FreeBSD/src 7f5fa76sys/cddl/contrib/opensolaris/uts/common/dtrace dtrace.c

dtrace: Fix DOF section-specific validation

The entry size of the probe section is assumed to be at least
sizeof(dof_probe_t) by the loop further below.

enoff_sec->dofs_entsize was not being validated at all.

When multiplying an index by a table entry size, make sure the
multiplication can't overflow.

Fix an off-by-one when validating the translated probe argument array.

Make sure that the probe argument argvs are valid string offsets
even if the argument count is zero.

Reviewed by:    christos
MFC after:      2 weeks
Sponsored by:   CHERI Research Centre
Differential Revision:  https://reviews.freebsd.org/D57979
DeltaFile
+23-7sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c
+23-71 files

FreeBSD/src b56b601sys/cddl/contrib/opensolaris/uts/common/dtrace dtrace.c

dtrace: Improve DOF string table validation

The check for a nul terminator implicitly assumes that the section size
is positive.  Make the assumption explicit.

Reviewed by:    christos
MFC after:      2 weeks
Sponsored by:   CHERI Research Centre
Differential Revision:  https://reviews.freebsd.org/D57977
DeltaFile
+3-2sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c
+3-21 files

FreeBSD/src 8dc98f4sys/cddl/contrib/opensolaris/uts/common/dtrace dtrace.c

dtrace: Fix DOF section bounds validation

We must ensure that each DOF section does not overlap with the DOF
header or section table.  Otherwise the relocations processed in the
second pass over sections can manipulate DOF metadata, leading to OOB
writes.

Reviewed by:    christos
MFC after:      2 weeks
Sponsored by:   CHERI Research Centre
Differential Revision:  https://reviews.freebsd.org/D57976
DeltaFile
+12-0sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c
+12-01 files

FreeBSD/src c1b6ebcsys/cddl/contrib/opensolaris/uts/common/dtrace dtrace.c

dtrace: Improve DOF section size validation

The loop which validates each DOF section assumes that the section
header is present, so the section size must be at least as large as the
header, otherwise a small OOB access is possible.

Reviewed by:    christos
MFC after:      2 weeks
Sponsored by:   CHERI Research Centre
Differential Revision:  https://reviews.freebsd.org/D57975
DeltaFile
+2-2sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c
+2-21 files

FreeBSD/src a8f5e24contrib/ee ee.c

ee: Handle EINTR when waiting for a character

Otherwise one can't easily attach gdb to ee.

Reviewed by:    bapt
MFC after:      2 weeks
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D57997
DeltaFile
+4-0contrib/ee/ee.c
+4-01 files

FreeBSD/src 705a88acontrib/ee ee.c

ee: Improve handling of malformed UTF-8 characters

In delete(), when copying the deleted character to the d_char buffer,
don't assume that it fits.  utf8_prev() may return a sequence of more
than 5 bytes.

In insert_utf8(), fix the copy-up of the line.  We extended the line by
"len" bytes, so "temp" has to be repositioned accordingly.  Compare with
plain insert().

Use sizeof when copying to buffers instead of hard-coding buffer sizes.

Don't dynamically allocate d_char, there is no need.

Fixes:          62fba0054d9e ("ee: add unicode support")
Reported by:    Sayono Hiragi (overflow in delete())
Reviewed by:    bapt
MFC after:      2 weeks
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D57996
DeltaFile
+16-15contrib/ee/ee.c
+16-151 files

FreeBSD/src 38dd686sys/kern kern_jaildesc.c

jaildesc: Publish the new fd only after the jaildesc is initialized

jaildesc_alloc() finishes initializing the file structure only after it
is made visible from the file descriptor table via finit().  In that
window, other threads could try to perform operations on the descriptor
and thus access an incompletely initialized jaildesc.

Defer the finit() call until locks are initialized.  While here,
simplify the error path for falloc_caps().

