Bug 240037 - emulators/qemu-user-static: READ_SPECIALREG(ID_AA64ISAR0_EL1) crashes qemu on aarch64
Summary: emulators/qemu-user-static: READ_SPECIALREG(ID_AA64ISAR0_EL1) crashes qemu on...
Status: New
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: freebsd-emulation (Nobody)
: 241542 (view as bug list)
Depends on:
Reported: 2019-08-22 14:43 UTC by Jan Beich
Modified: 2020-03-08 22:36 UTC (History)
5 users (show)

See Also:
bugzilla: maintainer-feedback? (emulation)

patch (10.22 KB, patch)
2020-01-15 12:04 UTC, Mikael Urankar
no flags Details | Diff
patch2 (9.18 KB, patch)
2020-01-15 13:28 UTC, Mikael Urankar
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Jan Beich freebsd_committer 2019-08-22 14:43:29 UTC
If a port tries to detect CPU features during build poudriere hangs. The cause appears a qemu crash e.g.,

$ poudriere testport -j 112aarch64 security/nss
gmake[4]: Leaving directory 'cmd/shlibsign/mangle'
cd OPT.OBJ ; sh 'cmd/shlibsign/.'/sign.sh 'cmd/shlibsign/../../../dist/OPT.OBJ' \
'cmd/shlibsign/OPT.OBJ' FreeBSD \
'cmd/shlibsign/../../../dist/OPT.OBJ/lib' 'cmd/shlibsign/../../../dist/OPT.OBJ/lib/libsoftokn3.so'
cmd/shlibsign/OPT.OBJ/shlibsign -v -i cmd/shlibsign/../../../dist/OPT.OBJ/lib/libsoftokn3.so
qemu:handle_cpu_signal received signal outside vCPU context @ pc=0x602e5b07

$ cat a.c
#include <sys/types.h>
#include <machine/armreg.h>
#include <stdio.h>

int main(void)
  uint64_t id_aa64isar0;
  id_aa64isar0 = READ_SPECIALREG(ID_AA64ISAR0_EL1);
  if (ID_AA64ISAR0_AES(id_aa64isar0) == ID_AA64ISAR0_AES_BASE) {
    printf("AES found\n");
  if (ID_AA64ISAR0_AES(id_aa64isar0) == ID_AA64ISAR0_AES_PMULL) {
    printf("PMULL found\n");
  if (ID_AA64ISAR0_SHA1(id_aa64isar0) == ID_AA64ISAR0_SHA1_BASE) {
    printf("SHA1 found\n");
  if (ID_AA64ISAR0_SHA2(id_aa64isar0) == ID_AA64ISAR0_SHA2_BASE) {
    printf("SHA2 found\n");
  return 0;

$ cc a.c
$ ./a.out
qemu: uncaught target signal 4 (Illegal instruction) - core dumped
Illegal instruction
Comment 1 Dmitri Goutnik freebsd_committer 2019-10-28 20:22:35 UTC
*** Bug 241542 has been marked as a duplicate of this bug. ***
Comment 2 Jan Beich freebsd_committer 2019-10-28 22:04:39 UTC
Possible workarounds:
1. Disable runtime detection when getenv("QEMU_EMULATING") != NULL
2. Switch to elf_aux_info(AT_HWCAP,,) a la getauxval(AT_HWCAP)

security/nss currently uses (1) approach, see files/patch-lib_freebl_blinit.c
Comment 3 Kyle Evans freebsd_committer 2019-11-14 12:48:06 UTC
Mikael had another version of this laying around as well; I'll hunt it down later.

Reassigning to new maintainer.
Comment 4 Jonathan Chen 2020-01-11 17:15:07 UTC
*** Bug 243265 has been marked as a duplicate of this bug. ***
Comment 5 Mikael Urankar freebsd_committer 2020-01-15 12:04:00 UTC
Created attachment 210757 [details]

Can you try the attached patch (it's for /usr/ports/emulators/qemu-user-static-devel).
It seems to work here, I tried with this program but I haven't checked if the returned value are sane:

#include <stdlib.h>
#include <stdio.h>
#include <sys/types.h>
#include <machine/armreg.h>
#include <machine/_stdint.h>

main(int argc, char **argv)
        uint64_t id_aa64isar0, id_aa64pfr0;
        id_aa64isar0 = READ_SPECIALREG(id_aa64isar0_EL1);
        id_aa64pfr0 = READ_SPECIALREG(id_aa64pfr0_EL1);

        printf("id_aa64isar0: 0x%lx, id_aa64pfr0: 0x%lx\n", id_aa64isar0, id_aa64pfr0);
        return (0);

id_aa64isar0: 0x111110012120, id_aa64pfr0: 0x110000

I haven't tried qemu-user-static.
Comment 6 Mikael Urankar freebsd_committer 2020-01-15 13:28:41 UTC
Created attachment 210759 [details]

And the patch for qemu-user-static.
It returns 0 for the cpu features though:
id_aa64isar0: 0x0, id_aa64pfr0: 0x0
Comment 7 Jonathan Chen 2020-01-20 18:27:48 UTC
I've tried Mikael's patch against bug 243265, and it does get over the CPU feature detection error.

However, the java-build does stumble over another emulation error...