SYS-OSS/FRET-qemu
4
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

tcg: Use HAVE_CMPXCHG128 instead of CONFIG_CMPXCHG128

Browse Source 
accel/tcg: Introduce page_check_range_empty
 accel/tcg: Introduce page_find_range_empty
 accel/tcg: Accept more page flags in page_check_range
 accel/tcg: Return bool from page_check_range
 accel/tcg: Always lock pages before translation
 linux-user: Use abi_* types for target structures in syscall_defs.h
 linux-user: Fix abi_llong alignment for microblaze and nios2
 linux-user: Fix do_shmat type errors
 linux-user: Implement execve without execveat
 linux-user: Make sure initial brk is aligned
 linux-user: Use a mask with strace flags
 linux-user: Implement MAP_FIXED_NOREPLACE
 linux-user: Widen target_mmap offset argument to off_t
 linux-user: Use page_find_range_empty for mmap_find_vma_reserved
 linux-user: Use 'last' instead of 'end' in target_mmap and subroutines
 linux-user: Remove can_passthrough_madvise
 linux-user: Simplify target_madvise
 linux-user: Drop uint and ulong types
 linux-user/arm: Do not allocate a commpage at all for M-profile CPUs
 bsd-user: Use page_check_range_empty for MAP_EXCL
 bsd-user: Use page_find_range_empty for mmap_find_vma_reserved
 -----BEGIN PGP SIGNATURE-----
 
 iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmSypEYdHHJpY2hhcmQu
 aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV9VzQf/RMRK4SQDJiJEbQ6K
 5U1i955Rl4MMLT8PrkbT/UDA9soyIlSVjUenW8ThJJg6SLbSvkXZsWn165PFu+yW
 nYkeCYxkJtAjWmmFlZ44J+VLEZZ6LkWrIvPZHvKohelpi6uT/fuQaAZjKuH2prI/
 7bdP5YdLUMpCztERHYfxmroEX4wJR6knsRpt5rYchADxEfkWk82PanneCw7grQ6V
 VNg1pRGplp0jMkpOOBvMD1ENkmoipklMe9P1gQdCHobg2/kqpozhT1oQp/gHNkP5
 66Cjzv8o0nnPjJetm74pnP06iNhuMjDesD7f+Vq/DALgMobwjvhDW5GD+Ccto85B
 hqvwHA==
 =vm0t
 -----END PGP SIGNATURE-----

Merge tag 'pull-tcg-20230715' of https://gitlab.com/rth7680/qemu into staging

tcg: Use HAVE_CMPXCHG128 instead of CONFIG_CMPXCHG128
accel/tcg: Introduce page_check_range_empty
accel/tcg: Introduce page_find_range_empty
accel/tcg: Accept more page flags in page_check_range
accel/tcg: Return bool from page_check_range
accel/tcg: Always lock pages before translation
linux-user: Use abi_* types for target structures in syscall_defs.h
linux-user: Fix abi_llong alignment for microblaze and nios2
linux-user: Fix do_shmat type errors
linux-user: Implement execve without execveat
linux-user: Make sure initial brk is aligned
linux-user: Use a mask with strace flags
linux-user: Implement MAP_FIXED_NOREPLACE
linux-user: Widen target_mmap offset argument to off_t
linux-user: Use page_find_range_empty for mmap_find_vma_reserved
linux-user: Use 'last' instead of 'end' in target_mmap and subroutines
linux-user: Remove can_passthrough_madvise
linux-user: Simplify target_madvise
linux-user: Drop uint and ulong types
linux-user/arm: Do not allocate a commpage at all for M-profile CPUs
bsd-user: Use page_check_range_empty for MAP_EXCL
bsd-user: Use page_find_range_empty for mmap_find_vma_reserved

# -----BEGIN PGP SIGNATURE-----
#
# iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmSypEYdHHJpY2hhcmQu
# aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV9VzQf/RMRK4SQDJiJEbQ6K
# 5U1i955Rl4MMLT8PrkbT/UDA9soyIlSVjUenW8ThJJg6SLbSvkXZsWn165PFu+yW
# nYkeCYxkJtAjWmmFlZ44J+VLEZZ6LkWrIvPZHvKohelpi6uT/fuQaAZjKuH2prI/
# 7bdP5YdLUMpCztERHYfxmroEX4wJR6knsRpt5rYchADxEfkWk82PanneCw7grQ6V
# VNg1pRGplp0jMkpOOBvMD1ENkmoipklMe9P1gQdCHobg2/kqpozhT1oQp/gHNkP5
# 66Cjzv8o0nnPjJetm74pnP06iNhuMjDesD7f+Vq/DALgMobwjvhDW5GD+Ccto85B
# hqvwHA==
# =vm0t
# -----END PGP SIGNATURE-----
# gpg: Signature made Sat 15 Jul 2023 02:51:02 PM BST
# gpg:                using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg:                issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [ultimate]

* tag 'pull-tcg-20230715' of https://gitlab.com/rth7680/qemu: (47 commits)
  tcg: Use HAVE_CMPXCHG128 instead of CONFIG_CMPXCHG128
  accel/tcg: Always lock pages before translation
  linux-user/arm: Do not allocate a commpage at all for M-profile CPUs
  linux-user: Drop uint and ulong
  linux-user: Simplify target_madvise
  linux-user: Remove can_passthrough_madvise
  accel/tcg: Return bool from page_check_range
  accel/tcg: Accept more page flags in page_check_range
  linux-user: Simplify target_munmap
  linux-user: Rename mmap_reserve to mmap_reserve_or_unmap
  linux-user: Rewrite mmap_reserve
  linux-user: Use 'last' instead of 'end' in target_mmap
  linux-user: Use page_find_range_empty for mmap_find_vma_reserved
  bsd-user: Use page_find_range_empty for mmap_find_vma_reserved
  accel/tcg: Introduce page_find_range_empty
  linux-user: Rewrite mmap_frag
  linux-user: Rewrite target_mprotect
  linux-user: Widen target_mmap offset argument to off_t
  linux-user: Split out target_to_host_prot
  linux-user: Implement MAP_FIXED_NOREPLACE
  ...

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
This commit is contained in:
Richard Henderson 2023-07-15 14:53:37 +01:00
commit d7be40e138
36 changed files with 2043 additions and 1824 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
accel/tcg/atomic_common.c.inc
View File

@ -41,7 +41,7 @@ CMPXCHG_HELPER(cmpxchgq_be, uint64_t)
CMPXCHG_HELPER(cmpxchgq_le, uint64_t)
#endif
#ifdef CONFIG_CMPXCHG128
#if HAVE_CMPXCHG128
CMPXCHG_HELPER(cmpxchgo_be, Int128)
CMPXCHG_HELPER(cmpxchgo_le, Int128)
#endif

63
accel/tcg/cpu-exec.c
View File

@ -526,6 +526,43 @@ static void cpu_exec_exit(CPUState *cpu)
}
}
static void cpu_exec_longjmp_cleanup(CPUState *cpu)
{
/* Non-buggy compilers preserve this; assert the correct value. */
g_assert(cpu == current_cpu);
#ifdef CONFIG_USER_ONLY
clear_helper_retaddr();
if (have_mmap_lock()) {
mmap_unlock();
}
#else
/*
* For softmmu, a tlb_fill fault during translation will land here,
* and we need to release any page locks held. In system mode we
* have one tcg_ctx per thread, so we know it was this cpu doing
* the translation.
*
* Alternative 1: Install a cleanup to be called via an exception
* handling safe longjmp. It seems plausible that all our hosts
* support such a thing. We'd have to properly register unwind info
* for the JIT for EH, rather that just for GDB.
*
* Alternative 2: Set and restore cpu->jmp_env in tb_gen_code to
* capture the cpu_loop_exit longjmp, perform the cleanup, and
* jump again to arrive here.
*/
if (tcg_ctx->gen_tb) {
tb_unlock_pages(tcg_ctx->gen_tb);
tcg_ctx->gen_tb = NULL;
}
#endif
if (qemu_mutex_iothread_locked()) {
qemu_mutex_unlock_iothread();
}
assert_no_pages_locked();
}
void cpu_exec_step_atomic(CPUState *cpu)
{
CPUArchState *env = cpu->env_ptr;
@ -568,16 +605,7 @@ void cpu_exec_step_atomic(CPUState *cpu)
cpu_tb_exec(cpu, tb, &tb_exit);
cpu_exec_exit(cpu);
} else {
#ifdef CONFIG_USER_ONLY
clear_helper_retaddr();
if (have_mmap_lock()) {
mmap_unlock();
}
#endif
if (qemu_mutex_iothread_locked()) {
qemu_mutex_unlock_iothread();
}
assert_no_pages_locked();
cpu_exec_longjmp_cleanup(cpu);
}
/*
@ -1023,20 +1051,7 @@ static int cpu_exec_setjmp(CPUState *cpu, SyncClocks *sc)
{
/* Prepare setjmp context for exception handling. */
if (unlikely(sigsetjmp(cpu->jmp_env, 0) != 0)) {
/* Non-buggy compilers preserve this; assert the correct value. */
g_assert(cpu == current_cpu);
#ifdef CONFIG_USER_ONLY
clear_helper_retaddr();
if (have_mmap_lock()) {
mmap_unlock();
}
#endif
if (qemu_mutex_iothread_locked()) {
qemu_mutex_unlock_iothread();
}
assert_no_pages_locked();
cpu_exec_longjmp_cleanup(cpu);
}
return cpu_exec_loop(cpu, sc);

2
accel/tcg/cputlb.c
View File

@ -3105,7 +3105,7 @@ void cpu_st16_mmu(CPUArchState *env, target_ulong addr, Int128 val,
#include "atomic_template.h"
#endif
#if defined(CONFIG_ATOMIC128) || defined(CONFIG_CMPXCHG128)
#if defined(CONFIG_ATOMIC128) || HAVE_CMPXCHG128
#define DATA_SIZE 16
#include "atomic_template.h"
#endif

30
accel/tcg/internal.h
View File

@ -10,6 +10,7 @@
#define ACCEL_TCG_INTERNAL_H
#include "exec/exec-all.h"
#include "exec/translate-all.h"
/*
* Access to the various translations structures need to be serialised
@ -35,6 +36,32 @@ static inline void page_table_config_init(void) { }
void page_table_config_init(void);
#endif
#ifdef CONFIG_USER_ONLY
/*
* For user-only, page_protect sets the page read-only.
* Since most execution is already on read-only pages, and we'd need to
* account for other TBs on the same page, defer undoing any page protection
* until we receive the write fault.
*/
static inline void tb_lock_page0(tb_page_addr_t p0)
{
page_protect(p0);
}
static inline void tb_lock_page1(tb_page_addr_t p0, tb_page_addr_t p1)
{
page_protect(p1);
}
static inline void tb_unlock_page1(tb_page_addr_t p0, tb_page_addr_t p1) { }
static inline void tb_unlock_pages(TranslationBlock *tb) { }
#else
void tb_lock_page0(tb_page_addr_t);
void tb_lock_page1(tb_page_addr_t, tb_page_addr_t);
void tb_unlock_page1(tb_page_addr_t, tb_page_addr_t);
void tb_unlock_pages(TranslationBlock *);
#endif
#ifdef CONFIG_SOFTMMU
void tb_invalidate_phys_range_fast(ram_addr_t ram_addr,
unsigned size,
@ -48,8 +75,7 @@ TranslationBlock *tb_gen_code(CPUState *cpu, vaddr pc,
void page_init(void);
void tb_htable_init(void);
void tb_reset_jump(TranslationBlock *tb, int n);
TranslationBlock *tb_link_page(TranslationBlock *tb, tb_page_addr_t phys_pc,
tb_page_addr_t phys_page2);
TranslationBlock *tb_link_page(TranslationBlock *tb);
bool tb_invalidate_phys_page_unwind(tb_page_addr_t addr, uintptr_t pc);
void cpu_restore_state_from_tb(CPUState *cpu, TranslationBlock *tb,
uintptr_t host_pc);

4
accel/tcg/ldst_atomicity.c.inc
View File

@ -159,7 +159,7 @@ static uint64_t load_atomic8_or_exit(CPUArchState *env, uintptr_t ra, void *pv)
* another process, because the fallback start_exclusive solution
* provides no protection across processes.
*/
if (!page_check_range(h2g(pv), 8, PAGE_WRITE_ORG)) {
if (page_check_range(h2g(pv), 8, PAGE_WRITE_ORG)) {
uint64_t *p = __builtin_assume_aligned(pv, 8);
return *p;
}
@ -194,7 +194,7 @@ static Int128 load_atomic16_or_exit(CPUArchState *env, uintptr_t ra, void *pv)
* another process, because the fallback start_exclusive solution
* provides no protection across processes.
*/
if (!page_check_range(h2g(p), 16, PAGE_WRITE_ORG)) {
if (page_check_range(h2g(p), 16, PAGE_WRITE_ORG)) {
return *p;
}
#endif