Reported by:    Yuxiang Yang, Yizhou Zhao, Ao Wang, Xuewei Feng, Qi Li,
                and Ke Xu from Tsinghua University using GLM-5.2 from Z.ai
Reviewed by:    jamie
MFC after:      1 week
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D58049
DeltaFile
+4-6sys/kern/kern_jaildesc.c
+4-61 files

FreeBSD/src 92dfe30lib/libsys inotify.2

inotify.2: Fix formatting and lint

MFC after:      1 week
DeltaFile
+8-8lib/libsys/inotify.2
+8-81 files

FreeBSD/src b70997csys/kern vfs_inotify.c, tests/sys/kern inotify_test.c

inotify: Unconditionally generate IN_IGNORED events for files/dirs

The implementation previously only generated an IN_IGNORED event for a
deleted watched file if the watch explicitly requested IN_DELETE_SELF.
This is not correct, IN_IGNORED should always be raised when the watched
subject is deleted.  Adjust the implementation of inotify_log_one()
accordingly.

This also fixes a problem where a deleted watched file's watch
would not be removed if IN_DELETE_SELF was not in the watch's event
mask, in which case the unlinked vnode would linger until the inotify
descriptor itself is closed.

Add a regression test.

Reported by:    jrtc27
Reviewed by:    jrtc27
MFC after:      1 week
Differential Revision:  https://reviews.freebsd.org/D58050
DeltaFile
+23-12sys/kern/vfs_inotify.c
+24-0tests/sys/kern/inotify_test.c
+47-122 files

FreeBSD/src 4805b88lib/libc/resolv res_init.c

libc/resolv: Dead code and style cleanup

Reviewed by:    markj
Differential Revision:  https://reviews.freebsd.org/D57928
DeltaFile
+17-42lib/libc/resolv/res_init.c
+17-421 files

FreeBSD/src 3f15998include resolv.h

resolv.h: Remove unused parts

Reviewed by:    markj
Differential Revision:  https://reviews.freebsd.org/D57927
DeltaFile
+0-49include/resolv.h
+0-491 files

FreeBSD/src 60827d7lib/libc/resolv res_init.c, share/man/man5 resolver.5

libc/resolv: Add no-debug and no-rotate options

These are simply the reverse of the debug and rotate options.

Reviewed by:    markj
Differential Revision:  https://reviews.freebsd.org/D57926
DeltaFile
+12-0share/man/man5/resolver.5
+4-0lib/libc/resolv/res_init.c
+16-02 files

FreeBSD/src fbe0257lib/libc/resolv res_init.c Makefile.inc, share/man/man5 resolver.5

libc/resolv: Reimplement the sortlist parser

When we switched from the BIND4 resolver to the BIND9 resolver, the
sortlist parser was inadvertently disabled due to a missing #define, and
nobody seemed to notice.  The sorting code remained enabled in the
resolver, but there was no way to set a sort order.

Reimplement the sortlist parser, but correctly, and update the manual
accordingly.  The new parser accepts IPv4 and IPv6 addresses with or
without a mask or prefix length, just like the old one, except IPv6
support was a bit wonky in the original code.

Fixes:          5342d17f09a8 ("Update the resolver in libc to BIND9's one.")
Relnotes:       yes
Reviewed by:    markj
Differential Revision:  https://reviews.freebsd.org/D57925
DeltaFile
+136-110lib/libc/resolv/res_init.c
+23-13share/man/man5/resolver.5
+1-0lib/libc/resolv/Makefile.inc
+160-1233 files

FreeBSD/src ffeb569lib/libc/resolv res_init.c

libc/resolv: Refactor the configuration parser

This was previously all a single loop in res_init(), apart from option
parsing which we cleaned up in a previous commit.  Break it out into
separate functions for reading the configuration line by line, setting
the default domain, setting the search list, and adding a nameserver
to the nameserver list.  Sprinkle bounds checks and code comments all
around.

The sortlist code, which has been disabled for the past 20 years, will
be dealt with in a separate commit.

MFC after:      1 week
Reviewed by:    markj
Differential Revision:  https://reviews.freebsd.org/D57924
DeltaFile
+381-268lib/libc/resolv/res_init.c
+381-2681 files

FreeBSD/src 9bfdfeclib/libc/resolv res_init.c

libc/resolv: Refactor the option parser

Start the loop by finding the end of the option name, the name-value
separator (if any), and the end of the option.  Use those pointers to
simplify matching the option name and parsing the option value, and
validate option names and values more strictly.  This means that:

* We no longer accept trailing garbage in an option name or value.  For
  instance, we would previously interpret “edns0123” as “edns0” and
  “timeout:3xyz” as “timeout:3”.  This was actually quite lucky because
  we also failed to recognize the newline at the end of the option line
  as a whitespace character.

