[X86][Inline] Make ABI compatibility check more precise (#205106)
When inlining a function that contains calls with vector arguments, we
have to be careful that inlining does not change the ABI of the call.
E.g. we generally can't inline a function without `+avx` into a
function with `+avx` if there are calls using vectors of size 256 or
larger, because they'd switch from passing in two xmm registers to
passing in a ymm register.
However, the current check is very crude and only allows inlining with
interior calls if the target features match *exactly* (via the base
areTypesABICompatible implementation). This is unnecessarily
conservative, as many target features do not affect the call ABI at all.
Make this check more precise by checking the result of
getRegisterTypeForCallingConv for the type between the TLI instances for
the caller and callee.
Firewall: NAT: Source NAT: Allow empty target which means interface address (#10441)
* Firewall: NAT: Source NAT: Empty target means interface address, allow it in the model and add hints, fix legacy outbound rules exporter as well
* Firewall: NAT: Source NAT: Target cannot be any, pf refuses to load that
[IR] Remove IRBuilder AddMetadataToInst (#202280)
This avoids an extra check for metadata on every instruction insertion,
makes constructing an IRBuilder cheaper, and therefore slightly improves
performance.
As the C API doesn't expose CollectMetadataToCopy or any other way to
add additional metadata to the IRBuilder, make LLVMAddMetadataToInst an
alias for LLVMSetInstDebugLocation and undeprecate the latter.
net-mgmt/peering-manager: Fix Python version
Upstream claims to support >=3.10,<3.15 which translates to 3.10-3.14.
Reviewed by: bofh
Differential Revision: https://reviews.freebsd.org/D57709
x86: Harmonize GENERIC and MINIMAL
* Reorder MINIMAL so everything is in the same order as in GENERIC.
* Wherever comments diverged, except for the explanatory comment at
the top, copy the GENERIC version to MINIMAL.
* Add KDTRACE_FRAME to i386 GENERIC; it was already in MINIMAL, and
adding it to GENERIC seemed like the more correct move.
With these changes, MINIMAL is a strict subset of GENERIC, apart from
the identifier and the explanatory comment at the top.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D57729
firewall: unify group names
The defaults in GroupField are still a bit weird as we are showing them
even though their mandatory path is from *_interfaces() plugin registration.
If we need the value 10 we should make it the implicit default and also
add the default to the group interface registration (or not at all).
GroupField could read them correctly from config.xml...
PR: https://www.reddit.com/r/opnsense/comments/1ucvh2y/is_there_a_way_to_change_the_openvpn_group/
graphics/kvantum: update to 1.1.8
V1.1.8
---------
* Covered a rare edge case of finding the parent menubar of a menu.
V1.1.7
---------
* Added a workaround for a backward incompatible change in the behavior of submenus of Qt 6.11 on Wayland, because of which `QWidget::move()` doesn't work with them anymore.
* Added a (partial) workaround for wrong positions of RTL context menus of Qt 6.11 on Wayland.
* Enforced "DelayedPopup" on the toolbar button of kvantumpreview (the default has changed to "MenuButtonPopup").
* Silenced deprecation warnings with Qt ≥ 6.11.
Revert some SSAF patches (#205279)
I've started seeing some failures on Windows permissive bots.
I'll revert my patches for now until further investigation.
errors:
https://lab.llvm.org/buildbot/#/builders/107/builds/20548
```
C:\b\slave\sanitizer-windows\llvm-project\clang\lib\Frontend\CompilerInvocation.cpp
C:\b\slave\sanitizer-windows\build\tools\clang\include\clang/Options/Options.inc(9981): error C2065: 'SSAFOpts': undeclared identifier
C:\b\slave\sanitizer-windows\build\tools\clang\include\clang/Options/Options.inc(9982): note: see reference to function template instantiation 'auto GenerateSSAFArgs::<lambda_5f504a9e8792b8b03f1d39701f31dbec>::operator ()<T>(const T &) const' being compiled
with
[
T=std::vector<std::string,std::allocator<std::string>>
]
```
Revert "Reland "[clang][ssaf][NFC] Move SSAF flags from FrontendOptions
to a dedicated SSAFOptions" (#204798)"
[4 lines not shown]
NAS-140907 / 27.0.0-BETA.1 / Tolerate malformed JSON in audit databases (#19181)
## Problem
The audit databases store `event_data`/`service_data` as JSON in TEXT
columns that SQLite does not validate on insert, so a corrupted or
otherwise non-JSON value can persist in a row (e.g. after a storage/IO
incident). Audit queries that filter or select on a JSON path compile to
`json_extract()`, and SQLite aborts the entire statement with
`OperationalError: malformed JSON` the moment it evaluates that over a
bad row. This bubbles up uncaught from the SMB alert sources as
recurring CRITICAL `AlertSourceRunFailed` alerts, and breaks
`audit.query`/`audit.export` and the UI audit page.
## Solution
Guard every JSON-path `json_extract` so a non-JSON row is skipped
instead of aborting the query, and surface the corruption rather than
dropping it silently.
- **WHERE side** (`datastore/filter.py`): an opt-in
[19 lines not shown]
editors/featherpad: update to 1.6.4
V1.6.4
---------
* Fixed JSON's highlighting when whitespaces are not shown.
* Activate the session dialog under Wayland too when it is called by another window.
* Fixed tab middle clicking for Qt ≥ 6.11 (it stopped working correctly after a backward-incompatible change in Qt).
* When running executable scripts, covered a case where a process failed to start.
* Fixed side-pane tooltips with tab DND.
* Bumped the minimum version of Qt to 6.5.
* Fixed using of dictionary encoding with Hunspell.
* Fixed macOS help bundle resource.
* Silenced new compilation warnings about implicit capturing of 'this'.
Revert "[libc] Introduce the ioctl syscall wrapper and port all callers" (#205277)
Reverts llvm/llvm-project#204640
Breaks libc-x86_64-debian-fullbuild. Reverting while I investigate.
[X86] Prevent folding of volatile scalar loads into masked loads in selects (#205103)
X86 select patterns were folding scalar FP loads into AVX-512 masked
loads. Since masked loads suppress memory access when the mask is 0,
this can incorrectly eliminate the observable access of volatile loads,
leading to miscompilation. Non-volatile loads are unaffected.
Multi-use loads already avoid folding, since folding consumes the load
into the instruction's memory operand and leaves no value for the other
users, forcing it to be materialized into a register. Single-use
volatile loads did not, and this must also be prevented, as volatile
loads are required to always perform their memory access.
Fix this by using the isSimple()-guarded simple_load pattern instead of
loadf32/loadf64, ensuring volatile loads are not folded.
Found via @jlebar's X86 LLVM bug hunt / FuzzX effort:
https://github.com/SemiAnalysisAI/FuzzX/blob/master/x86/bugs/093-avx512-vmovs-x86selects-load-fold-mask-suppress
mvc: give throwReadOnly() a sibling named throwNotFullAdmin() which validates if a user has full access rights and can be treated as "provides safe input".
Although there aren't a lot of cases where user input can't be validated strictly enough, there are still one or two edge cases which offer some sort of "advanced" input which we currently wouldn't accept and are thus hard to change for historic reasons. The most prominent one is Monit, which allows local commands being executed.
throwNotFullAdmin simply raises an exception and bails before persisting changes to the configuration, which can be set on a per action or controller (internalSaveRequiresAdmin).
clang: Change TargetInfo::setCPU to take StringRef
The related APIs all use StringRef, so use StringRef for
consistency.
Co-Authored-By: Claude (Opus 4.8) <noreply at anthropic.com>
