backends/tpm: Propagate vTPM error on migration failure
- When migration of a VM with encrypted vTPM fails on the
destination host, (e.g., due to a mismatch in secret values),
the error message displayed on the source host is generic and unhelpful.
- For example, a typical error looks like this:
"operation failed: job 'migration out' failed: Sibling indicated error 1.
operation failed: job 'migration in' failed: load of migration failed:
Input/output error"
- Such generic errors are logged using error_report(), which prints to
the console/monitor but does not make the detailed error accessible via
the QMP query-migrate command.
- This change, along with the set of changes of passing errp Error object
to the VM state loading functions, help in addressing the issue.
We use the post_load_errp hook of VMStateDescription to propagate errors
by setting Error **errp objects in case of failure in the TPM backend.
- It can then be retrieved using QMP command:
{"execute" : "query-migrate"}
migration: Add error-parameterized function variants in VMSD struct
- We need to have good error reporting in the callbacks in
VMStateDescription struct. Specifically pre_save, pre_load
and post_load callbacks.
- It is not possible to change these functions everywhere in one
patch, therefore, we introduce a duplicate set of callbacks
with Error object passed to them.
- So, in this commit, we implement 'errp' variants of these callbacks,
introducing an explicit Error object parameter.
- This is a functional step towards transitioning the entire codebase
to the new error-parameterized functions.
- Deliberately called in mutual exclusion from their counterparts,
to prevent conflicts during the transition.
- New impls should preferentally use 'errp' variants of
these methods, and existing impls incrementally converted.
The variants without 'errp' are intended to be removed
once all usage is converted.
migration: Remove error variant of vmstate_save_state() function
This commit removes the redundant vmstate_save_state_with_err()
function.
Previously, commit 969298f9d7 introduced vmstate_save_state_with_err()
to handle error propagation, while vmstate_save_state() existed for
non-error scenarios.
This is because there were code paths where vmstate_save_state_v()
(called internally by vmstate_save_state) did not explicitly set
errors on failure.
This change unifies error handling by
- updating vmstate_save_state() to accept an Error **errp argument.
- vmstate_save_state_v() ensures errors are set directly within the errp
object, eliminating the need for two separate functions.
All calls to vmstate_save_state_with_err() are replaced with
vmstate_save_state(). This simplifies the API and improves code
maintainability.
vmstate_save_state() that only calls vmstate_save_state_v(),
by inference, also has errors set in errp in case of failure.
The errors are reported using error_report_err().
If we want the function to exit on error, then &error_fatal is
passed.
migration: Capture error in postcopy_ram_listen_thread()
This is an incremental step in converting vmstate loading
code to report error via Error objects instead of directly
printing it to console/monitor.
postcopy_ram_listen_thread() calls qemu_loadvm_state_main()
to load the vm, and in case of a failure, it should set the error
in the migration object.
migration: push Error **errp into loadvm_postcopy_handle_switchover_start()
This is an incremental step in converting vmstate loading code to report
error via Error objects instead of directly printing it to console/monitor.
It is ensured that loadvm_postcopy_handle_switchover_start() must report
an error in errp, in case of failure.
Reviewed-by: Fabiano Rosas <farosas@suse.de> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Arun Menon <armenon@redhat.com> Tested-by: Fabiano Rosas <farosas@suse.de> Reviewed-by: Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp> Link: https://lore.kernel.org/r/20250918-propagate_tpm_error-v14-22-36f11a6fb9d3@redhat.com Signed-off-by: Peter Xu <peterx@redhat.com>
migration: push Error **errp into loadvm_process_enable_colo()
This is an incremental step in converting vmstate loading
code to report error via Error objects instead of directly
printing it to console/monitor.
It is ensured that loadvm_process_enable_colo() must report an error
in errp, in case of failure.
migration: Return -1 on memory allocation failure in ram.c
The function colo_init_ram_cache() currently returns -errno if
qemu_anon_ram_alloc() fails. However, the subsequent cleanup loop that
calls qemu_anon_ram_free() could potentially alter the value of errno.
This would cause the function to return a value that does not accurately
represent the original allocation failure.
This commit changes the return value to -1 on memory allocation failure.
This ensures that the return value is consistent and is not affected by
any errno changes that may occur during the free process.
migration: push Error **errp into loadvm_handle_recv_bitmap()
This is an incremental step in converting vmstate loading
code to report error via Error objects instead of directly
printing it to console/monitor.
It is ensured that loadvm_handle_recv_bitmap() must report an error
in errp, in case of failure.
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Fabiano Rosas <farosas@suse.de> Signed-off-by: Arun Menon <armenon@redhat.com> Tested-by: Fabiano Rosas <farosas@suse.de> Reviewed-by: Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp> Link: https://lore.kernel.org/r/20250918-propagate_tpm_error-v14-19-36f11a6fb9d3@redhat.com Signed-off-by: Peter Xu <peterx@redhat.com>
migration: push Error **errp into loadvm_postcopy_ram_handle_discard()
This is an incremental step in converting vmstate loading
code to report error via Error objects instead of directly
printing it to console/monitor.
It is ensured that loadvm_postcopy_ram_handle_discard() must report an error
in errp, in case of failure.
migration: push Error **errp into loadvm_postcopy_handle_run()
This is an incremental step in converting vmstate loading
code to report error via Error objects instead of directly
printing it to console/monitor.
It is ensured that loadvm_postcopy_handle_run() must report an error
in errp, in case of failure.
Reviewed-by: Fabiano Rosas <farosas@suse.de> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Arun Menon <armenon@redhat.com> Tested-by: Fabiano Rosas <farosas@suse.de> Reviewed-by: Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp> Link: https://lore.kernel.org/r/20250918-propagate_tpm_error-v14-17-36f11a6fb9d3@redhat.com Signed-off-by: Peter Xu <peterx@redhat.com>
migration: push Error **errp into loadvm_postcopy_handle_listen()
This is an incremental step in converting vmstate loading
code to report error via Error objects instead of directly
printing it to console/monitor.
