Patchwork [RFC,qom-cpu,18/41] exec: Change tlb_fill() argument to CPUState

login
register
mail settings
Submitter Andreas Färber
Date Sept. 4, 2013, 9:04 a.m.
Message ID <1378285521-3230-19-git-send-email-afaerber@suse.de>
Download mbox | patch
Permalink /patch/272520/
State New
Headers show

Comments

Andreas Färber - Sept. 4, 2013, 9:04 a.m.
Signed-off-by: Andreas Färber <afaerber@suse.de>
---
 include/exec/exec-all.h         |  2 +-
 include/exec/softmmu_template.h |  4 ++--
 target-alpha/mem_helper.c       |  8 +++++---
 target-arm/op_helper.c          | 12 +++++++-----
 target-cris/op_helper.c         |  7 ++++---
 target-i386/mem_helper.c        | 12 +++++++-----
 target-lm32/op_helper.c         | 13 ++++++++-----
 target-m68k/op_helper.c         |  8 +++++---
 target-microblaze/op_helper.c   | 13 ++++++++-----
 target-mips/op_helper.c         |  7 ++++---
 target-moxie/helper.c           |  7 ++++---
 target-openrisc/mmu_helper.c    |  8 +++++---
 target-ppc/mmu_helper.c         |  9 +++++----
 target-s390x/mem_helper.c       |  8 +++++---
 target-sh4/op_helper.c          |  8 +++++---
 target-sparc/ldst_helper.c      |  8 +++++---
 target-unicore32/op_helper.c    |  8 +++++---
 target-xtensa/op_helper.c       |  6 ++++--
 18 files changed, 89 insertions(+), 59 deletions(-)
Jia Liu - Sept. 4, 2013, 12:49 p.m.
On Wed, Sep 4, 2013 at 5:04 PM, Andreas Färber <afaerber@suse.de> wrote:
> Signed-off-by: Andreas Färber <afaerber@suse.de>
> ---
>  include/exec/exec-all.h         |  2 +-
>  include/exec/softmmu_template.h |  4 ++--
>  target-alpha/mem_helper.c       |  8 +++++---
>  target-arm/op_helper.c          | 12 +++++++-----
>  target-cris/op_helper.c         |  7 ++++---
>  target-i386/mem_helper.c        | 12 +++++++-----
>  target-lm32/op_helper.c         | 13 ++++++++-----
>  target-m68k/op_helper.c         |  8 +++++---
>  target-microblaze/op_helper.c   | 13 ++++++++-----
>  target-mips/op_helper.c         |  7 ++++---
>  target-moxie/helper.c           |  7 ++++---
>  target-openrisc/mmu_helper.c    |  8 +++++---
>  target-ppc/mmu_helper.c         |  9 +++++----
>  target-s390x/mem_helper.c       |  8 +++++---
>  target-sh4/op_helper.c          |  8 +++++---
>  target-sparc/ldst_helper.c      |  8 +++++---
>  target-unicore32/op_helper.c    |  8 +++++---
>  target-xtensa/op_helper.c       |  6 ++++--
>  18 files changed, 89 insertions(+), 59 deletions(-)
>
> diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
> index e61b3f1..4429924 100644
> --- a/include/exec/exec-all.h
> +++ b/include/exec/exec-all.h
> @@ -374,7 +374,7 @@ bool io_mem_read(struct MemoryRegion *mr, hwaddr addr,
>  bool io_mem_write(struct MemoryRegion *mr, hwaddr addr,
>                    uint64_t value, unsigned size);
>
> -void tlb_fill(CPUArchState *env1, target_ulong addr, int is_write, int mmu_idx,
> +void tlb_fill(CPUState *cpu, target_ulong addr, int is_write, int mmu_idx,
>                uintptr_t retaddr);
>
>  uint8_t helper_ldb_cmmu(CPUArchState *env, target_ulong addr, int mmu_idx);
> diff --git a/include/exec/softmmu_template.h b/include/exec/softmmu_template.h
> index bbfda31..8dc0901 100644
> --- a/include/exec/softmmu_template.h
> +++ b/include/exec/softmmu_template.h
> @@ -114,7 +114,7 @@ glue(glue(helper_ret_ld, USUFFIX), MMUSUFFIX)(CPUArchState *env,
>              do_unaligned_access(env, addr, READ_ACCESS_TYPE, mmu_idx, retaddr);
>          }
>  #endif
> -        tlb_fill(env, addr, READ_ACCESS_TYPE, mmu_idx, retaddr);
> +        tlb_fill(ENV_GET_CPU(env), addr, READ_ACCESS_TYPE, mmu_idx, retaddr);
>          tlb_addr = env->tlb_table[mmu_idx][index].ADDR_READ;
>      }
>
> @@ -230,7 +230,7 @@ glue(glue(helper_ret_st, SUFFIX), MMUSUFFIX)(CPUArchState *env,
>              do_unaligned_access(env, addr, 1, mmu_idx, retaddr);
>          }
>  #endif
> -        tlb_fill(env, addr, 1, mmu_idx, retaddr);
> +        tlb_fill(ENV_GET_CPU(env), addr, 1, mmu_idx, retaddr);
>          tlb_addr = env->tlb_table[mmu_idx][index].addr_write;
>      }
>
> diff --git a/target-alpha/mem_helper.c b/target-alpha/mem_helper.c
> index 22fcbe1..c6c0182 100644
> --- a/target-alpha/mem_helper.c
> +++ b/target-alpha/mem_helper.c
> @@ -144,14 +144,16 @@ void alpha_cpu_unassigned_access(CPUState *cs, hwaddr addr,
>     NULL, it means that the function was called in C code (i.e. not
>     from generated code or from helper.c) */
>  /* XXX: fix it to restore all registers */
> -void tlb_fill(CPUAlphaState *env, target_ulong addr, int is_write,
> +void tlb_fill(CPUState *cs, target_ulong addr, int is_write,
>                int mmu_idx, uintptr_t retaddr)
>  {
> -    AlphaCPU *cpu = alpha_env_get_cpu(env);
>      int ret;
>
> -    ret = alpha_cpu_handle_mmu_fault(CPU(cpu), addr, is_write, mmu_idx);
> +    ret = alpha_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
>      if (unlikely(ret != 0)) {
> +        AlphaCPU *cpu = ALPHA_CPU(cs);
> +        CPUAlphaState *env = &cpu->env;
> +
>          if (retaddr) {
>              cpu_restore_state(env, retaddr);
>          }
> diff --git a/target-arm/op_helper.c b/target-arm/op_helper.c
> index 2c2b3b7..d05f522 100644
> --- a/target-arm/op_helper.c
> +++ b/target-arm/op_helper.c
