Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: a80151c9da1a848e5d3ad7153080beaf0745e4cc
https://github.com/qemu/qemu/commit/a80151c9da1a848e5d3ad7153080beaf0745e4cc
Author: Philippe Mathieu-Daudé <phi...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M docs/about/deprecated.rst
M docs/about/removed-features.rst
M hw/sd/sd.c
M include/hw/sd/sd.h
Log Message:
-----------
hw/sd/sdcard: Remove support for spec v1.10
Support for spec v1.10 was deprecated in QEMU v9.1.
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouv...@linaro.org>
Message-ID: <20240627071040.36190-4-phi...@linaro.org>
Commit: b8d6e05f16b77231d11b96659072b302290b3396
https://github.com/qemu/qemu/commit/b8d6e05f16b77231d11b96659072b302290b3396
Author: Philippe Mathieu-Daudé <phi...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M target/ppc/kvm.c
Log Message:
-----------
target/ppc/kvm: Avoid using alloca()
kvmppc_load_htab_chunk() is used for migration, thus is not
a hot path. Use the heap instead of the stack, removing the
alloca() call.
Reported-by: Peter Maydell <peter.mayd...@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Reviewed-by: Peter Maydell <peter.mayd...@linaro.org>
Reviewed-by: Manos Pitsidianakis <manos.pitsidiana...@linaro.org>
Reviewed-by: Harsh Prateek Bora <hars...@linux.ibm.com>
Reviewed-by: Stefan Hajnoczi <stefa...@redhat.com>
Message-Id: <20250901132626.28639-2-phi...@linaro.org>
Commit: 32ee080ccdde8a90d5ee3b56e28f95ada35dee4c
https://github.com/qemu/qemu/commit/32ee080ccdde8a90d5ee3b56e28f95ada35dee4c
Author: Philippe Mathieu-Daudé <phi...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M docs/devel/style.rst
Log Message:
-----------
docs/devel/style: Mention alloca() family API is forbidden
Suggested-by: Alex Bennée <alex.ben...@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Reviewed-by: Manos Pitsidianakis <manos.pitsidiana...@linaro.org>
Reviewed-by: Stefan Hajnoczi <stefa...@redhat.com>
Message-Id: <20250901132626.28639-4-phi...@linaro.org>
Commit: e74416713fe166a6f21cc5ee2000cfd0c248e1a7
https://github.com/qemu/qemu/commit/e74416713fe166a6f21cc5ee2000cfd0c248e1a7
Author: Djordje Todorovic <djordje.todoro...@htecgroup.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M hw/pci/pci.c
Log Message:
-----------
hw/pci: Allow explicit function numbers in pci
Since there is no pch_gbe emulation, we could be using func other
than 0 when adding new devices to specific boards.
Signed-off-by: Chao-ying Fu <c...@mips.com>
Signed-off-by: Djordje Todorovic <djordje.todoro...@htecgroup.com>
Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Message-ID: <20250901102850.1172983-13-djordje.todoro...@htecgroup.com>
[PMD: Compare with null character ('\0'), not '0']
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: 7ef54b7bf38104c59523a0d7559ae964676178b2
https://github.com/qemu/qemu/commit/7ef54b7bf38104c59523a0d7559ae964676178b2
Author: Pierrick Bouvier <pierrick.bouv...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M migration/meson.build
Log Message:
-----------
migration: compile migration/ram.c once
Acked-by: Fabiano Rosas <faro...@suse.de>
Reviewed-by: Peter Xu <pet...@redhat.com>
Signed-off-by: Pierrick Bouvier <pierrick.bouv...@linaro.org>
Reviewed-by: Richard Henderson <richard.hender...@linaro.org>
Message-ID: <20250730220435.1139101-2-pierrick.bouv...@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: 01b6fb37056bf5c6a734e77b386f4e9c830b2ce0
https://github.com/qemu/qemu/commit/01b6fb37056bf5c6a734e77b386f4e9c830b2ce0
Author: Pierrick Bouvier <pierrick.bouv...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M MAINTAINERS
M migration/meson.build
A migration/vfio-stub.c
M migration/vfio.c
Log Message:
-----------
migration/vfio: compile only once
Acked-by: Fabiano Rosas <faro...@suse.de>
Reviewed-by: Peter Xu <pet...@redhat.com>
Signed-off-by: Pierrick Bouvier <pierrick.bouv...@linaro.org>
Reviewed-by: Richard Henderson <richard.hender...@linaro.org>
Message-ID: <20250730220435.1139101-3-pierrick.bouv...@linaro.org>
[PMD: Cover vfio-stub.c in MAINTAINERS]
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: 38838f0837a3fcfadf000d885329216195a5f9ae
https://github.com/qemu/qemu/commit/38838f0837a3fcfadf000d885329216195a5f9ae
Author: Pierrick Bouvier <pierrick.bouv...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpu-target.c
M meson.build
M target-info-stub.c
Log Message:
-----------
cpu-target: build compilation unit once for user/system
Reviewed-by: Richard Henderson <richard.hender...@linaro.org>
Signed-off-by: Pierrick Bouvier <pierrick.bouv...@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Message-ID: <20250730220519.1140447-2-pierrick.bouv...@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: 9dbb61bb2cfea836bfdb10260a5ebe4d0678463a
https://github.com/qemu/qemu/commit/9dbb61bb2cfea836bfdb10260a5ebe4d0678463a
Author: Pierrick Bouvier <pierrick.bouv...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M include/exec/target_page.h
M meson.build
R page-target.c
Log Message:
-----------
include/exec/target_page.h: move page-target.c to header
Reviewed-by: Richard Henderson <richard.hender...@linaro.org>
Signed-off-by: Pierrick Bouvier <pierrick.bouv...@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Message-ID: <20250730220519.1140447-3-pierrick.bouv...@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: 0df57e00d22412320873c2a7548f49c72b247e42
https://github.com/qemu/qemu/commit/0df57e00d22412320873c2a7548f49c72b247e42
Author: Pierrick Bouvier <pierrick.bouv...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M hw/meson.build
Log Message:
-----------
hw/meson: enter target hw first
We can reuse target source sets for "generic" devices that are related
to a single architecture (like interrupt controllers).
