2 * QEMU 16550A UART emulation
4 * Copyright (c) 2003-2004 Fabrice Bellard
5 * Copyright (c) 2008 Citrix Systems, Inc.
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
26 #include "qemu-char.h"
29 #include "qemu-timer.h"
31 //#define DEBUG_SERIAL
33 #define UART_LCR_DLAB 0x80 /* Divisor latch access bit */
35 #define UART_IER_MSI 0x08 /* Enable Modem status interrupt */
36 #define UART_IER_RLSI 0x04 /* Enable receiver line status interrupt */
37 #define UART_IER_THRI 0x02 /* Enable Transmitter holding register int. */
38 #define UART_IER_RDI 0x01 /* Enable receiver data interrupt */
40 #define UART_IIR_NO_INT 0x01 /* No interrupts pending */
41 #define UART_IIR_ID 0x06 /* Mask for the interrupt ID */
43 #define UART_IIR_MSI 0x00 /* Modem status interrupt */
44 #define UART_IIR_THRI 0x02 /* Transmitter holding register empty */
45 #define UART_IIR_RDI 0x04 /* Receiver data interrupt */
46 #define UART_IIR_RLSI 0x06 /* Receiver line status interrupt */
47 #define UART_IIR_CTI 0x0C /* Character Timeout Indication */
49 #define UART_IIR_FENF 0x80 /* Fifo enabled, but not functionning */
50 #define UART_IIR_FE 0xC0 /* Fifo enabled */
53 * These are the definitions for the Modem Control Register
55 #define UART_MCR_LOOP 0x10 /* Enable loopback test mode */
56 #define UART_MCR_OUT2 0x08 /* Out2 complement */
57 #define UART_MCR_OUT1 0x04 /* Out1 complement */
58 #define UART_MCR_RTS 0x02 /* RTS complement */
59 #define UART_MCR_DTR 0x01 /* DTR complement */
62 * These are the definitions for the Modem Status Register
64 #define UART_MSR_DCD 0x80 /* Data Carrier Detect */
65 #define UART_MSR_RI 0x40 /* Ring Indicator */
66 #define UART_MSR_DSR 0x20 /* Data Set Ready */
67 #define UART_MSR_CTS 0x10 /* Clear to Send */
68 #define UART_MSR_DDCD 0x08 /* Delta DCD */
69 #define UART_MSR_TERI 0x04 /* Trailing edge ring indicator */
70 #define UART_MSR_DDSR 0x02 /* Delta DSR */
71 #define UART_MSR_DCTS 0x01 /* Delta CTS */
72 #define UART_MSR_ANY_DELTA 0x0F /* Any of the delta bits! */
74 #define UART_LSR_TEMT 0x40 /* Transmitter empty */
75 #define UART_LSR_THRE 0x20 /* Transmit-hold-register empty */
76 #define UART_LSR_BI 0x10 /* Break interrupt indicator */
77 #define UART_LSR_FE 0x08 /* Frame error indicator */
78 #define UART_LSR_PE 0x04 /* Parity error indicator */
79 #define UART_LSR_OE 0x02 /* Overrun error indicator */
80 #define UART_LSR_DR 0x01 /* Receiver data ready */
81 #define UART_LSR_INT_ANY 0x1E /* Any of the lsr-interrupt-triggering status bits */
83 /* Interrupt trigger levels. The byte-counts are for 16550A - in newer UARTs the byte-count for each ITL is higher. */
85 #define UART_FCR_ITL_1 0x00 /* 1 byte ITL */
86 #define UART_FCR_ITL_2 0x40 /* 4 bytes ITL */
87 #define UART_FCR_ITL_3 0x80 /* 8 bytes ITL */
88 #define UART_FCR_ITL_4 0xC0 /* 14 bytes ITL */
90 #define UART_FCR_DMS 0x08 /* DMA Mode Select */
91 #define UART_FCR_XFR 0x04 /* XMIT Fifo Reset */
92 #define UART_FCR_RFR 0x02 /* RCVR Fifo Reset */
93 #define UART_FCR_FE 0x01 /* FIFO Enable */
