Move raw FFI bindings generation to separate crates. This makes it
possible to reuse bindgen declarations for a header file in its
dependencies (this was not the case before this change), while keeping
multiple -sys crates to avoid rebuilding all the code whenever
something changes.
Because the -sys crates are generated in dependency order, this also
enforces that the crates are organized in something that resembles
the dependencies between C headers.
The meson.build for rust-safe crates becomes simpler, and it should be
possible in the future to let Meson's cargo support handle most of it.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
[General cleanup and Python script. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Migration pull request
- Removal of deprecated query-migrationthreads command
- Removal of deprecated QMP migrate argument 'detach'
- Removal of deprecated zero-blocks capability
- Removal of deprecated migration to file using fd: URI
- Improvements to fd handling in QEMUFile
- Cleanups to postcopy tests
- Cleanup of migration channel connection code
# -----BEGIN PGP SIGNATURE-----
#
# iQJEBAABCAAuFiEEqhtIsKIjJqWkw2TPx5jcdBvsMZ0FAmlz0PIQHGZhcm9zYXNA
# c3VzZS5kZQAKCRDHmNx0G+wxnS1hEADSUFCynktz0MwmPbun9rHI/DSTmkk2SFIj
# 4WI66Wgez805uD/Xa/r7qpqpjkTTFd+mgbfUlkcmiatrrPMFsYFP4cyrtFfLOl16
# ODmYZO+VQ+cFpzgXDsS1IrHSwaJ1zU7sFkYLXGJdwwhkDWDDxHpO/1OADG7HotkH
# GFaZaMFim4fAHuDp688uzbUsljNjaKNlqbZQFVeg2S+ewEFtp1/tTY2oRTuKA0Es
# BPeENU6xQxR26YPn8lZub61D12ZNw4BCKTNANGvnDGjTmC9Ijw3iAjEo5O4TWhca
# q7UPkFS9uuxIxtAeRul92XzAclASnZ52Lk1oTfP083GcXIepsFwNKKmZtulOjGm2
# bz8exu46WUSO0wxlWcM/DGfmkapKbXteP/nIBjpeRrYxxz4dBJ4MHHCNv487Si3Y
# Um8dar3wUNP6UZEt/ZGidJRvcigMwM01aDVXyn05qqHQ8Qfj93ozi9hz1ttHBeDP
# QuX6LlJ4wiU4z9QZqNaDe7pwSi/VdROkp3U0/0SVySudqE/vTC0YtUxq2miH7RLl
# VJsYPF9nZOEgKXCqMdzM4G9kr/jJ0Ou7z8hm/J6l19joBn79pf7FrRG935LCM7at
# 0xkF1D+D/O4+C/mnYemVXNwY35MhQR9OihS6DjVxYeySf4QIwUtuzBQ6W1pz9vJt
# EyLedtJXpg==
# =7sEk
# -----END PGP SIGNATURE-----
# gpg: Signature made Sat 24 Jan 2026 06:50:10 AM AEDT
# gpg: using RSA key AA1B48B0A22326A5A4C364CFC798DC741BEC319D
# gpg: issuer "farosas@suse.de"
# gpg: Good signature from "Fabiano Rosas <farosas@suse.de>" [unknown]
# gpg: aka "Fabiano Almeida Rosas <fabiano.rosas@suse.com>" [unknown]
# gpg: WARNING: The key's User ID is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: AA1B 48B0 A223 26A5 A4C3 64CF C798 DC74 1BEC 319D
* tag 'migration-20260123-pull-request' of https://gitlab.com/farosas/qemu: (36 commits)
migration/channel: Centralize calling migration_channel_connect_outgoing
migration: Remove qmp_migrate_finish
migration: Move CPR HUP watch to cpr-transfer.c
migration: Free cpr-transfer MigrationAddress along with gsource
migration: Move URI parsing to channel.c
migration: Move channel parsing to channel.c
migration: Move transport connection code into channel.c
migration: Move channel code to channel.c
migration: Rename instances of start
migration/channel: Rename migration_channel_connect
migration: Start incoming from channel.c
migration/rdma: Use common connection paths
migration: Move setting of QEMUFile into migration_outgoing|incoming_setup
migration: Handle error in the early async paths
migration: Fold migration_cleanup() into migration_connect_error_propagate()
migration: yank: Move register instance earlier
migration: Expand migration_connect_error_propagate to cover cancelling
migration: Move error reporting out of migration_cleanup
migration: Free the error earlier in the resume case
migration: Use migrate_mode() to query for cpr-transfer
...