> @@ -72,17 +72,19 @@ uint32_t HELPER(neon_tbl)(CPUARMState *env, uint32_t ireg, uint32_t def,
>  #include "exec/softmmu_template.h"
>
>  /* try to fill the TLB and return an exception if error. If retaddr is
> -   NULL, it means that the function was called in C code (i.e. not
> -   from generated code or from helper.c) */
> -void tlb_fill(CPUARMState *env, target_ulong addr, int is_write, int mmu_idx,
> + * NULL, it means that the function was called in C code (i.e. not
> + * from generated code or from helper.c)
> + */
> +void tlb_fill(CPUState *cs, target_ulong addr, int is_write, int mmu_idx,
>                uintptr_t retaddr)
>  {
> -    ARMCPU *cpu = arm_env_get_cpu(env);
> -    CPUState *cs = CPU(cpu);
>      int ret;
>
>      ret = arm_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
>      if (unlikely(ret)) {
> +        ARMCPU *cpu = ARM_CPU(cs);
> +        CPUARMState *env = &cpu->env;
> +
>          if (retaddr) {
>              /* now we have a real cpu fault */
>              cpu_restore_state(env, retaddr);
> diff --git a/target-cris/op_helper.c b/target-cris/op_helper.c
> index 9b20b94..68a5caa 100644
> --- a/target-cris/op_helper.c
> +++ b/target-cris/op_helper.c
> @@ -54,15 +54,16 @@
>  /* Try to fill the TLB and return an exception if error. If retaddr is
>     NULL, it means that the function was called in C code (i.e. not
>     from generated code or from helper.c) */
> -void tlb_fill(CPUCRISState *env, target_ulong addr, int is_write, int mmu_idx,
> +void tlb_fill(CPUState *cs, target_ulong addr, int is_write, int mmu_idx,
>                uintptr_t retaddr)
>  {
> -    CRISCPU *cpu = cris_env_get_cpu(env);
> +    CRISCPU *cpu = CRIS_CPU(cs);
> +    CPUCRISState *env = &cpu->env;
>      int ret;
>
>      D_LOG("%s pc=%x tpc=%x ra=%p\n", __func__,
>            env->pc, env->pregs[PR_EDA], (void *)retaddr);
> -    ret = cris_cpu_handle_mmu_fault(CPU(cpu), addr, is_write, mmu_idx);
> +    ret = cris_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
>      if (unlikely(ret)) {
>          if (retaddr) {
>              /* now we have a real cpu fault */
> diff --git a/target-i386/mem_helper.c b/target-i386/mem_helper.c
> index c0d3b45..2f0691b 100644
> --- a/target-i386/mem_helper.c
> +++ b/target-i386/mem_helper.c
> @@ -129,18 +129,20 @@ void helper_boundl(CPUX86State *env, target_ulong a0, int v)
>
>  #if !defined(CONFIG_USER_ONLY)
>  /* try to fill the TLB and return an exception if error. If retaddr is
> -   NULL, it means that the function was called in C code (i.e. not
> -   from generated code or from helper.c) */
> + * NULL, it means that the function was called in C code (i.e. not
> + * from generated code or from helper.c)
> + */
>  /* XXX: fix it to restore all registers */
> -void tlb_fill(CPUX86State *env, target_ulong addr, int is_write, int mmu_idx,
> +void tlb_fill(CPUState *cs, target_ulong addr, int is_write, int mmu_idx,
>                uintptr_t retaddr)
>  {
> -    X86CPU *cpu = x86_env_get_cpu(env);
> -    CPUState *cs = CPU(cpu);
>      int ret;
>
>      ret = x86_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
>      if (ret) {
> +        X86CPU *cpu = X86_CPU(cs);
> +        CPUX86State *env = &cpu->env;
> +
>          if (retaddr) {
>              /* now we have a real cpu fault */
>              cpu_restore_state(env, retaddr);
> diff --git a/target-lm32/op_helper.c b/target-lm32/op_helper.c
> index c7ad910..d4ee1ba 100644
> --- a/target-lm32/op_helper.c
> +++ b/target-lm32/op_helper.c
> @@ -77,16 +77,19 @@ uint32_t HELPER(rcsr_jrx)(CPULM32State *env)
>  }
>
>  /* Try to fill the TLB and return an exception if error. If retaddr is
> -   NULL, it means that the function was called in C code (i.e. not
> -   from generated code or from helper.c) */
> -void tlb_fill(CPULM32State *env, target_ulong addr, int is_write, int mmu_idx,
> + * NULL, it means that the function was called in C code (i.e. not
> + * from generated code or from helper.c)
> + */
> +void tlb_fill(CPUState *cs, target_ulong addr, int is_write, int mmu_idx,
>                uintptr_t retaddr)
>  {
> -    LM32CPU *cpu = lm32_env_get_cpu(env);
>      int ret;
>
> -    ret = lm32_cpu_handle_mmu_fault(CPU(cpu), addr, is_write, mmu_idx);
> +    ret = lm32_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
>      if (unlikely(ret)) {
> +        LM32CPU *cpu = LM32_CPU(cs);
> +        CPULM32State *env = &cpu->env;
> +
>          if (retaddr) {
>              /* now we have a real cpu fault */
>              cpu_restore_state(env, retaddr);
> diff --git a/target-m68k/op_helper.c b/target-m68k/op_helper.c
> index 466ad0c..9ad3a9d 100644
> --- a/target-m68k/op_helper.c
> +++ b/target-m68k/op_helper.c
> @@ -53,14 +53,16 @@ extern int semihosting_enabled;
>  /* Try to fill the TLB and return an exception if error. If retaddr is
>     NULL, it means that the function was called in C code (i.e. not
>     from generated code or from helper.c) */
> -void tlb_fill(CPUM68KState *env, target_ulong addr, int is_write, int mmu_idx,
> +void tlb_fill(CPUState *cs, target_ulong addr, int is_write, int mmu_idx,
>                uintptr_t retaddr)
>  {
> -    M68kCPU *cpu = m68k_env_get_cpu(env);
