Looks good.
On 7/21/2025 8:02 AM, Jonah Palmer wrote:
Commit b44135daa372 introduced virtqueue_ordered_fill for
VIRTIO_F_IN_ORDER support but had a few issues:
* Conditional while loop used 'steps <= max_steps' but should've been
'steps < max_steps' since reaching steps == max_steps would in
On Mon, Jul 21, 2025 at 05:07:48PM -0400, Stefan Hajnoczi wrote:
> When an AioHandler is enqueued on ctx->submit_list for removal, the
> fill_sq_ring() function will submit an io_uring POLL_REMOVE operation to
> cancel the in-flight POLL_ADD operation.
>
> There is a race when another thread enque
On 7/21/25 17:39, Collin Walling wrote:
> On 7/21/25 17:26, Collin Walling wrote:
>> On 7/11/25 17:10, Zhuoying Cai wrote:
>
> [...]
>
>>> diff --git a/target/s390x/kvm/kvm.c b/target/s390x/kvm/kvm.c
>>> index 8f655a4b7f..d5b3694600 100644
>>> --- a/target/s390x/kvm/kvm.c
>>> +++ b/target/s390x/k
KVM has a weird behaviour when a guest executes VMCALL on an AMD system
or VMMCALL on an Intel CPU. Both naturally generate an invalid opcode
exception (#UD) as they are just the wrong instruction for the CPU
given. But instead of forwarding the exception to the guest, KVM tries
to patch the guest
The QEMU GDB stub does not expose the ZA storage SME register to GDB via
the remote serial protocol, which can be a useful functionality to debug SME
code. To provide this functionality in Aarch64 target, this patch registers the
SME register set with the GDB stub. To do so, this patch implements t
The QEMU GDB stub does not expose the ZA storage SME register to GDB via
the remote serial protocol, which can be a useful functionality to debug SME
code. To provide this functionality in Aarch64 target, this patch registers the
SME register set with the GDB stub. To do so, this patch implements t
This patch increases the value of the MAX_PACKET_LEGNTH to
131100 from 4096 to allow the GDBState.line_buf to be large enough
to accommodate the full contents of the SME ZA storage when the
vector length is maximal. This is in preparation for a related
patch that allows SME register visibility thro
The QEMU GDB stub does not expose the ZA storage SME register to GDB via
the remote serial protocol, which can be a useful functionality to debug SME
code. To provide this functionality in Aarch64 target, this patch registers the
SME register set with the GDB stub. To do so, this patch implements t
On 22.07.25 14:21, Xiaoyao Li wrote:
> On 7/22/2025 7:15 PM, Daniel P. Berrangé wrote:
>> [...]
>>
>> Usually CSPs don't have full control over what their customers
>> are running as a guest. If their customers are running mainstream
>> modern guest OS, CONFIG_STRICT_KERNEL_RWX is pretty likely to
Hi Michael,
On 5/30/25 16:20, Michael Tokarev wrote:
Hi!
For quite some time (almost whole day yesterday) I'm trying to find out
what's going on with mmtcg in qemu. There's apparently a race condition
somewhere, like a use-after-free or something.
It started as an incarnation of
https://gitla
On 22.07.25 12:27, Xiaoyao Li wrote:
> On 7/22/2025 5:21 PM, Mathias Krause wrote:
>> IMHO, there is no valid reason for still having the patching in place as
>> the .text of non-ancient kernel's will be write-protected, making
>> patching attempts fail. And, as they fail with a #PF instead of #UD
In 454f4b0f, we started down the path of supporting separate
configurations per display head (e.g., you have 2 heads - one with
EDID name "AAA" and the other with EDID name "BBB").
In this change, we add resolution to this configuration surface (e.g.,
you have 2 heads - one with resolution 111x222
In 454f4b0f, we started down the path of supporting separate
configurations per display head (e.g., you have 2 heads - one with
EDID name "AAA" and the other with EDID name "BBB").
In this change, we add resolution to this configuration surface (e.g.,
you have 2 heads - one with resolution 111x222
Failure to confirm an argument set first may result in
the selection of a format which leaves extra arguments
to be filled in by the pattern.
