]> git.proxmox.com Git - mirror_qemu.git/blob - exec.c
projects / mirror_qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging
[mirror_qemu.git] / exec.c
1 /*
2 * Virtual page mapping
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18 */
19 #include "config.h"
20 #ifndef _WIN32
21 #include <sys/types.h>
22 #include <sys/mman.h>
23 #endif
24
25 #include "qemu-common.h"
26 #include "cpu.h"
27 #include "tcg.h"
28 #include "hw/hw.h"
29 #include "hw/qdev.h"
30 #include "qemu/osdep.h"
31 #include "sysemu/kvm.h"
32 #include "sysemu/sysemu.h"
33 #include "hw/xen/xen.h"
34 #include "qemu/timer.h"
35 #include "qemu/config-file.h"
36 #include "qemu/error-report.h"
37 #include "exec/memory.h"
38 #include "sysemu/dma.h"
39 #include "exec/address-spaces.h"
40 #if defined(CONFIG_USER_ONLY)
41 #include <qemu.h>
42 #else /* !CONFIG_USER_ONLY */
43 #include "sysemu/xen-mapcache.h"
44 #include "trace.h"
45 #endif
46 #include "exec/cpu-all.h"
47
48 #include "exec/cputlb.h"
49 #include "translate-all.h"
50
51 #include "exec/memory-internal.h"
52 #include "exec/ram_addr.h"
53
54 #include "qemu/range.h"
55
56 //#define DEBUG_SUBPAGE
57
58 #if !defined(CONFIG_USER_ONLY)
59 static bool in_migration;
60
61 RAMList ram_list = { .blocks = QTAILQ_HEAD_INITIALIZER(ram_list.blocks) };
62
63 static MemoryRegion *system_memory;
64 static MemoryRegion *system_io;
65
66 AddressSpace address_space_io;
67 AddressSpace address_space_memory;
68
69 MemoryRegion io_mem_rom, io_mem_notdirty;
70 static MemoryRegion io_mem_unassigned;
71
72 /* RAM is pre-allocated and passed into qemu_ram_alloc_from_ptr */
73 #define RAM_PREALLOC (1 << 0)
74
75 /* RAM is mmap-ed with MAP_SHARED */
76 #define RAM_SHARED (1 << 1)
77
78 #endif
79
80 struct CPUTailQ cpus = QTAILQ_HEAD_INITIALIZER(cpus);
81 /* current CPU in the current thread. It is only valid inside
82 cpu_exec() */
83 DEFINE_TLS(CPUState *, current_cpu);
84 /* 0 = Do not count executed instructions.
85 1 = Precise instruction counting.
86 2 = Adaptive rate instruction counting. */
87 int use_icount;
88
89 #if !defined(CONFIG_USER_ONLY)
90
91 typedef struct PhysPageEntry PhysPageEntry;
92
93 struct PhysPageEntry {
94 /* How many bits skip to next level (in units of L2_SIZE). 0 for a leaf. */
95 uint32_t skip : 6;
96 /* index into phys_sections (!skip) or phys_map_nodes (skip) */
97 uint32_t ptr : 26;
98 };
99
100 #define PHYS_MAP_NODE_NIL (((uint32_t)~0) >> 6)
101
102 /* Size of the L2 (and L3, etc) page tables. */
103 #define ADDR_SPACE_BITS 64
104
105 #define P_L2_BITS 9
106 #define P_L2_SIZE (1 << P_L2_BITS)
107
108 #define P_L2_LEVELS (((ADDR_SPACE_BITS - TARGET_PAGE_BITS - 1) / P_L2_BITS) + 1)
109
110 typedef PhysPageEntry Node[P_L2_SIZE];
111
112 typedef struct PhysPageMap {
113 unsigned sections_nb;
114 unsigned sections_nb_alloc;
115 unsigned nodes_nb;
116 unsigned nodes_nb_alloc;
117 Node *nodes;
118 MemoryRegionSection *sections;
119 } PhysPageMap;
120
121 struct AddressSpaceDispatch {
122 /* This is a multi-level map on the physical address space.
123 * The bottom level has pointers to MemoryRegionSections.
124 */
125 PhysPageEntry phys_map;
126 PhysPageMap map;
127 AddressSpace *as;
128 };
129
130 #define SUBPAGE_IDX(addr) ((addr) & ~TARGET_PAGE_MASK)
131 typedef struct subpage_t {
132 MemoryRegion iomem;
133 AddressSpace *as;
134 hwaddr base;
135 uint16_t sub_section[TARGET_PAGE_SIZE];
136 } subpage_t;
137
138 #define PHYS_SECTION_UNASSIGNED 0
139 #define PHYS_SECTION_NOTDIRTY 1
140 #define PHYS_SECTION_ROM 2
141 #define PHYS_SECTION_WATCH 3
142
143 static void io_mem_init(void);
144 static void memory_map_init(void);
145 static void tcg_commit(MemoryListener *listener);
146
147 static MemoryRegion io_mem_watch;
148 #endif
149
150 #if !defined(CONFIG_USER_ONLY)
151
152 static void phys_map_node_reserve(PhysPageMap *map, unsigned nodes)
153 {
154 if (map->nodes_nb + nodes > map->nodes_nb_alloc) {
155 map->nodes_nb_alloc = MAX(map->nodes_nb_alloc * 2, 16);
156 map->nodes_nb_alloc = MAX(map->nodes_nb_alloc, map->nodes_nb + nodes);
157 map->nodes = g_renew(Node, map->nodes, map->nodes_nb_alloc);
158 }
159 }
160
161 static uint32_t phys_map_node_alloc(PhysPageMap *map)
162 {
163 unsigned i;
164 uint32_t ret;
165
166 ret = map->nodes_nb++;
167 assert(ret != PHYS_MAP_NODE_NIL);
168 assert(ret != map->nodes_nb_alloc);
169 for (i = 0; i < P_L2_SIZE; ++i) {
170 map->nodes[ret][i].skip = 1;
171 map->nodes[ret][i].ptr = PHYS_MAP_NODE_NIL;
172 }
173 return ret;
174 }
175
176 static void phys_page_set_level(PhysPageMap *map, PhysPageEntry *lp,
177 hwaddr *index, hwaddr *nb, uint16_t leaf,
178 int level)
179 {
180 PhysPageEntry *p;
181 int i;
182 hwaddr step = (hwaddr)1 << (level * P_L2_BITS);
183
184 if (lp->skip && lp->ptr == PHYS_MAP_NODE_NIL) {
185 lp->ptr = phys_map_node_alloc(map);
186 p = map->nodes[lp->ptr];
187 if (level == 0) {
188 for (i = 0; i < P_L2_SIZE; i++) {
189 p[i].skip = 0;
190 p[i].ptr = PHYS_SECTION_UNASSIGNED;
191 }
192 }
193 } else {
194 p = map->nodes[lp->ptr];
195 }
196 lp = &p[(*index >> (level * P_L2_BITS)) & (P_L2_SIZE - 1)];
197
198 while (*nb && lp < &p[P_L2_SIZE]) {
199 if ((*index & (step - 1)) == 0 && *nb >= step) {
200 lp->skip = 0;
201 lp->ptr = leaf;
202 *index += step;
203 *nb -= step;
204 } else {
205 phys_page_set_level(map, lp, index, nb, leaf, level - 1);
206 }
207 ++lp;
208 }
209 }
210
211 static void phys_page_set(AddressSpaceDispatch *d,
212 hwaddr index, hwaddr nb,
213 uint16_t leaf)
214 {
215 /* Wildly overreserve - it doesn't matter much. */
216 phys_map_node_reserve(&d->map, 3 * P_L2_LEVELS);
217
218 phys_page_set_level(&d->map, &d->phys_map, &index, &nb, leaf, P_L2_LEVELS - 1);
219 }
220
221 /* Compact a non leaf page entry. Simply detect that the entry has a single child,
222 * and update our entry so we can skip it and go directly to the destination.
223 */
224 static void phys_page_compact(PhysPageEntry *lp, Node *nodes, unsigned long *compacted)
225 {
226 unsigned valid_ptr = P_L2_SIZE;
227 int valid = 0;
228 PhysPageEntry *p;
229 int i;
230
231 if (lp->ptr == PHYS_MAP_NODE_NIL) {
232 return;
233 }
234
235 p = nodes[lp->ptr];
236 for (i = 0; i < P_L2_SIZE; i++) {
237 if (p[i].ptr == PHYS_MAP_NODE_NIL) {
238 continue;
239 }
240
241 valid_ptr = i;
242 valid++;
243 if (p[i].skip) {
244 phys_page_compact(&p[i], nodes, compacted);
245 }
246 }
247
248 /* We can only compress if there's only one child. */
249 if (valid != 1) {
250 return;
251 }
252
253 assert(valid_ptr < P_L2_SIZE);
254
255 /* Don't compress if it won't fit in the # of bits we have. */
256 if (lp->skip + p[valid_ptr].skip >= (1 << 3)) {
257 return;
258 }
259
260 lp->ptr = p[valid_ptr].ptr;
261 if (!p[valid_ptr].skip) {
262 /* If our only child is a leaf, make this a leaf. */
263 /* By design, we should have made this node a leaf to begin with so we
264 * should never reach here.
265 * But since it's so simple to handle this, let's do it just in case we
266 * change this rule.
