Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: 3ac6daa9e1c5d7dae2a3cd1c6a388174b462f3e8
https://github.com/qemu/qemu/commit/3ac6daa9e1c5d7dae2a3cd1c6a388174b462f3e8
Author: Daniel P. Berrangé <[email protected]>
Date: 2025-07-16 (Wed, 16 Jul 2025)
Changed paths:
M ui/vnc.c
Log Message:
-----------
ui: fix setting client_endian field defaults
When a VNC client sends a "set pixel format" message, the
'client_endian' field will get initialized, however, it is
valid to omit this message if the client wants to use the
server's native pixel format. In the latter scenario nothing
is initializing the 'client_endian' field, so it remains set
to 0, matching neither G_LITTLE_ENDIAN nor G_BIG_ENDIAN. This
then results in pixel format conversion routines taking the
wrong code paths.
This problem existed before the 'client_be' flag was changed
into the 'client_endian' value, but the lack of initialization
meant it semantically defaulted to little endian, so only big
endian systems would potentially be exposed to incorrect pixel
translation.
The 'virt-viewer' / 'remote-viewer' apps always send a "set
pixel format" message so aren't exposed to any problems, but
the classical 'vncviewer' app will show the problem easily.
Fixes: 7ed96710e82c385c6cfc3d064eec7dde20f0f3fd
Reported-by: Thomas Huth <[email protected]>
Reviewed-by: Philippe Mathieu-Daudé <[email protected]>
Reviewed-by: Marc-André Lureau <[email protected]>
Signed-off-by: Daniel P. Berrangé <[email protected]>
Commit: 8fc3d63d685751734fb9c8c0284dc44a36a8e053
https://github.com/qemu/qemu/commit/8fc3d63d685751734fb9c8c0284dc44a36a8e053
Author: Daniel P. Berrangé <[email protected]>
Date: 2025-07-16 (Wed, 16 Jul 2025)
Changed paths:
M ui/trace-events
M ui/vnc.c
Log Message:
-----------
ui: add trace events for all client messages
This lets us see the full flow of RFB messages received from the
client.
Reviewed-by: Philippe Mathieu-Daudé <[email protected]>
Reviewed-by: Marc-André Lureau <[email protected]>
Signed-off-by: Daniel P. Berrangé <[email protected]>
Commit: 2183ab62512c6253293e83cce3970b0b42e65630
https://github.com/qemu/qemu/commit/2183ab62512c6253293e83cce3970b0b42e65630
Author: Peter Maydell <[email protected]>
Date: 2025-07-16 (Wed, 16 Jul 2025)
Changed paths:
M crypto/x509-utils.c
Log Message:
-----------
crypto/x509-utils: Check for error from gnutls_x509_crt_init()
Coverity notes that in qcrypto_get_x509_cert_fingerprint() we
call gnutls_x509_crt_init() but don't check for an error return.
Add the missing check.
Coverity: CID 1593155
Fixes: 10a1d34fc0d ("crypto: Introduce x509 utils")
Signed-off-by: Peter Maydell <[email protected]>
Reviewed-by: Daniel P. Berrangé <[email protected]>
Signed-off-by: Daniel P. Berrangé <[email protected]>
Commit: 350785d41d8bb0b799dd16ea04a7232dc8d6093a
https://github.com/qemu/qemu/commit/350785d41d8bb0b799dd16ea04a7232dc8d6093a
Author: Shaoqin Huang <[email protected]>
Date: 2025-07-17 (Thu, 17 Jul 2025)
Changed paths:
M hw/display/ramfb-standalone.c
M hw/display/ramfb-stubs.c
M hw/display/ramfb.c
M hw/vfio/display.c
M hw/vfio/pci.c
M hw/vfio/pci.h
M include/hw/display/ramfb.h
Log Message:
-----------
ramfb: Add property to control if load the romfile
Currently the ramfb device loads the vgabios-ramfb.bin unconditionally,
but only the x86 need the vgabios-ramfb.bin, this can cause that when
use the release package on arm64 it can't find the vgabios-ramfb.bin.
Because only seabios will use the vgabios-ramfb.bin, load the rom logic
is x86-specific. For other !x86 platforms, the edk2 ships an EFI driver
for ramfb, so they don't need to load the romfile.
So add a new property use-legacy-x86-rom in both ramfb and vfio_pci
device, because the vfio display also use the ramfb_setup() to load
the vgabios-ramfb.bin file.
After have this property, the machine type can set the compatibility to
not load the vgabios-ramfb.bin if the arch doesn't need it.
For now the default value is true but it will be turned off by default
in subsequent patch when compats get properly handled.
Reviewed-by: Zhao Liu <[email protected]>
Reviewed-by: Eric Auger <[email protected]>
Signed-off-by: Shaoqin Huang <[email protected]>
Message-ID: <[email protected]>
Signed-off-by: Gerd Hoffmann <[email protected]>
Commit: b53a3bba5e02df7cbdb26f8bf8bcb11b8290e863
https://github.com/qemu/qemu/commit/b53a3bba5e02df7cbdb26f8bf8bcb11b8290e863
Author: Shaoqin Huang <[email protected]>
Date: 2025-07-18 (Fri, 18 Jul 2025)
Changed paths:
M hw/vfio/pci.h
A hw/vfio/types.h
Log Message:
-----------
vfio: Move the TYPE_* to hw/vfio/types.h
Move the TYPE_* to a new file hw/vfio/types.h because the
TYPE_VFIO_PCI will be used in later patch, but directly include the
hw/vfio/pci.h can cause some compilation error when cross build the
windows version.
The hw/vfio/types.h can be included to mitigate that problem.
