mirror of https://github.com/proxmox/mirror_qemu
accel/tcg: Call save_iotlb_data from io_readx as well
Apply save_iotlb_data() to io_readx() as well as to io_writex(). This fixes SEGFAULT on qemu_plugin_hwaddr_phys_addr() call plugins for addresses inside of MMIO region. Signed-off-by: Dmitriy Solovev <d.solovev@yadro.com> Signed-off-by: Mikhail Tyutin <m.tyutin@yadro.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20230804110903.19968-1-m.tyutin@yadro.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>master
parent
f7eaf9d702
commit
c30d0b861c
|
@ -1363,6 +1363,21 @@ static inline void cpu_transaction_failed(CPUState *cpu, hwaddr physaddr,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Save a potentially trashed CPUTLBEntryFull for later lookup by plugin.
|
||||||
|
* This is read by tlb_plugin_lookup if the fulltlb entry doesn't match
|
||||||
|
* because of the side effect of io_writex changing memory layout.
|
||||||
|
*/
|
||||||
|
static void save_iotlb_data(CPUState *cs, MemoryRegionSection *section,
|
||||||
|
hwaddr mr_offset)
|
||||||
|
{
|
||||||
|
#ifdef CONFIG_PLUGIN
|
||||||
|
SavedIOTLB *saved = &cs->saved_iotlb;
|
||||||
|
saved->section = section;
|
||||||
|
saved->mr_offset = mr_offset;
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
static uint64_t io_readx(CPUArchState *env, CPUTLBEntryFull *full,
|
static uint64_t io_readx(CPUArchState *env, CPUTLBEntryFull *full,
|
||||||
int mmu_idx, vaddr addr, uintptr_t retaddr,
|
int mmu_idx, vaddr addr, uintptr_t retaddr,
|
||||||
MMUAccessType access_type, MemOp op)
|
MMUAccessType access_type, MemOp op)
|
||||||
|
@ -1382,6 +1397,12 @@ static uint64_t io_readx(CPUArchState *env, CPUTLBEntryFull *full,
|
||||||
cpu_io_recompile(cpu, retaddr);
|
cpu_io_recompile(cpu, retaddr);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The memory_region_dispatch may trigger a flush/resize
|
||||||
|
* so for plugins we save the iotlb_data just in case.
|
||||||
|
*/
|
||||||
|
save_iotlb_data(cpu, section, mr_offset);
|
||||||
|
|
||||||
{
|
{
|
||||||
QEMU_IOTHREAD_LOCK_GUARD();
|
QEMU_IOTHREAD_LOCK_GUARD();
|
||||||
r = memory_region_dispatch_read(mr, mr_offset, &val, op, full->attrs);
|
r = memory_region_dispatch_read(mr, mr_offset, &val, op, full->attrs);
|
||||||
|
@ -1398,21 +1419,6 @@ static uint64_t io_readx(CPUArchState *env, CPUTLBEntryFull *full,
|
||||||
return val;
|
return val;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
|
||||||
* Save a potentially trashed CPUTLBEntryFull for later lookup by plugin.
|
|
||||||
* This is read by tlb_plugin_lookup if the fulltlb entry doesn't match
|
|
||||||
* because of the side effect of io_writex changing memory layout.
|
|
||||||
*/
|
|
||||||
static void save_iotlb_data(CPUState *cs, MemoryRegionSection *section,
|
|
||||||
hwaddr mr_offset)
|
|
||||||
{
|
|
||||||
#ifdef CONFIG_PLUGIN
|
|
||||||
SavedIOTLB *saved = &cs->saved_iotlb;
|
|
||||||
saved->section = section;
|
|
||||||
saved->mr_offset = mr_offset;
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
|
|
||||||
static void io_writex(CPUArchState *env, CPUTLBEntryFull *full,
|
static void io_writex(CPUArchState *env, CPUTLBEntryFull *full,
|
||||||
int mmu_idx, uint64_t val, vaddr addr,
|
int mmu_idx, uint64_t val, vaddr addr,
|
||||||
uintptr_t retaddr, MemOp op)
|
uintptr_t retaddr, MemOp op)
|
||||||
|
|
Loading…
Reference in New Issue