* [PULL 1/4] hw/arm/Kconfig: Exclude imx8mp-evk machine from KVM-only build
2025-11-24 14:30 [PULL 0/4] target-arm queue Peter Maydell
@ 2025-11-24 14:30 ` Peter Maydell
2025-11-24 14:30 ` [PULL 2/4] hw/display/exynos4210_fimd: Remove duplicated definition Peter Maydell
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: Peter Maydell @ 2025-11-24 14:30 UTC (permalink / raw)
To: qemu-devel
From: Bernhard Beschow <shentey@gmail.com>
Fixes make check failures on an aarch64 host when QEMU is configured
using '--enable-kvm --disable-tcg':
qemu-system-aarch64: unknown type 'arm-gicv3'
Reported-by: Cornelia Huck <cohuck@redhat.com>
Tested-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Bernhard Beschow <shentey@gmail.com>
Message-id: 20251119203759.5138-1-shentey@gmail.com
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Bernhard Beschow <shentey@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
hw/arm/Kconfig | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
index 0cdeb60f1f2..78775063840 100644
--- a/hw/arm/Kconfig
+++ b/hw/arm/Kconfig
@@ -623,7 +623,7 @@ config FSL_IMX8MP_EVK
bool
default y
depends on AARCH64
- depends on TCG || KVM
+ depends on TCG
select FSL_IMX8MP
config ARM_SMMUV3
--
2.43.0
^ permalink raw reply related [flat|nested] 6+ messages in thread* [PULL 2/4] hw/display/exynos4210_fimd: Remove duplicated definition
2025-11-24 14:30 [PULL 0/4] target-arm queue Peter Maydell
2025-11-24 14:30 ` [PULL 1/4] hw/arm/Kconfig: Exclude imx8mp-evk machine from KVM-only build Peter Maydell
@ 2025-11-24 14:30 ` Peter Maydell
2025-11-24 14:30 ` [PULL 3/4] hw/arm/armv7m: Disable reentrancy guard for v7m_sysreg_ns_ops MRs Peter Maydell
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: Peter Maydell @ 2025-11-24 14:30 UTC (permalink / raw)
To: qemu-devel
From: Philippe Mathieu-Daudé <philmd@linaro.org>
FIMD_VIDWADD0_END is defined twice, keep only one.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20251121093509.25088-1-philmd@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
hw/display/exynos4210_fimd.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/hw/display/exynos4210_fimd.c b/hw/display/exynos4210_fimd.c
index c61e0280a7c..6b1eb43987c 100644
--- a/hw/display/exynos4210_fimd.c
+++ b/hw/display/exynos4210_fimd.c
@@ -131,7 +131,6 @@
/* Frame buffer address registers */
#define FIMD_VIDWADD0_START 0x00A0
#define FIMD_VIDWADD0_END 0x00C4
-#define FIMD_VIDWADD0_END 0x00C4
#define FIMD_VIDWADD1_START 0x00D0
#define FIMD_VIDWADD1_END 0x00F4
#define FIMD_VIDWADD2_START 0x0100
--
2.43.0
^ permalink raw reply related [flat|nested] 6+ messages in thread* [PULL 3/4] hw/arm/armv7m: Disable reentrancy guard for v7m_sysreg_ns_ops MRs
2025-11-24 14:30 [PULL 0/4] target-arm queue Peter Maydell
2025-11-24 14:30 ` [PULL 1/4] hw/arm/Kconfig: Exclude imx8mp-evk machine from KVM-only build Peter Maydell
2025-11-24 14:30 ` [PULL 2/4] hw/display/exynos4210_fimd: Remove duplicated definition Peter Maydell
@ 2025-11-24 14:30 ` Peter Maydell
2025-11-24 14:30 ` [PULL 4/4] hw/display/exynos4210_fimd: Account for zero length in fimd_update_memory_section() Peter Maydell
2025-11-24 18:37 ` [PULL 0/4] target-arm queue Richard Henderson
4 siblings, 0 replies; 6+ messages in thread
From: Peter Maydell @ 2025-11-24 14:30 UTC (permalink / raw)
To: qemu-devel
For M-profile cores which support TrustZone, there are some memory
areas which are "NS aliases" -- a Secure access to these addresses
really performs an NS access to a different part of the device. We
implement these using MemoryRegionOps read and write functions which
pass the access on with adjusted attributes using
memory_region_dispatch_read() and memory_region_dispatch_write().
