On 08.11.24 16:07, Peter Xu wrote:
On Fri, Nov 08, 2024 at 03:54:13PM +0100, David Hildenbrand wrote:
Likely AUX is everything that is "neither explicitly specified by the user nor
very special RAM"
So I think hw/misc/ivshmem.c would also not count as "aux", and similarly
hw/remote/memory.c; bo
On 7/11/24 10:27, Richard Henderson wrote:
On 11/7/24 01:22, Philippe Mathieu-Daudé wrote:
Replace the DEVICE_NATIVE_ENDIAN MemoryRegionOps by a pair
of DEVICE_LITTLE_ENDIAN / DEVICE_BIG_ENDIAN.
Add the "little-endian" property to select the device
endianness, defaulting to little endian.
Set th
On Fri, Nov 08, 2024 at 03:54:13PM +0100, David Hildenbrand wrote:
> Likely AUX is everything that is "neither explicitly specified by the user nor
> very special RAM"
>
> So I think hw/misc/ivshmem.c would also not count as "aux", and similarly
> hw/remote/memory.c; both use memory_region_init_ra
On 7/11/24 11:01, Richard Henderson wrote:
On 11/7/24 01:22, Philippe Mathieu-Daudé wrote:
Replace the DEVICE_NATIVE_ENDIAN MemoryRegionOps by a pair
of DEVICE_LITTLE_ENDIAN / DEVICE_BIG_ENDIAN.
Add the "little-endian" property to select the device
endianness, defaulting to little endian.
Set th
From: Alexander Graf
VMApple contains an "aes" engine device that it uses to encrypt and
decrypt its nvram. It has trivial hard coded keys it uses for that
purpose.
Add device emulation for this device model.
Signed-off-by: Alexander Graf
Signed-off-by: Phil Dennis-Jordan
---
v3:
* Rebased
From: Alexander Graf
We will introduce a number of devices that are specific to the vmapple
target machine. To keep them all tidily together, let's put them into
a single target directory.
Signed-off-by: Alexander Graf
Signed-off-by: Phil Dennis-Jordan
Reviewed-by: Akihiko Odaki
---
MAINTAIN
CCing Thomas.
commit 956a78118bfc7fa512b03cbe8a77b9384c6d89f4
Author: Thomas Huth
Date: Sat Jun 30 08:45:25 2018 +0200
m68k: Add NeXTcube machine
It is still quite incomplete (no SCSI, no floppy emulation, no network,
etc.), but the firmware already shows up the de
One of the things suggested at the KVM Forum Rust BoF was creating
a qemu-rust mailing list. This is going to be one of our usual
qemu-foo lists along the lines of what we have already for
qemu-block, qemu-arm, etc, and the standard policy applies: emails
to qemu-rust should also cc qemu-devel so p
Introduce an abstract machine parent class which defines
the 'little_endian' property. Duplicate the current machine,
which endian is tied to the binary endianness, to one big
endian and a little endian machine; updating the machine
description. Keep the current default machine for each binary.
'p
On Fri, Nov 08, 2024 at 03:13:58PM +, Peter Maydell wrote:
> One of the things suggested at the KVM Forum Rust BoF was creating
> a qemu-rust mailing list. This is going to be one of our usual
> qemu-foo lists along the lines of what we have already for
> qemu-block, qemu-arm, etc, and the stan
The archive used in test_microblaze_s3adsp1800.py (testing a
big-endian target) contains a big-endian kernel. Rename using
the _BE suffix.
Similarly, the archive in test_microblazeel_s3adsp1800 (testing
a little-endian target) contains a little-endian kernel. Rename
using _LE suffix.
These change
Hi Edgar,
I am working on bringing up the Wind River Helix hypervisor on the
xlnx-versal-virt machine, which expects to find MMU-500 SMMU where it lives on
the Versal SoC. I understand the -virt machine is not intended to fully emulate
Versal SoC.
I found an implementation of the MMU-500 on th
On Fri, Nov 08, 2024 at 07:01:39PM +0100, Paolo Bonzini wrote:
> Code checks, as well as documentation generation, are not yet tied
> to "make check" because they need new version of the Rust toolchain
> (even nightly in the case of "rustfmt"). Run them in CI using the
> existing nightly-Rust cont
Hi!
