]> git.proxmox.com Git - mirror_qemu.git/blame - exec.c
projects / mirror_qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
cpu: Turn cpu_handle_mmu_fault() into a CPUClass hook
[mirror_qemu.git] / exec.c
CommitLineData
54936004 1/*
5b6dd868 2 * Virtual page mapping
5fafdf24 3 *
54936004
FB		 4 * Copyright (c) 2003 Fabrice Bellard
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
8167ee88 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
54936004 18 */
67b915a5 19#include "config.h"
777872e5 20#ifndef _WIN32
a98d49b1 21#include <sys/types.h>
d5a8f07c
FB		 22#include <sys/mman.h>
23#endif
54936004 24
055403b2 25#include "qemu-common.h"
6180a181 26#include "cpu.h"
b67d9a52 27#include "tcg.h"
b3c7724c 28#include "hw/hw.h"
cc9e98cb 29#include "hw/qdev.h"
1de7afc9 30#include "qemu/osdep.h"
9c17d615 31#include "sysemu/kvm.h"
2ff3de68 32#include "sysemu/sysemu.h"
0d09e41a 33#include "hw/xen/xen.h"
1de7afc9
PB		 34#include "qemu/timer.h"
35#include "qemu/config-file.h"
022c62cb 36#include "exec/memory.h"
9c17d615 37#include "sysemu/dma.h"
022c62cb 38#include "exec/address-spaces.h"
53a5960a
PB		 39#if defined(CONFIG_USER_ONLY)
40#include <qemu.h>
432d268c 41#else /* !CONFIG_USER_ONLY */
9c17d615 42#include "sysemu/xen-mapcache.h"
6506e4f9 43#include "trace.h"
53a5960a 44#endif
0d6d3c87 45#include "exec/cpu-all.h"
54936004 46
022c62cb 47#include "exec/cputlb.h"
5b6dd868 48#include "translate-all.h"
0cac1b66 49
022c62cb 50#include "exec/memory-internal.h"
220c3ebd 51#include "exec/ram_addr.h"
582b55a9 52#include "qemu/cache-utils.h"
67d95c15 53
b35ba30f
MT		 54#include "qemu/range.h"
55
db7b5426 56//#define DEBUG_SUBPAGE
1196be37 57
e2eef170 58#if !defined(CONFIG_USER_ONLY)
981fdf23 59static bool in_migration;
94a6b54f 60
a3161038 61RAMList ram_list = { .blocks = QTAILQ_HEAD_INITIALIZER(ram_list.blocks) };
62152b8a
AK		 62
63static MemoryRegion *system_memory;
309cb471 64static MemoryRegion *system_io;
62152b8a 65
f6790af6
AK		 66AddressSpace address_space_io;
67AddressSpace address_space_memory;
2673a5da 68
0844e007 69MemoryRegion io_mem_rom, io_mem_notdirty;
acc9d80b 70static MemoryRegion io_mem_unassigned;
0e0df1e2 71
e2eef170 72#endif
9fa3e853 73
bdc44640 74struct CPUTailQ cpus = QTAILQ_HEAD_INITIALIZER(cpus);
6a00d601
FB		 75/* current CPU in the current thread. It is only valid inside
76 cpu_exec() */
4917cf44 77DEFINE_TLS(CPUState *, current_cpu);
2e70f6ef 78/* 0 = Do not count executed instructions.
bf20dc07 79 1 = Precise instruction counting.
2e70f6ef 80 2 = Adaptive rate instruction counting. */
5708fc66 81int use_icount;
6a00d601 82
e2eef170 83#if !defined(CONFIG_USER_ONLY)
4346ae3e 84
1db8abb1
PB		 85typedef struct PhysPageEntry PhysPageEntry;
86
87struct PhysPageEntry {
9736e55b 88 /* How many bits skip to next level (in units of L2_SIZE). 0 for a leaf. */
8b795765 89 uint32_t skip : 6;
9736e55b 90 /* index into phys_sections (!skip) or phys_map_nodes (skip) */
8b795765 91 uint32_t ptr : 26;
1db8abb1
PB		 92};
93
8b795765
MT		 94#define PHYS_MAP_NODE_NIL (((uint32_t)~0) >> 6)
95
03f49957 96/* Size of the L2 (and L3, etc) page tables. */
57271d63 97#define ADDR_SPACE_BITS 64
03f49957 98
026736ce 99#define P_L2_BITS 9
03f49957
PB		 100#define P_L2_SIZE (1 << P_L2_BITS)
101
102#define P_L2_LEVELS (((ADDR_SPACE_BITS - TARGET_PAGE_BITS - 1) / P_L2_BITS) + 1)
103
104typedef PhysPageEntry Node[P_L2_SIZE];
0475d94f 105
53cb28cb
MA		 106typedef struct PhysPageMap {
107 unsigned sections_nb;
108 unsigned sections_nb_alloc;
109 unsigned nodes_nb;
110 unsigned nodes_nb_alloc;
111 Node *nodes;
112 MemoryRegionSection *sections;
113} PhysPageMap;
114
1db8abb1
PB		 115struct AddressSpaceDispatch {
116 /* This is a multi-level map on the physical address space.
117 * The bottom level has pointers to MemoryRegionSections.
118 */
119 PhysPageEntry phys_map;
53cb28cb 120 PhysPageMap map;
acc9d80b 121 AddressSpace *as;
1db8abb1
PB		 122};
123
90260c6c
JK		 124#define SUBPAGE_IDX(addr) ((addr) & ~TARGET_PAGE_MASK)
125typedef struct subpage_t {
126 MemoryRegion iomem;
acc9d80b 127 AddressSpace *as;
90260c6c
JK		 128 hwaddr base;
129 uint16_t sub_section[TARGET_PAGE_SIZE];
130} subpage_t;
131
b41aac4f
LPF		 132#define PHYS_SECTION_UNASSIGNED 0
133#define PHYS_SECTION_NOTDIRTY 1
134#define PHYS_SECTION_ROM 2
135#define PHYS_SECTION_WATCH 3
5312bd8b 136
e2eef170 137static void io_mem_init(void);
62152b8a 138static void memory_map_init(void);
09daed84 139static void tcg_commit(MemoryListener *listener);
e2eef170 140
1ec9b909 141static MemoryRegion io_mem_watch;
6658ffb8 142#endif
fd6ce8f6 143
6d9a1304 144#if !defined(CONFIG_USER_ONLY)
d6f2ea22 145
53cb28cb 146static void phys_map_node_reserve(PhysPageMap *map, unsigned nodes)
d6f2ea22 147{
53cb28cb
MA		 148 if (map->nodes_nb + nodes > map->nodes_nb_alloc) {
149 map->nodes_nb_alloc = MAX(map->nodes_nb_alloc * 2, 16);
150 map->nodes_nb_alloc = MAX(map->nodes_nb_alloc, map->nodes_nb + nodes);
151 map->nodes = g_renew(Node, map->nodes, map->nodes_nb_alloc);
d6f2ea22 152 }
f7bf5461
AK		 153}
154
53cb28cb 155static uint32_t phys_map_node_alloc(PhysPageMap *map)
f7bf5461
AK		 156{
157 unsigned i;
8b795765 158 uint32_t ret;
f7bf5461 159
53cb28cb 160 ret = map->nodes_nb++;
f7bf5461 161 assert(ret != PHYS_MAP_NODE_NIL);
53cb28cb 162 assert(ret != map->nodes_nb_alloc);
03f49957 163 for (i = 0; i < P_L2_SIZE; ++i) {
53cb28cb
MA		 164 map->nodes[ret][i].skip = 1;
165 map->nodes[ret][i].ptr = PHYS_MAP_NODE_NIL;
d6f2ea22 166 }
f7bf5461 167 return ret;
d6f2ea22
AK		 168}
169
53cb28cb
MA		 170static void phys_page_set_level(PhysPageMap *map, PhysPageEntry *lp,
171 hwaddr *index, hwaddr *nb, uint16_t leaf,
2999097b 172 int level)
f7bf5461
AK		 173{
174 PhysPageEntry *p;
175 int i;
03f49957 176 hwaddr step = (hwaddr)1 << (level * P_L2_BITS);
108c49b8 177
9736e55b 178 if (lp->skip && lp->ptr == PHYS_MAP_NODE_NIL) {
53cb28cb
MA		 179 lp->ptr = phys_map_node_alloc(map);
180 p = map->nodes[lp->ptr];
f7bf5461 181 if (level == 0) {
03f49957 182 for (i = 0; i < P_L2_SIZE; i++) {
9736e55b 183 p[i].skip = 0;
b41aac4f 184 p[i].ptr = PHYS_SECTION_UNASSIGNED;
4346ae3e 185 }
67c4d23c 186 }
f7bf5461 187 } else {
53cb28cb 188 p = map->nodes[lp->ptr];
92e873b9 189 }
03f49957 190 lp = &p[(*index >> (level * P_L2_BITS)) & (P_L2_SIZE - 1)];
f7bf5461 191
03f49957 192 while (*nb && lp < &p[P_L2_SIZE]) {
07f07b31 193 if ((*index & (step - 1)) == 0 && *nb >= step) {
9736e55b 194 lp->skip = 0;
c19e8800 195 lp->ptr = leaf;
07f07b31
AK		 196 *index += step;
197 *nb -= step;
2999097b 198 } else {
53cb28cb 199 phys_page_set_level(map, lp, index, nb, leaf, level - 1);
2999097b
AK		 200 }
201 ++lp;
f7bf5461
AK		 202 }
203}
204
ac1970fb 205static void phys_page_set(AddressSpaceDispatch *d,
a8170e5e 206 hwaddr index, hwaddr nb,
2999097b 207 uint16_t leaf)
f7bf5461 208{
2999097b 209 /* Wildly overreserve - it doesn't matter much. */
53cb28cb 210 phys_map_node_reserve(&d->map, 3 * P_L2_LEVELS);
5cd2c5b6 211
53cb28cb 212 phys_page_set_level(&d->map, &d->phys_map, &index, &nb, leaf, P_L2_LEVELS - 1);
92e873b9
FB		 213}
214
b35ba30f
MT		 215/* Compact a non leaf page entry. Simply detect that the entry has a single child,
216 * and update our entry so we can skip it and go directly to the destination.
217 */
218static void phys_page_compact(PhysPageEntry *lp, Node *nodes, unsigned long *compacted)
219{
220 unsigned valid_ptr = P_L2_SIZE;
221 int valid = 0;
222 PhysPageEntry *p;
223 int i;
224
225 if (lp->ptr == PHYS_MAP_NODE_NIL) {
226 return;
227 }
228
229 p = nodes[lp->ptr];
230 for (i = 0; i < P_L2_SIZE; i++) {
231 if (p[i].ptr == PHYS_MAP_NODE_NIL) {
232 continue;
233 }
234
235 valid_ptr = i;
236 valid++;
237 if (p[i].skip) {
238 phys_page_compact(&p[i], nodes, compacted);
239 }
240 }
241
242 /* We can only compress if there's only one child. */
243 if (valid != 1) {
244 return;
245 }
246
247 assert(valid_ptr < P_L2_SIZE);
248
249 /* Don't compress if it won't fit in the # of bits we have. */
250 if (lp->skip + p[valid_ptr].skip >= (1 << 3)) {
251 return;
252 }
253
254 lp->ptr = p[valid_ptr].ptr;
255 if (!p[valid_ptr].skip) {
256 /* If our only child is a leaf, make this a leaf. */
257 /* By design, we should have made this node a leaf to begin with so we
258 * should never reach here.
259 * But since it's so simple to handle this, let's do it just in case we
260 * change this rule.
