From 4e36c65243f9fab583ad1d7042b21d12375f68ab Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 22 Aug 2024 07:44:44 +0000 Subject: [PATCH 01/17] fix(deps): update module github.com/golangci/golangci-lint to v1.60.2 --- tools/go.mod | 14 +++++++------- tools/go.sum | 46 ++++++++++++++++++++++++---------------------- 2 files changed, 31 insertions(+), 29 deletions(-) diff --git a/tools/go.mod b/tools/go.mod index d5033e42348..be65a45ef84 100644 --- a/tools/go.mod +++ b/tools/go.mod @@ -9,7 +9,7 @@ exclude github.com/blizzy78/varnamelen v0.6.1 require ( github.com/atombender/go-jsonschema v0.16.0 github.com/client9/misspell v0.3.4 - github.com/golangci/golangci-lint v1.60.1 + github.com/golangci/golangci-lint v1.60.2 github.com/jcchavezs/porto v0.6.0 github.com/wadey/gocovmerge v0.0.0-20160331181800-b5bfa59ec0ad go.opentelemetry.io/build-tools/crosslink v0.14.0 @@ -89,7 +89,7 @@ require ( github.com/gofrs/flock v0.12.1 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golangci/dupl v0.0.0-20180902072040-3e9179ac440a // indirect - github.com/golangci/gofmt v0.0.0-20231018234816-f50ced29576e // indirect + github.com/golangci/gofmt v0.0.0-20240816233607-d8596aa466a9 // indirect github.com/golangci/misspell v0.6.0 // indirect github.com/golangci/modinfo v0.3.4 // indirect github.com/golangci/plugin-module-register v0.1.1 // indirect @@ -164,7 +164,7 @@ require ( github.com/santhosh-tekuri/jsonschema/v5 v5.3.1 // indirect github.com/sashamelentyev/interfacebloat v1.1.0 // indirect github.com/sashamelentyev/usestdlibvars v1.27.0 // indirect - github.com/securego/gosec/v2 v2.20.1-0.20240525090044-5f0084eb01a9 // indirect + github.com/securego/gosec/v2 v2.20.1-0.20240820084340-81cda2f91fbe // indirect github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect github.com/shazow/go-diff v0.0.0-20160112020656-b6b7b6733b8c // indirect github.com/sirupsen/logrus v1.9.3 // indirect @@ -188,7 +188,7 @@ require ( github.com/tetafro/godot v1.4.16 // indirect github.com/timakin/bodyclose v0.0.0-20230421092635-574207250966 // indirect github.com/timonwong/loggercheck v0.9.4 // indirect - github.com/tomarrell/wrapcheck/v2 v2.8.3 // indirect + github.com/tomarrell/wrapcheck/v2 v2.9.0 // indirect github.com/tommy-muehle/go-mnd/v2 v2.5.1 // indirect github.com/ultraware/funlen v0.1.0 // indirect github.com/ultraware/whitespace v0.1.1 // indirect @@ -214,12 +214,12 @@ require ( golang.org/x/telemetry v0.0.0-20240522233618-39ace7a40ae7 // indirect golang.org/x/text v0.17.0 // indirect golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect - google.golang.org/protobuf v1.33.0 // indirect + google.golang.org/protobuf v1.34.2 // indirect gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - honnef.co/go/tools v0.5.0 // indirect - mvdan.cc/gofumpt v0.6.0 // indirect + honnef.co/go/tools v0.5.1 // indirect + mvdan.cc/gofumpt v0.7.0 // indirect mvdan.cc/unparam v0.0.0-20240528143540-8a5130ca722f // indirect ) diff --git a/tools/go.sum b/tools/go.sum index 411ee08d2d2..55fe7f114bc 100644 --- a/tools/go.sum +++ b/tools/go.sum @@ -133,14 +133,16 @@ github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399 h1:eMj github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399/go.mod h1:1OCfN199q1Jm3HZlxleg+Dw/mwps2Wbk9frAWm+4FII= github.com/go-git/go-git/v5 v5.12.0 h1:7Md+ndsjrzZxbddRDZjF14qK+NN56sy6wkqaVrjZtys= github.com/go-git/go-git/v5 v5.12.0/go.mod h1:FTM9VKtnI2m65hNI/TenDDDnUf2Q9FHnXYjuz9i5OEY= -github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= -github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= +github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-playground/locales v0.13.0 h1:HyWk6mgj5qFqCT5fjGBuRArbVDfE4hi8+e8ceBS/t7Q= github.com/go-playground/locales v0.13.0/go.mod h1:taPMhCMXrRLJO55olJkUXHZBHCxTMfnGwq/HNwmWNS8= github.com/go-playground/universal-translator v0.17.0 h1:icxd5fm+REJzpZx7ZfpaD876Lmtgy7VtROAbHHXk8no= github.com/go-playground/universal-translator v0.17.0/go.mod h1:UkSxE5sNxxRwHyU+Scu5vgOQjsIJAF8j9muTVoKLVtA= github.com/go-playground/validator/v10 v10.4.1 h1:pH2c5ADXtd66mxoE0Zm9SUhxE20r7aM3F26W0hOn+GE= github.com/go-playground/validator/v10 v10.4.1/go.mod h1:nlOn6nFhuKACm19sB/8EGNn9GlaMV7XkbRSipzJ0Ii4= +github.com/go-quicktest/qt v1.101.0 h1:O1K29Txy5P2OK0dGo59b7b0LR6wKfIhttaAhHUyn7eI= +github.com/go-quicktest/qt v1.101.0/go.mod h1:14Bz/f7NwaXPtdYEgzsx46kqSxVwTbzVZsDC26tQJow= github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/go-toolsmith/astcast v1.1.0 h1:+JN9xZV1A+Re+95pgnMgDboWNVnIMMQXwfBwLRPgSC8= @@ -176,10 +178,10 @@ github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golangci/dupl v0.0.0-20180902072040-3e9179ac440a h1:w8hkcTqaFpzKqonE9uMCefW1WDie15eSP/4MssdenaM= github.com/golangci/dupl v0.0.0-20180902072040-3e9179ac440a/go.mod h1:ryS0uhF+x9jgbj/N71xsEqODy9BN81/GonCZiOzirOk= -github.com/golangci/gofmt v0.0.0-20231018234816-f50ced29576e h1:ULcKCDV1LOZPFxGZaA6TlQbiM3J2GCPnkx/bGF6sX/g= -github.com/golangci/gofmt v0.0.0-20231018234816-f50ced29576e/go.mod h1:Pm5KhLPA8gSnQwrQ6ukebRcapGb/BG9iUkdaiCcGHJM= -github.com/golangci/golangci-lint v1.60.1 h1:DRKNqNTQRLBJZ1il5u4fvgLQCjQc7QFs0DbhksJtVJE= -github.com/golangci/golangci-lint v1.60.1/go.mod h1:jDIPN1rYaIA+ijp9OZcUmUCoQOtZ76pOlFbi15FlLJY= +github.com/golangci/gofmt v0.0.0-20240816233607-d8596aa466a9 