From: Peter Maydell
The FMOPA (widening) SME instruction takes pairs of half-precision
floating point values, widens them to single-precision, does a
two-way dot product and accumulates the results into a
single-precision destination. We don't quite correctly handle the
FPCR bits FZ and FZ16 whi
From: Marco Palumbi
The order of the RX and TX interrupts are swapped.
This commit fixes the order as per the following documents:
* https://developer.arm.com/documentation/dai0505/latest/
* https://developer.arm.com/documentation/dai0521/latest/
* https://developer.arm.com/documentation/dai05
From: Amjad Alsharafi
The field is marked as "the offset in the file (in clusters)", but it
was being used like this
`cluster_size*(nums)+mapping->info.file.offset`, which is incorrect.
Signed-off-by: Amjad Alsharafi
Reviewed-by: Kevin Wolf
Message-ID:
<72f19a7903886dda1aa78bcae0e17702ee93926
From: Amjad Alsharafi
When reading with `read_cluster` we get the `mapping` with
`find_mapping_for_cluster` and then we call `open_file` for this
mapping.
The issue appear when its the same file, but a second cluster that is
not immediately after it, imagine clusters `500 -> 503`, this will give
From: Volker Rümelin
Commit 9b6083465f ("virtio-snd: check for invalid param shift
operands") tries to prevent invalid parameters specified by the
guest. However, the code is not correct.
Change the code so that the parameters format and rate, which are
a bit numbers, are compared with the bit s
From: Richard Henderson
Cc: qemu-sta...@nongnu.org
Fixes: b3e22b2318a ("target/i386: add core of new i386 decoder")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2495
Signed-off-by: Richard Henderson
Link:
https://lore.kernel.org/r/20240812025844.58956-2-richard.hender...@linaro.org
S
From: Alexander Ivanov
Set local_err to NULL after it has been freed in error_report_err(). This
avoids triggering assert(*errp == NULL) failure in error_setv() when
local_err is reused in the loop.
Signed-off-by: Alexander Ivanov
Reviewed-by: Claudio Fontana
Reviewed-by: Denis V. Lunev
Link:
From: Eric Blake
Commit 3e7ef738 plugged the use-after-free of the global nbd_server
object, but overlooked a use-after-free of nbd_server->listener.
Although this race is harder to hit, notice that our shutdown path
first drops the reference count of nbd_server->listener, then triggers
actions t
From: Cindy Lu
The crash was reported in MAC OS and NixOS, here is the link for this bug
https://gitlab.com/qemu-project/qemu/-/issues/2334
https://gitlab.com/qemu-project/qemu/-/issues/2321
In this bug, they are using the virtio_input device. The guest notifier was
not supported for this device
From: Helge Deller
While adding hppa64 support, the psw_v variable got extended from 32 to 64
bits. So, when packaging the PSW-V bit from the psw_v variable for interrupt
processing, check bit 31 instead the 63th (sign) bit.
This fixes a hard to find Linux kernel boot issue where the loss of th
From: Alyssa Ross
When cross compiling QEMU configured with --static, I've been getting
configure errors like the following:
Build-time dependency glib-2.0 found: NO
../target/hexagon/meson.build:303:15: ERROR: Dependency lookup for glib-2.0
with method 'pkgconfig' failed: Could not ge
From: Amjad Alsharafi
Added several tests to verify the implementation of the vvfat driver.
We needed a way to interact with it, so created a basic `fat16.py` driver
that handled writing correct sectors for us.
Added `vvfat` to the non-generic formats, as its not a normal image format.
Signed-
From: Thomas Huth
The unrealize functions of the various vhost-user devices are
calling the corresponding vhost_*_set_status() functions with a
status of 0 to shut down the device correctly.
Now these vhost_*_set_status() functions all follow this scheme:
bool should_start = virtio_device_s
On Thu, Sep 5, 2024 at 6:39 PM Stefan Hajnoczi wrote:
> On Tue, Sep 03, 2024 at 10:42:34AM +0200, Albert Esteve wrote:
> > Hello all,
> >
> > Sorry, I have been a bit disconnected from this thread as I was on
> > vacations and then had to switch tasks for a while.
