xref: /openbmc/qemu/hw/block/fdc.c (revision db1b58e9)
1 /*
2  * QEMU Floppy disk emulator (Intel 82078)
3  *
4  * Copyright (c) 2003, 2007 Jocelyn Mayer
5  * Copyright (c) 2008 Hervé Poussineau
6  *
7  * Permission is hereby granted, free of charge, to any person obtaining a copy
8  * of this software and associated documentation files (the "Software"), to deal
9  * in the Software without restriction, including without limitation the rights
10  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11  * copies of the Software, and to permit persons to whom the Software is
12  * furnished to do so, subject to the following conditions:
13  *
14  * The above copyright notice and this permission notice shall be included in
15  * all copies or substantial portions of the Software.
16  *
17  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20  * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23  * THE SOFTWARE.
24  */
25 /*
26  * The controller is used in Sun4m systems in a slightly different
27  * way. There are changes in DOR register and DMA is not available.
28  */
29 
30 #include "hw/hw.h"
31 #include "hw/block/fdc.h"
32 #include "qemu/error-report.h"
33 #include "qemu/timer.h"
34 #include "hw/isa/isa.h"
35 #include "hw/sysbus.h"
36 #include "sysemu/blockdev.h"
37 #include "sysemu/sysemu.h"
38 #include "qemu/log.h"
39 
40 /********************************************************/
41 /* debug Floppy devices */
42 //#define DEBUG_FLOPPY
43 
44 #ifdef DEBUG_FLOPPY
45 #define FLOPPY_DPRINTF(fmt, ...)                                \
46     do { printf("FLOPPY: " fmt , ## __VA_ARGS__); } while (0)
47 #else
48 #define FLOPPY_DPRINTF(fmt, ...)
49 #endif
50 
51 /********************************************************/
52 /* Floppy drive emulation                               */
53 
54 typedef enum FDriveRate {
55     FDRIVE_RATE_500K = 0x00,  /* 500 Kbps */
56     FDRIVE_RATE_300K = 0x01,  /* 300 Kbps */
57     FDRIVE_RATE_250K = 0x02,  /* 250 Kbps */
58     FDRIVE_RATE_1M   = 0x03,  /*   1 Mbps */
59 } FDriveRate;
60 
61 typedef struct FDFormat {
62     FDriveType drive;
63     uint8_t last_sect;
64     uint8_t max_track;
65     uint8_t max_head;
66     FDriveRate rate;
67 } FDFormat;
68 
69 static const FDFormat fd_formats[] = {
70     /* First entry is default format */
71     /* 1.44 MB 3"1/2 floppy disks */
72     { FDRIVE_DRV_144, 18, 80, 1, FDRIVE_RATE_500K, },
73     { FDRIVE_DRV_144, 20, 80, 1, FDRIVE_RATE_500K, },
74     { FDRIVE_DRV_144, 21, 80, 1, FDRIVE_RATE_500K, },
75     { FDRIVE_DRV_144, 21, 82, 1, FDRIVE_RATE_500K, },
76     { FDRIVE_DRV_144, 21, 83, 1, FDRIVE_RATE_500K, },
77     { FDRIVE_DRV_144, 22, 80, 1, FDRIVE_RATE_500K, },
78     { FDRIVE_DRV_144, 23, 80, 1, FDRIVE_RATE_500K, },
79     { FDRIVE_DRV_144, 24, 80, 1, FDRIVE_RATE_500K, },
80     /* 2.88 MB 3"1/2 floppy disks */
81     { FDRIVE_DRV_288, 36, 80, 1, FDRIVE_RATE_1M, },
82     { FDRIVE_DRV_288, 39, 80, 1, FDRIVE_RATE_1M, },
83     { FDRIVE_DRV_288, 40, 80, 1, FDRIVE_RATE_1M, },
84     { FDRIVE_DRV_288, 44, 80, 1, FDRIVE_RATE_1M, },
85     { FDRIVE_DRV_288, 48, 80, 1, FDRIVE_RATE_1M, },
86     /* 720 kB 3"1/2 floppy disks */
87     { FDRIVE_DRV_144,  9, 80, 1, FDRIVE_RATE_250K, },
88     { FDRIVE_DRV_144, 10, 80, 1, FDRIVE_RATE_250K, },
89     { FDRIVE_DRV_144, 10, 82, 1, FDRIVE_RATE_250K, },
90     { FDRIVE_DRV_144, 10, 83, 1, FDRIVE_RATE_250K, },
91     { FDRIVE_DRV_144, 13, 80, 1, FDRIVE_RATE_250K, },
92     { FDRIVE_DRV_144, 14, 80, 1, FDRIVE_RATE_250K, },
93     /* 1.2 MB 5"1/4 floppy disks */
94     { FDRIVE_DRV_120, 15, 80, 1, FDRIVE_RATE_500K, },
95     { FDRIVE_DRV_120, 18, 80, 1, FDRIVE_RATE_500K, },
96     { FDRIVE_DRV_120, 18, 82, 1, FDRIVE_RATE_500K, },
97     { FDRIVE_DRV_120, 18, 83, 1, FDRIVE_RATE_500K, },
98     { FDRIVE_DRV_120, 20, 80, 1, FDRIVE_RATE_500K, },
99     /* 720 kB 5"1/4 floppy disks */
100     { FDRIVE_DRV_120,  9, 80, 1, FDRIVE_RATE_250K, },
101     { FDRIVE_DRV_120, 11, 80, 1, FDRIVE_RATE_250K, },
102     /* 360 kB 5"1/4 floppy disks */
103     { FDRIVE_DRV_120,  9, 40, 1, FDRIVE_RATE_300K, },
104     { FDRIVE_DRV_120,  9, 40, 0, FDRIVE_RATE_300K, },
105     { FDRIVE_DRV_120, 10, 41, 1, FDRIVE_RATE_300K, },
106     { FDRIVE_DRV_120, 10, 42, 1, FDRIVE_RATE_300K, },
107     /* 320 kB 5"1/4 floppy disks */
108     { FDRIVE_DRV_120,  8, 40, 1, FDRIVE_RATE_250K, },
109     { FDRIVE_DRV_120,  8, 40, 0, FDRIVE_RATE_250K, },
110     /* 360 kB must match 5"1/4 better than 3"1/2... */
111     { FDRIVE_DRV_144,  9, 80, 0, FDRIVE_RATE_250K, },
112     /* end */
113     { FDRIVE_DRV_NONE, -1, -1, 0, 0, },
114 };
115 
116 static void pick_geometry(BlockDriverState *bs, int *nb_heads,
117                           int *max_track, int *last_sect,
118                           FDriveType drive_in, FDriveType *drive,
119                           FDriveRate *rate)
120 {
121     const FDFormat *parse;
122     uint64_t nb_sectors, size;
123     int i, first_match, match;
124 
125     bdrv_get_geometry(bs, &nb_sectors);
126     match = -1;
127     first_match = -1;
128     for (i = 0; ; i++) {
129         parse = &fd_formats[i];
130         if (parse->drive == FDRIVE_DRV_NONE) {
131             break;
132         }
133         if (drive_in == parse->drive ||
134             drive_in == FDRIVE_DRV_NONE) {
135             size = (parse->max_head + 1) * parse->max_track *
136                 parse->last_sect;
137             if (nb_sectors == size) {
138                 match = i;
139                 break;
140             }
141             if (first_match == -1) {
142                 first_match = i;
143             }
144         }
145     }
146     if (match == -1) {
147         if (first_match == -1) {
148             match = 1;
149         } else {
150             match = first_match;
151         }
152         parse = &fd_formats[match];
153     }
154     *nb_heads = parse->max_head + 1;
155     *max_track = parse->max_track;
156     *last_sect = parse->last_sect;
157     *drive = parse->drive;
158     *rate = parse->rate;
159 }
160 
161 #define GET_CUR_DRV(fdctrl) ((fdctrl)->cur_drv)
162 #define SET_CUR_DRV(fdctrl, drive) ((fdctrl)->cur_drv = (drive))
163 
164 /* Will always be a fixed parameter for us */
165 #define FD_SECTOR_LEN          512
166 #define FD_SECTOR_SC           2   /* Sector size code */
167 #define FD_RESET_SENSEI_COUNT  4   /* Number of sense interrupts on RESET */
168 
169 typedef struct FDCtrl FDCtrl;
170 
171 /* Floppy disk drive emulation */
172 typedef enum FDiskFlags {
173     FDISK_DBL_SIDES  = 0x01,
174 } FDiskFlags;
175 
176 typedef struct FDrive {
177     FDCtrl *fdctrl;
178     BlockDriverState *bs;
179     /* Drive status */
180     FDriveType drive;
181     uint8_t perpendicular;    /* 2.88 MB access mode    */
182     /* Position */
183     uint8_t head;
184     uint8_t track;
185     uint8_t sect;
186     /* Media */
187     FDiskFlags flags;
188     uint8_t last_sect;        /* Nb sector per track    */
189     uint8_t max_track;        /* Nb of tracks           */
190     uint16_t bps;             /* Bytes per sector       */
191     uint8_t ro;               /* Is read-only           */
192     uint8_t media_changed;    /* Is media changed       */
193     uint8_t media_rate;       /* Data rate of medium    */
194 } FDrive;
195 
196 static void fd_init(FDrive *drv)
197 {
198     /* Drive */
199     drv->drive = FDRIVE_DRV_NONE;
200     drv->perpendicular = 0;
201     /* Disk */
202     drv->last_sect = 0;
203     drv->max_track = 0;
204 }
205 
206 #define NUM_SIDES(drv) ((drv)->flags & FDISK_DBL_SIDES ? 2 : 1)
207 
208 static int fd_sector_calc(uint8_t head, uint8_t track, uint8_t sect,
209                           uint8_t last_sect, uint8_t num_sides)
210 {
211     return (((track * num_sides) + head) * last_sect) + sect - 1;
212 }
213 
214 /* Returns current position, in sectors, for given drive */
215 static int fd_sector(FDrive *drv)
216 {
217     return fd_sector_calc(drv->head, drv->track, drv->sect, drv->last_sect,
218                           NUM_SIDES(drv));
219 }
220 
221 /* Seek to a new position:
222  * returns 0 if already on right track
223  * returns 1 if track changed
224  * returns 2 if track is invalid
225  * returns 3 if sector is invalid
226  * returns 4 if seek is disabled
227  */
228 static int fd_seek(FDrive *drv, uint8_t head, uint8_t track, uint8_t sect,
229                    int enable_seek)
230 {
231     uint32_t sector;
232     int ret;
233 
234     if (track > drv->max_track ||
235         (head != 0 && (drv->flags & FDISK_DBL_SIDES) == 0)) {
236         FLOPPY_DPRINTF("try to read %d %02x %02x (max=%d %d %02x %02x)\n",
237                        head, track, sect, 1,
238                        (drv->flags & FDISK_DBL_SIDES) == 0 ? 0 : 1,
239                        drv->max_track, drv->last_sect);
240         return 2;
241     }
242     if (sect > drv->last_sect) {
243         FLOPPY_DPRINTF("try to read %d %02x %02x (max=%d %d %02x %02x)\n",
244                        head, track, sect, 1,
245                        (drv->flags & FDISK_DBL_SIDES) == 0 ? 0 : 1,
246                        drv->max_track, drv->last_sect);
247         return 3;
248     }
249     sector = fd_sector_calc(head, track, sect, drv->last_sect, NUM_SIDES(drv));
250     ret = 0;
251     if (sector != fd_sector(drv)) {
252 #if 0
253         if (!enable_seek) {
254             FLOPPY_DPRINTF("error: no implicit seek %d %02x %02x"
255                            " (max=%d %02x %02x)\n",
256                            head, track, sect, 1, drv->max_track,
257                            drv->last_sect);
258             return 4;
259         }
260 #endif
261         drv->head = head;
262         if (drv->track != track) {
263             if (drv->bs != NULL && bdrv_is_inserted(drv->bs)) {
264                 drv->media_changed = 0;
265             }
266             ret = 1;
267         }
268         drv->track = track;
269         drv->sect = sect;
270     }
271 
272     if (drv->bs == NULL || !bdrv_is_inserted(drv->bs)) {
273         ret = 2;
274     }
275 
276     return ret;
277 }
278 
279 /* Set drive back to track 0 */
280 static void fd_recalibrate(FDrive *drv)
281 {
282     FLOPPY_DPRINTF("recalibrate\n");
283     fd_seek(drv, 0, 0, 1, 1);
284 }
285 
286 /* Revalidate a disk drive after a disk change */
287 static void fd_revalidate(FDrive *drv)
288 {
289     int nb_heads, max_track, last_sect, ro;
290     FDriveType drive;
291     FDriveRate rate;
292 
293     FLOPPY_DPRINTF("revalidate\n");
294     if (drv->bs != NULL) {
295         ro = bdrv_is_read_only(drv->bs);
296         pick_geometry(drv->bs, &nb_heads, &max_track,
297                       &last_sect, drv->drive, &drive, &rate);
298         if (!bdrv_is_inserted(drv->bs)) {
299             FLOPPY_DPRINTF("No disk in drive\n");
300         } else {
301             FLOPPY_DPRINTF("Floppy disk (%d h %d t %d s) %s\n", nb_heads,
302                            max_track, last_sect, ro ? "ro" : "rw");
303         }
