projects / qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
exec: just use io_mem_read/io_mem_write for 8-byte I/O accesses
[qemu.git] / exec.c
CommitLineData
54936004 1/*
5b6dd868 2 * Virtual page mapping
5fafdf24 3 *
54936004
FB		 4 * Copyright (c) 2003 Fabrice Bellard
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
8167ee88 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
54936004 18 */
67b915a5 19#include "config.h"
d5a8f07c
FB		 20#ifdef _WIN32
21#include <windows.h>
22#else
a98d49b1 23#include <sys/types.h>
d5a8f07c
FB		 24#include <sys/mman.h>
25#endif
54936004 26
055403b2 27#include "qemu-common.h"
6180a181 28#include "cpu.h"
b67d9a52 29#include "tcg.h"
b3c7724c 30#include "hw/hw.h"
cc9e98cb 31#include "hw/qdev.h"
1de7afc9 32#include "qemu/osdep.h"
9c17d615 33#include "sysemu/kvm.h"
0d09e41a 34#include "hw/xen/xen.h"
1de7afc9
PB		 35#include "qemu/timer.h"
36#include "qemu/config-file.h"
022c62cb 37#include "exec/memory.h"
9c17d615 38#include "sysemu/dma.h"
022c62cb 39#include "exec/address-spaces.h"
53a5960a
PB		 40#if defined(CONFIG_USER_ONLY)
41#include <qemu.h>
432d268c 42#else /* !CONFIG_USER_ONLY */
9c17d615 43#include "sysemu/xen-mapcache.h"
6506e4f9 44#include "trace.h"
53a5960a 45#endif
0d6d3c87 46#include "exec/cpu-all.h"
54936004 47
022c62cb 48#include "exec/cputlb.h"
5b6dd868 49#include "translate-all.h"
0cac1b66 50
022c62cb 51#include "exec/memory-internal.h"
67d95c15 52
db7b5426 53//#define DEBUG_SUBPAGE
1196be37 54
e2eef170 55#if !defined(CONFIG_USER_ONLY)
9fa3e853 56int phys_ram_fd;
74576198 57static int in_migration;
94a6b54f 58
a3161038 59RAMList ram_list = { .blocks = QTAILQ_HEAD_INITIALIZER(ram_list.blocks) };
62152b8a
AK		 60
61static MemoryRegion *system_memory;
309cb471 62static MemoryRegion *system_io;
62152b8a 63
f6790af6
AK		 64AddressSpace address_space_io;
65AddressSpace address_space_memory;
9e11908f 66DMAContext dma_context_memory;
2673a5da 67
0844e007
PB		 68MemoryRegion io_mem_rom, io_mem_notdirty;
69static MemoryRegion io_mem_unassigned, io_mem_subpage_ram;
0e0df1e2 70
e2eef170 71#endif
9fa3e853 72
9349b4f9 73CPUArchState *first_cpu;
6a00d601
FB		 74/* current CPU in the current thread. It is only valid inside
75 cpu_exec() */
9349b4f9 76DEFINE_TLS(CPUArchState *,cpu_single_env);
2e70f6ef 77/* 0 = Do not count executed instructions.
bf20dc07 78 1 = Precise instruction counting.
2e70f6ef 79 2 = Adaptive rate instruction counting. */
5708fc66 80int use_icount;
6a00d601 81
e2eef170 82#if !defined(CONFIG_USER_ONLY)
4346ae3e 83
5312bd8b
AK		 84static MemoryRegionSection *phys_sections;
85static unsigned phys_sections_nb, phys_sections_nb_alloc;
86static uint16_t phys_section_unassigned;
aa102231
AK		 87static uint16_t phys_section_notdirty;
88static uint16_t phys_section_rom;
89static uint16_t phys_section_watch;
5312bd8b 90
d6f2ea22
AK		 91/* Simple allocator for PhysPageEntry nodes */
92static PhysPageEntry (*phys_map_nodes)[L2_SIZE];
93static unsigned phys_map_nodes_nb, phys_map_nodes_nb_alloc;
94
07f07b31 95#define PHYS_MAP_NODE_NIL (((uint16_t)~0) >> 1)
d6f2ea22 96
e2eef170 97static void io_mem_init(void);
62152b8a 98static void memory_map_init(void);
8b9c99d9 99static void *qemu_safe_ram_ptr(ram_addr_t addr);
e2eef170 100
1ec9b909 101static MemoryRegion io_mem_watch;
6658ffb8 102#endif
fd6ce8f6 103
6d9a1304 104#if !defined(CONFIG_USER_ONLY)
d6f2ea22 105
f7bf5461 106static void phys_map_node_reserve(unsigned nodes)
d6f2ea22 107{
f7bf5461 108 if (phys_map_nodes_nb + nodes > phys_map_nodes_nb_alloc) {
d6f2ea22
AK		 109 typedef PhysPageEntry Node[L2_SIZE];
110 phys_map_nodes_nb_alloc = MAX(phys_map_nodes_nb_alloc * 2, 16);
f7bf5461
AK		 111 phys_map_nodes_nb_alloc = MAX(phys_map_nodes_nb_alloc,
112 phys_map_nodes_nb + nodes);
d6f2ea22
AK		 113 phys_map_nodes = g_renew(Node, phys_map_nodes,
114 phys_map_nodes_nb_alloc);
115 }
f7bf5461
AK		 116}
117
118static uint16_t phys_map_node_alloc(void)
119{
120 unsigned i;
121 uint16_t ret;
122
123 ret = phys_map_nodes_nb++;
124 assert(ret != PHYS_MAP_NODE_NIL);
125 assert(ret != phys_map_nodes_nb_alloc);
d6f2ea22 126 for (i = 0; i < L2_SIZE; ++i) {
07f07b31 127 phys_map_nodes[ret][i].is_leaf = 0;
c19e8800 128 phys_map_nodes[ret][i].ptr = PHYS_MAP_NODE_NIL;
d6f2ea22 129 }
f7bf5461 130 return ret;
d6f2ea22
AK		 131}
132
133static void phys_map_nodes_reset(void)
134{
135 phys_map_nodes_nb = 0;
136}
137
92e873b9 138
a8170e5e
AK		 139static void phys_page_set_level(PhysPageEntry *lp, hwaddr *index,
140 hwaddr *nb, uint16_t leaf,
2999097b 141 int level)
f7bf5461
AK		 142{
143 PhysPageEntry *p;
144 int i;
a8170e5e 145 hwaddr step = (hwaddr)1 << (level * L2_BITS);
108c49b8 146
07f07b31 147 if (!lp->is_leaf && lp->ptr == PHYS_MAP_NODE_NIL) {
c19e8800
AK		 148 lp->ptr = phys_map_node_alloc();
149 p = phys_map_nodes[lp->ptr];
f7bf5461
AK		 150 if (level == 0) {
151 for (i = 0; i < L2_SIZE; i++) {
07f07b31 152 p[i].is_leaf = 1;
c19e8800 153 p[i].ptr = phys_section_unassigned;
4346ae3e 154 }
67c4d23c 155 }
f7bf5461 156 } else {
c19e8800 157 p = phys_map_nodes[lp->ptr];
92e873b9 158 }
2999097b 159 lp = &p[(*index >> (level * L2_BITS)) & (L2_SIZE - 1)];
f7bf5461 160
2999097b 161 while (*nb && lp < &p[L2_SIZE]) {
07f07b31
AK		 162 if ((*index & (step - 1)) == 0 && *nb >= step) {
163 lp->is_leaf = true;
c19e8800 164 lp->ptr = leaf;
07f07b31
AK		 165 *index += step;
166 *nb -= step;
2999097b
AK		 167 } else {
168 phys_page_set_level(lp, index, nb, leaf, level - 1);
169 }
170 ++lp;
f7bf5461
AK		 171 }
172}
173
ac1970fb 174static void phys_page_set(AddressSpaceDispatch *d,
a8170e5e 175 hwaddr index, hwaddr nb,
2999097b 176 uint16_t leaf)
f7bf5461 177{
2999097b 178 /* Wildly overreserve - it doesn't matter much. */
07f07b31 179 phys_map_node_reserve(3 * P_L2_LEVELS);
5cd2c5b6 180
ac1970fb 181 phys_page_set_level(&d->phys_map, &index, &nb, leaf, P_L2_LEVELS - 1);
92e873b9
FB		 182}
183
149f54b5 184static MemoryRegionSection *phys_page_find(AddressSpaceDispatch *d, hwaddr index)
92e873b9 185{
ac1970fb 186 PhysPageEntry lp = d->phys_map;
31ab2b4a
AK		 187 PhysPageEntry *p;
188 int i;
f1f6e3b8 189
07f07b31 190 for (i = P_L2_LEVELS - 1; i >= 0 && !lp.is_leaf; i--) {
c19e8800 191 if (lp.ptr == PHYS_MAP_NODE_NIL) {
fd298934 192 return &phys_sections[phys_section_unassigned];
31ab2b4a 193 }
c19e8800 194 p = phys_map_nodes[lp.ptr];
31ab2b4a 195 lp = p[(index >> (i * L2_BITS)) & (L2_SIZE - 1)];
5312bd8b 196 }
fd298934 197 return &phys_sections[lp.ptr];
f3705d53
AK		 198}
199
e5548617
BS		 200bool memory_region_is_unassigned(MemoryRegion *mr)
201{
2a8e7499 202 return mr != &io_mem_rom && mr != &io_mem_notdirty && !mr->rom_device
5b6dd868 203 && mr != &io_mem_watch;
fd6ce8f6 204}
149f54b5
PB		 205
206MemoryRegionSection *address_space_translate(AddressSpace *as, hwaddr addr,
207 hwaddr *xlat, hwaddr *plen,
208 bool is_write)
209{
210 MemoryRegionSection *section;
211 Int128 diff;
212
213 section = phys_page_find(as->dispatch, addr >> TARGET_PAGE_BITS);
214 /* Compute offset within MemoryRegionSection */
215 addr -= section->offset_within_address_space;
216
217 /* Compute offset within MemoryRegion */
218 *xlat = addr + section->offset_within_region;
219
220 diff = int128_sub(section->mr->size, int128_make64(addr));
221 *plen = MIN(int128_get64(diff), *plen);
222 return section;
223}
5b6dd868 224#endif
fd6ce8f6 225
5b6dd868 226void cpu_exec_init_all(void)
fdbb84d1 227{
5b6dd868 228#if !defined(CONFIG_USER_ONLY)
b2a8658e 229 qemu_mutex_init(&ram_list.mutex);
5b6dd868
BS		 230 memory_map_init();
231 io_mem_init();
fdbb84d1 232#endif
5b6dd868 233}
fdbb84d1 234
b170fce3 235#if !defined(CONFIG_USER_ONLY)
5b6dd868
BS		 236
237static int cpu_common_post_load(void *opaque, int version_id)
fd6ce8f6 238{
259186a7 239 CPUState *cpu = opaque;
a513fe19 240
5b6dd868
BS		 241 /* 0x01 was CPU_INTERRUPT_EXIT. This line can be removed when the
242 version_id is increased. */
259186a7
AF		 243 cpu->interrupt_request &= ~0x01;
244 tlb_flush(cpu->env_ptr, 1);
5b6dd868
BS		 245
246 return 0;
a513fe19 247}
7501267e 248
5b6dd868
BS		 249static const VMStateDescription vmstate_cpu_common = {
250 .name = "cpu_common",
251 .version_id = 1,
252 .minimum_version_id = 1,
253 .minimum_version_id_old = 1,
254 .post_load = cpu_common_post_load,
255 .fields = (VMStateField []) {
259186a7
AF		 256 VMSTATE_UINT32(halted, CPUState),
257 VMSTATE_UINT32(interrupt_request, CPUState),
5b6dd868
BS		 258 VMSTATE_END_OF_LIST()
259 }
260};
b170fce3
AF		 261#else
262#define vmstate_cpu_common vmstate_dummy
5b6dd868 263#endif
ea041c0e 264
38d8f5c8 265CPUState *qemu_get_cpu(int index)
ea041c0e 266{
5b6dd868 267 CPUArchState *env = first_cpu;
38d8f5c8 268 CPUState *cpu = NULL;
ea041c0e 269
5b6dd868 270 while (env) {
55e5c285
AF		 271 cpu = ENV_GET_CPU(env);
272 if (cpu->cpu_index == index) {
5b6dd868 273 break;
55e5c285 274 }
5b6dd868 275 env = env->next_cpu;
ea041c0e 276 }
5b6dd868 277
d76fddae 278 return env ? cpu : NULL;
ea041c0e
FB		 279}
280
d6b9e0d6
MT		 281void qemu_for_each_cpu(void (*func)(CPUState *cpu, void *data), void *data)
282{
283 CPUArchState *env = first_cpu;
284
285 while (env) {
286 func(ENV_GET_CPU(env), data);