>      int ret;
>
> -    ret = m68k_cpu_handle_mmu_fault(CPU(cpu), addr, is_write, mmu_idx);
> +    ret = m68k_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
>      if (unlikely(ret)) {
> +        M68kCPU *cpu = M68K_CPU(cs);
> +        CPUM68KState *env = &cpu->env;
> +
>          if (retaddr) {
>              /* now we have a real cpu fault */
>              cpu_restore_state(env, retaddr);
> diff --git a/target-microblaze/op_helper.c b/target-microblaze/op_helper.c
> index 318185a..9e39411 100644
> --- a/target-microblaze/op_helper.c
> +++ b/target-microblaze/op_helper.c
> @@ -39,16 +39,19 @@
>  #include "exec/softmmu_template.h"
>
>  /* Try to fill the TLB and return an exception if error. If retaddr is
> -   NULL, it means that the function was called in C code (i.e. not
> -   from generated code or from helper.c) */
> -void tlb_fill(CPUMBState *env, target_ulong addr, int is_write, int mmu_idx,
> + * NULL, it means that the function was called in C code (i.e. not
> + * from generated code or from helper.c)
> + */
> +void tlb_fill(CPUState *cs, target_ulong addr, int is_write, int mmu_idx,
>                uintptr_t retaddr)
>  {
> -    MicroBlazeCPU *cpu = mb_env_get_cpu(env);
>      int ret;
>
> -    ret = mb_cpu_handle_mmu_fault(CPU(cpu), addr, is_write, mmu_idx);
> +    ret = mb_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
>      if (unlikely(ret)) {
> +        MicroBlazeCPU *cpu = MICROBLAZE_CPU(cs);
> +        CPUMBState *env = &cpu->env;
> +
>          if (retaddr) {
>              /* now we have a real cpu fault */
>              cpu_restore_state(env, retaddr);
> diff --git a/target-mips/op_helper.c b/target-mips/op_helper.c
> index eeb98a6..7208659 100644
> --- a/target-mips/op_helper.c
> +++ b/target-mips/op_helper.c
> @@ -2133,15 +2133,16 @@ static void do_unaligned_access(CPUMIPSState *env, target_ulong addr,
>      do_raise_exception(env, (is_write == 1) ? EXCP_AdES : EXCP_AdEL, retaddr);
>  }
>
> -void tlb_fill(CPUMIPSState *env, target_ulong addr, int is_write, int mmu_idx,
> +void tlb_fill(CPUState *cs, target_ulong addr, int is_write, int mmu_idx,
>                uintptr_t retaddr)
>  {
> -    MIPSCPU *cpu = mips_env_get_cpu(env);
> -    CPUState *cs = CPU(cpu);
>      int ret;
>
>      ret = mips_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
>      if (ret) {
> +        MIPSCPU *cpu = MIPS_CPU(cs);
> +        CPUMIPSState *env = &cpu->env;
> +
>          do_raise_exception_err(env, cs->exception_index,
>                                 env->error_code, retaddr);
>      }
> diff --git a/target-moxie/helper.c b/target-moxie/helper.c
> index 3b14f37..06a4c72 100644
> --- a/target-moxie/helper.c
> +++ b/target-moxie/helper.c
> @@ -46,13 +46,14 @@
>  /* Try to fill the TLB and return an exception if error. If retaddr is
>     NULL, it means that the function was called in C code (i.e. not
>     from generated code or from helper.c) */
> -void tlb_fill(CPUMoxieState *env, target_ulong addr, int is_write, int mmu_idx,
> +void tlb_fill(CPUState *cs, target_ulong addr, int is_write, int mmu_idx,
>                uintptr_t retaddr)
>  {
> -    MoxieCPU *cpu = moxie_env_get_cpu(env);
> +    MoxieCPU *cpu = MOXIE_CPU(cs);
> +    CPUMoxieState *env = &cpu->env;
>      int ret;
>
> -    ret = moxie_cpu_handle_mmu_fault(CPU(cpu), addr, is_write, mmu_idx);
> +    ret = moxie_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
>      if (unlikely(ret)) {
>          if (retaddr) {
>              cpu_restore_state(env, retaddr);
> diff --git a/target-openrisc/mmu_helper.c b/target-openrisc/mmu_helper.c
> index b023a5f..e3fe6c7 100644
> --- a/target-openrisc/mmu_helper.c
> +++ b/target-openrisc/mmu_helper.c
> @@ -36,15 +36,17 @@
>  #define SHIFT 3
>  #include "exec/softmmu_template.h"
>
> -void tlb_fill(CPUOpenRISCState *env, target_ulong addr, int is_write,
> +void tlb_fill(CPUState *cs, target_ulong addr, int is_write,
>                int mmu_idx, uintptr_t retaddr)
>  {
> -    OpenRISCCPU *cpu = openrisc_env_get_cpu(env);
>      int ret;
>
> -    ret = openrisc_cpu_handle_mmu_fault(CPU(cpu), addr, is_write, mmu_idx);
> +    ret = openrisc_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
>
>      if (ret) {
> +        OpenRISCCPU *cpu = OPENRISC_CPU(cs);
> +        CPUOpenRISCState *env = &cpu->env;
> +
>          if (retaddr) {
>              /* now we have a real cpu fault.  */
>              cpu_restore_state(env, retaddr);
> diff --git a/target-ppc/mmu_helper.c b/target-ppc/mmu_helper.c
> index 79a9134..cc31482 100644
> --- a/target-ppc/mmu_helper.c
> +++ b/target-ppc/mmu_helper.c
> @@ -2892,11 +2892,12 @@ void helper_booke206_tlbflush(CPUPPCState *env, uint32_t type)
>     NULL, it means that the function was called in C code (i.e. not
>     from generated code or from helper.c) */
>  /* XXX: fix it to restore all registers */
> -void tlb_fill(CPUPPCState *env, target_ulong addr, int is_write, int mmu_idx,
> +void tlb_fill(CPUState *cs, target_ulong addr, int is_write, int mmu_idx,
>                uintptr_t retaddr)
>  {
> -    CPUState *cpu = CPU(ppc_env_get_cpu(env));
> -    PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu);
