Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: 7d2d577de0c72f3cf2eb43f1534e908070d3bc47
https://github.com/qemu/qemu/commit/7d2d577de0c72f3cf2eb43f1534e908070d3bc47
Author: Richard Henderson <[email protected]>
Date: 2026-01-11 (Sun, 11 Jan 2026)
Changed paths:
M tcg/optimize.c
Log Message:
-----------
tcg/optimize: Save o_mask in fold_masks_zosa_int
When adding o_mask to this function, we used it in a
couple of places but failed to save it for future use.
Also, update a related comment.
Cc: [email protected]
Fixes: 56f15f67ea1 ("tcg/optimize: Add one's mask to TempOptInfo")
Reported-by: Manos Pitsidianakis <[email protected]>
Reviewed-by: Pierrick Bouvier <[email protected]>
Reviewed-by: Philippe Mathieu-Daudé <[email protected]>
Signed-off-by: Richard Henderson <[email protected]>
Commit: 08b12bfb8f532dbc62e35c31d081ede1aa12098b
https://github.com/qemu/qemu/commit/08b12bfb8f532dbc62e35c31d081ede1aa12098b
Author: Richard Henderson <[email protected]>
Date: 2026-01-12 (Mon, 12 Jan 2026)
Changed paths:
M tcg/optimize.c
Log Message:
-----------
tcg/optimize: Fix a_mask computation for orc
In computing a_mask, for or, we remove the bits from t1->o_mask
which are known to be zero. For orc, the bits known to be zero
are the inverse of those known to be one.
Cc: [email protected]
Fixes: cc4033ee47c ("tcg/optimize: Build and use zero, one and affected bits in
fold_orc")
Reviewed-by: Pierrick Bouvier <[email protected]>
Signed-off-by: Richard Henderson <[email protected]>
Commit: 23b53ec3a8a279cb5acd5e022b464a4272fe9f8c
https://github.com/qemu/qemu/commit/23b53ec3a8a279cb5acd5e022b464a4272fe9f8c
Author: Paolo Bonzini <[email protected]>
Date: 2026-01-12 (Mon, 12 Jan 2026)
Changed paths:
M tcg/optimize.c
Log Message:
-----------
tcg/optimize: Do use affected bits
We inadvertently disabled affected bits optimizations on operations
that use fold_masks_zosa. These happen relatively often in x86 code
for extract/sextract; for example given the following:
mov %esi, %ebp
xor $0x1, %ebp
the optimizer is able to simplify the "extract_i64 rbp,tmp0,$0x0,$0x20"
produced by the second instruction to a move.
Cc: [email protected]
Fixes: 932522a9ddc ("tcg/optimize: Fold and to extract during optimize")
Signed-off-by: Paolo Bonzini <[email protected]>
Reviewed-by: Richard Henderson <[email protected]>
Signed-off-by: Richard Henderson <[email protected]>
Message-ID: <[email protected]>
Commit: af6db3b71310ea63a018d517ba7d79e4e014db62
https://github.com/qemu/qemu/commit/af6db3b71310ea63a018d517ba7d79e4e014db62
Author: Richard Henderson <[email protected]>
Date: 2026-01-12 (Mon, 12 Jan 2026)
Changed paths:
M tcg/riscv/tcg-target.c.inc
Log Message:
-----------
tcg/riscv: Fix TCG_REG_TMP0 clobber in tcg_gen_dup{m,i}
TCG_REG_TMP0 may be used by set_vtype* to load the vtype
parameter, so delay any other use of TCG_REG_TMP0 until
the correct vtype has been installed.
Cc: [email protected]
Fixes: d4be6ee1111 ("tcg/riscv: Implement vector mov/dup{m/i}")
Reported-by: Zhijin Zeng <[email protected]>
Signed-off-by: Richard Henderson <[email protected]>
Commit: 82ae60c8b5cb98d610056a1e2d0ba72e9ef7907c
https://github.com/qemu/qemu/commit/82ae60c8b5cb98d610056a1e2d0ba72e9ef7907c
Author: Jean-Christian CÎRSTEA <[email protected]>
Date: 2026-01-12 (Mon, 12 Jan 2026)
Changed paths:
M linux-user/syscall.c
Log Message:
-----------
linux-user: allow null `pathname` for statx()/fstatat()
Since Linux 6.11, the path argument may be NULL.
