| 
									
										
										
										
											2017-10-12 13:59:41 +01:00
										 |  |  | ..
 | 
					
						
							|  |  |  |    Copyright (c) 2017 Linaro Limited
 | 
					
						
							|  |  |  |    Written by Peter Maydell
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ===================
 | 
					
						
							|  |  |  | Load and Store APIs
 | 
					
						
							|  |  |  | ===================
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | QEMU internally has multiple families of functions for performing
 | 
					
						
							|  |  |  | loads and stores. This document attempts to enumerate them all
 | 
					
						
							|  |  |  | and indicate when to use them. It does not provide detailed
 | 
					
						
							|  |  |  | documentation of each API -- for that you should look at the
 | 
					
						
							|  |  |  | documentation comments in the relevant header files.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``ld*_p and st*_p``
 | 
					
						
							|  |  |  | ~~~~~~~~~~~~~~~~~~~
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | These functions operate on a host pointer, and should be used
 | 
					
						
							|  |  |  | when you already have a pointer into host memory (corresponding
 | 
					
						
							|  |  |  | to guest ram or a local buffer). They deal with doing accesses
 | 
					
						
							|  |  |  | with the desired endianness and with correctly handling
 | 
					
						
							|  |  |  | potentially unaligned pointer values.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | Function names follow the pattern:
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | load: ``ld{type}{sign}{size}_{endian}_p(ptr)``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | store: ``st{type}{size}_{endian}_p(ptr, val)``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``type``
 | 
					
						
							|  |  |  |  - (empty) : integer access
 | 
					
						
							|  |  |  |  - ``f`` : float access
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``sign``
 | 
					
						
							|  |  |  |  - (empty) : for 32 or 64 bit sizes (including floats and doubles)
 | 
					
						
							|  |  |  |  - ``u`` : unsigned
 | 
					
						
							|  |  |  |  - ``s`` : signed
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``size``
 | 
					
						
							|  |  |  |  - ``b`` : 8 bits
 | 
					
						
							|  |  |  |  - ``w`` : 16 bits
 | 
					
						
							|  |  |  |  - ``l`` : 32 bits
 | 
					
						
							|  |  |  |  - ``q`` : 64 bits
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``endian``
 | 
					
						
							|  |  |  |  - ``he`` : host endian
 | 
					
						
							|  |  |  |  - ``be`` : big endian
 | 
					
						
							|  |  |  |  - ``le`` : little endian
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | The ``_{endian}`` infix is omitted for target-endian accesses.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | The target endian accessors are only available to source
 | 
					
						
							|  |  |  | files which are built per-target.
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-06-15 14:57:14 +01:00
										 |  |  | There are also functions which take the size as an argument:
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | load: ``ldn{endian}_p(ptr, sz)``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | which performs an unsigned load of ``sz`` bytes from ``ptr``
 | 
					
						
							|  |  |  | as an ``{endian}`` order value and returns it in a uint64_t.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | store: ``stn{endian}_p(ptr, sz, val)``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | which stores ``val`` to ``ptr`` as an ``{endian}`` order value
 | 
					
						
							|  |  |  | of size ``sz`` bytes.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-10-12 13:59:41 +01:00
										 |  |  | Regexes for git grep
 | 
					
						
							|  |  |  |  - ``\<ldf\?[us]\?[bwlq]\(_[hbl]e\)\?_p\>``
 | 
					
						
							|  |  |  |  - ``\<stf\?[bwlq]\(_[hbl]e\)\?_p\>``
 | 
					
						
							| 
									
										
										
										
											2018-06-15 14:57:14 +01:00
										 |  |  |  - ``\<ldn_\([hbl]e\)?_p\>``
 | 
					
						
							|  |  |  |  - ``\<stn_\([hbl]e\)?_p\>``
 | 
					
						
							| 
									
										
										
