* [PATCH v2 00/20] q800: add support for booting MacOS Classic - part 2
@ 2023-09-09 9:48 Mark Cave-Ayland
2023-09-09 9:48 ` [PATCH v2 01/20] q800-glue.c: convert to Resettable interface Mark Cave-Ayland
` (19 more replies)
0 siblings, 20 replies; 44+ messages in thread
From: Mark Cave-Ayland @ 2023-09-09 9:48 UTC (permalink / raw)
To: laurent, qemu-devel
This series contains the remaining patches needed to allow QEMU's q800
machine to boot MacOS Classic when used in conjunction with a real
Quadra 800 ROM image. In fact with this series applied it is possible
to boot all of the following OSs:
- MacOS 7.1 - 8.1, with or without virtual memory enabled
- A/UX 3.0.1
- NetBSD 9.3
- Linux (via EMILE)
If you are ready to experience some 90s nostalgia then all you need is
to grab yourself a copy of the Quadra 800 ROM (checksum 0xf1acad13) and a
suitable install ISO as follows:
# Prepare a PRAM image
$ qemu-img create -f raw pram.img 256b
# Launch QEMU with blank disk and install CDROM
$ ./qemu-system-m68k \
-M q800 \
-m 128 \
-bios Quadra800.rom \
-drive file=pram.img,format=raw,if=mtd \
-drive file=disk.img,media=disk,format=raw,if=none,id=hd \
-device scsi-hd,scsi-id=0,drive=hd \
-drive file=cdrom.iso,media=cdrom,if=none,id=cd \
-device scsi-cd,scsi-id=3,drive=cd
And off you go! For more in-depth information about the installation process
I highly recommend the installation guide over at emaculation.com [1].
Compatibility is generally very good, and I'm pleased to report it is possible
to run one of the most popular productivity apps from the 90s [2].
I'd like to add a big thank you to all the people who have helped me work on
this series, including testing on real hardware, answering questions about
MacOS Classic internals and helping to diagnose and fix bugs in the 68k
emulation. In particular thanks go to Laurent Vivier, Finn Thain, Howard
Spoelstra, Volker Rümelin, Richard Henderson, Martin Husemann, Rin Okuyama,
Elliot Nunn, and SolraBizna.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
[1] https://www.emaculation.com/doku.php/qemu
[2] https://www.youtube.com/watch?v=yI21gURQ1Ew
v2:
- Rebase onto master
- Add R-B tags from Phil and Laurent
- Improve ASC logic for generating interrupts when FIFO underflow occurs
- Rework ASC silence generation logic similar to Volker's original proposal
- Update A/UX timer calibration hack to reflect the change of accesses now that
#360 is resolved
Mark Cave-Ayland (20):
q800-glue.c: convert to Resettable interface
q800: add djMEMC memory controller
q800: add machine id register
q800: implement additional machine id bits on VIA1 port A
q800: add IOSB subsystem
q800: allow accesses to RAM area even if less memory is available
audio: add Apple Sound Chip (ASC) emulation
asc: generate silence if FIFO empty but engine still running
q800: add Apple Sound Chip (ASC) audio to machine
q800: add easc bool machine class property to switch between ASC and
EASC
swim: add trace events for IWM and ISM registers
swim: split into separate IWM and ISM register blocks
swim: update IWM/ISM register block decoding
mac_via: work around underflow in TimeDBRA timing loop in SETUPTIMEK
mac_via: workaround NetBSD ADB bus enumeration issue
mac_via: implement ADB_STATE_IDLE state if shift register in input
mode
mac_via: always clear ADB interrupt when switching to A/UX mode
q800: add ESCC alias at 0xc000
q800: add alias for MacOS toolbox ROM at 0x40000000
mac_via: extend timer calibration hack to work with A/UX
MAINTAINERS | 6 +
hw/audio/Kconfig | 3 +
hw/audio/asc.c | 718 ++++++++++++++++++++++++++++++++++++
hw/audio/meson.build | 1 +
hw/audio/trace-events | 10 +
hw/block/swim.c | 261 ++++++++-----
hw/block/trace-events | 8 +
hw/m68k/Kconfig | 3 +
hw/m68k/q800-glue.c | 18 +-
hw/m68k/q800.c | 134 ++++++-
hw/misc/Kconfig | 6 +
hw/misc/djmemc.c | 135 +++++++
hw/misc/iosb.c | 133 +++++++
hw/misc/mac_via.c | 234 +++++++++++-
hw/misc/meson.build | 2 +
hw/misc/trace-events | 10 +
include/hw/audio/asc.h | 86 +++++
include/hw/block/swim.h | 21 +-
include/hw/m68k/q800-glue.h | 4 +-
include/hw/m68k/q800.h | 11 +
include/hw/misc/djmemc.h | 30 ++
include/hw/misc/iosb.h | 25 ++
include/hw/misc/mac_via.h | 3 +
23 files changed, 1756 insertions(+), 106 deletions(-)
create mode 100644 hw/audio/asc.c
create mode 100644 hw/misc/djmemc.c
create mode 100644 hw/misc/iosb.c
create mode 100644 include/hw/audio/asc.h
create mode 100644 include/hw/misc/djmemc.h
create mode 100644 include/hw/misc/iosb.h
--
2.39.2
^ permalink raw reply [flat|nested] 44+ messages in thread
* [PATCH v2 01/20] q800-glue.c: convert to Resettable interface
2023-09-09 9:48 [PATCH v2 00/20] q800: add support for booting MacOS Classic - part 2 Mark Cave-Ayland
@ 2023-09-09 9:48 ` Mark Cave-Ayland
2023-09-25 17:03 ` Laurent Vivier
2023-09-09 9:48 ` [PATCH v2 02/20] q800: add djMEMC memory controller Mark Cave-Ayland
` (18 subsequent siblings)
19 siblings, 1 reply; 44+ messages in thread
From: Mark Cave-Ayland @ 2023-09-09 9:48 UTC (permalink / raw)
To: laurent, qemu-devel
Convert the GLUE device to 3-phase reset. The legacy method
doesn't do anything that's invalid in the hold phase, so the
conversion is simple and not a behaviour change.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
---
hw/m68k/q800-glue.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/hw/m68k/q800-glue.c b/hw/m68k/q800-glue.c
index 34c4f0e987..710a5c331e 100644
--- a/hw/m68k/q800-glue.c
+++ b/hw/m68k/q800-glue.c
@@ -166,9 +166,9 @@ static void glue_nmi_release(void *opaque)
GLUE_set_irq(s, GLUE_IRQ_IN_NMI, 0);
}
-static void glue_reset(DeviceState *dev)
+static void glue_reset_hold(Object *obj)
{
- GLUEState *s = GLUE(dev);
+ GLUEState *s = GLUE(obj);
s->ipr = 0;
s->auxmode = 0;
@@ -223,11 +223,12 @@ static void glue_init(Object *obj)
static void glue_class_init(ObjectClass *klass, void *data)
{
DeviceClass *dc = DEVICE_CLASS(klass);
+ ResettableClass *rc = RESETTABLE_CLASS(klass);
NMIClass *nc = NMI_CLASS(klass);
dc->vmsd = &vmstate_glue;
- dc->reset = glue_reset;
device_class_set_props(dc, glue_properties);
+ rc->phases.hold = glue_reset_hold;
nc->nmi_monitor_handler = glue_nmi;
}
--
2.39.2
^ permalink raw reply related [flat|nested] 44+ messages in thread
* [PATCH v2 02/20] q800: add djMEMC memory controller
2023-09-09 9:48 [PATCH v2 00/20] q800: add support for booting MacOS Classic - part 2 Mark Cave-Ayland
2023-09-09 9:48 ` [PATCH v2 01/20] q800-glue.c: convert to Resettable interface Mark Cave-Ayland
@ 2023-09-09 9:48 ` Mark Cave-Ayland
2023-09-09 9:48 ` [PATCH v2 03/20] q800: add machine id register Mark Cave-Ayland
` (17 subsequent siblings)
19 siblings, 0 replies; 44+ messages in thread
From: Mark Cave-Ayland @ 2023-09-09 9:48 UTC (permalink / raw)
To: laurent, qemu-devel
The djMEMC controller is used to store information related to the physical memory
configuration.
Co-developed-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
---
MAINTAINERS | 2 +
hw/m68k/Kconfig | 1 +
hw/m68k/q800.c | 10 +++
hw/misc/Kconfig | 3 +
hw/misc/djmemc.c | 135 +++++++++++++++++++++++++++++++++++++++
hw/misc/meson.build | 1 +
hw/misc/trace-events | 4 ++
include/hw/m68k/q800.h | 2 +
include/hw/misc/djmemc.h | 30 +++++++++
9 files changed, 188 insertions(+)
create mode 100644 hw/misc/djmemc.c
create mode 100644 include/hw/misc/djmemc.h
diff --git a/MAINTAINERS b/MAINTAINERS
index b471973e1e..3ed6d42d77 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1221,6 +1221,7 @@ F: hw/misc/mac_via.c
F: hw/nubus/*
F: hw/display/macfb.c
F: hw/block/swim.c
+F: hw/misc/djmemc.c
F: hw/m68k/bootinfo.h
F: include/standard-headers/asm-m68k/bootinfo.h
F: include/standard-headers/asm-m68k/bootinfo-mac.h
@@ -1230,6 +1231,7 @@ F: include/hw/display/macfb.h
F: include/hw/block/swim.h
F: include/hw/m68k/q800.h
F: include/hw/m68k/q800-glue.h
+F: include/hw/misc/djmemc.h
virt
M: Laurent Vivier <laurent@vivier.eu>
diff --git a/hw/m68k/Kconfig b/hw/m68k/Kconfig
index f839f8a030..330cfdfa2d 100644
--- a/hw/m68k/Kconfig
+++ b/hw/m68k/Kconfig
@@ -23,6 +23,7 @@ config Q800
select ESP
select DP8393X
select OR_IRQ
+ select DJMEMC
config M68K_VIRT
bool
diff --git a/hw/m68k/q800.c b/hw/m68k/q800.c
index b770b71d54..f9ecc1fbb0 100644
--- a/hw/m68k/q800.c
+++ b/hw/m68k/q800.c
@@ -40,6 +40,7 @@
#include "hw/m68k/q800.h"
#include "hw/m68k/q800-glue.h"
#include "hw/misc/mac_via.h"
+#include "hw/misc/djmemc.h"
#include "hw/input/adb.h"
#include "hw/nubus/mac-nubus-bridge.h"
#include "hw/display/macfb.h"
@@ -66,6 +67,7 @@
#define SONIC_PROM_BASE (IO_BASE + 0x08000)
#define SONIC_BASE (IO_BASE + 0x0a000)
#define SCC_BASE (IO_BASE + 0x0c020)
+#define DJMEMC_BASE (IO_BASE + 0x0e000)
#define ESP_BASE (IO_BASE + 0x10000)
#define ESP_PDMA (IO_BASE + 0x10100)
#define ASC_BASE (IO_BASE + 0x14000)
@@ -257,6 +259,14 @@ static void q800_machine_init(MachineState *machine)
&error_abort);
sysbus_realize(SYS_BUS_DEVICE(&m->glue), &error_fatal);
+ /* djMEMC memory controller */
+ object_initialize_child(OBJECT(machine), "djmemc", &m->djmemc,
+ TYPE_DJMEMC);
+ sysbus = SYS_BUS_DEVICE(&m->djmemc);
+ sysbus_realize_and_unref(sysbus, &error_fatal);
+ memory_region_add_subregion(&m->macio, DJMEMC_BASE - IO_BASE,
+ sysbus_mmio_get_region(sysbus, 0));
+
/* VIA 1 */
object_initialize_child(OBJECT(machine), "via1", &m->via1,
TYPE_MOS6522_Q800_VIA1);
diff --git a/hw/misc/Kconfig b/hw/misc/Kconfig
index 6996d265e4..cb7857e3ed 100644
--- a/hw/misc/Kconfig
+++ b/hw/misc/Kconfig
@@ -186,4 +186,7 @@ config AXP2XX_PMU
bool
depends on I2C
+config DJMEMC
+ bool
+
source macio/Kconfig
diff --git a/hw/misc/djmemc.c b/hw/misc/djmemc.c
new file mode 100644
index 0000000000..fd02640838
--- /dev/null
+++ b/hw/misc/djmemc.c
@@ -0,0 +1,135 @@
+/*
+ * djMEMC, macintosh memory and interrupt controller
+ * (Quadra 610/650/800 & Centris 610/650)
+ *
+ * https://mac68k.info/wiki/display/mac68k/djMEMC+Information
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/log.h"
+#include "migration/vmstate.h"
+#include "hw/misc/djmemc.h"
+#include "hw/qdev-properties.h"
+#include "trace.h"
+
+
+#define DJMEMC_INTERLEAVECONF 0x0
+#define DJMEMC_BANK0CONF 0x4
+#define DJMEMC_BANK1CONF 0x8
+#define DJMEMC_BANK2CONF 0xc
+#define DJMEMC_BANK3CONF 0x10
+#define DJMEMC_BANK4CONF 0x14
+#define DJMEMC_BANK5CONF 0x18
+#define DJMEMC_BANK6CONF 0x1c
+#define DJMEMC_BANK7CONF 0x20
+#define DJMEMC_BANK8CONF 0x24
+#define DJMEMC_BANK9CONF 0x28
+#define DJMEMC_MEMTOP 0x2c
+#define DJMEMC_CONFIG 0x30
+#define DJMEMC_REFRESH 0x34
+
+
+static uint64_t djmemc_read(void *opaque, hwaddr addr, unsigned size)
+{
+ DJMEMCState *s = opaque;
+ uint64_t val = 0;
+
+ switch (addr) {
+ case DJMEMC_INTERLEAVECONF:
+ case DJMEMC_BANK0CONF ... DJMEMC_BANK9CONF:
+ case DJMEMC_MEMTOP:
+ case DJMEMC_CONFIG:
+ case DJMEMC_REFRESH:
+ val = s->regs[addr >> 2];
+ break;
+ default:
+ qemu_log_mask(LOG_UNIMP, "djMEMC: unimplemented read addr=0x%"PRIx64
+ " val=0x%"PRIx64 " size=%d\n",
+ addr, val, size);
+ }
+
+ trace_djmemc_read(addr, val, size);
+ return val;
+}
+
+static void djmemc_write(void *opaque, hwaddr addr, uint64_t val,
+ unsigned size)
+{
+ DJMEMCState *s = opaque;
+
+ trace_djmemc_write(addr, val, size);
+
+ switch (addr) {
+ case DJMEMC_INTERLEAVECONF:
+ case DJMEMC_BANK0CONF ... DJMEMC_BANK9CONF:
+ case DJMEMC_MEMTOP:
+ case DJMEMC_CONFIG:
+ case DJMEMC_REFRESH:
+ s->regs[addr >> 2] = val;
+ break;
+ default:
+ qemu_log_mask(LOG_UNIMP, "djMEMC: unimplemented write addr=0x%"PRIx64
+ " val=0x%"PRIx64 " size=%d\n",
+ addr, val, size);
+ }
+}
+
+static const MemoryRegionOps djmemc_mmio_ops = {
+ .read = djmemc_read,
+ .write = djmemc_write,
+ .impl = {
+ .min_access_size = 4,
+ .max_access_size = 4,
+ },
+ .endianness = DEVICE_BIG_ENDIAN,
+};
+
+static void djmemc_init(Object *obj)
+{
+ DJMEMCState *s = DJMEMC(obj);
+ SysBusDevice *sbd = SYS_BUS_DEVICE(obj);
+
+ memory_region_init_io(&s->mem_regs, obj, &djmemc_mmio_ops, s, "djMEMC",
+ DJMEMC_SIZE);
+ sysbus_init_mmio(sbd, &s->mem_regs);
+}
+
+static void djmemc_reset_hold(Object *obj)
+{
+ DJMEMCState *s = DJMEMC(obj);
+
+ memset(s->regs, 0, sizeof(s->regs));
+}
+
+static const VMStateDescription vmstate_djmemc = {
+ .name = "djMEMC",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT32_ARRAY(regs, DJMEMCState, DJMEMC_NUM_REGS),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static void djmemc_class_init(ObjectClass *oc, void *data)
+{
+ DeviceClass *dc = DEVICE_CLASS(oc);
+ ResettableClass *rc = RESETTABLE_CLASS(oc);
+
+ dc->vmsd = &vmstate_djmemc;
+ rc->phases.hold = djmemc_reset_hold;
+}
+
+static const TypeInfo djmemc_info_types[] = {
+ {
+ .name = TYPE_DJMEMC,
+ .parent = TYPE_SYS_BUS_DEVICE,
+ .instance_size = sizeof(DJMEMCState),
+ .instance_init = djmemc_init,
+ .class_init = djmemc_class_init,
+ },
+};
+
+DEFINE_TYPES(djmemc_info_types)
diff --git a/hw/misc/meson.build b/hw/misc/meson.build
index d9a370c1de..86f23f267f 100644
--- a/hw/misc/meson.build
+++ b/hw/misc/meson.build
@@ -20,6 +20,7 @@ system_ss.add(when: 'CONFIG_ARM_V7M', if_true: files('armv7m_ras.c'))
# Mac devices
system_ss.add(when: 'CONFIG_MOS6522', if_true: files('mos6522.c'))
+system_ss.add(when: 'CONFIG_DJMEMC', if_true: files('djmemc.c'))
# virt devices
system_ss.add(when: 'CONFIG_VIRT_CTRL', if_true: files('virt_ctrl.c'))
diff --git a/hw/misc/trace-events b/hw/misc/trace-events
index e8b2be14c0..be383fe956 100644
--- a/hw/misc/trace-events
+++ b/hw/misc/trace-events
@@ -301,3 +301,7 @@ virt_ctrl_instance_init(void *dev) "ctrl: %p"
lasi_chip_mem_valid(uint64_t addr, uint32_t val) "access to addr 0x%"PRIx64" is %d"
lasi_chip_read(uint64_t addr, uint32_t val) "addr 0x%"PRIx64" val 0x%08x"
lasi_chip_write(uint64_t addr, uint32_t val) "addr 0x%"PRIx64" val 0x%08x"
+
+# djmemc.c
+djmemc_read(int reg, uint64_t value, unsigned int size) "reg=0x%x value=0x%"PRIx64" size=%u"
+djmemc_write(int reg, uint64_t value, unsigned int size) "reg=0x%x value=0x%"PRIx64" size=%u"
diff --git a/include/hw/m68k/q800.h b/include/hw/m68k/q800.h
index b3d77f1cba..f6ae4c1c4f 100644
--- a/include/hw/m68k/q800.h
+++ b/include/hw/m68k/q800.h
@@ -36,6 +36,7 @@
#include "hw/block/swim.h"
#include "hw/nubus/mac-nubus-bridge.h"
#include "hw/display/macfb.h"
+#include "hw/misc/djmemc.h"
/*
* The main Q800 machine
@@ -56,6 +57,7 @@ struct Q800MachineState {
Swim swim;
MacNubusBridge mac_nubus_bridge;
MacfbNubusState macfb;
+ DJMEMCState djmemc;
MemoryRegion macio;
MemoryRegion macio_alias;
};
diff --git a/include/hw/misc/djmemc.h b/include/hw/misc/djmemc.h
new file mode 100644
index 0000000000..82d4e4a2fe
--- /dev/null
+++ b/include/hw/misc/djmemc.h
@@ -0,0 +1,30 @@
+/*
+ * djMEMC, macintosh memory and interrupt controller
+ * (Quadra 610/650/800 & Centris 610/650)
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#ifndef HW_MISC_DJMEMC_H
+#define HW_MISC_DJMEMC_H
+
+#include "hw/sysbus.h"
+
+#define DJMEMC_SIZE 0x2000
+#define DJMEMC_NUM_REGS (0x38 / sizeof(uint32_t))
+
+#define DJMEMC_MAXBANKS 10
+
+struct DJMEMCState {
+ SysBusDevice parent_obj;
+
+ MemoryRegion mem_regs;
+
+ /* Memory controller */
+ uint32_t regs[DJMEMC_NUM_REGS];
+};
+
+#define TYPE_DJMEMC "djMEMC"
+OBJECT_DECLARE_SIMPLE_TYPE(DJMEMCState, DJMEMC);
+
+#endif
--
2.39.2
^ permalink raw reply related [flat|nested] 44+ messages in thread
* [PATCH v2 03/20] q800: add machine id register
2023-09-09 9:48 [PATCH v2 00/20] q800: add support for booting MacOS Classic - part 2 Mark Cave-Ayland
2023-09-09 9:48 ` [PATCH v2 01/20] q800-glue.c: convert to Resettable interface Mark Cave-Ayland
2023-09-09 9:48 ` [PATCH v2 02/20] q800: add djMEMC memory controller Mark Cave-Ayland
@ 2023-09-09 9:48 ` Mark Cave-Ayland
2023-09-09 9:48 ` [PATCH v2 04/20] q800: implement additional machine id bits on VIA1 port A Mark Cave-Ayland
` (16 subsequent siblings)
19 siblings, 0 replies; 44+ messages in thread
From: Mark Cave-Ayland @ 2023-09-09 9:48 UTC (permalink / raw)
To: laurent, qemu-devel
MacOS reads this address to identify the hardware.
This is a basic implementation returning the ID of Quadra 800.
Details:
http://mess.redump.net/mess/driver_info/mac_technical_notes
"There are 3 ID schemes [...]
The third and most scalable is a machine ID register at 0x5ffffffc.
The top word must be 0xa55a to be valid. Then bits 15-11 are 0 for
consumer Macs, 1 for portables, 2 for high-end 68k, and 3 for high-end
PowerPC. Bit 10 is 1 if additional ID bits appear elsewhere (e.g. in VIA1).
The rest of the bits are a per-model identifier.
Model Lower 16 bits of ID
...
Quadra/Centris 610/650/800 0x2BAD"
Co-developed-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
---
hw/m68k/q800.c | 29 +++++++++++++++++++++++++++++
include/hw/m68k/q800.h | 1 +
2 files changed, 30 insertions(+)
diff --git a/hw/m68k/q800.c b/hw/m68k/q800.c
index f9ecc1fbb0..ac8509ba6f 100644
--- a/hw/m68k/q800.c
+++ b/hw/m68k/q800.c
@@ -91,6 +91,9 @@
#define Q800_NUBUS_SLOTS_AVAILABLE (BIT(0x9) | BIT(0xc) | BIT(0xd) | \
BIT(0xe))
+/* Quadra 800 machine ID */
+#define Q800_MACHINE_ID 0xa55a2bad
+
static void main_cpu_reset(void *opaque)
{
@@ -192,6 +195,27 @@ static const MemoryRegionOps macio_alias_ops = {
},
};
+static uint64_t machine_id_read(void *opaque, hwaddr addr, unsigned size)
+{
+ return Q800_MACHINE_ID;
+}
+
+static void machine_id_write(void *opaque, hwaddr addr, uint64_t val,
+ unsigned size)
+{
+ return;
+}
+
+static const MemoryRegionOps machine_id_ops = {
+ .read = machine_id_read,
+ .write = machine_id_write,
+ .endianness = DEVICE_BIG_ENDIAN,
+ .valid = {
+ .min_access_size = 4,
+ .max_access_size = 4,
+ },
+};
+
static void q800_machine_init(MachineState *machine)
{
Q800MachineState *m = Q800_MACHINE(machine);
@@ -253,6 +277,11 @@ static void q800_machine_init(MachineState *machine)
memory_region_add_subregion(get_system_memory(), IO_BASE + IO_SLICE,
&m->macio_alias);
+ memory_region_init_io(&m->machine_id, NULL, &machine_id_ops, NULL,
+ "Machine ID", 4);
+ memory_region_add_subregion(get_system_memory(), 0x5ffffffc,
+ &m->machine_id);
+
/* IRQ Glue */
object_initialize_child(OBJECT(machine), "glue", &m->glue, TYPE_GLUE);
object_property_set_link(OBJECT(&m->glue), "cpu", OBJECT(&m->cpu),
diff --git a/include/hw/m68k/q800.h b/include/hw/m68k/q800.h
index f6ae4c1c4f..dd7d7a6f2c 100644
--- a/include/hw/m68k/q800.h
+++ b/include/hw/m68k/q800.h
@@ -60,6 +60,7 @@ struct Q800MachineState {
DJMEMCState djmemc;
MemoryRegion macio;
MemoryRegion macio_alias;
+ MemoryRegion machine_id;
};
#define TYPE_Q800_MACHINE MACHINE_TYPE_NAME("q800")
--
2.39.2
^ permalink raw reply related [flat|nested] 44+ messages in thread
* [PATCH v2 04/20] q800: implement additional machine id bits on VIA1 port A
2023-09-09 9:48 [PATCH v2 00/20] q800: add support for booting MacOS Classic - part 2 Mark Cave-Ayland
` (2 preceding siblings ...)
2023-09-09 9:48 ` [PATCH v2 03/20] q800: add machine id register Mark Cave-Ayland
@ 2023-09-09 9:48 ` Mark Cave-Ayland
2023-09-09 9:48 ` [PATCH v2 05/20] q800: add IOSB subsystem Mark Cave-Ayland
` (15 subsequent siblings)
19 siblings, 0 replies; 44+ messages in thread
From: Mark Cave-Ayland @ 2023-09-09 9:48 UTC (permalink / raw)
To: laurent, qemu-devel
Co-developed-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
---
hw/misc/mac_via.c | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/hw/misc/mac_via.c b/hw/misc/mac_via.c
index 0787a0268d..baeb73eeb3 100644
--- a/hw/misc/mac_via.c
+++ b/hw/misc/mac_via.c
@@ -114,6 +114,9 @@
#define VIA1A_CPUID1 0x04 /* CPU id bit 0 on RBV, others */
#define VIA1A_CPUID2 0x10 /* CPU id bit 0 on RBV, others */
#define VIA1A_CPUID3 0x40 /* CPU id bit 0 on RBV, others */
+#define VIA1A_CPUID_MASK (VIA1A_CPUID0 | VIA1A_CPUID1 | \
+ VIA1A_CPUID2 | VIA1A_CPUID3)
+#define VIA1A_CPUID_Q800 (VIA1A_CPUID0 | VIA1A_CPUID2)
/*
* Info on VIA1B is from Macintosh Family Hardware & MkLinux.
@@ -872,9 +875,18 @@ static uint64_t mos6522_q800_via1_read(void *opaque, hwaddr addr, unsigned size)
{
MOS6522Q800VIA1State *s = MOS6522_Q800_VIA1(opaque);
MOS6522State *ms = MOS6522(s);
+ uint64_t ret;
addr = (addr >> 9) & 0xf;
- return mos6522_read(ms, addr, size);
+ ret = mos6522_read(ms, addr, size);
+ switch (addr) {
+ case VIA_REG_A:
+ case VIA_REG_ANH:
+ /* Quadra 800 Id */
+ ret = (ret & ~VIA1A_CPUID_MASK) | VIA1A_CPUID_Q800;
+ break;
+ }
+ return ret;
}
static void mos6522_q800_via1_write(void *opaque, hwaddr addr, uint64_t val,
--
2.39.2
^ permalink raw reply related [flat|nested] 44+ messages in thread
* [PATCH v2 05/20] q800: add IOSB subsystem
2023-09-09 9:48 [PATCH v2 00/20] q800: add support for booting MacOS Classic - part 2 Mark Cave-Ayland
` (3 preceding siblings ...)
2023-09-09 9:48 ` [PATCH v2 04/20] q800: implement additional machine id bits on VIA1 port A Mark Cave-Ayland
@ 2023-09-09 9:48 ` Mark Cave-Ayland
2023-09-09 9:48 ` [PATCH v2 06/20] q800: allow accesses to RAM area even if less memory is available Mark Cave-Ayland
` (14 subsequent siblings)
19 siblings, 0 replies; 44+ messages in thread
From: Mark Cave-Ayland @ 2023-09-09 9:48 UTC (permalink / raw)
To: laurent, qemu-devel
It is needed because it defines the BIOSConfig area.
Co-developed-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
---
MAINTAINERS | 2 +
hw/m68k/Kconfig | 1 +
hw/m68k/q800.c | 9 +++
hw/misc/Kconfig | 3 +
hw/misc/iosb.c | 133 +++++++++++++++++++++++++++++++++++++++++
hw/misc/meson.build | 1 +
hw/misc/trace-events | 4 ++
include/hw/m68k/q800.h | 2 +
include/hw/misc/iosb.h | 25 ++++++++
9 files changed, 180 insertions(+)
create mode 100644 hw/misc/iosb.c
create mode 100644 include/hw/misc/iosb.h
diff --git a/MAINTAINERS b/MAINTAINERS
index 3ed6d42d77..e02c0073af 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1222,6 +1222,7 @@ F: hw/nubus/*
F: hw/display/macfb.c
F: hw/block/swim.c
F: hw/misc/djmemc.c
+F: hw/misc/iosb.c
F: hw/m68k/bootinfo.h
F: include/standard-headers/asm-m68k/bootinfo.h
F: include/standard-headers/asm-m68k/bootinfo-mac.h
@@ -1232,6 +1233,7 @@ F: include/hw/block/swim.h
F: include/hw/m68k/q800.h
F: include/hw/m68k/q800-glue.h
F: include/hw/misc/djmemc.h
+F: include/hw/misc/iosb.h
virt
M: Laurent Vivier <laurent@vivier.eu>
diff --git a/hw/m68k/Kconfig b/hw/m68k/Kconfig
index 330cfdfa2d..64fa70a0db 100644
--- a/hw/m68k/Kconfig
+++ b/hw/m68k/Kconfig
@@ -24,6 +24,7 @@ config Q800
select DP8393X
select OR_IRQ
select DJMEMC
+ select IOSB
config M68K_VIRT
bool
diff --git a/hw/m68k/q800.c b/hw/m68k/q800.c
index ac8509ba6f..081b95e9cf 100644
--- a/hw/m68k/q800.c
+++ b/hw/m68k/q800.c
@@ -41,6 +41,7 @@
#include "hw/m68k/q800-glue.h"
#include "hw/misc/mac_via.h"
#include "hw/misc/djmemc.h"
+#include "hw/misc/iosb.h"
#include "hw/input/adb.h"
#include "hw/nubus/mac-nubus-bridge.h"
#include "hw/display/macfb.h"
@@ -71,6 +72,7 @@
#define ESP_BASE (IO_BASE + 0x10000)
#define ESP_PDMA (IO_BASE + 0x10100)
#define ASC_BASE (IO_BASE + 0x14000)
+#define IOSB_BASE (IO_BASE + 0x18000)
#define SWIM_BASE (IO_BASE + 0x1E000)
#define SONIC_PROM_SIZE 0x1000
@@ -296,6 +298,13 @@ static void q800_machine_init(MachineState *machine)
memory_region_add_subregion(&m->macio, DJMEMC_BASE - IO_BASE,
sysbus_mmio_get_region(sysbus, 0));
+ /* IOSB subsystem */
+ object_initialize_child(OBJECT(machine), "iosb", &m->iosb, TYPE_IOSB);
+ sysbus = SYS_BUS_DEVICE(&m->iosb);
+ sysbus_realize_and_unref(sysbus, &error_fatal);
+ memory_region_add_subregion(&m->macio, IOSB_BASE - IO_BASE,
+ sysbus_mmio_get_region(sysbus, 0));
+
/* VIA 1 */
object_initialize_child(OBJECT(machine), "via1", &m->via1,
TYPE_MOS6522_Q800_VIA1);
diff --git a/hw/misc/Kconfig b/hw/misc/Kconfig
index cb7857e3ed..858277bb60 100644
--- a/hw/misc/Kconfig
+++ b/hw/misc/Kconfig
@@ -189,4 +189,7 @@ config AXP2XX_PMU
config DJMEMC
bool
+config IOSB
+ bool
+
source macio/Kconfig
diff --git a/hw/misc/iosb.c b/hw/misc/iosb.c
new file mode 100644
index 0000000000..e7e9dcca47
--- /dev/null
+++ b/hw/misc/iosb.c
@@ -0,0 +1,133 @@
+/*
+ * QEMU IOSB emulation
+ *
+ * Copyright (c) 2019 Laurent Vivier
+ * Copyright (c) 2022 Mark Cave-Ayland
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/log.h"
+#include "migration/vmstate.h"
+#include "hw/sysbus.h"
+#include "hw/misc/iosb.h"
+#include "trace.h"
+
+#define IOSB_SIZE 0x2000
+
+#define IOSB_CONFIG 0x0
+#define IOSB_CONFIG2 0x100
+#define IOSB_SONIC_SCSI 0x200
+#define IOSB_REVISION 0x300
+#define IOSB_SCSI_RESID 0x400
+#define IOSB_BRIGHTNESS 0x500
+#define IOSB_TIMEOUT 0x600
+
+
+static uint64_t iosb_read(void *opaque, hwaddr addr,
+ unsigned size)
+{
+ IOSBState *s = IOSB(opaque);
+ uint64_t val = 0;
+
+ switch (addr) {
+ case IOSB_CONFIG:
+ case IOSB_CONFIG2:
+ case IOSB_SONIC_SCSI:
+ case IOSB_REVISION:
+ case IOSB_SCSI_RESID:
+ case IOSB_BRIGHTNESS:
+ case IOSB_TIMEOUT:
+ val = s->regs[addr >> 8];
+ break;
+ default:
+ qemu_log_mask(LOG_UNIMP, "IOSB: unimplemented read addr=0x%"PRIx64
+ " val=0x%"PRIx64 " size=%d\n",
+ addr, val, size);
+ }
+
+ trace_iosb_read(addr, val, size);
+ return val;
+}
+
+static void iosb_write(void *opaque, hwaddr addr, uint64_t val,
+ unsigned size)
+{
+ IOSBState *s = IOSB(opaque);
+
+ switch (addr) {
+ case IOSB_CONFIG:
+ case IOSB_CONFIG2:
+ case IOSB_SONIC_SCSI:
+ case IOSB_REVISION:
+ case IOSB_SCSI_RESID:
+ case IOSB_BRIGHTNESS:
+ case IOSB_TIMEOUT:
+ s->regs[addr >> 8] = val;
+ break;
+ default:
+ qemu_log_mask(LOG_UNIMP, "IOSB: unimplemented write addr=0x%"PRIx64
+ " val=0x%"PRIx64 " size=%d\n",
+ addr, val, size);
+ }
+
+ trace_iosb_write(addr, val, size);
+}
+
+static const MemoryRegionOps iosb_mmio_ops = {
+ .read = iosb_read,
+ .write = iosb_write,
+ .endianness = DEVICE_BIG_ENDIAN,
+};
+
+static void iosb_reset_hold(Object *obj)
+{
+ IOSBState *s = IOSB(obj);
+
+ memset(s->regs, 0, sizeof(s->regs));
+
+ /* BCLK 33 MHz */
+ s->regs[IOSB_CONFIG >> 8] = 1;
+}
+
+static void iosb_init(Object *obj)
+{
+ IOSBState *s = IOSB(obj);
+ SysBusDevice *sbd = SYS_BUS_DEVICE(obj);
+
+ memory_region_init_io(&s->mem_regs, obj, &iosb_mmio_ops, s, "IOSB",
+ IOSB_SIZE);
+ sysbus_init_mmio(sbd, &s->mem_regs);
+}
+
+static const VMStateDescription vmstate_iosb = {
+ .name = "IOSB",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT32_ARRAY(regs, IOSBState, IOSB_REGS),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static void iosb_class_init(ObjectClass *oc, void *data)
+{
+ DeviceClass *dc = DEVICE_CLASS(oc);
+ ResettableClass *rc = RESETTABLE_CLASS(oc);
+
+ dc->vmsd = &vmstate_iosb;
+ rc->phases.hold = iosb_reset_hold;
+}
+
+static const TypeInfo iosb_info_types[] = {
+ {
+ .name = TYPE_IOSB,
+ .parent = TYPE_SYS_BUS_DEVICE,
+ .instance_size = sizeof(IOSBState),
+ .instance_init = iosb_init,
+ .class_init = iosb_class_init,
+ },
+};
+
+DEFINE_TYPES(iosb_info_types)
diff --git a/hw/misc/meson.build b/hw/misc/meson.build
index 86f23f267f..ea7e1beace 100644
--- a/hw/misc/meson.build
+++ b/hw/misc/meson.build
@@ -21,6 +21,7 @@ system_ss.add(when: 'CONFIG_ARM_V7M', if_true: files('armv7m_ras.c'))
# Mac devices
system_ss.add(when: 'CONFIG_MOS6522', if_true: files('mos6522.c'))
system_ss.add(when: 'CONFIG_DJMEMC', if_true: files('djmemc.c'))
+system_ss.add(when: 'CONFIG_IOSB', if_true: files('iosb.c'))
# virt devices
system_ss.add(when: 'CONFIG_VIRT_CTRL', if_true: files('virt_ctrl.c'))
diff --git a/hw/misc/trace-events b/hw/misc/trace-events
index be383fe956..c9bdb0d30e 100644
--- a/hw/misc/trace-events
+++ b/hw/misc/trace-events
@@ -305,3 +305,7 @@ lasi_chip_write(uint64_t addr, uint32_t val) "addr 0x%"PRIx64" val 0x%08x"
# djmemc.c
djmemc_read(int reg, uint64_t value, unsigned int size) "reg=0x%x value=0x%"PRIx64" size=%u"
djmemc_write(int reg, uint64_t value, unsigned int size) "reg=0x%x value=0x%"PRIx64" size=%u"
+
+# iosb.c
+iosb_read(int reg, uint64_t value, unsigned int size) "reg=0x%x value=0x%"PRIx64" size=%u"
+iosb_write(int reg, uint64_t value, unsigned int size) "reg=0x%x value=0x%"PRIx64" size=%u"
diff --git a/include/hw/m68k/q800.h b/include/hw/m68k/q800.h
index dd7d7a6f2c..98097165d9 100644
--- a/include/hw/m68k/q800.h
+++ b/include/hw/m68k/q800.h
@@ -37,6 +37,7 @@
#include "hw/nubus/mac-nubus-bridge.h"
#include "hw/display/macfb.h"
#include "hw/misc/djmemc.h"
+#include "hw/misc/iosb.h"
/*
* The main Q800 machine
@@ -58,6 +59,7 @@ struct Q800MachineState {
MacNubusBridge mac_nubus_bridge;
MacfbNubusState macfb;
DJMEMCState djmemc;
+ IOSBState iosb;
MemoryRegion macio;
MemoryRegion macio_alias;
MemoryRegion machine_id;
diff --git a/include/hw/misc/iosb.h b/include/hw/misc/iosb.h
new file mode 100644
index 0000000000..377f8ca7e2
--- /dev/null
+++ b/include/hw/misc/iosb.h
@@ -0,0 +1,25 @@
+/*
+ * QEMU IOSB emulation
+ *
+ * Copyright (c) 2019 Laurent Vivier
+ * Copyright (c) 2022 Mark Cave-Ayland
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#ifndef HW_MEM_IOSB_H
+#define HW_MEM_IOSB_H
+
+#define IOSB_REGS 7
+
+struct IOSBState {
+ SysBusDevice parent_obj;
+
+ MemoryRegion mem_regs;
+ uint32_t regs[IOSB_REGS];
+};
+
+#define TYPE_IOSB "IOSB"
+OBJECT_DECLARE_SIMPLE_TYPE(IOSBState, IOSB);
+
+#endif
--
2.39.2
^ permalink raw reply related [flat|nested] 44+ messages in thread
* [PATCH v2 06/20] q800: allow accesses to RAM area even if less memory is available
2023-09-09 9:48 [PATCH v2 00/20] q800: add support for booting MacOS Classic - part 2 Mark Cave-Ayland
` (4 preceding siblings ...)
