]> git.proxmox.com Git - mirror_qemu.git/blame - exec.c
projects / mirror_qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
exec: Fix CPU rework fallout
[mirror_qemu.git] / exec.c
CommitLineData
54936004 1/*
5b6dd868 2 * Virtual page mapping
5fafdf24 3 *
54936004
FB		 4 * Copyright (c) 2003 Fabrice Bellard
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
8167ee88 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
54936004 18 */
67b915a5 19#include "config.h"
777872e5 20#ifndef _WIN32
a98d49b1 21#include <sys/types.h>
d5a8f07c
FB		 22#include <sys/mman.h>
23#endif
54936004 24
055403b2 25#include "qemu-common.h"
6180a181 26#include "cpu.h"
b67d9a52 27#include "tcg.h"
b3c7724c 28#include "hw/hw.h"
cc9e98cb 29#include "hw/qdev.h"
1de7afc9 30#include "qemu/osdep.h"
9c17d615 31#include "sysemu/kvm.h"
2ff3de68 32#include "sysemu/sysemu.h"
0d09e41a 33#include "hw/xen/xen.h"
1de7afc9
PB		 34#include "qemu/timer.h"
35#include "qemu/config-file.h"
75a34036 36#include "qemu/error-report.h"
022c62cb 37#include "exec/memory.h"
9c17d615 38#include "sysemu/dma.h"
022c62cb 39#include "exec/address-spaces.h"
53a5960a
PB		 40#if defined(CONFIG_USER_ONLY)
41#include <qemu.h>
432d268c 42#else /* !CONFIG_USER_ONLY */
9c17d615 43#include "sysemu/xen-mapcache.h"
6506e4f9 44#include "trace.h"
53a5960a 45#endif
0d6d3c87 46#include "exec/cpu-all.h"
54936004 47
022c62cb 48#include "exec/cputlb.h"
5b6dd868 49#include "translate-all.h"
0cac1b66 50
022c62cb 51#include "exec/memory-internal.h"
220c3ebd 52#include "exec/ram_addr.h"
582b55a9 53#include "qemu/cache-utils.h"
67d95c15 54
b35ba30f
MT		 55#include "qemu/range.h"
56
db7b5426 57//#define DEBUG_SUBPAGE
1196be37 58
e2eef170 59#if !defined(CONFIG_USER_ONLY)
981fdf23 60static bool in_migration;
94a6b54f 61
a3161038 62RAMList ram_list = { .blocks = QTAILQ_HEAD_INITIALIZER(ram_list.blocks) };
62152b8a
AK		 63
64static MemoryRegion *system_memory;
309cb471 65static MemoryRegion *system_io;
62152b8a 66
f6790af6
AK		 67AddressSpace address_space_io;
68AddressSpace address_space_memory;
2673a5da 69
0844e007 70MemoryRegion io_mem_rom, io_mem_notdirty;
acc9d80b 71static MemoryRegion io_mem_unassigned;
0e0df1e2 72
e2eef170 73#endif
9fa3e853 74
bdc44640 75struct CPUTailQ cpus = QTAILQ_HEAD_INITIALIZER(cpus);
6a00d601
FB		 76/* current CPU in the current thread. It is only valid inside
77 cpu_exec() */
4917cf44 78DEFINE_TLS(CPUState *, current_cpu);
2e70f6ef 79/* 0 = Do not count executed instructions.
bf20dc07 80 1 = Precise instruction counting.
2e70f6ef 81 2 = Adaptive rate instruction counting. */
5708fc66 82int use_icount;
6a00d601 83
e2eef170 84#if !defined(CONFIG_USER_ONLY)
4346ae3e 85
1db8abb1
PB		 86typedef struct PhysPageEntry PhysPageEntry;
87
88struct PhysPageEntry {
9736e55b 89 /* How many bits skip to next level (in units of L2_SIZE). 0 for a leaf. */
8b795765 90 uint32_t skip : 6;
9736e55b 91 /* index into phys_sections (!skip) or phys_map_nodes (skip) */
8b795765 92 uint32_t ptr : 26;
1db8abb1
PB		 93};
94
8b795765
MT		 95#define PHYS_MAP_NODE_NIL (((uint32_t)~0) >> 6)
96
03f49957 97/* Size of the L2 (and L3, etc) page tables. */
57271d63 98#define ADDR_SPACE_BITS 64
03f49957 99
026736ce 100#define P_L2_BITS 9
03f49957
PB		 101#define P_L2_SIZE (1 << P_L2_BITS)
102
103#define P_L2_LEVELS (((ADDR_SPACE_BITS - TARGET_PAGE_BITS - 1) / P_L2_BITS) + 1)
104
105typedef PhysPageEntry Node[P_L2_SIZE];
0475d94f 106
53cb28cb
MA		 107typedef struct PhysPageMap {
108 unsigned sections_nb;
109 unsigned sections_nb_alloc;
110 unsigned nodes_nb;
111 unsigned nodes_nb_alloc;
112 Node *nodes;
113 MemoryRegionSection *sections;
114} PhysPageMap;
115
1db8abb1
PB		 116struct AddressSpaceDispatch {
117 /* This is a multi-level map on the physical address space.
118 * The bottom level has pointers to MemoryRegionSections.
119 */
120 PhysPageEntry phys_map;
53cb28cb 121 PhysPageMap map;
acc9d80b 122 AddressSpace *as;
1db8abb1
PB		 123};
124
90260c6c
JK		 125#define SUBPAGE_IDX(addr) ((addr) & ~TARGET_PAGE_MASK)
126typedef struct subpage_t {
127 MemoryRegion iomem;
acc9d80b 128 AddressSpace *as;
90260c6c
JK		 129 hwaddr base;
130 uint16_t sub_section[TARGET_PAGE_SIZE];
131} subpage_t;
132
b41aac4f
LPF		 133#define PHYS_SECTION_UNASSIGNED 0
134#define PHYS_SECTION_NOTDIRTY 1
135#define PHYS_SECTION_ROM 2
136#define PHYS_SECTION_WATCH 3
5312bd8b 137
e2eef170 138static void io_mem_init(void);
62152b8a 139static void memory_map_init(void);
09daed84 140static void tcg_commit(MemoryListener *listener);
e2eef170 141
1ec9b909 142static MemoryRegion io_mem_watch;
6658ffb8 143#endif
fd6ce8f6 144
6d9a1304 145#if !defined(CONFIG_USER_ONLY)
d6f2ea22 146
53cb28cb 147static void phys_map_node_reserve(PhysPageMap *map, unsigned nodes)
d6f2ea22 148{
53cb28cb
MA		 149 if (map->nodes_nb + nodes > map->nodes_nb_alloc) {
150 map->nodes_nb_alloc = MAX(map->nodes_nb_alloc * 2, 16);
151 map->nodes_nb_alloc = MAX(map->nodes_nb_alloc, map->nodes_nb + nodes);
152 map->nodes = g_renew(Node, map->nodes, map->nodes_nb_alloc);
d6f2ea22 153 }
f7bf5461
AK		 154}
155
53cb28cb 156static uint32_t phys_map_node_alloc(PhysPageMap *map)
f7bf5461
AK		 157{
158 unsigned i;
8b795765 159 uint32_t ret;
f7bf5461 160
53cb28cb 161 ret = map->nodes_nb++;
f7bf5461 162 assert(ret != PHYS_MAP_NODE_NIL);
53cb28cb 163 assert(ret != map->nodes_nb_alloc);
03f49957 164 for (i = 0; i < P_L2_SIZE; ++i) {
53cb28cb
MA		 165 map->nodes[ret][i].skip = 1;
166 map->nodes[ret][i].ptr = PHYS_MAP_NODE_NIL;
d6f2ea22 167 }
f7bf5461 168 return ret;
d6f2ea22
AK		 169}
170
53cb28cb
MA		 171static void phys_page_set_level(PhysPageMap *map, PhysPageEntry *lp,
172 hwaddr *index, hwaddr *nb, uint16_t leaf,
2999097b 173 int level)
f7bf5461
AK		 174{
175 PhysPageEntry *p;
176 int i;
03f49957 177 hwaddr step = (hwaddr)1 << (level * P_L2_BITS);
108c49b8 178
9736e55b 179 if (lp->skip && lp->ptr == PHYS_MAP_NODE_NIL) {
53cb28cb
MA		 180 lp->ptr = phys_map_node_alloc(map);
181 p = map->nodes[lp->ptr];
f7bf5461 182 if (level == 0) {
03f49957 183 for (i = 0; i < P_L2_SIZE; i++) {
9736e55b 184 p[i].skip = 0;
b41aac4f 185 p[i].ptr = PHYS_SECTION_UNASSIGNED;
4346ae3e 186 }
67c4d23c 187 }
f7bf5461 188 } else {
53cb28cb 189 p = map->nodes[lp->ptr];
92e873b9 190 }
03f49957 191 lp = &p[(*index >> (level * P_L2_BITS)) & (P_L2_SIZE - 1)];
f7bf5461 192
03f49957 193 while (*nb && lp < &p[P_L2_SIZE]) {
07f07b31 194 if ((*index & (step - 1)) == 0 && *nb >= step) {
9736e55b 195 lp->skip = 0;
c19e8800 196 lp->ptr = leaf;
07f07b31
AK		 197 *index += step;
198 *nb -= step;
2999097b 199 } else {
53cb28cb 200 phys_page_set_level(map, lp, index, nb, leaf, level - 1);
2999097b
AK		 201 }
202 ++lp;
f7bf5461
AK		 203 }
204}
205
ac1970fb 206static void phys_page_set(AddressSpaceDispatch *d,
a8170e5e 207 hwaddr index, hwaddr nb,
2999097b 208 uint16_t leaf)
f7bf5461 209{
2999097b 210 /* Wildly overreserve - it doesn't matter much. */
53cb28cb 211 phys_map_node_reserve(&d->map, 3 * P_L2_LEVELS);
5cd2c5b6 212
53cb28cb 213 phys_page_set_level(&d->map, &d->phys_map, &index, &nb, leaf, P_L2_LEVELS - 1);
92e873b9
FB		 214}
215
b35ba30f
MT		 216/* Compact a non leaf page entry. Simply detect that the entry has a single child,
217 * and update our entry so we can skip it and go directly to the destination.
218 */
219static void phys_page_compact(PhysPageEntry *lp, Node *nodes, unsigned long *compacted)
220{
221 unsigned valid_ptr = P_L2_SIZE;
222 int valid = 0;
223 PhysPageEntry *p;
224 int i;
225
226 if (lp->ptr == PHYS_MAP_NODE_NIL) {
227 return;
228 }
229
230 p = nodes[lp->ptr];
231 for (i = 0; i < P_L2_SIZE; i++) {
232 if (p[i].ptr == PHYS_MAP_NODE_NIL) {
233 continue;
234 }
235
236 valid_ptr = i;
237 valid++;
238 if (p[i].skip) {
239 phys_page_compact(&p[i], nodes, compacted);
240 }
241 }
242
243 /* We can only compress if there's only one child. */
244 if (valid != 1) {
245 return;
246 }
247
248 assert(valid_ptr < P_L2_SIZE);
249
250 /* Don't compress if it won't fit in the # of bits we have. */
251 if (lp->skip + p[valid_ptr].skip >= (1 << 3)) {
252 return;
253 }
254
255 lp->ptr = p[valid_ptr].ptr;
256 if (!p[valid_ptr].skip) {
257 /* If our only child is a leaf, make this a leaf. */
258 /* By design, we should have made this node a leaf to begin with so we
259 * should never reach here.
260 * But since it's so simple to handle this, let's do it just in case we
261 * change this rule.
