Branch: refs/heads/staging-10.0
Home: https://github.com/qemu/qemu
Commit: 746269eaae16423572ae7c0dfeb66140fa882149
https://github.com/qemu/qemu/commit/746269eaae16423572ae7c0dfeb66140fa882149
Author: Peter Maydell <[email protected]>
Date: 2025-09-27 (Sat, 27 Sep 2025)
Changed paths:
M hw/usb/hcd-uhci.c
Log Message:
-----------
hw/usb/hcd-uhci: don't assert for SETUP to non-0 endpoint
If the guest feeds invalid data to the UHCI controller, we
can assert:
qemu-system-x86_64: ../../hw/usb/core.c:744: usb_ep_get: Assertion `pid ==
USB_TOKEN_IN || pid == USB_TOKEN_OUT' failed.
(see issue 2548 for the repro case). This happens because the guest
attempts USB_TOKEN_SETUP to an endpoint other than 0, which is not
valid. The controller code doesn't catch this guest error, so
instead we hit the assertion in the USB core code.
Catch the case of SETUP to non-zero endpoint, and treat it as a fatal
error in the TD, in the same way we do for an invalid PID value in
the TD.
This is the UHCI equivalent of the same bug in OHCI that we fixed in
commit 3c3c233677 ("hw/usb/hcd-ohci: Fix #1510, #303: pid not IN or
OUT").
This bug has been tracked as CVE-2024-8354.
Cc: [email protected]
Fixes: https://gitlab.com/qemu-project/qemu/-/issues/2548
Signed-off-by: Peter Maydell <[email protected]>
Reviewed-by: Michael Tokarev <[email protected]>
(cherry picked from commit d0af3cd0274e265435170a583c72b9f0a4100dff)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: 9b3789017d78bf5cecfb7210cb69799518e9bb09
https://github.com/qemu/qemu/commit/9b3789017d78bf5cecfb7210cb69799518e9bb09
Author: Fabian Vogt <[email protected]>
Date: 2025-09-29 (Mon, 29 Sep 2025)
Changed paths:
M hw/intc/xics.c
Log Message:
-----------
hw/intc/xics: Add missing call to register vmstate_icp_server
An obsolete wrapper function with a workaround was removed entirely,
without restoring the call it wrapped.
Without this, the guest is stuck after savevm/loadvm.
Fixes: 24ee9229fe31 ("ppc/spapr: remove deprecated machine pseries-2.9")
Signed-off-by: Fabian Vogt <[email protected]>
Reviewed-by: Philippe Mathieu-Daudé <[email protected]>
Link: https://lore.kernel.org/qemu-devel/6187781.lOV4Wx5bFT@fvogt-thinkpad
Signed-off-by: Fabiano Rosas <[email protected]>
Reviewed-by: Gautam Menghani <[email protected]>
Signed-off-by: Harsh Prateek Bora <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Message-ID: <[email protected]>
(cherry picked from commit f5738aedc21790bd07dbead6b6272a605d5c1138)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: 3a2ed64b6dd1512be5bff63b45ae1e162578a33b
https://github.com/qemu/qemu/commit/3a2ed64b6dd1512be5bff63b45ae1e162578a33b
Author: Harsh Prateek Bora <[email protected]>
Date: 2025-09-29 (Mon, 29 Sep 2025)
Changed paths:
M hw/ppc/spapr.c
Log Message:
-----------
ppc/spapr: init lrdr-capapcity phys with ram size if maxmem not provided
lrdr-capacity contains phys field which communicates the maximum address
in bytes and therefore, the most memory that can be allocated to this
partition. This is usually populated when maxmem is provided alongwith
memory size on qemu command line. However since maxmem is an optional
param, this leads to bits being set to 0 in absence of maxmem param.
Fix this by initializing the respective bits as per total mem size in
such case.
