* tag 'pull-misc-20250916' of https://gitlab.com/rth7680/qemu:
.gitmodules: move u-boot mirrors to qemu-project-mirrors
tests/functional/x86_64: Accept a few locked pages in test_memlock.py
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Merge tag 'mem-staging-pull-request' of https://gitlab.com/peterx/qemu into staging
Memory pull for 10.2
- Peter's fix on flatview_access_allowed()
- Peter's fix on MR circular ref
# -----BEGIN PGP SIGNATURE-----
#
# iIgEABYKADAWIQS5GE3CDMRX2s990ak7X8zN86vXBgUCaMg4oxIccGV0ZXJ4QHJl
# ZGhhdC5jb20ACgkQO1/MzfOr1wYeLAD+LQ44LdRTjbdlAbDjSNnCorfEBFUmNysK
# St4ut4Z9ZzAA+gK8DO12zc41Oi51NaBdD+X0s94DCV4UFl4Cz1D8HoIF
# =hAUJ
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 15 Sep 2025 09:02:43 AM PDT
# gpg: using EDDSA key B9184DC20CC457DACF7DD1A93B5FCCCDF3ABD706
# gpg: issuer "peterx@redhat.com"
# gpg: Good signature from "Peter Xu <xzpeter@gmail.com>" [unknown]
# gpg: aka "Peter Xu <peterx@redhat.com>" [unknown]
# gpg: WARNING: The key's User ID is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: B918 4DC2 0CC4 57DA CF7D D1A9 3B5F CCCD F3AB D706
* tag 'mem-staging-pull-request' of https://gitlab.com/peterx/qemu:
memory: Fix leaks due to owner-shared MRs circular references
memory: Fix addr/len for flatview_access_allowed()
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Alex Bennée [Mon, 8 Sep 2025 14:19:11 +0000 (15:19 +0100)]
.gitmodules: move u-boot mirrors to qemu-project-mirrors
To continue our GitLab Open Source Program license we need to pass an
automated license check for all repos under qemu-project. While U-Boot
is clearly GPLv2 rather than fight with the automated validation
script just move the mirror across to a separate project.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Suggested-by: Daniel P. Berrangé <berrange@redhat.com> Cc: qemu-stable@nongnu.org Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20250908141911.2546063-1-alex.bennee@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
tests/functional/x86_64: Accept a few locked pages in test_memlock.py
Startup of libgcrypt locks a small pool of pages -- by default 16k.
Testing for zero locked pages is isn't correct, while testing for
32k is a decent compromise.
Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Of most importance is that this gives us a heads-up if anything
we rely on has been deprecated. The default python behaviour
only emits a warning if triggered from __main__ which is very
limited.
Setting the env variable further ensures that any python child
processes will also display warnings.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
The iotest 151 creates a bunch of subprocesses, with their stdout
connected to a pipe but never reads any data from them and does
not gurantee the processes are killed on cleanup.
This triggers resource leak warnings from python when the
subprocess.Popen object is garbage collected.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
python: ensure QEMUQtestProtocol closes its socket
While QEMUQtestMachine closes the socket that was passed to
QEMUQtestProtocol, the python resource leak manager still
believes that the copy QEMUQtestProtocol holds is open. We
must explicitly call close to avoid this leak warnnig.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
John Snow [Tue, 26 Aug 2025 17:04:50 +0000 (13:04 -0400)]
python: synchronize qemu.qmp documentation
This patch collects comments and documentation changes from many commits
in the python-qemu-qmp repository; bringing the qemu.git copy in
bit-identical alignment with the standalone library *except* for several
copyright messages that reference the "LICENSE" file which is, for QEMU,
named "COPYING" instead and are therefore left unchanged.
Signed-off-by: John Snow <jsnow@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
John Snow [Wed, 3 Sep 2025 05:06:30 +0000 (01:06 -0400)]
python: backport 'avoid creating additional event loops per thread'
This commit is two backports squashed into one to avoid regressions.
python: *really* remove get_event_loop
A prior commit, aa1ff990, switched away from using get_event_loop *by
default*, but this is not good enough to avoid deprecation warnings as
`asyncio.get_event_loop_policy().get_event_loop()` is *also*
deprecated. Replace this mechanism with explicit calls to
asyncio.get_new_loop() and revise the cleanup mechanisms in __del__ to
match.
python: avoid creating additional event loops per thread
"Too hasty by far!", commit 21ce2ee4 attempted to avoid deprecated
behavior altogether by calling new_event_loop() directly if there was no
loop currently running, but this has the unfortunate side effect of
potentially creating multiple event loops per thread if tests
instantiate multiple QMP connections in a single thread. This behavior
is apparently not well-defined and causes problems in some, but not all,
combinations of Python interpreter version and platform environment.
Partially revert to Daniel Berrange's original patch, which calls
get_event_loop and simply suppresses the deprecation warning in
Python<=3.13. This time, however, additionally register new loops
created with new_event_loop() so that future calls to get_event_loop()
will return the loop already created.
Reported-by: Richard W.M. Jones <rjones@redhat.com> Reported-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: John Snow <jsnow@redhat.com>
cherry picked from commit python-qemu-qmp@21ce2ee4f2df87efe84a27b9c5112487f4670622
cherry picked from commit python-qemu-qmp@c08fb82b38212956ccffc03fc6d015c3979f42fe Signed-off-by: John Snow <jsnow@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
This method was deprecated in 3.12 because it ordinarily should not be
used from coroutines; if there is not a currently running event loop,
this automatically creates a new event loop - which is usually not what
you want from code that would ever run in the bottom half.
