diff --git a/backport-0013-cmd-compile-handle-constant-pointer-offsets.patch b/backport-0013-cmd-compile-handle-constant-pointer-offsets.patch
new file mode 100644
index 0000000000000000000000000000000000000000..c60cbc9d53671f533338c708dbce7216d1273e2c
--- /dev/null
+++ b/backport-0013-cmd-compile-handle-constant-pointer-offsets.patch
@@ -0,0 +1,148 @@
+From 41960449791d51556cf189af684a0ac07b483e48 Mon Sep 17 00:00:00 2001
+From: Keith Randall <khr@google.com>
+Date: Mon, 15 Jul 2024 09:38:05 +0800
+Subject: [PATCH] =?UTF-8?q?cmd/compile:=20handle=20constant=20pointer=20of?=
+ =?UTF-8?q?fsets=20=E2=80=A6in=20dead=20store=20elimination?=
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Update #63743
+
+Change-Id: I163c6038c13d974dc0ca9f02144472bc05331826
+Reviewed-on: https://go-review.googlesource.com/c/go/+/538595
+LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
+Reviewed-by: David Chase <drchase@google.com>
+Reviewed-by: Keith Randall <khr@google.com>
+(cherry picked from commit 43b57b8)
+Reviewed-on: https://go-review.googlesource.com/c/go/+/538857
+Auto-Submit: Heschi Kreinick <heschi@google.com>
+Reviewed-by: Heschi Kreinick <heschi@google.com>
+---
+ src/cmd/compile/internal/ssa/deadstore.go | 65 ++++++++++++++++++++---
+ src/cmd/compile/internal/ssa/rewrite.go   |  6 +++
+ 2 files changed, 63 insertions(+), 8 deletions(-)
+
+diff --git a/src/cmd/compile/internal/ssa/deadstore.go b/src/cmd/compile/internal/ssa/deadstore.go
+index 648b68a..cdcb66d 100644
+--- a/src/cmd/compile/internal/ssa/deadstore.go
++++ b/src/cmd/compile/internal/ssa/deadstore.go
+@@ -73,9 +73,9 @@ func dse(f *Func) {
+ 		}
+ 
+ 		// Walk backwards looking for dead stores. Keep track of shadowed addresses.
+-		// A "shadowed address" is a pointer and a size describing a memory region that
+-		// is known to be written. We keep track of shadowed addresses in the shadowed
+-		// map, mapping the ID of the address to the size of the shadowed region.
++		// A "shadowed address" is a pointer, offset, and size describing a memory region that
++		// is known to be written. We keep track of shadowed addresses in the shadowed map,
++		// mapping the ID of the address to a shadowRange where future writes will happen.
+ 		// Since we're walking backwards, writes to a shadowed region are useless,
+ 		// as they will be immediately overwritten.
+ 		shadowed.clear()
+@@ -88,13 +88,20 @@ func dse(f *Func) {
+ 			shadowed.clear()
+ 		}
+ 		if v.Op == OpStore || v.Op == OpZero {
++			ptr := v.Args[0]
++			var off int64
++			for ptr.Op == OpOffPtr { // Walk to base pointer
++				off += ptr.AuxInt
++				ptr = ptr.Args[0]
++			}
+ 			var sz int64
+ 			if v.Op == OpStore {
+ 				sz = v.Aux.(*types.Type).Size()
+ 			} else { // OpZero
+ 				sz = v.AuxInt
+ 			}
+-			if shadowedSize := int64(shadowed.get(v.Args[0].ID)); shadowedSize != -1 && shadowedSize >= sz {
++			sr := shadowRange(shadowed.get(ptr.ID))
++			if sr.contains(off, off+sz) {
+ 				// Modify the store/zero into a copy of the memory state,
+ 				// effectively eliding the store operation.
+ 				if v.Op == OpStore {
+@@ -108,10 +115,8 @@ func dse(f *Func) {
+ 				v.AuxInt = 0
+ 				v.Op = OpCopy
+ 			} else {
+-				if sz > 0x7fffffff { // work around sparseMap's int32 value type
+-					sz = 0x7fffffff
+-				}
+-				shadowed.set(v.Args[0].ID, int32(sz))
++				// Extend shadowed region.
++				shadowed.set(ptr.ID, int32(sr.merge(off, off+sz)))
