search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
exec: split length -> used_length/max_length
[qemu/qmp-unstable.git] / exec.c
blobb69216ab0e5117b37384c0eedeb13b60f3c7ab0c
1 /*
2 * Virtual page mapping
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18 */
19 #include "config.h"
20 #ifndef _WIN32
21 #include <sys/types.h>
22 #include <sys/mman.h>
23 #endif
24
25 #include "qemu-common.h"
26 #include "cpu.h"
27 #include "tcg.h"
28 #include "hw/hw.h"
29 #include "hw/qdev.h"
30 #include "qemu/osdep.h"
31 #include "sysemu/kvm.h"
32 #include "sysemu/sysemu.h"
33 #include "hw/xen/xen.h"
34 #include "qemu/timer.h"
35 #include "qemu/config-file.h"
36 #include "qemu/error-report.h"
37 #include "exec/memory.h"
38 #include "sysemu/dma.h"
39 #include "exec/address-spaces.h"
40 #if defined(CONFIG_USER_ONLY)
41 #include <qemu.h>
42 #else /* !CONFIG_USER_ONLY */
43 #include "sysemu/xen-mapcache.h"
44 #include "trace.h"
45 #endif
46 #include "exec/cpu-all.h"
47
48 #include "exec/cputlb.h"
49 #include "translate-all.h"
50
51 #include "exec/memory-internal.h"
52 #include "exec/ram_addr.h"
53
54 #include "qemu/range.h"
55
56 //#define DEBUG_SUBPAGE
57
58 #if !defined(CONFIG_USER_ONLY)
59 static bool in_migration;
60
61 RAMList ram_list = { .blocks = QTAILQ_HEAD_INITIALIZER(ram_list.blocks) };
62
63 static MemoryRegion *system_memory;
64 static MemoryRegion *system_io;
65
66 AddressSpace address_space_io;
67 AddressSpace address_space_memory;
68
69 MemoryRegion io_mem_rom, io_mem_notdirty;
70 static MemoryRegion io_mem_unassigned;
71
72 /* RAM is pre-allocated and passed into qemu_ram_alloc_from_ptr */
73 #define RAM_PREALLOC (1 << 0)
74
75 /* RAM is mmap-ed with MAP_SHARED */
76 #define RAM_SHARED (1 << 1)
77
78 #endif
79
80 struct CPUTailQ cpus = QTAILQ_HEAD_INITIALIZER(cpus);
81 /* current CPU in the current thread. It is only valid inside
82 cpu_exec() */
83 DEFINE_TLS(CPUState *, current_cpu);
84 /* 0 = Do not count executed instructions.
85 1 = Precise instruction counting.
86 2 = Adaptive rate instruction counting. */
87 int use_icount;
88
89 #if !defined(CONFIG_USER_ONLY)
90
91 typedef struct PhysPageEntry PhysPageEntry;
92
93 struct PhysPageEntry {
94 /* How many bits skip to next level (in units of L2_SIZE). 0 for a leaf. */
95 uint32_t skip : 6;
96 /* index into phys_sections (!skip) or phys_map_nodes (skip) */
97 uint32_t ptr : 26;
98 };
99
100 #define PHYS_MAP_NODE_NIL (((uint32_t)~0) >> 6)
101
102 /* Size of the L2 (and L3, etc) page tables. */
103 #define ADDR_SPACE_BITS 64
104
105 #define P_L2_BITS 9
106 #define P_L2_SIZE (1 << P_L2_BITS)
107
108 #define P_L2_LEVELS (((ADDR_SPACE_BITS - TARGET_PAGE_BITS - 1) / P_L2_BITS) + 1)
109
110 typedef PhysPageEntry Node[P_L2_SIZE];
111
112 typedef struct PhysPageMap {
113 unsigned sections_nb;
114 unsigned sections_nb_alloc;
115 unsigned nodes_nb;
116 unsigned nodes_nb_alloc;
117 Node *nodes;
118 MemoryRegionSection *sections;
119 } PhysPageMap;
120
121 struct AddressSpaceDispatch {
122 /* This is a multi-level map on the physical address space.
123 * The bottom level has pointers to MemoryRegionSections.
124 */
125 PhysPageEntry phys_map;
126 PhysPageMap map;
127 AddressSpace *as;
128 };
129
130 #define SUBPAGE_IDX(addr) ((addr) & ~TARGET_PAGE_MASK)
131 typedef struct subpage_t {
132 MemoryRegion iomem;
133 AddressSpace *as;
134 hwaddr base;
135 uint16_t sub_section[TARGET_PAGE_SIZE];
136 } subpage_t;
137
138 #define PHYS_SECTION_UNASSIGNED 0
139 #define PHYS_SECTION_NOTDIRTY 1
140 #define PHYS_SECTION_ROM 2
141 #define PHYS_SECTION_WATCH 3
142
143 static void io_mem_init(void);
144 static void memory_map_init(void);
145 static void tcg_commit(MemoryListener *listener);
146
147 static MemoryRegion io_mem_watch;
148 #endif
149
150 #if !defined(CONFIG_USER_ONLY)
151
152 static void phys_map_node_reserve(PhysPageMap *map, unsigned nodes)
153 {
154 if (map->nodes_nb + nodes > map->nodes_nb_alloc) {
155 map->nodes_nb_alloc = MAX(map->nodes_nb_alloc * 2, 16);
156 map->nodes_nb_alloc = MAX(map->nodes_nb_alloc, map->nodes_nb + nodes);
157 map->nodes = g_renew(Node, map->nodes, map->nodes_nb_alloc);
158 }
159 }
160
161 static uint32_t phys_map_node_alloc(PhysPageMap *map)
162 {
163 unsigned i;
164 uint32_t ret;
165
166 ret = map->nodes_nb++;
167 assert(ret != PHYS_MAP_NODE_NIL);
168 assert(ret != map->nodes_nb_alloc);
169 for (i = 0; i < P_L2_SIZE; ++i) {
170 map->nodes[ret][i].skip = 1;
171 map->nodes[ret][i].ptr = PHYS_MAP_NODE_NIL;
172 }
173 return ret;
174 }
175
176 static void phys_page_set_level(PhysPageMap *map, PhysPageEntry *lp,
177 hwaddr *index, hwaddr *nb, uint16_t leaf,
178 int level)
179 {
180 PhysPageEntry *p;
181 int i;
182 hwaddr step = (hwaddr)1 << (level * P_L2_BITS);
183
184 if (lp->skip && lp->ptr == PHYS_MAP_NODE_NIL) {
185 lp->ptr = phys_map_node_alloc(map);
186 p = map->nodes[lp->ptr];
187 if (level == 0) {
188 for (i = 0; i < P_L2_SIZE; i++) {
189 p[i].skip = 0;
190 p[i].ptr = PHYS_SECTION_UNASSIGNED;
191 }
192 }
193 } else {
194 p = map->nodes[lp->ptr];
195 }
196 lp = &p[(*index >> (level * P_L2_BITS)) & (P_L2_SIZE - 1)];
197
198 while (*nb && lp < &p[P_L2_SIZE]) {
199 if ((*index & (step - 1)) == 0 && *nb >= step) {
200 lp->skip = 0;
201 lp->ptr = leaf;
202 *index += step;
203 *nb -= step;
204 } else {
205 phys_page_set_level(map, lp, index, nb, leaf, level - 1);
206 }
207 ++lp;
208 }
209 }
210
211 static void phys_page_set(AddressSpaceDispatch *d,
212 hwaddr index, hwaddr nb,
213 uint16_t leaf)
214 {
215 /* Wildly overreserve - it doesn't matter much. */
216 phys_map_node_reserve(&d->map, 3 * P_L2_LEVELS);
217
218 phys_page_set_level(&d->map, &d->phys_map, &index, &nb, leaf, P_L2_LEVELS - 1);
219 }
220
221 /* Compact a non leaf page entry. Simply detect that the entry has a single child,
222 * and update our entry so we can skip it and go directly to the destination.
223 */
224 static void phys_page_compact(PhysPageEntry *lp, Node *nodes, unsigned long *compacted)
225 {
226 unsigned valid_ptr = P_L2_SIZE;
227 int valid = 0;
228 PhysPageEntry *p;
229 int i;
230
231 if (lp->ptr == PHYS_MAP_NODE_NIL) {
232 return;
233 }
234
235 p = nodes[lp->ptr];
236 for (i = 0; i < P_L2_SIZE; i++) {
237 if (p[i].ptr == PHYS_MAP_NODE_NIL) {
238 continue;
239 }
240
241 valid_ptr = i;
242 valid++;
243 if (p[i].skip) {
244 phys_page_compact(&p[i], nodes, compacted);
245 }
246 }
247
248 /* We can only compress if there's only one child. */
249 if (valid != 1) {
250 return;
251 }
252
253 assert(valid_ptr < P_L2_SIZE);
254
255 /* Don't compress if it won't fit in the # of bits we have. */
256 if (lp->skip + p[valid_ptr].skip >= (1 << 3)) {
257 return;
258 }
259
260 lp->ptr = p[valid_ptr].ptr;
261 if (!p[valid_ptr].skip) {
262 /* If our only child is a leaf, make this a leaf. */
263 /* By design, we should have made this node a leaf to begin with so we
264 * should never reach here.
265 * But since it's so simple to handle this, let's do it just in case we
266 * change this rule.
