mvc_fast_memmove is bypassing the softmmu functions, getting the
physical source and destination addresses using the mmu_translate
function and accessing the corresponding physical memory. This
prevents watchpoints to work correctly.

Instead use the tlb_vaddr_to_host function to get the host addresses
corresponding to the guest source and destination addresses through the
softmmu code and fallback to the byte level code in case the
corresponding address are not in the QEMU TLB or being examined through
a watchpoint. As a bonus it works even for area crossing pages by
splitting the are into chunks contained in a single page, bringing some
performances improvements. We can therefore remove the 8-byte
loads/stores method, as it is now quite unlikely to be used.

At the same time change the name of the function to fast_memmove as it's
not specific to mvc and use the same argument order as the C memmove
function.
Signed-off-by: NAurelien Jarno <aurelien@aurel32.net>
Signed-off-by: NAlexander Graf <agraf@suse.de>

mvc_fast_memset is bypassing the softmmu functions, getting the
physical address using the mmu_translate function and accessing the
corresponding physical memory. This prevents watchpoints to work
correctly.

Instead use the tlb_vaddr_to_host function to get the host address
corresponding to the guest address through the softmmu code and fallback
to the byte level code in case the corresponding address is not in the
QEMU TLB or being examined through a watchpoint. As a bonus it works
even for area crossing pages by splitting the are into chunks contained
in a single page, bringing some performances improvements.

At the same time change the name of the function to fast_memset as it's
not specific to mvc and use the same argument order as the C memset
function.
Signed-off-by: NAurelien Jarno <aurelien@aurel32.net>
Signed-off-by: NAlexander Graf <agraf@suse.de>

This patch adds a function to adjust the length of a transfer so that
it doesn't cross a page boundary in softmmu mode. It does nothing in
user mode.
Signed-off-by: NAurelien Jarno <aurelien@aurel32.net>
Signed-off-by: NAlexander Graf <agraf@suse.de>

The MVC instruction and the memmove C funtion do not have the same
semantic when memory areas overlap:

MVC: When the operands overlap, the result is obtained as if the
operands were processed one byte at a time and each result byte were
stored immediately after fetching the necessary operand byte.

memmove: Copying takes place as though the bytes in src are first copied
into a temporary array that does not overlap src or dest, and the bytes
are then copied from the temporary array to dest.

The behaviour is therefore the same when the destination is at a lower
address than the source, but not in the other case. This is actually a
trick for propagating a value to an area. While the current code detects
that and call memset in that case, it only does for 1-byte value. This
trick can and is used for propagating two or more bytes to an area.

In the softmmu case, the call to mvc_fast_memmove is correct as the
above tests verify that source and destination are each within a page,
and both in a different page. The part doing the move 8 bytes by 8 bytes
is wrong and we need to check that if the source and destination
overlap, they do with a distance of minimum 8 bytes before copying 8
bytes at a time.

In the user code, we should check check that the destination is at a
lower address than source or than the end of the source is at a lower
address than the destination before calling memmove. In the opposite
case we fallback to the same code as the softmmu one. Note that l
represents (length - 1).
Signed-off-by: NAurelien Jarno <aurelien@aurel32.net>
Reviewed-by: NRichard Henderson <rth@twiddle.net>
Signed-off-by: NAlexander Graf <agraf@suse.de>

mvcp and mvcs helper get access to the physical memory by a call to
mmu_translate for the virtual to real conversion and then using ldb_phys
and stb_phys to physically access the data. In practice this is quite
slow because it bypasses the QEMU softmmu TLB and because stb_phys calls
try to invalidate the corresponding memory for each access.

Instead use cpu_ldb_{primary,secondary} for the loads and
cpu_stb_{primary,secondary} for the stores. Ideally this should be
further optimized by a call to memcpy, but that already improves the
boot time of a guest by a factor 1.8.
Signed-off-by: NAurelien Jarno <aurelien@aurel32.net>
Reviewed-by: NRichard Henderson <rth@twiddle.net>
Signed-off-by: NAlexander Graf <agraf@suse.de>

It is part of the basic zArchitecture instructions.
Signed-off-by: NAurelien Jarno <aurelien@aurel32.net>
Reviewed-by: NRichard Henderson <rth@twiddle.net>
Signed-off-by: NAlexander Graf <agraf@suse.de>

It is part of the basic zArchitecture instructions. Allow it to be call
from EXECUTE.
Reviewed-by: NRichard Henderson <rth@twiddle.net>
Signed-off-by: NAurelien Jarno <aurelien@aurel32.net>
Signed-off-by: NAlexander Graf <agraf@suse.de>

