Skip to content
Snippets Groups Projects
Select Git revision
  • riscv-cbqri-rfc-v2
  • riscv-cbqri-rfc
  • staging
  • master default protected
  • stable-7.2
  • stable-6.1
  • stable-6.0
  • stable-6.0-staging
  • stable-5.0
  • stable-4.2
  • stable-4.1
  • stable-4.0
  • stable-3.1
  • stable-3.0
  • stable-2.12
  • stable-2.11
  • stable-2.10
  • stable-2.9
  • stable-2.8
  • stable-2.7
  • v8.0.0-rc3
  • v7.2.1
  • v8.0.0-rc2
  • v8.0.0-rc1
  • v8.0.0-rc0
  • v7.2.0
  • v7.2.0-rc4
  • v7.2.0-rc3
  • v7.2.0-rc2
  • v7.2.0-rc1
  • v7.2.0-rc0
  • v7.1.0
  • v7.1.0-rc4
  • v7.1.0-rc3
  • v7.1.0-rc2
  • v7.1.0-rc1
  • v7.1.0-rc0
  • v7.0.0
  • v7.0.0-rc4
  • v7.0.0-rc3
40 results
Search by author
  • Any Author
  • Adrien Ricciardi Adrien Ricciardi RICCIARDI-Adrien-BayLibre
  • Alexandre Bailon Alexandre Bailon abailon
  • Andrew Stubbs Andrew Stubbs ams
  • Anne Françoise Gros Anne Françoise Gros afgros
  • BayLibreCI BayLibreCI baylibreCI
  • Bernhard Rosenkränzer Bernhard Rosenkränzer bero
  • Carlo Caione Carlo Caione carlo.caione
  • Christophe Baylibre Christophe Baylibre BLChristopheCBO
  • Drew Fustini Drew Fustini dfustini
  • Guillaume LA ROQUE Guillaume LA ROQUE glaroque
  • Guillaume Pain Guillaume Pain gpain
  • Guillaume Ranquet Guillaume Ranquet granquet
  • Jeremy Robinson Jeremy Robinson jrobinson
  • Jerome Brunet Jerome Brunet jbrunet
  • Julien Masson Julien Masson JulienMasson
  • Julien Morin Julien Morin jmorin2
  • Julien Stephan Julien Stephan jstephan
  • Jérémie Garcia Jérémie Garcia jgarcia
  • Kevin Hilman Kevin Hilman khilman
  • Markus Schneider-Pargmann Markus Schneider-Pargmann msp8
20 authors
  1. Apr 10, 2023
    • Richard Henderson's avatar
      tcg/ppc: Fix TCG_TARGET_CALL_{ARG,RET}_I128 for ppc32 · 20861f34
      Richard Henderson authored 
      
For both _CALL_SYSV and _CALL_DARWIN, return is by reference,
not in 4 integer registers.  For _CALL_SYSV, argument is also
by reference.

This error resulted in

    $ ./qemu-system-i386 -nographic
    qemu-system-i386: tcg/ppc/tcg-target.c.inc:185: \
        tcg_target_call_oarg_reg: Assertion `slot >= 0 && slot <= 1' failed.

Fixes: 5427a9a7 ("tcg: Add TCG_TARGET_CALL_{RET,ARG}_I128")
Tested-by: default avatarMark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: default avatarRichard Henderson <richard.henderson@linaro.org>
      20861f34
    • Richard Henderson's avatar
      tcg/mips: Fix TCG_TARGET_CALL_RET_I128 for o32 abi · 25acc3f2
      Richard Henderson authored 
      
The return is by reference, not in 4 integer registers.

This error resulted in

  qemu-system-i386: tcg/mips/tcg-target.c.inc:140: \
    tcg_target_call_oarg_reg: Assertion `slot >= 0 && slot <= 1' failed.

Fixes: 5427a9a7 ("tcg: Add TCG_TARGET_CALL_{RET,ARG}_I128")
Signed-off-by: default avatarRichard Henderson <richard.henderson@linaro.org>
      25acc3f2
    • Richard Henderson's avatar
      tcg/i386: Adjust assert in tcg_out_addi_ptr · 7d9e1ee4
      Richard Henderson authored 
      We can arrive here on _WIN64 because Int128 is passed by reference.
Change the assert to check that the immediate is in range,
instead of attempting to check the host ABI.