In our case, we do want this behavior in two places:
(1) The synchronous shim, for convenience: this allows fully sync
programs to use QEMUMonitorProtocol() without needing to set up an event
loop beforehand. This is intentional to fully box in the async
complexities into the legacy sync shim.
(2) The qmp_tui shell; instead of relying on asyncio.run to create and
run an asyncio program, we need to be able to pass the current asyncio
loop to urwid setup functions. For convenience, again, we create one if
one is not present to simplify the creation of the TUI appliance.
The remaining user of get_event_loop() was in fact one of the erroneous
users that should not have been using this function: if there's no
running event loop inside of a coroutine, you're in big trouble :)
Signed-off-by: John Snow <jsnow@redhat.com>
cherry picked from commit python-qemu-qmp@aa1ff9907603a3033296027e1bd021133df86ef1 Signed-off-by: John Snow <jsnow@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
John Snow [Fri, 22 Jul 2022 19:55:45 +0000 (15:55 -0400)]
python: backport 'qmp-tui: Do not crash if optional dependencies are not met'
Based on the discussion at https://github.com/pypa/pip/issues/9726 -
even though the setuptools documentation implies that it is possible to
guard script execution with optional dependency groups, this is not true
in practice with the scripts generated by pip.
Just do the simple thing and guard the import statements.
Signed-off-by: John Snow <jsnow@redhat.com>
cherry picked from commit python-qemu-qmp@df520dcacf9a75dd4c82ab1129768de4128b554c Signed-off-by: John Snow <jsnow@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
cherry picked from commit python-qemu-qmp@9c889dcbd58817b0c917a9d2dd16161f48ac8203 Signed-off-by: John Snow <jsnow@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
This is not strictly needed functionality-wise, but doing this allows
sphinx to see which decorated methods are async. Without this, sphinx
misses the "async" classifier on generated docs, which ... for an async
library, isn't great.
It does make an already gnarly function even gnarlier, though.
So, what's going on here?
A synchronous function (like require() before this patch) can return a
coroutine that can be awaited on, for example:
However, this function is not considered to be an "async" function in
the eyes of the abstract syntax tree. Specifically,
some_func.__code__.co_flags will not be set with CO_COROUTINE.
The interpreter uses this flag to know if it's legal to use "await" from
within the body of the function. Since this function is just wrapping
another function, it doesn't matter much for the decorator, but sphinx
uses the stdlib inspect.iscoroutinefunction() to determine when to add
the "async" prefix in generated output. This function uses the presence
of CO_COROUTINE.
So, in order to preserve the "async" flag for docs, the require()
decorator needs to differentiate based on whether it is decorating a
sync or async function and use a different wrapping mechanism
accordingly.
Phew.
Signed-off-by: John Snow <jsnow@redhat.com>
cherry picked from commit python-qemu-qmp@40aa9699d619849f528032aa456dd061a4afa957 Signed-off-by: John Snow <jsnow@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Expose the limit parameter of the underlying StreamReader and StreamWriter
instances.
This is helpful for the use case of transferring files in and out of a VM
via the QEMU guest agent's guest-file-open, guest-file-read, guest-file-write,
and guest-file-close methods, as it allows pushing the buffer size up to the
guest agent's limit of 48MB per transfer.
Signed-off-by: Adam Dorsey <adam@dorseys.email>
cherry picked from commit python-qemu-qmp@9ba6a698344eb3b570fa4864e906c54042824cd6
cherry picked from commit python-qemu-qmp@e4d0d3f835d82283ee0e48438d1b154e18303491
[Squashed in linter fixups. --js] Signed-off-by: John Snow <jsnow@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
John Snow [Fri, 22 Jul 2022 17:59:19 +0000 (13:59 -0400)]
python: backport 'qmp-shell: add common_parser()'
Signed-off-by: John Snow <jsnow@redhat.com>
cherry picked from commit python-qemu-qmp@20a88c2471f37d10520b2409046d59e1d0f1e905 Signed-off-by: John Snow <jsnow@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
John Snow [Tue, 6 Jun 2023 17:45:44 +0000 (13:45 -0400)]
python: backport 'Use @asynciocontextmanager'
This removes a non-idiomatic use of a "coroutine callback" in favor of
something a bit more standardized.
Signed-off-by: John Snow <jsnow@redhat.com>
cherry picked from commit python-qemu-qmp@commit 97f7ffa3be17a50544b52767d14b6fd478c07b9e Signed-off-by: John Snow <jsnow@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
John Snow [Tue, 6 Jun 2023 17:19:11 +0000 (13:19 -0400)]
python: backport 'drop Python3.6 workarounds'
Now that the minimum version is 3.7, drop some of the 3.6-specific hacks
we've been carrying. A single remaining compatibility hack concerning
3.6's lack of @asynccontextmanager is addressed in the following commit.
Signed-off-by: John Snow <jsnow@redhat.com>
cherry picked from commit python-qemu-qmp@3e8e34e594cfc6b707e6f67959166acde4b421b8 Signed-off-by: John Snow <jsnow@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
John Snow [Fri, 22 Jul 2022 20:30:05 +0000 (16:30 -0400)]
python: backport 'protocol: adjust logging name when changing client name'
The client name is mutable, so the logging name should also change to
reflect it when it changes.
Signed-off-by: John Snow <jsnow@redhat.com>
cherry picked from commit python-qemu-qmp@e10b73c633ce138ba30bc8beccd2ab31989eaf3d Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
John Snow [Tue, 3 May 2022 18:07:10 +0000 (14:07 -0400)]
python: backport 'kick event queue on legacy event_pull()'
This corrects an oversight in qmp-shell operation where new events will
not accumulate in the event queue when pressing "enter" with an empty
command buffer, so no new events show up.
