\t\x02\x01\x02\x11\x02"},
+	{"regexp/syntax", "\xbb\x02\x01\x01\x01\x02\x11\x02"},
+	{"runtime", "\x9b\x01\x04\x01\x03\f\x06\a\x02\x01\x01\x0e\x03\x01\x01\x01\x02\x01\x01\x01\x02\x01\x04\x01\x10\x18L"},
+	{"runtime/coverage", "\xa7\x01S"},
+	{"runtime/debug", "wUZ\r\b\x02\x01\x11\x06"},
+	{"runtime/metrics", "\xbe\x01H-\""},
+	{"runtime/pprof", "\x02\x01\x01\x03\x06`\a\x03$$\x0f\v!\f \r\b\x01\x01\x01\x02\x02\n\x03\x06"},
+	{"runtime/race", "\xb9\x02"},
 	{"runtime/race/internal/amd64v1", ""},
-	{"runtime/trace", "\rf\x03z\t9\b\x05\x01\r\x06"},
-	{"slices", "\x04\xf8\x01\fK"},
-	{"sort", "\xcf\x0192"},
-	{"strconv", "s+A\x01q"},
-	{"strings", "s'\x04B\x19\x03\f7\x10\x02\x02"},
+	{"runtime/trace", "\rg\x03z\t9\b\x05\x01\x0e\x06"},
+	{"slices", "\x04\xf9\x01\fL"},
+	{"sort", "\xd0\x0192"},
+	{"strconv", "t+A\x01r"},
+	{"strings", "t'\x04B\x19\x03\f7\x11\x02\x02"},
 	{"structs", ""},
-	{"sync", "\xce\x01\x13\x01P\x0e\x13"},
-	{"sync/atomic", "\xd3\x02"},
-	{"syscall", "s(\x03\x01\x1c\n\x03\x06\r\x04S\b\x05\x01\x13"},
-	{"testing", "\x03\nf\x02\x01X\x17\x14\f\x05\x1b\x06\x02\x05\x02\x05\x01\x02\x01\x02\x01\r\x02\x04"},
-	{"testing/fstest", "s\x03\x83\x01\x01\n&\x10\x03\b\b"},
-	{"testing/internal/testdeps", "\x02\v\xad\x01/\x10,\x03\x05\x03\x06\a\x02\x0e"},
-	{"testing/iotest", "\x03p\x03\x83\x01\x04"},
-	{"testing/quick", "u\x01\x8f\x01\x05#\x10\x10"},
-	{"testing/slogtest", "\rf\x03\x89\x01.\x05\x10\v"},
-	{"testing/synctest", "\xe2\x01`\x11"},
-	{"text/scanner", "\x03s\x83\x01,*\x02"},
-	{"text/tabwriter", "v\x83\x01X"},
-	{"text/template", "s\x03C@\x01\n \x01\x05\x01\x02\x05\v\x02\r\x03\x02"},
-	{"text/template/parse", "\x03s\xbc\x01\n\x01\x12\x02"},
-	{"time", "s+\x1e$(*\r\x02\x12"},
-	{"time/tzdata", "s\xce\x01\x12"},
+	{"sync", "\xcf\x01\x13\x01P\x0e\x14"},
+	{"sync/atomic", "\xd5\x02"},
+	{"syscall", "t(\x03\x01\x1c\n\x03\x06\r\x04S\b\x05\x01\x14"},
+	{"testing", "\x03\ng\x02\x01X\x17\x14\f\x05\x1b\x06\x02\x05\x02\x05\x01\x02\x01\x02\x01\x0e\x02\x04"},
+	{"testing/cryptotest", "QOZ\x124\x03\x12"},
+	{"testing/fstest", "t\x03\x83\x01\x01\n&\x10\x03\t\b"},
+	{"testing/internal/testdeps", "\x02\v\xae\x01/\x10,\x03\x05\x03\x06\a\x02\x0f"},
+	{"testing/iotest", "\x03q\x03\x83\x01\x04"},
+	{"testing/quick", "v\x01\x8f\x01\x05#\x10\x11"},
+	{"testing/slogtest", "\rg\x03\x89\x01.\x05\x10\f"},
+	{"testing/synctest", "\xe3\x01`\x12"},
+	{"text/scanner", "\x03t\x83\x01,+\x02"},
+	{"text/tabwriter", "w\x83\x01Y"},
+	{"text/template", "t\x03C@\x01\n \x01\x05\x01\x02\x05\v\x02\x0e\x03\x02"},
+	{"text/template/parse", "\x03t\xbc\x01\n\x01\x13\x02"},
+	{"time", "t+\x1e$(*\r\x02\x13"},
+	{"time/tzdata", "t\xce\x01\x13"},
 	{"unicode", ""},
 	{"unicode/utf16", ""},
 	{"unicode/utf8", ""},
-	{"unique", "\x9a\x01!%\x01Q\r\x01\x13\x12"},
+	{"unique", "\x9b\x01!%\x01Q\r\x01\x14\x12"},
 	{"unsafe", ""},
-	{"vendor/golang.org/x/crypto/chacha20", "\x10\\\a\x95\x01*&"},
-	{"vendor/golang.org/x/crypto/chacha20poly1305", "\x10\\\a\xe1\x01\x04\x01\a"},
-	{"vendor/golang.org/x/crypto/cryptobyte", "i\n\x03\x90\x01' \n"},
+	{"vendor/golang.org/x/crypto/chacha20", "\x10]\a\x95\x01*'"},
+	{"vendor/golang.org/x/crypto/chacha20poly1305", "\x10\aV\a\xe2\x01\x04\x01\a"},
+	{"vendor/golang.org/x/crypto/cryptobyte", "j\n\x03\x90\x01'!\n"},
 	{"vendor/golang.org/x/crypto/cryptobyte/asn1", ""},
-	{"vendor/golang.org/x/crypto/internal/alias", "\xd3\x02"},
-	{"vendor/golang.org/x/crypto/internal/poly1305", "W\x15\x9c\x01"},
-	{"vendor/golang.org/x/net/dns/dnsmessage", "s\xc7\x01"},
-	{"vendor/golang.org/x/net/http/httpguts", "\x8f\x02\x14\x1a\x14\r"},
-	{"vendor/golang.org/x/net/http/httpproxy", "s\x03\x99\x01\x10\x05\x01\x18\x14\r"},
-	{"vendor/golang.org/x/net/http2/hpack", "\x03p\x03\x83\x01F"},
-	{"vendor/golang.org/x/net/idna", "v\x8f\x018\x14\x10\x02\x01"},
-	{"vendor/golang.org/x/net/nettest", "\x03i\a\x03\x83\x01\x11\x05\x16\x01\f\n\x01\x02\x02\x01\v"},
-	{"vendor/golang.org/x/sys/cpu", "\xa5\x02\r\n\x01\x16"},
-	{"vendor/golang.org/x/text/secure/bidirule", "s\xde\x01\x11\x01"},
-	{"vendor/golang.org/x/text/transform", "\x03p\x86\x01X"},
-	{"vendor/golang.org/x/text/unicode/bidi", "\x03\bk\x87\x01>\x16"},
-	{"vendor/golang.org/x/text/unicode/norm", "l\n\x83\x01F\x12\x11"},
-	{"weak", "\x9a\x01\x98\x01!"},
+	{"vendor/golang.org/x/crypto/internal/alias", "\xd5\x02"},
+	{"vendor/golang.org/x/crypto/internal/poly1305", "X\x15\x9c\x01"},
+	{"vendor/golang.org/x/net/dns/dnsmessage", "t\xc7\x01"},
+	{"vendor/golang.org/x/net/http/httpguts", "\x90\x02\x14\x1a\x15\r"},
+	{"vendor/golang.org/x/net/http/httpproxy", "t\x03\x99\x01\x10\x05\x01\x18\x15\r"},
+	{"vendor/golang.org/x/net/http2/hpack", "\x03q\x03\x83\x01F"},
+	{"vendor/golang.org/x/net/idna", "w\x8f\x018\x15\x10\x02\x01"},
+	{"vendor/golang.org/x/net/nettest", "\x03j\a\x03\x83\x01\x11\x05\x16\x01\f\n\x01\x02\x02\x01\f"},
+	{"vendor/golang.org/x/sys/cpu", "\xa6\x02\r\n\x01\x17"},
+	{"vendor/golang.org/x/text/secure/bidirule", "t\xdf\x01\x11\x01"},
+	{"vendor/golang.org/x/text/transform", "\x03q\x86\x01Y"},
+	{"vendor/golang.org/x/text/unicode/bidi", "\x03\bl\x87\x01>\x17"},
+	{"vendor/golang.org/x/text/unicode/norm", "m\n\x83\x01F\x13\x11"},
+	{"weak", "\x9b\x01\x98\x01\""},
 }
 
 // bootstrap is the list of bootstrap packages extracted from cmd/dist.

