4 * Copyright (c) 2003 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
21 #include <sys/types.h>
25 #include "qemu-common.h"
30 #include "qemu/osdep.h"
31 #include "sysemu/kvm.h"
32 #include "sysemu/sysemu.h"
33 #include "hw/xen/xen.h"
34 #include "qemu/timer.h"
35 #include "qemu/config-file.h"
36 #include "qemu/error-report.h"
37 #include "exec/memory.h"
38 #include "sysemu/dma.h"
39 #include "exec/address-spaces.h"
40 #if defined(CONFIG_USER_ONLY)
42 #else /* !CONFIG_USER_ONLY */
43 #include "sysemu/xen-mapcache.h"
46 #include "exec/cpu-all.h"
48 #include "exec/cputlb.h"
49 #include "translate-all.h"
51 #include "exec/memory-internal.h"
52 #include "exec/ram_addr.h"
54 #include "qemu/range.h"
56 //#define DEBUG_SUBPAGE
58 #if !defined(CONFIG_USER_ONLY)
59 static bool in_migration;
61 RAMList ram_list = { .blocks = QTAILQ_HEAD_INITIALIZER(ram_list.blocks) };
63 static MemoryRegion *system_memory;
64 static MemoryRegion *system_io;
66 AddressSpace address_space_io;
67 AddressSpace address_space_memory;
69 MemoryRegion io_mem_rom, io_mem_notdirty;
70 static MemoryRegion io_mem_unassigned;
72 /* RAM is pre-allocated and passed into qemu_ram_alloc_from_ptr */
73 #define RAM_PREALLOC (1 << 0)
75 /* RAM is mmap-ed with MAP_SHARED */
76 #define RAM_SHARED (1 << 1)
80 struct CPUTailQ cpus = QTAILQ_HEAD_INITIALIZER(cpus);
81 /* current CPU in the current thread. It is only valid inside
83 DEFINE_TLS(CPUState *, current_cpu);
84 /* 0 = Do not count executed instructions.
85 1 = Precise instruction counting.
86 2 = Adaptive rate instruction counting. */
89 #if !defined(CONFIG_USER_ONLY)
91 typedef struct PhysPageEntry PhysPageEntry;
93 struct PhysPageEntry {
94 /* How many bits skip to next level (in units of L2_SIZE). 0 for a leaf. */
96 /* index into phys_sections (!skip) or phys_map_nodes (skip) */
100 #define PHYS_MAP_NODE_NIL (((uint32_t)~0) >> 6)
102 /* Size of the L2 (and L3, etc) page tables. */
103 #define ADDR_SPACE_BITS 64
106 #define P_L2_SIZE (1 << P_L2_BITS)
108 #define P_L2_LEVELS (((ADDR_SPACE_BITS - TARGET_PAGE_BITS - 1) / P_L2_BITS) + 1)
110 typedef PhysPageEntry Node[P_L2_SIZE];
112 typedef struct PhysPageMap {
113 unsigned sections_nb;
114 unsigned sections_nb_alloc;
116 unsigned nodes_nb_alloc;
118 MemoryRegionSection *sections;
121 struct AddressSpaceDispatch {
122 /* This is a multi-level map on the physical address space.
123 * The bottom level has pointers to MemoryRegionSections.
125 PhysPageEntry phys_map;
130 #define SUBPAGE_IDX(addr) ((addr) & ~TARGET_PAGE_MASK)
131 typedef struct subpage_t {
135 uint16_t sub_section[TARGET_PAGE_SIZE];
138 #define PHYS_SECTION_UNASSIGNED 0
139 #define PHYS_SECTION_NOTDIRTY 1
140 #define PHYS_SECTION_ROM 2
141 #define PHYS_SECTION_WATCH 3
143 static void io_mem_init(void);
144 static void memory_map_init(void);
145 static void tcg_commit(MemoryListener *listener);
147 static MemoryRegion io_mem_watch;
150 #if !defined(CONFIG_USER_ONLY)
152 static void phys_map_node_reserve(PhysPageMap *map, unsigned nodes)
154 if (map->nodes_nb + nodes > map->nodes_nb_alloc) {
155 map->nodes_nb_alloc = MAX(map->nodes_nb_alloc * 2, 16);
156 map->nodes_nb_alloc = MAX(map->nodes_nb_alloc, map->nodes_nb + nodes);
157 map->nodes = g_renew(Node, map->nodes, map->nodes_nb_alloc);
161 static uint32_t phys_map_node_alloc(PhysPageMap *map)
166 ret = map->nodes_nb++;
167 assert(ret != PHYS_MAP_NODE_NIL);
168 assert(ret != map->nodes_nb_alloc);
169 for (i = 0; i < P_L2_SIZE; ++i) {
170 map->nodes[ret][i].skip = 1;
171 map->nodes[ret][i].ptr = PHYS_MAP_NODE_NIL;
176 static void phys_page_set_level(PhysPageMap *map, PhysPageEntry *lp,
177 hwaddr *index, hwaddr *nb, uint16_t leaf,
182 hwaddr step = (hwaddr)1 << (level * P_L2_BITS);
184 if (lp->skip && lp->ptr == PHYS_MAP_NODE_NIL) {
185 lp->ptr = phys_map_node_alloc(map);
186 p = map->nodes[lp->ptr];
188 for (i = 0; i < P_L2_SIZE; i++) {
190 p[i].ptr = PHYS_SECTION_UNASSIGNED;
194 p = map->nodes[lp->ptr];
196 lp = &p[(*index >> (level * P_L2_BITS)) & (P_L2_SIZE - 1)];
198 while (*nb && lp < &p[P_L2_SIZE]) {
199 if ((*index & (step - 1)) == 0 && *nb >= step) {
205 phys_page_set_level(map, lp, index, nb, leaf, level - 1);
211 static void phys_page_set(AddressSpaceDispatch *d,
212 hwaddr index, hwaddr nb,
215 /* Wildly overreserve - it doesn't matter much. */
216 phys_map_node_reserve(&d->map, 3 * P_L2_LEVELS);
218 phys_page_set_level(&d->map, &d->phys_map, &index, &nb, leaf, P_L2_LEVELS - 1);
221 /* Compact a non leaf page entry. Simply detect that the entry has a single child,
222 * and update our entry so we can skip it and go directly to the destination.
224 static void phys_page_compact(PhysPageEntry *lp, Node *nodes, unsigned long *compacted)
226 unsigned valid_ptr = P_L2_SIZE;
231 if (lp->ptr == PHYS_MAP_NODE_NIL) {
236 for (i = 0; i < P_L2_SIZE; i++) {
237 if (p[i].ptr == PHYS_MAP_NODE_NIL) {
244 phys_page_compact(&p[i], nodes, compacted);
248 /* We can only compress if there's only one child. */
253 assert(valid_ptr < P_L2_SIZE);
255 /* Don't compress if it won't fit in the # of bits we have. */
256 if (lp->skip + p[valid_ptr].skip >= (1 << 3)) {
260 lp->ptr = p[valid_ptr].ptr;
261 if (!p[valid_ptr].skip) {
262 /* If our only child is a leaf, make this a leaf. */
263 /* By design, we should have made this node a leaf to begin with so we
264 * should never reach here.