> >
> > I will try to go through
From: Jianzhou Yue
The real period is zero when both period and period_frac are zero.
Check the method ptimer_set_freq, if freq is larger than 1000 MHz,
the period is zero, but the period_frac is not, in this case, the
ptimer will work but the current code incorrectly recognizes that
the ptimer i
From: Richard Henderson
With normal SIB, index == 4 indicates no index.
With VSIB, there is no exception for VR4/VR12.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2474
Signed-off-by: Richard Henderson
Link:
https://lore.kernel.org/r/20240805003130.1421051-3-richard.hender...@linaro
From: Richard Henderson
Prior to sparcv9, the same encoding was STDFQ.
Cc: qemu-sta...@nongnu.org
Fixes: 06c060d9e5b ("target/sparc: Move simple fp load/store to decodetree")
Signed-off-by: Richard Henderson
Reviewed-by: Philippe Mathieu-Daudé
Message-ID: <20240816072311.353234-2-richard.hende
From: thomas
Patch 06b12970174 ("virtio-net: fix network stall under load")
added double-check to test whether the available buffer size
can satisfy the request or not, in case the guest has added
some buffers to the avail ring simultaneously after the first
check. It will be lucky if the availab
From: Eric Blake
Allowing an unlimited number of clients to any web service is a recipe
for a rudimentary denial of service attack: the client merely needs to
open lots of sockets without closing them, until qemu no longer has
any more fds available to allocate.
For qemu-nbd, we default to allow
From: Eric Blake
Upcoming patches to fix a CVE need to track an opaque pointer passed
in by the owner of a client object, as well as request for a time
limit on how fast negotiation must complete. Prepare for that by
changing the signature of nbd_client_new() and adding an accessor to
get at the
From: Peter Maydell
When the creds->username property is set we allocate memory
for it in qcrypto_tls_creds_psk_prop_set_username(), but
we never free this when the QCryptoTLSCredsPSK is destroyed.
Free the memory in finalize.
This fixes a LeakSanitizer complaint in migration-test:
$ (cd build/
From: Peter Maydell
In amdvi_update_iotlb() we will only put a new entry in the hash
table if to_cache.perm is not IOMMU_NONE. However we allocate the
memory for the new AMDVIIOTLBEntry and for the hash table key
regardless. This means that in the IOMMU_NONE case we will leak the
memory we allo
From: Eric Blake
A client that opens a socket but does not negotiate is merely hogging
qemu's resources (an open fd and a small amount of memory); and a
malicious client that can access the port where NBD is listening can
attempt a denial of service attack by intentionally opening and
abandoning
From: Frederik van Hövell
When a bare-metal application on the raspi3 board reads the
AUX_MU_STAT_REG MMIO register while the device's buffer is
at full receive FIFO capacity
(i.e. `s->read_count == BCM2835_AUX_RX_FIFO_LEN`) the
assertion `assert(s->read_count < BCM2835_AUX_RX_FIFO_LEN)`
fails.
From: Peter Maydell
The function tszimm_esz() returns a shift amount, or possibly -1 in
certain cases that correspond to unallocated encodings in the
instruction set. We catch these later in the trans_ functions
(generally with an "a-esz < 0" check), but before we do the
decodetree-generated cod
From: Richard Henderson
Using int32_t meant that the address was sign-extended to uint64_t
when passing to translator_ld*, triggering an assert.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2453
Signed-off-by: Richard Henderson
Tested-by: Thomas Huth
(cherry picked from commit 83340
From: Klaus Jensen
Yutaro Shimizu from the Cyber Defense Institute discovered a bug in the
NVMe emulation that leaks contents of an uninitialized heap buffer if
subsystem and FDP emulation are enabled.
Cc: qemu-sta...@nongnu.org
Reported-by: Yutaro Shimizu
Signed-off-by: Klaus Jensen
(cherry p
From: Akihiko Odaki
Ensure the queue index points to a valid queue when software RSS
enabled. The new calculation matches with the behavior of Linux's TAP
device with the RSS eBPF program.
