{"id":2230997,"url":"http://patchwork.ozlabs.org/api/1.1/covers/2230997/?format=json","web_url":"http://patchwork.ozlabs.org/project/qemu-devel/cover/20260430093810.2762539-1-peter.maydell@linaro.org/","project":{"id":14,"url":"http://patchwork.ozlabs.org/api/1.1/projects/14/?format=json","name":"QEMU Development","link_name":"qemu-devel","list_id":"qemu-devel.nongnu.org","list_email":"qemu-devel@nongnu.org","web_url":"","scm_url":"","webscm_url":""},"msgid":"<20260430093810.2762539-1-peter.maydell@linaro.org>","date":"2026-04-30T09:37:45","name":"[v2,00/25] Handle sub-page granularity in cpu_memory_rw_debug()","submitter":{"id":5111,"url":"http://patchwork.ozlabs.org/api/1.1/people/5111/?format=json","name":"Peter Maydell","email":"peter.maydell@linaro.org"},"mbox":"http://patchwork.ozlabs.org/project/qemu-devel/cover/20260430093810.2762539-1-peter.maydell@linaro.org/mbox/","series":[{"id":502257,"url":"http://patchwork.ozlabs.org/api/1.1/series/502257/?format=json","web_url":"http://patchwork.ozlabs.org/project/qemu-devel/list/?series=502257","date":"2026-04-30T09:37:47","name":"Handle sub-page granularity in cpu_memory_rw_debug()","version":2,"mbox":"http://patchwork.ozlabs.org/series/502257/mbox/"}],"comments":"http://patchwork.ozlabs.org/api/covers/2230997/comments/","headers":{"Return-Path":"","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@legolas.ozlabs.org","Authentication-Results":["legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256\n header.s=google header.b=wkUck88i;\n\tdkim-atps=neutral","legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org\n (client-ip=209.51.188.17; helo=lists1p.gnu.org;\n envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org;\n receiver=patchwork.ozlabs.org)"],"Received":["from lists1p.gnu.org (lists1p.gnu.org [209.51.188.17])\n\t(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4g5pz56xMYz1yGq\n\tfor ; Thu, 30 Apr 2026 19:39:13 +1000 (AEST)","from localhost ([::1] helo=lists1p.gnu.org)\n\tby lists1p.gnu.org with esmtp (Exim 4.90_1)\n\t(envelope-from )\n\tid 1wINqk-0004ac-Bn; Thu, 30 Apr 2026 05:38:26 -0400","from eggs.gnu.org ([2001:470:142:3::10])\n by lists1p.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)\n (Exim 4.90_1) (envelope-from )\n id 1wINqg-0004Xx-Lr\n for qemu-devel@nongnu.org; Thu, 30 Apr 2026 05:38:24 -0400","from mail-wr1-x42e.google.com ([2a00:1450:4864:20::42e])\n by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)\n (Exim 4.90_1) (envelope-from )\n id 1wINqY-0002Re-FP\n for qemu-devel@nongnu.org; Thu, 30 Apr 2026 05:38:19 -0400","by mail-wr1-x42e.google.com with SMTP id\n ffacd0b85a97d-43fe608cb92so424972f8f.2\n for ; Thu, 30 Apr 2026 02:38:13 -0700 (PDT)","from lanath.. (wildly.archaic.org.uk. [81.2.115.145])\n by smtp.gmail.com with ESMTPSA id\n ffacd0b85a97d-447b421721fsm10816795f8f.15.2026.04.30.02.38.10\n (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);\n Thu, 30 Apr 2026 02:38:11 -0700 (PDT)"],"DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=linaro.org; s=google; t=1777541892; x=1778146692; darn=nongnu.org;\n h=content-transfer-encoding:mime-version:message-id:date:subject:cc\n :to:from:from:to:cc:subject:date:message-id:reply-to;\n bh=MmDOEj12GRPvL+JBzfQAUxV+HPwRkzr7BQY5EX/ShUY=;\n b=wkUck88i6LtVge2jomAkivon0GnLwgzpjFNJNs9OdSQwyONdO31siQnLzuUcdXU/Lj\n