Before this patch, qemu-*-linux-user failed with EFAULT when `pathname` was
specified as NULL, even for Linux kernel hosts > 6.10. This patch fixes this
issue by checking whether `arg2` is 0. If so, don't return EFAULT, but instead
perform the appropiate syscall and let the host's kernel handle null `pathname`.
Cc: [email protected]
Signed-off-by: Jean-Christian CÎRSTEA <[email protected]>
Reviewed-by: Richard Henderson <[email protected]>
Signed-off-by: Richard Henderson <[email protected]>
Message-ID: <[email protected]>
Commit: c333f9c4ee212297f3b9a8a6ef62396a63c48e61
https://github.com/qemu/qemu/commit/c333f9c4ee212297f3b9a8a6ef62396a63c48e61
Author: Jim MacArthur <[email protected]>
Date: 2026-01-12 (Mon, 12 Jan 2026)
Changed paths:
M linux-user/elfload.c
Log Message:
-----------
linux-user/elfload.c: Correction to HWCAP2 accessor
get_elf_hwcap was used when get_elf_hwcap2 should have been.
Cc: [email protected]
Fixes: fcac98d0ba8b ("linux-user: Remove ELF_HWCAP2")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/3259
Signed-off-by: Jim MacArthur <[email protected]>
Reviewed-by: Richard Henderson <[email protected]>
Reviewed-by: Philippe Mathieu-Daudé <[email protected]>
Signed-off-by: Richard Henderson <[email protected]>
Message-ID: <[email protected]>
Commit: aaed9ca1797d70a507371aea688c5cd60b074e2d
https://github.com/qemu/qemu/commit/aaed9ca1797d70a507371aea688c5cd60b074e2d
Author: Matthew Lugg <[email protected]>
Date: 2026-01-12 (Mon, 12 Jan 2026)
Changed paths:
M linux-user/mmap.c
Log Message:
-----------
linux-user: fix mremap unmapping adjacent region
This typo meant that calls to `mremap` which shrink a mapping by some N
bytes would, when the virtual address space was pre-reserved (e.g.
32-bit guest on 64-bit host), unmap the N bytes following the *original*
mapping.
Signed-off-by: Matthew Lugg <[email protected]>
Reviewed-by: Richard Henderson <[email protected]>
Signed-off-by: Richard Henderson <[email protected]>
Message-ID: <[email protected]>
Commit: 2422884ec5a12037d2378f45ca1411d3f37c7081
https://github.com/qemu/qemu/commit/2422884ec5a12037d2378f45ca1411d3f37c7081
Author: Matthew Lugg <[email protected]>
Date: 2026-01-12 (Mon, 12 Jan 2026)
Changed paths:
M linux-user/mmap.c
Log Message:
-----------
linux-user: fix mremap errors for invalid ranges
If an address range given to `mremap` is invalid (exceeds addressing
bounds on the guest), we were previously returning `ENOMEM`, which is
not correct. The manpage and the Linux kernel implementation both agree
that if `old_addr`/`old_size` refer to an invalid address, `EFAULT` is
returned, and if `new_addr`/`new_size` refer to an invalid address,
`EINVAL` is returned.
Signed-off-by: Matthew Lugg <[email protected]>
Signed-off-by: Richard Henderson <[email protected]>
Message-ID: <[email protected]>
Commit: 81ceab30492ed251addae8539f7b69a069b0f984
https://github.com/qemu/qemu/commit/81ceab30492ed251addae8539f7b69a069b0f984
Author: Matthew Lugg <[email protected]>
Date: 2026-01-12 (Mon, 12 Jan 2026)
Changed paths:
M linux-user/mmap.c
Log Message:
-----------
linux-user: fix reserved_va page leak in do_munmap
The old logic had an off-by-one bug. For instance, assuming 4k pages on
host and guest, if 'len' is '4097' (indicating to unmap 2 pages), then
'last = start + 4096', so 'real_last = start + 4095', so ultimately
'real_len = 4096'. I do not believe this could cause any observable bugs
in guests, because `target_munmap` page-aligns the length it passes in.