267 */
268 lp->skip = 0;
269 } else {
270 lp->skip += p[valid_ptr].skip;
271 }
272 }
273
274 static void phys_page_compact_all(AddressSpaceDispatch *d, int nodes_nb)
275 {
276 DECLARE_BITMAP(compacted, nodes_nb);
277
278 if (d->phys_map.skip) {
279 phys_page_compact(&d->phys_map, d->map.nodes, compacted);
280 }
281 }
282
283 static MemoryRegionSection *phys_page_find(PhysPageEntry lp, hwaddr addr,
284 Node *nodes, MemoryRegionSection *sections)
285 {
286 PhysPageEntry *p;
287 hwaddr index = addr >> TARGET_PAGE_BITS;
288 int i;
289
290 for (i = P_L2_LEVELS; lp.skip && (i -= lp.skip) >= 0;) {
291 if (lp.ptr == PHYS_MAP_NODE_NIL) {
292 return &sections[PHYS_SECTION_UNASSIGNED];
293 }
294 p = nodes[lp.ptr];
295 lp = p[(index >> (i * P_L2_BITS)) & (P_L2_SIZE - 1)];
296 }
297
298 if (sections[lp.ptr].size.hi ||
299 range_covers_byte(sections[lp.ptr].offset_within_address_space,
300 sections[lp.ptr].size.lo, addr)) {
301 return &sections[lp.ptr];
302 } else {
303 return &sections[PHYS_SECTION_UNASSIGNED];
304 }
305 }
306
307 bool memory_region_is_unassigned(MemoryRegion *mr)
308 {
309 return mr != &io_mem_rom && mr != &io_mem_notdirty && !mr->rom_device
310 && mr != &io_mem_watch;
311 }
312
313 static MemoryRegionSection *address_space_lookup_region(AddressSpaceDispatch *d,
314 hwaddr addr,
315 bool resolve_subpage)
316 {
317 MemoryRegionSection *section;
318 subpage_t *subpage;
319
320 section = phys_page_find(d->phys_map, addr, d->map.nodes, d->map.sections);
321 if (resolve_subpage && section->mr->subpage) {
322 subpage = container_of(section->mr, subpage_t, iomem);
323 section = &d->map.sections[subpage->sub_section[SUBPAGE_IDX(addr)]];
324 }
325 return section;
326 }
327
328 static MemoryRegionSection *
329 address_space_translate_internal(AddressSpaceDispatch *d, hwaddr addr, hwaddr *xlat,
330 hwaddr *plen, bool resolve_subpage)
331 {
332 MemoryRegionSection *section;
333 Int128 diff;
334
335 section = address_space_lookup_region(d, addr, resolve_subpage);
336 /* Compute offset within MemoryRegionSection */
337 addr -= section->offset_within_address_space;
338
339 /* Compute offset within MemoryRegion */
340 *xlat = addr + section->offset_within_region;
341
342 diff = int128_sub(section->mr->size, int128_make64(addr));
343 *plen = int128_get64(int128_min(diff, int128_make64(*plen)));
344 return section;
345 }
346
347 static inline bool memory_access_is_direct(MemoryRegion *mr, bool is_write)
348 {
349 if (memory_region_is_ram(mr)) {
350 return !(is_write && mr->readonly);
351 }
352 if (memory_region_is_romd(mr)) {
353 return !is_write;
354 }
355
356 return false;
357 }
358
359 MemoryRegion *address_space_translate(AddressSpace *as, hwaddr addr,
360 hwaddr *xlat, hwaddr *plen,
361 bool is_write)
362 {
363 IOMMUTLBEntry iotlb;
364 MemoryRegionSection *section;
365 MemoryRegion *mr;
366 hwaddr len = *plen;
367
368 for (;;) {
369 section = address_space_translate_internal(as->dispatch, addr, &addr, plen, true);
370 mr = section->mr;
371
372 if (!mr->iommu_ops) {
373 break;
374 }
375
376 iotlb = mr->iommu_ops->translate(mr, addr, is_write);
377 addr = ((iotlb.translated_addr & ~iotlb.addr_mask)
378 | (addr & iotlb.addr_mask));
379 len = MIN(len, (addr | iotlb.addr_mask) - addr + 1);
380 if (!(iotlb.perm & (1 << is_write))) {
381 mr = &io_mem_unassigned;
382 break;
383 }
384
385 as = iotlb.target_as;
386 }
387
388 if (xen_enabled() && memory_access_is_direct(mr, is_write)) {
389 hwaddr page = ((addr & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE) - addr;
390 len = MIN(page, len);
391 }
392
393 *plen = len;
394 *xlat = addr;
395 return mr;
396 }
397
398 MemoryRegionSection *
399 address_space_translate_for_iotlb(AddressSpace *as, hwaddr addr, hwaddr *xlat,
400 hwaddr *plen)
401 {
402 MemoryRegionSection *section;
403 section = address_space_translate_internal(as->dispatch, addr, xlat, plen, false);
404
405 assert(!section->mr->iommu_ops);
406 return section;
407 }
408 #endif
409
410 void cpu_exec_init_all(void)
411 {
412 #if !defined(CONFIG_USER_ONLY)
413 qemu_mutex_init(&ram_list.mutex);
414 memory_map_init();
415 io_mem_init();
416 #endif
417 }
418
419 #if !defined(CONFIG_USER_ONLY)
420
421 static int cpu_common_post_load(void *opaque, int version_id)
422 {
423 CPUState *cpu = opaque;
424
425 /* 0x01 was CPU_INTERRUPT_EXIT. This line can be removed when the
426 version_id is increased. */
427 cpu->interrupt_request &= ~0x01;
428 tlb_flush(cpu, 1);
429
430 return 0;
431 }
432
433 static int cpu_common_pre_load(void *opaque)
434 {
435 CPUState *cpu = opaque;
436
437 cpu->exception_index = 0;
438
439 return 0;
440 }
441
442 static bool cpu_common_exception_index_needed(void *opaque)
443 {
444 CPUState *cpu = opaque;
445
446 return cpu->exception_index != 0;
447 }
448
449 static const VMStateDescription vmstate_cpu_common_exception_index = {
450 .name = "cpu_common/exception_index",
451 .version_id = 1,
452 .minimum_version_id = 1,
453 .fields = (VMStateField[]) {
454 VMSTATE_INT32(exception_index, CPUState),
455 VMSTATE_END_OF_LIST()
456 }
457 };
458
459 const VMStateDescription vmstate_cpu_common = {
460 .name = "cpu_common",
461 .version_id = 1,
462 .minimum_version_id = 1,
463 .pre_load = cpu_common_pre_load,
464 .post_load = cpu_common_post_load,
465 .fields = (VMStateField[]) {
466 VMSTATE_UINT32(halted, CPUState),
467 VMSTATE_UINT32(interrupt_request, CPUState),
468 VMSTATE_END_OF_LIST()
469 },
470 .subsections = (VMStateSubsection[]) {
471 {
472 .vmsd = &vmstate_cpu_common_exception_index,
473 .needed = cpu_common_exception_index_needed,
474 } , {
475 /* empty */
476 }
477 }
478 };
479
480 #endif
481
482 CPUState *qemu_get_cpu(int index)
483 {
484 CPUState *cpu;
485
486 CPU_FOREACH(cpu) {
487 if (cpu->cpu_index == index) {
488 return cpu;
489 }
490 }
491
492 return NULL;
493 }
494
495 #if !defined(CONFIG_USER_ONLY)
496 void tcg_cpu_address_space_init(CPUState *cpu, AddressSpace *as)
497 {
498 /* We only support one address space per cpu at the moment. */
499 assert(cpu->as == as);
500
501 if (cpu->tcg_as_listener) {
502 memory_listener_unregister(cpu->tcg_as_listener);
503 } else {
504 cpu->tcg_as_listener = g_new0(MemoryListener, 1);
505 }
506 cpu->tcg_as_listener->commit = tcg_commit;
507 memory_listener_register(cpu->tcg_as_listener, as);
508 }
509 #endif
510
511 void cpu_exec_init(CPUArchState *env)
512 {
513 CPUState *cpu = ENV_GET_CPU(env);
514 CPUClass *cc = CPU_GET_CLASS(cpu);
515 CPUState *some_cpu;
516 int cpu_index;
517
518 #if defined(CONFIG_USER_ONLY)
519 cpu_list_lock();
520 #endif
521 cpu_index = 0;
522 CPU_FOREACH(some_cpu) {
523 cpu_index++;
524 }
525 cpu->cpu_index = cpu_index;
526 cpu->numa_node = 0;
527 QTAILQ_INIT(&cpu->breakpoints);
528 QTAILQ_INIT(&cpu->watchpoints);
529 #ifndef CONFIG_USER_ONLY
530 cpu->as = &address_space_memory;
531 cpu->thread_id = qemu_get_thread_id();
532 #endif
533 QTAILQ_INSERT_TAIL(&cpus, cpu, node);
534 #if defined(CONFIG_USER_ONLY)
535 cpu_list_unlock();
536 #endif
537 if (qdev_get_vmsd(DEVICE(cpu)) == NULL) {
538 vmstate_register(NULL, cpu_index, &vmstate_cpu_common, cpu);
539 }
540 #if defined(CPU_SAVE_VERSION) && !defined(CONFIG_USER_ONLY)
541 register_savevm(NULL, "cpu", cpu_index, CPU_SAVE_VERSION,
542 cpu_save, cpu_load, env);
543 assert(cc->vmsd == NULL);
544 assert(qdev_get_vmsd(DEVICE(cpu)) == NULL);
545 #endif
546 if (cc->vmsd != NULL) {
547 vmstate_register(NULL, cpu_index, cc->vmsd, cpu);
548 }
549 }
550
551 #if defined(TARGET_HAS_ICE)
552 #if defined(CONFIG_USER_ONLY)
553 static void breakpoint_invalidate(CPUState *cpu, target_ulong pc)
554 {
555 tb_invalidate_phys_page_range(pc, pc + 1, 0);
556 }
557 #else
558 static void breakpoint_invalidate(CPUState *cpu, target_ulong pc)
559 {
560 hwaddr phys = cpu_get_phys_page_debug(cpu, pc);
561 if (phys != -1) {
562 tb_invalidate_phys_addr(cpu->as,
563 phys | (pc & ~TARGET_PAGE_MASK));
564 }
565 }
566 #endif
567 #endif /* TARGET_HAS_ICE */
568
569 #if defined(CONFIG_USER_ONLY)
570 void cpu_watchpoint_remove_all(CPUState *cpu, int mask)
571
572 {
573 }
574
575 int cpu_watchpoint_remove(CPUState *cpu, vaddr addr, vaddr len,
576 int flags)
577 {
578 return -ENOSYS;
579 }
580
581 void cpu_watchpoint_remove_by_ref(CPUState *cpu, CPUWatchpoint *watchpoint)
582 {
583 }
584
585 int cpu_watchpoint_insert(CPUState *cpu, vaddr addr, vaddr len,
586 int flags, CPUWatchpoint **watchpoint)
587 {
588 return -ENOSYS;
589 }
590 #else
591 /* Add a watchpoint. */
592 int cpu_watchpoint_insert(CPUState *cpu, vaddr addr, vaddr len,
593 int flags, CPUWatchpoint **watchpoint)
594 {
595 CPUWatchpoint *wp;
596
597 /* forbid ranges which are empty or run off the end of the address space */
598 if (len == 0 || (addr + len - 1) <= addr) {
599 error_report("tried to set invalid watchpoint at %"
600 VADDR_PRIx ", len=%" VADDR_PRIu, addr, len);
601 return -EINVAL;
602 }
603 wp = g_malloc(sizeof(*wp));
604
605 wp->vaddr = addr;
606 wp->len = len;
607 wp->flags = flags;
608
609 /* keep all GDB-injected watchpoints in front */
610 if (flags & BP_GDB) {
611 QTAILQ_INSERT_HEAD(&cpu->watchpoints, wp, entry);
612 } else {
613 QTAILQ_INSERT_TAIL(&cpu->watchpoints, wp, entry);
614 }
615
616 tlb_flush_page(cpu, addr);
617
618 if (watchpoint)
619 *watchpoint = wp;
620 return 0;
621 }
622
623 /* Remove a specific watchpoint. */
624 int cpu_watchpoint_remove(CPUState *cpu, vaddr addr, vaddr len,
625 int flags)
626 {
627 CPUWatchpoint *wp;
628
629 QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
630 if (addr == wp->vaddr && len == wp->len
631 && flags == (wp->flags & ~BP_WATCHPOINT_HIT)) {
632 cpu_watchpoint_remove_by_ref(cpu, wp);
633 return 0;
634 }
635 }
636 return -ENOENT;
637 }
638
639 /* Remove a specific watchpoint by reference. */
640 void cpu_watchpoint_remove_by_ref(CPUState *cpu, CPUWatchpoint *watchpoint)
641 {
642 QTAILQ_REMOVE(&cpu->watchpoints, watchpoint, entry);
643
644 tlb_flush_page(cpu, watchpoint->vaddr);
645
646 g_free(watchpoint);
647 }
648
649 /* Remove all matching watchpoints. */
650 void cpu_watchpoint_remove_all(CPUState *cpu, int mask)
651 {
652 CPUWatchpoint *wp, *next;
653
654 QTAILQ_FOREACH_SAFE(wp, &cpu->watchpoints, entry, next) {
655 if (wp->flags & mask) {
656 cpu_watchpoint_remove_by_ref(cpu, wp);
657 }
658 }
659 }
660
661 /* Return true if this watchpoint address matches the specified
662 * access (ie the address range covered by the watchpoint overlaps
663 * partially or completely with the address range covered by the
664 * access).
665 */
666 static inline bool cpu_watchpoint_address_matches(CPUWatchpoint *wp,
667 vaddr addr,
668 vaddr len)
669 {
670 /* We know the lengths are non-zero, but a little caution is
671 * required to avoid errors in the case where the range ends
672 * exactly at the top of the address space and so addr + len
673 * wraps round to zero.
674 */
675 vaddr wpend = wp->vaddr + wp->len - 1;
676 vaddr addrend = addr + len - 1;
677
678 return !(addr > wpend || wp->vaddr > addrend);
679 }
680
681 #endif
682
683 /* Add a breakpoint. */
684 int cpu_breakpoint_insert(CPUState *cpu, vaddr pc, int flags,
685 CPUBreakpoint **breakpoint)
686 {
687 #if defined(TARGET_HAS_ICE)
688 CPUBreakpoint *bp;
689
690 bp = g_malloc(sizeof(*bp));
691
692 bp->pc = pc;
693 bp->flags = flags;
694
695 /* keep all GDB-injected breakpoints in front */
696 if (flags & BP_GDB) {
697 QTAILQ_INSERT_HEAD(&cpu->breakpoints, bp, entry);
698 } else {
699 QTAILQ_INSERT_TAIL(&cpu->breakpoints, bp, entry);
700 }
701
702 breakpoint_invalidate(cpu, pc);
703
704 if (breakpoint) {
705 *breakpoint = bp;
706 }
707 return 0;
708 #else
709 return -ENOSYS;
710 #endif
711 }
712
713 /* Remove a specific breakpoint. */
714 int cpu_breakpoint_remove(CPUState *cpu, vaddr pc, int flags)
715 {
716 #if defined(TARGET_HAS_ICE)
717 CPUBreakpoint *bp;
718
719 QTAILQ_FOREACH(bp, &cpu->breakpoints, entry) {
720 if (bp->pc == pc && bp->flags == flags) {
721 cpu_breakpoint_remove_by_ref(cpu, bp);
722 return 0;
723 }
724 }
725 return -ENOENT;
726 #else
727 return -ENOSYS;
728 #endif
729 }
730
731 /* Remove a specific breakpoint by reference. */
732 void cpu_breakpoint_remove_by_ref(CPUState *cpu, CPUBreakpoint *breakpoint)
733 {
734 #if defined(TARGET_HAS_ICE)
735 QTAILQ_REMOVE(&cpu->breakpoints, breakpoint, entry);
736
737 breakpoint_invalidate(cpu, breakpoint->pc);
738
739 g_free(breakpoint);
740 #endif
741 }
742
743 /* Remove all matching breakpoints. */
744 void cpu_breakpoint_remove_all(CPUState *cpu, int mask)
745 {
746 #if defined(TARGET_HAS_ICE)
747 CPUBreakpoint *bp, *next;
748
749 QTAILQ_FOREACH_SAFE(bp, &cpu->breakpoints, entry, next) {
750 if (bp->flags & mask) {
751 cpu_breakpoint_remove_by_ref(cpu, bp);
752 }
753 }
754 #endif
755 }
756
757 /* enable or disable single step mode. EXCP_DEBUG is returned by the
758 CPU loop after each instruction */
759 void cpu_single_step(CPUState *cpu, int enabled)
760 {
761 #if defined(TARGET_HAS_ICE)
762 if (cpu->singlestep_enabled != enabled) {
763 cpu->singlestep_enabled = enabled;
764 if (kvm_enabled()) {
765 kvm_update_guest_debug(cpu, 0);
766 } else {
767 /* must flush all the translated code to avoid inconsistencies */
768 /* XXX: only flush what is necessary */
769 CPUArchState *env = cpu->env_ptr;
770 tb_flush(env);
771 }
772 }
773 #endif
774 }
775
776 void cpu_abort(CPUState *cpu, const char *fmt, ...)