Signed-off-by: Pierrick Bouvier <pierrick.bouv...@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Tested-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Message-ID: <20250801174006.2466508-2-pierrick.bouv...@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: c0a3bdf62c260aa647491b4906c55177a2c08d23
https://github.com/qemu/qemu/commit/c0a3bdf62c260aa647491b4906c55177a2c08d23
Author: Pierrick Bouvier <pierrick.bouv...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M hw/intc/meson.build
Log Message:
-----------
hw/intc: compile some arm related source once
Let kvm related gic file out for now, as they are compiled only on
aarch64 hosts.
Signed-off-by: Pierrick Bouvier <pierrick.bouv...@linaro.org>
Tested-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Message-ID: <20250801174006.2466508-3-pierrick.bouv...@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: 8e4649cac9bcddc050d2df07908075e9e69bccc7
https://github.com/qemu/qemu/commit/8e4649cac9bcddc050d2df07908075e9e69bccc7
Author: Laurent Vivier <lviv...@redhat.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M hw/net/e1000e_core.c
Log Message:
-----------
e1000e: Prevent crash from legacy interrupt firing after MSI-X enable
A race condition between guest driver actions and QEMU timers can lead
to an assertion failure when the guest switches the e1000e from legacy
interrupt mode to MSI-X. If a legacy interrupt delay timer (TIDV or
RDTR) is active, but the guest enables MSI-X before the timer fires,
the pending interrupt cause can trigger an assert in
e1000e_intmgr_collect_delayed_causes().
This patch removes the assertion and executes the code that clears the
pending legacy causes. This change is safe and introduces no unintended
behavioral side effects, as it only alters a state that previously led
to termination.
- when core->delayed_causes == 0 the function was already a no-op and
remains so.
- when core->delayed_causes != 0 the function would previously
crash due to the assertion failure. The patch now defines a safe
outcome by clearing the cause and returning. Since behavior after
the assertion never existed, this simply corrects the crash.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1863
Suggested-by: Akihiko Odaki <od...@rsg.ci.i.u-tokyo.ac.jp>
Signed-off-by: Laurent Vivier <lviv...@redhat.com>
Acked-by: Jason Wang <jasow...@redhat.com>
Reviewed-by: Akihiko Odaki <od...@rsg.ci.i.u-tokyo.ac.jp>
Message-ID: <20250807110806.409065-1-lviv...@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: c5ade4f9d289fed61df7a04950f8f607e26353e6
https://github.com/qemu/qemu/commit/c5ade4f9d289fed61df7a04950f8f607e26353e6
Author: Philippe Mathieu-Daudé <phi...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M scripts/coverity-scan/COMPONENTS.md
Log Message:
-----------
scripts/coverity-scan/COMPONENTS.md: Add a 'plugins' category
Cover the TCG plugins files under their own Coverity category.
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Reviewed-by: Peter Maydell <peter.mayd...@linaro.org>
Acked-by: Alex Bennée <alex.ben...@linaro.org>
Message-Id: <20250811094341.91597-1-phi...@linaro.org>
Commit: 7baa9c39fc3d525216f0cedcfda5374c26d50e80
https://github.com/qemu/qemu/commit/7baa9c39fc3d525216f0cedcfda5374c26d50e80
Author: Philippe Mathieu-Daudé <phi...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M hw/scsi/mptsas.c
Log Message:
-----------
hw/scsi/mptsas: Avoid silent integer truncation in MPI_FUNC_IOC_INIT
For the MaxDevices 8-bit field of the request / response structures
of the MPI_FUNCTION_IOC_INIT command, the 0x00 value means "max 256
devices". This is not a problem because when max_devices=256, its
value (0x100), being casted to a uint8_t, is truncated to 0x00.
However Coverity complains for an "Overflowed constant". Fix by
re-using the request fields in the response, since they are not
modified and use the same types.
Fix: Coverity 1547736 (Overflowed constant)
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Reviewed-by: Peter Maydell <peter.mayd...@linaro.org>
Message-Id: <20250811095550.93655-1-phi...@linaro.org>
Commit: 831d75fd735dbd116703d3a1ca5e271dc930ebae
https://github.com/qemu/qemu/commit/831d75fd735dbd116703d3a1ca5e271dc930ebae
Author: Philippe Mathieu-Daudé <phi...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M include/hw/ssi/ssi.h
Log Message:
-----------
hw/ssi: Document ssi_transfer() method
A SPI transaction consists of shifting bit in sync with the CLK
line, writing on the MOSI (output) line / and reading MISO (input)
line.
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Reviewed-by: Gustavo Romero <gustavo.rom...@linaro.org>
Reviewed-by: Alex Bennée <alex.ben...@linaro.org>
Commit: 14ab44b96d5bf761af81cc723314ef5ecf73ed17
https://github.com/qemu/qemu/commit/14ab44b96d5bf761af81cc723314ef5ecf73ed17
Author: Philippe Mathieu-Daudé <phi...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M include/elf.h
Log Message:
-----------
elf: Add EF_MIPS_ARCH_ASE definitions
Include MIPS ASE ELF definitions from binutils:
https://sourceware.org/git/?p=binutils-gdb.git;a=blob;f=include/elf/mips.h;h=4fc190f404d828ded84e621bfcece5fa9f9c23c8;hb=HEAD#l210
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Reviewed-by: Richard Henderson <richard.hender...@linaro.org>
Message-Id: <20250814070650.78657-2-phi...@linaro.org>
Commit: 7a09b3cc70ab6d717b18dec5c5995f7a06af4593
https://github.com/qemu/qemu/commit/7a09b3cc70ab6d717b18dec5c5995f7a06af4593
Author: Philippe Mathieu-Daudé <phi...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M linux-user/mips/elfload.c
Log Message:
-----------
linux-user/mips: Select 74Kf CPU to run MIPS16e binaries
The 74Kf is our latest CPU supporting MIPS16e ASE.
Note, currently QEMU doesn't have 64-bit CPU supporting MIPS16e ASE.