304         if (nb_heads == 1) {
305             drv->flags &= ~FDISK_DBL_SIDES;
306         } else {
307             drv->flags |= FDISK_DBL_SIDES;
308         }
309         drv->max_track = max_track;
310         drv->last_sect = last_sect;
311         drv->ro = ro;
312         drv->drive = drive;
313         drv->media_rate = rate;
314     } else {
315         FLOPPY_DPRINTF("No drive connected\n");
316         drv->last_sect = 0;
317         drv->max_track = 0;
318         drv->flags &= ~FDISK_DBL_SIDES;
319     }
320 }
321 
322 /********************************************************/
323 /* Intel 82078 floppy disk controller emulation          */
324 
325 static void fdctrl_reset(FDCtrl *fdctrl, int do_irq);
326 static void fdctrl_reset_fifo(FDCtrl *fdctrl);
327 static int fdctrl_transfer_handler (void *opaque, int nchan,
328                                     int dma_pos, int dma_len);
329 static void fdctrl_raise_irq(FDCtrl *fdctrl);
330 static FDrive *get_cur_drv(FDCtrl *fdctrl);
331 
332 static uint32_t fdctrl_read_statusA(FDCtrl *fdctrl);
333 static uint32_t fdctrl_read_statusB(FDCtrl *fdctrl);
334 static uint32_t fdctrl_read_dor(FDCtrl *fdctrl);
335 static void fdctrl_write_dor(FDCtrl *fdctrl, uint32_t value);
336 static uint32_t fdctrl_read_tape(FDCtrl *fdctrl);
337 static void fdctrl_write_tape(FDCtrl *fdctrl, uint32_t value);
338 static uint32_t fdctrl_read_main_status(FDCtrl *fdctrl);
339 static void fdctrl_write_rate(FDCtrl *fdctrl, uint32_t value);
340 static uint32_t fdctrl_read_data(FDCtrl *fdctrl);
341 static void fdctrl_write_data(FDCtrl *fdctrl, uint32_t value);
342 static uint32_t fdctrl_read_dir(FDCtrl *fdctrl);
343 static void fdctrl_write_ccr(FDCtrl *fdctrl, uint32_t value);
344 
345 enum {
346     FD_DIR_WRITE   = 0,
347     FD_DIR_READ    = 1,
348     FD_DIR_SCANE   = 2,
349     FD_DIR_SCANL   = 3,
350     FD_DIR_SCANH   = 4,
351     FD_DIR_VERIFY  = 5,
352 };
353 
354 enum {
355     FD_STATE_MULTI  = 0x01,	/* multi track flag */
356     FD_STATE_FORMAT = 0x02,	/* format flag */
357 };
358 
359 enum {
360     FD_REG_SRA = 0x00,
361     FD_REG_SRB = 0x01,
362     FD_REG_DOR = 0x02,
363     FD_REG_TDR = 0x03,
364     FD_REG_MSR = 0x04,
365     FD_REG_DSR = 0x04,
366     FD_REG_FIFO = 0x05,
367     FD_REG_DIR = 0x07,
368     FD_REG_CCR = 0x07,
369 };
370 
371 enum {
372     FD_CMD_READ_TRACK = 0x02,
373     FD_CMD_SPECIFY = 0x03,
374     FD_CMD_SENSE_DRIVE_STATUS = 0x04,
375     FD_CMD_WRITE = 0x05,
376     FD_CMD_READ = 0x06,
377     FD_CMD_RECALIBRATE = 0x07,
378     FD_CMD_SENSE_INTERRUPT_STATUS = 0x08,
379     FD_CMD_WRITE_DELETED = 0x09,
380     FD_CMD_READ_ID = 0x0a,
381     FD_CMD_READ_DELETED = 0x0c,
382     FD_CMD_FORMAT_TRACK = 0x0d,
383     FD_CMD_DUMPREG = 0x0e,
384     FD_CMD_SEEK = 0x0f,
385     FD_CMD_VERSION = 0x10,
386     FD_CMD_SCAN_EQUAL = 0x11,
387     FD_CMD_PERPENDICULAR_MODE = 0x12,
388     FD_CMD_CONFIGURE = 0x13,
389     FD_CMD_LOCK = 0x14,
390     FD_CMD_VERIFY = 0x16,
391     FD_CMD_POWERDOWN_MODE = 0x17,
392     FD_CMD_PART_ID = 0x18,
393     FD_CMD_SCAN_LOW_OR_EQUAL = 0x19,
394     FD_CMD_SCAN_HIGH_OR_EQUAL = 0x1d,
395     FD_CMD_SAVE = 0x2e,
396     FD_CMD_OPTION = 0x33,
397     FD_CMD_RESTORE = 0x4e,
398     FD_CMD_DRIVE_SPECIFICATION_COMMAND = 0x8e,
399     FD_CMD_RELATIVE_SEEK_OUT = 0x8f,
400     FD_CMD_FORMAT_AND_WRITE = 0xcd,
401     FD_CMD_RELATIVE_SEEK_IN = 0xcf,
402 };
403 
404 enum {
405     FD_CONFIG_PRETRK = 0xff, /* Pre-compensation set to track 0 */
406     FD_CONFIG_FIFOTHR = 0x0f, /* FIFO threshold set to 1 byte */
407     FD_CONFIG_POLL  = 0x10, /* Poll enabled */
408     FD_CONFIG_EFIFO = 0x20, /* FIFO disabled */
409     FD_CONFIG_EIS   = 0x40, /* No implied seeks */
410 };
411 
412 enum {
413     FD_SR0_DS0      = 0x01,
414     FD_SR0_DS1      = 0x02,
415     FD_SR0_HEAD     = 0x04,
416     FD_SR0_EQPMT    = 0x10,
417     FD_SR0_SEEK     = 0x20,
418     FD_SR0_ABNTERM  = 0x40,
419     FD_SR0_INVCMD   = 0x80,
420     FD_SR0_RDYCHG   = 0xc0,
421 };
422 
423 enum {
424     FD_SR1_MA       = 0x01, /* Missing address mark */
425     FD_SR1_NW       = 0x02, /* Not writable */
426     FD_SR1_EC       = 0x80, /* End of cylinder */
427 };
428 
429 enum {
430     FD_SR2_SNS      = 0x04, /* Scan not satisfied */
431     FD_SR2_SEH      = 0x08, /* Scan equal hit */
432 };
433 
434 enum {
435     FD_SRA_DIR      = 0x01,
436     FD_SRA_nWP      = 0x02,
437     FD_SRA_nINDX    = 0x04,
438     FD_SRA_HDSEL    = 0x08,
439     FD_SRA_nTRK0    = 0x10,
440     FD_SRA_STEP     = 0x20,
441     FD_SRA_nDRV2    = 0x40,
442     FD_SRA_INTPEND  = 0x80,
443 };
444 
445 enum {
446     FD_SRB_MTR0     = 0x01,
447     FD_SRB_MTR1     = 0x02,
448     FD_SRB_WGATE    = 0x04,
449     FD_SRB_RDATA    = 0x08,
450     FD_SRB_WDATA    = 0x10,
451     FD_SRB_DR0      = 0x20,
452 };
453 
454 enum {
455 #if MAX_FD == 4
456     FD_DOR_SELMASK  = 0x03,
457 #else
458     FD_DOR_SELMASK  = 0x01,
459 #endif
460     FD_DOR_nRESET   = 0x04,
461     FD_DOR_DMAEN    = 0x08,
462     FD_DOR_MOTEN0   = 0x10,
463     FD_DOR_MOTEN1   = 0x20,
464     FD_DOR_MOTEN2   = 0x40,
465     FD_DOR_MOTEN3   = 0x80,
466 };
467 
468 enum {
469 #if MAX_FD == 4
470     FD_TDR_BOOTSEL  = 0x0c,
471 #else
472     FD_TDR_BOOTSEL  = 0x04,
473 #endif
474 };
475 
476 enum {
477     FD_DSR_DRATEMASK= 0x03,
478     FD_DSR_PWRDOWN  = 0x40,
479     FD_DSR_SWRESET  = 0x80,
480 };
481 
482 enum {
483     FD_MSR_DRV0BUSY = 0x01,
484     FD_MSR_DRV1BUSY = 0x02,
485     FD_MSR_DRV2BUSY = 0x04,
486     FD_MSR_DRV3BUSY = 0x08,
487     FD_MSR_CMDBUSY  = 0x10,
488     FD_MSR_NONDMA   = 0x20,
489     FD_MSR_DIO      = 0x40,
490     FD_MSR_RQM      = 0x80,
491 };
492 
493 enum {
494     FD_DIR_DSKCHG   = 0x80,
495 };
496 
497 #define FD_MULTI_TRACK(state) ((state) & FD_STATE_MULTI)
498 #define FD_FORMAT_CMD(state) ((state) & FD_STATE_FORMAT)
499 
500 struct FDCtrl {
501     MemoryRegion iomem;
502     qemu_irq irq;
503     /* Controller state */
504     QEMUTimer *result_timer;
505     int dma_chann;
506     /* Controller's identification */
507     uint8_t version;
508     /* HW */
509     uint8_t sra;
510     uint8_t srb;
511     uint8_t dor;
512     uint8_t dor_vmstate; /* only used as temp during vmstate */
513     uint8_t tdr;
514     uint8_t dsr;
515     uint8_t msr;
516     uint8_t cur_drv;
517     uint8_t status0;
518     uint8_t status1;
519     uint8_t status2;
520     /* Command FIFO */
521     uint8_t *fifo;
522     int32_t fifo_size;
523     uint32_t data_pos;
524     uint32_t data_len;
525     uint8_t data_state;
526     uint8_t data_dir;
527     uint8_t eot; /* last wanted sector */
528     /* States kept only to be returned back */
529     /* precompensation */
530     uint8_t precomp_trk;
531     uint8_t config;
532     uint8_t lock;
533     /* Power down config (also with status regB access mode */
534     uint8_t pwrd;
535     /* Floppy drives */
536     uint8_t num_floppies;
537     /* Sun4m quirks? */
538     int sun4m;
539     FDrive drives[MAX_FD];
540     int reset_sensei;
541     uint32_t check_media_rate;
542     /* Timers state */
543     uint8_t timer0;
544     uint8_t timer1;
545 };
546 
547 #define TYPE_SYSBUS_FDC "sysbus-fdc"
548 #define SYSBUS_FDC(obj) OBJECT_CHECK(FDCtrlSysBus, (obj), TYPE_SYSBUS_FDC)
549 
550 typedef struct FDCtrlSysBus {
551     /*< private >*/
552     SysBusDevice parent_obj;
553     /*< public >*/
554 
555     struct FDCtrl state;
556 } FDCtrlSysBus;
557 
558 #define ISA_FDC(obj) OBJECT_CHECK(FDCtrlISABus, (obj), TYPE_ISA_FDC)
559 
560 typedef struct FDCtrlISABus {
561     ISADevice parent_obj;
562 
563     uint32_t iobase;
564     uint32_t irq;
565     uint32_t dma;
566     struct FDCtrl state;
567     int32_t bootindexA;
568     int32_t bootindexB;
569 } FDCtrlISABus;
570 
571 static uint32_t fdctrl_read (void *opaque, uint32_t reg)
572 {
573     FDCtrl *fdctrl = opaque;
574     uint32_t retval;
575 
576     reg &= 7;
577     switch (reg) {
578     case FD_REG_SRA:
579         retval = fdctrl_read_statusA(fdctrl);
580         break;
581     case FD_REG_SRB:
582         retval = fdctrl_read_statusB(fdctrl);
583         break;
584     case FD_REG_DOR:
585         retval = fdctrl_read_dor(fdctrl);
586         break;
587     case FD_REG_TDR:
588         retval = fdctrl_read_tape(fdctrl);
589         break;
590     case FD_REG_MSR:
591         retval = fdctrl_read_main_status(fdctrl);
592         break;
593     case FD_REG_FIFO:
594         retval = fdctrl_read_data(fdctrl);
595         break;
596     case FD_REG_DIR:
597         retval = fdctrl_read_dir(fdctrl);
598         break;
599     default:
600         retval = (uint32_t)(-1);
601         break;
602     }
603     FLOPPY_DPRINTF("read reg%d: 0x%02x\n", reg & 7, retval);
604 
605     return retval;
606 }
607 
608 static void fdctrl_write (void *opaque, uint32_t reg, uint32_t value)
609 {
610     FDCtrl *fdctrl = opaque;
611 
612     FLOPPY_DPRINTF("write reg%d: 0x%02x\n", reg & 7, value);
613 
614     reg &= 7;
615     switch (reg) {
616     case FD_REG_DOR:
617         fdctrl_write_dor(fdctrl, value);
618         break;
619     case FD_REG_TDR:
620         fdctrl_write_tape(fdctrl, value);
621         break;
622     case FD_REG_DSR:
623         fdctrl_write_rate(fdctrl, value);
624         break;
625     case FD_REG_FIFO:
626         fdctrl_write_data(fdctrl, value);
627         break;
628     case FD_REG_CCR:
629         fdctrl_write_ccr(fdctrl, value);
630         break;
631     default:
632         break;
633     }
634 }
635 
636 static uint64_t fdctrl_read_mem (void *opaque, hwaddr reg,
637                                  unsigned ize)
638 {
639     return fdctrl_read(opaque, (uint32_t)reg);
640 }
641 
642 static void fdctrl_write_mem (void *opaque, hwaddr reg,
643                               uint64_t value, unsigned size)
644 {
645     fdctrl_write(opaque, (uint32_t)reg, value);
646 }
647 
648 static const MemoryRegionOps fdctrl_mem_ops = {
649     .read = fdctrl_read_mem,
650     .write = fdctrl_write_mem,
651     .endianness = DEVICE_NATIVE_ENDIAN,
652 };
653 
654 static const MemoryRegionOps fdctrl_mem_strict_ops = {
655     .read = fdctrl_read_mem,
656     .write = fdctrl_write_mem,
657     .endianness = DEVICE_NATIVE_ENDIAN,
658     .valid = {
659         .min_access_size = 1,
660         .max_access_size = 1,
661     },
662 };
663 
664 static bool fdrive_media_changed_needed(void *opaque)
665 {
666     FDrive *drive = opaque;
667 
668     return (drive->bs != NULL && drive->media_changed != 1);
669 }
670 
671 static const VMStateDescription vmstate_fdrive_media_changed = {
672     .name = "fdrive/media_changed",
673     .version_id = 1,
674     .minimum_version_id = 1,
675     .minimum_version_id_old = 1,
676     .fields      = (VMStateField[]) {
677         VMSTATE_UINT8(media_changed, FDrive),
678         VMSTATE_END_OF_LIST()
679     }
680 };
681 
682 static bool fdrive_media_rate_needed(void *opaque)
683 {
684     FDrive *drive = opaque;
685 
686     return drive->fdctrl->check_media_rate;
687 }
688 