I compared EPYC-Genoa CPU model with CPUID output from real EPYC Genoa
host. I found some mismatches that confused me. Could you help me to
understand them?
On 5/4/23 23:53, Babu Moger wrote:
Adds the support for AMD EPYC Genoa generation processors. The model
display for the new processo
On 230427 1710, Alexander Bulekov wrote:
> These patches aim to solve two types of DMA-reentrancy issues:
>
> 1.) mmio -> dma -> mmio case
> To solve this, we track whether the device is engaged in io by
> checking/setting a reentrancy-guard within APIs used for MMIO access.
>
> 2.) bh -> dma w
On Fri, 8 Nov 2024, Philippe Mathieu-Daudé wrote:
On 8/11/24 13:13, BALATON Zoltan wrote:
On Fri, 8 Nov 2024, Thomas Huth wrote:
On 06/11/2024 21.32, BALATON Zoltan wrote:
On Wed, 6 Nov 2024, Philippe Mathieu-Daudé wrote:
On 6/11/24 13:00, BALATON Zoltan wrote:
On Wed, 6 Nov 2024, Mark Cave-
From: Alexander Graf
In addition to the ISA and PCI variants of pvpanic, let's add an MMIO
platform device that we can use in embedded arm environments.
Signed-off-by: Alexander Graf
Reviewed-by: Philippe Mathieu-Daudé
Tested-by: Philippe Mathieu-Daudé
Signed-off-by: Phil Dennis-Jordan
Revie
Implement TR NOOP commands by setting up then immediately completing
the packet. Add a TR NOOP test to the xhci qtest.
The IBM AIX XHCI driver uses NOOP commands to check driver and
hardware health.
Signed-off-by: Nicholas Piggin
---
hw/usb/hcd-xhci.c | 28
Implement PBA write 1 to trigger and 0 to clear. This is used by
qtests which mask the MSI irq and so the bits remain pending and
expect to be cleared with stores.
Some devices like e1000e seem to have MSIX PBA pending tied to
some device state level, as such they call msix_clr_pending()
directly,
Add assertions to ensure a BAR is not mapped twice, and only
previously mapped BARs are unmapped. This can help catch some
bugs.
Signed-off-by: Nicholas Piggin
---
tests/qtest/libqos/ahci.h | 1 +
tests/qtest/libqos/pci.h| 2 ++
tests/qtest/libqos/virtio-pci.h | 1 +
tests/qtest
mo_endian() returns the target endianness, currently static.
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Richard Henderson
---
target/microblaze/translate.c | 14 ++
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/target/microblaze/translate.c b/target/microbla
Extract the implicit MO_TE definition in order to replace
it by runtime variable in the next commit.
Mechanical change using:
$ for n in UW UL UQ UO SW SL SQ; do \
sed -i -e "s/MO_TE$n/MO_TE | MO_$n/" \
$(git grep -l MO_TE$n target/microblaze); \
done
Signed-off-by: Philip
Consider the CPU ENDI bit, swap instructions when the CPU
endianness doesn't match the binary one.
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Richard Henderson
---
target/microblaze/cpu.h | 7 +++
target/microblaze/translate.c | 5 +++--
2 files changed, 10 insertions(+), 2 de
Replace the DEVICE_NATIVE_ENDIAN MemoryRegionOps by a pair
of DEVICE_LITTLE_ENDIAN / DEVICE_BIG_ENDIAN.
Add the "little-endian" property to select the device
endianness, defaulting to little endian.
Set the proper endianness on the single machine using the
device.
Reviewed-by: Richard Henderson
S
Replace the DEVICE_NATIVE_ENDIAN MemoryRegionOps by a pair
of DEVICE_LITTLE_ENDIAN / DEVICE_BIG_ENDIAN.
Add the "little-endian" property to select the device
endianness, defaulting to little endian.
Set the proper endianness for each machine using the device.
Reviewed-by: Richard Henderson
Signed
Good point, Stefan!