It is ensured that loadvm_postcopy_handle_listen() must report an error
in errp, in case of failure.
Reviewed-by: Fabiano Rosas <farosas@suse.de> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Arun Menon <armenon@redhat.com> Tested-by: Fabiano Rosas <farosas@suse.de> Reviewed-by: Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp> Link: https://lore.kernel.org/r/20250918-propagate_tpm_error-v14-16-36f11a6fb9d3@redhat.com Signed-off-by: Peter Xu <peterx@redhat.com>
migration: push Error **errp into loadvm_postcopy_handle_advise()
This is an incremental step in converting vmstate loading
code to report error via Error objects instead of directly
printing it to console/monitor.
It is ensured that loadvm_postcopy_handle_advise() must report an error
in errp, in case of failure.
migration: push Error **errp into ram_postcopy_incoming_init()
This is an incremental step in converting vmstate loading
code to report error via Error objects instead of directly
printing it to console/monitor.
It is ensured that ram_postcopy_incoming_init() must report an error
in errp, in case of failure.
migration: make loadvm_postcopy_handle_resume() void
This is an incremental step in converting vmstate loading
code to report error via Error objects instead of directly
printing it to console/monitor.
Use warn_report() instead of error_report(); it ensures that
a resume command received while the migration is not
in postcopy recover state is not fatal. It only informs that
the command received is unusual, and therefore we should not set
errp with the error string.
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Fabiano Rosas <farosas@suse.de> Signed-off-by: Arun Menon <armenon@redhat.com> Tested-by: Fabiano Rosas <farosas@suse.de> Reviewed-by: Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp> Link: https://lore.kernel.org/r/20250918-propagate_tpm_error-v14-13-36f11a6fb9d3@redhat.com Signed-off-by: Peter Xu <peterx@redhat.com>
migration: Update qemu_file_get_return_path() docs and remove dead checks
The documentation of qemu_file_get_return_path() states that it can
return NULL on failure. However, a review of the current implementation
reveals that it is guaranteed that it will always succeed and will never
return NULL.
As a result, the NULL checks post calling the function become redundant.
This commit updates the documentation for the function and removes all
NULL checks throughout the migration code.
migration: push Error **errp into qemu_loadvm_section_part_end()
This is an incremental step in converting vmstate loading
code to report error via Error objects instead of directly
printing it to console/monitor.
It is ensured that qemu_loadvm_section_part_end() must report an error
in errp, in case of failure.
This patch also removes the setting of errp when errp is NULL in the
out section as it is no longer required in the series.
migration: push Error **errp into qemu_loadvm_section_start_full()
This is an incremental step in converting vmstate loading
code to report error via Error objects instead of directly
printing it to console/monitor.
It is ensured that qemu_loadvm_section_start_full() must report an error
in errp, in case of failure.
migration: push Error **errp into qemu_loadvm_state_main()
This is an incremental step in converting vmstate loading
code to report error via Error objects instead of directly
printing it to console/monitor.
It is ensured that qemu_loadvm_state_main() must report an error
in errp, in case of failure.
Set errp explicitly if it is NULL in case of failure in the out
section. This will be removed in the subsequent patch when all of
the calls are converted to passing errp.
The error message in the default case of qemu_loadvm_state_main()
has the word "savevm". This is removed because it can confuse the
user while reading destination side error logs.
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Fabiano Rosas <farosas@suse.de> Signed-off-by: Arun Menon <armenon@redhat.com> Tested-by: Fabiano Rosas <farosas@suse.de> Reviewed-by: Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp> Link: https://lore.kernel.org/r/20250918-propagate_tpm_error-v14-9-36f11a6fb9d3@redhat.com Signed-off-by: Peter Xu <peterx@redhat.com>
migration: push Error **errp into qemu_load_device_state()
This is an incremental step in converting vmstate loading
code to report error via Error objects instead of directly
printing it to console/monitor.
It is ensured that qemu_load_device_state() must report an error
in errp, in case of failure.
migration: push Error **errp into qemu_loadvm_state()
This is an incremental step in converting vmstate loading
code to report error via Error objects instead of directly
printing it to console/monitor.
It is ensured that qemu_loadvm_state() must report an error
in errp, in case of failure.
When postcopy live migration runs, the device states are loaded by
both the qemu coroutine process_incoming_migration_co() and the
postcopy_ram_listen_thread(). Therefore, it is important that the
coroutine also reports the error in case of failure, with
error_report_err(). Otherwise, the source qemu will not display
any errors before going into the postcopy pause state.
migration: push Error **errp into loadvm_handle_cmd_packaged()
This is an incremental step in converting vmstate loading
code to report error via Error objects instead of directly
printing it to console/monitor.
It is ensured that loadvm_handle_cmd_packaged() must report an error
in errp, in case of failure.
Reviewed-by: Fabiano Rosas <farosas@suse.de> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Arun Menon <armenon@redhat.com> Tested-by: Fabiano Rosas <farosas@suse.de> Reviewed-by: Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp> Link: https://lore.kernel.org/r/20250918-propagate_tpm_error-v14-6-36f11a6fb9d3@redhat.com Signed-off-by: Peter Xu <peterx@redhat.com>
migration: push Error **errp into loadvm_process_command()
This is an incremental step in converting vmstate loading
code to report error via Error objects instead of directly
printing it to console/monitor.
It is ensured that loadvm_process_command() must report an error
in errp, in case of failure.
The errors are temporarily reported using error_report_err().
This is removed in the subsequent patches in this series
when we are actually able to propagate the error to the calling
function.
This is an incremental step in converting vmstate loading
code to report error via Error objects instead of directly
printing it to console/monitor.
It is ensured that vmstate_load() must report an error
in errp, in case of failure.
