Jump to navigation Jump to search

System emulation

Incompatible changes

Consult the 'Removed features' page for details of suggested replacement functionality

  • The deprecated pc-1.0, pc-1.1, pc-1.2 and pc-1.3 machine types have been removed (they likely could not be used for live migration from old QEMU versions anymore anyway). Use a newer pc-i440fx-... machine type instead.
  • TileGX emulation has been removed without replacement
  • The change QMP command has been removed. Use blockdev-change-medium or change-vnc-password instead.
  • The -show-cursor option has been removed. Use -display sdl,show-cursor=on instead.
  • The -realtime option has been removed. Use -overcommit mem-lock=on|off' instead.
  • The -tb-size option has been removed. Use -accel tcg,tb-size=... instead.
  • The configure script --enable/disable-git-update args have been replaced with --with-git-submodules
  • The -usbdevice audio option has been removed. Use -device usb-audio instead.
  • The -usbdevice ccid option has been removed with no replacement
  • The -vnc parameter acl option, and acl_* monitor commands have been removed.
  • The pretty option is no longer accepted when used with the human monitor
  • The change QMP command has been removed. Use blockdev-change-medium or change-vnc-password instead.
  • The query-events QMP command has been removed
  • The migrate_set_speed, migrate_set_downtime and migrate-set-cache-size QMP/HMP commands have been removed.
  • The query-cpus QMP command has been removed
  • The arch field in the query-cpus-fast command has been removed
  • The -chardev parameter wait option is no longer accepted for socket clients
  • The ide-drive device type has been removed
  • The scsi-disk device type has been removed
  • The encryption_key_missing field has been removed from block device info data
  • The status field has been removed from dirty bitmap info
  • The dirty-bitmaps field has been removed from the BlockInfo struct
  • The file block driver no longer permits use with block devices
  • The use of -global to set floppy controllers is removed. Use -device floppy,... instead.
  • The -drive option must now use if=none for drives the onboard device does not pick up.
  • The object-add QMP command member props has been removed. Its contents may be used with less nesting instead.
  • The mips fulong2e machine alias has been removed. Use fuloong2e instead.

New deprecated options and features

Consult the "Deprecated Features" chapter of the QEMU System Emulation User's Guide for further details of the deprecations and their suggested replacements.

  • The --enable-fips option has been deprecated. Consumers wishing to have FIPS compliance must build QEMU with libcrypt and gnutls, NOT nettle.
  • The -writeconfig option has been deprecated. The functionality of -writeconfig is limited and the code does not even try to detect cases where it prints incorrect syntax (for example if values have a quote in them). It will be removed without replacement.
  • Boolean parameters such as share=on / share=off could be written in short form as share and noshare. This is now deprecated and will cause a warning.
  • -chardev backend aliases tty and parport are aliases that will be removed. Instead, the actual backend names serial and parallel should be used.
  • The delay option for socket character devices is now deprecated.
  • Userspace local APIC with KVM (-M kernel-irqchip=off)
  • hexadecimal sizes with scaling multipliers (e.g. 0x20M)
  • -spice password=string is deprecated now. Use password-secret option instead.
  • opened property of rng-* objects
  • loaded property of secret and secret_keyring
  • MIPS Trap-and-Emulate KVM support


  • Add a new machine, virt, based on virtio devices



  • QEMU now supports emulation of the Arm-v8.1M architecture and the Cortex-M55 CPU
  • Emulation of the ARMv8.4-TTST extension is now supported
  • Emulation of the ARMv8.4-SEL2 extension is now supported
  • Emulation of the FEAT_SSBS extension is now supported
  • Emulation of the PAuth extension now supports an optional IMPDEF pauth algorithm which is not cryptographically secure but is much faster to compute
  • Emulation of the ARMv8.4-DIT extension is now supported. (Note that QEMU's implementation does not in fact provide any timing guarantees; emulation of the extension is purely to support guests which query its presence and work with the PSTATE.DIT bit.)
  • Emulation of the ARMv8.5-MemTag extension is now supported for linux-user. (It was already supported for system emulation.)
  • xlnx-zynqmp boards now support the Xilinx ZynqMP CAN controllers
  • the sbsa-ref board now supports Cortex-A53/57/72 cpus
  • the xlnx-versal board now has USB support, and a model of the XRAMs and the XRAM controller
  • the sabrelite board emulation has been improved and it can now run U-Boot
  • the npcm7xx boards support more devices: ADC, PWM, SMBus, EMC, MFT
  • the gdbstub's representation of SVE registers allows GDB to properly handle aliasing
  • the 'virt' board now provides a mechanism for secure (EL3) firmware to power down or reset the system
  • documentation for vexpress/versatile has been updated with example kernel configuration/command lines
  • A new board model mps3-an524 (using Cortex-M33) is now implemented
  • A new board model mps3-an547 (using Cortex-M55) is now implemented



