qcow2: Improve check for overlapping allocations
[qemu/kevin.git] / hw / g364fb.c
blobf7014e9dd8710e7894c92d8e0af77f5dfce812ff
1 /*
2 * QEMU G364 framebuffer Emulator.
4 * Copyright (c) 2007-2011 Herve Poussineau
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License as
8 * published by the Free Software Foundation; either version 2 of
9 * the License, or (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License along
17 * with this program; if not, see <http://www.gnu.org/licenses/>.
20 #include "hw/hw.h"
21 #include "ui/console.h"
22 #include "ui/pixel_ops.h"
23 #include "trace.h"
24 #include "hw/sysbus.h"
26 typedef struct G364State {
27 /* hardware */
28 uint8_t *vram;
29 uint32_t vram_size;
30 qemu_irq irq;
31 MemoryRegion mem_vram;
32 MemoryRegion mem_ctrl;
33 /* registers */
34 uint8_t color_palette[256][3];
35 uint8_t cursor_palette[3][3];
36 uint16_t cursor[512];
37 uint32_t cursor_position;
38 uint32_t ctla;
39 uint32_t top_of_screen;
40 uint32_t width, height; /* in pixels */
41 /* display refresh support */
42 QemuConsole *con;
43 int depth;
44 int blanked;
45 } G364State;
47 #define REG_BOOT 0x000000
48 #define REG_DISPLAY 0x000118
49 #define REG_VDISPLAY 0x000150
50 #define REG_CTLA 0x000300
51 #define REG_TOP 0x000400
52 #define REG_CURS_PAL 0x000508
53 #define REG_CURS_POS 0x000638
54 #define REG_CLR_PAL 0x000800
55 #define REG_CURS_PAT 0x001000
56 #define REG_RESET 0x100000
58 #define CTLA_FORCE_BLANK 0x00000400
59 #define CTLA_NO_CURSOR 0x00800000
61 #define G364_PAGE_SIZE 4096
63 static inline int check_dirty(G364State *s, ram_addr_t page)
65 return memory_region_get_dirty(&s->mem_vram, page, G364_PAGE_SIZE,
66 DIRTY_MEMORY_VGA);
69 static inline void reset_dirty(G364State *s,
70 ram_addr_t page_min, ram_addr_t page_max)
72 memory_region_reset_dirty(&s->mem_vram,
73 page_min,
74 page_max + G364_PAGE_SIZE - page_min - 1,
75 DIRTY_MEMORY_VGA);
78 static void g364fb_draw_graphic8(G364State *s)
80 DisplaySurface *surface = qemu_console_surface(s->con);
81 int i, w;
82 uint8_t *vram;
83 uint8_t *data_display, *dd;
84 ram_addr_t page, page_min, page_max;
85 int x, y;
86 int xmin, xmax;
87 int ymin, ymax;
88 int xcursor, ycursor;
89 unsigned int (*rgb_to_pixel)(unsigned int r, unsigned int g, unsigned int b);
91 switch (surface_bits_per_pixel(surface)) {
92 case 8:
93 rgb_to_pixel = rgb_to_pixel8;
94 w = 1;
95 break;
96 case 15:
97 rgb_to_pixel = rgb_to_pixel15;
98 w = 2;
99 break;
100 case 16:
101 rgb_to_pixel = rgb_to_pixel16;
102 w = 2;
103 break;
104 case 32:
105 rgb_to_pixel = rgb_to_pixel32;
106 w = 4;
107 break;
108 default:
109 hw_error("g364: unknown host depth %d",
110 surface_bits_per_pixel(surface));
111 return;
114 page = 0;
115 page_min = (ram_addr_t)-1;
116 page_max = 0;
118 x = y = 0;
119 xmin = s->width;
120 xmax = 0;
121 ymin = s->height;
122 ymax = 0;
124 if (!(s->ctla & CTLA_NO_CURSOR)) {
125 xcursor = s->cursor_position >> 12;
126 ycursor = s->cursor_position & 0xfff;
127 } else {
128 xcursor = ycursor = -65;
131 vram = s->vram + s->top_of_screen;
132 /* XXX: out of range in vram? */
