From 3e4aa1510fb8c7648134cc30bcb0cf4e4b8c023f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 20 Nov 2025 02:39:24 +0000
Subject: [PATCH] Bump golang.org/x/crypto from 0.42.0 to 0.45.0

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.42.0 to 0.45.0.
- [Commits](https://github.com/golang/crypto/compare/v0.42.0...v0.45.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.45.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 go.mod                                        |   14 +-
 go.sum                                        |   32 +-
 vendor/golang.org/x/crypto/argon2/argon2.go   |   18 +-
 .../x/crypto/chacha20/chacha_arm64.s          |    2 +-
 .../x/crypto/curve25519/curve25519.go         |   11 +-
 vendor/golang.org/x/crypto/sha3/doc.go        |   66 -
 vendor/golang.org/x/crypto/sha3/hashes.go     |  131 +-
 .../golang.org/x/crypto/sha3/hashes_noasm.go  |   23 -
 .../golang.org/x/crypto/sha3/keccakf_amd64.go |   13 -
 .../golang.org/x/crypto/sha3/keccakf_amd64.s  | 5419 -----------------
 .../x/crypto/sha3/{sha3.go => legacy_hash.go} |   49 +-
 .../sha3/{keccakf.go => legacy_keccakf.go}    |    6 +-
 vendor/golang.org/x/crypto/sha3/sha3_s390x.go |  303 -
 vendor/golang.org/x/crypto/sha3/sha3_s390x.s  |   33 -
 vendor/golang.org/x/crypto/sha3/shake.go      |  172 +-
 .../golang.org/x/crypto/sha3/shake_noasm.go   |   15 -
 .../golang.org/x/crypto/ssh/agent/client.go   |    6 +-
 .../golang.org/x/crypto/ssh/agent/keyring.go  |    2 +-
 .../golang.org/x/crypto/ssh/agent/server.go   |    3 +
 vendor/golang.org/x/crypto/ssh/cipher.go      |   62 +-
 vendor/golang.org/x/crypto/ssh/client_auth.go |   24 +-
 vendor/golang.org/x/crypto/ssh/common.go      |   83 +-
 vendor/golang.org/x/crypto/ssh/doc.go         |   10 +
 vendor/golang.org/x/crypto/ssh/handshake.go   |    9 +-
 vendor/golang.org/x/crypto/ssh/kex.go         |   24 +-
 vendor/golang.org/x/crypto/ssh/keys.go        |   70 +-
 vendor/golang.org/x/crypto/ssh/mac.go         |   42 +-
 vendor/golang.org/x/crypto/ssh/messages.go    |    2 +-
 vendor/golang.org/x/crypto/ssh/server.go      |   36 +-
 vendor/golang.org/x/crypto/ssh/ssh_gss.go     |    8 +-
 vendor/golang.org/x/crypto/ssh/streamlocal.go |    4 +-
 vendor/golang.org/x/crypto/ssh/tcpip.go       |  124 +-
 vendor/golang.org/x/crypto/ssh/transport.go   |    4 +
 vendor/golang.org/x/net/context/context.go    |   70 +-
 vendor/golang.org/x/net/http2/config.go       |   63 +-
 vendor/golang.org/x/net/http2/config_go124.go |   61 -
 vendor/golang.org/x/net/http2/config_go125.go |   15 +
 vendor/golang.org/x/net/http2/config_go126.go |   15 +
 .../x/net/http2/config_pre_go124.go           |   16 -
 vendor/golang.org/x/net/http2/frame.go        |  101 +-
 vendor/golang.org/x/net/http2/gotrack.go      |   17 +-
 vendor/golang.org/x/net/http2/http2.go        |   35 +-
 vendor/golang.org/x/net/http2/server.go       |  143 +-
 vendor/golang.org/x/net/http2/timer.go        |   20 -
 vendor/golang.org/x/net/http2/transport.go    |  196 +-
 vendor/golang.org/x/net/http2/writesched.go   |   67 +-
 ...rity.go => writesched_priority_rfc7540.go} |  109 +-
 .../net/http2/writesched_priority_rfc9218.go  |  209 +
 .../x/net/http2/writesched_roundrobin.go      |    2 +-
 .../x/net/internal/httpcommon/request.go      |    4 +-
 vendor/golang.org/x/sync/errgroup/errgroup.go |    2 +-
 vendor/golang.org/x/sys/cpu/cpu.go            |    3 +
 vendor/golang.org/x/sys/cpu/cpu_arm64.go      |   20 +-
 vendor/golang.org/x/sys/cpu/cpu_arm64.s       |   19 +-
 vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go   |    1 +
 .../golang.org/x/sys/cpu/cpu_gccgo_arm64.go   |    1 +
 .../golang.org/x/sys/cpu/cpu_netbsd_arm64.go  |    2 +-
 .../golang.org/x/sys/cpu/cpu_openbsd_arm64.go |    2 +-
 .../golang.org/x/sys/unix/affinity_linux.go   |    9 +
 vendor/golang.org/x/sys/unix/fdset.go         |    4 +-
 vendor/golang.org/x/sys/unix/ifreq_linux.go   |    4 +-
 vendor/golang.org/x/sys/unix/mkall.sh         |    1 +
 vendor/golang.org/x/sys/unix/mkerrors.sh      |    2 +
 vendor/golang.org/x/sys/unix/syscall_linux.go |   10 +-
 .../golang.org/x/sys/unix/syscall_netbsd.go   |   17 +
 vendor/golang.org/x/sys/unix/zerrors_linux.go |  359 ++
 .../golang.org/x/sys/unix/zsyscall_linux.go   |   10 +
 vendor/golang.org/x/sys/unix/ztypes_linux.go  |   31 +
 .../x/sys/windows/syscall_windows.go          |   17 +
 .../golang.org/x/sys/windows/types_windows.go |   92 +
 .../x/sys/windows/zsyscall_windows.go         |   55 +
 vendor/golang.org/x/text/unicode/bidi/core.go |   11 +-
 .../x/tools/cmd/stringer/stringer.go          |   41 +-
 vendor/golang.org/x/tools/go/ast/edge/edge.go |  295 +
 .../x/tools/go/ast/inspector/cursor.go        |  502 ++
 .../x/tools/go/ast/inspector/inspector.go     |  311 +
 .../x/tools/go/ast/inspector/iter.go          |   85 +
 .../x/tools/go/ast/inspector/typeof.go        |  227 +
 .../x/tools/go/ast/inspector/walk.go          |  341 ++
 .../golang.org/x/tools/go/packages/golist.go  |    6 -
 .../golang.org/x/tools/go/packages/visit.go   |   85 +-
 .../x/tools/go/types/objectpath/objectpath.go |    5 +-
 .../x/tools/go/types/typeutil/map.go          |   19 +-
 .../x/tools/internal/event/core/event.go      |    5 -
 .../x/tools/internal/gcimporter/iexport.go    |    1 -
 .../internal/gcimporter/iimport_go122.go      |   53 -
 .../x/tools/internal/stdlib/deps.go           |  596 +-
 .../x/tools/internal/stdlib/manifest.go       |   58 +-
 .../x/tools/internal/typesinternal/fx.go      |   49 +
 .../x/tools/internal/typesinternal/isnamed.go |   71 +
 .../tools/internal/typesinternal/qualifier.go |    8 +
 .../x/tools/internal/typesinternal/types.go   |   48 +-
 .../tools/internal/typesinternal/zerovalue.go |   17 +-
 vendor/modules.txt                            |   22 +-
 94 files changed, 4269 insertions(+), 7211 deletions(-)
 delete mode 100644 vendor/golang.org/x/crypto/sha3/doc.go
 delete mode 100644 vendor/golang.org/x/crypto/sha3/hashes_noasm.go
 delete mode 100644 vendor/golang.org/x/crypto/sha3/keccakf_amd64.go
 delete mode 100644 vendor/golang.org/x/crypto/sha3/keccakf_amd64.s
 rename vendor/golang.org/x/crypto/sha3/{sha3.go => legacy_hash.go} (83%)
 rename vendor/golang.org/x/crypto/sha3/{keccakf.go => legacy_keccakf.go} (98%)
 delete mode 100644 vendor/golang.org/x/crypto/sha3/sha3_s390x.go
 delete mode 100644 vendor/golang.org/x/crypto/sha3/sha3_s390x.s
 delete mode 100644 vendor/golang.org/x/crypto/sha3/shake_noasm.go
 delete mode 100644 vendor/golang.org/x/net/http2/config_go124.go
 create mode 100644 vendor/golang.org/x/net/http2/config_go125.go
 create mode 100644 vendor/golang.org/x/net/http2/config_go126.go
 delete mode 100644 vendor/golang.org/x/net/http2/config_pre_go124.go
 delete mode 100644 vendor/golang.org/x/net/http2/timer.go
 rename vendor/golang.org/x/net/http2/{writesched_priority.go => writesched_priority_rfc7540.go} (77%)
 create mode 100644 vendor/golang.org/x/net/http2/writesched_priority_rfc9218.go
 create mode 100644 vendor/golang.org/x/tools/go/ast/edge/edge.go
 create mode 100644 vendor/golang.org/x/tools/go/ast/inspector/cursor.go
 create mode 100644 vendor/golang.org/x/tools/go/ast/inspector/inspector.go
 create mode 100644 vendor/golang.org/x/tools/go/ast/inspector/iter.go
 create mode 100644 vendor/golang.org/x/tools/go/ast/inspector/typeof.go
 create mode 100644 vendor/golang.org/x/tools/go/ast/inspector/walk.go
 delete mode 100644 vendor/golang.org/x/tools/internal/gcimporter/iimport_go122.go
 create mode 100644 vendor/golang.org/x/tools/internal/typesinternal/fx.go
 create mode 100644 vendor/golang.org/x/tools/internal/typesinternal/isnamed.go

diff --git a/go.mod b/go.mod
index c1b3e7b7a..2831df5f3 100644
--- a/go.mod
+++ b/go.mod
@@ -16,7 +16,7 @@ require (
 	github.com/mitchellh/mapstructure v1.5.0
 	github.com/pkg/sftp v1.13.9
 	github.com/stretchr/testify v1.10.0
-	golang.org/x/crypto v0.42.0
+	golang.org/x/crypto v0.45.0
 	gopkg.in/yaml.v2 v2.4.0
 )
 
@@ -68,12 +68,12 @@ require (
 	github.com/vmihailenco/msgpack/v5 v5.4.1 // indirect
 	github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect
 	github.com/zclconf/go-cty v1.17.0 // indirect
-	golang.org/x/mod v0.27.0 // indirect
-	golang.org/x/net v0.43.0 // indirect
-	golang.org/x/sync v0.17.0 // indirect
-	golang.org/x/sys v0.36.0 // indirect
-	golang.org/x/text v0.29.0 // indirect
-	golang.org/x/tools v0.36.0 // indirect
+	golang.org/x/mod v0.29.0 // indirect
+	golang.org/x/net v0.47.0 // indirect
+	golang.org/x/sync v0.18.0 // indirect
+	golang.org/x/sys v0.38.0 // indirect
+	golang.org/x/text v0.31.0 // indirect
+	golang.org/x/tools v0.38.0 // indirect
 	google.golang.org/appengine v1.6.8 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20250707201910-8d1bb00bc6a7 // indirect
 	google.golang.org/grpc v1.75.1 // indirect
diff --git a/go.sum b/go.sum
index 229658231..536c4835d 100644
--- a/go.sum
+++ b/go.sum
@@ -213,15 +213,15 @@ golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliY
 golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
 golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
 golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
-golang.org/x/crypto v0.42.0 h1:chiH31gIWm57EkTXpwnqf8qeuMUi0yekh6mT2AvFlqI=
-golang.org/x/crypto v0.42.0/go.mod h1:4+rDnOTJhQCx2q7/j6rAN5XDw8kPjeaXEUR2eL94ix8=
+golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q=
+golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
 golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
 golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
-golang.org/x/mod v0.27.0 h1:kb+q2PyFnEADO2IEF935ehFUXlWiNjJWtRNgBLSfbxQ=
-golang.org/x/mod v0.27.0/go.mod h1:rWI627Fq0DEoudcK+MBkNkCe0EetEaDSwJJkCcjpazc=
+golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA=
+golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
@@ -231,8 +231,8 @@ golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
 golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk=
 golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
 golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
-golang.org/x/net v0.43.0 h1:lat02VYK2j4aLzMzecihNvTlJNQUq316m2Mr9rnM6YE=
-golang.org/x/net v0.43.0/go.mod h1:vhO1fvI4dGsIjh73sWfUVjj3N7CA9WkKJNQm2svM6Jg=
+golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY=
+golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -241,8 +241,8 @@ golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
 golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
-golang.org/x/sync v0.17.0 h1:l60nONMj9l5drqw6jlhIELNv9I0A4OFgRsG9k2oT9Ug=
-golang.org/x/sync v0.17.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
+golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I=
+golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20191008105621-543471e840be/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -263,8 +263,8 @@ golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/sys v0.36.0 h1:KVRy2GtZBrk1cBYA7MKu5bEZFxQk4NIDV6RLVcC8o0k=
-golang.org/x/sys v0.36.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
+golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc=
+golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
 golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
@@ -274,8 +274,8 @@ golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
 golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
 golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY=
 golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM=
-golang.org/x/term v0.35.0 h1:bZBVKBudEyhRcajGcNc3jIfWPqV4y/Kt2XcoigOWtDQ=
-golang.org/x/term v0.35.0/go.mod h1:TPGtkTLesOwf2DE8CgVYiZinHAOuy5AYUYT1lENIZnA=
+golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU=
+golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
@@ -286,16 +286,16 @@ golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
-golang.org/x/text v0.29.0 h1:1neNs90w9YzJ9BocxfsQNHKuAT4pkghyXc4nhZ6sJvk=
-golang.org/x/text v0.29.0/go.mod h1:7MhJOA9CD2qZyOKYazxdYMF85OwPdEr9jTtBpO7ydH4=
+golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM=
+golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
 golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
 golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58=
 golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
-golang.org/x/tools v0.36.0 h1:kWS0uv/zsvHEle1LbV5LE8QujrxB3wfQyxHfhOk0Qkg=
-golang.org/x/tools v0.36.0/go.mod h1:WBDiHKJK8YgLHlcQPYQzNCkUxUypCaa5ZegCVutKm+s=
+golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ=
+golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 gonum.org/v1/gonum v0.16.0 h1:5+ul4Swaf3ESvrOnidPp4GZbzf0mxVQpDCYUQE7OJfk=
diff --git a/vendor/golang.org/x/crypto/argon2/argon2.go b/vendor/golang.org/x/crypto/argon2/argon2.go
index 29f0a2de4..2b65ec91a 100644
--- a/vendor/golang.org/x/crypto/argon2/argon2.go
+++ b/vendor/golang.org/x/crypto/argon2/argon2.go
@@ -6,7 +6,7 @@
 // Argon2 was selected as the winner of the Password Hashing Competition and can
 // be used to derive cryptographic keys from passwords.
 //
-// For a detailed specification of Argon2 see [1].
+// For a detailed specification of Argon2 see [argon2-specs.pdf].
 //
 // If you aren't sure which function you need, use Argon2id (IDKey) and
 // the parameter recommendations for your scenario.
@@ -17,7 +17,7 @@
 // It uses data-independent memory access, which is preferred for password
 // hashing and password-based key derivation. Argon2i requires more passes over
 // memory than Argon2id to protect from trade-off attacks. The recommended
-// parameters (taken from [2]) for non-interactive operations are time=3 and to
+// parameters (taken from [RFC 9106 Section 7.3]) for non-interactive operations are time=3 and to
 // use the maximum available memory.
 //
 // # Argon2id
@@ -27,11 +27,11 @@
 // half of the first iteration over the memory and data-dependent memory access
 // for the rest. Argon2id is side-channel resistant and provides better brute-
 // force cost savings due to time-memory tradeoffs than Argon2i. The recommended
-// parameters for non-interactive operations (taken from [2]) are time=1 and to
+// parameters for non-interactive operations (taken from [RFC 9106 Section 7.3]) are time=1 and to
 // use the maximum available memory.
 //
-// [1] https://github.com/P-H-C/phc-winner-argon2/blob/master/argon2-specs.pdf
-// [2] https://tools.ietf.org/html/draft-irtf-cfrg-argon2-03#section-9.3
+// [argon2-specs.pdf]: https://github.com/P-H-C/phc-winner-argon2/blob/master/argon2-specs.pdf
+// [RFC 9106 Section 7.3]: https://www.rfc-editor.org/rfc/rfc9106.html#section-7.3
 package argon2
 
 import (
@@ -59,7 +59,7 @@ const (
 //
 //	key := argon2.Key([]byte("some password"), salt, 3, 32*1024, 4, 32)
 //
-// The draft RFC recommends[2] time=3, and memory=32*1024 is a sensible number.
+// [RFC 9106 Section 7.3] recommends time=3, and memory=32*1024 as a sensible number.
 // If using that amount of memory (32 MB) is not possible in some contexts then
 // the time parameter can be increased to compensate.
 //
@@ -69,6 +69,8 @@ const (
 // adjusted to the number of available CPUs. The cost parameters should be
 // increased as memory latency and CPU parallelism increases. Remember to get a
 // good random salt.
+//
+// [RFC 9106 Section 7.3]: https://www.rfc-editor.org/rfc/rfc9106.html#section-7.3
 func Key(password, salt []byte, time, memory uint32, threads uint8, keyLen uint32) []byte {
 	return deriveKey(argon2i, password, salt, nil, nil, time, memory, threads, keyLen)
 }
@@ -83,7 +85,7 @@ func Key(password, salt []byte, time, memory uint32, threads uint8, keyLen uint3
 //
 //	key := argon2.IDKey([]byte("some password"), salt, 1, 64*1024, 4, 32)
 //
-// The draft RFC recommends[2] time=1, and memory=64*1024 is a sensible number.
+// [RFC 9106 Section 7.3] recommends time=1, and memory=64*1024 as a sensible number.
 // If using that amount of memory (64 MB) is not possible in some contexts then
 // the time parameter can be increased to compensate.
 //
@@ -93,6 +95,8 @@ func Key(password, salt []byte, time, memory uint32, threads uint8, keyLen uint3
 // adjusted to the numbers of available CPUs. The cost parameters should be
 // increased as memory latency and CPU parallelism increases. Remember to get a
 // good random salt.
+//
+// [RFC 9106 Section 7.3]: https://www.rfc-editor.org/rfc/rfc9106.html#section-7.3
 func IDKey(password, salt []byte, time, memory uint32, threads uint8, keyLen uint32) []byte {
 	return deriveKey(argon2id, password, salt, nil, nil, time, memory, threads, keyLen)
 }
diff --git a/vendor/golang.org/x/crypto/chacha20/chacha_arm64.s b/vendor/golang.org/x/crypto/chacha20/chacha_arm64.s
index 7dd2638e8..769af387e 100644
--- a/vendor/golang.org/x/crypto/chacha20/chacha_arm64.s
+++ b/vendor/golang.org/x/crypto/chacha20/chacha_arm64.s
@@ -29,7 +29,7 @@ loop:
 	MOVD	$NUM_ROUNDS, R21
 	VLD1	(R11), [V30.S4, V31.S4]
 
-	// load contants
+	// load constants
 	// VLD4R (R10), [V0.S4, V1.S4, V2.S4, V3.S4]
 	WORD	$0x4D60E940
 
diff --git a/vendor/golang.org/x/crypto/curve25519/curve25519.go b/vendor/golang.org/x/crypto/curve25519/curve25519.go
index 8ff087df4..048faef3a 100644
--- a/vendor/golang.org/x/crypto/curve25519/curve25519.go
+++ b/vendor/golang.org/x/crypto/curve25519/curve25519.go
@@ -3,11 +3,14 @@
 // license that can be found in the LICENSE file.
 
 // Package curve25519 provides an implementation of the X25519 function, which
-// performs scalar multiplication on the elliptic curve known as Curve25519.
-// See RFC 7748.
+// performs scalar multiplication on the elliptic curve known as Curve25519
+// according to [RFC 7748].
 //
-// This package is a wrapper for the X25519 implementation
-// in the crypto/ecdh package.
+// The curve25519 package is a wrapper for the X25519 implementation in the
+// crypto/ecdh package. It is [frozen] and is not accepting new features.
+//
+// [RFC 7748]: https://datatracker.ietf.org/doc/html/rfc7748
+// [frozen]: https://go.dev/wiki/Frozen
 package curve25519
 
 import "crypto/ecdh"
diff --git a/vendor/golang.org/x/crypto/sha3/doc.go b/vendor/golang.org/x/crypto/sha3/doc.go
deleted file mode 100644
index bbf391fe6..000000000
--- a/vendor/golang.org/x/crypto/sha3/doc.go
+++ /dev/null
@@ -1,66 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package sha3 implements the SHA-3 fixed-output-length hash functions and
-// the SHAKE variable-output-length hash functions defined by FIPS-202.
-//
-// All types in this package also implement [encoding.BinaryMarshaler],
-// [encoding.BinaryAppender] and [encoding.BinaryUnmarshaler] to marshal and
-// unmarshal the internal state of the hash.
-//
-// Both types of hash function use the "sponge" construction and the Keccak
-// permutation. For a detailed specification see http://keccak.noekeon.org/
-//
-// # Guidance
-//
-// If you aren't sure what function you need, use SHAKE256 with at least 64
-// bytes of output. The SHAKE instances are faster than the SHA3 instances;
-// the latter have to allocate memory to conform to the hash.Hash interface.
-//
-// If you need a secret-key MAC (message authentication code), prepend the
-// secret key to the input, hash with SHAKE256 and read at least 32 bytes of
-// output.
-//
-// # Security strengths
-//
-// The SHA3-x (x equals 224, 256, 384, or 512) functions have a security
-// strength against preimage attacks of x bits. Since they only produce "x"
-// bits of output, their collision-resistance is only "x/2" bits.
-//
-// The SHAKE-256 and -128 functions have a generic security strength of 256 and
-// 128 bits against all attacks, provided that at least 2x bits of their output
-// is used.  Requesting more than 64 or 32 bytes of output, respectively, does
-// not increase the collision-resistance of the SHAKE functions.
-//
-// # The sponge construction
-//
-// A sponge builds a pseudo-random function from a public pseudo-random
-// permutation, by applying the permutation to a state of "rate + capacity"
-// bytes, but hiding "capacity" of the bytes.
-//
-// A sponge starts out with a zero state. To hash an input using a sponge, up
-// to "rate" bytes of the input are XORed into the sponge's state. The sponge
-// is then "full" and the permutation is applied to "empty" it. This process is
-// repeated until all the input has been "absorbed". The input is then padded.
-// The digest is "squeezed" from the sponge in the same way, except that output
-// is copied out instead of input being XORed in.
-//
-// A sponge is parameterized by its generic security strength, which is equal
-// to half its capacity; capacity + rate is equal to the permutation's width.
-// Since the KeccakF-1600 permutation is 1600 bits (200 bytes) wide, this means
-// that the security strength of a sponge instance is equal to (1600 - bitrate) / 2.
-//
-// # Recommendations
-//
-// The SHAKE functions are recommended for most new uses. They can produce
-// output of arbitrary length. SHAKE256, with an output length of at least
-// 64 bytes, provides 256-bit security against all attacks.  The Keccak team
-// recommends it for most applications upgrading from SHA2-512. (NIST chose a
-// much stronger, but much slower, sponge instance for SHA3-512.)
-//
-// The SHA-3 functions are "drop-in" replacements for the SHA-2 functions.
-// They produce output of the same length, with the same security strengths
-// against all attacks. This means, in particular, that SHA3-256 only has
-// 128-bit collision resistance, because its output length is 32 bytes.
-package sha3
diff --git a/vendor/golang.org/x/crypto/sha3/hashes.go b/vendor/golang.org/x/crypto/sha3/hashes.go
index 31fffbe04..a51269d91 100644
--- a/vendor/golang.org/x/crypto/sha3/hashes.go
+++ b/vendor/golang.org/x/crypto/sha3/hashes.go
@@ -2,127 +2,94 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
+// Package sha3 implements the SHA-3 hash algorithms and the SHAKE extendable
+// output functions defined in FIPS 202.
+//
+// Most of this package is a wrapper around the crypto/sha3 package in the
+// standard library. The only exception is the legacy Keccak hash functions.
 package sha3
 
-// This file provides functions for creating instances of the SHA-3
-// and SHAKE hash functions, as well as utility functions for hashing
-// bytes.
-
 import (
-	"crypto"
+	"crypto/sha3"
 	"hash"
 )
 
 // New224 creates a new SHA3-224 hash.
 // Its generic security strength is 224 bits against preimage attacks,
 // and 112 bits against collision attacks.
+//
+// It is a wrapper for the [sha3.New224] function in the standard library.
+//
+//go:fix inline
 func New224() hash.Hash {
-	return new224()
+	return sha3.New224()
 }
 
 // New256 creates a new SHA3-256 hash.
 // Its generic security strength is 256 bits against preimage attacks,
 // and 128 bits against collision attacks.
+//
+// It is a wrapper for the [sha3.New256] function in the standard library.
+//
+//go:fix inline
 func New256() hash.Hash {
-	return new256()
+	return sha3.New256()
 }
 
 // New384 creates a new SHA3-384 hash.
 // Its generic security strength is 384 bits against preimage attacks,
 // and 192 bits against collision attacks.
+//
+// It is a wrapper for the [sha3.New384] function in the standard library.
+//
+//go:fix inline
 func New384() hash.Hash {
-	return new384()
+	return sha3.New384()
 }
 
 // New512 creates a new SHA3-512 hash.
 // Its generic security strength is 512 bits against preimage attacks,
 // and 256 bits against collision attacks.
-func New512() hash.Hash {
-	return new512()
-}
-
-func init() {
-	crypto.RegisterHash(crypto.SHA3_224, New224)
-	crypto.RegisterHash(crypto.SHA3_256, New256)
-	crypto.RegisterHash(crypto.SHA3_384, New384)
-	crypto.RegisterHash(crypto.SHA3_512, New512)
-}
-
-const (
-	dsbyteSHA3   = 0b00000110
-	dsbyteKeccak = 0b00000001
-	dsbyteShake  = 0b00011111
-	dsbyteCShake = 0b00000100
-
-	// rateK[c] is the rate in bytes for Keccak[c] where c is the capacity in
-	// bits. Given the sponge size is 1600 bits, the rate is 1600 - c bits.
-	rateK256  = (1600 - 256) / 8
-	rateK448  = (1600 - 448) / 8
-	rateK512  = (1600 - 512) / 8
-	rateK768  = (1600 - 768) / 8
-	rateK1024 = (1600 - 1024) / 8
-)
-
-func new224Generic() *state {
-	return &state{rate: rateK448, outputLen: 28, dsbyte: dsbyteSHA3}
-}
-
-func new256Generic() *state {
-	return &state{rate: rateK512, outputLen: 32, dsbyte: dsbyteSHA3}
-}
-
-func new384Generic() *state {
-	return &state{rate: rateK768, outputLen: 48, dsbyte: dsbyteSHA3}
-}
-
-func new512Generic() *state {
-	return &state{rate: rateK1024, outputLen: 64, dsbyte: dsbyteSHA3}
-}
-
-// NewLegacyKeccak256 creates a new Keccak-256 hash.
 //
-// Only use this function if you require compatibility with an existing cryptosystem
-// that uses non-standard padding. All other users should use New256 instead.
-func NewLegacyKeccak256() hash.Hash {
-	return &state{rate: rateK512, outputLen: 32, dsbyte: dsbyteKeccak}
-}
-
-// NewLegacyKeccak512 creates a new Keccak-512 hash.
+// It is a wrapper for the [sha3.New512] function in the standard library.
 //
-// Only use this function if you require compatibility with an existing cryptosystem
-// that uses non-standard padding. All other users should use New512 instead.
-func NewLegacyKeccak512() hash.Hash {
-	return &state{rate: rateK1024, outputLen: 64, dsbyte: dsbyteKeccak}
+//go:fix inline
+func New512() hash.Hash {
+	return sha3.New512()
 }
 
 // Sum224 returns the SHA3-224 digest of the data.
-func Sum224(data []byte) (digest [28]byte) {
-	h := New224()
-	h.Write(data)
-	h.Sum(digest[:0])
-	return
+//
+// It is a wrapper for the [sha3.Sum224] function in the standard library.
+//
+//go:fix inline
+func Sum224(data []byte) [28]byte {
+	return sha3.Sum224(data)
 }
 
 // Sum256 returns the SHA3-256 digest of the data.
-func Sum256(data []byte) (digest [32]byte) {
-	h := New256()
-	h.Write(data)
-	h.Sum(digest[:0])
-	return
+//
+// It is a wrapper for the [sha3.Sum256] function in the standard library.
+//
+//go:fix inline
+func Sum256(data []byte) [32]byte {
+	return sha3.Sum256(data)
 }
 
 // Sum384 returns the SHA3-384 digest of the data.
-func Sum384(data []byte) (digest [48]byte) {
-	h := New384()
-	h.Write(data)
-	h.Sum(digest[:0])
-	return
+//
+// It is a wrapper for the [sha3.Sum384] function in the standard library.
+//
+//go:fix inline
+func Sum384(data []byte) [48]byte {
+	return sha3.Sum384(data)
 }
 