262 */
263 lp->skip = 0;
264 } else {
265 lp->skip += p[valid_ptr].skip;
266 }
267}
268
269static void phys_page_compact_all(AddressSpaceDispatch *d, int nodes_nb)
270{
271 DECLARE_BITMAP(compacted, nodes_nb);
272
273 if (d->phys_map.skip) {
53cb28cb 274 phys_page_compact(&d->phys_map, d->map.nodes, compacted);
b35ba30f
MT		 275 }
276}
277
97115a8d 278static MemoryRegionSection *phys_page_find(PhysPageEntry lp, hwaddr addr,
9affd6fc 279 Node *nodes, MemoryRegionSection *sections)
92e873b9 280{
31ab2b4a 281 PhysPageEntry *p;
97115a8d 282 hwaddr index = addr >> TARGET_PAGE_BITS;
31ab2b4a 283 int i;
f1f6e3b8 284
9736e55b 285 for (i = P_L2_LEVELS; lp.skip && (i -= lp.skip) >= 0;) {
c19e8800 286 if (lp.ptr == PHYS_MAP_NODE_NIL) {
9affd6fc 287 return &sections[PHYS_SECTION_UNASSIGNED];
31ab2b4a 288 }
9affd6fc 289 p = nodes[lp.ptr];
03f49957 290 lp = p[(index >> (i * P_L2_BITS)) & (P_L2_SIZE - 1)];
5312bd8b 291 }
b35ba30f
MT		 292
293 if (sections[lp.ptr].size.hi ||
294 range_covers_byte(sections[lp.ptr].offset_within_address_space,
295 sections[lp.ptr].size.lo, addr)) {
296 return &sections[lp.ptr];
297 } else {
298 return &sections[PHYS_SECTION_UNASSIGNED];
299 }
f3705d53
AK		 300}
301
e5548617
BS		 302bool memory_region_is_unassigned(MemoryRegion *mr)
303{
2a8e7499 304 return mr != &io_mem_rom && mr != &io_mem_notdirty && !mr->rom_device
5b6dd868 305 && mr != &io_mem_watch;
fd6ce8f6 306}
149f54b5 307
c7086b4a 308static MemoryRegionSection *address_space_lookup_region(AddressSpaceDispatch *d,
90260c6c
JK		 309 hwaddr addr,
310 bool resolve_subpage)
9f029603 311{
90260c6c
JK		 312 MemoryRegionSection *section;
313 subpage_t *subpage;
314
53cb28cb 315 section = phys_page_find(d->phys_map, addr, d->map.nodes, d->map.sections);
90260c6c
JK		 316 if (resolve_subpage && section->mr->subpage) {
317 subpage = container_of(section->mr, subpage_t, iomem);
53cb28cb 318 section = &d->map.sections[subpage->sub_section[SUBPAGE_IDX(addr)]];
90260c6c
JK		 319 }
320 return section;
9f029603
JK		 321}
322
90260c6c 323static MemoryRegionSection *
c7086b4a 324address_space_translate_internal(AddressSpaceDispatch *d, hwaddr addr, hwaddr *xlat,
90260c6c 325 hwaddr *plen, bool resolve_subpage)
149f54b5
PB		 326{
327 MemoryRegionSection *section;
a87f3954 328 Int128 diff;
149f54b5 329
c7086b4a 330 section = address_space_lookup_region(d, addr, resolve_subpage);
149f54b5
PB		 331 /* Compute offset within MemoryRegionSection */
332 addr -= section->offset_within_address_space;
333
334 /* Compute offset within MemoryRegion */
335 *xlat = addr + section->offset_within_region;
336
337 diff = int128_sub(section->mr->size, int128_make64(addr));
3752a036 338 *plen = int128_get64(int128_min(diff, int128_make64(*plen)));
149f54b5
PB		 339 return section;
340}
90260c6c 341
a87f3954
PB		 342static inline bool memory_access_is_direct(MemoryRegion *mr, bool is_write)
343{
344 if (memory_region_is_ram(mr)) {
345 return !(is_write && mr->readonly);
346 }
347 if (memory_region_is_romd(mr)) {
348 return !is_write;
349 }
350
351 return false;
352}
353
5c8a00ce
PB		 354MemoryRegion *address_space_translate(AddressSpace *as, hwaddr addr,
355 hwaddr *xlat, hwaddr *plen,
356 bool is_write)
90260c6c 357{
30951157
AK		 358 IOMMUTLBEntry iotlb;
359 MemoryRegionSection *section;
360 MemoryRegion *mr;
361 hwaddr len = *plen;
362
363 for (;;) {
a87f3954 364 section = address_space_translate_internal(as->dispatch, addr, &addr, plen, true);
30951157
AK		 365 mr = section->mr;
366
367 if (!mr->iommu_ops) {
368 break;
369 }
370
371 iotlb = mr->iommu_ops->translate(mr, addr);
372 addr = ((iotlb.translated_addr & ~iotlb.addr_mask)
373 | (addr & iotlb.addr_mask));
374 len = MIN(len, (addr | iotlb.addr_mask) - addr + 1);
375 if (!(iotlb.perm & (1 << is_write))) {
376 mr = &io_mem_unassigned;
377 break;
378 }
379
380 as = iotlb.target_as;
381 }
382
a87f3954
PB		 383 if (memory_access_is_direct(mr, is_write)) {
384 hwaddr page = ((addr & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE) - addr;
385 len = MIN(page, len);
386 }
387
30951157
AK		 388 *plen = len;
389 *xlat = addr;
390 return mr;
90260c6c
JK		 391}
392
393MemoryRegionSection *
394address_space_translate_for_iotlb(AddressSpace *as, hwaddr addr, hwaddr *xlat,
395 hwaddr *plen)
396{
30951157 397 MemoryRegionSection *section;
c7086b4a 398 section = address_space_translate_internal(as->dispatch, addr, xlat, plen, false);
30951157
AK		 399
400 assert(!section->mr->iommu_ops);
401 return section;
90260c6c 402}
5b6dd868 403#endif
fd6ce8f6 404
5b6dd868 405void cpu_exec_init_all(void)
fdbb84d1 406{
5b6dd868 407#if !defined(CONFIG_USER_ONLY)
b2a8658e 408 qemu_mutex_init(&ram_list.mutex);
5b6dd868
BS		 409 memory_map_init();
410 io_mem_init();
fdbb84d1 411#endif
5b6dd868 412}
fdbb84d1 413
b170fce3 414#if !defined(CONFIG_USER_ONLY)
5b6dd868
BS		 415
416static int cpu_common_post_load(void *opaque, int version_id)
fd6ce8f6 417{
259186a7 418 CPUState *cpu = opaque;
a513fe19 419
5b6dd868
BS		 420 /* 0x01 was CPU_INTERRUPT_EXIT. This line can be removed when the
421 version_id is increased. */
259186a7 422 cpu->interrupt_request &= ~0x01;
c01a71c1 423 tlb_flush(cpu, 1);
5b6dd868
BS		 424
425 return 0;
a513fe19 426}
7501267e 427
1a1562f5 428const VMStateDescription vmstate_cpu_common = {
5b6dd868
BS		 429 .name = "cpu_common",
430 .version_id = 1,
431 .minimum_version_id = 1,
432 .minimum_version_id_old = 1,
433 .post_load = cpu_common_post_load,
434 .fields = (VMStateField []) {
259186a7
AF		 435 VMSTATE_UINT32(halted, CPUState),
436 VMSTATE_UINT32(interrupt_request, CPUState),
5b6dd868
BS		 437 VMSTATE_END_OF_LIST()
438 }
439};
1a1562f5 440
5b6dd868 441#endif
ea041c0e 442
38d8f5c8 443CPUState *qemu_get_cpu(int index)
ea041c0e 444{
bdc44640 445 CPUState *cpu;
ea041c0e 446
bdc44640 447 CPU_FOREACH(cpu) {
55e5c285 448 if (cpu->cpu_index == index) {
bdc44640 449 return cpu;
55e5c285 450 }
ea041c0e 451 }
5b6dd868 452
bdc44640 453 return NULL;
ea041c0e
FB		 454}
455
09daed84
EI		 456#if !defined(CONFIG_USER_ONLY)
457void tcg_cpu_address_space_init(CPUState *cpu, AddressSpace *as)
458{
459 /* We only support one address space per cpu at the moment. */
460 assert(cpu->as == as);
461
462 if (cpu->tcg_as_listener) {
463 memory_listener_unregister(cpu->tcg_as_listener);
464 } else {
465 cpu->tcg_as_listener = g_new0(MemoryListener, 1);
466 }
467 cpu->tcg_as_listener->commit = tcg_commit;
468 memory_listener_register(cpu->tcg_as_listener, as);
469}
470#endif
471
5b6dd868 472void cpu_exec_init(CPUArchState *env)
ea041c0e 473{
5b6dd868 474 CPUState *cpu = ENV_GET_CPU(env);
b170fce3 475 CPUClass *cc = CPU_GET_CLASS(cpu);
bdc44640 476 CPUState *some_cpu;
5b6dd868
BS		 477 int cpu_index;
478
479#if defined(CONFIG_USER_ONLY)
480 cpu_list_lock();
481#endif
5b6dd868 482 cpu_index = 0;
bdc44640 483 CPU_FOREACH(some_cpu) {
5b6dd868
BS		 484 cpu_index++;
485 }
55e5c285 486 cpu->cpu_index = cpu_index;
1b1ed8dc 487 cpu->numa_node = 0;
f0c3c505 488 QTAILQ_INIT(&cpu->breakpoints);
ff4700b0 489 QTAILQ_INIT(&cpu->watchpoints);
5b6dd868 490#ifndef CONFIG_USER_ONLY
09daed84 491 cpu->as = &address_space_memory;
5b6dd868
BS		 492 cpu->thread_id = qemu_get_thread_id();
493#endif
bdc44640 494 QTAILQ_INSERT_TAIL(&cpus, cpu, node);
5b6dd868
BS		 495#if defined(CONFIG_USER_ONLY)
496 cpu_list_unlock();
497#endif
e0d47944
AF		 498 if (qdev_get_vmsd(DEVICE(cpu)) == NULL) {
499 vmstate_register(NULL, cpu_index, &vmstate_cpu_common, cpu);
500 }
5b6dd868 501#if defined(CPU_SAVE_VERSION) && !defined(CONFIG_USER_ONLY)
5b6dd868
BS		 502 register_savevm(NULL, "cpu", cpu_index, CPU_SAVE_VERSION,
503 cpu_save, cpu_load, env);
b170fce3 504 assert(cc->vmsd == NULL);
e0d47944 505 assert(qdev_get_vmsd(DEVICE(cpu)) == NULL);
5b6dd868 506#endif
b170fce3
AF		 507 if (cc->vmsd != NULL) {
508 vmstate_register(NULL, cpu_index, cc->vmsd, cpu);
509 }
ea041c0e
FB		 510}
511
1fddef4b 512#if defined(TARGET_HAS_ICE)
94df27fd 513#if defined(CONFIG_USER_ONLY)
00b941e5 514static void breakpoint_invalidate(CPUState *cpu, target_ulong pc)
94df27fd
PB		 515{
516 tb_invalidate_phys_page_range(pc, pc + 1, 0);
517}
518#else
00b941e5 519static void breakpoint_invalidate(CPUState *cpu, target_ulong pc)
1e7855a5 520{
e8262a1b
MF		 521 hwaddr phys = cpu_get_phys_page_debug(cpu, pc);
522 if (phys != -1) {
09daed84 523 tb_invalidate_phys_addr(cpu->as,
29d8ec7b 524 phys | (pc & ~TARGET_PAGE_MASK));
e8262a1b 525 }
1e7855a5 526}
c27004ec 527#endif
94df27fd 528#endif /* TARGET_HAS_ICE */
d720b93d 529
c527ee8f 530#if defined(CONFIG_USER_ONLY)
75a34036 531void cpu_watchpoint_remove_all(CPUState *cpu, int mask)
c527ee8f
PB		 532
533{
534}
535
75a34036 536int cpu_watchpoint_insert(CPUState *cpu, vaddr addr, vaddr len,
c527ee8f
PB		 537 int flags, CPUWatchpoint **watchpoint)
538{
539 return -ENOSYS;
540}
541#else
6658ffb8 542/* Add a watchpoint. */
75a34036 543int cpu_watchpoint_insert(CPUState *cpu, vaddr addr, vaddr len,
a1d1bb31 544 int flags, CPUWatchpoint **watchpoint)
6658ffb8 545{
75a34036 546 vaddr len_mask = ~(len - 1);
c0ce998e 547 CPUWatchpoint *wp;
6658ffb8 548
b4051334 549 /* sanity checks: allow power-of-2 lengths, deny unaligned watchpoints */
0dc23828
MF		 550 if ((len & (len - 1)) || (addr & ~len_mask) ||
551 len == 0 || len > TARGET_PAGE_SIZE) {
75a34036
AF		 552 error_report("tried to set invalid watchpoint at %"
553 VADDR_PRIx ", len=%" VADDR_PRIu, addr, len);
b4051334
AL		 554 return -EINVAL;
555 }
7267c094 556 wp = g_malloc(sizeof(*wp));
a1d1bb31
AL		 557
558 wp->vaddr = addr;
b4051334 559 wp->len_mask = len_mask;
a1d1bb31
AL		 560 wp->flags = flags;
561
2dc9f411 562 /* keep all GDB-injected watchpoints in front */
ff4700b0
AF		 563 if (flags & BP_GDB) {
564 QTAILQ_INSERT_HEAD(&cpu->watchpoints, wp, entry);
565 } else {
566 QTAILQ_INSERT_TAIL(&cpu->watchpoints, wp, entry);
567 }
6658ffb8 568
31b030d4 569 tlb_flush_page(cpu, addr);
a1d1bb31
AL		 570
571 if (watchpoint)
572 *watchpoint = wp;
573 return 0;
6658ffb8
PB		 574}
575
a1d1bb31 576/* Remove a specific watchpoint. */
75a34036 577int cpu_watchpoint_remove(CPUState *cpu, vaddr addr, vaddr len,
a1d1bb31 578 int flags)
6658ffb8 579{
75a34036 580 vaddr len_mask = ~(len - 1);
a1d1bb31 581 CPUWatchpoint *wp;
6658ffb8 582
ff4700b0 583 QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
b4051334 584 if (addr == wp->vaddr && len_mask == wp->len_mask
6e140f28 585 && flags == (wp->flags & ~BP_WATCHPOINT_HIT)) {
75a34036 586 cpu_watchpoint_remove_by_ref(cpu, wp);
6658ffb8
PB		 587 return 0;
588 }
589 }
a1d1bb31 590 return -ENOENT;
6658ffb8
PB		 591}
592
a1d1bb31 593/* Remove a specific watchpoint by reference. */
75a34036 594void cpu_watchpoint_remove_by_ref(CPUState *cpu, CPUWatchpoint *watchpoint)
a1d1bb31 595{
ff4700b0 596 QTAILQ_REMOVE(&cpu->watchpoints, watchpoint, entry);
7d03f82f 597
31b030d4 598 tlb_flush_page(cpu, watchpoint->vaddr);
a1d1bb31 599
7267c094 600 g_free(watchpoint);
a1d1bb31
AL		 601}
602
603/* Remove all matching watchpoints. */
75a34036 604void cpu_watchpoint_remove_all(CPUState *cpu, int mask)
a1d1bb31 605{
c0ce998e 606 CPUWatchpoint *wp, *next;
a1d1bb31 607
ff4700b0 608 QTAILQ_FOREACH_SAFE(wp, &cpu->watchpoints, entry, next) {
75a34036
AF		 609 if (wp->flags & mask) {
610 cpu_watchpoint_remove_by_ref(cpu, wp);
611 }
c0ce998e 612 }
7d03f82f 613}
c527ee8f 614#endif
7d03f82f 615
a1d1bb31 616/* Add a breakpoint. */
b3310ab3 617int cpu_breakpoint_insert(CPUState *cpu, vaddr pc, int flags,
a1d1bb31 618 CPUBreakpoint **breakpoint)
4c3a88a2 619{
1fddef4b 620#if defined(TARGET_HAS_ICE)
c0ce998e 621 CPUBreakpoint *bp;
3b46e624 622
7267c094 623 bp = g_malloc(sizeof(*bp));
4c3a88a2 624
a1d1bb31
AL		 625 bp->pc = pc;
626 bp->flags = flags;
627
2dc9f411 628 /* keep all GDB-injected breakpoints in front */
00b941e5 629 if (flags & BP_GDB) {
f0c3c505 630 QTAILQ_INSERT_HEAD(&cpu->breakpoints, bp, entry);
00b941e5 631 } else {
f0c3c505 632 QTAILQ_INSERT_TAIL(&cpu->breakpoints, bp, entry);
00b941e5 633 }
3b46e624 634
f0c3c505 635 breakpoint_invalidate(cpu, pc);
a1d1bb31 636
00b941e5 637 if (breakpoint) {
a1d1bb31 638 *breakpoint = bp;
00b941e5 639 }
4c3a88a2
FB		 640 return 0;
641#else
a1d1bb31 642 return -ENOSYS;
4c3a88a2
FB		 643#endif
644}
645
a1d1bb31 646/* Remove a specific breakpoint. */
b3310ab3 647int cpu_breakpoint_remove(CPUState *cpu, vaddr pc, int flags)
a1d1bb31 648{
7d03f82f 649#if defined(TARGET_HAS_ICE)
a1d1bb31
AL		 650 CPUBreakpoint *bp;
651
f0c3c505 652 QTAILQ_FOREACH(bp, &cpu->breakpoints, entry) {
a1d1bb31 653 if (bp->pc == pc && bp->flags == flags) {
b3310ab3 654 cpu_breakpoint_remove_by_ref(cpu, bp);
a1d1bb31
AL		 655 return 0;
656 }
7d03f82f 657 }
a1d1bb31
AL		 658 return -ENOENT;
659#else
660 return -ENOSYS;
7d03f82f
EI		 661#endif
662}
663
a1d1bb31 664/* Remove a specific breakpoint by reference. */
b3310ab3 665void cpu_breakpoint_remove_by_ref(CPUState *cpu, CPUBreakpoint *breakpoint)
4c3a88a2 666{
1fddef4b 667#if defined(TARGET_HAS_ICE)
f0c3c505
AF		 668 QTAILQ_REMOVE(&cpu->breakpoints, breakpoint, entry);
669
670 breakpoint_invalidate(cpu, breakpoint->pc);
a1d1bb31 671
7267c094 672 g_free(breakpoint);
a1d1bb31
AL		 673#endif
674}
675
676/* Remove all matching breakpoints. */
b3310ab3 677void cpu_breakpoint_remove_all(CPUState *cpu, int mask)
a1d1bb31
AL		 678{
679#if defined(TARGET_HAS_ICE)
c0ce998e 680 CPUBreakpoint *bp, *next;
a1d1bb31 681
f0c3c505 682 QTAILQ_FOREACH_SAFE(bp, &cpu->breakpoints, entry, next) {
b3310ab3
AF		 683 if (bp->flags & mask) {
684 cpu_breakpoint_remove_by_ref(cpu, bp);
685 }
c0ce998e 686 }
4c3a88a2
FB		 687#endif
688}
689
c33a346e
FB		 690/* enable or disable single step mode. EXCP_DEBUG is returned by the
691 CPU loop after each instruction */
3825b28f 692void cpu_single_step(CPUState *cpu, int enabled)
c33a346e 693{
1fddef4b 694#if defined(TARGET_HAS_ICE)
ed2803da
AF		 695 if (cpu->singlestep_enabled != enabled) {
696 cpu->singlestep_enabled = enabled;
697 if (kvm_enabled()) {
38e478ec 698 kvm_update_guest_debug(cpu, 0);
ed2803da 699 } else {
ccbb4d44 700 /* must flush all the translated code to avoid inconsistencies */
e22a25c9 701 /* XXX: only flush what is necessary */
38e478ec 702 CPUArchState *env = cpu->env_ptr;
e22a25c9
AL		 703 tb_flush(env);
704 }
c33a346e
FB		 705 }
706#endif
707}
708
a47dddd7 709void cpu_abort(CPUState *cpu, const char *fmt, ...)