Signed-off-by: Shaoqin Huang <[email protected]>
Message-ID: <[email protected]>
Reviewed-by: Zhao Liu <[email protected]>
Signed-off-by: Gerd Hoffmann <[email protected]>
Commit: d5fcf0d960d893b1765e6388cefca9c690839267
https://github.com/qemu/qemu/commit/d5fcf0d960d893b1765e6388cefca9c690839267
Author: Shaoqin Huang <[email protected]>
Date: 2025-07-18 (Fri, 18 Jul 2025)
Changed paths:
M hw/core/machine.c
M hw/display/ramfb-standalone.c
M hw/i386/microvm.c
M hw/i386/pc_piix.c
M hw/i386/pc_q35.c
M hw/vfio/pci.c
Log Message:
-----------
hw/i386: Add the ramfb romfile compatibility
ramfb is a sysbus device so it can only used for machine types where it
is explicitly enabled:
# git grep machine_class_allow_dynamic_sysbus_dev.*TYPE_RAMFB_DEVICE
hw/arm/virt.c: machine_class_allow_dynamic_sysbus_dev(mc,
TYPE_RAMFB_DEVICE);
hw/i386/microvm.c: machine_class_allow_dynamic_sysbus_dev(mc,
TYPE_RAMFB_DEVICE);
hw/i386/pc_piix.c: machine_class_allow_dynamic_sysbus_dev(m,
TYPE_RAMFB_DEVICE);
hw/i386/pc_q35.c: machine_class_allow_dynamic_sysbus_dev(m,
TYPE_RAMFB_DEVICE);
hw/loongarch/virt.c: machine_class_allow_dynamic_sysbus_dev(mc,
TYPE_RAMFB_DEVICE);
hw/riscv/virt.c: machine_class_allow_dynamic_sysbus_dev(mc,
TYPE_RAMFB_DEVICE);
So these six are the only machine types we have to worry about.
The three x86 machine types (pc, q35, microvm) will actually use the rom
(when booting with seabios).
For arm/riscv/loongarch virt we want to disable the rom.
This patch sets ramfb romfile option to false by default, except for x86
machines types (pc, q35, microvm) which need the rom file when booting
with seabios and machine types <= 10.0 (handling the case of arm virt,
for compat reasons).
At the same time, set the "use-legacy-x86-rom" property to true on those
historical versioned machine types in order to avoid the memory layout
being changed.
Acked-by: Michael S. Tsirkin <[email protected]>
Reviewed-by: Zhao Liu <[email protected]>
Reviewed-by: Eric Auger <[email protected]>
Signed-off-by: Shaoqin Huang <[email protected]>
Message-ID: <[email protected]>
Signed-off-by: Gerd Hoffmann <[email protected]>
Commit: 8c8f62baa61b55b297453a8d416c6b0932398948
https://github.com/qemu/qemu/commit/8c8f62baa61b55b297453a8d416c6b0932398948
Author: Zenghui Yu <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M target/arm/hvf/hvf.c
M target/arm/hvf/trace-events
Log Message:
-----------
hvf: arm: Remove $pc from trace_hvf_data_abort()
We don't synchronize vcpu registers from the hardware accelerator (e.g., by
cpu_synchronize_state()) in the Dabort handler, so env->pc points to the
instruction which has nothing to do with the Dabort at all.
And it doesn't seem to make much sense to log PC in every Dabort handler,
let's just remove it from this trace event.
Signed-off-by: Zenghui Yu <[email protected]>
Reviewed-by: Mads Ynddal <[email protected]>
Message-id: [email protected]
Reviewed-by: Philippe Mathieu-Daudé <[email protected]>
Signed-off-by: Peter Maydell <[email protected]>
Commit: 655659a74a36b63e33d2dc969d3c44beb1b008b3
https://github.com/qemu/qemu/commit/655659a74a36b63e33d2dc969d3c44beb1b008b3
Author: Peter Maydell <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M target/arm/debug_helper.c
Log Message:
-----------
target/arm: Correct encoding of Debug Communications Channel registers
We don't implement the Debug Communications Channel (DCC), but
we do attempt to provide dummy versions of its system registers
so that software that tries to access them doesn't fall over.
However, we got the tx/rx register definitions wrong. These
should be:
AArch32:
DBGDTRTX p14 0 c0 c5 0 (on writes)
DBGDTRRX p14 0 c0 c5 0 (on reads)
AArch64:
DBGDTRTX_EL0 2 3 0 5 0 (on writes)
DBGDTRRX_EL0 2 3 0 5 0 (on reads)
DBGDTR_EL0 2 3 0 4 0 (reads and writes)
where DBGDTRTX and DBGDTRRX are effectively different names for the
same 32-bit register, which has tx behaviour on writes and rx
behaviour on reads. The AArch64-only DBGDTR_EL0 is a 64-bit wide
register whose top and bottom halves map to the DBGDTRRX and DBGDTRTX
registers.
Currently we have just one cpreg struct, which:
* calls itself DBGDTR_EL0
* uses the DBGDTRTX_EL0/DBGDTRRX_EL0 encoding
* is marked as ARM_CP_STATE_BOTH but has the wrong opc1
value for AArch32
* is implemented as RAZ/WI
Correct the encoding so:
* we name the DBGDTRTX/DBGDTRRX register correctly
* we split it into AA64 and AA32 versions so we can get the
AA32 encoding right
* we implement DBGDTR_EL0 at its correct encoding
Cc: [email protected]
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2986
Signed-off-by: Peter Maydell <[email protected]>
Reviewed-by: Richard Henderson <[email protected]>
Message-id: [email protected]
Commit: 8ccd35f25cdf2e03f44585a11b7daf93d1d46a3a
https://github.com/qemu/qemu/commit/8ccd35f25cdf2e03f44585a11b7daf93d1d46a3a
Author: Peter Maydell <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M hw/misc/ivshmem-pci.c
Log Message:
-----------
hw/misc/ivshmem-pci: Improve error handling
Coverity points out that the ivshmem-pci code has some error handling
cases where it incorrectly tries to use an invalid filedescriptor.