777 {
778 va_list ap;
779 va_list ap2;
780
781 va_start(ap, fmt);
782 va_copy(ap2, ap);
783 fprintf(stderr, "qemu: fatal: ");
784 vfprintf(stderr, fmt, ap);
785 fprintf(stderr, "\n");
786 cpu_dump_state(cpu, stderr, fprintf, CPU_DUMP_FPU | CPU_DUMP_CCOP);
787 if (qemu_log_enabled()) {
788 qemu_log("qemu: fatal: ");
789 qemu_log_vprintf(fmt, ap2);
790 qemu_log("\n");
791 log_cpu_state(cpu, CPU_DUMP_FPU | CPU_DUMP_CCOP);
792 qemu_log_flush();
793 qemu_log_close();
794 }
795 va_end(ap2);
796 va_end(ap);
797 #if defined(CONFIG_USER_ONLY)
798 {
799 struct sigaction act;
800 sigfillset(&act.sa_mask);
801 act.sa_handler = SIG_DFL;
802 sigaction(SIGABRT, &act, NULL);
803 }
804 #endif
805 abort();
806 }
807
808 #if !defined(CONFIG_USER_ONLY)
809 static RAMBlock *qemu_get_ram_block(ram_addr_t addr)
810 {
811 RAMBlock *block;
812
813 /* The list is protected by the iothread lock here. */
814 block = ram_list.mru_block;
815 if (block && addr - block->offset < block->length) {
816 goto found;
817 }
818 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
819 if (addr - block->offset < block->length) {
820 goto found;
821 }
822 }
823
824 fprintf(stderr, "Bad ram offset %" PRIx64 "\n", (uint64_t)addr);
825 abort();
826
827 found:
828 ram_list.mru_block = block;
829 return block;
830 }
831
832 static void tlb_reset_dirty_range_all(ram_addr_t start, ram_addr_t length)
833 {
834 ram_addr_t start1;
835 RAMBlock *block;
836 ram_addr_t end;
837
838 end = TARGET_PAGE_ALIGN(start + length);
839 start &= TARGET_PAGE_MASK;
840
841 block = qemu_get_ram_block(start);
842 assert(block == qemu_get_ram_block(end - 1));
843 start1 = (uintptr_t)block->host + (start - block->offset);
844 cpu_tlb_reset_dirty_all(start1, length);
845 }
846
847 /* Note: start and end must be within the same ram block. */
848 void cpu_physical_memory_reset_dirty(ram_addr_t start, ram_addr_t length,
849 unsigned client)
850 {
851 if (length == 0)
852 return;
853 cpu_physical_memory_clear_dirty_range(start, length, client);
854
855 if (tcg_enabled()) {
856 tlb_reset_dirty_range_all(start, length);
857 }
858 }
859
860 static void cpu_physical_memory_set_dirty_tracking(bool enable)
861 {
862 in_migration = enable;
863 }
864
865 hwaddr memory_region_section_get_iotlb(CPUState *cpu,
866 MemoryRegionSection *section,
867 target_ulong vaddr,
868 hwaddr paddr, hwaddr xlat,
869 int prot,
870 target_ulong *address)
871 {
872 hwaddr iotlb;
873 CPUWatchpoint *wp;
874
875 if (memory_region_is_ram(section->mr)) {
876 /* Normal RAM. */
877 iotlb = (memory_region_get_ram_addr(section->mr) & TARGET_PAGE_MASK)
878 + xlat;
879 if (!section->readonly) {
880 iotlb |= PHYS_SECTION_NOTDIRTY;
881 } else {
882 iotlb |= PHYS_SECTION_ROM;
883 }
884 } else {
885 iotlb = section - section->address_space->dispatch->map.sections;
886 iotlb += xlat;
887 }
888
889 /* Make accesses to pages with watchpoints go via the
890 watchpoint trap routines. */
891 QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
892 if (cpu_watchpoint_address_matches(wp, vaddr, TARGET_PAGE_SIZE)) {
893 /* Avoid trapping reads of pages with a write breakpoint. */
894 if ((prot & PAGE_WRITE) || (wp->flags & BP_MEM_READ)) {
895 iotlb = PHYS_SECTION_WATCH + paddr;
896 *address |= TLB_MMIO;
897 break;
898 }
899 }
900 }
901
902 return iotlb;
903 }
904 #endif /* defined(CONFIG_USER_ONLY) */
905
906 #if !defined(CONFIG_USER_ONLY)
907
908 static int subpage_register (subpage_t *mmio, uint32_t start, uint32_t end,
909 uint16_t section);
910 static subpage_t *subpage_init(AddressSpace *as, hwaddr base);
911
912 static void *(*phys_mem_alloc)(size_t size) = qemu_anon_ram_alloc;
913
914 /*
915 * Set a custom physical guest memory alloator.
916 * Accelerators with unusual needs may need this. Hopefully, we can
917 * get rid of it eventually.
918 */
919 void phys_mem_set_alloc(void *(*alloc)(size_t))
920 {
921 phys_mem_alloc = alloc;
922 }
923
924 static uint16_t phys_section_add(PhysPageMap *map,
925 MemoryRegionSection *section)
926 {
927 /* The physical section number is ORed with a page-aligned
928 * pointer to produce the iotlb entries. Thus it should
929 * never overflow into the page-aligned value.
930 */
931 assert(map->sections_nb < TARGET_PAGE_SIZE);
932
933 if (map->sections_nb == map->sections_nb_alloc) {
934 map->sections_nb_alloc = MAX(map->sections_nb_alloc * 2, 16);
935 map->sections = g_renew(MemoryRegionSection, map->sections,
936 map->sections_nb_alloc);
937 }
938 map->sections[map->sections_nb] = *section;
939 memory_region_ref(section->mr);
940 return map->sections_nb++;
941 }
942
943 static void phys_section_destroy(MemoryRegion *mr)
944 {
945 memory_region_unref(mr);
946
947 if (mr->subpage) {
948 subpage_t *subpage = container_of(mr, subpage_t, iomem);
949 object_unref(OBJECT(&subpage->iomem));
950 g_free(subpage);
951 }
952 }
953
954 static void phys_sections_free(PhysPageMap *map)
955 {
956 while (map->sections_nb > 0) {
957 MemoryRegionSection *section = &map->sections[--map->sections_nb];
958 phys_section_destroy(section->mr);
959 }
960 g_free(map->sections);
961 g_free(map->nodes);
962 }
963
964 static void register_subpage(AddressSpaceDispatch *d, MemoryRegionSection *section)
965 {
966 subpage_t *subpage;
967 hwaddr base = section->offset_within_address_space
968 & TARGET_PAGE_MASK;
969 MemoryRegionSection *existing = phys_page_find(d->phys_map, base,
970 d->map.nodes, d->map.sections);
971 MemoryRegionSection subsection = {
972 .offset_within_address_space = base,
973 .size = int128_make64(TARGET_PAGE_SIZE),
974 };
975 hwaddr start, end;
976
977 assert(existing->mr->subpage || existing->mr == &io_mem_unassigned);
978
979 if (!(existing->mr->subpage)) {
980 subpage = subpage_init(d->as, base);
981 subsection.address_space = d->as;
982 subsection.mr = &subpage->iomem;
983 phys_page_set(d, base >> TARGET_PAGE_BITS, 1,
984 phys_section_add(&d->map, &subsection));
985 } else {
986 subpage = container_of(existing->mr, subpage_t, iomem);
987 }
988 start = section->offset_within_address_space & ~TARGET_PAGE_MASK;
989 end = start + int128_get64(section->size) - 1;
990 subpage_register(subpage, start, end,
991 phys_section_add(&d->map, section));
992 }
993
994
995 static void register_multipage(AddressSpaceDispatch *d,
996 MemoryRegionSection *section)
997 {
998 hwaddr start_addr = section->offset_within_address_space;
999 uint16_t section_index = phys_section_add(&d->map, section);
1000 uint64_t num_pages = int128_get64(int128_rshift(section->size,
1001 TARGET_PAGE_BITS));
1002
1003 assert(num_pages);
1004 phys_page_set(d, start_addr >> TARGET_PAGE_BITS, num_pages, section_index);
1005 }
1006
1007 static void mem_add(MemoryListener *listener, MemoryRegionSection *section)
1008 {
1009 AddressSpace *as = container_of(listener, AddressSpace, dispatch_listener);
1010 AddressSpaceDispatch *d = as->next_dispatch;
1011 MemoryRegionSection now = *section, remain = *section;
1012 Int128 page_size = int128_make64(TARGET_PAGE_SIZE);
1013
1014 if (now.offset_within_address_space & ~TARGET_PAGE_MASK) {
1015 uint64_t left = TARGET_PAGE_ALIGN(now.offset_within_address_space)
1016 - now.offset_within_address_space;
1017
1018 now.size = int128_min(int128_make64(left), now.size);
1019 register_subpage(d, &now);
1020 } else {
1021 now.size = int128_zero();
1022 }
1023 while (int128_ne(remain.size, now.size)) {
1024 remain.size = int128_sub(remain.size, now.size);
1025 remain.offset_within_address_space += int128_get64(now.size);
1026 remain.offset_within_region += int128_get64(now.size);
1027 now = remain;
1028 if (int128_lt(remain.size, page_size)) {
1029 register_subpage(d, &now);
1030 } else if (remain.offset_within_address_space & ~TARGET_PAGE_MASK) {
1031 now.size = page_size;
1032 register_subpage(d, &now);
1033 } else {
1034 now.size = int128_and(now.size, int128_neg(page_size));
1035 register_multipage(d, &now);
1036 }
1037 }
1038 }
1039
1040 void qemu_flush_coalesced_mmio_buffer(void)
1041 {
1042 if (kvm_enabled())
1043 kvm_flush_coalesced_mmio_buffer();
1044 }
1045
1046 void qemu_mutex_lock_ramlist(void)
1047 {
1048 qemu_mutex_lock(&ram_list.mutex);
1049 }
1050
1051 void qemu_mutex_unlock_ramlist(void)
1052 {
1053 qemu_mutex_unlock(&ram_list.mutex);
1054 }
1055
1056 #ifdef __linux__
1057
1058 #include <sys/vfs.h>
1059
1060 #define HUGETLBFS_MAGIC 0x958458f6
1061
1062 static long gethugepagesize(const char *path, Error **errp)
1063 {
1064 struct statfs fs;
1065 int ret;
1066
1067 do {
1068 ret = statfs(path, &fs);
1069 } while (ret != 0 && errno == EINTR);
1070
1071 if (ret != 0) {
1072 error_setg_errno(errp, errno, "failed to get page size of file %s",
1073 path);
1074 return 0;
1075 }
1076
1077 if (fs.f_type != HUGETLBFS_MAGIC)
1078 fprintf(stderr, "Warning: path not on HugeTLBFS: %s\n", path);
1079
1080 return fs.f_bsize;
1081 }
1082
1083 static void *file_ram_alloc(RAMBlock *block,
1084 ram_addr_t memory,
1085 const char *path,
1086 Error **errp)
1087 {
1088 char *filename;
1089 char *sanitized_name;
1090 char *c;
1091 void *area = NULL;
1092 int fd;
1093 uint64_t hpagesize;
1094 Error *local_err = NULL;
1095
1096 hpagesize = gethugepagesize(path, &local_err);
1097 if (local_err) {
1098 error_propagate(errp, local_err);
1099 goto error;
1100 }
1101
1102 if (memory < hpagesize) {
1103 error_setg(errp, "memory size 0x" RAM_ADDR_FMT " must be equal to "
1104 "or larger than huge page size 0x%" PRIx64,
1105 memory, hpagesize);
1106 goto error;
1107 }
1108
1109 if (kvm_enabled() && !kvm_has_sync_mmu()) {
1110 error_setg(errp,
1111 "host lacks kvm mmu notifiers, -mem-path unsupported");
1112 goto error;
1113 }
1114
1115 /* Make name safe to use with mkstemp by replacing '/' with '_'. */
1116 sanitized_name = g_strdup(memory_region_name(block->mr));
1117 for (c = sanitized_name; *c != '\0'; c++) {
1118 if (*c == '/')
1119 *c = '_';
1120 }
1121
1122 filename = g_strdup_printf("%s/qemu_back_mem.%s.XXXXXX", path,
1123 sanitized_name);
1124 g_free(sanitized_name);
1125
1126 fd = mkstemp(filename);
1127 if (fd < 0) {
1128 error_setg_errno(errp, errno,
1129 "unable to create backing store for hugepages");
1130 g_free(filename);
1131 goto error;
1132 }
1133 unlink(filename);
1134 g_free(filename);
1135
1136 memory = (memory+hpagesize-1) & ~(hpagesize-1);
1137
1138 /*
1139 * ftruncate is not supported by hugetlbfs in older
1140 * hosts, so don't bother bailing out on errors.
