All of lore.kernel.org
 help / color / mirror / Atom feed
* [Qemu-devel] [Bug 1680991] [NEW] System Timer returning 0 tick count for raspi2 emulation
@ 2017-04-08  0:14 Adam Clark
  2017-04-08  0:17 ` [Qemu-devel] [Bug 1680991] " Adam Clark
                   ` (5 more replies)
  0 siblings, 6 replies; 7+ messages in thread
From: Adam Clark @ 2017-04-08  0:14 UTC (permalink / raw)
  To: qemu-devel

Public bug reported:

In a small hobby kernel for Raspberry Pi 2B, I am using the system timer
to control wait durations.  This timer is located at 0x3f003000 and the
timer counts are located at 0x3f003004 (CLO) and 0x3f004008 (CHI).
Reading these memory locations returns 0 for both.

The basic code for this function is:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@@ uint64_t ReadSysTimerCount() -- read the system time running count
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
ReadSysTimerCount:
	ldr	r0,=ST_CLO                  @ load the base address of the system timer
	ldrd	r0,r1,[r0]                  @ Get the 64-bit timer "count" into r1:r0
	mov	pc,lr			    @ return

Tracing back the definition of ST_CLO in my code:
#define ST_CLO              (ST_BASE+4)                 // Counter Lower 32 bits
#define ST_BASE             (HW_BASE+0x3000)            // System Timer base address
#define HW_BASE             (0x3f000000)                // this is the base address for all hardware I/O addresses

I have tested a similar program that I know to work on real hardware
with qemu-system-arm reading the same mmio register and have the same
issue, so I'm pretty sure the issue is not with my code.

My Host PC is a VM on vmWare esxi running FC25 (8 cores, 8GB RAM): 
[adam@os-dev ~]$ uname -a
Linux os-dev.jammin 4.10.8-200.fc25.x86_64 #1 SMP Fri Mar 31 13:20:22 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

I have confirmed this issue on QEMU 2.7.1 (fc25 Distro) and 2.9.0-rc3
(git).

adam@os-dev ~]$ qemu-system-arm --version
QEMU emulator version 2.7.1(qemu-2.7.1-4.fc25), Copyright (c) 2003-2016 Fabrice Bellard and the QEMU Project developers

[adam@os-dev ~]$ ./workspace/qemu/bin/debug/native/arm-softmmu/qemu-system-arm --version
QEMU emulator version 2.8.93 (v2.9.0-rc3-15-g5daf9b3)
Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers

A remote debugger for my kernel shows the following:
(gdb) info reg
r0             0x0	0
r1             0x0	0
r2             0x96	150
r3             0x0	0
r4             0xa000	40960
r5             0x0	0
r6             0x0	0
r7             0x0	0
r8             0x0	0
r9             0xa000	40960
r10            0x0	0
r11            0x7fdc	32732
r12            0x0	0
sp             0x7fc8	0x7fc8
lr             0x8194	33172
pc             0x80a4	0x80a4
cpsr           0x800001d3	-2147483181
(gdb) stepi
0x000080a8 in ?? ()
(gdb) info reg
r0             0x3f003004	1056976900
r1             0x0	0
r2             0x96	150
r3             0x0	0
r4             0xa000	40960
r5             0x0	0
r6             0x0	0
r7             0x0	0
r8             0x0	0
r9             0xa000	40960
r10            0x0	0
r11            0x7fdc	32732
r12            0x0	0
sp             0x7fc8	0x7fc8
lr             0x8194	33172
pc             0x80a8	0x80a8
cpsr           0x800001d3	-2147483181
(gdb) stepi
0x000080ac in ?? ()
(gdb) info reg
r0             0x0	0
r1             0x0	0
r2             0x96	150
r3             0x0	0
r4             0xa000	40960
r5             0x0	0
r6             0x0	0
r7             0x0	0
r8             0x0	0
r9             0xa000	40960
r10            0x0	0
r11            0x7fdc	32732
r12            0x0	0
sp             0x7fc8	0x7fc8
lr             0x8194	33172
pc             0x80ac	0x80ac
cpsr           0x800001d3	-2147483181

Notice r0 is loaded with the address for CLO and then cleared with 0
when read.

I am writing my code against the documented specifications in "BCM2835
ARM Peripherals" (attached for convenience), section "12 System Timer".


Please let me know if you need anything else from me.

** Affects: qemu
     Importance: Undecided
         Status: New

** Attachment added: "BSM2835 ARM Peripherals"
   https://bugs.launchpad.net/bugs/1680991/+attachment/4857848/+files/SoC-Peripherals.pdf

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1680991

Title:
  System Timer returning 0 tick count for raspi2 emulation

Status in QEMU:
  New

Bug description:
  In a small hobby kernel for Raspberry Pi 2B, I am using the system
  timer to control wait durations.  This timer is located at 0x3f003000
  and the timer counts are located at 0x3f003004 (CLO) and 0x3f004008
  (CHI).  Reading these memory locations returns 0 for both.