261 */
262 lp->skip = 0;
263 } else {
264 lp->skip += p[valid_ptr].skip;
265 }
266}
267
268static void phys_page_compact_all(AddressSpaceDispatch *d, int nodes_nb)
269{
270 DECLARE_BITMAP(compacted, nodes_nb);
271
272 if (d->phys_map.skip) {
53cb28cb 273 phys_page_compact(&d->phys_map, d->map.nodes, compacted);
b35ba30f
MT		 274 }
275}
276
97115a8d 277static MemoryRegionSection *phys_page_find(PhysPageEntry lp, hwaddr addr,
9affd6fc 278 Node *nodes, MemoryRegionSection *sections)
92e873b9 279{
31ab2b4a 280 PhysPageEntry *p;
97115a8d 281 hwaddr index = addr >> TARGET_PAGE_BITS;
31ab2b4a 282 int i;
f1f6e3b8 283
9736e55b 284 for (i = P_L2_LEVELS; lp.skip && (i -= lp.skip) >= 0;) {
c19e8800 285 if (lp.ptr == PHYS_MAP_NODE_NIL) {
9affd6fc 286 return &sections[PHYS_SECTION_UNASSIGNED];
31ab2b4a 287 }
9affd6fc 288 p = nodes[lp.ptr];
03f49957 289 lp = p[(index >> (i * P_L2_BITS)) & (P_L2_SIZE - 1)];
5312bd8b 290 }
b35ba30f
MT		 291
292 if (sections[lp.ptr].size.hi ||
293 range_covers_byte(sections[lp.ptr].offset_within_address_space,
294 sections[lp.ptr].size.lo, addr)) {
295 return &sections[lp.ptr];
296 } else {
297 return &sections[PHYS_SECTION_UNASSIGNED];
298 }
f3705d53
AK		 299}
300
e5548617
BS		 301bool memory_region_is_unassigned(MemoryRegion *mr)
302{
2a8e7499 303 return mr != &io_mem_rom && mr != &io_mem_notdirty && !mr->rom_device
5b6dd868 304 && mr != &io_mem_watch;
fd6ce8f6 305}
149f54b5 306
c7086b4a 307static MemoryRegionSection *address_space_lookup_region(AddressSpaceDispatch *d,
90260c6c
JK		 308 hwaddr addr,
309 bool resolve_subpage)
9f029603 310{
90260c6c
JK		 311 MemoryRegionSection *section;
312 subpage_t *subpage;
313
53cb28cb 314 section = phys_page_find(d->phys_map, addr, d->map.nodes, d->map.sections);
90260c6c
JK		 315 if (resolve_subpage && section->mr->subpage) {
316 subpage = container_of(section->mr, subpage_t, iomem);
53cb28cb 317 section = &d->map.sections[subpage->sub_section[SUBPAGE_IDX(addr)]];
90260c6c
JK		 318 }
319 return section;
9f029603
JK		 320}
321
90260c6c 322static MemoryRegionSection *
c7086b4a 323address_space_translate_internal(AddressSpaceDispatch *d, hwaddr addr, hwaddr *xlat,
90260c6c 324 hwaddr *plen, bool resolve_subpage)
149f54b5
PB		 325{
326 MemoryRegionSection *section;
a87f3954 327 Int128 diff;
149f54b5 328
c7086b4a 329 section = address_space_lookup_region(d, addr, resolve_subpage);
149f54b5
PB		 330 /* Compute offset within MemoryRegionSection */
331 addr -= section->offset_within_address_space;
332
333 /* Compute offset within MemoryRegion */
334 *xlat = addr + section->offset_within_region;
335
336 diff = int128_sub(section->mr->size, int128_make64(addr));
3752a036 337 *plen = int128_get64(int128_min(diff, int128_make64(*plen)));
149f54b5
PB		 338 return section;
339}
90260c6c 340
a87f3954
PB		 341static inline bool memory_access_is_direct(MemoryRegion *mr, bool is_write)
342{
343 if (memory_region_is_ram(mr)) {
344 return !(is_write && mr->readonly);
345 }
346 if (memory_region_is_romd(mr)) {
347 return !is_write;
348 }
349
350 return false;
351}
352
5c8a00ce
PB		 353MemoryRegion *address_space_translate(AddressSpace *as, hwaddr addr,
354 hwaddr *xlat, hwaddr *plen,
355 bool is_write)
90260c6c 356{
30951157
AK		 357 IOMMUTLBEntry iotlb;
358 MemoryRegionSection *section;
359 MemoryRegion *mr;
360 hwaddr len = *plen;
361
362 for (;;) {
a87f3954 363 section = address_space_translate_internal(as->dispatch, addr, &addr, plen, true);
30951157
AK		 364 mr = section->mr;
365
366 if (!mr->iommu_ops) {
367 break;
368 }
369
370 iotlb = mr->iommu_ops->translate(mr, addr);
371 addr = ((iotlb.translated_addr & ~iotlb.addr_mask)
372 | (addr & iotlb.addr_mask));
373 len = MIN(len, (addr | iotlb.addr_mask) - addr + 1);
374 if (!(iotlb.perm & (1 << is_write))) {
375 mr = &io_mem_unassigned;
376 break;
377 }
378
379 as = iotlb.target_as;
380 }
381
a87f3954
PB		 382 if (memory_access_is_direct(mr, is_write)) {
383 hwaddr page = ((addr & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE) - addr;
384 len = MIN(page, len);
385 }
386
30951157
AK		 387 *plen = len;
388 *xlat = addr;
389 return mr;
90260c6c
JK		 390}
391
392MemoryRegionSection *
393address_space_translate_for_iotlb(AddressSpace *as, hwaddr addr, hwaddr *xlat,
394 hwaddr *plen)
395{
30951157 396 MemoryRegionSection *section;
c7086b4a 397 section = address_space_translate_internal(as->dispatch, addr, xlat, plen, false);
30951157
AK		 398
399 assert(!section->mr->iommu_ops);
400 return section;
90260c6c 401}
5b6dd868 402#endif
fd6ce8f6 403
5b6dd868 404void cpu_exec_init_all(void)
fdbb84d1 405{
5b6dd868 406#if !defined(CONFIG_USER_ONLY)
b2a8658e 407 qemu_mutex_init(&ram_list.mutex);
5b6dd868
BS		 408 memory_map_init();
409 io_mem_init();
fdbb84d1 410#endif
5b6dd868 411}
fdbb84d1 412
b170fce3 413#if !defined(CONFIG_USER_ONLY)
5b6dd868
BS		 414
415static int cpu_common_post_load(void *opaque, int version_id)
fd6ce8f6 416{
259186a7 417 CPUState *cpu = opaque;
a513fe19 418
5b6dd868
BS		 419 /* 0x01 was CPU_INTERRUPT_EXIT. This line can be removed when the
420 version_id is increased. */
259186a7
AF		 421 cpu->interrupt_request &= ~0x01;
422 tlb_flush(cpu->env_ptr, 1);
5b6dd868
BS		 423
424 return 0;
a513fe19 425}
7501267e 426
1a1562f5 427const VMStateDescription vmstate_cpu_common = {
5b6dd868
BS		 428 .name = "cpu_common",
429 .version_id = 1,
430 .minimum_version_id = 1,
431 .minimum_version_id_old = 1,
432 .post_load = cpu_common_post_load,
433 .fields = (VMStateField []) {
259186a7
AF		 434 VMSTATE_UINT32(halted, CPUState),
435 VMSTATE_UINT32(interrupt_request, CPUState),
5b6dd868
BS		 436 VMSTATE_END_OF_LIST()
437 }
438};
1a1562f5 439
5b6dd868 440#endif
ea041c0e 441
38d8f5c8 442CPUState *qemu_get_cpu(int index)
ea041c0e 443{
bdc44640 444 CPUState *cpu;
ea041c0e 445
bdc44640 446 CPU_FOREACH(cpu) {
55e5c285 447 if (cpu->cpu_index == index) {
bdc44640 448 return cpu;
55e5c285 449 }
ea041c0e 450 }
5b6dd868 451
bdc44640 452 return NULL;
ea041c0e
FB		 453}
454
09daed84
EI		 455#if !defined(CONFIG_USER_ONLY)
456void tcg_cpu_address_space_init(CPUState *cpu, AddressSpace *as)
457{
458 /* We only support one address space per cpu at the moment. */
459 assert(cpu->as == as);
460
461 if (cpu->tcg_as_listener) {
462 memory_listener_unregister(cpu->tcg_as_listener);
463 } else {
464 cpu->tcg_as_listener = g_new0(MemoryListener, 1);
465 }
466 cpu->tcg_as_listener->commit = tcg_commit;
467 memory_listener_register(cpu->tcg_as_listener, as);
468}
469#endif
470
5b6dd868 471void cpu_exec_init(CPUArchState *env)
ea041c0e 472{
5b6dd868 473 CPUState *cpu = ENV_GET_CPU(env);
b170fce3 474 CPUClass *cc = CPU_GET_CLASS(cpu);
bdc44640 475 CPUState *some_cpu;
5b6dd868
BS		 476 int cpu_index;
477
478#if defined(CONFIG_USER_ONLY)
479 cpu_list_lock();
480#endif
5b6dd868 481 cpu_index = 0;
bdc44640 482 CPU_FOREACH(some_cpu) {
5b6dd868
BS		 483 cpu_index++;
484 }
55e5c285 485 cpu->cpu_index = cpu_index;
1b1ed8dc 486 cpu->numa_node = 0;
5b6dd868
BS		 487 QTAILQ_INIT(&env->breakpoints);
488 QTAILQ_INIT(&env->watchpoints);
489#ifndef CONFIG_USER_ONLY
09daed84 490 cpu->as = &address_space_memory;
5b6dd868
BS		 491 cpu->thread_id = qemu_get_thread_id();
492#endif
bdc44640 493 QTAILQ_INSERT_TAIL(&cpus, cpu, node);
5b6dd868
BS		 494#if defined(CONFIG_USER_ONLY)
495 cpu_list_unlock();
496#endif
e0d47944
AF		 497 if (qdev_get_vmsd(DEVICE(cpu)) == NULL) {
498 vmstate_register(NULL, cpu_index, &vmstate_cpu_common, cpu);
499 }
5b6dd868 500#if defined(CPU_SAVE_VERSION) && !defined(CONFIG_USER_ONLY)
5b6dd868
BS		 501 register_savevm(NULL, "cpu", cpu_index, CPU_SAVE_VERSION,
502 cpu_save, cpu_load, env);
b170fce3 503 assert(cc->vmsd == NULL);
e0d47944 504 assert(qdev_get_vmsd(DEVICE(cpu)) == NULL);
5b6dd868 505#endif
b170fce3
AF		 506 if (cc->vmsd != NULL) {
507 vmstate_register(NULL, cpu_index, cc->vmsd, cpu);
508 }
ea041c0e
FB		 509}
510
1fddef4b 511#if defined(TARGET_HAS_ICE)
94df27fd 512#if defined(CONFIG_USER_ONLY)
00b941e5 513static void breakpoint_invalidate(CPUState *cpu, target_ulong pc)
94df27fd
PB		 514{
515 tb_invalidate_phys_page_range(pc, pc + 1, 0);
516}
517#else
00b941e5 518static void breakpoint_invalidate(CPUState *cpu, target_ulong pc)
1e7855a5 519{
e8262a1b
MF		 520 hwaddr phys = cpu_get_phys_page_debug(cpu, pc);
521 if (phys != -1) {
09daed84 522 tb_invalidate_phys_addr(cpu->as,
29d8ec7b 523 phys | (pc & ~TARGET_PAGE_MASK));
e8262a1b 524 }
1e7855a5 525}
c27004ec 526#endif
94df27fd 527#endif /* TARGET_HAS_ICE */
d720b93d 528
c527ee8f 529#if defined(CONFIG_USER_ONLY)
9349b4f9 530void cpu_watchpoint_remove_all(CPUArchState *env, int mask)
c527ee8f
PB		 531
532{
533}
534
9349b4f9 535int cpu_watchpoint_insert(CPUArchState *env, target_ulong addr, target_ulong len,
c527ee8f
PB		 536 int flags, CPUWatchpoint **watchpoint)
537{
538 return -ENOSYS;
539}
540#else
6658ffb8 541/* Add a watchpoint. */
9349b4f9 542int cpu_watchpoint_insert(CPUArchState *env, target_ulong addr, target_ulong len,
a1d1bb31 543 int flags, CPUWatchpoint **watchpoint)
6658ffb8 544{
b4051334 545 target_ulong len_mask = ~(len - 1);
c0ce998e 546 CPUWatchpoint *wp;
6658ffb8 547
b4051334 548 /* sanity checks: allow power-of-2 lengths, deny unaligned watchpoints */
0dc23828
MF		 549 if ((len & (len - 1)) || (addr & ~len_mask) ||
550 len == 0 || len > TARGET_PAGE_SIZE) {
b4051334
AL		 551 fprintf(stderr, "qemu: tried to set invalid watchpoint at "
552 TARGET_FMT_lx ", len=" TARGET_FMT_lu "\n", addr, len);
553 return -EINVAL;
554 }
7267c094 555 wp = g_malloc(sizeof(*wp));
a1d1bb31
AL		 556
557 wp->vaddr = addr;
b4051334 558 wp->len_mask = len_mask;
a1d1bb31
AL		 559 wp->flags = flags;
560
2dc9f411 561 /* keep all GDB-injected watchpoints in front */
c0ce998e 562 if (flags & BP_GDB)
72cf2d4f 563 QTAILQ_INSERT_HEAD(&env->watchpoints, wp, entry);
c0ce998e 564 else
72cf2d4f 565 QTAILQ_INSERT_TAIL(&env->watchpoints, wp, entry);
6658ffb8 566
6658ffb8 567 tlb_flush_page(env, addr);
a1d1bb31
AL		 568
569 if (watchpoint)
570 *watchpoint = wp;
571 return 0;
6658ffb8
PB		 572}
573
a1d1bb31 574/* Remove a specific watchpoint. */
9349b4f9 575int cpu_watchpoint_remove(CPUArchState *env, target_ulong addr, target_ulong len,
a1d1bb31 576 int flags)
6658ffb8 577{
b4051334 578 target_ulong len_mask = ~(len - 1);
a1d1bb31 579 CPUWatchpoint *wp;
6658ffb8 580
72cf2d4f 581 QTAILQ_FOREACH(wp, &env->watchpoints, entry) {
b4051334 582 if (addr == wp->vaddr && len_mask == wp->len_mask
6e140f28 583 && flags == (wp->flags & ~BP_WATCHPOINT_HIT)) {
a1d1bb31 584 cpu_watchpoint_remove_by_ref(env, wp);
6658ffb8
PB		 585 return 0;
586 }
587 }
a1d1bb31 588 return -ENOENT;
6658ffb8
PB		 589}
590
a1d1bb31 591/* Remove a specific watchpoint by reference. */
9349b4f9 592void cpu_watchpoint_remove_by_ref(CPUArchState *env, CPUWatchpoint *watchpoint)
a1d1bb31 593{
72cf2d4f 594 QTAILQ_REMOVE(&env->watchpoints, watchpoint, entry);
7d03f82f 595
a1d1bb31
AL		 596 tlb_flush_page(env, watchpoint->vaddr);
597
7267c094 598 g_free(watchpoint);
a1d1bb31
AL		 599}
600
601/* Remove all matching watchpoints. */
9349b4f9 602void cpu_watchpoint_remove_all(CPUArchState *env, int mask)
a1d1bb31 603{
c0ce998e 604 CPUWatchpoint *wp, *next;
a1d1bb31 605
72cf2d4f 606 QTAILQ_FOREACH_SAFE(wp, &env->watchpoints, entry, next) {
a1d1bb31
AL		 607 if (wp->flags & mask)
608 cpu_watchpoint_remove_by_ref(env, wp);
c0ce998e 609 }
7d03f82f 610}
c527ee8f 611#endif
7d03f82f 612
a1d1bb31 613/* Add a breakpoint. */
9349b4f9 614int cpu_breakpoint_insert(CPUArchState *env, target_ulong pc, int flags,
a1d1bb31 615 CPUBreakpoint **breakpoint)
4c3a88a2 616{
1fddef4b 617#if defined(TARGET_HAS_ICE)
c0ce998e 618 CPUBreakpoint *bp;
3b46e624 619
7267c094 620 bp = g_malloc(sizeof(*bp));
4c3a88a2 621
a1d1bb31
AL		 622 bp->pc = pc;
623 bp->flags = flags;
624
2dc9f411 625 /* keep all GDB-injected breakpoints in front */
00b941e5 626 if (flags & BP_GDB) {
72cf2d4f 627 QTAILQ_INSERT_HEAD(&env->breakpoints, bp, entry);
00b941e5 628 } else {
72cf2d4f 629 QTAILQ_INSERT_TAIL(&env->breakpoints, bp, entry);
00b941e5 630 }
3b46e624 631
00b941e5 632 breakpoint_invalidate(ENV_GET_CPU(env), pc);
a1d1bb31 633
00b941e5 634 if (breakpoint) {
a1d1bb31 635 *breakpoint = bp;
00b941e5 636 }
4c3a88a2
FB		 637 return 0;
638#else
a1d1bb31 639 return -ENOSYS;
4c3a88a2
FB		 640#endif
641}
642
a1d1bb31 643/* Remove a specific breakpoint. */
9349b4f9 644int cpu_breakpoint_remove(CPUArchState *env, target_ulong pc, int flags)
a1d1bb31 645{
7d03f82f 646#if defined(TARGET_HAS_ICE)
a1d1bb31
AL		 647 CPUBreakpoint *bp;
648
72cf2d4f 649 QTAILQ_FOREACH(bp, &env->breakpoints, entry) {
a1d1bb31
AL		 650 if (bp->pc == pc && bp->flags == flags) {
651 cpu_breakpoint_remove_by_ref(env, bp);
652 return 0;
653 }
7d03f82f 654 }
a1d1bb31
AL		 655 return -ENOENT;
656#else
657 return -ENOSYS;
7d03f82f
EI		 658#endif
659}
660
a1d1bb31 661/* Remove a specific breakpoint by reference. */
9349b4f9 662void cpu_breakpoint_remove_by_ref(CPUArchState *env, CPUBreakpoint *breakpoint)
4c3a88a2 663{
1fddef4b 664#if defined(TARGET_HAS_ICE)
72cf2d4f 665 QTAILQ_REMOVE(&env->breakpoints, breakpoint, entry);
d720b93d 666
00b941e5 667 breakpoint_invalidate(ENV_GET_CPU(env), breakpoint->pc);
a1d1bb31 668
7267c094 669 g_free(breakpoint);
a1d1bb31
AL		 670#endif
671}
672
673/* Remove all matching breakpoints. */
9349b4f9 674void cpu_breakpoint_remove_all(CPUArchState *env, int mask)
a1d1bb31
AL		 675{
676#if defined(TARGET_HAS_ICE)
c0ce998e 677 CPUBreakpoint *bp, *next;
a1d1bb31 678
72cf2d4f 679 QTAILQ_FOREACH_SAFE(bp, &env->breakpoints, entry, next) {
a1d1bb31
AL		 680 if (bp->flags & mask)
681 cpu_breakpoint_remove_by_ref(env, bp);
c0ce998e 682 }
4c3a88a2
FB		 683#endif
684}
685
c33a346e
FB		 686/* enable or disable single step mode. EXCP_DEBUG is returned by the
687 CPU loop after each instruction */
3825b28f 688void cpu_single_step(CPUState *cpu, int enabled)
c33a346e 689{
1fddef4b 690#if defined(TARGET_HAS_ICE)
ed2803da
AF		 691 if (cpu->singlestep_enabled != enabled) {
692 cpu->singlestep_enabled = enabled;
693 if (kvm_enabled()) {
38e478ec 694 kvm_update_guest_debug(cpu, 0);
ed2803da 695 } else {
ccbb4d44 696 /* must flush all the translated code to avoid inconsistencies */
e22a25c9 697 /* XXX: only flush what is necessary */
38e478ec 698 CPUArchState *env = cpu->env_ptr;
e22a25c9
AL		 699 tb_flush(env);
700 }
c33a346e
FB		 701 }
702#endif
703}
704
9349b4f9 705void cpu_abort(CPUArchState *env, const char *fmt, ...)