Fixes: 4474e37a5b3a ("virtio-net: implement RX RSS processing")
Reported-by: Zhibin Hu
Cc: qemu-sta...@non
From: Peter Maydell
When determining the current vector length, the SMCR_EL2.LEN and
SVCR_EL2.LEN settings should only be considered if EL2 is enabled
(compare the pseudocode CurrentSVL and CurrentNSVL which call
EL2Enabled()).
We were checking against ARM_FEATURE_EL2 rather than calling
arm_is_
05.09.2024 19:27, Paolo Bonzini wrote:
On Sat, Aug 3, 2024 at 4:29 AM Michael Tokarev wrote:
23.04.2024 18:08, Paolo Bonzini wrote:
Since the virtio memory device stubs are needed exactly when the
Kconfig symbol is not enabled, they can be placed in hw/virtio/ and
conditionalized on CONFIG_VI
On Fri, Sep 6, 2024 at 9:08 AM Michael Tokarev wrote:
>
> 05.09.2024 19:27, Paolo Bonzini wrote:
> > On Sat, Aug 3, 2024 at 4:29 AM Michael Tokarev wrote:
> >>
> >> 23.04.2024 18:08, Paolo Bonzini wrote:
> >>> Since the virtio memory device stubs are needed exactly when the
> >>> Kconfig symbol i
While debugging an invalid configuration, I noticed that the clauses debug
ends up on stderr but the header ("The following clauses were found..."
ends up on stdout. This makes the contents of meson-logs/meson-log.txt
a bit confusing.
Signed-off-by: Paolo Bonzini
---
scripts/minikconf.py | 2 +-
Virtio memory devices rely on PCI BARs to expose the contents of memory.
Because of this they cannot be used with virtio-mmio or virtio-ccw. In fact
the code that is common to virtio-mem and virtio-pmem, which is in
hw/virtio/virtio-md-pci.c, is only included if CONFIG_VIRTIO_PCI is
set. Reproduc
Hi,
This is v4 of the openat2 support in linux-user. Thanks again for the
excellent second round of feedback from Richard Henderson.
The code is identical to the previous v3 and I only fixed two typos in
the commit message. I'm sending v4 because in v3 I forgot to add
"--threaded" when generating
This commit adds support for the `openat2()` syscall in the
`linux-user` userspace emulator.
It is implemented by extracting a new helper `maybe_do_fake_open()`
out of the exiting `do_guest_openat()` and share that with the
new `do_guest_openat2()`. Unfortunately we cannot just make
do_guest_opena
On 06.09.24 09:37, Paolo Bonzini wrote:
Virtio memory devices rely on PCI BARs to expose the contents of memory.
Because of this they cannot be used with virtio-mmio or virtio-ccw. In fact
Guess what I am working on at this very the moment ;)
the code that is common to virtio-mem and virtio-
Cc: David Hildenbrand
Reported-by: Michael Tokarev
Signed-off-by: Paolo Bonzini
---
hw/virtio/Kconfig | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/hw/virtio/Kconfig b/hw/virtio/Kconfig
index aa63ff7fd41..7c554d230d8 100644
--- a/hw/virtio/Kconfig
+++ b/hw/virtio
Hello,
On 9/4/24 11:01, Troy Lee wrote:
Hi Cédric,
On Wed, Sep 4, 2024 at 3:29 PM Cédric Le Goater wrote:
Hello Jamin,
Just want you to know that I and Troy are working on the following tasks for
AST2700.
1. Support boot from bootmcu(riscv32) instead of u-boot(Cortex-A35)
Oh nice. This
On 5/9/24 21:14, Thomas Huth wrote:
In case QEMU has been configured with "--without-default-devices", the
"pc" machine type might be missing in the binary. We should check for
its availability before using it.
Signed-off-by: Thomas Huth
---
tests/qtest/hd-geo-test.c | 71
On 06/09/2024 09.50, Philippe Mathieu-Daudé wrote:
On 5/9/24 21:14, Thomas Huth wrote:
In case QEMU has been configured with "--without-default-devices", the
"pc" machine type might be missing in the binary. We should check for
its availability before using it.