287 env = env->next_cpu;
288 }
289}
290
5b6dd868 291void cpu_exec_init(CPUArchState *env)
ea041c0e 292{
5b6dd868 293 CPUState *cpu = ENV_GET_CPU(env);
b170fce3 294 CPUClass *cc = CPU_GET_CLASS(cpu);
5b6dd868
BS		 295 CPUArchState **penv;
296 int cpu_index;
297
298#if defined(CONFIG_USER_ONLY)
299 cpu_list_lock();
300#endif
301 env->next_cpu = NULL;
302 penv = &first_cpu;
303 cpu_index = 0;
304 while (*penv != NULL) {
305 penv = &(*penv)->next_cpu;
306 cpu_index++;
307 }
55e5c285 308 cpu->cpu_index = cpu_index;
1b1ed8dc 309 cpu->numa_node = 0;
5b6dd868
BS		 310 QTAILQ_INIT(&env->breakpoints);
311 QTAILQ_INIT(&env->watchpoints);
312#ifndef CONFIG_USER_ONLY
313 cpu->thread_id = qemu_get_thread_id();
314#endif
315 *penv = env;
316#if defined(CONFIG_USER_ONLY)
317 cpu_list_unlock();
318#endif
259186a7 319 vmstate_register(NULL, cpu_index, &vmstate_cpu_common, cpu);
5b6dd868 320#if defined(CPU_SAVE_VERSION) && !defined(CONFIG_USER_ONLY)
5b6dd868
BS		 321 register_savevm(NULL, "cpu", cpu_index, CPU_SAVE_VERSION,
322 cpu_save, cpu_load, env);
b170fce3 323 assert(cc->vmsd == NULL);
5b6dd868 324#endif
b170fce3
AF		 325 if (cc->vmsd != NULL) {
326 vmstate_register(NULL, cpu_index, cc->vmsd, cpu);
327 }
ea041c0e
FB		 328}
329
1fddef4b 330#if defined(TARGET_HAS_ICE)
94df27fd 331#if defined(CONFIG_USER_ONLY)
9349b4f9 332static void breakpoint_invalidate(CPUArchState *env, target_ulong pc)
94df27fd
PB		 333{
334 tb_invalidate_phys_page_range(pc, pc + 1, 0);
335}
336#else
1e7855a5
MF		 337static void breakpoint_invalidate(CPUArchState *env, target_ulong pc)
338{
9d70c4b7
MF		 339 tb_invalidate_phys_addr(cpu_get_phys_page_debug(env, pc) |
340 (pc & ~TARGET_PAGE_MASK));
1e7855a5 341}
c27004ec 342#endif
94df27fd 343#endif /* TARGET_HAS_ICE */
d720b93d 344
c527ee8f 345#if defined(CONFIG_USER_ONLY)
9349b4f9 346void cpu_watchpoint_remove_all(CPUArchState *env, int mask)
c527ee8f
PB		 347
348{
349}
350
9349b4f9 351int cpu_watchpoint_insert(CPUArchState *env, target_ulong addr, target_ulong len,
c527ee8f
PB		 352 int flags, CPUWatchpoint **watchpoint)
353{
354 return -ENOSYS;
355}
356#else
6658ffb8 357/* Add a watchpoint. */
9349b4f9 358int cpu_watchpoint_insert(CPUArchState *env, target_ulong addr, target_ulong len,
a1d1bb31 359 int flags, CPUWatchpoint **watchpoint)
6658ffb8 360{
b4051334 361 target_ulong len_mask = ~(len - 1);
c0ce998e 362 CPUWatchpoint *wp;
6658ffb8 363
b4051334 364 /* sanity checks: allow power-of-2 lengths, deny unaligned watchpoints */
0dc23828
MF		 365 if ((len & (len - 1)) || (addr & ~len_mask) ||
366 len == 0 || len > TARGET_PAGE_SIZE) {
b4051334
AL		 367 fprintf(stderr, "qemu: tried to set invalid watchpoint at "
368 TARGET_FMT_lx ", len=" TARGET_FMT_lu "\n", addr, len);
369 return -EINVAL;
370 }
7267c094 371 wp = g_malloc(sizeof(*wp));
a1d1bb31
AL		 372
373 wp->vaddr = addr;
b4051334 374 wp->len_mask = len_mask;
a1d1bb31
AL		 375 wp->flags = flags;
376
2dc9f411 377 /* keep all GDB-injected watchpoints in front */
c0ce998e 378 if (flags & BP_GDB)
72cf2d4f 379 QTAILQ_INSERT_HEAD(&env->watchpoints, wp, entry);
c0ce998e 380 else
72cf2d4f 381 QTAILQ_INSERT_TAIL(&env->watchpoints, wp, entry);
6658ffb8 382
6658ffb8 383 tlb_flush_page(env, addr);
a1d1bb31
AL		 384
385 if (watchpoint)
386 *watchpoint = wp;
387 return 0;
6658ffb8
PB		 388}
389
a1d1bb31 390/* Remove a specific watchpoint. */
9349b4f9 391int cpu_watchpoint_remove(CPUArchState *env, target_ulong addr, target_ulong len,
a1d1bb31 392 int flags)
6658ffb8 393{
b4051334 394 target_ulong len_mask = ~(len - 1);
a1d1bb31 395 CPUWatchpoint *wp;
6658ffb8 396
72cf2d4f 397 QTAILQ_FOREACH(wp, &env->watchpoints, entry) {
b4051334 398 if (addr == wp->vaddr && len_mask == wp->len_mask
6e140f28 399 && flags == (wp->flags & ~BP_WATCHPOINT_HIT)) {
a1d1bb31 400 cpu_watchpoint_remove_by_ref(env, wp);
6658ffb8
PB		 401 return 0;
402 }
403 }
a1d1bb31 404 return -ENOENT;
6658ffb8
PB		 405}
406
a1d1bb31 407/* Remove a specific watchpoint by reference. */
9349b4f9 408void cpu_watchpoint_remove_by_ref(CPUArchState *env, CPUWatchpoint *watchpoint)
a1d1bb31 409{
72cf2d4f 410 QTAILQ_REMOVE(&env->watchpoints, watchpoint, entry);
7d03f82f 411
a1d1bb31
AL		 412 tlb_flush_page(env, watchpoint->vaddr);
413
7267c094 414 g_free(watchpoint);
a1d1bb31
AL		 415}
416
417/* Remove all matching watchpoints. */
9349b4f9 418void cpu_watchpoint_remove_all(CPUArchState *env, int mask)
a1d1bb31 419{
c0ce998e 420 CPUWatchpoint *wp, *next;
a1d1bb31 421
72cf2d4f 422 QTAILQ_FOREACH_SAFE(wp, &env->watchpoints, entry, next) {
a1d1bb31
AL		 423 if (wp->flags & mask)
424 cpu_watchpoint_remove_by_ref(env, wp);
c0ce998e 425 }
7d03f82f 426}
c527ee8f 427#endif
7d03f82f 428
a1d1bb31 429/* Add a breakpoint. */
9349b4f9 430int cpu_breakpoint_insert(CPUArchState *env, target_ulong pc, int flags,
a1d1bb31 431 CPUBreakpoint **breakpoint)
4c3a88a2 432{
1fddef4b 433#if defined(TARGET_HAS_ICE)
c0ce998e 434 CPUBreakpoint *bp;
3b46e624 435
7267c094 436 bp = g_malloc(sizeof(*bp));
4c3a88a2 437
a1d1bb31
AL		 438 bp->pc = pc;
439 bp->flags = flags;
440
2dc9f411 441 /* keep all GDB-injected breakpoints in front */
c0ce998e 442 if (flags & BP_GDB)
72cf2d4f 443 QTAILQ_INSERT_HEAD(&env->breakpoints, bp, entry);
c0ce998e 444 else
72cf2d4f 445 QTAILQ_INSERT_TAIL(&env->breakpoints, bp, entry);
3b46e624 446
d720b93d 447 breakpoint_invalidate(env, pc);
a1d1bb31
AL		 448
449 if (breakpoint)
450 *breakpoint = bp;
4c3a88a2
FB		 451 return 0;
452#else
a1d1bb31 453 return -ENOSYS;
4c3a88a2
FB		 454#endif
455}
456
a1d1bb31 457/* Remove a specific breakpoint. */
9349b4f9 458int cpu_breakpoint_remove(CPUArchState *env, target_ulong pc, int flags)
a1d1bb31 459{
7d03f82f 460#if defined(TARGET_HAS_ICE)
a1d1bb31
AL		 461 CPUBreakpoint *bp;
462
72cf2d4f 463 QTAILQ_FOREACH(bp, &env->breakpoints, entry) {
a1d1bb31
AL		 464 if (bp->pc == pc && bp->flags == flags) {
465 cpu_breakpoint_remove_by_ref(env, bp);
466 return 0;
467 }
7d03f82f 468 }
a1d1bb31
AL		 469 return -ENOENT;
470#else
471 return -ENOSYS;
7d03f82f
EI		 472#endif
473}
474
a1d1bb31 475/* Remove a specific breakpoint by reference. */
9349b4f9 476void cpu_breakpoint_remove_by_ref(CPUArchState *env, CPUBreakpoint *breakpoint)
4c3a88a2 477{
1fddef4b 478#if defined(TARGET_HAS_ICE)
72cf2d4f 479 QTAILQ_REMOVE(&env->breakpoints, breakpoint, entry);
d720b93d 480
a1d1bb31
AL		 481 breakpoint_invalidate(env, breakpoint->pc);
482
7267c094 483 g_free(breakpoint);
a1d1bb31
AL		 484#endif
485}
486
487/* Remove all matching breakpoints. */
9349b4f9 488void cpu_breakpoint_remove_all(CPUArchState *env, int mask)
a1d1bb31
AL		 489{
490#if defined(TARGET_HAS_ICE)
c0ce998e 491 CPUBreakpoint *bp, *next;
a1d1bb31 492
72cf2d4f 493 QTAILQ_FOREACH_SAFE(bp, &env->breakpoints, entry, next) {
a1d1bb31
AL		 494 if (bp->flags & mask)
495 cpu_breakpoint_remove_by_ref(env, bp);
c0ce998e 496 }
4c3a88a2
FB		 497#endif
498}
499
c33a346e
FB		 500/* enable or disable single step mode. EXCP_DEBUG is returned by the
501 CPU loop after each instruction */
9349b4f9 502void cpu_single_step(CPUArchState *env, int enabled)
c33a346e 503{
1fddef4b 504#if defined(TARGET_HAS_ICE)
c33a346e
FB		 505 if (env->singlestep_enabled != enabled) {
506 env->singlestep_enabled = enabled;
e22a25c9
AL		 507 if (kvm_enabled())
508 kvm_update_guest_debug(env, 0);
509 else {
ccbb4d44 510 /* must flush all the translated code to avoid inconsistencies */
e22a25c9
AL		 511 /* XXX: only flush what is necessary */
512 tb_flush(env);
513 }
c33a346e
FB		 514 }
515#endif
516}
517
9349b4f9 518void cpu_exit(CPUArchState *env)
3098dba0 519{
fcd7d003
AF		 520 CPUState *cpu = ENV_GET_CPU(env);
521
522 cpu->exit_request = 1;
378df4b2 523 cpu->tcg_exit_req = 1;
3098dba0
AJ		 524}
525
9349b4f9 526void cpu_abort(CPUArchState *env, const char *fmt, ...)
7501267e
FB		 527{
528 va_list ap;
493ae1f0 529 va_list ap2;
7501267e
FB		 530
531 va_start(ap, fmt);
493ae1f0 532 va_copy(ap2, ap);
7501267e
FB		 533 fprintf(stderr, "qemu: fatal: ");
534 vfprintf(stderr, fmt, ap);
535 fprintf(stderr, "\n");
6fd2a026 536 cpu_dump_state(env, stderr, fprintf, CPU_DUMP_FPU | CPU_DUMP_CCOP);
93fcfe39
AL		 537 if (qemu_log_enabled()) {
538 qemu_log("qemu: fatal: ");
539 qemu_log_vprintf(fmt, ap2);
540 qemu_log("\n");
6fd2a026 541 log_cpu_state(env, CPU_DUMP_FPU | CPU_DUMP_CCOP);
31b1a7b4 542 qemu_log_flush();
93fcfe39 543 qemu_log_close();
924edcae 544 }
493ae1f0 545 va_end(ap2);
f9373291 546 va_end(ap);
fd052bf6
RV		 547#if defined(CONFIG_USER_ONLY)
548 {
549 struct sigaction act;
550 sigfillset(&act.sa_mask);
551 act.sa_handler = SIG_DFL;
552 sigaction(SIGABRT, &act, NULL);
553 }
554#endif
7501267e
FB		 555 abort();
556}
557
9349b4f9 558CPUArchState *cpu_copy(CPUArchState *env)
c5be9f08 559{
9349b4f9
AF		 560 CPUArchState *new_env = cpu_init(env->cpu_model_str);
561 CPUArchState *next_cpu = new_env->next_cpu;
5a38f081
AL		 562#if defined(TARGET_HAS_ICE)
563 CPUBreakpoint *bp;
564 CPUWatchpoint *wp;
565#endif
566
9349b4f9 567 memcpy(new_env, env, sizeof(CPUArchState));
5a38f081 568
55e5c285 569 /* Preserve chaining. */
c5be9f08 570 new_env->next_cpu = next_cpu;
5a38f081
AL		 571
572 /* Clone all break/watchpoints.
