Final fixes for 10.2 (gitlab, testing, docker, docs, plugins)
- drop out of date --disable-pie workaround for aarch64 custom job
- remove explicit pxe-test from build with no libslirp
- update the FreeBSD test image
- don't try and run check-tcg tests we haven't built qemu for
- skip iotests which need crypto if we haven't got support
- transition debian-all-test-cross to lcitool
- update build env documentation to refer to lcitool
- update MAINTAINERS entry for custom runners
- ensure discon plugins can read registers
- fix a bug on uftrace symbol helper script
- deprecate the fby35 machine
# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAmkzAAsACgkQ+9DbCVqe
# KkSCmAf/e5bJGX4GJhNBV9OwBahjDx0U+oCPUCQwH5E7KgUbvBKMd2e+icgjoPnF
# mAA+SVk1wlqi/EPywqMWIcYTNSwg1ZKkqxQwKnzjlinzshk5Q3Rd8CkIUCDE+i6B
# Cn5HXNMxAHwJZXi2ftOUm2wvb5p4NgahbtKUkEAsYvVWgHF+gQ+1KrpbKze2+Mzk
# 707c2zf0/8mcNl7GZDc7ti6MXEmlejR46UTsKz6u12hGTHjN13UDa+yQXqpot5y7
# blUxwneXo7zdxB6EnGgvArzZQh8o0fOo0zWoC5GDKrbdLIrBVxhXYoWCqgaQv7h7
# v5HhMvzq7obIa+qRnjRzUO68MT1rcw==
# =e46t
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 05 Dec 2025 09:53:47 AM CST
# gpg: using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44
* tag 'pull-10.2-final-fixes-051225-2' of https://gitlab.com/stsquad/qemu:
aspeed: Deprecate the fby35 machine
contrib/plugins/uftrace_symbols.py: unbreak --no-prefix-symbols
plugins/core: allow reading of registers during discon events
MAINTAINERS: update the custom runner entries
docs/devel: Correct typo
docs/devel: update build environment setup documentation
tests/docker: drop --disable-[tools|system] from all-test-cross
tests/docker: transition debian-all-test-cross to lcitool
tests/lcitool: add bzip2 to the minimal dependency list
tests/qemu-iotests: Check for a functional "secret" object before using it
tests/tcg: honour the available QEMU binaries when running check-tcg
gitlab-ci.d/cirrus: Update the FreeBSD job to v14.3
gitlab: drop explicit pxe-test from the build-tci job
gitlab: drop --disable-pie from aarch64-all-linux-static build
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
There are no functional tests for the 'fby35' machine which makes
harder to determine when something becomes deprecated or unused.
The 'fby35' machine was originally added as an example of a multi-SoC
system, with the expectation the models would evolve over time in an
heterogeneous system. This hasn't happened and no public firmware is
available to boot it. It can be replaced by the 'ast2700fc', another
multi-SoC machine based on the newer AST2700 SoCs which are excepted
to receive better support in the future.
Cc: Peter Delevoryas <peter@pjd.dev>
Signed-off-by: Cédric Le Goater <clg@redhat.com>
Message-ID: <20251126102424.927527-1-clg@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Fix a number of issues:
- update the ubuntu references to 24.0
- add the s390x and ppc64le yml files
- replace Works on Arm with Linaro
- Also mention IBM (s390x) and OSUL (ppc64le) as HW hosts
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20251204194902.1340008-11-alex.bennee@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Bring `libvirt-ci` front and centre when discussing dependencies for
QEMU. While we are at it:
- drop links to additional instructions (libvirt is more upto date)
- compress pkg installs into a table
- call out distro/upstream dep difference in a proper note
Message-ID: <20251204194902.1340008-9-alex.bennee@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
We use this container to build system images in CI which do not honour
QEMU_CONFIGURE_OPTS. Drop the --disables from the container so
developers don not need to jump through hoops trying to replicate that
on their workstations.
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20251204194902.1340008-8-alex.bennee@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
While we are at it bump up to debian-13. As we use this container in
the CI runs this also has the benefit of ensuring our qemu-minimal
dependencies project really has just what we need to build a basic
QEMU.
We add a few extra packages so we can build with clang as well as what
we need to probe for the available cross-compilers in the image.
Message-ID: <20251204194902.1340008-7-alex.bennee@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Currently configure can identify all the targets that have
cross-compilers available from the supplied target-list. By default
this is the default_target_list which is all possible targets we can
build.