265 * But since it's so simple to handle this, let's do it just in case we
270 lp->skip += p[valid_ptr].skip;
274 static void phys_page_compact_all(AddressSpaceDispatch *d, int nodes_nb)
276 DECLARE_BITMAP(compacted, nodes_nb);
278 if (d->phys_map.skip) {
279 phys_page_compact(&d->phys_map, d->map.nodes, compacted);
283 static MemoryRegionSection *phys_page_find(PhysPageEntry lp, hwaddr addr,
284 Node *nodes, MemoryRegionSection *sections)
287 hwaddr index = addr >> TARGET_PAGE_BITS;
290 for (i = P_L2_LEVELS; lp.skip && (i -= lp.skip) >= 0;) {
291 if (lp.ptr == PHYS_MAP_NODE_NIL) {
292 return §ions[PHYS_SECTION_UNASSIGNED];
295 lp = p[(index >> (i * P_L2_BITS)) & (P_L2_SIZE - 1)];
298 if (sections[lp.ptr].size.hi ||
299 range_covers_byte(sections[lp.ptr].offset_within_address_space,
300 sections[lp.ptr].size.lo, addr)) {
301 return §ions[lp.ptr];
303 return §ions[PHYS_SECTION_UNASSIGNED];
307 bool memory_region_is_unassigned(MemoryRegion *mr)
309 return mr != &io_mem_rom && mr != &io_mem_notdirty && !mr->rom_device
310 && mr != &io_mem_watch;
313 static MemoryRegionSection *address_space_lookup_region(AddressSpaceDispatch *d,
315 bool resolve_subpage)
317 MemoryRegionSection *section;
320 section = phys_page_find(d->phys_map, addr, d->map.nodes, d->map.sections);
321 if (resolve_subpage && section->mr->subpage) {
322 subpage = container_of(section->mr, subpage_t, iomem);
323 section = &d->map.sections[subpage->sub_section[SUBPAGE_IDX(addr)]];
328 static MemoryRegionSection *
329 address_space_translate_internal(AddressSpaceDispatch *d, hwaddr addr, hwaddr *xlat,
330 hwaddr *plen, bool resolve_subpage)
332 MemoryRegionSection *section;
335 section = address_space_lookup_region(d, addr, resolve_subpage);
336 /* Compute offset within MemoryRegionSection */
337 addr -= section->offset_within_address_space;
339 /* Compute offset within MemoryRegion */
340 *xlat = addr + section->offset_within_region;
342 diff = int128_sub(section->mr->size, int128_make64(addr));
343 *plen = int128_get64(int128_min(diff, int128_make64(*plen)));
347 static inline bool memory_access_is_direct(MemoryRegion *mr, bool is_write)
349 if (memory_region_is_ram(mr)) {
350 return !(is_write && mr->readonly);
352 if (memory_region_is_romd(mr)) {
359 MemoryRegion *address_space_translate(AddressSpace *as, hwaddr addr,
360 hwaddr *xlat, hwaddr *plen,
364 MemoryRegionSection *section;
369 section = address_space_translate_internal(as->dispatch, addr, &addr, plen, true);
372 if (!mr->iommu_ops) {
376 iotlb = mr->iommu_ops->translate(mr, addr, is_write);
377 addr = ((iotlb.translated_addr & ~iotlb.addr_mask)
378 | (addr & iotlb.addr_mask));
379 len = MIN(len, (addr | iotlb.addr_mask) - addr + 1);
380 if (!(iotlb.perm & (1 << is_write))) {
381 mr = &io_mem_unassigned;
385 as = iotlb.target_as;
388 if (xen_enabled() && memory_access_is_direct(mr, is_write)) {
389 hwaddr page = ((addr & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE) - addr;
390 len = MIN(page, len);
398 MemoryRegionSection *
399 address_space_translate_for_iotlb(AddressSpace *as, hwaddr addr, hwaddr *xlat,
402 MemoryRegionSection *section;
403 section = address_space_translate_internal(as->dispatch, addr, xlat, plen, false);
405 assert(!section->mr->iommu_ops);
410 void cpu_exec_init_all(void)
412 #if !defined(CONFIG_USER_ONLY)
413 qemu_mutex_init(&ram_list.mutex);
419 #if !defined(CONFIG_USER_ONLY)
421 static int cpu_common_post_load(void *opaque, int version_id)
423 CPUState *cpu = opaque;
425 /* 0x01 was CPU_INTERRUPT_EXIT. This line can be removed when the
426 version_id is increased. */
427 cpu->interrupt_request &= ~0x01;
433 static int cpu_common_pre_load(void *opaque)
435 CPUState *cpu = opaque;
437 cpu->exception_index = -1;
442 static bool cpu_common_exception_index_needed(void *opaque)
444 CPUState *cpu = opaque;
446 return tcg_enabled() && cpu->exception_index != -1;
449 static const VMStateDescription vmstate_cpu_common_exception_index = {
450 .name = "cpu_common/exception_index",
452 .minimum_version_id = 1,
453 .fields = (VMStateField[]) {
454 VMSTATE_INT32(exception_index, CPUState),
455 VMSTATE_END_OF_LIST()
459 const VMStateDescription vmstate_cpu_common = {
460 .name = "cpu_common",
462 .minimum_version_id = 1,
463 .pre_load = cpu_common_pre_load,
464 .post_load = cpu_common_post_load,
465 .fields = (VMStateField[]) {
466 VMSTATE_UINT32(halted, CPUState),
467 VMSTATE_UINT32(interrupt_request, CPUState),
468 VMSTATE_END_OF_LIST()
470 .subsections = (VMStateSubsection[]) {
472 .vmsd = &vmstate_cpu_common_exception_index,
473 .needed = cpu_common_exception_index_needed,
482 CPUState *qemu_get_cpu(int index)
487 if (cpu->cpu_index == index) {
495 #if !defined(CONFIG_USER_ONLY)
496 void tcg_cpu_address_space_init(CPUState *cpu, AddressSpace *as)
498 /* We only support one address space per cpu at the moment. */
499 assert(cpu->as == as);
501 if (cpu->tcg_as_listener) {
502 memory_listener_unregister(cpu->tcg_as_listener);
504 cpu->tcg_as_listener = g_new0(MemoryListener, 1);
506 cpu->tcg_as_listener->commit = tcg_commit;
507 memory_listener_register(cpu->tcg_as_listener, as);
511 void cpu_exec_init(CPUArchState *env)
513 CPUState *cpu = ENV_GET_CPU(env);
514 CPUClass *cc = CPU_GET_CLASS(cpu);
518 #if defined(CONFIG_USER_ONLY)
522 CPU_FOREACH(some_cpu) {
525 cpu->cpu_index = cpu_index;
527 QTAILQ_INIT(&cpu->breakpoints);
528 QTAILQ_INIT(&cpu->watchpoints);
529 #ifndef CONFIG_USER_ONLY
530 cpu->as = &address_space_memory;
531 cpu->thread_id = qemu_get_thread_id();
533 QTAILQ_INSERT_TAIL(&cpus, cpu, node);
534 #if defined(CONFIG_USER_ONLY)
537 if (qdev_get_vmsd(DEVICE(cpu)) == NULL) {
538 vmstate_register(NULL, cpu_index, &vmstate_cpu_common, cpu);
540 #if defined(CPU_SAVE_VERSION) && !defined(CONFIG_USER_ONLY)
541 register_savevm(NULL, "cpu", cpu_index, CPU_SAVE_VERSION,
542 cpu_save, cpu_load, env);
543 assert(cc->vmsd == NULL);
544 assert(qdev_get_vmsd(DEVICE(cpu)) == NULL);
546 if (cc->vmsd != NULL) {
547 vmstate_register(NULL, cpu_index, cc->vmsd, cpu);
551 #if defined(TARGET_HAS_ICE)
552 #if defined(CONFIG_USER_ONLY)
553 static void breakpoint_invalidate(CPUState *cpu, target_ulong pc)
555 tb_invalidate_phys_page_range(pc, pc + 1, 0);
558 static void breakpoint_invalidate(CPUState *cpu, target_ulong pc)
560 hwaddr phys = cpu_get_phys_page_debug(cpu, pc);
562 tb_invalidate_phys_addr(cpu->as,
563 phys | (pc & ~TARGET_PAGE_MASK));
567 #endif /* TARGET_HAS_ICE */
569 #if defined(CONFIG_USER_ONLY)
570 void cpu_watchpoint_remove_all(CPUState *cpu, int mask)
575 int cpu_watchpoint_remove(CPUState *cpu, vaddr addr, vaddr len,
581 void cpu_watchpoint_remove_by_ref(CPUState *cpu, CPUWatchpoint *watchpoint)
585 int cpu_watchpoint_insert(CPUState *cpu, vaddr addr, vaddr len,
586 int flags, CPUWatchpoint **watchpoint)
591 /* Add a watchpoint. */
592 int cpu_watchpoint_insert(CPUState *cpu, vaddr addr, vaddr len,
593 int flags, CPUWatchpoint **watchpoint)
597 /* forbid ranges which are empty or run off the end of the address space */
598 if (len == 0 || (addr + len - 1) < addr) {
599 error_report("tried to set invalid watchpoint at %"
600 VADDR_PRIx ", len=%" VADDR_PRIu, addr, len);
603 wp = g_malloc(sizeof(*wp));
609 /* keep all GDB-injected watchpoints in front */
610 if (flags & BP_GDB) {
611 QTAILQ_INSERT_HEAD(&cpu->watchpoints, wp, entry);
613 QTAILQ_INSERT_TAIL(&cpu->watchpoints, wp, entry);
616 tlb_flush_page(cpu, addr);
623 /* Remove a specific watchpoint. */
624 int cpu_watchpoint_remove(CPUState *cpu, vaddr addr, vaddr len,
629 QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
630 if (addr == wp->vaddr && len == wp->len
631 && flags == (wp->flags & ~BP_WATCHPOINT_HIT)) {
632 cpu_watchpoint_remove_by_ref(cpu, wp);
639 /* Remove a specific watchpoint by reference. */
640 void cpu_watchpoint_remove_by_ref(CPUState *cpu, CPUWatchpoint *watchpoint)
642 QTAILQ_REMOVE(&cpu->watchpoints, watchpoint, entry);
644 tlb_flush_page(cpu, watchpoint->vaddr);
649 /* Remove all matching watchpoints. */
650 void cpu_watchpoint_remove_all(CPUState *cpu, int mask)
652 CPUWatchpoint *wp, *next;
654 QTAILQ_FOREACH_SAFE(wp, &cpu->watchpoints, entry, next) {
655 if (wp->flags & mask) {
656 cpu_watchpoint_remove_by_ref(cpu, wp);
661 /* Return true if this watchpoint address matches the specified
662 * access (ie the address range covered by the watchpoint overlaps
663 * partially or completely with the address range covered by the
666 static inline bool cpu_watchpoint_address_matches(CPUWatchpoint *wp,
670 /* We know the lengths are non-zero, but a little caution is
671 * required to avoid errors in the case where the range ends
672 * exactly at the top of the address space and so addr + len
673 * wraps round to zero.