7501267e
FB		 710{
711 va_list ap;
493ae1f0 712 va_list ap2;
7501267e
FB		 713
714 va_start(ap, fmt);
493ae1f0 715 va_copy(ap2, ap);
7501267e
FB		 716 fprintf(stderr, "qemu: fatal: ");
717 vfprintf(stderr, fmt, ap);
718 fprintf(stderr, "\n");
878096ee 719 cpu_dump_state(cpu, stderr, fprintf, CPU_DUMP_FPU | CPU_DUMP_CCOP);
93fcfe39
AL		 720 if (qemu_log_enabled()) {
721 qemu_log("qemu: fatal: ");
722 qemu_log_vprintf(fmt, ap2);
723 qemu_log("\n");
a0762859 724 log_cpu_state(cpu, CPU_DUMP_FPU | CPU_DUMP_CCOP);
31b1a7b4 725 qemu_log_flush();
93fcfe39 726 qemu_log_close();
924edcae 727 }
493ae1f0 728 va_end(ap2);
f9373291 729 va_end(ap);
fd052bf6
RV		 730#if defined(CONFIG_USER_ONLY)
731 {
732 struct sigaction act;
733 sigfillset(&act.sa_mask);
734 act.sa_handler = SIG_DFL;
735 sigaction(SIGABRT, &act, NULL);
736 }
737#endif
7501267e
FB		 738 abort();
739}
740
0124311e 741#if !defined(CONFIG_USER_ONLY)
041603fe
PB		 742static RAMBlock *qemu_get_ram_block(ram_addr_t addr)
743{
744 RAMBlock *block;
745
746 /* The list is protected by the iothread lock here. */
747 block = ram_list.mru_block;
748 if (block && addr - block->offset < block->length) {
749 goto found;
750 }
751 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
752 if (addr - block->offset < block->length) {
753 goto found;
754 }
755 }
756
757 fprintf(stderr, "Bad ram offset %" PRIx64 "\n", (uint64_t)addr);
758 abort();
759
760found:
761 ram_list.mru_block = block;
762 return block;
763}
764
a2f4d5be 765static void tlb_reset_dirty_range_all(ram_addr_t start, ram_addr_t length)
d24981d3 766{
041603fe 767 ram_addr_t start1;
a2f4d5be
JQ		 768 RAMBlock *block;
769 ram_addr_t end;
770
771 end = TARGET_PAGE_ALIGN(start + length);
772 start &= TARGET_PAGE_MASK;
d24981d3 773
041603fe
PB		 774 block = qemu_get_ram_block(start);
775 assert(block == qemu_get_ram_block(end - 1));
776 start1 = (uintptr_t)block->host + (start - block->offset);
777 cpu_tlb_reset_dirty_all(start1, length);
d24981d3
JQ		 778}
779
5579c7f3 780/* Note: start and end must be within the same ram block. */
a2f4d5be 781void cpu_physical_memory_reset_dirty(ram_addr_t start, ram_addr_t length,
52159192 782 unsigned client)
1ccde1cb 783{
1ccde1cb
FB		 784 if (length == 0)
785 return;
ace694cc 786 cpu_physical_memory_clear_dirty_range(start, length, client);
f23db169 787
d24981d3 788 if (tcg_enabled()) {
a2f4d5be 789 tlb_reset_dirty_range_all(start, length);
5579c7f3 790 }
1ccde1cb
FB		 791}
792
981fdf23 793static void cpu_physical_memory_set_dirty_tracking(bool enable)
74576198
AL		 794{
795 in_migration = enable;
74576198
AL		 796}
797
bb0e627a 798hwaddr memory_region_section_get_iotlb(CPUState *cpu,
149f54b5
PB		 799 MemoryRegionSection *section,
800 target_ulong vaddr,
801 hwaddr paddr, hwaddr xlat,
802 int prot,
803 target_ulong *address)
e5548617 804{
a8170e5e 805 hwaddr iotlb;
e5548617
BS		 806 CPUWatchpoint *wp;
807
cc5bea60 808 if (memory_region_is_ram(section->mr)) {
e5548617
BS		 809 /* Normal RAM. */
810 iotlb = (memory_region_get_ram_addr(section->mr) & TARGET_PAGE_MASK)
149f54b5 811 + xlat;
e5548617 812 if (!section->readonly) {
b41aac4f 813 iotlb |= PHYS_SECTION_NOTDIRTY;
e5548617 814 } else {
b41aac4f 815 iotlb |= PHYS_SECTION_ROM;
e5548617
BS		 816 }
817 } else {
1b3fb98f 818 iotlb = section - section->address_space->dispatch->map.sections;
149f54b5 819 iotlb += xlat;
e5548617
BS		 820 }
821
822 /* Make accesses to pages with watchpoints go via the
823 watchpoint trap routines. */
ff4700b0 824 QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
e5548617
BS		 825 if (vaddr == (wp->vaddr & TARGET_PAGE_MASK)) {
826 /* Avoid trapping reads of pages with a write breakpoint. */
827 if ((prot & PAGE_WRITE) || (wp->flags & BP_MEM_READ)) {
b41aac4f 828 iotlb = PHYS_SECTION_WATCH + paddr;
e5548617
BS		 829 *address |= TLB_MMIO;
830 break;
831 }
832 }
833 }
834
835 return iotlb;
836}
9fa3e853
FB		 837#endif /* defined(CONFIG_USER_ONLY) */
838
e2eef170 839#if !defined(CONFIG_USER_ONLY)
8da3ff18 840
c227f099 841static int subpage_register (subpage_t *mmio, uint32_t start, uint32_t end,
5312bd8b 842 uint16_t section);
acc9d80b 843static subpage_t *subpage_init(AddressSpace *as, hwaddr base);
54688b1e 844
575ddeb4 845static void *(*phys_mem_alloc)(size_t size) = qemu_anon_ram_alloc;
91138037
MA		 846
847/*
848 * Set a custom physical guest memory alloator.
849 * Accelerators with unusual needs may need this. Hopefully, we can
850 * get rid of it eventually.
851 */
575ddeb4 852void phys_mem_set_alloc(void *(*alloc)(size_t))
91138037
MA		 853{
854 phys_mem_alloc = alloc;
855}
856
53cb28cb
MA		 857static uint16_t phys_section_add(PhysPageMap *map,
858 MemoryRegionSection *section)
5312bd8b 859{
68f3f65b
PB		 860 /* The physical section number is ORed with a page-aligned
861 * pointer to produce the iotlb entries. Thus it should
862 * never overflow into the page-aligned value.
863 */
53cb28cb 864 assert(map->sections_nb < TARGET_PAGE_SIZE);
68f3f65b 865
53cb28cb
MA		 866 if (map->sections_nb == map->sections_nb_alloc) {
867 map->sections_nb_alloc = MAX(map->sections_nb_alloc * 2, 16);
868 map->sections = g_renew(MemoryRegionSection, map->sections,
869 map->sections_nb_alloc);
5312bd8b 870 }
53cb28cb 871 map->sections[map->sections_nb] = *section;
dfde4e6e 872 memory_region_ref(section->mr);
53cb28cb 873 return map->sections_nb++;
5312bd8b
AK		 874}
875
058bc4b5
PB		 876static void phys_section_destroy(MemoryRegion *mr)
877{
dfde4e6e
PB		 878 memory_region_unref(mr);
879
058bc4b5
PB		 880 if (mr->subpage) {
881 subpage_t *subpage = container_of(mr, subpage_t, iomem);
882 memory_region_destroy(&subpage->iomem);
883 g_free(subpage);
884 }
885}
886
6092666e 887static void phys_sections_free(PhysPageMap *map)
5312bd8b 888{
9affd6fc
PB		 889 while (map->sections_nb > 0) {
890 MemoryRegionSection *section = &map->sections[--map->sections_nb];
058bc4b5
PB		 891 phys_section_destroy(section->mr);
892 }
9affd6fc
PB		 893 g_free(map->sections);
894 g_free(map->nodes);
5312bd8b
AK		 895}
896
ac1970fb 897static void register_subpage(AddressSpaceDispatch *d, MemoryRegionSection *section)
0f0cb164
AK		 898{
899 subpage_t *subpage;
a8170e5e 900 hwaddr base = section->offset_within_address_space
0f0cb164 901 & TARGET_PAGE_MASK;
97115a8d 902 MemoryRegionSection *existing = phys_page_find(d->phys_map, base,
53cb28cb 903 d->map.nodes, d->map.sections);
0f0cb164
AK		 904 MemoryRegionSection subsection = {
905 .offset_within_address_space = base,
052e87b0 906 .size = int128_make64(TARGET_PAGE_SIZE),
0f0cb164 907 };
a8170e5e 908 hwaddr start, end;
0f0cb164 909
f3705d53 910 assert(existing->mr->subpage || existing->mr == &io_mem_unassigned);
0f0cb164 911
f3705d53 912 if (!(existing->mr->subpage)) {
acc9d80b 913 subpage = subpage_init(d->as, base);
3be91e86 914 subsection.address_space = d->as;
0f0cb164 915 subsection.mr = &subpage->iomem;
ac1970fb 916 phys_page_set(d, base >> TARGET_PAGE_BITS, 1,
53cb28cb 917 phys_section_add(&d->map, &subsection));
0f0cb164 918 } else {
f3705d53 919 subpage = container_of(existing->mr, subpage_t, iomem);
0f0cb164
AK		 920 }
921 start = section->offset_within_address_space & ~TARGET_PAGE_MASK;
052e87b0 922 end = start + int128_get64(section->size) - 1;
53cb28cb
MA		 923 subpage_register(subpage, start, end,
924 phys_section_add(&d->map, section));
0f0cb164
AK		 925}
926
927
052e87b0
PB		 928static void register_multipage(AddressSpaceDispatch *d,
929 MemoryRegionSection *section)
33417e70 930{
a8170e5e 931 hwaddr start_addr = section->offset_within_address_space;
53cb28cb 932 uint16_t section_index = phys_section_add(&d->map, section);
052e87b0
PB		 933 uint64_t num_pages = int128_get64(int128_rshift(section->size,
934 TARGET_PAGE_BITS));
dd81124b 935
733d5ef5
PB		 936 assert(num_pages);
937 phys_page_set(d, start_addr >> TARGET_PAGE_BITS, num_pages, section_index);
33417e70
FB		 938}
939
ac1970fb 940static void mem_add(MemoryListener *listener, MemoryRegionSection *section)
0f0cb164 941{
89ae337a 942 AddressSpace *as = container_of(listener, AddressSpace, dispatch_listener);
00752703 943 AddressSpaceDispatch *d = as->next_dispatch;
99b9cc06 944 MemoryRegionSection now = *section, remain = *section;
052e87b0 945 Int128 page_size = int128_make64(TARGET_PAGE_SIZE);
0f0cb164 946
733d5ef5
PB		 947 if (now.offset_within_address_space & ~TARGET_PAGE_MASK) {
948 uint64_t left = TARGET_PAGE_ALIGN(now.offset_within_address_space)
949 - now.offset_within_address_space;
950
052e87b0 951 now.size = int128_min(int128_make64(left), now.size);
ac1970fb 952 register_subpage(d, &now);
733d5ef5 953 } else {
052e87b0 954 now.size = int128_zero();
733d5ef5 955 }
052e87b0
PB		 956 while (int128_ne(remain.size, now.size)) {
957 remain.size = int128_sub(remain.size, now.size);
958 remain.offset_within_address_space += int128_get64(now.size);
959 remain.offset_within_region += int128_get64(now.size);
69b67646 960 now = remain;
052e87b0 961 if (int128_lt(remain.size, page_size)) {
733d5ef5 962 register_subpage(d, &now);
88266249 963 } else if (remain.offset_within_address_space & ~TARGET_PAGE_MASK) {
052e87b0 964 now.size = page_size;
ac1970fb 965 register_subpage(d, &now);
69b67646 966 } else {
052e87b0 967 now.size = int128_and(now.size, int128_neg(page_size));
ac1970fb 968 register_multipage(d, &now);
69b67646 969 }
0f0cb164
AK		 970 }
971}
972
62a2744c
SY		 973void qemu_flush_coalesced_mmio_buffer(void)
974{
975 if (kvm_enabled())
976 kvm_flush_coalesced_mmio_buffer();
977}
978
b2a8658e
UD		 979void qemu_mutex_lock_ramlist(void)
980{
981 qemu_mutex_lock(&ram_list.mutex);
982}
983
984void qemu_mutex_unlock_ramlist(void)
985{
986 qemu_mutex_unlock(&ram_list.mutex);
987}
988
e1e84ba0 989#ifdef __linux__
c902760f
MT		 990
991#include <sys/vfs.h>
992
993#define HUGETLBFS_MAGIC 0x958458f6
994
995static long gethugepagesize(const char *path)
996{
997 struct statfs fs;
998 int ret;
999
1000 do {
9742bf26 1001 ret = statfs(path, &fs);
c902760f
MT		 1002 } while (ret != 0 && errno == EINTR);
1003
1004 if (ret != 0) {
9742bf26
YT		 1005 perror(path);
1006 return 0;
c902760f
MT		 1007 }
1008
1009 if (fs.f_type != HUGETLBFS_MAGIC)
9742bf26 1010 fprintf(stderr, "Warning: path not on HugeTLBFS: %s\n", path);
c902760f
MT		 1011
1012 return fs.f_bsize;
1013}
1014
ef36fa14
MT		 1015static sigjmp_buf sigjump;
1016
1017static void sigbus_handler(int signal)
1018{
1019 siglongjmp(sigjump, 1);
1020}
1021
04b16653
AW		 1022static void *file_ram_alloc(RAMBlock *block,
1023 ram_addr_t memory,
1024 const char *path)
c902760f
MT		 1025{
1026 char *filename;
8ca761f6
PF		 1027 char *sanitized_name;
1028 char *c;
c902760f
MT		 1029 void *area;
1030 int fd;
c902760f
MT		 1031 unsigned long hpagesize;
1032
1033 hpagesize = gethugepagesize(path);
1034 if (!hpagesize) {
f9a49dfa 1035 goto error;
c902760f
MT		 1036 }
1037
1038 if (memory < hpagesize) {
1039 return NULL;
1040 }
1041
1042 if (kvm_enabled() && !kvm_has_sync_mmu()) {
1043 fprintf(stderr, "host lacks kvm mmu notifiers, -mem-path unsupported\n");
f9a49dfa 1044 goto error;
c902760f
MT		 1045 }
1046
8ca761f6
PF		 1047 /* Make name safe to use with mkstemp by replacing '/' with '_'. */
1048 sanitized_name = g_strdup(block->mr->name);
1049 for (c = sanitized_name; *c != '\0'; c++) {
1050 if (*c == '/')
1051 *c = '_';
1052 }
1053
1054 filename = g_strdup_printf("%s/qemu_back_mem.%s.XXXXXX", path,
1055 sanitized_name);
1056 g_free(sanitized_name);
c902760f
MT		 1057
1058 fd = mkstemp(filename);
1059 if (fd < 0) {
9742bf26 1060 perror("unable to create backing store for hugepages");
e4ada482 1061 g_free(filename);
f9a49dfa 1062 goto error;
c902760f
MT		 1063 }
1064 unlink(filename);
e4ada482 1065 g_free(filename);
c902760f
MT		 1066
1067 memory = (memory+hpagesize-1) & ~(hpagesize-1);
1068
1069 /*
1070 * ftruncate is not supported by hugetlbfs in older
1071 * hosts, so don't bother bailing out on errors.