689 static const VMStateDescription vmstate_fdrive_media_rate = {
690     .name = "fdrive/media_rate",
691     .version_id = 1,
692     .minimum_version_id = 1,
693     .minimum_version_id_old = 1,
694     .fields      = (VMStateField[]) {
695         VMSTATE_UINT8(media_rate, FDrive),
696         VMSTATE_END_OF_LIST()
697     }
698 };
699 
700 static const VMStateDescription vmstate_fdrive = {
701     .name = "fdrive",
702     .version_id = 1,
703     .minimum_version_id = 1,
704     .minimum_version_id_old = 1,
705     .fields      = (VMStateField[]) {
706         VMSTATE_UINT8(head, FDrive),
707         VMSTATE_UINT8(track, FDrive),
708         VMSTATE_UINT8(sect, FDrive),
709         VMSTATE_END_OF_LIST()
710     },
711     .subsections = (VMStateSubsection[]) {
712         {
713             .vmsd = &vmstate_fdrive_media_changed,
714             .needed = &fdrive_media_changed_needed,
715         } , {
716             .vmsd = &vmstate_fdrive_media_rate,
717             .needed = &fdrive_media_rate_needed,
718         } , {
719             /* empty */
720         }
721     }
722 };
723 
724 static void fdc_pre_save(void *opaque)
725 {
726     FDCtrl *s = opaque;
727 
728     s->dor_vmstate = s->dor | GET_CUR_DRV(s);
729 }
730 
731 static int fdc_post_load(void *opaque, int version_id)
732 {
733     FDCtrl *s = opaque;
734 
735     SET_CUR_DRV(s, s->dor_vmstate & FD_DOR_SELMASK);
736     s->dor = s->dor_vmstate & ~FD_DOR_SELMASK;
737     return 0;
738 }
739 
740 static const VMStateDescription vmstate_fdc = {
741     .name = "fdc",
742     .version_id = 2,
743     .minimum_version_id = 2,
744     .minimum_version_id_old = 2,
745     .pre_save = fdc_pre_save,
746     .post_load = fdc_post_load,
747     .fields      = (VMStateField []) {
748         /* Controller State */
749         VMSTATE_UINT8(sra, FDCtrl),
750         VMSTATE_UINT8(srb, FDCtrl),
751         VMSTATE_UINT8(dor_vmstate, FDCtrl),
752         VMSTATE_UINT8(tdr, FDCtrl),
753         VMSTATE_UINT8(dsr, FDCtrl),
754         VMSTATE_UINT8(msr, FDCtrl),
755         VMSTATE_UINT8(status0, FDCtrl),
756         VMSTATE_UINT8(status1, FDCtrl),
757         VMSTATE_UINT8(status2, FDCtrl),
758         /* Command FIFO */
759         VMSTATE_VARRAY_INT32(fifo, FDCtrl, fifo_size, 0, vmstate_info_uint8,
760                              uint8_t),
761         VMSTATE_UINT32(data_pos, FDCtrl),
762         VMSTATE_UINT32(data_len, FDCtrl),
763         VMSTATE_UINT8(data_state, FDCtrl),
764         VMSTATE_UINT8(data_dir, FDCtrl),
765         VMSTATE_UINT8(eot, FDCtrl),
766         /* States kept only to be returned back */
767         VMSTATE_UINT8(timer0, FDCtrl),
768         VMSTATE_UINT8(timer1, FDCtrl),
769         VMSTATE_UINT8(precomp_trk, FDCtrl),
770         VMSTATE_UINT8(config, FDCtrl),
771         VMSTATE_UINT8(lock, FDCtrl),
772         VMSTATE_UINT8(pwrd, FDCtrl),
773         VMSTATE_UINT8_EQUAL(num_floppies, FDCtrl),
774         VMSTATE_STRUCT_ARRAY(drives, FDCtrl, MAX_FD, 1,
775                              vmstate_fdrive, FDrive),
776         VMSTATE_END_OF_LIST()
777     }
778 };
779 
780 static void fdctrl_external_reset_sysbus(DeviceState *d)
781 {
782     FDCtrlSysBus *sys = SYSBUS_FDC(d);
783     FDCtrl *s = &sys->state;
784 
785     fdctrl_reset(s, 0);
786 }
787 
788 static void fdctrl_external_reset_isa(DeviceState *d)
789 {
790     FDCtrlISABus *isa = ISA_FDC(d);
791     FDCtrl *s = &isa->state;
792 
793     fdctrl_reset(s, 0);
794 }
795 
796 static void fdctrl_handle_tc(void *opaque, int irq, int level)
797 {
798     //FDCtrl *s = opaque;
799 
800     if (level) {
801         // XXX
802         FLOPPY_DPRINTF("TC pulsed\n");
803     }
804 }
805 
806 /* Change IRQ state */
807 static void fdctrl_reset_irq(FDCtrl *fdctrl)
808 {
809     fdctrl->status0 = 0;
810     if (!(fdctrl->sra & FD_SRA_INTPEND))
811         return;
812     FLOPPY_DPRINTF("Reset interrupt\n");
813     qemu_set_irq(fdctrl->irq, 0);
814     fdctrl->sra &= ~FD_SRA_INTPEND;
815 }
816 
817 static void fdctrl_raise_irq(FDCtrl *fdctrl)
818 {
819     /* Sparc mutation */
820     if (fdctrl->sun4m && (fdctrl->msr & FD_MSR_CMDBUSY)) {
821         /* XXX: not sure */
822         fdctrl->msr &= ~FD_MSR_CMDBUSY;
823         fdctrl->msr |= FD_MSR_RQM | FD_MSR_DIO;
824         return;
825     }
826     if (!(fdctrl->sra & FD_SRA_INTPEND)) {
827         qemu_set_irq(fdctrl->irq, 1);
828         fdctrl->sra |= FD_SRA_INTPEND;
829     }
830 
831     fdctrl->reset_sensei = 0;
832     FLOPPY_DPRINTF("Set interrupt status to 0x%02x\n", fdctrl->status0);
833 }
834 
835 /* Reset controller */
836 static void fdctrl_reset(FDCtrl *fdctrl, int do_irq)
837 {
838     int i;
839 
840     FLOPPY_DPRINTF("reset controller\n");
841     fdctrl_reset_irq(fdctrl);
842     /* Initialise controller */
843     fdctrl->sra = 0;
844     fdctrl->srb = 0xc0;
845     if (!fdctrl->drives[1].bs)
846         fdctrl->sra |= FD_SRA_nDRV2;
847     fdctrl->cur_drv = 0;
848     fdctrl->dor = FD_DOR_nRESET;
849     fdctrl->dor |= (fdctrl->dma_chann != -1) ? FD_DOR_DMAEN : 0;
850     fdctrl->msr = FD_MSR_RQM;
851     /* FIFO state */
852     fdctrl->data_pos = 0;
853     fdctrl->data_len = 0;
854     fdctrl->data_state = 0;
855     fdctrl->data_dir = FD_DIR_WRITE;
856     for (i = 0; i < MAX_FD; i++)
857         fd_recalibrate(&fdctrl->drives[i]);
858     fdctrl_reset_fifo(fdctrl);
859     if (do_irq) {
860         fdctrl->status0 |= FD_SR0_RDYCHG;
861         fdctrl_raise_irq(fdctrl);
862         fdctrl->reset_sensei = FD_RESET_SENSEI_COUNT;
863     }
864 }
865 
866 static inline FDrive *drv0(FDCtrl *fdctrl)
867 {
868     return &fdctrl->drives[(fdctrl->tdr & FD_TDR_BOOTSEL) >> 2];
869 }
870 
871 static inline FDrive *drv1(FDCtrl *fdctrl)
872 {
873     if ((fdctrl->tdr & FD_TDR_BOOTSEL) < (1 << 2))
874         return &fdctrl->drives[1];
875     else
876         return &fdctrl->drives[0];
877 }
878 
879 #if MAX_FD == 4
880 static inline FDrive *drv2(FDCtrl *fdctrl)
881 {
882     if ((fdctrl->tdr & FD_TDR_BOOTSEL) < (2 << 2))
883         return &fdctrl->drives[2];
884     else
885         return &fdctrl->drives[1];
886 }
887 
888 static inline FDrive *drv3(FDCtrl *fdctrl)
889 {
890     if ((fdctrl->tdr & FD_TDR_BOOTSEL) < (3 << 2))
891         return &fdctrl->drives[3];
892     else
893         return &fdctrl->drives[2];
894 }
895 #endif
896 
897 static FDrive *get_cur_drv(FDCtrl *fdctrl)
898 {
899     switch (fdctrl->cur_drv) {
900         case 0: return drv0(fdctrl);
901         case 1: return drv1(fdctrl);
902 #if MAX_FD == 4
903         case 2: return drv2(fdctrl);
904         case 3: return drv3(fdctrl);
905 #endif
906         default: return NULL;
907     }
908 }
909 
910 /* Status A register : 0x00 (read-only) */
911 static uint32_t fdctrl_read_statusA(FDCtrl *fdctrl)
912 {
913     uint32_t retval = fdctrl->sra;
914 
915     FLOPPY_DPRINTF("status register A: 0x%02x\n", retval);
916 
917     return retval;
918 }
919 
920 /* Status B register : 0x01 (read-only) */
921 static uint32_t fdctrl_read_statusB(FDCtrl *fdctrl)
922 {
923     uint32_t retval = fdctrl->srb;
924 
925     FLOPPY_DPRINTF("status register B: 0x%02x\n", retval);
926 
927     return retval;
928 }
929 
930 /* Digital output register : 0x02 */
931 static uint32_t fdctrl_read_dor(FDCtrl *fdctrl)
932 {
933     uint32_t retval = fdctrl->dor;
934 
935     /* Selected drive */
936     retval |= fdctrl->cur_drv;
937     FLOPPY_DPRINTF("digital output register: 0x%02x\n", retval);
938 
939     return retval;
940 }
941 
942 static void fdctrl_write_dor(FDCtrl *fdctrl, uint32_t value)
943 {
944     FLOPPY_DPRINTF("digital output register set to 0x%02x\n", value);
945 
946     /* Motors */
947     if (value & FD_DOR_MOTEN0)
948         fdctrl->srb |= FD_SRB_MTR0;
949     else
950         fdctrl->srb &= ~FD_SRB_MTR0;
951     if (value & FD_DOR_MOTEN1)
952         fdctrl->srb |= FD_SRB_MTR1;
953     else
954         fdctrl->srb &= ~FD_SRB_MTR1;
955 
956     /* Drive */
957     if (value & 1)
958         fdctrl->srb |= FD_SRB_DR0;
959     else
960         fdctrl->srb &= ~FD_SRB_DR0;
961 
962     /* Reset */
963     if (!(value & FD_DOR_nRESET)) {
964         if (fdctrl->dor & FD_DOR_nRESET) {
965             FLOPPY_DPRINTF("controller enter RESET state\n");
966         }
967     } else {
968         if (!(fdctrl->dor & FD_DOR_nRESET)) {
969             FLOPPY_DPRINTF("controller out of RESET state\n");
970             fdctrl_reset(fdctrl, 1);
971             fdctrl->dsr &= ~FD_DSR_PWRDOWN;
972         }
973     }
974     /* Selected drive */
975     fdctrl->cur_drv = value & FD_DOR_SELMASK;
976 
977     fdctrl->dor = value;
978 }
979 
980 /* Tape drive register : 0x03 */
981 static uint32_t fdctrl_read_tape(FDCtrl *fdctrl)
982 {
983     uint32_t retval = fdctrl->tdr;
984 
985     FLOPPY_DPRINTF("tape drive register: 0x%02x\n", retval);
986 
987     return retval;
988 }
989 
990 static void fdctrl_write_tape(FDCtrl *fdctrl, uint32_t value)
991 {
992     /* Reset mode */
993     if (!(fdctrl->dor & FD_DOR_nRESET)) {
994         FLOPPY_DPRINTF("Floppy controller in RESET state !\n");
995         return;
996     }
997     FLOPPY_DPRINTF("tape drive register set to 0x%02x\n", value);
998     /* Disk boot selection indicator */
999     fdctrl->tdr = value & FD_TDR_BOOTSEL;
1000     /* Tape indicators: never allow */
1001 }
1002 
1003 /* Main status register : 0x04 (read) */
1004 static uint32_t fdctrl_read_main_status(FDCtrl *fdctrl)
1005 {
1006     uint32_t retval = fdctrl->msr;
1007 
1008     fdctrl->dsr &= ~FD_DSR_PWRDOWN;
1009     fdctrl->dor |= FD_DOR_nRESET;
1010 
1011     /* Sparc mutation */
1012     if (fdctrl->sun4m) {
1013         retval |= FD_MSR_DIO;
1014         fdctrl_reset_irq(fdctrl);
1015     };
1016 
1017     FLOPPY_DPRINTF("main status register: 0x%02x\n", retval);
1018 
1019     return retval;
1020 }
1021 
1022 /* Data select rate register : 0x04 (write) */
1023 static void fdctrl_write_rate(FDCtrl *fdctrl, uint32_t value)
1024 {
1025     /* Reset mode */
1026     if (!(fdctrl->dor & FD_DOR_nRESET)) {
1027         FLOPPY_DPRINTF("Floppy controller in RESET state !\n");
1028         return;
1029     }
1030     FLOPPY_DPRINTF("select rate register set to 0x%02x\n", value);
1031     /* Reset: autoclear */
1032     if (value & FD_DSR_SWRESET) {
1033         fdctrl->dor &= ~FD_DOR_nRESET;
1034         fdctrl_reset(fdctrl, 1);
1035         fdctrl->dor |= FD_DOR_nRESET;
1036     }
1037     if (value & FD_DSR_PWRDOWN) {
1038         fdctrl_reset(fdctrl, 1);
1039     }
1040     fdctrl->dsr = value;
1041 }
1042 
1043 /* Configuration control register: 0x07 (write) */
1044 static void fdctrl_write_ccr(FDCtrl *fdctrl, uint32_t value)
1045 {
1046     /* Reset mode */
1047     if (!(fdctrl->dor & FD_DOR_nRESET)) {
1048         FLOPPY_DPRINTF("Floppy controller in RESET state !\n");
1049         return;
1050     }
1051     FLOPPY_DPRINTF("configuration control register set to 0x%02x\n", value);
1052 
1053     /* Only the rate selection bits used in AT mode, and we
1054      * store those in the DSR.