At the same time the target list passed to meson is filtered down
depending on various factors including not building 64 bit targets on
32 bit hosts. As a result make check-tcg will erroneously attempt to
run tests for which we haven't built a QEMU.
Solve this by filtering the final list of TCG_TEST_TARGETS based on
what actually was configured by meson. Rename the variable that
configure spits out to TCG_TESTS_WITH_COMPILERS for clarity and to
avoid larger churn in the Makefile.
Message-ID: <20251204194902.1340008-4-alex.bennee@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
The tmp[lh] variables were defined as inputs to the
asm rather than outputs, which meant that the compiler
rightly diagnosed uninitialized inputs.
Reported-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Use the Int128Alias structure more when we need to convert
between Int128 and __int128_t, when Int128 is a struct.
Fixes the build on aarch64 host with TCI, which forces
the use of the struct.
Reported-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Since we build TCI with FFI (commit 22f15579fa "tcg: Build ffi data
structures for helpers") we get on Darwin:
In file included from ../../tcg/tci.c:22:
In file included from include/tcg/helper-info.h:13:
/Library/Developer/CommandLineTools/SDKs/MacOSX15.sdk/usr/include/ffi/ffi.h:483:5: warning: 'FFI_GO_CLOSURES' is not defined, evaluates to 0 [-Wundef]
483 | #if FFI_GO_CLOSURES
| ^
1 warning generated.
This was fixed in upstream libffi in 2023, but not backported to MacOSX.
Simply disable the warning locally.
Reported-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Since d182123974, the number of bits in a MemOpIdx tops out at 17.
which won't fit in the TCI rrm format, thus an assertion failure.
Introduce new opcodes that take the MemOpIdx from a register, as
we already do for qemu_ld2 and qemu_st2.
Fixes: d182123974 ("include/exec/memopidx: Adjust for 32 mmu indexes")
Tested-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
For native code generation, zero-extending 32-bit addresses for
the slow path helpers happens in tcg_out_{ld,st}_helper_args,
but there isn't really a slow path for TCI, so that didn't happen.
Make the extension for TCI explicit in the opcode stream,
much like we already do for plugins and atomic helpers.
Cc: qemu-stable@nongnu.org
Fixes: 24e46e6c9d ("accel/tcg: Widen tcg-ldst.h addresses to uint64_t")
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
When introducing DM_MPATH_PROBE_PATHS, we already anticipated that
dm-multipath devices might be suspended for a short time when the DM
tables are reloaded and that they return -EAGAIN in this case. We then
wait for a millisecond and retry.
However, meanwhile it has also turned out that libmpathpersist (which is
used by qemu-pr-helper) may need to perform more complex recovery
operations to get reservations back to expected state if a path failure
happened in the middle of a PR operation. In this case, the device is
suspended for a longer time compared to the case we originally expected.
This patch changes hdev_co_ioctl() to treat -EAGAIN separately so that
it doesn't result in an immediate failure if the device is suspended for
more than 1ms, and moves to incremental backoff to cover both quick and
slow cases without excessive delays.
Buglink: https://issues.redhat.com/browse/RHEL-121543
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-ID: <20251128221440.89125-1-kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
These functions wrap ioctl(). When ioctl() fails, it sets @errno.
The wrappers then return that @errno negated.
Except they call accel_ioctl_end() between calling ioctl() and reading
@errno. accel_ioctl_end() can clobber @errno, e.g. when a futex()
system call fails. Seems unlikely, but it's a bug all the same.
Fix by retrieving @errno before calling accel_ioctl_end().
Fixes: a27dd2de68 (KVM: keep track of running ioctls)
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20251128152050.3417834-1-armbru@redhat.com>
Recent changes introduced build errors in the i386 HVF backend:
- ../accel/hvf/hvf-accel-ops.c:163:17: error: no member named 'guest_debug_enabled' in 'struct AccelCPUState'
163 | cpu->accel->guest_debug_enabled = false;
- ../accel/hvf/hvf-accel-ops.c:151:51
error: no member named 'unblock_ipi_mask' in 'struct AccelCPUState'
- ../target/i386/hvf/hvf.c:736:5
error: use of undeclared identifier 'rip'
- ../target/i386/hvf/hvf.c:737:5
error: use of undeclared identifier 'env'
This patch corrects the field usage and move identifier to correct
function ensuring successful compilation of the i386 HVF backend.