1072 * If anything goes wrong with it under other filesystems,
1073 * mmap will fail.
1074 */
1075 if (ftruncate(fd, memory))
9742bf26 1076 perror("ftruncate");
c902760f 1077
c902760f 1078 area = mmap(0, memory, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
c902760f 1079 if (area == MAP_FAILED) {
9742bf26
YT		 1080 perror("file_ram_alloc: can't mmap RAM pages");
1081 close(fd);
f9a49dfa 1082 goto error;
c902760f 1083 }
ef36fa14
MT		 1084
1085 if (mem_prealloc) {
1086 int ret, i;
1087 struct sigaction act, oldact;
1088 sigset_t set, oldset;
1089
1090 memset(&act, 0, sizeof(act));
1091 act.sa_handler = &sigbus_handler;
1092 act.sa_flags = 0;
1093
1094 ret = sigaction(SIGBUS, &act, &oldact);
1095 if (ret) {
1096 perror("file_ram_alloc: failed to install signal handler");
1097 exit(1);
1098 }
1099
1100 /* unblock SIGBUS */
1101 sigemptyset(&set);
1102 sigaddset(&set, SIGBUS);
1103 pthread_sigmask(SIG_UNBLOCK, &set, &oldset);
1104
1105 if (sigsetjmp(sigjump, 1)) {
1106 fprintf(stderr, "file_ram_alloc: failed to preallocate pages\n");
1107 exit(1);
1108 }
1109
1110 /* MAP_POPULATE silently ignores failures */
2ba82852 1111 for (i = 0; i < (memory/hpagesize); i++) {
ef36fa14
MT		 1112 memset(area + (hpagesize*i), 0, 1);
1113 }
1114
1115 ret = sigaction(SIGBUS, &oldact, NULL);
1116 if (ret) {
1117 perror("file_ram_alloc: failed to reinstall signal handler");
1118 exit(1);
1119 }
1120
1121 pthread_sigmask(SIG_SETMASK, &oldset, NULL);
1122 }
1123
04b16653 1124 block->fd = fd;
c902760f 1125 return area;
f9a49dfa
MT		 1126
1127error:
1128 if (mem_prealloc) {
1129 exit(1);
1130 }
1131 return NULL;
c902760f 1132}
e1e84ba0
MA		 1133#else
1134static void *file_ram_alloc(RAMBlock *block,
1135 ram_addr_t memory,
1136 const char *path)
1137{
1138 fprintf(stderr, "-mem-path not supported on this host\n");
1139 exit(1);
1140}
c902760f
MT		 1141#endif
1142
d17b5288 1143static ram_addr_t find_ram_offset(ram_addr_t size)
04b16653
AW		 1144{
1145 RAMBlock *block, *next_block;
3e837b2c 1146 ram_addr_t offset = RAM_ADDR_MAX, mingap = RAM_ADDR_MAX;
04b16653 1147
49cd9ac6
SH		 1148 assert(size != 0); /* it would hand out same offset multiple times */
1149
a3161038 1150 if (QTAILQ_EMPTY(&ram_list.blocks))
04b16653
AW		 1151 return 0;
1152
a3161038 1153 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
f15fbc4b 1154 ram_addr_t end, next = RAM_ADDR_MAX;
04b16653
AW		 1155
1156 end = block->offset + block->length;
1157
a3161038 1158 QTAILQ_FOREACH(next_block, &ram_list.blocks, next) {
04b16653
AW		 1159 if (next_block->offset >= end) {
1160 next = MIN(next, next_block->offset);
1161 }
1162 }
1163 if (next - end >= size && next - end < mingap) {
3e837b2c 1164 offset = end;
04b16653
AW		 1165 mingap = next - end;
1166 }
1167 }
3e837b2c
AW		 1168
1169 if (offset == RAM_ADDR_MAX) {
1170 fprintf(stderr, "Failed to find gap of requested size: %" PRIu64 "\n",
1171 (uint64_t)size);
1172 abort();
1173 }
1174
04b16653
AW		 1175 return offset;
1176}
1177
652d7ec2 1178ram_addr_t last_ram_offset(void)
d17b5288
AW		 1179{
1180 RAMBlock *block;
1181 ram_addr_t last = 0;
1182
a3161038 1183 QTAILQ_FOREACH(block, &ram_list.blocks, next)
d17b5288
AW		 1184 last = MAX(last, block->offset + block->length);
1185
1186 return last;
1187}
1188
ddb97f1d
JB		 1189static void qemu_ram_setup_dump(void *addr, ram_addr_t size)
1190{
1191 int ret;
ddb97f1d
JB		 1192
1193 /* Use MADV_DONTDUMP, if user doesn't want the guest memory in the core */
2ff3de68
MA		 1194 if (!qemu_opt_get_bool(qemu_get_machine_opts(),
1195 "dump-guest-core", true)) {
ddb97f1d
JB		 1196 ret = qemu_madvise(addr, size, QEMU_MADV_DONTDUMP);
1197 if (ret) {
1198 perror("qemu_madvise");
1199 fprintf(stderr, "madvise doesn't support MADV_DONTDUMP, "
1200 "but dump_guest_core=off specified\n");
1201 }
1202 }
1203}
1204
c5705a77 1205void qemu_ram_set_idstr(ram_addr_t addr, const char *name, DeviceState *dev)
84b89d78
CM		 1206{
1207 RAMBlock *new_block, *block;
1208
c5705a77 1209 new_block = NULL;
a3161038 1210 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
c5705a77
AK		 1211 if (block->offset == addr) {
1212 new_block = block;
1213 break;
1214 }
1215 }
1216 assert(new_block);
1217 assert(!new_block->idstr[0]);
84b89d78 1218
09e5ab63
AL		 1219 if (dev) {
1220 char *id = qdev_get_dev_path(dev);
84b89d78
CM		 1221 if (id) {
1222 snprintf(new_block->idstr, sizeof(new_block->idstr), "%s/", id);
7267c094 1223 g_free(id);
84b89d78
CM		 1224 }
1225 }
1226 pstrcat(new_block->idstr, sizeof(new_block->idstr), name);
1227
b2a8658e
UD		 1228 /* This assumes the iothread lock is taken here too. */
1229 qemu_mutex_lock_ramlist();
a3161038 1230 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
c5705a77 1231 if (block != new_block && !strcmp(block->idstr, new_block->idstr)) {
84b89d78
CM		 1232 fprintf(stderr, "RAMBlock \"%s\" already registered, abort!\n",
1233 new_block->idstr);
1234 abort();
1235 }
1236 }
b2a8658e 1237 qemu_mutex_unlock_ramlist();
c5705a77
AK		 1238}
1239
8490fc78
LC		 1240static int memory_try_enable_merging(void *addr, size_t len)
1241{
2ff3de68 1242 if (!qemu_opt_get_bool(qemu_get_machine_opts(), "mem-merge", true)) {
8490fc78
LC		 1243 /* disabled by the user */
1244 return 0;
1245 }
1246
1247 return qemu_madvise(addr, len, QEMU_MADV_MERGEABLE);
1248}
1249
c5705a77
AK		 1250ram_addr_t qemu_ram_alloc_from_ptr(ram_addr_t size, void *host,
1251 MemoryRegion *mr)
1252{
abb26d63 1253 RAMBlock *block, *new_block;
2152f5ca
JQ		 1254 ram_addr_t old_ram_size, new_ram_size;
1255
1256 old_ram_size = last_ram_offset() >> TARGET_PAGE_BITS;
c5705a77
AK		 1257
1258 size = TARGET_PAGE_ALIGN(size);
1259 new_block = g_malloc0(sizeof(*new_block));
3435f395 1260 new_block->fd = -1;
84b89d78 1261
b2a8658e
UD		 1262 /* This assumes the iothread lock is taken here too. */
1263 qemu_mutex_lock_ramlist();
7c637366 1264 new_block->mr = mr;
432d268c 1265 new_block->offset = find_ram_offset(size);
6977dfe6
YT		 1266 if (host) {
1267 new_block->host = host;
cd19cfa2 1268 new_block->flags |= RAM_PREALLOC_MASK;
dfeaf2ab
MA		 1269 } else if (xen_enabled()) {
1270 if (mem_path) {
1271 fprintf(stderr, "-mem-path not supported with Xen\n");
1272 exit(1);
1273 }
1274 xen_ram_alloc(new_block->offset, size, mr);
6977dfe6
YT		 1275 } else {
1276 if (mem_path) {
e1e84ba0
MA		 1277 if (phys_mem_alloc != qemu_anon_ram_alloc) {
1278 /*
1279 * file_ram_alloc() needs to allocate just like
1280 * phys_mem_alloc, but we haven't bothered to provide
1281 * a hook there.
1282 */
1283 fprintf(stderr,
1284 "-mem-path not supported with this accelerator\n");
1285 exit(1);
1286 }
6977dfe6 1287 new_block->host = file_ram_alloc(new_block, size, mem_path);
0628c182
MA		 1288 }
1289 if (!new_block->host) {
91138037 1290 new_block->host = phys_mem_alloc(size);
39228250
MA		 1291 if (!new_block->host) {
1292 fprintf(stderr, "Cannot set up guest memory '%s': %s\n",
1293 new_block->mr->name, strerror(errno));
1294 exit(1);
1295 }
8490fc78 1296 memory_try_enable_merging(new_block->host, size);
6977dfe6 1297 }
c902760f 1298 }
94a6b54f
PB		 1299 new_block->length = size;
1300
abb26d63
PB		 1301 /* Keep the list sorted from biggest to smallest block. */
1302 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1303 if (block->length < new_block->length) {
1304 break;
1305 }
1306 }
1307 if (block) {
1308 QTAILQ_INSERT_BEFORE(block, new_block, next);
1309 } else {
1310 QTAILQ_INSERT_TAIL(&ram_list.blocks, new_block, next);
1311 }
0d6d3c87 1312 ram_list.mru_block = NULL;
94a6b54f 1313
f798b07f 1314 ram_list.version++;
b2a8658e 1315 qemu_mutex_unlock_ramlist();
f798b07f 1316
2152f5ca
JQ		 1317 new_ram_size = last_ram_offset() >> TARGET_PAGE_BITS;
1318
1319 if (new_ram_size > old_ram_size) {
1ab4c8ce
JQ		 1320 int i;
1321 for (i = 0; i < DIRTY_MEMORY_NUM; i++) {
1322 ram_list.dirty_memory[i] =
1323 bitmap_zero_extend(ram_list.dirty_memory[i],
1324 old_ram_size, new_ram_size);
1325 }
2152f5ca 1326 }
75218e7f 1327 cpu_physical_memory_set_dirty_range(new_block->offset, size);
94a6b54f 1328
ddb97f1d 1329 qemu_ram_setup_dump(new_block->host, size);
ad0b5321 1330 qemu_madvise(new_block->host, size, QEMU_MADV_HUGEPAGE);
3e469dbf 1331 qemu_madvise(new_block->host, size, QEMU_MADV_DONTFORK);
ddb97f1d 1332
6f0437e8
JK		 1333 if (kvm_enabled())
1334 kvm_setup_guest_memory(new_block->host, size);
1335
94a6b54f
PB		 1336 return new_block->offset;
1337}
e9a1ab19 1338
c5705a77 1339ram_addr_t qemu_ram_alloc(ram_addr_t size, MemoryRegion *mr)
6977dfe6 1340{
c5705a77 1341 return qemu_ram_alloc_from_ptr(size, NULL, mr);
6977dfe6
YT		 1342}
1343
1f2e98b6
AW		 1344void qemu_ram_free_from_ptr(ram_addr_t addr)
1345{
1346 RAMBlock *block;
1347
b2a8658e
UD		 1348 /* This assumes the iothread lock is taken here too. */
1349 qemu_mutex_lock_ramlist();
a3161038 1350 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1f2e98b6 1351 if (addr == block->offset) {
a3161038 1352 QTAILQ_REMOVE(&ram_list.blocks, block, next);
0d6d3c87 1353 ram_list.mru_block = NULL;
f798b07f 1354 ram_list.version++;
7267c094 1355 g_free(block);
b2a8658e 1356 break;
1f2e98b6
AW		 1357 }
1358 }
b2a8658e 1359 qemu_mutex_unlock_ramlist();
1f2e98b6
AW		 1360}
1361
c227f099 1362void qemu_ram_free(ram_addr_t addr)
e9a1ab19 1363{
04b16653
AW		 1364 RAMBlock *block;
1365
b2a8658e
UD		 1366 /* This assumes the iothread lock is taken here too. */
1367 qemu_mutex_lock_ramlist();
a3161038 1368 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
04b16653 1369 if (addr == block->offset) {
a3161038 1370 QTAILQ_REMOVE(&ram_list.blocks, block, next);
0d6d3c87 1371 ram_list.mru_block = NULL;
f798b07f 1372 ram_list.version++;
cd19cfa2
HY		 1373 if (block->flags & RAM_PREALLOC_MASK) {
1374 ;
dfeaf2ab
MA		 1375 } else if (xen_enabled()) {
1376 xen_invalidate_map_cache_entry(block->host);
089f3f76 1377#ifndef _WIN32
3435f395
MA		 1378 } else if (block->fd >= 0) {
1379 munmap(block->host, block->length);
1380 close(block->fd);
089f3f76 1381#endif
04b16653 1382 } else {
dfeaf2ab 1383 qemu_anon_ram_free(block->host, block->length);
04b16653 1384 }
7267c094 1385 g_free(block);
b2a8658e 1386 break;
04b16653
AW		 1387 }
1388 }
b2a8658e 1389 qemu_mutex_unlock_ramlist();
04b16653 1390
e9a1ab19
FB		 1391}
1392
cd19cfa2
HY		 1393#ifndef _WIN32
1394void qemu_ram_remap(ram_addr_t addr, ram_addr_t length)
1395{
1396 RAMBlock *block;
1397 ram_addr_t offset;
1398 int flags;
1399 void *area, *vaddr;
1400
a3161038 1401 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
cd19cfa2
HY		 1402 offset = addr - block->offset;
1403 if (offset < block->length) {
1404 vaddr = block->host + offset;
1405 if (block->flags & RAM_PREALLOC_MASK) {
1406 ;
dfeaf2ab
MA		 1407 } else if (xen_enabled()) {
1408 abort();
cd19cfa2
HY		 1409 } else {
1410 flags = MAP_FIXED;
1411 munmap(vaddr, length);
3435f395 1412 if (block->fd >= 0) {
cd19cfa2 1413#ifdef MAP_POPULATE
3435f395
MA		 1414 flags |= mem_prealloc ? MAP_POPULATE | MAP_SHARED :
1415 MAP_PRIVATE;
fd28aa13 1416#else
3435f395 1417 flags |= MAP_PRIVATE;
cd19cfa2 1418#endif
3435f395
MA		 1419 area = mmap(vaddr, length, PROT_READ | PROT_WRITE,
1420 flags, block->fd, offset);
cd19cfa2 1421 } else {
2eb9fbaa
MA		 1422 /*
1423 * Remap needs to match alloc. Accelerators that
1424 * set phys_mem_alloc never remap. If they did,
1425 * we'd need a remap hook here.