242
accel/tcg/tb-maint.c
View File

@ -70,17 +70,7 @@ typedef struct PageDesc PageDesc;
*/
#define assert_page_locked(pd) tcg_debug_assert(have_mmap_lock())
static inline void page_lock_pair(PageDesc **ret_p1, tb_page_addr_t phys1,
PageDesc **ret_p2, tb_page_addr_t phys2,
bool alloc)
{
*ret_p1 = NULL;
*ret_p2 = NULL;
}
static inline void page_unlock(PageDesc *pd) { }
static inline void page_lock_tb(const TranslationBlock *tb) { }
static inline void page_unlock_tb(const TranslationBlock *tb) { }
static inline void tb_lock_pages(const TranslationBlock *tb) { }
/*
* For user-only, since we are protecting all of memory with a single lock,
@ -96,7 +86,7 @@ static void tb_remove_all(void)
}
/* Call with mmap_lock held. */
static void tb_record(TranslationBlock *tb, PageDesc *p1, PageDesc *p2)
static void tb_record(TranslationBlock *tb)
{
vaddr addr;
int flags;
@ -391,12 +381,108 @@ static void page_lock(PageDesc *pd)
qemu_spin_lock(&pd->lock);
}
/* Like qemu_spin_trylock, returns false on success */
static bool page_trylock(PageDesc *pd)
{
bool busy = qemu_spin_trylock(&pd->lock);
if (!busy) {
page_lock__debug(pd);
}
return busy;
}
static void page_unlock(PageDesc *pd)
{
qemu_spin_unlock(&pd->lock);
page_unlock__debug(pd);
}
void tb_lock_page0(tb_page_addr_t paddr)
{
page_lock(page_find_alloc(paddr >> TARGET_PAGE_BITS, true));
}
void tb_lock_page1(tb_page_addr_t paddr0, tb_page_addr_t paddr1)
{
tb_page_addr_t pindex0 = paddr0 >> TARGET_PAGE_BITS;
tb_page_addr_t pindex1 = paddr1 >> TARGET_PAGE_BITS;
PageDesc *pd0, *pd1;
if (pindex0 == pindex1) {
/* Identical pages, and the first page is already locked. */
return;
}
pd1 = page_find_alloc(pindex1, true);
if (pindex0 < pindex1) {
/* Correct locking order, we may block. */
page_lock(pd1);
return;
}
/* Incorrect locking order, we cannot block lest we deadlock. */
if (!page_trylock(pd1)) {
return;
}
/*
* Drop the lock on page0 and get both page locks in the right order.
* Restart translation via longjmp.
*/
pd0 = page_find_alloc(pindex0, false);
page_unlock(pd0);
page_lock(pd1);
page_lock(pd0);
siglongjmp(tcg_ctx->jmp_trans, -3);
}
void tb_unlock_page1(tb_page_addr_t paddr0, tb_page_addr_t paddr1)
{
tb_page_addr_t pindex0 = paddr0 >> TARGET_PAGE_BITS;
tb_page_addr_t pindex1 = paddr1 >> TARGET_PAGE_BITS;
if (pindex0 != pindex1) {
page_unlock(page_find_alloc(pindex1, false));
}
}
static void tb_lock_pages(TranslationBlock *tb)
{
tb_page_addr_t paddr0 = tb_page_addr0(tb);
tb_page_addr_t paddr1 = tb_page_addr1(tb);
tb_page_addr_t pindex0 = paddr0 >> TARGET_PAGE_BITS;
tb_page_addr_t pindex1 = paddr1 >> TARGET_PAGE_BITS;
if (unlikely(paddr0 == -1)) {
return;
}
if (unlikely(paddr1 != -1) && pindex0 != pindex1) {
if (pindex0 < pindex1) {
page_lock(page_find_alloc(pindex0, true));
page_lock(page_find_alloc(pindex1, true));
return;
}
page_lock(page_find_alloc(pindex1, true));
}
page_lock(page_find_alloc(pindex0, true));
}
void tb_unlock_pages(TranslationBlock *tb)
{
tb_page_addr_t paddr0 = tb_page_addr0(tb);
tb_page_addr_t paddr1 = tb_page_addr1(tb);
tb_page_addr_t pindex0 = paddr0 >> TARGET_PAGE_BITS;
tb_page_addr_t pindex1 = paddr1 >> TARGET_PAGE_BITS;
if (unlikely(paddr0 == -1)) {
return;
}
if (unlikely(paddr1 != -1) && pindex0 != pindex1) {
page_unlock(page_find_alloc(pindex1, false));
}
page_unlock(page_find_alloc(pindex0, false));
}
static inline struct page_entry *
page_entry_new(PageDesc *pd, tb_page_addr_t index)
{
@ -420,13 +506,10 @@ static void page_entry_destroy(gpointer p)
/* returns false on success */
static bool page_entry_trylock(struct page_entry *pe)
{
bool busy;
busy = qemu_spin_trylock(&pe->pd->lock);
bool busy = page_trylock(pe->pd);
if (!busy) {
g_assert(!pe->locked);
pe->locked = true;
page_lock__debug(pe->pd);
}
return busy;
}
@ -604,8 +687,7 @@ static void tb_remove_all(void)
* Add the tb in the target page and protect it if necessary.
* Called with @p->lock held.
*/
static inline void tb_page_add(PageDesc *p, TranslationBlock *tb,
unsigned int n)
static void tb_page_add(PageDesc *p, TranslationBlock *tb, unsigned int n)
{
bool page_already_protected;
@ -625,15 +707,21 @@ static inline void tb_page_add(PageDesc *p, TranslationBlock *tb,
}
}
static void tb_record(TranslationBlock *tb, PageDesc *p1, PageDesc *p2)
static void tb_record(TranslationBlock *tb)
{
tb_page_add(p1, tb, 0);
if (unlikely(p2)) {
tb_page_add(p2, tb, 1);
tb_page_addr_t paddr0 = tb_page_addr0(tb);
tb_page_addr_t paddr1 = tb_page_addr1(tb);
tb_page_addr_t pindex0 = paddr0 >> TARGET_PAGE_BITS;
tb_page_addr_t pindex1 = paddr0 >> TARGET_PAGE_BITS;
assert(paddr0 != -1);
if (unlikely(paddr1 != -1) && pindex0 != pindex1) {
tb_page_add(page_find_alloc(pindex1, false), tb, 1);
}
tb_page_add(page_find_alloc(pindex0, false), tb, 0);
}
static inline void tb_page_remove(PageDesc *pd, TranslationBlock *tb)
static void tb_page_remove(PageDesc *pd, TranslationBlock *tb)
{
TranslationBlock *tb1;
uintptr_t *pprev;
@ -653,74 +741,16 @@ static inline void tb_page_remove(PageDesc *pd, TranslationBlock *tb)
static void tb_remove(TranslationBlock *tb)
{
PageDesc *pd;
tb_page_addr_t paddr0 = tb_page_addr0(tb);
tb_page_addr_t paddr1 = tb_page_addr1(tb);
tb_page_addr_t pindex0 = paddr0 >> TARGET_PAGE_BITS;
tb_page_addr_t pindex1 = paddr0 >> TARGET_PAGE_BITS;
pd = page_find(tb->page_addr[0] >> TARGET_PAGE_BITS);
tb_page_remove(pd, tb);
if (unlikely(tb->page_addr[1] != -1)) {
pd = page_find(tb->page_addr[1] >> TARGET_PAGE_BITS);
tb_page_remove(pd, tb);
}
}
static void page_lock_pair(PageDesc **ret_p1, tb_page_addr_t phys1,
PageDesc **ret_p2, tb_page_addr_t phys2, bool alloc)
{
PageDesc *p1, *p2;
tb_page_addr_t page1;
tb_page_addr_t page2;
assert_memory_lock();
g_assert(phys1 != -1);
page1 = phys1 >> TARGET_PAGE_BITS;
page2 = phys2 >> TARGET_PAGE_BITS;
p1 = page_find_alloc(page1, alloc);
if (ret_p1) {
*ret_p1 = p1;
}
if (likely(phys2 == -1)) {
page_lock(p1);
return;
} else if (page1 == page2) {
page_lock(p1);
if (ret_p2) {
*ret_p2 = p1;
}
return;
}
p2 = page_find_alloc(page2, alloc);
if (ret_p2) {
*ret_p2 = p2;
}
if (page1 < page2) {
page_lock(p1);
page_lock(p2);
} else {
page_lock(p2);
page_lock(p1);
}
}
/* lock the page(s) of a TB in the correct acquisition order */
static void page_lock_tb(const TranslationBlock *tb)
{
page_lock_pair(NULL, tb_page_addr0(tb), NULL, tb_page_addr1(tb), false);
}
static void page_unlock_tb(const TranslationBlock *tb)
{
PageDesc *p1 = page_find(tb_page_addr0(tb) >> TARGET_PAGE_BITS);
page_unlock(p1);
if (unlikely(tb_page_addr1(tb) != -1)) {
PageDesc *p2 = page_find(tb_page_addr1(tb) >> TARGET_PAGE_BITS);
if (p2 != p1) {
page_unlock(p2);
}
assert(paddr0 != -1);
if (unlikely(paddr1 != -1) && pindex0 != pindex1) {
tb_page_remove(page_find_alloc(pindex1, false), tb);
}
tb_page_remove(page_find_alloc(pindex0, false), tb);
}
#endif /* CONFIG_USER_ONLY */
@ -925,18 +955,16 @@ static void tb_phys_invalidate__locked(TranslationBlock *tb)
void tb_phys_invalidate(TranslationBlock *tb, tb_page_addr_t page_addr)
{
if (page_addr == -1 && tb_page_addr0(tb) != -1) {
page_lock_tb(tb);
tb_lock_pages(tb);
do_tb_phys_invalidate(tb, true);
page_unlock_tb(tb);
tb_unlock_pages(tb);
} else {
do_tb_phys_invalidate(tb, false);
}
}
/*
* Add a new TB and link it to the physical page tables. phys_page2 is
* (-1) to indicate that only one page contains the TB.
*
* Add a new TB and link it to the physical page tables.
* Called with mmap_lock held for user-mode emulation.
*
* Returns a pointer @tb, or a pointer to an existing TB that matches @tb.
@ -944,43 +972,29 @@ void tb_phys_invalidate(TranslationBlock *tb, tb_page_addr_t page_addr)
* for the same block of guest code that @tb corresponds to. In that case,
* the caller should discard the original @tb, and use instead the returned TB.
*/
TranslationBlock *tb_link_page(TranslationBlock *tb, tb_page_addr_t phys_pc,
tb_page_addr_t phys_page2)
TranslationBlock *tb_link_page(TranslationBlock *tb)
{
PageDesc *p;
PageDesc *p2 = NULL;
void *existing_tb = NULL;
uint32_t h;
assert_memory_lock();
tcg_debug_assert(!(tb->cflags & CF_INVALID));
/*
* Add the TB to the page list, acquiring first the pages's locks.
* We keep the locks held until after inserting the TB in the hash table,
* so that if the insertion fails we know for sure that the TBs are still
* in the page descriptors.
* Note that inserting into the hash table first isn't an option, since
* we can only insert TBs that are fully initialized.
*/
page_lock_pair(&p, phys_pc, &p2, phys_page2, true);
tb_record(tb, p, p2);
tb_record(tb);
/* add in the hash table */
h = tb_hash_func(phys_pc, (tb->cflags & CF_PCREL ? 0 : tb->pc),
h = tb_hash_func(tb_page_addr0(tb), (tb->cflags & CF_PCREL ? 0 : tb->pc),
tb->flags, tb->cs_base, tb->cflags);
qht_insert(&tb_ctx.htable, tb, h, &existing_tb);
/* remove TB from the page(s) if we couldn't insert it */
if (unlikely(existing_tb)) {
tb_remove(tb);
tb = existing_tb;
tb_unlock_pages(tb);
return existing_tb;
}
if (p2 && p2 != p) {
page_unlock(p2);
}
page_unlock(p);
tb_unlock_pages(tb);
return tb;
}