573 Note: Once we support ptrace with hw-debug register access, make sure
574 BP_CPU break/watchpoints are handled correctly on clone. */
72cf2d4f
BS		 575 QTAILQ_INIT(&env->breakpoints);
576 QTAILQ_INIT(&env->watchpoints);
5a38f081 577#if defined(TARGET_HAS_ICE)
72cf2d4f 578 QTAILQ_FOREACH(bp, &env->breakpoints, entry) {
5a38f081
AL		 579 cpu_breakpoint_insert(new_env, bp->pc, bp->flags, NULL);
580 }
72cf2d4f 581 QTAILQ_FOREACH(wp, &env->watchpoints, entry) {
5a38f081
AL		 582 cpu_watchpoint_insert(new_env, wp->vaddr, (~wp->len_mask) + 1,
583 wp->flags, NULL);
584 }
585#endif
586
c5be9f08
TS		 587 return new_env;
588}
589
0124311e 590#if !defined(CONFIG_USER_ONLY)
d24981d3
JQ		 591static void tlb_reset_dirty_range_all(ram_addr_t start, ram_addr_t end,
592 uintptr_t length)
593{
594 uintptr_t start1;
595
596 /* we modify the TLB cache so that the dirty bit will be set again
597 when accessing the range */
598 start1 = (uintptr_t)qemu_safe_ram_ptr(start);
599 /* Check that we don't span multiple blocks - this breaks the
600 address comparisons below. */
601 if ((uintptr_t)qemu_safe_ram_ptr(end - 1) - start1
602 != (end - 1) - start) {
603 abort();
604 }
605 cpu_tlb_reset_dirty_all(start1, length);
606
607}
608
5579c7f3 609/* Note: start and end must be within the same ram block. */
c227f099 610void cpu_physical_memory_reset_dirty(ram_addr_t start, ram_addr_t end,
0a962c02 611 int dirty_flags)
1ccde1cb 612{
d24981d3 613 uintptr_t length;
1ccde1cb
FB		 614
615 start &= TARGET_PAGE_MASK;
616 end = TARGET_PAGE_ALIGN(end);
617
618 length = end - start;
619 if (length == 0)
620 return;
f7c11b53 621 cpu_physical_memory_mask_dirty_range(start, length, dirty_flags);
f23db169 622
d24981d3
JQ		 623 if (tcg_enabled()) {
624 tlb_reset_dirty_range_all(start, end, length);
5579c7f3 625 }
1ccde1cb
FB		 626}
627
8b9c99d9 628static int cpu_physical_memory_set_dirty_tracking(int enable)
74576198 629{
f6f3fbca 630 int ret = 0;
74576198 631 in_migration = enable;
f6f3fbca 632 return ret;
74576198
AL		 633}
634
a8170e5e 635hwaddr memory_region_section_get_iotlb(CPUArchState *env,
149f54b5
PB		 636 MemoryRegionSection *section,
637 target_ulong vaddr,
638 hwaddr paddr, hwaddr xlat,
639 int prot,
640 target_ulong *address)
e5548617 641{
a8170e5e 642 hwaddr iotlb;
e5548617
BS		 643 CPUWatchpoint *wp;
644
cc5bea60 645 if (memory_region_is_ram(section->mr)) {
e5548617
BS		 646 /* Normal RAM. */
647 iotlb = (memory_region_get_ram_addr(section->mr) & TARGET_PAGE_MASK)
149f54b5 648 + xlat;
e5548617
BS		 649 if (!section->readonly) {
650 iotlb |= phys_section_notdirty;
651 } else {
652 iotlb |= phys_section_rom;
653 }
654 } else {
e5548617 655 iotlb = section - phys_sections;
149f54b5 656 iotlb += xlat;
e5548617
BS		 657 }
658
659 /* Make accesses to pages with watchpoints go via the
660 watchpoint trap routines. */
661 QTAILQ_FOREACH(wp, &env->watchpoints, entry) {
662 if (vaddr == (wp->vaddr & TARGET_PAGE_MASK)) {
663 /* Avoid trapping reads of pages with a write breakpoint. */
664 if ((prot & PAGE_WRITE) || (wp->flags & BP_MEM_READ)) {
665 iotlb = phys_section_watch + paddr;
666 *address |= TLB_MMIO;
667 break;
668 }
669 }
670 }
671
672 return iotlb;
673}
9fa3e853
FB		 674#endif /* defined(CONFIG_USER_ONLY) */
675
e2eef170 676#if !defined(CONFIG_USER_ONLY)
8da3ff18 677
c04b2b78
PB		 678#define SUBPAGE_IDX(addr) ((addr) & ~TARGET_PAGE_MASK)
679typedef struct subpage_t {
70c68e44 680 MemoryRegion iomem;
a8170e5e 681 hwaddr base;
5312bd8b 682 uint16_t sub_section[TARGET_PAGE_SIZE];
c04b2b78
PB		 683} subpage_t;
684
c227f099 685static int subpage_register (subpage_t *mmio, uint32_t start, uint32_t end,
5312bd8b 686 uint16_t section);
a8170e5e 687static subpage_t *subpage_init(hwaddr base);
5312bd8b 688static void destroy_page_desc(uint16_t section_index)
54688b1e 689{
5312bd8b
AK		 690 MemoryRegionSection *section = &phys_sections[section_index];
691 MemoryRegion *mr = section->mr;
54688b1e
AK		 692
693 if (mr->subpage) {
694 subpage_t *subpage = container_of(mr, subpage_t, iomem);
695 memory_region_destroy(&subpage->iomem);
696 g_free(subpage);
697 }
698}
699
4346ae3e 700static void destroy_l2_mapping(PhysPageEntry *lp, unsigned level)
54688b1e
AK		 701{
702 unsigned i;
d6f2ea22 703 PhysPageEntry *p;
54688b1e 704
c19e8800 705 if (lp->ptr == PHYS_MAP_NODE_NIL) {
54688b1e
AK		 706 return;
707 }
708
c19e8800 709 p = phys_map_nodes[lp->ptr];
4346ae3e 710 for (i = 0; i < L2_SIZE; ++i) {
07f07b31 711 if (!p[i].is_leaf) {
54688b1e 712 destroy_l2_mapping(&p[i], level - 1);
4346ae3e 713 } else {
c19e8800 714 destroy_page_desc(p[i].ptr);
54688b1e 715 }
54688b1e 716 }
07f07b31 717 lp->is_leaf = 0;
c19e8800 718 lp->ptr = PHYS_MAP_NODE_NIL;
54688b1e
AK		 719}
720
ac1970fb 721static void destroy_all_mappings(AddressSpaceDispatch *d)
54688b1e 722{
ac1970fb 723 destroy_l2_mapping(&d->phys_map, P_L2_LEVELS - 1);
d6f2ea22 724 phys_map_nodes_reset();
54688b1e
AK		 725}
726
5312bd8b
AK		 727static uint16_t phys_section_add(MemoryRegionSection *section)
728{
68f3f65b
PB		 729 /* The physical section number is ORed with a page-aligned
730 * pointer to produce the iotlb entries. Thus it should
731 * never overflow into the page-aligned value.
732 */
733 assert(phys_sections_nb < TARGET_PAGE_SIZE);
734
5312bd8b
AK		 735 if (phys_sections_nb == phys_sections_nb_alloc) {
736 phys_sections_nb_alloc = MAX(phys_sections_nb_alloc * 2, 16);
737 phys_sections = g_renew(MemoryRegionSection, phys_sections,
738 phys_sections_nb_alloc);
739 }
740 phys_sections[phys_sections_nb] = *section;
741 return phys_sections_nb++;
742}
743
744static void phys_sections_clear(void)
745{
746 phys_sections_nb = 0;
747}
748
ac1970fb 749static void register_subpage(AddressSpaceDispatch *d, MemoryRegionSection *section)
0f0cb164
AK		 750{
751 subpage_t *subpage;
a8170e5e 752 hwaddr base = section->offset_within_address_space
0f0cb164 753 & TARGET_PAGE_MASK;
ac1970fb 754 MemoryRegionSection *existing = phys_page_find(d, base >> TARGET_PAGE_BITS);
0f0cb164
AK		 755 MemoryRegionSection subsection = {
756 .offset_within_address_space = base,
757 .size = TARGET_PAGE_SIZE,
758 };
a8170e5e 759 hwaddr start, end;
0f0cb164 760
f3705d53 761 assert(existing->mr->subpage || existing->mr == &io_mem_unassigned);
0f0cb164 762
f3705d53 763 if (!(existing->mr->subpage)) {
0f0cb164
AK		 764 subpage = subpage_init(base);
765 subsection.mr = &subpage->iomem;
ac1970fb 766 phys_page_set(d, base >> TARGET_PAGE_BITS, 1,
2999097b 767 phys_section_add(&subsection));
0f0cb164 768 } else {
f3705d53 769 subpage = container_of(existing->mr, subpage_t, iomem);
0f0cb164
AK		 770 }
771 start = section->offset_within_address_space & ~TARGET_PAGE_MASK;
adb2a9b5 772 end = start + section->size - 1;
0f0cb164
AK		 773 subpage_register(subpage, start, end, phys_section_add(section));
774}
775
776
ac1970fb 777static void register_multipage(AddressSpaceDispatch *d, MemoryRegionSection *section)
33417e70 778{
a8170e5e 779 hwaddr start_addr = section->offset_within_address_space;
dd81124b 780 ram_addr_t size = section->size;
a8170e5e 781 hwaddr addr;
5312bd8b 782 uint16_t section_index = phys_section_add(section);
dd81124b 783
3b8e6a2d 784 assert(size);
f6f3fbca 785
3b8e6a2d 786 addr = start_addr;
ac1970fb 787 phys_page_set(d, addr >> TARGET_PAGE_BITS, size >> TARGET_PAGE_BITS,
2999097b 788 section_index);
33417e70
FB		 789}
790
86a86236
AK		 791QEMU_BUILD_BUG_ON(TARGET_PHYS_ADDR_SPACE_BITS > MAX_PHYS_ADDR_SPACE_BITS)
792
793static MemoryRegionSection limit(MemoryRegionSection section)
794{
795 section.size = MIN(section.offset_within_address_space + section.size,
796 MAX_PHYS_ADDR + 1)
797 - section.offset_within_address_space;
798
799 return section;
800}
801
ac1970fb 802static void mem_add(MemoryListener *listener, MemoryRegionSection *section)
0f0cb164 803{
ac1970fb 804 AddressSpaceDispatch *d = container_of(listener, AddressSpaceDispatch, listener);
86a86236 805 MemoryRegionSection now = limit(*section), remain = limit(*section);
0f0cb164
AK		 806
807 if ((now.offset_within_address_space & ~TARGET_PAGE_MASK)
808 || (now.size < TARGET_PAGE_SIZE)) {
809 now.size = MIN(TARGET_PAGE_ALIGN(now.offset_within_address_space)
810 - now.offset_within_address_space,
811 now.size);
ac1970fb 812 register_subpage(d, &now);
0f0cb164
AK		 813 remain.size -= now.size;
814 remain.offset_within_address_space += now.size;
815 remain.offset_within_region += now.size;
816 }
69b67646
TH		 817 while (remain.size >= TARGET_PAGE_SIZE) {
818 now = remain;
819 if (remain.offset_within_region & ~TARGET_PAGE_MASK) {
820 now.size = TARGET_PAGE_SIZE;
ac1970fb 821 register_subpage(d, &now);
69b67646
TH		 822 } else {
823 now.size &= TARGET_PAGE_MASK;
ac1970fb 824 register_multipage(d, &now);
69b67646 825 }
0f0cb164
AK		 826 remain.size -= now.size;
827 remain.offset_within_address_space += now.size;
828 remain.offset_within_region += now.size;
829 }
830 now = remain;
831 if (now.size) {
ac1970fb 832 register_subpage(d, &now);
0f0cb164
AK		 833 }
834}
835
62a2744c
SY		 836void qemu_flush_coalesced_mmio_buffer(void)
837{
838 if (kvm_enabled())
839 kvm_flush_coalesced_mmio_buffer();
840}
841
b2a8658e
UD		 842void qemu_mutex_lock_ramlist(void)
843{
844 qemu_mutex_lock(&ram_list.mutex);
845}
846
847void qemu_mutex_unlock_ramlist(void)
848{
849 qemu_mutex_unlock(&ram_list.mutex);
850}
851
c902760f
MT		 852#if defined(__linux__) && !defined(TARGET_S390X)
853
854#include <sys/vfs.h>
855
856#define HUGETLBFS_MAGIC 0x958458f6
857
858static long gethugepagesize(const char *path)
859{
860 struct statfs fs;
861 int ret;
862
863 do {
9742bf26 864 ret = statfs(path, &fs);
c902760f
MT		 865 } while (ret != 0 && errno == EINTR);
866
867 if (ret != 0) {
9742bf26
YT		 868 perror(path);
869 return 0;
c902760f
MT		 870 }
871
872 if (fs.f_type != HUGETLBFS_MAGIC)
9742bf26 873 fprintf(stderr, "Warning: path not on HugeTLBFS: %s\n", path);
c902760f
MT		 874
875 return fs.f_bsize;
876}
877
04b16653
AW		 878static void *file_ram_alloc(RAMBlock *block,
879 ram_addr_t memory,
880 const char *path)
c902760f
MT		 881{
882 char *filename;
8ca761f6
PF		 883 char *sanitized_name;
884 char *c;
c902760f
MT		 885 void *area;
886 int fd;
887#ifdef MAP_POPULATE
888 int flags;
889#endif
890 unsigned long hpagesize;
891
892 hpagesize = gethugepagesize(path);
893 if (!hpagesize) {
9742bf26 894 return NULL;
c902760f
MT		 895 }
896
897 if (memory < hpagesize) {
898 return NULL;
899 }
900
901 if (kvm_enabled() && !kvm_has_sync_mmu()) {
902 fprintf(stderr, "host lacks kvm mmu notifiers, -mem-path unsupported\n");
903 return NULL;
904 }
905
8ca761f6
PF		 906 /* Make name safe to use with mkstemp by replacing '/' with '_'. */
907 sanitized_name = g_strdup(block->mr->name);
908 for (c = sanitized_name; *c != '\0'; c++) {
909 if (*c == '/')
910 *c = '_';
911 }
912
913 filename = g_strdup_printf("%s/qemu_back_mem.%s.XXXXXX", path,
914 sanitized_name);
915 g_free(sanitized_name);
c902760f
MT		 916
917 fd = mkstemp(filename);
918 if (fd < 0) {
9742bf26 919 perror("unable to create backing store for hugepages");
e4ada482 920 g_free(filename);
9742bf26 921 return NULL;
c902760f
MT		 922 }
923 unlink(filename);
e4ada482 924 g_free(filename);
c902760f
MT		 925
926 memory = (memory+hpagesize-1) & ~(hpagesize-1);
927
928 /*
929 * ftruncate is not supported by hugetlbfs in older
930 * hosts, so don't bother bailing out on errors.
931 * If anything goes wrong with it under other filesystems,
932 * mmap will fail.
933 */
934 if (ftruncate(fd, memory))
9742bf26 935 perror("ftruncate");
c902760f
MT		 936
937#ifdef MAP_POPULATE
938 /* NB: MAP_POPULATE won't exhaustively alloc all phys pages in the case
939 * MAP_PRIVATE is requested. For mem_prealloc we mmap as MAP_SHARED
940 * to sidestep this quirk.
