/* *  virtual page mapping and translated block handling * *  Copyright (c) 2003 Fabrice Bellard * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation; either * version 2 of the License, or (at your option) any later version. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this library; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA */#include "config.h"#ifdef _WIN32#define WIN32_LEAN_AND_MEAN#include <windows.h>#else#include <sys/types.h>#include <sys/mman.h>#endif#include <stdlib.h>#include <stdio.h>#include <stdarg.h>#include <string.h>#include <errno.h>#include <unistd.h>#include <inttypes.h>#include "cpu.h"#include "exec-all.h"#if defined(CONFIG_USER_ONLY)#include <qemu.h>#endif//#define DEBUG_TB_INVALIDATE//#define DEBUG_FLUSH//#define DEBUG_TLB//#define DEBUG_UNASSIGNED/* make various TB consistency checks *///#define DEBUG_TB_CHECK//#define DEBUG_TLB_CHECK//#define DEBUG_IOPORT//#define DEBUG_SUBPAGE#if !defined(CONFIG_USER_ONLY)/* TB consistency checks only implemented for usermode emulation.  */#undef DEBUG_TB_CHECK#endif/* threshold to flush the translated code buffer */#define CODE_GEN_BUFFER_MAX_SIZE (CODE_GEN_BUFFER_SIZE - code_gen_max_block_size())#define SMC_BITMAP_USE_THRESHOLD 10#define MMAP_AREA_START        0x00000000#define MMAP_AREA_END          0xa8000000#if defined(TARGET_SPARC64)#define TARGET_PHYS_ADDR_SPACE_BITS 41#elif defined(TARGET_SPARC)#define TARGET_PHYS_ADDR_SPACE_BITS 36#elif defined(TARGET_ALPHA)#define TARGET_PHYS_ADDR_SPACE_BITS 42#define TARGET_VIRT_ADDR_SPACE_BITS 42#elif defined(TARGET_PPC64)#define TARGET_PHYS_ADDR_SPACE_BITS 42#else/* Note: for compatibility with kqemu, we use 32 bits for x86_64 */#define TARGET_PHYS_ADDR_SPACE_BITS 32#endifTranslationBlock tbs[CODE_GEN_MAX_BLOCKS];TranslationBlock *tb_phys_hash[CODE_GEN_PHYS_HASH_SIZE];int nb_tbs;/* any access to the tbs or the page table must use this lock */spinlock_t tb_lock = SPIN_LOCK_UNLOCKED;uint8_t code_gen_buffer[CODE_GEN_BUFFER_SIZE] __attribute__((aligned (32)));uint8_t *code_gen_ptr;int phys_ram_size;int phys_ram_fd;uint8_t *phys_ram_base;uint8_t *phys_ram_dirty;static ram_addr_t phys_ram_alloc_offset = 0;CPUState *first_cpu;/* current CPU in the current thread. It is only valid inside   cpu_exec() */CPUState *cpu_single_env;typedef struct PageDesc {    /* list of TBs intersecting this ram page */    TranslationBlock *first_tb;    /* in order to optimize self modifying code, we count the number       of lookups we do to a given page to use a bitmap */    unsigned int code_write_count;    uint8_t *code_bitmap;#if defined(CONFIG_USER_ONLY)    unsigned long flags;#endif} PageDesc;typedef struct PhysPageDesc {    /* offset in host memory of the page + io_index in the low 12 bits */    uint32_t phys_offset;} PhysPageDesc;#define L2_BITS 10#if defined(CONFIG_USER_ONLY) && defined(TARGET_VIRT_ADDR_SPACE_BITS)/* XXX: this is a temporary hack for alpha target. *      In the future, this is to be replaced by a multi-level table *      to actually be able to handle the complete 64 bits address space. */#define L1_BITS (TARGET_VIRT_ADDR_SPACE_BITS - L2_BITS - TARGET_PAGE_BITS)#else#define L1_BITS (32 - L2_BITS - TARGET_PAGE_BITS)#endif#define L1_SIZE (1 << L1_BITS)#define L2_SIZE (1 << L2_BITS)static void io_mem_init(void);unsigned long qemu_real_host_page_size;unsigned long qemu_host_page_bits;unsigned long qemu_host_page_size;unsigned long qemu_host_page_mask;/* XXX: for system emulation, it could just be an array */static PageDesc *l1_map[L1_SIZE];PhysPageDesc **l1_phys_map;/* io memory support */CPUWriteMemoryFunc *io_mem_write[IO_MEM_NB_ENTRIES][4];CPUReadMemoryFunc *io_mem_read[IO_MEM_NB_ENTRIES][4];void *io_mem_opaque[IO_MEM_NB_ENTRIES];static