> +    PowerPCCPU *cpu = POWERPC_CPU(cs);
> +    PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cs);
> +    CPUPPCState *env = &cpu->env;
>      int ret;
>
>      if (pcc->handle_mmu_fault) {
> @@ -2909,6 +2910,6 @@ void tlb_fill(CPUPPCState *env, target_ulong addr, int is_write, int mmu_idx,
>              /* now we have a real cpu fault */
>              cpu_restore_state(env, retaddr);
>          }
> -        helper_raise_exception_err(env, cpu->exception_index, env->error_code);
> +        helper_raise_exception_err(env, cs->exception_index, env->error_code);
>      }
>  }
> diff --git a/target-s390x/mem_helper.c b/target-s390x/mem_helper.c
> index e2748a7..8bd131b 100644
> --- a/target-s390x/mem_helper.c
> +++ b/target-s390x/mem_helper.c
> @@ -44,14 +44,16 @@
>     NULL, it means that the function was called in C code (i.e. not
>     from generated code or from helper.c) */
>  /* XXX: fix it to restore all registers */
> -void tlb_fill(CPUS390XState *env, target_ulong addr, int is_write, int mmu_idx,
> +void tlb_fill(CPUState *cs, target_ulong addr, int is_write, int mmu_idx,
>                uintptr_t retaddr)
>  {
> -    S390CPU *cpu = s390_env_get_cpu(env);
>      int ret;
>
> -    ret = s390_cpu_handle_mmu_fault(CPU(cpu), addr, is_write, mmu_idx);
> +    ret = s390_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
>      if (unlikely(ret != 0)) {
> +        S390CPU *cpu = S390_CPU(cs);
> +        CPUS390XState *env = &cpu->env;
> +
>          if (likely(retaddr)) {
>              /* now we have a real cpu fault */
>              cpu_restore_state(env, retaddr);
> diff --git a/target-sh4/op_helper.c b/target-sh4/op_helper.c
> index 03633f0..6e527cf 100644
> --- a/target-sh4/op_helper.c
> +++ b/target-sh4/op_helper.c
> @@ -38,15 +38,17 @@
>  #define SHIFT 3
>  #include "exec/softmmu_template.h"
>
> -void tlb_fill(CPUSH4State *env, target_ulong addr, int is_write, int mmu_idx,
> +void tlb_fill(CPUState *cs, target_ulong addr, int is_write, int mmu_idx,
>                uintptr_t retaddr)
>  {
> -    SuperHCPU *cpu = sh_env_get_cpu(env);
>      int ret;
>
> -    ret = superh_cpu_handle_mmu_fault(CPU(cpu), addr, is_write, mmu_idx);
> +    ret = superh_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
>      if (ret) {
>          /* now we have a real cpu fault */
> +        SuperHCPU *cpu = SUPERH_CPU(cs);
> +        CPUSH4State *env = &cpu->env;
> +
>          if (retaddr) {
>              cpu_restore_state(env, retaddr);
>          }
> diff --git a/target-sparc/ldst_helper.c b/target-sparc/ldst_helper.c
> index af7c289..973fcb6 100644
> --- a/target-sparc/ldst_helper.c
> +++ b/target-sparc/ldst_helper.c
> @@ -2430,14 +2430,16 @@ static void QEMU_NORETURN do_unaligned_access(CPUSPARCState *env,
>     NULL, it means that the function was called in C code (i.e. not
>     from generated code or from helper.c) */
>  /* XXX: fix it to restore all registers */
> -void tlb_fill(CPUSPARCState *env, target_ulong addr, int is_write, int mmu_idx,
> +void tlb_fill(CPUState *cs, target_ulong addr, int is_write, int mmu_idx,
>                uintptr_t retaddr)
>  {
> -    SPARCCPU *cpu = sparc_env_get_cpu(env);
>      int ret;
>
> -    ret = sparc_cpu_handle_mmu_fault(CPU(cpu), addr, is_write, mmu_idx);
> +    ret = sparc_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
>      if (ret) {
> +        SPARCCPU *cpu = SPARC_CPU(cs);
> +        CPUSPARCState *env = &cpu->env;
> +
>          if (retaddr) {
>              cpu_restore_state(env, retaddr);
>          }
> diff --git a/target-unicore32/op_helper.c b/target-unicore32/op_helper.c
> index cd2cbef..3efc6a8 100644
> --- a/target-unicore32/op_helper.c
> +++ b/target-unicore32/op_helper.c
> @@ -257,14 +257,16 @@ uint32_t HELPER(ror_cc)(CPUUniCore32State *env, uint32_t x, uint32_t i)
>  #define SHIFT 3
>  #include "exec/softmmu_template.h"
>
> -void tlb_fill(CPUUniCore32State *env, target_ulong addr, int is_write,
> +void tlb_fill(CPUState *cs, target_ulong addr, int is_write,
>                int mmu_idx, uintptr_t retaddr)
>  {
> -    UniCore32CPU *cpu = uc32_env_get_cpu(env);
>      int ret;
>
> -    ret = uc32_cpu_handle_mmu_fault(CPU(cpu), addr, is_write, mmu_idx);
> +    ret = uc32_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
>      if (unlikely(ret)) {
> +        UniCore32CPU *cpu = UNICORE32_CPU(cs);
> +        CPUUniCore32State *env = &cpu->env;
> +
>          if (retaddr) {
>              /* now we have a real cpu fault */
>              cpu_restore_state(env, retaddr);
> diff --git a/target-xtensa/op_helper.c b/target-xtensa/op_helper.c
> index 2e006e4..cc1d5e2 100644
> --- a/target-xtensa/op_helper.c
> +++ b/target-xtensa/op_helper.c
> @@ -59,9 +59,11 @@ static void do_unaligned_access(CPUXtensaState *env,
>      }
>  }
>
> -void tlb_fill(CPUXtensaState *env,
> -        target_ulong vaddr, int is_write, int mmu_idx, uintptr_t retaddr)
> +void tlb_fill(CPUState *cs,
> +              target_ulong vaddr, int is_write, int mmu_idx, uintptr_t retaddr)
>  {
> +    XtensaCPU *cpu = XTENSA_CPU(cs);
> +    CPUXtensaState *env = &cpu->env;
>      uint32_t paddr;
>      uint32_t page_size;
>      unsigned access;