Signed-off-by: Thomas Huth
---
On 6/9/24 09:33, Paolo Bonzini wrote:
While debugging an invalid configuration, I noticed that the clauses debug
ends up on stderr but the header ("The following clauses were found..."
ends up on stdout. This makes the contents of meson-logs/meson-log.txt
a bit confusing.
Signed-off-by: Paolo B
On 5/9/24 20:21, Daniel P. Berrangé wrote:
Follow the other architecture targets by adding extra macros for
defining a versioned machine type as the latest. This reduces the
size of the changes when introducing new machine types at the start
of each release cycle.
Signed-off-by: Daniel P. Berran
On Mon, Sep 2, 2024 at 7:59 AM Junjie Mao wrote:
> + '-print-file-name=libclang-' + host_clang_major + '.so',
Note that libclang-MAJOR.so is a Debian-ism. On Fedora for example I
have libclang.so.MAJOR.MINOR instead.
Overall, this is a pain and I'd rather leave it to Meson developers to
fix
Hi Thomas,
On 5/9/24 21:14, Thomas Huth wrote:
Let's make sure that we always pass a machine name to the test_boot_orders()
function, so we can check whether the machine is available in the binary
and skip the test in case it is not included in the build.
Signed-off-by: Thomas Huth
---
tests
On Thu, Sep 05 2024, Daniel P. Berrangé wrote:
> Follow the other architecture targets by adding extra macros for
> defining a versioned machine type as the latest. This reduces the
> size of the changes when introducing new machine types at the start
> of each release cycle.
>
> Signed-off-by: D
On 06/09/2024 09.59, Philippe Mathieu-Daudé wrote:
Hi Thomas,
On 5/9/24 21:14, Thomas Huth wrote:
Let's make sure that we always pass a machine name to the test_boot_orders()
function, so we can check whether the machine is available in the binary
and skip the test in case it is not included in
On Thu, Sep 05, 2024 at 08:05:14PM +0100, Peter Maydell wrote:
> On Thu, 5 Sept 2024 at 19:22, Daniel P. Berrangé wrote:
> >
> > On Fri, Aug 16, 2024 at 11:47:16AM +0100, Daniel P. Berrangé wrote:
> > > On Fri, Aug 16, 2024 at 12:37:23PM +0200, Cornelia Huck wrote:
> > > > Add 9.2 machine types fo
On 6/9/24 10:04, Thomas Huth wrote:
On 06/09/2024 09.59, Philippe Mathieu-Daudé wrote:
Hi Thomas,
On 5/9/24 21:14, Thomas Huth wrote:
Let's make sure that we always pass a machine name to the
test_boot_orders()
function, so we can check whether the machine is available in the binary
and skip
When QEMU has been configured with "--without-default-devices", the build
is currently failing with:
/usr/bin/ld: libqemu-riscv32-softmmu.a.p/target_riscv_cpu_helper.c.o:
in function `riscv_cpu_do_interrupt':
.../qemu/target/riscv/cpu_helper.c:1678:(.text+0x2214): undefined
reference to `do_
On Fri, Sep 06, 2024 at 08:16:31AM +0200, Thomas Huth wrote:
> On 05/09/2024 23.03, Fabiano Rosas wrote:
> > Hi,
> >
> > This series silences QEMU stderr unless the QTEST_LOG variable is set
> > and silences -qtest-log unless both QTEST_LOG and gtest's --verbose
> > flag is passed.
> >
> > This w
On 05/09/2024 21.53, Peter Maydell wrote:
On Thu, 5 Sept 2024 at 20:16, Thomas Huth wrote:
This reverts commit 10425887ba54241be1ce97f8935fc320332b531c.
Using "imply" instead of "select" is causing a build failure:
/usr/bin/ld: libqemu-riscv32-softmmu.a.p/target_riscv_cpu_helper.c.o: in
f
On 5/9/24 21:53, Peter Maydell wrote:
On Thu, 5 Sept 2024 at 20:16, Thomas Huth wrote:
This reverts commit 10425887ba54241be1ce97f8935fc320332b531c.
