1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
|
id = 2146
title = "qemu-system-aarch64 Segfaults"
state = "opened"
created_at = "2024-02-01T19:52:50.052Z"
closed_at = "n/a"
labels = ["host: x86", "target: arm", "workflow::Needs Info"]
url = "https://gitlab.com/qemu-project/qemu/-/issues/2146"
host-os = "Linux Mint 21.3 Cinnamon"
host-arch = "x86_64"
qemu-version = "8.2.50 (v8.2.0-924-gbd2e12310b), 8.2.1, 6.2.0 (Debian 1:6.2+dfsg-2ubuntu6.16)"
guest-os = "Debian GNU/Linux 12"
guest-arch = "aarch64"
description = """Never finishes the script below always segfaults after a few hours
in seemingly random functions."""
reproduce = """This is what i did with qemu version 8.2.1
inside test directory:
1. wget https://download.qemu.org/qemu-8.2.1.tar.xz
2. tar xvJf qemu-8.2.1.tar.xz
3. cd qemu-8.2.1
4. ./configure --target-list="aarch64-linux-user, aarch64-softmmu" --enable-slirp (crashes with and without --enable-debug)
5. make -j$(nproc)
6. ln -sf "$PWD/build/qemu-system-aarch64" "../qemu-system-aarch64"
7. cd ..
Now the VM
1. wget -O installer-linux https://deb.debian.org/debian/dists/bookworm/main/installer-arm64/current/images/netboot/debian-installer/arm64/linux
2. wget -O installer-initrd.gz https://deb.debian.org/debian/dists/bookworm/main/installer-arm64/current/images/netboot/debian-installer/arm64/initrd.gz
3. qemu-img create -f qcow2 hda.qcow2 15G
4. ./qemu-system-aarch64 -M virt -m 6G -cpu cortex-a72 \\
-kernel installer-linux \\
-initrd installer-initrd.gz \\
-drive if=none,file=hda.qcow2,format=qcow2,id=hd \\
-device virtio-blk-pci,drive=hd \\
-netdev user,id=mynet \\
-device virtio-net-pci,netdev=mynet \\
-nographic -no-reboot \\
-accel tcg,thread=multi \\
-smp 8
5. Install minimal debian inside the VM
6. sudo virt-copy-out -a hda.qcow2 /boot/vmlinuz-6.1.0-17-arm64 /boot/initrd.img-6.1.0-17-arm64 .
7. ./qemu-system-aarch64 -M virt -m 6G -cpu cortex-a72 \\
-kernel vmlinuz-6.1.0-17-arm64 \\
-initrd initrd.img-6.1.0-17-arm64 \\
-append 'root=/dev/vda2' \\
-drive if=none,file=hda.qcow2,format=qcow2,id=hd \\
-device virtio-blk-pci,drive=hd \\
-netdev user,id=mynet,hostfwd=tcp::10022-:22 \\
-device virtio-net-pci,netdev=mynet \\
-nographic \\
-accel tcg,thread=multi \\
-smp 8
8. Now run this script inside some directory inside the VM(you might need to install gcc first)
#!/bin/bash
wget --no-clobber https://sourceware.org/pub/binutils/releases/binutils-2.41.tar.xz
wget --no-clobber https://ftp.gnu.org/gnu/mpfr/mpfr-4.2.0.tar.xz
wget --no-clobber https://ftp.gnu.org/gnu/gmp/gmp-6.3.0.tar.xz
wget --no-clobber https://ftp.gnu.org/gnu/mpc/mpc-1.3.1.tar.gz
wget --no-clobber https://ftp.gnu.org/gnu/gcc/gcc-13.2.0/gcc-13.2.0.tar.xz
BUG_TARGET="$(uname -m)-bug-linux-gnu"
tar -xf binutils-2.41.tar.xz
cd binutils-2.41
mkdir -vp build
cd build
../configure --prefix=$PWD \\
--with-sysroot=$PWD \\
--target=$BUG_TARGET \\
--disable-nls \\
--enable-gprofng=no \\
--disable-werror \\
--disable-gdb
make --jobs $(nproc)
cd ../..
rm -rf binutils
tar -xf gcc-13.2.0.tar.xz
cd gcc-13.2.0
tar -xf ../mpfr-4.2.0.tar.xz
tar -xf ../gmp-6.3.0.tar.xz
tar -xf ../mpc-1.3.1.tar.gz
mv mpfr-4.2.0 mpfr
mv gmp-6.3.0 gmp
mv mpc-1.3.1 mpc
mkdir -vp build
cd build
../configure --prefix=$PWD \\
--with-sysroot=$PWD \\
--target=$BUG_TARGET \\
--with-glibc-version=2.38 \\
--with-newlib \\
--without-headers \\
--enable-default-pie \\
--enable-default-ssp \\
--disable-nls \\
--disable-shared \\
--disable-multilib \\
--disable-threads \\
--disable-libatomic \\
--disable-libgomp \\
--disable-libquadmath \\
--disable-libssp \\
--disable-libvtv \\
--disable-libstdcxx \\
--enable-languages=c,c++
make --jobs $(nproc)
cd ../..
rm -rf gcc"""
additional = """I tried all the versions listed above, 6.2 usually segfaults in binutils while the other two run further.
Example:
```
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x000055555615dd37 in tlb_index (cpu=<Cannot access memory at address 0x7fffefffe1c8>,
mmu_idx=<Cannot access memory at address 0x7fffefffe1c0>,
addr=<Cannot access memory at address 0x7fffefffe1b8>)
at qemu-8.2.1/include/exec/cpu_ldst.h:367
367\t uintptr_t size_mask = cpu->neg.tlb.f[mmu_idx].mask >> CPU_TLB_ENTRY_BITS;
[Current thread is 1 (LWP 857562)]
```"""
|