Reported-by: Gaurav Batra <[email protected]>
Tested-by: David Christensen <[email protected]>
Signed-off-by: Harsh Prateek Bora <[email protected]>
Reviewed-by: Shivaprasad G Bhat <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Message-ID: <[email protected]>
(cherry picked from commit 6285eebd3a5fea018eb51d696b51079f44dd1eb3)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: b4feb2ec8597d5bb3bd748ec7c17c237fd8c76d6
https://github.com/qemu/qemu/commit/b4feb2ec8597d5bb3bd748ec7c17c237fd8c76d6
Author: Mohamed Akram <[email protected]>
Date: 2025-10-01 (Wed, 01 Oct 2025)
Changed paths:
M ui/spice-core.c
Log Message:
-----------
ui/spice: Fix abort on macOS
The check is faulty because the thread variable was assigned in the main
thread while the main loop runs in a different thread on macOS.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/3070
Signed-off-by: Mohamed Akram <[email protected]>
Acked-by: Marc-André Lureau <[email protected]>
Message-ID: <[email protected]>
(cherry picked from commit e7ecb533ee0dbfbe30c90abb213247f4943a9a12)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: 409f506518847be03520f6f5b34f659d7d605e21
https://github.com/qemu/qemu/commit/409f506518847be03520f6f5b34f659d7d605e21
Author: Thomas Huth <[email protected]>
Date: 2025-10-01 (Wed, 01 Oct 2025)
Changed paths:
M ui/icons/qemu.svg
Log Message:
-----------
ui/icons/qemu.svg: Add metadata information (author, license) to the logo
We've got two versions of the QEMU logo in the repository, one with
the whole word "QEMU" (pc-bios/qemu_logo.svg) and one that only contains
the letter "Q" (ui/icons/qemu.svg). While qemu_logo.svg contains the
proper metadata with license and author information, this is missing
from the ui/icons/qemu.svg file. Copy the meta data there so that
people have a chance to know the license of the file if they only
look at the qemu.svg file.
Closes: https://gitlab.com/qemu-project/qemu/-/issues/3139
Signed-off-by: Thomas Huth <[email protected]>
Reviewed-by: Marc-André Lureau <[email protected]>
Message-ID: <[email protected]>
(cherry picked from commit 9163424c50981dbc4ded9990228ac01a3b193656)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: c81d81c7a192e0644d44f80332886545c041da36
https://github.com/qemu/qemu/commit/c81d81c7a192e0644d44f80332886545c041da36
Author: Andrew Jones <[email protected]>
Date: 2025-10-04 (Sat, 04 Oct 2025)
Changed paths:
M hw/riscv/riscv-iommu.c
Log Message:
-----------
hw/riscv/riscv-iommu: Fix MSI table size limit
The MSI table is not limited to 4k. The only constraint the table has
is that its base address must be aligned to its size, ensuring no
offsets of the table size will overrun when added to the base address
(see "8.5. MSI page tables" of the AIA spec).
Fixes: 0c54acb8243d ("hw/riscv: add RISC-V IOMMU base emulation")
Signed-off-by: Andrew Jones <[email protected]>
Reviewed-by: Daniel Henrique Barboza <[email protected]>
Message-ID: <[email protected]>
Signed-off-by: Alistair Francis <[email protected]>
(cherry picked from commit 4f7528295b3e6dfe1189f660fa7865ad972d82e7)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: 16982362682380cba6d44efa6f8a254a8359ed15
https://github.com/qemu/qemu/commit/16982362682380cba6d44efa6f8a254a8359ed15
Author: Andrea Bolognani <[email protected]>
Date: 2025-10-04 (Sat, 04 Oct 2025)
Changed paths:
M docs/interop/firmware.json
Log Message:
-----------
docs/interop/firmware: Add riscv64 to FirmwareArchitecture
Descriptors using this value have been shipped for years
by distros, so we just need to update the spec to match
reality.
Signed-off-by: Andrea Bolognani <[email protected]>
Reviewed-by: Kashyap Chamarthy <[email protected]>
Message-ID: <[email protected]>
Signed-off-by: Alistair Francis <[email protected]>
(cherry picked from commit da14767b356c2342197708a997eeb0da053262a0)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: 2148c7c00dc8cd053892ce08157dee859c4ebff1
https://github.com/qemu/qemu/commit/2148c7c00dc8cd053892ce08157dee859c4ebff1
Author: Frank Chang <[email protected]>
Date: 2025-10-04 (Sat, 04 Oct 2025)
Changed paths:
M hw/char/sifive_uart.c
Log Message:
-----------
hw/char: sifive_uart: Raise IRQ according to the Tx/Rx watermark thresholds
Currently, the SiFive UART raises an IRQ whenever:
1. ie.txwm is enabled.
2. ie.rxwm is enabled and the Rx FIFO is not empty.