133 data_display = dd = surface_data(surface);
134 while (y < s->height) {
135 if (check_dirty(s, page)) {
136 if (y < ymin)
137 ymin = ymax = y;
138 if (page_min == (ram_addr_t)-1)
139 page_min = page;
140 page_max = page;
141 if (x < xmin)
142 xmin = x;
143 for (i = 0; i < G364_PAGE_SIZE; i++) {
144 uint8_t index;
145 unsigned int color;
146 if (unlikely((y >= ycursor && y < ycursor + 64) &&
147 (x >= xcursor && x < xcursor + 64))) {
148 /* pointer area */
149 int xdiff = x - xcursor;
150 uint16_t curs = s->cursor[(y - ycursor) * 8 + xdiff / 8];
151 int op = (curs >> ((xdiff & 7) * 2)) & 3;
152 if (likely(op == 0)) {
153 /* transparent */
154 index = *vram;
155 color = (*rgb_to_pixel)(
156 s->color_palette[index][0],
157 s->color_palette[index][1],
158 s->color_palette[index][2]);
159 } else {
160 /* get cursor color */
161 index = op - 1;
162 color = (*rgb_to_pixel)(
163 s->cursor_palette[index][0],
164 s->cursor_palette[index][1],
165 s->cursor_palette[index][2]);
167 } else {
168 /* normal area */
169 index = *vram;
170 color = (*rgb_to_pixel)(
171 s->color_palette[index][0],
172 s->color_palette[index][1],
173 s->color_palette[index][2]);
175 memcpy(dd, &color, w);
176 dd += w;
177 x++;
178 vram++;
179 if (x == s->width) {
180 xmax = s->width - 1;
181 y++;
182 if (y == s->height) {
183 ymax = s->height - 1;
184 goto done;
186 data_display = dd = data_display + surface_stride(surface);
187 xmin = 0;
188 x = 0;
191 if (x > xmax)
192 xmax = x;
193 if (y > ymax)
194 ymax = y;
195 } else {
196 int dy;
197 if (page_min != (ram_addr_t)-1) {
198 reset_dirty(s, page_min, page_max);
199 page_min = (ram_addr_t)-1;
200 page_max = 0;
201 dpy_gfx_update(s->con, xmin, ymin,
202 xmax - xmin + 1, ymax - ymin + 1);
203 xmin = s->width;
204 xmax = 0;
205 ymin = s->height;
206 ymax = 0;
208 x += G364_PAGE_SIZE;
209 dy = x / s->width;
210 x = x % s->width;
211 y += dy;
212 vram += G364_PAGE_SIZE;
213 data_display += dy * surface_stride(surface);
214 dd = data_display + x * w;
216 page += G364_PAGE_SIZE;
219 done:
220 if (page_min != (ram_addr_t)-1) {
221 dpy_gfx_update(s->con, xmin, ymin, xmax - xmin + 1, ymax - ymin + 1);
222 reset_dirty(s, page_min, page_max);
226 static void g364fb_draw_blank(G364State *s)
228 DisplaySurface *surface = qemu_console_surface(s->con);
229 int i, w;
230 uint8_t *d;
232 if (s->blanked) {
233 /* Screen is already blank. No need to redraw it */
234 return;
237 w = s->width * surface_bytes_per_pixel(surface);
238 d = surface_data(surface);
239 for (i = 0; i < s->height; i++) {
240 memset(d, 0, w);
241 d += surface_stride(surface);
244 dpy_gfx_update(s->con, 0, 0, s->width, s->height);
245 s->blanked = 1;
248 static void g364fb_update_display(void *opaque)
250 G364State *s = opaque;
251 DisplaySurface *surface = qemu_console_surface(s->con);
253 qemu_flush_coalesced_mmio_buffer();
255 if (s->width == 0 || s->height == 0)
256 return;
258 if (s->width != surface_width(surface) ||
259 s->height != surface_height(surface)) {
260 qemu_console_resize(s->con, s->width, s->height);
263 if (s->ctla & CTLA_FORCE_BLANK) {
