security/zeek: security/zeek: Update to 8.0.5
https://github.com/zeek/zeek/releases/tag/v8.0.5
This release fixes the following bugs:
- The to_subnet() built-in function's parsing of IPv6 subnets was
changed to align with how IPv6 subnet literals are parsed in
Zeek scripts.
- Zeek now reports a better error message when a table constructor
is called without square brackets around the keys.
- ssl.log will now correctly report certificate fingerprints when
a protocol error is encountered after certificates are passed,
but before the connection is logged.
- An unbounded growth issue was fixed with Zeek's internal regex
engine, which caused excessive memory usage when constructing
[16 lines not shown]
[flang] Add missing module file hashes (#175636)
The compiler emits "!need$" lines to module files only for modules
needed by the module's outermost scope, but misses dependences on other
modules that might be USE'd in inner scopes.
Fixes https://github.com/llvm/llvm-project/issues/175611.
[flang] Fix spurious NaN result from infinite Kahan summation (#175373)
There are six instances of Kahan's extended precision summation
algorithm in flang/flang-rt, and they share a bug: the calculation of
the correction value produces a Nan due to the subtraction Inf-Inf after
the accumulation saturates to Inf. This leads to the surprising Nan
result from SUM([Inf, 0.]).
This bug doesn't affect run-time calculation of SUM when optimization is
enabled -- lowering emits an open-coded SUM that lacks Kahan summation
-- but it does affect compilation-time folding and -O0 runtime results.
Fix the one instance of Kahan summation in the runtime, and consolidate
the other five instances in Evaluate into one new member function, also
corrected.
Fixes https://github.com/llvm/llvm-project/issues/89528.
[flang] Handle useless NAMELIST in interface block (#175214)
NAMELIST has no useful purpose in an interface block, but it's allowed.
Fix a crash due to our deferred handling of NAMELIST groups in the
execution part (which doesn't exist in an interface block).
Fixes https://github.com/llvm/llvm-project/issues/175207.
[flang][NFC] Document that the integrity of parentheses is not violated (#175071)
Add language to flang/docs/Extensions.md to explain why "A+(B*C)" must
round the result of the multiplication, when REAL and the -ffast-math
option is not used.
[llvm][flang] Silence warning, resume -Werror builds of flang (#175053)
Add (void) uses of two parameters to dodge a C++ compiler warning that
has broken -Werror builds of flang since 9-28-25, and restore that
option as the default for flang builds.
[lldb][TypeSystem] Call Type::isIntegralType from TypeSystemClang::IsIntegerType (#175669)
Instead of re-implementing `Type::isIntegralType`, call it explicitly.
This means we get support for `BitIntType` out-of-the-box.
We don't use `IsIntegerType` here because we want to abide by the
language-specific notions of an integer type (which differ between C++
and C).
The slight behaviour change here is that `IsIntegerType` will now treat
complete enumerations as integers in C. This is correct according to the
C standard.
Ninja is very persistent in picking up undeclared dependencies during
package build. For now force-remove the html documentation, until we
find out where exactly that can be disabled during the configuration
phase.
[CIR] Implement simple folding for unary operations (#174882)
This extends the UnaryOp folder to handle plus, minus, and not
operations on constant operands.
This is in preparation for a change that will attempt to fold these
unary operations as they are generated, but this change only performs
the folding via the cir-canonicalize pass.
[llvm][RISCV] Suppress unused `IsMulH` warning. (#175653)
Introduced in commit d28daddd. `IsMulH` is only used in assert(), and
triggers unused variable warnings in non-debug builds.
[X86][NewPM] Port x86-pre-tile-config (#175649)
Standard pass porting. Used callbacks to get MLI so we do not compute it
in the common case where we have no AMX registers. Also moved the call
to releaseMemory into runOnMachineFunction through a scope exit rather
than calling it through the pass manager so we can get consistent
behavior across both PMs. No test coverage added in this one as we also
need x86-tile-config to be able to run any tests.
[SystemZ][z/OS] Handle labels for parts
Global data is emitted into parts, which are modelled as a MCSection.
A label (symbol of type LD) is not allowed in a part, which requires
special handling. The approach is to not emit the label at all, and
using the part symbol in relocations.
png: update to 1.6.54.
Changes from version 1.6.53 to version 1.6.54
---------------------------------------------
* Fixed CVE-2026-22695 (medium severity):
Heap buffer over-read in `png_image_read_direct_scaled.
(Reported and fixed by Petr Simecek.)
* Fixed CVE-2026-22801 (medium severity):
Integer truncation causing heap buffer over-read in `png_image_write_*`.
* Implemented various improvements in oss-fuzz.
(Contributed by Philippe Antoine.)
[AMDGPU] Limit allocation of lo128 registers for occupancy
Parent change allows allocation of lo128 VGPRs from all 4 banks.
That may result in the undesired allocation leaving a hole of
maximum 128 registers in case if for example v0-v127 are allocated,
and v128-v255 are free.
Limit the available allocation order to the occupancy. Both hard
occupancy limits and occupancy achieved during scheduling are
considered. That is better to spill a register than to drop occupancy
in this case.
[AMDGPU] Allow allocation of lo128 registers from all banks
We can encode 16-bit operands in a short form for VGPRs [0..127].
When we have 1K registers available we can in fact allocate 4
times more from all 4 banks. That, however, requires an allocatable
class for these operands. When for most of the instructions it will
result in the VOP3 longer form, for V_FMAAMK/FMADAK_F16 it will
simply prohibit the encoding because these do not have VOP3 forms.
A straight forward solution would be to create a register class
with all registers having bit 8 of the encoding zero, i.e. to
create a register class with holes punched in it: [0-127, 256-383,
512-639, 768-895]. LLVM, however, does not like register classes
with punched holes when they also have subregisters. The cross-
product of all classes explodes and some combinations of a 'class
having a common subreg with another' becomeing impossible. Just
doing so explodes our register info to 4+Gb, uncompilable too.
The solution proposed is to define _lo128 RC with contigous 896
[17 lines not shown]
[lldb][TypeSystemClang] Simplify TypeSystemClang::IsEnumerationType implementation (#175560)
We were calling into `IsIntegerType` to determine the signedness of the
enum. Calling the relevant `clang::Type` API is simpler.
This shouldn't have any observable behaviour change.
We were lacking unit-test coverage for this. Added some tests that pass
before and after this change.
databases/py-dbt-core: chase update to py-pathspec
Remove upper version limit on py-pathspec dependency now that
py-pathspec has reached version 1.0.2
PR: 292268
Approved by: Pat Maddox (maintainer)
[X86][NewPM] Port x86-tile-config (#175647)
Standard porting. Use callbacks to get the needed analyses to make the
pass portable between Legacy/New PMs and to prevent computing anything
if we do not have any AMX registers in the function. No test coverage
for now as amx-greedy-ra.ll is the only test that references this pass
and needs pass pipeline setup in order to work which I plan on getting
to this week.