1141 * If anything goes wrong with it under other filesystems,
1142 * mmap will fail.
1143 */
1144 if (ftruncate(fd, memory)) {
1145 perror("ftruncate");
1146 }
1147
1148 area = mmap(0, memory, PROT_READ | PROT_WRITE,
1149 (block->flags & RAM_SHARED ? MAP_SHARED : MAP_PRIVATE),
1150 fd, 0);
1151 if (area == MAP_FAILED) {
1152 error_setg_errno(errp, errno,
1153 "unable to map backing store for hugepages");
1154 close(fd);
1155 goto error;
1156 }
1157
1158 if (mem_prealloc) {
1159 os_mem_prealloc(fd, area, memory);
1160 }
1161
1162 block->fd = fd;
1163 return area;
1164
1165 error:
1166 if (mem_prealloc) {
1167 exit(1);
1168 }
1169 return NULL;
1170 }
1171 #endif
1172
1173 static ram_addr_t find_ram_offset(ram_addr_t size)
1174 {
1175 RAMBlock *block, *next_block;
1176 ram_addr_t offset = RAM_ADDR_MAX, mingap = RAM_ADDR_MAX;
1177
1178 assert(size != 0); /* it would hand out same offset multiple times */
1179
1180 if (QTAILQ_EMPTY(&ram_list.blocks))
1181 return 0;
1182
1183 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1184 ram_addr_t end, next = RAM_ADDR_MAX;
1185
1186 end = block->offset + block->length;
1187
1188 QTAILQ_FOREACH(next_block, &ram_list.blocks, next) {
1189 if (next_block->offset >= end) {
1190 next = MIN(next, next_block->offset);
1191 }
1192 }
1193 if (next - end >= size && next - end < mingap) {
1194 offset = end;
1195 mingap = next - end;
1196 }
1197 }
1198
1199 if (offset == RAM_ADDR_MAX) {
1200 fprintf(stderr, "Failed to find gap of requested size: %" PRIu64 "\n",
1201 (uint64_t)size);
1202 abort();
1203 }
1204
1205 return offset;
1206 }
1207
1208 ram_addr_t last_ram_offset(void)
1209 {
1210 RAMBlock *block;
1211 ram_addr_t last = 0;
1212
1213 QTAILQ_FOREACH(block, &ram_list.blocks, next)
1214 last = MAX(last, block->offset + block->length);
1215
1216 return last;
1217 }
1218
1219 static void qemu_ram_setup_dump(void *addr, ram_addr_t size)
1220 {
1221 int ret;
1222
1223 /* Use MADV_DONTDUMP, if user doesn't want the guest memory in the core */
1224 if (!qemu_opt_get_bool(qemu_get_machine_opts(),
1225 "dump-guest-core", true)) {
1226 ret = qemu_madvise(addr, size, QEMU_MADV_DONTDUMP);
1227 if (ret) {
1228 perror("qemu_madvise");
1229 fprintf(stderr, "madvise doesn't support MADV_DONTDUMP, "
1230 "but dump_guest_core=off specified\n");
1231 }
1232 }
1233 }
1234
1235 static RAMBlock *find_ram_block(ram_addr_t addr)
1236 {
1237 RAMBlock *block;
1238
1239 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1240 if (block->offset == addr) {
1241 return block;
1242 }
1243 }
1244
1245 return NULL;
1246 }
1247
1248 void qemu_ram_set_idstr(ram_addr_t addr, const char *name, DeviceState *dev)
1249 {
1250 RAMBlock *new_block = find_ram_block(addr);
1251 RAMBlock *block;
1252
1253 assert(new_block);
1254 assert(!new_block->idstr[0]);
1255
1256 if (dev) {
1257 char *id = qdev_get_dev_path(dev);
1258 if (id) {
1259 snprintf(new_block->idstr, sizeof(new_block->idstr), "%s/", id);
1260 g_free(id);
1261 }
1262 }
1263 pstrcat(new_block->idstr, sizeof(new_block->idstr), name);
1264
1265 /* This assumes the iothread lock is taken here too. */
1266 qemu_mutex_lock_ramlist();
1267 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1268 if (block != new_block && !strcmp(block->idstr, new_block->idstr)) {
1269 fprintf(stderr, "RAMBlock \"%s\" already registered, abort!\n",
1270 new_block->idstr);
1271 abort();
1272 }
1273 }
1274 qemu_mutex_unlock_ramlist();
1275 }
1276
1277 void qemu_ram_unset_idstr(ram_addr_t addr)
1278 {
1279 RAMBlock *block = find_ram_block(addr);
1280
1281 if (block) {
1282 memset(block->idstr, 0, sizeof(block->idstr));
1283 }
1284 }
1285
1286 static int memory_try_enable_merging(void *addr, size_t len)
1287 {
1288 if (!qemu_opt_get_bool(qemu_get_machine_opts(), "mem-merge", true)) {
1289 /* disabled by the user */
1290 return 0;
1291 }
1292
1293 return qemu_madvise(addr, len, QEMU_MADV_MERGEABLE);
1294 }
1295
1296 static ram_addr_t ram_block_add(RAMBlock *new_block, Error **errp)
1297 {
1298 RAMBlock *block;
1299 ram_addr_t old_ram_size, new_ram_size;
1300
1301 old_ram_size = last_ram_offset() >> TARGET_PAGE_BITS;
1302
1303 /* This assumes the iothread lock is taken here too. */
1304 qemu_mutex_lock_ramlist();
1305 new_block->offset = find_ram_offset(new_block->length);
1306
1307 if (!new_block->host) {
1308 if (xen_enabled()) {
1309 xen_ram_alloc(new_block->offset, new_block->length, new_block->mr);
1310 } else {
1311 new_block->host = phys_mem_alloc(new_block->length);
1312 if (!new_block->host) {
1313 error_setg_errno(errp, errno,
1314 "cannot set up guest memory '%s'",
1315 memory_region_name(new_block->mr));
1316 qemu_mutex_unlock_ramlist();
1317 return -1;
1318 }
1319 memory_try_enable_merging(new_block->host, new_block->length);
1320 }
1321 }
1322
1323 /* Keep the list sorted from biggest to smallest block. */
1324 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1325 if (block->length < new_block->length) {
1326 break;
1327 }
1328 }
1329 if (block) {
1330 QTAILQ_INSERT_BEFORE(block, new_block, next);
1331 } else {
1332 QTAILQ_INSERT_TAIL(&ram_list.blocks, new_block, next);
1333 }
1334 ram_list.mru_block = NULL;
1335
1336 ram_list.version++;
1337 qemu_mutex_unlock_ramlist();
1338
1339 new_ram_size = last_ram_offset() >> TARGET_PAGE_BITS;
1340
1341 if (new_ram_size > old_ram_size) {
1342 int i;
1343 for (i = 0; i < DIRTY_MEMORY_NUM; i++) {
1344 ram_list.dirty_memory[i] =
1345 bitmap_zero_extend(ram_list.dirty_memory[i],
1346 old_ram_size, new_ram_size);
1347 }
1348 }
1349 cpu_physical_memory_set_dirty_range(new_block->offset, new_block->length);
1350
1351 qemu_ram_setup_dump(new_block->host, new_block->length);
1352 qemu_madvise(new_block->host, new_block->length, QEMU_MADV_HUGEPAGE);
1353 qemu_madvise(new_block->host, new_block->length, QEMU_MADV_DONTFORK);
1354
1355 if (kvm_enabled()) {
1356 kvm_setup_guest_memory(new_block->host, new_block->length);
1357 }
1358
1359 return new_block->offset;
1360 }
1361
1362 #ifdef __linux__
1363 ram_addr_t qemu_ram_alloc_from_file(ram_addr_t size, MemoryRegion *mr,
1364 bool share, const char *mem_path,
1365 Error **errp)
1366 {
1367 RAMBlock *new_block;
1368 ram_addr_t addr;
1369 Error *local_err = NULL;
1370
1371 if (xen_enabled()) {
1372 error_setg(errp, "-mem-path not supported with Xen");
1373 return -1;
1374 }
1375
1376 if (phys_mem_alloc != qemu_anon_ram_alloc) {
1377 /*
1378 * file_ram_alloc() needs to allocate just like
1379 * phys_mem_alloc, but we haven't bothered to provide
1380 * a hook there.
1381 */
1382 error_setg(errp,
1383 "-mem-path not supported with this accelerator");
1384 return -1;
1385 }
1386
1387 size = TARGET_PAGE_ALIGN(size);
1388 new_block = g_malloc0(sizeof(*new_block));
1389 new_block->mr = mr;
1390 new_block->length = size;
1391 new_block->flags = share ? RAM_SHARED : 0;
1392 new_block->host = file_ram_alloc(new_block, size,
1393 mem_path, errp);
1394 if (!new_block->host) {
1395 g_free(new_block);
1396 return -1;
1397 }
1398
1399 addr = ram_block_add(new_block, &local_err);
1400 if (local_err) {
1401 g_free(new_block);
1402 error_propagate(errp, local_err);
1403 return -1;
1404 }
1405 return addr;
1406 }
1407 #endif
1408
1409 ram_addr_t qemu_ram_alloc_from_ptr(ram_addr_t size, void *host,
1410 MemoryRegion *mr, Error **errp)
1411 {
1412 RAMBlock *new_block;
1413 ram_addr_t addr;
1414 Error *local_err = NULL;
1415
1416 size = TARGET_PAGE_ALIGN(size);
1417 new_block = g_malloc0(sizeof(*new_block));
1418 new_block->mr = mr;
1419 new_block->length = size;
1420 new_block->fd = -1;
1421 new_block->host = host;
1422 if (host) {
1423 new_block->flags |= RAM_PREALLOC;
1424 }
1425 addr = ram_block_add(new_block, &local_err);
1426 if (local_err) {
1427 g_free(new_block);
1428 error_propagate(errp, local_err);
1429 return -1;
1430 }
1431 return addr;
1432 }
1433
1434 ram_addr_t qemu_ram_alloc(ram_addr_t size, MemoryRegion *mr, Error **errp)
1435 {
1436 return qemu_ram_alloc_from_ptr(size, NULL, mr, errp);
1437 }
1438
1439 void qemu_ram_free_from_ptr(ram_addr_t addr)
1440 {
1441 RAMBlock *block;
1442
1443 /* This assumes the iothread lock is taken here too. */
1444 qemu_mutex_lock_ramlist();
1445 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1446 if (addr == block->offset) {
1447 QTAILQ_REMOVE(&ram_list.blocks, block, next);
1448 ram_list.mru_block = NULL;
1449 ram_list.version++;
1450 g_free(block);
1451 break;
1452 }
1453 }
1454 qemu_mutex_unlock_ramlist();
1455 }
1456
1457 void qemu_ram_free(ram_addr_t addr)
1458 {
1459 RAMBlock *block;
1460
1461 /* This assumes the iothread lock is taken here too. */
1462 qemu_mutex_lock_ramlist();
1463 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1464 if (addr == block->offset) {
1465 QTAILQ_REMOVE(&ram_list.blocks, block, next);
1466 ram_list.mru_block = NULL;
1467 ram_list.version++;
1468 if (block->flags & RAM_PREALLOC) {
1469 ;
1470 } else if (xen_enabled()) {
1471 xen_invalidate_map_cache_entry(block->host);
1472 #ifndef _WIN32
1473 } else if (block->fd >= 0) {
1474 munmap(block->host, block->length);
1475 close(block->fd);
1476 #endif
1477 } else {
1478 qemu_anon_ram_free(block->host, block->length);
1479 }
1480 g_free(block);
1481 break;
1482 }
1483 }
1484 qemu_mutex_unlock_ramlist();
1485
1486 }
1487
1488 #ifndef _WIN32
1489 void qemu_ram_remap(ram_addr_t addr, ram_addr_t length)
1490 {
1491 RAMBlock *block;
1492 ram_addr_t offset;
1493 int flags;
1494 void *area, *vaddr;
1495
1496 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1497 offset = addr - block->offset;
1498 if (offset < block->length) {
1499 vaddr = block->host + offset;
1500 if (block->flags & RAM_PREALLOC) {
1501 ;
1502 } else if (xen_enabled()) {
1503 abort();
1504 } else {
1505 flags = MAP_FIXED;
1506 munmap(vaddr, length);
1507 if (block->fd >= 0) {
1508 flags |= (block->flags & RAM_SHARED ?