2
accel/tcg/tcg-runtime.h
View File

@ -58,7 +58,7 @@ DEF_HELPER_FLAGS_5(atomic_cmpxchgq_be, TCG_CALL_NO_WG,
DEF_HELPER_FLAGS_5(atomic_cmpxchgq_le, TCG_CALL_NO_WG,
i64, env, i64, i64, i64, i32)
#endif
#ifdef CONFIG_CMPXCHG128
#if HAVE_CMPXCHG128
DEF_HELPER_FLAGS_5(atomic_cmpxchgo_be, TCG_CALL_NO_WG,
i128, env, i64, i128, i128, i32)
DEF_HELPER_FLAGS_5(atomic_cmpxchgo_le, TCG_CALL_NO_WG,

43
accel/tcg/translate-all.c
View File

@ -290,7 +290,7 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
{
CPUArchState *env = cpu->env_ptr;
TranslationBlock *tb, *existing_tb;
tb_page_addr_t phys_pc;
tb_page_addr_t phys_pc, phys_p2;
tcg_insn_unit *gen_code_buf;
int gen_code_size, search_size, max_insns;
int64_t ti;
@ -313,6 +313,7 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
QEMU_BUILD_BUG_ON(CF_COUNT_MASK + 1 != TCG_MAX_INSNS);
buffer_overflow:
assert_no_pages_locked();
tb = tcg_tb_alloc(tcg_ctx);
if (unlikely(!tb)) {
/* flush must be done */
@ -333,6 +334,10 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
tb->cflags = cflags;
tb_set_page_addr0(tb, phys_pc);
tb_set_page_addr1(tb, -1);
if (phys_pc != -1) {
tb_lock_page0(phys_pc);
}
tcg_ctx->gen_tb = tb;
tcg_ctx->addr_type = TARGET_LONG_BITS == 32 ? TCG_TYPE_I32 : TCG_TYPE_I64;
#ifdef CONFIG_SOFTMMU
@ -349,8 +354,7 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
tcg_ctx->guest_mo = TCG_MO_ALL;
#endif
tb_overflow:
restart_translate:
trace_translate_block(tb, pc, tb->tc.ptr);
gen_code_size = setjmp_gen_code(env, tb, pc, host_pc, &max_insns, &ti);
@ -369,6 +373,7 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
qemu_log_mask(CPU_LOG_TB_OP | CPU_LOG_TB_OP_OPT,
"Restarting code generation for "
"code_gen_buffer overflow\n");
tb_unlock_pages(tb);
goto buffer_overflow;
case -2:
@ -387,14 +392,39 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
"Restarting code generation with "
"smaller translation block (max %d insns)\n",
max_insns);
goto tb_overflow;
/*
* The half-sized TB may not cross pages.
* TODO: Fix all targets that cross pages except with
* the first insn, at which point this can't be reached.
*/
phys_p2 = tb_page_addr1(tb);
if (unlikely(phys_p2 != -1)) {
tb_unlock_page1(phys_pc, phys_p2);
tb_set_page_addr1(tb, -1);
}
goto restart_translate;
case -3:
/*
* We had a page lock ordering problem. In order to avoid
* deadlock we had to drop the lock on page0, which means
* that everything we translated so far is compromised.
* Restart with locks held on both pages.
*/
qemu_log_mask(CPU_LOG_TB_OP | CPU_LOG_TB_OP_OPT,
"Restarting code generation with re-locked pages");
goto restart_translate;
default:
g_assert_not_reached();
}
}
tcg_ctx->gen_tb = NULL;
search_size = encode_search(tb, (void *)gen_code_buf + gen_code_size);
if (unlikely(search_size < 0)) {
tb_unlock_pages(tb);
goto buffer_overflow;
}
tb->tc.size = gen_code_size;
@ -504,6 +534,7 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
* before attempting to link to other TBs or add to the lookup table.
*/
if (tb_page_addr0(tb) == -1) {
assert_no_pages_locked();
return tb;
}
@ -518,7 +549,9 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
* No explicit memory barrier is required -- tb_link_page() makes the
* TB visible in a consistent state.
*/
existing_tb = tb_link_page(tb, tb_page_addr0(tb), tb_page_addr1(tb));
existing_tb = tb_link_page(tb);
assert_no_pages_locked();
/* if the TB already exists, discard what we just translated */
if (unlikely(existing_tb != tb)) {
uintptr_t orig_aligned = (uintptr_t)gen_code_buf;

34
accel/tcg/translator.c
View File

@ -12,9 +12,9 @@
#include "qemu/error-report.h"
#include "exec/exec-all.h"
#include "exec/translator.h"
#include "exec/translate-all.h"
#include "exec/plugin-gen.h"
#include "tcg/tcg-op-common.h"
#include "internal.h"
static void gen_io_start(void)
{
@ -147,10 +147,6 @@ void translator_loop(CPUState *cpu, TranslationBlock *tb, int *max_insns,
db->host_addr[0] = host_pc;
db->host_addr[1] = NULL;
#ifdef CONFIG_USER_ONLY
page_protect(pc);
#endif
ops->init_disas_context(db, cpu);
tcg_debug_assert(db->is_jmp == DISAS_NEXT); /* no early exit */
@ -256,22 +252,36 @@ static void *translator_access(CPUArchState *env, DisasContextBase *db,
host = db->host_addr[1];
base = TARGET_PAGE_ALIGN(db->pc_first);
if (host == NULL) {
tb_page_addr_t phys_page =
get_page_addr_code_hostp(env, base, &db->host_addr[1]);
tb_page_addr_t page0, old_page1, new_page1;
new_page1 = get_page_addr_code_hostp(env, base, &db->host_addr[1]);
/*
* If the second page is MMIO, treat as if the first page
* was MMIO as well, so that we do not cache the TB.
*/
if (unlikely(phys_page == -1)) {
if (unlikely(new_page1 == -1)) {
tb_unlock_pages(tb);
tb_set_page_addr0(tb, -1);
return NULL;
}
tb_set_page_addr1(tb, phys_page);
#ifdef CONFIG_USER_ONLY
page_protect(end);
#endif
/*
* If this is not the first time around, and page1 matches,
* then we already have the page locked. Alternately, we're
* not doing anything to prevent the PTE from changing, so
* we might wind up with a different page, requiring us to
* re-do the locking.
*/
old_page1 = tb_page_addr1(tb);
if (likely(new_page1 != old_page1)) {
page0 = tb_page_addr0(tb);
if (unlikely(old_page1 != -1)) {
tb_unlock_page1(page0, old_page1);
}
tb_set_page_addr1(tb, new_page1);
tb_lock_page1(page0, new_page1);
}
host = db->host_addr[1];
}

74
accel/tcg/user-exec.c
View File

@ -520,19 +520,19 @@ void page_set_flags(target_ulong start, target_ulong last, int flags)
}
}
int page_check_range(target_ulong start, target_ulong len, int flags)
bool page_check_range(target_ulong start, target_ulong len, int flags)
{
target_ulong last;
int locked; /* tri-state: =0: unlocked, +1: global, -1: local */
int ret;
bool ret;
if (len == 0) {
return 0; /* trivial length */
return true; /* trivial length */
}
last = start + len - 1;
if (last < start) {
return -1; /* wrap around */
return false; /* wrap around */
}
locked = have_mmap_lock();
@ -551,33 +551,33 @@ int page_check_range(target_ulong start, target_ulong len, int flags)
p = pageflags_find(start, last);
}
if (!p) {
ret = -1; /* entire region invalid */
ret = false; /* entire region invalid */
break;
}
}
if (start < p->itree.start) {
ret = -1; /* initial bytes invalid */
ret = false; /* initial bytes invalid */
break;
}
missing = flags & ~p->flags;
if (missing & PAGE_READ) {
ret = -1; /* page not readable */
if (missing & ~PAGE_WRITE) {
ret = false; /* page doesn't match */
break;
}
if (missing & PAGE_WRITE) {
if (!(p->flags & PAGE_WRITE_ORG)) {
ret = -1; /* page not writable */
ret = false; /* page not writable */
break;
}
/* Asking about writable, but has been protected: undo. */
if (!page_unprotect(start, 0)) {
ret = -1;
ret = false;
break;
}
/* TODO: page_unprotect should take a range, not a single page. */
if (last - start < TARGET_PAGE_SIZE) {
ret = 0; /* ok */
ret = true; /* ok */
break;
}
start += TARGET_PAGE_SIZE;
@ -585,7 +585,7 @@ int page_check_range(target_ulong start, target_ulong len, int flags)
}
if (last <= p->itree.last) {
ret = 0; /* ok */
ret = true; /* ok */
break;
}
start = p->itree.last + 1;
@ -598,6 +598,54 @@ int page_check_range(target_ulong start, target_ulong len, int flags)
return ret;
}
bool page_check_range_empty(target_ulong start, target_ulong last)
{
assert(last >= start);
assert_memory_lock();
return pageflags_find(start, last) == NULL;
}
target_ulong page_find_range_empty(target_ulong min, target_ulong max,
target_ulong len, target_ulong align)
{
target_ulong len_m1, align_m1;
assert(min <= max);
assert(max <= GUEST_ADDR_MAX);
assert(len != 0);
assert(is_power_of_2(align));
assert_memory_lock();
len_m1 = len - 1;
align_m1 = align - 1;
/* Iteratively narrow the search region. */
while (1) {
PageFlagsNode *p;
/* Align min and double-check there's enough space remaining. */
min = (min + align_m1) & ~align_m1;
if (min > max) {
return -1;
}
if (len_m1 > max - min) {
return -1;
}
p = pageflags_find(min, min + len_m1);
if (p == NULL) {
/* Found! */
return min;
}
if (max <= p->itree.last) {
/* Existing allocation fills the remainder of the search region. */
return -1;
}
/* Skip across existing allocation. */
min = p->itree.last + 1;
}
}
void page_protect(tb_page_addr_t address)
{
PageFlagsNode *p;
@ -1385,7 +1433,7 @@ static void *atomic_mmu_lookup(CPUArchState *env, vaddr addr, MemOpIdx oi,
#include "atomic_template.h"
#endif
#if defined(CONFIG_ATOMIC128) || defined(CONFIG_CMPXCHG128)
#if defined(CONFIG_ATOMIC128) || HAVE_CMPXCHG128
#define DATA_SIZE 16
#include "atomic_template.h"
#endif

50
bsd-user/mmap.c
View File

@ -222,50 +222,16 @@ unsigned long last_brk;
static abi_ulong mmap_find_vma_reserved(abi_ulong start, abi_ulong size,
abi_ulong alignment)
{
abi_ulong addr;
abi_ulong end_addr;
int prot;
int looped = 0;
abi_ulong ret;
if (size > reserved_va) {
return (abi_ulong)-1;
ret = page_find_range_empty(start, reserved_va, size, alignment);
if (ret == -1 && start > TARGET_PAGE_SIZE) {
/* Restart at the beginning of the address space. */
ret = page_find_range_empty(TARGET_PAGE_SIZE, start - 1,
size, alignment);
}
size = HOST_PAGE_ALIGN(size) + alignment;
end_addr = start + size;
if (end_addr > reserved_va) {
end_addr = reserved_va + 1;
}
addr = end_addr - qemu_host_page_size;
while (1) {
if (addr > end_addr) {
if (looped) {
return (abi_ulong)-1;
}
end_addr = reserved_va + 1;
addr = end_addr - qemu_host_page_size;
looped = 1;
continue;
}
prot = page_get_flags(addr);
if (prot) {
end_addr = addr;
}
if (end_addr - addr >= size) {
break;
}
addr -= qemu_host_page_size;
}
if (start == mmap_next_start) {
mmap_next_start = addr;
}
/* addr is sufficiently low to align it up */
if (alignment != 0) {
addr = (addr + alignment) & ~(alignment - 1);
}
return addr;
return ret;
}
/*
@ -609,7 +575,7 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
}
/* Reject the mapping if any page within the range is mapped */
if ((flags & MAP_EXCL) && page_check_range(start, len, 0) < 0) {
if ((flags & MAP_EXCL) && !page_check_range_empty(start, end - 1)) {
errno = EINVAL;
goto fail;
}

2
bsd-user/qemu.h
View File

@ -267,7 +267,7 @@ abi_long do_freebsd_sysarch(void *cpu_env, abi_long arg1, abi_long arg2);
static inline bool access_ok(int type, abi_ulong addr, abi_ulong size)
{
return page_check_range((target_ulong)addr, size, type) == 0;
return page_check_range((target_ulong)addr, size, type);
}
/*