These generally happen because ivshmem_recv_msg() calls
qemu_chr_fe_get_msgfd(), which might return -1, but the code in
process_msg() generally assumes that the file descriptor was provided
when it was supposed to be. In particular:
* the error case in process_msg() only needs to close the fd
if one was provided
* process_msg_shmem() should fail if no fd was provided
Coverity: CID 1508726
Signed-off-by: Peter Maydell <[email protected]>
Reviewed-by: Markus Armbruster <[email protected]>
Message-id: [email protected]
Commit: 32d8fb61e5a1fb5feeecce85d461be019cc30a54
https://github.com/qemu/qemu/commit/32d8fb61e5a1fb5feeecce85d461be019cc30a54
Author: Peter Maydell <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M target/arm/kvm_arm.h
Log Message:
-----------
target/arm: Provide always-false kvm_arm_*_supported() stubs for usermode
If you try to build aarch64-linux-user with clang and --enable-debug then it
fails to compile:
ld: libqemu-aarch64-linux-user.a.p/target_arm_cpu64.c.o: in function
`cpu_arm_set_sve':
../../target/arm/cpu64.c:321:(.text+0x1254): undefined reference to
`kvm_arm_sve_supported'
This is a regression introduced in commit f86d4220, which switched
the kvm-stub.c file away from being built for all arm targets to only
being built for system emulation binaries. It doesn't affect gcc,
presumably because even at -O0 gcc folds away the always-false
kvm_enabled() condition but clang does not.
We would prefer not to build kvm-stub.c once for usermode and once
for system-emulation binaries, and we can't build it just once for
both because it includes cpu.h. So instead provide always-false
versions of the five functions that are valid to call without KVM
support in kvm_arm.h.
Fixes: f86d42205c2eba ("target/arm/meson: accelerator files are not needed in
user mode")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/3033
Signed-off-by: Peter Maydell <[email protected]>
Reviewed-by: Pierrick Bouvier <[email protected]>
Message-id: [email protected]
Commit: e74aad9f81cc2bfee2057086610e21bd98e9c5a5
https://github.com/qemu/qemu/commit/e74aad9f81cc2bfee2057086610e21bd98e9c5a5
Author: Peter Maydell <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M include/qemu/compiler.h
M include/qemu/host-utils.h
Log Message:
-----------
host-utils: Drop workaround for buggy Apple Clang __builtin_subcll()
In commit b0438861efe ("host-utils: Avoid using __builtin_subcll on
buggy versions of Apple Clang") we added a workaround for a bug in
Apple Clang 14 where its __builtin_subcll() implementation was wrong.
This bug was only present in Apple Clang 14, not in upstream clang,
and is not present in Apple Clang versions 15 and newer.
Since commit 4e035201 we have required at least Apple Clang 15, so we
no longer build with the buggy versions. We can therefore drop the
workaround. This is effectively a revert of b0438861efe.
This should not be backported to stable branches, which may still
need to support Apple Clang 14.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/3030
Signed-off-by: Peter Maydell <[email protected]>
Reviewed-by: Thomas Huth <[email protected]>
Reviewed-by: Richard Henderson <[email protected]>
Reviewed-by: Philippe Mathieu-Daudé <[email protected]>
Message-id: [email protected]
Commit: 30dbcd9283988ba352181cb42c6a69ae32075363
https://github.com/qemu/qemu/commit/30dbcd9283988ba352181cb42c6a69ae32075363
Author: Jackson Donaldson <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M hw/misc/max78000_aes.c
Log Message:
-----------
hw/misc/max78000_aes: Comment Internal Key Storage
Coverity Scan noted an unusual pattern in the
MAX78000 aes device, with duplicated calls to
set_decrypt. This commit adds a comment noting
why the implementation is correct.
Signed-off-by: Jackson Donaldson <[email protected]>
Message-id: [email protected]
Reviewed-by: Peter Maydell <[email protected]>
Signed-off-by: Peter Maydell <[email protected]>
Commit: 012bf8ad134ecec5d7e68101c216204107fd9741
https://github.com/qemu/qemu/commit/012bf8ad134ecec5d7e68101c216204107fd9741
Author: Cédric Le Goater <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M docs/system/arm/aspeed.rst
Log Message:
-----------
docs: Fix Aspeed title
commit ad8e0e8a0088 removed the "======" underlining the file title
which broke documentation rendering. Add it back.
Fixes: ad8e0e8a0088 ("docs: add support for gb200-bmc")
Cc: Ed Tanous <[email protected]>
Reported-by: Peter Maydell <[email protected]>
Signed-off-by: Cédric Le Goater <[email protected]>
Reviewed-by: Thomas Huth <[email protected]>
Reviewed-by: Ed Tanous <[email protected]>
Message-id: [email protected]
Signed-off-by: Peter Maydell <[email protected]>
Commit: 2b5a9bbbadb39750584f36e6bee3a36ebe134418
https://github.com/qemu/qemu/commit/2b5a9bbbadb39750584f36e6bee3a36ebe134418
Author: Peter Maydell <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M target/arm/tcg/helper.h
M target/arm/tcg/translate-sve.c
M target/arm/tcg/vec_helper.c
Log Message:
-----------
target/arm: Add BFADD, BFSUB, BFMUL (unpredicated)
FEAT_SVE_B16B16 adds bfloat16 versions of the SVE floating point
(unpredicated) instructions, which are encoded via sz==0b00.