Fixes: 6a6d772e ("tcg: Introduce tcg_out_addi_ptr")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1581


Signed-off-by: default avatarRichard Henderson <richard.henderson@linaro.org>
      7d9e1ee4
    • Peter Maydell's avatar
      Merge tag 'pull-ppc-20230409' of https://github.com/legoater/qemu into staging · 08dede07
      Peter Maydell authored 
      ppc queue:

* Fix regresion with prefix instructions and pcrel addressing

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEoPZlSPBIlev+awtgUaNDx8/77KEFAmQy9H8ACgkQUaNDx8/7
# 7KGjBg/9EUOcf3QzS9v7GCgBjvHZ0II4bIB4qboNiBhmtLIpDoBC2el7gwSZV82a
# qKrl+UMTAIs6DJQNR5Gcj69OUbAjGyaBNuC3I9lI8vzWn3aDJRTpL5WttyfnpLsO
# bVR8Q+dDzIcZA/ymDw7AQfPvyCm6yrVXOUCCZNBpGjp98240SuDoJ7p6FpKFc8fT
# 5amMllLksgJDk4cLv6xM1zQRXuCyYf9D1CS0CHAgxs+zvg9EnQcVBzIMZ9LfGAPU
# JxU9Kj/clMyZx0ADtH9PkdgvHoMWRXlTuMQmfv4dzWZfy1as9Ks3Pfzt3Z4hx7t7
# TqIiFGuJdI/fDHcKltwnLwdZ8GJwo+tXFP97VNFWtmNN1PWos9dwxrU04r0+ZxA/
# 33NTDyOMidp9bnMlcld/pyCPfo5Psht1xlHSaikxcYHt0z1Yc/TR6/u+aiz9AGnf
# FVxy1AlkY0rtKtmCozkcFtQe8yCogIfYnXe0ng3j3k45QXk03VmtiO4WLw8l0qwR
# oB5FAAaokCoINwYIfLofR7jg7ciaISI+r4KkgOtOC7eN6O42magCkSPa5FxU9+WA
# sZIq0iBpRxenv0+tDrXpV16Uy0H2N3oGOdUpUbO6wiHxhO9rj71preSr0eLhipZJ
# c3jcf4p+MyXD1RI/62TuSIYWG5RwfA8XCyA/bd1bk2cBQ8GA+S0=
# =BKGb
# -----END PGP SIGNATURE-----
# gpg: Signature made Sun 09 Apr 2023 18:23:11 BST
# gpg:                using RSA key A0F66548F04895EBFE6B0B6051A343C7CFFBECA1
# gpg: Good signature from "Cédric Le Goater <clg@kaod.org>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: A0F6 6548 F048 95EB FE6B  0B60 51A3 43C7 CFFB ECA1

* tag 'pull-ppc-20230409' of https://github.com/legoater/qemu

:
  target/ppc: Fix temp usage in gen_op_arith_modw

Signed-off-by: default avatarPeter Maydell <peter.maydell@linaro.org>
      08dede07
    • Peter Maydell's avatar
      Merge tag 'pull_error_handle_fix_use_after_free.v1' of... · 64f1c63d
      Peter Maydell authored 
      Merge tag 'pull_error_handle_fix_use_after_free.v1' of https://github.com/stefanberger/qemu-tpm into staging

Fix use-after-free in util/error.c

# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCAAdFiEEuBi5yt+QicLVzsZrda1lgCoLQhEFAmQu9xYACgkQda1lgCoL
# QhFX2ggAnZZF2KgvVSRh67X+3VdVsg+ifFc/k7kMq74UhTr4lXojPCcgSPu8PaRZ
# Mv0I+xNv9pjEU7frwi6vc9DXyhWrVTLgW4TugVBgsB75CnjvFN3lw3T9goCc1h4m
# eO7c6SMdUpyQG7ar1mqt2m0bjVz85OAsNYBiAjxfyrKzX6B/mHyru5re/8VC3Hho
# IJWGlS51IxrVq44qjB8Lh3voXiEru7dX/y86fWqAiy61pON6+A43rBDIb9JOVv8q
# QiHqXVjs9/ax9ZNRudlgJ7bAlUFp6vD9xBm6ztlABI9MCYZeibU6jPMLCBYnGiJq
# f//Sqqd4WsqnhOJOLYeMNfFMElIXEw==
# =uu4l
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 06 Apr 2023 17:45:10 BST
# gpg:                using RSA key B818B9CADF9089C2D5CEC66B75AD65802A0B4211
# gpg: Good signature from "Stefan Berger <stefanb@linux.vnet.ibm.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: B818 B9CA DF90 89C2 D5CE  C66B 75AD 6580 2A0B 4211

* tag 'pull_error_handle_fix_use_after_free.v1' of https://github.com/stefanberger/qemu-tpm

