[flang][cuda][openacc] Fix OpenACC use_device host association symbol copies (#194705)
When a use_device object comes from host association, the OpenACC
construct scope may already contain a HostAssocDetails symbol. Reusing
that symbol prevents semantics from applying the CUDA DEVICE attribute,
because the copied symbol is not an object entity. The fix materializes
the expected host-associated symbol in the containing scope, then
replaces the OpenACC-scope symbol with an ObjectEntityDetails copy that
can carry the device attribute.
This allows generic resolution and lowering to see the device version
inside the host_data construct while preserving the host-associated
binding needed by lowering.
Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm
Pull kvm fixes from Paolo Bonzini:
"Three bug fixes for x86:
- Check that nEPT/nNPT is enabled in slow flush hypercalls. If it is
not, the hypercalls can be processed as usual even while running a
nested guest
- Fix shadow paging use-after-free due to page tables changing
outside execution of the guest. A bug that is 16 years old and
stems from an imprecision in the very first KVM series
- Scan IRR whenever PID.ON is true, even if PIR is empty, which
avoids a somewhat rare WARN"
* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
KVM: x86: Fix shadow paging use-after-free due to unexpected GFN
KVM: x86: Fix misleading variable names and add more comments for PIR=>IRR flow
[2 lines not shown]
upgrade to bozohttpd 20260503. changes include:
o fix the default minimum TLS version to 1.1 from 1.3. the
manual already said 1.1 was the default. fixes PR#58878.
o log the correct port with TLS connections. fixes PR#59644.
o fix use-after-free, double-free, and bounds checking problems.
from shm.
o better lint support.
o several updates for the manual. from lukem.
o make directory listings mobile friendly. from D. Bohdan.
call this bozohttpd 20260503, and update the CHANGES for the last 2 years
o fix the default minimum TLS version to 1.1 from 1.3. the
manual already said 1.1 was the default. fixes PR#58878.
o log the correct port with TLS connections. fixes PR#59644.
o fix use-after-free, double-free, and bounds checking problems.
from shm.
o better lint support.
o several updates for the manual. from lukem.
add D Bohdan to the contributors list.
[DWARFLinker] Treat NULL DIE references as resolution failures in parallel (#195363)
CompileUnit::resolveDIEReference returned whatever getDIEIndexForOffset
pointed at, even when the entry was a NULL tombstone. The classic linker
checks DWARFDie::isNULL(). Mirror that here so callers get std::nullopt
and warn.
Also fix the "cann't" typo at the two warning sites to match classic,
and enable `--linker parallel` in null-die.test.
[test] Cover R_RISCV_ADD/SUB and R_RISCV_RVC_{BRANCH,JUMP} (#195555)
These were uncovered according to an LLVM_BUILD_INSTRUMENTED_COVERAGE
build.
llvm-mc resolves `.L1 - .L0` differences at assembly time, so
riscv-reloc-add.s doesn't emit the R_RISCV_ADD*/R_RISCV_SUB* pairs it
was meant to test.
Add riscv-reloc-rvc.s, modeled on riscv-branch.s/riscv-jal.s, to
exercise R_RISCV_RVC_BRANCH and R_RISCV_RVC_JUMP. Drive offsets via
-Ttext + --defsym to land precise values that isolate complementary
extractBits groups.
krpc: Get rid of KRPC_VNET macros
When the krpc was vnet'd, the VNET macros were hidden
behind macros that had the KRPC_ prefix on them.
This was done because, at the time, it was thought
that something other than vnet might be used for this.
That has not happened and probably will not happen,
so this patch replaces these obscuring macros with
the regular vnet ones.
There should be no semantics change caused by
this commit.
Discussed with: bz, glebius
MFC after: 1 month
Handle missing compose service label in app query
This commit adds fixes for app.query crashing with KeyError when a
container tagged with the com.docker.compose.project label is missing
the com.docker.compose.service label. A single such container would
take down the entire apps panel since the unconditional label lookup
in translate_resources_to_desired_workflow raised before any app data
could be returned.
The label is now read defensively, falling back to the container name
(or 'unknown') for the displayed service_name. The container is still
counted and its ports, volumes, images, and state are still aggregated
normally.
(cherry picked from commit 8c8019091c9b6d830eff19e79966546b9659d3eb)
NAS-140732 / 27.0.0-BETA.1 / Handle missing compose service label in app query (#18889)
This commit adds fixes for app.query crashing with KeyError when a
container tagged with the com.docker.compose.project label is missing
the com.docker.compose.service label. A single such container would take
down the entire apps panel since the unconditional label lookup in
translate_resources_to_desired_workflow raised before any app data could
be returned.
The label is now read defensively, falling back to the container name
(or 'unknown') for the displayed service_name. The container is still
counted and its ports, volumes, images, and state are still aggregated
normally.
This can potentially happen when user has manually deployed containers.
KVM: x86: Fix shadow paging use-after-free due to unexpected GFN
The shadow MMU computes GFNs for direct shadow pages using sp->gfn plus
the SPTE index. This assumption breaks for shadow paging if the guest
page tables are modified between VM entries (similar to commit
aad885e77496, "KVM: x86/mmu: Drop/zap existing present SPTE even
when creating an MMIO SPTE", 2026-03-27). The flow is as follows:
- a PDE is installed for a 2MB mapping, and a page in that area is
accessed. KVM creates a kvm_mmu_page consisting of 512 4KB pages;
the kvm_mmu_page is marked by FNAME(fetch) as direct-mapped because
the guest's mapping is a huge page (and thus contiguous).
- the PDE mapping is changed from outside the guest.
- the guest accesses another page in the same 2MB area. KVM installs
a new leaf SPTE and rmap entry; the SPTE uses the "correct" GFN
(i.e. based on the new mapping, as changed in the previous step) but
that GFN is outside of the [sp->gfn, sp->gfn + 511] range; therefore
[37 lines not shown]
KVM: x86: Fix misleading variable names and add more comments for PIR=>IRR flow
Rename kvm_apic_update_irr()'s "irr_updated" and vmx_sync_pir_to_irr()'s
"got_posted_interrupt" to a more accurate "max_irr_is_from_pir", as neither
"irr_updated" nor "got_posted_interrupt" is accurate.
__kvm_apic_update_irr() and thus kvm_apic_update_irr() specifically return
true if and only if the highest priority IRQ, i.e. max_irr, is a "new"
pending IRQ from the PIR. I.e. it's possible for the IRR to be updated,
i.e. for a posted IRQ to be "got", *without* the APIs returning true.
Expand vmx_sync_pir_to_irr()'s comment to explain why it's necessary to
set KVM_REQ_EVENT only if a "new" IRQ was found, and to explain why it's
safe to do so only if a new IRQ is also the highest priority pending IRQ.
No functional change intended.
Signed-off-by: Sean Christopherson <seanjc at google.com>
Link: https://patch.msgid.link/20260503201703.108231-3-pbonzini@redhat.com/
Signed-off-by: Paolo Bonzini <pbonzini at redhat.com>
[clang][NFC] Mark CWG2629 as implemented and add a test (#195490)
This is ill-formed:
```cpp
switch (0.0) {}
```
Before [CWG2629](https://wg21.link/cwg2629) though, this was allowed:
```cpp
switch (double d = 0.0) {} // Value of 'd' is implicitly converted to an integer
```
Clang however has always rejected both: https://godbolt.org/z/GYc4hhrnz