941 */
942 flags = mem_prealloc ? MAP_POPULATE | MAP_SHARED : MAP_PRIVATE;
943 area = mmap(0, memory, PROT_READ | PROT_WRITE, flags, fd, 0);
944#else
945 area = mmap(0, memory, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
946#endif
947 if (area == MAP_FAILED) {
9742bf26
YT		 948 perror("file_ram_alloc: can't mmap RAM pages");
949 close(fd);
950 return (NULL);
c902760f 951 }
04b16653 952 block->fd = fd;
c902760f
MT		 953 return area;
954}
955#endif
956
d17b5288 957static ram_addr_t find_ram_offset(ram_addr_t size)
04b16653
AW		 958{
959 RAMBlock *block, *next_block;
3e837b2c 960 ram_addr_t offset = RAM_ADDR_MAX, mingap = RAM_ADDR_MAX;
04b16653 961
49cd9ac6
SH		 962 assert(size != 0); /* it would hand out same offset multiple times */
963
a3161038 964 if (QTAILQ_EMPTY(&ram_list.blocks))
04b16653
AW		 965 return 0;
966
a3161038 967 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
f15fbc4b 968 ram_addr_t end, next = RAM_ADDR_MAX;
04b16653
AW		 969
970 end = block->offset + block->length;
971
a3161038 972 QTAILQ_FOREACH(next_block, &ram_list.blocks, next) {
04b16653
AW		 973 if (next_block->offset >= end) {
974 next = MIN(next, next_block->offset);
975 }
976 }
977 if (next - end >= size && next - end < mingap) {
3e837b2c 978 offset = end;
04b16653
AW		 979 mingap = next - end;
980 }
981 }
3e837b2c
AW		 982
983 if (offset == RAM_ADDR_MAX) {
984 fprintf(stderr, "Failed to find gap of requested size: %" PRIu64 "\n",
985 (uint64_t)size);
986 abort();
987 }
988
04b16653
AW		 989 return offset;
990}
991
652d7ec2 992ram_addr_t last_ram_offset(void)
d17b5288
AW		 993{
994 RAMBlock *block;
995 ram_addr_t last = 0;
996
a3161038 997 QTAILQ_FOREACH(block, &ram_list.blocks, next)
d17b5288
AW		 998 last = MAX(last, block->offset + block->length);
999
1000 return last;
1001}
1002
ddb97f1d
JB		 1003static void qemu_ram_setup_dump(void *addr, ram_addr_t size)
1004{
1005 int ret;
1006 QemuOpts *machine_opts;
1007
1008 /* Use MADV_DONTDUMP, if user doesn't want the guest memory in the core */
1009 machine_opts = qemu_opts_find(qemu_find_opts("machine"), 0);
1010 if (machine_opts &&
1011 !qemu_opt_get_bool(machine_opts, "dump-guest-core", true)) {
1012 ret = qemu_madvise(addr, size, QEMU_MADV_DONTDUMP);
1013 if (ret) {
1014 perror("qemu_madvise");
1015 fprintf(stderr, "madvise doesn't support MADV_DONTDUMP, "
1016 "but dump_guest_core=off specified\n");
1017 }
1018 }
1019}
1020
c5705a77 1021void qemu_ram_set_idstr(ram_addr_t addr, const char *name, DeviceState *dev)
84b89d78
CM		 1022{
1023 RAMBlock *new_block, *block;
1024
c5705a77 1025 new_block = NULL;
a3161038 1026 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
c5705a77
AK		 1027 if (block->offset == addr) {
1028 new_block = block;
1029 break;
1030 }
1031 }
1032 assert(new_block);
1033 assert(!new_block->idstr[0]);
84b89d78 1034
09e5ab63
AL		 1035 if (dev) {
1036 char *id = qdev_get_dev_path(dev);
84b89d78
CM		 1037 if (id) {
1038 snprintf(new_block->idstr, sizeof(new_block->idstr), "%s/", id);
7267c094 1039 g_free(id);
84b89d78
CM		 1040 }
1041 }
1042 pstrcat(new_block->idstr, sizeof(new_block->idstr), name);
1043
b2a8658e
UD		 1044 /* This assumes the iothread lock is taken here too. */
1045 qemu_mutex_lock_ramlist();
a3161038 1046 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
c5705a77 1047 if (block != new_block && !strcmp(block->idstr, new_block->idstr)) {
84b89d78
CM		 1048 fprintf(stderr, "RAMBlock \"%s\" already registered, abort!\n",
1049 new_block->idstr);
1050 abort();
1051 }
1052 }
b2a8658e 1053 qemu_mutex_unlock_ramlist();
c5705a77
AK		 1054}
1055
8490fc78
LC		 1056static int memory_try_enable_merging(void *addr, size_t len)
1057{
1058 QemuOpts *opts;
1059
1060 opts = qemu_opts_find(qemu_find_opts("machine"), 0);
1061 if (opts && !qemu_opt_get_bool(opts, "mem-merge", true)) {
1062 /* disabled by the user */
1063 return 0;
1064 }
1065
1066 return qemu_madvise(addr, len, QEMU_MADV_MERGEABLE);
1067}
1068
c5705a77
AK		 1069ram_addr_t qemu_ram_alloc_from_ptr(ram_addr_t size, void *host,
1070 MemoryRegion *mr)
1071{
abb26d63 1072 RAMBlock *block, *new_block;
c5705a77
AK		 1073
1074 size = TARGET_PAGE_ALIGN(size);
1075 new_block = g_malloc0(sizeof(*new_block));
84b89d78 1076
b2a8658e
UD		 1077 /* This assumes the iothread lock is taken here too. */
1078 qemu_mutex_lock_ramlist();
7c637366 1079 new_block->mr = mr;
432d268c 1080 new_block->offset = find_ram_offset(size);
6977dfe6
YT		 1081 if (host) {
1082 new_block->host = host;
cd19cfa2 1083 new_block->flags |= RAM_PREALLOC_MASK;
6977dfe6
YT		 1084 } else {
1085 if (mem_path) {
c902760f 1086#if defined (__linux__) && !defined(TARGET_S390X)
6977dfe6
YT		 1087 new_block->host = file_ram_alloc(new_block, size, mem_path);
1088 if (!new_block->host) {
6eebf958 1089 new_block->host = qemu_anon_ram_alloc(size);
8490fc78 1090 memory_try_enable_merging(new_block->host, size);
6977dfe6 1091 }
c902760f 1092#else
6977dfe6
YT		 1093 fprintf(stderr, "-mem-path option unsupported\n");
1094 exit(1);
c902760f 1095#endif
6977dfe6 1096 } else {
868bb33f 1097 if (xen_enabled()) {
fce537d4 1098 xen_ram_alloc(new_block->offset, size, mr);
fdec9918
CB		 1099 } else if (kvm_enabled()) {
1100 /* some s390/kvm configurations have special constraints */
6eebf958 1101 new_block->host = kvm_ram_alloc(size);
432d268c 1102 } else {
6eebf958 1103 new_block->host = qemu_anon_ram_alloc(size);
432d268c 1104 }
8490fc78 1105 memory_try_enable_merging(new_block->host, size);
6977dfe6 1106 }
c902760f 1107 }
94a6b54f
PB		 1108 new_block->length = size;
1109
abb26d63
PB		 1110 /* Keep the list sorted from biggest to smallest block. */
1111 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1112 if (block->length < new_block->length) {
1113 break;
1114 }
1115 }
1116 if (block) {
1117 QTAILQ_INSERT_BEFORE(block, new_block, next);
1118 } else {
1119 QTAILQ_INSERT_TAIL(&ram_list.blocks, new_block, next);
1120 }
0d6d3c87 1121 ram_list.mru_block = NULL;
94a6b54f 1122
f798b07f 1123 ram_list.version++;
b2a8658e 1124 qemu_mutex_unlock_ramlist();
f798b07f 1125
7267c094 1126 ram_list.phys_dirty = g_realloc(ram_list.phys_dirty,
04b16653 1127 last_ram_offset() >> TARGET_PAGE_BITS);
5fda043f
IM		 1128 memset(ram_list.phys_dirty + (new_block->offset >> TARGET_PAGE_BITS),
1129 0, size >> TARGET_PAGE_BITS);
1720aeee 1130 cpu_physical_memory_set_dirty_range(new_block->offset, size, 0xff);
94a6b54f 1131
ddb97f1d 1132 qemu_ram_setup_dump(new_block->host, size);
ad0b5321 1133 qemu_madvise(new_block->host, size, QEMU_MADV_HUGEPAGE);
ddb97f1d 1134
6f0437e8
JK		 1135 if (kvm_enabled())
1136 kvm_setup_guest_memory(new_block->host, size);
1137
94a6b54f
PB		 1138 return new_block->offset;
1139}
e9a1ab19 1140
c5705a77 1141ram_addr_t qemu_ram_alloc(ram_addr_t size, MemoryRegion *mr)
6977dfe6 1142{
c5705a77 1143 return qemu_ram_alloc_from_ptr(size, NULL, mr);
6977dfe6
YT		 1144}
1145
1f2e98b6
AW		 1146void qemu_ram_free_from_ptr(ram_addr_t addr)
1147{
1148 RAMBlock *block;
1149
b2a8658e
UD		 1150 /* This assumes the iothread lock is taken here too. */
1151 qemu_mutex_lock_ramlist();
a3161038 1152 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1f2e98b6 1153 if (addr == block->offset) {
a3161038 1154 QTAILQ_REMOVE(&ram_list.blocks, block, next);
0d6d3c87 1155 ram_list.mru_block = NULL;
f798b07f 1156 ram_list.version++;
7267c094 1157 g_free(block);
b2a8658e 1158 break;
1f2e98b6
AW		 1159 }
1160 }
b2a8658e 1161 qemu_mutex_unlock_ramlist();
1f2e98b6
AW		 1162}
1163
c227f099 1164void qemu_ram_free(ram_addr_t addr)
e9a1ab19 1165{
04b16653
AW		 1166 RAMBlock *block;
1167
b2a8658e
UD		 1168 /* This assumes the iothread lock is taken here too. */
1169 qemu_mutex_lock_ramlist();
a3161038 1170 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
04b16653 1171 if (addr == block->offset) {
a3161038 1172 QTAILQ_REMOVE(&ram_list.blocks, block, next);
0d6d3c87 1173 ram_list.mru_block = NULL;
f798b07f 1174 ram_list.version++;
cd19cfa2
HY		 1175 if (block->flags & RAM_PREALLOC_MASK) {
1176 ;
1177 } else if (mem_path) {
04b16653
AW		 1178#if defined (__linux__) && !defined(TARGET_S390X)
1179 if (block->fd) {
1180 munmap(block->host, block->length);
1181 close(block->fd);
1182 } else {
e7a09b92 1183 qemu_anon_ram_free(block->host, block->length);
04b16653 1184 }
fd28aa13
JK		 1185#else
1186 abort();
04b16653
AW		 1187#endif
1188 } else {
868bb33f 1189 if (xen_enabled()) {
e41d7c69 1190 xen_invalidate_map_cache_entry(block->host);
432d268c 1191 } else {
e7a09b92 1192 qemu_anon_ram_free(block->host, block->length);
432d268c 1193 }
04b16653 1194 }
7267c094 1195 g_free(block);
b2a8658e 1196 break;
04b16653
AW		 1197 }
1198 }
b2a8658e 1199 qemu_mutex_unlock_ramlist();
04b16653 1200
e9a1ab19
FB		 1201}
1202
cd19cfa2
HY		 1203#ifndef _WIN32
1204void qemu_ram_remap(ram_addr_t addr, ram_addr_t length)
1205{
1206 RAMBlock *block;
1207 ram_addr_t offset;
1208 int flags;
1209 void *area, *vaddr;
1210
a3161038 1211 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
cd19cfa2
HY		 1212 offset = addr - block->offset;
1213 if (offset < block->length) {
1214 vaddr = block->host + offset;
1215 if (block->flags & RAM_PREALLOC_MASK) {
1216 ;
1217 } else {
1218 flags = MAP_FIXED;
1219 munmap(vaddr, length);
1220 if (mem_path) {
1221#if defined(__linux__) && !defined(TARGET_S390X)
1222 if (block->fd) {
1223#ifdef MAP_POPULATE
1224 flags |= mem_prealloc ? MAP_POPULATE | MAP_SHARED :
1225 MAP_PRIVATE;
1226#else
1227 flags |= MAP_PRIVATE;
1228#endif
1229 area = mmap(vaddr, length, PROT_READ | PROT_WRITE,
1230 flags, block->fd, offset);
1231 } else {
1232 flags |= MAP_PRIVATE | MAP_ANONYMOUS;
1233 area = mmap(vaddr, length, PROT_READ | PROT_WRITE,
1234 flags, -1, 0);
1235 }
fd28aa13
JK		 1236#else
1237 abort();
cd19cfa2
HY		 1238#endif
1239 } else {
1240#if defined(TARGET_S390X) && defined(CONFIG_KVM)
1241 flags |= MAP_SHARED | MAP_ANONYMOUS;
1242 area = mmap(vaddr, length, PROT_EXEC|PROT_READ|PROT_WRITE,
1243 flags, -1, 0);
1244#else
1245 flags |= MAP_PRIVATE | MAP_ANONYMOUS;
1246 area = mmap(vaddr, length, PROT_READ | PROT_WRITE,
1247 flags, -1, 0);
1248#endif
1249 }
1250 if (area != vaddr) {
f15fbc4b
AP		 1251 fprintf(stderr, "Could not remap addr: "
1252 RAM_ADDR_FMT "@" RAM_ADDR_FMT "\n",
cd19cfa2
HY		 1253 length, addr);
1254 exit(1);
1255 }
8490fc78 1256 memory_try_enable_merging(vaddr, length);
ddb97f1d 1257 qemu_ram_setup_dump(vaddr, length);
cd19cfa2
HY		 1258 }
1259 return;
1260 }
1261 }
1262}
1263#endif /* !_WIN32 */
1264
dc828ca1 1265/* Return a host pointer to ram allocated with qemu_ram_alloc.
5579c7f3
PB		 1266 With the exception of the softmmu code in this file, this should
1267 only be used for local memory (e.g. video ram) that the device owns,
1268 and knows it isn't going to access beyond the end of the block.
1269
1270 It should not be used for general purpose DMA.
1271 Use cpu_physical_memory_map/cpu_physical_memory_rw instead.
1272 */
c227f099 1273void *qemu_get_ram_ptr(ram_addr_t addr)
dc828ca1 1274{
94a6b54f
PB		 1275 RAMBlock *block;
1276
b2a8658e 1277 /* The list is protected by the iothread lock here. */
0d6d3c87
PB		 1278 block = ram_list.mru_block;
1279 if (block && addr - block->offset < block->length) {
1280 goto found;
1281 }
a3161038 1282 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
f471a17e 1283 if (addr - block->offset < block->length) {
0d6d3c87 1284 goto found;
f471a17e 1285 }
94a6b54f 1286 }
f471a17e
AW		 1287
1288 fprintf(stderr, "Bad ram offset %" PRIx64 "\n", (uint64_t)addr);
1289 abort();
1290
0d6d3c87
PB		 1291found:
1292 ram_list.mru_block = block;
1293 if (xen_enabled()) {
1294 /* We need to check if the requested address is in the RAM
1295 * because we don't want to map the entire memory in QEMU.
1296 * In that case just map until the end of the page.
1297 */
1298 if (block->offset == 0) {
1299 return xen_map_cache(addr, 0, 0);
1300 } else if (block->host == NULL) {
1301 block->host =
1302 xen_map_cache(block->offset, block->length, 1);
1303 }
1304 }
1305 return block->host + (addr - block->offset);
dc828ca1
PB		 1306}
1307
0d6d3c87
PB		 1308/* Return a host pointer to ram allocated with qemu_ram_alloc. Same as
1309 * qemu_get_ram_ptr but do not touch ram_list.mru_block.