1055      */
1056     fdctrl->dsr = (fdctrl->dsr & ~FD_DSR_DRATEMASK) |
1057                   (value & FD_DSR_DRATEMASK);
1058 }
1059 
1060 static int fdctrl_media_changed(FDrive *drv)
1061 {
1062     return drv->media_changed;
1063 }
1064 
1065 /* Digital input register : 0x07 (read-only) */
1066 static uint32_t fdctrl_read_dir(FDCtrl *fdctrl)
1067 {
1068     uint32_t retval = 0;
1069 
1070     if (fdctrl_media_changed(get_cur_drv(fdctrl))) {
1071         retval |= FD_DIR_DSKCHG;
1072     }
1073     if (retval != 0) {
1074         FLOPPY_DPRINTF("Floppy digital input register: 0x%02x\n", retval);
1075     }
1076 
1077     return retval;
1078 }
1079 
1080 /* FIFO state control */
1081 static void fdctrl_reset_fifo(FDCtrl *fdctrl)
1082 {
1083     fdctrl->data_dir = FD_DIR_WRITE;
1084     fdctrl->data_pos = 0;
1085     fdctrl->msr &= ~(FD_MSR_CMDBUSY | FD_MSR_DIO);
1086 }
1087 
1088 /* Set FIFO status for the host to read */
1089 static void fdctrl_set_fifo(FDCtrl *fdctrl, int fifo_len)
1090 {
1091     fdctrl->data_dir = FD_DIR_READ;
1092     fdctrl->data_len = fifo_len;
1093     fdctrl->data_pos = 0;
1094     fdctrl->msr |= FD_MSR_CMDBUSY | FD_MSR_RQM | FD_MSR_DIO;
1095 }
1096 
1097 /* Set an error: unimplemented/unknown command */
1098 static void fdctrl_unimplemented(FDCtrl *fdctrl, int direction)
1099 {
1100     qemu_log_mask(LOG_UNIMP, "fdc: unimplemented command 0x%02x\n",
1101                   fdctrl->fifo[0]);
1102     fdctrl->fifo[0] = FD_SR0_INVCMD;
1103     fdctrl_set_fifo(fdctrl, 1);
1104 }
1105 
1106 /* Seek to next sector
1107  * returns 0 when end of track reached (for DBL_SIDES on head 1)
1108  * otherwise returns 1
1109  */
1110 static int fdctrl_seek_to_next_sect(FDCtrl *fdctrl, FDrive *cur_drv)
1111 {
1112     FLOPPY_DPRINTF("seek to next sector (%d %02x %02x => %d)\n",
1113                    cur_drv->head, cur_drv->track, cur_drv->sect,
1114                    fd_sector(cur_drv));
1115     /* XXX: cur_drv->sect >= cur_drv->last_sect should be an
1116        error in fact */
1117     uint8_t new_head = cur_drv->head;
1118     uint8_t new_track = cur_drv->track;
1119     uint8_t new_sect = cur_drv->sect;
1120 
1121     int ret = 1;
1122 
1123     if (new_sect >= cur_drv->last_sect ||
1124         new_sect == fdctrl->eot) {
1125         new_sect = 1;
1126         if (FD_MULTI_TRACK(fdctrl->data_state)) {
1127             if (new_head == 0 &&
1128                 (cur_drv->flags & FDISK_DBL_SIDES) != 0) {
1129                 new_head = 1;
1130             } else {
1131                 new_head = 0;
1132                 new_track++;
1133                 fdctrl->status0 |= FD_SR0_SEEK;
1134                 if ((cur_drv->flags & FDISK_DBL_SIDES) == 0) {
1135                     ret = 0;
1136                 }
1137             }
1138         } else {
1139             fdctrl->status0 |= FD_SR0_SEEK;
1140             new_track++;
1141             ret = 0;
1142         }
1143         if (ret == 1) {
1144             FLOPPY_DPRINTF("seek to next track (%d %02x %02x => %d)\n",
1145                     new_head, new_track, new_sect, fd_sector(cur_drv));
1146         }
1147     } else {
1148         new_sect++;
1149     }
1150     fd_seek(cur_drv, new_head, new_track, new_sect, 1);
1151     return ret;
1152 }
1153 
1154 /* Callback for transfer end (stop or abort) */
1155 static void fdctrl_stop_transfer(FDCtrl *fdctrl, uint8_t status0,
1156                                  uint8_t status1, uint8_t status2)
1157 {
1158     FDrive *cur_drv;
1159     cur_drv = get_cur_drv(fdctrl);
1160 
1161     fdctrl->status0 &= ~(FD_SR0_DS0 | FD_SR0_DS1 | FD_SR0_HEAD);
1162     fdctrl->status0 |= GET_CUR_DRV(fdctrl);
1163     if (cur_drv->head) {
1164         fdctrl->status0 |= FD_SR0_HEAD;
1165     }
1166     fdctrl->status0 |= status0;
1167 
1168     FLOPPY_DPRINTF("transfer status: %02x %02x %02x (%02x)\n",
1169                    status0, status1, status2, fdctrl->status0);
1170     fdctrl->fifo[0] = fdctrl->status0;
1171     fdctrl->fifo[1] = status1;
1172     fdctrl->fifo[2] = status2;
1173     fdctrl->fifo[3] = cur_drv->track;
1174     fdctrl->fifo[4] = cur_drv->head;
1175     fdctrl->fifo[5] = cur_drv->sect;
1176     fdctrl->fifo[6] = FD_SECTOR_SC;
1177     fdctrl->data_dir = FD_DIR_READ;
1178     if (!(fdctrl->msr & FD_MSR_NONDMA)) {
1179         DMA_release_DREQ(fdctrl->dma_chann);
1180     }
1181     fdctrl->msr |= FD_MSR_RQM | FD_MSR_DIO;
1182     fdctrl->msr &= ~FD_MSR_NONDMA;
1183 
1184     fdctrl_set_fifo(fdctrl, 7);
1185     fdctrl_raise_irq(fdctrl);
1186 }
1187 
1188 /* Prepare a data transfer (either DMA or FIFO) */
1189 static void fdctrl_start_transfer(FDCtrl *fdctrl, int direction)
1190 {
1191     FDrive *cur_drv;
1192     uint8_t kh, kt, ks;
1193 
1194     SET_CUR_DRV(fdctrl, fdctrl->fifo[1] & FD_DOR_SELMASK);
1195     cur_drv = get_cur_drv(fdctrl);
1196     kt = fdctrl->fifo[2];
1197     kh = fdctrl->fifo[3];
1198     ks = fdctrl->fifo[4];
1199     FLOPPY_DPRINTF("Start transfer at %d %d %02x %02x (%d)\n",
1200                    GET_CUR_DRV(fdctrl), kh, kt, ks,
1201                    fd_sector_calc(kh, kt, ks, cur_drv->last_sect,
1202                                   NUM_SIDES(cur_drv)));
1203     switch (fd_seek(cur_drv, kh, kt, ks, fdctrl->config & FD_CONFIG_EIS)) {
1204     case 2:
1205         /* sect too big */
1206         fdctrl_stop_transfer(fdctrl, FD_SR0_ABNTERM, 0x00, 0x00);
1207         fdctrl->fifo[3] = kt;
1208         fdctrl->fifo[4] = kh;
1209         fdctrl->fifo[5] = ks;
1210         return;
1211     case 3:
1212         /* track too big */
1213         fdctrl_stop_transfer(fdctrl, FD_SR0_ABNTERM, FD_SR1_EC, 0x00);
1214         fdctrl->fifo[3] = kt;
1215         fdctrl->fifo[4] = kh;
1216         fdctrl->fifo[5] = ks;
1217         return;
1218     case 4:
1219         /* No seek enabled */
1220         fdctrl_stop_transfer(fdctrl, FD_SR0_ABNTERM, 0x00, 0x00);
1221         fdctrl->fifo[3] = kt;
1222         fdctrl->fifo[4] = kh;
1223         fdctrl->fifo[5] = ks;
1224         return;
1225     case 1:
1226         fdctrl->status0 |= FD_SR0_SEEK;
1227         break;
1228     default:
1229         break;
1230     }
1231 
1232     /* Check the data rate. If the programmed data rate does not match
1233      * the currently inserted medium, the operation has to fail. */
1234     if (fdctrl->check_media_rate &&
1235         (fdctrl->dsr & FD_DSR_DRATEMASK) != cur_drv->media_rate) {
1236         FLOPPY_DPRINTF("data rate mismatch (fdc=%d, media=%d)\n",
1237                        fdctrl->dsr & FD_DSR_DRATEMASK, cur_drv->media_rate);
1238         fdctrl_stop_transfer(fdctrl, FD_SR0_ABNTERM, FD_SR1_MA, 0x00);
1239         fdctrl->fifo[3] = kt;
1240         fdctrl->fifo[4] = kh;
1241         fdctrl->fifo[5] = ks;
1242         return;
1243     }
1244 
1245     /* Set the FIFO state */
1246     fdctrl->data_dir = direction;
1247     fdctrl->data_pos = 0;
1248     assert(fdctrl->msr & FD_MSR_CMDBUSY);
1249     if (fdctrl->fifo[0] & 0x80)
1250         fdctrl->data_state |= FD_STATE_MULTI;
1251     else
1252         fdctrl->data_state &= ~FD_STATE_MULTI;
1253     if (fdctrl->fifo[5] == 0) {
1254         fdctrl->data_len = fdctrl->fifo[8];
1255     } else {
1256         int tmp;
1257         fdctrl->data_len = 128 << (fdctrl->fifo[5] > 7 ? 7 : fdctrl->fifo[5]);
1258         tmp = (fdctrl->fifo[6] - ks + 1);
1259         if (fdctrl->fifo[0] & 0x80)
1260             tmp += fdctrl->fifo[6];
1261         fdctrl->data_len *= tmp;
1262     }
1263     fdctrl->eot = fdctrl->fifo[6];
1264     if (fdctrl->dor & FD_DOR_DMAEN) {
1265         int dma_mode;
1266         /* DMA transfer are enabled. Check if DMA channel is well programmed */
1267         dma_mode = DMA_get_channel_mode(fdctrl->dma_chann);
1268         dma_mode = (dma_mode >> 2) & 3;
1269         FLOPPY_DPRINTF("dma_mode=%d direction=%d (%d - %d)\n",
1270                        dma_mode, direction,
1271                        (128 << fdctrl->fifo[5]) *
1272                        (cur_drv->last_sect - ks + 1), fdctrl->data_len);
1273         if (((direction == FD_DIR_SCANE || direction == FD_DIR_SCANL ||
1274               direction == FD_DIR_SCANH) && dma_mode == 0) ||
1275             (direction == FD_DIR_WRITE && dma_mode == 2) ||
1276             (direction == FD_DIR_READ && dma_mode == 1) ||
1277             (direction == FD_DIR_VERIFY)) {
1278             /* No access is allowed until DMA transfer has completed */
1279             fdctrl->msr &= ~FD_MSR_RQM;
1280             if (direction != FD_DIR_VERIFY) {
1281                 /* Now, we just have to wait for the DMA controller to
1282                  * recall us...