The errors are temporarily reported using error_report_err().
This is removed in the subsequent patches in this series
when we are actually able to propagate the error to the calling
function.
migration: push Error **errp into qemu_loadvm_state_header()
This is an incremental step in converting vmstate loading
code to report error via Error objects instead of directly
printing it to console/monitor.
It is ensured that qemu_loadvm_state_header() must report an error
in errp, in case of failure.
migration: push Error **errp into vmstate_load_state()
This is an incremental step in converting vmstate loading
code to report error via Error objects instead of directly
printing it to console/monitor.
It is ensured that vmstate_load_state() must report an error
in errp, in case of failure.
The errors are temporarily reported using error_report_err().
This is removed in the subsequent patches in this series,
when we are actually able to propagate the error to the calling
function using errp. Whereas, if we want the function to exit on
error, then error_fatal is passed.
migration: push Error **errp into vmstate_subsection_load()
This is an incremental step in converting vmstate loading
code to report error via Error objects instead of directly
printing it to console/monitor.
It is ensured that vmstate_subsection_load() must report an error
in errp, in case of failure.
The errors are temporarily reported using error_report_err().
This is removed in the subsequent patches in this series,
when we are actually able to propagate the error to the calling
function using errp.
Merge tag 'qtest-20251001-pull-request' of https://gitlab.com/farosas/qemu into staging
Qtest pull request
- Fix for qtest_get_machines QEMU var caching
- Fixes for migration-test in --without-default-devices build
- Preparation patches for cpr-exec test
# -----BEGIN PGP SIGNATURE-----
#
# iQJEBAABCAAuFiEEqhtIsKIjJqWkw2TPx5jcdBvsMZ0FAmjdoeoQHGZhcm9zYXNA
# c3VzZS5kZQAKCRDHmNx0G+wxnUGMEACQuy8eGVnh7ni9rDpJxyyUoKAKlNI9+7c+
# 2bi/e+pT26Od5/ExznVOoDlEFFoogQZiVDqxZ3wBB0SziEn41+Wm8SSV6Tto7eNy
# qqVZuYymWUY+MmAeL7RKY+EuVV3Y1a/2lS+w04dCSQYrWf9rr9AX8xdDDln/ebqm
# F1sUhVKO7PA05O3Sw6M1G32l27r6WCsVRliz46gl5MHmmWe4YRR72Eoi3gTsXIkT
# CiEmT9EjOkHykSkgekiN+jgLiAO1pwcaU7Cf4ENhYouBjW9kL46LCmMS+7pcQ1LG
# 2UuXhR3+Ws0ukAUmcJthMRMssjy0OGr845DjiTmOFnbiiUKX9CysuTIIlM+xbDN4
# m/IomtxXAnEncQcUO4vgv81eyGFRtn/Mx9Zdo/x8dtNc6Lh62zqsMj7lp8sjatR/
# DScPTRCRxAUQiY6YMIrJH38m7XLyIaG+oCzg1+EBllmHLoQTtPE4hQHz4MDRj0RA
# aKAvQsucQ/8LxHV9va4W5epVrdP54Yw040QbTnN5XdH4U06yv4pfpBnCw4RYFPj2
# l5TZSNE2WmjeOfT/FERjJWXEXbvcEWoPZMWOc0r1qYGqEAhIui69n//H28EZ2DAE
# QEzNJLBqu4t7U+pw5h1QW5YFdkVZIfmDOx3+SlA/tNcLTQ/a2gzAWkr0AKIzddH9
# ZOGP6b4wFw==
# =OSa5
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 01 Oct 2025 02:49:30 PM PDT
# gpg: using RSA key AA1B48B0A22326A5A4C364CFC798DC741BEC319D
# gpg: issuer "farosas@suse.de"
# gpg: Good signature from "Fabiano Rosas <farosas@suse.de>" [unknown]
# gpg: aka "Fabiano Almeida Rosas <fabiano.rosas@suse.com>" [unknown]
# gpg: WARNING: The key's User ID is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: AA1B 48B0 A223 26A5 A4C3 64CF C798 DC74 1BEC 319D
* tag 'qtest-20251001-pull-request' of https://gitlab.com/farosas/qemu:
migration-test: strv parameter
migration-test: migrate_args
migration-test: misc exports
migration-test: shm path accessor
migration-test: only_source option
tests/qtest: qtest_init_after_exec
tests/qtest: qtest_qemu_spawn_func
tests/qtest: qtest_create_test_state
tests/qtest: qtest_qemu_args
tests/qtest: export qtest_qemu_binary
tests/qtest: optimize qtest_get_machines
tests/qtest/migration: Fix cpr-tests in case the machine is not available
tests/qtest: Add missing checks for the availability of machines
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Merge tag 'pull-error-2025-09-30-v2' of https://repo.or.cz/qemu/armbru into staging
Error reporting patches for 2025-09-30
# -----BEGIN PGP SIGNATURE-----
#
# iQJGBAABCAAwFiEENUvIs9frKmtoZ05fOHC0AOuRhlMFAmjczNQSHGFybWJydUBy
# ZWRoYXQuY29tAAoJEDhwtADrkYZTX3kP/1doayteIqVfNLYJn8EDIU6ccZgAsdVw
# GLHkxSikaBBzjJoG2ebadGusmX8F5H16/KG4vpilP1WHuIw73QRiCFJduFmfFjU/
# SCagaj58PPZaiNJeydN8dSHIDyLLAbIpI1xqdFObBgVKl37E7nZ2uatjKwopmK69
# iV7y39Xcs6wu4gVsz5IH3FC+CdzctWfjjkZbkk3PeNj+Nt7q22RvbB0Rf30P9SBo
# FWnh3UEDz2VIlnuIFSAAXQfJ0+h2l9L0yZ05RnVyMM8rZ72v393X8h/jgEo0ETHI
# eNnJHh/pKL6I+vq10aM/mMgj5fRsly+CsAmjC+11ULg7ybDUMbEU32Ftqeylo2HS
# ZkGw20egEgzMldC5yELTgTjMPCGF9VWWwNNH9OWM58w9ZCyjDb9wDw1uaHU3Tc15
# TZaBwcCGEc/atRFHfWD66oK/KcDrFnWETr6qi9fPJ2SJxiHjHbJe/eNQaxxrEZCu
# 1OntcQdL46Ef1LeQGzhgLNlKyAxq9V9ybh8gPD4yhCK5NCNub2NvWj/CLlnxGJwH
# JHZRRXvVoBPlIMSMydGPV8RHkfUr4NMgHql5Y+VykheEBcg+ThZ2JSjS7avwzCHM
# 5dSUeV+YcvhQN2sojH4xdnUUJWxAAEM1SirkaHTHWZoDKagfjHu3SEYwNyIIchhi
# BAfRdd94Lxpg
# =tlEf
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 30 Sep 2025 11:40:20 PM PDT