1310 *
1311 * ??? Is this still necessary?
b2e0a138 1312 */
8b9c99d9 1313static void *qemu_safe_ram_ptr(ram_addr_t addr)
b2e0a138
MT		 1314{
1315 RAMBlock *block;
1316
b2a8658e 1317 /* The list is protected by the iothread lock here. */
a3161038 1318 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
b2e0a138 1319 if (addr - block->offset < block->length) {
868bb33f 1320 if (xen_enabled()) {
432d268c
JN		 1321 /* We need to check if the requested address is in the RAM
1322 * because we don't want to map the entire memory in QEMU.
712c2b41 1323 * In that case just map until the end of the page.
432d268c
JN		 1324 */
1325 if (block->offset == 0) {
e41d7c69 1326 return xen_map_cache(addr, 0, 0);
432d268c 1327 } else if (block->host == NULL) {
e41d7c69
JK		 1328 block->host =
1329 xen_map_cache(block->offset, block->length, 1);
432d268c
JN		 1330 }
1331 }
b2e0a138
MT		 1332 return block->host + (addr - block->offset);
1333 }
1334 }
1335
1336 fprintf(stderr, "Bad ram offset %" PRIx64 "\n", (uint64_t)addr);
1337 abort();
1338
1339 return NULL;
1340}
1341
38bee5dc
SS		 1342/* Return a host pointer to guest's ram. Similar to qemu_get_ram_ptr
1343 * but takes a size argument */
8b9c99d9 1344static void *qemu_ram_ptr_length(ram_addr_t addr, ram_addr_t *size)
38bee5dc 1345{
8ab934f9
SS		 1346 if (*size == 0) {
1347 return NULL;
1348 }
868bb33f 1349 if (xen_enabled()) {
e41d7c69 1350 return xen_map_cache(addr, *size, 1);
868bb33f 1351 } else {
38bee5dc
SS		 1352 RAMBlock *block;
1353
a3161038 1354 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
38bee5dc
SS		 1355 if (addr - block->offset < block->length) {
1356 if (addr - block->offset + *size > block->length)
1357 *size = block->length - addr + block->offset;
1358 return block->host + (addr - block->offset);
1359 }
1360 }
1361
1362 fprintf(stderr, "Bad ram offset %" PRIx64 "\n", (uint64_t)addr);
1363 abort();
38bee5dc
SS		 1364 }
1365}
1366
e890261f 1367int qemu_ram_addr_from_host(void *ptr, ram_addr_t *ram_addr)
5579c7f3 1368{
94a6b54f
PB		 1369 RAMBlock *block;
1370 uint8_t *host = ptr;
1371
868bb33f 1372 if (xen_enabled()) {
e41d7c69 1373 *ram_addr = xen_ram_addr_from_mapcache(ptr);
712c2b41
SS		 1374 return 0;
1375 }
1376
a3161038 1377 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
432d268c
JN		 1378 /* This case append when the block is not mapped. */
1379 if (block->host == NULL) {
1380 continue;
1381 }
f471a17e 1382 if (host - block->host < block->length) {
e890261f
MT		 1383 *ram_addr = block->offset + (host - block->host);
1384 return 0;
f471a17e 1385 }
94a6b54f 1386 }
432d268c 1387
e890261f
MT		 1388 return -1;
1389}
f471a17e 1390
e890261f
MT		 1391/* Some of the softmmu routines need to translate from a host pointer
1392 (typically a TLB entry) back to a ram offset. */
1393ram_addr_t qemu_ram_addr_from_host_nofail(void *ptr)
1394{
1395 ram_addr_t ram_addr;
f471a17e 1396
e890261f
MT		 1397 if (qemu_ram_addr_from_host(ptr, &ram_addr)) {
1398 fprintf(stderr, "Bad ram pointer %p\n", ptr);
1399 abort();
1400 }
1401 return ram_addr;
5579c7f3
PB		 1402}
1403
a8170e5e 1404static void notdirty_mem_write(void *opaque, hwaddr ram_addr,
0e0df1e2 1405 uint64_t val, unsigned size)
9fa3e853 1406{
3a7d929e 1407 int dirty_flags;
f7c11b53 1408 dirty_flags = cpu_physical_memory_get_dirty_flags(ram_addr);
3a7d929e 1409 if (!(dirty_flags & CODE_DIRTY_FLAG)) {
0e0df1e2 1410 tb_invalidate_phys_page_fast(ram_addr, size);
f7c11b53 1411 dirty_flags = cpu_physical_memory_get_dirty_flags(ram_addr);
3a7d929e 1412 }
0e0df1e2
AK		 1413 switch (size) {
1414 case 1:
1415 stb_p(qemu_get_ram_ptr(ram_addr), val);
1416 break;
1417 case 2:
1418 stw_p(qemu_get_ram_ptr(ram_addr), val);
1419 break;
1420 case 4:
1421 stl_p(qemu_get_ram_ptr(ram_addr), val);
1422 break;
1423 default:
1424 abort();
3a7d929e 1425 }
f23db169 1426 dirty_flags |= (0xff & ~CODE_DIRTY_FLAG);
f7c11b53 1427 cpu_physical_memory_set_dirty_flags(ram_addr, dirty_flags);
f23db169
FB		 1428 /* we remove the notdirty callback only if the code has been
1429 flushed */
1430 if (dirty_flags == 0xff)
2e70f6ef 1431 tlb_set_dirty(cpu_single_env, cpu_single_env->mem_io_vaddr);
9fa3e853
FB		 1432}
1433
b018ddf6
PB		 1434static bool notdirty_mem_accepts(void *opaque, hwaddr addr,
1435 unsigned size, bool is_write)
1436{
1437 return is_write;
1438}
1439
0e0df1e2 1440static const MemoryRegionOps notdirty_mem_ops = {
0e0df1e2 1441 .write = notdirty_mem_write,
b018ddf6 1442 .valid.accepts = notdirty_mem_accepts,
0e0df1e2 1443 .endianness = DEVICE_NATIVE_ENDIAN,
1ccde1cb
FB		 1444};
1445
0f459d16 1446/* Generate a debug exception if a watchpoint has been hit. */
b4051334 1447static void check_watchpoint(int offset, int len_mask, int flags)
0f459d16 1448{
9349b4f9 1449 CPUArchState *env = cpu_single_env;
06d55cc1 1450 target_ulong pc, cs_base;
0f459d16 1451 target_ulong vaddr;
a1d1bb31 1452 CPUWatchpoint *wp;
06d55cc1 1453 int cpu_flags;
0f459d16 1454
06d55cc1
AL		 1455 if (env->watchpoint_hit) {
1456 /* We re-entered the check after replacing the TB. Now raise
1457 * the debug interrupt so that is will trigger after the
1458 * current instruction. */
c3affe56 1459 cpu_interrupt(ENV_GET_CPU(env), CPU_INTERRUPT_DEBUG);
06d55cc1
AL		 1460 return;
1461 }
2e70f6ef 1462 vaddr = (env->mem_io_vaddr & TARGET_PAGE_MASK) + offset;
72cf2d4f 1463 QTAILQ_FOREACH(wp, &env->watchpoints, entry) {
b4051334
AL		 1464 if ((vaddr == (wp->vaddr & len_mask) ||
1465 (vaddr & wp->len_mask) == wp->vaddr) && (wp->flags & flags)) {
6e140f28
AL		 1466 wp->flags |= BP_WATCHPOINT_HIT;
1467 if (!env->watchpoint_hit) {
1468 env->watchpoint_hit = wp;
5a316526 1469 tb_check_watchpoint(env);
6e140f28
AL		 1470 if (wp->flags & BP_STOP_BEFORE_ACCESS) {
1471 env->exception_index = EXCP_DEBUG;
488d6577 1472 cpu_loop_exit(env);
6e140f28
AL		 1473 } else {
1474 cpu_get_tb_cpu_state(env, &pc, &cs_base, &cpu_flags);
1475 tb_gen_code(env, pc, cs_base, cpu_flags, 1);
488d6577 1476 cpu_resume_from_signal(env, NULL);
6e140f28 1477 }
06d55cc1 1478 }
6e140f28
AL		 1479 } else {
1480 wp->flags &= ~BP_WATCHPOINT_HIT;
0f459d16
PB		 1481 }
1482 }
1483}
1484
6658ffb8
PB		 1485/* Watchpoint access routines. Watchpoints are inserted using TLB tricks,
1486 so these check for a hit then pass through to the normal out-of-line
1487 phys routines. */
a8170e5e 1488static uint64_t watch_mem_read(void *opaque, hwaddr addr,
1ec9b909 1489 unsigned size)
6658ffb8 1490{
1ec9b909
AK		 1491 check_watchpoint(addr & ~TARGET_PAGE_MASK, ~(size - 1), BP_MEM_READ);
1492 switch (size) {
1493 case 1: return ldub_phys(addr);
1494 case 2: return lduw_phys(addr);
1495 case 4: return ldl_phys(addr);
1496 default: abort();
1497 }
6658ffb8
PB		 1498}
1499
a8170e5e 1500static void watch_mem_write(void *opaque, hwaddr addr,
1ec9b909 1501 uint64_t val, unsigned size)
6658ffb8 1502{
1ec9b909
AK		 1503 check_watchpoint(addr & ~TARGET_PAGE_MASK, ~(size - 1), BP_MEM_WRITE);
1504 switch (size) {
67364150
MF		 1505 case 1:
1506 stb_phys(addr, val);
1507 break;
1508 case 2:
1509 stw_phys(addr, val);
1510 break;
1511 case 4:
1512 stl_phys(addr, val);
1513 break;
1ec9b909
AK		 1514 default: abort();
1515 }
6658ffb8
PB		 1516}
1517
1ec9b909
AK		 1518static const MemoryRegionOps watch_mem_ops = {
1519 .read = watch_mem_read,
1520 .write = watch_mem_write,
1521 .endianness = DEVICE_NATIVE_ENDIAN,
6658ffb8 1522};
6658ffb8 1523
a8170e5e 1524static uint64_t subpage_read(void *opaque, hwaddr addr,
70c68e44 1525 unsigned len)
db7b5426 1526{
70c68e44 1527 subpage_t *mmio = opaque;
f6405247 1528 unsigned int idx = SUBPAGE_IDX(addr);
5312bd8b 1529 MemoryRegionSection *section;
db7b5426
BS		 1530#if defined(DEBUG_SUBPAGE)
1531 printf("%s: subpage %p len %d addr " TARGET_FMT_plx " idx %d\n", __func__,
1532 mmio, len, addr, idx);
1533#endif
db7b5426 1534
5312bd8b
AK		 1535 section = &phys_sections[mmio->sub_section[idx]];
1536 addr += mmio->base;
1537 addr -= section->offset_within_address_space;
1538 addr += section->offset_within_region;
37ec01d4 1539 return io_mem_read(section->mr, addr, len);
db7b5426
BS		 1540}
1541
a8170e5e 1542static void subpage_write(void *opaque, hwaddr addr,
70c68e44 1543 uint64_t value, unsigned len)
db7b5426 1544{
70c68e44 1545 subpage_t *mmio = opaque;
f6405247 1546 unsigned int idx = SUBPAGE_IDX(addr);
5312bd8b 1547 MemoryRegionSection *section;
db7b5426 1548#if defined(DEBUG_SUBPAGE)
70c68e44
AK		 1549 printf("%s: subpage %p len %d addr " TARGET_FMT_plx
1550 " idx %d value %"PRIx64"\n",
f6405247 1551 __func__, mmio, len, addr, idx, value);
db7b5426 1552#endif
f6405247 1553
5312bd8b
AK		 1554 section = &phys_sections[mmio->sub_section[idx]];
1555 addr += mmio->base;
1556 addr -= section->offset_within_address_space;
1557 addr += section->offset_within_region;
37ec01d4 1558 io_mem_write(section->mr, addr, value, len);
db7b5426
BS		 1559}
1560
c353e4cc
PB		 1561static bool subpage_accepts(void *opaque, hwaddr addr,
1562 unsigned size, bool is_write)
1563{
1564 subpage_t *mmio = opaque;
1565 unsigned int idx = SUBPAGE_IDX(addr);
1566 MemoryRegionSection *section;
1567#if defined(DEBUG_SUBPAGE)
1568 printf("%s: subpage %p %c len %d addr " TARGET_FMT_plx
1569 " idx %d\n", __func__, mmio,
1570 is_write ? 'w' : 'r', len, addr, idx);
1571#endif
1572
1573 section = &phys_sections[mmio->sub_section[idx]];
1574 addr += mmio->base;
1575 addr -= section->offset_within_address_space;
1576 addr += section->offset_within_region;
1577 return memory_region_access_valid(section->mr, addr, size, is_write);
1578}
1579
70c68e44
AK		 1580static const MemoryRegionOps subpage_ops = {
1581 .read = subpage_read,
1582 .write = subpage_write,
c353e4cc 1583 .valid.accepts = subpage_accepts,
70c68e44 1584 .endianness = DEVICE_NATIVE_ENDIAN,
db7b5426
BS		 1585};
1586
a8170e5e 1587static uint64_t subpage_ram_read(void *opaque, hwaddr addr,
de712f94 1588 unsigned size)
56384e8b
AF		 1589{
1590 ram_addr_t raddr = addr;
1591 void *ptr = qemu_get_ram_ptr(raddr);
de712f94
AK		 1592 switch (size) {
1593 case 1: return ldub_p(ptr);
1594 case 2: return lduw_p(ptr);
1595 case 4: return ldl_p(ptr);
1596 default: abort();
1597 }
56384e8b
AF		 1598}
1599
a8170e5e 1600static void subpage_ram_write(void *opaque, hwaddr addr,
de712f94 1601 uint64_t value, unsigned size)
56384e8b
AF		 1602{
1603 ram_addr_t raddr = addr;
1604 void *ptr = qemu_get_ram_ptr(raddr);
de712f94
AK		 1605 switch (size) {
1606 case 1: return stb_p(ptr, value);
1607 case 2: return stw_p(ptr, value);
1608 case 4: return stl_p(ptr, value);
1609 default: abort();
1610 }
56384e8b
AF		 1611}
1612
de712f94
AK		 1613static const MemoryRegionOps subpage_ram_ops = {
1614 .read = subpage_ram_read,
1615 .write = subpage_ram_write,
1616 .endianness = DEVICE_NATIVE_ENDIAN,
56384e8b
AF		 1617};
1618
c227f099 1619static int subpage_register (subpage_t *mmio, uint32_t start, uint32_t end,
5312bd8b 1620 uint16_t section)
db7b5426
BS		 1621{
1622 int idx, eidx;
1623
1624 if (start >= TARGET_PAGE_SIZE || end >= TARGET_PAGE_SIZE)
1625 return -1;
1626 idx = SUBPAGE_IDX(start);
1627 eidx = SUBPAGE_IDX(end);
1628#if defined(DEBUG_SUBPAGE)
0bf9e31a 1629 printf("%s: %p start %08x end %08x idx %08x eidx %08x mem %ld\n", __func__,
db7b5426
BS		 1630 mmio, start, end, idx, eidx, memory);
1631#endif
5312bd8b
AK		 1632 if (memory_region_is_ram(phys_sections[section].mr)) {