Signed-off-by: Richard Henderson
---
scripts/decodetree.py | 7 ---
tests/decode/meson.build| 1 +
tests/decode/succ_infer1.decode |
Hi Cédric and Philippe,
On 26/05/25 17:21, Philippe Mathieu-Daudé wrote:
On 26/5/25 13:48, Cédric Le Goater wrote:
On 5/26/25 13:23, Philippe Mathieu-Daudé wrote:
Since commit 9808ce6d5cb, building QEMU configured with
'--without-default-devices' fails:
Undefined symbols for architecture
The following patch is from work by Katherine Temkin to add a JITless backend
for aarch64. The aarch64-tcti target for TCG uses pre-compiled "gadgets" which
are snippets of code for every TCG op x all operands and then at runtime will
"thread" together the gadgets with jumps after each gadget. This
On Mon, Jul 14, 2025 at 04:59:40PM +0100, Shameer Kolothum wrote:
> +void smmuv3_accel_init_regs(SMMUv3State *s)
> +{
> +SMMUv3AccelState *s_accel = s->s_accel;
> +SMMUv3AccelDevice *accel_dev;
> +uint32_t data_type;
> +uint32_t val;
> +int ret;
> +
> +if (s_accel->info.idr[
Hi Philippe,
Noted! Edits have been made and another version sent over.
Thanks,
Vacha
On Tue, Jul 22, 2025 at 2:05 AM Philippe Mathieu-Daudé
wrote:
> Hi,
>
> On 21/7/25 23:19, Vacha Bhavsar wrote:
> > This patch adds big endian support for NEON GDB remote
> > debugging. It replaces the use of
Upon examining the current implementation for getting/setting SIMD
and SVE registers via remote GDB, there is a concern about mixed
endian support. This patch series aims to address this concern and
allow getting and setting the values of NEON and SVE registers via
remote GDB regardless of the targ
This patch adds big endian support for NEON GDB
remote debugging. It replaces the use of ldq_le_p() with the use of ldq_p().
Additionally, it checks the target endianness to ensure the most significant
bits are always in second element.
Signed-off-by: Vacha Bhavsar
---
Changes since v1:
- correct
This patch adds big endian support for SVE GDB
remote debugging. It replaces the use of pointer dereferencing with the use
of ldq_p(). Additionally, it checks the target endianness to ensure the most
significant bits are always in second element.
Signed-off-by: Vacha Bhavsar
---
Changes since v1:
On 7/22/25 5:32 AM, Jason Wang wrote:
> On Fri, Jul 18, 2025 at 4:53 PM Paolo Abeni wrote:
>>
>> Similar to virtio infra, vhost core maintains the features status
>> in the full extended format and allows the devices to implement
>> extended version of the getter/setter.
>>
>> Note that 'protocol_
On Fri, Jul 11, 2025 at 05:11:02PM -0400, Zhuoying Cai wrote:
> The current approach to enabling secure boot relies on providing
> -secure-boot and -boot-certificates options, which apply to all boot
> devices.
This reference of -secure-boot and -boot-certificates presumably
is a left over from an
On Fri, Jul 11, 2025 at 05:10:47PM -0400, Zhuoying Cai wrote:
> Introduce helper functions to support signature verification required by
> DIAG 508 subcode 1:
>
> qcrypto_pkcs7_convert_sig_pem() – converts a signature from DER to PEM format
> qcrypto_x509_verify_sig() – verifies the provided data
On Fri, Jul 11, 2025 at 05:10:39PM -0400, Zhuoying Cai wrote:
> Create a certificate store for boot certificates used for secure IPL.
>
> Load certificates from the boot-certificate parameter of s390-ccw-virtio
> machine type option into the cert store.