# gpg: using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653
# gpg: issuer "armbru@redhat.com"
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [unknown]
# gpg: aka "Markus Armbruster <armbru@pond.sub.org>" [unknown]
# gpg: WARNING: The key's User ID is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653
* tag 'pull-error-2025-09-30-v2' of https://repo.or.cz/qemu/armbru:
error: Kill @error_warn
ivshmem-flat: Mark an instance of missing error handling FIXME
ui/dbus: Consistent handling of texture mutex failure
ui/dbus: Clean up dbus_update_gl_cb() error checking
ui/pixman: Consistent error handling in qemu_pixman_shareable_free()
util/oslib-win32: Do not treat null @errp as &error_warn
ui/spice-core: Clean up error reporting
net/slirp: Clean up error reporting
hw/remote/vfio-user: Clean up error reporting
migration/cpr: Clean up error reporting in cpr_resave_fd()
hw/cxl: Convert cxl_fmws_link() to Error
tcg: Fix error reporting on mprotect() failure in tcg_region_init()
monitor: Clean up HMP gdbserver error reporting
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Steve Sistare [Wed, 1 Oct 2025 15:34:05 +0000 (08:34 -0700)]
tests/qtest: qtest_init_after_exec
Define a function to create a QTestState object representing the state
of QEMU after old QEMU exec's new QEMU. This is needed for testing
the cpr-exec migration mode.
Steve Sistare [Wed, 1 Oct 2025 15:34:04 +0000 (08:34 -0700)]
tests/qtest: qtest_qemu_spawn_func
Allow the qtest_qemu_spawn caller to pass the function to be called
to perform the spawn. The opaque argument is needed by a new spawn
function in a subsequent patch.
Steve Sistare [Wed, 1 Oct 2025 15:34:02 +0000 (08:34 -0700)]
tests/qtest: qtest_qemu_args
Define an accessor that returns all the arguments used to exec QEMU.
Collect the arguments that were passed to qtest_spawn_qemu, plus the trace
arguments that were composed inside qtest_spawn_qemu, and move them to a
new function qtest_qemu_args.
This will be needed to test the cpr-exec migration mode.
Steve Sistare [Fri, 19 Sep 2025 13:58:30 +0000 (06:58 -0700)]
tests/qtest: optimize qtest_get_machines
qtest_get_machines returns the machines supported by the QEMU binary
described by an environment variable and caches the result. If the
next call to qtest_get_machines passes the same variable name, the cached
result is returned, but if the name changes, the caching is defeated.
To make caching more effective, remember the path of the QEMU binary
instead. Different env vars, eg QTEST_QEMU_BINARY_SRC and
QTEST_QEMU_BINARY_DST, usually resolve to the same path.
Before the optimization, the test /x86_64/migration/precopy/unix/plain
exec's QEMU and calls query-machines 3 times. After optimization, that
only happens once. This does not significantly speed up the tests, but
it reduces QTEST_LOG output, and launches fewer QEMU instances, making
it easier to debug problems.
Thomas Huth [Tue, 30 Sep 2025 09:09:32 +0000 (11:09 +0200)]
tests/qtest/migration: Fix cpr-tests in case the machine is not available
When QEMU has been compiled with "--without-default-devices", the
migration cpr-tests are currently failing since the first test leaves
a socket file behind that avoids that the second test can be initialized
correctly. Make sure that we delete the socket file in case that the
migrate_start() failed due to the missing machine.
Thomas Huth [Tue, 30 Sep 2025 09:04:44 +0000 (11:04 +0200)]
tests/qtest: Add missing checks for the availability of machines
When QEMU has been compiled with "--without-default-devices", the
machines might not be available in the binary. Let's properly check
for the machines before running the tests to avoid that they are
failing in this case.
The syslog backend needs the syslog function from libc and the LOG_INFO enum
value; they are re-exported as "::trace::syslog" and "::trace::LOG_INFO"
so that device crates do not all have to add the libc dependency, but
otherwise there is nothing special.
Signed-off-by: Tanish Desai <tanishdesai37@gmail.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-ID: <20250929154938.594389-17-pbonzini@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Paolo Bonzini [Mon, 29 Sep 2025 15:49:33 +0000 (17:49 +0200)]
rust: pl011: add tracepoints
Finally bring parity between C and Rust versions of the PL011 device model.
Changing some types of the arguments makes for nicer Rust code; C does not
care. :)
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-ID: <20250929154938.594389-12-pbonzini@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Paolo Bonzini [Mon, 29 Sep 2025 15:49:32 +0000 (17:49 +0200)]
rust: qdev: add minimal clock bindings
Add the minimal support that is needed by pl011's event and tracepoint.