uaD6WK9MsuQEYrb8Chj2cV7tHnNO+0xziMUiK+/6RPxS2zlwIm3cOqv9Lxms/qB32zdi\n Bb7g9HEEltKin7RQQrZglClB82bDZcM5DHvLqCf+7p0sAtjLHDuqnWFfw3PjGkM3lHEY\n BsSoDyyEew+afBvPWS2S+l9I48MJ1i+djOIs6qDQla1PU7ZSnlW4+goslX2l5OXNbvxE\n FVq+f3oqgFPRl5Ks0zMSqO3g9mOSnxmIsNYQme9OrdLieoDjshKa2536qhujPpf26hf0\n iebg==","X-Google-DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=1e100.net; s=20251104; t=1777541892; x=1778146692;\n h=content-transfer-encoding:mime-version:message-id:date:subject:cc\n :to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date\n :message-id:reply-to;\n bh=MmDOEj12GRPvL+JBzfQAUxV+HPwRkzr7BQY5EX/ShUY=;\n b=BY4aQslbf2fn1KCzKue4ZMEoStKTSLmXSHBEA6mh6cNzrACTyl58VS+aFLV+ePsZbL\n PbO5kppJ7vUAfnBeesz/WvAo1FXsi1dXQbgu1C7Zq0xYETAyZ0c4JZCpqU27PRojkFWY\n 4zsth0DM8fkaXSDSKhuhJHVPhU6aG3j6/G1NDojWJ+pENflgcI8BtrLruJJ8b/SoNI2I\n edcNz3aT0wDKgGICNnMraM6rjnGbzy9iOcAEe/BgvmqhHEB4W5O6dWe7nE5Aseija5aC\n q6k/dcdoAZiwchOasAlO1MJiTHUlV7foPBbGDsi9hhi9FWY9UFOsrpxtlD3agasqGaFS\n 4c6Q==","X-Gm-Message-State":"AOJu0YzmYuqBhM3di5P9NTJQMCOfCykgWlmWQnbHLflAtWAe66DK/sop\n /CJVm+P0jqCCBQff2WQ0345NJB/uvHSjsH8VgCH+qy1zsSQx370Arasl7BldHDFCIKeIMNPJkvk\n dIXg3","X-Gm-Gg":"AeBDietrdB/rZF5N5C2+kDoYiWJxHZiImowD3qZlkKkFkIzpSf/cM/yU6N7KhWNc5Lu\n fBgAPixbvmaqRdzwD5nAfryRrAb7zutqw5XNPiHpnG8WYIUflQrONKKjkILFKyS5v0pnKitvLoF\n sJsFX+GivPACOWaBMddM1618tSc16vQ5yH0A9lWTDQP7YDFwyLHuNZiCUn3Uhh6nma7zhHwE5GC\n 0KwLZ5Xktue0yt4AZMTY1LBKkAddsWVX5LJK77h1dCPoNdMLe9qJvbrLzkWAUgWuPBkTYdcsh8d\n f8Im9PWgPtk6q7EUqLkffwpYptG4mupFHdRxE1c+9uHAd/wPeEP/PLvcd7hY/wV4ehjv93iRTDj\n O9YSQA/bXxiQxlvo38ycc0BWp9zRdwjTt1z1gmQFdVT12VHWeCUehh3nSvhoPL+7jC0WQJdBb8g\n 48OhzwScg6GehSbOtTjgjzU9X6ritsBJ8ezEii7KS8smAXB7TK9MWWLk/d0iLwSlOtZ387aL6p9\n 2MO/z2AYYfmzAj7z3EVWDhvv9bSCLS/Rm81RS/7BGOGjodZzGF0","X-Received":"by 2002:a05:6000:40c9:b0:43d:9bb5:bda5 with SMTP id\n ffacd0b85a97d-4493ee4d4c5mr3067189f8f.40.1777541891983;\n Thu, 30 Apr 2026 02:38:11 -0700 (PDT)","From":"Peter Maydell ","To":"qemu-devel@nongnu.org","Cc":"qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org,\n qemu-s390x@nongnu.org,\n =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= ,\n Marcel Apfelbaum ,\n Yanan Wang , Zhao Liu ,\n Paolo Bonzini ,\n Richard Henderson ,\n \"Dr. David Alan Gilbert\" ,\n =?utf-8?q?Alex_Benn=C3=A9e?= ,\n Alexandre Iooss , Mahmoud Mandour ,\n Peter Xu , \"Edgar E. Iglesias\" ,\n Jiaxun Yang , Nicholas Piggin ,\n Chinmay Rath , Glenn Miles ,\n Palmer Dabbelt ,\n Alistair Francis , Weiwei Li ,\n Daniel Henrique Barboza ,\n Liu Zhiwei ,\n Chao Liu , Ilya Leoshkevich ,\n David Hildenbrand ,\n Mark Cave-Ayland ,\n Artyom Tarasenko , Max Filippov ","Subject":"[PATCH v2 00/25] Handle sub-page granularity in cpu_memory_rw_debug()","Date":"Thu, 30 Apr 2026 10:37:45 +0100","Message-ID":"<20260430093810.2762539-1-peter.maydell@linaro.org>","X-Mailer":"git-send-email 2.43.0","MIME-Version":"1.0","Content-Type":"text/plain; charset=UTF-8","Content-Transfer-Encoding":"8bit","Received-SPF":"pass client-ip=2a00:1450:4864:20::42e;\n envelope-from=peter.maydell@linaro.org; helo=mail-wr1-x42e.google.com","X-Spam_score_int":"-20","X-Spam_score":"-2.1","X-Spam_bar":"--","X-Spam_report":"(-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,\n DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,\n RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,\n SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no","X-Spam_action":"no