:
  util/error: Fix use-after-free errors reported by Coverity

Signed-off-by: default avatarPeter Maydell <peter.maydell@linaro.org>
      64f1c63d
  3. Apr 09, 2023
  5. Apr 06, 2023
  7. Apr 05, 2023
  9. Apr 04, 2023
  11. Apr 03, 2023
    • Peter Maydell's avatar
      Merge tag 'pull-target-arm-20230403' of... · 51a6dc9d
      Peter Maydell authored 
      Merge tag 'pull-target-arm-20230403' of https://git.linaro.org/people/pmaydell/qemu-arm into staging

 * target/arm: Fix non-TCG build failure by inlining pauth_ptr_mask()
 * hw/arm: do not free machine->fdt in arm_load_dtb()
 * target/arm: Fix generated code for cpreg reads when HSTR is active
 * hw/ssi: Fix Linux driver init issue with xilinx_spi

# -----BEGIN PGP SIGNATURE-----
#
# iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmQq+CwZHHBldGVyLm1h
# eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3ux4EACRzqDTA3bbmuEDC4HKFEwv
# p4IrhG20iZWOQaieu7B+nrhXYakkcLxtGqG0cLFbb073B16SWRAxwli1sH+5mBNW
# l7GEF8WUelSPLZUlPmfl4YGH2ak5+kXI/G92+X7uE76Bv6wOJYZC5S1iNZN67fcd
# fQEfb9IcSmytCvsQLfLCvYzgpJKTuuikzkoCnT9O43qpPmUsBhSsBzyYPu0ZqsjV
# OgFMGNUc80rHc1kcLoLMMJBzI5S+iurnDKD+aNkMzCjtKPGkuIljbE6fPANXFxLb
# KbpVYjVIpPBAC33ZGO8NTkzqBuO7VNY0xWstfmepAsOdrorTLAOVMnC2NPsSZzOz
# kLd2wTT+64eMxt+flZETuU6HF8f6K94GRWPw8dC7Aj3XUvbSso+in863XD2OIKAr
# MCEm2Xi8ogb14uNx9Z4pUFIU6gKNUx8OGnWPLBngF4Kix4yP56nkbRAlg2ZII5bH
# HBny6+llC1NB94MjfSorTnNkk6J8Kd4Zhw8C9+dNbaDxCUBz3oCFwLoq6Cgx97F6
# 4J4An4PGF4evrJWBo9+9qOKtKapXlEmCSYs7oVavabxCCLI92PVoz96QH+6OK7+c
# h0PiqlfjPPSCnUcxsA9mr8zbp+P/ZxJbh0YI9ExP+zI03wE8gr4NMf7HYZQh0OLU
# Q+HARsmaAG3FONWbnHE97A==
# =oIZg
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 03 Apr 2023 17:00:44 BST
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate]
# gpg:                 aka "Peter Maydell <peter@archaic.org.uk>" [ultimate]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* tag 'pull-target-arm-20230403' of https://git.linaro.org/people/pmaydell/qemu-arm

:
  hw/ssi: Fix Linux driver init issue with xilinx_spi
  target/arm: Fix generated code for cpreg reads when HSTR is active
  hw/arm: do not free machine->fdt in arm_load_dtb()
  target/arm: Fix non-TCG build failure by inlining pauth_ptr_mask()

Signed-off-by: default avatarPeter Maydell <peter.maydell@linaro.org>
      51a6dc9d
    • Chris Rauer's avatar
      hw/ssi: Fix Linux driver init issue with xilinx_spi · a0eaa126
      Chris Rauer authored 
      The problem is that the Linux driver expects the master transaction inhibit
bit(R_SPICR_MTI) to be set during driver initialization so that it can
detect the fifo size but QEMU defaults it to zero out of reset.  The
datasheet indicates this bit is active on reset.

See page 25, SPI Control Register section:
https://www.xilinx.com/content/dam/xilinx/support/documents/ip_documentation/axi_quad_spi/v3_2/pg153-axi-quad-spi.pdf



Signed-off-by: default avatarChris Rauer <crauer@google.com>
Message-id: 20230323182811.2641044-1-crauer@google.com
Reviewed-by: default avatarEdgar E. Iglesias <edgar@zeroasic.com>
Signed-off-by: default avatarPeter Maydell <peter.maydell@linaro.org>
      a0eaa126
    • Peter Maydell's avatar
      target/arm: Fix generated code for cpreg reads when HSTR is active · 782781e8
      Peter Maydell authored 
      In commit 049edada we added some code to handle HSTR_EL2 traps, which
we did as an inline "conditionally branch over a
gen_exception_insn()".  Unfortunately this fails to take account of
the fact that gen_exception_insn() will set s->base.is_jmp to
DISAS_NORETURN.  That means that at the end of the TB we won't
generate the necessary code to handle the "branched over the trap and
continued normal execution" codepath.  The result is that the TCG
main loop thinks that we stopped execution of the TB due to a
situation that only happens when icount is enabled, and hits an
assertion. Explicitly set is_jmp back to DISAS_NEXT so we generate
the correct code for when execution continues past this insn.