 // Sum512 returns the SHA3-512 digest of the data.
-func Sum512(data []byte) (digest [64]byte) {
-	h := New512()
-	h.Write(data)
-	h.Sum(digest[:0])
-	return
+//
+// It is a wrapper for the [sha3.Sum512] function in the standard library.
+//
+//go:fix inline
+func Sum512(data []byte) [64]byte {
+	return sha3.Sum512(data)
 }
diff --git a/vendor/golang.org/x/crypto/sha3/hashes_noasm.go b/vendor/golang.org/x/crypto/sha3/hashes_noasm.go
deleted file mode 100644
index 9d85fb621..000000000
--- a/vendor/golang.org/x/crypto/sha3/hashes_noasm.go
+++ /dev/null
@@ -1,23 +0,0 @@
-// Copyright 2023 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build !gc || purego || !s390x
-
-package sha3
-
-func new224() *state {
-	return new224Generic()
-}
-
-func new256() *state {
-	return new256Generic()
-}
-
-func new384() *state {
-	return new384Generic()
-}
-
-func new512() *state {
-	return new512Generic()
-}
diff --git a/vendor/golang.org/x/crypto/sha3/keccakf_amd64.go b/vendor/golang.org/x/crypto/sha3/keccakf_amd64.go
deleted file mode 100644
index b908696be..000000000
--- a/vendor/golang.org/x/crypto/sha3/keccakf_amd64.go
+++ /dev/null
@@ -1,13 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build amd64 && !purego && gc
-
-package sha3
-
-// This function is implemented in keccakf_amd64.s.
-
-//go:noescape
-
-func keccakF1600(a *[25]uint64)
diff --git a/vendor/golang.org/x/crypto/sha3/keccakf_amd64.s b/vendor/golang.org/x/crypto/sha3/keccakf_amd64.s
deleted file mode 100644
index 99e2f16e9..000000000
--- a/vendor/golang.org/x/crypto/sha3/keccakf_amd64.s
+++ /dev/null
@@ -1,5419 +0,0 @@
-// Code generated by command: go run keccakf_amd64_asm.go -out ../keccakf_amd64.s -pkg sha3. DO NOT EDIT.
-
-//go:build amd64 && !purego && gc
-
-// func keccakF1600(a *[25]uint64)
-TEXT ·keccakF1600(SB), $200-8
-	MOVQ a+0(FP), DI
-
-	// Convert the user state into an internal state
-	NOTQ 8(DI)
-	NOTQ 16(DI)
-	NOTQ 64(DI)
-	NOTQ 96(DI)
-	NOTQ 136(DI)
-	NOTQ 160(DI)
-
-	// Execute the KeccakF permutation
-	MOVQ (DI), SI
-	MOVQ 8(DI), BP
-	MOVQ 32(DI), R15
-	XORQ 40(DI), SI
-	XORQ 48(DI), BP
-	XORQ 72(DI), R15
-	XORQ 80(DI), SI
-	XORQ 88(DI), BP
-	XORQ 112(DI), R15
-	XORQ 120(DI), SI
-	XORQ 128(DI), BP
-	XORQ 152(DI), R15
-	XORQ 160(DI), SI
-	XORQ 168(DI), BP
-	MOVQ 176(DI), DX
-	MOVQ 184(DI), R8
-	XORQ 192(DI), R15
-
-	// Prepare round
-	MOVQ BP, BX
-	ROLQ $0x01, BX
-	MOVQ 16(DI), R12
-	XORQ 56(DI), DX
-	XORQ R15, BX
-	XORQ 96(DI), R12
-	XORQ 136(DI), DX
-	XORQ DX, R12
-	MOVQ R12, CX
-	ROLQ $0x01, CX
-	MOVQ 24(DI), R13
-	XORQ 64(DI), R8
-	XORQ SI, CX
-	XORQ 104(DI), R13
-	XORQ 144(DI), R8
-	XORQ R8, R13
-	MOVQ R13, DX
-	ROLQ $0x01, DX
-	MOVQ R15, R8
-	XORQ BP, DX
-	ROLQ $0x01, R8
-	MOVQ SI, R9
-	XORQ R12, R8
-	ROLQ $0x01, R9
-
-	// Result b
-	MOVQ (DI), R10
-	MOVQ 48(DI), R11
-	XORQ R13, R9
-	MOVQ 96(DI), R12
-	MOVQ 144(DI), R13
-	MOVQ 192(DI), R14
-	XORQ CX, R11
-	ROLQ $0x2c, R11
-	XORQ DX, R12
-	XORQ BX, R10
-	ROLQ $0x2b, R12
-	MOVQ R11, SI
-	MOVQ $0x0000000000000001, AX
-	ORQ  R12, SI
-	XORQ R10, AX
-	XORQ AX, SI
-	MOVQ SI, (SP)
-	XORQ R9, R14
-	ROLQ $0x0e, R14
-	MOVQ R10, R15
-	ANDQ R11, R15
-	XORQ R14, R15
-	MOVQ R15, 32(SP)
-	XORQ R8, R13
-	ROLQ $0x15, R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 16(SP)
-	NOTQ R12
-	ORQ  R10, R14
-	ORQ  R13, R12
-	XORQ R13, R14
-	XORQ R11, R12
-	MOVQ R14, 24(SP)
-	MOVQ R12, 8(SP)
-	MOVQ R12, BP
-
-	// Result g
-	MOVQ 72(DI), R11
-	XORQ R9, R11
-	MOVQ 80(DI), R12
-	ROLQ $0x14, R11
-	XORQ BX, R12
-	ROLQ $0x03, R12
-	MOVQ 24(DI), R10
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ R8, R10
-	MOVQ 128(DI), R13
-	MOVQ 176(DI), R14
-	ROLQ $0x1c, R10
-	XORQ R10, AX
-	MOVQ AX, 40(SP)
-	XORQ AX, SI
-	XORQ CX, R13
-	ROLQ $0x2d, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 48(SP)
-	XORQ AX, BP
-	XORQ DX, R14
-	ROLQ $0x3d, R14
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 64(SP)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 72(SP)
-	NOTQ R14
-	XORQ R10, R15
-	ORQ  R14, R13
-	XORQ R12, R13
-	MOVQ R13, 56(SP)
-
-	// Result k
-	MOVQ 8(DI), R10
-	MOVQ 56(DI), R11
-	MOVQ 104(DI), R12
-	MOVQ 152(DI), R13
-	MOVQ 160(DI), R14
-	XORQ DX, R11
-	ROLQ $0x06, R11
-	XORQ R8, R12
-	ROLQ $0x19, R12
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ CX, R10
-	ROLQ $0x01, R10
-	XORQ R10, AX
-	MOVQ AX, 80(SP)
-	XORQ AX, SI
-	XORQ R9, R13
-	ROLQ $0x08, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 88(SP)
-	XORQ AX, BP
-	XORQ BX, R14
-	ROLQ $0x12, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 96(SP)
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 104(SP)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 112(SP)
-	XORQ R10, R15
-
-	// Result m
-	MOVQ 40(DI), R11
-	XORQ BX, R11
-	MOVQ 88(DI), R12
-	ROLQ $0x24, R11
-	XORQ CX, R12
-	MOVQ 32(DI), R10
-	ROLQ $0x0a, R12
-	MOVQ R11, AX
-	MOVQ 136(DI), R13
-	ANDQ R12, AX
-	XORQ R9, R10
-	MOVQ 184(DI), R14
-	ROLQ $0x1b, R10
-	XORQ R10, AX
-	MOVQ AX, 120(SP)
-	XORQ AX, SI
-	XORQ DX, R13
-	ROLQ $0x0f, R13
-	MOVQ R12, AX
-	ORQ  R13, AX
-	XORQ R11, AX
-	MOVQ AX, 128(SP)
-	XORQ AX, BP
-	XORQ R8, R14
-	ROLQ $0x38, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ORQ  R14, AX
-	XORQ R12, AX
-	MOVQ AX, 136(SP)
-	ORQ  R10, R11
-	XORQ R14, R11
-	MOVQ R11, 152(SP)
-	ANDQ R10, R14
-	XORQ R13, R14
-	MOVQ R14, 144(SP)
-	XORQ R11, R15
-
-	// Result s
-	MOVQ 16(DI), R10
-	MOVQ 64(DI), R11
-	MOVQ 112(DI), R12
-	XORQ DX, R10
-	MOVQ 120(DI), R13
-	ROLQ $0x3e, R10
-	XORQ R8, R11
-	MOVQ 168(DI), R14
-	ROLQ $0x37, R11
-	XORQ R9, R12
-	MOVQ R10, R9
-	XORQ CX, R14
-	ROLQ $0x02, R14
-	ANDQ R11, R9
-	XORQ R14, R9
-	MOVQ R9, 192(SP)
-	ROLQ $0x27, R12
-	XORQ R9, R15
-	NOTQ R11
-	XORQ BX, R13
-	MOVQ R11, BX
-	ANDQ R12, BX
-	XORQ R10, BX
-	MOVQ BX, 160(SP)
-	XORQ BX, SI
-	ROLQ $0x29, R13
-	MOVQ R12, CX
-	ORQ  R13, CX
-	XORQ R11, CX
-	MOVQ CX, 168(SP)
-	XORQ CX, BP
-	MOVQ R13, DX
-	MOVQ R14, R8
-	ANDQ R14, DX
-	ORQ  R10, R8
-	XORQ R12, DX
-	XORQ R13, R8
-	MOVQ DX, 176(SP)
-	MOVQ R8, 184(SP)
-
-	// Prepare round
-	MOVQ BP, BX
-	ROLQ $0x01, BX
-	MOVQ 16(SP), R12
-	XORQ 56(SP), DX
-	XORQ R15, BX
-	XORQ 96(SP), R12
-	XORQ 136(SP), DX
-	XORQ DX, R12
-	MOVQ R12, CX
-	ROLQ $0x01, CX
-	MOVQ 24(SP), R13
-	XORQ 64(SP), R8
-	XORQ SI, CX
-	XORQ 104(SP), R13
-	XORQ 144(SP), R8
-	XORQ R8, R13
-	MOVQ R13, DX
-	ROLQ $0x01, DX
-	MOVQ R15, R8
-	XORQ BP, DX
-	ROLQ $0x01, R8
-	MOVQ SI, R9
-	XORQ R12, R8
-	ROLQ $0x01, R9
-
-	// Result b
-	MOVQ (SP), R10
-	MOVQ 48(SP), R11
-	XORQ R13, R9
-	MOVQ 96(SP), R12
-	MOVQ 144(SP), R13
-	MOVQ 192(SP), R14
-	XORQ CX, R11
-	ROLQ $0x2c, R11
-	XORQ DX, R12
-	XORQ BX, R10
-	ROLQ $0x2b, R12
-	MOVQ R11, SI
-	MOVQ $0x0000000000008082, AX
-	ORQ  R12, SI
-	XORQ R10, AX
-	XORQ AX, SI
-	MOVQ SI, (DI)
-	XORQ R9, R14
-	ROLQ $0x0e, R14
-	MOVQ R10, R15
-	ANDQ R11, R15
-	XORQ R14, R15
-	MOVQ R15, 32(DI)
-	XORQ R8, R13
-	ROLQ $0x15, R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 16(DI)
-	NOTQ R12
-	ORQ  R10, R14
-	ORQ  R13, R12
-	XORQ R13, R14
-	XORQ R11, R12
-	MOVQ R14, 24(DI)
-	MOVQ R12, 8(DI)
-	MOVQ R12, BP
-
-	// Result g
-	MOVQ 72(SP), R11
-	XORQ R9, R11
-	MOVQ 80(SP), R12
-	ROLQ $0x14, R11
-	XORQ BX, R12
-	ROLQ $0x03, R12
-	MOVQ 24(SP), R10
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ R8, R10
-	MOVQ 128(SP), R13
-	MOVQ 176(SP), R14
-	ROLQ $0x1c, R10
-	XORQ R10, AX
-	MOVQ AX, 40(DI)
-	XORQ AX, SI
-	XORQ CX, R13
-	ROLQ $0x2d, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 48(DI)
-	XORQ AX, BP
-	XORQ DX, R14
-	ROLQ $0x3d, R14
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 64(DI)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 72(DI)
-	NOTQ R14
-	XORQ R10, R15
-	ORQ  R14, R13
-	XORQ R12, R13
-	MOVQ R13, 56(DI)
-
-	// Result k
-	MOVQ 8(SP), R10
-	MOVQ 56(SP), R11
-	MOVQ 104(SP), R12
-	MOVQ 152(SP), R13
-	MOVQ 160(SP), R14
-	XORQ DX, R11
-	ROLQ $0x06, R11
-	XORQ R8, R12
-	ROLQ $0x19, R12
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ CX, R10
-	ROLQ $0x01, R10
-	XORQ R10, AX
-	MOVQ AX, 80(DI)
-	XORQ AX, SI
-	XORQ R9, R13
-	ROLQ $0x08, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 88(DI)
-	XORQ AX, BP
-	XORQ BX, R14
-	ROLQ $0x12, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 96(DI)
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 104(DI)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 112(DI)
-	XORQ R10, R15
-
-	// Result m
-	MOVQ 40(SP), R11
-	XORQ BX, R11
-	MOVQ 88(SP), R12
-	ROLQ $0x24, R11
-	XORQ CX, R12
-	MOVQ 32(SP), R10
-	ROLQ $0x0a, R12
-	MOVQ R11, AX
-	MOVQ 136(SP), R13
-	ANDQ R12, AX
-	XORQ R9, R10
-	MOVQ 184(SP), R14
-	ROLQ $0x1b, R10
-	XORQ R10, AX
-	MOVQ AX, 120(DI)
-	XORQ AX, SI
-	XORQ DX, R13
-	ROLQ $0x0f, R13
-	MOVQ R12, AX
-	ORQ  R13, AX
-	XORQ R11, AX
-	MOVQ AX, 128(DI)
-	XORQ AX, BP
-	XORQ R8, R14
-	ROLQ $0x38, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ORQ  R14, AX
-	XORQ R12, AX
-	MOVQ AX, 136(DI)
-	ORQ  R10, R11
-	XORQ R14, R11
-	MOVQ R11, 152(DI)
-	ANDQ R10, R14
-	XORQ R13, R14
-	MOVQ R14, 144(DI)
-	XORQ R11, R15
-
-	// Result s
-	MOVQ 16(SP), R10
-	MOVQ 64(SP), R11
-	MOVQ 112(SP), R12
-	XORQ DX, R10
-	MOVQ 120(SP), R13
-	ROLQ $0x3e, R10
-	XORQ R8, R11
-	MOVQ 168(SP), R14
-	ROLQ $0x37, R11
-	XORQ R9, R12
-	MOVQ R10, R9
-	XORQ CX, R14
-	ROLQ $0x02, R14
-	ANDQ R11, R9
-	XORQ R14, R9
-	MOVQ R9, 192(DI)
-	ROLQ $0x27, R12
-	XORQ R9, R15
-	NOTQ R11
-	XORQ BX, R13
-	MOVQ R11, BX
-	ANDQ R12, BX
-	XORQ R10, BX
-	MOVQ BX, 160(DI)
-	XORQ BX, SI
-	ROLQ $0x29, R13
-	MOVQ R12, CX
-	ORQ  R13, CX
-	XORQ R11, CX
-	MOVQ CX, 168(DI)
-	XORQ CX, BP
-	MOVQ R13, DX
-	MOVQ R14, R8
-	ANDQ R14, DX
-	ORQ  R10, R8
-	XORQ R12, DX
-	XORQ R13, R8
-	MOVQ DX, 176(DI)
-	MOVQ R8, 184(DI)
-
-	// Prepare round
-	MOVQ BP, BX
-	ROLQ $0x01, BX
-	MOVQ 16(DI), R12
-	XORQ 56(DI), DX
-	XORQ R15, BX
-	XORQ 96(DI), R12
-	XORQ 136(DI), DX
-	XORQ DX, R12
-	MOVQ R12, CX
-	ROLQ $0x01, CX
-	MOVQ 24(DI), R13
-	XORQ 64(DI), R8
-	XORQ SI, CX
-	XORQ 104(DI), R13
-	XORQ 144(DI), R8
-	XORQ R8, R13
-	MOVQ R13, DX
-	ROLQ $0x01, DX
-	MOVQ R15, R8
-	XORQ BP, DX
-	ROLQ $0x01, R8
-	MOVQ SI, R9
-	XORQ R12, R8
-	ROLQ $0x01, R9
-
-	// Result b
-	MOVQ (DI), R10
-	MOVQ 48(DI), R11
-	XORQ R13, R9
-	MOVQ 96(DI), R12
-	MOVQ 144(DI), R13
-	MOVQ 192(DI), R14
-	XORQ CX, R11
-	ROLQ $0x2c, R11
-	XORQ DX, R12
-	XORQ BX, R10
-	ROLQ $0x2b, R12
-	MOVQ R11, SI
-	MOVQ $0x800000000000808a, AX
-	ORQ  R12, SI
-	XORQ R10, AX
-	XORQ AX, SI
-	MOVQ SI, (SP)
-	XORQ R9, R14
-	ROLQ $0x0e, R14
-	MOVQ R10, R15
-	ANDQ R11, R15
-	XORQ R14, R15
-	MOVQ R15, 32(SP)
-	XORQ R8, R13
-	ROLQ $0x15, R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 16(SP)
-	NOTQ R12
-	ORQ  R10, R14
-	ORQ  R13, R12
-	XORQ R13, R14
-	XORQ R11, R12
-	MOVQ R14, 24(SP)
-	MOVQ R12, 8(SP)
-	MOVQ R12, BP
-
-	// Result g
-	MOVQ 72(DI), R11
-	XORQ R9, R11
-	MOVQ 80(DI), R12
-	ROLQ $0x14, R11
-	XORQ BX, R12
-	ROLQ $0x03, R12
-	MOVQ 24(DI), R10
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ R8, R10
-	MOVQ 128(DI), R13
-	MOVQ 176(DI), R14
-	ROLQ $0x1c, R10
-	XORQ R10, AX
-	MOVQ AX, 40(SP)
-	XORQ AX, SI
-	XORQ CX, R13
-	ROLQ $0x2d, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 48(SP)
-	XORQ AX, BP
-	XORQ DX, R14
-	ROLQ $0x3d, R14
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 64(SP)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 72(SP)
-	NOTQ R14
-	XORQ R10, R15
-	ORQ  R14, R13
-	XORQ R12, R13
-	MOVQ R13, 56(SP)
-
-	// Result k
-	MOVQ 8(DI), R10
-	MOVQ 56(DI), R11
-	MOVQ 104(DI), R12
-	MOVQ 152(DI), R13
-	MOVQ 160(DI), R14
-	XORQ DX, R11
-	ROLQ $0x06, R11
-	XORQ R8, R12
-	ROLQ $0x19, R12
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ CX, R10
-	ROLQ $0x01, R10
-	XORQ R10, AX
-	MOVQ AX, 80(SP)
-	XORQ AX, SI
-	XORQ R9, R13
-	ROLQ $0x08, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 88(SP)
-	XORQ AX, BP
-	XORQ BX, R14
-	ROLQ $0x12, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 96(SP)
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 104(SP)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 112(SP)
-	XORQ R10, R15
-
-	// Result m
-	MOVQ 40(DI), R11
-	XORQ BX, R11
-	MOVQ 88(DI), R12
-	ROLQ $0x24, R11
-	XORQ CX, R12
-	MOVQ 32(DI), R10
-	ROLQ $0x0a, R12
-	MOVQ R11, AX
-	MOVQ 136(DI), R13
-	ANDQ R12, AX
-	XORQ R9, R10
-	MOVQ 184(DI), R14
-	ROLQ $0x1b, R10
-	XORQ R10, AX
-	MOVQ AX, 120(SP)
-	XORQ AX, SI
-	XORQ DX, R13
-	ROLQ $0x0f, R13
-	MOVQ R12, AX
-	ORQ  R13, AX
-	XORQ R11, AX
-	MOVQ AX, 128(SP)
-	XORQ AX, BP
-	XORQ R8, R14
-	ROLQ $0x38, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ORQ  R14, AX
-	XORQ R12, AX
-	MOVQ AX, 136(SP)
-	ORQ  R10, R11
-	XORQ R14, R11
-	MOVQ R11, 152(SP)
-	ANDQ R10, R14
-	XORQ R13, R14
-	MOVQ R14, 144(SP)
-	XORQ R11, R15
-
-	// Result s
-	MOVQ 16(DI), R10
-	MOVQ 64(DI), R11
-	MOVQ 112(DI), R12
-	XORQ DX, R10
-	MOVQ 120(DI), R13
-	ROLQ $0x3e, R10
-	XORQ R8, R11
-	MOVQ 168(DI), R14
-	ROLQ $0x37, R11
-	XORQ R9, R12
-	MOVQ R10, R9
-	XORQ CX, R14
-	ROLQ $0x02, R14
-	ANDQ R11, R9
-	XORQ R14, R9
-	MOVQ R9, 192(SP)
-	ROLQ $0x27, R12
-	XORQ R9, R15
-	NOTQ R11
-	XORQ BX, R13
-	MOVQ R11, BX
-	ANDQ R12, BX
-	XORQ R10, BX
-	MOVQ BX, 160(SP)
-	XORQ BX, SI
-	ROLQ $0x29, R13
-	MOVQ R12, CX
-	ORQ  R13, CX
-	XORQ R11, CX
-	MOVQ CX, 168(SP)
-	XORQ CX, BP
-	MOVQ R13, DX
-	MOVQ R14, R8
-	ANDQ R14, DX
-	ORQ  R10, R8
-	XORQ R12, DX
-	XORQ R13, R8
-	MOVQ DX, 176(SP)
-	MOVQ R8, 184(SP)
-
-	// Prepare round
-	MOVQ BP, BX
-	ROLQ $0x01, BX
-	MOVQ 16(SP), R12
-	XORQ 56(SP), DX
-	XORQ R15, BX
-	XORQ 96(SP), R12
-	XORQ 136(SP), DX
-	XORQ DX, R12
-	MOVQ R12, CX
-	ROLQ $0x01, CX
-	MOVQ 24(SP), R13
-	XORQ 64(SP), R8
-	XORQ SI, CX
-	XORQ 104(SP), R13
-	XORQ 144(SP), R8
-	XORQ R8, R13
-	MOVQ R13, DX
-	ROLQ $0x01, DX
-	MOVQ R15, R8
-	XORQ BP, DX
-	ROLQ $0x01, R8
-	MOVQ SI, R9
-	XORQ R12, R8
-	ROLQ $0x01, R9
-
-	// Result b
-	MOVQ (SP), R10
-	MOVQ 48(SP), R11
-	XORQ R13, R9
-	MOVQ 96(SP), R12
-	MOVQ 144(SP), R13
-	MOVQ 192(SP), R14
-	XORQ CX, R11
-	ROLQ $0x2c, R11
-	XORQ DX, R12
-	XORQ BX, R10
-	ROLQ $0x2b, R12
-	MOVQ R11, SI
-	MOVQ $0x8000000080008000, AX
-	ORQ  R12, SI
-	XORQ R10, AX
-	XORQ AX, SI
-	MOVQ SI, (DI)
-	XORQ R9, R14
-	ROLQ $0x0e, R14
-	MOVQ R10, R15
-	ANDQ R11, R15
-	XORQ R14, R15
-	MOVQ R15, 32(DI)
-	XORQ R8, R13
-	ROLQ $0x15, R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 16(DI)
-	NOTQ R12
-	ORQ  R10, R14
-	ORQ  R13, R12
-	XORQ R13, R14
-	XORQ R11, R12
-	MOVQ R14, 24(DI)
-	MOVQ R12, 8(DI)
-	MOVQ R12, BP
-
-	// Result g
-	MOVQ 72(SP), R11
-	XORQ R9, R11
-	MOVQ 80(SP), R12
-	ROLQ $0x14, R11
-	XORQ BX, R12
-	ROLQ $0x03, R12
-	MOVQ 24(SP), R10
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ R8, R10
-	MOVQ 128(SP), R13
-	MOVQ 176(SP), R14
-	ROLQ $0x1c, R10
-	XORQ R10, AX
-	MOVQ AX, 40(DI)
-	XORQ AX, SI
-	XORQ CX, R13
-	ROLQ $0x2d, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 48(DI)
-	XORQ AX, BP
-	XORQ DX, R14
-	ROLQ $0x3d, R14
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 64(DI)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 72(DI)
-	NOTQ R14
-	XORQ R10, R15
-	ORQ  R14, R13
-	XORQ R12, R13
-	MOVQ R13, 56(DI)
-
-	// Result k
-	MOVQ 8(SP), R10
-	MOVQ 56(SP), R11
-	MOVQ 104(SP), R12
-	MOVQ 152(SP), R13
-	MOVQ 160(SP), R14
-	XORQ DX, R11
-	ROLQ $0x06, R11
-	XORQ R8, R12
-	ROLQ $0x19, R12
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ CX, R10
-	ROLQ $0x01, R10
-	XORQ R10, AX
-	MOVQ AX, 80(DI)
-	XORQ AX, SI
-	XORQ R9, R13
-	ROLQ $0x08, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 88(DI)
-	XORQ AX, BP
-	XORQ BX, R14
-	ROLQ $0x12, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 96(DI)
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 104(DI)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 112(DI)
-	XORQ R10, R15
-
-	// Result m
-	MOVQ 40(SP), R11
-	XORQ BX, R11
-	MOVQ 88(SP), R12
-	ROLQ $0x24, R11
-	XORQ CX, R12
-	MOVQ 32(SP), R10
-	ROLQ $0x0a, R12
-	MOVQ R11, AX
-	MOVQ 136(SP), R13
-	ANDQ R12, AX
-	XORQ R9, R10
-	MOVQ 184(SP), R14
-	ROLQ $0x1b, R10
-	XORQ R10, AX
-	MOVQ AX, 120(DI)
-	XORQ AX, SI
-	XORQ DX, R13
-	ROLQ $0x0f, R13
-	MOVQ R12, AX
-	ORQ  R13, AX
-	XORQ R11, AX
-	MOVQ AX, 128(DI)
-	XORQ AX, BP
-	XORQ R8, R14
-	ROLQ $0x38, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ORQ  R14, AX
-	XORQ R12, AX
-	MOVQ AX, 136(DI)
-	ORQ  R10, R11
-	XORQ R14, R11
-	MOVQ R11, 152(DI)
-	ANDQ R10, R14
-	XORQ R13, R14
-	MOVQ R14, 144(DI)
-	XORQ R11, R15
-
-	// Result s
-	MOVQ 16(SP), R10
-	MOVQ 64(SP), R11
-	MOVQ 112(SP), R12
-	XORQ DX, R10
-	MOVQ 120(SP), R13
-	ROLQ $0x3e, R10
-	XORQ R8, R11
-	MOVQ 168(SP), R14
-	ROLQ $0x37, R11
-	XORQ R9, R12
-	MOVQ R10, R9
-	XORQ CX, R14
-	ROLQ $0x02, R14
-	ANDQ R11, R9
-	XORQ R14, R9
-	MOVQ R9, 192(DI)
-	ROLQ $0x27, R12
-	XORQ R9, R15
-	NOTQ R11
-	XORQ BX, R13
-	MOVQ R11, BX
-	ANDQ R12, BX
-	XORQ R10, BX
-	MOVQ BX, 160(DI)
-	XORQ BX, SI
-	ROLQ $0x29, R13
-	MOVQ R12, CX
-	ORQ  R13, CX
-	XORQ R11, CX
-	MOVQ CX, 168(DI)
-	XORQ CX, BP
-	MOVQ R13, DX
-	MOVQ R14, R8
-	ANDQ R14, DX
-	ORQ  R10, R8
-	XORQ R12, DX
-	XORQ R13, R8
-	MOVQ DX, 176(DI)
-	MOVQ R8, 184(DI)
-
-	// Prepare round
-	MOVQ BP, BX
-	ROLQ $0x01, BX
-	MOVQ 16(DI), R12
-	XORQ 56(DI), DX
-	XORQ R15, BX
-	XORQ 96(DI), R12
-	XORQ 136(DI), DX
-	XORQ DX, R12
-	MOVQ R12, CX
-	ROLQ $0x01, CX
-	MOVQ 24(DI), R13
-	XORQ 64(DI), R8
-	XORQ SI, CX
-	XORQ 104(DI), R13
-	XORQ 144(DI), R8
-	XORQ R8, R13
-	MOVQ R13, DX
-	ROLQ $0x01, DX
-	MOVQ R15, R8
-	XORQ BP, DX
-	ROLQ $0x01, R8
-	MOVQ SI, R9
-	XORQ R12, R8
-	ROLQ $0x01, R9
-
-	// Result b
-	MOVQ (DI), R10
-	MOVQ 48(DI), R11
-	XORQ R13, R9
-	MOVQ 96(DI), R12
-	MOVQ 144(DI), R13
-	MOVQ 192(DI), R14
-	XORQ CX, R11
-	ROLQ $0x2c, R11
-	XORQ DX, R12
-	XORQ BX, R10
-	ROLQ $0x2b, R12
-	MOVQ R11, SI
-	MOVQ $0x000000000000808b, AX
-	ORQ  R12, SI
-	XORQ R10, AX
-	XORQ AX, SI
-	MOVQ SI, (SP)
-	XORQ R9, R14
-	ROLQ $0x0e, R14
-	MOVQ R10, R15
-	ANDQ R11, R15
-	XORQ R14, R15
-	MOVQ R15, 32(SP)
-	XORQ R8, R13
-	ROLQ $0x15, R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 16(SP)
-	NOTQ R12
-	ORQ  R10, R14
-	ORQ  R13, R12
-	XORQ R13, R14
-	XORQ R11, R12
-	MOVQ R14, 24(SP)
-	MOVQ R12, 8(SP)
-	MOVQ R12, BP
-
-	// Result g
-	MOVQ 72(DI), R11
-	XORQ R9, R11
-	MOVQ 80(DI), R12
-	ROLQ $0x14, R11
-	XORQ BX, R12
-	ROLQ $0x03, R12
-	MOVQ 24(DI), R10
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ R8, R10
-	MOVQ 128(DI), R13
-	MOVQ 176(DI), R14
-	ROLQ $0x1c, R10
-	XORQ R10, AX
-	MOVQ AX, 40(SP)
-	XORQ AX, SI
-	XORQ CX, R13
-	ROLQ $0x2d, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 48(SP)
-	XORQ AX, BP
-	XORQ DX, R14
-	ROLQ $0x3d, R14
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 64(SP)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 72(SP)
-	NOTQ R14
-	XORQ R10, R15
-	ORQ  R14, R13
-	XORQ R12, R13
-	MOVQ R13, 56(SP)
-
-	// Result k
-	MOVQ 8(DI), R10
-	MOVQ 56(DI), R11
-	MOVQ 104(DI), R12
-	MOVQ 152(DI), R13
-	MOVQ 160(DI), R14
-	XORQ DX, R11
-	ROLQ $0x06, R11
-	XORQ R8, R12
-	ROLQ $0x19, R12
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ CX, R10
-	ROLQ $0x01, R10
-	XORQ R10, AX
-	MOVQ AX, 80(SP)
-	XORQ AX, SI
-	XORQ R9, R13
-	ROLQ $0x08, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 88(SP)
-	XORQ AX, BP
-	XORQ BX, R14
-	ROLQ $0x12, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 96(SP)
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 104(SP)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 112(SP)
-	XORQ R10, R15
-
-	// Result m
-	MOVQ 40(DI), R11
-	XORQ BX, R11
-	MOVQ 88(DI), R12
-	ROLQ $0x24, R11
-	XORQ CX, R12
-	MOVQ 32(DI), R10
-	ROLQ $0x0a, R12
-	MOVQ R11, AX
-	MOVQ 136(DI), R13
-	ANDQ R12, AX
-	XORQ R9, R10
-	MOVQ 184(DI), R14
-	ROLQ $0x1b, R10
-	XORQ R10, AX
-	MOVQ AX, 120(SP)
-	XORQ AX, SI
-	XORQ DX, R13
-	ROLQ $0x0f, R13
-	MOVQ R12, AX
-	ORQ  R13, AX
-	XORQ R11, AX
-	MOVQ AX, 128(SP)
-	XORQ AX, BP
-	XORQ R8, R14
-	ROLQ $0x38, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ORQ  R14, AX
-	XORQ R12, AX
-	MOVQ AX, 136(SP)
-	ORQ  R10, R11
-	XORQ R14, R11
-	MOVQ R11, 152(SP)
-	ANDQ R10, R14
-	XORQ R13, R14
-	MOVQ R14, 144(SP)
-	XORQ R11, R15
-
-	// Result s
-	MOVQ 16(DI), R10
-	MOVQ 64(DI), R11
-	MOVQ 112(DI), R12
-	XORQ DX, R10
-	MOVQ 120(DI), R13
-	ROLQ $0x3e, R10
-	XORQ R8, R11
-	MOVQ 168(DI), R14
-	ROLQ $0x37, R11
-	XORQ R9, R12
-	MOVQ R10, R9
-	XORQ CX, R14
-	ROLQ $0x02, R14
-	ANDQ R11, R9
-	XORQ R14, R9
-	MOVQ R9, 192(SP)
-	ROLQ $0x27, R12
-	XORQ R9, R15
-	NOTQ R11
-	XORQ BX, R13
-	MOVQ R11, BX
-	ANDQ R12, BX
-	XORQ R10, BX
-	MOVQ BX, 160(SP)
-	XORQ BX, SI
-	ROLQ $0x29, R13
-	MOVQ R12, CX
-	ORQ  R13, CX
-	XORQ R11, CX
-	MOVQ CX, 168(SP)
-	XORQ CX, BP
-	MOVQ R13, DX
-	MOVQ R14, R8
-	ANDQ R14, DX
-	ORQ  R10, R8
-	XORQ R12, DX
-	XORQ R13, R8
-	MOVQ DX, 176(SP)
-	MOVQ R8, 184(SP)
-
-	// Prepare round
-	MOVQ BP, BX
-	ROLQ $0x01, BX
-	MOVQ 16(SP), R12
-	XORQ 56(SP), DX
-	XORQ R15, BX
-	XORQ 96(SP), R12
-	XORQ 136(SP), DX
-	XORQ DX, R12
-	MOVQ R12, CX
-	ROLQ $0x01, CX
-	MOVQ 24(SP), R13
-	XORQ 64(SP), R8
-	XORQ SI, CX
-	XORQ 104(SP), R13
-	XORQ 144(SP), R8
-	XORQ R8, R13
-	MOVQ R13, DX
-	ROLQ $0x01, DX
-	MOVQ R15, R8
-	XORQ BP, DX
-	ROLQ $0x01, R8
-	MOVQ SI, R9
-	XORQ R12, R8
-	ROLQ $0x01, R9
-
-	// Result b
-	MOVQ (SP), R10
-	MOVQ 48(SP), R11
-	XORQ R13, R9
-	MOVQ 96(SP), R12
-	MOVQ 144(SP), R13
-	MOVQ 192(SP), R14
-	XORQ CX, R11
-	ROLQ $0x2c, R11
-	XORQ DX, R12
-	XORQ BX, R10
-	ROLQ $0x2b, R12
-	MOVQ R11, SI
-	MOVQ $0x0000000080000001, AX
-	ORQ  R12, SI
-	XORQ R10, AX
-	XORQ AX, SI
-	MOVQ SI, (DI)
-	XORQ R9, R14
-	ROLQ $0x0e, R14
-	MOVQ R10, R15
-	ANDQ R11, R15
-	XORQ R14, R15
-	MOVQ R15, 32(DI)
-	XORQ R8, R13
-	ROLQ $0x15, R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 16(DI)
-	NOTQ R12
-	ORQ  R10, R14
-	ORQ  R13, R12
-	XORQ R13, R14
-	XORQ R11, R12
-	MOVQ R14, 24(DI)
-	MOVQ R12, 8(DI)
-	MOVQ R12, BP
-
-	// Result g
-	MOVQ 72(SP), R11
-	XORQ R9, R11
-	MOVQ 80(SP), R12
-	ROLQ $0x14, R11
-	XORQ BX, R12
-	ROLQ $0x03, R12
-	MOVQ 24(SP), R10
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ R8, R10
-	MOVQ 128(SP), R13
-	MOVQ 176(SP), R14
-	ROLQ $0x1c, R10
-	XORQ R10, AX
-	MOVQ AX, 40(DI)
-	XORQ AX, SI
-	XORQ CX, R13
-	ROLQ $0x2d, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 48(DI)
-	XORQ AX, BP
-	XORQ DX, R14
-	ROLQ $0x3d, R14
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 64(DI)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 72(DI)
-	NOTQ R14
-	XORQ R10, R15
-	ORQ  R14, R13
-	XORQ R12, R13
-	MOVQ R13, 56(DI)
-
-	// Result k
-	MOVQ 8(SP), R10
-	MOVQ 56(SP), R11
-	MOVQ 104(SP), R12
-	MOVQ 152(SP), R13
-	MOVQ 160(SP), R14
-	XORQ DX, R11
-	ROLQ $0x06, R11
-	XORQ R8, R12
-	ROLQ $0x19, R12
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ CX, R10
-	ROLQ $0x01, R10
-	XORQ R10, AX
-	MOVQ AX, 80(DI)
-	XORQ AX, SI
-	XORQ R9, R13
-	ROLQ $0x08, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 88(DI)
-	XORQ AX, BP
-	XORQ BX, R14
-	ROLQ $0x12, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 96(DI)
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 104(DI)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 112(DI)
-	XORQ R10, R15
-
-	// Result m
-	MOVQ 40(SP), R11
-	XORQ BX, R11
-	MOVQ 88(SP), R12
-	ROLQ $0x24, R11
-	XORQ CX, R12
-	MOVQ 32(SP), R10
-	ROLQ $0x0a, R12
-	MOVQ R11, AX
-	MOVQ 136(SP), R13
-	ANDQ R12, AX
-	XORQ R9, R10
-	MOVQ 184(SP), R14
-	ROLQ $0x1b, R10
-	XORQ R10, AX
-	MOVQ AX, 120(DI)
-	XORQ AX, SI
-	XORQ DX, R13
-	ROLQ $0x0f, R13
-	MOVQ R12, AX
-	ORQ  R13, AX
-	XORQ R11, AX
-	MOVQ AX, 128(DI)
-	XORQ AX, BP
-	XORQ R8, R14
-	ROLQ $0x38, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ORQ  R14, AX
-	XORQ R12, AX
-	MOVQ AX, 136(DI)
-	ORQ  R10, R11
-	XORQ R14, R11
-	MOVQ R11, 152(DI)
-	ANDQ R10, R14
-	XORQ R13, R14
-	MOVQ R14, 144(DI)
-	XORQ R11, R15
-
-	// Result s
-	MOVQ 16(SP), R10
-	MOVQ 64(SP), R11
-	MOVQ 112(SP), R12
-	XORQ DX, R10
-	MOVQ 120(SP), R13
-	ROLQ $0x3e, R10
-	XORQ R8, R11
-	MOVQ 168(SP), R14
-	ROLQ $0x37, R11
-	XORQ R9, R12
-	MOVQ R10, R9
-	XORQ CX, R14
-	ROLQ $0x02, R14
-	ANDQ R11, R9
-	XORQ R14, R9
-	MOVQ R9, 192(DI)
-	ROLQ $0x27, R12
-	XORQ R9, R15
-	NOTQ R11
-	XORQ BX, R13
-	MOVQ R11, BX
-	ANDQ R12, BX
-	XORQ R10, BX
-	MOVQ BX, 160(DI)
-	XORQ BX, SI
-	ROLQ $0x29, R13
-	MOVQ R12, CX
-	ORQ  R13, CX
-	XORQ R11, CX
-	MOVQ CX, 168(DI)
-	XORQ CX, BP
-	MOVQ R13, DX
-	MOVQ R14, R8
-	ANDQ R14, DX
-	ORQ  R10, R8
-	XORQ R12, DX
-	XORQ R13, R8
-	MOVQ DX, 176(DI)
-	MOVQ R8, 184(DI)
-
-	// Prepare round
-	MOVQ BP, BX
-	ROLQ $0x01, BX
-	MOVQ 16(DI), R12
-	XORQ 56(DI), DX
-	XORQ R15, BX
-	XORQ 96(DI), R12
-	XORQ 136(DI), DX
-	XORQ DX, R12
-	MOVQ R12, CX
-	ROLQ $0x01, CX
-	MOVQ 24(DI), R13
-	XORQ 64(DI), R8
-	XORQ SI, CX
-	XORQ 104(DI), R13
-	XORQ 144(DI), R8
-	XORQ R8, R13
-	MOVQ R13, DX
-	ROLQ $0x01, DX
-	MOVQ R15, R8
-	XORQ BP, DX
-	ROLQ $0x01, R8
-	MOVQ SI, R9
-	XORQ R12, R8
-	ROLQ $0x01, R9
-
-	// Result b
-	MOVQ (DI), R10
-	MOVQ 48(DI), R11
-	XORQ R13, R9
-	MOVQ 96(DI), R12
-	MOVQ 144(DI), R13
-	MOVQ 192(DI), R14
-	XORQ CX, R11
-	ROLQ $0x2c, R11
-	XORQ DX, R12
-	XORQ BX, R10
-	ROLQ $0x2b, R12
-	MOVQ R11, SI
-	MOVQ $0x8000000080008081, AX
-	ORQ  R12, SI
-	XORQ R10, AX
-	XORQ AX, SI
-	MOVQ SI, (SP)
-	XORQ R9, R14
-	ROLQ $0x0e, R14
-	MOVQ R10, R15
-	ANDQ R11, R15
-	XORQ R14, R15
-	MOVQ R15, 32(SP)
-	XORQ R8, R13
-	ROLQ $0x15, R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 16(SP)
-	NOTQ R12
-	ORQ  R10, R14
-	ORQ  R13, R12
-	XORQ R13, R14
-	XORQ R11, R12
-	MOVQ R14, 24(SP)
-	MOVQ R12, 8(SP)
-	MOVQ R12, BP
-
-	// Result g
-	MOVQ 72(DI), R11
-	XORQ R9, R11
-	MOVQ 80(DI), R12
-	ROLQ $0x14, R11
-	XORQ BX, R12
-	ROLQ $0x03, R12
-	MOVQ 24(DI), R10
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ R8, R10
-	MOVQ 128(DI), R13
-	MOVQ 176(DI), R14
-	ROLQ $0x1c, R10
-	XORQ R10, AX
-	MOVQ AX, 40(SP)
-	XORQ AX, SI
-	XORQ CX, R13
-	ROLQ $0x2d, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 48(SP)
-	XORQ AX, BP
-	XORQ DX, R14
-	ROLQ $0x3d, R14
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 64(SP)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 72(SP)
-	NOTQ R14
-	XORQ R10, R15
-	ORQ  R14, R13
-	XORQ R12, R13
-	MOVQ R13, 56(SP)
-
-	// Result k
-	MOVQ 8(DI), R10
-	MOVQ 56(DI), R11
-	MOVQ 104(DI), R12
-	MOVQ 152(DI), R13
-	MOVQ 160(DI), R14
-	XORQ DX, R11
-	ROLQ $0x06, R11
-	XORQ R8, R12
-	ROLQ $0x19, R12
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ CX, R10
-	ROLQ $0x01, R10
-	XORQ R10, AX
-	MOVQ AX, 80(SP)
-	XORQ AX, SI
-	XORQ R9, R13
-	ROLQ $0x08, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 88(SP)
-	XORQ AX, BP
-	XORQ BX, R14
-	ROLQ $0x12, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 96(SP)
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 104(SP)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 112(SP)
-	XORQ R10, R15
-
-	// Result m
-	MOVQ 40(DI), R11
-	XORQ BX, R11
-	MOVQ 88(DI), R12
-	ROLQ $0x24, R11
-	XORQ CX, R12
-	MOVQ 32(DI), R10
-	ROLQ $0x0a, R12
-	MOVQ R11, AX
-	MOVQ 136(DI), R13
-	ANDQ R12, AX
-	XORQ R9, R10
-	MOVQ 184(DI), R14
-	ROLQ $0x1b, R10
-	XORQ R10, AX
-	MOVQ AX, 120(SP)
-	XORQ AX, SI
-	XORQ DX, R13
-	ROLQ $0x0f, R13
-	MOVQ R12, AX
-	ORQ  R13, AX
-	XORQ R11, AX
-	MOVQ AX, 128(SP)
-	XORQ AX, BP
-	XORQ R8, R14
-	ROLQ $0x38, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ORQ  R14, AX
-	XORQ R12, AX
-	MOVQ AX, 136(SP)
-	ORQ  R10, R11
-	XORQ R14, R11
-	MOVQ R11, 152(SP)
-	ANDQ R10, R14
-	XORQ R13, R14
-	MOVQ R14, 144(SP)
-	XORQ R11, R15
-
-	// Result s
-	MOVQ 16(DI), R10
-	MOVQ 64(DI), R11
-	MOVQ 112(DI), R12
-	XORQ DX, R10
-	MOVQ 120(DI), R13
-	ROLQ $0x3e, R10
-	XORQ R8, R11
-	MOVQ 168(DI), R14
-	ROLQ $0x37, R11
-	XORQ R9, R12
-	MOVQ R10, R9
-	XORQ CX, R14
-	ROLQ $0x02, R14
-	ANDQ R11, R9
-	XORQ R14, R9
-	MOVQ R9, 192(SP)
-	ROLQ $0x27, R12
-	XORQ R9, R15
-	NOTQ R11
-	XORQ BX, R13
-	MOVQ R11, BX
-	ANDQ R12, BX
-	XORQ R10, BX
-	MOVQ BX, 160(SP)
-	XORQ BX, SI
-	ROLQ $0x29, R13
-	MOVQ R12, CX
-	ORQ  R13, CX
-	XORQ R11, CX
-	MOVQ CX, 168(SP)
-	XORQ CX, BP
-	MOVQ R13, DX
-	MOVQ R14, R8
-	ANDQ R14, DX
-	ORQ  R10, R8
-	XORQ R12, DX
-	XORQ R13, R8
-	MOVQ DX, 176(SP)
-	MOVQ R8, 184(SP)
-
-	// Prepare round
-	MOVQ BP, BX
-	ROLQ $0x01, BX
-	MOVQ 16(SP), R12
-	XORQ 56(SP), DX
-	XORQ R15, BX
-	XORQ 96(SP), R12
-	XORQ 136(SP), DX
-	XORQ DX, R12
-	MOVQ R12, CX
-	ROLQ $0x01, CX
-	MOVQ 24(SP), R13
-	XORQ 64(SP), R8
-	XORQ SI, CX
-	XORQ 104(SP), R13
-	XORQ 144(SP), R8
-	XORQ R8, R13
-	MOVQ R13, DX
-	ROLQ $0x01, DX
-	MOVQ R15, R8
-	XORQ BP, DX
-	ROLQ $0x01, R8
-	MOVQ SI, R9
-	XORQ R12, R8
-	ROLQ $0x01, R9
-
-	// Result b
-	MOVQ (SP), R10
-	MOVQ 48(SP), R11
-	XORQ R13, R9
-	MOVQ 96(SP), R12
-	MOVQ 144(SP), R13
-	MOVQ 192(SP), R14
-	XORQ CX, R11
-	ROLQ $0x2c, R11
-	XORQ DX, R12
-	XORQ BX, R10
-	ROLQ $0x2b, R12
-	MOVQ R11, SI
-	MOVQ $0x8000000000008009, AX
-	ORQ  R12, SI
-	XORQ R10, AX
-	XORQ AX, SI
-	MOVQ SI, (DI)
-	XORQ R9, R14
-	ROLQ $0x0e, R14
-	MOVQ R10, R15
-	ANDQ R11, R15
-	XORQ R14, R15
-	MOVQ R15, 32(DI)
-	XORQ R8, R13
-	ROLQ $0x15, R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 16(DI)
-	NOTQ R12
-	ORQ  R10, R14
-	ORQ  R13, R12
-	XORQ R13, R14
-	XORQ R11, R12
-	MOVQ R14, 24(DI)
-	MOVQ R12, 8(DI)
-	MOVQ R12, BP
-
-	// Result g
-	MOVQ 72(SP), R11
-	XORQ R9, R11
-	MOVQ 80(SP), R12
-	ROLQ $0x14, R11
-	XORQ BX, R12
-	ROLQ $0x03, R12
-	MOVQ 24(SP), R10
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ R8, R10
-	MOVQ 128(SP), R13
-	MOVQ 176(SP), R14
-	ROLQ $0x1c, R10
-	XORQ R10, AX
-	MOVQ AX, 40(DI)
-	XORQ AX, SI
-	XORQ CX, R13
-	ROLQ $0x2d, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 48(DI)
-	XORQ AX, BP
-	XORQ DX, R14
-	ROLQ $0x3d, R14
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 64(DI)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 72(DI)
-	NOTQ R14
-	XORQ R10, R15
-	ORQ  R14, R13
-	XORQ R12, R13
-	MOVQ R13, 56(DI)
-
-	// Result k
-	MOVQ 8(SP), R10
-	MOVQ 56(SP), R11
-	MOVQ 104(SP), R12
-	MOVQ 152(SP), R13
-	MOVQ 160(SP), R14
-	XORQ DX, R11
-	ROLQ $0x06, R11
-	XORQ R8, R12
-	ROLQ $0x19, R12
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ CX, R10
-	ROLQ $0x01, R10
-	XORQ R10, AX
-	MOVQ AX, 80(DI)
-	XORQ AX, SI
-	XORQ R9, R13
-	ROLQ $0x08, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 88(DI)
-	XORQ AX, BP
-	XORQ BX, R14
-	ROLQ $0x12, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 96(DI)
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 104(DI)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 112(DI)
-	XORQ R10, R15
-
-	// Result m
-	MOVQ 40(SP), R11
-	XORQ BX, R11
-	MOVQ 88(SP), R12
-	ROLQ $0x24, R11
-	XORQ CX, R12
-	MOVQ 32(SP), R10
-	ROLQ $0x0a, R12
-	MOVQ R11, AX
-	MOVQ 136(SP), R13
-	ANDQ R12, AX
-	XORQ R9, R10
-	MOVQ 184(SP), R14
-	ROLQ $0x1b, R10
-	XORQ R10, AX
-	MOVQ AX, 120(DI)
-	XORQ AX, SI
-	XORQ DX, R13
-	ROLQ $0x0f, R13
-	MOVQ R12, AX
-	ORQ  R13, AX
-	XORQ R11, AX
-	MOVQ AX, 128(DI)
-	XORQ AX, BP
-	XORQ R8, R14
-	ROLQ $0x38, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ORQ  R14, AX
-	XORQ R12, AX
-	MOVQ AX, 136(DI)
-	ORQ  R10, R11
-	XORQ R14, R11
-	MOVQ R11, 152(DI)
-	ANDQ R10, R14
-	XORQ R13, R14
-	MOVQ R14, 144(DI)
-	XORQ R11, R15
-
-	// Result s
-	MOVQ 16(SP), R10
-	MOVQ 64(SP), R11
-	MOVQ 112(SP), R12
-	XORQ DX, R10
-	MOVQ 120(SP), R13
-	ROLQ $0x3e, R10
-	XORQ R8, R11
-	MOVQ 168(SP), R14
-	ROLQ $0x37, R11
-	XORQ R9, R12
-	MOVQ R10, R9
-	XORQ CX, R14
-	ROLQ $0x02, R14
-	ANDQ R11, R9
-	XORQ R14, R9
-	MOVQ R9, 192(DI)
-	ROLQ $0x27, R12
-	XORQ R9, R15
-	NOTQ R11
-	XORQ BX, R13
-	MOVQ R11, BX
-	ANDQ R12, BX
-	XORQ R10, BX
-	MOVQ BX, 160(DI)
-	XORQ BX, SI
-	ROLQ $0x29, R13
-	MOVQ R12, CX
-	ORQ  R13, CX
-	XORQ R11, CX
-	MOVQ CX, 168(DI)
-	XORQ CX, BP
-	MOVQ R13, DX
-	MOVQ R14, R8
-	ANDQ R14, DX
-	ORQ  R10, R8
-	XORQ R12, DX
-	XORQ R13, R8
-	MOVQ DX, 176(DI)
-	MOVQ R8, 184(DI)
-
-	// Prepare round
-	MOVQ BP, BX
-	ROLQ $0x01, BX
-	MOVQ 16(DI), R12
-	XORQ 56(DI), DX
-	XORQ R15, BX
-	XORQ 96(DI), R12
-	XORQ 136(DI), DX
-	XORQ DX, R12
-	MOVQ R12, CX
-	ROLQ $0x01, CX
-	MOVQ 24(DI), R13
-	XORQ 64(DI), R8
-	XORQ SI, CX
-	XORQ 104(DI), R13
-	XORQ 144(DI), R8
-	XORQ R8, R13
-	MOVQ R13, DX
-	ROLQ $0x01, DX
-	MOVQ R15, R8
-	XORQ BP, DX
-	ROLQ $0x01, R8
-	MOVQ SI, R9
-	XORQ R12, R8
-	ROLQ $0x01, R9
-
-	// Result b
-	MOVQ (DI), R10
-	MOVQ 48(DI), R11
-	XORQ R13, R9
-	MOVQ 96(DI), R12
-	MOVQ 144(DI), R13
-	MOVQ 192(DI), R14
-	XORQ CX, R11
-	ROLQ $0x2c, R11
-	XORQ DX, R12
-	XORQ BX, R10
-	ROLQ $0x2b, R12
-	MOVQ R11, SI
-	MOVQ $0x000000000000008a, AX
-	ORQ  R12, SI
-	XORQ R10, AX
-	XORQ AX, SI
-	MOVQ SI, (SP)
-	XORQ R9, R14
-	ROLQ $0x0e, R14
-	MOVQ R10, R15
-	ANDQ R11, R15
-	XORQ R14, R15
-	MOVQ R15, 32(SP)
-	XORQ R8, R13
-	ROLQ $0x15, R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 16(SP)
-	NOTQ R12
-	ORQ  R10, R14
-	ORQ  R13, R12
-	XORQ R13, R14
-	XORQ R11, R12
-	MOVQ R14, 24(SP)
-	MOVQ R12, 8(SP)
-	MOVQ R12, BP
-
-	// Result g
-	MOVQ 72(DI), R11
-	XORQ R9, R11
-	MOVQ 80(DI), R12
-	ROLQ $0x14, R11
-	XORQ BX, R12
-	ROLQ $0x03, R12
-	MOVQ 24(DI), R10
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ R8, R10
-	MOVQ 128(DI), R13
-	MOVQ 176(DI), R14
-	ROLQ $0x1c, R10
-	XORQ R10, AX
-	MOVQ AX, 40(SP)
-	XORQ AX, SI
-	XORQ CX, R13
-	ROLQ $0x2d, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 48(SP)
-	XORQ AX, BP
-	XORQ DX, R14
-	ROLQ $0x3d, R14
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 64(SP)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 72(SP)
-	NOTQ R14
-	XORQ R10, R15
-	ORQ  R14, R13
-	XORQ R12, R13
-	MOVQ R13, 56(SP)
-
-	// Result k
-	MOVQ 8(DI), R10
-	MOVQ 56(DI), R11
-	MOVQ 104(DI), R12
-	MOVQ 152(DI), R13
-	MOVQ 160(DI), R14
-	XORQ DX, R11
-	ROLQ $0x06, R11
-	XORQ R8, R12
-	ROLQ $0x19, R12
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ CX, R10
-	ROLQ $0x01, R10
-	XORQ R10, AX
-	MOVQ AX, 80(SP)
-	XORQ AX, SI
-	XORQ R9, R13
-	ROLQ $0x08, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 88(SP)
-	XORQ AX, BP
-	XORQ BX, R14
-	ROLQ $0x12, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 96(SP)
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 104(SP)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 112(SP)
-	XORQ R10, R15
-
-	// Result m
-	MOVQ 40(DI), R11
-	XORQ BX, R11
-	MOVQ 88(DI), R12
-	ROLQ $0x24, R11
-	XORQ CX, R12
-	MOVQ 32(DI), R10
-	ROLQ $0x0a, R12
-	MOVQ R11, AX
-	MOVQ 136(DI), R13
-	ANDQ R12, AX
-	XORQ R9, R10
-	MOVQ 184(DI), R14
-	ROLQ $0x1b, R10
-	XORQ R10, AX
-	MOVQ AX, 120(SP)
-	XORQ AX, SI
-	XORQ DX, R13
-	ROLQ $0x0f, R13
-	MOVQ R12, AX
-	ORQ  R13, AX
-	XORQ R11, AX
-	MOVQ AX, 128(SP)
-	XORQ AX, BP
-	XORQ R8, R14
-	ROLQ $0x38, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ORQ  R14, AX
-	XORQ R12, AX
-	MOVQ AX, 136(SP)
-	ORQ  R10, R11
-	XORQ R14, R11
-	MOVQ R11, 152(SP)
-	ANDQ R10, R14
-	XORQ R13, R14
-	MOVQ R14, 144(SP)
-	XORQ R11, R15
-
-	// Result s
-	MOVQ 16(DI), R10
-	MOVQ 64(DI), R11
-	MOVQ 112(DI), R12
-	XORQ DX, R10
-	MOVQ 120(DI), R13
-	ROLQ $0x3e, R10
-	XORQ R8, R11
-	MOVQ 168(DI), R14
-	ROLQ $0x37, R11
-	XORQ R9, R12
-	MOVQ R10, R9
-	XORQ CX, R14
-	ROLQ $0x02, R14
-	ANDQ R11, R9
-	XORQ R14, R9
-	MOVQ R9, 192(SP)
-	ROLQ $0x27, R12
-	XORQ R9, R15
-	NOTQ R11
-	XORQ BX, R13
-	MOVQ R11, BX
-	ANDQ R12, BX
-	XORQ R10, BX
-	MOVQ BX, 160(SP)
-	XORQ BX, SI
-	ROLQ $0x29, R13
-	MOVQ R12, CX
-	ORQ  R13, CX
-	XORQ R11, CX
-	MOVQ CX, 168(SP)
-	XORQ CX, BP
-	MOVQ R13, DX
-	MOVQ R14, R8
-	ANDQ R14, DX
-	ORQ  R10, R8
-	XORQ R12, DX
-	XORQ R13, R8
-	MOVQ DX, 176(SP)
-	MOVQ R8, 184(SP)
-
-	// Prepare round
-	MOVQ BP, BX
-	ROLQ $0x01, BX
-	MOVQ 16(SP), R12
-	XORQ 56(SP), DX
-	XORQ R15, BX
-	XORQ 96(SP), R12
-	XORQ 136(SP), DX
-	XORQ DX, R12
-	MOVQ R12, CX
-	ROLQ $0x01, CX
-	MOVQ 24(SP), R13
-	XORQ 64(SP), R8
-	XORQ SI, CX
-	XORQ 104(SP), R13
-	XORQ 144(SP), R8
-	XORQ R8, R13
-	MOVQ R13, DX
-	ROLQ $0x01, DX
-	MOVQ R15, R8
-	XORQ BP, DX
-	ROLQ $0x01, R8
-	MOVQ SI, R9
-	XORQ R12, R8
-	ROLQ $0x01, R9
-
-	// Result b
-	MOVQ (SP), R10
-	MOVQ 48(SP), R11
-	XORQ R13, R9
-	MOVQ 96(SP), R12
-	MOVQ 144(SP), R13
-	MOVQ 192(SP), R14
-	XORQ CX, R11
-	ROLQ $0x2c, R11
-	XORQ DX, R12
-	XORQ BX, R10
-	ROLQ $0x2b, R12
-	MOVQ R11, SI
-	MOVQ $0x0000000000000088, AX
-	ORQ  R12, SI
-	XORQ R10, AX
-	XORQ AX, SI
-	MOVQ SI, (DI)
-	XORQ R9, R14
-	ROLQ $0x0e, R14
-	MOVQ R10, R15
-	ANDQ R11, R15
-	XORQ R14, R15
-	MOVQ R15, 32(DI)
-	XORQ R8, R13
-	ROLQ $0x15, R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 16(DI)
-	NOTQ R12
-	ORQ  R10, R14
-	ORQ  R13, R12
-	XORQ R13, R14
-	XORQ R11, R12
-	MOVQ R14, 24(DI)
-	MOVQ R12, 8(DI)
-	MOVQ R12, BP
-
-	// Result g
-	MOVQ 72(SP), R11
-	XORQ R9, R11
-	MOVQ 80(SP), R12
-	ROLQ $0x14, R11
-	XORQ BX, R12
-	ROLQ $0x03, R12
-	MOVQ 24(SP), R10
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ R8, R10
-	MOVQ 128(SP), R13
-	MOVQ 176(SP), R14
-	ROLQ $0x1c, R10
-	XORQ R10, AX
-	MOVQ AX, 40(DI)
-	XORQ AX, SI
-	XORQ CX, R13
-	ROLQ $0x2d, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 48(DI)
-	XORQ AX, BP
-	XORQ DX, R14
-	ROLQ $0x3d, R14
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 64(DI)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 72(DI)
-	NOTQ R14
-	XORQ R10, R15
-	ORQ  R14, R13
-	XORQ R12, R13
-	MOVQ R13, 56(DI)
-
-	// Result k
-	MOVQ 8(SP), R10
-	MOVQ 56(SP), R11
-	MOVQ 104(SP), R12
-	MOVQ 152(SP), R13
-	MOVQ 160(SP), R14
-	XORQ DX, R11
-	ROLQ $0x06, R11
-	XORQ R8, R12
-	ROLQ $0x19, R12
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ CX, R10
-	ROLQ $0x01, R10
-	XORQ R10, AX
-	MOVQ AX, 80(DI)
-	XORQ AX, SI
-	XORQ R9, R13
-	ROLQ $0x08, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 88(DI)
-	XORQ AX, BP
-	XORQ BX, R14
-	ROLQ $0x12, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 96(DI)
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 104(DI)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 112(DI)
-	XORQ R10, R15
-
-	// Result m
-	MOVQ 40(SP), R11
-	XORQ BX, R11
-	MOVQ 88(SP), R12
-	ROLQ $0x24, R11
-	XORQ CX, R12
-	MOVQ 32(SP), R10
-	ROLQ $0x0a, R12
-	MOVQ R11, AX
-	MOVQ 136(SP), R13
-	ANDQ R12, AX
-	XORQ R9, R10
-	MOVQ 184(SP), R14
-	ROLQ $0x1b, R10
-	XORQ R10, AX
-	MOVQ AX, 120(DI)
-	XORQ AX, SI
-	XORQ DX, R13
-	ROLQ $0x0f, R13
-	MOVQ R12, AX
-	ORQ  R13, AX
-	XORQ R11, AX
-	MOVQ AX, 128(DI)
-	XORQ AX, BP
-	XORQ R8, R14
-	ROLQ $0x38, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ORQ  R14, AX
-	XORQ R12, AX
-	MOVQ AX, 136(DI)
-	ORQ  R10, R11
-	XORQ R14, R11
-	MOVQ R11, 152(DI)
-	ANDQ R10, R14
-	XORQ R13, R14
-	MOVQ R14, 144(DI)
-	XORQ R11, R15
-
-	// Result s
-	MOVQ 16(SP), R10
-	MOVQ 64(SP), R11
-	MOVQ 112(SP), R12
-	XORQ DX, R10
-	MOVQ 120(SP), R13
-	ROLQ $0x3e, R10
-	XORQ R8, R11
-	MOVQ 168(SP), R14
-	ROLQ $0x37, R11
-	XORQ R9, R12
-	MOVQ R10, R9
-	XORQ CX, R14
-	ROLQ $0x02, R14
-	ANDQ R11, R9
-	XORQ R14, R9
-	MOVQ R9, 192(DI)
-	ROLQ $0x27, R12
-	XORQ R9, R15
-	NOTQ R11
-	XORQ BX, R13
-	MOVQ R11, BX
-	ANDQ R12, BX
-	XORQ R10, BX
-	MOVQ BX, 160(DI)
-	XORQ BX, SI
-	ROLQ $0x29, R13
-	MOVQ R12, CX
-	ORQ  R13, CX
-	XORQ R11, CX
-	MOVQ CX, 168(DI)
-	XORQ CX, BP
-	MOVQ R13, DX
-	MOVQ R14, R8
-	ANDQ R14, DX
-	ORQ  R10, R8
-	XORQ R12, DX
-	XORQ R13, R8
-	MOVQ DX, 176(DI)
-	MOVQ R8, 184(DI)
-
-	// Prepare round
-	MOVQ BP, BX
-	ROLQ $0x01, BX
-	MOVQ 16(DI), R12
-	XORQ 56(DI), DX
-	XORQ R15, BX
-	XORQ 96(DI), R12
-	XORQ 136(DI), DX
-	XORQ DX, R12
-	MOVQ R12, CX
-	ROLQ $0x01, CX
-	MOVQ 24(DI), R13
-	XORQ 64(DI), R8
-	XORQ SI, CX
-	XORQ 104(DI), R13
-	XORQ 144(DI), R8
-	XORQ R8, R13
-	MOVQ R13, DX
-	ROLQ $0x01, DX
-	MOVQ R15, R8
-	XORQ BP, DX
-	ROLQ $0x01, R8
-	MOVQ SI, R9
-	XORQ R12, R8
-	ROLQ $0x01, R9
-
-	// Result b
-	MOVQ (DI), R10
-	MOVQ 48(DI), R11
-	XORQ R13, R9
-	MOVQ 96(DI), R12
-	MOVQ 144(DI), R13
-	MOVQ 192(DI), R14
-	XORQ CX, R11
-	ROLQ $0x2c, R11
-	XORQ DX, R12
-	XORQ BX, R10
-	ROLQ $0x2b, R12
-	MOVQ R11, SI
-	MOVQ $0x0000000080008009, AX
-	ORQ  R12, SI
-	XORQ R10, AX
-	XORQ AX, SI
-	MOVQ SI, (SP)
-	XORQ R9, R14
-	ROLQ $0x0e, R14
-	MOVQ R10, R15
-	ANDQ R11, R15
-	XORQ R14, R15
-	MOVQ R15, 32(SP)
-	XORQ R8, R13
-	ROLQ $0x15, R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 16(SP)
-	NOTQ R12
-	ORQ  R10, R14
-	ORQ  R13, R12
-	XORQ R13, R14
-	XORQ R11, R12
-	MOVQ R14, 24(SP)
-	MOVQ R12, 8(SP)
-	MOVQ R12, BP
-
-	// Result g
-	MOVQ 72(DI), R11
-	XORQ R9, R11
-	MOVQ 80(DI), R12
-	ROLQ $0x14, R11
-	XORQ BX, R12
-	ROLQ $0x03, R12
-	MOVQ 24(DI), R10
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ R8, R10
-	MOVQ 128(DI), R13
-	MOVQ 176(DI), R14
-	ROLQ $0x1c, R10
-	XORQ R10, AX
-	MOVQ AX, 40(SP)
-	XORQ AX, SI
-	XORQ CX, R13
-	ROLQ $0x2d, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 48(SP)
-	XORQ AX, BP
-	XORQ DX, R14
-	ROLQ $0x3d, R14
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 64(SP)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 72(SP)
-	NOTQ R14
-	XORQ R10, R15
-	ORQ  R14, R13
-	XORQ R12, R13
-	MOVQ R13, 56(SP)
-
-	// Result k
-	MOVQ 8(DI), R10
-	MOVQ 56(DI), R11
-	MOVQ 104(DI), R12
-	MOVQ 152(DI), R13
-	MOVQ 160(DI), R14
-	XORQ DX, R11
-	ROLQ $0x06, R11
-	XORQ R8, R12
-	ROLQ $0x19, R12
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ CX, R10
-	ROLQ $0x01, R10
-	XORQ R10, AX
-	MOVQ AX, 80(SP)
-	XORQ AX, SI
-	XORQ R9, R13
-	ROLQ $0x08, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 88(SP)
-	XORQ AX, BP
-	XORQ BX, R14
-	ROLQ $0x12, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 96(SP)
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 104(SP)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 112(SP)
-	XORQ R10, R15
-
-	// Result m
-	MOVQ 40(DI), R11
-	XORQ BX, R11
-	MOVQ 88(DI), R12
-	ROLQ $0x24, R11
-	XORQ CX, R12
-	MOVQ 32(DI), R10
-	ROLQ $0x0a, R12
-	MOVQ R11, AX
-	MOVQ 136(DI), R13
-	ANDQ R12, AX
-	XORQ R9, R10
-	MOVQ 184(DI), R14
-	ROLQ $0x1b, R10
-	XORQ R10, AX
-	MOVQ AX, 120(SP)
-	XORQ AX, SI
-	XORQ DX, R13
-	ROLQ $0x0f, R13
-	MOVQ R12, AX
-	ORQ  R13, AX
-	XORQ R11, AX
-	MOVQ AX, 128(SP)
-	XORQ AX, BP
-	XORQ R8, R14
-	ROLQ $0x38, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ORQ  R14, AX
-	XORQ R12, AX
-	MOVQ AX, 136(SP)
-	ORQ  R10, R11
-	XORQ R14, R11
-	MOVQ R11, 152(SP)
-	ANDQ R10, R14
-	XORQ R13, R14
-	MOVQ R14, 144(SP)
-	XORQ R11, R15
-
-	// Result s
-	MOVQ 16(DI), R10
-	MOVQ 64(DI), R11
-	MOVQ 112(DI), R12
-	XORQ DX, R10
-	MOVQ 120(DI), R13
-	ROLQ $0x3e, R10
-	XORQ R8, R11
-	MOVQ 168(DI), R14
-	ROLQ $0x37, R11
-	XORQ R9, R12
-	MOVQ R10, R9
-	XORQ CX, R14
-	ROLQ $0x02, R14
-	ANDQ R11, R9
-	XORQ R14, R9
-	MOVQ R9, 192(SP)
-	ROLQ $0x27, R12
-	XORQ R9, R15
-	NOTQ R11
-	XORQ BX, R13
-	MOVQ R11, BX
-	ANDQ R12, BX
-	XORQ R10, BX
-	MOVQ BX, 160(SP)
-	XORQ BX, SI
-	ROLQ $0x29, R13
-	MOVQ R12, CX
-	ORQ  R13, CX
-	XORQ R11, CX
-	MOVQ CX, 168(SP)
-	XORQ CX, BP
-	MOVQ R13, DX
-	MOVQ R14, R8
-	ANDQ R14, DX
-	ORQ  R10, R8
-	XORQ R12, DX
-	XORQ R13, R8
-	MOVQ DX, 176(SP)
-	MOVQ R8, 184(SP)
-
-	// Prepare round
-	MOVQ BP, BX
-	ROLQ $0x01, BX
-	MOVQ 16(SP), R12
-	XORQ 56(SP), DX
-	XORQ R15, BX
-	XORQ 96(SP), R12
-	XORQ 136(SP), DX
-	XORQ DX, R12
-	MOVQ R12, CX
-	ROLQ $0x01, CX
-	MOVQ 24(SP), R13
-	XORQ 64(SP), R8
-	XORQ SI, CX
-	XORQ 104(SP), R13
-	XORQ 144(SP), R8
-	XORQ R8, R13
-	MOVQ R13, DX
-	ROLQ $0x01, DX
-	MOVQ R15, R8
-	XORQ BP, DX
-	ROLQ $0x01, R8
-	MOVQ SI, R9
-	XORQ R12, R8
-	ROLQ $0x01, R9
-
-	// Result b
-	MOVQ (SP), R10
-	MOVQ 48(SP), R11
-	XORQ R13, R9
-	MOVQ 96(SP), R12
-	MOVQ 144(SP), R13
-	MOVQ 192(SP), R14
-	XORQ CX, R11
-	ROLQ $0x2c, R11
-	XORQ DX, R12
-	XORQ BX, R10
-	ROLQ $0x2b, R12
-	MOVQ R11, SI
-	MOVQ $0x000000008000000a, AX
-	ORQ  R12, SI
-	XORQ R10, AX
-	XORQ AX, SI
-	MOVQ SI, (DI)
-	XORQ R9, R14
-	ROLQ $0x0e, R14
-	MOVQ R10, R15
-	ANDQ R11, R15
-	XORQ R14, R15
-	MOVQ R15, 32(DI)
-	XORQ R8, R13
-	ROLQ $0x15, R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 16(DI)
-	NOTQ R12
-	ORQ  R10, R14
-	ORQ  R13, R12
-	XORQ R13, R14
-	XORQ R11, R12
-	MOVQ R14, 24(DI)
-	MOVQ R12, 8(DI)
-	MOVQ R12, BP
-
-	// Result g
-	MOVQ 72(SP), R11
-	XORQ R9, R11
-	MOVQ 80(SP), R12
-	ROLQ $0x14, R11
-	XORQ BX, R12
-	ROLQ $0x03, R12
-	MOVQ 24(SP), R10
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ R8, R10
-	MOVQ 128(SP), R13
-	MOVQ 176(SP), R14
-	ROLQ $0x1c, R10
-	XORQ R10, AX
-	MOVQ AX, 40(DI)
-	XORQ AX, SI
-	XORQ CX, R13
-	ROLQ $0x2d, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 48(DI)
-	XORQ AX, BP
-	XORQ DX, R14
-	ROLQ $0x3d, R14
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 64(DI)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 72(DI)
-	NOTQ R14
-	XORQ R10, R15
-	ORQ  R14, R13
-	XORQ R12, R13
-	MOVQ R13, 56(DI)
-
-	// Result k
-	MOVQ 8(SP), R10
-	MOVQ 56(SP), R11
-	MOVQ 104(SP), R12
-	MOVQ 152(SP), R13
-	MOVQ 160(SP), R14
-	XORQ DX, R11
-	ROLQ $0x06, R11
-	XORQ R8, R12
-	ROLQ $0x19, R12
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ CX, R10
-	ROLQ $0x01, R10
-	XORQ R10, AX
-	MOVQ AX, 80(DI)
-	XORQ AX, SI
-	XORQ R9, R13
-	ROLQ $0x08, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 88(DI)
-	XORQ AX, BP
-	XORQ BX, R14
-	ROLQ $0x12, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 96(DI)
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 104(DI)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 112(DI)
-	XORQ R10, R15
-
-	// Result m
-	MOVQ 40(SP), R11
-	XORQ BX, R11
-	MOVQ 88(SP), R12
-	ROLQ $0x24, R11
-	XORQ CX, R12
-	MOVQ 32(SP), R10
-	ROLQ $0x0a, R12
-	MOVQ R11, AX
-	MOVQ 136(SP), R13
-	ANDQ R12, AX
-	XORQ R9, R10
-	MOVQ 184(SP), R14
-	ROLQ $0x1b, R10
-	XORQ R10, AX
-	MOVQ AX, 120(DI)
-	XORQ AX, SI
-	XORQ DX, R13
-	ROLQ $0x0f, R13
-	MOVQ R12, AX
-	ORQ  R13, AX
-	XORQ R11, AX
-	MOVQ AX, 128(DI)
-	XORQ AX, BP
-	XORQ R8, R14
-	ROLQ $0x38, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ORQ  R14, AX
-	XORQ R12, AX
-	MOVQ AX, 136(DI)
-	ORQ  R10, R11
-	XORQ R14, R11
-	MOVQ R11, 152(DI)
-	ANDQ R10, R14
-	XORQ R13, R14
-	MOVQ R14, 144(DI)
-	XORQ R11, R15
-
-	// Result s
-	MOVQ 16(SP), R10
-	MOVQ 64(SP), R11
-	MOVQ 112(SP), R12
-	XORQ DX, R10
-	MOVQ 120(SP), R13
-	ROLQ $0x3e, R10
-	XORQ R8, R11
-	MOVQ 168(SP), R14
-	ROLQ $0x37, R11
-	XORQ R9, R12
-	MOVQ R10, R9
-	XORQ CX, R14
-	ROLQ $0x02, R14
-	ANDQ R11, R9
-	XORQ R14, R9
-	MOVQ R9, 192(DI)
-	ROLQ $0x27, R12
-	XORQ R9, R15
-	NOTQ R11
-	XORQ BX, R13
-	MOVQ R11, BX
-	ANDQ R12, BX
-	XORQ R10, BX
-	MOVQ BX, 160(DI)
-	XORQ BX, SI
-	ROLQ $0x29, R13
-	MOVQ R12, CX
-	ORQ  R13, CX
-	XORQ R11, CX
-	MOVQ CX, 168(DI)
-	XORQ CX, BP
-	MOVQ R13, DX
-	MOVQ R14, R8
-	ANDQ R14, DX
-	ORQ  R10, R8
-	XORQ R12, DX
-	XORQ R13, R8
-	MOVQ DX, 176(DI)
-	MOVQ R8, 184(DI)
-
-	// Prepare round
-	MOVQ BP, BX
-	ROLQ $0x01, BX
-	MOVQ 16(DI), R12
-	XORQ 56(DI), DX
-	XORQ R15, BX
-	XORQ 96(DI), R12
-	XORQ 136(DI), DX
-	XORQ DX, R12
-	MOVQ R12, CX
-	ROLQ $0x01, CX
-	MOVQ 24(DI), R13
-	XORQ 64(DI), R8
-	XORQ SI, CX
-	XORQ 104(DI), R13
-	XORQ 144(DI), R8
-	XORQ R8, R13
-	MOVQ R13, DX
-	ROLQ $0x01, DX
-	MOVQ R15, R8
-	XORQ BP, DX
-	ROLQ $0x01, R8
-	MOVQ SI, R9
-	XORQ R12, R8
-	ROLQ $0x01, R9
-
-	// Result b
-	MOVQ (DI), R10
-	MOVQ 48(DI), R11
-	XORQ R13, R9
-	MOVQ 96(DI), R12
-	MOVQ 144(DI), R13
-	MOVQ 192(DI), R14
-	XORQ CX, R11
-	ROLQ $0x2c, R11
-	XORQ DX, R12
-	XORQ BX, R10
-	ROLQ $0x2b, R12
-	MOVQ R11, SI
-	MOVQ $0x000000008000808b, AX
-	ORQ  R12, SI
-	XORQ R10, AX
-	XORQ AX, SI
-	MOVQ SI, (SP)
-	XORQ R9, R14
-	ROLQ $0x0e, R14
-	MOVQ R10, R15
-	ANDQ R11, R15
-	XORQ R14, R15
-	MOVQ R15, 32(SP)
-	XORQ R8, R13
-	ROLQ $0x15, R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 16(SP)
-	NOTQ R12
-	ORQ  R10, R14
-	ORQ  R13, R12
-	XORQ R13, R14
-	XORQ R11, R12
-	MOVQ R14, 24(SP)
-	MOVQ R12, 8(SP)
-	MOVQ R12, BP
-
-	// Result g
-	MOVQ 72(DI), R11
-	XORQ R9, R11
-	MOVQ 80(DI), R12
-	ROLQ $0x14, R11
-	XORQ BX, R12
-	ROLQ $0x03, R12
-	MOVQ 24(DI), R10
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ R8, R10
-	MOVQ 128(DI), R13
-	MOVQ 176(DI), R14
-	ROLQ $0x1c, R10
-	XORQ R10, AX
-	MOVQ AX, 40(SP)
-	XORQ AX, SI
-	XORQ CX, R13
-	ROLQ $0x2d, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 48(SP)
-	XORQ AX, BP
-	XORQ DX, R14
-	ROLQ $0x3d, R14
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 64(SP)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 72(SP)
-	NOTQ R14
-	XORQ R10, R15
-	ORQ  R14, R13
-	XORQ R12, R13
-	MOVQ R13, 56(SP)
-
-	// Result k
-	MOVQ 8(DI), R10
-	MOVQ 56(DI), R11
-	MOVQ 104(DI), R12
-	MOVQ 152(DI), R13
-	MOVQ 160(DI), R14
-	XORQ DX, R11
-	ROLQ $0x06, R11
-	XORQ R8, R12
-	ROLQ $0x19, R12
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ CX, R10
-	ROLQ $0x01, R10
-	XORQ R10, AX
-	MOVQ AX, 80(SP)
-	XORQ AX, SI
-	XORQ R9, R13
-	ROLQ $0x08, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 88(SP)
-	XORQ AX, BP
-	XORQ BX, R14
-	ROLQ $0x12, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 96(SP)
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 104(SP)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 112(SP)
-	XORQ R10, R15
-
-	// Result m
-	MOVQ 40(DI), R11
-	XORQ BX, R11
-	MOVQ 88(DI), R12
-	ROLQ $0x24, R11
-	XORQ CX, R12
-	MOVQ 32(DI), R10
-	ROLQ $0x0a, R12
-	MOVQ R11, AX
-	MOVQ 136(DI), R13
-	ANDQ R12, AX
-	XORQ R9, R10
-	MOVQ 184(DI), R14
-	ROLQ $0x1b, R10
-	XORQ R10, AX
-	MOVQ AX, 120(SP)
-	XORQ AX, SI
-	XORQ DX, R13
-	ROLQ $0x0f, R13
-	MOVQ R12, AX
-	ORQ  R13, AX
-	XORQ R11, AX
-	MOVQ AX, 128(SP)
-	XORQ AX, BP
-	XORQ R8, R14
-	ROLQ $0x38, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ORQ  R14, AX
-	XORQ R12, AX
-	MOVQ AX, 136(SP)
-	ORQ  R10, R11
-	XORQ R14, R11
-	MOVQ R11, 152(SP)
-	ANDQ R10, R14
-	XORQ R13, R14
-	MOVQ R14, 144(SP)
-	XORQ R11, R15
-
-	// Result s
-	MOVQ 16(DI), R10
-	MOVQ 64(DI), R11
-	MOVQ 112(DI), R12
-	XORQ DX, R10
-	MOVQ 120(DI), R13
-	ROLQ $0x3e, R10
-	XORQ R8, R11
-	MOVQ 168(DI), R14
-	ROLQ $0x37, R11
-	XORQ R9, R12
-	MOVQ R10, R9
-	XORQ CX, R14
-	ROLQ $0x02, R14
-	ANDQ R11, R9
-	XORQ R14, R9
-	MOVQ R9, 192(SP)
-	ROLQ $0x27, R12
-	XORQ R9, R15
-	NOTQ R11
-	XORQ BX, R13
-	MOVQ R11, BX
-	ANDQ R12, BX
-	XORQ R10, BX
-	MOVQ BX, 160(SP)
-	XORQ BX, SI
-	ROLQ $0x29, R13
-	MOVQ R12, CX
-	ORQ  R13, CX
-	XORQ R11, CX
-	MOVQ CX, 168(SP)
-	XORQ CX, BP
-	MOVQ R13, DX
-	MOVQ R14, R8
-	ANDQ R14, DX
-	ORQ  R10, R8
-	XORQ R12, DX
-	XORQ R13, R8
-	MOVQ DX, 176(SP)
-	MOVQ R8, 184(SP)
-
-	// Prepare round
-	MOVQ BP, BX
-	ROLQ $0x01, BX
-	MOVQ 16(SP), R12
-	XORQ 56(SP), DX
-	XORQ R15, BX
-	XORQ 96(SP), R12
-	XORQ 136(SP), DX
-	XORQ DX, R12
-	MOVQ R12, CX
-	ROLQ $0x01, CX
-	MOVQ 24(SP), R13
-	XORQ 64(SP), R8
-	XORQ SI, CX
-	XORQ 104(SP), R13
-	XORQ 144(SP), R8
-	XORQ R8, R13
-	MOVQ R13, DX
-	ROLQ $0x01, DX
-	MOVQ R15, R8
-	XORQ BP, DX
-	ROLQ $0x01, R8
-	MOVQ SI, R9
-	XORQ R12, R8
-	ROLQ $0x01, R9
-
-	// Result b
-	MOVQ (SP), R10
-	MOVQ 48(SP), R11
-	XORQ R13, R9
-	MOVQ 96(SP), R12
-	MOVQ 144(SP), R13
-	MOVQ 192(SP), R14
-	XORQ CX, R11
-	ROLQ $0x2c, R11
-	XORQ DX, R12
-	XORQ BX, R10
-	ROLQ $0x2b, R12
-	MOVQ R11, SI
-	MOVQ $0x800000000000008b, AX
-	ORQ  R12, SI
-	XORQ R10, AX
-	XORQ AX, SI
-	MOVQ SI, (DI)
-	XORQ R9, R14
-	ROLQ $0x0e, R14
-	MOVQ R10, R15
-	ANDQ R11, R15
-	XORQ R14, R15
-	MOVQ R15, 32(DI)
-	XORQ R8, R13
-	ROLQ $0x15, R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 16(DI)
-	NOTQ R12
-	ORQ  R10, R14
-	ORQ  R13, R12
-	XORQ R13, R14
-	XORQ R11, R12
-	MOVQ R14, 24(DI)
-	MOVQ R12, 8(DI)
-	MOVQ R12, BP
-
-	// Result g
-	MOVQ 72(SP), R11
-	XORQ R9, R11
-	MOVQ 80(SP), R12
-	ROLQ $0x14, R11
-	XORQ BX, R12
-	ROLQ $0x03, R12
-	MOVQ 24(SP), R10
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ R8, R10
-	MOVQ 128(SP), R13
-	MOVQ 176(SP), R14
-	ROLQ $0x1c, R10
-	XORQ R10, AX
-	MOVQ AX, 40(DI)
-	XORQ AX, SI
-	XORQ CX, R13
-	ROLQ $0x2d, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 48(DI)
-	XORQ AX, BP
-	XORQ DX, R14
-	ROLQ $0x3d, R14
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 64(DI)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 72(DI)
-	NOTQ R14
-	XORQ R10, R15
-	ORQ  R14, R13
-	XORQ R12, R13
-	MOVQ R13, 56(DI)
-
-	// Result k
-	MOVQ 8(SP), R10
-	MOVQ 56(SP), R11
-	MOVQ 104(SP), R12
-	MOVQ 152(SP), R13
-	MOVQ 160(SP), R14
-	XORQ DX, R11
-	ROLQ $0x06, R11
-	XORQ R8, R12
-	ROLQ $0x19, R12
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ CX, R10
-	ROLQ $0x01, R10
-	XORQ R10, AX
-	MOVQ AX, 80(DI)
-	XORQ AX, SI
-	XORQ R9, R13
-	ROLQ $0x08, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 88(DI)
-	XORQ AX, BP
-	XORQ BX, R14
-	ROLQ $0x12, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 96(DI)
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 104(DI)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 112(DI)
-	XORQ R10, R15
-
-	// Result m
-	MOVQ 40(SP), R11
-	XORQ BX, R11
-	MOVQ 88(SP), R12
-	ROLQ $0x24, R11
-	XORQ CX, R12
-	MOVQ 32(SP), R10
-	ROLQ $0x0a, R12
-	MOVQ R11, AX
-	MOVQ 136(SP), R13
-	ANDQ R12, AX
-	XORQ R9, R10
-	MOVQ 184(SP), R14
-	ROLQ $0x1b, R10
-	XORQ R10, AX
-	MOVQ AX, 120(DI)
-	XORQ AX, SI
-	XORQ DX, R13
-	ROLQ $0x0f, R13
-	MOVQ R12, AX
-	ORQ  R13, AX
-	XORQ R11, AX
-	MOVQ AX, 128(DI)
-	XORQ AX, BP
-	XORQ R8, R14
-	ROLQ $0x38, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ORQ  R14, AX
-	XORQ R12, AX
-	MOVQ AX, 136(DI)
-	ORQ  R10, R11
-	XORQ R14, R11
-	MOVQ R11, 152(DI)
-	ANDQ R10, R14
-	XORQ R13, R14
-	MOVQ R14, 144(DI)
-	XORQ R11, R15
-
-	// Result s
-	MOVQ 16(SP), R10
-	MOVQ 64(SP), R11
-	MOVQ 112(SP), R12
-	XORQ DX, R10
-	MOVQ 120(SP), R13
-	ROLQ $0x3e, R10
-	XORQ R8, R11
-	MOVQ 168(SP), R14
-	ROLQ $0x37, R11
-	XORQ R9, R12
-	MOVQ R10, R9
-	XORQ CX, R14
-	ROLQ $0x02, R14
-	ANDQ R11, R9
-	XORQ R14, R9
-	MOVQ R9, 192(DI)
-	ROLQ $0x27, R12
-	XORQ R9, R15
-	NOTQ R11
-	XORQ BX, R13
-	MOVQ R11, BX
-	ANDQ R12, BX
-	XORQ R10, BX
-	MOVQ BX, 160(DI)
-	XORQ BX, SI
-	ROLQ $0x29, R13
-	MOVQ R12, CX
-	ORQ  R13, CX
-	XORQ R11, CX
-	MOVQ CX, 168(DI)
-	XORQ CX, BP
-	MOVQ R13, DX
-	MOVQ R14, R8
-	ANDQ R14, DX
-	ORQ  R10, R8
-	XORQ R12, DX
-	XORQ R13, R8
-	MOVQ DX, 176(DI)
-	MOVQ R8, 184(DI)
-
-	// Prepare round
-	MOVQ BP, BX
-	ROLQ $0x01, BX
-	MOVQ 16(DI), R12
-	XORQ 56(DI), DX
-	XORQ R15, BX
-	XORQ 96(DI), R12
-	XORQ 136(DI), DX
-	XORQ DX, R12
-	MOVQ R12, CX
-	ROLQ $0x01, CX
-	MOVQ 24(DI), R13
-	XORQ 64(DI), R8
-	XORQ SI, CX
-	XORQ 104(DI), R13
-	XORQ 144(DI), R8
-	XORQ R8, R13
-	MOVQ R13, DX
-	ROLQ $0x01, DX
-	MOVQ R15, R8
-	XORQ BP, DX
-	ROLQ $0x01, R8
-	MOVQ SI, R9
-	XORQ R12, R8
-	ROLQ $0x01, R9
-
-	// Result b
-	MOVQ (DI), R10
-	MOVQ 48(DI), R11
-	XORQ R13, R9
-	MOVQ 96(DI), R12
-	MOVQ 144(DI), R13
-	MOVQ 192(DI), R14
-	XORQ CX, R11
-	ROLQ $0x2c, R11
-	XORQ DX, R12
-	XORQ BX, R10
-	ROLQ $0x2b, R12
-	MOVQ R11, SI
-	MOVQ $0x8000000000008089, AX
-	ORQ  R12, SI
-	XORQ R10, AX
-	XORQ AX, SI
-	MOVQ SI, (SP)
-	XORQ R9, R14
-	ROLQ $0x0e, R14
-	MOVQ R10, R15
-	ANDQ R11, R15
-	XORQ R14, R15
-	MOVQ R15, 32(SP)
-	XORQ R8, R13
-	ROLQ $0x15, R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 16(SP)
-	NOTQ R12
-	ORQ  R10, R14
-	ORQ  R13, R12
-	XORQ R13, R14
-	XORQ R11, R12
-	MOVQ R14, 24(SP)
-	MOVQ R12, 8(SP)
-	MOVQ R12, BP
-
-	// Result g
-	MOVQ 72(DI), R11
-	XORQ R9, R11
-	MOVQ 80(DI), R12
-	ROLQ $0x14, R11
-	XORQ BX, R12
-	ROLQ $0x03, R12
-	MOVQ 24(DI), R10
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ R8, R10
-	MOVQ 128(DI), R13
-	MOVQ 176(DI), R14
-	ROLQ $0x1c, R10
-	XORQ R10, AX
-	MOVQ AX, 40(SP)
-	XORQ AX, SI
-	XORQ CX, R13
-	ROLQ $0x2d, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 48(SP)
-	XORQ AX, BP
-	XORQ DX, R14
-	ROLQ $0x3d, R14
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 64(SP)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 72(SP)
-	NOTQ R14
-	XORQ R10, R15
-	ORQ  R14, R13
-	XORQ R12, R13
-	MOVQ R13, 56(SP)
-
-	// Result k
-	MOVQ 8(DI), R10
-	MOVQ 56(DI), R11
-	MOVQ 104(DI), R12
-	MOVQ 152(DI), R13
-	MOVQ 160(DI), R14
-	XORQ DX, R11
-	ROLQ $0x06, R11
-	XORQ R8, R12
-	ROLQ $0x19, R12
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ CX, R10
-	ROLQ $0x01, R10
-	XORQ R10, AX
-	MOVQ AX, 80(SP)
-	XORQ AX, SI
-	XORQ R9, R13
-	ROLQ $0x08, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 88(SP)
-	XORQ AX, BP
-	XORQ BX, R14
-	ROLQ $0x12, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 96(SP)
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 104(SP)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 112(SP)
-	XORQ R10, R15
-
-	// Result m
-	MOVQ 40(DI), R11
-	XORQ BX, R11
-	MOVQ 88(DI), R12
-	ROLQ $0x24, R11
-	XORQ CX, R12
-	MOVQ 32(DI), R10
-	ROLQ $0x0a, R12
-	MOVQ R11, AX
-	MOVQ 136(DI), R13
-	ANDQ R12, AX
-	XORQ R9, R10
-	MOVQ 184(DI), R14
-	ROLQ $0x1b, R10
-	XORQ R10, AX
-	MOVQ AX, 120(SP)
-	XORQ AX, SI
-	XORQ DX, R13
-	ROLQ $0x0f, R13
-	MOVQ R12, AX
-	ORQ  R13, AX
-	XORQ R11, AX
-	MOVQ AX, 128(SP)
-	XORQ AX, BP
-	XORQ R8, R14
-	ROLQ $0x38, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ORQ  R14, AX
-	XORQ R12, AX
-	MOVQ AX, 136(SP)
-	ORQ  R10, R11
-	XORQ R14, R11
-	MOVQ R11, 152(SP)
-	ANDQ R10, R14
-	XORQ R13, R14
-	MOVQ R14, 144(SP)
-	XORQ R11, R15
-
-	// Result s
-	MOVQ 16(DI), R10
-	MOVQ 64(DI), R11
-	MOVQ 112(DI), R12
-	XORQ DX, R10
-	MOVQ 120(DI), R13
-	ROLQ $0x3e, R10
-	XORQ R8, R11
-	MOVQ 168(DI), R14
-	ROLQ $0x37, R11
-	XORQ R9, R12
-	MOVQ R10, R9
-	XORQ CX, R14
-	ROLQ $0x02, R14
-	ANDQ R11, R9
-	XORQ R14, R9
-	MOVQ R9, 192(SP)
-	ROLQ $0x27, R12
-	XORQ R9, R15
-	NOTQ R11
-	XORQ BX, R13
-	MOVQ R11, BX
-	ANDQ R12, BX
-	XORQ R10, BX
-	MOVQ BX, 160(SP)
-	XORQ BX, SI
-	ROLQ $0x29, R13
-	MOVQ R12, CX
-	ORQ  R13, CX
-	XORQ R11, CX
-	MOVQ CX, 168(SP)
-	XORQ CX, BP
-	MOVQ R13, DX
-	MOVQ R14, R8
-	ANDQ R14, DX
-	ORQ  R10, R8
-	XORQ R12, DX
-	XORQ R13, R8
-	MOVQ DX, 176(SP)
-	MOVQ R8, 184(SP)
-
-	// Prepare round
-	MOVQ BP, BX
-	ROLQ $0x01, BX
-	MOVQ 16(SP), R12
-	XORQ 56(SP), DX
-	XORQ R15, BX
-	XORQ 96(SP), R12
-	XORQ 136(SP), DX
-	XORQ DX, R12
-	MOVQ R12, CX
-	ROLQ $0x01, CX
-	MOVQ 24(SP), R13
-	XORQ 64(SP), R8
-	XORQ SI, CX
-	XORQ 104(SP), R13
-	XORQ 144(SP), R8
-	XORQ R8, R13
-	MOVQ R13, DX
-	ROLQ $0x01, DX
-	MOVQ R15, R8
-	XORQ BP, DX
-	ROLQ $0x01, R8
-	MOVQ SI, R9
-	XORQ R12, R8
-	ROLQ $0x01, R9
-
-	// Result b
-	MOVQ (SP), R10
-	MOVQ 48(SP), R11
-	XORQ R13, R9
-	MOVQ 96(SP), R12
-	MOVQ 144(SP), R13
-	MOVQ 192(SP), R14
-	XORQ CX, R11
-	ROLQ $0x2c, R11
-	XORQ DX, R12
-	XORQ BX, R10
-	ROLQ $0x2b, R12
-	MOVQ R11, SI
-	MOVQ $0x8000000000008003, AX
-	ORQ  R12, SI
-	XORQ R10, AX
-	XORQ AX, SI
-	MOVQ SI, (DI)
-	XORQ R9, R14
-	ROLQ $0x0e, R14
-	MOVQ R10, R15
-	ANDQ R11, R15
-	XORQ R14, R15
-	MOVQ R15, 32(DI)
-	XORQ R8, R13
-	ROLQ $0x15, R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 16(DI)
-	NOTQ R12
-	ORQ  R10, R14
-	ORQ  R13, R12
-	XORQ R13, R14
-	XORQ R11, R12
-	MOVQ R14, 24(DI)
-	MOVQ R12, 8(DI)
-	MOVQ R12, BP
-
-	// Result g
-	MOVQ 72(SP), R11
-	XORQ R9, R11
-	MOVQ 80(SP), R12
-	ROLQ $0x14, R11
-	XORQ BX, R12
-	ROLQ $0x03, R12
-	MOVQ 24(SP), R10
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ R8, R10
-	MOVQ 128(SP), R13
-	MOVQ 176(SP), R14
-	ROLQ $0x1c, R10
-	XORQ R10, AX
-	MOVQ AX, 40(DI)
-	XORQ AX, SI
-	XORQ CX, R13
-	ROLQ $0x2d, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 48(DI)
-	XORQ AX, BP
-	XORQ DX, R14
-	ROLQ $0x3d, R14
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 64(DI)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 72(DI)
-	NOTQ R14
-	XORQ R10, R15
-	ORQ  R14, R13
-	XORQ R12, R13
-	MOVQ R13, 56(DI)
-
-	// Result k
-	MOVQ 8(SP), R10
-	MOVQ 56(SP), R11
-	MOVQ 104(SP), R12
-	MOVQ 152(SP), R13
-	MOVQ 160(SP), R14
-	XORQ DX, R11
-	ROLQ $0x06, R11
-	XORQ R8, R12
-	ROLQ $0x19, R12
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ CX, R10
-	ROLQ $0x01, R10
-	XORQ R10, AX
-	MOVQ AX, 80(DI)
-	XORQ AX, SI
-	XORQ R9, R13
-	ROLQ $0x08, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 88(DI)
-	XORQ AX, BP
-	XORQ BX, R14
-	ROLQ $0x12, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 96(DI)
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 104(DI)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 112(DI)
-	XORQ R10, R15
-
-	// Result m
-	MOVQ 40(SP), R11
-	XORQ BX, R11
-	MOVQ 88(SP), R12
-	ROLQ $0x24, R11
-	XORQ CX, R12
-	MOVQ 32(SP), R10
-	ROLQ $0x0a, R12
-	MOVQ R11, AX
-	MOVQ 136(SP), R13
-	ANDQ R12, AX
-	XORQ R9, R10
-	MOVQ 184(SP), R14
-	ROLQ $0x1b, R10
-	XORQ R10, AX
-	MOVQ AX, 120(DI)
-	XORQ AX, SI
-	XORQ DX, R13
-	ROLQ $0x0f, R13
-	MOVQ R12, AX
-	ORQ  R13, AX
-	XORQ R11, AX
-	MOVQ AX, 128(DI)
-	XORQ AX, BP
-	XORQ R8, R14
-	ROLQ $0x38, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ORQ  R14, AX
-	XORQ R12, AX
-	MOVQ AX, 136(DI)
-	ORQ  R10, R11
-	XORQ R14, R11
-	MOVQ R11, 152(DI)
-	ANDQ R10, R14
-	XORQ R13, R14
-	MOVQ R14, 144(DI)
-	XORQ R11, R15
-
-	// Result s
-	MOVQ 16(SP), R10
-	MOVQ 64(SP), R11
-	MOVQ 112(SP), R12
-	XORQ DX, R10
-	MOVQ 120(SP), R13
-	ROLQ $0x3e, R10
-	XORQ R8, R11
-	MOVQ 168(SP), R14
-	ROLQ $0x37, R11
-	XORQ R9, R12
-	MOVQ R10, R9
-	XORQ CX, R14
-	ROLQ $0x02, R14
-	ANDQ R11, R9
-	XORQ R14, R9
-	MOVQ R9, 192(DI)
-	ROLQ $0x27, R12
-	XORQ R9, R15
-	NOTQ R11
-	XORQ BX, R13
-	MOVQ R11, BX
-	ANDQ R12, BX
-	XORQ R10, BX
-	MOVQ BX, 160(DI)
-	XORQ BX, SI
-	ROLQ $0x29, R13
-	MOVQ R12, CX
-	ORQ  R13, CX
-	XORQ R11, CX
-	MOVQ CX, 168(DI)
-	XORQ CX, BP
-	MOVQ R13, DX
-	MOVQ R14, R8
-	ANDQ R14, DX
-	ORQ  R10, R8
-	XORQ R12, DX
-	XORQ R13, R8
-	MOVQ DX, 176(DI)
-	MOVQ R8, 184(DI)
-
-	// Prepare round
-	MOVQ BP, BX
-	ROLQ $0x01, BX
-	MOVQ 16(DI), R12
-	XORQ 56(DI), DX
-	XORQ R15, BX
-	XORQ 96(DI), R12
-	XORQ 136(DI), DX
-	XORQ DX, R12
-	MOVQ R12, CX
-	ROLQ $0x01, CX
-	MOVQ 24(DI), R13
-	XORQ 64(DI), R8
-	XORQ SI, CX
-	XORQ 104(DI), R13
-	XORQ 144(DI), R8
-	XORQ R8, R13
-	MOVQ R13, DX
-	ROLQ $0x01, DX
-	MOVQ R15, R8
-	XORQ BP, DX
-	ROLQ $0x01, R8
-	MOVQ SI, R9
-	XORQ R12, R8
-	ROLQ $0x01, R9
-
-	// Result b
-	MOVQ (DI), R10
-	MOVQ 48(DI), R11
-	XORQ R13, R9
-	MOVQ 96(DI), R12
-	MOVQ 144(DI), R13
-	MOVQ 192(DI), R14
-	XORQ CX, R11
-	ROLQ $0x2c, R11
-	XORQ DX, R12
-	XORQ BX, R10
-	ROLQ $0x2b, R12
-	MOVQ R11, SI
-	MOVQ $0x8000000000008002, AX
-	ORQ  R12, SI
-	XORQ R10, AX
-	XORQ AX, SI
-	MOVQ SI, (SP)
-	XORQ R9, R14
-	ROLQ $0x0e, R14
-	MOVQ R10, R15
-	ANDQ R11, R15
-	XORQ R14, R15
-	MOVQ R15, 32(SP)
-	XORQ R8, R13
-	ROLQ $0x15, R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 16(SP)
-	NOTQ R12
-	ORQ  R10, R14
-	ORQ  R13, R12
-	XORQ R13, R14
-	XORQ R11, R12
-	MOVQ R14, 24(SP)
-	MOVQ R12, 8(SP)
-	MOVQ R12, BP
-
-	// Result g
-	MOVQ 72(DI), R11
-	XORQ R9, R11
-	MOVQ 80(DI), R12
-	ROLQ $0x14, R11
-	XORQ BX, R12
-	ROLQ $0x03, R12
-	MOVQ 24(DI), R10
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ R8, R10
-	MOVQ 128(DI), R13
-	MOVQ 176(DI), R14
-	ROLQ $0x1c, R10
-	XORQ R10, AX
-	MOVQ AX, 40(SP)
-	XORQ AX, SI
-	XORQ CX, R13
-	ROLQ $0x2d, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 48(SP)
-	XORQ AX, BP
-	XORQ DX, R14
-	ROLQ $0x3d, R14
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 64(SP)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 72(SP)
-	NOTQ R14
-	XORQ R10, R15
-	ORQ  R14, R13
-	XORQ R12, R13
-	MOVQ R13, 56(SP)
-
-	// Result k
-	MOVQ 8(DI), R10
-	MOVQ 56(DI), R11
-	MOVQ 104(DI), R12
-	MOVQ 152(DI), R13
-	MOVQ 160(DI), R14
-	XORQ DX, R11
-	ROLQ $0x06, R11
-	XORQ R8, R12
-	ROLQ $0x19, R12
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ CX, R10
-	ROLQ $0x01, R10
-	XORQ R10, AX
-	MOVQ AX, 80(SP)
-	XORQ AX, SI
-	XORQ R9, R13
-	ROLQ $0x08, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 88(SP)
-	XORQ AX, BP
-	XORQ BX, R14
-	ROLQ $0x12, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 96(SP)
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 104(SP)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 112(SP)
-	XORQ R10, R15
-
-	// Result m
-	MOVQ 40(DI), R11
-	XORQ BX, R11
-	MOVQ 88(DI), R12
-	ROLQ $0x24, R11
-	XORQ CX, R12
-	MOVQ 32(DI), R10
-	ROLQ $0x0a, R12
-	MOVQ R11, AX
-	MOVQ 136(DI), R13
-	ANDQ R12, AX
-	XORQ R9, R10
-	MOVQ 184(DI), R14
-	ROLQ $0x1b, R10
-	XORQ R10, AX
-	MOVQ AX, 120(SP)
-	XORQ AX, SI
-	XORQ DX, R13
-	ROLQ $0x0f, R13
-	MOVQ R12, AX
-	ORQ  R13, AX
-	XORQ R11, AX
-	MOVQ AX, 128(SP)
-	XORQ AX, BP
-	XORQ R8, R14
-	ROLQ $0x38, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ORQ  R14, AX
-	XORQ R12, AX
-	MOVQ AX, 136(SP)
-	ORQ  R10, R11
-	XORQ R14, R11
-	MOVQ R11, 152(SP)
-	ANDQ R10, R14
-	XORQ R13, R14
-	MOVQ R14, 144(SP)
-	XORQ R11, R15
-
-	// Result s
-	MOVQ 16(DI), R10
-	MOVQ 64(DI), R11
-	MOVQ 112(DI), R12
-	XORQ DX, R10
-	MOVQ 120(DI), R13
-	ROLQ $0x3e, R10
-	XORQ R8, R11
-	MOVQ 168(DI), R14
-	ROLQ $0x37, R11
-	XORQ R9, R12
-	MOVQ R10, R9
-	XORQ CX, R14
-	ROLQ $0x02, R14
-	ANDQ R11, R9
-	XORQ R14, R9
-	MOVQ R9, 192(SP)
-	ROLQ $0x27, R12
-	XORQ R9, R15
-	NOTQ R11
-	XORQ BX, R13
-	MOVQ R11, BX
-	ANDQ R12, BX
-	XORQ R10, BX
-	MOVQ BX, 160(SP)
-	XORQ BX, SI
-	ROLQ $0x29, R13
-	MOVQ R12, CX
-	ORQ  R13, CX
-	XORQ R11, CX
-	MOVQ CX, 168(SP)
-	XORQ CX, BP
-	MOVQ R13, DX
-	MOVQ R14, R8
-	ANDQ R14, DX
-	ORQ  R10, R8
-	XORQ R12, DX
-	XORQ R13, R8
-	MOVQ DX, 176(SP)
-	MOVQ R8, 184(SP)
-
-	// Prepare round
-	MOVQ BP, BX
-	ROLQ $0x01, BX
-	MOVQ 16(SP), R12
-	XORQ 56(SP), DX
-	XORQ R15, BX
-	XORQ 96(SP), R12
-	XORQ 136(SP), DX
-	XORQ DX, R12
-	MOVQ R12, CX
-	ROLQ $0x01, CX
-	MOVQ 24(SP), R13
-	XORQ 64(SP), R8
-	XORQ SI, CX
-	XORQ 104(SP), R13
-	XORQ 144(SP), R8
-	XORQ R8, R13
-	MOVQ R13, DX
-	ROLQ $0x01, DX
-	MOVQ R15, R8
-	XORQ BP, DX
-	ROLQ $0x01, R8
-	MOVQ SI, R9
-	XORQ R12, R8
-	ROLQ $0x01, R9
-
-	// Result b
-	MOVQ (SP), R10
-	MOVQ 48(SP), R11
-	XORQ R13, R9
-	MOVQ 96(SP), R12
-	MOVQ 144(SP), R13
-	MOVQ 192(SP), R14
-	XORQ CX, R11
-	ROLQ $0x2c, R11
-	XORQ DX, R12
-	XORQ BX, R10
-	ROLQ $0x2b, R12
-	MOVQ R11, SI
-	MOVQ $0x8000000000000080, AX
-	ORQ  R12, SI
-	XORQ R10, AX
-	XORQ AX, SI
-	MOVQ SI, (DI)
-	XORQ R9, R14
-	ROLQ $0x0e, R14
-	MOVQ R10, R15
-	ANDQ R11, R15
-	XORQ R14, R15
-	MOVQ R15, 32(DI)
-	XORQ R8, R13
-	ROLQ $0x15, R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 16(DI)
-	NOTQ R12
-	ORQ  R10, R14
-	ORQ  R13, R12
-	XORQ R13, R14
-	XORQ R11, R12
-	MOVQ R14, 24(DI)
-	MOVQ R12, 8(DI)
-	MOVQ R12, BP
-
-	// Result g
-	MOVQ 72(SP), R11
-	XORQ R9, R11
-	MOVQ 80(SP), R12
-	ROLQ $0x14, R11
-	XORQ BX, R12
-	ROLQ $0x03, R12
-	MOVQ 24(SP), R10
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ R8, R10
-	MOVQ 128(SP), R13
-	MOVQ 176(SP), R14
-	ROLQ $0x1c, R10
-	XORQ R10, AX
-	MOVQ AX, 40(DI)
-	XORQ AX, SI
-	XORQ CX, R13
-	ROLQ $0x2d, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 48(DI)
-	XORQ AX, BP
-	XORQ DX, R14
-	ROLQ $0x3d, R14
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 64(DI)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 72(DI)
-	NOTQ R14
-	XORQ R10, R15
-	ORQ  R14, R13
-	XORQ R12, R13
-	MOVQ R13, 56(DI)
-
-	// Result k
-	MOVQ 8(SP), R10
-	MOVQ 56(SP), R11
-	MOVQ 104(SP), R12
-	MOVQ 152(SP), R13
-	MOVQ 160(SP), R14
-	XORQ DX, R11
-	ROLQ $0x06, R11
-	XORQ R8, R12
-	ROLQ $0x19, R12
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ CX, R10
-	ROLQ $0x01, R10
-	XORQ R10, AX
-	MOVQ AX, 80(DI)
-	XORQ AX, SI
-	XORQ R9, R13
-	ROLQ $0x08, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 88(DI)
-	XORQ AX, BP
-	XORQ BX, R14
-	ROLQ $0x12, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 96(DI)
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 104(DI)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 112(DI)
-	XORQ R10, R15
-
-	// Result m
-	MOVQ 40(SP), R11
-	XORQ BX, R11
-	MOVQ 88(SP), R12
-	ROLQ $0x24, R11
-	XORQ CX, R12
-	MOVQ 32(SP), R10
-	ROLQ $0x0a, R12
-	MOVQ R11, AX
-	MOVQ 136(SP), R13
-	ANDQ R12, AX
-	XORQ R9, R10
-	MOVQ 184(SP), R14
-	ROLQ $0x1b, R10
-	XORQ R10, AX
-	MOVQ AX, 120(DI)
-	XORQ AX, SI
-	XORQ DX, R13
-	ROLQ $0x0f, R13
-	MOVQ R12, AX
-	ORQ  R13, AX
-	XORQ R11, AX
-	MOVQ AX, 128(DI)
-	XORQ AX, BP
-	XORQ R8, R14
-	ROLQ $0x38, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ORQ  R14, AX
-	XORQ R12, AX
-	MOVQ AX, 136(DI)
-	ORQ  R10, R11
-	XORQ R14, R11
-	MOVQ R11, 152(DI)
-	ANDQ R10, R14
-	XORQ R13, R14
-	MOVQ R14, 144(DI)
-	XORQ R11, R15
-
-	// Result s
-	MOVQ 16(SP), R10
-	MOVQ 64(SP), R11
-	MOVQ 112(SP), R12
-	XORQ DX, R10
-	MOVQ 120(SP), R13
-	ROLQ $0x3e, R10
-	XORQ R8, R11
-	MOVQ 168(SP), R14
-	ROLQ $0x37, R11
-	XORQ R9, R12
-	MOVQ R10, R9
-	XORQ CX, R14
-	ROLQ $0x02, R14
-	ANDQ R11, R9
-	XORQ R14, R9
-	MOVQ R9, 192(DI)
-	ROLQ $0x27, R12
-	XORQ R9, R15
-	NOTQ R11
-	XORQ BX, R13
-	MOVQ R11, BX
-	ANDQ R12, BX
-	XORQ R10, BX
-	MOVQ BX, 160(DI)
-	XORQ BX, SI
-	ROLQ $0x29, R13
-	MOVQ R12, CX
-	ORQ  R13, CX
-	XORQ R11, CX
-	MOVQ CX, 168(DI)
-	XORQ CX, BP
-	MOVQ R13, DX
-	MOVQ R14, R8
-	ANDQ R14, DX
-	ORQ  R10, R8
-	XORQ R12, DX
-	XORQ R13, R8
-	MOVQ DX, 176(DI)
-	MOVQ R8, 184(DI)
-
-	// Prepare round
-	MOVQ BP, BX
-	ROLQ $0x01, BX
-	MOVQ 16(DI), R12
-	XORQ 56(DI), DX
-	XORQ R15, BX
-	XORQ 96(DI), R12
-	XORQ 136(DI), DX
-	XORQ DX, R12
-	MOVQ R12, CX
-	ROLQ $0x01, CX
-	MOVQ 24(DI), R13
-	XORQ 64(DI), R8
-	XORQ SI, CX
-	XORQ 104(DI), R13
-	XORQ 144(DI), R8
-	XORQ R8, R13
-	MOVQ R13, DX
-	ROLQ $0x01, DX
-	MOVQ R15, R8
-	XORQ BP, DX
-	ROLQ $0x01, R8
-	MOVQ SI, R9
-	XORQ R12, R8
-	ROLQ $0x01, R9
-
-	// Result b
-	MOVQ (DI), R10
-	MOVQ 48(DI), R11
-	XORQ R13, R9
-	MOVQ 96(DI), R12
-	MOVQ 144(DI), R13
-	MOVQ 192(DI), R14
-	XORQ CX, R11
-	ROLQ $0x2c, R11
-	XORQ DX, R12
-	XORQ BX, R10
-	ROLQ $0x2b, R12
-	MOVQ R11, SI
-	MOVQ $0x000000000000800a, AX
-	ORQ  R12, SI
-	XORQ R10, AX
-	XORQ AX, SI
-	MOVQ SI, (SP)
-	XORQ R9, R14
-	ROLQ $0x0e, R14
-	MOVQ R10, R15
-	ANDQ R11, R15
-	XORQ R14, R15
-	MOVQ R15, 32(SP)
-	XORQ R8, R13
-	ROLQ $0x15, R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 16(SP)
-	NOTQ R12
-	ORQ  R10, R14
-	ORQ  R13, R12
-	XORQ R13, R14
-	XORQ R11, R12
-	MOVQ R14, 24(SP)
-	MOVQ R12, 8(SP)
-	MOVQ R12, BP
-
-	// Result g
-	MOVQ 72(DI), R11
-	XORQ R9, R11
-	MOVQ 80(DI), R12
-	ROLQ $0x14, R11
-	XORQ BX, R12
-	ROLQ $0x03, R12
-	MOVQ 24(DI), R10
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ R8, R10
-	MOVQ 128(DI), R13
-	MOVQ 176(DI), R14
-	ROLQ $0x1c, R10
-	XORQ R10, AX
-	MOVQ AX, 40(SP)
-	XORQ AX, SI
-	XORQ CX, R13
-	ROLQ $0x2d, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 48(SP)
-	XORQ AX, BP
-	XORQ DX, R14
-	ROLQ $0x3d, R14
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 64(SP)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 72(SP)
-	NOTQ R14
-	XORQ R10, R15
-	ORQ  R14, R13
-	XORQ R12, R13
-	MOVQ R13, 56(SP)
-
-	// Result k
-	MOVQ 8(DI), R10
-	MOVQ 56(DI), R11
-	MOVQ 104(DI), R12
-	MOVQ 152(DI), R13
-	MOVQ 160(DI), R14
-	XORQ DX, R11
-	ROLQ $0x06, R11
-	XORQ R8, R12
-	ROLQ $0x19, R12
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ CX, R10
-	ROLQ $0x01, R10
-	XORQ R10, AX
-	MOVQ AX, 80(SP)
-	XORQ AX, SI
-	XORQ R9, R13
-	ROLQ $0x08, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 88(SP)
-	XORQ AX, BP
-	XORQ BX, R14
-	ROLQ $0x12, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 96(SP)
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 104(SP)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 112(SP)
-	XORQ R10, R15
-
-	// Result m
-	MOVQ 40(DI), R11
-	XORQ BX, R11
-	MOVQ 88(DI), R12
-	ROLQ $0x24, R11
-	XORQ CX, R12
-	MOVQ 32(DI), R10
-	ROLQ $0x0a, R12
-	MOVQ R11, AX
-	MOVQ 136(DI), R13
-	ANDQ R12, AX
-	XORQ R9, R10
-	MOVQ 184(DI), R14
-	ROLQ $0x1b, R10
-	XORQ R10, AX
-	MOVQ AX, 120(SP)
-	XORQ AX, SI
-	XORQ DX, R13
-	ROLQ $0x0f, R13
-	MOVQ R12, AX
-	ORQ  R13, AX
-	XORQ R11, AX
-	MOVQ AX, 128(SP)
-	XORQ AX, BP
-	XORQ R8, R14
-	ROLQ $0x38, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ORQ  R14, AX
-	XORQ R12, AX
-	MOVQ AX, 136(SP)
-	ORQ  R10, R11
-	XORQ R14, R11
-	MOVQ R11, 152(SP)
-	ANDQ R10, R14
-	XORQ R13, R14
-	MOVQ R14, 144(SP)
-	XORQ R11, R15
-
-	// Result s
-	MOVQ 16(DI), R10
-	MOVQ 64(DI), R11
-	MOVQ 112(DI), R12
-	XORQ DX, R10
-	MOVQ 120(DI), R13
-	ROLQ $0x3e, R10
-	XORQ R8, R11
-	MOVQ 168(DI), R14
-	ROLQ $0x37, R11
-	XORQ R9, R12
-	MOVQ R10, R9
-	XORQ CX, R14
-	ROLQ $0x02, R14
-	ANDQ R11, R9
-	XORQ R14, R9
-	MOVQ R9, 192(SP)
-	ROLQ $0x27, R12
-	XORQ R9, R15
-	NOTQ R11
-	XORQ BX, R13
-	MOVQ R11, BX
-	ANDQ R12, BX
-	XORQ R10, BX
-	MOVQ BX, 160(SP)
-	XORQ BX, SI
-	ROLQ $0x29, R13
-	MOVQ R12, CX
-	ORQ  R13, CX
-	XORQ R11, CX
-	MOVQ CX, 168(SP)
-	XORQ CX, BP
-	MOVQ R13, DX
-	MOVQ R14, R8
-	ANDQ R14, DX
-	ORQ  R10, R8
-	XORQ R12, DX
-	XORQ R13, R8
-	MOVQ DX, 176(SP)
-	MOVQ R8, 184(SP)
-
-	// Prepare round
-	MOVQ BP, BX
-	ROLQ $0x01, BX
-	MOVQ 16(SP), R12
-	XORQ 56(SP), DX
-	XORQ R15, BX
-	XORQ 96(SP), R12
-	XORQ 136(SP), DX
-	XORQ DX, R12
-	MOVQ R12, CX
-	ROLQ $0x01, CX
-	MOVQ 24(SP), R13
-	XORQ 64(SP), R8
-	XORQ SI, CX
-	XORQ 104(SP), R13
-	XORQ 144(SP), R8
-	XORQ R8, R13
-	MOVQ R13, DX
-	ROLQ $0x01, DX
-	MOVQ R15, R8
-	XORQ BP, DX
-	ROLQ $0x01, R8
-	MOVQ SI, R9
-	XORQ R12, R8
-	ROLQ $0x01, R9
-
-	// Result b
-	MOVQ (SP), R10
-	MOVQ 48(SP), R11
-	XORQ R13, R9
-	MOVQ 96(SP), R12
-	MOVQ 144(SP), R13
-	MOVQ 192(SP), R14
-	XORQ CX, R11
-	ROLQ $0x2c, R11
-	XORQ DX, R12
-	XORQ BX, R10
-	ROLQ $0x2b, R12
-	MOVQ R11, SI
-	MOVQ $0x800000008000000a, AX
-	ORQ  R12, SI
-	XORQ R10, AX
-	XORQ AX, SI
-	MOVQ SI, (DI)
-	XORQ R9, R14
-	ROLQ $0x0e, R14
-	MOVQ R10, R15
-	ANDQ R11, R15
-	XORQ R14, R15
-	MOVQ R15, 32(DI)
-	XORQ R8, R13
-	ROLQ $0x15, R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 16(DI)
-	NOTQ R12
-	ORQ  R10, R14
-	ORQ  R13, R12
-	XORQ R13, R14
-	XORQ R11, R12
-	MOVQ R14, 24(DI)
-	MOVQ R12, 8(DI)
-	MOVQ R12, BP
-
-	// Result g
-	MOVQ 72(SP), R11
-	XORQ R9, R11
-	MOVQ 80(SP), R12
-	ROLQ $0x14, R11
-	XORQ BX, R12
-	ROLQ $0x03, R12
-	MOVQ 24(SP), R10
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ R8, R10
-	MOVQ 128(SP), R13
-	MOVQ 176(SP), R14
-	ROLQ $0x1c, R10
-	XORQ R10, AX
-	MOVQ AX, 40(DI)
-	XORQ AX, SI
-	XORQ CX, R13
-	ROLQ $0x2d, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 48(DI)
-	XORQ AX, BP
-	XORQ DX, R14
-	ROLQ $0x3d, R14
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 64(DI)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 72(DI)
-	NOTQ R14
-	XORQ R10, R15
-	ORQ  R14, R13
-	XORQ R12, R13
-	MOVQ R13, 56(DI)
-
-	// Result k
-	MOVQ 8(SP), R10
-	MOVQ 56(SP), R11
-	MOVQ 104(SP), R12
-	MOVQ 152(SP), R13
-	MOVQ 160(SP), R14
-	XORQ DX, R11
-	ROLQ $0x06, R11
-	XORQ R8, R12
-	ROLQ $0x19, R12
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ CX, R10
-	ROLQ $0x01, R10
-	XORQ R10, AX
-	MOVQ AX, 80(DI)
-	XORQ AX, SI
-	XORQ R9, R13
-	ROLQ $0x08, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 88(DI)
-	XORQ AX, BP
-	XORQ BX, R14
-	ROLQ $0x12, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 96(DI)
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 104(DI)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 112(DI)
-	XORQ R10, R15
-
-	// Result m
-	MOVQ 40(SP), R11
-	XORQ BX, R11
-	MOVQ 88(SP), R12
-	ROLQ $0x24, R11
-	XORQ CX, R12
-	MOVQ 32(SP), R10
-	ROLQ $0x0a, R12
-	MOVQ R11, AX
-	MOVQ 136(SP), R13
-	ANDQ R12, AX
-	XORQ R9, R10
-	MOVQ 184(SP), R14
-	ROLQ $0x1b, R10
-	XORQ R10, AX
-	MOVQ AX, 120(DI)
-	XORQ AX, SI
-	XORQ DX, R13
-	ROLQ $0x0f, R13
-	MOVQ R12, AX
-	ORQ  R13, AX
-	XORQ R11, AX
-	MOVQ AX, 128(DI)
-	XORQ AX, BP
-	XORQ R8, R14
-	ROLQ $0x38, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ORQ  R14, AX
-	XORQ R12, AX
-	MOVQ AX, 136(DI)
-	ORQ  R10, R11
-	XORQ R14, R11
-	MOVQ R11, 152(DI)
-	ANDQ R10, R14
-	XORQ R13, R14
-	MOVQ R14, 144(DI)
-	XORQ R11, R15
-
-	// Result s
-	MOVQ 16(SP), R10
-	MOVQ 64(SP), R11
-	MOVQ 112(SP), R12
-	XORQ DX, R10
-	MOVQ 120(SP), R13
-	ROLQ $0x3e, R10
-	XORQ R8, R11
-	MOVQ 168(SP), R14
-	ROLQ $0x37, R11
-	XORQ R9, R12
-	MOVQ R10, R9
-	XORQ CX, R14
-	ROLQ $0x02, R14
-	ANDQ R11, R9
-	XORQ R14, R9
-	MOVQ R9, 192(DI)
-	ROLQ $0x27, R12
-	XORQ R9, R15
-	NOTQ R11
-	XORQ BX, R13
-	MOVQ R11, BX
-	ANDQ R12, BX
-	XORQ R10, BX
-	MOVQ BX, 160(DI)
-	XORQ BX, SI
-	ROLQ $0x29, R13
-	MOVQ R12, CX
-	ORQ  R13, CX
-	XORQ R11, CX
-	MOVQ CX, 168(DI)
-	XORQ CX, BP
-	MOVQ R13, DX
-	MOVQ R14, R8
-	ANDQ R14, DX
-	ORQ  R10, R8
-	XORQ R12, DX
-	XORQ R13, R8
-	MOVQ DX, 176(DI)
-	MOVQ R8, 184(DI)
-
-	// Prepare round
-	MOVQ BP, BX
-	ROLQ $0x01, BX
-	MOVQ 16(DI), R12
-	XORQ 56(DI), DX
-	XORQ R15, BX
-	XORQ 96(DI), R12
-	XORQ 136(DI), DX
-	XORQ DX, R12
-	MOVQ R12, CX
-	ROLQ $0x01, CX
-	MOVQ 24(DI), R13
-	XORQ 64(DI), R8
-	XORQ SI, CX
-	XORQ 104(DI), R13
-	XORQ 144(DI), R8
-	XORQ R8, R13
-	MOVQ R13, DX
-	ROLQ $0x01, DX
-	MOVQ R15, R8
-	XORQ BP, DX
-	ROLQ $0x01, R8
-	MOVQ SI, R9
-	XORQ R12, R8
-	ROLQ $0x01, R9
-
-	// Result b
-	MOVQ (DI), R10
-	MOVQ 48(DI), R11
-	XORQ R13, R9
-	MOVQ 96(DI), R12
-	MOVQ 144(DI), R13
-	MOVQ 192(DI), R14
-	XORQ CX, R11
-	ROLQ $0x2c, R11
-	XORQ DX, R12
-	XORQ BX, R10
-	ROLQ $0x2b, R12
-	MOVQ R11, SI
-	MOVQ $0x8000000080008081, AX
-	ORQ  R12, SI
-	XORQ R10, AX
-	XORQ AX, SI
-	MOVQ SI, (SP)
-	XORQ R9, R14
-	ROLQ $0x0e, R14
-	MOVQ R10, R15
-	ANDQ R11, R15
-	XORQ R14, R15
-	MOVQ R15, 32(SP)
-	XORQ R8, R13
-	ROLQ $0x15, R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 16(SP)
-	NOTQ R12
-	ORQ  R10, R14
-	ORQ  R13, R12
-	XORQ R13, R14
-	XORQ R11, R12
-	MOVQ R14, 24(SP)
-	MOVQ R12, 8(SP)
-	MOVQ R12, BP
-
-	// Result g
-	MOVQ 72(DI), R11
-	XORQ R9, R11
-	MOVQ 80(DI), R12
-	ROLQ $0x14, R11
-	XORQ BX, R12
-	ROLQ $0x03, R12
-	MOVQ 24(DI), R10
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ R8, R10
-	MOVQ 128(DI), R13
-	MOVQ 176(DI), R14
-	ROLQ $0x1c, R10
-	XORQ R10, AX
-	MOVQ AX, 40(SP)
-	XORQ AX, SI
-	XORQ CX, R13
-	ROLQ $0x2d, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 48(SP)
-	XORQ AX, BP
-	XORQ DX, R14
-	ROLQ $0x3d, R14
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 64(SP)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 72(SP)
-	NOTQ R14
-	XORQ R10, R15
-	ORQ  R14, R13
-	XORQ R12, R13
-	MOVQ R13, 56(SP)
-
-	// Result k
-	MOVQ 8(DI), R10
-	MOVQ 56(DI), R11
-	MOVQ 104(DI), R12
-	MOVQ 152(DI), R13
-	MOVQ 160(DI), R14
-	XORQ DX, R11
-	ROLQ $0x06, R11
-	XORQ R8, R12
-	ROLQ $0x19, R12
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ CX, R10
-	ROLQ $0x01, R10
-	XORQ R10, AX
-	MOVQ AX, 80(SP)
-	XORQ AX, SI
-	XORQ R9, R13
-	ROLQ $0x08, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 88(SP)
-	XORQ AX, BP
-	XORQ BX, R14
-	ROLQ $0x12, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 96(SP)
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 104(SP)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 112(SP)
-	XORQ R10, R15
-
-	// Result m
-	MOVQ 40(DI), R11
-	XORQ BX, R11
-	MOVQ 88(DI), R12
-	ROLQ $0x24, R11
-	XORQ CX, R12
-	MOVQ 32(DI), R10
-	ROLQ $0x0a, R12
-	MOVQ R11, AX
-	MOVQ 136(DI), R13
-	ANDQ R12, AX
-	XORQ R9, R10
-	MOVQ 184(DI), R14
-	ROLQ $0x1b, R10
-	XORQ R10, AX
-	MOVQ AX, 120(SP)
-	XORQ AX, SI
-	XORQ DX, R13
-	ROLQ $0x0f, R13
-	MOVQ R12, AX
-	ORQ  R13, AX
-	XORQ R11, AX
-	MOVQ AX, 128(SP)
-	XORQ AX, BP
-	XORQ R8, R14
-	ROLQ $0x38, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ORQ  R14, AX
-	XORQ R12, AX
-	MOVQ AX, 136(SP)
-	ORQ  R10, R11
-	XORQ R14, R11
-	MOVQ R11, 152(SP)
-	ANDQ R10, R14
-	XORQ R13, R14
-	MOVQ R14, 144(SP)
-	XORQ R11, R15
-
-	// Result s
-	MOVQ 16(DI), R10
-	MOVQ 64(DI), R11
-	MOVQ 112(DI), R12
-	XORQ DX, R10
-	MOVQ 120(DI), R13
-	ROLQ $0x3e, R10
-	XORQ R8, R11
-	MOVQ 168(DI), R14
-	ROLQ $0x37, R11
-	XORQ R9, R12
-	MOVQ R10, R9
-	XORQ CX, R14
-	ROLQ $0x02, R14
-	ANDQ R11, R9
-	XORQ R14, R9
-	MOVQ R9, 192(SP)
-	ROLQ $0x27, R12
-	XORQ R9, R15
-	NOTQ R11
-	XORQ BX, R13
-	MOVQ R11, BX
-	ANDQ R12, BX
-	XORQ R10, BX
-	MOVQ BX, 160(SP)
-	XORQ BX, SI
-	ROLQ $0x29, R13
-	MOVQ R12, CX
-	ORQ  R13, CX
-	XORQ R11, CX
-	MOVQ CX, 168(SP)
-	XORQ CX, BP
-	MOVQ R13, DX
-	MOVQ R14, R8
-	ANDQ R14, DX
-	ORQ  R10, R8
-	XORQ R12, DX
-	XORQ R13, R8
-	MOVQ DX, 176(SP)
-	MOVQ R8, 184(SP)
-
-	// Prepare round
-	MOVQ BP, BX
-	ROLQ $0x01, BX
-	MOVQ 16(SP), R12
-	XORQ 56(SP), DX
-	XORQ R15, BX
-	XORQ 96(SP), R12
-	XORQ 136(SP), DX
-	XORQ DX, R12
-	MOVQ R12, CX
-	ROLQ $0x01, CX
-	MOVQ 24(SP), R13
-	XORQ 64(SP), R8
-	XORQ SI, CX
-	XORQ 104(SP), R13
-	XORQ 144(SP), R8
-	XORQ R8, R13
-	MOVQ R13, DX
-	ROLQ $0x01, DX
-	MOVQ R15, R8
-	XORQ BP, DX
-	ROLQ $0x01, R8
-	MOVQ SI, R9
-	XORQ R12, R8
-	ROLQ $0x01, R9
-
-	// Result b
-	MOVQ (SP), R10
-	MOVQ 48(SP), R11
-	XORQ R13, R9
-	MOVQ 96(SP), R12
-	MOVQ 144(SP), R13
-	MOVQ 192(SP), R14
-	XORQ CX, R11
-	ROLQ $0x2c, R11
-	XORQ DX, R12
-	XORQ BX, R10
-	ROLQ $0x2b, R12
-	MOVQ R11, SI
-	MOVQ $0x8000000000008080, AX
-	ORQ  R12, SI
-	XORQ R10, AX
-	XORQ AX, SI
-	MOVQ SI, (DI)
-	XORQ R9, R14
-	ROLQ $0x0e, R14
-	MOVQ R10, R15
-	ANDQ R11, R15
-	XORQ R14, R15
-	MOVQ R15, 32(DI)
-	XORQ R8, R13
-	ROLQ $0x15, R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 16(DI)
-	NOTQ R12
-	ORQ  R10, R14
-	ORQ  R13, R12
-	XORQ R13, R14
-	XORQ R11, R12
-	MOVQ R14, 24(DI)
-	MOVQ R12, 8(DI)
-	MOVQ R12, BP
-
-	// Result g
-	MOVQ 72(SP), R11
-	XORQ R9, R11
-	MOVQ 80(SP), R12
-	ROLQ $0x14, R11
-	XORQ BX, R12
-	ROLQ $0x03, R12
-	MOVQ 24(SP), R10
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ R8, R10
-	MOVQ 128(SP), R13
-	MOVQ 176(SP), R14
-	ROLQ $0x1c, R10
-	XORQ R10, AX
-	MOVQ AX, 40(DI)
-	XORQ AX, SI
-	XORQ CX, R13
-	ROLQ $0x2d, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 48(DI)
-	XORQ AX, BP
-	XORQ DX, R14
-	ROLQ $0x3d, R14
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 64(DI)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 72(DI)
-	NOTQ R14
-	XORQ R10, R15
-	ORQ  R14, R13
-	XORQ R12, R13
-	MOVQ R13, 56(DI)
-
-	// Result k
-	MOVQ 8(SP), R10
-	MOVQ 56(SP), R11
-	MOVQ 104(SP), R12
-	MOVQ 152(SP), R13
-	MOVQ 160(SP), R14
-	XORQ DX, R11
-	ROLQ $0x06, R11
-	XORQ R8, R12
-	ROLQ $0x19, R12
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ CX, R10
-	ROLQ $0x01, R10
-	XORQ R10, AX
-	MOVQ AX, 80(DI)
-	XORQ AX, SI
-	XORQ R9, R13
-	ROLQ $0x08, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 88(DI)
-	XORQ AX, BP
-	XORQ BX, R14
-	ROLQ $0x12, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 96(DI)
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 104(DI)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 112(DI)
-	XORQ R10, R15
-
-	// Result m
-	MOVQ 40(SP), R11
-	XORQ BX, R11
-	MOVQ 88(SP), R12
-	ROLQ $0x24, R11
-	XORQ CX, R12
-	MOVQ 32(SP), R10
-	ROLQ $0x0a, R12
-	MOVQ R11, AX
-	MOVQ 136(SP), R13
-	ANDQ R12, AX
-	XORQ R9, R10
-	MOVQ 184(SP), R14
-	ROLQ $0x1b, R10
-	XORQ R10, AX
-	MOVQ AX, 120(DI)
-	XORQ AX, SI
-	XORQ DX, R13
-	ROLQ $0x0f, R13
-	MOVQ R12, AX
-	ORQ  R13, AX
-	XORQ R11, AX
-	MOVQ AX, 128(DI)
-	XORQ AX, BP
-	XORQ R8, R14
-	ROLQ $0x38, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ORQ  R14, AX
-	XORQ R12, AX
-	MOVQ AX, 136(DI)
-	ORQ  R10, R11
-	XORQ R14, R11
-	MOVQ R11, 152(DI)
-	ANDQ R10, R14
-	XORQ R13, R14
-	MOVQ R14, 144(DI)
-	XORQ R11, R15
-
-	// Result s
-	MOVQ 16(SP), R10
-	MOVQ 64(SP), R11
-	MOVQ 112(SP), R12
-	XORQ DX, R10
-	MOVQ 120(SP), R13
-	ROLQ $0x3e, R10
-	XORQ R8, R11
-	MOVQ 168(SP), R14
-	ROLQ $0x37, R11
-	XORQ R9, R12
-	MOVQ R10, R9
-	XORQ CX, R14
-	ROLQ $0x02, R14
-	ANDQ R11, R9
-	XORQ R14, R9
-	MOVQ R9, 192(DI)
-	ROLQ $0x27, R12
-	XORQ R9, R15
-	NOTQ R11
-	XORQ BX, R13
-	MOVQ R11, BX
-	ANDQ R12, BX
-	XORQ R10, BX
-	MOVQ BX, 160(DI)
-	XORQ BX, SI
-	ROLQ $0x29, R13
-	MOVQ R12, CX
-	ORQ  R13, CX
-	XORQ R11, CX
-	MOVQ CX, 168(DI)
-	XORQ CX, BP
-	MOVQ R13, DX
-	MOVQ R14, R8
-	ANDQ R14, DX
-	ORQ  R10, R8
-	XORQ R12, DX
-	XORQ R13, R8
-	MOVQ DX, 176(DI)
-	MOVQ R8, 184(DI)
-
-	// Prepare round
-	MOVQ BP, BX
-	ROLQ $0x01, BX
-	MOVQ 16(DI), R12
-	XORQ 56(DI), DX
-	XORQ R15, BX
-	XORQ 96(DI), R12
-	XORQ 136(DI), DX
-	XORQ DX, R12
-	MOVQ R12, CX
-	ROLQ $0x01, CX
-	MOVQ 24(DI), R13
-	XORQ 64(DI), R8
-	XORQ SI, CX
-	XORQ 104(DI), R13
-	XORQ 144(DI), R8
-	XORQ R8, R13
-	MOVQ R13, DX
-	ROLQ $0x01, DX
-	MOVQ R15, R8
-	XORQ BP, DX
-	ROLQ $0x01, R8
-	MOVQ SI, R9
-	XORQ R12, R8
-	ROLQ $0x01, R9
-
-	// Result b
-	MOVQ (DI), R10
-	MOVQ 48(DI), R11
-	XORQ R13, R9
-	MOVQ 96(DI), R12
-	MOVQ 144(DI), R13
-	MOVQ 192(DI), R14
-	XORQ CX, R11
-	ROLQ $0x2c, R11
-	XORQ DX, R12
-	XORQ BX, R10
-	ROLQ $0x2b, R12
-	MOVQ R11, SI
-	MOVQ $0x0000000080000001, AX
-	ORQ  R12, SI
-	XORQ R10, AX
-	XORQ AX, SI
-	MOVQ SI, (SP)
-	XORQ R9, R14
-	ROLQ $0x0e, R14
-	MOVQ R10, R15
-	ANDQ R11, R15
-	XORQ R14, R15
-	MOVQ R15, 32(SP)
-	XORQ R8, R13
-	ROLQ $0x15, R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 16(SP)
-	NOTQ R12
-	ORQ  R10, R14
-	ORQ  R13, R12
-	XORQ R13, R14
-	XORQ R11, R12
-	MOVQ R14, 24(SP)
-	MOVQ R12, 8(SP)
-	MOVQ R12, BP
-
-	// Result g
-	MOVQ 72(DI), R11
-	XORQ R9, R11
-	MOVQ 80(DI), R12
-	ROLQ $0x14, R11
-	XORQ BX, R12
-	ROLQ $0x03, R12
-	MOVQ 24(DI), R10
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ R8, R10
-	MOVQ 128(DI), R13
-	MOVQ 176(DI), R14
-	ROLQ $0x1c, R10
-	XORQ R10, AX
-	MOVQ AX, 40(SP)
-	XORQ AX, SI
-	XORQ CX, R13
-	ROLQ $0x2d, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 48(SP)
-	XORQ AX, BP
-	XORQ DX, R14
-	ROLQ $0x3d, R14
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 64(SP)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 72(SP)
-	NOTQ R14
-	XORQ R10, R15
-	ORQ  R14, R13
-	XORQ R12, R13
-	MOVQ R13, 56(SP)
-
-	// Result k
-	MOVQ 8(DI), R10
-	MOVQ 56(DI), R11
-	MOVQ 104(DI), R12
-	MOVQ 152(DI), R13
-	MOVQ 160(DI), R14
-	XORQ DX, R11
-	ROLQ $0x06, R11
-	XORQ R8, R12
-	ROLQ $0x19, R12
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ CX, R10
-	ROLQ $0x01, R10
-	XORQ R10, AX
-	MOVQ AX, 80(SP)
-	XORQ AX, SI
-	XORQ R9, R13
-	ROLQ $0x08, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 88(SP)
-	XORQ AX, BP
-	XORQ BX, R14
-	ROLQ $0x12, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 96(SP)
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 104(SP)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 112(SP)
-	XORQ R10, R15
-
-	// Result m
-	MOVQ 40(DI), R11
-	XORQ BX, R11
-	MOVQ 88(DI), R12
-	ROLQ $0x24, R11
-	XORQ CX, R12
-	MOVQ 32(DI), R10
-	ROLQ $0x0a, R12
-	MOVQ R11, AX
-	MOVQ 136(DI), R13
-	ANDQ R12, AX
-	XORQ R9, R10
-	MOVQ 184(DI), R14
-	ROLQ $0x1b, R10
-	XORQ R10, AX
-	MOVQ AX, 120(SP)
-	XORQ AX, SI
-	XORQ DX, R13
-	ROLQ $0x0f, R13
-	MOVQ R12, AX
-	ORQ  R13, AX
-	XORQ R11, AX
-	MOVQ AX, 128(SP)
-	XORQ AX, BP
-	XORQ R8, R14
-	ROLQ $0x38, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ORQ  R14, AX
-	XORQ R12, AX
-	MOVQ AX, 136(SP)
-	ORQ  R10, R11
-	XORQ R14, R11
-	MOVQ R11, 152(SP)
-	ANDQ R10, R14
-	XORQ R13, R14
-	MOVQ R14, 144(SP)
-	XORQ R11, R15
-
-	// Result s
-	MOVQ 16(DI), R10
-	MOVQ 64(DI), R11
-	MOVQ 112(DI), R12
-	XORQ DX, R10
-	MOVQ 120(DI), R13
-	ROLQ $0x3e, R10
-	XORQ R8, R11
-	MOVQ 168(DI), R14
-	ROLQ $0x37, R11
-	XORQ R9, R12
-	MOVQ R10, R9
-	XORQ CX, R14
-	ROLQ $0x02, R14
-	ANDQ R11, R9
-	XORQ R14, R9
-	MOVQ R9, 192(SP)
-	ROLQ $0x27, R12
-	XORQ R9, R15
-	NOTQ R11
-	XORQ BX, R13
-	MOVQ R11, BX
-	ANDQ R12, BX
-	XORQ R10, BX
-	MOVQ BX, 160(SP)
-	XORQ BX, SI
-	ROLQ $0x29, R13
-	MOVQ R12, CX
-	ORQ  R13, CX
-	XORQ R11, CX
-	MOVQ CX, 168(SP)
-	XORQ CX, BP
-	MOVQ R13, DX
-	MOVQ R14, R8
-	ANDQ R14, DX
-	ORQ  R10, R8
-	XORQ R12, DX
-	XORQ R13, R8
-	MOVQ DX, 176(SP)
-	MOVQ R8, 184(SP)
-
-	// Prepare round
-	MOVQ BP, BX
-	ROLQ $0x01, BX
-	MOVQ 16(SP), R12
-	XORQ 56(SP), DX
-	XORQ R15, BX
-	XORQ 96(SP), R12
-	XORQ 136(SP), DX
-	XORQ DX, R12
-	MOVQ R12, CX
-	ROLQ $0x01, CX
-	MOVQ 24(SP), R13
-	XORQ 64(SP), R8
-	XORQ SI, CX
-	XORQ 104(SP), R13
-	XORQ 144(SP), R8
-	XORQ R8, R13
-	MOVQ R13, DX
-	ROLQ $0x01, DX
-	MOVQ R15, R8
-	XORQ BP, DX
-	ROLQ $0x01, R8
-	MOVQ SI, R9
-	XORQ R12, R8
-	ROLQ $0x01, R9
-
-	// Result b
-	MOVQ (SP), R10
-	MOVQ 48(SP), R11
-	XORQ R13, R9
-	MOVQ 96(SP), R12
-	MOVQ 144(SP), R13
-	MOVQ 192(SP), R14
-	XORQ CX, R11
-	ROLQ $0x2c, R11
-	XORQ DX, R12
-	XORQ BX, R10
-	ROLQ $0x2b, R12
-	MOVQ R11, SI
-	MOVQ $0x8000000080008008, AX
-	ORQ  R12, SI
-	XORQ R10, AX
-	XORQ AX, SI
-	MOVQ SI, (DI)
-	XORQ R9, R14
-	ROLQ $0x0e, R14
-	MOVQ R10, R15
-	ANDQ R11, R15
-	XORQ R14, R15
-	MOVQ R15, 32(DI)
-	XORQ R8, R13
-	ROLQ $0x15, R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 16(DI)
-	NOTQ R12
-	ORQ  R10, R14
-	ORQ  R13, R12
-	XORQ R13, R14
-	XORQ R11, R12
-	MOVQ R14, 24(DI)
-	MOVQ R12, 8(DI)
-	NOP
-
-	// Result g
-	MOVQ 72(SP), R11
-	XORQ R9, R11
-	MOVQ 80(SP), R12
-	ROLQ $0x14, R11
-	XORQ BX, R12
-	ROLQ $0x03, R12
-	MOVQ 24(SP), R10
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ R8, R10
-	MOVQ 128(SP), R13
-	MOVQ 176(SP), R14
-	ROLQ $0x1c, R10
-	XORQ R10, AX
-	MOVQ AX, 40(DI)
-	NOP
-	XORQ CX, R13
-	ROLQ $0x2d, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 48(DI)
-	NOP
-	XORQ DX, R14
-	ROLQ $0x3d, R14
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 64(DI)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 72(DI)
-	NOTQ R14
-	NOP
-	ORQ  R14, R13
-	XORQ R12, R13
-	MOVQ R13, 56(DI)
-
-	// Result k
-	MOVQ 8(SP), R10
-	MOVQ 56(SP), R11
-	MOVQ 104(SP), R12
-	MOVQ 152(SP), R13
-	MOVQ 160(SP), R14
-	XORQ DX, R11
-	ROLQ $0x06, R11
-	XORQ R8, R12
-	ROLQ $0x19, R12
-	MOVQ R11, AX
-	ORQ  R12, AX
-	XORQ CX, R10
-	ROLQ $0x01, R10
-	XORQ R10, AX
-	MOVQ AX, 80(DI)
-	NOP
-	XORQ R9, R13
-	ROLQ $0x08, R13
-	MOVQ R12, AX
-	ANDQ R13, AX
-	XORQ R11, AX
-	MOVQ AX, 88(DI)
-	NOP
-	XORQ BX, R14
-	ROLQ $0x12, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ANDQ R14, AX
-	XORQ R12, AX
-	MOVQ AX, 96(DI)
-	MOVQ R14, AX
-	ORQ  R10, AX
-	XORQ R13, AX
-	MOVQ AX, 104(DI)
-	ANDQ R11, R10
-	XORQ R14, R10
-	MOVQ R10, 112(DI)
-	NOP
-
-	// Result m
-	MOVQ 40(SP), R11
-	XORQ BX, R11
-	MOVQ 88(SP), R12
-	ROLQ $0x24, R11
-	XORQ CX, R12
-	MOVQ 32(SP), R10
-	ROLQ $0x0a, R12
-	MOVQ R11, AX
-	MOVQ 136(SP), R13
-	ANDQ R12, AX
-	XORQ R9, R10
-	MOVQ 184(SP), R14
-	ROLQ $0x1b, R10
-	XORQ R10, AX
-	MOVQ AX, 120(DI)
-	NOP
-	XORQ DX, R13
-	ROLQ $0x0f, R13
-	MOVQ R12, AX
-	ORQ  R13, AX
-	XORQ R11, AX
-	MOVQ AX, 128(DI)
-	NOP
-	XORQ R8, R14
-	ROLQ $0x38, R14
-	NOTQ R13
-	MOVQ R13, AX
-	ORQ  R14, AX
-	XORQ R12, AX
-	MOVQ AX, 136(DI)
-	ORQ  R10, R11
-	XORQ R14, R11
-	MOVQ R11, 152(DI)
-	ANDQ R10, R14
-	XORQ R13, R14
-	MOVQ R14, 144(DI)
-	NOP
-
-	// Result s
-	MOVQ 16(SP), R10
-	MOVQ 64(SP), R11
-	MOVQ 112(SP), R12
-	XORQ DX, R10
-	MOVQ 120(SP), R13
-	ROLQ $0x3e, R10
-	XORQ R8, R11
-	MOVQ 168(SP), R14
-	ROLQ $0x37, R11
-	XORQ R9, R12
-	MOVQ R10, R9
-	XORQ CX, R14
-	ROLQ $0x02, R14
-	ANDQ R11, R9
-	XORQ R14, R9
-	MOVQ R9, 192(DI)
-	ROLQ $0x27, R12
-	NOP
-	NOTQ R11
-	XORQ BX, R13
-	MOVQ R11, BX
-	ANDQ R12, BX
-	XORQ R10, BX
-	MOVQ BX, 160(DI)
-	NOP
-	ROLQ $0x29, R13
-	MOVQ R12, CX
-	ORQ  R13, CX
-	XORQ R11, CX
-	MOVQ CX, 168(DI)
-	NOP
-	MOVQ R13, DX
-	MOVQ R14, R8
-	ANDQ R14, DX
-	ORQ  R10, R8
-	XORQ R12, DX
-	XORQ R13, R8
-	MOVQ DX, 176(DI)
-	MOVQ R8, 184(DI)
-
-	// Revert the internal state to the user state
-	NOTQ 8(DI)
-	NOTQ 16(DI)
-	NOTQ 64(DI)
-	NOTQ 96(DI)
-	NOTQ 136(DI)
-	NOTQ 160(DI)
-	RET
diff --git a/vendor/golang.org/x/crypto/sha3/sha3.go b/vendor/golang.org/x/crypto/sha3/legacy_hash.go
similarity index 83%
rename from vendor/golang.org/x/crypto/sha3/sha3.go
rename to vendor/golang.org/x/crypto/sha3/legacy_hash.go
index 6658c4447..b8784536e 100644
--- a/vendor/golang.org/x/crypto/sha3/sha3.go
+++ b/vendor/golang.org/x/crypto/sha3/legacy_hash.go
@@ -4,15 +4,46 @@
 
