[mirror_qemu.git] / hw / i8254.c

/*
 * QEMU 8253/8254 interval timer emulation
 * 
 * Copyright (c) 2003-2004 Fabrice Bellard
 * 
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 */
#include "vl.h"

//#define DEBUG_PIT

#define RW_STATE_LSB 1
#define RW_STATE_MSB 2
#define RW_STATE_WORD0 3
#define RW_STATE_WORD1 4

typedef struct PITChannelState {
    int count; /* can be 65536 */
    uint16_t latched_count;
    uint8_t count_latched;
    uint8_t status_latched;
    uint8_t status;
    uint8_t read_state;
    uint8_t write_state;
    uint8_t write_latch;
    uint8_t rw_mode;
    uint8_t mode;
    uint8_t bcd; /* not supported */
    uint8_t gate; /* timer start */
    int64_t count_load_time;
    /* irq handling */
    int64_t next_transition_time;
    QEMUTimer *irq_timer;
    int irq;
} PITChannelState;

struct PITState {
    PITChannelState channels[3];
};

static PITState pit_state;

static void pit_irq_timer_update(PITChannelState *s, int64_t current_time);

static int pit_get_count(PITChannelState *s)
{
    uint64_t d;
    int counter;

    d = muldiv64(qemu_get_clock(vm_clock) - s->count_load_time, PIT_FREQ, ticks_per_sec);
    switch(s->mode) {
    case 0:
    case 1:
    case 4:
    case 5:
        counter = (s->count - d) & 0xffff;
        break;
    case 3:
        /* XXX: may be incorrect for odd counts */
        counter = s->count - ((2 * d) % s->count);
        break;
    default:
        counter = s->count - (d % s->count);
        break;
    }
    return counter;
}

/* get pit output bit */
static int pit_get_out1(PITChannelState *s, int64_t current_time)
{
    uint64_t d;
    int out;

    d = muldiv64(current_time - s->count_load_time, PIT_FREQ, ticks_per_sec);
    switch(s->mode) {
    default:
    case 0:
        out = (d >= s->count);
        break;
    case 1:
        out = (d < s->count);
        break;
    case 2:
        if ((d % s->count) == 0 && d != 0)
            out = 1;
        else
            out = 0;
        break;
    case 3:
        out = (d % s->count) < ((s->count + 1) >> 1);
        break;
    case 4:
    case 5:
        out = (d == s->count);
        break;
    }
    return out;
}

int pit_get_out(PITState *pit, int channel, int64_t current_time)
{
    PITChannelState *s = &pit->channels[channel];
    return pit_get_out1(s, current_time);
}

/* return -1 if no transition will occur.  */
static int64_t pit_get_next_transition_time(PITChannelState *s, 
                                            int64_t current_time)
{
    uint64_t d, next_time, base;
    int period2;

    d = muldiv64(current_time - s->count_load_time, PIT_FREQ, ticks_per_sec);
    switch(s->mode) {
    default:
    case 0:
    case 1:
        if (d < s->count)
            next_time = s->count;
        else
            return -1;
        break;
    case 2:
        base = (d / s->count) * s->count;
        if ((d - base) == 0 && d != 0)
            next_time = base + s->count;
        else
            next_time = base + s->count + 1;
        break;
    case 3:
        base = (d / s->count) * s->count;
        period2 = ((s->count + 1) >> 1);
        if ((d - base) < period2) 
            next_time = base + period2;
        else
            next_time = base + s->count;
        break;
    case 4:
    case 5:
        if (d < s->count)
            next_time = s->count;
        else if (d == s->count)
            next_time = s->count + 1;
        else
            return -1;
        break;
    }
    /* convert to timer units */
    next_time = s->count_load_time + muldiv64(next_time, ticks_per_sec, PIT_FREQ);
    /* fix potential rounding problems */
    /* XXX: better solution: use a clock at PIT_FREQ Hz */
    if (next_time <= current_time)
        next_time = current_time + 1;
    return next_time;
}