When a fault occurs during the MMU lookup in s390_cpu_get_phys_page_debug(),
the trigger_page_fault() function writes the translation exception code
into the lowcore - something you would not expect during a memory access
by the debugger. Ease this problem by adding an additional parameter to
mmu_translate() which can be used to specify whether a program check and
the translation exception code should be injected or not.
Signed-off-by: NThomas Huth <thuth@linux.vnet.ibm.com>
Signed-off-by: NJens Freimann <jfrei@linux.vnet.ibm.com>
Signed-off-by: NChristian Borntraeger <borntraeger@de.ibm.com>

This is needed to run the GMP testsuite.
Reported-by: NTorbjorn Granlund <torbjorng@google.com>
Tested-by: NTorbjorn Granlund <torbjorng@google.com>
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
Signed-off-by: NRichard Henderson <rth@twiddle.net>

Signed-off-by: NRichard Henderson <rth@twiddle.net>

We were storing 16 bits instead of 32.
Signed-off-by: NRichard Henderson <rth@twiddle.net>

This will collect all load and store helpers soon.  For now
it is just a replacement for softmmu_exec.h, which this patch
stops including directly, but we also include it where this will
be necessary in order to simplify the next patch.
Reviewed-by: NRichard Henderson <rth@twiddle.net>
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>

They do not need to be in op_helper.c.  Because cputlb.c now includes
softmmu_template.h twice for each size, io_readX must be elided the
second time through.
Reviewed-by: NRichard Henderson <rth@twiddle.net>
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>

Rather than include helper.h with N values of GEN_HELPER, include a
secondary file that sets up the macros to include helper.h.  This
minimizes the files that must be rebuilt when changing the macros
for file N.
Reviewed-by: NAlex Bennée <alex.bennee@linaro.org>
Signed-off-by: NRichard Henderson <rth@twiddle.net>

Signed-off-by: NAndreas Färber <afaerber@suse.de>

Signed-off-by: NAndreas Färber <afaerber@suse.de>

Signed-off-by: NAndreas Färber <afaerber@suse.de>

This lets us drop some local variables in tlb_fill() functions.
Signed-off-by: NAndreas Färber <afaerber@suse.de>

Signed-off-by: NAndreas Färber <afaerber@suse.de>

Signed-off-by: NAndreas Färber <afaerber@suse.de>

Signed-off-by: NAndreas Färber <afaerber@suse.de>

Note that while such functions may exist both for *-user and softmmu,
only *-user uses the CPUState hook, while softmmu reuses the prototype
for calling it directly.
Signed-off-by: NAndreas Färber <afaerber@suse.de>

Commits f606604f,
2c17449b and
5ce5944d added usages of ENV_GET_CPU()
macro in target-specific code.

Use s390_env_get_cpu() instead.

Cc: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: NAndreas Färber <afaerber@suse.de>

Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NEdgar E. Iglesias <edgar.iglesias@xilinx.com>

Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NEdgar E. Iglesias <edgar.iglesias@xilinx.com>

Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NEdgar E. Iglesias <edgar.iglesias@xilinx.com>

Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NEdgar E. Iglesias <edgar.iglesias@xilinx.com>

Fix these warnings from cppcheck:

hw/display/cirrus_vga.c:2603:
hw/sd/sd.c:348:
hw/timer/exynos4210_mct.c:1033:
target-arm/translate.c:9886:
target-s390x/mem_helper.c:518:
target-unicore32/translate.c:1936:
 style: Consecutive return, break, continue, goto or throw statements are unnecessary.
Signed-off-by: NStefan Weil <sw@weilnetz.de>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: NAndreas Färber <afaerber@suse.de>
Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>

Minor fixes to documentation and code comments.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com>

Still no proper solution for CONFIG_USER_ONLY, but the system
version is significantly better.
Signed-off-by: NRichard Henderson <rth@twiddle.net>

Signed-off-by: NRichard Henderson <rth@twiddle.net>

Signed-off-by: NRichard Henderson <rth@twiddle.net>

Signed-off-by: NRichard Henderson <rth@twiddle.net>

Signed-off-by: NRichard Henderson <rth@twiddle.net>

Signed-off-by: NRichard Henderson <rth@twiddle.net>

Signed-off-by: NRichard Henderson <rth@twiddle.net>

Signed-off-by: NRichard Henderson <rth@twiddle.net>

Signed-off-by: NRichard Henderson <rth@twiddle.net>

Signed-off-by: NRichard Henderson <rth@twiddle.net>

Signed-off-by: NRichard Henderson <rth@twiddle.net>