Fixes: 7b1613a1020d2942 ("target/arm: Enable FEAT_SME2p1 on -cpu max")
Signed-off-by: Peter Maydell <[email protected]>
Reviewed-by: Richard Henderson <[email protected]>
Message-id: [email protected]
Commit: 86fa06f8d9f953252a7919fa56a402d789bf1b78
https://github.com/qemu/qemu/commit/86fa06f8d9f953252a7919fa56a402d789bf1b78
Author: Peter Maydell <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M target/arm/tcg/helper-sve.h
M target/arm/tcg/sve_helper.c
M target/arm/tcg/translate-sve.c
Log Message:
-----------
target/arm: Add BFADD, BFSUB, BFMUL, BFMAXNM, BFMINNM (predicated)
FEAT_SVE_B16B16 adds bfloat16 versions of the SVE floating point
(predicated) instructions, which are encoded via sz=0b00.
Add BFADD, BFSUB, BFMUL, BFMAXNM, BFMINNM; these are all the insns
in this group which do not change behaviour for AH=1.
We will deal with BFMAX/BFMIN (which do have different AH=1
behaviour) in a following commit.
Fixes: 7b1613a1020d2942 ("target/arm: Enable FEAT_SME2p1 on -cpu max")
Signed-off-by: Peter Maydell <[email protected]>
Reviewed-by: Richard Henderson <[email protected]>
Message-id: [email protected]
Commit: 279438560ba8575266e9105202c6e87044d24885
https://github.com/qemu/qemu/commit/279438560ba8575266e9105202c6e87044d24885
Author: Peter Maydell <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M target/arm/tcg/helper-sve.h
M target/arm/tcg/sve_helper.c
M target/arm/tcg/translate-sve.c
Log Message:
-----------
target/arm: Add BFMIN, BFMAX (predicated)
FEAT_SVE_B16B16 adds bfloat16 versions of the SVE floating point
(predicated) instructions, which are encoded via sz=0b00. Add the
BFMAX and BFMIN insns. These have separate behaviour for AH=1 and
AH=0; we have already implemented the AH=1 helper for the SME2
versions of these insns.
Fixes: 7b1613a1020d2942 ("target/arm: Enable FEAT_SME2p1 on -cpu max")
Signed-off-by: Peter Maydell <[email protected]>
Reviewed-by: Richard Henderson <[email protected]>
Message-id: [email protected]
Commit: f71c3f470f48bece6d0601171bfda63a0b746879
https://github.com/qemu/qemu/commit/f71c3f470f48bece6d0601171bfda63a0b746879
Author: Peter Maydell <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M target/arm/tcg/helper.h
M target/arm/tcg/sve.decode
M target/arm/tcg/translate-sve.c
M target/arm/tcg/vec_helper.c
Log Message:
-----------
target/arm: Add BFMUL (indexed)
FEAT_SVE_B16B16 adds a bfloat16 version of the FMUL insn in the
floating-point multiply (indexed) instruction group. The encoding
is slightly bespoke; in our implementation we use MO_8 to indicate
bfloat16, as with the other B16B16 insns.
Fixes: 7b1613a1020d2942 ("target/arm: Enable FEAT_SME2p1 on -cpu max")
Signed-off-by: Peter Maydell <[email protected]>
Reviewed-by: Richard Henderson <[email protected]>
Message-id: [email protected]
Commit: 929bec5581966c43d083588f9be38af48150c4fe
https://github.com/qemu/qemu/commit/929bec5581966c43d083588f9be38af48150c4fe
Author: Peter Maydell <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M target/arm/tcg/helper-sve.h
M target/arm/tcg/sve_helper.c
M target/arm/tcg/translate-sve.c
Log Message:
-----------
target/arm: Add BFMLA, BFMLS (vectors)
FEAT_SVE_B16B16 adds bfloat16 versions of the FMLA and FMLS insns in
the "SVE floating-point multiply-accumulate writing addend" group,
encoded as sz=0b00.
Fixes: 7b1613a1020d2942 ("target/arm: Enable FEAT_SME2p1 on -cpu max")
Signed-off-by: Peter Maydell <[email protected]>
Reviewed-by: Richard Henderson <[email protected]>
Message-id: [email protected]
Commit: 67fbc4c8079226eb9e47369cc45eb3fe56c3c9c3
https://github.com/qemu/qemu/commit/67fbc4c8079226eb9e47369cc45eb3fe56c3c9c3
Author: Peter Maydell <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M target/arm/tcg/sve.decode
M target/arm/tcg/translate-sve.c
Log Message:
-----------
target/arm: Add BFMLA, BFMLS (indexed)
FEAT_SVE_B16B16 adds bfloat16 versions of the FMLA and FMLS insns in
the SVE floating-point multiply-add (indexed) insn group. Implement
these.
Fixes: 7b1613a1020d2942 ("target/arm: Enable FEAT_SME2p1 on -cpu max")
Signed-off-by: Peter Maydell <[email protected]>
Reviewed-by: Richard Henderson <[email protected]>
Message-id: [email protected]
Commit: 17f6436822ff600cae4590c4b06b3321c97f1f42
https://github.com/qemu/qemu/commit/17f6436822ff600cae4590c4b06b3321c97f1f42
Author: Peter Maydell <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M target/arm/tcg/translate-sve.c
Log Message:
-----------
target/arm: Correct sense of FPCR.AH test for FMAXQV and FMINQV
When we implemented the FMAXQV and FMINQV insns we accidentally
inverted the sense of the FPCR.AH test, so we gave the AH=1 behaviour
when FPCR.AH was zero, and vice-versa. (The difference is limited to
handling of negative zero and NaN inputs.)