1426 */
1427 assert(phys_mem_alloc == qemu_anon_ram_alloc);
1428
cd19cfa2
HY		 1429 flags |= MAP_PRIVATE | MAP_ANONYMOUS;
1430 area = mmap(vaddr, length, PROT_READ | PROT_WRITE,
1431 flags, -1, 0);
cd19cfa2
HY		 1432 }
1433 if (area != vaddr) {
f15fbc4b
AP		 1434 fprintf(stderr, "Could not remap addr: "
1435 RAM_ADDR_FMT "@" RAM_ADDR_FMT "\n",
cd19cfa2
HY		 1436 length, addr);
1437 exit(1);
1438 }
8490fc78 1439 memory_try_enable_merging(vaddr, length);
ddb97f1d 1440 qemu_ram_setup_dump(vaddr, length);
cd19cfa2
HY		 1441 }
1442 return;
1443 }
1444 }
1445}
1446#endif /* !_WIN32 */
1447
1b5ec234
PB		 1448/* Return a host pointer to ram allocated with qemu_ram_alloc.
1449 With the exception of the softmmu code in this file, this should
1450 only be used for local memory (e.g. video ram) that the device owns,
1451 and knows it isn't going to access beyond the end of the block.
1452
1453 It should not be used for general purpose DMA.
1454 Use cpu_physical_memory_map/cpu_physical_memory_rw instead.
1455 */
1456void *qemu_get_ram_ptr(ram_addr_t addr)
1457{
1458 RAMBlock *block = qemu_get_ram_block(addr);
1459
0d6d3c87
PB		 1460 if (xen_enabled()) {
1461 /* We need to check if the requested address is in the RAM
1462 * because we don't want to map the entire memory in QEMU.
1463 * In that case just map until the end of the page.
1464 */
1465 if (block->offset == 0) {
1466 return xen_map_cache(addr, 0, 0);
1467 } else if (block->host == NULL) {
1468 block->host =
1469 xen_map_cache(block->offset, block->length, 1);
1470 }
1471 }
1472 return block->host + (addr - block->offset);
dc828ca1
PB		 1473}
1474
38bee5dc
SS		 1475/* Return a host pointer to guest's ram. Similar to qemu_get_ram_ptr
1476 * but takes a size argument */
cb85f7ab 1477static void *qemu_ram_ptr_length(ram_addr_t addr, hwaddr *size)
38bee5dc 1478{
8ab934f9
SS		 1479 if (*size == 0) {
1480 return NULL;
1481 }
868bb33f 1482 if (xen_enabled()) {
e41d7c69 1483 return xen_map_cache(addr, *size, 1);
868bb33f 1484 } else {
38bee5dc
SS		 1485 RAMBlock *block;
1486
a3161038 1487 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
38bee5dc
SS		 1488 if (addr - block->offset < block->length) {
1489 if (addr - block->offset + *size > block->length)
1490 *size = block->length - addr + block->offset;
1491 return block->host + (addr - block->offset);
1492 }
1493 }
1494
1495 fprintf(stderr, "Bad ram offset %" PRIx64 "\n", (uint64_t)addr);
1496 abort();
38bee5dc
SS		 1497 }
1498}
1499
7443b437
PB		 1500/* Some of the softmmu routines need to translate from a host pointer
1501 (typically a TLB entry) back to a ram offset. */
1b5ec234 1502MemoryRegion *qemu_ram_addr_from_host(void *ptr, ram_addr_t *ram_addr)
5579c7f3 1503{
94a6b54f
PB		 1504 RAMBlock *block;
1505 uint8_t *host = ptr;
1506
868bb33f 1507 if (xen_enabled()) {
e41d7c69 1508 *ram_addr = xen_ram_addr_from_mapcache(ptr);
1b5ec234 1509 return qemu_get_ram_block(*ram_addr)->mr;
712c2b41
SS		 1510 }
1511
23887b79
PB		 1512 block = ram_list.mru_block;
1513 if (block && block->host && host - block->host < block->length) {
1514 goto found;
1515 }
1516
a3161038 1517 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
432d268c
JN		 1518 /* This case append when the block is not mapped. */
1519 if (block->host == NULL) {
1520 continue;
1521 }
f471a17e 1522 if (host - block->host < block->length) {
23887b79 1523 goto found;
f471a17e 1524 }
94a6b54f 1525 }
432d268c 1526
1b5ec234 1527 return NULL;
23887b79
PB		 1528
1529found:
1530 *ram_addr = block->offset + (host - block->host);
1b5ec234 1531 return block->mr;
e890261f 1532}
f471a17e 1533
a8170e5e 1534static void notdirty_mem_write(void *opaque, hwaddr ram_addr,
0e0df1e2 1535 uint64_t val, unsigned size)
9fa3e853 1536{
52159192 1537 if (!cpu_physical_memory_get_dirty_flag(ram_addr, DIRTY_MEMORY_CODE)) {
0e0df1e2 1538 tb_invalidate_phys_page_fast(ram_addr, size);
3a7d929e 1539 }
0e0df1e2
AK		 1540 switch (size) {
1541 case 1:
1542 stb_p(qemu_get_ram_ptr(ram_addr), val);
1543 break;
1544 case 2:
1545 stw_p(qemu_get_ram_ptr(ram_addr), val);
1546 break;
1547 case 4:
1548 stl_p(qemu_get_ram_ptr(ram_addr), val);
1549 break;
1550 default:
1551 abort();
3a7d929e 1552 }
52159192
JQ		 1553 cpu_physical_memory_set_dirty_flag(ram_addr, DIRTY_MEMORY_MIGRATION);
1554 cpu_physical_memory_set_dirty_flag(ram_addr, DIRTY_MEMORY_VGA);
f23db169
FB		 1555 /* we remove the notdirty callback only if the code has been
1556 flushed */
a2cd8c85 1557 if (!cpu_physical_memory_is_clean(ram_addr)) {
4917cf44 1558 CPUArchState *env = current_cpu->env_ptr;
93afeade 1559 tlb_set_dirty(env, current_cpu->mem_io_vaddr);
4917cf44 1560 }
9fa3e853
FB		 1561}
1562
b018ddf6
PB		 1563static bool notdirty_mem_accepts(void *opaque, hwaddr addr,
1564 unsigned size, bool is_write)
1565{
1566 return is_write;
1567}
1568
0e0df1e2 1569static const MemoryRegionOps notdirty_mem_ops = {
0e0df1e2 1570 .write = notdirty_mem_write,
b018ddf6 1571 .valid.accepts = notdirty_mem_accepts,
0e0df1e2 1572 .endianness = DEVICE_NATIVE_ENDIAN,
1ccde1cb
FB		 1573};
1574
0f459d16 1575/* Generate a debug exception if a watchpoint has been hit. */
b4051334 1576static void check_watchpoint(int offset, int len_mask, int flags)
0f459d16 1577{
93afeade
AF		 1578 CPUState *cpu = current_cpu;
1579 CPUArchState *env = cpu->env_ptr;
06d55cc1 1580 target_ulong pc, cs_base;
0f459d16 1581 target_ulong vaddr;
a1d1bb31 1582 CPUWatchpoint *wp;
06d55cc1 1583 int cpu_flags;
0f459d16 1584
ff4700b0 1585 if (cpu->watchpoint_hit) {
06d55cc1
AL		 1586 /* We re-entered the check after replacing the TB. Now raise
1587 * the debug interrupt so that is will trigger after the
1588 * current instruction. */
93afeade 1589 cpu_interrupt(cpu, CPU_INTERRUPT_DEBUG);
06d55cc1
AL		 1590 return;
1591 }
93afeade 1592 vaddr = (cpu->mem_io_vaddr & TARGET_PAGE_MASK) + offset;
ff4700b0 1593 QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
b4051334
AL		 1594 if ((vaddr == (wp->vaddr & len_mask) ||
1595 (vaddr & wp->len_mask) == wp->vaddr) && (wp->flags & flags)) {
6e140f28 1596 wp->flags |= BP_WATCHPOINT_HIT;
ff4700b0
AF		 1597 if (!cpu->watchpoint_hit) {
1598 cpu->watchpoint_hit = wp;
239c51a5 1599 tb_check_watchpoint(cpu);
6e140f28 1600 if (wp->flags & BP_STOP_BEFORE_ACCESS) {
27103424 1601 cpu->exception_index = EXCP_DEBUG;
5638d180 1602 cpu_loop_exit(cpu);
6e140f28
AL		 1603 } else {
1604 cpu_get_tb_cpu_state(env, &pc, &cs_base, &cpu_flags);
648f034c 1605 tb_gen_code(cpu, pc, cs_base, cpu_flags, 1);
0ea8cb88 1606 cpu_resume_from_signal(cpu, NULL);
6e140f28 1607 }
06d55cc1 1608 }
6e140f28
AL		 1609 } else {
1610 wp->flags &= ~BP_WATCHPOINT_HIT;
0f459d16
PB		 1611 }
1612 }
1613}
1614
6658ffb8
PB		 1615/* Watchpoint access routines. Watchpoints are inserted using TLB tricks,
1616 so these check for a hit then pass through to the normal out-of-line
1617 phys routines. */
a8170e5e 1618static uint64_t watch_mem_read(void *opaque, hwaddr addr,
1ec9b909 1619 unsigned size)
6658ffb8 1620{
1ec9b909
AK		 1621 check_watchpoint(addr & ~TARGET_PAGE_MASK, ~(size - 1), BP_MEM_READ);
1622 switch (size) {
2c17449b 1623 case 1: return ldub_phys(&address_space_memory, addr);
41701aa4 1624 case 2: return lduw_phys(&address_space_memory, addr);
fdfba1a2 1625 case 4: return ldl_phys(&address_space_memory, addr);
1ec9b909
AK		 1626 default: abort();
1627 }
6658ffb8
PB		 1628}
1629
a8170e5e 1630static void watch_mem_write(void *opaque, hwaddr addr,
1ec9b909 1631 uint64_t val, unsigned size)
6658ffb8 1632{
1ec9b909
AK		 1633 check_watchpoint(addr & ~TARGET_PAGE_MASK, ~(size - 1), BP_MEM_WRITE);
1634 switch (size) {
67364150 1635 case 1:
db3be60d 1636 stb_phys(&address_space_memory, addr, val);
67364150
MF		 1637 break;
1638 case 2:
5ce5944d 1639 stw_phys(&address_space_memory, addr, val);
67364150
MF		 1640 break;
1641 case 4:
ab1da857 1642 stl_phys(&address_space_memory, addr, val);
67364150 1643 break;
1ec9b909
AK		 1644 default: abort();
1645 }
6658ffb8
PB		 1646}
1647
1ec9b909
AK		 1648static const MemoryRegionOps watch_mem_ops = {
1649 .read = watch_mem_read,
1650 .write = watch_mem_write,
1651 .endianness = DEVICE_NATIVE_ENDIAN,
6658ffb8 1652};
6658ffb8 1653
a8170e5e 1654static uint64_t subpage_read(void *opaque, hwaddr addr,
70c68e44 1655 unsigned len)
db7b5426 1656{
acc9d80b
JK		 1657 subpage_t *subpage = opaque;
1658 uint8_t buf[4];
791af8c8 1659
db7b5426 1660#if defined(DEBUG_SUBPAGE)
016e9d62 1661 printf("%s: subpage %p len %u addr " TARGET_FMT_plx "\n", __func__,
acc9d80b 1662 subpage, len, addr);
db7b5426 1663#endif
acc9d80b
JK		 1664 address_space_read(subpage->as, addr + subpage->base, buf, len);
1665 switch (len) {
1666 case 1:
1667 return ldub_p(buf);
1668 case 2:
1669 return lduw_p(buf);
1670 case 4:
1671 return ldl_p(buf);
1672 default:
1673 abort();
1674 }
db7b5426
BS		 1675}
1676
a8170e5e 1677static void subpage_write(void *opaque, hwaddr addr,
70c68e44 1678 uint64_t value, unsigned len)
db7b5426 1679{
acc9d80b
JK		 1680 subpage_t *subpage = opaque;
1681 uint8_t buf[4];
1682
db7b5426 1683#if defined(DEBUG_SUBPAGE)
016e9d62 1684 printf("%s: subpage %p len %u addr " TARGET_FMT_plx
acc9d80b
JK		 1685 " value %"PRIx64"\n",
1686 __func__, subpage, len, addr, value);
db7b5426 1687#endif
acc9d80b
JK		 1688 switch (len) {
1689 case 1:
1690 stb_p(buf, value);
1691 break;
1692 case 2:
1693 stw_p(buf, value);
1694 break;
1695 case 4:
1696 stl_p(buf, value);
1697 break;
1698 default:
1699 abort();
1700 }
1701 address_space_write(subpage->as, addr + subpage->base, buf, len);
db7b5426
BS		 1702}
1703
c353e4cc 1704static bool subpage_accepts(void *opaque, hwaddr addr,
016e9d62 1705 unsigned len, bool is_write)
c353e4cc 1706{
acc9d80b 1707 subpage_t *subpage = opaque;
c353e4cc 1708#if defined(DEBUG_SUBPAGE)
016e9d62 1709 printf("%s: subpage %p %c len %u addr " TARGET_FMT_plx "\n",
acc9d80b 1710 __func__, subpage, is_write ? 'w' : 'r', len, addr);
c353e4cc
PB		 1711#endif
1712
acc9d80b 1713 return address_space_access_valid(subpage->as, addr + subpage->base,
016e9d62 1714 len, is_write);
c353e4cc
PB		 1715}
1716
70c68e44
AK		 1717static const MemoryRegionOps subpage_ops = {
1718 .read = subpage_read,
1719 .write = subpage_write,
c353e4cc 1720 .valid.accepts = subpage_accepts,
70c68e44 1721 .endianness = DEVICE_NATIVE_ENDIAN,
db7b5426
BS		 1722};
1723
c227f099 1724static int subpage_register (subpage_t *mmio, uint32_t start, uint32_t end,
5312bd8b 1725 uint16_t section)
db7b5426
BS		 1726{
1727 int idx, eidx;
1728
1729 if (start >= TARGET_PAGE_SIZE || end >= TARGET_PAGE_SIZE)
1730 return -1;
1731 idx = SUBPAGE_IDX(start);
1732 eidx = SUBPAGE_IDX(end);
1733#if defined(DEBUG_SUBPAGE)
016e9d62
AK		 1734 printf("%s: %p start %08x end %08x idx %08x eidx %08x section %d\n",
1735 __func__, mmio, start, end, idx, eidx, section);
db7b5426 1736#endif
db7b5426 1737 for (; idx <= eidx; idx++) {
5312bd8b 1738 mmio->sub_section[idx] = section;
db7b5426
BS		 1739 }
1740
1741 return 0;
1742}
1743
acc9d80b 1744static subpage_t *subpage_init(AddressSpace *as, hwaddr base)
db7b5426 1745{
c227f099 1746 subpage_t *mmio;
db7b5426 1747
7267c094 1748 mmio = g_malloc0(sizeof(subpage_t));
1eec614b 1749
acc9d80b 1750 mmio->as = as;
1eec614b 1751 mmio->base = base;
2c9b15ca 1752 memory_region_init_io(&mmio->iomem, NULL, &subpage_ops, mmio,
70c68e44 1753 "subpage", TARGET_PAGE_SIZE);
b3b00c78 1754 mmio->iomem.subpage = true;
db7b5426 1755#if defined(DEBUG_SUBPAGE)
016e9d62
AK		 1756 printf("%s: %p base " TARGET_FMT_plx " len %08x\n", __func__,
1757 mmio, base, TARGET_PAGE_SIZE);
db7b5426 1758#endif
b41aac4f 1759 subpage_register(mmio, 0, TARGET_PAGE_SIZE-1, PHYS_SECTION_UNASSIGNED);
db7b5426
BS		 1760
1761 return mmio;
1762}
1763
53cb28cb 1764static uint16_t dummy_section(PhysPageMap *map, MemoryRegion *mr)
5312bd8b
AK		 1765{
1766 MemoryRegionSection section = {
3be91e86 1767 .address_space = &address_space_memory,
5312bd8b
AK		 1768 .mr = mr,
1769 .offset_within_address_space = 0,
1770 .offset_within_region = 0,
052e87b0 1771 .size = int128_2_64(),
5312bd8b
AK		 1772 };
1773
53cb28cb 1774 return phys_section_add(map, &section);
5312bd8b
AK		 1775}
1776
77717094 1777MemoryRegion *iotlb_to_region(AddressSpace *as, hwaddr index)
aa102231 1778{
77717094 1779 return as->dispatch->map.sections[index & ~TARGET_PAGE_MASK].mr;
aa102231
AK		 1780}
1781
e9179ce1
AK		 1782static void io_mem_init(void)
1783{
2c9b15ca
PB		 1784 memory_region_init_io(&io_mem_rom, NULL, &unassigned_mem_ops, NULL, "rom", UINT64_MAX);