src/cmd/vendor/golang.org/x/tools/internal/stdlib/manifest.go

@@ -626,7 +626,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"PublicKey", Type, 0, ""},
 		{"PublicKey.Parameters", Field, 0, ""},
 		{"PublicKey.Y", Field, 0, ""},
-		{"Sign", Func, 0, "func(rand io.Reader, priv *PrivateKey, hash []byte) (r *big.Int, s *big.Int, err error)"},
+		{"Sign", Func, 0, "func(random io.Reader, priv *PrivateKey, hash []byte) (r *big.Int, s *big.Int, err error)"},
 		{"Verify", Func, 0, "func(pub *PublicKey, hash []byte, r *big.Int, s *big.Int) bool"},
 	},
 	"crypto/ecdh": {
@@ -674,7 +674,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"(PublicKey).Params", Method, 0, ""},
 		{"(PublicKey).ScalarBaseMult", Method, 0, ""},
 		{"(PublicKey).ScalarMult", Method, 0, ""},
-		{"GenerateKey", Func, 0, "func(c elliptic.Curve, rand io.Reader) (*PrivateKey, error)"},
+		{"GenerateKey", Func, 0, "func(c elliptic.Curve, r io.Reader) (*PrivateKey, error)"},
 		{"ParseRawPrivateKey", Func, 25, "func(curve elliptic.Curve, data []byte) (*PrivateKey, error)"},
 		{"ParseUncompressedPublicKey", Func, 25, "func(curve elliptic.Curve, data []byte) (*PublicKey, error)"},
 		{"PrivateKey", Type, 0, ""},
@@ -685,7 +685,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"PublicKey.X", Field, 0, ""},
 		{"PublicKey.Y", Field, 0, ""},
 		{"Sign", Func, 0, "func(rand io.Reader, priv *PrivateKey, hash []byte) (r *big.Int, s *big.Int, err error)"},
-		{"SignASN1", Func, 15, "func(rand io.Reader, priv *PrivateKey, hash []byte) ([]byte, error)"},
+		{"SignASN1", Func, 15, "func(r io.Reader, priv *PrivateKey, hash []byte) ([]byte, error)"},
 		{"Verify", Func, 0, "func(pub *PublicKey, hash []byte, r *big.Int, s *big.Int) bool"},
 		{"VerifyASN1", Func, 15, "func(pub *PublicKey, hash []byte, sig []byte) bool"},
 	},
@@ -696,7 +696,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"(PrivateKey).Seed", Method, 13, ""},
 		{"(PrivateKey).Sign", Method, 13, ""},
 		{"(PublicKey).Equal", Method, 15, ""},
-		{"GenerateKey", Func, 13, "func(rand io.Reader) (PublicKey, PrivateKey, error)"},
+		{"GenerateKey", Func, 13, "func(random io.Reader) (PublicKey, PrivateKey, error)"},
 		{"NewKeyFromSeed", Func, 13, "func(seed []byte) PrivateKey"},
 		{"Options", Type, 20, ""},
 		{"Options.Context", Field, 20, ""},
@@ -745,7 +745,9 @@ var PackageSymbols = map[string][]Symbol{
 	},
 	"crypto/fips140": {
 		{"Enabled", Func, 24, "func() bool"},
+		{"Enforced", Func, 26, "func() bool"},
 		{"Version", Func, 26, "func() string"},
+		{"WithoutEnforcement", Func, 26, "func(f func())"},
 	},
 	"crypto/hkdf": {
 		{"Expand", Func, 24, "func[H hash.Hash](h func() H, pseudorandomKey []byte, info string, keyLength int) ([]byte, error)"},
@@ -756,6 +758,54 @@ var PackageSymbols = map[string][]Symbol{
 		{"Equal", Func, 1, "func(mac1 []byte, mac2 []byte) bool"},
 		{"New", Func, 0, "func(h func() hash.Hash, key []byte) hash.Hash"},
 	},
+	"crypto/hpke": {
+		{"(*Recipient).Export", Method, 26, ""},
+		{"(*Recipient).Open", Method, 26, ""},
+		{"(*Sender).Export", Method, 26, ""},
+		{"(*Sender).Seal", Method, 26, ""},
+		{"(AEAD).ID", Method, 26, ""},
+		{"(KDF).ID", Method, 26, ""},
+		{"(KEM).DeriveKeyPair", Method, 26, ""},
+		{"(KEM).GenerateKey", Method, 26, ""},
+		{"(KEM).ID", Method, 26, ""},
+		{"(KEM).NewPrivateKey", Method, 26, ""},
+		{"(KEM).NewPublicKey", Method, 26, ""},
+		{"(PrivateKey).Bytes", Method, 26, ""},
+		{"(PrivateKey).KEM", Method, 26, ""},
+		{"(PrivateKey).PublicKey", Method, 26, ""},
+		{"(PublicKey).Bytes", Method, 26, ""},
+		{"(PublicKey).KEM", Method, 26, ""},
+		{"AES128GCM", Func, 26, "func() AEAD"},
+		{"AES256GCM", Func, 26, "func() AEAD"},
+		{"ChaCha20Poly1305", Func, 26, "func() AEAD"},
+		{"DHKEM", Func, 26, "func(curve ecdh.Curve) KEM"},
+		{"ExportOnly", Func, 26, "func() AEAD"},
+		{"HKDFSHA256", Func, 26, "func() KDF"},
+		{"HKDFSHA384", Func, 26, "func() KDF"},
+		{"HKDFSHA512", Func, 26, "func() KDF"},
+		{"MLKEM1024", Func, 26, "func() KEM"},
+		{"MLKEM1024P384", Func, 26, "func() KEM"},
+		{"MLKEM768", Func, 26, "func() KEM"},
+		{"MLKEM768P256", Func, 26, "func() KEM"},
+		{"MLKEM768X25519", Func, 26, "func() KEM"},
+		{"NewAEAD", Func, 26, "func(id uint16) (AEAD, error)"},
+		{"NewDHKEMPrivateKey", Func, 26, "func(priv ecdh.KeyExchanger) (PrivateKey, error)"},
+		{"NewDHKEMPublicKey", Func, 26, "func(pub *ecdh.PublicKey) (PublicKey, error)"},
+		{"NewHybridPrivateKey", Func, 26, "func(pq crypto.Decapsulator, t ecdh.KeyExchanger) (PrivateKey, error)"},
+		{"NewHybridPublicKey", Func, 26, "func(pq crypto.Encapsulator, t *ecdh.PublicKey) (PublicKey, error)"},
+		{"NewKDF", Func, 26, "func(id uint16) (KDF, error)"},
+		{"NewKEM", Func, 26, "func(id uint16) (KEM, error)"},
+		{"NewMLKEMPrivateKey", Func, 26, "func(priv crypto.Decapsulator) (PrivateKey, error)"},
+		{"NewMLKEMPublicKey", Func, 26, "func(pub crypto.Encapsulator) (PublicKey, error)"},
+		{"NewRecipient", Func, 26, "func(enc []byte, k PrivateKey, kdf KDF, aead AEAD, info []byte) (*Recipient, error)"},
+		{"NewSender", Func, 26, "func(pk PublicKey, kdf KDF, aead AEAD, info []byte) (enc []byte, s *Sender, err error)"},
+		{"Open", Func, 26, "func(k PrivateKey, kdf KDF, aead AEAD, info []byte, ciphertext []byte) ([]byte, error)"},
+		{"Recipient", Type, 26, ""},
+		{"SHAKE128", Func, 26, "func() KDF"},
+		{"SHAKE256", Func, 26, "func() KDF"},
+		{"Seal", Func, 26, "func(pk PublicKey, kdf KDF, aead AEAD, info []byte, plaintext []byte) ([]byte, error)"},
+		{"Sender", Type, 26, ""},
+	},
 	"crypto/md5": {
 		{"BlockSize", Const, 0, ""},
 		{"New", Func, 0, "func() hash.Hash"},
@@ -801,7 +851,7 @@ var PackageSymbols = map[string][]Symbol{
 	},
 	"crypto/rand": {
 		{"Int", Func, 0, "func(rand io.Reader, max *big.Int) (n *big.Int, err error)"},
-		{"Prime", Func, 0, "func(rand io.Reader, bits int) (*big.Int, error)"},
+		{"Prime", Func, 0, "func(r io.Reader, bits int) (*big.Int, error)"},
 		{"Read", Func, 0, "func(b []byte) (n int, err error)"},
 		{"Reader", Var, 0, ""},
 		{"Text", Func, 24, "func() string"},
@@ -865,7 +915,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"PublicKey.E", Field, 0, ""},
 		{"PublicKey.N", Field, 0, ""},
 		{"SignPKCS1v15", Func, 0, "func(random io.Reader, priv *PrivateKey, hash crypto.Hash, hashed []byte) ([]byte, error)"},
-		{"SignPSS", Func, 2, "func(rand io.Reader, priv *PrivateKey, hash crypto.Hash, digest []byte, opts *PSSOptions) ([]byte, error)"},
+		{"SignPSS", Func, 2, "func(random io.Reader, priv *PrivateKey, hash crypto.Hash, digest []byte, opts *PSSOptions) ([]byte, error)"},
 		{"VerifyPKCS1v15", Func, 0, "func(pub *PublicKey, hash crypto.Hash, hashed []byte, sig []byte) error"},
 		{"VerifyPSS", Func, 2, "func(pub *PublicKey, hash crypto.Hash, digest []byte, sig []byte, opts *PSSOptions) error"},
 	},
@@ -1158,6 +1208,8 @@ var PackageSymbols = map[string][]Symbol{
 		{"RequestClientCert", Const, 0, ""},
 		{"RequireAndVerifyClientCert", Const, 0, ""},
 		{"RequireAnyClientCert", Const, 0, ""},
+		{"SecP256r1MLKEM768", Const, 26, ""},
+		{"SecP384r1MLKEM1024", Const, 26, ""},
 		{"Server", Func, 0, "func(conn net.Conn, config *Config) *Conn"},
 		{"SessionState", Type, 21, ""},
 		{"SessionState.EarlyData", Field, 21, ""},
@@ -1222,6 +1274,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"(*RevocationList).CheckSignatureFrom", Method, 19, ""},
 		{"(CertificateInvalidError).Error", Method, 0, ""},
 		{"(ConstraintViolationError).Error", Method, 0, ""},
+		{"(ExtKeyUsage).OID", Method, 26, ""},
 		{"(ExtKeyUsage).String", Method, 26, ""},
 		{"(HostnameError).Error", Method, 0, ""},
 		{"(InsecureAlgorithmError).Error", Method, 6, ""},
@@ -1380,6 +1433,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"NoValidChains", Const, 24, ""},
 		{"NotAuthorizedToSign", Const, 0, ""},
 		{"OID", Type, 22, ""},
+		{"OIDFromASN1OID", Func, 26, "func(asn1OID asn1.ObjectIdentifier) (OID, error)"},
 		{"OIDFromInts", Func, 22, "func(oid []uint64) (OID, error)"},
 		{"PEMCipher", Type, 1, ""},
 		{"PEMCipher3DES", Const, 1, ""},
@@ -1690,10 +1744,6 @@ var PackageSymbols = map[string][]Symbol{
 		{"(Rows).Next", Method, 0, ""},
 		{"(RowsAffected).LastInsertId", Method, 0, ""},
 		{"(RowsAffected).RowsAffected", Method, 0, ""},
-		{"(RowsColumnScanner).Close", Method, 26, ""},
-		{"(RowsColumnScanner).Columns", Method, 26, ""},
-		{"(RowsColumnScanner).Next", Method, 26, ""},
-		{"(RowsColumnScanner).ScanColumn", Method, 26, ""},
 		{"(RowsColumnTypeDatabaseTypeName).Close", Method, 8, ""},
 		{"(RowsColumnTypeDatabaseTypeName).ColumnTypeDatabaseTypeName", Method, 8, ""},
 		{"(RowsColumnTypeDatabaseTypeName).Columns", Method, 8, ""},
@@ -1765,7 +1815,6 @@ var PackageSymbols = map[string][]Symbol{
 		{"ResultNoRows", Var, 0, ""},
 		{"Rows", Type, 0, ""},
 		{"RowsAffected", Type, 0, ""},
-		{"RowsColumnScanner", Type, 26, ""},
 		{"RowsColumnTypeDatabaseTypeName", Type, 8, ""},
 		{"RowsColumnTypeLength", Type, 8, ""},
 		{"RowsColumnTypeNullable", Type, 8, ""},
@@ -17367,6 +17416,9 @@ var PackageSymbols = map[string][]Symbol{
 		{"Testing", Func, 21, "func() bool"},
 		{"Verbose", Func, 1, "func() bool"},
 	},
+	"testing/cryptotest": {
+		{"SetGlobalRandom", Func, 26, "func(t *testing.T, seed uint64)"},
+	},
 	"testing/fstest": {
 		{"(MapFS).Glob", Method, 16, ""},
 		{"(MapFS).Lstat", Method, 25, ""},

src/cmd/vendor/golang.org/x/tools/internal/typeparams/free.go

@@ -6,8 +6,6 @@ package typeparams
 
 import (
 	"go/types"
-
-	"golang.org/x/tools/internal/aliases"
 )
 
 // Free is a memoization of the set of free type parameters within a
@@ -38,7 +36,7 @@ func (w *Free) Has(typ types.Type) (res bool) {
 		break
 
 	case *types.Alias:
-		if aliases.TypeParams(t).Len() > aliases.TypeArgs(t).Len() {
+		if t.TypeParams().Len() > t.TypeArgs().Len() {
 			return true // This is an uninstantiated Alias.
 		}
 		// The expansion of an alias can have free type parameters,

src/cmd/vendor/golang.org/x/tools/internal/typesinternal/classify_call.go

@@ -8,7 +8,7 @@ import (
 	"fmt"
 	"go/ast"
 	"go/types"
-	_ "unsafe"
+	_ "unsafe" // for go:linkname hack
 )
 
 // CallKind describes the function position of an [*ast.CallExpr].

src/cmd/vendor/golang.org/x/tools/internal/typesinternal/types.go

@@ -23,10 +23,8 @@ import (
 	"go/token"
 	"go/types"
 	"reflect"
-	"unsafe"
 
 	"golang.org/x/tools/go/ast/inspector"
-	"golang.org/x/tools/internal/aliases"
 )
 
 func SetUsesCgo(conf *types.Config) bool {
@@ -40,8 +38,7 @@ func SetUsesCgo(conf *types.Config) bool {
 		}
 	}
 
-	addr := unsafe.Pointer(f.UnsafeAddr())
-	*(*bool)(addr) = true
+	*(*bool)(f.Addr().UnsafePointer()) = true
 
 	return true
 }
@@ -144,7 +141,7 @@ var (
 func Origin(t NamedOrAlias) NamedOrAlias {
 	switch t := t.(type) {
 	case *types.Alias:
-		return aliases.Origin(t)
+		return t.Origin()
 	case *types.Named:
 		return t.Origin()
 	}

src/cmd/vendor/golang.org/x/tools/internal/versions/features.go

@@ -9,6 +9,7 @@ package versions
 
 // named constants, to avoid misspelling
 const (
+	Go1_17 = "go1.17"
 	Go1_18 = "go1.18"
 	Go1_19 = "go1.19"
 	Go1_20 = "go1.20"

src/cmd/vendor/golang.org/x/tools/refactor/satisfy/find.go

@@ -8,9 +8,7 @@
 // interface, and this fact is necessary for the package to be
 // well-typed.
 //
-// THIS PACKAGE IS EXPERIMENTAL AND MAY CHANGE AT ANY TIME.
-//
-// It is provided only for the gopls tool. It requires well-typed inputs.
+// It requires well-typed inputs.
 package satisfy // import "golang.org/x/tools/refactor/satisfy"
 