Using "imply" instead of "select" is causing a build failure:
(please mention ./configure arguments besides --without-default-devices)
/u
On Fri, Sep 6, 2024 at 9:40 AM David Hildenbrand wrote:
> On 06.09.24 09:37, Paolo Bonzini wrote:
> > Virtio memory devices rely on PCI BARs to expose the contents of memory.
> > Because of this they cannot be used with virtio-mmio or virtio-ccw. In fact
>
> Guess what I am working on at this ver
On 05/09/2024 19.08, Thomas Huth wrote:
On 22/07/2024 13.04, Alex Bennée wrote:
From: Philippe Mathieu-Daudé
Semihosting currently uses the TCG probe_access API. To prepare for
encoding the TCG dependency in Kconfig, do not enable it unless TCG
is available.
Suggested-by: Paolo Bonzini
Signe
On Fri, Sep 06, 2024 at 10:10:45AM +0800, luzhixing12345 wrote:
> Hi, can someone help review this patch?
>
> Signed-off-by: luzhixing12345
You got comments Aug 5, pls address them.
On 2024/9/6 下午12:49, Jason A. Donenfeld wrote:
In order to support additional channels of communication using
`-serial`, add several serial ports, up to the standard 4 generally
supported by the 8250 driver.
Signed-off-by: Jason A. Donenfeld
---
hw/loongarch/virt.c| 24
On Fri, 6 Sept 2024 at 09:09, Thomas Huth wrote:
>
> When QEMU has been configured with "--without-default-devices", the build
> is currently failing with:
>
> /usr/bin/ld: libqemu-riscv32-softmmu.a.p/target_riscv_cpu_helper.c.o:
> in function `riscv_cpu_do_interrupt':
> .../qemu/target/riscv/
On 06.09.24 10:18, Paolo Bonzini wrote:
On Fri, Sep 6, 2024 at 9:40 AM David Hildenbrand wrote:
On 06.09.24 09:37, Paolo Bonzini wrote:
Virtio memory devices rely on PCI BARs to expose the contents of memory.
Because of this they cannot be used with virtio-mmio or virtio-ccw. In fact
Guess
On 06/09/2024 10.58, Peter Maydell wrote:
On Fri, 6 Sept 2024 at 09:09, Thomas Huth wrote:
When QEMU has been configured with "--without-default-devices", the build
is currently failing with:
/usr/bin/ld: libqemu-riscv32-softmmu.a.p/target_riscv_cpu_helper.c.o:
in function `riscv_cpu_do_
On Wed, 04 Sep 2024 00:39:56 +0900,
Philippe Mathieu-Daudé wrote:
>
> Remove the deprecated SH4 SHIX machine, along
> with the TC58128 NAND EEPROM.
>
> Philippe Mathieu-Daudé (3):
> hw/sh4: Remove the deprecated SHIX machine
> hw/block: Remove TC58128 NAND EEPROM
> hw/sh4: Remove sh7750_reg
On Fri, 6 Sept 2024 at 10:30, Thomas Huth wrote:
>
> On 06/09/2024 10.58, Peter Maydell wrote:
> > On Fri, 6 Sept 2024 at 09:09, Thomas Huth wrote:
> >>
> >> When QEMU has been configured with "--without-default-devices", the build
> >> is currently failing with:
> >>
> >> /usr/bin/ld: libqemu-
If QEMU has been configured with "--without-default-devices", the build
is currently failing with:
/usr/bin/ld: libqemu-riscv32-softmmu.a.p/target_riscv_cpu_helper.c.o:
in function `riscv_cpu_do_interrupt':
.../qemu/target/riscv/cpu_helper.c:1678:(.text+0x2214): undefined
reference to `do_co
On Fri, 6 Sept 2024 at 09:14, Daniel P. Berrangé wrote:
>
> On Fri, Sep 06, 2024 at 08:16:31AM +0200, Thomas Huth wrote:
> > On 05/09/2024 23.03, Fabiano Rosas wrote:
> > > Hi,
> > >
> > > This series silences QEMU stderr unless the QTEST_LOG variable is set
> > > and silences -qtest-log unless bo
On Thu, Sep 05, 2024 at 07:13:23PM +0100, Daniel P. Berrangé wrote:
> The virtio-net code for eBPF RSS is still ignoring errors when
> failing to load the eBPF RSS program passed in by the mgmt app
> via pre-opened FDs.