1283                  */
1284                 DMA_hold_DREQ(fdctrl->dma_chann);
1285                 DMA_schedule(fdctrl->dma_chann);
1286             } else {
1287                 /* Start transfer */
1288                 fdctrl_transfer_handler(fdctrl, fdctrl->dma_chann, 0,
1289                                         fdctrl->data_len);
1290             }
1291             return;
1292         } else {
1293             FLOPPY_DPRINTF("bad dma_mode=%d direction=%d\n", dma_mode,
1294                            direction);
1295         }
1296     }
1297     FLOPPY_DPRINTF("start non-DMA transfer\n");
1298     fdctrl->msr |= FD_MSR_NONDMA;
1299     if (direction != FD_DIR_WRITE)
1300         fdctrl->msr |= FD_MSR_DIO;
1301     /* IO based transfer: calculate len */
1302     fdctrl_raise_irq(fdctrl);
1303 }
1304 
1305 /* Prepare a transfer of deleted data */
1306 static void fdctrl_start_transfer_del(FDCtrl *fdctrl, int direction)
1307 {
1308     qemu_log_mask(LOG_UNIMP, "fdctrl_start_transfer_del() unimplemented\n");
1309 
1310     /* We don't handle deleted data,
1311      * so we don't return *ANYTHING*
1312      */
1313     fdctrl_stop_transfer(fdctrl, FD_SR0_ABNTERM | FD_SR0_SEEK, 0x00, 0x00);
1314 }
1315 
1316 /* handlers for DMA transfers */
1317 static int fdctrl_transfer_handler (void *opaque, int nchan,
1318                                     int dma_pos, int dma_len)
1319 {
1320     FDCtrl *fdctrl;
1321     FDrive *cur_drv;
1322     int len, start_pos, rel_pos;
1323     uint8_t status0 = 0x00, status1 = 0x00, status2 = 0x00;
1324 
1325     fdctrl = opaque;
1326     if (fdctrl->msr & FD_MSR_RQM) {
1327         FLOPPY_DPRINTF("Not in DMA transfer mode !\n");
1328         return 0;
1329     }
1330     cur_drv = get_cur_drv(fdctrl);
1331     if (fdctrl->data_dir == FD_DIR_SCANE || fdctrl->data_dir == FD_DIR_SCANL ||
1332         fdctrl->data_dir == FD_DIR_SCANH)
1333         status2 = FD_SR2_SNS;
1334     if (dma_len > fdctrl->data_len)
1335         dma_len = fdctrl->data_len;
1336     if (cur_drv->bs == NULL) {
1337         if (fdctrl->data_dir == FD_DIR_WRITE)
1338             fdctrl_stop_transfer(fdctrl, FD_SR0_ABNTERM | FD_SR0_SEEK, 0x00, 0x00);
1339         else
1340             fdctrl_stop_transfer(fdctrl, FD_SR0_ABNTERM, 0x00, 0x00);
1341         len = 0;
1342         goto transfer_error;
1343     }
1344     rel_pos = fdctrl->data_pos % FD_SECTOR_LEN;
1345     for (start_pos = fdctrl->data_pos; fdctrl->data_pos < dma_len;) {
1346         len = dma_len - fdctrl->data_pos;
1347         if (len + rel_pos > FD_SECTOR_LEN)
1348             len = FD_SECTOR_LEN - rel_pos;
1349         FLOPPY_DPRINTF("copy %d bytes (%d %d %d) %d pos %d %02x "
1350                        "(%d-0x%08x 0x%08x)\n", len, dma_len, fdctrl->data_pos,
1351                        fdctrl->data_len, GET_CUR_DRV(fdctrl), cur_drv->head,
1352                        cur_drv->track, cur_drv->sect, fd_sector(cur_drv),
1353                        fd_sector(cur_drv) * FD_SECTOR_LEN);
1354         if (fdctrl->data_dir != FD_DIR_WRITE ||
1355             len < FD_SECTOR_LEN || rel_pos != 0) {
1356             /* READ & SCAN commands and realign to a sector for WRITE */
1357             if (bdrv_read(cur_drv->bs, fd_sector(cur_drv),
1358                           fdctrl->fifo, 1) < 0) {
1359                 FLOPPY_DPRINTF("Floppy: error getting sector %d\n",
1360                                fd_sector(cur_drv));
1361                 /* Sure, image size is too small... */
1362                 memset(fdctrl->fifo, 0, FD_SECTOR_LEN);
1363             }
1364         }
1365         switch (fdctrl->data_dir) {
1366         case FD_DIR_READ:
1367             /* READ commands */
1368             DMA_write_memory (nchan, fdctrl->fifo + rel_pos,
1369                               fdctrl->data_pos, len);
1370             break;
1371         case FD_DIR_WRITE:
1372             /* WRITE commands */
1373             if (cur_drv->ro) {
1374                 /* Handle readonly medium early, no need to do DMA, touch the
1375                  * LED or attempt any writes. A real floppy doesn't attempt
1376                  * to write to readonly media either. */
1377                 fdctrl_stop_transfer(fdctrl,
1378                                      FD_SR0_ABNTERM | FD_SR0_SEEK, FD_SR1_NW,
1379                                      0x00);
1380                 goto transfer_error;
1381             }
1382 
1383             DMA_read_memory (nchan, fdctrl->fifo + rel_pos,
1384                              fdctrl->data_pos, len);
1385             if (bdrv_write(cur_drv->bs, fd_sector(cur_drv),
1386                            fdctrl->fifo, 1) < 0) {
1387                 FLOPPY_DPRINTF("error writing sector %d\n",
1388                                fd_sector(cur_drv));
1389                 fdctrl_stop_transfer(fdctrl, FD_SR0_ABNTERM | FD_SR0_SEEK, 0x00, 0x00);
1390                 goto transfer_error;
1391             }
1392             break;
1393         case FD_DIR_VERIFY:
1394             /* VERIFY commands */
1395             break;
1396         default:
1397             /* SCAN commands */
1398             {
1399                 uint8_t tmpbuf[FD_SECTOR_LEN];
1400                 int ret;
1401                 DMA_read_memory (nchan, tmpbuf, fdctrl->data_pos, len);
1402                 ret = memcmp(tmpbuf, fdctrl->fifo + rel_pos, len);
1403                 if (ret == 0) {
1404                     status2 = FD_SR2_SEH;
1405                     goto end_transfer;
1406                 }
1407                 if ((ret < 0 && fdctrl->data_dir == FD_DIR_SCANL) ||
1408                     (ret > 0 && fdctrl->data_dir == FD_DIR_SCANH)) {
1409                     status2 = 0x00;
1410                     goto end_transfer;
1411                 }
1412             }
1413             break;
1414         }
1415         fdctrl->data_pos += len;
1416         rel_pos = fdctrl->data_pos % FD_SECTOR_LEN;
1417         if (rel_pos == 0) {
1418             /* Seek to next sector */
1419             if (!fdctrl_seek_to_next_sect(fdctrl, cur_drv))
1420                 break;
1421         }
1422     }
1423  end_transfer:
1424     len = fdctrl->data_pos - start_pos;
1425     FLOPPY_DPRINTF("end transfer %d %d %d\n",
1426                    fdctrl->data_pos, len, fdctrl->data_len);
1427     if (fdctrl->data_dir == FD_DIR_SCANE ||
1428         fdctrl->data_dir == FD_DIR_SCANL ||
1429         fdctrl->data_dir == FD_DIR_SCANH)
1430         status2 = FD_SR2_SEH;
1431     fdctrl->data_len -= len;
1432     fdctrl_stop_transfer(fdctrl, status0, status1, status2);
1433  transfer_error:
1434 
1435     return len;
1436 }
1437 
1438 /* Data register : 0x05 */
1439 static uint32_t fdctrl_read_data(FDCtrl *fdctrl)
1440 {
1441     FDrive *cur_drv;
1442     uint32_t retval = 0;
1443     int pos;
1444 
1445     cur_drv = get_cur_drv(fdctrl);
1446     fdctrl->dsr &= ~FD_DSR_PWRDOWN;
1447     if (!(fdctrl->msr & FD_MSR_RQM) || !(fdctrl->msr & FD_MSR_DIO)) {
1448         FLOPPY_DPRINTF("error: controller not ready for reading\n");
1449         return 0;
1450     }
1451     pos = fdctrl->data_pos;
1452     if (fdctrl->msr & FD_MSR_NONDMA) {
1453         pos %= FD_SECTOR_LEN;
1454         if (pos == 0) {
1455             if (fdctrl->data_pos != 0)
1456                 if (!fdctrl_seek_to_next_sect(fdctrl, cur_drv)) {
1457                     FLOPPY_DPRINTF("error seeking to next sector %d\n",
1458                                    fd_sector(cur_drv));
1459                     return 0;
1460                 }
1461             if (bdrv_read(cur_drv->bs, fd_sector(cur_drv), fdctrl->fifo, 1) < 0) {
1462                 FLOPPY_DPRINTF("error getting sector %d\n",
1463                                fd_sector(cur_drv));
1464                 /* Sure, image size is too small... */
1465                 memset(fdctrl->fifo, 0, FD_SECTOR_LEN);
1466             }
1467         }
1468     }
1469     retval = fdctrl->fifo[pos];
1470     if (++fdctrl->data_pos == fdctrl->data_len) {
1471         fdctrl->data_pos = 0;
1472         /* Switch from transfer mode to status mode
1473          * then from status mode to command mode
1474          */
1475         if (fdctrl->msr & FD_MSR_NONDMA) {
1476             fdctrl_stop_transfer(fdctrl, 0x00, 0x00, 0x00);
1477         } else {
1478             fdctrl_reset_fifo(fdctrl);
1479             fdctrl_reset_irq(fdctrl);
1480         }
1481     }
1482     FLOPPY_DPRINTF("data register: 0x%02x\n", retval);
1483 
1484     return retval;
1485 }
1486 
1487 static void fdctrl_format_sector(FDCtrl *fdctrl)
1488 {
1489     FDrive *cur_drv;
1490     uint8_t kh, kt, ks;
1491 
1492     SET_CUR_DRV(fdctrl, fdctrl->fifo[1] & FD_DOR_SELMASK);
1493     cur_drv = get_cur_drv(fdctrl);
1494     kt = fdctrl->fifo[6];
1495     kh = fdctrl->fifo[7];
1496     ks = fdctrl->fifo[8];
1497     FLOPPY_DPRINTF("format sector at %d %d %02x %02x (%d)\n",
1498                    GET_CUR_DRV(fdctrl), kh, kt, ks,
1499                    fd_sector_calc(kh, kt, ks, cur_drv->last_sect,
1500                                   NUM_SIDES(cur_drv)));