Reported-by: Jag Raman <jag.raman@oracle.com> Signed-off-by: John Snow <jsnow@redhat.com>
cherry picked from commit python-qemu-qmp@0443582d16cf9efd52b2c41a7b5be7af42c856cd Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
When the object is not stateful, this repr method prints what you'd
expect. In cases where there are pending events, the output is augmented
to illustrate that.
The object itself has no idea if it's "active" or not, so it cannot
convey that information.
Signed-off-by: John Snow <jsnow@redhat.com>
cherry picked from commit python-qemu-qmp@8a6f2e136dae395fec8aa5fd77487cfe12d9e05e Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
John Snow [Fri, 22 Jul 2022 18:23:37 +0000 (14:23 -0400)]
python: backport 'Change error classes to have better repr methods'
By passing all of the arguments to the base class and overriding the
__str__ method when we want a different "human readable" message that
isn't just printing the list of arguments, we can ensure that all custom
error classes have a reasonable __repr__ implementation.
In the case of ExecuteError, the pseudo-field that isn't actually
correlated to an input argument can be re-imagined as a read-only
property; this forces consistency in the class and makes the repr output
more obviously correct.
Signed-off-by: John Snow <jsnow@redhat.com>
cherry picked from commit python-qemu-qmp@afdb7893f3b34212da4259b7202973f9a8cb85b3 Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Peter Xu [Thu, 21 Aug 2025 16:59:02 +0000 (12:59 -0400)]
memory: Fix leaks due to owner-shared MRs circular references
Currently, QEMU refcounts the MR by always taking it from the owner.
It's common that one object will have multiple MR objects embeded in the
object itself. All the MRs in this case share the same lifespan of the
owner object.
It's also common that in the instance_init() of an object, MR A can be a
container of MR B, C, D, by using memory_region_add_subregion*() set of
memory region APIs.
Now we have a circular reference issue, as when adding subregions for MR A,
we essentially incremented the owner's refcount within the instance_init(),
meaning the object will be self-boosted and its refcount can never go down
to zero if the MRs won't get detached properly before object's finalize().
Delete subregions within object's finalize() won't work either, because
finalize() will be invoked only if the refcount goes to zero first. What
is worse, object_finalize() will do object_property_del_all() first before
object_deinit(). Since embeded MRs will be properties of the owner object,
it means they'll be freed _before_ the owner's finalize().
To fix that, teach memory API to stop refcount on MRs that share the same
owner. Because if they share the lifecycle of the owner, then they share
the same lifecycle between themselves, hence the refcount doesn't help but
only introduce troubles.
Meanwhile, allow auto-detachments of MRs during finalize() of MRs even
against its container, as long as they belong to the same owner.
The latter is needed because now it's possible to have MRs' finalize()
happen in any order when they share the same lifespan with a same owner.
In this case, we should allow finalize() to happen in any order of either
the parent or child MR. Loose the mr->container check in MR's finalize()
to allow auto-detach. Double check it shares the same owner.
Proper document this behavior in code.
This patch is heavily based on the work done by Akihiko Odaki:
Peter Xu [Wed, 3 Sep 2025 14:29:32 +0000 (10:29 -0400)]
memory: Fix addr/len for flatview_access_allowed()
flatview_access_allowed() should pass in the address offset of the memory
region, rather than the global address space. Shouldn't be a major issue
yet, since the addr is only used in an error log.
Cc: Philippe Mathieu-Daudé <philmd@linaro.org> Fixes: 3ab6fdc91b ("softmmu/physmem: Introduce MemTxAttrs::memory field and MEMTX_ACCESS_ERROR") Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: David Hildenbrand <david@redhat.com> Link: https://lore.kernel.org/r/20250903142932.1038765-1-peterx@redhat.com Signed-off-by: Peter Xu <peterx@redhat.com>
Peter Maydell [Thu, 11 Sep 2025 11:41:01 +0000 (12:41 +0100)]
Merge tag 'pull-request-2025-09-09' of https://gitlab.com/thuth/qemu into staging
* Silence warnings from the undefined-behaviour sanitizer
* Many small improvements to various functional tests
* Remove remainders from storing avocado artifacts in the Gitlab CI
* Keep more meson log files as artifacts in the Gitlab CI instead
* Re-enable -fzero-call-used-regs on OpenBSD
* tag 'pull-request-2025-09-09' of https://gitlab.com/thuth/qemu: (23 commits)
tests/functional: purge scratch dir on test startup
tests/functional: avoid tearDown failure when QEMU dies
tests/functional: avoid duplicate messages on failures
tests/functional: fix infinite loop on console EOF
tests/functional: add vm param to cmd.py helpers
tests/functional: return output from cmd.py helpers
gitlab: prevent duplicated meson log artifacts in test jobs
gitlab: include all junit XML files from meson
gitlab: always include entire of meson-logs directory
gitlab: replace avocado results files with meson results files
tests/functional/arm: Update test ASPEED SDK v09.07 for AST2700 vbootrom
tests/functional/arm: Update test ASPEED SDK v09.07 for AST2600
tests/functional/arm: Update test ASPEED SDK v09.07 for AST2500
tests/functional/arm: Update test ASPEED SDK v03.02 for AST1030
tests/functional: handle URLError when fetching assets
tests/functional: fix formatting of exception args
tests/functional: enable force refresh of cached assets
tests/functional/m68k: Avoid ResourceWarning in the nextcube test
ui/vnc: Fix crash when specifying [vnc] without id in the config file