/* val must be 0 or 1 */
void pit_set_gate(PITState *pit, int channel, int val)
{
    PITChannelState *s = &pit->channels[channel];

    switch(s->mode) {
    default:
    case 0:
    case 4:
        /* XXX: just disable/enable counting */
        break;
    case 1:
    case 5:
        if (s->gate < val) {
            /* restart counting on rising edge */
            s->count_load_time = qemu_get_clock(vm_clock);
            pit_irq_timer_update(s, s->count_load_time);
        }
        break;
    case 2:
    case 3:
        if (s->gate < val) {
            /* restart counting on rising edge */
            s->count_load_time = qemu_get_clock(vm_clock);
            pit_irq_timer_update(s, s->count_load_time);
        }
        /* XXX: disable/enable counting */
        break;
    }
    s->gate = val;
}

int pit_get_gate(PITState *pit, int channel)
{
    PITChannelState *s = &pit->channels[channel];
    return s->gate;
}

static inline void pit_load_count(PITChannelState *s, int val)
{
    if (val == 0)
        val = 0x10000;
    s->count_load_time = qemu_get_clock(vm_clock);
    s->count = val;
    pit_irq_timer_update(s, s->count_load_time);
}

/* if already latched, do not latch again */
static void pit_latch_count(PITChannelState *s)
{
    if (!s->count_latched) {
        s->latched_count = pit_get_count(s);
        s->count_latched = s->rw_mode;
    }
}

static void pit_ioport_write(void *opaque, uint32_t addr, uint32_t val)
{
    PITState *pit = opaque;
    int channel, access;
    PITChannelState *s;

    addr &= 3;
    if (addr == 3) {
        channel = val >> 6;
        if (channel == 3) {
            /* read back command */
            for(channel = 0; channel < 3; channel++) {
                s = &pit->channels[channel];
                if (val & (2 << channel)) {
                    if (!(val & 0x20)) {
                        pit_latch_count(s);
                    }
                    if (!(val & 0x10) && !s->status_latched) {
                        /* status latch */
                        /* XXX: add BCD and null count */
                        s->status =  (pit_get_out1(s, qemu_get_clock(vm_clock)) << 7) |
                            (s->rw_mode << 4) |
                            (s->mode << 1) |
                            s->bcd;
                        s->status_latched = 1;
                    }
                }
            }
        } else {
            s = &pit->channels[channel];
            access = (val >> 4) & 3;
            if (access == 0) {
                pit_latch_count(s);
            } else {
                s->rw_mode = access;
                s->read_state = access;
                s->write_state = access;

                s->mode = (val >> 1) & 7;
                s->bcd = val & 1;
                /* XXX: update irq timer ? */
            }
        }
    } else {
        s = &pit->channels[addr];
        switch(s->write_state) {
        default:
        case RW_STATE_LSB:
            pit_load_count(s, val);
            break;
        case RW_STATE_MSB:
            pit_load_count(s, val << 8);
            break;
        case RW_STATE_WORD0:
            s->write_latch = val;
            s->write_state = RW_STATE_WORD1;
            break;
        case RW_STATE_WORD1:
            pit_load_count(s, s->write_latch | (val << 8));
            s->write_state = RW_STATE_WORD0;
            break;
        }
    }
}

static uint32_t pit_ioport_read(void *opaque, uint32_t addr)
{
    PITState *pit = opaque;
    int ret, count;
    PITChannelState *s;
    
    addr &= 3;
    s = &pit->channels[addr];
    if (s->status_latched) {
        s->status_latched = 0;
        ret = s->status;
    } else if (s->count_latched) {
        switch(s->count_latched) {
        default:
        case RW_STATE_LSB:
            ret = s->latched_count & 0xff;
            s->count_latched = 0;
            break;
        case RW_STATE_MSB:
            ret = s->latched_count >> 8;
            s->count_latched = 0;
            break;
        case RW_STATE_WORD0:
            ret = s->latched_count & 0xff;
            s->count_latched = RW_STATE_MSB;
            break;
        }
    } else {
        switch(s->read_state) {
        default:
        case RW_STATE_LSB:
            count = pit_get_count(s);
            ret = count & 0xff;
            break;
        case RW_STATE_MSB:
            count = pit_get_count(s);
            ret = (count >> 8) & 0xff;
            break;
        case RW_STATE_WORD0:
            count = pit_get_count(s);
            ret = count & 0xff;
            s->read_state = RW_STATE_WORD1;
            break;
        case RW_STATE_WORD1:
            count = pit_get_count(s);
            ret = (count >> 8) & 0xff;
            s->read_state = RW_STATE_WORD0;
            break;
        }
    }
    return ret;
}

