]> git.proxmox.com Git - mirror_qemu.git/blame - exec.c
projects / mirror_qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
cpu: Move opaque field from CPU_COMMON to CPUState
[mirror_qemu.git] / exec.c
CommitLineData
54936004 1/*
5b6dd868 2 * Virtual page mapping
5fafdf24 3 *
54936004
FB		 4 * Copyright (c) 2003 Fabrice Bellard
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
8167ee88 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
54936004 18 */
67b915a5 19#include "config.h"
777872e5 20#ifndef _WIN32
a98d49b1 21#include <sys/types.h>
d5a8f07c
FB		 22#include <sys/mman.h>
23#endif
54936004 24
055403b2 25#include "qemu-common.h"
6180a181 26#include "cpu.h"
b67d9a52 27#include "tcg.h"
b3c7724c 28#include "hw/hw.h"
cc9e98cb 29#include "hw/qdev.h"
1de7afc9 30#include "qemu/osdep.h"
9c17d615 31#include "sysemu/kvm.h"
2ff3de68 32#include "sysemu/sysemu.h"
0d09e41a 33#include "hw/xen/xen.h"
1de7afc9
PB		 34#include "qemu/timer.h"
35#include "qemu/config-file.h"
022c62cb 36#include "exec/memory.h"
9c17d615 37#include "sysemu/dma.h"
022c62cb 38#include "exec/address-spaces.h"
53a5960a
PB		 39#if defined(CONFIG_USER_ONLY)
40#include <qemu.h>
432d268c 41#else /* !CONFIG_USER_ONLY */
9c17d615 42#include "sysemu/xen-mapcache.h"
6506e4f9 43#include "trace.h"
53a5960a 44#endif
0d6d3c87 45#include "exec/cpu-all.h"
54936004 46
022c62cb 47#include "exec/cputlb.h"
5b6dd868 48#include "translate-all.h"
0cac1b66 49
022c62cb 50#include "exec/memory-internal.h"
220c3ebd 51#include "exec/ram_addr.h"
582b55a9 52#include "qemu/cache-utils.h"
67d95c15 53
b35ba30f
MT		 54#include "qemu/range.h"
55
db7b5426 56//#define DEBUG_SUBPAGE
1196be37 57
e2eef170 58#if !defined(CONFIG_USER_ONLY)
981fdf23 59static bool in_migration;
94a6b54f 60
a3161038 61RAMList ram_list = { .blocks = QTAILQ_HEAD_INITIALIZER(ram_list.blocks) };
62152b8a
AK		 62
63static MemoryRegion *system_memory;
309cb471 64static MemoryRegion *system_io;
62152b8a 65
f6790af6
AK		 66AddressSpace address_space_io;
67AddressSpace address_space_memory;
2673a5da 68
0844e007 69MemoryRegion io_mem_rom, io_mem_notdirty;
acc9d80b 70static MemoryRegion io_mem_unassigned;
0e0df1e2 71
e2eef170 72#endif
9fa3e853 73
bdc44640 74struct CPUTailQ cpus = QTAILQ_HEAD_INITIALIZER(cpus);
6a00d601
FB		 75/* current CPU in the current thread. It is only valid inside
76 cpu_exec() */
4917cf44 77DEFINE_TLS(CPUState *, current_cpu);
2e70f6ef 78/* 0 = Do not count executed instructions.
bf20dc07 79 1 = Precise instruction counting.
2e70f6ef 80 2 = Adaptive rate instruction counting. */
5708fc66 81int use_icount;
6a00d601 82
e2eef170 83#if !defined(CONFIG_USER_ONLY)
4346ae3e 84
1db8abb1
PB		 85typedef struct PhysPageEntry PhysPageEntry;
86
87struct PhysPageEntry {
9736e55b 88 /* How many bits skip to next level (in units of L2_SIZE). 0 for a leaf. */
8b795765 89 uint32_t skip : 6;
9736e55b 90 /* index into phys_sections (!skip) or phys_map_nodes (skip) */
8b795765 91 uint32_t ptr : 26;
1db8abb1
PB		 92};
93
8b795765
MT		 94#define PHYS_MAP_NODE_NIL (((uint32_t)~0) >> 6)
95
03f49957 96/* Size of the L2 (and L3, etc) page tables. */
57271d63 97#define ADDR_SPACE_BITS 64
03f49957 98
026736ce 99#define P_L2_BITS 9
03f49957
PB		 100#define P_L2_SIZE (1 << P_L2_BITS)
101
102#define P_L2_LEVELS (((ADDR_SPACE_BITS - TARGET_PAGE_BITS - 1) / P_L2_BITS) + 1)
103
104typedef PhysPageEntry Node[P_L2_SIZE];
0475d94f 105
53cb28cb
MA		 106typedef struct PhysPageMap {
107 unsigned sections_nb;
108 unsigned sections_nb_alloc;
109 unsigned nodes_nb;
110 unsigned nodes_nb_alloc;
111 Node *nodes;
112 MemoryRegionSection *sections;
113} PhysPageMap;
114
1db8abb1
PB		 115struct AddressSpaceDispatch {
116 /* This is a multi-level map on the physical address space.
117 * The bottom level has pointers to MemoryRegionSections.
118 */
119 PhysPageEntry phys_map;
53cb28cb 120 PhysPageMap map;
acc9d80b 121 AddressSpace *as;
1db8abb1
PB		 122};
123
90260c6c
JK		 124#define SUBPAGE_IDX(addr) ((addr) & ~TARGET_PAGE_MASK)
125typedef struct subpage_t {
126 MemoryRegion iomem;
acc9d80b 127 AddressSpace *as;
90260c6c
JK		 128 hwaddr base;
129 uint16_t sub_section[TARGET_PAGE_SIZE];
130} subpage_t;
131
b41aac4f
LPF		 132#define PHYS_SECTION_UNASSIGNED 0
133#define PHYS_SECTION_NOTDIRTY 1
134#define PHYS_SECTION_ROM 2
135#define PHYS_SECTION_WATCH 3
5312bd8b 136
e2eef170 137static void io_mem_init(void);
62152b8a 138static void memory_map_init(void);
09daed84 139static void tcg_commit(MemoryListener *listener);
e2eef170 140
1ec9b909 141static MemoryRegion io_mem_watch;
6658ffb8 142#endif
fd6ce8f6 143
6d9a1304 144#if !defined(CONFIG_USER_ONLY)
d6f2ea22 145
53cb28cb 146static void phys_map_node_reserve(PhysPageMap *map, unsigned nodes)
d6f2ea22 147{
53cb28cb
MA		 148 if (map->nodes_nb + nodes > map->nodes_nb_alloc) {
149 map->nodes_nb_alloc = MAX(map->nodes_nb_alloc * 2, 16);
150 map->nodes_nb_alloc = MAX(map->nodes_nb_alloc, map->nodes_nb + nodes);
151 map->nodes = g_renew(Node, map->nodes, map->nodes_nb_alloc);
d6f2ea22 152 }
f7bf5461
AK		 153}
154
53cb28cb 155static uint32_t phys_map_node_alloc(PhysPageMap *map)
f7bf5461
AK		 156{
157 unsigned i;
8b795765 158 uint32_t ret;
f7bf5461 159
53cb28cb 160 ret = map->nodes_nb++;
f7bf5461 161 assert(ret != PHYS_MAP_NODE_NIL);
53cb28cb 162 assert(ret != map->nodes_nb_alloc);
03f49957 163 for (i = 0; i < P_L2_SIZE; ++i) {
53cb28cb
MA		 164 map->nodes[ret][i].skip = 1;
165 map->nodes[ret][i].ptr = PHYS_MAP_NODE_NIL;
d6f2ea22 166 }
f7bf5461 167 return ret;
d6f2ea22
AK		 168}
169
53cb28cb
MA		 170static void phys_page_set_level(PhysPageMap *map, PhysPageEntry *lp,
171 hwaddr *index, hwaddr *nb, uint16_t leaf,
2999097b 172 int level)
f7bf5461
AK		 173{
174 PhysPageEntry *p;
175 int i;
03f49957 176 hwaddr step = (hwaddr)1 << (level * P_L2_BITS);
108c49b8 177
9736e55b 178 if (lp->skip && lp->ptr == PHYS_MAP_NODE_NIL) {
53cb28cb
MA		 179 lp->ptr = phys_map_node_alloc(map);
180 p = map->nodes[lp->ptr];
f7bf5461 181 if (level == 0) {
03f49957 182 for (i = 0; i < P_L2_SIZE; i++) {
9736e55b 183 p[i].skip = 0;
b41aac4f 184 p[i].ptr = PHYS_SECTION_UNASSIGNED;
4346ae3e 185 }
67c4d23c 186 }
f7bf5461 187 } else {
53cb28cb 188 p = map->nodes[lp->ptr];
92e873b9 189 }
03f49957 190 lp = &p[(*index >> (level * P_L2_BITS)) & (P_L2_SIZE - 1)];
f7bf5461 191
03f49957 192 while (*nb && lp < &p[P_L2_SIZE]) {
07f07b31 193 if ((*index & (step - 1)) == 0 && *nb >= step) {
9736e55b 194 lp->skip = 0;
c19e8800 195 lp->ptr = leaf;
07f07b31
AK		 196 *index += step;
197 *nb -= step;
2999097b 198 } else {
53cb28cb 199 phys_page_set_level(map, lp, index, nb, leaf, level - 1);
2999097b
AK		 200 }
201 ++lp;
f7bf5461
AK		 202 }
203}
204
ac1970fb 205static void phys_page_set(AddressSpaceDispatch *d,
a8170e5e 206 hwaddr index, hwaddr nb,
2999097b 207 uint16_t leaf)
f7bf5461 208{
2999097b 209 /* Wildly overreserve - it doesn't matter much. */
53cb28cb 210 phys_map_node_reserve(&d->map, 3 * P_L2_LEVELS);
5cd2c5b6 211
53cb28cb 212 phys_page_set_level(&d->map, &d->phys_map, &index, &nb, leaf, P_L2_LEVELS - 1);
92e873b9
FB		 213}
214
b35ba30f
MT		 215/* Compact a non leaf page entry. Simply detect that the entry has a single child,
216 * and update our entry so we can skip it and go directly to the destination.
217 */
218static void phys_page_compact(PhysPageEntry *lp, Node *nodes, unsigned long *compacted)
219{
220 unsigned valid_ptr = P_L2_SIZE;
221 int valid = 0;
222 PhysPageEntry *p;
223 int i;
224
225 if (lp->ptr == PHYS_MAP_NODE_NIL) {
226 return;
227 }
228
229 p = nodes[lp->ptr];
230 for (i = 0; i < P_L2_SIZE; i++) {
231 if (p[i].ptr == PHYS_MAP_NODE_NIL) {
232 continue;
233 }
234
235 valid_ptr = i;
236 valid++;
237 if (p[i].skip) {
238 phys_page_compact(&p[i], nodes, compacted);
239 }
240 }
241
242 /* We can only compress if there's only one child. */
243 if (valid != 1) {
244 return;
245 }
246
247 assert(valid_ptr < P_L2_SIZE);
248
249 /* Don't compress if it won't fit in the # of bits we have. */
250 if (lp->skip + p[valid_ptr].skip >= (1 << 3)) {
251 return;
252 }
253
254 lp->ptr = p[valid_ptr].ptr;
255 if (!p[valid_ptr].skip) {
256 /* If our only child is a leaf, make this a leaf. */
257 /* By design, we should have made this node a leaf to begin with so we
258 * should never reach here.
259 * But since it's so simple to handle this, let's do it just in case we
260 * change this rule.