 // NOTES:

src/cmd/vendor/modules.txt

@@ -1,5 +1,5 @@
-# github.com/google/pprof v0.0.0-20251114195745-4902fdda35c8
-## explicit; go 1.24.0
+# github.com/google/pprof v0.0.0-20251213031049-b05bdaca462f
+## explicit; go 1.24.9
 github.com/google/pprof/driver
 github.com/google/pprof/internal/binutils
 github.com/google/pprof/internal/driver
@@ -16,7 +16,7 @@ github.com/google/pprof/third_party/svgpan
 # github.com/ianlancetaylor/demangle v0.0.0-20250417193237-f615e6bd150b
 ## explicit; go 1.13
 github.com/ianlancetaylor/demangle
-# golang.org/x/arch v0.23.0
+# golang.org/x/arch v0.23.1-0.20260109160903-657d90bd6695
 ## explicit; go 1.24.0
 golang.org/x/arch/arm/armasm
 golang.org/x/arch/arm64/arm64asm
@@ -25,10 +25,10 @@ golang.org/x/arch/ppc64/ppc64asm
 golang.org/x/arch/riscv64/riscv64asm
 golang.org/x/arch/s390x/s390xasm
 golang.org/x/arch/x86/x86asm
-# golang.org/x/build v0.0.0-20251128064159-b9bfd88b30e8
-## explicit; go 1.24.0
+# golang.org/x/build v0.0.0-20260122183339-3ba88df37c64
+## explicit; go 1.24.9
 golang.org/x/build/relnote
-# golang.org/x/mod v0.30.1-0.20251115032019-269c237cf350
+# golang.org/x/mod v0.32.0
 ## explicit; go 1.24.0
 golang.org/x/mod/internal/lazyregexp
 golang.org/x/mod/modfile
@@ -43,12 +43,12 @@ golang.org/x/mod/zip
 ## explicit; go 1.24.0
 golang.org/x/sync/errgroup
 golang.org/x/sync/semaphore
-# golang.org/x/sys v0.39.0
+# golang.org/x/sys v0.40.1-0.20260116220947-d25a7aaff8c2
 ## explicit; go 1.24.0
 golang.org/x/sys/plan9
 golang.org/x/sys/unix
 golang.org/x/sys/windows
-# golang.org/x/telemetry v0.0.0-20251128220624-abf20d0e57ec
+# golang.org/x/telemetry v0.0.0-20260116145544-c6413dc483f5
 ## explicit; go 1.24.0
 golang.org/x/telemetry
 golang.org/x/telemetry/counter
@@ -60,10 +60,10 @@ golang.org/x/telemetry/internal/crashmonitor
 golang.org/x/telemetry/internal/mmap
 golang.org/x/telemetry/internal/telemetry
 golang.org/x/telemetry/internal/upload
-# golang.org/x/term v0.38.0
+# golang.org/x/term v0.39.0
 ## explicit; go 1.24.0
 golang.org/x/term
-# golang.org/x/text v0.32.0
+# golang.org/x/text v0.33.1-0.20260122225119-3264de9174be
 ## explicit; go 1.24.0
 golang.org/x/text/cases
 golang.org/x/text/internal
@@ -73,7 +73,7 @@ golang.org/x/text/internal/tag
 golang.org/x/text/language
 golang.org/x/text/transform
 golang.org/x/text/unicode/norm
-# golang.org/x/tools v0.39.1-0.20251230210517-d44be789a05c
+# golang.org/x/tools v0.41.1-0.20260122210857-a60613f0795e
 ## explicit; go 1.24.0
 golang.org/x/tools/cmd/bisect
 golang.org/x/tools/cover
@@ -98,7 +98,6 @@ golang.org/x/tools/go/analysis/passes/httpresponse
 golang.org/x/tools/go/analysis/passes/ifaceassert
 golang.org/x/tools/go/analysis/passes/inline
 golang.org/x/tools/go/analysis/passes/inspect
-golang.org/x/tools/go/analysis/passes/internal/ctrlflowinternal
 golang.org/x/tools/go/analysis/passes/internal/gofixdirective
 golang.org/x/tools/go/analysis/passes/loopclosure
 golang.org/x/tools/go/analysis/passes/lostcancel
@@ -127,14 +126,12 @@ golang.org/x/tools/go/ast/inspector
 golang.org/x/tools/go/cfg
 golang.org/x/tools/go/types/objectpath
 golang.org/x/tools/go/types/typeutil
-golang.org/x/tools/internal/aliases
 golang.org/x/tools/internal/analysis/analyzerutil
 golang.org/x/tools/internal/analysis/driverutil
 golang.org/x/tools/internal/analysis/typeindex
 golang.org/x/tools/internal/astutil
 golang.org/x/tools/internal/astutil/free
 golang.org/x/tools/internal/bisect
-golang.org/x/tools/internal/cfginternal
 golang.org/x/tools/internal/diff
 golang.org/x/tools/internal/diff/lcs
 golang.org/x/tools/internal/facts

src/go.mod

@@ -1,13 +1,13 @@
 module std
 
-go 1.26
+go 1.27
 
 require (
-	golang.org/x/crypto v0.46.1-0.20251210140736-7dacc380ba00
-	golang.org/x/net v0.47.1-0.20251128220604-7c360367ab7e
+	golang.org/x/crypto v0.47.1-0.20260113154411-7d0074ccc6f1
+	golang.org/x/net v0.49.1-0.20260122225915-f2078620ee33
 )
 
 require (
-	golang.org/x/sys v0.39.0 // indirect
-	golang.org/x/text v0.32.0 // indirect
+	golang.org/x/sys v0.40.1-0.20260116220947-d25a7aaff8c2 // indirect
+	golang.org/x/text v0.33.1-0.20260122225119-3264de9174be // indirect
 )

src/go.sum

@@ -1,8 +1,8 @@
-golang.org/x/crypto v0.46.1-0.20251210140736-7dacc380ba00 h1:JgcPM1rzpSOZS8y69FQvnY0xN0ciHlpQqwTXJcuZIA4=
-golang.org/x/crypto v0.46.1-0.20251210140736-7dacc380ba00/go.mod h1:Evb/oLKmMraqjZ2iQTwDwvCtJkczlDuTmdJXoZVzqU0=
-golang.org/x/net v0.47.1-0.20251128220604-7c360367ab7e h1:PAAT9cIDvIAIRQVz2txQvUFRt3jOlhiO84ihd8XMGlg=
-golang.org/x/net v0.47.1-0.20251128220604-7c360367ab7e/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU=
-golang.org/x/sys v0.39.0 h1:CvCKL8MeisomCi6qNZ+wbb0DN9E5AATixKsvNtMoMFk=
-golang.org/x/sys v0.39.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
-golang.org/x/text v0.32.0 h1:ZD01bjUt1FQ9WJ0ClOL5vxgxOI/sVCNgX1YtKwcY0mU=
-golang.org/x/text v0.32.0/go.mod h1:o/rUWzghvpD5TXrTIBuJU77MTaN0ljMWE47kxGJQ7jY=
+golang.org/x/crypto v0.47.1-0.20260113154411-7d0074ccc6f1 h1:peTBrYsTa5Rr+jB2pbgd7X08cFAun6ME4So3jfEkYL4=
+golang.org/x/crypto v0.47.1-0.20260113154411-7d0074ccc6f1/go.mod h1:ff3Y9VzzKbwSSEzWqJsJVBnWmRwRSHt/6Op5n9bQc4A=
+golang.org/x/net v0.49.1-0.20260122225915-f2078620ee33 h1:pNHjOZ0w6qb8R9EDmEsBXmV4o2YKLvtRiEk4q5gN5Hg=
+golang.org/x/net v0.49.1-0.20260122225915-f2078620ee33/go.mod h1:/ysNB2EvaqvesRkuLAyjI1ycPZlQHM3q01F02UY/MV8=
+golang.org/x/sys v0.40.1-0.20260116220947-d25a7aaff8c2 h1:jUsftZdK5NYH1tUlaQUfascfiJtOm7qHnRPWsG6hb4w=
+golang.org/x/sys v0.40.1-0.20260116220947-d25a7aaff8c2/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
+golang.org/x/text v0.33.1-0.20260122225119-3264de9174be h1:EwuAS7HtEmZVDSL0zq464yhyVIjdDETleE+K94kfwxg=
+golang.org/x/text v0.33.1-0.20260122225119-3264de9174be/go.mod h1:LuMebE6+rBincTi9+xWTY8TztLzKHc/9C1uBCG27+q8=

src/go/build/deps_test.go

@@ -659,7 +659,7 @@ var depsRules = `
 	net/http/httptrace,
 	mime/multipart,
 	log
-	< net/http/internal/httpcommon
+	< net/http/internal/httpcommon, net/http/internal/httpsfv
 	< net/http;
 
 	# HTTP-aware packages

src/net/http/h2_bundle.go

@@ -1,7 +1,7 @@
 //go:build !nethttpomithttp2
 
 // Code generated by golang.org/x/tools/cmd/bundle. DO NOT EDIT.
-//   $ bundle -o=h2_bundle.go -prefix=http2 -tags=!nethttpomithttp2 -import=golang.org/x/net/internal/httpcommon=net/http/internal/httpcommon golang.org/x/net/http2
+//   $ bundle -o=h2_bundle.go -prefix=http2 -tags=!nethttpomithttp2 -import=golang.org/x/net/internal/httpcommon=net/http/internal/httpcommon -import=golang.org/x/net/internal/httpsfv=net/http/internal/httpsfv golang.org/x/net/http2
 
 // Package http2 implements the HTTP/2 protocol.
 //
@@ -36,11 +36,13 @@ import (
 	"net"
 	"net/http/httptrace"
 	"net/http/internal/httpcommon"
+	"net/http/internal/httpsfv"
 	"net/textproto"
 	"net/url"
 	"os"
 	"reflect"
 	"runtime"
+	"slices"
 	"sort"
 	"strconv"
 	"strings"
@@ -1031,6 +1033,10 @@ func http2shouldRetryDial(call *http2dialCall, req *Request) bool {
 	return call.ctx.Err() != nil
 }
 
+func http2clientPriorityDisabled(s *Server) bool {
+	return s.DisableClientPriority
+}
+
 // http2Config is a package-internal version of net/http.HTTP2Config.
 //
 // http.HTTP2Config was added in Go 1.24.
@@ -1586,33 +1592,36 @@ const http2frameHeaderLen = 9
 var http2padZeros = make([]byte, 255) // zeros for padding
 
 // A FrameType is a registered frame type as defined in
-// https://httpwg.org/specs/rfc7540.html#rfc.section.11.2
+// https://httpwg.org/specs/rfc7540.html#rfc.section.11.2 and other future
+// RFCs.
 type http2FrameType uint8
 
 const (
-	http2FrameData         http2FrameType = 0x0
-	http2FrameHeaders      http2FrameType = 0x1
-	http2FramePriority     http2FrameType = 0x2
-	http2FrameRSTStream    http2FrameType = 0x3
-	http2FrameSettings     http2FrameType = 0x4
-	http2FramePushPromise  http2FrameType = 0x5
-	http2FramePing         http2FrameType = 0x6
-	http2FrameGoAway       http2FrameType = 0x7
-	http2FrameWindowUpdate http2FrameType = 0x8
-	http2FrameContinuation http2FrameType = 0x9
+	http2FrameData           http2FrameType = 0x0
+	http2FrameHeaders        http2FrameType = 0x1
+	http2FramePriority       http2FrameType = 0x2
+	http2FrameRSTStream      http2FrameType = 0x3
+	http2FrameSettings       http2FrameType = 0x4
+	http2FramePushPromise    http2FrameType = 0x5
+	http2FramePing           http2FrameType = 0x6
+	http2FrameGoAway         http2FrameType = 0x7
+	http2FrameWindowUpdate   http2FrameType = 0x8
+	http2FrameContinuation   http2FrameType = 0x9
+	http2FramePriorityUpdate http2FrameType = 0x10
 )
 