95 #define UART_FIFO_LENGTH 16 /* 16550A Fifo Length */
99 #define MAX_XMIT_RETRY 4
102 uint8_t data[UART_FIFO_LENGTH];
104 uint8_t itl; /* Interrupt Trigger Level */
107 } typedef SerialFIFO;
111 uint8_t rbr; /* receive register */
112 uint8_t thr; /* transmit holding register */
113 uint8_t tsr; /* transmit shift register */
115 uint8_t iir; /* read only */
118 uint8_t lsr; /* read only */
119 uint8_t msr; /* read only */
122 /* NOTE: this hidden state is necessary for tx irq generation as
123 it can be reset while reading iir */
126 CharDriverState *chr;
127 int last_break_enable;
132 uint64_t last_xmit_ts; /* Time when the last byte was successfully sent out of the tsr */
133 SerialFIFO recv_fifo;
134 SerialFIFO xmit_fifo;
136 struct QEMUTimer *fifo_timeout_timer;
137 int timeout_ipending; /* timeout interrupt pending state */
138 struct QEMUTimer *transmit_timer;
141 uint64_t char_transmit_time; /* time to transmit a char in ticks*/
144 struct QEMUTimer *modem_status_poll;
147 static void serial_receive1(void *opaque, const uint8_t *buf, int size);
149 static void fifo_clear(SerialState *s, int fifo)
151 SerialFIFO *f = (fifo) ? &s->recv_fifo : &s->xmit_fifo;
152 memset(f->data, 0, UART_FIFO_LENGTH);
158 static int fifo_put(SerialState *s, int fifo, uint8_t chr)
160 SerialFIFO *f = (fifo) ? &s->recv_fifo : &s->xmit_fifo;
162 f->data[f->head++] = chr;
164 if (f->head == UART_FIFO_LENGTH)
171 static uint8_t fifo_get(SerialState *s, int fifo)
173 SerialFIFO *f = (fifo) ? &s->recv_fifo : &s->xmit_fifo;
179 c = f->data[f->tail++];
180 if (f->tail == UART_FIFO_LENGTH)
187 static void serial_update_irq(SerialState *s)
189 uint8_t tmp_iir = UART_IIR_NO_INT;
191 if ((s->ier & UART_IER_RLSI) && (s->lsr & UART_LSR_INT_ANY)) {
192 tmp_iir = UART_IIR_RLSI;
193 } else if ((s->ier & UART_IER_RDI) && s->timeout_ipending) {
194 /* Note that(s->ier & UART_IER_RDI) can mask this interrupt,
195 * this is not in the specification but is observed on existing
197 tmp_iir = UART_IIR_CTI;
198 } else if ((s->ier & UART_IER_RDI) && (s->lsr & UART_LSR_DR)) {
199 if (!(s->fcr & UART_FCR_FE)) {
200 tmp_iir = UART_IIR_RDI;
201 } else if (s->recv_fifo.count >= s->recv_fifo.itl) {
202 tmp_iir = UART_IIR_RDI;
204 } else if ((s->ier & UART_IER_THRI) && s->thr_ipending) {
205 tmp_iir = UART_IIR_THRI;
206 } else if ((s->ier & UART_IER_MSI) && (s->msr & UART_MSR_ANY_DELTA)) {
207 tmp_iir = UART_IIR_MSI;
210 s->iir = tmp_iir | (s->iir & 0xF0);
212 if (tmp_iir != UART_IIR_NO_INT) {
213 qemu_irq_raise(s->irq);
215 qemu_irq_lower(s->irq);
219 static void serial_update_parameters(SerialState *s)
221 int speed, parity, data_bits, stop_bits, frame_size;
222 QEMUSerialSetParams ssp;
242 data_bits = (s->lcr & 0x03) + 5;
243 frame_size += data_bits + stop_bits;
244 speed = s->baudbase / s->divider;
247 ssp.data_bits = data_bits;
248 ssp.stop_bits = stop_bits;
249 s->char_transmit_time = (ticks_per_sec / speed) * frame_size;
250 qemu_chr_ioctl(s->chr, CHR_IOCTL_SERIAL_SET_PARAMS, &ssp);