										
											2017-10-12 13:59:41 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-12-09 21:10:04 -08:00
										 |  |  | ``cpu_{ld,st}*_mmuidx_ra``
 | 
					
						
							|  |  |  | ~~~~~~~~~~~~~~~~~~~~~~~~~~
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | These functions operate on a guest virtual address plus a context,
 | 
					
						
							|  |  |  | known as a "mmu index" or ``mmuidx``, which controls how that virtual
 | 
					
						
							|  |  |  | address is translated.  The meaning of the indexes are target specific,
 | 
					
						
							|  |  |  | but specifying a particular index might be necessary if, for instance,
 | 
					
						
							|  |  |  | the helper requires an "always as non-privileged" access rather that
 | 
					
						
							|  |  |  | the default access for the current state of the guest CPU.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | These functions may cause a guest CPU exception to be taken
 | 
					
						
							|  |  |  | (e.g. for an alignment fault or MMU fault) which will result in
 | 
					
						
							|  |  |  | guest CPU state being updated and control longjmp'ing out of the
 | 
					
						
							|  |  |  | function call.  They should therefore only be used in code that is
 | 
					
						
							|  |  |  | implementing emulation of the guest CPU.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | The ``retaddr`` parameter is used to control unwinding of the
 | 
					
						
							|  |  |  | guest CPU state in case of a guest CPU exception.  This is passed
 | 
					
						
							|  |  |  | to ``cpu_restore_state()``.  Therefore the value should either be 0,
 | 
					
						
							|  |  |  | to indicate that the guest CPU state is already synchronized, or
 | 
					
						
							|  |  |  | the result of ``GETPC()`` from the top level ``HELPER(foo)``
 | 
					
						
							| 
									
										
										
										
											2020-10-15 11:51:47 +02:00
										 |  |  | function, which is a return address into the generated code [#gpc]_.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | .. [#gpc] Note that ``GETPC()`` should be used with great care: calling
 | 
					
						
							|  |  |  |           it in other functions that are *not* the top level
 | 
					
						
							|  |  |  |           ``HELPER(foo)`` will cause unexpected behavior. Instead, the
 | 
					
						
							|  |  |  |           value of ``GETPC()`` should be read from the helper and passed
 | 
					
						
							|  |  |  |           if needed to the functions that the helper calls.
 | 
					
						
							| 
									
										
										
										
											2017-10-12 13:59:41 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  | Function names follow the pattern:
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-05-08 08:43:46 -07:00
										 |  |  | load: ``cpu_ld{sign}{size}{end}_mmuidx_ra(env, ptr, mmuidx, retaddr)``
 | 
					
						
							| 
									
										
										
										
											2017-10-12 13:59:41 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-05-08 08:43:46 -07:00
										 |  |  | store: ``cpu_st{size}{end}_mmuidx_ra(env, ptr, val, mmuidx, retaddr)``
 | 
					
						
							| 
									
										
										
										
											2017-10-12 13:59:41 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  | ``sign``
 | 
					
						
							|  |  |  |  - (empty) : for 32 or 64 bit sizes
 | 
					
						
							|  |  |  |  - ``u`` : unsigned
 | 
					
						
							|  |  |  |  - ``s`` : signed
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``size``
 | 
					
						
							|  |  |  |  - ``b`` : 8 bits
 | 
					
						
							|  |  |  |  - ``w`` : 16 bits
 | 
					
						
							|  |  |  |  - ``l`` : 32 bits
 | 
					
						
							|  |  |  |  - ``q`` : 64 bits
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-05-08 08:43:46 -07:00
										 |  |  | ``end``
 | 
					
						
							|  |  |  |  - (empty) : for target endian, or 8 bit sizes
 | 
					
						
							|  |  |  |  - ``_be`` : big endian
 | 
					
						
							|  |  |  |  - ``_le`` : little endian
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-12-09 21:10:04 -08:00
										 |  |  | Regexes for git grep:
 | 
					
						
							| 
									
										
										
										
											2020-05-08 08:43:46 -07:00
										 |  |  |  - ``\<cpu_ld[us]\?[bwlq](_[bl]e)\?_mmuidx_ra\>``
 | 
					
						
							|  |  |  |  - ``\<cpu_st[bwlq](_[bl]e)\?_mmuidx_ra\>``
 | 
					
						
							| 
									
										
										