static void pit_irq_timer_update(PITChannelState *s, int64_t current_time)
{
    int64_t expire_time;
    int irq_level;

    if (!s->irq_timer)
        return;
    expire_time = pit_get_next_transition_time(s, current_time);
    irq_level = pit_get_out1(s, current_time);
    pic_set_irq(s->irq, irq_level);
#ifdef DEBUG_PIT
    printf("irq_level=%d next_delay=%f\n",
           irq_level, 
           (double)(expire_time - current_time) / ticks_per_sec);
#endif
    s->next_transition_time = expire_time;
    if (expire_time != -1)
        qemu_mod_timer(s->irq_timer, expire_time);
    else
        qemu_del_timer(s->irq_timer);
}

static void pit_irq_timer(void *opaque)
{
    PITChannelState *s = opaque;

    pit_irq_timer_update(s, s->next_transition_time);
}

static void pit_save(QEMUFile *f, void *opaque)
{
    PITState *pit = opaque;
    PITChannelState *s;
    int i;
    
    for(i = 0; i < 3; i++) {
        s = &pit->channels[i];
        qemu_put_be32s(f, &s->count);
        qemu_put_be16s(f, &s->latched_count);
        qemu_put_8s(f, &s->count_latched);
        qemu_put_8s(f, &s->status_latched);
        qemu_put_8s(f, &s->status);
        qemu_put_8s(f, &s->read_state);
        qemu_put_8s(f, &s->write_state);
        qemu_put_8s(f, &s->write_latch);
        qemu_put_8s(f, &s->rw_mode);
        qemu_put_8s(f, &s->mode);
        qemu_put_8s(f, &s->bcd);
        qemu_put_8s(f, &s->gate);
        qemu_put_be64s(f, &s->count_load_time);
        if (s->irq_timer) {
            qemu_put_be64s(f, &s->next_transition_time);
            qemu_put_timer(f, s->irq_timer);
        }
    }
}

static int pit_load(QEMUFile *f, void *opaque, int version_id)
{
    PITState *pit = opaque;
    PITChannelState *s;
    int i;
    
    if (version_id != 1)
        return -EINVAL;

    for(i = 0; i < 3; i++) {
        s = &pit->channels[i];
        qemu_get_be32s(f, &s->count);
        qemu_get_be16s(f, &s->latched_count);
        qemu_get_8s(f, &s->count_latched);
        qemu_get_8s(f, &s->status_latched);
        qemu_get_8s(f, &s->status);
        qemu_get_8s(f, &s->read_state);
        qemu_get_8s(f, &s->write_state);
        qemu_get_8s(f, &s->write_latch);
        qemu_get_8s(f, &s->rw_mode);
        qemu_get_8s(f, &s->mode);
        qemu_get_8s(f, &s->bcd);
        qemu_get_8s(f, &s->gate);
        qemu_get_be64s(f, &s->count_load_time);
        if (s->irq_timer) {
            qemu_get_be64s(f, &s->next_transition_time);
            qemu_get_timer(f, s->irq_timer);
        }
    }
    return 0;
}

PITState *pit_init(int base, int irq)
{
    PITState *pit = &pit_state;
    PITChannelState *s;
    int i;

    for(i = 0;i < 3; i++) {
        s = &pit->channels[i];
        if (i == 0) {
            /* the timer 0 is connected to an IRQ */
            s->irq_timer = qemu_new_timer(vm_clock, pit_irq_timer, s);
            s->irq = irq;
        }
        s->mode = 3;
        s->gate = (i != 2);
        pit_load_count(s, 0);
    }

    register_savevm("i8254", base, 1, pit_save, pit_load, pit);

