瀏覽代碼

Merge tag 'hw-misc-accel-20240604' of https://github.com/philmd/qemu into staging

Misc HW & accelerators patch queue

- Use async exit in debugexit model (Thomas)
- Fixed bug reading xlnx_dpdma descriptor (Peter)
- Initialise plugin state before vCPU/thread creation (Alex)
- Few sprintf() calls removed (Richard & Philippe)
- Few deprecated QMP events removed (Philippe)
- Housekeeping in Xen (Edgar & Philippe)
- Split USB HID/HUB & update MAINTAINERS (Gerd)

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAmZe5FMACgkQ4+MsLN6t
# wN5QghAAl1j5++wKcJaWoribnhxYctcBPhg3eEAwg2qVRbx5tz7HwYw8jYp+qB47
# abAtE3WOUg+Z+NaBi0bTj8Ns0wrBTZy0toJrQb+k5M9CzJJIFSURcFV2J40ORld8
# VHNKmzNN+ZscxAW3fSFruJlGLaskwB0bk9VF0cYSip2Y+xjbPlJZ8dlffX/HAvwB
# Ul4gJW04FT3k6KoeJASNiAMm7mPW9iP4kY7rKz+j+NWydAfl8yPzxFwW6J6U2npi
# Hvmy1519W74cftZSqxkBETtbw1YVKyT6QEA9HjJOjc05E6UYnxoR13taEzLNaDHA
# B7Xhp6IUYZGRD1bt85WZCP5t5yUINLgmzJU2OQnv9dfU1HdSkk0FQiBr0Iif3tCI
# /2cQumkGI4etXX77oVIwkioo0ZTvEggDNsN1eKHIY7yIE5etqXduPwnTfwHFI3lv
# Nj18MGF0cftbYDEbUwNUnN5U6+msW3Si6hQaUxpUWXy7Idkl9pBiWjv1OpBg9PqX
# YIuw9/USs7i8yZkh0/q8UcZxdzB3LF+LxjVVVoTVD6t+KbRSkJSOJm7hfqCKuXbC
# lEmtLt+aH/pdZ2Banug1Ayen2L7s0czRHQWC++DfNQve1xEUkSFp5VE0mxsr+6Rp
# 18/dSGo++Nh52jUt2QFEv9LyAAQCKxg72I9DW9sB7uC004+ub84=
# =xcID
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 04 Jun 2024 04:54:27 AM CDT
# gpg:                using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [full]

* tag 'hw-misc-accel-20240604' of https://github.com/philmd/qemu: (32 commits)
  usb: add config options for the hub and hid devices
  qga: Remove deprecated 'blacklist' argument / config key
  trace: Remove deprecated 'vcpu' field from QMP trace events
  hw/acpi: Remove the deprecated QAPI MEM_UNPLUG_ERROR event
  hw/dma/xlnx_dpdma: Read descriptor into buffer, not into pointer-to-buffer
  hw/misc/debugexit: use runstate API instead of plain exit()
  hw/xen: Register framebuffer backend via xen_backend_init()
  hw/xen: Make XenDevOps structures const
  hw/xen: Constify xenstore_be::XenDevOps
  hw/xen: Constify XenLegacyDevice::XenDevOps
  physmem: Replace check for RAMBlock offset 0 with xen_mr_is_memory
  physmem: Always pass offset + addr to xen_map_cache
  xen: Add xen_mr_is_memory()
  core/cpu-common: initialise plugin state before thread creation
  plugins: remove special casing for cpu->realized
  cpu-target: don't set cpu->thread_id to bogus value
  cpu: move Qemu[Thread|Cond] setup into common code
  hw/core: expand on the alignment of CPUState
  accel/kvm: Fix two lines with hard-coded tabs
  accel/tcg: Move common declarations to 'internal-common.h'
  ...

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson 1 年之前
父節點
當前提交
d16cab541a
共有 53 個文件被更改,包括 214 次插入263 次删除
  1. 1 3
      MAINTAINERS
  2. 0 3
      accel/dummy-cpus.c
  3. 0 4
      accel/hvf/hvf-accel-ops.c
  4. 0 3
      accel/kvm/kvm-accel-ops.c
  5. 2 2
      accel/kvm/kvm-all.c
  6. 15 0
      accel/tcg/internal-common.h
  7. 0 14
      accel/tcg/internal-target.h
  8. 0 4
      accel/tcg/tcg-accel-ops-mttcg.c
  9. 7 7
      accel/tcg/tcg-accel-ops-rr.c
  10. 1 1
      accel/tcg/tcg-all.c
  11. 0 1
      cpu-target.c
  12. 1 1
      disas/m68k.c
  13. 16 9
      disas/microblaze.c
  14. 0 34
      docs/about/deprecated.rst
  15. 33 0
      docs/about/removed-features.rst
  16. 1 1
      hw/9pfs/xen-9p-backend.c
  17. 0 8
      hw/acpi/memory_hotplug.c
  18. 17 8
      hw/core/cpu-common.c
  19. 9 4
      hw/display/xenfb.c
  20. 1 1
      hw/dma/xlnx_dpdma.c
  21. 3 1
      hw/misc/debugexit.c
  22. 1 10
      hw/ppc/spapr.c
  23. 10 0
      hw/usb/Kconfig
  24. 2 2
      hw/usb/meson.build
  25. 1 1
      hw/usb/xen-usb.c
  26. 1 1
      hw/virtio/trace-events
  27. 2 2
      hw/virtio/vhost-vdpa.c
  28. 8 2
      hw/xen/xen-hvm-common.c
  29. 4 4
      hw/xen/xen-legacy-backend.c
  30. 0 2
      hw/xenpv/xen_machine_pv.c
  31. 14 4
      include/hw/core/cpu.h
  32. 1 4
      include/hw/xen/xen-legacy-backend.h
  33. 1 1
      include/hw/xen/xen_pvdev.h
  34. 1 2
      include/qemu/cutils.h
  35. 1 0
      include/sysemu/xen.h
  36. 1 5
      plugins/core.c
  37. 0 28
      qapi/machine.json
  38. 3 24
      qapi/trace.json
  39. 0 6
      qga/main.c
  40. 3 2
      system/physmem.c
  41. 0 1
      system/runstate.c
  42. 2 2
      target/arm/cpu64.c
  43. 5 6
      target/i386/kvm/kvm.c
  44. 0 3
      target/i386/nvmm/nvmm-accel-ops.c
  45. 0 3
      target/i386/whpx/whpx-accel-ops.c
  46. 0 1
      target/mips/tcg/sysemu/cp0_helper.c
  47. 8 2
      target/riscv/cpu.c
  48. 3 2
      target/riscv/cpu.h
  49. 2 5
      target/riscv/cpu_helper.c
  50. 0 1
      target/riscv/translate.c
  51. 0 2
      trace/qmp.c
  52. 2 2
      trace/trace-hmp-cmds.c
  53. 31 24
      util/hexdump.c

+ 1 - 3
MAINTAINERS

@@ -2142,8 +2142,7 @@ F: tests/qtest/fuzz-sdcard-test.c
 F: tests/qtest/sdhci-test.c
 F: tests/qtest/sdhci-test.c
 
 
 USB
 USB
-M: Gerd Hoffmann <kraxel@redhat.com>
-S: Odd Fixes
+S: Orphan
 F: hw/usb/*
 F: hw/usb/*
 F: stubs/usb-dev-stub.c
 F: stubs/usb-dev-stub.c
 F: tests/qtest/usb-*-test.c
 F: tests/qtest/usb-*-test.c
@@ -2152,7 +2151,6 @@ F: include/hw/usb.h
 F: include/hw/usb/
 F: include/hw/usb/
 
 
 USB (serial adapter)
 USB (serial adapter)
-R: Gerd Hoffmann <kraxel@redhat.com>
 M: Samuel Thibault <samuel.thibault@ens-lyon.org>
 M: Samuel Thibault <samuel.thibault@ens-lyon.org>
 S: Maintained
 S: Maintained
 F: hw/usb/dev-serial.c
 F: hw/usb/dev-serial.c

+ 0 - 3
accel/dummy-cpus.c

@@ -68,9 +68,6 @@ void dummy_start_vcpu_thread(CPUState *cpu)
 {
 {
     char thread_name[VCPU_THREAD_NAME_SIZE];
     char thread_name[VCPU_THREAD_NAME_SIZE];
 
 
-    cpu->thread = g_malloc0(sizeof(QemuThread));
-    cpu->halt_cond = g_malloc0(sizeof(QemuCond));
-    qemu_cond_init(cpu->halt_cond);
     snprintf(thread_name, VCPU_THREAD_NAME_SIZE, "CPU %d/DUMMY",
     snprintf(thread_name, VCPU_THREAD_NAME_SIZE, "CPU %d/DUMMY",
              cpu->cpu_index);
              cpu->cpu_index);
     qemu_thread_create(cpu->thread, thread_name, dummy_cpu_thread_fn, cpu,
     qemu_thread_create(cpu->thread, thread_name, dummy_cpu_thread_fn, cpu,

+ 0 - 4
accel/hvf/hvf-accel-ops.c

@@ -463,10 +463,6 @@ static void hvf_start_vcpu_thread(CPUState *cpu)
      */
      */
     assert(hvf_enabled());
     assert(hvf_enabled());
 
 
-    cpu->thread = g_malloc0(sizeof(QemuThread));
-    cpu->halt_cond = g_malloc0(sizeof(QemuCond));
-    qemu_cond_init(cpu->halt_cond);
-
     snprintf(thread_name, VCPU_THREAD_NAME_SIZE, "CPU %d/HVF",
     snprintf(thread_name, VCPU_THREAD_NAME_SIZE, "CPU %d/HVF",
              cpu->cpu_index);
              cpu->cpu_index);
     qemu_thread_create(cpu->thread, thread_name, hvf_cpu_thread_fn,
     qemu_thread_create(cpu->thread, thread_name, hvf_cpu_thread_fn,

+ 0 - 3
accel/kvm/kvm-accel-ops.c

@@ -66,9 +66,6 @@ static void kvm_start_vcpu_thread(CPUState *cpu)
 {
 {
     char thread_name[VCPU_THREAD_NAME_SIZE];
     char thread_name[VCPU_THREAD_NAME_SIZE];
 
 
-    cpu->thread = g_malloc0(sizeof(QemuThread));
-    cpu->halt_cond = g_malloc0(sizeof(QemuCond));
-    qemu_cond_init(cpu->halt_cond);
     snprintf(thread_name, VCPU_THREAD_NAME_SIZE, "CPU %d/KVM",
     snprintf(thread_name, VCPU_THREAD_NAME_SIZE, "CPU %d/KVM",
              cpu->cpu_index);
              cpu->cpu_index);
     qemu_thread_create(cpu->thread, thread_name, kvm_vcpu_thread_fn,
     qemu_thread_create(cpu->thread, thread_name, kvm_vcpu_thread_fn,