										
											2019-12-09 21:10:04 -08:00
										 |  |  | 
 | 
					
						
							|  |  |  | ``cpu_{ld,st}*_data_ra``
 | 
					
						
							|  |  |  | ~~~~~~~~~~~~~~~~~~~~~~~~
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | These functions work like the ``cpu_{ld,st}_mmuidx_ra`` functions
 | 
					
						
							|  |  |  | except that the ``mmuidx`` parameter is taken from the current mode
 | 
					
						
							|  |  |  | of the guest CPU, as determined by ``cpu_mmu_index(env, false)``.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | These are generally the preferred way to do accesses by guest
 | 
					
						
							|  |  |  | virtual address from helper functions, unless the access should
 | 
					
						
							|  |  |  | be performed with a context other than the default.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | Function names follow the pattern:
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-05-08 08:43:46 -07:00
										 |  |  | load: ``cpu_ld{sign}{size}{end}_data_ra(env, ptr, ra)``
 | 
					
						
							| 
									
										
										
										
											2019-12-09 21:10:04 -08:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-05-08 08:43:46 -07:00
										 |  |  | store: ``cpu_st{size}{end}_data_ra(env, ptr, val, ra)``
 | 
					
						
							| 
									
										
										
										
											2019-12-09 21:10:04 -08:00
										 |  |  | 
 | 
					
						
							|  |  |  | ``sign``
 | 
					
						
							|  |  |  |  - (empty) : for 32 or 64 bit sizes
 | 
					
						
							|  |  |  |  - ``u`` : unsigned
 | 
					
						
							|  |  |  |  - ``s`` : signed
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``size``
 | 
					
						
							|  |  |  |  - ``b`` : 8 bits
 | 
					
						
							|  |  |  |  - ``w`` : 16 bits
 | 
					
						
							|  |  |  |  - ``l`` : 32 bits
 | 
					
						
							|  |  |  |  - ``q`` : 64 bits
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-05-08 08:43:46 -07:00
										 |  |  | ``end``
 | 
					
						
							|  |  |  |  - (empty) : for target endian, or 8 bit sizes
 | 
					
						
							|  |  |  |  - ``_be`` : big endian
 | 
					
						
							|  |  |  |  - ``_le`` : little endian
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-12-09 21:10:04 -08:00
										 |  |  | Regexes for git grep:
 | 
					
						
							| 
									
										
										
										
											2020-05-08 08:43:46 -07:00
										 |  |  |  - ``\<cpu_ld[us]\?[bwlq](_[bl]e)\?_data_ra\>``
 | 
					
						
							|  |  |  |  - ``\<cpu_st[bwlq](_[bl]e)\?_data_ra\>``
 | 
					
						
							| 
									
										
										
										
											2019-12-09 21:10:04 -08:00
										 |  |  | 
 | 
					
						
							|  |  |  | ``cpu_{ld,st}*_data``
 | 
					
						
							|  |  |  | ~~~~~~~~~~~~~~~~~~~~~
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | These functions work like the ``cpu_{ld,st}_data_ra`` functions
 | 
					
						
							|  |  |  | except that the ``retaddr`` parameter is 0, and thus does not
 | 
					
						
							|  |  |  | unwind guest CPU state.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | This means they must only be used from helper functions where the
 | 
					
						
							|  |  |  | translator has saved all necessary CPU state.  These functions are
 | 
					
						
							|  |  |  | the right choice for calls made from hooks like the CPU ``do_interrupt``
 | 
					
						
							|  |  |  | hook or when you know for certain that the translator had to save all
 | 
					
						
							|  |  |  | the CPU state anyway.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | Function names follow the pattern:
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-05-08 08:43:46 -07:00
										 |  |  | load: ``cpu_ld{sign}{size}{end}_data(env, ptr)``
 | 
					
						
							| 
									
										
										
										
											2019-12-09 21:10:04 -08:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-05-08 08:43:46 -07:00
										 |  |  | store: ``cpu_st{size}{end}_data(env, ptr, val)``
 | 
					
						
							| 
									
										
										