40
include/exec/cpu-all.h
View File

@ -222,7 +222,45 @@ int walk_memory_regions(void *, walk_memory_regions_fn);
int page_get_flags(target_ulong address);
void page_set_flags(target_ulong start, target_ulong last, int flags);
void page_reset_target_data(target_ulong start, target_ulong last);
int page_check_range(target_ulong start, target_ulong len, int flags);
/**
* page_check_range
* @start: first byte of range
* @len: length of range
* @flags: flags required for each page
*
* Return true if every page in [@start, @start+@len) has @flags set.
* Return false if any page is unmapped. Thus testing flags == 0 is
* equivalent to testing for flags == PAGE_VALID.
*/
bool page_check_range(target_ulong start, target_ulong last, int flags);
/**
* page_check_range_empty:
* @start: first byte of range
* @last: last byte of range
* Context: holding mmap lock
*
* Return true if the entire range [@start, @last] is unmapped.
* The memory lock must be held so that the caller will can ensure
* the result stays true until a new mapping can be installed.
*/
bool page_check_range_empty(target_ulong start, target_ulong last);
/**
* page_find_range_empty
* @min: first byte of search range
* @max: last byte of search range
* @len: size of the hole required
* @align: alignment of the hole required (power of 2)
*
* If there is a range [x, x+@len) within [@min, @max] such that
* x % @align == 0, then return x. Otherwise return -1.
* The memory lock must be held, as the caller will want to ensure
* the returned range stays empty until a new mapping can be installed.
*/
target_ulong page_find_range_empty(target_ulong min, target_ulong max,
target_ulong len, target_ulong align);
/**
* page_get_target_data(address)

2
include/exec/helper-proto-common.h
View File

@ -7,6 +7,8 @@
#ifndef HELPER_PROTO_COMMON_H
#define HELPER_PROTO_COMMON_H
#include "qemu/atomic128.h" /* for HAVE_CMPXCHG128 */
#define HELPER_H "accel/tcg/tcg-runtime.h"
#include "exec/helper-proto.h.inc"
#undef HELPER_H

5
include/exec/user/abitypes.h
View File

@ -15,7 +15,10 @@
#define ABI_LLONG_ALIGNMENT 2
#endif
#if (defined(TARGET_I386) && !defined(TARGET_X86_64)) || defined(TARGET_SH4)
#if (defined(TARGET_I386) && !defined(TARGET_X86_64)) \
|| defined(TARGET_SH4) \
|| defined(TARGET_MICROBLAZE) \
|| defined(TARGET_NIOS2)
#define ABI_LLONG_ALIGNMENT 4
#endif

8
linux-user/aarch64/target_mman.h
View File

@ -1 +1,9 @@
#ifndef AARCH64_TARGET_MMAN_H
#define AARCH64_TARGET_MMAN_H
#define TARGET_PROT_BTI 0x10
#define TARGET_PROT_MTE 0x20
#include "../generic/target_mman.h"
#endif

13
linux-user/alpha/target_mman.h
View File

@ -1,6 +1,19 @@
#ifndef ALPHA_TARGET_MMAN_H
#define ALPHA_TARGET_MMAN_H
#define TARGET_MAP_ANONYMOUS 0x10
#define TARGET_MAP_FIXED 0x100
#define TARGET_MAP_GROWSDOWN 0x01000
#define TARGET_MAP_DENYWRITE 0x02000
#define TARGET_MAP_EXECUTABLE 0x04000
#define TARGET_MAP_LOCKED 0x08000
#define TARGET_MAP_NORESERVE 0x10000
#define TARGET_MAP_POPULATE 0x20000
#define TARGET_MAP_NONBLOCK 0x40000
#define TARGET_MAP_STACK 0x80000
#define TARGET_MAP_HUGETLB 0x100000
#define TARGET_MAP_FIXED_NOREPLACE 0x200000
#define TARGET_MADV_DONTNEED 6
#define TARGET_MS_ASYNC 1

19
linux-user/elfload.c
View File

@ -424,9 +424,22 @@ enum {
static bool init_guest_commpage(void)
{
abi_ptr commpage = HI_COMMPAGE & -qemu_host_page_size;
void *want = g2h_untagged(commpage);
void *addr = mmap(want, qemu_host_page_size, PROT_READ | PROT_WRITE,
ARMCPU *cpu = ARM_CPU(thread_cpu);
abi_ptr commpage;
void *want;
void *addr;
/*
* M-profile allocates maximum of 2GB address space, so can never
* allocate the commpage. Skip it.
*/
if (arm_feature(&cpu->env, ARM_FEATURE_M)) {
return true;
}
commpage = HI_COMMPAGE & -qemu_host_page_size;
want = g2h_untagged(commpage);
addr = mmap(want, qemu_host_page_size, PROT_READ | PROT_WRITE,
MAP_ANONYMOUS | MAP_PRIVATE | MAP_FIXED, -1, 0);
if (addr == MAP_FAILED) {

58
linux-user/generic/target_mman.h
View File

@ -1,6 +1,64 @@
#ifndef LINUX_USER_TARGET_MMAN_H
#define LINUX_USER_TARGET_MMAN_H
/* These are defined in linux/mmap.h */
#define TARGET_MAP_SHARED 0x01
#define TARGET_MAP_PRIVATE 0x02
#define TARGET_MAP_SHARED_VALIDATE 0x03
/* 0x0100 - 0x4000 flags are defined in asm-generic/mman.h */
#ifndef TARGET_MAP_GROWSDOWN
#define TARGET_MAP_GROWSDOWN 0x0100
#endif
#ifndef TARGET_MAP_DENYWRITE
#define TARGET_MAP_DENYWRITE 0x0800
#endif
#ifndef TARGET_MAP_EXECUTABLE
#define TARGET_MAP_EXECUTABLE 0x1000
#endif
#ifndef TARGET_MAP_LOCKED
#define TARGET_MAP_LOCKED 0x2000
#endif
#ifndef TARGET_MAP_NORESERVE
#define TARGET_MAP_NORESERVE 0x4000
#endif
/* Defined in asm-generic/mman-common.h */
#ifndef TARGET_PROT_SEM
#define TARGET_PROT_SEM 0x08
#endif
#ifndef TARGET_MAP_TYPE
#define TARGET_MAP_TYPE 0x0f
#endif
#ifndef TARGET_MAP_FIXED
#define TARGET_MAP_FIXED 0x10
#endif
#ifndef TARGET_MAP_ANONYMOUS
#define TARGET_MAP_ANONYMOUS 0x20
#endif
#ifndef TARGET_MAP_POPULATE
#define TARGET_MAP_POPULATE 0x008000
#endif
#ifndef TARGET_MAP_NONBLOCK
#define TARGET_MAP_NONBLOCK 0x010000
#endif
#ifndef TARGET_MAP_STACK
#define TARGET_MAP_STACK 0x020000
#endif
#ifndef TARGET_MAP_HUGETLB
#define TARGET_MAP_HUGETLB 0x040000
#endif
#ifndef TARGET_MAP_SYNC
#define TARGET_MAP_SYNC 0x080000
#endif
#ifndef TARGET_MAP_FIXED_NOREPLACE
#define TARGET_MAP_FIXED_NOREPLACE 0x100000
#endif
#ifndef TARGET_MAP_UNINITIALIZED
#define TARGET_MAP_UNINITIALIZED 0x4000000
#endif
#ifndef TARGET_MADV_NORMAL
#define TARGET_MADV_NORMAL 0
#endif

10
linux-user/hppa/target_mman.h
View File

@ -1,6 +1,16 @@
#ifndef HPPA_TARGET_MMAN_H
#define HPPA_TARGET_MMAN_H
#define TARGET_MAP_TYPE 0x2b
#define TARGET_MAP_FIXED 0x04
#define TARGET_MAP_ANONYMOUS 0x10
#define TARGET_MAP_GROWSDOWN 0x8000
#define TARGET_MAP_POPULATE 0x10000
#define TARGET_MAP_NONBLOCK 0x20000
#define TARGET_MAP_STACK 0x40000
#define TARGET_MAP_HUGETLB 0x80000
#define TARGET_MAP_UNINITIALIZED 0
#define TARGET_MADV_MERGEABLE 65
#define TARGET_MADV_UNMERGEABLE 66
#define TARGET_MADV_HUGEPAGE 67

18
linux-user/mips/target_mman.h
View File

@ -1 +1,19 @@
#ifndef MIPS_TARGET_MMAN_H
#define MIPS_TARGET_MMAN_H
#define TARGET_PROT_SEM 0x10
#define TARGET_MAP_NORESERVE 0x0400
#define TARGET_MAP_ANONYMOUS 0x0800
#define TARGET_MAP_GROWSDOWN 0x1000
#define TARGET_MAP_DENYWRITE 0x2000
#define TARGET_MAP_EXECUTABLE 0x4000
#define TARGET_MAP_LOCKED 0x8000
#define TARGET_MAP_POPULATE 0x10000
#define TARGET_MAP_NONBLOCK 0x20000
#define TARGET_MAP_STACK 0x40000
#define TARGET_MAP_HUGETLB 0x80000
#include "../generic/target_mman.h"
#endif

2
linux-user/mips64/target_mman.h
View File

@ -1 +1 @@
#include "../generic/target_mman.h"
#include "../mips/target_mman.h"