7501267e 706{
878096ee 707 CPUState *cpu = ENV_GET_CPU(env);
7501267e 708 va_list ap;
493ae1f0 709 va_list ap2;
7501267e
FB		 710
711 va_start(ap, fmt);
493ae1f0 712 va_copy(ap2, ap);
7501267e
FB		 713 fprintf(stderr, "qemu: fatal: ");
714 vfprintf(stderr, fmt, ap);
715 fprintf(stderr, "\n");
878096ee 716 cpu_dump_state(cpu, stderr, fprintf, CPU_DUMP_FPU | CPU_DUMP_CCOP);
93fcfe39
AL		 717 if (qemu_log_enabled()) {
718 qemu_log("qemu: fatal: ");
719 qemu_log_vprintf(fmt, ap2);
720 qemu_log("\n");
a0762859 721 log_cpu_state(cpu, CPU_DUMP_FPU | CPU_DUMP_CCOP);
31b1a7b4 722 qemu_log_flush();
93fcfe39 723 qemu_log_close();
924edcae 724 }
493ae1f0 725 va_end(ap2);
f9373291 726 va_end(ap);
fd052bf6
RV		 727#if defined(CONFIG_USER_ONLY)
728 {
729 struct sigaction act;
730 sigfillset(&act.sa_mask);
731 act.sa_handler = SIG_DFL;
732 sigaction(SIGABRT, &act, NULL);
733 }
734#endif
7501267e
FB		 735 abort();
736}
737
0124311e 738#if !defined(CONFIG_USER_ONLY)
041603fe
PB		 739static RAMBlock *qemu_get_ram_block(ram_addr_t addr)
740{
741 RAMBlock *block;
742
743 /* The list is protected by the iothread lock here. */
744 block = ram_list.mru_block;
745 if (block && addr - block->offset < block->length) {
746 goto found;
747 }
748 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
749 if (addr - block->offset < block->length) {
750 goto found;
751 }
752 }
753
754 fprintf(stderr, "Bad ram offset %" PRIx64 "\n", (uint64_t)addr);
755 abort();
756
757found:
758 ram_list.mru_block = block;
759 return block;
760}
761
a2f4d5be 762static void tlb_reset_dirty_range_all(ram_addr_t start, ram_addr_t length)
d24981d3 763{
041603fe 764 ram_addr_t start1;
a2f4d5be
JQ		 765 RAMBlock *block;
766 ram_addr_t end;
767
768 end = TARGET_PAGE_ALIGN(start + length);
769 start &= TARGET_PAGE_MASK;
d24981d3 770
041603fe
PB		 771 block = qemu_get_ram_block(start);
772 assert(block == qemu_get_ram_block(end - 1));
773 start1 = (uintptr_t)block->host + (start - block->offset);
774 cpu_tlb_reset_dirty_all(start1, length);
d24981d3
JQ		 775}
776
5579c7f3 777/* Note: start and end must be within the same ram block. */
a2f4d5be 778void cpu_physical_memory_reset_dirty(ram_addr_t start, ram_addr_t length,
52159192 779 unsigned client)
1ccde1cb 780{
1ccde1cb
FB		 781 if (length == 0)
782 return;
ace694cc 783 cpu_physical_memory_clear_dirty_range(start, length, client);
f23db169 784
d24981d3 785 if (tcg_enabled()) {
a2f4d5be 786 tlb_reset_dirty_range_all(start, length);
5579c7f3 787 }
1ccde1cb
FB		 788}
789
981fdf23 790static void cpu_physical_memory_set_dirty_tracking(bool enable)
74576198
AL		 791{
792 in_migration = enable;
74576198
AL		 793}
794
a8170e5e 795hwaddr memory_region_section_get_iotlb(CPUArchState *env,
149f54b5
PB		 796 MemoryRegionSection *section,
797 target_ulong vaddr,
798 hwaddr paddr, hwaddr xlat,
799 int prot,
800 target_ulong *address)
e5548617 801{
a8170e5e 802 hwaddr iotlb;
e5548617
BS		 803 CPUWatchpoint *wp;
804
cc5bea60 805 if (memory_region_is_ram(section->mr)) {
e5548617
BS		 806 /* Normal RAM. */
807 iotlb = (memory_region_get_ram_addr(section->mr) & TARGET_PAGE_MASK)
149f54b5 808 + xlat;
e5548617 809 if (!section->readonly) {
b41aac4f 810 iotlb |= PHYS_SECTION_NOTDIRTY;
e5548617 811 } else {
b41aac4f 812 iotlb |= PHYS_SECTION_ROM;
e5548617
BS		 813 }
814 } else {
1b3fb98f 815 iotlb = section - section->address_space->dispatch->map.sections;
149f54b5 816 iotlb += xlat;
e5548617
BS		 817 }
818
819 /* Make accesses to pages with watchpoints go via the
820 watchpoint trap routines. */
821 QTAILQ_FOREACH(wp, &env->watchpoints, entry) {
822 if (vaddr == (wp->vaddr & TARGET_PAGE_MASK)) {
823 /* Avoid trapping reads of pages with a write breakpoint. */
824 if ((prot & PAGE_WRITE) || (wp->flags & BP_MEM_READ)) {
b41aac4f 825 iotlb = PHYS_SECTION_WATCH + paddr;
e5548617
BS		 826 *address |= TLB_MMIO;
827 break;
828 }
829 }
830 }
831
832 return iotlb;
833}
9fa3e853
FB		 834#endif /* defined(CONFIG_USER_ONLY) */
835
e2eef170 836#if !defined(CONFIG_USER_ONLY)
8da3ff18 837
c227f099 838static int subpage_register (subpage_t *mmio, uint32_t start, uint32_t end,
5312bd8b 839 uint16_t section);
acc9d80b 840static subpage_t *subpage_init(AddressSpace *as, hwaddr base);
54688b1e 841
575ddeb4 842static void *(*phys_mem_alloc)(size_t size) = qemu_anon_ram_alloc;
91138037
MA		 843
844/*
845 * Set a custom physical guest memory alloator.
846 * Accelerators with unusual needs may need this. Hopefully, we can
847 * get rid of it eventually.
848 */
575ddeb4 849void phys_mem_set_alloc(void *(*alloc)(size_t))
91138037
MA		 850{
851 phys_mem_alloc = alloc;
852}
853
53cb28cb
MA		 854static uint16_t phys_section_add(PhysPageMap *map,
855 MemoryRegionSection *section)
5312bd8b 856{
68f3f65b
PB		 857 /* The physical section number is ORed with a page-aligned
858 * pointer to produce the iotlb entries. Thus it should
859 * never overflow into the page-aligned value.
860 */
53cb28cb 861 assert(map->sections_nb < TARGET_PAGE_SIZE);
68f3f65b 862
53cb28cb
MA		 863 if (map->sections_nb == map->sections_nb_alloc) {
864 map->sections_nb_alloc = MAX(map->sections_nb_alloc * 2, 16);
865 map->sections = g_renew(MemoryRegionSection, map->sections,
866 map->sections_nb_alloc);
5312bd8b 867 }
53cb28cb 868 map->sections[map->sections_nb] = *section;
dfde4e6e 869 memory_region_ref(section->mr);
53cb28cb 870 return map->sections_nb++;
5312bd8b
AK		 871}
872
058bc4b5
PB		 873static void phys_section_destroy(MemoryRegion *mr)
874{
dfde4e6e
PB		 875 memory_region_unref(mr);
876
058bc4b5
PB		 877 if (mr->subpage) {
878 subpage_t *subpage = container_of(mr, subpage_t, iomem);
879 memory_region_destroy(&subpage->iomem);
880 g_free(subpage);
881 }
882}
883
6092666e 884static void phys_sections_free(PhysPageMap *map)
5312bd8b 885{
9affd6fc
PB		 886 while (map->sections_nb > 0) {
887 MemoryRegionSection *section = &map->sections[--map->sections_nb];
058bc4b5
PB		 888 phys_section_destroy(section->mr);
889 }
9affd6fc
PB		 890 g_free(map->sections);
891 g_free(map->nodes);
5312bd8b
AK		 892}
893
ac1970fb 894static void register_subpage(AddressSpaceDispatch *d, MemoryRegionSection *section)
0f0cb164
AK		 895{
896 subpage_t *subpage;
a8170e5e 897 hwaddr base = section->offset_within_address_space
0f0cb164 898 & TARGET_PAGE_MASK;
97115a8d 899 MemoryRegionSection *existing = phys_page_find(d->phys_map, base,
53cb28cb 900 d->map.nodes, d->map.sections);
0f0cb164
AK		 901 MemoryRegionSection subsection = {
902 .offset_within_address_space = base,
052e87b0 903 .size = int128_make64(TARGET_PAGE_SIZE),
0f0cb164 904 };
a8170e5e 905 hwaddr start, end;
0f0cb164 906
f3705d53 907 assert(existing->mr->subpage || existing->mr == &io_mem_unassigned);
0f0cb164 908
f3705d53 909 if (!(existing->mr->subpage)) {
acc9d80b 910 subpage = subpage_init(d->as, base);
3be91e86 911 subsection.address_space = d->as;
0f0cb164 912 subsection.mr = &subpage->iomem;
ac1970fb 913 phys_page_set(d, base >> TARGET_PAGE_BITS, 1,
53cb28cb 914 phys_section_add(&d->map, &subsection));
0f0cb164 915 } else {
f3705d53 916 subpage = container_of(existing->mr, subpage_t, iomem);
0f0cb164
AK		 917 }
918 start = section->offset_within_address_space & ~TARGET_PAGE_MASK;
052e87b0 919 end = start + int128_get64(section->size) - 1;
53cb28cb
MA		 920 subpage_register(subpage, start, end,
921 phys_section_add(&d->map, section));
0f0cb164
AK		 922}
923
924
052e87b0
PB		 925static void register_multipage(AddressSpaceDispatch *d,
926 MemoryRegionSection *section)
33417e70 927{
a8170e5e 928 hwaddr start_addr = section->offset_within_address_space;
53cb28cb 929 uint16_t section_index = phys_section_add(&d->map, section);
052e87b0
PB		 930 uint64_t num_pages = int128_get64(int128_rshift(section->size,
931 TARGET_PAGE_BITS));
dd81124b 932
733d5ef5
PB		 933 assert(num_pages);
934 phys_page_set(d, start_addr >> TARGET_PAGE_BITS, num_pages, section_index);
33417e70
FB		 935}
936
ac1970fb 937static void mem_add(MemoryListener *listener, MemoryRegionSection *section)
0f0cb164 938{
89ae337a 939 AddressSpace *as = container_of(listener, AddressSpace, dispatch_listener);
00752703 940 AddressSpaceDispatch *d = as->next_dispatch;
99b9cc06 941 MemoryRegionSection now = *section, remain = *section;
052e87b0 942 Int128 page_size = int128_make64(TARGET_PAGE_SIZE);
0f0cb164 943
733d5ef5
PB		 944 if (now.offset_within_address_space & ~TARGET_PAGE_MASK) {
945 uint64_t left = TARGET_PAGE_ALIGN(now.offset_within_address_space)
946 - now.offset_within_address_space;
947
052e87b0 948 now.size = int128_min(int128_make64(left), now.size);
ac1970fb 949 register_subpage(d, &now);
733d5ef5 950 } else {
052e87b0 951 now.size = int128_zero();
733d5ef5 952 }
052e87b0
PB		 953 while (int128_ne(remain.size, now.size)) {
954 remain.size = int128_sub(remain.size, now.size);
955 remain.offset_within_address_space += int128_get64(now.size);
956 remain.offset_within_region += int128_get64(now.size);
69b67646 957 now = remain;
052e87b0 958 if (int128_lt(remain.size, page_size)) {
733d5ef5 959 register_subpage(d, &now);
88266249 960 } else if (remain.offset_within_address_space & ~TARGET_PAGE_MASK) {
052e87b0 961 now.size = page_size;
ac1970fb 962 register_subpage(d, &now);
69b67646 963 } else {
052e87b0 964 now.size = int128_and(now.size, int128_neg(page_size));
ac1970fb 965 register_multipage(d, &now);
69b67646 966 }
0f0cb164
AK		 967 }
968}
969
62a2744c
SY		 970void qemu_flush_coalesced_mmio_buffer(void)
971{
972 if (kvm_enabled())
973 kvm_flush_coalesced_mmio_buffer();
974}
975
b2a8658e
UD		 976void qemu_mutex_lock_ramlist(void)
977{
978 qemu_mutex_lock(&ram_list.mutex);
979}
980
981void qemu_mutex_unlock_ramlist(void)
982{
983 qemu_mutex_unlock(&ram_list.mutex);
984}
985
e1e84ba0 986#ifdef __linux__
c902760f
MT		 987
988#include <sys/vfs.h>
989
990#define HUGETLBFS_MAGIC 0x958458f6
991
992static long gethugepagesize(const char *path)
993{
994 struct statfs fs;
995 int ret;
996
997 do {
9742bf26 998 ret = statfs(path, &fs);
c902760f
MT		 999 } while (ret != 0 && errno == EINTR);
1000
1001 if (ret != 0) {
9742bf26
YT		 1002 perror(path);
1003 return 0;
c902760f
MT		 1004 }
1005
1006 if (fs.f_type != HUGETLBFS_MAGIC)
9742bf26 1007 fprintf(stderr, "Warning: path not on HugeTLBFS: %s\n", path);
c902760f
MT		 1008
1009 return fs.f_bsize;
1010}
1011
ef36fa14
MT		 1012static sigjmp_buf sigjump;
1013
1014static void sigbus_handler(int signal)
1015{
1016 siglongjmp(sigjump, 1);
1017}
1018
04b16653
AW		 1019static void *file_ram_alloc(RAMBlock *block,
1020 ram_addr_t memory,
1021 const char *path)
c902760f
MT		 1022{
1023 char *filename;
8ca761f6
PF		 1024 char *sanitized_name;
1025 char *c;
c902760f
MT		 1026 void *area;
1027 int fd;
c902760f
MT		 1028 unsigned long hpagesize;
1029
1030 hpagesize = gethugepagesize(path);
1031 if (!hpagesize) {
f9a49dfa 1032 goto error;
c902760f
MT		 1033 }
1034
1035 if (memory < hpagesize) {
1036 return NULL;
1037 }
1038
1039 if (kvm_enabled() && !kvm_has_sync_mmu()) {
1040 fprintf(stderr, "host lacks kvm mmu notifiers, -mem-path unsupported\n");
f9a49dfa 1041 goto error;
c902760f
MT		 1042 }
1043
8ca761f6
PF		 1044 /* Make name safe to use with mkstemp by replacing '/' with '_'. */
1045 sanitized_name = g_strdup(block->mr->name);
1046 for (c = sanitized_name; *c != '\0'; c++) {
1047 if (*c == '/')
1048 *c = '_';
1049 }
1050
1051 filename = g_strdup_printf("%s/qemu_back_mem.%s.XXXXXX", path,
1052 sanitized_name);
1053 g_free(sanitized_name);
c902760f
MT		 1054
1055 fd = mkstemp(filename);
1056 if (fd < 0) {
9742bf26 1057 perror("unable to create backing store for hugepages");
e4ada482 1058 g_free(filename);
f9a49dfa 1059 goto error;
c902760f
MT		 1060 }
1061 unlink(filename);
e4ada482 1062 g_free(filename);
c902760f
MT		 1063
1064 memory = (memory+hpagesize-1) & ~(hpagesize-1);
1065
1066 /*
1067 * ftruncate is not supported by hugetlbfs in older
1068 * hosts, so don't bother bailing out on errors.
