diff --git a/index.html b/index.html
index 4bbbe79..4bcfd3f 100644
--- a/index.html
+++ b/index.html
@@ -445,10 +445,13 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
+
+
+
The source code for this page is located at: https://github.com/cirosantilli/linux-kernel-module-cheat. Due to a GitHub limitation, this README is too long and not fully rendered on github.com. Either use: README.adoc, https://cirosantilli.com/linux-kernel-module-cheat or build the docs yourself.
@@ -510,6 +513,7 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
1.7.2. Baremetal setup getting started
+
1.8. Build the documentation
2. GDB step debug
@@ -1068,7 +1072,9 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
19. Buildroot
@@ -1196,7 +1208,7 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
20.2. C++
- 20.2.1. C++ multithreading
-- 20.2.2. C++ standards
+
- 20.2.2. C++ standards
@@ -1205,7 +1217,9 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
- 20.3. POSIX
- 20.4. Userland multithreading
@@ -1666,7 +1680,7 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
29.3. Run command after boot
29.4. Default command line arguments
-
29.5. Build the documentation
+29.5. Documentation
- 29.5.1. Documentation verification
@@ -1693,7 +1707,6 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
- 29.11.4. Buildroot build variants
@@ -1784,14 +1797,14 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
If you don’t know which one to go for, start with QEMU Buildroot setup getting started.
Reserve 12Gb of disk and run:
@@ -1808,7 +1821,7 @@ cd linux-kernel-module-cheat
You don’t need to clone recursively even though we have .git submodules: download-dependencies fetches just the submodules that you need for this build to save time.
The initial build will take a while (30 minutes to 2 hours) to clone and build, see Benchmark builds for more details.
@@ -1876,7 +1889,7 @@ hello2 cleanup
All available modules can be found in the kernel_modules directory.
@@ -1891,7 +1904,7 @@ hello2 cleanup
I now urge you to read the following sections which contain widely applicable information:
@@ -2040,7 +2053,7 @@ hello /root/.profile
-
When you reach difficulties, QEMU makes it possible to easily GDB step debug the Linux kernel source code, see: GDB step debug.
+
When you reach difficulties, QEMU makes it possible to easily GDB step debug the Linux kernel source code, see: Section 2, “GDB step debug”.
@@ -2125,7 +2138,7 @@ hello /root/.profile
All of this put together makes the safe procedure acceptably fast for regular development as well.
@@ -2195,10 +2208,10 @@ hello /root/.profile
If you really want to develop semiconductors, your only choice is to join an university or a semiconductor company that has the EDA licenses.
-
While hacking QEMU, you will likely want to GDB step its source. That is trivial since QEMU is just another userland program like any other, but our setup has a shortcut to make it even more convenient, see: Debug the emulator.
+
While hacking QEMU, you will likely want to GDB step its source. That is trivial since QEMU is just another userland program like any other, but our setup has a shortcut to make it even more convenient, see: Section 17.7, “Debug the emulator”.
@@ -2531,7 +2544,7 @@ j = 0
The downside of gem5 much slower than QEMU because of the greater simulation detail.
@@ -2585,7 +2598,7 @@ j = 0
At the end of boot, it might not be very clear that you have the shell since some printk messages may appear in front of the prompt like this:
@@ -2608,7 +2621,7 @@ j = 0
Good next steps are:
@@ -2634,7 +2647,7 @@ j = 0
This repository has been tested inside clean Docker containers.
-
This is a good option if you are on a Linux host, but the native setup failed due to your weird host distribution, and you have better things to do with your life than to debug it. See also: Supported hosts.
+
This is a good option if you are on a Linux host, but the native setup failed due to your weird host distribution, and you have better things to do with your life than to debug it. See also: Section 29.1, “Supported hosts”.
