On 2024/04/10 3:04, Philippe Mathieu-Daudé wrote:
If a fragmented packet size is too short, do not try to
calculate its checksum.
Reproduced using:
$ cat << EOF | qemu-system-i386 -display none -nodefaults \
-machine q35,accel=qtest -m 32M \
On 4/9/24 06:43, Paolo Bonzini wrote:
Create a new temporary whenever flags have to use one, instead of using
s->tmp0 or s->tmp4. NULL can now be passed as the scratch register
to gen_prepare_*.
Signed-off-by: Paolo Bonzini
---
target/i386/tcg/translate.c | 54 +--
On Wed, Apr 10, 2024 at 1:48 PM Jason Wang wrote:
>
> On Wed, Apr 10, 2024 at 1:29 PM Cindy Lu wrote:
> >
> > When the guest triggers vhost_stop and then virtio_reset, the vector will
> > the
> > IRQFD for this vector will be released and change to VIRTIO_NO_VECTOR.
> > After that, the guest cal
On Wed, Apr 10, 2024 at 1:36 PM Jason Wang wrote:
>
> On Wed, Apr 10, 2024 at 1:29 PM Cindy Lu wrote:
> >
> > When the guest triggers vhost_stop and then virtio_reset, the vector will
> > the
> > IRQFD for this vector will be released and change to VIRTIO_NO_VECTOR.
> > After that, the guest cal
Ping.
On 2024/4/7 16:17, Jinjie Ruan wrote:
> This patch set implements FEAT_NMI and FEAT_GICv3_NMI for ARMv8. These
> introduce support for a new category of interrupts in the architecture
> which we can use to provide NMI like functionality.
>
> There are two modes for using this FEAT_NMI. When
On 09/04/2024 09.47, Shaoqin Huang wrote:
Hi Thmoas,
On 4/9/24 13:33, Thomas Huth wrote:
+ assert_has_feature(qts, "host", "kvm-pmu-filter");
So you assert here that the feature is available ...
assert_has_feature(qts, "host", "kvm-steal-time");
assert_has_feature
On Tue, Apr 9, 2024 at 7:33 PM Huang, Ying wrote:
>
> "Ho-Ren (Jack) Chuang" writes:
>
> > On Fri, Apr 5, 2024 at 7:03 AM Jonathan Cameron
> > wrote:
> >>
> >> On Fri, 5 Apr 2024 00:07:06 +
> >> "Ho-Ren (Jack) Chuang" wrote:
> >>
> >> > The current implementation treats emulated memory dev
From: Peter Maydell
If the group of the highest priority pending interrupt is disabled
via ICC_IGRPEN*, the ICC_HPPIR* registers should return
INTID_SPURIOUS, not the interrupt ID. (See the GIC architecture
specification pseudocode functions ICC_HPPIR1_EL1[] and
HighestPriorityPendingInterrupt()
From: Richard Henderson
Along this path we have already skipped the insn to be
nullified, so the subsequent insn should be executed.
Cc: qemu-sta...@nongnu.org
Reported-by: Sven Schnelle
Tested-by: Sven Schnelle
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Richard Henderson
(cherry pic
For a long time, we provide two compression formats in the
download area, .bz2 and .xz. There's absolutely no reason
to provide two in parallel, .xz compresses better, and all
the links we use points to .xz. Downstream distributions
mostly use .xz too.
For the release maintenance providing two f
From: Klaus Jensen
Generalize the mbar size helper such that it can handle cases where the
MSI-X table and PBA are expected to be in an exclusive bar.