1069 * If anything goes wrong with it under other filesystems,
1070 * mmap will fail.
1071 */
1072 if (ftruncate(fd, memory))
9742bf26 1073 perror("ftruncate");
c902760f 1074
c902760f 1075 area = mmap(0, memory, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
c902760f 1076 if (area == MAP_FAILED) {
9742bf26
YT		 1077 perror("file_ram_alloc: can't mmap RAM pages");
1078 close(fd);
f9a49dfa 1079 goto error;
c902760f 1080 }
ef36fa14
MT		 1081
1082 if (mem_prealloc) {
1083 int ret, i;
1084 struct sigaction act, oldact;
1085 sigset_t set, oldset;
1086
1087 memset(&act, 0, sizeof(act));
1088 act.sa_handler = &sigbus_handler;
1089 act.sa_flags = 0;
1090
1091 ret = sigaction(SIGBUS, &act, &oldact);
1092 if (ret) {
1093 perror("file_ram_alloc: failed to install signal handler");
1094 exit(1);
1095 }
1096
1097 /* unblock SIGBUS */
1098 sigemptyset(&set);
1099 sigaddset(&set, SIGBUS);
1100 pthread_sigmask(SIG_UNBLOCK, &set, &oldset);
1101
1102 if (sigsetjmp(sigjump, 1)) {
1103 fprintf(stderr, "file_ram_alloc: failed to preallocate pages\n");
1104 exit(1);
1105 }
1106
1107 /* MAP_POPULATE silently ignores failures */
2ba82852 1108 for (i = 0; i < (memory/hpagesize); i++) {
ef36fa14
MT		 1109 memset(area + (hpagesize*i), 0, 1);
1110 }
1111
1112 ret = sigaction(SIGBUS, &oldact, NULL);
1113 if (ret) {
1114 perror("file_ram_alloc: failed to reinstall signal handler");
1115 exit(1);
1116 }
1117
1118 pthread_sigmask(SIG_SETMASK, &oldset, NULL);
1119 }
1120
04b16653 1121 block->fd = fd;
c902760f 1122 return area;
f9a49dfa
MT		 1123
1124error:
1125 if (mem_prealloc) {
1126 exit(1);
1127 }
1128 return NULL;
c902760f 1129}
e1e84ba0
MA		 1130#else
1131static void *file_ram_alloc(RAMBlock *block,
1132 ram_addr_t memory,
1133 const char *path)
1134{
1135 fprintf(stderr, "-mem-path not supported on this host\n");
1136 exit(1);
1137}
c902760f
MT		 1138#endif
1139
d17b5288 1140static ram_addr_t find_ram_offset(ram_addr_t size)
04b16653
AW		 1141{
1142 RAMBlock *block, *next_block;
3e837b2c 1143 ram_addr_t offset = RAM_ADDR_MAX, mingap = RAM_ADDR_MAX;
04b16653 1144
49cd9ac6
SH		 1145 assert(size != 0); /* it would hand out same offset multiple times */
1146
a3161038 1147 if (QTAILQ_EMPTY(&ram_list.blocks))
04b16653
AW		 1148 return 0;
1149
a3161038 1150 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
f15fbc4b 1151 ram_addr_t end, next = RAM_ADDR_MAX;
04b16653
AW		 1152
1153 end = block->offset + block->length;
1154
a3161038 1155 QTAILQ_FOREACH(next_block, &ram_list.blocks, next) {
04b16653
AW		 1156 if (next_block->offset >= end) {
1157 next = MIN(next, next_block->offset);
1158 }
1159 }
1160 if (next - end >= size && next - end < mingap) {
3e837b2c 1161 offset = end;
04b16653
AW		 1162 mingap = next - end;
1163 }
1164 }
3e837b2c
AW		 1165
1166 if (offset == RAM_ADDR_MAX) {
1167 fprintf(stderr, "Failed to find gap of requested size: %" PRIu64 "\n",
1168 (uint64_t)size);
1169 abort();
1170 }
1171
04b16653
AW		 1172 return offset;
1173}
1174
652d7ec2 1175ram_addr_t last_ram_offset(void)
d17b5288
AW		 1176{
1177 RAMBlock *block;
1178 ram_addr_t last = 0;
1179
a3161038 1180 QTAILQ_FOREACH(block, &ram_list.blocks, next)
d17b5288
AW		 1181 last = MAX(last, block->offset + block->length);
1182
1183 return last;
1184}
1185
ddb97f1d
JB		 1186static void qemu_ram_setup_dump(void *addr, ram_addr_t size)
1187{
1188 int ret;
ddb97f1d
JB		 1189
1190 /* Use MADV_DONTDUMP, if user doesn't want the guest memory in the core */
2ff3de68
MA		 1191 if (!qemu_opt_get_bool(qemu_get_machine_opts(),
1192 "dump-guest-core", true)) {
ddb97f1d
JB		 1193 ret = qemu_madvise(addr, size, QEMU_MADV_DONTDUMP);
1194 if (ret) {
1195 perror("qemu_madvise");
1196 fprintf(stderr, "madvise doesn't support MADV_DONTDUMP, "
1197 "but dump_guest_core=off specified\n");
1198 }
1199 }
1200}
1201
c5705a77 1202void qemu_ram_set_idstr(ram_addr_t addr, const char *name, DeviceState *dev)
84b89d78
CM		 1203{
1204 RAMBlock *new_block, *block;
1205
c5705a77 1206 new_block = NULL;
a3161038 1207 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
c5705a77
AK		 1208 if (block->offset == addr) {
1209 new_block = block;
1210 break;
1211 }
1212 }
1213 assert(new_block);
1214 assert(!new_block->idstr[0]);
84b89d78 1215
09e5ab63
AL		 1216 if (dev) {
1217 char *id = qdev_get_dev_path(dev);
84b89d78
CM		 1218 if (id) {
1219 snprintf(new_block->idstr, sizeof(new_block->idstr), "%s/", id);
7267c094 1220 g_free(id);
84b89d78
CM		 1221 }
1222 }
1223 pstrcat(new_block->idstr, sizeof(new_block->idstr), name);
1224
b2a8658e
UD		 1225 /* This assumes the iothread lock is taken here too. */
1226 qemu_mutex_lock_ramlist();
a3161038 1227 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
c5705a77 1228 if (block != new_block && !strcmp(block->idstr, new_block->idstr)) {
84b89d78
CM		 1229 fprintf(stderr, "RAMBlock \"%s\" already registered, abort!\n",
1230 new_block->idstr);
1231 abort();
1232 }
1233 }
b2a8658e 1234 qemu_mutex_unlock_ramlist();
c5705a77
AK		 1235}
1236
8490fc78
LC		 1237static int memory_try_enable_merging(void *addr, size_t len)
1238{
2ff3de68 1239 if (!qemu_opt_get_bool(qemu_get_machine_opts(), "mem-merge", true)) {
8490fc78
LC		 1240 /* disabled by the user */
1241 return 0;
1242 }
1243
1244 return qemu_madvise(addr, len, QEMU_MADV_MERGEABLE);
1245}
1246
c5705a77
AK		 1247ram_addr_t qemu_ram_alloc_from_ptr(ram_addr_t size, void *host,
1248 MemoryRegion *mr)
1249{
abb26d63 1250 RAMBlock *block, *new_block;
2152f5ca
JQ		 1251 ram_addr_t old_ram_size, new_ram_size;
1252
1253 old_ram_size = last_ram_offset() >> TARGET_PAGE_BITS;
c5705a77
AK		 1254
1255 size = TARGET_PAGE_ALIGN(size);
1256 new_block = g_malloc0(sizeof(*new_block));
3435f395 1257 new_block->fd = -1;
84b89d78 1258
b2a8658e
UD		 1259 /* This assumes the iothread lock is taken here too. */
1260 qemu_mutex_lock_ramlist();
7c637366 1261 new_block->mr = mr;
432d268c 1262 new_block->offset = find_ram_offset(size);
6977dfe6
YT		 1263 if (host) {
1264 new_block->host = host;
cd19cfa2 1265 new_block->flags |= RAM_PREALLOC_MASK;
dfeaf2ab
MA		 1266 } else if (xen_enabled()) {
1267 if (mem_path) {
1268 fprintf(stderr, "-mem-path not supported with Xen\n");
1269 exit(1);
1270 }
1271 xen_ram_alloc(new_block->offset, size, mr);
6977dfe6
YT		 1272 } else {
1273 if (mem_path) {
e1e84ba0
MA		 1274 if (phys_mem_alloc != qemu_anon_ram_alloc) {
1275 /*
1276 * file_ram_alloc() needs to allocate just like
1277 * phys_mem_alloc, but we haven't bothered to provide
1278 * a hook there.
1279 */
1280 fprintf(stderr,
1281 "-mem-path not supported with this accelerator\n");
1282 exit(1);
1283 }
6977dfe6 1284 new_block->host = file_ram_alloc(new_block, size, mem_path);
0628c182
MA		 1285 }
1286 if (!new_block->host) {
91138037 1287 new_block->host = phys_mem_alloc(size);
39228250
MA		 1288 if (!new_block->host) {
1289 fprintf(stderr, "Cannot set up guest memory '%s': %s\n",
1290 new_block->mr->name, strerror(errno));
1291 exit(1);
1292 }
8490fc78 1293 memory_try_enable_merging(new_block->host, size);
6977dfe6 1294 }
c902760f 1295 }
94a6b54f
PB		 1296 new_block->length = size;
1297
abb26d63
PB		 1298 /* Keep the list sorted from biggest to smallest block. */
1299 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1300 if (block->length < new_block->length) {
1301 break;
1302 }
1303 }
1304 if (block) {
1305 QTAILQ_INSERT_BEFORE(block, new_block, next);
1306 } else {
1307 QTAILQ_INSERT_TAIL(&ram_list.blocks, new_block, next);
1308 }
0d6d3c87 1309 ram_list.mru_block = NULL;
94a6b54f 1310
f798b07f 1311 ram_list.version++;
b2a8658e 1312 qemu_mutex_unlock_ramlist();
f798b07f 1313
2152f5ca
JQ		 1314 new_ram_size = last_ram_offset() >> TARGET_PAGE_BITS;
1315
1316 if (new_ram_size > old_ram_size) {
1ab4c8ce
JQ		 1317 int i;
1318 for (i = 0; i < DIRTY_MEMORY_NUM; i++) {
1319 ram_list.dirty_memory[i] =
1320 bitmap_zero_extend(ram_list.dirty_memory[i],
1321 old_ram_size, new_ram_size);
1322 }
2152f5ca 1323 }
75218e7f 1324 cpu_physical_memory_set_dirty_range(new_block->offset, size);
94a6b54f 1325
ddb97f1d 1326 qemu_ram_setup_dump(new_block->host, size);
ad0b5321 1327 qemu_madvise(new_block->host, size, QEMU_MADV_HUGEPAGE);
3e469dbf 1328 qemu_madvise(new_block->host, size, QEMU_MADV_DONTFORK);
ddb97f1d 1329
6f0437e8
JK		 1330 if (kvm_enabled())
1331 kvm_setup_guest_memory(new_block->host, size);
1332
94a6b54f
PB		 1333 return new_block->offset;
1334}
e9a1ab19 1335
c5705a77 1336ram_addr_t qemu_ram_alloc(ram_addr_t size, MemoryRegion *mr)
6977dfe6 1337{
c5705a77 1338 return qemu_ram_alloc_from_ptr(size, NULL, mr);
6977dfe6
YT		 1339}
1340
1f2e98b6
AW		 1341void qemu_ram_free_from_ptr(ram_addr_t addr)
1342{
1343 RAMBlock *block;
1344
b2a8658e
UD		 1345 /* This assumes the iothread lock is taken here too. */
1346 qemu_mutex_lock_ramlist();
a3161038 1347 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1f2e98b6 1348 if (addr == block->offset) {
a3161038 1349 QTAILQ_REMOVE(&ram_list.blocks, block, next);
0d6d3c87 1350 ram_list.mru_block = NULL;
f798b07f 1351 ram_list.version++;
7267c094 1352 g_free(block);
b2a8658e 1353 break;
1f2e98b6
AW		 1354 }
1355 }
b2a8658e 1356 qemu_mutex_unlock_ramlist();
1f2e98b6
AW		 1357}
1358
c227f099 1359void qemu_ram_free(ram_addr_t addr)
e9a1ab19 1360{
04b16653
AW		 1361 RAMBlock *block;
1362
b2a8658e
UD		 1363 /* This assumes the iothread lock is taken here too. */
1364 qemu_mutex_lock_ramlist();
a3161038 1365 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
04b16653 1366 if (addr == block->offset) {
a3161038 1367 QTAILQ_REMOVE(&ram_list.blocks, block, next);
0d6d3c87 1368 ram_list.mru_block = NULL;
f798b07f 1369 ram_list.version++;
cd19cfa2
HY		 1370 if (block->flags & RAM_PREALLOC_MASK) {
1371 ;
dfeaf2ab
MA		 1372 } else if (xen_enabled()) {
1373 xen_invalidate_map_cache_entry(block->host);
089f3f76 1374#ifndef _WIN32
3435f395
MA		 1375 } else if (block->fd >= 0) {
1376 munmap(block->host, block->length);
1377 close(block->fd);
089f3f76 1378#endif
04b16653 1379 } else {
dfeaf2ab 1380 qemu_anon_ram_free(block->host, block->length);
04b16653 1381 }
7267c094 1382 g_free(block);
b2a8658e 1383 break;
04b16653
AW		 1384 }
1385 }
b2a8658e 1386 qemu_mutex_unlock_ramlist();
04b16653 1387
e9a1ab19
FB		 1388}
1389
cd19cfa2
HY		 1390#ifndef _WIN32
1391void qemu_ram_remap(ram_addr_t addr, ram_addr_t length)
1392{
1393 RAMBlock *block;
1394 ram_addr_t offset;
1395 int flags;
1396 void *area, *vaddr;
1397
a3161038 1398 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
cd19cfa2
HY		 1399 offset = addr - block->offset;
1400 if (offset < block->length) {
1401 vaddr = block->host + offset;
1402 if (block->flags & RAM_PREALLOC_MASK) {
1403 ;
dfeaf2ab
MA		 1404 } else if (xen_enabled()) {
1405 abort();
cd19cfa2
HY		 1406 } else {
1407 flags = MAP_FIXED;
1408 munmap(vaddr, length);
3435f395 1409 if (block->fd >= 0) {
cd19cfa2 1410#ifdef MAP_POPULATE
3435f395
MA		 1411 flags |= mem_prealloc ? MAP_POPULATE | MAP_SHARED :
1412 MAP_PRIVATE;
fd28aa13 1413#else
3435f395 1414 flags |= MAP_PRIVATE;
cd19cfa2 1415#endif
3435f395
MA		 1416 area = mmap(vaddr, length, PROT_READ | PROT_WRITE,
1417 flags, block->fd, offset);
cd19cfa2 1418 } else {
2eb9fbaa
MA		 1419 /*
1420 * Remap needs to match alloc. Accelerators that
1421 * set phys_mem_alloc never remap. If they did,
1422 * we'd need a remap hook here.