h1:/1322Qns6BtQxUZDTAT4SdcoxknUki7IAoK4SAXr8ME= +github.com/golangci/gofmt v0.0.0-20240816233607-d8596aa466a9/go.mod h1:Oesb/0uFAyWoaw1U1qS5zyjCg5NP9C9iwjnI4tIsXEE= +github.com/golangci/golangci-lint v1.60.2 h1:Y8aWnZCMOLY5T7Ga5hcoemyKsZZJCUmIIK3xTD3jIhc= +github.com/golangci/golangci-lint v1.60.2/go.mod h1:4UvjLpOJoQSvmyWkmO1urDR3txhL9R9sn4oM/evJ95g= github.com/golangci/misspell v0.6.0 h1:JCle2HUTNWirNlDIAUO44hUsKhOFqGPoC4LZxlaSXDs= github.com/golangci/misspell v0.6.0/go.mod h1:keMNyY6R9isGaSAu+4Q8NMBwMPkh15Gtc8UCVoDtAWo= github.com/golangci/modinfo v0.3.4 h1:oU5huX3fbxqQXdfspamej74DFX0kyGLkw1ppvXoJ8GA= @@ -199,8 +201,8 @@ github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6 h1:k7nVchz72niMH6YLQNvHSdIE7iqsQxK1P41mySCvssg= -github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6/go.mod h1:kf6iHlnVGwgKolg33glAes7Yg/8iWP8ukqeldJSO7jw= +github.com/google/pprof v0.0.0-20240727154555-813a5fbdbec8 h1:FKHo8hFI3A+7w0aUQuYXQ+6EN5stWmeY/AZqtM8xk9k= +github.com/google/pprof v0.0.0-20240727154555-813a5fbdbec8/go.mod h1:K1liHPHnj73Fdn/EKuT8nrFqBihUSKXoLYU0BuatOYo= github.com/google/renameio v0.1.0 h1:GOZbcHa3HfsPKPlmyPyN2KEohoMXOhdMbHrvbpl2QaA= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/gordonklaus/ineffassign v0.1.0 h1:y2Gd/9I7MdY1oEIt+n+rowjBNDcLQq3RsH5hwJd0f9s= @@ -312,10 +314,10 @@ github.com/nunnatsa/ginkgolinter v0.16.2 h1:8iLqHIZvN4fTLDC0Ke9tbSZVcyVHoBs0HIbn github.com/nunnatsa/ginkgolinter v0.16.2/go.mod h1:4tWRinDN1FeJgU+iJANW/kz7xKN5nYRAOfJDQUS9dOQ= github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec= github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY= -github.com/onsi/ginkgo/v2 v2.17.3 h1:oJcvKpIb7/8uLpDDtnQuf18xVnwKp8DTD7DQ6gTd/MU= -github.com/onsi/ginkgo/v2 v2.17.3/go.mod h1:nP2DPOQoNsQmsVyv5rDA8JkXQoCs6goXIvr/PRJ1eCc= -github.com/onsi/gomega v1.33.1 h1:dsYjIxxSR755MDmKVsaFQTE22ChNBcuuTWgkUDSubOk= -github.com/onsi/gomega v1.33.1/go.mod h1:U4R44UsT+9eLIaYRB2a5qajjtQYn0hauxvRm16AVYg0= +github.com/onsi/ginkgo/v2 v2.20.0 h1:PE84V2mHqoT1sglvHc8ZdQtPcwmvvt29WLEEO3xmdZw= +github.com/onsi/ginkgo/v2 v2.20.0/go.mod h1:lG9ey2Z29hR41WMVthyJBGUBcBhGOtoPF2VFMvBXFCI= +github.com/onsi/gomega v1.34.1 h1:EUMJIKUjM8sKjYbtxQI9A4z2o+rruxnzNvpknOXie6k= +github.com/onsi/gomega v1.34.1/go.mod h1:kU1QgUvBDLXBJq618Xvm2LUX6rSAfRaFRTcdOeDLwwY= github.com/otiai10/copy v1.2.0/go.mod h1:rrF5dJ5F0t/EWSYODDu4j9/vEeYHMkc8jt0zJChqQWw= github.com/otiai10/copy v1.14.0 h1:dCI/t1iTdYGtkvCuBG2BgR6KZa83PTclw4U5n2wAllU= github.com/otiai10/copy v1.14.0/go.mod h1:ECfuL02W+/FkTWZWgQqXPWZgW9oeKCSQ5qVfSc4qc4w= @@ -376,8 +378,8 @@ github.com/sashamelentyev/interfacebloat v1.1.0 h1:xdRdJp0irL086OyW1H/RTZTr1h/tM github.com/sashamelentyev/interfacebloat v1.1.0/go.mod h1:+Y9yU5YdTkrNvoX0xHc84dxiN1iBi9+G8zZIhPVoNjQ= github.com/sashamelentyev/usestdlibvars v1.27.0 h1:t/3jZpSXtRPRf2xr0m63i32ZrusyurIGT9E5wAvXQnI= github.com/sashamelentyev/usestdlibvars v1.27.0/go.mod h1:9nl0jgOfHKWNFS43Ojw0i7aRoS4j6EBye3YBhmAIRF8= -github.com/securego/gosec/v2 v2.20.1-0.20240525090044-5f0084eb01a9 h1:rnO6Zp1YMQwv8AyxzuwsVohljJgp4L0ZqiCgtACsPsc= -github.com/securego/gosec/v2 v2.20.1-0.20240525090044-5f0084eb01a9/go.mod h1:dg7lPlu/xK/Ut9SedURCoZbVCR4yC7fM65DtH9/CDHs= +github.com/securego/gosec/v2 v2.20.1-0.20240820084340-81cda2f91fbe h1:exdneYmXwZ4+VaIWv9mQ47uIHkTQSN50DYdCjXJ1cdQ= +github.com/securego/gosec/v2 v2.20.1-0.20240820084340-81cda2f91fbe/go.mod h1:iyeMMRw8QEmueUSZ2VqmkQMiDyDcobfPnG00CV/NWdE= github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 h1:n661drycOFuPLCN3Uc8sB6B/s6Z4t2xvBgU1htSHuq8= github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3/go.mod h1:A0bzQcvG0E7Rwjx0REVgAGH58e96+X0MeOfepqsbeW4= github.com/shazow/go-diff v0.0.0-20160112020656-b6b7b6733b8c h1:W65qqJCIOVP4jpqPQ0YvHYKwcMEMVWIzWC5iNQQfBTU= @@ -444,8 +446,8 @@ github.com/timakin/bodyclose v0.0.0-20230421092635-574207250966 h1:quvGphlmUVU+n github.com/timakin/bodyclose v0.0.0-20230421092635-574207250966/go.mod h1:27bSVNWSBOHm+qRp1T9qzaIpsWEP6TbUnei/43HK+PQ= github.com/timonwong/loggercheck v0.9.4 h1:HKKhqrjcVj8sxL7K77beXh0adEm6DLjV/QOGeMXEVi4= github.com/timonwong/loggercheck v0.9.4/go.mod h1:caz4zlPcgvpEkXgVnAJGowHAMW2NwHaNlpS8xDbVhTg= -github.com/tomarrell/wrapcheck/v2 v2.8.3 h1:5ov+Cbhlgi7s/a42BprYoxsr73CbdMUTzE3bRDFASUs= -github.com/tomarrell/wrapcheck/v2 v2.8.3/go.mod h1:g9vNIyhb5/9TQgumxQyOEqDHsmGYcGsVMOx/xGkqdMo= +github.com/tomarrell/wrapcheck/v2 v2.9.0 h1:801U2YCAjLhdN8zhZ/7tdjB3EnAoRlJHt/s+9hijLQ4= +github.com/tomarrell/wrapcheck/v2 v2.9.0/go.mod h1:g9vNIyhb5/9TQgumxQyOEqDHsmGYcGsVMOx/xGkqdMo= github.com/tommy-muehle/go-mnd/v2 v2.5.1 h1:NowYhSdyE/1zwK9QCLeRb6USWdoif80Ie+v+yU8u1Zw= github.com/tommy-muehle/go-mnd/v2 v2.5.1/go.mod h1:WsUAkMJMYww6l/ufffCD3m+P7LEvr8TnZn9lwVDlgzw= github.com/ultraware/funlen v0.1.0 h1:BuqclbkY6pO+cvxoq7OsktIXZpgBSkYTQtmwhAK81vI= @@ -631,8 +633,8 @@ golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 h1:+cNy6SZtPcJQH3LJVLOSmiC7MMxXNOb3PU/VUEz+EhU= golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028/go.mod h1:NDW/Ps6MPRej6fsCIbMTohpP40sJ/P/vI1MoTEGwX90= -google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= -google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= +google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= @@ -647,9 +649,9 @@ gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -honnef.co/go/tools v0.5.0 