The hw_compat_3_1[] array was only used by the pc-q35-3.1
and pc-i440fx-3.1 machines, which got removed. Remove it.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20260307152635.83893-9-philmd@linaro.org>
target/i386/cpu: Remove X86CPU::intel_pt_auto_level field
The X86CPU::intel_pt_auto_level boolean was only set in the
pc_compat_3_1[] array, via the 'x-intel-pt-auto-level=off'
property. We removed all machines using that array, let's
emove that property and all the code around it.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20260307152635.83893-8-philmd@linaro.org>
hw/i386/iommu: Remove IntelIOMMUState::dma_drain field
The IntelIOMMUState::dma_drain boolean was only set in
the pc_compat_3_1[] array, via the 'dma-drain=off' property.
We removed all machines using that array, lets remove that
property and all the code around it.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20260307152635.83893-7-philmd@linaro.org>
The pc_compat_3_1[] array was only used by the pc-q35-3.1
and pc-i440fx-3.1 machines, which got removed. Remove it.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20260307152635.83893-6-philmd@linaro.org>
hw/core/boards: Remove MachineClass::smbus_no_migration_support field
The MachineClass::smbus_no_migration_support boolean was only used
by the pc-q35-3.1 and pc-i440fx-3.1 machines, which got removed.
Remove it, along with pm_smbus_vmstate_needed().
Use the unconditional VMSTATE_BOOL() and VMSTATE_STRUCT() macros.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com> Acked-by: Corey Minyard <corey@minyard.net>
Message-Id: <20260307152635.83893-5-philmd@linaro.org>
hw/i386/x86: Remove @pvh_enabled argument in x86_load_linux()
x86_load_linux()'s @pvh_enabled is now always %true: remove it.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20260307152635.83893-4-philmd@linaro.org>
hw/i386/pc: Remove PCMachineClass::pvh_enabled field
The PCMachineClass::pvh_enabled boolean was only used by
the pc-q35-3.1 and pc-i440fx-3.1 machines, which got removed.
Remove it.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20260307152635.83893-3-philmd@linaro.org>
These machines has been supported for a period of more than 6 years.
According to our versioned machine support policy (see commit ce80c4fa6ff "docs: document special exception for machine type
deprecation & removal") they can now be removed.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20260309145013.44327-2-philmd@linaro.org>
hw/timer/hpet: Remove HPETState::hpet_offset_saved field
The HPETState::hpet_offset_saved boolean was only set in the
hw_compat_2_11[] array, via the 'hpet-offset-saved=false'
property. We removed all machines using that array, let's remove
that property and all the code around it.
Message-ID: <20250501230129.2596-6-philmd@linaro.org>
[thuth: Adapted the rust part to the current master branch] Signed-off-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Zhao Liu <zhao1.liu@intel.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20260306093134.27789-1-thuth@redhat.com>
Peter Maydell [Mon, 9 Mar 2026 14:53:42 +0000 (14:53 +0000)]
Merge tag 'linux-user-for-v11-pull-request' of https://github.com/hdeller/qemu-hppa into staging
linux-user patches for qemu v11
# -----BEGIN PGP SIGNATURE-----
#
# iHUEABYKAB0WIQS86RI+GtKfB8BJu973ErUQojoPXwUCaa7PQgAKCRD3ErUQojoP
# X1vmAP9xP/nu9TbgEn/75j6i/Id2vWAC3C5GGRVqFAIvtS7m0AEAor/4t50xQDvC
# yfrc2rGcV3cdoZe1jOlIPNbv6DvHIA4=
# =IkHG
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon Mar 9 13:46:42 2026 GMT
# gpg: using EDDSA key BCE9123E1AD29F07C049BBDEF712B510A23A0F5F
# gpg: Good signature from "Helge Deller <deller@gmx.de>" [unknown]
# gpg: aka "Helge Deller <deller@kernel.org>" [unknown]
# gpg: aka "Helge Deller <deller@debian.org>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 4544 8228 2CD9 10DB EF3D 25F8 3E5F 3D04 A7A2 4603
# Subkey fingerprint: BCE9 123E 1AD2 9F07 C049 BBDE F712 B510 A23A 0F5F
* tag 'linux-user-for-v11-pull-request' of https://github.com/hdeller/qemu-hppa:
linux-user: Improve formatting for mremap()
tests/tcg/multiarch/test-mmap: Check mmaps beyond reserved_va