Let me put it through our CI tests, which, in addition to unit tests,
also does both Linux (rhel-9) and AIX (ver7) boot exercises
thank you,
---
dan tan
power simulation
phone:+1.7373.099.138
email:dan...@linux.ibm.com
On 2024-11-08 09:38, Stefan Berger wrote:
On 11/4/24
On Thu, 7 Nov 2024 18:59:07 +
Salil Mehta wrote:
> Hi Igor,
>
> Many thanks for taking time to reply.
>
> > From: qemu-arm-bounces+salil.mehta=huawei@nongnu.org > arm-bounces+salil.mehta=huawei@nongnu.org> On Behalf Of Igor
> > Mammedov
> > Sent: Thursday, November 7, 2024 4:57
On Wed, 6 Nov 2024 at 08:38, Dmitry Frolov wrote:
>
> The product "icnto * s->tcntb" may overflow uint32_t.
>
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
>
> Signed-off-by: Dmitry Frolov
> ---
> hw/timer/exynos4210_mct.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletio
The following changes since commit a1dacb66915eb7d08a0596cc97068a37c39930d3:
Merge tag 'for-upstream-rust' of https://gitlab.com/bonzini/qemu into staging
(2024-11-06 21:27:47 +)
are available in the Git repository at:
https://gitlab.com/bonzini/qemu.git tags/for-upstream
for you to fe
On Fri, Nov 8, 2024 at 11:38 PM Paolo Bonzini wrote:
>
> Check for overflow as well as allocation failure. Resolves Coverity CID
> 1564859.
>
> Reviewed-by: Pierrick Bouvier
> Reviewed-by: Dorjoy Chowdhury
> Signed-off-by: Paolo Bonzini
> ---
> hw/core/eif.c | 48
Il ven 8 nov 2024, 18:48 Dorjoy Chowdhury ha
scritto:
> I was looking into doing some changes on top of the original patch and
> this check above should be if (!(*cmdline)), right?
>
Oops, yes it should. I will send a new pull request tomorrow morning.
Paolo
Regards,
> Dorjoy
>
>
On Fri, 8 Nov 2024 13:49:04 +0100
Corvin Köhne wrote:
> From: Corvin Köhne
>
> When copying the calculation of the stolen memory size for Intels integrated
* Intel's
> graphics device of gen 9 and later from the Linux kernel [1], we missed
> subtracting 0xf0 from the graphics mode select val
On Fri, 8 Nov 2024 13:48:30 +0100
Corvin Köhne wrote:
> From: Corvin Köhne
>
> I've tested and verified that Coffee Lake devices are working properly.
>
> Signed-off-by: Corvin Köhne
> ---
> hw/vfio/igd.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/hw/vfio/igd.c b/hw/vfio/i
Hi Sandipan,
On 11/8/24 5:09 AM, Sandipan Das wrote:
> On 11/4/2024 3:10 PM, Dongli Zhang wrote:
[snip]
>> + * separate set of addresses for the selector and counter
>> + * registers. Additionally, the address of the next selector or
>> + * counter register is
On Tue, 5 Nov 2024 at 16:48, Peter Maydell wrote:
>
> On Mon, 4 Nov 2024 at 14:43, Daniel P. Berrangé wrote:
> >
> > On Mon, Nov 04, 2024 at 02:32:53PM +, CLEMENT MATHIEU--DRIF wrote:
> > > Hi everyone,
> > >
> > > It seems that https://github.com/Zeex/subhook (EDK2 submodule) is not
> > > lo
From: Pierrick Bouvier
../target/i386/hvf/x86_cpuid.c:35:28: error: a function declaration without a
prototype is deprecated in all versions of C
Fixes: 7cac7aa7040a823c585f1578a38f28e83c8bf3e1
Signed-off-by: Pierrick Bouvier
Link:
https://lore.kernel.org/r/20241104222102.1522688-1-pierrick.b
SHA512, SM3, SM4 (CPUID[EAX=7,ECX=1).EAX bits 0 to 2) is supported by
Clearwater Forest processor, add it to QEMU as it does not need any
specific enablement.