675 vaddr wpend = wp->vaddr + wp->len - 1;
676 vaddr addrend = addr + len - 1;
678 return !(addr > wpend || wp->vaddr > addrend);
683 /* Add a breakpoint. */
684 int cpu_breakpoint_insert(CPUState *cpu, vaddr pc, int flags,
685 CPUBreakpoint **breakpoint)
687 #if defined(TARGET_HAS_ICE)
690 bp = g_malloc(sizeof(*bp));
695 /* keep all GDB-injected breakpoints in front */
696 if (flags & BP_GDB) {
697 QTAILQ_INSERT_HEAD(&cpu->breakpoints, bp, entry);
699 QTAILQ_INSERT_TAIL(&cpu->breakpoints, bp, entry);
702 breakpoint_invalidate(cpu, pc);
713 /* Remove a specific breakpoint. */
714 int cpu_breakpoint_remove(CPUState *cpu, vaddr pc, int flags)
716 #if defined(TARGET_HAS_ICE)
719 QTAILQ_FOREACH(bp, &cpu->breakpoints, entry) {
720 if (bp->pc == pc && bp->flags == flags) {
721 cpu_breakpoint_remove_by_ref(cpu, bp);
731 /* Remove a specific breakpoint by reference. */
732 void cpu_breakpoint_remove_by_ref(CPUState *cpu, CPUBreakpoint *breakpoint)
734 #if defined(TARGET_HAS_ICE)
735 QTAILQ_REMOVE(&cpu->breakpoints, breakpoint, entry);
737 breakpoint_invalidate(cpu, breakpoint->pc);
743 /* Remove all matching breakpoints. */
744 void cpu_breakpoint_remove_all(CPUState *cpu, int mask)
746 #if defined(TARGET_HAS_ICE)
747 CPUBreakpoint *bp, *next;
749 QTAILQ_FOREACH_SAFE(bp, &cpu->breakpoints, entry, next) {
750 if (bp->flags & mask) {
751 cpu_breakpoint_remove_by_ref(cpu, bp);
757 /* enable or disable single step mode. EXCP_DEBUG is returned by the
758 CPU loop after each instruction */
759 void cpu_single_step(CPUState *cpu, int enabled)
761 #if defined(TARGET_HAS_ICE)
762 if (cpu->singlestep_enabled != enabled) {
763 cpu->singlestep_enabled = enabled;
765 kvm_update_guest_debug(cpu, 0);
767 /* must flush all the translated code to avoid inconsistencies */
768 /* XXX: only flush what is necessary */
769 CPUArchState *env = cpu->env_ptr;
776 void cpu_abort(CPUState *cpu, const char *fmt, ...)
783 fprintf(stderr, "qemu: fatal: ");
784 vfprintf(stderr, fmt, ap);
785 fprintf(stderr, "\n");
786 cpu_dump_state(cpu, stderr, fprintf, CPU_DUMP_FPU | CPU_DUMP_CCOP);
787 if (qemu_log_enabled()) {
788 qemu_log("qemu: fatal: ");
789 qemu_log_vprintf(fmt, ap2);
791 log_cpu_state(cpu, CPU_DUMP_FPU | CPU_DUMP_CCOP);
797 #if defined(CONFIG_USER_ONLY)
799 struct sigaction act;
800 sigfillset(&act.sa_mask);
801 act.sa_handler = SIG_DFL;
802 sigaction(SIGABRT, &act, NULL);
808 #if !defined(CONFIG_USER_ONLY)
809 static RAMBlock *qemu_get_ram_block(ram_addr_t addr)
813 /* The list is protected by the iothread lock here. */
814 block = ram_list.mru_block;
815 if (block && addr - block->offset < block->length) {
818 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
819 if (addr - block->offset < block->length) {
824 fprintf(stderr, "Bad ram offset %" PRIx64 "\n", (uint64_t)addr);
828 ram_list.mru_block = block;
832 static void tlb_reset_dirty_range_all(ram_addr_t start, ram_addr_t length)
838 end = TARGET_PAGE_ALIGN(start + length);
839 start &= TARGET_PAGE_MASK;
841 block = qemu_get_ram_block(start);
842 assert(block == qemu_get_ram_block(end - 1));
843 start1 = (uintptr_t)ramblock_ptr(block, start - block->offset);
844 cpu_tlb_reset_dirty_all(start1, length);
847 /* Note: start and end must be within the same ram block. */
848 void cpu_physical_memory_reset_dirty(ram_addr_t start, ram_addr_t length,
853 cpu_physical_memory_clear_dirty_range(start, length, client);
856 tlb_reset_dirty_range_all(start, length);
860 static void cpu_physical_memory_set_dirty_tracking(bool enable)
862 in_migration = enable;
865 hwaddr memory_region_section_get_iotlb(CPUState *cpu,
866 MemoryRegionSection *section,
868 hwaddr paddr, hwaddr xlat,
870 target_ulong *address)
875 if (memory_region_is_ram(section->mr)) {
877 iotlb = (memory_region_get_ram_addr(section->mr) & TARGET_PAGE_MASK)
879 if (!section->readonly) {
880 iotlb |= PHYS_SECTION_NOTDIRTY;
882 iotlb |= PHYS_SECTION_ROM;
885 iotlb = section - section->address_space->dispatch->map.sections;
889 /* Make accesses to pages with watchpoints go via the
890 watchpoint trap routines. */
891 QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
892 if (cpu_watchpoint_address_matches(wp, vaddr, TARGET_PAGE_SIZE)) {
893 /* Avoid trapping reads of pages with a write breakpoint. */
894 if ((prot & PAGE_WRITE) || (wp->flags & BP_MEM_READ)) {
895 iotlb = PHYS_SECTION_WATCH + paddr;
896 *address |= TLB_MMIO;
904 #endif /* defined(CONFIG_USER_ONLY) */
906 #if !defined(CONFIG_USER_ONLY)
908 static int subpage_register (subpage_t *mmio, uint32_t start, uint32_t end,
910 static subpage_t *subpage_init(AddressSpace *as, hwaddr base);
912 static void *(*phys_mem_alloc)(size_t size, uint64_t *align) =
916 * Set a custom physical guest memory alloator.
917 * Accelerators with unusual needs may need this. Hopefully, we can
918 * get rid of it eventually.
920 void phys_mem_set_alloc(void *(*alloc)(size_t, uint64_t *align))
922 phys_mem_alloc = alloc;
925 static uint16_t phys_section_add(PhysPageMap *map,
926 MemoryRegionSection *section)
928 /* The physical section number is ORed with a page-aligned
929 * pointer to produce the iotlb entries. Thus it should
930 * never overflow into the page-aligned value.
932 assert(map->sections_nb < TARGET_PAGE_SIZE);
934 if (map->sections_nb == map->sections_nb_alloc) {
935 map->sections_nb_alloc = MAX(map->sections_nb_alloc * 2, 16);
936 map->sections = g_renew(MemoryRegionSection, map->sections,
937 map->sections_nb_alloc);
939 map->sections[map->sections_nb] = *section;
940 memory_region_ref(section->mr);
941 return map->sections_nb++;
944 static void phys_section_destroy(MemoryRegion *mr)
946 memory_region_unref(mr);
949 subpage_t *subpage = container_of(mr, subpage_t, iomem);
950 object_unref(OBJECT(&subpage->iomem));
955 static void phys_sections_free(PhysPageMap *map)
957 while (map->sections_nb > 0) {
958 MemoryRegionSection *section = &map->sections[--map->sections_nb];
959 phys_section_destroy(section->mr);
961 g_free(map->sections);
965 static void register_subpage(AddressSpaceDispatch *d, MemoryRegionSection *section)
968 hwaddr base = section->offset_within_address_space
970 MemoryRegionSection *existing = phys_page_find(d->phys_map, base,
971 d->map.nodes, d->map.sections);
972 MemoryRegionSection subsection = {
973 .offset_within_address_space = base,
974 .size = int128_make64(TARGET_PAGE_SIZE),
978 assert(existing->mr->subpage || existing->mr == &io_mem_unassigned);
980 if (!(existing->mr->subpage)) {
981 subpage = subpage_init(d->as, base);
982 subsection.address_space = d->as;
983 subsection.mr = &subpage->iomem;
984 phys_page_set(d, base >> TARGET_PAGE_BITS, 1,
985 phys_section_add(&d->map, &subsection));
987 subpage = container_of(existing->mr, subpage_t, iomem);
989 start = section->offset_within_address_space & ~TARGET_PAGE_MASK;
990 end = start + int128_get64(section->size) - 1;
991 subpage_register(subpage, start, end,
992 phys_section_add(&d->map, section));
996 static void register_multipage(AddressSpaceDispatch *d,
997 MemoryRegionSection *section)
999 hwaddr start_addr = section->offset_within_address_space;
1000 uint16_t section_index = phys_section_add(&d->map, section);
1001 uint64_t num_pages = int128_get64(int128_rshift(section->size,
1005 phys_page_set(d, start_addr >> TARGET_PAGE_BITS, num_pages, section_index);
