During shutdown, blockdev_close_all_bdrv_states() drops any block node
references that are still owned by the monitor (i.e. the user). However,
in doing so, it forgot to also remove the node from monitor_bdrv_states
(which qmp_blockdev_del() correctly does), which means that later calls
of bdrv_first()/bdrv_next() will still return the (now stale) pointer to
the node.
Usually there is no such call after this point, but in some cases it can
happen. In the reported case, there was an ongoing migration, and the
migration thread wasn't shut down yet: migration_shutdown() called by
qemu_cleanup() doesn't actually wait for the migration to be shut down,
but may just move it to MIGRATION_STATUS_CANCELLING. The next time
migration_iteration_finish() runs, it sees the status and tries to
re-activate all block devices that migration may have previously
inactivated. This is where bdrv_first()/bdrv_next() get called and the
access to the already freed node happens.
It is debatable if migration_shutdown() should really return before
migration has settled, but leaving a dangling pointer in the list of
monitor-owned block nodes is clearly a bug either way and fixing it
solves the immediate problem, so fix it.
Cc: qemu-stable@nongnu.org
Reported-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-ID: <20251215150714.130214-1-kwolf@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Looks like the "$" has been forgotten here to get the contents of
the FILENAME variable.
Fixes: c49dda7254 ("iotests: Filter out ZFS in several tests")
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20251208075320.35682-1-thuth@redhat.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Next commit will re-use VMSTATE_BUFFER_POINTER_UNSAFE().
This reverts commit 58341158d0.
Suggested-by: Fiona Ebner <f.ebner@proxmox.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
A recent change in glibc 2.42.9000 [1] changes the return type of
strstr() and other string functions to be 'const char *' when the
input is a 'const char *'.
This breaks the build in various files with errors such as :
error: initialization discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers]
208 | char *pidstr = strstr(filename, "%");
| ^~~~~~
Fix this by changing the type of the variables that store the result
of these functions to 'const char *'.
[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=cd748a63ab1a7ae846175c532a3daab341c62690
Signed-off-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20251209174328.698774-1-clg@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
This fixes some settings like the default installation path
for the QEMU installation on Windows on ARM (WoA).
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20251209130212.764443-1-sw@weilnetz.de>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-ID: <20251209125759.764296-1-sw@weilnetz.de>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
This fixes a compiler error when higher warning levels are enabled:
../migration/postcopy-ram.c: In function ‘postcopy_temp_pages_setup’:
../migration/postcopy-ram.c:1483:50: error: ‘g_malloc0_n’ sizes specified with ‘sizeof’ in the earlier argument and not in the later argument [-Werror=calloc-transposed-args]
1483 | mis->postcopy_tmp_pages = g_malloc0_n(sizeof(PostcopyTmpPage), channels);
| ^~~~~~~~~~~~~~~
../migration/postcopy-ram.c:1483:50: note: earlier argument should specify number of elements, later size of each element
Avoid also a related int/unsigned mismatch by fixing the type of
two local variables.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20251209125049.764095-1-sw@weilnetz.de>
[PMD: Replace g_malloc0_n() by g_new0()]
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Acked-by: Peter Xu <peterx@redhat.com>
Message-Id: <20251209195010.83219-1-philmd@linaro.org>
vhost_virtqueue_start() can exit early if the descriptor ring address is
0, assuming the virtqueue isn’t ready to start.
In this case, all cached vring information (size, physical address,
pointer) is left as-is. This is OK at first startup, when that info is
still initialized to 0, but after a reset, it will retain old (outdated)
information.
vhost_virtqueue_start() must make sure these values are (re-)set
properly before exiting.
(When using an IOMMU, these outdated values can stall the device:
vhost_dev_start() deliberately produces an IOMMU miss event for each
used vring. If used_phys contains an outdated value, the resulting
lookup may fail, forcing the device to be stopped.)
Cc: qemu-stable@nongnu.org
Signed-off-by: Hanna Czenczek <hreitz@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20251208113008.153249-1-hreitz@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
sys.stderr.print is dropped long ago and should not be used. Official
replacement is sys.stderr.write
The problem has been found debugging building on some fancy platform
derived from Debian.
