From: Laszlo Ersek <lersek@redhat.com>
To: jaeyong.yoo@samsung.com, qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] Where is vga-rom mapped in guest system memory?
Date: Tue, 13 May 2014 15:54:38 +0200 [thread overview]
Message-ID: <5372241E.8090309@redhat.com> (raw)
In-Reply-To: <98.08.11443.AD612735@epcpsbgx3.samsung.com>
On 05/13/14 14:58, Jaeyong Yoo wrote:
> Hello qemu!
>
>
>
> I am currently writing a vga device emulator and need to debug vga-bios.
>
> What I want is to set break-point on the entry of vga-bios and for this,
>
> I'm reading qemu source around pci device and rom-related memory regions
>
> to find out where should I set break point. And, sadly, got stuck.
>
>
>
> Could you give me any advice about the memory-mapped address of vga-rom or
>
> any pointers?
Some.
The vgabios binary is loaded from the file identified by the "romfile"
property of the VGA card that you select. For example,
-device qxl-vga,romfile=...
or
-vga qxl \
-global qxl-vga.romfile=...
Of course the property has a default value for each VGA card. See the
k->romfile = ...
assignments in:
- cirrus_vga_class_init() -- vgabios-cirrus.bin
- qxl_primary_class_init() -- vgabios-qxl.bin
- vga_class_init() -- vgabios-stdvga.bin
I think the oprom is loaded in
pci_qdev_init() [hw/pci/pci.c]
pci_add_option_rom()
The vgabios oprom is shadowed from ROM (pci address space) to RAM by the
SeaBIOS initialization code, and then POSTed:
handle_post() [src/post.c]
make_bios_writable() [src/fw/shadow.c]
make_bios_writable_intel()
__make_bios_writable_intel() -- shadows vgabios in C segment too
dopost() [src/post.c]
maininit()
vgarom_setup() [src/optionroms.c]
init_pcirom()
init_optionrom()
callrom()
__callrom()
_rom_header_entry [vgasrc/vgaentry.S]
vga_post() [vgasrc/vgainit.c]
You can instrument vga_post() in the SeaBIOS source [vgasrc/vgainit.c],
rebuild the vgabios binary, and load this binary with the video card's
romfile=... property on the qemu command line.
Laszlo
Laszlo
next prev parent reply other threads:[~2014-05-13 13:54 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-13 12:58 [Qemu-devel] Where is vga-rom mapped in guest system memory? Jaeyong Yoo
2014-05-13 13:54 ` Laszlo Ersek [this message]
2014-05-14 4:01 ` Jaeyong Yoo
2014-05-14 10:55 ` Laszlo Ersek
2014-05-14 11:41 ` Jaeyong Yoo
2014-05-14 11:54 ` Laszlo Ersek
2014-05-15 13:25 ` Jaeyong Yoo
2014-05-15 14:04 ` Laszlo Ersek
2014-05-16 4:19 ` Jaeyong Yoo
2014-05-16 9:36 ` Laszlo Ersek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5372241E.8090309@redhat.com \
--to=lersek@redhat.com \
--cc=jaeyong.yoo@samsung.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).