1785 memory_region_init_io(&io_mem_unassigned, NULL, &unassigned_mem_ops, NULL,
0e0df1e2 1786 "unassigned", UINT64_MAX);
2c9b15ca 1787 memory_region_init_io(&io_mem_notdirty, NULL, &notdirty_mem_ops, NULL,
0e0df1e2 1788 "notdirty", UINT64_MAX);
2c9b15ca 1789 memory_region_init_io(&io_mem_watch, NULL, &watch_mem_ops, NULL,
1ec9b909 1790 "watch", UINT64_MAX);
e9179ce1
AK		 1791}
1792
ac1970fb 1793static void mem_begin(MemoryListener *listener)
00752703
PB		 1794{
1795 AddressSpace *as = container_of(listener, AddressSpace, dispatch_listener);
53cb28cb
MA		 1796 AddressSpaceDispatch *d = g_new0(AddressSpaceDispatch, 1);
1797 uint16_t n;
1798
1799 n = dummy_section(&d->map, &io_mem_unassigned);
1800 assert(n == PHYS_SECTION_UNASSIGNED);
1801 n = dummy_section(&d->map, &io_mem_notdirty);
1802 assert(n == PHYS_SECTION_NOTDIRTY);
1803 n = dummy_section(&d->map, &io_mem_rom);
1804 assert(n == PHYS_SECTION_ROM);
1805 n = dummy_section(&d->map, &io_mem_watch);
1806 assert(n == PHYS_SECTION_WATCH);
00752703 1807
9736e55b 1808 d->phys_map = (PhysPageEntry) { .ptr = PHYS_MAP_NODE_NIL, .skip = 1 };
00752703
PB		 1809 d->as = as;
1810 as->next_dispatch = d;
1811}
1812
1813static void mem_commit(MemoryListener *listener)
ac1970fb 1814{
89ae337a 1815 AddressSpace *as = container_of(listener, AddressSpace, dispatch_listener);
0475d94f
PB		 1816 AddressSpaceDispatch *cur = as->dispatch;
1817 AddressSpaceDispatch *next = as->next_dispatch;
1818
53cb28cb 1819 phys_page_compact_all(next, next->map.nodes_nb);
b35ba30f 1820
0475d94f 1821 as->dispatch = next;
b41aac4f 1822
53cb28cb
MA		 1823 if (cur) {
1824 phys_sections_free(&cur->map);
1825 g_free(cur);
1826 }
9affd6fc
PB		 1827}
1828
1d71148e 1829static void tcg_commit(MemoryListener *listener)
50c1e149 1830{
182735ef 1831 CPUState *cpu;
117712c3
AK		 1832
1833 /* since each CPU stores ram addresses in its TLB cache, we must
1834 reset the modified entries */
1835 /* XXX: slow ! */
bdc44640 1836 CPU_FOREACH(cpu) {
33bde2e1
EI		 1837 /* FIXME: Disentangle the cpu.h circular files deps so we can
1838 directly get the right CPU from listener. */
1839 if (cpu->tcg_as_listener != listener) {
1840 continue;
1841 }
00c8cb0a 1842 tlb_flush(cpu, 1);
117712c3 1843 }
50c1e149
AK		 1844}
1845
93632747
AK		 1846static void core_log_global_start(MemoryListener *listener)
1847{
981fdf23 1848 cpu_physical_memory_set_dirty_tracking(true);
93632747
AK		 1849}
1850
1851static void core_log_global_stop(MemoryListener *listener)
1852{
981fdf23 1853 cpu_physical_memory_set_dirty_tracking(false);
93632747
AK		 1854}
1855
93632747 1856static MemoryListener core_memory_listener = {
93632747
AK		 1857 .log_global_start = core_log_global_start,
1858 .log_global_stop = core_log_global_stop,
ac1970fb 1859 .priority = 1,
93632747
AK		 1860};
1861
ac1970fb
AK		 1862void address_space_init_dispatch(AddressSpace *as)
1863{
00752703 1864 as->dispatch = NULL;
89ae337a 1865 as->dispatch_listener = (MemoryListener) {
ac1970fb 1866 .begin = mem_begin,
00752703 1867 .commit = mem_commit,
ac1970fb
AK		 1868 .region_add = mem_add,
1869 .region_nop = mem_add,
1870 .priority = 0,
1871 };
89ae337a 1872 memory_listener_register(&as->dispatch_listener, as);
ac1970fb
AK		 1873}
1874
83f3c251
AK		 1875void address_space_destroy_dispatch(AddressSpace *as)
1876{
1877 AddressSpaceDispatch *d = as->dispatch;
1878
89ae337a 1879 memory_listener_unregister(&as->dispatch_listener);
83f3c251
AK		 1880 g_free(d);
1881 as->dispatch = NULL;
1882}
1883
62152b8a
AK		 1884static void memory_map_init(void)
1885{
7267c094 1886 system_memory = g_malloc(sizeof(*system_memory));
03f49957 1887
57271d63 1888 memory_region_init(system_memory, NULL, "system", UINT64_MAX);
7dca8043 1889 address_space_init(&address_space_memory, system_memory, "memory");
309cb471 1890
7267c094 1891 system_io = g_malloc(sizeof(*system_io));
3bb28b72
JK		 1892 memory_region_init_io(system_io, NULL, &unassigned_io_ops, NULL, "io",
1893 65536);
7dca8043 1894 address_space_init(&address_space_io, system_io, "I/O");
93632747 1895
f6790af6 1896 memory_listener_register(&core_memory_listener, &address_space_memory);
62152b8a
AK		 1897}
1898
1899MemoryRegion *get_system_memory(void)
1900{
1901 return system_memory;
1902}
1903
309cb471
AK		 1904MemoryRegion *get_system_io(void)
1905{
1906 return system_io;
1907}
1908
e2eef170
PB		 1909#endif /* !defined(CONFIG_USER_ONLY) */
1910
13eb76e0
FB		 1911/* physical memory access (slow version, mainly for debug) */
1912#if defined(CONFIG_USER_ONLY)
f17ec444 1913int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
a68fe89c 1914 uint8_t *buf, int len, int is_write)
13eb76e0
FB		 1915{
1916 int l, flags;
1917 target_ulong page;
53a5960a 1918 void * p;
13eb76e0
FB		 1919
1920 while (len > 0) {
1921 page = addr & TARGET_PAGE_MASK;
1922 l = (page + TARGET_PAGE_SIZE) - addr;
1923 if (l > len)
1924 l = len;
1925 flags = page_get_flags(page);
1926 if (!(flags & PAGE_VALID))
a68fe89c 1927 return -1;
13eb76e0
FB		 1928 if (is_write) {
1929 if (!(flags & PAGE_WRITE))
a68fe89c 1930 return -1;
579a97f7 1931 /* XXX: this code should not depend on lock_user */
72fb7daa 1932 if (!(p = lock_user(VERIFY_WRITE, addr, l, 0)))
a68fe89c 1933 return -1;
72fb7daa
AJ		 1934 memcpy(p, buf, l);
1935 unlock_user(p, addr, l);
13eb76e0
FB		 1936 } else {
1937 if (!(flags & PAGE_READ))
a68fe89c 1938 return -1;
579a97f7 1939 /* XXX: this code should not depend on lock_user */
72fb7daa 1940 if (!(p = lock_user(VERIFY_READ, addr, l, 1)))
a68fe89c 1941 return -1;
72fb7daa 1942 memcpy(buf, p, l);
5b257578 1943 unlock_user(p, addr, 0);
13eb76e0
FB		 1944 }
1945 len -= l;
1946 buf += l;
1947 addr += l;
1948 }
a68fe89c 1949 return 0;
13eb76e0 1950}
8df1cd07 1951
13eb76e0 1952#else
51d7a9eb 1953
a8170e5e
AK		 1954static void invalidate_and_set_dirty(hwaddr addr,
1955 hwaddr length)
51d7a9eb 1956{
a2cd8c85 1957 if (cpu_physical_memory_is_clean(addr)) {
51d7a9eb
AP		 1958 /* invalidate code */
1959 tb_invalidate_phys_page_range(addr, addr + length, 0);
1960 /* set dirty bit */
52159192
JQ		 1961 cpu_physical_memory_set_dirty_flag(addr, DIRTY_MEMORY_VGA);
1962 cpu_physical_memory_set_dirty_flag(addr, DIRTY_MEMORY_MIGRATION);
51d7a9eb 1963 }
e226939d 1964 xen_modified_memory(addr, length);
51d7a9eb
AP		 1965}
1966
23326164 1967static int memory_access_size(MemoryRegion *mr, unsigned l, hwaddr addr)
82f2563f 1968{
e1622f4b 1969 unsigned access_size_max = mr->ops->valid.max_access_size;
23326164
RH		 1970
1971 /* Regions are assumed to support 1-4 byte accesses unless
1972 otherwise specified. */
23326164
RH		 1973 if (access_size_max == 0) {
1974 access_size_max = 4;
1975 }
1976
1977 /* Bound the maximum access by the alignment of the address. */
1978 if (!mr->ops->impl.unaligned) {
1979 unsigned align_size_max = addr & -addr;
1980 if (align_size_max != 0 && align_size_max < access_size_max) {
1981 access_size_max = align_size_max;
1982 }
82f2563f 1983 }
23326164
RH		 1984
1985 /* Don't attempt accesses larger than the maximum. */
1986 if (l > access_size_max) {
1987 l = access_size_max;
82f2563f 1988 }
098178f2
PB		 1989 if (l & (l - 1)) {
1990 l = 1 << (qemu_fls(l) - 1);
1991 }
23326164
RH		 1992
1993 return l;
82f2563f
PB		 1994}
1995
fd8aaa76 1996bool address_space_rw(AddressSpace *as, hwaddr addr, uint8_t *buf,
ac1970fb 1997 int len, bool is_write)
13eb76e0 1998{
149f54b5 1999 hwaddr l;
13eb76e0 2000 uint8_t *ptr;
791af8c8 2001 uint64_t val;
149f54b5 2002 hwaddr addr1;
5c8a00ce 2003 MemoryRegion *mr;
fd8aaa76 2004 bool error = false;
3b46e624 2005
13eb76e0 2006 while (len > 0) {
149f54b5 2007 l = len;
5c8a00ce 2008 mr = address_space_translate(as, addr, &addr1, &l, is_write);
3b46e624 2009
13eb76e0 2010 if (is_write) {
5c8a00ce
PB		 2011 if (!memory_access_is_direct(mr, is_write)) {
2012 l = memory_access_size(mr, l, addr1);
4917cf44 2013 /* XXX: could force current_cpu to NULL to avoid
6a00d601 2014 potential bugs */
23326164
RH		 2015 switch (l) {
2016 case 8:
2017 /* 64 bit write access */
2018 val = ldq_p(buf);
2019 error |= io_mem_write(mr, addr1, val, 8);
2020 break;
2021 case 4:
1c213d19 2022 /* 32 bit write access */
c27004ec 2023 val = ldl_p(buf);
5c8a00ce 2024 error |= io_mem_write(mr, addr1, val, 4);
23326164
RH		 2025 break;
2026 case 2:
1c213d19 2027 /* 16 bit write access */
c27004ec 2028 val = lduw_p(buf);
5c8a00ce 2029 error |= io_mem_write(mr, addr1, val, 2);
23326164
RH		 2030 break;
2031 case 1:
1c213d19 2032 /* 8 bit write access */
c27004ec 2033 val = ldub_p(buf);
5c8a00ce 2034 error |= io_mem_write(mr, addr1, val, 1);
23326164
RH		 2035 break;
2036 default:
2037 abort();
13eb76e0 2038 }
2bbfa05d 2039 } else {
5c8a00ce 2040 addr1 += memory_region_get_ram_addr(mr);
13eb76e0 2041 /* RAM case */
5579c7f3 2042 ptr = qemu_get_ram_ptr(addr1);
13eb76e0 2043 memcpy(ptr, buf, l);
51d7a9eb 2044 invalidate_and_set_dirty(addr1, l);
13eb76e0
FB		 2045 }
2046 } else {
5c8a00ce 2047 if (!memory_access_is_direct(mr, is_write)) {
13eb76e0 2048 /* I/O case */
5c8a00ce 2049 l = memory_access_size(mr, l, addr1);
23326164
RH		 2050 switch (l) {
2051 case 8:
2052 /* 64 bit read access */
2053 error |= io_mem_read(mr, addr1, &val, 8);
2054 stq_p(buf, val);
2055 break;
2056 case 4:
13eb76e0 2057 /* 32 bit read access */
5c8a00ce 2058 error |= io_mem_read(mr, addr1, &val, 4);
c27004ec 2059 stl_p(buf, val);
23326164
RH		 2060 break;
2061 case 2:
13eb76e0 2062 /* 16 bit read access */
5c8a00ce 2063 error |= io_mem_read(mr, addr1, &val, 2);
c27004ec 2064 stw_p(buf, val);
23326164
RH		 2065 break;
2066 case 1:
1c213d19 2067 /* 8 bit read access */
5c8a00ce 2068 error |= io_mem_read(mr, addr1, &val, 1);
c27004ec 2069 stb_p(buf, val);
23326164
RH		 2070 break;
2071 default:
2072 abort();
13eb76e0
FB		 2073 }
2074 } else {
2075 /* RAM case */
5c8a00ce 2076 ptr = qemu_get_ram_ptr(mr->ram_addr + addr1);
f3705d53 2077 memcpy(buf, ptr, l);
13eb76e0
FB		 2078 }
2079 }
2080 len -= l;
2081 buf += l;
2082 addr += l;
2083 }
fd8aaa76
PB		 2084
2085 return error;
13eb76e0 2086}
8df1cd07 2087
fd8aaa76 2088bool address_space_write(AddressSpace *as, hwaddr addr,
ac1970fb
AK		 2089 const uint8_t *buf, int len)
2090{
fd8aaa76 2091 return address_space_rw(as, addr, (uint8_t *)buf, len, true);
ac1970fb
AK		 2092}
2093
fd8aaa76 2094bool address_space_read(AddressSpace *as, hwaddr addr, uint8_t *buf, int len)
ac1970fb 2095{
fd8aaa76 2096 return address_space_rw(as, addr, buf, len, false);
ac1970fb
AK		 2097}
2098
2099
a8170e5e 2100void cpu_physical_memory_rw(hwaddr addr, uint8_t *buf,
ac1970fb
AK		 2101 int len, int is_write)
2102{
fd8aaa76 2103 address_space_rw(&address_space_memory, addr, buf, len, is_write);
ac1970fb
AK		 2104}
2105
582b55a9
AG		 2106enum write_rom_type {
2107 WRITE_DATA,
2108 FLUSH_CACHE,
2109};
2110
2a221651 2111static inline void cpu_physical_memory_write_rom_internal(AddressSpace *as,
582b55a9 2112 hwaddr addr, const uint8_t *buf, int len, enum write_rom_type type)
d0ecd2aa 2113{
149f54b5 2114 hwaddr l;
d0ecd2aa 2115 uint8_t *ptr;
149f54b5 2116 hwaddr addr1;
5c8a00ce 2117 MemoryRegion *mr;
3b46e624 2118
d0ecd2aa 2119 while (len > 0) {
149f54b5 2120 l = len;
2a221651 2121 mr = address_space_translate(as, addr, &addr1, &l, true);
3b46e624 2122
5c8a00ce
PB		 2123 if (!(memory_region_is_ram(mr) ||
2124 memory_region_is_romd(mr))) {
d0ecd2aa
FB		 2125 /* do nothing */
2126 } else {
5c8a00ce 2127 addr1 += memory_region_get_ram_addr(mr);
d0ecd2aa 2128 /* ROM/RAM case */
5579c7f3 2129 ptr = qemu_get_ram_ptr(addr1);
582b55a9
AG		 2130 switch (type) {
2131 case WRITE_DATA:
2132 memcpy(ptr, buf, l);
2133 invalidate_and_set_dirty(addr1, l);
2134 break;
2135 case FLUSH_CACHE:
2136 flush_icache_range((uintptr_t)ptr, (uintptr_t)ptr + l);
2137 break;
2138 }
d0ecd2aa
FB		 2139 }
2140 len -= l;
2141 buf += l;
2142 addr += l;
2143 }
2144}
2145
582b55a9 2146/* used for ROM loading : can write in RAM and ROM */
2a221651 2147void cpu_physical_memory_write_rom(AddressSpace *as, hwaddr addr,
582b55a9
AG		 2148 const uint8_t *buf, int len)
2149{
2a221651 2150 cpu_physical_memory_write_rom_internal(as, addr, buf, len, WRITE_DATA);
582b55a9
AG		 2151}
2152
2153void cpu_flush_icache_range(hwaddr start, int len)
2154{
2155 /*
2156 * This function should do the same thing as an icache flush that was
2157 * triggered from within the guest. For TCG we are always cache coherent,
2158 * so there is no need to flush anything. For KVM / Xen we need to flush
2159 * the host's instruction cache at least.