For example, to do a QEMU Buildroot setup inside Docker, run:
@@ -2822,7 +2835,7 @@ j = 0
-
-
can’t GDB step debug the kernel, since the source and cross toolchain with GDB are not available. Buildroot cannot easily use a host toolchain: Buildroot use prebuilt host toolchain.
+can’t GDB step debug the kernel, since the source and cross toolchain with GDB are not available. Buildroot cannot easily use a host toolchain: Section 28.2.2.1.1, “Buildroot use prebuilt host toolchain”.
Maybe we could work around this by just downloading the kernel source somehow, and using a host prebuilt GDB, but we felt that it would be too messy and unreliable.
@@ -3119,7 +3132,7 @@ dmesg
-
-
from full system simulation as shown at: QEMU Buildroot setup getting started.
+from full system simulation as shown at: Section 1.1.1, “QEMU Buildroot setup getting started”.
This is the most reproducible and controlled environment, and all examples work there. But also the slower one to setup.
@@ -3274,7 +3287,7 @@ cd userland
So you can use any option supported by build-userland script freely with build-userland-in-tree and build.
Do a more clean out-of-tree build instead and run the program:
@@ -3307,7 +3320,7 @@ cd userland
@@ -3340,7 +3353,7 @@ cd userland
--gcc-which host: use the host toolchain.
@@ -3349,7 +3362,7 @@ cd userland
Other functionality are analogous, e.g. testing:
@@ -3390,7 +3403,7 @@ cd userland
After doing that setup, you can already execute your userland programs from inside QEMU: the only missing step is how to rebuild executables and run them.
For example, if we modify userland/c/hello.c to print out something different, we can just rebuild it with:
@@ -3596,7 +3609,7 @@ error: simulation error detected by parsing logs
Note that ./build-baremetal requires the --emulator gem5 option, and generates separate executable images for both, as can be seen from:
@@ -3641,10 +3654,10 @@ echo "$(./getvar --arch aarch64 --baremetal userland/c/hello.c --emulator gem5 -
But just stick to newer and better VExpress_GEM5_V1 unless you have a good reason to use RealViewPBX.
-
When doing baremetal programming, it is likely that you will want to learn userland assembly first, see: Userland assembly.
+
When doing baremetal programming, it is likely that you will want to learn userland assembly first, see: Section 21, “Userland assembly”.
The following subjects are particularly important:
@@ -3661,6 +3674,57 @@ echo "$(./getvar --arch aarch64 --baremetal userland/c/hello.c --emulator gem5 -
+
+
+
+
You don’t need to depend on GitHub.
+
+
+
For a quick and dirty build, install Asciidoctor however you like and build:
+
+
+
+
asciidotor README.adoc
+xdg-open README.html
+
+
+
+
For development, you will want to do a more controlled build with extra error checking as follows.
+
+
+
For the initial build do:
+
+
+
+
./build --download-dependencies docs
+
+
+
+
which also downloads build dependencies.
+
+
+
Then the following times just to the faster:
+
+
+
+
+
The HTML output is located at:
+
+
+
+
xdg-open out/README.html
+
+
+
+
@@ -4444,7 +4508,7 @@ echo 'file kernel/module.c +p' > /sys/kernel/debug/dynamic_debug/control
gem5 tracing with --debug-flags=Exec does show the right symbols however! So in the worst case, we can just read their source. Amazing.
-
v4.19 also added a CONFIG_HAVE_KERNEL_UNCOMPRESSED=y option for having the kernel uncompressed which could make following the startup easier, but it is only available on s390. aarch64 however is already uncompressed by default, so might be the easiest one. See also: vmlinux vs bzImage vs zImage vs Image.
+
v4.19 also added a CONFIG_HAVE_KERNEL_UNCOMPRESSED=y option for having the kernel uncompressed which could make following the startup easier, but it is only available on s390. aarch64 however is already uncompressed by default, so might be the easiest one. See also: Section 15.21.1, “vmlinux vs bzImage vs zImage vs Image”.