Cc: qemu-sta...@nongnu.org
Reviewed-by: Jesper Wendel Devantier
Signed-off-by: Klaus Jensen
(cherry picked from commit ee7bda4d38cda3eaf114c850
From: Minwoo Im
Currently, when a VF is created, it uses the 'params' object of the PF
as it is. In other words, the 'params.serial' string memory area is also
shared. In this situation, if the VF is removed from the system, the
PF's 'params.serial' object is released with object_finalize() follo
From: Paolo Bonzini
Accesses from a 32-bit environment (32-bit code segment for instruction
accesses, EFER.LMA==0 for processor accesses) have to mask away the
upper 32 bits of the address. While a bit wasteful, the easiest way
to do so is to use separate MMU indexes. These days, QEMU anyway is
From: Wafer
In the event of writing many chains of descriptors, the device must
write just the id of the last buffer in the descriptor chain, skip
forward the number of descriptors in the chain, and then repeat the
operations for the rest of chains.
Current QEMU code writes all the buffer ids co
From: Thomas Huth
When running the tests in slow mode on a very loaded system and with
--enable-debug, the test-crypto-block can take longer than 4 minutes.
Bump the timeout to 5 minutes to make sure that it also passes in
such situations.
Signed-off-by: Thomas Huth
Message-Id: <20231215070357.
From: Thomas Huth
When running the tests in slow mode on a very loaded system and with
--enable-debug, the test-aio-multithread can take longer than 1 minute.
Bump the timeout to two minutes to make sure that it also passes in
such situations.
Signed-off-by: Thomas Huth
Message-Id: <20231215070
From: Akihiko Odaki
nvme_sriov_pre_write_ctrl() used to directly inspect SR-IOV
configurations to know the number of VFs being disabled due to SR-IOV
configuration writes, but the logic was flawed and resulted in
out-of-bound memory access.
It assumed PCI_SRIOV_NUM_VF always has the number of cu
From: Sven Schnelle
When the maximum count of SCRIPTS instructions is reached, the code
stops execution and returns, but fails to decrement the reentrancy
counter. This effectively renders the SCSI controller unusable
because on next entry the reentrancy counter is still above the limit.
This bu
From: Klaus Jensen
Remove an unnecessary local Error value in nvme_realize(). In the
process, change nvme_check_constraints() to return a bool.
Reviewed-by: Markus Armbruster
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Klaus Jensen
(cherry picked from commit 784fd35387e9e6b42e3f365ddf4
Commit ab72522797 "gitlab: switch from 'stable' to
'latest' docker container tags" switched most tags
to 'latest' but missed cirrus image. Fix this now.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2256
Signed-off-by: Michael Tokarev
Message-id: 20240401051633.2780456-1-...@tls.msk.ru
From: Tao Su
monitor_puts() doesn't check the monitor pointer, but do_inject_x86_mce()
may have a parameter with NULL monitor pointer. Revert monitor_puts() in
do_inject_x86_mce() to fix, then the fact that we send the same message to
monitor and log is again more obvious.
Fixes: bf0c50d4aa85 (m
From: Song Gao
qemu-system-loongarch64 assert failed with the option '-d int',
the helper_idle() raise an exception EXCP_HLT, but the exception name is
undefined.
Signed-off-by: Song Gao
Reviewed-by: Philippe Mathieu-Daudé
Message-Id: <20240321123606.1704900-1-gaos...@loongson.cn>
(cherry pic
From: Yao Xingtao
In qemu monitor mode, when we use gpa2hva command to print the host
virtual address corresponding to a guest physical address, if the gpa is
not in RAM, the error message is below:
(qemu) gpa2hva 0x75000
Memory at address 0x75000is not RAM
A space is missed between
From: Peter Maydell
On our gcov CI job, the bufferiszero and crypto-tlscredsx509
tests time out occasionally, making the job flaky. Double the
timeout on these two tests.
Cc: qemu-sta...@nongnu.org
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2221
Signed-off-by: Peter Maydell
Reviewe
From: Richard Henderson
For the outer product set of insns, which take an entire matrix
tile as output, the argument is not a combined tile+column.
Therefore using get_tile_rowcol was incorrect, as we extracted
the tile number from itself.