										
											2019-12-09 21:10:04 -08:00
										 |  |  | 
 | 
					
						
							|  |  |  | ``sign``
 | 
					
						
							|  |  |  |  - (empty) : for 32 or 64 bit sizes
 | 
					
						
							|  |  |  |  - ``u`` : unsigned
 | 
					
						
							|  |  |  |  - ``s`` : signed
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``size``
 | 
					
						
							|  |  |  |  - ``b`` : 8 bits
 | 
					
						
							|  |  |  |  - ``w`` : 16 bits
 | 
					
						
							|  |  |  |  - ``l`` : 32 bits
 | 
					
						
							|  |  |  |  - ``q`` : 64 bits
 | 
					
						
							| 
									
										
										
										
											2017-10-12 13:59:41 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-05-08 08:43:46 -07:00
										 |  |  | ``end``
 | 
					
						
							|  |  |  |  - (empty) : for target endian, or 8 bit sizes
 | 
					
						
							|  |  |  |  - ``_be`` : big endian
 | 
					
						
							|  |  |  |  - ``_le`` : little endian
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-10-12 13:59:41 +01:00
										 |  |  | Regexes for git grep
 | 
					
						
							| 
									
										
										
										
											2020-05-08 08:43:46 -07:00
										 |  |  |  - ``\<cpu_ld[us]\?[bwlq](_[bl]e)\?_data\>``
 | 
					
						
							|  |  |  |  - ``\<cpu_st[bwlq](_[bl]e)\?_data\+\>``
 | 
					
						
							| 
									
										
										
										
											2017-10-12 13:59:41 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-12-09 21:10:04 -08:00
										 |  |  | ``cpu_ld*_code``
 | 
					
						
							|  |  |  | ~~~~~~~~~~~~~~~~
 | 
					
						
							| 
									
										
										
										
											2017-10-12 13:59:41 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-12-09 21:10:04 -08:00
										 |  |  | These functions perform a read for instruction execution.  The ``mmuidx``
 | 
					
						
							|  |  |  | parameter is taken from the current mode of the guest CPU, as determined
 | 
					
						
							|  |  |  | by ``cpu_mmu_index(env, true)``.  The ``retaddr`` parameter is 0, and
 | 
					
						
							|  |  |  | thus does not unwind guest CPU state, because CPU state is always
 | 
					
						
							|  |  |  | synchronized while translating instructions.  Any guest CPU exception
 | 
					
						
							|  |  |  | that is raised will indicate an instruction execution fault rather than
 | 
					
						
							|  |  |  | a data read fault.
 | 
					
						
							| 
									
										
										
										
											2017-10-12 13:59:41 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-12-09 21:10:04 -08:00
										 |  |  | In general these functions should not be used directly during translation.
 | 
					
						
							|  |  |  | There are wrapper functions that are to be used which also take care of
 | 
					
						
							|  |  |  | plugins for tracing.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | Function names follow the pattern:
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | load: ``cpu_ld{sign}{size}_code(env, ptr)``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``sign``
 | 
					
						
							|  |  |  |  - (empty) : for 32 or 64 bit sizes
 | 
					
						
							|  |  |  |  - ``u`` : unsigned
 | 
					
						
							|  |  |  |  - ``s`` : signed
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``size``
 | 
					
						
							|  |  |  |  - ``b`` : 8 bits
 | 
					
						
							|  |  |  |  - ``w`` : 16 bits
 | 
					
						
							|  |  |  |  - ``l`` : 32 bits
 | 
					
						
							|  |  |  |  - ``q`` : 64 bits
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | Regexes for git grep:
 | 
					
						
							|  |  |  |  - ``\<cpu_ld[us]\?[bwlq]_code\>``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``translator_ld*``
 | 
					
						
							|  |  |  | ~~~~~~~~~~~~~~~~~~
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | These functions are a wrapper for ``cpu_ld*_code`` which also perform
 | 
					
						
							|  |  |  | any actions required by any tracing plugins.  They are only to be
 | 
					
						
							|  |  |  | called during the translator callback ``translate_insn``.
 | 
					
						
							| 
									
										
										