h1:29uoiIormS3Z6R+t56STz/oI4v+mB51TSmEOdJPgRnE= -honnef.co/go/tools v0.5.0/go.mod h1:e9irvo83WDG9/irijV44wr3tbhcFeRnfpVlRqVwpzMs= -mvdan.cc/gofumpt v0.6.0 h1:G3QvahNDmpD+Aek/bNOLrFR2XC6ZAdo62dZu65gmwGo= -mvdan.cc/gofumpt v0.6.0/go.mod h1:4L0wf+kgIPZtcCWXynNS2e6bhmj73umwnuXSZarixzA= +honnef.co/go/tools v0.5.1 h1:4bH5o3b5ZULQ4UrBmP+63W9r7qIkqJClEA9ko5YKx+I= +honnef.co/go/tools v0.5.1/go.mod h1:e9irvo83WDG9/irijV44wr3tbhcFeRnfpVlRqVwpzMs= +mvdan.cc/gofumpt v0.7.0 h1:bg91ttqXmi9y2xawvkuMXyvAA/1ZGJqYAEGjXuP0JXU= +mvdan.cc/gofumpt v0.7.0/go.mod h1:txVFJy/Sc/mvaycET54pV8SW8gWxTlUuGHVEcncmNUo= mvdan.cc/unparam v0.0.0-20240528143540-8a5130ca722f h1:lMpcwN6GxNbWtbpI1+xzFLSW8XzX0u72NttUGVFjO3U= mvdan.cc/unparam v0.0.0-20240528143540-8a5130ca722f/go.mod h1:RSLa7mKKCNeTTMHBw5Hsy2rfJmd6O2ivt9Dw9ZqCQpQ= From 886f551a2d5512aa5a138e36513c947f97d37d14 Mon Sep 17 00:00:00 2001 From: Tyler Yahn Date: Thu, 22 Aug 2024 08:56:41 -0700 Subject: [PATCH 02/17] Fix lint in otelslog --- bridges/otelslog/handler.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/bridges/otelslog/handler.go b/bridges/otelslog/handler.go index 864a637cd5a..3cfb5bf02b1 100644 --- a/bridges/otelslog/handler.go +++ b/bridges/otelslog/handler.go @@ -425,7 +425,12 @@ func convertValue(v slog.Value) log.Value { case slog.KindTime: return log.Int64Value(v.Time().UnixNano()) case slog.KindUint64: - return log.Int64Value(int64(v.Uint64())) + const maxInt64 = ^uint64(0) >> 1 + u := v.Uint64() + if u > maxInt64 { + return log.Float64Value(float64(u)) + } + return log.Int64Value(int64(u)) // nolint:gosec // Overflow checked above. case slog.KindGroup: g := v.Group() buf := newKVBuffer(len(g)) From d02c36545c3630f34fb24aa644d5fefe453a1306 Mon Sep 17 00:00:00 2001 From: Tyler Yahn Date: Thu, 22 Aug 2024 08:57:00 -0700 Subject: [PATCH 03/17] Fix lint in otelzap --- bridges/otelzap/encoder.go | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/bridges/otelzap/encoder.go b/bridges/otelzap/encoder.go index c831b74389f..e5b68850aac 100644 --- a/bridges/otelzap/encoder.go +++ b/bridges/otelzap/encoder.go @@ -175,7 +175,7 @@ func (m *objectEncoder) AddUint16(k string, v uint16) { } func (m *objectEncoder) AddUint8(k string, v uint8) { - m.AddInt64(k, int64(v)) + m.AddInt64(k, int64(v)) // nolint: gosec // https://github.com/securego/gosec/issues/1185 } func (m *objectEncoder) AddUintptr(k string, v uintptr) { @@ -187,7 +187,7 @@ func assignUintValue(v uint64) log.Value { if v > maxInt64 { return log.Float64Value(float64(v)) } - return log.Int64Value(int64(v)) + return log.Int64Value(int64(v)) // nolint:gosec // Overflow checked above. } // arrayEncoder implements [zapcore.ArrayEncoder]. @@ -272,8 +272,10 @@ func (a *arrayEncoder) AppendTime(v time.Time) { a.AppendInt64(v.UnixNan func (a *arrayEncoder) AppendUint(v uint) { a.AppendUint64(uint64(v)) } func (a *arrayEncoder) AppendUint32(v uint32) { a.AppendInt64(int64(v)) } func (a *arrayEncoder) AppendUint16(v uint16) { a.AppendInt64(int64(v)) } -func (a *arrayEncoder) AppendUint8(v uint8) { a.AppendInt64(int64(v)) } func (a *arrayEncoder) AppendUintptr(v uintptr) { a.AppendUint64(uint64(v)) } +func (a *arrayEncoder) AppendUint8(v uint8) { + a.AppendInt64(int64(v)) // nolint: gosec // https://github.com/securego/gosec/issues/1185 +} func convertValue(v interface{}) log.Value { switch v := v.(type) { From 9205cbc119d7f5a449a0ce99993b34131cfdadd7 Mon Sep 17 00:00:00 2001 From: Tyler Yahn Date: Thu, 22 Aug 2024 08:57:16 -0700 Subject: [PATCH 04/17] Fix lint in prometheus bridge --- bridges/prometheus/producer.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bridges/prometheus/producer.go b/bridges/prometheus/producer.go index 5626bdc5545..e94d07a6d46 100644 --- a/bridges/prometheus/producer.go +++ b/bridges/prometheus/producer.go @@ -214,10 +214,10 @@ func convertExponentialBuckets(bucketSpans []*dto.BucketSpan, deltas []int64) me initialOffset := bucketSpans[0].GetOffset() - 1 // We will have one bucket count for each delta, and zeros for the offsets // after the initial offset. - lenCounts := int32(len(deltas)) + lenCounts := len(deltas) for i, bs := range bucketSpans { if i != 0 { - lenCounts += bs.GetOffset() + lenCounts += int(bs.GetOffset()) } } counts := make([]uint64, lenCounts) From fa3bf4068c023e4733242108ea334285d40f962d Mon Sep 17 00:00:00 2001 From: Tyler Yahn Date: Thu, 22 Aug 2024 08:57:27 -0700 Subject: [PATCH 05/17] Fix lint in config --- config/metric.go | 16 ++++++++++++---- config/resource.go | 2 +- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/config/metric.go b/config/metric.go index 6c6b34e9f59..38b294172fb 100644 --- a/config/metric.go +++ b/config/metric.go @@ -8,6 +8,7 @@ import ( "encoding/json" "errors" "fmt" + "math" "net" "net/http" "net/url" @@ -358,8 +359,8 @@ func aggregation(aggr *ViewStreamAggregation) sdkmetric.Aggregation { if aggr.Base2ExponentialBucketHistogram != nil { return sdkmetric.AggregationBase2ExponentialHistogram{ - MaxSize: int32(intOrZero(aggr.Base2ExponentialBucketHistogram.MaxSize)), - MaxScale: int32(intOrZero(aggr.Base2ExponentialBucketHistogram.MaxScale)), + MaxSize: int32OrZero(aggr.Base2ExponentialBucketHistogram.MaxSize), + MaxScale: int32OrZero(aggr.Base2ExponentialBucketHistogram.MaxScale), // Need to negate because config has the positive action RecordMinMax. NoMinMax: !boolOrFalse(aggr.Base2ExponentialBucketHistogram.RecordMinMax), } @@ -426,11 +427,18 @@ func boolOrFalse(pBool *bool) bool { return *pBool } -func intOrZero(pInt *int) int { +func int32OrZero(pInt *int) int32 { if pInt == nil { return 0 } - return *pInt + i := *pInt + if i > math.MaxInt32 { + return math.MaxInt32 + } + if i < math.MinInt32 { + return math.MinInt32 + } + return int32(i) // nolint: gosec // Overflow and underflow checked above. } func strOrEmpty(pStr *string) string { diff --git a/config/resource.go b/config/resource.go index 020d6660b23..b61b033b852 100644 --- a/config/resource.go +++ b/config/resource.go @@ -23,7 +23,7 @@ func keyVal(k string, v any) attribute.KeyValue { case int8: return attribute.Int64(k, int64(val)) case uint8: - return attribute.Int64(k, int64(val)) + return attribute.Int64(k, int64(val)) // nolint: gosec // https://github.com/securego/gosec/issues/1185 case int16: return attribute.Int64(k, int64(val)) case uint16: From 43062e083e78ffc4db312e04bc93cdce4f000ad4 Mon Sep 17 00:00:00 2001 From: Tyler Yahn Date: Thu, 22 Aug 2024 08:57:50 -0700 Subject: [PATCH 06/17] Fix lint in otelrestful --- .../go-restful/otelrestful/internal/semconvutil/netconv.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/instrumentation/github.com/emicklei/go-restful/otelrestful/internal/semconvutil/netconv.go b/instrumentation/github.com/emicklei/go-restful/otelrestful/internal/semconvutil/netconv.go index 6ae340f0c3f..75a51e0de41 100644 --- a/instrumentation/github.com/emicklei/go-restful/otelrestful/internal/semconvutil/netconv.go +++ b/instrumentation/github.com/emicklei/go-restful/otelrestful/internal/semconvutil/netconv.go @@ -195,7 +195,7 @@ func splitHostPort(hostport string) (host string, port int) { if err != nil { return } - return host, int(p) + return host, int(p) // nolint: gosec // Bitsize checked to be 16 above. } func netProtocol(proto string) (name string, version string) { From 93abaf80f82615fc9f6b83c90bcabf170c9750c1 Mon Sep 17 00:00:00 2001 From: Tyler Yahn Date: Thu, 22 Aug 2024 08:58:06 -0700 Subject: [PATCH 07/17] Fix lint in otelgin --- .../gin-gonic/gin/otelgin/internal/semconvutil/netconv.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/instrumentation/github.com/gin-gonic/gin/otelgin/internal/semconvutil/netconv.go b/instrumentation/github.com/gin-gonic/gin/otelgin/internal/semconvutil/netconv.go index 253014bf053..7a1530a310d 100644 --- a/instrumentation/github.com/gin-gonic/gin/otelgin/internal/semconvutil/netconv.go +++ b/instrumentation/github.com/gin-gonic/gin/otelgin/internal/semconvutil/netconv.go @@ -195,7 +195,7 @@ func splitHostPort(hostport string) (host string, port int) { if err != nil { return } - return host, int(p) + return host, int(p) // nolint: gosec // Bitsize checked to be 16 above. } func netProtocol(proto string) (name string, version string) { From 33596a1dffc25fb5aa045489882d48312a7506fe Mon Sep 17 00:00:00 2001 From: Tyler Yahn Date: Thu, 22 Aug 2024 08:58:18 -0700 Subject: [PATCH 08/17] Fix lint in otelmux --- .../gorilla/mux/otelmux/internal/semconvutil/netconv.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/instrumentation/github.com/gorilla/mux/otelmux/internal/semconvutil/netconv.go b/instrumentation/github.com/gorilla/mux/otelmux/internal/semconvutil/netconv.go index 497fb802ad5..53602bacb46 100644 --- a/instrumentation/github.com/gorilla/mux/otelmux/internal/semconvutil/netconv.go +++ b/instrumentation/github.com/gorilla/mux/otelmux/internal/semconvutil/netconv.go @@ -195,7 +195,7 @@ func splitHostPort(hostport string) (host string, port int) { if err != nil { return } - return host, int(p) + return host, int(p) // nolint: gosec // Bitsize checked to be 16 above. } func netProtocol(proto string) (name string, version string) { From 6b373a96d6d7ce959197587ea80a55e196b3bd2c Mon Sep 17 00:00:00 2001 From: Tyler Yahn Date: Thu, 22 Aug 2024 08:58:33 -0700 Subject: [PATCH 09/17] Fix lint in otelecho --- .../labstack/echo/otelecho/internal/semconvutil/netconv.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/instrumentation/github.com/labstack/echo/otelecho/internal/semconvutil/netconv.go b/instrumentation/github.com/labstack/echo/otelecho/internal/semconvutil/netconv.go index 3fa96f45ab7..c4f54bdc8ec 100644 --- a/instrumentation/github.com/labstack/echo/otelecho/internal/semconvutil/netconv.go +++ b/instrumentation/github.com/labstack/echo/otelecho/internal/semconvutil/netconv.go @@ -195,7 +195,7 @@ func splitHostPort(hostport string) (host string, port int) { if err != nil { return } - return host, int(p) + return host, int(p) // nolint: gosec // Bitsize checked to be 16 above. } func netProtocol(proto string) (name string, version string) { From 908d2b2b0f558a1b97ab61bf98b1bbe9e9173d8a Mon Sep 17 00:00:00 2001 From: Tyler Yahn Date: Thu, 22 Aug 2024 08:58:47 -0700 Subject: [PATCH 10/17] Fix lint in otelgrpc --- .../grpc/otelgrpc/internal/test/test_utils.go | 42 ++++++++++--------- 1 file changed, 22 insertions(+), 20 deletions(-) diff --git a/instrumentation/google.golang.org/grpc/otelgrpc/internal/test/test_utils.go b/instrumentation/google.golang.org/grpc/otelgrpc/internal/test/test_utils.go index 8feea135dae..25e93ebd6c5 100644 --- a/instrumentation/google.golang.org/grpc/otelgrpc/internal/test/test_utils.go +++ b/instrumentation/google.golang.org/grpc/otelgrpc/internal/test/test_utils.go @@ -44,12 +44,12 @@ import ( ) var ( - reqSizes = []int{27182, 8, 1828, 45904} - respSizes = []int{31415, 9, 2653, 58979} - largeReqSize = 271828 - largeRespSize = 314159 - initialMetadataKey = "x-grpc-test-echo-initial" - trailingMetadataKey = "x-grpc-test-echo-trailing-bin" + reqSizes = []int32{27182, 8, 1828, 45904} + respSizes = []int32{31415, 9, 2653, 58979} + largeReqSize = 271828 + largeRespSize int32 = 314159 + initialMetadataKey = "x-grpc-test-echo-initial" + trailingMetadataKey = "x-grpc-test-echo-trailing-bin" logger = grpclog.Component("interop") ) @@ -87,7 +87,7 @@ func DoLargeUnaryCall(ctx context.Context, tc testpb.TestServiceClient, args ... pl := ClientNewPayload(testpb.PayloadType_COMPRESSABLE, largeReqSize) req := &testpb.SimpleRequest{ ResponseType: testpb.PayloadType_COMPRESSABLE, - ResponseSize: int32(largeRespSize), + ResponseSize: largeRespSize, Payload: pl, } reply, err := tc.UnaryCall(ctx, req, args...) @@ -96,7 +96,7 @@ func DoLargeUnaryCall(ctx context.Context, tc testpb.TestServiceClient, args ... } t := reply.GetPayload().GetType() s := len(reply.GetPayload().GetBody()) - if t != testpb.PayloadType_COMPRESSABLE || s != largeRespSize { + if t != testpb.PayloadType_COMPRESSABLE || s != int(largeRespSize) { logger.Fatalf("Got the reply with type %d len %d; want %d, %d", t, s, testpb.PayloadType_COMPRESSABLE, largeRespSize) } } @@ -107,9 +107,9 @@ func DoClientStreaming(ctx context.Context, tc testpb.TestServiceClient, args .. if err != nil { logger.Fatalf("%v.StreamingInputCall(_) = _, %v", tc, err) } - var sum int + var sum int32 for _, s := range reqSizes { - pl := ClientNewPayload(testpb.PayloadType_COMPRESSABLE, s) + pl := ClientNewPayload(testpb.PayloadType_COMPRESSABLE, int(s)) req := &testpb.StreamingInputCallRequest{ Payload: pl, } @@ -122,7 +122,7 @@ func DoClientStreaming(ctx context.Context, tc testpb.TestServiceClient, args .. if err != nil { logger.Fatalf("%v.CloseAndRecv() got error %v, want %v", stream, err, nil) } - if reply.GetAggregatedPayloadSize() != int32(sum) { + if reply.GetAggregatedPayloadSize() != sum { logger.Fatalf("%v.CloseAndRecv().GetAggregatePayloadSize() = %v; want %v", stream, reply.GetAggregatedPayloadSize(), sum) } } @@ -132,7 +132,7 @@ func DoServerStreaming(ctx context.Context, tc testpb.TestServiceClient, args .. respParam := make([]*testpb.ResponseParameters, len(respSizes)) for i, s := range respSizes { respParam[i] = &testpb.ResponseParameters{ - Size: int32(s), + Size: s, } } req := &testpb.StreamingOutputCallRequest{ @@ -157,7 +157,7 @@ func DoServerStreaming(ctx context.Context, tc testpb.TestServiceClient, args .. logger.Fatalf("Got the reply of type %d, want %d", t, testpb.PayloadType_COMPRESSABLE) } size := len(reply.GetPayload().GetBody()) - if size != respSizes[index] { + if size != int(respSizes[index]) { logger.Fatalf("Got reply body of length %d, want %d", size, respSizes[index]) } index++ @@ -181,10 +181,10 @@ func DoPingPong(ctx context.Context, tc testpb.TestServiceClient, args ...grpc.C for index < len(reqSizes) { respParam := []*testpb.ResponseParameters{ { - Size: int32(respSizes[index]), + Size: respSizes[index], }, } - pl := ClientNewPayload(testpb.PayloadType_COMPRESSABLE, reqSizes[index]) + pl := ClientNewPayload(testpb.PayloadType_COMPRESSABLE, int(reqSizes[index])) req := &testpb.StreamingOutputCallRequest{ ResponseType: testpb.PayloadType_COMPRESSABLE, ResponseParameters: respParam, @@ -202,7 +202,7 @@ func DoPingPong(ctx context.Context, tc testpb.TestServiceClient, args ...grpc.C logger.Fatalf("Got the reply of type %d, want %d", t, testpb.PayloadType_COMPRESSABLE) } size := len(reply.GetPayload().GetBody()) - if size != respSizes[index] { + if size != int(respSizes[index]) { logger.Fatalf("Got reply body of length %d, want %d", size, respSizes[index]) } index++ @@ -304,19 +304,21 @@ func (s *testServer) StreamingOutputCall(args *testpb.StreamingOutputCallRequest } func (s *testServer) StreamingInputCall(stream testpb.TestService_StreamingInputCallServer) error { - var sum int + var sum int32 for { in, err := stream.Recv() if errors.Is(err, io.EOF) { return stream.SendAndClose(&testpb.StreamingInputCallResponse{ - AggregatedPayloadSize: int32(sum), + AggregatedPayloadSize: sum, }) } if err != nil { return err } - p := in.GetPayload().GetBody() - sum += len(p) + n := len(in.GetPayload().GetBody()) + // This could overflow, but given this is a test and the negative value + // should be detectable this should be good enough. + sum += int32(n) // nolint: gosec } } From 23d7d3ab4b28b65e18c171a96129aa1db1f128ba Mon Sep 17 00:00:00 2001 From: Tyler Yahn Date: Thu, 22 Aug 2024 08:58:59 -0700 Subject: [PATCH 11/17] Fix lint in otelmacaron --- .../macaron.v1/otelmacaron/internal/semconvutil/netconv.