4 * Copyright (c) 2003 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
21 #include <sys/types.h>
25 #include "qemu-common.h"
30 #include "qemu/osdep.h"
31 #include "sysemu/kvm.h"
32 #include "sysemu/sysemu.h"
33 #include "hw/xen/xen.h"
34 #include "qemu/timer.h"
35 #include "qemu/config-file.h"
36 #include "qemu/error-report.h"
37 #include "exec/memory.h"
38 #include "sysemu/dma.h"
39 #include "exec/address-spaces.h"
40 #if defined(CONFIG_USER_ONLY)
42 #else /* !CONFIG_USER_ONLY */
43 #include "sysemu/xen-mapcache.h"
46 #include "exec/cpu-all.h"
48 #include "exec/cputlb.h"
49 #include "translate-all.h"
51 #include "exec/memory-internal.h"
52 #include "exec/ram_addr.h"
54 #include "qemu/range.h"
56 //#define DEBUG_SUBPAGE
58 #if !defined(CONFIG_USER_ONLY)
59 static bool in_migration;
61 RAMList ram_list = { .blocks = QTAILQ_HEAD_INITIALIZER(ram_list.blocks) };
63 static MemoryRegion *system_memory;
64 static MemoryRegion *system_io;
66 AddressSpace address_space_io;
67 AddressSpace address_space_memory;
69 MemoryRegion io_mem_rom, io_mem_notdirty;
70 static MemoryRegion io_mem_unassigned;
72 /* RAM is pre-allocated and passed into qemu_ram_alloc_from_ptr */
73 #define RAM_PREALLOC (1 << 0)
75 /* RAM is mmap-ed with MAP_SHARED */
76 #define RAM_SHARED (1 << 1)
80 struct CPUTailQ cpus = QTAILQ_HEAD_INITIALIZER(cpus);
81 /* current CPU in the current thread. It is only valid inside
83 DEFINE_TLS(CPUState *, current_cpu);
84 /* 0 = Do not count executed instructions.
85 1 = Precise instruction counting.
86 2 = Adaptive rate instruction counting. */
89 #if !defined(CONFIG_USER_ONLY)
91 typedef struct PhysPageEntry PhysPageEntry;
93 struct PhysPageEntry {
94 /* How many bits skip to next level (in units of L2_SIZE). 0 for a leaf. */
96 /* index into phys_sections (!skip) or phys_map_nodes (skip) */
100 #define PHYS_MAP_NODE_NIL (((uint32_t)~0) >> 6)
102 /* Size of the L2 (and L3, etc) page tables. */
103 #define ADDR_SPACE_BITS 64
106 #define P_L2_SIZE (1 << P_L2_BITS)
108 #define P_L2_LEVELS (((ADDR_SPACE_BITS - TARGET_PAGE_BITS - 1) / P_L2_BITS) + 1)
110 typedef PhysPageEntry Node[P_L2_SIZE];
112 typedef struct PhysPageMap {
113 unsigned sections_nb;
114 unsigned sections_nb_alloc;
116 unsigned nodes_nb_alloc;
118 MemoryRegionSection *sections;
121 struct AddressSpaceDispatch {
122 /* This is a multi-level map on the physical address space.
123 * The bottom level has pointers to MemoryRegionSections.
125 PhysPageEntry phys_map;
130 #define SUBPAGE_IDX(addr) ((addr) & ~TARGET_PAGE_MASK)
131 typedef struct subpage_t {
135 uint16_t sub_section[TARGET_PAGE_SIZE];
138 #define PHYS_SECTION_UNASSIGNED 0
139 #define PHYS_SECTION_NOTDIRTY 1
140 #define PHYS_SECTION_ROM 2
141 #define PHYS_SECTION_WATCH 3
143 static void io_mem_init(void);
144 static void memory_map_init(void);
145 static void tcg_commit(MemoryListener *listener);
147 static MemoryRegion io_mem_watch;
150 #if !defined(CONFIG_USER_ONLY)
152 static void phys_map_node_reserve(PhysPageMap *map, unsigned nodes)
154 if (map->nodes_nb + nodes > map->nodes_nb_alloc) {
155 map->nodes_nb_alloc = MAX(map->nodes_nb_alloc * 2, 16);
156 map->nodes_nb_alloc = MAX(map->nodes_nb_alloc, map->nodes_nb + nodes);
157 map->nodes = g_renew(Node, map->nodes, map->nodes_nb_alloc);
161 static uint32_t phys_map_node_alloc(PhysPageMap *map)
166 ret = map->nodes_nb++;
167 assert(ret != PHYS_MAP_NODE_NIL);
168 assert(ret != map->nodes_nb_alloc);
169 for (i = 0; i < P_L2_SIZE; ++i) {
170 map->nodes[ret][i].skip = 1;
171 map->nodes[ret][i].ptr = PHYS_MAP_NODE_NIL;
176 static void phys_page_set_level(PhysPageMap *map, PhysPageEntry *lp,
177 hwaddr *index, hwaddr *nb, uint16_t leaf,
182 hwaddr step = (hwaddr)1 << (level * P_L2_BITS);
184 if (lp->skip && lp->ptr == PHYS_MAP_NODE_NIL) {
185 lp->ptr = phys_map_node_alloc(map);
186 p = map->nodes[lp->ptr];
188 for (i = 0; i < P_L2_SIZE; i++) {
190 p[i].ptr = PHYS_SECTION_UNASSIGNED;
194 p = map->nodes[lp->ptr];
196 lp = &p[(*index >> (level * P_L2_BITS)) & (P_L2_SIZE - 1)];
198 while (*nb && lp < &p[P_L2_SIZE]) {
199 if ((*index & (step - 1)) == 0 && *nb >= step) {
205 phys_page_set_level(map, lp, index, nb, leaf, level - 1);
211 static void phys_page_set(AddressSpaceDispatch *d,
212 hwaddr index, hwaddr nb,
215 /* Wildly overreserve - it doesn't matter much. */
216 phys_map_node_reserve(&d->map, 3 * P_L2_LEVELS);
218 phys_page_set_level(&d->map, &d->phys_map, &index, &nb, leaf, P_L2_LEVELS - 1);
221 /* Compact a non leaf page entry. Simply detect that the entry has a single child,
222 * and update our entry so we can skip it and go directly to the destination.
224 static void phys_page_compact(PhysPageEntry *lp, Node *nodes, unsigned long *compacted)
226 unsigned valid_ptr = P_L2_SIZE;
231 if (lp->ptr == PHYS_MAP_NODE_NIL) {
236 for (i = 0; i < P_L2_SIZE; i++) {
237 if (p[i].ptr == PHYS_MAP_NODE_NIL) {
244 phys_page_compact(&p[i], nodes, compacted);
248 /* We can only compress if there's only one child. */
253 assert(valid_ptr < P_L2_SIZE);
255 /* Don't compress if it won't fit in the # of bits we have. */
256 if (lp->skip + p[valid_ptr].skip >= (1 << 3)) {
260 lp->ptr = p[valid_ptr].ptr;
261 if (!p[valid_ptr].skip) {
262 /* If our only child is a leaf, make this a leaf. */
263 /* By design, we should have made this node a leaf to begin with so we
264 * should never reach here.