261 */
262 lp->skip = 0;
263 } else {
264 lp->skip += p[valid_ptr].skip;
265 }
266}
267
268static void phys_page_compact_all(AddressSpaceDispatch *d, int nodes_nb)
269{
270 DECLARE_BITMAP(compacted, nodes_nb);
271
272 if (d->phys_map.skip) {
53cb28cb 273 phys_page_compact(&d->phys_map, d->map.nodes, compacted);
b35ba30f
MT		 274 }
275}
276
97115a8d 277static MemoryRegionSection *phys_page_find(PhysPageEntry lp, hwaddr addr,
9affd6fc 278 Node *nodes, MemoryRegionSection *sections)
92e873b9 279{
31ab2b4a 280 PhysPageEntry *p;
97115a8d 281 hwaddr index = addr >> TARGET_PAGE_BITS;
31ab2b4a 282 int i;
f1f6e3b8 283
9736e55b 284 for (i = P_L2_LEVELS; lp.skip && (i -= lp.skip) >= 0;) {
c19e8800 285 if (lp.ptr == PHYS_MAP_NODE_NIL) {
9affd6fc 286 return &sections[PHYS_SECTION_UNASSIGNED];
31ab2b4a 287 }
9affd6fc 288 p = nodes[lp.ptr];
03f49957 289 lp = p[(index >> (i * P_L2_BITS)) & (P_L2_SIZE - 1)];
5312bd8b 290 }
b35ba30f
MT		 291
292 if (sections[lp.ptr].size.hi ||
293 range_covers_byte(sections[lp.ptr].offset_within_address_space,
294 sections[lp.ptr].size.lo, addr)) {
295 return &sections[lp.ptr];
296 } else {
297 return &sections[PHYS_SECTION_UNASSIGNED];
298 }
f3705d53
AK		 299}
300
e5548617
BS		 301bool memory_region_is_unassigned(MemoryRegion *mr)
302{
2a8e7499 303 return mr != &io_mem_rom && mr != &io_mem_notdirty && !mr->rom_device
5b6dd868 304 && mr != &io_mem_watch;
fd6ce8f6 305}
149f54b5 306
c7086b4a 307static MemoryRegionSection *address_space_lookup_region(AddressSpaceDispatch *d,
90260c6c
JK		 308 hwaddr addr,
309 bool resolve_subpage)
9f029603 310{
90260c6c
JK		 311 MemoryRegionSection *section;
312 subpage_t *subpage;
313
53cb28cb 314 section = phys_page_find(d->phys_map, addr, d->map.nodes, d->map.sections);
90260c6c
JK		 315 if (resolve_subpage && section->mr->subpage) {
316 subpage = container_of(section->mr, subpage_t, iomem);
53cb28cb 317 section = &d->map.sections[subpage->sub_section[SUBPAGE_IDX(addr)]];
90260c6c
JK		 318 }
319 return section;
9f029603
JK		 320}
321
90260c6c 322static MemoryRegionSection *
c7086b4a 323address_space_translate_internal(AddressSpaceDispatch *d, hwaddr addr, hwaddr *xlat,
90260c6c 324 hwaddr *plen, bool resolve_subpage)
149f54b5
PB		 325{
326 MemoryRegionSection *section;
a87f3954 327 Int128 diff;
149f54b5 328
c7086b4a 329 section = address_space_lookup_region(d, addr, resolve_subpage);
149f54b5
PB		 330 /* Compute offset within MemoryRegionSection */
331 addr -= section->offset_within_address_space;
332
333 /* Compute offset within MemoryRegion */
334 *xlat = addr + section->offset_within_region;
335
336 diff = int128_sub(section->mr->size, int128_make64(addr));
3752a036 337 *plen = int128_get64(int128_min(diff, int128_make64(*plen)));
149f54b5
PB		 338 return section;
339}
90260c6c 340
a87f3954
PB		 341static inline bool memory_access_is_direct(MemoryRegion *mr, bool is_write)
342{
343 if (memory_region_is_ram(mr)) {
344 return !(is_write && mr->readonly);
345 }
346 if (memory_region_is_romd(mr)) {
347 return !is_write;
348 }
349
350 return false;
351}
352
5c8a00ce
PB		 353MemoryRegion *address_space_translate(AddressSpace *as, hwaddr addr,
354 hwaddr *xlat, hwaddr *plen,
355 bool is_write)
90260c6c 356{
30951157
AK		 357 IOMMUTLBEntry iotlb;
358 MemoryRegionSection *section;
359 MemoryRegion *mr;
360 hwaddr len = *plen;
361
362 for (;;) {
a87f3954 363 section = address_space_translate_internal(as->dispatch, addr, &addr, plen, true);
30951157
AK		 364 mr = section->mr;
365
366 if (!mr->iommu_ops) {
367 break;
368 }
369
370 iotlb = mr->iommu_ops->translate(mr, addr);
371 addr = ((iotlb.translated_addr & ~iotlb.addr_mask)
372 | (addr & iotlb.addr_mask));
373 len = MIN(len, (addr | iotlb.addr_mask) - addr + 1);
374 if (!(iotlb.perm & (1 << is_write))) {
375 mr = &io_mem_unassigned;
376 break;
377 }
378
379 as = iotlb.target_as;
380 }
381
a87f3954
PB		 382 if (memory_access_is_direct(mr, is_write)) {
383 hwaddr page = ((addr & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE) - addr;
384 len = MIN(page, len);
385 }
386
30951157
AK		 387 *plen = len;
388 *xlat = addr;
389 return mr;
90260c6c
JK		 390}
391
392MemoryRegionSection *
393address_space_translate_for_iotlb(AddressSpace *as, hwaddr addr, hwaddr *xlat,
394 hwaddr *plen)
395{
30951157 396 MemoryRegionSection *section;
c7086b4a 397 section = address_space_translate_internal(as->dispatch, addr, xlat, plen, false);
30951157
AK		 398
399 assert(!section->mr->iommu_ops);
400 return section;
90260c6c 401}
5b6dd868 402#endif
fd6ce8f6 403
5b6dd868 404void cpu_exec_init_all(void)
fdbb84d1 405{
5b6dd868 406#if !defined(CONFIG_USER_ONLY)
b2a8658e 407 qemu_mutex_init(&ram_list.mutex);
5b6dd868
BS		 408 memory_map_init();
409 io_mem_init();
fdbb84d1 410#endif
5b6dd868 411}
fdbb84d1 412
b170fce3 413#if !defined(CONFIG_USER_ONLY)
5b6dd868
BS		 414
415static int cpu_common_post_load(void *opaque, int version_id)
fd6ce8f6 416{
259186a7 417 CPUState *cpu = opaque;
a513fe19 418
5b6dd868
BS		 419 /* 0x01 was CPU_INTERRUPT_EXIT. This line can be removed when the
420 version_id is increased. */
259186a7
AF		 421 cpu->interrupt_request &= ~0x01;
422 tlb_flush(cpu->env_ptr, 1);
5b6dd868
BS		 423
424 return 0;
a513fe19 425}
7501267e 426
1a1562f5 427const VMStateDescription vmstate_cpu_common = {
5b6dd868
BS		 428 .name = "cpu_common",
429 .version_id = 1,
430 .minimum_version_id = 1,
431 .minimum_version_id_old = 1,
432 .post_load = cpu_common_post_load,
433 .fields = (VMStateField []) {
259186a7
AF		 434 VMSTATE_UINT32(halted, CPUState),
435 VMSTATE_UINT32(interrupt_request, CPUState),
5b6dd868
BS		 436 VMSTATE_END_OF_LIST()
437 }
438};
1a1562f5 439
5b6dd868 440#endif
ea041c0e 441
38d8f5c8 442CPUState *qemu_get_cpu(int index)
ea041c0e 443{
bdc44640 444 CPUState *cpu;
ea041c0e 445
bdc44640 446 CPU_FOREACH(cpu) {
55e5c285 447 if (cpu->cpu_index == index) {
bdc44640 448 return cpu;
55e5c285 449 }
ea041c0e 450 }
5b6dd868 451
bdc44640 452 return NULL;
ea041c0e
FB		 453}
454
09daed84
EI		 455#if !defined(CONFIG_USER_ONLY)
456void tcg_cpu_address_space_init(CPUState *cpu, AddressSpace *as)
457{
458 /* We only support one address space per cpu at the moment. */
459 assert(cpu->as == as);
460
461 if (cpu->tcg_as_listener) {
462 memory_listener_unregister(cpu->tcg_as_listener);
463 } else {
464 cpu->tcg_as_listener = g_new0(MemoryListener, 1);
465 }
466 cpu->tcg_as_listener->commit = tcg_commit;
467 memory_listener_register(cpu->tcg_as_listener, as);
468}
469#endif
470
5b6dd868 471void cpu_exec_init(CPUArchState *env)
ea041c0e 472{
5b6dd868 473 CPUState *cpu = ENV_GET_CPU(env);
b170fce3 474 CPUClass *cc = CPU_GET_CLASS(cpu);
bdc44640 475 CPUState *some_cpu;
5b6dd868
BS		 476 int cpu_index;
477
478#if defined(CONFIG_USER_ONLY)
479 cpu_list_lock();
480#endif
5b6dd868 481 cpu_index = 0;
bdc44640 482 CPU_FOREACH(some_cpu) {
5b6dd868
BS		 483 cpu_index++;
484 }
55e5c285 485 cpu->cpu_index = cpu_index;
1b1ed8dc 486 cpu->numa_node = 0;
5b6dd868
BS		 487 QTAILQ_INIT(&env->breakpoints);
488 QTAILQ_INIT(&env->watchpoints);
489#ifndef CONFIG_USER_ONLY
09daed84 490 cpu->as = &address_space_memory;
5b6dd868
BS		 491 cpu->thread_id = qemu_get_thread_id();
492#endif
bdc44640 493 QTAILQ_INSERT_TAIL(&cpus, cpu, node);
5b6dd868
BS		 494#if defined(CONFIG_USER_ONLY)
495 cpu_list_unlock();
496#endif
e0d47944
AF		 497 if (qdev_get_vmsd(DEVICE(cpu)) == NULL) {
498 vmstate_register(NULL, cpu_index, &vmstate_cpu_common, cpu);
499 }
5b6dd868 500#if defined(CPU_SAVE_VERSION) && !defined(CONFIG_USER_ONLY)
5b6dd868
BS		 501 register_savevm(NULL, "cpu", cpu_index, CPU_SAVE_VERSION,
502 cpu_save, cpu_load, env);
b170fce3 503 assert(cc->vmsd == NULL);
e0d47944 504 assert(qdev_get_vmsd(DEVICE(cpu)) == NULL);
5b6dd868 505#endif
b170fce3
AF		 506 if (cc->vmsd != NULL) {
507 vmstate_register(NULL, cpu_index, cc->vmsd, cpu);
508 }
ea041c0e
FB		 509}
510
1fddef4b 511#if defined(TARGET_HAS_ICE)
94df27fd 512#if defined(CONFIG_USER_ONLY)
00b941e5 513static void breakpoint_invalidate(CPUState *cpu, target_ulong pc)
94df27fd
PB		 514{
515 tb_invalidate_phys_page_range(pc, pc + 1, 0);
516}
517#else
00b941e5 518static void breakpoint_invalidate(CPUState *cpu, target_ulong pc)
1e7855a5 519{
e8262a1b
MF		 520 hwaddr phys = cpu_get_phys_page_debug(cpu, pc);
521 if (phys != -1) {
09daed84 522 tb_invalidate_phys_addr(cpu->as,
29d8ec7b 523 phys | (pc & ~TARGET_PAGE_MASK));
e8262a1b 524 }
1e7855a5 525}
c27004ec 526#endif
94df27fd 527#endif /* TARGET_HAS_ICE */
d720b93d 528
c527ee8f 529#if defined(CONFIG_USER_ONLY)
9349b4f9 530void cpu_watchpoint_remove_all(CPUArchState *env, int mask)
c527ee8f
PB		 531
532{
533}
534
9349b4f9 535int cpu_watchpoint_insert(CPUArchState *env, target_ulong addr, target_ulong len,
c527ee8f
PB		 536 int flags, CPUWatchpoint **watchpoint)
537{
538 return -ENOSYS;
539}
540#else
6658ffb8 541/* Add a watchpoint. */
9349b4f9 542int cpu_watchpoint_insert(CPUArchState *env, target_ulong addr, target_ulong len,
a1d1bb31 543 int flags, CPUWatchpoint **watchpoint)
6658ffb8 544{
b4051334 545 target_ulong len_mask = ~(len - 1);
c0ce998e 546 CPUWatchpoint *wp;
6658ffb8 547
b4051334 548 /* sanity checks: allow power-of-2 lengths, deny unaligned watchpoints */
0dc23828
MF		 549 if ((len & (len - 1)) || (addr & ~len_mask) ||
550 len == 0 || len > TARGET_PAGE_SIZE) {
b4051334
AL		 551 fprintf(stderr, "qemu: tried to set invalid watchpoint at "
552 TARGET_FMT_lx ", len=" TARGET_FMT_lu "\n", addr, len);
553 return -EINVAL;
554 }
7267c094 555 wp = g_malloc(sizeof(*wp));
a1d1bb31
AL		 556
557 wp->vaddr = addr;
b4051334 558 wp->len_mask = len_mask;
a1d1bb31
AL		 559 wp->flags = flags;
560
2dc9f411 561 /* keep all GDB-injected watchpoints in front */
c0ce998e 562 if (flags & BP_GDB)
72cf2d4f 563 QTAILQ_INSERT_HEAD(&env->watchpoints, wp, entry);
c0ce998e 564 else
72cf2d4f 565 QTAILQ_INSERT_TAIL(&env->watchpoints, wp, entry);
6658ffb8 566
6658ffb8 567 tlb_flush_page(env, addr);
a1d1bb31
AL		 568
569 if (watchpoint)
570 *watchpoint = wp;
571 return 0;
6658ffb8
PB		 572}
573
a1d1bb31 574/* Remove a specific watchpoint. */
9349b4f9 575int cpu_watchpoint_remove(CPUArchState *env, target_ulong addr, target_ulong len,
a1d1bb31 576 int flags)
6658ffb8 577{
b4051334 578 target_ulong len_mask = ~(len - 1);
a1d1bb31 579 CPUWatchpoint *wp;
6658ffb8 580
72cf2d4f 581 QTAILQ_FOREACH(wp, &env->watchpoints, entry) {
b4051334 582 if (addr == wp->vaddr && len_mask == wp->len_mask
6e140f28 583 && flags == (wp->flags & ~BP_WATCHPOINT_HIT)) {
a1d1bb31 584 cpu_watchpoint_remove_by_ref(env, wp);
6658ffb8
PB		 585 return 0;
586 }
587 }
a1d1bb31 588 return -ENOENT;
6658ffb8
PB		 589}
590
a1d1bb31 591/* Remove a specific watchpoint by reference. */
9349b4f9 592void cpu_watchpoint_remove_by_ref(CPUArchState *env, CPUWatchpoint *watchpoint)
a1d1bb31 593{
72cf2d4f 594 QTAILQ_REMOVE(&env->watchpoints, watchpoint, entry);
7d03f82f 595
a1d1bb31
AL		 596 tlb_flush_page(env, watchpoint->vaddr);
597
7267c094 598 g_free(watchpoint);
a1d1bb31
AL		 599}
600
601/* Remove all matching watchpoints. */
9349b4f9 602void cpu_watchpoint_remove_all(CPUArchState *env, int mask)
a1d1bb31 603{
c0ce998e 604 CPUWatchpoint *wp, *next;
a1d1bb31 605
72cf2d4f 606 QTAILQ_FOREACH_SAFE(wp, &env->watchpoints, entry, next) {
a1d1bb31
AL		 607 if (wp->flags & mask)
608 cpu_watchpoint_remove_by_ref(env, wp);
c0ce998e 609 }
7d03f82f 610}
c527ee8f 611#endif
7d03f82f 612
a1d1bb31 613/* Add a breakpoint. */
9349b4f9 614int cpu_breakpoint_insert(CPUArchState *env, target_ulong pc, int flags,
a1d1bb31 615 CPUBreakpoint **breakpoint)
4c3a88a2 616{
1fddef4b 617#if defined(TARGET_HAS_ICE)
c0ce998e 618 CPUBreakpoint *bp;
3b46e624 619
7267c094 620 bp = g_malloc(sizeof(*bp));
4c3a88a2 621
a1d1bb31
AL		 622 bp->pc = pc;
623 bp->flags = flags;
624
2dc9f411 625 /* keep all GDB-injected breakpoints in front */
00b941e5 626 if (flags & BP_GDB) {
72cf2d4f 627 QTAILQ_INSERT_HEAD(&env->breakpoints, bp, entry);
00b941e5 628 } else {
72cf2d4f 629 QTAILQ_INSERT_TAIL(&env->breakpoints, bp, entry);
00b941e5 630 }
3b46e624 631
00b941e5 632 breakpoint_invalidate(ENV_GET_CPU(env), pc);
a1d1bb31 633
00b941e5 634 if (breakpoint) {
a1d1bb31 635 *breakpoint = bp;
00b941e5 636 }
4c3a88a2
FB		 637 return 0;
638#else
a1d1bb31 639 return -ENOSYS;
4c3a88a2
FB		 640#endif
641}
642
a1d1bb31 643/* Remove a specific breakpoint. */
9349b4f9 644int cpu_breakpoint_remove(CPUArchState *env, target_ulong pc, int flags)
a1d1bb31 645{
7d03f82f 646#if defined(TARGET_HAS_ICE)
a1d1bb31
AL		 647 CPUBreakpoint *bp;
648
72cf2d4f 649 QTAILQ_FOREACH(bp, &env->breakpoints, entry) {
a1d1bb31
AL		 650 if (bp->pc == pc && bp->flags == flags) {
651 cpu_breakpoint_remove_by_ref(env, bp);
652 return 0;
653 }
7d03f82f 654 }
a1d1bb31
AL		 655 return -ENOENT;
656#else
657 return -ENOSYS;
7d03f82f
EI		 658#endif
659}
660
a1d1bb31 661/* Remove a specific breakpoint by reference. */
9349b4f9 662void cpu_breakpoint_remove_by_ref(CPUArchState *env, CPUBreakpoint *breakpoint)
4c3a88a2 663{
1fddef4b 664#if defined(TARGET_HAS_ICE)
72cf2d4f 665 QTAILQ_REMOVE(&env->breakpoints, breakpoint, entry);
d720b93d 666
00b941e5 667 breakpoint_invalidate(ENV_GET_CPU(env), breakpoint->pc);
a1d1bb31 668
7267c094 669 g_free(breakpoint);
a1d1bb31
AL		 670#endif
671}
672
673/* Remove all matching breakpoints. */
9349b4f9 674void cpu_breakpoint_remove_all(CPUArchState *env, int mask)
a1d1bb31
AL		 675{
676#if defined(TARGET_HAS_ICE)
c0ce998e 677 CPUBreakpoint *bp, *next;
a1d1bb31 678
72cf2d4f 679 QTAILQ_FOREACH_SAFE(bp, &env->breakpoints, entry, next) {
a1d1bb31
AL		 680 if (bp->flags & mask)
681 cpu_breakpoint_remove_by_ref(env, bp);
c0ce998e 682 }
4c3a88a2
FB		 683#endif
684}
685
c33a346e
FB		 686/* enable or disable single step mode. EXCP_DEBUG is returned by the
687 CPU loop after each instruction */
3825b28f 688void cpu_single_step(CPUState *cpu, int enabled)
c33a346e 689{
1fddef4b 690#if defined(TARGET_HAS_ICE)
ed2803da
AF		 691 if (cpu->singlestep_enabled != enabled) {
692 cpu->singlestep_enabled = enabled;
693 if (kvm_enabled()) {
38e478ec 694 kvm_update_guest_debug(cpu, 0);
ed2803da 695 } else {
ccbb4d44 696 /* must flush all the translated code to avoid inconsistencies */
e22a25c9 697 /* XXX: only flush what is necessary */
38e478ec 698 CPUArchState *env = cpu->env_ptr;
e22a25c9
AL		 699 tb_flush(env);
700 }
c33a346e
FB		 701 }
702#endif
703}
704
9349b4f9 705void cpu_abort(CPUArchState *env, const char *fmt, ...)