>
> This series re-factors the eBPF common code so that it actually
> reports
On 5/9/24 20:13, Daniel P. Berrangé wrote:
The eBPF code is currently reporting error messages through trace
events. Trace events are fine for debugging, but they are not to be
considered the primary error reporting mechanism, as their output
is inaccessible to callers.
This adds an "Error **err
On 5/9/24 20:13, Daniel P. Berrangé wrote:
If the user/mgmt app passed in a set of pre-opened FDs for eBPF RSS,
then it is expecting QEMU to use them. Any failure to do so must be
considered a fatal error and propagated back up the stack, otherwise
deployment mistakes will not be detectable in a
On 5/9/24 20:13, Daniel P. Berrangé wrote:
The existing error trace event is renamed to have a name prefix
matching its source file & to remove the redundant first arg that
adds no useful information.
Signed-off-by: Daniel P. Berrangé
---
ebpf/ebpf_rss.c | 19 +++
ebpf/trac
On 5/9/24 20:13, Daniel P. Berrangé wrote:
This adds more trace events to key eBPF RSS setup operations, and
also distinguishes events from multiple NIC instances.
Signed-off-by: Daniel P. Berrangé
---
hw/net/trace-events | 8 +---
hw/net/virtio-net.c | 9 ++---
2 files changed, 11
Virtio memory devices rely on PCI BARs to expose the contents of memory.
Because of this they cannot be used (yet) with virtio-mmio or virtio-ccw.
In fact the code that is common to virtio-mem and virtio-pmem, which
is in hw/virtio/virtio-md-pci.c, is only included if CONFIG_VIRTIO_PCI
is set. Rep
On 06.09.24 12:16, Paolo Bonzini wrote:
Virtio memory devices rely on PCI BARs to expose the contents of memory.
Because of this they cannot be used (yet) with virtio-mmio or virtio-ccw.
In fact the code that is common to virtio-mem and virtio-pmem, which
is in hw/virtio/virtio-md-pci.c, is only
> +impl PL011State {
> +pub fn init(&mut self) {
> +let dev = addr_of_mut!(*self).cast::();
One small thing that I forgot about, is that the init function should be unsafe.
For a short term change after this is merged, this should take not a
&mut self, but a "obj: &mut MaybeUninit".
Hi Peter,
On Thu, Sep 5, 2024 at 6:00 PM Peter Xu wrote:
>
> On Thu, Sep 05, 2024 at 05:32:46PM +0200, Juraj Marcin wrote:
> > Hi Peter,
>
> Hi, Juraj,
>
> [...]
>
> > > unsigned int kvm_get_max_memslots(void)
> > > {
> > > KVMState *s = KVM_STATE(current_accel());
> > > @@ -193,15 +247,20
From: Yoochan Jeong
Minor bugs and errors related to ufs-test are resolved. Some
permissions and code implementations that are not synchronized
with the ufs spec are edited.
Signed-off-by: Yoochan Jeong
Reviewed-by: Jeuk Kim
Signed-off-by: Jeuk Kim
---
hw/ufs/ufs.c | 19 +++
From: Yoochan Jeong
New test function "ufstest_query_desc_request" added, which can check one's
virtual UFS device can properly read and its descriptor data.
(Writing descriptors are not implemented yet.)