Cc: qemu-sta...@nongnu.org
Fixes: 6ea219d0196..d19954f46df ("target-mips: MIPS16 support")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/3054
Reported-by: Justin Applegate <justink.appleg...@gmail.com>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Reviewed-by: Richard Henderson <richard.hender...@linaro.org>
Message-Id: <20250814070650.78657-3-phi...@linaro.org>
Commit: 51c3aebfda6489b49cebef593a1ceb597cb97a7e
https://github.com/qemu/qemu/commit/51c3aebfda6489b49cebef593a1ceb597cb97a7e
Author: Philippe Mathieu-Daudé <phi...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M linux-user/mips/elfload.c
Log Message:
-----------
linux-user/mips: Select M14Kc CPU to run microMIPS binaries
The M14Kc is our latest CPU supporting the microMIPS ASE.
Note, currently QEMU doesn't have 64-bit CPU supporting microMIPS ASE.
Cc: qemu-sta...@nongnu.org
Fixes: 3c824109da0 ("target-mips: microMIPS ASE support")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/3054
Reported-by: Justin Applegate <justink.appleg...@gmail.com>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Reviewed-by: Richard Henderson <richard.hender...@linaro.org>
Message-Id: <20250814070650.78657-4-phi...@linaro.org>
Commit: 1f82ca723478f44823a18e7151e487d58da03659
https://github.com/qemu/qemu/commit/1f82ca723478f44823a18e7151e487d58da03659
Author: Denis Rastyogin <ger...@altlinux.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M target/mips/tcg/system/tlb_helper.c
Log Message:
-----------
target/mips: fix TLB huge page check to use 64-bit shift
Use extract64(entry, psn, 1) instead of (entry & (1 << psn)) to avoid
undefined behavior for shifts by 32–63 and to make bit extraction intent
explicit.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Signed-off-by: Denis Rastyogin <ger...@altlinux.org>
Message-ID: <20250814104914.13101-1-ger...@altlinux.org>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: 46d03bb23dde86513465724760d85f42eb17539e
https://github.com/qemu/qemu/commit/46d03bb23dde86513465724760d85f42eb17539e
Author: Aditya Gupta <adit...@linux.ibm.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M hw/ppc/pnv.c
M target/ppc/cpu.h
M target/ppc/misc_helper.c
Log Message:
-----------
hw/ppc: Fix build error with CONFIG_POWERNV disabled
Currently when CONFIG_POWERNV is not enabled, the build fails, such as
with --without-default-devices:
$ ./configure --without-default-devices
$ make
[281/283] Linking target qemu-system-ppc64
FAILED: qemu-system-ppc64
cc -m64 @qemu-system-ppc64.rsp
/usr/bin/ld: libqemu-ppc64-softmmu.a.p/target_ppc_misc_helper.c.o: in
function `helper_load_sprd':
.../target/ppc/misc_helper.c:335:(.text+0xcdc): undefined reference to
`pnv_chip_find_core'
/usr/bin/ld: libqemu-ppc64-softmmu.a.p/target_ppc_misc_helper.c.o: in
function `helper_store_sprd':
.../target/ppc/misc_helper.c:375:(.text+0xdf4): undefined reference to
`pnv_chip_find_core'
collect2: error: ld returned 1 exit status
...
This is since target/ppc/misc_helper.c references PowerNV specific
'pnv_chip_find_core' call.
Split the PowerNV specific SPRD code out of the generic PowerPC code, by
moving the SPRD code to pnv.c
Fixes: 9808ce6d5cb ("target/ppc: Big-core scratch register fix")
Cc: Philippe Mathieu-Daudé <phi...@linaro.org>
Reported-by: Thomas Huth <th...@redhat.com>
Suggested-by: Cédric Le Goater <c...@redhat.com>
Signed-off-by: Aditya Gupta <adit...@linux.ibm.com>
Acked-by: Cédric Le Goater <c...@redhat.com>
Message-ID: <20250820122516.949766-2-adit...@linux.ibm.com>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: 01941107ebda4756e63a841ff5c457bc6a77c6ce
https://github.com/qemu/qemu/commit/01941107ebda4756e63a841ff5c457bc6a77c6ce
Author: Peter Maydell <peter.mayd...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M hw/core/irq.c
M include/hw/irq.h
Log Message:
-----------
hw/irq: New qemu_init_irq_child() function
The qemu_init_irq() function initializes a TYPE_IRQ QOM object. The
caller is therefore responsible for eventually calling
qemu_free_irq() to unref (and thus free) it.
In many places where we want to initialize an IRQ we are in
the init/realize of some other QOM object; if we have a variant
of this function that calls object_initialize_child() then the
IRQ will be automatically cleaned up when its parent object is
destroyed, and we don't need to remember to manually free it.
Implement qemu_init_irq_child(), which is to qemu_init_irq()
what object_initialize_child() is to object_initialize().
Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Message-ID: <20250821154053.2417090-2-peter.mayd...@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: d1c9061b97d57d194e44023eb7e52fedde155e61
https://github.com/qemu/qemu/commit/d1c9061b97d57d194e44023eb7e52fedde155e61
Author: Peter Maydell <peter.mayd...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M hw/char/serial-pci-multi.c
Log Message:
-----------
hw/char/serial-pci-multi: Use qemu_init_irq_child() to avoid leak
The serial-pci-multi device initializes an IRQ with qemu_init_irq()
in its instance_init function; however it never calls qemu_free_irq(),
so the init/deinit cycle has a memory leak, which ASAN catches
in the device-introspect-test:
Direct leak of 576 byte(s) in 6 object(s) allocated from:
#0 0x626306ddade3 in malloc
(/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/qem
u-system-arm+0x21f1de3) (BuildId: 52ece17287eba2d68e5be980e1856cd1f6be932f)
#1 0x7756ade79b09 in g_malloc
(/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x62b09) (BuildId: 1
eb6131419edb83b2178b682829a6913cf682d75)
#2 0x7756ade5b45a in g_hash_table_new_full
(/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x4445a
) (BuildId: 1eb6131419edb83b2178b682829a6913cf682d75)
#3 0x62630965da37 in object_initialize_with_type
/mnt/nvmedisk/linaro/qemu-from-laptop/qem
u/build/arm-asan/../../qom/object.c:568:23
#4 0x62630965d440 in object_initialize
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/ar
m-asan/../../qom/object.c:578:5
#5 0x626309653eeb in qemu_init_irq
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-as
an/../../hw/core/irq.c:48:5
#6 0x6263072370bb in multi_serial_init
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../hw/char/serial-pci-multi.c:183:9
Use the new qemu_init_irq_child() function instead, so that the
IRQ object is automatically unreffed when the serial-pci
device is deinited.
Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Message-ID: <20250821154053.2417090-3-peter.mayd...@linaro.org>
[PMD: Use "irq[*]" as child property name]
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: f905be62379aab0c5874756e1a73b33581d7011d
https://github.com/qemu/qemu/commit/f905be62379aab0c5874756e1a73b33581d7011d
Author: Peter Maydell <peter.mayd...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M hw/ide/ich.c
Log Message:
-----------
hw/ide/ich.c: Use qemu_init_irq_child() to avoid memory leak
The ICH9 PCI device uses qemu_init_irq() in its instance_init method,
but fails to clean it up in its uninit. This results in a leak,
detected by ASAN when running the device-introspect-test:
Direct leak of 96 byte(s) in 1 object(s) allocated from:
#0 0x58f3b53ecde3 in malloc
(/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/qem
u-system-arm+0x21f1de3) (BuildId: 8dcd38b1d76bd7bd44f905c38200f4cceafd7ca4)
#1 0x72e446dd5b09 in g_malloc
(/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x62b09) (BuildId: 1
eb6131419edb83b2178b682829a6913cf682d75)
#2 0x72e446db745a in g_hash_table_new_full
(/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x4445a
) (BuildId: 1eb6131419edb83b2178b682829a6913cf682d75)
#3 0x58f3b7c6fc67 in object_initialize_with_type
/mnt/nvmedisk/linaro/qemu-from-laptop/qem
u/build/arm-asan/../../qom/object.c:568:23
#4 0x58f3b7c6f670 in object_initialize
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/ar
m-asan/../../qom/object.c:578:5
#5 0x58f3b7c6611b in qemu_init_irq
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../hw/core/irq.c:48:5
#6 0x58f3b5c6e931 in pci_ich9_ahci_init
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../hw/ide/ich.c:117:5
We could call qemu_free_irq() in pci_ich9_uninit(), but
since we have a method of initializing the IRQ that doesn't
need manual freeing, use that instead: qemu_init_irq_child().
Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Message-ID: <20250821154053.2417090-4-peter.mayd...@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: 3284d1c07cfd8d42aa27d1cf83d3e65fcd62e35e
https://github.com/qemu/qemu/commit/3284d1c07cfd8d42aa27d1cf83d3e65fcd62e35e
Author: Peter Maydell <peter.mayd...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M hw/gpio/pca9554.c
Log Message:
-----------
hw/gpio/pca9554: Avoid leak in pca9554_set_pin()
In pca9554_set_pin() we have a string property which we parse in
order to set some non-string fields in the device state. So we call
visit_type_str(), passing it the address of the local variable
state_str.
visit_type_str() will allocate a new copy of the string; we
never free this string, so the result is a memory leak, detected
by ASAN during a "make check" run:
Direct leak of 5 byte(s) in 1 object(s) allocated from:
#0 0x5d605212ede3 in malloc
(/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/qemu-system-arm+0x21f1de3)
(
BuildId: 3d5373c89317f58bfcd191a33988c7347714be14)
#1 0x7f7edea57b09 in g_malloc
(/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x62b09) (BuildId:
1eb6131419edb83b2178b68282
9a6913cf682d75)
#2 0x7f7edea6d4d8 in g_strdup
(/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x784d8) (BuildId:
1eb6131419edb83b2178b68282
9a6913cf682d75)
#3 0x5d6055289a91 in g_strdup_inline
/usr/include/glib-2.0/glib/gstrfuncs.h:321:10
#4 0x5d6055289a91 in qobject_input_type_str
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../qapi/qo
bject-input-visitor.c:542:12
#5 0x5d605528479c in visit_type_str
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../qapi/qapi-visit
-core.c:349:10
#6 0x5d60528bdd87 in pca9554_set_pin
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../hw/gpio/pca9554.c:179:10
#7 0x5d60549bcbbb in object_property_set
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../qom/object.c:1450:5
#8 0x5d60549d2055 in object_property_set_qobject
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../qom/qom-qobject.c:28:10
#9 0x5d60549bcdf1 in object_property_set_str
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../qom/object.c:1458:15
#10 0x5d605439d077 in gb200nvl_bmc_i2c_init
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../hw/arm/aspeed.c:1267:5
#11 0x5d60543a3bbc in aspeed_machine_init
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../hw/arm/aspeed.c:493:9
Make the state_str g_autofree, so that we will always free
it, on both error-exit and success codepaths.
Cc: qemu-sta...@nongnu.org
Fixes: de0c7d543bca ("misc: Add a pca9554 GPIO device model")
Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
Reviewed-by: Glenn Miles <mil...@linux.ibm.com>
Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Message-ID: <20250821154459.2417976-1-peter.mayd...@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: ac6b124180f7698084ef2a59282e8fa65a45f23b
https://github.com/qemu/qemu/commit/ac6b124180f7698084ef2a59282e8fa65a45f23b
Author: Peter Maydell <peter.mayd...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M hw/char/max78000_uart.c
Log Message:
-----------
hw/char/max78000_uart: Destroy FIFO on deinit
In the max78000_uart we create a FIFO in the instance_init function,
but we don't destroy it on deinit, so ASAN reports a leak in the
device-introspect-test:
#0 0x561cc92d5de3 in malloc
(/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/qemu-system-arm+0x21f1de3)
(BuildId: 98fdf9fc85c3beaeca8eda0be8412f1e11b9c6ad)
#1 0x70cbf2afab09 in g_malloc
(/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x62b09) (BuildId:
1eb6131419edb83b2178b682829a6913cf682d75)
#2 0x561ccc4c884d in fifo8_create
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../util/fifo8.c:27:18
#3 0x561cc9744ec9 in max78000_uart_init
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../hw/char/max78000_uart.c:241:5
Add an instance_finalize method to destroy the FIFO.