These issues were caused by:
Fixes: 2ad756383e (“accel/hvf: Restrict ARM-specific fields of AccelCPUState”)
Fixes: 2a21c92447 (“target/i386/hvf: Factor hvf_handle_vmexit() out”)
Signed-off-by: Nguyen Dinh Phi <phind.uet@gmail.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20251126094601.56403-1-phind.uet@gmail.com>
[PMD: Keep setting vcpu_dirty on AArch64]
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tested-by: Nguyen Dinh Phi <phind.uet@gmail.com>
Message-Id: <20251128085854.53539-1-phind.uet@gmail.com>
trans_BRA does
gen_a64_set_pc(s, dst);
set_btype_for_br(s, a->rn);
gen_a64_set_pc does
s->pc_save = -1;
set_btype_for_br (if aa64_bti is enabled and the register is not x16 or
x17) does
gen_pc_plus_diff(s, pc, 0);
gen_pc_plus_diff does
assert(s->pc_save != -1);
Hence, this assert is getting hit. We need to call set_btype_for_br
before gen_a64_set_pc, and there is nothing in set_btype_for_br that
depends on gen_a64_set_pc having already been called, so this commit
simply swaps the calls.
(The commit message for 64678fc45d says that set_brtype_for_br()
must be "moved after" get_a64_set_pc(), but this is a mistake in
the commit message -- the actual changes in that commit move
set_brtype_for_br() *before* get_a64_set_pc() and this is necessary
to avoid the assert.)
Cc: qemu-stable@nongnu.org
Fixes: 64678fc45d ("target/arm: Fix BTI versus CF_PCREL")
Signed-off-by: Harald van Dijk <hdijk@accesssoftek.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: d2265ebb-84bc-41b7-a2d7-05dc9a5a2055@accesssoftek.com
[PMM: added note about 64678fc45d to commit message]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Misc HW patches
Few fixes in hw/; also including qtest and replay fixes.
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAmkmI9YACgkQ4+MsLN6t
# wN6sSg/9EsnXLpMCfW1HyvgI67Yxb397YCvAxacPqFA+Xm9q6xCo2jKcjBnVI61A
# 4DkSsYC7OE2wdRzzziiWaXEfydGKHa7rXNGdunYSY52XLk2oElhSS0ykPsUWeFS+
# 66+YzSgNgBKHIdDHSVRgoTPDOYW6LSLU+Zfbj40FfApnuRw8AFRB+qVQaXvCV8h/
# W6fI4B2ce/0Rv8o0AJDWnN3HP6rZZ+l+eyhj9ODPusAC+OU4nowiJBCoCJa8GwDY
# KiASI9+mA4jY2vcoCiXG4Bbg1VzOte2TKudZwTwvhqkmGh0S6VejqO/Pn6IKh3j0
# H3YrXMDn6h4GrJ3gd3YTseeuEhApYnUP76MWuPy+MjMwp605rMCh/voVkzRvBdmn
# xXzklO48hpk8cRD3W4kfvJIlrBZIrMSFG8Q4m6S9FXZkGUP9zm2bOCkRqMxfdEdI
# H1/J/sJ5iPOIwd87yElSV16i9BZyalcWZDYkQLKgtroq1uPaGxUR46mlnhMFKeBP
# 68Xjh9ux6zOuFwb4FIqbEyyKTMVdGrkHuD267YHEKQo0X0frGjFfdRtrW3zJbMIw
# vAFsQl2oPAKJ7DpEHae/CeD10piQRb/nTav9UdscaXoIUJdFJ+nPfHNwUkKW30Gw
# SSmueD2qJcqwzVa36SRhYxwG5+EW2RsN1kL5wkHv3qhRaoEfKJ8=
# =hq47
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 25 Nov 2025 01:47:02 PM PST
# gpg: using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: FAAB E75E 1291 7221 DCFD 6BB2 E3E3 2C2C DEAD C0DE
* tag 'hw-misc-20251125' of https://github.com/philmd/qemu:
hw/aspeed/{xdma, rtc, sdhci}: Fix endianness to DEVICE_LITTLE_ENDIAN
hw/core/machine: Provide a description for aux-ram-share property
replay: Improve assert in replay_char_read_all_load()
hw/virtio: Use error_setg_file_open() for a better error message
hw/scsi: Use error_setg_file_open() for a better error message
hw/usb: Convert to qemu_create() for a better error message
docs/deprecated: Remove undeprecated SMP description
hw/pci: Make msix_init take a uint32_t for nentries
qtest: Allow and ignore blank lines in input
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
When the XDMA, RTC and SDHCI device models of the Aspeed SoCs were
first introduced, their MMIO regions inherited of a DEVICE_NATIVE_ENDIAN
endianness. It should be DEVICE_LITTLE_ENDIAN. Fix that.