252 printf("speed=%d parity=%c data=%d stop=%d\n",
253 speed, parity, data_bits, stop_bits);
257 static void serial_update_msl(SerialState *s)
262 qemu_del_timer(s->modem_status_poll);
264 if (qemu_chr_ioctl(s->chr,CHR_IOCTL_SERIAL_GET_TIOCM, &flags) == -ENOTSUP) {
271 s->msr = (flags & CHR_TIOCM_CTS) ? s->msr | UART_MSR_CTS : s->msr & ~UART_MSR_CTS;
272 s->msr = (flags & CHR_TIOCM_DSR) ? s->msr | UART_MSR_DSR : s->msr & ~UART_MSR_DSR;
273 s->msr = (flags & CHR_TIOCM_CAR) ? s->msr | UART_MSR_DCD : s->msr & ~UART_MSR_DCD;
274 s->msr = (flags & CHR_TIOCM_RI) ? s->msr | UART_MSR_RI : s->msr & ~UART_MSR_RI;
276 if (s->msr != omsr) {
278 s->msr = s->msr | ((s->msr >> 4) ^ (omsr >> 4));
279 /* UART_MSR_TERI only if change was from 1 -> 0 */
280 if ((s->msr & UART_MSR_TERI) && !(omsr & UART_MSR_RI))
281 s->msr &= ~UART_MSR_TERI;
282 serial_update_irq(s);
285 /* The real 16550A apparently has a 250ns response latency to line status changes.
286 We'll be lazy and poll only every 10ms, and only poll it at all if MSI interrupts are turned on */
289 qemu_mod_timer(s->modem_status_poll, qemu_get_clock(vm_clock) + ticks_per_sec / 100);
292 static void serial_xmit(void *opaque)
294 SerialState *s = opaque;
295 uint64_t new_xmit_ts = qemu_get_clock(vm_clock);
297 if (s->tsr_retry <= 0) {
298 if (s->fcr & UART_FCR_FE) {
299 s->tsr = fifo_get(s,XMIT_FIFO);
300 if (!s->xmit_fifo.count)
301 s->lsr |= UART_LSR_THRE;
304 s->lsr |= UART_LSR_THRE;
308 if (s->mcr & UART_MCR_LOOP) {
309 /* in loopback mode, say that we just received a char */
310 serial_receive1(s, &s->tsr, 1);
311 } else if (qemu_chr_write(s->chr, &s->tsr, 1) != 1) {
312 if ((s->tsr_retry > 0) && (s->tsr_retry <= MAX_XMIT_RETRY)) {
314 qemu_mod_timer(s->transmit_timer, new_xmit_ts + s->char_transmit_time);
316 } else if (s->poll_msl < 0) {
317 /* If we exceed MAX_XMIT_RETRY and the backend is not a real serial port, then
318 drop any further failed writes instantly, until we get one that goes through.
319 This is to prevent guests that log to unconnected pipes or pty's from stalling. */
327 s->last_xmit_ts = qemu_get_clock(vm_clock);
328 if (!(s->lsr & UART_LSR_THRE))
329 qemu_mod_timer(s->transmit_timer, s->last_xmit_ts + s->char_transmit_time);
331 if (s->lsr & UART_LSR_THRE) {
332 s->lsr |= UART_LSR_TEMT;
334 serial_update_irq(s);
339 static void serial_ioport_write(void *opaque, uint32_t addr, uint32_t val)
341 SerialState *s = opaque;
345 printf("serial: write addr=0x%02x val=0x%02x\n", addr, val);
350 if (s->lcr & UART_LCR_DLAB) {
351 s->divider = (s->divider & 0xff00) | val;
352 serial_update_parameters(s);
354 s->thr = (uint8_t) val;
355 if(s->fcr & UART_FCR_FE) {
356 fifo_put(s, XMIT_FIFO, s->thr);
358 s->lsr &= ~UART_LSR_TEMT;
359 s->lsr &= ~UART_LSR_THRE;
360 serial_update_irq(s);
363 s->lsr &= ~UART_LSR_THRE;
364 serial_update_irq(s);
370 if (s->lcr & UART_LCR_DLAB) {
371 s->divider = (s->divider & 0x00ff) | (val << 8);
372 serial_update_parameters(s);
375 /* If the backend device is a real serial port, turn polling of the modem