 var http2frameNames = [...]string{
-	http2FrameData:         "DATA",
-	http2FrameHeaders:      "HEADERS",
-	http2FramePriority:     "PRIORITY",
-	http2FrameRSTStream:    "RST_STREAM",
-	http2FrameSettings:     "SETTINGS",
-	http2FramePushPromise:  "PUSH_PROMISE",
-	http2FramePing:         "PING",
-	http2FrameGoAway:       "GOAWAY",
-	http2FrameWindowUpdate: "WINDOW_UPDATE",
-	http2FrameContinuation: "CONTINUATION",
+	http2FrameData:           "DATA",
+	http2FrameHeaders:        "HEADERS",
+	http2FramePriority:       "PRIORITY",
+	http2FrameRSTStream:      "RST_STREAM",
+	http2FrameSettings:       "SETTINGS",
+	http2FramePushPromise:    "PUSH_PROMISE",
+	http2FramePing:           "PING",
+	http2FrameGoAway:         "GOAWAY",
+	http2FrameWindowUpdate:   "WINDOW_UPDATE",
+	http2FrameContinuation:   "CONTINUATION",
+	http2FramePriorityUpdate: "PRIORITY_UPDATE",
 }
 
 func (t http2FrameType) String() string {
@@ -1688,16 +1697,17 @@ var http2flagName = map[http2FrameType]map[http2Flags]string{
 type http2frameParser func(fc *http2frameCache, fh http2FrameHeader, countError func(string), payload []byte) (http2Frame, error)
 
 var http2frameParsers = [...]http2frameParser{
-	http2FrameData:         http2parseDataFrame,
-	http2FrameHeaders:      http2parseHeadersFrame,
-	http2FramePriority:     http2parsePriorityFrame,
-	http2FrameRSTStream:    http2parseRSTStreamFrame,
-	http2FrameSettings:     http2parseSettingsFrame,
-	http2FramePushPromise:  http2parsePushPromise,
-	http2FramePing:         http2parsePingFrame,
-	http2FrameGoAway:       http2parseGoAwayFrame,
-	http2FrameWindowUpdate: http2parseWindowUpdateFrame,
-	http2FrameContinuation: http2parseContinuationFrame,
+	http2FrameData:           http2parseDataFrame,
+	http2FrameHeaders:        http2parseHeadersFrame,
+	http2FramePriority:       http2parsePriorityFrame,
+	http2FrameRSTStream:      http2parseRSTStreamFrame,
+	http2FrameSettings:       http2parseSettingsFrame,
+	http2FramePushPromise:    http2parsePushPromise,
+	http2FramePing:           http2parsePingFrame,
+	http2FrameGoAway:         http2parseGoAwayFrame,
+	http2FrameWindowUpdate:   http2parseWindowUpdateFrame,
+	http2FrameContinuation:   http2parseContinuationFrame,
+	http2FramePriorityUpdate: http2parsePriorityUpdateFrame,
 }
 
 func http2typeFrameParser(t http2FrameType) http2frameParser {
@@ -2746,9 +2756,34 @@ type http2PriorityFrame struct {
 	http2PriorityParam
 }
 
-var http2defaultRFC9218Priority = http2PriorityParam{
-	incremental: 0,
-	urgency:     3,
+// defaultRFC9218Priority determines what priority we should use as the default
+// value.
+//
+// According to RFC 9218, by default, streams should be given an urgency of 3
+// and should be non-incremental. However, making streams non-incremental by
+// default would be a huge change to our historical behavior where we would
+// round-robin writes across streams. When streams are non-incremental, we
+// would process streams of the same urgency one-by-one to completion instead.
+//
+// To avoid such a sudden change which might break some HTTP/2 users, this
+// function allows the caller to specify whether they can actually use the
+// default value as specified in RFC 9218. If not, this function will return a
+// priority value where streams are incremental by default instead: effectively
+// a round-robin between stream of the same urgency.
+//
+// As an example, a server might not be able to use the RFC 9218 default value
+// when it's not sure that the client it is serving is aware of RFC 9218.
+func http2defaultRFC9218Priority(canUseDefault bool) http2PriorityParam {
+	if canUseDefault {
+		return http2PriorityParam{
+			urgency:     3,
+			incremental: 0,
+		}
+	}
+	return http2PriorityParam{
+		urgency:     3,
+		incremental: 1,
+	}
 }
 
 // Note that HTTP/2 has had two different prioritization schemes, and
@@ -2832,6 +2867,74 @@ func (f *http2Framer) WritePriority(streamID uint32, p http2PriorityParam) error
 	return f.endWrite()
 }
 
+// PriorityUpdateFrame is a PRIORITY_UPDATE frame as described in
+// https://www.rfc-editor.org/rfc/rfc9218.html#name-the-priority_update-frame.
+type http2PriorityUpdateFrame struct {
+	http2FrameHeader
+	Priority            string
+	PrioritizedStreamID uint32
+}
+
+func http2parseRFC9218Priority(s string, canUseDefault bool) (p http2PriorityParam, ok bool) {
+	p = http2defaultRFC9218Priority(canUseDefault)
+	ok = httpsfv.ParseDictionary(s, func(key, val, _ string) {
+		switch key {
+		case "u":
+			if u, ok := httpsfv.ParseInteger(val); ok && u >= 0 && u <= 7 {
+				p.urgency = uint8(u)
+			}
+		case "i":
+			if i, ok := httpsfv.ParseBoolean(val); ok {
+				if i {
+					p.incremental = 1
+				} else {
+					p.incremental = 0
+				}
+			}
+		}
+	})
+	if !ok {
+		return http2defaultRFC9218Priority(canUseDefault), ok
+	}
+	return p, true
+}
+
+func http2parsePriorityUpdateFrame(_ *http2frameCache, fh http2FrameHeader, countError func(string), payload []byte) (http2Frame, error) {
+	if fh.StreamID != 0 {
+		countError("frame_priority_update_non_zero_stream")
+		return nil, http2connError{http2ErrCodeProtocol, "PRIORITY_UPDATE frame with non-zero stream ID"}
+	}
+	if len(payload) < 4 {
+		countError("frame_priority_update_bad_length")
+		return nil, http2connError{http2ErrCodeFrameSize, fmt.Sprintf("PRIORITY_UPDATE frame payload size was %d; want at least 4", len(payload))}
+	}
+	v := binary.BigEndian.Uint32(payload[:4])
+	streamID := v & 0x7fffffff // mask off high bit
+	if streamID == 0 {
+		countError("frame_priority_update_prioritizing_zero_stream")
+		return nil, http2connError{http2ErrCodeProtocol, "PRIORITY_UPDATE frame with prioritized stream ID of zero"}
+	}
+	return &http2PriorityUpdateFrame{
+		http2FrameHeader:    fh,
+		PrioritizedStreamID: streamID,
+		Priority:            string(payload[4:]),
+	}, nil
+}
+
+// WritePriorityUpdate writes a PRIORITY_UPDATE frame.
+//
+// It will perform exactly one Write to the underlying Writer.
+// It is the caller's responsibility to not call other Write methods concurrently.
+func (f *http2Framer) WritePriorityUpdate(streamID uint32, priority string) error {
+	if !http2validStreamID(streamID) && !f.AllowIllegalWrites {
+		return http2errStreamID
+	}
+	f.startWrite(http2FramePriorityUpdate, 0, 0)
+	f.writeUint32(streamID)
+	f.writeBytes([]byte(priority))
+	return f.endWrite()
+}
+
 // A RSTStreamFrame allows for abnormal termination of a stream.
 // See https://httpwg.org/specs/rfc7540.html#rfc.section.6.4
 type http2RSTStreamFrame struct {
@@ -3113,6 +3216,23 @@ func (mh *http2MetaHeadersFrame) PseudoFields() []hpack.HeaderField {
 	return mh.Fields
 }
 
+func (mh *http2MetaHeadersFrame) rfc9218Priority(priorityAware bool) (p http2PriorityParam, priorityAwareAfter, hasIntermediary bool) {
+	var s string
+	for _, field := range mh.Fields {
+		if field.Name == "priority" {
+			s = field.Value
+			priorityAware = true
+		}
+		if slices.Contains([]string{"via", "forwarded", "x-forwarded-for"}, field.Name) {
+			hasIntermediary = true
+		}
+	}
+	// No need to check for ok. parseRFC9218Priority will return a default
+	// value if there is no priority field or if the field cannot be parsed.
+	p, _ = http2parseRFC9218Priority(s, priorityAware && !hasIntermediary)
+	return p, priorityAware, hasIntermediary
+}
+
 func (mh *http2MetaHeadersFrame) checkPseudos() error {
 	var isRequest, isResponse bool
 	pf := mh.PseudoFields()
@@ -3619,6 +3739,7 @@ const (
 	http2SettingMaxFrameSize          http2SettingID = 0x5
 	http2SettingMaxHeaderListSize     http2SettingID = 0x6
 	http2SettingEnableConnectProtocol http2SettingID = 0x8
+	http2SettingNoRFC7540Priorities   http2SettingID = 0x9
 )
 
 var http2settingName = map[http2SettingID]string{
@@ -3629,6 +3750,7 @@ var http2settingName = map[http2SettingID]string{
 	http2SettingMaxFrameSize:          "MAX_FRAME_SIZE",
 	http2SettingMaxHeaderListSize:     "MAX_HEADER_LIST_SIZE",
 	http2SettingEnableConnectProtocol: "ENABLE_CONNECT_PROTOCOL",
+	http2SettingNoRFC7540Priorities:   "NO_RFC7540_PRIORITIES",
 }
 
 func (s http2SettingID) String() string {
@@ -4454,10 +4576,13 @@ func (s *http2Server) serveConn(c net.Conn, opts *http2ServeConnOpts, newf func(
 		sc.conn.SetWriteDeadline(time.Time{})
 	}
 
-	if s.NewWriteScheduler != nil {
+	switch {
+	case s.NewWriteScheduler != nil:
 		sc.writeSched = s.NewWriteScheduler()
-	} else {
+	case http2clientPriorityDisabled(http1srv):
 		sc.writeSched = http2newRoundRobinWriteScheduler()
+	default:
+		sc.writeSched = http2newPriorityWriteSchedulerRFC9218()
 	}
 
 	// These start at the RFC-specified defaults. If there is a higher
@@ -4630,6 +4755,23 @@ type http2serverConn struct {
 
 	// Used by startGracefulShutdown.
 	shutdownOnce sync.Once
+
+	// Used for RFC 9218 prioritization.
+	hasIntermediary bool // connection is done via an intermediary / proxy
+	priorityAware   bool // the client has sent priority signal, meaning that it is aware of it.
+}
+
+func (sc *http2serverConn) writeSchedIgnoresRFC7540() bool {
+	switch sc.writeSched.(type) {
+	case *http2priorityWriteSchedulerRFC9218:
+		return true
+	case *http2randomWriteScheduler:
+		return true
+	case *http2roundRobinWriteScheduler:
+		return true
+	default:
+		return false
+	}
 }
 
 func (sc *http2serverConn) maxHeaderListSize() uint32 {
@@ -4923,6 +5065,9 @@ func (sc *http2serverConn) serve(conf http2http2Config) {
 	if !http2disableExtendedConnectProtocol {
 		settings = append(settings, http2Setting{http2SettingEnableConnectProtocol, 1})
 	}
+	if sc.writeSchedIgnoresRFC7540() {
+		settings = append(settings, http2Setting{http2SettingNoRFC7540Priorities, 1})
+	}
 	sc.writeFrame(http2FrameWriteRequest{
 		write: settings,
 	})
@@ -5611,6 +5756,8 @@ func (sc *http2serverConn) processFrame(f http2Frame) error {
 		// A client cannot push. Thus, servers MUST treat the receipt of a PUSH_PROMISE
 		// frame as a connection error (Section 5.4.1) of type PROTOCOL_ERROR.
 		return sc.countError("push_promise", http2ConnectionError(http2ErrCodeProtocol))
+	case *http2PriorityUpdateFrame:
+		return sc.processPriorityUpdate(f)
 	default:
 		sc.vlogf("http2: server ignoring frame: %v", f.Header())
 		return nil
@@ -5791,6 +5938,10 @@ func (sc *http2serverConn) processSetting(s http2Setting) error {
 	case http2SettingEnableConnectProtocol:
 		// Receipt of this parameter by a server does not
 		// have any impact
+	case http2SettingNoRFC7540Priorities:
+		if s.Val > 1 {
+			return http2ConnectionError(http2ErrCodeProtocol)
+		}
 	default:
 		// Unknown setting: "An endpoint that receives a SETTINGS
 		// frame with any unknown or unsupported identifier MUST
@@ -6061,13 +6212,33 @@ func (sc *http2serverConn) processHeaders(f *http2MetaHeadersFrame) error {
 	if f.StreamEnded() {
 		initialState = http2stateHalfClosedRemote
 	}
-	st := sc.newStream(id, 0, initialState)
+
+	// We are handling two special cases here:
+	// 1. When a request is sent via an intermediary, we force priority to be
+	// u=3,i. This is essentially a round-robin behavior, and is done to ensure
+	// fairness between, for example, multiple clients using the same proxy.
+	// 2. Until a client has shown that it is aware of RFC 9218, we make its
+	// streams non-incremental by default. This is done to preserve the
+	// historical behavior of handling streams in a round-robin manner, rather
+	// than one-by-one to completion.
+	initialPriority := http2defaultRFC9218Priority(sc.priorityAware && !sc.hasIntermediary)
+	if _, ok := sc.writeSched.(*http2priorityWriteSchedulerRFC9218); ok && !sc.hasIntermediary {
+		headerPriority, priorityAware, hasIntermediary := f.rfc9218Priority(sc.priorityAware)
+		initialPriority = headerPriority
+		sc.hasIntermediary = hasIntermediary
+		if priorityAware {
+			sc.priorityAware = true
+		}
+	}
+	st := sc.newStream(id, 0, initialState, initialPriority)
 