1423 */
1424 assert(phys_mem_alloc == qemu_anon_ram_alloc);
1425
cd19cfa2
HY		 1426 flags |= MAP_PRIVATE | MAP_ANONYMOUS;
1427 area = mmap(vaddr, length, PROT_READ | PROT_WRITE,
1428 flags, -1, 0);
cd19cfa2
HY		 1429 }
1430 if (area != vaddr) {
f15fbc4b
AP		 1431 fprintf(stderr, "Could not remap addr: "
1432 RAM_ADDR_FMT "@" RAM_ADDR_FMT "\n",
cd19cfa2
HY		 1433 length, addr);
1434 exit(1);
1435 }
8490fc78 1436 memory_try_enable_merging(vaddr, length);
ddb97f1d 1437 qemu_ram_setup_dump(vaddr, length);
cd19cfa2
HY		 1438 }
1439 return;
1440 }
1441 }
1442}
1443#endif /* !_WIN32 */
1444
1b5ec234
PB		 1445/* Return a host pointer to ram allocated with qemu_ram_alloc.
1446 With the exception of the softmmu code in this file, this should
1447 only be used for local memory (e.g. video ram) that the device owns,
1448 and knows it isn't going to access beyond the end of the block.
1449
1450 It should not be used for general purpose DMA.
1451 Use cpu_physical_memory_map/cpu_physical_memory_rw instead.
1452 */
1453void *qemu_get_ram_ptr(ram_addr_t addr)
1454{
1455 RAMBlock *block = qemu_get_ram_block(addr);
1456
0d6d3c87
PB		 1457 if (xen_enabled()) {
1458 /* We need to check if the requested address is in the RAM
1459 * because we don't want to map the entire memory in QEMU.
1460 * In that case just map until the end of the page.
1461 */
1462 if (block->offset == 0) {
1463 return xen_map_cache(addr, 0, 0);
1464 } else if (block->host == NULL) {
1465 block->host =
1466 xen_map_cache(block->offset, block->length, 1);
1467 }
1468 }
1469 return block->host + (addr - block->offset);
dc828ca1
PB		 1470}
1471
38bee5dc
SS		 1472/* Return a host pointer to guest's ram. Similar to qemu_get_ram_ptr
1473 * but takes a size argument */
cb85f7ab 1474static void *qemu_ram_ptr_length(ram_addr_t addr, hwaddr *size)
38bee5dc 1475{
8ab934f9
SS		 1476 if (*size == 0) {
1477 return NULL;
1478 }
868bb33f 1479 if (xen_enabled()) {
e41d7c69 1480 return xen_map_cache(addr, *size, 1);
868bb33f 1481 } else {
38bee5dc
SS		 1482 RAMBlock *block;
1483
a3161038 1484 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
38bee5dc
SS		 1485 if (addr - block->offset < block->length) {
1486 if (addr - block->offset + *size > block->length)
1487 *size = block->length - addr + block->offset;
1488 return block->host + (addr - block->offset);
1489 }
1490 }
1491
1492 fprintf(stderr, "Bad ram offset %" PRIx64 "\n", (uint64_t)addr);
1493 abort();
38bee5dc
SS		 1494 }
1495}
1496
7443b437
PB		 1497/* Some of the softmmu routines need to translate from a host pointer
1498 (typically a TLB entry) back to a ram offset. */
1b5ec234 1499MemoryRegion *qemu_ram_addr_from_host(void *ptr, ram_addr_t *ram_addr)
5579c7f3 1500{
94a6b54f
PB		 1501 RAMBlock *block;
1502 uint8_t *host = ptr;
1503
868bb33f 1504 if (xen_enabled()) {
e41d7c69 1505 *ram_addr = xen_ram_addr_from_mapcache(ptr);
1b5ec234 1506 return qemu_get_ram_block(*ram_addr)->mr;
712c2b41
SS		 1507 }
1508
23887b79
PB		 1509 block = ram_list.mru_block;
1510 if (block && block->host && host - block->host < block->length) {
1511 goto found;
1512 }
1513
a3161038 1514 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
432d268c
JN		 1515 /* This case append when the block is not mapped. */
1516 if (block->host == NULL) {
1517 continue;
1518 }
f471a17e 1519 if (host - block->host < block->length) {
23887b79 1520 goto found;
f471a17e 1521 }
94a6b54f 1522 }
432d268c 1523
1b5ec234 1524 return NULL;
23887b79
PB		 1525
1526found:
1527 *ram_addr = block->offset + (host - block->host);
1b5ec234 1528 return block->mr;
e890261f 1529}
f471a17e 1530
a8170e5e 1531static void notdirty_mem_write(void *opaque, hwaddr ram_addr,
0e0df1e2 1532 uint64_t val, unsigned size)
9fa3e853 1533{
52159192 1534 if (!cpu_physical_memory_get_dirty_flag(ram_addr, DIRTY_MEMORY_CODE)) {
0e0df1e2 1535 tb_invalidate_phys_page_fast(ram_addr, size);
3a7d929e 1536 }
0e0df1e2
AK		 1537 switch (size) {
1538 case 1:
1539 stb_p(qemu_get_ram_ptr(ram_addr), val);
1540 break;
1541 case 2:
1542 stw_p(qemu_get_ram_ptr(ram_addr), val);
1543 break;
1544 case 4:
1545 stl_p(qemu_get_ram_ptr(ram_addr), val);
1546 break;
1547 default:
1548 abort();
3a7d929e 1549 }
52159192
JQ		 1550 cpu_physical_memory_set_dirty_flag(ram_addr, DIRTY_MEMORY_MIGRATION);
1551 cpu_physical_memory_set_dirty_flag(ram_addr, DIRTY_MEMORY_VGA);
f23db169
FB		 1552 /* we remove the notdirty callback only if the code has been
1553 flushed */
a2cd8c85 1554 if (!cpu_physical_memory_is_clean(ram_addr)) {
4917cf44
AF		 1555 CPUArchState *env = current_cpu->env_ptr;
1556 tlb_set_dirty(env, env->mem_io_vaddr);
1557 }
9fa3e853
FB		 1558}
1559
b018ddf6
PB		 1560static bool notdirty_mem_accepts(void *opaque, hwaddr addr,
1561 unsigned size, bool is_write)
1562{
1563 return is_write;
1564}
1565
0e0df1e2 1566static const MemoryRegionOps notdirty_mem_ops = {
0e0df1e2 1567 .write = notdirty_mem_write,
b018ddf6 1568 .valid.accepts = notdirty_mem_accepts,
0e0df1e2 1569 .endianness = DEVICE_NATIVE_ENDIAN,
1ccde1cb
FB		 1570};
1571
0f459d16 1572/* Generate a debug exception if a watchpoint has been hit. */
b4051334 1573static void check_watchpoint(int offset, int len_mask, int flags)
0f459d16 1574{
4917cf44 1575 CPUArchState *env = current_cpu->env_ptr;
06d55cc1 1576 target_ulong pc, cs_base;
0f459d16 1577 target_ulong vaddr;
a1d1bb31 1578 CPUWatchpoint *wp;
06d55cc1 1579 int cpu_flags;
0f459d16 1580
06d55cc1
AL		 1581 if (env->watchpoint_hit) {
1582 /* We re-entered the check after replacing the TB. Now raise
1583 * the debug interrupt so that is will trigger after the
1584 * current instruction. */
c3affe56 1585 cpu_interrupt(ENV_GET_CPU(env), CPU_INTERRUPT_DEBUG);
06d55cc1
AL		 1586 return;
1587 }
2e70f6ef 1588 vaddr = (env->mem_io_vaddr & TARGET_PAGE_MASK) + offset;
72cf2d4f 1589 QTAILQ_FOREACH(wp, &env->watchpoints, entry) {
b4051334
AL		 1590 if ((vaddr == (wp->vaddr & len_mask) ||
1591 (vaddr & wp->len_mask) == wp->vaddr) && (wp->flags & flags)) {
6e140f28
AL		 1592 wp->flags |= BP_WATCHPOINT_HIT;
1593 if (!env->watchpoint_hit) {
1594 env->watchpoint_hit = wp;
5a316526 1595 tb_check_watchpoint(env);
6e140f28
AL		 1596 if (wp->flags & BP_STOP_BEFORE_ACCESS) {
1597 env->exception_index = EXCP_DEBUG;
488d6577 1598 cpu_loop_exit(env);
6e140f28
AL		 1599 } else {
1600 cpu_get_tb_cpu_state(env, &pc, &cs_base, &cpu_flags);
1601 tb_gen_code(env, pc, cs_base, cpu_flags, 1);
488d6577 1602 cpu_resume_from_signal(env, NULL);
6e140f28 1603 }
06d55cc1 1604 }
6e140f28
AL		 1605 } else {
1606 wp->flags &= ~BP_WATCHPOINT_HIT;
0f459d16
PB		 1607 }
1608 }
1609}
1610
6658ffb8
PB		 1611/* Watchpoint access routines. Watchpoints are inserted using TLB tricks,
1612 so these check for a hit then pass through to the normal out-of-line
1613 phys routines. */
a8170e5e 1614static uint64_t watch_mem_read(void *opaque, hwaddr addr,
1ec9b909 1615 unsigned size)
6658ffb8 1616{
1ec9b909
AK		 1617 check_watchpoint(addr & ~TARGET_PAGE_MASK, ~(size - 1), BP_MEM_READ);
1618 switch (size) {
2c17449b 1619 case 1: return ldub_phys(&address_space_memory, addr);
41701aa4 1620 case 2: return lduw_phys(&address_space_memory, addr);
fdfba1a2 1621 case 4: return ldl_phys(&address_space_memory, addr);
1ec9b909
AK		 1622 default: abort();
1623 }
6658ffb8
PB		 1624}
1625
a8170e5e 1626static void watch_mem_write(void *opaque, hwaddr addr,
1ec9b909 1627 uint64_t val, unsigned size)
6658ffb8 1628{
1ec9b909
AK		 1629 check_watchpoint(addr & ~TARGET_PAGE_MASK, ~(size - 1), BP_MEM_WRITE);
1630 switch (size) {
67364150 1631 case 1:
db3be60d 1632 stb_phys(&address_space_memory, addr, val);
67364150
MF		 1633 break;
1634 case 2:
5ce5944d 1635 stw_phys(&address_space_memory, addr, val);
67364150
MF		 1636 break;
1637 case 4:
ab1da857 1638 stl_phys(&address_space_memory, addr, val);
67364150 1639 break;
1ec9b909
AK		 1640 default: abort();
1641 }
6658ffb8
PB		 1642}
1643
1ec9b909
AK		 1644static const MemoryRegionOps watch_mem_ops = {
1645 .read = watch_mem_read,
1646 .write = watch_mem_write,
1647 .endianness = DEVICE_NATIVE_ENDIAN,
6658ffb8 1648};
6658ffb8 1649
a8170e5e 1650static uint64_t subpage_read(void *opaque, hwaddr addr,
70c68e44 1651 unsigned len)
db7b5426 1652{
acc9d80b
JK		 1653 subpage_t *subpage = opaque;
1654 uint8_t buf[4];
791af8c8 1655
db7b5426 1656#if defined(DEBUG_SUBPAGE)
016e9d62 1657 printf("%s: subpage %p len %u addr " TARGET_FMT_plx "\n", __func__,
acc9d80b 1658 subpage, len, addr);
db7b5426 1659#endif
acc9d80b
JK		 1660 address_space_read(subpage->as, addr + subpage->base, buf, len);
1661 switch (len) {
1662 case 1:
1663 return ldub_p(buf);
1664 case 2:
1665 return lduw_p(buf);
1666 case 4:
1667 return ldl_p(buf);
1668 default:
1669 abort();
1670 }
db7b5426
BS		 1671}
1672
a8170e5e 1673static void subpage_write(void *opaque, hwaddr addr,
70c68e44 1674 uint64_t value, unsigned len)
db7b5426 1675{
acc9d80b
JK		 1676 subpage_t *subpage = opaque;
1677 uint8_t buf[4];
1678
db7b5426 1679#if defined(DEBUG_SUBPAGE)
016e9d62 1680 printf("%s: subpage %p len %u addr " TARGET_FMT_plx
acc9d80b
JK		 1681 " value %"PRIx64"\n",
1682 __func__, subpage, len, addr, value);
db7b5426 1683#endif
acc9d80b
JK		 1684 switch (len) {
1685 case 1:
1686 stb_p(buf, value);
1687 break;
1688 case 2:
1689 stw_p(buf, value);
1690 break;
1691 case 4:
1692 stl_p(buf, value);
1693 break;
1694 default:
1695 abort();
1696 }
1697 address_space_write(subpage->as, addr + subpage->base, buf, len);
db7b5426
BS		 1698}
1699
c353e4cc 1700static bool subpage_accepts(void *opaque, hwaddr addr,
016e9d62 1701 unsigned len, bool is_write)
c353e4cc 1702{
acc9d80b 1703 subpage_t *subpage = opaque;
c353e4cc 1704#if defined(DEBUG_SUBPAGE)
016e9d62 1705 printf("%s: subpage %p %c len %u addr " TARGET_FMT_plx "\n",
acc9d80b 1706 __func__, subpage, is_write ? 'w' : 'r', len, addr);
c353e4cc
PB		 1707#endif
1708
acc9d80b 1709 return address_space_access_valid(subpage->as, addr + subpage->base,
016e9d62 1710 len, is_write);
c353e4cc
PB		 1711}
1712
70c68e44
AK		 1713static const MemoryRegionOps subpage_ops = {
1714 .read = subpage_read,
1715 .write = subpage_write,
c353e4cc 1716 .valid.accepts = subpage_accepts,
70c68e44 1717 .endianness = DEVICE_NATIVE_ENDIAN,
db7b5426
BS		 1718};
1719
c227f099 1720static int subpage_register (subpage_t *mmio, uint32_t start, uint32_t end,
5312bd8b 1721 uint16_t section)
db7b5426
BS		 1722{
1723 int idx, eidx;
1724
1725 if (start >= TARGET_PAGE_SIZE || end >= TARGET_PAGE_SIZE)
1726 return -1;
1727 idx = SUBPAGE_IDX(start);
1728 eidx = SUBPAGE_IDX(end);
1729#if defined(DEBUG_SUBPAGE)
016e9d62
AK		 1730 printf("%s: %p start %08x end %08x idx %08x eidx %08x section %d\n",
1731 __func__, mmio, start, end, idx, eidx, section);
db7b5426 1732#endif
db7b5426 1733 for (; idx <= eidx; idx++) {
5312bd8b 1734 mmio->sub_section[idx] = section;
db7b5426
BS		 1735 }
1736
1737 return 0;
1738}
1739
acc9d80b 1740static subpage_t *subpage_init(AddressSpace *as, hwaddr base)
db7b5426 1741{
c227f099 1742 subpage_t *mmio;
db7b5426 1743
7267c094 1744 mmio = g_malloc0(sizeof(subpage_t));
1eec614b 1745
acc9d80b 1746 mmio->as = as;
1eec614b 1747 mmio->base = base;
2c9b15ca 1748 memory_region_init_io(&mmio->iomem, NULL, &subpage_ops, mmio,
70c68e44 1749 "subpage", TARGET_PAGE_SIZE);
b3b00c78 1750 mmio->iomem.subpage = true;
db7b5426 1751#if defined(DEBUG_SUBPAGE)
016e9d62
AK		 1752 printf("%s: %p base " TARGET_FMT_plx " len %08x\n", __func__,
1753 mmio, base, TARGET_PAGE_SIZE);
db7b5426 1754#endif
b41aac4f 1755 subpage_register(mmio, 0, TARGET_PAGE_SIZE-1, PHYS_SECTION_UNASSIGNED);
db7b5426
BS		 1756
1757 return mmio;
1758}
1759
53cb28cb 1760static uint16_t dummy_section(PhysPageMap *map, MemoryRegion *mr)
5312bd8b
AK		 1761{
1762 MemoryRegionSection section = {
3be91e86 1763 .address_space = &address_space_memory,
5312bd8b
AK		 1764 .mr = mr,
1765 .offset_within_address_space = 0,
1766 .offset_within_region = 0,
052e87b0 1767 .size = int128_2_64(),
5312bd8b
AK		 1768 };
1769
53cb28cb 1770 return phys_section_add(map, &section);
5312bd8b
AK		 1771}
1772
77717094 1773MemoryRegion *iotlb_to_region(AddressSpace *as, hwaddr index)
aa102231 1774{
77717094 1775 return as->dispatch->map.sections[index & ~TARGET_PAGE_MASK].mr;
aa102231
AK		 1776}
1777
e9179ce1
AK		 1778static void io_mem_init(void)
1779{
2c9b15ca
PB		 1780 memory_region_init_io(&io_mem_rom, NULL, &unassigned_mem_ops, NULL, "rom", UINT64_MAX);
1781 memory_region_init_io(&io_mem_unassigned, NULL, &unassigned_mem_ops, NULL,