int io_mem_nb;#if defined(CONFIG_SOFTMMU)static int io_mem_watch;#endif/* log support */char *logfilename = "/tmp/qemu.log";FILE *logfile;int loglevel;static int log_append = 0;/* statistics */static int tlb_flush_count;static int tb_flush_count;static int tb_phys_invalidate_count;#define SUBPAGE_IDX(addr) ((addr) & ~TARGET_PAGE_MASK)typedef struct subpage_t {    target_phys_addr_t base;    CPUReadMemoryFunc **mem_read[TARGET_PAGE_SIZE][4];    CPUWriteMemoryFunc **mem_write[TARGET_PAGE_SIZE][4];    void *opaque[TARGET_PAGE_SIZE][2][4];} subpage_t;static void page_init(void){    /* NOTE: we can always suppose that qemu_host_page_size >=       TARGET_PAGE_SIZE */#ifdef _WIN32    {        SYSTEM_INFO system_info;        DWORD old_protect;        GetSystemInfo(&system_info);        qemu_real_host_page_size = system_info.dwPageSize;        VirtualProtect(code_gen_buffer, sizeof(code_gen_buffer),                       PAGE_EXECUTE_READWRITE, &old_protect);    }#else    qemu_real_host_page_size = getpagesize();    {        unsigned long start, end;        start = (unsigned long)code_gen_buffer;        start &= ~(qemu_real_host_page_size - 1);        end = (unsigned long)code_gen_buffer + sizeof(code_gen_buffer);        end += qemu_real_host_page_size - 1;        end &= ~(qemu_real_host_page_size - 1);        mprotect((void *)start, end - start,                 PROT_READ | PROT_WRITE | PROT_EXEC);    }#endif    if (qemu_host_page_size == 0)        qemu_host_page_size = qemu_real_host_page_size;    if (qemu_host_page_size < TARGET_PAGE_SIZE)        qemu_host_page_size = TARGET_PAGE_SIZE;    qemu_host_page_bits = 0;    while ((1 << qemu_host_page_bits) < qemu_host_page_size)        qemu_host_page_bits++;    qemu_host_page_mask = ~(qemu_host_page_size - 1);    l1_phys_map = qemu_vmalloc(L1_SIZE * sizeof(void *));    memset(l1_phys_map, 0, L1_SIZE * sizeof(void *));#if !defined(_WIN32) && defined(CONFIG_USER_ONLY)    {        long long startaddr, endaddr;        FILE *f;        int n;        f = fopen("/proc/self/maps", "r");        if (f) {            do {                n = fscanf (f, "%llx-%llx %*[^\n]\n", &startaddr, &endaddr);                if (n == 2) {                    page_set_flags(TARGET_PAGE_ALIGN(startaddr),                                   TARGET_PAGE_ALIGN(endaddr),                                   PAGE_RESERVED);                 }            } while (!feof(f));            fclose(f);        }    }#endif}static inline PageDesc *page_find_alloc(unsigned int index){    PageDesc **lp, *p;    lp = &l1_map[index >> L2_BITS];    p = *lp;    if (!p) {        /* allocate if not found */        p = qemu_malloc(sizeof(PageDesc) * L2_SIZE);        memset(p, 0, sizeof(PageDesc) * L2_SIZE);        *lp = p;    }    return p + (index & (L2_SIZE - 1));}static inline PageDesc *page_find(unsigned int index){    PageDesc *p;    p = l1_map[index >> L2_BITS];    if (!p)        return 0;    return p + (index & (L2_SIZE - 1));}static PhysPageDesc *phys_page_find_alloc(target_phys_addr_t index, int alloc){    void **lp, **p;    PhysPageDesc *pd;    p = (void **)l1_phys_map;#if TARGET_PHYS_ADDR_SPACE_BITS > 32#if TARGET_PHYS_ADDR_SPACE_BITS > (32 + L1_BITS)#error unsupported TARGET_PHYS_ADDR_SPACE_BITS#endif    lp = p + ((index >> (L1_BITS + L2_BITS)) & (L1_SIZE - 1));    p = *lp;    if (!p) {        /* allocate if not found */        if (!alloc)            return NULL;        p = qemu_vmalloc(sizeof(void *) * L1_SIZE);        memset(p, 0, sizeof(void *) * L1_SIZE);        *lp = p;    }#endif    lp = p + ((index >> L2_BITS) & (L1_SIZE - 1));    pd = *lp;    if (!pd) {        int i;        /* allocate if not found */        if (!alloc)            return NULL;        pd = qemu_vmalloc(sizeof(PhysPageDesc) * L2_SIZE);        *lp = pd;        for (i = 0; i < L2_SIZE; i++)          pd[i].phys_offset = IO_MEM_UNASSIGNED;    }    return ((PhysPageDesc *)pd) + (index & (L2_SIZE - 1));}static inline PhysPageDesc *phys_page_find(target_phys_addr_t index){    return phys_page_find_alloc(index, 0);}#if !defined(CONFIG_USER_ONLY)static void tlb_protect_code(ram_addr_t ram_addr);static void tlb_unprotect_code_phys(CPUState *env, ram_addr_t ram_addr,                                    target_ulong vaddr);#endifvoid cpu_exec_init(CPUState *env){    CPUState **penv;    int cpu_index;    if (!code_gen_ptr) {        code_gen_ptr = code_gen_buffer;        page_init();        io_mem_init();    }    env->next_cpu = NULL;    penv = &first_cpu;    cpu_index = 0;    while (*penv != NULL) {        penv = (CPUState **)&(*penv)->next_cpu;        cpu_index++;    }    env->cpu_index = cpu_index;    env->nb_watchpoints = 0;    *penv = env;}static inline void invalidate_page_bitmap(PageDesc *p){    if (p->code_bitmap) {        qemu_free(p->code_bitmap);        p->code_bitmap = NULL;    }    p->code_write_count = 0;}/* set to NULL all the 'first_tb' fields in all PageDescs */static void page_flush_tb(void){    int i, j;    PageDesc *p;    for(i = 0; i < L1_SIZE; i++) {        p = l1_map[i];        if (p) {            for(j = 0; j < L2_SIZE; j++) {                p->first_tb = NULL;                invalidate_page_bitmap(p);                p++;            }        }    }}/* flush all the translation blocks *//* XXX: tb_flush is currently not thread safe */void tb_flush(CPUState *env1){    CPUState *env;#if defined(DEBUG_FLUSH)    printf("qemu: flush code_size=%ld nb_tbs=%d avg_tb_size=%ld\n",           (unsigned long)(code_gen_ptr - code_gen_buffer),           nb_tbs, nb_tbs > 0 ?           ((unsigned long)(code_gen_ptr - code_gen_buffer)) / nb_tbs : 0);#endif    nb_tbs = 0;    for(env = first_cpu; env != NULL; env = env->next_cpu) {        memset (env->tb_jmp_cache, 0, TB_JMP_CACHE_SIZE * sizeof (void *));    }    memset (tb_phys_hash, 0, CODE_GEN_PHYS_HASH_SIZE * sizeof (void *));    page_flush_tb();    code_gen_ptr = code_gen_buffer;    /* XXX: flush processor icache at this point if cache flush is       expensive */    tb_flush_count++;}#ifdef DEBUG_TB_CHECKstatic void tb_invalidate_check(target_ulong address){    TranslationBlock *tb;    int i;    address &= TARGET_PAGE_MASK;    for(i = 0;i < CODE_GEN_PHYS_HASH_SIZE; i++) {        for(tb = tb_phys_hash[i]; tb != NULL; tb = tb->phys_hash_next) {            if (!(address + TARGET_PAGE_SIZE <= tb->pc ||                  address >= tb->pc + tb->size)) {                printf("ERROR invalidate: address=%08lx PC=%08lx size=%04x\n",                       address, (long)tb->pc, tb->size);            }        }    }}/* verify that all the pages have correct rights for code */static void tb_page_check(void){    TranslationBlock *tb;    int i, flags1, flags2;    for(i = 0;i < CODE_GEN_PHYS_HASH_SIZE; i++) {        for(tb = tb_phys_hash[i]; tb != NULL; tb = tb->phys_hash_next) {            flags1 = page_get_flags(tb->pc);            flags2 = page_get_flags(tb->pc + tb->size - 1);            if ((flags1 & PAGE_WRITE) || (flags2 & PAGE_WRITE)) {                printf("ERROR page flags: PC=%08lx size=%04x f1=%x f2=%x\n",                       (long)tb->pc, tb->size, flags1, flags2);            }        }    }}void tb_jmp_check(TranslationBlock *tb){    TranslationBlock *tb1;    unsigned int n1;    /* suppress any remaining jumps to this TB */    tb1 = tb->jmp_first;    for(;;) {        n1 = (long)tb1 & 3;        tb1 = (TranslationBlock *)((long)tb1 & ~3);        if (n1 == 2)            break;        tb1 = tb1->jmp_next[n1];