target-openrisc: Tested-by: Jia Liu <proljc@gmail.com>

> --
> 1.8.1.4
>

Patch

diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index e61b3f1..4429924 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -374,7 +374,7 @@  bool io_mem_read(struct MemoryRegion *mr, hwaddr addr,
 bool io_mem_write(struct MemoryRegion *mr, hwaddr addr,
                   uint64_t value, unsigned size);
 
-void tlb_fill(CPUArchState *env1, target_ulong addr, int is_write, int mmu_idx,
+void tlb_fill(CPUState *cpu, target_ulong addr, int is_write, int mmu_idx,
               uintptr_t retaddr);
 
 uint8_t helper_ldb_cmmu(CPUArchState *env, target_ulong addr, int mmu_idx);
diff --git a/include/exec/softmmu_template.h b/include/exec/softmmu_template.h
index bbfda31..8dc0901 100644
--- a/include/exec/softmmu_template.h
+++ b/include/exec/softmmu_template.h
@@ -114,7 +114,7 @@  glue(glue(helper_ret_ld, USUFFIX), MMUSUFFIX)(CPUArchState *env,
             do_unaligned_access(env, addr, READ_ACCESS_TYPE, mmu_idx, retaddr);
         }
 #endif
-        tlb_fill(env, addr, READ_ACCESS_TYPE, mmu_idx, retaddr);
+        tlb_fill(ENV_GET_CPU(env), addr, READ_ACCESS_TYPE, mmu_idx, retaddr);
         tlb_addr = env->tlb_table[mmu_idx][index].ADDR_READ;
     }
 
@@ -230,7 +230,7 @@  glue(glue(helper_ret_st, SUFFIX), MMUSUFFIX)(CPUArchState *env,
             do_unaligned_access(env, addr, 1, mmu_idx, retaddr);
         }
 #endif
-        tlb_fill(env, addr, 1, mmu_idx, retaddr);
+        tlb_fill(ENV_GET_CPU(env), addr, 1, mmu_idx, retaddr);
         tlb_addr = env->tlb_table[mmu_idx][index].addr_write;
     }
 
diff --git a/target-alpha/mem_helper.c b/target-alpha/mem_helper.c
index 22fcbe1..c6c0182 100644
--- a/target-alpha/mem_helper.c
+++ b/target-alpha/mem_helper.c
@@ -144,14 +144,16 @@  void alpha_cpu_unassigned_access(CPUState *cs, hwaddr addr,
    NULL, it means that the function was called in C code (i.e. not
    from generated code or from helper.c) */
 /* XXX: fix it to restore all registers */
-void tlb_fill(CPUAlphaState *env, target_ulong addr, int is_write,
+void tlb_fill(CPUState *cs, target_ulong addr, int is_write,
               int mmu_idx, uintptr_t retaddr)
 {
-    AlphaCPU *cpu = alpha_env_get_cpu(env);
     int ret;
 
-    ret = alpha_cpu_handle_mmu_fault(CPU(cpu), addr, is_write, mmu_idx);
+    ret = alpha_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
     if (unlikely(ret != 0)) {
+        AlphaCPU *cpu = ALPHA_CPU(cs);
+        CPUAlphaState *env = &cpu->env;
+
         if (retaddr) {
             cpu_restore_state(env, retaddr);
         }
diff --git a/target-arm/op_helper.c b/target-arm/op_helper.c
index 2c2b3b7..d05f522 100644
--- a/target-arm/op_helper.c
+++ b/target-arm/op_helper.c
@@ -72,17 +72,19 @@  uint32_t HELPER(neon_tbl)(CPUARMState *env, uint32_t ireg, uint32_t def,
 #include "exec/softmmu_template.h"
 