682
linux-user/mmap.c
View File

@ -56,11 +56,12 @@ void mmap_fork_start(void)
void mmap_fork_end(int child)
{
if (child)
if (child) {
pthread_mutex_init(&mmap_mutex, NULL);
else
} else {
pthread_mutex_unlock(&mmap_mutex);
}
}
/*
* Validate target prot bitmask.
@ -68,24 +69,11 @@ void mmap_fork_end(int child)
* Return 0 if the target prot bitmask is invalid, otherwise
* the internal qemu page_flags (which will include PAGE_VALID).
*/
static int validate_prot_to_pageflags(int *host_prot, int prot)
static int validate_prot_to_pageflags(int prot)
{
int valid = PROT_READ | PROT_WRITE | PROT_EXEC | TARGET_PROT_SEM;
int page_flags = (prot & PAGE_BITS) | PAGE_VALID;
/*
* For the host, we need not pass anything except read/write/exec.
* While PROT_SEM is allowed by all hosts, it is also ignored, so
* don't bother transforming guest bit to host bit. Any other
* target-specific prot bits will not be understood by the host
* and will need to be encoded into page_flags for qemu emulation.
*
* Pages that are executable by the guest will never be executed
* by the host, but the host will need to be able to read them.
*/
*host_prot = (prot & (PROT_READ | PROT_WRITE))
| (prot & PROT_EXEC ? PROT_READ : 0);
#ifdef TARGET_AARCH64
{
ARMCPU *cpu = ARM_CPU(thread_cpu);
@ -113,75 +101,119 @@ static int validate_prot_to_pageflags(int *host_prot, int prot)
return prot & ~valid ? 0 : page_flags;
}
/*
* For the host, we need not pass anything except read/write/exec.
* While PROT_SEM is allowed by all hosts, it is also ignored, so
* don't bother transforming guest bit to host bit. Any other
* target-specific prot bits will not be understood by the host
* and will need to be encoded into page_flags for qemu emulation.
*
* Pages that are executable by the guest will never be executed
* by the host, but the host will need to be able to read them.
*/
static int target_to_host_prot(int prot)
{
return (prot & (PROT_READ | PROT_WRITE)) |
(prot & PROT_EXEC ? PROT_READ : 0);
}
/* NOTE: all the constants are the HOST ones, but addresses are target. */
int target_mprotect(abi_ulong start, abi_ulong len, int target_prot)
{
abi_ulong end, host_start, host_end, addr;
int prot1, ret, page_flags, host_prot;
abi_ulong starts[3];
abi_ulong lens[3];
int prots[3];
abi_ulong host_start, host_last, last;
int prot1, ret, page_flags, nranges;
trace_target_mprotect(start, len, target_prot);
if ((start & ~TARGET_PAGE_MASK) != 0) {
return -TARGET_EINVAL;
}
page_flags = validate_prot_to_pageflags(&host_prot, target_prot);
page_flags = validate_prot_to_pageflags(target_prot);
if (!page_flags) {
return -TARGET_EINVAL;
}
len = TARGET_PAGE_ALIGN(len);
end = start + len;
if (!guest_range_valid_untagged(start, len)) {
return -TARGET_ENOMEM;
}
if (len == 0) {
return 0;
}
len = TARGET_PAGE_ALIGN(len);
if (!guest_range_valid_untagged(start, len)) {
return -TARGET_ENOMEM;
}
last = start + len - 1;
host_start = start & qemu_host_page_mask;
host_last = HOST_PAGE_ALIGN(last) - 1;
nranges = 0;
mmap_lock();
host_start = start & qemu_host_page_mask;
host_end = HOST_PAGE_ALIGN(end);
if (start > host_start) {
/* handle host page containing start */
prot1 = host_prot;
for (addr = host_start; addr < start; addr += TARGET_PAGE_SIZE) {
prot1 |= page_get_flags(addr);
if (host_last - host_start < qemu_host_page_size) {
/* Single host page contains all guest pages: sum the prot. */
prot1 = target_prot;
for (abi_ulong a = host_start; a < start; a += TARGET_PAGE_SIZE) {
prot1 |= page_get_flags(a);
}
if (host_end == host_start + qemu_host_page_size) {
for (addr = end; addr < host_end; addr += TARGET_PAGE_SIZE) {
prot1 |= page_get_flags(addr);
for (abi_ulong a = last; a < host_last; a += TARGET_PAGE_SIZE) {
prot1 |= page_get_flags(a + 1);
}
end = host_end;
}
ret = mprotect(g2h_untagged(host_start), qemu_host_page_size,
prot1 & PAGE_BITS);
if (ret != 0) {
goto error;
starts[nranges] = host_start;
lens[nranges] = qemu_host_page_size;
prots[nranges] = prot1;
nranges++;
} else {
if (host_start < start) {
/* Host page contains more than one guest page: sum the prot. */
prot1 = target_prot;
for (abi_ulong a = host_start; a < start; a += TARGET_PAGE_SIZE) {
prot1 |= page_get_flags(a);
}
/* If the resulting sum differs, create a new range. */
if (prot1 != target_prot) {
starts[nranges] = host_start;
lens[nranges] = qemu_host_page_size;
prots[nranges] = prot1;
nranges++;
host_start += qemu_host_page_size;
}
if (end < host_end) {
prot1 = host_prot;
for (addr = end; addr < host_end; addr += TARGET_PAGE_SIZE) {
prot1 |= page_get_flags(addr);
}
ret = mprotect(g2h_untagged(host_end - qemu_host_page_size),
qemu_host_page_size, prot1 & PAGE_BITS);
if (ret != 0) {
goto error;
}
host_end -= qemu_host_page_size;
}
/* handle the pages in the middle */
if (host_start < host_end) {
ret = mprotect(g2h_untagged(host_start),
host_end - host_start, host_prot);
if (last < host_last) {
/* Host page contains more than one guest page: sum the prot. */
prot1 = target_prot;
for (abi_ulong a = last; a < host_last; a += TARGET_PAGE_SIZE) {
prot1 |= page_get_flags(a + 1);
}
/* If the resulting sum differs, create a new range. */
if (prot1 != target_prot) {
host_last -= qemu_host_page_size;
starts[nranges] = host_last + 1;
lens[nranges] = qemu_host_page_size;
prots[nranges] = prot1;
nranges++;
}
}
/* Create a range for the middle, if any remains. */
if (host_start < host_last) {
starts[nranges] = host_start;
lens[nranges] = host_last - host_start + 1;
prots[nranges] = target_prot;
nranges++;
}
}
for (int i = 0; i < nranges; ++i) {
ret = mprotect(g2h_untagged(starts[i]), lens[i],
target_to_host_prot(prots[i]));
if (ret != 0) {
goto error;
}
}
page_set_flags(start, start + len - 1, page_flags);
page_set_flags(start, last, page_flags);
ret = 0;
error:
@ -190,62 +222,76 @@ error:
}
/* map an incomplete host page */
static int mmap_frag(abi_ulong real_start,
abi_ulong start, abi_ulong end,
int prot, int flags, int fd, abi_ulong offset)
static bool mmap_frag(abi_ulong real_start, abi_ulong start, abi_ulong last,
int prot, int flags, int fd, off_t offset)
{
abi_ulong real_end, addr;
abi_ulong real_last;
void *host_start;
int prot1, prot_new;
int prot_old, prot_new;
int host_prot_old, host_prot_new;
real_end = real_start + qemu_host_page_size;
if (!(flags & MAP_ANONYMOUS)
&& (flags & MAP_TYPE) == MAP_SHARED
&& (prot & PROT_WRITE)) {
/*
* msync() won't work with the partial page, so we return an
* error if write is possible while it is a shared mapping.
*/
errno = EINVAL;
return false;
}
real_last = real_start + qemu_host_page_size - 1;
host_start = g2h_untagged(real_start);
/* get the protection of the target pages outside the mapping */
prot1 = 0;
for(addr = real_start; addr < real_end; addr++) {
if (addr < start || addr >= end)
prot1 |= page_get_flags(addr);
/* Get the protection of the target pages outside the mapping. */
prot_old = 0;
for (abi_ulong a = real_start; a < start; a += TARGET_PAGE_SIZE) {
prot_old |= page_get_flags(a);
}
for (abi_ulong a = real_last; a > last; a -= TARGET_PAGE_SIZE) {
prot_old |= page_get_flags(a);
}
if (prot1 == 0) {
/* no page was there, so we allocate one */
void *p = mmap(host_start, qemu_host_page_size, prot,
if (prot_old == 0) {
/*
* Since !(prot_old & PAGE_VALID), there were no guest pages
* outside of the fragment we need to map. Allocate a new host
* page to cover, discarding whatever else may have been present.
*/
void *p = mmap(host_start, qemu_host_page_size,
target_to_host_prot(prot),
flags | MAP_ANONYMOUS, -1, 0);
if (p == MAP_FAILED)
return -1;
prot1 = prot;
if (p == MAP_FAILED) {
return false;
}
prot1 &= PAGE_BITS;
prot_old = prot;
}
prot_new = prot | prot_old;
prot_new = prot | prot1;
if (!(flags & MAP_ANONYMOUS)) {
/* msync() won't work here, so we return an error if write is
possible while it is a shared mapping */
if ((flags & MAP_TYPE) == MAP_SHARED &&
(prot & PROT_WRITE))
return -1;
host_prot_old = target_to_host_prot(prot_old);
host_prot_new = target_to_host_prot(prot_new);
/* adjust protection to be able to read */
if (!(prot1 & PROT_WRITE))
mprotect(host_start, qemu_host_page_size, prot1 | PROT_WRITE);
/* Adjust protection to be able to write. */
if (!(host_prot_old & PROT_WRITE)) {
host_prot_old |= PROT_WRITE;
mprotect(host_start, qemu_host_page_size, host_prot_old);
}
/* read the corresponding file data */
if (pread(fd, g2h_untagged(start), end - start, offset) == -1)
return -1;
/* put final protection */
if (prot_new != (prot1 | PROT_WRITE))
mprotect(host_start, qemu_host_page_size, prot_new);
/* Read or zero the new guest pages. */
if (flags & MAP_ANONYMOUS) {
memset(g2h_untagged(start), 0, last - start + 1);
} else {
if (prot_new != prot1) {
mprotect(host_start, qemu_host_page_size, prot_new);
}
if (prot_new & PROT_WRITE) {
memset(g2h_untagged(start), 0, end - start);
if (pread(fd, g2h_untagged(start), last - start + 1, offset) == -1) {
return false;
}
}
return 0;
/* Put final protection */
if (host_prot_new != host_prot_old) {
mprotect(host_start, qemu_host_page_size, host_prot_new);
}
return true;
}
#if HOST_LONG_BITS == 64 && TARGET_ABI_BITS == 64
@ -265,60 +311,22 @@ abi_ulong mmap_next_start = TASK_UNMAPPED_BASE;
unsigned long last_brk;
/* Subroutine of mmap_find_vma, used when we have pre-allocated a chunk
of guest address space. */
/*
* Subroutine of mmap_find_vma, used when we have pre-allocated
* a chunk of guest address space.
*/
static abi_ulong mmap_find_vma_reserved(abi_ulong start, abi_ulong size,
abi_ulong align)
{
abi_ulong addr, end_addr, incr = qemu_host_page_size;
int prot;
bool looped = false;
target_ulong ret;
if (size > reserved_va) {
return (abi_ulong)-1;
ret = page_find_range_empty(start, reserved_va, size, align);
if (ret == -1 && start > mmap_min_addr) {
/* Restart at the beginning of the address space. */
ret = page_find_range_empty(mmap_min_addr, start - 1, size, align);
}
/* Note that start and size have already been aligned by mmap_find_vma. */
end_addr = start + size;
/*
* Start at the top of the address space, ignoring the last page.
* If reserved_va == UINT32_MAX, then end_addr wraps to 0,
* throwing the rest of the calculations off.
* TODO: rewrite using last_addr instead.
* TODO: use the interval tree instead of probing every page.
*/
if (start > reserved_va - size) {
end_addr = ((reserved_va - size) & -align) + size;
looped = true;
}
/* Search downward from END_ADDR, checking to see if a page is in use. */
addr = end_addr;
while (1) {
addr -= incr;
if (addr > end_addr) {
if (looped) {
/* Failure. The entire address space has been searched. */
return (abi_ulong)-1;
}
/* Re-start at the top of the address space (see above). */
addr = end_addr = ((reserved_va - size) & -align) + size;
looped = true;
} else {
prot = page_get_flags(addr);
if (prot) {
/* Page in use. Restart below this page. */
addr = end_addr = ((addr - size) & -align) + size;
} else if (addr && addr + size == end_addr) {
/* Success! All pages between ADDR and END_ADDR are free. */
if (start == mmap_next_start) {
mmap_next_start = addr;
}
return addr;
}
}
}
return ret;
}
/*
@ -369,8 +377,10 @@ abi_ulong mmap_find_vma(abi_ulong start, abi_ulong size, abi_ulong align)
return (abi_ulong)-1;
}
/* Count the number of sequential returns of the same address.
This is used to modify the search algorithm below. */
/*
* Count the number of sequential returns of the same address.
* This is used to modify the search algorithm below.
*/
repeat = (ptr == prev ? repeat + 1 : 0);
if (h2g_valid(ptr + size - 1)) {
@ -387,14 +397,18 @@ abi_ulong mmap_find_vma(abi_ulong start, abi_ulong size, abi_ulong align)
/* The address is not properly aligned for the target. */
switch (repeat) {
case 0:
/* Assume the result that the kernel gave us is the
first with enough free space, so start again at the
next higher target page. */
/*
* Assume the result that the kernel gave us is the
* first with enough free space, so start again at the
* next higher target page.
*/
addr = ROUND_UP(addr, align);
break;
case 1:
/* Sometimes the kernel decides to perform the allocation
at the top end of memory instead. */
/*
* Sometimes the kernel decides to perform the allocation
* at the top end of memory instead.
*/
addr &= -align;
break;
case 2:
@ -407,8 +421,10 @@ abi_ulong mmap_find_vma(abi_ulong start, abi_ulong size, abi_ulong align)
break;
}
} else {
/* Since the result the kernel gave didn't fit, start
again at low memory. If any repetition, fail. */
/*
* Since the result the kernel gave didn't fit, start
* again at low memory. If any repetition, fail.
*/
addr = (repeat ? -1 : 0);
}
@ -423,8 +439,10 @@ abi_ulong mmap_find_vma(abi_ulong start, abi_ulong size, abi_ulong align)
return (abi_ulong)-1;
}
wrapped = 1;
/* Don't actually use 0 when wrapping, instead indicate
that we'd truly like an allocation in low memory. */
/*
* Don't actually use 0 when wrapping, instead indicate
* that we'd truly like an allocation in low memory.
*/
addr = (mmap_min_addr > TARGET_PAGE_SIZE
? TARGET_PAGE_ALIGN(mmap_min_addr)
: TARGET_PAGE_SIZE);
@ -436,11 +454,12 @@ abi_ulong mmap_find_vma(abi_ulong start, abi_ulong size, abi_ulong align)
/* NOTE: all the constants are the HOST ones */
abi_long target_mmap(abi_ulong start, abi_ulong len, int target_prot,
int flags, int fd, abi_ulong offset)
int flags, int fd, off_t offset)
{
abi_ulong ret, end, real_start, real_end, retaddr, host_offset, host_len,
passthrough_start = -1, passthrough_end = -1;
int page_flags, host_prot;
abi_ulong ret, last, real_start, real_last, retaddr, host_len;
abi_ulong passthrough_start = -1, passthrough_last = 0;
int page_flags;
off_t host_offset;
mmap_lock();
trace_target_mmap(start, len, target_prot, flags, fd, offset);
@ -450,7 +469,7 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int target_prot,
goto fail;
}
page_flags = validate_prot_to_pageflags(&host_prot, target_prot);
page_flags = validate_prot_to_pageflags(target_prot);
if (!page_flags) {
errno = EINVAL;
goto fail;
@ -485,9 +504,11 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int target_prot,
real_start = start & qemu_host_page_mask;
host_offset = offset & qemu_host_page_mask;
/* If the user is asking for the kernel to find a location, do that
before we truncate the length for mapping files below. */
if (!(flags & MAP_FIXED)) {
/*
* If the user is asking for the kernel to find a location, do that
* before we truncate the length for mapping files below.