1509 MAP_SHARED : MAP_PRIVATE);
1510 area = mmap(vaddr, length, PROT_READ | PROT_WRITE,
1511 flags, block->fd, offset);
1512 } else {
1513 /*
1514 * Remap needs to match alloc. Accelerators that
1515 * set phys_mem_alloc never remap. If they did,
1516 * we'd need a remap hook here.
1517 */
1518 assert(phys_mem_alloc == qemu_anon_ram_alloc);
1519
1520 flags |= MAP_PRIVATE | MAP_ANONYMOUS;
1521 area = mmap(vaddr, length, PROT_READ | PROT_WRITE,
1522 flags, -1, 0);
1523 }
1524 if (area != vaddr) {
1525 fprintf(stderr, "Could not remap addr: "
1526 RAM_ADDR_FMT "@" RAM_ADDR_FMT "\n",
1527 length, addr);
1528 exit(1);
1529 }
1530 memory_try_enable_merging(vaddr, length);
1531 qemu_ram_setup_dump(vaddr, length);
1532 }
1533 return;
1534 }
1535 }
1536 }
1537 #endif /* !_WIN32 */
1538
1539 int qemu_get_ram_fd(ram_addr_t addr)
1540 {
1541 RAMBlock *block = qemu_get_ram_block(addr);
1542
1543 return block->fd;
1544 }
1545
1546 void *qemu_get_ram_block_host_ptr(ram_addr_t addr)
1547 {
1548 RAMBlock *block = qemu_get_ram_block(addr);
1549
1550 return block->host;
1551 }
1552
1553 /* Return a host pointer to ram allocated with qemu_ram_alloc.
1554 With the exception of the softmmu code in this file, this should
1555 only be used for local memory (e.g. video ram) that the device owns,
1556 and knows it isn't going to access beyond the end of the block.
1557
1558 It should not be used for general purpose DMA.
1559 Use cpu_physical_memory_map/cpu_physical_memory_rw instead.
1560 */
1561 void *qemu_get_ram_ptr(ram_addr_t addr)
1562 {
1563 RAMBlock *block = qemu_get_ram_block(addr);
1564
1565 if (xen_enabled()) {
1566 /* We need to check if the requested address is in the RAM
1567 * because we don't want to map the entire memory in QEMU.
1568 * In that case just map until the end of the page.
1569 */
1570 if (block->offset == 0) {
1571 return xen_map_cache(addr, 0, 0);
1572 } else if (block->host == NULL) {
1573 block->host =
1574 xen_map_cache(block->offset, block->length, 1);
1575 }
1576 }
1577 return block->host + (addr - block->offset);
1578 }
1579
1580 /* Return a host pointer to guest's ram. Similar to qemu_get_ram_ptr
1581 * but takes a size argument */
1582 static void *qemu_ram_ptr_length(ram_addr_t addr, hwaddr *size)
1583 {
1584 if (*size == 0) {
1585 return NULL;
1586 }
1587 if (xen_enabled()) {
1588 return xen_map_cache(addr, *size, 1);
1589 } else {
1590 RAMBlock *block;
1591
1592 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1593 if (addr - block->offset < block->length) {
1594 if (addr - block->offset + *size > block->length)
1595 *size = block->length - addr + block->offset;
1596 return block->host + (addr - block->offset);
1597 }
1598 }
1599
1600 fprintf(stderr, "Bad ram offset %" PRIx64 "\n", (uint64_t)addr);
1601 abort();
1602 }
1603 }
1604
1605 /* Some of the softmmu routines need to translate from a host pointer
1606 (typically a TLB entry) back to a ram offset. */
1607 MemoryRegion *qemu_ram_addr_from_host(void *ptr, ram_addr_t *ram_addr)
1608 {
1609 RAMBlock *block;
1610 uint8_t *host = ptr;
1611
1612 if (xen_enabled()) {
1613 *ram_addr = xen_ram_addr_from_mapcache(ptr);
1614 return qemu_get_ram_block(*ram_addr)->mr;
1615 }
1616
1617 block = ram_list.mru_block;
1618 if (block && block->host && host - block->host < block->length) {
1619 goto found;
1620 }
1621
1622 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1623 /* This case append when the block is not mapped. */
1624 if (block->host == NULL) {
1625 continue;
1626 }
1627 if (host - block->host < block->length) {
1628 goto found;
1629 }
1630 }
1631
1632 return NULL;
1633
1634 found:
1635 *ram_addr = block->offset + (host - block->host);
1636 return block->mr;
1637 }
1638
1639 static void notdirty_mem_write(void *opaque, hwaddr ram_addr,
1640 uint64_t val, unsigned size)
1641 {
1642 if (!cpu_physical_memory_get_dirty_flag(ram_addr, DIRTY_MEMORY_CODE)) {
1643 tb_invalidate_phys_page_fast(ram_addr, size);
1644 }
1645 switch (size) {
1646 case 1:
1647 stb_p(qemu_get_ram_ptr(ram_addr), val);
1648 break;
1649 case 2:
1650 stw_p(qemu_get_ram_ptr(ram_addr), val);
1651 break;
1652 case 4:
1653 stl_p(qemu_get_ram_ptr(ram_addr), val);
1654 break;
1655 default:
1656 abort();
1657 }
1658 cpu_physical_memory_set_dirty_range_nocode(ram_addr, size);
1659 /* we remove the notdirty callback only if the code has been
1660 flushed */
1661 if (!cpu_physical_memory_is_clean(ram_addr)) {
1662 CPUArchState *env = current_cpu->env_ptr;
1663 tlb_set_dirty(env, current_cpu->mem_io_vaddr);
1664 }
1665 }
1666
1667 static bool notdirty_mem_accepts(void *opaque, hwaddr addr,
1668 unsigned size, bool is_write)
1669 {
1670 return is_write;
1671 }
1672
1673 static const MemoryRegionOps notdirty_mem_ops = {
1674 .write = notdirty_mem_write,
1675 .valid.accepts = notdirty_mem_accepts,
1676 .endianness = DEVICE_NATIVE_ENDIAN,
1677 };
1678
1679 /* Generate a debug exception if a watchpoint has been hit. */
1680 static void check_watchpoint(int offset, int len, int flags)
1681 {
1682 CPUState *cpu = current_cpu;
1683 CPUArchState *env = cpu->env_ptr;
1684 target_ulong pc, cs_base;
1685 target_ulong vaddr;
1686 CPUWatchpoint *wp;
1687 int cpu_flags;
1688
1689 if (cpu->watchpoint_hit) {
1690 /* We re-entered the check after replacing the TB. Now raise
1691 * the debug interrupt so that is will trigger after the
1692 * current instruction. */
1693 cpu_interrupt(cpu, CPU_INTERRUPT_DEBUG);
1694 return;
1695 }
1696 vaddr = (cpu->mem_io_vaddr & TARGET_PAGE_MASK) + offset;
1697 QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
1698 if (cpu_watchpoint_address_matches(wp, vaddr, len)
1699 && (wp->flags & flags)) {
1700 if (flags == BP_MEM_READ) {
1701 wp->flags |= BP_WATCHPOINT_HIT_READ;
1702 } else {
1703 wp->flags |= BP_WATCHPOINT_HIT_WRITE;
1704 }
1705 wp->hitaddr = vaddr;
1706 if (!cpu->watchpoint_hit) {
1707 cpu->watchpoint_hit = wp;
1708 tb_check_watchpoint(cpu);
1709 if (wp->flags & BP_STOP_BEFORE_ACCESS) {
1710 cpu->exception_index = EXCP_DEBUG;
1711 cpu_loop_exit(cpu);
1712 } else {
1713 cpu_get_tb_cpu_state(env, &pc, &cs_base, &cpu_flags);
1714 tb_gen_code(cpu, pc, cs_base, cpu_flags, 1);
1715 cpu_resume_from_signal(cpu, NULL);
1716 }
1717 }
1718 } else {
1719 wp->flags &= ~BP_WATCHPOINT_HIT;
1720 }
1721 }
1722 }
1723
1724 /* Watchpoint access routines. Watchpoints are inserted using TLB tricks,
1725 so these check for a hit then pass through to the normal out-of-line
1726 phys routines. */
1727 static uint64_t watch_mem_read(void *opaque, hwaddr addr,
1728 unsigned size)
1729 {
1730 check_watchpoint(addr & ~TARGET_PAGE_MASK, size, BP_MEM_READ);
1731 switch (size) {
1732 case 1: return ldub_phys(&address_space_memory, addr);
1733 case 2: return lduw_phys(&address_space_memory, addr);
1734 case 4: return ldl_phys(&address_space_memory, addr);
1735 default: abort();
1736 }
1737 }
1738
1739 static void watch_mem_write(void *opaque, hwaddr addr,
1740 uint64_t val, unsigned size)
1741 {
1742 check_watchpoint(addr & ~TARGET_PAGE_MASK, size, BP_MEM_WRITE);
1743 switch (size) {
1744 case 1:
1745 stb_phys(&address_space_memory, addr, val);
1746 break;
1747 case 2:
1748 stw_phys(&address_space_memory, addr, val);
1749 break;
1750 case 4:
1751 stl_phys(&address_space_memory, addr, val);
1752 break;
1753 default: abort();
1754 }
1755 }
1756
1757 static const MemoryRegionOps watch_mem_ops = {
1758 .read = watch_mem_read,
1759 .write = watch_mem_write,
1760 .endianness = DEVICE_NATIVE_ENDIAN,
1761 };
1762
1763 static uint64_t subpage_read(void *opaque, hwaddr addr,
1764 unsigned len)
1765 {
1766 subpage_t *subpage = opaque;
1767 uint8_t buf[4];
1768
1769 #if defined(DEBUG_SUBPAGE)
1770 printf("%s: subpage %p len %u addr " TARGET_FMT_plx "\n", __func__,
1771 subpage, len, addr);
1772 #endif
1773 address_space_read(subpage->as, addr + subpage->base, buf, len);
1774 switch (len) {
1775 case 1:
1776 return ldub_p(buf);
1777 case 2:
1778 return lduw_p(buf);
1779 case 4:
1780 return ldl_p(buf);
1781 default:
1782 abort();
1783 }
1784 }
1785
1786 static void subpage_write(void *opaque, hwaddr addr,
1787 uint64_t value, unsigned len)
1788 {
1789 subpage_t *subpage = opaque;
1790 uint8_t buf[4];
1791
1792 #if defined(DEBUG_SUBPAGE)
1793 printf("%s: subpage %p len %u addr " TARGET_FMT_plx
1794 " value %"PRIx64"\n",
1795 __func__, subpage, len, addr, value);
1796 #endif
1797 switch (len) {