The test case relies only on assembler support for SME,
From: Akihiko Odaki
virtio_net_guest_notifier_pending() and virtio_net_guest_notifier_mask()
checked VIRTIO_NET_F_MQ to know there are multiple queues, but
VIRTIO_NET_F_RSS also enables multiple queues. Refer to n->multiqueue,
which is set to true either of VIRTIO_NET_F_MQ or VIRTIO_NET_F_RSS is
On Wed, Apr 10, 2024 at 1:29 PM Cindy Lu wrote:
>
> When the guest triggers vhost_stop and then virtio_reset, the vector will the
> IRQFD for this vector will be released and change to VIRTIO_NO_VECTOR.
> After that, the guest called vhost_net_start, (at this time, the configure
> vector is still
From: Paolo Bonzini
Remove knowledge of specific MMU indexes (other than MMU_NESTED_IDX and
MMU_PHYS_IDX) from mmu_translate(). This will make it possible to split
32-bit and 64-bit MMU indexes.
Signed-off-by: Paolo Bonzini
(cherry picked from commit 5f97afe2543f09160a8d123ab6e2e8c6d98fa9ce)
S
From: Yajun Wu
When vhost-user or vhost-kernel is handling virtio net datapath,
QEMU should not touch used ring.
But with vhost-user socket reconnect scenario, in a very rare case
(has pending kick event). VRING_USED_F_NO_NOTIFY is set by QEMU in
following code path:
#0 virtio_queue_sp
From: Akihiko Odaki
The guest may write NumVFs greater than TotalVFs and that can lead
to buffer overflow in VF implementations.
Cc: qemu-sta...@nongnu.org
Fixes: CVE-2024-26327
Fixes: 7c0fa8dff811 ("pcie: Add support for Single Root I/O Virtualization
(SR/IOV)")
Signed-off-by: Akihiko Odaki
M
From: Richard Henderson
The 'sign' computation is attempting to locate the sign bit that has
been repeated, so that we can test if that bit is known zero. That
computation can be zero if there are no known sign repetitions.
Cc: qemu-sta...@nongnu.org
Fixes: 93a967fbb57 ("tcg/optimize: Propagate
From: Lorenz Brun
The io_timeout property, introduced in c9b6609 (part of 6.0) is
silently overwritten by the hardcoded default value of 30 seconds
(DEFAULT_IO_TIMEOUT) in scsi_generic_realize because that function is
being called after the properties have already been applied.
The property defi
From: Dmitrii Gavrilov
Original goal of addition of drain_call_rcu to qmp_device_add was to cover
the failure case of qdev_device_add. It seems call of drain_call_rcu was
misplaced in 7bed89958bfbf40df what led to waiting for pending RCU callbacks
under happy path too. What led to overall perform
From: Cédric Le Goater
The block .save_setup() handler calls a helper routine
init_blk_migration() which builds a list of block devices to take into
account for migration. When one device is found to be empty (sectors
== 0), the loop exits and all the remaining devices are ignored. This
is a regr
From: Kevin Wolf
We're seeing timeouts for this test on CI runs (specifically for
ubuntu-20.04-s390x-all). It doesn't fail consistently, but even the
successful runs take about 27 or 28 seconds, which is not very far from
the 30 seconds timeout.
Bump the timeout a bit to make failure less likely
From: Paolo Bonzini
The low bit of MMU indices for x86 TCG indicates whether the processor is
in 32-bit mode and therefore linear addresses have to be masked to 32 bits.
However, the index was computed incorrectly, leading to possible conflicts
in the TLB for any address above 4G.
Analyzed-by: M
From: Peter Maydell
The sun4v RTC device model added under commit a0e893039cf2ce0 in 2016
was unfortunately added with a license of GPL-v3-or-later, which is
not compatible with other QEMU code which has a GPL-v2-only license.