267 */
268 lp->skip = 0;
269 } else {
270 lp->skip += p[valid_ptr].skip;
271 }
272 }
273
274 static void phys_page_compact_all(AddressSpaceDispatch *d, int nodes_nb)
275 {
276 DECLARE_BITMAP(compacted, nodes_nb);
277
278 if (d->phys_map.skip) {
279 phys_page_compact(&d->phys_map, d->map.nodes, compacted);
280 }
281 }
282
283 static MemoryRegionSection *phys_page_find(PhysPageEntry lp, hwaddr addr,
284 Node *nodes, MemoryRegionSection *sections)
285 {
286 PhysPageEntry *p;
287 hwaddr index = addr >> TARGET_PAGE_BITS;
288 int i;
289
290 for (i = P_L2_LEVELS; lp.skip && (i -= lp.skip) >= 0;) {
291 if (lp.ptr == PHYS_MAP_NODE_NIL) {
292 return &sections[PHYS_SECTION_UNASSIGNED];
293 }
294 p = nodes[lp.ptr];
295 lp = p[(index >> (i * P_L2_BITS)) & (P_L2_SIZE - 1)];
296 }
297
298 if (sections[lp.ptr].size.hi ||
299 range_covers_byte(sections[lp.ptr].offset_within_address_space,
300 sections[lp.ptr].size.lo, addr)) {
301 return &sections[lp.ptr];
302 } else {
303 return &sections[PHYS_SECTION_UNASSIGNED];
304 }
305 }
306
307 bool memory_region_is_unassigned(MemoryRegion *mr)
308 {
309 return mr != &io_mem_rom && mr != &io_mem_notdirty && !mr->rom_device
310 && mr != &io_mem_watch;
311 }
312
313 static MemoryRegionSection *address_space_lookup_region(AddressSpaceDispatch *d,
314 hwaddr addr,
315 bool resolve_subpage)
316 {
317 MemoryRegionSection *section;
318 subpage_t *subpage;
319
320 section = phys_page_find(d->phys_map, addr, d->map.nodes, d->map.sections);
321 if (resolve_subpage && section->mr->subpage) {
322 subpage = container_of(section->mr, subpage_t, iomem);
323 section = &d->map.sections[subpage->sub_section[SUBPAGE_IDX(addr)]];
324 }
325 return section;
326 }
327
328 static MemoryRegionSection *
329 address_space_translate_internal(AddressSpaceDispatch *d, hwaddr addr, hwaddr *xlat,
330 hwaddr *plen, bool resolve_subpage)
331 {
332 MemoryRegionSection *section;
333 Int128 diff;
334
335 section = address_space_lookup_region(d, addr, resolve_subpage);
336 /* Compute offset within MemoryRegionSection */
337 addr -= section->offset_within_address_space;
338
339 /* Compute offset within MemoryRegion */
340 *xlat = addr + section->offset_within_region;
341
342 diff = int128_sub(section->mr->size, int128_make64(addr));
343 *plen = int128_get64(int128_min(diff, int128_make64(*plen)));
344 return section;
345 }
346
347 static inline bool memory_access_is_direct(MemoryRegion *mr, bool is_write)
348 {
349 if (memory_region_is_ram(mr)) {
350 return !(is_write && mr->readonly);
351 }
352 if (memory_region_is_romd(mr)) {
353 return !is_write;
354 }
355
356 return false;
357 }
358
359 MemoryRegion *address_space_translate(AddressSpace *as, hwaddr addr,
360 hwaddr *xlat, hwaddr *plen,
361 bool is_write)
362 {
363 IOMMUTLBEntry iotlb;
364 MemoryRegionSection *section;
365 MemoryRegion *mr;
366 hwaddr len = *plen;
367
368 for (;;) {
369 section = address_space_translate_internal(as->dispatch, addr, &addr, plen, true);
370 mr = section->mr;
371
372 if (!mr->iommu_ops) {
373 break;
374 }
375
376 iotlb = mr->iommu_ops->translate(mr, addr, is_write);
377 addr = ((iotlb.translated_addr & ~iotlb.addr_mask)
378 | (addr & iotlb.addr_mask));
379 len = MIN(len, (addr | iotlb.addr_mask) - addr + 1);
380 if (!(iotlb.perm & (1 << is_write))) {
381 mr = &io_mem_unassigned;
382 break;
383 }
384
385 as = iotlb.target_as;
386 }
387
388 if (xen_enabled() && memory_access_is_direct(mr, is_write)) {
389 hwaddr page = ((addr & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE) - addr;
390 len = MIN(page, len);
391 }
392
393 *plen = len;
394 *xlat = addr;
395 return mr;
396 }
397
398 MemoryRegionSection *
399 address_space_translate_for_iotlb(AddressSpace *as, hwaddr addr, hwaddr *xlat,
400 hwaddr *plen)
401 {
402 MemoryRegionSection *section;
403 section = address_space_translate_internal(as->dispatch, addr, xlat, plen, false);
404
405 assert(!section->mr->iommu_ops);
406 return section;
407 }
408 #endif
409
410 void cpu_exec_init_all(void)
411 {
412 #if !defined(CONFIG_USER_ONLY)
413 qemu_mutex_init(&ram_list.mutex);
414 memory_map_init();
415 io_mem_init();
416 #endif
417 }
418
419 #if !defined(CONFIG_USER_ONLY)
420
421 static int cpu_common_post_load(void *opaque, int version_id)
422 {
423 CPUState *cpu = opaque;
424
425 /* 0x01 was CPU_INTERRUPT_EXIT. This line can be removed when the
426 version_id is increased. */
427 cpu->interrupt_request &= ~0x01;
428 tlb_flush(cpu, 1);
429
430 return 0;
431 }
432
433 static int cpu_common_pre_load(void *opaque)
434 {
435 CPUState *cpu = opaque;
436
437 cpu->exception_index = 0;
438
439 return 0;
440 }
441
442 static bool cpu_common_exception_index_needed(void *opaque)
443 {
444 CPUState *cpu = opaque;
445
446 return cpu->exception_index != 0;
447 }
448
449 static const VMStateDescription vmstate_cpu_common_exception_index = {
450 .name = "cpu_common/exception_index",
451 .version_id = 1,
452 .minimum_version_id = 1,
453 .fields = (VMStateField[]) {
454 VMSTATE_INT32(exception_index, CPUState),
455 VMSTATE_END_OF_LIST()
456 }
457 };
458
459 const VMStateDescription vmstate_cpu_common = {
460 .name = "cpu_common",
461 .version_id = 1,
462 .minimum_version_id = 1,
463 .pre_load = cpu_common_pre_load,
464 .post_load = cpu_common_post_load,
465 .fields = (VMStateField[]) {
466 VMSTATE_UINT32(halted, CPUState),
467 VMSTATE_UINT32(interrupt_request, CPUState),
468 VMSTATE_END_OF_LIST()
469 },
470 .subsections = (VMStateSubsection[]) {
471 {
472 .vmsd = &vmstate_cpu_common_exception_index,
473 .needed = cpu_common_exception_index_needed,
474 } , {
475 /* empty */
476 }
477 }
478 };
479
480 #endif
481
482 CPUState *qemu_get_cpu(int index)
483 {
484 CPUState *cpu;
485
486 CPU_FOREACH(cpu) {
487 if (cpu->cpu_index == index) {
488 return cpu;
489 }
490 }
491
492 return NULL;
493 }
494
495 #if !defined(CONFIG_USER_ONLY)
496 void tcg_cpu_address_space_init(CPUState *cpu, AddressSpace *as)
497 {
498 /* We only support one address space per cpu at the moment. */
499 assert(cpu->as == as);
500
501 if (cpu->tcg_as_listener) {
502 memory_listener_unregister(cpu->tcg_as_listener);
503 } else {
504 cpu->tcg_as_listener = g_new0(MemoryListener, 1);
505 }
506 cpu->tcg_as_listener->commit = tcg_commit;
507 memory_listener_register(cpu->tcg_as_listener, as);
508 }
509 #endif
510
511 void cpu_exec_init(CPUArchState *env)
512 {
513 CPUState *cpu = ENV_GET_CPU(env);
514 CPUClass *cc = CPU_GET_CLASS(cpu);
515 CPUState *some_cpu;
516 int cpu_index;
517
518 #if defined(CONFIG_USER_ONLY)
519 cpu_list_lock();
520 #endif
521 cpu_index = 0;
522 CPU_FOREACH(some_cpu) {
523 cpu_index++;
524 }
525 cpu->cpu_index = cpu_index;
526 cpu->numa_node = 0;
527 QTAILQ_INIT(&cpu->breakpoints);
528 QTAILQ_INIT(&cpu->watchpoints);
529 #ifndef CONFIG_USER_ONLY
530 cpu->as = &address_space_memory;
531 cpu->thread_id = qemu_get_thread_id();
532 #endif
533 QTAILQ_INSERT_TAIL(&cpus, cpu, node);
534 #if defined(CONFIG_USER_ONLY)
535 cpu_list_unlock();
536 #endif
537 if (qdev_get_vmsd(DEVICE(cpu)) == NULL) {
538 vmstate_register(NULL, cpu_index, &vmstate_cpu_common, cpu);
539 }
540 #if defined(CPU_SAVE_VERSION) && !defined(CONFIG_USER_ONLY)
541 register_savevm(NULL, "cpu", cpu_index, CPU_SAVE_VERSION,
542 cpu_save, cpu_load, env);
543 assert(cc->vmsd == NULL);
544 assert(qdev_get_vmsd(DEVICE(cpu)) == NULL);
545 #endif
546 if (cc->vmsd != NULL) {
547 vmstate_register(NULL, cpu_index, cc->vmsd, cpu);
548 }
549 }
550
551 #if defined(TARGET_HAS_ICE)
552 #if defined(CONFIG_USER_ONLY)
553 static void breakpoint_invalidate(CPUState *cpu, target_ulong pc)
554 {
555 tb_invalidate_phys_page_range(pc, pc + 1, 0);
556 }
557 #else
558 static void breakpoint_invalidate(CPUState *cpu, target_ulong pc)
559 {
560 hwaddr phys = cpu_get_phys_page_debug(cpu, pc);
561 if (phys != -1) {
562 tb_invalidate_phys_addr(cpu->as,
563 phys | (pc & ~TARGET_PAGE_MASK));
564 }
565 }
566 #endif
567 #endif /* TARGET_HAS_ICE */
568
569 #if defined(CONFIG_USER_ONLY)
570 void cpu_watchpoint_remove_all(CPUState *cpu, int mask)
571
572 {
573 }
574
575 int cpu_watchpoint_remove(CPUState *cpu, vaddr addr, vaddr len,
576 int flags)
577 {
578 return -ENOSYS;
579 }
580
581 void cpu_watchpoint_remove_by_ref(CPUState *cpu, CPUWatchpoint *watchpoint)
582 {
583 }
584
585 int cpu_watchpoint_insert(CPUState *cpu, vaddr addr, vaddr len,
586 int flags, CPUWatchpoint **watchpoint)
587 {
588 return -ENOSYS;
589 }
590 #else
591 /* Add a watchpoint. */
592 int cpu_watchpoint_insert(CPUState *cpu, vaddr addr, vaddr len,
593 int flags, CPUWatchpoint **watchpoint)
594 {
595 CPUWatchpoint *wp;
596
597 /* forbid ranges which are empty or run off the end of the address space */
598 if (len == 0 || (addr + len - 1) < addr) {
599 error_report("tried to set invalid watchpoint at %"
600 VADDR_PRIx ", len=%" VADDR_PRIu, addr, len);
601 return -EINVAL;
602 }
603 wp = g_malloc(sizeof(*wp));
604
605 wp->vaddr = addr;
606 wp->len = len;
607 wp->flags = flags;
608
609 /* keep all GDB-injected watchpoints in front */
610 if (flags & BP_GDB) {
611 QTAILQ_INSERT_HEAD(&cpu->watchpoints, wp, entry);
612 } else {
613 QTAILQ_INSERT_TAIL(&cpu->watchpoints, wp, entry);
614 }
615
616 tlb_flush_page(cpu, addr);
617
618 if (watchpoint)
619 *watchpoint = wp;
620 return 0;
621 }
622
623 /* Remove a specific watchpoint. */
624 int cpu_watchpoint_remove(CPUState *cpu, vaddr addr, vaddr len,
625 int flags)
626 {
627 CPUWatchpoint *wp;
628
629 QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
630 if (addr == wp->vaddr && len == wp->len
631 && flags == (wp->flags & ~BP_WATCHPOINT_HIT)) {
632 cpu_watchpoint_remove_by_ref(cpu, wp);
633 return 0;
634 }
635 }
636 return -ENOENT;
637 }
638
639 /* Remove a specific watchpoint by reference. */
640 void cpu_watchpoint_remove_by_ref(CPUState *cpu, CPUWatchpoint *watchpoint)
641 {
642 QTAILQ_REMOVE(&cpu->watchpoints, watchpoint, entry);
643
644 tlb_flush_page(cpu, watchpoint->vaddr);
645
646 g_free(watchpoint);
647 }
648
649 /* Remove all matching watchpoints. */
650 void cpu_watchpoint_remove_all(CPUState *cpu, int mask)
651 {
652 CPUWatchpoint *wp, *next;
653
654 QTAILQ_FOREACH_SAFE(wp, &cpu->watchpoints, entry, next) {
655 if (wp->flags & mask) {
656 cpu_watchpoint_remove_by_ref(cpu, wp);
657 }
658 }
659 }
660
661 /* Return true if this watchpoint address matches the specified
662 * access (ie the address range covered by the watchpoint overlaps
663 * partially or completely with the address range covered by the
664 * access).
665 */
666 static inline bool cpu_watchpoint_address_matches(CPUWatchpoint *wp,
667 vaddr addr,
668 vaddr len)
669 {
670 /* We know the lengths are non-zero, but a little caution is
671 * required to avoid errors in the case where the range ends
672 * exactly at the top of the address space and so addr + len
673 * wraps round to zero.
674 */
675 vaddr wpend = wp->vaddr + wp->len - 1;
676 vaddr addrend = addr + len - 1;
677
678 return !(addr > wpend || wp->vaddr > addrend);
679 }
680
681 #endif
682
683 /* Add a breakpoint. */
684 int cpu_breakpoint_insert(CPUState *cpu, vaddr pc, int flags,
685 CPUBreakpoint **breakpoint)
686 {
687 #if defined(TARGET_HAS_ICE)
688 CPUBreakpoint *bp;
689
690 bp = g_malloc(sizeof(*bp));
691
692 bp->pc = pc;
693 bp->flags = flags;
694
695 /* keep all GDB-injected breakpoints in front */
696 if (flags & BP_GDB) {
697 QTAILQ_INSERT_HEAD(&cpu->breakpoints, bp, entry);
698 } else {
699 QTAILQ_INSERT_TAIL(&cpu->breakpoints, bp, entry);
700 }
701
702 breakpoint_invalidate(cpu, pc);
703
704 if (breakpoint) {
705 *breakpoint = bp;
706 }
707 return 0;
708 #else
709 return -ENOSYS;
710 #endif
711 }
712
713 /* Remove a specific breakpoint. */
714 int cpu_breakpoint_remove(CPUState *cpu, vaddr pc, int flags)
715 {
716 #if defined(TARGET_HAS_ICE)
717 CPUBreakpoint *bp;
718
719 QTAILQ_FOREACH(bp, &cpu->breakpoints, entry) {
720 if (bp->pc == pc && bp->flags == flags) {
721 cpu_breakpoint_remove_by_ref(cpu, bp);
722 return 0;
723 }
724 }
725 return -ENOENT;
726 #else
727 return -ENOSYS;
728 #endif
729 }
730
731 /* Remove a specific breakpoint by reference. */
732 void cpu_breakpoint_remove_by_ref(CPUState *cpu, CPUBreakpoint *breakpoint)
733 {
734 #if defined(TARGET_HAS_ICE)
735 QTAILQ_REMOVE(&cpu->breakpoints, breakpoint, entry);
736
737 breakpoint_invalidate(cpu, breakpoint->pc);
738
739 g_free(breakpoint);
740 #endif
741 }
742
743 /* Remove all matching breakpoints. */
744 void cpu_breakpoint_remove_all(CPUState *cpu, int mask)
745 {
746 #if defined(TARGET_HAS_ICE)
747 CPUBreakpoint *bp, *next;
748
749 QTAILQ_FOREACH_SAFE(bp, &cpu->breakpoints, entry, next) {
750 if (bp->flags & mask) {
751 cpu_breakpoint_remove_by_ref(cpu, bp);
752 }
753 }
754 #endif
755 }
756
757 /* enable or disable single step mode. EXCP_DEBUG is returned by the
758 CPU loop after each instruction */
759 void cpu_single_step(CPUState *cpu, int enabled)
760 {
761 #if defined(TARGET_HAS_ICE)
762 if (cpu->singlestep_enabled != enabled) {
763 cpu->singlestep_enabled = enabled;
764 if (kvm_enabled()) {
765 kvm_update_guest_debug(cpu, 0);
766 } else {
767 /* must flush all the translated code to avoid inconsistencies */
768 /* XXX: only flush what is necessary */
769 CPUArchState *env = cpu->env_ptr;
770 tb_flush(env);
771 }
772 }
773 #endif
774 }
775
776 void cpu_abort(CPUState *cpu, const char *fmt, ...)