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
In rST documents, an '@' character in normal text or a parsed-literal is
assumed to be an email address and will result in a 'mailto:' hyperlink in
the generated HTML. In several places we have mailto: hyperlinks that are
unintended nonsense; correct these by either escaping the @ character or
making the text use ``...`` preformatted rendering.
This commit covers only the simple cases which can be trivially fixed
with escaping or ``..``; the remaining cases will be handled in
separate commits.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Zhang Chen <zhangckid@gmail.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20260115142629.665319-3-peter.maydell@linaro.org
Make some minor improvements to the rendering of the docs for
the xlnx-zynq-a9 board:
* use a proper hyperlink rather than a bare URL for the
link to the reference manual
* drop the hex address of the SMC SRAM: the bare '@' is
rendered as bogus mailto: hyperlink, and the information
is not very interesting to the user anyway
* expand out the abbreviations in the list of Cortex-A9
per-CPU devices
* correct the bullet-point list markup so it doesn't render
with odd highlighted lines
* capitalize 'Arm' correctly
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Zhang Chen <zhangckid@gmail.com>
Message-id: 20260115142629.665319-2-peter.maydell@linaro.org
The company 'Arm' went through a rebranding many years back
involving a recapitalization from 'ARM' to 'Arm'. As a result
our documentation is a bit inconsistent between the two forms.
It's not worth trying to update everywhere in QEMU, but it's
easy enough to make docs/ consistent.
We last did this in commit 6fe6d6c9a in 2020, but a few new
uses of the wrong capitalization have crept back in since.
As before, "ARMv8" and similar architecture names, and
older CPU names like "ARM926" still retain all-caps.
In a few places we make minor grammar fixups as we touch
the sentences we're fixing.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20260115150545.669444-1-peter.maydell@linaro.org
Commit 094fd7d36f ("hw/arm/imx8mp-evk: Add KVM support") introduced KVM
support for the imx8mp-evk machine. KVM only works with the "host" CPU type
such that it has been made the default CPU type for KVM. No need to repeat
that on the command line.
Fixes: 094fd7d36f ("hw/arm/imx8mp-evk: Add KVM support")
Signed-off-by: Bernhard Beschow <shentey@gmail.com>
Message-id: 20260114213227.3812-3-shentey@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Add a minimal PCI test device designed to exercise IOMMU translation
(such as ARM SMMUv3) without requiring guest firmware or OS. The device
provides MMIO registers to configure and trigger DMA operations with
controllable attributes (security state, address space), enabling
deterministic IOMMU testing.
Key features:
- Bare-metal IOMMU testing via simple MMIO interface
- Configurable DMA attributes for security states and address spaces
- Write-then-read verification pattern with automatic result checking
The device performs a deterministic DMA test pattern: write a known
value (0x12345678) to a configured GVA, read it back, and verify data
integrity. Results are reported through a dedicated result register,
eliminating the need for complex interrupt handling or driver
infrastructure in tests.
This is purely a test device and not intended for production use or
machine realism. It complements existing test infrastructure like
pci-testdev but focuses specifically on IOMMU translation path
validation.
Signed-off-by: Tao Tang <tangtao1634@phytium.com.cn>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: Clément Mathieu--Drif <clement.mathieu--drif@eviden.com>
Reviewed-by: Fabiano Rosas <farosas@suse.de>
Message-ID: <20260119161112.3841386-4-tangtao1634@phytium.com.cn>
[PMD: Add SPDX-License-Identifier: GPL-2.0-or-later tag]
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
32-bit hosts have been deprecated since 10.0.
As the first step, disable any such at configuration time.
Further patches will remove the dead code.