 package sha3
 
+// This implementation is only used for NewLegacyKeccak256 and
+// NewLegacyKeccak512, which are not implemented by crypto/sha3.
+// All other functions in this package are wrappers around crypto/sha3.
+
 import (
 	"crypto/subtle"
 	"encoding/binary"
 	"errors"
+	"hash"
 	"unsafe"
 
 	"golang.org/x/sys/cpu"
 )
 
+const (
+	dsbyteKeccak = 0b00000001
+
+	// rateK[c] is the rate in bytes for Keccak[c] where c is the capacity in
+	// bits. Given the sponge size is 1600 bits, the rate is 1600 - c bits.
+	rateK256  = (1600 - 256) / 8
+	rateK512  = (1600 - 512) / 8
+	rateK1024 = (1600 - 1024) / 8
+)
+
+// NewLegacyKeccak256 creates a new Keccak-256 hash.
+//
+// Only use this function if you require compatibility with an existing cryptosystem
+// that uses non-standard padding. All other users should use New256 instead.
+func NewLegacyKeccak256() hash.Hash {
+	return &state{rate: rateK512, outputLen: 32, dsbyte: dsbyteKeccak}
+}
+
+// NewLegacyKeccak512 creates a new Keccak-512 hash.
+//
+// Only use this function if you require compatibility with an existing cryptosystem
+// that uses non-standard padding. All other users should use New512 instead.
+func NewLegacyKeccak512() hash.Hash {
+	return &state{rate: rateK1024, outputLen: 64, dsbyte: dsbyteKeccak}
+}
+
 // spongeDirection indicates the direction bytes are flowing through the sponge.
 type spongeDirection int
 
@@ -173,12 +204,9 @@ func (d *state) Sum(in []byte) []byte {
 }
 
 const (
-	magicSHA3   = "sha\x08"
-	magicShake  = "sha\x09"
-	magicCShake = "sha\x0a"
 	magicKeccak = "sha\x0b"
 	// magic || rate || main state || n || sponge direction
-	marshaledSize = len(magicSHA3) + 1 + 200 + 1 + 1
+	marshaledSize = len(magicKeccak) + 1 + 200 + 1 + 1
 )
 
 func (d *state) MarshalBinary() ([]byte, error) {
@@ -187,12 +215,6 @@ func (d *state) MarshalBinary() ([]byte, error) {
 
 func (d *state) AppendBinary(b []byte) ([]byte, error) {
 	switch d.dsbyte {
-	case dsbyteSHA3:
-		b = append(b, magicSHA3...)
-	case dsbyteShake:
-		b = append(b, magicShake...)
-	case dsbyteCShake:
-		b = append(b, magicCShake...)
 	case dsbyteKeccak:
 		b = append(b, magicKeccak...)
 	default:
@@ -210,12 +232,9 @@ func (d *state) UnmarshalBinary(b []byte) error {
 		return errors.New("sha3: invalid hash state")
 	}
 
-	magic := string(b[:len(magicSHA3)])
-	b = b[len(magicSHA3):]
+	magic := string(b[:len(magicKeccak)])
+	b = b[len(magicKeccak):]
 	switch {
-	case magic == magicSHA3 && d.dsbyte == dsbyteSHA3:
-	case magic == magicShake && d.dsbyte == dsbyteShake:
-	case magic == magicCShake && d.dsbyte == dsbyteCShake:
 	case magic == magicKeccak && d.dsbyte == dsbyteKeccak:
 	default:
 		return errors.New("sha3: invalid hash state identifier")
diff --git a/vendor/golang.org/x/crypto/sha3/keccakf.go b/vendor/golang.org/x/crypto/sha3/legacy_keccakf.go
similarity index 98%
rename from vendor/golang.org/x/crypto/sha3/keccakf.go
rename to vendor/golang.org/x/crypto/sha3/legacy_keccakf.go
index ce48b1dd3..101588c16 100644
--- a/vendor/golang.org/x/crypto/sha3/keccakf.go
+++ b/vendor/golang.org/x/crypto/sha3/legacy_keccakf.go
@@ -2,10 +2,12 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build !amd64 || purego || !gc
-
 package sha3
 
+// This implementation is only used for NewLegacyKeccak256 and
+// NewLegacyKeccak512, which are not implemented by crypto/sha3.
+// All other functions in this package are wrappers around crypto/sha3.
+
 import "math/bits"
 
 // rc stores the round constants for use in the ι step.
diff --git a/vendor/golang.org/x/crypto/sha3/sha3_s390x.go b/vendor/golang.org/x/crypto/sha3/sha3_s390x.go
deleted file mode 100644
index 00d8034ae..000000000
--- a/vendor/golang.org/x/crypto/sha3/sha3_s390x.go
+++ /dev/null
@@ -1,303 +0,0 @@
-// Copyright 2017 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build gc && !purego
-
-package sha3
-
-// This file contains code for using the 'compute intermediate
-// message digest' (KIMD) and 'compute last message digest' (KLMD)
-// instructions to compute SHA-3 and SHAKE hashes on IBM Z.
-
-import (
-	"hash"
-
-	"golang.org/x/sys/cpu"
-)
-
-// codes represent 7-bit KIMD/KLMD function codes as defined in
-// the Principles of Operation.
-type code uint64
-
-const (
-	// function codes for KIMD/KLMD
-	sha3_224  code = 32
-	sha3_256       = 33
-	sha3_384       = 34
-	sha3_512       = 35
-	shake_128      = 36
-	shake_256      = 37
-	nopad          = 0x100
-)
-
-// kimd is a wrapper for the 'compute intermediate message digest' instruction.
-// src must be a multiple of the rate for the given function code.
-//
-//go:noescape
-func kimd(function code, chain *[200]byte, src []byte)
-
-// klmd is a wrapper for the 'compute last message digest' instruction.
-// src padding is handled by the instruction.
-//
-//go:noescape
-func klmd(function code, chain *[200]byte, dst, src []byte)
-
-type asmState struct {
-	a         [200]byte       // 1600 bit state
-	buf       []byte          // care must be taken to ensure cap(buf) is a multiple of rate
-	rate      int             // equivalent to block size
-	storage   [3072]byte      // underlying storage for buf
-	outputLen int             // output length for full security
-	function  code            // KIMD/KLMD function code
-	state     spongeDirection // whether the sponge is absorbing or squeezing
-}
-
-func newAsmState(function code) *asmState {
-	var s asmState
-	s.function = function
-	switch function {
-	case sha3_224:
-		s.rate = 144
-		s.outputLen = 28
-	case sha3_256:
-		s.rate = 136
-		s.outputLen = 32
-	case sha3_384:
-		s.rate = 104
-		s.outputLen = 48
-	case sha3_512:
-		s.rate = 72
-		s.outputLen = 64
-	case shake_128:
-		s.rate = 168
-		s.outputLen = 32
-	case shake_256:
-		s.rate = 136
-		s.outputLen = 64
-	default:
-		panic("sha3: unrecognized function code")
-	}
-
-	// limit s.buf size to a multiple of s.rate
-	s.resetBuf()
-	return &s
-}
-
-func (s *asmState) clone() *asmState {
-	c := *s
-	c.buf = c.storage[:len(s.buf):cap(s.buf)]
-	return &c
-}
-
-// copyIntoBuf copies b into buf. It will panic if there is not enough space to
-// store all of b.
-func (s *asmState) copyIntoBuf(b []byte) {
-	bufLen := len(s.buf)
-	s.buf = s.buf[:len(s.buf)+len(b)]
-	copy(s.buf[bufLen:], b)
-}
-
-// resetBuf points buf at storage, sets the length to 0 and sets cap to be a
-// multiple of the rate.
-func (s *asmState) resetBuf() {
-	max := (cap(s.storage) / s.rate) * s.rate
-	s.buf = s.storage[:0:max]
-}
-
-// Write (via the embedded io.Writer interface) adds more data to the running hash.
-// It never returns an error.
-func (s *asmState) Write(b []byte) (int, error) {
-	if s.state != spongeAbsorbing {
-		panic("sha3: Write after Read")
-	}
-	length := len(b)
-	for len(b) > 0 {
-		if len(s.buf) == 0 && len(b) >= cap(s.buf) {
-			// Hash the data directly and push any remaining bytes
-			// into the buffer.
-			remainder := len(b) % s.rate
-			kimd(s.function, &s.a, b[:len(b)-remainder])
-			if remainder != 0 {
-				s.copyIntoBuf(b[len(b)-remainder:])
-			}
-			return length, nil
-		}
-
-		if len(s.buf) == cap(s.buf) {
-			// flush the buffer
-			kimd(s.function, &s.a, s.buf)
-			s.buf = s.buf[:0]
-		}
-
-		// copy as much as we can into the buffer
-		n := len(b)
-		if len(b) > cap(s.buf)-len(s.buf) {
-			n = cap(s.buf) - len(s.buf)
-		}
-		s.copyIntoBuf(b[:n])
-		b = b[n:]
-	}
-	return length, nil
-}
-
-// Read squeezes an arbitrary number of bytes from the sponge.
-func (s *asmState) Read(out []byte) (n int, err error) {
-	// The 'compute last message digest' instruction only stores the digest
-	// at the first operand (dst) for SHAKE functions.
-	if s.function != shake_128 && s.function != shake_256 {
-		panic("sha3: can only call Read for SHAKE functions")
-	}
-
-	n = len(out)
-
-	// need to pad if we were absorbing
-	if s.state == spongeAbsorbing {
-		s.state = spongeSqueezing
-
-		// write hash directly into out if possible
-		if len(out)%s.rate == 0 {
-			klmd(s.function, &s.a, out, s.buf) // len(out) may be 0
-			s.buf = s.buf[:0]
-			return
-		}
-
-		// write hash into buffer
-		max := cap(s.buf)
-		if max > len(out) {
-			max = (len(out)/s.rate)*s.rate + s.rate
-		}
-		klmd(s.function, &s.a, s.buf[:max], s.buf)
-		s.buf = s.buf[:max]
-	}
-
-	for len(out) > 0 {
-		// flush the buffer
-		if len(s.buf) != 0 {
-			c := copy(out, s.buf)
-			out = out[c:]
-			s.buf = s.buf[c:]
-			continue
-		}
-
-		// write hash directly into out if possible
-		if len(out)%s.rate == 0 {
-			klmd(s.function|nopad, &s.a, out, nil)
-			return
-		}
-
-		// write hash into buffer
-		s.resetBuf()
-		if cap(s.buf) > len(out) {
-			s.buf = s.buf[:(len(out)/s.rate)*s.rate+s.rate]
-		}
-		klmd(s.function|nopad, &s.a, s.buf, nil)
-	}
-	return
-}
-
-// Sum appends the current hash to b and returns the resulting slice.
-// It does not change the underlying hash state.
-func (s *asmState) Sum(b []byte) []byte {
-	if s.state != spongeAbsorbing {
-		panic("sha3: Sum after Read")
-	}
-
-	// Copy the state to preserve the original.
-	a := s.a
-
-	// Hash the buffer. Note that we don't clear it because we
-	// aren't updating the state.
-	switch s.function {
-	case sha3_224, sha3_256, sha3_384, sha3_512:
-		klmd(s.function, &a, nil, s.buf)
-		return append(b, a[:s.outputLen]...)
-	case shake_128, shake_256:
-		d := make([]byte, s.outputLen, 64)
-		klmd(s.function, &a, d, s.buf)
-		return append(b, d[:s.outputLen]...)
-	default:
-		panic("sha3: unknown function")
-	}
-}
-
-// Reset resets the Hash to its initial state.
-func (s *asmState) Reset() {
-	for i := range s.a {
-		s.a[i] = 0
-	}
-	s.resetBuf()
-	s.state = spongeAbsorbing
-}
-
-// Size returns the number of bytes Sum will return.
-func (s *asmState) Size() int {
-	return s.outputLen
-}
-
-// BlockSize returns the hash's underlying block size.
-// The Write method must be able to accept any amount
-// of data, but it may operate more efficiently if all writes
-// are a multiple of the block size.
-func (s *asmState) BlockSize() int {
-	return s.rate
-}
-
-// Clone returns a copy of the ShakeHash in its current state.
-func (s *asmState) Clone() ShakeHash {
-	return s.clone()
-}
-
-// new224 returns an assembly implementation of SHA3-224 if available,
-// otherwise it returns a generic implementation.
-func new224() hash.Hash {
-	if cpu.S390X.HasSHA3 {
-		return newAsmState(sha3_224)
-	}
-	return new224Generic()
-}
-
-// new256 returns an assembly implementation of SHA3-256 if available,
-// otherwise it returns a generic implementation.
-func new256() hash.Hash {
-	if cpu.S390X.HasSHA3 {
-		return newAsmState(sha3_256)
-	}
-	return new256Generic()
-}
-
-// new384 returns an assembly implementation of SHA3-384 if available,
-// otherwise it returns a generic implementation.
-func new384() hash.Hash {
-	if cpu.S390X.HasSHA3 {
-		return newAsmState(sha3_384)
-	}
-	return new384Generic()
-}
-
-// new512 returns an assembly implementation of SHA3-512 if available,
-// otherwise it returns a generic implementation.
-func new512() hash.Hash {
-	if cpu.S390X.HasSHA3 {
-		return newAsmState(sha3_512)
-	}
-	return new512Generic()
-}
-
-// newShake128 returns an assembly implementation of SHAKE-128 if available,
-// otherwise it returns a generic implementation.
-func newShake128() ShakeHash {
-	if cpu.S390X.HasSHA3 {
-		return newAsmState(shake_128)
-	}
-	return newShake128Generic()
-}
-
-// newShake256 returns an assembly implementation of SHAKE-256 if available,
-// otherwise it returns a generic implementation.
-func newShake256() ShakeHash {
-	if cpu.S390X.HasSHA3 {
-		return newAsmState(shake_256)
-	}
-	return newShake256Generic()
-}
diff --git a/vendor/golang.org/x/crypto/sha3/sha3_s390x.s b/vendor/golang.org/x/crypto/sha3/sha3_s390x.s
deleted file mode 100644
index 826b862c7..000000000
--- a/vendor/golang.org/x/crypto/sha3/sha3_s390x.s
+++ /dev/null
@@ -1,33 +0,0 @@
-// Copyright 2017 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build gc && !purego
-
-#include "textflag.h"
-
-// func kimd(function code, chain *[200]byte, src []byte)
-TEXT ·kimd(SB), NOFRAME|NOSPLIT, $0-40
-	MOVD function+0(FP), R0
-	MOVD chain+8(FP), R1
-	LMG  src+16(FP), R2, R3 // R2=base, R3=len
-
-continue:
-	WORD $0xB93E0002 // KIMD --, R2
-	BVS  continue    // continue if interrupted
-	MOVD $0, R0      // reset R0 for pre-go1.8 compilers
-	RET
-
-// func klmd(function code, chain *[200]byte, dst, src []byte)
-TEXT ·klmd(SB), NOFRAME|NOSPLIT, $0-64
-	// TODO: SHAKE support
-	MOVD function+0(FP), R0
-	MOVD chain+8(FP), R1
-	LMG  dst+16(FP), R2, R3 // R2=base, R3=len
-	LMG  src+40(FP), R4, R5 // R4=base, R5=len
-
-continue:
-	WORD $0xB93F0024 // KLMD R2, R4
-	BVS  continue    // continue if interrupted
-	MOVD $0, R0      // reset R0 for pre-go1.8 compilers
-	RET
diff --git a/vendor/golang.org/x/crypto/sha3/shake.go b/vendor/golang.org/x/crypto/sha3/shake.go
index a6b3a4281..6f3f70c26 100644
--- a/vendor/golang.org/x/crypto/sha3/shake.go
+++ b/vendor/golang.org/x/crypto/sha3/shake.go
@@ -4,24 +4,10 @@
 
 package sha3
 
-// This file defines the ShakeHash interface, and provides
-// functions for creating SHAKE and cSHAKE instances, as well as utility
-// functions for hashing bytes to arbitrary-length output.
-//
-//
-// SHAKE implementation is based on FIPS PUB 202 [1]
-// cSHAKE implementations is based on NIST SP 800-185 [2]
-//
-// [1] https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf
-// [2] https://doi.org/10.6028/NIST.SP.800-185
-
 import (
-	"bytes"
-	"encoding/binary"
-	"errors"
+	"crypto/sha3"
 	"hash"
 	"io"
-	"math/bits"
 )
 
 // ShakeHash defines the interface to hash functions that support
@@ -32,7 +18,7 @@ type ShakeHash interface {
 	hash.Hash
 
 	// Read reads more output from the hash; reading affects the hash's
-	// state. (ShakeHash.Read is thus very different from Hash.Sum)
+	// state. (ShakeHash.Read is thus very different from Hash.Sum.)
 	// It never returns an error, but subsequent calls to Write or Sum
 	// will panic.
 	io.Reader
@@ -41,115 +27,18 @@ type ShakeHash interface {
 	Clone() ShakeHash
 }
 
-// cSHAKE specific context
-type cshakeState struct {
-	*state // SHA-3 state context and Read/Write operations
-
-	// initBlock is the cSHAKE specific initialization set of bytes. It is initialized
-	// by newCShake function and stores concatenation of N followed by S, encoded
-	// by the method specified in 3.3 of [1].
-	// It is stored here in order for Reset() to be able to put context into
-	// initial state.
-	initBlock []byte
-}
-
-func bytepad(data []byte, rate int) []byte {
-	out := make([]byte, 0, 9+len(data)+rate-1)
-	out = append(out, leftEncode(uint64(rate))...)
-	out = append(out, data...)
-	if padlen := rate - len(out)%rate; padlen < rate {
-		out = append(out, make([]byte, padlen)...)
-	}
-	return out
-}
-
-func leftEncode(x uint64) []byte {
-	// Let n be the smallest positive integer for which 2^(8n) > x.
-	n := (bits.Len64(x) + 7) / 8
-	if n == 0 {
-		n = 1
-	}
-	// Return n || x with n as a byte and x an n bytes in big-endian order.
-	b := make([]byte, 9)
-	binary.BigEndian.PutUint64(b[1:], x)
-	b = b[9-n-1:]
-	b[0] = byte(n)
-	return b
-}
-
-func newCShake(N, S []byte, rate, outputLen int, dsbyte byte) ShakeHash {
-	c := cshakeState{state: &state{rate: rate, outputLen: outputLen, dsbyte: dsbyte}}
-	c.initBlock = make([]byte, 0, 9+len(N)+9+len(S)) // leftEncode returns max 9 bytes
-	c.initBlock = append(c.initBlock, leftEncode(uint64(len(N))*8)...)
-	c.initBlock = append(c.initBlock, N...)
-	c.initBlock = append(c.initBlock, leftEncode(uint64(len(S))*8)...)
-	c.initBlock = append(c.initBlock, S...)
-	c.Write(bytepad(c.initBlock, c.rate))
-	return &c
-}
-
-// Reset resets the hash to initial state.
-func (c *cshakeState) Reset() {
-	c.state.Reset()
-	c.Write(bytepad(c.initBlock, c.rate))
-}
-
-// Clone returns copy of a cSHAKE context within its current state.
-func (c *cshakeState) Clone() ShakeHash {
-	b := make([]byte, len(c.initBlock))
-	copy(b, c.initBlock)
-	return &cshakeState{state: c.clone(), initBlock: b}
-}
-
-// Clone returns copy of SHAKE context within its current state.
-func (c *state) Clone() ShakeHash {
-	return c.clone()
-}
-
-func (c *cshakeState) MarshalBinary() ([]byte, error) {
-	return c.AppendBinary(make([]byte, 0, marshaledSize+len(c.initBlock)))
-}
-
-func (c *cshakeState) AppendBinary(b []byte) ([]byte, error) {
-	b, err := c.state.AppendBinary(b)
-	if err != nil {
-		return nil, err
-	}
-	b = append(b, c.initBlock...)
-	return b, nil
-}
-
-func (c *cshakeState) UnmarshalBinary(b []byte) error {
-	if len(b) <= marshaledSize {
-		return errors.New("sha3: invalid hash state")
-	}
-	if err := c.state.UnmarshalBinary(b[:marshaledSize]); err != nil {
-		return err
-	}
-	c.initBlock = bytes.Clone(b[marshaledSize:])
-	return nil
-}
-
 // NewShake128 creates a new SHAKE128 variable-output-length ShakeHash.
 // Its generic security strength is 128 bits against all attacks if at
 // least 32 bytes of its output are used.
 func NewShake128() ShakeHash {
-	return newShake128()
+	return &shakeWrapper{sha3.NewSHAKE128(), 32, false, sha3.NewSHAKE128}
 }
 
 // NewShake256 creates a new SHAKE256 variable-output-length ShakeHash.
 // Its generic security strength is 256 bits against all attacks if
 // at least 64 bytes of its output are used.
 func NewShake256() ShakeHash {
-	return newShake256()
-}
-
-func newShake128Generic() *state {
-	return &state{rate: rateK256, outputLen: 32, dsbyte: dsbyteShake}
-}
-
-func newShake256Generic() *state {
-	return &state{rate: rateK512, outputLen: 64, dsbyte: dsbyteShake}
+	return &shakeWrapper{sha3.NewSHAKE256(), 64, false, sha3.NewSHAKE256}
 }
 
 // NewCShake128 creates a new instance of cSHAKE128 variable-output-length ShakeHash,
@@ -159,10 +48,9 @@ func newShake256Generic() *state {
 // computations on same input with different S yield unrelated outputs.
 // When N and S are both empty, this is equivalent to NewShake128.
 func NewCShake128(N, S []byte) ShakeHash {
-	if len(N) == 0 && len(S) == 0 {
-		return NewShake128()
-	}
-	return newCShake(N, S, rateK256, 32, dsbyteCShake)
+	return &shakeWrapper{sha3.NewCSHAKE128(N, S), 32, false, func() *sha3.SHAKE {
+		return sha3.NewCSHAKE128(N, S)
+	}}
 }
 
 // NewCShake256 creates a new instance of cSHAKE256 variable-output-length ShakeHash,
@@ -172,10 +60,9 @@ func NewCShake128(N, S []byte) ShakeHash {
 // computations on same input with different S yield unrelated outputs.
 // When N and S are both empty, this is equivalent to NewShake256.
 func NewCShake256(N, S []byte) ShakeHash {
-	if len(N) == 0 && len(S) == 0 {
-		return NewShake256()
-	}
-	return newCShake(N, S, rateK512, 64, dsbyteCShake)
+	return &shakeWrapper{sha3.NewCSHAKE256(N, S), 64, false, func() *sha3.SHAKE {
+		return sha3.NewCSHAKE256(N, S)
+	}}
 }
 
 // ShakeSum128 writes an arbitrary-length digest of data into hash.
@@ -191,3 +78,42 @@ func ShakeSum256(hash, data []byte) {
 	h.Write(data)
 	h.Read(hash)
 }
+
+// shakeWrapper adds the Size, Sum, and Clone methods to a sha3.SHAKE
+// to implement the ShakeHash interface.
+type shakeWrapper struct {
+	*sha3.SHAKE
+	outputLen int
+	squeezing bool
+	newSHAKE  func() *sha3.SHAKE
+}
+
+func (w *shakeWrapper) Read(p []byte) (n int, err error) {
+	w.squeezing = true
+	return w.SHAKE.Read(p)
+}
+
+func (w *shakeWrapper) Clone() ShakeHash {
+	s := w.newSHAKE()
+	b, err := w.MarshalBinary()
+	if err != nil {
+		panic(err) // unreachable
+	}
+	if err := s.UnmarshalBinary(b); err != nil {
+		panic(err) // unreachable
+	}
+	return &shakeWrapper{s, w.outputLen, w.squeezing, w.newSHAKE}
+}
+
+func (w *shakeWrapper) Size() int { return w.outputLen }
+
+func (w *shakeWrapper) Sum(b []byte) []byte {
+	if w.squeezing {
+		panic("sha3: Sum after Read")
+	}
+	out := make([]byte, w.outputLen)
+	// Clone the state so that we don't affect future Write calls.
+	s := w.Clone()
+	s.Read(out)
+	return append(b, out...)
+}
diff --git a/vendor/golang.org/x/crypto/sha3/shake_noasm.go b/vendor/golang.org/x/crypto/sha3/shake_noasm.go
deleted file mode 100644
index 4276ba4ab..000000000
--- a/vendor/golang.org/x/crypto/sha3/shake_noasm.go
+++ /dev/null
@@ -1,15 +0,0 @@
-// Copyright 2023 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build !gc || purego || !s390x
-
-package sha3
-
-func newShake128() *state {
-	return newShake128Generic()
-}
-
-func newShake256() *state {
-	return newShake256Generic()
-}
diff --git a/vendor/golang.org/x/crypto/ssh/agent/client.go b/vendor/golang.org/x/crypto/ssh/agent/client.go
index 37525e1a1..b357e18b0 100644
--- a/vendor/golang.org/x/crypto/ssh/agent/client.go
+++ b/vendor/golang.org/x/crypto/ssh/agent/client.go
@@ -430,8 +430,9 @@ func (c *client) List() ([]*Key, error) {
 		return keys, nil
 	case *failureAgentMsg:
 		return nil, errors.New("agent: failed to list keys")
+	default:
+		return nil, fmt.Errorf("agent: failed to list keys, unexpected message type %T", msg)
 	}
-	panic("unreachable")
 }
 
 // Sign has the agent sign the data using a protocol 2 key as defined
@@ -462,8 +463,9 @@ func (c *client) SignWithFlags(key ssh.PublicKey, data []byte, flags SignatureFl
 		return &sig, nil
 	case *failureAgentMsg:
 		return nil, errors.New("agent: failed to sign challenge")
+	default:
+		return nil, fmt.Errorf("agent: failed to sign challenge, unexpected message type %T", msg)
 	}
-	panic("unreachable")
 }
 
 // unmarshal parses an agent message in packet, returning the parsed
diff --git a/vendor/golang.org/x/crypto/ssh/agent/keyring.go b/vendor/golang.org/x/crypto/ssh/agent/keyring.go
index c1b436108..d12987551 100644
--- a/vendor/golang.org/x/crypto/ssh/agent/keyring.go
+++ b/vendor/golang.org/x/crypto/ssh/agent/keyring.go
@@ -112,7 +112,7 @@ func (r *keyring) Unlock(passphrase []byte) error {
 }
 
 // expireKeysLocked removes expired keys from the keyring. If a key was added
-// with a lifetimesecs contraint and seconds >= lifetimesecs seconds have
+// with a lifetimesecs constraint and seconds >= lifetimesecs seconds have
 // elapsed, it is removed. The caller *must* be holding the keyring mutex.
 func (r *keyring) expireKeysLocked() {
 	for _, k := range r.keys {
diff --git a/vendor/golang.org/x/crypto/ssh/agent/server.go b/vendor/golang.org/x/crypto/ssh/agent/server.go
index 88ce4da6c..4e8ff86b6 100644
--- a/vendor/golang.org/x/crypto/ssh/agent/server.go
+++ b/vendor/golang.org/x/crypto/ssh/agent/server.go
@@ -203,6 +203,9 @@ func parseConstraints(constraints []byte) (lifetimeSecs uint32, confirmBeforeUse
 	for len(constraints) != 0 {
 		switch constraints[0] {
 		case agentConstrainLifetime:
+			if len(constraints) < 5 {
+				return 0, false, nil, io.ErrUnexpectedEOF
+			}
 			lifetimeSecs = binary.BigEndian.Uint32(constraints[1:5])
 			constraints = constraints[5:]
 		case agentConstrainConfirm:
diff --git a/vendor/golang.org/x/crypto/ssh/cipher.go b/vendor/golang.org/x/crypto/ssh/cipher.go
index 6a5b582aa..7554ed57a 100644
--- a/vendor/golang.org/x/crypto/ssh/cipher.go
+++ b/vendor/golang.org/x/crypto/ssh/cipher.go
@@ -8,6 +8,7 @@ import (
 	"crypto/aes"
 	"crypto/cipher"
 	"crypto/des"
+	"crypto/fips140"
 	"crypto/rc4"
 	"crypto/subtle"
 	"encoding/binary"
@@ -15,6 +16,7 @@ import (
 	"fmt"
 	"hash"
 	"io"
+	"slices"
 
 	"golang.org/x/crypto/chacha20"
 	"golang.org/x/crypto/internal/poly1305"
@@ -93,41 +95,41 @@ func streamCipherMode(skip int, createFunc func(key, iv []byte) (cipher.Stream,
 }
 
 // cipherModes documents properties of supported ciphers. Ciphers not included
-// are not supported and will not be negotiated, even if explicitly requested in
-// ClientConfig.Crypto.Ciphers.
-var cipherModes = map[string]*cipherMode{
-	// Ciphers from RFC 4344, which introduced many CTR-based ciphers. Algorithms
-	// are defined in the order specified in the RFC.
-	CipherAES128CTR: {16, aes.BlockSize, streamCipherMode(0, newAESCTR)},
-	CipherAES192CTR: {24, aes.BlockSize, streamCipherMode(0, newAESCTR)},
-	CipherAES256CTR: {32, aes.BlockSize, streamCipherMode(0, newAESCTR)},
-
-	// Ciphers from RFC 4345, which introduces security-improved arcfour ciphers.
-	// They are defined in the order specified in the RFC.
-	InsecureCipherRC4128: {16, 0, streamCipherMode(1536, newRC4)},
-	InsecureCipherRC4256: {32, 0, streamCipherMode(1536, newRC4)},
-
-	// Cipher defined in RFC 4253, which describes SSH Transport Layer Protocol.
-	// Note that this cipher is not safe, as stated in RFC 4253: "Arcfour (and
-	// RC4) has problems with weak keys, and should be used with caution."
-	// RFC 4345 introduces improved versions of Arcfour.
-	InsecureCipherRC4: {16, 0, streamCipherMode(0, newRC4)},
-
-	// AEAD ciphers
-	CipherAES128GCM:        {16, 12, newGCMCipher},
-	CipherAES256GCM:        {32, 12, newGCMCipher},
-	CipherChaCha20Poly1305: {64, 0, newChaCha20Cipher},
-
+// are not supported and will not be negotiated, even if explicitly configured.
+// When FIPS mode is enabled, only FIPS-approved algorithms are included.
+var cipherModes = map[string]*cipherMode{}
+
+func init() {
+	cipherModes[CipherAES128CTR] = &cipherMode{16, aes.BlockSize, streamCipherMode(0, newAESCTR)}
+	cipherModes[CipherAES192CTR] = &cipherMode{24, aes.BlockSize, streamCipherMode(0, newAESCTR)}
+	cipherModes[CipherAES256CTR] = &cipherMode{32, aes.BlockSize, streamCipherMode(0, newAESCTR)}
+	//  Use of GCM with arbitrary IVs is not allowed in FIPS 140-only mode,
+	// we'll wire it up to NewGCMForSSH in Go 1.26.
+	//
+	// For now it means we'll work with fips140=on but not fips140=only.
+	cipherModes[CipherAES128GCM] = &cipherMode{16, 12, newGCMCipher}
+	cipherModes[CipherAES256GCM] = &cipherMode{32, 12, newGCMCipher}
+
+	if fips140.Enabled() {
+		defaultCiphers = slices.DeleteFunc(defaultCiphers, func(algo string) bool {
+			_, ok := cipherModes[algo]
+			return !ok
+		})
+		return
+	}
+
+	cipherModes[CipherChaCha20Poly1305] = &cipherMode{64, 0, newChaCha20Cipher}
+	// Insecure ciphers not included in the default configuration.
+	cipherModes[InsecureCipherRC4128] = &cipherMode{16, 0, streamCipherMode(1536, newRC4)}
+	cipherModes[InsecureCipherRC4256] = &cipherMode{32, 0, streamCipherMode(1536, newRC4)}
+	cipherModes[InsecureCipherRC4] = &cipherMode{16, 0, streamCipherMode(0, newRC4)}
 	// CBC mode is insecure and so is not included in the default config.
 	// (See https://www.ieee-security.org/TC/SP2013/papers/4977a526.pdf). If absolutely
 	// needed, it's possible to specify a custom Config to enable it.
 	// You should expect that an active attacker can recover plaintext if
 	// you do.
-	InsecureCipherAES128CBC: {16, aes.BlockSize, newAESCBCCipher},
-
-	// 3des-cbc is insecure and is not included in the default
-	// config.
-	InsecureCipherTripleDESCBC: {24, des.BlockSize, newTripleDESCBCCipher},
+	cipherModes[InsecureCipherAES128CBC] = &cipherMode{16, aes.BlockSize, newAESCBCCipher}
+	cipherModes[InsecureCipherTripleDESCBC] = &cipherMode{24, des.BlockSize, newTripleDESCBCCipher}
 }
 
 // prefixLen is the length of the packet prefix that contains the packet length
diff --git a/vendor/golang.org/x/crypto/ssh/client_auth.go b/vendor/golang.org/x/crypto/ssh/client_auth.go
index c12818fdc..3127e4990 100644
--- a/vendor/golang.org/x/crypto/ssh/client_auth.go
+++ b/vendor/golang.org/x/crypto/ssh/client_auth.go
@@ -9,6 +9,7 @@ import (
 	"errors"
 	"fmt"
 	"io"
+	"slices"
 	"strings"
 )
 
@@ -83,7 +84,7 @@ func (c *connection) clientAuthenticate(config *ClientConfig) error {
 			// success
 			return nil
 		} else if ok == authFailure {
-			if m := auth.method(); !contains(tried, m) {
+			if m := auth.method(); !slices.Contains(tried, m) {
 				tried = append(tried, m)
 			}
 		}
@@ -97,7 +98,7 @@ func (c *connection) clientAuthenticate(config *ClientConfig) error {
 	findNext:
 		for _, a := range config.Auth {
 			candidateMethod := a.method()
-			if contains(tried, candidateMethod) {
+			if slices.Contains(tried, candidateMethod) {
 				continue
 			}
 			for _, meth := range methods {
@@ -117,15 +118,6 @@ func (c *connection) clientAuthenticate(config *ClientConfig) error {
 	return fmt.Errorf("ssh: unable to authenticate, attempted methods %v, no supported methods remain", tried)
 }
 
-func contains(list []string, e string) bool {
-	for _, s := range list {
-		if s == e {
-			return true
-		}
-	}
-	return false
-}
-
 // An AuthMethod represents an instance of an RFC 4252 authentication method.
 type AuthMethod interface {
 	// auth authenticates user over transport t.
@@ -255,7 +247,7 @@ func pickSignatureAlgorithm(signer Signer, extensions map[string][]byte) (MultiA
 		// Fallback to use if there is no "server-sig-algs" extension or a
 		// common algorithm cannot be found. We use the public key format if the
 		// MultiAlgorithmSigner supports it, otherwise we return an error.
-		if !contains(as.Algorithms(), underlyingAlgo(keyFormat)) {
+		if !slices.Contains(as.Algorithms(), underlyingAlgo(keyFormat)) {
 			return "", fmt.Errorf("ssh: no common public key signature algorithm, server only supports %q for key type %q, signer only supports %v",
 				underlyingAlgo(keyFormat), keyFormat, as.Algorithms())
 		}
@@ -284,7 +276,7 @@ func pickSignatureAlgorithm(signer Signer, extensions map[string][]byte) (MultiA
 	// Filter algorithms based on those supported by MultiAlgorithmSigner.
 	var keyAlgos []string
 	for _, algo := range algorithmsForKeyFormat(keyFormat) {
-		if contains(as.Algorithms(), underlyingAlgo(algo)) {
+		if slices.Contains(as.Algorithms(), underlyingAlgo(algo)) {
 			keyAlgos = append(keyAlgos, algo)
 		}
 	}
@@ -334,7 +326,7 @@ func (cb publicKeyCallback) auth(session []byte, user string, c packetConn, rand
 		// the key try to use the obtained algorithm as if "server-sig-algs" had
 		// not been implemented if supported from the algorithm signer.
 		if !ok && idx < origSignersLen && isRSACert(algo) && algo != CertAlgoRSAv01 {
-			if contains(as.Algorithms(), KeyAlgoRSA) {
+			if slices.Contains(as.Algorithms(), KeyAlgoRSA) {
 				// We retry using the compat algorithm after all signers have
 				// been tried normally.
 				signers = append(signers, &multiAlgorithmSigner{
@@ -385,7 +377,7 @@ func (cb publicKeyCallback) auth(session []byte, user string, c packetConn, rand
 		// contain the "publickey" method, do not attempt to authenticate with any
 		// other keys.  According to RFC 4252 Section 7, the latter can occur when
 		// additional authentication methods are required.
-		if success == authSuccess || !contains(methods, cb.method()) {
+		if success == authSuccess || !slices.Contains(methods, cb.method()) {
 			return success, methods, err
 		}
 	}
@@ -434,7 +426,7 @@ func confirmKeyAck(key PublicKey, c packetConn) (bool, error) {
 			// servers send the key type instead. OpenSSH allows any algorithm
 			// that matches the public key, so we do the same.
 			// https://github.com/openssh/openssh-portable/blob/86bdd385/sshconnect2.c#L709
-			if !contains(algorithmsForKeyFormat(key.Type()), msg.Algo) {
+			if !slices.Contains(algorithmsForKeyFormat(key.Type()), msg.Algo) {
 				return false, nil
 			}
 			if !bytes.Equal(msg.PubKey, pubKey) {
diff --git a/vendor/golang.org/x/crypto/ssh/common.go b/vendor/golang.org/x/crypto/ssh/common.go
index 8bfad16c4..2e44e9c9e 100644
--- a/vendor/golang.org/x/crypto/ssh/common.go
+++ b/vendor/golang.org/x/crypto/ssh/common.go
@@ -6,6 +6,7 @@ package ssh
 
 import (
 	"crypto"
+	"crypto/fips140"
 	"crypto/rand"
 	"fmt"
 	"io"
@@ -256,6 +257,40 @@ type Algorithms struct {
 	PublicKeyAuths []string
 }
 