1633 MemoryRegionSection new_section = phys_sections[section];
1634 new_section.mr = &io_mem_subpage_ram;
1635 section = phys_section_add(&new_section);
56384e8b 1636 }
db7b5426 1637 for (; idx <= eidx; idx++) {
5312bd8b 1638 mmio->sub_section[idx] = section;
db7b5426
BS		 1639 }
1640
1641 return 0;
1642}
1643
a8170e5e 1644static subpage_t *subpage_init(hwaddr base)
db7b5426 1645{
c227f099 1646 subpage_t *mmio;
db7b5426 1647
7267c094 1648 mmio = g_malloc0(sizeof(subpage_t));
1eec614b
AL		 1649
1650 mmio->base = base;
70c68e44
AK		 1651 memory_region_init_io(&mmio->iomem, &subpage_ops, mmio,
1652 "subpage", TARGET_PAGE_SIZE);
b3b00c78 1653 mmio->iomem.subpage = true;
db7b5426 1654#if defined(DEBUG_SUBPAGE)
1eec614b
AL		 1655 printf("%s: %p base " TARGET_FMT_plx " len %08x %d\n", __func__,
1656 mmio, base, TARGET_PAGE_SIZE, subpage_memory);
db7b5426 1657#endif
0f0cb164 1658 subpage_register(mmio, 0, TARGET_PAGE_SIZE-1, phys_section_unassigned);
db7b5426
BS		 1659
1660 return mmio;
1661}
1662
5312bd8b
AK		 1663static uint16_t dummy_section(MemoryRegion *mr)
1664{
1665 MemoryRegionSection section = {
1666 .mr = mr,
1667 .offset_within_address_space = 0,
1668 .offset_within_region = 0,
1669 .size = UINT64_MAX,
1670 };
1671
1672 return phys_section_add(&section);
1673}
1674
a8170e5e 1675MemoryRegion *iotlb_to_region(hwaddr index)
aa102231 1676{
37ec01d4 1677 return phys_sections[index & ~TARGET_PAGE_MASK].mr;
aa102231
AK		 1678}
1679
e9179ce1
AK		 1680static void io_mem_init(void)
1681{
bf8d5166 1682 memory_region_init_io(&io_mem_rom, &unassigned_mem_ops, NULL, "rom", UINT64_MAX);
0e0df1e2
AK		 1683 memory_region_init_io(&io_mem_unassigned, &unassigned_mem_ops, NULL,
1684 "unassigned", UINT64_MAX);
1685 memory_region_init_io(&io_mem_notdirty, &notdirty_mem_ops, NULL,
1686 "notdirty", UINT64_MAX);
de712f94
AK		 1687 memory_region_init_io(&io_mem_subpage_ram, &subpage_ram_ops, NULL,
1688 "subpage-ram", UINT64_MAX);
1ec9b909
AK		 1689 memory_region_init_io(&io_mem_watch, &watch_mem_ops, NULL,
1690 "watch", UINT64_MAX);
e9179ce1
AK		 1691}
1692
ac1970fb
AK		 1693static void mem_begin(MemoryListener *listener)
1694{
1695 AddressSpaceDispatch *d = container_of(listener, AddressSpaceDispatch, listener);
1696
1697 destroy_all_mappings(d);
1698 d->phys_map.ptr = PHYS_MAP_NODE_NIL;
1699}
1700
50c1e149
AK		 1701static void core_begin(MemoryListener *listener)
1702{
5312bd8b
AK		 1703 phys_sections_clear();
1704 phys_section_unassigned = dummy_section(&io_mem_unassigned);
aa102231
AK		 1705 phys_section_notdirty = dummy_section(&io_mem_notdirty);
1706 phys_section_rom = dummy_section(&io_mem_rom);
1707 phys_section_watch = dummy_section(&io_mem_watch);
50c1e149
AK		 1708}
1709
1d71148e 1710static void tcg_commit(MemoryListener *listener)
50c1e149 1711{
9349b4f9 1712 CPUArchState *env;
117712c3
AK		 1713
1714 /* since each CPU stores ram addresses in its TLB cache, we must
1715 reset the modified entries */
1716 /* XXX: slow ! */
1717 for(env = first_cpu; env != NULL; env = env->next_cpu) {
1718 tlb_flush(env, 1);
1719 }
50c1e149
AK		 1720}
1721
93632747
AK		 1722static void core_log_global_start(MemoryListener *listener)
1723{
1724 cpu_physical_memory_set_dirty_tracking(1);
1725}
1726
1727static void core_log_global_stop(MemoryListener *listener)
1728{
1729 cpu_physical_memory_set_dirty_tracking(0);
1730}
1731
4855d41a
AK		 1732static void io_region_add(MemoryListener *listener,
1733 MemoryRegionSection *section)
1734{
a2d33521
AK		 1735 MemoryRegionIORange *mrio = g_new(MemoryRegionIORange, 1);
1736
1737 mrio->mr = section->mr;
1738 mrio->offset = section->offset_within_region;
1739 iorange_init(&mrio->iorange, &memory_region_iorange_ops,
4855d41a 1740 section->offset_within_address_space, section->size);
a2d33521 1741 ioport_register(&mrio->iorange);
4855d41a
AK		 1742}
1743
1744static void io_region_del(MemoryListener *listener,
1745 MemoryRegionSection *section)
1746{
1747 isa_unassign_ioport(section->offset_within_address_space, section->size);
1748}
1749
93632747 1750static MemoryListener core_memory_listener = {
50c1e149 1751 .begin = core_begin,
93632747
AK		 1752 .log_global_start = core_log_global_start,
1753 .log_global_stop = core_log_global_stop,
ac1970fb 1754 .priority = 1,
93632747
AK		 1755};
1756
4855d41a
AK		 1757static MemoryListener io_memory_listener = {
1758 .region_add = io_region_add,
1759 .region_del = io_region_del,
4855d41a
AK		 1760 .priority = 0,
1761};
1762
1d71148e
AK		 1763static MemoryListener tcg_memory_listener = {
1764 .commit = tcg_commit,
1765};
1766
ac1970fb
AK		 1767void address_space_init_dispatch(AddressSpace *as)
1768{
1769 AddressSpaceDispatch *d = g_new(AddressSpaceDispatch, 1);
1770
1771 d->phys_map = (PhysPageEntry) { .ptr = PHYS_MAP_NODE_NIL, .is_leaf = 0 };
1772 d->listener = (MemoryListener) {
1773 .begin = mem_begin,
1774 .region_add = mem_add,
1775 .region_nop = mem_add,
1776 .priority = 0,
1777 };
1778 as->dispatch = d;
1779 memory_listener_register(&d->listener, as);
1780}
1781
83f3c251
AK		 1782void address_space_destroy_dispatch(AddressSpace *as)
1783{
1784 AddressSpaceDispatch *d = as->dispatch;
1785
1786 memory_listener_unregister(&d->listener);
1787 destroy_l2_mapping(&d->phys_map, P_L2_LEVELS - 1);
1788 g_free(d);
1789 as->dispatch = NULL;
1790}
1791
62152b8a
AK		 1792static void memory_map_init(void)
1793{
7267c094 1794 system_memory = g_malloc(sizeof(*system_memory));
8417cebf 1795 memory_region_init(system_memory, "system", INT64_MAX);
2673a5da
AK		 1796 address_space_init(&address_space_memory, system_memory);
1797 address_space_memory.name = "memory";
309cb471 1798
7267c094 1799 system_io = g_malloc(sizeof(*system_io));
309cb471 1800 memory_region_init(system_io, "io", 65536);
2673a5da
AK		 1801 address_space_init(&address_space_io, system_io);
1802 address_space_io.name = "I/O";
93632747 1803
f6790af6
AK		 1804 memory_listener_register(&core_memory_listener, &address_space_memory);
1805 memory_listener_register(&io_memory_listener, &address_space_io);
1806 memory_listener_register(&tcg_memory_listener, &address_space_memory);
9e11908f
PM		 1807
1808 dma_context_init(&dma_context_memory, &address_space_memory,
1809 NULL, NULL, NULL);
62152b8a
AK		 1810}
1811
1812MemoryRegion *get_system_memory(void)
1813{
1814 return system_memory;
1815}
1816
309cb471
AK		 1817MemoryRegion *get_system_io(void)
1818{
1819 return system_io;
1820}
1821
e2eef170
PB		 1822#endif /* !defined(CONFIG_USER_ONLY) */
1823
13eb76e0
FB		 1824/* physical memory access (slow version, mainly for debug) */
1825#if defined(CONFIG_USER_ONLY)
9349b4f9 1826int cpu_memory_rw_debug(CPUArchState *env, target_ulong addr,
a68fe89c 1827 uint8_t *buf, int len, int is_write)
13eb76e0
FB		 1828{
1829 int l, flags;
1830 target_ulong page;
53a5960a 1831 void * p;
13eb76e0
FB		 1832
1833 while (len > 0) {
1834 page = addr & TARGET_PAGE_MASK;
1835 l = (page + TARGET_PAGE_SIZE) - addr;
1836 if (l > len)
1837 l = len;
1838 flags = page_get_flags(page);
1839 if (!(flags & PAGE_VALID))
a68fe89c 1840 return -1;
13eb76e0
FB		 1841 if (is_write) {
1842 if (!(flags & PAGE_WRITE))
a68fe89c 1843 return -1;
579a97f7 1844 /* XXX: this code should not depend on lock_user */
72fb7daa 1845 if (!(p = lock_user(VERIFY_WRITE, addr, l, 0)))
a68fe89c 1846 return -1;
72fb7daa
AJ		 1847 memcpy(p, buf, l);
1848 unlock_user(p, addr, l);
13eb76e0
FB		 1849 } else {
1850 if (!(flags & PAGE_READ))
a68fe89c 1851 return -1;
579a97f7 1852 /* XXX: this code should not depend on lock_user */
72fb7daa 1853 if (!(p = lock_user(VERIFY_READ, addr, l, 1)))
a68fe89c 1854 return -1;
72fb7daa 1855 memcpy(buf, p, l);
5b257578 1856 unlock_user(p, addr, 0);
13eb76e0
FB		 1857 }
1858 len -= l;
1859 buf += l;
1860 addr += l;
1861 }
a68fe89c 1862 return 0;
13eb76e0 1863}
8df1cd07 1864
13eb76e0 1865#else
51d7a9eb 1866
a8170e5e
AK		 1867static void invalidate_and_set_dirty(hwaddr addr,
1868 hwaddr length)
51d7a9eb
AP		 1869{
1870 if (!cpu_physical_memory_is_dirty(addr)) {
1871 /* invalidate code */
1872 tb_invalidate_phys_page_range(addr, addr + length, 0);
1873 /* set dirty bit */
1874 cpu_physical_memory_set_dirty_flags(addr, (0xff & ~CODE_DIRTY_FLAG));
1875 }
e226939d 1876 xen_modified_memory(addr, length);
51d7a9eb
AP		 1877}
1878
2bbfa05d
PB		 1879static inline bool memory_access_is_direct(MemoryRegion *mr, bool is_write)
1880{
1881 if (memory_region_is_ram(mr)) {
1882 return !(is_write && mr->readonly);
1883 }
1884 if (memory_region_is_romd(mr)) {
1885 return !is_write;
1886 }
1887
1888 return false;
1889}
1890
82f2563f
PB		 1891static inline int memory_access_size(int l, hwaddr addr)
1892{
1893 if (l >= 4 && ((addr & 3) == 0)) {
1894 return 4;
1895 }
1896 if (l >= 2 && ((addr & 1) == 0)) {
1897 return 2;
1898 }
1899 return 1;
1900}
1901
a8170e5e 1902void address_space_rw(AddressSpace *as, hwaddr addr, uint8_t *buf,
ac1970fb 1903 int len, bool is_write)
13eb76e0 1904{
149f54b5 1905 hwaddr l;
13eb76e0
FB		 1906 uint8_t *ptr;
1907 uint32_t val;
149f54b5 1908 hwaddr addr1;
f3705d53 1909 MemoryRegionSection *section;
3b46e624 1910
13eb76e0 1911 while (len > 0) {
149f54b5
PB		 1912 l = len;
1913 section = address_space_translate(as, addr, &addr1, &l, is_write);
3b46e624 1914
13eb76e0 1915 if (is_write) {
2bbfa05d 1916 if (!memory_access_is_direct(section->mr, is_write)) {
82f2563f 1917 l = memory_access_size(l, addr1);
6a00d601
FB		 1918 /* XXX: could force cpu_single_env to NULL to avoid
1919 potential bugs */
82f2563f 1920 if (l == 4) {
1c213d19 1921 /* 32 bit write access */
c27004ec 1922 val = ldl_p(buf);
37ec01d4 1923 io_mem_write(section->mr, addr1, val, 4);
82f2563f 1924 } else if (l == 2) {
1c213d19 1925 /* 16 bit write access */
c27004ec 1926 val = lduw_p(buf);
37ec01d4 1927 io_mem_write(section->mr, addr1, val, 2);
13eb76e0 1928 } else {
1c213d19 1929 /* 8 bit write access */
c27004ec 1930 val = ldub_p(buf);
37ec01d4 1931 io_mem_write(section->mr, addr1, val, 1);
13eb76e0 1932 }
2bbfa05d 1933 } else {
149f54b5 1934 addr1 += memory_region_get_ram_addr(section->mr);
13eb76e0 1935 /* RAM case */
5579c7f3 1936 ptr = qemu_get_ram_ptr(addr1);
13eb76e0 1937 memcpy(ptr, buf, l);
51d7a9eb 1938 invalidate_and_set_dirty(addr1, l);
13eb76e0
FB		 1939 }
1940 } else {
2bbfa05d 1941 if (!memory_access_is_direct(section->mr, is_write)) {
13eb76e0 1942 /* I/O case */
82f2563f
PB		 1943 l = memory_access_size(l, addr1);
1944 if (l == 4) {
13eb76e0 1945 /* 32 bit read access */
37ec01d4 1946 val = io_mem_read(section->mr, addr1, 4);
c27004ec 1947 stl_p(buf, val);
82f2563f 1948 } else if (l == 2) {
13eb76e0 1949 /* 16 bit read access */
37ec01d4 1950 val = io_mem_read(section->mr, addr1, 2);
c27004ec 1951 stw_p(buf, val);
13eb76e0 1952 } else {
1c213d19 1953 /* 8 bit read access */
37ec01d4 1954 val = io_mem_read(section->mr, addr1, 1);
c27004ec 1955 stb_p(buf, val);
13eb76e0
FB		 1956 }
1957 } else {
1958 /* RAM case */
149f54b5 1959 ptr = qemu_get_ram_ptr(section->mr->ram_addr + addr1);
f3705d53 1960 memcpy(buf, ptr, l);
13eb76e0
FB		 1961 }
1962 }
1963 len -= l;
1964 buf += l;
1965 addr += l;
1966 }
1967}
8df1cd07 1968
a8170e5e 1969void address_space_write(AddressSpace *as, hwaddr addr,
ac1970fb
AK		 1970 const uint8_t *buf, int len)
1971{
1972 address_space_rw(as, addr, (uint8_t *)buf, len, true);
1973}
1974
1975/**
1976 * address_space_read: read from an address space.
