The following patches are queued for QEMU stable v11.0.1:

  https://gitlab.com/qemu-project/qemu/-/commits/staging-11.0

Patch freeze is 2026-05-22, and the release is planned for 2026-05-24:

  https://wiki.qemu.org/Planning/11.0

Please respond here or CC qemu-stable@nongnu.org on any additional patches
you think should (or shouldn't) be included in the release.

The changes which are staging for inclusion, with the original commit hash
from master branch, are given below the bottom line.

Thanks!

/mjt

--------------------------------------
01* 7437b3eab6af Werner de Carne:
   serial COM: windows serial COM PollingFunc don't sleep
02* 52cf667ed228 GuoHan Zhao:
   ui/spice-app: detect runtime directory creation failures
03* 181fdf8a7e13 Marc-André Lureau:
   ui/console-vc: fix off-by-one in CSI J 2 (clear entire screen)
04* 027ad866bd29 Pierrick Bouvier:
   target/arm/tcg/translate.c: remove MO_TE usage
05* 87e1226e6f68 Marc-André Lureau:
   target/i386: fix strList leak in x86_cpu_get_unavailable_features
06* 3eae91a8b93a Simon Scherer:
   target/i386: fix missing PF_INSTR in SIGSEGV context
07* c906c2337058 rickgcn:
   hw: i386: vapic: restore IRQ polling for non-kernel irqchip backends
08* 7d6231dfb5ea Magnus Kulke:
   target/i386/mshv: Fix segment regression in MMIO emu
09* 76ad26dd172d Paolo Bonzini:
   target/i386/tcg: fix decoding of MOVBE and CRC32 in 16-bit mode
10* 79bc17718677 Stepan Popov:
   meson: add missing semicolon in pthread_condattr_setclock test
11* 7077c83f71a7 Anthony Roberts:
   ui/sdl2: Fix assumption of EGL presence at runtime
12* 30fad722ce68 Alex Bennée:
   hw/display: don't accidentally autofree existing virgl resources
13* d41ce10d0f5a Vladimir Sementsov-Ogievskiy:
   migration: vmstate_save_state_v: fix double error_setg
14* 0990cc8b286b Junjie Cao:
   ati-vga: fix unsigned integer overflow in cursor bounds checks
15* c0306d2b8f45 Thomas Huth:
   hw/misc: Fix the valid access size to the avr-power device
16* 3ab47a47d716 Thomas Huth:
   hw/sh4/sh7750: Remove forgotten abort() in the MM_ITLB_DATA handler
17* 654dce6c5236 Matt Turner:
   linux-user/ppc: Fix ppc64 rt_sigframe stack offset
18* 029f10e85278 Yixin Wei:
   linux-user: fix off-by-one in host_to_target_for_each_rtattr()
19* 93484c768f2b Gyorgy Tamasi:
   linux-user: Don't define target_stat64 struct for loongarch64
20* c8ea1759009a Richard Henderson:
   linux-user/arm/nwfpe: Replace user_registers with current_cpu
21* 784f1dde90df Richard Henderson:
   linux-user/arm/nwfpe: Use thread-local storage for qemufpa
22* 1730e6f33f97 Alistair Francis:
   linux-user/strace: Use pointer type for read and write values
23* 4c681ba3b82d James Hilliard:
   linux-user/mips: sync k0 TLS for EF_MIPS_MACH_OCTEON userlands
24* 8b60ed835478 Helge Deller:
   linux-user: Define SO_TIMESTAMP*_NEW and SO_RCVTIMEIO_NEW
25* edb4588309a7 Helge Deller:
   linux-user: Add setsockopt() for SO_RCVTIMEO_NEW and SO_SNDTIMEO_NEW
26* 07c7decaa54a Helge Deller:
   linux-user: Add getsockopt() for SO_RCVTIMEO_NEW and SO_SNDTIMEO_NEW
27* b03a6ac6fa5d Helge Deller:
   linux-user: Fix CLONE_PARENT_SETTID when using fork-like clone
28* e2af3eadc09b Helge Deller:
   linux-user: Use abi_int for imr_ifindex in ip_mreqn struct
29* 9e7734ead149 Helge Deller:
   linux-user: Flush errors by using exit() instead of _exit() in error path
30* b8c2426157f5 Daniel P. Berrangé:
   util: fix use of pthread_get_name_np on OpenBSD
31* 57abf6b1d576 Luc Michel:
   hw/core/register: add register_array_get_owner
32* 4cb2f91773e8 Yicong Yang:
   hw/riscv/virt-acpi-build.c: Use kvm timer frequency when kvm enabled
33* b2e874bfec59 Sebastián Alba Vives:
   target/riscv: fix stale ptshift and base on page walk restart
34* d5b33fc180f5 Sebastián Alba Vives:
   hw/intc: fix heap OOB in ACLINT MTIMER multi-socket
35* 14808578ccbc Munkhbaatar Enkhbaatar:
   riscv_htif: reject invalid signature ranges (end <= begin)
36* d107b748072c Alistair Francis:
   target/riscv: Generate access fault if sc comparison fails
37* 175afdb0d155 Alistair Francis:
   target/riscv: Don't OR mip.SEIP when mvien is one
38* 5dcc64828dc7 Alistair Francis:
   target/riscv: Use ELEN for Fractional LMUL check
39* dcb6e96257ee Helge Deller:
   linux-user: Add missing CDROM ioctls
40* 9fb681792d65 Helge Deller:
   linux-user: Flush errors by using exit() instead of _exit() in error path
41* 08dc3e240fc0 Helge Deller:
   linux-user: Allow getsockopt() with NULL optval address
42* 9667bf324925 Helge Deller:
   linux-user: Translate errno in IP_RECVERR and IPV6_RECVERR
43* 1aee8067fce9 kiki:
   hw/intc/xics: Add a check for an invalid server id
44* 774e6f5c1533 Vivien LEGER:
   hw/ppc/e500: fix bus-frequency property hardcoded to zero in CPU FDT node
45* a7f27d6903b3 宋文武:
   hw/net/allwinner-sun8i-emac: Flush queued packets when rx is enabled
46* f35f0f1ca121 liugan1:
   hw/intc/arm_gicv3: Fix NS write to ICC_AP1Rn_EL1 when prebits < 7
47* f77a7cec9f64 Fabiano Rosas:
   migration: Use QAPI_CLONE_MEMBERS in migrate_params_test_apply
48* 455a6167f254 Peter Xu:
   migration: Fix low possibility downtime violation
49* 41c417290df9 Philippe Mathieu-Daudé:
   target/microblaze: Fix endianness used to disassemble
50* f443b6876362 Peter Maydell:
   target/arm: Report IL=0 for Thumb 16-bit BKPT insn
51* 18b664c90085 Peter Maydell:
   hw/misc/bcm2835_rng: Specify valid memory access sizes
52* f252769a23e6 Gerd Hoffmann:
   hw/uefi: fix buffer overruns
53* 94d9a8b2c9e6 Gerd Hoffmann:
   hw/uefi: verify pio_xfer_offset before calculating buffer checksum
54* 5247b3034c23 Gerd Hoffmann:
   hw/uefi: fix ucs2 string helper functions
55* c45b460d16f9 Gerd Hoffmann:
   hw/uefi: add name_size check to uefi_vars_mm_lock_variable()
56* 22b7b222d8f5 Gerd Hoffmann:
   hw/uefi: verify data size before accessing it in wrap_pkcs7
57* b4680c02b8e8 Gerd Hoffmann:
   hw/uefi: avoid possibly unaligned variable_auth_2 struct field access
58 b33fd8ab1caa Gerd Hoffmann:
   hw/uefi: check auth.hdr_length minimum size
59* b4ec2e8dae4d Fabiano Rosas:
   tests/functional: Make socat wait longer in migration exec test
60 332ea2978780 Jeuk Kim:
   hw/ufs: Validate MCQ SQ references before use
61 283d921e771e Jeuk Kim:
   hw/ufs: Guard MCQ CQ accesses against missing queues
62 4a909c00b9e1 Jeuk Kim:
   hw/ufs: Reject zero-depth MCQ queues
63 619c2da19a05 Jeuk Kim:
   hw/ufs: Keep MCQ SQs alive while requests are outstanding
64 042dbcff8382 Jeuk Kim:
   hw/ufs: Zero reserved bytes in REPORT LUNS response header
65 aefeecb413a8 Peter Maydell:
   hw/display/cirrus_vga: Fix packed-24 color-expansion transparent pattern 
   fills
66 27d14251b904 Peter Maydell:
   hw/display/cirrus_vga: Fix packed-24 color-expansion transparent copies
67 ff36712da5ae Kane Chen:
   hw/misc/aspeed_sbc: Add bounds checking for OTP write operations
68 534a52755bef Cédric Le Goater:
   aspeed/hace: Fix out-of-bounds read in has_padding()
69 c6aa2d0ac161 Cédric Le Goater:
   aspeed/hace: Prevent total_req_len overflow
70 a824f3531a44 Peter Maydell:
   hw/i2c/microbit_i2c: Don't index off end of twi_read_sequence[]
71 6197c11dd5d2 Chad Jablonski:
   ati-vga: fix ati_set_dirty address calculation
72 0129c626503c Peter Maydell:
   tests/qtest/iommu-smmuv3-test: Skip if no TCG GICv3 device present
73 a163fc1f864b Peter Maydell:
   meson.build: Add -fzero-init-padding-bits=all
74 4e8ac6857faa Peter Maydell:
   hw/remote/machine.c: Mark x-remote machine as OK for AArch64 and AArch32
75 039b057c09c6 Peter Maydell:
   tests/functional/qemu_test/asset.py: Don't use setxattr when it doesn't 
   exist
76 a86024eb2df5 Scott J. Goldman:
   target/arm/hvf: Fix WFI halting to stop idle vCPU spinning
77 2293d8b4bd88 Klaus Jensen:
   hw/nvme: fix admin cq msix setup
78 6b5aef7cac9d Helge Deller:
   linux-user: Fix AT_EXECFN in AUXV for symlinked programs
79 c3176e645774 Matt Turner:
   linux-user/sh4: Fix target_ucontext tuc_link field type
80 9ac5aa722721 Matt Turner:
   linux-user/sh4: Fix setup_sigtramp to match Linux kernel trampoline 
   pattern
81 d5e4090177ad Kevin Wolf:
   blkdebug: Add 'delay-ns' option
82 34a67637767d Kevin Wolf:
   block: Add blk_co_start/end_request() and BDRV_REQ_NO_QUEUE
83 53074ba0330a Kevin Wolf:
   block: Add flags parameter to blk_*_pdiscard()
84 095c08a7ba68 Kevin Wolf:
   ide: Minimal fix for deadlock between TRIM and drain
85 c1c71a7e167f Kevin Wolf:
   ide: Clean up ide_trim_co_entry() to be idiomatic coroutine code
86 92854c9c7539 Kevin Wolf:
   ide-test: Factor out wait_dma_completion()
87 2fa24e975599 Kevin Wolf:
   ide-test: Test reset during TRIM
88 a1310cc6281d Kevin Wolf:
   block: Create DEFAULT_BLOCK_CONF macro
89 f27aea189633 Kevin Wolf:
   block: Add more defaults to DEFAULT_BLOCK_CONF
90 f0d9ccd46cf8 Kevin Wolf:
   commit: Drain nodes across all of bdrv_commit()
91 7f8466e2ce62 Kevin Wolf:
   qemu-io: Add 'aio_discard' command
92 b8bfb1478d61 Kevin Wolf:
   qcow2: Fix corruption on discard during write with COW
93 389f5bcc744d Kevin Wolf:
   iotests/046: Test that discard/write_zeroes wait for dependencies
94 e3082ab3b385 Denis V. Lunev:
   block/graph-lock: fix missed wakeup in bdrv_graph_co_rdunlock()