* For options that take a numerical argument, we would previously accept
  negative values and treat non-numerical arguments as 0, while large
  numerical arguments would be capped to the option's maximum permitted
  value.  Now, any failure to parse the argument, including overflow,
  results in the option being left unchanged.


    [4 lines not shown]
DeltaFile
+106-90lib/libc/resolv/res_init.c
+106-901 files

FreeBSD/src aba9ffflib/libc/nameser ns_parse.c, lib/libc/resolv res_init.c res_comp.c

libc/resolv: Drop Solaris 2 compatibility

MFC after:      1 week
Reviewed by:    kevans, markj
Differential Revision:  https://reviews.freebsd.org/D57922
DeltaFile
+0-42lib/libc/resolv/res_init.c
+0-11lib/libc/resolv/res_comp.c
+0-5lib/libc/nameser/ns_parse.c
+0-583 files

FreeBSD/src 4319e4bshare/man/man5 resolver.5

resolver(5): Overhaul

* Modernize the markup

* Describe the comment syntax

* Drop obsolete advice

* Capitalize sentences

* Improve the language

* Replace no_tld_query with no-tld-query; both are supported, but all the
  other multi-word options use hyphens rather than underscores.

* Add missing ENVIRONMENT section

* Redo the example


    [3 lines not shown]
DeltaFile
+116-111share/man/man5/resolver.5
+116-1111 files

FreeBSD/src 24576c3sys/dev/sound/pcm dsp.c channel.c

sound: track kqueue low watermark per-knote for mmaped channels

Use kn->kn_sdata to track the last bs->total value for each knote
attached to an mmaped channel. An event is delivered only when the total
byte counter has advanced by at least c->lw since the last delivery.
After delivery kn_sdata is updated to the current total.

Each knote tracks its own watermark independently, so multiple knotes
attached to the same mmaped channel all receive events correctly.

Non-mmap channels keep the existing level-triggered behavior via
chn_polltrigger().

MFC after:      1 week
Reviewed by:    christos
Differential Revision:  https://reviews.freebsd.org/D57833
DeltaFile
+13-1sys/dev/sound/pcm/dsp.c
+9-5sys/dev/sound/pcm/channel.c
+1-1sys/dev/sound/pcm/channel.h
+23-73 files

FreeBSD/ports 4c312d7cad/ifcopenshell Makefile

cad/ifcopenshell: fix with Python-3.12

Remark: I have a WIP to get rid of OpenCascade 740 and make IfcOpenShell
work with OCCT-8.0.
DeltaFile
+3-2cad/ifcopenshell/Makefile
+3-21 files

FreeBSD/ports a206047net-mgmt/uptime-kuma Makefile pkg-message, net-mgmt/uptime-kuma/files uptimekuma.in patch-server_uptime-kuma-server.js

net-mgmt/uptime-kuma: new port - easy self-hosted monitoring

To save unnecessary space, substantial pruning of npm detritus was done.
Please report any errors and issues via the usual channels.

Sponsored by:   SkunkWerks, GmbH
Differential Revision:  https://reviews.freebsd.org/D57369
DeltaFile
+248-0net-mgmt/uptime-kuma/Makefile
+75-0net-mgmt/uptime-kuma/files/uptimekuma.in
+18-0net-mgmt/uptime-kuma/pkg-message
+18-0net-mgmt/uptime-kuma/files/patch-server_uptime-kuma-server.js
+16-0net-mgmt/uptime-kuma/pkg-descr
+7-0net-mgmt/uptime-kuma/distinfo
+382-01 files not shown
+383-07 files

FreeBSD/ports 2558907www/py-http-parser Makefile, www/py-http-parser/files extra-patch-python312

www/py-http-parser: fix build with python3.12
DeltaFile
+26-0www/py-http-parser/files/extra-patch-python312
+7-1www/py-http-parser/Makefile
+33-12 files

FreeBSD/ports 76395a0devel/objfw pkg-plist distinfo

devel/objfw: Update 1.4.1 => 1.5.7

Commit log:
https://git.nil.im/ObjFW/ObjFW/compare/1.4.1-release...1.5.7-release

PR:             296526
Approved by:    osa, vvd (Mentors, implicit)
MFH:            2026Q2

(cherry picked from commit 62835f0853d15875214a299c049dc8a2d9a4ac1b)
DeltaFile
+68-10devel/objfw/pkg-plist
+3-3devel/objfw/distinfo
+1-1devel/objfw/Makefile
+72-143 files