However, calls to this function in `target_mremap` do not page-align the
length, so those calls could "drop" pages, leading to a part of the
reserved region becoming unmapped. At worst, a host allocation could get
mapped into that hole, then clobbered by a new guest mapping.
Signed-off-by: Matthew Lugg <[email protected]>
Reviewed-by: Richard Henderson <[email protected]>
Signed-off-by: Richard Henderson <[email protected]>
Message-ID: <[email protected]>
Commit: 9290c10ae9d0c3ff433efbb7ecb0e781966c5404
https://github.com/qemu/qemu/commit/9290c10ae9d0c3ff433efbb7ecb0e781966c5404
Author: Matthew Lugg <[email protected]>
Date: 2026-01-12 (Mon, 12 Jan 2026)
Changed paths:
M tests/tcg/multiarch/test-mmap.c
Log Message:
-----------
tests: add tcg coverage for fixed mremap bugs
These tests cover the first two fixes in this patch series. The final
patch is not covered because the bug it fixes is not easily observable
by the guest.
Signed-off-by: Matthew Lugg <[email protected]>
Signed-off-by: Richard Henderson <[email protected]>
Message-ID: <[email protected]>
Commit: 429bc03a8e9d99d4611439b6a6453dbd5bba0c69
https://github.com/qemu/qemu/commit/429bc03a8e9d99d4611439b6a6453dbd5bba0c69
Author: Michael Tokarev <[email protected]>
Date: 2026-01-12 (Mon, 12 Jan 2026)
Changed paths:
M linux-user/syscall.c
Log Message:
-----------
linux-user: cleanup epoll_pwait ifdeff'ery
All linux targets these days have epoll_pwait system call
(while some miss epoll_wait, which is less generic). And
all linux targets definitely has one or another epoll_*wait*
system call - so whole code block dealing with this system
call should always be present.
Remove the now-unneeded ifdef'fery.
Reviewed-by: Pierrick Bouvier <[email protected]>
Signed-off-by: Michael Tokarev <[email protected]>
Signed-off-by: Richard Henderson <[email protected]>
Message-ID: <[email protected]>
Commit: a19fe4d3772431101e07765b1edbd9cf9eef0141
https://github.com/qemu/qemu/commit/a19fe4d3772431101e07765b1edbd9cf9eef0141
Author: Michael Tokarev <[email protected]>
Date: 2026-01-12 (Mon, 12 Jan 2026)
Changed paths:
M linux-user/syscall.c
Log Message:
-----------
linux-user: implement epoll_pwait2 syscall
epoll_pwait2 is the same as epoll_pwait but with timeout being
(a pointer to) struct timespec instead of an integer.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/3210
Signed-off-by: Michael Tokarev <[email protected]>
Reviewed-by: Pierrick Bouvier <[email protected]>
Signed-off-by: Richard Henderson <[email protected]>
Message-ID: <[email protected]>
Commit: 365a2248ae69f306fe7997fd966bcb1c16a08695
https://github.com/qemu/qemu/commit/365a2248ae69f306fe7997fd966bcb1c16a08695
Author: Daniel P. Berrangé <[email protected]>
Date: 2026-01-12 (Mon, 12 Jan 2026)
Changed paths:
M meson.build
Log Message:
-----------
meson: disable libatomic with GCC >= 16
Historically it was required to ask for libatomic explicitly with
-latomic, but with GCC >= 16 apps will get linked to libatomic
whether they ask for it or not.