265 * But since it's so simple to handle this, let's do it just in case we
270 lp->skip += p[valid_ptr].skip;
274 static void phys_page_compact_all(AddressSpaceDispatch *d, int nodes_nb)
276 DECLARE_BITMAP(compacted, nodes_nb);
278 if (d->phys_map.skip) {
279 phys_page_compact(&d->phys_map, d->map.nodes, compacted);
283 static MemoryRegionSection *phys_page_find(PhysPageEntry lp, hwaddr addr,
284 Node *nodes, MemoryRegionSection *sections)
287 hwaddr index = addr >> TARGET_PAGE_BITS;
290 for (i = P_L2_LEVELS; lp.skip && (i -= lp.skip) >= 0;) {
291 if (lp.ptr == PHYS_MAP_NODE_NIL) {
292 return §ions[PHYS_SECTION_UNASSIGNED];
295 lp = p[(index >> (i * P_L2_BITS)) & (P_L2_SIZE - 1)];
298 if (sections[lp.ptr].size.hi ||
299 range_covers_byte(sections[lp.ptr].offset_within_address_space,
300 sections[lp.ptr].size.lo, addr)) {
301 return §ions[lp.ptr];
303 return §ions[PHYS_SECTION_UNASSIGNED];
307 bool memory_region_is_unassigned(MemoryRegion *mr)
309 return mr != &io_mem_rom && mr != &io_mem_notdirty && !mr->rom_device
310 && mr != &io_mem_watch;
313 static MemoryRegionSection *address_space_lookup_region(AddressSpaceDispatch *d,
315 bool resolve_subpage)
317 MemoryRegionSection *section;
320 section = phys_page_find(d->phys_map, addr, d->map.nodes, d->map.sections);
321 if (resolve_subpage && section->mr->subpage) {
322 subpage = container_of(section->mr, subpage_t, iomem);
323 section = &d->map.sections[subpage->sub_section[SUBPAGE_IDX(addr)]];
328 static MemoryRegionSection *
329 address_space_translate_internal(AddressSpaceDispatch *d, hwaddr addr, hwaddr *xlat,
330 hwaddr *plen, bool resolve_subpage)
332 MemoryRegionSection *section;
335 section = address_space_lookup_region(d, addr, resolve_subpage);
336 /* Compute offset within MemoryRegionSection */
337 addr -= section->offset_within_address_space;
339 /* Compute offset within MemoryRegion */
340 *xlat = addr + section->offset_within_region;
342 diff = int128_sub(section->mr->size, int128_make64(addr));
343 *plen = int128_get64(int128_min(diff, int128_make64(*plen)));
347 static inline bool memory_access_is_direct(MemoryRegion *mr, bool is_write)
349 if (memory_region_is_ram(mr)) {
350 return !(is_write && mr->readonly);
352 if (memory_region_is_romd(mr)) {
359 MemoryRegion *address_space_translate(AddressSpace *as, hwaddr addr,
360 hwaddr *xlat, hwaddr *plen,
364 MemoryRegionSection *section;
369 section = address_space_translate_internal(as->dispatch, addr, &addr, plen, true);
372 if (!mr->iommu_ops) {
376 iotlb = mr->iommu_ops->translate(mr, addr, is_write);
377 addr = ((iotlb.translated_addr & ~iotlb.addr_mask)
378 | (addr & iotlb.addr_mask));
379 len = MIN(len, (addr | iotlb.addr_mask) - addr + 1);
380 if (!(iotlb.perm & (1 << is_write))) {
381 mr = &io_mem_unassigned;
385 as = iotlb.target_as;
388 if (xen_enabled() && memory_access_is_direct(mr, is_write)) {
389 hwaddr page = ((addr & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE) - addr;
390 len = MIN(page, len);
398 MemoryRegionSection *
399 address_space_translate_for_iotlb(AddressSpace *as, hwaddr addr, hwaddr *xlat,
402 MemoryRegionSection *section;
403 section = address_space_translate_internal(as->dispatch, addr, xlat, plen, false);
405 assert(!section->mr->iommu_ops);
410 void cpu_exec_init_all(void)
412 #if !defined(CONFIG_USER_ONLY)
413 qemu_mutex_init(&ram_list.mutex);
419 #if !defined(CONFIG_USER_ONLY)
421 static int cpu_common_post_load(void *opaque, int version_id)
423 CPUState *cpu = opaque;
425 /* 0x01 was CPU_INTERRUPT_EXIT. This line can be removed when the
426 version_id is increased. */
427 cpu->interrupt_request &= ~0x01;
433 static int cpu_common_pre_load(void *opaque)
435 CPUState *cpu = opaque;
437 cpu->exception_index = 0;
442 static bool cpu_common_exception_index_needed(void *opaque)
444 CPUState *cpu = opaque;
446 return cpu->exception_index != 0;
449 static const VMStateDescription vmstate_cpu_common_exception_index = {
450 .name = "cpu_common/exception_index",
452 .minimum_version_id = 1,
453 .fields = (VMStateField[]) {
454 VMSTATE_INT32(exception_index, CPUState),
455 VMSTATE_END_OF_LIST()
459 const VMStateDescription vmstate_cpu_common = {
460 .name = "cpu_common",
462 .minimum_version_id = 1,
463 .pre_load = cpu_common_pre_load,
464 .post_load = cpu_common_post_load,
465 .fields = (VMStateField[]) {
466 VMSTATE_UINT32(halted, CPUState),
467 VMSTATE_UINT32(interrupt_request, CPUState),
468 VMSTATE_END_OF_LIST()
470 .subsections = (VMStateSubsection[]) {
472 .vmsd = &vmstate_cpu_common_exception_index,
473 .needed = cpu_common_exception_index_needed,
482 CPUState *qemu_get_cpu(int index)
487 if (cpu->cpu_index == index) {
495 #if !defined(CONFIG_USER_ONLY)
496 void tcg_cpu_address_space_init(CPUState *cpu, AddressSpace *as)
498 /* We only support one address space per cpu at the moment. */
499 assert(cpu->as == as);
501 if (cpu->tcg_as_listener) {
502 memory_listener_unregister(cpu->tcg_as_listener);
504 cpu->tcg_as_listener = g_new0(MemoryListener, 1);
506 cpu->tcg_as_listener->commit = tcg_commit;
507 memory_listener_register(cpu->tcg_as_listener, as);
511 void cpu_exec_init(CPUArchState *env)
513 CPUState *cpu = ENV_GET_CPU(env);
514 CPUClass *cc = CPU_GET_CLASS(cpu);
518 #if defined(CONFIG_USER_ONLY)
522 CPU_FOREACH(some_cpu) {
525 cpu->cpu_index = cpu_index;
527 QTAILQ_INIT(&cpu->breakpoints);
528 QTAILQ_INIT(&cpu->watchpoints);
529 #ifndef CONFIG_USER_ONLY
530 cpu->as = &address_space_memory;
531 cpu->thread_id = qemu_get_thread_id();
533 QTAILQ_INSERT_TAIL(&cpus, cpu, node);
534 #if defined(CONFIG_USER_ONLY)
537 if (qdev_get_vmsd(DEVICE(cpu)) == NULL) {
538 vmstate_register(NULL, cpu_index, &vmstate_cpu_common, cpu);
540 #if defined(CPU_SAVE_VERSION) && !defined(CONFIG_USER_ONLY)
541 register_savevm(NULL, "cpu", cpu_index, CPU_SAVE_VERSION,
542 cpu_save, cpu_load, env);
543 assert(cc->vmsd == NULL);
544 assert(qdev_get_vmsd(DEVICE(cpu)) == NULL);
546 if (cc->vmsd != NULL) {
547 vmstate_register(NULL, cpu_index, cc->vmsd, cpu);
551 #if defined(TARGET_HAS_ICE)
552 #if defined(CONFIG_USER_ONLY)
553 static void breakpoint_invalidate(CPUState *cpu, target_ulong pc)
555 tb_invalidate_phys_page_range(pc, pc + 1, 0);
558 static void breakpoint_invalidate(CPUState *cpu, target_ulong pc)
560 hwaddr phys = cpu_get_phys_page_debug(cpu, pc);
562 tb_invalidate_phys_addr(cpu->as,
563 phys | (pc & ~TARGET_PAGE_MASK));
567 #endif /* TARGET_HAS_ICE */
569 #if defined(CONFIG_USER_ONLY)
570 void cpu_watchpoint_remove_all(CPUState *cpu, int mask)
575 int cpu_watchpoint_remove(CPUState *cpu, vaddr addr, vaddr len,
581 void cpu_watchpoint_remove_by_ref(CPUState *cpu, CPUWatchpoint *watchpoint)
585 int cpu_watchpoint_insert(CPUState *cpu, vaddr addr, vaddr len,
586 int flags, CPUWatchpoint **watchpoint)
591 /* Add a watchpoint. */
592 int cpu_watchpoint_insert(CPUState *cpu, vaddr addr, vaddr len,
593 int flags, CPUWatchpoint **watchpoint)
597 /* forbid ranges which are empty or run off the end of the address space */
598 if (len == 0 || (addr + len - 1) < addr) {
599 error_report("tried to set invalid watchpoint at %"
600 VADDR_PRIx ", len=%" VADDR_PRIu, addr, len);
603 wp = g_malloc(sizeof(*wp));
609 /* keep all GDB-injected watchpoints in front */
610 if (flags & BP_GDB) {
611 QTAILQ_INSERT_HEAD(&cpu->watchpoints, wp, entry);
613 QTAILQ_INSERT_TAIL(&cpu->watchpoints, wp, entry);
616 tlb_flush_page(cpu, addr);
623 /* Remove a specific watchpoint. */
624 int cpu_watchpoint_remove(CPUState *cpu, vaddr addr, vaddr len,
629 QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
630 if (addr == wp->vaddr && len == wp->len
631 && flags == (wp->flags & ~BP_WATCHPOINT_HIT)) {
632 cpu_watchpoint_remove_by_ref(cpu, wp);
639 /* Remove a specific watchpoint by reference. */
640 void cpu_watchpoint_remove_by_ref(CPUState *cpu, CPUWatchpoint *watchpoint)
642 QTAILQ_REMOVE(&cpu->watchpoints, watchpoint, entry);
644 tlb_flush_page(cpu, watchpoint->vaddr);
649 /* Remove all matching watchpoints. */
650 void cpu_watchpoint_remove_all(CPUState *cpu, int mask)
652 CPUWatchpoint *wp, *next;
654 QTAILQ_FOREACH_SAFE(wp, &cpu->watchpoints, entry, next) {
655 if (wp->flags & mask) {
656 cpu_watchpoint_remove_by_ref(cpu, wp);
661 /* Return true if this watchpoint address matches the specified
662 * access (ie the address range covered by the watchpoint overlaps
663 * partially or completely with the address range covered by the
666 static inline bool cpu_watchpoint_address_matches(CPUWatchpoint *wp,
670 /* We know the lengths are non-zero, but a little caution is
671 * required to avoid errors in the case where the range ends
672 * exactly at the top of the address space and so addr + len
673 * wraps round to zero.
