raspi2: system timer device not implemented In a small hobby kernel for Raspberry Pi 2B, I am using the system timer to control wait durations. This timer is located at 0x3f003000 and the timer counts are located at 0x3f003004 (CLO) and 0x3f004008 (CHI). Reading these memory locations returns 0 for both. The basic code for this function is: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@ uint64_t ReadSysTimerCount() -- read the system time running count @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ ReadSysTimerCount: ldr r0,=ST_CLO @ load the base address of the system timer ldrd r0,r1,[r0] @ Get the 64-bit timer "count" into r1:r0 mov pc,lr @ return Tracing back the definition of ST_CLO in my code: #define ST_CLO (ST_BASE+4) // Counter Lower 32 bits #define ST_BASE (HW_BASE+0x3000) // System Timer base address #define HW_BASE (0x3f000000) // this is the base address for all hardware I/O addresses I have tested a similar program that I know to work on real hardware with qemu-system-arm reading the same mmio register and have the same issue, so I'm pretty sure the issue is not with my code. My Host PC is a VM on vmWare esxi running FC25 (8 cores, 8GB RAM): [adam@os-dev ~]$ uname -a Linux os-dev.jammin 4.10.8-200.fc25.x86_64 #1 SMP Fri Mar 31 13:20:22 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux I have confirmed this issue on QEMU 2.7.1 (fc25 Distro) and 2.9.0-rc3 (git). adam@os-dev ~]$ qemu-system-arm --version QEMU emulator version 2.7.1(qemu-2.7.1-4.fc25), Copyright (c) 2003-2016 Fabrice Bellard and the QEMU Project developers [adam@os-dev ~]$ ./workspace/qemu/bin/debug/native/arm-softmmu/qemu-system-arm --version QEMU emulator version 2.8.93 (v2.9.0-rc3-15-g5daf9b3) Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers A remote debugger for my kernel shows the following: (gdb) info reg r0 0x0 0 r1 0x0 0 r2 0x96 150 r3 0x0 0 r4 0xa000 40960 r5 0x0 0 r6 0x0 0 r7 0x0 0 r8 0x0 0 r9 0xa000 40960 r10 0x0 0 r11 0x7fdc 32732 r12 0x0 0 sp 0x7fc8 0x7fc8 lr 0x8194 33172 pc 0x80a4 0x80a4 cpsr 0x800001d3 -2147483181 (gdb) stepi 0x000080a8 in ?? () (gdb) info reg r0 0x3f003004 1056976900 r1 0x0 0 r2 0x96 150 r3 0x0 0 r4 0xa000 40960 r5 0x0 0 r6 0x0 0 r7 0x0 0 r8 0x0 0 r9 0xa000 40960 r10 0x0 0 r11 0x7fdc 32732 r12 0x0 0 sp 0x7fc8 0x7fc8 lr 0x8194 33172 pc 0x80a8 0x80a8 cpsr 0x800001d3 -2147483181 (gdb) stepi 0x000080ac in ?? () (gdb) info reg r0 0x0 0 r1 0x0 0 r2 0x96 150 r3 0x0 0 r4 0xa000 40960 r5 0x0 0 r6 0x0 0 r7 0x0 0 r8 0x0 0 r9 0xa000 40960 r10 0x0 0 r11 0x7fdc 32732 r12 0x0 0 sp 0x7fc8 0x7fc8 lr 0x8194 33172 pc 0x80ac 0x80ac cpsr 0x800001d3 -2147483181 Notice r0 is loaded with the address for CLO and then cleared with 0 when read. I am writing my code against the documented specifications in "BCM2835 ARM Peripherals" (attached for convenience), section "12 System Timer". Please let me know if you need anything else from me. The command lines are: [adam@os-dev ~]$ qemu-system-aarch64 -m 256 -M raspi2 -serial stdio -kernel bin/rpi2b/kernel.elf [adam@os-dev workspace]$ ./qemu/bin/debug/native/arm-softmmu/qemu-system-arm -m 256 -M raspi2 -serial stdio -kernel century/bin/rpi2b/kernel.elf A sample kernel is also attached for your convenience. The raspi2 board model is only partial, and is missing various devices that weren't used by the test images that it was tested with (mostly Windows-for-Arm, I think). The "system timer" is