Reviewed-by: Zhao Liu <zhao1.liu@intel.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-ID: <20250929154938.594389-11-pbonzini@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The trace crate is a minimal container for dependencies of tracepoints
(so that they do not have to be imported in all the crates that use
tracepoints); it also contains a macro called "include_trace!" that is
able to find the right include file from the trace/ directory.
[Write commit message, add #[allow()]. - Paolo]
Signed-off-by: Tanish Desai <tanishdesai37@gmail.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-ID: <20250929154938.594389-10-pbonzini@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Generating .rs files makes it possible to support tracing in rust.
This support comprises a new format, and common code that converts
the C expressions in trace-events to Rust. In particular, types
need to be converted, and PRI macros expanded.
As of this commit no backend generates Rust code, but it is already
possible to use tracetool to generate Rust sources; they are not
functional but they compile and contain tracepoint functions.
[Move Rust argument conversion from Event to Arguments; string
support. - Paolo]
Signed-off-by: Tanish Desai <tanishdesai37@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-ID: <20250929154938.594389-9-pbonzini@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Use CHECK_TRACE_EVENT_GET_STATE in log, syslog, dtrace and simple
backend, so that the "if (trace_event_get_state)" is created from common
code and unified when multiple backends are active.
When a single backend is active there is no code change (except
for the log backend, as shown in tests/tracetool/log.h), but the
code in the backends is simpler.
Signed-off-by: Tanish Desai <tanishdesai37@gmail.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-ID: <20250929154938.594389-8-pbonzini@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Add a new attribute CHECK_TRACE_EVENT_GET_STATE to the backends.
When present and True, the code generated by the generate function
is wrapped in a conditional that checks whether the event is enabled;
this removes the need for repeating the same conditional in multiple
backends.
Signed-off-by: Tanish Desai <tanishdesai37@gmail.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-ID: <20250929154938.594389-7-pbonzini@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Paolo Bonzini [Mon, 29 Sep 2025 15:49:27 +0000 (17:49 +0200)]
trace/ftrace: move snprintf+write from tracepoints to ftrace.c
This simplifies the Python code and reduces the size of the tracepoints.
Reviewed-by: Manos Pitsidianakis <manos.pitsidianakis@linaro.org> Reviewed-by: Zhao Liu <zhao1.liu@intel.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-ID: <20250929154938.594389-6-pbonzini@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Paolo Bonzini [Mon, 29 Sep 2025 15:49:26 +0000 (17:49 +0200)]
tracetool: add SPDX headers
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-ID: <20250929154938.594389-5-pbonzini@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Paolo Bonzini [Mon, 29 Sep 2025 15:49:24 +0000 (17:49 +0200)]
tracetool: remove dead code
Remove a bunch of dead code from tracetool.
In particular, there are no tcg-exec events anymore and the sub-event
functionality was only used for it.
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-ID: <20250929154938.594389-3-pbonzini@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Paolo Bonzini [Mon, 29 Sep 2025 15:49:23 +0000 (17:49 +0200)]
tracetool: fix usage of try_import()
try_import returns a tuple of a boolean and the requested module or attribute.
exists() functions return tracetool.try_import("tracetool.format." + name)[1]
but they should return the boolean value instead.
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-ID: <20250929154938.594389-2-pbonzini@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
We added @error_warn some two years ago in commit 3ffef1a55ca (error:
add global &error_warn destination). It has multiple issues:
* error.h's big comment was not updated for it.
* Function contracts were not updated for it.
* ERRP_GUARD() is unaware of @error_warn, and fails to mask it from
error_prepend() and such. These crash on @error_warn, as pointed
out by Akihiko Odaki.
All fixable. However, after more than two years, we had just of 15
uses, of which the last few patches removed seven as unclean or
otherwise undesirable, adding back five elsewhere. I didn't look
closely enough at the remaining seven to decide whether they are
desirable or not.
I don't think this feature earns its keep. Drop it.
Thanks-to: Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp> Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Message-ID: <20250923091000.3180122-14-armbru@redhat.com> Reviewed-by: Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp>
ivshmem-flat: Mark an instance of missing error handling FIXME
ivshmem-flat's ivshmem_flat_add_vector() neglects to handle
qemu_set_blocking() failure. It used to silently ignore errors there.
Recent commit 6f607941b1c (treewide: use qemu_set_blocking instead of
g_unix_set_fd_nonblocking) changed it to warn (without mentioning it
the commit message, tsk, tsk, tsk).
Note that ivshmem-pci's process_msg_connect() handles this error.
Add a FIXME comment to mark the missing error handling.
Cc: Gustavo Romero <gustavo.romero@linaro.org> Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20250923091000.3180122-13-armbru@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru> Reviewed-by: Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp>
ui/dbus: Consistent handling of texture mutex failure
We report d3d_texture2d_acquire0() and d3d_texture2d_release0()
failure as error, except in dbus_update_gl_cb(), where we report it as
warning. Report it as error there as well.
Merge tag 'rust-ci-pull-request' of https://gitlab.com/marcandre.lureau/qemu into staging
CI/build-sys fixes for Rust
Collect CI/build-sys patches related to Rust.