675 vaddr wpend = wp->vaddr + wp->len - 1;
676 vaddr addrend = addr + len - 1;
678 return !(addr > wpend || wp->vaddr > addrend);
683 /* Add a breakpoint. */
684 int cpu_breakpoint_insert(CPUState *cpu, vaddr pc, int flags,
685 CPUBreakpoint **breakpoint)
687 #if defined(TARGET_HAS_ICE)
690 bp = g_malloc(sizeof(*bp));
695 /* keep all GDB-injected breakpoints in front */
696 if (flags & BP_GDB) {
697 QTAILQ_INSERT_HEAD(&cpu->breakpoints, bp, entry);
699 QTAILQ_INSERT_TAIL(&cpu->breakpoints, bp, entry);
702 breakpoint_invalidate(cpu, pc);
713 /* Remove a specific breakpoint. */
714 int cpu_breakpoint_remove(CPUState *cpu, vaddr pc, int flags)
716 #if defined(TARGET_HAS_ICE)
719 QTAILQ_FOREACH(bp, &cpu->breakpoints, entry) {
720 if (bp->pc == pc && bp->flags == flags) {
721 cpu_breakpoint_remove_by_ref(cpu, bp);
731 /* Remove a specific breakpoint by reference. */
732 void cpu_breakpoint_remove_by_ref(CPUState *cpu, CPUBreakpoint *breakpoint)
734 #if defined(TARGET_HAS_ICE)
735 QTAILQ_REMOVE(&cpu->breakpoints, breakpoint, entry);
737 breakpoint_invalidate(cpu, breakpoint->pc);
743 /* Remove all matching breakpoints. */
744 void cpu_breakpoint_remove_all(CPUState *cpu, int mask)
746 #if defined(TARGET_HAS_ICE)
747 CPUBreakpoint *bp, *next;
749 QTAILQ_FOREACH_SAFE(bp, &cpu->breakpoints, entry, next) {
750 if (bp->flags & mask) {
751 cpu_breakpoint_remove_by_ref(cpu, bp);
757 /* enable or disable single step mode. EXCP_DEBUG is returned by the
758 CPU loop after each instruction */
759 void cpu_single_step(CPUState *cpu, int enabled)
761 #if defined(TARGET_HAS_ICE)
762 if (cpu->singlestep_enabled != enabled) {
763 cpu->singlestep_enabled = enabled;
765 kvm_update_guest_debug(cpu, 0);
767 /* must flush all the translated code to avoid inconsistencies */
768 /* XXX: only flush what is necessary */
769 CPUArchState *env = cpu->env_ptr;
776 void cpu_abort(CPUState *cpu, const char *fmt, ...)
783 fprintf(stderr, "qemu: fatal: ");
784 vfprintf(stderr, fmt, ap);
785 fprintf(stderr, "\n");
786 cpu_dump_state(cpu, stderr, fprintf, CPU_DUMP_FPU | CPU_DUMP_CCOP);
787 if (qemu_log_enabled()) {
788 qemu_log("qemu: fatal: ");
789 qemu_log_vprintf(fmt, ap2);
791 log_cpu_state(cpu, CPU_DUMP_FPU | CPU_DUMP_CCOP);
797 #if defined(CONFIG_USER_ONLY)
799 struct sigaction act;
800 sigfillset(&act.sa_mask);
801 act.sa_handler = SIG_DFL;
802 sigaction(SIGABRT, &act, NULL);
808 #if !defined(CONFIG_USER_ONLY)
809 static RAMBlock *qemu_get_ram_block(ram_addr_t addr)
813 /* The list is protected by the iothread lock here. */
814 block = ram_list.mru_block;
815 if (block && addr - block->offset < block->length) {
818 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
819 if (addr - block->offset < block->length) {
824 fprintf(stderr, "Bad ram offset %" PRIx64 "\n", (uint64_t)addr);
828 ram_list.mru_block = block;
832 static void tlb_reset_dirty_range_all(ram_addr_t start, ram_addr_t length)
838 end = TARGET_PAGE_ALIGN(start + length);
839 start &= TARGET_PAGE_MASK;
841 block = qemu_get_ram_block(start);
842 assert(block == qemu_get_ram_block(end - 1));
843 start1 = (uintptr_t)block->host + (start - block->offset);
844 cpu_tlb_reset_dirty_all(start1, length);
847 /* Note: start and end must be within the same ram block. */
848 void cpu_physical_memory_reset_dirty(ram_addr_t start, ram_addr_t length,
853 cpu_physical_memory_clear_dirty_range(start, length, client);
856 tlb_reset_dirty_range_all(start, length);
860 static void cpu_physical_memory_set_dirty_tracking(bool enable)
862 in_migration = enable;
865 hwaddr memory_region_section_get_iotlb(CPUState *cpu,
866 MemoryRegionSection *section,
868 hwaddr paddr, hwaddr xlat,
870 target_ulong *address)
875 if (memory_region_is_ram(section->mr)) {
877 iotlb = (memory_region_get_ram_addr(section->mr) & TARGET_PAGE_MASK)
879 if (!section->readonly) {
880 iotlb |= PHYS_SECTION_NOTDIRTY;
882 iotlb |= PHYS_SECTION_ROM;
885 iotlb = section - section->address_space->dispatch->map.sections;
889 /* Make accesses to pages with watchpoints go via the
890 watchpoint trap routines. */
891 QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
892 if (cpu_watchpoint_address_matches(wp, vaddr, TARGET_PAGE_SIZE)) {
893 /* Avoid trapping reads of pages with a write breakpoint. */
894 if ((prot & PAGE_WRITE) || (wp->flags & BP_MEM_READ)) {
895 iotlb = PHYS_SECTION_WATCH + paddr;
896 *address |= TLB_MMIO;
904 #endif /* defined(CONFIG_USER_ONLY) */
906 #if !defined(CONFIG_USER_ONLY)
908 static int subpage_register (subpage_t *mmio, uint32_t start, uint32_t end,
910 static subpage_t *subpage_init(AddressSpace *as, hwaddr base);
912 static void *(*phys_mem_alloc)(size_t size) = qemu_anon_ram_alloc;
915 * Set a custom physical guest memory alloator.
916 * Accelerators with unusual needs may need this. Hopefully, we can
917 * get rid of it eventually.
919 void phys_mem_set_alloc(void *(*alloc)(size_t))
921 phys_mem_alloc = alloc;
924 static uint16_t phys_section_add(PhysPageMap *map,
925 MemoryRegionSection *section)
927 /* The physical section number is ORed with a page-aligned
928 * pointer to produce the iotlb entries. Thus it should
929 * never overflow into the page-aligned value.
931 assert(map->sections_nb < TARGET_PAGE_SIZE);
933 if (map->sections_nb == map->sections_nb_alloc) {
934 map->sections_nb_alloc = MAX(map->sections_nb_alloc * 2, 16);
935 map->sections = g_renew(MemoryRegionSection, map->sections,
936 map->sections_nb_alloc);
938 map->sections[map->sections_nb] = *section;
939 memory_region_ref(section->mr);
940 return map->sections_nb++;
943 static void phys_section_destroy(MemoryRegion *mr)
945 memory_region_unref(mr);
948 subpage_t *subpage = container_of(mr, subpage_t, iomem);
949 object_unref(OBJECT(&subpage->iomem));
954 static void phys_sections_free(PhysPageMap *map)
956 while (map->sections_nb > 0) {
957 MemoryRegionSection *section = &map->sections[--map->sections_nb];
958 phys_section_destroy(section->mr);
960 g_free(map->sections);
964 static void register_subpage(AddressSpaceDispatch *d, MemoryRegionSection *section)
967 hwaddr base = section->offset_within_address_space
969 MemoryRegionSection *existing = phys_page_find(d->phys_map, base,
970 d->map.nodes, d->map.sections);
971 MemoryRegionSection subsection = {
972 .offset_within_address_space = base,
973 .size = int128_make64(TARGET_PAGE_SIZE),
977 assert(existing->mr->subpage || existing->mr == &io_mem_unassigned);
979 if (!(existing->mr->subpage)) {
980 subpage = subpage_init(d->as, base);
981 subsection.address_space = d->as;
982 subsection.mr = &subpage->iomem;
983 phys_page_set(d, base >> TARGET_PAGE_BITS, 1,
984 phys_section_add(&d->map, &subsection));
986 subpage = container_of(existing->mr, subpage_t, iomem);
988 start = section->offset_within_address_space & ~TARGET_PAGE_MASK;
989 end = start + int128_get64(section->size) - 1;
990 subpage_register(subpage, start, end,
991 phys_section_add(&d->map, section));
995 static void register_multipage(AddressSpaceDispatch *d,
996 MemoryRegionSection *section)
998 hwaddr start_addr = section->offset_within_address_space;
999 uint16_t section_index = phys_section_add(&d->map, section);
1000 uint64_t num_pages = int128_get64(int128_rshift(section->size,
1004 phys_page_set(d, start_addr >> TARGET_PAGE_BITS, num_pages, section_index);