2160 */
2161 if (tcg_enabled()) {
2162 return;
2163 }
2164
2a221651
EI		 2165 cpu_physical_memory_write_rom_internal(&address_space_memory,
2166 start, NULL, len, FLUSH_CACHE);
582b55a9
AG		 2167}
2168
6d16c2f8 2169typedef struct {
d3e71559 2170 MemoryRegion *mr;
6d16c2f8 2171 void *buffer;
a8170e5e
AK		 2172 hwaddr addr;
2173 hwaddr len;
6d16c2f8
AL		 2174} BounceBuffer;
2175
2176static BounceBuffer bounce;
2177
ba223c29
AL		 2178typedef struct MapClient {
2179 void *opaque;
2180 void (*callback)(void *opaque);
72cf2d4f 2181 QLIST_ENTRY(MapClient) link;
ba223c29
AL		 2182} MapClient;
2183
72cf2d4f
BS		 2184static QLIST_HEAD(map_client_list, MapClient) map_client_list
2185 = QLIST_HEAD_INITIALIZER(map_client_list);
ba223c29
AL		 2186
2187void *cpu_register_map_client(void *opaque, void (*callback)(void *opaque))
2188{
7267c094 2189 MapClient *client = g_malloc(sizeof(*client));
ba223c29
AL		 2190
2191 client->opaque = opaque;
2192 client->callback = callback;
72cf2d4f 2193 QLIST_INSERT_HEAD(&map_client_list, client, link);
ba223c29
AL		 2194 return client;
2195}
2196
8b9c99d9 2197static void cpu_unregister_map_client(void *_client)
ba223c29
AL		 2198{
2199 MapClient *client = (MapClient *)_client;
2200
72cf2d4f 2201 QLIST_REMOVE(client, link);
7267c094 2202 g_free(client);
ba223c29
AL		 2203}
2204
2205static void cpu_notify_map_clients(void)
2206{
2207 MapClient *client;
2208
72cf2d4f
BS		 2209 while (!QLIST_EMPTY(&map_client_list)) {
2210 client = QLIST_FIRST(&map_client_list);
ba223c29 2211 client->callback(client->opaque);
34d5e948 2212 cpu_unregister_map_client(client);
ba223c29
AL		 2213 }
2214}
2215
51644ab7
PB		 2216bool address_space_access_valid(AddressSpace *as, hwaddr addr, int len, bool is_write)
2217{
5c8a00ce 2218 MemoryRegion *mr;
51644ab7
PB		 2219 hwaddr l, xlat;
2220
2221 while (len > 0) {
2222 l = len;
5c8a00ce
PB		 2223 mr = address_space_translate(as, addr, &xlat, &l, is_write);
2224 if (!memory_access_is_direct(mr, is_write)) {
2225 l = memory_access_size(mr, l, addr);
2226 if (!memory_region_access_valid(mr, xlat, l, is_write)) {
51644ab7
PB		 2227 return false;
2228 }
2229 }
2230
2231 len -= l;
2232 addr += l;
2233 }
2234 return true;
2235}
2236
6d16c2f8
AL		 2237/* Map a physical memory region into a host virtual address.
2238 * May map a subset of the requested range, given by and returned in *plen.
2239 * May return NULL if resources needed to perform the mapping are exhausted.
2240 * Use only for reads OR writes - not for read-modify-write operations.
ba223c29
AL		 2241 * Use cpu_register_map_client() to know when retrying the map operation is
2242 * likely to succeed.
6d16c2f8 2243 */
ac1970fb 2244void *address_space_map(AddressSpace *as,
a8170e5e
AK		 2245 hwaddr addr,
2246 hwaddr *plen,
ac1970fb 2247 bool is_write)
6d16c2f8 2248{
a8170e5e 2249 hwaddr len = *plen;
e3127ae0
PB		 2250 hwaddr done = 0;
2251 hwaddr l, xlat, base;
2252 MemoryRegion *mr, *this_mr;
2253 ram_addr_t raddr;
6d16c2f8 2254
e3127ae0
PB		 2255 if (len == 0) {
2256 return NULL;
2257 }
38bee5dc 2258
e3127ae0
PB		 2259 l = len;
2260 mr = address_space_translate(as, addr, &xlat, &l, is_write);
2261 if (!memory_access_is_direct(mr, is_write)) {
2262 if (bounce.buffer) {
2263 return NULL;
6d16c2f8 2264 }
e85d9db5
KW		 2265 /* Avoid unbounded allocations */
2266 l = MIN(l, TARGET_PAGE_SIZE);
2267 bounce.buffer = qemu_memalign(TARGET_PAGE_SIZE, l);
e3127ae0
PB		 2268 bounce.addr = addr;
2269 bounce.len = l;
d3e71559
PB		 2270
2271 memory_region_ref(mr);
2272 bounce.mr = mr;
e3127ae0
PB		 2273 if (!is_write) {
2274 address_space_read(as, addr, bounce.buffer, l);
8ab934f9 2275 }
6d16c2f8 2276
e3127ae0
PB		 2277 *plen = l;
2278 return bounce.buffer;
2279 }
2280
2281 base = xlat;
2282 raddr = memory_region_get_ram_addr(mr);
2283
2284 for (;;) {
6d16c2f8
AL		 2285 len -= l;
2286 addr += l;
e3127ae0
PB		 2287 done += l;
2288 if (len == 0) {
2289 break;
2290 }
2291
2292 l = len;
2293 this_mr = address_space_translate(as, addr, &xlat, &l, is_write);
2294 if (this_mr != mr || xlat != base + done) {
2295 break;
2296 }
6d16c2f8 2297 }
e3127ae0 2298
d3e71559 2299 memory_region_ref(mr);
e3127ae0
PB		 2300 *plen = done;
2301 return qemu_ram_ptr_length(raddr + base, plen);
6d16c2f8
AL		 2302}
2303
ac1970fb 2304/* Unmaps a memory region previously mapped by address_space_map().
6d16c2f8
AL		 2305 * Will also mark the memory as dirty if is_write == 1. access_len gives
2306 * the amount of memory that was actually read or written by the caller.
2307 */
a8170e5e
AK		 2308void address_space_unmap(AddressSpace *as, void *buffer, hwaddr len,
2309 int is_write, hwaddr access_len)
6d16c2f8
AL		 2310{
2311 if (buffer != bounce.buffer) {
d3e71559
PB		 2312 MemoryRegion *mr;
2313 ram_addr_t addr1;
2314
2315 mr = qemu_ram_addr_from_host(buffer, &addr1);
2316 assert(mr != NULL);
6d16c2f8 2317 if (is_write) {
6d16c2f8
AL		 2318 while (access_len) {
2319 unsigned l;
2320 l = TARGET_PAGE_SIZE;
2321 if (l > access_len)
2322 l = access_len;
51d7a9eb 2323 invalidate_and_set_dirty(addr1, l);
6d16c2f8
AL		 2324 addr1 += l;
2325 access_len -= l;
2326 }
2327 }
868bb33f 2328 if (xen_enabled()) {
e41d7c69 2329 xen_invalidate_map_cache_entry(buffer);
050a0ddf 2330 }
d3e71559 2331 memory_region_unref(mr);
6d16c2f8
AL		 2332 return;
2333 }
2334 if (is_write) {
ac1970fb 2335 address_space_write(as, bounce.addr, bounce.buffer, access_len);
6d16c2f8 2336 }
f8a83245 2337 qemu_vfree(bounce.buffer);
6d16c2f8 2338 bounce.buffer = NULL;
d3e71559 2339 memory_region_unref(bounce.mr);
ba223c29 2340 cpu_notify_map_clients();
6d16c2f8 2341}
d0ecd2aa 2342
a8170e5e
AK		 2343void *cpu_physical_memory_map(hwaddr addr,
2344 hwaddr *plen,
ac1970fb
AK		 2345 int is_write)
2346{
2347 return address_space_map(&address_space_memory, addr, plen, is_write);
2348}
2349
a8170e5e
AK		 2350void cpu_physical_memory_unmap(void *buffer, hwaddr len,
2351 int is_write, hwaddr access_len)
ac1970fb
AK		 2352{
2353 return address_space_unmap(&address_space_memory, buffer, len, is_write, access_len);
2354}
2355
8df1cd07 2356/* warning: addr must be aligned */
fdfba1a2 2357static inline uint32_t ldl_phys_internal(AddressSpace *as, hwaddr addr,
1e78bcc1 2358 enum device_endian endian)
8df1cd07 2359{
8df1cd07 2360 uint8_t *ptr;
791af8c8 2361 uint64_t val;
5c8a00ce 2362 MemoryRegion *mr;
149f54b5
PB		 2363 hwaddr l = 4;
2364 hwaddr addr1;
8df1cd07 2365
fdfba1a2 2366 mr = address_space_translate(as, addr, &addr1, &l, false);
5c8a00ce 2367 if (l < 4 || !memory_access_is_direct(mr, false)) {
8df1cd07 2368 /* I/O case */
5c8a00ce 2369 io_mem_read(mr, addr1, &val, 4);
1e78bcc1
AG		 2370#if defined(TARGET_WORDS_BIGENDIAN)
2371 if (endian == DEVICE_LITTLE_ENDIAN) {
2372 val = bswap32(val);
2373 }
2374#else
2375 if (endian == DEVICE_BIG_ENDIAN) {
2376 val = bswap32(val);
2377 }
2378#endif
8df1cd07
FB		 2379 } else {
2380 /* RAM case */
5c8a00ce 2381 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(mr)
06ef3525 2382 & TARGET_PAGE_MASK)
149f54b5 2383 + addr1);
1e78bcc1
AG		 2384 switch (endian) {
2385 case DEVICE_LITTLE_ENDIAN:
2386 val = ldl_le_p(ptr);
2387 break;
2388 case DEVICE_BIG_ENDIAN:
2389 val = ldl_be_p(ptr);
2390 break;
2391 default:
2392 val = ldl_p(ptr);
2393 break;
2394 }
8df1cd07
FB		 2395 }
2396 return val;
2397}
2398
fdfba1a2 2399uint32_t ldl_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2400{
fdfba1a2 2401 return ldl_phys_internal(as, addr, DEVICE_NATIVE_ENDIAN);
1e78bcc1
AG		 2402}
2403
fdfba1a2 2404uint32_t ldl_le_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2405{
fdfba1a2 2406 return ldl_phys_internal(as, addr, DEVICE_LITTLE_ENDIAN);
1e78bcc1
AG		 2407}
2408
fdfba1a2 2409uint32_t ldl_be_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2410{
fdfba1a2 2411 return ldl_phys_internal(as, addr, DEVICE_BIG_ENDIAN);
1e78bcc1
AG		 2412}
2413
84b7b8e7 2414/* warning: addr must be aligned */
2c17449b 2415static inline uint64_t ldq_phys_internal(AddressSpace *as, hwaddr addr,
1e78bcc1 2416 enum device_endian endian)
84b7b8e7 2417{
84b7b8e7
FB		 2418 uint8_t *ptr;
2419 uint64_t val;
5c8a00ce 2420 MemoryRegion *mr;
149f54b5
PB		 2421 hwaddr l = 8;
2422 hwaddr addr1;
84b7b8e7 2423
2c17449b 2424 mr = address_space_translate(as, addr, &addr1, &l,
5c8a00ce
PB		 2425 false);
2426 if (l < 8 || !memory_access_is_direct(mr, false)) {
84b7b8e7 2427 /* I/O case */
5c8a00ce 2428 io_mem_read(mr, addr1, &val, 8);
968a5627
PB		 2429#if defined(TARGET_WORDS_BIGENDIAN)
2430 if (endian == DEVICE_LITTLE_ENDIAN) {
2431 val = bswap64(val);
2432 }
2433#else
2434 if (endian == DEVICE_BIG_ENDIAN) {
2435 val = bswap64(val);
2436 }
84b7b8e7
FB		 2437#endif
2438 } else {
2439 /* RAM case */
5c8a00ce 2440 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(mr)
06ef3525 2441 & TARGET_PAGE_MASK)
149f54b5 2442 + addr1);
1e78bcc1
AG		 2443 switch (endian) {
2444 case DEVICE_LITTLE_ENDIAN:
2445 val = ldq_le_p(ptr);
2446 break;
2447 case DEVICE_BIG_ENDIAN:
2448 val = ldq_be_p(ptr);
2449 break;
2450 default:
2451 val = ldq_p(ptr);
2452 break;
2453 }
84b7b8e7
FB		 2454 }
2455 return val;
2456}
2457
2c17449b 2458uint64_t ldq_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2459{
2c17449b 2460 return ldq_phys_internal(as, addr, DEVICE_NATIVE_ENDIAN);
1e78bcc1
AG		 2461}
2462
2c17449b 2463uint64_t ldq_le_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2464{
2c17449b 2465 return ldq_phys_internal(as, addr, DEVICE_LITTLE_ENDIAN);
1e78bcc1
AG		 2466}
2467
2c17449b 2468uint64_t ldq_be_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2469{
2c17449b 2470 return ldq_phys_internal(as, addr, DEVICE_BIG_ENDIAN);
1e78bcc1
AG		 2471}
2472
aab33094 2473/* XXX: optimize */
2c17449b 2474uint32_t ldub_phys(AddressSpace *as, hwaddr addr)
aab33094