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Currently we have a "Restrictions and ToDos" section at the bottom of
the document which notes that there's no way to specify a CPU to load
a file through that doesn't also set that CPU's PC. This is written
as a developer-facing note. Move this to a TODO comment in the
source code, and provide a shorter user-facing statement of the
current restriction under the specific sub-option that it applies to.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
We currently say "All values are parsed using the standard QemuOpts
parsing". This doesn't tell the user anything useful because we
don't mention QemuOpts anywhere else in the docs. What we're really
trying to tell the user is what we mention afterwards: that the
values are decimal, and you need an 0x prefix for hex. How we
achieve it is an implementation detail the user doesn't need to know.
Drop the explicit mention of QemuOpts; this in passing removes a typo
"QemuOps" that we made in one place. Put the informative note
more closely associated with the <addr> suboption which is the
one that users might most reasonably assume to default to hex.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
The cpu-num suboption to the generic loader has two effects when
it is used with -device loader,file=<file>:
* it specifies which CPU to load the data through
* it specifies which CPU gets its PC set to the file's entry point
Our documentation is not very clear about what happens if you don't
pass this suboption. The default is that we pick the first CPU to
load the data, but we don't set the PC for any CPU, so the "If not
specified, the default is CPU 0" is confusing: it applies for loading
but not for the PC setting.
Clarify the text to make it clearer that the option has two effects
and the default behaviour is different for the two effects.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
On a system influenced by ERRATA_772415, IOMMU_HW_INFO_VTD_ERRATA_772415_SPR17
is repored by IOMMU_DEVICE_GET_HW_INFO. Due to this errata, even the readonly
range mapped on second stage page table could still be written.
Reference from 4th Gen Intel Xeon Processor Scalable Family Specification
Update, Errata Details, SPR17.
Link https://edc.intel.com/content/www/us/en/design/products-and-solutions/processors-and-chipsets/eagle-stream/sapphire-rapids-specification-update/
Backup https://cdrdv2.intel.com/v1/dl/getContent/772415
Also copied the SPR17 details from above link:
"Problem: When remapping hardware is configured by system software in
scalable mode as Nested (PGTT=011b) and with PWSNP field Set in the
PASID-table-entry, it may Set Accessed bit and Dirty bit (and Extended
Access bit if enabled) in first-stage page-table entries even when
second-stage mappings indicate that corresponding first-stage page-table
is Read-Only.
Implication: Due to this erratum, pages mapped as Read-only in second-stage
page-tables may be modified by remapping hardware Access/Dirty bit updates.
Workaround: None identified. System software enabling nested translations
for a VM should ensure that there are no read-only pages in the
corresponding second-stage mappings."
Introduce a helper vfio_device_get_host_iommu_quirk_bypass_ro to check if
readonly mappings should be bypassed.
Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
Link: https://lore.kernel.org/qemu-devel/20260106062808.316574-5-zhenzhong.duan@intel.com
Signed-off-by: Cédric Le Goater <clg@redhat.com>
Various patches related to single binary effort:
- Endianness cleanups in memory core subsystem and for various targets
- Few cleanups around target_ulong type
- Build various compilation units as common
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAmlleisACgkQ4+MsLN6t