FreeBSD/ports 62835f0devel/objfw pkg-plist distinfo

devel/objfw: Update 1.4.1 => 1.5.7

Commit log:
https://git.nil.im/ObjFW/ObjFW/compare/1.4.1-release...1.5.7-release

PR:             296526
Approved by:    osa, vvd (Mentors, implicit)
MFH:            2026Q2
DeltaFile
+68-10devel/objfw/pkg-plist
+3-3devel/objfw/distinfo
+1-1devel/objfw/Makefile
+72-143 files

FreeBSD/src b125b73sys/ofed/drivers/infiniband/core ib_sysfs.c

ibcore: Fix GID sysctl fallback formatting

When a GID table entry is empty or not yet present in the cache,
show_port_gid() falls back to printing a zero GID.  Use the existing
GID_PRINT_FMT/GID_PRINT_ARGS helpers instead of Linux's %pI6 format,
which FreeBSD printf treats as a pointer followed by "I6".
This makes empty GID sysctl entries consistently report
0000:0000:0000:0000:0000:0000:0000:0000.

Tested by:      Wafa Hamzah <wafah at nvidia.com> (mlx5_ib)
Reviewed by:    jhb, kib
Sponsored by:   NVIDIA Networking
Fixes:  6a75471dbcf0 ("OFED: Various changes from Linux 4.19")
Differential Revision:  https://reviews.freebsd.org/D58042
DeltaFile
+1-1sys/ofed/drivers/infiniband/core/ib_sysfs.c
+1-11 files

FreeBSD/ports f0211e1net/rsync Makefile, net/rsync/files extra-patch-file-flags.diff extrapatch-main.c

net/rsync: Add back the FLAGS option

This restores support for copying file flags and fixes a long-standing
peeve of mine by renaming the command-line option to --file-flags,
better matching the naming style of other rsync options.  Full backward
compatibility is maintained, including with older servers.

Reviewed by:    rodrigo
Differential Revision:  https://reviews.freebsd.org/D57645
DeltaFile
+1,382-0net/rsync/files/extra-patch-file-flags.diff
+0-10net/rsync/files/extrapatch-main.c
+4-4net/rsync/Makefile
+1,386-143 files

FreeBSD/ports c85402bdevel/pecl-msgpack Makefile

devel/pecl-msgpack: reinstate IGNORE_WITH_PHP=86

Dependency devel/pecl-APCu is not yet available for php86.
Please make sure you test the port in the php86 flavour before
reenabling the option.

Fixes:          4390d463875b81a5948541e3b27275d30aad54e2
Approved by:    portmgr (build fix blanket)
DeltaFile
+1-0devel/pecl-msgpack/Makefile
+1-01 files

FreeBSD/ports 712a103sysutils/podman Makefile

sysutils/podman: Fix build by blocking fetching newer go over network

Go insists on trying to download a newer toolchain, as the default is currently 1.24,
and this version of podman requires 1.25 or newer. The MAKE_ENV flag is described
here in nauseating detail https://go.dev/doc/toolchain .
DeltaFile
+2-1sysutils/podman/Makefile
+2-11 files

FreeBSD/ports d5c7abdnet/amqpcat Makefile

net/amqpcat: Bump PORTREVISION after lang/crystal

Sponsored by:       SkunkWerks, GmbH
DeltaFile
+1-1net/amqpcat/Makefile
+1-11 files

FreeBSD/ports 0bcd1abnet/lavinmq Makefile distinfo, net/lavinmq/files lavinmq.in

net/lavinmq: update to 2.9.1

- https://github.com/cloudamqp/lavinmq/blob/v2.9.1/CHANGELOG.md
- Drop surplus JavaScript libraries

Sponsored by:   SkunkWerks, GmbH
DeltaFile
+29-18net/lavinmq/Makefile
+11-17net/lavinmq/distinfo
+1-1net/lavinmq/files/lavinmq.in
+41-363 files

FreeBSD/ports 8ab3344lang/crystal pkg-plist distinfo

lang/crystal: update to 1.20.2

ChangeLog:      https://crystal-lang.org/2026/04/16/1.20.0-released/
Sponsored by:   SkunkWerks, GmbH
DeltaFile
+817-0lang/crystal/pkg-plist
+3-3lang/crystal/distinfo
+1-1lang/crystal/Makefile
+821-43 files