1501     switch (fd_seek(cur_drv, kh, kt, ks, fdctrl->config & FD_CONFIG_EIS)) {
1502     case 2:
1503         /* sect too big */
1504         fdctrl_stop_transfer(fdctrl, FD_SR0_ABNTERM, 0x00, 0x00);
1505         fdctrl->fifo[3] = kt;
1506         fdctrl->fifo[4] = kh;
1507         fdctrl->fifo[5] = ks;
1508         return;
1509     case 3:
1510         /* track too big */
1511         fdctrl_stop_transfer(fdctrl, FD_SR0_ABNTERM, FD_SR1_EC, 0x00);
1512         fdctrl->fifo[3] = kt;
1513         fdctrl->fifo[4] = kh;
1514         fdctrl->fifo[5] = ks;
1515         return;
1516     case 4:
1517         /* No seek enabled */
1518         fdctrl_stop_transfer(fdctrl, FD_SR0_ABNTERM, 0x00, 0x00);
1519         fdctrl->fifo[3] = kt;
1520         fdctrl->fifo[4] = kh;
1521         fdctrl->fifo[5] = ks;
1522         return;
1523     case 1:
1524         fdctrl->status0 |= FD_SR0_SEEK;
1525         break;
1526     default:
1527         break;
1528     }
1529     memset(fdctrl->fifo, 0, FD_SECTOR_LEN);
1530     if (cur_drv->bs == NULL ||
1531         bdrv_write(cur_drv->bs, fd_sector(cur_drv), fdctrl->fifo, 1) < 0) {
1532         FLOPPY_DPRINTF("error formatting sector %d\n", fd_sector(cur_drv));
1533         fdctrl_stop_transfer(fdctrl, FD_SR0_ABNTERM | FD_SR0_SEEK, 0x00, 0x00);
1534     } else {
1535         if (cur_drv->sect == cur_drv->last_sect) {
1536             fdctrl->data_state &= ~FD_STATE_FORMAT;
1537             /* Last sector done */
1538             fdctrl_stop_transfer(fdctrl, 0x00, 0x00, 0x00);
1539         } else {
1540             /* More to do */
1541             fdctrl->data_pos = 0;
1542             fdctrl->data_len = 4;
1543         }
1544     }
1545 }
1546 
1547 static void fdctrl_handle_lock(FDCtrl *fdctrl, int direction)
1548 {
1549     fdctrl->lock = (fdctrl->fifo[0] & 0x80) ? 1 : 0;
1550     fdctrl->fifo[0] = fdctrl->lock << 4;
1551     fdctrl_set_fifo(fdctrl, 1);
1552 }
1553 
1554 static void fdctrl_handle_dumpreg(FDCtrl *fdctrl, int direction)
1555 {
1556     FDrive *cur_drv = get_cur_drv(fdctrl);
1557 
1558     /* Drives position */
1559     fdctrl->fifo[0] = drv0(fdctrl)->track;
1560     fdctrl->fifo[1] = drv1(fdctrl)->track;
1561 #if MAX_FD == 4
1562     fdctrl->fifo[2] = drv2(fdctrl)->track;
1563     fdctrl->fifo[3] = drv3(fdctrl)->track;
1564 #else
1565     fdctrl->fifo[2] = 0;
1566     fdctrl->fifo[3] = 0;
1567 #endif
1568     /* timers */
1569     fdctrl->fifo[4] = fdctrl->timer0;
1570     fdctrl->fifo[5] = (fdctrl->timer1 << 1) | (fdctrl->dor & FD_DOR_DMAEN ? 1 : 0);
1571     fdctrl->fifo[6] = cur_drv->last_sect;
1572     fdctrl->fifo[7] = (fdctrl->lock << 7) |
1573         (cur_drv->perpendicular << 2);
1574     fdctrl->fifo[8] = fdctrl->config;
1575     fdctrl->fifo[9] = fdctrl->precomp_trk;
1576     fdctrl_set_fifo(fdctrl, 10);
1577 }
1578 
1579 static void fdctrl_handle_version(FDCtrl *fdctrl, int direction)
1580 {
1581     /* Controller's version */
1582     fdctrl->fifo[0] = fdctrl->version;
1583     fdctrl_set_fifo(fdctrl, 1);
1584 }
1585 
1586 static void fdctrl_handle_partid(FDCtrl *fdctrl, int direction)
1587 {
1588     fdctrl->fifo[0] = 0x41; /* Stepping 1 */
1589     fdctrl_set_fifo(fdctrl, 1);
1590 }
1591 
1592 static void fdctrl_handle_restore(FDCtrl *fdctrl, int direction)
1593 {
1594     FDrive *cur_drv = get_cur_drv(fdctrl);
1595 
1596     /* Drives position */
1597     drv0(fdctrl)->track = fdctrl->fifo[3];
1598     drv1(fdctrl)->track = fdctrl->fifo[4];
1599 #if MAX_FD == 4
1600     drv2(fdctrl)->track = fdctrl->fifo[5];
1601     drv3(fdctrl)->track = fdctrl->fifo[6];
1602 #endif
1603     /* timers */
1604     fdctrl->timer0 = fdctrl->fifo[7];
1605     fdctrl->timer1 = fdctrl->fifo[8];
1606     cur_drv->last_sect = fdctrl->fifo[9];
1607     fdctrl->lock = fdctrl->fifo[10] >> 7;
1608     cur_drv->perpendicular = (fdctrl->fifo[10] >> 2) & 0xF;
1609     fdctrl->config = fdctrl->fifo[11];
1610     fdctrl->precomp_trk = fdctrl->fifo[12];
1611     fdctrl->pwrd = fdctrl->fifo[13];
1612     fdctrl_reset_fifo(fdctrl);
1613 }
1614 
1615 static void fdctrl_handle_save(FDCtrl *fdctrl, int direction)
1616 {
1617     FDrive *cur_drv = get_cur_drv(fdctrl);
1618 
1619     fdctrl->fifo[0] = 0;
1620     fdctrl->fifo[1] = 0;
1621     /* Drives position */
1622     fdctrl->fifo[2] = drv0(fdctrl)->track;
1623     fdctrl->fifo[3] = drv1(fdctrl)->track;
1624 #if MAX_FD == 4
1625     fdctrl->fifo[4] = drv2(fdctrl)->track;
1626     fdctrl->fifo[5] = drv3(fdctrl)->track;
1627 #else
1628     fdctrl->fifo[4] = 0;
1629     fdctrl->fifo[5] = 0;
1630 #endif
1631     /* timers */
1632     fdctrl->fifo[6] = fdctrl->timer0;
1633     fdctrl->fifo[7] = fdctrl->timer1;
1634     fdctrl->fifo[8] = cur_drv->last_sect;
1635     fdctrl->fifo[9] = (fdctrl->lock << 7) |
1636         (cur_drv->perpendicular << 2);
1637     fdctrl->fifo[10] = fdctrl->config;
1638     fdctrl->fifo[11] = fdctrl->precomp_trk;
1639     fdctrl->fifo[12] = fdctrl->pwrd;
1640     fdctrl->fifo[13] = 0;
1641     fdctrl->fifo[14] = 0;
1642     fdctrl_set_fifo(fdctrl, 15);
1643 }
1644 
1645 static void fdctrl_handle_readid(FDCtrl *fdctrl, int direction)
1646 {
1647     FDrive *cur_drv = get_cur_drv(fdctrl);
1648 
1649     cur_drv->head = (fdctrl->fifo[1] >> 2) & 1;
1650     qemu_mod_timer(fdctrl->result_timer,
1651                    qemu_get_clock_ns(vm_clock) + (get_ticks_per_sec() / 50));
1652 }
1653 
1654 static void fdctrl_handle_format_track(FDCtrl *fdctrl, int direction)
1655 {
1656     FDrive *cur_drv;
1657 
1658     SET_CUR_DRV(fdctrl, fdctrl->fifo[1] & FD_DOR_SELMASK);
1659     cur_drv = get_cur_drv(fdctrl);
1660     fdctrl->data_state |= FD_STATE_FORMAT;
1661     if (fdctrl->fifo[0] & 0x80)
1662         fdctrl->data_state |= FD_STATE_MULTI;
1663     else
1664         fdctrl->data_state &= ~FD_STATE_MULTI;
1665     cur_drv->bps =
1666         fdctrl->fifo[2] > 7 ? 16384 : 128 << fdctrl->fifo[2];
1667 #if 0
1668     cur_drv->last_sect =
1669         cur_drv->flags & FDISK_DBL_SIDES ? fdctrl->fifo[3] :
1670         fdctrl->fifo[3] / 2;
1671 #else
1672     cur_drv->last_sect = fdctrl->fifo[3];
1673 #endif
1674     /* TODO: implement format using DMA expected by the Bochs BIOS
1675      * and Linux fdformat (read 3 bytes per sector via DMA and fill
1676      * the sector with the specified fill byte
1677      */
1678     fdctrl->data_state &= ~FD_STATE_FORMAT;
1679     fdctrl_stop_transfer(fdctrl, 0x00, 0x00, 0x00);
1680 }
1681 
1682 static void fdctrl_handle_specify(FDCtrl *fdctrl, int direction)
1683 {
1684     fdctrl->timer0 = (fdctrl->fifo[1] >> 4) & 0xF;
1685     fdctrl->timer1 = fdctrl->fifo[2] >> 1;
1686     if (fdctrl->fifo[2] & 1)
1687         fdctrl->dor &= ~FD_DOR_DMAEN;
1688     else
1689         fdctrl->dor |= FD_DOR_DMAEN;
1690     /* No result back */
1691     fdctrl_reset_fifo(fdctrl);
1692 }
1693 
1694 static void fdctrl_handle_sense_drive_status(FDCtrl *fdctrl, int direction)
1695 {
1696     FDrive *cur_drv;
1697 
1698     SET_CUR_DRV(fdctrl, fdctrl->fifo[1] & FD_DOR_SELMASK);
1699     cur_drv = get_cur_drv(fdctrl);
1700     cur_drv->head = (fdctrl->fifo[1] >> 2) & 1;
1701     /* 1 Byte status back */
1702     fdctrl->fifo[0] = (cur_drv->ro << 6) |
1703         (cur_drv->track == 0 ? 0x10 : 0x00) |
1704         (cur_drv->head << 2) |
1705         GET_CUR_DRV(fdctrl) |
1706         0x28;
1707     fdctrl_set_fifo(fdctrl, 1);
1708 }
1709 
1710 static void fdctrl_handle_recalibrate(FDCtrl *fdctrl, int direction)
1711 {
1712     FDrive *cur_drv;
1713 
1714     SET_CUR_DRV(fdctrl, fdctrl->fifo[1] & FD_DOR_SELMASK);
1715     cur_drv = get_cur_drv(fdctrl);
1716     fd_recalibrate(cur_drv);
1717     fdctrl_reset_fifo(fdctrl);
1718     /* Raise Interrupt */
1719     fdctrl->status0 |= FD_SR0_SEEK;
1720     fdctrl_raise_irq(fdctrl);
1721 }
1722 
1723 static void fdctrl_handle_sense_interrupt_status(FDCtrl *fdctrl, int direction)
1724 {
1725     FDrive *cur_drv = get_cur_drv(fdctrl);
1726 
1727     if (fdctrl->reset_sensei > 0) {
1728         fdctrl->fifo[0] =
1729             FD_SR0_RDYCHG + FD_RESET_SENSEI_COUNT - fdctrl->reset_sensei;
1730         fdctrl->reset_sensei--;
1731     } else if (!(fdctrl->sra & FD_SRA_INTPEND)) {
1732         fdctrl->fifo[0] = FD_SR0_INVCMD;
1733         fdctrl_set_fifo(fdctrl, 1);
1734         return;
1735     } else {
1736         fdctrl->fifo[0] =
1737                 (fdctrl->status0 & ~(FD_SR0_HEAD | FD_SR0_DS1 | FD_SR0_DS0))
1738                 | GET_CUR_DRV(fdctrl);
1739     }
1740 
1741     fdctrl->fifo[1] = cur_drv->track;
1742     fdctrl_set_fifo(fdctrl, 2);
1743     fdctrl_reset_irq(fdctrl);
1744     fdctrl->status0 = FD_SR0_RDYCHG;
1745 }
1746 
1747 static void fdctrl_handle_seek(FDCtrl *fdctrl, int direction)
1748 {
1749     FDrive *cur_drv;
1750 
1751     SET_CUR_DRV(fdctrl, fdctrl->fifo[1] & FD_DOR_SELMASK);
1752     cur_drv = get_cur_drv(fdctrl);
1753     fdctrl_reset_fifo(fdctrl);
1754     /* The seek command just sends step pulses to the drive and doesn't care if
1755      * there is a medium inserted of if it's banging the head against the drive.