1008 static void mem_add(MemoryListener *listener, MemoryRegionSection *section)
1010 AddressSpace *as = container_of(listener, AddressSpace, dispatch_listener);
1011 AddressSpaceDispatch *d = as->next_dispatch;
1012 MemoryRegionSection now = *section, remain = *section;
1013 Int128 page_size = int128_make64(TARGET_PAGE_SIZE);
1015 if (now.offset_within_address_space & ~TARGET_PAGE_MASK) {
1016 uint64_t left = TARGET_PAGE_ALIGN(now.offset_within_address_space)
1017 - now.offset_within_address_space;
1019 now.size = int128_min(int128_make64(left), now.size);
1020 register_subpage(d, &now);
1022 now.size = int128_zero();
1024 while (int128_ne(remain.size, now.size)) {
1025 remain.size = int128_sub(remain.size, now.size);
1026 remain.offset_within_address_space += int128_get64(now.size);
1027 remain.offset_within_region += int128_get64(now.size);
1029 if (int128_lt(remain.size, page_size)) {
1030 register_subpage(d, &now);
1031 } else if (remain.offset_within_address_space & ~TARGET_PAGE_MASK) {
1032 now.size = page_size;
1033 register_subpage(d, &now);
1035 now.size = int128_and(now.size, int128_neg(page_size));
1036 register_multipage(d, &now);
1041 void qemu_flush_coalesced_mmio_buffer(void)
1044 kvm_flush_coalesced_mmio_buffer();
1047 void qemu_mutex_lock_ramlist(void)
1049 qemu_mutex_lock(&ram_list.mutex);
1052 void qemu_mutex_unlock_ramlist(void)
1054 qemu_mutex_unlock(&ram_list.mutex);
1059 #include <sys/vfs.h>
1061 #define HUGETLBFS_MAGIC 0x958458f6
1063 static long gethugepagesize(const char *path, Error **errp)
1069 ret = statfs(path, &fs);
1070 } while (ret != 0 && errno == EINTR);
1073 error_setg_errno(errp, errno, "failed to get page size of file %s",
1078 if (fs.f_type != HUGETLBFS_MAGIC)
1079 fprintf(stderr, "Warning: path not on HugeTLBFS: %s\n", path);
1084 static void *file_ram_alloc(RAMBlock *block,
1090 char *sanitized_name;
1095 Error *local_err = NULL;
1097 hpagesize = gethugepagesize(path, &local_err);
1099 error_propagate(errp, local_err);
1102 block->mr->align = hpagesize;
1104 if (memory < hpagesize) {
1105 error_setg(errp, "memory size 0x" RAM_ADDR_FMT " must be equal to "
1106 "or larger than huge page size 0x%" PRIx64,
1111 if (kvm_enabled() && !kvm_has_sync_mmu()) {
1113 "host lacks kvm mmu notifiers, -mem-path unsupported");
1117 /* Make name safe to use with mkstemp by replacing '/' with '_'. */
1118 sanitized_name = g_strdup(memory_region_name(block->mr));
1119 for (c = sanitized_name; *c != '\0'; c++) {
1124 filename = g_strdup_printf("%s/qemu_back_mem.%s.XXXXXX", path,
1126 g_free(sanitized_name);
1128 fd = mkstemp(filename);
1130 error_setg_errno(errp, errno,
1131 "unable to create backing store for hugepages");
1138 memory = (memory+hpagesize-1) & ~(hpagesize-1);
1141 * ftruncate is not supported by hugetlbfs in older
1142 * hosts, so don't bother bailing out on errors.
1143 * If anything goes wrong with it under other filesystems,
1146 if (ftruncate(fd, memory)) {
1147 perror("ftruncate");
1150 area = mmap(0, memory, PROT_READ | PROT_WRITE,
1151 (block->flags & RAM_SHARED ? MAP_SHARED : MAP_PRIVATE),
1153 if (area == MAP_FAILED) {
1154 error_setg_errno(errp, errno,
1155 "unable to map backing store for hugepages");
1161 os_mem_prealloc(fd, area, memory);
1169 error_report("%s\n", error_get_pretty(*errp));
1176 static ram_addr_t find_ram_offset(ram_addr_t size)
1178 RAMBlock *block, *next_block;
1179 ram_addr_t offset = RAM_ADDR_MAX, mingap = RAM_ADDR_MAX;
1181 assert(size != 0); /* it would hand out same offset multiple times */
1183 if (QTAILQ_EMPTY(&ram_list.blocks))
1186 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1187 ram_addr_t end, next = RAM_ADDR_MAX;
1189 end = block->offset + block->length;
1191 QTAILQ_FOREACH(next_block, &ram_list.blocks, next) {
1192 if (next_block->offset >= end) {
1193 next = MIN(next, next_block->offset);
1196 if (next - end >= size && next - end < mingap) {
1198 mingap = next - end;
1202 if (offset == RAM_ADDR_MAX) {
1203 fprintf(stderr, "Failed to find gap of requested size: %" PRIu64 "\n",
1211 ram_addr_t last_ram_offset(void)
1214 ram_addr_t last = 0;
1216 QTAILQ_FOREACH(block, &ram_list.blocks, next)
1217 last = MAX(last, block->offset + block->length);
1222 static void qemu_ram_setup_dump(void *addr, ram_addr_t size)
1226 /* Use MADV_DONTDUMP, if user doesn't want the guest memory in the core */
1227 if (!qemu_opt_get_bool(qemu_get_machine_opts(),
1228 "dump-guest-core", true)) {
1229 ret = qemu_madvise(addr, size, QEMU_MADV_DONTDUMP);
1231 perror("qemu_madvise");
1232 fprintf(stderr, "madvise doesn't support MADV_DONTDUMP, "
1233 "but dump_guest_core=off specified\n");
1238 static RAMBlock *find_ram_block(ram_addr_t addr)
1242 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1243 if (block->offset == addr) {
1251 void qemu_ram_set_idstr(ram_addr_t addr, const char *name, DeviceState *dev)
1253 RAMBlock *new_block = find_ram_block(addr);
1257 assert(!new_block->idstr[0]);
1260 char *id = qdev_get_dev_path(dev);
1262 snprintf(new_block->idstr, sizeof(new_block->idstr), "%s/", id);
1266 pstrcat(new_block->idstr, sizeof(new_block->idstr), name);
1268 /* This assumes the iothread lock is taken here too. */
1269 qemu_mutex_lock_ramlist();
1270 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1271 if (block != new_block && !strcmp(block->idstr, new_block->idstr)) {
1272 fprintf(stderr, "RAMBlock \"%s\" already registered, abort!\n",
1277 qemu_mutex_unlock_ramlist();
1280 void qemu_ram_unset_idstr(ram_addr_t addr)
1282 RAMBlock *block = find_ram_block(addr);
1285 memset(block->idstr, 0, sizeof(block->idstr));
1289 static int memory_try_enable_merging(void *addr, size_t len)
1291 if (!qemu_opt_get_bool(qemu_get_machine_opts(), "mem-merge", true)) {
1292 /* disabled by the user */
1296 return qemu_madvise(addr, len, QEMU_MADV_MERGEABLE);
1299 static ram_addr_t ram_block_add(RAMBlock *new_block, Error **errp)
1302 ram_addr_t old_ram_size, new_ram_size;
1304 old_ram_size = last_ram_offset() >> TARGET_PAGE_BITS;
1306 /* This assumes the iothread lock is taken here too. */
1307 qemu_mutex_lock_ramlist();
1308 new_block->offset = find_ram_offset(new_block->length);
1310 if (!new_block->host) {
1311 if (xen_enabled()) {
1312 xen_ram_alloc(new_block->offset, new_block->length, new_block->mr);
1314 new_block->host = phys_mem_alloc(new_block->length,
1315 &new_block->mr->align);
1316 if (!new_block->host) {
1317 error_setg_errno(errp, errno,
1318 "cannot set up guest memory '%s'",
1319 memory_region_name(new_block->mr));
1320 qemu_mutex_unlock_ramlist();
1323 memory_try_enable_merging(new_block->host, new_block->length);
1327 /* Keep the list sorted from biggest to smallest block. */
1328 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1329 if (block->length < new_block->length) {
1334 QTAILQ_INSERT_BEFORE(block, new_block, next);
1336 QTAILQ_INSERT_TAIL(&ram_list.blocks, new_block, next);
1338 ram_list.mru_block = NULL;
1341 qemu_mutex_unlock_ramlist();
1343 new_ram_size = last_ram_offset() >> TARGET_PAGE_BITS;
1345 if (new_ram_size > old_ram_size) {
1347 for (i = 0; i < DIRTY_MEMORY_NUM; i++) {
1348 ram_list.dirty_memory[i] =
1349 bitmap_zero_extend(ram_list.dirty_memory[i],
1350 old_ram_size, new_ram_size);
1353 cpu_physical_memory_set_dirty_range(new_block->offset, new_block->length);
1355 qemu_ram_setup_dump(new_block->host, new_block->length);