Cc: qemu-sta...@nongnu.org
Fixes: d447e4b70295 ("MAX78000: UART Implementation")
Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Message-ID: <20250821154358.2417744-1-peter.mayd...@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: 4dec497264c2e03b32fc82d6f24a694661b14d64
https://github.com/qemu/qemu/commit/4dec497264c2e03b32fc82d6f24a694661b14d64
Author: Peter Maydell <peter.mayd...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M hw/misc/xlnx-versal-cframe-reg.c
Log Message:
-----------
hw/misc/xlnx-versal-cframe-reg: Free FIFO, g_tree on deinit
In the xlnx-versal-cframe-reg device we create a FIFO in
instance_init but don't destroy it on deinit, causing ASAN
to report a leak in the device-introspect-test:
Direct leak of 400 byte(s) in 1 object(s) allocated from:
#0 0x5aded4d54e23 in malloc
(/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/qemu-system-aarch64+0x24ffe23)
(BuildId: 9f1e6c53fecd904ba5fc1f521d7da080a0e4103b)
#1 0x71fbfac9bb09 in g_malloc
(/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x62b09) (BuildId:
1eb6131419edb83b2178b682829a6913cf682d75)
#2 0x5aded850059d in fifo8_create
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../util/fifo8.c:27:18
#3 0x5aded582b9e4 in fifo32_create
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/include/qemu/fifo32.h:35:5
#4 0x5aded582b326 in cframe_reg_init
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../hw/misc/xlnx-versal-cframe-reg.c:693:5
Similarly, we don't clean up the g_tree we create:
Direct leak of 48 byte(s) in 1 object(s) allocated from:
#0 0x5aded4d54e23 in malloc
(/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/qemu-system-aarch64+0x24ffe23)
(BuildId: 9f1e6c5
3fecd904ba5fc1f521d7da080a0e4103b)
#1 0x71fbfac9bb09 in g_malloc
(/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x62b09) (BuildId:
1eb6131419edb83b2178b682829a6913cf682d75)
#2 0x71fbfaccc799 in g_tree_new_full
(/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x93799) (BuildId:
1eb6131419edb83b2178b682829a6913cf682d7
5)
#3 0x5aded582b21a in cframe_reg_init
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../hw/misc/xlnx-versal-cframe-reg.c:691:18
Add an instance_finalize method to clean up what we
allocated in instance_init.
Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.igles...@amd.com>
Reviewed-by: Manos Pitsidianakis <manos.pitsidiana...@linaro.org>
Reviewed-by: Francisco Iglesias <francisco.igles...@amd.com>
Message-ID: <20250826174956.3010274-2-peter.mayd...@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: 6592f710e4e1890a8a71e157266060bceacef6dd
https://github.com/qemu/qemu/commit/6592f710e4e1890a8a71e157266060bceacef6dd
Author: Peter Maydell <peter.mayd...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M hw/display/xlnx_dp.c
Log Message:
-----------
hw/display/xlnx_dp: Don't leak dpcd and edid objects
In the xnlx_dp_init() function we create the s->dpcd and
s->edid objects with qdev_new(); then in xlnx_dp_realize()
we realize the dpcd with qdev_realize() and the edid with
qdev_realize_and_unref().
This is inconsistent, and both ways result in a memory
leak for the instance_init -> deinit lifecycle tested
by device-introspect-test:
Indirect leak of 1968 byte(s) in 1 object(s) allocated from:
#0 0x5aded4d54e23 in malloc
(/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/qemu-system-aarch64+0x24ffe23)
(BuildId: 9f1e6c5
3fecd904ba5fc1f521d7da080a0e4103b)
#1 0x71fbfac9bb09 in g_malloc
(/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x62b09) (BuildId:
1eb6131419edb83b2178b682829a6913cf682d75)
#2 0x5aded7b9211c in object_new_with_type
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../qom/object.c:767:15
#3 0x5aded7b92240 in object_new
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../qom/object.c:789:12
#4 0x5aded7b773e4 in qdev_new
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../hw/core/qdev.c:149:19
#5 0x5aded54458be in xlnx_dp_init
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../hw/display/xlnx_dp.c:1272:20
Direct leak of 344 byte(s) in 1 object(s) allocated from:
#0 0x5aded4d54e23 in malloc
(/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/qemu-system-aarch64+0x24ffe23)
(BuildId: 9f1e6c53fecd904ba5fc1f521d7da080a0e4103b)
#1 0x71fbfac9bb09 in g_malloc
(/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x62b09) (BuildId:
1eb6131419edb83b2178b682829a6913cf682d75)
#2 0x5aded7b9211c in object_new_with_type
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../qom/object.c:767:15
#3 0x5aded7b92240 in object_new
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../qom/object.c:789:12
#4 0x5aded7b773e4 in qdev_new
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../hw/core/qdev.c:149:19
#5 0x5aded5445a56 in xlnx_dp_init
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../hw/display/xlnx_dp.c:1275:22
Instead, explicitly object_unref() after we have added the objects as
child properties of the device. This means they will automatically
be freed when this device is deinited. When we do this,
qdev_realize() is the correct way to realize them in
xlnx_dp_realize().
Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
Reviewed-by: Francisco Iglesias <francisco.igles...@amd.com>
Reviewed-by: Manos Pitsidianakis <manos.pitsidiana...@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.igles...@amd.com>
Message-ID: <20250826174956.3010274-3-peter.mayd...@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: acba1ebcad9a0dd8c08495edaf5b8ce6a748bb01
https://github.com/qemu/qemu/commit/acba1ebcad9a0dd8c08495edaf5b8ce6a748bb01
Author: Philippe Mathieu-Daudé <phi...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M MAINTAINERS
M configs/devices/mips-softmmu/common.mak
M docs/about/deprecated.rst
M docs/about/removed-features.rst
M docs/system/target-mips.rst
M hw/mips/Kconfig
M hw/mips/meson.build
R hw/mips/mipssim.c
Log Message:
-----------
hw/mips: Remove mipssim machine
The "mipssim" machine is deprecated since commit facfc943cb9
("hw/mips: Mark the "mipssim" machine as deprecated"), released
in v10.0; time to remove.
