Bug #1728448 “qemu-system-arm segmentation fault with cpu cortex...” : Bugs : QEMU

Kevin (kevupalph) on 2017-10-29

tags:	added: qemu
tags:	added: arm
tags:	added: cortex cpu
tags:	added: segfault

Revision history for this message

Peter Maydell (pmaydell) wrote on 2017-10-29: Re: [Qemu-devel] [Bug 1728448] [NEW] qemu-system-arm segmentation fault with cpu cortex-m*

#1

On 29 October 2017 at 19:24, Kevin <email address hidden> wrote:
> I try to run an emulation with qemu-system-arm under a cpu cortex-m3 but
> any execution under the processor result by a segmentation fault.
>
> My command is : qemu-system-arm -m 256 -M versatilepb -cpu cortex-m3
> -kernel ~/qemu/wheezy/vmlinuz-3.2.0-4-versatile -initrd
> ~/qemu/wheezy/initrd.img-3.2.0-4-versatile -hda ~/qemu/wheezy/hda.img
> -append 'root=/dev/sda1'

This command line is never going to work, for multiple reasons.
Unfortunately QEMU currently doesn't do a good job of identifying
option combinations which we know are wrong (like -cpu cortex-m3
with -M versatilepb) and printing an error message.

The major problem here is that the cortex-m3 is a microcontroller,
which is significantly different from the 'A-profile' devices
that Linux runs on. It has no MMU and usually 16MB of RAM or less:
why are you trying to run Linux on it? This will never work.

Secondly, the "versatilepb" board is not a board which you can
use a Cortex-M3 with -- it's only intended to work with certain
CPUs, mainly the arm926.

Thirdly, that looks like a prebuilt versatile kernel image -- it
probably won't work with a random CPU that's not the one the
versatile has, and it *definitely* won't work with the M3.

Basic rule of thumb for QEMU ARM boards -- don't try to specify
"-cpu" unless you have documentation that specifically tells you
to. You're much more likely to create something that's just
a broken config that guest software can't handle. This is
always true for the Cortex-M3 -- unless the board is intended
to work with the M3 and is creating the correct interrupt
controller, you'll just end up with a broken model.

If you need to use the Cortex-M3 then use one of the boards
which works with it -- lm3s6965evb, lm3s811evb, mps2-an385,
mps2-an511, or netduino2. You'll also need to run guest code
which is actually built for the board you're using and for
the Cortex-M3 (likely some kind of RTOS, or bare metal code.)
The MPS2 boards have the most RAM, but they're only in recent
QEMU versions.

thanks
-- PMM

On 29 October 2017 at 19:24, Kevin <1728448@bugs.launchpad.net> wrote:
> I try to run an emulation with qemu-system-arm under a cpu cortex-m3 but
> any execution under the processor result by a segmentation fault.
>
> My command is : qemu-system-arm -m 256 -M versatilepb -cpu cortex-m3
> -kernel ~/qemu/wheezy/vmlinuz-3.2.0-4-versatile -initrd
> ~/qemu/wheezy/initrd.img-3.2.0-4-versatile -hda ~/qemu/wheezy/hda.img
> -append 'root=/dev/sda1'

This command line is never going to work, for multiple reasons.
Unfortunately QEMU currently doesn't do a good job of identifying
option combinations which we know are wrong (like -cpu cortex-m3
with -M versatilepb) and printing an error message.

The major problem here is that the cortex-m3 is a microcontroller,
which is significantly different from the 'A-profile' devices
that Linux runs on. It has no MMU and usually 16MB of RAM or less:
why are you trying to run Linux on it? This will never work.

Secondly, the "versatilepb" board is not a board which you can
use a Cortex-M3 with -- it's only intended to work with certain
CPUs, mainly the arm926.

Thirdly, that looks like a prebuilt versatile kernel image -- it
probably won't work with a random CPU that's not the one the
versatile has, and it *definitely* won't work with the M3.

Basic rule of thumb for QEMU ARM boards -- don't try to specify
"-cpu" unless you have documentation that specifically tells you
to. You're much more likely to create something that's just
a broken config that guest software can't handle. This is
always true for the Cortex-M3 -- unless the board is intended
to work with the M3 and is creating the correct interrupt
controller, you'll just end up with a broken model.

If you need to use the Cortex-M3 then use one of the boards
which works with it -- lm3s6965evb, lm3s811evb, mps2-an385,
mps2-an511, or netduino2. You'll also need to run guest code
which is actually built for the board you're using and for
the Cortex-M3 (likely some kind of RTOS, or bare metal code.)
The MPS2 boards have the most RAM, but they're only in recent
QEMU versions.

thanks
-- PMM

Revision history for this message

Kevin (kevupalph) wrote on 2017-11-03:

#2

Thank you for you answer.

I wanted to emulate under cortex-M3 because I need to exéutute an executable who will install a kernel but only runs under cortex-M3, for then realized fuzzing on this kernel.

But, I will try with freeRTOS.

Revision history for this message

Peter Maydell (pmaydell) wrote on 2017-11-06:

#3

I'm closing this bug as it's a command line issue. Please open a new bug if you have further problems.

Changed in qemu:
status:	New → Invalid

QEMU

qemu-system-arm segmentation fault with cpu cortex-m*

Bug Description

Other bug subscribers

Remote bug watches