system/physmem: Silence warning from ubsan
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Thu, 11 Sep 2025 11:40:38 +0000 (12:40 +0100)]
Merge tag 'pull-vfio-20250908' of https://github.com/legoater/qemu into staging
vfio queue:
* Large refactor of the VFIO code to use QOM casts and follow the
current coding style guidelines
* Removal of the deprecated vfio-platform, vfio-calxeda-xgmac and
vfio-amd-xgbe devices
* Fail with error if dma_max_mappings limit is hit
* Added 'x-pci-class-code' property to vfio-user-pci device
* Added a new helper to retrieve a VFIOPCIDevice from a VFIODevice
* Fixed IGD OpRegion detection
* tag 'pull-vfio-20250908' of https://github.com/legoater/qemu: (31 commits)
vfio/pci.h: rename VFIOPCIDevice pdev field to parent_obj
s390x/s390-pci-vfio.c: use QOM casts where appropriate
vfio-user/pci.c: use QOM casts where appropriate
vfio/igd.c: use QOM casts where appropriate
vfio/cpr.c: use QOM casts where appropriate
vfio/pci-quirks.c: use QOM casts where appropriate
vfio/pci.c: use QOM casts where appropriate
vfio/pci.h: update VFIOPCIDevice declaration
vfio-user/pci.c: rename VFIOUserPCIDevice device field to parent_obj
vfio-user/pci.c: use QOM casts where appropriate
vfio-user/pci.c: update VFIOUserPCIDevice declaration
vfio-user/container.h: rename VFIOUserContainer bcontainer field to parent_obj
vfio/container.c: use QOM casts where appropriate
vfio-user/container.h: update VFIOUserContainer declaration
vfio/vfio-container.h: rename VFIOContainer bcontainer field to parent_obj
vfio/spapr.c: use QOM casts where appropriate
ppc/spapr_pci_vfio.c: use QOM casts where appropriate
hw/vfio/container.c: use QOM casts where appropriate
hw/vfio/cpr-legacy.c: use QOM casts where appropriate
vfio/vfio-container.h: update VFIOContainer declaration
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
tests/functional: purge scratch dir on test startup
The test suite purges the scratch dir in the tearDown method, but
if python crashes (or is non-gracefully killed) this won't get run.
Also the user can set QEMU_TEST_KEEP_SCRATCH to disable cleanup.
Purging the scratch dir on startup ensures that tests always run
from a clean state.
Reported-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-ID: <20250908135722.3375580-5-berrange@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
tests/functional: avoid tearDown failure when QEMU dies
In a QEMU process under test dies unexpectedly, the 'shutdown'
method may well raise an exception. This causes the tearDown
method to fail, which means any later cleanup code fails to
get run. Most notably the log handlers don't get removed so
the base.log file from an earlier test will get polluted with
messages from any subsequent tests. The tearDown failure also
results in pages of exceptions printed on the console, which
obscures the real failure message / trace printed by the test.
Ignore any shutdown failures in the tearDown method, since any
test which cares about clean shutdown should have already
cleaned up any running VMs. The tearDown method is just there
as a safety net to cleanup resources. The base.log file will
still containing log messages from the failed 'vm.shutdown'
call too.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20250908135722.3375580-4-berrange@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
tests/functional: avoid duplicate messages on failures
In some scenarios the same tests is mentioned in both the
'res.results.errors' and 'res.results.failures' array returned
by unittest.main(). This was seen when the 'tearDown' method
raised an exception.
In such a case, we printed out the same information about where
to find a log file twice for each test. Track which tests we
have already reported on, to avoid the duplication.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20250908135722.3375580-3-berrange@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
tests/functional: fix infinite loop on console EOF
The 'recv' method will return an empty byte array, not None, when
the socket has EOF.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-ID: <20250908135722.3375580-2-berrange@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
John Levon [Wed, 3 Sep 2025 20:19:30 +0000 (22:19 +0200)]
tests/functional: add vm param to cmd.py helpers
Extend the "vm" parameter of wait_for_console_pattern() to all the other
utility functions; this allows them to be used on a VM other than
test.vm.
Signed-off-by: John Levon <john.levon@nutanix.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-ID: <20250903201931.168317-3-john.levon@nutanix.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
John Levon [Wed, 3 Sep 2025 20:19:29 +0000 (22:19 +0200)]
tests/functional: return output from cmd.py helpers
Tests might want to look at the whole output from a command execution,
as well as just logging it. Add support for this.
Signed-off-by: John Levon <john.levon@nutanix.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-ID: <20250903201931.168317-2-john.levon@nutanix.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
gitlab: prevent duplicated meson log artifacts in test jobs
The build jobs will populate build/meson-logs/ with various files
that are added as artifacts.
The test jobs preserve the state of the build jobs, so we must
delete any pre-existing logs to prevent confusion from duplicate
artifacts.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Tested-by: Alex Bennée <alex.bennee@linaro.org>
Message-ID: <20250908190901.3571859-5-berrange@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
The junit XML file produced by meson does not always have the
name 'testlog.junit.xml' - in the case of 'make check-functional'
there is a 'testlog-thorough.junit.xml' file too.