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: John Snow <jsnow@redhat.com>
CC: Cleber Rosa <crosa@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20251203220138.159656-1-den@openvz.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Correct comment typo in xen_9pfs_bh()
Signed-off-by: Alano Song <AlanoSong@163.com>
Reviewed-by: Christian Schoenebeck <qemu_oss@crudebyte.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20251202132132.17636-1-AlanoSong@163.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Solaris defines FSCALE in <sys/param.h>:
301 /*
302 * Scale factor for scaled integers used to count
303 * %cpu time and load averages.
304 */
305 #define FSHIFT 8 /* bits to right of fixed binary point */
306 #define FSCALE (1<<FSHIFT)
When emulating the SVE FSCALE instruction, we defines the same name
in decodetree format in target/arm/tcg/sve.decode:
1129:FSCALE 01100101 .. 00 1001 100 ... ..... ..... @rdn_pg_rm
This leads to a definition clash:
In file included from ../target/arm/tcg/translate-sve.c:21:
../target/arm/tcg/translate.h:875:17: error: pasting "trans_" and "(" does not give a valid preprocessing token
875 | static bool trans_##NAME(DisasContext *s, arg_##NAME *a) \
| ^~~~~~
../target/arm/tcg/translate-sve.c:4205:5: note: in expansion of macro 'TRANS_FEAT'
4205 | TRANS_FEAT(NAME, FEAT, gen_gvec_fpst_arg_zpzz, name##_zpzz_fns[a->esz], a)
| ^~~~~~~~~~
../target/arm/tcg/translate-sve.c:4249:1: note: in expansion of macro 'DO_ZPZZ_FP'
4249 | DO_ZPZZ_FP(FSCALE, aa64_sve, sve_fscalbn)
| ^~~~~~~~~~
../target/arm/tcg/translate-sve.c:4249:12: error: expected declaration specifiers or '...' before numeric constant
4249 | DO_ZPZZ_FP(FSCALE, aa64_sve, sve_fscalbn)
| ^~~~~~
../target/arm/tcg/translate.h:875:25: note: in definition of macro 'TRANS_FEAT'
875 | static bool trans_##NAME(DisasContext *s, arg_##NAME *a) \
| ^~~~
../target/arm/tcg/translate-sve.c:4249:1: note: in expansion of macro 'DO_ZPZZ_FP'
4249 | DO_ZPZZ_FP(FSCALE, aa64_sve, sve_fscalbn)
| ^~~~~~~~~~
../target/arm/tcg/translate.h:875:47: error: pasting "arg_" and "(" does not give a valid preprocessing token
875 | static bool trans_##NAME(DisasContext *s, arg_##NAME *a) \
| ^~~~
../target/arm/tcg/translate-sve.c:4205:5: note: in expansion of macro 'TRANS_FEAT'
4205 | TRANS_FEAT(NAME, FEAT, gen_gvec_fpst_arg_zpzz, name##_zpzz_fns[a->esz], a)
| ^~~~~~~~~~
../target/arm/tcg/translate-sve.c:4249:1: note: in expansion of macro 'DO_ZPZZ_FP'
4249 | DO_ZPZZ_FP(FSCALE, aa64_sve, sve_fscalbn)
| ^~~~~~~~~~
In file included from ../target/arm/tcg/translate-sve.c💯
libqemu-aarch64-softmmu.a.p/decode-sve.c.inc:1227:13: warning: 'trans_FSCALE' used but never defined
1227 | static bool trans_FSCALE(DisasContext *ctx, arg_FSCALE *a);
| ^~~~~~~~~~~~
../target/arm/tcg/translate-sve.c:4249:30: warning: 'sve_fscalbn_zpzz_fns' defined but not used [-Wunused-const-variable=]
4249 | DO_ZPZZ_FP(FSCALE, aa64_sve, sve_fscalbn)
| ^~~~~~~~~~~
../target/arm/tcg/translate-sve.c:4201:42: note: in definition of macro 'DO_ZPZZ_FP'
4201 | static gen_helper_gvec_4_ptr * const name##_zpzz_fns[4] = { \
| ^~~~
As a kludge, undefine it globally in <qemu/osdep.h>.