2023-09-09 9:48 ` [PATCH v2 05/20] q800: add IOSB subsystem Mark Cave-Ayland
@ 2023-09-09 9:48 ` Mark Cave-Ayland
2023-09-09 9:48 ` [PATCH v2 07/20] audio: add Apple Sound Chip (ASC) emulation Mark Cave-Ayland
` (13 subsequent siblings)
19 siblings, 0 replies; 44+ messages in thread
From: Mark Cave-Ayland @ 2023-09-09 9:48 UTC (permalink / raw)
To: laurent, qemu-devel
MacOS attempts a series of writes and reads over the entire RAM area in order
to determine the amount of RAM within the machine. Allow accesses to the
entire RAM area ignoring writes and always reading zero for areas where there
is no physical RAM installed to allow MacOS to detect the memory size without
faulting.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
---
hw/m68k/q800.c | 30 +++++++++++++++++++++++++++++-
include/hw/m68k/q800.h | 1 +
2 files changed, 30 insertions(+), 1 deletion(-)
diff --git a/hw/m68k/q800.c b/hw/m68k/q800.c
index 081b95e9cf..3209309173 100644
--- a/hw/m68k/q800.c
+++ b/hw/m68k/q800.c
@@ -86,6 +86,9 @@
#define MAC_CLOCK 3686418
+/* Size of whole RAM area */
+#define RAM_SIZE 0x40000000
+
/*
* Slot 0x9 is reserved for use by the in-built framebuffer whilst only
* slots 0xc, 0xd and 0xe physically exist on the Quadra 800
@@ -218,6 +221,27 @@ static const MemoryRegionOps machine_id_ops = {
},
};
+static uint64_t ramio_read(void *opaque, hwaddr addr, unsigned size)
+{
+ return 0x0;
+}
+
+static void ramio_write(void *opaque, hwaddr addr, uint64_t val,
+ unsigned size)
+{
+ return;
+}
+
+static const MemoryRegionOps ramio_ops = {
+ .read = ramio_read,
+ .write = ramio_write,
+ .endianness = DEVICE_BIG_ENDIAN,
+ .valid = {
+ .min_access_size = 1,
+ .max_access_size = 4,
+ },
+};
+
static void q800_machine_init(MachineState *machine)
{
Q800MachineState *m = Q800_MACHINE(machine);
@@ -262,7 +286,11 @@ static void q800_machine_init(MachineState *machine)
qemu_register_reset(main_cpu_reset, &m->cpu);
/* RAM */
- memory_region_add_subregion(get_system_memory(), 0, machine->ram);
+ memory_region_init_io(&m->ramio, OBJECT(machine), &ramio_ops, &m->ramio,
+ "ram", RAM_SIZE);
+ memory_region_add_subregion(get_system_memory(), 0x0, &m->ramio);
+
+ memory_region_add_subregion(&m->ramio, 0, machine->ram);
/*
* Create container for all IO devices
diff --git a/include/hw/m68k/q800.h b/include/hw/m68k/q800.h
index 98097165d9..04e4e0bce3 100644
--- a/include/hw/m68k/q800.h
+++ b/include/hw/m68k/q800.h
@@ -60,6 +60,7 @@ struct Q800MachineState {
MacfbNubusState macfb;
DJMEMCState djmemc;
IOSBState iosb;
+ MemoryRegion ramio;
MemoryRegion macio;
MemoryRegion macio_alias;
MemoryRegion machine_id;
--
2.39.2
^ permalink raw reply related [flat|nested] 44+ messages in thread
* [PATCH v2 07/20] audio: add Apple Sound Chip (ASC) emulation
2023-09-09 9:48 [PATCH v2 00/20] q800: add support for booting MacOS Classic - part 2 Mark Cave-Ayland
` (5 preceding siblings ...)
2023-09-09 9:48 ` [PATCH v2 06/20] q800: allow accesses to RAM area even if less memory is available Mark Cave-Ayland
@ 2023-09-09 9:48 ` Mark Cave-Ayland
2023-09-14 7:06 ` Volker Rümelin
2023-09-09 9:48 ` [PATCH v2 08/20] asc: generate silence if FIFO empty but engine still running Mark Cave-Ayland
` (12 subsequent siblings)
19 siblings, 1 reply; 44+ messages in thread
From: Mark Cave-Ayland @ 2023-09-09 9:48 UTC (permalink / raw)
To: laurent, qemu-devel
The Apple Sound Chip was primarily used by the Macintosh II to generate sound
in hardware which was previously handled by the toolbox ROM with software
interrupts.
Implement both the standard ASC and also the enhanced ASC (EASC) functionality
which is used in the Quadra 800.
Note that whilst real ASC hardware uses AUDIO_FORMAT_S8, this implementation uses
AUDIO_FORMAT_U8 instead because AUDIO_FORMAT_S8 is rarely used and not supported
by some audio backends like PulseAudio and DirectSound when played directly with
-audiodev out.mixing-engine=off.
Co-developed-by: Laurent Vivier <laurent@vivier.eu>
Co-developed-by: Volker Rümelin <vr_qemu@t-online.de>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
---
MAINTAINERS | 2 +
hw/audio/Kconfig | 3 +
hw/audio/asc.c | 699 +++++++++++++++++++++++++++++++++++++++++
hw/audio/meson.build | 1 +
hw/audio/trace-events | 10 +
hw/m68k/Kconfig | 1 +
include/hw/audio/asc.h | 84 +++++
7 files changed, 800 insertions(+)
create mode 100644 hw/audio/asc.c
create mode 100644 include/hw/audio/asc.h
diff --git a/MAINTAINERS b/MAINTAINERS
index e02c0073af..902b575451 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1223,6 +1223,7 @@ F: hw/display/macfb.c
F: hw/block/swim.c
F: hw/misc/djmemc.c
F: hw/misc/iosb.c
+F: hw/audio/asc.c
F: hw/m68k/bootinfo.h
F: include/standard-headers/asm-m68k/bootinfo.h
F: include/standard-headers/asm-m68k/bootinfo-mac.h
@@ -1234,6 +1235,7 @@ F: include/hw/m68k/q800.h
F: include/hw/m68k/q800-glue.h
F: include/hw/misc/djmemc.h
F: include/hw/misc/iosb.h
+F: include/hw/audio/asc.h
virt
M: Laurent Vivier <laurent@vivier.eu>
diff --git a/hw/audio/Kconfig b/hw/audio/Kconfig
index e76c69ca7e..d0993514a1 100644
--- a/hw/audio/Kconfig
+++ b/hw/audio/Kconfig
@@ -47,3 +47,6 @@ config PL041
config CS4231
bool
+
+config ASC
+ bool
diff --git a/hw/audio/asc.c b/hw/audio/asc.c
new file mode 100644
index 0000000000..336ace0cd6
--- /dev/null
+++ b/hw/audio/asc.c
@@ -0,0 +1,699 @@
+/*
+ * QEMU Apple Sound Chip emulation
+ *
+ * Apple Sound Chip (ASC) 344S0063
+ * Enhanced Apple Sound Chip (EASC) 343S1063
+ *
+ * Copyright (c) 2012-2018 Laurent Vivier <laurent@vivier.eu>
+ * Copyright (c) 2022 Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/timer.h"
+#include "hw/sysbus.h"
+#include "hw/irq.h"
+#include "audio/audio.h"
+#include "hw/audio/asc.h"
+#include "hw/qdev-properties.h"
+#include "migration/vmstate.h"
+#include "trace.h"
+
+/*
+ * Linux doesn't provide information about ASC, see arch/m68k/mac/macboing.c
+ * and arch/m68k/include/asm/mac_asc.h
+ *
+ * best information is coming from MAME:
+ * https://github.com/mamedev/mame/blob/master/src/devices/sound/asc.h
+ * https://github.com/mamedev/mame/blob/master/src/devices/sound/asc.cpp
+ * Emulation by R. Belmont
+ * or MESS:
+ * http://mess.redump.net/mess/driver_info/easc
+ *
+ * 0x800: VERSION
+ * 0x801: MODE
+ * 1=FIFO mode,
+ * 2=wavetable mode
+ * 0x802: CONTROL
+ * bit 0=analog or PWM output,
+ * 1=stereo/mono,
+ * 7=processing time exceeded
+ * 0x803: FIFO MODE
+ * bit 7=clear FIFO,
+ * bit 1="non-ROM companding",
+ * bit 0="ROM companding")
+ * 0x804: FIFO IRQ STATUS
+ * bit 0=ch A 1/2 full,
+ * 1=ch A full,
+ * 2=ch B 1/2 full,
+ * 3=ch B full)
+ * 0x805: WAVETABLE CONTROL
+ * bits 0-3 wavetables 0-3 start
+ * 0x806: VOLUME
+ * bits 2-4 = 3 bit internal ASC volume,
+ * bits 5-7 = volume control sent to Sony sound chip
+ * 0x807: CLOCK RATE
+ * 0 = Mac 22257 Hz,
+ * 1 = undefined,
+ * 2 = 22050 Hz,
+ * 3 = 44100 Hz
+ * 0x80a: PLAY REC A
+ * 0x80f: TEST
+ * bits 6-7 = digital test,
+ * bits 4-5 = analog test
+ * 0x810: WAVETABLE 0 PHASE
+ * big-endian 9.15 fixed-point, only 24 bits valid
+ * 0x814: WAVETABLE 0 INCREMENT
+ * big-endian 9.15 fixed-point, only 24 bits valid
+ * 0x818: WAVETABLE 1 PHASE
+ * 0x81C: WAVETABLE 1 INCREMENT
+ * 0x820: WAVETABLE 2 PHASE
+ * 0x824: WAVETABLE 2 INCREMENT
+ * 0x828: WAVETABLE 3 PHASE
+ * 0x82C: WAVETABLE 3 INCREMENT
+ * 0x830: UNKNOWN START
+ * NetBSD writes Wavetable data here (are there more
+ * wavetables/channels than we know about?)
+ * 0x857: UNKNOWN END
+ */
+
+#define ASC_SIZE 0x2000
+
+enum {
+ ASC_VERSION = 0x00,
+ ASC_MODE = 0x01,
+ ASC_CONTROL = 0x02,
+ ASC_FIFOMODE = 0x03,
+ ASC_FIFOIRQ = 0x04,
+ ASC_WAVECTRL = 0x05,
+ ASC_VOLUME = 0x06,
+ ASC_CLOCK = 0x07,
+ ASC_PLAYRECA = 0x0a,
+ ASC_TEST = 0x0f,
+ ASC_WAVETABLE = 0x10
+};
+
+#define ASC_FIFO_STATUS_HALF_FULL 1
+#define ASC_FIFO_STATUS_FULL_EMPTY 2
+
+#define ASC_EXTREGS_FIFOCTRL 0x8
+#define ASC_EXTREGS_INTCTRL 0x9
+#define ASC_EXTREGS_CDXA_DECOMP_FILT 0x10
+
+#define ASC_FIFO_CYCLE_TIME ((NANOSECONDS_PER_SECOND / ASC_FREQ) * \
+ 0x400)
+
+static void asc_raise_irq(ASCState *s)
+{
+ qemu_set_irq(s->irq, 1);
+}
+
+static void asc_lower_irq(ASCState *s)
+{
+ qemu_set_irq(s->irq, 0);
+}
+
+static uint8_t asc_fifo_get(ASCFIFOState *fs)
+{
+ ASCState *s = container_of(fs, ASCState, fifos[fs->index]);
+ bool fifo_half_irq_enabled = fs->extregs[ASC_EXTREGS_INTCTRL] & 1;
+ uint8_t val;
+
+ assert(fs->cnt);
+
+ val = fs->fifo[fs->rptr];
+ trace_asc_fifo_get('A' + fs->index, fs->rptr, fs->cnt, val);
+
+ fs->rptr++;
+ fs->rptr &= 0x3ff;
+ fs->cnt--;
+
+ if (fs->cnt <= 0x1ff) {
+ /* FIFO less than half full */
+ fs->int_status |= ASC_FIFO_STATUS_HALF_FULL;
+ } else {
+ /* FIFO more than half full */
+ fs->int_status &= ~ASC_FIFO_STATUS_HALF_FULL;
+ }
+
+ if (fs->cnt == 0x1ff && fifo_half_irq_enabled) {
+ /* Raise FIFO half full IRQ */
+ asc_raise_irq(s);
+ }
+
+ if (fs->cnt == 0) {
+ /* Raise FIFO empty IRQ */
+ fs->int_status |= ASC_FIFO_STATUS_FULL_EMPTY;
+ asc_raise_irq(s);
+ }
+
+ return val;
+}
+
+static int generate_fifo(ASCState *s, int maxsamples)
+{
+ int64_t now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
+ uint8_t *buf = s->mixbuf;
+ int i, limit, count = 0;
+
+ limit = MIN(MAX(s->fifos[0].cnt, s->fifos[1].cnt), maxsamples);
+ while (count < limit) {
+ uint8_t val;
+ int16_t d, f0, f1;
+ int32_t t;
+ int shift, filter;
+ bool hasdata = true;
+
+ for (i = 0; i < 2; i++) {
+ ASCFIFOState *fs = &s->fifos[i];
+
+ switch (fs->extregs[ASC_EXTREGS_FIFOCTRL] & 0x83) {
+ case 0x82:
+ /*
+ * CD-XA BRR mode: exit if there isn't enough data in the FIFO
+ * for a complete 15 byte packet
+ */
+ if (fs->xa_cnt == -1 && fs->cnt < 15) {
+ hasdata = false;
+ continue;
+ }
+
+ if (fs->xa_cnt == -1) {
+ /* Start of packet, get flags */
+ fs->xa_flags = asc_fifo_get(fs);
+ fs->xa_cnt = 0;
+ }
+
+ shift = fs->xa_flags & 0xf;
+ filter = fs->xa_flags >> 4;
+ f0 = (int8_t)fs->extregs[ASC_EXTREGS_CDXA_DECOMP_FILT +
+ (filter << 1) + 1];
+ f1 = (int8_t)fs->extregs[ASC_EXTREGS_CDXA_DECOMP_FILT +
+ (filter << 1)];
+ if ((fs->xa_cnt & 1) == 0) {
+ fs->xa_val = asc_fifo_get(fs);
+ d = (fs->xa_val & 0xf) << 12;
+ } else {
+ d = (fs->xa_val & 0xf0) << 8;
+ }
+ t = (d >> shift) + (((fs->xa_last[0] * f0) +
+ (fs->xa_last[1] * f1) + 32) >> 6);
+ if (t < -32768) {
+ t = -32768;
+ } else if (t > 32768) {
+ t = 32768;
+ }
+
+ /*
+ * CD-XA BRR generates 16-bit signed output, so convert to
+ * 8-bit before writing to buffer. Does real hardware do the
+ * same?
+ */
+ buf[count * 2 + i] = (uint8_t)(t / 256) ^ 0x80;
+ fs->xa_cnt++;
+
+ fs->xa_last[1] = fs->xa_last[0];
+ fs->xa_last[0] = (int16_t)t;
+
+ if (fs->xa_cnt == 28) {
+ /* End of packet */
+ fs->xa_cnt = -1;
+ }
+ break;
+
+ default:
+ /* fallthrough */
+ case 0x80:
+ /* Raw mode */
+ if (fs->cnt) {
+ val = asc_fifo_get(fs);
+ } else {
+ val = 0x80;
+ }
+
+ buf[count * 2 + i] = val;
+ break;
+ }
+ }
+
+ if (!hasdata) {
+ break;
+ }
+
+ count++;
+ }
+
+ /*
+ * MacOS (un)helpfully leaves the FIFO engine running even when it has
+ * finished writing out samples, but still expects the FIFO empty
+ * interrupts to be generated for each FIFO cycle (without these interrupts
+ * MacOS will freeze)
+ */
+ if (s->fifos[0].cnt == 0 && s->fifos[1].cnt == 0) {
+ if (!s->fifo_empty_ns) {
+ /* FIFO has completed first empty cycle */
+ s->fifo_empty_ns = now;
+ } else if (now > (s->fifo_empty_ns + ASC_FIFO_CYCLE_TIME)) {
+ /* FIFO has completed entire cycle with no data */
+ s->fifos[0].int_status |= ASC_FIFO_STATUS_HALF_FULL |
+ ASC_FIFO_STATUS_FULL_EMPTY;
+ s->fifos[1].int_status |= ASC_FIFO_STATUS_HALF_FULL |
+ ASC_FIFO_STATUS_FULL_EMPTY;
+ s->fifo_empty_ns = now;
+ asc_raise_irq(s);
+ }
+ } else {
+ /* FIFO contains data, reset empty time */
+ s->fifo_empty_ns = 0;
+ }
+
+ return count;
+}
+
+static int generate_wavetable(ASCState *s, int maxsamples)
+{
+ uint8_t *buf = s->mixbuf;
+ int channel, count = 0;
+
+ while (count < maxsamples) {
+ uint32_t left = 0, right = 0;
+ uint8_t sample;
+
+ for (channel = 0; channel < 4; channel++) {
+ ASCFIFOState *fs = &s->fifos[channel >> 1];
+ int chanreg = ASC_WAVETABLE + (channel << 3);
+ uint32_t phase, incr, offset;
+
+ phase = ldl_be_p(&s->regs[chanreg]);
+ incr = ldl_be_p(&s->regs[chanreg + sizeof(uint32_t)]);
+
+ phase += incr;
+ offset = (phase >> 15) & 0x1ff;
+ sample = fs->fifo[0x200 * (channel >> 1) + offset];
+
+ stl_be_p(&s->regs[chanreg], phase);
+
+ left += sample;
+ right += sample;
+ }
+
+ buf[count * 2] = left >> 2;
+ buf[count * 2 + 1] = right >> 2;
+
+ count++;
+ }
+
+ return count;
+}
+
+static void asc_out_cb(void *opaque, int free_b)
+{
+ ASCState *s = opaque;
+ int samples, generated;
+
+ if (free_b == 0) {
+ return;
+ }
+
+ samples = MIN(s->samples, free_b >> s->shift);
+
+ switch (s->regs[ASC_MODE] & 3) {
+ default:
+ /* Off */
+ generated = 0;
+ break;
+ case 1:
+ /* FIFO mode */
+ generated = generate_fifo(s, samples);
+ break;
+ case 2:
+ /* Wave table mode */
+ generated = generate_wavetable(s, samples);
+ break;
+ }
+
+ if (!generated) {
+ return;
+ }
+
+ AUD_write(s->voice, s->mixbuf, generated << s->shift);
+}
+
+static uint64_t asc_fifo_read(void *opaque, hwaddr addr,
+ unsigned size)
+{
+ ASCFIFOState *fs = opaque;
+
+ trace_asc_read_fifo('A' + fs->index, addr, size, fs->fifo[addr]);
+ return fs->fifo[addr];
+}
+
+static void asc_fifo_write(void *opaque, hwaddr addr, uint64_t value,
+ unsigned size)
+{
+ ASCFIFOState *fs = opaque;
+ ASCState *s = container_of(fs, ASCState, fifos[fs->index]);
+ bool fifo_half_irq_enabled = fs->extregs[ASC_EXTREGS_INTCTRL] & 1;
+
+ trace_asc_write_fifo('A' + fs->index, addr, size, fs->wptr, fs->cnt, value);
+
+ if (s->regs[ASC_MODE] == 1) {
+ fs->fifo[fs->wptr++] = value;
+ fs->wptr &= 0x3ff;
+ fs->cnt++;
+
+ if (fs->cnt <= 0x1ff) {
+ /* FIFO less than half full */
+ fs->int_status |= ASC_FIFO_STATUS_HALF_FULL;
+ } else {
+ /* FIFO at least half full */
+ fs->int_status &= ~ASC_FIFO_STATUS_HALF_FULL;
+ }
+
+ if (fs->cnt == 0x200 && fifo_half_irq_enabled) {
+ /* Raise FIFO half full interrupt */
+ asc_raise_irq(s);
+ }
+
+ if (fs->cnt == 0x3ff) {
+ /* Raise FIFO full interrupt */
+ fs->int_status |= ASC_FIFO_STATUS_FULL_EMPTY;
+ asc_raise_irq(s);
+ }
+ } else {
+ fs->fifo[addr] = value;
+ }
+ return;
+}
+
+static const MemoryRegionOps asc_fifo_ops = {
+ .read = asc_fifo_read,
+ .write = asc_fifo_write,
+ .impl = {
+ .min_access_size = 1,
+ .max_access_size = 1,
+ },
+ .endianness = DEVICE_BIG_ENDIAN,
+};
+
+static void asc_fifo_reset(ASCFIFOState *fs);
+
+static uint64_t asc_read(void *opaque, hwaddr addr,
+ unsigned size)
+{
+ ASCState *s = opaque;
+ uint64_t prev, value;
+
+ switch (addr) {
+ case ASC_VERSION:
+ switch (s->type) {
+ default:
+ case ASC_TYPE_ASC:
+ value = 0;
+ break;
+ case ASC_TYPE_EASC:
+ value = 0xb0;
+ break;
+ }
+ break;
+ case ASC_FIFOIRQ:
+ prev = (s->fifos[0].int_status & 0x3) |
+ (s->fifos[1].int_status & 0x3) << 2;
+
+ s->fifos[0].int_status = 0;
+ s->fifos[1].int_status = 0;
+ asc_lower_irq(s);
+ value = prev;
+ break;
+ default:
+ value = s->regs[addr];
+ break;
+ }
+
+ trace_asc_read_reg(addr, size, value);
+ return value;
+}
+
+static void asc_write(void *opaque, hwaddr addr, uint64_t value,
+ unsigned size)
+{
+ ASCState *s = opaque;
+
+ switch (addr) {
+ case ASC_MODE:
+ value &= 3;
+ if (value != s->regs[ASC_MODE]) {
+ asc_fifo_reset(&s->fifos[0]);
+ asc_fifo_reset(&s->fifos[1]);
+ asc_lower_irq(s);
+ if (value != 0) {
+ AUD_set_active_out(s->voice, 1);
+ } else {
+ AUD_set_active_out(s->voice, 0);
+ }
+ }
+ break;
+ case ASC_FIFOMODE:
+ if (value & 0x80) {
+ asc_fifo_reset(&s->fifos[0]);
+ asc_fifo_reset(&s->fifos[1]);
+ asc_lower_irq(s);
+ }
+ break;
+ case ASC_WAVECTRL:
+ break;
+ case ASC_VOLUME:
+ {
+ int vol = (value & 0xe0);
+
+ AUD_set_volume_out(s->voice, 0, vol, vol);
+ break;
+ }
+ }
+
+ trace_asc_write_reg(addr, size, value);
+ s->regs[addr] = value;
+}
+
+static const MemoryRegionOps asc_regs_ops = {
+ .read = asc_read,
+ .write = asc_write,
+ .endianness = DEVICE_BIG_ENDIAN,
+ .impl = {
+ .min_access_size = 1,
+ .max_access_size = 1,
+ }
+};
+
+static uint64_t asc_ext_read(void *opaque, hwaddr addr,
+ unsigned size)
+{
+ ASCFIFOState *fs = opaque;
+ uint64_t value;
+
+ value = fs->extregs[addr];
+
+ trace_asc_read_extreg('A' + fs->index, addr, size, value);
+ return value;
+}
+
+static void asc_ext_write(void *opaque, hwaddr addr, uint64_t value,
+ unsigned size)
+{
+ ASCFIFOState *fs = opaque;
+
+ trace_asc_write_extreg('A' + fs->index, addr, size, value);
+
+ fs->extregs[addr] = value;
+}
+
+static const MemoryRegionOps asc_extregs_ops = {
+ .read = asc_ext_read,
+ .write = asc_ext_write,
+ .impl = {
+ .min_access_size = 1,
+ .max_access_size = 1,
+ },
+ .endianness = DEVICE_BIG_ENDIAN,
+};
+
+static int asc_post_load(void *opaque, int version)
+{
+ ASCState *s = ASC(opaque);
+
+ if (s->regs[ASC_MODE] != 0) {
+ AUD_set_active_out(s->voice, 1);
+ }
+
+ return 0;
+}
+
+static const VMStateDescription vmstate_asc_fifo = {
+ .name = "apple-sound-chip.fifo",
+ .version_id = 0,
+ .minimum_version_id = 0,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT8_ARRAY(fifo, ASCFIFOState, ASC_FIFO_SIZE),
+ VMSTATE_UINT8(int_status, ASCFIFOState),
+ VMSTATE_INT32(cnt, ASCFIFOState),
+ VMSTATE_INT32(wptr, ASCFIFOState),
+ VMSTATE_INT32(rptr, ASCFIFOState),
+ VMSTATE_UINT8_ARRAY(extregs, ASCFIFOState, ASC_EXTREG_SIZE),
+ VMSTATE_INT32(xa_cnt, ASCFIFOState),
+ VMSTATE_UINT8(xa_val, ASCFIFOState),
+ VMSTATE_UINT8(xa_flags, ASCFIFOState),
+ VMSTATE_INT16_ARRAY(xa_last, ASCFIFOState, 2),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static const VMStateDescription vmstate_asc = {
+ .name = "apple-sound-chip",
+ .version_id = 0,
+ .minimum_version_id = 0,
+ .post_load = asc_post_load,
+ .fields = (VMStateField[]) {
+ VMSTATE_STRUCT_ARRAY(fifos, ASCState, 2, 0, vmstate_asc_fifo,
+ ASCFIFOState),
+ VMSTATE_UINT8_ARRAY(regs, ASCState, ASC_REG_SIZE),
+ VMSTATE_INT64(fifo_empty_ns, ASCState),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static void asc_fifo_reset(ASCFIFOState *fs)
+{
+ fs->wptr = 0;
+ fs->rptr = 0;
+ fs->cnt = 0;
+ fs->xa_cnt = -1;
+ fs->int_status = 0;
+}
+
+static void asc_fifo_init(ASCFIFOState *fs, int index)
+{
+ ASCState *s = container_of(fs, ASCState, fifos[index]);
+ char *name;
+
+ fs->index = index;
+ name = g_strdup_printf("asc.fifo%c", 'A' + index);
+ memory_region_init_io(&fs->mem_fifo, OBJECT(s), &asc_fifo_ops, fs,
+ name, ASC_FIFO_SIZE);
+ g_free(name);
+
+ name = g_strdup_printf("asc.extregs%c", 'A' + index);
+ memory_region_init_io(&fs->mem_extregs, OBJECT(s), &asc_extregs_ops,
+ fs, name, ASC_EXTREG_SIZE);
+ g_free(name);
+}
+
+static void asc_reset_hold(Object *obj)
+{
+ ASCState *s = ASC(obj);
+
+ AUD_set_active_out(s->voice, 0);
+
+ memset(s->regs, 0, sizeof(s->regs));
+ asc_fifo_reset(&s->fifos[0]);
+ asc_fifo_reset(&s->fifos[1]);
+ s->fifo_empty_ns = 0;
+
+ if (s->type == ASC_TYPE_ASC) {
+ /* FIFO half full IRQs enabled by default */
+ s->fifos[0].extregs[ASC_EXTREGS_INTCTRL] = 1;
+ s->fifos[1].extregs[ASC_EXTREGS_INTCTRL] = 1;
+ }
+}
+
+static void asc_unrealize(DeviceState *dev)
+{
+ ASCState *s = ASC(dev);
+
+ g_free(s->mixbuf);
+
+ AUD_remove_card(&s->card);
+}
+
+static void asc_realize(DeviceState *dev, Error **errp)
+{
+ ASCState *s = ASC(dev);
+ struct audsettings as;
+
+ AUD_register_card("Apple Sound Chip", &s->card);
+
+ as.freq = ASC_FREQ;
+ as.nchannels = 2;
+ as.fmt = AUDIO_FORMAT_U8;
+ as.endianness = AUDIO_HOST_ENDIANNESS;
+
+ s->voice = AUD_open_out(&s->card, s->voice, "asc.out", s, asc_out_cb,
+ &as);
+ s->shift = 1;
+ s->samples = AUD_get_buffer_size_out(s->voice) >> s->shift;
+ s->mixbuf = g_malloc0(s->samples << s->shift);
+
+ /* Add easc registers if required */
+ if (s->type == ASC_TYPE_EASC) {
+ memory_region_add_subregion(&s->asc, ASC_EXTREG_OFFSET,
+ &s->fifos[0].mem_extregs);
+ memory_region_add_subregion(&s->asc,
+ ASC_EXTREG_OFFSET + ASC_EXTREG_SIZE,
+ &s->fifos[1].mem_extregs);
+ }
+}
+
+static void asc_init(Object *obj)
+{
+ ASCState *s = ASC(obj);
+ SysBusDevice *sbd = SYS_BUS_DEVICE(obj);
+
+ memory_region_init(&s->asc, OBJECT(obj), "asc", ASC_SIZE);
+
+ asc_fifo_init(&s->fifos[0], 0);
+ asc_fifo_init(&s->fifos[1], 1);
+
+ memory_region_add_subregion(&s->asc, ASC_FIFO_OFFSET,
+ &s->fifos[0].mem_fifo);
+ memory_region_add_subregion(&s->asc,
+ ASC_FIFO_OFFSET + ASC_FIFO_SIZE,
+ &s->fifos[1].mem_fifo);
+
+ memory_region_init_io(&s->mem_regs, OBJECT(obj), &asc_regs_ops, s,
+ "asc.regs", ASC_REG_SIZE);
+ memory_region_add_subregion(&s->asc, ASC_REG_OFFSET, &s->mem_regs);
+
+ sysbus_init_irq(sbd, &s->irq);
+ sysbus_init_mmio(sbd, &s->asc);
+}
+
+static Property asc_properties[] = {
+ DEFINE_AUDIO_PROPERTIES(ASCState, card),
+ DEFINE_PROP_UINT8("asctype", ASCState, type, ASC_TYPE_ASC),
+ DEFINE_PROP_END_OF_LIST(),
+};
+
+static void asc_class_init(ObjectClass *oc, void *data)
+{
+ DeviceClass *dc = DEVICE_CLASS(oc);
+ ResettableClass *rc = RESETTABLE_CLASS(oc);
+
+ dc->realize = asc_realize;
+ dc->unrealize = asc_unrealize;
+ set_bit(DEVICE_CATEGORY_SOUND, dc->categories);
+ dc->vmsd = &vmstate_asc;
+ device_class_set_props(dc, asc_properties);
+ rc->phases.hold = asc_reset_hold;
+}
+
+static const TypeInfo asc_info_types[] = {
+ {
+ .name = TYPE_ASC,
+ .parent = TYPE_SYS_BUS_DEVICE,
+ .instance_size = sizeof(ASCState),
+ .instance_init = asc_init,
+ .class_init = asc_class_init,
+ },
+};
+
+DEFINE_TYPES(asc_info_types)
diff --git a/hw/audio/meson.build b/hw/audio/meson.build
index d0fda1009e..8805322f5c 100644
--- a/hw/audio/meson.build
+++ b/hw/audio/meson.build
@@ -1,6 +1,7 @@
system_ss.add(files('soundhw.c'))
system_ss.add(when: 'CONFIG_AC97', if_true: files('ac97.c'))
system_ss.add(when: 'CONFIG_ADLIB', if_true: files('fmopl.c', 'adlib.c'))
+system_ss.add(when: 'CONFIG_ASC', if_true: files('asc.c'))
system_ss.add(when: 'CONFIG_CS4231', if_true: files('cs4231.c'))
system_ss.add(when: 'CONFIG_CS4231A', if_true: files('cs4231a.c'))
system_ss.add(when: 'CONFIG_ES1370', if_true: files('es1370.c'))
diff --git a/hw/audio/trace-events b/hw/audio/trace-events
index 4dec48a4fd..89ef2996e5 100644
--- a/hw/audio/trace-events
+++ b/hw/audio/trace-events
@@ -17,3 +17,13 @@ via_ac97_codec_write(uint8_t addr, uint16_t val) "0x%x <- 0x%x"
via_ac97_sgd_fetch(uint32_t curr, uint32_t addr, char stop, char eol, char flag, uint32_t len) "curr=0x%x addr=0x%x %c%c%c len=%d"
via_ac97_sgd_read(uint64_t addr, unsigned size, uint64_t val) "0x%"PRIx64" %d -> 0x%"PRIx64
via_ac97_sgd_write(uint64_t addr, unsigned size, uint64_t val) "0x%"PRIx64" %d <- 0x%"PRIx64
+
+# asc.c
+asc_read_fifo(const char fifo, int reg, unsigned size, uint64_t value) "fifo %c reg=0x%03x size=%u value=0x%"PRIx64
+asc_read_reg(int reg, unsigned size, uint64_t value) "reg=0x%03x size=%u value=0x%"PRIx64
+asc_read_extreg(const char fifo, int reg, unsigned size, uint64_t value) "fifo %c reg=0x%03x size=%u value=0x%"PRIx64
+asc_fifo_get(const char fifo, int rptr, int cnt, uint64_t value) "fifo %c rptr=0x%x cnt=0x%x value=0x%"PRIx64
+asc_write_fifo(const char fifo, int reg, unsigned size, int wrptr, int cnt, uint64_t value) "fifo %c reg=0x%03x size=%u wptr=0x%x cnt=0x%x value=0x%"PRIx64
+asc_write_reg(int reg, unsigned size, uint64_t value) "reg=0x%03x size=%u value=0x%"PRIx64
+asc_write_extreg(const char fifo, int reg, unsigned size, uint64_t value) "fifo %c reg=0x%03x size=%u value=0x%"PRIx64
+asc_update_irq(int irq, int a, int b) "set IRQ to %d (A: 0x%x B: 0x%x)"
diff --git a/hw/m68k/Kconfig b/hw/m68k/Kconfig
index 64fa70a0db..d88741ec9d 100644
--- a/hw/m68k/Kconfig
+++ b/hw/m68k/Kconfig
@@ -25,6 +25,7 @@ config Q800
select OR_IRQ
select DJMEMC
select IOSB
+ select ASC
config M68K_VIRT
bool
diff --git a/include/hw/audio/asc.h b/include/hw/audio/asc.h
new file mode 100644
index 0000000000..d9412815c3
--- /dev/null
+++ b/include/hw/audio/asc.h
@@ -0,0 +1,84 @@
+/*
+ * QEMU Apple Sound Chip emulation
+ *
+ * Apple Sound Chip (ASC) 344S0063
+ * Enhanced Apple Sound Chip (EASC) 343S1063
+ *
+ * Copyright (c) 2012-2018 Laurent Vivier <laurent@vivier.eu>
+ * Copyright (c) 2022 Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#ifndef HW_AUDIO_ASC_H
+#define HW_AUDIO_ASC_H
+
+#include "qemu/osdep.h"
+#include "hw/sysbus.h"
+#include "audio/audio.h"
+
+#define ASC_FREQ 22257
+
+enum {
+ ASC_TYPE_ASC = 0, /* original discrete Apple Sound Chip */
+ ASC_TYPE_EASC = 1 /* discrete Enhanced Apple Sound Chip */
+};
+
+#define ASC_FIFO_OFFSET 0x0
+#define ASC_FIFO_SIZE 0x400
+
+#define ASC_REG_OFFSET 0x800
+#define ASC_REG_SIZE 0x60
+
+#define ASC_EXTREG_OFFSET 0xf00
+#define ASC_EXTREG_SIZE 0x20
+
+typedef struct ASCFIFOState {
+ int index;
+
+ MemoryRegion mem_fifo;
+ uint8_t fifo[ASC_FIFO_SIZE];
+ uint8_t int_status;
+
+ int cnt;
+ int wptr;
+ int rptr;
+
+ MemoryRegion mem_extregs;
+ uint8_t extregs[ASC_EXTREG_SIZE];
+
+ int xa_cnt;
+ uint8_t xa_val;
+ uint8_t xa_flags;
+ int16_t xa_last[2];
+} ASCFIFOState;
+
+struct ASCState {
+ SysBusDevice parent_obj;
+
+ uint8_t type;
+ MemoryRegion asc;
+ MemoryRegion mem_fifo;
+ MemoryRegion mem_regs;
+ MemoryRegion mem_extregs;
+
+ QEMUSoundCard card;
+ SWVoiceOut *voice;
+ uint8_t *mixbuf;
+ int samples;
+ int shift;
+
+ /* Time when we were last able to generate samples */
+ int64_t fifo_empty_ns;
+
+ qemu_irq irq;
+
+ ASCFIFOState fifos[2];
+
+ uint8_t regs[ASC_REG_SIZE];
+};
+
+#define TYPE_ASC "apple-sound-chip"
+OBJECT_DECLARE_SIMPLE_TYPE(ASCState, ASC)
+
+#endif
--
2.39.2
^ permalink raw reply related [flat|nested] 44+ messages in thread
* [PATCH v2 08/20] asc: generate silence if FIFO empty but engine still running
2023-09-09 9:48 [PATCH v2 00/20] q800: add support for booting MacOS Classic - part 2 Mark Cave-Ayland
` (6 preceding siblings ...)
