On 12/06/2017 23:21, Mark Cave-Ayland wrote: > As indicated by Laszlo it is a QOM bug for the realize() method to actually > map the device. Set up the IO regions with sysbus_init_mmio() and defer > the mapping to the caller, as already done in fw_cfg_init_mem_wide().
... sort of. The idea is that the ISA bridge (including all the legacy I/O devices, of which fw_cfg part) does subtractive decoding, i.e. "if nobody else wants it, I'll take it". So that's why fw_cfg's realize() maps I/O ports, and why the API is sysbus_add_io. Sysbus MMIO maps a different hardware concept, where the "base" is decoded by the SoC and forwarded to the component at that address. This is represented by the sysbus_init_mmio/sysbus_mmio_map pair. Documentation for this would be welcome, but sysbus.h doesn't have many function comments. :( Paolo