Relicense the code in the .c and the .h file to GPL-v2-or-later,
to m
From: Jonathan Cameron
With a numa set up such as
-numa nodeid=0,cpus=0 \
-numa nodeid=1,memdev=mem \
-numa nodeid=2,cpus=1
and appropriate hmat_lb entries the initiator list is correctly
computed and writen to HMAT as 0,2 but then the LB data is accessed
using the node id (here 2), landing out
From: Klaus Jensen
Commit 1901b4967c3f ("hw/block/nvme: move msix table and pba to BAR 0")
moved the MSI-X table and PBA to BAR 0 to make room for enabling CMR and
PMR at the same time. As reported by Julien Grall in #2184, this breaks
migration through system hibernation.
Add a machine compatib
From: Laurent Vivier
On resume e1000e_vm_state_change() always calls e1000e_autoneg_resume()
that sets link_down to false, and thus activates the link even
if we have disabled it.
The problem can be reproduced starting qemu in paused state (-S) and
then set the link to down. When we resume the m
From: Daniel P. Berrangé
The 13.2 images have been deleted from gcloud
Cc: qemu-sta...@nongnu.org
Signed-off-by: Daniel P. Berrangé
Reviewed-by: Peter Maydell
Message-id: 20240304144456.3825935-3-berra...@redhat.com
Signed-off-by: Peter Maydell
(cherry picked from commit 9ea920dc28254cd9a363a
From: Peter Maydell
Some assemblers will complain about attempts to access
id_aa64zfr0_el1 and id_aa64smfr0_el1 by name if the test
binary isn't built for the right processor type:
/tmp/ccASXpLo.s:782: Error: selected processor does not support system
register name 'id_aa64zfr0_el1'
/tmp/ccAS
From: Akihiko Odaki
igb can use this function to change its behavior depending on the
number of virtual functions currently enabled.
Signed-off-by: Gal Hammer
Signed-off-by: Marcel Apfelbaum
Signed-off-by: Akihiko Odaki
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Jason Wang
(cherry p
From: Nick Briggs
There is no guarantee that the PCNetState is allocated such that
csr[8] is allocated on an 8-byte boundary. Since not all hosts are
capable of unaligned fetches the 16-bit elements need to be fetched
individually to avoid a potential fault. Closes issue #2143
Resolves: https:
From: David Parsons
macOS Sonoma changes the NSView.clipsToBounds to false by default
where it was true in earlier version of macOS. This causes the window
contents to be occluded by the frame at the top of the window. This
fixes the issue by conditionally compiling the clipping on Sonoma to
true
From: Sven Schnelle
Netbsd isn't happy with qemu lsi53c895a emulation:
cd0(esiop0:0:2:0): command with tag id 0 reset
esiop0: autoconfiguration error: phase mismatch without command
esiop0: autoconfiguration error: unhandled scsi interrupt, sist=0x80 sstat1=0x0
DSA=0x23a64b1 DSP=0x50
This is b
The following patches are queued for QEMU stable v7.2.11:
https://gitlab.com/qemu-project/qemu/-/commits/staging-7.2
Patch freeze is 2024-04-20, and the release is planned for 2024-04-22:
https://wiki.qemu.org/Planning/7.2
Please respond here or CC qemu-sta...@nongnu.org on any additional p
From: Klaus Jensen
Replace the local Error variable with errp and ERRP_GUARD() and change
the return value to bool.
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Klaus Jensen
(cherry picked from commit 973f76cf7743545a5d8a0a8bfdfe2cd02aa3e238)
Signed-off-by: Michael Tokarev
(Mjt: needed
From: Zhuojia Shen
In CPUID registers exposed to userspace, some registers were missing
and some fields were not exposed. This patch aligns exposed ID
registers and their fields with what the upstream kernel currently
exposes.
Specifically, the following new ID registers/fields are exposed to
u
From: Sven Schnelle
HP-UX 10.20 seems to make the lsi53c895a spinning on a memory location
under certain circumstances. As the SCSI controller and CPU are not
running at the same time this loop will never finish. After some
time, the check loop interrupts with a unexpected device disconnect.
This
Coverity reported:
>>> CID 1542933: Code maintainability issues (UNUSED_VALUE)
>>> CID 1542934: Code maintainability issues (UNUSED_VALUE)
>>> Assigning value "NULL" to "stream" here, but that stored
value is overwritten before it can be used.