2023-09-09 9:48 ` [PATCH v2 07/20] audio: add Apple Sound Chip (ASC) emulation Mark Cave-Ayland
@ 2023-09-09 9:48 ` Mark Cave-Ayland
2023-09-14 7:56 ` Philippe Mathieu-Daudé
2023-09-25 17:19 ` Laurent Vivier
2023-09-09 9:48 ` [PATCH v2 09/20] q800: add Apple Sound Chip (ASC) audio to machine Mark Cave-Ayland
` (11 subsequent siblings)
19 siblings, 2 replies; 44+ messages in thread
From: Mark Cave-Ayland @ 2023-09-09 9:48 UTC (permalink / raw)
To: laurent, qemu-devel
MacOS (un)helpfully leaves the FIFO engine running even when all the samples have
been written to the hardware, and expects the FIFO status flags and IRQ to be
updated continuously.
There is an additional problem in that not all audio backends guarantee an
all-zero output when there is no FIFO data available, in particular the Windows
dsound backend which re-uses its internal circular buffer causing the last played
sound to loop indefinitely.
Whilst this is effectively a bug in the Windows dsound backend, work around it
for now using a simple heuristic: if the FIFO remains empty for half a cycle
(~23ms) then continuously fill the generated buffer with empty silence.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
---
hw/audio/asc.c | 19 +++++++++++++++++++
include/hw/audio/asc.h | 2 ++
2 files changed, 21 insertions(+)
diff --git a/hw/audio/asc.c b/hw/audio/asc.c
index 336ace0cd6..b01b285512 100644
--- a/hw/audio/asc.c
+++ b/hw/audio/asc.c
@@ -334,6 +334,21 @@ static void asc_out_cb(void *opaque, int free_b)
}
if (!generated) {
+ /* Workaround for audio underflow bug on Windows dsound backend */
+ int64_t now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
+ int silent_samples = muldiv64(now - s->fifo_empty_ns,
+ NANOSECONDS_PER_SECOND, ASC_FREQ);
+
+ if (silent_samples > ASC_FIFO_CYCLE_TIME / 2) {
+ /*
+ * No new FIFO data within half a cycle time (~23ms) so fill the
+ * entire available buffer with silence. This prevents an issue
+ * with the Windows dsound backend whereby the sound appears to
+ * loop because the FIFO has run out of data, and the driver
+ * reuses the stale content in its circular audio buffer.
+ */
+ AUD_write(s->voice, s->silentbuf, samples << s->shift);
+ }
return;
}
@@ -611,6 +626,7 @@ static void asc_unrealize(DeviceState *dev)
ASCState *s = ASC(dev);
g_free(s->mixbuf);
+ g_free(s->silentbuf);
AUD_remove_card(&s->card);
}
@@ -633,6 +649,9 @@ static void asc_realize(DeviceState *dev, Error **errp)
s->samples = AUD_get_buffer_size_out(s->voice) >> s->shift;
s->mixbuf = g_malloc0(s->samples << s->shift);
+ s->silentbuf = g_malloc0(s->samples << s->shift);
+ memset(s->silentbuf, 0x80, s->samples << s->shift);
+
/* Add easc registers if required */
if (s->type == ASC_TYPE_EASC) {
memory_region_add_subregion(&s->asc, ASC_EXTREG_OFFSET,
diff --git a/include/hw/audio/asc.h b/include/hw/audio/asc.h
index d9412815c3..4741f92c46 100644
--- a/include/hw/audio/asc.h
+++ b/include/hw/audio/asc.h
@@ -68,6 +68,8 @@ struct ASCState {
int samples;
int shift;
+ uint8_t *silentbuf;
+
/* Time when we were last able to generate samples */
int64_t fifo_empty_ns;
--
2.39.2
^ permalink raw reply related [flat|nested] 44+ messages in thread
* [PATCH v2 09/20] q800: add Apple Sound Chip (ASC) audio to machine
2023-09-09 9:48 [PATCH v2 00/20] q800: add support for booting MacOS Classic - part 2 Mark Cave-Ayland
` (7 preceding siblings ...)
2023-09-09 9:48 ` [PATCH v2 08/20] asc: generate silence if FIFO empty but engine still running Mark Cave-Ayland
@ 2023-09-09 9:48 ` Mark Cave-Ayland
2023-09-09 9:48 ` [PATCH v2 10/20] q800: add easc bool machine class property to switch between ASC and EASC Mark Cave-Ayland
` (10 subsequent siblings)
19 siblings, 0 replies; 44+ messages in thread
From: Mark Cave-Ayland @ 2023-09-09 9:48 UTC (permalink / raw)
To: laurent, qemu-devel
The Quadra 800 has the enhanced ASC (EASC) audio chip which supports both the
legacy IRQ routing through VIA2 and also "A/UX" mode routing direct to the
CPU.
Co-developed-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
---
hw/m68k/q800-glue.c | 11 ++++++++++-
hw/m68k/q800.c | 17 +++++++++++++++++
include/hw/m68k/q800-glue.h | 4 +++-
include/hw/m68k/q800.h | 2 ++
4 files changed, 32 insertions(+), 2 deletions(-)
diff --git a/hw/m68k/q800-glue.c b/hw/m68k/q800-glue.c
index 710a5c331e..f413b1599a 100644
--- a/hw/m68k/q800-glue.c
+++ b/hw/m68k/q800-glue.c
@@ -97,6 +97,11 @@ static void GLUE_set_irq(void *opaque, int irq, int level)
irq = 6;
break;
+ case GLUE_IRQ_IN_ASC:
+ /* Route to VIA2 instead, negative edge-triggered */
+ qemu_set_irq(s->irqs[GLUE_IRQ_ASC], !level);
+ return;
+
default:
g_assert_not_reached();
}
@@ -123,6 +128,10 @@ static void GLUE_set_irq(void *opaque, int irq, int level)
irq = 6;
break;
+ case GLUE_IRQ_IN_ASC:
+ irq = 4;
+ break;
+
default:
g_assert_not_reached();
}
@@ -214,7 +223,7 @@ static void glue_init(Object *obj)
qdev_init_gpio_in(dev, GLUE_set_irq, 8);
qdev_init_gpio_in_named(dev, glue_auxmode_set_irq, "auxmode", 1);
- qdev_init_gpio_out(dev, s->irqs, 1);
+ qdev_init_gpio_out(dev, s->irqs, 2);
/* NMI release timer */
s->nmi_release = timer_new_ms(QEMU_CLOCK_VIRTUAL, glue_nmi_release, s);
diff --git a/hw/m68k/q800.c b/hw/m68k/q800.c
index 3209309173..ae07aa20ff 100644
--- a/hw/m68k/q800.c
+++ b/hw/m68k/q800.c
@@ -43,6 +43,7 @@
#include "hw/misc/djmemc.h"
#include "hw/misc/iosb.h"
#include "hw/input/adb.h"
+#include "hw/audio/asc.h"
#include "hw/nubus/mac-nubus-bridge.h"
#include "hw/display/macfb.h"
#include "hw/block/swim.h"
@@ -480,6 +481,22 @@ static void q800_machine_init(MachineState *machine)
scsi_bus_legacy_handle_cmdline(&esp->bus);
+ /* Apple Sound Chip */
+
+ object_initialize_child(OBJECT(machine), "asc", &m->asc, TYPE_ASC);
+ qdev_prop_set_uint8(DEVICE(&m->asc), "asctype", ASC_TYPE_EASC);
+ sysbus = SYS_BUS_DEVICE(&m->asc);
+ sysbus_realize_and_unref(sysbus, &error_fatal);
+ memory_region_add_subregion(&m->macio, ASC_BASE - IO_BASE,
+ sysbus_mmio_get_region(sysbus, 0));
+ sysbus_connect_irq(sysbus, 0, qdev_get_gpio_in(DEVICE(&m->glue),
+ GLUE_IRQ_IN_ASC));
+
+ /* Wire ASC IRQ via GLUE for use in classic mode */
+ qdev_connect_gpio_out(DEVICE(&m->glue), GLUE_IRQ_ASC,
+ qdev_get_gpio_in(DEVICE(&m->via2),
+ VIA2_IRQ_ASC_BIT));
+
/* SWIM floppy controller */
object_initialize_child(OBJECT(machine), "swim", &m->swim,
diff --git a/include/hw/m68k/q800-glue.h b/include/hw/m68k/q800-glue.h
index a35efc1c53..ceb916d16c 100644
--- a/include/hw/m68k/q800-glue.h
+++ b/include/hw/m68k/q800-glue.h
@@ -35,7 +35,7 @@ struct GLUEState {
M68kCPU *cpu;
uint8_t ipr;
uint8_t auxmode;
- qemu_irq irqs[1];
+ qemu_irq irqs[2];
QEMUTimer *nmi_release;
};
@@ -44,7 +44,9 @@ struct GLUEState {
#define GLUE_IRQ_IN_SONIC 2
#define GLUE_IRQ_IN_ESCC 3
#define GLUE_IRQ_IN_NMI 4
+#define GLUE_IRQ_IN_ASC 5
#define GLUE_IRQ_NUBUS_9 0
+#define GLUE_IRQ_ASC 1
#endif
diff --git a/include/hw/m68k/q800.h b/include/hw/m68k/q800.h
index 04e4e0bce3..790cf433f3 100644
--- a/include/hw/m68k/q800.h
+++ b/include/hw/m68k/q800.h
@@ -38,6 +38,7 @@
#include "hw/display/macfb.h"
#include "hw/misc/djmemc.h"
#include "hw/misc/iosb.h"
+#include "hw/audio/asc.h"
/*
* The main Q800 machine
@@ -60,6 +61,7 @@ struct Q800MachineState {
MacfbNubusState macfb;
DJMEMCState djmemc;
IOSBState iosb;
+ ASCState asc;
MemoryRegion ramio;
MemoryRegion macio;
MemoryRegion macio_alias;
--
2.39.2
^ permalink raw reply related [flat|nested] 44+ messages in thread
* [PATCH v2 10/20] q800: add easc bool machine class property to switch between ASC and EASC
2023-09-09 9:48 [PATCH v2 00/20] q800: add support for booting MacOS Classic - part 2 Mark Cave-Ayland
` (8 preceding siblings ...)
2023-09-09 9:48 ` [PATCH v2 09/20] q800: add Apple Sound Chip (ASC) audio to machine Mark Cave-Ayland
@ 2023-09-09 9:48 ` Mark Cave-Ayland
2023-09-26 7:54 ` Laurent Vivier
2023-09-09 9:48 ` [PATCH v2 11/20] swim: add trace events for IWM and ISM registers Mark Cave-Ayland
` (9 subsequent siblings)
19 siblings, 1 reply; 44+ messages in thread
From: Mark Cave-Ayland @ 2023-09-09 9:48 UTC (permalink / raw)
To: laurent, qemu-devel
This determines whether the Apple Sound Chip (ASC) is set to enhanced mode
(default) or to original mode. The real Q800 hardware used an EASC chip however
a lot of older software only works with the older ASC chip.
Adding this as a machine parameter allows QEMU to be used as an developer aid
for testing and migrating code from ASC to EASC.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
---
hw/m68k/q800.c | 30 +++++++++++++++++++++++++++++-
include/hw/m68k/q800.h | 1 +
2 files changed, 30 insertions(+), 1 deletion(-)
diff --git a/hw/m68k/q800.c b/hw/m68k/q800.c
index ae07aa20ff..5ae7c37760 100644
--- a/hw/m68k/q800.c
+++ b/hw/m68k/q800.c
@@ -484,7 +484,8 @@ static void q800_machine_init(MachineState *machine)
/* Apple Sound Chip */
object_initialize_child(OBJECT(machine), "asc", &m->asc, TYPE_ASC);
- qdev_prop_set_uint8(DEVICE(&m->asc), "asctype", ASC_TYPE_EASC);
+ qdev_prop_set_uint8(DEVICE(&m->asc), "asctype", m->easc ? ASC_TYPE_EASC
+ : ASC_TYPE_ASC);
sysbus = SYS_BUS_DEVICE(&m->asc);
sysbus_realize_and_unref(sysbus, &error_fatal);
memory_region_add_subregion(&m->macio, ASC_BASE - IO_BASE,
@@ -674,6 +675,28 @@ static void q800_machine_init(MachineState *machine)
}
}
+static bool q800_get_easc(Object *obj, Error **errp)
+{
+ Q800MachineState *ms = Q800_MACHINE(obj);
+
+ return ms->easc;
+}
+
+static void q800_set_easc(Object *obj, bool value, Error **errp)
+{
+ Q800MachineState *ms = Q800_MACHINE(obj);
+
+ ms->easc = value;
+}
+
+static void q800_init(Object *obj)
+{
+ Q800MachineState *ms = Q800_MACHINE(obj);
+
+ /* Default to EASC */
+ ms->easc = true;
+}
+
static GlobalProperty hw_compat_q800[] = {
{ "scsi-hd", "quirk_mode_page_vendor_specific_apple", "on" },
{ "scsi-hd", "vendor", " SEAGATE" },
@@ -706,11 +729,16 @@ static void q800_machine_class_init(ObjectClass *oc, void *data)
mc->block_default_type = IF_SCSI;
mc->default_ram_id = "m68k_mac.ram";
compat_props_add(mc->compat_props, hw_compat_q800, hw_compat_q800_len);
+
+ object_class_property_add_bool(oc, "easc", q800_get_easc, q800_set_easc);
+ object_class_property_set_description(oc, "easc",
+ "Set to off to use ASC rather than EASC");
}
static const TypeInfo q800_machine_typeinfo = {
.name = MACHINE_TYPE_NAME("q800"),
.parent = TYPE_MACHINE,
+ .instance_init = q800_init,
.instance_size = sizeof(Q800MachineState),
.class_init = q800_machine_class_init,
};
diff --git a/include/hw/m68k/q800.h b/include/hw/m68k/q800.h
index 790cf433f3..fbaacd88bd 100644
--- a/include/hw/m68k/q800.h
+++ b/include/hw/m68k/q800.h
@@ -47,6 +47,7 @@
struct Q800MachineState {
MachineState parent_obj;
+ bool easc;
M68kCPU cpu;
MemoryRegion rom;
GLUEState glue;
--
2.39.2
^ permalink raw reply related [flat|nested] 44+ messages in thread
* [PATCH v2 11/20] swim: add trace events for IWM and ISM registers
2023-09-09 9:48 [PATCH v2 00/20] q800: add support for booting MacOS Classic - part 2 Mark Cave-Ayland
` (9 preceding siblings ...)
2023-09-09 9:48 ` [PATCH v2 10/20] q800: add easc bool machine class property to switch between ASC and EASC Mark Cave-Ayland
@ 2023-09-09 9:48 ` Mark Cave-Ayland
2023-09-26 7:55 ` Laurent Vivier
2023-09-09 9:48 ` [PATCH v2 12/20] swim: split into separate IWM and ISM register blocks Mark Cave-Ayland
` (8 subsequent siblings)
19 siblings, 1 reply; 44+ messages in thread
From: Mark Cave-Ayland @ 2023-09-09 9:48 UTC (permalink / raw)
To: laurent, qemu-devel
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
---
hw/block/swim.c | 14 ++++++++++++++
hw/block/trace-events | 7 +++++++
2 files changed, 21 insertions(+)
diff --git a/hw/block/swim.c b/hw/block/swim.c
index 333da08ce0..7df36ea139 100644
--- a/hw/block/swim.c
+++ b/hw/block/swim.c
@@ -19,6 +19,7 @@
#include "hw/block/block.h"
#include "hw/block/swim.h"
#include "hw/qdev-properties.h"
+#include "trace.h"
/* IWM registers */
@@ -125,6 +126,13 @@
#define SWIM_HEDSEL 0x20
#define SWIM_MOTON 0x80
+static const char *swim_reg_names[] = {
+ "WRITE_DATA", "WRITE_MARK", "WRITE_CRC", "WRITE_PARAMETER",
+ "WRITE_PHASE", "WRITE_SETUP", "WRITE_MODE0", "WRITE_MODE1",
+ "READ_DATA", "READ_MARK", "READ_ERROR", "READ_PARAMETER",
+ "READ_PHASE", "READ_SETUP", "READ_STATUS", "READ_HANDSHAKE"
+};
+
static void fd_recalibrate(FDrive *drive)
{
}
@@ -267,6 +275,7 @@ static void iwmctrl_write(void *opaque, hwaddr reg, uint64_t value,
reg >>= REG_SHIFT;
swimctrl->regs[reg >> 1] = reg & 1;
+ trace_swim_iwmctrl_write((reg >> 1), size, (reg & 1));
if (swimctrl->regs[IWM_Q6] &&
swimctrl->regs[IWM_Q7]) {
@@ -297,6 +306,7 @@ static void iwmctrl_write(void *opaque, hwaddr reg, uint64_t value,
if (value == 0x57) {
swimctrl->mode = SWIM_MODE_SWIM;
swimctrl->iwm_switch = 0;
+ trace_swim_iwm_switch();
}
break;
}
@@ -312,6 +322,7 @@ static uint64_t iwmctrl_read(void *opaque, hwaddr reg, unsigned size)
swimctrl->regs[reg >> 1] = reg & 1;
+ trace_swim_iwmctrl_read((reg >> 1), size, (reg & 1));
return 0;
}
@@ -327,6 +338,8 @@ static void swimctrl_write(void *opaque, hwaddr reg, uint64_t value,
reg >>= REG_SHIFT;
+ trace_swim_swimctrl_write(reg, swim_reg_names[reg], size, value);
+
switch (reg) {
case SWIM_WRITE_PHASE:
swimctrl->swim_phase = value;
@@ -376,6 +389,7 @@ static uint64_t swimctrl_read(void *opaque, hwaddr reg, unsigned size)
break;
}
+ trace_swim_swimctrl_read(reg, swim_reg_names[reg], size, value);
return value;
}
diff --git a/hw/block/trace-events b/hw/block/trace-events
index 34be8b9135..c041ec45e3 100644
--- a/hw/block/trace-events
+++ b/hw/block/trace-events
@@ -90,3 +90,10 @@ m25p80_read_data(void *s, uint32_t pos, uint8_t v) "[%p] Read data 0x%"PRIx32"=0
m25p80_read_sfdp(void *s, uint32_t addr, uint8_t v) "[%p] Read SFDP 0x%"PRIx32"=0x%"PRIx8
m25p80_binding(void *s) "[%p] Binding to IF_MTD drive"
m25p80_binding_no_bdrv(void *s) "[%p] No BDRV - binding to RAM"
+
+# swim.c
+swim_swimctrl_read(int reg, const char *name, unsigned size, uint64_t value) "reg=%d [%s] size=%u value=0x%"PRIx64
+swim_swimctrl_write(int reg, const char *name, unsigned size, uint64_t value) "reg=%d [%s] size=%u value=0x%"PRIx64
+swim_iwmctrl_read(int reg, unsigned size, uint64_t value) "reg=%d size=%u value=0x%"PRIx64
+swim_iwmctrl_write(int reg, unsigned size, uint64_t value) "reg=%d size=%u value=0x%"PRIx64
+swim_iwm_switch(void) "switch from IWM to SWIM mode"
--
2.39.2
^ permalink raw reply related [flat|nested] 44+ messages in thread
* [PATCH v2 12/20] swim: split into separate IWM and ISM register blocks
2023-09-09 9:48 [PATCH v2 00/20] q800: add support for booting MacOS Classic - part 2 Mark Cave-Ayland
` (10 preceding siblings ...)
2023-09-09 9:48 ` [PATCH v2 11/20] swim: add trace events for IWM and ISM registers Mark Cave-Ayland
@ 2023-09-09 9:48 ` Mark Cave-Ayland
2023-09-26 8:09 ` Laurent Vivier
2023-09-09 9:48 ` [PATCH v2 13/20] swim: update IWM/ISM register block decoding Mark Cave-Ayland
` (7 subsequent siblings)
19 siblings, 1 reply; 44+ messages in thread
From: Mark Cave-Ayland @ 2023-09-09 9:48 UTC (permalink / raw)
To: laurent, qemu-devel
The swim chip provides an implementation of both Apple's IWM and ISM floppy disk
controllers. Split the existing implementation into separate register banks for
each controller, whilst also switching the IWM registers from 16-bit to 8-bit
as implemented in real hardware.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
---
hw/block/swim.c | 85 ++++++++++++++++++++++++-----------------
hw/block/trace-events | 4 +-
include/hw/block/swim.h | 15 +++-----
3 files changed, 58 insertions(+), 46 deletions(-)
diff --git a/hw/block/swim.c b/hw/block/swim.c
index 7df36ea139..735b335883 100644
--- a/hw/block/swim.c
+++ b/hw/block/swim.c
@@ -126,7 +126,14 @@
#define SWIM_HEDSEL 0x20
#define SWIM_MOTON 0x80
-static const char *swim_reg_names[] = {
+static const char *iwm_reg_names[] = {
+ "PH0L", "PH0H", "PH1L", "PH1H",
+ "PH2L", "PH2H", "PH3L", "PH3H",
+ "MTROFF", "MTRON", "INTDRIVE", "EXTDRIVE",
+ "Q6L", "Q6H", "Q7L", "Q7H"
+};
+
+static const char *ism_reg_names[] = {
"WRITE_DATA", "WRITE_MARK", "WRITE_CRC", "WRITE_PARAMETER",
"WRITE_PHASE", "WRITE_SETUP", "WRITE_MODE0", "WRITE_MODE1",
"READ_DATA", "READ_MARK", "READ_ERROR", "READ_PARAMETER",
@@ -274,12 +281,11 @@ static void iwmctrl_write(void *opaque, hwaddr reg, uint64_t value,
reg >>= REG_SHIFT;
- swimctrl->regs[reg >> 1] = reg & 1;
- trace_swim_iwmctrl_write((reg >> 1), size, (reg & 1));
+ swimctrl->iwmregs[reg] = value;
+ trace_swim_iwmctrl_write(reg, iwm_reg_names[reg], size, value);
- if (swimctrl->regs[IWM_Q6] &&
- swimctrl->regs[IWM_Q7]) {
- if (swimctrl->regs[IWM_MTR]) {
+ if (swimctrl->iwmregs[IWM_Q7H]) {
+ if (swimctrl->iwmregs[IWM_MTRON]) {
/* data register */
swimctrl->iwm_data = value;
} else {
@@ -307,6 +313,12 @@ static void iwmctrl_write(void *opaque, hwaddr reg, uint64_t value,
swimctrl->mode = SWIM_MODE_SWIM;
swimctrl->iwm_switch = 0;
trace_swim_iwm_switch();
+
+ /* Switch to ISM registers */
+ memory_region_del_subregion(&swimctrl->swim,
+ &swimctrl->iwm);
+ memory_region_add_subregion(&swimctrl->swim, 0x0,
+ &swimctrl->ism);
}
break;
}
@@ -317,28 +329,30 @@ static void iwmctrl_write(void *opaque, hwaddr reg, uint64_t value,
static uint64_t iwmctrl_read(void *opaque, hwaddr reg, unsigned size)
{
SWIMCtrl *swimctrl = opaque;
+ uint16_t value;
reg >>= REG_SHIFT;
- swimctrl->regs[reg >> 1] = reg & 1;
+ value = swimctrl->iwmregs[reg];
+ trace_swim_iwmctrl_read(reg, iwm_reg_names[reg], size, value);
- trace_swim_iwmctrl_read((reg >> 1), size, (reg & 1));
- return 0;
+ return value;
}
-static void swimctrl_write(void *opaque, hwaddr reg, uint64_t value,
- unsigned size)
+static const MemoryRegionOps swimctrl_iwm_ops = {
+ .write = iwmctrl_write,
+ .read = iwmctrl_read,
+ .endianness = DEVICE_BIG_ENDIAN,
+};
+
+static void ismctrl_write(void *opaque, hwaddr reg, uint64_t value,
+ unsigned size)
{
SWIMCtrl *swimctrl = opaque;
- if (swimctrl->mode == SWIM_MODE_IWM) {
- iwmctrl_write(opaque, reg, value, size);
- return;
- }
-
reg >>= REG_SHIFT;
- trace_swim_swimctrl_write(reg, swim_reg_names[reg], size, value);
+ trace_swim_swimctrl_write(reg, ism_reg_names[reg], size, value);
switch (reg) {
case SWIM_WRITE_PHASE:
@@ -359,15 +373,11 @@ static void swimctrl_write(void *opaque, hwaddr reg, uint64_t value,
}
}
-static uint64_t swimctrl_read(void *opaque, hwaddr reg, unsigned size)
+static uint64_t ismctrl_read(void *opaque, hwaddr reg, unsigned size)
{
SWIMCtrl *swimctrl = opaque;
uint32_t value = 0;
- if (swimctrl->mode == SWIM_MODE_IWM) {
- return iwmctrl_read(opaque, reg, size);
- }
-
reg >>= REG_SHIFT;
switch (reg) {
@@ -389,14 +399,14 @@ static uint64_t swimctrl_read(void *opaque, hwaddr reg, unsigned size)
break;
}
- trace_swim_swimctrl_read(reg, swim_reg_names[reg], size, value);
+ trace_swim_swimctrl_read(reg, ism_reg_names[reg], size, value);
return value;
}
-static const MemoryRegionOps swimctrl_mem_ops = {
- .write = swimctrl_write,
- .read = swimctrl_read,
- .endianness = DEVICE_NATIVE_ENDIAN,
+static const MemoryRegionOps swimctrl_ism_ops = {
+ .write = ismctrl_write,
+ .read = ismctrl_read,
+ .endianness = DEVICE_BIG_ENDIAN,
};
static void sysbus_swim_reset(DeviceState *d)
@@ -407,13 +417,13 @@ static void sysbus_swim_reset(DeviceState *d)
ctrl->mode = 0;
ctrl->iwm_switch = 0;
- for (i = 0; i < 8; i++) {
- ctrl->regs[i] = 0;
- }
ctrl->iwm_data = 0;
ctrl->iwm_mode = 0;
+ memset(ctrl->iwmregs, 0, 16);
+
ctrl->swim_phase = 0;
ctrl->swim_mode = 0;
+ memset(ctrl->ismregs, 0, 16);
for (i = 0; i < SWIM_MAX_FD; i++) {
fd_recalibrate(&ctrl->drives[i]);
}
@@ -425,9 +435,12 @@ static void sysbus_swim_init(Object *obj)
Swim *sbs = SWIM(obj);
SWIMCtrl *swimctrl = &sbs->ctrl;
- memory_region_init_io(&swimctrl->iomem, obj, &swimctrl_mem_ops, swimctrl,
- "swim", 0x2000);
- sysbus_init_mmio(sbd, &swimctrl->iomem);
+ memory_region_init(&swimctrl->swim, obj, "swim", 0x2000);
+ memory_region_init_io(&swimctrl->iwm, obj, &swimctrl_iwm_ops, swimctrl,
+ "iwm", 0x2000);
+ memory_region_init_io(&swimctrl->ism, obj, &swimctrl_ism_ops, swimctrl,
+ "ism", 0x2000);
+ sysbus_init_mmio(sbd, &swimctrl->swim);
}
static void sysbus_swim_realize(DeviceState *dev, Error **errp)
@@ -437,6 +450,9 @@ static void sysbus_swim_realize(DeviceState *dev, Error **errp)
qbus_init(&swimctrl->bus, sizeof(SWIMBus), TYPE_SWIM_BUS, dev, NULL);
swimctrl->bus.ctrl = swimctrl;
+
+ /* Default register set is IWM */
+ memory_region_add_subregion(&swimctrl->swim, 0x0, &swimctrl->iwm);
}
static const VMStateDescription vmstate_fdrive = {
@@ -456,10 +472,11 @@ static const VMStateDescription vmstate_swim = {
VMSTATE_INT32(mode, SWIMCtrl),
/* IWM mode */
VMSTATE_INT32(iwm_switch, SWIMCtrl),
- VMSTATE_UINT16_ARRAY(regs, SWIMCtrl, 8),
+ VMSTATE_UINT8_ARRAY(iwmregs, SWIMCtrl, 16),
VMSTATE_UINT8(iwm_data, SWIMCtrl),
VMSTATE_UINT8(iwm_mode, SWIMCtrl),
/* SWIM mode */
+ VMSTATE_UINT8_ARRAY(ismregs, SWIMCtrl, 16),
VMSTATE_UINT8(swim_phase, SWIMCtrl),
VMSTATE_UINT8(swim_mode, SWIMCtrl),
/* Drives */
diff --git a/hw/block/trace-events b/hw/block/trace-events
index c041ec45e3..ea84ad6c77 100644
--- a/hw/block/trace-events
+++ b/hw/block/trace-events
@@ -94,6 +94,6 @@ m25p80_binding_no_bdrv(void *s) "[%p] No BDRV - binding to RAM"
# swim.c
swim_swimctrl_read(int reg, const char *name, unsigned size, uint64_t value) "reg=%d [%s] size=%u value=0x%"PRIx64
swim_swimctrl_write(int reg, const char *name, unsigned size, uint64_t value) "reg=%d [%s] size=%u value=0x%"PRIx64
-swim_iwmctrl_read(int reg, unsigned size, uint64_t value) "reg=%d size=%u value=0x%"PRIx64
-swim_iwmctrl_write(int reg, unsigned size, uint64_t value) "reg=%d size=%u value=0x%"PRIx64
+swim_iwmctrl_read(int reg, const char *name, unsigned size, uint64_t value) "reg=%d [%s] size=%u value=0x%"PRIx64
+swim_iwmctrl_write(int reg, const char *name, unsigned size, uint64_t value) "reg=%d [%s] size=%u value=0x%"PRIx64
swim_iwm_switch(void) "switch from IWM to SWIM mode"
diff --git a/include/hw/block/swim.h b/include/hw/block/swim.h
index 9b3dcb029d..1bc7635d02 100644
--- a/include/hw/block/swim.h
+++ b/include/hw/block/swim.h
@@ -43,23 +43,18 @@ typedef struct FDrive {
} FDrive;
struct SWIMCtrl {
- MemoryRegion iomem;
+ MemoryRegion swim;
+ MemoryRegion iwm;
+ MemoryRegion ism;
FDrive drives[SWIM_MAX_FD];
int mode;
/* IWM mode */
int iwm_switch;
- uint16_t regs[8];
-#define IWM_PH0 0
-#define IWM_PH1 1
-#define IWM_PH2 2
-#define IWM_PH3 3
-#define IWM_MTR 4
-#define IWM_DRIVE 5
-#define IWM_Q6 6
-#define IWM_Q7 7
+ uint8_t iwmregs[16];
uint8_t iwm_data;
uint8_t iwm_mode;
/* SWIM mode */
+ uint8_t ismregs[16];
uint8_t swim_phase;
uint8_t swim_mode;
SWIMBus bus;
--
2.39.2
^ permalink raw reply related [flat|nested] 44+ messages in thread
* [PATCH v2 13/20] swim: update IWM/ISM register block decoding
2023-09-09 9:48 [PATCH v2 00/20] q800: add support for booting MacOS Classic - part 2 Mark Cave-Ayland
` (11 preceding siblings ...)