action","X-BeenThere":"qemu-devel@nongnu.org","X-Mailman-Version":"2.1.29","Precedence":"list","List-Id":"qemu development ","List-Unsubscribe":",\n ","List-Archive":"","List-Post":"","List-Help":"","List-Subscribe":",\n ","Errors-To":"qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org","Sender":"qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org"},"content":"A while back we added support for targets having memory protection at\na sub-page granularity in TCG: the target returns a CPUTLBEntryFull\nwith a lg_page_size field that tells TCG how big a block of memory the\ntranslation covers. At the moment we only use this in Arm, for the\nM-profile and R-profile MPU which can set protections on small regions\nof memory.\n\nHowever, we forgot about cpu_memory_rw_debug(), which still assumes\nthat translations cover target-page sized regions. It rounds the input\nvirtual address down to a page boundary, translates that, and then\nputs the offset within the page back in again. This causes problems\nfor the Arm MPU case, because if the MPU is set up so that the memory\nat the rounded-down address isn't within a valid region then we\nincorrectly conclude that we can't read the memory at the address we\nwere actually asked about.\nhttps://gitlab.com/qemu-project/qemu/-/work_items/3292 is a report of\nthis for the semihosting case, but it applies also to general debug\naccesses.\n\nThis series fixes this by providing and using a new\ncpu_translate_for_debug() function which takes a non-page-aligned\nvirtual address and returns all of:\n - the exact physical address for that virtual address\n - the memory attributes\n - the lg_page_size the translation is valid for\n\nChanges in v2:\n - I noticed that I'd missed that a vapic.c callsite currently relies\n on the i386 \"always return a page-aligned result\" behaviour;\n patch 1 is new and makes it work with both \"returns the page\n address\" and \"returns the exact adress\"\n - fixed a TARGET_PAGE_BITS/TARGET_PAGE_SIZE mixup pointed out\n in code review\n - in the arm translate_for_debug patch, name a (preexisting) bool\n variable 'fault' rather than 'ret' to help clarify that it is\n true-on-failure\n - the last 7 patches are new, and update callers of\n cpu_get_phys_addr_debug() to use the new cpu_translate_for_debug();\n this means we can remove cpu_get_phys_addr_debug() and\n cpu_get_phys_addr_attrs_debug(), so there is only one API\n now for doing debug virt-to-phys translations\n\nFurther cleanup for once this series is accepted:\n - we could convert the 15 targets using get_phys_addr_debug and the\n two using get_phys_addr_attrs_debug to translate_for_debug, so we\n only have one CPU method for phys-to-virt translations instead of\n three\n\nPatches 1, 18, and 19-25 need review.\n\nthanks\n-- PMM\n\nPeter Maydell (25):\n hw/i386/vapic: Cope with non-page-aligned return from\n cpu_get_phys_page_debug()\n target/riscv: Make get_phys_page_debug handle non-page-aligned addrs\n target/alpha: Make get_phys_page_debug handle non-page-aligned addrs\n target/microblaze: Make get_phys_page_attrs_debug handle\n non-page-aligned addrs\n target/sparc: Make get_phys_page_debug handle non-page-aligned addrs\n target/x86: Make get_phys_page_attrs_debug handle non-page-aligned\n addrs\n target/s390x: Make