@@ -4518,7 +4582,7 @@ echo 'file kernel/module.c +p' > /sys/kernel/debug/dynamic_debug/control
-
-
the emulator does not support host to guest networking. This seems to be the case for gem5: gem5 host to guest networking
+the emulator does not support host to guest networking. This seems to be the case for gem5 as explained at: Section 14.3.1.3, “gem5 host to guest networking”
-
cannot see the start of the init process easily
@@ -4536,7 +4600,7 @@ echo 'file kernel/module.c +p' > /sys/kernel/debug/dynamic_debug/control
-
the kernel might switch context to another process or to the kernel itself e.g. on a system call, and then TODO confirm the PIC would go to weird places and source code would be missing.
-
@@ -4850,7 +4914,7 @@ Breakpoint 3 at 0xffffffff811615e3: fdget_pos. (9 locations)
We can set and get which cores the Linux kernel allows a program to run on with sched_getaffinity and sched_setaffinity:
@@ -4898,7 +4962,7 @@ sched_getcpu = 0
taskset from the util-linux package sets the initial core affinity of a program:
@@ -5244,7 +5308,7 @@ Entering kdb (current=0x(____ptrval____), pid 1) on processor 0 due to Keyboard
KGDB expects the connection at ttyS1, our second serial port after ttyS0 which contains the terminal.
-
The last line is the KDB prompt, and is covered at: KDB. Typing now shows nothing because that prompt is expecting input from ttyS1.
+
The last line is the KDB prompt, and is covered at: Section 3.3, “KDB”. Typing now shows nothing because that prompt is expecting input from ttyS1.
-
The init executable is searched for in a list of paths in the root filesystem, including /init, /sbin/init and a few others. For more details see: Path to init
+
The init executable is searched for in a list of paths in the root filesystem, including /init, /sbin/init and a few others. For more details see: Section 6.3, “Path to init”
@@ -5812,7 +5876,7 @@ cr3 = 0xFFFFF0DCDC000
This just counts every second forever and does not give you a shell.
-
This method is not very flexible however, as it is hard to reliably pass multiple commands and command line arguments to the init with it, as explained at: Init environment.
+
This method is not very flexible however, as it is hard to reliably pass multiple commands and command line arguments to the init with it, as explained at: Section 6.4, “Init environment”.
For this reason, we have created a more robust helper method with the --eval option:
@@ -5834,10 +5898,10 @@ cr3 = 0xFFFFF0DCDC000
Source: rootfs_overlay/lkmc/eval_base64.sh.
--eval replaces BusyBox' init completely, which makes things more minimal, but also has has the following consequences:
@@ -5863,7 +5927,7 @@ cr3 = 0xFFFFF0DCDC000
If the script is large, you can add it to a gitignored file and pass that to --eval as in:
@@ -6282,7 +6346,7 @@ cat f
which can be good for automated tests, as it ensures that you are using a pristine unmodified system image every time.
-
Not however that we already disable disk persistency by default on ext2 filesystems even without --initrd: Disk persistency.
+
Not however that we already disable disk persistency by default on ext2 filesystems even without --initrd: Section 17.2, “Disk persistency”.
One downside of this method is that it has to put the entire filesystem into memory, and could lead to a panic:
@@ -6445,7 +6509,7 @@ cat f
@@ -6480,7 +6544,7 @@ cat f
-
We think that this might be because gem5 boots directly vmlinux, and not from the final compressed images that contain the attached rootfs such as bzImage, which is what QEMU does, see also: vmlinux vs bzImage vs zImage vs Image.
+
We think that this might be because gem5 boots directly vmlinux, and not from the final compressed images that contain the attached rootfs such as bzImage, which is what QEMU does, see also: Section 15.21.1, “vmlinux vs bzImage vs zImage vs Image”.