2023-09-09 9:48 ` [PATCH v2 12/20] swim: split into separate IWM and ISM register blocks Mark Cave-Ayland
@ 2023-09-09 9:48 ` Mark Cave-Ayland
2023-09-26 8:10 ` Laurent Vivier
2023-09-09 9:48 ` [PATCH v2 14/20] mac_via: work around underflow in TimeDBRA timing loop in SETUPTIMEK Mark Cave-Ayland
` (6 subsequent siblings)
19 siblings, 1 reply; 44+ messages in thread
From: Mark Cave-Ayland @ 2023-09-09 9:48 UTC (permalink / raw)
To: laurent, qemu-devel
Update the IWM/ISM register block decoding to match the description given in the
"SWIM Chip Users Reference". This allows us to validate the device response to
the guest OS which currently only does just enough to indicate that the floppy
drive is unavailable.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
---
hw/block/swim.c | 212 +++++++++++++++++++++++++---------------
hw/block/trace-events | 7 +-
include/hw/block/swim.h | 8 +-
3 files changed, 143 insertions(+), 84 deletions(-)
diff --git a/hw/block/swim.c b/hw/block/swim.c
index 735b335883..fd65c59f8a 100644
--- a/hw/block/swim.c
+++ b/hw/block/swim.c
@@ -21,24 +21,28 @@
#include "hw/qdev-properties.h"
#include "trace.h"
+
+/* IWM latch bits */
+
+#define IWMLB_PHASE0 0
+#define IWMLB_PHASE1 1
+#define IWMLB_PHASE2 2
+#define IWMLB_PHASE3 3
+#define IWMLB_MOTORON 4
+#define IWMLB_DRIVESEL 5
+#define IWMLB_L6 6
+#define IWMLB_L7 7
+
/* IWM registers */
-#define IWM_PH0L 0
-#define IWM_PH0H 1
-#define IWM_PH1L 2
-#define IWM_PH1H 3
-#define IWM_PH2L 4
-#define IWM_PH2H 5
-#define IWM_PH3L 6
-#define IWM_PH3H 7
-#define IWM_MTROFF 8
-#define IWM_MTRON 9
-#define IWM_INTDRIVE 10
-#define IWM_EXTDRIVE 11
-#define IWM_Q6L 12
-#define IWM_Q6H 13
-#define IWM_Q7L 14
-#define IWM_Q7H 15
+#define IWM_READALLONES 0
+#define IWM_READDATA 1
+#define IWM_READSTATUS0 2
+#define IWM_READSTATUS1 3
+#define IWM_READWHANDSHAKE0 4
+#define IWM_READWHANDSHAKE1 5
+#define IWM_WRITESETMODE 6
+#define IWM_WRITEDATA 7
/* SWIM registers */
@@ -62,8 +66,9 @@
#define REG_SHIFT 9
-#define SWIM_MODE_IWM 0
-#define SWIM_MODE_SWIM 1
+#define SWIM_MODE_STATUS_BIT 6
+#define SWIM_MODE_IWM 0
+#define SWIM_MODE_ISM 1
/* bits in phase register */
@@ -127,10 +132,8 @@
#define SWIM_MOTON 0x80
static const char *iwm_reg_names[] = {
- "PH0L", "PH0H", "PH1L", "PH1H",
- "PH2L", "PH2H", "PH3L", "PH3H",
- "MTROFF", "MTRON", "INTDRIVE", "EXTDRIVE",
- "Q6L", "Q6H", "Q7L", "Q7H"
+ "READALLONES", "READDATA", "READSTATUS0", "READSTATUS1",
+ "READWHANDSHAKE0", "READWHANDSHAKE1", "WRITESETMODE", "WRITEDATA"
};
static const char *ism_reg_names[] = {
@@ -274,68 +277,99 @@ static const TypeInfo swim_bus_info = {
.instance_size = sizeof(SWIMBus),
};
-static void iwmctrl_write(void *opaque, hwaddr reg, uint64_t value,
+static void iwmctrl_write(void *opaque, hwaddr addr, uint64_t value,
unsigned size)
{
SWIMCtrl *swimctrl = opaque;
+ uint8_t latch, reg, ism_bit;
- reg >>= REG_SHIFT;
+ addr >>= REG_SHIFT;
+
+ /* A3-A1 select a latch, A0 specifies the value */
+ latch = (addr >> 1) & 7;
+ if (addr & 1) {
+ swimctrl->iwm_latches |= (1 << latch);
+ } else {
+ swimctrl->iwm_latches &= ~(1 << latch);
+ }
+
+ reg = (swimctrl->iwm_latches & 0xc0) >> 5 |
+ (swimctrl->iwm_latches & 0x10) >> 4;
swimctrl->iwmregs[reg] = value;
trace_swim_iwmctrl_write(reg, iwm_reg_names[reg], size, value);
- if (swimctrl->iwmregs[IWM_Q7H]) {
- if (swimctrl->iwmregs[IWM_MTRON]) {
- /* data register */
- swimctrl->iwm_data = value;
- } else {
- /* mode register */
- swimctrl->iwm_mode = value;
- /* detect sequence to switch from IWM mode to SWIM mode */
- switch (swimctrl->iwm_switch) {
- case 0:
- if (value == 0x57) {
- swimctrl->iwm_switch++;
- }
- break;
- case 1:
- if (value == 0x17) {
- swimctrl->iwm_switch++;
- }
- break;
- case 2:
- if (value == 0x57) {
- swimctrl->iwm_switch++;
- }
- break;
- case 3:
- if (value == 0x57) {
- swimctrl->mode = SWIM_MODE_SWIM;
- swimctrl->iwm_switch = 0;
- trace_swim_iwm_switch();
-
- /* Switch to ISM registers */
- memory_region_del_subregion(&swimctrl->swim,
- &swimctrl->iwm);
- memory_region_add_subregion(&swimctrl->swim, 0x0,
- &swimctrl->ism);
- }
- break;
+ switch (reg) {
+ case IWM_WRITESETMODE:
+ /* detect sequence to switch from IWM mode to SWIM mode */
+ ism_bit = (value & (1 << SWIM_MODE_STATUS_BIT));
+
+ switch (swimctrl->iwm_switch) {
+ case 0:
+ if (ism_bit) { /* 1 */
+ swimctrl->iwm_switch++;
+ }
+ break;
+ case 1:
+ if (!ism_bit) { /* 0 */
+ swimctrl->iwm_switch++;
+ }
+ break;
+ case 2:
+ if (ism_bit) { /* 1 */
+ swimctrl->iwm_switch++;
}
+ break;
+ case 3:
+ if (ism_bit) { /* 1 */
+ swimctrl->iwm_switch++;
+
+ swimctrl->mode = SWIM_MODE_ISM;
+ swimctrl->swim_mode |= (1 << SWIM_MODE_STATUS_BIT);
+ swimctrl->iwm_switch = 0;
+ trace_swim_switch_to_ism();
+
+ /* Switch to ISM registers */
+ memory_region_del_subregion(&swimctrl->swim, &swimctrl->iwm);
+ memory_region_add_subregion(&swimctrl->swim, 0x0,
+ &swimctrl->ism);
+ }
+ break;
}
+ break;
+ default:
+ break;
}
}
-static uint64_t iwmctrl_read(void *opaque, hwaddr reg, unsigned size)
+static uint64_t iwmctrl_read(void *opaque, hwaddr addr, unsigned size)
{
SWIMCtrl *swimctrl = opaque;
- uint16_t value;
+ uint8_t latch, reg, value;
- reg >>= REG_SHIFT;
+ addr >>= REG_SHIFT;
- value = swimctrl->iwmregs[reg];
- trace_swim_iwmctrl_read(reg, iwm_reg_names[reg], size, value);
+ /* A3-A1 select a latch, A0 specifies the value */
+ latch = (addr >> 1) & 7;
+ if (addr & 1) {
+ swimctrl->iwm_latches |= (1 << latch);
+ } else {
+ swimctrl->iwm_latches &= ~(1 << latch);
+ }
+
+ reg = (swimctrl->iwm_latches & 0xc0) >> 5 |
+ (swimctrl->iwm_latches & 0x10) >> 4;
+
+ switch (reg) {
+ case IWM_READALLONES:
+ value = 0xff;
+ break;
+ default:
+ value = 0;
+ break;
+ }
+ trace_swim_iwmctrl_read(reg, iwm_reg_names[reg], size, value);
return value;
}
@@ -352,7 +386,7 @@ static void ismctrl_write(void *opaque, hwaddr reg, uint64_t value,
reg >>= REG_SHIFT;
- trace_swim_swimctrl_write(reg, ism_reg_names[reg], size, value);
+ trace_swim_ismctrl_write(reg, ism_reg_names[reg], size, value);
switch (reg) {
case SWIM_WRITE_PHASE:
@@ -360,14 +394,31 @@ static void ismctrl_write(void *opaque, hwaddr reg, uint64_t value,
break;
case SWIM_WRITE_MODE0:
swimctrl->swim_mode &= ~value;
+ /* Any access to MODE0 register resets PRAM index */
+ swimctrl->pram_idx = 0;
+
+ if (!(swimctrl->swim_mode & (1 << SWIM_MODE_STATUS_BIT))) {
+ /* Clearing the mode bit switches to IWM mode */
+ swimctrl->mode = SWIM_MODE_IWM;
+ swimctrl->iwm_latches = 0;
+ trace_swim_switch_to_iwm();
+
+ /* Switch to IWM registers */
+ memory_region_del_subregion(&swimctrl->swim, &swimctrl->ism);
+ memory_region_add_subregion(&swimctrl->swim, 0x0,
+ &swimctrl->iwm);
+ }
break;
case SWIM_WRITE_MODE1:
swimctrl->swim_mode |= value;
break;
+ case SWIM_WRITE_PARAMETER:
+ swimctrl->pram[swimctrl->pram_idx++] = value;
+ swimctrl->pram_idx &= 0xf;
+ break;
case SWIM_WRITE_DATA:
case SWIM_WRITE_MARK:
case SWIM_WRITE_CRC:
- case SWIM_WRITE_PARAMETER:
case SWIM_WRITE_SETUP:
break;
}
@@ -390,16 +441,24 @@ static uint64_t ismctrl_read(void *opaque, hwaddr reg, unsigned size)
value = SWIM_SENSE;
}
break;
+ case SWIM_READ_PARAMETER:
+ value = swimctrl->pram[swimctrl->pram_idx++];
+ swimctrl->pram_idx &= 0xf;
+ break;
+ case SWIM_READ_STATUS:
+ value = swimctrl->swim_status & ~(1 << SWIM_MODE_STATUS_BIT);
+ if (swimctrl->swim_mode == SWIM_MODE_ISM) {
+ value |= (1 << SWIM_MODE_STATUS_BIT);
+ }
+ break;
case SWIM_READ_DATA:
case SWIM_READ_MARK:
case SWIM_READ_ERROR:
- case SWIM_READ_PARAMETER:
case SWIM_READ_SETUP:
- case SWIM_READ_STATUS:
break;
}
- trace_swim_swimctrl_read(reg, ism_reg_names[reg], size, value);
+ trace_swim_ismctrl_read(reg, ism_reg_names[reg], size, value);
return value;
}
@@ -417,13 +476,11 @@ static void sysbus_swim_reset(DeviceState *d)
ctrl->mode = 0;
ctrl->iwm_switch = 0;
- ctrl->iwm_data = 0;
- ctrl->iwm_mode = 0;
- memset(ctrl->iwmregs, 0, 16);
+ memset(ctrl->iwmregs, 0, sizeof(ctrl->iwmregs));
ctrl->swim_phase = 0;
ctrl->swim_mode = 0;
- memset(ctrl->ismregs, 0, 16);
+ memset(ctrl->ismregs, 0, sizeof(ctrl->ismregs));
for (i = 0; i < SWIM_MAX_FD; i++) {
fd_recalibrate(&ctrl->drives[i]);
}
@@ -472,9 +529,8 @@ static const VMStateDescription vmstate_swim = {
VMSTATE_INT32(mode, SWIMCtrl),
/* IWM mode */
VMSTATE_INT32(iwm_switch, SWIMCtrl),
- VMSTATE_UINT8_ARRAY(iwmregs, SWIMCtrl, 16),
- VMSTATE_UINT8(iwm_data, SWIMCtrl),
- VMSTATE_UINT8(iwm_mode, SWIMCtrl),
+ VMSTATE_UINT8(iwm_latches, SWIMCtrl),
+ VMSTATE_UINT8_ARRAY(iwmregs, SWIMCtrl, 8),
/* SWIM mode */
VMSTATE_UINT8_ARRAY(ismregs, SWIMCtrl, 16),
VMSTATE_UINT8(swim_phase, SWIMCtrl),
diff --git a/hw/block/trace-events b/hw/block/trace-events
index ea84ad6c77..bab21d3a1c 100644
--- a/hw/block/trace-events
+++ b/hw/block/trace-events
@@ -92,8 +92,9 @@ m25p80_binding(void *s) "[%p] Binding to IF_MTD drive"
m25p80_binding_no_bdrv(void *s) "[%p] No BDRV - binding to RAM"
# swim.c
-swim_swimctrl_read(int reg, const char *name, unsigned size, uint64_t value) "reg=%d [%s] size=%u value=0x%"PRIx64
-swim_swimctrl_write(int reg, const char *name, unsigned size, uint64_t value) "reg=%d [%s] size=%u value=0x%"PRIx64
+swim_ismctrl_read(int reg, const char *name, unsigned size, uint64_t value) "reg=%d [%s] size=%u value=0x%"PRIx64
+swim_ismctrl_write(int reg, const char *name, unsigned size, uint64_t value) "reg=%d [%s] size=%u value=0x%"PRIx64
swim_iwmctrl_read(int reg, const char *name, unsigned size, uint64_t value) "reg=%d [%s] size=%u value=0x%"PRIx64
swim_iwmctrl_write(int reg, const char *name, unsigned size, uint64_t value) "reg=%d [%s] size=%u value=0x%"PRIx64
-swim_iwm_switch(void) "switch from IWM to SWIM mode"
+swim_switch_to_ism(void) "switch from IWM to ISM mode"
+swim_switch_to_iwm(void) "switch from ISM to IWM mode"
diff --git a/include/hw/block/swim.h b/include/hw/block/swim.h
index 1bc7635d02..5f567e8d59 100644
--- a/include/hw/block/swim.h
+++ b/include/hw/block/swim.h
@@ -50,13 +50,15 @@ struct SWIMCtrl {
int mode;
/* IWM mode */
int iwm_switch;
- uint8_t iwmregs[16];
- uint8_t iwm_data;
- uint8_t iwm_mode;
+ uint8_t iwm_latches;
+ uint8_t iwmregs[8];
/* SWIM mode */
uint8_t ismregs[16];
uint8_t swim_phase;
uint8_t swim_mode;
+ uint8_t swim_status;
+ uint8_t pram[16];
+ uint8_t pram_idx;
SWIMBus bus;
};
--
2.39.2
^ permalink raw reply related [flat|nested] 44+ messages in thread
* [PATCH v2 14/20] mac_via: work around underflow in TimeDBRA timing loop in SETUPTIMEK
2023-09-09 9:48 [PATCH v2 00/20] q800: add support for booting MacOS Classic - part 2 Mark Cave-Ayland
` (12 preceding siblings ...)
2023-09-09 9:48 ` [PATCH v2 13/20] swim: update IWM/ISM register block decoding Mark Cave-Ayland
@ 2023-09-09 9:48 ` Mark Cave-Ayland
2023-09-26 8:04 ` Laurent Vivier
2023-09-09 9:48 ` [PATCH v2 15/20] mac_via: workaround NetBSD ADB bus enumeration issue Mark Cave-Ayland
` (5 subsequent siblings)
19 siblings, 1 reply; 44+ messages in thread
From: Mark Cave-Ayland @ 2023-09-09 9:48 UTC (permalink / raw)
To: laurent, qemu-devel
The MacOS toolbox ROM calculates the number of branches that can be executed
per millisecond as part of its timer calibration. Since modern hosts are
considerably quicker than original hardware, the negative counter reaches zero
before the calibration completes leading to division by zero later in
CALCULATESLOD.
Instead of trying to fudge the timing loop (which won't work for TimeDBRA/TimeSCCDB
anyhow), use the pattern of access to the VIA1 registers to detect when SETUPTIMEK
has finished executing and write some well-known good timer values to TimeDBRA
and TimeSCCDB taken from real hardware with a suitable scaling factor.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
---
hw/misc/mac_via.c | 115 ++++++++++++++++++++++++++++++++++++++
hw/misc/trace-events | 1 +
include/hw/misc/mac_via.h | 3 +
3 files changed, 119 insertions(+)
diff --git a/hw/misc/mac_via.c b/hw/misc/mac_via.c
index baeb73eeb3..766a32a95d 100644
--- a/hw/misc/mac_via.c
+++ b/hw/misc/mac_via.c
@@ -16,6 +16,7 @@
*/
#include "qemu/osdep.h"
+#include "exec/address-spaces.h"
#include "migration/vmstate.h"
#include "hw/sysbus.h"
#include "hw/irq.h"
@@ -871,6 +872,112 @@ static void via1_auxmode_update(MOS6522Q800VIA1State *v1s)
}
}
+/*
+ * Addresses and real values for TimeDBRA/TimeSCCB to allow timer calibration
+ * to succeed (NOTE: both values have been multiplied by 3 to cope with the
+ * speed of QEMU execution on a modern host
+ */
+#define MACOS_TIMEDBRA 0xd00
+#define MACOS_TIMESCCB 0xd02
+
+#define MACOS_TIMEDBRA_VALUE (0x2a00 * 3)
+#define MACOS_TIMESCCB_VALUE (0x079d * 3)
+
+static bool via1_is_toolbox_timer_calibrated(void)
+{
+ /*
+ * Indicate whether the MacOS toolbox has been calibrated by checking
+ * for the value of our magic constants
+ */
+ uint16_t timedbra = lduw_be_phys(&address_space_memory, MACOS_TIMEDBRA);
+ uint16_t timesccdb = lduw_be_phys(&address_space_memory, MACOS_TIMESCCB);
+
+ return (timedbra == MACOS_TIMEDBRA_VALUE &&
+ timesccdb == MACOS_TIMESCCB_VALUE);
+}
+
+static void via1_timer_calibration_hack(MOS6522Q800VIA1State *v1s, int addr,
+ uint64_t val, int size)
+{
+ /*
+ * Work around timer calibration to ensure we that we have non-zero and
+ * known good values for TIMEDRBA and TIMESCCDB.
+ *
+ * This works by attempting to detect the reset and calibration sequence
+ * of writes to VIA1
+ */
+ int old_timer_hack_state = v1s->timer_hack_state;
+
+ switch (v1s->timer_hack_state) {
+ case 0:
+ if (addr == VIA_REG_PCR && val == 0x22) {
+ /* VIA_REG_PCR: configure VIA1 edge triggering */
+ v1s->timer_hack_state = 1;
+ }
+ break;
+ case 1:
+ if (addr == VIA_REG_T2CL && val == 0xc) {
+ /* VIA_REG_T2CL: low byte of 1ms counter */
+ if (!via1_is_toolbox_timer_calibrated()) {
+ v1s->timer_hack_state = 2;
+ } else {
+ v1s->timer_hack_state = 0;
+ }
+ }
+ break;
+ case 2:
+ if (addr == VIA_REG_T2CH && val == 0x3) {
+ /*
+ * VIA_REG_T2CH: high byte of 1ms counter (very likely at the
+ * start of SETUPTIMEK)
+ */
+ if (!via1_is_toolbox_timer_calibrated()) {
+ v1s->timer_hack_state = 3;
+ } else {
+ v1s->timer_hack_state = 0;
+ }
+ }
+ break;
+ case 3:
+ if (addr == VIA_REG_IER && val == 0x20) {
+ /*
+ * VIA_REG_IER: update at end of SETUPTIMEK
+ *
+ * Timer calibration has finished: unfortunately the values in
+ * TIMEDBRA (0xd00) and TIMESCCDB (0xd02) are so far out they
+ * cause divide by zero errors.
+ *
+ * Update them with values obtained from a real Q800 but with
+ * a x3 scaling factor which seems to work well
+ */
+ stw_be_phys(&address_space_memory, MACOS_TIMEDBRA,
+ MACOS_TIMEDBRA_VALUE);
+ stw_be_phys(&address_space_memory, MACOS_TIMESCCB,
+ MACOS_TIMESCCB_VALUE);
+
+ v1s->timer_hack_state = 4;
+ }
+ break;
+ case 4:
+ /*
+ * This is the normal post-calibration timer state: we should
+ * generally remain here unless we detect the A/UX calibration
+ * loop, or a write to VIA_REG_PCR suggesting a reset
+ */
+ if (addr == VIA_REG_PCR && val == 0x22) {
+ /* Looks like there has been a reset? */
+ v1s->timer_hack_state = 1;
+ }
+ break;
+ default:
+ g_assert_not_reached();
+ }
+
+ if (old_timer_hack_state != v1s->timer_hack_state) {
+ trace_via1_timer_hack_state(v1s->timer_hack_state);
+ }
+}
+
static uint64_t mos6522_q800_via1_read(void *opaque, hwaddr addr, unsigned size)
{
MOS6522Q800VIA1State *s = MOS6522_Q800_VIA1(opaque);
@@ -896,6 +1003,9 @@ static void mos6522_q800_via1_write(void *opaque, hwaddr addr, uint64_t val,
MOS6522State *ms = MOS6522(v1s);
addr = (addr >> 9) & 0xf;
+
+ via1_timer_calibration_hack(v1s, addr, val, size);
+
mos6522_write(ms, addr, val, size);
switch (addr) {
@@ -1008,6 +1118,9 @@ static void mos6522_q800_via1_reset_hold(Object *obj)
adb_set_autopoll_enabled(adb_bus, true);
v1s->cmd = REG_EMPTY;
v1s->alt = REG_EMPTY;
+
+ /* Timer calibration hack */
+ v1s->timer_hack_state = 0;
}
static void mos6522_q800_via1_realize(DeviceState *dev, Error **errp)
@@ -1100,6 +1213,8 @@ static const VMStateDescription vmstate_q800_via1 = {
VMSTATE_INT64(next_second, MOS6522Q800VIA1State),
VMSTATE_TIMER_PTR(sixty_hz_timer, MOS6522Q800VIA1State),
VMSTATE_INT64(next_sixty_hz, MOS6522Q800VIA1State),
+ /* Timer hack */
+ VMSTATE_INT32(timer_hack_state, MOS6522Q800VIA1State),
VMSTATE_END_OF_LIST()
}
};
diff --git a/hw/misc/trace-events b/hw/misc/trace-events
index c9bdb0d30e..0c9762fdf6 100644
--- a/hw/misc/trace-events
+++ b/hw/misc/trace-events
@@ -272,6 +272,7 @@ via1_adb_send(const char *state, uint8_t data, const char *vadbint) "state %s da
via1_adb_receive(const char *state, uint8_t data, const char *vadbint, int status, int index, int size) "state %s data=0x%02x vADBInt=%s status=0x%x index=%d size=%d"
via1_adb_poll(uint8_t data, const char *vadbint, int status, int index, int size) "data=0x%02x vADBInt=%s status=0x%x index=%d size=%d"
via1_auxmode(int mode) "setting auxmode to %d"
+via1_timer_hack_state(int state) "setting timer_hack_state to %d"
# grlib_ahb_apb_pnp.c
grlib_ahb_pnp_read(uint64_t addr, unsigned size, uint32_t value) "AHB PnP read addr:0x%03"PRIx64" size:%u data:0x%08x"
diff --git a/include/hw/misc/mac_via.h b/include/hw/misc/mac_via.h
index 422da43bf9..63cdcf7c69 100644
--- a/include/hw/misc/mac_via.h
+++ b/include/hw/misc/mac_via.h
@@ -74,6 +74,9 @@ struct MOS6522Q800VIA1State {
int64_t next_second;
QEMUTimer *sixty_hz_timer;
int64_t next_sixty_hz;
+
+ /* SETUPTIMEK hack */
+ int timer_hack_state;
};
--
2.39.2
^ permalink raw reply related [flat|nested] 44+ messages in thread
* [PATCH v2 15/20] mac_via: workaround NetBSD ADB bus enumeration issue
2023-09-09 9:48 [PATCH v2 00/20] q800: add support for booting MacOS Classic - part 2 Mark Cave-Ayland
` (13 preceding siblings ...)
2023-09-09 9:48 ` [PATCH v2 14/20] mac_via: work around underflow in TimeDBRA timing loop in SETUPTIMEK Mark Cave-Ayland
@ 2023-09-09 9:48 ` Mark Cave-Ayland
2023-09-26 8:04 ` Laurent Vivier
2023-09-09 9:48 ` [PATCH v2 16/20] mac_via: implement ADB_STATE_IDLE state if shift register in input mode Mark Cave-Ayland
` (4 subsequent siblings)
19 siblings, 1 reply; 44+ messages in thread
From: Mark Cave-Ayland @ 2023-09-09 9:48 UTC (permalink / raw)
To: laurent, qemu-devel
NetBSD assumes it can send its first ADB command after sending the ADB_BUSRESET
command in ADB_STATE_NEW without changing the state back to ADB_STATE_IDLE
first as detailed in the ADB protocol.
Add a workaround to detect this condition at the start of ADB enumeration
and send the next command written to SR after a ADB_BUSRESET onto the bus
regardless, even if we don't detect a state transition to ADB_STATE_NEW.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
---
hw/misc/mac_via.c | 34 ++++++++++++++++++++++++++++++++++
hw/misc/trace-events | 1 +
2 files changed, 35 insertions(+)
diff --git a/hw/misc/mac_via.c b/hw/misc/mac_via.c
index 766a32a95d..208216aed3 100644
--- a/hw/misc/mac_via.c
+++ b/hw/misc/mac_via.c
@@ -1001,6 +1001,8 @@ static void mos6522_q800_via1_write(void *opaque, hwaddr addr, uint64_t val,
{
MOS6522Q800VIA1State *v1s = MOS6522_Q800_VIA1(opaque);
MOS6522State *ms = MOS6522(v1s);
+ int oldstate, state;
+ int oldsr = ms->sr;
addr = (addr >> 9) & 0xf;
@@ -1016,6 +1018,38 @@ static void mos6522_q800_via1_write(void *opaque, hwaddr addr, uint64_t val,
v1s->last_b = ms->b;
break;
+
+ case VIA_REG_SR:
+ {
+ /*
+ * NetBSD assumes it can send its first ADB command after sending
+ * the ADB_BUSRESET command in ADB_STATE_NEW without changing the
+ * state back to ADB_STATE_IDLE first as detailed in the ADB
+ * protocol.
+ *
+ * Add a workaround to detect this condition at the start of ADB
+ * enumeration and send the next command written to SR after a
+ * ADB_BUSRESET onto the bus regardless, even if we don't detect a
+ * state transition to ADB_STATE_NEW.
+ *
+ * Note that in my tests the NetBSD state machine takes one ADB
+ * operation to recover which means the probe for an ADB device at
+ * address 1 always fails. However since the first device is at
+ * address 2 then this will work fine, without having to come up
+ * with a more complicated and invasive solution.
+ */
+ oldstate = (v1s->last_b & VIA1B_vADB_StateMask) >>
+ VIA1B_vADB_StateShift;
+ state = (ms->b & VIA1B_vADB_StateMask) >> VIA1B_vADB_StateShift;
+
+ if (oldstate == ADB_STATE_NEW && state == ADB_STATE_NEW &&
+ (ms->acr & VIA1ACR_vShiftOut) &&
+ oldsr == 0 /* ADB_BUSRESET */) {
+ trace_via1_adb_netbsd_enum_hack();
+ adb_via_send(v1s, state, ms->sr);
+ }
+ }
+ break;
}
}
diff --git a/hw/misc/trace-events b/hw/misc/trace-events
index 0c9762fdf6..db8bb2d28a 100644
--- a/hw/misc/trace-events
+++ b/hw/misc/trace-events
@@ -271,6 +271,7 @@ via1_rtc_cmd_pram_sect_write(int sector, int offset, int addr, int value) "secto
via1_adb_send(const char *state, uint8_t data, const char *vadbint) "state %s data=0x%02x vADBInt=%s"
via1_adb_receive(const char *state, uint8_t data, const char *vadbint, int status, int index, int size) "state %s data=0x%02x vADBInt=%s status=0x%x index=%d size=%d"
via1_adb_poll(uint8_t data, const char *vadbint, int status, int index, int size) "data=0x%02x vADBInt=%s status=0x%x index=%d size=%d"
+via1_adb_netbsd_enum_hack(void) "using NetBSD enum hack"
via1_auxmode(int mode) "setting auxmode to %d"
via1_timer_hack_state(int state) "setting timer_hack_state to %d"
--
2.39.2
^ permalink raw reply related [flat|nested] 44+ messages in thread
* [PATCH v2 16/20] mac_via: implement ADB_STATE_IDLE state if shift register in input mode
2023-09-09 9:48 [PATCH v2 00/20] q800: add support for booting MacOS Classic - part 2 Mark Cave-Ayland
` (14 preceding siblings ...)
2023-09-09 9:48 ` [PATCH v2 15/20] mac_via: workaround NetBSD ADB bus enumeration issue Mark Cave-Ayland
@ 2023-09-09 9:48 ` Mark Cave-Ayland
2023-09-26 8:05 ` Laurent Vivier
2023-09-09 9:48 ` [PATCH v2 17/20] mac_via: always clear ADB interrupt when switching to A/UX mode Mark Cave-Ayland
` (3 subsequent siblings)
19 siblings, 1 reply; 44+ messages in thread
From: Mark Cave-Ayland @ 2023-09-09 9:48 UTC (permalink / raw)
To: laurent, qemu-devel
NetBSD switches directly to IDLE state without switching the shift register to
input mode. Duplicate the existing ADB_STATE_IDLE logic in input mode from when
the shift register is in output mode which allows the ADB autopoll handler to
handle the response.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
---
hw/misc/mac_via.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/hw/misc/mac_via.c b/hw/misc/mac_via.c
index 208216aed3..398e8d1967 100644
--- a/hw/misc/mac_via.c
+++ b/hw/misc/mac_via.c
@@ -702,6 +702,12 @@ static void adb_via_send(MOS6522Q800VIA1State *v1s, int state, uint8_t data)
break;
case ADB_STATE_IDLE:
+ ms->b |= VIA1B_vADBInt;
+ adb_autopoll_unblock(adb_bus);
+
+ trace_via1_adb_send("IDLE", data,
+ (ms->b & VIA1B_vADBInt) ? "+" : "-");
+
return;
}
--
2.39.2
^ permalink raw reply related [flat|nested] 44+ messages in thread
* [PATCH v2 17/20] mac_via: always clear ADB interrupt when switching to A/UX mode
2023-09-09 9:48 [PATCH v2 00/20] q800: add support for booting MacOS Classic - part 2 Mark Cave-Ayland
` (15 preceding siblings ...)
2023-09-09 9:48 ` [PATCH v2 16/20] mac_via: implement ADB_STATE_IDLE state if shift register in input mode Mark Cave-Ayland
@ 2023-09-09 9:48 ` Mark Cave-Ayland
2023-09-26 8:06 ` Laurent Vivier
2023-09-09 9:48 ` [PATCH v2 18/20] q800: add ESCC alias at 0xc000 Mark Cave-Ayland
` (2 subsequent siblings)
19 siblings, 1 reply; 44+ messages in thread
From: Mark Cave-Ayland @ 2023-09-09 9:48 UTC (permalink / raw)
To: laurent, qemu-devel
When the NetBSD kernel initialises it can leave the ADB interrupt asserted
depending upon where in the ADB poll cycle the MacOS ADB interrupt handler
is when the NetBSD kernel disables interrupts.
The NetBSD ADB driver uses the ADB interrupt state to determine if the ADB
is busy and refuses to send ADB commands unless it is clear. To ensure that
this doesn't happen, always clear the ADB interrupt when switching to A/UX
mode to ensure that the bus enumeration always occurs.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
---
hw/misc/mac_via.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/hw/misc/mac_via.c b/hw/misc/mac_via.c
index 398e8d1967..5d1adf5863 100644
--- a/hw/misc/mac_via.c
+++ b/hw/misc/mac_via.c
@@ -875,6 +875,15 @@ static void via1_auxmode_update(MOS6522Q800VIA1State *v1s)
if (irq != oldirq) {
trace_via1_auxmode(irq);
qemu_set_irq(v1s->auxmode_irq, irq);
+
+ /*
+ * Clear the ADB interrupt. MacOS can leave VIA1B_vADBInt asserted
+ * (low) if a poll sequence doesn't complete before NetBSD disables
+ * interrupts upon boot. Fortunately NetBSD switches to the so-called
+ * "A/UX" interrupt mode after it initialises, so we can use this as
+ * a convenient place to clear the ADB interrupt for now.
+ */
+ s->b |= VIA1B_vADBInt;
}
}
--
2.39.2
^ permalink raw reply related [flat|nested] 44+ messages in thread
* [PATCH v2 18/20] q800: add ESCC alias at 0xc000
2023-09-09 9:48 [PATCH v2 00/20] q800: add support for booting MacOS Classic - part 2 Mark Cave-Ayland
` (16 preceding siblings ...)