0e0df1e2 1782 "unassigned", UINT64_MAX);
2c9b15ca 1783 memory_region_init_io(&io_mem_notdirty, NULL, &notdirty_mem_ops, NULL,
0e0df1e2 1784 "notdirty", UINT64_MAX);
2c9b15ca 1785 memory_region_init_io(&io_mem_watch, NULL, &watch_mem_ops, NULL,
1ec9b909 1786 "watch", UINT64_MAX);
e9179ce1
AK		 1787}
1788
ac1970fb 1789static void mem_begin(MemoryListener *listener)
00752703
PB		 1790{
1791 AddressSpace *as = container_of(listener, AddressSpace, dispatch_listener);
53cb28cb
MA		 1792 AddressSpaceDispatch *d = g_new0(AddressSpaceDispatch, 1);
1793 uint16_t n;
1794
1795 n = dummy_section(&d->map, &io_mem_unassigned);
1796 assert(n == PHYS_SECTION_UNASSIGNED);
1797 n = dummy_section(&d->map, &io_mem_notdirty);
1798 assert(n == PHYS_SECTION_NOTDIRTY);
1799 n = dummy_section(&d->map, &io_mem_rom);
1800 assert(n == PHYS_SECTION_ROM);
1801 n = dummy_section(&d->map, &io_mem_watch);
1802 assert(n == PHYS_SECTION_WATCH);
00752703 1803
9736e55b 1804 d->phys_map = (PhysPageEntry) { .ptr = PHYS_MAP_NODE_NIL, .skip = 1 };
00752703
PB		 1805 d->as = as;
1806 as->next_dispatch = d;
1807}
1808
1809static void mem_commit(MemoryListener *listener)
ac1970fb 1810{
89ae337a 1811 AddressSpace *as = container_of(listener, AddressSpace, dispatch_listener);
0475d94f
PB		 1812 AddressSpaceDispatch *cur = as->dispatch;
1813 AddressSpaceDispatch *next = as->next_dispatch;
1814
53cb28cb 1815 phys_page_compact_all(next, next->map.nodes_nb);
b35ba30f 1816
0475d94f 1817 as->dispatch = next;
b41aac4f 1818
53cb28cb
MA		 1819 if (cur) {
1820 phys_sections_free(&cur->map);
1821 g_free(cur);
1822 }
9affd6fc
PB		 1823}
1824
1d71148e 1825static void tcg_commit(MemoryListener *listener)
50c1e149 1826{
182735ef 1827 CPUState *cpu;
117712c3
AK		 1828
1829 /* since each CPU stores ram addresses in its TLB cache, we must
1830 reset the modified entries */
1831 /* XXX: slow ! */
bdc44640 1832 CPU_FOREACH(cpu) {
182735ef
AF		 1833 CPUArchState *env = cpu->env_ptr;
1834
33bde2e1
EI		 1835 /* FIXME: Disentangle the cpu.h circular files deps so we can
1836 directly get the right CPU from listener. */
1837 if (cpu->tcg_as_listener != listener) {
1838 continue;
1839 }
117712c3
AK		 1840 tlb_flush(env, 1);
1841 }
50c1e149
AK		 1842}
1843
93632747
AK		 1844static void core_log_global_start(MemoryListener *listener)
1845{
981fdf23 1846 cpu_physical_memory_set_dirty_tracking(true);
93632747
AK		 1847}
1848
1849static void core_log_global_stop(MemoryListener *listener)
1850{
981fdf23 1851 cpu_physical_memory_set_dirty_tracking(false);
93632747
AK		 1852}
1853
93632747 1854static MemoryListener core_memory_listener = {
93632747
AK		 1855 .log_global_start = core_log_global_start,
1856 .log_global_stop = core_log_global_stop,
ac1970fb 1857 .priority = 1,
93632747
AK		 1858};
1859
ac1970fb
AK		 1860void address_space_init_dispatch(AddressSpace *as)
1861{
00752703 1862 as->dispatch = NULL;
89ae337a 1863 as->dispatch_listener = (MemoryListener) {
ac1970fb 1864 .begin = mem_begin,
00752703 1865 .commit = mem_commit,
ac1970fb
AK		 1866 .region_add = mem_add,
1867 .region_nop = mem_add,
1868 .priority = 0,
1869 };
89ae337a 1870 memory_listener_register(&as->dispatch_listener, as);
ac1970fb
AK		 1871}
1872
83f3c251
AK		 1873void address_space_destroy_dispatch(AddressSpace *as)
1874{
1875 AddressSpaceDispatch *d = as->dispatch;
1876
89ae337a 1877 memory_listener_unregister(&as->dispatch_listener);
83f3c251
AK		 1878 g_free(d);
1879 as->dispatch = NULL;
1880}
1881
62152b8a
AK		 1882static void memory_map_init(void)
1883{
7267c094 1884 system_memory = g_malloc(sizeof(*system_memory));
03f49957 1885
57271d63 1886 memory_region_init(system_memory, NULL, "system", UINT64_MAX);
7dca8043 1887 address_space_init(&address_space_memory, system_memory, "memory");
309cb471 1888
7267c094 1889 system_io = g_malloc(sizeof(*system_io));
3bb28b72
JK		 1890 memory_region_init_io(system_io, NULL, &unassigned_io_ops, NULL, "io",
1891 65536);
7dca8043 1892 address_space_init(&address_space_io, system_io, "I/O");
93632747 1893
f6790af6 1894 memory_listener_register(&core_memory_listener, &address_space_memory);
62152b8a
AK		 1895}
1896
1897MemoryRegion *get_system_memory(void)
1898{
1899 return system_memory;
1900}
1901
309cb471
AK		 1902MemoryRegion *get_system_io(void)
1903{
1904 return system_io;
1905}
1906
e2eef170
PB		 1907#endif /* !defined(CONFIG_USER_ONLY) */
1908
13eb76e0
FB		 1909/* physical memory access (slow version, mainly for debug) */
1910#if defined(CONFIG_USER_ONLY)
f17ec444 1911int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
a68fe89c 1912 uint8_t *buf, int len, int is_write)
13eb76e0
FB		 1913{
1914 int l, flags;
1915 target_ulong page;
53a5960a 1916 void * p;
13eb76e0
FB		 1917
1918 while (len > 0) {
1919 page = addr & TARGET_PAGE_MASK;
1920 l = (page + TARGET_PAGE_SIZE) - addr;
1921 if (l > len)
1922 l = len;
1923 flags = page_get_flags(page);
1924 if (!(flags & PAGE_VALID))
a68fe89c 1925 return -1;
13eb76e0
FB		 1926 if (is_write) {
1927 if (!(flags & PAGE_WRITE))
a68fe89c 1928 return -1;
579a97f7 1929 /* XXX: this code should not depend on lock_user */
72fb7daa 1930 if (!(p = lock_user(VERIFY_WRITE, addr, l, 0)))
a68fe89c 1931 return -1;
72fb7daa
AJ		 1932 memcpy(p, buf, l);
1933 unlock_user(p, addr, l);
13eb76e0
FB		 1934 } else {
1935 if (!(flags & PAGE_READ))
a68fe89c 1936 return -1;
579a97f7 1937 /* XXX: this code should not depend on lock_user */
72fb7daa 1938 if (!(p = lock_user(VERIFY_READ, addr, l, 1)))
a68fe89c 1939 return -1;
72fb7daa 1940 memcpy(buf, p, l);
5b257578 1941 unlock_user(p, addr, 0);
13eb76e0
FB		 1942 }
1943 len -= l;
1944 buf += l;
1945 addr += l;
1946 }
a68fe89c 1947 return 0;
13eb76e0 1948}
8df1cd07 1949
13eb76e0 1950#else
51d7a9eb 1951
a8170e5e
AK		 1952static void invalidate_and_set_dirty(hwaddr addr,
1953 hwaddr length)
51d7a9eb 1954{
a2cd8c85 1955 if (cpu_physical_memory_is_clean(addr)) {
51d7a9eb
AP		 1956 /* invalidate code */
1957 tb_invalidate_phys_page_range(addr, addr + length, 0);
1958 /* set dirty bit */
52159192
JQ		 1959 cpu_physical_memory_set_dirty_flag(addr, DIRTY_MEMORY_VGA);
1960 cpu_physical_memory_set_dirty_flag(addr, DIRTY_MEMORY_MIGRATION);
51d7a9eb 1961 }
e226939d 1962 xen_modified_memory(addr, length);
51d7a9eb
AP		 1963}
1964
23326164 1965static int memory_access_size(MemoryRegion *mr, unsigned l, hwaddr addr)
82f2563f 1966{
e1622f4b 1967 unsigned access_size_max = mr->ops->valid.max_access_size;
23326164
RH		 1968
1969 /* Regions are assumed to support 1-4 byte accesses unless
1970 otherwise specified. */
23326164
RH		 1971 if (access_size_max == 0) {
1972 access_size_max = 4;
1973 }
1974
1975 /* Bound the maximum access by the alignment of the address. */
1976 if (!mr->ops->impl.unaligned) {
1977 unsigned align_size_max = addr & -addr;
1978 if (align_size_max != 0 && align_size_max < access_size_max) {
1979 access_size_max = align_size_max;
1980 }
82f2563f 1981 }
23326164
RH		 1982
1983 /* Don't attempt accesses larger than the maximum. */
1984 if (l > access_size_max) {
1985 l = access_size_max;
82f2563f 1986 }
098178f2
PB		 1987 if (l & (l - 1)) {
1988 l = 1 << (qemu_fls(l) - 1);
1989 }
23326164
RH		 1990
1991 return l;
82f2563f
PB		 1992}
1993
fd8aaa76 1994bool address_space_rw(AddressSpace *as, hwaddr addr, uint8_t *buf,
ac1970fb 1995 int len, bool is_write)
13eb76e0 1996{
149f54b5 1997 hwaddr l;
13eb76e0 1998 uint8_t *ptr;
791af8c8 1999 uint64_t val;
149f54b5 2000 hwaddr addr1;
5c8a00ce 2001 MemoryRegion *mr;
fd8aaa76 2002 bool error = false;
3b46e624 2003
13eb76e0 2004 while (len > 0) {
149f54b5 2005 l = len;
5c8a00ce 2006 mr = address_space_translate(as, addr, &addr1, &l, is_write);
3b46e624 2007
13eb76e0 2008 if (is_write) {
5c8a00ce
PB		 2009 if (!memory_access_is_direct(mr, is_write)) {
2010 l = memory_access_size(mr, l, addr1);
4917cf44 2011 /* XXX: could force current_cpu to NULL to avoid
6a00d601 2012 potential bugs */
23326164
RH		 2013 switch (l) {
2014 case 8:
2015 /* 64 bit write access */
2016 val = ldq_p(buf);
2017 error |= io_mem_write(mr, addr1, val, 8);
2018 break;
2019 case 4:
1c213d19 2020 /* 32 bit write access */
c27004ec 2021 val = ldl_p(buf);
5c8a00ce 2022 error |= io_mem_write(mr, addr1, val, 4);
23326164
RH		 2023 break;
2024 case 2:
1c213d19 2025 /* 16 bit write access */
c27004ec 2026 val = lduw_p(buf);
5c8a00ce 2027 error |= io_mem_write(mr, addr1, val, 2);
23326164
RH		 2028 break;
2029 case 1:
1c213d19 2030 /* 8 bit write access */
c27004ec 2031 val = ldub_p(buf);
5c8a00ce 2032 error |= io_mem_write(mr, addr1, val, 1);
23326164
RH		 2033 break;
2034 default:
2035 abort();
13eb76e0 2036 }
2bbfa05d 2037 } else {
5c8a00ce 2038 addr1 += memory_region_get_ram_addr(mr);
13eb76e0 2039 /* RAM case */
5579c7f3 2040 ptr = qemu_get_ram_ptr(addr1);
13eb76e0 2041 memcpy(ptr, buf, l);
51d7a9eb 2042 invalidate_and_set_dirty(addr1, l);
13eb76e0
FB		 2043 }
2044 } else {
5c8a00ce 2045 if (!memory_access_is_direct(mr, is_write)) {
13eb76e0 2046 /* I/O case */
5c8a00ce 2047 l = memory_access_size(mr, l, addr1);
23326164
RH		 2048 switch (l) {
2049 case 8:
2050 /* 64 bit read access */
2051 error |= io_mem_read(mr, addr1, &val, 8);
2052 stq_p(buf, val);
2053 break;
2054 case 4:
13eb76e0 2055 /* 32 bit read access */
5c8a00ce 2056 error |= io_mem_read(mr, addr1, &val, 4);
c27004ec 2057 stl_p(buf, val);
23326164
RH		 2058 break;
2059 case 2:
13eb76e0 2060 /* 16 bit read access */
5c8a00ce 2061 error |= io_mem_read(mr, addr1, &val, 2);
c27004ec 2062 stw_p(buf, val);
23326164
RH		 2063 break;
2064 case 1:
1c213d19 2065 /* 8 bit read access */
5c8a00ce 2066 error |= io_mem_read(mr, addr1, &val, 1);
c27004ec 2067 stb_p(buf, val);
23326164
RH		 2068 break;
2069 default:
2070 abort();
13eb76e0
FB		 2071 }
2072 } else {
2073 /* RAM case */
5c8a00ce 2074 ptr = qemu_get_ram_ptr(mr->ram_addr + addr1);
f3705d53 2075 memcpy(buf, ptr, l);
13eb76e0
FB		 2076 }
2077 }
2078 len -= l;
2079 buf += l;
2080 addr += l;
2081 }
fd8aaa76
PB		 2082
2083 return error;
13eb76e0 2084}
8df1cd07 2085
fd8aaa76 2086bool address_space_write(AddressSpace *as, hwaddr addr,
ac1970fb
AK		 2087 const uint8_t *buf, int len)
2088{
fd8aaa76 2089 return address_space_rw(as, addr, (uint8_t *)buf, len, true);
ac1970fb
AK		 2090}
2091
fd8aaa76 2092bool address_space_read(AddressSpace *as, hwaddr addr, uint8_t *buf, int len)
ac1970fb 2093{
fd8aaa76 2094 return address_space_rw(as, addr, buf, len, false);
ac1970fb
AK		 2095}
2096
2097
a8170e5e 2098void cpu_physical_memory_rw(hwaddr addr, uint8_t *buf,
ac1970fb
AK		 2099 int len, int is_write)
2100{
fd8aaa76 2101 address_space_rw(&address_space_memory, addr, buf, len, is_write);
ac1970fb
AK		 2102}
2103
582b55a9
AG		 2104enum write_rom_type {
2105 WRITE_DATA,
2106 FLUSH_CACHE,
2107};
2108
2a221651 2109static inline void cpu_physical_memory_write_rom_internal(AddressSpace *as,
582b55a9 2110 hwaddr addr, const uint8_t *buf, int len, enum write_rom_type type)
d0ecd2aa 2111{
149f54b5 2112 hwaddr l;
d0ecd2aa 2113 uint8_t *ptr;
149f54b5 2114 hwaddr addr1;
5c8a00ce 2115 MemoryRegion *mr;
3b46e624 2116
d0ecd2aa 2117 while (len > 0) {
149f54b5 2118 l = len;
2a221651 2119 mr = address_space_translate(as, addr, &addr1, &l, true);
3b46e624 2120
5c8a00ce
PB		 2121 if (!(memory_region_is_ram(mr) ||
2122 memory_region_is_romd(mr))) {
d0ecd2aa
FB		 2123 /* do nothing */
2124 } else {
5c8a00ce 2125 addr1 += memory_region_get_ram_addr(mr);
d0ecd2aa 2126 /* ROM/RAM case */
5579c7f3 2127 ptr = qemu_get_ram_ptr(addr1);
582b55a9
AG		 2128 switch (type) {
2129 case WRITE_DATA:
2130 memcpy(ptr, buf, l);
2131 invalidate_and_set_dirty(addr1, l);
2132 break;
2133 case FLUSH_CACHE:
2134 flush_icache_range((uintptr_t)ptr, (uintptr_t)ptr + l);
2135 break;
2136 }
d0ecd2aa
FB		 2137 }
2138 len -= l;
2139 buf += l;
2140 addr += l;
2141 }
2142}
2143
582b55a9 2144/* used for ROM loading : can write in RAM and ROM */
2a221651 2145void cpu_physical_memory_write_rom(AddressSpace *as, hwaddr addr,
582b55a9
AG		 2146 const uint8_t *buf, int len)
2147{
2a221651 2148 cpu_physical_memory_write_rom_internal(as, addr, buf, len, WRITE_DATA);
582b55a9
AG		 2149}
2150
2151void cpu_flush_icache_range(hwaddr start, int len)
2152{
2153 /*
2154 * This function should do the same thing as an icache flush that was
2155 * triggered from within the guest. For TCG we are always cache coherent,
2156 * so there is no need to flush anything. For KVM / Xen we need to flush
2157 * the host's instruction cache at least.