To do this failed test, we automatically pass a dummy disk image as of gem5 7fa4c946386e7207ad5859e8ade0bbfc14000d91 since the scripts don’t handle a missing --disk-image well, much like is currently done for Baremetal.
@@ -6886,7 +6950,7 @@ sudo ./setup -y
emulator implementers have to keep up with libc changes, some of which break even a C hello world due setup code executed before main.
@@ -6925,7 +6989,7 @@ qw er
./run --userland path resolution is analogous to that of ./run --baremetal.
-
./build user-mode-qemu first builds Buildroot, and then runs ./build-userland, which is further documented at: Userland setup. It also builds QEMU. If you ahve already done a QEMU Buildroot setup previously, this will be very fast.
+
./build user-mode-qemu first builds Buildroot, and then runs ./build-userland, which is further documented at: Section 1.6, “Userland setup”. It also builds QEMU. If you ahve already done a QEMU Buildroot setup previously, this will be very fast.
If you modify the userland programs, rebuild simply with:
@@ -6976,7 +7040,7 @@ qw er
-
To stop at the very first instruction of a freestanding program, just use --no-continue. A good example of this is shown at: Freestanding programs.
+
To stop at the very first instruction of a freestanding program, just use --no-continue. A good example of this is shown at: Section 21.5.1, “Freestanding programs”.
Tests under userland/libs/ depend on certain libraries being available on the target, e.g. BLAS for userland/libs/openblas. They are not run by default, but can be enabled with --package and --package-all.
@@ -7070,7 +7134,7 @@ qw er
@@ -7208,7 +7272,7 @@ qemu: uncaught target signal 6 (Aborted) - core dumped
gem5 user mode:
@@ -7477,11 +7541,11 @@ time \
-
./run --userland userland/posix/count.c --userland-args 3
+
./run --userland userland/posix/count_to.c --userland-args 3
-
it first waits for 3 seconds, and then dumps all the output at once, instead of counting once every second as expected.
+
it first waits for 3 seconds, then the program exits, and then it dumps all the stdout at once, instead of counting once every second as expected.
The same can be reproduced by copying the raw QEMU command and piping it through tee, so I don’t think it is a bug in our setup:
@@ -7626,10 +7690,10 @@ time \
@@ -7645,7 +7709,7 @@ time \
-we would have to think how to not have to include the kernel modules twice in the root filesystem, but still have 9P working for fast development as described at: Your first kernel module hack
+we would have to think how to not have to include the kernel modules twice in the root filesystem, but still have 9P working for fast development as described at: Section 1.1.2.2, “Your first kernel module hack”
no need to regenerate the root filesystem at all and reboot
-overcomes the check_bin_arch problem: Buildroot rebuild is slow when the root filesystem is large
+overcomes the check_bin_arch problem as shown at: Section 19.8, “Buildroot rebuild is slow when the root filesystem is large”
@@ -7879,7 +7943,7 @@ a crash or deadlock.
Text mode is the default due to the following considerable advantages:
@@ -8533,7 +8597,7 @@ xeyes
-
We disable networking by default because it starts an userland process, and we want to keep the number of userland processes to a minimum to make the system more understandable: Resource tradeoff guidelines
+
We disable networking by default because it starts an userland process, and we want to keep the number of userland processes to a minimum to make the system more understandable as explained at: Section 29.18.3, “Resource tradeoff guidelines”
To enable networking on Buildroot, simply run:
@@ -8595,7 +8659,7 @@ cat index.html
In this section we discuss how to interact between the guest and the host through networking.
-
First ensure that you can access the external network since that is easier to get working: Networking.
+
First ensure that you can access the external network since that is easier to get working, see: Section 14, “Networking”.
@@ -8879,7 +8943,7 @@ mount -t 9p -o trans=virtio,version=9p2000.L host0 /mnt/my9p
9P is better with emulation, but let’s just get this working for fun.