It does not check the watermark thresholds set by software. However,
since commit [1] changed the SiFive UART character printing from
synchronous to asynchronous, Tx overflows may occur, causing characters
to be dropped when running Linux because:
1. The Linux SiFive UART driver sets the transmit watermark level to 1
[2], meaning a transmit watermark interrupt is raised whenever a
character is enqueued into the Tx FIFO.
2. Upon receiving a transmit watermark interrupt, the Linux driver
transfers up to a full Tx FIFO's worth of characters from the Linux
serial transmit buffer [3], without checking the txdata.full flag
before transferring multiple characters [4].
To fix this issue, we must honor the Tx/Rx watermark thresholds and
raise interrupts only when the Tx threshold is exceeded or the Rx
threshold is undercut.
[1] 53c1557b230986ab6320a58e1b2c26216ecd86d5
[2]
https://github.com/torvalds/linux/blob/master/drivers/tty/serial/sifive.c#L1039
[3]
https://github.com/torvalds/linux/blob/master/drivers/tty/serial/sifive.c#L538
[4]
https://github.com/torvalds/linux/blob/master/drivers/tty/serial/sifive.c#L291
Signed-off-by: Frank Chang <[email protected]>
Signed-off-by: Emmanuel Blot <[email protected]>
Reviewed-by: Alistair Francis <[email protected]>
Message-ID: <[email protected]>
Signed-off-by: Alistair Francis <[email protected]>
(cherry picked from commit 191df346175283af013f414375f4be59fb850120)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: 79509912ddf1e2e637865427eadaeaaf57a1edfa
https://github.com/qemu/qemu/commit/79509912ddf1e2e637865427eadaeaaf57a1edfa
Author: stove <[email protected]>
Date: 2025-10-04 (Sat, 04 Oct 2025)
Changed paths:
M target/riscv/cpu.h
Log Message:
-----------
target/riscv: use riscv_csrr in riscv_csr_read
Commit 38c83e8d3a33 ("target/riscv: raise an exception when CSRRS/CSRRC
writes a read-only CSR") changed the behavior of riscv_csrrw, which
would formerly be treated as read-only if the write mask were set to 0.
Fixes an exception being raised when accessing read-only vector CSRs
like vtype.
Fixes: 38c83e8d3a33 ("target/riscv: raise an exception when CSRRS/CSRRC writes
a read-only CSR")
Signed-off-by: stove <[email protected]>
Reviewed-by: Daniel Henrique Barboza <[email protected]>
Message-ID: <[email protected]>
Signed-off-by: Alistair Francis <[email protected]>
(cherry picked from commit cebaf7434b4af059caca053ee1ec7ed8df91c2a7)
(Mjt: context fix for v10.0.0-1030-gf1304836ea "target/riscv: Pass ra to
riscv_csrrw")
Signed-off-by: Michael Tokarev <[email protected]>
Commit: 9bed57fb2e5fc8635a4f4998dff6b7fb6ab6447e
https://github.com/qemu/qemu/commit/9bed57fb2e5fc8635a4f4998dff6b7fb6ab6447e
Author: Vladimir Isaev <[email protected]>
Date: 2025-10-04 (Sat, 04 Oct 2025)
Changed paths:
M target/riscv/translate.c
Log Message:
-----------
target/riscv: do not use translator_ldl in opcode_at
opcode_at is used only in semihosting checks to match opcodes with expected
pattern.
This is not a translator and if we got following assert if page is not in TLB:
qemu-system-riscv64: ../accel/tcg/translator.c:363: record_save: Assertion
`offset == db->record_start + db->record_len' failed.
Fixes: 1f9c4462334f ("target/riscv: Use translator_ld* for everything")
Signed-off-by: Vladimir Isaev <[email protected]>
Reviewed-by: Richard Henderson <[email protected]>
Message-ID: <[email protected]>
[ Changes by AF:
- Fixup header includes after rebase
]
Signed-off-by: Alistair Francis <[email protected]>
(cherry picked from commit a86d3352ab70f33f5feabbf9bad9450d3c19d0bf)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: 4dc7ff79963640f2c70c90014bc9e9279c570c61
https://github.com/qemu/qemu/commit/4dc7ff79963640f2c70c90014bc9e9279c570c61
Author: Guo Ren (Alibaba DAMO Academy) <[email protected]>
Date: 2025-10-04 (Sat, 04 Oct 2025)
Changed paths:
M hw/riscv/riscv-iommu.c
Log Message:
-----------
hw/riscv/riscv-iommu: Fixup PDT Nested Walk
Current implementation is wrong when iohgatp != bare. The RISC-V
IOMMU specification has defined that the PDT is based on GPA, not
SPA. So this patch fixes the problem, making PDT walk correctly
when the G-stage table walk is enabled.
