boot.environment: replace zectl with the truenas_bootenv engine
The typesafe boot_environment plugin now calls the engine from the
truenas_pylibzfs truenas_bootenv package on the middleware
thread-local libzfs handle instead of shelling out to zectl. Mutations
serialize under an asyncio lock, the boot menu regenerates through
etc.generate('grub') behind a truenas:grub_pending marker that setup()
reconciles after a crash, activate rolls bootfs back when the menu
cannot be written, and the pool is synced afterwards so the menu
change is crash durable.
Re-activating the activated boot environment is allowed again as the
retry path after a failed menu regeneration; the api2 test asserting
the old rejection now asserts the retry succeeds. can_activate treats
a missing truenas:kernel_version as not activatable instead of only
the literal dash. The boot-time dataset promotion uses the engine
instead of parsing zfs list -j output.
[SSAF][NFC] Rename operator new/delete pointers analysis to pinned pointers
Other pointer entities, such as the pointer parameters of the main
function, must also retain their type during the clang-reforge
transformation. Since they are extracted and processed similarly,
combining them into a single analysis simplifies maintenance.
[HLSL] Reject unbounded resource array and noinline function resource parameters (#208111)
Fixes #180808.
This issue involved two bugs:
- `noinline` functions accepted resource parameters in the frontend,
which crashed the backend since valid DXIL cannot be generated for
resources passed across a function call. This change adds a new check in
`SemaDecl.cpp` that rejects resource parameters on `noinline` functions,
as well as a new `resource_params_noinline.hlsl` test.
- The check for incomplete resource array parameters queried the array's
element type to decide if it was a resource. When the parameter was the
first use of the resource type, the element was still incomplete and
wouldn't register as a resource, so the check would be skipped and the
compiler would later crash. This change fixes the check to now force
element completion with `isCompleteType` before querying the type, and
updates `unbounded_resource_arrays.hlsl` to test this.
This change also fixes the `unbounded_resource_arrays.hlsl` test in
[4 lines not shown]
[lldb] Don't add the same module to a target twice (#208472)
`Target::GetOrCreateModule` uses `Append`, so a module already in the
target could be added again. Then `RemoveModule` dropped only one,
keeping the module (and its memory-mapped file) alive.
On Windows that mapped file can't be deleted, causing
`TestReplaceDLL.py` to fail with `LLDB_USE_LLDB_SERVER=1`.
This patch uses `AppendIfNeeded` instead.
rdar://181797592
[lldb] Use `llvm::APInt` for `VariantMember` Discriminants (#188487)
resolves #177812
It currently uses a `uint32_t` even though Rust can output 64- and
128-bit discriminants. This became a more obvious issue when Rust
started niche-optimizing based on the capacity of strings (which are
`NoHighBit` values, guaranteed to be less than `u64::MAX / 2`), rather
than the `NonNull` heap pointer. With this optimization, the `None`
variant of strings is 9223372036854775808, which LLDB truncates to 0.
This means whenever the capacity is 0 (e.g. `Some(String::new())`, LLDB
will mistakenly read it as the `None` variant. Additionally, when trying
to determine the `None` variant, lldb will read the discr from memory
correctly (9223372036854775808), and the visualizer scripts will compare
that to the value in the variant name (`$variant$0`), see that it
doesn't match, and incorrectly decides that it must not be the `None`
variant.
This patch simply swaps the `uint32_t` with an `llvm::APInt`.
[104 lines not shown]
[clang][ssaf] Add SARIF transformation-report format (#208327)
Adds the built-in `TransformationReportFormat`, registered under the
file extension `sarif`. The writer drives clang's existing
`SarifDocumentWriter` (`clang/Basic/Sarif.h`) to produce a SARIF 2.1.0
JSON document. The tool driver name is `clang-ssaf`; the long `fullName`
carries the transformation's name.
Token-range `CharSourceRange`s are canonicalized to char ranges via
`clang::Lexer::getAsCharRange` before being attached to results; invalid
ranges (including default-constructed ones) are treated as "no location"
— the writer omits the result's `locations` key rather than fabricating
one. Source edits are not embedded in the report; the writer never emits
a `fix` or `fixes` key.