+func init() {
+	if fips140.Enabled() {
+		defaultHostKeyAlgos = slices.DeleteFunc(defaultHostKeyAlgos, func(algo string) bool {
+			_, err := hashFunc(underlyingAlgo(algo))
+			return err != nil
+		})
+		defaultPubKeyAuthAlgos = slices.DeleteFunc(defaultPubKeyAuthAlgos, func(algo string) bool {
+			_, err := hashFunc(underlyingAlgo(algo))
+			return err != nil
+		})
+	}
+}
+
+func hashFunc(format string) (crypto.Hash, error) {
+	switch format {
+	case KeyAlgoRSASHA256, KeyAlgoECDSA256, KeyAlgoSKED25519, KeyAlgoSKECDSA256:
+		return crypto.SHA256, nil
+	case KeyAlgoECDSA384:
+		return crypto.SHA384, nil
+	case KeyAlgoRSASHA512, KeyAlgoECDSA521:
+		return crypto.SHA512, nil
+	case KeyAlgoED25519:
+		// KeyAlgoED25519 doesn't pre-hash.
+		return 0, nil
+	case KeyAlgoRSA, InsecureKeyAlgoDSA:
+		if fips140.Enabled() {
+			return 0, fmt.Errorf("ssh: hash algorithm for format %q not allowed in FIPS 140 mode", format)
+		}
+		return crypto.SHA1, nil
+	default:
+		return 0, fmt.Errorf("ssh: hash algorithm for format %q not mapped", format)
+	}
+}
+
 // SupportedAlgorithms returns algorithms currently implemented by this package,
 // excluding those with security issues, which are returned by
 // InsecureAlgorithms. The algorithms listed here are in preference order.
@@ -283,21 +318,6 @@ func InsecureAlgorithms() Algorithms {
 
 var supportedCompressions = []string{compressionNone}
 
-// hashFuncs keeps the mapping of supported signature algorithms to their
-// respective hashes needed for signing and verification.
-var hashFuncs = map[string]crypto.Hash{
-	KeyAlgoRSA:         crypto.SHA1,
-	KeyAlgoRSASHA256:   crypto.SHA256,
-	KeyAlgoRSASHA512:   crypto.SHA512,
-	InsecureKeyAlgoDSA: crypto.SHA1,
-	KeyAlgoECDSA256:    crypto.SHA256,
-	KeyAlgoECDSA384:    crypto.SHA384,
-	KeyAlgoECDSA521:    crypto.SHA512,
-	// KeyAlgoED25519 doesn't pre-hash.
-	KeyAlgoSKECDSA256: crypto.SHA256,
-	KeyAlgoSKED25519:  crypto.SHA256,
-}
-
 // algorithmsForKeyFormat returns the supported signature algorithms for a given
 // public key format (PublicKey.Type), in order of preference. See RFC 8332,
 // Section 2. See also the note in sendKexInit on backwards compatibility.
@@ -312,11 +332,40 @@ func algorithmsForKeyFormat(keyFormat string) []string {
 	}
 }
 
+// keyFormatForAlgorithm returns the key format corresponding to the given
+// signature algorithm. It returns an empty string if the signature algorithm is
+// invalid or unsupported.
+func keyFormatForAlgorithm(sigAlgo string) string {
+	switch sigAlgo {
+	case KeyAlgoRSA, KeyAlgoRSASHA256, KeyAlgoRSASHA512:
+		return KeyAlgoRSA
+	case CertAlgoRSAv01, CertAlgoRSASHA256v01, CertAlgoRSASHA512v01:
+		return CertAlgoRSAv01
+	case KeyAlgoED25519,
+		KeyAlgoSKED25519,
+		KeyAlgoSKECDSA256,
+		KeyAlgoECDSA256,
+		KeyAlgoECDSA384,
+		KeyAlgoECDSA521,
+		InsecureKeyAlgoDSA,
+		InsecureCertAlgoDSAv01,
+		CertAlgoECDSA256v01,
+		CertAlgoECDSA384v01,
+		CertAlgoECDSA521v01,
+		CertAlgoSKECDSA256v01,
+		CertAlgoED25519v01,
+		CertAlgoSKED25519v01:
+		return sigAlgo
+	default:
+		return ""
+	}
+}
+
 // isRSA returns whether algo is a supported RSA algorithm, including certificate
 // algorithms.
 func isRSA(algo string) bool {
 	algos := algorithmsForKeyFormat(KeyAlgoRSA)
-	return contains(algos, underlyingAlgo(algo))
+	return slices.Contains(algos, underlyingAlgo(algo))
 }
 
 func isRSACert(algo string) bool {
@@ -515,7 +564,7 @@ func (c *Config) SetDefaults() {
 		if kexAlgoMap[k] != nil {
 			// Ignore the KEX if we have no kexAlgoMap definition.
 			kexs = append(kexs, k)
-			if k == KeyExchangeCurve25519 && !contains(c.KeyExchanges, keyExchangeCurve25519LibSSH) {
+			if k == KeyExchangeCurve25519 && !slices.Contains(c.KeyExchanges, keyExchangeCurve25519LibSSH) {
 				kexs = append(kexs, keyExchangeCurve25519LibSSH)
 			}
 		}
diff --git a/vendor/golang.org/x/crypto/ssh/doc.go b/vendor/golang.org/x/crypto/ssh/doc.go
index 04ccce346..5b4de9eff 100644
--- a/vendor/golang.org/x/crypto/ssh/doc.go
+++ b/vendor/golang.org/x/crypto/ssh/doc.go
@@ -17,8 +17,18 @@ References:
 	[PROTOCOL.certkeys]: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.certkeys?rev=HEAD
 	[SSH-PARAMETERS]:    http://www.iana.org/assignments/ssh-parameters/ssh-parameters.xml#ssh-parameters-1
 	[SSH-CERTS]:	https://datatracker.ietf.org/doc/html/draft-miller-ssh-cert-01
+	[FIPS 140-3 mode]: https://go.dev/doc/security/fips140
 
 This package does not fall under the stability promise of the Go language itself,
 so its API may be changed when pressing needs arise.
+
+# FIPS 140-3 mode
+
+When the program is in [FIPS 140-3 mode], this package behaves as if only SP
+800-140C and SP 800-140D approved cipher suites, signature algorithms,
+certificate public key types and sizes, and key exchange and derivation
+algorithms were implemented. Others are silently ignored and not negotiated, or
+rejected. This set may depend on the algorithms supported by the FIPS 140-3 Go
+Cryptographic Module selected with GOFIPS140, and may change across Go versions.
 */
 package ssh
diff --git a/vendor/golang.org/x/crypto/ssh/handshake.go b/vendor/golang.org/x/crypto/ssh/handshake.go
index a90bfe331..4be3cbb6d 100644
--- a/vendor/golang.org/x/crypto/ssh/handshake.go
+++ b/vendor/golang.org/x/crypto/ssh/handshake.go
@@ -10,6 +10,7 @@ import (
 	"io"
 	"log"
 	"net"
+	"slices"
 	"strings"
 	"sync"
 )
@@ -527,7 +528,7 @@ func (t *handshakeTransport) sendKexInit() error {
 			switch s := k.(type) {
 			case MultiAlgorithmSigner:
 				for _, algo := range algorithmsForKeyFormat(keyFormat) {
-					if contains(s.Algorithms(), underlyingAlgo(algo)) {
+					if slices.Contains(s.Algorithms(), underlyingAlgo(algo)) {
 						msg.ServerHostKeyAlgos = append(msg.ServerHostKeyAlgos, algo)
 					}
 				}
@@ -679,7 +680,7 @@ func (t *handshakeTransport) enterKeyExchange(otherInitPacket []byte) error {
 		return err
 	}
 
-	if t.sessionID == nil && ((isClient && contains(serverInit.KexAlgos, kexStrictServer)) || (!isClient && contains(clientInit.KexAlgos, kexStrictClient))) {
+	if t.sessionID == nil && ((isClient && slices.Contains(serverInit.KexAlgos, kexStrictServer)) || (!isClient && slices.Contains(clientInit.KexAlgos, kexStrictClient))) {
 		t.strictMode = true
 		if err := t.conn.setStrictMode(); err != nil {
 			return err
@@ -736,7 +737,7 @@ func (t *handshakeTransport) enterKeyExchange(otherInitPacket []byte) error {
 	// On the server side, after the first SSH_MSG_NEWKEYS, send a SSH_MSG_EXT_INFO
 	// message with the server-sig-algs extension if the client supports it. See
 	// RFC 8308, Sections 2.4 and 3.1, and [PROTOCOL], Section 1.9.
-	if !isClient && firstKeyExchange && contains(clientInit.KexAlgos, "ext-info-c") {
+	if !isClient && firstKeyExchange && slices.Contains(clientInit.KexAlgos, "ext-info-c") {
 		supportedPubKeyAuthAlgosList := strings.Join(t.publicKeyAuthAlgorithms, ",")
 		extInfo := &extInfoMsg{
 			NumExtensions: 2,
@@ -790,7 +791,7 @@ func (a algorithmSignerWrapper) SignWithAlgorithm(rand io.Reader, data []byte, a
 func pickHostKey(hostKeys []Signer, algo string) AlgorithmSigner {
 	for _, k := range hostKeys {
 		if s, ok := k.(MultiAlgorithmSigner); ok {
-			if !contains(s.Algorithms(), underlyingAlgo(algo)) {
+			if !slices.Contains(s.Algorithms(), underlyingAlgo(algo)) {
 				continue
 			}
 		}
diff --git a/vendor/golang.org/x/crypto/ssh/kex.go b/vendor/golang.org/x/crypto/ssh/kex.go
index 78aaf0310..5f7fdd851 100644
--- a/vendor/golang.org/x/crypto/ssh/kex.go
+++ b/vendor/golang.org/x/crypto/ssh/kex.go
@@ -8,12 +8,14 @@ import (
 	"crypto"
 	"crypto/ecdsa"
 	"crypto/elliptic"
+	"crypto/fips140"
 	"crypto/rand"
 	"encoding/binary"
 	"errors"
 	"fmt"
 	"io"
 	"math/big"
+	"slices"
 
 	"golang.org/x/crypto/curve25519"
 )
@@ -395,9 +397,27 @@ func ecHash(curve elliptic.Curve) crypto.Hash {
 	return crypto.SHA512
 }
 
+// kexAlgoMap defines the supported KEXs. KEXs not included are not supported
+// and will not be negotiated, even if explicitly configured. When FIPS mode is
+// enabled, only FIPS-approved algorithms are included.
 var kexAlgoMap = map[string]kexAlgorithm{}
 
 func init() {
+	// mlkem768x25519-sha256 we'll work with fips140=on but not fips140=only
+	// until Go 1.26.
+	kexAlgoMap[KeyExchangeMLKEM768X25519] = &mlkem768WithCurve25519sha256{}
+	kexAlgoMap[KeyExchangeECDHP521] = &ecdh{elliptic.P521()}
+	kexAlgoMap[KeyExchangeECDHP384] = &ecdh{elliptic.P384()}
+	kexAlgoMap[KeyExchangeECDHP256] = &ecdh{elliptic.P256()}
+
+	if fips140.Enabled() {
+		defaultKexAlgos = slices.DeleteFunc(defaultKexAlgos, func(algo string) bool {
+			_, ok := kexAlgoMap[algo]
+			return !ok
+		})
+		return
+	}
+
 	p, _ := new(big.Int).SetString(oakleyGroup2, 16)
 	kexAlgoMap[InsecureKeyExchangeDH1SHA1] = &dhGroup{
 		g:        new(big.Int).SetInt64(2),
@@ -431,14 +451,10 @@ func init() {
 		hashFunc: crypto.SHA512,
 	}
 
-	kexAlgoMap[KeyExchangeECDHP521] = &ecdh{elliptic.P521()}
-	kexAlgoMap[KeyExchangeECDHP384] = &ecdh{elliptic.P384()}
-	kexAlgoMap[KeyExchangeECDHP256] = &ecdh{elliptic.P256()}
 	kexAlgoMap[KeyExchangeCurve25519] = &curve25519sha256{}
 	kexAlgoMap[keyExchangeCurve25519LibSSH] = &curve25519sha256{}
 	kexAlgoMap[InsecureKeyExchangeDHGEXSHA1] = &dhGEXSHA{hashFunc: crypto.SHA1}
 	kexAlgoMap[KeyExchangeDHGEXSHA256] = &dhGEXSHA{hashFunc: crypto.SHA256}
-	kexAlgoMap[KeyExchangeMLKEM768X25519] = &mlkem768WithCurve25519sha256{}
 }
 
 // curve25519sha256 implements the curve25519-sha256 (formerly known as
diff --git a/vendor/golang.org/x/crypto/ssh/keys.go b/vendor/golang.org/x/crypto/ssh/keys.go
index a28c0de50..47a07539d 100644
--- a/vendor/golang.org/x/crypto/ssh/keys.go
+++ b/vendor/golang.org/x/crypto/ssh/keys.go
@@ -27,6 +27,7 @@ import (
 	"fmt"
 	"io"
 	"math/big"
+	"slices"
 	"strings"
 
 	"golang.org/x/crypto/ssh/internal/bcrypt_pbkdf"
@@ -89,6 +90,11 @@ func parsePubKey(in []byte, algo string) (pubKey PublicKey, rest []byte, err err
 		}
 		return cert, nil, nil
 	}
+	if keyFormat := keyFormatForAlgorithm(algo); keyFormat != "" {
+		return nil, nil, fmt.Errorf("ssh: signature algorithm %q isn't a key format; key is malformed and should be re-encoded with type %q",
+			algo, keyFormat)
+	}
+
 	return nil, nil, fmt.Errorf("ssh: unknown key algorithm: %v", algo)
 }
 
@@ -191,9 +197,10 @@ func ParseKnownHosts(in []byte) (marker string, hosts []string, pubKey PublicKey
 	return "", nil, nil, "", nil, io.EOF
 }
 
-// ParseAuthorizedKey parses a public key from an authorized_keys
-// file used in OpenSSH according to the sshd(8) manual page.
+// ParseAuthorizedKey parses a public key from an authorized_keys file used in
+// OpenSSH according to the sshd(8) manual page. Invalid lines are ignored.
 func ParseAuthorizedKey(in []byte) (out PublicKey, comment string, options []string, rest []byte, err error) {
+	var lastErr error
 	for len(in) > 0 {
 		end := bytes.IndexByte(in, '\n')
 		if end != -1 {
@@ -222,6 +229,8 @@ func ParseAuthorizedKey(in []byte) (out PublicKey, comment string, options []str
 
 		if out, comment, err = parseAuthorizedKey(in[i:]); err == nil {
 			return out, comment, options, rest, nil
+		} else {
+			lastErr = err
 		}
 
 		// No key type recognised. Maybe there's an options field at
@@ -264,12 +273,18 @@ func ParseAuthorizedKey(in []byte) (out PublicKey, comment string, options []str
 		if out, comment, err = parseAuthorizedKey(in[i:]); err == nil {
 			options = candidateOptions
 			return out, comment, options, rest, nil
+		} else {
+			lastErr = err
 		}
 
 		in = rest
 		continue
 	}
 
+	if lastErr != nil {
+		return nil, "", nil, nil, fmt.Errorf("ssh: no key found; last parsing error for ignored line: %w", lastErr)
+	}
+
 	return nil, "", nil, nil, errors.New("ssh: no key found")
 }
 
@@ -395,11 +410,11 @@ func NewSignerWithAlgorithms(signer AlgorithmSigner, algorithms []string) (Multi
 	}
 
 	for _, algo := range algorithms {
-		if !contains(supportedAlgos, algo) {
+		if !slices.Contains(supportedAlgos, algo) {
 			return nil, fmt.Errorf("ssh: algorithm %q is not supported for key type %q",
 				algo, signer.PublicKey().Type())
 		}
-		if !contains(signerAlgos, algo) {
+		if !slices.Contains(signerAlgos, algo) {
 			return nil, fmt.Errorf("ssh: algorithm %q is restricted for the provided signer", algo)
 		}
 	}
@@ -486,10 +501,13 @@ func (r *rsaPublicKey) Marshal() []byte {
 
 func (r *rsaPublicKey) Verify(data []byte, sig *Signature) error {
 	supportedAlgos := algorithmsForKeyFormat(r.Type())
-	if !contains(supportedAlgos, sig.Format) {
+	if !slices.Contains(supportedAlgos, sig.Format) {
 		return fmt.Errorf("ssh: signature type %s for key type %s", sig.Format, r.Type())
 	}
-	hash := hashFuncs[sig.Format]
+	hash, err := hashFunc(sig.Format)
+	if err != nil {
+		return err
+	}
 	h := hash.New()
 	h.Write(data)
 	digest := h.Sum(nil)
@@ -606,7 +624,11 @@ func (k *dsaPublicKey) Verify(data []byte, sig *Signature) error {
 	if sig.Format != k.Type() {
 		return fmt.Errorf("ssh: signature type %s for key type %s", sig.Format, k.Type())
 	}
-	h := hashFuncs[sig.Format].New()
+	hash, err := hashFunc(sig.Format)
+	if err != nil {
+		return err
+	}
+	h := hash.New()
 	h.Write(data)
 	digest := h.Sum(nil)
 
@@ -651,7 +673,11 @@ func (k *dsaPrivateKey) SignWithAlgorithm(rand io.Reader, data []byte, algorithm
 		return nil, fmt.Errorf("ssh: unsupported signature algorithm %s", algorithm)
 	}
 
-	h := hashFuncs[k.PublicKey().Type()].New()
+	hash, err := hashFunc(k.PublicKey().Type())
+	if err != nil {
+		return nil, err
+	}
+	h := hash.New()
 	h.Write(data)
 	digest := h.Sum(nil)
 	r, s, err := dsa.Sign(rand, k.PrivateKey, digest)
@@ -801,8 +827,11 @@ func (k *ecdsaPublicKey) Verify(data []byte, sig *Signature) error {
 	if sig.Format != k.Type() {
 		return fmt.Errorf("ssh: signature type %s for key type %s", sig.Format, k.Type())
 	}
-
-	h := hashFuncs[sig.Format].New()
+	hash, err := hashFunc(sig.Format)
+	if err != nil {
+		return err
+	}
+	h := hash.New()
 	h.Write(data)
 	digest := h.Sum(nil)
 
@@ -905,8 +934,11 @@ func (k *skECDSAPublicKey) Verify(data []byte, sig *Signature) error {
 	if sig.Format != k.Type() {
 		return fmt.Errorf("ssh: signature type %s for key type %s", sig.Format, k.Type())
 	}
-
-	h := hashFuncs[sig.Format].New()
+	hash, err := hashFunc(sig.Format)
+	if err != nil {
+		return err
+	}
+	h := hash.New()
 	h.Write([]byte(k.application))
 	appDigest := h.Sum(nil)
 
@@ -1009,7 +1041,11 @@ func (k *skEd25519PublicKey) Verify(data []byte, sig *Signature) error {
 		return fmt.Errorf("invalid size %d for Ed25519 public key", l)
 	}
 
-	h := hashFuncs[sig.Format].New()
+	hash, err := hashFunc(sig.Format)
+	if err != nil {
+		return err
+	}
+	h := hash.New()
 	h.Write([]byte(k.application))
 	appDigest := h.Sum(nil)
 
@@ -1112,11 +1148,14 @@ func (s *wrappedSigner) SignWithAlgorithm(rand io.Reader, data []byte, algorithm
 		algorithm = s.pubKey.Type()
 	}
 
-	if !contains(s.Algorithms(), algorithm) {
+	if !slices.Contains(s.Algorithms(), algorithm) {
 		return nil, fmt.Errorf("ssh: unsupported signature algorithm %q for key format %q", algorithm, s.pubKey.Type())
 	}
 
-	hashFunc := hashFuncs[algorithm]
+	hashFunc, err := hashFunc(algorithm)
+	if err != nil {
+		return nil, err
+	}
 	var digest []byte
 	if hashFunc != 0 {
 		h := hashFunc.New()
@@ -1451,6 +1490,7 @@ type openSSHEncryptedPrivateKey struct {
 	NumKeys      uint32
 	PubKey       []byte
 	PrivKeyBlock []byte
+	Rest         []byte `ssh:"rest"`
 }
 
 type openSSHPrivateKey struct {
diff --git a/vendor/golang.org/x/crypto/ssh/mac.go b/vendor/golang.org/x/crypto/ssh/mac.go
index de2639d57..87d626fbb 100644
--- a/vendor/golang.org/x/crypto/ssh/mac.go
+++ b/vendor/golang.org/x/crypto/ssh/mac.go
@@ -7,11 +7,13 @@ package ssh
 // Message authentication support
 
 import (
+	"crypto/fips140"
 	"crypto/hmac"
 	"crypto/sha1"
 	"crypto/sha256"
 	"crypto/sha512"
 	"hash"
+	"slices"
 )
 
 type macMode struct {
@@ -46,23 +48,37 @@ func (t truncatingMAC) Size() int {
 
 func (t truncatingMAC) BlockSize() int { return t.hmac.BlockSize() }
 
-var macModes = map[string]*macMode{
-	HMACSHA512ETM: {64, true, func(key []byte) hash.Hash {
+// macModes defines the supported MACs. MACs not included are not supported
+// and will not be negotiated, even if explicitly configured. When FIPS mode is
+// enabled, only FIPS-approved algorithms are included.
+var macModes = map[string]*macMode{}
+
+func init() {
+	macModes[HMACSHA512ETM] = &macMode{64, true, func(key []byte) hash.Hash {
 		return hmac.New(sha512.New, key)
-	}},
-	HMACSHA256ETM: {32, true, func(key []byte) hash.Hash {
+	}}
+	macModes[HMACSHA256ETM] = &macMode{32, true, func(key []byte) hash.Hash {
 		return hmac.New(sha256.New, key)
-	}},
-	HMACSHA512: {64, false, func(key []byte) hash.Hash {
+	}}
+	macModes[HMACSHA512] = &macMode{64, false, func(key []byte) hash.Hash {
 		return hmac.New(sha512.New, key)
-	}},
-	HMACSHA256: {32, false, func(key []byte) hash.Hash {
+	}}
+	macModes[HMACSHA256] = &macMode{32, false, func(key []byte) hash.Hash {
 		return hmac.New(sha256.New, key)
-	}},
-	HMACSHA1: {20, false, func(key []byte) hash.Hash {
+	}}
+
+	if fips140.Enabled() {
+		defaultMACs = slices.DeleteFunc(defaultMACs, func(algo string) bool {
+			_, ok := macModes[algo]
+			return !ok
+		})
+		return
+	}
+
+	macModes[HMACSHA1] = &macMode{20, false, func(key []byte) hash.Hash {
 		return hmac.New(sha1.New, key)
-	}},
-	InsecureHMACSHA196: {20, false, func(key []byte) hash.Hash {
+	}}
+	macModes[InsecureHMACSHA196] = &macMode{20, false, func(key []byte) hash.Hash {
 		return truncatingMAC{12, hmac.New(sha1.New, key)}
-	}},
+	}}
 }
diff --git a/vendor/golang.org/x/crypto/ssh/messages.go b/vendor/golang.org/x/crypto/ssh/messages.go
index 251b9d06a..ab22c3d38 100644
--- a/vendor/golang.org/x/crypto/ssh/messages.go
+++ b/vendor/golang.org/x/crypto/ssh/messages.go
@@ -792,7 +792,7 @@ func marshalString(to []byte, s []byte) []byte {
 	return to[len(s):]
 }
 
-var bigIntType = reflect.TypeOf((*big.Int)(nil))
+var bigIntType = reflect.TypeFor[*big.Int]()
 
 // Decode a packet into its corresponding message.
 func decode(packet []byte) (interface{}, error) {
diff --git a/vendor/golang.org/x/crypto/ssh/server.go b/vendor/golang.org/x/crypto/ssh/server.go
index 98679ba5b..064dcbaf5 100644
--- a/vendor/golang.org/x/crypto/ssh/server.go
+++ b/vendor/golang.org/x/crypto/ssh/server.go
@@ -10,6 +10,7 @@ import (
 	"fmt"
 	"io"
 	"net"
+	"slices"
 	"strings"
 )
 
@@ -43,6 +44,9 @@ type Permissions struct {
 	// pass data from the authentication callbacks to the server
 	// application layer.
 	Extensions map[string]string
+
+	// ExtraData allows to store user defined data.
+	ExtraData map[any]any
 }
 
 type GSSAPIWithMICConfig struct {
@@ -126,6 +130,21 @@ type ServerConfig struct {
 	// Permissions.Extensions entry.
 	PublicKeyCallback func(conn ConnMetadata, key PublicKey) (*Permissions, error)
 
+	// VerifiedPublicKeyCallback, if non-nil, is called after a client
+	// successfully confirms having control over a key that was previously
+	// approved by PublicKeyCallback. The permissions object passed to the
+	// callback is the one returned by PublicKeyCallback for the given public
+	// key and its ownership is transferred to the callback. The returned
+	// Permissions object can be the same object, optionally modified, or a
+	// completely new object. If VerifiedPublicKeyCallback is non-nil,
+	// PublicKeyCallback is not allowed to return a PartialSuccessError, which
+	// can instead be returned by VerifiedPublicKeyCallback.
+	//
+	// VerifiedPublicKeyCallback does not affect which authentication methods
+	// are included in the list of methods that can be attempted by the client.
+	VerifiedPublicKeyCallback func(conn ConnMetadata, key PublicKey, permissions *Permissions,
+		signatureAlgorithm string) (*Permissions, error)
+
 	// KeyboardInteractiveCallback, if non-nil, is called when
 	// keyboard-interactive authentication is selected (RFC
 	// 4256). The client object's Challenge function should be
@@ -246,7 +265,7 @@ func NewServerConn(c net.Conn, config *ServerConfig) (*ServerConn, <-chan NewCha
 		fullConf.PublicKeyAuthAlgorithms = defaultPubKeyAuthAlgos
 	} else {
 		for _, algo := range fullConf.PublicKeyAuthAlgorithms {
-			if !contains(SupportedAlgorithms().PublicKeyAuths, algo) && !contains(InsecureAlgorithms().PublicKeyAuths, algo) {
+			if !slices.Contains(SupportedAlgorithms().PublicKeyAuths, algo) && !slices.Contains(InsecureAlgorithms().PublicKeyAuths, algo) {
 				c.Close()
 				return nil, nil, nil, fmt.Errorf("ssh: unsupported public key authentication algorithm %s", algo)
 			}
@@ -631,7 +650,7 @@ userAuthLoop:
 				return nil, parseError(msgUserAuthRequest)
 			}
 			algo := string(algoBytes)
-			if !contains(config.PublicKeyAuthAlgorithms, underlyingAlgo(algo)) {
+			if !slices.Contains(config.PublicKeyAuthAlgorithms, underlyingAlgo(algo)) {
 				authErr = fmt.Errorf("ssh: algorithm %q not accepted", algo)
 				break
 			}
@@ -652,6 +671,9 @@ userAuthLoop:
 				candidate.pubKeyData = pubKeyData
 				candidate.perms, candidate.result = authConfig.PublicKeyCallback(s, pubKey)
 				_, isPartialSuccessError := candidate.result.(*PartialSuccessError)
+				if isPartialSuccessError && config.VerifiedPublicKeyCallback != nil {
+					return nil, errors.New("ssh: invalid library usage: PublicKeyCallback must not return partial success when VerifiedPublicKeyCallback is defined")
+				}
 
 				if (candidate.result == nil || isPartialSuccessError) &&
 					candidate.perms != nil &&
@@ -695,7 +717,7 @@ userAuthLoop:
 				// ssh-rsa-cert-v01@openssh.com algorithm with ssh-rsa public
 				// key type. The algorithm and public key type must be
 				// consistent: both must be certificate algorithms, or neither.
-				if !contains(algorithmsForKeyFormat(pubKey.Type()), algo) {
+				if !slices.Contains(algorithmsForKeyFormat(pubKey.Type()), algo) {
 					authErr = fmt.Errorf("ssh: public key type %q not compatible with selected algorithm %q",
 						pubKey.Type(), algo)
 					break
@@ -705,7 +727,7 @@ userAuthLoop:
 				// algorithm name that corresponds to algo with
 				// sig.Format.  This is usually the same, but
 				// for certs, the names differ.
-				if !contains(config.PublicKeyAuthAlgorithms, sig.Format) {
+				if !slices.Contains(config.PublicKeyAuthAlgorithms, sig.Format) {
 					authErr = fmt.Errorf("ssh: algorithm %q not accepted", sig.Format)
 					break
 				}
@@ -722,6 +744,12 @@ userAuthLoop:
 
 				authErr = candidate.result
 				perms = candidate.perms
+				if authErr == nil && config.VerifiedPublicKeyCallback != nil {
+					// Only call VerifiedPublicKeyCallback after the key has been accepted
+					// and successfully verified. If authErr is non-nil, the key is not
+					// considered verified and the callback must not run.
+					perms, authErr = config.VerifiedPublicKeyCallback(s, pubKey, perms, algo)
+				}
 			}
 		case "gssapi-with-mic":
 			if authConfig.GSSAPIWithMICConfig == nil {
diff --git a/vendor/golang.org/x/crypto/ssh/ssh_gss.go b/vendor/golang.org/x/crypto/ssh/ssh_gss.go
index 24bd7c8e8..a6249a122 100644
--- a/vendor/golang.org/x/crypto/ssh/ssh_gss.go
+++ b/vendor/golang.org/x/crypto/ssh/ssh_gss.go
@@ -106,6 +106,13 @@ func parseGSSAPIPayload(payload []byte) (*userAuthRequestGSSAPI, error) {
 	if !ok {
 		return nil, errors.New("parse uint32 failed")
 	}
+	// Each ASN.1 encoded OID must have a minimum
+	// of 2 bytes; 64 maximum mechanisms is an
+	// arbitrary, but reasonable ceiling.
+	const maxMechs = 64
+	if n > maxMechs || int(n)*2 > len(rest) {
+		return nil, errors.New("invalid mechanism count")
+	}
 	s := &userAuthRequestGSSAPI{
 		N:    n,
 		OIDS: make([]asn1.ObjectIdentifier, n),
@@ -122,7 +129,6 @@ func parseGSSAPIPayload(payload []byte) (*userAuthRequestGSSAPI, error) {
 		if rest, err = asn1.Unmarshal(desiredMech, &s.OIDS[i]); err != nil {
 			return nil, err
 		}
-
 	}
 	return s, nil
 }
diff --git a/vendor/golang.org/x/crypto/ssh/streamlocal.go b/vendor/golang.org/x/crypto/ssh/streamlocal.go
index b171b330b..152470fcb 100644
--- a/vendor/golang.org/x/crypto/ssh/streamlocal.go
+++ b/vendor/golang.org/x/crypto/ssh/streamlocal.go
@@ -44,7 +44,7 @@ func (c *Client) ListenUnix(socketPath string) (net.Listener, error) {
 	if !ok {
 		return nil, errors.New("ssh: streamlocal-forward@openssh.com request denied by peer")
 	}
-	ch := c.forwards.add(&net.UnixAddr{Name: socketPath, Net: "unix"})
+	ch := c.forwards.add("unix", socketPath)
 
 	return &unixListener{socketPath, c, ch}, nil
 }
@@ -96,7 +96,7 @@ func (l *unixListener) Accept() (net.Conn, error) {
 // Close closes the listener.
 func (l *unixListener) Close() error {
 	// this also closes the listener.
-	l.conn.forwards.remove(&net.UnixAddr{Name: l.socketPath, Net: "unix"})
+	l.conn.forwards.remove("unix", l.socketPath)
 	m := streamLocalChannelForwardMsg{
 		l.socketPath,
 	}
diff --git a/vendor/golang.org/x/crypto/ssh/tcpip.go b/vendor/golang.org/x/crypto/ssh/tcpip.go
index 93d844f03..78c41fe5a 100644
--- a/vendor/golang.org/x/crypto/ssh/tcpip.go
+++ b/vendor/golang.org/x/crypto/ssh/tcpip.go
@@ -11,6 +11,7 @@ import (
 	"io"
 	"math/rand"
 	"net"
+	"net/netip"
 	"strconv"
 	"strings"
 	"sync"
@@ -22,14 +23,21 @@ import (
 // the returned net.Listener. The listener must be serviced, or the
 // SSH connection may hang.
 // N must be "tcp", "tcp4", "tcp6", or "unix".
+//
+// If the address is a hostname, it is sent to the remote peer as-is, without
+// being resolved locally, and the Listener Addr method will return a zero IP.
 func (c *Client) Listen(n, addr string) (net.Listener, error) {
 	switch n {
 	case "tcp", "tcp4", "tcp6":
-		laddr, err := net.ResolveTCPAddr(n, addr)
+		host, portStr, err := net.SplitHostPort(addr)
+		if err != nil {
+			return nil, err
+		}
+		port, err := strconv.ParseInt(portStr, 10, 32)
 		if err != nil {
 			return nil, err
 		}
-		return c.ListenTCP(laddr)
+		return c.listenTCPInternal(host, int(port))
 	case "unix":
 		return c.ListenUnix(addr)
 	default:
@@ -102,15 +110,24 @@ func (c *Client) handleForwards() {
 // ListenTCP requests the remote peer open a listening socket
 // on laddr. Incoming connections will be available by calling
 // Accept on the returned net.Listener.
+//
+// ListenTCP accepts an IP address, to provide a hostname use [Client.Listen]
+// with "tcp", "tcp4", or "tcp6" network instead.
 func (c *Client) ListenTCP(laddr *net.TCPAddr) (net.Listener, error) {
 	c.handleForwardsOnce.Do(c.handleForwards)
 	if laddr.Port == 0 && isBrokenOpenSSHVersion(string(c.ServerVersion())) {
 		return c.autoPortListenWorkaround(laddr)
 	}
 
+	return c.listenTCPInternal(laddr.IP.String(), laddr.Port)
+}
+
+func (c *Client) listenTCPInternal(host string, port int) (net.Listener, error) {
+	c.handleForwardsOnce.Do(c.handleForwards)
+
 	m := channelForwardMsg{
-		laddr.IP.String(),
-		uint32(laddr.Port),
+		host,
+		uint32(port),
 	}
 	// send message
 	ok, resp, err := c.SendRequest("tcpip-forward", true, Marshal(&m))
@@ -123,20 +140,33 @@ func (c *Client) ListenTCP(laddr *net.TCPAddr) (net.Listener, error) {
 
 	// If the original port was 0, then the remote side will
 	// supply a real port number in the response.
-	if laddr.Port == 0 {
+	if port == 0 {
 		var p struct {
 			Port uint32
 		}
 		if err := Unmarshal(resp, &p); err != nil {
 			return nil, err
 		}
-		laddr.Port = int(p.Port)
+		port = int(p.Port)
 	}
+	// Construct a local address placeholder for the remote listener. If the
+	// original host is an IP address, preserve it so that Listener.Addr()
+	// reports the same IP. If the host is a hostname or cannot be parsed as an
+	// IP, fall back to IPv4zero. The port field is always set, even if the
+	// original port was 0, because in that case the remote server will assign
+	// one, allowing callers to determine which port was selected.
+	ip := net.IPv4zero
+	if parsed, err := netip.ParseAddr(host); err == nil {
+		ip = net.IP(parsed.AsSlice())
+	}
+	laddr := &net.TCPAddr{
+		IP:   ip,
+		Port: port,
+	}
+	addr := net.JoinHostPort(host, strconv.FormatInt(int64(port), 10))
+	ch := c.forwards.add("tcp", addr)
 
-	// Register this forward, using the port number we obtained.
-	ch := c.forwards.add(laddr)
-
-	return &tcpListener{laddr, c, ch}, nil
+	return &tcpListener{laddr, addr, c, ch}, nil
 }
 
 // forwardList stores a mapping between remote
@@ -149,8 +179,9 @@ type forwardList struct {
 // forwardEntry represents an established mapping of a laddr on a
 // remote ssh server to a channel connected to a tcpListener.
 type forwardEntry struct {
-	laddr net.Addr
-	c     chan forward
+	addr    string // host:port or socket path
+	network string // tcp or unix
+	c       chan forward
 }
 
 // forward represents an incoming forwarded tcpip connection. The
@@ -161,12 +192,13 @@ type forward struct {
 	raddr net.Addr   // the raddr of the incoming connection
 }
 
-func (l *forwardList) add(addr net.Addr) chan forward {
+func (l *forwardList) add(n, addr string) chan forward {
 	l.Lock()
 	defer l.Unlock()
 	f := forwardEntry{
-		laddr: addr,
-		c:     make(chan forward, 1),
+		addr:    addr,
+		network: n,
+		c:       make(chan forward, 1),
 	}
 	l.entries = append(l.entries, f)
 	return f.c
@@ -185,19 +217,20 @@ func parseTCPAddr(addr string, port uint32) (*net.TCPAddr, error) {
 	if port == 0 || port > 65535 {
 		return nil, fmt.Errorf("ssh: port number out of range: %d", port)
 	}
-	ip := net.ParseIP(string(addr))
-	if ip == nil {
+	ip, err := netip.ParseAddr(addr)
+	if err != nil {
 		return nil, fmt.Errorf("ssh: cannot parse IP address %q", addr)
 	}
-	return &net.TCPAddr{IP: ip, Port: int(port)}, nil
+	return &net.TCPAddr{IP: net.IP(ip.AsSlice()), Port: int(port)}, nil
 }
 
 func (l *forwardList) handleChannels(in <-chan NewChannel) {
 	for ch := range in {
 		var (
-			laddr net.Addr
-			raddr net.Addr
-			err   error
+			addr    string
+			network string
+			raddr   net.Addr
+			err     error
 		)
 		switch channelType := ch.ChannelType(); channelType {
 		case "forwarded-tcpip":
@@ -207,40 +240,34 @@ func (l *forwardList) handleChannels(in <-chan NewChannel) {
 				continue
 			}
 
-			// RFC 4254 section 7.2 specifies that incoming
-			// addresses should list the address, in string
-			// format. It is implied that this should be an IP
-			// address, as it would be impossible to connect to it
-			// otherwise.
-			laddr, err = parseTCPAddr(payload.Addr, payload.Port)
-			if err != nil {
-				ch.Reject(ConnectionFailed, err.Error())
-				continue
-			}
+			// RFC 4254 section 7.2 specifies that incoming addresses should
+			// list the address that was connected, in string format. It is the
+			// same address used in the tcpip-forward request. The originator
+			// address is an IP address instead.
+			addr = net.JoinHostPort(payload.Addr, strconv.FormatUint(uint64(payload.Port), 10))
+
 			raddr, err = parseTCPAddr(payload.OriginAddr, payload.OriginPort)
 			if err != nil {
 				ch.Reject(ConnectionFailed, err.Error())
 				continue
 			}
-
+			network = "tcp"
 		case "forwarded-streamlocal@openssh.com":
 			var payload forwardedStreamLocalPayload
 			if err = Unmarshal(ch.ExtraData(), &payload); err != nil {
 				ch.Reject(ConnectionFailed, "could not parse forwarded-streamlocal@openssh.com payload: "+err.Error())
 				continue
 			}
-			laddr = &net.UnixAddr{
-				Name: payload.SocketPath,
-				Net:  "unix",
-			}
+			addr = payload.SocketPath
 			raddr = &net.UnixAddr{
 				Name: "@",
 				Net:  "unix",
 			}
+			network = "unix"
 		default:
 			panic(fmt.Errorf("ssh: unknown channel type %s", channelType))
 		}
-		if ok := l.forward(laddr, raddr, ch); !ok {
+		if ok := l.forward(network, addr, raddr, ch); !ok {
 			// Section 7.2, implementations MUST reject spurious incoming
 			// connections.
 			ch.Reject(Prohibited, "no forward for address")
@@ -252,11 +279,11 @@ func (l *forwardList) handleChannels(in <-chan NewChannel) {
 
 // remove removes the forward entry, and the channel feeding its
 // listener.
-func (l *forwardList) remove(addr net.Addr) {
+func (l *forwardList) remove(n, addr string) {
 	l.Lock()
 	defer l.Unlock()
 	for i, f := range l.entries {
-		if addr.Network() == f.laddr.Network() && addr.String() == f.laddr.String() {
+		if n == f.network && addr == f.addr {
 			l.entries = append(l.entries[:i], l.entries[i+1:]...)
 			close(f.c)
 			return
@@ -274,11 +301,11 @@ func (l *forwardList) closeAll() {
 	l.entries = nil
 }
 
-func (l *forwardList) forward(laddr, raddr net.Addr, ch NewChannel) bool {
+func (l *forwardList) forward(n, addr string, raddr net.Addr, ch NewChannel) bool {
 	l.Lock()
 	defer l.Unlock()
 	for _, f := range l.entries {
-		if laddr.Network() == f.laddr.Network() && laddr.String() == f.laddr.String() {
+		if n == f.network && addr == f.addr {
 			f.c <- forward{newCh: ch, raddr: raddr}
 			return true
 		}
@@ -288,6 +315,7 @@ func (l *forwardList) forward(laddr, raddr net.Addr, ch NewChannel) bool {
 
 type tcpListener struct {
 	laddr *net.TCPAddr
+	addr  string
 
 	conn *Client
 	in   <-chan forward
@@ -314,13 +342,21 @@ func (l *tcpListener) Accept() (net.Conn, error) {
 
 // Close closes the listener.
 func (l *tcpListener) Close() error {
+	host, port, err := net.SplitHostPort(l.addr)
+	if err != nil {
+		return err
+	}
+	rport, err := strconv.ParseUint(port, 10, 32)
+	if err != nil {
+		return err
+	}
 	m := channelForwardMsg{
-		l.laddr.IP.String(),
-		uint32(l.laddr.Port),
+		host,
+		uint32(rport),
 	}
 
 	// this also closes the listener.
-	l.conn.forwards.remove(l.laddr)
+	l.conn.forwards.remove("tcp", l.addr)
 	ok, _, err := l.conn.SendRequest("cancel-tcpip-forward", true, Marshal(&m))
 	if err == nil && !ok {
 		err = errors.New("ssh: cancel-tcpip-forward failed")
diff --git a/vendor/golang.org/x/crypto/ssh/transport.go b/vendor/golang.org/x/crypto/ssh/transport.go
index 663619845..fa3dd6a42 100644
--- a/vendor/golang.org/x/crypto/ssh/transport.go
+++ b/vendor/golang.org/x/crypto/ssh/transport.go
@@ -8,6 +8,7 @@ import (
 	"bufio"
 	"bytes"
 	"errors"
+	"fmt"
 	"io"
 	"log"
 )
@@ -254,6 +255,9 @@ var (
 // (to setup server->client keys) or clientKeys (for client->server keys).
 func newPacketCipher(d direction, algs DirectionAlgorithms, kex *kexResult) (packetCipher, error) {
 	cipherMode := cipherModes[algs.Cipher]
+	if cipherMode == nil {
+		return nil, fmt.Errorf("ssh: unsupported cipher %v", algs.Cipher)
+	}
 
 	iv := make([]byte, cipherMode.ivSize)
 	key := make([]byte, cipherMode.keySize)
diff --git a/vendor/golang.org/x/net/context/context.go b/vendor/golang.org/x/net/context/context.go
index db1c95fab..24cea6882 100644
--- a/vendor/golang.org/x/net/context/context.go
+++ b/vendor/golang.org/x/net/context/context.go
@@ -2,44 +2,9 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-// Package context defines the Context type, which carries deadlines,
-// cancellation signals, and other request-scoped values across API boundaries
-// and between processes.
-// As of Go 1.7 this package is available in the standard library under the
-// name [context], and migrating to it can be done automatically with [go fix].
-//
-// Incoming requests to a server should create a [Context], and outgoing
-// calls to servers should accept a Context. The chain of function
-// calls between them must propagate the Context, optionally replacing
-// it with a derived Context created using [WithCancel], [WithDeadline],
-// [WithTimeout], or [WithValue].
-//
-// Programs that use Contexts should follow these rules to keep interfaces
-// consistent across packages and enable static analysis tools to check context
-// propagation:
-//
-// Do not store Contexts inside a struct type; instead, pass a Context
-// explicitly to each function that needs it. This is discussed further in
-// https://go.dev/blog/context-and-structs. The Context should be the first
-// parameter, typically named ctx:
-//
-//	func DoSomething(ctx context.Context, arg Arg) error {
-//		// ... use ctx ...
-//	}
-//
-// Do not pass a nil [Context], even if a function permits it. Pass [context.TODO]
-// if you are unsure about which Context to use.
-//
-// Use context Values only for request-scoped data that transits processes and
-// APIs, not for passing optional parameters to functions.
+// Package context has been superseded by the standard library [context] package.
 //
-// The same Context may be passed to functions running in different goroutines;
-// Contexts are safe for simultaneous use by multiple goroutines.
-//
-// See https://go.dev/blog/context for example code for a server that uses
-// Contexts.
-//
-// [go fix]: https://go.dev/cmd/go#hdr-Update_packages_to_use_new_APIs
+// Deprecated: Use the standard library context package instead.
 package context
 
 import (
@@ -51,36 +16,37 @@ import (
 // API boundaries.
 //
 // Context's methods may be called by multiple goroutines simultaneously.
+//
+//go:fix inline
 type Context = context.Context
 
 // Canceled is the error returned by [Context.Err] when the context is canceled
 // for some reason other than its deadline passing.
+//
+//go:fix inline
 var Canceled = context.Canceled
 
 // DeadlineExceeded is the error returned by [Context.Err] when the context is canceled
 // due to its deadline passing.
+//
+//go:fix inline
 var DeadlineExceeded = context.DeadlineExceeded
 
 // Background returns a non-nil, empty Context. It is never canceled, has no
 // values, and has no deadline. It is typically used by the main function,
 // initialization, and tests, and as the top-level Context for incoming
 // requests.
-func Background() Context {
-	return background
-}
+//
+//go:fix inline
+func Background() Context { return context.Background() }
 
 // TODO returns a non-nil, empty Context. Code should use context.TODO when
 // it's unclear which Context to use or it is not yet available (because the
 // surrounding function has not yet been extended to accept a Context
 // parameter).
-func TODO() Context {
-	return todo
-}
-
-var (
-	background = context.Background()
-	todo       = context.TODO()
-)
+//
+//go:fix inline
+func TODO() Context { return context.TODO() }
 
 // A CancelFunc tells an operation to abandon its work.
 // A CancelFunc does not wait for the work to stop.
@@ -95,6 +61,8 @@ type CancelFunc = context.CancelFunc
 //
 // Canceling this context releases resources associated with it, so code should
 // call cancel as soon as the operations running in this [Context] complete.
+//
+//go:fix inline
 func WithCancel(parent Context) (ctx Context, cancel CancelFunc) {
 	return context.WithCancel(parent)
 }
@@ -108,6 +76,8 @@ func WithCancel(parent Context) (ctx Context, cancel CancelFunc) {
 //
 // Canceling this context releases resources associated with it, so code should
 // call cancel as soon as the operations running in this [Context] complete.
+//
+//go:fix inline
 func WithDeadline(parent Context, d time.Time) (Context, CancelFunc) {
 	return context.WithDeadline(parent, d)
 }
@@ -122,6 +92,8 @@ func WithDeadline(parent Context, d time.Time) (Context, CancelFunc) {
 //		defer cancel()  // releases resources if slowOperation completes before timeout elapses
 //		return slowOperation(ctx)
 //	}
+//
+//go:fix inline
 func WithTimeout(parent Context, timeout time.Duration) (Context, CancelFunc) {
 	return context.WithTimeout(parent, timeout)
 }
@@ -139,6 +111,8 @@ func WithTimeout(parent Context, timeout time.Duration) (Context, CancelFunc) {
 // interface{}, context keys often have concrete type
 // struct{}. Alternatively, exported context key variables' static
 // type should be a pointer or interface.
+//
+//go:fix inline
 func WithValue(parent Context, key, val interface{}) Context {
 	return context.WithValue(parent, key, val)
 }
diff --git a/vendor/golang.org/x/net/http2/config.go b/vendor/golang.org/x/net/http2/config.go
index ca645d9a1..8a7a89d01 100644
--- a/vendor/golang.org/x/net/http2/config.go
+++ b/vendor/golang.org/x/net/http2/config.go
@@ -27,6 +27,7 @@ import (
 //   - If the resulting value is zero or out of range, use a default.
 type http2Config struct {
 	MaxConcurrentStreams         uint32
+	StrictMaxConcurrentRequests  bool
 	MaxDecoderHeaderTableSize    uint32
 	MaxEncoderHeaderTableSize    uint32
 	MaxReadFrameSize             uint32
@@ -55,7 +56,7 @@ func configFromServer(h1 *http.Server, h2 *Server) http2Config {
 		PermitProhibitedCipherSuites: h2.PermitProhibitedCipherSuites,
 		CountError:                   h2.CountError,
 	}
-	fillNetHTTPServerConfig(&conf, h1)
+	fillNetHTTPConfig(&conf, h1.HTTP2)
 	setConfigDefaults(&conf, true)
 	return conf
 }
@@ -64,12 +65,13 @@ func configFromServer(h1 *http.Server, h2 *Server) http2Config {
 // (the net/http Transport).
 func configFromTransport(h2 *Transport) http2Config {
 	conf := http2Config{
-		MaxEncoderHeaderTableSize: h2.MaxEncoderHeaderTableSize,
-		MaxDecoderHeaderTableSize: h2.MaxDecoderHeaderTableSize,
-		MaxReadFrameSize:          h2.MaxReadFrameSize,
-		SendPingTimeout:           h2.ReadIdleTimeout,
-		PingTimeout:               h2.PingTimeout,
-		WriteByteTimeout:          h2.WriteByteTimeout,
+		StrictMaxConcurrentRequests: h2.StrictMaxConcurrentStreams,
+		MaxEncoderHeaderTableSize:   h2.MaxEncoderHeaderTableSize,
+		MaxDecoderHeaderTableSize:   h2.MaxDecoderHeaderTableSize,
+		MaxReadFrameSize:            h2.MaxReadFrameSize,
+		SendPingTimeout:             h2.ReadIdleTimeout,
+		PingTimeout:                 h2.PingTimeout,
+		WriteByteTimeout:            h2.WriteByteTimeout,
 	}
 
 	// Unlike most config fields, where out-of-range values revert to the default,
@@ -81,7 +83,7 @@ func configFromTransport(h2 *Transport) http2Config {
 	}
 
 	if h2.t1 != nil {
-		fillNetHTTPTransportConfig(&conf, h2.t1)
+		fillNetHTTPConfig(&conf, h2.t1.HTTP2)
 	}
 	setConfigDefaults(&conf, false)
 	return conf
@@ -120,3 +122,48 @@ func adjustHTTP1MaxHeaderSize(n int64) int64 {
 	const typicalHeaders = 10   // conservative
 	return n + typicalHeaders*perFieldOverhead
 }
+
+func fillNetHTTPConfig(conf *http2Config, h2 *http.HTTP2Config) {
+	if h2 == nil {
+		return
+	}
+	if h2.MaxConcurrentStreams != 0 {
+		conf.MaxConcurrentStreams = uint32(h2.MaxConcurrentStreams)
+	}
+	if http2ConfigStrictMaxConcurrentRequests(h2) {
+		conf.StrictMaxConcurrentRequests = true
+	}
+	if h2.MaxEncoderHeaderTableSize != 0 {
+		conf.MaxEncoderHeaderTableSize = uint32(h2.MaxEncoderHeaderTableSize)
+	}
+	if h2.MaxDecoderHeaderTableSize != 0 {
+		conf.MaxDecoderHeaderTableSize = uint32(h2.MaxDecoderHeaderTableSize)
+	}
+	if h2.MaxConcurrentStreams != 0 {
+		conf.MaxConcurrentStreams = uint32(h2.MaxConcurrentStreams)
+	}
+	if h2.MaxReadFrameSize != 0 {
+		conf.MaxReadFrameSize = uint32(h2.MaxReadFrameSize)
+	}
+	if h2.MaxReceiveBufferPerConnection != 0 {
+		conf.MaxUploadBufferPerConnection = int32(h2.MaxReceiveBufferPerConnection)
+	}
+	if h2.MaxReceiveBufferPerStream != 0 {
+		conf.MaxUploadBufferPerStream = int32(h2.MaxReceiveBufferPerStream)
+	}
+	if h2.SendPingTimeout != 0 {
+		conf.SendPingTimeout = h2.SendPingTimeout
+	}
+	if h2.PingTimeout != 0 {
+		conf.PingTimeout = h2.PingTimeout
+	}
+	if h2.WriteByteTimeout != 0 {
+		conf.WriteByteTimeout = h2.WriteByteTimeout
+	}
+	if h2.PermitProhibitedCipherSuites {
+		conf.PermitProhibitedCipherSuites = true
+	}
+	if h2.CountError != nil {
+		conf.CountError = h2.CountError
+	}
+}
diff --git a/vendor/golang.org/x/net/http2/config_go124.go b/vendor/golang.org/x/net/http2/config_go124.go
deleted file mode 100644
index 5b516c55f..000000000
--- a/vendor/golang.org/x/net/http2/config_go124.go
+++ /dev/null
@@ -1,61 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build go1.24
-
-package http2
-
-import "net/http"
-
-// fillNetHTTPServerConfig sets fields in conf from srv.HTTP2.
-func fillNetHTTPServerConfig(conf *http2Config, srv *http.Server) {
-	fillNetHTTPConfig(conf, srv.HTTP2)
-}
-
-// fillNetHTTPTransportConfig sets fields in conf from tr.HTTP2.
-func fillNetHTTPTransportConfig(conf *http2Config, tr *http.Transport) {
-	fillNetHTTPConfig(conf, tr.HTTP2)
-}
-
-func fillNetHTTPConfig(conf *http2Config, h2 *http.HTTP2Config) {
-	if h2 == nil {
-		return
-	}
-	if h2.MaxConcurrentStreams != 0 {
-		conf.MaxConcurrentStreams = uint32(h2.MaxConcurrentStreams)
-	}
-	if h2.MaxEncoderHeaderTableSize != 0 {
-		conf.MaxEncoderHeaderTableSize = uint32(h2.MaxEncoderHeaderTableSize)
-	}
-	if h2.MaxDecoderHeaderTableSize != 0 {
-		conf.MaxDecoderHeaderTableSize = uint32(h2.MaxDecoderHeaderTableSize)
-	}
-	if h2.MaxConcurrentStreams != 0 {
-		conf.MaxConcurrentStreams = uint32(h2.MaxConcurrentStreams)
-	}
-	if h2.MaxReadFrameSize != 0 {
-		conf.MaxReadFrameSize = uint32(h2.MaxReadFrameSize)
-	}
-	if h2.MaxReceiveBufferPerConnection != 0 {
-		conf.MaxUploadBufferPerConnection = int32(h2.MaxReceiveBufferPerConnection)
-	}
-	if h2.MaxReceiveBufferPerStream != 0 {
-		conf.MaxUploadBufferPerStream = int32(h2.MaxReceiveBufferPerStream)
-	}
-	if h2.SendPingTimeout != 0 {
-		conf.SendPingTimeout = h2.SendPingTimeout
-	}
-	if h2.PingTimeout != 0 {
-		conf.PingTimeout = h2.PingTimeout
-	}
-	if h2.WriteByteTimeout != 0 {
-		conf.WriteByteTimeout = h2.WriteByteTimeout
-	}
-	if h2.PermitProhibitedCipherSuites {
-		conf.PermitProhibitedCipherSuites = true
-	}
-	if h2.CountError != nil {
-		conf.CountError = h2.CountError
-	}
-}
diff --git a/vendor/golang.org/x/net/http2/config_go125.go b/vendor/golang.org/x/net/http2/config_go125.go
new file mode 100644
index 000000000..b4373fe33
--- /dev/null
+++ b/vendor/golang.org/x/net/http2/config_go125.go
@@ -0,0 +1,15 @@
+// Copyright 2025 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !go1.26
+
+package http2
+
+import (
+	"net/http"
+)
+
+func http2ConfigStrictMaxConcurrentRequests(h2 *http.HTTP2Config) bool {
+	return false
+}
diff --git a/vendor/golang.org/x/net/http2/config_go126.go b/vendor/golang.org/x/net/http2/config_go126.go
new file mode 100644
index 000000000..6b071c149
--- /dev/null
+++ b/vendor/golang.org/x/net/http2/config_go126.go
@@ -0,0 +1,15 @@
+// Copyright 2025 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build go1.26
+
+package http2
+
+import (
+	"net/http"
+)
+
+func http2ConfigStrictMaxConcurrentRequests(h2 *http.HTTP2Config) bool {
+	return h2.StrictMaxConcurrentRequests
+}
diff --git a/vendor/golang.org/x/net/http2/config_pre_go124.go b/vendor/golang.org/x/net/http2/config_pre_go124.go
deleted file mode 100644
index 060fd6c64..000000000
--- a/vendor/golang.org/x/net/http2/config_pre_go124.go
+++ /dev/null
@@ -1,16 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build !go1.24
-
-package http2
-
-import "net/http"
-
-// Pre-Go 1.24 fallback.
-// The Server.HTTP2 and Transport.HTTP2 config fields were added in Go 1.24.
-
-func fillNetHTTPServerConfig(conf *http2Config, srv *http.Server) {}
-
-func fillNetHTTPTransportConfig(conf *http2Config, tr *http.Transport) {}
diff --git a/vendor/golang.org/x/net/http2/frame.go b/vendor/golang.org/x/net/http2/frame.go
index db3264da8..9a4bd123c 100644
--- a/vendor/golang.org/x/net/http2/frame.go
+++ b/vendor/golang.org/x/net/http2/frame.go
@@ -280,6 +280,8 @@ type Framer struct {
 	// lastHeaderStream is non-zero if the last frame was an
 	// unfinished HEADERS/CONTINUATION.
 	lastHeaderStream uint32
+	// lastFrameType holds the type of the last frame for verifying frame order.
+	lastFrameType FrameType
 
 	maxReadSize uint32
 	headerBuf   [frameHeaderLen]byte
@@ -347,7 +349,7 @@ func (fr *Framer) maxHeaderListSize() uint32 {
 func (f *Framer) startWrite(ftype FrameType, flags Flags, streamID uint32) {
 	// Write the FrameHeader.
 	f.wbuf = append(f.wbuf[:0],
-		0, // 3 bytes of length, filled in in endWrite
+		0, // 3 bytes of length, filled in endWrite
 		0,
 		0,
 		byte(ftype),
@@ -488,30 +490,41 @@ func terminalReadFrameError(err error) bool {
 	return err != nil
 }
 
-// ReadFrame reads a single frame. The returned Frame is only valid
-// until the next call to ReadFrame.
+// ReadFrameHeader reads the header of the next frame.
+// It reads the 9-byte fixed frame header, and does not read any portion of the
+// frame payload. The caller is responsible for consuming the payload, either
+// with ReadFrameForHeader or directly from the Framer's io.Reader.
 //
-// If the frame is larger than previously set with SetMaxReadFrameSize, the
-// returned error is ErrFrameTooLarge. Other errors may be of type
-// ConnectionError, StreamError, or anything else from the underlying
-// reader.
+// If the frame is larger than previously set with SetMaxReadFrameSize, it
+// returns the frame header and ErrFrameTooLarge.
 //
-// If ReadFrame returns an error and a non-nil Frame, the Frame's StreamID
-// indicates the stream responsible for the error.
-func (fr *Framer) ReadFrame() (Frame, error) {
+// If the returned FrameHeader.StreamID is non-zero, it indicates the stream
+// responsible for the error.
+func (fr *Framer) ReadFrameHeader() (FrameHeader, error) {
 	fr.errDetail = nil
-	if fr.lastFrame != nil {
-		fr.lastFrame.invalidate()
-	}
 	fh, err := readFrameHeader(fr.headerBuf[:], fr.r)
 	if err != nil {
-		return nil, err
+		return fh, err
 	}
 	if fh.Length > fr.maxReadSize {
 		if fh == invalidHTTP1LookingFrameHeader() {
-			return nil, fmt.Errorf("http2: failed reading the frame payload: %w, note that the frame header looked like an HTTP/1.1 header", ErrFrameTooLarge)
+			return fh, fmt.Errorf("http2: failed reading the frame payload: %w, note that the frame header looked like an HTTP/1.1 header", ErrFrameTooLarge)
 		}
-		return nil, ErrFrameTooLarge
+		return fh, ErrFrameTooLarge
+	}
+	if err := fr.checkFrameOrder(fh); err != nil {
+		return fh, err
+	}
+	return fh, nil
+}
+
+// ReadFrameForHeader reads the payload for the frame with the given FrameHeader.
+//
+// It behaves identically to ReadFrame, other than not checking the maximum
+// frame size.
+func (fr *Framer) ReadFrameForHeader(fh FrameHeader) (Frame, error) {
+	if fr.lastFrame != nil {
+		fr.lastFrame.invalidate()
 	}
 	payload := fr.getReadBuf(fh.Length)
 	if _, err := io.ReadFull(fr.r, payload); err != nil {
@@ -527,9 +540,7 @@ func (fr *Framer) ReadFrame() (Frame, error) {
 		}
 		return nil, err
 	}
-	if err := fr.checkFrameOrder(f); err != nil {
-		return nil, err
-	}
+	fr.lastFrame = f
 	if fr.logReads {
 		fr.debugReadLoggerf("http2: Framer %p: read %v", fr, summarizeFrame(f))
 	}
@@ -539,6 +550,24 @@ func (fr *Framer) ReadFrame() (Frame, error) {
 	return f, nil
 }
 
+// ReadFrame reads a single frame. The returned Frame is only valid
+// until the next call to ReadFrame or ReadFrameBodyForHeader.
+//
+// If the frame is larger than previously set with SetMaxReadFrameSize, the
+// returned error is ErrFrameTooLarge. Other errors may be of type
+// ConnectionError, StreamError, or anything else from the underlying
+// reader.
+//
+// If ReadFrame returns an error and a non-nil Frame, the Frame's StreamID
+// indicates the stream responsible for the error.
+func (fr *Framer) ReadFrame() (Frame, error) {
+	fh, err := fr.ReadFrameHeader()
+	if err != nil {
+		return nil, err
+	}
+	return fr.ReadFrameForHeader(fh)
+}
+
 // connError returns ConnectionError(code) but first
 // stashes away a public reason to the caller can optionally relay it
 // to the peer before hanging up on them. This might help others debug
@@ -551,20 +580,19 @@ func (fr *Framer) connError(code ErrCode, reason string) error {
 // checkFrameOrder reports an error if f is an invalid frame to return
 // next from ReadFrame. Mostly it checks whether HEADERS and
 // CONTINUATION frames are contiguous.
-func (fr *Framer) checkFrameOrder(f Frame) error {
-	last := fr.lastFrame
-	fr.lastFrame = f
+func (fr *Framer) checkFrameOrder(fh FrameHeader) error {
+	lastType := fr.lastFrameType
+	fr.lastFrameType = fh.Type
 	if fr.AllowIllegalReads {
 		return nil
 	}
 
-	fh := f.Header()
 	if fr.lastHeaderStream != 0 {
 		if fh.Type != FrameContinuation {
 			return fr.connError(ErrCodeProtocol,
 				fmt.Sprintf("got %s for stream %d; expected CONTINUATION following %s for stream %d",
 					fh.Type, fh.StreamID,
-					last.Header().Type, fr.lastHeaderStream))
+					lastType, fr.lastHeaderStream))
 		}
 		if fh.StreamID != fr.lastHeaderStream {
 			return fr.connError(ErrCodeProtocol,
@@ -1152,7 +1180,16 @@ type PriorityFrame struct {
 	PriorityParam
 }
 
-// PriorityParam are the stream prioritzation parameters.
+var defaultRFC9218Priority = PriorityParam{
+	incremental: 0,
+	urgency:     3,
+}
+
+// Note that HTTP/2 has had two different prioritization schemes, and
+// PriorityParam struct below is a superset of both schemes. The exported
+// symbols are from RFC 7540 and the non-exported ones are from RFC 9218.
+
+// PriorityParam are the stream prioritization parameters.
 type PriorityParam struct {
 	// StreamDep is a 31-bit stream identifier for the
 	// stream that this stream depends on. Zero means no
@@ -1167,6 +1204,20 @@ type PriorityParam struct {
 	// the spec, "Add one to the value to obtain a weight between
 	// 1 and 256."
 	Weight uint8
+
+	// "The urgency (u) parameter value is Integer (see Section 3.3.1 of
+	// [STRUCTURED-FIELDS]), between 0 and 7 inclusive, in descending order of
+	// priority. The default is 3."
+	urgency uint8
+
+	// "The incremental (i) parameter value is Boolean (see Section 3.3.6 of
+	// [STRUCTURED-FIELDS]). It indicates if an HTTP response can be processed
+	// incrementally, i.e., provide some meaningful output as chunks of the
+	// response arrive."
+	//
+	// We use uint8 (i.e. 0 is false, 1 is true) instead of bool so we can
+	// avoid unnecessary type conversions and because either type takes 1 byte.
+	incremental uint8
 }
 
 func (p PriorityParam) IsZero() bool {
diff --git a/vendor/golang.org/x/net/http2/gotrack.go b/vendor/golang.org/x/net/http2/gotrack.go
index 9933c9f8c..9921ca096 100644
--- a/vendor/golang.org/x/net/http2/gotrack.go
+++ b/vendor/golang.org/x/net/http2/gotrack.go
@@ -15,21 +15,32 @@ import (
 	"runtime"
 	"strconv"
 	"sync"
+	"sync/atomic"
 )
 
 var DebugGoroutines = os.Getenv("DEBUG_HTTP2_GOROUTINES") == "1"
 
+// Setting DebugGoroutines to false during a test to disable goroutine debugging
+// results in race detector complaints when a test leaves goroutines running before
+// returning. Tests shouldn't do this, of course, but when they do it generally shows
+// up as infrequent, hard-to-debug flakes. (See #66519.)
+//
+// Disable goroutine debugging during individual tests with an atomic bool.
+// (Note that it's safe to enable/disable debugging mid-test, so the actual race condition
+// here is harmless.)
+var disableDebugGoroutines atomic.Bool
+
 type goroutineLock uint64
 
 func newGoroutineLock() goroutineLock {
-	if !DebugGoroutines {
+	if !DebugGoroutines || disableDebugGoroutines.Load() {
 		return 0
 	}
 	return goroutineLock(curGoroutineID())
 }
 
 func (g goroutineLock) check() {
-	if !DebugGoroutines {
+	if !DebugGoroutines || disableDebugGoroutines.Load() {
 		return
 	}
 	if curGoroutineID() != uint64(g) {
@@ -38,7 +49,7 @@ func (g goroutineLock) check() {
 }
 
 func (g goroutineLock) checkNotOn() {
-	if !DebugGoroutines {
+	if !DebugGoroutines || disableDebugGoroutines.Load() {
 		return
 	}
 	if curGoroutineID() == uint64(g) {
diff --git a/vendor/golang.org/x/net/http2/http2.go b/vendor/golang.org/x/net/http2/http2.go
index ea5ae629f..105fe12fe 100644
--- a/vendor/golang.org/x/net/http2/http2.go
+++ b/vendor/golang.org/x/net/http2/http2.go
@@ -15,7 +15,6 @@ package http2 // import "golang.org/x/net/http2"
 
 import (
 	"bufio"
-	"context"
 	"crypto/tls"
 	"errors"
 	"fmt"
@@ -35,7 +34,6 @@ var (
 	VerboseLogs    bool
 	logFrameWrites bool
 	logFrameReads  bool
-	inTests        bool
 
 	// Enabling extended CONNECT by causes browsers to attempt to use
 	// WebSockets-over-HTTP/2. This results in problems when the server's websocket
@@ -255,15 +253,13 @@ func (cw closeWaiter) Wait() {
 // idle memory usage with many connections.
 type bufferedWriter struct {
 	_           incomparable
-	group       synctestGroupInterface // immutable
-	conn        net.Conn               // immutable
-	bw          *bufio.Writer          // non-nil when data is buffered
-	byteTimeout time.Duration          // immutable, WriteByteTimeout
+	conn        net.Conn      // immutable
+	bw          *bufio.Writer // non-nil when data is buffered
+	byteTimeout time.Duration // immutable, WriteByteTimeout
 }
 
-func newBufferedWriter(group synctestGroupInterface, conn net.Conn, timeout time.Duration) *bufferedWriter {
+func newBufferedWriter(conn net.Conn, timeout time.Duration) *bufferedWriter {
 	return &bufferedWriter{
-		group:       group,
 		conn:        conn,
 		byteTimeout: timeout,
 	}
@@ -314,24 +310,18 @@ func (w *bufferedWriter) Flush() error {
 type bufferedWriterTimeoutWriter bufferedWriter
 
 func (w *bufferedWriterTimeoutWriter) Write(p []byte) (n int, err error) {
-	return writeWithByteTimeout(w.group, w.conn, w.byteTimeout, p)
+	return writeWithByteTimeout(w.conn, w.byteTimeout, p)
 }
 