# -----BEGIN PGP SIGNATURE-----
#
# iQJQBAABCgA6FiEEh6m9kz+HxgbSdvYt2ujhCXWWnOUFAmjb+PUcHG1hcmNhbmRy
# ZS5sdXJlYXVAcmVkaGF0LmNvbQAKCRDa6OEJdZac5Y3iEAC2C8pc2lPCTGFI+0N/
# eqXwTCeSysbmprhqf3vWXQEke8WgYMGPeZNXqUUnzzRuR5oN7JTy6YNzLCM0jGUp
# QHciTecyPVQjIlWOs+HURqKsrLO2CG1sbWuips1eZ6X8O5KdHLxfFqvyReflEn/z
# G1LHhQEWQzKwR0kj3VVHjyUzeSIJVch8sVONkby4h2DMFO4lHtcrr7VAzKlwKGAt
# kgFgijaLe7xCPktJs7g2x+NfBeRbnQ/3mb3/3pkunx98Dhhis0yTZSyfzlChyVfL
# FwTf/xWgw/0oQ8+c9E/RJz6DVvgjJNASrLumuZWO7HVdDV60cvMwb3xHOcQmAz7t
# +ySKM08jI9lWYIr/tKnwWo1NWFWPzDts0L+M/pRhQ1/pYw8OnYvtwnKd3ClEVRbp
# dYcKRE97t3L8BbWyB5hTvTc0V0IVbOOhfDVZfG/IPqxIKWHeCGLL2PiyKGBgfU2M
# V4okrMbGqWH72HZbLUpMYcaaK9lVv6ng/3AH817giJVnCuNO06m420/7Q8WcX68o
# foIeTbL83h8KCqi8pGCJUW9Wz3/wIk3AYkUKwdISswCL6nSgt7pk7K1fnFwGI4bu
# PqzQITelnRUK0TOvqzbDi6Y3j0p06/bc4TAHoI76Yzi3iUrQL0ynOAFFf6Wk13p9
# EnMAlnsrY9kyJrCMU66lroU/RQ==
# =rMSk
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 30 Sep 2025 08:36:21 AM PDT
# gpg: using RSA key 87A9BD933F87C606D276F62DDAE8E10975969CE5
# gpg: issuer "marcandre.lureau@redhat.com"
# gpg: Good signature from "Marc-André Lureau <marcandre.lureau@redhat.com>" [unknown]
# gpg: aka "Marc-André Lureau <marcandre.lureau@gmail.com>" [unknown]
# gpg: WARNING: The key's User ID is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 87A9 BD93 3F87 C606 D276 F62D DAE8 E109 7596 9CE5
* tag 'rust-ci-pull-request' of https://gitlab.com/marcandre.lureau/qemu: (23 commits)
build-sys: pass -fvisibility=default for wasm bindgen
build-sys: deprecate mips host
meson: rust-bindgen limit allowlist-file to srcdir/include
tests/freebsd: enable Rust
configure: set the meson executable suffix/ext
tests/lcitool: enable rust & refresh
tests/docker: add ENABLE_RUST environment
tests/lcitool: update to debian13
tests/lcitool: add missing rust-std dep
lcitool/alpine: workaround bindgen issue
lcitool/qemu: include libclang-rt for TSAN
lcitool: update, switch to f41
build-sys: cfi_debug and safe_stack are not compatible
tests/docker/common: print meson log on configure failure
tests/docker: use fully qualified image name for emsdk
tests/docker/common: print errors to stderr
configure: set the bindgen cross target
configure: fix rust meson configuration
scripts/archive-source: use a bash array
scripts/archive-source: silence subprojects downloads
...
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Merge tag 'ui-pull-request' of https://gitlab.com/marcandre.lureau/qemu into staging
UI-related
Fixes for gtk, sdl2, spice UI backends.
# -----BEGIN PGP SIGNATURE-----
#
# iQJQBAABCgA6FiEEh6m9kz+HxgbSdvYt2ujhCXWWnOUFAmjbjIEcHG1hcmNhbmRy
# ZS5sdXJlYXVAcmVkaGF0LmNvbQAKCRDa6OEJdZac5Q70EACGm3PbuN9NAn0xOxTR
# +uBftfnsdSFuksh6NpTi9IxHrP75VMtepBsxpS1F0HWjKBIvTcSvNMdVIOUyfSWo
# zCT9nIMX0Wk7NKdHRwayW/EQGOrZrbGcI/jwCg0BvfgfTyi1SNQnNCQOH2swG5rz
# gZr6/53PQGrva0cM1PooaqZRGRG+3aPLuMAt2aS3ZDtHNTT6WN5KrvtmNGck8OCL
# uLcsc25WPH1sWQ2yfxj66L+GLdDO0GXAAa88XoBDpnIVrbGiply5tdZlMz4QRjYB
# nxMwTgsFfWSZgCnWie83YhmKPsYcKVinulieUKygS18+VVz0rUEJtsDPjlsyA9Uc
# LP6zgYP0RV9knLfImfpevE5AGtw8FwjV0wlqg30+hNOyZXmpWzyWSN6Kwu72GIIu
# Ox1cY03bxkhGz8KlYqdcGrkxm7SZIEH8IoSoAisRwSA6AchxTT8c8qgeAv5jgk4d
# SrZoAgrgxK70UjuvYRW0ukE5MegXIfZMmKFa254b8zfnlFNSF10LwOiqXsw20IPl
# SGvbTjEkEw/sJlPAZdUr4tEH/Xu1f3OLy4zH2gJiHlHMbgR1ndKiA3JUTpTytOne
# nERTCPX1vXURI27l3JY6hu1NJuy+k+DZE9K/gPFMXnrQk1Ma7qIVyUqPDUOK2WtV
# 8gISszSdbQl6mNxvMjiyy52eZg==
# =7A6g
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 30 Sep 2025 12:53:37 AM PDT
# gpg: using RSA key 87A9BD933F87C606D276F62DDAE8E10975969CE5
# gpg: issuer "marcandre.lureau@redhat.com"
# gpg: Good signature from "Marc-André Lureau <marcandre.lureau@redhat.com>" [unknown]
# gpg: aka "Marc-André Lureau <marcandre.lureau@gmail.com>" [unknown]
# gpg: WARNING: The key's User ID is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 87A9 BD93 3F87 C606 D276 F62D DAE8 E109 7596 9CE5
* tag 'ui-pull-request' of https://gitlab.com/marcandre.lureau/qemu:
ui/icons/qemu.svg: Add metadata information (author, license) to the logo
ui/sdl2: fix reset scaling binding to be consistent with gtk
ui/spice: fix crash when disabling GL scanout on
ui/spice: Fix abort on macOS
gtk: Skip drawing if console surface is NULL
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
meson: rust-bindgen limit allowlist-file to srcdir/include
gitlab CI restricts usage of directories for the build environment and
cache. Msys64 is installed under project root ($srcdir/msys64). This
confuses rust-bindgen allowlist-file which will generate bindings for
all the system include headers under msys64/.
blocklist-file is also too strict, as it prevents generating all the
recursively dependent types coming from system includes.