 	if f.HasPriority() {
 		if err := sc.checkPriority(f.StreamID, f.Priority); err != nil {
 			return err
 		}
-		sc.writeSched.AdjustStream(st.id, f.Priority)
+		if !sc.writeSchedIgnoresRFC7540() {
+			sc.writeSched.AdjustStream(st.id, f.Priority)
+		}
 	}
 
 	rw, req, err := sc.newWriterAndRequest(st, f)
@@ -6108,7 +6279,7 @@ func (sc *http2serverConn) upgradeRequest(req *Request) {
 	sc.serveG.check()
 	id := uint32(1)
 	sc.maxClientStreamID = id
-	st := sc.newStream(id, 0, http2stateHalfClosedRemote)
+	st := sc.newStream(id, 0, http2stateHalfClosedRemote, http2defaultRFC9218Priority(sc.priorityAware && !sc.hasIntermediary))
 	st.reqTrailer = req.Trailer
 	if st.reqTrailer != nil {
 		st.trailer = make(Header)
@@ -6173,11 +6344,32 @@ func (sc *http2serverConn) processPriority(f *http2PriorityFrame) error {
 	if err := sc.checkPriority(f.StreamID, f.http2PriorityParam); err != nil {
 		return err
 	}
+	// We need to avoid calling AdjustStream when using the RFC 9218 write
+	// scheduler. Otherwise, incremental's zero value in PriorityParam will
+	// unexpectedly make all streams non-incremental. This causes us to process
+	// streams one-by-one to completion rather than doing it in a round-robin
+	// manner (the historical behavior), which might be unexpected to users.
+	if sc.writeSchedIgnoresRFC7540() {
+		return nil
+	}
 	sc.writeSched.AdjustStream(f.StreamID, f.http2PriorityParam)
 	return nil
 }
 
-func (sc *http2serverConn) newStream(id, pusherID uint32, state http2streamState) *http2stream {
+func (sc *http2serverConn) processPriorityUpdate(f *http2PriorityUpdateFrame) error {
+	sc.priorityAware = true
+	if _, ok := sc.writeSched.(*http2priorityWriteSchedulerRFC9218); !ok {
+		return nil
+	}
+	p, ok := http2parseRFC9218Priority(f.Priority, sc.priorityAware)
+	if !ok {
+		return sc.countError("unparsable_priority_update", http2streamError(f.PrioritizedStreamID, http2ErrCodeProtocol))
+	}
+	sc.writeSched.AdjustStream(f.PrioritizedStreamID, p)
+	return nil
+}
+
+func (sc *http2serverConn) newStream(id, pusherID uint32, state http2streamState, priority http2PriorityParam) *http2stream {
 	sc.serveG.check()
 	if id == 0 {
 		panic("internal error: cannot create stream with id 0")
@@ -6200,7 +6392,7 @@ func (sc *http2serverConn) newStream(id, pusherID uint32, state http2streamState
 	}
 
 	sc.streams[id] = st
-	sc.writeSched.OpenStream(st.id, http2OpenStreamOptions{PusherID: pusherID})
+	sc.writeSched.OpenStream(st.id, http2OpenStreamOptions{PusherID: pusherID, priority: priority})
 	if st.isPushed() {
 		sc.curPushedStreams++
 	} else {
@@ -7206,7 +7398,7 @@ func (sc *http2serverConn) startPush(msg *http2startPushRequest) {
 		// transition to "half closed (remote)" after sending the initial HEADERS, but
 		// we start in "half closed (remote)" for simplicity.
 		// See further comments at the definition of stateHalfClosedRemote.
-		promised := sc.newStream(promisedID, msg.parent.id, http2stateHalfClosedRemote)
+		promised := sc.newStream(promisedID, msg.parent.id, http2stateHalfClosedRemote, http2defaultRFC9218Priority(sc.priorityAware && !sc.hasIntermediary))
 		rw, req, err := sc.newWriterAndRequestNoBody(promised, httpcommon.ServerRequestParam{
 			Method:    msg.method,
 			Scheme:    msg.url.Scheme,
@@ -11452,6 +11644,10 @@ type http2PriorityWriteSchedulerConfig struct {
 // frames by following HTTP/2 priorities as described in RFC 7540 Section 5.3.
 // If cfg is nil, default options are used.
 func http2NewPriorityWriteScheduler(cfg *http2PriorityWriteSchedulerConfig) http2WriteScheduler {
+	return http2newPriorityWriteSchedulerRFC7540(cfg)
+}
+
+func http2newPriorityWriteSchedulerRFC7540(cfg *http2PriorityWriteSchedulerConfig) http2WriteScheduler {
 	if cfg == nil {
 		// For justification of these defaults, see:
 		// https://docs.google.com/document/d/1oLhNg1skaWD4_DtaoCxdSRN5erEXrH-KnLrMwEpOtFY
@@ -11875,6 +12071,15 @@ type http2priorityWriteSchedulerRFC9218 struct {
 	// incremental streams or not, when urgency is the same in a given Pop()
 	// call.
 	prioritizeIncremental bool
+
+	// priorityUpdateBuf is used to buffer the most recent PRIORITY_UPDATE we
+	// receive per https://www.rfc-editor.org/rfc/rfc9218.html#name-the-priority_update-frame.
+	priorityUpdateBuf struct {
+		// streamID being 0 means that the buffer is empty. This is a safe
+		// assumption as PRIORITY_UPDATE for stream 0 is a PROTOCOL_ERROR.
+		streamID uint32
+		priority http2PriorityParam
+	}
 }
 
 func http2newPriorityWriteSchedulerRFC9218() http2WriteScheduler {
@@ -11888,6 +12093,10 @@ func (ws *http2priorityWriteSchedulerRFC9218) OpenStream(streamID uint32, opt ht
 	if ws.streams[streamID].location != nil {
 		panic(fmt.Errorf("stream %d already opened", streamID))
 	}
+	if streamID == ws.priorityUpdateBuf.streamID {
+		ws.priorityUpdateBuf.streamID = 0
+		opt.priority = ws.priorityUpdateBuf.priority
+	}
 	q := ws.queuePool.get()
 	ws.streams[streamID] = http2streamMetadata{
 		location: q,
@@ -11933,6 +12142,8 @@ func (ws *http2priorityWriteSchedulerRFC9218) AdjustStream(streamID uint32, prio
 	metadata := ws.streams[streamID]
 	q, u, i := metadata.location, metadata.priority.urgency, metadata.priority.incremental
 	if q == nil {
+		ws.priorityUpdateBuf.streamID = streamID
+		ws.priorityUpdateBuf.priority = priority
 		return
 	}
 

src/net/http/http.go

@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:generate bundle -o=h2_bundle.go -prefix=http2 -tags=!nethttpomithttp2 -import=golang.org/x/net/internal/httpcommon=net/http/internal/httpcommon golang.org/x/net/http2
+//go:generate bundle -o=h2_bundle.go -prefix=http2 -tags=!nethttpomithttp2 -import=golang.org/x/net/internal/httpcommon=net/http/internal/httpcommon -import=golang.org/x/net/internal/httpsfv=net/http/internal/httpsfv golang.org/x/net/http2
 