+ 2 - 2
accel/kvm/kvm-all.c

@@ -2893,7 +2893,7 @@ int kvm_convert_memory(hwaddr start, hwaddr size, bool to_private)
             !memory_region_is_ram_device(mr) &&
             !memory_region_is_ram_device(mr) &&
             !memory_region_is_rom(mr) &&
             !memory_region_is_rom(mr) &&
             !memory_region_is_romd(mr)) {
             !memory_region_is_romd(mr)) {
-		    ret = 0;
+            ret = 0;
         } else {
         } else {
             error_report("Convert non guest_memfd backed memory region "
             error_report("Convert non guest_memfd backed memory region "
                         "(0x%"HWADDR_PRIx" ,+ 0x%"HWADDR_PRIx") to %s",
                         "(0x%"HWADDR_PRIx" ,+ 0x%"HWADDR_PRIx") to %s",
@@ -2964,7 +2964,7 @@ int kvm_cpu_exec(CPUState *cpu)
 
 
         kvm_arch_pre_run(cpu, run);
         kvm_arch_pre_run(cpu, run);
         if (qatomic_read(&cpu->exit_request)) {
         if (qatomic_read(&cpu->exit_request)) {
-	    trace_kvm_interrupt_exit_request();
+            trace_kvm_interrupt_exit_request();
             /*
             /*
              * KVM requires us to reenter the kernel after IO exits to complete
              * KVM requires us to reenter the kernel after IO exits to complete
              * instruction emulation. This self-signal will ensure that we
              * instruction emulation. This self-signal will ensure that we

+ 15 - 0
accel/tcg/internal-common.h

@@ -15,6 +15,8 @@
 extern int64_t max_delay;
 extern int64_t max_delay;
 extern int64_t max_advance;
 extern int64_t max_advance;
 
 
+extern bool one_insn_per_tb;
+
 /*
 /*
  * Return true if CS is not running in parallel with other cpus, either
  * Return true if CS is not running in parallel with other cpus, either
  * because there are no other cpus or we are within an exclusive context.
  * because there are no other cpus or we are within an exclusive context.
@@ -41,4 +43,17 @@ static inline bool cpu_plugin_mem_cbs_enabled(const CPUState *cpu)
 #endif
 #endif
 }
 }
 
 
+TranslationBlock *tb_gen_code(CPUState *cpu, vaddr pc,
+                              uint64_t cs_base, uint32_t flags,
+                              int cflags);
+void page_init(void);
+void tb_htable_init(void);
+void tb_reset_jump(TranslationBlock *tb, int n);
+TranslationBlock *tb_link_page(TranslationBlock *tb);
+void cpu_restore_state_from_tb(CPUState *cpu, TranslationBlock *tb,
+                               uintptr_t host_pc);
+
+bool tcg_exec_realizefn(CPUState *cpu, Error **errp);
+void tcg_exec_unrealizefn(CPUState *cpu);
+
 #endif
 #endif

+ 0 - 14
accel/tcg/internal-target.h

@@ -69,19 +69,7 @@ void tb_invalidate_phys_range_fast(ram_addr_t ram_addr,
 G_NORETURN void cpu_io_recompile(CPUState *cpu, uintptr_t retaddr);
 G_NORETURN void cpu_io_recompile(CPUState *cpu, uintptr_t retaddr);
 #endif /* CONFIG_SOFTMMU */
 #endif /* CONFIG_SOFTMMU */
 
 
-TranslationBlock *tb_gen_code(CPUState *cpu, vaddr pc,
-                              uint64_t cs_base, uint32_t flags,
-                              int cflags);
-void page_init(void);
-void tb_htable_init(void);
-void tb_reset_jump(TranslationBlock *tb, int n);
-TranslationBlock *tb_link_page(TranslationBlock *tb);
 bool tb_invalidate_phys_page_unwind(tb_page_addr_t addr, uintptr_t pc);
 bool tb_invalidate_phys_page_unwind(tb_page_addr_t addr, uintptr_t pc);
-void cpu_restore_state_from_tb(CPUState *cpu, TranslationBlock *tb,
-                               uintptr_t host_pc);
-
-bool tcg_exec_realizefn(CPUState *cpu, Error **errp);
-void tcg_exec_unrealizefn(CPUState *cpu);
 
 
 /* Return the current PC from CPU, which may be cached in TB. */
 /* Return the current PC from CPU, which may be cached in TB. */
 static inline vaddr log_pc(CPUState *cpu, const TranslationBlock *tb)
 static inline vaddr log_pc(CPUState *cpu, const TranslationBlock *tb)
@@ -93,8 +81,6 @@ static inline vaddr log_pc(CPUState *cpu, const TranslationBlock *tb)
     }
     }
 }
 }
 
 
-extern bool one_insn_per_tb;
-
 /**
 /**
  * tcg_req_mo:
  * tcg_req_mo:
  * @type: TCGBar
  * @type: TCGBar

+ 0 - 4
accel/tcg/tcg-accel-ops-mttcg.c

@@ -137,10 +137,6 @@ void mttcg_start_vcpu_thread(CPUState *cpu)
     g_assert(tcg_enabled());
     g_assert(tcg_enabled());
     tcg_cpu_init_cflags(cpu, current_machine->smp.max_cpus > 1);
     tcg_cpu_init_cflags(cpu, current_machine->smp.max_cpus > 1);
 
 
-    cpu->thread = g_new0(QemuThread, 1);
-    cpu->halt_cond = g_malloc0(sizeof(QemuCond));
-    qemu_cond_init(cpu->halt_cond);
-
     /* create a thread per vCPU with TCG (MTTCG) */
     /* create a thread per vCPU with TCG (MTTCG) */
     snprintf(thread_name, VCPU_THREAD_NAME_SIZE, "CPU %d/TCG",
     snprintf(thread_name, VCPU_THREAD_NAME_SIZE, "CPU %d/TCG",
              cpu->cpu_index);
              cpu->cpu_index);

+ 7 - 7
accel/tcg/tcg-accel-ops-rr.c

@@ -317,22 +317,22 @@ void rr_start_vcpu_thread(CPUState *cpu)
     tcg_cpu_init_cflags(cpu, false);
     tcg_cpu_init_cflags(cpu, false);
 
 
     if (!single_tcg_cpu_thread) {
     if (!single_tcg_cpu_thread) {
-        cpu->thread = g_new0(QemuThread, 1);
-        cpu->halt_cond = g_new0(QemuCond, 1);
-        qemu_cond_init(cpu->halt_cond);
+        single_tcg_halt_cond = cpu->halt_cond;
+        single_tcg_cpu_thread = cpu->thread;
 
 
         /* share a single thread for all cpus with TCG */
         /* share a single thread for all cpus with TCG */
         snprintf(thread_name, VCPU_THREAD_NAME_SIZE, "ALL CPUs/TCG");
         snprintf(thread_name, VCPU_THREAD_NAME_SIZE, "ALL CPUs/TCG");
         qemu_thread_create(cpu->thread, thread_name,
         qemu_thread_create(cpu->thread, thread_name,
                            rr_cpu_thread_fn,
                            rr_cpu_thread_fn,
                            cpu, QEMU_THREAD_JOINABLE);
                            cpu, QEMU_THREAD_JOINABLE);
-
-        single_tcg_halt_cond = cpu->halt_cond;
-        single_tcg_cpu_thread = cpu->thread;
     } else {
     } else {
-        /* we share the thread */
+        /* we share the thread, dump spare data */
+        g_free(cpu->thread);
+        qemu_cond_destroy(cpu->halt_cond);
         cpu->thread = single_tcg_cpu_thread;
         cpu->thread = single_tcg_cpu_thread;
         cpu->halt_cond = single_tcg_halt_cond;
         cpu->halt_cond = single_tcg_halt_cond;
+
+        /* copy the stuff done at start of rr_cpu_thread_fn */
         cpu->thread_id = first_cpu->thread_id;
         cpu->thread_id = first_cpu->thread_id;
         cpu->neg.can_do_io = 1;
         cpu->neg.can_do_io = 1;
         cpu->created = true;
         cpu->created = true;

+ 1 - 1
accel/tcg/tcg-all.c

@@ -38,7 +38,7 @@
 #if !defined(CONFIG_USER_ONLY)
 #if !defined(CONFIG_USER_ONLY)
 #include "hw/boards.h"
 #include "hw/boards.h"
 #endif
 #endif
-#include "internal-target.h"
+#include "internal-common.h"
 
 
 struct TCGState {
 struct TCGState {
     AccelState parent_obj;
     AccelState parent_obj;

+ 0 - 1
cpu-target.c

@@ -241,7 +241,6 @@ void cpu_exec_initfn(CPUState *cpu)
     cpu->num_ases = 0;
     cpu->num_ases = 0;
 
 
 #ifndef CONFIG_USER_ONLY
 #ifndef CONFIG_USER_ONLY
-    cpu->thread_id = qemu_get_thread_id();
     cpu->memory = get_system_memory();
     cpu->memory = get_system_memory();
     object_ref(OBJECT(cpu->memory));
     object_ref(OBJECT(cpu->memory));
 #endif
 #endif

+ 1 - 1
disas/m68k.c

@@ -1000,7 +1000,7 @@ print_indexed (int basereg,
 
 
   /* Generate the text for the index register.
   /* Generate the text for the index register.
      Where this will be output is not yet determined.  */
      Where this will be output is not yet determined.  */
-  sprintf (buf, "%s:%c%s",
+  snprintf(buf, sizeof(buf), "%s:%c%s",
 	   reg_names[(word >> 12) & 0xf],
 	   reg_names[(word >> 12) & 0xf],
 	   (word & 0x800) ? 'l' : 'w',
 	   (word & 0x800) ? 'l' : 'w',
 	   scales[(word >> 9) & 3]);
 	   scales[(word >> 9) & 3]);

+ 16 - 9
disas/microblaze.c

@@ -600,7 +600,8 @@ static char *
 get_field (long instr, long mask, unsigned short low)
 get_field (long instr, long mask, unsigned short low)
 {
 {
   char tmpstr[25];
   char tmpstr[25];
-  sprintf(tmpstr, "%s%d", register_prefix, (int)((instr & mask) >> low));
+  snprintf(tmpstr, sizeof(tmpstr), "%s%d", register_prefix,
+           (int)((instr & mask) >> low));
   return(strdup(tmpstr));
   return(strdup(tmpstr));
 }
 }
 
