Signed-off-by: Richard Henderson <richard.hender...@linaro.org>
---
include/accel/tcg/cpu-ops.h | 7 +++++++
accel/tcg/cputlb.c | 6 ++++++
2 files changed, 13 insertions(+)
diff --git a/include/accel/tcg/cpu-ops.h b/include/accel/tcg/cpu-ops.h
index cd22e5d5b9..83b2c2c864 100644
--- a/include/accel/tcg/cpu-ops.h
+++ b/include/accel/tcg/cpu-ops.h
@@ -222,6 +222,13 @@ struct TCGCPUOps {
bool (*tlb_fill)(CPUState *cpu, vaddr address, int size,
MMUAccessType access_type, int mmu_idx,
bool probe, uintptr_t retaddr);
+ /**
+ * @pointer_wrap:
+ *
+ * We have incremented @base to @result, resulting in a page change.
+ * For the current cpu state, adjust @result for possible overflow.
+ */
+ vaddr (*pointer_wrap)(CPUState *cpu, int mmu_idx, vaddr result, vaddr
base);
/**
* @do_transaction_failed: Callback for handling failed memory transactions
* (ie bus faults or external aborts; not MMU faults)
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index 5f6d7c601c..c394293d33 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -1773,6 +1773,12 @@ static bool mmu_lookup(CPUState *cpu, vaddr addr,
MemOpIdx oi,
l->page[1].size = l->page[0].size - size0;
l->page[0].size = size0;
+ if (cpu->cc->tcg_ops->pointer_wrap) {
+ l->page[1].addr = cpu->cc->tcg_ops->pointer_wrap(cpu, l->mmu_idx,
+ l->page[1].addr,
+ addr);
+ }
+
/*
* Lookup both pages, recognizing exceptions from either. If the
* second lookup potentially resized, refresh first CPUTLBEntryFull.
--
2.43.0