Simply remove the unu
On Wed, Apr 10, 2024 at 1:29 PM Cindy Lu wrote:
>
> When the guest triggers vhost_stop and then virtio_reset, the vector will the
> IRQFD for this vector will be released and change to VIRTIO_NO_VECTOR.
> After that, the guest called vhost_net_start, (at this time, the configure
> vector is still
On Tue, Apr 9, 2024 at 7:40 PM Michael Tokarev wrote:
>
> 09.04.2024 10:32, Michael S. Tsirkin wrote:
> > From: Wafer
> >
> > In the event of writing many chains of descriptors, the device must
> > write just the id of the last buffer in the descriptor chain, skip
> > forward the number of descri
During the booting process of the Vyatta image, the behavior of the
called function in qemu is as follows:
1. vhost_net_stop() was triggered by guest image . This will call the function
virtio_pci_set_guest_notifiers() with assgin= false, and
virtio_pci_set_guest_notifiers(??? will release the irq
When the guest triggers vhost_stop and then virtio_reset, the vector will the
IRQFD for this vector will be released and change to VIRTIO_NO_VECTOR.
After that, the guest called vhost_net_start, (at this time, the configure
vector is still VIRTIO_NO_VECTOR), vector 0 still was not "init".
The gue
On Wed Apr 10, 2024 at 9:55 AM AEST, BALATON Zoltan wrote:
> Real 460EX SoC apparently does not expose a bridge device and having
> it appear on PCI bus confuses an AmigaOS file system driver that uses
> this to detect which machine it is running on. Since values written
> here by firmware are neve
On 2024/03/05 17:58, Akihiko Odaki wrote:
Based-on: <20240228-reuse-v8-0-282660281...@daynix.com>
("[PATCH v8 00/15] hw/pci: SR-IOV related fixes and improvements")
Introduction
This series is based on the RFC series submitted by Yui Washizu[1].
See also [2] for the context.
Thi
Hi Michael,
― ✀ ―
stderr:
**
ERROR:../tests/qtest/vhost-user-test.c:468:chr_read: assertion failed (err ==
NULL): Bad file descriptor (g-unix-error-quark, 0)
**
ERROR:../tests/qtest/qos-test.c:191:subprocess_run_one_test:
"Ho-Ren (Jack) Chuang" writes:
> On Fri, Apr 5, 2024 at 7:03 AM Jonathan Cameron
> wrote:
>>
>> On Fri, 5 Apr 2024 00:07:06 +
>> "Ho-Ren (Jack) Chuang" wrote:
>>
>> > The current implementation treats emulated memory devices, such as
>> > CXL1.1 type3 memory, as normal DRAM when they are e
on 4/10/2024 3:46 AM, Peter Xu wrote:
>> Is there document/link about the unittest/CI for migration tests, Why
>> are those tests missing?
>> Is it hard or very special to set up an environment for that? maybe we
>> can help in this regards.
> See tests/qtest/migration-test.c. We put most of ou
On 4/9/24 08:09, Richard Henderson wrote:
On 4/8/24 21:44, Paolo Bonzini wrote:
+ /*
+ * Restore the features indicated in the frame, masked by
+ * those currently enabled. Re-check the frame size.
+ * ??? It is not clear where the kernel does this, but it
+
Real 460EX SoC apparently does not expose a bridge device and having
it appear on PCI bus confuses an AmigaOS file system driver that uses
this to detect which machine it is running on. Since values written
here by firmware are never read, just ignore these writes and drop the
bridge device.
