On Mon, Jun 15, 2026 at 11:20 PM Qingwei Hu <[email protected]> wrote: > > The emulated APLIC state arrays are only allocated when QEMU handles > the interrupt controller state itself. With KVM AIA/APLIC-IMSIC, the > interrupt controller state is owned by the KVM in-kernel irqchip, so > these emulated state arrays are not allocated. > > The APLIC reset handler still clears those arrays unconditionally. This > makes qemu_system_reset(), which runs during machine creation, > dereference NULL pointers with -machine virt,aia=aplic-imsic and KVM. > > Skip the emulated APLIC reset path when the interrupt controller is > handled by KVM. The emulated path is unchanged for TCG and for > configurations that use QEMU emulation. > > Fixes: 99bfcd329a ("hw/intc: riscv_aplic: Add reset API to APLIC") > Reviewed-by: Nutty Liu <[email protected]> > Signed-off-by: Qingwei Hu <[email protected]>
Reviewed-by: Alistair Francis <[email protected]> Alistair > --- > hw/intc/riscv_aplic.c | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/hw/intc/riscv_aplic.c b/hw/intc/riscv_aplic.c > index c2c67c29e6..84606e9f3d 100644 > --- a/hw/intc/riscv_aplic.c > +++ b/hw/intc/riscv_aplic.c > @@ -910,6 +910,10 @@ static void riscv_aplic_reset_enter(Object *obj, > ResetType type) > RISCVAPLICState *aplic = RISCV_APLIC(obj); > int i; > > + if (!riscv_use_emulated_aplic(aplic->msimode)) { > + return; > + } > + > aplic->domaincfg = 0; > memset(aplic->sourcecfg, 0, sizeof(uint32_t) * aplic->num_irqs); > memset(aplic->target, 0, sizeof(uint32_t) * aplic->num_irqs); > -- > 2.47.3 > >
