Commit Graph

490 Commits

Author SHA1 Message Date
Peter Maydell
3fb456e9a0 Merge tag 'pull-request-2026-03-02' of https://gitlab.com/thuth/qemu into staging
* Remove qemu-system-microblazeel (qemu-system-microblaze can be used instead)
* Improve detection of the docker/podman binary
* Prevent a null pointer dereference during zpci hot unplug

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCgAdFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAmmlgwQACgkQLtnXdP5w
# LbW4jw//VMx6pHEu5L3Rzr3FZdgMJUhJ3UQKoV5PAImHz96QjIZi3kR311/D7Xjr
# nPf9VVgVZUEKzwyCfv7V06M9S79Jbw2cJesEIcu5LqbvGxKcevXVPMdVPpDG7P7T
# zuNW7eyIMpHYHRnMnxRNY/Hl8S1P9spEWJeQpNxfe9AKoWh2i4vEC8KLMAf59DAw
# MX0CZjonMeCBSWBqRqP0zOeUqiq9n49Lz1LQnCZb1R2TF+RGmwfe6+NaBeEZ9BSg
# FWGVIIq09OFxvtUuuut5X47DOrxk69q0RmiLy+wyrpH3VMxWM41n3oensoaNm0Xj
# dg0Eq1GzQwnLalaVgdqriGnymQWtvKXmlXHsIAwedLscOO6F5L+T12WZUSUjDZ92
# SGGKyi2TSkgEZO1naLxi+J0dMWSO51wOOln9GAgFHkT/PuF/12r0sVweXXiovucr
# 4CWKP8VGU5MVpGlZ9flLwXiq8uS1GOsMQbBj/eoVOxEuFnL0crX9dME8vlpoGYAg
# THmuLKOxtcVtC9BxBZQkMFj6IKdRYEfFnNuCl2gk33Ksdb9QYCyL54XSZ9vtvhhG
# +5ajjl+w+O8HgnQKdWSQy1PYrvQ6EXtY0ZOf0q0yPfz4oq4Ib81oLhfvK0AywM17
# DALYymGpGgOgGYIkKQKcn3id7OnaIiRe7ai4GeJ9AbFVgxR4l+w=
# =Sdy4
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon Mar  2 12:31:00 2026 GMT
# gpg:                using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg:                 aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>" [undefined]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* tag 'pull-request-2026-03-02' of https://gitlab.com/thuth/qemu:
  gitlab: ensure docker output is always displayed in CI
  tests/docker: allow display of docker output
  tests/docker: add support for podman remote access
  tests/docker: improve handling of docker probes
  Remove the qemu-system-microblazeel target from the build
  gitlab-ci: Remove the microblazeel target from the CI jobs
  tests/qtest: Remove the microblazeel target from the qtests
  tests/functional: Remove the microblazeel test
  tests/functional: Make sure test case .py files are executable
  s390x/pci: prevent null pointer dereference during zpci hot unplug