Note that this only happens for cpreg reads; writes will call
gen_lookup_tb() which generates a valid end-of-TB.

Fixes: 049edada ("target/arm: Make HSTR_EL2 traps take priority over UNDEF-at-EL1")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1551


Signed-off-by: default avatarPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: default avatarRichard Henderson <richard.henderson@linaro.org>
Message-id: 20230330101900.2320380-1-peter.maydell@linaro.org
      782781e8
    • Markus Armbruster's avatar
      hw/arm: do not free machine->fdt in arm_load_dtb() · 12148d44
      Markus Armbruster authored 
      
At this moment, arm_load_dtb() can free machine->fdt when
binfo->dtb_filename is NULL. If there's no 'dtb_filename', 'fdt' will be
retrieved by binfo->get_dtb(). If get_dtb() returns machine->fdt, as is
the case of machvirt_dtb() from hw/arm/virt.c, fdt now has a pointer to
machine->fdt. And, in that case, the existing g_free(fdt) at the end of
arm_load_dtb() will make machine->fdt point to an invalid memory region.

Since monitor command 'dumpdtb' was introduced a couple of releases
ago, running it with any ARM machine that uses arm_load_dtb() will
crash QEMU.

Let's enable all arm_load_dtb() callers to use dumpdtb properly. Instead
of freeing 'fdt', assign it back to ms->fdt.

Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: qemu-arm@nongnu.org
Fixes: bf353ad5 ("qmp/hmp, device_tree.c: introduce dumpdtb")
Reported-by: default avatarMarkus Armbruster <armbru@redhat.com>
Signed-off-by: default avatarDaniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: default avatarMarkus Armbruster <armbru@redhat.com>
Reviewed-by: default avatarDaniel Henrique Barboza <danielhb413@gmail.com>
Message-id: 20230328165935.1512846-1-armbru@redhat.com
Signed-off-by: default avatarPeter Maydell <peter.maydell@linaro.org>
      12148d44
    • Philippe Mathieu-Daudé's avatar
      target/arm: Fix non-TCG build failure by inlining pauth_ptr_mask() · b15bdc96
      Philippe Mathieu-Daudé authored 
      
aarch64_gdb_get_pauth_reg() -- although disabled since commit
5787d17a ("target/arm: Don't advertise aarch64-pauth.xml to
gdb") is still compiled in. It calls pauth_ptr_mask() which is
located in target/arm/tcg/pauth_helper.c, a TCG specific helper.

To avoid a linking error when TCG is not enabled:

  Undefined symbols for architecture arm64:
    "_pauth_ptr_mask", referenced from:
        _aarch64_gdb_get_pauth_reg in target_arm_gdbstub64.c.o
  ld: symbol(s) not found for architecture arm64
  clang: error: linker command failed with exit code 1 (use -v to see invocation)

- Inline pauth_ptr_mask() in aarch64_gdb_get_pauth_reg()
  (this is the single user),
- Rename pauth_ptr_mask_internal() as pauth_ptr_mask() and
  inline it in "internals.h",

Fixes: e995d5cc ("target/arm: Implement gdbstub pauth extension")
Suggested-by: default avatarRichard Henderson <richard.henderson@linaro.org>
Reviewed-by: default avatarFabiano Rosas <farosas@suse.de>
Reviewed-by: default avatarRichard Henderson <richard.henderson@linaro.org>
Signed-off-by: default avatarPhilippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230328212516.29592-1-philmd@linaro.org
[PMM: reinstated doc comment]
Signed-off-by: default avatarPeter Maydell <peter.maydell@linaro.org>
      b15bdc96
  13. Mar 30, 2023
    • Peter Maydell's avatar
      Merge tag 'misc-fixes-20230330' of https://github.com/philmd/qemu into staging · efcd0ec1
      Peter Maydell authored 
      - linux-user:
  . Don't use 16-bit UIDs with SPARC V9
  . Pick MIPS3 CPU by default to run NaN2008 ELF binaries

- HW:
  . Fix invalid GT64120 north bridge endianness register swap
  . Prevent NULL pointer dereference by SMBus devices