 
@@ -608,7 +609,8 @@ static char *
 get_field_imm (long instr)
 get_field_imm (long instr)
 {
 {
   char tmpstr[25];
   char tmpstr[25];
-  sprintf(tmpstr, "%d", (short)((instr & IMM_MASK) >> IMM_LOW));
+  snprintf(tmpstr, sizeof(tmpstr), "%d",
+           (short)((instr & IMM_MASK) >> IMM_LOW));
   return(strdup(tmpstr));
   return(strdup(tmpstr));
 }
 }
 
 
@@ -616,7 +618,8 @@ static char *
 get_field_imm5 (long instr)
 get_field_imm5 (long instr)
 {
 {
   char tmpstr[25];
   char tmpstr[25];
-  sprintf(tmpstr, "%d", (short)((instr & IMM5_MASK) >> IMM_LOW));
+  snprintf(tmpstr, sizeof(tmpstr), "%d",
+           (short)((instr & IMM5_MASK) >> IMM_LOW));
   return(strdup(tmpstr));
   return(strdup(tmpstr));
 }
 }
 
 
@@ -624,7 +627,8 @@ static char *
 get_field_rfsl (long instr)
 get_field_rfsl (long instr)
 {
 {
   char tmpstr[25];
   char tmpstr[25];
-  sprintf(tmpstr, "%s%d", fsl_register_prefix, (short)((instr & RFSL_MASK) >> IMM_LOW));
+  snprintf(tmpstr, sizeof(tmpstr), "%s%d", fsl_register_prefix,
+           (short)((instr & RFSL_MASK) >> IMM_LOW));
   return(strdup(tmpstr));
   return(strdup(tmpstr));
 }
 }
 
 
@@ -632,7 +636,8 @@ static char *
 get_field_imm15 (long instr)
 get_field_imm15 (long instr)
 {
 {
   char tmpstr[25];
   char tmpstr[25];
-  sprintf(tmpstr, "%d", (short)((instr & IMM15_MASK) >> IMM_LOW));
+  snprintf(tmpstr, sizeof(tmpstr), "%d",
+           (short)((instr & IMM15_MASK) >> IMM_LOW));
   return(strdup(tmpstr));
   return(strdup(tmpstr));
 }
 }
 
 
@@ -641,7 +646,8 @@ static char *
 get_field_unsigned_imm (long instr)
 get_field_unsigned_imm (long instr)
 {
 {
   char tmpstr[25];
   char tmpstr[25];
-  sprintf(tmpstr, "%d", (int)((instr & IMM_MASK) >> IMM_LOW));
+  snprintf(tmpstr, sizeof(tmpstr), "%d",
+           (int)((instr & IMM_MASK) >> IMM_LOW));
   return(strdup(tmpstr));
   return(strdup(tmpstr));
 }
 }
 #endif
 #endif
@@ -653,7 +659,8 @@ get_field_unsigned_imm (long instr)
   {
   {
   char tmpstr[25];
   char tmpstr[25];
   
   
-  sprintf(tmpstr, "%s%s", register_prefix, (((instr & IMM_MASK) >> IMM_LOW) & REG_MSR_MASK) == 0 ? "pc" : "msr");
+  snprintf(tmpstr, sizeof(tmpstr), "%s%s", register_prefix,
+          (((instr & IMM_MASK) >> IMM_LOW) & REG_MSR_MASK) == 0 ? "pc" : "msr");
   
   
   return(strdup(tmpstr));
   return(strdup(tmpstr));
   }
   }
@@ -709,7 +716,7 @@ get_field_special(long instr, const struct op_code_struct *op)
    default :
    default :
      {
      {
        if ( ((((instr & IMM_MASK) >> IMM_LOW) ^ op->immval_mask) & 0xE000) == REG_PVR_MASK) {
        if ( ((((instr & IMM_MASK) >> IMM_LOW) ^ op->immval_mask) & 0xE000) == REG_PVR_MASK) {
-	  sprintf(tmpstr, "%s%u", pvr_register_prefix,
+          snprintf(tmpstr, sizeof(tmpstr), "%s%u", pvr_register_prefix,
                  (unsigned short)(((instr & IMM_MASK) >> IMM_LOW) ^
                  (unsigned short)(((instr & IMM_MASK) >> IMM_LOW) ^
                                   op->immval_mask) ^ REG_PVR_MASK);
                                   op->immval_mask) ^ REG_PVR_MASK);
 	 return(strdup(tmpstr));
 	 return(strdup(tmpstr));
@@ -720,7 +727,7 @@ get_field_special(long instr, const struct op_code_struct *op)
      break;
      break;
    }
    }
    
    
-   sprintf(tmpstr, "%s%s", register_prefix, spr);
+   snprintf(tmpstr, sizeof(tmpstr), "%s%s", register_prefix, spr);
    return(strdup(tmpstr));
    return(strdup(tmpstr));
 }
 }
 
 

+ 0 - 34
docs/about/deprecated.rst

@@ -148,22 +148,6 @@ accepted incorrect commands will return an error. Users should make sure that
 all arguments passed to ``device_add`` are consistent with the documented
 all arguments passed to ``device_add`` are consistent with the documented
 property types.
 property types.
 
 
-QEMU Machine Protocol (QMP) events
-----------------------------------
-
-``MEM_UNPLUG_ERROR`` (since 6.2)
-''''''''''''''''''''''''''''''''''''''''''''''''''''''''
-
-Use the more generic event ``DEVICE_UNPLUG_GUEST_ERROR`` instead.
-
-``vcpu`` trace events (since 8.1)
-'''''''''''''''''''''''''''''''''
-
-The ability to instrument QEMU helper functions with vCPU-aware trace
-points was removed in 7.0. However QMP still exposed the vcpu
-parameter. This argument has now been deprecated and the remaining
-remaining trace points that used it are selected just by name.
-
 Host Architectures
 Host Architectures
 ------------------
 ------------------
 
 
@@ -478,24 +462,6 @@ versions, aliases will point to newer CPU model versions
 depending on the machine type, so management software must
 depending on the machine type, so management software must
 resolve CPU model aliases before starting a virtual machine.
 resolve CPU model aliases before starting a virtual machine.
 
 
-QEMU guest agent
-----------------
-
-``--blacklist`` command line option (since 7.2)
-'''''''''''''''''''''''''''''''''''''''''''''''
-
-``--blacklist`` has been replaced by ``--block-rpcs`` (which is a better
-wording for what this option does). The short form ``-b`` still stays
-the same and thus is the preferred way for scripts that should run with
-both, older and future versions of QEMU.
-
-``blacklist`` config file option (since 7.2)
-''''''''''''''''''''''''''''''''''''''''''''
-
-The ``blacklist`` config file option has been renamed to ``block-rpcs``
-(to be in sync with the renaming of the corresponding command line
-option).
-
 Migration
 Migration
 ---------
 ---------
 
 

+ 33 - 0
docs/about/removed-features.rst

@@ -671,6 +671,21 @@ Use ``multifd-channels`` instead.
 
 
 Use ``multifd-compression`` instead.
 Use ``multifd-compression`` instead.
 
 
+QEMU Machine Protocol (QMP) events
+----------------------------------
+
+``MEM_UNPLUG_ERROR`` (removed in 9.1)
+'''''''''''''''''''''''''''''''''''''
+
+MEM_UNPLUG_ERROR has been replaced by the more generic ``DEVICE_UNPLUG_GUEST_ERROR`` event.
+
+``vcpu`` trace events (removed in 9.1)
+''''''''''''''''''''''''''''''''''''''
+
+The ability to instrument QEMU helper functions with vCPU-aware trace
+points was removed in 7.0.
+
+
 Human Monitor Protocol (HMP) commands
 Human Monitor Protocol (HMP) commands
 -------------------------------------
 -------------------------------------
 
 
@@ -1129,4 +1144,22 @@ stable for some time and is now widely used.
 The command line and feature set is very close to the removed
 The command line and feature set is very close to the removed
 C implementation.
 C implementation.
 
 
+QEMU guest agent
+----------------
+
+``--blacklist`` command line option (removed in 9.1)
+''''''''''''''''''''''''''''''''''''''''''''''''''''
+
+``--blacklist`` has been replaced by ``--block-rpcs`` (which is a better
+wording for what this option does). The short form ``-b`` still stays
+the same and thus is the preferred way for scripts that should run with
+both, older and future versions of QEMU.
+
+``blacklist`` config file option (removed in 9.1)
+'''''''''''''''''''''''''''''''''''''''''''''''''
+
+The ``blacklist`` config file option has been renamed to ``block-rpcs``
+(to be in sync with the renaming of the corresponding command line
+option).
+
 .. _Intel discontinuance notification: https://www.intel.com/content/www/us/en/content-details/781327/intel-is-discontinuing-ip-ordering-codes-listed-in-pdn2312-for-nios-ii-ip.html
 .. _Intel discontinuance notification: https://www.intel.com/content/www/us/en/content-details/781327/intel-is-discontinuing-ip-ordering-codes-listed-in-pdn2312-for-nios-ii-ip.html

+ 1 - 1
hw/9pfs/xen-9p-backend.c

@@ -513,7 +513,7 @@ static void xen_9pfs_alloc(struct XenLegacyDevice *xendev)
     xenstore_write_be_int(xendev, "max-ring-page-order", MAX_RING_ORDER);
     xenstore_write_be_int(xendev, "max-ring-page-order", MAX_RING_ORDER);
 }
 }
 
 
-static struct XenDevOps xen_9pfs_ops = {
+static const struct XenDevOps xen_9pfs_ops = {
     .size       = sizeof(Xen9pfsDev),
     .size       = sizeof(Xen9pfsDev),
     .flags      = DEVOPS_FLAG_NEED_GNTDEV,
     .flags      = DEVOPS_FLAG_NEED_GNTDEV,
     .alloc      = xen_9pfs_alloc,
     .alloc      = xen_9pfs_alloc,

+ 0 - 8
hw/acpi/memory_hotplug.c

@@ -178,14 +178,6 @@ static void acpi_memory_hotplug_write(void *opaque, hwaddr addr, uint64_t data,
             hotplug_handler_unplug(hotplug_ctrl, dev, &local_err);
             hotplug_handler_unplug(hotplug_ctrl, dev, &local_err);
             if (local_err) {
             if (local_err) {
                 trace_mhp_acpi_pc_dimm_delete_failed(mem_st->selector);
                 trace_mhp_acpi_pc_dimm_delete_failed(mem_st->selector);
-
-                /*
-                 * Send both MEM_UNPLUG_ERROR and DEVICE_UNPLUG_GUEST_ERROR
-                 * while the deprecation of MEM_UNPLUG_ERROR is
-                 * pending.
-                 */
-                qapi_event_send_mem_unplug_error(dev->id ? : "",
-                                                 error_get_pretty(local_err));
                 qapi_event_send_device_unplug_guest_error(dev->id,
                 qapi_event_send_device_unplug_guest_error(dev->id,
                                                           dev->canonical_path);
                                                           dev->canonical_path);
                 error_free(local_err);
                 error_free(local_err);