    register_ioport_write(base, 4, 1, pit_ioport_write, pit);
    register_ioport_read(base, 3, 1, pit_ioport_read, pit);
    return pit;
}
Commit	Line	Data
80cabfad FB	1	/*
	2	* QEMU 8253/8254 interval timer emulation
	3	*
	4	* Copyright (c) 2003-2004 Fabrice Bellard
	5	*
	6	* Permission is hereby granted, free of charge, to any person obtaining a copy
	7	* of this software and associated documentation files (the "Software"), to deal
	8	* in the Software without restriction, including without limitation the rights
	9	* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
	10	* copies of the Software, and to permit persons to whom the Software is
	11	* furnished to do so, subject to the following conditions:
	12	*
	13	* The above copyright notice and this permission notice shall be included in
	14	* all copies or substantial portions of the Software.
	15	*
	16	* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
	17	* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
	18	* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
	19	* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
	20	* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
	21	* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
	22	* THE SOFTWARE.
	23	*/
80cabfad FB	24	#include "vl.h"
80cabfad FB	25
b0a21b53 FB	26	//#define DEBUG_PIT
b0a21b53 FB	27
ec844b96 FB	28	#define RW_STATE_LSB 1
	29	#define RW_STATE_MSB 2
	30	#define RW_STATE_WORD0 3
	31	#define RW_STATE_WORD1 4
80cabfad	32
ec844b96 FB	33	typedef struct PITChannelState {
	34	int count; /* can be 65536 */
	35	uint16_t latched_count;
	36	uint8_t count_latched;
	37	uint8_t status_latched;
	38	uint8_t status;
	39	uint8_t read_state;
	40	uint8_t write_state;
	41	uint8_t write_latch;
	42	uint8_t rw_mode;
	43	uint8_t mode;
	44	uint8_t bcd; /* not supported */
	45	uint8_t gate; /* timer start */
	46	int64_t count_load_time;
	47	/* irq handling */
	48	int64_t next_transition_time;
	49	QEMUTimer *irq_timer;
	50	int irq;
	51	} PITChannelState;
	52
	53	struct PITState {
	54	PITChannelState channels[3];
	55	};
	56
	57	static PITState pit_state;
80cabfad	58
b0a21b53 FB	59	static void pit_irq_timer_update(PITChannelState *s, int64_t current_time);
b0a21b53 FB	60
80cabfad FB	61	static int pit_get_count(PITChannelState *s)
	62	{
	63	uint64_t d;
	64	int counter;
	65
b0a21b53	66	d = muldiv64(qemu_get_clock(vm_clock) - s->count_load_time, PIT_FREQ, ticks_per_sec);
80cabfad FB	67	switch(s->mode) {
	68	case 0:
	69	case 1:
	70	case 4:
	71	case 5:
	72	counter = (s->count - d) & 0xffff;
	73	break;
	74	case 3:
	75	/* XXX: may be incorrect for odd counts */
	76	counter = s->count - ((2 * d) % s->count);
	77	break;
	78	default:
	79	counter = s->count - (d % s->count);
	80	break;
	81	}
	82	return counter;
	83	}
	84
	85	/* get pit output bit */
ec844b96	86	static int pit_get_out1(PITChannelState *s, int64_t current_time)
80cabfad FB	87	{
	88	uint64_t d;
	89	int out;
	90
b0a21b53	91	d = muldiv64(current_time - s->count_load_time, PIT_FREQ, ticks_per_sec);
80cabfad FB	92	switch(s->mode) {
	93	default:
	94	case 0:
	95	out = (d >= s->count);
	96	break;
	97	case 1:
	98	out = (d < s->count);
	99	break;
	100	case 2:
	101	if ((d % s->count) == 0 && d != 0)
	102	out = 1;
	103	else
	104	out = 0;
	105	break;
	106	case 3:
	107	out = (d % s->count) < ((s->count + 1) >> 1);