1356 qemu_madvise(new_block->host, new_block->length, QEMU_MADV_HUGEPAGE);
1357 qemu_madvise(new_block->host, new_block->length, QEMU_MADV_DONTFORK);
1359 if (kvm_enabled()) {
1360 kvm_setup_guest_memory(new_block->host, new_block->length);
1363 return new_block->offset;
1367 ram_addr_t qemu_ram_alloc_from_file(ram_addr_t size, MemoryRegion *mr,
1368 bool share, const char *mem_path,
1371 RAMBlock *new_block;
1373 Error *local_err = NULL;
1375 if (xen_enabled()) {
1376 error_setg(errp, "-mem-path not supported with Xen");
1380 if (phys_mem_alloc != qemu_anon_ram_alloc) {
1382 * file_ram_alloc() needs to allocate just like
1383 * phys_mem_alloc, but we haven't bothered to provide
1387 "-mem-path not supported with this accelerator");
1391 size = TARGET_PAGE_ALIGN(size);
1392 new_block = g_malloc0(sizeof(*new_block));
1394 new_block->length = size;
1395 new_block->flags = share ? RAM_SHARED : 0;
1396 new_block->host = file_ram_alloc(new_block, size,
1398 if (!new_block->host) {
1403 addr = ram_block_add(new_block, &local_err);
1406 error_propagate(errp, local_err);
1413 ram_addr_t qemu_ram_alloc_from_ptr(ram_addr_t size, void *host,
1414 MemoryRegion *mr, Error **errp)
1416 RAMBlock *new_block;
1418 Error *local_err = NULL;
1420 size = TARGET_PAGE_ALIGN(size);
1421 new_block = g_malloc0(sizeof(*new_block));
1423 new_block->length = size;
1425 new_block->host = host;
1427 new_block->flags |= RAM_PREALLOC;
1429 addr = ram_block_add(new_block, &local_err);
1432 error_propagate(errp, local_err);
1438 ram_addr_t qemu_ram_alloc(ram_addr_t size, MemoryRegion *mr, Error **errp)
1440 return qemu_ram_alloc_from_ptr(size, NULL, mr, errp);
1443 void qemu_ram_free_from_ptr(ram_addr_t addr)
1447 /* This assumes the iothread lock is taken here too. */
1448 qemu_mutex_lock_ramlist();
1449 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1450 if (addr == block->offset) {
1451 QTAILQ_REMOVE(&ram_list.blocks, block, next);
1452 ram_list.mru_block = NULL;
1458 qemu_mutex_unlock_ramlist();
1461 void qemu_ram_free(ram_addr_t addr)
1465 /* This assumes the iothread lock is taken here too. */
1466 qemu_mutex_lock_ramlist();
1467 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1468 if (addr == block->offset) {
1469 QTAILQ_REMOVE(&ram_list.blocks, block, next);
1470 ram_list.mru_block = NULL;
1472 if (block->flags & RAM_PREALLOC) {
1474 } else if (xen_enabled()) {
1475 xen_invalidate_map_cache_entry(block->host);
1477 } else if (block->fd >= 0) {
1478 munmap(block->host, block->length);
1482 qemu_anon_ram_free(block->host, block->length);
1488 qemu_mutex_unlock_ramlist();
1493 void qemu_ram_remap(ram_addr_t addr, ram_addr_t length)
1500 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1501 offset = addr - block->offset;
1502 if (offset < block->length) {
1503 vaddr = ramblock_ptr(block, offset);
1504 if (block->flags & RAM_PREALLOC) {
1506 } else if (xen_enabled()) {
1510 munmap(vaddr, length);
1511 if (block->fd >= 0) {
1512 flags |= (block->flags & RAM_SHARED ?
1513 MAP_SHARED : MAP_PRIVATE);
1514 area = mmap(vaddr, length, PROT_READ | PROT_WRITE,
1515 flags, block->fd, offset);
1518 * Remap needs to match alloc. Accelerators that
1519 * set phys_mem_alloc never remap. If they did,
1520 * we'd need a remap hook here.
1522 assert(phys_mem_alloc == qemu_anon_ram_alloc);
1524 flags |= MAP_PRIVATE | MAP_ANONYMOUS;
1525 area = mmap(vaddr, length, PROT_READ | PROT_WRITE,
1528 if (area != vaddr) {
1529 fprintf(stderr, "Could not remap addr: "
1530 RAM_ADDR_FMT "@" RAM_ADDR_FMT "\n",
1534 memory_try_enable_merging(vaddr, length);
1535 qemu_ram_setup_dump(vaddr, length);
1541 #endif /* !_WIN32 */
1543 int qemu_get_ram_fd(ram_addr_t addr)
1545 RAMBlock *block = qemu_get_ram_block(addr);
1550 void *qemu_get_ram_block_host_ptr(ram_addr_t addr)
1552 RAMBlock *block = qemu_get_ram_block(addr);
1554 return ramblock_ptr(block, 0);
1557 /* Return a host pointer to ram allocated with qemu_ram_alloc.
1558 With the exception of the softmmu code in this file, this should
1559 only be used for local memory (e.g. video ram) that the device owns,
1560 and knows it isn't going to access beyond the end of the block.
1562 It should not be used for general purpose DMA.
1563 Use cpu_physical_memory_map/cpu_physical_memory_rw instead.
1565 void *qemu_get_ram_ptr(ram_addr_t addr)
1567 RAMBlock *block = qemu_get_ram_block(addr);
1569 if (xen_enabled()) {
1570 /* We need to check if the requested address is in the RAM
1571 * because we don't want to map the entire memory in QEMU.
1572 * In that case just map until the end of the page.
1574 if (block->offset == 0) {
1575 return xen_map_cache(addr, 0, 0);
1576 } else if (block->host == NULL) {
1578 xen_map_cache(block->offset, block->length, 1);
1581 return ramblock_ptr(block, addr - block->offset);
1584 /* Return a host pointer to guest's ram. Similar to qemu_get_ram_ptr
1585 * but takes a size argument */
1586 static void *qemu_ram_ptr_length(ram_addr_t addr, hwaddr *size)
1591 if (xen_enabled()) {
1592 return xen_map_cache(addr, *size, 1);
1596 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1597 if (addr - block->offset < block->length) {
1598 if (addr - block->offset + *size > block->length)
1599 *size = block->length - addr + block->offset;
1600 return ramblock_ptr(block, addr - block->offset);
1604 fprintf(stderr, "Bad ram offset %" PRIx64 "\n", (uint64_t)addr);
1609 /* Some of the softmmu routines need to translate from a host pointer
1610 (typically a TLB entry) back to a ram offset. */
1611 MemoryRegion *qemu_ram_addr_from_host(void *ptr, ram_addr_t *ram_addr)
1614 uint8_t *host = ptr;
1616 if (xen_enabled()) {
1617 *ram_addr = xen_ram_addr_from_mapcache(ptr);
1618 return qemu_get_ram_block(*ram_addr)->mr;
1621 block = ram_list.mru_block;
1622 if (block && block->host && host - block->host < block->length) {
1626 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1627 /* This case append when the block is not mapped. */
1628 if (block->host == NULL) {
1631 if (host - block->host < block->length) {
1639 *ram_addr = block->offset + (host - block->host);
1643 static void notdirty_mem_write(void *opaque, hwaddr ram_addr,
1644 uint64_t val, unsigned size)
1646 if (!cpu_physical_memory_get_dirty_flag(ram_addr, DIRTY_MEMORY_CODE)) {
1647 tb_invalidate_phys_page_fast(ram_addr, size);
1651 stb_p(qemu_get_ram_ptr(ram_addr), val);
1654 stw_p(qemu_get_ram_ptr(ram_addr), val);
1657 stl_p(qemu_get_ram_ptr(ram_addr), val);
1662 cpu_physical_memory_set_dirty_range_nocode(ram_addr, size);
1663 /* we remove the notdirty callback only if the code has been
1665 if (!cpu_physical_memory_is_clean(ram_addr)) {
1666 CPUArchState *env = current_cpu->env_ptr;
1667 tlb_set_dirty(env, current_cpu->mem_io_vaddr);
1671 static bool notdirty_mem_accepts(void *opaque, hwaddr addr,
1672 unsigned size, bool is_write)
1677 static const MemoryRegionOps notdirty_mem_ops = {
1678 .write = notdirty_mem_write,
1679 .valid.accepts = notdirty_mem_accepts,
1680 .endianness = DEVICE_NATIVE_ENDIAN,
1683 /* Generate a debug exception if a watchpoint has been hit. */
1684 static void check_watchpoint(int offset, int len, int flags)
1686 CPUState *cpu = current_cpu;
1687 CPUArchState *env = cpu->env_ptr;
1688 target_ulong pc, cs_base;
1693 if (cpu->watchpoint_hit) {
1694 /* We re-entered the check after replacing the TB. Now raise
