id = 1500
title = "Some system/debug regisiters are inconsistent with real device in qemu-system-arm"
state = "closed"
created_at = "2023-02-21T02:49:13.478Z"
closed_at = "2023-02-27T11:10:28.549Z"
labels = ["Closed::WontFix", "accel: TCG", "target: arm"]
url = "https://gitlab.com/qemu-project/qemu/-/issues/1500"
host-os = "Ubuntu 20.04"
host-arch = "x86"
qemu-version = "7.2.0"
guest-os = "-"
guest-arch = "cortex-a7"
description = """We used differential testing to compared the instruction consistency (ARMv7) between QEMU and raspberry pi 2B in system level and some inconsistency in system regisiter was detected.

1. CCSIDR--Cache Size ID Registers

   **Inconsistency**

   - CCSIDR in QEMU: 0x701fe00a--Associativity: 2, Number of sets:256

   - CCSIDR in  Raspi2B: 0x700fe01a--Associativity: 4, Number of sets:128

   **Tested Instruction sample**

   - MRC_T1A1_A 11101110001100000000111100010000 0xee300f10

   According to ARMv7 Manual B4.1.19 encoding, the NumSets and Associativity are set different bewteen QEMU when emulating raspi2b and raspi2b.

   The CCSIDR is set in the function`cortex_a7_initfn(Object *obj)` in target/arm/cpu_tcg.c for cortex_a7. 

2. DBGDRAR--Debug ROM Address Register

   **Inconsistency**

   - DBGDRAR in QEMU: 0x0 --Invalid

   - DBGDRAR in  Raspi2B: 0x40020003--Valid

   According to ARMv7 Manual C11.11.16 encoding, the DBGDRAR in qemu is invalid.

   **Tested Instruction sample**

   - MRC_T1A1_A 11101110000100010001111000010000 0xee111e10"""
reproduce = """1. Compile a kernel module to run the test instruction in PL1.
2. Use kgdb to get the register info"""
additional = """"""