- Buildsys:
  . Fix compiling with liblzfse on Darwin

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAmQli+8ACgkQ4+MsLN6t
# wN5GJw/8CqzhxQgp11u2ArQlz/zsXJd4d6goIAIefJK1H80FXhqblz3ZBICci0Mu
# vA9CCayQ72r2NYR71QNvK6WWAJRnWbwFYH5arbvFRlCtDKV/n/DSSqsytY0Pd9eZ
# YlGJQ8tjO2PNa+K6J1ElUDRDk+xPnWlocewrb/Kxjhe6zk2RXQ9AZiGDj3+4vXlj
# rbPe5LpWS9zyl3TwF11wJSZOx2yX+D8JgR2klAgniZsk4NFJq1sluIFutFuU3JgQ
# N5m8bR3yfe8ImKYXyu3mKSsAuoyLmM2RKrFzWLjOmgYn2JL4Glj0QWWznNWolNSQ
# jJBHszcEUtwrr3ls5SiLf+I+fXbxyicqREQsvrzyy7UbaJTv0y8S+Ofg2dcqGCTD
# qN89MZDHbxko+J7RnNUtNfb5glrqAvtwhx6B3T+qnyJQ/ExtGqy69tKBCAYKbCWV
# YnMBVg6oP2TgcX34mC9z6iR38W2GBPfCyYXNSD2FgRRD1Gy8jCkR/RQOwaF2YNY3
# q5AInqW1I0LuLhrPOg1tRUu9PeGlEqcHs4OmqKSgTgE9JchgWCJrCtgxdgaAXkMK
# LKZbpnyNni70H5hkIGXIxnw0mUUFIdWJQNMHZeTxfh99x7kuDfxhnaxS2oCgJhdi
# k7RhVQybBFrcwL/cxaywKRDc5oj4aS46qYm08nP8JQIIjIbszRA=
# =SOYX
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 30 Mar 2023 14:17:35 BST
# gpg:                using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [full]
# Primary key fingerprint: FAAB E75E 1291 7221 DCFD  6BB2 E3E3 2C2C DEAD C0DE

* tag 'misc-fixes-20230330' of https://github.com/philmd/qemu

:
  block/dmg: Ignore C99 prototype declaration mismatch from <lzfse.h>
  hw/i2c: pmbus: block uninitialised string reads
  tests/avocado: Enable TuxRun/mips64 (big-endian) test
  hw/mips/gt64xxx_pci: Don't endian-swap GT_PCI0_CFGADDR
  linux-user/mips: Use P5600 as default CPU to run NaN2008 ELF binaries
  linux-user/sparc: Don't use 16-bit UIDs on SPARC V9

Signed-off-by: default avatarPeter Maydell <peter.maydell@linaro.org>
      efcd0ec1
    • Philippe Mathieu-Daudé's avatar
      block/dmg: Ignore C99 prototype declaration mismatch from <lzfse.h> · aad3eb1f
      Philippe Mathieu-Daudé authored 
      When liblzfe (Apple LZFSE compression library) is present
(for example installed via 'brew') on Darwin, QEMU build
fails as:

  Has header "lzfse.h" : YES
  Library lzfse found: YES

    Dependencies
      lzo support                  : NO
      snappy support               : NO
      bzip2 support                : YES
      lzfse support                : YES
      zstd support                 : YES 1.5.2

    User defined options
      dmg                          : enabled
      lzfse                        : enabled

  [221/903] Compiling C object libblock.fa.p/block_dmg-lzfse.c.o
  FAILED: libblock.fa.p/block_dmg-lzfse.c.o
  /opt/homebrew/Cellar/lzfse/1.0/include/lzfse.h:56:43: error: this function declaration is not a prototype [-Werror,-Wstrict-prototypes]
  LZFSE_API size_t lzfse_encode_scratch_size();
                                            ^
                                             void
  /opt/homebrew/Cellar/lzfse/1.0/include/lzfse.h:94:43: error: this function declaration is not a prototype [-Werror,-Wstrict-prototypes]
  LZFSE_API size_t lzfse_decode_scratch_size();
                                            ^
                                             void
  2 errors generated.
  ninja: build stopped: subcommand failed.

This issue has been reported in the lzfse project in 2016:
https://github.com/lzfse/lzfse/issues/3#issuecomment-226574719



Since the project seems unmaintained, simply ignore the
strict-prototypes warning check for the <lzfse.h> header,
similarly to how we deal with the GtkItemFactoryCallback
prototype from <gtk/gtkitemfactory.h>, indirectly included
by <gtk/gtk.h>.

Cc: Julio Faracco <jcfaracco@gmail.com>
Signed-off-by: default avatarPhilippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: default avatarStefan Weil <sw@weilnetz.de>
Message-Id: <20230327151349.97572-1-philmd@linaro.org>
      aad3eb1f