(commit(s) marked with * were in previous series and are not resent)

Hi Michael,

Am 22.05.26 um 11:35 PM schrieb Michael Tokarev:
> Please respond here or CC qemu-stable@nongnu.org on any additional patches
> you think should (or shouldn't) be included in the release.

> 92 b8bfb1478d61 Kevin Wolf:
>    qcow2: Fix corruption on discard during write with COW
> 93 389f5bcc744d Kevin Wolf:
>    iotests/046: Test that discard/write_zeroes wait for dependencies

since number 92 can cause an issue [0] that is much easier to run into
than the one it solves, but still similarly bad, I think it should only
be included together with Thomas' fix [1] on top. I know that one has
not been applied to master or reviewed by a maintainer yet, so if
including it goes against procedure, maybe it'd be better to leave 92
(and 93) out for now or delay the release?

Same for the other stable series. Thank you for the consideration!

Best Regards,
Fiona

[0]:
https://lore.kernel.org/qemu-devel/414848c6-3829-4120-b760-6db8d43c1ab5@proxmox.com/
[1]:
https://lore.kernel.org/qemu-devel/20260522151318.238064-1-t.lamprecht@proxmox.com/

On 23.05.2026 02:10, Fiona Ebner wrote:
> Hi Michael,
> 
> Am 22.05.26 um 11:35 PM schrieb Michael Tokarev:
>> Please respond here or CC qemu-stable@nongnu.org on any additional patches
>> you think should (or shouldn't) be included in the release.
> 
>> 92 b8bfb1478d61 Kevin Wolf:
>>     qcow2: Fix corruption on discard during write with COW
>> 93 389f5bcc744d Kevin Wolf:
>>     iotests/046: Test that discard/write_zeroes wait for dependencies
> 
> since number 92 can cause an issue [0] that is much easier to run into
> than the one it solves, but still similarly bad, I think it should only
> be included together with Thomas' fix [1] on top. I know that one has
> not been applied to master or reviewed by a maintainer yet, so if
> including it goes against procedure, maybe it'd be better to leave 92
> (and 93) out for now or delay the release?
> 
> Same for the other stable series. Thank you for the consideration!