Signe
These patches are also available at:
https://github.com/amdese/qemu/commits/sev-init-legacy-v1
and are based on top Paolo's qemu-coco-queue branch containing the
following patches:
[PATCH for-9.1 00/26] x86, kvm: common confidential computing subset
https://lore.kernel.org/all/202403221811
On Tue, Apr 9, 2024 at 2:50 PM Andrew Morton wrote:
>
> On Tue, 9 Apr 2024 12:00:06 -0700 "Ho-Ren (Jack) Chuang"
> wrote:
>
> > Hi Jonathan,
> >
> > On Fri, Apr 5, 2024 at 6:56 AM Jonathan Cameron
> > wrote:
> > >
> > > On Fri, 5 Apr 2024 00:07:05 +
> > > "Ho-Ren (Jack) Chuang" wrote:
> >
Newer 9.1 machine types will default to using the KVM_SEV_INIT2 API for
creating SEV/SEV-ES going forward. However, this API results in guest
measurement changes which are generally not expected for users of these
older guest types and can cause disruption if they switch to a newer
QEMU/kernel vers
On Sat, Apr 06, 2024 at 12:32:48PM -1000, Richard Henderson wrote:
> We already attempted to set and clear can_do_io before the first
> and last insns, but only used the initial value of max_insns and
> the call to translator_io_start to find those insns.
>
> Now that we track insn_start in DisasC
Define the 9.1 machine types and make them identical to 9.0 for now.
This will be needed to add PC compat options for 9.1+ features.
Signed-off-by: Michael Roth
---
hw/i386/pc_piix.c | 12 +++-
hw/i386/pc_q35.c | 11 ++-
2 files changed, 21 insertions(+), 2 deletions(-)
diff --
QEMU will currently automatically make use of the KVM_SEV_INIT2 API for
initializing SEV and SEV-ES guests verses the older
KVM_SEV_INIT/KVM_SEV_ES_INIT interfaces.
However, the older interfaces will silently avoid sync'ing FPU/XSAVE
state to the VMSA prior to encryption, thus relying on behavior
On Tue, 9 Apr 2024 12:00:06 -0700 "Ho-Ren (Jack) Chuang"
wrote:
> Hi Jonathan,
>
> On Fri, Apr 5, 2024 at 6:56 AM Jonathan Cameron
> wrote:
> >
> > On Fri, 5 Apr 2024 00:07:05 +
> > "Ho-Ren (Jack) Chuang" wrote:
> >
> > > Since different memory devices require finding, allocating, and pu
raxel/qemu.git tags/edk2-20240409-pull-request
>
> for you to fetch changes up to e3404e01c7f74efdc3440ddfd339d67bf7a8410e:
>
> edk2: rebuild binaries with correct version information (2024-04-09
> 18:21:23 +0200)
>
> ---
On Fri, Apr 05, 2024 at 01:18:56PM +0100, Jonathan Cameron wrote:
> On Mon, 25 Mar 2024 12:02:27 -0700
> nifan@gmail.com wrote:
>
> > From: Fan Ni
> >
> > To simulate FM functionalities for initiating Dynamic Capacity Add
> > (Opcode 5604h) and Dynamic Capacity Release (Opcode 5605h) as in C
On Tue, Apr 09, 2024 at 09:32:46AM +0200, Jinpu Wang wrote:
> Hi Peter,
>
> On Mon, Apr 8, 2024 at 6:18 PM Peter Xu wrote:
> >
> > On Mon, Apr 08, 2024 at 04:07:20PM +0200, Jinpu Wang wrote:
> > > Hi Peter,
> >
> > Jinpu,
> >
> > Thanks for joining the discussion.
> >
> > >
> > > On Tue, Apr 2, 2
Split out the tail of fold_neg to fold_neg_no_const so that we
can avoid attempting to constant fold vector negate.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2150
Signed-off-by: Richard Henderson
---
tcg/optimize.c| 17 -
tests/tcg/aarch64/test-2
The contents of IIAOQ depend on PSW_W.
Follow the text in "Interruption Instruction Address Queues",
pages 2-13 through 2-15.
Tested-by: Sven Schnelle
Tested-by: Helge Deller
Reported-by: Sven Schnelle
Fixes: b10700d826c ("target/hppa: Update IIAOQ, IIASQ for pa2.0")
Signed-off-by: Richard Hend
To keep the multiple update check, replace insn_start
with insn_start_updated.