tests/tcg/multiarch/test-mmap: Print more details
bsd-user: Deal with mmap where start > reserved_va
linux-user: Deal with mmap where start > reserved_va
linux-user: fix TIOCGSID ioctl
linux-user: fix matching ioctl numbers in print_ioctl
linux-user: Check if RESOLVE_CACHED flag is defined before using it
linux-user: properly check flags in openat2
linux-user/strace: fix printing of file offsets
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Mon, 9 Mar 2026 14:53:34 +0000 (14:53 +0000)]
Merge tag 'migration-20260309-pull-request' of https://gitlab.com/farosas/qemu into staging
Migration pull request
- Fix for races when migration starts again after a failure
- New maintainer for COLO: Lukas Straub
- COLO cleanups and bug fixes
- COLO multifd support
# -----BEGIN PGP SIGNATURE-----
#
# iQJEBAABCAAuFiEEqhtIsKIjJqWkw2TPx5jcdBvsMZ0FAmmuwz8QHGZhcm9zYXNA
# c3VzZS5kZQAKCRDHmNx0G+wxnaQ4D/9dq5niCFuJvP5xhaYTc0+VCErlaR9SFPkd
# OuJI3CWlld4EEfzgo0wAnt2CdF2oRqZwRrDzkcp0pXEaRS0US2yrzcnrXZmJwZ4j
# ZwTyMd/8N6Ej+qAzAkEFzT7pnwQDSWjtjLG+FZx8fidMqyYtEi2b4Ycp2x3VwZ+6
# BbR73sVK+4BNRR3OzI2FykmR6zlQgkWhznrHwpseYFJTmz28q/U3sIB0OA80lnuT
# DvZFlmwUSfJj+3hCrIcIm19SktOAG/8/jgkdMcWfb/EgBMieDBhLW0Q8S+EPVqNe
# HlcsZ3uYs8FFU/ae8j5TBeRHk4G41sUtFgunW6JD2Lgez+BAENejm3YbTtj8OyKA
# 95hYyCLa+GdYcTAHLBHU3xKhtrzcLQ7guDpeJqWPg36zKwBsZgBEDYqwQ/TTaMNR
# qLjRGZ3+h7HSrcIlDfE3HqZxAvsbGszQ8LlEeKxfrO+RklYSrQR1lEoeKZc9DYU3
# taAvWKYHkNGmOR6th6MQlT4eQGDkXxBv2oyLjlujS63102OrsSjFRwkuCwq0JNZk
# xcpw+EeUQAG6srOJHhe0HbjlhYSee26U0GuTrO3rlhqkKY+I10X81fCLhkUflnrA
# sjIjwRnI9uRUIOKuSx/XWVAvN1SW+/TYpDUPFon457RFjyQM7dirpyvxTcD5QTwj
# 1froPBPq8Q==
# =smC6
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon Mar 9 12:55:27 2026 GMT
# gpg: using RSA key AA1B48B0A22326A5A4C364CFC798DC741BEC319D
# gpg: issuer "farosas@suse.de"
# gpg: Good signature from "Fabiano Rosas <farosas@suse.de>" [unknown]
# gpg: aka "Fabiano Almeida Rosas <fabiano.rosas@suse.com>" [unknown]
# gpg: WARNING: The key's User ID is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: AA1B 48B0 A223 26A5 A4C3 64CF C798 DC74 1BEC 319D
* tag 'migration-20260309-pull-request' of https://gitlab.com/farosas/qemu: (22 commits)
colo: Reuse the return path from migration on primary and secondary side
migration: Keep s->rp_state.from_dst_file open until migration ends
colo: Use file lock in primary_vm_do_failover()
multifd: Fix hang if send thread errors during sync
qemu-colo.rst: Simplify the block replication setup
qemu-colo.rst: Add my copyright
qemu-colo.rst: Miscellaneous changes
Convert colo main documentation to restructuredText
migration-test: Add COLO migration unit test
colo: Do not hold the BQL while receiving ram state.
colo: Hold the BQL while sending ram state
colo: Fix crash during device vmstate load
Call colo_release_ram_cache() after multifd threads terminate
multifd: Add COLO support
multifd: Move ram state receive into multifd_ram_state_recv()
ram: Remove colo special-casing
colo: Remove ENABLE_COLO savevm command and mark it as deprecated
colo: Replace migration_incoming_colo_enabled() with migrate_colo()
colo: Setup ram cache in normal migration path
MAINTAINERS: Remove Hailiang Zhang from COLO migration framework
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Helge Deller [Sat, 7 Mar 2026 19:27:05 +0000 (20:27 +0100)]
linux-user: Improve formatting for mremap()
Improve slightly the strace output for mremap().
Print the old_address and new_address as hex values, old_size and
new_size as unsigned, and the flags as integer.
Andreas Schwab [Tue, 10 Feb 2026 09:46:01 +0000 (10:46 +0100)]
linux-user: fix matching ioctl numbers in print_ioctl
target_cmd in struct IOCTLEntry is a signed int. Make sure the ioctl cmd
argument in the syscall is converted to int when matching, so that it
works correctly with an ioctl cmd that has bit 31 set.
Frank Chang [Thu, 12 Feb 2026 09:54:49 +0000 (17:54 +0800)]
linux-user: Check if RESOLVE_CACHED flag is defined before using it
openat2.h was introduced in Linux kernel 5.6. However, RESOLVE_CACHED
flag was only added in kernel 5.12 and later. Therefore, we need to check
if RESOLVE_CACHED flag is defined before using it.