+ 			}
+ 		}
+ 		// walk to previous store
+@@ -131,6 +136,50 @@ func dse(f *Func) {
+ 	}
+ }
+ 
++// A shadowRange encodes a set of byte offsets [lo():hi()] from
++// a given pointer that will be written to later in the block.
++// A zero shadowRange encodes an empty shadowed range (and so
++// does a -1 shadowRange, which is what sparsemap.get returns
++// on a failed lookup).
++type shadowRange int32
++
++func (sr shadowRange) lo() int64 {
++	return int64(sr & 0xffff)
++}
++func (sr shadowRange) hi() int64 {
++	return int64((sr >> 16) & 0xffff)
++}
++
++// contains reports whether [lo:hi] is completely within sr.
++func (sr shadowRange) contains(lo, hi int64) bool {
++	return lo >= sr.lo() && hi <= sr.hi()
++}
++
++// merge returns the union of sr and [lo:hi].
++// merge is allowed to return something smaller than the union.
++func (sr shadowRange) merge(lo, hi int64) shadowRange {
++	if lo < 0 || hi > 0xffff {
++		// Ignore offsets that are too large or small.
++		return sr
++	}
++	if sr.lo() == sr.hi() {
++		// Old range is empty - use new one.
++		return shadowRange(lo + hi<<16)
++	}
++	if hi < sr.lo() || lo > sr.hi() {
++		// The two regions don't overlap or abut, so we would
++		// have to keep track of multiple disjoint ranges.
++		// Because we can only keep one, keep the larger one.
++		if sr.hi()-sr.lo() >= hi-lo {
++			return sr
++		}
++		return shadowRange(lo + hi<<16)
++	}
++	// Regions overlap or abut - compute the union.
++	return shadowRange(min(lo, sr.lo()) + max(hi, sr.hi())<<16)
++}
++
++
+ // elimDeadAutosGeneric deletes autos that are never accessed. To achieve this
+ // we track the operations that the address of each auto reaches and if it only
+ // reaches stores then we delete all the stores. The other operations will then
+diff --git a/src/cmd/compile/internal/ssa/rewrite.go b/src/cmd/compile/internal/ssa/rewrite.go
+index 43843bd..5c7ed16 100644
+--- a/src/cmd/compile/internal/ssa/rewrite.go
++++ b/src/cmd/compile/internal/ssa/rewrite.go
+@@ -1183,6 +1183,12 @@ func min(x, y int64) int64 {
+ 	}
+ 	return y
+ }
++func max(x, y int64) int64 {
++	if x > y {
++		return x
++	}
++	return y
++}
+ 
+ func isConstZero(v *Value) bool {
+ 	switch v.Op {
+-- 
+2.27.0
+
diff --git a/golang.spec b/golang.spec
index e88e3e18dde51d5cd50504ab3bf0e320bee08b3e..7d2159bedadd8d3a1186eba0fd751a3ee92304ae 100644
--- a/golang.spec
+++ b/golang.spec
@@ -66,7 +66,7 @@
 
 Name:           golang
 Version:        1.21.4
-Release:        14
+Release:        15
 Summary:        The Go Programming Language
 License:        BSD and Public Domain
 URL:            https://golang.org/
@@ -132,6 +132,7 @@ Patch6009:	backport-0009-Backport-cmd-go-internal-vcs-error-out-if-the-reques.pa
 Patch6010:	backport-0010-release-branch.go1.21-net-http-limit-chunked-data-ov.patch
 Patch6011:	backport-0011-Backport-archive-zip-treat-truncated-EOCDR-comment-a.patch
 Patch6012:	backport-0012-net-http-send-body-or-close-connection-on-expect-100.patch
+Patch6013:  	backport-0013-cmd-compile-handle-constant-pointer-offsets.patch
 
 ExclusiveArch:  %{golang_arches}
 
@@ -370,6 +371,9 @@ fi
 %files devel -f go-tests.list -f go-misc.list -f go-src.list
 
 %changelog
+* Mon Jul 15 2024 dfh <dufuhang@kylinos.cn> - 1.21.4-15
+- cmd compile handle constant pointer offsets
+
 * Wed Jul 03 2024 kywqs <weiqingsong@kylinos.cn.com> - 1.21.4-14
 - fix CVE-2024-24791