Suggested-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20251203120315.62889-1-philmd@linaro.org>
- don't re-use TCG only PSCI code in HVF
- fix deadlock in HVF when shutting down (#3228)
- fix corruption of register state from PSCI (#3228)
- properly prioritise PC alignment faults (#3233)
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAmk4TeQACgkQ+9DbCVqe
KkSJJAf/QEn6KTwZ9vBr3wbsXEptvZgjImjDo0ywg+9lxZCqTTfX62HFai9229I/
ALf3uzO0QwRUzz7peNk4F0tHVCrA1X6jQDezChcFFv2Y+FH+xufK1JbzlroYLdWE
Jn2bc6pkOCHYvs6X6HIefDUCU9k2LLxH1udpm1DyHEdf19MkI/nb4FIgE2fQ9630
W/Wv+Bg+s1TeIb9hhJy5jrcbJQ6u/VzIlqrT9PVWe8XLpqJd2Ib+lOZp2mIlQyi4
/ady0yC1i6hSNZSHDJek6TUMC5Np6HYYyrzGxGuOoVizk9zWPvLoWjx8nxsmG8tB
jR8BuMJ46hWL9fzL7bJ4PNKHoBF7lg==
=X9n6
-----END PGP SIGNATURE-----
Merge tag 'pull-10.2-more-final-fixes-091225-1' of https://gitlab.com/stsquad/qemu into staging
a few Arm HVF and TCG bug fixes:
- don't re-use TCG only PSCI code in HVF
- fix deadlock in HVF when shutting down (#3228)
- fix corruption of register state from PSCI (#3228)
- properly prioritise PC alignment faults (#3233)
# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAmk4TeQACgkQ+9DbCVqe
# KkSJJAf/QEn6KTwZ9vBr3wbsXEptvZgjImjDo0ywg+9lxZCqTTfX62HFai9229I/
# ALf3uzO0QwRUzz7peNk4F0tHVCrA1X6jQDezChcFFv2Y+FH+xufK1JbzlroYLdWE
# Jn2bc6pkOCHYvs6X6HIefDUCU9k2LLxH1udpm1DyHEdf19MkI/nb4FIgE2fQ9630
# W/Wv+Bg+s1TeIb9hhJy5jrcbJQ6u/VzIlqrT9PVWe8XLpqJd2Ib+lOZp2mIlQyi4
# /ady0yC1i6hSNZSHDJek6TUMC5Np6HYYyrzGxGuOoVizk9zWPvLoWjx8nxsmG8tB
# jR8BuMJ46hWL9fzL7bJ4PNKHoBF7lg==
# =X9n6
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 09 Dec 2025 10:27:16 AM CST
# gpg: using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44
* tag 'pull-10.2-more-final-fixes-091225-1' of https://gitlab.com/stsquad/qemu:
target/arm: handle unaligned PC during tlb probe
target/arm: make HV_EXIT_REASON_CANCELED leave hvf_arch_vcpu_exec
target/arm: ensure PSCI register updates are flushed
Revert "target/arm: Re-use arm_is_psci_call() in HVF"
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
PC alignment faults have priority over instruction aborts and we have
code to deal with this in the translation front-ends. However during
tb_lookup we can see a potentially faulting probe which doesn't get a
MemOp set. If the page isn't available this results in
EC_INSNABORT (0x20) instead of EC_PCALIGNMENT (0x22).
As there is no easy way to set the appropriate MemOp in the
instruction fetch probe path lets just detect it in
arm_cpu_tlb_fill_align() ahead of the main alignment check. We also
teach arm_deliver_fault to deliver the right syndrome for
MMU_INST_FETCH alignment issues.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/3233
Tested-by: Jessica Clarke <jrtc27@jrtc27.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20251209092459.1058313-5-alex.bennee@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Without this we can spin tightly in the main HVF dispatch loop and
never release the lock long enough. As a result the HMP never gets to
run and shutting down the system deadlocks.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/3228
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20251209092459.1058313-4-alex.bennee@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
When we handle a host call we report state back to the caller via
registers. Set vcpu_dirty to indicate QEMU is currently the reference
and hoist the flush_cpu_state() and make the call unconditional.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/3228
Tested-by: Christian Stussak <christian.stussak@imaginary.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20251209092459.1058313-3-alex.bennee@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
This breaks a pure HVF (--disable-tcg) build because the fallback stub
will always report false.
This reverts commit 4695daacc0.