  • QEMU can now emulate Qualcomm's Hexagon DSP units.




  • Loongson-3 "virt" machine added




  • Deprecated 'compat' property of server class POWER cpus removed (use the 'max-cpu-compat' machine option instead)
  • You can now explicitly choose 'kvm_type=auto' rather than only being able to do that by not setting it at all.
  • powernv machine type now defaults to 1GiB of RAM
  • powernv now allows an external BMC
  • pseries will now send MEM_UNPLUG_ERROR QAPI message in cases where it can detect that a memory unplug has failed
  • pseries will now allow cpu unplug requests to be retried, even if the guest hasn't responded to them yet.
 * This will re-signal the guest, which might an unplug to complete which the guest previous rejected

Renesas RX

Renesas SH


  • Improve the sifive_u DTB generation
  • Add QSPI NOR flash to Microchip PFSoC
  • Improvements to the Microchip PFSoc to improve support with the SDK
  • A range of fixes to the Hypervisor extension
  • Fix some mstatus mask defines
  • Ibex PLIC and UART improvements
  • OpenTitan memory layout update (Breaking change)
  • Initial steps towards support for 32-bit CPUs on 64-bit builds
  • Automate GDB XML generation (should fix GDB E14 errors)
  • Sifive OTP handle OTP access failures
  • Correctly generate a PMP failure when no PMP entry is configured
  • Fixes to PMP region checking
  • Fix 32-bit Linux boot problems with DTB placement
  • OpenSBI upgraded to v0.9
  • Support the QMP dump-guest-memory command
  • Add support for the SiFive SPI controller (sifive_u)
  • Initial RISC-V system documentation
  • Support for high PCIe memory in the virt machine
  • Fixes to the vector extensions CSR accesses
  • ramfb support in the virt machine


  • Linux kernels built with clang-11 and clang-12 now work correctly under tcg



  • TileGX has been removed without replacement.TileGX was only implemented in linux-user mode, but support for this CPU was removed from the upstream Linux kernel in 2018, and it has also been dropped from glibc, so there is no new Linux development taking place with this architecture, rendering the linux-user mode emulation rather useless. For running older binaries, users can simply use older versions of QEMU.


  • Added Triboard with tc27x SoC


  • TCG can emulate the PKS feature (protection keys for supervisor pages).
  • Intel PT can now be exposed to KVM guests when CPUID.(EAX=14,ECX=0).ECX[LIP] (bit 31) is 1. Previous versions only supported Intel PT when LIP=0
  • New sev-inject-launch-secret QMP command
  • The WHPX accelerator supports accelerated APIC ("-accel whpx,kernel-irqchip=on")
  • The microvm machine type got a second (optional) ioapic for the virtio-mmio irq lines, which in turn allows 24 (instead of 8) virtio-mmio devices.
  • Support for running SEV-ES encrypted guests.


Device emulation and assignment


  • new -machine options oem-id and oem-table-id to allow setting custom values for OEM ID and OEM table ID ACPI table fields
  • in QEMU 5.1, PCI root UID changed to from 1 to 0 for all x86 machine types, this caused issues in Windows guest with virtio devices being re-enumeraed as new devices. QEMU 6.0 fixes it by reverting UID to 1 for 5.1 and older machine types. See commit 0a343a5add75 for details. For 5.2 and later machine types it might be necessary to reconfigure/reinstall Windows VM, if used disk image was created on 5.1 and older machine types.
  • Support for user provided PCI NIC index on pc machine type with help of new acpi-index PCI device option. For linux guests, It lets user to use onboard naming scheme enoX where X is set with acpi-index option. It makes NIC naming independent from which PCI slot it is plugged in. Works with cold and hot-plugged NICs, as long as used PCI bus is managed by ACPI PCI hotplug (which is enabled for PCI root bus and bridges present at boot time by default on latest pc machine type ).