376 status lines on physical port on or off depending on UART_IER_MSI state */
377 if (s->poll_msl >= 0) {
378 if (s->ier & UART_IER_MSI) {
380 serial_update_msl(s);
382 qemu_del_timer(s->modem_status_poll);
386 if (s->lsr & UART_LSR_THRE) {
388 serial_update_irq(s);
398 /* Did the enable/disable flag change? If so, make sure FIFOs get flushed */
399 if ((val ^ s->fcr) & UART_FCR_FE)
400 val |= UART_FCR_XFR | UART_FCR_RFR;
404 if (val & UART_FCR_RFR) {
405 qemu_del_timer(s->fifo_timeout_timer);
406 s->timeout_ipending=0;
407 fifo_clear(s,RECV_FIFO);
410 if (val & UART_FCR_XFR) {
411 fifo_clear(s,XMIT_FIFO);
414 if (val & UART_FCR_FE) {
415 s->iir |= UART_IIR_FE;
416 /* Set RECV_FIFO trigger Level */
417 switch (val & 0xC0) {
419 s->recv_fifo.itl = 1;
422 s->recv_fifo.itl = 4;
425 s->recv_fifo.itl = 8;
428 s->recv_fifo.itl = 14;
432 s->iir &= ~UART_IIR_FE;
434 /* Set fcr - or at least the bits in it that are supposed to "stick" */
436 serial_update_irq(s);
442 serial_update_parameters(s);
443 break_enable = (val >> 6) & 1;
444 if (break_enable != s->last_break_enable) {
445 s->last_break_enable = break_enable;
446 qemu_chr_ioctl(s->chr, CHR_IOCTL_SERIAL_SET_BREAK,
454 int old_mcr = s->mcr;
456 if (val & UART_MCR_LOOP)
459 if (s->poll_msl >= 0 && old_mcr != s->mcr) {
461 qemu_chr_ioctl(s->chr,CHR_IOCTL_SERIAL_GET_TIOCM, &flags);
463 flags &= ~(CHR_TIOCM_RTS | CHR_TIOCM_DTR);
465 if (val & UART_MCR_RTS)
466 flags |= CHR_TIOCM_RTS;
467 if (val & UART_MCR_DTR)
468 flags |= CHR_TIOCM_DTR;
470 qemu_chr_ioctl(s->chr,CHR_IOCTL_SERIAL_SET_TIOCM, &flags);
471 /* Update the modem status after a one-character-send wait-time, since there may be a response
472 from the device/computer at the other end of the serial line */
473 qemu_mod_timer(s->modem_status_poll, qemu_get_clock(vm_clock) + s->char_transmit_time);
487 static uint32_t serial_ioport_read(void *opaque, uint32_t addr)
489 SerialState *s = opaque;
496 if (s->lcr & UART_LCR_DLAB) {
497 ret = s->divider & 0xff;
499 if(s->fcr & UART_FCR_FE) {
500 ret = fifo_get(s,RECV_FIFO);
501 if (s->recv_fifo.count == 0)
502 s->lsr &= ~(UART_LSR_DR | UART_LSR_BI);
504 qemu_mod_timer(s->fifo_timeout_timer, qemu_get_clock (vm_clock) + s->char_transmit_time * 4);
505 s->timeout_ipending = 0;
508 s->lsr &= ~(UART_LSR_DR | UART_LSR_BI);
510 serial_update_irq(s);
511 if (!(s->mcr & UART_MCR_LOOP)) {
512 /* in loopback mode, don't receive any data */
513 qemu_chr_accept_input(s->chr);
518 if (s->lcr & UART_LCR_DLAB) {
519 ret = (s->divider >> 8) & 0xff;
527 serial_update_irq(s);
537 /* Clear break interrupt */
538 if (s->lsr & UART_LSR_BI) {
539 s->lsr &= ~UART_LSR_BI;
540 serial_update_irq(s);
544 if (s->mcr & UART_MCR_LOOP) {
545 /* in loopback, the modem output pins are connected to the
547 ret = (s->mcr & 0x0c) << 4;
548 ret |= (s->mcr & 0x02) << 3;
549 ret |= (s->mcr & 0x01) << 5;
551 if (s->poll_msl >= 0)
552 serial_update_msl(s);
554 /* Clear delta bits & msr int after read, if they were set */
555 if (s->msr & UART_MSR_ANY_DELTA) {