# wN40yw/+NYK6Q+v8YHclH0g6YkPsXYsCVOLWhYaUQ9Smc3Vk8js02LRMxomGiyjc
# lRhatftrH4dCuiWavyhlK/z+tu3b2WOgjjcIocg7ztZEwzyvDPEKidBNM4Wrv27d
# 6WNdtCn1rOOYQBcCs/MEHnrxIl3qfl5Kqt4hzejcK4E1DFa1m5ashAEVJwMlqYWp
# qkBT3fw0jfHojM+eTAbvKI1fi27GVMXbQXSM3V3vG3njxmx4JQT0p9QjyDYWZwgh
# xAJvy5neoNv3T7TBELCfqSWzGA5WHrW/eAkuRuO0JVa69IOn/mh2aGKboJMT7KQF
# ufyxceHMj8TLJr6c9BrvaWX7+p7xyvbX3ud+qXOV9P2FBVm+hf2lHnw0pJJ6A51g
# qv3u8zUVwhmx6oF95ibQtaWKdLNhGCKtVKJu59Xxj/7Bp00BS1Jnj6E/g34To8Vm
# 18g3cPJ+CEhdTFSkcHusiVI4GdHb8JEGUd5kyWza3gEgYb/J1Ps/a807n6C6NQcq
# MRkt2zNKS+sJeZzvl+BGH8WewMVGWm1f8IoP28ZvgyxFVutkgFcj+UQZp3J7mkpV
# ja0B7+1NMK9oMeq/+YM4gUgEF0ydThlqa+qTzxVYu8qpzWT9+cqqWeQHAteE3g/v
# rqqu/sBUSbh5xi+82zRbgwd7Hj31ST5XkepQN0vUTT4P3zCijy8=
# =P+9/
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 13 Jan 2026 09:48:11 AM AEDT
# gpg: using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: FAAB E75E 1291 7221 DCFD 6BB2 E3E3 2C2C DEAD C0DE
* tag 'single-binary-20260112' of https://github.com/philmd/qemu: (61 commits)
target/arm/gdbstub: make compilation unit common
target/arm/gdbstub: extract aarch64_cpu_register_gdb_regs_for_features
gdbstub/helpers.h: allow header to be called from common code
accel/tcg: Un-inline WatchPoint API user-emulation stubs
target/tricore: Build system units in common source set
target/tricore: Inline translator_lduw()
target/tricore: Use little-endian variant of cpu_ld/st_data*()
target/sparc: Inline cpu_ldl_code() call in cpu_do_interrupt()
target/sparc: Inline translator_ldl()
target/sparc: Use explicit big-endian LD/ST API
hw/sparc: Use explicit big-endian LD/ST API
hw/sparc: Mark SPARC-specific peripherals as big-endian
target/sh4: drop cpu_reset from realizefn
target/sh4: Build system units in common source set
target/rx: Build system units in common source set
target/rx: Inline translator_lduw() and translator_ldl()
target/rx: Use explicit little-endian LD/ST API
target/rx: Use little-endian variant of cpu_ld/st_data*()
target/openrisc: Build system units in common source set
target/openrisc: Avoid target-specific migration headers in machine.c
...
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
The board model supports up to 64 harts with MIPS CPS, MIPS GCR,
MIPS CPC, AIA plic, and AIA clint devices. The model can create
boot code, if there is no -bios parameter. We can specify -smp x,
cores=y,thread=z.
Ex: Use 4 cores and 2 threads with each core to
have 8 smp cpus as follows.
qemu-system-riscv64 -cpu mips-p8700 \
-m 2G -M boston-aia \
-smp 8,cores=4,threads=2 -kernel fw_payload.bin \
-drive file=rootfs.ext2,format=raw -serial stdio
Signed-off-by: Chao-ying Fu <cfu@mips.com>
Signed-off-by: Djordje Todorovic <djordje.todorovic@htecgroup.com>
Acked-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Acked-by: Alistair Francis <alistair.francis@wdc.com>
Message-ID: <20260108134128.2218102-11-djordje.todorovic@htecgroup.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
The functional tests currently don't allow a single test to be
selected for execution by dotted name, e.g:
./build/run tests/functional/ppc64/test_pseries.py PseriesMachine.test_ppc64_linux_boot
^
The issue is that the testcase.py main function passes the test
module's name as the second argument to unittest.main(), which makes
it ignore all other positional arguments (presumably because the
module is already the superset of all tests).
After commit cac08383f0 ("tests/functional: expose sys.argv to
unittest.main"), the situation improves by passing the rest of the
argv from the command line invocation into unittest.main(), but it
still doesn't fix the issue. The short form options are now accepted,
so the -k option could be used to filter for a pattern, which is
useful, but not the same as listing the test names.
Fix this by passing the test module name via the "module" argument to
unittest.main() and stop touching argv. The ways of invoking tests are
now as per unittests documentation (-k still works):
Examples:
test_pseries.py - run default set of tests
test_pseries.py MyTestSuite - run suite 'MyTestSuite'
test_pseries.py MyTestCase.testSomething - run MyTestCase.testSomething
test_pseries.py MyTestCase - run all 'test*' test methods in MyTestCase
Note that ever since we've been programatically passing the module
name to unittest.main(), the usage 'test_pseries.py test_pseries' was
never valid. It used to "work" just the same as 'test_pseries.py
foobar' would. After this patch, that usage results in an error.