>
> Currently, only X.509 certificates in P
On 7/22/25 17:43, Stefan Hajnoczi wrote:
> On Tue, Jul 22, 2025 at 02:06:04PM +, Bernd Schubert wrote:
>> On 7/21/25 02:53, Stefan Hajnoczi wrote:
>>> On Wed, Jul 16, 2025 at 02:38:24PM -0400, Brian Song wrote:
This work provides an initial implementation of fuse-over-io_uring
supp
On Fri, Jul 11, 2025 at 05:10:45PM -0400, Zhuoying Cai wrote:
> DIAG 320 subcode 2 provides verification-certificates (VCs) that are in the
> certificate store. Only X509 certificates in DER format and SHA-256 hash
> type are recognized.
>
> The subcode value is denoted by setting the second-left-
On Fri, Jul 11, 2025 at 05:10:44PM -0400, Zhuoying Cai wrote:
> Introduce new helper functions to extract certificate metadata needed for
> DIAG 320 subcode 2:
>
> qcrypto_x509_get_cert_version() - retrieves version of a certificate
> qcrypto_x509_check_cert_times() - validates the certificate's v
On Mon, 21 Jul 2025, Cornelia Huck wrote:
If we fail migration because of a mismatch of some registers between
source and destination, the error message is not very informative:
qemu-system-aarch64: error while loading state for instance 0x0 ofdevice 'cpu'
qemu-system-aarch64: Failed to put regi
On Fri, Jul 11, 2025 at 05:10:38PM -0400, Zhuoying Cai wrote:
> Introduce new helper functions for x509 certificate, which will be used
> by the certificate store:
>
> qcrypto_x509_convert_cert_der() - converts a certificate from PEM to DER
> format
> qcrypto_x509_get_keyid_len() - returns the le
On Fri, Jul 11, 2025 at 05:10:37PM -0400, Zhuoying Cai wrote:
> Add boot-certificates as a parameter of s390-ccw-virtio machine type option.
>
> The `boot-certificates=/path/dir:/path/file` parameter is implemented
> to provide path to either a directory or a single certificate.
>
> Multiple path
On Tue, Jul 22, 2025 at 02:06:04PM +, Bernd Schubert wrote:
> On 7/21/25 02:53, Stefan Hajnoczi wrote:
> > On Wed, Jul 16, 2025 at 02:38:24PM -0400, Brian Song wrote:
> >> This work provides an initial implementation of fuse-over-io_uring
> >> support for QEMU export. According to the fuse-over
On 21.07.25 21:54, Daniel P. Berrangé wrote:
Currently the tracing 'log' back emits special code to add timestamps
to trace points sent via qemu_log(). This current impl is a bad design
for a number of reasons.
* It changes the QEMU headers, such that 'error-report.h' content
is visible to
On 7/22/25 07:23, Richard Henderson wrote:
There is no such thing as vector extract.
Fixes: 932522a9ddc1 ("tcg/optimize: Fold and to extract during optimize")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/3036
Signed-off-by: Richard Henderson
Reviewed-by: Pierrick Bouvier
Tested-by:
On 21.07.25 23:22, Stefan Hajnoczi wrote:
On Mon, Jul 21, 2025 at 2:58 PM Daniel P. Berrangé wrote:
Currently the tracing 'log' back emits special code to add timestamps
to trace points sent via qemu_log(). This current impl is a bad design
for a number of reasons.
* It changes the QEMU hea
Am 22.07.2025 um 14:00 hat Brian Song geschrieben:
> On 7/20/25 8:53 PM, Stefan Hajnoczi wrote:
> > On Wed, Jul 16, 2025 at 02:38:24PM -0400, Brian Song wrote:
> >> +case FUSE_FSYNC:
> >> +ret = fuse_co_fsync(exp);
> >> +break;
> >> +
> >> +case FUSE_FLUSH:
> >> +ret
On 7/22/25 07:52, Peter Maydell wrote:
There's also a bug we have at the moment where gen_sve_ldr()
and gen_sve_str() call gen_mte_checkN() with a length value
which is the SVE vector length and can be up to 256 bytes.
We don't assert there, so we just fail to do the MTE checks
on the right lengt
Hello Jamin,
On 7/17/25 05:40, Jamin Lin wrote:
The updated boot ROM includes logic to initialize and enable SSP/TSP using SCU
registers, based on reserved-memory regions defined in the device tree.