See https://lore.kernel.org/kvm/20241105054825.870939-1-tao1...@linux.intel.com/
for reference.
Reviewed-by: Tao Su
Signed-off-by: Paolo
From: Phil Dennis-Jordan
Pointers to the x86 CPU state already exist at the function scope,
no need to re-obtain them in individual exit reason cases.
Signed-off-by: Phil Dennis-Jordan
Link: https://lore.kernel.org/r/20241105155800.5461-6-p...@philjordan.eu
Reviewed-by: Roman Bolshakov
Signed-
From: Phil Dennis-Jordan
Support for x2APIC mode was recently introduced in the software emulated
APIC implementation for TCG. Enabling it when using macOS’s hvf
accelerator is useful and significantly helps performance, as Qemu
currently uses the emulated APIC when running on hvf as well.
This
From: Alexander Graf
Commit b56617bbcb4 ("target/i386: Walk NPT in guest real mode") added
logic to run the page table walker even in real mode if we are in NPT
mode. That function then determined whether real mode or paging is
active based on whether the pg_mode variable was 0.
Unfortunately p
From: Phil Dennis-Jordan
When setting the APICBASE MSR to an illegal value, the APIC
implementation will return an error. This change forwards that report
to the guest as an exception rather than ignoring it when using the hvf
accelerator.
Signed-off-by: Phil Dennis-Jordan
Link: https://lore.ke
Check for overflow as well as allocation failure. Resolves Coverity CID
1564859.
Reviewed-by: Pierrick Bouvier
Reviewed-by: Dorjoy Chowdhury
Signed-off-by: Paolo Bonzini
---
hw/core/eif.c | 48 +---
1 file changed, 41 insertions(+), 7 deletions(-)
Check for overflow to avoid that fseek() receives a sign-extended value.
Cc: Dorjoy Chowdhury
Signed-off-by: Paolo Bonzini
---
include/qemu/osdep.h | 4
hw/core/eif.c| 4
2 files changed, 8 insertions(+)
diff --git a/include/qemu/osdep.h b/include/qemu/osdep.h
index fe7c3c5f6
Otherwise, newer releases of meson complain.
Reviewed-by: Pierrick Bouvier
Signed-off-by: Paolo Bonzini
---
subprojects/packagefiles/arbitrary-int-1-rs/meson.build | 1 +
subprojects/packagefiles/bilge-0.2-rs/meson.build | 1 +
subprojects/packagefiles/bilge-impl-0.2-rs/me
From: Phil Dennis-Jordan
The hvf_caps data structure only exists once as part of the hvf accelerator
state, but it is initialised during vCPU initialisation. This change therefore
adds a check to ensure memory for it is only allocated once.
Signed-off-by: Phil Dennis-Jordan
Link: https://lore.k
Avoid looking for Rust dependencies via cmake.
Reviewed-by: Junjie Mao
Signed-off-by: Paolo Bonzini
---
rust/qemu-api-macros/meson.build | 4
1 file changed, 4 insertions(+)
diff --git a/rust/qemu-api-macros/meson.build b/rust/qemu-api-macros/meson.build
index 24325dea5c2..6f94a4bb3c2 100
From: Phil Dennis-Jordan
The handling for CPUID function 0xD (supported XSAVE features) was
improved in a recent patch. Unfortunately, this appears to have
introduced undefined behaviour for cases where ecx > 30, as the result
of (1 << idx) is undefined if idx > 30.
Per Intel SDM section 13.2, t
Hi Maxim,
Thanks for looking into this. I will fix the bits I mentioned below in
upcoming Genoa/Turin model update.
I have few comments below.
On 11/8/2024 12:15 PM, Maksim Davydov wrote:
Hi!
I compared EPYC-Genoa CPU model with CPUID output from real EPYC Genoa
host. I found some mismatche
+Evgeny
On 8/11/24 16:47, Peter Maydell wrote:
On Wed, 6 Nov 2024 at 08:38, Dmitry Frolov wrote:
The product "icnto * s->tcntb" may overflow uint32_t.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Signed-off-by: Dmitry Frolov
---
hw/timer/exynos4210_mct.c | 2 +-
1 f
On Wed, Nov 6, 2024 at 11:44 PM Paolo Bonzini wrote:
>
> Check for overflow as well as allocation failure. Resolves Coverity CID
> 1564859.