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2026-03-02 14:01:46 +00:00
Thomas Huth
46a25ae3f0 Remove the qemu-system-microblazeel target from the build
It's been deprecated since two releases, so it should be fine to
remove this now. Users can use the qemu-system-microblaze binary
instead that can handle both endiannesses now.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20260226084608.11251-5-thuth@redhat.com>
2026-03-02 09:48:10 +01:00
Ani Sinha
e76c30bb13 hw/machine: introduce machine specific option 'x-change-vmfd-on-reset'
A new machine specific option 'x-change-vmfd-on-reset' is introduced for
debugging and testing only (hence the 'x-' prefix). This option when enabled
will force KVM VM file descriptor to be changed upon guest reset like
in the case of confidential guests. This can be used to exercise the code
changes that are specific for confidential guests on non-confidential
guests as well (except changes that require hardware support for
confidential guests).
A new functional test has been added in the next patch that uses this new
parameter to test the VM file descriptor changes.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
Link: https://lore.kernel.org/r/20260225035000.385950-33-anisinha@redhat.com
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2026-02-27 14:48:04 +01:00
Ani Sinha
df8df3cb6b system/physmem: add helper to reattach existing memory after KVM VM fd change
After the guest KVM file descriptor has changed as a part of the process of
confidential guest reset mechanism, existing memory needs to be reattached to
the new file descriptor. This change adds a helper function ram_block_rebind()
for this purpose. The next patch will make use of this function.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
Link: https://lore.kernel.org/r/20260225035000.385950-5-anisinha@redhat.com
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2026-02-27 14:22:07 +01:00
Ani Sinha
4003e5e65f hw/accel: add a per-accelerator callback to change VM accelerator handle
When a confidential virtual machine is reset, a new guest context in the
accelerator must be generated post reset. Therefore, the old accelerator guest
file handle must be closed and a new one created. To this end, a per-accelerator
callback, "rebuild_guest" is introduced that would get called when a confidential
guest is reset. Subsequent patches will introduce specific implementation of
this callback for KVM accelerator.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
Link: https://lore.kernel.org/r/20260225035000.385950-4-anisinha@redhat.com
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2026-02-27 14:22:07 +01:00
Ani Sinha
2391125f13 accel/kvm: add confidential class member to indicate guest rebuild capability
As a part of the confidential guest reset process, the existing encrypted guest
state must be made mutable since it would be discarded after reset. A new
encrypted and locked guest state must be established after the reset. To this
end, a new boolean member per confidential guest support class
(eg, tdx or sev-snp) is added that will indicate whether its possible to
rebuild guest state:

bool can_rebuild_guest_state;

This is true if rebuilding guest state is possible, false otherwise.
A KVM based confidential guest reset is only possible when
the existing state is locked but its possible to rebuild guest state.
Otherwise, the guest is not resettable.

Signed-off-by: Ani Sinha <anisinha@redhat.com>
Link: https://lore.kernel.org/r/20260225035000.385950-3-anisinha@redhat.com
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2026-02-27 14:22:07 +01:00
Philippe Mathieu-Daudé
747b494f12 system: Reduce 'arch_init.h' scope
Better to restrict qemu_arch_available() scope so it is only
used by generic system/ code to parse command line options.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20260213175032.32121-6-philmd@linaro.org>
2026-02-26 00:02:14 +01:00
Philippe Mathieu-Daudé
1bfbe1fc5a system: Make qemu_arch_available() common code
Remove the need of per-target QEMU_ARCH. Define the
QEMU_ARCH_* constants based on SYS_EMU_TARGET_* ones,
themselves already exposed via target_arch(), allowing
to check the current target is included in @arch_bitmask.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20260213175032.32121-5-philmd@linaro.org>
2026-02-26 00:02:14 +01:00
Philippe Mathieu-Daudé
4b75d19e36 qemu: Document qemu_arch_available() method
qemu_arch_available() is used to check if a broadly available
feature should be exposed to a particular set of target
architectures.

Since its argument is a mask of bits, rename it as @arch_bitmask.

We have less than 32 target architectures so far, so restrict it
to the uint32_t type.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20260213175032.32121-2-philmd@linaro.org>
2026-02-26 00:02:14 +01:00
Marc-André Lureau
ba63a9643a util: add some extra stubs for qemu modules initialization
Avoid extra ifdef-ery when optionally supporting modules, as done in
audio-test (and vl.c).