Improve CI debugging robustness by capturing all junit files that
meson produces.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-ID: <20250908190901.3571859-4-berrange@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
gitlab: always include entire of meson-logs directory
There are files besides testlog.txt that may be useful as published
CI artifacts.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-ID: <20250908190901.3571859-3-berrange@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
gitlab: replace avocado results files with meson results files
The 'results.xml' file and 'test-results' directory were both outputs
of the avovcado test runner. Since we're now using meson with the new
functional test framework, we must reference meson results files as the
CI artifacts.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-ID: <20250908190901.3571859-2-berrange@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
tests/functional: handle URLError when fetching assets
We treat most HTTP errors as non-fatal when fetching assets,
but forgot to handle network level errors. This adds catching
of URLError so that we retry on failure, and will ultimately
trigger graceful skipping in the pre-cache task.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20250829142616.2633254-4-berrange@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
tests/functional: fix formatting of exception args
The catch-all exception handler forgot the placeholder for
the exception details.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20250829142616.2633254-3-berrange@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
tests/functional: enable force refresh of cached assets
If the 'QEMU_TEST_REFRESH_CACHE' environment variable is set, then
ignore any existing cached asset and download a fresh copy.
This can be used to selectively refresh assets if set before running
a single test script.
Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20250829142616.2633254-2-berrange@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Fri, 29 Aug 2025 14:20:00 +0000 (16:20 +0200)]
tests/functional/m68k: Avoid ResourceWarning in the nextcube test
Since commit c3fd296cf7b1 ("functional: always enable all python
warnings") we enabled more warnings for the functional tests. This
triggers now a warning in the nextcube test:
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20250829142000.62320-1-thuth@redhat.com>
The required "id" is only set up automatically while parsing the command
line, but not when reading the options from the config file.
Thus let's move code that automatically adds the id (if it does not
exist yet) to the init function that needs the id for the first time,
replacing the assert() statement there.
Thomas Huth [Mon, 28 Jul 2025 11:51:51 +0000 (13:51 +0200)]
hw/mips/malta: Silence warning from ubsan
When compiling QEMU with --enable-ubsan there is a undefined behavior
warning when using the malta machine:
hw/mips/malta.c:1200:32: runtime error: addition of unsigned offset
to 0x7fb620600000 overflowed to 0x7fb6205fffff
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior hw/mips/malta.c:1200:32
To fix the issue, check the bios_size whether we really loaded the
firmware before trying to byte-swap the instructions here.
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20250728115152.187728-1-thuth@redhat.com>
OpenBSD 7.7 fixed the problem with the -fzero-call-used-regs on OpenBSD,
see https://github.com/openbsd/src/commit/03eca72d1e030b7a542cd6aec1 for
the fix there.
Suggested-by: Brad Smith <brad@comstyle.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20250508144120.163009-6-thuth@redhat.com>
Thomas Huth [Thu, 8 May 2025 14:41:17 +0000 (16:41 +0200)]
hw/display/bcm2835_fb: Move inclusion of console.h to the .c file
The definitions from console.h are not needed in the bcm2835_fb.h
header file yet, so let's move it to the place that really needs
its definitions, i.e. into the bcm2835_fb.c file.
This way the header can also be used by code that is not compiled
with the CFLAGS that are required for pixman or OpenGL (in case
their headers do not reside under /usr/include).
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20250508144120.163009-3-thuth@redhat.com>
Mark Cave-Ayland [Tue, 15 Jul 2025 09:26:02 +0000 (10:26 +0100)]
vfio/pci.h: rename VFIOPCIDevice pdev field to parent_obj
Now that nothing accesses the pdev field directly, rename pdev to
parent_obj as per our current coding guidelines.
Signed-off-by: Mark Cave-Ayland <mark.caveayland@nutanix.com> Reviewed-by: Cédric Le Goater <clg@redhat.com> Reviewed-by: Steve Sistare <steven.sistare@oracle.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Link: https://lore.kernel.org/qemu-devel/20250715093110.107317-23-mark.caveayland@nutanix.com Signed-off-by: Cédric Le Goater <clg@redhat.com>
Mark Cave-Ayland [Tue, 15 Jul 2025 09:25:53 +0000 (10:25 +0100)]
vfio-user/pci.c: rename VFIOUserPCIDevice device field to parent_obj
Now that nothing accesses the device field directly, rename device to
parent_obj as per our current coding guidelines.
Signed-off-by: Mark Cave-Ayland <mark.caveayland@nutanix.com> Reviewed-by: Cédric Le Goater <clg@redhat.com> Reviewed-by: John Levon <john.levon@nutanix.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Link: https://lore.kernel.org/qemu-devel/20250715093110.107317-14-mark.caveayland@nutanix.com Signed-off-by: Cédric Le Goater <clg@redhat.com>
Update the VFIOUserPCIDevice declaration so that it is closer to our coding
guidelines: add a blank line after the parent object.
Signed-off-by: Mark Cave-Ayland <mark.caveayland@nutanix.com> Reviewed-by: Cédric Le Goater <clg@redhat.com> Reviewed-by: John Levon <john.levon@nutanix.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Link: https://lore.kernel.org/qemu-devel/20250715093110.107317-12-mark.caveayland@nutanix.com Signed-off-by: Cédric Le Goater <clg@redhat.com>
Mark Cave-Ayland [Tue, 15 Jul 2025 09:25:50 +0000 (10:25 +0100)]
vfio-user/container.h: rename VFIOUserContainer bcontainer field to parent_obj
Now that nothing accesses the bcontainer field directly, rename bcontainer to
parent_obj as per our current coding guidelines.
Signed-off-by: Mark Cave-Ayland <mark.caveayland@nutanix.com> Reviewed-by: Cédric Le Goater <clg@redhat.com> Reviewed-by: John Levon <john.levon@nutanix.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Link: https://lore.kernel.org/qemu-devel/20250715093110.107317-11-mark.caveayland@nutanix.com Signed-off-by: Cédric Le Goater <clg@redhat.com>
Update the VFIOUserContainer declaration so that it is closer to our coding
guidelines: remove the explicit typedef (this is already handled by the
OBJECT_DECLARE_TYPE() macro) and add a blank line after the parent object.