Fixes: 0c54acb8243d ("hw/riscv: add RISC-V IOMMU base emulation")
Cc: [email protected]
Cc: Sebastien Boeuf <[email protected]>
Cc: Tomasz Jeznach <[email protected]>
Reviewed-by: Weiwei Li <[email protected]>
Reviewed-by: Nutty Liu <[email protected]>
Signed-off-by: Guo Ren (Alibaba DAMO Academy) <[email protected]>
Tested-by: Chen Pei <[email protected]>
Tested-by: Fangyu Yu <[email protected]>
Message-ID: <[email protected]>
[ Changes by AF:
- Add braces to if statements
]
Signed-off-by: Alistair Francis <[email protected]>
(cherry picked from commit 15abfced803929f935bb59a0e1b02558bd8325c4)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: 10ed1e211c749e0ee7b6a874de35f1d0e3b4da6e
https://github.com/qemu/qemu/commit/10ed1e211c749e0ee7b6a874de35f1d0e3b4da6e
Author: vhaudiquet <[email protected]>
Date: 2025-10-04 (Sat, 04 Oct 2025)
Changed paths:
M target/riscv/insn_trans/trans_rvzce.c.inc
Log Message:
-----------
target/riscv: Fix endianness swap on compressed instructions
Three instructions were not using the endianness swap flag, which resulted in a
bug on big-endian architectures.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/3131
Buglink: https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/2123828
Fixes: e0a3054f18e ("target/riscv: add support for Zcb extension")
Signed-off-by: Valentin Haudiquet <[email protected]>
Cc: [email protected]
Reviewed-by: Anton Johansson <[email protected]>
Reviewed-by: Daniel Henrique Barboza <[email protected]>
Reviewed-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Richard Henderson <[email protected]>
Message-ID: <[email protected]>
Signed-off-by: Alistair Francis <[email protected]>
(cherry picked from commit b25133d38fe693589cf695b85968caa0724bfafd)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: 81c7f085ae90417757dfbd616022eeca56c6cca4
https://github.com/qemu/qemu/commit/81c7f085ae90417757dfbd616022eeca56c6cca4
Author: Max Chou <[email protected]>
Date: 2025-10-04 (Sat, 04 Oct 2025)
Changed paths:
M target/riscv/cpu.c
M target/riscv/csr.c
M target/riscv/machine.c
M target/riscv/tcg/tcg-cpu.c
Log Message:
-----------
target/riscv: rvv: Replace checking V by checking Zve32x
The Zve32x extension will be applied by the V and Zve* extensions.
Therefore we can replace the original V checking with Zve32x checking for both
the V and Zve* extensions.
Signed-off-by: Max Chou <[email protected]>
Reviewed-by: Alistair Francis <[email protected]>
Message-ID: <[email protected]>
Signed-off-by: Alistair Francis <[email protected]>
(cherry picked from commit ae4a37f57818e47e212272821a5a86ad54620eb8)
(Mjt: drop the MonitorDef change due to missing v10.1.0-850-ge06d209aa6
"target/riscv: implement MonitorDef HMP API")
Signed-off-by: Michael Tokarev <[email protected]>
Commit: d2c69cbfb0e2dc3d82431c62262d677b94429639
https://github.com/qemu/qemu/commit/d2c69cbfb0e2dc3d82431c62262d677b94429639
Author: Max Chou <[email protected]>
Date: 2025-10-04 (Sat, 04 Oct 2025)
Changed paths:
M target/riscv/tcg/tcg-cpu.c
M target/riscv/translate.c
Log Message:
-----------
target/riscv: rvv: Modify minimum VLEN according to enabled vector extensions
According to the RISC-V unprivileged specification, the VLEN should be greater
or equal to the ELEN. This commit modifies the minimum VLEN based on the vector
extensions and introduces a check rule for VLEN and ELEN.