7501267e 706{
878096ee 707 CPUState *cpu = ENV_GET_CPU(env);
7501267e 708 va_list ap;
493ae1f0 709 va_list ap2;
7501267e
FB		 710
711 va_start(ap, fmt);
493ae1f0 712 va_copy(ap2, ap);
7501267e
FB		 713 fprintf(stderr, "qemu: fatal: ");
714 vfprintf(stderr, fmt, ap);
715 fprintf(stderr, "\n");
878096ee 716 cpu_dump_state(cpu, stderr, fprintf, CPU_DUMP_FPU | CPU_DUMP_CCOP);
93fcfe39
AL		 717 if (qemu_log_enabled()) {
718 qemu_log("qemu: fatal: ");
719 qemu_log_vprintf(fmt, ap2);
720 qemu_log("\n");
a0762859 721 log_cpu_state(cpu, CPU_DUMP_FPU | CPU_DUMP_CCOP);
31b1a7b4 722 qemu_log_flush();
93fcfe39 723 qemu_log_close();
924edcae 724 }
493ae1f0 725 va_end(ap2);
f9373291 726 va_end(ap);
fd052bf6
RV		 727#if defined(CONFIG_USER_ONLY)
728 {
729 struct sigaction act;
730 sigfillset(&act.sa_mask);
731 act.sa_handler = SIG_DFL;
732 sigaction(SIGABRT, &act, NULL);
733 }
734#endif
7501267e
FB		 735 abort();
736}
737
0124311e 738#if !defined(CONFIG_USER_ONLY)
041603fe
PB		 739static RAMBlock *qemu_get_ram_block(ram_addr_t addr)
740{
741 RAMBlock *block;
742
743 /* The list is protected by the iothread lock here. */
744 block = ram_list.mru_block;
745 if (block && addr - block->offset < block->length) {
746 goto found;
747 }
748 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
749 if (addr - block->offset < block->length) {
750 goto found;
751 }
752 }
753
754 fprintf(stderr, "Bad ram offset %" PRIx64 "\n", (uint64_t)addr);
755 abort();
756
757found:
758 ram_list.mru_block = block;
759 return block;
760}
761
a2f4d5be 762static void tlb_reset_dirty_range_all(ram_addr_t start, ram_addr_t length)
d24981d3 763{
041603fe 764 ram_addr_t start1;
a2f4d5be
JQ		 765 RAMBlock *block;
766 ram_addr_t end;
767
768 end = TARGET_PAGE_ALIGN(start + length);
769 start &= TARGET_PAGE_MASK;
d24981d3 770
041603fe
PB		 771 block = qemu_get_ram_block(start);
772 assert(block == qemu_get_ram_block(end - 1));
773 start1 = (uintptr_t)block->host + (start - block->offset);
774 cpu_tlb_reset_dirty_all(start1, length);
d24981d3
JQ		 775}
776
5579c7f3 777/* Note: start and end must be within the same ram block. */
a2f4d5be 778void cpu_physical_memory_reset_dirty(ram_addr_t start, ram_addr_t length,
52159192 779 unsigned client)
1ccde1cb 780{
1ccde1cb
FB		 781 if (length == 0)
782 return;
ace694cc 783 cpu_physical_memory_clear_dirty_range(start, length, client);
f23db169 784
d24981d3 785 if (tcg_enabled()) {
a2f4d5be 786 tlb_reset_dirty_range_all(start, length);
5579c7f3 787 }
1ccde1cb
FB		 788}
789
981fdf23 790static void cpu_physical_memory_set_dirty_tracking(bool enable)
74576198
AL		 791{
792 in_migration = enable;
74576198
AL		 793}
794
a8170e5e 795hwaddr memory_region_section_get_iotlb(CPUArchState *env,
149f54b5
PB		 796 MemoryRegionSection *section,
797 target_ulong vaddr,
798 hwaddr paddr, hwaddr xlat,
799 int prot,
800 target_ulong *address)
e5548617 801{
a8170e5e 802 hwaddr iotlb;
e5548617
BS		 803 CPUWatchpoint *wp;
804
cc5bea60 805 if (memory_region_is_ram(section->mr)) {
e5548617
BS		 806 /* Normal RAM. */
807 iotlb = (memory_region_get_ram_addr(section->mr) & TARGET_PAGE_MASK)
149f54b5 808 + xlat;
e5548617 809 if (!section->readonly) {
b41aac4f 810 iotlb |= PHYS_SECTION_NOTDIRTY;
e5548617 811 } else {
b41aac4f 812 iotlb |= PHYS_SECTION_ROM;
e5548617
BS		 813 }
814 } else {
1b3fb98f 815 iotlb = section - section->address_space->dispatch->map.sections;
149f54b5 816 iotlb += xlat;
e5548617
BS		 817 }
818
819 /* Make accesses to pages with watchpoints go via the
820 watchpoint trap routines. */
821 QTAILQ_FOREACH(wp, &env->watchpoints, entry) {
822 if (vaddr == (wp->vaddr & TARGET_PAGE_MASK)) {
823 /* Avoid trapping reads of pages with a write breakpoint. */
824 if ((prot & PAGE_WRITE) || (wp->flags & BP_MEM_READ)) {
b41aac4f 825 iotlb = PHYS_SECTION_WATCH + paddr;
e5548617
BS		 826 *address |= TLB_MMIO;
827 break;
828 }
829 }
830 }
831
832 return iotlb;
833}
9fa3e853
FB		 834#endif /* defined(CONFIG_USER_ONLY) */
835
e2eef170 836#if !defined(CONFIG_USER_ONLY)
8da3ff18 837
c227f099 838static int subpage_register (subpage_t *mmio, uint32_t start, uint32_t end,
5312bd8b 839 uint16_t section);
acc9d80b 840static subpage_t *subpage_init(AddressSpace *as, hwaddr base);
54688b1e 841
575ddeb4 842static void *(*phys_mem_alloc)(size_t size) = qemu_anon_ram_alloc;
91138037
MA		 843
844/*
845 * Set a custom physical guest memory alloator.
846 * Accelerators with unusual needs may need this. Hopefully, we can
847 * get rid of it eventually.
848 */
575ddeb4 849void phys_mem_set_alloc(void *(*alloc)(size_t))
91138037
MA		 850{
851 phys_mem_alloc = alloc;
852}
853
53cb28cb
MA		 854static uint16_t phys_section_add(PhysPageMap *map,
855 MemoryRegionSection *section)
5312bd8b 856{
68f3f65b
PB		 857 /* The physical section number is ORed with a page-aligned
858 * pointer to produce the iotlb entries. Thus it should
859 * never overflow into the page-aligned value.
860 */
53cb28cb 861 assert(map->sections_nb < TARGET_PAGE_SIZE);
68f3f65b 862
53cb28cb
MA		 863 if (map->sections_nb == map->sections_nb_alloc) {
864 map->sections_nb_alloc = MAX(map->sections_nb_alloc * 2, 16);
865 map->sections = g_renew(MemoryRegionSection, map->sections,
866 map->sections_nb_alloc);
5312bd8b 867 }
53cb28cb 868 map->sections[map->sections_nb] = *section;
dfde4e6e 869 memory_region_ref(section->mr);
53cb28cb 870 return map->sections_nb++;
5312bd8b
AK		 871}
872
058bc4b5
PB		 873static void phys_section_destroy(MemoryRegion *mr)
874{
dfde4e6e
PB		 875 memory_region_unref(mr);
876
058bc4b5
PB		 877 if (mr->subpage) {
878 subpage_t *subpage = container_of(mr, subpage_t, iomem);
879 memory_region_destroy(&subpage->iomem);
880 g_free(subpage);
881 }
882}
883
6092666e 884static void phys_sections_free(PhysPageMap *map)
5312bd8b 885{
9affd6fc
PB		 886 while (map->sections_nb > 0) {
887 MemoryRegionSection *section = &map->sections[--map->sections_nb];
058bc4b5
PB		 888 phys_section_destroy(section->mr);
889 }
9affd6fc
PB		 890 g_free(map->sections);
891 g_free(map->nodes);
5312bd8b
AK		 892}
893
ac1970fb 894static void register_subpage(AddressSpaceDispatch *d, MemoryRegionSection *section)
0f0cb164
AK		 895{
896 subpage_t *subpage;
a8170e5e 897 hwaddr base = section->offset_within_address_space
0f0cb164 898 & TARGET_PAGE_MASK;
97115a8d 899 MemoryRegionSection *existing = phys_page_find(d->phys_map, base,
53cb28cb 900 d->map.nodes, d->map.sections);
0f0cb164
AK		 901 MemoryRegionSection subsection = {
902 .offset_within_address_space = base,
052e87b0 903 .size = int128_make64(TARGET_PAGE_SIZE),
0f0cb164 904 };
a8170e5e 905 hwaddr start, end;
0f0cb164 906
f3705d53 907 assert(existing->mr->subpage || existing->mr == &io_mem_unassigned);
0f0cb164 908
f3705d53 909 if (!(existing->mr->subpage)) {
acc9d80b 910 subpage = subpage_init(d->as, base);
3be91e86 911 subsection.address_space = d->as;
0f0cb164 912 subsection.mr = &subpage->iomem;
ac1970fb 913 phys_page_set(d, base >> TARGET_PAGE_BITS, 1,
53cb28cb 914 phys_section_add(&d->map, &subsection));
0f0cb164 915 } else {
f3705d53 916 subpage = container_of(existing->mr, subpage_t, iomem);
0f0cb164
AK		 917 }
918 start = section->offset_within_address_space & ~TARGET_PAGE_MASK;
052e87b0 919 end = start + int128_get64(section->size) - 1;
53cb28cb
MA		 920 subpage_register(subpage, start, end,
921 phys_section_add(&d->map, section));
0f0cb164
AK		 922}
923
924
052e87b0
PB		 925static void register_multipage(AddressSpaceDispatch *d,
926 MemoryRegionSection *section)
33417e70 927{
a8170e5e 928 hwaddr start_addr = section->offset_within_address_space;
53cb28cb 929 uint16_t section_index = phys_section_add(&d->map, section);
052e87b0
PB		 930 uint64_t num_pages = int128_get64(int128_rshift(section->size,
931 TARGET_PAGE_BITS));
dd81124b 932
733d5ef5
PB		 933 assert(num_pages);
934 phys_page_set(d, start_addr >> TARGET_PAGE_BITS, num_pages, section_index);
33417e70
FB		 935}
936
ac1970fb 937static void mem_add(MemoryListener *listener, MemoryRegionSection *section)
0f0cb164 938{
89ae337a 939 AddressSpace *as = container_of(listener, AddressSpace, dispatch_listener);
00752703 940 AddressSpaceDispatch *d = as->next_dispatch;
99b9cc06 941 MemoryRegionSection now = *section, remain = *section;
052e87b0 942 Int128 page_size = int128_make64(TARGET_PAGE_SIZE);
0f0cb164 943
733d5ef5
PB		 944 if (now.offset_within_address_space & ~TARGET_PAGE_MASK) {
945 uint64_t left = TARGET_PAGE_ALIGN(now.offset_within_address_space)
946 - now.offset_within_address_space;
947
052e87b0 948 now.size = int128_min(int128_make64(left), now.size);
ac1970fb 949 register_subpage(d, &now);
733d5ef5 950 } else {
052e87b0 951 now.size = int128_zero();
733d5ef5 952 }
052e87b0
PB		 953 while (int128_ne(remain.size, now.size)) {
954 remain.size = int128_sub(remain.size, now.size);
955 remain.offset_within_address_space += int128_get64(now.size);
956 remain.offset_within_region += int128_get64(now.size);
69b67646 957 now = remain;
052e87b0 958 if (int128_lt(remain.size, page_size)) {
733d5ef5 959 register_subpage(d, &now);
88266249 960 } else if (remain.offset_within_address_space & ~TARGET_PAGE_MASK) {
052e87b0 961 now.size = page_size;
ac1970fb 962 register_subpage(d, &now);
69b67646 963 } else {
052e87b0 964 now.size = int128_and(now.size, int128_neg(page_size));
ac1970fb 965 register_multipage(d, &now);
69b67646 966 }
0f0cb164
AK		 967 }
968}
969
62a2744c
SY		 970void qemu_flush_coalesced_mmio_buffer(void)
971{
972 if (kvm_enabled())
973 kvm_flush_coalesced_mmio_buffer();
974}
975
b2a8658e
UD		 976void qemu_mutex_lock_ramlist(void)
977{
978 qemu_mutex_lock(&ram_list.mutex);
979}
980
981void qemu_mutex_unlock_ramlist(void)
982{
983 qemu_mutex_unlock(&ram_list.mutex);
984}
985
e1e84ba0 986#ifdef __linux__
c902760f
MT		 987
988#include <sys/vfs.h>
989
990#define HUGETLBFS_MAGIC 0x958458f6
991
992static long gethugepagesize(const char *path)
993{
994 struct statfs fs;
995 int ret;
996
997 do {
9742bf26 998 ret = statfs(path, &fs);
c902760f
MT		 999 } while (ret != 0 && errno == EINTR);
1000
1001 if (ret != 0) {
9742bf26
YT		 1002 perror(path);
1003 return 0;
c902760f
MT		 1004 }
1005
1006 if (fs.f_type != HUGETLBFS_MAGIC)
9742bf26 1007 fprintf(stderr, "Warning: path not on HugeTLBFS: %s\n", path);
c902760f
MT		 1008
1009 return fs.f_bsize;
1010}
1011
ef36fa14
MT		 1012static sigjmp_buf sigjump;
1013
1014static void sigbus_handler(int signal)
1015{
1016 siglongjmp(sigjump, 1);
1017}
1018
04b16653
AW		 1019static void *file_ram_alloc(RAMBlock *block,
1020 ram_addr_t memory,
1021 const char *path)
c902760f
MT		 1022{
1023 char *filename;
8ca761f6
PF		 1024 char *sanitized_name;
1025 char *c;
c902760f
MT		 1026 void *area;
1027 int fd;
c902760f
MT		 1028 unsigned long hpagesize;
1029
1030 hpagesize = gethugepagesize(path);
1031 if (!hpagesize) {
f9a49dfa 1032 goto error;
c902760f
MT		 1033 }
1034
1035 if (memory < hpagesize) {
1036 return NULL;
1037 }
1038
1039 if (kvm_enabled() && !kvm_has_sync_mmu()) {
1040 fprintf(stderr, "host lacks kvm mmu notifiers, -mem-path unsupported\n");
f9a49dfa 1041 goto error;
c902760f
MT		 1042 }
1043
8ca761f6
PF		 1044 /* Make name safe to use with mkstemp by replacing '/' with '_'. */
1045 sanitized_name = g_strdup(block->mr->name);
1046 for (c = sanitized_name; *c != '\0'; c++) {
1047 if (*c == '/')
1048 *c = '_';
1049 }
1050
1051 filename = g_strdup_printf("%s/qemu_back_mem.%s.XXXXXX", path,
1052 sanitized_name);
1053 g_free(sanitized_name);
c902760f
MT		 1054
1055 fd = mkstemp(filename);
1056 if (fd < 0) {
9742bf26 1057 perror("unable to create backing store for hugepages");
e4ada482 1058 g_free(filename);
f9a49dfa 1059 goto error;
c902760f
MT		 1060 }
1061 unlink(filename);
e4ada482 1062 g_free(filename);
c902760f
MT		 1063
1064 memory = (memory+hpagesize-1) & ~(hpagesize-1);
1065
1066 /*
1067 * ftruncate is not supported by hugetlbfs in older
1068 * hosts, so don't bother bailing out on errors.