777 {
778 va_list ap;
779 va_list ap2;
780
781 va_start(ap, fmt);
782 va_copy(ap2, ap);
783 fprintf(stderr, "qemu: fatal: ");
784 vfprintf(stderr, fmt, ap);
785 fprintf(stderr, "\n");
786 cpu_dump_state(cpu, stderr, fprintf, CPU_DUMP_FPU | CPU_DUMP_CCOP);
787 if (qemu_log_enabled()) {
788 qemu_log("qemu: fatal: ");
789 qemu_log_vprintf(fmt, ap2);
790 qemu_log("\n");
791 log_cpu_state(cpu, CPU_DUMP_FPU | CPU_DUMP_CCOP);
792 qemu_log_flush();
793 qemu_log_close();
794 }
795 va_end(ap2);
796 va_end(ap);
797 #if defined(CONFIG_USER_ONLY)
798 {
799 struct sigaction act;
800 sigfillset(&act.sa_mask);
801 act.sa_handler = SIG_DFL;
802 sigaction(SIGABRT, &act, NULL);
803 }
804 #endif
805 abort();
806 }
807
808 #if !defined(CONFIG_USER_ONLY)
809 static RAMBlock *qemu_get_ram_block(ram_addr_t addr)
810 {
811 RAMBlock *block;
812
813 /* The list is protected by the iothread lock here. */
814 block = ram_list.mru_block;
815 if (block && addr - block->offset < block->max_length) {
816 goto found;
817 }
818 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
819 if (addr - block->offset < block->max_length) {
820 goto found;
821 }
822 }
823
824 fprintf(stderr, "Bad ram offset %" PRIx64 "\n", (uint64_t)addr);
825 abort();
826
827 found:
828 ram_list.mru_block = block;
829 return block;
830 }
831
832 static void tlb_reset_dirty_range_all(ram_addr_t start, ram_addr_t length)
833 {
834 ram_addr_t start1;
835 RAMBlock *block;
836 ram_addr_t end;
837
838 end = TARGET_PAGE_ALIGN(start + length);
839 start &= TARGET_PAGE_MASK;
840
841 block = qemu_get_ram_block(start);
842 assert(block == qemu_get_ram_block(end - 1));
843 start1 = (uintptr_t)ramblock_ptr(block, start - block->offset);
844 cpu_tlb_reset_dirty_all(start1, length);
845 }
846
847 /* Note: start and end must be within the same ram block. */
848 void cpu_physical_memory_reset_dirty(ram_addr_t start, ram_addr_t length,
849 unsigned client)
850 {
851 if (length == 0)
852 return;
853 cpu_physical_memory_clear_dirty_range_type(start, length, client);
854
855 if (tcg_enabled()) {
856 tlb_reset_dirty_range_all(start, length);
857 }
858 }
859
860 static void cpu_physical_memory_set_dirty_tracking(bool enable)
861 {
862 in_migration = enable;
863 }
864
865 hwaddr memory_region_section_get_iotlb(CPUState *cpu,
866 MemoryRegionSection *section,
867 target_ulong vaddr,
868 hwaddr paddr, hwaddr xlat,
869 int prot,
870 target_ulong *address)
871 {
872 hwaddr iotlb;
873 CPUWatchpoint *wp;
874
875 if (memory_region_is_ram(section->mr)) {
876 /* Normal RAM. */
877 iotlb = (memory_region_get_ram_addr(section->mr) & TARGET_PAGE_MASK)
878 + xlat;
879 if (!section->readonly) {
880 iotlb |= PHYS_SECTION_NOTDIRTY;
881 } else {
882 iotlb |= PHYS_SECTION_ROM;
883 }
884 } else {
885 iotlb = section - section->address_space->dispatch->map.sections;
886 iotlb += xlat;
887 }
888
889 /* Make accesses to pages with watchpoints go via the
890 watchpoint trap routines. */
891 QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
892 if (cpu_watchpoint_address_matches(wp, vaddr, TARGET_PAGE_SIZE)) {
893 /* Avoid trapping reads of pages with a write breakpoint. */
894 if ((prot & PAGE_WRITE) || (wp->flags & BP_MEM_READ)) {
895 iotlb = PHYS_SECTION_WATCH + paddr;
896 *address |= TLB_MMIO;
897 break;
898 }
899 }
900 }
901
902 return iotlb;
903 }
904 #endif /* defined(CONFIG_USER_ONLY) */
905
906 #if !defined(CONFIG_USER_ONLY)
907
908 static int subpage_register (subpage_t *mmio, uint32_t start, uint32_t end,
909 uint16_t section);
910 static subpage_t *subpage_init(AddressSpace *as, hwaddr base);
911
912 static void *(*phys_mem_alloc)(size_t size, uint64_t *align) =
913 qemu_anon_ram_alloc;
914
915 /*
916 * Set a custom physical guest memory alloator.
917 * Accelerators with unusual needs may need this. Hopefully, we can
918 * get rid of it eventually.
919 */
920 void phys_mem_set_alloc(void *(*alloc)(size_t, uint64_t *align))
921 {
922 phys_mem_alloc = alloc;
923 }
924
925 static uint16_t phys_section_add(PhysPageMap *map,
926 MemoryRegionSection *section)
927 {
928 /* The physical section number is ORed with a page-aligned
929 * pointer to produce the iotlb entries. Thus it should
930 * never overflow into the page-aligned value.
931 */
932 assert(map->sections_nb < TARGET_PAGE_SIZE);
933
934 if (map->sections_nb == map->sections_nb_alloc) {
935 map->sections_nb_alloc = MAX(map->sections_nb_alloc * 2, 16);
936 map->sections = g_renew(MemoryRegionSection, map->sections,
937 map->sections_nb_alloc);
938 }
939 map->sections[map->sections_nb] = *section;
940 memory_region_ref(section->mr);
941 return map->sections_nb++;
942 }
943
944 static void phys_section_destroy(MemoryRegion *mr)
945 {
946 memory_region_unref(mr);
947
948 if (mr->subpage) {
949 subpage_t *subpage = container_of(mr, subpage_t, iomem);
950 object_unref(OBJECT(&subpage->iomem));
951 g_free(subpage);
952 }
953 }
954
955 static void phys_sections_free(PhysPageMap *map)
956 {
957 while (map->sections_nb > 0) {
958 MemoryRegionSection *section = &map->sections[--map->sections_nb];
959 phys_section_destroy(section->mr);
960 }
961 g_free(map->sections);
962 g_free(map->nodes);
963 }
964
965 static void register_subpage(AddressSpaceDispatch *d, MemoryRegionSection *section)
966 {
967 subpage_t *subpage;
968 hwaddr base = section->offset_within_address_space
969 & TARGET_PAGE_MASK;
970 MemoryRegionSection *existing = phys_page_find(d->phys_map, base,
971 d->map.nodes, d->map.sections);
972 MemoryRegionSection subsection = {
973 .offset_within_address_space = base,
974 .size = int128_make64(TARGET_PAGE_SIZE),
975 };
976 hwaddr start, end;
977
978 assert(existing->mr->subpage || existing->mr == &io_mem_unassigned);
979
980 if (!(existing->mr->subpage)) {
981 subpage = subpage_init(d->as, base);
982 subsection.address_space = d->as;
983 subsection.mr = &subpage->iomem;
984 phys_page_set(d, base >> TARGET_PAGE_BITS, 1,
985 phys_section_add(&d->map, &subsection));
986 } else {
987 subpage = container_of(existing->mr, subpage_t, iomem);
988 }
989 start = section->offset_within_address_space & ~TARGET_PAGE_MASK;
990 end = start + int128_get64(section->size) - 1;
991 subpage_register(subpage, start, end,
992 phys_section_add(&d->map, section));
993 }
994
995
996 static void register_multipage(AddressSpaceDispatch *d,
997 MemoryRegionSection *section)
998 {
999 hwaddr start_addr = section->offset_within_address_space;
1000 uint16_t section_index = phys_section_add(&d->map, section);
1001 uint64_t num_pages = int128_get64(int128_rshift(section->size,
1002 TARGET_PAGE_BITS));
1003
1004 assert(num_pages);
1005 phys_page_set(d, start_addr >> TARGET_PAGE_BITS, num_pages, section_index);
1006 }
1007
1008 static void mem_add(MemoryListener *listener, MemoryRegionSection *section)
1009 {
1010 AddressSpace *as = container_of(listener, AddressSpace, dispatch_listener);
1011 AddressSpaceDispatch *d = as->next_dispatch;
1012 MemoryRegionSection now = *section, remain = *section;
1013 Int128 page_size = int128_make64(TARGET_PAGE_SIZE);
1014
1015 if (now.offset_within_address_space & ~TARGET_PAGE_MASK) {
1016 uint64_t left = TARGET_PAGE_ALIGN(now.offset_within_address_space)
1017 - now.offset_within_address_space;
1018
1019 now.size = int128_min(int128_make64(left), now.size);
1020 register_subpage(d, &now);
1021 } else {
1022 now.size = int128_zero();
1023 }
1024 while (int128_ne(remain.size, now.size)) {
1025 remain.size = int128_sub(remain.size, now.size);
1026 remain.offset_within_address_space += int128_get64(now.size);
1027 remain.offset_within_region += int128_get64(now.size);
1028 now = remain;
1029 if (int128_lt(remain.size, page_size)) {
1030 register_subpage(d, &now);
1031 } else if (remain.offset_within_address_space & ~TARGET_PAGE_MASK) {
1032 now.size = page_size;
1033 register_subpage(d, &now);
1034 } else {
1035 now.size = int128_and(now.size, int128_neg(page_size));
1036 register_multipage(d, &now);
1037 }
1038 }
1039 }
1040
1041 void qemu_flush_coalesced_mmio_buffer(void)
1042 {
1043 if (kvm_enabled())
1044 kvm_flush_coalesced_mmio_buffer();
1045 }
1046
1047 void qemu_mutex_lock_ramlist(void)
1048 {
1049 qemu_mutex_lock(&ram_list.mutex);
1050 }
1051
1052 void qemu_mutex_unlock_ramlist(void)
1053 {
1054 qemu_mutex_unlock(&ram_list.mutex);
1055 }
1056
1057 #ifdef __linux__
1058
1059 #include <sys/vfs.h>
1060
1061 #define HUGETLBFS_MAGIC 0x958458f6
1062
1063 static long gethugepagesize(const char *path, Error **errp)
1064 {
1065 struct statfs fs;
1066 int ret;
1067
1068 do {
1069 ret = statfs(path, &fs);
1070 } while (ret != 0 && errno == EINTR);
1071
1072 if (ret != 0) {
1073 error_setg_errno(errp, errno, "failed to get page size of file %s",
1074 path);
1075 return 0;
1076 }
1077
1078 if (fs.f_type != HUGETLBFS_MAGIC)
1079 fprintf(stderr, "Warning: path not on HugeTLBFS: %s\n", path);
1080
1081 return fs.f_bsize;
1082 }
1083
1084 static void *file_ram_alloc(RAMBlock *block,
1085 ram_addr_t memory,
1086 const char *path,
1087 Error **errp)
1088 {
1089 char *filename;
1090 char *sanitized_name;
1091 char *c;
1092 void *area = NULL;
1093 int fd;
1094 uint64_t hpagesize;
1095 Error *local_err = NULL;
1096
1097 hpagesize = gethugepagesize(path, &local_err);
1098 if (local_err) {
1099 error_propagate(errp, local_err);
1100 goto error;
1101 }
1102 block->mr->align = hpagesize;
1103
1104 if (memory < hpagesize) {
1105 error_setg(errp, "memory size 0x" RAM_ADDR_FMT " must be equal to "
1106 "or larger than huge page size 0x%" PRIx64,
1107 memory, hpagesize);
1108 goto error;
1109 }
1110
1111 if (kvm_enabled() && !kvm_has_sync_mmu()) {
1112 error_setg(errp,
1113 "host lacks kvm mmu notifiers, -mem-path unsupported");
1114 goto error;
1115 }
1116
1117 /* Make name safe to use with mkstemp by replacing '/' with '_'. */
1118 sanitized_name = g_strdup(memory_region_name(block->mr));
1119 for (c = sanitized_name; *c != '\0'; c++) {
1120 if (*c == '/')
1121 *c = '_';
1122 }
1123
1124 filename = g_strdup_printf("%s/qemu_back_mem.%s.XXXXXX", path,
1125 sanitized_name);
1126 g_free(sanitized_name);
1127
1128 fd = mkstemp(filename);
1129 if (fd < 0) {
1130 error_setg_errno(errp, errno,
1131 "unable to create backing store for hugepages");
1132 g_free(filename);
1133 goto error;
1134 }
1135 unlink(filename);
1136 g_free(filename);
1137
1138 memory = (memory+hpagesize-1) & ~(hpagesize-1);
1139
1140 /*
1141 * ftruncate is not supported by hugetlbfs in older
1142 * hosts, so don't bother bailing out on errors.