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Reviewed-by: Ján Tomko <jto...@redhat.com>
Reviewed-by: Richard Henderson <richard.hender...@linaro.org>
Reviewed-by: Jiaxun Yang <jiaxun.y...@flygoat.com>
Message-Id: <20250828143800.49842-2-phi...@linaro.org>
Commit: 60c8ee1a6d6ad89dd55f3066062dc788f4a419dc
https://github.com/qemu/qemu/commit/60c8ee1a6d6ad89dd55f3066062dc788f4a419dc
Author: Philippe Mathieu-Daudé <phi...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M MAINTAINERS
M hw/net/Kconfig
M hw/net/meson.build
R hw/net/mipsnet.c
M hw/net/trace-events
Log Message:
-----------
hw/net: Remove mipsnet device model
The mipsnet device model was only used by the mipssim machine,
which just got removed. Remove as now dead code.
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Reviewed-by: Ján Tomko <jto...@redhat.com>
Reviewed-by: Richard Henderson <richard.hender...@linaro.org>
Reviewed-by: Jiaxun Yang <jiaxun.y...@flygoat.com>
Message-Id: <20250828143800.49842-3-phi...@linaro.org>
Commit: 79d472a51015f9c9ab341a5f56b8c450870c006b
https://github.com/qemu/qemu/commit/79d472a51015f9c9ab341a5f56b8c450870c006b
Author: Jan Kiszka <jan.kis...@siemens.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M hw/sd/sd.c
Log Message:
-----------
hw/sd/sdcard: Add validation for boot-partition-size
Make sure we are not silently rounding down or even wrapping around,
causing inconsistencies with the provided image.
Signed-off-by: Jan Kiszka <jan.kis...@siemens.com>
Reviewed-by: Alex Bennée <alex.ben...@linaro.org>
[PMD: Use g_autofree, suggested by Alex]
Message-ID:
<1fff448da042bdf8cff7733ce67cadff4c540f1d.1756706188.git.jan.kis...@siemens.com>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: e2d7c1a3cdc46d6b2e8afa8db8a7ef4c2740a2fe
https://github.com/qemu/qemu/commit/e2d7c1a3cdc46d6b2e8afa8db8a7ef4c2740a2fe
Author: Jan Kiszka <jan.kis...@siemens.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M hw/sd/sd.c
M hw/sd/sdmmc-internal.h
Log Message:
-----------
hw/sd/sdcard: Refactor sd_bootpart_offset
This function provides the offset for any partition in the block image,
not only the boot partitions, therefore rename it. Align the constant
names with the numbering scheme in the standard and use constants for
both boot partitions for consistency reasons. There is also no reason to
return early if boot_part_size is zero because the existing code will
provide the right value in that case as well.
Signed-off-by: Jan Kiszka <jan.kis...@siemens.com>
Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Message-ID:
<66e9b07476aad61820c4f42f4f984cc90752ba5e.1756706188.git.jan.kis...@siemens.com>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: 22ece1a6ebf5d9e0b0a3e376dcfbfe9d96d209b9
https://github.com/qemu/qemu/commit/22ece1a6ebf5d9e0b0a3e376dcfbfe9d96d209b9
Author: Jan Kiszka <jan.kis...@siemens.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M crypto/hmac-gcrypt.c
M crypto/hmac-glib.c
M crypto/hmac-gnutls.c
M crypto/hmac-nettle.c
M include/crypto/hmac.h
Log Message:
-----------
crypto/hmac: Allow to build hmac over multiple qcrypto_gnutls_hmac_bytes[v]
calls
If the buffers that should be considered for building the hmac are not
available at the same time, the current API is unsuitable. Extend it so
that passing a NULL pointer as result_len is used as indicator that
further buffers will be passed in succeeding calls to
qcrypto_gnutls_hmac_bytes[v].
Signed-off-by: Jan Kiszka <jan.kis...@siemens.com>
Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Message-ID:
<2d3539c247a6c323491a3821f0e5b6fc382a4686.1756706188.git.jan.kis...@siemens.com>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: 319ca84949fc3134774342d50790592680c3b9b0
https://github.com/qemu/qemu/commit/319ca84949fc3134774342d50790592680c3b9b0
Author: Cédric Le Goater <c...@redhat.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M hw/arm/virt.c
Log Message:
-----------
hw/arm/virt: Include 'system/system.h'
hw/arm/virt.c should include 'system/system.h' for :
serial_hd()
qemu_add_machine_init_done_notifier()
Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Reviewed-by: Peter Maydell <peter.mayd...@linaro.org>
Link: https://lore.kernel.org/qemu-devel/20250731144019.1403591-1-...@redhat.com
Signed-off-by: Cédric Le Goater <c...@redhat.com>
Message-ID: <20250901064631.530723-2-...@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: 02423bc9d329b7ff274aa2cf7da544dc339d9724
https://github.com/qemu/qemu/commit/02423bc9d329b7ff274aa2cf7da544dc339d9724
Author: Cédric Le Goater <c...@redhat.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M hw/isa/isa-superio.c
Log Message:
-----------
hw/isa/superio: Include 'system/system.h'
Files using serial_hd() should include 'system/system.h'. Fix that.
Cc: Michael S. Tsirkin <m...@redhat.com>
Cc: Paolo Bonzini <pbonz...@redhat.com>
Signed-off-by: Cédric Le Goater <c...@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Message-ID: <20250901064631.530723-3-...@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: f4e39e06d1c8cfc0cfd4d2f839d85f568072435d
https://github.com/qemu/qemu/commit/f4e39e06d1c8cfc0cfd4d2f839d85f568072435d
Author: Cédric Le Goater <c...@redhat.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M hw/mips/loongson3_virt.c
Log Message:
-----------
hw/mips/loongson3_virt: Include 'system/system.h'
Files using serial_hd() should include 'system/system.h'. Fix that.