264 g364fb_draw_blank(s);
265 } else if (s->depth == 8) {
266 g364fb_draw_graphic8(s);
267 } else {
268 error_report("g364: unknown guest depth %d", s->depth);
271 qemu_irq_raise(s->irq);
274 static inline void g364fb_invalidate_display(void *opaque)
276 G364State *s = opaque;
278 s->blanked = 0;
279 memory_region_set_dirty(&s->mem_vram, 0, s->vram_size);
282 static void g364fb_reset(G364State *s)
284 qemu_irq_lower(s->irq);
286 memset(s->color_palette, 0, sizeof(s->color_palette));
287 memset(s->cursor_palette, 0, sizeof(s->cursor_palette));
288 memset(s->cursor, 0, sizeof(s->cursor));
289 s->cursor_position = 0;
290 s->ctla = 0;
291 s->top_of_screen = 0;
292 s->width = s->height = 0;
293 memset(s->vram, 0, s->vram_size);
294 g364fb_invalidate_display(s);
297 static void g364fb_screen_dump(void *opaque, const char *filename, bool cswitch,
298 Error **errp)
300 G364State *s = opaque;
301 int ret, y, x;
302 uint8_t index;
303 uint8_t *data_buffer;
304 FILE *f;
306 qemu_flush_coalesced_mmio_buffer();
308 if (s->depth != 8) {
309 error_setg(errp, "g364: unknown guest depth %d", s->depth);
310 return;
313 f = fopen(filename, "wb");
314 if (!f) {
315 error_setg(errp, "failed to open file '%s': %s", filename,
316 strerror(errno));
317 return;
320 if (s->ctla & CTLA_FORCE_BLANK) {
321 /* blank screen */
322 ret = fprintf(f, "P4\n%d %d\n", s->width, s->height);
323 if (ret < 0) {
324 goto write_err;
326 for (y = 0; y < s->height; y++)
327 for (x = 0; x < s->width; x++) {
328 ret = fputc(0, f);
329 if (ret == EOF) {
330 goto write_err;
333 } else {
334 data_buffer = s->vram + s->top_of_screen;
335 ret = fprintf(f, "P6\n%d %d\n%d\n", s->width, s->height, 255);
336 if (ret < 0) {
337 goto write_err;
339 for (y = 0; y < s->height; y++)
340 for (x = 0; x < s->width; x++, data_buffer++) {
341 index = *data_buffer;
342 ret = fputc(s->color_palette[index][0], f);
343 if (ret == EOF) {
344 goto write_err;
346 ret = fputc(s->color_palette[index][1], f);
347 if (ret == EOF) {
348 goto write_err;
350 ret = fputc(s->color_palette[index][2], f);
351 if (ret == EOF) {
352 goto write_err;
357 out:
358 fclose(f);
359 return;
361 write_err:
362 error_setg(errp, "failed to write to file '%s': %s", filename,
363 strerror(errno));
364 unlink(filename);
365 goto out;
368 /* called for accesses to io ports */
369 static uint64_t g364fb_ctrl_read(void *opaque,
370 hwaddr addr,
371 unsigned int size)
373 G364State *s = opaque;
374 uint32_t val;
376 if (addr >= REG_CURS_PAT && addr < REG_CURS_PAT + 0x1000) {
377 /* cursor pattern */
378 int idx = (addr - REG_CURS_PAT) >> 3;
379 val = s->cursor[idx];
380 } else if (addr >= REG_CURS_PAL && addr < REG_CURS_PAL + 0x18) {
381 /* cursor palette */
382 int idx = (addr - REG_CURS_PAL) >> 3;
383 val = ((uint32_t)s->cursor_palette[idx][0] << 16);
384 val |= ((uint32_t)s->cursor_palette[idx][1] << 8);
385 val |= ((uint32_t)s->cursor_palette[idx][2] << 0);
386 } else {
387 switch (addr) {
388 case REG_DISPLAY:
389 val = s->width / 4;
390 break;
391 case REG_VDISPLAY:
392 val = s->height * 2;
393 break;