1756      */
1757     fd_seek(cur_drv, cur_drv->head, fdctrl->fifo[2], cur_drv->sect, 1);
1758     /* Raise Interrupt */
1759     fdctrl->status0 |= FD_SR0_SEEK;
1760     fdctrl_raise_irq(fdctrl);
1761 }
1762 
1763 static void fdctrl_handle_perpendicular_mode(FDCtrl *fdctrl, int direction)
1764 {
1765     FDrive *cur_drv = get_cur_drv(fdctrl);
1766 
1767     if (fdctrl->fifo[1] & 0x80)
1768         cur_drv->perpendicular = fdctrl->fifo[1] & 0x7;
1769     /* No result back */
1770     fdctrl_reset_fifo(fdctrl);
1771 }
1772 
1773 static void fdctrl_handle_configure(FDCtrl *fdctrl, int direction)
1774 {
1775     fdctrl->config = fdctrl->fifo[2];
1776     fdctrl->precomp_trk =  fdctrl->fifo[3];
1777     /* No result back */
1778     fdctrl_reset_fifo(fdctrl);
1779 }
1780 
1781 static void fdctrl_handle_powerdown_mode(FDCtrl *fdctrl, int direction)
1782 {
1783     fdctrl->pwrd = fdctrl->fifo[1];
1784     fdctrl->fifo[0] = fdctrl->fifo[1];
1785     fdctrl_set_fifo(fdctrl, 1);
1786 }
1787 
1788 static void fdctrl_handle_option(FDCtrl *fdctrl, int direction)
1789 {
1790     /* No result back */
1791     fdctrl_reset_fifo(fdctrl);
1792 }
1793 
1794 static void fdctrl_handle_drive_specification_command(FDCtrl *fdctrl, int direction)
1795 {
1796     FDrive *cur_drv = get_cur_drv(fdctrl);
1797 
1798     if (fdctrl->fifo[fdctrl->data_pos - 1] & 0x80) {
1799         /* Command parameters done */
1800         if (fdctrl->fifo[fdctrl->data_pos - 1] & 0x40) {
1801             fdctrl->fifo[0] = fdctrl->fifo[1];
1802             fdctrl->fifo[2] = 0;
1803             fdctrl->fifo[3] = 0;
1804             fdctrl_set_fifo(fdctrl, 4);
1805         } else {
1806             fdctrl_reset_fifo(fdctrl);
1807         }
1808     } else if (fdctrl->data_len > 7) {
1809         /* ERROR */
1810         fdctrl->fifo[0] = 0x80 |
1811             (cur_drv->head << 2) | GET_CUR_DRV(fdctrl);
1812         fdctrl_set_fifo(fdctrl, 1);
1813     }
1814 }
1815 
1816 static void fdctrl_handle_relative_seek_in(FDCtrl *fdctrl, int direction)
1817 {
1818     FDrive *cur_drv;
1819 
1820     SET_CUR_DRV(fdctrl, fdctrl->fifo[1] & FD_DOR_SELMASK);
1821     cur_drv = get_cur_drv(fdctrl);
1822     if (fdctrl->fifo[2] + cur_drv->track >= cur_drv->max_track) {
1823         fd_seek(cur_drv, cur_drv->head, cur_drv->max_track - 1,
1824                 cur_drv->sect, 1);
1825     } else {
1826         fd_seek(cur_drv, cur_drv->head,
1827                 cur_drv->track + fdctrl->fifo[2], cur_drv->sect, 1);
1828     }
1829     fdctrl_reset_fifo(fdctrl);
1830     /* Raise Interrupt */
1831     fdctrl->status0 |= FD_SR0_SEEK;
1832     fdctrl_raise_irq(fdctrl);
1833 }
1834 
1835 static void fdctrl_handle_relative_seek_out(FDCtrl *fdctrl, int direction)
1836 {
1837     FDrive *cur_drv;
1838 
1839     SET_CUR_DRV(fdctrl, fdctrl->fifo[1] & FD_DOR_SELMASK);
1840     cur_drv = get_cur_drv(fdctrl);
1841     if (fdctrl->fifo[2] > cur_drv->track) {
1842         fd_seek(cur_drv, cur_drv->head, 0, cur_drv->sect, 1);
1843     } else {
1844         fd_seek(cur_drv, cur_drv->head,
1845                 cur_drv->track - fdctrl->fifo[2], cur_drv->sect, 1);
1846     }
1847     fdctrl_reset_fifo(fdctrl);
1848     /* Raise Interrupt */
1849     fdctrl->status0 |= FD_SR0_SEEK;
1850     fdctrl_raise_irq(fdctrl);
1851 }
1852 
1853 static const struct {
1854     uint8_t value;
1855     uint8_t mask;
1856     const char* name;
1857     int parameters;
1858     void (*handler)(FDCtrl *fdctrl, int direction);
1859     int direction;
1860 } handlers[] = {
1861     { FD_CMD_READ, 0x1f, "READ", 8, fdctrl_start_transfer, FD_DIR_READ },
1862     { FD_CMD_WRITE, 0x3f, "WRITE", 8, fdctrl_start_transfer, FD_DIR_WRITE },
1863     { FD_CMD_SEEK, 0xff, "SEEK", 2, fdctrl_handle_seek },
1864     { FD_CMD_SENSE_INTERRUPT_STATUS, 0xff, "SENSE INTERRUPT STATUS", 0, fdctrl_handle_sense_interrupt_status },
1865     { FD_CMD_RECALIBRATE, 0xff, "RECALIBRATE", 1, fdctrl_handle_recalibrate },
1866     { FD_CMD_FORMAT_TRACK, 0xbf, "FORMAT TRACK", 5, fdctrl_handle_format_track },
1867     { FD_CMD_READ_TRACK, 0xbf, "READ TRACK", 8, fdctrl_start_transfer, FD_DIR_READ },
1868     { FD_CMD_RESTORE, 0xff, "RESTORE", 17, fdctrl_handle_restore }, /* part of READ DELETED DATA */
1869     { FD_CMD_SAVE, 0xff, "SAVE", 0, fdctrl_handle_save }, /* part of READ DELETED DATA */
1870     { FD_CMD_READ_DELETED, 0x1f, "READ DELETED DATA", 8, fdctrl_start_transfer_del, FD_DIR_READ },
1871     { FD_CMD_SCAN_EQUAL, 0x1f, "SCAN EQUAL", 8, fdctrl_start_transfer, FD_DIR_SCANE },
1872     { FD_CMD_VERIFY, 0x1f, "VERIFY", 8, fdctrl_start_transfer, FD_DIR_VERIFY },
1873     { FD_CMD_SCAN_LOW_OR_EQUAL, 0x1f, "SCAN LOW OR EQUAL", 8, fdctrl_start_transfer, FD_DIR_SCANL },
1874     { FD_CMD_SCAN_HIGH_OR_EQUAL, 0x1f, "SCAN HIGH OR EQUAL", 8, fdctrl_start_transfer, FD_DIR_SCANH },
1875     { FD_CMD_WRITE_DELETED, 0x3f, "WRITE DELETED DATA", 8, fdctrl_start_transfer_del, FD_DIR_WRITE },
1876     { FD_CMD_READ_ID, 0xbf, "READ ID", 1, fdctrl_handle_readid },
1877     { FD_CMD_SPECIFY, 0xff, "SPECIFY", 2, fdctrl_handle_specify },
1878     { FD_CMD_SENSE_DRIVE_STATUS, 0xff, "SENSE DRIVE STATUS", 1, fdctrl_handle_sense_drive_status },
1879     { FD_CMD_PERPENDICULAR_MODE, 0xff, "PERPENDICULAR MODE", 1, fdctrl_handle_perpendicular_mode },
1880     { FD_CMD_CONFIGURE, 0xff, "CONFIGURE", 3, fdctrl_handle_configure },
1881     { FD_CMD_POWERDOWN_MODE, 0xff, "POWERDOWN MODE", 2, fdctrl_handle_powerdown_mode },
1882     { FD_CMD_OPTION, 0xff, "OPTION", 1, fdctrl_handle_option },
1883     { FD_CMD_DRIVE_SPECIFICATION_COMMAND, 0xff, "DRIVE SPECIFICATION COMMAND", 5, fdctrl_handle_drive_specification_command },
1884     { FD_CMD_RELATIVE_SEEK_OUT, 0xff, "RELATIVE SEEK OUT", 2, fdctrl_handle_relative_seek_out },
1885     { FD_CMD_FORMAT_AND_WRITE, 0xff, "FORMAT AND WRITE", 10, fdctrl_unimplemented },
1886     { FD_CMD_RELATIVE_SEEK_IN, 0xff, "RELATIVE SEEK IN", 2, fdctrl_handle_relative_seek_in },
1887     { FD_CMD_LOCK, 0x7f, "LOCK", 0, fdctrl_handle_lock },
1888     { FD_CMD_DUMPREG, 0xff, "DUMPREG", 0, fdctrl_handle_dumpreg },
1889     { FD_CMD_VERSION, 0xff, "VERSION", 0, fdctrl_handle_version },
1890     { FD_CMD_PART_ID, 0xff, "PART ID", 0, fdctrl_handle_partid },
1891     { FD_CMD_WRITE, 0x1f, "WRITE (BeOS)", 8, fdctrl_start_transfer, FD_DIR_WRITE }, /* not in specification ; BeOS 4.5 bug */
1892     { 0, 0, "unknown", 0, fdctrl_unimplemented }, /* default handler */
1893 };
1894 /* Associate command to an index in the 'handlers' array */
1895 static uint8_t command_to_handler[256];
1896 
1897 static void fdctrl_write_data(FDCtrl *fdctrl, uint32_t value)
1898 {
1899     FDrive *cur_drv;
1900     int pos;
1901 
1902     /* Reset mode */
1903     if (!(fdctrl->dor & FD_DOR_nRESET)) {
1904         FLOPPY_DPRINTF("Floppy controller in RESET state !\n");
1905         return;
1906     }
1907     if (!(fdctrl->msr & FD_MSR_RQM) || (fdctrl->msr & FD_MSR_DIO)) {
1908         FLOPPY_DPRINTF("error: controller not ready for writing\n");
1909         return;
1910     }
1911     fdctrl->dsr &= ~FD_DSR_PWRDOWN;
1912     /* Is it write command time ? */
1913     if (fdctrl->msr & FD_MSR_NONDMA) {
1914         /* FIFO data write */
1915         pos = fdctrl->data_pos++;
1916         pos %= FD_SECTOR_LEN;
1917         fdctrl->fifo[pos] = value;
1918         if (pos == FD_SECTOR_LEN - 1 ||
1919             fdctrl->data_pos == fdctrl->data_len) {
1920             cur_drv = get_cur_drv(fdctrl);
1921             if (bdrv_write(cur_drv->bs, fd_sector(cur_drv), fdctrl->fifo, 1) < 0) {
1922                 FLOPPY_DPRINTF("error writing sector %d\n",
1923                                fd_sector(cur_drv));
1924                 return;
1925             }
1926             if (!fdctrl_seek_to_next_sect(fdctrl, cur_drv)) {
1927                 FLOPPY_DPRINTF("error seeking to next sector %d\n",
1928                                fd_sector(cur_drv));
1929                 return;
1930             }
1931         }
1932         /* Switch from transfer mode to status mode
1933          * then from status mode to command mode
1934          */
1935         if (fdctrl->data_pos == fdctrl->data_len)
1936             fdctrl_stop_transfer(fdctrl, 0x00, 0x00, 0x00);
1937         return;
1938     }
1939     if (fdctrl->data_pos == 0) {
1940         /* Command */
1941         pos = command_to_handler[value & 0xff];
1942         FLOPPY_DPRINTF("%s command\n", handlers[pos].name);
1943         fdctrl->data_len = handlers[pos].parameters + 1;
1944         fdctrl->msr |= FD_MSR_CMDBUSY;
1945     }
1946 
1947     FLOPPY_DPRINTF("%s: %02x\n", __func__, value);
1948     fdctrl->fifo[fdctrl->data_pos++] = value;
1949     if (fdctrl->data_pos == fdctrl->data_len) {
1950         /* We now have all parameters
1951          * and will be able to treat the command
1952          */
1953         if (fdctrl->data_state & FD_STATE_FORMAT) {
1954             fdctrl_format_sector(fdctrl);
1955             return;
1956         }
1957 
1958         pos = command_to_handler[fdctrl->fifo[0] & 0xff];
1959         FLOPPY_DPRINTF("treat %s command\n", handlers[pos].name);
1960         (*handlers[pos].handler)(fdctrl, handlers[pos].direction);
1961     }
1962 }
1963 
1964 static void fdctrl_result_timer(void *opaque)
1965 {
1966     FDCtrl *fdctrl = opaque;
1967     FDrive *cur_drv = get_cur_drv(fdctrl);
1968 
1969     /* Pretend we are spinning.
1970      * This is needed for Coherent, which uses READ ID to check for
1971      * sector interleaving.
