Bug: qemu_arm64: Cannot access the second flash bank

Matthias Brugger mbrugger at suse.com
Mon Sep 13 11:30:59 CEST 2021


Hi Robin,

It's a long long time that you reported this issue.

I prepared a fix in qemu for it. Would you mind to try it out? You can find a 
branch with the fix on top here:
https://github.com/mbgg/qemu/tree/vrit-flash-dtb-bug

Basically I fix the reg property to reflect the fact that the size-cell is one.

Please let me know if that fixes the issue for you and I'll send the fix upstream.

Regards,
Matthias

On 01/01/2020 19:20, Robin Randhawa wrote:
> Hi folks.
> 
> [CC'ing some hopefully relevant folks].
> 
> As of:
> 
> commit 0ba41ce1b7816c229cc19e0621148b98f990cb68
> libfdt: return correct value if #size-cells property is not present
> 
> .. accesses to the second flash bank on the qemu_arm64 virtual board
> appear broken.
> 
> To demonstrate, consider that the physical memory map for the 2 flash
> banks is:
> 
> Bank 1: 0x0000_0000 - 0x03FC_0000
> Bank 2: 0x0400_0000 - 0x7FC0_0000
> 
> Now, consider the abbreviated output of the flinfo command pre and post
> the above commit:
> 
> Pre:
> ===
> 
> => flinfo
> 
> Bank # 1: CFI conformant flash (32 x 16)  Size: 64 MB in 256 Sectors
>    Intel Extended command set, Manufacturer ID: 0x89, Device ID: 0x0018
>    Erase timeout: 16384 ms, write timeout: 3 ms
>    Buffer write timeout: 3 ms, buffer size: 2048 bytes
> 
>    Sector Start Addresses:
>    00000000   RO   00040000   RO   00080000   RO   000C0000        00100000
>    00140000        00180000        001C0000        00200000        00240000
>    .
>    .
>    03E80000        03EC0000        03F00000        03F40000        03F80000
>    03FC0000
> 
> Bank # 2: CFI conformant flash (32 x 16)  Size: 64 MB in 256 Sectors
>    Intel Extended command set, Manufacturer ID: 0x89, Device ID: 0x0018
>    Erase timeout: 16384 ms, write timeout: 3 ms
>    Buffer write timeout: 3 ms, buffer size: 2048 bytes
> 
>    Sector Start Addresses:
>    04000000   RO   04040000        04080000        040C0000        04100000
>    04140000        04180000        041C0000        04200000        04240000
>    .
>    .
>    07E80000        07EC0000        07F00000        07F40000        07F80000
>    07FC0000
> 
> Post:
> ====
> 
> => flinfo
> 
> Bank # 1: CFI conformant flash (32 x 16)  Size: 64 MB in 256 Sectors
>    Intel Extended command set, Manufacturer ID: 0x89, Device ID: 0x0018
>    Erase timeout: 16384 ms, write timeout: 3 ms
>    Buffer write timeout: 3 ms, buffer size: 2048 bytes
> 
>    Sector Start Addresses:
>    00000000   RO   00040000   RO   00080000   RO   000C0000        00100000
>    00140000        00180000        001C0000        00200000        00240000
>    .
>    .
>    03E80000        03EC0000        03F00000        03F40000        03F80000
>    03FC0000
> 
> Bank # 2: CFI conformant flash (32 x 16)  Size: 64 MB in 256 Sectors
>    Intel Extended command set, Manufacturer ID: 0x89, Device ID: 0x0018
>    Erase timeout: 16384 ms, write timeout: 3 ms
>    Buffer write timeout: 3 ms, buffer size: 2048 bytes
> 
>    Sector Start Addresses:
>    400000000000000        400000000040000        400000000080000        4000000000C0000        400000000100000
>    400000000140000        400000000180000        4000000001C0000        400000000200000        400000000240000
>    .
>    .
>   
> 400000003E80000        400000003EC0000        400000003F00000        40
> 0000003F40000        400000003F80000
>    400000003FC0000
> 
> As a result, the second bank is unusable for environment stores
> (CONFIG_ENV_ADDR is 0x4000000):
> 
> => saveenv
> Saving Environment to Flash... Error: start and/or end address not on
> sector boundary
> Error: start and/or end address not on sector boundary
> Failed (1)
> 
> Rewinding the u-boot repo to before this commit fixes the problem.
> 
> Manually (uncleanly) reverting the commit and it's dependent commits
> fixes the problem.
> 
> Here are the HEAD commits from the relevant repos that I used for the data above:
> 
> qemu: commit dd5b0f95490883cd8bc7d070db8de70d5c979cbc
> u-boot: commit 6cb87cbb1475f668689f95911d1521ee6ba7f55c
> 
> Here is the qemu invocation I used:
> 
> $ dd if=/dev/zero of=./flash0-with-uboot.img bs=1M count=64 && dd if=/path/to/u-boot.bin of=./flash0-with-uboot.img conv=notrunc
> $ qemu-system-aarch64 -M virt -cpu cortex-a53 -m 1024M -nographic -drive if=pflash,format=raw,index=0,file=flash0-with-uboot.img  -drive if=pflash,format=raw,index=1,file=flash1.img
> 
> I'm happy to help test any fixes if and as needed.
> 
> Cheers,
> Robin
> 



More information about the U-Boot mailing list