FB		 2475{
2476 uint8_t val;
2c17449b 2477 address_space_rw(as, addr, &val, 1, 0);
aab33094
FB		 2478 return val;
2479}
2480
733f0b02 2481/* warning: addr must be aligned */
41701aa4 2482static inline uint32_t lduw_phys_internal(AddressSpace *as, hwaddr addr,
1e78bcc1 2483 enum device_endian endian)
aab33094 2484{
733f0b02
MT		 2485 uint8_t *ptr;
2486 uint64_t val;
5c8a00ce 2487 MemoryRegion *mr;
149f54b5
PB		 2488 hwaddr l = 2;
2489 hwaddr addr1;
733f0b02 2490
41701aa4 2491 mr = address_space_translate(as, addr, &addr1, &l,
5c8a00ce
PB		 2492 false);
2493 if (l < 2 || !memory_access_is_direct(mr, false)) {
733f0b02 2494 /* I/O case */
5c8a00ce 2495 io_mem_read(mr, addr1, &val, 2);
1e78bcc1
AG		 2496#if defined(TARGET_WORDS_BIGENDIAN)
2497 if (endian == DEVICE_LITTLE_ENDIAN) {
2498 val = bswap16(val);
2499 }
2500#else
2501 if (endian == DEVICE_BIG_ENDIAN) {
2502 val = bswap16(val);
2503 }
2504#endif
733f0b02
MT		 2505 } else {
2506 /* RAM case */
5c8a00ce 2507 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(mr)
06ef3525 2508 & TARGET_PAGE_MASK)
149f54b5 2509 + addr1);
1e78bcc1
AG		 2510 switch (endian) {
2511 case DEVICE_LITTLE_ENDIAN:
2512 val = lduw_le_p(ptr);
2513 break;
2514 case DEVICE_BIG_ENDIAN:
2515 val = lduw_be_p(ptr);
2516 break;
2517 default:
2518 val = lduw_p(ptr);
2519 break;
2520 }
733f0b02
MT		 2521 }
2522 return val;
aab33094
FB		 2523}
2524
41701aa4 2525uint32_t lduw_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2526{
41701aa4 2527 return lduw_phys_internal(as, addr, DEVICE_NATIVE_ENDIAN);
1e78bcc1
AG		 2528}
2529
41701aa4 2530uint32_t lduw_le_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2531{
41701aa4 2532 return lduw_phys_internal(as, addr, DEVICE_LITTLE_ENDIAN);
1e78bcc1
AG		 2533}
2534
41701aa4 2535uint32_t lduw_be_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2536{
41701aa4 2537 return lduw_phys_internal(as, addr, DEVICE_BIG_ENDIAN);
1e78bcc1
AG		 2538}
2539
8df1cd07
FB		 2540/* warning: addr must be aligned. The ram page is not masked as dirty
2541 and the code inside is not invalidated. It is useful if the dirty
2542 bits are used to track modified PTEs */
2198a121 2543void stl_phys_notdirty(AddressSpace *as, hwaddr addr, uint32_t val)
8df1cd07 2544{
8df1cd07 2545 uint8_t *ptr;
5c8a00ce 2546 MemoryRegion *mr;
149f54b5
PB		 2547 hwaddr l = 4;
2548 hwaddr addr1;
8df1cd07 2549
2198a121 2550 mr = address_space_translate(as, addr, &addr1, &l,
5c8a00ce
PB		 2551 true);
2552 if (l < 4 || !memory_access_is_direct(mr, true)) {
2553 io_mem_write(mr, addr1, val, 4);
8df1cd07 2554 } else {
5c8a00ce 2555 addr1 += memory_region_get_ram_addr(mr) & TARGET_PAGE_MASK;
5579c7f3 2556 ptr = qemu_get_ram_ptr(addr1);
8df1cd07 2557 stl_p(ptr, val);
74576198
AL		 2558
2559 if (unlikely(in_migration)) {
a2cd8c85 2560 if (cpu_physical_memory_is_clean(addr1)) {
74576198
AL		 2561 /* invalidate code */
2562 tb_invalidate_phys_page_range(addr1, addr1 + 4, 0);
2563 /* set dirty bit */
52159192
JQ		 2564 cpu_physical_memory_set_dirty_flag(addr1,
2565 DIRTY_MEMORY_MIGRATION);
2566 cpu_physical_memory_set_dirty_flag(addr1, DIRTY_MEMORY_VGA);
74576198
AL		 2567 }
2568 }
8df1cd07
FB		 2569 }
2570}
2571
2572/* warning: addr must be aligned */
ab1da857
EI		 2573static inline void stl_phys_internal(AddressSpace *as,
2574 hwaddr addr, uint32_t val,
1e78bcc1 2575 enum device_endian endian)
8df1cd07 2576{
8df1cd07 2577 uint8_t *ptr;
5c8a00ce 2578 MemoryRegion *mr;
149f54b5
PB		 2579 hwaddr l = 4;
2580 hwaddr addr1;
8df1cd07 2581
ab1da857 2582 mr = address_space_translate(as, addr, &addr1, &l,
5c8a00ce
PB		 2583 true);
2584 if (l < 4 || !memory_access_is_direct(mr, true)) {
1e78bcc1
AG		 2585#if defined(TARGET_WORDS_BIGENDIAN)
2586 if (endian == DEVICE_LITTLE_ENDIAN) {
2587 val = bswap32(val);
2588 }
2589#else
2590 if (endian == DEVICE_BIG_ENDIAN) {
2591 val = bswap32(val);
2592 }
2593#endif
5c8a00ce 2594 io_mem_write(mr, addr1, val, 4);
8df1cd07 2595 } else {
8df1cd07 2596 /* RAM case */
5c8a00ce 2597 addr1 += memory_region_get_ram_addr(mr) & TARGET_PAGE_MASK;
5579c7f3 2598 ptr = qemu_get_ram_ptr(addr1);
1e78bcc1
AG		 2599 switch (endian) {
2600 case DEVICE_LITTLE_ENDIAN:
2601 stl_le_p(ptr, val);
2602 break;
2603 case DEVICE_BIG_ENDIAN:
2604 stl_be_p(ptr, val);
2605 break;
2606 default:
2607 stl_p(ptr, val);
2608 break;
2609 }
51d7a9eb 2610 invalidate_and_set_dirty(addr1, 4);
8df1cd07
FB		 2611 }
2612}
2613
ab1da857 2614void stl_phys(AddressSpace *as, hwaddr addr, uint32_t val)
1e78bcc1 2615{
ab1da857 2616 stl_phys_internal(as, addr, val, DEVICE_NATIVE_ENDIAN);
1e78bcc1
AG		 2617}
2618
ab1da857 2619void stl_le_phys(AddressSpace *as, hwaddr addr, uint32_t val)
1e78bcc1 2620{
ab1da857 2621 stl_phys_internal(as, addr, val, DEVICE_LITTLE_ENDIAN);
1e78bcc1
AG		 2622}
2623
ab1da857 2624void stl_be_phys(AddressSpace *as, hwaddr addr, uint32_t val)
1e78bcc1 2625{
ab1da857 2626 stl_phys_internal(as, addr, val, DEVICE_BIG_ENDIAN);
1e78bcc1
AG		 2627}
2628
aab33094 2629/* XXX: optimize */
db3be60d 2630void stb_phys(AddressSpace *as, hwaddr addr, uint32_t val)
aab33094
FB		 2631{
2632 uint8_t v = val;
db3be60d 2633 address_space_rw(as, addr, &v, 1, 1);
aab33094
FB		 2634}
2635
733f0b02 2636/* warning: addr must be aligned */
5ce5944d
EI		 2637static inline void stw_phys_internal(AddressSpace *as,
2638 hwaddr addr, uint32_t val,
1e78bcc1 2639 enum device_endian endian)
aab33094 2640{
733f0b02 2641 uint8_t *ptr;
5c8a00ce 2642 MemoryRegion *mr;
149f54b5
PB		 2643 hwaddr l = 2;
2644 hwaddr addr1;
733f0b02 2645
5ce5944d 2646 mr = address_space_translate(as, addr, &addr1, &l, true);
5c8a00ce 2647 if (l < 2 || !memory_access_is_direct(mr, true)) {
1e78bcc1
AG		 2648#if defined(TARGET_WORDS_BIGENDIAN)
2649 if (endian == DEVICE_LITTLE_ENDIAN) {
2650 val = bswap16(val);
2651 }
2652#else
2653 if (endian == DEVICE_BIG_ENDIAN) {
2654 val = bswap16(val);
2655 }
2656#endif
5c8a00ce 2657 io_mem_write(mr, addr1, val, 2);
733f0b02 2658 } else {
733f0b02 2659 /* RAM case */
5c8a00ce 2660 addr1 += memory_region_get_ram_addr(mr) & TARGET_PAGE_MASK;
733f0b02 2661 ptr = qemu_get_ram_ptr(addr1);
1e78bcc1
AG		 2662 switch (endian) {
2663 case DEVICE_LITTLE_ENDIAN:
2664 stw_le_p(ptr, val);
2665 break;
2666 case DEVICE_BIG_ENDIAN:
2667 stw_be_p(ptr, val);
2668 break;
2669 default:
2670 stw_p(ptr, val);
2671 break;
2672 }
51d7a9eb 2673 invalidate_and_set_dirty(addr1, 2);
733f0b02 2674 }
aab33094
FB		 2675}
2676
5ce5944d 2677void stw_phys(AddressSpace *as, hwaddr addr, uint32_t val)
1e78bcc1 2678{
5ce5944d 2679 stw_phys_internal(as, addr, val, DEVICE_NATIVE_ENDIAN);
1e78bcc1
AG		 2680}
2681
5ce5944d 2682void stw_le_phys(AddressSpace *as, hwaddr addr, uint32_t val)
1e78bcc1 2683{
5ce5944d 2684 stw_phys_internal(as, addr, val, DEVICE_LITTLE_ENDIAN);
1e78bcc1
AG		 2685}
2686
5ce5944d 2687void stw_be_phys(AddressSpace *as, hwaddr addr, uint32_t val)
1e78bcc1 2688{
5ce5944d 2689 stw_phys_internal(as, addr, val, DEVICE_BIG_ENDIAN);
1e78bcc1
AG		 2690}
2691
aab33094 2692/* XXX: optimize */
f606604f 2693void stq_phys(AddressSpace *as, hwaddr addr, uint64_t val)
aab33094
FB		 2694{
2695 val = tswap64(val);
f606604f 2696 address_space_rw(as, addr, (void *) &val, 8, 1);
aab33094
FB		 2697}
2698
f606604f 2699void stq_le_phys(AddressSpace *as, hwaddr addr, uint64_t val)
1e78bcc1
AG		 2700{
2701 val = cpu_to_le64(val);
f606604f 2702 address_space_rw(as, addr, (void *) &val, 8, 1);
1e78bcc1
AG		 2703}
2704
f606604f 2705void stq_be_phys(AddressSpace *as, hwaddr addr, uint64_t val)
1e78bcc1
AG		 2706{
2707 val = cpu_to_be64(val);
f606604f 2708 address_space_rw(as, addr, (void *) &val, 8, 1);
1e78bcc1
AG		 2709}
2710
5e2972fd 2711/* virtual memory access for debug (includes writing to ROM) */
f17ec444 2712int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
b448f2f3 2713 uint8_t *buf, int len, int is_write)
13eb76e0
FB		 2714{
2715 int l;
a8170e5e 2716 hwaddr phys_addr;
9b3c35e0 2717 target_ulong page;
13eb76e0
FB		 2718
2719 while (len > 0) {
2720 page = addr & TARGET_PAGE_MASK;
f17ec444 2721 phys_addr = cpu_get_phys_page_debug(cpu, page);
13eb76e0
FB		 2722 /* if no physical page mapped, return an error */
2723 if (phys_addr == -1)
2724 return -1;
2725 l = (page + TARGET_PAGE_SIZE) - addr;
2726 if (l > len)
2727 l = len;
5e2972fd 2728 phys_addr += (addr & ~TARGET_PAGE_MASK);
2e38847b
EI		 2729 if (is_write) {
2730 cpu_physical_memory_write_rom(cpu->as, phys_addr, buf, l);
2731 } else {
2732 address_space_rw(cpu->as, phys_addr, buf, l, 0);
2733 }
13eb76e0
FB		 2734 len -= l;
2735 buf += l;
2736 addr += l;
2737 }
2738 return 0;
2739}
a68fe89c 2740#endif
13eb76e0 2741
8e4a424b
BS		 2742#if !defined(CONFIG_USER_ONLY)
2743
2744/*
2745 * A helper function for the _utterly broken_ virtio device model to find out if
2746 * it's running on a big endian machine. Don't do this at home kids!
2747 */
2748bool virtio_is_big_endian(void);
2749bool virtio_is_big_endian(void)
2750{
2751#if defined(TARGET_WORDS_BIGENDIAN)
2752 return true;
2753#else
2754 return false;
2755#endif
2756}
2757
2758#endif
2759
76f35538 2760#ifndef CONFIG_USER_ONLY
a8170e5e 2761bool cpu_physical_memory_is_io(hwaddr phys_addr)
76f35538 2762{
5c8a00ce 2763 MemoryRegion*mr;
149f54b5 2764 hwaddr l = 1;
76f35538 2765
5c8a00ce
PB		 2766 mr = address_space_translate(&address_space_memory,
2767 phys_addr, &phys_addr, &l, false);
76f35538 2768
5c8a00ce
PB		 2769 return !(memory_region_is_ram(mr) ||
2770 memory_region_is_romd(mr));
76f35538 2771}
bd2fa51f
MH		 2772
2773void qemu_ram_foreach_block(RAMBlockIterFunc func, void *opaque)
2774{
2775 RAMBlock *block;
2776
2777 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
2778 func(block->host, block->offset, block->length, opaque);
2779 }
2780}
ec3f8c99 2781#endif
QEMU mirror