1977 *
1978 * @as: #AddressSpace to be accessed
1979 * @addr: address within that address space
1980 * @buf: buffer with the data transferred
1981 */
a8170e5e 1982void address_space_read(AddressSpace *as, hwaddr addr, uint8_t *buf, int len)
ac1970fb
AK		 1983{
1984 address_space_rw(as, addr, buf, len, false);
1985}
1986
1987
a8170e5e 1988void cpu_physical_memory_rw(hwaddr addr, uint8_t *buf,
ac1970fb
AK		 1989 int len, int is_write)
1990{
1991 return address_space_rw(&address_space_memory, addr, buf, len, is_write);
1992}
1993
d0ecd2aa 1994/* used for ROM loading : can write in RAM and ROM */
a8170e5e 1995void cpu_physical_memory_write_rom(hwaddr addr,
d0ecd2aa
FB		 1996 const uint8_t *buf, int len)
1997{
149f54b5 1998 hwaddr l;
d0ecd2aa 1999 uint8_t *ptr;
149f54b5 2000 hwaddr addr1;
f3705d53 2001 MemoryRegionSection *section;
3b46e624 2002
d0ecd2aa 2003 while (len > 0) {
149f54b5
PB		 2004 l = len;
2005 section = address_space_translate(&address_space_memory,
2006 addr, &addr1, &l, true);
3b46e624 2007
cc5bea60
BS		 2008 if (!(memory_region_is_ram(section->mr) ||
2009 memory_region_is_romd(section->mr))) {
d0ecd2aa
FB		 2010 /* do nothing */
2011 } else {
149f54b5 2012 addr1 += memory_region_get_ram_addr(section->mr);
d0ecd2aa 2013 /* ROM/RAM case */
5579c7f3 2014 ptr = qemu_get_ram_ptr(addr1);
d0ecd2aa 2015 memcpy(ptr, buf, l);
51d7a9eb 2016 invalidate_and_set_dirty(addr1, l);
d0ecd2aa
FB		 2017 }
2018 len -= l;
2019 buf += l;
2020 addr += l;
2021 }
2022}
2023
6d16c2f8
AL		 2024typedef struct {
2025 void *buffer;
a8170e5e
AK		 2026 hwaddr addr;
2027 hwaddr len;
6d16c2f8
AL		 2028} BounceBuffer;
2029
2030static BounceBuffer bounce;
2031
ba223c29
AL		 2032typedef struct MapClient {
2033 void *opaque;
2034 void (*callback)(void *opaque);
72cf2d4f 2035 QLIST_ENTRY(MapClient) link;
ba223c29
AL		 2036} MapClient;
2037
72cf2d4f
BS		 2038static QLIST_HEAD(map_client_list, MapClient) map_client_list
2039 = QLIST_HEAD_INITIALIZER(map_client_list);
ba223c29
AL		 2040
2041void *cpu_register_map_client(void *opaque, void (*callback)(void *opaque))
2042{
7267c094 2043 MapClient *client = g_malloc(sizeof(*client));
ba223c29
AL		 2044
2045 client->opaque = opaque;
2046 client->callback = callback;
72cf2d4f 2047 QLIST_INSERT_HEAD(&map_client_list, client, link);
ba223c29
AL		 2048 return client;
2049}
2050
8b9c99d9 2051static void cpu_unregister_map_client(void *_client)
ba223c29
AL		 2052{
2053 MapClient *client = (MapClient *)_client;
2054
72cf2d4f 2055 QLIST_REMOVE(client, link);
7267c094 2056 g_free(client);
ba223c29
AL		 2057}
2058
2059static void cpu_notify_map_clients(void)
2060{
2061 MapClient *client;
2062
72cf2d4f
BS		 2063 while (!QLIST_EMPTY(&map_client_list)) {
2064 client = QLIST_FIRST(&map_client_list);
ba223c29 2065 client->callback(client->opaque);
34d5e948 2066 cpu_unregister_map_client(client);
ba223c29
AL		 2067 }
2068}
2069
51644ab7
PB		 2070bool address_space_access_valid(AddressSpace *as, hwaddr addr, int len, bool is_write)
2071{
2072 MemoryRegionSection *section;
2073 hwaddr l, xlat;
2074
2075 while (len > 0) {
2076 l = len;
2077 section = address_space_translate(as, addr, &xlat, &l, is_write);
2078 if (!memory_access_is_direct(section->mr, is_write)) {
2079 l = memory_access_size(l, addr);
2080 if (!memory_region_access_valid(section->mr, xlat, l, is_write)) {
2081 return false;
2082 }
2083 }
2084
2085 len -= l;
2086 addr += l;
2087 }
2088 return true;
2089}
2090
6d16c2f8
AL		 2091/* Map a physical memory region into a host virtual address.
2092 * May map a subset of the requested range, given by and returned in *plen.
2093 * May return NULL if resources needed to perform the mapping are exhausted.
2094 * Use only for reads OR writes - not for read-modify-write operations.
ba223c29
AL		 2095 * Use cpu_register_map_client() to know when retrying the map operation is
2096 * likely to succeed.
6d16c2f8 2097 */
ac1970fb 2098void *address_space_map(AddressSpace *as,
a8170e5e
AK		 2099 hwaddr addr,
2100 hwaddr *plen,
ac1970fb 2101 bool is_write)
6d16c2f8 2102{
a8170e5e
AK		 2103 hwaddr len = *plen;
2104 hwaddr todo = 0;
149f54b5 2105 hwaddr l, xlat;
f3705d53 2106 MemoryRegionSection *section;
f15fbc4b 2107 ram_addr_t raddr = RAM_ADDR_MAX;
8ab934f9
SS		 2108 ram_addr_t rlen;
2109 void *ret;
6d16c2f8
AL		 2110
2111 while (len > 0) {
149f54b5
PB		 2112 l = len;
2113 section = address_space_translate(as, addr, &xlat, &l, is_write);
6d16c2f8 2114
2bbfa05d 2115 if (!memory_access_is_direct(section->mr, is_write)) {
38bee5dc 2116 if (todo || bounce.buffer) {
6d16c2f8
AL		 2117 break;
2118 }
2119 bounce.buffer = qemu_memalign(TARGET_PAGE_SIZE, TARGET_PAGE_SIZE);
2120 bounce.addr = addr;
2121 bounce.len = l;
2122 if (!is_write) {
ac1970fb 2123 address_space_read(as, addr, bounce.buffer, l);
6d16c2f8 2124 }
38bee5dc
SS		 2125
2126 *plen = l;
2127 return bounce.buffer;
6d16c2f8 2128 }
8ab934f9 2129 if (!todo) {
149f54b5
PB		 2130 raddr = memory_region_get_ram_addr(section->mr) + xlat;
2131 } else {
2132 if (memory_region_get_ram_addr(section->mr) + xlat != raddr + todo) {
2133 break;
2134 }
8ab934f9 2135 }
6d16c2f8
AL		 2136
2137 len -= l;
2138 addr += l;
38bee5dc 2139 todo += l;
6d16c2f8 2140 }
8ab934f9
SS		 2141 rlen = todo;
2142 ret = qemu_ram_ptr_length(raddr, &rlen);
2143 *plen = rlen;
2144 return ret;
6d16c2f8
AL		 2145}
2146
ac1970fb 2147/* Unmaps a memory region previously mapped by address_space_map().
6d16c2f8
AL		 2148 * Will also mark the memory as dirty if is_write == 1. access_len gives
2149 * the amount of memory that was actually read or written by the caller.
2150 */
a8170e5e
AK		 2151void address_space_unmap(AddressSpace *as, void *buffer, hwaddr len,
2152 int is_write, hwaddr access_len)
6d16c2f8
AL		 2153{
2154 if (buffer != bounce.buffer) {
2155 if (is_write) {
e890261f 2156 ram_addr_t addr1 = qemu_ram_addr_from_host_nofail(buffer);
6d16c2f8
AL		 2157 while (access_len) {
2158 unsigned l;
2159 l = TARGET_PAGE_SIZE;
2160 if (l > access_len)
2161 l = access_len;
51d7a9eb 2162 invalidate_and_set_dirty(addr1, l);
6d16c2f8
AL		 2163 addr1 += l;
2164 access_len -= l;
2165 }
2166 }
868bb33f 2167 if (xen_enabled()) {
e41d7c69 2168 xen_invalidate_map_cache_entry(buffer);
050a0ddf 2169 }
6d16c2f8
AL		 2170 return;
2171 }
2172 if (is_write) {
ac1970fb 2173 address_space_write(as, bounce.addr, bounce.buffer, access_len);
6d16c2f8 2174 }
f8a83245 2175 qemu_vfree(bounce.buffer);
6d16c2f8 2176 bounce.buffer = NULL;
ba223c29 2177 cpu_notify_map_clients();
6d16c2f8 2178}
d0ecd2aa 2179
a8170e5e
AK		 2180void *cpu_physical_memory_map(hwaddr addr,
2181 hwaddr *plen,
ac1970fb
AK		 2182 int is_write)
2183{
2184 return address_space_map(&address_space_memory, addr, plen, is_write);
2185}
2186
a8170e5e
AK		 2187void cpu_physical_memory_unmap(void *buffer, hwaddr len,
2188 int is_write, hwaddr access_len)
ac1970fb
AK		 2189{
2190 return address_space_unmap(&address_space_memory, buffer, len, is_write, access_len);
2191}
2192
8df1cd07 2193/* warning: addr must be aligned */
a8170e5e 2194static inline uint32_t ldl_phys_internal(hwaddr addr,
1e78bcc1 2195 enum device_endian endian)
8df1cd07 2196{
8df1cd07
FB		 2197 uint8_t *ptr;
2198 uint32_t val;
f3705d53 2199 MemoryRegionSection *section;
149f54b5
PB		 2200 hwaddr l = 4;
2201 hwaddr addr1;
8df1cd07 2202
149f54b5
PB		 2203 section = address_space_translate(&address_space_memory, addr, &addr1, &l,
2204 false);
2bbfa05d 2205 if (l < 4 || !memory_access_is_direct(section->mr, false)) {
8df1cd07 2206 /* I/O case */
149f54b5 2207 val = io_mem_read(section->mr, addr1, 4);
1e78bcc1
AG		 2208#if defined(TARGET_WORDS_BIGENDIAN)
2209 if (endian == DEVICE_LITTLE_ENDIAN) {
2210 val = bswap32(val);
2211 }
2212#else
2213 if (endian == DEVICE_BIG_ENDIAN) {
2214 val = bswap32(val);
2215 }
2216#endif
8df1cd07
FB		 2217 } else {
2218 /* RAM case */
f3705d53 2219 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(section->mr)
06ef3525 2220 & TARGET_PAGE_MASK)
149f54b5 2221 + addr1);
1e78bcc1
AG		 2222 switch (endian) {
2223 case DEVICE_LITTLE_ENDIAN:
2224 val = ldl_le_p(ptr);
2225 break;
2226 case DEVICE_BIG_ENDIAN:
2227 val = ldl_be_p(ptr);
2228 break;
2229 default:
2230 val = ldl_p(ptr);
2231 break;
2232 }
8df1cd07
FB		 2233 }
2234 return val;
2235}
2236
a8170e5e 2237uint32_t ldl_phys(hwaddr addr)
1e78bcc1
AG		 2238{
2239 return ldl_phys_internal(addr, DEVICE_NATIVE_ENDIAN);
2240}
2241
a8170e5e 2242uint32_t ldl_le_phys(hwaddr addr)
1e78bcc1
AG		 2243{
2244 return ldl_phys_internal(addr, DEVICE_LITTLE_ENDIAN);
2245}
2246
a8170e5e 2247uint32_t ldl_be_phys(hwaddr addr)
1e78bcc1
AG		 2248{
2249 return ldl_phys_internal(addr, DEVICE_BIG_ENDIAN);
2250}
2251
84b7b8e7 2252/* warning: addr must be aligned */
a8170e5e 2253static inline uint64_t ldq_phys_internal(hwaddr addr,
1e78bcc1 2254 enum device_endian endian)
84b7b8e7 2255{
84b7b8e7
FB		 2256 uint8_t *ptr;
2257 uint64_t val;
f3705d53 2258 MemoryRegionSection *section;
149f54b5
PB		 2259 hwaddr l = 8;
2260 hwaddr addr1;
84b7b8e7 2261
149f54b5
PB		 2262 section = address_space_translate(&address_space_memory, addr, &addr1, &l,
2263 false);
2bbfa05d 2264 if (l < 8 || !memory_access_is_direct(section->mr, false)) {
84b7b8e7 2265 /* I/O case */
a649b916 2266 val = io_mem_read(section->mr, addr1, 8);
968a5627
PB		 2267#if defined(TARGET_WORDS_BIGENDIAN)
2268 if (endian == DEVICE_LITTLE_ENDIAN) {
2269 val = bswap64(val);
2270 }
2271#else
2272 if (endian == DEVICE_BIG_ENDIAN) {
2273 val = bswap64(val);
2274 }
84b7b8e7
FB		 2275#endif
2276 } else {
2277 /* RAM case */
f3705d53 2278 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(section->mr)
06ef3525 2279 & TARGET_PAGE_MASK)
149f54b5 2280 + addr1);
1e78bcc1
AG		 2281 switch (endian) {
2282 case DEVICE_LITTLE_ENDIAN:
2283 val = ldq_le_p(ptr);