>
> Signed-off-by: Paolo Bonzini
> ---
> hw/core/eif.c | 48 +---
> 1 file changed, 41 insertions(+), 7 deleti
On Tue, 5 Nov 2024 at 22:49, Philippe Mathieu-Daudé wrote:
>
> From: Zhao Liu
>
> Add cache_supported flags in SMPCompatProps to allow machines to
> configure various caches support.
>
> And check the compatibility of the cache properties with the
> machine support in machine_parse_smp_cache().
From: Jared Rossi
Clear information about cdrom type so that current IPL device isn't tainted
by stale data from previous devices.
Signed-off-by: Jared Rossi
---
pc-bios/s390-ccw/main.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/pc-bios/s390-ccw/main.c b/pc-bios/s390-ccw/main.c
index
Am Wed, 6 Nov 2024 18:46:10 +
schrieb Philippe Mathieu-Daudé :
> These devices are only used by the M68K target, which is only
> built as big-endian. Therefore the DEVICE_NATIVE_ENDIAN
> definition expand to DEVICE_BIG_ENDIAN (besides, the
> DEVICE_LITTLE_ENDIAN case isn't tested). Simplify d
When using a VDPA device, it is important to ensure that the MAC address
is correctly set. In this patch series, we add a new parameter to
enable this check.
Only three MAC setup configurations are acceptable; any other will
fail to boot.
The usage is:
-netdev
type=vhost-vdpa,vhostdev=/dev/v
When using a VDPA device, it is important to ensure that the MAC
address is correctly set. The MAC address in the hardware should
match the MAC address from the QEMU command line. This is a recommended
configuration and will allow the system to boot.
Signed-off-by: Cindy Lu
---
hw/net/virtio-net
For VDPA devices, Allow configurations where the hardware MAC address
is non-zero while the MAC address in the QEMU command line is zero.
Signed-off-by: Cindy Lu
---
hw/net/virtio-net.c | 14 ++
1 file changed, 14 insertions(+)
diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
For VDPA devices, Allow configurations where both the hardware MAC address
and QEMU command line MAC address are zero.
Signed-off-by: Cindy Lu
---
hw/net/virtio-net.c | 13 +
1 file changed, 13 insertions(+)
diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
index f74aa4f8db..66
When using a VDPA device, it's important to ensure that the MAC
address is correctly set.
Add a new parameter in qemu cmdline to enable this check, default value
is false
The usage is:
-netdev
type=vhost-vdpa,vhostdev=/dev/vhost-vdpa-0,id=vhost-vdpa0,check-mac=true\
-device virtio-net-pci,ne
Am Wed, 6 Nov 2024 18:46:09 +
schrieb Philippe Mathieu-Daudé :
> These devices are only used by the TriCore target, which is
> only built as little-endian. Therefore the DEVICE_NATIVE_ENDIAN
> definition expand to DEVICE_LITTLE_ENDIAN (besides, the
> DEVICE_BIG_ENDIAN case isn't tested). Simp
Am Wed, 6 Nov 2024 18:46:08 +
schrieb Philippe Mathieu-Daudé :
> These devices are only used by the X86 targets, which are only
> built as little-endian. Therefore the DEVICE_NATIVE_ENDIAN
> definition expand to DEVICE_LITTLE_ENDIAN (besides, the
> DEVICE_BIG_ENDIAN case isn't tested). Simpli
From: Philippe Mathieu-Daudé
load_flt_binary() calls load_flat_file() -> page_set_flags().
page_set_flags() must be called with the mmap_lock held,
otherwise it aborts:
$ qemu-arm -L stm32/lib/ stm32/bin/busybox
qemu-arm: ../accel/tcg/user-exec.c:505: page_set_flags: Assertion
`have_mmap_l
From: Klaus Jensen
If a host chooses to use the SQHD "hint" in the CQE to know if there is
room in the submission queue for additional commands, it may result in a
situation where there are not enough internal resources (struct
NvmeRequest) available to process the command. For a lack of a better
From: Peter Maydell
Our implementation of the indexed version of SVE SDOT/UDOT/USDOT got
the calculation of the inner loop terminator wrong. Although we
correctly account for the element size when we calculate the
terminator for the first iteration:
intptr_t segend = MIN(16 / sizeof(TYPED), o
From: Peter Maydell
In regime_is_user() we assert if we're passed an ARMMMUIdx_E10_*
mmuidx value. This used to make sense because we only used this
function in ptw.c and would never use it on this kind of stage 1+2
mmuidx, only for an individual stage 1 or stage 2 mmuidx.