1007 static void mem_add(MemoryListener *listener, MemoryRegionSection *section)
1009 AddressSpace *as = container_of(listener, AddressSpace, dispatch_listener);
1010 AddressSpaceDispatch *d = as->next_dispatch;
1011 MemoryRegionSection now = *section, remain = *section;
1012 Int128 page_size = int128_make64(TARGET_PAGE_SIZE);
1014 if (now.offset_within_address_space & ~TARGET_PAGE_MASK) {
1015 uint64_t left = TARGET_PAGE_ALIGN(now.offset_within_address_space)
1016 - now.offset_within_address_space;
1018 now.size = int128_min(int128_make64(left), now.size);
1019 register_subpage(d, &now);
1021 now.size = int128_zero();
1023 while (int128_ne(remain.size, now.size)) {
1024 remain.size = int128_sub(remain.size, now.size);
1025 remain.offset_within_address_space += int128_get64(now.size);
1026 remain.offset_within_region += int128_get64(now.size);
1028 if (int128_lt(remain.size, page_size)) {
1029 register_subpage(d, &now);
1030 } else if (remain.offset_within_address_space & ~TARGET_PAGE_MASK) {
1031 now.size = page_size;
1032 register_subpage(d, &now);
1034 now.size = int128_and(now.size, int128_neg(page_size));
1035 register_multipage(d, &now);
1040 void qemu_flush_coalesced_mmio_buffer(void)
1043 kvm_flush_coalesced_mmio_buffer();
1046 void qemu_mutex_lock_ramlist(void)
1048 qemu_mutex_lock(&ram_list.mutex);
1051 void qemu_mutex_unlock_ramlist(void)
1053 qemu_mutex_unlock(&ram_list.mutex);
1058 #include <sys/vfs.h>
1060 #define HUGETLBFS_MAGIC 0x958458f6
1062 static long gethugepagesize(const char *path, Error **errp)
1068 ret = statfs(path, &fs);
1069 } while (ret != 0 && errno == EINTR);
1072 error_setg_errno(errp, errno, "failed to get page size of file %s",
1077 if (fs.f_type != HUGETLBFS_MAGIC)
1078 fprintf(stderr, "Warning: path not on HugeTLBFS: %s\n", path);
1083 static void *file_ram_alloc(RAMBlock *block,
1089 char *sanitized_name;
1094 Error *local_err = NULL;
1096 hpagesize = gethugepagesize(path, &local_err);
1098 error_propagate(errp, local_err);
1102 if (memory < hpagesize) {
1103 error_setg(errp, "memory size 0x" RAM_ADDR_FMT " must be equal to "
1104 "or larger than huge page size 0x%" PRIx64,
1109 if (kvm_enabled() && !kvm_has_sync_mmu()) {
1111 "host lacks kvm mmu notifiers, -mem-path unsupported");
1115 /* Make name safe to use with mkstemp by replacing '/' with '_'. */
1116 sanitized_name = g_strdup(memory_region_name(block->mr));
1117 for (c = sanitized_name; *c != '\0'; c++) {
1122 filename = g_strdup_printf("%s/qemu_back_mem.%s.XXXXXX", path,
1124 g_free(sanitized_name);
1126 fd = mkstemp(filename);
1128 error_setg_errno(errp, errno,
1129 "unable to create backing store for hugepages");
1136 memory = (memory+hpagesize-1) & ~(hpagesize-1);
1139 * ftruncate is not supported by hugetlbfs in older
1140 * hosts, so don't bother bailing out on errors.
1141 * If anything goes wrong with it under other filesystems,
1144 if (ftruncate(fd, memory)) {
1145 perror("ftruncate");
1148 area = mmap(0, memory, PROT_READ | PROT_WRITE,
1149 (block->flags & RAM_SHARED ? MAP_SHARED : MAP_PRIVATE),
1151 if (area == MAP_FAILED) {
1152 error_setg_errno(errp, errno,
1153 "unable to map backing store for hugepages");
1159 os_mem_prealloc(fd, area, memory);
1167 error_report("%s\n", error_get_pretty(*errp));
1174 static ram_addr_t find_ram_offset(ram_addr_t size)
1176 RAMBlock *block, *next_block;
1177 ram_addr_t offset = RAM_ADDR_MAX, mingap = RAM_ADDR_MAX;
1179 assert(size != 0); /* it would hand out same offset multiple times */
1181 if (QTAILQ_EMPTY(&ram_list.blocks))
1184 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1185 ram_addr_t end, next = RAM_ADDR_MAX;
1187 end = block->offset + block->length;
1189 QTAILQ_FOREACH(next_block, &ram_list.blocks, next) {
1190 if (next_block->offset >= end) {
1191 next = MIN(next, next_block->offset);
1194 if (next - end >= size && next - end < mingap) {
1196 mingap = next - end;
1200 if (offset == RAM_ADDR_MAX) {
1201 fprintf(stderr, "Failed to find gap of requested size: %" PRIu64 "\n",
1209 ram_addr_t last_ram_offset(void)
1212 ram_addr_t last = 0;
1214 QTAILQ_FOREACH(block, &ram_list.blocks, next)
1215 last = MAX(last, block->offset + block->length);
1220 static void qemu_ram_setup_dump(void *addr, ram_addr_t size)
1224 /* Use MADV_DONTDUMP, if user doesn't want the guest memory in the core */
1225 if (!qemu_opt_get_bool(qemu_get_machine_opts(),
1226 "dump-guest-core", true)) {
1227 ret = qemu_madvise(addr, size, QEMU_MADV_DONTDUMP);
1229 perror("qemu_madvise");
1230 fprintf(stderr, "madvise doesn't support MADV_DONTDUMP, "
1231 "but dump_guest_core=off specified\n");
1236 static RAMBlock *find_ram_block(ram_addr_t addr)
1240 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1241 if (block->offset == addr) {
1249 void qemu_ram_set_idstr(ram_addr_t addr, const char *name, DeviceState *dev)
1251 RAMBlock *new_block = find_ram_block(addr);
1255 assert(!new_block->idstr[0]);
1258 char *id = qdev_get_dev_path(dev);
1260 snprintf(new_block->idstr, sizeof(new_block->idstr), "%s/", id);
1264 pstrcat(new_block->idstr, sizeof(new_block->idstr), name);
1266 /* This assumes the iothread lock is taken here too. */
1267 qemu_mutex_lock_ramlist();
1268 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1269 if (block != new_block && !strcmp(block->idstr, new_block->idstr)) {
1270 fprintf(stderr, "RAMBlock \"%s\" already registered, abort!\n",
1275 qemu_mutex_unlock_ramlist();
1278 void qemu_ram_unset_idstr(ram_addr_t addr)
1280 RAMBlock *block = find_ram_block(addr);
1283 memset(block->idstr, 0, sizeof(block->idstr));
1287 static int memory_try_enable_merging(void *addr, size_t len)
1289 if (!qemu_opt_get_bool(qemu_get_machine_opts(), "mem-merge", true)) {
1290 /* disabled by the user */
1294 return qemu_madvise(addr, len, QEMU_MADV_MERGEABLE);
1297 static ram_addr_t ram_block_add(RAMBlock *new_block, Error **errp)
1300 ram_addr_t old_ram_size, new_ram_size;
1302 old_ram_size = last_ram_offset() >> TARGET_PAGE_BITS;
1304 /* This assumes the iothread lock is taken here too. */
1305 qemu_mutex_lock_ramlist();
1306 new_block->offset = find_ram_offset(new_block->length);
1308 if (!new_block->host) {
1309 if (xen_enabled()) {
1310 xen_ram_alloc(new_block->offset, new_block->length, new_block->mr);
1312 new_block->host = phys_mem_alloc(new_block->length);
1313 if (!new_block->host) {
1314 error_setg_errno(errp, errno,
1315 "cannot set up guest memory '%s'",
1316 memory_region_name(new_block->mr));
1317 qemu_mutex_unlock_ramlist();
1320 memory_try_enable_merging(new_block->host, new_block->length);
1324 /* Keep the list sorted from biggest to smallest block. */
1325 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1326 if (block->length < new_block->length) {
1331 QTAILQ_INSERT_BEFORE(block, new_block, next);
1333 QTAILQ_INSERT_TAIL(&ram_list.blocks, new_block, next);
1335 ram_list.mru_block = NULL;
1338 qemu_mutex_unlock_ramlist();
1340 new_ram_size = last_ram_offset() >> TARGET_PAGE_BITS;
1342 if (new_ram_size > old_ram_size) {
1344 for (i = 0; i < DIRTY_MEMORY_NUM; i++) {
1345 ram_list.dirty_memory[i] =
1346 bitmap_zero_extend(ram_list.dirty_memory[i],
1347 old_ram_size, new_ram_size);
1350 cpu_physical_memory_set_dirty_range(new_block->offset, new_block->length);
1352 qemu_ram_setup_dump(new_block->host, new_block->length);