Block devices

  • virtio-blk reports --device virtio-blk-pci,discard_granularity= in the virtio-blk discard_sector_alignment configuration space field so that guests with new machine types can take advantage of this information. Previously virtio-blk devices reported --device virtio-blk-pci,logical_block_size= instead.


Input devices


Multi-process QEMU

  • The experimental -machine x-remote and -device x-pci-proxy-dev options have been added to support out-of-process device emulation. Currently only the lsi53c895 SCSI device can be emulated in a separate process. Please see the documentation and Features/MultiProcessQEMU for details on this experimental feature, which is still subject to change.

Network devices


  • nvdimm devices will check that -device nvdimm,unarmed=on option is used when using -object memory-backend-file,readonly=on


Emulated NVMe Controller
  • Highlights
    • The implemented spec version has been bumped to v1.4
    • Experimental support for Zoned Namespaces (TP 4053) has been added
    • Experimental support for NVM Subsystems, multipath I/O and namespace sharing
    • Experimental support for Metadata and End-to-End Data Protection
  • New commands
    • Dataset Management
    • Compare
    • Simple Copy (TP 4065)
    • Format NVM
    • Verify
  • Other new features
    • Support for reporting the Deallocated or Unwritten Logical Block Error (DULBE)
    • Namespace UUID reported as a Namespace Descriptor
    • Support for Namespace Types (TP 4056)
    • Support for triggering a SMART Critical Warning through QMP
    • Controller Memory Buffer support has been enhanced for NVMe v1.4 (to revert to v1.3 behavior, use the new legacy-cmb controller parameter)
    • Persistent Memory Region RDS/WDS support
  • New log pages
    • Commands Supported and Effects


  • The 'pvpanic-pci' device is a PCI-device version of the 'pvpanic' ISA device, which can be used on systems with only PCI and no ISA bus as a mechanism for the guest to inform QEMU that it has paniced.


  • Rework of the ESP SCSI emulation to allow mixed FIFO/(P)DMA commands along with various other fixes

SD card




  • Support for writing usb traffic to package capture files for inspection with wireshark has been added. Use the new pcap=<file> property added to all usb devices to enable this.




  • A new guest loader which allows testing of Xen-like hypervisors booting kernels without messing around with firmware/bootloaders




  • Security fix for CVE-2020-35517 - prevent opening of special files
  • Security fix for CVE-2021-20263 - when used with xattrmap, drop remapped security.capability
  • Performance improvements with new guest kernel feature FUSE_KILLPRIV_V2


  • Added support for RiscV (ARM style semihosting)
  • Added support for HEAPINFO, ELAPSED, TICKFREQ, TMPNAM and ISERROR to semihosting


Character devices

Crypto subsystem

experimental qmp interface


  • vnc: support for cursors with alpha channel has been added.
  • vnc: support for extended desktop resize has been added. With virtio-vga the guest display should adapt to vnc client window resizes.


  • the stub now supports the Xfer:auxv:read for Linux user guests
  • the GDB stubs now uses the "official" gdb representation for SVE registers

TCG Plugins

  • New API for querying details about HW access
  • Bug fix to avoid double counting some instructions when using -icount

Host support

Memory backends

  • hostmem-file: added readonly=on|off option


  • New feature (experimental): Background RAM snapshot from Andrey Gruzdev; using the Linux UFFD-WP feature, enabling fixed size snapshots even with busy guests
  • QMP native snapshot commands -snapshot-{save,load,delete}
  • query/info-migrate now display the migration blocker status and the reasons for blocking.