2023-09-09 9:48 ` [PATCH v2 17/20] mac_via: always clear ADB interrupt when switching to A/UX mode Mark Cave-Ayland
@ 2023-09-09 9:48 ` Mark Cave-Ayland
2023-09-26 8:06 ` Laurent Vivier
2023-09-09 9:48 ` [PATCH v2 19/20] q800: add alias for MacOS toolbox ROM at 0x40000000 Mark Cave-Ayland
2023-09-09 9:48 ` [PATCH v2 20/20] mac_via: extend timer calibration hack to work with A/UX Mark Cave-Ayland
19 siblings, 1 reply; 44+ messages in thread
From: Mark Cave-Ayland @ 2023-09-09 9:48 UTC (permalink / raw)
To: laurent, qemu-devel
Tests on real Q800 hardware show that the ESCC is addressable at multiple locations
within the ESCC memory region - at least 0xc000, 0xc020 (as expected by the MacOS
toolbox ROM) and 0xc040.
All released NetBSD kernels before 10 use the 0xc000 address which causes a fatal
error when running the MacOS booter. Add a single memory region alias at 0xc000
to enable NetBSD kernels to start booting under QEMU.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
---
hw/m68k/q800.c | 6 ++++++
include/hw/m68k/q800.h | 1 +
2 files changed, 7 insertions(+)
diff --git a/hw/m68k/q800.c b/hw/m68k/q800.c
index 5ae7c37760..b5b2cabc33 100644
--- a/hw/m68k/q800.c
+++ b/hw/m68k/q800.c
@@ -451,6 +451,12 @@ static void q800_machine_init(MachineState *machine)
memory_region_add_subregion(&m->macio, SCC_BASE - IO_BASE,
sysbus_mmio_get_region(sysbus, 0));
+ /* Create alias for NetBSD */
+ memory_region_init_alias(&m->escc_alias, OBJECT(machine), "escc-alias",
+ sysbus_mmio_get_region(sysbus, 0), 0, 0x8);
+ memory_region_add_subregion(&m->macio, SCC_BASE - IO_BASE - 0x20,
+ &m->escc_alias);
+
/* SCSI */
object_initialize_child(OBJECT(machine), "esp", &m->esp,
diff --git a/include/hw/m68k/q800.h b/include/hw/m68k/q800.h
index fbaacd88bd..348eaf4703 100644
--- a/include/hw/m68k/q800.h
+++ b/include/hw/m68k/q800.h
@@ -67,6 +67,7 @@ struct Q800MachineState {
MemoryRegion macio;
MemoryRegion macio_alias;
MemoryRegion machine_id;
+ MemoryRegion escc_alias;
};
#define TYPE_Q800_MACHINE MACHINE_TYPE_NAME("q800")
--
2.39.2
^ permalink raw reply related [flat|nested] 44+ messages in thread
* [PATCH v2 19/20] q800: add alias for MacOS toolbox ROM at 0x40000000
2023-09-09 9:48 [PATCH v2 00/20] q800: add support for booting MacOS Classic - part 2 Mark Cave-Ayland
` (17 preceding siblings ...)
2023-09-09 9:48 ` [PATCH v2 18/20] q800: add ESCC alias at 0xc000 Mark Cave-Ayland
@ 2023-09-09 9:48 ` Mark Cave-Ayland
2023-09-26 8:06 ` Laurent Vivier
2023-09-09 9:48 ` [PATCH v2 20/20] mac_via: extend timer calibration hack to work with A/UX Mark Cave-Ayland
19 siblings, 1 reply; 44+ messages in thread
From: Mark Cave-Ayland @ 2023-09-09 9:48 UTC (permalink / raw)
To: laurent, qemu-devel
According to the Apple Quadra 800 Developer Note document, the Quadra 800 ROM
consists of 2 ROM code sections based at offsets 0x0 and 0x800000. A/UX attempts
to access the toolbox ROM at the lower offset during startup, so provide a
memory alias to allow the access to succeed.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
---
hw/m68k/q800.c | 5 +++++
include/hw/m68k/q800.h | 1 +
2 files changed, 6 insertions(+)
diff --git a/hw/m68k/q800.c b/hw/m68k/q800.c
index b5b2cabc33..87665c6407 100644
--- a/hw/m68k/q800.c
+++ b/hw/m68k/q800.c
@@ -657,6 +657,11 @@ static void q800_machine_init(MachineState *machine)
filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name);
memory_region_add_subregion(get_system_memory(), MACROM_ADDR, &m->rom);
+ memory_region_init_alias(&m->rom_alias, NULL, "m68k_mac.rom-alias",
+ &m->rom, 0, MACROM_SIZE);
+ memory_region_add_subregion(get_system_memory(), 0x40000000,
+ &m->rom_alias);
+
/* Load MacROM binary */
if (filename) {
bios_size = load_image_targphys(filename, MACROM_ADDR, MACROM_SIZE);
diff --git a/include/hw/m68k/q800.h b/include/hw/m68k/q800.h
index 348eaf4703..a9661f65f6 100644
--- a/include/hw/m68k/q800.h
+++ b/include/hw/m68k/q800.h
@@ -50,6 +50,7 @@ struct Q800MachineState {
bool easc;
M68kCPU cpu;
MemoryRegion rom;
+ MemoryRegion rom_alias;
GLUEState glue;
MOS6522Q800VIA1State via1;
MOS6522Q800VIA2State via2;
--
2.39.2
^ permalink raw reply related [flat|nested] 44+ messages in thread
* [PATCH v2 20/20] mac_via: extend timer calibration hack to work with A/UX
2023-09-09 9:48 [PATCH v2 00/20] q800: add support for booting MacOS Classic - part 2 Mark Cave-Ayland
` (18 preceding siblings ...)
2023-09-09 9:48 ` [PATCH v2 19/20] q800: add alias for MacOS toolbox ROM at 0x40000000 Mark Cave-Ayland
@ 2023-09-09 9:48 ` Mark Cave-Ayland
2023-09-26 8:07 ` Laurent Vivier
19 siblings, 1 reply; 44+ messages in thread
From: Mark Cave-Ayland @ 2023-09-09 9:48 UTC (permalink / raw)
To: laurent, qemu-devel
The A/UX timer calibration loop runs continuously until 2 consecutive iterations
differ by at least 0x492 timer ticks. Modern hosts execute the timer calibration
loop so fast that this situation never occurs causing a hang on boot.
Use a similar method to Shoebill which is to randomly add 0x500 to the T2
counter value during calibration to enable it to eventually succeed.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
---
hw/misc/mac_via.c | 56 +++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 56 insertions(+)
diff --git a/hw/misc/mac_via.c b/hw/misc/mac_via.c
index 5d1adf5863..2ce389e435 100644
--- a/hw/misc/mac_via.c
+++ b/hw/misc/mac_via.c
@@ -983,6 +983,44 @@ static void via1_timer_calibration_hack(MOS6522Q800VIA1State *v1s, int addr,
/* Looks like there has been a reset? */
v1s->timer_hack_state = 1;
}
+
+ if (addr == VIA_REG_T2CL && val == 0xf0) {
+ /* VIA_REG_T2CL: low byte of counter (A/UX) */
+ v1s->timer_hack_state = 5;
+ }
+ break;
+ case 5:
+ if (addr == VIA_REG_T2CH && val == 0x3c) {
+ /*
+ * VIA_REG_T2CH: high byte of counter (A/UX). We are now extremely
+ * likely to be in the A/UX timer calibration routine, so move to
+ * the next state where we enable the calibration hack.
+ */
+ v1s->timer_hack_state = 6;
+ } else if ((addr == VIA_REG_IER && val == 0x20) ||
+ addr == VIA_REG_T2CH) {
+ /* We're doing something else with the timer, not calibration */
+ v1s->timer_hack_state = 0;
+ }
+ break;
+ case 6:
+ if ((addr == VIA_REG_IER && val == 0x20) || addr == VIA_REG_T2CH) {
+ /* End of A/UX timer calibration routine, or another write */
+ v1s->timer_hack_state = 7;
+ } else {
+ v1s->timer_hack_state = 0;
+ }
+ break;
+ case 7:
+ /*
+ * This is the normal post-calibration timer state once both the
+ * MacOS toolbox and A/UX have been calibrated, until we see a write
+ * to VIA_REG_PCR to suggest a reset
+ */
+ if (addr == VIA_REG_PCR && val == 0x22) {
+ /* Looks like there has been a reset? */
+ v1s->timer_hack_state = 1;
+ }
break;
default:
g_assert_not_reached();
@@ -998,6 +1036,7 @@ static uint64_t mos6522_q800_via1_read(void *opaque, hwaddr addr, unsigned size)
MOS6522Q800VIA1State *s = MOS6522_Q800_VIA1(opaque);
MOS6522State *ms = MOS6522(s);
uint64_t ret;
+ int64_t now;
addr = (addr >> 9) & 0xf;
ret = mos6522_read(ms, addr, size);
@@ -1007,6 +1046,23 @@ static uint64_t mos6522_q800_via1_read(void *opaque, hwaddr addr, unsigned size)
/* Quadra 800 Id */
ret = (ret & ~VIA1A_CPUID_MASK) | VIA1A_CPUID_Q800;
break;
+ case VIA_REG_T2CH:
+ if (s->timer_hack_state == 6) {
+ /*
+ * The A/UX timer calibration loop runs continuously until 2
+ * consecutive iterations differ by at least 0x492 timer ticks.
+ * Modern hosts execute the timer calibration loop so fast that
+ * this situation never occurs causing a hang on boot. Use a
+ * similar method to Shoebill which is to randomly add 0x500 to
+ * the T2 counter value during calibration to enable it to
+ * eventually succeed.
+ */
+ now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
+ if (now & 1) {
+ ret += 0x5;
+ }
+ }
+ break;
}
return ret;
}
--
2.39.2
^ permalink raw reply related [flat|nested] 44+ messages in thread
* Re: [PATCH v2 07/20] audio: add Apple Sound Chip (ASC) emulation
2023-09-09 9:48 ` [PATCH v2 07/20] audio: add Apple Sound Chip (ASC) emulation Mark Cave-Ayland
@ 2023-09-14 7:06 ` Volker Rümelin
2023-09-20 15:39 ` Mark Cave-Ayland
0 siblings, 1 reply; 44+ messages in thread
From: Volker Rümelin @ 2023-09-14 7:06 UTC (permalink / raw)
To: Mark Cave-Ayland, laurent; +Cc: qemu-devel
Am 09.09.23 um 11:48 schrieb Mark Cave-Ayland:
> The Apple Sound Chip was primarily used by the Macintosh II to generate sound
> in hardware which was previously handled by the toolbox ROM with software
> interrupts.
>
> Implement both the standard ASC and also the enhanced ASC (EASC) functionality
> which is used in the Quadra 800.
>
> Note that whilst real ASC hardware uses AUDIO_FORMAT_S8, this implementation uses
> AUDIO_FORMAT_U8 instead because AUDIO_FORMAT_S8 is rarely used and not supported
> by some audio backends like PulseAudio and DirectSound when played directly with
> -audiodev out.mixing-engine=off.
>
> Co-developed-by: Laurent Vivier <laurent@vivier.eu>
> Co-developed-by: Volker Rümelin <vr_qemu@t-online.de>
> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
> ---
> MAINTAINERS | 2 +
> hw/audio/Kconfig | 3 +
> hw/audio/asc.c | 699 +++++++++++++++++++++++++++++++++++++++++
> hw/audio/meson.build | 1 +
> hw/audio/trace-events | 10 +
> hw/m68k/Kconfig | 1 +
> include/hw/audio/asc.h | 84 +++++
> 7 files changed, 800 insertions(+)
> create mode 100644 hw/audio/asc.c
> create mode 100644 include/hw/audio/asc.h
Hi Mark,
the function generate_fifo() has four issues. Only the first one
is noticeable.
1. The calculation of the variable limit assumes generate_fifo()
generates one output sample from every input byte. This is correct
for the raw mode, but not for the CD-XA BRR mode. This mode
generates 28 output samples from 15 input bytes. This is the
reason for the stuttering end of a CD-XA BRR mode sound. Every
generate_fifo() call generates approximately only half of the
possible samples when the fifo bytes are running low.
2. generate_fifo() doesn't generate the last output sample from
a CD-XA BRR mode sound. The last sample is generated from internal
state and the code will not be called without at least one byte
in the fifo.
3. It's not necessary to wait for a complete 15 byte packet in
CD-XA BRR mode. Audio playback devices should write all
requested samples immediately if possible.
4. The saturation function in CD-XA BRR mode works with 16 bit
integers. It should saturate at +32767 and -32768.
Since I think a few lines of code explain the issues better
than my words, I've attached a patch below.
With best regards,
Volker
> +static int generate_fifo(ASCState *s, int maxsamples)
> +{
> + int64_t now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
> + uint8_t *buf = s->mixbuf;
> + int i, limit, count = 0;
> +
> + limit = MIN(MAX(s->fifos[0].cnt, s->fifos[1].cnt), maxsamples);
> + while (count < limit) {
> + uint8_t val;
> + int16_t d, f0, f1;
> + int32_t t;
> + int shift, filter;
> + bool hasdata = true;
> +
> + for (i = 0; i < 2; i++) {
> + ASCFIFOState *fs = &s->fifos[i];
> +
> + switch (fs->extregs[ASC_EXTREGS_FIFOCTRL] & 0x83) {
> + case 0x82:
> + /*
> + * CD-XA BRR mode: exit if there isn't enough data in the FIFO
> + * for a complete 15 byte packet
> + */
> + if (fs->xa_cnt == -1 && fs->cnt < 15) {
> + hasdata = false;
> + continue;
> + }
> +
> + if (fs->xa_cnt == -1) {
> + /* Start of packet, get flags */
> + fs->xa_flags = asc_fifo_get(fs);
> + fs->xa_cnt = 0;
> + }
> +
> + shift = fs->xa_flags & 0xf;
> + filter = fs->xa_flags >> 4;
> + f0 = (int8_t)fs->extregs[ASC_EXTREGS_CDXA_DECOMP_FILT +
> + (filter << 1) + 1];
> + f1 = (int8_t)fs->extregs[ASC_EXTREGS_CDXA_DECOMP_FILT +
> + (filter << 1)];
> + if ((fs->xa_cnt & 1) == 0) {
> + fs->xa_val = asc_fifo_get(fs);
> + d = (fs->xa_val & 0xf) << 12;
> + } else {
> + d = (fs->xa_val & 0xf0) << 8;
> + }
> + t = (d >> shift) + (((fs->xa_last[0] * f0) +
> + (fs->xa_last[1] * f1) + 32) >> 6);
> + if (t < -32768) {
> + t = -32768;
> + } else if (t > 32768) {
> + t = 32768;
> + }
> +
> + /*
> + * CD-XA BRR generates 16-bit signed output, so convert to
> + * 8-bit before writing to buffer. Does real hardware do the
> + * same?
> + */
> + buf[count * 2 + i] = (uint8_t)(t / 256) ^ 0x80;
> + fs->xa_cnt++;
> +
> + fs->xa_last[1] = fs->xa_last[0];
> + fs->xa_last[0] = (int16_t)t;
> +
> + if (fs->xa_cnt == 28) {
> + /* End of packet */
> + fs->xa_cnt = -1;
> + }
> + break;
> +
> + default:
> + /* fallthrough */
> + case 0x80:
> + /* Raw mode */
> + if (fs->cnt) {
> + val = asc_fifo_get(fs);
> + } else {
> + val = 0x80;
> + }
> +
> + buf[count * 2 + i] = val;
> + break;
> + }
> + }
> +
> + if (!hasdata) {
> + break;
> + }
> +
> + count++;
> + }
> +
> + /*
> + * MacOS (un)helpfully leaves the FIFO engine running even when it has
> + * finished writing out samples, but still expects the FIFO empty
> + * interrupts to be generated for each FIFO cycle (without these interrupts
> + * MacOS will freeze)
> + */
> + if (s->fifos[0].cnt == 0 && s->fifos[1].cnt == 0) {
> + if (!s->fifo_empty_ns) {
> + /* FIFO has completed first empty cycle */
> + s->fifo_empty_ns = now;
> + } else if (now > (s->fifo_empty_ns + ASC_FIFO_CYCLE_TIME)) {
> + /* FIFO has completed entire cycle with no data */
> + s->fifos[0].int_status |= ASC_FIFO_STATUS_HALF_FULL |
> + ASC_FIFO_STATUS_FULL_EMPTY;
> + s->fifos[1].int_status |= ASC_FIFO_STATUS_HALF_FULL |
> + ASC_FIFO_STATUS_FULL_EMPTY;
> + s->fifo_empty_ns = now;
> + asc_raise_irq(s);
> + }
> + } else {
> + /* FIFO contains data, reset empty time */
> + s->fifo_empty_ns = 0;
> + }
> +
> + return count;
> +}
>
diff --git a/hw/audio/asc.c b/hw/audio/asc.c
index b01b285512..74988fef9c 100644
--- a/hw/audio/asc.c
+++ b/hw/audio/asc.c
@@ -155,31 +155,26 @@ static int generate_fifo(ASCState *s, int maxsamples)
{
int64_t now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
uint8_t *buf = s->mixbuf;
- int i, limit, count = 0;
+ int i, wcount = 0;
- limit = MIN(MAX(s->fifos[0].cnt, s->fifos[1].cnt), maxsamples);
- while (count < limit) {
+ while (wcount < maxsamples) {
uint8_t val;
int16_t d, f0, f1;
int32_t t;
int shift, filter;
- bool hasdata = true;
+ bool hasdata = false;
for (i = 0; i < 2; i++) {
ASCFIFOState *fs = &s->fifos[i];
switch (fs->extregs[ASC_EXTREGS_FIFOCTRL] & 0x83) {
case 0x82:
- /*
- * CD-XA BRR mode: exit if there isn't enough data in
the FIFO
- * for a complete 15 byte packet
- */
- if (fs->xa_cnt == -1 && fs->cnt < 15) {
- hasdata = false;
- continue;
- }
-
+ /* CD-XA BRR mode: decompress 15 bytes into 28 16bit
samples */
if (fs->xa_cnt == -1) {
+ if (!fs->cnt) {
+ val = 0x80;
+ break;
+ }
/* Start of packet, get flags */
fs->xa_flags = asc_fifo_get(fs);
fs->xa_cnt = 0;
@@ -192,6 +187,10 @@ static int generate_fifo(ASCState *s, int maxsamples)
f1 = (int8_t)fs->extregs[ASC_EXTREGS_CDXA_DECOMP_FILT +
(filter << 1)];
if ((fs->xa_cnt & 1) == 0) {
+ if (!fs->cnt) {
+ val = 0x80;
+ break;
+ }
fs->xa_val = asc_fifo_get(fs);
d = (fs->xa_val & 0xf) << 12;
} else {
@@ -201,8 +200,8 @@ static int generate_fifo(ASCState *s, int maxsamples)
(fs->xa_last[1] * f1) + 32) >> 6);
if (t < -32768) {
t = -32768;
- } else if (t > 32768) {
- t = 32768;
+ } else if (t > 32767) {
+ t = 32767;
}
/*
@@ -210,7 +209,8 @@ static int generate_fifo(ASCState *s, int maxsamples)
* 8-bit before writing to buffer. Does real hardware
do the
* same?
*/
- buf[count * 2 + i] = (uint8_t)(t / 256) ^ 0x80;
+ val = (uint8_t)(t / 256) ^ 0x80;
+ hasdata = true;
fs->xa_cnt++;
fs->xa_last[1] = fs->xa_last[0];
@@ -228,20 +228,21 @@ static int generate_fifo(ASCState *s, int maxsamples)
/* Raw mode */
if (fs->cnt) {
val = asc_fifo_get(fs);
+ hasdata = true;
} else {
val = 0x80;
}
-
- buf[count * 2 + i] = val;
break;
}
+
+ buf[wcount * 2 + i] = val;
}
if (!hasdata) {
break;
}
- count++;
+ wcount++;
}
/*
@@ -268,7 +269,7 @@ static int generate_fifo(ASCState *s, int maxsamples)
s->fifo_empty_ns = 0;
}
- return count;
+ return wcount;
}
static int generate_wavetable(ASCState *s, int maxsamples)
--
2.35.3
^ permalink raw reply related [flat|nested] 44+ messages in thread
* Re: [PATCH v2 08/20] asc: generate silence if FIFO empty but engine still running
2023-09-09 9:48 ` [PATCH v2 08/20] asc: generate silence if FIFO empty but engine still running Mark Cave-Ayland
@ 2023-09-14 7:56 ` Philippe Mathieu-Daudé
2023-09-14 13:16 ` Philippe Mathieu-Daudé
2023-09-16 8:19 ` Volker Rümelin
2023-09-25 17:19 ` Laurent Vivier
1 sibling, 2 replies; 44+ messages in thread
From: Philippe Mathieu-Daudé @ 2023-09-14 7:56 UTC (permalink / raw)
To: Mark Cave-Ayland, laurent, qemu-devel, Volker Rümelin,
Gerd Hoffmann, Marc-André Lureau
On 9/9/23 11:48, Mark Cave-Ayland wrote:
> MacOS (un)helpfully leaves the FIFO engine running even when all the samples have
> been written to the hardware, and expects the FIFO status flags and IRQ to be
> updated continuously.
>
> There is an additional problem in that not all audio backends guarantee an
> all-zero output when there is no FIFO data available, in particular the Windows
> dsound backend which re-uses its internal circular buffer causing the last played
> sound to loop indefinitely.
>
> Whilst this is effectively a bug in the Windows dsound backend, work around it
> for now using a simple heuristic: if the FIFO remains empty for half a cycle
> (~23ms) then continuously fill the generated buffer with empty silence.
>
> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
> ---
> hw/audio/asc.c | 19 +++++++++++++++++++
> include/hw/audio/asc.h | 2 ++
> 2 files changed, 21 insertions(+)
>
> diff --git a/hw/audio/asc.c b/hw/audio/asc.c
> index 336ace0cd6..b01b285512 100644
> --- a/hw/audio/asc.c
> +++ b/hw/audio/asc.c
> @@ -334,6 +334,21 @@ static void asc_out_cb(void *opaque, int free_b)
> }
>
> if (!generated) {
> + /* Workaround for audio underflow bug on Windows dsound backend */
> + int64_t now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
> + int silent_samples = muldiv64(now - s->fifo_empty_ns,
> + NANOSECONDS_PER_SECOND, ASC_FREQ);
> +
> + if (silent_samples > ASC_FIFO_CYCLE_TIME / 2) {
> + /*
> + * No new FIFO data within half a cycle time (~23ms) so fill the
> + * entire available buffer with silence. This prevents an issue
> + * with the Windows dsound backend whereby the sound appears to
> + * loop because the FIFO has run out of data, and the driver
> + * reuses the stale content in its circular audio buffer.
> + */
> + AUD_write(s->voice, s->silentbuf, samples << s->shift);
> + }
> return;
> }
What about having audio_callback_fn returning a boolean, and using
a flag in backends for that silence case? Roughtly:
-- >8 --
diff --git a/audio/audio.h b/audio/audio.h
index 01bdc567fb..4844771c92 100644
--- a/audio/audio.h
+++ b/audio/audio.h
@@ -30,7 +30,7 @@
#include "hw/qdev-properties.h"
#include "hw/qdev-properties-system.h"
-typedef void (*audio_callback_fn) (void *opaque, int avail);
+typedef bool (*audio_callback_fn) (void *opaque, int avail);
#if HOST_BIG_ENDIAN
#define AUDIO_HOST_ENDIANNESS 1
diff --git a/audio/audio.c b/audio/audio.c
index 90c7c49d11..5b6e69fbd6 100644
--- a/audio/audio.c
+++ b/audio/audio.c
@@ -1178,8 +1178,11 @@ static void audio_run_out (AudioState *s)
if (free > sw->resample_buf.pos) {
free = MIN(free, sw->resample_buf.size)
- sw->resample_buf.pos;
- sw->callback.fn(sw->callback.opaque,
- free * sw->info.bytes_per_frame);
+ if (!sw->callback.fn(sw->callback.opaque,
+ free * sw->info.bytes_per_frame)
+ && unlikely(hw->silentbuf_required)) {
+ /* write silence ... */
+ }
}
}
}
---
^ permalink raw reply related [flat|nested] 44+ messages in thread
* Re: [PATCH v2 08/20] asc: generate silence if FIFO empty but engine still running
2023-09-14 7:56 ` Philippe Mathieu-Daudé
@ 2023-09-14 13:16 ` Philippe Mathieu-Daudé
2023-09-16 8:19 ` Volker Rümelin
1 sibling, 0 replies; 44+ messages in thread
From: Philippe Mathieu-Daudé @ 2023-09-14 13:16 UTC (permalink / raw)
To: Mark Cave-Ayland, laurent, qemu-devel, Volker Rümelin,
Gerd Hoffmann, Marc-André Lureau
On 14/9/23 09:56, Philippe Mathieu-Daudé wrote:
>
> On 9/9/23 11:48, Mark Cave-Ayland wrote:
>> MacOS (un)helpfully leaves the FIFO engine running even when all the
>> samples have
>> been written to the hardware, and expects the FIFO status flags and
>> IRQ to be
>> updated continuously.
>>
>> There is an additional problem in that not all audio backends
>> guarantee an
>> all-zero output when there is no FIFO data available, in particular
>> the Windows
>> dsound backend which re-uses its internal circular buffer causing the
>> last played
>> sound to loop indefinitely.
>>
>> Whilst this is effectively a bug in the Windows dsound backend, work
>> around it
>> for now using a simple heuristic: if the FIFO remains empty for half a
>> cycle
>> (~23ms) then continuously fill the generated buffer with empty silence.
>>
>> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
>> ---
>> hw/audio/asc.c | 19 +++++++++++++++++++
>> include/hw/audio/asc.h | 2 ++
>> 2 files changed, 21 insertions(+)
>>
>> diff --git a/hw/audio/asc.c b/hw/audio/asc.c
>> index 336ace0cd6..b01b285512 100644
>> --- a/hw/audio/asc.c
>> +++ b/hw/audio/asc.c
>> @@ -334,6 +334,21 @@ static void asc_out_cb(void *opaque, int free_b)
>> }
>> if (!generated) {
>> + /* Workaround for audio underflow bug on Windows dsound
>> backend */
>> + int64_t now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
>> + int silent_samples = muldiv64(now - s->fifo_empty_ns,
>> + NANOSECONDS_PER_SECOND, ASC_FREQ);
>> +
>> + if (silent_samples > ASC_FIFO_CYCLE_TIME / 2) {
>> + /*
>> + * No new FIFO data within half a cycle time (~23ms) so
>> fill the
>> + * entire available buffer with silence. This prevents an
>> issue
>> + * with the Windows dsound backend whereby the sound
>> appears to
>> + * loop because the FIFO has run out of data, and the driver
>> + * reuses the stale content in its circular audio buffer.
>> + */
>> + AUD_write(s->voice, s->silentbuf, samples << s->shift);
>> + }
>> return;
>> }
>
> What about having audio_callback_fn returning a boolean, and using
> a flag in backends for that silence case? Roughtly:
>
> -- >8 --
> diff --git a/audio/audio.h b/audio/audio.h
> index 01bdc567fb..4844771c92 100644
> --- a/audio/audio.h
> +++ b/audio/audio.h
> @@ -30,7 +30,7 @@
> #include "hw/qdev-properties.h"
> #include "hw/qdev-properties-system.h"
>
> -typedef void (*audio_callback_fn) (void *opaque, int avail);
> +typedef bool (*audio_callback_fn) (void *opaque, int avail);
>
> #if HOST_BIG_ENDIAN
> #define AUDIO_HOST_ENDIANNESS 1
> diff --git a/audio/audio.c b/audio/audio.c
> index 90c7c49d11..5b6e69fbd6 100644
> --- a/audio/audio.c
> +++ b/audio/audio.c
> @@ -1178,8 +1178,11 @@ static void audio_run_out (AudioState *s)
> if (free > sw->resample_buf.pos) {
> free = MIN(free, sw->resample_buf.size)
> - sw->resample_buf.pos;
> - sw->callback.fn(sw->callback.opaque,
> - free * sw->info.bytes_per_frame);
> + if (!sw->callback.fn(sw->callback.opaque,
> + free * sw->info.bytes_per_frame)
> + && unlikely(hw->silentbuf_required)) {
> + /* write silence ... */
> + }
> }
> }
> }
> ---
(Clarifying, not a blocker for this series, just wondering)
^ permalink raw reply [flat|nested] 44+ messages in thread
* Re: [PATCH v2 08/20] asc: generate silence if FIFO empty but engine still running
2023-09-14 7:56 ` Philippe Mathieu-Daudé
2023-09-14 13:16 ` Philippe Mathieu-Daudé
@ 2023-09-16 8:19 ` Volker Rümelin
2023-09-17 13:42 ` Philippe Mathieu-Daudé
1 sibling, 1 reply; 44+ messages in thread
From: Volker Rümelin @ 2023-09-16 8:19 UTC (permalink / raw)
To: Philippe Mathieu-Daudé, Mark Cave-Ayland, laurent,
qemu-devel, Gerd Hoffmann, Marc-André Lureau
Am 14.09.23 um 09:56 schrieb Philippe Mathieu-Daudé:
>
> On 9/9/23 11:48, Mark Cave-Ayland wrote:
>> MacOS (un)helpfully leaves the FIFO engine running even when all the
>> samples have
>> been written to the hardware, and expects the FIFO status flags and
>> IRQ to be
>> updated continuously.
>>
>> There is an additional problem in that not all audio backends
>> guarantee an
>> all-zero output when there is no FIFO data available, in particular
>> the Windows
>> dsound backend which re-uses its internal circular buffer causing the
>> last played
>> sound to loop indefinitely.
>>
>> Whilst this is effectively a bug in the Windows dsound backend, work
>> around it
>> for now using a simple heuristic: if the FIFO remains empty for half
>> a cycle
>> (~23ms) then continuously fill the generated buffer with empty silence.
>>
>> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
>> ---
>> hw/audio/asc.c | 19 +++++++++++++++++++
>> include/hw/audio/asc.h | 2 ++
>> 2 files changed, 21 insertions(+)
>>
>> diff --git a/hw/audio/asc.c b/hw/audio/asc.c
>> index 336ace0cd6..b01b285512 100644
>> --- a/hw/audio/asc.c
>> +++ b/hw/audio/asc.c
>> @@ -334,6 +334,21 @@ static void asc_out_cb(void *opaque, int free_b)
>> }
>> if (!generated) {
>> + /* Workaround for audio underflow bug on Windows dsound
>> backend */
>> + int64_t now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
>> + int silent_samples = muldiv64(now - s->fifo_empty_ns,
>> + NANOSECONDS_PER_SECOND,
>> ASC_FREQ);
>> +
>> + if (silent_samples > ASC_FIFO_CYCLE_TIME / 2) {
>> + /*
>> + * No new FIFO data within half a cycle time (~23ms) so
>> fill the
>> + * entire available buffer with silence. This prevents
>> an issue
>> + * with the Windows dsound backend whereby the sound
>> appears to
>> + * loop because the FIFO has run out of data, and the
>> driver
>> + * reuses the stale content in its circular audio buffer.
>> + */
>> + AUD_write(s->voice, s->silentbuf, samples << s->shift);
>> + }
>> return;
>> }
>
> What about having audio_callback_fn returning a boolean, and using
> a flag in backends for that silence case? Roughtly:
>
Hi Philippe,
I don't think there will be many audio devices that need this feature in
the future. It's probably better to keep the code in hw/audio/asc.c
I plan to change the buffer underflow behavior of the DirectSound
backend after these patches are commited. I already have a patch
available. This doesn't mean this patch is unnecessary after my patch.
It is a mistake when audio devices simply stop writing audio samples
without changing the status of the audio playback stream to deactivated.
At the moment the ASC device can't deactivate the audio stream.
With best regards,
Volker
> -- >8 --
> diff --git a/audio/audio.h b/audio/audio.h
> index 01bdc567fb..4844771c92 100644
> --- a/audio/audio.h
> +++ b/audio/audio.h
> @@ -30,7 +30,7 @@
> #include "hw/qdev-properties.h"
> #include "hw/qdev-properties-system.h"
>
> -typedef void (*audio_callback_fn) (void *opaque, int avail);
> +typedef bool (*audio_callback_fn) (void *opaque, int avail);
>
> #if HOST_BIG_ENDIAN
> #define AUDIO_HOST_ENDIANNESS 1
> diff --git a/audio/audio.c b/audio/audio.c
> index 90c7c49d11..5b6e69fbd6 100644
> --- a/audio/audio.c
> +++ b/audio/audio.c
> @@ -1178,8 +1178,11 @@ static void audio_run_out (AudioState *s)
> if (free > sw->resample_buf.pos) {
> free = MIN(free, sw->resample_buf.size)
> - sw->resample_buf.pos;
> - sw->callback.fn(sw->callback.opaque,
> - free * sw->info.bytes_per_frame);
> + if (!sw->callback.fn(sw->callback.opaque,
> + free *
> sw->info.bytes_per_frame)
> + && unlikely(hw->silentbuf_required)) {
> + /* write silence ... */
> + }
> }
> }
> }
> ---
^ permalink raw reply [flat|nested] 44+ messages in thread
* Re: [PATCH v2 08/20] asc: generate silence if FIFO empty but engine still running
2023-09-16 8:19 ` Volker Rümelin
@ 2023-09-17 13:42 ` Philippe Mathieu-Daudé
0 siblings, 0 replies; 44+ messages in thread
From: Philippe Mathieu-Daudé @ 2023-09-17 13:42 UTC (permalink / raw)
To: Volker Rümelin, Mark Cave-Ayland, laurent, qemu-devel,
Gerd Hoffmann, Marc-André Lureau
On 16/9/23 10:19, Volker Rümelin wrote:
> Am 14.09.23 um 09:56 schrieb Philippe Mathieu-Daudé:
>>
>> On 9/9/23 11:48, Mark Cave-Ayland wrote:
>>> MacOS (un)helpfully leaves the FIFO engine running even when all the
>>> samples have
>>> been written to the hardware, and expects the FIFO status flags and
>>> IRQ to be
>>> updated continuously.
>>>
>>> There is an additional problem in that not all audio backends
>>> guarantee an
>>> all-zero output when there is no FIFO data available, in particular
>>> the Windows
>>> dsound backend which re-uses its internal circular buffer causing the
>>> last played
>>> sound to loop indefinitely.
>>>
>>> Whilst this is effectively a bug in the Windows dsound backend, work
>>> around it
>>> for now using a simple heuristic: if the FIFO remains empty for half
>>> a cycle
>>> (~23ms) then continuously fill the generated buffer with empty silence.
>>>
>>> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
>>> ---
>>> hw/audio/asc.c | 19 +++++++++++++++++++
>>> include/hw/audio/asc.h | 2 ++
>>> 2 files changed, 21 insertions(+)
>>>
>>> diff --git a/hw/audio/asc.c b/hw/audio/asc.c
>>> index 336ace0cd6..b01b285512 100644
>>> --- a/hw/audio/asc.c
>>> +++ b/hw/audio/asc.c
>>> @@ -334,6 +334,21 @@ static void asc_out_cb(void *opaque, int free_b)
>>> }
>>> if (!generated) {
>>> + /* Workaround for audio underflow bug on Windows dsound
>>> backend */
>>> + int64_t now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
>>> + int silent_samples = muldiv64(now - s->fifo_empty_ns,
>>> + NANOSECONDS_PER_SECOND,
>>> ASC_FREQ);
>>> +
>>> + if (silent_samples > ASC_FIFO_CYCLE_TIME / 2) {
>>> + /*
>>> + * No new FIFO data within half a cycle time (~23ms) so
>>> fill the
>>> + * entire available buffer with silence. This prevents
>>> an issue
>>> + * with the Windows dsound backend whereby the sound
>>> appears to
>>> + * loop because the FIFO has run out of data, and the
>>> driver
>>> + * reuses the stale content in its circular audio buffer.