Instead, let's not use allowlist-file from the project root,
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20250924120426.2158655-17-marcandre.lureau@redhat.com>
build-sys: cfi_debug and safe_stack are not compatible
It fails to link on fedora >= 41:
/usr/bin/ld: /usr/bin/../lib/clang/20/lib/x86_64-redhat-linux-gnu/libclang_rt.safestack.a(safestack.cpp.o): in function `__sanitizer_internal_memcpy':
(.text.__sanitizer_internal_memcpy+0x0): multiple definition of `__sanitizer_internal_memcpy'; /usr/bin/../lib/clang/20/lib/x86_64-redhat-linux-gnu/libclang_rt.ubsan_standalone.a(sanitizer_libc.cpp.o):(.text.__sanitizer_internal_memcpy+0x0): first defined here
/usr/bin/ld: /usr/bin/../lib/clang/20/lib/x86_64-redhat-linux-gnu/libclang_rt.safestack.a(safestack.cpp.o): in function `__sanitizer_internal_memmove':
(.text.__sanitizer_internal_memmove+0x0): multiple definition of `__sanitizer_internal_memmove'; /usr/bin/../lib/clang/20/lib/x86_64-redhat-linux-gnu/libclang_rt.ubsan_standalone.a(sanitizer_libc.cpp.o):(.text.__sanitizer_internal_memmove+0x0): first defined here
/usr/bin/ld: /usr/bin/../lib/clang/20/lib/x86_64-redhat-linux-gnu/libclang_rt.safestack.a(safestack.cpp.o): in function `__sanitizer_internal_memset':
(.text.__sanitizer_internal_memset+0x0): multiple definition of `__sanitizer_internal_memset'; /usr/bin/../lib/clang/20/lib/x86_64-redhat-linux-gnu/libclang_rt.ubsan_standalone.a(sanitizer_libc.cpp.o):(.text.__sanitizer_internal_memset+0x0): first defined here
cfi_debug seems to pull ubsan which has conflicting symbols with safe_stack.
See also: https://bugzilla.redhat.com/show_bug.cgi?id=2397265
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-ID: <20250924120426.2158655-12-marcandre.lureau@redhat.com>
tests/docker: use fully qualified image name for emsdk
Without it, at least it fails with podman on fc42:
[1/6] STEP 1/15: FROM emscripten/emsdk:3.1.50 AS build-base
Error: creating build container: short-name resolution enforced but cannot prompt without a TTY
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
Message-ID: <20250924120426.2158655-10-marcandre.lureau@redhat.com>
It was incorrectly set on the [host_machine] and caused error:
File "/tmp/qemu-test/build/pyvenv/lib/python3.11/site-packages/mesonbuild/envconfig.py", line 281, in from_literal
assert all(isinstance(v, str) for v in raw.values()), 'for mypy'
AssertionError: for mypy
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-ID: <20250924120426.2158655-7-marcandre.lureau@redhat.com>
build-sys: require -lrt when no shm_open() in std libs
Fail during configure time if the shm functions are missing, as required
by oslib-posix.c. Note, we could further check the presence of the
function in librt.
This is a minor cleanup/improvement.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-ID: <20250924120426.2158655-2-marcandre.lureau@redhat.com>
ui/dbus: Clean up dbus_update_gl_cb() error checking
From GLib "Rules for use of GError":
A GError* must be initialized to NULL before passing its address
to a function that can report errors.
dbus_update_gl_cb() seemingly violates this rule: it passes &err to
qemu_dbus_display1_listener_call_update_dmabuf_finish() and to
qemu_dbus_display1_listener_win32_d3d11_call_update_texture2d_finish()
without clearing it in between. Harmless, because the first call is
guarded by #ifdef CONFIG_GBM, the second by #ifdef WIN32, and the two
are mutually exclusive. I think.
ui/pixman: Consistent error handling in qemu_pixman_shareable_free()
qemu_pixman_shareable_free() wraps around either qemu_memfd_free() or
qemu_win32_map_free(). The former reports trouble as error, with
error_report(), then succeeds. The latter reports it as warning (we
pass it &error_warn), then succeeds.
util/oslib-win32: Do not treat null @errp as &error_warn
qemu_socket_select() and its wrapper qemu_socket_unselect() treat a
null @errp as &error_warn. This is wildly inappropriate. A caller
passing null @errp specifies that errors are to be ignored. If
warnings are wanted, the caller must pass &error_warn.
Change callers to do that, and drop the inappropriate treatment of
null @errp.
This assumes that warnings are wanted. I'm not familiar with the
calling code, so I can't say whether it will work when the socket is
invalid, or WSAEventSelect() fails. If it doesn't, then this should
be an error instead of a warning. Invalid socket might even be a
programming error.
These warnings were introduced in commit f5fd677ae7cf (win32/socket:
introduce qemu_socket_select() helper). I considered reverting to
silence, but Daniel Berrangé asked for the warnings to be preserved.
Cc: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20250923091000.3180122-9-armbru@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp>
watch_add() reports _open_osfhandle() failure with
error_setg(&error_warn, ...). error_setg_win32(&error_warn, ...) is
undesirable just like error_setg(&error_fatal, ...) and
error_setg(&error_abort, ...) are. Replace by warn_report().