This invalidates QEMU's check for atomic op support for int128
which explicitly does NOT want to use the libatomic impl. As a
result with GCC >= 16, QEMU is now getting linked to libatomic
and is activating CONFIG_ATOMIC128. This in turn exposes a bug
in GCC's libatomic.a static buld which is incompatible with the
use of -static-pie leading to build failures like:
/usr/bin/ld: /usr/lib/gcc/x86_64-redhat-linux/16/libatomic.a(cas_16_.o):
relocation R_X86_64_32 against hidden symbol `libat_compare_exchange_16_i1' can
not be used when making a PIE object
/usr/bin/ld: failed to set dynamic section sizes: bad value
collect2: error: ld returned 1 exit status
The newly introduced -fno-link-libatomic flag can be used to
disable the new automatic linking of libatomic. Setting this in
qemu_isa_flags early on ensures that the check for CONFIG_ATOMIC128
still works correctly.
Signed-off-by: Daniel P. Berrangé <[email protected]>
Acked-by: Paolo Bonzini <[email protected]>
Reviewed-by: Richard Henderson <[email protected]>
Signed-off-by: Richard Henderson <[email protected]>
Message-ID: <[email protected]>
Commit: 18c38476def166f76e78c8a097eb7be83839e775
https://github.com/qemu/qemu/commit/18c38476def166f76e78c8a097eb7be83839e775
Author: Richard Henderson <[email protected]>
Date: 2026-01-12 (Mon, 12 Jan 2026)
Changed paths:
M linux-user/elfload.c
M linux-user/mmap.c
M linux-user/syscall.c
M meson.build
M tcg/optimize.c
M tcg/riscv/tcg-target.c.inc
M tests/tcg/multiarch/test-mmap.c
Log Message:
-----------
Merge tag 'pull-tcg-20260112' of https://gitlab.com/rth7680/qemu into staging
tcg/riscv: Fix TCG_REG_TMP0 clobber in tcg_gen_dup{m,i}
tcg/optimize: Fixes for o_mask and a_mask
linux-user: Correction to HWCAP2 accessor
linux-user: Fixes for mremap
linux-user: Implement epoll_pwait2 syscall
meson: disable libatomic with GCC >= 16
# -----BEGIN PGP SIGNATURE-----
#
# iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmlkHJQdHHJpY2hhcmQu
# aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV8i0gf8C/MTPjEqPDij3WDA
# skE6cNyWaGF1xw8WDrGfC9GkKndBtWKZ/bZi8JmngcqfOkOzkZa5X8D25W0/esOs
# cnjqsGX3blW1YUTXgs/Go/EZguZnO23I/4/2sFdba6lo2zYmwab8HzJjYLhzRZB2
# fFyLVvVDgkCfbpomkuZM7nHlnqP1UXgxkYtdD9hhs/08Mdv/H5BwwZN/xkC+YSwt
# zLfB9fb2/5rf3u+TlUoQsHkDV7hHcAiCwUpL9W89AGTVtuwAd2K+LObebaxk8ExM
# WDSXl5CJsavdGZ7sYUqBlJBnHYdSUqMu3DvghQdn5mC1QuRVelLWJhYkNuWVLMsD
# DyH4GQ==
# =yWGs
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 12 Jan 2026 08:56:36 AM AEDT
# gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg: issuer "[email protected]"
# gpg: Good signature from "Richard Henderson <[email protected]>"
[ultimate]
* tag 'pull-tcg-20260112' of https://gitlab.com/rth7680/qemu:
meson: disable libatomic with GCC >= 16
linux-user: implement epoll_pwait2 syscall
linux-user: cleanup epoll_pwait ifdeff'ery
tests: add tcg coverage for fixed mremap bugs
linux-user: fix reserved_va page leak in do_munmap
linux-user: fix mremap errors for invalid ranges
linux-user: fix mremap unmapping adjacent region
linux-user/elfload.c: Correction to HWCAP2 accessor
linux-user: allow null `pathname` for statx()/fstatat()
tcg/riscv: Fix TCG_REG_TMP0 clobber in tcg_gen_dup{m,i}
tcg/optimize: Do use affected bits
tcg/optimize: Fix a_mask computation for orc
tcg/optimize: Save o_mask in fold_masks_zosa_int
Signed-off-by: Richard Henderson <[email protected]>
Compare: https://github.com/qemu/qemu/compare/b254e4862424...18c38476def1
To unsubscribe from these emails, change your notification settings at
https://github.com/qemu/qemu/settings/notifications