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Richard Henderson
---
target/riscv/translate.c | 11 +--
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/target/riscv/translate.c b/target/risc
From: Nguyen Dinh Phi
Use glib allocation as recommended by the coding convention
Signed-off-by: Nguyen Dinh Phi
Message-Id: <20240317171747.1642207-1-phind@gmail.com>
Reviewed-by: Alex Bennée
Signed-off-by: Richard Henderson
---
linux-user/main.c | 6 +-
1 file changed, 1 insertion(
Passing the tswapped structure to strace means that
our internal si_type is also gone, which then aborts
in print_siginfo.
Fixes: 4d6d8a05a0a ("linux-user: Move tswap_siginfo out of target code")
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Richard Henderson
---
linux-user/signal.c | 12 +
When aborting translation of the current insn, restore the
previous value of insn_start.
Acked-by: Paolo Bonzini
Tested-by: Jørgen Hansen
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Richard Henderson
---
target/i386/tcg/translate.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a
From: Zack Buhman
The saturation arithmetic logic in helper_macw is not correct.
I tested and verified this behavior on a SH7091.
Reviewd-by: Yoshinori Sato
Signed-off-by: Zack Buhman
Message-Id: <20240405233802.29128-3-z...@buhman.org>
[rth: Reformat helper_macw, add a test case.]
Signed-off-
Allow operations to be emitted via normal expanders
into the middle of the opcode stream.
Tested-by: Jørgen Hansen
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: Pierrick Bouvier
Signed-off-by: Richard Henderson
---
include/tcg/tcg.h | 6 ++
tcg/tcg.c | 14 --
2 fil
This is currently target-specific for many; begin making it
target independent.
Tested-by: Jørgen Hansen
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Richard Henderson
---
include/exec/translator.h | 3 +++
accel/tcg/translator.c| 2 ++
2 files changed, 5 insertions(+)
diff --git a/
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Richard Henderson
---
target/s390x/tcg/translate.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/target/s390x/tcg/translate.c b/target/s390x/tcg/translate.c
index 57b7db1ee9..90a74ee795 100644
--- a/target/s390x/tcg/tran
From: Zack Buhman
CHECK_NOT_DELAY_SLOT is correctly applied to the branch-related
instructions, but not to the PC-relative mov* instructions.
I verified the existence of an illegal slot exception on a SH7091 when
any of these instructions are attempted inside a delay slot.
This also matches the
The copy back to siginfo_t should be conditional only on arg3,
not the specific values that might have been written.
The copy back to rusage was missing entirely.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2262
Signed-off-by: Richard Henderson
Tested-by: Alex Fan
Reviewed-by: Philip
From: Zack Buhman
Before this change, executing a code sequence such as:
mova tblm,r0
movr0,r1
mova tbln,r0
clrs
clrmac
mac.w @r0+,@r1+
mac.w @r0+,@r1+
.align 4
tblm:.word 0x1234
ository at:
https://gitlab.com/rth7680/qemu.git tags/pull-misc-20240409
for you to fetch changes up to 143bcc1d59f174b6c6743bd4ca8f99415ed1aba2:
linux-user: Preserve unswapped siginfo_t for strace (2024-04-09 07:47:11
-1000)
target/m6
To keep the multiple update check, replace insn_start
with insn_start_updated.
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Richard Henderson
---
target/hppa/translate.c | 10 +-
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/target/hppa/translate.c b/target/hppa/tr
From: Keith Packard
Add helpers for reading/writing the 68881 FPSR register so that
changes in floating point exception state can be seen by the
application.
Call these helpers in pre_load/post_load hooks to synchronize
exception state.
Signed-off-by: Keith Packard
Reviewed-by: Richard Henders
To keep the multiple update check, replace insn_start
with insn_start_updated.