*/
if (!(flags & (MAP_FIXED | MAP_FIXED_NOREPLACE))) {
host_len = len + offset - host_offset;
host_len = HOST_PAGE_ALIGN(host_len);
start = mmap_find_vma(real_start, host_len, TARGET_PAGE_SIZE);
@ -497,51 +518,59 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int target_prot,
}
}
/* When mapping files into a memory area larger than the file, accesses
to pages beyond the file size will cause a SIGBUS.
For example, if mmaping a file of 100 bytes on a host with 4K pages
emulating a target with 8K pages, the target expects to be able to
access the first 8K. But the host will trap us on any access beyond
4K.
When emulating a target with a larger page-size than the hosts, we
may need to truncate file maps at EOF and add extra anonymous pages
up to the targets page boundary. */
/*
* When mapping files into a memory area larger than the file, accesses
* to pages beyond the file size will cause a SIGBUS.
*
* For example, if mmaping a file of 100 bytes on a host with 4K pages
* emulating a target with 8K pages, the target expects to be able to
* access the first 8K. But the host will trap us on any access beyond
* 4K.
*
* When emulating a target with a larger page-size than the hosts, we
* may need to truncate file maps at EOF and add extra anonymous pages
* up to the targets page boundary.
*/
if ((qemu_real_host_page_size() < qemu_host_page_size) &&
!(flags & MAP_ANONYMOUS)) {
struct stat sb;
if (fstat (fd, &sb) == -1)
if (fstat(fd, &sb) == -1) {
goto fail;
}
/* Are we trying to create a map beyond EOF?. */
if (offset + len > sb.st_size) {
/* If so, truncate the file map at eof aligned with
the hosts real pagesize. Additional anonymous maps
will be created beyond EOF. */
/*
* If so, truncate the file map at eof aligned with
* the hosts real pagesize. Additional anonymous maps
* will be created beyond EOF.
*/
len = REAL_HOST_PAGE_ALIGN(sb.st_size - offset);
}
}
if (!(flags & MAP_FIXED)) {
unsigned long host_start;
if (!(flags & (MAP_FIXED | MAP_FIXED_NOREPLACE))) {
uintptr_t host_start;
int host_prot;
void *p;
host_len = len + offset - host_offset;
host_len = HOST_PAGE_ALIGN(host_len);
host_prot = target_to_host_prot(target_prot);
/* Note: we prefer to control the mapping address. It is
especially important if qemu_host_page_size >
qemu_real_host_page_size */
/*
* Note: we prefer to control the mapping address. It is
* especially important if qemu_host_page_size >
* qemu_real_host_page_size.
*/
p = mmap(g2h_untagged(start), host_len, host_prot,
flags | MAP_FIXED | MAP_ANONYMOUS, -1, 0);
if (p == MAP_FAILED) {
goto fail;
}
/* update start so that it points to the file position at 'offset' */
host_start = (unsigned long)p;
host_start = (uintptr_t)p;
if (!(flags & MAP_ANONYMOUS)) {
p = mmap(g2h_untagged(start), len, host_prot,
flags | MAP_FIXED, fd, host_offset);
@ -552,45 +581,60 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int target_prot,
host_start += offset - host_offset;
}
start = h2g(host_start);
last = start + len - 1;
passthrough_start = start;
passthrough_end = start + len;
passthrough_last = last;
} else {
if (start & ~TARGET_PAGE_MASK) {
errno = EINVAL;
goto fail;
}
end = start + len;
real_end = HOST_PAGE_ALIGN(end);
last = start + len - 1;
real_last = HOST_PAGE_ALIGN(last) - 1;
/*
* Test if requested memory area fits target address space
* It can fail only on 64-bit host with 32-bit target.
* On any other target/host host mmap() handles this error correctly.
*/
if (end < start || !guest_range_valid_untagged(start, len)) {
if (last < start || !guest_range_valid_untagged(start, len)) {
errno = ENOMEM;
goto fail;
}
/* worst case: we cannot map the file because the offset is not
aligned, so we read it */
/* Validate that the chosen range is empty. */
if ((flags & MAP_FIXED_NOREPLACE)
&& !page_check_range_empty(start, last)) {
errno = EEXIST;
goto fail;
}
/*
* worst case: we cannot map the file because the offset is not
* aligned, so we read it
*/
if (!(flags & MAP_ANONYMOUS) &&
(offset & ~qemu_host_page_mask) != (start & ~qemu_host_page_mask)) {
/* msync() won't work here, so we return an error if write is
possible while it is a shared mapping */
if ((flags & MAP_TYPE) == MAP_SHARED &&
(host_prot & PROT_WRITE)) {
/*
* msync() won't work here, so we return an error if write is
* possible while it is a shared mapping
*/
if ((flags & MAP_TYPE) == MAP_SHARED
&& (target_prot & PROT_WRITE)) {
errno = EINVAL;
goto fail;
}
retaddr = target_mmap(start, len, target_prot | PROT_WRITE,
MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS,
(flags & (MAP_FIXED | MAP_FIXED_NOREPLACE))
| MAP_PRIVATE | MAP_ANONYMOUS,
-1, 0);
if (retaddr == -1)
if (retaddr == -1) {
goto fail;
if (pread(fd, g2h_untagged(start), len, offset) == -1)
}
if (pread(fd, g2h_untagged(start), len, offset) == -1) {
goto fail;
if (!(host_prot & PROT_WRITE)) {
}
if (!(target_prot & PROT_WRITE)) {
ret = target_mprotect(start, len, target_prot);
assert(ret == 0);
}
@ -599,45 +643,49 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int target_prot,
/* handle the start of the mapping */
if (start > real_start) {
if (real_end == real_start + qemu_host_page_size) {
if (real_last == real_start + qemu_host_page_size - 1) {
/* one single host page */
ret = mmap_frag(real_start, start, end,
host_prot, flags, fd, offset);
if (ret == -1)
if (!mmap_frag(real_start, start, last,
target_prot, flags, fd, offset)) {
goto fail;
}
goto the_end1;
}
ret = mmap_frag(real_start, start, real_start + qemu_host_page_size,
host_prot, flags, fd, offset);
if (ret == -1)
if (!mmap_frag(real_start, start,
real_start + qemu_host_page_size - 1,
target_prot, flags, fd, offset)) {
goto fail;
}
real_start += qemu_host_page_size;
}
/* handle the end of the mapping */
if (end < real_end) {
ret = mmap_frag(real_end - qemu_host_page_size,
real_end - qemu_host_page_size, end,
host_prot, flags, fd,
offset + real_end - qemu_host_page_size - start);
if (ret == -1)
if (last < real_last) {
abi_ulong real_page = real_last - qemu_host_page_size + 1;
if (!mmap_frag(real_page, real_page, last,
target_prot, flags, fd,
offset + real_page - start)) {
goto fail;
real_end -= qemu_host_page_size;
}
real_last -= qemu_host_page_size;
}
/* map the middle (easier) */
if (real_start < real_end) {
if (real_start < real_last) {
void *p;
unsigned long offset1;
if (flags & MAP_ANONYMOUS)
off_t offset1;
if (flags & MAP_ANONYMOUS) {
offset1 = 0;
else
} else {
offset1 = offset + real_start - start;
p = mmap(g2h_untagged(real_start), real_end - real_start,
host_prot, flags, fd, offset1);
if (p == MAP_FAILED)
}
p = mmap(g2h_untagged(real_start), real_last - real_start + 1,
target_to_host_prot(target_prot), flags, fd, offset1);
if (p == MAP_FAILED) {
goto fail;
}
passthrough_start = real_start;
passthrough_end = real_end;
passthrough_last = real_last;
}
}
the_end1:
@ -645,16 +693,16 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int target_prot,
page_flags |= PAGE_ANON;
}
page_flags |= PAGE_RESET;
if (passthrough_start == passthrough_end) {
page_set_flags(start, start + len - 1, page_flags);
if (passthrough_start > passthrough_last) {
page_set_flags(start, last, page_flags);
} else {
if (start < passthrough_start) {
page_set_flags(start, passthrough_start - 1, page_flags);
}
page_set_flags(passthrough_start, passthrough_end - 1,
page_set_flags(passthrough_start, passthrough_last,
page_flags | PAGE_PASSTHROUGH);
if (passthrough_end < start + len) {
page_set_flags(passthrough_end, start + len - 1, page_flags);
if (passthrough_last < last) {
page_set_flags(passthrough_last + 1, last, page_flags);
}
}
the_end:
@ -674,105 +722,89 @@ fail:
return -1;
}
static void mmap_reserve(abi_ulong start, abi_ulong size)
static void mmap_reserve_or_unmap(abi_ulong start, abi_ulong len)
{
abi_ulong real_start;
abi_ulong real_end;
abi_ulong addr;
abi_ulong end;
abi_ulong real_last;
abi_ulong real_len;
abi_ulong last;
abi_ulong a;
void *host_start;
int prot;
last = start + len - 1;
real_start = start & qemu_host_page_mask;
real_end = HOST_PAGE_ALIGN(start + size);
end = start + size;
if (start > real_start) {
/* handle host page containing start */
real_last = HOST_PAGE_ALIGN(last) - 1;
/*
* If guest pages remain on the first or last host pages,
* adjust the deallocation to retain those guest pages.
* The single page special case is required for the last page,
* lest real_start overflow to zero.
*/
if (real_last - real_start < qemu_host_page_size) {
prot = 0;
for (addr = real_start; addr < start; addr += TARGET_PAGE_SIZE) {
prot |= page_get_flags(addr);
for (a = real_start; a < start; a += TARGET_PAGE_SIZE) {
prot |= page_get_flags(a);
}
if (real_end == real_start + qemu_host_page_size) {
for (addr = end; addr < real_end; addr += TARGET_PAGE_SIZE) {
prot |= page_get_flags(addr);
for (a = last; a < real_last; a += TARGET_PAGE_SIZE) {
prot |= page_get_flags(a + 1);
}
end = real_end;
if (prot != 0) {
return;
}
if (prot != 0)
} else {
for (prot = 0, a = real_start; a < start; a += TARGET_PAGE_SIZE) {
prot |= page_get_flags(a);
}
if (prot != 0) {
real_start += qemu_host_page_size;
}
if (end < real_end) {
prot = 0;
for (addr = end; addr < real_end; addr += TARGET_PAGE_SIZE) {
prot |= page_get_flags(addr);
for (prot = 0, a = last; a < real_last; a += TARGET_PAGE_SIZE) {
prot |= page_get_flags(a + 1);
}
if (prot != 0)
real_end -= qemu_host_page_size;
if (prot != 0) {
real_last -= qemu_host_page_size;
}
if (real_start != real_end) {
mmap(g2h_untagged(real_start), real_end - real_start, PROT_NONE,
MAP_FIXED | MAP_ANONYMOUS | MAP_PRIVATE | MAP_NORESERVE,
-1, 0);
if (real_last < real_start) {
return;
}
}
real_len = real_last - real_start + 1;
host_start = g2h_untagged(real_start);
if (reserved_va) {
void *ptr = mmap(host_start, real_len, PROT_NONE,
MAP_FIXED | MAP_ANONYMOUS
| MAP_PRIVATE | MAP_NORESERVE, -1, 0);
assert(ptr == host_start);
} else {
int ret = munmap(host_start, real_len);
assert(ret == 0);
}
}
int target_munmap(abi_ulong start, abi_ulong len)
{
abi_ulong end, real_start, real_end, addr;
int prot, ret;
trace_target_munmap(start, len);
if (start & ~TARGET_PAGE_MASK)
if (start & ~TARGET_PAGE_MASK) {
return -TARGET_EINVAL;
}
len = TARGET_PAGE_ALIGN(len);
if (len == 0 || !guest_range_valid_untagged(start, len)) {
return -TARGET_EINVAL;
}
mmap_lock();
end = start + len;
real_start = start & qemu_host_page_mask;
real_end = HOST_PAGE_ALIGN(end);
if (start > real_start) {
/* handle host page containing start */
prot = 0;
for(addr = real_start; addr < start; addr += TARGET_PAGE_SIZE) {
prot |= page_get_flags(addr);
}
if (real_end == real_start + qemu_host_page_size) {
for(addr = end; addr < real_end; addr += TARGET_PAGE_SIZE) {
prot |= page_get_flags(addr);
}
end = real_end;
}
if (prot != 0)
real_start += qemu_host_page_size;
}
if (end < real_end) {
prot = 0;
for(addr = end; addr < real_end; addr += TARGET_PAGE_SIZE) {
prot |= page_get_flags(addr);
}
if (prot != 0)
real_end -= qemu_host_page_size;
}
ret = 0;
/* unmap what we can */
if (real_start < real_end) {
if (reserved_va) {
mmap_reserve(real_start, real_end - real_start);
} else {
ret = munmap(g2h_untagged(real_start), real_end - real_start);
}
}
if (ret == 0) {
mmap_reserve_or_unmap(start, len);
page_set_flags(start, start + len - 1, 0);
}
mmap_unlock();
return ret;
return 0;
}
abi_long target_mremap(abi_ulong old_addr, abi_ulong old_size,
@ -798,9 +830,11 @@ abi_long target_mremap(abi_ulong old_addr, abi_ulong old_size,
flags, g2h_untagged(new_addr));
if (reserved_va && host_addr != MAP_FAILED) {
/* If new and old addresses overlap then the above mremap will
already have failed with EINVAL. */
mmap_reserve(old_addr, old_size);
/*
* If new and old addresses overlap then the above mremap will
* already have failed with EINVAL.
*/
mmap_reserve_or_unmap(old_addr, old_size);
}
} else if (flags & MREMAP_MAYMOVE) {
abi_ulong mmap_start;
@ -815,7 +849,7 @@ abi_long target_mremap(abi_ulong old_addr, abi_ulong old_size,
flags | MREMAP_FIXED,
g2h_untagged(mmap_start));
if (reserved_va) {
mmap_reserve(old_addr, old_size);
mmap_reserve_or_unmap(old_addr, old_size);
}
}
} else {
@ -841,7 +875,8 @@ abi_long target_mremap(abi_ulong old_addr, abi_ulong old_size,
errno = ENOMEM;
host_addr = MAP_FAILED;
} else if (reserved_va && old_size > new_size) {
mmap_reserve(old_addr + old_size, old_size - new_size);
mmap_reserve_or_unmap(old_addr + old_size,
old_size - new_size);
}
}
} else {
@ -863,47 +898,19 @@ abi_long target_mremap(abi_ulong old_addr, abi_ulong old_size,
return new_addr;
}
static bool can_passthrough_madvise(abi_ulong start, abi_ulong end)
{
ulong addr;
if ((start | end) & ~qemu_host_page_mask) {
return false;
}
for (addr = start; addr < end; addr += TARGET_PAGE_SIZE) {
if (!(page_get_flags(addr) & PAGE_PASSTHROUGH)) {
return false;
}
}
return true;
}
abi_long target_madvise(abi_ulong start, abi_ulong len_in, int advice)
{
abi_ulong len, end;
abi_ulong len;
int ret = 0;
if (start & ~TARGET_PAGE_MASK) {
return -TARGET_EINVAL;
}
len = TARGET_PAGE_ALIGN(len_in);
if (len_in && !len) {
return -TARGET_EINVAL;
}
end = start + len;
if (end < start) {
return -TARGET_EINVAL;
}
if (end == start) {
if (len_in == 0) {
return 0;
}
if (!guest_range_valid_untagged(start, len)) {
len = TARGET_PAGE_ALIGN(len_in);
if (len == 0 || !guest_range_valid_untagged(start, len)) {
return -TARGET_EINVAL;
}
@ -929,9 +936,8 @@ abi_long target_madvise(abi_ulong start, abi_ulong len_in, int advice)
*
* A straight passthrough for those may not be safe because qemu sometimes
* turns private file-backed mappings into anonymous mappings.
* can_passthrough_madvise() helps to check if a passthrough is possible by
* comparing mappings that are known to have the same semantics in the host
* and the guest. In this case passthrough is safe.
* If all guest pages have PAGE_PASSTHROUGH set, mappings have the
* same semantics for the host as for the guest.
*
* We pass through MADV_WIPEONFORK and MADV_KEEPONFORK if possible and
* return failure if not.
@ -949,7 +955,7 @@ abi_long target_madvise(abi_ulong start, abi_ulong len_in, int advice)
ret = -EINVAL;
/* fall through */
case MADV_DONTNEED:
if (can_passthrough_madvise(start, end)) {
if (page_check_range(start, len, PAGE_PASSTHROUGH)) {
ret = get_errno(madvise(g2h_untagged(start), len, advice));
if ((advice == MADV_DONTNEED) && (ret == 0)) {
page_reset_target_data(start, start + len - 1);