	108	break;
	109	case 4:
	110	case 5:
	111	out = (d == s->count);
	112	break;
	113	}
	114	return out;
	115	}
	116
ec844b96 FB	117	int pit_get_out(PITState *pit, int channel, int64_t current_time)
	118	{
	119	PITChannelState *s = &pit->channels[channel];
	120	return pit_get_out1(s, current_time);
	121	}
	122
b0a21b53 FB	123	/* return -1 if no transition will occur. */
	124	static int64_t pit_get_next_transition_time(PITChannelState *s,
	125	int64_t current_time)
80cabfad	126	{
b0a21b53 FB	127	uint64_t d, next_time, base;
b0a21b53 FB	128	int period2;
80cabfad	129
b0a21b53	130	d = muldiv64(current_time - s->count_load_time, PIT_FREQ, ticks_per_sec);
80cabfad FB	131	switch(s->mode) {
	132	default:
	133	case 0:
80cabfad	134	case 1:
b0a21b53 FB	135	if (d < s->count)
	136	next_time = s->count;
	137	else
	138	return -1;
80cabfad FB	139	break;
80cabfad FB	140	case 2:
b0a21b53 FB	141	base = (d / s->count) * s->count;
	142	if ((d - base) == 0 && d != 0)
	143	next_time = base + s->count;
	144	else
	145	next_time = base + s->count + 1;
80cabfad FB	146	break;
80cabfad FB	147	case 3:
b0a21b53 FB	148	base = (d / s->count) * s->count;
	149	period2 = ((s->count + 1) >> 1);
	150	if ((d - base) < period2)
	151	next_time = base + period2;
	152	else
	153	next_time = base + s->count;
80cabfad FB	154	break;
	155	case 4:
	156	case 5:
b0a21b53 FB	157	if (d < s->count)
	158	next_time = s->count;
	159	else if (d == s->count)
	160	next_time = s->count + 1;
80cabfad	161	else
b0a21b53	162	return -1;
80cabfad FB	163	break;
80cabfad FB	164	}
b0a21b53 FB	165	/* convert to timer units */
b0a21b53 FB	166	next_time = s->count_load_time + muldiv64(next_time, ticks_per_sec, PIT_FREQ);
1154e441 FB	167	/* fix potential rounding problems */
	168	/* XXX: better solution: use a clock at PIT_FREQ Hz */
	169	if (next_time <= current_time)
	170	next_time = current_time + 1;
b0a21b53	171	return next_time;
80cabfad FB	172	}
	173
	174	/* val must be 0 or 1 */
ec844b96	175	void pit_set_gate(PITState *pit, int channel, int val)
80cabfad	176	{
ec844b96 FB	177	PITChannelState *s = &pit->channels[channel];
ec844b96 FB	178
80cabfad FB	179	switch(s->mode) {
	180	default:
	181	case 0:
	182	case 4:
	183	/* XXX: just disable/enable counting */
	184	break;
	185	case 1:
	186	case 5:
	187	if (s->gate < val) {
	188	/* restart counting on rising edge */
b0a21b53 FB	189	s->count_load_time = qemu_get_clock(vm_clock);
b0a21b53 FB	190	pit_irq_timer_update(s, s->count_load_time);
80cabfad FB	191	}
	192	break;
	193	case 2:
	194	case 3:
	195	if (s->gate < val) {
	196	/* restart counting on rising edge */
b0a21b53 FB	197	s->count_load_time = qemu_get_clock(vm_clock);
b0a21b53 FB	198	pit_irq_timer_update(s, s->count_load_time);
80cabfad FB	199	}
	200	/* XXX: disable/enable counting */
	201	break;
	202	}
	203	s->gate = val;
	204	}
	205
ec844b96 FB	206	int pit_get_gate(PITState *pit, int channel)
	207	{
	208	PITChannelState *s = &pit->channels[channel];
	209	return s->gate;
	210	}
	211
80cabfad FB	212	static inline void pit_load_count(PITChannelState *s, int val)
	213	{
	214	if (val == 0)
	215	val = 0x10000;
b0a21b53	216	s->count_load_time = qemu_get_clock(vm_clock);
80cabfad	217	s->count = val;
b0a21b53	218	pit_irq_timer_update(s, s->count_load_time);
80cabfad FB	219	}
80cabfad FB	220
ec844b96 FB	221	/* if already latched, do not latch again */