2284 break;
2285 case DEVICE_BIG_ENDIAN:
2286 val = ldq_be_p(ptr);
2287 break;
2288 default:
2289 val = ldq_p(ptr);
2290 break;
2291 }
84b7b8e7
FB		 2292 }
2293 return val;
2294}
2295
a8170e5e 2296uint64_t ldq_phys(hwaddr addr)
1e78bcc1
AG		 2297{
2298 return ldq_phys_internal(addr, DEVICE_NATIVE_ENDIAN);
2299}
2300
a8170e5e 2301uint64_t ldq_le_phys(hwaddr addr)
1e78bcc1
AG		 2302{
2303 return ldq_phys_internal(addr, DEVICE_LITTLE_ENDIAN);
2304}
2305
a8170e5e 2306uint64_t ldq_be_phys(hwaddr addr)
1e78bcc1
AG		 2307{
2308 return ldq_phys_internal(addr, DEVICE_BIG_ENDIAN);
2309}
2310
aab33094 2311/* XXX: optimize */
a8170e5e 2312uint32_t ldub_phys(hwaddr addr)
aab33094
FB		 2313{
2314 uint8_t val;
2315 cpu_physical_memory_read(addr, &val, 1);
2316 return val;
2317}
2318
733f0b02 2319/* warning: addr must be aligned */
a8170e5e 2320static inline uint32_t lduw_phys_internal(hwaddr addr,
1e78bcc1 2321 enum device_endian endian)
aab33094 2322{
733f0b02
MT		 2323 uint8_t *ptr;
2324 uint64_t val;
f3705d53 2325 MemoryRegionSection *section;
149f54b5
PB		 2326 hwaddr l = 2;
2327 hwaddr addr1;
733f0b02 2328
149f54b5
PB		 2329 section = address_space_translate(&address_space_memory, addr, &addr1, &l,
2330 false);
2bbfa05d 2331 if (l < 2 || !memory_access_is_direct(section->mr, false)) {
733f0b02 2332 /* I/O case */
149f54b5 2333 val = io_mem_read(section->mr, addr1, 2);
1e78bcc1
AG		 2334#if defined(TARGET_WORDS_BIGENDIAN)
2335 if (endian == DEVICE_LITTLE_ENDIAN) {
2336 val = bswap16(val);
2337 }
2338#else
2339 if (endian == DEVICE_BIG_ENDIAN) {
2340 val = bswap16(val);
2341 }
2342#endif
733f0b02
MT		 2343 } else {
2344 /* RAM case */
f3705d53 2345 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(section->mr)
06ef3525 2346 & TARGET_PAGE_MASK)
149f54b5 2347 + addr1);
1e78bcc1
AG		 2348 switch (endian) {
2349 case DEVICE_LITTLE_ENDIAN:
2350 val = lduw_le_p(ptr);
2351 break;
2352 case DEVICE_BIG_ENDIAN:
2353 val = lduw_be_p(ptr);
2354 break;
2355 default:
2356 val = lduw_p(ptr);
2357 break;
2358 }
733f0b02
MT		 2359 }
2360 return val;
aab33094
FB		 2361}
2362
a8170e5e 2363uint32_t lduw_phys(hwaddr addr)
1e78bcc1
AG		 2364{
2365 return lduw_phys_internal(addr, DEVICE_NATIVE_ENDIAN);
2366}
2367
a8170e5e 2368uint32_t lduw_le_phys(hwaddr addr)
1e78bcc1
AG		 2369{
2370 return lduw_phys_internal(addr, DEVICE_LITTLE_ENDIAN);
2371}
2372
a8170e5e 2373uint32_t lduw_be_phys(hwaddr addr)
1e78bcc1
AG		 2374{
2375 return lduw_phys_internal(addr, DEVICE_BIG_ENDIAN);
2376}
2377
8df1cd07
FB		 2378/* warning: addr must be aligned. The ram page is not masked as dirty
2379 and the code inside is not invalidated. It is useful if the dirty
2380 bits are used to track modified PTEs */
a8170e5e 2381void stl_phys_notdirty(hwaddr addr, uint32_t val)
8df1cd07 2382{
8df1cd07 2383 uint8_t *ptr;
f3705d53 2384 MemoryRegionSection *section;
149f54b5
PB		 2385 hwaddr l = 4;
2386 hwaddr addr1;
8df1cd07 2387
149f54b5
PB		 2388 section = address_space_translate(&address_space_memory, addr, &addr1, &l,
2389 true);
2bbfa05d 2390 if (l < 4 || !memory_access_is_direct(section->mr, true)) {
149f54b5 2391 io_mem_write(section->mr, addr1, val, 4);
8df1cd07 2392 } else {
149f54b5 2393 addr1 += memory_region_get_ram_addr(section->mr) & TARGET_PAGE_MASK;
5579c7f3 2394 ptr = qemu_get_ram_ptr(addr1);
8df1cd07 2395 stl_p(ptr, val);
74576198
AL		 2396
2397 if (unlikely(in_migration)) {
2398 if (!cpu_physical_memory_is_dirty(addr1)) {
2399 /* invalidate code */
2400 tb_invalidate_phys_page_range(addr1, addr1 + 4, 0);
2401 /* set dirty bit */
f7c11b53
YT		 2402 cpu_physical_memory_set_dirty_flags(
2403 addr1, (0xff & ~CODE_DIRTY_FLAG));
74576198
AL		 2404 }
2405 }
8df1cd07
FB		 2406 }
2407}
2408
2409/* warning: addr must be aligned */
a8170e5e 2410static inline void stl_phys_internal(hwaddr addr, uint32_t val,
1e78bcc1 2411 enum device_endian endian)
8df1cd07 2412{
8df1cd07 2413 uint8_t *ptr;
f3705d53 2414 MemoryRegionSection *section;
149f54b5
PB		 2415 hwaddr l = 4;
2416 hwaddr addr1;
8df1cd07 2417
149f54b5
PB		 2418 section = address_space_translate(&address_space_memory, addr, &addr1, &l,
2419 true);
2bbfa05d 2420 if (l < 4 || !memory_access_is_direct(section->mr, true)) {
1e78bcc1
AG		 2421#if defined(TARGET_WORDS_BIGENDIAN)
2422 if (endian == DEVICE_LITTLE_ENDIAN) {
2423 val = bswap32(val);
2424 }
2425#else
2426 if (endian == DEVICE_BIG_ENDIAN) {
2427 val = bswap32(val);
2428 }
2429#endif
149f54b5 2430 io_mem_write(section->mr, addr1, val, 4);
8df1cd07 2431 } else {
8df1cd07 2432 /* RAM case */
149f54b5 2433 addr1 += memory_region_get_ram_addr(section->mr) & TARGET_PAGE_MASK;
5579c7f3 2434 ptr = qemu_get_ram_ptr(addr1);
1e78bcc1
AG		 2435 switch (endian) {
2436 case DEVICE_LITTLE_ENDIAN:
2437 stl_le_p(ptr, val);
2438 break;
2439 case DEVICE_BIG_ENDIAN:
2440 stl_be_p(ptr, val);
2441 break;
2442 default:
2443 stl_p(ptr, val);
2444 break;
2445 }
51d7a9eb 2446 invalidate_and_set_dirty(addr1, 4);
8df1cd07
FB		 2447 }
2448}
2449
a8170e5e 2450void stl_phys(hwaddr addr, uint32_t val)
1e78bcc1
AG		 2451{
2452 stl_phys_internal(addr, val, DEVICE_NATIVE_ENDIAN);
2453}
2454
a8170e5e 2455void stl_le_phys(hwaddr addr, uint32_t val)
1e78bcc1
AG		 2456{
2457 stl_phys_internal(addr, val, DEVICE_LITTLE_ENDIAN);
2458}
2459
a8170e5e 2460void stl_be_phys(hwaddr addr, uint32_t val)
1e78bcc1
AG		 2461{
2462 stl_phys_internal(addr, val, DEVICE_BIG_ENDIAN);
2463}
2464
aab33094 2465/* XXX: optimize */
a8170e5e 2466void stb_phys(hwaddr addr, uint32_t val)
aab33094
FB		 2467{
2468 uint8_t v = val;
2469 cpu_physical_memory_write(addr, &v, 1);
2470}
2471
733f0b02 2472/* warning: addr must be aligned */
a8170e5e 2473static inline void stw_phys_internal(hwaddr addr, uint32_t val,
1e78bcc1 2474 enum device_endian endian)
aab33094 2475{
733f0b02 2476 uint8_t *ptr;
f3705d53 2477 MemoryRegionSection *section;
149f54b5
PB		 2478 hwaddr l = 2;
2479 hwaddr addr1;
733f0b02 2480
149f54b5
PB		 2481 section = address_space_translate(&address_space_memory, addr, &addr1, &l,
2482 true);
2bbfa05d 2483 if (l < 2 || !memory_access_is_direct(section->mr, true)) {
1e78bcc1
AG		 2484#if defined(TARGET_WORDS_BIGENDIAN)
2485 if (endian == DEVICE_LITTLE_ENDIAN) {
2486 val = bswap16(val);
2487 }
2488#else
2489 if (endian == DEVICE_BIG_ENDIAN) {
2490 val = bswap16(val);
2491 }
2492#endif
149f54b5 2493 io_mem_write(section->mr, addr1, val, 2);
733f0b02 2494 } else {
733f0b02 2495 /* RAM case */
149f54b5 2496 addr1 += memory_region_get_ram_addr(section->mr) & TARGET_PAGE_MASK;
733f0b02 2497 ptr = qemu_get_ram_ptr(addr1);
1e78bcc1
AG		 2498 switch (endian) {
2499 case DEVICE_LITTLE_ENDIAN:
2500 stw_le_p(ptr, val);
2501 break;
2502 case DEVICE_BIG_ENDIAN:
2503 stw_be_p(ptr, val);
2504 break;
2505 default:
2506 stw_p(ptr, val);
2507 break;
2508 }
51d7a9eb 2509 invalidate_and_set_dirty(addr1, 2);
733f0b02 2510 }
aab33094
FB		 2511}
2512
a8170e5e 2513void stw_phys(hwaddr addr, uint32_t val)
1e78bcc1
AG		 2514{
2515 stw_phys_internal(addr, val, DEVICE_NATIVE_ENDIAN);
2516}
2517
a8170e5e 2518void stw_le_phys(hwaddr addr, uint32_t val)
1e78bcc1
AG		 2519{
2520 stw_phys_internal(addr, val, DEVICE_LITTLE_ENDIAN);
2521}
2522
a8170e5e 2523void stw_be_phys(hwaddr addr, uint32_t val)
1e78bcc1
AG		 2524{
2525 stw_phys_internal(addr, val, DEVICE_BIG_ENDIAN);
2526}
2527
aab33094 2528/* XXX: optimize */
a8170e5e 2529void stq_phys(hwaddr addr, uint64_t val)
aab33094
FB		 2530{
2531 val = tswap64(val);
71d2b725 2532 cpu_physical_memory_write(addr, &val, 8);
aab33094
FB		 2533}
2534
a8170e5e 2535void stq_le_phys(hwaddr addr, uint64_t val)
1e78bcc1
AG		 2536{
2537 val = cpu_to_le64(val);
2538 cpu_physical_memory_write(addr, &val, 8);
2539}
2540
a8170e5e 2541void stq_be_phys(hwaddr addr, uint64_t val)
1e78bcc1
AG		 2542{
2543 val = cpu_to_be64(val);
2544 cpu_physical_memory_write(addr, &val, 8);
2545}
2546
5e2972fd 2547/* virtual memory access for debug (includes writing to ROM) */
9349b4f9 2548int cpu_memory_rw_debug(CPUArchState *env, target_ulong addr,
b448f2f3 2549 uint8_t *buf, int len, int is_write)
13eb76e0
FB		 2550{
2551 int l;
a8170e5e 2552 hwaddr phys_addr;
9b3c35e0 2553 target_ulong page;
13eb76e0
FB		 2554
2555 while (len > 0) {
2556 page = addr & TARGET_PAGE_MASK;
2557 phys_addr = cpu_get_phys_page_debug(env, page);
2558 /* if no physical page mapped, return an error */
2559 if (phys_addr == -1)
2560 return -1;
2561 l = (page + TARGET_PAGE_SIZE) - addr;
2562 if (l > len)
2563 l = len;
5e2972fd 2564 phys_addr += (addr & ~TARGET_PAGE_MASK);
5e2972fd
AL		 2565 if (is_write)
2566 cpu_physical_memory_write_rom(phys_addr, buf, l);
2567 else
5e2972fd 2568 cpu_physical_memory_rw(phys_addr, buf, l, is_write);
13eb76e0
FB		 2569 len -= l;
2570 buf += l;
2571 addr += l;
2572 }
2573 return 0;
2574}
a68fe89c 2575#endif
13eb76e0 2576
8e4a424b
BS		 2577#if !defined(CONFIG_USER_ONLY)
2578
2579/*
2580 * A helper function for the _utterly broken_ virtio device model to find out if
2581 * it's running on a big endian machine. Don't do this at home kids!
2582 */
2583bool virtio_is_big_endian(void);
2584bool virtio_is_big_endian(void)
2585{
2586#if defined(TARGET_WORDS_BIGENDIAN)
2587 return true;
2588#else
2589 return false;
2590#endif
2591}
2592
2593#endif
2594
76f35538 2595#ifndef CONFIG_USER_ONLY
a8170e5e 2596bool cpu_physical_memory_is_io(hwaddr phys_addr)
76f35538
WC		 2597{
2598 MemoryRegionSection *section;
149f54b5 2599 hwaddr l = 1;
76f35538 2600
149f54b5
PB		 2601 section = address_space_translate(&address_space_memory,
2602 phys_addr, &phys_addr, &l, false);
76f35538
WC		 2603
2604 return !(memory_region_is_ram(section->mr) ||
2605 memory_region_is_romd(section->mr));
2606}
2607#endif
Empty description
This page took 1.303172 seconds and 4 git commands to generate.