										
											2017-10-12 13:59:41 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-12-09 21:10:04 -08:00
										 |  |  | There is a set of functions ending in ``_swap`` which, if the parameter
 | 
					
						
							|  |  |  | is true, returns the value in the endianness that is the reverse of
 | 
					
						
							|  |  |  | the guest native endianness, as determined by ``TARGET_WORDS_BIGENDIAN``.
 | 
					
						
							| 
									
										
										
										
											2017-10-12 13:59:41 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  | Function names follow the pattern:
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-12-09 21:10:04 -08:00
										 |  |  | load: ``translator_ld{sign}{size}(env, ptr)``
 | 
					
						
							| 
									
										
										
										
											2017-10-12 13:59:41 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-12-09 21:10:04 -08:00
										 |  |  | swap: ``translator_ld{sign}{size}_swap(env, ptr, swap)``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``sign``
 | 
					
						
							|  |  |  |  - (empty) : for 32 or 64 bit sizes
 | 
					
						
							|  |  |  |  - ``u`` : unsigned
 | 
					
						
							|  |  |  |  - ``s`` : signed
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``size``
 | 
					
						
							|  |  |  |  - ``b`` : 8 bits
 | 
					
						
							|  |  |  |  - ``w`` : 16 bits
 | 
					
						
							|  |  |  |  - ``l`` : 32 bits
 | 
					
						
							|  |  |  |  - ``q`` : 64 bits
 | 
					
						
							| 
									
										
										
										
											2017-10-12 13:59:41 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  | Regexes for git grep
 | 
					
						
							| 
									
										
										
										
											2019-12-09 21:10:04 -08:00
										 |  |  |  - ``\<translator_ld[us]\?[bwlq]\(_swap\)\?\>``
 | 
					
						
							| 
									
										
										
										
											2017-10-12 13:59:41 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-12-09 21:10:04 -08:00
										 |  |  | ``helper_*_{ld,st}*_mmu``
 | 
					
						
							|  |  |  | ~~~~~~~~~~~~~~~~~~~~~~~~~
 | 
					
						
							| 
									
										
										
										
											2017-10-12 13:59:41 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  | These functions are intended primarily to be called by the code
 | 
					
						
							|  |  |  | generated by the TCG backend. They may also be called by target
 | 
					
						
							| 
									
										
										
										
											2019-12-09 21:10:04 -08:00
										 |  |  | CPU helper function code. Like the ``cpu_{ld,st}_mmuidx_ra`` functions
 | 
					
						
							|  |  |  | they perform accesses by guest virtual address, with a given ``mmuidx``.
 | 
					
						
							| 
									
										
										
										
											2017-10-12 13:59:41 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-12-09 21:10:04 -08:00
										 |  |  | These functions specify an ``opindex`` parameter which encodes
 | 
					
						
							|  |  |  | (among other things) the mmu index to use for the access.  This parameter
 | 
					
						
							|  |  |  | should be created by calling ``make_memop_idx()``.
 | 
					
						
							| 
									
										
										
										
											2017-10-12 13:59:41 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  | The ``retaddr`` parameter should be the result of GETPC() called directly
 | 
					
						
							|  |  |  | from the top level HELPER(foo) function (or 0 if no guest CPU state
 | 
					
						
							|  |  |  | unwinding is required).
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | **TODO** The names of these functions are a bit odd for historical
 | 
					
						
							|  |  |  | reasons because they were originally expected to be called only from
 | 
					
						
							| 
									
										
										
										
											2019-12-09 21:10:04 -08:00
										 |  |  | within generated code. We should rename them to bring them more in
 | 
					
						
							|  |  |  | line with the other memory access functions. The explicit endianness
 | 
					
						
							|  |  |  | is the only feature they have beyond ``*_mmuidx_ra``.
 | 
					
						
							| 
									
										
										
