diff mbox series

[v2] timer: Handle decrements of PIT counter

Message ID 20200626180656.3441-1-r.bolshakov@yadro.com (mailing list archive)
State New, archived
Headers show
Series [v2] timer: Handle decrements of PIT counter | expand

Commit Message

Roman Bolshakov June 26, 2020, 6:06 p.m. UTC
There's a fallback to PIT if TSC is not present but it doesn't work
properly. It prevents boot from floppy on isapc and 486 cpu [1][2].

SeaBIOS configures PIT in Mode 2. PIT counter is decremented in the mode
but timer_adjust_bits() thinks that the counter overflows and increases
32-bit tick counter on each detected "overflow". Invalid overflow
detection results in 55ms time advance (1 / 18.2Hz) on each read from
PIT counter. So all timers expire much faster and 5-second floppy
timeout expires in 83 real microseconds (or just a bit longer).

It can be fixed by making the counter recieved from PIT an increasing
value so it can be passed to timer_adjust_bits():
0, 1, 2 and up to 65535 and then the counter is re-loaded with 0.

1. https://bugs.launchpad.net/seabios/+bug/1840719
2. https://lists.gnu.org/archive/html/qemu-devel/2019-08/msg03924.html

Fixes: eac11944019 ("Unify pmtimer_read() and pittimer_read() code.")
Reported-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Roman Bolshakov <r.bolshakov@yadro.com>
---
Changes since v1:
- Simplified change of counter direction (Kevin)

 src/hw/timer.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Kevin O'Connor June 26, 2020, 6:27 p.m. UTC | #1
On Fri, Jun 26, 2020 at 09:06:58PM +0300, Roman Bolshakov wrote:
> There's a fallback to PIT if TSC is not present but it doesn't work
> properly. It prevents boot from floppy on isapc and 486 cpu [1][2].
> 
> SeaBIOS configures PIT in Mode 2. PIT counter is decremented in the mode
> but timer_adjust_bits() thinks that the counter overflows and increases
> 32-bit tick counter on each detected "overflow". Invalid overflow
> detection results in 55ms time advance (1 / 18.2Hz) on each read from
> PIT counter. So all timers expire much faster and 5-second floppy
> timeout expires in 83 real microseconds (or just a bit longer).
> 
> It can be fixed by making the counter recieved from PIT an increasing
> value so it can be passed to timer_adjust_bits():
> 0, 1, 2 and up to 65535 and then the counter is re-loaded with 0.
> 
> 1. https://bugs.launchpad.net/seabios/+bug/1840719
> 2. https://lists.gnu.org/archive/html/qemu-devel/2019-08/msg03924.html

Thanks.  I committed this change.

-Kevin
diff mbox series

Patch

diff --git a/src/hw/timer.c b/src/hw/timer.c
index 56bb289..b6f102e 100644
--- a/src/hw/timer.c
+++ b/src/hw/timer.c
@@ -180,7 +180,7 @@  timer_read(void)
     // Read from PIT.
     outb(PM_SEL_READBACK | PM_READ_VALUE | PM_READ_COUNTER0, PORT_PIT_MODE);
     u16 v = inb(PORT_PIT_COUNTER0) | (inb(PORT_PIT_COUNTER0) << 8);
-    return timer_adjust_bits(v, 0xffff);
+    return timer_adjust_bits(-v, 0xffff);
 }
 
 // Return the TSC value that is 'msecs' time in the future.