1798 case 1:
1799 stb_p(buf, value);
1800 break;
1801 case 2:
1802 stw_p(buf, value);
1803 break;
1804 case 4:
1805 stl_p(buf, value);
1806 break;
1807 default:
1808 abort();
1809 }
1810 address_space_write(subpage->as, addr + subpage->base, buf, len);
1811 }
1812
1813 static bool subpage_accepts(void *opaque, hwaddr addr,
1814 unsigned len, bool is_write)
1815 {
1816 subpage_t *subpage = opaque;
1817 #if defined(DEBUG_SUBPAGE)
1818 printf("%s: subpage %p %c len %u addr " TARGET_FMT_plx "\n",
1819 __func__, subpage, is_write ? 'w' : 'r', len, addr);
1820 #endif
1821
1822 return address_space_access_valid(subpage->as, addr + subpage->base,
1823 len, is_write);
1824 }
1825
1826 static const MemoryRegionOps subpage_ops = {
1827 .read = subpage_read,
1828 .write = subpage_write,
1829 .valid.accepts = subpage_accepts,
1830 .endianness = DEVICE_NATIVE_ENDIAN,
1831 };
1832
1833 static int subpage_register (subpage_t *mmio, uint32_t start, uint32_t end,
1834 uint16_t section)
1835 {
1836 int idx, eidx;
1837
1838 if (start >= TARGET_PAGE_SIZE || end >= TARGET_PAGE_SIZE)
1839 return -1;
1840 idx = SUBPAGE_IDX(start);
1841 eidx = SUBPAGE_IDX(end);
1842 #if defined(DEBUG_SUBPAGE)
1843 printf("%s: %p start %08x end %08x idx %08x eidx %08x section %d\n",
1844 __func__, mmio, start, end, idx, eidx, section);
1845 #endif
1846 for (; idx <= eidx; idx++) {
1847 mmio->sub_section[idx] = section;
1848 }
1849
1850 return 0;
1851 }
1852
1853 static subpage_t *subpage_init(AddressSpace *as, hwaddr base)
1854 {
1855 subpage_t *mmio;
1856
1857 mmio = g_malloc0(sizeof(subpage_t));
1858
1859 mmio->as = as;
1860 mmio->base = base;
1861 memory_region_init_io(&mmio->iomem, NULL, &subpage_ops, mmio,
1862 NULL, TARGET_PAGE_SIZE);
1863 mmio->iomem.subpage = true;
1864 #if defined(DEBUG_SUBPAGE)
1865 printf("%s: %p base " TARGET_FMT_plx " len %08x\n", __func__,
1866 mmio, base, TARGET_PAGE_SIZE);
1867 #endif
1868 subpage_register(mmio, 0, TARGET_PAGE_SIZE-1, PHYS_SECTION_UNASSIGNED);
1869
1870 return mmio;
1871 }
1872
1873 static uint16_t dummy_section(PhysPageMap *map, AddressSpace *as,
1874 MemoryRegion *mr)
1875 {
1876 assert(as);
1877 MemoryRegionSection section = {
1878 .address_space = as,
1879 .mr = mr,
1880 .offset_within_address_space = 0,
1881 .offset_within_region = 0,
1882 .size = int128_2_64(),
1883 };
1884
1885 return phys_section_add(map, &section);
1886 }
1887
1888 MemoryRegion *iotlb_to_region(AddressSpace *as, hwaddr index)
1889 {
1890 return as->dispatch->map.sections[index & ~TARGET_PAGE_MASK].mr;
1891 }
1892
1893 static void io_mem_init(void)
1894 {
1895 memory_region_init_io(&io_mem_rom, NULL, &unassigned_mem_ops, NULL, NULL, UINT64_MAX);
1896 memory_region_init_io(&io_mem_unassigned, NULL, &unassigned_mem_ops, NULL,
1897 NULL, UINT64_MAX);
1898 memory_region_init_io(&io_mem_notdirty, NULL, &notdirty_mem_ops, NULL,
1899 NULL, UINT64_MAX);
1900 memory_region_init_io(&io_mem_watch, NULL, &watch_mem_ops, NULL,
1901 NULL, UINT64_MAX);
1902 }
1903
1904 static void mem_begin(MemoryListener *listener)
1905 {
1906 AddressSpace *as = container_of(listener, AddressSpace, dispatch_listener);
1907 AddressSpaceDispatch *d = g_new0(AddressSpaceDispatch, 1);
1908 uint16_t n;
1909
1910 n = dummy_section(&d->map, as, &io_mem_unassigned);
1911 assert(n == PHYS_SECTION_UNASSIGNED);
1912 n = dummy_section(&d->map, as, &io_mem_notdirty);
1913 assert(n == PHYS_SECTION_NOTDIRTY);
1914 n = dummy_section(&d->map, as, &io_mem_rom);
1915 assert(n == PHYS_SECTION_ROM);
1916 n = dummy_section(&d->map, as, &io_mem_watch);
1917 assert(n == PHYS_SECTION_WATCH);
1918
1919 d->phys_map = (PhysPageEntry) { .ptr = PHYS_MAP_NODE_NIL, .skip = 1 };
1920 d->as = as;
1921 as->next_dispatch = d;
1922 }
1923
1924 static void mem_commit(MemoryListener *listener)
1925 {
1926 AddressSpace *as = container_of(listener, AddressSpace, dispatch_listener);
1927 AddressSpaceDispatch *cur = as->dispatch;
1928 AddressSpaceDispatch *next = as->next_dispatch;
1929
1930 phys_page_compact_all(next, next->map.nodes_nb);
1931
1932 as->dispatch = next;
1933
1934 if (cur) {
1935 phys_sections_free(&cur->map);
1936 g_free(cur);
1937 }
1938 }
1939
1940 static void tcg_commit(MemoryListener *listener)
1941 {
1942 CPUState *cpu;
1943
1944 /* since each CPU stores ram addresses in its TLB cache, we must
1945 reset the modified entries */
1946 /* XXX: slow ! */
1947 CPU_FOREACH(cpu) {
1948 /* FIXME: Disentangle the cpu.h circular files deps so we can
1949 directly get the right CPU from listener. */
1950 if (cpu->tcg_as_listener != listener) {
1951 continue;
1952 }
1953 tlb_flush(cpu, 1);
1954 }
1955 }
1956
1957 static void core_log_global_start(MemoryListener *listener)
1958 {
1959 cpu_physical_memory_set_dirty_tracking(true);
1960 }
1961
1962 static void core_log_global_stop(MemoryListener *listener)
1963 {
1964 cpu_physical_memory_set_dirty_tracking(false);
1965 }
1966
1967 static MemoryListener core_memory_listener = {
1968 .log_global_start = core_log_global_start,
1969 .log_global_stop = core_log_global_stop,
1970 .priority = 1,
1971 };
1972
1973 void address_space_init_dispatch(AddressSpace *as)
1974 {
1975 as->dispatch = NULL;
1976 as->dispatch_listener = (MemoryListener) {
1977 .begin = mem_begin,
1978 .commit = mem_commit,
1979 .region_add = mem_add,
1980 .region_nop = mem_add,
1981 .priority = 0,
1982 };
1983 memory_listener_register(&as->dispatch_listener, as);
1984 }
1985
1986 void address_space_destroy_dispatch(AddressSpace *as)
1987 {
1988 AddressSpaceDispatch *d = as->dispatch;
1989
1990 memory_listener_unregister(&as->dispatch_listener);
1991 g_free(d);
1992 as->dispatch = NULL;
1993 }
1994
1995 static void memory_map_init(void)
1996 {
1997 system_memory = g_malloc(sizeof(*system_memory));
1998
1999 memory_region_init(system_memory, NULL, "system", UINT64_MAX);
2000 address_space_init(&address_space_memory, system_memory, "memory");
2001
2002 system_io = g_malloc(sizeof(*system_io));
2003 memory_region_init_io(system_io, NULL, &unassigned_io_ops, NULL, "io",
2004 65536);
2005 address_space_init(&address_space_io, system_io, "I/O");
2006
2007 memory_listener_register(&core_memory_listener, &address_space_memory);
2008 }
2009
2010 MemoryRegion *get_system_memory(void)
2011 {
2012 return system_memory;
2013 }
2014
2015 MemoryRegion *get_system_io(void)
2016 {
2017 return system_io;
2018 }
2019
2020 #endif /* !defined(CONFIG_USER_ONLY) */
2021
2022 /* physical memory access (slow version, mainly for debug) */
2023 #if defined(CONFIG_USER_ONLY)
2024 int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
2025 uint8_t *buf, int len, int is_write)
2026 {
2027 int l, flags;
2028 target_ulong page;
2029 void * p;
2030
2031 while (len > 0) {
2032 page = addr & TARGET_PAGE_MASK;
2033 l = (page + TARGET_PAGE_SIZE) - addr;
2034 if (l > len)
2035 l = len;
2036 flags = page_get_flags(page);
2037 if (!(flags & PAGE_VALID))
2038 return -1;
2039 if (is_write) {
2040 if (!(flags & PAGE_WRITE))
2041 return -1;
2042 /* XXX: this code should not depend on lock_user */
2043 if (!(p = lock_user(VERIFY_WRITE, addr, l, 0)))
2044 return -1;
2045 memcpy(p, buf, l);
2046 unlock_user(p, addr, l);
2047 } else {
2048 if (!(flags & PAGE_READ))
2049 return -1;
2050 /* XXX: this code should not depend on lock_user */
2051 if (!(p = lock_user(VERIFY_READ, addr, l, 1)))
2052 return -1;
2053 memcpy(buf, p, l);
2054 unlock_user(p, addr, 0);
2055 }
2056 len -= l;
2057 buf += l;
2058 addr += l;
2059 }
2060 return 0;
2061 }
2062
2063 #else
2064
2065 static void invalidate_and_set_dirty(hwaddr addr,
2066 hwaddr length)
2067 {
2068 if (cpu_physical_memory_is_clean(addr)) {
2069 /* invalidate code */
2070 tb_invalidate_phys_page_range(addr, addr + length, 0);
2071 /* set dirty bit */
2072 cpu_physical_memory_set_dirty_range_nocode(addr, length);
2073 }
2074 xen_modified_memory(addr, length);
2075 }
2076
2077 static int memory_access_size(MemoryRegion *mr, unsigned l, hwaddr addr)
2078 {
2079 unsigned access_size_max = mr->ops->valid.max_access_size;
2080
2081 /* Regions are assumed to support 1-4 byte accesses unless
2082 otherwise specified. */
2083 if (access_size_max == 0) {
2084 access_size_max = 4;
2085 }
2086
2087 /* Bound the maximum access by the alignment of the address. */
2088 if (!mr->ops->impl.unaligned) {
2089 unsigned align_size_max = addr & -addr;
2090 if (align_size_max != 0 && align_size_max < access_size_max) {