Fixes: 1de7ecfc12d05 ("target/arm: Implement FADDQV, F{MIN, MAX}{NM}QV for
SVE2p1")
Signed-off-by: Peter Maydell <[email protected]>
Reviewed-by: Richard Henderson <[email protected]>
Reviewed-by: Philippe Mathieu-Daudé <[email protected]>
Message-id: [email protected]
Commit: 07327d5f451162a841747836ff05cc6dd6e8c023
https://github.com/qemu/qemu/commit/07327d5f451162a841747836ff05cc6dd6e8c023
Author: Peter Maydell <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M target/arm/tcg/sve_helper.c
Log Message:
-----------
target/arm: Don't nest H() macro calls in SVE DO_REDUCE
In the part of the SVE DO_REDUCE macro used by the SVE2p1 FMAXQV,
FMINQV, etc insns, we incorrectly applied the H() macro twice when
calculating an offset to add to the vn pointer. This has no effect
on little-endian hosts but on big-endian hosts the two invocations
will cancel each other out and we will access the wrong part of the
array.
The "s * 16" part of the expression is already aligned, so we only
need to use the H macro on the "e". Correct the macro usage.
Fixes: 1de7ecfc12d05 ("target/arm: Implement FADDQV, F{MIN, MAX}{NM}QV for
SVE2p1")
Signed-off-by: Peter Maydell <[email protected]>
Reviewed-by: Richard Henderson <[email protected]>
Message-id: [email protected]
Commit: 82a1c5c661ef9ab567b7946b75240963c153a3b0
https://github.com/qemu/qemu/commit/82a1c5c661ef9ab567b7946b75240963c153a3b0
Author: Peter Maydell <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M target/arm/tcg/sve_helper.c
Log Message:
-----------
target/arm: Honour FPCR.AH=1 default NaN value in FMAXNMQV, FMINNMQV
The FMAXNMQV and FMINNMQV insns use the default NaN as their identity
value for inactive source vector elements. We open-coded this in
sve_helper.c, hoping to avoid a function call. However, this fails
to account for FPCR.AH=1 changing the default NaN value to set the
sign bit. Use a call to floatN_default_nan() to obtain this value.
Fixes: 1de7ecfc12d05 ("target/arm: Implement FADDQV, F{MIN, MAX}{NM}QV for
SVE2p1")
Signed-off-by: Peter Maydell <[email protected]>
Reviewed-by: Richard Henderson <[email protected]>
Message-id: [email protected]
Commit: 082933a1f7d3c8e4a9e999c3d284928ef866c67d
https://github.com/qemu/qemu/commit/082933a1f7d3c8e4a9e999c3d284928ef866c67d
Author: Peter Maydell <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M target/arm/tcg/sve.decode
Log Message:
-----------
target/arm: Make LD1Q decode and trans fn agree about a->u
For the LD1Q instruction (gather load of quadwords) we use the
LD1_zprz pattern with MO_128 elements. At this element size there is
no signed vs unsigned distinction, and we only set the 'u' bit in the
arg_LD1_zprz struct because we share the code and decode struct with
smaller element sizes.
However, we set u=0 in the decode pattern line but then accidentally
asserted that it was 1 in the trans function. Since our usual convention
is that the "default" is unsigned and we only mark operations as signed
when they really do need to extend, change the decode pattern line to
set u=1 to match the assert.
Fixes: d2aa9a804ee6 ("target/arm: Implement LD1Q, ST1Q for SVE2p1")
Signed-off-by: Peter Maydell <[email protected]>
Reviewed-by: Richard Henderson <[email protected]>
Message-id: [email protected]
Commit: f19310b23a00b5c19f930e4d57fc298744d11740
https://github.com/qemu/qemu/commit/f19310b23a00b5c19f930e4d57fc298744d11740
Author: Zenghui Yu <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M target/arm/hvf/hvf.c
Log Message:
-----------
hvf: arm: Add permission check in GIC sysreg handlers
Quoting Peter Maydell:
" hvf_sysreg_read_cp() and hvf_sysreg_write_cp() do not check the .access
field of the ARMCPRegInfo to ensure that they forbid writes to registers
that are marked with a .access field that says they're read-only (and
ditto reads to write-only registers). "
Before we add more registers in GIC sysreg handlers, let's get it correct
by adding the .access checks to hvf_sysreg_read_cp() and
hvf_sysreg_write_cp(). With that, a sysreg access with invalid permission
will result in an UNDEFINED exception.
Suggested-by: Peter Maydell <[email protected]>
Signed-off-by: Zenghui Yu <[email protected]>
Message-id: [email protected]
Reviewed-by: Peter Maydell <[email protected]>
Signed-off-by: Peter Maydell <[email protected]>
Commit: e6da704b711d5d731e4d933ad56cbbc25ee0a825
https://github.com/qemu/qemu/commit/e6da704b711d5d731e4d933ad56cbbc25ee0a825
Author: Zenghui Yu <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M target/arm/hvf/hvf.c
Log Message:
-----------
hvf: arm: Emulate ICC_RPR_EL1 accesses properly
Commit a2260983c655 ("hvf: arm: Add support for GICv3") added GICv3 support
by implementing emulation for a few system registers. ICC_RPR_EL1 was
defined but not plugged in the sysreg handlers (for no good reason).