Also note that testcase.py:main() pertains to running the test module
that invoked it via QemuSystemTest.main(), i.e. module == __main__. So
the 'discover' usage of unittest doesn't apply here, the module is
already discovered because that's where this code was called from to
begin with. This patch could just as well call unittest.main() instead
of unittest.main(test_module), but the latter provides nicer error
messages prefixed with the module name.
Tested-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Fabiano Rosas <farosas@suse.de>
Message-ID: <20260102181700.11886-1-farosas@suse.de>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Remove the ast2700-evb entry from the Aspeed family boards list in
the documentation. The AST2700 platform now belongs to the new Aspeed
2700 family group, which has its own dedicated documentation section
and board definitions.
Update the Aspeed 2700 family boards list in the documentation to include
the new ast2700fc board entry.
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Link: https://lore.kernel.org/qemu-devel/20251112030553.291734-12-jamin_lin@aspeedtech.com
Signed-off-by: Cédric Le Goater <clg@redhat.com>
AioContexts are used as a generic event loop even outside the block
layer; move the header file out of block/ just like the implementation
is in util/.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Various aspects of the development workflow are complicated by the need
to set env variables ahead of time, or use specific paths. Meson
provides a 'devenv' command that can be used to launch a command with a
number of appropriate project specific environment variables preset.
By default it will modify $PATH to point to any build directory that
contains a binary built by the project.
This further augments that to replicate the venv 'activate' script:
* Add $BUILD_DIR/pyvenv/bin to $PATH
* Set VIRTUAL_ENV to $BUILD_DIR/pyvenv
And then makes functional tests more easily executable
* Add $SRC_DIR/tests/functional and $SRC_DIR/python to $PYTHONPATH
To see the benefits of this consider this command:
$ source ./build/pyvenv/bin/activate
$ ./scripts/qmp/qmp-shell-wrap ./build/qemu-system-x86_64
which is now simplified to
$ ./build/run ./scripts/qmp/qmp-shell-wrap qemu-system-x86_64 [args..]
This avoids the need repeat './build' several times and avoids polluting
the current terminal's environment and/or avoids errors from forgetting
to source the venv settings.
As another example running functional tests
$ export PYTHONPATH=./python:./tests/functional
$ export QEMU_TEST_QEMU_BINARY=./build/qemu-system-x86_64
$ build/pyvenv/bin/python3 ./tests/functional/x86_64/test_virtio_version.py
which is now simplified to
$ export QEMU_TEST_QEMU_BINARY=qemu-system-x86_64
$ ./build/run ./tests/functional/x86_64/test_virtio_version.py
This usefulness of this will be further enhanced with the pending
removal of the QEMU python APIs from git, as that will require the use
of the python venv in even more scenarios that today.
The 'run' script does not let 'meson devenv' directly launch the command
to be run because it always requires $BUILD_DIR as the current working
directory. It is desired that 'run' script always honour the current
working directory of the terminal that invokes is. Thus the '--dump'
flag is used to export the devenv variables into the 'run' script's
shell.
This takes the liberty to assign 'run.in' to the "Build system" section
in the MAINTAINERS file, given that it leverages meson's 'devenv'
feature.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Link: https://lore.kernel.org/r/20251222113859.182395-1-berrange@redhat.com
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
There are no functional tests for the 'fby35' machine which makes
harder to determine when something becomes deprecated or unused.
The 'fby35' machine was originally added as an example of a multi-SoC
system, with the expectation the models would evolve over time in an
heterogeneous system. This hasn't happened and no public firmware is
available to boot it. It can be replaced by the 'ast2700fc', another
multi-SoC machine based on the newer AST2700 SoCs which are excepted
to receive better support in the future.
Cc: Peter Delevoryas <peter@pjd.dev>
Signed-off-by: Cédric Le Goater <clg@redhat.com>
Message-ID: <20251126102424.927527-1-clg@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