The failure should probably be an error, but this function implements
a callback that doesn't take Error **. I believe the failure will
make spice_server_init() fail in qemu_spice_init(), which is treated
as a fatal error. The warning here provides more detail than the
error message there.
net_slirp_register_poll_sock() and net_slirp_unregister_poll_sock()
report WSAEventSelect() failure with error_setg(&error_warn, ...).
error_setg_win32(&error_warn, ...) is undesirable just like
error_setg(&error_fatal, ...) and error_setg(&error_abort, ...) are.
Replace by warn_report().
The failures should probably be errors, but these functions implement
callbacks that cannot fail, exit(1) would be too harsh, and silent
failure we don't want. Thus, warnings.
VFU_OBJECT_ERROR() reports the error with error_setg(&error_abort,
...) when auto-shutdown is enabled, else with error_report().
Issues:
1. The error is serious enough to warrant aborting the process when
auto-shutdown is enabled, yet harmless enough to permit carrying on
when it's disabled. This makes no sense to me.
2. Like assert(), &error_abort is strictly for programming errors. Is
this one? Vladimir Sementsov-Ogievskiy tells me it's not. Should we
exit(1) instead?
3. qapi/error.h advises "don't error_setg(&error_abort, ...), use
assert()."
This patch addresses just 3. It adds a FIXME comment for the other
two.
Cc: Jagannathan Raman <jag.raman@oracle.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20250923091000.3180122-6-armbru@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
[FIXME comment added, commit message adjusted accordingly] Reviewed-by: Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp>
Functions that use an Error **errp parameter to return errors should
not also report them to the user, because reporting is the caller's
job. When the caller does, the error is reported twice. When it
doesn't (because it recovered from the error), there is no error to
report, i.e. the report is bogus.
cxl_fmws_link_targets() violates this principle: it calls
error_setg(&error_fatal, ...) via cxl_fmws_link(). Goes back to
commit 584f722eb3ab (hw/cxl: Make the CXL fixed memory windows
devices.) Currently harmless, because cxl_fmws_link_targets()'s
callers always pass &error_fatal. Clean this up by converting
cxl_fmws_link() to Error.
Also change its return value on error from 1 to -1 to conform to the
rules laid in qapi/error.h. It's call chain cxl_fmws_link_targets()
via object_child_foreach_recursive() is fine with that.
Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Jonathan Cameron <jonathan.cameron@huawei.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20250923091000.3180122-4-armbru@redhat.com> Reviewed-by: Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp>
tcg: Fix error reporting on mprotect() failure in tcg_region_init()
tcg_region_init() calls one of qemu_mprotect_rwx(),
qemu_mprotect_rw(), and mprotect(), then reports failure with
error_setg_errno(&error_fatal, errno, ...).
The use of &error_fatal is undesirable. qapi/error.h advises:
* Please don't error_setg(&error_fatal, ...), use error_report() and
* exit(), because that's more obvious.
The use of errno is wrong. qemu_mprotect_rwx() and qemu_mprotect_rw()
wrap around qemu_mprotect__osdep(). qemu_mprotect__osdep() calls
mprotect() on POSIX, VirtualProtect() on Windows, and reports failure
with error_report(). VirtualProtect() doesn't set errno. mprotect()
does, but error_report() may clobber it.
Fix tcg_region_init() to report errors only when it calls mprotect(),
and rely on qemu_mprotect_rwx()'s and qemu_mprotect_rw()'s error
reporting otherwise. Use error_report(), not error_setg().
Fixes: 22c6a9938f75 (tcg: Merge buffer protection and guard page protection) Fixes: 6bc144237a85 (tcg: Use Error with alloc_code_gen_buffer) Cc: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20250923091000.3180122-3-armbru@redhat.com> Reviewed-by: Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp>
HMP command gdbserver used to emit two error messages for certain
errors. For instance, with -M none:
(qemu) gdbserver
gdbstub: meaningless to attach gdb to a machine without any CPU.
Could not open gdbserver on device 'tcp::1234'
The first message is the specific error, and the second one a generic
additional message that feels superfluous to me.
Commit c0e6b8b798b (system: propagate Error to gdbserver_start (and
other device setups)) turned the first message into a warning:
warning: gdbstub: meaningless to attach gdb to a machine without any CPU.
Could not open gdbserver on device 'tcp::1234'
This is arguably worse.
hmp_gdbserver() passes &error_warn to gdbserver_start(), so that
failure gets reported as warning, and then additionally emits the
generic error on failure. This is a misuse of &error_warn.
Instead, receive the error in &err and report it, as usual. With
this, gdbserver reports just the error:
gdbstub: meaningless to attach gdb to a machine without any CPU.
Cc: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-ID: <20250923091000.3180122-2-armbru@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp>
Thomas Huth [Tue, 30 Sep 2025 07:14:18 +0000 (09:14 +0200)]
ui/icons/qemu.svg: Add metadata information (author, license) to the logo
We've got two versions of the QEMU logo in the repository, one with
the whole word "QEMU" (pc-bios/qemu_logo.svg) and one that only contains
the letter "Q" (ui/icons/qemu.svg). While qemu_logo.svg contains the
proper metadata with license and author information, this is missing
from the ui/icons/qemu.svg file. Copy the meta data there so that
people have a chance to know the license of the file if they only
look at the qemu.svg file.
When spice_qxl_gl_scanout2() isn't available, the fallback code
incorrectly handles NULL arguments to disable the scanout, leading to:
Program terminated with signal SIGSEGV, Segmentation fault.
#0 spice_server_gl_scanout (qxl=0x55a25ce57ae8, fd=0x0, width=0, height=0, offset=0x0, stride=0x0, num_planes=0, format=0, modifier=72057594037927935, y_0_top=0)
at ../ui/spice-display.c:983
983 if (num_planes <= 1) {
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2391334 Fixes: 98a050ca93afd8 ("ui/spice: support multi plane dmabuf scanout") Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Message-Id: <20250903193818.2460914-1-marcandre.lureau@redhat.com>
projects / thirdparty / qemu.git / log
