From: Laszlo Ersek <lersek@redhat.com>
To: jaeyong.yoo@samsung.com, qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] Where is vga-rom mapped in guest system memory?
Date: Tue, 13 May 2014 15:54:38 +0200 [thread overview]
Message-ID: <5372241E.8090309@redhat.com> (raw)
In-Reply-To: <98.08.11443.AD612735@epcpsbgx3.samsung.com>
On 05/13/14 14:58, Jaeyong Yoo wrote:
> Hello qemu!
>
>
>
> I am currently writing a vga device emulator and need to debug vga-bios.
>
> What I want is to set break-point on the entry of vga-bios and for this,
>
> I'm reading qemu source around pci device and rom-related memory regions
>
> to find out where should I set break point. And, sadly, got stuck.
>
>
>
> Could you give me any advice about the memory-mapped address of vga-rom or
>
> any pointers?
Some.
The vgabios binary is loaded from the file identified by the "romfile"
property of the VGA card that you select. For example,
-device qxl-vga,romfile=...
or
-vga qxl \
-global qxl-vga.romfile=...
Of course the property has a default value for each VGA card. See the
k->romfile = ...
assignments in:
- cirrus_vga_class_init() -- vgabios-cirrus.bin
- qxl_primary_class_init() -- vgabios-qxl.bin
- vga_class_init() -- vgabios-stdvga.bin
I think the oprom is loaded in
pci_qdev_init() [hw/pci/pci.c]
pci_add_option_rom()
The vgabios oprom is shadowed from ROM (pci address space) to RAM by the
SeaBIOS initialization code, and then POSTed:
handle_post() [src/post.c]
make_bios_writable() [src/fw/shadow.c]
make_bios_writable_intel()
__make_bios_writable_intel() -- shadows vgabios in C segment too
dopost() [src/post.c]
maininit()
vgarom_setup() [src/optionroms.c]
init_pcirom()
init_optionrom()
callrom()
__callrom()
_rom_header_entry [vgasrc/vgaentry.S]
vga_post() [vgasrc/vgainit.c]
You can instrument vga_post() in the SeaBIOS source [vgasrc/vgainit.c],
rebuild the vgabios binary, and load this binary with the video card's
romfile=... property on the qemu command line.
Laszlo
Laszlo
next prev parent reply other threads:[~2014-05-13 13:54 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-13 12:58 [Qemu-devel] Where is vga-rom mapped in guest system memory? Jaeyong Yoo
2014-05-13 13:54 ` Laszlo Ersek [this message]
2014-05-14 4:01 ` Jaeyong Yoo
2014-05-14 10:55 ` Laszlo Ersek
2014-05-14 11:41 ` Jaeyong Yoo
2014-05-14 11:54 ` Laszlo Ersek
2014-05-15 13:25 ` Jaeyong Yoo
2014-05-15 14:04 ` Laszlo Ersek
2014-05-16 4:19 ` Jaeyong Yoo
2014-05-16 9:36 ` Laszlo Ersek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5372241E.8090309@redhat.com \
--to=lersek@redhat.com \
--cc=jaeyong.yoo@samsung.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.