 package http
 

src/net/http/internal/httpsfv/httpsfv.go

@@ -0,0 +1,666 @@
+// Code generated by golang.org/x/tools/cmd/bundle. DO NOT EDIT.
+//go:generate bundle -o httpsfv.go -prefix= golang.org/x/net/internal/httpsfv
+
+// Package httpsfv provides functionality for dealing with HTTP Structured
+// Field Values.
+//
+
+package httpsfv
+
+import (
+	"slices"
+	"strconv"
+	"strings"
+	"time"
+	"unicode/utf8"
+)
+
+func isLCAlpha(b byte) bool {
+	return (b >= 'a' && b <= 'z')
+}
+
+func isAlpha(b byte) bool {
+	return isLCAlpha(b) || (b >= 'A' && b <= 'Z')
+}
+
+func isDigit(b byte) bool {
+	return b >= '0' && b <= '9'
+}
+
+func isVChar(b byte) bool {
+	return b >= 0x21 && b <= 0x7e
+}
+
+func isSP(b byte) bool {
+	return b == 0x20
+}
+
+func isTChar(b byte) bool {
+	if isAlpha(b) || isDigit(b) {
+		return true
+	}
+	return slices.Contains([]byte{'!', '#', '$', '%', '&', '\'', '*', '+', '-', '.', '^', '_', '`', '|', '~'}, b)
+}
+
+func countLeftWhitespace(s string) int {
+	i := 0
+	for _, ch := range []byte(s) {
+		if ch != ' ' && ch != '\t' {
+			break
+		}
+		i++
+	}
+	return i
+}
+
+// https://www.rfc-editor.org/rfc/rfc4648#section-8.
+func decOctetHex(ch1, ch2 byte) (ch byte, ok bool) {
+	decBase16 := func(in byte) (out byte, ok bool) {
+		if !isDigit(in) && !(in >= 'a' && in <= 'f') {
+			return 0, false
+		}
+		if isDigit(in) {
+			return in - '0', true
+		}
+		return in - 'a' + 10, true
+	}
+
+	if ch1, ok = decBase16(ch1); !ok {
+		return 0, ok
+	}
+	if ch2, ok = decBase16(ch2); !ok {
+		return 0, ok
+	}
+	return ch1<<4 | ch2, true
+}
+
+// ParseList parses a list from a given HTTP Structured Field Values.
+//
+// Given an HTTP SFV string that represents a list, it will call the given
+// function using each of the members and parameters contained in the list.
+// This allows the caller to extract information out of the list.
+//
+// This function will return once it encounters the end of the string, or
+// something that is not a list. If it cannot consume the entire given
+// string, the ok value returned will be false.
+//
+// https://www.rfc-editor.org/rfc/rfc9651.html#name-parsing-a-list.
+func ParseList(s string, f func(member, param string)) (ok bool) {
+	for len(s) != 0 {
+		var member, param string
+		if len(s) != 0 && s[0] == '(' {
+			if member, s, ok = consumeBareInnerList(s, nil); !ok {
+				return ok
+			}
+		} else {
+			if member, s, ok = consumeBareItem(s); !ok {
+				return ok
+			}
+		}
+		if param, s, ok = consumeParameter(s, nil); !ok {
+			return ok
+		}
+		if f != nil {
+			f(member, param)
+		}
+
+		s = s[countLeftWhitespace(s):]
+		if len(s) == 0 {
+			break
+		}
+		if s[0] != ',' {
+			return false
+		}
+		s = s[1:]
+		s = s[countLeftWhitespace(s):]
+		if len(s) == 0 {
+			return false
+		}
+	}
+	return true
+}
+
+// consumeBareInnerList consumes an inner list
+// (https://www.rfc-editor.org/rfc/rfc9651.html#name-parsing-an-inner-list),
+// except for the inner list's top-most parameter.
+// For example, given `(a;b c;d);e`, it will consume only `(a;b c;d)`.
+func consumeBareInnerList(s string, f func(bareItem, param string)) (consumed, rest string, ok bool) {
+	if len(s) == 0 || s[0] != '(' {
+		return "", s, false
+	}
+	rest = s[1:]
+	for len(rest) != 0 {
+		var bareItem, param string
+		rest = rest[countLeftWhitespace(rest):]
+		if len(rest) != 0 && rest[0] == ')' {
+			rest = rest[1:]
+			break
+		}
+		if bareItem, rest, ok = consumeBareItem(rest); !ok {
+			return "", s, ok
+		}
+		if param, rest, ok = consumeParameter(rest, nil); !ok {
+			return "", s, ok
+		}
+		if len(rest) == 0 || (rest[0] != ')' && !isSP(rest[0])) {
+			return "", s, false
+		}
+		if f != nil {
+			f(bareItem, param)
+		}
+	}
+	return s[:len(s)-len(rest)], rest, true
+}
+
+// ParseBareInnerList parses a bare inner list from a given HTTP Structured
+// Field Values.
+//
+// We define a bare inner list as an inner list
+// (https://www.rfc-editor.org/rfc/rfc9651.html#name-parsing-an-inner-list),
+// without the top-most parameter of the inner list. For example, given the
+// inner list `(a;b c;d);e`, the bare inner list would be `(a;b c;d)`.
+//
+// Given an HTTP SFV string that represents a bare inner list, it will call the
+// given function using each of the bare item and parameter within the bare
+// inner list. This allows the caller to extract information out of the bare
+// inner list.
+//
+// This function will return once it encounters the end of the bare inner list,
+// or something that is not a bare inner list. If it cannot consume the entire
+// given string, the ok value returned will be false.
+func ParseBareInnerList(s string, f func(bareItem, param string)) (ok bool) {
+	_, rest, ok := consumeBareInnerList(s, f)
+	return rest == "" && ok
+}
+
+// https://www.rfc-editor.org/rfc/rfc9651.html#name-parsing-an-item.
+func consumeItem(s string, f func(bareItem, param string)) (consumed, rest string, ok bool) {
+	var bareItem, param string
+	if bareItem, rest, ok = consumeBareItem(s); !ok {
+		return "", s, ok
+	}
+	if param, rest, ok = consumeParameter(rest, nil); !ok {
+		return "", s, ok
+	}
+	if f != nil {
+		f(bareItem, param)
+	}
+	return s[:len(s)-len(rest)], rest, true
+}
+
+// ParseItem parses an item from a given HTTP Structured Field Values.
+//
+// Given an HTTP SFV string that represents an item, it will call the given
+// function once, with the bare item and the parameter of the item. This allows
+// the caller to extract information out of the item.
+//
+// This function will return once it encounters the end of the string, or
+// something that is not an item. If it cannot consume the entire given
+// string, the ok value returned will be false.
+//
+// https://www.rfc-editor.org/rfc/rfc9651.html#name-parsing-an-item.
+func ParseItem(s string, f func(bareItem, param string)) (ok bool) {
+	_, rest, ok := consumeItem(s, f)
+	return rest == "" && ok
+}
+
+// ParseDictionary parses a dictionary from a given HTTP Structured Field
+// Values.
+//
+// Given an HTTP SFV string that represents a dictionary, it will call the
+// given function using each of the keys, values, and parameters contained in
+// the dictionary. This allows the caller to extract information out of the
+// dictionary.
+//
+// This function will return once it encounters the end of the string, or
+// something that is not a dictionary. If it cannot consume the entire given
+// string, the ok value returned will be false.
+//
+// https://www.rfc-editor.org/rfc/rfc9651.html#name-parsing-a-dictionary.
+func ParseDictionary(s string, f func(key, val, param string)) (ok bool) {
+	for len(s) != 0 {
+		var key, val, param string
+		val = "?1" // Default value for empty val is boolean true.
+		if key, s, ok = consumeKey(s); !ok {
+			return ok
+		}
+		if len(s) != 0 && s[0] == '=' {
+			s = s[1:]
+			if len(s) != 0 && s[0] == '(' {
+				if val, s, ok = consumeBareInnerList(s, nil); !ok {
+					return ok
+				}
+			} else {
+				if val, s, ok = consumeBareItem(s); !ok {
+					return ok
+				}
+			}
+		}
+		if param, s, ok = consumeParameter(s, nil); !ok {
+			return ok
+		}
+		if f != nil {
+			f(key, val, param)
+		}
+		s = s[countLeftWhitespace(s):]
+		if len(s) == 0 {
+			break
+		}
+		if s[0] == ',' {
+			s = s[1:]
+		}
+		s = s[countLeftWhitespace(s):]
+		if len(s) == 0 {
+			return false
+		}
+	}
+	return true
+}
+
+// https://www.rfc-editor.org/rfc/rfc9651.html#parse-param.
+func consumeParameter(s string, f func(key, val string)) (consumed, rest string, ok bool) {
+	rest = s
+	for len(rest) != 0 {
+		var key, val string
+		val = "?1" // Default value for empty val is boolean true.
+		if rest[0] != ';' {
+			break
+		}
+		rest = rest[1:]
+		rest = rest[countLeftWhitespace(rest):]
+		key, rest, ok = consumeKey(rest)
+		if !ok {
+			return "", s, ok
+		}
+		if len(rest) != 0 && rest[0] == '=' {
+			rest = rest[1:]
+			val, rest, ok = consumeBareItem(rest)
+			if !ok {
+				return "", s, ok
+			}
+		}
+		if f != nil {
+			f(key, val)
+		}
+	}
+	return s[:len(s)-len(rest)], rest, true
+}
+
+// ParseParameter parses a parameter from a given HTTP Structured Field Values.
+//
+// Given an HTTP SFV string that represents a parameter, it will call the given
+// function using each of the keys and values contained in the parameter. This
+// allows the caller to extract information out of the parameter.
+//
+// This function will return once it encounters the end of the string, or
+// something that is not a parameter. If it cannot consume the entire given
+// string, the ok value returned will be false.
+//
+// https://www.rfc-editor.org/rfc/rfc9651.html#parse-param.
+func ParseParameter(s string, f func(key, val string)) (ok bool) {
+	_, rest, ok := consumeParameter(s, f)
+	return rest == "" && ok
+}
+
+// https://www.rfc-editor.org/rfc/rfc9651.html#name-parsing-a-key.
+func consumeKey(s string) (consumed, rest string, ok bool) {
+	if len(s) == 0 || (!isLCAlpha(s[0]) && s[0] != '*') {
+		return "", s, false
+	}
+	i := 0
+	for _, ch := range []byte(s) {
+		if !isLCAlpha(ch) && !isDigit(ch) && !slices.Contains([]byte("_-.*"), ch) {
+			break
+		}
+		i++
+	}
+	return s[:i], s[i:], true
+}
+
+// https://www.rfc-editor.org/rfc/rfc9651.html#name-parsing-an-integer-or-decim.
+func consumeIntegerOrDecimal(s string) (consumed, rest string, ok bool) {
+	var i, signOffset, periodIndex int
+	var isDecimal bool
+	if i < len(s) && s[i] == '-' {
+		i++
+		signOffset++
+	}
+	if i >= len(s) {
+		return "", s, false
+	}
+	if !isDigit(s[i]) {
+		return "", s, false
+	}
+	for i < len(s) {
+		ch := s[i]
+		if isDigit(ch) {
+			i++
+			continue
+		}
+		if !isDecimal && ch == '.' {
+			if i-signOffset > 12 {
+				return "", s, false
+			}
+			periodIndex = i
+			isDecimal = true
+			i++
+			continue
+		}
+		break
+	}
+	if !isDecimal && i-signOffset > 15 {
+		return "", s, false
+	}
+	if isDecimal {
+		if i-signOffset > 16 {
+			return "", s, false
+		}
+		if s[i-1] == '.' {
+			return "", s, false
+		}
+		if i-periodIndex-1 > 3 {
+			return "", s, false
+		}
+	}
+	return s[:i], s[i:], true
+}
+
+// ParseInteger parses an integer from a given HTTP Structured Field Values.
+//
+// The entire HTTP SFV string must consist of a valid integer. It returns the
+// parsed integer and an ok boolean value, indicating success or not.
+//
+// https://www.rfc-editor.org/rfc/rfc9651.html#name-parsing-an-integer-or-decim.
+func ParseInteger(s string) (parsed int64, ok bool) {
+	if _, rest, ok := consumeIntegerOrDecimal(s); !ok || rest != "" {
+		return 0, false
+	}
+	if n, err := strconv.ParseInt(s, 10, 64); err == nil {
+		return n, true
+	}
+	return 0, false
+}
+
+// ParseDecimal parses a decimal from a given HTTP Structured Field Values.
+//
+// The entire HTTP SFV string must consist of a valid decimal. It returns the
+// parsed decimal and an ok boolean value, indicating success or not.
+//
+// https://www.rfc-editor.org/rfc/rfc9651.html#name-parsing-an-integer-or-decim.
+func ParseDecimal(s string) (parsed float64, ok bool) {
+	if _, rest, ok := consumeIntegerOrDecimal(s); !ok || rest != "" {
+		return 0, false
+	}
+	if !strings.Contains(s, ".") {
+		return 0, false
+	}
+	if n, err := strconv.ParseFloat(s, 64); err == nil {
+		return n, true
+	}
+	return 0, false
+}
+
+// https://www.rfc-editor.org/rfc/rfc9651.html#name-parsing-a-string.
+func consumeString(s string) (consumed, rest string, ok bool) {
+	if len(s) == 0 || s[0] != '"' {
+		return "", s, false
+	}
+	for i := 1; i < len(s); i++ {
+		switch ch := s[i]; ch {
+		case '\\':
+			if i+1 >= len(s) {
+				return "", s, false
+			}
+			i++
+			if ch = s[i]; ch != '"' && ch != '\\' {
+				return "", s, false
+			}
+		case '"':
+			return s[:i+1], s[i+1:], true
+		default:
+			if !isVChar(ch) && !isSP(ch) {
+				return "", s, false
+			}
+		}
+	}
+	return "", s, false
+}
+
+// ParseString parses a Go string from a given HTTP Structured Field Values.
+//
+// The entire HTTP SFV string must consist of a valid string. It returns the
+// parsed string and an ok boolean value, indicating success or not.
+//
+// https://www.rfc-editor.org/rfc/rfc9651.html#name-parsing-a-string.
+func ParseString(s string) (parsed string, ok bool) {
+	if _, rest, ok := consumeString(s); !ok || rest != "" {
+		return "", false
+	}
+	return s[1 : len(s)-1], true
+}
+
+// https://www.rfc-editor.org/rfc/rfc9651.html#name-parsing-a-token
+func consumeToken(s string) (consumed, rest string, ok bool) {
+	if len(s) == 0 || (!isAlpha(s[0]) && s[0] != '*') {
+		return "", s, false
+	}
+	i := 0
+	for _, ch := range []byte(s) {
+		if !isTChar(ch) && !slices.Contains([]byte(":/"), ch) {
+			break
+		}
+		i++
+	}
+	return s[:i], s[i:], true
+}
+
+// ParseToken parses a token from a given HTTP Structured Field Values.
+//
+// The entire HTTP SFV string must consist of a valid token. It returns the
+// parsed token and an ok boolean value, indicating success or not.
+//
+// https://www.rfc-editor.org/rfc/rfc9651.html#name-parsing-a-token
+func ParseToken(s string) (parsed string, ok bool) {
+	if _, rest, ok := consumeToken(s); !ok || rest != "" {
+		return "", false
+	}
+	return s, true
+}
+
+// https://www.rfc-editor.org/rfc/rfc9651.html#name-parsing-a-byte-sequence.
+func consumeByteSequence(s string) (consumed, rest string, ok bool) {
+	if len(s) == 0 || s[0] != ':' {
+		return "", s, false
+	}
+	for i := 1; i < len(s); i++ {
+		if ch := s[i]; ch == ':' {
+			return s[:i+1], s[i+1:], true
+		}
+		if ch := s[i]; !isAlpha(ch) && !isDigit(ch) && !slices.Contains([]byte("+/="), ch) {
+			return "", s, false
+		}
+	}
+	return "", s, false
+}
+
+// ParseByteSequence parses a byte sequence from a given HTTP Structured Field
+// Values.
+//
+// The entire HTTP SFV string must consist of a valid byte sequence. It returns
+// the parsed byte sequence and an ok boolean value, indicating success or not.
+//
+// https://www.rfc-editor.org/rfc/rfc9651.html#name-parsing-a-byte-sequence.
+func ParseByteSequence(s string) (parsed []byte, ok bool) {
+	if _, rest, ok := consumeByteSequence(s); !ok || rest != "" {
+		return nil, false
+	}
+	return []byte(s[1 : len(s)-1]), true
+}
+
+// https://www.rfc-editor.org/rfc/rfc9651.html#name-parsing-a-boolean.
+func consumeBoolean(s string) (consumed, rest string, ok bool) {
+	if len(s) >= 2 && (s[:2] == "?0" || s[:2] == "?1") {
+		return s[:2], s[2:], true
+	}
+	return "", s, false
+}
+
+// ParseBoolean parses a boolean from a given HTTP Structured Field Values.
+//
+// The entire HTTP SFV string must consist of a valid boolean. It returns the
+// parsed boolean and an ok boolean value, indicating success or not.
+//
+// https://www.rfc-editor.org/rfc/rfc9651.html#name-parsing-a-boolean.
+func ParseBoolean(s string) (parsed bool, ok bool) {
+	if _, rest, ok := consumeBoolean(s); !ok || rest != "" {
+		return false, false
+	}
+	return s == "?1", true
+}
+
+// https://www.rfc-editor.org/rfc/rfc9651.html#name-parsing-a-date.
+func consumeDate(s string) (consumed, rest string, ok bool) {
+	if len(s) == 0 || s[0] != '@' {
+		return "", s, false
+	}
+	if _, rest, ok = consumeIntegerOrDecimal(s[1:]); !ok {
+		return "", s, ok
+	}
+	consumed = s[:len(s)-len(rest)]
+	if slices.Contains([]byte(consumed), '.') {
+		return "", s, false
+	}
+	return consumed, rest, ok
+}
+
+// ParseDate parses a date from a given HTTP Structured Field Values.
+//
+// The entire HTTP SFV string must consist of a valid date. It returns the
+// parsed date and an ok boolean value, indicating success or not.
+//
+// https://www.rfc-editor.org/rfc/rfc9651.html#name-parsing-a-date.
+func ParseDate(s string) (parsed time.Time, ok bool) {
+	if _, rest, ok := consumeDate(s); !ok || rest != "" {
+		return time.Time{}, false
+	}
+	if n, ok := ParseInteger(s[1:]); !ok {
+		return time.Time{}, false
+	} else {
+		return time.Unix(n, 0), true
+	}
+}
+
+// https://www.rfc-editor.org/rfc/rfc9651.html#name-parsing-a-display-string.
+func consumeDisplayString(s string) (consumed, rest string, ok bool) {
+	// To prevent excessive allocation, especially when input is large, we
+	// maintain a buffer of 4 bytes to keep track of the last rune we
+	// encounter. This way, we can validate that the display string conforms to
+	// UTF-8 without actually building the whole string.
+	var lastRune [4]byte
+	var runeLen int
+	isPartOfValidRune := func(ch byte) bool {
+		lastRune[runeLen] = ch
+		runeLen++
+		if utf8.FullRune(lastRune[:runeLen]) {
+			r, s := utf8.DecodeRune(lastRune[:runeLen])
+			if r == utf8.RuneError {
+				return false
+			}
+			copy(lastRune[:], lastRune[s:runeLen])
+			runeLen -= s
+			return true
+		}
+		return runeLen <= 4
+	}
+
+	if len(s) <= 1 || s[:2] != `%"` {
+		return "", s, false
+	}
+	i := 2
+	for i < len(s) {
+		ch := s[i]
+		if !isVChar(ch) && !isSP(ch) {
+			return "", s, false
+		}
+		switch ch {
+		case '"':
+			if runeLen > 0 {
+				return "", s, false
+			}
+			return s[:i+1], s[i+1:], true
+		case '%':
+			if i+2 >= len(s) {
+				return "", s, false
+			}
+			if ch, ok = decOctetHex(s[i+1], s[i+2]); !ok {
+				return "", s, ok
+			}
+			if ok = isPartOfValidRune(ch); !ok {
+				return "", s, ok
+			}
+			i += 3
+		default:
+			if ok = isPartOfValidRune(ch); !ok {
+				return "", s, ok
+			}
+			i++
+		}
+	}
+	return "", s, false
+}
+
+// ParseDisplayString parses a display string from a given HTTP Structured
+// Field Values.
+//
+// The entire HTTP SFV string must consist of a valid display string. It
+// returns the parsed display string and an ok boolean value, indicating
+// success or not.
+//
+// https://www.rfc-editor.org/rfc/rfc9651.html#name-parsing-a-display-string.
+func ParseDisplayString(s string) (parsed string, ok bool) {
+	if _, rest, ok := consumeDisplayString(s); !ok || rest != "" {
+		return "", false
+	}
+	// consumeDisplayString() already validates that we have a valid display
+	// string. Therefore, we can just construct the display string, without
+	// validating it again.
+	s = s[2 : len(s)-1]
+	var b strings.Builder
+	for i := 0; i < len(s); {
+		if s[i] == '%' {
+			decoded, _ := decOctetHex(s[i+1], s[i+2])
+			b.WriteByte(decoded)
+			i += 3
+			continue
+		}
+		b.WriteByte(s[i])
+		i++
+	}
+	return b.String(), true
+}
+
+// https://www.rfc-editor.org/rfc/rfc9651.html#parse-bare-item.
+func consumeBareItem(s string) (consumed, rest string, ok bool) {
+	if len(s) == 0 {
+		return "", s, false
+	}
+	ch := s[0]
+	switch {
+	case ch == '-' || isDigit(ch):
+		return consumeIntegerOrDecimal(s)
+	case ch == '"':
+		return consumeString(s)
+	case ch == '*' || isAlpha(ch):
+		return consumeToken(s)
+	case ch == ':':
+		return consumeByteSequence(s)
+	case ch == '?':
+		return consumeBoolean(s)
+	case ch == '@':
+		return consumeDate(s)
+	case ch == '%':
+		return consumeDisplayString(s)
+	default:
+		return "", s, false
+	}
+}