Anchored via `SSAFSARIFTransformationReportFormatAnchorSource` so static
builds keep the registration.
Assisted-By: Claude Opus 4.7
[Reassociate] Compute value ranks iteratively (NFC) (#204952)
ReassociatePass::getRank recursively walks operand def-use chains before
memoizing ranks. For a very deep acyclic chain whose tail feeds a
reassociable operation, this can recurse once per chain element and
overflow the native stack.
Compute ranks with an explicit post-order worklist instead. The worklist
preserves the existing rank calculation and memoization behavior while
bounding native stack use.
Co-authored-by: Justin Fargnoli <jfargnoli at nvidia.com>
boot.environment: replace zectl subprocess with truenas_bootenv engine
Proof of concept for testing alongside the truenas_pylibzfs
truenas_bootenv branch. The plugin calls the engine directly on the
middleware thread-local libzfs handle instead of shelling out to
zectl: mutations serialize under a module lock, the grub menu is
regenerated through etc.generate('grub') with a truenas:grub_pending
marker reconciled at startup after a crash, and the pool is synced so
the menu change is crash durable.
Based on the tree just before the boot_environment typesafe plugin
split; porting onto the new plugin layout is a known follow-up before
this can target master.
[lldb] Tighten interface for TypeCategoryImpl::AnyMatches (#208321)
The last 2 parameters are never actually used by any caller so they can
be removed. `only_enabled` defaults to `true` but all callers explicitly
set this to false. I removed that and rewrote the body to assume it will
always be false.
[Support] Optimize signal handling file removal code (#173586)
clangd/clangd#1787 describes how LLVM's code for removing partially
written files when taking a fatal signal is slower than it should be.
This code was substantially rewritten by JF Bastien in
aa1333a91f8d8a060bcf5 to make it (more) signal-safe.
As written in 2018, the logic always allocates a new node for every file
we attempt to protect, and those nodes are added to a global singly
linked list and never removed. If you open a lot of output files,
suddenly output file opening becomes O(n^2), which is what happened
during clangd indexing.
Removing files on signals in a multi-threaded environment is really
complicated! We can use locks to synchronize between threads that are
writing to the list, but we cannot use locks to synchronize against
re-entrant signals, and we don't have any great tools for masking or
delaying things like SIGTERM. This makes it difficult to assert that we
have the one and only reference to a node, even after removing it from
[18 lines not shown]
[Sema] Properly space namespace comments (#208561)
// namespace instead of //namespace.
This is consistent with the LLVM coding standards. We took focus on this
specific case as it was tripping up some of our internal tooling.
[alpha.webkit.UncheckedLambdaCapturesChecker] Split unchecked lambda capture checker (#201044)
Split alpha.webkit.UncheckedLambdaCapturesChecker off of
UncountedLambdaCapturesChecker, which currently checks for the use of
ref counted objects as well as CheckedPtr capable types unlike all other
WebKit checkers, which only check for one type of smart pointers.
Also improve the wording of the warning text so that it can be easily
extended to support checking for the lambda capturing of raw pointers
and references to CheckedPtr/CheckedRef.
devel/perfetto: update to 57.2
* All freebsd-specific patches have been vendored in from
https://codeberg.org/tj/perfetto/src/branch/v54.0-freebsd-ports
* Non-upstreamed FreeBSD-specific binaries have a "perfetto_" prefix
added to them to avoid conflict with other ports
[mlir][RemoveDeadValues] Use `SymbolUserMap` to avoid quadratic symbol lookups (#205448)
`processFuncOp` previously called `funcOp.getSymbolUses(module)` for
every function, which walks the entire module to find that function's
callers. Since `processFuncOp` runs once per function, the pass was
effectively *O(numFunctions * numOperations)*.
Build a `SymbolUserMap` once up front in `runOnOperation()` and look up
each function's callers in *O(1)*, making the collection phase linear in
the size of the module.
This is behavior-preserving: the map is read only during the
mutation-free collection walk, and all IR erasure happens afterwards in
`cleanUpDeadVals`, so the map cannot become stale while it is in use.
---
**Note:** AI used to generate part of the code in this PR.
[2 lines not shown]