The testcases attempt to read all kinds of descriptors at least once,
except for configurati
gitlab.com/jeuk20.kim/qemu.git tags/pull-ufs-20240906
for you to fetch changes up to 9fe8e2c68ad99e503a11390b868a7dad846e7a0d:
hw/ufs: ufs descriptor read test implemented (2024-09-06 18:04:16 +0900)
ufs queue
- Add basic inf
From: Yoochan Jeong
New test function "ufstest_flag_request" added, which can check one's
virtual UFS device can properly read and write its flag data. It tests
if reading, setting, clearing and toggling flags work properly. There
are some testcases that are intended to make an error caused by
pe
From: Yoochan Jeong
New test function "ufstest_query_attr_request" added, which can check one's
virtual UFS device can properly read and write its attribute data.
It tests if reading and writing attributes work properly. There are
some testcases that are intended to make an error caused by writin
From: Kyoungrul Kim
Modify to fill the opcode, idn, index, selector information of
all Query Response UPIU. because attr and flag operation of query
response upiu need these information too.
Signed-off-by: KyoungrulKim
Reviewed-by: Minwoo Im
Reviewed-by: Jeuk Kim
Signed-off-by: Jeuk Kim
---
From: Zhao Liu
QEMU crashes (Segmentation fault) when getting cxl-fmw property via
qmp:
(QEMU) qom-get path=machine property=cxl-fmw
This issue is caused by accessing wrong callback (opaque) type in
machine_get_cfmw().
cxl_machine_init() sets the callback as `CXLState *` type but
machine_get_c
From: Peter Maydell
When we converted the LDAPR/STLR instructions to decodetree we
accidentally introduced a regression where the offset is negative.
The 9-bit immediate field is signed, and the old hand decoder
correctly used sextract32() to get it out of the insn word,
but the ldapr_stlr_i patt
From: Bibo Mao
Loongson IPI is only available in little-endian,
so use that to access the guest memory (in case
we run on a big-endian host).
Cc: qemu-sta...@nongnu.org
Signed-off-by: Bibo Mao
Fixes: f6783e3438 ("hw/loongarch: Add LoongArch ipi interrupt support")
[PMD: Extracted from bigger co
The following patches are queued for QEMU stable v9.0.3:
https://gitlab.com/qemu-project/qemu/-/commits/staging-9.0
Patch freeze is 2024-09-16, and the release is planned for 2024-09-18:
https://wiki.qemu.org/Planning/9.0
Please respond here or CC qemu-sta...@nongnu.org on any additional pa
From: Manos Pitsidianakis
When reading input audio in the virtio-snd input callback,
virtio_snd_pcm_in_cb(), we do not check whether the iov can actually fit
the data buffer. This is because we use the buffer->size field as a
total-so-far accumulator instead of byte-size-left like in TX buffers.
From: Fiona Ebner
Commit 3089637461 ("scsi: Don't ignore most usb-storage properties")
removed the call to object_property_set_int() and thus the 'set'
method for the bootindex property was also not called anymore. Here
that method is device_set_bootindex() (as configured by
scsi_dev_instance_ini
From: Markus Armbruster
Commit 8f9a9259d32c added ObjectType member @x-vfio-user-server with
feature unstable, but neglected to explain why it is unstable. Do
that now.
Fixes: 8f9a9259d32c (vfio-user: define vfio-user-server object)
Cc: Elena Ufimtseva
Cc: John G Johnson
Cc: Jagannathan Raman
From: Peter Maydell
In commit c1a1f80518d360b when we added the FEAT_LSE2 relaxations to
the alignment requirements for atomic and ordered loads and stores,
we didn't quite get it right for LDAPR/LDAPRH/LDAPRB with no
immediate offset. These instructions were handled in the old decoder
as part o
From: Sergey Dyasli
This reverts commit 2b316774f60291f57ca9ecb6a9f0712c532cae34.
After 038b4217884c ("Revert "chardev: use a child source for qio input
source"") we've been observing the "iwp->src == NULL" assertion
triggering periodically during the initial capabilities querying by
libvirtd. O
From: Zheyu Ma
The allocated memory to hold LBA ranges leaks in the nvme_dsm function. This
happens because the allocated memory for iocb->range is not freed in all
error handling paths.
Fix this by adding a free to ensure that the allocated memory is properly freed.