Previously, 64-bit file offsets (loff_t) were printed using `print_raw_param()`
function, which led to silent truncation of the upper part. This commit fixes
this issue by adding two helper functions:
1. print_file_offset32(): prints 32-bit file offsets (off_t)
2. print_file_offset64(): prints 64-bit file offsets (loff_t)
Changelog v2:
1. Make `print_file_offset32()` static.
2. Use `last` parameter in `print_file_offset32()`.
3. Rename `low` and `high` parameters of `print_file_offset64()` to `word0`,
`word1` respectively
4. Convert `last` to bool for `print_file_offset[32,64]()`
5. Use `PRId64` instead of `PRIu64` for `print_file_offset64()`
6. Fix `print__llseek()`
* tag 'edgar/edgars-xen-queue-2026-02-09' of https://gitlab.com/edgar.iglesias/qemu:
hw/xen: xenpvh: Add prop to enable/disable the mapcache
hw/xen-hvm: Add a mapcache arg to xen_register_ioreq()
physmem: xen: Conditionalize use of the mapcache
xen: mapcache: Add function to check if the mapcache is enabled
xen: mapcache: Assert mapcache existance
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Mon, 9 Mar 2026 12:15:12 +0000 (12:15 +0000)]
Merge tag 'pr-plugins-20260307' of https://gitlab.com/pbo-linaro/qemu into staging
Changes:
- [PATCH] contrib/plugins/uftrace_symbols.py: ignore zero sized symbols (Pierrick Bouvier <pierrick.bouvier@linaro.org>) Link: https://lore.kernel.org/qemu-devel/20260306051553.2778652-1-pierrick.bouvier@linaro.org
- [PATCH] contrib/plugins/bbv.c: Check if file is NULL (Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp>) Link: https://lore.kernel.org/qemu-devel/20260307-bbv-v1-1-d5757d1deac8@rsg.ci.i.u-tokyo.ac.jp
# -----BEGIN PGP SIGNATURE-----
#
# iQGzBAABCgAdFiEEZrmU7KFPfy5auggff5BUDQoc0A8FAmmskd8ACgkQf5BUDQoc
# 0A9+HQv/ZRaq8CEDIOXVOlS9d/j/tJRbp18rb+xcBWgFZAnL3NXOxvGvRm72elVz
# c1PwVqpw4itu3YIusXfUQUzqeY24oXSKDDBLYt5y4WvSCjixoUHjgrBa80rhgNxL
# Tybcpe3gyprSgTtRHki97sf1mfxp9+gTH4yCcC6/Onvbe/PoVyZZ/+LP5TDZf9oX
# UOTIhGD6bqMCrsFrr+zENl+3d+95MVSlHYd6AY/66j1SUn6PXdIDglHjcCdypNL/
# GIeUch9HtVWnVBES/LNZX4NxvpbvW2ZcJWg71MYj92kgnTitTrEacJiYbQF0BGzR
# prv6cfbWMrMz2GL5LGfzs8s5LRcxRn7FqVfTwujQwhZ+fYFVKIDD4J6aqesYnEco
# EEvTN0wHwUFJTDGOUcDJaXyBnO95opIQTxv7Dc3kGtD9x4zJUsoEqOdT5FfvBtjn
# WouF5j8LTndl5X7ofLlR67NAKARs8XVIH4VWadyJfPhrr1LjpI4SHgJfKW9G/LmA
# 0Zo/v3c6
# =faaJ
# -----END PGP SIGNATURE-----
# gpg: Signature made Sat Mar 7 21:00:15 2026 GMT
# gpg: using RSA key 66B994ECA14F7F2E5ABA081F7F90540D0A1CD00F
# gpg: Good signature from "Pierrick Bouvier <pierrick.bouvier@linaro.org>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 66B9 94EC A14F 7F2E 5ABA 081F 7F90 540D 0A1C D00F
* tag 'pr-plugins-20260307' of https://gitlab.com/pbo-linaro/qemu:
contrib/plugins/bbv.c: Check if file is NULL
contrib/plugins/uftrace_symbols.py: ignore zero sized symbols
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Lukas Straub [Mon, 2 Mar 2026 11:45:33 +0000 (12:45 +0100)]
multifd: Fix hang if send thread errors during sync
When a send thread encounters an error (as is the case with yank),
it sets multifd_send_state->exiting and the other threads exit too.
This races with multifd_send_sync_main() which now hangs at
qemu_sem_wait(&p->sem_sync) in multifd_send_sync_main() line 647
as it waits for threads that have exited.
Fix this by kicking the semaphores when exiting the send threads.
I encountered this hang when stress testing the colo unit test,
though I was unable to write a migration test to reliably hit this.
Lukas Straub [Mon, 2 Mar 2026 11:45:32 +0000 (12:45 +0100)]
qemu-colo.rst: Simplify the block replication setup
On the primary side we don't actually need the replication
block driver, since it only passes trough all IO.
So simplify the setup and also use 'blockdev-add' instead of
'human-monitor-command'.
Lukas Straub [Mon, 2 Mar 2026 11:45:25 +0000 (12:45 +0100)]
colo: Fix crash during device vmstate load
With colo we load device vmstate during each checkpoint, on top of
a vm that was already running. Some devices expect a reset before
loading vmstate on such a previously running vm.
This fixes a crash when using COLO with Q35 machine.
The reset adds 10-20ms overhead to the checkpointing proces in my
testing.
Lukas Straub [Mon, 2 Mar 2026 11:43:38 +0000 (12:43 +0100)]
multifd: Add COLO support
Like in the normal ram_load() path, put the received pages into the
colo cache and mark the pages in the bitmap so that they will be
flushed to the guest later.
Multifd with COLO is useful to reduce the VM pause time during checkpointing
for latency sensitive workloads. In such workloads the worst-case latency
is especially important.
Also, this is already worth it for the precopy phase as it helps with
converging. Moreover, multifd migration is the preferred way to do migration
nowadays and this allows to use multifd compression with COLO.