 /* try to fill the TLB and return an exception if error. If retaddr is
-   NULL, it means that the function was called in C code (i.e. not
-   from generated code or from helper.c) */
-void tlb_fill(CPUARMState *env, target_ulong addr, int is_write, int mmu_idx,
+ * NULL, it means that the function was called in C code (i.e. not
+ * from generated code or from helper.c)
+ */
+void tlb_fill(CPUState *cs, target_ulong addr, int is_write, int mmu_idx,
               uintptr_t retaddr)
 {
-    ARMCPU *cpu = arm_env_get_cpu(env);
-    CPUState *cs = CPU(cpu);
     int ret;
 
     ret = arm_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
     if (unlikely(ret)) {
+        ARMCPU *cpu = ARM_CPU(cs);
+        CPUARMState *env = &cpu->env;
+
         if (retaddr) {
             /* now we have a real cpu fault */
             cpu_restore_state(env, retaddr);
diff --git a/target-cris/op_helper.c b/target-cris/op_helper.c
index 9b20b94..68a5caa 100644
--- a/target-cris/op_helper.c
+++ b/target-cris/op_helper.c
@@ -54,15 +54,16 @@ 
 /* Try to fill the TLB and return an exception if error. If retaddr is
    NULL, it means that the function was called in C code (i.e. not
    from generated code or from helper.c) */
-void tlb_fill(CPUCRISState *env, target_ulong addr, int is_write, int mmu_idx,
+void tlb_fill(CPUState *cs, target_ulong addr, int is_write, int mmu_idx,
               uintptr_t retaddr)
 {
-    CRISCPU *cpu = cris_env_get_cpu(env);
+    CRISCPU *cpu = CRIS_CPU(cs);
+    CPUCRISState *env = &cpu->env;
     int ret;
 
     D_LOG("%s pc=%x tpc=%x ra=%p\n", __func__,
           env->pc, env->pregs[PR_EDA], (void *)retaddr);
-    ret = cris_cpu_handle_mmu_fault(CPU(cpu), addr, is_write, mmu_idx);
+    ret = cris_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
     if (unlikely(ret)) {
         if (retaddr) {
             /* now we have a real cpu fault */
diff --git a/target-i386/mem_helper.c b/target-i386/mem_helper.c
index c0d3b45..2f0691b 100644
--- a/target-i386/mem_helper.c
+++ b/target-i386/mem_helper.c
@@ -129,18 +129,20 @@  void helper_boundl(CPUX86State *env, target_ulong a0, int v)
 
 #if !defined(CONFIG_USER_ONLY)
 /* try to fill the TLB and return an exception if error. If retaddr is
-   NULL, it means that the function was called in C code (i.e. not
-   from generated code or from helper.c) */
+ * NULL, it means that the function was called in C code (i.e. not
+ * from generated code or from helper.c)
+ */
 /* XXX: fix it to restore all registers */
-void tlb_fill(CPUX86State *env, target_ulong addr, int is_write, int mmu_idx,
+void tlb_fill(CPUState *cs, target_ulong addr, int is_write, int mmu_idx,
               uintptr_t retaddr)
 {
-    X86CPU *cpu = x86_env_get_cpu(env);
-    CPUState *cs = CPU(cpu);
     int ret;
 
     ret = x86_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
     if (ret) {
+        X86CPU *cpu = X86_CPU(cs);
+        CPUX86State *env = &cpu->env;
+
         if (retaddr) {
             /* now we have a real cpu fault */
             cpu_restore_state(env, retaddr);
diff --git a/target-lm32/op_helper.c b/target-lm32/op_helper.c
index c7ad910..d4ee1ba 100644
--- a/target-lm32/op_helper.c
+++ b/target-lm32/op_helper.c
@@ -77,16 +77,19 @@  uint32_t HELPER(rcsr_jrx)(CPULM32State *env)
 }
 
 /* Try to fill the TLB and return an exception if error. If retaddr is
-   NULL, it means that the function was called in C code (i.e. not
-   from generated code or from helper.c) */
-void tlb_fill(CPULM32State *env, target_ulong addr, int is_write, int mmu_idx,
+ * NULL, it means that the function was called in C code (i.e. not
+ * from generated code or from helper.c)
+ */
+void tlb_fill(CPUState *cs, target_ulong addr, int is_write, int mmu_idx,
               uintptr_t retaddr)
 {
-    LM32CPU *cpu = lm32_env_get_cpu(env);
     int ret;
 
-    ret = lm32_cpu_handle_mmu_fault(CPU(cpu), addr, is_write, mmu_idx);
+    ret = lm32_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
     if (unlikely(ret)) {
+        LM32CPU *cpu = LM32_CPU(cs);
+        CPULM32State *env = &cpu->env;
+
         if (retaddr) {
             /* now we have a real cpu fault */
             cpu_restore_state(env, retaddr);
diff --git a/target-m68k/op_helper.c b/target-m68k/op_helper.c
index 466ad0c..9ad3a9d 100644
--- a/target-m68k/op_helper.c
+++ b/target-m68k/op_helper.c
@@ -53,14 +53,16 @@  extern int semihosting_enabled;
 /* Try to fill the TLB and return an exception if error. If retaddr is
    NULL, it means that the function was called in C code (i.e. not
    from generated code or from helper.c) */
-void tlb_fill(CPUM68KState *env, target_ulong addr, int is_write, int mmu_idx,
+void tlb_fill(CPUState *cs, target_ulong addr, int is_write, int mmu_idx,
               uintptr_t retaddr)
 {
-    M68kCPU *cpu = m68k_env_get_cpu(env);
     int ret;
 