1143 * If anything goes wrong with it under other filesystems,
1144 * mmap will fail.
1145 */
1146 if (ftruncate(fd, memory)) {
1147 perror("ftruncate");
1148 }
1149
1150 area = mmap(0, memory, PROT_READ | PROT_WRITE,
1151 (block->flags & RAM_SHARED ? MAP_SHARED : MAP_PRIVATE),
1152 fd, 0);
1153 if (area == MAP_FAILED) {
1154 error_setg_errno(errp, errno,
1155 "unable to map backing store for hugepages");
1156 close(fd);
1157 goto error;
1158 }
1159
1160 if (mem_prealloc) {
1161 os_mem_prealloc(fd, area, memory);
1162 }
1163
1164 block->fd = fd;
1165 return area;
1166
1167 error:
1168 if (mem_prealloc) {
1169 error_report("%s\n", error_get_pretty(*errp));
1170 exit(1);
1171 }
1172 return NULL;
1173 }
1174 #endif
1175
1176 static ram_addr_t find_ram_offset(ram_addr_t size)
1177 {
1178 RAMBlock *block, *next_block;
1179 ram_addr_t offset = RAM_ADDR_MAX, mingap = RAM_ADDR_MAX;
1180
1181 assert(size != 0); /* it would hand out same offset multiple times */
1182
1183 if (QTAILQ_EMPTY(&ram_list.blocks))
1184 return 0;
1185
1186 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1187 ram_addr_t end, next = RAM_ADDR_MAX;
1188
1189 end = block->offset + block->length;
1190
1191 QTAILQ_FOREACH(next_block, &ram_list.blocks, next) {
1192 if (next_block->offset >= end) {
1193 next = MIN(next, next_block->offset);
1194 }
1195 }
1196 if (next - end >= size && next - end < mingap) {
1197 offset = end;
1198 mingap = next - end;
1199 }
1200 }
1201
1202 if (offset == RAM_ADDR_MAX) {
1203 fprintf(stderr, "Failed to find gap of requested size: %" PRIu64 "\n",
1204 (uint64_t)size);
1205 abort();
1206 }
1207
1208 return offset;
1209 }
1210
1211 ram_addr_t last_ram_offset(void)
1212 {
1213 RAMBlock *block;
1214 ram_addr_t last = 0;
1215
1216 QTAILQ_FOREACH(block, &ram_list.blocks, next)
1217 last = MAX(last, block->offset + block->length);
1218
1219 return last;
1220 }
1221
1222 static void qemu_ram_setup_dump(void *addr, ram_addr_t size)
1223 {
1224 int ret;
1225
1226 /* Use MADV_DONTDUMP, if user doesn't want the guest memory in the core */
1227 if (!qemu_opt_get_bool(qemu_get_machine_opts(),
1228 "dump-guest-core", true)) {
1229 ret = qemu_madvise(addr, size, QEMU_MADV_DONTDUMP);
1230 if (ret) {
1231 perror("qemu_madvise");
1232 fprintf(stderr, "madvise doesn't support MADV_DONTDUMP, "
1233 "but dump_guest_core=off specified\n");
1234 }
1235 }
1236 }
1237
1238 static RAMBlock *find_ram_block(ram_addr_t addr)
1239 {
1240 RAMBlock *block;
1241
1242 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1243 if (block->offset == addr) {
1244 return block;
1245 }
1246 }
1247
1248 return NULL;
1249 }
1250
1251 void qemu_ram_set_idstr(ram_addr_t addr, const char *name, DeviceState *dev)
1252 {
1253 RAMBlock *new_block = find_ram_block(addr);
1254 RAMBlock *block;
1255
1256 assert(new_block);
1257 assert(!new_block->idstr[0]);
1258
1259 if (dev) {
1260 char *id = qdev_get_dev_path(dev);
1261 if (id) {
1262 snprintf(new_block->idstr, sizeof(new_block->idstr), "%s/", id);
1263 g_free(id);
1264 }
1265 }
1266 pstrcat(new_block->idstr, sizeof(new_block->idstr), name);
1267
1268 /* This assumes the iothread lock is taken here too. */
1269 qemu_mutex_lock_ramlist();
1270 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1271 if (block != new_block && !strcmp(block->idstr, new_block->idstr)) {
1272 fprintf(stderr, "RAMBlock \"%s\" already registered, abort!\n",
1273 new_block->idstr);
1274 abort();
1275 }
1276 }
1277 qemu_mutex_unlock_ramlist();
1278 }
1279
1280 void qemu_ram_unset_idstr(ram_addr_t addr)
1281 {
1282 RAMBlock *block = find_ram_block(addr);
1283
1284 if (block) {
1285 memset(block->idstr, 0, sizeof(block->idstr));
1286 }
1287 }
1288
1289 static int memory_try_enable_merging(void *addr, size_t len)
1290 {
1291 if (!qemu_opt_get_bool(qemu_get_machine_opts(), "mem-merge", true)) {
1292 /* disabled by the user */
1293 return 0;
1294 }
1295
1296 return qemu_madvise(addr, len, QEMU_MADV_MERGEABLE);
1297 }
1298
1299 static ram_addr_t ram_block_add(RAMBlock *new_block, Error **errp)
1300 {
1301 RAMBlock *block;
1302 ram_addr_t old_ram_size, new_ram_size;
1303
1304 old_ram_size = last_ram_offset() >> TARGET_PAGE_BITS;
1305
1306 /* This assumes the iothread lock is taken here too. */
1307 qemu_mutex_lock_ramlist();
1308 new_block->offset = find_ram_offset(new_block->max_length);
1309
1310 if (!new_block->host) {
1311 if (xen_enabled()) {
1312 xen_ram_alloc(new_block->offset, new_block->max_length,
1313 new_block->mr);
1314 } else {
1315 new_block->host = phys_mem_alloc(new_block->max_length,
1316 &new_block->mr->align);
1317 if (!new_block->host) {
1318 error_setg_errno(errp, errno,
1319 "cannot set up guest memory '%s'",
1320 memory_region_name(new_block->mr));
1321 qemu_mutex_unlock_ramlist();
1322 return -1;
1323 }
1324 memory_try_enable_merging(new_block->host, new_block->max_length);
1325 }
1326 }
1327
1328 /* Keep the list sorted from biggest to smallest block. */
1329 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1330 if (block->max_length < new_block->max_length) {
1331 break;
1332 }
1333 }
1334 if (block) {
1335 QTAILQ_INSERT_BEFORE(block, new_block, next);
1336 } else {
1337 QTAILQ_INSERT_TAIL(&ram_list.blocks, new_block, next);
1338 }
1339 ram_list.mru_block = NULL;
1340
1341 ram_list.version++;
1342 qemu_mutex_unlock_ramlist();
1343
1344 new_ram_size = last_ram_offset() >> TARGET_PAGE_BITS;
1345
1346 if (new_ram_size > old_ram_size) {
1347 int i;
1348 for (i = 0; i < DIRTY_MEMORY_NUM; i++) {
1349 ram_list.dirty_memory[i] =
1350 bitmap_zero_extend(ram_list.dirty_memory[i],
1351 old_ram_size, new_ram_size);
1352 }
1353 }
1354 cpu_physical_memory_set_dirty_range(new_block->offset,
1355 new_block->used_length);
1356
1357 qemu_ram_setup_dump(new_block->host, new_block->max_length);
1358 qemu_madvise(new_block->host, new_block->max_length, QEMU_MADV_HUGEPAGE);
1359 qemu_madvise(new_block->host, new_block->max_length, QEMU_MADV_DONTFORK);
1360
1361 if (kvm_enabled()) {
1362 kvm_setup_guest_memory(new_block->host, new_block->max_length);
1363 }
1364
1365 return new_block->offset;
1366 }
1367
1368 #ifdef __linux__
1369 ram_addr_t qemu_ram_alloc_from_file(ram_addr_t size, MemoryRegion *mr,
1370 bool share, const char *mem_path,
1371 Error **errp)
1372 {
1373 RAMBlock *new_block;
1374 ram_addr_t addr;
1375 Error *local_err = NULL;
1376
1377 if (xen_enabled()) {
1378 error_setg(errp, "-mem-path not supported with Xen");
1379 return -1;
1380 }
1381
1382 if (phys_mem_alloc != qemu_anon_ram_alloc) {
1383 /*
1384 * file_ram_alloc() needs to allocate just like
1385 * phys_mem_alloc, but we haven't bothered to provide
1386 * a hook there.
1387 */
1388 error_setg(errp,
1389 "-mem-path not supported with this accelerator");
1390 return -1;
1391 }
1392
1393 size = TARGET_PAGE_ALIGN(size);
1394 new_block = g_malloc0(sizeof(*new_block));
1395 new_block->mr = mr;
1396 new_block->used_length = size;
1397 new_block->max_length = size;
1398 new_block->flags = share ? RAM_SHARED : 0;
1399 new_block->host = file_ram_alloc(new_block, size,
1400 mem_path, errp);
1401 if (!new_block->host) {
1402 g_free(new_block);
1403 return -1;
1404 }
1405
1406 addr = ram_block_add(new_block, &local_err);
1407 if (local_err) {
1408 g_free(new_block);
1409 error_propagate(errp, local_err);
1410 return -1;
1411 }
1412 return addr;
1413 }
1414 #endif
1415
1416 ram_addr_t qemu_ram_alloc_from_ptr(ram_addr_t size, void *host,
1417 MemoryRegion *mr, Error **errp)
1418 {
1419 RAMBlock *new_block;
1420 ram_addr_t addr;
1421 Error *local_err = NULL;
1422
1423 size = TARGET_PAGE_ALIGN(size);
1424 new_block = g_malloc0(sizeof(*new_block));
1425 new_block->mr = mr;
1426 new_block->used_length = size;
1427 new_block->max_length = max_size;
1428 new_block->fd = -1;
1429 new_block->host = host;
1430 if (host) {
1431 new_block->flags |= RAM_PREALLOC;
1432 }
1433 addr = ram_block_add(new_block, &local_err);
1434 if (local_err) {
1435 g_free(new_block);
1436 error_propagate(errp, local_err);
1437 return -1;
1438 }
1439 return addr;
1440 }
1441
1442 ram_addr_t qemu_ram_alloc(ram_addr_t size, MemoryRegion *mr, Error **errp)
1443 {
1444 return qemu_ram_alloc_from_ptr(size, NULL, mr, errp);
1445 }
1446
1447 void qemu_ram_free_from_ptr(ram_addr_t addr)
1448 {
1449 RAMBlock *block;
1450
1451 /* This assumes the iothread lock is taken here too. */
1452 qemu_mutex_lock_ramlist();
1453 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1454 if (addr == block->offset) {
1455 QTAILQ_REMOVE(&ram_list.blocks, block, next);
1456 ram_list.mru_block = NULL;
1457 ram_list.version++;
1458 g_free(block);
1459 break;
1460 }
1461 }
1462 qemu_mutex_unlock_ramlist();
1463 }
1464
1465 void qemu_ram_free(ram_addr_t addr)
1466 {
1467 RAMBlock *block;
1468
1469 /* This assumes the iothread lock is taken here too. */
1470 qemu_mutex_lock_ramlist();
1471 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1472 if (addr == block->offset) {
1473 QTAILQ_REMOVE(&ram_list.blocks, block, next);
1474 ram_list.mru_block = NULL;
1475 ram_list.version++;
1476 if (block->flags & RAM_PREALLOC) {
1477 ;
1478 } else if (xen_enabled()) {
1479 xen_invalidate_map_cache_entry(block->host);
1480 #ifndef _WIN32
1481 } else if (block->fd >= 0) {
1482 munmap(block->host, block->max_length);
1483 close(block->fd);
1484 #endif
1485 } else {
1486 qemu_anon_ram_free(block->host, block->max_length);
1487 }
1488 g_free(block);
1489 break;
1490 }
1491 }
1492 qemu_mutex_unlock_ramlist();
1493
1494 }
1495
1496 #ifndef _WIN32
1497 void qemu_ram_remap(ram_addr_t addr, ram_addr_t length)
1498 {
1499 RAMBlock *block;
1500 ram_addr_t offset;
1501 int flags;
1502 void *area, *vaddr;
1503
1504 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1505 offset = addr - block->offset;
1506 if (offset < block->max_length) {
1507 vaddr = ramblock_ptr(block, offset);
1508 if (block->flags & RAM_PREALLOC) {
1509 ;
1510 } else if (xen_enabled()) {
1511 abort();
1512 } else {
1513 flags = MAP_FIXED;
1514 munmap(vaddr, length);
1515 if (block->fd >= 0) {
1516 flags |= (block->flags & RAM_SHARED ?