1353 qemu_madvise(new_block->host, new_block->length, QEMU_MADV_HUGEPAGE);
1354 qemu_madvise(new_block->host, new_block->length, QEMU_MADV_DONTFORK);
1356 if (kvm_enabled()) {
1357 kvm_setup_guest_memory(new_block->host, new_block->length);
1360 return new_block->offset;
1364 ram_addr_t qemu_ram_alloc_from_file(ram_addr_t size, MemoryRegion *mr,
1365 bool share, const char *mem_path,
1368 RAMBlock *new_block;
1370 Error *local_err = NULL;
1372 if (xen_enabled()) {
1373 error_setg(errp, "-mem-path not supported with Xen");
1377 if (phys_mem_alloc != qemu_anon_ram_alloc) {
1379 * file_ram_alloc() needs to allocate just like
1380 * phys_mem_alloc, but we haven't bothered to provide
1384 "-mem-path not supported with this accelerator");
1388 size = TARGET_PAGE_ALIGN(size);
1389 new_block = g_malloc0(sizeof(*new_block));
1391 new_block->length = size;
1392 new_block->flags = share ? RAM_SHARED : 0;
1393 new_block->host = file_ram_alloc(new_block, size,
1395 if (!new_block->host) {
1400 addr = ram_block_add(new_block, &local_err);
1403 error_propagate(errp, local_err);
1410 ram_addr_t qemu_ram_alloc_from_ptr(ram_addr_t size, void *host,
1411 MemoryRegion *mr, Error **errp)
1413 RAMBlock *new_block;
1415 Error *local_err = NULL;
1417 size = TARGET_PAGE_ALIGN(size);
1418 new_block = g_malloc0(sizeof(*new_block));
1420 new_block->length = size;
1422 new_block->host = host;
1424 new_block->flags |= RAM_PREALLOC;
1426 addr = ram_block_add(new_block, &local_err);
1429 error_propagate(errp, local_err);
1435 ram_addr_t qemu_ram_alloc(ram_addr_t size, MemoryRegion *mr, Error **errp)
1437 return qemu_ram_alloc_from_ptr(size, NULL, mr, errp);
1440 void qemu_ram_free_from_ptr(ram_addr_t addr)
1444 /* This assumes the iothread lock is taken here too. */
1445 qemu_mutex_lock_ramlist();
1446 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1447 if (addr == block->offset) {
1448 QTAILQ_REMOVE(&ram_list.blocks, block, next);
1449 ram_list.mru_block = NULL;
1455 qemu_mutex_unlock_ramlist();
1458 void qemu_ram_free(ram_addr_t addr)
1462 /* This assumes the iothread lock is taken here too. */
1463 qemu_mutex_lock_ramlist();
1464 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1465 if (addr == block->offset) {
1466 QTAILQ_REMOVE(&ram_list.blocks, block, next);
1467 ram_list.mru_block = NULL;
1469 if (block->flags & RAM_PREALLOC) {
1471 } else if (xen_enabled()) {
1472 xen_invalidate_map_cache_entry(block->host);
1474 } else if (block->fd >= 0) {
1475 munmap(block->host, block->length);
1479 qemu_anon_ram_free(block->host, block->length);
1485 qemu_mutex_unlock_ramlist();
1490 void qemu_ram_remap(ram_addr_t addr, ram_addr_t length)
1497 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1498 offset = addr - block->offset;
1499 if (offset < block->length) {
1500 vaddr = block->host + offset;
1501 if (block->flags & RAM_PREALLOC) {
1503 } else if (xen_enabled()) {
1507 munmap(vaddr, length);
1508 if (block->fd >= 0) {
1509 flags |= (block->flags & RAM_SHARED ?
1510 MAP_SHARED : MAP_PRIVATE);
1511 area = mmap(vaddr, length, PROT_READ | PROT_WRITE,
1512 flags, block->fd, offset);
1515 * Remap needs to match alloc. Accelerators that
1516 * set phys_mem_alloc never remap. If they did,
1517 * we'd need a remap hook here.
1519 assert(phys_mem_alloc == qemu_anon_ram_alloc);
1521 flags |= MAP_PRIVATE | MAP_ANONYMOUS;
1522 area = mmap(vaddr, length, PROT_READ | PROT_WRITE,
1525 if (area != vaddr) {
1526 fprintf(stderr, "Could not remap addr: "
1527 RAM_ADDR_FMT "@" RAM_ADDR_FMT "\n",
1531 memory_try_enable_merging(vaddr, length);
1532 qemu_ram_setup_dump(vaddr, length);
1538 #endif /* !_WIN32 */
1540 int qemu_get_ram_fd(ram_addr_t addr)
1542 RAMBlock *block = qemu_get_ram_block(addr);
1547 void *qemu_get_ram_block_host_ptr(ram_addr_t addr)
1549 RAMBlock *block = qemu_get_ram_block(addr);
1554 /* Return a host pointer to ram allocated with qemu_ram_alloc.
1555 With the exception of the softmmu code in this file, this should
1556 only be used for local memory (e.g. video ram) that the device owns,
1557 and knows it isn't going to access beyond the end of the block.
1559 It should not be used for general purpose DMA.
1560 Use cpu_physical_memory_map/cpu_physical_memory_rw instead.
1562 void *qemu_get_ram_ptr(ram_addr_t addr)
1564 RAMBlock *block = qemu_get_ram_block(addr);
1566 if (xen_enabled()) {
1567 /* We need to check if the requested address is in the RAM
1568 * because we don't want to map the entire memory in QEMU.
1569 * In that case just map until the end of the page.
1571 if (block->offset == 0) {
1572 return xen_map_cache(addr, 0, 0);
1573 } else if (block->host == NULL) {
1575 xen_map_cache(block->offset, block->length, 1);
1578 return block->host + (addr - block->offset);
1581 /* Return a host pointer to guest's ram. Similar to qemu_get_ram_ptr
1582 * but takes a size argument */
1583 static void *qemu_ram_ptr_length(ram_addr_t addr, hwaddr *size)
1588 if (xen_enabled()) {
1589 return xen_map_cache(addr, *size, 1);
1593 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1594 if (addr - block->offset < block->length) {
1595 if (addr - block->offset + *size > block->length)
1596 *size = block->length - addr + block->offset;
1597 return block->host + (addr - block->offset);
1601 fprintf(stderr, "Bad ram offset %" PRIx64 "\n", (uint64_t)addr);
1606 /* Some of the softmmu routines need to translate from a host pointer
1607 (typically a TLB entry) back to a ram offset. */
1608 MemoryRegion *qemu_ram_addr_from_host(void *ptr, ram_addr_t *ram_addr)
1611 uint8_t *host = ptr;
1613 if (xen_enabled()) {
1614 *ram_addr = xen_ram_addr_from_mapcache(ptr);
1615 return qemu_get_ram_block(*ram_addr)->mr;
1618 block = ram_list.mru_block;
1619 if (block && block->host && host - block->host < block->length) {
1623 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1624 /* This case append when the block is not mapped. */
1625 if (block->host == NULL) {
1628 if (host - block->host < block->length) {
1636 *ram_addr = block->offset + (host - block->host);
1640 static void notdirty_mem_write(void *opaque, hwaddr ram_addr,
1641 uint64_t val, unsigned size)
1643 if (!cpu_physical_memory_get_dirty_flag(ram_addr, DIRTY_MEMORY_CODE)) {
1644 tb_invalidate_phys_page_fast(ram_addr, size);
1648 stb_p(qemu_get_ram_ptr(ram_addr), val);
1651 stw_p(qemu_get_ram_ptr(ram_addr), val);
1654 stl_p(qemu_get_ram_ptr(ram_addr), val);
1659 cpu_physical_memory_set_dirty_range_nocode(ram_addr, size);
1660 /* we remove the notdirty callback only if the code has been
1662 if (!cpu_physical_memory_is_clean(ram_addr)) {
1663 CPUArchState *env = current_cpu->env_ptr;
1664 tlb_set_dirty(env, current_cpu->mem_io_vaddr);
1668 static bool notdirty_mem_accepts(void *opaque, hwaddr addr,
1669 unsigned size, bool is_write)
1674 static const MemoryRegionOps notdirty_mem_ops = {
1675 .write = notdirty_mem_write,
1676 .valid.accepts = notdirty_mem_accepts,
1677 .endianness = DEVICE_NATIVE_ENDIAN,
1680 /* Generate a debug exception if a watchpoint has been hit. */
1681 static void check_watchpoint(int offset, int len, int flags)
1683 CPUState *cpu = current_cpu;
1684 CPUArchState *env = cpu->env_ptr;
1685 target_ulong pc, cs_base;
1690 if (cpu->watchpoint_hit) {
1691 /* We re-entered the check after replacing the TB. Now raise