Reviewed-by: Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2026-02-23 14:28:57 +01:00
Philippe Mathieu-Daudé
32a38529c4 system/globals: Build as common code
Now that all targets have the graphic dimension variables
initialized the same way, we can move them to the common
file unit, having them built once. Remove the now empty
globals-target.c file. The command line '-g WxH[xD]' option
is not changed and behaves the same.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20260216213121.47122-9-philmd@linaro.org>
2026-02-23 00:17:34 +01:00
Philippe Mathieu-Daudé
af2f0774cc hw/ppc: Set graphic display dimensions generically
If a dimension is not set, have the machine init code set
the default values.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20260216213121.47122-8-philmd@linaro.org>
2026-02-23 00:17:34 +01:00
Philippe Mathieu-Daudé
37ad735f6b hw/sparc: Set graphic display dimensions generically
If a dimension is not set, have the machine init code
set the default values.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-Id: <20260216213121.47122-7-philmd@linaro.org>
2026-02-23 00:17:34 +01:00
Philippe Mathieu-Daudé
7207a9c3a9 hw/m68k: Set graphic display dimensions generically
If a dimension is not set, have the machine init code
(q800_machine_init) set the default values.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-Id: <20260216213121.47122-6-philmd@linaro.org>
2026-02-23 00:17:34 +01:00
Peter Maydell
ece408818d Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging
* hw/i386: Remove deprecated PC 2.6 and 2.7 machines
* i386/cpu: Fix incorrect initializer in Diamond Rapids definition
* qom: Clean up property release
* target/i386/kvm: set KVM_PMU_CAP_DISABLE if "-pmu" is configured
* target/i386/kvm: reset AMD and perfmon-v2 PMU registers during VM reset
* mshv: Cleanup
* target/i386: convert SEV-ES termination requests to guest panic events

# -----BEGIN PGP SIGNATURE-----
#
# iQFIBAABCgAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmmO+kYUHHBib256aW5p
# QHJlZGhhdC5jb20ACgkQv/vSX3jHroPwIQf/XL4HXB7bYQH7LtTgsjmmxPpEqGuM
# 2QWvv1HurGf4pBCkBB7iFdzngSbJSzvtIM4D2KRuXVc99Ml8Do4kKGwDdtVfaM+I
# x+nsJfnSGA7tuNVQUUDEM1XWrnk3+O9oQxlk3elBWy8IBIjHFY1rv3FBdO9WkDpu
# AlaMITrX4R7u5gadCrxvAprbngNGlK220HZ+nxdxvf6mWkYMPqy1xtNzHIioG61V
# A94tdv/OZnUoQMd98c/yUvfST4/Gx6FeoEYfmyXGrnLM+Tc9es/xpN/mCYLdP3wA
# MDS170D2Z0zoZScLcpMfeqSn5cDYBMOSHBzqFpw2/FNVTO3td2qlSMLjzw==
# =AqB6
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri Feb 13 10:17:42 2026 GMT
# gpg:                using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg:                issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* tag 'for-upstream' of https://gitlab.com/bonzini/qemu: (41 commits)
  target/i386/mshv: remove unused optimization of gva=>gpa translation
  accel/mshv: Remove remap overlapping mappings code
  tests: add /qdev/free-properties test
  qdev: make release_tpm() idempotent
  qdev: make release_drive() idempotent
  qdev: make release_string() idempotent
  qdev: Free property array on release
  target/i386/kvm: support perfmon-v2 for reset
  target/i386/kvm: reset AMD PMU registers during VM reset
  target/i386/kvm: rename architectural PMU variables
  target/i386/kvm: extract unrelated code out of kvm_x86_build_cpuid()
  target/i386/kvm: set KVM_PMU_CAP_DISABLE if "-pmu" is configured
  i386/cpu: Fix incorrect initializer in Diamond Rapids definition
  hw/char/virtio-serial: Do not expose the 'emergency-write' property
  hw/virtio/virtio-pci: Remove VirtIOPCIProxy::ignore_backend_features field
  hw/i386/intel_iommu: Remove IntelIOMMUState::buggy_eim field
  hw/core/machine: Remove hw_compat_2_7[] array
  hw/audio/pcspk: Remove PCSpkState::migrate field
  target/i386/cpu: Remove CPUX86State::full_cpuid_auto_level field
  hw/i386/pc: Remove pc_compat_2_7[] array
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2026-02-13 10:30:08 +00:00
Richard Henderson
62822fc7e0 target/or1k: Rename from openrisc
This is the minimal change beginning with TARGET_ARCH in
configs/targets/or1k-* from openrisc to or1k, then adjust
TARGET_OR1K, QEMU_ARCH_OR1K, directory names,
and meson.build to match.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20260205030244.266447-2-richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
2026-02-09 20:51:52 +01:00
Paolo Bonzini
56d89db2cf target/i386: convert SEV-ES termination requests to guest panic events
This produces a good error message instead of:

KVM: unknown exit reason 24
EAX=00000000 EBX=00000000 ECX=00000000 EDX=00a00f11
ESI=00000000 EDI=00000000 EBP=00000000 ESP=00000000
EIP=0000b004 EFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 00000000 0000ffff 00009300
CS =f000 00800000 0000ffff 00009b00
SS =0000 00000000 0000ffff 00009300
DS =0000 00000000 0000ffff 00009300
FS =0000 00000000 0000ffff 00009300
GS =0000 00000000 0000ffff 00009300
LDT=0000 00000000 0000ffff 00008200
TR =0000 00000000 0000ffff 00008b00
GDT=     00000000 0000ffff
IDT=     00000000 0000ffff
CR0=60000010 CR2=00000000 CR3=00000000 CR4=00000000
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000000
Code=00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 <00> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Reported-by: Jin Liu <jinl@redhat.com>
Cc: Michael Roth <michael.roth@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2026-02-07 14:31:38 +01:00
Jim Shu
6e3ec10610 system/physmem: Remove the assertion of page-aligned section number
We don't need to OR the physical section number anymore since we now
directly have a pointer on the memory section.

Signed-off-by: Jim Shu <jim.shu@sifive.com>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Message-ID: <20260128152348.2095427-4-jim.shu@sifive.com>
[PMD: Reworded description per Pierrick's comment]
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
2026-02-02 22:11:49 +01:00
Jim Shu
854cd16e31 accel/tcg: Fix iotlb_to_section() for different AddressSpace
'CPUTLBEntryFull.xlat_section' stores section_index in last 12 bits to
find the correct section when CPU access the IO region over the IOTLB.
However, section_index is only unique inside single AddressSpace. If
address space translation is over IOMMUMemoryRegion, it could return
section from other AddressSpace. 'iotlb_to_section()' API only finds the
sections from CPU's AddressSpace so that it couldn't find section in
other AddressSpace. Thus, using 'iotlb_to_section()' API will find the
wrong section and QEMU will have wrong load/store access.

To fix this bug of iotlb_to_section(), store complete MemoryRegionSection
pointer in CPUTLBEntryFull to replace the section_index in xlat_section.
Rename 'xlat_section' to 'xlat' as we remove last 12 bits section_index
inside. Also, since we directly use section pointer in the
CPUTLBEntryFull (full->section), we can remove the unused functions:
iotlb_to_section(), memory_region_section_get_iotlb().

This bug occurs only when
(1) IOMMUMemoryRegion is in the path of CPU access.
(2) IOMMUMemoryRegion returns different target_as and the section is in
the IO region.

Common IOMMU devices don't have this issue since they are only in the
path of DMA access. Currently, the bug only occurs when ARM MPC device
(hw/misc/tz-mpc.c) returns 'blocked_io_as' to emulate blocked access
handling. Upcoming RISC-V wgChecker [1] and IOPMP [2] devices are also
affected by this bug.

[1] RISC-V WG:
https://patchew.org/QEMU/20251021155548.584543-1-jim.shu@sifive.com/
[2] RISC-V IOPMP:
https://patchew.org/QEMU/20250312093735.1517740-1-ethan84@andestech.com/

Signed-off-by: Jim Shu <jim.shu@sifive.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tested-by: Mark Burton <mburton@qti.qualcomm.com>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Message-ID: <20260128152348.2095427-3-jim.shu@sifive.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
2026-02-02 16:43:38 +01:00
BALATON Zoltan
5cb466d7ca memory: Add internal memory_region_set_ops helper function
This is a common operation used at multiple places, add a helper
function for it.

Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <25045c95c083e31c6773521ecfe41900738b7bb5.1770042013.git.balaton@eik.bme.hu>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
2026-02-02 16:43:38 +01:00
BALATON Zoltan
5cf3908f70 memory: Remove memory_region_init_rom_device_nomigrate()
This function is not used outside of memory_region_init_rom_device()
which is its only caller. Inline it there and remove it.

Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <e6f973ff3c243fe1780bf01c3e67c9e019b08fa9.1770042013.git.balaton@eik.bme.hu>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
2026-02-02 16:43:38 +01:00
Philippe Mathieu-Daudé
1280ec826e cpus: Allocate maximum number of ASes supported by the arch
Instead of computing the number of address spaces used for a given
architecture, machine, and CPU configuration, simplify the code by
always allocating the maximum number of CPUAddressSpaces supported
by the architecture.

Signed-off-by: Gustavo Romero <gustavo.romero@linaro.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20260116185814.108560-5-gustavo.romero@linaro.org>
2026-01-22 10:48:46 +01:00
Philippe Mathieu-Daudé
8b2f859063 system: Allow restricting the legacy DEVICE_NATIVE_ENDIAN definition
Guard the native endian definition we want to remove by surrounding
it with TARGET_NOT_USING_LEGACY_NATIVE_ENDIAN_API #ifdef'ry.
Assign values to the enumerators so they stay unchanged.

Once a target gets cleaned we'll set the definition in the target
config, then the target won't be able to use the legacy API anymore.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-21-philmd@linaro.org>
2026-01-22 10:48:45 +01:00
Philippe Mathieu-Daudé
5d267f5b85 system: Allow restricting legacy address_space_ldst() native-endian API
Guard the native endian APIs we want to remove by surrounding
them with TARGET_NOT_USING_LEGACY_NATIVE_ENDIAN_API #ifdef'ry.

Once a target gets cleaned we'll set the definition in the
target config, then the target won't be able to use the legacy
API anymore.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-16-philmd@linaro.org>
2026-01-22 10:48:45 +01:00
Philippe Mathieu-Daudé
d5461ff4eb system/memory: Directly call address_space_ldst[M]_internal() helper
Inline internal address_space_ld/st[L,D,Q] helpers,
directly calling address_space_ldst[M]_internal().

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-14-philmd@linaro.org>
2026-01-22 10:48:45 +01:00
Philippe Mathieu-Daudé
dd1b3aaa05 system/memory: Use ldm_p() and stm_p() helpers
address_space_{ld,st}m_internal() take a MemOp argument
so can directly use the {ld,st}m_p() helpers.

Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-13-philmd@linaro.org>
2026-01-22 10:48:45 +01:00
Philippe Mathieu-Daudé
c790e17de2 system/memory: Pass device_endian argument as MemOp bit
Use the MemOp argument to hold both the access size and
its endianness.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20251217143150.94463-14-philmd@linaro.org>
2026-01-22 10:48:45 +01:00
Philippe Mathieu-Daudé
9c2ed58b6d system/memory: Factor address_space_ldst[M]_internal() helper out
All the LD/ST[W,L,Q] variants use the same template, only
modifying the access size used. Unify as a single pair of
LD/ST methods taking a MemOp argument. Thus use the 'm'
suffix for MemOp.

Keep the pre-existing "warning: addr must be aligned" comment.

We leave the wonder about why we aren't asserting alignment
for later.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-11-philmd@linaro.org>
2026-01-22 10:48:45 +01:00
Philippe Mathieu-Daudé
99989213a2 system/memory: Define address_space_ldst[Q] endian variants via template
Define address_space_ldst[Q] endian variants via template.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-10-philmd@linaro.org>
2026-01-22 10:48:45 +01:00
Philippe Mathieu-Daudé
2cdca569bd system/memory: Define address_space_ldst[L] endian variants via template
Define address_space_ldst[L] endian variants via template.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-9-philmd@linaro.org>
2026-01-22 10:48:45 +01:00
Philippe Mathieu-Daudé
08bcb64bce system/memory: Define address_space_ldst[W] endian variants via template
Like we do for other LD/ST APIs, use one template to declare and
define all endianness variants of the address_space_ldst[W] methods.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-8-philmd@linaro.org>
2026-01-22 10:48:45 +01:00
Richard Henderson
71adccb6f7 include/qemu/atomic: Drop qatomic_{read,set}_[iu]64
Replace all uses with the normal qatomic_{read,set}.

Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2026-01-17 10:46:51 +11:00
Philippe Mathieu-Daudé
5a17a542ac system/ioport: Do not open-code address_space_ld/st_le() methods
When a variable size is known, prefer the address_space_ld/st()
API. Keep address_space_read/write() for blobs.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-23-philmd@linaro.org>
2026-01-12 23:47:56 +01:00
Philippe Mathieu-Daudé
35ddb78b65 system/ioport: Declare x86-specific I/O port in little-endian order
X86 in/out port (related to ISA bus) uses little endianness:
- enforce little endianness in x86 cpu_in/out() accessors,
- serialize QTest in/out port accesses as little-endian.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Fabiano Rosas <farosas@suse.de>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-22-philmd@linaro.org>
2026-01-12 23:47:56 +01:00
Philippe Mathieu-Daudé
d78e91a311 system/memory: Inline address_space_stq_internal()
As its name suggests, address_space_stq_internal() is an
internal method which can be inlined like all the other
ones in this file.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-7-philmd@linaro.org>
2026-01-12 23:47:56 +01:00
Philippe Mathieu-Daudé
00531d0567 system/memory: Split MemoryRegionCache API to 'memory_cached.h'
We have 115 direct inclusions of "system/memory.h", and 91 headers
in include/ use it: hundreds of files have to process it.
However only one single header really uses the MemoryRegionCache
API: "hw/virtio/virtio-access.h". Split it out to a new header,
avoiding processing unused inlined functions hundreds of times.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-6-philmd@linaro.org>
2026-01-12 23:47:56 +01:00
Philippe Mathieu-Daudé
f0d1d7f379 system/physmem: Convert DEBUG_SUBPAGE printf() to trace events
Defining DEBUG_SUBPAGE allows to use raw printf() statements to
print information about some events; convert these to tracepoints.

Suggested-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Manos Pitsidianakis <manos.pitsidianakis@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-5-philmd@linaro.org>
2026-01-12 23:47:56 +01:00
Philippe Mathieu-Daudé
31ec610992 system/physmem: Inline and remove leul_to_cpu()
leul_to_cpu() is only used within physmem.c: inline it
and remove.
Since @bitmap is of 'unsigned long' type, use its size
with ldn_le_p() instead of using HOST_LONG_BITS.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-4-philmd@linaro.org>
2026-01-12 23:47:56 +01:00
Richard Henderson
fa59d71d57 Merge tag 'pull-error-2026-01-07-v2' of https://repo.or.cz/qemu/armbru into staging
Error reporting patches for 2026-01-07

# -----BEGIN PGP SIGNATURE-----
#
# iQJGBAABCgAwFiEENUvIs9frKmtoZ05fOHC0AOuRhlMFAmlfU/wSHGFybWJydUBy
# ZWRoYXQuY29tAAoJEDhwtADrkYZToiUP/RW1I1wFyescGOpUxBjlXqbkgZvrdRbL
# BxtTcoCW0q/cc1Fv3CSYZMm+vvwWJyAysnYONDu6ldDl9ojKfGT/gi1Tgp/99/r4
# bgLbAvExRbbyPOkPBtoXCYeobmgaDP9pMHHlVcdFQrW9hmQiEl4QSWPImmNrKEk2
# gV9SZJ737k9n5dq4XLbqlHXKspn4lWiUE9hbHIUrKWZDn0LDdr5z2wkjhZCmuCR2
# mRSgJhc68Lnb1LdBdRo/5PlG6Hw3jvLat4+q+42teN/aI6zJbD9yKocgaGtubVv1
# h4ntJPMvDKD7DRZF06k8crpLMXJjZFztVr30XBE/e7wG+xY34+3tho3iCQN1vTFe
# RBJne0FaRPGSNYpF8Tj7lPIr0kduqk3/lOQ9HPobTroIPTrCcRXbdOeQ/Ed/Cjrk
# suh8t4OGmy0ThcsUsAajSjPDw2aFlitCS4pWNaSctTvR7V+2trol+WS2QO4My0MX
# 4Z3BnOHBnhE/xo+22T4FW3NvNcFKsQ5Tlq6mjjAgFJ/guaJ2TbMFe/Pm9TtzcPHj
# 7mhBBvKStNWFrQz66z7+hxJhOuOEmON8i4coADDPTUWmcICCyjtJW5m5f+PoYYHr
# LpFwIFHWuKtSAwWQKReOAmA2p0gx1FNZX9eGCl/4IQ54/tLP2zJ07t6LwAl6fn6t
# mKXChdbC9L7p
# =CY68
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 08 Jan 2026 05:51:40 PM AEDT
# gpg:                using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653
# gpg:                issuer "armbru@redhat.com"
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [unknown]
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>" [unknown]
# gpg: WARNING: The key's User ID is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* tag 'pull-error-2026-01-07-v2' of https://repo.or.cz/qemu/armbru:
  block/file-win32: Improve an error message
  qga/commands-win32: Use error_setg_win32() for better error messages
  error: Use error_setg_errno() for simplicity and consistency
  error: Use error_setg_errno() to improve error messages
  net/slirp: Improve file open error message
  error: Use error_setg_file_open() for simplicity and consistency
  blkdebug: Use error_setg_file_open() for a better error message
  net/tap: Use error_setg_file_open() for a better error message
  qga: Use error_setg_file_open() for better error messages
  tap-solaris: Use error_setg_file_open() for better error messages
  ui: Convert to qemu_create() for simplicity and consistency
  error: Strip trailing '\n' from error string arguments (again)
  error: Consistently name Error * objects err, and not errp
  error: error_free(NULL) is safe, drop unnecessary conditionals
  nbd/client-connection: Replace error_propagate() by assignment
  hw/nvram/xlnx-bbram: More idiomatic and simpler error reporting
  hw/core/loader: Make load_elf_hdr() return bool, simplify caller