1069 * If anything goes wrong with it under other filesystems,
1070 * mmap will fail.
1071 */
1072 if (ftruncate(fd, memory))
9742bf26 1073 perror("ftruncate");
c902760f 1074
c902760f 1075 area = mmap(0, memory, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
c902760f 1076 if (area == MAP_FAILED) {
9742bf26
YT		 1077 perror("file_ram_alloc: can't mmap RAM pages");
1078 close(fd);
f9a49dfa 1079 goto error;
c902760f 1080 }
ef36fa14
MT		 1081
1082 if (mem_prealloc) {
1083 int ret, i;
1084 struct sigaction act, oldact;
1085 sigset_t set, oldset;
1086
1087 memset(&act, 0, sizeof(act));
1088 act.sa_handler = &sigbus_handler;
1089 act.sa_flags = 0;
1090
1091 ret = sigaction(SIGBUS, &act, &oldact);
1092 if (ret) {
1093 perror("file_ram_alloc: failed to install signal handler");
1094 exit(1);
1095 }
1096
1097 /* unblock SIGBUS */
1098 sigemptyset(&set);
1099 sigaddset(&set, SIGBUS);
1100 pthread_sigmask(SIG_UNBLOCK, &set, &oldset);
1101
1102 if (sigsetjmp(sigjump, 1)) {
1103 fprintf(stderr, "file_ram_alloc: failed to preallocate pages\n");
1104 exit(1);
1105 }
1106
1107 /* MAP_POPULATE silently ignores failures */
2ba82852 1108 for (i = 0; i < (memory/hpagesize); i++) {
ef36fa14
MT		 1109 memset(area + (hpagesize*i), 0, 1);
1110 }
1111
1112 ret = sigaction(SIGBUS, &oldact, NULL);
1113 if (ret) {
1114 perror("file_ram_alloc: failed to reinstall signal handler");
1115 exit(1);
1116 }
1117
1118 pthread_sigmask(SIG_SETMASK, &oldset, NULL);
1119 }
1120
04b16653 1121 block->fd = fd;
c902760f 1122 return area;
f9a49dfa
MT		 1123
1124error:
1125 if (mem_prealloc) {
1126 exit(1);
1127 }
1128 return NULL;
c902760f 1129}
e1e84ba0
MA		 1130#else
1131static void *file_ram_alloc(RAMBlock *block,
1132 ram_addr_t memory,
1133 const char *path)
1134{
1135 fprintf(stderr, "-mem-path not supported on this host\n");
1136 exit(1);
1137}
c902760f
MT		 1138#endif
1139
d17b5288 1140static ram_addr_t find_ram_offset(ram_addr_t size)
04b16653
AW		 1141{
1142 RAMBlock *block, *next_block;
3e837b2c 1143 ram_addr_t offset = RAM_ADDR_MAX, mingap = RAM_ADDR_MAX;
04b16653 1144
49cd9ac6
SH		 1145 assert(size != 0); /* it would hand out same offset multiple times */
1146
a3161038 1147 if (QTAILQ_EMPTY(&ram_list.blocks))
04b16653
AW		 1148 return 0;
1149
a3161038 1150 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
f15fbc4b 1151 ram_addr_t end, next = RAM_ADDR_MAX;
04b16653
AW		 1152
1153 end = block->offset + block->length;
1154
a3161038 1155 QTAILQ_FOREACH(next_block, &ram_list.blocks, next) {
04b16653
AW		 1156 if (next_block->offset >= end) {
1157 next = MIN(next, next_block->offset);
1158 }
1159 }
1160 if (next - end >= size && next - end < mingap) {
3e837b2c 1161 offset = end;
04b16653
AW		 1162 mingap = next - end;
1163 }
1164 }
3e837b2c
AW		 1165
1166 if (offset == RAM_ADDR_MAX) {
1167 fprintf(stderr, "Failed to find gap of requested size: %" PRIu64 "\n",
1168 (uint64_t)size);
1169 abort();
1170 }
1171
04b16653
AW		 1172 return offset;
1173}
1174
652d7ec2 1175ram_addr_t last_ram_offset(void)
d17b5288
AW		 1176{
1177 RAMBlock *block;
1178 ram_addr_t last = 0;
1179
a3161038 1180 QTAILQ_FOREACH(block, &ram_list.blocks, next)
d17b5288
AW		 1181 last = MAX(last, block->offset + block->length);
1182
1183 return last;
1184}
1185
ddb97f1d
JB		 1186static void qemu_ram_setup_dump(void *addr, ram_addr_t size)
1187{
1188 int ret;
ddb97f1d
JB		 1189
1190 /* Use MADV_DONTDUMP, if user doesn't want the guest memory in the core */
2ff3de68
MA		 1191 if (!qemu_opt_get_bool(qemu_get_machine_opts(),
1192 "dump-guest-core", true)) {
ddb97f1d
JB		 1193 ret = qemu_madvise(addr, size, QEMU_MADV_DONTDUMP);
1194 if (ret) {
1195 perror("qemu_madvise");
1196 fprintf(stderr, "madvise doesn't support MADV_DONTDUMP, "
1197 "but dump_guest_core=off specified\n");
1198 }
1199 }
1200}
1201
c5705a77 1202void qemu_ram_set_idstr(ram_addr_t addr, const char *name, DeviceState *dev)
84b89d78
CM		 1203{
1204 RAMBlock *new_block, *block;
1205
c5705a77 1206 new_block = NULL;
a3161038 1207 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
c5705a77
AK		 1208 if (block->offset == addr) {
1209 new_block = block;
1210 break;
1211 }
1212 }
1213 assert(new_block);
1214 assert(!new_block->idstr[0]);
84b89d78 1215
09e5ab63
AL		 1216 if (dev) {
1217 char *id = qdev_get_dev_path(dev);
84b89d78
CM		 1218 if (id) {
1219 snprintf(new_block->idstr, sizeof(new_block->idstr), "%s/", id);
7267c094 1220 g_free(id);
84b89d78
CM		 1221 }
1222 }
1223 pstrcat(new_block->idstr, sizeof(new_block->idstr), name);
1224
b2a8658e
UD		 1225 /* This assumes the iothread lock is taken here too. */
1226 qemu_mutex_lock_ramlist();
a3161038 1227 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
c5705a77 1228 if (block != new_block && !strcmp(block->idstr, new_block->idstr)) {
84b89d78
CM		 1229 fprintf(stderr, "RAMBlock \"%s\" already registered, abort!\n",
1230 new_block->idstr);
1231 abort();
1232 }
1233 }
b2a8658e 1234 qemu_mutex_unlock_ramlist();
c5705a77
AK		 1235}
1236
8490fc78
LC		 1237static int memory_try_enable_merging(void *addr, size_t len)
1238{
2ff3de68 1239 if (!qemu_opt_get_bool(qemu_get_machine_opts(), "mem-merge", true)) {
8490fc78
LC		 1240 /* disabled by the user */
1241 return 0;
1242 }
1243
1244 return qemu_madvise(addr, len, QEMU_MADV_MERGEABLE);
1245}
1246
c5705a77
AK		 1247ram_addr_t qemu_ram_alloc_from_ptr(ram_addr_t size, void *host,
1248 MemoryRegion *mr)
1249{
abb26d63 1250 RAMBlock *block, *new_block;
2152f5ca
JQ		 1251 ram_addr_t old_ram_size, new_ram_size;
1252
1253 old_ram_size = last_ram_offset() >> TARGET_PAGE_BITS;
c5705a77
AK		 1254
1255 size = TARGET_PAGE_ALIGN(size);
1256 new_block = g_malloc0(sizeof(*new_block));
3435f395 1257 new_block->fd = -1;
84b89d78 1258
b2a8658e
UD		 1259 /* This assumes the iothread lock is taken here too. */
1260 qemu_mutex_lock_ramlist();
7c637366 1261 new_block->mr = mr;
432d268c 1262 new_block->offset = find_ram_offset(size);
6977dfe6
YT		 1263 if (host) {
1264 new_block->host = host;
cd19cfa2 1265 new_block->flags |= RAM_PREALLOC_MASK;
dfeaf2ab
MA		 1266 } else if (xen_enabled()) {
1267 if (mem_path) {
1268 fprintf(stderr, "-mem-path not supported with Xen\n");
1269 exit(1);
1270 }
1271 xen_ram_alloc(new_block->offset, size, mr);
6977dfe6
YT		 1272 } else {
1273 if (mem_path) {
e1e84ba0
MA		 1274 if (phys_mem_alloc != qemu_anon_ram_alloc) {
1275 /*
1276 * file_ram_alloc() needs to allocate just like
1277 * phys_mem_alloc, but we haven't bothered to provide
1278 * a hook there.
1279 */
1280 fprintf(stderr,
1281 "-mem-path not supported with this accelerator\n");
1282 exit(1);
1283 }
6977dfe6 1284 new_block->host = file_ram_alloc(new_block, size, mem_path);
0628c182
MA		 1285 }
1286 if (!new_block->host) {
91138037 1287 new_block->host = phys_mem_alloc(size);
39228250
MA		 1288 if (!new_block->host) {
1289 fprintf(stderr, "Cannot set up guest memory '%s': %s\n",
1290 new_block->mr->name, strerror(errno));
1291 exit(1);
1292 }
8490fc78 1293 memory_try_enable_merging(new_block->host, size);
6977dfe6 1294 }
c902760f 1295 }
94a6b54f
PB		 1296 new_block->length = size;
1297
abb26d63
PB		 1298 /* Keep the list sorted from biggest to smallest block. */
1299 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1300 if (block->length < new_block->length) {
1301 break;
1302 }
1303 }
1304 if (block) {
1305 QTAILQ_INSERT_BEFORE(block, new_block, next);
1306 } else {
1307 QTAILQ_INSERT_TAIL(&ram_list.blocks, new_block, next);
1308 }
0d6d3c87 1309 ram_list.mru_block = NULL;
94a6b54f 1310
f798b07f 1311 ram_list.version++;
b2a8658e 1312 qemu_mutex_unlock_ramlist();
f798b07f 1313
2152f5ca
JQ		 1314 new_ram_size = last_ram_offset() >> TARGET_PAGE_BITS;
1315
1316 if (new_ram_size > old_ram_size) {
1ab4c8ce
JQ		 1317 int i;
1318 for (i = 0; i < DIRTY_MEMORY_NUM; i++) {
1319 ram_list.dirty_memory[i] =
1320 bitmap_zero_extend(ram_list.dirty_memory[i],
1321 old_ram_size, new_ram_size);
1322 }
2152f5ca 1323 }
75218e7f 1324 cpu_physical_memory_set_dirty_range(new_block->offset, size);
94a6b54f 1325
ddb97f1d 1326 qemu_ram_setup_dump(new_block->host, size);
ad0b5321 1327 qemu_madvise(new_block->host, size, QEMU_MADV_HUGEPAGE);
3e469dbf 1328 qemu_madvise(new_block->host, size, QEMU_MADV_DONTFORK);
ddb97f1d 1329
6f0437e8
JK		 1330 if (kvm_enabled())
1331 kvm_setup_guest_memory(new_block->host, size);
1332
94a6b54f
PB		 1333 return new_block->offset;
1334}
e9a1ab19 1335
c5705a77 1336ram_addr_t qemu_ram_alloc(ram_addr_t size, MemoryRegion *mr)
6977dfe6 1337{
c5705a77 1338 return qemu_ram_alloc_from_ptr(size, NULL, mr);
6977dfe6
YT		 1339}
1340
1f2e98b6
AW		 1341void qemu_ram_free_from_ptr(ram_addr_t addr)
1342{
1343 RAMBlock *block;
1344
b2a8658e
UD		 1345 /* This assumes the iothread lock is taken here too. */
1346 qemu_mutex_lock_ramlist();
a3161038 1347 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1f2e98b6 1348 if (addr == block->offset) {
a3161038 1349 QTAILQ_REMOVE(&ram_list.blocks, block, next);
0d6d3c87 1350 ram_list.mru_block = NULL;
f798b07f 1351 ram_list.version++;
7267c094 1352 g_free(block);
b2a8658e 1353 break;
1f2e98b6
AW		 1354 }
1355 }
b2a8658e 1356 qemu_mutex_unlock_ramlist();
1f2e98b6
AW		 1357}
1358
c227f099 1359void qemu_ram_free(ram_addr_t addr)
e9a1ab19 1360{
04b16653
AW		 1361 RAMBlock *block;
1362
b2a8658e
UD		 1363 /* This assumes the iothread lock is taken here too. */
1364 qemu_mutex_lock_ramlist();
a3161038 1365 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
04b16653 1366 if (addr == block->offset) {
a3161038 1367 QTAILQ_REMOVE(&ram_list.blocks, block, next);
0d6d3c87 1368 ram_list.mru_block = NULL;
f798b07f 1369 ram_list.version++;
cd19cfa2
HY		 1370 if (block->flags & RAM_PREALLOC_MASK) {
1371 ;
dfeaf2ab
MA		 1372 } else if (xen_enabled()) {
1373 xen_invalidate_map_cache_entry(block->host);
089f3f76 1374#ifndef _WIN32
3435f395
MA		 1375 } else if (block->fd >= 0) {
1376 munmap(block->host, block->length);
1377 close(block->fd);
089f3f76 1378#endif
04b16653 1379 } else {
dfeaf2ab 1380 qemu_anon_ram_free(block->host, block->length);
04b16653 1381 }
7267c094 1382 g_free(block);
b2a8658e 1383 break;
04b16653
AW		 1384 }
1385 }
b2a8658e 1386 qemu_mutex_unlock_ramlist();
04b16653 1387
e9a1ab19
FB		 1388}
1389
cd19cfa2
HY		 1390#ifndef _WIN32
1391void qemu_ram_remap(ram_addr_t addr, ram_addr_t length)
1392{
1393 RAMBlock *block;
1394 ram_addr_t offset;
1395 int flags;
1396 void *area, *vaddr;
1397
a3161038 1398 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
cd19cfa2
HY		 1399 offset = addr - block->offset;
1400 if (offset < block->length) {
1401 vaddr = block->host + offset;
1402 if (block->flags & RAM_PREALLOC_MASK) {
1403 ;
dfeaf2ab
MA		 1404 } else if (xen_enabled()) {
1405 abort();
cd19cfa2
HY		 1406 } else {
1407 flags = MAP_FIXED;
1408 munmap(vaddr, length);
3435f395 1409 if (block->fd >= 0) {
cd19cfa2 1410#ifdef MAP_POPULATE
3435f395
MA		 1411 flags |= mem_prealloc ? MAP_POPULATE | MAP_SHARED :
1412 MAP_PRIVATE;
fd28aa13 1413#else
3435f395 1414 flags |= MAP_PRIVATE;
cd19cfa2 1415#endif
3435f395
MA		 1416 area = mmap(vaddr, length, PROT_READ | PROT_WRITE,
1417 flags, block->fd, offset);
cd19cfa2 1418 } else {
2eb9fbaa
MA		 1419 /*
1420 * Remap needs to match alloc. Accelerators that
1421 * set phys_mem_alloc never remap. If they did,
1422 * we'd need a remap hook here.
