Skip to content

Booting arm64 Linux in TCG mode fails with "ERROR:../tcg/tcg.c:4317:temp_load: code should not be reached"

Host environment

  • Operating system: Debian 11.6 (X86_64)
  • OS/kernel version: Linux lakrids 5.10.0-9-amd64 #1 SMP Debian 5.10.70-1 (2021-09-30) x86_64 GNU/Linux
  • Architecture: X86_64
  • QEMU flavor: qemu-system-aarch64
  • QEMU version: HEAD (commit 5f9dd6a8)
  • QEMU command line: /home/mark/.opt/apps/qemu-v8.0.0-1645-ge6dd5e78/bin/qemu-system-aarch64 -smp 1 -nographic --accel tcg -machine virt,gic-version=max -cpu max -hda rootfs/aarch64le.ext4 -snapshot -kernel /home/mark/src/linux/arch/arm64/boot/Image -append "console=ttyAMA0 root=/dev/vda rw"

Emulated/Virtualized environment

  • Operating system: Linux 6.3 + buildroot aarch64 filesystem
  • OS/kernel version: Linux v6.3 (commit 457391b0380335d5e9a5babdec90ac53928b23b4) defconfig
  • Architecture: arm64

Description of problem

Linux seems to boot successfully, but around loading/executing userspace, QEMU crashes with an error:

[    4.047919] EXT4-fs (vda): mounted filesystem 59b147ee-5613-43a2-aab4-eaceb6e95be5 with ordered data mode. Quota mode: none.
[    4.049630] VFS: Mounted root (ext4 filesystem) on device 254:0.
[    4.055437] devtmpfs: mounted
[    4.160039] Freeing unused kernel memory: 8256K
[    4.161855] Run /sbin/init as init process
[    4.547387] EXT4-fs (vda): re-mounted 59b147ee-5613-43a2-aab4-eaceb6e95be5. Quota mode: none.
**
ERROR:../tcg/tcg.c:4317:temp_load: code should not be reached
Bail out! ERROR:../tcg/tcg.c:4317:temp_load: code should not be reached
zsh: abort      /home/mark/.opt/apps/qemu-v8.0.0-1645-ge6dd5e782b/bin/qemu-system-aarch64 -sm

Steps to reproduce

  1. Run the provided qemu commandline
  2. Wait for QEMU to crash

Additional information

I attempted a bisect, which suggests that the first bad commit is:

[e6dd5e782becfe6d51f3575c086f5bd7162421d0] target/arm: Use tcg_gen_qemu_{ld, st}_i128 in gen_sve_{ld, st}r

The full bisect log is:

[mark@lakrids:~/src/qemu]% git bisect log
git bisect start
# good: [f7f686b61cf7ee142c9264d2e04ac2c6a96d37f8] Update version for 8.0.2 release
git bisect good f7f686b61cf7ee142c9264d2e04ac2c6a96d37f8
# bad: [5f9dd6a8ce3961db4ce47411ed2097ad88bdf5fc] Merge tag 'pull-9p-20230608' of https://github.com/cschoenebeck/qemu into staging
git bisect bad 5f9dd6a8ce3961db4ce47411ed2097ad88bdf5fc
# good: [c1eb2ddf0f8075faddc5f7c3d39feae3e8e9d6b4] Update version for v8.0.0 release
git bisect good c1eb2ddf0f8075faddc5f7c3d39feae3e8e9d6b4
# good: [1a42d9d472b61e4db2fb16800495d402cb9b94af] tcg/sparc64: Split out tcg_out_movi_s32
git bisect good 1a42d9d472b61e4db2fb16800495d402cb9b94af
# good: [a30498fcea5a8b9c544324ccfb0186090104b229] tcg/riscv: Support CTZ, CLZ from Zbb
git bisect good a30498fcea5a8b9c544324ccfb0186090104b229
# good: [759573d05b808344f7047f893d2dd095884dfa4d] test-cutils: Add coverage of qemu_strtod
git bisect good 759573d05b808344f7047f893d2dd095884dfa4d
# good: [dc2a070d125772fe30384596d4d4ce6d9950b004] hw/arm/allwinner-r40: add Clock Control Unit
git bisect good dc2a070d125772fe30384596d4d4ce6d9950b004
# good: [c0dde5fc5ccce56b69095bc29af72987efd65d1e] accel/tcg: Fix undefined shift in store_whole_le16
git bisect good c0dde5fc5ccce56b69095bc29af72987efd65d1e
# bad: [e58e55dd8d5777f8a58ce30cfe04a8023282eb80] meson: fix "static build" entry in summary
git bisect bad e58e55dd8d5777f8a58ce30cfe04a8023282eb80
# bad: [5c13983e23de4095e2dfa8bc52333ef40ebe40db] target/arm: Sink gen_mte_check1 into load/store_exclusive
git bisect bad 5c13983e23de4095e2dfa8bc52333ef40ebe40db
# good: [6c4f229a2e0d6f882bae389ce0c5bdaea712ce0f] tests: avocado: boot_linux_console: Add test case for bpim2u
git bisect good 6c4f229a2e0d6f882bae389ce0c5bdaea712ce0f
# good: [e452ca5af88fc49b3026c2de0f1e65fd18d1a656] target/arm: Introduce finalize_memop_{atom,pair}
git bisect good e452ca5af88fc49b3026c2de0f1e65fd18d1a656
# good: [d450bd0157be43d273116c3e3617883c8a0ac3d1] target/arm: Use tcg_gen_qemu_{st, ld}_i128 for do_fp_{st, ld}
git bisect good d450bd0157be43d273116c3e3617883c8a0ac3d1
# bad: [e6dd5e782becfe6d51f3575c086f5bd7162421d0] target/arm: Use tcg_gen_qemu_{ld, st}_i128 in gen_sve_{ld, st}r
git bisect bad e6dd5e782becfe6d51f3575c086f5bd7162421d0
# good: [e6073d88cc1fb43b00be16f79d9d6b0f9d2276f5] target/arm: Use tcg_gen_qemu_st_i128 for STZG, STZ2G
git bisect good e6073d88cc1fb43b00be16f79d9d6b0f9d2276f5
# first bad commit: [e6dd5e782becfe6d51f3575c086f5bd7162421d0] target/arm: Use tcg_gen_qemu_{ld, st}_i128 in gen_sve_{ld, st}r

Each build step was performed with:

 git clean -fdx && ./configure --prefix=/home/mark/.opt/apps/qemu-$(git describe --long HEAD) --enable-debug-info --disable-strip && make -j64 && make install
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information