From 098178f2749a63fbbb1a626dcc7d939d5cb2bde7 Mon Sep 17 00:00:00 2001 From: Paolo Bonzini Date: Mon, 29 Jul 2013 14:27:39 +0200 Subject: exec: fix writing to MMIO area with non-power-of-two length The problem is introduced by commit 2332616 (exec: Support 64-bit operations in address_space_rw, 2013-07-08). Before that commit, memory_access_size would only return 1/2/4. Since alignment is already handled above, reduce l to the largest power of two that is smaller than l. Cc: qemu-stable@nongnu.org Reported-by: Oleksii Shevchuk Tested-by: Oleksii Shevchuk Signed-off-by: Paolo Bonzini --- exec.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/exec.c b/exec.c index 87b0b39..b52ec80 100644 --- a/exec.c +++ b/exec.c @@ -1913,6 +1913,9 @@ static int memory_access_size(MemoryRegion *mr, unsigned l, hwaddr addr) if (l > access_size_max) { l = access_size_max; } + if (l & (l - 1)) { + l = 1 << (qemu_fls(l) - 1); + } return l; } -- cgit v1.1 From 88266249701032211c1d7449460d063fbc01bf12 Mon Sep 17 00:00:00 2001 From: Hu Tao Date: Thu, 29 Aug 2013 18:21:16 +0800 Subject: exec: check offset_within_address_space for register subpage MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit If offset_within_address_space falls in a page, then we register a subpage. So check offset_within_address_space rather than offset_within_region. Cc: qemu-stable@nongnu.org Cc: Paolo Bonzini Cc: Richard Henderson Cc: "Andreas Färber" Cc: Peter Maydell Cc: Blue Swirl Signed-off-by: Hu Tao Signed-off-by: Paolo Bonzini --- exec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exec.c b/exec.c index b52ec80..e6f04d8 100644 --- a/exec.c +++ b/exec.c @@ -854,7 +854,7 @@ static void mem_add(MemoryListener *listener, MemoryRegionSection *section) now = remain; if (int128_lt(remain.size, page_size)) { register_subpage(d, &now); - } else if (remain.offset_within_region & ~TARGET_PAGE_MASK) { + } else if (remain.offset_within_address_space & ~TARGET_PAGE_MASK) { now.size = page_size; register_subpage(d, &now); } else { -- cgit v1.1 From 3bb28b7208b349e7a1b326e3c6ef9efac1d462bf Mon Sep 17 00:00:00 2001 From: Jan Kiszka Date: Mon, 2 Sep 2013 18:43:30 +0200 Subject: memory: Provide separate handling of unassigned io ports accesses Accesses to unassigned io ports shall return -1 on read and be ignored on write. Ensure these properties via dedicated ops, decoupling us from the memory core's handling of unassigned accesses. Cc: qemu-stable@nongnu.org Signed-off-by: Jan Kiszka Signed-off-by: Paolo Bonzini --- exec.c | 3 ++- include/exec/ioport.h | 4 ++++ ioport.c | 16 ++++++++++++++++ 3 files changed, 22 insertions(+), 1 deletion(-) diff --git a/exec.c b/exec.c index e6f04d8..3859b02 100644 --- a/exec.c +++ b/exec.c @@ -1805,7 +1805,8 @@ static void memory_map_init(void) address_space_init(&address_space_memory, system_memory, "memory"); system_io = g_malloc(sizeof(*system_io)); - memory_region_init(system_io, NULL, "io", 65536); + memory_region_init_io(system_io, NULL, &unassigned_io_ops, NULL, "io", + 65536); address_space_init(&address_space_io, system_io, "I/O"); memory_listener_register(&core_memory_listener, &address_space_memory); diff --git a/include/exec/ioport.h b/include/exec/ioport.h index bdd4e96..b3848be 100644 --- a/include/exec/ioport.h +++ b/include/exec/ioport.h @@ -45,6 +45,10 @@ typedef struct MemoryRegionPortio { #define PORTIO_END_OF_LIST() { } +#ifndef CONFIG_USER_ONLY +extern const MemoryRegionOps unassigned_io_ops; +#endif + void cpu_outb(pio_addr_t addr, uint8_t val); void cpu_outw(pio_addr_t addr, uint16_t val); void cpu_outl(pio_addr_t addr, uint32_t val); diff --git a/ioport.c b/ioport.c index 79b7f1a..707cce8 100644 --- a/ioport.c +++ b/ioport.c @@ -44,6 +44,22 @@ typedef struct MemoryRegionPortioList { MemoryRegionPortio ports[]; } MemoryRegionPortioList; +static uint64_t unassigned_io_read(void *opaque, hwaddr addr, unsigned size) +{ + return -1ULL; +} + +static void unassigned_io_write(void *opaque, hwaddr addr, uint64_t val, + unsigned size) +{ +} + +const MemoryRegionOps unassigned_io_ops = { + .read = unassigned_io_read, + .write = unassigned_io_write, + .endianness = DEVICE_NATIVE_ENDIAN, +}; + void cpu_outb(pio_addr_t addr, uint8_t val) { LOG_IOPORT("outb: %04"FMT_pioaddr" %02"PRIx8"\n", addr, val); -- cgit v1.1 From 68a7439a150d6b4da99082ab454b9328b151bc25 Mon Sep 17 00:00:00 2001 From: Jan Kiszka Date: Mon, 2 Sep 2013 18:43:31 +0200 Subject: Revert "memory: Return -1 again on reads from unsigned regions" This reverts commit 9b8c69243585a32d14b9bb9fcd52c37b0b5a1b71. The commit was wrong: We only return -1 on invalid accesses, not on valid but unbacked ones. This broke various corner cases. Cc: qemu-stable@nongnu.org Signed-off-by: Jan Kiszka Signed-off-by: Paolo Bonzini --- memory.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/memory.c b/memory.c index 886f838..5a10fd0 100644 --- a/memory.c +++ b/memory.c @@ -872,7 +872,7 @@ static uint64_t unassigned_mem_read(void *opaque, hwaddr addr, if (current_cpu != NULL) { cpu_unassigned_access(current_cpu, addr, false, false, 0, size); } - return -1ULL; + return 0; } static void unassigned_mem_write(void *opaque, hwaddr addr, -- cgit v1.1 From 2641689a37144b201814f39046e36eb285498cbe Mon Sep 17 00:00:00 2001 From: liguang Date: Wed, 4 Sep 2013 14:37:33 +0800 Subject: exec: do tcg_commit only when tcg_enabled Signed-off-by: liguang Signed-off-by: Paolo Bonzini --- exec.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/exec.c b/exec.c index 3859b02..030118e 100644 --- a/exec.c +++ b/exec.c @@ -1810,7 +1810,9 @@ static void memory_map_init(void) address_space_init(&address_space_io, system_io, "I/O"); memory_listener_register(&core_memory_listener, &address_space_memory); - memory_listener_register(&tcg_memory_listener, &address_space_memory); + if (tcg_enabled()) { + memory_listener_register(&tcg_memory_listener, &address_space_memory); + } } MemoryRegion *get_system_memory(void) -- cgit v1.1