 // writeWithByteTimeout writes to conn.
 // If more than timeout passes without any bytes being written to the connection,
 // the write fails.
-func writeWithByteTimeout(group synctestGroupInterface, conn net.Conn, timeout time.Duration, p []byte) (n int, err error) {
+func writeWithByteTimeout(conn net.Conn, timeout time.Duration, p []byte) (n int, err error) {
 	if timeout <= 0 {
 		return conn.Write(p)
 	}
 	for {
-		var now time.Time
-		if group == nil {
-			now = time.Now()
-		} else {
-			now = group.Now()
-		}
-		conn.SetWriteDeadline(now.Add(timeout))
+		conn.SetWriteDeadline(time.Now().Add(timeout))
 		nn, err := conn.Write(p[n:])
 		n += nn
 		if n == len(p) || nn == 0 || !errors.Is(err, os.ErrDeadlineExceeded) {
@@ -417,14 +407,3 @@ func (s *sorter) SortStrings(ss []string) {
 // makes that struct also non-comparable, and generally doesn't add
 // any size (as long as it's first).
 type incomparable [0]func()
-
-// synctestGroupInterface is the methods of synctestGroup used by Server and Transport.
-// It's defined as an interface here to let us keep synctestGroup entirely test-only
-// and not a part of non-test builds.
-type synctestGroupInterface interface {
-	Join()
-	Now() time.Time
-	NewTimer(d time.Duration) timer
-	AfterFunc(d time.Duration, f func()) timer
-	ContextWithTimeout(ctx context.Context, d time.Duration) (context.Context, context.CancelFunc)
-}
diff --git a/vendor/golang.org/x/net/http2/server.go b/vendor/golang.org/x/net/http2/server.go
index 51fca38f6..bdc5520eb 100644
--- a/vendor/golang.org/x/net/http2/server.go
+++ b/vendor/golang.org/x/net/http2/server.go
@@ -176,44 +176,15 @@ type Server struct {
 	// so that we don't embed a Mutex in this struct, which will make the
 	// struct non-copyable, which might break some callers.
 	state *serverInternalState
-
-	// Synchronization group used for testing.
-	// Outside of tests, this is nil.
-	group synctestGroupInterface
-}
-
-func (s *Server) markNewGoroutine() {
-	if s.group != nil {
-		s.group.Join()
-	}
-}
-
-func (s *Server) now() time.Time {
-	if s.group != nil {
-		return s.group.Now()
-	}
-	return time.Now()
-}
-
-// newTimer creates a new time.Timer, or a synthetic timer in tests.
-func (s *Server) newTimer(d time.Duration) timer {
-	if s.group != nil {
-		return s.group.NewTimer(d)
-	}
-	return timeTimer{time.NewTimer(d)}
-}
-
-// afterFunc creates a new time.AfterFunc timer, or a synthetic timer in tests.
-func (s *Server) afterFunc(d time.Duration, f func()) timer {
-	if s.group != nil {
-		return s.group.AfterFunc(d, f)
-	}
-	return timeTimer{time.AfterFunc(d, f)}
 }
 
 type serverInternalState struct {
 	mu          sync.Mutex
 	activeConns map[*serverConn]struct{}
+
+	// Pool of error channels. This is per-Server rather than global
+	// because channels can't be reused across synctest bubbles.
+	errChanPool sync.Pool
 }
 
 func (s *serverInternalState) registerConn(sc *serverConn) {
@@ -245,6 +216,27 @@ func (s *serverInternalState) startGracefulShutdown() {
 	s.mu.Unlock()
 }
 
+// Global error channel pool used for uninitialized Servers.
+// We use a per-Server pool when possible to avoid using channels across synctest bubbles.
+var errChanPool = sync.Pool{
+	New: func() any { return make(chan error, 1) },
+}
+
+func (s *serverInternalState) getErrChan() chan error {
+	if s == nil {
+		return errChanPool.Get().(chan error) // Server used without calling ConfigureServer
+	}
+	return s.errChanPool.Get().(chan error)
+}
+
+func (s *serverInternalState) putErrChan(ch chan error) {
+	if s == nil {
+		errChanPool.Put(ch) // Server used without calling ConfigureServer
+		return
+	}
+	s.errChanPool.Put(ch)
+}
+
 // ConfigureServer adds HTTP/2 support to a net/http Server.
 //
 // The configuration conf may be nil.
@@ -257,7 +249,10 @@ func ConfigureServer(s *http.Server, conf *Server) error {
 	if conf == nil {
 		conf = new(Server)
 	}
-	conf.state = &serverInternalState{activeConns: make(map[*serverConn]struct{})}
+	conf.state = &serverInternalState{
+		activeConns: make(map[*serverConn]struct{}),
+		errChanPool: sync.Pool{New: func() any { return make(chan error, 1) }},
+	}
 	if h1, h2 := s, conf; h2.IdleTimeout == 0 {
 		if h1.IdleTimeout != 0 {
 			h2.IdleTimeout = h1.IdleTimeout
@@ -423,6 +418,9 @@ func (o *ServeConnOpts) handler() http.Handler {
 //
 // The opts parameter is optional. If nil, default values are used.
 func (s *Server) ServeConn(c net.Conn, opts *ServeConnOpts) {
+	if opts == nil {
+		opts = &ServeConnOpts{}
+	}
 	s.serveConn(c, opts, nil)
 }
 
@@ -438,7 +436,7 @@ func (s *Server) serveConn(c net.Conn, opts *ServeConnOpts, newf func(*serverCon
 		conn:                        c,
 		baseCtx:                     baseCtx,
 		remoteAddrStr:               c.RemoteAddr().String(),
-		bw:                          newBufferedWriter(s.group, c, conf.WriteByteTimeout),
+		bw:                          newBufferedWriter(c, conf.WriteByteTimeout),
 		handler:                     opts.handler(),
 		streams:                     make(map[uint32]*stream),
 		readFrameCh:                 make(chan readFrameResult),
@@ -638,11 +636,11 @@ type serverConn struct {
 	pingSent                    bool
 	sentPingData                [8]byte
 	goAwayCode                  ErrCode
-	shutdownTimer               timer // nil until used
-	idleTimer                   timer // nil if unused
+	shutdownTimer               *time.Timer // nil until used
+	idleTimer                   *time.Timer // nil if unused
 	readIdleTimeout             time.Duration
 	pingTimeout                 time.Duration
-	readIdleTimer               timer // nil if unused
+	readIdleTimer               *time.Timer // nil if unused
 
 	// Owned by the writeFrameAsync goroutine:
 	headerWriteBuf bytes.Buffer
@@ -687,12 +685,12 @@ type stream struct {
 	flow             outflow // limits writing from Handler to client
 	inflow           inflow  // what the client is allowed to POST/etc to us
 	state            streamState
-	resetQueued      bool  // RST_STREAM queued for write; set by sc.resetStream
-	gotTrailerHeader bool  // HEADER frame for trailers was seen
-	wroteHeaders     bool  // whether we wrote headers (not status 100)
-	readDeadline     timer // nil if unused
-	writeDeadline    timer // nil if unused
-	closeErr         error // set before cw is closed
+	resetQueued      bool        // RST_STREAM queued for write; set by sc.resetStream
+	gotTrailerHeader bool        // HEADER frame for trailers was seen
+	wroteHeaders     bool        // whether we wrote headers (not status 100)
+	readDeadline     *time.Timer // nil if unused
+	writeDeadline    *time.Timer // nil if unused
+	closeErr         error       // set before cw is closed
 
 	trailer    http.Header // accumulated trailers
 	reqTrailer http.Header // handler's Request.Trailer
@@ -848,7 +846,6 @@ type readFrameResult struct {
 // consumer is done with the frame.
 // It's run on its own goroutine.
 func (sc *serverConn) readFrames() {
-	sc.srv.markNewGoroutine()
 	gate := make(chan struct{})
 	gateDone := func() { gate <- struct{}{} }
 	for {
@@ -881,7 +878,6 @@ type frameWriteResult struct {
 // At most one goroutine can be running writeFrameAsync at a time per
 // serverConn.
 func (sc *serverConn) writeFrameAsync(wr FrameWriteRequest, wd *writeData) {
-	sc.srv.markNewGoroutine()
 	var err error
 	if wd == nil {
 		err = wr.write.writeFrame(sc)
@@ -965,22 +961,22 @@ func (sc *serverConn) serve(conf http2Config) {
 	sc.setConnState(http.StateIdle)
 
 	if sc.srv.IdleTimeout > 0 {
-		sc.idleTimer = sc.srv.afterFunc(sc.srv.IdleTimeout, sc.onIdleTimer)
+		sc.idleTimer = time.AfterFunc(sc.srv.IdleTimeout, sc.onIdleTimer)
 		defer sc.idleTimer.Stop()
 	}
 
 	if conf.SendPingTimeout > 0 {
 		sc.readIdleTimeout = conf.SendPingTimeout
-		sc.readIdleTimer = sc.srv.afterFunc(conf.SendPingTimeout, sc.onReadIdleTimer)
+		sc.readIdleTimer = time.AfterFunc(conf.SendPingTimeout, sc.onReadIdleTimer)
 		defer sc.readIdleTimer.Stop()
 	}
 
 	go sc.readFrames() // closed by defer sc.conn.Close above
 
-	settingsTimer := sc.srv.afterFunc(firstSettingsTimeout, sc.onSettingsTimer)
+	settingsTimer := time.AfterFunc(firstSettingsTimeout, sc.onSettingsTimer)
 	defer settingsTimer.Stop()
 
-	lastFrameTime := sc.srv.now()
+	lastFrameTime := time.Now()
 	loopNum := 0
 	for {
 		loopNum++
@@ -994,7 +990,7 @@ func (sc *serverConn) serve(conf http2Config) {
 		case res := <-sc.wroteFrameCh:
 			sc.wroteFrame(res)
 		case res := <-sc.readFrameCh:
-			lastFrameTime = sc.srv.now()
+			lastFrameTime = time.Now()
 			// Process any written frames before reading new frames from the client since a
 			// written frame could have triggered a new stream to be started.
 			if sc.writingFrameAsync {
@@ -1077,7 +1073,7 @@ func (sc *serverConn) handlePingTimer(lastFrameReadTime time.Time) {
 	}
 
 	pingAt := lastFrameReadTime.Add(sc.readIdleTimeout)
-	now := sc.srv.now()
+	now := time.Now()
 	if pingAt.After(now) {
 		// We received frames since arming the ping timer.
 		// Reset it for the next possible timeout.
@@ -1141,10 +1137,10 @@ func (sc *serverConn) readPreface() error {
 			errc <- nil
 		}
 	}()
-	timer := sc.srv.newTimer(prefaceTimeout) // TODO: configurable on *Server?
+	timer := time.NewTimer(prefaceTimeout) // TODO: configurable on *Server?
 	defer timer.Stop()
 	select {
-	case <-timer.C():
+	case <-timer.C:
 		return errPrefaceTimeout
 	case err := <-errc:
 		if err == nil {
@@ -1156,10 +1152,6 @@ func (sc *serverConn) readPreface() error {
 	}
 }
 
-var errChanPool = sync.Pool{
-	New: func() interface{} { return make(chan error, 1) },
-}
-
 var writeDataPool = sync.Pool{
 	New: func() interface{} { return new(writeData) },
 }
@@ -1167,7 +1159,7 @@ var writeDataPool = sync.Pool{
 // writeDataFromHandler writes DATA response frames from a handler on
 // the given stream.
 func (sc *serverConn) writeDataFromHandler(stream *stream, data []byte, endStream bool) error {
-	ch := errChanPool.Get().(chan error)
+	ch := sc.srv.state.getErrChan()
 	writeArg := writeDataPool.Get().(*writeData)
 	*writeArg = writeData{stream.id, data, endStream}
 	err := sc.writeFrameFromHandler(FrameWriteRequest{
@@ -1199,7 +1191,7 @@ func (sc *serverConn) writeDataFromHandler(stream *stream, data []byte, endStrea
 			return errStreamClosed
 		}
 	}
-	errChanPool.Put(ch)
+	sc.srv.state.putErrChan(ch)
 	if frameWriteDone {
 		writeDataPool.Put(writeArg)
 	}
@@ -1513,7 +1505,7 @@ func (sc *serverConn) goAway(code ErrCode) {
 
 func (sc *serverConn) shutDownIn(d time.Duration) {
 	sc.serveG.check()
-	sc.shutdownTimer = sc.srv.afterFunc(d, sc.onShutdownTimer)
+	sc.shutdownTimer = time.AfterFunc(d, sc.onShutdownTimer)
 }
 
 func (sc *serverConn) resetStream(se StreamError) {
@@ -2118,7 +2110,7 @@ func (sc *serverConn) processHeaders(f *MetaHeadersFrame) error {
 	// (in Go 1.8), though. That's a more sane option anyway.
 	if sc.hs.ReadTimeout > 0 {
 		sc.conn.SetReadDeadline(time.Time{})
-		st.readDeadline = sc.srv.afterFunc(sc.hs.ReadTimeout, st.onReadTimeout)
+		st.readDeadline = time.AfterFunc(sc.hs.ReadTimeout, st.onReadTimeout)
 	}
 
 	return sc.scheduleHandler(id, rw, req, handler)
@@ -2216,7 +2208,7 @@ func (sc *serverConn) newStream(id, pusherID uint32, state streamState) *stream
 	st.flow.add(sc.initialStreamSendWindowSize)
 	st.inflow.init(sc.initialStreamRecvWindowSize)
 	if sc.hs.WriteTimeout > 0 {
-		st.writeDeadline = sc.srv.afterFunc(sc.hs.WriteTimeout, st.onWriteTimeout)
+		st.writeDeadline = time.AfterFunc(sc.hs.WriteTimeout, st.onWriteTimeout)
 	}
 
 	sc.streams[id] = st
@@ -2405,7 +2397,6 @@ func (sc *serverConn) handlerDone() {
 
 // Run on its own goroutine.
 func (sc *serverConn) runHandler(rw *responseWriter, req *http.Request, handler func(http.ResponseWriter, *http.Request)) {
-	sc.srv.markNewGoroutine()
 	defer sc.sendServeMsg(handlerDoneMsg)
 	didPanic := true
 	defer func() {
@@ -2454,7 +2445,7 @@ func (sc *serverConn) writeHeaders(st *stream, headerData *writeResHeaders) erro
 		// waiting for this frame to be written, so an http.Flush mid-handler
 		// writes out the correct value of keys, before a handler later potentially
 		// mutates it.
-		errc = errChanPool.Get().(chan error)
+		errc = sc.srv.state.getErrChan()
 	}
 	if err := sc.writeFrameFromHandler(FrameWriteRequest{
 		write:  headerData,
@@ -2466,7 +2457,7 @@ func (sc *serverConn) writeHeaders(st *stream, headerData *writeResHeaders) erro
 	if errc != nil {
 		select {
 		case err := <-errc:
-			errChanPool.Put(errc)
+			sc.srv.state.putErrChan(errc)
 			return err
 		case <-sc.doneServing:
 			return errClientDisconnected
@@ -2573,7 +2564,7 @@ func (b *requestBody) Read(p []byte) (n int, err error) {
 	if err == io.EOF {
 		b.sawEOF = true
 	}
-	if b.conn == nil && inTests {
+	if b.conn == nil {
 		return
 	}
 	b.conn.noteBodyReadFromHandler(b.stream, n, err)
@@ -2702,7 +2693,7 @@ func (rws *responseWriterState) writeChunk(p []byte) (n int, err error) {
 		var date string
 		if _, ok := rws.snapHeader["Date"]; !ok {
 			// TODO(bradfitz): be faster here, like net/http? measure.
-			date = rws.conn.srv.now().UTC().Format(http.TimeFormat)
+			date = time.Now().UTC().Format(http.TimeFormat)
 		}
 
 		for _, v := range rws.snapHeader["Trailer"] {
@@ -2824,7 +2815,7 @@ func (rws *responseWriterState) promoteUndeclaredTrailers() {
 
 func (w *responseWriter) SetReadDeadline(deadline time.Time) error {
 	st := w.rws.stream
-	if !deadline.IsZero() && deadline.Before(w.rws.conn.srv.now()) {
+	if !deadline.IsZero() && deadline.Before(time.Now()) {
 		// If we're setting a deadline in the past, reset the stream immediately
 		// so writes after SetWriteDeadline returns will fail.
 		st.onReadTimeout()
@@ -2840,9 +2831,9 @@ func (w *responseWriter) SetReadDeadline(deadline time.Time) error {
 		if deadline.IsZero() {
 			st.readDeadline = nil
 		} else if st.readDeadline == nil {
-			st.readDeadline = sc.srv.afterFunc(deadline.Sub(sc.srv.now()), st.onReadTimeout)
+			st.readDeadline = time.AfterFunc(deadline.Sub(time.Now()), st.onReadTimeout)
 		} else {
-			st.readDeadline.Reset(deadline.Sub(sc.srv.now()))
+			st.readDeadline.Reset(deadline.Sub(time.Now()))
 		}
 	})
 	return nil
@@ -2850,7 +2841,7 @@ func (w *responseWriter) SetReadDeadline(deadline time.Time) error {
 
 func (w *responseWriter) SetWriteDeadline(deadline time.Time) error {
 	st := w.rws.stream
-	if !deadline.IsZero() && deadline.Before(w.rws.conn.srv.now()) {
+	if !deadline.IsZero() && deadline.Before(time.Now()) {
 		// If we're setting a deadline in the past, reset the stream immediately
 		// so writes after SetWriteDeadline returns will fail.
 		st.onWriteTimeout()
@@ -2866,9 +2857,9 @@ func (w *responseWriter) SetWriteDeadline(deadline time.Time) error {
 		if deadline.IsZero() {
 			st.writeDeadline = nil
 		} else if st.writeDeadline == nil {
-			st.writeDeadline = sc.srv.afterFunc(deadline.Sub(sc.srv.now()), st.onWriteTimeout)
+			st.writeDeadline = time.AfterFunc(deadline.Sub(time.Now()), st.onWriteTimeout)
 		} else {
-			st.writeDeadline.Reset(deadline.Sub(sc.srv.now()))
+			st.writeDeadline.Reset(deadline.Sub(time.Now()))
 		}
 	})
 	return nil
@@ -3147,7 +3138,7 @@ func (w *responseWriter) Push(target string, opts *http.PushOptions) error {
 		method: opts.Method,
 		url:    u,
 		header: cloneHeader(opts.Header),
-		done:   errChanPool.Get().(chan error),
+		done:   sc.srv.state.getErrChan(),
 	}
 
 	select {
@@ -3164,7 +3155,7 @@ func (w *responseWriter) Push(target string, opts *http.PushOptions) error {
 	case <-st.cw:
 		return errStreamClosed
 	case err := <-msg.done:
-		errChanPool.Put(msg.done)
+		sc.srv.state.putErrChan(msg.done)
 		return err
 	}
 }
diff --git a/vendor/golang.org/x/net/http2/timer.go b/vendor/golang.org/x/net/http2/timer.go
deleted file mode 100644
index 0b1c17b81..000000000
--- a/vendor/golang.org/x/net/http2/timer.go
+++ /dev/null
@@ -1,20 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-package http2
-
-import "time"
-
-// A timer is a time.Timer, as an interface which can be replaced in tests.
-type timer = interface {
-	C() <-chan time.Time
-	Reset(d time.Duration) bool
-	Stop() bool
-}
-
-// timeTimer adapts a time.Timer to the timer interface.
-type timeTimer struct {
-	*time.Timer
-}
-
-func (t timeTimer) C() <-chan time.Time { return t.Timer.C }
diff --git a/vendor/golang.org/x/net/http2/transport.go b/vendor/golang.org/x/net/http2/transport.go
index f26356b9c..1965913e5 100644
--- a/vendor/golang.org/x/net/http2/transport.go
+++ b/vendor/golang.org/x/net/http2/transport.go
@@ -9,6 +9,7 @@ package http2
 import (
 	"bufio"
 	"bytes"
+	"compress/flate"
 	"compress/gzip"
 	"context"
 	"crypto/rand"
@@ -193,50 +194,6 @@ type Transport struct {
 
 type transportTestHooks struct {
 	newclientconn func(*ClientConn)
-	group         synctestGroupInterface
-}
-
-func (t *Transport) markNewGoroutine() {
-	if t != nil && t.transportTestHooks != nil {
-		t.transportTestHooks.group.Join()
-	}
-}
-
-func (t *Transport) now() time.Time {
-	if t != nil && t.transportTestHooks != nil {
-		return t.transportTestHooks.group.Now()
-	}
-	return time.Now()
-}
-
-func (t *Transport) timeSince(when time.Time) time.Duration {
-	if t != nil && t.transportTestHooks != nil {
-		return t.now().Sub(when)
-	}
-	return time.Since(when)
-}
-
-// newTimer creates a new time.Timer, or a synthetic timer in tests.
-func (t *Transport) newTimer(d time.Duration) timer {
-	if t.transportTestHooks != nil {
-		return t.transportTestHooks.group.NewTimer(d)
-	}
-	return timeTimer{time.NewTimer(d)}
-}
-
-// afterFunc creates a new time.AfterFunc timer, or a synthetic timer in tests.
-func (t *Transport) afterFunc(d time.Duration, f func()) timer {
-	if t.transportTestHooks != nil {
-		return t.transportTestHooks.group.AfterFunc(d, f)
-	}
-	return timeTimer{time.AfterFunc(d, f)}
-}
-
-func (t *Transport) contextWithTimeout(ctx context.Context, d time.Duration) (context.Context, context.CancelFunc) {
-	if t.transportTestHooks != nil {
-		return t.transportTestHooks.group.ContextWithTimeout(ctx, d)
-	}
-	return context.WithTimeout(ctx, d)
 }
 
 func (t *Transport) maxHeaderListSize() uint32 {
@@ -366,7 +323,7 @@ type ClientConn struct {
 	readerErr  error         // set before readerDone is closed
 
 	idleTimeout time.Duration // or 0 for never
-	idleTimer   timer
+	idleTimer   *time.Timer
 
 	mu               sync.Mutex // guards following
 	cond             *sync.Cond // hold mu; broadcast on flow/closed changes
@@ -399,6 +356,7 @@ type ClientConn struct {
 	readIdleTimeout             time.Duration
 	pingTimeout                 time.Duration
 	extendedConnectAllowed      bool
+	strictMaxConcurrentStreams  bool
 
 	// rstStreamPingsBlocked works around an unfortunate gRPC behavior.
 	// gRPC strictly limits the number of PING frames that it will receive.
@@ -534,14 +492,12 @@ func (cs *clientStream) closeReqBodyLocked() {
 	cs.reqBodyClosed = make(chan struct{})
 	reqBodyClosed := cs.reqBodyClosed
 	go func() {
-		cs.cc.t.markNewGoroutine()
 		cs.reqBody.Close()
 		close(reqBodyClosed)
 	}()
 }
 
 type stickyErrWriter struct {
-	group   synctestGroupInterface
 	conn    net.Conn
 	timeout time.Duration
 	err     *error
@@ -551,7 +507,7 @@ func (sew stickyErrWriter) Write(p []byte) (n int, err error) {
 	if *sew.err != nil {
 		return 0, *sew.err
 	}
-	n, err = writeWithByteTimeout(sew.group, sew.conn, sew.timeout, p)
+	n, err = writeWithByteTimeout(sew.conn, sew.timeout, p)
 	*sew.err = err
 	return n, err
 }
@@ -650,9 +606,9 @@ func (t *Transport) RoundTripOpt(req *http.Request, opt RoundTripOpt) (*http.Res
 				backoff := float64(uint(1) << (uint(retry) - 1))
 				backoff += backoff * (0.1 * mathrand.Float64())
 				d := time.Second * time.Duration(backoff)
-				tm := t.newTimer(d)
+				tm := time.NewTimer(d)
 				select {
-				case <-tm.C():
+				case <-tm.C:
 					t.vlogf("RoundTrip retrying after failure: %v", roundTripErr)
 					continue
 				case <-req.Context().Done():
@@ -699,6 +655,7 @@ var (
 	errClientConnUnusable       = errors.New("http2: client conn not usable")
 	errClientConnNotEstablished = errors.New("http2: client conn could not be established")
 	errClientConnGotGoAway      = errors.New("http2: Transport received Server's graceful shutdown GOAWAY")
+	errClientConnForceClosed    = errors.New("http2: client connection force closed via ClientConn.Close")
 )
 
 // shouldRetryRequest is called by RoundTrip when a request fails to get
@@ -829,7 +786,8 @@ func (t *Transport) newClientConn(c net.Conn, singleUse bool) (*ClientConn, erro
 		initialWindowSize:           65535,    // spec default
 		initialStreamRecvWindowSize: conf.MaxUploadBufferPerStream,
 		maxConcurrentStreams:        initialMaxConcurrentStreams, // "infinite", per spec. Use a smaller value until we have received server settings.
-		peerMaxHeaderListSize:       0xffffffffffffffff,          // "infinite", per spec. Use 2^64-1 instead.
+		strictMaxConcurrentStreams:  conf.StrictMaxConcurrentRequests,
+		peerMaxHeaderListSize:       0xffffffffffffffff, // "infinite", per spec. Use 2^64-1 instead.
 		streams:                     make(map[uint32]*clientStream),
 		singleUse:                   singleUse,
 		seenSettingsChan:            make(chan struct{}),
@@ -838,14 +796,11 @@ func (t *Transport) newClientConn(c net.Conn, singleUse bool) (*ClientConn, erro
 		pingTimeout:                 conf.PingTimeout,
 		pings:                       make(map[[8]byte]chan struct{}),
 		reqHeaderMu:                 make(chan struct{}, 1),
-		lastActive:                  t.now(),
+		lastActive:                  time.Now(),
 	}
-	var group synctestGroupInterface
 	if t.transportTestHooks != nil {
-		t.markNewGoroutine()
 		t.transportTestHooks.newclientconn(cc)
 		c = cc.tconn
-		group = t.group
 	}
 	if VerboseLogs {
 		t.vlogf("http2: Transport creating client conn %p to %v", cc, c.RemoteAddr())
@@ -857,7 +812,6 @@ func (t *Transport) newClientConn(c net.Conn, singleUse bool) (*ClientConn, erro
 	// TODO: adjust this writer size to account for frame size +
 	// MTU + crypto/tls record padding.
 	cc.bw = bufio.NewWriter(stickyErrWriter{
-		group:   group,
 		conn:    c,
 		timeout: conf.WriteByteTimeout,
 		err:     &cc.werr,
@@ -906,7 +860,7 @@ func (t *Transport) newClientConn(c net.Conn, singleUse bool) (*ClientConn, erro
 	// Start the idle timer after the connection is fully initialized.
 	if d := t.idleConnTimeout(); d != 0 {
 		cc.idleTimeout = d
-		cc.idleTimer = t.afterFunc(d, cc.onIdleTimeout)
+		cc.idleTimer = time.AfterFunc(d, cc.onIdleTimeout)
 	}
 
 	go cc.readLoop()
@@ -917,7 +871,7 @@ func (cc *ClientConn) healthCheck() {
 	pingTimeout := cc.pingTimeout
 	// We don't need to periodically ping in the health check, because the readLoop of ClientConn will
 	// trigger the healthCheck again if there is no frame received.
-	ctx, cancel := cc.t.contextWithTimeout(context.Background(), pingTimeout)
+	ctx, cancel := context.WithTimeout(context.Background(), pingTimeout)
 	defer cancel()
 	cc.vlogf("http2: Transport sending health check")
 	err := cc.Ping(ctx)
@@ -1067,7 +1021,7 @@ func (cc *ClientConn) idleStateLocked() (st clientConnIdleState) {
 		return
 	}
 	var maxConcurrentOkay bool
-	if cc.t.StrictMaxConcurrentStreams {
+	if cc.strictMaxConcurrentStreams {
 		// We'll tell the caller we can take a new request to
 		// prevent the caller from dialing a new TCP
 		// connection, but then we'll block later before
@@ -1120,7 +1074,7 @@ func (cc *ClientConn) tooIdleLocked() bool {
 	// times are compared based on their wall time. We don't want
 	// to reuse a connection that's been sitting idle during
 	// VM/laptop suspend if monotonic time was also frozen.
-	return cc.idleTimeout != 0 && !cc.lastIdle.IsZero() && cc.t.timeSince(cc.lastIdle.Round(0)) > cc.idleTimeout
+	return cc.idleTimeout != 0 && !cc.lastIdle.IsZero() && time.Since(cc.lastIdle.Round(0)) > cc.idleTimeout
 }
 
 // onIdleTimeout is called from a time.AfterFunc goroutine. It will
@@ -1186,7 +1140,6 @@ func (cc *ClientConn) Shutdown(ctx context.Context) error {
 	done := make(chan struct{})
 	cancelled := false // guarded by cc.mu
 	go func() {
-		cc.t.markNewGoroutine()
 		cc.mu.Lock()
 		defer cc.mu.Unlock()
 		for {
@@ -1257,8 +1210,7 @@ func (cc *ClientConn) closeForError(err error) {
 //
 // In-flight requests are interrupted. For a graceful shutdown, use Shutdown instead.
 func (cc *ClientConn) Close() error {
-	err := errors.New("http2: client connection force closed via ClientConn.Close")
-	cc.closeForError(err)
+	cc.closeForError(errClientConnForceClosed)
 	return nil
 }
 
@@ -1427,7 +1379,6 @@ func (cc *ClientConn) roundTrip(req *http.Request, streamf func(*clientStream))
 //
 // It sends the request and performs post-request cleanup (closing Request.Body, etc.).
 func (cs *clientStream) doRequest(req *http.Request, streamf func(*clientStream)) {
-	cs.cc.t.markNewGoroutine()
 	err := cs.writeRequest(req, streamf)
 	cs.cleanupWriteRequest(err)
 }
@@ -1558,9 +1509,9 @@ func (cs *clientStream) writeRequest(req *http.Request, streamf func(*clientStre
 	var respHeaderTimer <-chan time.Time
 	var respHeaderRecv chan struct{}
 	if d := cc.responseHeaderTimeout(); d != 0 {
-		timer := cc.t.newTimer(d)
+		timer := time.NewTimer(d)
 		defer timer.Stop()
-		respHeaderTimer = timer.C()
+		respHeaderTimer = timer.C
 		respHeaderRecv = cs.respHeaderRecv
 	}
 	// Wait until the peer half-closes its end of the stream,
@@ -1753,7 +1704,7 @@ func (cc *ClientConn) awaitOpenSlotForStreamLocked(cs *clientStream) error {
 			// Return a fatal error which aborts the retry loop.
 			return errClientConnNotEstablished
 		}
-		cc.lastActive = cc.t.now()
+		cc.lastActive = time.Now()
 		if cc.closed || !cc.canTakeNewRequestLocked() {
 			return errClientConnUnusable
 		}
@@ -2092,10 +2043,10 @@ func (cc *ClientConn) forgetStreamID(id uint32) {
 	if len(cc.streams) != slen-1 {
 		panic("forgetting unknown stream id")
 	}
-	cc.lastActive = cc.t.now()
+	cc.lastActive = time.Now()
 	if len(cc.streams) == 0 && cc.idleTimer != nil {
 		cc.idleTimer.Reset(cc.idleTimeout)
-		cc.lastIdle = cc.t.now()
+		cc.lastIdle = time.Now()
 	}
 	// Wake up writeRequestBody via clientStream.awaitFlowControl and
 	// wake up RoundTrip if there is a pending request.
@@ -2121,7 +2072,6 @@ type clientConnReadLoop struct {
 
 // readLoop runs in its own goroutine and reads and dispatches frames.
 func (cc *ClientConn) readLoop() {
-	cc.t.markNewGoroutine()
 	rl := &clientConnReadLoop{cc: cc}
 	defer rl.cleanup()
 	cc.readerErr = rl.run()
@@ -2188,9 +2138,9 @@ func (rl *clientConnReadLoop) cleanup() {
 	if cc.idleTimeout > 0 && unusedWaitTime > cc.idleTimeout {
 		unusedWaitTime = cc.idleTimeout
 	}
-	idleTime := cc.t.now().Sub(cc.lastActive)
+	idleTime := time.Now().Sub(cc.lastActive)
 	if atomic.LoadUint32(&cc.atomicReused) == 0 && idleTime < unusedWaitTime && !cc.closedOnIdle {
-		cc.idleTimer = cc.t.afterFunc(unusedWaitTime-idleTime, func() {
+		cc.idleTimer = time.AfterFunc(unusedWaitTime-idleTime, func() {
 			cc.t.connPool().MarkDead(cc)
 		})
 	} else {
@@ -2250,9 +2200,9 @@ func (rl *clientConnReadLoop) run() error {
 	cc := rl.cc
 	gotSettings := false
 	readIdleTimeout := cc.readIdleTimeout
-	var t timer
+	var t *time.Timer
 	if readIdleTimeout != 0 {
-		t = cc.t.afterFunc(readIdleTimeout, cc.healthCheck)
+		t = time.AfterFunc(readIdleTimeout, cc.healthCheck)
 	}
 	for {
 		f, err := cc.fr.ReadFrame()
@@ -2998,7 +2948,6 @@ func (cc *ClientConn) Ping(ctx context.Context) error {
 	var pingError error
 	errc := make(chan struct{})
 	go func() {
-		cc.t.markNewGoroutine()
 		cc.wmu.Lock()
 		defer cc.wmu.Unlock()
 		if pingError = cc.fr.WritePing(false, p); pingError != nil {
@@ -3128,35 +3077,102 @@ type erringRoundTripper struct{ err error }
 func (rt erringRoundTripper) RoundTripErr() error                             { return rt.err }
 func (rt erringRoundTripper) RoundTrip(*http.Request) (*http.Response, error) { return nil, rt.err }
 
+var errConcurrentReadOnResBody = errors.New("http2: concurrent read on response body")
+
 // gzipReader wraps a response body so it can lazily
-// call gzip.NewReader on the first call to Read
+// get gzip.Reader from the pool on the first call to Read.
+// After Close is called it puts gzip.Reader to the pool immediately
+// if there is no Read in progress or later when Read completes.
 type gzipReader struct {
 	_    incomparable
 	body io.ReadCloser // underlying Response.Body
-	zr   *gzip.Reader  // lazily-initialized gzip reader
-	zerr error         // sticky error
+	mu   sync.Mutex    // guards zr and zerr
+	zr   *gzip.Reader  // stores gzip reader from the pool between reads
+	zerr error         // sticky gzip reader init error or sentinel value to detect concurrent read and read after close
 }
 
-func (gz *gzipReader) Read(p []byte) (n int, err error) {
+type eofReader struct{}
+
+func (eofReader) Read([]byte) (int, error) { return 0, io.EOF }
+func (eofReader) ReadByte() (byte, error)  { return 0, io.EOF }
+
+var gzipPool = sync.Pool{New: func() any { return new(gzip.Reader) }}
+
+// gzipPoolGet gets a gzip.Reader from the pool and resets it to read from r.
+func gzipPoolGet(r io.Reader) (*gzip.Reader, error) {
+	zr := gzipPool.Get().(*gzip.Reader)
+	if err := zr.Reset(r); err != nil {
+		gzipPoolPut(zr)
+		return nil, err
+	}
+	return zr, nil
+}
+
+// gzipPoolPut puts a gzip.Reader back into the pool.
+func gzipPoolPut(zr *gzip.Reader) {
+	// Reset will allocate bufio.Reader if we pass it anything
+	// other than a flate.Reader, so ensure that it's getting one.
+	var r flate.Reader = eofReader{}
+	zr.Reset(r)
+	gzipPool.Put(zr)
+}
+
+// acquire returns a gzip.Reader for reading response body.
+// The reader must be released after use.
+func (gz *gzipReader) acquire() (*gzip.Reader, error) {
+	gz.mu.Lock()
+	defer gz.mu.Unlock()
 	if gz.zerr != nil {
-		return 0, gz.zerr
+		return nil, gz.zerr
 	}
 	if gz.zr == nil {
-		gz.zr, err = gzip.NewReader(gz.body)
-		if err != nil {
-			gz.zerr = err
-			return 0, err
+		gz.zr, gz.zerr = gzipPoolGet(gz.body)
+		if gz.zerr != nil {
+			return nil, gz.zerr
 		}
 	}
-	return gz.zr.Read(p)
+	ret := gz.zr
+	gz.zr, gz.zerr = nil, errConcurrentReadOnResBody
+	return ret, nil
 }
 
-func (gz *gzipReader) Close() error {
-	if err := gz.body.Close(); err != nil {
-		return err
+// release returns the gzip.Reader to the pool if Close was called during Read.
+func (gz *gzipReader) release(zr *gzip.Reader) {
+	gz.mu.Lock()
+	defer gz.mu.Unlock()
+	if gz.zerr == errConcurrentReadOnResBody {
+		gz.zr, gz.zerr = zr, nil
+	} else { // fs.ErrClosed
+		gzipPoolPut(zr)
+	}
+}
+
+// close returns the gzip.Reader to the pool immediately or
+// signals release to do so after Read completes.
+func (gz *gzipReader) close() {
+	gz.mu.Lock()
+	defer gz.mu.Unlock()
+	if gz.zerr == nil && gz.zr != nil {
+		gzipPoolPut(gz.zr)
+		gz.zr = nil
 	}
 	gz.zerr = fs.ErrClosed
-	return nil
+}
+
+func (gz *gzipReader) Read(p []byte) (n int, err error) {
+	zr, err := gz.acquire()
+	if err != nil {
+		return 0, err
+	}
+	defer gz.release(zr)
+
+	return zr.Read(p)
+}
+
+func (gz *gzipReader) Close() error {
+	gz.close()
+
+	return gz.body.Close()
 }
 
 type errorReader struct{ err error }
@@ -3228,7 +3244,7 @@ func traceGotConn(req *http.Request, cc *ClientConn, reused bool) {
 	cc.mu.Lock()
 	ci.WasIdle = len(cc.streams) == 0 && reused
 	if ci.WasIdle && !cc.lastActive.IsZero() {
-		ci.IdleTime = cc.t.timeSince(cc.lastActive)
+		ci.IdleTime = time.Since(cc.lastActive)
 	}
 	cc.mu.Unlock()
 
diff --git a/vendor/golang.org/x/net/http2/writesched.go b/vendor/golang.org/x/net/http2/writesched.go
index cc893adc2..7de27be52 100644
--- a/vendor/golang.org/x/net/http2/writesched.go
+++ b/vendor/golang.org/x/net/http2/writesched.go
@@ -42,6 +42,8 @@ type OpenStreamOptions struct {
 	// PusherID is zero if the stream was initiated by the client. Otherwise,
 	// PusherID names the stream that pushed the newly opened stream.
 	PusherID uint32
+	// priority is used to set the priority of the newly opened stream.
+	priority PriorityParam
 }
 
 // FrameWriteRequest is a request to write a frame.
@@ -183,45 +185,75 @@ func (wr *FrameWriteRequest) replyToWriter(err error) {
 }
 
 // writeQueue is used by implementations of WriteScheduler.
+//
+// Each writeQueue contains a queue of FrameWriteRequests, meant to store all
+// FrameWriteRequests associated with a given stream. This is implemented as a
+// two-stage queue: currQueue[currPos:] and nextQueue. Removing an item is done
+// by incrementing currPos of currQueue. Adding an item is done by appending it
+// to the nextQueue. If currQueue is empty when trying to remove an item, we
+// can swap currQueue and nextQueue to remedy the situation.
+// This two-stage queue is analogous to the use of two lists in Okasaki's
+// purely functional queue but without the overhead of reversing the list when
+// swapping stages.
+//
+// writeQueue also contains prev and next, this can be used by implementations
+// of WriteScheduler to construct data structures that represent the order of
+// writing between different streams (e.g. circular linked list).
 type writeQueue struct {
-	s          []FrameWriteRequest
+	currQueue []FrameWriteRequest
+	nextQueue []FrameWriteRequest
+	currPos   int
+
 	prev, next *writeQueue
 }
 
-func (q *writeQueue) empty() bool { return len(q.s) == 0 }
+func (q *writeQueue) empty() bool {
+	return (len(q.currQueue) - q.currPos + len(q.nextQueue)) == 0
+}
 
 func (q *writeQueue) push(wr FrameWriteRequest) {
-	q.s = append(q.s, wr)
+	q.nextQueue = append(q.nextQueue, wr)
 }
 
 func (q *writeQueue) shift() FrameWriteRequest {
-	if len(q.s) == 0 {
+	if q.empty() {
 		panic("invalid use of queue")
 	}
-	wr := q.s[0]
-	// TODO: less copy-happy queue.
-	copy(q.s, q.s[1:])
-	q.s[len(q.s)-1] = FrameWriteRequest{}
-	q.s = q.s[:len(q.s)-1]
+	if q.currPos >= len(q.currQueue) {
+		q.currQueue, q.currPos, q.nextQueue = q.nextQueue, 0, q.currQueue[:0]
+	}
+	wr := q.currQueue[q.currPos]
+	q.currQueue[q.currPos] = FrameWriteRequest{}
+	q.currPos++
 	return wr
 }
 
+func (q *writeQueue) peek() *FrameWriteRequest {
+	if q.currPos < len(q.currQueue) {
+		return &q.currQueue[q.currPos]
+	}
+	if len(q.nextQueue) > 0 {
+		return &q.nextQueue[0]
+	}
+	return nil
+}
+
 // consume consumes up to n bytes from q.s[0]. If the frame is
 // entirely consumed, it is removed from the queue. If the frame
 // is partially consumed, the frame is kept with the consumed
 // bytes removed. Returns true iff any bytes were consumed.
 func (q *writeQueue) consume(n int32) (FrameWriteRequest, bool) {
-	if len(q.s) == 0 {
+	if q.empty() {
 		return FrameWriteRequest{}, false
 	}
-	consumed, rest, numresult := q.s[0].Consume(n)
+	consumed, rest, numresult := q.peek().Consume(n)
 	switch numresult {
 	case 0:
 		return FrameWriteRequest{}, false
 	case 1:
 		q.shift()
 	case 2:
-		q.s[0] = rest
+		*q.peek() = rest
 	}
 	return consumed, true
 }
@@ -230,10 +262,15 @@ type writeQueuePool []*writeQueue
 
 // put inserts an unused writeQueue into the pool.
 func (p *writeQueuePool) put(q *writeQueue) {
-	for i := range q.s {
-		q.s[i] = FrameWriteRequest{}
+	for i := range q.currQueue {
+		q.currQueue[i] = FrameWriteRequest{}
+	}
+	for i := range q.nextQueue {
+		q.nextQueue[i] = FrameWriteRequest{}
 	}
-	q.s = q.s[:0]
+	q.currQueue = q.currQueue[:0]
+	q.nextQueue = q.nextQueue[:0]
+	q.currPos = 0
 	*p = append(*p, q)
 }
 
diff --git a/vendor/golang.org/x/net/http2/writesched_priority.go b/vendor/golang.org/x/net/http2/writesched_priority_rfc7540.go
similarity index 77%
rename from vendor/golang.org/x/net/http2/writesched_priority.go
rename to vendor/golang.org/x/net/http2/writesched_priority_rfc7540.go
index f6783339d..4e33c29a2 100644
--- a/vendor/golang.org/x/net/http2/writesched_priority.go
+++ b/vendor/golang.org/x/net/http2/writesched_priority_rfc7540.go
@@ -11,7 +11,7 @@ import (
 )
 
 // RFC 7540, Section 5.3.5: the default weight is 16.
-const priorityDefaultWeight = 15 // 16 = 15 + 1
+const priorityDefaultWeightRFC7540 = 15 // 16 = 15 + 1
 
 // PriorityWriteSchedulerConfig configures a priorityWriteScheduler.
 type PriorityWriteSchedulerConfig struct {
@@ -66,8 +66,8 @@ func NewPriorityWriteScheduler(cfg *PriorityWriteSchedulerConfig) WriteScheduler
 		}
 	}
 
-	ws := &priorityWriteScheduler{
-		nodes:                make(map[uint32]*priorityNode),
+	ws := &priorityWriteSchedulerRFC7540{
+		nodes:                make(map[uint32]*priorityNodeRFC7540),
 		maxClosedNodesInTree: cfg.MaxClosedNodesInTree,
 		maxIdleNodesInTree:   cfg.MaxIdleNodesInTree,
 		enableWriteThrottle:  cfg.ThrottleOutOfOrderWrites,
@@ -81,32 +81,32 @@ func NewPriorityWriteScheduler(cfg *PriorityWriteSchedulerConfig) WriteScheduler
 	return ws
 }
 
-type priorityNodeState int
+type priorityNodeStateRFC7540 int
 
 const (
-	priorityNodeOpen priorityNodeState = iota
-	priorityNodeClosed
-	priorityNodeIdle
+	priorityNodeOpenRFC7540 priorityNodeStateRFC7540 = iota
+	priorityNodeClosedRFC7540
+	priorityNodeIdleRFC7540
 )
 
-// priorityNode is a node in an HTTP/2 priority tree.
+// priorityNodeRFC7540 is a node in an HTTP/2 priority tree.
 // Each node is associated with a single stream ID.
 // See RFC 7540, Section 5.3.
-type priorityNode struct {
-	q            writeQueue        // queue of pending frames to write
-	id           uint32            // id of the stream, or 0 for the root of the tree
-	weight       uint8             // the actual weight is weight+1, so the value is in [1,256]
-	state        priorityNodeState // open | closed | idle
-	bytes        int64             // number of bytes written by this node, or 0 if closed
-	subtreeBytes int64             // sum(node.bytes) of all nodes in this subtree
+type priorityNodeRFC7540 struct {
+	q            writeQueue               // queue of pending frames to write
+	id           uint32                   // id of the stream, or 0 for the root of the tree
+	weight       uint8                    // the actual weight is weight+1, so the value is in [1,256]
+	state        priorityNodeStateRFC7540 // open | closed | idle
+	bytes        int64                    // number of bytes written by this node, or 0 if closed
+	subtreeBytes int64                    // sum(node.bytes) of all nodes in this subtree
 
 	// These links form the priority tree.
-	parent     *priorityNode
-	kids       *priorityNode // start of the kids list
-	prev, next *priorityNode // doubly-linked list of siblings
+	parent     *priorityNodeRFC7540
+	kids       *priorityNodeRFC7540 // start of the kids list
+	prev, next *priorityNodeRFC7540 // doubly-linked list of siblings
 }
 
-func (n *priorityNode) setParent(parent *priorityNode) {
+func (n *priorityNodeRFC7540) setParent(parent *priorityNodeRFC7540) {
 	if n == parent {
 		panic("setParent to self")
 	}
@@ -141,7 +141,7 @@ func (n *priorityNode) setParent(parent *priorityNode) {
 	}
 }
 
-func (n *priorityNode) addBytes(b int64) {
+func (n *priorityNodeRFC7540) addBytes(b int64) {
 	n.bytes += b
 	for ; n != nil; n = n.parent {
 		n.subtreeBytes += b
@@ -154,7 +154,7 @@ func (n *priorityNode) addBytes(b int64) {
 //
 // f(n, openParent) takes two arguments: the node to visit, n, and a bool that is true
 // if any ancestor p of n is still open (ignoring the root node).
-func (n *priorityNode) walkReadyInOrder(openParent bool, tmp *[]*priorityNode, f func(*priorityNode, bool) bool) bool {
+func (n *priorityNodeRFC7540) walkReadyInOrder(openParent bool, tmp *[]*priorityNodeRFC7540, f func(*priorityNodeRFC7540, bool) bool) bool {
 	if !n.q.empty() && f(n, openParent) {
 		return true
 	}
@@ -165,7 +165,7 @@ func (n *priorityNode) walkReadyInOrder(openParent bool, tmp *[]*priorityNode, f
 	// Don't consider the root "open" when updating openParent since
 	// we can't send data frames on the root stream (only control frames).
 	if n.id != 0 {
-		openParent = openParent || (n.state == priorityNodeOpen)
+		openParent = openParent || (n.state == priorityNodeOpenRFC7540)
 	}
 
 	// Common case: only one kid or all kids have the same weight.
@@ -195,7 +195,7 @@ func (n *priorityNode) walkReadyInOrder(openParent bool, tmp *[]*priorityNode, f
 		*tmp = append(*tmp, n.kids)
 		n.kids.setParent(nil)
 	}
-	sort.Sort(sortPriorityNodeSiblings(*tmp))
+	sort.Sort(sortPriorityNodeSiblingsRFC7540(*tmp))
 	for i := len(*tmp) - 1; i >= 0; i-- {
 		(*tmp)[i].setParent(n) // setParent inserts at the head of n.kids
 	}
@@ -207,15 +207,15 @@ func (n *priorityNode) walkReadyInOrder(openParent bool, tmp *[]*priorityNode, f
 	return false
 }
 
-type sortPriorityNodeSiblings []*priorityNode
+type sortPriorityNodeSiblingsRFC7540 []*priorityNodeRFC7540
 
-func (z sortPriorityNodeSiblings) Len() int      { return len(z) }
-func (z sortPriorityNodeSiblings) Swap(i, k int) { z[i], z[k] = z[k], z[i] }
-func (z sortPriorityNodeSiblings) Less(i, k int) bool {
+func (z sortPriorityNodeSiblingsRFC7540) Len() int      { return len(z) }
+func (z sortPriorityNodeSiblingsRFC7540) Swap(i, k int) { z[i], z[k] = z[k], z[i] }
+func (z sortPriorityNodeSiblingsRFC7540) Less(i, k int) bool {
 	// Prefer the subtree that has sent fewer bytes relative to its weight.
 	// See sections 5.3.2 and 5.3.4.
-	wi, bi := float64(z[i].weight+1), float64(z[i].subtreeBytes)
-	wk, bk := float64(z[k].weight+1), float64(z[k].subtreeBytes)
+	wi, bi := float64(z[i].weight)+1, float64(z[i].subtreeBytes)
+	wk, bk := float64(z[k].weight)+1, float64(z[k].subtreeBytes)
 	if bi == 0 && bk == 0 {
 		return wi >= wk
 	}
@@ -225,13 +225,13 @@ func (z sortPriorityNodeSiblings) Less(i, k int) bool {
 	return bi/bk <= wi/wk
 }
 
-type priorityWriteScheduler struct {
+type priorityWriteSchedulerRFC7540 struct {
 	// root is the root of the priority tree, where root.id = 0.
 	// The root queues control frames that are not associated with any stream.
-	root priorityNode
+	root priorityNodeRFC7540
 
 	// nodes maps stream ids to priority tree nodes.
-	nodes map[uint32]*priorityNode
+	nodes map[uint32]*priorityNodeRFC7540
 
 	// maxID is the maximum stream id in nodes.
 	maxID uint32
@@ -239,7 +239,7 @@ type priorityWriteScheduler struct {
 	// lists of nodes that have been closed or are idle, but are kept in
 	// the tree for improved prioritization. When the lengths exceed either
 	// maxClosedNodesInTree or maxIdleNodesInTree, old nodes are discarded.
-	closedNodes, idleNodes []*priorityNode
+	closedNodes, idleNodes []*priorityNodeRFC7540
 
 	// From the config.
 	maxClosedNodesInTree int
@@ -248,19 +248,19 @@ type priorityWriteScheduler struct {
 	enableWriteThrottle  bool
 
 	// tmp is scratch space for priorityNode.walkReadyInOrder to reduce allocations.
-	tmp []*priorityNode
+	tmp []*priorityNodeRFC7540
 
 	// pool of empty queues for reuse.
 	queuePool writeQueuePool
 }
 
-func (ws *priorityWriteScheduler) OpenStream(streamID uint32, options OpenStreamOptions) {
+func (ws *priorityWriteSchedulerRFC7540) OpenStream(streamID uint32, options OpenStreamOptions) {
 	// The stream may be currently idle but cannot be opened or closed.
 	if curr := ws.nodes[streamID]; curr != nil {
-		if curr.state != priorityNodeIdle {
+		if curr.state != priorityNodeIdleRFC7540 {
 			panic(fmt.Sprintf("stream %d already opened", streamID))
 		}
-		curr.state = priorityNodeOpen
+		curr.state = priorityNodeOpenRFC7540
 		return
 	}
 
@@ -272,11 +272,11 @@ func (ws *priorityWriteScheduler) OpenStream(streamID uint32, options OpenStream
 	if parent == nil {
 		parent = &ws.root
 	}
-	n := &priorityNode{
+	n := &priorityNodeRFC7540{
 		q:      *ws.queuePool.get(),
 		id:     streamID,
-		weight: priorityDefaultWeight,
-		state:  priorityNodeOpen,
+		weight: priorityDefaultWeightRFC7540,
+		state:  priorityNodeOpenRFC7540,
 	}
 	n.setParent(parent)
 	ws.nodes[streamID] = n
@@ -285,24 +285,23 @@ func (ws *priorityWriteScheduler) OpenStream(streamID uint32, options OpenStream
 	}
 }
 
-func (ws *priorityWriteScheduler) CloseStream(streamID uint32) {
+func (ws *priorityWriteSchedulerRFC7540) CloseStream(streamID uint32) {
 	if streamID == 0 {
 		panic("violation of WriteScheduler interface: cannot close stream 0")
 	}
 	if ws.nodes[streamID] == nil {
 		panic(fmt.Sprintf("violation of WriteScheduler interface: unknown stream %d", streamID))
 	}
-	if ws.nodes[streamID].state != priorityNodeOpen {
+	if ws.nodes[streamID].state != priorityNodeOpenRFC7540 {
 		panic(fmt.Sprintf("violation of WriteScheduler interface: stream %d already closed", streamID))
 	}
 
 	n := ws.nodes[streamID]
-	n.state = priorityNodeClosed
+	n.state = priorityNodeClosedRFC7540
 	n.addBytes(-n.bytes)
 
 	q := n.q
 	ws.queuePool.put(&q)
-	n.q.s = nil
 	if ws.maxClosedNodesInTree > 0 {
 		ws.addClosedOrIdleNode(&ws.closedNodes, ws.maxClosedNodesInTree, n)
 	} else {
@@ -310,7 +309,7 @@ func (ws *priorityWriteScheduler) CloseStream(streamID uint32) {
 	}
 }
 
-func (ws *priorityWriteScheduler) AdjustStream(streamID uint32, priority PriorityParam) {
+func (ws *priorityWriteSchedulerRFC7540) AdjustStream(streamID uint32, priority PriorityParam) {
 	if streamID == 0 {
 		panic("adjustPriority on root")
 	}
@@ -324,11 +323,11 @@ func (ws *priorityWriteScheduler) AdjustStream(streamID uint32, priority Priorit
 			return
 		}
 		ws.maxID = streamID
-		n = &priorityNode{
+		n = &priorityNodeRFC7540{
 			q:      *ws.queuePool.get(),
 			id:     streamID,
-			weight: priorityDefaultWeight,
-			state:  priorityNodeIdle,
+			weight: priorityDefaultWeightRFC7540,
+			state:  priorityNodeIdleRFC7540,
 		}
 		n.setParent(&ws.root)
 		ws.nodes[streamID] = n
@@ -340,7 +339,7 @@ func (ws *priorityWriteScheduler) AdjustStream(streamID uint32, priority Priorit
 	parent := ws.nodes[priority.StreamDep]
 	if parent == nil {
 		n.setParent(&ws.root)
-		n.weight = priorityDefaultWeight
+		n.weight = priorityDefaultWeightRFC7540
 		return
 	}
 
@@ -381,8 +380,8 @@ func (ws *priorityWriteScheduler) AdjustStream(streamID uint32, priority Priorit
 	n.weight = priority.Weight
 }
 
-func (ws *priorityWriteScheduler) Push(wr FrameWriteRequest) {
-	var n *priorityNode
+func (ws *priorityWriteSchedulerRFC7540) Push(wr FrameWriteRequest) {
+	var n *priorityNodeRFC7540
 	if wr.isControl() {
 		n = &ws.root
 	} else {
@@ -401,8 +400,8 @@ func (ws *priorityWriteScheduler) Push(wr FrameWriteRequest) {
 	n.q.push(wr)
 }
 
-func (ws *priorityWriteScheduler) Pop() (wr FrameWriteRequest, ok bool) {
-	ws.root.walkReadyInOrder(false, &ws.tmp, func(n *priorityNode, openParent bool) bool {
+func (ws *priorityWriteSchedulerRFC7540) Pop() (wr FrameWriteRequest, ok bool) {
+	ws.root.walkReadyInOrder(false, &ws.tmp, func(n *priorityNodeRFC7540, openParent bool) bool {
 		limit := int32(math.MaxInt32)
 		if openParent {
 			limit = ws.writeThrottleLimit
@@ -428,7 +427,7 @@ func (ws *priorityWriteScheduler) Pop() (wr FrameWriteRequest, ok bool) {
 	return wr, ok
 }
 
-func (ws *priorityWriteScheduler) addClosedOrIdleNode(list *[]*priorityNode, maxSize int, n *priorityNode) {
+func (ws *priorityWriteSchedulerRFC7540) addClosedOrIdleNode(list *[]*priorityNodeRFC7540, maxSize int, n *priorityNodeRFC7540) {
 	if maxSize == 0 {
 		return
 	}
@@ -442,7 +441,7 @@ func (ws *priorityWriteScheduler) addClosedOrIdleNode(list *[]*priorityNode, max
 	*list = append(*list, n)
 }
 
-func (ws *priorityWriteScheduler) removeNode(n *priorityNode) {
+func (ws *priorityWriteSchedulerRFC7540) removeNode(n *priorityNodeRFC7540) {
 	for n.kids != nil {
 		n.kids.setParent(n.parent)
 	}
diff --git a/vendor/golang.org/x/net/http2/writesched_priority_rfc9218.go b/vendor/golang.org/x/net/http2/writesched_priority_rfc9218.go
new file mode 100644
index 000000000..cb4cadc32
--- /dev/null
+++ b/vendor/golang.org/x/net/http2/writesched_priority_rfc9218.go
@@ -0,0 +1,209 @@
+// Copyright 2025 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package http2
+
+import (
+	"fmt"
+	"math"
+)
+
+type streamMetadata struct {
+	location *writeQueue
+	priority PriorityParam
+}
+
+type priorityWriteSchedulerRFC9218 struct {
+	// control contains control frames (SETTINGS, PING, etc.).
+	control writeQueue
+
+	// heads contain the head of a circular list of streams.
+	// We put these heads within a nested array that represents urgency and
+	// incremental, as defined in
+	// https://www.rfc-editor.org/rfc/rfc9218.html#name-priority-parameters.
+	// 8 represents u=0 up to u=7, and 2 represents i=false and i=true.
+	heads [8][2]*writeQueue
+
+	// streams contains a mapping between each stream ID and their metadata, so
+	// we can quickly locate them when needing to, for example, adjust their
+	// priority.
+	streams map[uint32]streamMetadata
+
+	// queuePool are empty queues for reuse.
+	queuePool writeQueuePool
+
+	// prioritizeIncremental is used to determine whether we should prioritize
+	// incremental streams or not, when urgency is the same in a given Pop()
+	// call.
+	prioritizeIncremental bool
+}
+
+func newPriorityWriteSchedulerRFC9218() WriteScheduler {
+	ws := &priorityWriteSchedulerRFC9218{
+		streams: make(map[uint32]streamMetadata),
+	}
+	return ws
+}
+
+func (ws *priorityWriteSchedulerRFC9218) OpenStream(streamID uint32, opt OpenStreamOptions) {
+	if ws.streams[streamID].location != nil {
+		panic(fmt.Errorf("stream %d already opened", streamID))
+	}
+	q := ws.queuePool.get()
+	ws.streams[streamID] = streamMetadata{
+		location: q,
+		priority: opt.priority,
+	}
+
+	u, i := opt.priority.urgency, opt.priority.incremental
+	if ws.heads[u][i] == nil {
+		ws.heads[u][i] = q
+		q.next = q
+		q.prev = q
+	} else {
+		// Queues are stored in a ring.
+		// Insert the new stream before ws.head, putting it at the end of the list.
+		q.prev = ws.heads[u][i].prev
+		q.next = ws.heads[u][i]
+		q.prev.next = q
+		q.next.prev = q
+	}
+}
+
+func (ws *priorityWriteSchedulerRFC9218) CloseStream(streamID uint32) {
+	metadata := ws.streams[streamID]
+	q, u, i := metadata.location, metadata.priority.urgency, metadata.priority.incremental
+	if q == nil {
+		return
+	}
+	if q.next == q {
+		// This was the only open stream.
+		ws.heads[u][i] = nil
+	} else {
+		q.prev.next = q.next
+		q.next.prev = q.prev
+		if ws.heads[u][i] == q {
+			ws.heads[u][i] = q.next
+		}
+	}
+	delete(ws.streams, streamID)
+	ws.queuePool.put(q)
+}
+
+func (ws *priorityWriteSchedulerRFC9218) AdjustStream(streamID uint32, priority PriorityParam) {
+	metadata := ws.streams[streamID]
+	q, u, i := metadata.location, metadata.priority.urgency, metadata.priority.incremental
+	if q == nil {
+		return
+	}
+
+	// Remove stream from current location.
+	if q.next == q {
+		// This was the only open stream.
+		ws.heads[u][i] = nil
+	} else {
+		q.prev.next = q.next
+		q.next.prev = q.prev
+		if ws.heads[u][i] == q {
+			ws.heads[u][i] = q.next
+		}
+	}
+
+	// Insert stream to the new queue.
+	u, i = priority.urgency, priority.incremental
+	if ws.heads[u][i] == nil {
+		ws.heads[u][i] = q
+		q.next = q
+		q.prev = q
+	} else {
+		// Queues are stored in a ring.
+		// Insert the new stream before ws.head, putting it at the end of the list.
+		q.prev = ws.heads[u][i].prev
+		q.next = ws.heads[u][i]
+		q.prev.next = q
+		q.next.prev = q
+	}
+
+	// Update the metadata.
+	ws.streams[streamID] = streamMetadata{
+		location: q,
+		priority: priority,
+	}
+}
+
+func (ws *priorityWriteSchedulerRFC9218) Push(wr FrameWriteRequest) {
+	if wr.isControl() {
+		ws.control.push(wr)
+		return
+	}
+	q := ws.streams[wr.StreamID()].location
+	if q == nil {
+		// This is a closed stream.
+		// wr should not be a HEADERS or DATA frame.
+		// We push the request onto the control queue.
+		if wr.DataSize() > 0 {
+			panic("add DATA on non-open stream")
+		}
+		ws.control.push(wr)
+		return
+	}
+	q.push(wr)
+}
+
+func (ws *priorityWriteSchedulerRFC9218) Pop() (FrameWriteRequest, bool) {
+	// Control and RST_STREAM frames first.
+	if !ws.control.empty() {
+		return ws.control.shift(), true
+	}
+
+	// On the next Pop(), we want to prioritize incremental if we prioritized
+	// non-incremental request of the same urgency this time. Vice-versa.
+	// i.e. when there are incremental and non-incremental requests at the same
+	// priority, we give 50% of our bandwidth to the incremental ones in
+	// aggregate and 50% to the first non-incremental one (since
+	// non-incremental streams do not use round-robin writes).
+	ws.prioritizeIncremental = !ws.prioritizeIncremental
+
+	// Always prioritize lowest u (i.e. highest urgency level).
+	for u := range ws.heads {
+		for i := range ws.heads[u] {
+			// When we want to prioritize incremental, we try to pop i=true
+			// first before i=false when u is the same.
+			if ws.prioritizeIncremental {
+				i = (i + 1) % 2
+			}
+			q := ws.heads[u][i]
+			if q == nil {
+				continue
+			}
+			for {
+				if wr, ok := q.consume(math.MaxInt32); ok {
+					if i == 1 {
+						// For incremental streams, we update head to q.next so
+						// we can round-robin between multiple streams that can
+						// immediately benefit from partial writes.
+						ws.heads[u][i] = q.next
+					} else {
+						// For non-incremental streams, we try to finish one to
+						// completion rather than doing round-robin. However,
+						// we update head here so that if q.consume() is !ok
+						// (e.g. the stream has no more frame to consume), head
+						// is updated to the next q that has frames to consume
+						// on future iterations. This way, we do not prioritize
+						// writing to unavailable stream on next Pop() calls,
+						// preventing head-of-line blocking.
+						ws.heads[u][i] = q
+					}
+					return wr, true
+				}
+				q = q.next
+				if q == ws.heads[u][i] {
+					break
+				}
+			}
+
+		}
+	}
+	return FrameWriteRequest{}, false
+}
diff --git a/vendor/golang.org/x/net/http2/writesched_roundrobin.go b/vendor/golang.org/x/net/http2/writesched_roundrobin.go
index 54fe86322..737cff9ec 100644
--- a/vendor/golang.org/x/net/http2/writesched_roundrobin.go
+++ b/vendor/golang.org/x/net/http2/writesched_roundrobin.go
@@ -25,7 +25,7 @@ type roundRobinWriteScheduler struct {
 }
 
 // newRoundRobinWriteScheduler constructs a new write scheduler.
-// The round robin scheduler priorizes control frames
+// The round robin scheduler prioritizes control frames
 // like SETTINGS and PING over DATA frames.
 // When there are no control frames to send, it performs a round-robin
 // selection from the ready streams.
diff --git a/vendor/golang.org/x/net/internal/httpcommon/request.go b/vendor/golang.org/x/net/internal/httpcommon/request.go
index 4b7055317..1e10f89eb 100644
--- a/vendor/golang.org/x/net/internal/httpcommon/request.go
+++ b/vendor/golang.org/x/net/internal/httpcommon/request.go
@@ -51,7 +51,7 @@ type EncodeHeadersParam struct {
 	DefaultUserAgent string
 }
 
-// EncodeHeadersParam is the result of EncodeHeaders.
+// EncodeHeadersResult is the result of EncodeHeaders.
 type EncodeHeadersResult struct {
 	HasBody     bool
 	HasTrailers bool
@@ -399,7 +399,7 @@ type ServerRequestResult struct {
 
 	// If the request should be rejected, this is a short string suitable for passing
 	// to the http2 package's CountError function.
-	// It might be a bit odd to return errors this way rather than returing an error,
+	// It might be a bit odd to return errors this way rather than returning an error,
 	// but this ensures we don't forget to include a CountError reason.
 	InvalidReason string
 }
diff --git a/vendor/golang.org/x/sync/errgroup/errgroup.go b/vendor/golang.org/x/sync/errgroup/errgroup.go
index 1d8cffae8..2f45dbc86 100644
--- a/vendor/golang.org/x/sync/errgroup/errgroup.go
+++ b/vendor/golang.org/x/sync/errgroup/errgroup.go
@@ -3,7 +3,7 @@
 // license that can be found in the LICENSE file.
 