1695 * the debug interrupt so that is will trigger after the
1696 * current instruction. */
1697 cpu_interrupt(cpu, CPU_INTERRUPT_DEBUG);
1700 vaddr = (cpu->mem_io_vaddr & TARGET_PAGE_MASK) + offset;
1701 QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
1702 if (cpu_watchpoint_address_matches(wp, vaddr, len)
1703 && (wp->flags & flags)) {
1704 if (flags == BP_MEM_READ) {
1705 wp->flags |= BP_WATCHPOINT_HIT_READ;
1707 wp->flags |= BP_WATCHPOINT_HIT_WRITE;
1709 wp->hitaddr = vaddr;
1710 if (!cpu->watchpoint_hit) {
1711 cpu->watchpoint_hit = wp;
1712 tb_check_watchpoint(cpu);
1713 if (wp->flags & BP_STOP_BEFORE_ACCESS) {
1714 cpu->exception_index = EXCP_DEBUG;
1717 cpu_get_tb_cpu_state(env, &pc, &cs_base, &cpu_flags);
1718 tb_gen_code(cpu, pc, cs_base, cpu_flags, 1);
1719 cpu_resume_from_signal(cpu, NULL);
1723 wp->flags &= ~BP_WATCHPOINT_HIT;
1728 /* Watchpoint access routines. Watchpoints are inserted using TLB tricks,
1729 so these check for a hit then pass through to the normal out-of-line
1731 static uint64_t watch_mem_read(void *opaque, hwaddr addr,
1734 check_watchpoint(addr & ~TARGET_PAGE_MASK, size, BP_MEM_READ);
1736 case 1: return ldub_phys(&address_space_memory, addr);
1737 case 2: return lduw_phys(&address_space_memory, addr);
1738 case 4: return ldl_phys(&address_space_memory, addr);
1743 static void watch_mem_write(void *opaque, hwaddr addr,
1744 uint64_t val, unsigned size)
1746 check_watchpoint(addr & ~TARGET_PAGE_MASK, size, BP_MEM_WRITE);
1749 stb_phys(&address_space_memory, addr, val);
1752 stw_phys(&address_space_memory, addr, val);
1755 stl_phys(&address_space_memory, addr, val);
1761 static const MemoryRegionOps watch_mem_ops = {
1762 .read = watch_mem_read,
1763 .write = watch_mem_write,
1764 .endianness = DEVICE_NATIVE_ENDIAN,
1767 static uint64_t subpage_read(void *opaque, hwaddr addr,
1770 subpage_t *subpage = opaque;
1773 #if defined(DEBUG_SUBPAGE)
1774 printf("%s: subpage %p len %u addr " TARGET_FMT_plx "\n", __func__,
1775 subpage, len, addr);
1777 address_space_read(subpage->as, addr + subpage->base, buf, len);
1790 static void subpage_write(void *opaque, hwaddr addr,
1791 uint64_t value, unsigned len)
1793 subpage_t *subpage = opaque;
1796 #if defined(DEBUG_SUBPAGE)
1797 printf("%s: subpage %p len %u addr " TARGET_FMT_plx
1798 " value %"PRIx64"\n",
1799 __func__, subpage, len, addr, value);
1814 address_space_write(subpage->as, addr + subpage->base, buf, len);
1817 static bool subpage_accepts(void *opaque, hwaddr addr,
1818 unsigned len, bool is_write)
1820 subpage_t *subpage = opaque;
1821 #if defined(DEBUG_SUBPAGE)
1822 printf("%s: subpage %p %c len %u addr " TARGET_FMT_plx "\n",
1823 __func__, subpage, is_write ? 'w' : 'r', len, addr);
1826 return address_space_access_valid(subpage->as, addr + subpage->base,
1830 static const MemoryRegionOps subpage_ops = {
1831 .read = subpage_read,
1832 .write = subpage_write,
1833 .valid.accepts = subpage_accepts,
1834 .endianness = DEVICE_NATIVE_ENDIAN,
1837 static int subpage_register (subpage_t *mmio, uint32_t start, uint32_t end,
1842 if (start >= TARGET_PAGE_SIZE || end >= TARGET_PAGE_SIZE)
1844 idx = SUBPAGE_IDX(start);
1845 eidx = SUBPAGE_IDX(end);
1846 #if defined(DEBUG_SUBPAGE)
1847 printf("%s: %p start %08x end %08x idx %08x eidx %08x section %d\n",
1848 __func__, mmio, start, end, idx, eidx, section);
1850 for (; idx <= eidx; idx++) {
1851 mmio->sub_section[idx] = section;
1857 static subpage_t *subpage_init(AddressSpace *as, hwaddr base)
1861 mmio = g_malloc0(sizeof(subpage_t));
1865 memory_region_init_io(&mmio->iomem, NULL, &subpage_ops, mmio,
1866 NULL, TARGET_PAGE_SIZE);
1867 mmio->iomem.subpage = true;
1868 #if defined(DEBUG_SUBPAGE)
1869 printf("%s: %p base " TARGET_FMT_plx " len %08x\n", __func__,
1870 mmio, base, TARGET_PAGE_SIZE);
1872 subpage_register(mmio, 0, TARGET_PAGE_SIZE-1, PHYS_SECTION_UNASSIGNED);
1877 static uint16_t dummy_section(PhysPageMap *map, AddressSpace *as,
1881 MemoryRegionSection section = {
1882 .address_space = as,
1884 .offset_within_address_space = 0,
1885 .offset_within_region = 0,
1886 .size = int128_2_64(),
1889 return phys_section_add(map, §ion);
1892 MemoryRegion *iotlb_to_region(AddressSpace *as, hwaddr index)
1894 return as->dispatch->map.sections[index & ~TARGET_PAGE_MASK].mr;
1897 static void io_mem_init(void)
1899 memory_region_init_io(&io_mem_rom, NULL, &unassigned_mem_ops, NULL, NULL, UINT64_MAX);
1900 memory_region_init_io(&io_mem_unassigned, NULL, &unassigned_mem_ops, NULL,
1902 memory_region_init_io(&io_mem_notdirty, NULL, ¬dirty_mem_ops, NULL,
1904 memory_region_init_io(&io_mem_watch, NULL, &watch_mem_ops, NULL,
1908 static void mem_begin(MemoryListener *listener)
1910 AddressSpace *as = container_of(listener, AddressSpace, dispatch_listener);
1911 AddressSpaceDispatch *d = g_new0(AddressSpaceDispatch, 1);
1914 n = dummy_section(&d->map, as, &io_mem_unassigned);
1915 assert(n == PHYS_SECTION_UNASSIGNED);
1916 n = dummy_section(&d->map, as, &io_mem_notdirty);
1917 assert(n == PHYS_SECTION_NOTDIRTY);
1918 n = dummy_section(&d->map, as, &io_mem_rom);
1919 assert(n == PHYS_SECTION_ROM);
1920 n = dummy_section(&d->map, as, &io_mem_watch);
1921 assert(n == PHYS_SECTION_WATCH);
1923 d->phys_map = (PhysPageEntry) { .ptr = PHYS_MAP_NODE_NIL, .skip = 1 };
1925 as->next_dispatch = d;
1928 static void mem_commit(MemoryListener *listener)
1930 AddressSpace *as = container_of(listener, AddressSpace, dispatch_listener);
1931 AddressSpaceDispatch *cur = as->dispatch;
1932 AddressSpaceDispatch *next = as->next_dispatch;
1934 phys_page_compact_all(next, next->map.nodes_nb);
1936 as->dispatch = next;
1939 phys_sections_free(&cur->map);
1944 static void tcg_commit(MemoryListener *listener)
1948 /* since each CPU stores ram addresses in its TLB cache, we must
1949 reset the modified entries */
1952 /* FIXME: Disentangle the cpu.h circular files deps so we can
1953 directly get the right CPU from listener. */
1954 if (cpu->tcg_as_listener != listener) {
1961 static void core_log_global_start(MemoryListener *listener)
1963 cpu_physical_memory_set_dirty_tracking(true);
1966 static void core_log_global_stop(MemoryListener *listener)
1968 cpu_physical_memory_set_dirty_tracking(false);
1971 static MemoryListener core_memory_listener = {
1972 .log_global_start = core_log_global_start,
1973 .log_global_stop = core_log_global_stop,
1977 void address_space_init_dispatch(AddressSpace *as)
1979 as->dispatch = NULL;
1980 as->dispatch_listener = (MemoryListener) {
1982 .commit = mem_commit,
1983 .region_add = mem_add,
1984 .region_nop = mem_add,
1987 memory_listener_register(&as->dispatch_listener, as);
1990 void address_space_destroy_dispatch(AddressSpace *as)
1992 AddressSpaceDispatch *d = as->dispatch;
1994 memory_listener_unregister(&as->dispatch_listener);
1996 as->dispatch = NULL;
1999 static void memory_map_init(void)
2001 system_memory = g_malloc(sizeof(*system_memory));
2003 memory_region_init(system_memory, NULL, "system", UINT64_MAX);
2004 address_space_init(&address_space_memory, system_memory, "memory");
2006 system_io = g_malloc(sizeof(*system_io));
2007 memory_region_init_io(system_io, NULL, &unassigned_io_ops, NULL, "io",
2009 address_space_init(&address_space_io, system_io, "I/O");
2011 memory_listener_register(&core_memory_listener, &address_space_memory);