Fix it.
Fixes: a2260983c655 ("hvf: arm: Add support for GICv3")
Signed-off-by: Zenghui Yu <[email protected]>
Reviewed-by: Philippe Mathieu-Daudé <[email protected]>
Message-id: [email protected]
Signed-off-by: Peter Maydell <[email protected]>
Commit: 6f7f3419cce86553dd239f10a5deb9ab872bd8c2
https://github.com/qemu/qemu/commit/6f7f3419cce86553dd239f10a5deb9ab872bd8c2
Author: Henry Kleynhans <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M crypto/tlscredsx509.c
Log Message:
-----------
crypto: load all certificates in X509 CA file
Some CA files may contain multiple intermediaries and roots of trust.
These may not fit into the hard-coded limit of 16.
Extend the validation code to allocate enough space to load all of the
certificates present in the CA file and ensure they are cleaned up.
Reviewed-by: Daniel P. Berrangé <[email protected]>
Signed-off-by: Henry Kleynhans <[email protected]>
[DB: drop MAX_CERTS constant & whitespace tweaks]
Signed-off-by: Daniel P. Berrangé <[email protected]>
Commit: 7724ca9a772594b96939ff549c74f46e11d7870b
https://github.com/qemu/qemu/commit/7724ca9a772594b96939ff549c74f46e11d7870b
Author: Philippe Mathieu-Daudé <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M accel/hvf/hvf-all.c
Log Message:
-----------
accel/hvf: Display executable bit as 'X'
Developers are accustomed to read RWX, not RWE.
Replace E -> X.
Reported-by: Alex Bennée <[email protected]>
Signed-off-by: Philippe Mathieu-Daudé <[email protected]>
Reviewed-by: Alex Bennée <[email protected]>
Reviewed-by: Mads Ynddal <[email protected]>
Reviewed-by: Xiaoyao Li <[email protected]>
Signed-off-by: Peter Maydell <[email protected]>
Commit: 2c047bdb77e8f636936edd9ac5000521c9580477
https://github.com/qemu/qemu/commit/2c047bdb77e8f636936edd9ac5000521c9580477
Author: Richard Henderson <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M tcg/optimize.c
Log Message:
-----------
tcg/optimize: Don't fold INDEX_op_and_vec to extract
There is no such thing as vector extract.
Fixes: 932522a9ddc1 ("tcg/optimize: Fold and to extract during optimize")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/3036
Signed-off-by: Richard Henderson <[email protected]>
Reviewed-by: Pierrick Bouvier <[email protected]>
Tested-by: Pierrick Bouvier <[email protected]>
Reviewed-by: Peter Maydell <[email protected]>
Commit: b4f0b382fe241a1c57ab42ec538f49db45193df7
https://github.com/qemu/qemu/commit/b4f0b382fe241a1c57ab42ec538f49db45193df7
Author: Stefan Hajnoczi <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M crypto/tlscredsx509.c
M crypto/x509-utils.c
M ui/trace-events
M ui/vnc.c
Log Message:
-----------
Merge tag 'misc-next-pull-request' of https://gitlab.com/berrange/qemu into
staging
Misc crypto & UI patches
* Fix endian defaults when no VNC pixel format message is set
* Add more trace events for VNC messages
* Fix checking of certificate loading
* Eliminate cert limit on loading CA certificates
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEE2vOm/bJrYpEtDo4/vobrtBUQT98FAmh+GhkACgkQvobrtBUQ
# T995OBAAiET1Av3xoF9aAVO5Visy/yvDaSOkP4bDDr1KkpaDrqLpBhAoqIEdxU1O
# c+SUwltp0dYe7RcYIWg9b5dTpJdWyYDo5LvPQBbwxbhOXMPFbGsMJMc0BaO3KPVV
# dlfXHUyHZ1bLVE5mnM/5poZzhN7CE4qHGw35jr08VF7iPHrEEp+5OgxFddzi5vQq
# Rt+PlWA2CT/U5AoQe3Pgc0sRoS4VWV35xhdDWRgNR52CGzdNR76GneXy1ByJ6CWd
# mlbFkXE6Abnp/TN/IT3sefH099Mc23adxPZ3WJ0aDEWG6jLnlcrvxmag0HNNJmm/
# R+PRB5OkClYA1kntYbLqOZyNHkcWTGtCTIq7293N0hXTWzQw96Py+pDVMeoktqqO
# yuhdykCmOETWbudbpdCpcQyEpu4TQdFDPPoHVh4H2XbJmgIkuU+MMoBaaN+OBphk
# 40H/mvGPkrY1Gb/jvDpbg74tqzH/gmTfuZJ+b1CMku9T11ElVPdu2bCUgOTgnPfC
# b7wvyH31qtbel3OA1zzJ69Lh0wCEVYiOoMT+O49PMndlDn/d6ssi2T/6SjdDKUSd
# JyVqhjG6xKr3Mogp/HVVpAEVHncztVDBOPYJA69OG/hjfE63NtcTsbWUhwO0kYr3
# R8qtdq/IYYOPAzGjCzNsApJusrymhVRF/ZSQCnbO15RdERBMF5Y=
# =sxKq
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 21 Jul 2025 06:44:41 EDT
# gpg: using RSA key DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <[email protected]>" [full]
# gpg: aka "Daniel P. Berrange <[email protected]>" [full]
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E 8E3F BE86 EBB4 1510 4FDF