Benchmark:
Cluster nodes
- Intel Xenon E5-2630 v3
- 48Gb RAM
- 10G Ethernet
Guest
- Windows Server 2016
- 6Gb RAM
- 4 cores
Workload
- Upload a file to the guest with SMB to simulate moderate
memory dirtying
- Measure the memory transfer time portion of each checkpoint
- 600ms COLO checkpoint interval
Evaluation
While multifd has slightly higher latency when the guest idles, it is
10ms faster under load and more importantly it's worst case latency is
less than 1/2 of plain under load as can be seen in the 99. Percentile.
Co-authored-by: Juan Quintela <quintela@redhat.com>
[farosas: changed SoB to coauthored as Juan doesn't own that email address anymore] Reviewed-by: Fabiano Rosas <farosas@suse.de> Reviewed-by: Peter Xu <peterx@redhat.com> Signed-off-by: Lukas Straub <lukasstraub2@web.de> Link: https://lore.kernel.org/qemu-devel/20260302-colo_unit_test_multifd-v11-8-d653fb3b1d80@web.de
[removed license boilerplate] Signed-off-by: Fabiano Rosas <farosas@suse.de>
Lukas Straub [Mon, 2 Mar 2026 11:43:35 +0000 (12:43 +0100)]
colo: Remove ENABLE_COLO savevm command and mark it as deprecated
No need for it anymore now that x-colo capability is required
on incoming side. There is also no need to send it for backwards
compatibility since we only support COLO with the same version on
both sides.
We mark the command code as deprecated and now error out if such
a unhandled command is encountered in loadvm_process_command().
Lukas Straub [Mon, 2 Mar 2026 11:43:34 +0000 (12:43 +0100)]
colo: Replace migration_incoming_colo_enabled() with migrate_colo()
Since 121ccedc2b migration: block incoming colo when capability is disabled
x-colo capability needs to be always enabled on the incoming side.
So migration_incoming_colo_enabled() and migrate_colo() are equivalent
with migrate_colo() being easier to reason about since it is always true
during the whole migration.
Lukas Straub [Mon, 2 Mar 2026 11:43:33 +0000 (12:43 +0100)]
colo: Setup ram cache in normal migration path
Since 121ccedc2b migration: block incoming colo when capability is disabled
x-colo capability needs to be always enabled on the incoming side.
So migration_incoming_colo_enabled() and migrate_colo() are equivalent
with migrate_colo() being easier to reason about since it is always true
during the whole migration.
Use migrate_colo() to initialize the ram cache in the normal migration path.
Prasad Pandit [Tue, 24 Feb 2026 10:25:47 +0000 (15:55 +0530)]
migration: introduce MIGRATION_STATUS_FAILING
When migration connection is broken, the QEMU and libvirtd(8)
process on the source side receive TCP connection reset
notification. QEMU sets the migration status to FAILED and
proceeds to migration_cleanup(). Meanwhile, Libvirtd(8) sends
a QMP command to migrate_set_capabilities().
The migration_cleanup() and qmp_migrate_set_capabilities()
calls race with each other. When the latter is invoked first,
since the migration is not running (FAILED), migration
capabilities are reset to false, so during migration_cleanup()
the QEMU process crashes with assertion failure.
Introduce a new migration status FAILING and use it as an
interim status when an error occurs. Once migration_cleanup()
is done, it sets the migration status to FAILED. This helps
to avoid the above race condition and ensuing failure.
Interim status FAILING is set wherever the execution moves
towards migration_cleanup():
- postcopy_start()
- migration_thread()
- migration_cleanup()
- multifd_send_setup()
- bg_migration_thread()
- migration_completion()
- migration_detect_error()
- bg_migration_completion()
- multifd_send_error_propagate()
- migration_connect_error_propagate()
The migration status finally moves to FAILED and reports an
appropriate error to the user.
Interim status FAILING is _NOT_ set in the following routines
because they do not follow the migration_cleanup() path to the
FAILED state:
- cpr_exec_cb()
- qemu_savevm_state()
- postcopy_listen_thread()
- process_incoming_migration_co()
- multifd_recv_terminate_threads()
- migration_channel_process_incoming()
Ross Lagerwall [Thu, 8 Jan 2026 13:54:06 +0000 (13:54 +0000)]
xen-hvm: Emit RTC_CHANGE upon TIMEOFFSET ioreq
When the guest writes to the RTC, the write is intercepted and emulated
by Xen and the time difference is broadcasted as a TIMEOFFSET ioreq.
Emit an RTC_CHANGE QMP event when this happens rather than ignoring it
so that something can make use of the information (e.g. the toolstack
can persist it between VM starts).
Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Message-ID: <20260108135406.1879210-1-ross.lagerwall@citrix.com> Acked-by: Anthony PERARD <anthony.perard@vates.tech> Signed-off-by: Anthony PERARD <anthony.perard@vates.tech>
Ross Lagerwall [Thu, 8 Jan 2026 13:25:14 +0000 (13:25 +0000)]
xen-hvm: Handle framebuffer relocation
It is possible for a guest to relocate the linear framebuffer by writing
to the VGA device's BAR. This causes QEMU to report an error and if the
VM is migrated, the destination QEMU hits an assertion.
The problem is that updating the BAR causes the PCI core code to call
the del region callback followed by the add region callback but the
xen-hvm code ignores the del region call and therefore the subsequent
call to xen_relocate_memory() during the add region callback fails
because the source address is not correct.