Its source code is available at:
https://github.com/google/vbootrom/commit/f9eb0bb57decbab860a81
On 7/22/25 06:19, Smail AIDER via wrote:
Trap PMCR_EL0 or PMCR accesses to EL2 when MDCR_EL2.TPMCR is set.
Similar to MDCR_EL2.TPM, MDCR_EL2.TPMCR allows trapping EL0 and EL1
accesses to the PMCR register to EL2.
Signed-off-by: Smail AIDER
---
target/arm/cpregs-pmu.c | 24
From: Tanish Desai
The vcpu property is no longer used in these backends. Removing it avoids
unnecessary checks and simplifies the code generation for these trace
backends.
Reviewed-by: Stefan Hajnoczi
Reviewed-by: Alex Bennée
Signed-off-by: Tanish Desai
Message-id: 20250722114352.3624-1-tani
The following changes since commit ebcc602aae19c06a4f492da3920b64c8033f0d7f:
Merge tag 'display-20250718-pull-request' of https://gitlab.com/kraxel/qemu
into staging (2025-07-21 12:24:36 -0400)
are available in the Git repository at:
https://gitlab.com/stefanha/qemu.git tags/tracing-pull-re
On Tue, 22 Jul 2025 at 15:24, Richard Henderson
wrote:
>
> Hi Peter,
>
> Sadly, I couldn't reorg mtedesc as I hypothesized, because of
> different usage within AdvSIMD. So I decided to expand the
> mtedesc from 17 to 32 bits, and then pack the gvec desc and
> mtedesc into a 64-bit argument.
I wa
On Tue, Jul 22, 2025 at 08:00:00AM -0400, Brian Song wrote:
> On 7/21/25 9:51 AM, Bernd Schubert wrote:
> >> +struct fuse_in_header *in_hdr = (struct fuse_in_header *)&rrh->in_out;
> >> +opcode = in_hdr->opcode;
> >> +req_id = in_hdr->unique;
> >> +
> >> +ent->req_commit_id = ent_in
On Tue, Jul 22, 2025 at 08:00:00AM -0400, Brian Song wrote:
> On 7/20/25 12:13 PM, Stefan Hajnoczi wrote:
> > On Wed, Jul 16, 2025 at 02:38:23PM -0400, Brian Song wrote:
> >> This RFC patch represents an initial implementation of the FUSE-over-
> >> io_uring Exports idea proposed for Google Summer
On Tue, Jul 22, 2025 at 11:43:52AM +, Tanish Desai wrote:
> The vcpu property is no longer used in these backends. Removing it avoids
> unnecessary checks and simplifies the code generation for these trace
> backends.
>
> Reviewed-by: Stefan Hajnoczi
> Reviewed-by: Alex Bennée
> Signed-off-b
On 7/22/25 03:15, ger...@altlinux.org wrote:
From: Denis Rastyogin
interval_tree_iter_first() may return NULL if the interval tree is empty or
invalid.
Add a check for NULL before dereferencing the pointer to avoid potential crashes
due to null pointer dereference in open_self_maps_2().
Found
Trap PMCR_EL0 or PMCR accesses to EL2 when MDCR_EL2.TPMCR is set.
Similar to MDCR_EL2.TPM, MDCR_EL2.TPMCR allows trapping EL0 and EL1
accesses to the PMCR register to EL2.
Signed-off-by: Smail AIDER
---
target/arm/cpregs-pmu.c | 24 ++--
1 file changed, 22 insertions(+), 2 de
On 7/22/25 03:18, ger...@altlinux.org wrote:
From: Denis Rastyogin
Cast len to long long before multiplying by TARGET_PAGE_SIZE
when calculating btlb->itree.last to ensure 64-bit arithmetic
and avoid potential overflow.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Signed-
There is no such thing as vector extract.
Fixes: 932522a9ddc1 ("tcg/optimize: Fold and to extract during optimize")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/3036
Signed-off-by: Richard Henderson
Reviewed-by: Pierrick Bouvier
Tested-by: Pierrick Bouvier
Reviewed-by: Peter Maydell
Instead of trying to pack mtedesc into the upper 17 bits
of a 32-bit gvec descriptor, pass the gvec descriptor in
the lower 32 bits and the mte descriptor in the upper 32
bits of a 64-bit operand.