 // Package errgroup provides synchronization, error propagation, and Context
-// cancelation for groups of goroutines working on subtasks of a common task.
+// cancellation for groups of goroutines working on subtasks of a common task.
 //
 // [errgroup.Group] is related to [sync.WaitGroup] but adds handling of tasks
 // returning errors.
diff --git a/vendor/golang.org/x/sys/cpu/cpu.go b/vendor/golang.org/x/sys/cpu/cpu.go
index 63541994e..34c9ae76e 100644
--- a/vendor/golang.org/x/sys/cpu/cpu.go
+++ b/vendor/golang.org/x/sys/cpu/cpu.go
@@ -92,6 +92,9 @@ var ARM64 struct {
 	HasSHA2     bool // SHA2 hardware implementation
 	HasCRC32    bool // CRC32 hardware implementation
 	HasATOMICS  bool // Atomic memory operation instruction set
+	HasHPDS     bool // Hierarchical permission disables in translations tables
+	HasLOR      bool // Limited ordering regions
+	HasPAN      bool // Privileged access never
 	HasFPHP     bool // Half precision floating-point instruction set
 	HasASIMDHP  bool // Advanced SIMD half precision instruction set
 	HasCPUID    bool // CPUID identification scheme registers
diff --git a/vendor/golang.org/x/sys/cpu/cpu_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_arm64.go
index af2aa99f9..f449c679f 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_arm64.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_arm64.go
@@ -65,10 +65,10 @@ func setMinimalFeatures() {
 func readARM64Registers() {
 	Initialized = true
 
-	parseARM64SystemRegisters(getisar0(), getisar1(), getpfr0())
+	parseARM64SystemRegisters(getisar0(), getisar1(), getmmfr1(), getpfr0())
 }
 
-func parseARM64SystemRegisters(isar0, isar1, pfr0 uint64) {
+func parseARM64SystemRegisters(isar0, isar1, mmfr1, pfr0 uint64) {
 	// ID_AA64ISAR0_EL1
 	switch extractBits(isar0, 4, 7) {
 	case 1:
@@ -152,6 +152,22 @@ func parseARM64SystemRegisters(isar0, isar1, pfr0 uint64) {
 		ARM64.HasI8MM = true
 	}
 
+	// ID_AA64MMFR1_EL1
+	switch extractBits(mmfr1, 12, 15) {
+	case 1, 2:
+		ARM64.HasHPDS = true
+	}
+
+	switch extractBits(mmfr1, 16, 19) {
+	case 1:
+		ARM64.HasLOR = true
+	}
+
+	switch extractBits(mmfr1, 20, 23) {
+	case 1, 2, 3:
+		ARM64.HasPAN = true
+	}
+
 	// ID_AA64PFR0_EL1
 	switch extractBits(pfr0, 16, 19) {
 	case 0:
diff --git a/vendor/golang.org/x/sys/cpu/cpu_arm64.s b/vendor/golang.org/x/sys/cpu/cpu_arm64.s
index 22cc99844..a4f24b3b0 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_arm64.s
+++ b/vendor/golang.org/x/sys/cpu/cpu_arm64.s
@@ -9,31 +9,34 @@
 // func getisar0() uint64
 TEXT ·getisar0(SB),NOSPLIT,$0-8
 	// get Instruction Set Attributes 0 into x0
-	// mrs x0, ID_AA64ISAR0_EL1 = d5380600
-	WORD	$0xd5380600
+	MRS	ID_AA64ISAR0_EL1, R0
 	MOVD	R0, ret+0(FP)
 	RET
 
 // func getisar1() uint64
 TEXT ·getisar1(SB),NOSPLIT,$0-8
 	// get Instruction Set Attributes 1 into x0
-	// mrs x0, ID_AA64ISAR1_EL1 = d5380620
-	WORD	$0xd5380620
+	MRS	ID_AA64ISAR1_EL1, R0
+	MOVD	R0, ret+0(FP)
+	RET
+
+// func getmmfr1() uint64
+TEXT ·getmmfr1(SB),NOSPLIT,$0-8
+	// get Memory Model Feature Register 1 into x0
+	MRS	ID_AA64MMFR1_EL1, R0
 	MOVD	R0, ret+0(FP)
 	RET
 
 // func getpfr0() uint64
 TEXT ·getpfr0(SB),NOSPLIT,$0-8
 	// get Processor Feature Register 0 into x0
-	// mrs x0, ID_AA64PFR0_EL1 = d5380400
-	WORD	$0xd5380400
+	MRS	ID_AA64PFR0_EL1, R0
 	MOVD	R0, ret+0(FP)
 	RET
 
 // func getzfr0() uint64
 TEXT ·getzfr0(SB),NOSPLIT,$0-8
 	// get SVE Feature Register 0 into x0
-	// mrs	x0, ID_AA64ZFR0_EL1 = d5380480
-	WORD $0xd5380480
+	MRS	ID_AA64ZFR0_EL1, R0
 	MOVD	R0, ret+0(FP)
 	RET
diff --git a/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go
index 6ac6e1efb..e3fc5a8d3 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go
@@ -8,5 +8,6 @@ package cpu
 
 func getisar0() uint64
 func getisar1() uint64
+func getmmfr1() uint64
 func getpfr0() uint64
 func getzfr0() uint64
diff --git a/vendor/golang.org/x/sys/cpu/cpu_gccgo_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_gccgo_arm64.go
index 7f1946780..8df2079e1 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_gccgo_arm64.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_gccgo_arm64.go
@@ -8,4 +8,5 @@ package cpu
 
 func getisar0() uint64 { return 0 }
 func getisar1() uint64 { return 0 }
+func getmmfr1() uint64 { return 0 }
 func getpfr0() uint64  { return 0 }
diff --git a/vendor/golang.org/x/sys/cpu/cpu_netbsd_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_netbsd_arm64.go
index ebfb3fc8e..19aea0633 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_netbsd_arm64.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_netbsd_arm64.go
@@ -167,7 +167,7 @@ func doinit() {
 		setMinimalFeatures()
 		return
 	}
-	parseARM64SystemRegisters(cpuid.aa64isar0, cpuid.aa64isar1, cpuid.aa64pfr0)
+	parseARM64SystemRegisters(cpuid.aa64isar0, cpuid.aa64isar1, cpuid.aa64mmfr1, cpuid.aa64pfr0)
 
 	Initialized = true
 }
diff --git a/vendor/golang.org/x/sys/cpu/cpu_openbsd_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_openbsd_arm64.go
index 85b64d5cc..87fd3a778 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_openbsd_arm64.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_openbsd_arm64.go
@@ -59,7 +59,7 @@ func doinit() {
 	if !ok {
 		return
 	}
-	parseARM64SystemRegisters(isar0, isar1, 0)
+	parseARM64SystemRegisters(isar0, isar1, 0, 0)
 
 	Initialized = true
 }
diff --git a/vendor/golang.org/x/sys/unix/affinity_linux.go b/vendor/golang.org/x/sys/unix/affinity_linux.go
index 3c7a6d6e2..3ea470387 100644
--- a/vendor/golang.org/x/sys/unix/affinity_linux.go
+++ b/vendor/golang.org/x/sys/unix/affinity_linux.go
@@ -41,6 +41,15 @@ func (s *CPUSet) Zero() {
 	clear(s[:])
 }
 
+// Fill adds all possible CPU bits to the set s. On Linux, [SchedSetaffinity]
+// will silently ignore any invalid CPU bits in [CPUSet] so this is an
+// efficient way of resetting the CPU affinity of a process.
+func (s *CPUSet) Fill() {
+	for i := range s {
+		s[i] = ^cpuMask(0)
+	}
+}
+
 func cpuBitsIndex(cpu int) int {
 	return cpu / _NCPUBITS
 }
diff --git a/vendor/golang.org/x/sys/unix/fdset.go b/vendor/golang.org/x/sys/unix/fdset.go
index 9e83d18cd..62ed12645 100644
--- a/vendor/golang.org/x/sys/unix/fdset.go
+++ b/vendor/golang.org/x/sys/unix/fdset.go
@@ -23,7 +23,5 @@ func (fds *FdSet) IsSet(fd int) bool {
 
 // Zero clears the set fds.
 func (fds *FdSet) Zero() {
-	for i := range fds.Bits {
-		fds.Bits[i] = 0
-	}
+	clear(fds.Bits[:])
 }
diff --git a/vendor/golang.org/x/sys/unix/ifreq_linux.go b/vendor/golang.org/x/sys/unix/ifreq_linux.go
index 848840ae4..309f5a2b0 100644
--- a/vendor/golang.org/x/sys/unix/ifreq_linux.go
+++ b/vendor/golang.org/x/sys/unix/ifreq_linux.go
@@ -111,9 +111,7 @@ func (ifr *Ifreq) SetUint32(v uint32) {
 // clear zeroes the ifreq's union field to prevent trailing garbage data from
 // being sent to the kernel if an ifreq is reused.
 func (ifr *Ifreq) clear() {
-	for i := range ifr.raw.Ifru {
-		ifr.raw.Ifru[i] = 0
-	}
+	clear(ifr.raw.Ifru[:])
 }
 
 // TODO(mdlayher): export as IfreqData? For now we can provide helpers such as
diff --git a/vendor/golang.org/x/sys/unix/mkall.sh b/vendor/golang.org/x/sys/unix/mkall.sh
index e6f31d374..d0ed61191 100644
--- a/vendor/golang.org/x/sys/unix/mkall.sh
+++ b/vendor/golang.org/x/sys/unix/mkall.sh
@@ -49,6 +49,7 @@ esac
 if [[ "$GOOS" = "linux" ]]; then
 	# Use the Docker-based build system
 	# Files generated through docker (use $cmd so you can Ctl-C the build or run)
+	set -e
 	$cmd docker build --tag generate:$GOOS $GOOS
 	$cmd docker run --interactive --tty --volume $(cd -- "$(dirname -- "$0")/.." && pwd):/build generate:$GOOS
 	exit
diff --git a/vendor/golang.org/x/sys/unix/mkerrors.sh b/vendor/golang.org/x/sys/unix/mkerrors.sh
index d1c8b2640..42517077c 100644
--- a/vendor/golang.org/x/sys/unix/mkerrors.sh
+++ b/vendor/golang.org/x/sys/unix/mkerrors.sh
@@ -226,6 +226,7 @@ struct ltchars {
 #include <linux/cryptouser.h>
 #include <linux/devlink.h>
 #include <linux/dm-ioctl.h>
+#include <linux/elf.h>
 #include <linux/errqueue.h>
 #include <linux/ethtool_netlink.h>
 #include <linux/falloc.h>
@@ -529,6 +530,7 @@ ccflags="$@"
 		$2 ~ /^O[CNPFPL][A-Z]+[^_][A-Z]+$/ ||
 		$2 ~ /^(NL|CR|TAB|BS|VT|FF)DLY$/ ||
 		$2 ~ /^(NL|CR|TAB|BS|VT|FF)[0-9]$/ ||
+		$2 ~ /^(DT|EI|ELF|EV|NN|NT|PF|SHF|SHN|SHT|STB|STT|VER)_/ ||
 		$2 ~ /^O?XTABS$/ ||
 		$2 ~ /^TC[IO](ON|OFF)$/ ||
 		$2 ~ /^IN_/ ||
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux.go b/vendor/golang.org/x/sys/unix/syscall_linux.go
index 4958a6570..06c0eea6f 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux.go
@@ -801,9 +801,7 @@ func (sa *SockaddrPPPoE) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	// one. The kernel expects SID to be in network byte order.
 	binary.BigEndian.PutUint16(sa.raw[6:8], sa.SID)
 	copy(sa.raw[8:14], sa.Remote)
-	for i := 14; i < 14+IFNAMSIZ; i++ {
-		sa.raw[i] = 0
-	}
+	clear(sa.raw[14 : 14+IFNAMSIZ])
 	copy(sa.raw[14:], sa.Dev)
 	return unsafe.Pointer(&sa.raw), SizeofSockaddrPPPoX, nil
 }
@@ -2645,3 +2643,9 @@ func SchedGetAttr(pid int, flags uint) (*SchedAttr, error) {
 
 //sys	Cachestat(fd uint, crange *CachestatRange, cstat *Cachestat_t, flags uint) (err error)
 //sys	Mseal(b []byte, flags uint) (err error)
+
+//sys	setMemPolicy(mode int, mask *CPUSet, size int) (err error) = SYS_SET_MEMPOLICY
+
+func SetMemPolicy(mode int, mask *CPUSet) error {
+	return setMemPolicy(mode, mask, _CPU_SETSIZE)
+}
diff --git a/vendor/golang.org/x/sys/unix/syscall_netbsd.go b/vendor/golang.org/x/sys/unix/syscall_netbsd.go
index 88162099a..34a467697 100644
--- a/vendor/golang.org/x/sys/unix/syscall_netbsd.go
+++ b/vendor/golang.org/x/sys/unix/syscall_netbsd.go
@@ -248,6 +248,23 @@ func Statvfs(path string, buf *Statvfs_t) (err error) {
 	return Statvfs1(path, buf, ST_WAIT)
 }
 
+func Getvfsstat(buf []Statvfs_t, flags int) (n int, err error) {
+	var (
+		_p0     unsafe.Pointer
+		bufsize uintptr
+	)
+	if len(buf) > 0 {
+		_p0 = unsafe.Pointer(&buf[0])
+		bufsize = unsafe.Sizeof(Statvfs_t{}) * uintptr(len(buf))
+	}
+	r0, _, e1 := Syscall(SYS_GETVFSSTAT, uintptr(_p0), bufsize, uintptr(flags))
+	n = int(r0)
+	if e1 != 0 {
+		err = e1
+	}
+	return
+}
+
 /*
  * Exposed directly
  */
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux.go b/vendor/golang.org/x/sys/unix/zerrors_linux.go
index b6db27d93..d0a75da57 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux.go
@@ -853,20 +853,86 @@ const (
 	DM_VERSION_MAJOR                            = 0x4
 	DM_VERSION_MINOR                            = 0x32
 	DM_VERSION_PATCHLEVEL                       = 0x0
+	DT_ADDRRNGHI                                = 0x6ffffeff
+	DT_ADDRRNGLO                                = 0x6ffffe00
 	DT_BLK                                      = 0x6
 	DT_CHR                                      = 0x2
+	DT_DEBUG                                    = 0x15
 	DT_DIR                                      = 0x4
+	DT_ENCODING                                 = 0x20
 	DT_FIFO                                     = 0x1
+	DT_FINI                                     = 0xd
+	DT_FLAGS_1                                  = 0x6ffffffb
+	DT_GNU_HASH                                 = 0x6ffffef5
+	DT_HASH                                     = 0x4
+	DT_HIOS                                     = 0x6ffff000
+	DT_HIPROC                                   = 0x7fffffff
+	DT_INIT                                     = 0xc
+	DT_JMPREL                                   = 0x17
 	DT_LNK                                      = 0xa
+	DT_LOOS                                     = 0x6000000d
+	DT_LOPROC                                   = 0x70000000
+	DT_NEEDED                                   = 0x1
+	DT_NULL                                     = 0x0
+	DT_PLTGOT                                   = 0x3
+	DT_PLTREL                                   = 0x14
+	DT_PLTRELSZ                                 = 0x2
 	DT_REG                                      = 0x8
+	DT_REL                                      = 0x11
+	DT_RELA                                     = 0x7
+	DT_RELACOUNT                                = 0x6ffffff9
+	DT_RELAENT                                  = 0x9
+	DT_RELASZ                                   = 0x8
+	DT_RELCOUNT                                 = 0x6ffffffa
+	DT_RELENT                                   = 0x13
+	DT_RELSZ                                    = 0x12
+	DT_RPATH                                    = 0xf
 	DT_SOCK                                     = 0xc
+	DT_SONAME                                   = 0xe
+	DT_STRSZ                                    = 0xa
+	DT_STRTAB                                   = 0x5
+	DT_SYMBOLIC                                 = 0x10
+	DT_SYMENT                                   = 0xb
+	DT_SYMTAB                                   = 0x6
+	DT_TEXTREL                                  = 0x16
 	DT_UNKNOWN                                  = 0x0
+	DT_VALRNGHI                                 = 0x6ffffdff
+	DT_VALRNGLO                                 = 0x6ffffd00
+	DT_VERDEF                                   = 0x6ffffffc
+	DT_VERDEFNUM                                = 0x6ffffffd
+	DT_VERNEED                                  = 0x6ffffffe
+	DT_VERNEEDNUM                               = 0x6fffffff
+	DT_VERSYM                                   = 0x6ffffff0
 	DT_WHT                                      = 0xe
 	ECHO                                        = 0x8
 	ECRYPTFS_SUPER_MAGIC                        = 0xf15f
 	EFD_SEMAPHORE                               = 0x1
 	EFIVARFS_MAGIC                              = 0xde5e81e4
 	EFS_SUPER_MAGIC                             = 0x414a53
+	EI_CLASS                                    = 0x4
+	EI_DATA                                     = 0x5
+	EI_MAG0                                     = 0x0
+	EI_MAG1                                     = 0x1
+	EI_MAG2                                     = 0x2
+	EI_MAG3                                     = 0x3
+	EI_NIDENT                                   = 0x10
+	EI_OSABI                                    = 0x7
+	EI_PAD                                      = 0x8
+	EI_VERSION                                  = 0x6
+	ELFCLASS32                                  = 0x1
+	ELFCLASS64                                  = 0x2
+	ELFCLASSNONE                                = 0x0
+	ELFCLASSNUM                                 = 0x3
+	ELFDATA2LSB                                 = 0x1
+	ELFDATA2MSB                                 = 0x2
+	ELFDATANONE                                 = 0x0
+	ELFMAG                                      = "\177ELF"
+	ELFMAG0                                     = 0x7f
+	ELFMAG1                                     = 'E'
+	ELFMAG2                                     = 'L'
+	ELFMAG3                                     = 'F'
+	ELFOSABI_LINUX                              = 0x3
+	ELFOSABI_NONE                               = 0x0
 	EM_386                                      = 0x3
 	EM_486                                      = 0x6
 	EM_68K                                      = 0x4
@@ -1152,14 +1218,24 @@ const (
 	ETH_P_WCCP                                  = 0x883e
 	ETH_P_X25                                   = 0x805
 	ETH_P_XDSA                                  = 0xf8
+	ET_CORE                                     = 0x4
+	ET_DYN                                      = 0x3
+	ET_EXEC                                     = 0x2
+	ET_HIPROC                                   = 0xffff
+	ET_LOPROC                                   = 0xff00
+	ET_NONE                                     = 0x0
+	ET_REL                                      = 0x1
 	EV_ABS                                      = 0x3
 	EV_CNT                                      = 0x20
+	EV_CURRENT                                  = 0x1
 	EV_FF                                       = 0x15
 	EV_FF_STATUS                                = 0x17
 	EV_KEY                                      = 0x1
 	EV_LED                                      = 0x11
 	EV_MAX                                      = 0x1f
 	EV_MSC                                      = 0x4
+	EV_NONE                                     = 0x0
+	EV_NUM                                      = 0x2
 	EV_PWR                                      = 0x16
 	EV_REL                                      = 0x2
 	EV_REP                                      = 0x14
@@ -2276,7 +2352,167 @@ const (
 	NLM_F_REPLACE                               = 0x100
 	NLM_F_REQUEST                               = 0x1
 	NLM_F_ROOT                                  = 0x100
+	NN_386_IOPERM                               = "LINUX"
+	NN_386_TLS                                  = "LINUX"
+	NN_ARC_V2                                   = "LINUX"
+	NN_ARM_FPMR                                 = "LINUX"
+	NN_ARM_GCS                                  = "LINUX"
+	NN_ARM_HW_BREAK                             = "LINUX"
+	NN_ARM_HW_WATCH                             = "LINUX"
+	NN_ARM_PACA_KEYS                            = "LINUX"
+	NN_ARM_PACG_KEYS                            = "LINUX"
+	NN_ARM_PAC_ENABLED_KEYS                     = "LINUX"
+	NN_ARM_PAC_MASK                             = "LINUX"
+	NN_ARM_POE                                  = "LINUX"
+	NN_ARM_SSVE                                 = "LINUX"
+	NN_ARM_SVE                                  = "LINUX"
+	NN_ARM_SYSTEM_CALL                          = "LINUX"
+	NN_ARM_TAGGED_ADDR_CTRL                     = "LINUX"
+	NN_ARM_TLS                                  = "LINUX"
+	NN_ARM_VFP                                  = "LINUX"
+	NN_ARM_ZA                                   = "LINUX"
+	NN_ARM_ZT                                   = "LINUX"
+	NN_AUXV                                     = "CORE"
+	NN_FILE                                     = "CORE"
+	NN_GNU_PROPERTY_TYPE_0                      = "GNU"
+	NN_LOONGARCH_CPUCFG                         = "LINUX"
+	NN_LOONGARCH_CSR                            = "LINUX"
+	NN_LOONGARCH_HW_BREAK                       = "LINUX"
+	NN_LOONGARCH_HW_WATCH                       = "LINUX"
+	NN_LOONGARCH_LASX                           = "LINUX"
+	NN_LOONGARCH_LBT                            = "LINUX"
+	NN_LOONGARCH_LSX                            = "LINUX"
+	NN_MIPS_DSP                                 = "LINUX"
+	NN_MIPS_FP_MODE                             = "LINUX"
+	NN_MIPS_MSA                                 = "LINUX"
+	NN_PPC_DEXCR                                = "LINUX"
+	NN_PPC_DSCR                                 = "LINUX"
+	NN_PPC_EBB                                  = "LINUX"
+	NN_PPC_HASHKEYR                             = "LINUX"
+	NN_PPC_PKEY                                 = "LINUX"
+	NN_PPC_PMU                                  = "LINUX"
+	NN_PPC_PPR                                  = "LINUX"
+	NN_PPC_SPE                                  = "LINUX"
+	NN_PPC_TAR                                  = "LINUX"
+	NN_PPC_TM_CDSCR                             = "LINUX"
+	NN_PPC_TM_CFPR                              = "LINUX"
+	NN_PPC_TM_CGPR                              = "LINUX"
+	NN_PPC_TM_CPPR                              = "LINUX"
+	NN_PPC_TM_CTAR                              = "LINUX"
+	NN_PPC_TM_CVMX                              = "LINUX"
+	NN_PPC_TM_CVSX                              = "LINUX"
+	NN_PPC_TM_SPR                               = "LINUX"
+	NN_PPC_VMX                                  = "LINUX"
+	NN_PPC_VSX                                  = "LINUX"
+	NN_PRFPREG                                  = "CORE"
+	NN_PRPSINFO                                 = "CORE"
+	NN_PRSTATUS                                 = "CORE"
+	NN_PRXFPREG                                 = "LINUX"
+	NN_RISCV_CSR                                = "LINUX"
+	NN_RISCV_TAGGED_ADDR_CTRL                   = "LINUX"
+	NN_RISCV_VECTOR                             = "LINUX"
+	NN_S390_CTRS                                = "LINUX"
+	NN_S390_GS_BC                               = "LINUX"
+	NN_S390_GS_CB                               = "LINUX"
+	NN_S390_HIGH_GPRS                           = "LINUX"
+	NN_S390_LAST_BREAK                          = "LINUX"
+	NN_S390_PREFIX                              = "LINUX"
+	NN_S390_PV_CPU_DATA                         = "LINUX"
+	NN_S390_RI_CB                               = "LINUX"
+	NN_S390_SYSTEM_CALL                         = "LINUX"
+	NN_S390_TDB                                 = "LINUX"
+	NN_S390_TIMER                               = "LINUX"
+	NN_S390_TODCMP                              = "LINUX"
+	NN_S390_TODPREG                             = "LINUX"
+	NN_S390_VXRS_HIGH                           = "LINUX"
+	NN_S390_VXRS_LOW                            = "LINUX"
+	NN_SIGINFO                                  = "CORE"
+	NN_TASKSTRUCT                               = "CORE"
+	NN_VMCOREDD                                 = "LINUX"
+	NN_X86_SHSTK                                = "LINUX"
+	NN_X86_XSAVE_LAYOUT                         = "LINUX"
+	NN_X86_XSTATE                               = "LINUX"
 	NSFS_MAGIC                                  = 0x6e736673
+	NT_386_IOPERM                               = 0x201
+	NT_386_TLS                                  = 0x200
+	NT_ARC_V2                                   = 0x600
+	NT_ARM_FPMR                                 = 0x40e
+	NT_ARM_GCS                                  = 0x410
+	NT_ARM_HW_BREAK                             = 0x402
+	NT_ARM_HW_WATCH                             = 0x403
+	NT_ARM_PACA_KEYS                            = 0x407
+	NT_ARM_PACG_KEYS                            = 0x408
+	NT_ARM_PAC_ENABLED_KEYS                     = 0x40a
+	NT_ARM_PAC_MASK                             = 0x406
+	NT_ARM_POE                                  = 0x40f
+	NT_ARM_SSVE                                 = 0x40b
+	NT_ARM_SVE                                  = 0x405
+	NT_ARM_SYSTEM_CALL                          = 0x404
+	NT_ARM_TAGGED_ADDR_CTRL                     = 0x409
+	NT_ARM_TLS                                  = 0x401
+	NT_ARM_VFP                                  = 0x400
+	NT_ARM_ZA                                   = 0x40c
+	NT_ARM_ZT                                   = 0x40d
+	NT_AUXV                                     = 0x6
+	NT_FILE                                     = 0x46494c45
+	NT_GNU_PROPERTY_TYPE_0                      = 0x5
+	NT_LOONGARCH_CPUCFG                         = 0xa00
+	NT_LOONGARCH_CSR                            = 0xa01
+	NT_LOONGARCH_HW_BREAK                       = 0xa05
+	NT_LOONGARCH_HW_WATCH                       = 0xa06
+	NT_LOONGARCH_LASX                           = 0xa03
+	NT_LOONGARCH_LBT                            = 0xa04
+	NT_LOONGARCH_LSX                            = 0xa02
+	NT_MIPS_DSP                                 = 0x800
+	NT_MIPS_FP_MODE                             = 0x801
+	NT_MIPS_MSA                                 = 0x802
+	NT_PPC_DEXCR                                = 0x111
+	NT_PPC_DSCR                                 = 0x105
+	NT_PPC_EBB                                  = 0x106
+	NT_PPC_HASHKEYR                             = 0x112
+	NT_PPC_PKEY                                 = 0x110
+	NT_PPC_PMU                                  = 0x107
+	NT_PPC_PPR                                  = 0x104
+	NT_PPC_SPE                                  = 0x101
+	NT_PPC_TAR                                  = 0x103
+	NT_PPC_TM_CDSCR                             = 0x10f
+	NT_PPC_TM_CFPR                              = 0x109
+	NT_PPC_TM_CGPR                              = 0x108
+	NT_PPC_TM_CPPR                              = 0x10e
+	NT_PPC_TM_CTAR                              = 0x10d
+	NT_PPC_TM_CVMX                              = 0x10a
+	NT_PPC_TM_CVSX                              = 0x10b
+	NT_PPC_TM_SPR                               = 0x10c
+	NT_PPC_VMX                                  = 0x100
+	NT_PPC_VSX                                  = 0x102
+	NT_PRFPREG                                  = 0x2
+	NT_PRPSINFO                                 = 0x3
+	NT_PRSTATUS                                 = 0x1
+	NT_PRXFPREG                                 = 0x46e62b7f
+	NT_RISCV_CSR                                = 0x900
+	NT_RISCV_TAGGED_ADDR_CTRL                   = 0x902
+	NT_RISCV_VECTOR                             = 0x901
+	NT_S390_CTRS                                = 0x304
+	NT_S390_GS_BC                               = 0x30c
+	NT_S390_GS_CB                               = 0x30b
+	NT_S390_HIGH_GPRS                           = 0x300
+	NT_S390_LAST_BREAK                          = 0x306
+	NT_S390_PREFIX                              = 0x305
+	NT_S390_PV_CPU_DATA                         = 0x30e
+	NT_S390_RI_CB                               = 0x30d
+	NT_S390_SYSTEM_CALL                         = 0x307
+	NT_S390_TDB                                 = 0x308
+	NT_S390_TIMER                               = 0x301
+	NT_S390_TODCMP                              = 0x302
+	NT_S390_TODPREG                             = 0x303
+	NT_S390_VXRS_HIGH                           = 0x30a
+	NT_S390_VXRS_LOW                            = 0x309
+	NT_SIGINFO                                  = 0x53494749
+	NT_TASKSTRUCT                               = 0x4
+	NT_VMCOREDD                                 = 0x700
+	NT_X86_SHSTK                                = 0x204
+	NT_X86_XSAVE_LAYOUT                         = 0x205
+	NT_X86_XSTATE                               = 0x202
 	OCFS2_SUPER_MAGIC                           = 0x7461636f
 	OCRNL                                       = 0x8
 	OFDEL                                       = 0x80
@@ -2463,6 +2699,59 @@ const (
 	PERF_RECORD_MISC_USER                       = 0x2
 	PERF_SAMPLE_BRANCH_PLM_ALL                  = 0x7
 	PERF_SAMPLE_WEIGHT_TYPE                     = 0x1004000
+	PF_ALG                                      = 0x26
+	PF_APPLETALK                                = 0x5
+	PF_ASH                                      = 0x12
+	PF_ATMPVC                                   = 0x8
+	PF_ATMSVC                                   = 0x14
+	PF_AX25                                     = 0x3
+	PF_BLUETOOTH                                = 0x1f
+	PF_BRIDGE                                   = 0x7
+	PF_CAIF                                     = 0x25
+	PF_CAN                                      = 0x1d
+	PF_DECnet                                   = 0xc
+	PF_ECONET                                   = 0x13
+	PF_FILE                                     = 0x1
+	PF_IB                                       = 0x1b
+	PF_IEEE802154                               = 0x24
+	PF_INET                                     = 0x2
+	PF_INET6                                    = 0xa
+	PF_IPX                                      = 0x4
+	PF_IRDA                                     = 0x17
+	PF_ISDN                                     = 0x22
+	PF_IUCV                                     = 0x20
+	PF_KCM                                      = 0x29
+	PF_KEY                                      = 0xf
+	PF_LLC                                      = 0x1a
+	PF_LOCAL                                    = 0x1
+	PF_MAX                                      = 0x2e
+	PF_MCTP                                     = 0x2d
+	PF_MPLS                                     = 0x1c
+	PF_NETBEUI                                  = 0xd
+	PF_NETLINK                                  = 0x10
+	PF_NETROM                                   = 0x6
+	PF_NFC                                      = 0x27
+	PF_PACKET                                   = 0x11
+	PF_PHONET                                   = 0x23
+	PF_PPPOX                                    = 0x18
+	PF_QIPCRTR                                  = 0x2a
+	PF_R                                        = 0x4
+	PF_RDS                                      = 0x15
+	PF_ROSE                                     = 0xb
+	PF_ROUTE                                    = 0x10
+	PF_RXRPC                                    = 0x21
+	PF_SECURITY                                 = 0xe
+	PF_SMC                                      = 0x2b
+	PF_SNA                                      = 0x16
+	PF_TIPC                                     = 0x1e
+	PF_UNIX                                     = 0x1
+	PF_UNSPEC                                   = 0x0
+	PF_VSOCK                                    = 0x28
+	PF_W                                        = 0x2
+	PF_WANPIPE                                  = 0x19
+	PF_X                                        = 0x1
+	PF_X25                                      = 0x9
+	PF_XDP                                      = 0x2c
 	PID_FS_MAGIC                                = 0x50494446
 	PIPEFS_MAGIC                                = 0x50495045
 	PPPIOCGNPMODE                               = 0xc008744c
@@ -2758,6 +3047,23 @@ const (
 	PTRACE_SYSCALL_INFO_NONE                    = 0x0
 	PTRACE_SYSCALL_INFO_SECCOMP                 = 0x3
 	PTRACE_TRACEME                              = 0x0
+	PT_AARCH64_MEMTAG_MTE                       = 0x70000002
+	PT_DYNAMIC                                  = 0x2
+	PT_GNU_EH_FRAME                             = 0x6474e550
+	PT_GNU_PROPERTY                             = 0x6474e553
+	PT_GNU_RELRO                                = 0x6474e552
+	PT_GNU_STACK                                = 0x6474e551
+	PT_HIOS                                     = 0x6fffffff
+	PT_HIPROC                                   = 0x7fffffff
+	PT_INTERP                                   = 0x3
+	PT_LOAD                                     = 0x1
+	PT_LOOS                                     = 0x60000000
+	PT_LOPROC                                   = 0x70000000
+	PT_NOTE                                     = 0x4
+	PT_NULL                                     = 0x0
+	PT_PHDR                                     = 0x6
+	PT_SHLIB                                    = 0x5
+	PT_TLS                                      = 0x7
 	P_ALL                                       = 0x0
 	P_PGID                                      = 0x2
 	P_PID                                       = 0x1
@@ -3091,6 +3397,47 @@ const (
 	SEEK_MAX                                    = 0x4
 	SEEK_SET                                    = 0x0
 	SELINUX_MAGIC                               = 0xf97cff8c
+	SHF_ALLOC                                   = 0x2
+	SHF_EXCLUDE                                 = 0x8000000
+	SHF_EXECINSTR                               = 0x4
+	SHF_GROUP                                   = 0x200
+	SHF_INFO_LINK                               = 0x40
+	SHF_LINK_ORDER                              = 0x80
+	SHF_MASKOS                                  = 0xff00000
+	SHF_MASKPROC                                = 0xf0000000
+	SHF_MERGE                                   = 0x10
+	SHF_ORDERED                                 = 0x4000000
+	SHF_OS_NONCONFORMING                        = 0x100
+	SHF_RELA_LIVEPATCH                          = 0x100000
+	SHF_RO_AFTER_INIT                           = 0x200000
+	SHF_STRINGS                                 = 0x20
+	SHF_TLS                                     = 0x400
+	SHF_WRITE                                   = 0x1
+	SHN_ABS                                     = 0xfff1
+	SHN_COMMON                                  = 0xfff2
+	SHN_HIPROC                                  = 0xff1f
+	SHN_HIRESERVE                               = 0xffff
+	SHN_LIVEPATCH                               = 0xff20
+	SHN_LOPROC                                  = 0xff00
+	SHN_LORESERVE                               = 0xff00
+	SHN_UNDEF                                   = 0x0
+	SHT_DYNAMIC                                 = 0x6
+	SHT_DYNSYM                                  = 0xb
+	SHT_HASH                                    = 0x5
+	SHT_HIPROC                                  = 0x7fffffff
+	SHT_HIUSER                                  = 0xffffffff
+	SHT_LOPROC                                  = 0x70000000
+	SHT_LOUSER                                  = 0x80000000
+	SHT_NOBITS                                  = 0x8
+	SHT_NOTE                                    = 0x7
+	SHT_NULL                                    = 0x0
+	SHT_NUM                                     = 0xc
+	SHT_PROGBITS                                = 0x1
+	SHT_REL                                     = 0x9
+	SHT_RELA                                    = 0x4
+	SHT_SHLIB                                   = 0xa
+	SHT_STRTAB                                  = 0x3
+	SHT_SYMTAB                                  = 0x2
 	SHUT_RD                                     = 0x0
 	SHUT_RDWR                                   = 0x2
 	SHUT_WR                                     = 0x1
@@ -3317,6 +3664,16 @@ const (
 	STATX_UID                                   = 0x8
 	STATX_WRITE_ATOMIC                          = 0x10000
 	STATX__RESERVED                             = 0x80000000
+	STB_GLOBAL                                  = 0x1
+	STB_LOCAL                                   = 0x0
+	STB_WEAK                                    = 0x2
+	STT_COMMON                                  = 0x5
+	STT_FILE                                    = 0x4
+	STT_FUNC                                    = 0x2
+	STT_NOTYPE                                  = 0x0
+	STT_OBJECT                                  = 0x1
+	STT_SECTION                                 = 0x3
+	STT_TLS                                     = 0x6
 	SYNC_FILE_RANGE_WAIT_AFTER                  = 0x4
 	SYNC_FILE_RANGE_WAIT_BEFORE                 = 0x1
 	SYNC_FILE_RANGE_WRITE                       = 0x2
@@ -3553,6 +3910,8 @@ const (
 	UTIME_OMIT                                  = 0x3ffffffe
 	V9FS_MAGIC                                  = 0x1021997
 	VERASE                                      = 0x2
+	VER_FLG_BASE                                = 0x1
+	VER_FLG_WEAK                                = 0x2
 	VINTR                                       = 0x0
 	VKILL                                       = 0x3
 	VLNEXT                                      = 0xf
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux.go b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
index 5cc1e8eb2..8935d10a3 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
@@ -2238,3 +2238,13 @@ func Mseal(b []byte, flags uint) (err error) {
 	}
 	return
 }
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func setMemPolicy(mode int, mask *CPUSet, size int) (err error) {
+	_, _, e1 := Syscall(SYS_SET_MEMPOLICY, uintptr(mode), uintptr(unsafe.Pointer(mask)), uintptr(size))
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go
index 944e75a11..c1a467017 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go
@@ -3590,6 +3590,8 @@ type Nhmsg struct {
 	Flags    uint32
 }
 
+const SizeofNhmsg = 0x8
+
 type NexthopGrp struct {
 	Id     uint32
 	Weight uint8
@@ -3597,6 +3599,8 @@ type NexthopGrp struct {
 	Resvd2 uint16
 }
 
+const SizeofNexthopGrp = 0x8
+
 const (
 	NHA_UNSPEC     = 0x0
 	NHA_ID         = 0x1
@@ -6332,3 +6336,30 @@ type SockDiagReq struct {
 }
 
 const RTM_NEWNVLAN = 0x70
+
+const (
+	MPOL_BIND                = 0x2
+	MPOL_DEFAULT             = 0x0
+	MPOL_F_ADDR              = 0x2
+	MPOL_F_MEMS_ALLOWED      = 0x4
+	MPOL_F_MOF               = 0x8
+	MPOL_F_MORON             = 0x10
+	MPOL_F_NODE              = 0x1
+	MPOL_F_NUMA_BALANCING    = 0x2000
+	MPOL_F_RELATIVE_NODES    = 0x4000
+	MPOL_F_SHARED            = 0x1
+	MPOL_F_STATIC_NODES      = 0x8000
+	MPOL_INTERLEAVE          = 0x3
+	MPOL_LOCAL               = 0x4
+	MPOL_MAX                 = 0x7
+	MPOL_MF_INTERNAL         = 0x10
+	MPOL_MF_LAZY             = 0x8
+	MPOL_MF_MOVE_ALL         = 0x4
+	MPOL_MF_MOVE             = 0x2
+	MPOL_MF_STRICT           = 0x1
+	MPOL_MF_VALID            = 0x7
+	MPOL_MODE_FLAGS          = 0xe000
+	MPOL_PREFERRED           = 0x1
+	MPOL_PREFERRED_MANY      = 0x5
+	MPOL_WEIGHTED_INTERLEAVE = 0x6
+)
diff --git a/vendor/golang.org/x/sys/windows/syscall_windows.go b/vendor/golang.org/x/sys/windows/syscall_windows.go
index 640f6b153..69439df2a 100644
--- a/vendor/golang.org/x/sys/windows/syscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/syscall_windows.go
@@ -321,6 +321,8 @@ func NewCallbackCDecl(fn interface{}) uintptr {
 //sys	SetConsoleOutputCP(cp uint32) (err error) = kernel32.SetConsoleOutputCP
 //sys	WriteConsole(console Handle, buf *uint16, towrite uint32, written *uint32, reserved *byte) (err error) = kernel32.WriteConsoleW
 //sys	ReadConsole(console Handle, buf *uint16, toread uint32, read *uint32, inputControl *byte) (err error) = kernel32.ReadConsoleW
+//sys	GetNumberOfConsoleInputEvents(console Handle, numevents *uint32) (err error) = kernel32.GetNumberOfConsoleInputEvents
+//sys	FlushConsoleInputBuffer(console Handle) (err error) = kernel32.FlushConsoleInputBuffer
 //sys	resizePseudoConsole(pconsole Handle, size uint32) (hr error) = kernel32.ResizePseudoConsole
 //sys	CreateToolhelp32Snapshot(flags uint32, processId uint32) (handle Handle, err error) [failretval==InvalidHandle] = kernel32.CreateToolhelp32Snapshot
 //sys	Module32First(snapshot Handle, moduleEntry *ModuleEntry32) (err error) = kernel32.Module32FirstW
@@ -890,8 +892,12 @@ const socket_error = uintptr(^uint32(0))
 //sys	MultiByteToWideChar(codePage uint32, dwFlags uint32, str *byte, nstr int32, wchar *uint16, nwchar int32) (nwrite int32, err error) = kernel32.MultiByteToWideChar
 //sys	getBestInterfaceEx(sockaddr unsafe.Pointer, pdwBestIfIndex *uint32) (errcode error) = iphlpapi.GetBestInterfaceEx
 //sys   GetIfEntry2Ex(level uint32, row *MibIfRow2) (errcode error) = iphlpapi.GetIfEntry2Ex
+//sys   GetIpForwardEntry2(row *MibIpForwardRow2) (errcode error) = iphlpapi.GetIpForwardEntry2
+//sys   GetIpForwardTable2(family uint16, table **MibIpForwardTable2) (errcode error) = iphlpapi.GetIpForwardTable2
 //sys   GetUnicastIpAddressEntry(row *MibUnicastIpAddressRow) (errcode error) = iphlpapi.GetUnicastIpAddressEntry
+//sys   FreeMibTable(memory unsafe.Pointer) = iphlpapi.FreeMibTable
 //sys   NotifyIpInterfaceChange(family uint16, callback uintptr, callerContext unsafe.Pointer, initialNotification bool, notificationHandle *Handle) (errcode error) = iphlpapi.NotifyIpInterfaceChange
+//sys   NotifyRouteChange2(family uint16, callback uintptr, callerContext unsafe.Pointer, initialNotification bool, notificationHandle *Handle) (errcode error) = iphlpapi.NotifyRouteChange2
 //sys   NotifyUnicastIpAddressChange(family uint16, callback uintptr, callerContext unsafe.Pointer, initialNotification bool, notificationHandle *Handle) (errcode error) = iphlpapi.NotifyUnicastIpAddressChange
 //sys   CancelMibChangeNotify2(notificationHandle Handle) (errcode error) = iphlpapi.CancelMibChangeNotify2
 
@@ -914,6 +920,17 @@ type RawSockaddrInet6 struct {
 	Scope_id uint32
 }
 
+// RawSockaddrInet is a union that contains an IPv4, an IPv6 address, or an address family. See
+// https://learn.microsoft.com/en-us/windows/win32/api/ws2ipdef/ns-ws2ipdef-sockaddr_inet.
+//
+// A [*RawSockaddrInet] may be converted to a [*RawSockaddrInet4] or [*RawSockaddrInet6] using
+// unsafe, depending on the address family.
+type RawSockaddrInet struct {
+	Family uint16
+	Port   uint16
+	Data   [6]uint32
+}
+
 type RawSockaddr struct {
 	Family uint16
 	Data   [14]int8
diff --git a/vendor/golang.org/x/sys/windows/types_windows.go b/vendor/golang.org/x/sys/windows/types_windows.go
index 993a2297d..6e4f50eb4 100644
--- a/vendor/golang.org/x/sys/windows/types_windows.go
+++ b/vendor/golang.org/x/sys/windows/types_windows.go
@@ -65,6 +65,22 @@ var signals = [...]string{
 	15: "terminated",
 }
 
+// File flags for [os.OpenFile]. The O_ prefix is used to indicate
+// that these flags are specific to the OpenFile function.
+const (
+	O_FILE_FLAG_OPEN_NO_RECALL     = FILE_FLAG_OPEN_NO_RECALL
+	O_FILE_FLAG_OPEN_REPARSE_POINT = FILE_FLAG_OPEN_REPARSE_POINT
+	O_FILE_FLAG_SESSION_AWARE      = FILE_FLAG_SESSION_AWARE
+	O_FILE_FLAG_POSIX_SEMANTICS    = FILE_FLAG_POSIX_SEMANTICS
+	O_FILE_FLAG_BACKUP_SEMANTICS   = FILE_FLAG_BACKUP_SEMANTICS
+	O_FILE_FLAG_DELETE_ON_CLOSE    = FILE_FLAG_DELETE_ON_CLOSE
+	O_FILE_FLAG_SEQUENTIAL_SCAN    = FILE_FLAG_SEQUENTIAL_SCAN
+	O_FILE_FLAG_RANDOM_ACCESS      = FILE_FLAG_RANDOM_ACCESS
+	O_FILE_FLAG_NO_BUFFERING       = FILE_FLAG_NO_BUFFERING
+	O_FILE_FLAG_OVERLAPPED         = FILE_FLAG_OVERLAPPED
+	O_FILE_FLAG_WRITE_THROUGH      = FILE_FLAG_WRITE_THROUGH
+)
+
 const (
 	FILE_READ_DATA        = 0x00000001
 	FILE_READ_ATTRIBUTES  = 0x00000080
@@ -2304,6 +2320,82 @@ type MibIfRow2 struct {
 	OutQLen                     uint64
 }
 
+// IP_ADDRESS_PREFIX stores an IP address prefix. See
+// https://learn.microsoft.com/en-us/windows/win32/api/netioapi/ns-netioapi-ip_address_prefix.
+type IpAddressPrefix struct {
+	Prefix       RawSockaddrInet
+	PrefixLength uint8
+}
+
+// NL_ROUTE_ORIGIN enumeration from nldef.h or
+// https://learn.microsoft.com/en-us/windows/win32/api/nldef/ne-nldef-nl_route_origin.
+const (
+	NlroManual              = 0
+	NlroWellKnown           = 1
+	NlroDHCP                = 2
+	NlroRouterAdvertisement = 3
+	Nlro6to4                = 4
+)
+
+// NL_ROUTE_ORIGIN enumeration from nldef.h or
+// https://learn.microsoft.com/en-us/windows/win32/api/nldef/ne-nldef-nl_route_protocol.
+const (
+	MIB_IPPROTO_OTHER             = 1
+	MIB_IPPROTO_LOCAL             = 2
+	MIB_IPPROTO_NETMGMT           = 3
+	MIB_IPPROTO_ICMP              = 4
+	MIB_IPPROTO_EGP               = 5
+	MIB_IPPROTO_GGP               = 6
+	MIB_IPPROTO_HELLO             = 7
+	MIB_IPPROTO_RIP               = 8
+	MIB_IPPROTO_IS_IS             = 9
+	MIB_IPPROTO_ES_IS             = 10
+	MIB_IPPROTO_CISCO             = 11
+	MIB_IPPROTO_BBN               = 12
+	MIB_IPPROTO_OSPF              = 13
+	MIB_IPPROTO_BGP               = 14
+	MIB_IPPROTO_IDPR              = 15
+	MIB_IPPROTO_EIGRP             = 16
+	MIB_IPPROTO_DVMRP             = 17
+	MIB_IPPROTO_RPL               = 18
+	MIB_IPPROTO_DHCP              = 19
+	MIB_IPPROTO_NT_AUTOSTATIC     = 10002
+	MIB_IPPROTO_NT_STATIC         = 10006
+	MIB_IPPROTO_NT_STATIC_NON_DOD = 10007
+)
+
+// MIB_IPFORWARD_ROW2 stores information about an IP route entry. See
+// https://learn.microsoft.com/en-us/windows/win32/api/netioapi/ns-netioapi-mib_ipforward_row2.
+type MibIpForwardRow2 struct {
+	InterfaceLuid        uint64
+	InterfaceIndex       uint32
+	DestinationPrefix    IpAddressPrefix
+	NextHop              RawSockaddrInet
+	SitePrefixLength     uint8
+	ValidLifetime        uint32
+	PreferredLifetime    uint32
+	Metric               uint32
+	Protocol             uint32
+	Loopback             uint8
+	AutoconfigureAddress uint8
+	Publish              uint8
+	Immortal             uint8
+	Age                  uint32
+	Origin               uint32
+}
+
+// MIB_IPFORWARD_TABLE2 contains a table of IP route entries. See
+// https://learn.microsoft.com/en-us/windows/win32/api/netioapi/ns-netioapi-mib_ipforward_table2.
+type MibIpForwardTable2 struct {
+	NumEntries uint32
+	Table      [1]MibIpForwardRow2
+}
+
+// Rows returns the IP route entries in the table.
+func (t *MibIpForwardTable2) Rows() []MibIpForwardRow2 {
+	return unsafe.Slice(&t.Table[0], t.NumEntries)
+}
+
 // MIB_UNICASTIPADDRESS_ROW stores information about a unicast IP address. See
 // https://learn.microsoft.com/en-us/windows/win32/api/netioapi/ns-netioapi-mib_unicastipaddress_row.
 type MibUnicastIpAddressRow struct {
diff --git a/vendor/golang.org/x/sys/windows/zsyscall_windows.go b/vendor/golang.org/x/sys/windows/zsyscall_windows.go
index 641a5f4b7..f25b7308a 100644
--- a/vendor/golang.org/x/sys/windows/zsyscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/zsyscall_windows.go
@@ -182,13 +182,17 @@ var (
 	procDwmGetWindowAttribute                                = moddwmapi.NewProc("DwmGetWindowAttribute")
 	procDwmSetWindowAttribute                                = moddwmapi.NewProc("DwmSetWindowAttribute")
 	procCancelMibChangeNotify2                               = modiphlpapi.NewProc("CancelMibChangeNotify2")
+	procFreeMibTable                                         = modiphlpapi.NewProc("FreeMibTable")
 	procGetAdaptersAddresses                                 = modiphlpapi.NewProc("GetAdaptersAddresses")
 	procGetAdaptersInfo                                      = modiphlpapi.NewProc("GetAdaptersInfo")
 	procGetBestInterfaceEx                                   = modiphlpapi.NewProc("GetBestInterfaceEx")
 	procGetIfEntry                                           = modiphlpapi.NewProc("GetIfEntry")
 	procGetIfEntry2Ex                                        = modiphlpapi.NewProc("GetIfEntry2Ex")
+	procGetIpForwardEntry2                                   = modiphlpapi.NewProc("GetIpForwardEntry2")
+	procGetIpForwardTable2                                   = modiphlpapi.NewProc("GetIpForwardTable2")
 	procGetUnicastIpAddressEntry                             = modiphlpapi.NewProc("GetUnicastIpAddressEntry")
 	procNotifyIpInterfaceChange                              = modiphlpapi.NewProc("NotifyIpInterfaceChange")
+	procNotifyRouteChange2                                   = modiphlpapi.NewProc("NotifyRouteChange2")
 	procNotifyUnicastIpAddressChange                         = modiphlpapi.NewProc("NotifyUnicastIpAddressChange")
 	procAddDllDirectory                                      = modkernel32.NewProc("AddDllDirectory")
 	procAssignProcessToJobObject                             = modkernel32.NewProc("AssignProcessToJobObject")
@@ -238,6 +242,7 @@ var (
 	procFindResourceW                                        = modkernel32.NewProc("FindResourceW")
 	procFindVolumeClose                                      = modkernel32.NewProc("FindVolumeClose")
 	procFindVolumeMountPointClose                            = modkernel32.NewProc("FindVolumeMountPointClose")
+	procFlushConsoleInputBuffer                              = modkernel32.NewProc("FlushConsoleInputBuffer")
 	procFlushFileBuffers                                     = modkernel32.NewProc("FlushFileBuffers")
 	procFlushViewOfFile                                      = modkernel32.NewProc("FlushViewOfFile")
 	procFormatMessageW                                       = modkernel32.NewProc("FormatMessageW")
@@ -284,6 +289,7 @@ var (
 	procGetNamedPipeHandleStateW                             = modkernel32.NewProc("GetNamedPipeHandleStateW")
 	procGetNamedPipeInfo                                     = modkernel32.NewProc("GetNamedPipeInfo")
 	procGetNamedPipeServerProcessId                          = modkernel32.NewProc("GetNamedPipeServerProcessId")
+	procGetNumberOfConsoleInputEvents                        = modkernel32.NewProc("GetNumberOfConsoleInputEvents")
 	procGetOverlappedResult                                  = modkernel32.NewProc("GetOverlappedResult")
 	procGetPriorityClass                                     = modkernel32.NewProc("GetPriorityClass")
 	procGetProcAddress                                       = modkernel32.NewProc("GetProcAddress")
@@ -1622,6 +1628,11 @@ func CancelMibChangeNotify2(notificationHandle Handle) (errcode error) {
 	return
 }
 
+func FreeMibTable(memory unsafe.Pointer) {
+	syscall.SyscallN(procFreeMibTable.Addr(), uintptr(memory))
+	return
+}
+
 func GetAdaptersAddresses(family uint32, flags uint32, reserved uintptr, adapterAddresses *IpAdapterAddresses, sizePointer *uint32) (errcode error) {
 	r0, _, _ := syscall.SyscallN(procGetAdaptersAddresses.Addr(), uintptr(family), uintptr(flags), uintptr(reserved), uintptr(unsafe.Pointer(adapterAddresses)), uintptr(unsafe.Pointer(sizePointer)))
 	if r0 != 0 {
@@ -1662,6 +1673,22 @@ func GetIfEntry2Ex(level uint32, row *MibIfRow2) (errcode error) {
 	return
 }
 
+func GetIpForwardEntry2(row *MibIpForwardRow2) (errcode error) {
+	r0, _, _ := syscall.SyscallN(procGetIpForwardEntry2.Addr(), uintptr(unsafe.Pointer(row)))
+	if r0 != 0 {
+		errcode = syscall.Errno(r0)
+	}
+	return
+}
+
+func GetIpForwardTable2(family uint16, table **MibIpForwardTable2) (errcode error) {
+	r0, _, _ := syscall.SyscallN(procGetIpForwardTable2.Addr(), uintptr(family), uintptr(unsafe.Pointer(table)))
+	if r0 != 0 {
+		errcode = syscall.Errno(r0)
+	}
+	return
+}
+
 func GetUnicastIpAddressEntry(row *MibUnicastIpAddressRow) (errcode error) {
 	r0, _, _ := syscall.SyscallN(procGetUnicastIpAddressEntry.Addr(), uintptr(unsafe.Pointer(row)))
 	if r0 != 0 {
@@ -1682,6 +1709,18 @@ func NotifyIpInterfaceChange(family uint16, callback uintptr, callerContext unsa
 	return
 }
 
+func NotifyRouteChange2(family uint16, callback uintptr, callerContext unsafe.Pointer, initialNotification bool, notificationHandle *Handle) (errcode error) {
+	var _p0 uint32
+	if initialNotification {
+		_p0 = 1
+	}
+	r0, _, _ := syscall.SyscallN(procNotifyRouteChange2.Addr(), uintptr(family), uintptr(callback), uintptr(callerContext), uintptr(_p0), uintptr(unsafe.Pointer(notificationHandle)))
+	if r0 != 0 {
+		errcode = syscall.Errno(r0)
+	}
+	return
+}
+
 func NotifyUnicastIpAddressChange(family uint16, callback uintptr, callerContext unsafe.Pointer, initialNotification bool, notificationHandle *Handle) (errcode error) {
 	var _p0 uint32
 	if initialNotification {
@@ -2111,6 +2150,14 @@ func FindVolumeMountPointClose(findVolumeMountPoint Handle) (err error) {
 	return
 }
 
+func FlushConsoleInputBuffer(console Handle) (err error) {
+	r1, _, e1 := syscall.SyscallN(procFlushConsoleInputBuffer.Addr(), uintptr(console))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func FlushFileBuffers(handle Handle) (err error) {
 	r1, _, e1 := syscall.SyscallN(procFlushFileBuffers.Addr(), uintptr(handle))
 	if r1 == 0 {
@@ -2481,6 +2528,14 @@ func GetNamedPipeServerProcessId(pipe Handle, serverProcessID *uint32) (err erro
 	return
 }
 
+func GetNumberOfConsoleInputEvents(console Handle, numevents *uint32) (err error) {
+	r1, _, e1 := syscall.SyscallN(procGetNumberOfConsoleInputEvents.Addr(), uintptr(console), uintptr(unsafe.Pointer(numevents)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func GetOverlappedResult(handle Handle, overlapped *Overlapped, done *uint32, wait bool) (err error) {
 	var _p0 uint32
 	if wait {
diff --git a/vendor/golang.org/x/text/unicode/bidi/core.go b/vendor/golang.org/x/text/unicode/bidi/core.go
index 9d2ae547b..fb8273236 100644
--- a/vendor/golang.org/x/text/unicode/bidi/core.go
+++ b/vendor/golang.org/x/text/unicode/bidi/core.go
@@ -427,13 +427,6 @@ type isolatingRunSequence struct {
 
 func (i *isolatingRunSequence) Len() int { return len(i.indexes) }
 
-func maxLevel(a, b level) level {
-	if a > b {
-		return a
-	}
-	return b
-}
-
 // Rule X10, second bullet: Determine the start-of-sequence (sos) and end-of-sequence (eos) types,
 // either L or R, for each isolating run sequence.
 func (p *paragraph) isolatingRunSequence(indexes []int) *isolatingRunSequence {
@@ -474,8 +467,8 @@ func (p *paragraph) isolatingRunSequence(indexes []int) *isolatingRunSequence {
 		indexes: indexes,
 		types:   types,
 		level:   level,
-		sos:     typeForLevel(maxLevel(prevLevel, level)),
-		eos:     typeForLevel(maxLevel(succLevel, level)),
+		sos:     typeForLevel(max(prevLevel, level)),
+		eos:     typeForLevel(max(succLevel, level)),
 	}
 }
 
diff --git a/vendor/golang.org/x/tools/cmd/stringer/stringer.go b/vendor/golang.org/x/tools/cmd/stringer/stringer.go
index 038e8e831..7ff0ee8d0 100644
--- a/vendor/golang.org/x/tools/cmd/stringer/stringer.go
+++ b/vendor/golang.org/x/tools/cmd/stringer/stringer.go
@@ -70,6 +70,10 @@
 //	PillAspirin // Aspirin
 //
 // to suppress it in the output.
+//
+// The -trimprefix flag specifies a prefix to remove from the constant names
+// when generating the string representations. For instance, -trimprefix=Pill
+// would be an alternative way to ensure that PillAspirin.String() == "Aspirin".
 package main // import "golang.org/x/tools/cmd/stringer"
 
 import (
@@ -209,7 +213,7 @@ func main() {
 			// and the separate package of tests (package foo_test).
 			outputName = filepath.Join(dir, baseName(pkg, foundTypes[0]))
 		}
-		err := os.WriteFile(outputName, src, 0644)
+		err := os.WriteFile(outputName, src, 0o644)
 		if err != nil {
 			log.Fatalf("writing output: %s", err)
 		}
@@ -637,44 +641,19 @@ func (g *Generator) buildOneRun(runs [][]Value, typeName string) {
 	values := runs[0]
 	g.Printf("\n")
 	g.declareIndexAndNameVar(values, typeName)
-	// The generated code is simple enough to write as a Printf format.
-	lessThanZero := ""
-	if values[0].signed {
-		lessThanZero = "i < 0 || "
-	}
-	if values[0].value == 0 { // Signed or unsigned, 0 is still 0.
-		g.Printf(stringOneRun, typeName, usize(len(values)), lessThanZero)
-	} else {
-		g.Printf(stringOneRunWithOffset, typeName, values[0].String(), usize(len(values)), lessThanZero)
-	}
+	g.Printf(stringOneRun, typeName, values[0].String())
 }
 
 // Arguments to format are:
 //
 //	[1]: type name
-//	[2]: size of index element (8 for uint8 etc.)
-//	[3]: less than zero check (for signed types)
+//	[2]: lowest defined value for type, as a string
 const stringOneRun = `func (i %[1]s) String() string {
-	if %[3]si >= %[1]s(len(_%[1]s_index)-1) {
+	idx := int(i) - %[2]s
+	if i < %[2]s || idx >= len(_%[1]s_index)-1 {
 		return "%[1]s(" + strconv.FormatInt(int64(i), 10) + ")"
 	}
-	return _%[1]s_name[_%[1]s_index[i]:_%[1]s_index[i+1]]
-}
-`
-
-// Arguments to format are:
-//	[1]: type name
-//	[2]: lowest defined value for type, as a string
-//	[3]: size of index element (8 for uint8 etc.)
-//	[4]: less than zero check (for signed types)
-/*
- */
-const stringOneRunWithOffset = `func (i %[1]s) String() string {
-	i -= %[2]s
-	if %[4]si >= %[1]s(len(_%[1]s_index)-1) {
-		return "%[1]s(" + strconv.FormatInt(int64(i + %[2]s), 10) + ")"
-	}
-	return _%[1]s_name[_%[1]s_index[i] : _%[1]s_index[i+1]]
+	return _%[1]s_name[_%[1]s_index[idx] : _%[1]s_index[idx+1]]
 }
 `
 