Fix it by calling in to xen_remove_from_physmap() in response to a
del region callback for the linear framebuffer so that the subsequent
add region callback succeeds.
Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com> Reviewed-by: Anthony PERARD <anthony.perard@vates.tech>
Message-ID: <20260108132514.1862552-1-ross.lagerwall@citrix.com> Signed-off-by: Anthony PERARD <anthony.perard@vates.tech>
Liam Merwick [Fri, 23 May 2025 16:01:34 +0000 (16:01 +0000)]
hw/xen: Fix trace_xs_node_read() params
When the '--enable-trace-backends=syslog' build option is configured,
the following compilation error is encountered.
In file included from /usr/include/sys/syslog.h:207,
from /usr/include/syslog.h:1,
from ./trace/trace-hw_xen.h:224,
from ../hw/xen/trace.h:1,
from ../hw/xen/xen-bus-helper.c:13:
In function ‘syslog’,
inlined from ‘_nocheck__trace_xs_node_read’ at ../hw/xen/trace-events:41:9,
inlined from ‘trace_xs_node_read’ at trace/trace-hw_xen.h:903:9,
inlined from ‘xs_node_read’ at ../hw/xen/xen-bus-helper.c:154:5:
/usr/include/bits/syslog.h:45:3: error: ‘%s’ directive argument is null [-Werror=format-overflow=]
45 | __syslog_chk (__pri, __USE_FORTIFY_LEVEL - 1, __fmt, __va_arg_pack ());
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Add a check that 'value' is not null before passing it to trace_xs_node_read().
Fixes: e6cdeee95990 ("hw/xen: Add xs_node_read() helper function") Signed-off-by: Liam Merwick <liam.merwick@oracle.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Acked-by: Anthony PERARD <anthony.perard@vates.tech> Acked-by: David Woodhouse <dwmw@amazon.co.uk>
Message-ID: <20250523160134.218997-1-liam.merwick@oracle.com> Signed-off-by: Anthony PERARD <anthony.perard@vates.tech>
Peter Maydell [Mon, 9 Mar 2026 09:39:12 +0000 (09:39 +0000)]
Merge tag 'hw-misc-20260308' of https://github.com/philmd/qemu into staging
Misc HW patches
- Remove versioned machines released in QEMU 3.0
- Build various stubs and ACPI objects once
- Pair of bug fixes in ATI VGA model
- Cleanups in 16550A UART model
- Clarify PA-RISC CPU models (adding the PA-8500)
- Various memory leaks / overflows fixed
- MAINTAINERS updates
* tag 'hw-misc-20260308' of https://github.com/philmd/qemu: (49 commits)
hw/char: Drop disable property of Diva GSP card
hw/hppa: Avoid leaking a diva-gsp device
audio/jack: Fix use of qemu_thread_set_name() on macOS
hw/m68k/mcf_intc: Use qdev input gpios for input IRQs
ati-vga: Allow setting EDID parameters directly
hppa: Use 44 bit physical addresses for PA-8700
hppa: Get physical address space bits from HPPACPUDef
hppa: Introduce HPPACPUDef
hw/char/serial: Avoid implicit conversion when tracing
hw/char/serial: Remove redundant reset
hw/char/serial: Add constants for Line Control Register
hw/char/serial: Remove unhelpful comment
hw/char/serial: Reuse fifo8_num_used()
hw/char/serial: Prefer fifo8 methods over open-coding
hw/char/serial: Remove explicit cast from void pointer
util/fifo8: Make all read-only methods const-correct
hw/arm/aspeed_ast27x0-{ssp, tsp}: Do not access SerialMM internals directly
hw/char/{diva-gsp, serial-pci-multi}: Fix deinitialization order
hw/arm/Kconfig: Fix serial selection for NPCM8XX
MAINTAINERS: Update the maintainer for the CHRP NVRAM section
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The implementation in Hyper-V works fine and the code
currently present doesn't handle x2APIC correctly anyway, so
remove it and use the implementation in Hyper-V.
Paolo Bonzini [Mon, 2 Mar 2026 13:06:24 +0000 (14:06 +0100)]
qemu-coroutine-lock: fix has_waiters()
has_waiters() is testing a reversed condition. The logic is that
has_waiters() must return true if a qemu_co_mutex_lock_slowpath()
happened:
qemu_co_mutex_unlock qemu_co_mutex_lock_slowpath
------------------------- -------------------------------
set handoff push to from_push
memory barrier memory barrier
check has_waiters() check handoff
which requires it to return true if from_push (or to_pop from a previous
call) are *not* empty.
This was unlikely to cause trouble because it can only happen when the
same CoMutex is used across multiple threads, but it is nevertheless
completely wrong. The bug would show up as either a NULL-pointer
dereference inside qemu_co_mutex_lock_slowpath(), or a missed wait in
qemu_co_mutex_unlock().
Reported-by: Siteshwar Vashisht <svashisht@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Conditionalize use of the mapcache. This is in preparation
to optionally disable the mapcache at runtime.
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@amd.com> Acked-by: Peter Xu <peterx@redhat.com> Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
Helge Deller [Sat, 7 Mar 2026 19:52:32 +0000 (20:52 +0100)]
hw/hppa: Avoid leaking a diva-gsp device
Create a Diva-gsp unconditionally on all 64-bit PCI machines.