1423 */
1424 assert(phys_mem_alloc == qemu_anon_ram_alloc);
1425
cd19cfa2
HY		 1426 flags |= MAP_PRIVATE | MAP_ANONYMOUS;
1427 area = mmap(vaddr, length, PROT_READ | PROT_WRITE,
1428 flags, -1, 0);
cd19cfa2
HY		 1429 }
1430 if (area != vaddr) {
f15fbc4b
AP		 1431 fprintf(stderr, "Could not remap addr: "
1432 RAM_ADDR_FMT "@" RAM_ADDR_FMT "\n",
cd19cfa2
HY		 1433 length, addr);
1434 exit(1);
1435 }
8490fc78 1436 memory_try_enable_merging(vaddr, length);
ddb97f1d 1437 qemu_ram_setup_dump(vaddr, length);
cd19cfa2
HY		 1438 }
1439 return;
1440 }
1441 }
1442}
1443#endif /* !_WIN32 */
1444
1b5ec234
PB		 1445/* Return a host pointer to ram allocated with qemu_ram_alloc.
1446 With the exception of the softmmu code in this file, this should
1447 only be used for local memory (e.g. video ram) that the device owns,
1448 and knows it isn't going to access beyond the end of the block.
1449
1450 It should not be used for general purpose DMA.
1451 Use cpu_physical_memory_map/cpu_physical_memory_rw instead.
1452 */
1453void *qemu_get_ram_ptr(ram_addr_t addr)
1454{
1455 RAMBlock *block = qemu_get_ram_block(addr);
1456
0d6d3c87
PB		 1457 if (xen_enabled()) {
1458 /* We need to check if the requested address is in the RAM
1459 * because we don't want to map the entire memory in QEMU.
1460 * In that case just map until the end of the page.
1461 */
1462 if (block->offset == 0) {
1463 return xen_map_cache(addr, 0, 0);
1464 } else if (block->host == NULL) {
1465 block->host =
1466 xen_map_cache(block->offset, block->length, 1);
1467 }
1468 }
1469 return block->host + (addr - block->offset);
dc828ca1
PB		 1470}
1471
38bee5dc
SS		 1472/* Return a host pointer to guest's ram. Similar to qemu_get_ram_ptr
1473 * but takes a size argument */
cb85f7ab 1474static void *qemu_ram_ptr_length(ram_addr_t addr, hwaddr *size)
38bee5dc 1475{
8ab934f9
SS		 1476 if (*size == 0) {
1477 return NULL;
1478 }
868bb33f 1479 if (xen_enabled()) {
e41d7c69 1480 return xen_map_cache(addr, *size, 1);
868bb33f 1481 } else {
38bee5dc
SS		 1482 RAMBlock *block;
1483
a3161038 1484 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
38bee5dc
SS		 1485 if (addr - block->offset < block->length) {
1486 if (addr - block->offset + *size > block->length)
1487 *size = block->length - addr + block->offset;
1488 return block->host + (addr - block->offset);
1489 }
1490 }
1491
1492 fprintf(stderr, "Bad ram offset %" PRIx64 "\n", (uint64_t)addr);
1493 abort();
38bee5dc
SS		 1494 }
1495}
1496
7443b437
PB		 1497/* Some of the softmmu routines need to translate from a host pointer
1498 (typically a TLB entry) back to a ram offset. */
1b5ec234 1499MemoryRegion *qemu_ram_addr_from_host(void *ptr, ram_addr_t *ram_addr)
5579c7f3 1500{
94a6b54f
PB		 1501 RAMBlock *block;
1502 uint8_t *host = ptr;
1503
868bb33f 1504 if (xen_enabled()) {
e41d7c69 1505 *ram_addr = xen_ram_addr_from_mapcache(ptr);
1b5ec234 1506 return qemu_get_ram_block(*ram_addr)->mr;
712c2b41
SS		 1507 }
1508
23887b79
PB		 1509 block = ram_list.mru_block;
1510 if (block && block->host && host - block->host < block->length) {
1511 goto found;
1512 }
1513
a3161038 1514 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
432d268c
JN		 1515 /* This case append when the block is not mapped. */
1516 if (block->host == NULL) {
1517 continue;
1518 }
f471a17e 1519 if (host - block->host < block->length) {
23887b79 1520 goto found;
f471a17e 1521 }
94a6b54f 1522 }
432d268c 1523
1b5ec234 1524 return NULL;
23887b79
PB		 1525
1526found:
1527 *ram_addr = block->offset + (host - block->host);
1b5ec234 1528 return block->mr;
e890261f 1529}
f471a17e 1530
a8170e5e 1531static void notdirty_mem_write(void *opaque, hwaddr ram_addr,
0e0df1e2 1532 uint64_t val, unsigned size)
9fa3e853 1533{
52159192 1534 if (!cpu_physical_memory_get_dirty_flag(ram_addr, DIRTY_MEMORY_CODE)) {
0e0df1e2 1535 tb_invalidate_phys_page_fast(ram_addr, size);
3a7d929e 1536 }
0e0df1e2
AK		 1537 switch (size) {
1538 case 1:
1539 stb_p(qemu_get_ram_ptr(ram_addr), val);
1540 break;
1541 case 2:
1542 stw_p(qemu_get_ram_ptr(ram_addr), val);
1543 break;
1544 case 4:
1545 stl_p(qemu_get_ram_ptr(ram_addr), val);
1546 break;
1547 default:
1548 abort();
3a7d929e 1549 }
52159192
JQ		 1550 cpu_physical_memory_set_dirty_flag(ram_addr, DIRTY_MEMORY_MIGRATION);
1551 cpu_physical_memory_set_dirty_flag(ram_addr, DIRTY_MEMORY_VGA);
f23db169
FB		 1552 /* we remove the notdirty callback only if the code has been
1553 flushed */
a2cd8c85 1554 if (!cpu_physical_memory_is_clean(ram_addr)) {
4917cf44 1555 CPUArchState *env = current_cpu->env_ptr;
93afeade 1556 tlb_set_dirty(env, current_cpu->mem_io_vaddr);
4917cf44 1557 }
9fa3e853
FB		 1558}
1559
b018ddf6
PB		 1560static bool notdirty_mem_accepts(void *opaque, hwaddr addr,
1561 unsigned size, bool is_write)
1562{
1563 return is_write;
1564}
1565
0e0df1e2 1566static const MemoryRegionOps notdirty_mem_ops = {
0e0df1e2 1567 .write = notdirty_mem_write,
b018ddf6 1568 .valid.accepts = notdirty_mem_accepts,
0e0df1e2 1569 .endianness = DEVICE_NATIVE_ENDIAN,
1ccde1cb
FB		 1570};
1571
0f459d16 1572/* Generate a debug exception if a watchpoint has been hit. */
b4051334 1573static void check_watchpoint(int offset, int len_mask, int flags)
0f459d16 1574{
93afeade
AF		 1575 CPUState *cpu = current_cpu;
1576 CPUArchState *env = cpu->env_ptr;
06d55cc1 1577 target_ulong pc, cs_base;
0f459d16 1578 target_ulong vaddr;
a1d1bb31 1579 CPUWatchpoint *wp;
06d55cc1 1580 int cpu_flags;
0f459d16 1581
06d55cc1
AL		 1582 if (env->watchpoint_hit) {
1583 /* We re-entered the check after replacing the TB. Now raise
1584 * the debug interrupt so that is will trigger after the
1585 * current instruction. */
93afeade 1586 cpu_interrupt(cpu, CPU_INTERRUPT_DEBUG);
06d55cc1
AL		 1587 return;
1588 }
93afeade 1589 vaddr = (cpu->mem_io_vaddr & TARGET_PAGE_MASK) + offset;
72cf2d4f 1590 QTAILQ_FOREACH(wp, &env->watchpoints, entry) {
b4051334
AL		 1591 if ((vaddr == (wp->vaddr & len_mask) ||
1592 (vaddr & wp->len_mask) == wp->vaddr) && (wp->flags & flags)) {
6e140f28
AL		 1593 wp->flags |= BP_WATCHPOINT_HIT;
1594 if (!env->watchpoint_hit) {
1595 env->watchpoint_hit = wp;
5a316526 1596 tb_check_watchpoint(env);
6e140f28 1597 if (wp->flags & BP_STOP_BEFORE_ACCESS) {
27103424 1598 cpu->exception_index = EXCP_DEBUG;
488d6577 1599 cpu_loop_exit(env);
6e140f28
AL		 1600 } else {
1601 cpu_get_tb_cpu_state(env, &pc, &cs_base, &cpu_flags);
1602 tb_gen_code(env, pc, cs_base, cpu_flags, 1);
488d6577 1603 cpu_resume_from_signal(env, NULL);
6e140f28 1604 }
06d55cc1 1605 }
6e140f28
AL		 1606 } else {
1607 wp->flags &= ~BP_WATCHPOINT_HIT;
0f459d16
PB		 1608 }
1609 }
1610}
1611
6658ffb8
PB		 1612/* Watchpoint access routines. Watchpoints are inserted using TLB tricks,
1613 so these check for a hit then pass through to the normal out-of-line
1614 phys routines. */
a8170e5e 1615static uint64_t watch_mem_read(void *opaque, hwaddr addr,
1ec9b909 1616 unsigned size)
6658ffb8 1617{
1ec9b909
AK		 1618 check_watchpoint(addr & ~TARGET_PAGE_MASK, ~(size - 1), BP_MEM_READ);
1619 switch (size) {
2c17449b 1620 case 1: return ldub_phys(&address_space_memory, addr);
41701aa4 1621 case 2: return lduw_phys(&address_space_memory, addr);
fdfba1a2 1622 case 4: return ldl_phys(&address_space_memory, addr);
1ec9b909
AK		 1623 default: abort();
1624 }
6658ffb8
PB		 1625}
1626
a8170e5e 1627static void watch_mem_write(void *opaque, hwaddr addr,
1ec9b909 1628 uint64_t val, unsigned size)
6658ffb8 1629{
1ec9b909
AK		 1630 check_watchpoint(addr & ~TARGET_PAGE_MASK, ~(size - 1), BP_MEM_WRITE);
1631 switch (size) {
67364150 1632 case 1:
db3be60d 1633 stb_phys(&address_space_memory, addr, val);
67364150
MF		 1634 break;
1635 case 2:
5ce5944d 1636 stw_phys(&address_space_memory, addr, val);
67364150
MF		 1637 break;
1638 case 4:
ab1da857 1639 stl_phys(&address_space_memory, addr, val);
67364150 1640 break;
1ec9b909
AK		 1641 default: abort();
1642 }
6658ffb8
PB		 1643}
1644
1ec9b909
AK		 1645static const MemoryRegionOps watch_mem_ops = {
1646 .read = watch_mem_read,
1647 .write = watch_mem_write,
1648 .endianness = DEVICE_NATIVE_ENDIAN,
6658ffb8 1649};
6658ffb8 1650
a8170e5e 1651static uint64_t subpage_read(void *opaque, hwaddr addr,
70c68e44 1652 unsigned len)
db7b5426 1653{
acc9d80b
JK		 1654 subpage_t *subpage = opaque;
1655 uint8_t buf[4];
791af8c8 1656
db7b5426 1657#if defined(DEBUG_SUBPAGE)
016e9d62 1658 printf("%s: subpage %p len %u addr " TARGET_FMT_plx "\n", __func__,
acc9d80b 1659 subpage, len, addr);
db7b5426 1660#endif
acc9d80b
JK		 1661 address_space_read(subpage->as, addr + subpage->base, buf, len);
1662 switch (len) {
1663 case 1:
1664 return ldub_p(buf);
1665 case 2:
1666 return lduw_p(buf);
1667 case 4:
1668 return ldl_p(buf);
1669 default:
1670 abort();
1671 }
db7b5426
BS		 1672}
1673
a8170e5e 1674static void subpage_write(void *opaque, hwaddr addr,
70c68e44 1675 uint64_t value, unsigned len)
db7b5426 1676{
acc9d80b
JK		 1677 subpage_t *subpage = opaque;
1678 uint8_t buf[4];
1679
db7b5426 1680#if defined(DEBUG_SUBPAGE)
016e9d62 1681 printf("%s: subpage %p len %u addr " TARGET_FMT_plx
acc9d80b
JK		 1682 " value %"PRIx64"\n",
1683 __func__, subpage, len, addr, value);
db7b5426 1684#endif
acc9d80b
JK		 1685 switch (len) {
1686 case 1:
1687 stb_p(buf, value);
1688 break;
1689 case 2:
1690 stw_p(buf, value);
1691 break;
1692 case 4:
1693 stl_p(buf, value);
1694 break;
1695 default:
1696 abort();
1697 }
1698 address_space_write(subpage->as, addr + subpage->base, buf, len);
db7b5426
BS		 1699}
1700
c353e4cc 1701static bool subpage_accepts(void *opaque, hwaddr addr,
016e9d62 1702 unsigned len, bool is_write)
c353e4cc 1703{
acc9d80b 1704 subpage_t *subpage = opaque;
c353e4cc 1705#if defined(DEBUG_SUBPAGE)
016e9d62 1706 printf("%s: subpage %p %c len %u addr " TARGET_FMT_plx "\n",
acc9d80b 1707 __func__, subpage, is_write ? 'w' : 'r', len, addr);
c353e4cc
PB		 1708#endif
1709
acc9d80b 1710 return address_space_access_valid(subpage->as, addr + subpage->base,
016e9d62 1711 len, is_write);
c353e4cc
PB		 1712}
1713
70c68e44
AK		 1714static const MemoryRegionOps subpage_ops = {
1715 .read = subpage_read,
1716 .write = subpage_write,
c353e4cc 1717 .valid.accepts = subpage_accepts,
70c68e44 1718 .endianness = DEVICE_NATIVE_ENDIAN,
db7b5426
BS		 1719};
1720
c227f099 1721static int subpage_register (subpage_t *mmio, uint32_t start, uint32_t end,
5312bd8b 1722 uint16_t section)
db7b5426
BS		 1723{
1724 int idx, eidx;
1725
1726 if (start >= TARGET_PAGE_SIZE || end >= TARGET_PAGE_SIZE)
1727 return -1;
1728 idx = SUBPAGE_IDX(start);
1729 eidx = SUBPAGE_IDX(end);
1730#if defined(DEBUG_SUBPAGE)
016e9d62
AK		 1731 printf("%s: %p start %08x end %08x idx %08x eidx %08x section %d\n",
1732 __func__, mmio, start, end, idx, eidx, section);
db7b5426 1733#endif
db7b5426 1734 for (; idx <= eidx; idx++) {
5312bd8b 1735 mmio->sub_section[idx] = section;
db7b5426
BS		 1736 }
1737
1738 return 0;
1739}
1740
acc9d80b 1741static subpage_t *subpage_init(AddressSpace *as, hwaddr base)
db7b5426 1742{
c227f099 1743 subpage_t *mmio;
db7b5426 1744
7267c094 1745 mmio = g_malloc0(sizeof(subpage_t));
1eec614b 1746
acc9d80b 1747 mmio->as = as;
1eec614b 1748 mmio->base = base;
2c9b15ca 1749 memory_region_init_io(&mmio->iomem, NULL, &subpage_ops, mmio,
70c68e44 1750 "subpage", TARGET_PAGE_SIZE);
b3b00c78 1751 mmio->iomem.subpage = true;
db7b5426 1752#if defined(DEBUG_SUBPAGE)
016e9d62
AK		 1753 printf("%s: %p base " TARGET_FMT_plx " len %08x\n", __func__,
1754 mmio, base, TARGET_PAGE_SIZE);
db7b5426 1755#endif
b41aac4f 1756 subpage_register(mmio, 0, TARGET_PAGE_SIZE-1, PHYS_SECTION_UNASSIGNED);
db7b5426
BS		 1757
1758 return mmio;
1759}
1760
53cb28cb 1761static uint16_t dummy_section(PhysPageMap *map, MemoryRegion *mr)
5312bd8b
AK		 1762{
1763 MemoryRegionSection section = {
3be91e86 1764 .address_space = &address_space_memory,
5312bd8b
AK		 1765 .mr = mr,
1766 .offset_within_address_space = 0,
1767 .offset_within_region = 0,
052e87b0 1768 .size = int128_2_64(),
5312bd8b
AK		 1769 };
1770
53cb28cb 1771 return phys_section_add(map, &section);
5312bd8b
AK		 1772}
1773
77717094 1774MemoryRegion *iotlb_to_region(AddressSpace *as, hwaddr index)
aa102231 1775{
77717094 1776 return as->dispatch->map.sections[index & ~TARGET_PAGE_MASK].mr;
aa102231
AK		 1777}
1778
e9179ce1
AK		 1779static void io_mem_init(void)
1780{
2c9b15ca
PB		 1781 memory_region_init_io(&io_mem_rom, NULL, &unassigned_mem_ops, NULL, "rom", UINT64_MAX);
1782 memory_region_init_io(&io_mem_unassigned, NULL, &unassigned_mem_ops, NULL,