Signed-off-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20251125142631.676689-1-clg@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
In replay_char_read_all_load() we get a buffer and size from the
replay log. We know the size has to fit an int because of how we
write the log. However the way we assert this is wrong: we cast the
size_t from replay_get_array() to an int and then check that it is
non-negative. This misses cases where an over-large size is
truncated into a positive value by the cast.
Replace the assertion with checking that the size is in-range
before doing the cast.
Coverity complained about the possible overflow: CID 1643440.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20251124173407.50124-1-peter.maydell@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
The error message changes from
vhost-vsock: failed to open vhost device: REASON
to
Could not open '/dev/vhost-vsock': REASON
I think the exact file name is more useful to know than the file's
purpose.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20251121121438.1249498-8-armbru@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
The error message changes from
vhost-scsi: open vhost char device failed: REASON
to
Could not open '/dev/vhost-scsi': REASON
I think the exact file name is more useful to know than the file's
purpose.
We could put back the "vhost-scsi: " prefix with error_prepend(). Not
worth the bother.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dave@treblig.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20251121121438.1249498-7-armbru@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
"Unsupported 'parameter=1' SMP configuration" was proposed to be
deprecated in the commit 54c4ea8f3a ("hw/core/machine-smp: Deprecate
unsupported "parameter=1" SMP configurations").
But the related code was reverted later in the commit 9d7950edb0
("hw/core: allow parameter=1 for SMP topology on any machine").
Thus, this SMP behavior is still valid and is not actually deprecated.
Remove outdated document descriptions.
Reported-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Zhao Liu <zhao1.liu@intel.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20251121084416.1031466-1-zhao1.liu@intel.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
msix_init() and msix_init_exclusive_bar() take an "unsigned short"
argument for the number of MSI-X vectors to try to use. This is big
enough for the maximum permitted number of vectors, which is 2048.
Unfortunately, we have several devices (most notably virtio) which
allow the user to specify the desired number of vectors, and which
use uint32_t properties for this. If the user sets the property to a
value that is too big for a uint16_t, the value will be truncated
when it is passed to msix_init(), and msix_init() may then return
success if the truncated value is a valid one.
The resulting mismatch between the number of vectors the msix code
thinks the device has and the number of vectors the device itself
thinks it has can cause assertions, such as the one in issue 2631,
where "-device virtio-mouse-pci,vectors=19923041" is interpreted by
msix as "97 vectors" and by the virtio-pci layer as "19923041
vectors"; a guest attempt to access vector 97 thus passes the
virtio-pci bounds checking and hits an essertion in
msix_vector_use().
Avoid this by making msix_init() and its wrapper function
msix_init_exclusive_bar() take the number of vectors as a uint32_t.
The erroneous command line will now produce the warning
qemu-system-i386: -device virtio-mouse-pci,vectors=19923041:
warning: unable to init msix vectors to 19923041
and proceed without crashing. (The virtio device warns and falls
back to not using MSIX, rather than complaining that the option is
not a valid value this is the same as the existing behaviour for
values that are beyond the MSI-X maximum possible value but fit into
a 16-bit integer, like 2049.)
To ensure this doesn't result in potential overflows in calculation
of the BAR size in msix_init_exclusive_bar(), we duplicate the
nentries error-check from msix_init() at the top of
msix_init_exclusive_bar(), so we know nentries is sane before we
start using it.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2631
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20251107131044.1321637-1-peter.maydell@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Currently the code that reads the qtest protocol commands insists
that every input line has a command. If it receives a line with
nothing but whitespace it will trip an assertion in
qtest_process_command().
This is a little awkward for the case where we are feeding qtest a
set of bug-reproduction commands via standard input or a file,
because it means you need to be careful not to leave a blank line at
the start or the end when cutting and pasting the command sequence
from a bug report.
Change the code to allow and ignore blank lines in the input.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Fabiano Rosas <farosas@suse.de>
Message-ID: <20251106151959.1088095-1-peter.maydell@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