1517 MAP_SHARED : MAP_PRIVATE);
1518 area = mmap(vaddr, length, PROT_READ | PROT_WRITE,
1519 flags, block->fd, offset);
1520 } else {
1521 /*
1522 * Remap needs to match alloc. Accelerators that
1523 * set phys_mem_alloc never remap. If they did,
1524 * we'd need a remap hook here.
1525 */
1526 assert(phys_mem_alloc == qemu_anon_ram_alloc);
1527
1528 flags |= MAP_PRIVATE | MAP_ANONYMOUS;
1529 area = mmap(vaddr, length, PROT_READ | PROT_WRITE,
1530 flags, -1, 0);
1531 }
1532 if (area != vaddr) {
1533 fprintf(stderr, "Could not remap addr: "
1534 RAM_ADDR_FMT "@" RAM_ADDR_FMT "\n",
1535 length, addr);
1536 exit(1);
1537 }
1538 memory_try_enable_merging(vaddr, length);
1539 qemu_ram_setup_dump(vaddr, length);
1540 }
1541 return;
1542 }
1543 }
1544 }
1545 #endif /* !_WIN32 */
1546
1547 int qemu_get_ram_fd(ram_addr_t addr)
1548 {
1549 RAMBlock *block = qemu_get_ram_block(addr);
1550
1551 return block->fd;
1552 }
1553
1554 void *qemu_get_ram_block_host_ptr(ram_addr_t addr)
1555 {
1556 RAMBlock *block = qemu_get_ram_block(addr);
1557
1558 return ramblock_ptr(block, 0);
1559 }
1560
1561 /* Return a host pointer to ram allocated with qemu_ram_alloc.
1562 With the exception of the softmmu code in this file, this should
1563 only be used for local memory (e.g. video ram) that the device owns,
1564 and knows it isn't going to access beyond the end of the block.
1565
1566 It should not be used for general purpose DMA.
1567 Use cpu_physical_memory_map/cpu_physical_memory_rw instead.
1568 */
1569 void *qemu_get_ram_ptr(ram_addr_t addr)
1570 {
1571 RAMBlock *block = qemu_get_ram_block(addr);
1572
1573 if (xen_enabled()) {
1574 /* We need to check if the requested address is in the RAM
1575 * because we don't want to map the entire memory in QEMU.
1576 * In that case just map until the end of the page.
1577 */
1578 if (block->offset == 0) {
1579 return xen_map_cache(addr, 0, 0);
1580 } else if (block->host == NULL) {
1581 block->host =
1582 xen_map_cache(block->offset, block->max_length, 1);
1583 }
1584 }
1585 return ramblock_ptr(block, addr - block->offset);
1586 }
1587
1588 /* Return a host pointer to guest's ram. Similar to qemu_get_ram_ptr
1589 * but takes a size argument */
1590 static void *qemu_ram_ptr_length(ram_addr_t addr, hwaddr *size)
1591 {
1592 if (*size == 0) {
1593 return NULL;
1594 }
1595 if (xen_enabled()) {
1596 return xen_map_cache(addr, *size, 1);
1597 } else {
1598 RAMBlock *block;
1599
1600 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1601 if (addr - block->offset < block->max_length) {
1602 if (addr - block->offset + *size > block->max_length)
1603 *size = block->max_length - addr + block->offset;
1604 return ramblock_ptr(block, addr - block->offset);
1605 }
1606 }
1607
1608 fprintf(stderr, "Bad ram offset %" PRIx64 "\n", (uint64_t)addr);
1609 abort();
1610 }
1611 }
1612
1613 /* Some of the softmmu routines need to translate from a host pointer
1614 (typically a TLB entry) back to a ram offset. */
1615 MemoryRegion *qemu_ram_addr_from_host(void *ptr, ram_addr_t *ram_addr)
1616 {
1617 RAMBlock *block;
1618 uint8_t *host = ptr;
1619
1620 if (xen_enabled()) {
1621 *ram_addr = xen_ram_addr_from_mapcache(ptr);
1622 return qemu_get_ram_block(*ram_addr)->mr;
1623 }
1624
1625 block = ram_list.mru_block;
1626 if (block && block->host && host - block->host < block->max_length) {
1627 goto found;
1628 }
1629
1630 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
1631 /* This case append when the block is not mapped. */
1632 if (block->host == NULL) {
1633 continue;
1634 }
1635 if (host - block->host < block->max_length) {
1636 goto found;
1637 }
1638 }
1639
1640 return NULL;
1641
1642 found:
1643 *ram_addr = block->offset + (host - block->host);
1644 return block->mr;
1645 }
1646
1647 static void notdirty_mem_write(void *opaque, hwaddr ram_addr,
1648 uint64_t val, unsigned size)
1649 {
1650 if (!cpu_physical_memory_get_dirty_flag(ram_addr, DIRTY_MEMORY_CODE)) {
1651 tb_invalidate_phys_page_fast(ram_addr, size);
1652 }
1653 switch (size) {
1654 case 1:
1655 stb_p(qemu_get_ram_ptr(ram_addr), val);
1656 break;
1657 case 2:
1658 stw_p(qemu_get_ram_ptr(ram_addr), val);
1659 break;
1660 case 4:
1661 stl_p(qemu_get_ram_ptr(ram_addr), val);
1662 break;
1663 default:
1664 abort();
1665 }
1666 cpu_physical_memory_set_dirty_range_nocode(ram_addr, size);
1667 /* we remove the notdirty callback only if the code has been
1668 flushed */
1669 if (!cpu_physical_memory_is_clean(ram_addr)) {
1670 CPUArchState *env = current_cpu->env_ptr;
1671 tlb_set_dirty(env, current_cpu->mem_io_vaddr);
1672 }
1673 }
1674
1675 static bool notdirty_mem_accepts(void *opaque, hwaddr addr,
1676 unsigned size, bool is_write)
1677 {
1678 return is_write;
1679 }
1680
1681 static const MemoryRegionOps notdirty_mem_ops = {
1682 .write = notdirty_mem_write,
1683 .valid.accepts = notdirty_mem_accepts,
1684 .endianness = DEVICE_NATIVE_ENDIAN,
1685 };
1686
1687 /* Generate a debug exception if a watchpoint has been hit. */
1688 static void check_watchpoint(int offset, int len, int flags)
1689 {
1690 CPUState *cpu = current_cpu;
1691 CPUArchState *env = cpu->env_ptr;
1692 target_ulong pc, cs_base;
1693 target_ulong vaddr;
1694 CPUWatchpoint *wp;
1695 int cpu_flags;
1696
1697 if (cpu->watchpoint_hit) {
1698 /* We re-entered the check after replacing the TB. Now raise
1699 * the debug interrupt so that is will trigger after the
1700 * current instruction. */
1701 cpu_interrupt(cpu, CPU_INTERRUPT_DEBUG);
1702 return;
1703 }
1704 vaddr = (cpu->mem_io_vaddr & TARGET_PAGE_MASK) + offset;
1705 QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
1706 if (cpu_watchpoint_address_matches(wp, vaddr, len)
1707 && (wp->flags & flags)) {
1708 if (flags == BP_MEM_READ) {
1709 wp->flags |= BP_WATCHPOINT_HIT_READ;
1710 } else {
1711 wp->flags |= BP_WATCHPOINT_HIT_WRITE;
1712 }
1713 wp->hitaddr = vaddr;
1714 if (!cpu->watchpoint_hit) {
1715 cpu->watchpoint_hit = wp;
1716 tb_check_watchpoint(cpu);
1717 if (wp->flags & BP_STOP_BEFORE_ACCESS) {
1718 cpu->exception_index = EXCP_DEBUG;
1719 cpu_loop_exit(cpu);
1720 } else {
1721 cpu_get_tb_cpu_state(env, &pc, &cs_base, &cpu_flags);
1722 tb_gen_code(cpu, pc, cs_base, cpu_flags, 1);
1723 cpu_resume_from_signal(cpu, NULL);
1724 }
1725 }
1726 } else {
1727 wp->flags &= ~BP_WATCHPOINT_HIT;
1728 }
1729 }
1730 }
1731
1732 /* Watchpoint access routines. Watchpoints are inserted using TLB tricks,
1733 so these check for a hit then pass through to the normal out-of-line
1734 phys routines. */
1735 static uint64_t watch_mem_read(void *opaque, hwaddr addr,
1736 unsigned size)
1737 {
1738 check_watchpoint(addr & ~TARGET_PAGE_MASK, size, BP_MEM_READ);
1739 switch (size) {
1740 case 1: return ldub_phys(&address_space_memory, addr);
1741 case 2: return lduw_phys(&address_space_memory, addr);
1742 case 4: return ldl_phys(&address_space_memory, addr);
1743 default: abort();
1744 }
1745 }
1746
1747 static void watch_mem_write(void *opaque, hwaddr addr,
1748 uint64_t val, unsigned size)
1749 {
1750 check_watchpoint(addr & ~TARGET_PAGE_MASK, size, BP_MEM_WRITE);
1751 switch (size) {
1752 case 1:
1753 stb_phys(&address_space_memory, addr, val);
1754 break;
1755 case 2:
1756 stw_phys(&address_space_memory, addr, val);
1757 break;
1758 case 4:
1759 stl_phys(&address_space_memory, addr, val);
1760 break;
1761 default: abort();
1762 }
1763 }
1764
1765 static const MemoryRegionOps watch_mem_ops = {
1766 .read = watch_mem_read,
1767 .write = watch_mem_write,
1768 .endianness = DEVICE_NATIVE_ENDIAN,
1769 };
1770
1771 static uint64_t subpage_read(void *opaque, hwaddr addr,
1772 unsigned len)
1773 {
1774 subpage_t *subpage = opaque;
1775 uint8_t buf[4];
1776
1777 #if defined(DEBUG_SUBPAGE)
1778 printf("%s: subpage %p len %u addr " TARGET_FMT_plx "\n", __func__,
1779 subpage, len, addr);
1780 #endif
1781 address_space_read(subpage->as, addr + subpage->base, buf, len);
1782 switch (len) {
1783 case 1:
1784 return ldub_p(buf);
1785 case 2:
1786 return lduw_p(buf);
1787 case 4:
1788 return ldl_p(buf);
1789 default:
1790 abort();
1791 }
1792 }
1793
1794 static void subpage_write(void *opaque, hwaddr addr,
1795 uint64_t value, unsigned len)
1796 {
1797 subpage_t *subpage = opaque;
1798 uint8_t buf[4];
1799
1800 #if defined(DEBUG_SUBPAGE)
1801 printf("%s: subpage %p len %u addr " TARGET_FMT_plx
1802 " value %"PRIx64"\n",
1803 __func__, subpage, len, addr, value);