0e0df1e2 1783 "unassigned", UINT64_MAX);
2c9b15ca 1784 memory_region_init_io(&io_mem_notdirty, NULL, &notdirty_mem_ops, NULL,
0e0df1e2 1785 "notdirty", UINT64_MAX);
2c9b15ca 1786 memory_region_init_io(&io_mem_watch, NULL, &watch_mem_ops, NULL,
1ec9b909 1787 "watch", UINT64_MAX);
e9179ce1
AK		 1788}
1789
ac1970fb 1790static void mem_begin(MemoryListener *listener)
00752703
PB		 1791{
1792 AddressSpace *as = container_of(listener, AddressSpace, dispatch_listener);
53cb28cb
MA		 1793 AddressSpaceDispatch *d = g_new0(AddressSpaceDispatch, 1);
1794 uint16_t n;
1795
1796 n = dummy_section(&d->map, &io_mem_unassigned);
1797 assert(n == PHYS_SECTION_UNASSIGNED);
1798 n = dummy_section(&d->map, &io_mem_notdirty);
1799 assert(n == PHYS_SECTION_NOTDIRTY);
1800 n = dummy_section(&d->map, &io_mem_rom);
1801 assert(n == PHYS_SECTION_ROM);
1802 n = dummy_section(&d->map, &io_mem_watch);
1803 assert(n == PHYS_SECTION_WATCH);
00752703 1804
9736e55b 1805 d->phys_map = (PhysPageEntry) { .ptr = PHYS_MAP_NODE_NIL, .skip = 1 };
00752703
PB		 1806 d->as = as;
1807 as->next_dispatch = d;
1808}
1809
1810static void mem_commit(MemoryListener *listener)
ac1970fb 1811{
89ae337a 1812 AddressSpace *as = container_of(listener, AddressSpace, dispatch_listener);
0475d94f
PB		 1813 AddressSpaceDispatch *cur = as->dispatch;
1814 AddressSpaceDispatch *next = as->next_dispatch;
1815
53cb28cb 1816 phys_page_compact_all(next, next->map.nodes_nb);
b35ba30f 1817
0475d94f 1818 as->dispatch = next;
b41aac4f 1819
53cb28cb
MA		 1820 if (cur) {
1821 phys_sections_free(&cur->map);
1822 g_free(cur);
1823 }
9affd6fc
PB		 1824}
1825
1d71148e 1826static void tcg_commit(MemoryListener *listener)
50c1e149 1827{
182735ef 1828 CPUState *cpu;
117712c3
AK		 1829
1830 /* since each CPU stores ram addresses in its TLB cache, we must
1831 reset the modified entries */
1832 /* XXX: slow ! */
bdc44640 1833 CPU_FOREACH(cpu) {
182735ef
AF		 1834 CPUArchState *env = cpu->env_ptr;
1835
33bde2e1
EI		 1836 /* FIXME: Disentangle the cpu.h circular files deps so we can
1837 directly get the right CPU from listener. */
1838 if (cpu->tcg_as_listener != listener) {
1839 continue;
1840 }
117712c3
AK		 1841 tlb_flush(env, 1);
1842 }
50c1e149
AK		 1843}
1844
93632747
AK		 1845static void core_log_global_start(MemoryListener *listener)
1846{
981fdf23 1847 cpu_physical_memory_set_dirty_tracking(true);
93632747
AK		 1848}
1849
1850static void core_log_global_stop(MemoryListener *listener)
1851{
981fdf23 1852 cpu_physical_memory_set_dirty_tracking(false);
93632747
AK		 1853}
1854
93632747 1855static MemoryListener core_memory_listener = {
93632747
AK		 1856 .log_global_start = core_log_global_start,
1857 .log_global_stop = core_log_global_stop,
ac1970fb 1858 .priority = 1,
93632747
AK		 1859};
1860
ac1970fb
AK		 1861void address_space_init_dispatch(AddressSpace *as)
1862{
00752703 1863 as->dispatch = NULL;
89ae337a 1864 as->dispatch_listener = (MemoryListener) {
ac1970fb 1865 .begin = mem_begin,
00752703 1866 .commit = mem_commit,
ac1970fb
AK		 1867 .region_add = mem_add,
1868 .region_nop = mem_add,
1869 .priority = 0,
1870 };
89ae337a 1871 memory_listener_register(&as->dispatch_listener, as);
ac1970fb
AK		 1872}
1873
83f3c251
AK		 1874void address_space_destroy_dispatch(AddressSpace *as)
1875{
1876 AddressSpaceDispatch *d = as->dispatch;
1877
89ae337a 1878 memory_listener_unregister(&as->dispatch_listener);
83f3c251
AK		 1879 g_free(d);
1880 as->dispatch = NULL;
1881}
1882
62152b8a
AK		 1883static void memory_map_init(void)
1884{
7267c094 1885 system_memory = g_malloc(sizeof(*system_memory));
03f49957 1886
57271d63 1887 memory_region_init(system_memory, NULL, "system", UINT64_MAX);
7dca8043 1888 address_space_init(&address_space_memory, system_memory, "memory");
309cb471 1889
7267c094 1890 system_io = g_malloc(sizeof(*system_io));
3bb28b72
JK		 1891 memory_region_init_io(system_io, NULL, &unassigned_io_ops, NULL, "io",
1892 65536);
7dca8043 1893 address_space_init(&address_space_io, system_io, "I/O");
93632747 1894
f6790af6 1895 memory_listener_register(&core_memory_listener, &address_space_memory);
62152b8a
AK		 1896}
1897
1898MemoryRegion *get_system_memory(void)
1899{
1900 return system_memory;
1901}
1902
309cb471
AK		 1903MemoryRegion *get_system_io(void)
1904{
1905 return system_io;
1906}
1907
e2eef170
PB		 1908#endif /* !defined(CONFIG_USER_ONLY) */
1909
13eb76e0
FB		 1910/* physical memory access (slow version, mainly for debug) */
1911#if defined(CONFIG_USER_ONLY)
f17ec444 1912int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
a68fe89c 1913 uint8_t *buf, int len, int is_write)
13eb76e0
FB		 1914{
1915 int l, flags;
1916 target_ulong page;
53a5960a 1917 void * p;
13eb76e0
FB		 1918
1919 while (len > 0) {
1920 page = addr & TARGET_PAGE_MASK;
1921 l = (page + TARGET_PAGE_SIZE) - addr;
1922 if (l > len)
1923 l = len;
1924 flags = page_get_flags(page);
1925 if (!(flags & PAGE_VALID))
a68fe89c 1926 return -1;
13eb76e0
FB		 1927 if (is_write) {
1928 if (!(flags & PAGE_WRITE))
a68fe89c 1929 return -1;
579a97f7 1930 /* XXX: this code should not depend on lock_user */
72fb7daa 1931 if (!(p = lock_user(VERIFY_WRITE, addr, l, 0)))
a68fe89c 1932 return -1;
72fb7daa
AJ		 1933 memcpy(p, buf, l);
1934 unlock_user(p, addr, l);
13eb76e0
FB		 1935 } else {
1936 if (!(flags & PAGE_READ))
a68fe89c 1937 return -1;
579a97f7 1938 /* XXX: this code should not depend on lock_user */
72fb7daa 1939 if (!(p = lock_user(VERIFY_READ, addr, l, 1)))
a68fe89c 1940 return -1;
72fb7daa 1941 memcpy(buf, p, l);
5b257578 1942 unlock_user(p, addr, 0);
13eb76e0
FB		 1943 }
1944 len -= l;
1945 buf += l;
1946 addr += l;
1947 }
a68fe89c 1948 return 0;
13eb76e0 1949}
8df1cd07 1950
13eb76e0 1951#else
51d7a9eb 1952
a8170e5e
AK		 1953static void invalidate_and_set_dirty(hwaddr addr,
1954 hwaddr length)
51d7a9eb 1955{
a2cd8c85 1956 if (cpu_physical_memory_is_clean(addr)) {
51d7a9eb
AP		 1957 /* invalidate code */
1958 tb_invalidate_phys_page_range(addr, addr + length, 0);
1959 /* set dirty bit */
52159192
JQ		 1960 cpu_physical_memory_set_dirty_flag(addr, DIRTY_MEMORY_VGA);
1961 cpu_physical_memory_set_dirty_flag(addr, DIRTY_MEMORY_MIGRATION);
51d7a9eb 1962 }
e226939d 1963 xen_modified_memory(addr, length);
51d7a9eb
AP		 1964}
1965
23326164 1966static int memory_access_size(MemoryRegion *mr, unsigned l, hwaddr addr)
82f2563f 1967{
e1622f4b 1968 unsigned access_size_max = mr->ops->valid.max_access_size;
23326164
RH		 1969
1970 /* Regions are assumed to support 1-4 byte accesses unless
1971 otherwise specified. */
23326164
RH		 1972 if (access_size_max == 0) {
1973 access_size_max = 4;
1974 }
1975
1976 /* Bound the maximum access by the alignment of the address. */
1977 if (!mr->ops->impl.unaligned) {
1978 unsigned align_size_max = addr & -addr;
1979 if (align_size_max != 0 && align_size_max < access_size_max) {
1980 access_size_max = align_size_max;
1981 }
82f2563f 1982 }
23326164
RH		 1983
1984 /* Don't attempt accesses larger than the maximum. */
1985 if (l > access_size_max) {
1986 l = access_size_max;
82f2563f 1987 }
098178f2
PB		 1988 if (l & (l - 1)) {
1989 l = 1 << (qemu_fls(l) - 1);
1990 }
23326164
RH		 1991
1992 return l;
82f2563f
PB		 1993}
1994
fd8aaa76 1995bool address_space_rw(AddressSpace *as, hwaddr addr, uint8_t *buf,
ac1970fb 1996 int len, bool is_write)
13eb76e0 1997{
149f54b5 1998 hwaddr l;
13eb76e0 1999 uint8_t *ptr;
791af8c8 2000 uint64_t val;
149f54b5 2001 hwaddr addr1;
5c8a00ce 2002 MemoryRegion *mr;
fd8aaa76 2003 bool error = false;
3b46e624 2004
13eb76e0 2005 while (len > 0) {
149f54b5 2006 l = len;
5c8a00ce 2007 mr = address_space_translate(as, addr, &addr1, &l, is_write);
3b46e624 2008
13eb76e0 2009 if (is_write) {
5c8a00ce
PB		 2010 if (!memory_access_is_direct(mr, is_write)) {
2011 l = memory_access_size(mr, l, addr1);
4917cf44 2012 /* XXX: could force current_cpu to NULL to avoid
6a00d601 2013 potential bugs */
23326164
RH		 2014 switch (l) {
2015 case 8:
2016 /* 64 bit write access */
2017 val = ldq_p(buf);
2018 error |= io_mem_write(mr, addr1, val, 8);
2019 break;
2020 case 4:
1c213d19 2021 /* 32 bit write access */
c27004ec 2022 val = ldl_p(buf);
5c8a00ce 2023 error |= io_mem_write(mr, addr1, val, 4);
23326164
RH		 2024 break;
2025 case 2:
1c213d19 2026 /* 16 bit write access */
c27004ec 2027 val = lduw_p(buf);
5c8a00ce 2028 error |= io_mem_write(mr, addr1, val, 2);
23326164
RH		 2029 break;
2030 case 1:
1c213d19 2031 /* 8 bit write access */
c27004ec 2032 val = ldub_p(buf);
5c8a00ce 2033 error |= io_mem_write(mr, addr1, val, 1);
23326164
RH		 2034 break;
2035 default:
2036 abort();
13eb76e0 2037 }
2bbfa05d 2038 } else {
5c8a00ce 2039 addr1 += memory_region_get_ram_addr(mr);
13eb76e0 2040 /* RAM case */
5579c7f3 2041 ptr = qemu_get_ram_ptr(addr1);
13eb76e0 2042 memcpy(ptr, buf, l);
51d7a9eb 2043 invalidate_and_set_dirty(addr1, l);
13eb76e0
FB		 2044 }
2045 } else {
5c8a00ce 2046 if (!memory_access_is_direct(mr, is_write)) {
13eb76e0 2047 /* I/O case */
5c8a00ce 2048 l = memory_access_size(mr, l, addr1);
23326164
RH		 2049 switch (l) {
2050 case 8:
2051 /* 64 bit read access */
2052 error |= io_mem_read(mr, addr1, &val, 8);
2053 stq_p(buf, val);
2054 break;
2055 case 4:
13eb76e0 2056 /* 32 bit read access */
5c8a00ce 2057 error |= io_mem_read(mr, addr1, &val, 4);
c27004ec 2058 stl_p(buf, val);
23326164
RH		 2059 break;
2060 case 2:
13eb76e0 2061 /* 16 bit read access */
5c8a00ce 2062 error |= io_mem_read(mr, addr1, &val, 2);
c27004ec 2063 stw_p(buf, val);
23326164
RH		 2064 break;
2065 case 1:
1c213d19 2066 /* 8 bit read access */
5c8a00ce 2067 error |= io_mem_read(mr, addr1, &val, 1);
c27004ec 2068 stb_p(buf, val);
23326164
RH		 2069 break;
2070 default:
2071 abort();
13eb76e0
FB		 2072 }
2073 } else {
2074 /* RAM case */
5c8a00ce 2075 ptr = qemu_get_ram_ptr(mr->ram_addr + addr1);
f3705d53 2076 memcpy(buf, ptr, l);
13eb76e0
FB		 2077 }
2078 }
2079 len -= l;
2080 buf += l;
2081 addr += l;
2082 }
fd8aaa76
PB		 2083
2084 return error;
13eb76e0 2085}
8df1cd07 2086
fd8aaa76 2087bool address_space_write(AddressSpace *as, hwaddr addr,
ac1970fb
AK		 2088 const uint8_t *buf, int len)
2089{
fd8aaa76 2090 return address_space_rw(as, addr, (uint8_t *)buf, len, true);
ac1970fb
AK		 2091}
2092
fd8aaa76 2093bool address_space_read(AddressSpace *as, hwaddr addr, uint8_t *buf, int len)
ac1970fb 2094{
fd8aaa76 2095 return address_space_rw(as, addr, buf, len, false);
ac1970fb
AK		 2096}
2097
2098
a8170e5e 2099void cpu_physical_memory_rw(hwaddr addr, uint8_t *buf,
ac1970fb
AK		 2100 int len, int is_write)
2101{
fd8aaa76 2102 address_space_rw(&address_space_memory, addr, buf, len, is_write);
ac1970fb
AK		 2103}
2104
582b55a9
AG		 2105enum write_rom_type {
2106 WRITE_DATA,
2107 FLUSH_CACHE,
2108};
2109
2a221651 2110static inline void cpu_physical_memory_write_rom_internal(AddressSpace *as,
582b55a9 2111 hwaddr addr, const uint8_t *buf, int len, enum write_rom_type type)
d0ecd2aa 2112{
149f54b5 2113 hwaddr l;
d0ecd2aa 2114 uint8_t *ptr;
149f54b5 2115 hwaddr addr1;
5c8a00ce 2116 MemoryRegion *mr;
3b46e624 2117
d0ecd2aa 2118 while (len > 0) {
149f54b5 2119 l = len;
2a221651 2120 mr = address_space_translate(as, addr, &addr1, &l, true);
3b46e624 2121
5c8a00ce
PB		 2122 if (!(memory_region_is_ram(mr) ||
2123 memory_region_is_romd(mr))) {
d0ecd2aa
FB		 2124 /* do nothing */
2125 } else {
5c8a00ce 2126 addr1 += memory_region_get_ram_addr(mr);
d0ecd2aa 2127 /* ROM/RAM case */
5579c7f3 2128 ptr = qemu_get_ram_ptr(addr1);
582b55a9
AG		 2129 switch (type) {
2130 case WRITE_DATA:
2131 memcpy(ptr, buf, l);
2132 invalidate_and_set_dirty(addr1, l);
2133 break;
2134 case FLUSH_CACHE:
2135 flush_icache_range((uintptr_t)ptr, (uintptr_t)ptr + l);
2136 break;
2137 }
d0ecd2aa
FB		 2138 }
2139 len -= l;
2140 buf += l;
2141 addr += l;
2142 }
2143}
2144
582b55a9 2145/* used for ROM loading : can write in RAM and ROM */
2a221651 2146void cpu_physical_memory_write_rom(AddressSpace *as, hwaddr addr,
582b55a9
AG		 2147 const uint8_t *buf, int len)
2148{
2a221651 2149 cpu_physical_memory_write_rom_internal(as, addr, buf, len, WRITE_DATA);
582b55a9
AG		 2150}
2151
2152void cpu_flush_icache_range(hwaddr start, int len)
2153{
2154 /*
2155 * This function should do the same thing as an icache flush that was
2156 * triggered from within the guest. For TCG we are always cache coherent,
2157 * so there is no need to flush anything. For KVM / Xen we need to flush
2158 * the host's instruction cache at least.