  The basic code for this function is:
  @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
  @@ uint64_t ReadSysTimerCount() -- read the system time running count
  @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
  ReadSysTimerCount:
  	ldr	r0,=ST_CLO                  @ load the base address of the system timer
  	ldrd	r0,r1,[r0]                  @ Get the 64-bit timer "count" into r1:r0
  	mov	pc,lr			    @ return

  Tracing back the definition of ST_CLO in my code:
  #define ST_CLO              (ST_BASE+4)                 // Counter Lower 32 bits
  #define ST_BASE             (HW_BASE+0x3000)            // System Timer base address
  #define HW_BASE             (0x3f000000)                // this is the base address for all hardware I/O addresses

  I have tested a similar program that I know to work on real hardware
  with qemu-system-arm reading the same mmio register and have the same
  issue, so I'm pretty sure the issue is not with my code.

  My Host PC is a VM on vmWare esxi running FC25 (8 cores, 8GB RAM): 
  [adam@os-dev ~]$ uname -a
  Linux os-dev.jammin 4.10.8-200.fc25.x86_64 #1 SMP Fri Mar 31 13:20:22 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

  I have confirmed this issue on QEMU 2.7.1 (fc25 Distro) and 2.9.0-rc3
  (git).

  adam@os-dev ~]$ qemu-system-arm --version
  QEMU emulator version 2.7.1(qemu-2.7.1-4.fc25), Copyright (c) 2003-2016 Fabrice Bellard and the QEMU Project developers

  [adam@os-dev ~]$ ./workspace/qemu/bin/debug/native/arm-softmmu/qemu-system-arm --version
  QEMU emulator version 2.8.93 (v2.9.0-rc3-15-g5daf9b3)
  Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers

  A remote debugger for my kernel shows the following:
  (gdb) info reg
  r0             0x0	0
  r1             0x0	0
  r2             0x96	150
  r3             0x0	0
  r4             0xa000	40960
  r5             0x0	0
  r6             0x0	0
  r7             0x0	0
  r8             0x0	0
  r9             0xa000	40960
  r10            0x0	0
  r11            0x7fdc	32732
  r12            0x0	0
  sp             0x7fc8	0x7fc8
  lr             0x8194	33172
  pc             0x80a4	0x80a4
  cpsr           0x800001d3	-2147483181
  (gdb) stepi
  0x000080a8 in ?? ()
  (gdb) info reg
  r0             0x3f003004	1056976900
  r1             0x0	0
  r2             0x96	150
  r3             0x0	0
  r4             0xa000	40960
  r5             0x0	0
  r6             0x0	0
  r7             0x0	0
  r8             0x0	0
  r9             0xa000	40960
  r10            0x0	0
  r11            0x7fdc	32732
  r12            0x0	0
  sp             0x7fc8	0x7fc8
  lr             0x8194	33172
  pc             0x80a8	0x80a8
  cpsr           0x800001d3	-2147483181
  (gdb) stepi
  0x000080ac in ?? ()
  (gdb) info reg
  r0             0x0	0
  r1             0x0	0
  r2             0x96	150
  r3             0x0	0
  r4             0xa000	40960
  r5             0x0	0
  r6             0x0	0
  r7             0x0	0
  r8             0x0	0
  r9             0xa000	40960
  r10            0x0	0
  r11            0x7fdc	32732
  r12            0x0	0
  sp             0x7fc8	0x7fc8
  lr             0x8194	33172
  pc             0x80ac	0x80ac
  cpsr           0x800001d3	-2147483181

  Notice r0 is loaded with the address for CLO and then cleared with 0
  when read.

  I am writing my code against the documented specifications in "BCM2835
  ARM Peripherals" (attached for convenience), section "12 System
  Timer".

  
  Please let me know if you need anything else from me.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1680991/+subscriptions

^ permalink raw reply	[flat|nested] 7+ messages in thread
end of thread, other threads:[~2020-12-10  9:57 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-04-08  0:14 [Qemu-devel] [Bug 1680991] [NEW] System Timer returning 0 tick count for raspi2 emulation Adam Clark
2017-04-08  0:17 ` [Qemu-devel] [Bug 1680991] " Adam Clark
2017-11-07 15:07 ` [Qemu-devel] [Bug 1680991] Re: raspi2: system timer not device implemented Peter Maydell
2018-03-15 17:21 ` [Qemu-devel] [Bug 1680991] Re: raspi2: system timer device not implemented Peter Maydell
2020-11-18 10:51 ` Thomas Huth
2020-11-18 11:14 ` Philippe Mathieu-Daudé
2020-12-10  9:16 ` Thomas Huth

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.