8
linux-user/ppc/target_mman.h
View File

@ -1 +1,9 @@
#ifndef PPC_TARGET_MMAN_H
#define PPC_TARGET_MMAN_H
#define TARGET_MAP_NORESERVE 0x40
#define TARGET_MAP_LOCKED 0x80
#include "../generic/target_mman.h"
#endif

2
linux-user/qemu.h
View File

@ -182,7 +182,7 @@ static inline bool access_ok_untagged(int type, abi_ulong addr, abi_ulong size)
: !guest_range_valid_untagged(addr, size)) {
return false;
}
return page_check_range((target_ulong)addr, size, type) == 0;
return page_check_range((target_ulong)addr, size, type);
}
static inline bool access_ok(CPUState *cpu, int type,

9
linux-user/sparc/target_mman.h
View File

@ -1 +1,10 @@
#ifndef SPARC_TARGET_MMAN_H
#define SPARC_TARGET_MMAN_H
#define TARGET_MAP_NORESERVE 0x40
#define TARGET_MAP_LOCKED 0x100
#define TARGET_MAP_GROWSDOWN 0x0200
#include "../generic/target_mman.h"
#endif

61
linux-user/strace.c
View File

@ -46,15 +46,21 @@ struct syscallname {
*/
struct flags {
abi_long f_value; /* flag */
abi_long f_mask; /* mask */
const char *f_string; /* stringified flag */
};
/* No 'struct flags' element should have a zero mask. */
#define FLAG_BASIC(V, M, N) { V, M | QEMU_BUILD_BUG_ON_ZERO(!(M)), N }
/* common flags for all architectures */
#define FLAG_GENERIC(name) { name, #name }
#define FLAG_GENERIC_MASK(V, M) FLAG_BASIC(V, M, #V)
#define FLAG_GENERIC(V) FLAG_BASIC(V, V, #V)
/* target specific flags (syscall_defs.h has TARGET_<flag>) */
#define FLAG_TARGET(name) { TARGET_ ## name, #name }
#define FLAG_TARGET_MASK(V, M) FLAG_BASIC(TARGET_##V, TARGET_##M, #V)
#define FLAG_TARGET(V) FLAG_BASIC(TARGET_##V, TARGET_##V, #V)
/* end of flags array */
#define FLAG_END { 0, NULL }
#define FLAG_END { 0, 0, NULL }
/* Structure used to translate enumerated values into strings */
struct enums {
@ -963,7 +969,7 @@ print_syscall_ret_ioctl(CPUArchState *cpu_env, const struct syscallname *name,
#endif
UNUSED static const struct flags access_flags[] = {
FLAG_GENERIC(F_OK),
FLAG_GENERIC_MASK(F_OK, R_OK | W_OK | X_OK),
FLAG_GENERIC(R_OK),
FLAG_GENERIC(W_OK),
FLAG_GENERIC(X_OK),
@ -999,9 +1005,9 @@ UNUSED static const struct flags mode_flags[] = {
};
UNUSED static const struct flags open_access_flags[] = {
FLAG_TARGET(O_RDONLY),
FLAG_TARGET(O_WRONLY),
FLAG_TARGET(O_RDWR),
FLAG_TARGET_MASK(O_RDONLY, O_ACCMODE),
FLAG_TARGET_MASK(O_WRONLY, O_ACCMODE),
FLAG_TARGET_MASK(O_RDWR, O_ACCMODE),
FLAG_END,
};
@ -1010,7 +1016,9 @@ UNUSED static const struct flags open_flags[] = {
FLAG_TARGET(O_CREAT),
FLAG_TARGET(O_DIRECTORY),
FLAG_TARGET(O_EXCL),
#if TARGET_O_LARGEFILE != 0
FLAG_TARGET(O_LARGEFILE),
#endif
FLAG_TARGET(O_NOCTTY),
FLAG_TARGET(O_NOFOLLOW),
FLAG_TARGET(O_NONBLOCK), /* also O_NDELAY */
@ -1075,7 +1083,7 @@ UNUSED static const struct flags umount2_flags[] = {
};
UNUSED static const struct flags mmap_prot_flags[] = {
FLAG_GENERIC(PROT_NONE),
FLAG_GENERIC_MASK(PROT_NONE, PROT_READ | PROT_WRITE | PROT_EXEC),
FLAG_GENERIC(PROT_EXEC),
FLAG_GENERIC(PROT_READ),
FLAG_GENERIC(PROT_WRITE),
@ -1086,28 +1094,25 @@ UNUSED static const struct flags mmap_prot_flags[] = {
};
UNUSED static const struct flags mmap_flags[] = {
FLAG_TARGET(MAP_SHARED),
FLAG_TARGET(MAP_PRIVATE),
FLAG_TARGET_MASK(MAP_SHARED, MAP_TYPE),
FLAG_TARGET_MASK(MAP_PRIVATE, MAP_TYPE),
FLAG_TARGET_MASK(MAP_SHARED_VALIDATE, MAP_TYPE),
FLAG_TARGET(MAP_ANONYMOUS),
FLAG_TARGET(MAP_DENYWRITE),
FLAG_TARGET(MAP_FIXED),
FLAG_TARGET(MAP_GROWSDOWN),
FLAG_TARGET(MAP_EXECUTABLE),
#ifdef MAP_LOCKED
FLAG_TARGET(MAP_FIXED),
FLAG_TARGET(MAP_FIXED_NOREPLACE),
FLAG_TARGET(MAP_GROWSDOWN),
FLAG_TARGET(MAP_HUGETLB),
FLAG_TARGET(MAP_LOCKED),
#endif
#ifdef MAP_NONBLOCK
FLAG_TARGET(MAP_NONBLOCK),
#endif
FLAG_TARGET(MAP_NORESERVE),
#ifdef MAP_POPULATE
FLAG_TARGET(MAP_POPULATE),
#endif
#ifdef TARGET_MAP_UNINITIALIZED
FLAG_TARGET(MAP_STACK),
FLAG_TARGET(MAP_SYNC),
#if TARGET_MAP_UNINITIALIZED != 0
FLAG_TARGET(MAP_UNINITIALIZED),
#endif
FLAG_TARGET(MAP_HUGETLB),
FLAG_TARGET(MAP_STACK),
FLAG_END,
};
@ -1201,13 +1206,13 @@ UNUSED static const struct flags statx_flags[] = {
FLAG_GENERIC(AT_SYMLINK_NOFOLLOW),
#endif
#ifdef AT_STATX_SYNC_AS_STAT
FLAG_GENERIC(AT_STATX_SYNC_AS_STAT),
FLAG_GENERIC_MASK(AT_STATX_SYNC_AS_STAT, AT_STATX_SYNC_TYPE),
#endif
#ifdef AT_STATX_FORCE_SYNC
FLAG_GENERIC(AT_STATX_FORCE_SYNC),
FLAG_GENERIC_MASK(AT_STATX_FORCE_SYNC, AT_STATX_SYNC_TYPE),
#endif
#ifdef AT_STATX_DONT_SYNC
FLAG_GENERIC(AT_STATX_DONT_SYNC),
FLAG_GENERIC_MASK(AT_STATX_DONT_SYNC, AT_STATX_SYNC_TYPE),
#endif
FLAG_END,
};
@ -1481,14 +1486,10 @@ print_flags(const struct flags *f, abi_long flags, int last)
const char *sep = "";
int n;
if ((flags == 0) && (f->f_value == 0)) {
qemu_log("%s%s", f->f_string, get_comma(last));
return;
}
for (n = 0; f->f_string != NULL; f++) {
if ((f->f_value != 0) && ((flags & f->f_value) == f->f_value)) {
if ((flags & f->f_mask) == f->f_value) {
qemu_log("%s%s", sep, f->f_string);
flags &= ~f->f_value;
flags &= ~f->f_mask;
sep = "|";
n++;
}