The A400 usually comes with a Diva card. The C3700 has a built-in
SUPERIO chip, which we haven't implemented yet, so running with an
emulated Diva is the best we can do for now.
Signed-off-by: Helge Deller <deller@gmx.de> Suggested-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-ID: <20260307195243.8813-2-deller@kernel.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Audio backends
CoreAudio support : YES
PipeWire support : NO
JACK support : YES 1.9.22
../audio/jackaudio.c:654:12: error: unused function 'qjack_thread_creator' [-Werror,-Wunused-function]
654 | static int qjack_thread_creator(jack_native_thread_t *thread,
| ^~~~~~~~~~~~~~~~~~~~
This is simply due to a missing #ifdef'ry change. Update
so we can use the new qemu_thread_set_name() exposed by
commit 46255cc2be9.
Fixes: 8f68a33ad46 ("audio: make jackaudio use qemu_thread_set_name") Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Christian Schoenebeck <qemu_oss@crudebyte.com>
Message-Id: <20260307114923.75394-1-philmd@linaro.org>
Peter Maydell [Fri, 6 Mar 2026 19:04:25 +0000 (19:04 +0000)]
hw/m68k/mcf_intc: Use qdev input gpios for input IRQs
The m68k mcf_intc interrupt controller currently implements its
inbound IRQ lines by calling qemu_allocate_irqs() in mcf_intc_init().
This results in leaks like this:
Direct leak of 2944 byte(s) in 46 object(s) allocated from:
#0 0x5cf95ec15323 in malloc (/home/pm215/qemu/build/san/qemu-system-m68k+0xf9e323) (BuildId: 18d55ef8ea9856e68ee30802078af5050b8b06c5)
#1 0x7637c65c5ac9 in g_malloc (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x62ac9) (BuildId: 116e142b9b52c8a4dfd403e759e71ab8f95d8bb3)
#2 0x5cf95f6b2f27 in object_new_with_type /home/pm215/qemu/build/san/../../qom/object.c:767:15
#3 0x5cf95f6aa62e in qemu_allocate_irq /home/pm215/qemu/build/san/../../hw/core/irq.c:91:25
#4 0x5cf95f6aa62e in qemu_extend_irqs /home/pm215/qemu/build/san/../../hw/core/irq.c:79:16
#5 0x5cf95f5f6d99 in mcf5208evb_init /home/pm215/qemu/build/san/../../hw/m68k/mcf5208.c:310:11
This isn't an important leak, as it is memory we allocate once at
QEMU startup and that has to stay live for the lifetime of the
system. However it does point at a code improvement.
Modernise this to have the device itself create inbound GPIOs with
qdev_init_gpio_in() that the board can then refer to and wire up
individually.
As the device is used in only a single board, we can update device
and board in a single patch rather than having to try to figure out
some way to change the API more piecemeal.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Thomas Huth <th.huth+qemu@posteo.eu> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20260306190425.3047580-1-peter.maydell@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
BALATON Zoltan [Thu, 5 Mar 2026 23:37:17 +0000 (00:37 +0100)]
ati-vga: Allow setting EDID parameters directly
The EDID generation has some parameters that can be set via properties
but since ati-vga uses i2c-ddc it is only accessible with -global
option. Expose these properties so users can more easily set it via
e.g. -device ati-vga,xres=1024,yres=768.
Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-ID: <20260305233717.1D08F5969F6@zero.eik.bme.hu> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Anton Johansson [Thu, 5 Mar 2026 22:54:22 +0000 (23:54 +0100)]
hppa: Use 44 bit physical addresses for PA-8700
This is in line with the PA-8700 specification which demands 44 bits.
However, this change breaks the SeaBIOS functional tests as the firmware
assumes 40 bit physical addresses. Therefore, change the functional
tests to instead run on an A400 which has the expected physical address
space size.
Reviewed-by: Helge Deller <deller@gmx.de> Signed-off-by: Anton Johansson <anjo@rev.ng>
Message-ID: <20260305-hppa-c3600-v6-3-d51526e5269c@rev.ng> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Anton Johansson [Thu, 5 Mar 2026 22:54:21 +0000 (23:54 +0100)]
hppa: Get physical address space bits from HPPACPUDef
Signed-off-by: Anton Johansson <anjo@rev.ng> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20260305-hppa-c3600-v6-2-d51526e5269c@rev.ng> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Anton Johansson [Thu, 5 Mar 2026 22:54:20 +0000 (23:54 +0100)]
hppa: Introduce HPPACPUDef
Restructures the CPU class heirarchy to clarify model names and allow
for per-model configuration options via HPPACPUDef. 32-bit HPPA is
assumed to run a PA-7300LC, and 64-bit assumed to run a PA-8700.
A new PA-8500 model is added, which will later be used by the A400
machine. All CPU models are made into children of the now abstract
TYPE_HPPA_CPU base class.
Two fields are added to HPPACPUDef describing the size of the physical
address space, and whether or not the CPU uses the PA-RISC 2.0
architecture. The latter was previously a field in CPUHPPAState.
phys_addr_bits is currently set but unused, and will be used in the
following commit. Likewise, PA-8700 is moved to use 44 bit physical
addresses in a followup commit to not break bisection.
References to "hppa/hppa64" models in test cases are also updated.