1804 #endif
1805 switch (len) {
1806 case 1:
1807 stb_p(buf, value);
1808 break;
1809 case 2:
1810 stw_p(buf, value);
1811 break;
1812 case 4:
1813 stl_p(buf, value);
1814 break;
1815 default:
1816 abort();
1817 }
1818 address_space_write(subpage->as, addr + subpage->base, buf, len);
1819 }
1820
1821 static bool subpage_accepts(void *opaque, hwaddr addr,
1822 unsigned len, bool is_write)
1823 {
1824 subpage_t *subpage = opaque;
1825 #if defined(DEBUG_SUBPAGE)
1826 printf("%s: subpage %p %c len %u addr " TARGET_FMT_plx "\n",
1827 __func__, subpage, is_write ? 'w' : 'r', len, addr);
1828 #endif
1829
1830 return address_space_access_valid(subpage->as, addr + subpage->base,
1831 len, is_write);
1832 }
1833
1834 static const MemoryRegionOps subpage_ops = {
1835 .read = subpage_read,
1836 .write = subpage_write,
1837 .valid.accepts = subpage_accepts,
1838 .endianness = DEVICE_NATIVE_ENDIAN,
1839 };
1840
1841 static int subpage_register (subpage_t *mmio, uint32_t start, uint32_t end,
1842 uint16_t section)
1843 {
1844 int idx, eidx;
1845
1846 if (start >= TARGET_PAGE_SIZE || end >= TARGET_PAGE_SIZE)
1847 return -1;
1848 idx = SUBPAGE_IDX(start);
1849 eidx = SUBPAGE_IDX(end);
1850 #if defined(DEBUG_SUBPAGE)
1851 printf("%s: %p start %08x end %08x idx %08x eidx %08x section %d\n",
1852 __func__, mmio, start, end, idx, eidx, section);
1853 #endif
1854 for (; idx <= eidx; idx++) {
1855 mmio->sub_section[idx] = section;
1856 }
1857
1858 return 0;
1859 }
1860
1861 static subpage_t *subpage_init(AddressSpace *as, hwaddr base)
1862 {
1863 subpage_t *mmio;
1864
1865 mmio = g_malloc0(sizeof(subpage_t));
1866
1867 mmio->as = as;
1868 mmio->base = base;
1869 memory_region_init_io(&mmio->iomem, NULL, &subpage_ops, mmio,
1870 NULL, TARGET_PAGE_SIZE);
1871 mmio->iomem.subpage = true;
1872 #if defined(DEBUG_SUBPAGE)
1873 printf("%s: %p base " TARGET_FMT_plx " len %08x\n", __func__,
1874 mmio, base, TARGET_PAGE_SIZE);
1875 #endif
1876 subpage_register(mmio, 0, TARGET_PAGE_SIZE-1, PHYS_SECTION_UNASSIGNED);
1877
1878 return mmio;
1879 }
1880
1881 static uint16_t dummy_section(PhysPageMap *map, AddressSpace *as,
1882 MemoryRegion *mr)
1883 {
1884 assert(as);
1885 MemoryRegionSection section = {
1886 .address_space = as,
1887 .mr = mr,
1888 .offset_within_address_space = 0,
1889 .offset_within_region = 0,
1890 .size = int128_2_64(),
1891 };
1892
1893 return phys_section_add(map, &section);
1894 }
1895
1896 MemoryRegion *iotlb_to_region(AddressSpace *as, hwaddr index)
1897 {
1898 return as->dispatch->map.sections[index & ~TARGET_PAGE_MASK].mr;
1899 }
1900
1901 static void io_mem_init(void)
1902 {
1903 memory_region_init_io(&io_mem_rom, NULL, &unassigned_mem_ops, NULL, NULL, UINT64_MAX);
1904 memory_region_init_io(&io_mem_unassigned, NULL, &unassigned_mem_ops, NULL,
1905 NULL, UINT64_MAX);
1906 memory_region_init_io(&io_mem_notdirty, NULL, &notdirty_mem_ops, NULL,
1907 NULL, UINT64_MAX);
1908 memory_region_init_io(&io_mem_watch, NULL, &watch_mem_ops, NULL,
1909 NULL, UINT64_MAX);
1910 }
1911
1912 static void mem_begin(MemoryListener *listener)
1913 {
1914 AddressSpace *as = container_of(listener, AddressSpace, dispatch_listener);
1915 AddressSpaceDispatch *d = g_new0(AddressSpaceDispatch, 1);
1916 uint16_t n;
1917
1918 n = dummy_section(&d->map, as, &io_mem_unassigned);
1919 assert(n == PHYS_SECTION_UNASSIGNED);
1920 n = dummy_section(&d->map, as, &io_mem_notdirty);
1921 assert(n == PHYS_SECTION_NOTDIRTY);
1922 n = dummy_section(&d->map, as, &io_mem_rom);
1923 assert(n == PHYS_SECTION_ROM);
1924 n = dummy_section(&d->map, as, &io_mem_watch);
1925 assert(n == PHYS_SECTION_WATCH);
1926
1927 d->phys_map = (PhysPageEntry) { .ptr = PHYS_MAP_NODE_NIL, .skip = 1 };
1928 d->as = as;
1929 as->next_dispatch = d;
1930 }
1931
1932 static void mem_commit(MemoryListener *listener)
1933 {
1934 AddressSpace *as = container_of(listener, AddressSpace, dispatch_listener);
1935 AddressSpaceDispatch *cur = as->dispatch;
1936 AddressSpaceDispatch *next = as->next_dispatch;
1937
1938 phys_page_compact_all(next, next->map.nodes_nb);
1939
1940 as->dispatch = next;
1941
1942 if (cur) {
1943 phys_sections_free(&cur->map);
1944 g_free(cur);
1945 }
1946 }
1947
1948 static void tcg_commit(MemoryListener *listener)
1949 {
1950 CPUState *cpu;
1951
1952 /* since each CPU stores ram addresses in its TLB cache, we must
1953 reset the modified entries */
1954 /* XXX: slow ! */
1955 CPU_FOREACH(cpu) {
1956 /* FIXME: Disentangle the cpu.h circular files deps so we can
1957 directly get the right CPU from listener. */
1958 if (cpu->tcg_as_listener != listener) {
1959 continue;
1960 }
1961 tlb_flush(cpu, 1);
1962 }
1963 }
1964
1965 static void core_log_global_start(MemoryListener *listener)
1966 {
1967 cpu_physical_memory_set_dirty_tracking(true);
1968 }
1969
1970 static void core_log_global_stop(MemoryListener *listener)
1971 {
1972 cpu_physical_memory_set_dirty_tracking(false);
1973 }
1974
1975 static MemoryListener core_memory_listener = {
1976 .log_global_start = core_log_global_start,
1977 .log_global_stop = core_log_global_stop,
1978 .priority = 1,
1979 };
1980
1981 void address_space_init_dispatch(AddressSpace *as)
1982 {
1983 as->dispatch = NULL;
1984 as->dispatch_listener = (MemoryListener) {
1985 .begin = mem_begin,
1986 .commit = mem_commit,
1987 .region_add = mem_add,
1988 .region_nop = mem_add,
1989 .priority = 0,
1990 };
1991 memory_listener_register(&as->dispatch_listener, as);
1992 }
1993
1994 void address_space_destroy_dispatch(AddressSpace *as)
1995 {
1996 AddressSpaceDispatch *d = as->dispatch;
1997
1998 memory_listener_unregister(&as->dispatch_listener);
1999 g_free(d);
2000 as->dispatch = NULL;
2001 }
2002
2003 static void memory_map_init(void)
2004 {
2005 system_memory = g_malloc(sizeof(*system_memory));
2006
2007 memory_region_init(system_memory, NULL, "system", UINT64_MAX);
2008 address_space_init(&address_space_memory, system_memory, "memory");
2009
2010 system_io = g_malloc(sizeof(*system_io));
2011 memory_region_init_io(system_io, NULL, &unassigned_io_ops, NULL, "io",
2012 65536);
2013 address_space_init(&address_space_io, system_io, "I/O");
2014
2015 memory_listener_register(&core_memory_listener, &address_space_memory);
2016 }
2017
2018 MemoryRegion *get_system_memory(void)
2019 {
2020 return system_memory;
2021 }
2022
2023 MemoryRegion *get_system_io(void)
2024 {
2025 return system_io;
2026 }
2027
2028 #endif /* !defined(CONFIG_USER_ONLY) */
2029
2030 /* physical memory access (slow version, mainly for debug) */
2031 #if defined(CONFIG_USER_ONLY)
2032 int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
2033 uint8_t *buf, int len, int is_write)
2034 {
2035 int l, flags;
2036 target_ulong page;
2037 void * p;
2038
2039 while (len > 0) {
2040 page = addr & TARGET_PAGE_MASK;
2041 l = (page + TARGET_PAGE_SIZE) - addr;
2042 if (l > len)
2043 l = len;
2044 flags = page_get_flags(page);
2045 if (!(flags & PAGE_VALID))
2046 return -1;
2047 if (is_write) {
2048 if (!(flags & PAGE_WRITE))
2049 return -1;
2050 /* XXX: this code should not depend on lock_user */
2051 if (!(p = lock_user(VERIFY_WRITE, addr, l, 0)))
2052 return -1;
2053 memcpy(p, buf, l);
2054 unlock_user(p, addr, l);
2055 } else {
2056 if (!(flags & PAGE_READ))
2057 return -1;
2058 /* XXX: this code should not depend on lock_user */
2059 if (!(p = lock_user(VERIFY_READ, addr, l, 1)))
2060 return -1;
2061 memcpy(buf, p, l);
2062 unlock_user(p, addr, 0);
2063 }
2064 len -= l;
2065 buf += l;
2066 addr += l;
2067 }
2068 return 0;
2069 }
2070
2071 #else
2072
2073 static void invalidate_and_set_dirty(hwaddr addr,
2074 hwaddr length)
2075 {
2076 if (cpu_physical_memory_range_includes_clean(addr, length)) {
2077 tb_invalidate_phys_range(addr, addr + length, 0);
2078 cpu_physical_memory_set_dirty_range_nocode(addr, length);
2079 }
2080 xen_modified_memory(addr, length);
2081 }
2082
2083 static int memory_access_size(MemoryRegion *mr, unsigned l, hwaddr addr)
2084 {
2085 unsigned access_size_max = mr->ops->valid.max_access_size;
2086
2087 /* Regions are assumed to support 1-4 byte accesses unless
2088 otherwise specified. */
2089 if (access_size_max == 0) {
2090 access_size_max = 4;
2091 }
2092
2093 /* Bound the maximum access by the alignment of the address. */
2094 if (!mr->ops->impl.unaligned) {
2095 unsigned align_size_max = addr & -addr;
2096 if (align_size_max != 0 && align_size_max < access_size_max) {