Since the MR we are dispatching to is owned by the same device that
owns the NS-alias MR (the TYPE_ARMV7M container object), this trips
the reentrancy-guard that is applied by access_with_adjusted_size().
Mark the NS alias MemoryRegions as disable_reentrancy_guard; this is
safe because v7m_sysreg_ns_read() and v7m_sysreg_ns_write() do not
touch any of the device's state. (Any further reentrancy attempts by
the underlying MR will still be caught.)
Without this fix, an attempt to read from an address like 0xe002e010,
which is a register in the NS systick alias, will fail and provoke
qemu-system-arm: warning: Blocked re-entrant IO on MemoryRegion: v7m_systick at addr: 0x0
We didn't notice this earlier because almost all code accesses
the registers and systick via the non-alias addresses; the NS
aliases are only need for the rarer case of Secure code that needs
to manage the NS timer or system state on behalf of NS code.
Note that although the v7m_systick_ops read and write functions
also call memory_region_dispatch_{read,write}, this MR does not
need to have the reentrancy-guard disabled because the underlying
MR that it forwards to is owned by a different device (the
TYPE_SYSTICK timer device).
Reported via a stackoverflow question:
https://stackoverflow.com/questions/79808107/what-this-error-is-even-about-qemu-system-arm-warning-blocked-re-entrant-io
Cc: qemu-stable@nongnu.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20251114155304.2662414-1-peter.maydell@linaro.org
---
hw/arm/armv7m.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/hw/arm/armv7m.c b/hw/arm/armv7m.c
index c4a9c3ac529..7fa1b37630e 100644
--- a/hw/arm/armv7m.c
+++ b/hw/arm/armv7m.c
@@ -442,6 +442,12 @@ static void armv7m_realize(DeviceState *dev, Error **errp)
&v7m_sysreg_ns_ops,
sysbus_mmio_get_region(sbd, 0),
"nvic_sysregs_ns", 0x1000);
+ /*
+ * This MR calls memory_region_dispatch_read/write to access the
+ * real region for the NVIC sysregs (which is also owned by this
+ * device), so reentrancy through here is expected and safe.
+ */
+ s->sysreg_ns_mem.disable_reentrancy_guard = true;
memory_region_add_subregion(&s->container, 0xe002e000,
&s->sysreg_ns_mem);
}
@@ -499,6 +505,12 @@ static void armv7m_realize(DeviceState *dev, Error **errp)
memory_region_init_io(&s->systick_ns_mem, OBJECT(s),
&v7m_sysreg_ns_ops, &s->systickmem,
"v7m_systick_ns", 0xe0);
+ /*
+ * This MR calls memory_region_dispatch_read/write to access the
+ * real region for the systick regs (which is also owned by this
+ * device), so reentrancy through here is expected and safe.
+ */
+ s->systick_ns_mem.disable_reentrancy_guard = true;
memory_region_add_subregion_overlap(&s->container, 0xe002e010,
&s->systick_ns_mem, 1);
}
--
2.43.0
^ permalink raw reply related [flat|nested] 6+ messages in thread* [PULL 4/4] hw/display/exynos4210_fimd: Account for zero length in fimd_update_memory_section()
2025-11-24 14:30 [PULL 0/4] target-arm queue Peter Maydell
` (2 preceding siblings ...)