1692 * the debug interrupt so that is will trigger after the
1693 * current instruction. */
1694 cpu_interrupt(cpu, CPU_INTERRUPT_DEBUG);
1697 vaddr = (cpu->mem_io_vaddr & TARGET_PAGE_MASK) + offset;
1698 QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
1699 if (cpu_watchpoint_address_matches(wp, vaddr, len)
1700 && (wp->flags & flags)) {
1701 if (flags == BP_MEM_READ) {
1702 wp->flags |= BP_WATCHPOINT_HIT_READ;
1704 wp->flags |= BP_WATCHPOINT_HIT_WRITE;
1706 wp->hitaddr = vaddr;
1707 if (!cpu->watchpoint_hit) {
1708 cpu->watchpoint_hit = wp;
1709 tb_check_watchpoint(cpu);
1710 if (wp->flags & BP_STOP_BEFORE_ACCESS) {
1711 cpu->exception_index = EXCP_DEBUG;
1714 cpu_get_tb_cpu_state(env, &pc, &cs_base, &cpu_flags);
1715 tb_gen_code(cpu, pc, cs_base, cpu_flags, 1);
1716 cpu_resume_from_signal(cpu, NULL);
1720 wp->flags &= ~BP_WATCHPOINT_HIT;
1725 /* Watchpoint access routines. Watchpoints are inserted using TLB tricks,
1726 so these check for a hit then pass through to the normal out-of-line
1728 static uint64_t watch_mem_read(void *opaque, hwaddr addr,
1731 check_watchpoint(addr & ~TARGET_PAGE_MASK, size, BP_MEM_READ);
1733 case 1: return ldub_phys(&address_space_memory, addr);
1734 case 2: return lduw_phys(&address_space_memory, addr);
1735 case 4: return ldl_phys(&address_space_memory, addr);
1740 static void watch_mem_write(void *opaque, hwaddr addr,
1741 uint64_t val, unsigned size)
1743 check_watchpoint(addr & ~TARGET_PAGE_MASK, size, BP_MEM_WRITE);
1746 stb_phys(&address_space_memory, addr, val);
1749 stw_phys(&address_space_memory, addr, val);
1752 stl_phys(&address_space_memory, addr, val);
1758 static const MemoryRegionOps watch_mem_ops = {
1759 .read = watch_mem_read,
1760 .write = watch_mem_write,
1761 .endianness = DEVICE_NATIVE_ENDIAN,
1764 static uint64_t subpage_read(void *opaque, hwaddr addr,
1767 subpage_t *subpage = opaque;
1770 #if defined(DEBUG_SUBPAGE)
1771 printf("%s: subpage %p len %u addr " TARGET_FMT_plx "\n", __func__,
1772 subpage, len, addr);
1774 address_space_read(subpage->as, addr + subpage->base, buf, len);
1787 static void subpage_write(void *opaque, hwaddr addr,
1788 uint64_t value, unsigned len)
1790 subpage_t *subpage = opaque;
1793 #if defined(DEBUG_SUBPAGE)
1794 printf("%s: subpage %p len %u addr " TARGET_FMT_plx
1795 " value %"PRIx64"\n",
1796 __func__, subpage, len, addr, value);
1811 address_space_write(subpage->as, addr + subpage->base, buf, len);
1814 static bool subpage_accepts(void *opaque, hwaddr addr,
1815 unsigned len, bool is_write)
1817 subpage_t *subpage = opaque;
1818 #if defined(DEBUG_SUBPAGE)
1819 printf("%s: subpage %p %c len %u addr " TARGET_FMT_plx "\n",
1820 __func__, subpage, is_write ? 'w' : 'r', len, addr);
1823 return address_space_access_valid(subpage->as, addr + subpage->base,
1827 static const MemoryRegionOps subpage_ops = {
1828 .read = subpage_read,
1829 .write = subpage_write,
1830 .valid.accepts = subpage_accepts,
1831 .endianness = DEVICE_NATIVE_ENDIAN,
1834 static int subpage_register (subpage_t *mmio, uint32_t start, uint32_t end,
1839 if (start >= TARGET_PAGE_SIZE || end >= TARGET_PAGE_SIZE)
1841 idx = SUBPAGE_IDX(start);
1842 eidx = SUBPAGE_IDX(end);
1843 #if defined(DEBUG_SUBPAGE)
1844 printf("%s: %p start %08x end %08x idx %08x eidx %08x section %d\n",
1845 __func__, mmio, start, end, idx, eidx, section);
1847 for (; idx <= eidx; idx++) {
1848 mmio->sub_section[idx] = section;
1854 static subpage_t *subpage_init(AddressSpace *as, hwaddr base)
1858 mmio = g_malloc0(sizeof(subpage_t));
1862 memory_region_init_io(&mmio->iomem, NULL, &subpage_ops, mmio,
1863 NULL, TARGET_PAGE_SIZE);
1864 mmio->iomem.subpage = true;
1865 #if defined(DEBUG_SUBPAGE)
1866 printf("%s: %p base " TARGET_FMT_plx " len %08x\n", __func__,
1867 mmio, base, TARGET_PAGE_SIZE);
1869 subpage_register(mmio, 0, TARGET_PAGE_SIZE-1, PHYS_SECTION_UNASSIGNED);
1874 static uint16_t dummy_section(PhysPageMap *map, AddressSpace *as,
1878 MemoryRegionSection section = {
1879 .address_space = as,
1881 .offset_within_address_space = 0,
1882 .offset_within_region = 0,
1883 .size = int128_2_64(),
1886 return phys_section_add(map, §ion);
1889 MemoryRegion *iotlb_to_region(AddressSpace *as, hwaddr index)
1891 return as->dispatch->map.sections[index & ~TARGET_PAGE_MASK].mr;
1894 static void io_mem_init(void)
1896 memory_region_init_io(&io_mem_rom, NULL, &unassigned_mem_ops, NULL, NULL, UINT64_MAX);
1897 memory_region_init_io(&io_mem_unassigned, NULL, &unassigned_mem_ops, NULL,
1899 memory_region_init_io(&io_mem_notdirty, NULL, ¬dirty_mem_ops, NULL,
1901 memory_region_init_io(&io_mem_watch, NULL, &watch_mem_ops, NULL,
1905 static void mem_begin(MemoryListener *listener)
1907 AddressSpace *as = container_of(listener, AddressSpace, dispatch_listener);
1908 AddressSpaceDispatch *d = g_new0(AddressSpaceDispatch, 1);
1911 n = dummy_section(&d->map, as, &io_mem_unassigned);
1912 assert(n == PHYS_SECTION_UNASSIGNED);
1913 n = dummy_section(&d->map, as, &io_mem_notdirty);
1914 assert(n == PHYS_SECTION_NOTDIRTY);
1915 n = dummy_section(&d->map, as, &io_mem_rom);
1916 assert(n == PHYS_SECTION_ROM);
1917 n = dummy_section(&d->map, as, &io_mem_watch);
1918 assert(n == PHYS_SECTION_WATCH);
1920 d->phys_map = (PhysPageEntry) { .ptr = PHYS_MAP_NODE_NIL, .skip = 1 };
1922 as->next_dispatch = d;
1925 static void mem_commit(MemoryListener *listener)
1927 AddressSpace *as = container_of(listener, AddressSpace, dispatch_listener);
1928 AddressSpaceDispatch *cur = as->dispatch;
1929 AddressSpaceDispatch *next = as->next_dispatch;
1931 phys_page_compact_all(next, next->map.nodes_nb);
1933 as->dispatch = next;
1936 phys_sections_free(&cur->map);
1941 static void tcg_commit(MemoryListener *listener)
1945 /* since each CPU stores ram addresses in its TLB cache, we must
1946 reset the modified entries */
1949 /* FIXME: Disentangle the cpu.h circular files deps so we can
1950 directly get the right CPU from listener. */
1951 if (cpu->tcg_as_listener != listener) {
1958 static void core_log_global_start(MemoryListener *listener)
1960 cpu_physical_memory_set_dirty_tracking(true);
1963 static void core_log_global_stop(MemoryListener *listener)
1965 cpu_physical_memory_set_dirty_tracking(false);
1968 static MemoryListener core_memory_listener = {
1969 .log_global_start = core_log_global_start,
1970 .log_global_stop = core_log_global_stop,
1974 void address_space_init_dispatch(AddressSpace *as)
1976 as->dispatch = NULL;
1977 as->dispatch_listener = (MemoryListener) {
1979 .commit = mem_commit,
1980 .region_add = mem_add,
1981 .region_nop = mem_add,
1984 memory_listener_register(&as->dispatch_listener, as);
1987 void address_space_destroy_dispatch(AddressSpace *as)
1989 AddressSpaceDispatch *d = as->dispatch;
1991 memory_listener_unregister(&as->dispatch_listener);
1993 as->dispatch = NULL;
1996 static void memory_map_init(void)
1998 system_memory = g_malloc(sizeof(*system_memory));
2000 memory_region_init(system_memory, NULL, "system", UINT64_MAX);
2001 address_space_init(&address_space_memory, system_memory, "memory");
2003 system_io = g_malloc(sizeof(*system_io));
2004 memory_region_init_io(system_io, NULL, &unassigned_io_ops, NULL, "io",
2006 address_space_init(&address_space_io, system_io, "I/O");
2008 memory_listener_register(&core_memory_listener, &address_space_memory);