64
linux-user/syscall.c
View File

@ -309,16 +309,16 @@ _syscall0(int, sys_gettid)
#endif
#if defined(TARGET_NR_getdents) && defined(EMULATE_GETDENTS_WITH_GETDENTS)
_syscall3(int, sys_getdents, uint, fd, struct linux_dirent *, dirp, uint, count);
_syscall3(int, sys_getdents, unsigned int, fd, struct linux_dirent *, dirp, unsigned int, count);
#endif
#if (defined(TARGET_NR_getdents) && \
!defined(EMULATE_GETDENTS_WITH_GETDENTS)) || \
(defined(TARGET_NR_getdents64) && defined(__NR_getdents64))
_syscall3(int, sys_getdents64, uint, fd, struct linux_dirent64 *, dirp, uint, count);
_syscall3(int, sys_getdents64, unsigned int, fd, struct linux_dirent64 *, dirp, unsigned int, count);
#endif
#if defined(TARGET_NR__llseek) && defined(__NR_llseek)
_syscall5(int, _llseek, uint, fd, ulong, hi, ulong, lo,
loff_t *, res, uint, wh);
_syscall5(int, _llseek, unsigned int, fd, unsigned long, hi, unsigned long, lo,
loff_t *, res, unsigned int, wh);
#endif
_syscall3(int, sys_rt_sigqueueinfo, pid_t, pid, int, sig, siginfo_t *, uinfo)
_syscall4(int, sys_rt_tgsigqueueinfo, pid_t, pid, pid_t, tid, int, sig,
@ -659,6 +659,7 @@ safe_syscall4(pid_t, wait4, pid_t, pid, int *, status, int, options, \
#endif
safe_syscall5(int, waitid, idtype_t, idtype, id_t, id, siginfo_t *, infop, \
int, options, struct rusage *, rusage)
safe_syscall3(int, execve, const char *, filename, char **, argv, char **, envp)
safe_syscall5(int, execveat, int, dirfd, const char *, filename,
char **, argv, char **, envp, int, flags)
#if defined(TARGET_NR_select) || defined(TARGET_NR__newselect) || \
@ -805,7 +806,7 @@ static abi_ulong brk_page;
void target_set_brk(abi_ulong new_brk)
{
target_brk = new_brk;
target_brk = TARGET_PAGE_ALIGN(new_brk);
brk_page = HOST_PAGE_ALIGN(target_brk);
}
@ -4538,11 +4539,11 @@ static inline abi_ulong target_shmlba(CPUArchState *cpu_env)
}
#endif
static inline abi_ulong do_shmat(CPUArchState *cpu_env,
int shmid, abi_ulong shmaddr, int shmflg)
static abi_ulong do_shmat(CPUArchState *cpu_env, int shmid,
abi_ulong shmaddr, int shmflg)
{
CPUState *cpu = env_cpu(cpu_env);
abi_long raddr;
abi_ulong raddr;
void *host_raddr;
struct shmid_ds shm_info;
int i, ret;
@ -4601,9 +4602,9 @@ static inline abi_ulong do_shmat(CPUArchState *cpu_env,
if (host_raddr == (void *)-1) {
mmap_unlock();
return get_errno((long)host_raddr);
return get_errno((intptr_t)host_raddr);
}
raddr=h2g((unsigned long)host_raddr);
raddr = h2g((uintptr_t)host_raddr);
page_set_flags(raddr, raddr + shm_info.shm_segsz - 1,
PAGE_VALID | PAGE_RESET | PAGE_READ |
@ -4620,7 +4621,6 @@ static inline abi_ulong do_shmat(CPUArchState *cpu_env,
mmap_unlock();
return raddr;
}
static inline abi_long do_shmdt(abi_ulong shmaddr)
@ -6012,9 +6012,19 @@ static const StructEntry struct_termios_def = {
.print = print_termios,
};
/* If the host does not provide these bits, they may be safely discarded. */
#ifndef MAP_SYNC
#define MAP_SYNC 0
#endif
#ifndef MAP_UNINITIALIZED
#define MAP_UNINITIALIZED 0
#endif
static const bitmask_transtbl mmap_flags_tbl[] = {
{ TARGET_MAP_SHARED, TARGET_MAP_SHARED, MAP_SHARED, MAP_SHARED },
{ TARGET_MAP_PRIVATE, TARGET_MAP_PRIVATE, MAP_PRIVATE, MAP_PRIVATE },
{ TARGET_MAP_TYPE, TARGET_MAP_SHARED, MAP_TYPE, MAP_SHARED },
{ TARGET_MAP_TYPE, TARGET_MAP_PRIVATE, MAP_TYPE, MAP_PRIVATE },
{ TARGET_MAP_TYPE, TARGET_MAP_SHARED_VALIDATE,
MAP_TYPE, MAP_SHARED_VALIDATE },
{ TARGET_MAP_FIXED, TARGET_MAP_FIXED, MAP_FIXED, MAP_FIXED },
{ TARGET_MAP_ANONYMOUS, TARGET_MAP_ANONYMOUS,
MAP_ANONYMOUS, MAP_ANONYMOUS },
@ -6032,6 +6042,13 @@ static const bitmask_transtbl mmap_flags_tbl[] = {
Recognize it for the target insofar as we do not want to pass
it through to the host. */
{ TARGET_MAP_STACK, TARGET_MAP_STACK, 0, 0 },
{ TARGET_MAP_SYNC, TARGET_MAP_SYNC, MAP_SYNC, MAP_SYNC },
{ TARGET_MAP_NONBLOCK, TARGET_MAP_NONBLOCK, MAP_NONBLOCK, MAP_NONBLOCK },
{ TARGET_MAP_POPULATE, TARGET_MAP_POPULATE, MAP_POPULATE, MAP_POPULATE },
{ TARGET_MAP_FIXED_NOREPLACE, TARGET_MAP_FIXED_NOREPLACE,
MAP_FIXED_NOREPLACE, MAP_FIXED_NOREPLACE },
{ TARGET_MAP_UNINITIALIZED, TARGET_MAP_UNINITIALIZED,
MAP_UNINITIALIZED, MAP_UNINITIALIZED },
{ 0, 0, 0, 0 }
};
@ -8105,7 +8122,7 @@ static int open_self_maps_1(CPUArchState *cpu_env, int fd, bool smaps)
max = h2g_valid(max - 1) ?
max : (uintptr_t) g2h_untagged(GUEST_ADDR_MAX) + 1;
if (page_check_range(h2g(min), max - min, flags) == -1) {
if (!page_check_range(h2g(min), max - min, flags)) {
continue;
}
@ -8629,9 +8646,9 @@ ssize_t do_guest_readlink(const char *pathname, char *buf, size_t bufsiz)
return ret;
}
static int do_execveat(CPUArchState *cpu_env, int dirfd,
static int do_execv(CPUArchState *cpu_env, int dirfd,
abi_long pathname, abi_long guest_argp,
abi_long guest_envp, int flags)
abi_long guest_envp, int flags, bool is_execveat)
{
int ret;
char **argp, **envp;
@ -8710,11 +8727,14 @@ static int do_execveat(CPUArchState *cpu_env, int dirfd,
goto execve_efault;
}
const char *exe = p;
if (is_proc_myself(p, "exe")) {
ret = get_errno(safe_execveat(dirfd, exec_path, argp, envp, flags));
} else {
ret = get_errno(safe_execveat(dirfd, p, argp, envp, flags));
exe = exec_path;
}
ret = is_execveat
? safe_execveat(dirfd, exe, argp, envp, flags)
: safe_execve(exe, argp, envp);
ret = get_errno(ret);
unlock_user(p, pathname, 0);
@ -9406,9 +9426,9 @@ static abi_long do_syscall1(CPUArchState *cpu_env, int num, abi_long arg1,
return ret;
#endif
case TARGET_NR_execveat:
return do_execveat(cpu_env, arg1, arg2, arg3, arg4, arg5);
return do_execv(cpu_env, arg1, arg2, arg3, arg4, arg5, true);
case TARGET_NR_execve:
return do_execveat(cpu_env, AT_FDCWD, arg1, arg2, arg3, 0);
return do_execv(cpu_env, AT_FDCWD, arg1, arg2, arg3, 0, false);
case TARGET_NR_chdir:
if (!(p = lock_user_string(arg1)))
return -TARGET_EFAULT;
@ -10571,7 +10591,7 @@ static abi_long do_syscall1(CPUArchState *cpu_env, int num, abi_long arg1,
#endif
ret = target_mmap(arg1, arg2, arg3,
target_to_host_bitmask(arg4, mmap_flags_tbl),
arg5, arg6 << MMAP_SHIFT);
arg5, (off_t)(abi_ulong)arg6 << MMAP_SHIFT);
return get_errno(ret);
#endif
case TARGET_NR_munmap:

1038
linux-user/syscall_defs.h
View File

File diff suppressed because it is too large Load Diff

2
linux-user/user-mmap.h
View File

@ -20,7 +20,7 @@
int target_mprotect(abi_ulong start, abi_ulong len, int prot);
abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
int flags, int fd, abi_ulong offset);
int flags, int fd, off_t offset);
int target_munmap(abi_ulong start, abi_ulong len);
abi_long target_mremap(abi_ulong old_addr, abi_ulong old_size,
abi_ulong new_size, unsigned long flags,

18
linux-user/xtensa/target_mman.h
View File

@ -1 +1,19 @@
#ifndef XTENSA_TARGET_MMAN_H
#define XTENSA_TARGET_MMAN_H
#define TARGET_PROT_SEM 0x10
#define TARGET_MAP_NORESERVE 0x0400
#define TARGET_MAP_ANONYMOUS 0x0800
#define TARGET_MAP_GROWSDOWN 0x1000
#define TARGET_MAP_DENYWRITE 0x2000
#define TARGET_MAP_EXECUTABLE 0x4000
#define TARGET_MAP_LOCKED 0x8000
#define TARGET_MAP_POPULATE 0x10000
#define TARGET_MAP_NONBLOCK 0x20000
#define TARGET_MAP_STACK 0x40000
#define TARGET_MAP_HUGETLB 0x80000
#include "../generic/target_mman.h"
#endif

2
target/hppa/op_helper.c
View File

@ -168,7 +168,7 @@ target_ureg HELPER(probe)(CPUHPPAState *env, target_ulong addr,
uint32_t level, uint32_t want)
{
#ifdef CONFIG_USER_ONLY
return (page_check_range(addr, 1, want) == 0) ? 1 : 0;
return page_check_range(addr, 1, want);
#else
int prot, excp;
hwaddr phys;

2
target/riscv/vector_helper.c
View File

@ -583,7 +583,7 @@ vext_ldff(void *vd, void *v0, target_ulong base,
cpu_mmu_index(env, false));
if (host) {
#ifdef CONFIG_USER_ONLY
if (page_check_range(addr, offset, PAGE_READ) < 0) {
if (page_check_range(addr, offset, PAGE_READ)) {
vl = i;
goto ProbeSuccess;
}

2
target/sparc/ldst_helper.c
View File

@ -1191,7 +1191,7 @@ uint64_t helper_ld_asi(CPUSPARCState *env, target_ulong addr,
case ASI_PNFL: /* Primary no-fault LE */
case ASI_SNF: /* Secondary no-fault */
case ASI_SNFL: /* Secondary no-fault LE */
if (page_check_range(addr, size, PAGE_READ) == -1) {
if (!page_check_range(addr, size, PAGE_READ)) {
ret = 0;
break;
}

2
tcg/tcg-op-ldst.c
View File

@ -778,7 +778,7 @@ typedef void (*gen_atomic_op_i64)(TCGv_i64, TCGv_env, TCGv_i64,
#else
# define WITH_ATOMIC64(X)
#endif
#ifdef CONFIG_CMPXCHG128
#if HAVE_CMPXCHG128
# define WITH_ATOMIC128(X) X,
#else
# define WITH_ATOMIC128(X)

2
tcg/tcg.c
View File

@ -1083,7 +1083,7 @@ static void layout_arg_by_ref(TCGCumulativeArgs *cum, TCGHelperInfo *info)
.ref_slot = cum->ref_slot + i,
};
}
cum->info_in_idx += n;
cum->info_in_idx += n - 1; /* i=0 accounted for in layout_arg_1 */
cum->ref_slot += n;
}