Signed-off-by: Mark Cave-Ayland <mark.caveayland@nutanix.com> Reviewed-by: Cédric Le Goater <clg@redhat.com> Reviewed-by: John Levon <john.levon@nutanix.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Link: https://lore.kernel.org/qemu-devel/20250715093110.107317-9-mark.caveayland@nutanix.com Signed-off-by: Cédric Le Goater <clg@redhat.com>
Update the VFIOContainer declaration so that it is closer to our coding
guidelines: emove the explicit typedef (this is already handled by the
OBJECT_DECLARE_TYPE() macro) and add a blank line after the parent object.
Update the VFIOContainerBase declaration to match our current coding
guidelines: remove the explicit typedef (this is already handled by the
OBJECT_DECLARE_TYPE() macro), add a blank line after the parent object,
rename parent to parent_obj, and move the macro declaration next to the
VFIOContainerBase struct declaration.
Cédric Le Goater [Thu, 14 Aug 2025 15:34:19 +0000 (17:34 +0200)]
vfio: Report an error when the 'dma_max_mappings' limit is reached
The VFIO IOMMU Type1 kernel driver enforces a default IOMMU mapping
limit of 65535, which is configurable via the 'dma_max_mappings'
module parameter. When this limit is reached, QEMU issues a warning
and fails the mapping operation, but allows the VM to continue
running, potentially causing issues later. This scenario occurs with
SEV-SNP guests, which must update all IOMMU mappings during
initialization.
To address this, update vfio_ram_discard_register_listener() to accept
an 'Error **' parameter and propagate the error to the caller. This
change will halt the VM immediately, at init time, with the same error
message.
Additionally, the same behavior will be enforced at runtime. While
this might be considered too brutal, the rarity of this case and the
planned removal of the dma_max_mappings module parameter make it a
reasonable approach.
The VFIO_PLATFORM device type has been deprecated in the QEMU 10.0
timeframe. All dependent devices have been removed. Now remove the
core vfio platform framework.
Rename VFIO_DEVICE_TYPE_PLATFORM enum to VFIO_DEVICE_TYPE_UNUSED to
maintain the same index for the CCW and AP VFIO device types.
Tomita Moeko [Wed, 13 Aug 2025 16:05:10 +0000 (00:05 +0800)]
vfio/igd: Enable quirks when IGD is not the primary display
Since linux 6.15, commit 41112160ca87 ("vfio/pci: match IGD devices in
display controller class"), IGD related regions are also exposed when
IGD is not primary display (device class is Display controller).
Allow IGD quirks to be enabled in this configuration so that guests can
have display output on IGD when it is not the primary display.
Merge tag 'pull-tcg-20250905' of https://gitlab.com/rth7680/qemu into staging
tcg/arm: Fix tgen_deposit
tcg/i386: Use vgf2p8affineqb for MO_8 vector shifts
# -----BEGIN PGP SIGNATURE-----
#
# iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmi6lgYdHHJpY2hhcmQu
# aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV9zUggAjXoSFDgMz3yr959F
# e6pSGkV+UIAYZ+fm9TAFQuKccUlEjX6Sq6sxV1my2ODnUnwFF1sV6rx8TG1VHFL/
# GxADQuwY3/6tsiZ24drU8oaocxISi91Km+5P7xwrAbdhSGVMJakzQqTPS178l1Fw
# pXRWN9Offz74gKKUxk6AiPyCUPZutUiM6Hwe5wZSwWIxSoEQWwnAoH8lTPrzAD/Z
# Bo0Cs/LHzmeantok7BRKTlQT4wpvCwRIunkD1V28zdFN63Ny6qTsbxtbRxmKvYC7
# UKli29d/KxFad1ccTNGo9DpFKBB9xHb7W4gBzSrJm9D1bWKcL4wLTmp29Z9aWWpW
# TnsyaQ==
# =8WbV
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 05 Sep 2025 09:49:26 AM CEST
# gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg: issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [ultimate]
* tag 'pull-tcg-20250905' of https://gitlab.com/rth7680/qemu:
tcg/i386: Use vgf2p8affineqb for MO_8 vector shifts
tcg/i386: Add INDEX_op_x86_vgf2p8affineqb_vec
tcg/i386: Use canonical operand ordering in expand_vec_sari
tcg/i386: Expand sari of bits-1 as pcmpgt
cpuinfo/i386: Detect GFNI as an AVX extension
tcg/arm: Fix tgen_deposit
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
When converting from tcg_out_deposit, the arguments were not
shuffled properly.