										
											2017-10-12 13:59:41 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  | load: ``helper_{endian}_ld{sign}{size}_mmu(env, addr, opindex, retaddr)``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | store: ``helper_{endian}_st{size}_mmu(env, addr, val, opindex, retaddr)``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``sign``
 | 
					
						
							|  |  |  |  - (empty) : for 32 or 64 bit sizes
 | 
					
						
							|  |  |  |  - ``u`` : unsigned
 | 
					
						
							|  |  |  |  - ``s`` : signed
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``size``
 | 
					
						
							|  |  |  |  - ``b`` : 8 bits
 | 
					
						
							|  |  |  |  - ``w`` : 16 bits
 | 
					
						
							|  |  |  |  - ``l`` : 32 bits
 | 
					
						
							|  |  |  |  - ``q`` : 64 bits
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``endian``
 | 
					
						
							|  |  |  |  - ``le`` : little endian
 | 
					
						
							|  |  |  |  - ``be`` : big endian
 | 
					
						
							|  |  |  |  - ``ret`` : target endianness
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | Regexes for git grep
 | 
					
						
							| 
									
										
										
										
											2019-12-11 11:25:10 -08:00
										 |  |  |  - ``\<helper_\(le\|be\|ret\)_ld[us]\?[bwlq]_mmu\>``
 | 
					
						
							| 
									
										
										
										
											2017-10-12 13:59:41 +01:00
										 |  |  |  - ``\<helper_\(le\|be\|ret\)_st[bwlq]_mmu\>``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``address_space_*``
 | 
					
						
							|  |  |  | ~~~~~~~~~~~~~~~~~~~
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | These functions are the primary ones to use when emulating CPU
 | 
					
						
							|  |  |  | or device memory accesses. They take an AddressSpace, which is the
 | 
					
						
							|  |  |  | way QEMU defines the view of memory that a device or CPU has.
 | 
					
						
							|  |  |  | (They generally correspond to being the "master" end of a hardware bus
 | 
					
						
							|  |  |  | or bus fabric.)
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | Each CPU has an AddressSpace. Some kinds of CPU have more than
 | 
					
						
							| 
									
										
										
										
											2020-03-09 21:58:18 +00:00
										 |  |  | one AddressSpace (for instance Arm guest CPUs have an AddressSpace
 | 
					
						
							| 
									
										
										
										
											2017-10-12 13:59:41 +01:00
										 |  |  | for the Secure world and one for NonSecure if they implement TrustZone).
 | 
					
						
							|  |  |  | Devices which can do DMA-type operations should generally have an
 | 
					
						
							|  |  |  | AddressSpace. There is also a "system address space" which typically
 | 
					
						
							|  |  |  | has all the devices and memory that all CPUs can see. (Some older
 | 
					
						
							|  |  |  | device models use the "system address space" rather than properly
 | 
					
						
							|  |  |  | modelling that they have an AddressSpace of their own.)
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | Functions are provided for doing byte-buffer reads and writes,
 | 
					
						
							|  |  |  | and also for doing one-data-item loads and stores.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | In all cases the caller provides a MemTxAttrs to specify bus
 | 
					
						
							|  |  |  | transaction attributes, and can check whether the memory transaction
 | 
					
						
							|  |  |  | succeeded using a MemTxResult return code.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``address_space_read(address_space, addr, attrs, buf, len)``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``address_space_write(address_space, addr, attrs, buf, len)``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``address_space_rw(address_space, addr, attrs, buf, len, is_write)``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``address_space_ld{sign}{size}_{endian}(address_space, addr, attrs, txresult)``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``address_space_st{size}_{endian}(address_space, addr, val, attrs, txresult)``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``sign``
 | 
					
						
							|  |  |  |  - (empty) : for 32 or 64 bit sizes
 | 
					
						
							|  |  |  |  - ``u`` : unsigned
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | (No signed load operations are provided.)
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``size``
 | 
					
						
							|  |  |  |  - ``b`` : 8 bits
 | 
					
						
							|  |  |  |  - ``w`` : 16 bits
 | 
					
						
							|  |  |  |  - ``l`` : 32 bits
 | 
					
						
							|  |  |  |  - ``q`` : 64 bits
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``endian``
 | 
					
						
							|  |  |  |  - ``le`` : little endian
 | 
					
						
							|  |  |  |  - ``be`` : big endian
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | The ``_{endian}`` suffix is omitted for byte accesses.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | Regexes for git grep
 | 
					