2158 */
2159 if (tcg_enabled()) {
2160 return;
2161 }
2162
2a221651
EI		 2163 cpu_physical_memory_write_rom_internal(&address_space_memory,
2164 start, NULL, len, FLUSH_CACHE);
582b55a9
AG		 2165}
2166
6d16c2f8 2167typedef struct {
d3e71559 2168 MemoryRegion *mr;
6d16c2f8 2169 void *buffer;
a8170e5e
AK		 2170 hwaddr addr;
2171 hwaddr len;
6d16c2f8
AL		 2172} BounceBuffer;
2173
2174static BounceBuffer bounce;
2175
ba223c29
AL		 2176typedef struct MapClient {
2177 void *opaque;
2178 void (*callback)(void *opaque);
72cf2d4f 2179 QLIST_ENTRY(MapClient) link;
ba223c29
AL		 2180} MapClient;
2181
72cf2d4f
BS		 2182static QLIST_HEAD(map_client_list, MapClient) map_client_list
2183 = QLIST_HEAD_INITIALIZER(map_client_list);
ba223c29
AL		 2184
2185void *cpu_register_map_client(void *opaque, void (*callback)(void *opaque))
2186{
7267c094 2187 MapClient *client = g_malloc(sizeof(*client));
ba223c29
AL		 2188
2189 client->opaque = opaque;
2190 client->callback = callback;
72cf2d4f 2191 QLIST_INSERT_HEAD(&map_client_list, client, link);
ba223c29
AL		 2192 return client;
2193}
2194
8b9c99d9 2195static void cpu_unregister_map_client(void *_client)
ba223c29
AL		 2196{
2197 MapClient *client = (MapClient *)_client;
2198
72cf2d4f 2199 QLIST_REMOVE(client, link);
7267c094 2200 g_free(client);
ba223c29
AL		 2201}
2202
2203static void cpu_notify_map_clients(void)
2204{
2205 MapClient *client;
2206
72cf2d4f
BS		 2207 while (!QLIST_EMPTY(&map_client_list)) {
2208 client = QLIST_FIRST(&map_client_list);
ba223c29 2209 client->callback(client->opaque);
34d5e948 2210 cpu_unregister_map_client(client);
ba223c29
AL		 2211 }
2212}
2213
51644ab7
PB		 2214bool address_space_access_valid(AddressSpace *as, hwaddr addr, int len, bool is_write)
2215{
5c8a00ce 2216 MemoryRegion *mr;
51644ab7
PB		 2217 hwaddr l, xlat;
2218
2219 while (len > 0) {
2220 l = len;
5c8a00ce
PB		 2221 mr = address_space_translate(as, addr, &xlat, &l, is_write);
2222 if (!memory_access_is_direct(mr, is_write)) {
2223 l = memory_access_size(mr, l, addr);
2224 if (!memory_region_access_valid(mr, xlat, l, is_write)) {
51644ab7
PB		 2225 return false;
2226 }
2227 }
2228
2229 len -= l;
2230 addr += l;
2231 }
2232 return true;
2233}
2234
6d16c2f8
AL		 2235/* Map a physical memory region into a host virtual address.
2236 * May map a subset of the requested range, given by and returned in *plen.
2237 * May return NULL if resources needed to perform the mapping are exhausted.
2238 * Use only for reads OR writes - not for read-modify-write operations.
ba223c29
AL		 2239 * Use cpu_register_map_client() to know when retrying the map operation is
2240 * likely to succeed.
6d16c2f8 2241 */
ac1970fb 2242void *address_space_map(AddressSpace *as,
a8170e5e
AK		 2243 hwaddr addr,
2244 hwaddr *plen,
ac1970fb 2245 bool is_write)
6d16c2f8 2246{
a8170e5e 2247 hwaddr len = *plen;
e3127ae0
PB		 2248 hwaddr done = 0;
2249 hwaddr l, xlat, base;
2250 MemoryRegion *mr, *this_mr;
2251 ram_addr_t raddr;
6d16c2f8 2252
e3127ae0
PB		 2253 if (len == 0) {
2254 return NULL;
2255 }
38bee5dc 2256
e3127ae0
PB		 2257 l = len;
2258 mr = address_space_translate(as, addr, &xlat, &l, is_write);
2259 if (!memory_access_is_direct(mr, is_write)) {
2260 if (bounce.buffer) {
2261 return NULL;
6d16c2f8 2262 }
e85d9db5
KW		 2263 /* Avoid unbounded allocations */
2264 l = MIN(l, TARGET_PAGE_SIZE);
2265 bounce.buffer = qemu_memalign(TARGET_PAGE_SIZE, l);
e3127ae0
PB		 2266 bounce.addr = addr;
2267 bounce.len = l;
d3e71559
PB		 2268
2269 memory_region_ref(mr);
2270 bounce.mr = mr;
e3127ae0
PB		 2271 if (!is_write) {
2272 address_space_read(as, addr, bounce.buffer, l);
8ab934f9 2273 }
6d16c2f8 2274
e3127ae0
PB		 2275 *plen = l;
2276 return bounce.buffer;
2277 }
2278
2279 base = xlat;
2280 raddr = memory_region_get_ram_addr(mr);
2281
2282 for (;;) {
6d16c2f8
AL		 2283 len -= l;
2284 addr += l;
e3127ae0
PB		 2285 done += l;
2286 if (len == 0) {
2287 break;
2288 }
2289
2290 l = len;
2291 this_mr = address_space_translate(as, addr, &xlat, &l, is_write);
2292 if (this_mr != mr || xlat != base + done) {
2293 break;
2294 }
6d16c2f8 2295 }
e3127ae0 2296
d3e71559 2297 memory_region_ref(mr);
e3127ae0
PB		 2298 *plen = done;
2299 return qemu_ram_ptr_length(raddr + base, plen);
6d16c2f8
AL		 2300}
2301
ac1970fb 2302/* Unmaps a memory region previously mapped by address_space_map().
6d16c2f8
AL		 2303 * Will also mark the memory as dirty if is_write == 1. access_len gives
2304 * the amount of memory that was actually read or written by the caller.
2305 */
a8170e5e
AK		 2306void address_space_unmap(AddressSpace *as, void *buffer, hwaddr len,
2307 int is_write, hwaddr access_len)
6d16c2f8
AL		 2308{
2309 if (buffer != bounce.buffer) {
d3e71559
PB		 2310 MemoryRegion *mr;
2311 ram_addr_t addr1;
2312
2313 mr = qemu_ram_addr_from_host(buffer, &addr1);
2314 assert(mr != NULL);
6d16c2f8 2315 if (is_write) {
6d16c2f8
AL		 2316 while (access_len) {
2317 unsigned l;
2318 l = TARGET_PAGE_SIZE;
2319 if (l > access_len)
2320 l = access_len;
51d7a9eb 2321 invalidate_and_set_dirty(addr1, l);
6d16c2f8
AL		 2322 addr1 += l;
2323 access_len -= l;
2324 }
2325 }
868bb33f 2326 if (xen_enabled()) {
e41d7c69 2327 xen_invalidate_map_cache_entry(buffer);
050a0ddf 2328 }
d3e71559 2329 memory_region_unref(mr);
6d16c2f8
AL		 2330 return;
2331 }
2332 if (is_write) {
ac1970fb 2333 address_space_write(as, bounce.addr, bounce.buffer, access_len);
6d16c2f8 2334 }
f8a83245 2335 qemu_vfree(bounce.buffer);
6d16c2f8 2336 bounce.buffer = NULL;
d3e71559 2337 memory_region_unref(bounce.mr);
ba223c29 2338 cpu_notify_map_clients();
6d16c2f8 2339}
d0ecd2aa 2340
a8170e5e
AK		 2341void *cpu_physical_memory_map(hwaddr addr,
2342 hwaddr *plen,
ac1970fb
AK		 2343 int is_write)
2344{
2345 return address_space_map(&address_space_memory, addr, plen, is_write);
2346}
2347
a8170e5e
AK		 2348void cpu_physical_memory_unmap(void *buffer, hwaddr len,
2349 int is_write, hwaddr access_len)
ac1970fb
AK		 2350{
2351 return address_space_unmap(&address_space_memory, buffer, len, is_write, access_len);
2352}
2353
8df1cd07 2354/* warning: addr must be aligned */
fdfba1a2 2355static inline uint32_t ldl_phys_internal(AddressSpace *as, hwaddr addr,
1e78bcc1 2356 enum device_endian endian)
8df1cd07 2357{
8df1cd07 2358 uint8_t *ptr;
791af8c8 2359 uint64_t val;
5c8a00ce 2360 MemoryRegion *mr;
149f54b5
PB		 2361 hwaddr l = 4;
2362 hwaddr addr1;
8df1cd07 2363
fdfba1a2 2364 mr = address_space_translate(as, addr, &addr1, &l, false);
5c8a00ce 2365 if (l < 4 || !memory_access_is_direct(mr, false)) {
8df1cd07 2366 /* I/O case */
5c8a00ce 2367 io_mem_read(mr, addr1, &val, 4);
1e78bcc1
AG		 2368#if defined(TARGET_WORDS_BIGENDIAN)
2369 if (endian == DEVICE_LITTLE_ENDIAN) {
2370 val = bswap32(val);
2371 }
2372#else
2373 if (endian == DEVICE_BIG_ENDIAN) {
2374 val = bswap32(val);
2375 }
2376#endif
8df1cd07
FB		 2377 } else {
2378 /* RAM case */
5c8a00ce 2379 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(mr)
06ef3525 2380 & TARGET_PAGE_MASK)
149f54b5 2381 + addr1);
1e78bcc1
AG		 2382 switch (endian) {
2383 case DEVICE_LITTLE_ENDIAN:
2384 val = ldl_le_p(ptr);
2385 break;
2386 case DEVICE_BIG_ENDIAN:
2387 val = ldl_be_p(ptr);
2388 break;
2389 default:
2390 val = ldl_p(ptr);
2391 break;
2392 }
8df1cd07
FB		 2393 }
2394 return val;
2395}
2396
fdfba1a2 2397uint32_t ldl_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2398{
fdfba1a2 2399 return ldl_phys_internal(as, addr, DEVICE_NATIVE_ENDIAN);
1e78bcc1
AG		 2400}
2401
fdfba1a2 2402uint32_t ldl_le_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2403{
fdfba1a2 2404 return ldl_phys_internal(as, addr, DEVICE_LITTLE_ENDIAN);
1e78bcc1
AG		 2405}
2406
fdfba1a2 2407uint32_t ldl_be_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2408{
fdfba1a2 2409 return ldl_phys_internal(as, addr, DEVICE_BIG_ENDIAN);
1e78bcc1
AG		 2410}
2411
84b7b8e7 2412/* warning: addr must be aligned */
2c17449b 2413static inline uint64_t ldq_phys_internal(AddressSpace *as, hwaddr addr,
1e78bcc1 2414 enum device_endian endian)
84b7b8e7 2415{
84b7b8e7
FB		 2416 uint8_t *ptr;
2417 uint64_t val;
5c8a00ce 2418 MemoryRegion *mr;
149f54b5
PB		 2419 hwaddr l = 8;
2420 hwaddr addr1;
84b7b8e7 2421
2c17449b 2422 mr = address_space_translate(as, addr, &addr1, &l,
5c8a00ce
PB		 2423 false);
2424 if (l < 8 || !memory_access_is_direct(mr, false)) {
84b7b8e7 2425 /* I/O case */
5c8a00ce 2426 io_mem_read(mr, addr1, &val, 8);
968a5627
PB		 2427#if defined(TARGET_WORDS_BIGENDIAN)
2428 if (endian == DEVICE_LITTLE_ENDIAN) {
2429 val = bswap64(val);
2430 }
2431#else
2432 if (endian == DEVICE_BIG_ENDIAN) {
2433 val = bswap64(val);
2434 }
84b7b8e7
FB		 2435#endif
2436 } else {
2437 /* RAM case */
5c8a00ce 2438 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(mr)
06ef3525 2439 & TARGET_PAGE_MASK)
149f54b5 2440 + addr1);
1e78bcc1
AG		 2441 switch (endian) {
2442 case DEVICE_LITTLE_ENDIAN:
2443 val = ldq_le_p(ptr);
2444 break;
2445 case DEVICE_BIG_ENDIAN:
2446 val = ldq_be_p(ptr);
2447 break;
2448 default:
2449 val = ldq_p(ptr);
2450 break;
2451 }
84b7b8e7
FB		 2452 }
2453 return val;
2454}
2455
2c17449b 2456uint64_t ldq_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2457{
2c17449b 2458 return ldq_phys_internal(as, addr, DEVICE_NATIVE_ENDIAN);
1e78bcc1
AG		 2459}
2460
2c17449b 2461uint64_t ldq_le_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2462{
2c17449b 2463 return ldq_phys_internal(as, addr, DEVICE_LITTLE_ENDIAN);
1e78bcc1
AG		 2464}
2465
2c17449b 2466uint64_t ldq_be_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2467{
2c17449b 2468 return ldq_phys_internal(as, addr, DEVICE_BIG_ENDIAN);
1e78bcc1
AG		 2469}
2470
aab33094 2471/* XXX: optimize */
2c17449b 2472uint32_t ldub_phys(AddressSpace *as, hwaddr addr)
aab33094