2011 MemoryRegion *get_system_memory(void)
2013 return system_memory;
2016 MemoryRegion *get_system_io(void)
2021 #endif /* !defined(CONFIG_USER_ONLY) */
2023 /* physical memory access (slow version, mainly for debug) */
2024 #if defined(CONFIG_USER_ONLY)
2025 int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
2026 uint8_t *buf, int len, int is_write)
2033 page = addr & TARGET_PAGE_MASK;
2034 l = (page + TARGET_PAGE_SIZE) - addr;
2037 flags = page_get_flags(page);
2038 if (!(flags & PAGE_VALID))
2041 if (!(flags & PAGE_WRITE))
2043 /* XXX: this code should not depend on lock_user */
2044 if (!(p = lock_user(VERIFY_WRITE, addr, l, 0)))
2047 unlock_user(p, addr, l);
2049 if (!(flags & PAGE_READ))
2051 /* XXX: this code should not depend on lock_user */
2052 if (!(p = lock_user(VERIFY_READ, addr, l, 1)))
2055 unlock_user(p, addr, 0);
2066 static void invalidate_and_set_dirty(hwaddr addr,
2069 if (cpu_physical_memory_range_includes_clean(addr, length)) {
2070 tb_invalidate_phys_range(addr, addr + length, 0);
2071 cpu_physical_memory_set_dirty_range_nocode(addr, length);
2073 xen_modified_memory(addr, length);
2076 static int memory_access_size(MemoryRegion *mr, unsigned l, hwaddr addr)
2078 unsigned access_size_max = mr->ops->valid.max_access_size;
2080 /* Regions are assumed to support 1-4 byte accesses unless
2081 otherwise specified. */
2082 if (access_size_max == 0) {
2083 access_size_max = 4;
2086 /* Bound the maximum access by the alignment of the address. */
2087 if (!mr->ops->impl.unaligned) {
2088 unsigned align_size_max = addr & -addr;
2089 if (align_size_max != 0 && align_size_max < access_size_max) {
2090 access_size_max = align_size_max;
2094 /* Don't attempt accesses larger than the maximum. */
2095 if (l > access_size_max) {
2096 l = access_size_max;
2099 l = 1 << (qemu_fls(l) - 1);
2105 bool address_space_rw(AddressSpace *as, hwaddr addr, uint8_t *buf,
2106 int len, bool is_write)
2117 mr = address_space_translate(as, addr, &addr1, &l, is_write);
2120 if (!memory_access_is_direct(mr, is_write)) {
2121 l = memory_access_size(mr, l, addr1);
2122 /* XXX: could force current_cpu to NULL to avoid
2126 /* 64 bit write access */
2128 error |= io_mem_write(mr, addr1, val, 8);
2131 /* 32 bit write access */
2133 error |= io_mem_write(mr, addr1, val, 4);
2136 /* 16 bit write access */
2138 error |= io_mem_write(mr, addr1, val, 2);
2141 /* 8 bit write access */
2143 error |= io_mem_write(mr, addr1, val, 1);
2149 addr1 += memory_region_get_ram_addr(mr);
2151 ptr = qemu_get_ram_ptr(addr1);
2152 memcpy(ptr, buf, l);
2153 invalidate_and_set_dirty(addr1, l);
2156 if (!memory_access_is_direct(mr, is_write)) {
2158 l = memory_access_size(mr, l, addr1);
2161 /* 64 bit read access */
2162 error |= io_mem_read(mr, addr1, &val, 8);
2166 /* 32 bit read access */
2167 error |= io_mem_read(mr, addr1, &val, 4);
2171 /* 16 bit read access */
2172 error |= io_mem_read(mr, addr1, &val, 2);
2176 /* 8 bit read access */
2177 error |= io_mem_read(mr, addr1, &val, 1);
2185 ptr = qemu_get_ram_ptr(mr->ram_addr + addr1);
2186 memcpy(buf, ptr, l);
2197 bool address_space_write(AddressSpace *as, hwaddr addr,
2198 const uint8_t *buf, int len)
2200 return address_space_rw(as, addr, (uint8_t *)buf, len, true);
2203 bool address_space_read(AddressSpace *as, hwaddr addr, uint8_t *buf, int len)
2205 return address_space_rw(as, addr, buf, len, false);
2209 void cpu_physical_memory_rw(hwaddr addr, uint8_t *buf,
2210 int len, int is_write)
2212 address_space_rw(&address_space_memory, addr, buf, len, is_write);
2215 enum write_rom_type {
2220 static inline void cpu_physical_memory_write_rom_internal(AddressSpace *as,
2221 hwaddr addr, const uint8_t *buf, int len, enum write_rom_type type)
2230 mr = address_space_translate(as, addr, &addr1, &l, true);
2232 if (!(memory_region_is_ram(mr) ||
2233 memory_region_is_romd(mr))) {
2236 addr1 += memory_region_get_ram_addr(mr);
2238 ptr = qemu_get_ram_ptr(addr1);
2241 memcpy(ptr, buf, l);
2242 invalidate_and_set_dirty(addr1, l);
2245 flush_icache_range((uintptr_t)ptr, (uintptr_t)ptr + l);
2255 /* used for ROM loading : can write in RAM and ROM */
2256 void cpu_physical_memory_write_rom(AddressSpace *as, hwaddr addr,
2257 const uint8_t *buf, int len)
2259 cpu_physical_memory_write_rom_internal(as, addr, buf, len, WRITE_DATA);
2262 void cpu_flush_icache_range(hwaddr start, int len)
2265 * This function should do the same thing as an icache flush that was
2266 * triggered from within the guest. For TCG we are always cache coherent,
2267 * so there is no need to flush anything. For KVM / Xen we need to flush
2268 * the host's instruction cache at least.
2270 if (tcg_enabled()) {
2274 cpu_physical_memory_write_rom_internal(&address_space_memory,
2275 start, NULL, len, FLUSH_CACHE);
2285 static BounceBuffer bounce;
2287 typedef struct MapClient {
2289 void (*callback)(void *opaque);
2290 QLIST_ENTRY(MapClient) link;
2293 static QLIST_HEAD(map_client_list, MapClient) map_client_list
2294 = QLIST_HEAD_INITIALIZER(map_client_list);
2296 void *cpu_register_map_client(void *opaque, void (*callback)(void *opaque))
2298 MapClient *client = g_malloc(sizeof(*client));
2300 client->opaque = opaque;
2301 client->callback = callback;
2302 QLIST_INSERT_HEAD(&map_client_list, client, link);
2306 static void cpu_unregister_map_client(void *_client)
2308 MapClient *client = (MapClient *)_client;
2310 QLIST_REMOVE(client, link);
2314 static void cpu_notify_map_clients(void)
2318 while (!QLIST_EMPTY(&map_client_list)) {
2319 client = QLIST_FIRST(&map_client_list);
2320 client->callback(client->opaque);
2321 cpu_unregister_map_client(client);
2325 bool address_space_access_valid(AddressSpace *as, hwaddr addr, int len, bool is_write)
2332 mr = address_space_translate(as, addr, &xlat, &l, is_write);
2333 if (!memory_access_is_direct(mr, is_write)) {
2334 l = memory_access_size(mr, l, addr);
2335 if (!memory_region_access_valid(mr, xlat, l, is_write)) {
2346 /* Map a physical memory region into a host virtual address.
2347 * May map a subset of the requested range, given by and returned in *plen.
2348 * May return NULL if resources needed to perform the mapping are exhausted.
2349 * Use only for reads OR writes - not for read-modify-write operations.
2350 * Use cpu_register_map_client() to know when retrying the map operation is
2351 * likely to succeed.
2353 void *address_space_map(AddressSpace *as,
2360 hwaddr l, xlat, base;
2361 MemoryRegion *mr, *this_mr;
2369 mr = address_space_translate(as, addr, &xlat, &l, is_write);
2370 if (!memory_access_is_direct(mr, is_write)) {
2371 if (bounce.buffer) {
2374 /* Avoid unbounded allocations */
2375 l = MIN(l, TARGET_PAGE_SIZE);
2376 bounce.buffer = qemu_memalign(TARGET_PAGE_SIZE, l);
2380 memory_region_ref(mr);
2383 address_space_read(as, addr, bounce.buffer, l);
2387 return bounce.buffer;
2391 raddr = memory_region_get_ram_addr(mr);
2402 this_mr = address_space_translate(as, addr, &xlat, &l, is_write);
2403 if (this_mr != mr || xlat != base + done) {
2408 memory_region_ref(mr);
2410 return qemu_ram_ptr_length(raddr + base, plen);
2413 /* Unmaps a memory region previously mapped by address_space_map().
2414 * Will also mark the memory as dirty if is_write == 1. access_len gives
2415 * the amount of memory that was actually read or written by the caller.