>>> + */
>>> + AUD_write(s->voice, s->silentbuf, samples << s->shift);
>>> + }
>>> return;
>>> }
>>
>> What about having audio_callback_fn returning a boolean, and using
>> a flag in backends for that silence case? Roughtly:
>>
>
> Hi Philippe,
>
> I don't think there will be many audio devices that need this feature in
> the future. It's probably better to keep the code in hw/audio/asc.c
>
> I plan to change the buffer underflow behavior of the DirectSound
> backend after these patches are commited. I already have a patch
> available. This doesn't mean this patch is unnecessary after my patch.
> It is a mistake when audio devices simply stop writing audio samples
> without changing the status of the audio playback stream to deactivated.
> At the moment the ASC device can't deactivate the audio stream.
OK, thanks for clarifying.
^ permalink raw reply [flat|nested] 44+ messages in thread
* Re: [PATCH v2 07/20] audio: add Apple Sound Chip (ASC) emulation
2023-09-14 7:06 ` Volker Rümelin
@ 2023-09-20 15:39 ` Mark Cave-Ayland
2023-09-23 7:09 ` Volker Rümelin
0 siblings, 1 reply; 44+ messages in thread
From: Mark Cave-Ayland @ 2023-09-20 15:39 UTC (permalink / raw)
To: Volker Rümelin, laurent; +Cc: qemu-devel
On 14/09/2023 08:06, Volker Rümelin wrote:
> Am 09.09.23 um 11:48 schrieb Mark Cave-Ayland:
>> The Apple Sound Chip was primarily used by the Macintosh II to generate sound
>> in hardware which was previously handled by the toolbox ROM with software
>> interrupts.
>>
>> Implement both the standard ASC and also the enhanced ASC (EASC) functionality
>> which is used in the Quadra 800.
>>
>> Note that whilst real ASC hardware uses AUDIO_FORMAT_S8, this implementation uses
>> AUDIO_FORMAT_U8 instead because AUDIO_FORMAT_S8 is rarely used and not supported
>> by some audio backends like PulseAudio and DirectSound when played directly with
>> -audiodev out.mixing-engine=off.
>>
>> Co-developed-by: Laurent Vivier <laurent@vivier.eu>
>> Co-developed-by: Volker Rümelin <vr_qemu@t-online.de>
>> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
>> ---
>> MAINTAINERS | 2 +
>> hw/audio/Kconfig | 3 +
>> hw/audio/asc.c | 699 +++++++++++++++++++++++++++++++++++++++++
>> hw/audio/meson.build | 1 +
>> hw/audio/trace-events | 10 +
>> hw/m68k/Kconfig | 1 +
>> include/hw/audio/asc.h | 84 +++++
>> 7 files changed, 800 insertions(+)
>> create mode 100644 hw/audio/asc.c
>> create mode 100644 include/hw/audio/asc.h
>
> Hi Mark,
>
> the function generate_fifo() has four issues. Only the first one
> is noticeable.
>
> 1. The calculation of the variable limit assumes generate_fifo()
> generates one output sample from every input byte. This is correct
> for the raw mode, but not for the CD-XA BRR mode. This mode
> generates 28 output samples from 15 input bytes. This is the
> reason for the stuttering end of a CD-XA BRR mode sound. Every
> generate_fifo() call generates approximately only half of the
> possible samples when the fifo bytes are running low.
>
> 2. generate_fifo() doesn't generate the last output sample from
> a CD-XA BRR mode sound. The last sample is generated from internal
> state and the code will not be called without at least one byte
> in the fifo.
>
> 3. It's not necessary to wait for a complete 15 byte packet in
> CD-XA BRR mode. Audio playback devices should write all
> requested samples immediately if possible.
>
> 4. The saturation function in CD-XA BRR mode works with 16 bit
> integers. It should saturate at +32767 and -32768.
>
> Since I think a few lines of code explain the issues better
> than my words, I've attached a patch below.
>
> With best regards,
> Volker
Hi Volker,
Thanks for detailed explanation above - everything makes sense based upon previous
discussions. My only question is in comment 3 where you say "Audio playback devices
should write all requested samples immediately if possible": can you clarify does
this mean that the supplied length to the audio callback represents a *required*
rather than a *maximum* number of samples?
Regardless of this I've had some time to test on Windows this afternoon, and I can
confirm that your changes fix the outstanding audio issues. I've squashed your
changes locally and I'll included them in the next revision of the series, although
I'll likely wait a bit first to see if any more reviews are forthcoming.
Many thanks,
Mark.
^ permalink raw reply [flat|nested] 44+ messages in thread
* Re: [PATCH v2 07/20] audio: add Apple Sound Chip (ASC) emulation
2023-09-20 15:39 ` Mark Cave-Ayland
@ 2023-09-23 7:09 ` Volker Rümelin
0 siblings, 0 replies; 44+ messages in thread
From: Volker Rümelin @ 2023-09-23 7:09 UTC (permalink / raw)
To: Mark Cave-Ayland, laurent; +Cc: qemu-devel
Am 20.09.23 um 17:39 schrieb Mark Cave-Ayland:
> On 14/09/2023 08:06, Volker Rümelin wrote:
>
>> Am 09.09.23 um 11:48 schrieb Mark Cave-Ayland:
>>> The Apple Sound Chip was primarily used by the Macintosh II to
>>> generate sound
>>> in hardware which was previously handled by the toolbox ROM with
>>> software
>>> interrupts.
>>>
>>> Implement both the standard ASC and also the enhanced ASC (EASC)
>>> functionality
>>> which is used in the Quadra 800.
>>>
>>> Note that whilst real ASC hardware uses AUDIO_FORMAT_S8, this
>>> implementation uses
>>> AUDIO_FORMAT_U8 instead because AUDIO_FORMAT_S8 is rarely used and
>>> not supported
>>> by some audio backends like PulseAudio and DirectSound when played
>>> directly with
>>> -audiodev out.mixing-engine=off.
>>>
>>> Co-developed-by: Laurent Vivier <laurent@vivier.eu>
>>> Co-developed-by: Volker Rümelin <vr_qemu@t-online.de>
>>> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
>>> ---
>>> MAINTAINERS | 2 +
>>> hw/audio/Kconfig | 3 +
>>> hw/audio/asc.c | 699
>>> +++++++++++++++++++++++++++++++++++++++++
>>> hw/audio/meson.build | 1 +
>>> hw/audio/trace-events | 10 +
>>> hw/m68k/Kconfig | 1 +
>>> include/hw/audio/asc.h | 84 +++++
>>> 7 files changed, 800 insertions(+)
>>> create mode 100644 hw/audio/asc.c
>>> create mode 100644 include/hw/audio/asc.h
>>
>> Hi Mark,
>>
>> the function generate_fifo() has four issues. Only the first one
>> is noticeable.
>>
>> 1. The calculation of the variable limit assumes generate_fifo()
>> generates one output sample from every input byte. This is correct
>> for the raw mode, but not for the CD-XA BRR mode. This mode
>> generates 28 output samples from 15 input bytes. This is the
>> reason for the stuttering end of a CD-XA BRR mode sound. Every
>> generate_fifo() call generates approximately only half of the
>> possible samples when the fifo bytes are running low.
>>
>> 2. generate_fifo() doesn't generate the last output sample from
>> a CD-XA BRR mode sound. The last sample is generated from internal
>> state and the code will not be called without at least one byte
>> in the fifo.
>>
>> 3. It's not necessary to wait for a complete 15 byte packet in
>> CD-XA BRR mode. Audio playback devices should write all
>> requested samples immediately if possible.
>>
>> 4. The saturation function in CD-XA BRR mode works with 16 bit
>> integers. It should saturate at +32767 and -32768.
>>
>> Since I think a few lines of code explain the issues better
>> than my words, I've attached a patch below.
>>
>> With best regards,
>> Volker
>
> Hi Volker,
>
> Thanks for detailed explanation above - everything makes sense based
> upon previous discussions. My only question is in comment 3 where you
> say "Audio playback devices should write all requested samples
> immediately if possible": can you clarify does this mean that the
> supplied length to the audio callback represents a *required* rather
> than a *maximum* number of samples?
>
Hi Mark,
the supplied length is the number of bytes needed to fill the downstream
audio buffer completely or as fast as possible. An incompletely filled
buffer increases the probability of dropouts. The supplied length is
also the maximum number of bytes AUD_write() will write.
So it's better to write as many bytes as possible, but if you can't it
won't cause audio problems immediately in most cases.
With best regards,
Volker
> Regardless of this I've had some time to test on Windows this
> afternoon, and I can confirm that your changes fix the outstanding
> audio issues. I've squashed your changes locally and I'll included
> them in the next revision of the series, although I'll likely wait a
> bit first to see if any more reviews are forthcoming.
>
>
> Many thanks,
>
> Mark.
>
^ permalink raw reply [flat|nested] 44+ messages in thread
* Re: [PATCH v2 01/20] q800-glue.c: convert to Resettable interface
2023-09-09 9:48 ` [PATCH v2 01/20] q800-glue.c: convert to Resettable interface Mark Cave-Ayland
@ 2023-09-25 17:03 ` Laurent Vivier
0 siblings, 0 replies; 44+ messages in thread
From: Laurent Vivier @ 2023-09-25 17:03 UTC (permalink / raw)
To: Mark Cave-Ayland, qemu-devel
Le 09/09/2023 à 11:48, Mark Cave-Ayland a écrit :
> Convert the GLUE device to 3-phase reset. The legacy method
> doesn't do anything that's invalid in the hold phase, so the
> conversion is simple and not a behaviour change.
>
> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
> ---
> hw/m68k/q800-glue.c | 7 ++++---
> 1 file changed, 4 insertions(+), 3 deletions(-)
>
> diff --git a/hw/m68k/q800-glue.c b/hw/m68k/q800-glue.c
> index 34c4f0e987..710a5c331e 100644
> --- a/hw/m68k/q800-glue.c
> +++ b/hw/m68k/q800-glue.c
> @@ -166,9 +166,9 @@ static void glue_nmi_release(void *opaque)
> GLUE_set_irq(s, GLUE_IRQ_IN_NMI, 0);
> }
>
> -static void glue_reset(DeviceState *dev)
> +static void glue_reset_hold(Object *obj)
> {
> - GLUEState *s = GLUE(dev);
> + GLUEState *s = GLUE(obj);
>
> s->ipr = 0;
> s->auxmode = 0;
> @@ -223,11 +223,12 @@ static void glue_init(Object *obj)
> static void glue_class_init(ObjectClass *klass, void *data)
> {
> DeviceClass *dc = DEVICE_CLASS(klass);
> + ResettableClass *rc = RESETTABLE_CLASS(klass);
> NMIClass *nc = NMI_CLASS(klass);
>
> dc->vmsd = &vmstate_glue;
> - dc->reset = glue_reset;
> device_class_set_props(dc, glue_properties);
> + rc->phases.hold = glue_reset_hold;
> nc->nmi_monitor_handler = glue_nmi;
> }
>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
^ permalink raw reply [flat|nested] 44+ messages in thread
* Re: [PATCH v2 08/20] asc: generate silence if FIFO empty but engine still running
2023-09-09 9:48 ` [PATCH v2 08/20] asc: generate silence if FIFO empty but engine still running Mark Cave-Ayland
2023-09-14 7:56 ` Philippe Mathieu-Daudé
@ 2023-09-25 17:19 ` Laurent Vivier
2023-09-28 20:40 ` Mark Cave-Ayland
1 sibling, 1 reply; 44+ messages in thread
From: Laurent Vivier @ 2023-09-25 17:19 UTC (permalink / raw)
To: Mark Cave-Ayland, qemu-devel
Le 09/09/2023 à 11:48, Mark Cave-Ayland a écrit :
> MacOS (un)helpfully leaves the FIFO engine running even when all the samples have
> been written to the hardware, and expects the FIFO status flags and IRQ to be
> updated continuously.
>
> There is an additional problem in that not all audio backends guarantee an
> all-zero output when there is no FIFO data available, in particular the Windows
> dsound backend which re-uses its internal circular buffer causing the last played
> sound to loop indefinitely.
>
> Whilst this is effectively a bug in the Windows dsound backend, work around it
> for now using a simple heuristic: if the FIFO remains empty for half a cycle
> (~23ms) then continuously fill the generated buffer with empty silence.
>
> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
> ---
> hw/audio/asc.c | 19 +++++++++++++++++++
> include/hw/audio/asc.h | 2 ++
> 2 files changed, 21 insertions(+)
>
> diff --git a/hw/audio/asc.c b/hw/audio/asc.c
> index 336ace0cd6..b01b285512 100644
> --- a/hw/audio/asc.c
> +++ b/hw/audio/asc.c
> @@ -334,6 +334,21 @@ static void asc_out_cb(void *opaque, int free_b)
> }
>
> if (!generated) {
> + /* Workaround for audio underflow bug on Windows dsound backend */
> + int64_t now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
> + int silent_samples = muldiv64(now - s->fifo_empty_ns,
> + NANOSECONDS_PER_SECOND, ASC_FREQ);
> +
> + if (silent_samples > ASC_FIFO_CYCLE_TIME / 2) {
> + /*
> + * No new FIFO data within half a cycle time (~23ms) so fill the
> + * entire available buffer with silence. This prevents an issue
> + * with the Windows dsound backend whereby the sound appears to
> + * loop because the FIFO has run out of data, and the driver
> + * reuses the stale content in its circular audio buffer.
> + */
> + AUD_write(s->voice, s->silentbuf, samples << s->shift);
> + }
> return;
> }
>
> @@ -611,6 +626,7 @@ static void asc_unrealize(DeviceState *dev)
> ASCState *s = ASC(dev);
>
> g_free(s->mixbuf);
> + g_free(s->silentbuf);
>
> AUD_remove_card(&s->card);
> }
> @@ -633,6 +649,9 @@ static void asc_realize(DeviceState *dev, Error **errp)
> s->samples = AUD_get_buffer_size_out(s->voice) >> s->shift;
> s->mixbuf = g_malloc0(s->samples << s->shift);
>
> + s->silentbuf = g_malloc0(s->samples << s->shift);
> + memset(s->silentbuf, 0x80, s->samples << s->shift);
> +
> /* Add easc registers if required */
> if (s->type == ASC_TYPE_EASC) {
> memory_region_add_subregion(&s->asc, ASC_EXTREG_OFFSET,
> diff --git a/include/hw/audio/asc.h b/include/hw/audio/asc.h
> index d9412815c3..4741f92c46 100644
> --- a/include/hw/audio/asc.h
> +++ b/include/hw/audio/asc.h
> @@ -68,6 +68,8 @@ struct ASCState {
> int samples;
> int shift;
>
> + uint8_t *silentbuf;
> +
> /* Time when we were last able to generate samples */
> int64_t fifo_empty_ns;
>
If it's specific to Windows why not using "#if defined(CONFIG_WIN32) &&
defined(CONFIG_AUDIO_DSOUND)" to clearly identify this piece of code as specific to a windows bug
with dsound?
Anyway, code looks good:
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
^ permalink raw reply [flat|nested] 44+ messages in thread
* Re: [PATCH v2 10/20] q800: add easc bool machine class property to switch between ASC and EASC
2023-09-09 9:48 ` [PATCH v2 10/20] q800: add easc bool machine class property to switch between ASC and EASC Mark Cave-Ayland
@ 2023-09-26 7:54 ` Laurent Vivier
0 siblings, 0 replies; 44+ messages in thread
From: Laurent Vivier @ 2023-09-26 7:54 UTC (permalink / raw)
To: Mark Cave-Ayland, qemu-devel
Le 09/09/2023 à 11:48, Mark Cave-Ayland a écrit :
> This determines whether the Apple Sound Chip (ASC) is set to enhanced mode
> (default) or to original mode. The real Q800 hardware used an EASC chip however
> a lot of older software only works with the older ASC chip.
>
> Adding this as a machine parameter allows QEMU to be used as an developer aid
> for testing and migrating code from ASC to EASC.
>
> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
> ---
> hw/m68k/q800.c | 30 +++++++++++++++++++++++++++++-
> include/hw/m68k/q800.h | 1 +
> 2 files changed, 30 insertions(+), 1 deletion(-)
>
> diff --git a/hw/m68k/q800.c b/hw/m68k/q800.c
> index ae07aa20ff..5ae7c37760 100644
> --- a/hw/m68k/q800.c
> +++ b/hw/m68k/q800.c
> @@ -484,7 +484,8 @@ static void q800_machine_init(MachineState *machine)
> /* Apple Sound Chip */
>
> object_initialize_child(OBJECT(machine), "asc", &m->asc, TYPE_ASC);
> - qdev_prop_set_uint8(DEVICE(&m->asc), "asctype", ASC_TYPE_EASC);
> + qdev_prop_set_uint8(DEVICE(&m->asc), "asctype", m->easc ? ASC_TYPE_EASC
> + : ASC_TYPE_ASC);
> sysbus = SYS_BUS_DEVICE(&m->asc);
> sysbus_realize_and_unref(sysbus, &error_fatal);
> memory_region_add_subregion(&m->macio, ASC_BASE - IO_BASE,
> @@ -674,6 +675,28 @@ static void q800_machine_init(MachineState *machine)
> }
> }
>
> +static bool q800_get_easc(Object *obj, Error **errp)
> +{
> + Q800MachineState *ms = Q800_MACHINE(obj);
> +
> + return ms->easc;
> +}
> +
> +static void q800_set_easc(Object *obj, bool value, Error **errp)
> +{
> + Q800MachineState *ms = Q800_MACHINE(obj);
> +
> + ms->easc = value;
> +}
> +
> +static void q800_init(Object *obj)
> +{
> + Q800MachineState *ms = Q800_MACHINE(obj);
> +
> + /* Default to EASC */
> + ms->easc = true;
> +}
> +
> static GlobalProperty hw_compat_q800[] = {
> { "scsi-hd", "quirk_mode_page_vendor_specific_apple", "on" },
> { "scsi-hd", "vendor", " SEAGATE" },
> @@ -706,11 +729,16 @@ static void q800_machine_class_init(ObjectClass *oc, void *data)
> mc->block_default_type = IF_SCSI;
> mc->default_ram_id = "m68k_mac.ram";
> compat_props_add(mc->compat_props, hw_compat_q800, hw_compat_q800_len);
> +
> + object_class_property_add_bool(oc, "easc", q800_get_easc, q800_set_easc);
> + object_class_property_set_description(oc, "easc",
> + "Set to off to use ASC rather than EASC");
> }
>
> static const TypeInfo q800_machine_typeinfo = {
> .name = MACHINE_TYPE_NAME("q800"),
> .parent = TYPE_MACHINE,
> + .instance_init = q800_init,
> .instance_size = sizeof(Q800MachineState),
> .class_init = q800_machine_class_init,
> };
> diff --git a/include/hw/m68k/q800.h b/include/hw/m68k/q800.h
> index 790cf433f3..fbaacd88bd 100644
> --- a/include/hw/m68k/q800.h
> +++ b/include/hw/m68k/q800.h
> @@ -47,6 +47,7 @@
> struct Q800MachineState {
> MachineState parent_obj;
>
> + bool easc;
> M68kCPU cpu;
> MemoryRegion rom;
> GLUEState glue;
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
^ permalink raw reply [flat|nested] 44+ messages in thread
* Re: [PATCH v2 11/20] swim: add trace events for IWM and ISM registers
2023-09-09 9:48 ` [PATCH v2 11/20] swim: add trace events for IWM and ISM registers Mark Cave-Ayland
@ 2023-09-26 7:55 ` Laurent Vivier
0 siblings, 0 replies; 44+ messages in thread
From: Laurent Vivier @ 2023-09-26 7:55 UTC (permalink / raw)
To: Mark Cave-Ayland, qemu-devel
Le 09/09/2023 à 11:48, Mark Cave-Ayland a écrit :
> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
> ---
> hw/block/swim.c | 14 ++++++++++++++
> hw/block/trace-events | 7 +++++++
> 2 files changed, 21 insertions(+)
>
> diff --git a/hw/block/swim.c b/hw/block/swim.c
> index 333da08ce0..7df36ea139 100644
> --- a/hw/block/swim.c
> +++ b/hw/block/swim.c
> @@ -19,6 +19,7 @@
> #include "hw/block/block.h"
> #include "hw/block/swim.h"
> #include "hw/qdev-properties.h"
> +#include "trace.h"
>
> /* IWM registers */
>
> @@ -125,6 +126,13 @@
> #define SWIM_HEDSEL 0x20
> #define SWIM_MOTON 0x80
>
> +static const char *swim_reg_names[] = {
> + "WRITE_DATA", "WRITE_MARK", "WRITE_CRC", "WRITE_PARAMETER",
> + "WRITE_PHASE", "WRITE_SETUP", "WRITE_MODE0", "WRITE_MODE1",
> + "READ_DATA", "READ_MARK", "READ_ERROR", "READ_PARAMETER",
> + "READ_PHASE", "READ_SETUP", "READ_STATUS", "READ_HANDSHAKE"
> +};
> +
> static void fd_recalibrate(FDrive *drive)
> {
> }
> @@ -267,6 +275,7 @@ static void iwmctrl_write(void *opaque, hwaddr reg, uint64_t value,
> reg >>= REG_SHIFT;
>
> swimctrl->regs[reg >> 1] = reg & 1;
> + trace_swim_iwmctrl_write((reg >> 1), size, (reg & 1));
>
> if (swimctrl->regs[IWM_Q6] &&
> swimctrl->regs[IWM_Q7]) {
> @@ -297,6 +306,7 @@ static void iwmctrl_write(void *opaque, hwaddr reg, uint64_t value,
> if (value == 0x57) {
> swimctrl->mode = SWIM_MODE_SWIM;
> swimctrl->iwm_switch = 0;
> + trace_swim_iwm_switch();
> }
> break;
> }
> @@ -312,6 +322,7 @@ static uint64_t iwmctrl_read(void *opaque, hwaddr reg, unsigned size)
>
> swimctrl->regs[reg >> 1] = reg & 1;
>
> + trace_swim_iwmctrl_read((reg >> 1), size, (reg & 1));
> return 0;
> }
>
> @@ -327,6 +338,8 @@ static void swimctrl_write(void *opaque, hwaddr reg, uint64_t value,
>
> reg >>= REG_SHIFT;
>
> + trace_swim_swimctrl_write(reg, swim_reg_names[reg], size, value);
> +
> switch (reg) {
> case SWIM_WRITE_PHASE:
> swimctrl->swim_phase = value;
> @@ -376,6 +389,7 @@ static uint64_t swimctrl_read(void *opaque, hwaddr reg, unsigned size)
> break;
> }
>
> + trace_swim_swimctrl_read(reg, swim_reg_names[reg], size, value);
> return value;
> }
>
> diff --git a/hw/block/trace-events b/hw/block/trace-events
> index 34be8b9135..c041ec45e3 100644
> --- a/hw/block/trace-events
> +++ b/hw/block/trace-events
> @@ -90,3 +90,10 @@ m25p80_read_data(void *s, uint32_t pos, uint8_t v) "[%p] Read data 0x%"PRIx32"=0
> m25p80_read_sfdp(void *s, uint32_t addr, uint8_t v) "[%p] Read SFDP 0x%"PRIx32"=0x%"PRIx8
> m25p80_binding(void *s) "[%p] Binding to IF_MTD drive"
> m25p80_binding_no_bdrv(void *s) "[%p] No BDRV - binding to RAM"
> +
> +# swim.c
> +swim_swimctrl_read(int reg, const char *name, unsigned size, uint64_t value) "reg=%d [%s] size=%u value=0x%"PRIx64
> +swim_swimctrl_write(int reg, const char *name, unsigned size, uint64_t value) "reg=%d [%s] size=%u value=0x%"PRIx64
> +swim_iwmctrl_read(int reg, unsigned size, uint64_t value) "reg=%d size=%u value=0x%"PRIx64
> +swim_iwmctrl_write(int reg, unsigned size, uint64_t value) "reg=%d size=%u value=0x%"PRIx64
> +swim_iwm_switch(void) "switch from IWM to SWIM mode"
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
^ permalink raw reply [flat|nested] 44+ messages in thread
* Re: [PATCH v2 14/20] mac_via: work around underflow in TimeDBRA timing loop in SETUPTIMEK
2023-09-09 9:48 ` [PATCH v2 14/20] mac_via: work around underflow in TimeDBRA timing loop in SETUPTIMEK Mark Cave-Ayland
@ 2023-09-26 8:04 ` Laurent Vivier
0 siblings, 0 replies; 44+ messages in thread
From: Laurent Vivier @ 2023-09-26 8:04 UTC (permalink / raw)
To: Mark Cave-Ayland, qemu-devel
Le 09/09/2023 à 11:48, Mark Cave-Ayland a écrit :
> The MacOS toolbox ROM calculates the number of branches that can be executed
> per millisecond as part of its timer calibration. Since modern hosts are
> considerably quicker than original hardware, the negative counter reaches zero
> before the calibration completes leading to division by zero later in
> CALCULATESLOD.
>
> Instead of trying to fudge the timing loop (which won't work for TimeDBRA/TimeSCCDB
> anyhow), use the pattern of access to the VIA1 registers to detect when SETUPTIMEK
> has finished executing and write some well-known good timer values to TimeDBRA
> and TimeSCCDB taken from real hardware with a suitable scaling factor.
>
> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
> ---
> hw/misc/mac_via.c | 115 ++++++++++++++++++++++++++++++++++++++
> hw/misc/trace-events | 1 +
> include/hw/misc/mac_via.h | 3 +
> 3 files changed, 119 insertions(+)
>
> diff --git a/hw/misc/mac_via.c b/hw/misc/mac_via.c
> index baeb73eeb3..766a32a95d 100644
> --- a/hw/misc/mac_via.c
> +++ b/hw/misc/mac_via.c
> @@ -16,6 +16,7 @@
> */
>
> #include "qemu/osdep.h"
> +#include "exec/address-spaces.h"
> #include "migration/vmstate.h"
> #include "hw/sysbus.h"
> #include "hw/irq.h"
> @@ -871,6 +872,112 @@ static void via1_auxmode_update(MOS6522Q800VIA1State *v1s)
> }
> }
>
> +/*
> + * Addresses and real values for TimeDBRA/TimeSCCB to allow timer calibration
> + * to succeed (NOTE: both values have been multiplied by 3 to cope with the
> + * speed of QEMU execution on a modern host
> + */
> +#define MACOS_TIMEDBRA 0xd00
> +#define MACOS_TIMESCCB 0xd02
> +
> +#define MACOS_TIMEDBRA_VALUE (0x2a00 * 3)
> +#define MACOS_TIMESCCB_VALUE (0x079d * 3)
> +
> +static bool via1_is_toolbox_timer_calibrated(void)
> +{
> + /*
> + * Indicate whether the MacOS toolbox has been calibrated by checking
> + * for the value of our magic constants
> + */
> + uint16_t timedbra = lduw_be_phys(&address_space_memory, MACOS_TIMEDBRA);
> + uint16_t timesccdb = lduw_be_phys(&address_space_memory, MACOS_TIMESCCB);
> +
> + return (timedbra == MACOS_TIMEDBRA_VALUE &&
> + timesccdb == MACOS_TIMESCCB_VALUE);
> +}
> +
> +static void via1_timer_calibration_hack(MOS6522Q800VIA1State *v1s, int addr,
> + uint64_t val, int size)
> +{
> + /*
> + * Work around timer calibration to ensure we that we have non-zero and
> + * known good values for TIMEDRBA and TIMESCCDB.
> + *
> + * This works by attempting to detect the reset and calibration sequence
> + * of writes to VIA1
> + */
> + int old_timer_hack_state = v1s->timer_hack_state;
> +
> + switch (v1s->timer_hack_state) {
> + case 0:
> + if (addr == VIA_REG_PCR && val == 0x22) {
> + /* VIA_REG_PCR: configure VIA1 edge triggering */
> + v1s->timer_hack_state = 1;
> + }
> + break;
> + case 1:
> + if (addr == VIA_REG_T2CL && val == 0xc) {
> + /* VIA_REG_T2CL: low byte of 1ms counter */
> + if (!via1_is_toolbox_timer_calibrated()) {
> + v1s->timer_hack_state = 2;
> + } else {
> + v1s->timer_hack_state = 0;
> + }
> + }
> + break;
> + case 2:
> + if (addr == VIA_REG_T2CH && val == 0x3) {
> + /*
> + * VIA_REG_T2CH: high byte of 1ms counter (very likely at the
> + * start of SETUPTIMEK)
> + */
> + if (!via1_is_toolbox_timer_calibrated()) {
> + v1s->timer_hack_state = 3;
> + } else {
> + v1s->timer_hack_state = 0;
> + }
> + }
> + break;
> + case 3:
> + if (addr == VIA_REG_IER && val == 0x20) {
> + /*
> + * VIA_REG_IER: update at end of SETUPTIMEK
> + *
> + * Timer calibration has finished: unfortunately the values in
> + * TIMEDBRA (0xd00) and TIMESCCDB (0xd02) are so far out they
> + * cause divide by zero errors.
> + *
> + * Update them with values obtained from a real Q800 but with
> + * a x3 scaling factor which seems to work well
> + */
> + stw_be_phys(&address_space_memory, MACOS_TIMEDBRA,
> + MACOS_TIMEDBRA_VALUE);
> + stw_be_phys(&address_space_memory, MACOS_TIMESCCB,
> + MACOS_TIMESCCB_VALUE);
> +
> + v1s->timer_hack_state = 4;
> + }
> + break;
> + case 4:
> + /*
> + * This is the normal post-calibration timer state: we should
> + * generally remain here unless we detect the A/UX calibration
> + * loop, or a write to VIA_REG_PCR suggesting a reset
> + */
> + if (addr == VIA_REG_PCR && val == 0x22) {
> + /* Looks like there has been a reset? */
> + v1s->timer_hack_state = 1;
> + }
> + break;
> + default:
> + g_assert_not_reached();
> + }
> +
> + if (old_timer_hack_state != v1s->timer_hack_state) {
> + trace_via1_timer_hack_state(v1s->timer_hack_state);
> + }
> +}
> +
> static uint64_t mos6522_q800_via1_read(void *opaque, hwaddr addr, unsigned size)
> {
> MOS6522Q800VIA1State *s = MOS6522_Q800_VIA1(opaque);
> @@ -896,6 +1003,9 @@ static void mos6522_q800_via1_write(void *opaque, hwaddr addr, uint64_t val,
> MOS6522State *ms = MOS6522(v1s);
>
> addr = (addr >> 9) & 0xf;
> +
> + via1_timer_calibration_hack(v1s, addr, val, size);
> +
> mos6522_write(ms, addr, val, size);
>
> switch (addr) {
> @@ -1008,6 +1118,9 @@ static void mos6522_q800_via1_reset_hold(Object *obj)
> adb_set_autopoll_enabled(adb_bus, true);
> v1s->cmd = REG_EMPTY;
> v1s->alt = REG_EMPTY;
> +
> + /* Timer calibration hack */
> + v1s->timer_hack_state = 0;
> }
>
> static void mos6522_q800_via1_realize(DeviceState *dev, Error **errp)
> @@ -1100,6 +1213,8 @@ static const VMStateDescription vmstate_q800_via1 = {
> VMSTATE_INT64(next_second, MOS6522Q800VIA1State),
> VMSTATE_TIMER_PTR(sixty_hz_timer, MOS6522Q800VIA1State),
> VMSTATE_INT64(next_sixty_hz, MOS6522Q800VIA1State),
> + /* Timer hack */
> + VMSTATE_INT32(timer_hack_state, MOS6522Q800VIA1State),
> VMSTATE_END_OF_LIST()
> }
> };
> diff --git a/hw/misc/trace-events b/hw/misc/trace-events
> index c9bdb0d30e..0c9762fdf6 100644
> --- a/hw/misc/trace-events
> +++ b/hw/misc/trace-events
> @@ -272,6 +272,7 @@ via1_adb_send(const char *state, uint8_t data, const char *vadbint) "state %s da
> via1_adb_receive(const char *state, uint8_t data, const char *vadbint, int status, int index, int size) "state %s data=0x%02x vADBInt=%s status=0x%x index=%d size=%d"
> via1_adb_poll(uint8_t data, const char *vadbint, int status, int index, int size) "data=0x%02x vADBInt=%s status=0x%x index=%d size=%d"
> via1_auxmode(int mode) "setting auxmode to %d"
> +via1_timer_hack_state(int state) "setting timer_hack_state to %d"
>
> # grlib_ahb_apb_pnp.c
> grlib_ahb_pnp_read(uint64_t addr, unsigned size, uint32_t value) "AHB PnP read addr:0x%03"PRIx64" size:%u data:0x%08x"
> diff --git a/include/hw/misc/mac_via.h b/include/hw/misc/mac_via.h
> index 422da43bf9..63cdcf7c69 100644
> --- a/include/hw/misc/mac_via.h
> +++ b/include/hw/misc/mac_via.h
> @@ -74,6 +74,9 @@ struct MOS6522Q800VIA1State {
> int64_t next_second;
> QEMUTimer *sixty_hz_timer;
> int64_t next_sixty_hz;
> +
> + /* SETUPTIMEK hack */
> + int timer_hack_state;
> };
>
>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
^ permalink raw reply [flat|nested] 44+ messages in thread
* Re: [PATCH v2 15/20] mac_via: workaround NetBSD ADB bus enumeration issue
2023-09-09 9:48 ` [PATCH v2 15/20] mac_via: workaround NetBSD ADB bus enumeration issue Mark Cave-Ayland
@ 2023-09-26 8:04 ` Laurent Vivier
2023-09-28 20:45 ` Mark Cave-Ayland
0 siblings, 1 reply; 44+ messages in thread
From: Laurent Vivier @ 2023-09-26 8:04 UTC (permalink / raw)
To: Mark Cave-Ayland, qemu-devel
Le 09/09/2023 à 11:48, Mark Cave-Ayland a écrit :
> NetBSD assumes it can send its first ADB command after sending the ADB_BUSRESET
> command in ADB_STATE_NEW without changing the state back to ADB_STATE_IDLE
> first as detailed in the ADB protocol.
>
> Add a workaround to detect this condition at the start of ADB enumeration
> and send the next command written to SR after a ADB_BUSRESET onto the bus
> regardless, even if we don't detect a state transition to ADB_STATE_NEW.