2091 access_size_max = align_size_max;
2092 }
2093 }
2094
2095 /* Don't attempt accesses larger than the maximum. */
2096 if (l > access_size_max) {
2097 l = access_size_max;
2098 }
2099 if (l & (l - 1)) {
2100 l = 1 << (qemu_fls(l) - 1);
2101 }
2102
2103 return l;
2104 }
2105
2106 bool address_space_rw(AddressSpace *as, hwaddr addr, uint8_t *buf,
2107 int len, bool is_write)
2108 {
2109 hwaddr l;
2110 uint8_t *ptr;
2111 uint64_t val;
2112 hwaddr addr1;
2113 MemoryRegion *mr;
2114 bool error = false;
2115
2116 while (len > 0) {
2117 l = len;
2118 mr = address_space_translate(as, addr, &addr1, &l, is_write);
2119
2120 if (is_write) {
2121 if (!memory_access_is_direct(mr, is_write)) {
2122 l = memory_access_size(mr, l, addr1);
2123 /* XXX: could force current_cpu to NULL to avoid
2124 potential bugs */
2125 switch (l) {
2126 case 8:
2127 /* 64 bit write access */
2128 val = ldq_p(buf);
2129 error |= io_mem_write(mr, addr1, val, 8);
2130 break;
2131 case 4:
2132 /* 32 bit write access */
2133 val = ldl_p(buf);
2134 error |= io_mem_write(mr, addr1, val, 4);
2135 break;
2136 case 2:
2137 /* 16 bit write access */
2138 val = lduw_p(buf);
2139 error |= io_mem_write(mr, addr1, val, 2);
2140 break;
2141 case 1:
2142 /* 8 bit write access */
2143 val = ldub_p(buf);
2144 error |= io_mem_write(mr, addr1, val, 1);
2145 break;
2146 default:
2147 abort();
2148 }
2149 } else {
2150 addr1 += memory_region_get_ram_addr(mr);
2151 /* RAM case */
2152 ptr = qemu_get_ram_ptr(addr1);
2153 memcpy(ptr, buf, l);
2154 invalidate_and_set_dirty(addr1, l);
2155 }
2156 } else {
2157 if (!memory_access_is_direct(mr, is_write)) {
2158 /* I/O case */
2159 l = memory_access_size(mr, l, addr1);
2160 switch (l) {
2161 case 8:
2162 /* 64 bit read access */
2163 error |= io_mem_read(mr, addr1, &val, 8);
2164 stq_p(buf, val);
2165 break;
2166 case 4:
2167 /* 32 bit read access */
2168 error |= io_mem_read(mr, addr1, &val, 4);
2169 stl_p(buf, val);
2170 break;
2171 case 2:
2172 /* 16 bit read access */
2173 error |= io_mem_read(mr, addr1, &val, 2);
2174 stw_p(buf, val);
2175 break;
2176 case 1:
2177 /* 8 bit read access */
2178 error |= io_mem_read(mr, addr1, &val, 1);
2179 stb_p(buf, val);
2180 break;
2181 default:
2182 abort();
2183 }
2184 } else {
2185 /* RAM case */
2186 ptr = qemu_get_ram_ptr(mr->ram_addr + addr1);
2187 memcpy(buf, ptr, l);
2188 }
2189 }
2190 len -= l;
2191 buf += l;
2192 addr += l;
2193 }
2194
2195 return error;
2196 }
2197
2198 bool address_space_write(AddressSpace *as, hwaddr addr,
2199 const uint8_t *buf, int len)
2200 {
2201 return address_space_rw(as, addr, (uint8_t *)buf, len, true);
2202 }
2203
2204 bool address_space_read(AddressSpace *as, hwaddr addr, uint8_t *buf, int len)
2205 {
2206 return address_space_rw(as, addr, buf, len, false);
2207 }
2208
2209
2210 void cpu_physical_memory_rw(hwaddr addr, uint8_t *buf,
2211 int len, int is_write)
2212 {
2213 address_space_rw(&address_space_memory, addr, buf, len, is_write);
2214 }
2215
2216 enum write_rom_type {
2217 WRITE_DATA,
2218 FLUSH_CACHE,
2219 };
2220
2221 static inline void cpu_physical_memory_write_rom_internal(AddressSpace *as,
2222 hwaddr addr, const uint8_t *buf, int len, enum write_rom_type type)
2223 {
2224 hwaddr l;
2225 uint8_t *ptr;
2226 hwaddr addr1;
2227 MemoryRegion *mr;
2228
2229 while (len > 0) {
2230 l = len;
2231 mr = address_space_translate(as, addr, &addr1, &l, true);
2232
2233 if (!(memory_region_is_ram(mr) ||
2234 memory_region_is_romd(mr))) {
2235 /* do nothing */
2236 } else {
2237 addr1 += memory_region_get_ram_addr(mr);
2238 /* ROM/RAM case */
2239 ptr = qemu_get_ram_ptr(addr1);
2240 switch (type) {
2241 case WRITE_DATA:
2242 memcpy(ptr, buf, l);
2243 invalidate_and_set_dirty(addr1, l);
2244 break;
2245 case FLUSH_CACHE:
2246 flush_icache_range((uintptr_t)ptr, (uintptr_t)ptr + l);
2247 break;
2248 }
2249 }
2250 len -= l;
2251 buf += l;
2252 addr += l;
2253 }
2254 }
2255
2256 /* used for ROM loading : can write in RAM and ROM */
2257 void cpu_physical_memory_write_rom(AddressSpace *as, hwaddr addr,
2258 const uint8_t *buf, int len)
2259 {
2260 cpu_physical_memory_write_rom_internal(as, addr, buf, len, WRITE_DATA);
2261 }
2262
2263 void cpu_flush_icache_range(hwaddr start, int len)
2264 {
2265 /*
2266 * This function should do the same thing as an icache flush that was
2267 * triggered from within the guest. For TCG we are always cache coherent,
2268 * so there is no need to flush anything. For KVM / Xen we need to flush
2269 * the host's instruction cache at least.
2270 */
2271 if (tcg_enabled()) {
2272 return;
2273 }
2274
2275 cpu_physical_memory_write_rom_internal(&address_space_memory,
2276 start, NULL, len, FLUSH_CACHE);
2277 }
2278
2279 typedef struct {
2280 MemoryRegion *mr;
2281 void *buffer;
2282 hwaddr addr;
2283 hwaddr len;
2284 } BounceBuffer;
2285
2286 static BounceBuffer bounce;
2287
2288 typedef struct MapClient {
2289 void *opaque;
2290 void (*callback)(void *opaque);
2291 QLIST_ENTRY(MapClient) link;
2292 } MapClient;
2293
2294 static QLIST_HEAD(map_client_list, MapClient) map_client_list
2295 = QLIST_HEAD_INITIALIZER(map_client_list);
2296
2297 void *cpu_register_map_client(void *opaque, void (*callback)(void *opaque))
2298 {
2299 MapClient *client = g_malloc(sizeof(*client));
2300
2301 client->opaque = opaque;
2302 client->callback = callback;
2303 QLIST_INSERT_HEAD(&map_client_list, client, link);
2304 return client;
2305 }
2306
2307 static void cpu_unregister_map_client(void *_client)
2308 {
2309 MapClient *client = (MapClient *)_client;
2310
2311 QLIST_REMOVE(client, link);
2312 g_free(client);
2313 }
2314
2315 static void cpu_notify_map_clients(void)
2316 {
2317 MapClient *client;
2318
2319 while (!QLIST_EMPTY(&map_client_list)) {
2320 client = QLIST_FIRST(&map_client_list);
2321 client->callback(client->opaque);
2322 cpu_unregister_map_client(client);
2323 }
2324 }
2325
2326 bool address_space_access_valid(AddressSpace *as, hwaddr addr, int len, bool is_write)
2327 {
2328 MemoryRegion *mr;
2329 hwaddr l, xlat;
2330
2331 while (len > 0) {
2332 l = len;
2333 mr = address_space_translate(as, addr, &xlat, &l, is_write);
2334 if (!memory_access_is_direct(mr, is_write)) {
2335 l = memory_access_size(mr, l, addr);
2336 if (!memory_region_access_valid(mr, xlat, l, is_write)) {
2337 return false;
2338 }
2339 }
2340
2341 len -= l;
2342 addr += l;
2343 }
2344 return true;
2345 }
2346
2347 /* Map a physical memory region into a host virtual address.
2348 * May map a subset of the requested range, given by and returned in *plen.
2349 * May return NULL if resources needed to perform the mapping are exhausted.
2350 * Use only for reads OR writes - not for read-modify-write operations.
2351 * Use cpu_register_map_client() to know when retrying the map operation is
2352 * likely to succeed.
2353 */
2354 void *address_space_map(AddressSpace *as,
2355 hwaddr addr,
2356 hwaddr *plen,
2357 bool is_write)
2358 {
2359 hwaddr len = *plen;
2360 hwaddr done = 0;
2361 hwaddr l, xlat, base;
2362 MemoryRegion *mr, *this_mr;
2363 ram_addr_t raddr;
2364
2365 if (len == 0) {
2366 return NULL;
2367 }
2368
2369 l = len;
2370 mr = address_space_translate(as, addr, &xlat, &l, is_write);
2371 if (!memory_access_is_direct(mr, is_write)) {
2372 if (bounce.buffer) {
2373 return NULL;
2374 }
2375 /* Avoid unbounded allocations */
2376 l = MIN(l, TARGET_PAGE_SIZE);
2377 bounce.buffer = qemu_memalign(TARGET_PAGE_SIZE, l);
2378 bounce.addr = addr;
2379 bounce.len = l;
2380
2381 memory_region_ref(mr);
2382 bounce.mr = mr;
2383 if (!is_write) {
2384 address_space_read(as, addr, bounce.buffer, l);
2385 }
2386
2387 *plen = l;
2388 return bounce.buffer;
2389 }
2390
2391 base = xlat;
2392 raddr = memory_region_get_ram_addr(mr);
2393
2394 for (;;) {
2395 len -= l;
2396 addr += l;
2397 done += l;
2398 if (len == 0) {
2399 break;
2400 }
2401
2402 l = len;
2403 this_mr = address_space_translate(as, addr, &xlat, &l, is_write);
2404 if (this_mr != mr || xlat != base + done) {
2405 break;
2406 }
2407 }
2408
2409 memory_region_ref(mr);
2410 *plen = done;
2411 return qemu_ram_ptr_length(raddr + base, plen);
2412 }
2413
2414 /* Unmaps a memory region previously mapped by address_space_map().
2415 * Will also mark the memory as dirty if is_write == 1. access_len gives
2416 * the amount of memory that was actually read or written by the caller.