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2026-01-08 21:17:46 +11:00
Markus Armbruster
0223e79287 error: Use error_setg_errno() for simplicity and consistency
Use error_setg_errno() instead of passing the value of strerror() or
g_strerror() to error_setg().

The separator between the error message proper and the value of
strerror() changes from " : ", "", " - ", "- " to ": " in places.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20251121121438.1249498-14-armbru@redhat.com>
Acked-by: Jagannathan Raman <jag.raman@oracle.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
2026-01-08 07:50:32 +01:00
Markus Armbruster
d10176ddf7 qdev: Fix "info qtree" to show links
qdev_print_props() retrieves a property's value from its legacy
property if it exists.  A legacy property is created by
qdev_class_add_legacy_property() when the property has a print()
method or does not have a get() method.

If it has a print() method, the legacy property's value is obtained
from the property's print() method.  This is used to format PCI
addresses nicely, i.e. like 01.3 instead of 11.

Else, if doesn't have a get() method, the legacy property is
unreadable.  "info qtree" silently skips unreadable properties.

Link properties don't have a get() method, and are therefore skipped.
This is wrong, because the underlying QOM property *is* readable.

Change qdev_print_props() to simply use a print() method directly if
it exists, else get the value via QOM.

"info qtree" now shows links fine.  For instance, machine "pc" onboard
device "PIIX4_PM" property "bus" is now visible.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20251022101420.36059-3-armbru@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2026-01-07 14:30:36 +01:00
Philippe Mathieu-Daudé
f717405be6 system/memory: Remove address_space_stl_notdirty and stl_phys_notdirty
stl_phys_notdirty() was added in commit 8df1cd076c ("physical memory
access functions") as a (premature?) optimisation for the CODE path.
Meanwhile 20 years passed, we might never have understood / used it
properly; the code evolved and now the recommended way to access the
CODE path is via the cpu_ld/st_mmu*() API.

Remove both address_space_stl_notdirty() and stl_phys_notdirty()
leftovers.

Suggested-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20251224151351.86733-5-philmd@linaro.org>
2025-12-30 20:38:41 +01:00
Osama Abdelkader
70c0198ef3 hw/core: remove duplicate include
qemu/target-info.h is included twice.