2025-11-24 14:30 ` [PULL 3/4] hw/arm/armv7m: Disable reentrancy guard for v7m_sysreg_ns_ops MRs Peter Maydell
@ 2025-11-24 14:30 ` Peter Maydell
2025-11-24 18:37 ` [PULL 0/4] target-arm queue Richard Henderson
4 siblings, 0 replies; 6+ messages in thread
From: Peter Maydell @ 2025-11-24 14:30 UTC (permalink / raw)
To: qemu-devel
In fimd_update_memory_section() we attempt ot find and map part of
the RAM MR which backs the framebuffer, based on guest-configurable
size and start address.
If the guest configures framebuffer settings which result in a
zero-sized framebuffer, we hit an assertion(), because
memory_region_find() will return a NULL mem_section.mr.
Explicitly check for the zero-size case and treat this as a
guest error.
Because we now have a code path which can reach error_return without
calling memory_region_find to set w->mem_section, we must NULL out
w->mem_section.mr after the unref of the old MR, so that error_return
does not incorrectly double-unref the old MR.
Cc: qemu-stable@nongnu.org
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1407
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20251107143913.1341358-1-peter.maydell@linaro.org
---
hw/display/exynos4210_fimd.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/hw/display/exynos4210_fimd.c b/hw/display/exynos4210_fimd.c
index 6b1eb43987c..49c180fec0c 100644
--- a/hw/display/exynos4210_fimd.c
+++ b/hw/display/exynos4210_fimd.c
@@ -1146,6 +1146,13 @@ static void fimd_update_memory_section(Exynos4210fimdState *s, unsigned win)
if (w->mem_section.mr) {
memory_region_set_log(w->mem_section.mr, false, DIRTY_MEMORY_VGA);
memory_region_unref(w->mem_section.mr);
+ w->mem_section.mr = NULL;
+ }
+
+ if (w->fb_len == 0) {
+ qemu_log_mask(LOG_GUEST_ERROR,
+ "FIMD: Guest config means framebuffer is zero length\n");
+ goto error_return;
}
w->mem_section = memory_region_find(s->fbmem, fb_start_addr, w->fb_len);
--
2.43.0
^ permalink raw reply related [flat|nested] 6+ messages in thread* Re: [PULL 0/4] target-arm queue
2025-11-24 14:30 [PULL 0/4] target-arm queue Peter Maydell
` (3 preceding siblings ...)
2025-11-24 14:30 ` [PULL 4/4] hw/display/exynos4210_fimd: Account for zero length in fimd_update_memory_section() Peter Maydell
@ 2025-11-24 18:37 ` Richard Henderson
4 siblings, 0 replies; 6+ messages in thread
From: Richard Henderson @ 2025-11-24 18:37 UTC (permalink / raw)
To: Peter Maydell, qemu-devel
On 11/24/25 06:30, Peter Maydell wrote:
> Hi; here's an arm pullreq for rc2: three small bug fixes and
> one trivial removal of a duplicated #define.
>
> thanks
> -- PMM
>
> The following changes since commit fb241d0a1fd36a1b67ecced29d8b533316cf9e2d:
>
> Merge tag 'staging-pull-request' ofhttps://gitlab.com/peterx/qemu into staging (2025-11-23 11:46:53 -0800)
>
> are available in the Git repository at:
>
> https://gitlab.com/pm215/qemu.git tags/pull-target-arm-20251124
>
> for you to fetch changes up to 579be921f509fb9d2deccc4233496e36b221abb3:
>
> hw/display/exynos4210_fimd: Account for zero length in fimd_update_memory_section() (2025-11-24 11:01:23 +0000)
>
> ----------------------------------------------------------------
> target-arm queue:
> * hw/display/exynos4210_fimd: Account for zero length in fimd_update_memory_section()
> * hw/arm/armv7m: Disable reentrancy guard for v7m_sysreg_ns_ops MRs
> * hw/display/exynos4210_fimd: Remove duplicated definition
> * hw/arm/Kconfig: Exclude imx8mp-evk machine from KVM-only build
Applied, thanks. Please update https://wiki.qemu.org/ChangeLog/10.2 as appropriate.
r~
^ permalink raw reply [flat|nested] 6+ messages in thread