However, when we imple
From: Ilya Leoshkevich
do_setcontext() copies the target sigmask without endianness handling
and then uses target_to_host_sigset_internal(), which expects a
byte-swapped one. Use target_to_host_sigset() instead.
Fixes: bcd4933a23f1 ("linux-user: ppc signal handling")
Signed-off-by: Ilya Leoshkev
From: Anup Patel
The reads to in_clrip[x] registers return rectified input values of the
interrupt sources.
A rectified input value of an interrupt source is defined by the section
"4.5.2 Source configurations (sourcecfg[1]–sourcecfg[1023])" of the RISC-V
AIA specification as:
"rectified input v
From: Evgenii Prokopiev
The register VXSAT should be RW only to the first bit.
The remaining bits should be 0.
The RISC-V Instruction Set Manual Volume I: Unprivileged Architecture
The vxsat CSR has a single read-write least-significant bit (vxsat[0])
that indicates if a fixed-point instruction
From: Yong-Xuan Wang
The section 4.5.2 of the RISC-V AIA specification says that any write
to a sourcecfg register of an APLIC might (or might not) cause the
corresponding interrupt-pending bit to be set to one if the rectified
input value is high (= 1) under the new source mode.
If an interrupt
From: Ilya Leoshkevich
divdu (without a dot) sometimes updates cr0, even though it shouldn't.
The reason is that gen_op_arith_divd() checks Rc(ctx->opcode), which is
not initialized. This field is initialized only for instructions that
go through decode_legacy(), and not decodetree.
There alread
From: Paolo Bonzini
This is an error in Python 3.12; fix it by using a raw string literal.
Cc: qemu-sta...@nongnu.org
Signed-off-by: Paolo Bonzini
(cherry picked from commit e6d8e5e6e366ab4c9ed7d8ed1572f98c6ad6a38e)
Signed-off-by: Michael Tokarev
diff --git a/scripts/tracetool/__init__.py b/s
Am Wed, 6 Nov 2024 18:46:11 +
schrieb Philippe Mathieu-Daudé :
> These devices are only used by the OpenRISC target, which is
> only built as big-endian. Therefore the DEVICE_NATIVE_ENDIAN
> definition expand to DEVICE_BIG_ENDIAN (besides, the
> DEVICE_LITTLE_ENDIAN case isn't tested). Simpli
From: Stefan Weil
GitHub's CodeQL reports a critical error which is fixed by using the MIN macro:
Unsigned difference expression compared to zero
Signed-off-by: Stefan Weil
Cc: qemu-sta...@nongnu.org
Reviewed-by: Zhang Chen
Signed-off-by: Jason Wang
(cherry picked from commit e29bc931e16
From: Sergey Makarov
According to PLIC specification (chapter 5), there
is only one case, when interrupt is claimed. Fix
PLIC controller to match this behavior.
Signed-off-by: Sergey Makarov
Reviewed-by: Alistair Francis
Message-ID: <20240918140229.124329-3-s.maka...@syntacore.com>
Signed-off-
From: Alex Bennée
When git fails the rather terse backtrace only indicates it failed
without some useful context. Add some to make the log a little more
useful.
Reviewed-by: Daniel P. Berrangé
Signed-off-by: Alex Bennée
Message-Id: <20241023113406.1284676-11-alex.ben...@linaro.org>
(cherry pic
From: Peter Xu
Zhiyi reported an infinite loop issue in VFIO use case. The cause of that
was a separate discussion, however during that I found a regression of
dirty sync slowness when profiling.