+ 17 - 8
hw/core/cpu-common.c

@@ -222,14 +222,6 @@ static void cpu_common_realizefn(DeviceState *dev, Error **errp)
         cpu_resume(cpu);
         cpu_resume(cpu);
     }
     }
 
 
-    /* Plugin initialization must wait until the cpu start executing code */
-#ifdef CONFIG_PLUGIN
-    if (tcg_enabled()) {
-        cpu->plugin_state = qemu_plugin_create_vcpu_state();
-        async_run_on_cpu(cpu, qemu_plugin_vcpu_init__async, RUN_ON_CPU_NULL);
-    }
-#endif
-
     /* NOTE: latest generic point where the cpu is fully realized */
     /* NOTE: latest generic point where the cpu is fully realized */
 }
 }
 
 
@@ -261,6 +253,11 @@ static void cpu_common_initfn(Object *obj)
     cpu->nr_threads = 1;
     cpu->nr_threads = 1;
     cpu->cflags_next_tb = -1;
     cpu->cflags_next_tb = -1;
 
 
+    /* allocate storage for thread info, initialise condition variables */
+    cpu->thread = g_new0(QemuThread, 1);
+    cpu->halt_cond = g_new0(QemuCond, 1);
+    qemu_cond_init(cpu->halt_cond);
+
     qemu_mutex_init(&cpu->work_mutex);
     qemu_mutex_init(&cpu->work_mutex);
     qemu_lockcnt_init(&cpu->in_ioctl_lock);
     qemu_lockcnt_init(&cpu->in_ioctl_lock);
     QSIMPLEQ_INIT(&cpu->work_list);
     QSIMPLEQ_INIT(&cpu->work_list);
@@ -268,6 +265,18 @@ static void cpu_common_initfn(Object *obj)
     QTAILQ_INIT(&cpu->watchpoints);
     QTAILQ_INIT(&cpu->watchpoints);
 
 
     cpu_exec_initfn(cpu);
     cpu_exec_initfn(cpu);
+
+    /*
+     * Plugin initialization must wait until the cpu start executing
+     * code, but we must queue this work before the threads are
+     * created to ensure we don't race.
+     */
+#ifdef CONFIG_PLUGIN
+    if (tcg_enabled()) {
+        cpu->plugin_state = qemu_plugin_create_vcpu_state();
+        async_run_on_cpu(cpu, qemu_plugin_vcpu_init__async, RUN_ON_CPU_NULL);
+    }
+#endif
 }
 }
 
 
 static void cpu_common_finalize(Object *obj)
 static void cpu_common_finalize(Object *obj)

+ 9 - 4
hw/display/xenfb.c

@@ -29,6 +29,7 @@
 
 
 #include "ui/input.h"
 #include "ui/input.h"
 #include "ui/console.h"
 #include "ui/console.h"
+#include "sysemu/sysemu.h"
 #include "hw/xen/xen-legacy-backend.h"
 #include "hw/xen/xen-legacy-backend.h"
 
 
 #include "hw/xen/interface/io/fbif.h"
 #include "hw/xen/interface/io/fbif.h"
@@ -972,7 +973,7 @@ static void fb_event(struct XenLegacyDevice *xendev)
 
 
 /* -------------------------------------------------------------------- */
 /* -------------------------------------------------------------------- */
 
 
-static struct XenDevOps xen_kbdmouse_ops = {
+static const struct XenDevOps xen_kbdmouse_ops = {
     .size       = sizeof(struct XenInput),
     .size       = sizeof(struct XenInput),
     .init       = input_init,
     .init       = input_init,
     .initialise = input_initialise,
     .initialise = input_initialise,
@@ -981,7 +982,7 @@ static struct XenDevOps xen_kbdmouse_ops = {
     .event      = input_event,
     .event      = input_event,
 };
 };
 
 
-struct XenDevOps xen_framebuffer_ops = {
+const struct XenDevOps xen_framebuffer_ops = {
     .size       = sizeof(struct XenFB),
     .size       = sizeof(struct XenFB),
     .init       = fb_init,
     .init       = fb_init,
     .initialise = fb_initialise,
     .initialise = fb_initialise,
@@ -996,8 +997,12 @@ static const GraphicHwOps xenfb_ops = {
     .ui_info     = xenfb_ui_info,
     .ui_info     = xenfb_ui_info,
 };
 };
 
 
-static void xen_vkbd_register_backend(void)
+static void xen_ui_register_backend(void)
 {
 {
     xen_be_register("vkbd", &xen_kbdmouse_ops);
     xen_be_register("vkbd", &xen_kbdmouse_ops);
+
+    if (vga_interface_type == VGA_XENFB) {
+        xen_be_register("vfb", &xen_framebuffer_ops);
+    }
 }
 }
-xen_backend_init(xen_vkbd_register_backend);
+xen_backend_init(xen_ui_register_backend);

+ 1 - 1
hw/dma/xlnx_dpdma.c

@@ -619,7 +619,7 @@ static MemTxResult xlnx_dpdma_read_descriptor(XlnxDPDMAState *s,
                                               DPDMADescriptor *desc)
                                               DPDMADescriptor *desc)
 {
 {
     MemTxResult res = dma_memory_read(&address_space_memory, desc_addr,
     MemTxResult res = dma_memory_read(&address_space_memory, desc_addr,
-                                      &desc, sizeof(DPDMADescriptor),
+                                      desc, sizeof(DPDMADescriptor),
                                       MEMTXATTRS_UNSPECIFIED);
                                       MEMTXATTRS_UNSPECIFIED);
     if (res) {
     if (res) {
         return res;
         return res;

+ 3 - 1
hw/misc/debugexit.c

@@ -12,6 +12,7 @@
 #include "hw/qdev-properties.h"
 #include "hw/qdev-properties.h"
 #include "qemu/module.h"
 #include "qemu/module.h"
 #include "qom/object.h"
 #include "qom/object.h"
+#include "sysemu/runstate.h"
 
 
 #define TYPE_ISA_DEBUG_EXIT_DEVICE "isa-debug-exit"
 #define TYPE_ISA_DEBUG_EXIT_DEVICE "isa-debug-exit"
 OBJECT_DECLARE_SIMPLE_TYPE(ISADebugExitState, ISA_DEBUG_EXIT_DEVICE)
 OBJECT_DECLARE_SIMPLE_TYPE(ISADebugExitState, ISA_DEBUG_EXIT_DEVICE)
@@ -32,7 +33,8 @@ static uint64_t debug_exit_read(void *opaque, hwaddr addr, unsigned size)
 static void debug_exit_write(void *opaque, hwaddr addr, uint64_t val,
 static void debug_exit_write(void *opaque, hwaddr addr, uint64_t val,
                              unsigned width)
                              unsigned width)
 {
 {
-    exit((val << 1) | 1);
+    qemu_system_shutdown_request_with_code(SHUTDOWN_CAUSE_GUEST_SHUTDOWN,
+                                           (val << 1) | 1);
 }
 }
 
 
 static const MemoryRegionOps debug_exit_ops = {
 static const MemoryRegionOps debug_exit_ops = {

+ 1 - 10
hw/ppc/spapr.c

@@ -3786,7 +3786,6 @@ void spapr_memory_unplug_rollback(SpaprMachineState *spapr, DeviceState *dev)
     SpaprDrc *drc;
     SpaprDrc *drc;
     uint32_t nr_lmbs;
     uint32_t nr_lmbs;
     uint64_t size, addr_start, addr;
     uint64_t size, addr_start, addr;
-    g_autofree char *qapi_error = NULL;
     int i;
     int i;
 
 
     if (!dev) {
     if (!dev) {
@@ -3823,16 +3822,8 @@ void spapr_memory_unplug_rollback(SpaprMachineState *spapr, DeviceState *dev)
 
 
     /*
     /*
      * Tell QAPI that something happened and the memory
      * Tell QAPI that something happened and the memory
-     * hotunplug wasn't successful. Keep sending
-     * MEM_UNPLUG_ERROR even while sending
-     * DEVICE_UNPLUG_GUEST_ERROR until the deprecation of
-     * MEM_UNPLUG_ERROR is due.
+     * hotunplug wasn't successful.
      */
      */
-    qapi_error = g_strdup_printf("Memory hotunplug rejected by the guest "
-                                 "for device %s", dev->id);
-
-    qapi_event_send_mem_unplug_error(dev->id ? : "", qapi_error);
-
     qapi_event_send_device_unplug_guest_error(dev->id,
     qapi_event_send_device_unplug_guest_error(dev->id,
                                               dev->canonical_path);
                                               dev->canonical_path);
 }
 }

+ 10 - 0
hw/usb/Kconfig

@@ -65,6 +65,16 @@ config TUSB6010
     bool
     bool
     select USB_MUSB
     select USB_MUSB
 
 
+config USB_HUB
+    bool
+    default y
+    depends on USB
+
+config USB_HID
+    bool
+    default y
+    depends on USB
+
 config USB_TABLET_WACOM
 config USB_TABLET_WACOM
     bool
     bool
     default y
     default y

+ 2 - 2
hw/usb/meson.build

@@ -35,8 +35,8 @@ system_ss.add(when: 'CONFIG_XLNX_VERSAL', if_true: files('xlnx-versal-usb2-ctrl-
 system_ss.add(when: 'CONFIG_XLNX_USB_SUBSYS', if_true: files('xlnx-usb-subsystem.c'))
 system_ss.add(when: 'CONFIG_XLNX_USB_SUBSYS', if_true: files('xlnx-usb-subsystem.c'))
 
 
 # emulated usb devices
 # emulated usb devices
-system_ss.add(when: 'CONFIG_USB', if_true: files('dev-hub.c'))
-system_ss.add(when: 'CONFIG_USB', if_true: files('dev-hid.c'))
+system_ss.add(when: 'CONFIG_USB_HUB', if_true: files('dev-hub.c'))
+system_ss.add(when: 'CONFIG_USB_HID', if_true: files('dev-hid.c'))
 system_ss.add(when: 'CONFIG_USB_TABLET_WACOM', if_true: files('dev-wacom.c'))
 system_ss.add(when: 'CONFIG_USB_TABLET_WACOM', if_true: files('dev-wacom.c'))
 system_ss.add(when: 'CONFIG_USB_STORAGE_CORE', if_true: files('dev-storage.c'))
 system_ss.add(when: 'CONFIG_USB_STORAGE_CORE', if_true: files('dev-storage.c'))
 system_ss.add(when: 'CONFIG_USB_STORAGE_BOT', if_true: files('dev-storage-bot.c'))
 system_ss.add(when: 'CONFIG_USB_STORAGE_BOT', if_true: files('dev-storage-bot.c'))