Signed-off-by: Osama Abdelkader <osama.abdelkader@gmail.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20251126210832.34011-1-osama.abdelkader@gmail.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
2025-12-30 20:38:40 +01:00
Richard Henderson
942b0d378a Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging
* cleanup include/hw headers
* cleanup memory headers
* rust: preludes
* rust: support for dtrace
* rust/hpet: first part of reorganization
* meson: small cleanups
* target/i386: Diamond Rapids CPU model including CET, APX, AVX10.2

# -----BEGIN PGP SIGNATURE-----
#
# iQFIBAABCgAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmlPov8UHHBib256aW5p
# QHJlZGhhdC5jb20ACgkQv/vSX3jHroPN1wf9HCceQ1273g7HbNeamay2bSaqypyM
# sEUBk4ipwO0dp7AYaaX5MeJ8NxeYcK82oFgm35WLY1tMOv0BZG5ez02dLoh5C4fb
# Bmy3kV1aY9cxF0IwTyD4dIADlZoaMnGgMElUKFY2/EixjxOUMLe90b1MO2KczqFa
# jvC4gmjx5PC1r+BHycSEdKm2Rbunueb/5eSkKeyTX7rjxQ/Eij0uGjrWrZkMWtgs
# ERJ2xo+D6a38w/uJ88KuqUV1BqYxNNwKmvOwVBU2xFB9o9bm20TNOJZ3+D+Ki8Aj
# idv+rU0XY1bWseo4USuozsqxfkjLJ5lj2YYUkSVO/I1wJmuO7Bq6xzrCxg==
# =/nIt
# -----END PGP SIGNATURE-----
# gpg: Signature made Sat 27 Dec 2025 08:12:31 PM AEDT
# gpg:                using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg:                issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [unknown]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [unknown]
# gpg: WARNING: The key's User ID is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* tag 'for-upstream' of https://gitlab.com/bonzini/qemu: (152 commits)
  block: rename block/aio-wait.h to qemu/aio-wait.h
  block: rename block/aio.h to qemu/aio.h
  block: reduce files included by block/aio.h
  block: extract include/qemu/aiocb.h out of include/block/aio.h
  hw: add missing includes hidden by block/aio.h
  qmp: Fix thread race
  thread-pool: Fix thread race
  dosc/cpu-models-x86: Add documentation for DiamondRapids
  i386/cpu: Add CPU model for Diamond Rapids
  i386/cpu: Define dependency for VMX_VM_ENTRY_LOAD_IA32_FRED
  i386/cpu: Add an option in X86CPUDefinition to control CPUID 0x1f
  i386/cpu: Allow cache to be shared at thread level
  i386/cpu: Allow unsupported avx10_version with x-force-features
  i386/cpu: Add a helper to get host avx10 version
  i386/cpu: Support AVX10.2 with AVX10 feature models
  i386/cpu: Add support for AVX10_VNNI_INT in CPUID enumeration
  i386/cpu: Add CPUID.0x1E.0x1 subleaf for AMX instructions
  i386/cpu: Add support for MOVRS in CPUID enumeration
  run: introduce a script for running devel commands
  gitlab-ci: enable rust for msys2-64bit
  ...

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2025-12-29 09:10:40 +11:00
Paolo Bonzini
7f548b8f23 include: reorganize memory API headers
Move RAMBlock functions out of ram_addr.h and cpu-common.h;
move memory API headers out of include/exec and into include/system.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2025-12-27 10:11:09 +01:00
Paolo Bonzini
048a23851c include: move hw/hw.h to hw/core/, rename
Call it include/hw/core/hw-error.h since that is the only
thing it contains.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2025-12-27 10:11:09 +01:00
Paolo Bonzini
c755f3b959 include: move hw/sysbus.h to hw/core/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2025-12-27 10:11:08 +01:00
Paolo Bonzini
4b64d23a7e include: move hw/resettable.h to hw/core/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2025-12-27 10:11:08 +01:00
Paolo Bonzini
78d45220b4 include: move hw/qdev-properties.h to hw/core/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2025-12-27 10:11:07 +01:00
Paolo Bonzini
d1000ecae2 include: move hw/qdev-core.h to hw/core/, rename
Call it hw/core/qdev.h to avoid the duplication in the name.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2025-12-27 10:11:07 +01:00