Each KVMMemoryListerner maintains an array of kvm memslots. Currently it's
statically allocated to
From: Fiona Ebner
Allow overlapping request by removing the assert that made it
impossible. There are only two callers:
1. block_copy_task_create()
It already asserts the very same condition before calling
reqlist_init_req().
2. cbw_snapshot_read_lock()
There is no need to have read requests
From: Richard Henderson
Comparing a string of 4 bytes only works in little-endian.
Adjust bulk bswap to only apply to the note payload.
Perform swapping of the note header manually; the magic
is defined so that it does not need a runtime swap.
Fixes: 83f990eb5adb ("linux-user/elfload: Parse NT_
From: Stefan Berger
Rather than waiting for the completion of migration on the source side,
wait for it on the destination QEMU side to avoid accessing the TPM TIS
memory mapped registers before QEMU could restore their state. This
error condition could be triggered on busy systems where the dest
From: "Fea.Wang"
The follow-up transactions may use the data in the attribution, so keep
the value of attribution from the function parameter just as
flatview_translate() above.
Signed-off-by: Fea.Wang
Cc: qemu-sta...@nongnu.org
Fixes: f26404fbee ("Make address_space_map() take a MemTxAttrs arg
From: Alexander Bulekov
When we are building for OSS-Fuzz, we want to ensure that the fuzzer
targets are actually created, regardless of leaks. Leaks will be
detected by the subsequent tests of the individual fuzz-targets.
Signed-off-by: Alexander Bulekov
Reviewed-by: Philippe Mathieu-Daudé
Me
From: Christian Schoenebeck
A bad (broken or malicious) 9p client (guest) could cause QEMU host to
crash by sending a 9p 'Treaddir' request with a numeric file ID (FID) that
was previously opened for a file instead of an expected directory:
#0 0x762aff8f4919 in __GI___rewinddir (dirp=0xf)
From: Fabiano Rosas
The XT check for the lxvx/stxvx instructions is currently
inverted. This was introduced during the move to decodetree.
>From the ISA:
Chapter 7. Vector-Scalar Extension Facility
Load VSX Vector Indexed X-form
lxvx XT,RA,RB
if TX=0 & MSR.VSX=0 then VSX_Unavailable()
From: Richard Henderson
This pointer needs to be reset after overflow just like
code_buf and code_ptr.
Cc: qemu-sta...@nongnu.org
Fixes: 57a269469db ("tcg: Infrastructure for managing constant pools")
Acked-by: Alistair Francis
Reviewed-by: Pierrick Bouvier
Reviewed-by: LIU Zhiwei
Signed-off-
From: Bernhard Beschow
The patch fixes the following errors generated by GCC 14.2:
../src/net/tap-win32.c:343:19: error: '%s' directive output may be truncated
writing up to 255 bytes into a region of size 176 [-Werror=format-truncation=]
343 | "%s\\%s\\Connection",
|
From: Peter Maydell
Coverity complains (CID 1507880) that the declaration "int error_code;"
in mmu_translate() is unreachable code. Since this is only a declaration,
this isn't actually a bug, but:
* it's a bear-trap for future changes, because if it was changed to
include an initialization '
From: Stefano Garzarella
Commit 1880ad4f4e ("virtio-scsi: Batched prepare for cmd reqs") split
calls to scsi_req_new() and scsi_req_enqueue() in the virtio-scsi device.
No ill effects were observed until commit 8cc5583abe ("virtio-scsi: Send
"REPORTED LUNS CHANGED" sense data upon disk hotplug ev
From: Alexander Graf
When translating virtual to physical address with a guest CPU that
supports nested paging (NPT), we need to perform every page table walk
access indirectly through the NPT, which we correctly do.
However, we treat real mode (no page table walk) special: In that case,
we curr
From: Alexandra Diupina
The result of 1 << regbit with regbit==31 has a 1 in the 32nd bit.
When cast to uint64_t (for further bitwise OR), the 32 most
significant bits will be filled with 1s. However, the documentation
states that the upper 32 bits of ICH_AP[0/1]R_EL2 are reserved.