Extension Minimum VLEN
* V 128
* Zve64[d|f|x] 64
* Zve32[f|x] 32
Signed-off-by: Max Chou <[email protected]>
Reviewed-by: Alistair Francis <[email protected]>
Message-ID: <[email protected]>
Signed-off-by: Alistair Francis <[email protected]>
(cherry picked from commit be50ff3a73859ebbbdc0e6f704793062b1743d93)
(Mjt: compensate #include for the lack of v10.0.0-214-g42fa9665e5 "exec:
Restrict 'cpu_ldst.h' to accel/tcg/")
Signed-off-by: Michael Tokarev <[email protected]>
Commit: da22a22323f8b7f3b1c16363635389adce1d4461
https://github.com/qemu/qemu/commit/da22a22323f8b7f3b1c16363635389adce1d4461
Author: Juraj Marcin <[email protected]>
Date: 2025-10-05 (Sun, 05 Oct 2025)
Changed paths:
M migration/migration.c
Log Message:
-----------
migration: Fix state transition in postcopy_start() error handling
Commit 48814111366b ("migration: Always set DEVICE state") introduced
DEVICE state to postcopy, which moved the actual state transition that
leads to POSTCOPY_ACTIVE.
However, the error handling part of the postcopy_start() function still
expects the state POSTCOPY_ACTIVE, but depending on where an error
happens, now the state can be either ACTIVE, DEVICE or CANCELLING, but
never POSTCOPY_ACTIVE, as this transition now happens just before a
successful return from the function.
Instead, accept any state except CANCELLING when transitioning to FAILED
state.
Cc: [email protected]
Fixes: 48814111366b ("migration: Always set DEVICE state")
Signed-off-by: Juraj Marcin <[email protected]>
Reviewed-by: Peter Xu <[email protected]>
Reviewed-by: Fabiano Rosas <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Peter Xu <[email protected]>
(cherry picked from commit 725a9e5f7885a3c0d0cd82022d6eb5a758ac9d47)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: a231fb6d11a2b44160ae62687026cb03a941a211
https://github.com/qemu/qemu/commit/a231fb6d11a2b44160ae62687026cb03a941a211
Author: Peter Maydell <[email protected]>
Date: 2025-10-05 (Sun, 05 Oct 2025)
Changed paths:
M include/exec/memory.h
Log Message:
-----------
include/system/memory.h: Clarify address_space_destroy() behaviour
address_space_destroy() doesn't actually immediately destroy the AS;
it queues it to be destroyed via RCU. This means you can't g_free()
the memory the AS struct is in until that has happened.
Clarify this in the documentation.
Signed-off-by: Peter Maydell <[email protected]>
Reviewed-by: David Hildenbrand <[email protected]>
Link:
https://lore.kernel.org/r/[email protected]
Signed-off-by: Peter Xu <[email protected]>
(cherry picked from commit 9e7bfda4909cc688dd0327e17985019f08a78d5d)
(Mjt: this is just a comment fix, but it makes subsequent changes to apply
cleanly)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: 470f16d5173c99df501d66c87337c7705ef215f2
https://github.com/qemu/qemu/commit/470f16d5173c99df501d66c87337c7705ef215f2
Author: Peter Xu <[email protected]>
Date: 2025-10-05 (Sun, 05 Oct 2025)
Changed paths:
M include/exec/memory.h
M system/memory.c
Log Message:
-----------
memory: New AS helper to serialize destroy+free
If an AddressSpace has been created in its own allocated
memory, cleaning it up requires first destroying the AS
and then freeing the memory. Doing this doesn't work:
address_space_destroy(as);
g_free_rcu(as, rcu);
because both address_space_destroy() and g_free_rcu()
try to use the same 'rcu' node in the AddressSpace struct
and the address_space_destroy hook gets overwritten.
Provide a new address_space_destroy_free() function which
will destroy the AS and then free the memory it uses, all
in one RCU callback.
(CC to stable because the next commit needs this function.)
Cc: [email protected]
Reviewed-by: Peter Maydell <[email protected]>
Signed-off-by: Peter Maydell <[email protected]>
Reviewed-by: David Hildenbrand <[email protected]>
Link:
https://lore.kernel.org/r/[email protected]
Signed-off-by: Peter Xu <[email protected]>
(cherry picked from commit 041600e23f2fe2a9c252c9a8b26c7d147bedf982)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: 9d061df6781f779b8cf52168006061500ba4799a
https://github.com/qemu/qemu/commit/9d061df6781f779b8cf52168006061500ba4799a
Author: Peter Maydell <[email protected]>
Date: 2025-10-05 (Sun, 05 Oct 2025)
Changed paths:
M hw/core/cpu-common.c
M include/exec/cpu-common.h
M include/hw/core/cpu.h
A stubs/cpu-destroy-address-spaces.c
M stubs/meson.build
M system/physmem.c
Log Message:
-----------
physmem: Destroy all CPU AddressSpaces on unrealize
When we unrealize a CPU object (which happens on vCPU hot-unplug), we
should destroy all the AddressSpace objects we created via calls to
cpu_address_space_init() when the CPU was realized.