+ 1 - 1
hw/usb/xen-usb.c

@@ -1083,7 +1083,7 @@ static void usbback_event(struct XenLegacyDevice *xendev)
     qemu_bh_schedule(usbif->bh);
     qemu_bh_schedule(usbif->bh);
 }
 }
 
 
-static struct XenDevOps xen_usb_ops = {
+static const struct XenDevOps xen_usb_ops = {
     .size            = sizeof(struct usbback_info),
     .size            = sizeof(struct usbback_info),
     .flags           = DEVOPS_FLAG_NEED_GNTDEV,
     .flags           = DEVOPS_FLAG_NEED_GNTDEV,
     .init            = usbback_init,
     .init            = usbback_init,

+ 1 - 1
hw/virtio/trace-events

@@ -50,7 +50,7 @@ vhost_vdpa_get_device_id(void *dev, uint32_t device_id) "dev: %p device_id %"PRI
 vhost_vdpa_reset_device(void *dev) "dev: %p"
 vhost_vdpa_reset_device(void *dev) "dev: %p"
 vhost_vdpa_get_vq_index(void *dev, int idx, int vq_idx) "dev: %p idx: %d vq idx: %d"
 vhost_vdpa_get_vq_index(void *dev, int idx, int vq_idx) "dev: %p idx: %d vq idx: %d"
 vhost_vdpa_set_vring_enable_one(void *dev, unsigned i, int enable, int r) "dev: %p, idx: %u, enable: %u, r: %d"
 vhost_vdpa_set_vring_enable_one(void *dev, unsigned i, int enable, int r) "dev: %p, idx: %u, enable: %u, r: %d"
-vhost_vdpa_dump_config(void *dev, const char *line) "dev: %p %s"
+vhost_vdpa_dump_config(void *dev, unsigned ofs, const char *line) "dev: %p 0x%04x: %s"
 vhost_vdpa_set_config(void *dev, uint32_t offset, uint32_t size, uint32_t flags) "dev: %p offset: %"PRIu32" size: %"PRIu32" flags: 0x%"PRIx32
 vhost_vdpa_set_config(void *dev, uint32_t offset, uint32_t size, uint32_t flags) "dev: %p offset: %"PRIu32" size: %"PRIu32" flags: 0x%"PRIx32
 vhost_vdpa_get_config(void *dev, void *config, uint32_t config_len) "dev: %p config: %p config_len: %"PRIu32
 vhost_vdpa_get_config(void *dev, void *config, uint32_t config_len) "dev: %p config: %p config_len: %"PRIu32
 vhost_vdpa_suspend(void *dev) "dev: %p"
 vhost_vdpa_suspend(void *dev) "dev: %p"

+ 2 - 2
hw/virtio/vhost-vdpa.c

@@ -949,8 +949,8 @@ static void vhost_vdpa_dump_config(struct vhost_dev *dev, const uint8_t *config,
 
 
     for (b = 0; b < config_len; b += 16) {
     for (b = 0; b < config_len; b += 16) {
         len = config_len - b;
         len = config_len - b;
-        qemu_hexdump_line(line, b, config, len, false);
-        trace_vhost_vdpa_dump_config(dev, line);
+        qemu_hexdump_line(line, config + b, len);
+        trace_vhost_vdpa_dump_config(dev, b, line);
     }
     }
 }
 }
 
 

+ 8 - 2
hw/xen/xen-hvm-common.c

@@ -12,6 +12,12 @@
 
 
 MemoryRegion xen_memory;
 MemoryRegion xen_memory;
 
 
+/* Check for xen memory.  */
+bool xen_mr_is_memory(MemoryRegion *mr)
+{
+    return mr == &xen_memory;
+}
+
 void xen_ram_alloc(ram_addr_t ram_addr, ram_addr_t size, MemoryRegion *mr,
 void xen_ram_alloc(ram_addr_t ram_addr, ram_addr_t size, MemoryRegion *mr,
                    Error **errp)
                    Error **errp)
 {
 {
@@ -28,7 +34,7 @@ void xen_ram_alloc(ram_addr_t ram_addr, ram_addr_t size, MemoryRegion *mr,
         return;
         return;
     }
     }
 
 
-    if (mr == &xen_memory) {
+    if (xen_mr_is_memory(mr)) {
         return;
         return;
     }
     }
 
 
@@ -55,7 +61,7 @@ static void xen_set_memory(struct MemoryListener *listener,
 {
 {
     XenIOState *state = container_of(listener, XenIOState, memory_listener);
     XenIOState *state = container_of(listener, XenIOState, memory_listener);
 
 
-    if (section->mr == &xen_memory) {
+    if (xen_mr_is_memory(section->mr)) {
         return;
         return;
     } else {
     } else {
         if (add) {
         if (add) {

+ 4 - 4
hw/xen/xen-legacy-backend.c

@@ -170,7 +170,7 @@ int xen_be_copy_grant_refs(struct XenLegacyDevice *xendev,
  */
  */
 static struct XenLegacyDevice *xen_be_get_xendev(const char *type, int dom,
 static struct XenLegacyDevice *xen_be_get_xendev(const char *type, int dom,
                                                  int dev,
                                                  int dev,
-                                                 struct XenDevOps *ops)
+                                                 const struct XenDevOps *ops)
 {
 {
     struct XenLegacyDevice *xendev;
     struct XenLegacyDevice *xendev;
 
 
@@ -520,7 +520,7 @@ void xen_be_check_state(struct XenLegacyDevice *xendev)
 struct xenstore_be {
 struct xenstore_be {
     const char *type;
     const char *type;
     int dom;
     int dom;
-    struct XenDevOps *ops;
+    const struct XenDevOps *ops;
 };
 };
 
 
 static void xenstore_update_be(void *opaque, const char *watch)
 static void xenstore_update_be(void *opaque, const char *watch)
@@ -557,7 +557,7 @@ static void xenstore_update_be(void *opaque, const char *watch)
     }
     }
 }
 }
 
 
-static int xenstore_scan(const char *type, int dom, struct XenDevOps *ops)
+static int xenstore_scan(const char *type, int dom, const struct XenDevOps *ops)
 {
 {
     struct XenLegacyDevice *xendev;
     struct XenLegacyDevice *xendev;
     char path[XEN_BUFSIZE];
     char path[XEN_BUFSIZE];
@@ -624,7 +624,7 @@ void xen_be_init(void)
     xen_set_dynamic_sysbus();
     xen_set_dynamic_sysbus();
 }
 }
 
 
-int xen_be_register(const char *type, struct XenDevOps *ops)
+int xen_be_register(const char *type, const struct XenDevOps *ops)
 {
 {
     char path[50];
     char path[50];
 
 

+ 0 - 2
hw/xenpv/xen_machine_pv.c

@@ -50,8 +50,6 @@ static void xen_init_pv(MachineState *machine)
         break;
         break;
     }
     }
 
 
-    xen_be_register("vfb", &xen_framebuffer_ops);
-
     /* configure framebuffer */
     /* configure framebuffer */
     if (vga_interface_type == VGA_XENFB) {
     if (vga_interface_type == VGA_XENFB) {
         xen_config_dev_vfb(0, "vnc");
         xen_config_dev_vfb(0, "vnc");

+ 14 - 4
include/hw/core/cpu.h

@@ -391,7 +391,8 @@ struct qemu_work_item;
 #define CPU_UNSET_NUMA_NODE_ID -1
 #define CPU_UNSET_NUMA_NODE_ID -1
 
 
 /**
 /**
- * CPUState:
+ * struct CPUState - common state of one CPU core or thread.
+ *
  * @cpu_index: CPU index (informative).
  * @cpu_index: CPU index (informative).
  * @cluster_index: Identifies which cluster this CPU is in.
  * @cluster_index: Identifies which cluster this CPU is in.
  *   For boards which don't define clusters or for "loose" CPUs not assigned
  *   For boards which don't define clusters or for "loose" CPUs not assigned
@@ -403,10 +404,14 @@ struct qemu_work_item;
  * @tcg_cflags: Pre-computed cflags for this cpu.
  * @tcg_cflags: Pre-computed cflags for this cpu.
  * @nr_cores: Number of cores within this CPU package.
  * @nr_cores: Number of cores within this CPU package.
  * @nr_threads: Number of threads within this CPU core.
  * @nr_threads: Number of threads within this CPU core.
+ * @thread: Host thread details, only live once @created is #true
+ * @sem: WIN32 only semaphore used only for qtest
+ * @thread_id: native thread id of vCPU, only live once @created is #true
  * @running: #true if CPU is currently running (lockless).
  * @running: #true if CPU is currently running (lockless).
  * @has_waiter: #true if a CPU is currently waiting for the cpu_exec_end;
  * @has_waiter: #true if a CPU is currently waiting for the cpu_exec_end;
  * valid under cpu_list_lock.
  * valid under cpu_list_lock.
  * @created: Indicates whether the CPU thread has been successfully created.
  * @created: Indicates whether the CPU thread has been successfully created.
+ * @halt_cond: condition variable sleeping threads can wait on.
  * @interrupt_request: Indicates a pending interrupt request.
  * @interrupt_request: Indicates a pending interrupt request.
  * @halted: Nonzero if the CPU is in suspended state.
  * @halted: Nonzero if the CPU is in suspended state.
  * @stop: Indicates a pending stop request.
  * @stop: Indicates a pending stop request.
@@ -439,10 +444,15 @@ struct qemu_work_item;
  * @kvm_fetch_index: Keeps the index that we last fetched from the per-vCPU
  * @kvm_fetch_index: Keeps the index that we last fetched from the per-vCPU
  *    dirty ring structure.
  *    dirty ring structure.
  *
  *
- * State of one CPU core or thread.
+ * @neg_align: The CPUState is the common part of a concrete ArchCPU
+ * which is allocated when an individual CPU instance is created. As
+ * such care is taken is ensure there is no gap between between
+ * CPUState and CPUArchState within ArchCPU.
  *
  *
- * Align, in order to match possible alignment required by CPUArchState,
- * and eliminate a hole between CPUState and CPUArchState within ArchCPU.
+ * @neg: The architectural register state ("cpu_env") immediately follows
+ * CPUState in ArchCPU and is passed to TCG code. The @neg structure holds
+ * some common TCG CPU variables which are accessed with a negative offset
+ * from cpu_env.
  */
  */
 struct CPUState {
 struct CPUState {
     /*< private >*/
     /*< private >*/

+ 1 - 4
include/hw/xen/xen-legacy-backend.h

@@ -40,7 +40,7 @@ void xen_be_check_state(struct XenLegacyDevice *xendev);
 