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tested-by: Christian Stussak <christian.stussak@imaginary.org>
Message-ID: <20251209092459.1058313-2-alex.bennee@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
- drop out of date --disable-pie workaround for aarch64 custom job
- remove explicit pxe-test from build with no libslirp
- update the FreeBSD test image
- don't try and run check-tcg tests we haven't built qemu for
- skip iotests which need crypto if we haven't got support
- transition debian-all-test-cross to lcitool
- update build env documentation to refer to lcitool
- update MAINTAINERS entry for custom runners
- ensure discon plugins can read registers
- fix a bug on uftrace symbol helper script
- deprecate the fby35 machine
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAmkzAAsACgkQ+9DbCVqe
KkSCmAf/e5bJGX4GJhNBV9OwBahjDx0U+oCPUCQwH5E7KgUbvBKMd2e+icgjoPnF
mAA+SVk1wlqi/EPywqMWIcYTNSwg1ZKkqxQwKnzjlinzshk5Q3Rd8CkIUCDE+i6B
Cn5HXNMxAHwJZXi2ftOUm2wvb5p4NgahbtKUkEAsYvVWgHF+gQ+1KrpbKze2+Mzk
707c2zf0/8mcNl7GZDc7ti6MXEmlejR46UTsKz6u12hGTHjN13UDa+yQXqpot5y7
blUxwneXo7zdxB6EnGgvArzZQh8o0fOo0zWoC5GDKrbdLIrBVxhXYoWCqgaQv7h7
v5HhMvzq7obIa+qRnjRzUO68MT1rcw==
=e46t
-----END PGP SIGNATURE-----
Merge tag 'pull-10.2-final-fixes-051225-2' of https://gitlab.com/stsquad/qemu into staging
Final fixes for 10.2 (gitlab, testing, docker, docs, plugins)
- drop out of date --disable-pie workaround for aarch64 custom job
- remove explicit pxe-test from build with no libslirp
- update the FreeBSD test image
- don't try and run check-tcg tests we haven't built qemu for
- skip iotests which need crypto if we haven't got support
- transition debian-all-test-cross to lcitool
- update build env documentation to refer to lcitool
- update MAINTAINERS entry for custom runners
- ensure discon plugins can read registers
- fix a bug on uftrace symbol helper script
- deprecate the fby35 machine
# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAmkzAAsACgkQ+9DbCVqe
# KkSCmAf/e5bJGX4GJhNBV9OwBahjDx0U+oCPUCQwH5E7KgUbvBKMd2e+icgjoPnF
# mAA+SVk1wlqi/EPywqMWIcYTNSwg1ZKkqxQwKnzjlinzshk5Q3Rd8CkIUCDE+i6B
# Cn5HXNMxAHwJZXi2ftOUm2wvb5p4NgahbtKUkEAsYvVWgHF+gQ+1KrpbKze2+Mzk
# 707c2zf0/8mcNl7GZDc7ti6MXEmlejR46UTsKz6u12hGTHjN13UDa+yQXqpot5y7
# blUxwneXo7zdxB6EnGgvArzZQh8o0fOo0zWoC5GDKrbdLIrBVxhXYoWCqgaQv7h7
# v5HhMvzq7obIa+qRnjRzUO68MT1rcw==
# =e46t
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 05 Dec 2025 09:53:47 AM CST
# gpg: using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44
* tag 'pull-10.2-final-fixes-051225-2' of https://gitlab.com/stsquad/qemu:
aspeed: Deprecate the fby35 machine
contrib/plugins/uftrace_symbols.py: unbreak --no-prefix-symbols
plugins/core: allow reading of registers during discon events
MAINTAINERS: update the custom runner entries
docs/devel: Correct typo
docs/devel: update build environment setup documentation
tests/docker: drop --disable-[tools|system] from all-test-cross
tests/docker: transition debian-all-test-cross to lcitool
tests/lcitool: add bzip2 to the minimal dependency list
tests/qemu-iotests: Check for a functional "secret" object before using it
tests/tcg: honour the available QEMU binaries when running check-tcg
gitlab-ci.d/cirrus: Update the FreeBSD job to v14.3
gitlab: drop explicit pxe-test from the build-tci job
gitlab: drop --disable-pie from aarch64-all-linux-static build
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
There are no functional tests for the 'fby35' machine which makes
harder to determine when something becomes deprecated or unused.