Signed-off-by: Richard Henderson
---
target/arm/internals.h | 8 +-
target/arm/tcg/sme
On 22.07.2025 16:37, Cédric Le Goater wrote:
+ Glenn, Michael, Caleb, Gautam
On 7/22/25 13:44, Michael Tokarev wrote:
21.07.2025 19:21, Cédric Le Goater wrote:
ppc/xive queue:
* Various bug fixes around lost interrupts particul
Hi Peter,
Sadly, I couldn't reorg mtedesc as I hypothesized, because of
different usage within AdvSIMD. So I decided to expand the
mtedesc from 17 to 32 bits, and then pack the gvec desc and
mtedesc into a 64-bit argument.
Lightly tested so far, but it does fix the LD3Q/LD4Q assert.
r~
Richa
On Mon, Jul 21, 2025 at 12:52:38PM +0200, Paolo Bonzini wrote:
> Date: Mon, 21 Jul 2025 12:52:38 +0200
> From: Paolo Bonzini
> Subject: [PATCH] rust: devices are not staticlibs
> X-Mailer: git-send-email 2.50.1
>
> This is only cosmetic for now, but hopefully later on Meson will parse more
> of C
On 7/21/25 02:53, Stefan Hajnoczi wrote:
> On Wed, Jul 16, 2025 at 02:38:24PM -0400, Brian Song wrote:
>> This work provides an initial implementation of fuse-over-io_uring
>> support for QEMU export. According to the fuse-over-io_uring protocol
>> specification, the userspace side must create the
+ Glenn, Michael, Caleb, Gautam
On 7/22/25 13:44, Michael Tokarev wrote:
21.07.2025 19:21, Cédric Le Goater wrote:
ppc/xive queue:
* Various bug fixes around lost interrupts particularly.
* Major group interrupt work, in particu
Am 16.07.2025 um 20:38 hat Brian Song geschrieben:
> This work provides an initial implementation of fuse-over-io_uring
> support for QEMU export. According to the fuse-over-io_uring protocol
> specification, the userspace side must create the same number of queues
> as the number of CPUs (nr_cpu),
Lays out the initial groundwork for iteratively migrating the state of a
virtio-net device, starting with its vmstate (via vmstate_save_state &
vmstate_load_state).
The original non-iterative vmstate framework still runs during the
stop-and-copy phase when the guest is paused, which is still neces
Add SaveVMHandlers struct for virtio-net iterative migration support.
The handlers are registered but only contain no-op implementations.
This provides the framework for iterative migration without changing any
actual migration behavior when the capability is disabled.
A BFD representation is use
Adds a new migration capability 'virtio-iterative' that will allow
virtio devices, where supported, to iteratively migrate configuration
changes that occur during the migration process.
This capability is added to the validated capabilities list to ensure
both the source and destination support it
This reordering makes the vmstate_virtio_net available for use by future
virtio-net SaveVMHandlers hooks that will need to be placed before
virtio_net_device_realize.
Signed-off-by: Jonah Palmer
---
hw/net/virtio-net.c | 90 ++---
1 file changed, 45 insert
Initializes vhost-net support for iterative live migration by avoiding
the assertion that vhost needs to be stopped before proceeding with
sending the initial VMStateDescription for virtio-net.
This should be okay to do since we only care about the static device
state and not the dynamic ring stat
Iterative live migration for virtio-net sends an initial
VMStateDescription while the source is still active. Because data
continues to flow for virtio-net, the guest's avail index continues to
increment after last_avail_idx had already been sent. This causes the
destination to often see something
This series is an RFC initial implementation of iterative live
migration for virtio-net devices.