2417 void address_space_unmap(AddressSpace *as, void *buffer, hwaddr len,
2418 int is_write, hwaddr access_len)
2420 if (buffer != bounce.buffer) {
2424 mr = qemu_ram_addr_from_host(buffer, &addr1);
2427 invalidate_and_set_dirty(addr1, access_len);
2429 if (xen_enabled()) {
2430 xen_invalidate_map_cache_entry(buffer);
2432 memory_region_unref(mr);
2436 address_space_write(as, bounce.addr, bounce.buffer, access_len);
2438 qemu_vfree(bounce.buffer);
2439 bounce.buffer = NULL;
2440 memory_region_unref(bounce.mr);
2441 cpu_notify_map_clients();
2444 void *cpu_physical_memory_map(hwaddr addr,
2448 return address_space_map(&address_space_memory, addr, plen, is_write);
2451 void cpu_physical_memory_unmap(void *buffer, hwaddr len,
2452 int is_write, hwaddr access_len)
2454 return address_space_unmap(&address_space_memory, buffer, len, is_write, access_len);
2457 /* warning: addr must be aligned */
2458 static inline uint32_t ldl_phys_internal(AddressSpace *as, hwaddr addr,
2459 enum device_endian endian)
2467 mr = address_space_translate(as, addr, &addr1, &l, false);
2468 if (l < 4 || !memory_access_is_direct(mr, false)) {
2470 io_mem_read(mr, addr1, &val, 4);
2471 #if defined(TARGET_WORDS_BIGENDIAN)
2472 if (endian == DEVICE_LITTLE_ENDIAN) {
2476 if (endian == DEVICE_BIG_ENDIAN) {
2482 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(mr)
2486 case DEVICE_LITTLE_ENDIAN:
2487 val = ldl_le_p(ptr);
2489 case DEVICE_BIG_ENDIAN:
2490 val = ldl_be_p(ptr);
2500 uint32_t ldl_phys(AddressSpace *as, hwaddr addr)
2502 return ldl_phys_internal(as, addr, DEVICE_NATIVE_ENDIAN);
2505 uint32_t ldl_le_phys(AddressSpace *as, hwaddr addr)
2507 return ldl_phys_internal(as, addr, DEVICE_LITTLE_ENDIAN);
2510 uint32_t ldl_be_phys(AddressSpace *as, hwaddr addr)
2512 return ldl_phys_internal(as, addr, DEVICE_BIG_ENDIAN);
2515 /* warning: addr must be aligned */
2516 static inline uint64_t ldq_phys_internal(AddressSpace *as, hwaddr addr,
2517 enum device_endian endian)
2525 mr = address_space_translate(as, addr, &addr1, &l,
2527 if (l < 8 || !memory_access_is_direct(mr, false)) {
2529 io_mem_read(mr, addr1, &val, 8);
2530 #if defined(TARGET_WORDS_BIGENDIAN)
2531 if (endian == DEVICE_LITTLE_ENDIAN) {
2535 if (endian == DEVICE_BIG_ENDIAN) {
2541 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(mr)
2545 case DEVICE_LITTLE_ENDIAN:
2546 val = ldq_le_p(ptr);
2548 case DEVICE_BIG_ENDIAN:
2549 val = ldq_be_p(ptr);
2559 uint64_t ldq_phys(AddressSpace *as, hwaddr addr)
2561 return ldq_phys_internal(as, addr, DEVICE_NATIVE_ENDIAN);
2564 uint64_t ldq_le_phys(AddressSpace *as, hwaddr addr)
2566 return ldq_phys_internal(as, addr, DEVICE_LITTLE_ENDIAN);
2569 uint64_t ldq_be_phys(AddressSpace *as, hwaddr addr)
2571 return ldq_phys_internal(as, addr, DEVICE_BIG_ENDIAN);
2575 uint32_t ldub_phys(AddressSpace *as, hwaddr addr)
2578 address_space_rw(as, addr, &val, 1, 0);
2582 /* warning: addr must be aligned */
2583 static inline uint32_t lduw_phys_internal(AddressSpace *as, hwaddr addr,
2584 enum device_endian endian)
2592 mr = address_space_translate(as, addr, &addr1, &l,
2594 if (l < 2 || !memory_access_is_direct(mr, false)) {
2596 io_mem_read(mr, addr1, &val, 2);
2597 #if defined(TARGET_WORDS_BIGENDIAN)
2598 if (endian == DEVICE_LITTLE_ENDIAN) {
2602 if (endian == DEVICE_BIG_ENDIAN) {
2608 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(mr)
2612 case DEVICE_LITTLE_ENDIAN:
2613 val = lduw_le_p(ptr);
2615 case DEVICE_BIG_ENDIAN:
2616 val = lduw_be_p(ptr);
2626 uint32_t lduw_phys(AddressSpace *as, hwaddr addr)
2628 return lduw_phys_internal(as, addr, DEVICE_NATIVE_ENDIAN);
2631 uint32_t lduw_le_phys(AddressSpace *as, hwaddr addr)
2633 return lduw_phys_internal(as, addr, DEVICE_LITTLE_ENDIAN);
2636 uint32_t lduw_be_phys(AddressSpace *as, hwaddr addr)
2638 return lduw_phys_internal(as, addr, DEVICE_BIG_ENDIAN);
2641 /* warning: addr must be aligned. The ram page is not masked as dirty
2642 and the code inside is not invalidated. It is useful if the dirty
2643 bits are used to track modified PTEs */
2644 void stl_phys_notdirty(AddressSpace *as, hwaddr addr, uint32_t val)
2651 mr = address_space_translate(as, addr, &addr1, &l,
2653 if (l < 4 || !memory_access_is_direct(mr, true)) {
2654 io_mem_write(mr, addr1, val, 4);
2656 addr1 += memory_region_get_ram_addr(mr) & TARGET_PAGE_MASK;
2657 ptr = qemu_get_ram_ptr(addr1);
2660 if (unlikely(in_migration)) {
2661 if (cpu_physical_memory_is_clean(addr1)) {
2662 /* invalidate code */
2663 tb_invalidate_phys_page_range(addr1, addr1 + 4, 0);
2665 cpu_physical_memory_set_dirty_range_nocode(addr1, 4);
2671 /* warning: addr must be aligned */
2672 static inline void stl_phys_internal(AddressSpace *as,
2673 hwaddr addr, uint32_t val,
2674 enum device_endian endian)
2681 mr = address_space_translate(as, addr, &addr1, &l,
2683 if (l < 4 || !memory_access_is_direct(mr, true)) {
2684 #if defined(TARGET_WORDS_BIGENDIAN)
2685 if (endian == DEVICE_LITTLE_ENDIAN) {
2689 if (endian == DEVICE_BIG_ENDIAN) {
2693 io_mem_write(mr, addr1, val, 4);
2696 addr1 += memory_region_get_ram_addr(mr) & TARGET_PAGE_MASK;
2697 ptr = qemu_get_ram_ptr(addr1);
2699 case DEVICE_LITTLE_ENDIAN:
2702 case DEVICE_BIG_ENDIAN:
2709 invalidate_and_set_dirty(addr1, 4);
2713 void stl_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2715 stl_phys_internal(as, addr, val, DEVICE_NATIVE_ENDIAN);
2718 void stl_le_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2720 stl_phys_internal(as, addr, val, DEVICE_LITTLE_ENDIAN);
2723 void stl_be_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2725 stl_phys_internal(as, addr, val, DEVICE_BIG_ENDIAN);
2729 void stb_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2732 address_space_rw(as, addr, &v, 1, 1);
2735 /* warning: addr must be aligned */
2736 static inline void stw_phys_internal(AddressSpace *as,
2737 hwaddr addr, uint32_t val,
2738 enum device_endian endian)
2745 mr = address_space_translate(as, addr, &addr1, &l, true);
2746 if (l < 2 || !memory_access_is_direct(mr, true)) {
2747 #if defined(TARGET_WORDS_BIGENDIAN)
2748 if (endian == DEVICE_LITTLE_ENDIAN) {
2752 if (endian == DEVICE_BIG_ENDIAN) {
2756 io_mem_write(mr, addr1, val, 2);
2759 addr1 += memory_region_get_ram_addr(mr) & TARGET_PAGE_MASK;
2760 ptr = qemu_get_ram_ptr(addr1);
2762 case DEVICE_LITTLE_ENDIAN:
2765 case DEVICE_BIG_ENDIAN:
2772 invalidate_and_set_dirty(addr1, 2);
2776 void stw_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2778 stw_phys_internal(as, addr, val, DEVICE_NATIVE_ENDIAN);
2781 void stw_le_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2783 stw_phys_internal(as, addr, val, DEVICE_LITTLE_ENDIAN);
2786 void stw_be_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2788 stw_phys_internal(as, addr, val, DEVICE_BIG_ENDIAN);
2792 void stq_phys(AddressSpace *as, hwaddr addr, uint64_t val)
2795 address_space_rw(as, addr, (void *) &val, 8, 1);
2798 void stq_le_phys(AddressSpace *as, hwaddr addr, uint64_t val)
2800 val = cpu_to_le64(val);
2801 address_space_rw(as, addr, (void *) &val, 8, 1);
2804 void stq_be_phys(AddressSpace *as, hwaddr addr, uint64_t val)
2806 val = cpu_to_be64(val);
2807 address_space_rw(as, addr, (void *) &val, 8, 1);
2810 /* virtual memory access for debug (includes writing to ROM) */
2811 int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
2812 uint8_t *buf, int len, int is_write)
2819 page = addr & TARGET_PAGE_MASK;
2820 phys_addr = cpu_get_phys_page_debug(cpu, page);
2821 /* if no physical page mapped, return an error */
2822 if (phys_addr == -1)
2824 l = (page + TARGET_PAGE_SIZE) - addr;
2827 phys_addr += (addr & ~TARGET_PAGE_MASK);
2829 cpu_physical_memory_write_rom(cpu->as, phys_addr, buf, l);
2831 address_space_rw(cpu->as, phys_addr, buf, l, 0);
2842 * A helper function for the _utterly broken_ virtio device model to find out if
2843 * it's running on a big endian machine. Don't do this at home kids!
2845 bool target_words_bigendian(void);
2846 bool target_words_bigendian(void)
2848 #if defined(TARGET_WORDS_BIGENDIAN)
2855 #ifndef CONFIG_USER_ONLY
2856 bool cpu_physical_memory_is_io(hwaddr phys_addr)
2861 mr = address_space_translate(&address_space_memory,
2862 phys_addr, &phys_addr, &l, false);
2864 return !(memory_region_is_ram(mr) ||
2865 memory_region_is_romd(mr));
2868 void qemu_ram_foreach_block(RAMBlockIterFunc func, void *opaque)
2872 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
2873 func(block->host, block->offset, block->length, opaque);
projects / qemu.git / blob