  • A new command set-action has been introduced. The command generalizes watchdog-set-action and allows changes to all the settings of the (also new) -action command line option.
  • New OOB commands yank and query-yank have been introduced. The yank command allows to recover from a hanging QEMU by shutting down sockets for example. See the QMP documentation for more information. The query-yank command lists the available things to yank.
  • The new QMP commands load-snapshot, save-snapshot and delete-snapshot provide a mechanism for managing internal qcow2 snapshots, that was previously only available via HMP commands loadvm, savevm and delvm
  • The block-bitmap-mapping parameter within the QMP command migrate-set-parameters gained a transform member for adjusting the persistence of a bitmap on the destination.



Block device backends and tools

  • FUSE block exports have been added, which allow mounting the guest view of any QEMU block device node as a host file. They can be created with the QMP command block-export-add or the --export option of qemu-storage-daemon.
  • For its background operation, the backup job now runs multiple asynchronous requests in parallel
  • The stream block job now uses the copy-on-read block driver (and its new bottom option) to let copy-on-read help make progress even when using any of block-stream’s base, base-node, or bottom options
  • The new QMP commands load-snapshot, save-snapshot and delete-snapshot provide a mechanism for managing internal qcow2 snapshots, that was previously only available via HMP commands loadvm, savevm and delvm
  • When qemu operates as an NBD server that will service multiple clients (whether via QMP nbd-server-start, qemu-storage-daemon, or qemu-nbd), it now allows a larger backlog of pending clients. When using a Unix socket, this avoids a client failing to connect due to EAGAIN.
  • qemu-nbd --shared=0 now works to allow an unlimited number of shared clients to a single NBD server.
  • When operating as an NBD server, qemu now reports more accurate details to NBD_CMD_BLOCK_STATUS requests on the base:allocation meta-context in relation to NBD_STATE_HOLE.
  • qemu-img gained more accurate parsing for size values. Previously, only 53 significant digits were supported, and large sizes could end up with inadvertent rounding; now the parser supports a full 64 bits of precision.
  • The object-add QMP command is now available in qemu-storage-daemon.
  • qemu-storage-daemon supports a --pidfile option now
  • The parallels image format driver has gained support for dirty bitmaps in read-only mode



  • The command line option -object (or --object) accepts JSON input now in all binaries (system emulators and tools). In tools, it also supports non-scalar options using the dotted key syntax known from options like --blockdev.
  • The QMP command object-add is now covered by the QAPI schema and clients can use schema introspection to detect object types and options supported by the given QEMU binary.
  • A new command line option -action, with suboptions panic, shutdown, reboot and watchdog. -action subsumes the pre-existing options -no-shutdown (-action panic=pause,shutdown=pause), -no-reboot (-action reboot=shutdown) and -watchdog-action; plus, it allows the user to choose whether guest panic should pause the guest (-action panic=pause), shut it down (-action panic=poweroff, the default) or be ignored (-action panic=none).
  • A new generic machine option confidential-guest-support was added to (partially) unify configuration for AMD SEV memory encrypt, POWER PEF and s390 Protected Virtualization, plus future methods of protecting a guest from eavesdropping by a compromised hypervisor.
  • A new guest loader which allows testing of Xen-like hypervisors booting kernels without messing around with firmware/bootloaders
  • New experimental command line option -compat sets policy for handling deprecated management interfaces. This is intended for testing management applications.

User-mode emulation


Added support of 'P' flag (preserve-argv[0])

With kernel v5.12, QEMU can detect if it is started with preserve-argv[0] flag and adjust the list of arguments accordingly.


Added support for the Qualcomm Hexagon processor, in linux-user mode only.

For more information, see our presenation from the 2019 KVM Forum or the README file


  • Added support for Apple Silicon hosts (macOS)

Guest agent

Build Information

  • Support for building with link-time optimization or with LLVM control-flow integrity
  • New "gtags" build target for developers
  • checkpatch now better handles commit ids when checking
  • cross compilers for check-tcg are now pretty printed with the rest of the meson config


GIT submodules

Container Based Builds

  • handling of binfmt_misc containers has improved the handling of dynamically linked binaries pointing at symlinks

Build Dependencies


Testing and CI

  • shippable support has been removed
  • more testing has been migrated from Travis to GitLab

Known issues