get_phys_page_debug handle non-page-aligned addrs\n target/ppc: Make get_phys_page_debug handle non-page-aligned addrs\n target: Rename get_phys_page_debug to get_phys_addr_debug\n target: Rename cpu_get_phys_page_{,attrs_}debug\n hw/core: Update docs for get_phys_addr_{attrs_,}debug\n target/arm: Rename arm_cpu_get_phys_page()\n monitor: hmp_gva2gpa: Don't page-align cpu_get_phys_addr_debug() arg\n and return\n plugins/api.c: Trust cpu_get_phys_addr_debug() return address\n hw/core: Implement new cpu_translate_for_debug()\n hw/core: Implement cpu_get_phys_addr_attrs_debug() with\n cpu_translate_for_debug()\n target/arm: Implement translate_for_debug\n system/physmem: Use translate_for_debug() in cpu_memory_rw_debug()\n hw/i386/vapic.c: Use cpu_translate_for_debug()\n target/sparc: Use cpu_translate_for_debug()\n hw/xtensa: Use cpu_translate_for_debug()\n target/xtensa/xtensa-semi: Use cpu_translate_for_debug()\n monitor/hmp-cmds: Use cpu_translate_for_debug()\n plugins/api.c: Use cpu_translate_for_debug()\n Remove cpu_get_phys_addr_debug() and cpu_get_phys_addr_attrs_debug()\n\n hw/core/cpu-system.c | 47 ++++++++++++++++++--------------\n hw/i386/vapic.c | 13 +++++----\n hw/xtensa/sim.c | 6 +++-\n hw/xtensa/xtfpga.c | 6 +++-\n include/hw/core/cpu.h | 40 +++++++++++++++------------\n include/hw/core/sysemu-cpu-ops.h | 39 ++++++++++++++++++++++----\n monitor/hmp-cmds.c | 8 ++----\n plugins/api.c | 8 +++---\n system/physmem.c | 38 ++++++++++++++++----------\n target/alpha/cpu.c | 2 +-\n target/alpha/cpu.h | 2 +-\n target/alpha/helper.c | 3 +-\n target/arm/cpu.c | 2 +-\n target/arm/cpu.h | 3 --\n target/arm/internals.h | 4 +++\n target/arm/ptw.c | 39 +++++++++++++++-----------\n target/avr/cpu.c | 2 +-\n target/avr/cpu.h | 2 +-\n target/avr/helper.c | 2 +-\n target/hppa/cpu.c | 2 +-\n target/hppa/cpu.h | 2 +-\n target/hppa/mem_helper.c | 2 +-\n target/i386/cpu.c | 2 +-\n target/i386/cpu.h | 2 +-\n target/i386/helper.c | 4 +--\n target/i386/whpx/whpx-all.c | 2 +-\n target/loongarch/cpu-mmu.h | 2 +-\n target/loongarch/cpu.c | 2 +-\n target/loongarch/cpu_helper.c | 2 +-\n target/m68k/cpu.c | 2 +-\n target/m68k/cpu.h | 2 +-\n target/m68k/helper.c | 2 +-\n target/microblaze/cpu.c | 2 +-\n target/microblaze/cpu.h | 2 +-\n target/microblaze/helper.c | 11 ++++----\n target/mips/cpu.c | 2 +-\n target/mips/internal.h | 2 +-\n target/mips/system/physaddr.c | 2 +-\n target/or1k/cpu.c | 2 +-\n target/or1k/cpu.h | 2 +-\n target/or1k/mmu.c | 2 +-\n target/ppc/cpu.h | 2 +-\n target/ppc/cpu_init.c | 2 +-\n target/ppc/mmu-hash32.c | 2 +-\n target/ppc/mmu_common.c | 4 +--\n target/riscv/cpu.c | 2 +-\n target/riscv/cpu.h | 2 +-\n target/riscv/cpu_helper.c | 4 +--\n target/rx/cpu.c | 2 +-\n target/rx/cpu.h | 2 +-\n target/rx/helper.c | 2 +-\n target/s390x/cpu-system.c | 2 +-\n target/s390x/helper.c | 20 ++++----------\n target/s390x/s390x-internal.h | 1 -\n target/sh4/cpu.c | 2 +-\n target/sh4/cpu.h | 2 +-\n target/sh4/helper.c | 2 +-\n target/sparc/cpu.c | 2 +-\n target/sparc/cpu.h | 2 +-\n target/sparc/mmu_helper.c | 23 ++++++++++++----\n target/tricore/cpu.c | 2 +-\n target/tricore/cpu.h | 2 +-\n target/tricore/helper.c | 2 +-\n target/xtensa/cpu.c | 2 +-\n target/xtensa/cpu.h | 2 +-\n target/xtensa/mmu_helper.c | 2 +-\n target/xtensa/xtensa-semi.c | 9 ++++--\n 67 files changed, 246 insertions(+), 176 deletions(-)"}