The main motivation behind implementing iterative migration for
virtio-net devices is to start on heavy, time-consuming operations
for the destination while the source is still active (i.e. before
the
On Tue, Jul 22, 2025 at 11:36 AM Paolo Bonzini wrote:
>
> Some distros prefer to avoid vendored crate sources, and instead use
> local sources from e.g. ``/usr/share/cargo/registry``. Add a
> script, inspired by the Mesa spec file(*), that automatically
> performs this task. The script is meant
On 7/22/2025 7:15 PM, Daniel P. Berrangé wrote:
On Tue, Jul 22, 2025 at 06:27:45PM +0800, Xiaoyao Li wrote:
On 7/22/2025 5:21 PM, Mathias Krause wrote:
On 22.07.25 05:45, Xiaoyao Li wrote:
On 6/20/2025 3:42 AM, Mathias Krause wrote:
KVM has a weird behaviour when a guest executes VMCALL on an
On Tue, 2025-07-15 at 20:35 +0800, Yi Liu wrote:
>
> David is talking about the IF and SW flags. And he is correct. Spec has
> below sentence. It means a wait descriptor can have both IF and SW set
> and indeed completion interrupt happens later than status write. Let's
> go on refine the patch.
On 7/20/25 12:13 PM, Stefan Hajnoczi wrote:
> On Wed, Jul 16, 2025 at 02:38:23PM -0400, Brian Song wrote:
>> This RFC patch represents an initial implementation of the FUSE-over-
>> io_uring Exports idea proposed for Google Summer of Code (2025) under
>> the QEMU community:
>> https://wiki.qemu.org
On 7/17/25 2:03 AM, Markus Armbruster wrote:
> Brian Song writes:
>
>> This work provides an initial implementation of fuse-over-io_uring
>> support for QEMU export. According to the fuse-over-io_uring protocol
>> specification, the userspace side must create the same number of queues
>> as the nu
On Tue, Jul 22, 2025 at 4:35 AM Paolo Bonzini wrote:
>
> Some distros prefer to avoid vendored crate sources, and instead use
> local sources from e.g. ``/usr/share/cargo/registry``. Add a
> script, inspired by the Mesa spec file(*), that automatically
> performs this task. The script is meant t
On 7/21/25 9:51 AM, Bernd Schubert wrote:
> Hi Brian,
>
> nice work! Just some minor comments from my side below.
>
Really appreciate you taking the time to review my code and many thanks
for the helpful suggestions!
> On 7/16/25 20:38, Brian Song wrote:
>> [You don't often get email from hibria
On 7/20/25 8:53 PM, Stefan Hajnoczi wrote:
> On Wed, Jul 16, 2025 at 02:38:24PM -0400, Brian Song wrote:
>> This work provides an initial implementation of fuse-over-io_uring
>> support for QEMU export. According to the fuse-over-io_uring protocol
>> specification, the userspace side must create th
21.07.2025 19:21, Cédric Le Goater wrote:
ppc/xive queue:
* Various bug fixes around lost interrupts particularly.
* Major group interrupt work, in particular around redistributing
interrupts. Upstream group support is not in a
The vcpu property is no longer used in these backends. Removing it avoids
unnecessary checks and simplifies the code generation for these trace
backends.
Reviewed-by: Stefan Hajnoczi
Reviewed-by: Alex Bennée
Signed-off-by: Tanish Desai
---
scripts/tracetool/__init__.py | 2 +-
scripts/tr
On 7/22/25 12:27, Alex Bennée wrote:
Cédric Le Goater writes:
On 7/8/25 07:57, Kane Chen wrote:
From: Kane-Chen-AS
This patch introduces a 'drive' property to the Aspeed OTP device,
allowing it to be backed by a block device. Users can now preload
OTP data via QEMU CLI using a block backend.
Applied, thanks.
Please update the changelog at https://wiki.qemu.org/ChangeLog/10.1 for any
user-visible changes.
signature.asc
Description: PGP signature
From: Denis Rastyogin
Accessing s->core_registers (size 236) could overflow
if the offset goes beyond the valid range.
Since the memory region matches core_registers size exactly,
guest cannot write out-of-bounds.