2159 */
2160 if (tcg_enabled()) {
2161 return;
2162 }
2163
2a221651
EI		 2164 cpu_physical_memory_write_rom_internal(&address_space_memory,
2165 start, NULL, len, FLUSH_CACHE);
582b55a9
AG		 2166}
2167
6d16c2f8 2168typedef struct {
d3e71559 2169 MemoryRegion *mr;
6d16c2f8 2170 void *buffer;
a8170e5e
AK		 2171 hwaddr addr;
2172 hwaddr len;
6d16c2f8
AL		 2173} BounceBuffer;
2174
2175static BounceBuffer bounce;
2176
ba223c29
AL		 2177typedef struct MapClient {
2178 void *opaque;
2179 void (*callback)(void *opaque);
72cf2d4f 2180 QLIST_ENTRY(MapClient) link;
ba223c29
AL		 2181} MapClient;
2182
72cf2d4f
BS		 2183static QLIST_HEAD(map_client_list, MapClient) map_client_list
2184 = QLIST_HEAD_INITIALIZER(map_client_list);
ba223c29
AL		 2185
2186void *cpu_register_map_client(void *opaque, void (*callback)(void *opaque))
2187{
7267c094 2188 MapClient *client = g_malloc(sizeof(*client));
ba223c29
AL		 2189
2190 client->opaque = opaque;
2191 client->callback = callback;
72cf2d4f 2192 QLIST_INSERT_HEAD(&map_client_list, client, link);
ba223c29
AL		 2193 return client;
2194}
2195
8b9c99d9 2196static void cpu_unregister_map_client(void *_client)
ba223c29
AL		 2197{
2198 MapClient *client = (MapClient *)_client;
2199
72cf2d4f 2200 QLIST_REMOVE(client, link);
7267c094 2201 g_free(client);
ba223c29
AL		 2202}
2203
2204static void cpu_notify_map_clients(void)
2205{
2206 MapClient *client;
2207
72cf2d4f
BS		 2208 while (!QLIST_EMPTY(&map_client_list)) {
2209 client = QLIST_FIRST(&map_client_list);
ba223c29 2210 client->callback(client->opaque);
34d5e948 2211 cpu_unregister_map_client(client);
ba223c29
AL		 2212 }
2213}
2214
51644ab7
PB		 2215bool address_space_access_valid(AddressSpace *as, hwaddr addr, int len, bool is_write)
2216{
5c8a00ce 2217 MemoryRegion *mr;
51644ab7
PB		 2218 hwaddr l, xlat;
2219
2220 while (len > 0) {
2221 l = len;
5c8a00ce
PB		 2222 mr = address_space_translate(as, addr, &xlat, &l, is_write);
2223 if (!memory_access_is_direct(mr, is_write)) {
2224 l = memory_access_size(mr, l, addr);
2225 if (!memory_region_access_valid(mr, xlat, l, is_write)) {
51644ab7
PB		 2226 return false;
2227 }
2228 }
2229
2230 len -= l;
2231 addr += l;
2232 }
2233 return true;
2234}
2235
6d16c2f8
AL		 2236/* Map a physical memory region into a host virtual address.
2237 * May map a subset of the requested range, given by and returned in *plen.
2238 * May return NULL if resources needed to perform the mapping are exhausted.
2239 * Use only for reads OR writes - not for read-modify-write operations.
ba223c29
AL		 2240 * Use cpu_register_map_client() to know when retrying the map operation is
2241 * likely to succeed.
6d16c2f8 2242 */
ac1970fb 2243void *address_space_map(AddressSpace *as,
a8170e5e
AK		 2244 hwaddr addr,
2245 hwaddr *plen,
ac1970fb 2246 bool is_write)
6d16c2f8 2247{
a8170e5e 2248 hwaddr len = *plen;
e3127ae0
PB		 2249 hwaddr done = 0;
2250 hwaddr l, xlat, base;
2251 MemoryRegion *mr, *this_mr;
2252 ram_addr_t raddr;
6d16c2f8 2253
e3127ae0
PB		 2254 if (len == 0) {
2255 return NULL;
2256 }
38bee5dc 2257
e3127ae0
PB		 2258 l = len;
2259 mr = address_space_translate(as, addr, &xlat, &l, is_write);
2260 if (!memory_access_is_direct(mr, is_write)) {
2261 if (bounce.buffer) {
2262 return NULL;
6d16c2f8 2263 }
e85d9db5
KW		 2264 /* Avoid unbounded allocations */
2265 l = MIN(l, TARGET_PAGE_SIZE);
2266 bounce.buffer = qemu_memalign(TARGET_PAGE_SIZE, l);
e3127ae0
PB		 2267 bounce.addr = addr;
2268 bounce.len = l;
d3e71559
PB		 2269
2270 memory_region_ref(mr);
2271 bounce.mr = mr;
e3127ae0
PB		 2272 if (!is_write) {
2273 address_space_read(as, addr, bounce.buffer, l);
8ab934f9 2274 }
6d16c2f8 2275
e3127ae0
PB		 2276 *plen = l;
2277 return bounce.buffer;
2278 }
2279
2280 base = xlat;
2281 raddr = memory_region_get_ram_addr(mr);
2282
2283 for (;;) {
6d16c2f8
AL		 2284 len -= l;
2285 addr += l;
e3127ae0
PB		 2286 done += l;
2287 if (len == 0) {
2288 break;
2289 }
2290
2291 l = len;
2292 this_mr = address_space_translate(as, addr, &xlat, &l, is_write);
2293 if (this_mr != mr || xlat != base + done) {
2294 break;
2295 }
6d16c2f8 2296 }
e3127ae0 2297
d3e71559 2298 memory_region_ref(mr);
e3127ae0
PB		 2299 *plen = done;
2300 return qemu_ram_ptr_length(raddr + base, plen);
6d16c2f8
AL		 2301}
2302
ac1970fb 2303/* Unmaps a memory region previously mapped by address_space_map().
6d16c2f8
AL		 2304 * Will also mark the memory as dirty if is_write == 1. access_len gives
2305 * the amount of memory that was actually read or written by the caller.
2306 */
a8170e5e
AK		 2307void address_space_unmap(AddressSpace *as, void *buffer, hwaddr len,
2308 int is_write, hwaddr access_len)
6d16c2f8
AL		 2309{
2310 if (buffer != bounce.buffer) {
d3e71559
PB		 2311 MemoryRegion *mr;
2312 ram_addr_t addr1;
2313
2314 mr = qemu_ram_addr_from_host(buffer, &addr1);
2315 assert(mr != NULL);
6d16c2f8 2316 if (is_write) {
6d16c2f8
AL		 2317 while (access_len) {
2318 unsigned l;
2319 l = TARGET_PAGE_SIZE;
2320 if (l > access_len)
2321 l = access_len;
51d7a9eb 2322 invalidate_and_set_dirty(addr1, l);
6d16c2f8
AL		 2323 addr1 += l;
2324 access_len -= l;
2325 }
2326 }
868bb33f 2327 if (xen_enabled()) {
e41d7c69 2328 xen_invalidate_map_cache_entry(buffer);
050a0ddf 2329 }
d3e71559 2330 memory_region_unref(mr);
6d16c2f8
AL		 2331 return;
2332 }
2333 if (is_write) {
ac1970fb 2334 address_space_write(as, bounce.addr, bounce.buffer, access_len);
6d16c2f8 2335 }
f8a83245 2336 qemu_vfree(bounce.buffer);
6d16c2f8 2337 bounce.buffer = NULL;
d3e71559 2338 memory_region_unref(bounce.mr);
ba223c29 2339 cpu_notify_map_clients();
6d16c2f8 2340}
d0ecd2aa 2341
a8170e5e
AK		 2342void *cpu_physical_memory_map(hwaddr addr,
2343 hwaddr *plen,
ac1970fb
AK		 2344 int is_write)
2345{
2346 return address_space_map(&address_space_memory, addr, plen, is_write);
2347}
2348
a8170e5e
AK		 2349void cpu_physical_memory_unmap(void *buffer, hwaddr len,
2350 int is_write, hwaddr access_len)
ac1970fb
AK		 2351{
2352 return address_space_unmap(&address_space_memory, buffer, len, is_write, access_len);
2353}
2354
8df1cd07 2355/* warning: addr must be aligned */
fdfba1a2 2356static inline uint32_t ldl_phys_internal(AddressSpace *as, hwaddr addr,
1e78bcc1 2357 enum device_endian endian)
8df1cd07 2358{
8df1cd07 2359 uint8_t *ptr;
791af8c8 2360 uint64_t val;
5c8a00ce 2361 MemoryRegion *mr;
149f54b5
PB		 2362 hwaddr l = 4;
2363 hwaddr addr1;
8df1cd07 2364
fdfba1a2 2365 mr = address_space_translate(as, addr, &addr1, &l, false);
5c8a00ce 2366 if (l < 4 || !memory_access_is_direct(mr, false)) {
8df1cd07 2367 /* I/O case */
5c8a00ce 2368 io_mem_read(mr, addr1, &val, 4);
1e78bcc1
AG		 2369#if defined(TARGET_WORDS_BIGENDIAN)
2370 if (endian == DEVICE_LITTLE_ENDIAN) {
2371 val = bswap32(val);
2372 }
2373#else
2374 if (endian == DEVICE_BIG_ENDIAN) {
2375 val = bswap32(val);
2376 }
2377#endif
8df1cd07
FB		 2378 } else {
2379 /* RAM case */
5c8a00ce 2380 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(mr)
06ef3525 2381 & TARGET_PAGE_MASK)
149f54b5 2382 + addr1);
1e78bcc1
AG		 2383 switch (endian) {
2384 case DEVICE_LITTLE_ENDIAN:
2385 val = ldl_le_p(ptr);
2386 break;
2387 case DEVICE_BIG_ENDIAN:
2388 val = ldl_be_p(ptr);
2389 break;
2390 default:
2391 val = ldl_p(ptr);
2392 break;
2393 }
8df1cd07
FB		 2394 }
2395 return val;
2396}
2397
fdfba1a2 2398uint32_t ldl_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2399{
fdfba1a2 2400 return ldl_phys_internal(as, addr, DEVICE_NATIVE_ENDIAN);
1e78bcc1
AG		 2401}
2402
fdfba1a2 2403uint32_t ldl_le_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2404{
fdfba1a2 2405 return ldl_phys_internal(as, addr, DEVICE_LITTLE_ENDIAN);
1e78bcc1
AG		 2406}
2407
fdfba1a2 2408uint32_t ldl_be_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2409{
fdfba1a2 2410 return ldl_phys_internal(as, addr, DEVICE_BIG_ENDIAN);
1e78bcc1
AG		 2411}
2412
84b7b8e7 2413/* warning: addr must be aligned */
2c17449b 2414static inline uint64_t ldq_phys_internal(AddressSpace *as, hwaddr addr,
1e78bcc1 2415 enum device_endian endian)
84b7b8e7 2416{
84b7b8e7
FB		 2417 uint8_t *ptr;
2418 uint64_t val;
5c8a00ce 2419 MemoryRegion *mr;
149f54b5
PB		 2420 hwaddr l = 8;
2421 hwaddr addr1;
84b7b8e7 2422
2c17449b 2423 mr = address_space_translate(as, addr, &addr1, &l,
5c8a00ce
PB		 2424 false);
2425 if (l < 8 || !memory_access_is_direct(mr, false)) {
84b7b8e7 2426 /* I/O case */
5c8a00ce 2427 io_mem_read(mr, addr1, &val, 8);
968a5627
PB		 2428#if defined(TARGET_WORDS_BIGENDIAN)
2429 if (endian == DEVICE_LITTLE_ENDIAN) {
2430 val = bswap64(val);
2431 }
2432#else
2433 if (endian == DEVICE_BIG_ENDIAN) {
2434 val = bswap64(val);
2435 }
84b7b8e7
FB		 2436#endif
2437 } else {
2438 /* RAM case */
5c8a00ce 2439 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(mr)
06ef3525 2440 & TARGET_PAGE_MASK)
149f54b5 2441 + addr1);
1e78bcc1
AG		 2442 switch (endian) {
2443 case DEVICE_LITTLE_ENDIAN:
2444 val = ldq_le_p(ptr);
2445 break;
2446 case DEVICE_BIG_ENDIAN:
2447 val = ldq_be_p(ptr);
2448 break;
2449 default:
2450 val = ldq_p(ptr);
2451 break;
2452 }
84b7b8e7
FB		 2453 }
2454 return val;
2455}
2456
2c17449b 2457uint64_t ldq_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2458{
2c17449b 2459 return ldq_phys_internal(as, addr, DEVICE_NATIVE_ENDIAN);
1e78bcc1
AG		 2460}
2461
2c17449b 2462uint64_t ldq_le_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2463{
2c17449b 2464 return ldq_phys_internal(as, addr, DEVICE_LITTLE_ENDIAN);
1e78bcc1
AG		 2465}
2466
2c17449b 2467uint64_t ldq_be_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2468{
2c17449b 2469 return ldq_phys_internal(as, addr, DEVICE_BIG_ENDIAN);
1e78bcc1
AG		 2470}
2471
aab33094 2472/* XXX: optimize */
2c17449b 2473uint32_t ldub_phys(AddressSpace *as, hwaddr addr)
aab33094