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/instrumentation/gopkg.in/macaron.v1/otelmacaron/internal/semconvutil/netconv.go b/instrumentation/gopkg.in/macaron.v1/otelmacaron/internal/semconvutil/netconv.go index be9910c8601..eda4a8696dd 100644 --- a/instrumentation/gopkg.in/macaron.v1/otelmacaron/internal/semconvutil/netconv.go +++ b/instrumentation/gopkg.in/macaron.v1/otelmacaron/internal/semconvutil/netconv.go @@ -195,7 +195,7 @@ func splitHostPort(hostport string) (host string, port int) { if err != nil { return } - return host, int(p) + return host, int(p) // nolint: gosec // Bitsize checked to be 16 above. } func netProtocol(proto string) (name string, version string) { From 8686d946e2a1ea421d6afb8bc245e0e1937d3ba4 Mon Sep 17 00:00:00 2001 From: Tyler Yahn Date: Thu, 22 Aug 2024 08:59:12 -0700 Subject: [PATCH 12/17] Fix lint in host --- instrumentation/host/host.go | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/instrumentation/host/host.go b/instrumentation/host/host.go index 722134c2054..d97d960bf72 100644 --- a/instrumentation/host/host.go +++ b/instrumentation/host/host.go @@ -6,6 +6,7 @@ package host // import "go.opentelemetry.io/contrib/instrumentation/host" import ( "context" "fmt" + "math" "os" "sync" @@ -118,7 +119,11 @@ func (h *host) register() error { lock sync.Mutex ) - proc, err := process.NewProcess(int32(os.Getpid())) + pid := os.Getpid() + if pid > math.MaxInt32 || pid < math.MinInt32 { + return fmt.Errorf("invalid process ID: %d", pid) + } + proc, err := process.NewProcess(int32(pid)) // nolint: gosec // Overflow checked above. if err != nil { return fmt.Errorf("could not find this process: %w", err) } @@ -246,9 +251,9 @@ func (h *host) register() error { // Host memory usage opt = metric.WithAttributeSet(AttributeMemoryUsed) - o.ObserveInt64(hostMemoryUsage, int64(vmStats.Used), opt) + o.ObserveInt64(hostMemoryUsage, clampInt64(vmStats.Used), opt) opt = metric.WithAttributeSet(AttributeMemoryAvailable) - o.ObserveInt64(hostMemoryUsage, int64(vmStats.Available), opt) + o.ObserveInt64(hostMemoryUsage, clampInt64(vmStats.Available), opt) // Host memory utilization opt = metric.WithAttributeSet(AttributeMemoryUsed) @@ -262,9 +267,9 @@ func (h *host) register() error { // interface, with similar questions to those posed // about per-CPU measurements above. opt = metric.WithAttributeSet(AttributeNetworkTransmit) - o.ObserveInt64(networkIOUsage, int64(ioStats[0].BytesSent), opt) + o.ObserveInt64(networkIOUsage, clampInt64(ioStats[0].BytesSent), opt) opt = metric.WithAttributeSet(AttributeNetworkReceive) - o.ObserveInt64(networkIOUsage, int64(ioStats[0].BytesRecv), opt) + o.ObserveInt64(networkIOUsage, clampInt64(ioStats[0].BytesRecv), opt) return nil }, @@ -280,3 +285,10 @@ func (h *host) register() error { return nil } + +func clampInt64(v uint64) int64 { + if v > math.MaxInt64 { + return math.MaxInt64 + } + return int64(v) // nolint: gosec // Overflow checked. +} From 73b3ae2aa0e2ddd8dd0ee2e52865428734c3a4b1 Mon Sep 17 00:00:00 2001 From: Tyler Yahn Date: Thu, 22 Aug 2024 08:59:28 -0700 Subject: [PATCH 13/17] Fix lint in http inst --- .../httptrace/otelhttptrace/internal/semconvutil/netconv.go | 2 +- instrumentation/net/http/otelhttp/internal/semconv/util.go | 2 +- .../net/http/otelhttp/internal/semconvutil/netconv.go | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/instrumentation/net/http/httptrace/otelhttptrace/internal/semconvutil/netconv.go b/instrumentation/net/http/httptrace/otelhttptrace/internal/semconvutil/netconv.go index fc7e8474c72..45d8cba6710 100644 --- a/instrumentation/net/http/httptrace/otelhttptrace/internal/semconvutil/netconv.go +++ b/instrumentation/net/http/httptrace/otelhttptrace/internal/semconvutil/netconv.go @@ -195,7 +195,7 @@ func splitHostPort(hostport string) (host string, port int) { if err != nil { return } - return host, int(p) + return host, int(p) // nolint: gosec // Bitsize checked to be 16 above. } func netProtocol(proto string) (name string, version string) { diff --git a/instrumentation/net/http/otelhttp/internal/semconv/util.go b/instrumentation/net/http/otelhttp/internal/semconv/util.go index af862d1a7f0..e6e14924f57 100644 --- a/instrumentation/net/http/otelhttp/internal/semconv/util.go +++ b/instrumentation/net/http/otelhttp/internal/semconv/util.go @@ -50,7 +50,7 @@ func splitHostPort(hostport string) (host string, port int) { if err != nil { return } - return host, int(p) + return host, int(p) // nolint: gosec // Byte size checked 16 above. } func requiredHTTPPort(https bool, port int) int { // nolint:revive diff --git a/instrumentation/net/http/otelhttp/internal/semconvutil/netconv.go b/instrumentation/net/http/otelhttp/internal/semconvutil/netconv.go index a9a9226b39a..b80a1db61fa 100644 --- a/instrumentation/net/http/otelhttp/internal/semconvutil/netconv.go +++ b/instrumentation/net/http/otelhttp/internal/semconvutil/netconv.go @@ -195,7 +195,7 @@ func splitHostPort(hostport string) (host string, port int) { if err != nil { return } - return host, int(p) + return host, int(p) // nolint: gosec // Bitsize checked to be 16 above. } func netProtocol(proto string) (name string, version string) { From 560fdd2253902d8672940e43b25dbdebfcfb0d80 Mon Sep 17 00:00:00 2001 From: Tyler Yahn Date: Thu, 22 Aug 2024 08:59:41 -0700 Subject: [PATCH 14/17] Fix lint in runtime inst --- .../internal/deprecatedruntime/runtime.go | 40 +++++++++++++------ instrumentation/runtime/runtime.go | 6 ++- 2 files changed, 32 insertions(+), 14 deletions(-) diff --git a/instrumentation/runtime/internal/deprecatedruntime/runtime.go b/instrumentation/runtime/internal/deprecatedruntime/runtime.go index 487072e3bdc..86c7c9e34a7 100644 --- a/instrumentation/runtime/internal/deprecatedruntime/runtime.go +++ b/instrumentation/runtime/internal/deprecatedruntime/runtime.go @@ -5,6 +5,7 @@ package deprecatedruntime // import "go.opentelemetry.io/contrib/instrumentation import ( "context" + "math" goruntime "runtime" "sync" "time" @@ -203,16 +204,16 @@ func (r *runtime) registerMemStats() error { lastMemStats = now } - o.ObserveInt64(heapAlloc, int64(memStats.HeapAlloc)) - o.ObserveInt64(heapIdle, int64(memStats.HeapIdle)) - o.ObserveInt64(heapInuse, int64(memStats.HeapInuse)) - o.ObserveInt64(heapObjects, int64(memStats.HeapObjects)) - o.ObserveInt64(heapReleased, int64(memStats.HeapReleased)) - o.ObserveInt64(heapSys, int64(memStats.HeapSys)) - o.ObserveInt64(liveObjects, int64(memStats.Mallocs-memStats.Frees)) - o.ObserveInt64(ptrLookups, int64(memStats.Lookups)) + o.ObserveInt64(heapAlloc, clampUint64(memStats.HeapAlloc)) + o.ObserveInt64(heapIdle, clampUint64(memStats.HeapIdle)) + o.ObserveInt64(heapInuse, clampUint64(memStats.HeapInuse)) + o.ObserveInt64(heapObjects, clampUint64(memStats.HeapObjects)) + o.ObserveInt64(heapReleased, clampUint64(memStats.HeapReleased)) + o.ObserveInt64(heapSys, clampUint64(memStats.HeapSys)) + o.ObserveInt64(liveObjects, clampUint64(memStats.Mallocs-memStats.Frees)) + o.ObserveInt64(ptrLookups, clampUint64(memStats.Lookups)) o.ObserveInt64(gcCount, int64(memStats.NumGC)) - o.ObserveInt64(pauseTotalNs, int64(memStats.PauseTotalNs)) + o.ObserveInt64(pauseTotalNs, clampUint64(memStats.PauseTotalNs)) computeGCPauses(ctx, gcPauseNs, memStats.PauseNs[:], lastNumGC, memStats.NumGC) @@ -239,6 +240,13 @@ func (r *runtime) registerMemStats() error { return nil } +func clampUint64(v uint64) int64 { + if v > math.MaxInt64 { + return math.MaxInt64 + } + return int64(v) // nolint: gosec // Overflow checked above. +} + func computeGCPauses( ctx context.Context, recorder metric.Int64Histogram, @@ -257,10 +265,16 @@ func computeGCPauses( return } - length := uint32(len(circular)) + n := len(circular) + if n < 0 { + // Only the case in error situations. + return + } + + length := uint64(n) // nolint: gosec // n >= 0 - i := lastNumGC % length - j := currentNumGC % length + i := uint64(lastNumGC) % length + j := uint64(currentNumGC) % length if j < i { // wrap around the circular buffer recordGCPauses(ctx, recorder, circular[i:]) @@ -277,6 +291,6 @@ func recordGCPauses( pauses []uint64, ) { for _, pause := range pauses { - recorder.Record(ctx, int64(pause)) + recorder.Record(ctx, clampUint64(pause)) } } diff --git a/instrumentation/runtime/runtime.go b/instrumentation/runtime/runtime.go index be7911bb450..f50d1189579 100644 --- a/instrumentation/runtime/runtime.go +++ b/instrumentation/runtime/runtime.go @@ -218,7 +218,11 @@ func (g *goCollector) refresh() { func (g *goCollector) get(name string) int64 { if s, ok := g.sampleMap[name]; ok && s.Value.Kind() == metrics.KindUint64 { - return int64(s.Value.Uint64()) + v := s.Value.Uint64() + if v > math.MaxInt64 { + return math.MaxInt64 + } + return int64(v) // nolint: gosec // Overflow checked above. } return 0 } From a8d347b47ee03b054702dfba2642bbcba7d845c0 Mon Sep 17 00:00:00 2001 From: Tyler Yahn Date: Thu, 22 Aug 2024 08:59:56 -0700 Subject: [PATCH 15/17] Fix lint in tmpl --- internal/shared/semconvutil/netconv.go.tmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/shared/semconvutil/netconv.go.tmpl b/internal/shared/semconvutil/netconv.go.tmpl index 5d8ef05696b..45a96c34f78 100644 --- a/internal/shared/semconvutil/netconv.go.tmpl +++ b/internal/shared/semconvutil/netconv.go.tmpl @@ -195,7 +195,7 @@ func splitHostPort(hostport string) (host string, port int) { if err != nil { return } - return host, int(p) + return host, int(p) // nolint: gosec // Bitsize checked to be 16 above. } func netProtocol(proto string) (name string, version string) { From f90ddd3cfdea4fcabd30af0f2351319351860bab Mon Sep 17 00:00:00 2001 From: Tyler Yahn Date: Thu, 22 Aug 2024 09:00:09 -0700 Subject: [PATCH 16/17] Fix lint in samplers --- samplers/probability/consistent/base2.go | 12 ++++++------ samplers/probability/consistent/base2_test.go | 4 ++-- samplers/probability/consistent/sampler.go | 4 ++-- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/samplers/probability/consistent/base2.go b/samplers/probability/consistent/base2.go index d6e8a5b7045..d3c1a0f6019 100644 --- a/samplers/probability/consistent/base2.go +++ b/samplers/probability/consistent/base2.go @@ -14,13 +14,13 @@ const ( ) // expFromFloat64 returns floor(log2(x)). -func expFromFloat64(x float64) int { - return int((math.Float64bits(x)&offsetExponentMask)>>significandBits) - offsetExponentBias +func expFromFloat64(x float64) uint64 { + return (math.Float64bits(x)&offsetExponentMask)>>significandBits - offsetExponentBias } // expToFloat64 returns 2^x. -func expToFloat64(x int) float64 { - return math.Float64frombits(uint64(offsetExponentBias+x) << significandBits) +func expToFloat64(x uint64) float64 { + return math.Float64frombits((offsetExponentBias - x) << significandBits) } // splitProb returns the two values of log-adjusted-count nearest to p @@ -50,8 +50,8 @@ func splitProb(p float64) (uint8, uint8, float64) { // Return these to probability values and use linear // interpolation to compute the required probability of // choosing the low-probability Sampler. - lowP := expToFloat64(-low) - highP := expToFloat64(-high) + lowP := expToFloat64(low) + highP := expToFloat64(high) lowProb := (highP - p) / (highP - lowP) return uint8(low), uint8(high), lowProb diff --git a/samplers/probability/consistent/base2_test.go b/samplers/probability/consistent/base2_test.go index 4430c7eadd5..78faa3f18bf 100644 --- a/samplers/probability/consistent/base2_test.go +++ b/samplers/probability/consistent/base2_test.go @@ -12,8 +12,8 @@ import ( func TestSplitProb(t *testing.T) { require.Equal(t, -1, expFromFloat64(0.6)) require.Equal(t, -2, expFromFloat64(0.4)) - require.Equal(t, 0.5, expToFloat64(-1)) - require.Equal(t, 0.25, expToFloat64(-2)) + require.Equal(t, 0.5, expToFloat64(1)) + require.Equal(t, 0.25, expToFloat64(2)) for _, tc := range []struct { in float64 diff --git a/samplers/probability/consistent/sampler.go b/samplers/probability/consistent/sampler.go index 724160f6c82..b276b7869e1 100644 --- a/samplers/probability/consistent/sampler.go +++ b/samplers/probability/consistent/sampler.go @@ -161,8 +161,8 @@ func (cs *consistentProbabilityBased) ShouldSample(p sdktrace.SamplingParameters func (cs *consistentProbabilityBased) Description() string { var prob float64 if cs.lowLAC != pZeroValue { - prob = cs.lowProb * expToFloat64(-int(cs.lowLAC)) - prob += (1 - cs.lowProb) * expToFloat64(-int(cs.highLAC)) + prob = cs.lowProb * expToFloat64(uint64(cs.lowLAC)) + prob += (1 - cs.lowProb) * expToFloat64(uint64(cs.highLAC)) } return fmt.Sprintf("ProbabilityBased{%g}", prob) } From fd5d3000c21ac40f21921586780d6bd35d199454 Mon Sep 17 00:00:00 2001 From: Tyler Yahn Date: Thu, 22 Aug 2024 11:51:39 -0700 Subject: [PATCH 17/17] Revert samplers/consistent changes Instead, fix lint with guards and nolint comments. --- samplers/probability/consistent/base2.go | 28 +++++++++++++++---- samplers/probability/consistent/base2_test.go | 4 +-- samplers/probability/consistent/sampler.go | 4 +-- 3 files changed, 26 insertions(+), 10 deletions(-) diff --git a/samplers/probability/consistent/base2.go b/samplers/probability/consistent/base2.go index d3c1a0f6019..de39fa5f861 100644 --- a/samplers/probability/consistent/base2.go +++ b/samplers/probability/consistent/base2.go @@ -14,13 +14,29 @@ const ( ) // expFromFloat64 returns floor(log2(x)). -func expFromFloat64(x float64) uint64 { - return (math.Float64bits(x)&offsetExponentMask)>>significandBits - offsetExponentBias +func expFromFloat64(x float64) int { + biased := (math.Float64bits(x) & offsetExponentMask) >> significandBits + // The biased exponent can only be expressed with 11 bits (size (i.e. 64) - + // significant (i.e 52) - sign (i.e. 1)). Meaning the int conversion below + // is guaranteed to be lossless. + return int(biased) - offsetExponentBias // nolint: gosec // See above comment. } // expToFloat64 returns 2^x. -func expToFloat64(x uint64) float64 { - return math.Float64frombits((offsetExponentBias - x) << significandBits) +func expToFloat64(x int) float64 { + // The exponent field is an 11-bit unsigned integer from 0 to 2047, in + // biased form: an exponent value of 1023 represents the actual zero. + // Exponents range from -1022 to +1023 because exponents of -1023 (all 0s) + // and +1024 (all 1s) are reserved for special numbers. + const low, high = -1022, 1023 + if x < low { + x = low + } + if x > high { + x = high + } + biased := uint64(offsetExponentBias + x) // nolint: gosec // See comment and guard above. + return math.Float64frombits(biased << significandBits) } // splitProb returns the two values of log-adjusted-count nearest to p @@ -50,8 +66,8 @@ func splitProb(p float64) (uint8, uint8, float64) { // Return these to probability values and use linear // interpolation to compute the required probability of // choosing the low-probability Sampler. - lowP := expToFloat64(low) - highP := expToFloat64(high) + lowP := expToFloat64(-low) + highP := expToFloat64(-high) lowProb := (highP - p) / (highP - lowP) return uint8(low), uint8(high), lowProb diff --git a/samplers/probability/consistent/base2_test.go b/samplers/probability/consistent/base2_test.go index 78faa3f18bf..4430c7eadd5 100644 --- a/samplers/probability/consistent/base2_test.go +++ b/samplers/probability/consistent/base2_test.go @@ -12,8 +12,8 @@ import ( func TestSplitProb(t *testing.T) { require.Equal(t, -1, expFromFloat64(0.6)) require.Equal(t, -2, expFromFloat64(0.4)) - require.Equal(t, 0.5, expToFloat64(1)) - require.Equal(t, 0.25, expToFloat64(2)) + require.Equal(t, 0.5, expToFloat64(-1)) + require.Equal(t, 0.25, expToFloat64(-2)) for _, tc := range []struct { in float64 diff --git a/samplers/probability/consistent/sampler.go b/samplers/probability/consistent/sampler.go index b276b7869e1..3bac7ec12d4 100644 --- a/samplers/probability/consistent/sampler.go +++ b/samplers/probability/consistent/sampler.go @@ -161,8 +161,8 @@ func (cs *consistentProbabilityBased) ShouldSample(p sdktrace.SamplingParameters func (cs *consistentProbabilityBased) Description() string { var prob float64 if cs.lowLAC != pZeroValue { - prob = cs.lowProb * expToFloat64(uint64(cs.lowLAC)) - prob += (1 - cs.lowProb) * expToFloat64(uint64(cs.highLAC)) + prob = cs.lowProb * expToFloat64(-int(cs.lowLAC)) // nolint: gosec // https://github.com/securego/gosec/issues/1185 + prob += (1 - cs.lowProb) * expToFloat64(-int(cs.highLAC)) // nolint: gosec // https://github.com/securego/gosec/issues/1185 } return fmt.Sprintf("ProbabilityBased{%g}", prob) }