>
> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
> ---
> hw/misc/mac_via.c | 34 ++++++++++++++++++++++++++++++++++
> hw/misc/trace-events | 1 +
> 2 files changed, 35 insertions(+)
>
> diff --git a/hw/misc/mac_via.c b/hw/misc/mac_via.c
> index 766a32a95d..208216aed3 100644
> --- a/hw/misc/mac_via.c
> +++ b/hw/misc/mac_via.c
> @@ -1001,6 +1001,8 @@ static void mos6522_q800_via1_write(void *opaque, hwaddr addr, uint64_t val,
> {
> MOS6522Q800VIA1State *v1s = MOS6522_Q800_VIA1(opaque);
> MOS6522State *ms = MOS6522(v1s);
> + int oldstate, state;
> + int oldsr = ms->sr;
>
> addr = (addr >> 9) & 0xf;
>
> @@ -1016,6 +1018,38 @@ static void mos6522_q800_via1_write(void *opaque, hwaddr addr, uint64_t val,
>
> v1s->last_b = ms->b;
> break;
> +
> + case VIA_REG_SR:
> + {
> + /*
> + * NetBSD assumes it can send its first ADB command after sending
> + * the ADB_BUSRESET command in ADB_STATE_NEW without changing the
> + * state back to ADB_STATE_IDLE first as detailed in the ADB
> + * protocol.
> + *
> + * Add a workaround to detect this condition at the start of ADB
> + * enumeration and send the next command written to SR after a
> + * ADB_BUSRESET onto the bus regardless, even if we don't detect a
> + * state transition to ADB_STATE_NEW.
> + *
> + * Note that in my tests the NetBSD state machine takes one ADB
> + * operation to recover which means the probe for an ADB device at
> + * address 1 always fails. However since the first device is at
> + * address 2 then this will work fine, without having to come up
> + * with a more complicated and invasive solution.
> + */
> + oldstate = (v1s->last_b & VIA1B_vADB_StateMask) >>
> + VIA1B_vADB_StateShift;
> + state = (ms->b & VIA1B_vADB_StateMask) >> VIA1B_vADB_StateShift;
> +
> + if (oldstate == ADB_STATE_NEW && state == ADB_STATE_NEW &&
> + (ms->acr & VIA1ACR_vShiftOut) &&
> + oldsr == 0 /* ADB_BUSRESET */) {
> + trace_via1_adb_netbsd_enum_hack();
> + adb_via_send(v1s, state, ms->sr);
> + }
> + }
> + break;
> }
> }
>
> diff --git a/hw/misc/trace-events b/hw/misc/trace-events
> index 0c9762fdf6..db8bb2d28a 100644
> --- a/hw/misc/trace-events
> +++ b/hw/misc/trace-events
> @@ -271,6 +271,7 @@ via1_rtc_cmd_pram_sect_write(int sector, int offset, int addr, int value) "secto
> via1_adb_send(const char *state, uint8_t data, const char *vadbint) "state %s data=0x%02x vADBInt=%s"
> via1_adb_receive(const char *state, uint8_t data, const char *vadbint, int status, int index, int size) "state %s data=0x%02x vADBInt=%s status=0x%x index=%d size=%d"
> via1_adb_poll(uint8_t data, const char *vadbint, int status, int index, int size) "data=0x%02x vADBInt=%s status=0x%x index=%d size=%d"
> +via1_adb_netbsd_enum_hack(void) "using NetBSD enum hack"
> via1_auxmode(int mode) "setting auxmode to %d"
> via1_timer_hack_state(int state) "setting timer_hack_state to %d"
>
Did you ask NetBSD to fix their code?
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
^ permalink raw reply [flat|nested] 44+ messages in thread
* Re: [PATCH v2 16/20] mac_via: implement ADB_STATE_IDLE state if shift register in input mode
2023-09-09 9:48 ` [PATCH v2 16/20] mac_via: implement ADB_STATE_IDLE state if shift register in input mode Mark Cave-Ayland
@ 2023-09-26 8:05 ` Laurent Vivier
0 siblings, 0 replies; 44+ messages in thread
From: Laurent Vivier @ 2023-09-26 8:05 UTC (permalink / raw)
To: Mark Cave-Ayland, qemu-devel
Le 09/09/2023 à 11:48, Mark Cave-Ayland a écrit :
> NetBSD switches directly to IDLE state without switching the shift register to
> input mode. Duplicate the existing ADB_STATE_IDLE logic in input mode from when
> the shift register is in output mode which allows the ADB autopoll handler to
> handle the response.
>
> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
> ---
> hw/misc/mac_via.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/hw/misc/mac_via.c b/hw/misc/mac_via.c
> index 208216aed3..398e8d1967 100644
> --- a/hw/misc/mac_via.c
> +++ b/hw/misc/mac_via.c
> @@ -702,6 +702,12 @@ static void adb_via_send(MOS6522Q800VIA1State *v1s, int state, uint8_t data)
> break;
>
> case ADB_STATE_IDLE:
> + ms->b |= VIA1B_vADBInt;
> + adb_autopoll_unblock(adb_bus);
> +
> + trace_via1_adb_send("IDLE", data,
> + (ms->b & VIA1B_vADBInt) ? "+" : "-");
> +
> return;
> }
>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
^ permalink raw reply [flat|nested] 44+ messages in thread
* Re: [PATCH v2 17/20] mac_via: always clear ADB interrupt when switching to A/UX mode
2023-09-09 9:48 ` [PATCH v2 17/20] mac_via: always clear ADB interrupt when switching to A/UX mode Mark Cave-Ayland
@ 2023-09-26 8:06 ` Laurent Vivier
0 siblings, 0 replies; 44+ messages in thread
From: Laurent Vivier @ 2023-09-26 8:06 UTC (permalink / raw)
To: Mark Cave-Ayland, qemu-devel
Le 09/09/2023 à 11:48, Mark Cave-Ayland a écrit :
> When the NetBSD kernel initialises it can leave the ADB interrupt asserted
> depending upon where in the ADB poll cycle the MacOS ADB interrupt handler
> is when the NetBSD kernel disables interrupts.
>
> The NetBSD ADB driver uses the ADB interrupt state to determine if the ADB
> is busy and refuses to send ADB commands unless it is clear. To ensure that
> this doesn't happen, always clear the ADB interrupt when switching to A/UX
> mode to ensure that the bus enumeration always occurs.
>
> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
> ---
> hw/misc/mac_via.c | 9 +++++++++
> 1 file changed, 9 insertions(+)
>
> diff --git a/hw/misc/mac_via.c b/hw/misc/mac_via.c
> index 398e8d1967..5d1adf5863 100644
> --- a/hw/misc/mac_via.c
> +++ b/hw/misc/mac_via.c
> @@ -875,6 +875,15 @@ static void via1_auxmode_update(MOS6522Q800VIA1State *v1s)
> if (irq != oldirq) {
> trace_via1_auxmode(irq);
> qemu_set_irq(v1s->auxmode_irq, irq);
> +
> + /*
> + * Clear the ADB interrupt. MacOS can leave VIA1B_vADBInt asserted
> + * (low) if a poll sequence doesn't complete before NetBSD disables
> + * interrupts upon boot. Fortunately NetBSD switches to the so-called
> + * "A/UX" interrupt mode after it initialises, so we can use this as
> + * a convenient place to clear the ADB interrupt for now.
> + */
> + s->b |= VIA1B_vADBInt;
> }
> }
>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
^ permalink raw reply [flat|nested] 44+ messages in thread
* Re: [PATCH v2 18/20] q800: add ESCC alias at 0xc000
2023-09-09 9:48 ` [PATCH v2 18/20] q800: add ESCC alias at 0xc000 Mark Cave-Ayland
@ 2023-09-26 8:06 ` Laurent Vivier
0 siblings, 0 replies; 44+ messages in thread
From: Laurent Vivier @ 2023-09-26 8:06 UTC (permalink / raw)
To: Mark Cave-Ayland, qemu-devel
Le 09/09/2023 à 11:48, Mark Cave-Ayland a écrit :
> Tests on real Q800 hardware show that the ESCC is addressable at multiple locations
> within the ESCC memory region - at least 0xc000, 0xc020 (as expected by the MacOS
> toolbox ROM) and 0xc040.
>
> All released NetBSD kernels before 10 use the 0xc000 address which causes a fatal
> error when running the MacOS booter. Add a single memory region alias at 0xc000
> to enable NetBSD kernels to start booting under QEMU.
>
> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
> ---
> hw/m68k/q800.c | 6 ++++++
> include/hw/m68k/q800.h | 1 +
> 2 files changed, 7 insertions(+)
>
> diff --git a/hw/m68k/q800.c b/hw/m68k/q800.c
> index 5ae7c37760..b5b2cabc33 100644
> --- a/hw/m68k/q800.c
> +++ b/hw/m68k/q800.c
> @@ -451,6 +451,12 @@ static void q800_machine_init(MachineState *machine)
> memory_region_add_subregion(&m->macio, SCC_BASE - IO_BASE,
> sysbus_mmio_get_region(sysbus, 0));
>
> + /* Create alias for NetBSD */
> + memory_region_init_alias(&m->escc_alias, OBJECT(machine), "escc-alias",
> + sysbus_mmio_get_region(sysbus, 0), 0, 0x8);
> + memory_region_add_subregion(&m->macio, SCC_BASE - IO_BASE - 0x20,
> + &m->escc_alias);
> +
> /* SCSI */
>
> object_initialize_child(OBJECT(machine), "esp", &m->esp,
> diff --git a/include/hw/m68k/q800.h b/include/hw/m68k/q800.h
> index fbaacd88bd..348eaf4703 100644
> --- a/include/hw/m68k/q800.h
> +++ b/include/hw/m68k/q800.h
> @@ -67,6 +67,7 @@ struct Q800MachineState {
> MemoryRegion macio;
> MemoryRegion macio_alias;
> MemoryRegion machine_id;
> + MemoryRegion escc_alias;
> };
>
> #define TYPE_Q800_MACHINE MACHINE_TYPE_NAME("q800")
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
^ permalink raw reply [flat|nested] 44+ messages in thread
* Re: [PATCH v2 19/20] q800: add alias for MacOS toolbox ROM at 0x40000000
2023-09-09 9:48 ` [PATCH v2 19/20] q800: add alias for MacOS toolbox ROM at 0x40000000 Mark Cave-Ayland
@ 2023-09-26 8:06 ` Laurent Vivier
0 siblings, 0 replies; 44+ messages in thread
From: Laurent Vivier @ 2023-09-26 8:06 UTC (permalink / raw)
To: Mark Cave-Ayland, qemu-devel
Le 09/09/2023 à 11:48, Mark Cave-Ayland a écrit :
> According to the Apple Quadra 800 Developer Note document, the Quadra 800 ROM
> consists of 2 ROM code sections based at offsets 0x0 and 0x800000. A/UX attempts
> to access the toolbox ROM at the lower offset during startup, so provide a
> memory alias to allow the access to succeed.
>
> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
> ---
> hw/m68k/q800.c | 5 +++++
> include/hw/m68k/q800.h | 1 +
> 2 files changed, 6 insertions(+)
>
> diff --git a/hw/m68k/q800.c b/hw/m68k/q800.c
> index b5b2cabc33..87665c6407 100644
> --- a/hw/m68k/q800.c
> +++ b/hw/m68k/q800.c
> @@ -657,6 +657,11 @@ static void q800_machine_init(MachineState *machine)
> filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name);
> memory_region_add_subregion(get_system_memory(), MACROM_ADDR, &m->rom);
>
> + memory_region_init_alias(&m->rom_alias, NULL, "m68k_mac.rom-alias",
> + &m->rom, 0, MACROM_SIZE);
> + memory_region_add_subregion(get_system_memory(), 0x40000000,
> + &m->rom_alias);
> +
> /* Load MacROM binary */
> if (filename) {
> bios_size = load_image_targphys(filename, MACROM_ADDR, MACROM_SIZE);
> diff --git a/include/hw/m68k/q800.h b/include/hw/m68k/q800.h
> index 348eaf4703..a9661f65f6 100644
> --- a/include/hw/m68k/q800.h
> +++ b/include/hw/m68k/q800.h
> @@ -50,6 +50,7 @@ struct Q800MachineState {
> bool easc;
> M68kCPU cpu;
> MemoryRegion rom;
> + MemoryRegion rom_alias;
> GLUEState glue;
> MOS6522Q800VIA1State via1;
> MOS6522Q800VIA2State via2;
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
^ permalink raw reply [flat|nested] 44+ messages in thread
* Re: [PATCH v2 20/20] mac_via: extend timer calibration hack to work with A/UX
2023-09-09 9:48 ` [PATCH v2 20/20] mac_via: extend timer calibration hack to work with A/UX Mark Cave-Ayland
@ 2023-09-26 8:07 ` Laurent Vivier
0 siblings, 0 replies; 44+ messages in thread
From: Laurent Vivier @ 2023-09-26 8:07 UTC (permalink / raw)
To: Mark Cave-Ayland, qemu-devel
Le 09/09/2023 à 11:48, Mark Cave-Ayland a écrit :
> The A/UX timer calibration loop runs continuously until 2 consecutive iterations
> differ by at least 0x492 timer ticks. Modern hosts execute the timer calibration
> loop so fast that this situation never occurs causing a hang on boot.
>
> Use a similar method to Shoebill which is to randomly add 0x500 to the T2
> counter value during calibration to enable it to eventually succeed.
>
> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
> ---
> hw/misc/mac_via.c | 56 +++++++++++++++++++++++++++++++++++++++++++++++
> 1 file changed, 56 insertions(+)
>
> diff --git a/hw/misc/mac_via.c b/hw/misc/mac_via.c
> index 5d1adf5863..2ce389e435 100644
> --- a/hw/misc/mac_via.c
> +++ b/hw/misc/mac_via.c
> @@ -983,6 +983,44 @@ static void via1_timer_calibration_hack(MOS6522Q800VIA1State *v1s, int addr,
> /* Looks like there has been a reset? */
> v1s->timer_hack_state = 1;
> }
> +
> + if (addr == VIA_REG_T2CL && val == 0xf0) {
> + /* VIA_REG_T2CL: low byte of counter (A/UX) */
> + v1s->timer_hack_state = 5;
> + }
> + break;
> + case 5:
> + if (addr == VIA_REG_T2CH && val == 0x3c) {
> + /*
> + * VIA_REG_T2CH: high byte of counter (A/UX). We are now extremely
> + * likely to be in the A/UX timer calibration routine, so move to
> + * the next state where we enable the calibration hack.
> + */
> + v1s->timer_hack_state = 6;
> + } else if ((addr == VIA_REG_IER && val == 0x20) ||
> + addr == VIA_REG_T2CH) {
> + /* We're doing something else with the timer, not calibration */
> + v1s->timer_hack_state = 0;
> + }
> + break;
> + case 6:
> + if ((addr == VIA_REG_IER && val == 0x20) || addr == VIA_REG_T2CH) {
> + /* End of A/UX timer calibration routine, or another write */
> + v1s->timer_hack_state = 7;
> + } else {
> + v1s->timer_hack_state = 0;
> + }
> + break;
> + case 7:
> + /*
> + * This is the normal post-calibration timer state once both the
> + * MacOS toolbox and A/UX have been calibrated, until we see a write
> + * to VIA_REG_PCR to suggest a reset
> + */
> + if (addr == VIA_REG_PCR && val == 0x22) {
> + /* Looks like there has been a reset? */
> + v1s->timer_hack_state = 1;
> + }
> break;
> default:
> g_assert_not_reached();
> @@ -998,6 +1036,7 @@ static uint64_t mos6522_q800_via1_read(void *opaque, hwaddr addr, unsigned size)
> MOS6522Q800VIA1State *s = MOS6522_Q800_VIA1(opaque);
> MOS6522State *ms = MOS6522(s);
> uint64_t ret;
> + int64_t now;
>
> addr = (addr >> 9) & 0xf;
> ret = mos6522_read(ms, addr, size);
> @@ -1007,6 +1046,23 @@ static uint64_t mos6522_q800_via1_read(void *opaque, hwaddr addr, unsigned size)
> /* Quadra 800 Id */
> ret = (ret & ~VIA1A_CPUID_MASK) | VIA1A_CPUID_Q800;
> break;
> + case VIA_REG_T2CH:
> + if (s->timer_hack_state == 6) {
> + /*
> + * The A/UX timer calibration loop runs continuously until 2
> + * consecutive iterations differ by at least 0x492 timer ticks.
> + * Modern hosts execute the timer calibration loop so fast that
> + * this situation never occurs causing a hang on boot. Use a
> + * similar method to Shoebill which is to randomly add 0x500 to
> + * the T2 counter value during calibration to enable it to
> + * eventually succeed.
> + */
> + now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
> + if (now & 1) {
> + ret += 0x5;
> + }
> + }
> + break;
> }
> return ret;
> }
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
^ permalink raw reply [flat|nested] 44+ messages in thread
* Re: [PATCH v2 12/20] swim: split into separate IWM and ISM register blocks
2023-09-09 9:48 ` [PATCH v2 12/20] swim: split into separate IWM and ISM register blocks Mark Cave-Ayland
@ 2023-09-26 8:09 ` Laurent Vivier
2023-09-28 20:47 ` Mark Cave-Ayland
0 siblings, 1 reply; 44+ messages in thread
From: Laurent Vivier @ 2023-09-26 8:09 UTC (permalink / raw)
To: Mark Cave-Ayland, qemu-devel
Le 09/09/2023 à 11:48, Mark Cave-Ayland a écrit :
> The swim chip provides an implementation of both Apple's IWM and ISM floppy disk
> controllers. Split the existing implementation into separate register banks for
> each controller, whilst also switching the IWM registers from 16-bit to 8-bit
> as implemented in real hardware.
>
> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
> ---
> hw/block/swim.c | 85 ++++++++++++++++++++++++-----------------
> hw/block/trace-events | 4 +-
> include/hw/block/swim.h | 15 +++-----
> 3 files changed, 58 insertions(+), 46 deletions(-)
>
> diff --git a/hw/block/swim.c b/hw/block/swim.c
> index 7df36ea139..735b335883 100644
> --- a/hw/block/swim.c
> +++ b/hw/block/swim.c
> @@ -126,7 +126,14 @@
> #define SWIM_HEDSEL 0x20
> #define SWIM_MOTON 0x80
>
> -static const char *swim_reg_names[] = {
> +static const char *iwm_reg_names[] = {
> + "PH0L", "PH0H", "PH1L", "PH1H",
> + "PH2L", "PH2H", "PH3L", "PH3H",
> + "MTROFF", "MTRON", "INTDRIVE", "EXTDRIVE",
> + "Q6L", "Q6H", "Q7L", "Q7H"
> +};
> +
> +static const char *ism_reg_names[] = {
> "WRITE_DATA", "WRITE_MARK", "WRITE_CRC", "WRITE_PARAMETER",
> "WRITE_PHASE", "WRITE_SETUP", "WRITE_MODE0", "WRITE_MODE1",
> "READ_DATA", "READ_MARK", "READ_ERROR", "READ_PARAMETER",
> @@ -274,12 +281,11 @@ static void iwmctrl_write(void *opaque, hwaddr reg, uint64_t value,
>
> reg >>= REG_SHIFT;
>
> - swimctrl->regs[reg >> 1] = reg & 1;
> - trace_swim_iwmctrl_write((reg >> 1), size, (reg & 1));
> + swimctrl->iwmregs[reg] = value;
> + trace_swim_iwmctrl_write(reg, iwm_reg_names[reg], size, value);
>
> - if (swimctrl->regs[IWM_Q6] &&
> - swimctrl->regs[IWM_Q7]) {
> - if (swimctrl->regs[IWM_MTR]) {
> + if (swimctrl->iwmregs[IWM_Q7H]) {
> + if (swimctrl->iwmregs[IWM_MTRON]) {
> /* data register */
> swimctrl->iwm_data = value;
> } else {
> @@ -307,6 +313,12 @@ static void iwmctrl_write(void *opaque, hwaddr reg, uint64_t value,
> swimctrl->mode = SWIM_MODE_SWIM;
> swimctrl->iwm_switch = 0;
> trace_swim_iwm_switch();
> +
> + /* Switch to ISM registers */
> + memory_region_del_subregion(&swimctrl->swim,
> + &swimctrl->iwm);
> + memory_region_add_subregion(&swimctrl->swim, 0x0,
> + &swimctrl->ism);
> }
> break;
> }
> @@ -317,28 +329,30 @@ static void iwmctrl_write(void *opaque, hwaddr reg, uint64_t value,
> static uint64_t iwmctrl_read(void *opaque, hwaddr reg, unsigned size)
> {
> SWIMCtrl *swimctrl = opaque;
> + uint16_t value;
Why not uint8_t as iwmregs is uint8_t?
>
> reg >>= REG_SHIFT;
>
> - swimctrl->regs[reg >> 1] = reg & 1;
> + value = swimctrl->iwmregs[reg];
> + trace_swim_iwmctrl_read(reg, iwm_reg_names[reg], size, value);
>
> - trace_swim_iwmctrl_read((reg >> 1), size, (reg & 1));
> - return 0;
> + return value;
> }
>
> -static void swimctrl_write(void *opaque, hwaddr reg, uint64_t value,
> - unsigned size)
> +static const MemoryRegionOps swimctrl_iwm_ops = {
> + .write = iwmctrl_write,
> + .read = iwmctrl_read,
> + .endianness = DEVICE_BIG_ENDIAN,
> +};
> +
> +static void ismctrl_write(void *opaque, hwaddr reg, uint64_t value,
> + unsigned size)
> {
> SWIMCtrl *swimctrl = opaque;
>
> - if (swimctrl->mode == SWIM_MODE_IWM) {
> - iwmctrl_write(opaque, reg, value, size);
> - return;
> - }
> -
> reg >>= REG_SHIFT;
>
> - trace_swim_swimctrl_write(reg, swim_reg_names[reg], size, value);
> + trace_swim_swimctrl_write(reg, ism_reg_names[reg], size, value);
>
> switch (reg) {
> case SWIM_WRITE_PHASE:
> @@ -359,15 +373,11 @@ static void swimctrl_write(void *opaque, hwaddr reg, uint64_t value,
> }
> }
>
> -static uint64_t swimctrl_read(void *opaque, hwaddr reg, unsigned size)
> +static uint64_t ismctrl_read(void *opaque, hwaddr reg, unsigned size)
> {
> SWIMCtrl *swimctrl = opaque;
> uint32_t value = 0;
>
> - if (swimctrl->mode == SWIM_MODE_IWM) {
> - return iwmctrl_read(opaque, reg, size);
> - }
> -
> reg >>= REG_SHIFT;
>
> switch (reg) {
> @@ -389,14 +399,14 @@ static uint64_t swimctrl_read(void *opaque, hwaddr reg, unsigned size)
> break;
> }
>
> - trace_swim_swimctrl_read(reg, swim_reg_names[reg], size, value);
> + trace_swim_swimctrl_read(reg, ism_reg_names[reg], size, value);
> return value;
> }
>
> -static const MemoryRegionOps swimctrl_mem_ops = {
> - .write = swimctrl_write,
> - .read = swimctrl_read,
> - .endianness = DEVICE_NATIVE_ENDIAN,
> +static const MemoryRegionOps swimctrl_ism_ops = {
> + .write = ismctrl_write,
> + .read = ismctrl_read,
> + .endianness = DEVICE_BIG_ENDIAN,
> };
>
> static void sysbus_swim_reset(DeviceState *d)
> @@ -407,13 +417,13 @@ static void sysbus_swim_reset(DeviceState *d)
>
> ctrl->mode = 0;
> ctrl->iwm_switch = 0;
> - for (i = 0; i < 8; i++) {
> - ctrl->regs[i] = 0;
> - }
> ctrl->iwm_data = 0;
> ctrl->iwm_mode = 0;
> + memset(ctrl->iwmregs, 0, 16);
> +
> ctrl->swim_phase = 0;
> ctrl->swim_mode = 0;
> + memset(ctrl->ismregs, 0, 16);
> for (i = 0; i < SWIM_MAX_FD; i++) {
> fd_recalibrate(&ctrl->drives[i]);
> }
> @@ -425,9 +435,12 @@ static void sysbus_swim_init(Object *obj)
> Swim *sbs = SWIM(obj);
> SWIMCtrl *swimctrl = &sbs->ctrl;
>
> - memory_region_init_io(&swimctrl->iomem, obj, &swimctrl_mem_ops, swimctrl,
> - "swim", 0x2000);
> - sysbus_init_mmio(sbd, &swimctrl->iomem);
> + memory_region_init(&swimctrl->swim, obj, "swim", 0x2000);
> + memory_region_init_io(&swimctrl->iwm, obj, &swimctrl_iwm_ops, swimctrl,
> + "iwm", 0x2000);
> + memory_region_init_io(&swimctrl->ism, obj, &swimctrl_ism_ops, swimctrl,
> + "ism", 0x2000);
> + sysbus_init_mmio(sbd, &swimctrl->swim);
> }
>
> static void sysbus_swim_realize(DeviceState *dev, Error **errp)
> @@ -437,6 +450,9 @@ static void sysbus_swim_realize(DeviceState *dev, Error **errp)
>
> qbus_init(&swimctrl->bus, sizeof(SWIMBus), TYPE_SWIM_BUS, dev, NULL);
> swimctrl->bus.ctrl = swimctrl;
> +
> + /* Default register set is IWM */
> + memory_region_add_subregion(&swimctrl->swim, 0x0, &swimctrl->iwm);
> }
>
> static const VMStateDescription vmstate_fdrive = {
> @@ -456,10 +472,11 @@ static const VMStateDescription vmstate_swim = {
> VMSTATE_INT32(mode, SWIMCtrl),
> /* IWM mode */
> VMSTATE_INT32(iwm_switch, SWIMCtrl),
> - VMSTATE_UINT16_ARRAY(regs, SWIMCtrl, 8),
> + VMSTATE_UINT8_ARRAY(iwmregs, SWIMCtrl, 16),
> VMSTATE_UINT8(iwm_data, SWIMCtrl),
> VMSTATE_UINT8(iwm_mode, SWIMCtrl),
> /* SWIM mode */
> + VMSTATE_UINT8_ARRAY(ismregs, SWIMCtrl, 16),
> VMSTATE_UINT8(swim_phase, SWIMCtrl),
> VMSTATE_UINT8(swim_mode, SWIMCtrl),
> /* Drives */
> diff --git a/hw/block/trace-events b/hw/block/trace-events
> index c041ec45e3..ea84ad6c77 100644
> --- a/hw/block/trace-events
> +++ b/hw/block/trace-events
> @@ -94,6 +94,6 @@ m25p80_binding_no_bdrv(void *s) "[%p] No BDRV - binding to RAM"
> # swim.c
> swim_swimctrl_read(int reg, const char *name, unsigned size, uint64_t value) "reg=%d [%s] size=%u value=0x%"PRIx64
> swim_swimctrl_write(int reg, const char *name, unsigned size, uint64_t value) "reg=%d [%s] size=%u value=0x%"PRIx64
> -swim_iwmctrl_read(int reg, unsigned size, uint64_t value) "reg=%d size=%u value=0x%"PRIx64
> -swim_iwmctrl_write(int reg, unsigned size, uint64_t value) "reg=%d size=%u value=0x%"PRIx64
> +swim_iwmctrl_read(int reg, const char *name, unsigned size, uint64_t value) "reg=%d [%s] size=%u value=0x%"PRIx64
> +swim_iwmctrl_write(int reg, const char *name, unsigned size, uint64_t value) "reg=%d [%s] size=%u value=0x%"PRIx64
> swim_iwm_switch(void) "switch from IWM to SWIM mode"
> diff --git a/include/hw/block/swim.h b/include/hw/block/swim.h
> index 9b3dcb029d..1bc7635d02 100644
> --- a/include/hw/block/swim.h
> +++ b/include/hw/block/swim.h
> @@ -43,23 +43,18 @@ typedef struct FDrive {
> } FDrive;
>
> struct SWIMCtrl {
> - MemoryRegion iomem;
> + MemoryRegion swim;
> + MemoryRegion iwm;
> + MemoryRegion ism;
> FDrive drives[SWIM_MAX_FD];
> int mode;
> /* IWM mode */
> int iwm_switch;
> - uint16_t regs[8];
> -#define IWM_PH0 0
> -#define IWM_PH1 1
> -#define IWM_PH2 2
> -#define IWM_PH3 3
> -#define IWM_MTR 4
> -#define IWM_DRIVE 5
> -#define IWM_Q6 6
> -#define IWM_Q7 7
> + uint8_t iwmregs[16];
> uint8_t iwm_data;
> uint8_t iwm_mode;
> /* SWIM mode */
> + uint8_t ismregs[16];
> uint8_t swim_phase;
> uint8_t swim_mode;
> SWIMBus bus;
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
^ permalink raw reply [flat|nested] 44+ messages in thread
* Re: [PATCH v2 13/20] swim: update IWM/ISM register block decoding
2023-09-09 9:48 ` [PATCH v2 13/20] swim: update IWM/ISM register block decoding Mark Cave-Ayland
@ 2023-09-26 8:10 ` Laurent Vivier
0 siblings, 0 replies; 44+ messages in thread
From: Laurent Vivier @ 2023-09-26 8:10 UTC (permalink / raw)
To: Mark Cave-Ayland, qemu-devel
Le 09/09/2023 à 11:48, Mark Cave-Ayland a écrit :
> Update the IWM/ISM register block decoding to match the description given in the
> "SWIM Chip Users Reference". This allows us to validate the device response to
> the guest OS which currently only does just enough to indicate that the floppy
> drive is unavailable.