						
							|  |  |  |  - ``\<address_space_\(read\|write\|rw\)\>``
 | 
					
						
							|  |  |  |  - ``\<address_space_ldu\?[bwql]\(_[lb]e\)\?\>``
 | 
					
						
							|  |  |  |  - ``\<address_space_st[bwql]\(_[lb]e\)\?\>``
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-12-14 13:30:48 +00:00
										 |  |  | ``address_space_write_rom``
 | 
					
						
							|  |  |  | ~~~~~~~~~~~~~~~~~~~~~~~~~~~
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | This function performs a write by physical address like
 | 
					
						
							|  |  |  | ``address_space_write``, except that if the write is to a ROM then
 | 
					
						
							|  |  |  | the ROM contents will be modified, even though a write by the guest
 | 
					
						
							|  |  |  | CPU to the ROM would be ignored. This is used for non-guest writes
 | 
					
						
							|  |  |  | like writes from the gdb debug stub or initial loading of ROM contents.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | Note that portions of the write which attempt to write data to a
 | 
					
						
							|  |  |  | device will be silently ignored -- only real RAM and ROM will
 | 
					
						
							|  |  |  | be written to.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | Regexes for git grep
 | 
					
						
							|  |  |  |  - ``address_space_write_rom``
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-10-12 13:59:41 +01:00
										 |  |  | ``{ld,st}*_phys``
 | 
					
						
							|  |  |  | ~~~~~~~~~~~~~~~~~
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | These are functions which are identical to
 | 
					
						
							|  |  |  | ``address_space_{ld,st}*``, except that they always pass
 | 
					
						
							|  |  |  | ``MEMTXATTRS_UNSPECIFIED`` for the transaction attributes, and ignore
 | 
					
						
							|  |  |  | whether the transaction succeeded or failed.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | The fact that they ignore whether the transaction succeeded means
 | 
					
						
							|  |  |  | they should not be used in new code, unless you know for certain
 | 
					
						
							|  |  |  | that your code will only be used in a context where the CPU or
 | 
					
						
							|  |  |  | device doing the access has no way to report such an error.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``load: ld{sign}{size}_{endian}_phys``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``store: st{size}_{endian}_phys``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``sign``
 | 
					
						
							|  |  |  |  - (empty) : for 32 or 64 bit sizes
 | 
					
						
							|  |  |  |  - ``u`` : unsigned
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | (No signed load operations are provided.)
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``size``
 | 
					
						
							|  |  |  |  - ``b`` : 8 bits
 | 
					
						
							|  |  |  |  - ``w`` : 16 bits
 | 
					
						
							|  |  |  |  - ``l`` : 32 bits
 | 
					
						
							|  |  |  |  - ``q`` : 64 bits
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``endian``
 | 
					
						
							|  |  |  |  - ``le`` : little endian
 | 
					
						
							|  |  |  |  - ``be`` : big endian
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | The ``_{endian}_`` infix is omitted for byte accesses.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | Regexes for git grep
 | 
					
						
							|  |  |  |  - ``\<ldu\?[bwlq]\(_[bl]e\)\?_phys\>``
 | 
					
						
							|  |  |  |  - ``\<st[bwlq]\(_[bl]e\)\?_phys\>``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``cpu_physical_memory_*``
 | 
					
						
							|  |  |  | ~~~~~~~~~~~~~~~~~~~~~~~~~
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | These are convenience functions which are identical to
 | 
					
						
							|  |  |  | ``address_space_*`` but operate specifically on the system address space,
 | 
					
						
							|  |  |  | always pass a ``MEMTXATTRS_UNSPECIFIED`` set of memory attributes and
 | 
					
						
							|  |  |  | ignore whether the memory transaction succeeded or failed.
 | 
					
						
							|  |  |  | For new code they are better avoided:
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | * there is likely to be behaviour you need to model correctly for a
 | 
					
						
							|  |  |  |   failed read or write operation
 | 
					
						
							|  |  |  | * a device should usually perform operations on its own AddressSpace
 | 
					