Cc: qemu-stable@nongnu.org Fixes: cf4905c03135f1181e8 ("tcg: Convert deposit to TCGOutOpDeposit") Reported-by: Michael Tokarev <mjt@tls.msk.ru> Tested-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Merge tag 'pull-trivial-patches' of https://gitlab.com/mjt0k/qemu into staging
trivial patches for 2025-09-03
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCgAdFiEEZKoqtTHVaQM2a/75gqpKJDselHgFAmi39UwACgkQgqpKJDse
# lHjfmRAAuDVM9SwcLIPhZCIbI9R6+T1LEpBidsEQ1O3n0Eatz4zkHPxPdzkwilve
# hbUjsiNjvpiWm4D0SY2njnwYr7ZLzvQK+hQnVRl0ViyI5+qJZMBhrqYZqmh7Usnx
# zYsRMzCacgZDxNzD3+tcKH7mk/60WsmnCFwnb+46cp8YewMRInSRhvjT8hpAINWl
# BBQkiXH8ZYpyWmo5LD2CM/PmHblhr1Mo623EAOgPjsTpwOTaA+JxT2j+Xol5nu3D
# CCyx4zaLdH6CmJKjcVHPG672g7NQZSJYzo7+GGNziEmDLH0lCze9mi4iPoyH5Osu
# Oiv4Zv7+9HoHVp+VVRPKfLrdYWDVfQtI/LC5cKEdNIvUtTOzVwBt4+x4hgQqNHAV
# He1Ye4msuWo1whlGboJFrlY1bX+6Rg/ZP2CiGjbDKOOUlCySsQQ7cVE8plzErll1
# tpEI3p6kxWXSSsqANrpdkgfKi7AA+w3w+PHTeuXiXbzk2dRFjQ16/OX6WE+FBRCJ
# zzDYRSq4T0hEbqR5TUW5ps4f20Im0rDwMtJWoKWJkgURXWgjttOsH3Px2zUbb2f4
# QlwQF5mIv+rXhM7GrwJAcGeC7JnC5qn8wY0T/Quc1TNgVs28Td1dQL7tlA65rAqG
# VAuj7iAoqKnMlqD1J1n46xqoU+w/UAlTKUIjRloMl5mFD/VacEs=
# =sVU5
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 03 Sep 2025 09:59:08 AM CEST
# gpg: using RSA key 64AA2AB531D56903366BFEF982AA4A243B1E9478
# gpg: Good signature from "Michael Tokarev <mjt@debian.org>" [unknown]
# gpg: aka "Michael Tokarev <mjt@corpit.ru>" [unknown]
# gpg: aka "Michael Tokarev <mjt@tls.msk.ru>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 9D8B E14E 3F2A 9DD7 9199 28F1 61AD 3D98 ECDF 2C8E
# Subkey fingerprint: 64AA 2AB5 31D5 6903 366B FEF9 82AA 4A24 3B1E 9478
* tag 'pull-trivial-patches' of https://gitlab.com/mjt0k/qemu:
docs: fix typo in xive doc
scripts/coverity-scan/COMPONENTS.md: Add a 'plugins' category
block/curl: drop old/unuspported curl version checks
block/curl: fix curl internal handles handling
chardev/baum: Fix compiler warning for Windows builds
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
scripts/coverity-scan/COMPONENTS.md: Add a 'plugins' category
Cover the TCG plugins files under their own Coverity category.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Acked-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Michael Tokarev [Sun, 24 Aug 2025 00:05:32 +0000 (03:05 +0300)]
block/curl: fix curl internal handles handling
block/curl.c uses CURLMOPT_SOCKETFUNCTION to register a socket callback.
According to the documentation, this callback is called not just with
application-created sockets but also with internal curl sockets, - and
for such sockets, user data pointer is not set by the application, so
the result qemu crashing.
Pass BDRVCURLState directly to the callback function as user pointer,
instead of relying on CURLINFO_PRIVATE.
This problem started happening with update of libcurl from 8.9 to 8.10 --
apparently with this change curl started using private handles more.
(CURLINFO_PRIVATE is used in one more place, in curl_multi_check_completion() -
it might need a similar fix too)
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/3081 Cc: qemu-stable@qemu.org Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Stefan Weil via [Sat, 9 Aug 2025 06:13:02 +0000 (08:13 +0200)]
chardev/baum: Fix compiler warning for Windows builds
Compiler warning:
../chardev/baum.c:657:25: warning: comparison between pointer and integer
Use brlapi_fileDescriptor instead of int for brlapi_fd and
BRLAPI_INVALID_FILE_DESCRIPTOR instead of -1.
Signed-off-by: Stefan Weil <sw@weilnetz.de> Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Merge tag 'hw-misc-20250902' of https://github.com/philmd/qemu into staging
Misc HW patches
- Compile various system files once
- Remove SDCard spec v1.10
- Remove mipssim machine and mipsnet device model
- Prevent crash in e1000e when legacy interrupt fires after enabling MSI-X
- Introduce qemu_init_irq_child()
- Remove various memory leaks reported by ASan
- Few Coverity fixes
- Use 74Kf CPU to run MIPS16e binaries and M14Kc for microMIPS ones
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAmi3FDYACgkQ4+MsLN6t
# wN7fwA//WqegI1RTs65uHGV2M0vcYtGYTrucLyJtE9lJubb3wVjzdZpNcVVwKFRi
# lXNjnOfmA7lIsC2CMRaiFO/hIk40yN2BLoEupSrLXjiygtiwlhG8OX0mU/6o06/k
# Q41rEAu0wLVdJDpyUZWnVi1WvjMzaal3RvENRMr5CsrFw/Yk6Z7HKBDMEMuJjOWL
# qBTAf8o8pnfliiyeS+OE4r5iIFUHzCtGlQtJH1GZ+zFgR2LNe6UUbofmUnzIFU0j
# KuepdXemmd29nEz7wk8a7sjbJmoN9vLdJtsM+zcwNOsxmFC9+1ap/8BAGzRmhrWp
# l5zJmL2YbvdHExKLC3qlnhGsKutK+9K4VAB6jLZu0MHfUQBYCGgFgYFcLdlGlRzg
# OGgCvx5M7vZekTEHQu3zT29iUOAKAkD7dYlGIPqSUGuPGDZgPOqIMMc1HJAblXB1
# xNATGo2T2D3M01/ugwPAMF2IhLmKa9oAQDKnsW+bG6WJ4rjhqQpbmvxn51JB8q/x
# a7xuUJa8BqX24NMo5d6JqPZPQhor0P0J0ws6oKutLf381FQ9JAnVEVmbQqPSijHY
# BW3by77G2e97hfK0MwqUi43yuRHmNsh3flCdgCt7Zx6lsqmnMJuuhuOL4jQx6JRR
# hPWDFiR+mns12AL3J56A0Y92enoLTawMzrA5M/06my9HLjXuu5M=
# =WRLz
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 02 Sep 2025 05:58:46 PM CEST