2097 access_size_max = align_size_max;
2098 }
2099 }
2100
2101 /* Don't attempt accesses larger than the maximum. */
2102 if (l > access_size_max) {
2103 l = access_size_max;
2104 }
2105 if (l & (l - 1)) {
2106 l = 1 << (qemu_fls(l) - 1);
2107 }
2108
2109 return l;
2110 }
2111
2112 bool address_space_rw(AddressSpace *as, hwaddr addr, uint8_t *buf,
2113 int len, bool is_write)
2114 {
2115 hwaddr l;
2116 uint8_t *ptr;
2117 uint64_t val;
2118 hwaddr addr1;
2119 MemoryRegion *mr;
2120 bool error = false;
2121
2122 while (len > 0) {
2123 l = len;
2124 mr = address_space_translate(as, addr, &addr1, &l, is_write);
2125
2126 if (is_write) {
2127 if (!memory_access_is_direct(mr, is_write)) {
2128 l = memory_access_size(mr, l, addr1);
2129 /* XXX: could force current_cpu to NULL to avoid
2130 potential bugs */
2131 switch (l) {
2132 case 8:
2133 /* 64 bit write access */
2134 val = ldq_p(buf);
2135 error |= io_mem_write(mr, addr1, val, 8);
2136 break;
2137 case 4:
2138 /* 32 bit write access */
2139 val = ldl_p(buf);
2140 error |= io_mem_write(mr, addr1, val, 4);
2141 break;
2142 case 2:
2143 /* 16 bit write access */
2144 val = lduw_p(buf);
2145 error |= io_mem_write(mr, addr1, val, 2);
2146 break;
2147 case 1:
2148 /* 8 bit write access */
2149 val = ldub_p(buf);
2150 error |= io_mem_write(mr, addr1, val, 1);
2151 break;
2152 default:
2153 abort();
2154 }
2155 } else {
2156 addr1 += memory_region_get_ram_addr(mr);
2157 /* RAM case */
2158 ptr = qemu_get_ram_ptr(addr1);
2159 memcpy(ptr, buf, l);
2160 invalidate_and_set_dirty(addr1, l);
2161 }
2162 } else {
2163 if (!memory_access_is_direct(mr, is_write)) {
2164 /* I/O case */
2165 l = memory_access_size(mr, l, addr1);
2166 switch (l) {
2167 case 8:
2168 /* 64 bit read access */
2169 error |= io_mem_read(mr, addr1, &val, 8);
2170 stq_p(buf, val);
2171 break;
2172 case 4:
2173 /* 32 bit read access */
2174 error |= io_mem_read(mr, addr1, &val, 4);
2175 stl_p(buf, val);
2176 break;
2177 case 2:
2178 /* 16 bit read access */
2179 error |= io_mem_read(mr, addr1, &val, 2);
2180 stw_p(buf, val);
2181 break;
2182 case 1:
2183 /* 8 bit read access */
2184 error |= io_mem_read(mr, addr1, &val, 1);
2185 stb_p(buf, val);
2186 break;
2187 default:
2188 abort();
2189 }
2190 } else {
2191 /* RAM case */
2192 ptr = qemu_get_ram_ptr(mr->ram_addr + addr1);
2193 memcpy(buf, ptr, l);
2194 }
2195 }
2196 len -= l;
2197 buf += l;
2198 addr += l;
2199 }
2200
2201 return error;
2202 }
2203
2204 bool address_space_write(AddressSpace *as, hwaddr addr,
2205 const uint8_t *buf, int len)
2206 {
2207 return address_space_rw(as, addr, (uint8_t *)buf, len, true);
2208 }
2209
2210 bool address_space_read(AddressSpace *as, hwaddr addr, uint8_t *buf, int len)
2211 {
2212 return address_space_rw(as, addr, buf, len, false);
2213 }
2214
2215
2216 void cpu_physical_memory_rw(hwaddr addr, uint8_t *buf,
2217 int len, int is_write)
2218 {
2219 address_space_rw(&address_space_memory, addr, buf, len, is_write);
2220 }
2221
2222 enum write_rom_type {
2223 WRITE_DATA,
2224 FLUSH_CACHE,
2225 };
2226
2227 static inline void cpu_physical_memory_write_rom_internal(AddressSpace *as,
2228 hwaddr addr, const uint8_t *buf, int len, enum write_rom_type type)
2229 {
2230 hwaddr l;
2231 uint8_t *ptr;
2232 hwaddr addr1;
2233 MemoryRegion *mr;
2234
2235 while (len > 0) {
2236 l = len;
2237 mr = address_space_translate(as, addr, &addr1, &l, true);
2238
2239 if (!(memory_region_is_ram(mr) ||
2240 memory_region_is_romd(mr))) {
2241 /* do nothing */
2242 } else {
2243 addr1 += memory_region_get_ram_addr(mr);
2244 /* ROM/RAM case */
2245 ptr = qemu_get_ram_ptr(addr1);
2246 switch (type) {
2247 case WRITE_DATA:
2248 memcpy(ptr, buf, l);
2249 invalidate_and_set_dirty(addr1, l);
2250 break;
2251 case FLUSH_CACHE:
2252 flush_icache_range((uintptr_t)ptr, (uintptr_t)ptr + l);
2253 break;
2254 }
2255 }
2256 len -= l;
2257 buf += l;
2258 addr += l;
2259 }
2260 }
2261
2262 /* used for ROM loading : can write in RAM and ROM */
2263 void cpu_physical_memory_write_rom(AddressSpace *as, hwaddr addr,
2264 const uint8_t *buf, int len)
2265 {
2266 cpu_physical_memory_write_rom_internal(as, addr, buf, len, WRITE_DATA);
2267 }
2268
2269 void cpu_flush_icache_range(hwaddr start, int len)
2270 {
2271 /*
2272 * This function should do the same thing as an icache flush that was
2273 * triggered from within the guest. For TCG we are always cache coherent,
2274 * so there is no need to flush anything. For KVM / Xen we need to flush
2275 * the host's instruction cache at least.
2276 */
2277 if (tcg_enabled()) {
2278 return;
2279 }
2280
2281 cpu_physical_memory_write_rom_internal(&address_space_memory,
2282 start, NULL, len, FLUSH_CACHE);
2283 }
2284
2285 typedef struct {
2286 MemoryRegion *mr;
2287 void *buffer;
2288 hwaddr addr;
2289 hwaddr len;
2290 } BounceBuffer;
2291
2292 static BounceBuffer bounce;
2293
2294 typedef struct MapClient {
2295 void *opaque;
2296 void (*callback)(void *opaque);
2297 QLIST_ENTRY(MapClient) link;
2298 } MapClient;
2299
2300 static QLIST_HEAD(map_client_list, MapClient) map_client_list
2301 = QLIST_HEAD_INITIALIZER(map_client_list);
2302
2303 void *cpu_register_map_client(void *opaque, void (*callback)(void *opaque))
2304 {
2305 MapClient *client = g_malloc(sizeof(*client));
2306
2307 client->opaque = opaque;
2308 client->callback = callback;
2309 QLIST_INSERT_HEAD(&map_client_list, client, link);
2310 return client;
2311 }
2312
2313 static void cpu_unregister_map_client(void *_client)
2314 {
2315 MapClient *client = (MapClient *)_client;
2316
2317 QLIST_REMOVE(client, link);
2318 g_free(client);
2319 }
2320
2321 static void cpu_notify_map_clients(void)
2322 {
2323 MapClient *client;
2324
2325 while (!QLIST_EMPTY(&map_client_list)) {
2326 client = QLIST_FIRST(&map_client_list);
2327 client->callback(client->opaque);
2328 cpu_unregister_map_client(client);
2329 }
2330 }
2331
2332 bool address_space_access_valid(AddressSpace *as, hwaddr addr, int len, bool is_write)
2333 {
2334 MemoryRegion *mr;
2335 hwaddr l, xlat;
2336
2337 while (len > 0) {
2338 l = len;
2339 mr = address_space_translate(as, addr, &xlat, &l, is_write);
2340 if (!memory_access_is_direct(mr, is_write)) {
2341 l = memory_access_size(mr, l, addr);
2342 if (!memory_region_access_valid(mr, xlat, l, is_write)) {
2343 return false;
2344 }
2345 }
2346
2347 len -= l;
2348 addr += l;
2349 }
2350 return true;
2351 }
2352
2353 /* Map a physical memory region into a host virtual address.
2354 * May map a subset of the requested range, given by and returned in *plen.
2355 * May return NULL if resources needed to perform the mapping are exhausted.
2356 * Use only for reads OR writes - not for read-modify-write operations.
2357 * Use cpu_register_map_client() to know when retrying the map operation is
2358 * likely to succeed.
2359 */
2360 void *address_space_map(AddressSpace *as,
2361 hwaddr addr,
2362 hwaddr *plen,
2363 bool is_write)
2364 {
2365 hwaddr len = *plen;
2366 hwaddr done = 0;
2367 hwaddr l, xlat, base;
2368 MemoryRegion *mr, *this_mr;
2369 ram_addr_t raddr;
2370
2371 if (len == 0) {
2372 return NULL;
2373 }
2374
2375 l = len;
2376 mr = address_space_translate(as, addr, &xlat, &l, is_write);
2377 if (!memory_access_is_direct(mr, is_write)) {
2378 if (bounce.buffer) {
2379 return NULL;
2380 }
2381 /* Avoid unbounded allocations */
2382 l = MIN(l, TARGET_PAGE_SIZE);
2383 bounce.buffer = qemu_memalign(TARGET_PAGE_SIZE, l);
2384 bounce.addr = addr;
2385 bounce.len = l;
2386
2387 memory_region_ref(mr);
2388 bounce.mr = mr;
2389 if (!is_write) {
2390 address_space_read(as, addr, bounce.buffer, l);
2391 }
2392
2393 *plen = l;
2394 return bounce.buffer;
2395 }
2396
2397 base = xlat;
2398 raddr = memory_region_get_ram_addr(mr);
2399
2400 for (;;) {
2401 len -= l;
2402 addr += l;
2403 done += l;
2404 if (len == 0) {
2405 break;
2406 }
2407
2408 l = len;
2409 this_mr = address_space_translate(as, addr, &xlat, &l, is_write);
2410 if (this_mr != mr || xlat != base + done) {
2411 break;
2412 }
2413 }
2414
2415 memory_region_ref(mr);
2416 *plen = done;
2417 return qemu_ram_ptr_length(raddr + base, plen);
2418 }
2419
2420 /* Unmaps a memory region previously mapped by address_space_map().
2421 * Will also mark the memory as dirty if is_write == 1. access_len gives
2422 * the amount of memory that was actually read or written by the caller.
