Merge branch 'pr-1180-release-3.4' into release-3.4
Fixes #1242
Issue #1180
* pr-1180-release-3.4:
jail: Exit with an error if pkg-update(8) fails
jail.sh: uneeded (typo)
jail: Use the right arch for a pkgbase jail
[mlir][ROCDL] Add async variants of pre-gfx12 LDS load intrinsics
These are MLIR wrappers around #180466.
-----
Co-authored-by: Claude Opus 4.5 <noreply at anthropic.com>
[mlir][ROCDL] Wrap asyncmark and wait.asyncmark intrinsics (#181054)
(see op-level and LLVM documentation for details so I'm not repeating
myself, but these are the general operations for compiler-operated
asynchronous operation tracking, which frees programmers from having to
deal with all the different counters, allows certain optimization, and
doesn't require precise alias analysis)
-----
Co-authored-by: Claude Opus 4.5 <noreply at anthropic.com>
jail: Exit with an error if pkg-update(8) fails
Exit with an error if pkg update fails, for example when the jail is
empty (with only pkg repo configured).
(cherry picked from commit 364c1d2081ff4bd9405c9c277c58da2c60b949fa)
jail.sh: uneeded (typo)
Spelling: uneeded should be unneeded.
(cherry picked from commit ab499733b6d0eb6dd4df46b8a414cb20f8ee4a22)
Conflicts:
src/share/poudriere/jail.sh
jail: Use the right arch for a pkgbase jail
This is currently a problem for anything not amd64 when building pkgbase
jails. Strip the `ARCH` and use only what corresponds to `TARGET_ARCH`.
(cherry picked from commit ec991af0c789bf98737f6c2206e62646b2de6f25)
Conflicts:
src/share/poudriere/jail.sh
NAS-139570 / 26.0.0-BETA.1 / Add scram auth (#17831)
This commit adds support for SCRAM authentication for API keys and
significantly refactors several aspects of authentication and session
management.
The SCRAM libraries are provided by the following GIT repository:
https://github.com/truenas/truenas_scram
The repo documents protocol details that are beyond scope of a commit
message.
**API Keys**
This change is mostly backwards-compatible with legacy API key
authentication (mechanism `API_KEY_PLAIN`), with the exception that
API keys using the PKDF2-SHA256 algorithm are now automatically
revoked on migration and no longer supported. The algorithm used
for API keys was changed for TrueNAS 25.04 and keys were migrated
at runtime during the 25.04 and 25.10 releases as they were used
[53 lines not shown]
NAS-139746 / 26.0.0-BETA.1 / fix route and static route to use new logic (#18189)
This uses the new logic introduced in
https://github.com/truenas/truenas_pynetif/pull/43. This allows us to
remove pyroute2 dependency which is where a vast majority of our memory
leaks were occurring. For posterity sake, the leak was not in pyroute2
but we had a cyclical GC issue that was exposed with how we designed our
legacy network logic and pyroute2's design. CI
[here](http://jenkins.eng.ixsystems.net:8080/job/tests/job/api_tests/7624)
NAS-139739 / 26.0.0-BETA.1 / Expand use of atomic_write() helper (#18180)
This commit expands use of atomic_write() to places where there is risk
that a partial file write can impact stability or predictable server
behavior.
[CIR][LoweringPrepare] Emit guard variables for static local initialization
This implements the lowering of static local variables with the Itanium C++ ABI
guard variable pattern in LoweringPrepare.
When a GlobalOp has the static_local attribute and a ctor region, this pass:
1. Creates a guard variable global (mangled name from AST)
2. Inserts the guard check pattern at each GetGlobalOp use site:
- Load guard byte with acquire ordering
- If zero, call __cxa_guard_acquire
- If acquire returns non-zero, inline the ctor region code
- Call __cxa_guard_release
3. Clears the static_local attribute and ctor region from the GlobalOp
[mlir][ROCDL] Wrap asyncmark and wait.asyncmark intrinsics
(see op-level and LLVM documentation for details so I'm not repeating
myself, but these are the general operations for compiler-operated
asynchronous operation tracking, which frees programmers from having
to deal with all the different counters, allows certain optimization,
and doesn't require precise alias analysis)
-----
Co-authored-by: Claude Opus 4.5 <noreply at anthropic.com>
[clang-tidy][NFC] Update broken HICPP documentation links (#180525)
The original links to the High Integrity C++ Coding Standard now
redirects to an [irrelevant page](https://www.perforce.com/resources)
because Perforce made the document private (it now requires email to
apply).
This PR updates all HICPP-related documentation links to point to the
application form, ensuring users can still find the official source for
these rules.
[libcxxabi] Make fallback malloc heap size configurable via CMake
The emergency fallback heap used during exception handling when
malloc() fails (e.g. under OOM) was hardcoded to 512 bytes, which
is only enough for a few in-flight exceptions. In contrast, libstdc++
reserves ~73 KiB for this purpose.
Add a LIBCXXABI_FALLBACK_MALLOC_HEAP_SIZE CMake option (default 512)
so that builds targeting programs that need to survive OOM conditions
can increase the pool size. Validate the value at both CMake configure
time and C++ compile time, since the heap's unsigned short offsets
limit it to ~256 KiB.
testcases/libnvmm: Add two memory tests using RIP-relative addressing
While these two tests do not exercise the RIP-relative address
calculation path in store_to_gva(), they can help validate the x86
instruction decoder.
Credit: Claude Sonnet 4.5 (https://claude.ai/)
libnvmm(3): Fix RIP-relative addressing in store_to_gva()
RIP-relative addressing uses the start address of the *next* instruction
as the base, rather than the *current* one. Adjust RIP by the
instruction length when computing the effective address.
NOTE: This bug does not affect memory assists:
- The MMIO exits handled by assist_mem_single() do not call
store_to_gva(). In addition, assist_mem_single() does not compute
RIP-relative addresses, as the effective GPA is already provided in
'exit->u.mem.gpa'.
- Other MMIO exits handled by assist_mem_double_movs() do call
store_to_gva(), but only for RSI/RDI-based operands.
Credit: Claude Sonnet 4.5 (https://claude.ai/)
NAS-135198 / 26.0.0-BETA.1 / HA CI tests for NVMe-oF(TCP) (#17680)
Add a comprehensive test suite for NVMe-oF High Availability
failover scenarios. The suite validates failover behavior across
different target implementations (kernel vs SPDK), failover modes (ANA
vs IP takeover), and scales (single namespace to 70 namespaces).
Use setExprNeedsCleanups in BuildCXXNew and avoid breaking c++98
This approach is much cleaner, but broke checkICE reporting in c++98.
Stepping through a debugger shows that this happend because the
static_assert test didn not recognize ExprWithCleanups as transparent to
constant evaluation. To addresse this, we update CheckICE to recurse
into the sub-expression, and keep the old behavior.
[clang] Use uniform lifetime bounds under exceptions
To do this we have to slightly modify how some expressions are handled
in Sema. Principally, we need to ensure that calls to new for
non-trivial types still have their destructors run. Generally this isn't
an issue, since these just get sunk into the surrounding scope. With
more lifetime annotations being produced for the expressions, we found
that some calls to `new` in an unreachable switch arm would not be
wrapped in ExprWithCleanups. As a result, they remain on the EhStack
when processing the default label, and since the dead arm doesn't
dominate the default label, we can end up with a case where the def-use
chain is broken (e.g. the def doesn't dominate all uses). Technically
this path would be impossible to reach due to the active bit, but it
still failed to satisfy a dominance relationship.
With that in place, we can remove the constraint on only using tighter
lifetimes when exceptions are disabled.