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Richard Henderson
---
target/arm/tcg/translate.h | 12 ++--
target/arm/tcg/translate-a64.c | 2 +-
target/arm/tcg/translate.c | 2 +-
3 files chang
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Richard Henderson
---
target/microblaze/translate.c | 8 ++--
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/target/microblaze/translate.c b/target/microblaze/translate.c
index 4e52ef32db..fc451befae 100644
--- a/target/microb
We already attempted to set and clear can_do_io before the first
and last insns, but only used the initial value of max_insns and
the call to translator_io_start to find those insns.
Now that we track insn_start in DisasContextBase, and now that
we have emit_before_op, we can wait until we have fi
Allow host access to the entire 64-bit accumulator.
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Richard Henderson
---
target/sh4/cpu.h | 14 --
1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/target/sh4/cpu.h b/target/sh4/cpu.h
index 9211da6bde..d928bcf006 1006
From: Zack Buhman
The saturation arithmetic logic in helper_macl is not correct.
I tested and verified this behavior on a SH7091.
Signed-off-by: Zack Buhman
Message-Id: <20240404162641.27528-2-z...@buhman.org>
[rth: Reformat helper_macl, add a test case.]
Signed-off-by: Richard Henderson
Revie
On Thu, Apr 04, 2024 at 01:32:23PM +, Jørgen Hansen wrote:
> On 3/25/24 20:02, nifan@gmail.com wrote:
> > From: Fan Ni
> >
> > Per CXL spec 3.1, two mailbox commands are implemented:
> > Add Dynamic Capacity Response (Opcode 4802h) 8.2.9.9.9.3, and
> > Release Dynamic Capacity (Opcode 480
Reproducer from https://gitlab.com/qemu-project/qemu/-/issues/1451
creates small packet (1 segment, len=10 == n->guest_hdr_len),
destroys queue.
"if (n->host_hdr_len != n->guest_hdr_len)" is triggered. There is
nothing after guest header, if body creates zero length/zero segment packet.
qemu_send
Hi Jonathan,
On Tue, Apr 9, 2024 at 9:12 AM Jonathan Cameron
wrote:
>
> On Fri, 5 Apr 2024 15:43:47 -0700
> "Ho-Ren (Jack) Chuang" wrote:
>
> > On Fri, Apr 5, 2024 at 7:03 AM Jonathan Cameron
> > wrote:
> > >
> > > On Fri, 5 Apr 2024 00:07:06 +
> > > "Ho-Ren (Jack) Chuang" wrote:
> > >
>
Hi Jonathan,
On Fri, Apr 5, 2024 at 6:56 AM Jonathan Cameron
wrote:
>
> On Fri, 5 Apr 2024 00:07:05 +
> "Ho-Ren (Jack) Chuang" wrote:
>
> > Since different memory devices require finding, allocating, and putting
> > memory types, these common steps are abstracted in this patch,
> > enhancin
On Tue, 9 Apr 2024 at 19:02, Michael Tokarev wrote:
>
> 09.04.2024 19:29, Gerd Hoffmann:
> > +efi: edk2-version
> > $(PYTHON) edk2-build.py --config edk2-build.config \
> > - --version-override "edk2-stable202302-for-qemu" \
> > - --release-date "03/01/2023"
> > +
09.04.2024 14:02, Paolo Bonzini wrote:
On Tue, Apr 9, 2024 at 12:59 PM Zhao Liu wrote:
Hi Michael & Paolo,
I debugged it manually, and found the problem occurs in tlb_index() with
mmu_idx=5.
For v7.2, the maximum mmu index supported by i386 is 4 (since
NB_MMU_MODES = 5 defined in target/i3
On 4/8/24 21:44, Paolo Bonzini wrote:
+ /*
+ * Restore the features indicated in the frame, masked by
+ * those currently enabled. Re-check the frame size.
+ * ??? It is not clear where the kernel does this, but it
+ * is not in check_xstate_in_sigframe, an
1 - 100 of 274 matches
Mail list logo