-    ret = m68k_cpu_handle_mmu_fault(CPU(cpu), addr, is_write, mmu_idx);
+    ret = m68k_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
     if (unlikely(ret)) {
+        M68kCPU *cpu = M68K_CPU(cs);
+        CPUM68KState *env = &cpu->env;
+
         if (retaddr) {
             /* now we have a real cpu fault */
             cpu_restore_state(env, retaddr);
diff --git a/target-microblaze/op_helper.c b/target-microblaze/op_helper.c
index 318185a..9e39411 100644
--- a/target-microblaze/op_helper.c
+++ b/target-microblaze/op_helper.c
@@ -39,16 +39,19 @@ 
 #include "exec/softmmu_template.h"
 
 /* Try to fill the TLB and return an exception if error. If retaddr is
-   NULL, it means that the function was called in C code (i.e. not
-   from generated code or from helper.c) */
-void tlb_fill(CPUMBState *env, target_ulong addr, int is_write, int mmu_idx,
+ * NULL, it means that the function was called in C code (i.e. not
+ * from generated code or from helper.c)
+ */
+void tlb_fill(CPUState *cs, target_ulong addr, int is_write, int mmu_idx,
               uintptr_t retaddr)
 {
-    MicroBlazeCPU *cpu = mb_env_get_cpu(env);
     int ret;
 
-    ret = mb_cpu_handle_mmu_fault(CPU(cpu), addr, is_write, mmu_idx);
+    ret = mb_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
     if (unlikely(ret)) {
+        MicroBlazeCPU *cpu = MICROBLAZE_CPU(cs);
+        CPUMBState *env = &cpu->env;
+
         if (retaddr) {
             /* now we have a real cpu fault */
             cpu_restore_state(env, retaddr);
diff --git a/target-mips/op_helper.c b/target-mips/op_helper.c
index eeb98a6..7208659 100644
--- a/target-mips/op_helper.c
+++ b/target-mips/op_helper.c
@@ -2133,15 +2133,16 @@  static void do_unaligned_access(CPUMIPSState *env, target_ulong addr,
     do_raise_exception(env, (is_write == 1) ? EXCP_AdES : EXCP_AdEL, retaddr);
 }
 
-void tlb_fill(CPUMIPSState *env, target_ulong addr, int is_write, int mmu_idx,
+void tlb_fill(CPUState *cs, target_ulong addr, int is_write, int mmu_idx,
               uintptr_t retaddr)
 {
-    MIPSCPU *cpu = mips_env_get_cpu(env);
-    CPUState *cs = CPU(cpu);
     int ret;
 
     ret = mips_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
     if (ret) {
+        MIPSCPU *cpu = MIPS_CPU(cs);
+        CPUMIPSState *env = &cpu->env;
+
         do_raise_exception_err(env, cs->exception_index,
                                env->error_code, retaddr);
     }
diff --git a/target-moxie/helper.c b/target-moxie/helper.c
index 3b14f37..06a4c72 100644
--- a/target-moxie/helper.c
+++ b/target-moxie/helper.c
@@ -46,13 +46,14 @@ 
 /* Try to fill the TLB and return an exception if error. If retaddr is
    NULL, it means that the function was called in C code (i.e. not
    from generated code or from helper.c) */
-void tlb_fill(CPUMoxieState *env, target_ulong addr, int is_write, int mmu_idx,
+void tlb_fill(CPUState *cs, target_ulong addr, int is_write, int mmu_idx,
               uintptr_t retaddr)
 {
-    MoxieCPU *cpu = moxie_env_get_cpu(env);
+    MoxieCPU *cpu = MOXIE_CPU(cs);
+    CPUMoxieState *env = &cpu->env;
     int ret;
 
-    ret = moxie_cpu_handle_mmu_fault(CPU(cpu), addr, is_write, mmu_idx);
+    ret = moxie_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
     if (unlikely(ret)) {
         if (retaddr) {
             cpu_restore_state(env, retaddr);
diff --git a/target-openrisc/mmu_helper.c b/target-openrisc/mmu_helper.c
index b023a5f..e3fe6c7 100644
--- a/target-openrisc/mmu_helper.c
+++ b/target-openrisc/mmu_helper.c
@@ -36,15 +36,17 @@ 
 #define SHIFT 3
 #include "exec/softmmu_template.h"
 
-void tlb_fill(CPUOpenRISCState *env, target_ulong addr, int is_write,
+void tlb_fill(CPUState *cs, target_ulong addr, int is_write,
               int mmu_idx, uintptr_t retaddr)
 {
-    OpenRISCCPU *cpu = openrisc_env_get_cpu(env);
     int ret;
 
-    ret = openrisc_cpu_handle_mmu_fault(CPU(cpu), addr, is_write, mmu_idx);
+    ret = openrisc_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
 
     if (ret) {
+        OpenRISCCPU *cpu = OPENRISC_CPU(cs);
+        CPUOpenRISCState *env = &cpu->env;
+
         if (retaddr) {
             /* now we have a real cpu fault.  */
             cpu_restore_state(env, retaddr);
diff --git a/target-ppc/mmu_helper.c b/target-ppc/mmu_helper.c
index 79a9134..cc31482 100644
--- a/target-ppc/mmu_helper.c
+++ b/target-ppc/mmu_helper.c
@@ -2892,11 +2892,12 @@  void helper_booke206_tlbflush(CPUPPCState *env, uint32_t type)
    NULL, it means that the function was called in C code (i.e. not
    from generated code or from helper.c) */
 /* XXX: fix it to restore all registers */
-void tlb_fill(CPUPPCState *env, target_ulong addr, int is_write, int mmu_idx,
+void tlb_fill(CPUState *cs, target_ulong addr, int is_write, int mmu_idx,
               uintptr_t retaddr)
 {
-    CPUState *cpu = CPU(ppc_env_get_cpu(env));
-    PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu);
+    PowerPCCPU *cpu = POWERPC_CPU(cs);
+    PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cs);
+    CPUPPCState *env = &cpu->env;
     int ret;
 