ASAN log:
==3075137==ERROR:
From: Richard Henderson
This operation has float16 inputs and thus must use
the FZ16 control not the FZ control.
Cc: qemu-sta...@nongnu.org
Fixes: 3916841ac75 ("target/arm: Implement FMOPA, FMOPS (widening)")
Reported-by: Daniyal Khan
Signed-off-by: Richard Henderson
Reviewed-by: Alex Bennée
From: Daniyal Khan
We made a copy above because the fp exception flags
are not propagated back to the FPST register, but
then failed to use the copy.
Cc: qemu-sta...@nongnu.org
Fixes: 558e956c719 ("target/arm: Implement FMOPA, FMOPS (non-widening)")
Signed-off-by: Daniyal Khan
Signed-off-by: Ri
From: David Woodhouse
While refactoring the NIC initialization code, I broke '-net nic,model=help'
which no longer outputs a list of available NIC models.
Fixes: 2cdeca04adab ("net: report list of available models according to
platform")
Cc: qemu-sta...@nongnu.org
Signed-off-by: David Woodhouse
From: Frederik van Hövell
When a bare-metal application on the raspi3 board reads the
AUX_MU_STAT_REG MMIO register while the device's buffer is
at full receive FIFO capacity
(i.e. `s->read_count == BCM2835_AUX_RX_FIFO_LEN`) the
assertion `assert(s->read_count < BCM2835_AUX_RX_FIFO_LEN)`
fails.
From: Akihiko Odaki
hvf did not advance PC when raising an exception for most unhandled
system registers, but it mistakenly advanced PC when raising an
exception for GICv3 registers.
Cc: qemu-sta...@nongnu.org
Fixes: a2260983c655 ("hvf: arm: Add support for GICv3")
Signed-off-by: Akihiko Odaki
From: Fiona Ebner
Commit 9876359990 ("hw/scsi/lsi53c895a: add timer to scripts
processing") reduced the maximum allowed instruction count by
a factor of 100 all the way down to 100.
This causes the "Check Point R81.20 Gaia" appliance [0] to fail to
boot after fully finishing the installation via
From: Manos Pitsidianakis
When setting the parameters of a PCM stream, we compute the bit flag
with the format and rate values as shift operand to check if they are
set in supported_formats and supported_rates.
If the guest provides a format/rate value which when shifting 1 results
in a value bi
From: Clément Mathieu--Drif
The constant must be unsigned, otherwise the two's complement
overrides the other fields when a PASID is present.
Fixes: 1b2b12376c8a ("intel-iommu: PASID support")
Signed-off-by: Clément Mathieu--Drif
Reviewed-by: Yi Liu
Reviewed-by: Zhenzhong Duan
Reviewed-by: Mi
From: thomas
Patch 06b12970174 ("virtio-net: fix network stall under load")
added double-check to test whether the available buffer size
can satisfy the request or not, in case the guest has added
some buffers to the avail ring simultaneously after the first
check. It will be lucky if the availab
From: Peter Maydell
In amdvi_update_iotlb() we will only put a new entry in the hash
table if to_cache.perm is not IOMMU_NONE. However we allocate the
memory for the new AMDVIIOTLBEntry and for the hash table key
regardless. This means that in the IOMMU_NONE case we will leak the
memory we allo
From: Peter Maydell
When determining the current vector length, the SMCR_EL2.LEN and
SVCR_EL2.LEN settings should only be considered if EL2 is enabled
(compare the pseudocode CurrentSVL and CurrentNSVL which call
EL2Enabled()).
We were checking against ARM_FEATURE_EL2 rather than calling
arm_is_
From: Peter Maydell
For an instruction which accesses a 128-bit element tile when
the SVL is also 128 (for example MOV z0.Q, p0/M, ZA0H.Q[w0,0]),
we will assert in get_tile_rowcol():
qemu-system-aarch64: ../../tcg/tcg-op.c:926: tcg_gen_deposit_z_i32: Assertion
`len > 0' failed.
This happens be
1 - 100 of 313 matches
Mail list logo