	222	static void pit_latch_count(PITChannelState *s)
	223	{
	224	if (!s->count_latched) {
	225	s->latched_count = pit_get_count(s);
	226	s->count_latched = s->rw_mode;
	227	}
	228	}
	229
b41a2cd1	230	static void pit_ioport_write(void *opaque, uint32_t addr, uint32_t val)
80cabfad	231	{
ec844b96	232	PITState *pit = opaque;
80cabfad FB	233	int channel, access;
	234	PITChannelState *s;
	235
	236	addr &= 3;
	237	if (addr == 3) {
	238	channel = val >> 6;
ec844b96 FB	239	if (channel == 3) {
	240	/* read back command */
	241	for(channel = 0; channel < 3; channel++) {
	242	s = &pit->channels[channel];
	243	if (val & (2 << channel)) {
	244	if (!(val & 0x20)) {
	245	pit_latch_count(s);
	246	}
	247	if (!(val & 0x10) && !s->status_latched) {
	248	/* status latch */
	249	/* XXX: add BCD and null count */
	250	s->status = (pit_get_out1(s, qemu_get_clock(vm_clock)) << 7) \|
	251	(s->rw_mode << 4) \|
	252	(s->mode << 1) \|
	253	s->bcd;
	254	s->status_latched = 1;
	255	}
	256	}
	257	}
	258	} else {
	259	s = &pit->channels[channel];
	260	access = (val >> 4) & 3;
	261	if (access == 0) {
	262	pit_latch_count(s);
	263	} else {
	264	s->rw_mode = access;
	265	s->read_state = access;
	266	s->write_state = access;
	267
	268	s->mode = (val >> 1) & 7;
	269	s->bcd = val & 1;
	270	/* XXX: update irq timer ? */
	271	}
80cabfad FB	272	}
80cabfad FB	273	} else {
ec844b96 FB	274	s = &pit->channels[addr];
	275	switch(s->write_state) {
	276	default:
80cabfad FB	277	case RW_STATE_LSB:
	278	pit_load_count(s, val);
	279	break;
	280	case RW_STATE_MSB:
	281	pit_load_count(s, val << 8);
	282	break;
	283	case RW_STATE_WORD0:
ec844b96 FB	284	s->write_latch = val;
	285	s->write_state = RW_STATE_WORD1;
	286	break;
80cabfad	287	case RW_STATE_WORD1:
ec844b96 FB	288	pit_load_count(s, s->write_latch \| (val << 8));
ec844b96 FB	289	s->write_state = RW_STATE_WORD0;
80cabfad FB	290	break;
	291	}
	292	}
	293	}
	294
b41a2cd1	295	static uint32_t pit_ioport_read(void *opaque, uint32_t addr)
80cabfad	296	{
ec844b96	297	PITState *pit = opaque;
80cabfad FB	298	int ret, count;
	299	PITChannelState *s;
	300
	301	addr &= 3;
ec844b96 FB	302	s = &pit->channels[addr];
	303	if (s->status_latched) {
	304	s->status_latched = 0;
	305	ret = s->status;
	306	} else if (s->count_latched) {
	307	switch(s->count_latched) {
	308	default:
	309	case RW_STATE_LSB:
	310	ret = s->latched_count & 0xff;
	311	s->count_latched = 0;
	312	break;
	313	case RW_STATE_MSB:
80cabfad	314	ret = s->latched_count >> 8;
ec844b96 FB	315	s->count_latched = 0;
	316	break;
	317	case RW_STATE_WORD0:
80cabfad	318	ret = s->latched_count & 0xff;
ec844b96 FB	319	s->count_latched = RW_STATE_MSB;
	320	break;
	321	}
	322	} else {
	323	switch(s->read_state) {
	324	default:
	325	case RW_STATE_LSB:
	326	count = pit_get_count(s);
	327	ret = count & 0xff;
	328	break;
	329	case RW_STATE_MSB:
	330	count = pit_get_count(s);
	331	ret = (count >> 8) & 0xff;
	332	break;
	333	case RW_STATE_WORD0:
	334	count = pit_get_count(s);
	335	ret = count & 0xff;
	336	s->read_state = RW_STATE_WORD1;
	337	break;
	338	case RW_STATE_WORD1:
	339	count = pit_get_count(s);
	340	ret = (count >> 8) & 0xff;
	341	s->read_state = RW_STATE_WORD0;
	342	break;
	343	}
80cabfad FB	344	}
	345	return ret;
	346	}
	347
b0a21b53 FB	348	static void pit_irq_timer_update(PITChannelState *s, int64_t current_time)
