On Wed, Dec 19, 2012 at 12:09 PM, Julien Grall <julien.gr...@citrix.com> wrote: > The commit 582299336879504353e60c7937fbc70fea93f3da introduced a 1-shift for > some offset in dma emulation. > > Before the previous commit, which converted ioport_register_* to MemoryRegion, > the DMA controller registered 8 ioports with the following formula: > base + ((8 + i) << d->shift) where 0 <= i < 8 > When an IO occured within a Memory Region, DMA callback receives an offset > relative to the started address. Here the started address is: > base + (8 << d->shift). > The offset should be: (i << d->shift). After the shift is reverted, the offset > are 0..7 not 1..8. > > Cc: 1089...@bugs.launchpad.net > Reviewed-by: Andreas Färber <afaer...@suse.de> > Reported-by: Andreas Gustafsson <g...@gson.org> > Signed-off-by: Julien Grall <julien.gr...@citrix.com> > --- > > Modification between V1 and V2: > * Modify the commit message to explain the problem. > > hw/dma.c | 22 +++++++++++----------- > 1 file changed, 11 insertions(+), 11 deletions(-) > > diff --git a/hw/dma.c b/hw/dma.c > index c2d7b21..1b1d406 100644 > --- a/hw/dma.c > +++ b/hw/dma.c > @@ -200,7 +200,7 @@ static void write_cont(void *opaque, hwaddr nport, > uint64_t data, > > iport = (nport >> d->dshift) & 0x0f; > switch (iport) { > - case 0x01: /* command */ > + case 0x00: /* command */ > if ((data != 0) && (data & CMD_NOT_SUPPORTED)) { > dolog("command %"PRIx64" not supported\n", data); > return; > @@ -208,7 +208,7 @@ static void write_cont(void *opaque, hwaddr nport, > uint64_t data, > d->command = data; > break; > > - case 0x02: > + case 0x01: > ichan = data & 3; > if (data & 4) { > d->status |= 1 << (ichan + 4); > @@ -220,7 +220,7 @@ static void write_cont(void *opaque, hwaddr nport, > uint64_t data, > DMA_run(); > break; > > - case 0x03: /* single mask */ > + case 0x02: /* single mask */ > if (data & 4) > d->mask |= 1 << (data & 3); > else > @@ -228,7 +228,7 @@ static void write_cont(void *opaque, hwaddr nport, > uint64_t data, > DMA_run(); > break; > > - case 0x04: /* mode */ > + case 0x03: /* mode */ > { > ichan = data & 3; > #ifdef DEBUG_DMA > @@ -247,23 +247,23 @@ static void write_cont(void *opaque, hwaddr nport, > uint64_t data, > break; > } > > - case 0x05: /* clear flip flop */ > + case 0x04: /* clear flip flop */ > d->flip_flop = 0; > break; > > - case 0x06: /* reset */ > + case 0x05: /* reset */ > d->flip_flop = 0; > d->mask = ~0; > d->status = 0; > d->command = 0; > break; > > - case 0x07: /* clear mask for all channels */ > + case 0x06: /* clear mask for all channels */ > d->mask = 0; > DMA_run(); > break; > > - case 0x08: /* write mask for all channels */ > + case 0x07: /* write mask for all channels */ > d->mask = data; > DMA_run(); > break; > @@ -288,11 +288,11 @@ static uint64_t read_cont(void *opaque, hwaddr nport, > unsigned size) > > iport = (nport >> d->dshift) & 0x0f; > switch (iport) { > - case 0x08: /* status */ > + case 0x00: /* status */ > val = d->status; > d->status &= 0xf0; > break; > - case 0x0f: /* mask */ > + case 0x01: /* mask */ > val = d->mask; > break; > default: > @@ -467,7 +467,7 @@ void DMA_schedule(int nchan) > static void dma_reset(void *opaque) > { > struct dma_cont *d = opaque; > - write_cont(d, (0x06 << d->dshift), 0, 1); > + write_cont(d, (0x05 << d->dshift), 0, 1); > } > > static int dma_phony_handler (void *opaque, int nchan, int dma_pos, int > dma_len)
Hello, Is there any plan to apply this patch in QEMU upstream? I think this bug is still opened. Sincerely yours, -- Grall Julien