diff --git a/vendor/golang.org/x/tools/go/ast/edge/edge.go b/vendor/golang.org/x/tools/go/ast/edge/edge.go
new file mode 100644
index 000000000..4f6ccfd6e
--- /dev/null
+++ b/vendor/golang.org/x/tools/go/ast/edge/edge.go
@@ -0,0 +1,295 @@
+// Copyright 2025 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package edge defines identifiers for each field of an ast.Node
+// struct type that refers to another Node.
+package edge
+
+import (
+	"fmt"
+	"go/ast"
+	"reflect"
+)
+
+// A Kind describes a field of an ast.Node struct.
+type Kind uint8
+
+// String returns a description of the edge kind.
+func (k Kind) String() string {
+	if k == Invalid {
+		return "<invalid>"
+	}
+	info := fieldInfos[k]
+	return fmt.Sprintf("%v.%s", info.nodeType.Elem().Name(), info.name)
+}
+
+// NodeType returns the pointer-to-struct type of the ast.Node implementation.
+func (k Kind) NodeType() reflect.Type { return fieldInfos[k].nodeType }
+
+// FieldName returns the name of the field.
+func (k Kind) FieldName() string { return fieldInfos[k].name }
+
+// FieldType returns the declared type of the field.
+func (k Kind) FieldType() reflect.Type { return fieldInfos[k].fieldType }
+
+// Get returns the direct child of n identified by (k, idx).
+// n's type must match k.NodeType().
+// idx must be a valid slice index, or -1 for a non-slice.
+func (k Kind) Get(n ast.Node, idx int) ast.Node {
+	if k.NodeType() != reflect.TypeOf(n) {
+		panic(fmt.Sprintf("%v.Get(%T): invalid node type", k, n))
+	}
+	v := reflect.ValueOf(n).Elem().Field(fieldInfos[k].index)
+	if idx != -1 {
+		v = v.Index(idx) // asserts valid index
+	} else {
+		// (The type assertion below asserts that v is not a slice.)
+	}
+	return v.Interface().(ast.Node) // may be nil
+}
+
+const (
+	Invalid Kind = iota // for nodes at the root of the traversal
+
+	// Kinds are sorted alphabetically.
+	// Numbering is not stable.
+	// Each is named Type_Field, where Type is the
+	// ast.Node struct type and Field is the name of the field
+
+	ArrayType_Elt
+	ArrayType_Len
+	AssignStmt_Lhs
+	AssignStmt_Rhs
+	BinaryExpr_X
+	BinaryExpr_Y
+	BlockStmt_List
+	BranchStmt_Label
+	CallExpr_Args
+	CallExpr_Fun
+	CaseClause_Body
+	CaseClause_List
+	ChanType_Value
+	CommClause_Body
+	CommClause_Comm
+	CommentGroup_List
+	CompositeLit_Elts
+	CompositeLit_Type
+	DeclStmt_Decl
+	DeferStmt_Call
+	Ellipsis_Elt
+	ExprStmt_X
+	FieldList_List
+	Field_Comment
+	Field_Doc
+	Field_Names
+	Field_Tag
+	Field_Type
+	File_Decls
+	File_Doc
+	File_Name
+	ForStmt_Body
+	ForStmt_Cond
+	ForStmt_Init
+	ForStmt_Post
+	FuncDecl_Body
+	FuncDecl_Doc
+	FuncDecl_Name
+	FuncDecl_Recv
+	FuncDecl_Type
+	FuncLit_Body
+	FuncLit_Type
+	FuncType_Params
+	FuncType_Results
+	FuncType_TypeParams
+	GenDecl_Doc
+	GenDecl_Specs
+	GoStmt_Call
+	IfStmt_Body
+	IfStmt_Cond
+	IfStmt_Else
+	IfStmt_Init
+	ImportSpec_Comment
+	ImportSpec_Doc
+	ImportSpec_Name
+	ImportSpec_Path
+	IncDecStmt_X
+	IndexExpr_Index
+	IndexExpr_X
+	IndexListExpr_Indices
+	IndexListExpr_X
+	InterfaceType_Methods
+	KeyValueExpr_Key
+	KeyValueExpr_Value
+	LabeledStmt_Label
+	LabeledStmt_Stmt
+	MapType_Key
+	MapType_Value
+	ParenExpr_X
+	RangeStmt_Body
+	RangeStmt_Key
+	RangeStmt_Value
+	RangeStmt_X
+	ReturnStmt_Results
+	SelectStmt_Body
+	SelectorExpr_Sel
+	SelectorExpr_X
+	SendStmt_Chan
+	SendStmt_Value
+	SliceExpr_High
+	SliceExpr_Low
+	SliceExpr_Max
+	SliceExpr_X
+	StarExpr_X
+	StructType_Fields
+	SwitchStmt_Body
+	SwitchStmt_Init
+	SwitchStmt_Tag
+	TypeAssertExpr_Type
+	TypeAssertExpr_X
+	TypeSpec_Comment
+	TypeSpec_Doc
+	TypeSpec_Name
+	TypeSpec_Type
+	TypeSpec_TypeParams
+	TypeSwitchStmt_Assign
+	TypeSwitchStmt_Body
+	TypeSwitchStmt_Init
+	UnaryExpr_X
+	ValueSpec_Comment
+	ValueSpec_Doc
+	ValueSpec_Names
+	ValueSpec_Type
+	ValueSpec_Values
+
+	maxKind
+)
+
+// Assert that the encoding fits in 7 bits,
+// as the inspector relies on this.
+// (We are currently at 104.)
+var _ = [1 << 7]struct{}{}[maxKind]
+
+type fieldInfo struct {
+	nodeType  reflect.Type // pointer-to-struct type of ast.Node implementation
+	name      string
+	index     int
+	fieldType reflect.Type
+}
+
+func info[N ast.Node](fieldName string) fieldInfo {
+	nodePtrType := reflect.TypeFor[N]()
+	f, ok := nodePtrType.Elem().FieldByName(fieldName)
+	if !ok {
+		panic(fieldName)
+	}
+	return fieldInfo{nodePtrType, fieldName, f.Index[0], f.Type}
+}
+
+var fieldInfos = [...]fieldInfo{
+	Invalid:               {},
+	ArrayType_Elt:         info[*ast.ArrayType]("Elt"),
+	ArrayType_Len:         info[*ast.ArrayType]("Len"),
+	AssignStmt_Lhs:        info[*ast.AssignStmt]("Lhs"),
+	AssignStmt_Rhs:        info[*ast.AssignStmt]("Rhs"),
+	BinaryExpr_X:          info[*ast.BinaryExpr]("X"),
+	BinaryExpr_Y:          info[*ast.BinaryExpr]("Y"),
+	BlockStmt_List:        info[*ast.BlockStmt]("List"),
+	BranchStmt_Label:      info[*ast.BranchStmt]("Label"),
+	CallExpr_Args:         info[*ast.CallExpr]("Args"),
+	CallExpr_Fun:          info[*ast.CallExpr]("Fun"),
+	CaseClause_Body:       info[*ast.CaseClause]("Body"),
+	CaseClause_List:       info[*ast.CaseClause]("List"),
+	ChanType_Value:        info[*ast.ChanType]("Value"),
+	CommClause_Body:       info[*ast.CommClause]("Body"),
+	CommClause_Comm:       info[*ast.CommClause]("Comm"),
+	CommentGroup_List:     info[*ast.CommentGroup]("List"),
+	CompositeLit_Elts:     info[*ast.CompositeLit]("Elts"),
+	CompositeLit_Type:     info[*ast.CompositeLit]("Type"),
+	DeclStmt_Decl:         info[*ast.DeclStmt]("Decl"),
+	DeferStmt_Call:        info[*ast.DeferStmt]("Call"),
+	Ellipsis_Elt:          info[*ast.Ellipsis]("Elt"),
+	ExprStmt_X:            info[*ast.ExprStmt]("X"),
+	FieldList_List:        info[*ast.FieldList]("List"),
+	Field_Comment:         info[*ast.Field]("Comment"),
+	Field_Doc:             info[*ast.Field]("Doc"),
+	Field_Names:           info[*ast.Field]("Names"),
+	Field_Tag:             info[*ast.Field]("Tag"),
+	Field_Type:            info[*ast.Field]("Type"),
+	File_Decls:            info[*ast.File]("Decls"),
+	File_Doc:              info[*ast.File]("Doc"),
+	File_Name:             info[*ast.File]("Name"),
+	ForStmt_Body:          info[*ast.ForStmt]("Body"),
+	ForStmt_Cond:          info[*ast.ForStmt]("Cond"),
+	ForStmt_Init:          info[*ast.ForStmt]("Init"),
+	ForStmt_Post:          info[*ast.ForStmt]("Post"),
+	FuncDecl_Body:         info[*ast.FuncDecl]("Body"),
+	FuncDecl_Doc:          info[*ast.FuncDecl]("Doc"),
+	FuncDecl_Name:         info[*ast.FuncDecl]("Name"),
+	FuncDecl_Recv:         info[*ast.FuncDecl]("Recv"),
+	FuncDecl_Type:         info[*ast.FuncDecl]("Type"),
+	FuncLit_Body:          info[*ast.FuncLit]("Body"),
+	FuncLit_Type:          info[*ast.FuncLit]("Type"),
+	FuncType_Params:       info[*ast.FuncType]("Params"),
+	FuncType_Results:      info[*ast.FuncType]("Results"),
+	FuncType_TypeParams:   info[*ast.FuncType]("TypeParams"),
+	GenDecl_Doc:           info[*ast.GenDecl]("Doc"),
+	GenDecl_Specs:         info[*ast.GenDecl]("Specs"),
+	GoStmt_Call:           info[*ast.GoStmt]("Call"),
+	IfStmt_Body:           info[*ast.IfStmt]("Body"),
+	IfStmt_Cond:           info[*ast.IfStmt]("Cond"),
+	IfStmt_Else:           info[*ast.IfStmt]("Else"),
+	IfStmt_Init:           info[*ast.IfStmt]("Init"),
+	ImportSpec_Comment:    info[*ast.ImportSpec]("Comment"),
+	ImportSpec_Doc:        info[*ast.ImportSpec]("Doc"),
+	ImportSpec_Name:       info[*ast.ImportSpec]("Name"),
+	ImportSpec_Path:       info[*ast.ImportSpec]("Path"),
+	IncDecStmt_X:          info[*ast.IncDecStmt]("X"),
+	IndexExpr_Index:       info[*ast.IndexExpr]("Index"),
+	IndexExpr_X:           info[*ast.IndexExpr]("X"),
+	IndexListExpr_Indices: info[*ast.IndexListExpr]("Indices"),
+	IndexListExpr_X:       info[*ast.IndexListExpr]("X"),
+	InterfaceType_Methods: info[*ast.InterfaceType]("Methods"),
+	KeyValueExpr_Key:      info[*ast.KeyValueExpr]("Key"),
+	KeyValueExpr_Value:    info[*ast.KeyValueExpr]("Value"),
+	LabeledStmt_Label:     info[*ast.LabeledStmt]("Label"),
+	LabeledStmt_Stmt:      info[*ast.LabeledStmt]("Stmt"),
+	MapType_Key:           info[*ast.MapType]("Key"),
+	MapType_Value:         info[*ast.MapType]("Value"),
+	ParenExpr_X:           info[*ast.ParenExpr]("X"),
+	RangeStmt_Body:        info[*ast.RangeStmt]("Body"),
+	RangeStmt_Key:         info[*ast.RangeStmt]("Key"),
+	RangeStmt_Value:       info[*ast.RangeStmt]("Value"),
+	RangeStmt_X:           info[*ast.RangeStmt]("X"),
+	ReturnStmt_Results:    info[*ast.ReturnStmt]("Results"),
+	SelectStmt_Body:       info[*ast.SelectStmt]("Body"),
+	SelectorExpr_Sel:      info[*ast.SelectorExpr]("Sel"),
+	SelectorExpr_X:        info[*ast.SelectorExpr]("X"),
+	SendStmt_Chan:         info[*ast.SendStmt]("Chan"),
+	SendStmt_Value:        info[*ast.SendStmt]("Value"),
+	SliceExpr_High:        info[*ast.SliceExpr]("High"),
+	SliceExpr_Low:         info[*ast.SliceExpr]("Low"),
+	SliceExpr_Max:         info[*ast.SliceExpr]("Max"),
+	SliceExpr_X:           info[*ast.SliceExpr]("X"),
+	StarExpr_X:            info[*ast.StarExpr]("X"),
+	StructType_Fields:     info[*ast.StructType]("Fields"),
+	SwitchStmt_Body:       info[*ast.SwitchStmt]("Body"),
+	SwitchStmt_Init:       info[*ast.SwitchStmt]("Init"),
+	SwitchStmt_Tag:        info[*ast.SwitchStmt]("Tag"),
+	TypeAssertExpr_Type:   info[*ast.TypeAssertExpr]("Type"),
+	TypeAssertExpr_X:      info[*ast.TypeAssertExpr]("X"),
+	TypeSpec_Comment:      info[*ast.TypeSpec]("Comment"),
+	TypeSpec_Doc:          info[*ast.TypeSpec]("Doc"),
+	TypeSpec_Name:         info[*ast.TypeSpec]("Name"),
+	TypeSpec_Type:         info[*ast.TypeSpec]("Type"),
+	TypeSpec_TypeParams:   info[*ast.TypeSpec]("TypeParams"),
+	TypeSwitchStmt_Assign: info[*ast.TypeSwitchStmt]("Assign"),
+	TypeSwitchStmt_Body:   info[*ast.TypeSwitchStmt]("Body"),
+	TypeSwitchStmt_Init:   info[*ast.TypeSwitchStmt]("Init"),
+	UnaryExpr_X:           info[*ast.UnaryExpr]("X"),
+	ValueSpec_Comment:     info[*ast.ValueSpec]("Comment"),
+	ValueSpec_Doc:         info[*ast.ValueSpec]("Doc"),
+	ValueSpec_Names:       info[*ast.ValueSpec]("Names"),
+	ValueSpec_Type:        info[*ast.ValueSpec]("Type"),
+	ValueSpec_Values:      info[*ast.ValueSpec]("Values"),
+}
diff --git a/vendor/golang.org/x/tools/go/ast/inspector/cursor.go b/vendor/golang.org/x/tools/go/ast/inspector/cursor.go
new file mode 100644
index 000000000..7e72d3c28
--- /dev/null
+++ b/vendor/golang.org/x/tools/go/ast/inspector/cursor.go
@@ -0,0 +1,502 @@
+// Copyright 2025 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package inspector
+
+import (
+	"fmt"
+	"go/ast"
+	"go/token"
+	"iter"
+	"reflect"
+
+	"golang.org/x/tools/go/ast/edge"
+)
+
+// A Cursor represents an [ast.Node]. It is immutable.
+//
+// Two Cursors compare equal if they represent the same node.
+//
+// Call [Inspector.Root] to obtain a valid cursor for the virtual root
+// node of the traversal.
+//
+// Use the following methods to navigate efficiently around the tree:
+//   - for ancestors, use [Cursor.Parent] and [Cursor.Enclosing];
+//   - for children, use [Cursor.Child], [Cursor.Children],
+//     [Cursor.FirstChild], and [Cursor.LastChild];
+//   - for siblings, use [Cursor.PrevSibling] and [Cursor.NextSibling];
+//   - for descendants, use [Cursor.FindByPos], [Cursor.FindNode],
+//     [Cursor.Inspect], and [Cursor.Preorder].
+//
+// Use the [Cursor.ChildAt] and [Cursor.ParentEdge] methods for
+// information about the edges in a tree: which field (and slice
+// element) of the parent node holds the child.
+type Cursor struct {
+	in    *Inspector
+	index int32 // index of push node; -1 for virtual root node
+}
+
+// Root returns a cursor for the virtual root node,
+// whose children are the files provided to [New].
+//
+// Its [Cursor.Node] method return nil.
+func (in *Inspector) Root() Cursor {
+	return Cursor{in, -1}
+}
+
+// At returns the cursor at the specified index in the traversal,
+// which must have been obtained from [Cursor.Index] on a Cursor
+// belonging to the same Inspector (see [Cursor.Inspector]).
+func (in *Inspector) At(index int32) Cursor {
+	if index < 0 {
+		panic("negative index")
+	}
+	if int(index) >= len(in.events) {
+		panic("index out of range for this inspector")
+	}
+	if in.events[index].index < index {
+		panic("invalid index") // (a push, not a pop)
+	}
+	return Cursor{in, index}
+}
+
+// Inspector returns the cursor's Inspector.
+func (c Cursor) Inspector() *Inspector { return c.in }
+
+// Index returns the index of this cursor position within the package.
+//
+// Clients should not assume anything about the numeric Index value
+// except that it increases monotonically throughout the traversal.
+// It is provided for use with [At].
+//
+// Index must not be called on the Root node.
+func (c Cursor) Index() int32 {
+	if c.index < 0 {
+		panic("Index called on Root node")
+	}
+	return c.index
+}
+
+// Node returns the node at the current cursor position,
+// or nil for the cursor returned by [Inspector.Root].
+func (c Cursor) Node() ast.Node {
+	if c.index < 0 {
+		return nil
+	}
+	return c.in.events[c.index].node
+}
+
+// String returns information about the cursor's node, if any.
+func (c Cursor) String() string {
+	if c.in == nil {
+		return "(invalid)"
+	}
+	if c.index < 0 {
+		return "(root)"
+	}
+	return reflect.TypeOf(c.Node()).String()
+}
+
+// indices return the [start, end) half-open interval of event indices.
+func (c Cursor) indices() (int32, int32) {
+	if c.index < 0 {
+		return 0, int32(len(c.in.events)) // root: all events
+	} else {
+		return c.index, c.in.events[c.index].index + 1 // just one subtree
+	}
+}
+
+// Preorder returns an iterator over the nodes of the subtree
+// represented by c in depth-first order. Each node in the sequence is
+// represented by a Cursor that allows access to the Node, but may
+// also be used to start a new traversal, or to obtain the stack of
+// nodes enclosing the cursor.
+//
+// The traversal sequence is determined by [ast.Inspect]. The types
+// argument, if non-empty, enables type-based filtering of events. The
+// function f if is called only for nodes whose type matches an
+// element of the types slice.
+//
+// If you need control over descent into subtrees,
+// or need both pre- and post-order notifications, use [Cursor.Inspect]
+func (c Cursor) Preorder(types ...ast.Node) iter.Seq[Cursor] {
+	mask := maskOf(types)
+
+	return func(yield func(Cursor) bool) {
+		events := c.in.events
+
+		for i, limit := c.indices(); i < limit; {
+			ev := events[i]
+			if ev.index > i { // push?
+				if ev.typ&mask != 0 && !yield(Cursor{c.in, i}) {
+					break
+				}
+				pop := ev.index
+				if events[pop].typ&mask == 0 {
+					// Subtree does not contain types: skip.
+					i = pop + 1
+					continue
+				}
+			}
+			i++
+		}
+	}
+}
+
+// Inspect visits the nodes of the subtree represented by c in
+// depth-first order. It calls f(n) for each node n before it
+// visits n's children. If f returns true, Inspect invokes f
+// recursively for each of the non-nil children of the node.
+//
+// Each node is represented by a Cursor that allows access to the
+// Node, but may also be used to start a new traversal, or to obtain
+// the stack of nodes enclosing the cursor.
+//
+// The complete traversal sequence is determined by [ast.Inspect].
+// The types argument, if non-empty, enables type-based filtering of
+// events. The function f if is called only for nodes whose type
+// matches an element of the types slice.
+func (c Cursor) Inspect(types []ast.Node, f func(c Cursor) (descend bool)) {
+	mask := maskOf(types)
+	events := c.in.events
+	for i, limit := c.indices(); i < limit; {
+		ev := events[i]
+		if ev.index > i {
+			// push
+			pop := ev.index
+			if ev.typ&mask != 0 && !f(Cursor{c.in, i}) ||
+				events[pop].typ&mask == 0 {
+				// The user opted not to descend, or the
+				// subtree does not contain types:
+				// skip past the pop.
+				i = pop + 1
+				continue
+			}
+		}
+		i++
+	}
+}
+
+// Enclosing returns an iterator over the nodes enclosing the current
+// current node, starting with the Cursor itself.
+//
+// Enclosing must not be called on the Root node (whose [Cursor.Node] returns nil).
+//
+// The types argument, if non-empty, enables type-based filtering of
+// events: the sequence includes only enclosing nodes whose type
+// matches an element of the types slice.
+func (c Cursor) Enclosing(types ...ast.Node) iter.Seq[Cursor] {
+	if c.index < 0 {
+		panic("Cursor.Enclosing called on Root node")
+	}
+
+	mask := maskOf(types)
+
+	return func(yield func(Cursor) bool) {
+		events := c.in.events
+		for i := c.index; i >= 0; i = events[i].parent {
+			if events[i].typ&mask != 0 && !yield(Cursor{c.in, i}) {
+				break
+			}
+		}
+	}
+}
+
+// Parent returns the parent of the current node.
+//
+// Parent must not be called on the Root node (whose [Cursor.Node] returns nil).
+func (c Cursor) Parent() Cursor {
+	if c.index < 0 {
+		panic("Cursor.Parent called on Root node")
+	}
+
+	return Cursor{c.in, c.in.events[c.index].parent}
+}
+
+// ParentEdge returns the identity of the field in the parent node
+// that holds this cursor's node, and if it is a list, the index within it.
+//
+// For example, f(x, y) is a CallExpr whose three children are Idents.
+// f has edge kind [edge.CallExpr_Fun] and index -1.
+// x and y have kind [edge.CallExpr_Args] and indices 0 and 1, respectively.
+//
+// If called on a child of the Root node, it returns ([edge.Invalid], -1).
+//
+// ParentEdge must not be called on the Root node (whose [Cursor.Node] returns nil).
+func (c Cursor) ParentEdge() (edge.Kind, int) {
+	if c.index < 0 {
+		panic("Cursor.ParentEdge called on Root node")
+	}
+	events := c.in.events
+	pop := events[c.index].index
+	return unpackEdgeKindAndIndex(events[pop].parent)
+}
+
+// ChildAt returns the cursor for the child of the
+// current node identified by its edge and index.
+// The index must be -1 if the edge.Kind is not a slice.
+// The indicated child node must exist.
+//
+// ChildAt must not be called on the Root node (whose [Cursor.Node] returns nil).
+//
+// Invariant: c.Parent().ChildAt(c.ParentEdge()) == c.
+func (c Cursor) ChildAt(k edge.Kind, idx int) Cursor {
+	target := packEdgeKindAndIndex(k, idx)
+
+	// Unfortunately there's no shortcut to looping.
+	events := c.in.events
+	i := c.index + 1
+	for {
+		pop := events[i].index
+		if pop < i {
+			break
+		}
+		if events[pop].parent == target {
+			return Cursor{c.in, i}
+		}
+		i = pop + 1
+	}
+	panic(fmt.Sprintf("ChildAt(%v, %d): no such child of %v", k, idx, c))
+}
+
+// Child returns the cursor for n, which must be a direct child of c's Node.
+//
+// Child must not be called on the Root node (whose [Cursor.Node] returns nil).
+func (c Cursor) Child(n ast.Node) Cursor {
+	if c.index < 0 {
+		panic("Cursor.Child called on Root node")
+	}
+
+	if false {
+		// reference implementation
+		for child := range c.Children() {
+			if child.Node() == n {
+				return child
+			}
+		}
+
+	} else {
+		// optimized implementation
+		events := c.in.events
+		for i := c.index + 1; events[i].index > i; i = events[i].index + 1 {
+			if events[i].node == n {
+				return Cursor{c.in, i}
+			}
+		}
+	}
+	panic(fmt.Sprintf("Child(%T): not a child of %v", n, c))
+}
+
+// NextSibling returns the cursor for the next sibling node in the same list
+// (for example, of files, decls, specs, statements, fields, or expressions) as
+// the current node. It returns (zero, false) if the node is the last node in
+// the list, or is not part of a list.
+//
+// NextSibling must not be called on the Root node.
+//
+// See note at [Cursor.Children].
+func (c Cursor) NextSibling() (Cursor, bool) {
+	if c.index < 0 {
+		panic("Cursor.NextSibling called on Root node")
+	}
+
+	events := c.in.events
+	i := events[c.index].index + 1 // after corresponding pop
+	if i < int32(len(events)) {
+		if events[i].index > i { // push?
+			return Cursor{c.in, i}, true
+		}
+	}
+	return Cursor{}, false
+}
+
+// PrevSibling returns the cursor for the previous sibling node in the
+// same list (for example, of files, decls, specs, statements, fields,
+// or expressions) as the current node. It returns zero if the node is
+// the first node in the list, or is not part of a list.
+//
+// It must not be called on the Root node.
+//
+// See note at [Cursor.Children].
+func (c Cursor) PrevSibling() (Cursor, bool) {
+	if c.index < 0 {
+		panic("Cursor.PrevSibling called on Root node")
+	}
+
+	events := c.in.events
+	i := c.index - 1
+	if i >= 0 {
+		if j := events[i].index; j < i { // pop?
+			return Cursor{c.in, j}, true
+		}
+	}
+	return Cursor{}, false
+}
+
+// FirstChild returns the first direct child of the current node,
+// or zero if it has no children.
+func (c Cursor) FirstChild() (Cursor, bool) {
+	events := c.in.events
+	i := c.index + 1                                   // i=0 if c is root
+	if i < int32(len(events)) && events[i].index > i { // push?
+		return Cursor{c.in, i}, true
+	}
+	return Cursor{}, false
+}
+
+// LastChild returns the last direct child of the current node,
+// or zero if it has no children.
+func (c Cursor) LastChild() (Cursor, bool) {
+	events := c.in.events
+	if c.index < 0 { // root?
+		if len(events) > 0 {
+			// return push of final event (a pop)
+			return Cursor{c.in, events[len(events)-1].index}, true
+		}
+	} else {
+		j := events[c.index].index - 1 // before corresponding pop
+		// Inv: j == c.index if c has no children
+		//  or  j is last child's pop.
+		if j > c.index { // c has children
+			return Cursor{c.in, events[j].index}, true
+		}
+	}
+	return Cursor{}, false
+}
+
+// Children returns an iterator over the direct children of the
+// current node, if any.
+//
+// When using Children, NextChild, and PrevChild, bear in mind that a
+// Node's children may come from different fields, some of which may
+// be lists of nodes without a distinguished intervening container
+// such as [ast.BlockStmt].
+//
+// For example, [ast.CaseClause] has a field List of expressions and a
+// field Body of statements, so the children of a CaseClause are a mix
+// of expressions and statements. Other nodes that have "uncontained"
+// list fields include:
+//
+//   - [ast.ValueSpec] (Names, Values)
+//   - [ast.CompositeLit] (Type, Elts)
+//   - [ast.IndexListExpr] (X, Indices)
+//   - [ast.CallExpr] (Fun, Args)
+//   - [ast.AssignStmt] (Lhs, Rhs)
+//
+// So, do not assume that the previous sibling of an ast.Stmt is also
+// an ast.Stmt, or if it is, that they are executed sequentially,
+// unless you have established that, say, its parent is a BlockStmt
+// or its [Cursor.ParentEdge] is [edge.BlockStmt_List].
+// For example, given "for S1; ; S2 {}", the predecessor of S2 is S1,
+// even though they are not executed in sequence.
+func (c Cursor) Children() iter.Seq[Cursor] {
+	return func(yield func(Cursor) bool) {
+		c, ok := c.FirstChild()
+		for ok && yield(c) {
+			c, ok = c.NextSibling()
+		}
+	}
+}
+
+// Contains reports whether c contains or is equal to c2.
+//
+// Both Cursors must belong to the same [Inspector];
+// neither may be its Root node.
+func (c Cursor) Contains(c2 Cursor) bool {
+	if c.in != c2.in {
+		panic("different inspectors")
+	}
+	events := c.in.events
+	return c.index <= c2.index && events[c2.index].index <= events[c.index].index
+}
+
+// FindNode returns the cursor for node n if it belongs to the subtree
+// rooted at c. It returns zero if n is not found.
+func (c Cursor) FindNode(n ast.Node) (Cursor, bool) {
+
+	// FindNode is equivalent to this code,
+	// but more convenient and 15-20% faster:
+	if false {
+		for candidate := range c.Preorder(n) {
+			if candidate.Node() == n {
+				return candidate, true
+			}
+		}
+		return Cursor{}, false
+	}
+
+	// TODO(adonovan): opt: should we assume Node.Pos is accurate
+	// and combine type-based filtering with position filtering
+	// like FindByPos?
+
+	mask := maskOf([]ast.Node{n})
+	events := c.in.events
+
+	for i, limit := c.indices(); i < limit; i++ {
+		ev := events[i]
+		if ev.index > i { // push?
+			if ev.typ&mask != 0 && ev.node == n {
+				return Cursor{c.in, i}, true
+			}
+			pop := ev.index
+			if events[pop].typ&mask == 0 {
+				// Subtree does not contain type of n: skip.
+				i = pop
+			}
+		}
+	}
+	return Cursor{}, false
+}
+
+// FindByPos returns the cursor for the innermost node n in the tree
+// rooted at c such that n.Pos() <= start && end <= n.End().
+// (For an *ast.File, it uses the bounds n.FileStart-n.FileEnd.)
+//
+// It returns zero if none is found.
+// Precondition: start <= end.
+//
+// See also [astutil.PathEnclosingInterval], which
+// tolerates adjoining whitespace.
+func (c Cursor) FindByPos(start, end token.Pos) (Cursor, bool) {
+	if end < start {
+		panic("end < start")
+	}
+	events := c.in.events
+
+	// This algorithm could be implemented using c.Inspect,
+	// but it is about 2.5x slower.
+
+	best := int32(-1) // push index of latest (=innermost) node containing range
+	for i, limit := c.indices(); i < limit; i++ {
+		ev := events[i]
+		if ev.index > i { // push?
+			n := ev.node
+			var nodeEnd token.Pos
+			if file, ok := n.(*ast.File); ok {
+				nodeEnd = file.FileEnd
+				// Note: files may be out of Pos order.
+				if file.FileStart > start {
+					i = ev.index // disjoint, after; skip to next file
+					continue
+				}
+			} else {
+				nodeEnd = n.End()
+				if n.Pos() > start {
+					break // disjoint, after; stop
+				}
+			}
+			// Inv: node.{Pos,FileStart} <= start
+			if end <= nodeEnd {
+				// node fully contains target range
+				best = i
+			} else if nodeEnd < start {
+				i = ev.index // disjoint, before; skip forward
+			}
+		}
+	}
+	if best >= 0 {
+		return Cursor{c.in, best}, true
+	}
+	return Cursor{}, false
+}
diff --git a/vendor/golang.org/x/tools/go/ast/inspector/inspector.go b/vendor/golang.org/x/tools/go/ast/inspector/inspector.go
new file mode 100644
index 000000000..a703cdfcf
--- /dev/null
+++ b/vendor/golang.org/x/tools/go/ast/inspector/inspector.go
@@ -0,0 +1,311 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package inspector provides helper functions for traversal over the
+// syntax trees of a package, including node filtering by type, and
+// materialization of the traversal stack.
+//
+// During construction, the inspector does a complete traversal and
+// builds a list of push/pop events and their node type. Subsequent
+// method calls that request a traversal scan this list, rather than walk
+// the AST, and perform type filtering using efficient bit sets.
+// This representation is sometimes called a "balanced parenthesis tree."
+//
+// Experiments suggest the inspector's traversals are about 2.5x faster
+// than [ast.Inspect], but it may take around 5 traversals for this
+// benefit to amortize the inspector's construction cost.
+// If efficiency is the primary concern, do not use Inspector for
+// one-off traversals.
+//
+// The [Cursor] type provides a more flexible API for efficient
+// navigation of syntax trees in all four "cardinal directions". For
+// example, traversals may be nested, so you can find each node of
+// type A and then search within it for nodes of type B. Or you can
+// traverse from a node to its immediate neighbors: its parent, its
+// previous and next sibling, or its first and last child. We
+// recommend using methods of Cursor in preference to Inspector where
+// possible.
+package inspector
+
+// There are four orthogonal features in a traversal:
+//  1 type filtering
+//  2 pruning
+//  3 postorder calls to f
+//  4 stack
+// Rather than offer all of them in the API,
+// only a few combinations are exposed:
+// - Preorder is the fastest and has fewest features,
+//   but is the most commonly needed traversal.
+// - Nodes and WithStack both provide pruning and postorder calls,
+//   even though few clients need it, because supporting two versions
+//   is not justified.
+// More combinations could be supported by expressing them as
+// wrappers around a more generic traversal, but this was measured
+// and found to degrade performance significantly (30%).
+
+import (
+	"go/ast"
+
+	"golang.org/x/tools/go/ast/edge"
+)
+
+// An Inspector provides methods for inspecting
+// (traversing) the syntax trees of a package.
+type Inspector struct {
+	events []event
+}
+
+func packEdgeKindAndIndex(ek edge.Kind, index int) int32 {
+	return int32(uint32(index+1)<<7 | uint32(ek))
+}
+
+// unpackEdgeKindAndIndex unpacks the edge kind and edge index (within
+// an []ast.Node slice) from the parent field of a pop event.
+func unpackEdgeKindAndIndex(x int32) (edge.Kind, int) {
+	// The "parent" field of a pop node holds the
+	// edge Kind in the lower 7 bits and the index+1
+	// in the upper 25.
+	return edge.Kind(x & 0x7f), int(x>>7) - 1
+}
+
+// New returns an Inspector for the specified syntax trees.
+func New(files []*ast.File) *Inspector {
+	return &Inspector{traverse(files)}
+}
+
+// An event represents a push or a pop
+// of an ast.Node during a traversal.
+type event struct {
+	node   ast.Node
+	typ    uint64 // typeOf(node) on push event, or union of typ strictly between push and pop events on pop events
+	index  int32  // index of corresponding push or pop event
+	parent int32  // index of parent's push node (push nodes only), or packed edge kind/index (pop nodes only)
+}
+
+// TODO: Experiment with storing only the second word of event.node (unsafe.Pointer).
+// Type can be recovered from the sole bit in typ.
+// [Tried this, wasn't faster. --adonovan]
+
+// Preorder visits all the nodes of the files supplied to New in
+// depth-first order. It calls f(n) for each node n before it visits
+// n's children.
+//
+// The complete traversal sequence is determined by [ast.Inspect].
+// The types argument, if non-empty, enables type-based filtering of
+// events. The function f is called only for nodes whose type
+// matches an element of the types slice.
+//
+// The [Cursor.Preorder] method provides a richer alternative interface.
+// Example:
+//
+//	for c := range in.Root().Preorder(types) { ... }
+func (in *Inspector) Preorder(types []ast.Node, f func(ast.Node)) {
+	// Because it avoids postorder calls to f, and the pruning
+	// check, Preorder is almost twice as fast as Nodes. The two
+	// features seem to contribute similar slowdowns (~1.4x each).
+
+	// This function is equivalent to the PreorderSeq call below,
+	// but to avoid the additional dynamic call (which adds 13-35%
+	// to the benchmarks), we expand it out.
+	//
+	// in.PreorderSeq(types...)(func(n ast.Node) bool {
+	// 	f(n)
+	// 	return true
+	// })
+
+	mask := maskOf(types)
+	for i := int32(0); i < int32(len(in.events)); {
+		ev := in.events[i]
+		if ev.index > i {
+			// push
+			if ev.typ&mask != 0 {
+				f(ev.node)
+			}
+			pop := ev.index
+			if in.events[pop].typ&mask == 0 {
+				// Subtrees do not contain types: skip them and pop.
+				i = pop + 1
+				continue
+			}
+		}
+		i++
+	}
+}
+
+// Nodes visits the nodes of the files supplied to New in depth-first
+// order. It calls f(n, true) for each node n before it visits n's
+// children. If f returns true, Nodes invokes f recursively for each
+// of the non-nil children of the node, followed by a call of
+// f(n, false).
+//
+// The complete traversal sequence is determined by [ast.Inspect].
+// The types argument, if non-empty, enables type-based filtering of
+// events. The function f if is called only for nodes whose type
+// matches an element of the types slice.
+//
+// The [Cursor.Inspect] method provides a richer alternative interface.
+// Example:
+//
+//	in.Root().Inspect(types, func(c Cursor) bool {
+//		...
+//		return true
+//	}
+func (in *Inspector) Nodes(types []ast.Node, f func(n ast.Node, push bool) (proceed bool)) {
+	mask := maskOf(types)
+	for i := int32(0); i < int32(len(in.events)); {
+		ev := in.events[i]
+		if ev.index > i {
+			// push
+			pop := ev.index
+			if ev.typ&mask != 0 {
+				if !f(ev.node, true) {
+					i = pop + 1 // jump to corresponding pop + 1
+					continue
+				}
+			}
+			if in.events[pop].typ&mask == 0 {
+				// Subtrees do not contain types: skip them.
+				i = pop
+				continue
+			}
+		} else {
+			// pop
+			push := ev.index
+			if in.events[push].typ&mask != 0 {
+				f(ev.node, false)
+			}
+		}
+		i++
+	}
+}
+
+// WithStack visits nodes in a similar manner to Nodes, but it
+// supplies each call to f an additional argument, the current
+// traversal stack. The stack's first element is the outermost node,
+// an *ast.File; its last is the innermost, n.
+//
+// The [Cursor.Inspect] method provides a richer alternative interface.
+// Example:
+//
+//	in.Root().Inspect(types, func(c Cursor) bool {
+//		stack := slices.Collect(c.Enclosing())
+//		...
+//		return true
+//	})
+func (in *Inspector) WithStack(types []ast.Node, f func(n ast.Node, push bool, stack []ast.Node) (proceed bool)) {
+	mask := maskOf(types)
+	var stack []ast.Node
+	for i := int32(0); i < int32(len(in.events)); {
+		ev := in.events[i]
+		if ev.index > i {
+			// push
+			pop := ev.index
+			stack = append(stack, ev.node)
+			if ev.typ&mask != 0 {
+				if !f(ev.node, true, stack) {
+					i = pop + 1
+					stack = stack[:len(stack)-1]
+					continue
+				}
+			}
+			if in.events[pop].typ&mask == 0 {
+				// Subtrees does not contain types: skip them.
+				i = pop
+				continue
+			}
+		} else {
+			// pop
+			push := ev.index
+			if in.events[push].typ&mask != 0 {
+				f(ev.node, false, stack)
+			}
+			stack = stack[:len(stack)-1]
+		}
+		i++
+	}
+}
+
+// traverse builds the table of events representing a traversal.
+func traverse(files []*ast.File) []event {
+	// Preallocate approximate number of events
+	// based on source file extent of the declarations.
+	// (We use End-Pos not FileStart-FileEnd to neglect
+	// the effect of long doc comments.)
+	// This makes traverse faster by 4x (!).
+	var extent int
+	for _, f := range files {
+		extent += int(f.End() - f.Pos())
+	}
+	// This estimate is based on the net/http package.
+	capacity := min(extent*33/100, 1e6) // impose some reasonable maximum (1M)
+
+	v := &visitor{
+		events: make([]event, 0, capacity),
+		stack:  []item{{index: -1}}, // include an extra event so file nodes have a parent
+	}
+	for _, file := range files {
+		walk(v, edge.Invalid, -1, file)
+	}
+	return v.events
+}
+
+type visitor struct {
+	events []event
+	stack  []item
+}
+
+type item struct {
+	index            int32  // index of current node's push event
+	parentIndex      int32  // index of parent node's push event
+	typAccum         uint64 // accumulated type bits of current node's descendants
+	edgeKindAndIndex int32  // edge.Kind and index, bit packed
+}
+
+func (v *visitor) push(ek edge.Kind, eindex int, node ast.Node) {
+	var (
+		index       = int32(len(v.events))
+		parentIndex = v.stack[len(v.stack)-1].index
+	)
+	v.events = append(v.events, event{
+		node:   node,
+		parent: parentIndex,
+		typ:    typeOf(node),
+		index:  0, // (pop index is set later by visitor.pop)
+	})
+	v.stack = append(v.stack, item{
+		index:            index,
+		parentIndex:      parentIndex,
+		edgeKindAndIndex: packEdgeKindAndIndex(ek, eindex),
+	})
+
+	// 2B nodes ought to be enough for anyone!
+	if int32(len(v.events)) < 0 {
+		panic("event index exceeded int32")
+	}
+
+	// 32M elements in an []ast.Node ought to be enough for anyone!
+	if ek2, eindex2 := unpackEdgeKindAndIndex(packEdgeKindAndIndex(ek, eindex)); ek2 != ek || eindex2 != eindex {
+		panic("Node slice index exceeded uint25")
+	}
+}
+
+func (v *visitor) pop(node ast.Node) {
+	top := len(v.stack) - 1
+	current := v.stack[top]
+
+	push := &v.events[current.index]
+	parent := &v.stack[top-1]
+
+	push.index = int32(len(v.events))              // make push event refer to pop
+	parent.typAccum |= current.typAccum | push.typ // accumulate type bits into parent
+
+	v.stack = v.stack[:top]
+
+	v.events = append(v.events, event{
+		node:   node,
+		typ:    current.typAccum,
+		index:  current.index,
+		parent: current.edgeKindAndIndex, // see [unpackEdgeKindAndIndex]
+	})
+}
diff --git a/vendor/golang.org/x/tools/go/ast/inspector/iter.go b/vendor/golang.org/x/tools/go/ast/inspector/iter.go
new file mode 100644
index 000000000..c576dc70a
--- /dev/null
+++ b/vendor/golang.org/x/tools/go/ast/inspector/iter.go
@@ -0,0 +1,85 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build go1.23
+
+package inspector
+
+import (
+	"go/ast"
+	"iter"
+)
+
+// PreorderSeq returns an iterator that visits all the
+// nodes of the files supplied to New in depth-first order.
+// It visits each node n before n's children.
+// The complete traversal sequence is determined by ast.Inspect.
+//
+// The types argument, if non-empty, enables type-based
+// filtering of events: only nodes whose type matches an
+// element of the types slice are included in the sequence.
+func (in *Inspector) PreorderSeq(types ...ast.Node) iter.Seq[ast.Node] {
+
+	// This implementation is identical to Preorder,
+	// except that it supports breaking out of the loop.
+
+	return func(yield func(ast.Node) bool) {
+		mask := maskOf(types)
+		for i := int32(0); i < int32(len(in.events)); {
+			ev := in.events[i]
+			if ev.index > i {
+				// push
+				if ev.typ&mask != 0 {
+					if !yield(ev.node) {
+						break
+					}
+				}
+				pop := ev.index
+				if in.events[pop].typ&mask == 0 {
+					// Subtrees do not contain types: skip them and pop.
+					i = pop + 1
+					continue
+				}
+			}
+			i++
+		}
+	}
+}
+
+// All[N] returns an iterator over all the nodes of type N.
+// N must be a pointer-to-struct type that implements ast.Node.
+//
+// Example:
+//
+//	for call := range All[*ast.CallExpr](in) { ... }
+func All[N interface {
+	*S
+	ast.Node
+}, S any](in *Inspector) iter.Seq[N] {
+
+	// To avoid additional dynamic call overheads,
+	// we duplicate rather than call the logic of PreorderSeq.
+
+	mask := typeOf((N)(nil))
+	return func(yield func(N) bool) {
+		for i := int32(0); i < int32(len(in.events)); {
+			ev := in.events[i]
+			if ev.index > i {
+				// push
+				if ev.typ&mask != 0 {
+					if !yield(ev.node.(N)) {
+						break
+					}
+				}
+				pop := ev.index
+				if in.events[pop].typ&mask == 0 {
+					// Subtrees do not contain types: skip them and pop.
+					i = pop + 1
+					continue
+				}
+			}
+			i++
+		}
+	}
+}
diff --git a/vendor/golang.org/x/tools/go/ast/inspector/typeof.go b/vendor/golang.org/x/tools/go/ast/inspector/typeof.go
new file mode 100644
index 000000000..9852331a3
--- /dev/null
+++ b/vendor/golang.org/x/tools/go/ast/inspector/typeof.go
@@ -0,0 +1,227 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package inspector
+
+// This file defines func typeOf(ast.Node) uint64.
+//
+// The initial map-based implementation was too slow;
+// see https://go-review.googlesource.com/c/tools/+/135655/1/go/ast/inspector/inspector.go#196
+
+import (
+	"go/ast"
+	"math"
+)
+
+const (
+	nArrayType = iota
+	nAssignStmt
+	nBadDecl
+	nBadExpr
+	nBadStmt
+	nBasicLit
+	nBinaryExpr
+	nBlockStmt
+	nBranchStmt
+	nCallExpr
+	nCaseClause
+	nChanType
+	nCommClause
+	nComment
+	nCommentGroup
+	nCompositeLit
+	nDeclStmt
+	nDeferStmt
+	nEllipsis
+	nEmptyStmt
+	nExprStmt
+	nField
+	nFieldList
+	nFile
+	nForStmt
+	nFuncDecl
+	nFuncLit
+	nFuncType
+	nGenDecl
+	nGoStmt
+	nIdent
+	nIfStmt
+	nImportSpec
+	nIncDecStmt
+	nIndexExpr
+	nIndexListExpr
+	nInterfaceType
+	nKeyValueExpr
+	nLabeledStmt
+	nMapType
+	nPackage
+	nParenExpr
+	nRangeStmt
+	nReturnStmt
+	nSelectStmt
+	nSelectorExpr
+	nSendStmt
+	nSliceExpr
+	nStarExpr
+	nStructType
+	nSwitchStmt
+	nTypeAssertExpr
+	nTypeSpec
+	nTypeSwitchStmt
+	nUnaryExpr
+	nValueSpec
+)
+
+// typeOf returns a distinct single-bit value that represents the type of n.
+//
+// Various implementations were benchmarked with BenchmarkNewInspector:
+//
+//	                                                                GOGC=off
+//	- type switch					4.9-5.5ms	2.1ms
+//	- binary search over a sorted list of types	5.5-5.9ms	2.5ms
+//	- linear scan, frequency-ordered list		5.9-6.1ms	2.7ms
+//	- linear scan, unordered list			6.4ms		2.7ms
+//	- hash table					6.5ms		3.1ms
+//
+// A perfect hash seemed like overkill.
+//
+// The compiler's switch statement is the clear winner
+// as it produces a binary tree in code,
+// with constant conditions and good branch prediction.
+// (Sadly it is the most verbose in source code.)
+// Binary search suffered from poor branch prediction.
+func typeOf(n ast.Node) uint64 {
+	// Fast path: nearly half of all nodes are identifiers.
+	if _, ok := n.(*ast.Ident); ok {
+		return 1 << nIdent
+	}
+
+	// These cases include all nodes encountered by ast.Inspect.
+	switch n.(type) {
+	case *ast.ArrayType:
+		return 1 << nArrayType
+	case *ast.AssignStmt:
+		return 1 << nAssignStmt
+	case *ast.BadDecl:
+		return 1 << nBadDecl
+	case *ast.BadExpr:
+		return 1 << nBadExpr
+	case *ast.BadStmt:
+		return 1 << nBadStmt
+	case *ast.BasicLit:
+		return 1 << nBasicLit
+	case *ast.BinaryExpr:
+		return 1 << nBinaryExpr
+	case *ast.BlockStmt:
+		return 1 << nBlockStmt
+	case *ast.BranchStmt:
+		return 1 << nBranchStmt
+	case *ast.CallExpr:
+		return 1 << nCallExpr
+	case *ast.CaseClause:
+		return 1 << nCaseClause
+	case *ast.ChanType:
+		return 1 << nChanType
+	case *ast.CommClause:
+		return 1 << nCommClause
+	case *ast.Comment:
+		return 1 << nComment
+	case *ast.CommentGroup:
+		return 1 << nCommentGroup
+	case *ast.CompositeLit:
+		return 1 << nCompositeLit
+	case *ast.DeclStmt:
+		return 1 << nDeclStmt
+	case *ast.DeferStmt:
+		return 1 << nDeferStmt
+	case *ast.Ellipsis:
+		return 1 << nEllipsis
+	case *ast.EmptyStmt:
+		return 1 << nEmptyStmt
+	case *ast.ExprStmt:
+		return 1 << nExprStmt
+	case *ast.Field:
+		return 1 << nField
+	case *ast.FieldList:
+		return 1 << nFieldList
+	case *ast.File:
+		return 1 << nFile
+	case *ast.ForStmt:
+		return 1 << nForStmt
+	case *ast.FuncDecl:
+		return 1 << nFuncDecl
+	case *ast.FuncLit:
+		return 1 << nFuncLit
+	case *ast.FuncType:
+		return 1 << nFuncType
+	case *ast.GenDecl:
+		return 1 << nGenDecl
+	case *ast.GoStmt:
+		return 1 << nGoStmt
+	case *ast.Ident:
+		return 1 << nIdent
+	case *ast.IfStmt:
+		return 1 << nIfStmt
+	case *ast.ImportSpec:
+		return 1 << nImportSpec
+	case *ast.IncDecStmt:
+		return 1 << nIncDecStmt
+	case *ast.IndexExpr:
+		return 1 << nIndexExpr
+	case *ast.IndexListExpr:
+		return 1 << nIndexListExpr
+	case *ast.InterfaceType:
+		return 1 << nInterfaceType
+	case *ast.KeyValueExpr:
+		return 1 << nKeyValueExpr
+	case *ast.LabeledStmt:
+		return 1 << nLabeledStmt
+	case *ast.MapType:
+		return 1 << nMapType
+	case *ast.Package:
+		return 1 << nPackage
+	case *ast.ParenExpr:
+		return 1 << nParenExpr
+	case *ast.RangeStmt:
+		return 1 << nRangeStmt
+	case *ast.ReturnStmt:
+		return 1 << nReturnStmt
+	case *ast.SelectStmt:
+		return 1 << nSelectStmt
+	case *ast.SelectorExpr:
+		return 1 << nSelectorExpr
+	case *ast.SendStmt:
+		return 1 << nSendStmt
+	case *ast.SliceExpr:
+		return 1 << nSliceExpr
+	case *ast.StarExpr:
+		return 1 << nStarExpr
+	case *ast.StructType:
+		return 1 << nStructType
+	case *ast.SwitchStmt:
+		return 1 << nSwitchStmt
+	case *ast.TypeAssertExpr:
+		return 1 << nTypeAssertExpr
+	case *ast.TypeSpec:
+		return 1 << nTypeSpec
+	case *ast.TypeSwitchStmt:
+		return 1 << nTypeSwitchStmt
+	case *ast.UnaryExpr:
+		return 1 << nUnaryExpr
+	case *ast.ValueSpec:
+		return 1 << nValueSpec
+	}
+	return 0
+}
+
+func maskOf(nodes []ast.Node) uint64 {
+	if len(nodes) == 0 {
+		return math.MaxUint64 // match all node types
+	}
+	var mask uint64
+	for _, n := range nodes {
+		mask |= typeOf(n)
+	}
+	return mask
+}
diff --git a/vendor/golang.org/x/tools/go/ast/inspector/walk.go b/vendor/golang.org/x/tools/go/ast/inspector/walk.go
new file mode 100644
index 000000000..5f1c93c8a
--- /dev/null
+++ b/vendor/golang.org/x/tools/go/ast/inspector/walk.go
@@ -0,0 +1,341 @@
+// Copyright 2025 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package inspector
+
+// This file is a fork of ast.Inspect to reduce unnecessary dynamic
+// calls and to gather edge information.
+//
+// Consistency with the original is ensured by TestInspectAllNodes.
+
+import (
+	"fmt"
+	"go/ast"
+
+	"golang.org/x/tools/go/ast/edge"
+)
+
+func walkList[N ast.Node](v *visitor, ek edge.Kind, list []N) {
+	for i, node := range list {
+		walk(v, ek, i, node)
+	}
+}
+
+func walk(v *visitor, ek edge.Kind, index int, node ast.Node) {
+	v.push(ek, index, node)
+
+	// walk children
+	// (the order of the cases matches the order
+	// of the corresponding node types in ast.go)
+	switch n := node.(type) {
+	// Comments and fields
+	case *ast.Comment:
+		// nothing to do
+
+	case *ast.CommentGroup:
+		walkList(v, edge.CommentGroup_List, n.List)
+
+	case *ast.Field:
+		if n.Doc != nil {
+			walk(v, edge.Field_Doc, -1, n.Doc)
+		}
+		walkList(v, edge.Field_Names, n.Names)
+		if n.Type != nil {
+			walk(v, edge.Field_Type, -1, n.Type)
+		}
+		if n.Tag != nil {
+			walk(v, edge.Field_Tag, -1, n.Tag)
+		}
+		if n.Comment != nil {
+			walk(v, edge.Field_Comment, -1, n.Comment)
+		}
+
+	case *ast.FieldList:
+		walkList(v, edge.FieldList_List, n.List)
+
+	// Expressions
+	case *ast.BadExpr, *ast.Ident, *ast.BasicLit:
+		// nothing to do
+
+	case *ast.Ellipsis:
+		if n.Elt != nil {
+			walk(v, edge.Ellipsis_Elt, -1, n.Elt)
+		}
+
+	case *ast.FuncLit:
+		walk(v, edge.FuncLit_Type, -1, n.Type)
+		walk(v, edge.FuncLit_Body, -1, n.Body)
+
+	case *ast.CompositeLit:
+		if n.Type != nil {
+			walk(v, edge.CompositeLit_Type, -1, n.Type)
+		}
+		walkList(v, edge.CompositeLit_Elts, n.Elts)
+
+	case *ast.ParenExpr:
+		walk(v, edge.ParenExpr_X, -1, n.X)
+
+	case *ast.SelectorExpr:
+		walk(v, edge.SelectorExpr_X, -1, n.X)
+		walk(v, edge.SelectorExpr_Sel, -1, n.Sel)
+
+	case *ast.IndexExpr:
+		walk(v, edge.IndexExpr_X, -1, n.X)
+		walk(v, edge.IndexExpr_Index, -1, n.Index)
+
+	case *ast.IndexListExpr:
+		walk(v, edge.IndexListExpr_X, -1, n.X)
+		walkList(v, edge.IndexListExpr_Indices, n.Indices)
+
+	case *ast.SliceExpr:
+		walk(v, edge.SliceExpr_X, -1, n.X)
+		if n.Low != nil {
+			walk(v, edge.SliceExpr_Low, -1, n.Low)
+		}
+		if n.High != nil {
+			walk(v, edge.SliceExpr_High, -1, n.High)
+		}
+		if n.Max != nil {
+			walk(v, edge.SliceExpr_Max, -1, n.Max)
+		}
+
+	case *ast.TypeAssertExpr:
+		walk(v, edge.TypeAssertExpr_X, -1, n.X)
+		if n.Type != nil {
+			walk(v, edge.TypeAssertExpr_Type, -1, n.Type)
+		}
+
+	case *ast.CallExpr:
+		walk(v, edge.CallExpr_Fun, -1, n.Fun)
+		walkList(v, edge.CallExpr_Args, n.Args)
+
+	case *ast.StarExpr:
+		walk(v, edge.StarExpr_X, -1, n.X)
+
+	case *ast.UnaryExpr:
+		walk(v, edge.UnaryExpr_X, -1, n.X)
+
+	case *ast.BinaryExpr:
+		walk(v, edge.BinaryExpr_X, -1, n.X)
+		walk(v, edge.BinaryExpr_Y, -1, n.Y)
+
+	case *ast.KeyValueExpr:
+		walk(v, edge.KeyValueExpr_Key, -1, n.Key)
+		walk(v, edge.KeyValueExpr_Value, -1, n.Value)
+
+	// Types
+	case *ast.ArrayType:
+		if n.Len != nil {
+			walk(v, edge.ArrayType_Len, -1, n.Len)
+		}
+		walk(v, edge.ArrayType_Elt, -1, n.Elt)
+
+	case *ast.StructType:
+		walk(v, edge.StructType_Fields, -1, n.Fields)
+
+	case *ast.FuncType:
+		if n.TypeParams != nil {
+			walk(v, edge.FuncType_TypeParams, -1, n.TypeParams)
+		}
+		if n.Params != nil {
+			walk(v, edge.FuncType_Params, -1, n.Params)
+		}
+		if n.Results != nil {
+			walk(v, edge.FuncType_Results, -1, n.Results)
+		}
+
+	case *ast.InterfaceType:
+		walk(v, edge.InterfaceType_Methods, -1, n.Methods)
+
+	case *ast.MapType:
+		walk(v, edge.MapType_Key, -1, n.Key)
+		walk(v, edge.MapType_Value, -1, n.Value)
+
+	case *ast.ChanType:
+		walk(v, edge.ChanType_Value, -1, n.Value)
+
+	// Statements
+	case *ast.BadStmt:
+		// nothing to do
+
+	case *ast.DeclStmt:
+		walk(v, edge.DeclStmt_Decl, -1, n.Decl)
+
+	case *ast.EmptyStmt:
+		// nothing to do
+
+	case *ast.LabeledStmt:
+		walk(v, edge.LabeledStmt_Label, -1, n.Label)
+		walk(v, edge.LabeledStmt_Stmt, -1, n.Stmt)
+
+	case *ast.ExprStmt:
+		walk(v, edge.ExprStmt_X, -1, n.X)
+
+	case *ast.SendStmt:
+		walk(v, edge.SendStmt_Chan, -1, n.Chan)
+		walk(v, edge.SendStmt_Value, -1, n.Value)
+
+	case *ast.IncDecStmt:
+		walk(v, edge.IncDecStmt_X, -1, n.X)
+
+	case *ast.AssignStmt:
+		walkList(v, edge.AssignStmt_Lhs, n.Lhs)
+		walkList(v, edge.AssignStmt_Rhs, n.Rhs)
+
+	case *ast.GoStmt:
+		walk(v, edge.GoStmt_Call, -1, n.Call)
+
+	case *ast.DeferStmt:
+		walk(v, edge.DeferStmt_Call, -1, n.Call)
+
+	case *ast.ReturnStmt:
+		walkList(v, edge.ReturnStmt_Results, n.Results)
+
+	case *ast.BranchStmt:
+		if n.Label != nil {
+			walk(v, edge.BranchStmt_Label, -1, n.Label)
+		}
+
+	case *ast.BlockStmt:
+		walkList(v, edge.BlockStmt_List, n.List)
+
+	case *ast.IfStmt:
+		if n.Init != nil {
+			walk(v, edge.IfStmt_Init, -1, n.Init)
+		}
+		walk(v, edge.IfStmt_Cond, -1, n.Cond)
+		walk(v, edge.IfStmt_Body, -1, n.Body)
+		if n.Else != nil {
+			walk(v, edge.IfStmt_Else, -1, n.Else)
+		}
+
+	case *ast.CaseClause:
+		walkList(v, edge.CaseClause_List, n.List)
+		walkList(v, edge.CaseClause_Body, n.Body)
+
+	case *ast.SwitchStmt:
+		if n.Init != nil {
+			walk(v, edge.SwitchStmt_Init, -1, n.Init)
+		}
+		if n.Tag != nil {
+			walk(v, edge.SwitchStmt_Tag, -1, n.Tag)
+		}
+		walk(v, edge.SwitchStmt_Body, -1, n.Body)
+
+	case *ast.TypeSwitchStmt:
+		if n.Init != nil {
+			walk(v, edge.TypeSwitchStmt_Init, -1, n.Init)
+		}
+		walk(v, edge.TypeSwitchStmt_Assign, -1, n.Assign)
+		walk(v, edge.TypeSwitchStmt_Body, -1, n.Body)
+
+	case *ast.CommClause:
+		if n.Comm != nil {
+			walk(v, edge.CommClause_Comm, -1, n.Comm)
+		}
+		walkList(v, edge.CommClause_Body, n.Body)
+
+	case *ast.SelectStmt:
+		walk(v, edge.SelectStmt_Body, -1, n.Body)
+
+	case *ast.ForStmt:
+		if n.Init != nil {
+			walk(v, edge.ForStmt_Init, -1, n.Init)
+		}
+		if n.Cond != nil {
+			walk(v, edge.ForStmt_Cond, -1, n.Cond)
+		}
+		if n.Post != nil {
+			walk(v, edge.ForStmt_Post, -1, n.Post)
+		}
+		walk(v, edge.ForStmt_Body, -1, n.Body)
+
+	case *ast.RangeStmt:
+		if n.Key != nil {
+			walk(v, edge.RangeStmt_Key, -1, n.Key)
+		}
+		if n.Value != nil {
+			walk(v, edge.RangeStmt_Value, -1, n.Value)
+		}
+		walk(v, edge.RangeStmt_X, -1, n.X)
+		walk(v, edge.RangeStmt_Body, -1, n.Body)
+
+	// Declarations
+	case *ast.ImportSpec:
+		if n.Doc != nil {
+			walk(v, edge.ImportSpec_Doc, -1, n.Doc)
+		}
+		if n.Name != nil {
+			walk(v, edge.ImportSpec_Name, -1, n.Name)
+		}
+		walk(v, edge.ImportSpec_Path, -1, n.Path)
+		if n.Comment != nil {
+			walk(v, edge.ImportSpec_Comment, -1, n.Comment)
+		}
+
+	case *ast.ValueSpec:
+		if n.Doc != nil {
+			walk(v, edge.ValueSpec_Doc, -1, n.Doc)
+		}
+		walkList(v, edge.ValueSpec_Names, n.Names)
+		if n.Type != nil {
+			walk(v, edge.ValueSpec_Type, -1, n.Type)
+		}
+		walkList(v, edge.ValueSpec_Values, n.Values)
+		if n.Comment != nil {
+			walk(v, edge.ValueSpec_Comment, -1, n.Comment)
+		}
+
+	case *ast.TypeSpec:
+		if n.Doc != nil {
+			walk(v, edge.TypeSpec_Doc, -1, n.Doc)
+		}
+		walk(v, edge.TypeSpec_Name, -1, n.Name)
+		if n.TypeParams != nil {
+			walk(v, edge.TypeSpec_TypeParams, -1, n.TypeParams)
+		}
+		walk(v, edge.TypeSpec_Type, -1, n.Type)
+		if n.Comment != nil {
+			walk(v, edge.TypeSpec_Comment, -1, n.Comment)
+		}
+
+	case *ast.BadDecl:
+		// nothing to do
+
+	case *ast.GenDecl:
+		if n.Doc != nil {
+			walk(v, edge.GenDecl_Doc, -1, n.Doc)
+		}
+		walkList(v, edge.GenDecl_Specs, n.Specs)
+
+	case *ast.FuncDecl:
+		if n.Doc != nil {
+			walk(v, edge.FuncDecl_Doc, -1, n.Doc)
+		}
+		if n.Recv != nil {
+			walk(v, edge.FuncDecl_Recv, -1, n.Recv)
+		}
+		walk(v, edge.FuncDecl_Name, -1, n.Name)
+		walk(v, edge.FuncDecl_Type, -1, n.Type)
+		if n.Body != nil {
+			walk(v, edge.FuncDecl_Body, -1, n.Body)
+		}
+
+	case *ast.File:
+		if n.Doc != nil {
+			walk(v, edge.File_Doc, -1, n.Doc)
+		}
+		walk(v, edge.File_Name, -1, n.Name)
+		walkList(v, edge.File_Decls, n.Decls)
+		// don't walk n.Comments - they have been
+		// visited already through the individual
+		// nodes
+
+	default:
+		// (includes *ast.Package)
+		panic(fmt.Sprintf("Walk: unexpected node type %T", n))
+	}
+
+	v.pop(node)
+}
diff --git a/vendor/golang.org/x/tools/go/packages/golist.go b/vendor/golang.org/x/tools/go/packages/golist.go
index 89f89dd2d..680a70ca8 100644
--- a/vendor/golang.org/x/tools/go/packages/golist.go
+++ b/vendor/golang.org/x/tools/go/packages/golist.go
@@ -364,12 +364,6 @@ type jsonPackage struct {
 	DepsErrors []*packagesinternal.PackageError
 }
 
-type jsonPackageError struct {
-	ImportStack []string
-	Pos         string
-	Err         string
-}
-
 func otherFiles(p *jsonPackage) [][]string {
 	return [][]string{p.CFiles, p.CXXFiles, p.MFiles, p.HFiles, p.FFiles, p.SFiles, p.SwigFiles, p.SwigCXXFiles, p.SysoFiles}
 }
diff --git a/vendor/golang.org/x/tools/go/packages/visit.go b/vendor/golang.org/x/tools/go/packages/visit.go
index df14ffd94..af6a60d75 100644
--- a/vendor/golang.org/x/tools/go/packages/visit.go
+++ b/vendor/golang.org/x/tools/go/packages/visit.go
@@ -5,9 +5,11 @@
 package packages
 
 import (
+	"cmp"
 	"fmt"
+	"iter"
 	"os"
-	"sort"
+	"slices"
 )
 
 // Visit visits all the packages in the import graph whose roots are
@@ -16,6 +18,20 @@ import (
 // package's dependencies have been visited (postorder).
 // The boolean result of pre(pkg) determines whether
 // the imports of package pkg are visited.
+//
+// Example:
+//
+//	pkgs, err := Load(...)
+//	if err != nil { ... }
+//	Visit(pkgs, nil, func(pkg *Package) {
+//		log.Println(pkg)
+//	})
+//
+// In most cases, it is more convenient to use [Postorder]:
+//
+//	for pkg := range Postorder(pkgs) {
+//		log.Println(pkg)
+//	}
 func Visit(pkgs []*Package, pre func(*Package) bool, post func(*Package)) {
 	seen := make(map[*Package]bool)
 	var visit func(*Package)
@@ -24,13 +40,8 @@ func Visit(pkgs []*Package, pre func(*Package) bool, post func(*Package)) {
 			seen[pkg] = true
 
 			if pre == nil || pre(pkg) {
-				paths := make([]string, 0, len(pkg.Imports))
-				for path := range pkg.Imports {
-					paths = append(paths, path)
-				}
-				sort.Strings(paths) // Imports is a map, this makes visit stable
-				for _, path := range paths {
-					visit(pkg.Imports[path])
+				for _, imp := range sorted(pkg.Imports) { // for determinism
+					visit(imp)
 				}
 			}
 
@@ -50,7 +61,7 @@ func Visit(pkgs []*Package, pre func(*Package) bool, post func(*Package)) {
 func PrintErrors(pkgs []*Package) int {
 	var n int
 	errModules := make(map[*Module]bool)
-	Visit(pkgs, nil, func(pkg *Package) {
+	for pkg := range Postorder(pkgs) {
 		for _, err := range pkg.Errors {
 			fmt.Fprintln(os.Stderr, err)
 			n++
@@ -63,6 +74,60 @@ func PrintErrors(pkgs []*Package) int {
 			fmt.Fprintln(os.Stderr, mod.Error.Err)
 			n++
 		}
-	})
+	}
 	return n
 }
+
+// Postorder returns an iterator over the the packages in
+// the import graph whose roots are pkg.
+// Packages are enumerated in dependencies-first order.
+func Postorder(pkgs []*Package) iter.Seq[*Package] {
+	return func(yield func(*Package) bool) {
+		seen := make(map[*Package]bool)
+		var visit func(*Package) bool
+		visit = func(pkg *Package) bool {
+			if !seen[pkg] {
+				seen[pkg] = true
+				for _, imp := range sorted(pkg.Imports) { // for determinism
+					if !visit(imp) {
+						return false
+					}
+				}
+				if !yield(pkg) {
+					return false
+				}
+			}
+			return true
+		}
+		for _, pkg := range pkgs {
+			if !visit(pkg) {
+				break
+			}
+		}
+	}
+}
+
+// -- copied from golang.org.x/tools/gopls/internal/util/moremaps --
+
+// sorted returns an iterator over the entries of m in key order.
+func sorted[M ~map[K]V, K cmp.Ordered, V any](m M) iter.Seq2[K, V] {
+	// TODO(adonovan): use maps.Sorted if proposal #68598 is accepted.
+	return func(yield func(K, V) bool) {
+		keys := keySlice(m)
+		slices.Sort(keys)
+		for _, k := range keys {
+			if !yield(k, m[k]) {
+				break
+			}
+		}
+	}
+}
+
+// KeySlice returns the keys of the map M, like slices.Collect(maps.Keys(m)).
+func keySlice[M ~map[K]V, K comparable, V any](m M) []K {
+	r := make([]K, 0, len(m))
+	for k := range m {
+		r = append(r, k)
+	}
+	return r
+}
diff --git a/vendor/golang.org/x/tools/go/types/objectpath/objectpath.go b/vendor/golang.org/x/tools/go/types/objectpath/objectpath.go
index d3c2913be..6c0c74968 100644
--- a/vendor/golang.org/x/tools/go/types/objectpath/objectpath.go
+++ b/vendor/golang.org/x/tools/go/types/objectpath/objectpath.go
@@ -698,7 +698,10 @@ func Object(pkg *types.Package, p Path) (types.Object, error) {
 			} else if false && aliases.Enabled() {
 				// The Enabled check is too expensive, so for now we
 				// simply assume that aliases are not enabled.
-				// TODO(adonovan): replace with "if true {" when go1.24 is assured.
+				//
+				// Now that go1.24 is assured, we should be able to
+				// replace this with "if true {", but it causes tests
+				// to fail. TODO(adonovan): investigate.
 				return nil, fmt.Errorf("cannot apply %q to %s (got %T, want alias)", code, t, t)
 			}
 
diff --git a/vendor/golang.org/x/tools/go/types/typeutil/map.go b/vendor/golang.org/x/tools/go/types/typeutil/map.go
index b6d542c64..f035a0b6b 100644
--- a/vendor/golang.org/x/tools/go/types/typeutil/map.go
+++ b/vendor/golang.org/x/tools/go/types/typeutil/map.go
@@ -11,7 +11,6 @@ import (
 	"fmt"
 	"go/types"
 	"hash/maphash"
-	"unsafe"
 
 	"golang.org/x/tools/internal/typeparams"
 )
@@ -380,22 +379,8 @@ var theSeed = maphash.MakeSeed()
 func (hasher) hashTypeName(tname *types.TypeName) uint32 {
 	// Since types.Identical uses == to compare TypeNames,
 	// the Hash function uses maphash.Comparable.
-	// TODO(adonovan): or will, when it becomes available in go1.24.
-	// In the meantime we use the pointer's numeric value.
-	//
-	//   hash := maphash.Comparable(theSeed, tname)
-	//
-	// (Another approach would be to hash the name and package
-	// path, and whether or not it is a package-level typename. It
-	// is rare for a package to define multiple local types with
-	// the same name.)
-	ptr := uintptr(unsafe.Pointer(tname))
-	if unsafe.Sizeof(ptr) == 8 {
-		hash := uint64(ptr)
-		return uint32(hash ^ (hash >> 32))
-	} else {
-		return uint32(ptr)
-	}
+	hash := maphash.Comparable(theSeed, tname)
+	return uint32(hash ^ (hash >> 32))
 }
 
 // shallowHash computes a hash of t without looking at any of its
diff --git a/vendor/golang.org/x/tools/internal/event/core/event.go b/vendor/golang.org/x/tools/internal/event/core/event.go
index a6cf0e64a..ade5d1e79 100644
--- a/vendor/golang.org/x/tools/internal/event/core/event.go
+++ b/vendor/golang.org/x/tools/internal/event/core/event.go
@@ -28,11 +28,6 @@ type Event struct {
 	dynamic []label.Label  // dynamically sized storage for remaining labels
 }
 
-// eventLabelMap implements label.Map for a the labels of an Event.
-type eventLabelMap struct {
-	event Event
-}
-
 func (ev Event) At() time.Time { return ev.at }
 
 func (ev Event) Format(f fmt.State, r rune) {
diff --git a/vendor/golang.org/x/tools/internal/gcimporter/iexport.go b/vendor/golang.org/x/tools/internal/gcimporter/iexport.go
index 780873e3a..4a4357d2b 100644
--- a/vendor/golang.org/x/tools/internal/gcimporter/iexport.go
+++ b/vendor/golang.org/x/tools/internal/gcimporter/iexport.go
@@ -569,7 +569,6 @@ func (p *iexporter) exportName(obj types.Object) (res string) {
 
 type iexporter struct {
 	fset    *token.FileSet
-	out     *bytes.Buffer
 	version int
 
 	shallow    bool                // don't put types from other packages in the index
diff --git a/vendor/golang.org/x/tools/internal/gcimporter/iimport_go122.go b/vendor/golang.org/x/tools/internal/gcimporter/iimport_go122.go
deleted file mode 100644
index 7586bfaca..000000000
--- a/vendor/golang.org/x/tools/internal/gcimporter/iimport_go122.go
+++ /dev/null
@@ -1,53 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build go1.22 && !go1.24
-
-package gcimporter
-
-import (
-	"go/token"
-	"go/types"
-	"unsafe"
-)
-
-// TODO(rfindley): delete this workaround once go1.24 is assured.
-
-func init() {
-	// Update markBlack so that it correctly sets the color
-	// of imported TypeNames.
-	//
-	// See the doc comment for markBlack for details.
-
-	type color uint32
-	const (
-		white color = iota
-		black
-		grey
-	)
-	type object struct {
-		_      *types.Scope
-		_      token.Pos
-		_      *types.Package
-		_      string
-		_      types.Type
-		_      uint32
-		color_ color
-		_      token.Pos
-	}
-	type typeName struct {
-		object
-	}
-
-	// If the size of types.TypeName changes, this will fail to compile.
-	const delta = int64(unsafe.Sizeof(typeName{})) - int64(unsafe.Sizeof(types.TypeName{}))
-	var _ [-delta * delta]int
-
-	markBlack = func(obj *types.TypeName) {
-		type uP = unsafe.Pointer
-		var ptr *typeName
-		*(*uP)(uP(&ptr)) = uP(obj)
-		ptr.color_ = black
-	}
-}
diff --git a/vendor/golang.org/x/tools/internal/stdlib/deps.go b/vendor/golang.org/x/tools/internal/stdlib/deps.go
index 77cf8d218..96ad6c582 100644
--- a/vendor/golang.org/x/tools/internal/stdlib/deps.go
+++ b/vendor/golang.org/x/tools/internal/stdlib/deps.go
@@ -12,348 +12,354 @@ type pkginfo struct {
 }
 