 
 /* xen backend driver bits */
 /* xen backend driver bits */
 void xen_be_init(void);
 void xen_be_init(void);
-int xen_be_register(const char *type, struct XenDevOps *ops);
+int xen_be_register(const char *type, const struct XenDevOps *ops);
 int xen_be_set_state(struct XenLegacyDevice *xendev, enum xenbus_state state);
 int xen_be_set_state(struct XenLegacyDevice *xendev, enum xenbus_state state);
 int xen_be_bind_evtchn(struct XenLegacyDevice *xendev);
 int xen_be_bind_evtchn(struct XenLegacyDevice *xendev);
 void xen_be_set_max_grant_refs(struct XenLegacyDevice *xendev,
 void xen_be_set_max_grant_refs(struct XenLegacyDevice *xendev,
@@ -66,9 +66,6 @@ static inline void xen_be_unmap_grant_ref(struct XenLegacyDevice *xendev,
     return xen_be_unmap_grant_refs(xendev, ptr, &ref, 1);
     return xen_be_unmap_grant_refs(xendev, ptr, &ref, 1);
 }
 }
 
 
-/* backend drivers not included in all machines */
-extern struct XenDevOps xen_framebuffer_ops;  /* xenfb.c */
-
 /* configuration (aka xenbus setup) */
 /* configuration (aka xenbus setup) */
 void xen_config_cleanup(void);
 void xen_config_cleanup(void);
 int xen_config_dev_vfb(int vdev, const char *type);
 int xen_config_dev_vfb(int vdev, const char *type);

+ 1 - 1
include/hw/xen/xen_pvdev.h

@@ -52,7 +52,7 @@ struct XenLegacyDevice {
     xenevtchn_handle   *evtchndev;
     xenevtchn_handle   *evtchndev;
     xengnttab_handle   *gnttabdev;
     xengnttab_handle   *gnttabdev;
 
 
-    struct XenDevOps   *ops;
+    const struct XenDevOps *ops;
     QTAILQ_ENTRY(XenLegacyDevice) next;
     QTAILQ_ENTRY(XenLegacyDevice) next;
 };
 };
 
 

+ 1 - 2
include/qemu/cutils.h

@@ -287,8 +287,7 @@ int parse_debug_env(const char *name, int max, int initial);
  */
  */
 #define QEMU_HEXDUMP_LINE_BYTES 16 /* Number of bytes to dump */
 #define QEMU_HEXDUMP_LINE_BYTES 16 /* Number of bytes to dump */
 #define QEMU_HEXDUMP_LINE_LEN 75   /* Number of characters in line */
 #define QEMU_HEXDUMP_LINE_LEN 75   /* Number of characters in line */
-void qemu_hexdump_line(char *line, unsigned int b, const void *bufptr,
-                       unsigned int len, bool ascii);
+void qemu_hexdump_line(char *line, const void *bufptr, size_t len);
 
 
 /*
 /*
  * Hexdump a buffer to a file. An optional string prefix is added to every line
  * Hexdump a buffer to a file. An optional string prefix is added to every line

+ 1 - 0
include/sysemu/xen.h

@@ -49,4 +49,5 @@ static inline void xen_ram_alloc(ram_addr_t ram_addr, ram_addr_t size,
 
 
 #endif /* CONFIG_XEN_IS_POSSIBLE */
 #endif /* CONFIG_XEN_IS_POSSIBLE */
 
 
+bool xen_mr_is_memory(MemoryRegion *mr);
 #endif
 #endif

+ 1 - 5
plugins/core.c

@@ -65,11 +65,7 @@ static void plugin_cpu_update__locked(gpointer k, gpointer v, gpointer udata)
     CPUState *cpu = container_of(k, CPUState, cpu_index);
     CPUState *cpu = container_of(k, CPUState, cpu_index);
     run_on_cpu_data mask = RUN_ON_CPU_HOST_ULONG(*plugin.mask);
     run_on_cpu_data mask = RUN_ON_CPU_HOST_ULONG(*plugin.mask);
 
 
-    if (DEVICE(cpu)->realized) {
-        async_run_on_cpu(cpu, plugin_cpu_update__async, mask);
-    } else {
-        plugin_cpu_update__async(cpu, mask);
-    }
+    async_run_on_cpu(cpu, plugin_cpu_update__async, mask);
 }
 }
 
 
 void plugin_unregister_cb__locked(struct qemu_plugin_ctx *ctx,
 void plugin_unregister_cb__locked(struct qemu_plugin_ctx *ctx,

+ 0 - 28
qapi/machine.json

@@ -1607,34 +1607,6 @@
 { 'event': 'MEMORY_DEVICE_SIZE_CHANGE',
 { 'event': 'MEMORY_DEVICE_SIZE_CHANGE',
   'data': { '*id': 'str', 'size': 'size', 'qom-path' : 'str'} }
   'data': { '*id': 'str', 'size': 'size', 'qom-path' : 'str'} }
 
 
-##
-# @MEM_UNPLUG_ERROR:
-#
-# Emitted when memory hot unplug error occurs.
-#
-# @device: device name
-#
-# @msg: Informative message
-#
-# Features:
-#
-# @deprecated: This event is deprecated.  Use
-#     @DEVICE_UNPLUG_GUEST_ERROR instead.
-#
-# Since: 2.4
-#
-# Example:
-#
-#     <- { "event": "MEM_UNPLUG_ERROR",
-#          "data": { "device": "dimm1",
-#                    "msg": "acpi: device unplug for unsupported device"
-#          },
-#          "timestamp": { "seconds": 1265044230, "microseconds": 450486 } }
-##
-{ 'event': 'MEM_UNPLUG_ERROR',
-  'data': { 'device': 'str', 'msg': 'str' },
-  'features': ['deprecated'] }
-
 ##
 ##
 # @BootConfiguration:
 # @BootConfiguration:
 #
 #

+ 3 - 24
qapi/trace.json

@@ -35,17 +35,10 @@
 #
 #
 # @state: Tracing state.
 # @state: Tracing state.
 #
 #
-# @vcpu: Whether this is a per-vCPU event (since 2.7).
-#
-# Features:
-#
-# @deprecated: Member @vcpu is deprecated, and always ignored.
-#
 # Since: 2.2
 # Since: 2.2
 ##
 ##
 { 'struct': 'TraceEventInfo',
 { 'struct': 'TraceEventInfo',
-  'data': {'name': 'str', 'state': 'TraceEventState',
-           'vcpu': { 'type': 'bool', 'features': ['deprecated'] } } }
+  'data': {'name': 'str', 'state': 'TraceEventState' } }
 
 
 ##
 ##
 # @trace-event-get-state:
 # @trace-event-get-state:
@@ -54,12 +47,6 @@
 #
 #
 # @name: Event name pattern (case-sensitive glob).
 # @name: Event name pattern (case-sensitive glob).
 #
 #
-# @vcpu: The vCPU to query (since 2.7).
-#
-# Features:
-#
-# @deprecated: Member @vcpu is deprecated, and always ignored.
-#
 # Returns: a list of @TraceEventInfo for the matching events
 # Returns: a list of @TraceEventInfo for the matching events
 #
 #
 # Since: 2.2
 # Since: 2.2
@@ -71,8 +58,7 @@
 #     <- { "return": [ { "name": "qemu_memalign", "state": "disabled", "vcpu": false } ] }
 #     <- { "return": [ { "name": "qemu_memalign", "state": "disabled", "vcpu": false } ] }
 ##
 ##
 { 'command': 'trace-event-get-state',
 { 'command': 'trace-event-get-state',
-  'data': {'name': 'str',
-           '*vcpu': {'type': 'int', 'features': ['deprecated'] } },
+  'data': {'name': 'str' },
   'returns': ['TraceEventInfo'] }
   'returns': ['TraceEventInfo'] }
 
 
 ##
 ##
@@ -86,12 +72,6 @@
 #
 #
 # @ignore-unavailable: Do not match unavailable events with @name.
 # @ignore-unavailable: Do not match unavailable events with @name.
 #
 #
-# @vcpu: The vCPU to act upon (all by default; since 2.7).
-#
-# Features:
-#
-# @deprecated: Member @vcpu is deprecated, and always ignored.
-#
 # Since: 2.2
 # Since: 2.2
 #
 #
 # Example:
 # Example:
@@ -101,5 +81,4 @@
 #     <- { "return": {} }
 #     <- { "return": {} }
 ##
 ##
 { 'command': 'trace-event-set-state',
 { 'command': 'trace-event-set-state',
-  'data': {'name': 'str', 'enable': 'bool', '*ignore-unavailable': 'bool',
-           '*vcpu': {'type': 'int', 'features': ['deprecated'] } } }
+  'data': {'name': 'str', 'enable': 'bool', '*ignore-unavailable': 'bool' } }

+ 0 - 6
qga/main.c

@@ -1071,11 +1071,6 @@ static void config_load(GAConfig *config)
             g_key_file_get_boolean(keyfile, "general", "retry-path", &gerr);
             g_key_file_get_boolean(keyfile, "general", "retry-path", &gerr);
     }
     }
 
 
-    if (g_key_file_has_key(keyfile, "general", "blacklist", NULL)) {
-        g_warning("config using deprecated 'blacklist' key, should be replaced"
-                  " with the 'block-rpcs' key.");
-        blockrpcs_key = "blacklist";
-    }
     if (g_key_file_has_key(keyfile, "general", blockrpcs_key, NULL)) {
     if (g_key_file_has_key(keyfile, "general", blockrpcs_key, NULL)) {
         config->bliststr =
         config->bliststr =
             g_key_file_get_string(keyfile, "general", blockrpcs_key, &gerr);
             g_key_file_get_string(keyfile, "general", blockrpcs_key, &gerr);
@@ -1190,7 +1185,6 @@ static void config_parse(GAConfig *config, int argc, char **argv)
         { "path", 1, NULL, 'p' },
         { "path", 1, NULL, 'p' },
         { "daemonize", 0, NULL, 'd' },
         { "daemonize", 0, NULL, 'd' },
         { "block-rpcs", 1, NULL, 'b' },
         { "block-rpcs", 1, NULL, 'b' },
-        { "blacklist", 1, NULL, 'b' },  /* deprecated alias for 'block-rpcs' */
         { "allow-rpcs", 1, NULL, 'a' },
         { "allow-rpcs", 1, NULL, 'a' },
 #ifdef _WIN32
 #ifdef _WIN32
         { "service", 1, NULL, 's' },
         { "service", 1, NULL, 's' },