>
> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
> ---
> hw/block/swim.c | 212 +++++++++++++++++++++++++---------------
> hw/block/trace-events | 7 +-
> include/hw/block/swim.h | 8 +-
> 3 files changed, 143 insertions(+), 84 deletions(-)
>
> diff --git a/hw/block/swim.c b/hw/block/swim.c
> index 735b335883..fd65c59f8a 100644
> --- a/hw/block/swim.c
> +++ b/hw/block/swim.c
> @@ -21,24 +21,28 @@
> #include "hw/qdev-properties.h"
> #include "trace.h"
>
> +
> +/* IWM latch bits */
> +
> +#define IWMLB_PHASE0 0
> +#define IWMLB_PHASE1 1
> +#define IWMLB_PHASE2 2
> +#define IWMLB_PHASE3 3
> +#define IWMLB_MOTORON 4
> +#define IWMLB_DRIVESEL 5
> +#define IWMLB_L6 6
> +#define IWMLB_L7 7
> +
> /* IWM registers */
>
> -#define IWM_PH0L 0
> -#define IWM_PH0H 1
> -#define IWM_PH1L 2
> -#define IWM_PH1H 3
> -#define IWM_PH2L 4
> -#define IWM_PH2H 5
> -#define IWM_PH3L 6
> -#define IWM_PH3H 7
> -#define IWM_MTROFF 8
> -#define IWM_MTRON 9
> -#define IWM_INTDRIVE 10
> -#define IWM_EXTDRIVE 11
> -#define IWM_Q6L 12
> -#define IWM_Q6H 13
> -#define IWM_Q7L 14
> -#define IWM_Q7H 15
> +#define IWM_READALLONES 0
> +#define IWM_READDATA 1
> +#define IWM_READSTATUS0 2
> +#define IWM_READSTATUS1 3
> +#define IWM_READWHANDSHAKE0 4
> +#define IWM_READWHANDSHAKE1 5
> +#define IWM_WRITESETMODE 6
> +#define IWM_WRITEDATA 7
>
> /* SWIM registers */
>
> @@ -62,8 +66,9 @@
>
> #define REG_SHIFT 9
>
> -#define SWIM_MODE_IWM 0
> -#define SWIM_MODE_SWIM 1
> +#define SWIM_MODE_STATUS_BIT 6
> +#define SWIM_MODE_IWM 0
> +#define SWIM_MODE_ISM 1
>
> /* bits in phase register */
>
> @@ -127,10 +132,8 @@
> #define SWIM_MOTON 0x80
>
> static const char *iwm_reg_names[] = {
> - "PH0L", "PH0H", "PH1L", "PH1H",
> - "PH2L", "PH2H", "PH3L", "PH3H",
> - "MTROFF", "MTRON", "INTDRIVE", "EXTDRIVE",
> - "Q6L", "Q6H", "Q7L", "Q7H"
> + "READALLONES", "READDATA", "READSTATUS0", "READSTATUS1",
> + "READWHANDSHAKE0", "READWHANDSHAKE1", "WRITESETMODE", "WRITEDATA"
> };
>
> static const char *ism_reg_names[] = {
> @@ -274,68 +277,99 @@ static const TypeInfo swim_bus_info = {
> .instance_size = sizeof(SWIMBus),
> };
>
> -static void iwmctrl_write(void *opaque, hwaddr reg, uint64_t value,
> +static void iwmctrl_write(void *opaque, hwaddr addr, uint64_t value,
> unsigned size)
> {
> SWIMCtrl *swimctrl = opaque;
> + uint8_t latch, reg, ism_bit;
>
> - reg >>= REG_SHIFT;
> + addr >>= REG_SHIFT;
> +
> + /* A3-A1 select a latch, A0 specifies the value */
> + latch = (addr >> 1) & 7;
> + if (addr & 1) {
> + swimctrl->iwm_latches |= (1 << latch);
> + } else {
> + swimctrl->iwm_latches &= ~(1 << latch);
> + }
> +
> + reg = (swimctrl->iwm_latches & 0xc0) >> 5 |
> + (swimctrl->iwm_latches & 0x10) >> 4;
>
> swimctrl->iwmregs[reg] = value;
> trace_swim_iwmctrl_write(reg, iwm_reg_names[reg], size, value);
>
> - if (swimctrl->iwmregs[IWM_Q7H]) {
> - if (swimctrl->iwmregs[IWM_MTRON]) {
> - /* data register */
> - swimctrl->iwm_data = value;
> - } else {
> - /* mode register */
> - swimctrl->iwm_mode = value;
> - /* detect sequence to switch from IWM mode to SWIM mode */
> - switch (swimctrl->iwm_switch) {
> - case 0:
> - if (value == 0x57) {
> - swimctrl->iwm_switch++;
> - }
> - break;
> - case 1:
> - if (value == 0x17) {
> - swimctrl->iwm_switch++;
> - }
> - break;
> - case 2:
> - if (value == 0x57) {
> - swimctrl->iwm_switch++;
> - }
> - break;
> - case 3:
> - if (value == 0x57) {
> - swimctrl->mode = SWIM_MODE_SWIM;
> - swimctrl->iwm_switch = 0;
> - trace_swim_iwm_switch();
> -
> - /* Switch to ISM registers */
> - memory_region_del_subregion(&swimctrl->swim,
> - &swimctrl->iwm);
> - memory_region_add_subregion(&swimctrl->swim, 0x0,
> - &swimctrl->ism);
> - }
> - break;
> + switch (reg) {
> + case IWM_WRITESETMODE:
> + /* detect sequence to switch from IWM mode to SWIM mode */
> + ism_bit = (value & (1 << SWIM_MODE_STATUS_BIT));
> +
> + switch (swimctrl->iwm_switch) {
> + case 0:
> + if (ism_bit) { /* 1 */
> + swimctrl->iwm_switch++;
> + }
> + break;
> + case 1:
> + if (!ism_bit) { /* 0 */
> + swimctrl->iwm_switch++;
> + }
> + break;
> + case 2:
> + if (ism_bit) { /* 1 */
> + swimctrl->iwm_switch++;
> }
> + break;
> + case 3:
> + if (ism_bit) { /* 1 */
> + swimctrl->iwm_switch++;
> +
> + swimctrl->mode = SWIM_MODE_ISM;
> + swimctrl->swim_mode |= (1 << SWIM_MODE_STATUS_BIT);
> + swimctrl->iwm_switch = 0;
> + trace_swim_switch_to_ism();
> +
> + /* Switch to ISM registers */
> + memory_region_del_subregion(&swimctrl->swim, &swimctrl->iwm);
> + memory_region_add_subregion(&swimctrl->swim, 0x0,
> + &swimctrl->ism);
> + }
> + break;
> }
> + break;
> + default:
> + break;
> }
> }
>
> -static uint64_t iwmctrl_read(void *opaque, hwaddr reg, unsigned size)
> +static uint64_t iwmctrl_read(void *opaque, hwaddr addr, unsigned size)
> {
> SWIMCtrl *swimctrl = opaque;
> - uint16_t value;
> + uint8_t latch, reg, value;
>
> - reg >>= REG_SHIFT;
> + addr >>= REG_SHIFT;
>
> - value = swimctrl->iwmregs[reg];
> - trace_swim_iwmctrl_read(reg, iwm_reg_names[reg], size, value);
> + /* A3-A1 select a latch, A0 specifies the value */
> + latch = (addr >> 1) & 7;
> + if (addr & 1) {
> + swimctrl->iwm_latches |= (1 << latch);
> + } else {
> + swimctrl->iwm_latches &= ~(1 << latch);
> + }
> +
> + reg = (swimctrl->iwm_latches & 0xc0) >> 5 |
> + (swimctrl->iwm_latches & 0x10) >> 4;
> +
> + switch (reg) {
> + case IWM_READALLONES:
> + value = 0xff;
> + break;
> + default:
> + value = 0;
> + break;
> + }
>
> + trace_swim_iwmctrl_read(reg, iwm_reg_names[reg], size, value);
> return value;
> }
>
> @@ -352,7 +386,7 @@ static void ismctrl_write(void *opaque, hwaddr reg, uint64_t value,
>
> reg >>= REG_SHIFT;
>
> - trace_swim_swimctrl_write(reg, ism_reg_names[reg], size, value);
> + trace_swim_ismctrl_write(reg, ism_reg_names[reg], size, value);
>
> switch (reg) {
> case SWIM_WRITE_PHASE:
> @@ -360,14 +394,31 @@ static void ismctrl_write(void *opaque, hwaddr reg, uint64_t value,
> break;
> case SWIM_WRITE_MODE0:
> swimctrl->swim_mode &= ~value;
> + /* Any access to MODE0 register resets PRAM index */
> + swimctrl->pram_idx = 0;
> +
> + if (!(swimctrl->swim_mode & (1 << SWIM_MODE_STATUS_BIT))) {
> + /* Clearing the mode bit switches to IWM mode */
> + swimctrl->mode = SWIM_MODE_IWM;
> + swimctrl->iwm_latches = 0;
> + trace_swim_switch_to_iwm();
> +
> + /* Switch to IWM registers */
> + memory_region_del_subregion(&swimctrl->swim, &swimctrl->ism);
> + memory_region_add_subregion(&swimctrl->swim, 0x0,
> + &swimctrl->iwm);
> + }
> break;
> case SWIM_WRITE_MODE1:
> swimctrl->swim_mode |= value;
> break;
> + case SWIM_WRITE_PARAMETER:
> + swimctrl->pram[swimctrl->pram_idx++] = value;
> + swimctrl->pram_idx &= 0xf;
> + break;
> case SWIM_WRITE_DATA:
> case SWIM_WRITE_MARK:
> case SWIM_WRITE_CRC:
> - case SWIM_WRITE_PARAMETER:
> case SWIM_WRITE_SETUP:
> break;
> }
> @@ -390,16 +441,24 @@ static uint64_t ismctrl_read(void *opaque, hwaddr reg, unsigned size)
> value = SWIM_SENSE;
> }
> break;
> + case SWIM_READ_PARAMETER:
> + value = swimctrl->pram[swimctrl->pram_idx++];
> + swimctrl->pram_idx &= 0xf;
> + break;
> + case SWIM_READ_STATUS:
> + value = swimctrl->swim_status & ~(1 << SWIM_MODE_STATUS_BIT);
> + if (swimctrl->swim_mode == SWIM_MODE_ISM) {
> + value |= (1 << SWIM_MODE_STATUS_BIT);
> + }
> + break;
> case SWIM_READ_DATA:
> case SWIM_READ_MARK:
> case SWIM_READ_ERROR:
> - case SWIM_READ_PARAMETER:
> case SWIM_READ_SETUP:
> - case SWIM_READ_STATUS:
> break;
> }
>
> - trace_swim_swimctrl_read(reg, ism_reg_names[reg], size, value);
> + trace_swim_ismctrl_read(reg, ism_reg_names[reg], size, value);
> return value;
> }
>
> @@ -417,13 +476,11 @@ static void sysbus_swim_reset(DeviceState *d)
>
> ctrl->mode = 0;
> ctrl->iwm_switch = 0;
> - ctrl->iwm_data = 0;
> - ctrl->iwm_mode = 0;
> - memset(ctrl->iwmregs, 0, 16);
> + memset(ctrl->iwmregs, 0, sizeof(ctrl->iwmregs));
>
> ctrl->swim_phase = 0;
> ctrl->swim_mode = 0;
> - memset(ctrl->ismregs, 0, 16);
> + memset(ctrl->ismregs, 0, sizeof(ctrl->ismregs));
> for (i = 0; i < SWIM_MAX_FD; i++) {
> fd_recalibrate(&ctrl->drives[i]);
> }
> @@ -472,9 +529,8 @@ static const VMStateDescription vmstate_swim = {
> VMSTATE_INT32(mode, SWIMCtrl),
> /* IWM mode */
> VMSTATE_INT32(iwm_switch, SWIMCtrl),
> - VMSTATE_UINT8_ARRAY(iwmregs, SWIMCtrl, 16),
> - VMSTATE_UINT8(iwm_data, SWIMCtrl),
> - VMSTATE_UINT8(iwm_mode, SWIMCtrl),
> + VMSTATE_UINT8(iwm_latches, SWIMCtrl),
> + VMSTATE_UINT8_ARRAY(iwmregs, SWIMCtrl, 8),
> /* SWIM mode */
> VMSTATE_UINT8_ARRAY(ismregs, SWIMCtrl, 16),
> VMSTATE_UINT8(swim_phase, SWIMCtrl),
> diff --git a/hw/block/trace-events b/hw/block/trace-events
> index ea84ad6c77..bab21d3a1c 100644
> --- a/hw/block/trace-events
> +++ b/hw/block/trace-events
> @@ -92,8 +92,9 @@ m25p80_binding(void *s) "[%p] Binding to IF_MTD drive"
> m25p80_binding_no_bdrv(void *s) "[%p] No BDRV - binding to RAM"
>
> # swim.c
> -swim_swimctrl_read(int reg, const char *name, unsigned size, uint64_t value) "reg=%d [%s] size=%u value=0x%"PRIx64
> -swim_swimctrl_write(int reg, const char *name, unsigned size, uint64_t value) "reg=%d [%s] size=%u value=0x%"PRIx64
> +swim_ismctrl_read(int reg, const char *name, unsigned size, uint64_t value) "reg=%d [%s] size=%u value=0x%"PRIx64
> +swim_ismctrl_write(int reg, const char *name, unsigned size, uint64_t value) "reg=%d [%s] size=%u value=0x%"PRIx64
> swim_iwmctrl_read(int reg, const char *name, unsigned size, uint64_t value) "reg=%d [%s] size=%u value=0x%"PRIx64
> swim_iwmctrl_write(int reg, const char *name, unsigned size, uint64_t value) "reg=%d [%s] size=%u value=0x%"PRIx64
> -swim_iwm_switch(void) "switch from IWM to SWIM mode"
> +swim_switch_to_ism(void) "switch from IWM to ISM mode"
> +swim_switch_to_iwm(void) "switch from ISM to IWM mode"
> diff --git a/include/hw/block/swim.h b/include/hw/block/swim.h
> index 1bc7635d02..5f567e8d59 100644
> --- a/include/hw/block/swim.h
> +++ b/include/hw/block/swim.h
> @@ -50,13 +50,15 @@ struct SWIMCtrl {
> int mode;
> /* IWM mode */
> int iwm_switch;
> - uint8_t iwmregs[16];
> - uint8_t iwm_data;
> - uint8_t iwm_mode;
> + uint8_t iwm_latches;
> + uint8_t iwmregs[8];
> /* SWIM mode */
> uint8_t ismregs[16];
> uint8_t swim_phase;
> uint8_t swim_mode;
> + uint8_t swim_status;
> + uint8_t pram[16];
> + uint8_t pram_idx;
> SWIMBus bus;
> };
>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
^ permalink raw reply [flat|nested] 44+ messages in thread
* Re: [PATCH v2 08/20] asc: generate silence if FIFO empty but engine still running
2023-09-25 17:19 ` Laurent Vivier
@ 2023-09-28 20:40 ` Mark Cave-Ayland
0 siblings, 0 replies; 44+ messages in thread
From: Mark Cave-Ayland @ 2023-09-28 20:40 UTC (permalink / raw)
To: Laurent Vivier, qemu-devel
On 25/09/2023 18:19, Laurent Vivier wrote:
> Le 09/09/2023 à 11:48, Mark Cave-Ayland a écrit :
>> MacOS (un)helpfully leaves the FIFO engine running even when all the samples have
>> been written to the hardware, and expects the FIFO status flags and IRQ to be
>> updated continuously.
>>
>> There is an additional problem in that not all audio backends guarantee an
>> all-zero output when there is no FIFO data available, in particular the Windows
>> dsound backend which re-uses its internal circular buffer causing the last played
>> sound to loop indefinitely.
>>
>> Whilst this is effectively a bug in the Windows dsound backend, work around it
>> for now using a simple heuristic: if the FIFO remains empty for half a cycle
>> (~23ms) then continuously fill the generated buffer with empty silence.
>>
>> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
>> ---
>> hw/audio/asc.c | 19 +++++++++++++++++++
>> include/hw/audio/asc.h | 2 ++
>> 2 files changed, 21 insertions(+)
>>
>> diff --git a/hw/audio/asc.c b/hw/audio/asc.c
>> index 336ace0cd6..b01b285512 100644
>> --- a/hw/audio/asc.c
>> +++ b/hw/audio/asc.c
>> @@ -334,6 +334,21 @@ static void asc_out_cb(void *opaque, int free_b)
>> }
>> if (!generated) {
>> + /* Workaround for audio underflow bug on Windows dsound backend */
>> + int64_t now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
>> + int silent_samples = muldiv64(now - s->fifo_empty_ns,
>> + NANOSECONDS_PER_SECOND, ASC_FREQ);
>> +
>> + if (silent_samples > ASC_FIFO_CYCLE_TIME / 2) {
>> + /*
>> + * No new FIFO data within half a cycle time (~23ms) so fill the
>> + * entire available buffer with silence. This prevents an issue
>> + * with the Windows dsound backend whereby the sound appears to
>> + * loop because the FIFO has run out of data, and the driver
>> + * reuses the stale content in its circular audio buffer.
>> + */
>> + AUD_write(s->voice, s->silentbuf, samples << s->shift);
>> + }
>> return;
>> }
>> @@ -611,6 +626,7 @@ static void asc_unrealize(DeviceState *dev)
>> ASCState *s = ASC(dev);
>> g_free(s->mixbuf);
>> + g_free(s->silentbuf);
>> AUD_remove_card(&s->card);
>> }
>> @@ -633,6 +649,9 @@ static void asc_realize(DeviceState *dev, Error **errp)
>> s->samples = AUD_get_buffer_size_out(s->voice) >> s->shift;
>> s->mixbuf = g_malloc0(s->samples << s->shift);
>> + s->silentbuf = g_malloc0(s->samples << s->shift);
>> + memset(s->silentbuf, 0x80, s->samples << s->shift);
>> +
>> /* Add easc registers if required */
>> if (s->type == ASC_TYPE_EASC) {
>> memory_region_add_subregion(&s->asc, ASC_EXTREG_OFFSET,
>> diff --git a/include/hw/audio/asc.h b/include/hw/audio/asc.h
>> index d9412815c3..4741f92c46 100644
>> --- a/include/hw/audio/asc.h
>> +++ b/include/hw/audio/asc.h
>> @@ -68,6 +68,8 @@ struct ASCState {
>> int samples;
>> int shift;
>> + uint8_t *silentbuf;
>> +
>> /* Time when we were last able to generate samples */
>> int64_t fifo_empty_ns;
>
> If it's specific to Windows why not using "#if defined(CONFIG_WIN32) &&
> defined(CONFIG_AUDIO_DSOUND)" to clearly identify this piece of code as specific to a
> windows bug with dsound?
Basically when the FIFO is left running constantly (i.e. the frontend is always
generating samples regardless of whether there is data), we are relying on undefined
behaviour when there is underflow in these cases. It just so happens that Windows is
one of the more popular platforms for Mac emulation and that happens to use a
circular buffer which is why the audio artifacts exist - but side-effects can
potentially occur on any audio backend.
> Anyway, code looks good:
>
> Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Thanks!
ATB,
Mark.
^ permalink raw reply [flat|nested] 44+ messages in thread
* Re: [PATCH v2 15/20] mac_via: workaround NetBSD ADB bus enumeration issue
2023-09-26 8:04 ` Laurent Vivier
@ 2023-09-28 20:45 ` Mark Cave-Ayland
0 siblings, 0 replies; 44+ messages in thread
From: Mark Cave-Ayland @ 2023-09-28 20:45 UTC (permalink / raw)
To: Laurent Vivier, qemu-devel
On 26/09/2023 09:04, Laurent Vivier wrote:
> Le 09/09/2023 à 11:48, Mark Cave-Ayland a écrit :
>> NetBSD assumes it can send its first ADB command after sending the ADB_BUSRESET
>> command in ADB_STATE_NEW without changing the state back to ADB_STATE_IDLE
>> first as detailed in the ADB protocol.
>>
>> Add a workaround to detect this condition at the start of ADB enumeration
>> and send the next command written to SR after a ADB_BUSRESET onto the bus
>> regardless, even if we don't detect a state transition to ADB_STATE_NEW.
>>
>> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
>> ---
>> hw/misc/mac_via.c | 34 ++++++++++++++++++++++++++++++++++
>> hw/misc/trace-events | 1 +
>> 2 files changed, 35 insertions(+)
>>
>> diff --git a/hw/misc/mac_via.c b/hw/misc/mac_via.c
>> index 766a32a95d..208216aed3 100644
>> --- a/hw/misc/mac_via.c
>> +++ b/hw/misc/mac_via.c
>> @@ -1001,6 +1001,8 @@ static void mos6522_q800_via1_write(void *opaque, hwaddr
>> addr, uint64_t val,
>> {
>> MOS6522Q800VIA1State *v1s = MOS6522_Q800_VIA1(opaque);
>> MOS6522State *ms = MOS6522(v1s);
>> + int oldstate, state;
>> + int oldsr = ms->sr;
>> addr = (addr >> 9) & 0xf;
>> @@ -1016,6 +1018,38 @@ static void mos6522_q800_via1_write(void *opaque, hwaddr
>> addr, uint64_t val,
>> v1s->last_b = ms->b;
>> break;
>> +
>> + case VIA_REG_SR:
>> + {
>> + /*
>> + * NetBSD assumes it can send its first ADB command after sending
>> + * the ADB_BUSRESET command in ADB_STATE_NEW without changing the
>> + * state back to ADB_STATE_IDLE first as detailed in the ADB
>> + * protocol.
>> + *
>> + * Add a workaround to detect this condition at the start of ADB
>> + * enumeration and send the next command written to SR after a
>> + * ADB_BUSRESET onto the bus regardless, even if we don't detect a
>> + * state transition to ADB_STATE_NEW.
>> + *
>> + * Note that in my tests the NetBSD state machine takes one ADB
>> + * operation to recover which means the probe for an ADB device at
>> + * address 1 always fails. However since the first device is at
>> + * address 2 then this will work fine, without having to come up
>> + * with a more complicated and invasive solution.
>> + */
>> + oldstate = (v1s->last_b & VIA1B_vADB_StateMask) >>
>> + VIA1B_vADB_StateShift;
>> + state = (ms->b & VIA1B_vADB_StateMask) >> VIA1B_vADB_StateShift;
>> +
>> + if (oldstate == ADB_STATE_NEW && state == ADB_STATE_NEW &&
>> + (ms->acr & VIA1ACR_vShiftOut) &&
>> + oldsr == 0 /* ADB_BUSRESET */) {
>> + trace_via1_adb_netbsd_enum_hack();
>> + adb_via_send(v1s, state, ms->sr);
>> + }
>> + }
>> + break;
>> }
>> }
>> diff --git a/hw/misc/trace-events b/hw/misc/trace-events
>> index 0c9762fdf6..db8bb2d28a 100644
>> --- a/hw/misc/trace-events
>> +++ b/hw/misc/trace-events
>> @@ -271,6 +271,7 @@ via1_rtc_cmd_pram_sect_write(int sector, int offset, int addr,
>> int value) "secto
>> via1_adb_send(const char *state, uint8_t data, const char *vadbint) "state %s
>> data=0x%02x vADBInt=%s"
>> via1_adb_receive(const char *state, uint8_t data, const char *vadbint, int
>> status, int index, int size) "state %s data=0x%02x vADBInt=%s status=0x%x index=%d
>> size=%d"
>> via1_adb_poll(uint8_t data, const char *vadbint, int status, int index, int size)
>> "data=0x%02x vADBInt=%s status=0x%x index=%d size=%d"
>> +via1_adb_netbsd_enum_hack(void) "using NetBSD enum hack"
>> via1_auxmode(int mode) "setting auxmode to %d"
>> via1_timer_hack_state(int state) "setting timer_hack_state to %d"
>
> Did you ask NetBSD to fix their code?
Not yet. I'm fairly sure this is one of those undocumented behaviour edge cases which
happens to work since the introduction of an MCU to interface onto the ADB bus. It
may be that the MCU detects the incorrect write sequence and manages the bus reset on
behalf of the host for some invalid sequences, but I don't have a way to easily find
this out unfortunately.
> Reviewed-by: Laurent Vivier <laurent@vivier.eu>
ATB,
Mark.
^ permalink raw reply [flat|nested] 44+ messages in thread
* Re: [PATCH v2 12/20] swim: split into separate IWM and ISM register blocks
2023-09-26 8:09 ` Laurent Vivier
@ 2023-09-28 20:47 ` Mark Cave-Ayland
0 siblings, 0 replies; 44+ messages in thread
From: Mark Cave-Ayland @ 2023-09-28 20:47 UTC (permalink / raw)
To: Laurent Vivier, qemu-devel
On 26/09/2023 09:09, Laurent Vivier wrote:
> Le 09/09/2023 à 11:48, Mark Cave-Ayland a écrit :
>> The swim chip provides an implementation of both Apple's IWM and ISM floppy disk
>> controllers. Split the existing implementation into separate register banks for
>> each controller, whilst also switching the IWM registers from 16-bit to 8-bit
>> as implemented in real hardware.
>>
>> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
>> ---
>> hw/block/swim.c | 85 ++++++++++++++++++++++++-----------------
>> hw/block/trace-events | 4 +-
>> include/hw/block/swim.h | 15 +++-----
>> 3 files changed, 58 insertions(+), 46 deletions(-)
>>
>> diff --git a/hw/block/swim.c b/hw/block/swim.c
>> index 7df36ea139..735b335883 100644
>> --- a/hw/block/swim.c
>> +++ b/hw/block/swim.c
>> @@ -126,7 +126,14 @@
>> #define SWIM_HEDSEL 0x20
>> #define SWIM_MOTON 0x80
>> -static const char *swim_reg_names[] = {
>> +static const char *iwm_reg_names[] = {
>> + "PH0L", "PH0H", "PH1L", "PH1H",
>> + "PH2L", "PH2H", "PH3L", "PH3H",
>> + "MTROFF", "MTRON", "INTDRIVE", "EXTDRIVE",
>> + "Q6L", "Q6H", "Q7L", "Q7H"
>> +};
>> +
>> +static const char *ism_reg_names[] = {
>> "WRITE_DATA", "WRITE_MARK", "WRITE_CRC", "WRITE_PARAMETER",
>> "WRITE_PHASE", "WRITE_SETUP", "WRITE_MODE0", "WRITE_MODE1",
>> "READ_DATA", "READ_MARK", "READ_ERROR", "READ_PARAMETER",
>> @@ -274,12 +281,11 @@ static void iwmctrl_write(void *opaque, hwaddr reg, uint64_t
>> value,
>> reg >>= REG_SHIFT;
>> - swimctrl->regs[reg >> 1] = reg & 1;
>> - trace_swim_iwmctrl_write((reg >> 1), size, (reg & 1));
>> + swimctrl->iwmregs[reg] = value;
>> + trace_swim_iwmctrl_write(reg, iwm_reg_names[reg], size, value);
>> - if (swimctrl->regs[IWM_Q6] &&
>> - swimctrl->regs[IWM_Q7]) {
>> - if (swimctrl->regs[IWM_MTR]) {
>> + if (swimctrl->iwmregs[IWM_Q7H]) {
>> + if (swimctrl->iwmregs[IWM_MTRON]) {
>> /* data register */
>> swimctrl->iwm_data = value;
>> } else {
>> @@ -307,6 +313,12 @@ static void iwmctrl_write(void *opaque, hwaddr reg, uint64_t
>> value,
>> swimctrl->mode = SWIM_MODE_SWIM;
>> swimctrl->iwm_switch = 0;
>> trace_swim_iwm_switch();
>> +
>> + /* Switch to ISM registers */
>> + memory_region_del_subregion(&swimctrl->swim,
>> + &swimctrl->iwm);
>> + memory_region_add_subregion(&swimctrl->swim, 0x0,
>> + &swimctrl->ism);
>> }
>> break;
>> }
>> @@ -317,28 +329,30 @@ static void iwmctrl_write(void *opaque, hwaddr reg, uint64_t
>> value,
>> static uint64_t iwmctrl_read(void *opaque, hwaddr reg, unsigned size)
>> {
>> SWIMCtrl *swimctrl = opaque;
>> + uint16_t value;
>
> Why not uint8_t as iwmregs is uint8_t?
Ah it's probably just an accidental leftover from the old code that used uint16_t.
I'll update this in the next revision.
>> reg >>= REG_SHIFT;
>> - swimctrl->regs[reg >> 1] = reg & 1;
>> + value = swimctrl->iwmregs[reg];
>> + trace_swim_iwmctrl_read(reg, iwm_reg_names[reg], size, value);
>> - trace_swim_iwmctrl_read((reg >> 1), size, (reg & 1));
>> - return 0;
>> + return value;
>> }
>> -static void swimctrl_write(void *opaque, hwaddr reg, uint64_t value,
>> - unsigned size)
>> +static const MemoryRegionOps swimctrl_iwm_ops = {
>> + .write = iwmctrl_write,
>> + .read = iwmctrl_read,
>> + .endianness = DEVICE_BIG_ENDIAN,
>> +};
>> +
>> +static void ismctrl_write(void *opaque, hwaddr reg, uint64_t value,
>> + unsigned size)
>> {
>> SWIMCtrl *swimctrl = opaque;
>> - if (swimctrl->mode == SWIM_MODE_IWM) {
>> - iwmctrl_write(opaque, reg, value, size);
>> - return;
>> - }
>> -
>> reg >>= REG_SHIFT;
>> - trace_swim_swimctrl_write(reg, swim_reg_names[reg], size, value);
>> + trace_swim_swimctrl_write(reg, ism_reg_names[reg], size, value);
>> switch (reg) {
>> case SWIM_WRITE_PHASE:
>> @@ -359,15 +373,11 @@ static void swimctrl_write(void *opaque, hwaddr reg, uint64_t
>> value,
>> }
>> }
>> -static uint64_t swimctrl_read(void *opaque, hwaddr reg, unsigned size)
>> +static uint64_t ismctrl_read(void *opaque, hwaddr reg, unsigned size)
>> {
>> SWIMCtrl *swimctrl = opaque;
>> uint32_t value = 0;
>> - if (swimctrl->mode == SWIM_MODE_IWM) {
>> - return iwmctrl_read(opaque, reg, size);
>> - }
>> -
>> reg >>= REG_SHIFT;
>> switch (reg) {
>> @@ -389,14 +399,14 @@ static uint64_t swimctrl_read(void *opaque, hwaddr reg,
>> unsigned size)
>> break;
>> }
>> - trace_swim_swimctrl_read(reg, swim_reg_names[reg], size, value);
>> + trace_swim_swimctrl_read(reg, ism_reg_names[reg], size, value);
>> return value;
>> }
>> -static const MemoryRegionOps swimctrl_mem_ops = {
>> - .write = swimctrl_write,
>> - .read = swimctrl_read,
>> - .endianness = DEVICE_NATIVE_ENDIAN,
>> +static const MemoryRegionOps swimctrl_ism_ops = {
>> + .write = ismctrl_write,
>> + .read = ismctrl_read,
>> + .endianness = DEVICE_BIG_ENDIAN,
>> };
>> static void sysbus_swim_reset(DeviceState *d)
>> @@ -407,13 +417,13 @@ static void sysbus_swim_reset(DeviceState *d)
>> ctrl->mode = 0;
>> ctrl->iwm_switch = 0;
>> - for (i = 0; i < 8; i++) {
>> - ctrl->regs[i] = 0;
>> - }
>> ctrl->iwm_data = 0;
>> ctrl->iwm_mode = 0;
>> + memset(ctrl->iwmregs, 0, 16);
>> +
>> ctrl->swim_phase = 0;
>> ctrl->swim_mode = 0;
>> + memset(ctrl->ismregs, 0, 16);
>> for (i = 0; i < SWIM_MAX_FD; i++) {
>> fd_recalibrate(&ctrl->drives[i]);
>> }
>> @@ -425,9 +435,12 @@ static void sysbus_swim_init(Object *obj)
>> Swim *sbs = SWIM(obj);
>> SWIMCtrl *swimctrl = &sbs->ctrl;
>> - memory_region_init_io(&swimctrl->iomem, obj, &swimctrl_mem_ops, swimctrl,
>> - "swim", 0x2000);
>> - sysbus_init_mmio(sbd, &swimctrl->iomem);
>> + memory_region_init(&swimctrl->swim, obj, "swim", 0x2000);
>> + memory_region_init_io(&swimctrl->iwm, obj, &swimctrl_iwm_ops, swimctrl,
>> + "iwm", 0x2000);
>> + memory_region_init_io(&swimctrl->ism, obj, &swimctrl_ism_ops, swimctrl,
>> + "ism", 0x2000);
>> + sysbus_init_mmio(sbd, &swimctrl->swim);
>> }
>> static void sysbus_swim_realize(DeviceState *dev, Error **errp)
>> @@ -437,6 +450,9 @@ static void sysbus_swim_realize(DeviceState *dev, Error **errp)
>> qbus_init(&swimctrl->bus, sizeof(SWIMBus), TYPE_SWIM_BUS, dev, NULL);
>> swimctrl->bus.ctrl = swimctrl;
>> +
>> + /* Default register set is IWM */
>> + memory_region_add_subregion(&swimctrl->swim, 0x0, &swimctrl->iwm);
>> }
>> static const VMStateDescription vmstate_fdrive = {
>> @@ -456,10 +472,11 @@ static const VMStateDescription vmstate_swim = {
>> VMSTATE_INT32(mode, SWIMCtrl),
>> /* IWM mode */
>> VMSTATE_INT32(iwm_switch, SWIMCtrl),
>> - VMSTATE_UINT16_ARRAY(regs, SWIMCtrl, 8),
>> + VMSTATE_UINT8_ARRAY(iwmregs, SWIMCtrl, 16),
>> VMSTATE_UINT8(iwm_data, SWIMCtrl),
>> VMSTATE_UINT8(iwm_mode, SWIMCtrl),
>> /* SWIM mode */
>> + VMSTATE_UINT8_ARRAY(ismregs, SWIMCtrl, 16),
>> VMSTATE_UINT8(swim_phase, SWIMCtrl),
>> VMSTATE_UINT8(swim_mode, SWIMCtrl),
>> /* Drives */
>> diff --git a/hw/block/trace-events b/hw/block/trace-events
>> index c041ec45e3..ea84ad6c77 100644
>> --- a/hw/block/trace-events
>> +++ b/hw/block/trace-events
>> @@ -94,6 +94,6 @@ m25p80_binding_no_bdrv(void *s) "[%p] No BDRV - binding to RAM"
>> # swim.c
>> swim_swimctrl_read(int reg, const char *name, unsigned size, uint64_t value)
>> "reg=%d [%s] size=%u value=0x%"PRIx64
>> swim_swimctrl_write(int reg, const char *name, unsigned size, uint64_t value)
>> "reg=%d [%s] size=%u value=0x%"PRIx64
>> -swim_iwmctrl_read(int reg, unsigned size, uint64_t value) "reg=%d size=%u
>> value=0x%"PRIx64
>> -swim_iwmctrl_write(int reg, unsigned size, uint64_t value) "reg=%d size=%u
>> value=0x%"PRIx64
>> +swim_iwmctrl_read(int reg, const char *name, unsigned size, uint64_t value)
>> "reg=%d [%s] size=%u value=0x%"PRIx64
>> +swim_iwmctrl_write(int reg, const char *name, unsigned size, uint64_t value)
>> "reg=%d [%s] size=%u value=0x%"PRIx64
>> swim_iwm_switch(void) "switch from IWM to SWIM mode"
>> diff --git a/include/hw/block/swim.h b/include/hw/block/swim.h
>> index 9b3dcb029d..1bc7635d02 100644
>> --- a/include/hw/block/swim.h
>> +++ b/include/hw/block/swim.h
>> @@ -43,23 +43,18 @@ typedef struct FDrive {
>> } FDrive;
>> struct SWIMCtrl {
>> - MemoryRegion iomem;
>> + MemoryRegion swim;
>> + MemoryRegion iwm;
>> + MemoryRegion ism;
>> FDrive drives[SWIM_MAX_FD];
>> int mode;
>> /* IWM mode */
>> int iwm_switch;
>> - uint16_t regs[8];
>> -#define IWM_PH0 0
>> -#define IWM_PH1 1
>> -#define IWM_PH2 2
>> -#define IWM_PH3 3
>> -#define IWM_MTR 4
>> -#define IWM_DRIVE 5
>> -#define IWM_Q6 6
>> -#define IWM_Q7 7
>> + uint8_t iwmregs[16];
>> uint8_t iwm_data;
>> uint8_t iwm_mode;
>> /* SWIM mode */
>> + uint8_t ismregs[16];
>> uint8_t swim_phase;
>> uint8_t swim_mode;
>> SWIMBus bus;
>
> Reviewed-by: Laurent Vivier <laurent@vivier.eu>
ATB,
Mark.
^ permalink raw reply [flat|nested] 44+ messages in thread
end of thread, other threads:[~2023-09-28 20:47 UTC | newest]
Thread overview: 44+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-09-09 9:48 [PATCH v2 00/20] q800: add support for booting MacOS Classic - part 2 Mark Cave-Ayland
2023-09-09 9:48 ` [PATCH v2 01/20] q800-glue.c: convert to Resettable interface Mark Cave-Ayland
2023-09-25 17:03 ` Laurent Vivier
2023-09-09 9:48 ` [PATCH v2 02/20] q800: add djMEMC memory controller Mark Cave-Ayland
2023-09-09 9:48 ` [PATCH v2 03/20] q800: add machine id register Mark Cave-Ayland
2023-09-09 9:48 ` [PATCH v2 04/20] q800: implement additional machine id bits on VIA1 port A Mark Cave-Ayland
2023-09-09 9:48 ` [PATCH v2 05/20] q800: add IOSB subsystem Mark Cave-Ayland
2023-09-09 9:48 ` [PATCH v2 06/20] q800: allow accesses to RAM area even if less memory is available Mark Cave-Ayland
2023-09-09 9:48 ` [PATCH v2 07/20] audio: add Apple Sound Chip (ASC) emulation Mark Cave-Ayland
2023-09-14 7:06 ` Volker Rümelin
2023-09-20 15:39 ` Mark Cave-Ayland
2023-09-23 7:09 ` Volker Rümelin
2023-09-09 9:48 ` [PATCH v2 08/20] asc: generate silence if FIFO empty but engine still running Mark Cave-Ayland
2023-09-14 7:56 ` Philippe Mathieu-Daudé
2023-09-14 13:16 ` Philippe Mathieu-Daudé
2023-09-16 8:19 ` Volker Rümelin
2023-09-17 13:42 ` Philippe Mathieu-Daudé
2023-09-25 17:19 ` Laurent Vivier
2023-09-28 20:40 ` Mark Cave-Ayland
2023-09-09 9:48 ` [PATCH v2 09/20] q800: add Apple Sound Chip (ASC) audio to machine Mark Cave-Ayland
2023-09-09 9:48 ` [PATCH v2 10/20] q800: add easc bool machine class property to switch between ASC and EASC Mark Cave-Ayland
2023-09-26 7:54 ` Laurent Vivier
2023-09-09 9:48 ` [PATCH v2 11/20] swim: add trace events for IWM and ISM registers Mark Cave-Ayland
2023-09-26 7:55 ` Laurent Vivier
2023-09-09 9:48 ` [PATCH v2 12/20] swim: split into separate IWM and ISM register blocks Mark Cave-Ayland
2023-09-26 8:09 ` Laurent Vivier
2023-09-28 20:47 ` Mark Cave-Ayland
2023-09-09 9:48 ` [PATCH v2 13/20] swim: update IWM/ISM register block decoding Mark Cave-Ayland
2023-09-26 8:10 ` Laurent Vivier
2023-09-09 9:48 ` [PATCH v2 14/20] mac_via: work around underflow in TimeDBRA timing loop in SETUPTIMEK Mark Cave-Ayland
2023-09-26 8:04 ` Laurent Vivier
2023-09-09 9:48 ` [PATCH v2 15/20] mac_via: workaround NetBSD ADB bus enumeration issue Mark Cave-Ayland
2023-09-26 8:04 ` Laurent Vivier
2023-09-28 20:45 ` Mark Cave-Ayland
2023-09-09 9:48 ` [PATCH v2 16/20] mac_via: implement ADB_STATE_IDLE state if shift register in input mode Mark Cave-Ayland
2023-09-26 8:05 ` Laurent Vivier
2023-09-09 9:48 ` [PATCH v2 17/20] mac_via: always clear ADB interrupt when switching to A/UX mode Mark Cave-Ayland
2023-09-26 8:06 ` Laurent Vivier
2023-09-09 9:48 ` [PATCH v2 18/20] q800: add ESCC alias at 0xc000 Mark Cave-Ayland
2023-09-26 8:06 ` Laurent Vivier
2023-09-09 9:48 ` [PATCH v2 19/20] q800: add alias for MacOS toolbox ROM at 0x40000000 Mark Cave-Ayland
2023-09-26 8:06 ` Laurent Vivier
2023-09-09 9:48 ` [PATCH v2 20/20] mac_via: extend timer calibration hack to work with A/UX Mark Cave-Ayland
2023-09-26 8:07 ` Laurent Vivier
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).