FB		 2473{
2474 uint8_t val;
2c17449b 2475 address_space_rw(as, addr, &val, 1, 0);
aab33094
FB		 2476 return val;
2477}
2478
733f0b02 2479/* warning: addr must be aligned */
41701aa4 2480static inline uint32_t lduw_phys_internal(AddressSpace *as, hwaddr addr,
1e78bcc1 2481 enum device_endian endian)
aab33094 2482{
733f0b02
MT		 2483 uint8_t *ptr;
2484 uint64_t val;
5c8a00ce 2485 MemoryRegion *mr;
149f54b5
PB		 2486 hwaddr l = 2;
2487 hwaddr addr1;
733f0b02 2488
41701aa4 2489 mr = address_space_translate(as, addr, &addr1, &l,
5c8a00ce
PB		 2490 false);
2491 if (l < 2 || !memory_access_is_direct(mr, false)) {
733f0b02 2492 /* I/O case */
5c8a00ce 2493 io_mem_read(mr, addr1, &val, 2);
1e78bcc1
AG		 2494#if defined(TARGET_WORDS_BIGENDIAN)
2495 if (endian == DEVICE_LITTLE_ENDIAN) {
2496 val = bswap16(val);
2497 }
2498#else
2499 if (endian == DEVICE_BIG_ENDIAN) {
2500 val = bswap16(val);
2501 }
2502#endif
733f0b02
MT		 2503 } else {
2504 /* RAM case */
5c8a00ce 2505 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(mr)
06ef3525 2506 & TARGET_PAGE_MASK)
149f54b5 2507 + addr1);
1e78bcc1
AG		 2508 switch (endian) {
2509 case DEVICE_LITTLE_ENDIAN:
2510 val = lduw_le_p(ptr);
2511 break;
2512 case DEVICE_BIG_ENDIAN:
2513 val = lduw_be_p(ptr);
2514 break;
2515 default:
2516 val = lduw_p(ptr);
2517 break;
2518 }
733f0b02
MT		 2519 }
2520 return val;
aab33094
FB		 2521}
2522
41701aa4 2523uint32_t lduw_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2524{
41701aa4 2525 return lduw_phys_internal(as, addr, DEVICE_NATIVE_ENDIAN);
1e78bcc1
AG		 2526}
2527
41701aa4 2528uint32_t lduw_le_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2529{
41701aa4 2530 return lduw_phys_internal(as, addr, DEVICE_LITTLE_ENDIAN);
1e78bcc1
AG		 2531}
2532
41701aa4 2533uint32_t lduw_be_phys(AddressSpace *as, hwaddr addr)
1e78bcc1 2534{
41701aa4 2535 return lduw_phys_internal(as, addr, DEVICE_BIG_ENDIAN);
1e78bcc1
AG		 2536}
2537
8df1cd07
FB		 2538/* warning: addr must be aligned. The ram page is not masked as dirty
2539 and the code inside is not invalidated. It is useful if the dirty
2540 bits are used to track modified PTEs */
2198a121 2541void stl_phys_notdirty(AddressSpace *as, hwaddr addr, uint32_t val)
8df1cd07 2542{
8df1cd07 2543 uint8_t *ptr;
5c8a00ce 2544 MemoryRegion *mr;
149f54b5
PB		 2545 hwaddr l = 4;
2546 hwaddr addr1;
8df1cd07 2547
2198a121 2548 mr = address_space_translate(as, addr, &addr1, &l,
5c8a00ce
PB		 2549 true);
2550 if (l < 4 || !memory_access_is_direct(mr, true)) {
2551 io_mem_write(mr, addr1, val, 4);
8df1cd07 2552 } else {
5c8a00ce 2553 addr1 += memory_region_get_ram_addr(mr) & TARGET_PAGE_MASK;
5579c7f3 2554 ptr = qemu_get_ram_ptr(addr1);
8df1cd07 2555 stl_p(ptr, val);
74576198
AL		 2556
2557 if (unlikely(in_migration)) {
a2cd8c85 2558 if (cpu_physical_memory_is_clean(addr1)) {
74576198
AL		 2559 /* invalidate code */
2560 tb_invalidate_phys_page_range(addr1, addr1 + 4, 0);
2561 /* set dirty bit */
52159192
JQ		 2562 cpu_physical_memory_set_dirty_flag(addr1,
2563 DIRTY_MEMORY_MIGRATION);
2564 cpu_physical_memory_set_dirty_flag(addr1, DIRTY_MEMORY_VGA);
74576198
AL		 2565 }
2566 }
8df1cd07
FB		 2567 }
2568}
2569
2570/* warning: addr must be aligned */
ab1da857
EI		 2571static inline void stl_phys_internal(AddressSpace *as,
2572 hwaddr addr, uint32_t val,
1e78bcc1 2573 enum device_endian endian)
8df1cd07 2574{
8df1cd07 2575 uint8_t *ptr;
5c8a00ce 2576 MemoryRegion *mr;
149f54b5
PB		 2577 hwaddr l = 4;
2578 hwaddr addr1;
8df1cd07 2579
ab1da857 2580 mr = address_space_translate(as, addr, &addr1, &l,
5c8a00ce
PB		 2581 true);
2582 if (l < 4 || !memory_access_is_direct(mr, true)) {
1e78bcc1
AG		 2583#if defined(TARGET_WORDS_BIGENDIAN)
2584 if (endian == DEVICE_LITTLE_ENDIAN) {
2585 val = bswap32(val);
2586 }
2587#else
2588 if (endian == DEVICE_BIG_ENDIAN) {
2589 val = bswap32(val);
2590 }
2591#endif
5c8a00ce 2592 io_mem_write(mr, addr1, val, 4);
8df1cd07 2593 } else {
8df1cd07 2594 /* RAM case */
5c8a00ce 2595 addr1 += memory_region_get_ram_addr(mr) & TARGET_PAGE_MASK;
5579c7f3 2596 ptr = qemu_get_ram_ptr(addr1);
1e78bcc1
AG		 2597 switch (endian) {
2598 case DEVICE_LITTLE_ENDIAN:
2599 stl_le_p(ptr, val);
2600 break;
2601 case DEVICE_BIG_ENDIAN:
2602 stl_be_p(ptr, val);
2603 break;
2604 default:
2605 stl_p(ptr, val);
2606 break;
2607 }
51d7a9eb 2608 invalidate_and_set_dirty(addr1, 4);
8df1cd07
FB		 2609 }
2610}
2611
ab1da857 2612void stl_phys(AddressSpace *as, hwaddr addr, uint32_t val)
1e78bcc1 2613{
ab1da857 2614 stl_phys_internal(as, addr, val, DEVICE_NATIVE_ENDIAN);
1e78bcc1
AG		 2615}
2616
ab1da857 2617void stl_le_phys(AddressSpace *as, hwaddr addr, uint32_t val)
1e78bcc1 2618{
ab1da857 2619 stl_phys_internal(as, addr, val, DEVICE_LITTLE_ENDIAN);
1e78bcc1
AG		 2620}
2621
ab1da857 2622void stl_be_phys(AddressSpace *as, hwaddr addr, uint32_t val)
1e78bcc1 2623{
ab1da857 2624 stl_phys_internal(as, addr, val, DEVICE_BIG_ENDIAN);
1e78bcc1
AG		 2625}
2626
aab33094 2627/* XXX: optimize */
db3be60d 2628void stb_phys(AddressSpace *as, hwaddr addr, uint32_t val)
aab33094
FB		 2629{
2630 uint8_t v = val;
db3be60d 2631 address_space_rw(as, addr, &v, 1, 1);
aab33094
FB		 2632}
2633
733f0b02 2634/* warning: addr must be aligned */
5ce5944d
EI		 2635static inline void stw_phys_internal(AddressSpace *as,
2636 hwaddr addr, uint32_t val,
1e78bcc1 2637 enum device_endian endian)
aab33094 2638{
733f0b02 2639 uint8_t *ptr;
5c8a00ce 2640 MemoryRegion *mr;
149f54b5
PB		 2641 hwaddr l = 2;
2642 hwaddr addr1;
733f0b02 2643
5ce5944d 2644 mr = address_space_translate(as, addr, &addr1, &l, true);
5c8a00ce 2645 if (l < 2 || !memory_access_is_direct(mr, true)) {
1e78bcc1
AG		 2646#if defined(TARGET_WORDS_BIGENDIAN)
2647 if (endian == DEVICE_LITTLE_ENDIAN) {
2648 val = bswap16(val);
2649 }
2650#else
2651 if (endian == DEVICE_BIG_ENDIAN) {
2652 val = bswap16(val);
2653 }
2654#endif
5c8a00ce 2655 io_mem_write(mr, addr1, val, 2);
733f0b02 2656 } else {
733f0b02 2657 /* RAM case */
5c8a00ce 2658 addr1 += memory_region_get_ram_addr(mr) & TARGET_PAGE_MASK;
733f0b02 2659 ptr = qemu_get_ram_ptr(addr1);
1e78bcc1
AG		 2660 switch (endian) {
2661 case DEVICE_LITTLE_ENDIAN:
2662 stw_le_p(ptr, val);
2663 break;
2664 case DEVICE_BIG_ENDIAN:
2665 stw_be_p(ptr, val);
2666 break;
2667 default:
2668 stw_p(ptr, val);
2669 break;
2670 }
51d7a9eb 2671 invalidate_and_set_dirty(addr1, 2);
733f0b02 2672 }
aab33094
FB		 2673}
2674
5ce5944d 2675void stw_phys(AddressSpace *as, hwaddr addr, uint32_t val)
1e78bcc1 2676{
5ce5944d 2677 stw_phys_internal(as, addr, val, DEVICE_NATIVE_ENDIAN);
1e78bcc1
AG		 2678}
2679
5ce5944d 2680void stw_le_phys(AddressSpace *as, hwaddr addr, uint32_t val)
1e78bcc1 2681{
5ce5944d 2682 stw_phys_internal(as, addr, val, DEVICE_LITTLE_ENDIAN);
1e78bcc1
AG		 2683}
2684
5ce5944d 2685void stw_be_phys(AddressSpace *as, hwaddr addr, uint32_t val)
1e78bcc1 2686{
5ce5944d 2687 stw_phys_internal(as, addr, val, DEVICE_BIG_ENDIAN);
1e78bcc1
AG		 2688}
2689
aab33094 2690/* XXX: optimize */
f606604f 2691void stq_phys(AddressSpace *as, hwaddr addr, uint64_t val)
aab33094
FB		 2692{
2693 val = tswap64(val);
f606604f 2694 address_space_rw(as, addr, (void *) &val, 8, 1);
aab33094
FB		 2695}
2696
f606604f 2697void stq_le_phys(AddressSpace *as, hwaddr addr, uint64_t val)
1e78bcc1
AG		 2698{
2699 val = cpu_to_le64(val);
f606604f 2700 address_space_rw(as, addr, (void *) &val, 8, 1);
1e78bcc1
AG		 2701}
2702
f606604f 2703void stq_be_phys(AddressSpace *as, hwaddr addr, uint64_t val)
1e78bcc1
AG		 2704{
2705 val = cpu_to_be64(val);
f606604f 2706 address_space_rw(as, addr, (void *) &val, 8, 1);
1e78bcc1
AG		 2707}
2708
5e2972fd 2709/* virtual memory access for debug (includes writing to ROM) */
f17ec444 2710int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
b448f2f3 2711 uint8_t *buf, int len, int is_write)
13eb76e0
FB		 2712{
2713 int l;
a8170e5e 2714 hwaddr phys_addr;
9b3c35e0 2715 target_ulong page;
13eb76e0
FB		 2716
2717 while (len > 0) {
2718 page = addr & TARGET_PAGE_MASK;
f17ec444 2719 phys_addr = cpu_get_phys_page_debug(cpu, page);
13eb76e0
FB		 2720 /* if no physical page mapped, return an error */
2721 if (phys_addr == -1)
2722 return -1;
2723 l = (page + TARGET_PAGE_SIZE) - addr;
2724 if (l > len)
2725 l = len;
5e2972fd 2726 phys_addr += (addr & ~TARGET_PAGE_MASK);
2e38847b
EI		 2727 if (is_write) {
2728 cpu_physical_memory_write_rom(cpu->as, phys_addr, buf, l);
2729 } else {
2730 address_space_rw(cpu->as, phys_addr, buf, l, 0);
2731 }
13eb76e0
FB		 2732 len -= l;
2733 buf += l;
2734 addr += l;
2735 }
2736 return 0;
2737}
a68fe89c 2738#endif
13eb76e0 2739
8e4a424b
BS		 2740#if !defined(CONFIG_USER_ONLY)
2741
2742/*
2743 * A helper function for the _utterly broken_ virtio device model to find out if
2744 * it's running on a big endian machine. Don't do this at home kids!
2745 */
2746bool virtio_is_big_endian(void);
2747bool virtio_is_big_endian(void)
2748{
2749#if defined(TARGET_WORDS_BIGENDIAN)
2750 return true;
2751#else
2752 return false;
2753#endif
2754}
2755
2756#endif
2757
76f35538 2758#ifndef CONFIG_USER_ONLY
a8170e5e 2759bool cpu_physical_memory_is_io(hwaddr phys_addr)
76f35538 2760{
5c8a00ce 2761 MemoryRegion*mr;
149f54b5 2762 hwaddr l = 1;
76f35538 2763
5c8a00ce
PB		 2764 mr = address_space_translate(&address_space_memory,
2765 phys_addr, &phys_addr, &l, false);
76f35538 2766
5c8a00ce
PB		 2767 return !(memory_region_is_ram(mr) ||
2768 memory_region_is_romd(mr));
76f35538 2769}
bd2fa51f
MH		 2770
2771void qemu_ram_foreach_block(RAMBlockIterFunc func, void *opaque)
2772{
2773 RAMBlock *block;
2774
2775 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
2776 func(block->host, block->offset, block->length, opaque);
2777 }
2778}
ec3f8c99 2779#endif
QEMU mirror