Add an explic
From: Anton Blanchard
vcompress packs vl or less fields into vd, so the tail starts after the
last packed field. This could be more clearly expressed in the ISA,
but for now this thread helps to explain it:
https://github.com/riscv/riscv-v-spec/issues/796
Signed-off-by: Anton Blanchard
Reviewe
From: Rob Bradford
The RISC-V unprivileged specification "31.3.11. State of Vector
Extension at Reset" has a note that recommends vtype.vill be set on
reset as part of ensuring that the vector extension have a consistent
state at reset.
This change now makes QEMU consistent with Spike which sets
The following patches are queued for QEMU stable v7.2.15:
https://gitlab.com/qemu-project/qemu/-/commits/staging-7.2
Patch freeze is 2024-11-18, and the release is planned for 2024-11-20:
https://wiki.qemu.org/Planning/7.2
Please respond here or CC qemu-sta...@nongnu.org on any additional p
From: Kevin Wolf
s->offset and s->size are only set at the end of the function and still
contain the old values when formatting the error message. Print the
parameters with the new values that we actually checked instead.
Fixes: 500e2434207d ('raw-format: Split raw_read_options()')
Signed-off-by
From: Tom Dohrmann
KVM_CAP_READONLY_MEM used to be a global capability, but with the
introduction of AMD SEV-SNP confidential VMs, this extension is not
always available on all VM types [1,2].
Query the extension on the VM level instead of on the KVM level.
[1]
https://patchwork.kernel.org/pro
From: TANG Tiancheng
Ensure that riscv_cpu_sxl returns MXL_RV32 when runningRV32 in an
RV64 QEMU.
Signed-off-by: TANG Tiancheng
Fixes: 05e6ca5e156 ("target/riscv: Ignore reserved bits in PTE for RV64")
Reviewed-by: Liu Zhiwei
Reviewed-by: Alistair Francis
Message-ID: <20240919055048.562-4-zhi
From: Marc-André Lureau
Fixes: 280c1e1cd ("audio/hda: create millisecond timers that handle IO")
Signed-off-by: Marc-André Lureau
Reviewed-by: Akihiko Odaki
Message-ID: <20241008125028.1177932-2-marcandre.lur...@redhat.com>
(cherry picked from commit f27206ceedbe2efae37c8d143c5eb2db05251508)
S
Accidentally missed this email a week ago. Thanks again for all the reviews!
On 10/31/24 10:32, Akihiko Odaki wrote:
...
>> +# libx11 presents together with SDL or GTK libs on systems that
>> support X11
>> +xlib = dependency('x11', required: false)
>
> There is a line saying:
> x11 = dependenc
On Fri, Nov 8, 2024 at 9:50 PM Peter Xu wrote:
> On Fri, Nov 08, 2024 at 02:03:47PM +0800, Yong Huang wrote:
> > On Fri, Nov 8, 2024 at 12:28 AM Peter Xu wrote:
> >
> > > On Thu, Nov 07, 2024 at 05:56:50PM +0800, yong.hu...@smartx.com wrote:
> > > > From: Hyman Huang
> > > >
> > > > The first i
The first iteration's RAMBlock dirty sync can be omitted because QEMU
always initializes the RAMBlock's bmap to all 1s by default.
Signed-off-by: Hyman Huang
---
migration/cpu-throttle.c | 2 +-
migration/ram.c | 11 ---
2 files changed, 9 insertions(+), 4 deletions(-)
diff --
PRECOPY_NOTIFY_AFTER_BITMAP_SYNC was interpreted by free page hinting
optimization as an indication to begin freeing pages. But there's no
assurance that a sync is required when beginning a migration. Therefore,
during PRECOPY_NOTIFY_SETUP, as well as PRECOPY_NOTIFY_AFTER_BITMAP_SYNC,
enable free p
The first iteration's RAMBlock dirty sync can be omitted because QEMU
always initializes the RAMBlock's bmap to all 1s by default.
Prior to that, a pre-requisite patch was offered to maintain the free
page optimizing behavior.
For more details, please refers to:
https://lore.kernel.org/qemu-devel
1 - 100 of 271 matches
Mail list logo