* tag 'misc-next-pull-request' of https://gitlab.com/berrange/qemu:
crypto: load all certificates in X509 CA file
crypto/x509-utils: Check for error from gnutls_x509_crt_init()
ui: add trace events for all client messages
ui: fix setting client_endian field defaults
Signed-off-by: Stefan Hajnoczi <[email protected]>
Commit: bb153e7960b24fb31b36b4230e4d1d008ae2f129
https://github.com/qemu/qemu/commit/bb153e7960b24fb31b36b4230e4d1d008ae2f129
Author: Stefan Hajnoczi <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M accel/hvf/hvf-all.c
M docs/system/arm/aspeed.rst
M hw/misc/ivshmem-pci.c
M hw/misc/max78000_aes.c
M include/qemu/compiler.h
M include/qemu/host-utils.h
M target/arm/debug_helper.c
M target/arm/hvf/hvf.c
M target/arm/hvf/trace-events
M target/arm/kvm_arm.h
M target/arm/tcg/helper-sve.h
M target/arm/tcg/helper.h
M target/arm/tcg/sve.decode
M target/arm/tcg/sve_helper.c
M target/arm/tcg/translate-sve.c
M target/arm/tcg/vec_helper.c
Log Message:
-----------
Merge tag 'pull-target-arm-20250721' of https://gitlab.com/pm215/qemu into
staging
target-arm queue:
* hvf: arm: Remove $pc from trace_hvf_data_abort()
* target/arm: Correct encoding of Debug Communications Channel registers
* hw/misc/ivshmem-pci: Improve error handling
* target/arm: Provide always-false kvm_arm_*_supported() stubs for usermode
* host-utils: Drop workaround for buggy Apple Clang __builtin_subcll()
* hw/misc/max78000_aes: Comment Internal Key Storage
* docs: Fix Aspeed title
* Implement a handful of missing FEAT_SVE_B16_B16 insns
* Fix bugs in FMAXQV, FMINQV, etc
* Fix assert in LD1Q decode
* hvf: arm: Add permission check in GIC sysreg handlers
* hvf: arm: Emulate ICC_RPR_EL1 accesses properly
* accel/hvf: Display executable bit as 'X'
# -----BEGIN PGP SIGNATURE-----
#
# iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmh+OlgZHHBldGVyLm1h
# eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3klRD/0QvWyi0z0wbBdIKGi8kury
# VP/S1FcqP2w9l0jUAmINxsOYu/+ql8w3t6m2jxlTOYZc9rNauQrxRYGD1GdqfJVn
# VCYN47OHRye+iMH6c5jdKyJTi3n2uvT2g8anh2Yt18xOey45Pwr2fTs8rje3N5sH
# fvv1mNaeGyA7wgXEY9Z4tEvW19ZPsuKIBd4Ea7klDXwUpTmmQkJMVTKyz7/TefqK
# YicpM9E4dMxwNvW/8zrsVH505E4s15OytIjhDci30v2M7Uh3tUIRKo+s44Kk7cEq
# HIwO/ra1HEhp8xGU2UfRf643EF1k7A0VUgetHSxYbi1gIknjiSU8Ohnd268CgY7G
# /UbjgjFu5mcJgBvoNCwGy0iuCkEfRZ+veq24OjL6GbMvt2utCm9Rumu5KLemLpvW
# mB4RexjbT+FDldhz8Ub42sR96UpZ0TSEfwjOswHibA4Zk4o2S6fRv0OqaBMB2dKU
# MhcMdBdPXe3SmecRlYoqde+RCUyIOMD46uiJYrBhG6Nfn6SgcnS+ZGB960veaH2r
# p5lvyJIBn3/a1KwOET9z5Gp3C6l4TXgJjIaCB4qAWHxeBR/AIobRC71heCc0uPU+
# J3Nm5/p6rcz0vjzs1To0VuXM57qNpQJWu0Un+8CDjpXJ0piyBk4o2iu1dw26bsMs
# yrgqlMfDsXNlK/yUdykAbw==
# =rQ+N
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 21 Jul 2025 09:02:16 EDT
# gpg: using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg: issuer "[email protected]"
# gpg: Good signature from "Peter Maydell <[email protected]>" [full]
# gpg: aka "Peter Maydell <[email protected]>" [full]
# gpg: aka "Peter Maydell <[email protected]>"
[full]
# gpg: aka "Peter Maydell <[email protected]>" [unknown]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE
* tag 'pull-target-arm-20250721' of https://gitlab.com/pm215/qemu:
accel/hvf: Display executable bit as 'X'
hvf: arm: Emulate ICC_RPR_EL1 accesses properly
hvf: arm: Add permission check in GIC sysreg handlers
target/arm: Make LD1Q decode and trans fn agree about a->u
target/arm: Honour FPCR.AH=1 default NaN value in FMAXNMQV, FMINNMQV
target/arm: Don't nest H() macro calls in SVE DO_REDUCE
target/arm: Correct sense of FPCR.AH test for FMAXQV and FMINQV
target/arm: Add BFMLA, BFMLS (indexed)
target/arm: Add BFMLA, BFMLS (vectors)
target/arm: Add BFMUL (indexed)
target/arm: Add BFMIN, BFMAX (predicated)
target/arm: Add BFADD, BFSUB, BFMUL, BFMAXNM, BFMINNM (predicated)
target/arm: Add BFADD, BFSUB, BFMUL (unpredicated)
docs: Fix Aspeed title
hw/misc/max78000_aes: Comment Internal Key Storage
host-utils: Drop workaround for buggy Apple Clang __builtin_subcll()
target/arm: Provide always-false kvm_arm_*_supported() stubs for usermode