The 'fby35' machine was originally added as an example of a multi-SoC
system, with the expectation the models would evolve over time in an
heterogeneous system. This hasn't happened and no public firmware is
available to boot it. It can be replaced by the 'ast2700fc', another
multi-SoC machine based on the newer AST2700 SoCs which are excepted
to receive better support in the future.
Cc: Peter Delevoryas <peter@pjd.dev>
Signed-off-by: Cédric Le Goater <clg@redhat.com>
Message-ID: <20251126102424.927527-1-clg@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Since 8a545a336d, `name` is unbound if --no-prefix-symbols is passed,
causing this script to break when that option is set.
Signed-off-by: Sönke Holz <sholz8530@gmail.com>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Message-ID: <20251205105614.13673-1-sholz8530@gmail.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
We have protections that prevent callbacks that didn't declare
themselves as wanting to access registers. However for discontinuities
the system state is fully rectified so they should always be able to
read the register values.
a1688bc86c (plugins: add hooks for new discontinuity related callbacks)
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Cc: Julian Ganz <neither@nut.email>
Reviewed-by: Julian Ganz <neither@nut.email>
Message-ID: <20251204194902.1340008-12-alex.bennee@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Fix a number of issues:
- update the ubuntu references to 24.0
- add the s390x and ppc64le yml files
- replace Works on Arm with Linaro
- Also mention IBM (s390x) and OSUL (ppc64le) as HW hosts
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20251204194902.1340008-11-alex.bennee@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Bring `libvirt-ci` front and centre when discussing dependencies for
QEMU. While we are at it:
- drop links to additional instructions (libvirt is more upto date)
- compress pkg installs into a table
- call out distro/upstream dep difference in a proper note
Message-ID: <20251204194902.1340008-9-alex.bennee@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
We use this container to build system images in CI which do not honour
QEMU_CONFIGURE_OPTS. Drop the --disables from the container so
developers don not need to jump through hoops trying to replicate that
on their workstations.
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20251204194902.1340008-8-alex.bennee@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
While we are at it bump up to debian-13. As we use this container in
the CI runs this also has the benefit of ensuring our qemu-minimal
dependencies project really has just what we need to build a basic
QEMU.
We add a few extra packages so we can build with clang as well as what
we need to probe for the available cross-compilers in the image.
Message-ID: <20251204194902.1340008-7-alex.bennee@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
You cannot build any softmmu targets without it by default unless you
build with --disable-install-blobs.
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20251204194902.1340008-5-alex.bennee@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
QEMU iotests 049, 134 and 158 are currently failing if you compiled
QEMU without the crypto libraries. Thus make sure that the "secret"
object is really usable and skip the tests otherwise.
Reported-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20251205130014.693799-1-thuth@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Currently configure can identify all the targets that have
cross-compilers available from the supplied target-list. By default
this is the default_target_list which is all possible targets we can
build.
At the same time the target list passed to meson is filtered down
depending on various factors including not building 64 bit targets on
32 bit hosts. As a result make check-tcg will erroneously attempt to
run tests for which we haven't built a QEMU.
Solve this by filtering the final list of TCG_TEST_TARGETS based on
what actually was configured by meson. Rename the variable that
configure spits out to TCG_TESTS_WITH_COMPILERS for clarity and to
avoid larger churn in the Makefile.
Message-ID: <20251204194902.1340008-4-alex.bennee@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
The FreeBSD 14.2 job fails since the image disappeared
from the cloud. We already bumped FreeBSD image to 14.3
in tests/vm in c8958b7eb4 (part of v10.1.0).
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Tested-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20251204205025.2423326-1-mjt@tls.msk.ru>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
This needs libslirp to run and as debian-all-test-cross will soon be
based on qemu-minimal we won't have it in a few commits.
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20251204194902.1340008-3-alex.bennee@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Since we have upgraded to 24.04 with its new libc we no longer need
this workaround.
Link: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1987438
Suggested-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20251204194902.1340008-2-alex.bennee@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
The tmp[lh] variables were defined as inputs to the
asm rather than outputs, which meant that the compiler
rightly diagnosed uninitialized inputs.
Reported-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Use the Int128Alias structure more when we need to convert
between Int128 and __int128_t, when Int128 is a struct.