+ 3 - 2
system/physmem.c

@@ -2229,8 +2229,9 @@ static void *qemu_ram_ptr_length(RAMBlock *block, ram_addr_t addr,
          * because we don't want to map the entire memory in QEMU.
          * because we don't want to map the entire memory in QEMU.
          * In that case just map the requested area.
          * In that case just map the requested area.
          */
          */
-        if (block->offset == 0) {
-            return xen_map_cache(block->mr, addr, len, lock, lock,
+        if (xen_mr_is_memory(block->mr)) {
+            return xen_map_cache(block->mr, block->offset + addr,
+                                 len, lock, lock,
                                  is_write);
                                  is_write);
         }
         }
 
 

+ 0 - 1
system/runstate.c

@@ -45,7 +45,6 @@
 #include "qemu/job.h"
 #include "qemu/job.h"
 #include "qemu/log.h"
 #include "qemu/log.h"
 #include "qemu/module.h"
 #include "qemu/module.h"
-#include "qemu/plugin.h"
 #include "qemu/sockets.h"
 #include "qemu/sockets.h"
 #include "qemu/timer.h"
 #include "qemu/timer.h"
 #include "qemu/thread.h"
 #include "qemu/thread.h"

+ 2 - 2
target/arm/cpu64.c

@@ -437,7 +437,7 @@ void aarch64_add_sve_properties(Object *obj)
 
 
     for (vq = 1; vq <= ARM_MAX_VQ; ++vq) {
     for (vq = 1; vq <= ARM_MAX_VQ; ++vq) {
         char name[8];
         char name[8];
-        sprintf(name, "sve%d", vq * 128);
+        snprintf(name, sizeof(name), "sve%d", vq * 128);
         object_property_add(obj, name, "bool", cpu_arm_get_vq,
         object_property_add(obj, name, "bool", cpu_arm_get_vq,
                             cpu_arm_set_vq, NULL, &cpu->sve_vq);
                             cpu_arm_set_vq, NULL, &cpu->sve_vq);
     }
     }
@@ -462,7 +462,7 @@ void aarch64_add_sme_properties(Object *obj)
 
 
     for (vq = 1; vq <= ARM_MAX_VQ; vq <<= 1) {
     for (vq = 1; vq <= ARM_MAX_VQ; vq <<= 1) {
         char name[8];
         char name[8];
-        sprintf(name, "sme%d", vq * 128);
+        snprintf(name, sizeof(name), "sme%d", vq * 128);
         object_property_add(obj, name, "bool", cpu_arm_get_vq,
         object_property_add(obj, name, "bool", cpu_arm_get_vq,
                             cpu_arm_set_vq, NULL, &cpu->sme_vq);
                             cpu_arm_set_vq, NULL, &cpu->sme_vq);
     }
     }

+ 5 - 6
target/i386/kvm/kvm.c

@@ -5329,7 +5329,6 @@ int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
     uint64_t code;
     uint64_t code;
     int ret;
     int ret;
     bool ctx_invalid;
     bool ctx_invalid;
-    char str[256];
     KVMState *state;
     KVMState *state;
 
 
     switch (run->exit_reason) {
     switch (run->exit_reason) {
@@ -5389,15 +5388,15 @@ int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
     case KVM_EXIT_NOTIFY:
     case KVM_EXIT_NOTIFY:
         ctx_invalid = !!(run->notify.flags & KVM_NOTIFY_CONTEXT_INVALID);
         ctx_invalid = !!(run->notify.flags & KVM_NOTIFY_CONTEXT_INVALID);
         state = KVM_STATE(current_accel());
         state = KVM_STATE(current_accel());
-        sprintf(str, "Encounter a notify exit with %svalid context in"
-                     " guest. There can be possible misbehaves in guest."
-                     " Please have a look.", ctx_invalid ? "in" : "");
         if (ctx_invalid ||
         if (ctx_invalid ||
             state->notify_vmexit == NOTIFY_VMEXIT_OPTION_INTERNAL_ERROR) {
             state->notify_vmexit == NOTIFY_VMEXIT_OPTION_INTERNAL_ERROR) {
-            warn_report("KVM internal error: %s", str);
+            warn_report("KVM internal error: Encountered a notify exit "
+                        "with invalid context in guest.");
             ret = -1;
             ret = -1;
         } else {
         } else {
-            warn_report_once("KVM: %s", str);
+            warn_report_once("KVM: Encountered a notify exit with valid "
+                             "context in guest. "
+                             "The guest could be misbehaving.");
             ret = 0;
             ret = 0;
         }
         }
         break;
         break;

+ 0 - 3
target/i386/nvmm/nvmm-accel-ops.c

@@ -64,9 +64,6 @@ static void nvmm_start_vcpu_thread(CPUState *cpu)
 {
 {
     char thread_name[VCPU_THREAD_NAME_SIZE];
     char thread_name[VCPU_THREAD_NAME_SIZE];
 
 
-    cpu->thread = g_new0(QemuThread, 1);
-    cpu->halt_cond = g_new0(QemuCond, 1);
-    qemu_cond_init(cpu->halt_cond);
     snprintf(thread_name, VCPU_THREAD_NAME_SIZE, "CPU %d/NVMM",
     snprintf(thread_name, VCPU_THREAD_NAME_SIZE, "CPU %d/NVMM",
              cpu->cpu_index);
              cpu->cpu_index);
     qemu_thread_create(cpu->thread, thread_name, qemu_nvmm_cpu_thread_fn,
     qemu_thread_create(cpu->thread, thread_name, qemu_nvmm_cpu_thread_fn,

+ 0 - 3
target/i386/whpx/whpx-accel-ops.c

@@ -64,9 +64,6 @@ static void whpx_start_vcpu_thread(CPUState *cpu)
 {
 {
     char thread_name[VCPU_THREAD_NAME_SIZE];
     char thread_name[VCPU_THREAD_NAME_SIZE];
 
 
-    cpu->thread = g_new0(QemuThread, 1);
-    cpu->halt_cond = g_new0(QemuCond, 1);
-    qemu_cond_init(cpu->halt_cond);
     snprintf(thread_name, VCPU_THREAD_NAME_SIZE, "CPU %d/WHPX",
     snprintf(thread_name, VCPU_THREAD_NAME_SIZE, "CPU %d/WHPX",
              cpu->cpu_index);
              cpu->cpu_index);
     qemu_thread_create(cpu->thread, thread_name, whpx_cpu_thread_fn,
     qemu_thread_create(cpu->thread, thread_name, whpx_cpu_thread_fn,

+ 0 - 1
target/mips/tcg/sysemu/cp0_helper.c

@@ -28,7 +28,6 @@
 #include "qemu/host-utils.h"
 #include "qemu/host-utils.h"
 #include "exec/helper-proto.h"
 #include "exec/helper-proto.h"
 #include "exec/exec-all.h"
 #include "exec/exec-all.h"
-#include "hw/misc/mips_itu.h"
 
 
 
 
 /* SMP helpers.  */
 /* SMP helpers.  */

+ 8 - 2
target/riscv/cpu.c

@@ -594,6 +594,7 @@ static void rv64_veyron_v1_cpu_init(Object *obj)
 #endif
 #endif
 }
 }
 
 
+#ifdef CONFIG_TCG
 static void rv128_base_cpu_init(Object *obj)
 static void rv128_base_cpu_init(Object *obj)
 {
 {
     RISCVCPU *cpu = RISCV_CPU(obj);
     RISCVCPU *cpu = RISCV_CPU(obj);
@@ -615,6 +616,7 @@ static void rv128_base_cpu_init(Object *obj)
     set_satp_mode_max_supported(RISCV_CPU(obj), VM_1_10_SV57);
     set_satp_mode_max_supported(RISCV_CPU(obj), VM_1_10_SV57);
 #endif
 #endif
 }
 }
+#endif /* CONFIG_TCG */
 
 
 static void rv64i_bare_cpu_init(Object *obj)
 static void rv64i_bare_cpu_init(Object *obj)
 {
 {
@@ -627,7 +629,9 @@ static void rv64e_bare_cpu_init(Object *obj)
     CPURISCVState *env = &RISCV_CPU(obj)->env;
     CPURISCVState *env = &RISCV_CPU(obj)->env;
     riscv_cpu_set_misa_ext(env, RVE);
     riscv_cpu_set_misa_ext(env, RVE);
 }
 }
-#else
+
+#else /* !TARGET_RISCV64 */
+
 static void rv32_base_cpu_init(Object *obj)
 static void rv32_base_cpu_init(Object *obj)
 {
 {
     RISCVCPU *cpu = RISCV_CPU(obj);
     RISCVCPU *cpu = RISCV_CPU(obj);
@@ -2556,12 +2560,14 @@ static const TypeInfo riscv_cpu_type_infos[] = {
     DEFINE_VENDOR_CPU(TYPE_RISCV_CPU_SHAKTI_C,   MXL_RV64,  rv64_sifive_u_cpu_init),
     DEFINE_VENDOR_CPU(TYPE_RISCV_CPU_SHAKTI_C,   MXL_RV64,  rv64_sifive_u_cpu_init),
     DEFINE_VENDOR_CPU(TYPE_RISCV_CPU_THEAD_C906, MXL_RV64,  rv64_thead_c906_cpu_init),
     DEFINE_VENDOR_CPU(TYPE_RISCV_CPU_THEAD_C906, MXL_RV64,  rv64_thead_c906_cpu_init),
     DEFINE_VENDOR_CPU(TYPE_RISCV_CPU_VEYRON_V1,  MXL_RV64,  rv64_veyron_v1_cpu_init),
     DEFINE_VENDOR_CPU(TYPE_RISCV_CPU_VEYRON_V1,  MXL_RV64,  rv64_veyron_v1_cpu_init),
+#ifdef CONFIG_TCG
     DEFINE_DYNAMIC_CPU(TYPE_RISCV_CPU_BASE128,   MXL_RV128, rv128_base_cpu_init),
     DEFINE_DYNAMIC_CPU(TYPE_RISCV_CPU_BASE128,   MXL_RV128, rv128_base_cpu_init),
+#endif /* CONFIG_TCG */
     DEFINE_BARE_CPU(TYPE_RISCV_CPU_RV64I,        MXL_RV64,  rv64i_bare_cpu_init),
     DEFINE_BARE_CPU(TYPE_RISCV_CPU_RV64I,        MXL_RV64,  rv64i_bare_cpu_init),
     DEFINE_BARE_CPU(TYPE_RISCV_CPU_RV64E,        MXL_RV64,  rv64e_bare_cpu_init),
     DEFINE_BARE_CPU(TYPE_RISCV_CPU_RV64E,        MXL_RV64,  rv64e_bare_cpu_init),
     DEFINE_PROFILE_CPU(TYPE_RISCV_CPU_RVA22U64,  MXL_RV64,  rva22u64_profile_cpu_init),
     DEFINE_PROFILE_CPU(TYPE_RISCV_CPU_RVA22U64,  MXL_RV64,  rva22u64_profile_cpu_init),
     DEFINE_PROFILE_CPU(TYPE_RISCV_CPU_RVA22S64,  MXL_RV64,  rva22s64_profile_cpu_init),
     DEFINE_PROFILE_CPU(TYPE_RISCV_CPU_RVA22S64,  MXL_RV64,  rva22s64_profile_cpu_init),
-#endif
+#endif /* TARGET_RISCV64 */
 };
 };
 