394 case REG_CTLA:
395 val = s->ctla;
396 break;
397 default:
399 error_report("g364: invalid read at [" TARGET_FMT_plx "]",
400 addr);
401 val = 0;
402 break;
407 trace_g364fb_read(addr, val);
409 return val;
412 static void g364fb_update_depth(G364State *s)
414 static const int depths[8] = { 1, 2, 4, 8, 15, 16, 0 };
415 s->depth = depths[(s->ctla & 0x00700000) >> 20];
418 static void g364_invalidate_cursor_position(G364State *s)
420 DisplaySurface *surface = qemu_console_surface(s->con);
421 int ymin, ymax, start, end;
423 /* invalidate only near the cursor */
424 ymin = s->cursor_position & 0xfff;
425 ymax = MIN(s->height, ymin + 64);
426 start = ymin * surface_stride(surface);
427 end = (ymax + 1) * surface_stride(surface);
429 memory_region_set_dirty(&s->mem_vram, start, end - start);
432 static void g364fb_ctrl_write(void *opaque,
433 hwaddr addr,
434 uint64_t val,
435 unsigned int size)
437 G364State *s = opaque;
439 trace_g364fb_write(addr, val);
441 if (addr >= REG_CLR_PAL && addr < REG_CLR_PAL + 0x800) {
442 /* color palette */
443 int idx = (addr - REG_CLR_PAL) >> 3;
444 s->color_palette[idx][0] = (val >> 16) & 0xff;
445 s->color_palette[idx][1] = (val >> 8) & 0xff;
446 s->color_palette[idx][2] = val & 0xff;
447 g364fb_invalidate_display(s);
448 } else if (addr >= REG_CURS_PAT && addr < REG_CURS_PAT + 0x1000) {
449 /* cursor pattern */
450 int idx = (addr - REG_CURS_PAT) >> 3;
451 s->cursor[idx] = val;
452 g364fb_invalidate_display(s);
453 } else if (addr >= REG_CURS_PAL && addr < REG_CURS_PAL + 0x18) {
454 /* cursor palette */
455 int idx = (addr - REG_CURS_PAL) >> 3;
456 s->cursor_palette[idx][0] = (val >> 16) & 0xff;
457 s->cursor_palette[idx][1] = (val >> 8) & 0xff;
458 s->cursor_palette[idx][2] = val & 0xff;
459 g364fb_invalidate_display(s);
460 } else {
461 switch (addr) {
462 case REG_BOOT: /* Boot timing */
463 case 0x00108: /* Line timing: half sync */
464 case 0x00110: /* Line timing: back porch */
465 case 0x00120: /* Line timing: short display */
466 case 0x00128: /* Frame timing: broad pulse */
467 case 0x00130: /* Frame timing: v sync */
468 case 0x00138: /* Frame timing: v preequalise */
469 case 0x00140: /* Frame timing: v postequalise */
470 case 0x00148: /* Frame timing: v blank */
471 case 0x00158: /* Line timing: line time */
472 case 0x00160: /* Frame store: line start */
473 case 0x00168: /* vram cycle: mem init */
474 case 0x00170: /* vram cycle: transfer delay */
475 case 0x00200: /* vram cycle: mask register */
476 /* ignore */
477 break;
478 case REG_TOP:
479 s->top_of_screen = val;
480 g364fb_invalidate_display(s);
481 break;
482 case REG_DISPLAY:
483 s->width = val * 4;
484 break;
485 case REG_VDISPLAY:
486 s->height = val / 2;
487 break;
488 case REG_CTLA:
489 s->ctla = val;
490 g364fb_update_depth(s);
491 g364fb_invalidate_display(s);
492 break;
493 case REG_CURS_POS:
494 g364_invalidate_cursor_position(s);
495 s->cursor_position = val;
496 g364_invalidate_cursor_position(s);
497 break;
498 case REG_RESET:
499 g364fb_reset(s);
500 break;
501 default:
502 error_report("g364: invalid write of 0x%" PRIx64
503 " at [" TARGET_FMT_plx "]", val, addr);
504 break;
507 qemu_irq_lower(s->irq);
510 static const MemoryRegionOps g364fb_ctrl_ops = {
511 .read = g364fb_ctrl_read,
512 .write = g364fb_ctrl_write,
513 .endianness = DEVICE_LITTLE_ENDIAN,
514 .impl.min_access_size = 4,
515 .impl.max_access_size = 4,
518 static int g364fb_post_load(void *opaque, int version_id)
520 G364State *s = opaque;
522 /* force refresh */
523 g364fb_update_depth(s);
524 g364fb_invalidate_display(s);
526 return 0;
529 static const VMStateDescription vmstate_g364fb = {
530 .name = "g364fb",
531 .version_id = 1,
532 .minimum_version_id = 1,
533 .minimum_version_id_old = 1,
534 .post_load = g364fb_post_load,
535 .fields = (VMStateField[]) {
536 VMSTATE_VBUFFER_UINT32(vram, G364State, 1, NULL, 0, vram_size),
537 VMSTATE_BUFFER_UNSAFE(color_palette, G364State, 0, 256 * 3),
538 VMSTATE_BUFFER_UNSAFE(cursor_palette, G364State, 0, 9),
539 VMSTATE_UINT16_ARRAY(cursor, G364State, 512),
540 VMSTATE_UINT32(cursor_position, G364State),
541 VMSTATE_UINT32(ctla, G364State),
542 VMSTATE_UINT32(top_of_screen, G364State),
543 VMSTATE_UINT32(width, G364State),
544 VMSTATE_UINT32(height, G364State),
545 VMSTATE_END_OF_LIST()
549 static void g364fb_init(DeviceState *dev, G364State *s)
551 s->vram = g_malloc0(s->vram_size);
553 s->con = graphic_console_init(g364fb_update_display,
554 g364fb_invalidate_display,
555 g364fb_screen_dump, NULL, s);
557 memory_region_init_io(&s->mem_ctrl, &g364fb_ctrl_ops, s, "ctrl", 0x180000);
558 memory_region_init_ram_ptr(&s->mem_vram, "vram",
559 s->vram_size, s->vram);
560 vmstate_register_ram(&s->mem_vram, dev);
561 memory_region_set_coalescing(&s->mem_vram);
564 typedef struct {
565 SysBusDevice busdev;
566 G364State g364;
567 } G364SysBusState;
569 static int g364fb_sysbus_init(SysBusDevice *dev)
571 G364State *s = &FROM_SYSBUS(G364SysBusState, dev)->g364;
573 g364fb_init(&dev->qdev, s);
574 sysbus_init_irq(dev, &s->irq);
575 sysbus_init_mmio(dev, &s->mem_ctrl);
576 sysbus_init_mmio(dev, &s->mem_vram);
578 return 0;
581 static void g364fb_sysbus_reset(DeviceState *d)
583 G364SysBusState *s = DO_UPCAST(G364SysBusState, busdev.qdev, d);
584 g364fb_reset(&s->g364);
587 static Property g364fb_sysbus_properties[] = {
588 DEFINE_PROP_HEX32("vram_size", G364SysBusState, g364.vram_size,
589 8 * 1024 * 1024),
590 DEFINE_PROP_END_OF_LIST(),
593 static void g364fb_sysbus_class_init(ObjectClass *klass, void *data)
595 DeviceClass *dc = DEVICE_CLASS(klass);
596 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass);
598 k->init = g364fb_sysbus_init;
599 dc->desc = "G364 framebuffer";
600 dc->reset = g364fb_sysbus_reset;
601 dc->vmsd = &vmstate_g364fb;
602 dc->props = g364fb_sysbus_properties;
605 static const TypeInfo g364fb_sysbus_info = {
606 .name = "sysbus-g364",
607 .parent = TYPE_SYS_BUS_DEVICE,
608 .instance_size = sizeof(G364SysBusState),
609 .class_init = g364fb_sysbus_class_init,
612 static void g364fb_register_types(void)
614 type_register_static(&g364fb_sysbus_info);
617 type_init(g364fb_register_types)