Fixes the build on aarch64 host with TCI, which forces
the use of the struct.
Reported-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Since we build TCI with FFI (commit 22f15579fa "tcg: Build ffi data
structures for helpers") we get on Darwin:
In file included from ../../tcg/tci.c:22:
In file included from include/tcg/helper-info.h:13:
/Library/Developer/CommandLineTools/SDKs/MacOSX15.sdk/usr/include/ffi/ffi.h:483:5: warning: 'FFI_GO_CLOSURES' is not defined, evaluates to 0 [-Wundef]
483 | #if FFI_GO_CLOSURES
| ^
1 warning generated.
This was fixed in upstream libffi in 2023, but not backported to MacOSX.
Simply disable the warning locally.
Reported-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
All callers have already tested tcg_ctx->plugin_insn.
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Since d182123974, the number of bits in a MemOpIdx tops out at 17.
which won't fit in the TCI rrm format, thus an assertion failure.
Introduce new opcodes that take the MemOpIdx from a register, as
we already do for qemu_ld2 and qemu_st2.
Fixes: d182123974 ("include/exec/memopidx: Adjust for 32 mmu indexes")
Tested-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
For native code generation, zero-extending 32-bit addresses for
the slow path helpers happens in tcg_out_{ld,st}_helper_args,
but there isn't really a slow path for TCI, so that didn't happen.
Make the extension for TCI explicit in the opcode stream,
much like we already do for plugins and atomic helpers.
Cc: qemu-stable@nongnu.org
Fixes: 24e46e6c9d ("accel/tcg: Widen tcg-ldst.h addresses to uint64_t")
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
When introducing DM_MPATH_PROBE_PATHS, we already anticipated that
dm-multipath devices might be suspended for a short time when the DM
tables are reloaded and that they return -EAGAIN in this case. We then
wait for a millisecond and retry.
However, meanwhile it has also turned out that libmpathpersist (which is
used by qemu-pr-helper) may need to perform more complex recovery
operations to get reservations back to expected state if a path failure
happened in the middle of a PR operation. In this case, the device is
suspended for a longer time compared to the case we originally expected.
This patch changes hdev_co_ioctl() to treat -EAGAIN separately so that
it doesn't result in an immediate failure if the device is suspended for
more than 1ms, and moves to incremental backoff to cover both quick and
slow cases without excessive delays.
Buglink: https://issues.redhat.com/browse/RHEL-121543
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-ID: <20251128221440.89125-1-kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
If we fail to read an incoming request, recycle the message.
Resolves: Coverity CID 1611807
Resolves: Coverity CID 1611808
Signed-off-by: John Levon <john.levon@nutanix.com>
Reviewed-by: Mark Cave-Ayland <mark.caveayland@nutanix.com>
Link: https://lore.kernel.org/qemu-devel/20251203100316.3604456-6-john.levon@nutanix.com
Signed-off-by: Cédric Le Goater <clg@redhat.com>
This function was unnecessarily difficult to understand due to the
separate handling of request and reply messages. Use common code for
both where we can.
Signed-off-by: John Levon <john.levon@nutanix.com>
Reviewed-by: Mark Cave-Ayland <mark.caveayland@nutanix.com>
Link: https://lore.kernel.org/qemu-devel/20251203100316.3604456-5-john.levon@nutanix.com
Signed-off-by: Cédric Le Goater <clg@redhat.com>
It can figure out if it's a reply by itself, rather than passing that
information in.
Signed-off-by: John Levon <john.levon@nutanix.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Mark Cave-Ayland <mark.caveayland@nutanix.com>
Link: https://lore.kernel.org/qemu-devel/20251203100316.3604456-2-john.levon@nutanix.com
Signed-off-by: Cédric Le Goater <clg@redhat.com>
Refresh the protocol specification to the latest version implemented by
libvfio-user. All changes are backward compatible.
Note that QEMU client itself does not yet implement these extensions,
but as this is now the canonical specification, it needs to be kept up
to date.
Signed-off-by: John Levon <john.levon@nutanix.com>
Link: https://lore.kernel.org/qemu-devel/20251010102453.711072-1-john.levon@nutanix.com
Signed-off-by: Cédric Le Goater <clg@redhat.com>