2423 */
2424 void address_space_unmap(AddressSpace *as, void *buffer, hwaddr len,
2425 int is_write, hwaddr access_len)
2426 {
2427 if (buffer != bounce.buffer) {
2428 MemoryRegion *mr;
2429 ram_addr_t addr1;
2430
2431 mr = qemu_ram_addr_from_host(buffer, &addr1);
2432 assert(mr != NULL);
2433 if (is_write) {
2434 invalidate_and_set_dirty(addr1, access_len);
2435 }
2436 if (xen_enabled()) {
2437 xen_invalidate_map_cache_entry(buffer);
2438 }
2439 memory_region_unref(mr);
2440 return;
2441 }
2442 if (is_write) {
2443 address_space_write(as, bounce.addr, bounce.buffer, access_len);
2444 }
2445 qemu_vfree(bounce.buffer);
2446 bounce.buffer = NULL;
2447 memory_region_unref(bounce.mr);
2448 cpu_notify_map_clients();
2449 }
2450
2451 void *cpu_physical_memory_map(hwaddr addr,
2452 hwaddr *plen,
2453 int is_write)
2454 {
2455 return address_space_map(&address_space_memory, addr, plen, is_write);
2456 }
2457
2458 void cpu_physical_memory_unmap(void *buffer, hwaddr len,
2459 int is_write, hwaddr access_len)
2460 {
2461 return address_space_unmap(&address_space_memory, buffer, len, is_write, access_len);
2462 }
2463
2464 /* warning: addr must be aligned */
2465 static inline uint32_t ldl_phys_internal(AddressSpace *as, hwaddr addr,
2466 enum device_endian endian)
2467 {
2468 uint8_t *ptr;
2469 uint64_t val;
2470 MemoryRegion *mr;
2471 hwaddr l = 4;
2472 hwaddr addr1;
2473
2474 mr = address_space_translate(as, addr, &addr1, &l, false);
2475 if (l < 4 || !memory_access_is_direct(mr, false)) {
2476 /* I/O case */
2477 io_mem_read(mr, addr1, &val, 4);
2478 #if defined(TARGET_WORDS_BIGENDIAN)
2479 if (endian == DEVICE_LITTLE_ENDIAN) {
2480 val = bswap32(val);
2481 }
2482 #else
2483 if (endian == DEVICE_BIG_ENDIAN) {
2484 val = bswap32(val);
2485 }
2486 #endif
2487 } else {
2488 /* RAM case */
2489 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(mr)
2490 & TARGET_PAGE_MASK)
2491 + addr1);
2492 switch (endian) {
2493 case DEVICE_LITTLE_ENDIAN:
2494 val = ldl_le_p(ptr);
2495 break;
2496 case DEVICE_BIG_ENDIAN:
2497 val = ldl_be_p(ptr);
2498 break;
2499 default:
2500 val = ldl_p(ptr);
2501 break;
2502 }
2503 }
2504 return val;
2505 }
2506
2507 uint32_t ldl_phys(AddressSpace *as, hwaddr addr)
2508 {
2509 return ldl_phys_internal(as, addr, DEVICE_NATIVE_ENDIAN);
2510 }
2511
2512 uint32_t ldl_le_phys(AddressSpace *as, hwaddr addr)
2513 {
2514 return ldl_phys_internal(as, addr, DEVICE_LITTLE_ENDIAN);
2515 }
2516
2517 uint32_t ldl_be_phys(AddressSpace *as, hwaddr addr)
2518 {
2519 return ldl_phys_internal(as, addr, DEVICE_BIG_ENDIAN);
2520 }
2521
2522 /* warning: addr must be aligned */
2523 static inline uint64_t ldq_phys_internal(AddressSpace *as, hwaddr addr,
2524 enum device_endian endian)
2525 {
2526 uint8_t *ptr;
2527 uint64_t val;
2528 MemoryRegion *mr;
2529 hwaddr l = 8;
2530 hwaddr addr1;
2531
2532 mr = address_space_translate(as, addr, &addr1, &l,
2533 false);
2534 if (l < 8 || !memory_access_is_direct(mr, false)) {
2535 /* I/O case */
2536 io_mem_read(mr, addr1, &val, 8);
2537 #if defined(TARGET_WORDS_BIGENDIAN)
2538 if (endian == DEVICE_LITTLE_ENDIAN) {
2539 val = bswap64(val);
2540 }
2541 #else
2542 if (endian == DEVICE_BIG_ENDIAN) {
2543 val = bswap64(val);
2544 }
2545 #endif
2546 } else {
2547 /* RAM case */
2548 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(mr)
2549 & TARGET_PAGE_MASK)
2550 + addr1);
2551 switch (endian) {
2552 case DEVICE_LITTLE_ENDIAN:
2553 val = ldq_le_p(ptr);
2554 break;
2555 case DEVICE_BIG_ENDIAN:
2556 val = ldq_be_p(ptr);
2557 break;
2558 default:
2559 val = ldq_p(ptr);
2560 break;
2561 }
2562 }
2563 return val;
2564 }
2565
2566 uint64_t ldq_phys(AddressSpace *as, hwaddr addr)
2567 {
2568 return ldq_phys_internal(as, addr, DEVICE_NATIVE_ENDIAN);
2569 }
2570
2571 uint64_t ldq_le_phys(AddressSpace *as, hwaddr addr)
2572 {
2573 return ldq_phys_internal(as, addr, DEVICE_LITTLE_ENDIAN);
2574 }
2575
2576 uint64_t ldq_be_phys(AddressSpace *as, hwaddr addr)
2577 {
2578 return ldq_phys_internal(as, addr, DEVICE_BIG_ENDIAN);
2579 }
2580
2581 /* XXX: optimize */
2582 uint32_t ldub_phys(AddressSpace *as, hwaddr addr)
2583 {
2584 uint8_t val;
2585 address_space_rw(as, addr, &val, 1, 0);
2586 return val;
2587 }
2588
2589 /* warning: addr must be aligned */
2590 static inline uint32_t lduw_phys_internal(AddressSpace *as, hwaddr addr,
2591 enum device_endian endian)
2592 {
2593 uint8_t *ptr;
2594 uint64_t val;
2595 MemoryRegion *mr;
2596 hwaddr l = 2;
2597 hwaddr addr1;
2598
2599 mr = address_space_translate(as, addr, &addr1, &l,
2600 false);
2601 if (l < 2 || !memory_access_is_direct(mr, false)) {
2602 /* I/O case */
2603 io_mem_read(mr, addr1, &val, 2);
2604 #if defined(TARGET_WORDS_BIGENDIAN)
2605 if (endian == DEVICE_LITTLE_ENDIAN) {
2606 val = bswap16(val);
2607 }
2608 #else
2609 if (endian == DEVICE_BIG_ENDIAN) {
2610 val = bswap16(val);
2611 }
2612 #endif
2613 } else {
2614 /* RAM case */
2615 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(mr)
2616 & TARGET_PAGE_MASK)
2617 + addr1);
2618 switch (endian) {
2619 case DEVICE_LITTLE_ENDIAN:
2620 val = lduw_le_p(ptr);
2621 break;
2622 case DEVICE_BIG_ENDIAN:
2623 val = lduw_be_p(ptr);
2624 break;
2625 default:
2626 val = lduw_p(ptr);
2627 break;
2628 }
2629 }
2630 return val;
2631 }
2632
2633 uint32_t lduw_phys(AddressSpace *as, hwaddr addr)
2634 {
2635 return lduw_phys_internal(as, addr, DEVICE_NATIVE_ENDIAN);
2636 }
2637
2638 uint32_t lduw_le_phys(AddressSpace *as, hwaddr addr)
2639 {
2640 return lduw_phys_internal(as, addr, DEVICE_LITTLE_ENDIAN);
2641 }
2642
2643 uint32_t lduw_be_phys(AddressSpace *as, hwaddr addr)
2644 {
2645 return lduw_phys_internal(as, addr, DEVICE_BIG_ENDIAN);
2646 }
2647
2648 /* warning: addr must be aligned. The ram page is not masked as dirty
2649 and the code inside is not invalidated. It is useful if the dirty
2650 bits are used to track modified PTEs */
2651 void stl_phys_notdirty(AddressSpace *as, hwaddr addr, uint32_t val)
2652 {
2653 uint8_t *ptr;
2654 MemoryRegion *mr;
2655 hwaddr l = 4;
2656 hwaddr addr1;
2657
2658 mr = address_space_translate(as, addr, &addr1, &l,
2659 true);
2660 if (l < 4 || !memory_access_is_direct(mr, true)) {
2661 io_mem_write(mr, addr1, val, 4);
2662 } else {
2663 addr1 += memory_region_get_ram_addr(mr) & TARGET_PAGE_MASK;
2664 ptr = qemu_get_ram_ptr(addr1);
2665 stl_p(ptr, val);
2666
2667 if (unlikely(in_migration)) {
2668 if (cpu_physical_memory_is_clean(addr1)) {
2669 /* invalidate code */
2670 tb_invalidate_phys_page_range(addr1, addr1 + 4, 0);
2671 /* set dirty bit */
2672 cpu_physical_memory_set_dirty_range_nocode(addr1, 4);
2673 }
2674 }
2675 }
2676 }
2677
2678 /* warning: addr must be aligned */
2679 static inline void stl_phys_internal(AddressSpace *as,
2680 hwaddr addr, uint32_t val,
2681 enum device_endian endian)
2682 {
2683 uint8_t *ptr;
2684 MemoryRegion *mr;
2685 hwaddr l = 4;
2686 hwaddr addr1;
2687
2688 mr = address_space_translate(as, addr, &addr1, &l,
2689 true);
2690 if (l < 4 || !memory_access_is_direct(mr, true)) {
2691 #if defined(TARGET_WORDS_BIGENDIAN)
2692 if (endian == DEVICE_LITTLE_ENDIAN) {
2693 val = bswap32(val);
2694 }
2695 #else
2696 if (endian == DEVICE_BIG_ENDIAN) {
2697 val = bswap32(val);
2698 }
2699 #endif
2700 io_mem_write(mr, addr1, val, 4);
2701 } else {
2702 /* RAM case */
2703 addr1 += memory_region_get_ram_addr(mr) & TARGET_PAGE_MASK;
2704 ptr = qemu_get_ram_ptr(addr1);
2705 switch (endian) {
2706 case DEVICE_LITTLE_ENDIAN:
2707 stl_le_p(ptr, val);
2708 break;
2709 case DEVICE_BIG_ENDIAN:
2710 stl_be_p(ptr, val);
2711 break;
2712 default:
2713 stl_p(ptr, val);
2714 break;
2715 }
2716 invalidate_and_set_dirty(addr1, 4);
2717 }
2718 }
2719
2720 void stl_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2721 {
2722 stl_phys_internal(as, addr, val, DEVICE_NATIVE_ENDIAN);
2723 }
2724
2725 void stl_le_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2726 {
2727 stl_phys_internal(as, addr, val, DEVICE_LITTLE_ENDIAN);
2728 }
2729
2730 void stl_be_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2731 {
2732 stl_phys_internal(as, addr, val, DEVICE_BIG_ENDIAN);
2733 }
2734
2735 /* XXX: optimize */
2736 void stb_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2737 {
2738 uint8_t v = val;
2739 address_space_rw(as, addr, &v, 1, 1);
2740 }
2741
2742 /* warning: addr must be aligned */
2743 static inline void stw_phys_internal(AddressSpace *as,
2744 hwaddr addr, uint32_t val,
2745 enum device_endian endian)
2746 {
2747 uint8_t *ptr;
2748 MemoryRegion *mr;
2749 hwaddr l = 2;
2750 hwaddr addr1;
2751
2752 mr = address_space_translate(as, addr, &addr1, &l, true);
2753 if (l < 2 || !memory_access_is_direct(mr, true)) {
2754 #if defined(TARGET_WORDS_BIGENDIAN)
2755 if (endian == DEVICE_LITTLE_ENDIAN) {
2756 val = bswap16(val);
2757 }
2758 #else
2759 if (endian == DEVICE_BIG_ENDIAN) {
2760 val = bswap16(val);
2761 }
2762 #endif
2763 io_mem_write(mr, addr1, val, 2);
2764 } else {
2765 /* RAM case */
2766 addr1 += memory_region_get_ram_addr(mr) & TARGET_PAGE_MASK;
2767 ptr = qemu_get_ram_ptr(addr1);
2768 switch (endian) {
2769 case DEVICE_LITTLE_ENDIAN:
2770 stw_le_p(ptr, val);
2771 break;
2772 case DEVICE_BIG_ENDIAN:
2773 stw_be_p(ptr, val);
2774 break;
2775 default:
2776 stw_p(ptr, val);
2777 break;
2778 }
2779 invalidate_and_set_dirty(addr1, 2);
2780 }
2781 }
2782
2783 void stw_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2784 {
2785 stw_phys_internal(as, addr, val, DEVICE_NATIVE_ENDIAN);
2786 }
2787
2788 void stw_le_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2789 {
2790 stw_phys_internal(as, addr, val, DEVICE_LITTLE_ENDIAN);
2791 }
2792
2793 void stw_be_phys(AddressSpace *as, hwaddr addr, uint32_t val)
2794 {
2795 stw_phys_internal(as, addr, val, DEVICE_BIG_ENDIAN);
2796 }
2797
2798 /* XXX: optimize */
2799 void stq_phys(AddressSpace *as, hwaddr addr, uint64_t val)
2800 {
2801 val = tswap64(val);
2802 address_space_rw(as, addr, (void *) &val, 8, 1);
2803 }
2804
2805 void stq_le_phys(AddressSpace *as, hwaddr addr, uint64_t val)
2806 {
2807 val = cpu_to_le64(val);
2808 address_space_rw(as, addr, (void *) &val, 8, 1);
2809 }
2810
2811 void stq_be_phys(AddressSpace *as, hwaddr addr, uint64_t val)
2812 {
2813 val = cpu_to_be64(val);
2814 address_space_rw(as, addr, (void *) &val, 8, 1);
2815 }
2816
2817 /* virtual memory access for debug (includes writing to ROM) */
2818 int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
2819 uint8_t *buf, int len, int is_write)
2820 {
2821 int l;
2822 hwaddr phys_addr;
2823 target_ulong page;
2824
2825 while (len > 0) {
2826 page = addr & TARGET_PAGE_MASK;
2827 phys_addr = cpu_get_phys_page_debug(cpu, page);
2828 /* if no physical page mapped, return an error */
2829 if (phys_addr == -1)
2830 return -1;
2831 l = (page + TARGET_PAGE_SIZE) - addr;
2832 if (l > len)
2833 l = len;
2834 phys_addr += (addr & ~TARGET_PAGE_MASK);
2835 if (is_write) {
2836 cpu_physical_memory_write_rom(cpu->as, phys_addr, buf, l);
2837 } else {
2838 address_space_rw(cpu->as, phys_addr, buf, l, 0);
2839 }
2840 len -= l;
2841 buf += l;
2842 addr += l;
2843 }
2844 return 0;
2845 }
2846 #endif
2847
2848 /*
2849 * A helper function for the _utterly broken_ virtio device model to find out if
2850 * it's running on a big endian machine. Don't do this at home kids!
2851 */
2852 bool target_words_bigendian(void);
2853 bool target_words_bigendian(void)
2854 {
2855 #if defined(TARGET_WORDS_BIGENDIAN)
2856 return true;
2857 #else
2858 return false;
2859 #endif
2860 }
2861
2862 #ifndef CONFIG_USER_ONLY
2863 bool cpu_physical_memory_is_io(hwaddr phys_addr)
2864 {
2865 MemoryRegion*mr;
2866 hwaddr l = 1;
2867
2868 mr = address_space_translate(&address_space_memory,
2869 phys_addr, &phys_addr, &l, false);
2870
2871 return !(memory_region_is_ram(mr) ||
2872 memory_region_is_romd(mr));
2873 }
2874
2875 void qemu_ram_foreach_block(RAMBlockIterFunc func, void *opaque)
2876 {
2877 RAMBlock *block;
2878
2879 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
2880 func(block->host, block->offset, block->used_length, opaque);
2881 }
2882 }
2883 #endif
QEMU Monitor Protocol