557 serial_update_irq(s);
566 printf("serial: read addr=0x%02x val=0x%02x\n", addr, ret);
571 static int serial_can_receive(SerialState *s)
573 if(s->fcr & UART_FCR_FE) {
574 if(s->recv_fifo.count < UART_FIFO_LENGTH)
575 /* Advertise (fifo.itl - fifo.count) bytes when count < ITL, and 1 if above. If UART_FIFO_LENGTH - fifo.count is
576 advertised the effect will be to almost always fill the fifo completely before the guest has a chance to respond,
577 effectively overriding the ITL that the guest has set. */
578 return (s->recv_fifo.count <= s->recv_fifo.itl) ? s->recv_fifo.itl - s->recv_fifo.count : 1;
582 return !(s->lsr & UART_LSR_DR);
586 static void serial_receive_break(SerialState *s)
589 s->lsr |= UART_LSR_BI | UART_LSR_DR;
590 serial_update_irq(s);
593 /* There's data in recv_fifo and s->rbr has not been read for 4 char transmit times */
594 static void fifo_timeout_int (void *opaque) {
595 SerialState *s = opaque;
596 if (s->recv_fifo.count) {
597 s->timeout_ipending = 1;
598 serial_update_irq(s);
602 static int serial_can_receive1(void *opaque)
604 SerialState *s = opaque;
605 return serial_can_receive(s);
608 static void serial_receive1(void *opaque, const uint8_t *buf, int size)
610 SerialState *s = opaque;
611 if(s->fcr & UART_FCR_FE) {
613 for (i = 0; i < size; i++) {
614 fifo_put(s, RECV_FIFO, buf[i]);
616 s->lsr |= UART_LSR_DR;
617 /* call the timeout receive callback in 4 char transmit time */
618 qemu_mod_timer(s->fifo_timeout_timer, qemu_get_clock (vm_clock) + s->char_transmit_time * 4);
621 s->lsr |= UART_LSR_DR;
623 serial_update_irq(s);
626 static void serial_event(void *opaque, int event)
628 SerialState *s = opaque;
630 printf("serial: event %x\n", event);
632 if (event == CHR_EVENT_BREAK)
633 serial_receive_break(s);
636 static void serial_save(QEMUFile *f, void *opaque)
638 SerialState *s = opaque;
640 qemu_put_be16s(f,&s->divider);
641 qemu_put_8s(f,&s->rbr);
642 qemu_put_8s(f,&s->ier);
643 qemu_put_8s(f,&s->iir);
644 qemu_put_8s(f,&s->lcr);
645 qemu_put_8s(f,&s->mcr);
646 qemu_put_8s(f,&s->lsr);
647 qemu_put_8s(f,&s->msr);
648 qemu_put_8s(f,&s->scr);
649 qemu_put_8s(f,&s->fcr);
652 static int serial_load(QEMUFile *f, void *opaque, int version_id)
654 SerialState *s = opaque;
661 qemu_get_be16s(f, &s->divider);
663 s->divider = qemu_get_byte(f);
664 qemu_get_8s(f,&s->rbr);
665 qemu_get_8s(f,&s->ier);
666 qemu_get_8s(f,&s->iir);
667 qemu_get_8s(f,&s->lcr);
668 qemu_get_8s(f,&s->mcr);
669 qemu_get_8s(f,&s->lsr);
670 qemu_get_8s(f,&s->msr);
671 qemu_get_8s(f,&s->scr);
676 /* Initialize fcr via setter to perform essential side-effects */
677 serial_ioport_write(s, 0x02, fcr);
681 static void serial_reset(void *opaque)
683 SerialState *s = opaque;
687 s->iir = UART_IIR_NO_INT;
689 s->lsr = UART_LSR_TEMT | UART_LSR_THRE;
690 s->msr = UART_MSR_DCD | UART_MSR_DSR | UART_MSR_CTS;
691 /* Default to 9600 baud, no parity, one stop bit */
693 s->mcr = UART_MCR_OUT2;
696 s->char_transmit_time = (ticks_per_sec / 9600) * 9;