1972      */
1973     if (cur_drv->last_sect != 0) {
1974         cur_drv->sect = (cur_drv->sect % cur_drv->last_sect) + 1;
1975     }
1976     /* READ_ID can't automatically succeed! */
1977     if (fdctrl->check_media_rate &&
1978         (fdctrl->dsr & FD_DSR_DRATEMASK) != cur_drv->media_rate) {
1979         FLOPPY_DPRINTF("read id rate mismatch (fdc=%d, media=%d)\n",
1980                        fdctrl->dsr & FD_DSR_DRATEMASK, cur_drv->media_rate);
1981         fdctrl_stop_transfer(fdctrl, FD_SR0_ABNTERM, FD_SR1_MA, 0x00);
1982     } else {
1983         fdctrl_stop_transfer(fdctrl, 0x00, 0x00, 0x00);
1984     }
1985 }
1986 
1987 static void fdctrl_change_cb(void *opaque, bool load)
1988 {
1989     FDrive *drive = opaque;
1990 
1991     drive->media_changed = 1;
1992     fd_revalidate(drive);
1993 }
1994 
1995 static const BlockDevOps fdctrl_block_ops = {
1996     .change_media_cb = fdctrl_change_cb,
1997 };
1998 
1999 /* Init functions */
2000 static void fdctrl_connect_drives(FDCtrl *fdctrl, Error **errp)
2001 {
2002     unsigned int i;
2003     FDrive *drive;
2004 
2005     for (i = 0; i < MAX_FD; i++) {
2006         drive = &fdctrl->drives[i];
2007         drive->fdctrl = fdctrl;
2008 
2009         if (drive->bs) {
2010             if (bdrv_get_on_error(drive->bs, 0) != BLOCKDEV_ON_ERROR_ENOSPC) {
2011                 error_setg(errp, "fdc doesn't support drive option werror");
2012                 return;
2013             }
2014             if (bdrv_get_on_error(drive->bs, 1) != BLOCKDEV_ON_ERROR_REPORT) {
2015                 error_setg(errp, "fdc doesn't support drive option rerror");
2016                 return;
2017             }
2018         }
2019 
2020         fd_init(drive);
2021         fdctrl_change_cb(drive, 0);
2022         if (drive->bs) {
2023             bdrv_set_dev_ops(drive->bs, &fdctrl_block_ops, drive);
2024         }
2025     }
2026 }
2027 
2028 ISADevice *fdctrl_init_isa(ISABus *bus, DriveInfo **fds)
2029 {
2030     DeviceState *dev;
2031     ISADevice *isadev;
2032 
2033     isadev = isa_try_create(bus, TYPE_ISA_FDC);
2034     if (!isadev) {
2035         return NULL;
2036     }
2037     dev = DEVICE(isadev);
2038 
2039     if (fds[0]) {
2040         qdev_prop_set_drive_nofail(dev, "driveA", fds[0]->bdrv);
2041     }
2042     if (fds[1]) {
2043         qdev_prop_set_drive_nofail(dev, "driveB", fds[1]->bdrv);
2044     }
2045     qdev_init_nofail(dev);
2046 
2047     return isadev;
2048 }
2049 
2050 void fdctrl_init_sysbus(qemu_irq irq, int dma_chann,
2051                         hwaddr mmio_base, DriveInfo **fds)
2052 {
2053     FDCtrl *fdctrl;
2054     DeviceState *dev;
2055     SysBusDevice *sbd;
2056     FDCtrlSysBus *sys;
2057 
2058     dev = qdev_create(NULL, TYPE_SYSBUS_FDC);
2059     sys = SYSBUS_FDC(dev);
2060     fdctrl = &sys->state;
2061     fdctrl->dma_chann = dma_chann; /* FIXME */
2062     if (fds[0]) {
2063         qdev_prop_set_drive_nofail(dev, "driveA", fds[0]->bdrv);
2064     }
2065     if (fds[1]) {
2066         qdev_prop_set_drive_nofail(dev, "driveB", fds[1]->bdrv);
2067     }
2068     qdev_init_nofail(dev);
2069     sbd = SYS_BUS_DEVICE(dev);
2070     sysbus_connect_irq(sbd, 0, irq);
2071     sysbus_mmio_map(sbd, 0, mmio_base);
2072 }
2073 
2074 void sun4m_fdctrl_init(qemu_irq irq, hwaddr io_base,
2075                        DriveInfo **fds, qemu_irq *fdc_tc)
2076 {
2077     DeviceState *dev;
2078     FDCtrlSysBus *sys;
2079 
2080     dev = qdev_create(NULL, "SUNW,fdtwo");
2081     if (fds[0]) {
2082         qdev_prop_set_drive_nofail(dev, "drive", fds[0]->bdrv);
2083     }
2084     qdev_init_nofail(dev);
2085     sys = SYSBUS_FDC(dev);
2086     sysbus_connect_irq(SYS_BUS_DEVICE(sys), 0, irq);
2087     sysbus_mmio_map(SYS_BUS_DEVICE(sys), 0, io_base);
2088     *fdc_tc = qdev_get_gpio_in(dev, 0);
2089 }
2090 
2091 static void fdctrl_realize_common(FDCtrl *fdctrl, Error **errp)
2092 {
2093     int i, j;
2094     static int command_tables_inited = 0;
2095 
2096     /* Fill 'command_to_handler' lookup table */
2097     if (!command_tables_inited) {
2098         command_tables_inited = 1;
2099         for (i = ARRAY_SIZE(handlers) - 1; i >= 0; i--) {
2100             for (j = 0; j < sizeof(command_to_handler); j++) {
2101                 if ((j & handlers[i].mask) == handlers[i].value) {
2102                     command_to_handler[j] = i;
2103                 }
2104             }
2105         }
2106     }
2107 
2108     FLOPPY_DPRINTF("init controller\n");
2109     fdctrl->fifo = qemu_memalign(512, FD_SECTOR_LEN);
2110     fdctrl->fifo_size = 512;
2111     fdctrl->result_timer = qemu_new_timer_ns(vm_clock,
2112                                              fdctrl_result_timer, fdctrl);
2113 
2114     fdctrl->version = 0x90; /* Intel 82078 controller */
2115     fdctrl->config = FD_CONFIG_EIS | FD_CONFIG_EFIFO; /* Implicit seek, polling & FIFO enabled */
2116     fdctrl->num_floppies = MAX_FD;
2117 
2118     if (fdctrl->dma_chann != -1) {
2119         DMA_register_channel(fdctrl->dma_chann, &fdctrl_transfer_handler, fdctrl);
2120     }
2121     fdctrl_connect_drives(fdctrl, errp);
2122 }
2123 
2124 static const MemoryRegionPortio fdc_portio_list[] = {
2125     { 1, 5, 1, .read = fdctrl_read, .write = fdctrl_write },
2126     { 7, 1, 1, .read = fdctrl_read, .write = fdctrl_write },
2127     PORTIO_END_OF_LIST(),
2128 };
2129 
2130 static void isabus_fdc_realize(DeviceState *dev, Error **errp)
2131 {
2132     ISADevice *isadev = ISA_DEVICE(dev);
2133     FDCtrlISABus *isa = ISA_FDC(dev);
2134     FDCtrl *fdctrl = &isa->state;
2135     Error *err = NULL;
2136 
2137     isa_register_portio_list(isadev, isa->iobase, fdc_portio_list, fdctrl,
2138                              "fdc");
2139 
2140     isa_init_irq(isadev, &fdctrl->irq, isa->irq);
2141     fdctrl->dma_chann = isa->dma;
2142 
2143     qdev_set_legacy_instance_id(dev, isa->iobase, 2);
2144     fdctrl_realize_common(fdctrl, &err);
2145     if (err != NULL) {
2146         error_propagate(errp, err);
2147         return;
2148     }
2149 
2150     add_boot_device_path(isa->bootindexA, dev, "/floppy@0");
2151     add_boot_device_path(isa->bootindexB, dev, "/floppy@1");
2152 }
2153 
2154 static void sysbus_fdc_initfn(Object *obj)
2155 {
2156     FDCtrlSysBus *sys = SYSBUS_FDC(obj);
2157     FDCtrl *fdctrl = &sys->state;
2158 
2159     memory_region_init_io(&fdctrl->iomem, obj, &fdctrl_mem_ops, fdctrl,
2160                           "fdc", 0x08);
2161 }
2162 
2163 static void sysbus_fdc_realize(DeviceState *dev, Error **errp)
2164 {
2165     FDCtrlSysBus *sys = SYSBUS_FDC(dev);
2166     FDCtrl *fdctrl = &sys->state;
2167     SysBusDevice *b = SYS_BUS_DEVICE(dev);
2168     Error *err = NULL;
2169 
2170     sysbus_init_mmio(b, &fdctrl->iomem);
2171     sysbus_init_irq(b, &fdctrl->irq);
2172     qdev_init_gpio_in(dev, fdctrl_handle_tc, 1);
2173     fdctrl->dma_chann = -1;
2174 
2175     qdev_set_legacy_instance_id(dev, 0 /* io */, 2); /* FIXME */
2176     fdctrl_realize_common(fdctrl, &err);
2177     if (err != NULL) {
2178         error_propagate(errp, err);
2179         return;
2180     }
2181 }
2182 
2183 static void sun4m_fdc_initfn(Object *obj)
2184 {
2185     FDCtrlSysBus *sys = SYSBUS_FDC(obj);
2186     FDCtrl *fdctrl = &sys->state;
2187 
2188     memory_region_init_io(&fdctrl->iomem, obj, &fdctrl_mem_strict_ops,
2189                           fdctrl, "fdctrl", 0x08);
2190 }
2191 
2192 static void sun4m_fdc_realize(DeviceState *dev, Error **errp)
2193 {
2194     FDCtrlSysBus *sys = SYSBUS_FDC(dev);
2195     FDCtrl *fdctrl = &sys->state;
2196     SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
2197     Error *err = NULL;
2198 
2199     sysbus_init_mmio(sbd, &fdctrl->iomem);
2200     sysbus_init_irq(sbd, &fdctrl->irq);
2201     qdev_init_gpio_in(dev, fdctrl_handle_tc, 1);
2202 
2203     fdctrl->sun4m = 1;
2204     qdev_set_legacy_instance_id(dev, 0 /* io */, 2); /* FIXME */
2205     fdctrl_realize_common(fdctrl, &err);
2206     if (err != NULL) {
2207         error_propagate(errp, err);
2208         return;
2209     }
2210 }
2211 
2212 FDriveType isa_fdc_get_drive_type(ISADevice *fdc, int i)
2213 {
2214     FDCtrlISABus *isa = ISA_FDC(fdc);
2215 
2216     return isa->state.drives[i].drive;
2217 }
2218 
2219 static const VMStateDescription vmstate_isa_fdc ={
2220     .name = "fdc",
2221     .version_id = 2,
2222     .minimum_version_id = 2,
2223     .fields = (VMStateField []) {
2224         VMSTATE_STRUCT(state, FDCtrlISABus, 0, vmstate_fdc, FDCtrl),
2225         VMSTATE_END_OF_LIST()
2226     }
2227 };
2228 
2229 static Property isa_fdc_properties[] = {
2230     DEFINE_PROP_HEX32("iobase", FDCtrlISABus, iobase, 0x3f0),
2231     DEFINE_PROP_UINT32("irq", FDCtrlISABus, irq, 6),
2232     DEFINE_PROP_UINT32("dma", FDCtrlISABus, dma, 2),
2233     DEFINE_PROP_DRIVE("driveA", FDCtrlISABus, state.drives[0].bs),
2234     DEFINE_PROP_DRIVE("driveB", FDCtrlISABus, state.drives[1].bs),
2235     DEFINE_PROP_INT32("bootindexA", FDCtrlISABus, bootindexA, -1),
2236     DEFINE_PROP_INT32("bootindexB", FDCtrlISABus, bootindexB, -1),
2237     DEFINE_PROP_BIT("check_media_rate", FDCtrlISABus, state.check_media_rate,
2238                     0, true),
2239     DEFINE_PROP_END_OF_LIST(),
2240 };
2241 
2242 static void isabus_fdc_class_init(ObjectClass *klass, void *data)
2243 {
2244     DeviceClass *dc = DEVICE_CLASS(klass);
2245 
2246     dc->realize = isabus_fdc_realize;
2247     dc->fw_name = "fdc";
2248     dc->no_user = 1;
2249     dc->reset = fdctrl_external_reset_isa;
2250     dc->vmsd = &vmstate_isa_fdc;
2251     dc->props = isa_fdc_properties;
2252 }
2253 
2254 static const TypeInfo isa_fdc_info = {
2255     .name          = TYPE_ISA_FDC,
2256     .parent        = TYPE_ISA_DEVICE,
2257     .instance_size = sizeof(FDCtrlISABus),
2258     .class_init    = isabus_fdc_class_init,
2259 };
2260 
2261 static const VMStateDescription vmstate_sysbus_fdc ={
2262     .name = "fdc",
2263     .version_id = 2,
2264     .minimum_version_id = 2,
2265     .fields = (VMStateField []) {
2266         VMSTATE_STRUCT(state, FDCtrlSysBus, 0, vmstate_fdc, FDCtrl),
2267         VMSTATE_END_OF_LIST()
2268     }
2269 };
2270 
2271 static Property sysbus_fdc_properties[] = {
2272     DEFINE_PROP_DRIVE("driveA", FDCtrlSysBus, state.drives[0].bs),
2273     DEFINE_PROP_DRIVE("driveB", FDCtrlSysBus, state.drives[1].bs),
2274     DEFINE_PROP_END_OF_LIST(),
2275 };
2276 
2277 static void sysbus_fdc_class_init(ObjectClass *klass, void *data)
2278 {
2279     DeviceClass *dc = DEVICE_CLASS(klass);
2280 
2281     dc->realize = sysbus_fdc_realize;
2282     dc->reset = fdctrl_external_reset_sysbus;
2283     dc->vmsd = &vmstate_sysbus_fdc;
2284     dc->props = sysbus_fdc_properties;
2285 }
2286 
2287 static const TypeInfo sysbus_fdc_info = {
2288     .name          = TYPE_SYSBUS_FDC,
2289     .parent        = TYPE_SYS_BUS_DEVICE,
2290     .instance_size = sizeof(FDCtrlSysBus),
2291     .instance_init = sysbus_fdc_initfn,
2292     .class_init    = sysbus_fdc_class_init,
2293 };
2294 
2295 static Property sun4m_fdc_properties[] = {
2296     DEFINE_PROP_DRIVE("drive", FDCtrlSysBus, state.drives[0].bs),
2297     DEFINE_PROP_END_OF_LIST(),
2298 };
2299 
2300 static void sun4m_fdc_class_init(ObjectClass *klass, void *data)
2301 {
2302     DeviceClass *dc = DEVICE_CLASS(klass);
2303 
2304     dc->realize = sun4m_fdc_realize;
2305     dc->reset = fdctrl_external_reset_sysbus;
2306     dc->vmsd = &vmstate_sysbus_fdc;
2307     dc->props = sun4m_fdc_properties;
2308 }
2309 
2310 static const TypeInfo sun4m_fdc_info = {
2311     .name          = "SUNW,fdtwo",
2312     .parent        = TYPE_SYS_BUS_DEVICE,
2313     .instance_size = sizeof(FDCtrlSysBus),
2314     .instance_init = sun4m_fdc_initfn,
2315     .class_init    = sun4m_fdc_class_init,
2316 };
2317 
2318 static void fdc_register_types(void)
2319 {
2320     type_register_static(&isa_fdc_info);
2321     type_register_static(&sysbus_fdc_info);
2322     type_register_static(&sun4m_fdc_info);
2323 }
2324 
2325 type_init(fdc_register_types)
2326