 
 DEFINE_TYPES(riscv_cpu_type_infos)
 DEFINE_TYPES(riscv_cpu_type_infos)

+ 3 - 2
target/riscv/cpu.h

@@ -485,7 +485,6 @@ extern const char * const riscv_int_regnamesh[];
 extern const char * const riscv_fpr_regnames[];
 extern const char * const riscv_fpr_regnames[];
 
 
 const char *riscv_cpu_get_trap_name(target_ulong cause, bool async);
 const char *riscv_cpu_get_trap_name(target_ulong cause, bool async);
-void riscv_cpu_do_interrupt(CPUState *cpu);
 int riscv_cpu_write_elf64_note(WriteCoreDumpFunction f, CPUState *cs,
 int riscv_cpu_write_elf64_note(WriteCoreDumpFunction f, CPUState *cs,
                                int cpuid, DumpState *s);
                                int cpuid, DumpState *s);
 int riscv_cpu_write_elf32_note(WriteCoreDumpFunction f, CPUState *cs,
 int riscv_cpu_write_elf32_note(WriteCoreDumpFunction f, CPUState *cs,
@@ -515,6 +514,7 @@ int riscv_cpu_max_xlen(RISCVCPUClass *mcc);
 bool riscv_cpu_option_set(const char *optname);
 bool riscv_cpu_option_set(const char *optname);
 
 
 #ifndef CONFIG_USER_ONLY
 #ifndef CONFIG_USER_ONLY
+void riscv_cpu_do_interrupt(CPUState *cpu);
 void riscv_isa_write_fdt(RISCVCPU *cpu, void *fdt, char *nodename);
 void riscv_isa_write_fdt(RISCVCPU *cpu, void *fdt, char *nodename);
 void riscv_cpu_do_transaction_failed(CPUState *cs, hwaddr physaddr,
 void riscv_cpu_do_transaction_failed(CPUState *cs, hwaddr physaddr,
                                      vaddr addr, unsigned size,
                                      vaddr addr, unsigned size,
@@ -540,7 +540,8 @@ void riscv_cpu_set_aia_ireg_rmw_fn(CPURISCVState *env, uint32_t priv,
                                    void *rmw_fn_arg);
                                    void *rmw_fn_arg);
 
 
 RISCVException smstateen_acc_ok(CPURISCVState *env, int index, uint64_t bit);
 RISCVException smstateen_acc_ok(CPURISCVState *env, int index, uint64_t bit);
-#endif
+#endif /* !CONFIG_USER_ONLY */
+
 void riscv_cpu_set_mode(CPURISCVState *env, target_ulong newpriv);
 void riscv_cpu_set_mode(CPURISCVState *env, target_ulong newpriv);
 
 
 void riscv_translate_init(void);
 void riscv_translate_init(void);

+ 2 - 5
target/riscv/cpu_helper.c

@@ -1637,7 +1637,6 @@ static target_ulong riscv_transformed_insn(CPURISCVState *env,
 
 
     return xinsn;
     return xinsn;
 }
 }
-#endif /* !CONFIG_USER_ONLY */
 
 
 /*
 /*
  * Handle Traps
  * Handle Traps
@@ -1647,8 +1646,6 @@ static target_ulong riscv_transformed_insn(CPURISCVState *env,
  */
  */
 void riscv_cpu_do_interrupt(CPUState *cs)
 void riscv_cpu_do_interrupt(CPUState *cs)
 {
 {
-#if !defined(CONFIG_USER_ONLY)
-
     RISCVCPU *cpu = RISCV_CPU(cs);
     RISCVCPU *cpu = RISCV_CPU(cs);
     CPURISCVState *env = &cpu->env;
     CPURISCVState *env = &cpu->env;
     bool write_gva = false;
     bool write_gva = false;
@@ -1845,6 +1842,6 @@ void riscv_cpu_do_interrupt(CPUState *cs)
 
 
     env->two_stage_lookup = false;
     env->two_stage_lookup = false;
     env->two_stage_indirect_lookup = false;
     env->two_stage_indirect_lookup = false;
-#endif
-    cs->exception_index = RISCV_EXCP_NONE; /* mark handled to qemu */
 }
 }
+
+#endif /* !CONFIG_USER_ONLY */

+ 0 - 1
target/riscv/translate.c

@@ -28,7 +28,6 @@
 #include "exec/log.h"
 #include "exec/log.h"
 #include "semihosting/semihost.h"
 #include "semihosting/semihost.h"
 
 
-#include "instmap.h"
 #include "internals.h"
 #include "internals.h"
 
 
 #define HELPER_H "helper.h"
 #define HELPER_H "helper.h"

+ 0 - 2
trace/qmp.c

@@ -48,7 +48,6 @@ static bool check_events(bool ignore_unavailable, bool is_pattern,
 }
 }
 
 
 TraceEventInfoList *qmp_trace_event_get_state(const char *name,
 TraceEventInfoList *qmp_trace_event_get_state(const char *name,
-                                              bool has_vcpu, int64_t vcpu,
                                               Error **errp)
                                               Error **errp)
 {
 {
     TraceEventInfoList *events = NULL;
     TraceEventInfoList *events = NULL;
@@ -86,7 +85,6 @@ TraceEventInfoList *qmp_trace_event_get_state(const char *name,
 
 
 void qmp_trace_event_set_state(const char *name, bool enable,
 void qmp_trace_event_set_state(const char *name, bool enable,
                                bool has_ignore_unavailable, bool ignore_unavailable,
                                bool has_ignore_unavailable, bool ignore_unavailable,
-                               bool has_vcpu, int64_t vcpu,
                                Error **errp)
                                Error **errp)
 {
 {
     TraceEventIter iter;
     TraceEventIter iter;

+ 2 - 2
trace/trace-hmp-cmds.c

@@ -40,7 +40,7 @@ void hmp_trace_event(Monitor *mon, const QDict *qdict)
     Error *local_err = NULL;
     Error *local_err = NULL;
 
 
     qmp_trace_event_set_state(tp_name, new_state,
     qmp_trace_event_set_state(tp_name, new_state,
-                              true, true, false, 0, &local_err);
+                              true, true, &local_err);
     if (local_err) {
     if (local_err) {
         error_report_err(local_err);
         error_report_err(local_err);
     }
     }
@@ -82,7 +82,7 @@ void hmp_info_trace_events(Monitor *mon, const QDict *qdict)
         name = "*";
         name = "*";
     }
     }
 
 
-    events = qmp_trace_event_get_state(name, false, 0, &local_err);
+    events = qmp_trace_event_get_state(name, &local_err);
     if (local_err) {
     if (local_err) {
         error_report_err(local_err);
         error_report_err(local_err);
         return;
         return;

+ 31 - 24
util/hexdump.c

@@ -16,50 +16,57 @@
 #include "qemu/osdep.h"
 #include "qemu/osdep.h"
 #include "qemu/cutils.h"
 #include "qemu/cutils.h"
 
 
-void qemu_hexdump_line(char *line, unsigned int b, const void *bufptr,
-                       unsigned int len, bool ascii)
+void qemu_hexdump_line(char *line, const void *bufptr, size_t len)
 {
 {
     const char *buf = bufptr;
     const char *buf = bufptr;
-    int i, c;
+    int i;
 
 
     if (len > QEMU_HEXDUMP_LINE_BYTES) {
     if (len > QEMU_HEXDUMP_LINE_BYTES) {
         len = QEMU_HEXDUMP_LINE_BYTES;
         len = QEMU_HEXDUMP_LINE_BYTES;
     }
     }
 
 
-    line += snprintf(line, 6, "%04x:", b);
-    for (i = 0; i < QEMU_HEXDUMP_LINE_BYTES; i++) {
-        if ((i % 4) == 0) {
+    for (i = 0; i < len; i++) {
+        if (i != 0 && (i % 4) == 0) {
             *line++ = ' ';
             *line++ = ' ';
         }
         }
-        if (i < len) {
-            line += sprintf(line, " %02x", (unsigned char)buf[b + i]);
-        } else {
-            line += sprintf(line, "   ");
-        }
+        line += sprintf(line, " %02x", (unsigned char)buf[i]);
     }
     }
-    if (ascii) {
-        *line++ = ' ';
-        for (i = 0; i < len; i++) {
-            c = buf[b + i];
-            if (c < ' ' || c > '~') {
-                c = '.';
-            }
-            *line++ = c;
+    *line = '\0';
+}
+
+static void asciidump_line(char *line, const void *bufptr, size_t len)
+{
+    const char *buf = bufptr;
+
+    for (size_t i = 0; i < len; i++) {
+        char c = buf[i];
+
+        if (c < ' ' || c > '~') {
+            c = '.';
         }
         }
+        *line++ = c;
     }
     }
     *line = '\0';
     *line = '\0';
 }
 }
 
 
+#define QEMU_HEXDUMP_LINE_WIDTH \
+    (QEMU_HEXDUMP_LINE_BYTES * 2 + QEMU_HEXDUMP_LINE_BYTES / 4)
+
 void qemu_hexdump(FILE *fp, const char *prefix,
 void qemu_hexdump(FILE *fp, const char *prefix,
                   const void *bufptr, size_t size)
                   const void *bufptr, size_t size)
 {
 {
-    unsigned int b, len;
     char line[QEMU_HEXDUMP_LINE_LEN];
     char line[QEMU_HEXDUMP_LINE_LEN];
+    char ascii[QEMU_HEXDUMP_LINE_BYTES + 1];
+    size_t b, len;
+
+    for (b = 0; b < size; b += len) {
+        len = MIN(size - b, QEMU_HEXDUMP_LINE_BYTES);
+
+        qemu_hexdump_line(line, bufptr + b, len);
+        asciidump_line(ascii, bufptr + b, len);
 
 
-    for (b = 0; b < size; b += QEMU_HEXDUMP_LINE_BYTES) {
-        len = size - b;
-        qemu_hexdump_line(line, b, bufptr, len, true);
-        fprintf(fp, "%s: %s\n", prefix, line);
+        fprintf(fp, "%s: %04zx: %-*s %s\n",
+                prefix, b, QEMU_HEXDUMP_LINE_WIDTH, line, ascii);
     }
     }
 
 
 }
 }