[LangRef] Do not allow free via synchronization in nofree (#195658)
The nofree attribute is currently specified to only forbid direct free
calls inside the function. A nofree function is still allowed to compel
a pointer to be freed by a different thread through synchronization.
This is currently only spelled out for the function-level nofree
attribute, but I assume the same semantics also hold for argument nofree
(and this matches how the Attributor implementation infers it).
The original motivation for this definition was to keep the attributes
orthogonal and independently inferable. However, the problem is that
nosync is a too strong condition: It excludes *any* synchronization, not
just synchronization that results in the free of a pointer.
Some frontends like Rust can guarantee that most pointer arguments
cannot be freed for the duration of a function call, including via
synchronization. However, they cannot guarantee that no synchronization
takes place at all. The current definition of nofree makes this
[16 lines not shown]
[clang] Don't optimize out no-op atomics in kernel mode (#193562)
The no-op atomics like InterlockedAnd(addr, (UINT32)-1) don't modify
the underlying value, however kernel code depends on these accesses
to touch the pool page virtual address and intentionally trigger a page
fault during page migration. This patch also fixes an LLVM issue where
idempotent volatile atomics were incorrectly lowered into memory fences.
libde265: updated to 1.1.0
1.1.0
Added de265_security_limits parameters to limit the maximum image size and memory that libde265 will use during decoding.
Security fixes
CVE TBD (GHSA-g2rg-wj66-w594) - Out-of-bounds write in process_reference_picture_set via predicted short-term RPS
CVE TBD (GHSA-vv8h-932h-7r86) - Heap buffer overflow in de265_image_get_buffer via SPS dimension integer overflow
CVE TBD (GHSA-g5hj-rf9f-7vxm) - Unbounded memory accumulation via orphaned slice headers in read_slice_NAL
(GHSA-x27c-jp65-g395) - Quadratic CPU consumption in NAL parser (remove_stuffing_bytes, resize)
[HLSL] Codegen for handling global resource array initialization (#198891)
When a global resource array is accessed - whether it is declared at a
global scope or as part of a global struct instance - all of its
resource elements should be initialized from binding into a temporary
local resource array. This change intercepts the Clang codegen at the
relevant places to allow `CGHLSLRuntime` handle this special global
resource array initialization.
Fixes #187087
Fixes #198888
[AMDGPU] Remove redundant s_wait_xcnt after implicit XCNT drains (#198823)
On gfx1250 several instructions implicitly drain XCNT in hardware:
`s_barrier_wait`/`signal`/`signal_isfirst`, `s_sendmsg`, PC-changes etc.
This patch will remove redundant `s_wait_xcnt` after implicit XCNT
drains.
Pre-commit tests on #198772
Fix: LCOMPILER-1665
In rde_attr_missing() make sure the nexthop attribute is present if there
is any nlri data. In rde_as4byte_fixup() only run if ATTR_ASPATH is present.
Depending the nexthop attribute on MP_REACH is not correct since and UPDATE
can in theory carry both MP_REACH nlri and old school IPv4 nlri.
rde_as4byte_fixup() should only fixup paths that have
- ATTR_AS4_AGGREGATOR or ATTR_AS4_PATH present
- ATTR_ASPATH must be present as well
- no parse error (F_ATTR_PARSE_ERR)
The rde_as4byte_fixup() is entered all the time even for path that only
contain an ATTR_MP_UNREACH (which then could also include an ATTR_AS4_PATH
but no ATTR_ASPATH).
Reported by 7Asecurity
OK tb@