	349	{
	350	int64_t expire_time;
	351	int irq_level;
	352
	353	if (!s->irq_timer)
	354	return;
	355	expire_time = pit_get_next_transition_time(s, current_time);
ec844b96	356	irq_level = pit_get_out1(s, current_time);
b0a21b53 FB	357	pic_set_irq(s->irq, irq_level);
	358	#ifdef DEBUG_PIT
	359	printf("irq_level=%d next_delay=%f\n",
	360	irq_level,
	361	(double)(expire_time - current_time) / ticks_per_sec);
	362	#endif
	363	s->next_transition_time = expire_time;
	364	if (expire_time != -1)
	365	qemu_mod_timer(s->irq_timer, expire_time);
	366	else
	367	qemu_del_timer(s->irq_timer);
	368	}
	369
	370	static void pit_irq_timer(void *opaque)
	371	{
	372	PITChannelState *s = opaque;
	373
	374	pit_irq_timer_update(s, s->next_transition_time);
	375	}
	376
	377	static void pit_save(QEMUFile f, void opaque)
	378	{
ec844b96	379	PITState *pit = opaque;
b0a21b53 FB	380	PITChannelState *s;
	381	int i;
	382
	383	for(i = 0; i < 3; i++) {
ec844b96	384	s = &pit->channels[i];
b0a21b53 FB	385	qemu_put_be32s(f, &s->count);
b0a21b53 FB	386	qemu_put_be16s(f, &s->latched_count);
ec844b96 FB	387	qemu_put_8s(f, &s->count_latched);
	388	qemu_put_8s(f, &s->status_latched);
	389	qemu_put_8s(f, &s->status);
	390	qemu_put_8s(f, &s->read_state);
	391	qemu_put_8s(f, &s->write_state);
	392	qemu_put_8s(f, &s->write_latch);
	393	qemu_put_8s(f, &s->rw_mode);
b0a21b53 FB	394	qemu_put_8s(f, &s->mode);
	395	qemu_put_8s(f, &s->bcd);
	396	qemu_put_8s(f, &s->gate);
	397	qemu_put_be64s(f, &s->count_load_time);
	398	if (s->irq_timer) {
	399	qemu_put_be64s(f, &s->next_transition_time);
	400	qemu_put_timer(f, s->irq_timer);
	401	}
	402	}
	403	}
	404
	405	static int pit_load(QEMUFile f, void opaque, int version_id)
	406	{
ec844b96	407	PITState *pit = opaque;
b0a21b53 FB	408	PITChannelState *s;
	409	int i;
	410
	411	if (version_id != 1)
	412	return -EINVAL;
	413
	414	for(i = 0; i < 3; i++) {
ec844b96	415	s = &pit->channels[i];
b0a21b53 FB	416	qemu_get_be32s(f, &s->count);
b0a21b53 FB	417	qemu_get_be16s(f, &s->latched_count);
ec844b96 FB	418	qemu_get_8s(f, &s->count_latched);
	419	qemu_get_8s(f, &s->status_latched);
	420	qemu_get_8s(f, &s->status);
	421	qemu_get_8s(f, &s->read_state);
	422	qemu_get_8s(f, &s->write_state);
	423	qemu_get_8s(f, &s->write_latch);
	424	qemu_get_8s(f, &s->rw_mode);
b0a21b53 FB	425	qemu_get_8s(f, &s->mode);
	426	qemu_get_8s(f, &s->bcd);
	427	qemu_get_8s(f, &s->gate);
	428	qemu_get_be64s(f, &s->count_load_time);
	429	if (s->irq_timer) {
	430	qemu_get_be64s(f, &s->next_transition_time);
	431	qemu_get_timer(f, s->irq_timer);
	432	}
	433	}
	434	return 0;
	435	}
	436
ec844b96	437	PITState *pit_init(int base, int irq)
80cabfad	438	{
ec844b96	439	PITState *pit = &pit_state;
80cabfad FB	440	PITChannelState *s;
	441	int i;
	442
	443	for(i = 0;i < 3; i++) {
ec844b96	444	s = &pit->channels[i];
b0a21b53 FB	445	if (i == 0) {
	446	/* the timer 0 is connected to an IRQ */
	447	s->irq_timer = qemu_new_timer(vm_clock, pit_irq_timer, s);
	448	s->irq = irq;
	449	}
80cabfad FB	450	s->mode = 3;
	451	s->gate = (i != 2);
	452	pit_load_count(s, 0);
	453	}
	454
ec844b96	455	register_savevm("i8254", base, 1, pit_save, pit_load, pit);
b0a21b53	456
ec844b96 FB	457	register_ioport_write(base, 4, 1, pit_ioport_write, pit);
	458	register_ioport_read(base, 3, 1, pit_ioport_read, pit);
	459	return pit;
80cabfad	460	}