hw/misc/ivshmem-pci: Improve error handling
target/arm: Correct encoding of Debug Communications Channel registers
hvf: arm: Remove $pc from trace_hvf_data_abort()
Signed-off-by: Stefan Hajnoczi <[email protected]>
Commit: a11f29527399b26e122f1e88ee2672460982f06e
https://github.com/qemu/qemu/commit/a11f29527399b26e122f1e88ee2672460982f06e
Author: Stefan Hajnoczi <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M tcg/optimize.c
Log Message:
-----------
Merge tag 'pull-tcg-20250721' of https://gitlab.com/rth7680/qemu into staging
tcg/optimize: Don't fold INDEX_op_and_vec to extract
# -----BEGIN PGP SIGNATURE-----
#
# iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmh+WFMdHHJpY2hhcmQu
# aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV+ieggAjnO41ApUWcRbuILy
# MAUK9sU5Z5R7y/bsj5ZUAlqS83/p3ipwzu8ihQqQcRII+QwT4ry1QED2+JtZduwX
# b20d3HKghr0dqN4ZKd07ftD8qDFlzzOhXKuKLEzDRRC1d5wgt7AOKxdvZ70IMhov
# DUxN097VSmR3tX7VFOAweqFPQRPykl7/5g+fDSJhXRH1YffshlT6z7Gql5B4oBs4
# leKwYmpmOiNwKuKhBuWjPwbp/zJtcFFdNdsE9nMoRKil27G0z0dDL0fJ8U4cDuiT
# cWqQB0pajT6XANmwchw0ADsvb7Uudsdu/W6jj/2KIPP7zlxnTW5p+igu217fGuIA
# 7GQE5w==
# =i/Vc
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 21 Jul 2025 11:10:11 EDT
# gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg: issuer "[email protected]"
# gpg: Good signature from "Richard Henderson <[email protected]>"
[full]
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F
* tag 'pull-tcg-20250721' of https://gitlab.com/rth7680/qemu:
tcg/optimize: Don't fold INDEX_op_and_vec to extract
Signed-off-by: Stefan Hajnoczi <[email protected]>
Commit: ebcc602aae19c06a4f492da3920b64c8033f0d7f
https://github.com/qemu/qemu/commit/ebcc602aae19c06a4f492da3920b64c8033f0d7f
Author: Stefan Hajnoczi <[email protected]>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M hw/core/machine.c
M hw/display/ramfb-standalone.c
M hw/display/ramfb-stubs.c
M hw/display/ramfb.c
M hw/i386/microvm.c
M hw/i386/pc_piix.c
M hw/i386/pc_q35.c
M hw/vfio/display.c
M hw/vfio/pci.c
M hw/vfio/pci.h
A hw/vfio/types.h
M include/hw/display/ramfb.h
Log Message:
-----------
Merge tag 'display-20250718-pull-request' of https://gitlab.com/kraxel/qemu
into staging
Load ramfb vgabios on x86 only.
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCgAdFiEEoDKM/7k6F6eZAf59TLbY7tPocTgFAmh6o80ACgkQTLbY7tPo
# cTjxPBAAktTXxFK6loSMSWC1ul8RCl/4F7G84J4eT+Ui8/KIG8do5KcebTnXb9zo
# keOG7n9HPk4fROWiAFgGnuBfw41DWmLDS34iuENrG3X26TQgSSgBveuwas67Pzqu
# HpaFSxjh7BRLlkUWaNoll57cDM3kKLmx+Onw6m/7kbcVXAsy1N4wxfCT1faUU7ID
# R1ggULG1WhB8q+YtQjac6EfOpdHe1BTBGLuxSwE3mNkce9ZP7C8uxZTCR5PXggZi
# IXzJzGpFRDCHqrilWksiE62yF20Kem4ZcpO/GgLWmF+X+DYBDEWcajihvF20TGUL
# n6dyT7MBxuvqFy0OtBPHNcnq2PZzOIKyxyMvBg9402xeD6goNbFKloAYeae4C9u0
# QuqQUpb8D3lVagVu55N5XfpdMHR0P8yefPAjaFL4o3rf2JSjyI6MRX/+2eA7aXcX
# xiwHSx3iavEeNQNsPZsS3JhH5bKy/zkWRiBd+msGVAYMZGzhdEtLg/w8yUd6dQ5p
# /3Y3F4fL6T6QSwhsiihcbdPtjhfVCP09MYK/P4cIFbWOzjfbndt1/UIXHQ54s8Jo
# PShcE7QH7ttT2gK5nFPG5yeTqF70kKpSyhwF2pukf2fAgcU+0SNoj2zZNtHAvKeh
# 8EHqAy8m1J4AlQeO5nT9tJj/v1CM0q6cljzIfV8hWWgM/hL/vLc=
# =76m5
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 18 Jul 2025 15:43:09 EDT
# gpg: using RSA key A0328CFFB93A17A79901FE7D4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <[email protected]>" [full]
# gpg: aka "Gerd Hoffmann <[email protected]>" [full]
# gpg: aka "Gerd Hoffmann (private) <[email protected]>" [full]
# Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138
* tag 'display-20250718-pull-request' of https://gitlab.com/kraxel/qemu:
hw/i386: Add the ramfb romfile compatibility
vfio: Move the TYPE_* to hw/vfio/types.h
ramfb: Add property to control if load the romfile
Signed-off-by: Stefan Hajnoczi <[email protected]>
Conflicts:
hw/core/machine.c
Context conflict because the vfio-pci
"x-migration-load-config-after-iter" was added recently.
Compare: https://github.com/qemu/qemu/compare/56a3033abcfc...ebcc602aae19
To unsubscribe from these emails, change your notification settings at
https://github.com/qemu/qemu/settings/notifications