2417 */
2418 void address_space_unmap(AddressSpace *as, void *buffer, hwaddr len,
2419 int is_write, hwaddr access_len)
2420 {
2421 if (buffer != bounce.buffer) {
2422 MemoryRegion *mr;
2423 ram_addr_t addr1;
2424
2425 mr = qemu_ram_addr_from_host(buffer, &addr1);
2426 assert(mr != NULL);
2427 if (is_write) {
2428 invalidate_and_set_dirty(addr1, access_len);
2429 }
2430 if (xen_enabled()) {
2431 xen_invalidate_map_cache_entry(buffer);
2432 }
2433 memory_region_unref(mr);
2434 return;
2435 }
2436 if (is_write) {
2437 address_space_write(as, bounce.addr, bounce.buffer, access_len);
2438 }
2439 qemu_vfree(bounce.buffer);
2440 bounce.buffer = NULL;
2441 memory_region_unref(bounce.mr);
2442 cpu_notify_map_clients();
2443 }
2444
2445 void *cpu_physical_memory_map(hwaddr addr,
2446 hwaddr *plen,
2447 int is_write)
2448 {
2449 return address_space_map(&address_space_memory, addr, plen, is_write);
2450 }
2451
2452 void cpu_physical_memory_unmap(void *buffer, hwaddr len,
2453 int is_write, hwaddr access_len)
2454 {
2455 return address_space_unmap(&address_space_memory, buffer, len, is_write, access_len);
2456 }
2457
2458 /* warning: addr must be aligned */
2459 static inline uint32_t ldl_phys_internal(AddressSpace *as, hwaddr addr,
2460 enum device_endian endian)
2461 {
2462 uint8_t *ptr;
2463 uint64_t val;
2464 MemoryRegion *mr;
2465 hwaddr l = 4;
2466 hwaddr addr1;
2467
2468 mr = address_space_translate(as, addr, &addr1, &l, false);
2469 if (l < 4 || !memory_access_is_direct(mr, false)) {
2470 /* I/O case */
2471 io_mem_read(mr, addr1, &val, 4);
2472 #if defined(TARGET_WORDS_BIGENDIAN)
2473 if (endian == DEVICE_LITTLE_ENDIAN) {
2474 val = bswap32(val);
2475 }
2476 #else
2477 if (endian == DEVICE_BIG_ENDIAN) {
2478 val = bswap32(val);
2479 }
2480 #endif
2481 } else {
2482 /* RAM case */
2483 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(mr)
2484 & TARGET_PAGE_MASK)
2485 + addr1);
2486 switch (endian) {
2487 case DEVICE_LITTLE_ENDIAN:
2488 val = ldl_le_p(ptr);
2489 break;
2490 case DEVICE_BIG_ENDIAN:
2491 val = ldl_be_p(ptr);
2492 break;
2493 default:
2494 val = ldl_p(ptr);
2495 break;
2496 }
2497 }
2498 return val;
2499 }
2500
2501 uint32_t ldl_phys(AddressSpace *as, hwaddr addr)
2502 {
2503 return ldl_phys_internal(as, addr, DEVICE_NATIVE_ENDIAN);
2504 }
2505
2506 uint32_t ldl_le_phys(AddressSpace *as, hwaddr addr)
2507 {
2508 return ldl_phys_internal(as, addr, DEVICE_LITTLE_ENDIAN);
2509 }
2510
2511 uint32_t ldl_be_phys(AddressSpace *as, hwaddr addr)
2512 {
2513 return ldl_phys_internal(as, addr, DEVICE_BIG_ENDIAN);
2514 }
2515
2516 /* warning: addr must be aligned */
2517 static inline uint64_t ldq_phys_internal(AddressSpace *as, hwaddr addr,
2518 enum device_endian endian)
2519 {
2520 uint8_t *ptr;
2521 uint64_t val;
2522 MemoryRegion *mr;
2523 hwaddr l = 8;
2524 hwaddr addr1;
2525
2526 mr = address_space_translate(as, addr, &addr1, &l,
2527 false);
2528 if (l < 8 || !memory_access_is_direct(mr, false)) {
2529 /* I/O case */
2530 io_mem_read(mr, addr1, &val, 8);
2531 #if defined(TARGET_WORDS_BIGENDIAN)
2532 if (endian == DEVICE_LITTLE_ENDIAN) {
2533 val = bswap64(val);
2534 }
2535 #else
2536 if (endian == DEVICE_BIG_ENDIAN) {
2537 val = bswap64(val);
2538 }
2539 #endif
2540 } else {
2541 /* RAM case */
2542 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(mr)
2543 & TARGET_PAGE_MASK)
2544 + addr1);
2545 switch (endian) {
2546 case DEVICE_LITTLE_ENDIAN:
2547 val = ldq_le_p(ptr);
2548 break;
2549 case DEVICE_BIG_ENDIAN:
2550 val = ldq_be_p(ptr);
2551 break;
2552 default:
2553 val = ldq_p(ptr);
2554 break;
2555 }
2556 }
2557 return val;
2558 }
2559
2560 uint64_t ldq_phys(AddressSpace *as, hwaddr addr)
2561 {
2562 return ldq_phys_internal(as, addr, DEVICE_NATIVE_ENDIAN);
2563 }
2564
2565 uint64_t ldq_le_phys(AddressSpace *as, hwaddr addr)
2566 {
2567 return ldq_phys_internal(as, addr, DEVICE_LITTLE_ENDIAN);
2568 }
2569
2570 uint64_t ldq_be_phys(AddressSpace *as, hwaddr addr)
2571 {
2572 return ldq_phys_internal(as, addr, DEVICE_BIG_ENDIAN);
2573 }
2574
2575 /* XXX: optimize */
2576 uint32_t ldub_phys(AddressSpace *as, hwaddr addr)
2577 {
2578 uint8_t val;
2579 address_space_rw(as, addr, &val, 1, 0);
2580 return val;
2581 }
2582
2583 /* warning: addr must be aligned */
2584 static inline uint32_t lduw_phys_internal(AddressSpace *as, hwaddr addr,
2585 enum device_endian endian)
2586 {
2587 uint8_t *ptr;
2588 uint64_t val;
2589 MemoryRegion *mr;
2590 hwaddr l = 2;
2591 hwaddr addr1;
2592
2593 mr = address_space_translate(as, addr, &addr1, &l,
2594 false);
2595 if (l < 2 || !memory_access_is_direct(mr, false)) {
2596 /* I/O case */
2597 io_mem_read(mr, addr1, &val, 2);
2598 #if defined(TARGET_WORDS_BIGENDIAN)
2599 if (endian == DEVICE_LITTLE_ENDIAN) {
2600 val = bswap16(val);
2601 }
2602 #else
2603 if (endian == DEVICE_BIG_ENDIAN) {
2604 val = bswap16(val);
2605 }
2606 #endif
2607 } else {
2608 /* RAM case */
2609 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(mr)
2610 & TARGET_PAGE_MASK)
2611 + addr1);
2612 switch (endian) {
2613 case DEVICE_LITTLE_ENDIAN:
2614 val = lduw_le_p(ptr);
2615 break;
2616 case DEVICE_BIG_ENDIAN:
2617 val = lduw_be_p(ptr);
2618 break;
2619 default:
2620 val = lduw_p(ptr);
2621 break;
2622 }
2623 }
2624 return val;
2625 }
2626
2627 uint32_t lduw_phys(AddressSpace *as, hwaddr addr)
2628 {
2629 return lduw_phys_internal(as, addr, DEVICE_NATIVE_ENDIAN);
2630 }
2631
2632 uint32_t lduw_le_phys(AddressSpace *as, hwaddr addr)
2633 {
2634 return lduw_phys_internal(as, addr, DEVICE_LITTLE_ENDIAN);
2635 }
2636
2637 uint32_t lduw_be_phys(AddressSpace *as, hwaddr addr)
2638 {
2639 return lduw_phys_internal(as, addr, DEVICE_BIG_ENDIAN);
2640 }
2641
2642 /* warning: addr must be aligned. The ram page is not masked as dirty
2643 and the code inside is not invalidated. It is useful if the dirty
2644 bits are used to track modified PTEs */
2645 void stl_phys_notdirty(AddressSpace *as, hwaddr addr, uint32_t val)
2646 {
2647 uint8_t *ptr;
2648 MemoryRegion *mr;
2649 hwaddr l = 4;
2650 hwaddr addr1;
2651
2652 mr = address_space_translate(as, addr, &addr1, &l,
2653 true);
2654 if (l < 4 || !memory_access_is_direct(mr, true)) {
2655 io_mem_write(mr, addr1, val, 4);
2656 } else {
2657 addr1 += memory_region_get_ram_addr(mr) & TARGET_PAGE_MASK;
2658 ptr = qemu_get_ram_ptr(addr1);
2659 stl_p(ptr, val);
2660
2661 if (unlikely(in_migration)) {
2662 if (cpu_physical_memory_is_clean(addr1)) {
2663 /* invalidate code */
2664 tb_invalidate_phys_page_range(addr1, addr1 + 4, 0);
2665 /* set dirty bit */
2666 cpu_physical_memory_set_dirty_range_nocode(addr1, 4);
2667 }
2668 }
2669 }
2670 }
2671
2672 /* warning: addr must be aligned */
2673 static inline void stl_phys_internal(AddressSpace *as,
2674 hwaddr addr, uint32_t val,
2675 enum device_endian endian)
2676 {
2677 uint8_t *ptr;
2678 MemoryRegion *mr;
2679 hwaddr l = 4;
2680 hwaddr addr1;
2681
2682 mr = address_space_translate(as, addr, &addr1, &l,
2683 true);
2684 if (l < 4 || !memory_access_is_direct(mr, true)) {
2685 #if defined(TARGET_WORDS_BIGENDIAN)
2686 if (endian == DEVICE_LITTLE_ENDIAN) {
2687 val = bswap32(val);
2688 }
2689 #else
2690 if (endian == DEVICE_BIG_ENDIAN) {
2691 val = bswap32(val);
2692 }
2693 #endif
2694 io_mem_write(mr, addr1, val, 4);
2695 } else {
2696 /* RAM case */
2697 addr1 += memory_region_get_ram_addr(mr) & TARGET_PAGE_MASK;
2698 ptr = qemu_get_ram_ptr(addr1);
2699 switch (endian) {
2700 case DEVICE_LITTLE_ENDIAN:
2701 stl_le_p(ptr, val);
2702 break;
2703 case DEVICE_BIG_ENDIAN:
2704 stl_be_p(ptr, val);
2705 break;
2706 default:
2707 stl_p(ptr, val);
2708 break;
2709 }
2710 invalidate_and_set_dirty(addr1, 4);
2711 }
2712 }
2713
2714 void stl_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2715 {
2716 stl_phys_internal(as, addr, val, DEVICE_NATIVE_ENDIAN);
2717 }
2718
2719 void stl_le_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2720 {
2721 stl_phys_internal(as, addr, val, DEVICE_LITTLE_ENDIAN);
2722 }
2723
2724 void stl_be_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2725 {
2726 stl_phys_internal(as, addr, val, DEVICE_BIG_ENDIAN);
2727 }
2728
2729 /* XXX: optimize */
2730 void stb_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2731 {
2732 uint8_t v = val;
2733 address_space_rw(as, addr, &v, 1, 1);
2734 }
2735
2736 /* warning: addr must be aligned */
2737 static inline void stw_phys_internal(AddressSpace *as,
2738 hwaddr addr, uint32_t val,
2739 enum device_endian endian)
2740 {
2741 uint8_t *ptr;
2742 MemoryRegion *mr;
2743 hwaddr l = 2;
2744 hwaddr addr1;
2745
2746 mr = address_space_translate(as, addr, &addr1, &l, true);
2747 if (l < 2 || !memory_access_is_direct(mr, true)) {
2748 #if defined(TARGET_WORDS_BIGENDIAN)
2749 if (endian == DEVICE_LITTLE_ENDIAN) {
2750 val = bswap16(val);
2751 }
2752 #else
2753 if (endian == DEVICE_BIG_ENDIAN) {
2754 val = bswap16(val);
2755 }
2756 #endif
2757 io_mem_write(mr, addr1, val, 2);
2758 } else {
2759 /* RAM case */
2760 addr1 += memory_region_get_ram_addr(mr) & TARGET_PAGE_MASK;
2761 ptr = qemu_get_ram_ptr(addr1);
2762 switch (endian) {
2763 case DEVICE_LITTLE_ENDIAN:
2764 stw_le_p(ptr, val);
2765 break;
2766 case DEVICE_BIG_ENDIAN:
2767 stw_be_p(ptr, val);
2768 break;
2769 default:
2770 stw_p(ptr, val);
2771 break;
2772 }
2773 invalidate_and_set_dirty(addr1, 2);
2774 }
2775 }
2776
2777 void stw_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2778 {
2779 stw_phys_internal(as, addr, val, DEVICE_NATIVE_ENDIAN);
2780 }
2781
2782 void stw_le_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2783 {
2784 stw_phys_internal(as, addr, val, DEVICE_LITTLE_ENDIAN);
2785 }
2786
2787 void stw_be_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2788 {
2789 stw_phys_internal(as, addr, val, DEVICE_BIG_ENDIAN);
2790 }
2791
2792 /* XXX: optimize */
2793 void stq_phys(AddressSpace *as, hwaddr addr, uint64_t val)
2794 {
2795 val = tswap64(val);
2796 address_space_rw(as, addr, (void *) &val, 8, 1);
2797 }
2798
2799 void stq_le_phys(AddressSpace *as, hwaddr addr, uint64_t val)
2800 {
2801 val = cpu_to_le64(val);
2802 address_space_rw(as, addr, (void *) &val, 8, 1);
2803 }
2804
2805 void stq_be_phys(AddressSpace *as, hwaddr addr, uint64_t val)
2806 {
2807 val = cpu_to_be64(val);
2808 address_space_rw(as, addr, (void *) &val, 8, 1);
2809 }
2810
2811 /* virtual memory access for debug (includes writing to ROM) */
2812 int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
2813 uint8_t *buf, int len, int is_write)
2814 {
2815 int l;
2816 hwaddr phys_addr;
2817 target_ulong page;
2818
2819 while (len > 0) {
2820 page = addr & TARGET_PAGE_MASK;
2821 phys_addr = cpu_get_phys_page_debug(cpu, page);
2822 /* if no physical page mapped, return an error */
2823 if (phys_addr == -1)
2824 return -1;
2825 l = (page + TARGET_PAGE_SIZE) - addr;
2826 if (l > len)
2827 l = len;
2828 phys_addr += (addr & ~TARGET_PAGE_MASK);
2829 if (is_write) {
2830 cpu_physical_memory_write_rom(cpu->as, phys_addr, buf, l);
2831 } else {
2832 address_space_rw(cpu->as, phys_addr, buf, l, 0);
2833 }
2834 len -= l;
2835 buf += l;
2836 addr += l;
2837 }
2838 return 0;
2839 }
2840 #endif
2841
2842 /*
2843 * A helper function for the _utterly broken_ virtio device model to find out if
2844 * it's running on a big endian machine. Don't do this at home kids!
2845 */
2846 bool target_words_bigendian(void);
2847 bool target_words_bigendian(void)
2848 {
2849 #if defined(TARGET_WORDS_BIGENDIAN)
2850 return true;
2851 #else
2852 return false;
2853 #endif
2854 }
2855
2856 #ifndef CONFIG_USER_ONLY
2857 bool cpu_physical_memory_is_io(hwaddr phys_addr)
2858 {
2859 MemoryRegion*mr;
2860 hwaddr l = 1;
2861
2862 mr = address_space_translate(&address_space_memory,
2863 phys_addr, &phys_addr, &l, false);
2864
2865 return !(memory_region_is_ram(mr) ||
2866 memory_region_is_romd(mr));
2867 }
2868
2869 void qemu_ram_foreach_block(RAMBlockIterFunc func, void *opaque)
2870 {
2871 RAMBlock *block;
2872
2873 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
2874 func(block->host, block->offset, block->length, opaque);
2875 }
2876 }
2877 #endif
QEMU mirror