src/vendor/golang.org/x/sys/cpu/cpu_x86.go

@@ -64,6 +64,80 @@ func initOptions() {
 
 func archInit() {
 
+	// From internal/cpu
+	const (
+		// eax bits
+		cpuid_AVXVNNI = 1 << 4
+
+		// ecx bits
+		cpuid_SSE3            = 1 << 0
+		cpuid_PCLMULQDQ       = 1 << 1
+		cpuid_AVX512VBMI      = 1 << 1
+		cpuid_AVX512VBMI2     = 1 << 6
+		cpuid_SSSE3           = 1 << 9
+		cpuid_AVX512GFNI      = 1 << 8
+		cpuid_AVX512VAES      = 1 << 9
+		cpuid_AVX512VNNI      = 1 << 11
+		cpuid_AVX512BITALG    = 1 << 12
+		cpuid_FMA             = 1 << 12
+		cpuid_AVX512VPOPCNTDQ = 1 << 14
+		cpuid_SSE41           = 1 << 19
+		cpuid_SSE42           = 1 << 20
+		cpuid_POPCNT          = 1 << 23
+		cpuid_AES             = 1 << 25
+		cpuid_OSXSAVE         = 1 << 27
+		cpuid_AVX             = 1 << 28
+
+		// "Extended Feature Flag" bits returned in EBX for CPUID EAX=0x7 ECX=0x0
+		cpuid_BMI1     = 1 << 3
+		cpuid_AVX2     = 1 << 5
+		cpuid_BMI2     = 1 << 8
+		cpuid_ERMS     = 1 << 9
+		cpuid_AVX512F  = 1 << 16
+		cpuid_AVX512DQ = 1 << 17
+		cpuid_ADX      = 1 << 19
+		cpuid_AVX512CD = 1 << 28
+		cpuid_SHA      = 1 << 29
+		cpuid_AVX512BW = 1 << 30
+		cpuid_AVX512VL = 1 << 31
+
+		// "Extended Feature Flag" bits returned in ECX for CPUID EAX=0x7 ECX=0x0
+		cpuid_AVX512_VBMI      = 1 << 1
+		cpuid_AVX512_VBMI2     = 1 << 6
+		cpuid_GFNI             = 1 << 8
+		cpuid_AVX512VPCLMULQDQ = 1 << 10
+		cpuid_AVX512_BITALG    = 1 << 12
+
+		// edx bits
+		cpuid_FSRM = 1 << 4
+		// edx bits for CPUID 0x80000001
+		cpuid_RDTSCP = 1 << 27
+	)
+	// Additional constants not in internal/cpu
+	const (
+		// eax=1: edx
+		cpuid_SSE2 = 1 << 26
+		// eax=1: ecx
+		cpuid_CX16   = 1 << 13
+		cpuid_RDRAND = 1 << 30
+		// eax=7,ecx=0: ebx
+		cpuid_RDSEED     = 1 << 18
+		cpuid_AVX512IFMA = 1 << 21
+		cpuid_AVX512PF   = 1 << 26
+		cpuid_AVX512ER   = 1 << 27
+		// eax=7,ecx=0: edx
+		cpuid_AVX5124VNNIW = 1 << 2
+		cpuid_AVX5124FMAPS = 1 << 3
+		cpuid_AMXBF16      = 1 << 22
+		cpuid_AMXTile      = 1 << 24
+		cpuid_AMXInt8      = 1 << 25
+		// eax=7,ecx=1: eax
+		cpuid_AVX512BF16 = 1 << 5
+		cpuid_AVXIFMA    = 1 << 23
+		// eax=7,ecx=1: edx
+		cpuid_AVXVNNIInt8 = 1 << 4
+	)
+
 	Initialized = true
 
 	maxID, _, _, _ := cpuid(0, 0)
@@ -73,90 +147,90 @@ func archInit() {
 	}
 
 	_, _, ecx1, edx1 := cpuid(1, 0)
-	X86.HasSSE2 = isSet(26, edx1)
+	X86.HasSSE2 = isSet(edx1, cpuid_SSE2)
 
-	X86.HasSSE3 = isSet(0, ecx1)
-	X86.HasPCLMULQDQ = isSet(1, ecx1)
-	X86.HasSSSE3 = isSet(9, ecx1)
-	X86.HasFMA = isSet(12, ecx1)
-	X86.HasCX16 = isSet(13, ecx1)
-	X86.HasSSE41 = isSet(19, ecx1)
-	X86.HasSSE42 = isSet(20, ecx1)
-	X86.HasPOPCNT = isSet(23, ecx1)
-	X86.HasAES = isSet(25, ecx1)
-	X86.HasOSXSAVE = isSet(27, ecx1)
-	X86.HasRDRAND = isSet(30, ecx1)
+	X86.HasSSE3 = isSet(ecx1, cpuid_SSE3)
+	X86.HasPCLMULQDQ = isSet(ecx1, cpuid_PCLMULQDQ)
+	X86.HasSSSE3 = isSet(ecx1, cpuid_SSSE3)
+	X86.HasFMA = isSet(ecx1, cpuid_FMA)
+	X86.HasCX16 = isSet(ecx1, cpuid_CX16)
+	X86.HasSSE41 = isSet(ecx1, cpuid_SSE41)
+	X86.HasSSE42 = isSet(ecx1, cpuid_SSE42)
+	X86.HasPOPCNT = isSet(ecx1, cpuid_POPCNT)
+	X86.HasAES = isSet(ecx1, cpuid_AES)
+	X86.HasOSXSAVE = isSet(ecx1, cpuid_OSXSAVE)
+	X86.HasRDRAND = isSet(ecx1, cpuid_RDRAND)
 
 	var osSupportsAVX, osSupportsAVX512 bool
 	// For XGETBV, OSXSAVE bit is required and sufficient.
 	if X86.HasOSXSAVE {
 		eax, _ := xgetbv()
 		// Check if XMM and YMM registers have OS support.
-		osSupportsAVX = isSet(1, eax) && isSet(2, eax)
+		osSupportsAVX = isSet(eax, 1<<1) && isSet(eax, 1<<2)
 
 		if runtime.GOOS == "darwin" {
 			// Darwin requires special AVX512 checks, see cpu_darwin_x86.go
 			osSupportsAVX512 = osSupportsAVX && darwinSupportsAVX512()
 		} else {
 			// Check if OPMASK and ZMM registers have OS support.
-			osSupportsAVX512 = osSupportsAVX && isSet(5, eax) && isSet(6, eax) && isSet(7, eax)
+			osSupportsAVX512 = osSupportsAVX && isSet(eax, 1<<5) && isSet(eax, 1<<6) && isSet(eax, 1<<7)
 		}
 	}
 