Cc: Philippe Mathieu-Daudé <phi...@linaro.org>
Cc: Huacai Chen <chenhua...@kernel.org>
Cc: Jiaxun Yang <jiaxun.y...@flygoat.com>
Signed-off-by: Cédric Le Goater <c...@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Message-ID: <20250901064631.530723-4-...@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: 42ab9014a9de94fc8c0aa97b1822230a5ee96bfa
https://github.com/qemu/qemu/commit/42ab9014a9de94fc8c0aa97b1822230a5ee96bfa
Author: Cédric Le Goater <c...@redhat.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M hw/mips/malta.c
Log Message:
-----------
hw/mips/malta: Include 'system/system.h'
Files using serial_hd() should include 'system/system.h'. Fix that.
Cc: Philippe Mathieu-Daudé <phi...@linaro.org>
Cc: Aurelien Jarno <aurel...@aurel32.net>
Cc: Jiaxun Yang <jiaxun.y...@flygoat.com>
Signed-off-by: Cédric Le Goater <c...@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Message-ID: <20250901064631.530723-5-...@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: 21dca6e6c79e28dc05f7a0722895618b489223a5
https://github.com/qemu/qemu/commit/21dca6e6c79e28dc05f7a0722895618b489223a5
Author: Philippe Mathieu-Daudé <phi...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M docs/about/removed-features.rst
Log Message:
-----------
docs/about/removed-features: Clarify 'device_add' is removed
All other titles in removed-features.rst mention when
the feature was removed using "removed in". Use that
instead of "since" which we use for when a feature is
deprecated.
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Reviewed-by: Daniel P. Berrangé <berra...@redhat.com>
Reviewed-by: Markus Armbruster <arm...@redhat.com>
Message-Id: <20250901113957.17113-1-phi...@linaro.org>
Commit: 7e52554c293184083f571265daacfc9aa57c3d55
https://github.com/qemu/qemu/commit/7e52554c293184083f571265daacfc9aa57c3d55
Author: Peter Maydell <peter.mayd...@linaro.org>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M hw/arm/boot.c
Log Message:
-----------
hw/arm/boot: Correctly free the MemoryDeviceInfoList
When running the bios-tables-test under ASAN we see leaks like this:
Direct leak of 16 byte(s) in 1 object(s) allocated from:
#0 0x5bc58579b00d in calloc
(/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/qemu-system-aarch64+0x250400d)
(BuildId: 2e27b63dc9ac45f522ced40a17c2a60cc32f1d38)
#1 0x7b4ad90337b1 in g_malloc0
(/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x637b1) (BuildId:
1eb6131419edb83b2178b682829a6913cf682d75)
#2 0x5bc5861826db in qmp_memory_device_list
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../hw/mem/memory-device.c:307:34
#3 0x5bc587a9edb6 in arm_load_dtb
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../hw/arm/boot.c:656:15
Indirect leak of 28 byte(s) in 2 object(s) allocated from:
#0 0x5bc58579ae23 in malloc
(/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/qemu-system-aarch64+0x2503e23)
(BuildId: 2e27b63dc9ac45f522ced40a17c2a60cc32f1d38)
#1 0x7b4ad6c8f947 in __vasprintf_internal libio/vasprintf.c:116:16
#2 0x7b4ad9080a52 in g_vasprintf
(/lib/x86_64-linux-gnu/libglib-2.0.so.0+0xb0a52) (BuildId:
1eb6131419edb83b2178b682829a6913cf682d75)
#3 0x7b4ad90515e4 in g_strdup_vprintf
(/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x815e4) (BuildId:
1eb6131419edb83b2178b682829a6913cf682d75)
#4 0x7b4ad9051940 in g_strdup_printf
(/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x81940) (BuildId:
1eb6131419edb83b2178b682829a6913cf682d75)
#5 0x5bc5885eb739 in object_get_canonical_path
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../qom/object.c:2123:19
#6 0x5bc58618dca8 in pc_dimm_md_fill_device_info
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../hw/mem/pc-dimm.c:268:18
#7 0x5bc586182792 in qmp_memory_device_list
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../hw/mem/memory-device.c:310:9
This happens because we declared the MemoryDeviceInfoList *md_list
with g_autofree, which will free the direct memory with g_free() but
doesn't free all the other data structures referenced by it. Instead
what we want is to declare the pointer with g_autoptr(), which will
automatically call the qapi_free_MemoryDeviceInfoList() cleanup
function when the variable goes out of scope.
Fixes: 36bc78aca83cfd ("hw/arm: add static NVDIMMs in device tree")
Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
Reviewed-by: Manos Pitsidianakis <manos.pitsidiana...@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Message-ID: <20250901102214.3748011-1-peter.mayd...@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: e502e614f4c3e5ee7b12cf1c926d9581262fd626
https://github.com/qemu/qemu/commit/e502e614f4c3e5ee7b12cf1c926d9581262fd626
Author: Mark Cave-Ayland <mark.caveayl...@nutanix.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M hw/i386/pc_piix.c
Log Message:
-----------
hw/i386/pc_piix.c: remove unnecessary if() from pc_init1()
Now that the isapc logic has been split out of pc_piix.c, the PCI Host Bridge
(phb) object is now always set in pc_init1().
Since phb is now guaranteed not to be NULL, Coverity reports that the if()
statement surrounding ioapic_init_gsi() is now unnecessary and can be removed
along with the phb NULL initialiser.