Thank you very much for letting me know.  Yes, it isn't good to include
"Fix corruption on discard" without the follow-up fix.  So it would be
very nice to have the follow-up fix applied to the master branch today
or tomorrow (this is Sat and Sun, maybe not the best timing), or I'll
have to drop the above mentioned two changes from the stable series.
Or indeed, releases should be delayed - in a hope the fix can be applied
on Monday.

I'll wait for some reaction.  Kevin?

Thanks,

/mjt

> [0]:
> https://lore.kernel.org/qemu-devel/414848c6-3829-4120-b760-6db8d43c1ab5@proxmox.com/
> [1]:
> https://lore.kernel.org/qemu-devel/20260522151318.238064-1-t.lamprecht@proxmox.com/
> 
> 
>

Am 23.05.2026 um 08:49 hat Michael Tokarev geschrieben:
> On 23.05.2026 02:10, Fiona Ebner wrote:
> > Hi Michael,
> > 
> > Am 22.05.26 um 11:35 PM schrieb Michael Tokarev:
> > > Please respond here or CC qemu-stable@nongnu.org on any additional patches
> > > you think should (or shouldn't) be included in the release.
> > 
> > > 92 b8bfb1478d61 Kevin Wolf:
> > >     qcow2: Fix corruption on discard during write with COW
> > > 93 389f5bcc744d Kevin Wolf:
> > >     iotests/046: Test that discard/write_zeroes wait for dependencies
> > 
> > since number 92 can cause an issue [0] that is much easier to run into
> > than the one it solves, but still similarly bad, I think it should only
> > be included together with Thomas' fix [1] on top. I know that one has
> > not been applied to master or reviewed by a maintainer yet, so if
> > including it goes against procedure, maybe it'd be better to leave 92
> > (and 93) out for now or delay the release?
> > 
> > Same for the other stable series. Thank you for the consideration!
> 
> Thank you very much for letting me know.  Yes, it isn't good to include
> "Fix corruption on discard" without the follow-up fix.  So it would be
> very nice to have the follow-up fix applied to the master branch today
> or tomorrow (this is Sat and Sun, maybe not the best timing), or I'll
> have to drop the above mentioned two changes from the stable series.
> Or indeed, releases should be delayed - in a hope the fix can be applied
> on Monday.
> 
> I'll wait for some reaction.  Kevin?

I was out yesterday and most of today, so I could only take a quick look
just now. The patch looks reasonable to me at first sight, I'll try to
have a closer look tomorrow.

Kevin

On 26.05.2026 21:07, Kevin Wolf wrote:
> Am 23.05.2026 um 08:49 hat Michael Tokarev geschrieben:

>> I'll wait for some reaction.  Kevin?
> 
> I was out yesterday and most of today, so I could only take a quick look
> just now. The patch looks reasonable to me at first sight, I'll try to
> have a closer look tomorrow.

Thank you Kevin!

There's no rush anymore, I tagged stable releases yesterday already,
should be out once Mike creates and uploads the tarballs.

I removed the other patches from your pullreq which Fiona pointed
out previously, to be picked up once we have better time.

Maybe the next stable releases will be sooner than usual, due to
security fixes coming in.

Thanks,

/mjt

Am 26.05.2026 um 20:09 hat Michael Tokarev geschrieben:
> On 26.05.2026 21:07, Kevin Wolf wrote:
> > Am 23.05.2026 um 08:49 hat Michael Tokarev geschrieben:
> 
> > > I'll wait for some reaction.  Kevin?
> > 
> > I was out yesterday and most of today, so I could only take a quick look
> > just now. The patch looks reasonable to me at first sight, I'll try to
> > have a closer look tomorrow.
> 
> Thank you Kevin!
> 
> There's no rush anymore, I tagged stable releases yesterday already,
> should be out once Mike creates and uploads the tarballs.
> 
> I removed the other patches from your pullreq which Fiona pointed
> out previously, to be picked up once we have better time.

Ok, perfect. I wasn't completely sure if I should actually recommend
removing the patches even if we have a follow-up patch because it
addresses a problem that has existed for a long time and people have
only reported it now. So it only makes sense that we're not trying to
rush something into stable that might end up making things worse.

> Maybe the next stable releases will be sooner than usual, due to
> security fixes coming in.

Hard to take this as good news, but it is what it is. :-)

Kevin