2014 MemoryRegion *get_system_memory(void)
2016 return system_memory;
2019 MemoryRegion *get_system_io(void)
2024 #endif /* !defined(CONFIG_USER_ONLY) */
2026 /* physical memory access (slow version, mainly for debug) */
2027 #if defined(CONFIG_USER_ONLY)
2028 int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
2029 uint8_t *buf, int len, int is_write)
2036 page = addr & TARGET_PAGE_MASK;
2037 l = (page + TARGET_PAGE_SIZE) - addr;
2040 flags = page_get_flags(page);
2041 if (!(flags & PAGE_VALID))
2044 if (!(flags & PAGE_WRITE))
2046 /* XXX: this code should not depend on lock_user */
2047 if (!(p = lock_user(VERIFY_WRITE, addr, l, 0)))
2050 unlock_user(p, addr, l);
2052 if (!(flags & PAGE_READ))
2054 /* XXX: this code should not depend on lock_user */
2055 if (!(p = lock_user(VERIFY_READ, addr, l, 1)))
2058 unlock_user(p, addr, 0);
2069 static void invalidate_and_set_dirty(hwaddr addr,
2072 if (cpu_physical_memory_range_includes_clean(addr, length)) {
2073 tb_invalidate_phys_range(addr, addr + length, 0);
2074 cpu_physical_memory_set_dirty_range_nocode(addr, length);
2076 xen_modified_memory(addr, length);
2079 static int memory_access_size(MemoryRegion *mr, unsigned l, hwaddr addr)
2081 unsigned access_size_max = mr->ops->valid.max_access_size;
2083 /* Regions are assumed to support 1-4 byte accesses unless
2084 otherwise specified. */
2085 if (access_size_max == 0) {
2086 access_size_max = 4;
2089 /* Bound the maximum access by the alignment of the address. */
2090 if (!mr->ops->impl.unaligned) {
2091 unsigned align_size_max = addr & -addr;
2092 if (align_size_max != 0 && align_size_max < access_size_max) {
2093 access_size_max = align_size_max;
2097 /* Don't attempt accesses larger than the maximum. */
2098 if (l > access_size_max) {
2099 l = access_size_max;
2102 l = 1 << (qemu_fls(l) - 1);
2108 bool address_space_rw(AddressSpace *as, hwaddr addr, uint8_t *buf,
2109 int len, bool is_write)
2120 mr = address_space_translate(as, addr, &addr1, &l, is_write);
2123 if (!memory_access_is_direct(mr, is_write)) {
2124 l = memory_access_size(mr, l, addr1);
2125 /* XXX: could force current_cpu to NULL to avoid
2129 /* 64 bit write access */
2131 error |= io_mem_write(mr, addr1, val, 8);
2134 /* 32 bit write access */
2136 error |= io_mem_write(mr, addr1, val, 4);
2139 /* 16 bit write access */
2141 error |= io_mem_write(mr, addr1, val, 2);
2144 /* 8 bit write access */
2146 error |= io_mem_write(mr, addr1, val, 1);
2152 addr1 += memory_region_get_ram_addr(mr);
2154 ptr = qemu_get_ram_ptr(addr1);
2155 memcpy(ptr, buf, l);
2156 invalidate_and_set_dirty(addr1, l);
2159 if (!memory_access_is_direct(mr, is_write)) {
2161 l = memory_access_size(mr, l, addr1);
2164 /* 64 bit read access */
2165 error |= io_mem_read(mr, addr1, &val, 8);
2169 /* 32 bit read access */
2170 error |= io_mem_read(mr, addr1, &val, 4);
2174 /* 16 bit read access */
2175 error |= io_mem_read(mr, addr1, &val, 2);
2179 /* 8 bit read access */
2180 error |= io_mem_read(mr, addr1, &val, 1);
2188 ptr = qemu_get_ram_ptr(mr->ram_addr + addr1);
2189 memcpy(buf, ptr, l);
2200 bool address_space_write(AddressSpace *as, hwaddr addr,
2201 const uint8_t *buf, int len)
2203 return address_space_rw(as, addr, (uint8_t *)buf, len, true);
2206 bool address_space_read(AddressSpace *as, hwaddr addr, uint8_t *buf, int len)
2208 return address_space_rw(as, addr, buf, len, false);
2212 void cpu_physical_memory_rw(hwaddr addr, uint8_t *buf,
2213 int len, int is_write)
2215 address_space_rw(&address_space_memory, addr, buf, len, is_write);
2218 enum write_rom_type {
2223 static inline void cpu_physical_memory_write_rom_internal(AddressSpace *as,
2224 hwaddr addr, const uint8_t *buf, int len, enum write_rom_type type)
2233 mr = address_space_translate(as, addr, &addr1, &l, true);
2235 if (!(memory_region_is_ram(mr) ||
2236 memory_region_is_romd(mr))) {
2239 addr1 += memory_region_get_ram_addr(mr);
2241 ptr = qemu_get_ram_ptr(addr1);
2244 memcpy(ptr, buf, l);
2245 invalidate_and_set_dirty(addr1, l);
2248 flush_icache_range((uintptr_t)ptr, (uintptr_t)ptr + l);
2258 /* used for ROM loading : can write in RAM and ROM */
2259 void cpu_physical_memory_write_rom(AddressSpace *as, hwaddr addr,
2260 const uint8_t *buf, int len)
2262 cpu_physical_memory_write_rom_internal(as, addr, buf, len, WRITE_DATA);
2265 void cpu_flush_icache_range(hwaddr start, int len)
2268 * This function should do the same thing as an icache flush that was
2269 * triggered from within the guest. For TCG we are always cache coherent,
2270 * so there is no need to flush anything. For KVM / Xen we need to flush
2271 * the host's instruction cache at least.
2273 if (tcg_enabled()) {
2277 cpu_physical_memory_write_rom_internal(&address_space_memory,
2278 start, NULL, len, FLUSH_CACHE);
2288 static BounceBuffer bounce;
2290 typedef struct MapClient {
2292 void (*callback)(void *opaque);
2293 QLIST_ENTRY(MapClient) link;
2296 static QLIST_HEAD(map_client_list, MapClient) map_client_list
2297 = QLIST_HEAD_INITIALIZER(map_client_list);
2299 void *cpu_register_map_client(void *opaque, void (*callback)(void *opaque))
2301 MapClient *client = g_malloc(sizeof(*client));
2303 client->opaque = opaque;
2304 client->callback = callback;
2305 QLIST_INSERT_HEAD(&map_client_list, client, link);
2309 static void cpu_unregister_map_client(void *_client)
2311 MapClient *client = (MapClient *)_client;
2313 QLIST_REMOVE(client, link);
2317 static void cpu_notify_map_clients(void)
2321 while (!QLIST_EMPTY(&map_client_list)) {
2322 client = QLIST_FIRST(&map_client_list);
2323 client->callback(client->opaque);
2324 cpu_unregister_map_client(client);
2328 bool address_space_access_valid(AddressSpace *as, hwaddr addr, int len, bool is_write)
2335 mr = address_space_translate(as, addr, &xlat, &l, is_write);
2336 if (!memory_access_is_direct(mr, is_write)) {
2337 l = memory_access_size(mr, l, addr);
2338 if (!memory_region_access_valid(mr, xlat, l, is_write)) {
2349 /* Map a physical memory region into a host virtual address.
2350 * May map a subset of the requested range, given by and returned in *plen.
2351 * May return NULL if resources needed to perform the mapping are exhausted.
2352 * Use only for reads OR writes - not for read-modify-write operations.
2353 * Use cpu_register_map_client() to know when retrying the map operation is
2354 * likely to succeed.
2356 void *address_space_map(AddressSpace *as,
2363 hwaddr l, xlat, base;
2364 MemoryRegion *mr, *this_mr;
2372 mr = address_space_translate(as, addr, &xlat, &l, is_write);
2373 if (!memory_access_is_direct(mr, is_write)) {
2374 if (bounce.buffer) {
2377 /* Avoid unbounded allocations */
2378 l = MIN(l, TARGET_PAGE_SIZE);
2379 bounce.buffer = qemu_memalign(TARGET_PAGE_SIZE, l);
2383 memory_region_ref(mr);
2386 address_space_read(as, addr, bounce.buffer, l);
2390 return bounce.buffer;
2394 raddr = memory_region_get_ram_addr(mr);
2405 this_mr = address_space_translate(as, addr, &xlat, &l, is_write);
2406 if (this_mr != mr || xlat != base + done) {
2411 memory_region_ref(mr);
2413 return qemu_ram_ptr_length(raddr + base, plen);
2416 /* Unmaps a memory region previously mapped by address_space_map().
2417 * Will also mark the memory as dirty if is_write == 1. access_len gives
2418 * the amount of memory that was actually read or written by the caller.