Reviewed-by: Helge Deller <deller@gmx.de> Signed-off-by: Anton Johansson <anjo@rev.ng> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20260305-hppa-c3600-v6-1-d51526e5269c@rev.ng> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
hw/char/serial: Avoid implicit conversion when tracing
On 64 bit targets, the MemoryRegion API passes an address and a value as
uint64_t, so use that for tracing. Keep the uint8_t for reading since
this is what the device model produces. On targets with less than 64
bits, uint64_t is wide enough to avoid narrowing.
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Bernhard Beschow <shentey@gmail.com>
Message-ID: <20260305220911.131508-12-shentey@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
There is no need to invoke the reset method in realize since the reset
framework will do so anyway before the machine starts.
Signed-off-by: Bernhard Beschow <shentey@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-ID: <20260305220911.131508-11-shentey@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
hw/char/serial: Add constants for Line Control Register
Substitute some magic numbers by named constants for slightly improved
readability.
Signed-off-by: Bernhard Beschow <shentey@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-ID: <20260305220911.131508-10-shentey@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
There is no "is_load" flag and one can tell from the method name what
the method does. Remove this unhelpful comment.
Signed-off-by: Bernhard Beschow <shentey@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-ID: <20260305220911.131508-9-shentey@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Avoids accessing private fields of struct Fifo8. Now, TYPE_SERIAL only
accesses struct Fifo8 through its methods.
Signed-off-by: Bernhard Beschow <shentey@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20260305220911.131508-8-shentey@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
hw/char/serial: Prefer fifo8 methods over open-coding
Use fifo8_is_empty() and fifo8_is_full() to improve readability of the
code.
Signed-off-by: Bernhard Beschow <shentey@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20260305220911.131508-7-shentey@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
hw/char/serial: Remove explicit cast from void pointer
A void pointer asks for being casted, so C allows for omitting the
explicit cast. Take advantage of that.
Signed-off-by: Bernhard Beschow <shentey@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20260305220911.131508-6-shentey@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
util/fifo8: Make all read-only methods const-correct
Allows these methods to be used in const contexts, i.e. where the parent
of the fifo itself is const. This is in particular useful for Rust code.
Signed-off-by: Bernhard Beschow <shentey@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20260305220911.131508-5-shentey@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
hw/arm/aspeed_ast27x0-{ssp, tsp}: Do not access SerialMM internals directly
SerialMM inherits from SysBusDevice and exposes the memory region by
means of sysbus_mmio_get_region(). Use that in order to avoid accessing
implementation details of SerialMM.
Reviewed-by: Jamin Lin <jamin_lin@aspeedtech.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Bernhard Beschow <shentey@gmail.com>
Message-ID: <20260305220911.131508-4-shentey@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
CONFIG_SERIAL selects the internal TYPE_SERIAL device which is akin to
an "IP block" that needs to be integrated with glue logic. In case of
NPCM8XX this glue logic is TYPE_SERIAL_MM which the code uses already.
Fix Kconfig to select CONFIG_SERIAL_MM which matches TYPE_SERIAL_MM.
Fixes: ae0c4d1a1290 ("hw/arm: Add NPCM8XX SoC") Signed-off-by: Bernhard Beschow <shentey@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-ID: <20260305220911.131508-2-shentey@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Thomas Huth [Thu, 5 Mar 2026 19:22:23 +0000 (20:22 +0100)]
MAINTAINERS: Update the maintainer for the CHRP NVRAM section
I am not involved in the ppc machines anymore (the pseries machine was
the reason why I took over maintainership of the CHRP NVRAM code in the
past), so it does not make much sense that I'm still listed here as the
maintainer.
The CHRP NVRAM code is used by the mac99 / g3beige ppc machines and
some Sparc machines, too, where Mark is the maintainer, so I asked him
whether he would be interested in being listed as the maintainer here,
and fortunately, he agreed! Thanks, Mark!
Signed-off-by: Thomas Huth <thuth@redhat.com> Acked-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-ID: <20260305192223.6214-1-thuth@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Jim MacArthur <jim.macarthur@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@amd.com>
Message-ID: <20260305-xilinx-phy-protection-v1-1-ffc9edd84e58@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Peter Maydell [Tue, 3 Mar 2026 17:27:18 +0000 (17:27 +0000)]
hw/net/xilinx_ethlite: Check for oversized TX packets
The xilinx_ethlite network device wasn't checking that the TX packet
size set by the guest was within the size of its dual port RAM, with
the effect that the guest could get it to read off the end of the RAM
block.
Check the length. There is no provision in this very simple device
for reporting errors, so as with various RX errors we just report via
tracepoint.
This lack of length check has been present since the device was first
introduced, though the code implementing the tx path has changed
somewhat since then.
Cc: qemu-stable@nongnu.org
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/3317 Fixes: b43848a1005ce ("xilinx: Add ethlite emulation") Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@amd.com>
Message-ID: <20260303172718.437015-1-peter.maydell@linaro.org>
[PMD: renamed size -> tx_size to avoid shadow=compatible-local error] Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Chad Jablonski [Tue, 3 Mar 2026 02:47:19 +0000 (21:47 -0500)]
ati-vga: Add scissor clipping register support
Implement read and write operations on SC_TOP_LEFT, SC_BOTTOM_RIGHT,
and SRC_SC_BOTTOM_RIGHT registers. These registers are also updated
when the src and/or dst clipping fields on DP_GUI_MASTER_CNTL are set
to default clipping.