# gpg: using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: FAAB E75E 1291 7221 DCFD 6BB2 E3E3 2C2C DEAD C0DE
* tag 'hw-misc-20250902' of https://github.com/philmd/qemu: (38 commits)
hw/i386/pc_piix.c: remove unnecessary if() from pc_init1()
hw/arm/boot: Correctly free the MemoryDeviceInfoList
docs/about/removed-features: Clarify 'device_add' is removed
hw/mips/malta: Include 'system/system.h'
hw/mips/loongson3_virt: Include 'system/system.h'
hw/isa/superio: Include 'system/system.h'
hw/arm/virt: Include 'system/system.h'
crypto/hmac: Allow to build hmac over multiple qcrypto_gnutls_hmac_bytes[v] calls
hw/sd/sdcard: Refactor sd_bootpart_offset
hw/sd/sdcard: Add validation for boot-partition-size
hw/net: Remove mipsnet device model
hw/mips: Remove mipssim machine
hw/display/xlnx_dp: Don't leak dpcd and edid objects
hw/misc/xlnx-versal-cframe-reg: Free FIFO, g_tree on deinit
hw/char/max78000_uart: Destroy FIFO on deinit
hw/gpio/pca9554: Avoid leak in pca9554_set_pin()
hw/ide/ich.c: Use qemu_init_irq_child() to avoid memory leak
hw/char/serial-pci-multi: Use qemu_init_irq_child() to avoid leak
hw/irq: New qemu_init_irq_child() function
hw/ppc: Fix build error with CONFIG_POWERNV disabled
...
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
hw/i386/pc_piix.c: remove unnecessary if() from pc_init1()
Now that the isapc logic has been split out of pc_piix.c, the PCI Host Bridge
(phb) object is now always set in pc_init1().
Since phb is now guaranteed not to be NULL, Coverity reports that the if()
statement surrounding ioapic_init_gsi() is now unnecessary and can be removed
along with the phb NULL initialiser.
Coverity: CID 1620557 Signed-off-by: Mark Cave-Ayland <mark.caveayland@nutanix.com> Fixes: 99d0630a45 ("hw/i386/pc_piix.c: assume pcmc->pci_enabled is always true in pc_init1()") Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20250901203409.1196620-1-mark.caveayland@nutanix.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Peter Maydell [Mon, 1 Sep 2025 10:22:14 +0000 (11:22 +0100)]
hw/arm/boot: Correctly free the MemoryDeviceInfoList
When running the bios-tables-test under ASAN we see leaks like this:
Direct leak of 16 byte(s) in 1 object(s) allocated from:
#0 0x5bc58579b00d in calloc (/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/qemu-system-aarch64+0x250400d) (BuildId: 2e27b63dc9ac45f522ced40a17c2a60cc32f1d38)
#1 0x7b4ad90337b1 in g_malloc0 (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x637b1) (BuildId: 1eb6131419edb83b2178b682829a6913cf682d75)
#2 0x5bc5861826db in qmp_memory_device_list /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../hw/mem/memory-device.c:307:34
#3 0x5bc587a9edb6 in arm_load_dtb /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../hw/arm/boot.c:656:15
Indirect leak of 28 byte(s) in 2 object(s) allocated from:
#0 0x5bc58579ae23 in malloc (/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/qemu-system-aarch64+0x2503e23) (BuildId: 2e27b63dc9ac45f522ced40a17c2a60cc32f1d38)
#1 0x7b4ad6c8f947 in __vasprintf_internal libio/vasprintf.c:116:16
#2 0x7b4ad9080a52 in g_vasprintf (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0xb0a52) (BuildId: 1eb6131419edb83b2178b682829a6913cf682d75)
#3 0x7b4ad90515e4 in g_strdup_vprintf (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x815e4) (BuildId: 1eb6131419edb83b2178b682829a6913cf682d75)
#4 0x7b4ad9051940 in g_strdup_printf (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x81940) (BuildId: 1eb6131419edb83b2178b682829a6913cf682d75)
#5 0x5bc5885eb739 in object_get_canonical_path /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../qom/object.c:2123:19
#6 0x5bc58618dca8 in pc_dimm_md_fill_device_info /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../hw/mem/pc-dimm.c:268:18
#7 0x5bc586182792 in qmp_memory_device_list /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../hw/mem/memory-device.c:310:9
This happens because we declared the MemoryDeviceInfoList *md_list
with g_autofree, which will free the direct memory with g_free() but
doesn't free all the other data structures referenced by it. Instead
what we want is to declare the pointer with g_autoptr(), which will
automatically call the qapi_free_MemoryDeviceInfoList() cleanup
function when the variable goes out of scope.
Fixes: 36bc78aca83cfd ("hw/arm: add static NVDIMMs in device tree") Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Manos Pitsidianakis <manos.pitsidianakis@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20250901102214.3748011-1-peter.maydell@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
docs/about/removed-features: Clarify 'device_add' is removed
All other titles in removed-features.rst mention when
the feature was removed using "removed in". Use that
instead of "since" which we use for when a feature is
deprecated.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20250901113957.17113-1-philmd@linaro.org>
projects / thirdparty / qemu.git / log