699 fifo_clear(s,RECV_FIFO);
700 fifo_clear(s,XMIT_FIFO);
702 s->last_xmit_ts = qemu_get_clock(vm_clock);
705 s->last_break_enable = 0;
706 qemu_irq_lower(s->irq);
709 static void serial_init_core(SerialState *s, qemu_irq irq, int baudbase,
710 CharDriverState *chr)
713 s->baudbase = baudbase;
714 s->chr = chr ?: qemu_chr_open("null", "null", NULL);
716 s->modem_status_poll = qemu_new_timer(vm_clock, (QEMUTimerCB *) serial_update_msl, s);
718 s->fifo_timeout_timer = qemu_new_timer(vm_clock, (QEMUTimerCB *) fifo_timeout_int, s);
719 s->transmit_timer = qemu_new_timer(vm_clock, (QEMUTimerCB *) serial_xmit, s);
721 qemu_register_reset(serial_reset, 0, s);
724 qemu_chr_add_handlers(s->chr, serial_can_receive1, serial_receive1,
728 /* If fd is zero, it means that the serial device uses the console */
729 SerialState *serial_init(int base, qemu_irq irq, int baudbase,
730 CharDriverState *chr)
734 s = qemu_mallocz(sizeof(SerialState));
736 serial_init_core(s, irq, baudbase, chr);
738 register_savevm("serial", base, 3, serial_save, serial_load, s);
740 register_ioport_write(base, 8, 1, serial_ioport_write, s);
741 register_ioport_read(base, 8, 1, serial_ioport_read, s);
745 /* Memory mapped interface */
746 uint32_t serial_mm_readb (void *opaque, target_phys_addr_t addr)
748 SerialState *s = opaque;
750 return serial_ioport_read(s, addr >> s->it_shift) & 0xFF;
753 void serial_mm_writeb (void *opaque,
754 target_phys_addr_t addr, uint32_t value)
756 SerialState *s = opaque;
758 serial_ioport_write(s, addr >> s->it_shift, value & 0xFF);
761 uint32_t serial_mm_readw (void *opaque, target_phys_addr_t addr)
763 SerialState *s = opaque;
766 val = serial_ioport_read(s, addr >> s->it_shift) & 0xFFFF;
767 #ifdef TARGET_WORDS_BIGENDIAN
773 void serial_mm_writew (void *opaque,
774 target_phys_addr_t addr, uint32_t value)
776 SerialState *s = opaque;
777 #ifdef TARGET_WORDS_BIGENDIAN
778 value = bswap16(value);
780 serial_ioport_write(s, addr >> s->it_shift, value & 0xFFFF);
783 uint32_t serial_mm_readl (void *opaque, target_phys_addr_t addr)
785 SerialState *s = opaque;
788 val = serial_ioport_read(s, addr >> s->it_shift);
789 #ifdef TARGET_WORDS_BIGENDIAN
795 void serial_mm_writel (void *opaque,
796 target_phys_addr_t addr, uint32_t value)
798 SerialState *s = opaque;
799 #ifdef TARGET_WORDS_BIGENDIAN
800 value = bswap32(value);
802 serial_ioport_write(s, addr >> s->it_shift, value);
805 static CPUReadMemoryFunc *serial_mm_read[] = {
811 static CPUWriteMemoryFunc *serial_mm_write[] = {
817 SerialState *serial_mm_init (target_phys_addr_t base, int it_shift,
818 qemu_irq irq, int baudbase,
819 CharDriverState *chr, int ioregister)
824 s = qemu_mallocz(sizeof(SerialState));
826 s->it_shift = it_shift;
828 serial_init_core(s, irq, baudbase, chr);
829 register_savevm("serial", base, 3, serial_save, serial_load, s);
832 s_io_memory = cpu_register_io_memory(0, serial_mm_read,
834 cpu_register_physical_memory(base, 8 << it_shift, s_io_memory);
836 serial_update_msl(s);
projects / qemu / blob