2420 void address_space_unmap(AddressSpace *as, void *buffer, hwaddr len,
2421 int is_write, hwaddr access_len)
2423 if (buffer != bounce.buffer) {
2427 mr = qemu_ram_addr_from_host(buffer, &addr1);
2430 invalidate_and_set_dirty(addr1, access_len);
2432 if (xen_enabled()) {
2433 xen_invalidate_map_cache_entry(buffer);
2435 memory_region_unref(mr);
2439 address_space_write(as, bounce.addr, bounce.buffer, access_len);
2441 qemu_vfree(bounce.buffer);
2442 bounce.buffer = NULL;
2443 memory_region_unref(bounce.mr);
2444 cpu_notify_map_clients();
2447 void *cpu_physical_memory_map(hwaddr addr,
2451 return address_space_map(&address_space_memory, addr, plen, is_write);
2454 void cpu_physical_memory_unmap(void *buffer, hwaddr len,
2455 int is_write, hwaddr access_len)
2457 return address_space_unmap(&address_space_memory, buffer, len, is_write, access_len);
2460 /* warning: addr must be aligned */
2461 static inline uint32_t ldl_phys_internal(AddressSpace *as, hwaddr addr,
2462 enum device_endian endian)
2470 mr = address_space_translate(as, addr, &addr1, &l, false);
2471 if (l < 4 || !memory_access_is_direct(mr, false)) {
2473 io_mem_read(mr, addr1, &val, 4);
2474 #if defined(TARGET_WORDS_BIGENDIAN)
2475 if (endian == DEVICE_LITTLE_ENDIAN) {
2479 if (endian == DEVICE_BIG_ENDIAN) {
2485 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(mr)
2489 case DEVICE_LITTLE_ENDIAN:
2490 val = ldl_le_p(ptr);
2492 case DEVICE_BIG_ENDIAN:
2493 val = ldl_be_p(ptr);
2503 uint32_t ldl_phys(AddressSpace *as, hwaddr addr)
2505 return ldl_phys_internal(as, addr, DEVICE_NATIVE_ENDIAN);
2508 uint32_t ldl_le_phys(AddressSpace *as, hwaddr addr)
2510 return ldl_phys_internal(as, addr, DEVICE_LITTLE_ENDIAN);
2513 uint32_t ldl_be_phys(AddressSpace *as, hwaddr addr)
2515 return ldl_phys_internal(as, addr, DEVICE_BIG_ENDIAN);
2518 /* warning: addr must be aligned */
2519 static inline uint64_t ldq_phys_internal(AddressSpace *as, hwaddr addr,
2520 enum device_endian endian)
2528 mr = address_space_translate(as, addr, &addr1, &l,
2530 if (l < 8 || !memory_access_is_direct(mr, false)) {
2532 io_mem_read(mr, addr1, &val, 8);
2533 #if defined(TARGET_WORDS_BIGENDIAN)
2534 if (endian == DEVICE_LITTLE_ENDIAN) {
2538 if (endian == DEVICE_BIG_ENDIAN) {
2544 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(mr)
2548 case DEVICE_LITTLE_ENDIAN:
2549 val = ldq_le_p(ptr);
2551 case DEVICE_BIG_ENDIAN:
2552 val = ldq_be_p(ptr);
2562 uint64_t ldq_phys(AddressSpace *as, hwaddr addr)
2564 return ldq_phys_internal(as, addr, DEVICE_NATIVE_ENDIAN);
2567 uint64_t ldq_le_phys(AddressSpace *as, hwaddr addr)
2569 return ldq_phys_internal(as, addr, DEVICE_LITTLE_ENDIAN);
2572 uint64_t ldq_be_phys(AddressSpace *as, hwaddr addr)
2574 return ldq_phys_internal(as, addr, DEVICE_BIG_ENDIAN);
2578 uint32_t ldub_phys(AddressSpace *as, hwaddr addr)
2581 address_space_rw(as, addr, &val, 1, 0);
2585 /* warning: addr must be aligned */
2586 static inline uint32_t lduw_phys_internal(AddressSpace *as, hwaddr addr,
2587 enum device_endian endian)
2595 mr = address_space_translate(as, addr, &addr1, &l,
2597 if (l < 2 || !memory_access_is_direct(mr, false)) {
2599 io_mem_read(mr, addr1, &val, 2);
2600 #if defined(TARGET_WORDS_BIGENDIAN)
2601 if (endian == DEVICE_LITTLE_ENDIAN) {
2605 if (endian == DEVICE_BIG_ENDIAN) {
2611 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(mr)
2615 case DEVICE_LITTLE_ENDIAN:
2616 val = lduw_le_p(ptr);
2618 case DEVICE_BIG_ENDIAN:
2619 val = lduw_be_p(ptr);
2629 uint32_t lduw_phys(AddressSpace *as, hwaddr addr)
2631 return lduw_phys_internal(as, addr, DEVICE_NATIVE_ENDIAN);
2634 uint32_t lduw_le_phys(AddressSpace *as, hwaddr addr)
2636 return lduw_phys_internal(as, addr, DEVICE_LITTLE_ENDIAN);
2639 uint32_t lduw_be_phys(AddressSpace *as, hwaddr addr)
2641 return lduw_phys_internal(as, addr, DEVICE_BIG_ENDIAN);
2644 /* warning: addr must be aligned. The ram page is not masked as dirty
2645 and the code inside is not invalidated. It is useful if the dirty
2646 bits are used to track modified PTEs */
2647 void stl_phys_notdirty(AddressSpace *as, hwaddr addr, uint32_t val)
2654 mr = address_space_translate(as, addr, &addr1, &l,
2656 if (l < 4 || !memory_access_is_direct(mr, true)) {
2657 io_mem_write(mr, addr1, val, 4);
2659 addr1 += memory_region_get_ram_addr(mr) & TARGET_PAGE_MASK;
2660 ptr = qemu_get_ram_ptr(addr1);
2663 if (unlikely(in_migration)) {
2664 if (cpu_physical_memory_is_clean(addr1)) {
2665 /* invalidate code */
2666 tb_invalidate_phys_page_range(addr1, addr1 + 4, 0);
2668 cpu_physical_memory_set_dirty_range_nocode(addr1, 4);
2674 /* warning: addr must be aligned */
2675 static inline void stl_phys_internal(AddressSpace *as,
2676 hwaddr addr, uint32_t val,
2677 enum device_endian endian)
2684 mr = address_space_translate(as, addr, &addr1, &l,
2686 if (l < 4 || !memory_access_is_direct(mr, true)) {
2687 #if defined(TARGET_WORDS_BIGENDIAN)
2688 if (endian == DEVICE_LITTLE_ENDIAN) {
2692 if (endian == DEVICE_BIG_ENDIAN) {
2696 io_mem_write(mr, addr1, val, 4);
2699 addr1 += memory_region_get_ram_addr(mr) & TARGET_PAGE_MASK;
2700 ptr = qemu_get_ram_ptr(addr1);
2702 case DEVICE_LITTLE_ENDIAN:
2705 case DEVICE_BIG_ENDIAN:
2712 invalidate_and_set_dirty(addr1, 4);
2716 void stl_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2718 stl_phys_internal(as, addr, val, DEVICE_NATIVE_ENDIAN);
2721 void stl_le_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2723 stl_phys_internal(as, addr, val, DEVICE_LITTLE_ENDIAN);
2726 void stl_be_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2728 stl_phys_internal(as, addr, val, DEVICE_BIG_ENDIAN);
2732 void stb_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2735 address_space_rw(as, addr, &v, 1, 1);
2738 /* warning: addr must be aligned */
2739 static inline void stw_phys_internal(AddressSpace *as,
2740 hwaddr addr, uint32_t val,
2741 enum device_endian endian)
2748 mr = address_space_translate(as, addr, &addr1, &l, true);
2749 if (l < 2 || !memory_access_is_direct(mr, true)) {
2750 #if defined(TARGET_WORDS_BIGENDIAN)
2751 if (endian == DEVICE_LITTLE_ENDIAN) {
2755 if (endian == DEVICE_BIG_ENDIAN) {
2759 io_mem_write(mr, addr1, val, 2);
2762 addr1 += memory_region_get_ram_addr(mr) & TARGET_PAGE_MASK;
2763 ptr = qemu_get_ram_ptr(addr1);
2765 case DEVICE_LITTLE_ENDIAN:
2768 case DEVICE_BIG_ENDIAN:
2775 invalidate_and_set_dirty(addr1, 2);
2779 void stw_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2781 stw_phys_internal(as, addr, val, DEVICE_NATIVE_ENDIAN);
2784 void stw_le_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2786 stw_phys_internal(as, addr, val, DEVICE_LITTLE_ENDIAN);
2789 void stw_be_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2791 stw_phys_internal(as, addr, val, DEVICE_BIG_ENDIAN);
2795 void stq_phys(AddressSpace *as, hwaddr addr, uint64_t val)
2798 address_space_rw(as, addr, (void *) &val, 8, 1);
2801 void stq_le_phys(AddressSpace *as, hwaddr addr, uint64_t val)
2803 val = cpu_to_le64(val);
2804 address_space_rw(as, addr, (void *) &val, 8, 1);
2807 void stq_be_phys(AddressSpace *as, hwaddr addr, uint64_t val)
2809 val = cpu_to_be64(val);
2810 address_space_rw(as, addr, (void *) &val, 8, 1);
2813 /* virtual memory access for debug (includes writing to ROM) */
2814 int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
2815 uint8_t *buf, int len, int is_write)
2822 page = addr & TARGET_PAGE_MASK;
2823 phys_addr = cpu_get_phys_page_debug(cpu, page);
2824 /* if no physical page mapped, return an error */
2825 if (phys_addr == -1)
2827 l = (page + TARGET_PAGE_SIZE) - addr;
2830 phys_addr += (addr & ~TARGET_PAGE_MASK);
2832 cpu_physical_memory_write_rom(cpu->as, phys_addr, buf, l);
2834 address_space_rw(cpu->as, phys_addr, buf, l, 0);
2845 * A helper function for the _utterly broken_ virtio device model to find out if
2846 * it's running on a big endian machine. Don't do this at home kids!
2848 bool target_words_bigendian(void);
2849 bool target_words_bigendian(void)
2851 #if defined(TARGET_WORDS_BIGENDIAN)
2858 #ifndef CONFIG_USER_ONLY
2859 bool cpu_physical_memory_is_io(hwaddr phys_addr)
2864 mr = address_space_translate(&address_space_memory,
2865 phys_addr, &phys_addr, &l, false);
2867 return !(memory_region_is_ram(mr) ||
2868 memory_region_is_romd(mr));
2871 void qemu_ram_foreach_block(RAMBlockIterFunc func, void *opaque)
2875 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
2876 func(block->host, block->offset, block->length, opaque);
projects / qemu.git / blob