-	X86.HasAVX = isSet(28, ecx1) && osSupportsAVX
+	X86.HasAVX = isSet(ecx1, cpuid_AVX) && osSupportsAVX
 
 	if maxID < 7 {
 		return
 	}
 
 	eax7, ebx7, ecx7, edx7 := cpuid(7, 0)
-	X86.HasBMI1 = isSet(3, ebx7)
-	X86.HasAVX2 = isSet(5, ebx7) && osSupportsAVX
-	X86.HasBMI2 = isSet(8, ebx7)
-	X86.HasERMS = isSet(9, ebx7)
-	X86.HasRDSEED = isSet(18, ebx7)
-	X86.HasADX = isSet(19, ebx7)
+	X86.HasBMI1 = isSet(ebx7, cpuid_BMI1)
+	X86.HasAVX2 = isSet(ebx7, cpuid_AVX2) && osSupportsAVX
+	X86.HasBMI2 = isSet(ebx7, cpuid_BMI2)
+	X86.HasERMS = isSet(ebx7, cpuid_ERMS)
+	X86.HasRDSEED = isSet(ebx7, cpuid_RDSEED)
+	X86.HasADX = isSet(ebx7, cpuid_ADX)
 
-	X86.HasAVX512 = isSet(16, ebx7) && osSupportsAVX512 // Because avx-512 foundation is the core required extension
+	X86.HasAVX512 = isSet(ebx7, cpuid_AVX512F) && osSupportsAVX512 // Because avx-512 foundation is the core required extension
 	if X86.HasAVX512 {
 		X86.HasAVX512F = true
-		X86.HasAVX512CD = isSet(28, ebx7)
-		X86.HasAVX512ER = isSet(27, ebx7)
-		X86.HasAVX512PF = isSet(26, ebx7)
-		X86.HasAVX512VL = isSet(31, ebx7)
-		X86.HasAVX512BW = isSet(30, ebx7)
-		X86.HasAVX512DQ = isSet(17, ebx7)
-		X86.HasAVX512IFMA = isSet(21, ebx7)
-		X86.HasAVX512VBMI = isSet(1, ecx7)
-		X86.HasAVX5124VNNIW = isSet(2, edx7)
-		X86.HasAVX5124FMAPS = isSet(3, edx7)
-		X86.HasAVX512VPOPCNTDQ = isSet(14, ecx7)
-		X86.HasAVX512VPCLMULQDQ = isSet(10, ecx7)
-		X86.HasAVX512VNNI = isSet(11, ecx7)
-		X86.HasAVX512GFNI = isSet(8, ecx7)
-		X86.HasAVX512VAES = isSet(9, ecx7)
-		X86.HasAVX512VBMI2 = isSet(6, ecx7)
-		X86.HasAVX512BITALG = isSet(12, ecx7)
+		X86.HasAVX512CD = isSet(ebx7, cpuid_AVX512CD)
+		X86.HasAVX512ER = isSet(ebx7, cpuid_AVX512ER)
+		X86.HasAVX512PF = isSet(ebx7, cpuid_AVX512PF)
+		X86.HasAVX512VL = isSet(ebx7, cpuid_AVX512VL)
+		X86.HasAVX512BW = isSet(ebx7, cpuid_AVX512BW)
+		X86.HasAVX512DQ = isSet(ebx7, cpuid_AVX512DQ)
+		X86.HasAVX512IFMA = isSet(ebx7, cpuid_AVX512IFMA)
+		X86.HasAVX512VBMI = isSet(ecx7, cpuid_AVX512_VBMI)
+		X86.HasAVX5124VNNIW = isSet(edx7, cpuid_AVX5124VNNIW)
+		X86.HasAVX5124FMAPS = isSet(edx7, cpuid_AVX5124FMAPS)
+		X86.HasAVX512VPOPCNTDQ = isSet(ecx7, cpuid_AVX512VPOPCNTDQ)
+		X86.HasAVX512VPCLMULQDQ = isSet(ecx7, cpuid_AVX512VPCLMULQDQ)
+		X86.HasAVX512VNNI = isSet(ecx7, cpuid_AVX512VNNI)
+		X86.HasAVX512GFNI = isSet(ecx7, cpuid_AVX512GFNI)
+		X86.HasAVX512VAES = isSet(ecx7, cpuid_AVX512VAES)
+		X86.HasAVX512VBMI2 = isSet(ecx7, cpuid_AVX512VBMI2)
+		X86.HasAVX512BITALG = isSet(ecx7, cpuid_AVX512BITALG)
 	}
 
-	X86.HasAMXTile = isSet(24, edx7)
-	X86.HasAMXInt8 = isSet(25, edx7)
-	X86.HasAMXBF16 = isSet(22, edx7)
+	X86.HasAMXTile = isSet(edx7, cpuid_AMXTile)
+	X86.HasAMXInt8 = isSet(edx7, cpuid_AMXInt8)
+	X86.HasAMXBF16 = isSet(edx7, cpuid_AMXBF16)
 
 	// These features depend on the second level of extended features.
 	if eax7 >= 1 {
 		eax71, _, _, edx71 := cpuid(7, 1)
 		if X86.HasAVX512 {
-			X86.HasAVX512BF16 = isSet(5, eax71)
+			X86.HasAVX512BF16 = isSet(eax71, cpuid_AVX512BF16)
 		}
 		if X86.HasAVX {
-			X86.HasAVXIFMA = isSet(23, eax71)
-			X86.HasAVXVNNI = isSet(4, eax71)
-			X86.HasAVXVNNIInt8 = isSet(4, edx71)
+			X86.HasAVXIFMA = isSet(eax71, cpuid_AVXIFMA)
+			X86.HasAVXVNNI = isSet(eax71, cpuid_AVXVNNI)
+			X86.HasAVXVNNIInt8 = isSet(edx71, cpuid_AVXVNNIInt8)
 		}
 	}
 }
 
-func isSet(bitpos uint, value uint32) bool {
-	return value&(1<<bitpos) != 0
+func isSet(hwc uint32, value uint32) bool {
+	return hwc&value != 0
 }

src/vendor/golang.org/x/text/secure/bidirule/bidirule.go

@@ -334,3 +334,7 @@ func (t *Transformer) advanceString(s string) (n int, ok bool) {
 	}
 	return n, true
 }
+
+func (t *Transformer) isFinal() bool {
+	return t.state == ruleLTRFinal || t.state == ruleRTLFinal || t.state == ruleInitial
+}

src/vendor/golang.org/x/text/secure/bidirule/bidirule10.0.0.go

@@ -1,11 +0,0 @@
-// Copyright 2016 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build go1.10
-
-package bidirule
-
-func (t *Transformer) isFinal() bool {
-	return t.state == ruleLTRFinal || t.state == ruleRTLFinal || t.state == ruleInitial
-}

src/vendor/golang.org/x/text/secure/bidirule/bidirule9.0.0.go

@@ -1,14 +0,0 @@
-// Copyright 2016 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build !go1.10
-
-package bidirule
-
-func (t *Transformer) isFinal() bool {
-	if !t.isRTL() {
-		return true
-	}
-	return t.state == ruleLTRFinal || t.state == ruleRTLFinal || t.state == ruleInitial
-}

src/vendor/golang.org/x/text/unicode/bidi/tables15.0.0.go

@@ -1,6 +1,6 @@
 // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
 
-//go:build go1.21
+//go:build !go1.27
 
 package bidi
 

src/vendor/golang.org/x/text/unicode/norm/forminfo.go

@@ -13,15 +13,18 @@ import "encoding/binary"
 // a rune to a uint16. The values take two forms.  For v >= 0x8000:
 //   bits
 //   15:    1 (inverse of NFD_QC bit of qcInfo)
-//   13..7: qcInfo (see below). isYesD is always true (no decomposition).
+//   12..7: qcInfo (see below). isYesD is always true (no decomposition).
 //    6..0: ccc (compressed CCC value).
 // For v < 0x8000, the respective rune has a decomposition and v is an index
 // into a byte array of UTF-8 decomposition sequences and additional info and
 // has the form:
 //    <header> <decomp_byte>* [<tccc> [<lccc>]]
 // The header contains the number of bytes in the decomposition (excluding this
-// length byte). The two most significant bits of this length byte correspond
-// to bit 5 and 4 of qcInfo (see below).  The byte sequence itself starts at v+1.
+// length byte), with 33 mapped to 31 to fit in 5 bits.
+// (If any 31- or 32-byte decompositions come along, we could switch to using
+// use a general lookup table as long as there are at most 32 distinct lengths.)
+// The three most significant bits of this length byte correspond
+// to bit 5, 4, and 3 of qcInfo (see below).  The byte sequence itself starts at v+1.
 // The byte sequence is followed by a trailing and leading CCC if the values
 // for these are not zero.  The value of v determines which ccc are appended
 // to the sequences.  For v < firstCCC, there are none, for v >= firstCCC,
@@ -32,8 +35,8 @@ import "encoding/binary"
 
 const (
 	qcInfoMask      = 0x3F // to clear all but the relevant bits in a qcInfo
-	headerLenMask   = 0x3F // extract the length value from the header byte
-	headerFlagsMask = 0xC0 // extract the qcInfo bits from the header byte
+	headerLenMask   = 0x1F // extract the length value from the header byte (31 => 33)
+	headerFlagsMask = 0xE0 // extract the qcInfo bits from the header byte
 )
 
 // Properties provides access to normalization properties of a rune.
@@ -109,14 +112,14 @@ func (p Properties) BoundaryAfter() bool {
 	return p.isInert()
 }
 
-// We pack quick check data in 4 bits:
+// We pack quick check data in 6 bits:
 //
 //	5:    Combines forward  (0 == false, 1 == true)
 //	4..3: NFC_QC Yes(00), No (10), or Maybe (11)
 //	2:    NFD_QC Yes (0) or No (1). No also means there is a decomposition.
 //	1..0: Number of trailing non-starters.
 //
-// When all 4 bits are zero, the character is inert, meaning it is never
+// When all 6 bits are zero, the character is inert, meaning it is never
 // influenced by normalization.
 type qcInfo uint8
 
@@ -152,6 +155,9 @@ func (p Properties) Decomposition() []byte {
 	}
 	i := p.index
 	n := decomps[i] & headerLenMask
+	if n == 31 {
+		n = 33
+	}
 	i++
 	return decomps[i : i+uint16(n)]
 }
@@ -260,7 +266,11 @@ func compInfo(v uint16, sz int) Properties {
 	f := (qcInfo(h&headerFlagsMask) >> 2) | 0x4
 	p := Properties{size: uint8(sz), flags: f, index: v}
 	if v >= firstCCC {
-		v += uint16(h&headerLenMask) + 1
+		n := uint16(h & headerLenMask)
+		if n == 31 {
+			n = 33
+		}
+		v += n + 1
 		c := decomps[v]
 		p.tccc = c >> 2
 		p.flags |= qcInfo(c & 0x3)

src/vendor/modules.txt

@@ -1,4 +1,4 @@
-# golang.org/x/crypto v0.46.1-0.20251210140736-7dacc380ba00
+# golang.org/x/crypto v0.47.1-0.20260113154411-7d0074ccc6f1
 ## explicit; go 1.24.0
 golang.org/x/crypto/chacha20
 golang.org/x/crypto/chacha20poly1305
@@ -6,7 +6,7 @@ golang.org/x/crypto/cryptobyte
 golang.org/x/crypto/cryptobyte/asn1
 golang.org/x/crypto/internal/alias
 golang.org/x/crypto/internal/poly1305
-# golang.org/x/net v0.47.1-0.20251128220604-7c360367ab7e
+# golang.org/x/net v0.49.1-0.20260122225915-f2078620ee33
 ## explicit; go 1.24.0
 golang.org/x/net/dns/dnsmessage
 golang.org/x/net/http/httpguts
@@ -15,10 +15,10 @@ golang.org/x/net/http2/hpack
 golang.org/x/net/idna
 golang.org/x/net/lif
 golang.org/x/net/nettest
-# golang.org/x/sys v0.39.0
+# golang.org/x/sys v0.40.1-0.20260116220947-d25a7aaff8c2
 ## explicit; go 1.24.0
 golang.org/x/sys/cpu
-# golang.org/x/text v0.32.0
+# golang.org/x/text v0.33.1-0.20260122225119-3264de9174be
 ## explicit; go 1.24.0
 golang.org/x/text/secure/bidirule
 golang.org/x/text/transform