Coverity: CID 1620557
Signed-off-by: Mark Cave-Ayland <mark.caveayl...@nutanix.com>
Fixes: 99d0630a45 ("hw/i386/pc_piix.c: assume pcmc->pci_enabled is always true
in pc_init1()")
Reviewed-by: Peter Maydell <peter.mayd...@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Message-ID: <20250901203409.1196620-1-mark.caveayl...@nutanix.com>
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Commit: a10631b0cf04ce7daf26648840df3f15bc36724e
https://github.com/qemu/qemu/commit/a10631b0cf04ce7daf26648840df3f15bc36724e
Author: Richard Henderson <richard.hender...@linaro.org>
Date: 2025-09-03 (Wed, 03 Sep 2025)
Changed paths:
M MAINTAINERS
M configs/devices/mips-softmmu/common.mak
M cpu-target.c
M crypto/hmac-gcrypt.c
M crypto/hmac-glib.c
M crypto/hmac-gnutls.c
M crypto/hmac-nettle.c
M docs/about/deprecated.rst
M docs/about/removed-features.rst
M docs/devel/style.rst
M docs/system/target-mips.rst
M hw/arm/boot.c
M hw/arm/virt.c
M hw/char/max78000_uart.c
M hw/char/serial-pci-multi.c
M hw/core/irq.c
M hw/display/xlnx_dp.c
M hw/gpio/pca9554.c
M hw/i386/pc_piix.c
M hw/ide/ich.c
M hw/intc/meson.build
M hw/isa/isa-superio.c
M hw/meson.build
M hw/mips/Kconfig
M hw/mips/loongson3_virt.c
M hw/mips/malta.c
M hw/mips/meson.build
R hw/mips/mipssim.c
M hw/misc/xlnx-versal-cframe-reg.c
M hw/net/Kconfig
M hw/net/e1000e_core.c
M hw/net/meson.build
R hw/net/mipsnet.c
M hw/net/trace-events
M hw/pci/pci.c
M hw/ppc/pnv.c
M hw/scsi/mptsas.c
M hw/sd/sd.c
M hw/sd/sdmmc-internal.h
M include/crypto/hmac.h
M include/elf.h
M include/exec/target_page.h
M include/hw/irq.h
M include/hw/sd/sd.h
M include/hw/ssi/ssi.h
M linux-user/mips/elfload.c
M meson.build
M migration/meson.build
A migration/vfio-stub.c
M migration/vfio.c
R page-target.c
M scripts/coverity-scan/COMPONENTS.md
M target-info-stub.c
M target/mips/tcg/system/tlb_helper.c
M target/ppc/cpu.h
M target/ppc/kvm.c
M target/ppc/misc_helper.c
Log Message:
-----------
Merge tag 'hw-misc-20250902' of https://github.com/philmd/qemu into staging
Misc HW patches
- Compile various system files once
- Remove SDCard spec v1.10
- Remove mipssim machine and mipsnet device model
- Prevent crash in e1000e when legacy interrupt fires after enabling MSI-X
- Introduce qemu_init_irq_child()
- Remove various memory leaks reported by ASan
- Few Coverity fixes
- Use 74Kf CPU to run MIPS16e binaries and M14Kc for microMIPS ones
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAmi3FDYACgkQ4+MsLN6t
# wN7fwA//WqegI1RTs65uHGV2M0vcYtGYTrucLyJtE9lJubb3wVjzdZpNcVVwKFRi
# lXNjnOfmA7lIsC2CMRaiFO/hIk40yN2BLoEupSrLXjiygtiwlhG8OX0mU/6o06/k
# Q41rEAu0wLVdJDpyUZWnVi1WvjMzaal3RvENRMr5CsrFw/Yk6Z7HKBDMEMuJjOWL
# qBTAf8o8pnfliiyeS+OE4r5iIFUHzCtGlQtJH1GZ+zFgR2LNe6UUbofmUnzIFU0j
# KuepdXemmd29nEz7wk8a7sjbJmoN9vLdJtsM+zcwNOsxmFC9+1ap/8BAGzRmhrWp
# l5zJmL2YbvdHExKLC3qlnhGsKutK+9K4VAB6jLZu0MHfUQBYCGgFgYFcLdlGlRzg
# OGgCvx5M7vZekTEHQu3zT29iUOAKAkD7dYlGIPqSUGuPGDZgPOqIMMc1HJAblXB1
# xNATGo2T2D3M01/ugwPAMF2IhLmKa9oAQDKnsW+bG6WJ4rjhqQpbmvxn51JB8q/x
# a7xuUJa8BqX24NMo5d6JqPZPQhor0P0J0ws6oKutLf381FQ9JAnVEVmbQqPSijHY
# BW3by77G2e97hfK0MwqUi43yuRHmNsh3flCdgCt7Zx6lsqmnMJuuhuOL4jQx6JRR
# hPWDFiR+mns12AL3J56A0Y92enoLTawMzrA5M/06my9HLjXuu5M=
# =WRLz
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 02 Sep 2025 05:58:46 PM CEST
# gpg: using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4...@amsat.org>"
[unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: FAAB E75E 1291 7221 DCFD 6BB2 E3E3 2C2C DEAD C0DE
* tag 'hw-misc-20250902' of https://github.com/philmd/qemu: (38 commits)
hw/i386/pc_piix.c: remove unnecessary if() from pc_init1()
hw/arm/boot: Correctly free the MemoryDeviceInfoList
docs/about/removed-features: Clarify 'device_add' is removed
hw/mips/malta: Include 'system/system.h'
hw/mips/loongson3_virt: Include 'system/system.h'
hw/isa/superio: Include 'system/system.h'
hw/arm/virt: Include 'system/system.h'
crypto/hmac: Allow to build hmac over multiple qcrypto_gnutls_hmac_bytes[v]
calls
hw/sd/sdcard: Refactor sd_bootpart_offset
hw/sd/sdcard: Add validation for boot-partition-size
hw/net: Remove mipsnet device model
hw/mips: Remove mipssim machine
hw/display/xlnx_dp: Don't leak dpcd and edid objects
hw/misc/xlnx-versal-cframe-reg: Free FIFO, g_tree on deinit
hw/char/max78000_uart: Destroy FIFO on deinit
hw/gpio/pca9554: Avoid leak in pca9554_set_pin()
hw/ide/ich.c: Use qemu_init_irq_child() to avoid memory leak
hw/char/serial-pci-multi: Use qemu_init_irq_child() to avoid leak
hw/irq: New qemu_init_irq_child() function
hw/ppc: Fix build error with CONFIG_POWERNV disabled
...
Signed-off-by: Richard Henderson <richard.hender...@linaro.org>
Compare: https://github.com/qemu/qemu/compare/8415b0619f65...a10631b0cf04
To unsubscribe from these emails, change your notification settings at
https://github.com/qemu/qemu/settings/notifications