     if (pcc->handle_mmu_fault) {
@@ -2909,6 +2910,6 @@  void tlb_fill(CPUPPCState *env, target_ulong addr, int is_write, int mmu_idx,
             /* now we have a real cpu fault */
             cpu_restore_state(env, retaddr);
         }
-        helper_raise_exception_err(env, cpu->exception_index, env->error_code);
+        helper_raise_exception_err(env, cs->exception_index, env->error_code);
     }
 }
diff --git a/target-s390x/mem_helper.c b/target-s390x/mem_helper.c
index e2748a7..8bd131b 100644
--- a/target-s390x/mem_helper.c
+++ b/target-s390x/mem_helper.c
@@ -44,14 +44,16 @@ 
    NULL, it means that the function was called in C code (i.e. not
    from generated code or from helper.c) */
 /* XXX: fix it to restore all registers */
-void tlb_fill(CPUS390XState *env, target_ulong addr, int is_write, int mmu_idx,
+void tlb_fill(CPUState *cs, target_ulong addr, int is_write, int mmu_idx,
               uintptr_t retaddr)
 {
-    S390CPU *cpu = s390_env_get_cpu(env);
     int ret;
 
-    ret = s390_cpu_handle_mmu_fault(CPU(cpu), addr, is_write, mmu_idx);
+    ret = s390_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
     if (unlikely(ret != 0)) {
+        S390CPU *cpu = S390_CPU(cs);
+        CPUS390XState *env = &cpu->env;
+
         if (likely(retaddr)) {
             /* now we have a real cpu fault */
             cpu_restore_state(env, retaddr);
diff --git a/target-sh4/op_helper.c b/target-sh4/op_helper.c
index 03633f0..6e527cf 100644
--- a/target-sh4/op_helper.c
+++ b/target-sh4/op_helper.c
@@ -38,15 +38,17 @@ 
 #define SHIFT 3
 #include "exec/softmmu_template.h"
 
-void tlb_fill(CPUSH4State *env, target_ulong addr, int is_write, int mmu_idx,
+void tlb_fill(CPUState *cs, target_ulong addr, int is_write, int mmu_idx,
               uintptr_t retaddr)
 {
-    SuperHCPU *cpu = sh_env_get_cpu(env);
     int ret;
 
-    ret = superh_cpu_handle_mmu_fault(CPU(cpu), addr, is_write, mmu_idx);
+    ret = superh_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
     if (ret) {
         /* now we have a real cpu fault */
+        SuperHCPU *cpu = SUPERH_CPU(cs);
+        CPUSH4State *env = &cpu->env;
+
         if (retaddr) {
             cpu_restore_state(env, retaddr);
         }
diff --git a/target-sparc/ldst_helper.c b/target-sparc/ldst_helper.c
index af7c289..973fcb6 100644
--- a/target-sparc/ldst_helper.c
+++ b/target-sparc/ldst_helper.c
@@ -2430,14 +2430,16 @@  static void QEMU_NORETURN do_unaligned_access(CPUSPARCState *env,
    NULL, it means that the function was called in C code (i.e. not
    from generated code or from helper.c) */
 /* XXX: fix it to restore all registers */
-void tlb_fill(CPUSPARCState *env, target_ulong addr, int is_write, int mmu_idx,
+void tlb_fill(CPUState *cs, target_ulong addr, int is_write, int mmu_idx,
               uintptr_t retaddr)
 {
-    SPARCCPU *cpu = sparc_env_get_cpu(env);
     int ret;
 
-    ret = sparc_cpu_handle_mmu_fault(CPU(cpu), addr, is_write, mmu_idx);
+    ret = sparc_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
     if (ret) {
+        SPARCCPU *cpu = SPARC_CPU(cs);
+        CPUSPARCState *env = &cpu->env;
+
         if (retaddr) {
             cpu_restore_state(env, retaddr);
         }
diff --git a/target-unicore32/op_helper.c b/target-unicore32/op_helper.c
index cd2cbef..3efc6a8 100644
--- a/target-unicore32/op_helper.c
+++ b/target-unicore32/op_helper.c
@@ -257,14 +257,16 @@  uint32_t HELPER(ror_cc)(CPUUniCore32State *env, uint32_t x, uint32_t i)
 #define SHIFT 3
 #include "exec/softmmu_template.h"
 
-void tlb_fill(CPUUniCore32State *env, target_ulong addr, int is_write,
+void tlb_fill(CPUState *cs, target_ulong addr, int is_write,
               int mmu_idx, uintptr_t retaddr)
 {
-    UniCore32CPU *cpu = uc32_env_get_cpu(env);
     int ret;
 
-    ret = uc32_cpu_handle_mmu_fault(CPU(cpu), addr, is_write, mmu_idx);
+    ret = uc32_cpu_handle_mmu_fault(cs, addr, is_write, mmu_idx);
     if (unlikely(ret)) {
+        UniCore32CPU *cpu = UNICORE32_CPU(cs);
+        CPUUniCore32State *env = &cpu->env;
+
         if (retaddr) {
             /* now we have a real cpu fault */
             cpu_restore_state(env, retaddr);
diff --git a/target-xtensa/op_helper.c b/target-xtensa/op_helper.c
index 2e006e4..cc1d5e2 100644
--- a/target-xtensa/op_helper.c
+++ b/target-xtensa/op_helper.c
@@ -59,9 +59,11 @@  static void do_unaligned_access(CPUXtensaState *env,
     }
 }
 
-void tlb_fill(CPUXtensaState *env,
-        target_ulong vaddr, int is_write, int mmu_idx, uintptr_t retaddr)
+void tlb_fill(CPUState *cs,
+              target_ulong vaddr, int is_write, int mmu_idx, uintptr_t retaddr)
 {
+    XtensaCPU *cpu = XTENSA_CPU(cs);
+    CPUXtensaState *env = &cpu->env;
     uint32_t paddr;
     uint32_t page_size;
     unsigned access;