Scissor clipping is used when rendering text in X.org. The r128 driver
sends host data much wider than is necessary to draw a glyph and cuts it
down to size using clipping before rendering. The actual clipping
implementation follows in a future patch.
This also includes a very minor refactor of the combined
default_sc_bottom_right field in the registers struct to
default_sc_bottom and default_sc_right. This was done to
stay consistent with the other scissor registers and prevent repeated
masking and extraction.
Signed-off-by: Chad Jablonski <chad@jablonski.xyz> Reviewed-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-ID: <20260303024730.1489136-7-chad@jablonski.xyz> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Chad Jablonski [Tue, 3 Mar 2026 02:47:18 +0000 (21:47 -0500)]
ati-vga: Implement foreground and background color register writes
These are straightforward 32-bit register write handlers. They're
necessary for a future patch which will use them for color expansion
from monochrome host data transfers.
Signed-off-by: Chad Jablonski <chad@jablonski.xyz> Reviewed-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-ID: <20260303024730.1489136-6-chad@jablonski.xyz> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Chad Jablonski [Tue, 3 Mar 2026 02:47:17 +0000 (21:47 -0500)]
ati-vga: Latch src and dst pitch and offset on master_cntl default
Hardware testing on the Rage 128 confirms that (SRC/DST)_OFFSET,
and (SRC/DST)_PITCH are latched when (SRC/DST)_PITCH_OFFSET_CNTL bits
in DP_GUI_MASTER_CNTL are set to "default".
The earlier approach looked at the state of the (SRC/DST)_PITCH_OFFSET_CNTL
bits when offset and pitch registers were used. This meant that when
(SRC/DST)_PITCH_OFFSET_CNTL was reset to "leave alone" the old values
stored in the registers would return. This is not how the real hardware
works.
Signed-off-by: Chad Jablonski <chad@jablonski.xyz> Reviewed-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-ID: <20260303024730.1489136-5-chad@jablonski.xyz> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Chad Jablonski [Tue, 3 Mar 2026 02:47:16 +0000 (21:47 -0500)]
ati-vga: Read aliased values from DP_GUI_MASTER_CNTL
DP_GUI_MASTER_CNTL aliases several fields from DP_DATATYPE and DP_MIX.
These were being written correctly but not returned on a read of
DP_GUI_MASTER_CNTL.
Signed-off-by: Chad Jablonski <chad@jablonski.xyz> Reviewed-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-ID: <20260303024730.1489136-4-chad@jablonski.xyz> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Chad Jablonski [Tue, 3 Mar 2026 02:47:15 +0000 (21:47 -0500)]
ati-vga: Fix DST_PITCH and SRC_PITCH reads
Reading DST_PITCH and SRC_PITCH on the Rage 128 is broken. The read
handlers attempt to construct the value from pitch and tile bits in
the register state but mistakenly AND them instead of ORing them. This
means the pitch is always zero on read.
Signed-off-by: Chad Jablonski <chad@jablonski.xyz> Reviewed-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-ID: <20260303024730.1489136-3-chad@jablonski.xyz> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Chad Jablonski [Tue, 3 Mar 2026 02:47:14 +0000 (21:47 -0500)]
ati-vga: Fix framebuffer mapping by using hardware-correct aperture sizes
Rage 128 cards always request 64MB for their linear (framebuffer)
aperture and R100 cards always request 128MB. This is regardless
of the amount of physical VRAM on the board. The following are results
from real hardware tests:
Previously the linear aperture (BAR0) would match the VRAM size.
This discrepancy caused issues with the X.org and XFree86 r128 drivers.
These drivers apply a mask of 0xfc000000 (2^26 = 64MB) to the linear
aperture address. If that address is not on a 64MB boundary the
framebuffer points to an incorrect memory location.
Testing shows that the Radeon R100 also has a BAR0 larger than VRAM
(128MB in this case) and the X.org radeon driver also masks to 64MB.
For Rage 128, CONFIG_APER_SIZE also differs from the previous value and
the behavior stated in the documentation. The Rage 128 register guide
states that it should contain the size of the VRAM + AGP memory. The cards
tested above show that this isn't the case. These tests also included
enabling/disabling AGP with 8MB of memory. It didn't change the
contents of CONFIG_APER_SIZE.
For both Rage 128 and R100 the CONFIG_APER_SIZE is half of the PCI BAR0 size.
Signed-off-by: Chad Jablonski <chad@jablonski.xyz> Reviewed-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-ID: <20260303024730.1489136-2-chad@jablonski.xyz> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
This is redundant since the 2.4 machine types were dropped.
Fixes: 4c82e7b34b1bf35d97e026196f5bf10ea916512c Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20260225165400.605941-1-berrange@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
David Hamilton [Wed, 25 Feb 2026 12:13:22 +0000 (07:13 -0500)]
hw/misc/ivshmem-pci: Handle error from kvm_irqchip_add_irqfd_notifier_gsi()
The return value of kvm_irqchip_add_irqfd_notifier_gsi() was being
ignored. Propagate the error to the caller via errp.
Also change setup_interrupt() to return bool to follow QEMU error
handling conventions, making error checks at call sites simpler.
Resolves the TODO comment at the call site.
Signed-off-by: David Hamilton <dahamilt0@gmail.com> Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20260225121323.5395-2-dahamilt0@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
projects / thirdparty / qemu.git / log