Commit 24bec42f3d6eae added a function to do this for a specific
AddressSpace, but did not add any places where the function was
called.
Since we always want to destroy all the AddressSpaces on unrealize,
regardless of the target architecture, we don't need to try to keep
track of how many are still undestroyed, or make the target
architecture code manually call a destroy function for each AS it
created. Instead we can adjust the function to always completely
destroy the whole cpu->ases array, and arrange for it to be called
during CPU unrealize as part of the common code.
Without this fix, AddressSanitizer will report a leak like this
from a run where we hot-plugged and then hot-unplugged an x86 KVM
vCPU:
Direct leak of 416 byte(s) in 1 object(s) allocated from:
#0 0x5b638565053d in calloc
(/data_nvme1n1/linaro/qemu-from-laptop/qemu/build/x86-tgts-asan/qemu-system-x86_64+0x1ee153d)
(BuildId: c1cd6022b195142106e1bffeca23498c2b752bca)
#1 0x7c28083f77b1 in g_malloc0
(/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x637b1) (BuildId:
1eb6131419edb83b2178b682829a6913cf682d75)
#2 0x5b6386999c7c in cpu_address_space_init
/data_nvme1n1/linaro/qemu-from-laptop/qemu/build/x86-tgts-asan/../../system/physmem.c:797:25
#3 0x5b638727f049 in kvm_cpu_realizefn
/data_nvme1n1/linaro/qemu-from-laptop/qemu/build/x86-tgts-asan/../../target/i386/kvm/kvm-cpu.c:102:5
#4 0x5b6385745f40 in accel_cpu_common_realize
/data_nvme1n1/linaro/qemu-from-laptop/qemu/build/x86-tgts-asan/../../accel/accel-common.c:101:13
#5 0x5b638568fe3c in cpu_exec_realizefn
/data_nvme1n1/linaro/qemu-from-laptop/qemu/build/x86-tgts-asan/../../hw/core/cpu-common.c:232:10
#6 0x5b63874a2cd5 in x86_cpu_realizefn
/data_nvme1n1/linaro/qemu-from-laptop/qemu/build/x86-tgts-asan/../../target/i386/cpu.c:9321:5
#7 0x5b6387a0469a in device_set_realized
/data_nvme1n1/linaro/qemu-from-laptop/qemu/build/x86-tgts-asan/../../hw/core/qdev.c:494:13
#8 0x5b6387a27d9e in property_set_bool
/data_nvme1n1/linaro/qemu-from-laptop/qemu/build/x86-tgts-asan/../../qom/object.c:2375:5
#9 0x5b6387a2090b in object_property_set
/data_nvme1n1/linaro/qemu-from-laptop/qemu/build/x86-tgts-asan/../../qom/object.c:1450:5
#10 0x5b6387a35b05 in object_property_set_qobject
/data_nvme1n1/linaro/qemu-from-laptop/qemu/build/x86-tgts-asan/../../qom/qom-qobject.c:28:10
#11 0x5b6387a21739 in object_property_set_bool
/data_nvme1n1/linaro/qemu-from-laptop/qemu/build/x86-tgts-asan/../../qom/object.c:1520:15
#12 0x5b63879fe510 in qdev_realize
/data_nvme1n1/linaro/qemu-from-laptop/qemu/build/x86-tgts-asan/../../hw/core/qdev.c:276:12
Cc: [email protected]
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2517
Signed-off-by: Peter Maydell <[email protected]>
Reviewed-by: David Hildenbrand <[email protected]>
Link:
https://lore.kernel.org/r/[email protected]
Signed-off-by: Peter Xu <[email protected]>
(cherry picked from commit 300a87c502c4ba7ffc7720d8f3583e3d1a68348a)
Signed-off-by: Michael Tokarev <[email protected]>
Compare: https://github.com/qemu/qemu/compare/a0c98ef864c3...9d061df6781f
To unsubscribe from these emails, change your notification settings at
https://github.com/qemu/qemu/settings/notifications