one of the devices that hasn't been implemented, which is why the memory locations where it should be just read-as-zero. Is anybody still working on the raspi2 model? If not, shall we close this as WontFix? The timer has been implemented, see commits: d05be883fc9 ("hw/timer/bcm2835: Add the BCM2835 SYS_timer") 0e5bbd74064 ("hw/arm/bcm2835_peripherals: Use the SYS_timer") 722bde6789c ("hw/arm/bcm2835_peripherals: Correctly wire the SYS_timer IRQs") Running the attached test with "-trace bcm2835_systmr_read" produces: 1634226@1605697958.837194:bcm2835_systmr_read timer read: offset 0x4 data 0x7cfc 1634226@1605697958.837229:bcm2835_systmr_read timer read: offset 0x8 data 0x0 1634226@1605697958.837313:bcm2835_systmr_read timer read: offset 0x4 data 0x7d73 1634226@1605697958.837323:bcm2835_systmr_read timer read: offset 0x8 data 0x0 1634226@1605697958.837439:bcm2835_systmr_read timer read: offset 0x4 data 0x7df1 1634226@1605697958.837454:bcm2835_systmr_read timer read: offset 0x8 data 0x0 1634226@1605697958.837553:bcm2835_systmr_read timer read: offset 0x4 data 0x7e64 1634226@1605697958.837561:bcm2835_systmr_read timer read: offset 0x8 data 0x0 1634226@1605697958.837568:bcm2835_systmr_read timer read: offset 0x4 data 0x7e73 1634226@1605697958.837574:bcm2835_systmr_read timer read: offset 0x8 data 0x0 1634226@1605697958.837578:bcm2835_systmr_read timer read: offset 0x4 data 0x7e7d 1634226@1605697958.837582:bcm2835_systmr_read timer read: offset 0x8 data 0x0 1634226@1605697958.837586:bcm2835_systmr_read timer read: offset 0x4 data 0x7e85 1634226@1605697958.837590:bcm2835_systmr_read timer read: offset 0x8 data 0x0 1634226@1605697958.837594:bcm2835_systmr_read timer read: offset 0x4 data 0x7e8d 1634226@1605697958.837598:bcm2835_systmr_read timer read: offset 0x8 data 0x0 1634226@1605697958.837602:bcm2835_systmr_read timer read: offset 0x4 data 0x7e95 1634226@1605697958.837606:bcm2835_systmr_read timer read: offset 0x8 data 0x0 1634226@1605697958.837611:bcm2835_systmr_read timer read: offset 0x4 data 0x7e9e 1634226@1605697958.837616:bcm2835_systmr_read timer read: offset 0x8 data 0x0 1634226@1605697958.837621:bcm2835_systmr_read timer read: offset 0x4 data 0x7ea7 1634226@1605697958.837625:bcm2835_systmr_read timer read: offset 0x8 data 0x0 1634226@1605697958.837629:bcm2835_systmr_read timer read: offset 0x4 data 0x7eaf 1634226@1605697958.837634:bcm2835_systmr_read timer read: offset 0x8 data 0x0 1634226@1605697958.837640:bcm2835_systmr_read timer read: offset 0x4 data 0x7ebb 1634226@1605697958.837646:bcm2835_systmr_read timer read: offset 0x8 data 0x0 1634226@1605697958.837653:bcm2835_systmr_read timer read: offset 0x4 data 0x7ec8 1634226@1605697958.837666:bcm2835_systmr_read timer read: offset 0x8 data 0x0 1634226@1605697958.837673:bcm2835_systmr_read timer read: offset 0x4 data 0x7edc 1634226@1605697958.837679:bcm2835_systmr_read timer read: offset 0x8 data 0x0 1634226@1605697958.837685:bcm2835_systmr_read timer read: offset 0x4 data 0x7ee7 1634226@1605697958.837690:bcm2835_systmr_read timer read: offset 0x8 data 0x0 1634226@1605697958.837696:bcm2835_systmr_read timer read: offset 0x4 data 0x7ef2 1634226@1605697958.837707:bcm2835_systmr_read timer read: offset 0x8 data 0x0 1634226@1605697958.837713:bcm2835_systmr_read timer read: offset 0x4 data 0x7f03 1634226@1605697958.837717:bcm2835_systmr_read timer read: offset 0x8 data 0x0 Released with QEMU v5.2.0.