Therefore, the debug assert has been refined to ensure the offset
remains within
> On 22. Jul 2025, at 13:06, Xiaoyao Li wrote:
>
> On 7/22/2025 6:35 PM, Mohamed Mediouni wrote:
>>> On 22. Jul 2025, at 12:27, Xiaoyao Li wrote:
>>>
>>> On 7/22/2025 5:21 PM, Mathias Krause wrote:
On 22.07.25 05:45, Xiaoyao Li wrote:
> On 6/20/2025 3:42 AM, Mathias Krause wrote:
>>>
On Tue, Jul 22, 2025 at 06:27:45PM +0800, Xiaoyao Li wrote:
> On 7/22/2025 5:21 PM, Mathias Krause wrote:
> > On 22.07.25 05:45, Xiaoyao Li wrote:
> > > On 6/20/2025 3:42 AM, Mathias Krause wrote:
> > > > KVM has a weird behaviour when a guest executes VMCALL on an AMD system
> > > > or VMMCALL on
On 7/22/2025 6:35 PM, Mohamed Mediouni wrote:
On 22. Jul 2025, at 12:27, Xiaoyao Li wrote:
On 7/22/2025 5:21 PM, Mathias Krause wrote:
On 22.07.25 05:45, Xiaoyao Li wrote:
On 6/20/2025 3:42 AM, Mathias Krause wrote:
KVM has a weird behaviour when a guest executes VMCALL on an AMD system
or VM
> On 22. Jul 2025, at 12:27, Xiaoyao Li wrote:
>
> On 7/22/2025 5:21 PM, Mathias Krause wrote:
>> On 22.07.25 05:45, Xiaoyao Li wrote:
>>> On 6/20/2025 3:42 AM, Mathias Krause wrote:
KVM has a weird behaviour when a guest executes VMCALL on an AMD system
or VMMCALL on an Intel CPU. B
Cédric Le Goater writes:
> On 7/8/25 07:57, Kane Chen wrote:
>> From: Kane-Chen-AS
>> This patch introduces a 'drive' property to the Aspeed OTP device,
>> allowing it to be backed by a block device. Users can now preload
>> OTP data via QEMU CLI using a block backend.
>> Example usage:
>>./
On 7/22/2025 5:21 PM, Mathias Krause wrote:
On 22.07.25 05:45, Xiaoyao Li wrote:
On 6/20/2025 3:42 AM, Mathias Krause wrote:
KVM has a weird behaviour when a guest executes VMCALL on an AMD system
or VMMCALL on an Intel CPU. Both naturally generate an invalid opcode
exception (#UD) as they are
From: Denis Rastyogin
Cast len to long long before multiplying by TARGET_PAGE_SIZE
when calculating btlb->itree.last to ensure 64-bit arithmetic
and avoid potential overflow.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Signed-off-by: Denis Rastyogin
---
target/hppa/mem_h
From: Denis Rastyogin
Use 1ULL << psn to ensure the shift is done in 64-bit arithmetic,
avoiding overflow for large psn values. The 6-bit psn field allows
values up to 63, so 64-bit shift is required for correctness.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Signed-off-b
From: Denis Rastyogin
Change shift operand from 32-bit literal `1` to 64-bit `1ULL` to avoid
undefined behavior
when shifting bits beyond the width of a 32-bit integer.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Signed-off-by: Denis Rastyogin
---
target/ppc/translate.c
From: Denis Rastyogin
interval_tree_iter_first() may return NULL if the interval tree is empty or
invalid.
Add a check for NULL before dereferencing the pointer to avoid potential crashes
due to null pointer dereference in open_self_maps_2().
Found by Linux Verification Center (linuxtesting.org
Hi Cédric,
Thanks for your review.
I will drop patch 5 and include a documentation update in the next version.
Best Regards,
Kane
> -Original Message-
> From: Cédric Le Goater
> Sent: Tuesday, July 22, 2025 5:41 PM
> To: Kane Chen ; Peter Maydell
> ; Steven Lee ; Troy
> Lee ; Jamin Lin
Hello,
Nevermind.
It turns out that… the timer frequency exposed is different depending on the
entitlements the program has...