						
							|  |  |  |   rather than using the system address space
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``cpu_physical_memory_read``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``cpu_physical_memory_write``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``cpu_physical_memory_rw``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | Regexes for git grep
 | 
					
						
							|  |  |  |  - ``\<cpu_physical_memory_\(read\|write\|rw\)\>``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``cpu_memory_rw_debug``
 | 
					
						
							|  |  |  | ~~~~~~~~~~~~~~~~~~~~~~~
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | Access CPU memory by virtual address for debug purposes.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | This function is intended for use by the GDB stub and similar code.
 | 
					
						
							|  |  |  | It takes a virtual address, converts it to a physical address via
 | 
					
						
							|  |  |  | an MMU lookup using the current settings of the specified CPU,
 | 
					
						
							|  |  |  | and then performs the access (using ``address_space_rw`` for
 | 
					
						
							|  |  |  | reads or ``cpu_physical_memory_write_rom`` for writes).
 | 
					
						
							|  |  |  | This means that if the access is a write to a ROM then this
 | 
					
						
							|  |  |  | function will modify the contents (whereas a normal guest CPU access
 | 
					
						
							|  |  |  | would ignore the write attempt).
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``cpu_memory_rw_debug``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``dma_memory_*``
 | 
					
						
							|  |  |  | ~~~~~~~~~~~~~~~~
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | These behave like ``address_space_*``, except that they perform a DMA
 | 
					
						
							|  |  |  | barrier operation first.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | **TODO**: We should provide guidance on when you need the DMA
 | 
					
						
							|  |  |  | barrier operation and when it's OK to use ``address_space_*``, and
 | 
					
						
							|  |  |  | make sure our existing code is doing things correctly.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``dma_memory_read``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``dma_memory_write``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``dma_memory_rw``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | Regexes for git grep
 | 
					
						
							|  |  |  |  - ``\<dma_memory_\(read\|write\|rw\)\>``
 | 
					
						
							| 
									
										
										
										
											2020-10-23 17:19:15 +02:00
										 |  |  |  - ``\<ldu\?[bwlq]\(_[bl]e\)\?_dma\>``
 | 
					
						
							|  |  |  |  - ``\<st[bwlq]\(_[bl]e\)\?_dma\>``
 | 
					
						
							| 
									
										
										
										
											2017-10-12 13:59:41 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  | ``pci_dma_*`` and ``{ld,st}*_pci_dma``
 | 
					
						
							|  |  |  | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | These functions are specifically for PCI device models which need to
 | 
					
						
							|  |  |  | perform accesses where the PCI device is a bus master. You pass them a
 | 
					
						
							|  |  |  | ``PCIDevice *`` and they will do ``dma_memory_*`` operations on the
 | 
					
						
							|  |  |  | correct address space for that device.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``pci_dma_read``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``pci_dma_write``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``pci_dma_rw``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``load: ld{sign}{size}_{endian}_pci_dma``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``store: st{size}_{endian}_pci_dma``
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``sign``
 | 
					
						
							|  |  |  |  - (empty) : for 32 or 64 bit sizes
 | 
					
						
							|  |  |  |  - ``u`` : unsigned
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | (No signed load operations are provided.)
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``size``
 | 
					
						
							|  |  |  |  - ``b`` : 8 bits
 | 
					
						
							|  |  |  |  - ``w`` : 16 bits
 | 
					
						
							|  |  |  |  - ``l`` : 32 bits
 | 
					
						
							|  |  |  |  - ``q`` : 64 bits
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``endian``
 | 
					
						
							|  |  |  |  - ``le`` : little endian
 | 
					
						
							|  |  |  |  - ``be`` : big endian
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | The ``_{endian}_`` infix is omitted for byte accesses.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | Regexes for git grep
 | 
					
						
							|  |  |  |  - ``\<pci_dma_\(read\|write\|rw\)\>``
 | 
					
						
							|  |  |  |  - ``\<ldu\?[bwlq]\(_[bl]e\)\?_pci_dma\>``
 | 
					
						
							|  |  |  |  - ``\<st[bwlq]\(_[bl]e\)\?_pci_dma\>``
 |