FB		 2474{
2475 uint8_t val;
2c17449b 2476 address_space_rw(as, addr, &val, 1, 0);
aab33094
FB		 2477 return val;
2478}
2479
733f0b02 2480/* warning: addr must be aligned */
41701aa4 2481static inline uint32_t lduw_phys_internal(AddressSpace *as, hwaddr addr,
1e78bcc1 2482 enum device_endian endian)
aab33094 2483{
733f0b02
MT		 2484 uint8_t *ptr;
2485 uint64_t val;
5c8a00ce 2486 MemoryRegion *mr;
149f54b5
PB		 2487 hwaddr l = 2;
2488 hwaddr addr1;
733f0b02 2489
41701aa4 2490 mr = address_space_translate(as, addr, &addr1, &l,
5c8a00ce
PB		 2491 false);
2492 if (l < 2 || !memory_access_is_direct(mr, false)) {
733f0b02 2493 /* I/O case */
5c8a00ce 2494 io_mem_read(mr, addr1, &val, 2);
1e78bcc1
AG		 2495#if defined(TARGET_WORDS_BIGENDIAN)
2496 if (endian == DEVICE_LITTLE_ENDIAN) {
2497 val = bswap16(val);
2498 }
2499#else
2500 if (endian == DEVICE_BIG_ENDIAN) {
2501 val = bswap16(val);
2502 }
2503#endif
733f0b02
MT		 2504 } else {
2505 /* RAM case */
5c8a00ce 2506 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(mr)
06ef3525 2507 & TARGET_PAGE_MASK)
149f54b5 2508 + addr1);
1e78bcc1
AG		 2509 switch (endian) {
2510 case DEVICE_LITTLE_ENDIAN:
2511 val = lduw_le_p(ptr);
2512 break;
2513 case DEVICE_BIG_ENDIAN:
2514 val = lduw_be_p(ptr);
2515 break;
2516 default:
2517 val = lduw_p(ptr);
2518 break;
2519 }
733f0b02
MT		 2520 }
2521 return val;
aab33094
FB		 2522}
2523
41701aa4 2524uint32_t lduw_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2525{
41701aa4 2526 return lduw_phys_internal(as, addr, DEVICE_NATIVE_ENDIAN);
1e78bcc1
AG		 2527}
2528
41701aa4 2529uint32_t lduw_le_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2530{
41701aa4 2531 return lduw_phys_internal(as, addr, DEVICE_LITTLE_ENDIAN);
1e78bcc1
AG		 2532}
2533
41701aa4 2534uint32_t lduw_be_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2535{
41701aa4 2536 return lduw_phys_internal(as, addr, DEVICE_BIG_ENDIAN);
1e78bcc1
AG		 2537}
2538
8df1cd07
FB		 2539/* warning: addr must be aligned. The ram page is not masked as dirty
2540 and the code inside is not invalidated. It is useful if the dirty
2541 bits are used to track modified PTEs */
2198a121 2542void stl_phys_notdirty(AddressSpace *as, hwaddr addr, uint32_t val)
8df1cd07 2543{
8df1cd07 2544 uint8_t *ptr;
5c8a00ce 2545 MemoryRegion *mr;
149f54b5
PB		 2546 hwaddr l = 4;
2547 hwaddr addr1;
8df1cd07 2548
2198a121 2549 mr = address_space_translate(as, addr, &addr1, &l,
5c8a00ce
PB		 2550 true);
2551 if (l < 4 || !memory_access_is_direct(mr, true)) {
2552 io_mem_write(mr, addr1, val, 4);
8df1cd07 2553 } else {
5c8a00ce 2554 addr1 += memory_region_get_ram_addr(mr) & TARGET_PAGE_MASK;
5579c7f3 2555 ptr = qemu_get_ram_ptr(addr1);
8df1cd07 2556 stl_p(ptr, val);
74576198
AL		 2557
2558 if (unlikely(in_migration)) {
a2cd8c85 2559 if (cpu_physical_memory_is_clean(addr1)) {
74576198
AL		 2560 /* invalidate code */
2561 tb_invalidate_phys_page_range(addr1, addr1 + 4, 0);
2562 /* set dirty bit */
52159192
JQ		 2563 cpu_physical_memory_set_dirty_flag(addr1,
2564 DIRTY_MEMORY_MIGRATION);
2565 cpu_physical_memory_set_dirty_flag(addr1, DIRTY_MEMORY_VGA);
74576198
AL		 2566 }
2567 }
8df1cd07
FB		 2568 }
2569}
2570
2571/* warning: addr must be aligned */
ab1da857
EI		 2572static inline void stl_phys_internal(AddressSpace *as,
2573 hwaddr addr, uint32_t val,
1e78bcc1 2574 enum device_endian endian)
8df1cd07 2575{
8df1cd07 2576 uint8_t *ptr;
5c8a00ce 2577 MemoryRegion *mr;
149f54b5
PB		 2578 hwaddr l = 4;
2579 hwaddr addr1;
8df1cd07 2580
ab1da857 2581 mr = address_space_translate(as, addr, &addr1, &l,
5c8a00ce
PB		 2582 true);
2583 if (l < 4 || !memory_access_is_direct(mr, true)) {
1e78bcc1
AG		 2584#if defined(TARGET_WORDS_BIGENDIAN)
2585 if (endian == DEVICE_LITTLE_ENDIAN) {
2586 val = bswap32(val);
2587 }
2588#else
2589 if (endian == DEVICE_BIG_ENDIAN) {
2590 val = bswap32(val);
2591 }
2592#endif
5c8a00ce 2593 io_mem_write(mr, addr1, val, 4);
8df1cd07 2594 } else {
8df1cd07 2595 /* RAM case */
5c8a00ce 2596 addr1 += memory_region_get_ram_addr(mr) & TARGET_PAGE_MASK;
5579c7f3 2597 ptr = qemu_get_ram_ptr(addr1);
1e78bcc1
AG		 2598 switch (endian) {
2599 case DEVICE_LITTLE_ENDIAN:
2600 stl_le_p(ptr, val);
2601 break;
2602 case DEVICE_BIG_ENDIAN:
2603 stl_be_p(ptr, val);
2604 break;
2605 default:
2606 stl_p(ptr, val);
2607 break;
2608 }
51d7a9eb 2609 invalidate_and_set_dirty(addr1, 4);
8df1cd07
FB		 2610 }
2611}
2612
ab1da857 2613void stl_phys(AddressSpace *as, hwaddr addr, uint32_t val)
1e78bcc1 2614{
ab1da857 2615 stl_phys_internal(as, addr, val, DEVICE_NATIVE_ENDIAN);
1e78bcc1
AG		 2616}
2617
ab1da857 2618void stl_le_phys(AddressSpace *as, hwaddr addr, uint32_t val)
1e78bcc1 2619{
ab1da857 2620 stl_phys_internal(as, addr, val, DEVICE_LITTLE_ENDIAN);
1e78bcc1
AG		 2621}
2622
ab1da857 2623void stl_be_phys(AddressSpace *as, hwaddr addr, uint32_t val)
1e78bcc1 2624{
ab1da857 2625 stl_phys_internal(as, addr, val, DEVICE_BIG_ENDIAN);
1e78bcc1
AG		 2626}
2627
aab33094 2628/* XXX: optimize */
db3be60d 2629void stb_phys(AddressSpace *as, hwaddr addr, uint32_t val)
aab33094
FB		 2630{
2631 uint8_t v = val;
db3be60d 2632 address_space_rw(as, addr, &v, 1, 1);
aab33094
FB		 2633}
2634
733f0b02 2635/* warning: addr must be aligned */
5ce5944d
EI		 2636static inline void stw_phys_internal(AddressSpace *as,
2637 hwaddr addr, uint32_t val,
1e78bcc1 2638 enum device_endian endian)
aab33094 2639{
733f0b02 2640 uint8_t *ptr;
5c8a00ce 2641 MemoryRegion *mr;
149f54b5
PB		 2642 hwaddr l = 2;
2643 hwaddr addr1;
733f0b02 2644
5ce5944d 2645 mr = address_space_translate(as, addr, &addr1, &l, true);
5c8a00ce 2646 if (l < 2 || !memory_access_is_direct(mr, true)) {
1e78bcc1
AG		 2647#if defined(TARGET_WORDS_BIGENDIAN)
2648 if (endian == DEVICE_LITTLE_ENDIAN) {
2649 val = bswap16(val);
2650 }
2651#else
2652 if (endian == DEVICE_BIG_ENDIAN) {
2653 val = bswap16(val);
2654 }
2655#endif
5c8a00ce 2656 io_mem_write(mr, addr1, val, 2);
733f0b02 2657 } else {
733f0b02 2658 /* RAM case */
5c8a00ce 2659 addr1 += memory_region_get_ram_addr(mr) & TARGET_PAGE_MASK;
733f0b02 2660 ptr = qemu_get_ram_ptr(addr1);
1e78bcc1
AG		 2661 switch (endian) {
2662 case DEVICE_LITTLE_ENDIAN:
2663 stw_le_p(ptr, val);
2664 break;
2665 case DEVICE_BIG_ENDIAN:
2666 stw_be_p(ptr, val);
2667 break;
2668 default:
2669 stw_p(ptr, val);
2670 break;
2671 }
51d7a9eb 2672 invalidate_and_set_dirty(addr1, 2);
733f0b02 2673 }
aab33094
FB		 2674}
2675
5ce5944d 2676void stw_phys(AddressSpace *as, hwaddr addr, uint32_t val)
1e78bcc1 2677{
5ce5944d 2678 stw_phys_internal(as, addr, val, DEVICE_NATIVE_ENDIAN);
1e78bcc1
AG		 2679}
2680
5ce5944d 2681void stw_le_phys(AddressSpace *as, hwaddr addr, uint32_t val)
1e78bcc1 2682{
5ce5944d 2683 stw_phys_internal(as, addr, val, DEVICE_LITTLE_ENDIAN);
1e78bcc1
AG		 2684}
2685
5ce5944d 2686void stw_be_phys(AddressSpace *as, hwaddr addr, uint32_t val)
1e78bcc1 2687{
5ce5944d 2688 stw_phys_internal(as, addr, val, DEVICE_BIG_ENDIAN);
1e78bcc1
AG		 2689}
2690
aab33094 2691/* XXX: optimize */
f606604f 2692void stq_phys(AddressSpace *as, hwaddr addr, uint64_t val)
aab33094
FB		 2693{
2694 val = tswap64(val);
f606604f 2695 address_space_rw(as, addr, (void *) &val, 8, 1);
aab33094
FB		 2696}
2697
f606604f 2698void stq_le_phys(AddressSpace *as, hwaddr addr, uint64_t val)
1e78bcc1
AG		 2699{
2700 val = cpu_to_le64(val);
f606604f 2701 address_space_rw(as, addr, (void *) &val, 8, 1);
1e78bcc1
AG		 2702}
2703
f606604f 2704void stq_be_phys(AddressSpace *as, hwaddr addr, uint64_t val)
1e78bcc1
AG		 2705{
2706 val = cpu_to_be64(val);
f606604f 2707 address_space_rw(as, addr, (void *) &val, 8, 1);
1e78bcc1
AG		 2708}
2709
5e2972fd 2710/* virtual memory access for debug (includes writing to ROM) */
f17ec444 2711int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
b448f2f3 2712 uint8_t *buf, int len, int is_write)
13eb76e0
FB		 2713{
2714 int l;
a8170e5e 2715 hwaddr phys_addr;
9b3c35e0 2716 target_ulong page;
13eb76e0
FB		 2717
2718 while (len > 0) {
2719 page = addr & TARGET_PAGE_MASK;
f17ec444 2720 phys_addr = cpu_get_phys_page_debug(cpu, page);
13eb76e0
FB		 2721 /* if no physical page mapped, return an error */
2722 if (phys_addr == -1)
2723 return -1;
2724 l = (page + TARGET_PAGE_SIZE) - addr;
2725 if (l > len)
2726 l = len;
5e2972fd 2727 phys_addr += (addr & ~TARGET_PAGE_MASK);
2e38847b
EI		 2728 if (is_write) {
2729 cpu_physical_memory_write_rom(cpu->as, phys_addr, buf, l);
2730 } else {
2731 address_space_rw(cpu->as, phys_addr, buf, l, 0);
2732 }
13eb76e0
FB		 2733 len -= l;
2734 buf += l;
2735 addr += l;
2736 }
2737 return 0;
2738}
a68fe89c 2739#endif
13eb76e0 2740
8e4a424b
BS		 2741#if !defined(CONFIG_USER_ONLY)
2742
2743/*
2744 * A helper function for the _utterly broken_ virtio device model to find out if
2745 * it's running on a big endian machine. Don't do this at home kids!
2746 */
2747bool virtio_is_big_endian(void);
2748bool virtio_is_big_endian(void)
2749{
2750#if defined(TARGET_WORDS_BIGENDIAN)
2751 return true;
2752#else
2753 return false;
2754#endif
2755}
2756
2757#endif
2758
76f35538 2759#ifndef CONFIG_USER_ONLY
a8170e5e 2760bool cpu_physical_memory_is_io(hwaddr phys_addr)
76f35538 2761{
5c8a00ce 2762 MemoryRegion*mr;
149f54b5 2763 hwaddr l = 1;
76f35538 2764
5c8a00ce
PB		 2765 mr = address_space_translate(&address_space_memory,
2766 phys_addr, &phys_addr, &l, false);
76f35538 2767
5c8a00ce
PB		 2768 return !(memory_region_is_ram(mr) ||
2769 memory_region_is_romd(mr));
76f35538 2770}
bd2fa51f
MH		 2771
2772void qemu_ram_foreach_block(RAMBlockIterFunc func, void *opaque)
2773{
2774 RAMBlock *block;
2775
2776 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
2777 func(block->host, block->offset, block->length, opaque);
2778 }
2779}
ec3f8c99 2780#endif
QEMU mirror