With this tiny test sequence:
diff --git a/accel/hvf/hvf-all.c b/accel/hvf/hvf-all.c
index e67a8105a6..390afb03a4 100644
--- a/accel/hvf/hvf-all.c
+++ b/accel/hvf/hvf-
Hi Cédric,
Thanks for the feedback.
I will update the code accordingly in the next version of the patch series.
Best Regards,
Kane
> -Original Message-
> From: Cédric Le Goater
> Sent: Tuesday, July 22, 2025 5:55 PM
> To: Kane Chen ; Peter Maydell
> ; Steven Lee ; Troy
> Lee ; Jamin Lin
On 7/8/25 07:57, Kane Chen wrote:
From: Kane-Chen-AS
Introduce a QEMU device model for ASPEED's One-Time Programmable (OTP)
memory.
This model simulates a word-addressable OTP region used for secure
fuse storage. The OTP memory can operate with an internal memory
buffer.
The OTP model provide
On 7/8/25 07:57, Kane Chen wrote:
From: Kane-Chen-AS
This patch series extends the QEMU model for the ASPEED OTP (One-Time
Programmable) memory device with block backend support and tighter
integration with the SoC and machine configuration.
The OTP model simulates a simple fuse array, used in
On 7/8/25 07:57, Kane Chen wrote:
From: Kane-Chen-AS
This patch adds a new machine parameter `otpmem` which creates a QOM
property alias on the aspeed_sbc device for the OTP drive.
Example usage:
./qemu-system-arm \
-machine ast2600-evb,otpmem=otp-drive \
-blockdev driver=file,fi
On 7/8/25 07:57, Kane Chen wrote:
From: Kane-Chen-AS
Introduce a QEMU device model for ASPEED's One-Time Programmable (OTP)
memory.
This model simulates a word-addressable OTP region used for secure
fuse storage. The OTP memory can operate with an internal memory
buffer.
The OTP model provide
On 7/8/25 07:57, Kane Chen wrote:
From: Kane-Chen-AS
This patch introduces a 'drive' property to the Aspeed OTP device,
allowing it to be backed by a block device. Users can now preload
OTP data via QEMU CLI using a block backend.
Example usage:
./qemu-system-arm \
-blockdev driver=fil
On 22.07.25 05:45, Xiaoyao Li wrote:
> On 6/20/2025 3:42 AM, Mathias Krause wrote:
>> KVM has a weird behaviour when a guest executes VMCALL on an AMD system
>> or VMMCALL on an Intel CPU. Both naturally generate an invalid opcode
>> exception (#UD) as they are just the wrong instruction for the CP
If we get "ssi_sd: error: Unexpected response to cmd" then having
the bad s->arglen would be useful debug and does not add any complexity
to the code.
Signed-off-by: Ben Dooks
---
hw/sd/ssi-sd.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/sd/ssi-sd.c b/hw/sd/ssi-sd.c
i
Some distros prefer to avoid vendored crate sources, and instead use
local sources from e.g. ``/usr/share/cargo/registry``. Add a
script, inspired by the Mesa spec file(*), that automatically
performs this task. The script is meant to be invoked after unpacking
the QEMU tarball.
(*) This is the
Daniel P. Berrangé writes:
> Currently the tracing 'log' back emits special code to add timestamps
> to trace points sent via qemu_log(). This current impl is a bad design
> for a number of reasons.
>
> * It changes the QEMU headers, such that 'error-report.h' content
>is visible to all file
On 7/22/25 5:28 AM, Jason Wang wrote:
> On Fri, Jul 18, 2025 at 4:53 PM Paolo Abeni wrote:
>>
>> Extend the features configuration space to 128 bits, and allow the
>> common read/write operation to access all of it.
>>
>> On migration, save the 128 bit version of the features only if the
>> upper
On 7/22/25 5:50 AM, Jason Wang wrote:
> On Fri, Jul 18, 2025 at 4:54 PM Paolo Abeni wrote:
>> Tap devices support GSO over UDP tunnel offload. Probe for such
>> feature in a similar manner to other offloads.
>>
>> GSO over UDP tunnel needs to be enabled in addition to a "plain"
>> offload (TSO or
100 matches
Mail list logo