 var deps = [...]pkginfo{
-	{"archive/tar", "\x03j\x03E5\x01\v\x01#\x01\x01\x02\x05\n\x02\x01\x02\x02\v"},
-	{"archive/zip", "\x02\x04`\a\x16\x0205\x01+\x05\x01\x11\x03\x02\r\x04"},
-	{"bufio", "\x03j}F\x13"},
-	{"bytes", "m+R\x03\fH\x02\x02"},
+	{"archive/tar", "\x03k\x03E;\x01\n\x01$\x01\x01\x02\x05\b\x02\x01\x02\x02\f"},
+	{"archive/zip", "\x02\x04a\a\x03\x12\x021;\x01+\x05\x01\x0f\x03\x02\x0e\x04"},
+	{"bufio", "\x03k\x83\x01D\x14"},
+	{"bytes", "n*Y\x03\fG\x02\x02"},
 	{"cmp", ""},
-	{"compress/bzip2", "\x02\x02\xe6\x01C"},
-	{"compress/flate", "\x02k\x03z\r\x025\x01\x03"},
-	{"compress/gzip", "\x02\x04`\a\x03\x15eU"},
-	{"compress/lzw", "\x02k\x03z"},
-	{"compress/zlib", "\x02\x04`\a\x03\x13\x01f"},
-	{"container/heap", "\xae\x02"},
+	{"compress/bzip2", "\x02\x02\xed\x01A"},
+	{"compress/flate", "\x02l\x03\x80\x01\f\x033\x01\x03"},
+	{"compress/gzip", "\x02\x04a\a\x03\x14lT"},
+	{"compress/lzw", "\x02l\x03\x80\x01"},
+	{"compress/zlib", "\x02\x04a\a\x03\x12\x01m"},
+	{"container/heap", "\xb3\x02"},
 	{"container/list", ""},
 	{"container/ring", ""},
-	{"context", "m\\i\x01\f"},
-	{"crypto", "\x83\x01gE"},
-	{"crypto/aes", "\x10\n\a\x8e\x02"},
-	{"crypto/cipher", "\x03\x1e\x01\x01\x1d\x11\x1c,Q"},
-	{"crypto/des", "\x10\x13\x1d-,\x96\x01\x03"},
-	{"crypto/dsa", "@\x04)}\x0e"},
-	{"crypto/ecdh", "\x03\v\f\x0e\x04\x14\x04\r\x1c}"},
-	{"crypto/ecdsa", "\x0e\x05\x03\x04\x01\x0e\x16\x01\x04\f\x01\x1c}\x0e\x04L\x01"},
-	{"crypto/ed25519", "\x0e\x1c\x16\n\a\x1c}E"},
-	{"crypto/elliptic", "0=}\x0e:"},
-	{"crypto/fips140", " \x05\x90\x01"},
-	{"crypto/hkdf", "-\x12\x01-\x16"},
-	{"crypto/hmac", "\x1a\x14\x11\x01\x112"},
+	{"context", "n\\m\x01\r"},
+	{"crypto", "\x83\x01nC"},
+	{"crypto/aes", "\x10\n\a\x93\x02"},
+	{"crypto/cipher", "\x03\x1e\x01\x01\x1e\x11\x1c+X"},
+	{"crypto/des", "\x10\x13\x1e-+\x9b\x01\x03"},
+	{"crypto/dsa", "A\x04)\x83\x01\r"},
+	{"crypto/ecdh", "\x03\v\f\x0e\x04\x15\x04\r\x1c\x83\x01"},
+	{"crypto/ecdsa", "\x0e\x05\x03\x04\x01\x0e\a\v\x05\x01\x04\f\x01\x1c\x83\x01\r\x05K\x01"},
+	{"crypto/ed25519", "\x0e\x1c\x11\x06\n\a\x1c\x83\x01C"},
+	{"crypto/elliptic", "0>\x83\x01\r9"},
+	{"crypto/fips140", " \x05"},
+	{"crypto/hkdf", "-\x13\x01-\x15"},
+	{"crypto/hmac", "\x1a\x14\x12\x01\x111"},
 	{"crypto/internal/boring", "\x0e\x02\rf"},
-	{"crypto/internal/boring/bbig", "\x1a\xde\x01M"},
-	{"crypto/internal/boring/bcache", "\xb3\x02\x12"},
+	{"crypto/internal/boring/bbig", "\x1a\xe4\x01M"},
+	{"crypto/internal/boring/bcache", "\xb8\x02\x13"},
 	{"crypto/internal/boring/sig", ""},
-	{"crypto/internal/cryptotest", "\x03\r\n)\x0e\x19\x06\x13\x12#\a\t\x11\x11\x11\x1b\x01\f\r\x05\n"},
-	{"crypto/internal/entropy", "E"},
-	{"crypto/internal/fips140", ">/}9\r\x15"},
-	{"crypto/internal/fips140/aes", "\x03\x1d\x03\x02\x13\x04\x01\x01\x05*\x8c\x016"},
-	{"crypto/internal/fips140/aes/gcm", " \x01\x02\x02\x02\x11\x04\x01\x06*\x8a\x01"},
-	{"crypto/internal/fips140/alias", "\xc5\x02"},
-	{"crypto/internal/fips140/bigmod", "%\x17\x01\x06*\x8c\x01"},
-	{"crypto/internal/fips140/check", " \x0e\x06\b\x02\xac\x01["},
-	{"crypto/internal/fips140/check/checktest", "%\xfe\x01\""},
-	{"crypto/internal/fips140/drbg", "\x03\x1c\x01\x01\x04\x13\x04\b\x01(}\x0f9"},
-	{"crypto/internal/fips140/ecdh", "\x03\x1d\x05\x02\t\f1}\x0f9"},
-	{"crypto/internal/fips140/ecdsa", "\x03\x1d\x04\x01\x02\a\x02\x067}H"},
-	{"crypto/internal/fips140/ed25519", "\x03\x1d\x05\x02\x04\v7\xc2\x01\x03"},
-	{"crypto/internal/fips140/edwards25519", "%\a\f\x041\x8c\x019"},
-	{"crypto/internal/fips140/edwards25519/field", "%\x13\x041\x8c\x01"},
-	{"crypto/internal/fips140/hkdf", "\x03\x1d\x05\t\x069"},
-	{"crypto/internal/fips140/hmac", "\x03\x1d\x14\x01\x017"},
-	{"crypto/internal/fips140/mlkem", "\x03\x1d\x05\x02\x0e\x03\x041"},
-	{"crypto/internal/fips140/nistec", "%\f\a\x041\x8c\x01*\x0f\x13"},
-	{"crypto/internal/fips140/nistec/fiat", "%\x135\x8c\x01"},
-	{"crypto/internal/fips140/pbkdf2", "\x03\x1d\x05\t\x069"},
-	{"crypto/internal/fips140/rsa", "\x03\x1d\x04\x01\x02\r\x01\x01\x025}H"},
-	{"crypto/internal/fips140/sha256", "\x03\x1d\x1c\x01\x06*\x8c\x01"},
-	{"crypto/internal/fips140/sha3", "\x03\x1d\x18\x04\x010\x8c\x01L"},
-	{"crypto/internal/fips140/sha512", "\x03\x1d\x1c\x01\x06*\x8c\x01"},
-	{"crypto/internal/fips140/ssh", " \x05"},
-	{"crypto/internal/fips140/subtle", "#"},
-	{"crypto/internal/fips140/tls12", "\x03\x1d\x05\t\x06\x027"},
-	{"crypto/internal/fips140/tls13", "\x03\x1d\x05\b\a\b1"},
+	{"crypto/internal/cryptotest", "\x03\r\n\x06$\x0e\x19\x06\x12\x12 \x04\a\t\x16\x01\x11\x11\x1b\x01\a\x05\b\x03\x05\v"},
+	{"crypto/internal/entropy", "F"},
+	{"crypto/internal/fips140", "?/\x15\xa7\x01\v\x16"},
+	{"crypto/internal/fips140/aes", "\x03\x1d\x03\x02\x13\x05\x01\x01\x05*\x92\x014"},
+	{"crypto/internal/fips140/aes/gcm", " \x01\x02\x02\x02\x11\x05\x01\x06*\x8f\x01"},
+	{"crypto/internal/fips140/alias", "\xcb\x02"},
+	{"crypto/internal/fips140/bigmod", "%\x18\x01\x06*\x92\x01"},
+	{"crypto/internal/fips140/check", " \x0e\x06\t\x02\xb2\x01Z"},
+	{"crypto/internal/fips140/check/checktest", "%\x85\x02!"},
+	{"crypto/internal/fips140/drbg", "\x03\x1c\x01\x01\x04\x13\x05\b\x01(\x83\x01\x0f7"},
+	{"crypto/internal/fips140/ecdh", "\x03\x1d\x05\x02\t\r1\x83\x01\x0f7"},
+	{"crypto/internal/fips140/ecdsa", "\x03\x1d\x04\x01\x02\a\x02\x068\x15nF"},
+	{"crypto/internal/fips140/ed25519", "\x03\x1d\x05\x02\x04\v8\xc6\x01\x03"},
+	{"crypto/internal/fips140/edwards25519", "%\a\f\x051\x92\x017"},
+	{"crypto/internal/fips140/edwards25519/field", "%\x13\x051\x92\x01"},
+	{"crypto/internal/fips140/hkdf", "\x03\x1d\x05\t\x06:\x15"},
+	{"crypto/internal/fips140/hmac", "\x03\x1d\x14\x01\x018\x15"},
+	{"crypto/internal/fips140/mlkem", "\x03\x1d\x05\x02\x0e\x03\x051"},
+	{"crypto/internal/fips140/nistec", "%\f\a\x051\x92\x01*\r\x14"},
+	{"crypto/internal/fips140/nistec/fiat", "%\x136\x92\x01"},
+	{"crypto/internal/fips140/pbkdf2", "\x03\x1d\x05\t\x06:\x15"},
+	{"crypto/internal/fips140/rsa", "\x03\x1d\x04\x01\x02\r\x01\x01\x026\x15nF"},
+	{"crypto/internal/fips140/sha256", "\x03\x1d\x1d\x01\x06*\x15}"},
+	{"crypto/internal/fips140/sha3", "\x03\x1d\x18\x05\x010\x92\x01K"},
+	{"crypto/internal/fips140/sha512", "\x03\x1d\x1d\x01\x06*\x15}"},
+	{"crypto/internal/fips140/ssh", "%^"},
+	{"crypto/internal/fips140/subtle", "#\x1a\xc3\x01"},
+	{"crypto/internal/fips140/tls12", "\x03\x1d\x05\t\x06\x028\x15"},
+	{"crypto/internal/fips140/tls13", "\x03\x1d\x05\b\a\t1\x15"},
+	{"crypto/internal/fips140cache", "\xaa\x02\r&"},
 	{"crypto/internal/fips140deps", ""},
 	{"crypto/internal/fips140deps/byteorder", "\x99\x01"},
-	{"crypto/internal/fips140deps/cpu", "\xad\x01\a"},
-	{"crypto/internal/fips140deps/godebug", "\xb5\x01"},
-	{"crypto/internal/fips140hash", "5\x1a4\xc2\x01"},
-	{"crypto/internal/fips140only", "'\r\x01\x01M25"},
+	{"crypto/internal/fips140deps/cpu", "\xae\x01\a"},
+	{"crypto/internal/fips140deps/godebug", "\xb6\x01"},
+	{"crypto/internal/fips140hash", "5\x1b3\xc8\x01"},
+	{"crypto/internal/fips140only", "'\r\x01\x01M3;"},
 	{"crypto/internal/fips140test", ""},
-	{"crypto/internal/hpke", "\x0e\x01\x01\x03\x1a\x1d#,`N"},
-	{"crypto/internal/impl", "\xb0\x02"},
-	{"crypto/internal/randutil", "\xea\x01\x12"},
-	{"crypto/internal/sysrand", "mi!\x1f\r\x0f\x01\x01\v\x06"},
-	{"crypto/internal/sysrand/internal/seccomp", "m"},
-	{"crypto/md5", "\x0e2-\x16\x16`"},
+	{"crypto/internal/hpke", "\x0e\x01\x01\x03\x053#+gM"},
+	{"crypto/internal/impl", "\xb5\x02"},
+	{"crypto/internal/randutil", "\xf1\x01\x12"},
+	{"crypto/internal/sysrand", "nn! \r\r\x01\x01\f\x06"},
+	{"crypto/internal/sysrand/internal/seccomp", "n"},
+	{"crypto/md5", "\x0e3-\x15\x16g"},
 	{"crypto/mlkem", "/"},
-	{"crypto/pbkdf2", "2\r\x01-\x16"},
-	{"crypto/rand", "\x1a\x06\a\x19\x04\x01(}\x0eM"},
-	{"crypto/rc4", "#\x1d-\xc2\x01"},
-	{"crypto/rsa", "\x0e\f\x01\t\x0f\f\x01\x04\x06\a\x1c\x03\x1325\r\x01"},
-	{"crypto/sha1", "\x0e\f&-\x16\x16\x14L"},
+	{"crypto/pbkdf2", "2\x0e\x01-\x15"},
+	{"crypto/rand", "\x1a\x06\a\x1a\x04\x01(\x83\x01\rM"},
+	{"crypto/rc4", "#\x1e-\xc6\x01"},
+	{"crypto/rsa", "\x0e\f\x01\t\x0f\r\x01\x04\x06\a\x1c\x03\x123;\f\x01"},
+	{"crypto/sha1", "\x0e\f'\x03*\x15\x16\x15R"},
 	{"crypto/sha256", "\x0e\f\x1aO"},
-	{"crypto/sha3", "\x0e'N\xc2\x01"},
+	{"crypto/sha3", "\x0e'N\xc8\x01"},
 	{"crypto/sha512", "\x0e\f\x1cM"},
-	{"crypto/subtle", "8\x96\x01U"},
-	{"crypto/tls", "\x03\b\x02\x01\x01\x01\x01\x02\x01\x01\x01\x03\x01\a\x01\v\x02\n\x01\b\x05\x03\x01\x01\x01\x01\x02\x01\x02\x01\x17\x02\x03\x13\x16\x14\b5\x16\x16\r\n\x01\x01\x01\x02\x01\f\x06\x02\x01"},
-	{"crypto/tls/internal/fips140tls", " \x93\x02"},
-	{"crypto/x509", "\x03\v\x01\x01\x01\x01\x01\x01\x01\x011\x03\x02\x01\x01\x02\x05\x0e\x06\x02\x02\x03E\x032\x01\x02\t\x01\x01\x01\a\x10\x05\x01\x06\x02\x05\f\x01\x02\r\x02\x01\x01\x02\x03\x01"},
-	{"crypto/x509/pkix", "c\x06\a\x88\x01G"},
-	{"database/sql", "\x03\nJ\x16\x03z\f\x06\"\x05\n\x02\x03\x01\f\x02\x02\x02"},
-	{"database/sql/driver", "\r`\x03\xae\x01\x11\x10"},
-	{"debug/buildinfo", "\x03W\x02\x01\x01\b\a\x03`\x18\x02\x01+\x0f "},
-	{"debug/dwarf", "\x03c\a\x03z1\x13\x01\x01"},
-	{"debug/elf", "\x03\x06P\r\a\x03`\x19\x01,\x19\x01\x15"},
-	{"debug/gosym", "\x03c\n\xbe\x01\x01\x01\x02"},
-	{"debug/macho", "\x03\x06P\r\n`\x1a,\x19\x01"},
-	{"debug/pe", "\x03\x06P\r\a\x03`\x1a,\x19\x01\x15"},
-	{"debug/plan9obj", "f\a\x03`\x1a,"},
-	{"embed", "m+:\x18\x01T"},
+	{"crypto/subtle", "8\x9b\x01W"},
+	{"crypto/tls", "\x03\b\x02\x01\x01\x01\x01\x02\x01\x01\x01\x02\x01\x01\a\x01\r\n\x01\t\x05\x03\x01\x01\x01\x01\x02\x01\x02\x01\x17\x02\x03\x12\x16\x15\b;\x16\x16\r\b\x01\x01\x01\x02\x01\r\x06\x02\x01\x0f"},
+	{"crypto/tls/internal/fips140tls", "\x17\xa1\x02"},
+	{"crypto/x509", "\x03\v\x01\x01\x01\x01\x01\x01\x01\x012\x05\x01\x01\x02\x05\x0e\x06\x02\x02\x03E\x038\x01\x02\b\x01\x01\x02\a\x10\x05\x01\x06\x02\x05\n\x01\x02\x0e\x02\x01\x01\x02\x03\x01"},
+	{"crypto/x509/pkix", "d\x06\a\x8d\x01G"},
+	{"database/sql", "\x03\nK\x16\x03\x80\x01\v\a\"\x05\b\x02\x03\x01\r\x02\x02\x02"},
+	{"database/sql/driver", "\ra\x03\xb4\x01\x0f\x11"},
+	{"debug/buildinfo", "\x03X\x02\x01\x01\b\a\x03e\x19\x02\x01+\x0f\x1f"},
+	{"debug/dwarf", "\x03d\a\x03\x80\x011\x11\x01\x01"},
+	{"debug/elf", "\x03\x06Q\r\a\x03e\x1a\x01,\x17\x01\x16"},
+	{"debug/gosym", "\x03d\n\xc2\x01\x01\x01\x02"},
+	{"debug/macho", "\x03\x06Q\r\ne\x1b,\x17\x01"},
+	{"debug/pe", "\x03\x06Q\r\a\x03e\x1b,\x17\x01\x16"},
+	{"debug/plan9obj", "g\a\x03e\x1b,"},
+	{"embed", "n*@\x19\x01S"},
 	{"embed/internal/embedtest", ""},
 	{"encoding", ""},
-	{"encoding/ascii85", "\xea\x01E"},
-	{"encoding/asn1", "\x03j\x03\x87\x01\x01&\x0f\x02\x01\x0f\x03\x01"},
-	{"encoding/base32", "\xea\x01C\x02"},
-	{"encoding/base64", "\x99\x01QC\x02"},
-	{"encoding/binary", "m}\r'\x0f\x05"},
-	{"encoding/csv", "\x02\x01j\x03zF\x11\x02"},
-	{"encoding/gob", "\x02_\x05\a\x03`\x1a\f\x01\x02\x1d\b\x14\x01\x0e\x02"},
-	{"encoding/hex", "m\x03zC\x03"},
-	{"encoding/json", "\x03\x01]\x04\b\x03z\r'\x0f\x02\x01\x02\x0f\x01\x01\x02"},
-	{"encoding/pem", "\x03b\b}C\x03"},
-	{"encoding/xml", "\x02\x01^\f\x03z4\x05\f\x01\x02\x0f\x02"},
-	{"errors", "\xc9\x01|"},
-	{"expvar", "jK9\t\n\x15\r\n\x02\x03\x01\x10"},
-	{"flag", "a\f\x03z,\b\x05\n\x02\x01\x0f"},
-	{"fmt", "mE8\r\x1f\b\x0f\x02\x03\x11"},
-	{"go/ast", "\x03\x01l\x0f\x01j\x03)\b\x0f\x02\x01"},
-	{"go/ast/internal/tests", ""},
-	{"go/build", "\x02\x01j\x03\x01\x03\x02\a\x02\x01\x17\x1e\x04\x02\t\x14\x12\x01+\x01\x04\x01\a\n\x02\x01\x11\x02\x02"},
-	{"go/build/constraint", "m\xc2\x01\x01\x11\x02"},
-	{"go/constant", "p\x10w\x01\x016\x01\x02\x11"},
-	{"go/doc", "\x04l\x01\x06\t=-1\x12\x02\x01\x11\x02"},
-	{"go/doc/comment", "\x03m\xbd\x01\x01\x01\x01\x11\x02"},
-	{"go/format", "\x03m\x01\f\x01\x02jF"},
-	{"go/importer", "s\a\x01\x01\x04\x01i9"},
-	{"go/internal/gccgoimporter", "\x02\x01W\x13\x03\x05\v\x01g\x02,\x01\x05\x13\x01\v\b"},
-	{"go/internal/gcimporter", "\x02n\x10\x01/\x05\x0e',\x17\x03\x02"},
-	{"go/internal/srcimporter", "p\x01\x02\n\x03\x01i,\x01\x05\x14\x02\x13"},
-	{"go/parser", "\x03j\x03\x01\x03\v\x01j\x01+\x06\x14"},
-	{"go/printer", "p\x01\x03\x03\tj\r\x1f\x17\x02\x01\x02\n\x05\x02"},
-	{"go/scanner", "\x03m\x10j2\x12\x01\x12\x02"},
-	{"go/token", "\x04l\xbd\x01\x02\x03\x01\x0e\x02"},
-	{"go/types", "\x03\x01\x06c\x03\x01\x04\b\x03\x02\x15\x1e\x06+\x04\x03\n%\a\n\x01\x01\x01\x02\x01\x0e\x02\x02"},
-	{"go/version", "\xba\x01v"},
-	{"hash", "\xea\x01"},
-	{"hash/adler32", "m\x16\x16"},
-	{"hash/crc32", "m\x16\x16\x14\x85\x01\x01\x12"},
-	{"hash/crc64", "m\x16\x16\x99\x01"},
-	{"hash/fnv", "m\x16\x16`"},
-	{"hash/maphash", "\x94\x01\x05\x1b\x03@N"},
-	{"html", "\xb0\x02\x02\x11"},
-	{"html/template", "\x03g\x06\x19,5\x01\v \x05\x01\x02\x03\x0e\x01\x02\v\x01\x03\x02"},
-	{"image", "\x02k\x1f^\x0f6\x03\x01"},
+	{"encoding/ascii85", "\xf1\x01C"},
+	{"encoding/asn1", "\x03k\x03\x8c\x01\x01'\r\x02\x01\x10\x03\x01"},
+	{"encoding/base32", "\xf1\x01A\x02"},
+	{"encoding/base64", "\x99\x01XA\x02"},
+	{"encoding/binary", "n\x83\x01\f(\r\x05"},
+	{"encoding/csv", "\x02\x01k\x03\x80\x01D\x12\x02"},
+	{"encoding/gob", "\x02`\x05\a\x03e\x1b\v\x01\x03\x1d\b\x12\x01\x0f\x02"},
+	{"encoding/hex", "n\x03\x80\x01A\x03"},
+	{"encoding/json", "\x03\x01^\x04\b\x03\x80\x01\f(\r\x02\x01\x02\x10\x01\x01\x02"},
+	{"encoding/pem", "\x03c\b\x83\x01A\x03"},
+	{"encoding/xml", "\x02\x01_\f\x03\x80\x014\x05\n\x01\x02\x10\x02"},
+	{"errors", "\xca\x01\x81\x01"},
+	{"expvar", "kK?\b\v\x15\r\b\x02\x03\x01\x11"},
+	{"flag", "b\f\x03\x80\x01,\b\x05\b\x02\x01\x10"},
+	{"fmt", "nE>\f \b\r\x02\x03\x12"},
+	{"go/ast", "\x03\x01m\x0e\x01q\x03)\b\r\x02\x01"},
+	{"go/build", "\x02\x01k\x03\x01\x02\x02\a\x02\x01\x17\x1f\x04\x02\t\x19\x13\x01+\x01\x04\x01\a\b\x02\x01\x12\x02\x02"},
+	{"go/build/constraint", "n\xc6\x01\x01\x12\x02"},
+	{"go/constant", "q\x0f}\x01\x024\x01\x02\x12"},
+	{"go/doc", "\x04m\x01\x05\t>31\x10\x02\x01\x12\x02"},
+	{"go/doc/comment", "\x03n\xc1\x01\x01\x01\x01\x12\x02"},
+	{"go/format", "\x03n\x01\v\x01\x02qD"},
+	{"go/importer", "s\a\x01\x01\x04\x01p9"},
+	{"go/internal/gccgoimporter", "\x02\x01X\x13\x03\x04\v\x01n\x02,\x01\x05\x11\x01\f\b"},
+	{"go/internal/gcimporter", "\x02o\x0f\x010\x05\x0e-,\x15\x03\x02"},
+	{"go/internal/srcimporter", "q\x01\x01\n\x03\x01p,\x01\x05\x12\x02\x14"},
+	{"go/parser", "\x03k\x03\x01\x02\v\x01q\x01+\x06\x12"},
+	{"go/printer", "q\x01\x02\x03\tq\f \x15\x02\x01\x02\v\x05\x02"},
+	{"go/scanner", "\x03n\x0fq2\x10\x01\x13\x02"},
+	{"go/token", "\x04m\x83\x01>\x02\x03\x01\x0f\x02"},
+	{"go/types", "\x03\x01\x06d\x03\x01\x03\b\x03\x02\x15\x1f\x061\x04\x03\t \x06\a\b\x01\x01\x01\x02\x01\x0f\x02\x02"},
+	{"go/version", "\xbb\x01z"},
+	{"hash", "\xf1\x01"},
+	{"hash/adler32", "n\x15\x16"},
+	{"hash/crc32", "n\x15\x16\x15\x89\x01\x01\x13"},
+	{"hash/crc64", "n\x15\x16\x9e\x01"},
+	{"hash/fnv", "n\x15\x16g"},
+	{"hash/maphash", "\x83\x01\x11!\x03\x93\x01"},
+	{"html", "\xb5\x02\x02\x12"},
+	{"html/template", "\x03h\x06\x18-;\x01\n!\x05\x01\x02\x03\f\x01\x02\f\x01\x03\x02"},
+	{"image", "\x02l\x1ee\x0f4\x03\x01"},
 	{"image/color", ""},
 	{"image/color/palette", "\x8c\x01"},
 	{"image/draw", "\x8b\x01\x01\x04"},
-	{"image/gif", "\x02\x01\x05e\x03\x1b\x01\x01\x01\vQ"},
+	{"image/gif", "\x02\x01\x05f\x03\x1a\x01\x01\x01\vX"},
 	{"image/internal/imageutil", "\x8b\x01"},
-	{"image/jpeg", "\x02k\x1e\x01\x04Z"},
-	{"image/png", "\x02\a]\n\x13\x02\x06\x01^E"},
-	{"index/suffixarray", "\x03c\a}\r*\f\x01"},
-	{"internal/abi", "\xb4\x01\x91\x01"},
-	{"internal/asan", "\xc5\x02"},
-	{"internal/bisect", "\xa3\x02\x0f\x01"},
-	{"internal/buildcfg", "pG_\x06\x02\x05\f\x01"},
-	{"internal/bytealg", "\xad\x01\x98\x01"},
+	{"image/jpeg", "\x02l\x1d\x01\x04a"},
+	{"image/png", "\x02\a^\n\x12\x02\x06\x01eC"},
+	{"index/suffixarray", "\x03d\a\x83\x01\f+\n\x01"},
+	{"internal/abi", "\xb5\x01\x96\x01"},
+	{"internal/asan", "\xcb\x02"},
+	{"internal/bisect", "\xaa\x02\r\x01"},
+	{"internal/buildcfg", "qGe\x06\x02\x05\n\x01"},
+	{"internal/bytealg", "\xae\x01\x9d\x01"},
 	{"internal/byteorder", ""},
 	{"internal/cfg", ""},
-	{"internal/chacha8rand", "\x99\x01\x1b\x91\x01"},
+	{"internal/cgrouptest", "q[Q\x06\x0f\x02\x01\x04\x01"},
+	{"internal/chacha8rand", "\x99\x01\x15\a\x96\x01"},
 	{"internal/copyright", ""},
 	{"internal/coverage", ""},
 	{"internal/coverage/calloc", ""},
-	{"internal/coverage/cfile", "j\x06\x17\x16\x01\x02\x01\x01\x01\x01\x01\x01\x01#\x01\x1f,\x06\a\f\x01\x03\f\x06"},
-	{"internal/coverage/cformat", "\x04l-\x04I\f7\x01\x02\f"},
-	{"internal/coverage/cmerge", "p-Z"},
-	{"internal/coverage/decodecounter", "f\n-\v\x02@,\x19\x16"},
-	{"internal/coverage/decodemeta", "\x02d\n\x17\x16\v\x02@,"},
-	{"internal/coverage/encodecounter", "\x02d\n-\f\x01\x02>\f \x17"},
-	{"internal/coverage/encodemeta", "\x02\x01c\n\x13\x04\x16\r\x02>,/"},
-	{"internal/coverage/pods", "\x04l-y\x06\x05\f\x02\x01"},
-	{"internal/coverage/rtcov", "\xc5\x02"},
-	{"internal/coverage/slicereader", "f\nz["},
-	{"internal/coverage/slicewriter", "pz"},
-	{"internal/coverage/stringtab", "p8\x04>"},
+	{"internal/coverage/cfile", "k\x06\x16\x17\x01\x02\x01\x01\x01\x01\x01\x01\x01#\x02$,\x06\a\n\x01\x03\r\x06"},
+	{"internal/coverage/cformat", "\x04m-\x04O\v6\x01\x02\r"},
+	{"internal/coverage/cmerge", "q-_"},
+	{"internal/coverage/decodecounter", "g\n-\v\x02F,\x17\x17"},
+	{"internal/coverage/decodemeta", "\x02e\n\x16\x17\v\x02F,"},
+	{"internal/coverage/encodecounter", "\x02e\n-\f\x01\x02D\v!\x15"},
+	{"internal/coverage/encodemeta", "\x02\x01d\n\x12\x04\x17\r\x02D,."},
+	{"internal/coverage/pods", "\x04m-\x7f\x06\x05\n\x02\x01"},
+	{"internal/coverage/rtcov", "\xcb\x02"},
+	{"internal/coverage/slicereader", "g\n\x80\x01Z"},
+	{"internal/coverage/slicewriter", "q\x80\x01"},
+	{"internal/coverage/stringtab", "q8\x04D"},
 	{"internal/coverage/test", ""},
 	{"internal/coverage/uleb128", ""},
-	{"internal/cpu", "\xc5\x02"},
-	{"internal/dag", "\x04l\xbd\x01\x03"},
-	{"internal/diff", "\x03m\xbe\x01\x02"},
-	{"internal/exportdata", "\x02\x01j\x03\x03]\x1a,\x01\x05\x13\x01\x02"},
-	{"internal/filepathlite", "m+:\x19B"},
-	{"internal/fmtsort", "\x04\x9a\x02\x0f"},
-	{"internal/fuzz", "\x03\nA\x18\x04\x03\x03\x01\f\x0355\r\x02\x1d\x01\x05\x02\x05\f\x01\x02\x01\x01\v\x04\x02"},
+	{"internal/cpu", "\xcb\x02"},
+	{"internal/dag", "\x04m\xc1\x01\x03"},
+	{"internal/diff", "\x03n\xc2\x01\x02"},
+	{"internal/exportdata", "\x02\x01k\x03\x02c\x1b,\x01\x05\x11\x01\x02"},
+	{"internal/filepathlite", "n*@\x1a@"},
+	{"internal/fmtsort", "\x04\xa1\x02\r"},
+	{"internal/fuzz", "\x03\nB\x18\x04\x03\x03\x01\v\x036;\f\x03\x1d\x01\x05\x02\x05\n\x01\x02\x01\x01\f\x04\x02"},
 	{"internal/goarch", ""},
-	{"internal/godebug", "\x96\x01 |\x01\x12"},
+	{"internal/godebug", "\x96\x01!\x80\x01\x01\x13"},
 	{"internal/godebugs", ""},
 	{"internal/goexperiment", ""},
 	{"internal/goos", ""},
-	{"internal/goroot", "\x96\x02\x01\x05\x14\x02"},
+	{"internal/goroot", "\x9d\x02\x01\x05\x12\x02"},
 	{"internal/gover", "\x04"},
 	{"internal/goversion", ""},
 	{"internal/itoa", ""},
-	{"internal/lazyregexp", "\x96\x02\v\x0f\x02"},
-	{"internal/lazytemplate", "\xea\x01,\x1a\x02\v"},
-	{"internal/msan", "\xc5\x02"},
+	{"internal/lazyregexp", "\x9d\x02\v\r\x02"},
+	{"internal/lazytemplate", "\xf1\x01,\x18\x02\f"},
+	{"internal/msan", "\xcb\x02"},
 	{"internal/nettrace", ""},
-	{"internal/obscuretestdata", "e\x85\x01,"},
-	{"internal/oserror", "m"},
-	{"internal/pkgbits", "\x03K\x18\a\x03\x05\vj\x0e\x1e\r\f\x01"},
+	{"internal/obscuretestdata", "f\x8b\x01,"},
+	{"internal/oserror", "n"},
+	{"internal/pkgbits", "\x03L\x18\a\x03\x04\vq\r\x1f\r\n\x01"},
 	{"internal/platform", ""},
-	{"internal/poll", "mO\x1a\x149\x0f\x01\x01\v\x06"},
-	{"internal/profile", "\x03\x04f\x03z7\r\x01\x01\x0f"},
+	{"internal/poll", "nO\x1f\x159\r\x01\x01\f\x06"},
+	{"internal/profile", "\x03\x04g\x03\x80\x017\v\x01\x01\x10"},
 	{"internal/profilerecord", ""},
-	{"internal/race", "\x94\x01\xb1\x01"},
-	{"internal/reflectlite", "\x94\x01 3<\""},
-	{"internal/runtime/atomic", "\xc5\x02"},
-	{"internal/runtime/exithook", "\xca\x01{"},
-	{"internal/runtime/maps", "\x94\x01\x01\x1f\v\t\x05\x01w"},
-	{"internal/runtime/math", "\xb4\x01"},
-	{"internal/runtime/sys", "\xb4\x01\x04"},
-	{"internal/runtime/syscall", "\xc5\x02"},
-	{"internal/saferio", "\xea\x01["},
-	{"internal/singleflight", "\xb2\x02"},
-	{"internal/stringslite", "\x98\x01\xad\x01"},
-	{"internal/sync", "\x94\x01 \x14k\x12"},
-	{"internal/synctest", "\xc5\x02"},
-	{"internal/syscall/execenv", "\xb4\x02"},
-	{"internal/syscall/unix", "\xa3\x02\x10\x01\x11"},
-	{"internal/sysinfo", "\x02\x01\xaa\x01=,\x1a\x02"},
+	{"internal/race", "\x94\x01\xb7\x01"},
+	{"internal/reflectlite", "\x94\x01!9<!"},
+	{"internal/runtime/atomic", "\xb5\x01\x96\x01"},
+	{"internal/runtime/cgroup", "\x98\x01:\x02w"},
+	{"internal/runtime/exithook", "\xcb\x01\x80\x01"},
+	{"internal/runtime/gc", "\xb5\x01"},
+	{"internal/runtime/maps", "\x94\x01\x01 \v\t\a\x03x"},
+	{"internal/runtime/math", "\xb5\x01"},
+	{"internal/runtime/startlinetest", ""},
+	{"internal/runtime/strconv", "\xd0\x01"},
+	{"internal/runtime/sys", "\xb5\x01\x04"},
+	{"internal/runtime/syscall", "\xb5\x01\x96\x01"},
+	{"internal/runtime/wasitest", ""},
+	{"internal/saferio", "\xf1\x01Z"},
+	{"internal/singleflight", "\xb7\x02"},
+	{"internal/stringslite", "\x98\x01\xb3\x01"},
+	{"internal/sync", "\x94\x01!\x14o\x13"},
+	{"internal/synctest", "\x94\x01\xb7\x01"},
+	{"internal/syscall/execenv", "\xb9\x02"},
+	{"internal/syscall/unix", "\xaa\x02\x0e\x01\x12"},
+	{"internal/sysinfo", "\x02\x01\xab\x01C,\x18\x02"},
 	{"internal/syslist", ""},
-	{"internal/testenv", "\x03\n`\x02\x01*\x1a\x10'+\x01\x05\a\f\x01\x02\x02\x01\n"},
-	{"internal/testlog", "\xb2\x02\x01\x12"},
-	{"internal/testpty", "m\x03\xa6\x01"},
-	{"internal/trace", "\x02\x01\x01\x06\\\a\x03n\x03\x03\x06\x03\n6\x01\x02\x0f\x06"},
-	{"internal/trace/internal/testgen", "\x03c\nl\x03\x02\x03\x011\v\x0f"},
-	{"internal/trace/internal/tracev1", "\x03\x01b\a\x03t\x06\r6\x01"},
-	{"internal/trace/raw", "\x02d\nq\x03\x06E\x01\x11"},
-	{"internal/trace/testtrace", "\x02\x01j\x03l\x03\x06\x057\f\x02\x01"},
+	{"internal/testenv", "\x03\na\x02\x01)\x1b\x10-+\x01\x05\a\n\x01\x02\x02\x01\v"},
+	{"internal/testhash", "\x03\x80\x01n\x118\v"},
+	{"internal/testlog", "\xb7\x02\x01\x13"},
+	{"internal/testpty", "n\x03\xac\x01"},
+	{"internal/trace", "\x02\x01\x01\x06]\a\x03t\x03\x03\x06\x03\t5\x01\x01\x01\x10\x06"},
+	{"internal/trace/internal/testgen", "\x03d\nr\x03\x02\x03\x011\v\r\x10"},
+	{"internal/trace/internal/tracev1", "\x03\x01c\a\x03z\x06\f5\x01"},
+	{"internal/trace/raw", "\x02e\nw\x03\x06C\x01\x12"},
+	{"internal/trace/testtrace", "\x02\x01k\x03r\x03\x05\x01\x057\n\x02\x01"},
 	{"internal/trace/tracev2", ""},
-	{"internal/trace/traceviewer", "\x02]\v\x06\x1a<\x16\a\a\x04\t\n\x15\x01\x05\a\f\x01\x02\r"},
+	{"internal/trace/traceviewer", "\x02^\v\x06\x19=\x1c\a\a\x04\b\v\x15\x01\x05\a\n\x01\x02\x0e"},
 	{"internal/trace/traceviewer/format", ""},
-	{"internal/trace/version", "pq\t"},
-	{"internal/txtar", "\x03m\xa6\x01\x1a"},
-	{"internal/types/errors", "\xaf\x02"},
-	{"internal/unsafeheader", "\xc5\x02"},
-	{"internal/xcoff", "Y\r\a\x03`\x1a,\x19\x01"},
-	{"internal/zstd", "f\a\x03z\x0f"},
-	{"io", "m\xc5\x01"},
-	{"io/fs", "m+*(1\x12\x12\x04"},
-	{"io/ioutil", "\xea\x01\x01+\x17\x03"},
-	{"iter", "\xc8\x01[\""},
-	{"log", "pz\x05'\r\x0f\x01\f"},
+	{"internal/trace/version", "qw\t"},
+	{"internal/txtar", "\x03n\xac\x01\x18"},
+	{"internal/types/errors", "\xb4\x02"},
+	{"internal/unsafeheader", "\xcb\x02"},
+	{"internal/xcoff", "Z\r\a\x03e\x1b,\x17\x01"},
+	{"internal/zstd", "g\a\x03\x80\x01\x0f"},
+	{"io", "n\xc9\x01"},
+	{"io/fs", "n*+.1\x10\x13\x04"},
+	{"io/ioutil", "\xf1\x01\x01+\x15\x03"},
+	{"iter", "\xc9\x01a!"},
+	{"log", "q\x80\x01\x05'\r\r\x01\r"},
 	{"log/internal", ""},
-	{"log/slog", "\x03\nT\t\x03\x03z\x04\x01\x02\x02\x04'\x05\n\x02\x01\x02\x01\f\x02\x02\x02"},
+	{"log/slog", "\x03\nU\t\x03\x03\x80\x01\x04\x01\x02\x02\x03(\x05\b\x02\x01\x02\x01\r\x02\x02\x02"},
 	{"log/slog/internal", ""},
-	{"log/slog/internal/benchmarks", "\r`\x03z\x06\x03<\x10"},
-	{"log/slog/internal/buffer", "\xb2\x02"},
-	{"log/slog/internal/slogtest", "\xf0\x01"},
-	{"log/syslog", "m\x03~\x12\x16\x1a\x02\r"},
-	{"maps", "\xed\x01X"},
-	{"math", "\xad\x01LL"},
-	{"math/big", "\x03j\x03)\x14=\r\x02\x024\x01\x02\x13"},
-	{"math/bits", "\xc5\x02"},
-	{"math/cmplx", "\xf7\x01\x02"},
-	{"math/rand", "\xb5\x01B;\x01\x12"},
-	{"math/rand/v2", "m,\x02\\\x02L"},
-	{"mime", "\x02\x01b\b\x03z\f \x17\x03\x02\x0f\x02"},
-	{"mime/multipart", "\x02\x01G#\x03E5\f\x01\x06\x02\x15\x02\x06\x11\x02\x01\x15"},
-	{"mime/quotedprintable", "\x02\x01mz"},
-	{"net", "\x04\t`+\x1d\a\x04\x05\f\x01\x04\x14\x01%\x06\r\n\x05\x01\x01\v\x06\a"},
-	{"net/http", "\x02\x01\x04\x04\x02=\b\x13\x01\a\x03E5\x01\x03\b\x01\x02\x02\x02\x01\x02\x06\x02\x01\x01\n\x01\x01\x05\x01\x02\x05\n\x01\x01\x01\x02\x01\x01\v\x02\x02\x02\b\x01\x01\x01"},
-	{"net/http/cgi", "\x02P\x1b\x03z\x04\b\n\x01\x13\x01\x01\x01\x04\x01\x05\x02\n\x02\x01\x0f\x0e"},
-	{"net/http/cookiejar", "\x04i\x03\x90\x01\x01\b\f\x18\x03\x02\r\x04"},
-	{"net/http/fcgi", "\x02\x01\nY\a\x03z\x16\x01\x01\x14\x1a\x02\r"},
-	{"net/http/httptest", "\x02\x01\nE\x02\x1b\x01z\x04\x12\x01\n\t\x02\x19\x01\x02\r\x0e"},
-	{"net/http/httptrace", "\rEn@\x14\n!"},
-	{"net/http/httputil", "\x02\x01\n`\x03z\x04\x0f\x03\x01\x05\x02\x01\v\x01\x1b\x02\r\x0e"},
-	{"net/http/internal", "\x02\x01j\x03z"},
-	{"net/http/internal/ascii", "\xb0\x02\x11"},
-	{"net/http/internal/httpcommon", "\r`\x03\x96\x01\x0e\x01\x19\x01\x01\x02\x1b\x02"},
-	{"net/http/internal/testcert", "\xb0\x02"},
-	{"net/http/pprof", "\x02\x01\nc\x19,\x11$\x04\x13\x14\x01\r\x06\x03\x01\x02\x01\x0f"},
+	{"log/slog/internal/benchmarks", "\ra\x03\x80\x01\x06\x03:\x11"},
+	{"log/slog/internal/buffer", "\xb7\x02"},
+	{"log/syslog", "n\x03\x84\x01\x12\x16\x18\x02\x0e"},
+	{"maps", "\xf4\x01W"},
+	{"math", "\xae\x01RK"},
+	{"math/big", "\x03k\x03(\x15C\f\x03\x020\x02\x01\x02\x14"},
+	{"math/big/internal/asmgen", "\x03\x01m\x8f\x012\x03"},
+	{"math/bits", "\xcb\x02"},
+	{"math/cmplx", "\xfd\x01\x03"},
+	{"math/rand", "\xb6\x01G:\x01\x13"},
+	{"math/rand/v2", "n+\x03a\x03K"},
+	{"mime", "\x02\x01c\b\x03\x80\x01\v!\x15\x03\x02\x10\x02"},
+	{"mime/multipart", "\x02\x01H#\x03E;\v\x01\a\x02\x15\x02\x06\x0f\x02\x01\x16"},
+	{"mime/quotedprintable", "\x02\x01n\x80\x01"},
+	{"net", "\x04\ta*\x1e\a\x04\x05\x11\x01\x04\x15\x01%\x06\r\b\x05\x01\x01\f\x06\a"},
+	{"net/http", "\x02\x01\x04\x04\x02>\b\x13\x01\a\x03E;\x01\x03\a\x01\x03\x02\x02\x01\x02\x06\x02\x01\x01\n\x01\x01\x05\x01\x02\x05\b\x01\x01\x01\x02\x01\r\x02\x02\x02\b\x01\x01\x01"},
+	{"net/http/cgi", "\x02Q\x1b\x03\x80\x01\x04\a\v\x01\x13\x01\x01\x01\x04\x01\x05\x02\b\x02\x01\x10\x0e"},
+	{"net/http/cookiejar", "\x04j\x03\x96\x01\x01\b\f\x16\x03\x02\x0e\x04"},
+	{"net/http/fcgi", "\x02\x01\nZ\a\x03\x80\x01\x16\x01\x01\x14\x18\x02\x0e"},
+	{"net/http/httptest", "\x02\x01\nF\x02\x1b\x01\x80\x01\x04\x12\x01\n\t\x02\x17\x01\x02\x0e\x0e"},
+	{"net/http/httptrace", "\rFnF\x14\n "},
+	{"net/http/httputil", "\x02\x01\na\x03\x80\x01\x04\x0f\x03\x01\x05\x02\x01\v\x01\x19\x02\x0e\x0e"},
+	{"net/http/internal", "\x02\x01k\x03\x80\x01"},
+	{"net/http/internal/ascii", "\xb5\x02\x12"},
+	{"net/http/internal/httpcommon", "\ra\x03\x9c\x01\x0e\x01\x17\x01\x01\x02\x1c\x02"},
+	{"net/http/internal/testcert", "\xb5\x02"},
+	{"net/http/pprof", "\x02\x01\nd\x18-\x11*\x04\x13\x14\x01\r\x04\x03\x01\x02\x01\x10"},
 	{"net/internal/cgotest", ""},
-	{"net/internal/socktest", "p\xc2\x01\x02"},
-	{"net/mail", "\x02k\x03z\x04\x0f\x03\x14\x1c\x02\r\x04"},
-	{"net/netip", "\x04i+\x01#;\x026\x15"},
-	{"net/rpc", "\x02f\x05\x03\x10\n`\x04\x12\x01\x1d\x0f\x03\x02"},
-	{"net/rpc/jsonrpc", "j\x03\x03z\x16\x11!"},
-	{"net/smtp", "\x19.\v\x13\b\x03z\x16\x14\x1c"},
-	{"net/textproto", "\x02\x01j\x03z\r\t/\x01\x02\x13"},
-	{"net/url", "m\x03\x86\x01%\x12\x02\x01\x15"},
-	{"os", "m+\x01\x18\x03\b\t\r\x03\x01\x04\x10\x018\n\x05\x01\x01\v\x06"},
-	{"os/exec", "\x03\n`H \x01\x14\x01+\x06\a\f\x01\x04\v"},
-	{"os/exec/internal/fdtest", "\xb4\x02"},
-	{"os/signal", "\r\x89\x02\x17\x05\x02"},
-	{"os/user", "\x02\x01j\x03z,\r\f\x01\x02"},
-	{"path", "m+\xab\x01"},
-	{"path/filepath", "m+\x19:+\r\n\x03\x04\x0f"},
-	{"plugin", "m"},
-	{"reflect", "m'\x04\x1c\b\f\x04\x02\x19\x10,\f\x03\x0f\x02\x02"},
+	{"net/internal/socktest", "q\xc6\x01\x02"},
+	{"net/mail", "\x02l\x03\x80\x01\x04\x0f\x03\x14\x1a\x02\x0e\x04"},
+	{"net/netip", "\x04j*\x01$@\x034\x16"},
+	{"net/rpc", "\x02g\x05\x03\x0f\ng\x04\x12\x01\x1d\r\x03\x02"},
+	{"net/rpc/jsonrpc", "k\x03\x03\x80\x01\x16\x11\x1f"},
+	{"net/smtp", "\x19/\v\x13\b\x03\x80\x01\x16\x14\x1a"},
+	{"net/textproto", "\x02\x01k\x03\x80\x01\f\n-\x01\x02\x14"},
+	{"net/url", "n\x03\x8b\x01&\x10\x02\x01\x16"},
+	{"os", "n*\x01\x19\x03\b\t\x12\x03\x01\x05\x10\x018\b\x05\x01\x01\f\x06"},
+	{"os/exec", "\x03\naH%\x01\x15\x01+\x06\a\n\x01\x04\f"},
+	{"os/exec/internal/fdtest", "\xb9\x02"},
+	{"os/signal", "\r\x90\x02\x15\x05\x02"},
+	{"os/user", "\x02\x01k\x03\x80\x01,\r\n\x01\x02"},
+	{"path", "n*\xb1\x01"},
+	{"path/filepath", "n*\x1a@+\r\b\x03\x04\x10"},
+	{"plugin", "n"},
+	{"reflect", "n&\x04\x1d\b\f\x06\x04\x1b\x06\t-\n\x03\x10\x02\x02"},
 	{"reflect/internal/example1", ""},
 	{"reflect/internal/example2", ""},
-	{"regexp", "\x03\xe7\x018\v\x02\x01\x02\x0f\x02"},
-	{"regexp/syntax", "\xad\x02\x01\x01\x01\x11\x02"},
-	{"runtime", "\x94\x01\x04\x01\x02\f\x06\a\x02\x01\x01\x0f\x03\x01\x01\x01\x01\x01\x03\x0fd"},
-	{"runtime/coverage", "\x9f\x01K"},
-	{"runtime/debug", "pUQ\r\n\x02\x01\x0f\x06"},
-	{"runtime/internal/startlinetest", ""},
-	{"runtime/internal/wasitest", ""},
-	{"runtime/metrics", "\xb6\x01A,\""},
-	{"runtime/pprof", "\x02\x01\x01\x03\x06Y\a\x03$3#\r\x1f\r\n\x01\x01\x01\x02\x02\b\x03\x06"},
-	{"runtime/race", "\xab\x02"},
+	{"regexp", "\x03\xee\x018\t\x02\x01\x02\x10\x02"},
+	{"regexp/syntax", "\xb2\x02\x01\x01\x01\x02\x10\x02"},
+	{"runtime", "\x94\x01\x04\x01\x03\f\x06\a\x02\x01\x01\x0f\x03\x01\x01\x01\x01\x01\x02\x01\x01\x04\x10c"},
+	{"runtime/coverage", "\xa0\x01Q"},
+	{"runtime/debug", "qUW\r\b\x02\x01\x10\x06"},
+	{"runtime/metrics", "\xb7\x01F-!"},
+	{"runtime/pprof", "\x02\x01\x01\x03\x06Z\a\x03#4)\f \r\b\x01\x01\x01\x02\x02\t\x03\x06"},
+	{"runtime/race", "\xb0\x02"},
 	{"runtime/race/internal/amd64v1", ""},
-	{"runtime/trace", "\rcz9\x0f\x01\x12"},
-	{"slices", "\x04\xe9\x01\fL"},
-	{"sort", "\xc9\x0104"},
-	{"strconv", "m+:%\x02J"},
-	{"strings", "m'\x04:\x18\x03\f9\x0f\x02\x02"},
+	{"runtime/trace", "\ra\x03w\t9\b\x05\x01\r\x06"},
+	{"slices", "\x04\xf0\x01\fK"},
+	{"sort", "\xca\x0162"},
+	{"strconv", "n*@%\x03I"},
+	{"strings", "n&\x04@\x19\x03\f7\x10\x02\x02"},
 	{"structs", ""},
-	{"sync", "\xc8\x01\vP\x10\x12"},
-	{"sync/atomic", "\xc5\x02"},
-	{"syscall", "m(\x03\x01\x1b\b\x03\x03\x06\aT\n\x05\x01\x12"},
-	{"testing", "\x03\n`\x02\x01X\x0f\x13\r\x04\x1b\x06\x02\x05\x02\a\x01\x02\x01\x02\x01\f\x02\x02\x02"},
-	{"testing/fstest", "m\x03z\x01\v%\x12\x03\b\a"},
-	{"testing/internal/testdeps", "\x02\v\xa6\x01'\x10,\x03\x05\x03\b\a\x02\r"},
-	{"testing/iotest", "\x03j\x03z\x04"},
-	{"testing/quick", "o\x01\x87\x01\x04#\x12\x0f"},
-	{"testing/slogtest", "\r`\x03\x80\x01.\x05\x12\n"},
-	{"text/scanner", "\x03mz,+\x02"},
-	{"text/tabwriter", "pzY"},
-	{"text/template", "m\x03B8\x01\v\x1f\x01\x05\x01\x02\x05\r\x02\f\x03\x02"},
-	{"text/template/parse", "\x03m\xb3\x01\f\x01\x11\x02"},
-	{"time", "m+\x1d\x1d'*\x0f\x02\x11"},
-	{"time/tzdata", "m\xc7\x01\x11"},
+	{"sync", "\xc9\x01\x10\x01P\x0e\x13"},
+	{"sync/atomic", "\xcb\x02"},
+	{"syscall", "n'\x03\x01\x1c\b\x03\x03\x06\vV\b\x05\x01\x13"},
+	{"testing", "\x03\na\x02\x01X\x14\x14\f\x05\x1b\x06\x02\x05\x02\x05\x01\x02\x01\x02\x01\r\x02\x02\x02"},
+	{"testing/fstest", "n\x03\x80\x01\x01\n&\x10\x03\b\b"},
+	{"testing/internal/testdeps", "\x02\v\xa7\x01-\x10,\x03\x05\x03\x06\a\x02\x0e"},
+	{"testing/iotest", "\x03k\x03\x80\x01\x04"},
+	{"testing/quick", "p\x01\x8c\x01\x05#\x10\x10"},
+	{"testing/slogtest", "\ra\x03\x86\x01.\x05\x10\v"},
+	{"testing/synctest", "\xda\x01`\x11"},
+	{"text/scanner", "\x03n\x80\x01,*\x02"},
+	{"text/tabwriter", "q\x80\x01X"},
+	{"text/template", "n\x03B>\x01\n \x01\x05\x01\x02\x05\v\x02\r\x03\x02"},
+	{"text/template/parse", "\x03n\xb9\x01\n\x01\x12\x02"},
+	{"time", "n*\x1e\"(*\r\x02\x12"},
+	{"time/tzdata", "n\xcb\x01\x12"},
 	{"unicode", ""},
 	{"unicode/utf16", ""},
 	{"unicode/utf8", ""},
-	{"unique", "\x94\x01>\x01P\x0f\x13\x12"},
+	{"unique", "\x94\x01!#\x01Q\r\x01\x13\x12"},
 	{"unsafe", ""},
-	{"vendor/golang.org/x/crypto/chacha20", "\x10V\a\x8c\x01*'"},
-	{"vendor/golang.org/x/crypto/chacha20poly1305", "\x10V\a\xd9\x01\x04\x01\a"},
-	{"vendor/golang.org/x/crypto/cryptobyte", "c\n\x03\x88\x01&!\n"},
+	{"vendor/golang.org/x/crypto/chacha20", "\x10W\a\x92\x01*&"},
+	{"vendor/golang.org/x/crypto/chacha20poly1305", "\x10W\a\xde\x01\x04\x01\a"},
+	{"vendor/golang.org/x/crypto/cryptobyte", "d\n\x03\x8d\x01' \n"},
 	{"vendor/golang.org/x/crypto/cryptobyte/asn1", ""},
-	{"vendor/golang.org/x/crypto/internal/alias", "\xc5\x02"},
-	{"vendor/golang.org/x/crypto/internal/poly1305", "Q\x15\x93\x01"},
-	{"vendor/golang.org/x/net/dns/dnsmessage", "m"},
-	{"vendor/golang.org/x/net/http/httpguts", "\x80\x02\x14\x1c\x13\r"},
-	{"vendor/golang.org/x/net/http/httpproxy", "m\x03\x90\x01\x15\x01\x1a\x13\r"},
-	{"vendor/golang.org/x/net/http2/hpack", "\x03j\x03zH"},
-	{"vendor/golang.org/x/net/idna", "p\x87\x019\x13\x10\x02\x01"},
-	{"vendor/golang.org/x/net/nettest", "\x03c\a\x03z\x11\x05\x16\x01\f\f\x01\x02\x02\x01\n"},
-	{"vendor/golang.org/x/sys/cpu", "\x96\x02\r\f\x01\x15"},
-	{"vendor/golang.org/x/text/secure/bidirule", "m\xd6\x01\x11\x01"},
-	{"vendor/golang.org/x/text/transform", "\x03j}Y"},
-	{"vendor/golang.org/x/text/unicode/bidi", "\x03\be~@\x15"},
-	{"vendor/golang.org/x/text/unicode/norm", "f\nzH\x11\x11"},
-	{"weak", "\x94\x01\x8f\x01\""},
+	{"vendor/golang.org/x/crypto/internal/alias", "\xcb\x02"},
+	{"vendor/golang.org/x/crypto/internal/poly1305", "R\x15\x99\x01"},
+	{"vendor/golang.org/x/net/dns/dnsmessage", "n"},
+	{"vendor/golang.org/x/net/http/httpguts", "\x87\x02\x14\x1a\x14\r"},
+	{"vendor/golang.org/x/net/http/httpproxy", "n\x03\x96\x01\x10\x05\x01\x18\x14\r"},
+	{"vendor/golang.org/x/net/http2/hpack", "\x03k\x03\x80\x01F"},
+	{"vendor/golang.org/x/net/idna", "q\x8c\x018\x14\x10\x02\x01"},
+	{"vendor/golang.org/x/net/nettest", "\x03d\a\x03\x80\x01\x11\x05\x16\x01\f\n\x01\x02\x02\x01\v"},
+	{"vendor/golang.org/x/sys/cpu", "\x9d\x02\r\n\x01\x16"},
+	{"vendor/golang.org/x/text/secure/bidirule", "n\xdb\x01\x11\x01"},
+	{"vendor/golang.org/x/text/transform", "\x03k\x83\x01X"},
+	{"vendor/golang.org/x/text/unicode/bidi", "\x03\bf\x84\x01>\x16"},
+	{"vendor/golang.org/x/text/unicode/norm", "g\n\x80\x01F\x12\x11"},
+	{"weak", "\x94\x01\x96\x01!"},
 }
diff --git a/vendor/golang.org/x/tools/internal/stdlib/manifest.go b/vendor/golang.org/x/tools/internal/stdlib/manifest.go
index 64f0326b6..c1faa50d3 100644
--- a/vendor/golang.org/x/tools/internal/stdlib/manifest.go
+++ b/vendor/golang.org/x/tools/internal/stdlib/manifest.go
@@ -502,6 +502,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"MD4", Const, 0, ""},
 		{"MD5", Const, 0, ""},
 		{"MD5SHA1", Const, 0, ""},
+		{"MessageSigner", Type, 25, ""},
 		{"PrivateKey", Type, 0, ""},
 		{"PublicKey", Type, 2, ""},
 		{"RIPEMD160", Const, 0, ""},
@@ -517,6 +518,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"SHA512", Const, 0, ""},
 		{"SHA512_224", Const, 5, ""},
 		{"SHA512_256", Const, 5, ""},
+		{"SignMessage", Func, 25, "func(signer Signer, rand io.Reader, msg []byte, opts SignerOpts) (signature []byte, err error)"},
 		{"Signer", Type, 4, ""},
 		{"SignerOpts", Type, 4, ""},
 	},
@@ -600,10 +602,12 @@ var PackageSymbols = map[string][]Symbol{
 		{"X25519", Func, 20, "func() Curve"},
 	},
 	"crypto/ecdsa": {
+		{"(*PrivateKey).Bytes", Method, 25, ""},
 		{"(*PrivateKey).ECDH", Method, 20, ""},
 		{"(*PrivateKey).Equal", Method, 15, ""},
 		{"(*PrivateKey).Public", Method, 4, ""},
 		{"(*PrivateKey).Sign", Method, 4, ""},
+		{"(*PublicKey).Bytes", Method, 25, ""},
 		{"(*PublicKey).ECDH", Method, 20, ""},
 		{"(*PublicKey).Equal", Method, 15, ""},
 		{"(PrivateKey).Add", Method, 0, ""},
@@ -619,6 +623,8 @@ var PackageSymbols = map[string][]Symbol{
 		{"(PublicKey).ScalarBaseMult", Method, 0, ""},
 		{"(PublicKey).ScalarMult", Method, 0, ""},
 		{"GenerateKey", Func, 0, "func(c elliptic.Curve, rand io.Reader) (*PrivateKey, error)"},
+		{"ParseRawPrivateKey", Func, 25, "func(curve elliptic.Curve, data []byte) (*PrivateKey, error)"},
+		{"ParseUncompressedPublicKey", Func, 25, "func(curve elliptic.Curve, data []byte) (*PublicKey, error)"},
 		{"PrivateKey", Type, 0, ""},
 		{"PrivateKey.D", Field, 0, ""},
 		{"PrivateKey.PublicKey", Field, 0, ""},
@@ -815,6 +821,7 @@ var PackageSymbols = map[string][]Symbol{
 	"crypto/sha3": {
 		{"(*SHA3).AppendBinary", Method, 24, ""},
 		{"(*SHA3).BlockSize", Method, 24, ""},
+		{"(*SHA3).Clone", Method, 25, ""},
 		{"(*SHA3).MarshalBinary", Method, 24, ""},
 		{"(*SHA3).Reset", Method, 24, ""},
 		{"(*SHA3).Size", Method, 24, ""},
@@ -967,6 +974,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"Config.GetCertificate", Field, 4, ""},
 		{"Config.GetClientCertificate", Field, 8, ""},
 		{"Config.GetConfigForClient", Field, 8, ""},
+		{"Config.GetEncryptedClientHelloKeys", Field, 25, ""},
 		{"Config.InsecureSkipVerify", Field, 0, ""},
 		{"Config.KeyLogWriter", Field, 8, ""},
 		{"Config.MaxVersion", Field, 2, ""},
@@ -5463,6 +5471,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"ParenExpr.X", Field, 0, ""},
 		{"Pkg", Const, 0, ""},
 		{"Preorder", Func, 23, "func(root Node) iter.Seq[Node]"},
+		{"PreorderStack", Func, 25, "func(root Node, stack []Node, f func(n Node, stack []Node) bool)"},
 		{"Print", Func, 0, "func(fset *token.FileSet, x any) error"},
 		{"RECV", Const, 0, ""},
 		{"RangeStmt", Type, 0, ""},
@@ -5933,6 +5942,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"(*File).SetLines", Method, 0, ""},
 		{"(*File).SetLinesForContent", Method, 0, ""},
 		{"(*File).Size", Method, 0, ""},
+		{"(*FileSet).AddExistingFiles", Method, 25, ""},
 		{"(*FileSet).AddFile", Method, 0, ""},
 		{"(*FileSet).Base", Method, 0, ""},
 		{"(*FileSet).File", Method, 0, ""},
@@ -6382,7 +6392,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"Label", Type, 5, ""},
 		{"LocalVar", Const, 25, ""},
 		{"LookupFieldOrMethod", Func, 5, "func(T Type, addressable bool, pkg *Package, name string) (obj Object, index []int, indirect bool)"},
-		{"LookupSelection", Func, 25, ""},
+		{"LookupSelection", Func, 25, "func(T Type, addressable bool, pkg *Package, name string) (Selection, bool)"},
 		{"Map", Type, 5, ""},
 		{"MethodExpr", Const, 5, ""},
 		{"MethodSet", Type, 5, ""},
@@ -6490,9 +6500,11 @@ var PackageSymbols = map[string][]Symbol{
 		{"Lang", Func, 22, "func(x string) string"},
 	},
 	"hash": {
+		{"Cloner", Type, 25, ""},
 		{"Hash", Type, 0, ""},
 		{"Hash32", Type, 0, ""},
 		{"Hash64", Type, 0, ""},
+		{"XOF", Type, 25, ""},
 	},
 	"hash/adler32": {
 		{"Checksum", Func, 0, "func(data []byte) uint32"},
@@ -6533,6 +6545,7 @@ var PackageSymbols = map[string][]Symbol{
 	},
 	"hash/maphash": {
 		{"(*Hash).BlockSize", Method, 14, ""},
+		{"(*Hash).Clone", Method, 25, ""},
 		{"(*Hash).Reset", Method, 14, ""},
 		{"(*Hash).Seed", Method, 14, ""},
 		{"(*Hash).SetSeed", Method, 14, ""},
@@ -7133,7 +7146,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"FormatFileInfo", Func, 21, "func(info FileInfo) string"},
 		{"Glob", Func, 16, "func(fsys FS, pattern string) (matches []string, err error)"},
 		{"GlobFS", Type, 16, ""},
-		{"Lstat", Func, 25, ""},
+		{"Lstat", Func, 25, "func(fsys FS, name string) (FileInfo, error)"},
 		{"ModeAppend", Const, 16, ""},
 		{"ModeCharDevice", Const, 16, ""},
 		{"ModeDevice", Const, 16, ""},
@@ -7158,7 +7171,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"ReadDirFile", Type, 16, ""},
 		{"ReadFile", Func, 16, "func(fsys FS, name string) ([]byte, error)"},
 		{"ReadFileFS", Type, 16, ""},
-		{"ReadLink", Func, 25, ""},
+		{"ReadLink", Func, 25, "func(fsys FS, name string) (string, error)"},
 		{"ReadLinkFS", Type, 25, ""},
 		{"SkipAll", Var, 20, ""},
 		{"SkipDir", Var, 16, ""},
@@ -7275,6 +7288,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"(Record).Attrs", Method, 21, ""},
 		{"(Record).Clone", Method, 21, ""},
 		{"(Record).NumAttrs", Method, 21, ""},
+		{"(Record).Source", Method, 25, ""},
 		{"(Value).Any", Method, 21, ""},
 		{"(Value).Bool", Method, 21, ""},
 		{"(Value).Duration", Method, 21, ""},
@@ -7306,6 +7320,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"Float64", Func, 21, "func(key string, v float64) Attr"},
 		{"Float64Value", Func, 21, "func(v float64) Value"},
 		{"Group", Func, 21, "func(key string, args ...any) Attr"},
+		{"GroupAttrs", Func, 25, "func(key string, attrs ...Attr) Attr"},
 		{"GroupValue", Func, 21, "func(as ...Attr) Value"},
 		{"Handler", Type, 21, ""},
 		{"HandlerOptions", Type, 21, ""},
@@ -7916,7 +7931,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"(*Writer).WriteField", Method, 0, ""},
 		{"ErrMessageTooLarge", Var, 9, ""},
 		{"File", Type, 0, ""},
-		{"FileContentDisposition", Func, 25, ""},
+		{"FileContentDisposition", Func, 25, "func(fieldname string, filename string) string"},
 		{"FileHeader", Type, 0, ""},
 		{"FileHeader.Filename", Field, 0, ""},
 		{"FileHeader.Header", Field, 0, ""},
@@ -8294,6 +8309,11 @@ var PackageSymbols = map[string][]Symbol{
 		{"(*Client).PostForm", Method, 0, ""},
 		{"(*Cookie).String", Method, 0, ""},
 		{"(*Cookie).Valid", Method, 18, ""},
+		{"(*CrossOriginProtection).AddInsecureBypassPattern", Method, 25, ""},
+		{"(*CrossOriginProtection).AddTrustedOrigin", Method, 25, ""},
+		{"(*CrossOriginProtection).Check", Method, 25, ""},
+		{"(*CrossOriginProtection).Handler", Method, 25, ""},
+		{"(*CrossOriginProtection).SetDenyHandler", Method, 25, ""},
 		{"(*MaxBytesError).Error", Method, 19, ""},
 		{"(*ProtocolError).Error", Method, 0, ""},
 		{"(*ProtocolError).Is", Method, 21, ""},
@@ -8388,6 +8408,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"Cookie.Unparsed", Field, 0, ""},
 		{"Cookie.Value", Field, 0, ""},
 		{"CookieJar", Type, 0, ""},
+		{"CrossOriginProtection", Type, 25, ""},
 		{"DefaultClient", Var, 0, ""},
 		{"DefaultMaxHeaderBytes", Const, 0, ""},
 		{"DefaultMaxIdleConnsPerHost", Const, 0, ""},
@@ -8460,6 +8481,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"MethodPost", Const, 6, ""},
 		{"MethodPut", Const, 6, ""},
 		{"MethodTrace", Const, 6, ""},
+		{"NewCrossOriginProtection", Func, 25, "func() *CrossOriginProtection"},
 		{"NewFileTransport", Func, 0, "func(fs FileSystem) RoundTripper"},
 		{"NewFileTransportFS", Func, 22, "func(fsys fs.FS) RoundTripper"},
 		{"NewRequest", Func, 0, "func(method string, url string, body io.Reader) (*Request, error)"},
@@ -9174,15 +9196,19 @@ var PackageSymbols = map[string][]Symbol{
 		{"(*Root).Link", Method, 25, ""},
 		{"(*Root).Lstat", Method, 24, ""},
 		{"(*Root).Mkdir", Method, 24, ""},
+		{"(*Root).MkdirAll", Method, 25, ""},
 		{"(*Root).Name", Method, 24, ""},
 		{"(*Root).Open", Method, 24, ""},
 		{"(*Root).OpenFile", Method, 24, ""},
 		{"(*Root).OpenRoot", Method, 24, ""},
+		{"(*Root).ReadFile", Method, 25, ""},
 		{"(*Root).Readlink", Method, 25, ""},
 		{"(*Root).Remove", Method, 24, ""},
+		{"(*Root).RemoveAll", Method, 25, ""},
 		{"(*Root).Rename", Method, 25, ""},
 		{"(*Root).Stat", Method, 24, ""},
 		{"(*Root).Symlink", Method, 25, ""},
+		{"(*Root).WriteFile", Method, 25, ""},
 		{"(*SyscallError).Error", Method, 0, ""},
 		{"(*SyscallError).Timeout", Method, 10, ""},
 		{"(*SyscallError).Unwrap", Method, 13, ""},
@@ -9623,6 +9649,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"StructTag", Type, 0, ""},
 		{"Swapper", Func, 8, "func(slice any) func(i int, j int)"},
 		{"Type", Type, 0, ""},
+		{"TypeAssert", Func, 25, "func[T any](v Value) (T, bool)"},
 		{"TypeFor", Func, 22, "func[T any]() Type"},
 		{"TypeOf", Func, 0, "func(i any) Type"},
 		{"Uint", Const, 0, ""},
@@ -9909,6 +9936,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"SetBlockProfileRate", Func, 1, "func(rate int)"},
 		{"SetCPUProfileRate", Func, 0, "func(hz int)"},
 		{"SetCgoTraceback", Func, 7, "func(version int, traceback unsafe.Pointer, context unsafe.Pointer, symbolizer unsafe.Pointer)"},
+		{"SetDefaultGOMAXPROCS", Func, 25, "func()"},
 		{"SetFinalizer", Func, 0, "func(obj any, finalizer any)"},
 		{"SetMutexProfileFraction", Func, 8, "func(rate int) int"},
 		{"Stack", Func, 0, "func(buf []byte, all bool) int"},
@@ -10021,11 +10049,20 @@ var PackageSymbols = map[string][]Symbol{
 		{"WriteHeapProfile", Func, 0, "func(w io.Writer) error"},
 	},
 	"runtime/trace": {
+		{"(*FlightRecorder).Enabled", Method, 25, ""},
+		{"(*FlightRecorder).Start", Method, 25, ""},
+		{"(*FlightRecorder).Stop", Method, 25, ""},
+		{"(*FlightRecorder).WriteTo", Method, 25, ""},
 		{"(*Region).End", Method, 11, ""},
 		{"(*Task).End", Method, 11, ""},
+		{"FlightRecorder", Type, 25, ""},
+		{"FlightRecorderConfig", Type, 25, ""},
+		{"FlightRecorderConfig.MaxBytes", Field, 25, ""},
+		{"FlightRecorderConfig.MinAge", Field, 25, ""},
 		{"IsEnabled", Func, 11, "func() bool"},
 		{"Log", Func, 11, "func(ctx context.Context, category string, message string)"},
 		{"Logf", Func, 11, "func(ctx context.Context, category string, format string, args ...any)"},
+		{"NewFlightRecorder", Func, 25, "func(cfg FlightRecorderConfig) *FlightRecorder"},
 		{"NewTask", Func, 11, "func(pctx context.Context, taskType string) (ctx context.Context, task *Task)"},
 		{"Region", Type, 11, ""},
 		{"Start", Func, 5, "func(w io.Writer) error"},
@@ -16642,6 +16679,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"ValueOf", Func, 0, ""},
 	},
 	"testing": {
+		{"(*B).Attr", Method, 25, ""},
 		{"(*B).Chdir", Method, 24, ""},
 		{"(*B).Cleanup", Method, 14, ""},
 		{"(*B).Context", Method, 24, ""},
@@ -16658,6 +16696,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"(*B).Logf", Method, 0, ""},
 		{"(*B).Loop", Method, 24, ""},
 		{"(*B).Name", Method, 8, ""},
+		{"(*B).Output", Method, 25, ""},
 		{"(*B).ReportAllocs", Method, 1, ""},
 		{"(*B).ReportMetric", Method, 13, ""},
 		{"(*B).ResetTimer", Method, 0, ""},
@@ -16674,6 +16713,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"(*B).StopTimer", Method, 0, ""},
 		{"(*B).TempDir", Method, 15, ""},
 		{"(*F).Add", Method, 18, ""},
+		{"(*F).Attr", Method, 25, ""},
 		{"(*F).Chdir", Method, 24, ""},
 		{"(*F).Cleanup", Method, 18, ""},
 		{"(*F).Context", Method, 24, ""},
@@ -16689,6 +16729,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"(*F).Log", Method, 18, ""},
 		{"(*F).Logf", Method, 18, ""},
 		{"(*F).Name", Method, 18, ""},
+		{"(*F).Output", Method, 25, ""},
 		{"(*F).Setenv", Method, 18, ""},
 		{"(*F).Skip", Method, 18, ""},
 		{"(*F).SkipNow", Method, 18, ""},
@@ -16697,6 +16738,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"(*F).TempDir", Method, 18, ""},
 		{"(*M).Run", Method, 4, ""},
 		{"(*PB).Next", Method, 3, ""},
+		{"(*T).Attr", Method, 25, ""},
 		{"(*T).Chdir", Method, 24, ""},
 		{"(*T).Cleanup", Method, 14, ""},
 		{"(*T).Context", Method, 24, ""},
@@ -16712,6 +16754,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"(*T).Log", Method, 0, ""},
 		{"(*T).Logf", Method, 0, ""},
 		{"(*T).Name", Method, 8, ""},
+		{"(*T).Output", Method, 25, ""},
 		{"(*T).Parallel", Method, 0, ""},
 		{"(*T).Run", Method, 7, ""},
 		{"(*T).Setenv", Method, 17, ""},
@@ -16834,6 +16877,10 @@ var PackageSymbols = map[string][]Symbol{
 		{"Run", Func, 22, "func(t *testing.T, newHandler func(*testing.T) slog.Handler, result func(*testing.T) map[string]any)"},
 		{"TestHandler", Func, 21, "func(h slog.Handler, results func() []map[string]any) error"},
 	},
+	"testing/synctest": {
+		{"Test", Func, 25, "func(t *testing.T, f func(*testing.T))"},
+		{"Wait", Func, 25, "func()"},
+	},
 	"text/scanner": {
 		{"(*Position).IsValid", Method, 0, ""},
 		{"(*Scanner).Init", Method, 0, ""},
@@ -17347,6 +17394,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"CaseRange.Lo", Field, 0, ""},
 		{"CaseRanges", Var, 0, ""},
 		{"Categories", Var, 0, ""},
+		{"CategoryAliases", Var, 25, ""},
 		{"Caucasian_Albanian", Var, 4, ""},
 		{"Cc", Var, 0, ""},
 		{"Cf", Var, 0, ""},
@@ -17354,6 +17402,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"Cham", Var, 0, ""},
 		{"Cherokee", Var, 0, ""},
 		{"Chorasmian", Var, 16, ""},
+		{"Cn", Var, 25, ""},
 		{"Co", Var, 0, ""},
 		{"Common", Var, 0, ""},
 		{"Coptic", Var, 0, ""},
@@ -17432,6 +17481,7 @@ var PackageSymbols = map[string][]Symbol{
 		{"Khojki", Var, 4, ""},
 		{"Khudawadi", Var, 4, ""},
 		{"L", Var, 0, ""},
+		{"LC", Var, 25, ""},
 		{"Lao", Var, 0, ""},
 		{"Latin", Var, 0, ""},
 		{"Lepcha", Var, 0, ""},
diff --git a/vendor/golang.org/x/tools/internal/typesinternal/fx.go b/vendor/golang.org/x/tools/internal/typesinternal/fx.go
new file mode 100644
index 000000000..93acff217
--- /dev/null
+++ b/vendor/golang.org/x/tools/internal/typesinternal/fx.go
@@ -0,0 +1,49 @@
+// Copyright 2025 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package typesinternal
+
+import (
+	"go/ast"
+	"go/token"
+	"go/types"
+)
+
+// NoEffects reports whether the expression has no side effects, i.e., it
+// does not modify the memory state. This function is conservative: it may
+// return false even when the expression has no effect.
+func NoEffects(info *types.Info, expr ast.Expr) bool {
+	noEffects := true
+	ast.Inspect(expr, func(n ast.Node) bool {
+		switch v := n.(type) {
+		case nil, *ast.Ident, *ast.BasicLit, *ast.BinaryExpr, *ast.ParenExpr,
+			*ast.SelectorExpr, *ast.IndexExpr, *ast.SliceExpr, *ast.TypeAssertExpr,
+			*ast.StarExpr, *ast.CompositeLit, *ast.ArrayType, *ast.StructType,
+			*ast.MapType, *ast.InterfaceType, *ast.KeyValueExpr:
+			// No effect
+		case *ast.UnaryExpr:
+			// Channel send <-ch has effects
+			if v.Op == token.ARROW {
+				noEffects = false
+			}
+		case *ast.CallExpr:
+			// Type conversion has no effects
+			if !info.Types[v.Fun].IsType() {
+				// TODO(adonovan): Add a case for built-in functions without side
+				// effects (by using callsPureBuiltin from tools/internal/refactor/inline)
+
+				noEffects = false
+			}
+		case *ast.FuncLit:
+			// A FuncLit has no effects, but do not descend into it.
+			return false
+		default:
+			// All other expressions have effects
+			noEffects = false
+		}
+
+		return noEffects
+	})
+	return noEffects
+}
diff --git a/vendor/golang.org/x/tools/internal/typesinternal/isnamed.go b/vendor/golang.org/x/tools/internal/typesinternal/isnamed.go
new file mode 100644
index 000000000..f2affec4f
--- /dev/null
+++ b/vendor/golang.org/x/tools/internal/typesinternal/isnamed.go
@@ -0,0 +1,71 @@
+// Copyright 2025 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package typesinternal
+
+import (
+	"go/types"
+	"slices"
+)
+
+// IsTypeNamed reports whether t is (or is an alias for) a
+// package-level defined type with the given package path and one of
+// the given names. It returns false if t is nil.
+//
+// This function avoids allocating the concatenation of "pkg.Name",
+// which is important for the performance of syntax matching.
+func IsTypeNamed(t types.Type, pkgPath string, names ...string) bool {
+	if named, ok := types.Unalias(t).(*types.Named); ok {
+		tname := named.Obj()
+		return tname != nil &&
+			IsPackageLevel(tname) &&
+			tname.Pkg().Path() == pkgPath &&
+			slices.Contains(names, tname.Name())
+	}
+	return false
+}
+
+// IsPointerToNamed reports whether t is (or is an alias for) a pointer to a
+// package-level defined type with the given package path and one of the given
+// names. It returns false if t is not a pointer type.
+func IsPointerToNamed(t types.Type, pkgPath string, names ...string) bool {
+	r := Unpointer(t)
+	if r == t {
+		return false
+	}
+	return IsTypeNamed(r, pkgPath, names...)
+}
+
+// IsFunctionNamed reports whether obj is a package-level function
+// defined in the given package and has one of the given names.
+// It returns false if obj is nil.
+//
+// This function avoids allocating the concatenation of "pkg.Name",
+// which is important for the performance of syntax matching.
+func IsFunctionNamed(obj types.Object, pkgPath string, names ...string) bool {
+	f, ok := obj.(*types.Func)
+	return ok &&
+		IsPackageLevel(obj) &&
+		f.Pkg().Path() == pkgPath &&
+		f.Type().(*types.Signature).Recv() == nil &&
+		slices.Contains(names, f.Name())
+}
+
+// IsMethodNamed reports whether obj is a method defined on a
+// package-level type with the given package and type name, and has
+// one of the given names. It returns false if obj is nil.
+//
+// This function avoids allocating the concatenation of "pkg.TypeName.Name",
+// which is important for the performance of syntax matching.
+func IsMethodNamed(obj types.Object, pkgPath string, typeName string, names ...string) bool {
+	if fn, ok := obj.(*types.Func); ok {
+		if recv := fn.Type().(*types.Signature).Recv(); recv != nil {
+			_, T := ReceiverNamed(recv)
+			return T != nil &&
+				IsTypeNamed(T, pkgPath, typeName) &&
+				slices.Contains(names, fn.Name())
+		}
+	}
+	return false
+}
diff --git a/vendor/golang.org/x/tools/internal/typesinternal/qualifier.go b/vendor/golang.org/x/tools/internal/typesinternal/qualifier.go
index b64f714eb..64f47919f 100644
--- a/vendor/golang.org/x/tools/internal/typesinternal/qualifier.go
+++ b/vendor/golang.org/x/tools/internal/typesinternal/qualifier.go
@@ -15,6 +15,14 @@ import (
 // file.
 // If the same package is imported multiple times, the last appearance is
 // recorded.
+//
+// TODO(adonovan): this function ignores the effect of shadowing. It
+// should accept a [token.Pos] and a [types.Info] and compute only the
+// set of imports that are not shadowed at that point, analogous to
+// [analysisinternal.AddImport]. It could also compute (as a side
+// effect) the set of additional imports required to ensure that there
+// is an accessible import for each necessary package, making it
+// converge even more closely with AddImport.
 func FileQualifier(f *ast.File, pkg *types.Package) types.Qualifier {
 	// Construct mapping of import paths to their defined names.
 	// It is only necessary to look at renaming imports.
diff --git a/vendor/golang.org/x/tools/internal/typesinternal/types.go b/vendor/golang.org/x/tools/internal/typesinternal/types.go
index a5cd7e8db..fef74a785 100644
--- a/vendor/golang.org/x/tools/internal/typesinternal/types.go
+++ b/vendor/golang.org/x/tools/internal/typesinternal/types.go
@@ -2,8 +2,20 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-// Package typesinternal provides access to internal go/types APIs that are not
-// yet exported.
+// Package typesinternal provides helpful operators for dealing with
+// go/types:
+//
+//   - operators for querying typed syntax trees (e.g. [Imports], [IsFunctionNamed]);
+//   - functions for converting types to strings or syntax (e.g. [TypeExpr], FileQualifier]);
+//   - helpers for working with the [go/types] API (e.g. [NewTypesInfo]);
+//   - access to internal go/types APIs that are not yet
+//     exported (e.g. [SetUsesCgo], [ErrorCodeStartEnd], [VarKind]); and
+//   - common algorithms related to types (e.g. [TooNewStdSymbols]).
+//
+// See also:
+//   - [golang.org/x/tools/internal/astutil], for operations on untyped syntax;
+//   - [golang.org/x/tools/internal/analysisinernal], for helpers for analyzers;
+//   - [golang.org/x/tools/internal/refactor], for operators to compute text edits.
 package typesinternal
 
 import (
@@ -13,6 +25,7 @@ import (
 	"reflect"
 	"unsafe"
 
+	"golang.org/x/tools/go/ast/inspector"
 	"golang.org/x/tools/internal/aliases"
 )
 
@@ -60,6 +73,9 @@ func ErrorCodeStartEnd(err types.Error) (code ErrorCode, start, end token.Pos, o
 // which is often excessive.)
 //
 // If pkg is nil, it is equivalent to [*types.Package.Name].
+//
+// TODO(adonovan): all uses of this with TypeString should be
+// eliminated when https://go.dev/issues/75604 is resolved.
 func NameRelativeTo(pkg *types.Package) types.Qualifier {
 	return func(other *types.Package) string {
 		if pkg != nil && pkg == other {
@@ -153,3 +169,31 @@ func NewTypesInfo() *types.Info {
 		FileVersions: map[*ast.File]string{},
 	}
 }
+
+// EnclosingScope returns the innermost block logically enclosing the cursor.
+func EnclosingScope(info *types.Info, cur inspector.Cursor) *types.Scope {
+	for cur := range cur.Enclosing() {
+		n := cur.Node()
+		// A function's Scope is associated with its FuncType.
+		switch f := n.(type) {
+		case *ast.FuncDecl:
+			n = f.Type
+		case *ast.FuncLit:
+			n = f.Type
+		}
+		if b := info.Scopes[n]; b != nil {
+			return b
+		}
+	}
+	panic("no Scope for *ast.File")
+}
+
+// Imports reports whether path is imported by pkg.
+func Imports(pkg *types.Package, path string) bool {
+	for _, imp := range pkg.Imports() {
+		if imp.Path() == path {
+			return true
+		}
+	}
+	return false
+}
diff --git a/vendor/golang.org/x/tools/internal/typesinternal/zerovalue.go b/vendor/golang.org/x/tools/internal/typesinternal/zerovalue.go
index d272949c1..453bba2ad 100644
--- a/vendor/golang.org/x/tools/internal/typesinternal/zerovalue.go
+++ b/vendor/golang.org/x/tools/internal/typesinternal/zerovalue.go
@@ -204,23 +204,12 @@ func ZeroExpr(t types.Type, qual types.Qualifier) (_ ast.Expr, isValid bool) {
 	}
 }
 
-// IsZeroExpr uses simple syntactic heuristics to report whether expr
-// is a obvious zero value, such as 0, "", nil, or false.
-// It cannot do better without type information.
-func IsZeroExpr(expr ast.Expr) bool {
-	switch e := expr.(type) {
-	case *ast.BasicLit:
-		return e.Value == "0" || e.Value == `""`
-	case *ast.Ident:
-		return e.Name == "nil" || e.Name == "false"
-	default:
-		return false
-	}
-}
-
 // TypeExpr returns syntax for the specified type. References to named types
 // are qualified by an appropriate (optional) qualifier function.
 // It may panic for types such as Tuple or Union.
+//
+// See also https://go.dev/issues/75604, which will provide a robust
+// Type-to-valid-Go-syntax formatter.
 func TypeExpr(t types.Type, qual types.Qualifier) ast.Expr {
 	switch t := t.(type) {
 	case *types.Basic:
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 5c42962f2..74c13c255 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -411,7 +411,7 @@ github.com/zclconf/go-cty/cty/function/stdlib
 github.com/zclconf/go-cty/cty/gocty
 github.com/zclconf/go-cty/cty/json
 github.com/zclconf/go-cty/cty/set
-# golang.org/x/crypto v0.42.0
+# golang.org/x/crypto v0.45.0
 ## explicit; go 1.24.0
 golang.org/x/crypto/argon2
 golang.org/x/crypto/blake2b
@@ -428,14 +428,14 @@ golang.org/x/crypto/sha3
 golang.org/x/crypto/ssh
 golang.org/x/crypto/ssh/agent
 golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
-# golang.org/x/mod v0.27.0
-## explicit; go 1.23.0
+# golang.org/x/mod v0.29.0
+## explicit; go 1.24.0
 golang.org/x/mod/internal/lazyregexp
 golang.org/x/mod/modfile
 golang.org/x/mod/module
 golang.org/x/mod/semver
-# golang.org/x/net v0.43.0
-## explicit; go 1.23.0
+# golang.org/x/net v0.47.0
+## explicit; go 1.24.0
 golang.org/x/net/context
 golang.org/x/net/http/httpguts
 golang.org/x/net/http2
@@ -444,23 +444,25 @@ golang.org/x/net/idna
 golang.org/x/net/internal/httpcommon
 golang.org/x/net/internal/timeseries
 golang.org/x/net/trace
-# golang.org/x/sync v0.17.0
+# golang.org/x/sync v0.18.0
 ## explicit; go 1.24.0
 golang.org/x/sync/errgroup
-# golang.org/x/sys v0.36.0
+# golang.org/x/sys v0.38.0
 ## explicit; go 1.24.0
 golang.org/x/sys/cpu
 golang.org/x/sys/unix
 golang.org/x/sys/windows
-# golang.org/x/text v0.29.0
+# golang.org/x/text v0.31.0
 ## explicit; go 1.24.0
 golang.org/x/text/secure/bidirule
 golang.org/x/text/transform
 golang.org/x/text/unicode/bidi
 golang.org/x/text/unicode/norm
-# golang.org/x/tools v0.36.0
-## explicit; go 1.23.0
+# golang.org/x/tools v0.38.0
+## explicit; go 1.24.0
 golang.org/x/tools/cmd/stringer
+golang.org/x/tools/go/ast/edge
+golang.org/x/tools/go/ast/inspector
 golang.org/x/tools/go/gcexportdata
 golang.org/x/tools/go/packages
 golang.org/x/tools/go/types/objectpath