Then, build the kernel with NFS support:
@@ -9042,7 +9106,7 @@ cp "$(./getvar linux_build_dir)/defconfig" data/myconfig
@@ -9111,7 +9175,7 @@ CONFIG_IKCONFIG_PROC=y
-
-
a base config extracted from Buildroot’s minimal per machine .config, which has the minimal options needed to boot: About Buildroot’s kernel configs.
+a base config extracted from Buildroot’s minimal per machine .config, which has the minimal options needed to boot as explained at: Section 15.1.3.1, “About Buildroot’s kernel configs”.
-
small overlays put top of that
@@ -9152,12 +9216,12 @@ CONFIG_IKCONFIG_PROC=y
@@ -9270,7 +9334,7 @@ CONFIG_IKCONFIG_PROC=y
linux_config/min contains minimal tweaks required to boot gem5 or for using our slightly different QEMU command line options than Buildroot on all archs.
Having the same config working for both QEMU and gem5 (oh, the hours of bisection) means that you can deal with functional matters in QEMU, which runs much faster, and switch to gem5 only for performance issues.
@@ -9304,7 +9368,7 @@ CONFIG_IKCONFIG_PROC=y
-
In case something breaks while updating the Linux kernel, you can try to bisect it to understand the root cause: Bisection.
+
In case something breaks while updating the Linux kernel, you can try to bisect it to understand the root cause, see: Section 29.14, “Bisection”.
-
Because the kernel is so central to this repository, almost all tests must be re-run, so basically just follow the full testing procedure described at: Test this repo. The only tests that can be skipped are essentially the Baremetal tests.
+
Because the kernel is so central to this repository, almost all tests must be re-run, so basically just follow the full testing procedure described at: Section 29.13, “Test this repo”. The only tests that can be skipped are essentially the Baremetal tests.
Before comitting, don’t forget to update:
@@ -9376,7 +9440,17 @@ git log | grep -E ' Linux [0-9]+\.' | head
the linux_kernel_version constant in common.py
-
-
the tagline of this README
+the tagline of this repository on:
+
@@ -9748,7 +9822,7 @@ mount
@@ -10719,7 +10793,7 @@ Kernel Offset: disabled
-
-
panic=-1 command line option which reboots the kernel immediately on panic, see: Reboot on panic
+panic=-1 command line option which reboots the kernel immediately on panic, see: Section 15.7.1.4, “Reboot on panic”
-
QEMU -no-reboot, which makes QEMU exit when the guest tries to reboot
@@ -11922,7 +11996,7 @@ for i in `seq 16`; do ./netlink.out & done
Bibliography:
@@ -13276,7 +13350,7 @@ sleep 4 & sleep 4 &
Table 1. Boot instruction counts for various setups
@@ -13590,7 +13664,7 @@ detected buffer overflow in strlen
@@ -13817,7 +13891,7 @@ sendkey shift-pgdown
Under the hood, behaviour is controlled by the reboot syscall:
@@ -14536,7 +14610,7 @@ failed to initialize legacy DRM
Implements a console for DRM.
-
The Linux kernel has a built-in fbdev console: fbcon but not for DRM it seems.
+
The Linux kernel has a built-in fbdev console called Linux kernel console fun but not for DRM it seems.
Websites:
@@ -14755,7 +14829,7 @@ ps
-
so as long as we craft the correct DTB and feed it into Xen so that it can see the kernel, it should work. TODO does QEMU support patching the auto-generated DTB with pre-generated options? In the worst case we can just dump it hand hack it up though with -machine dumpdtb: Device tree emulator generation.
+
so as long as we craft the correct DTB and feed it into Xen so that it can see the kernel, it should work. TODO does QEMU support patching the auto-generated DTB with pre-generated options? In the worst case we can just dump it hand hack it up though with -machine dumpdtb, see: Section 8.4, “Device tree emulator generation”.
Now you can play a fun little game with your friends:
@@ -16873,7 +16947,99 @@ getconf _NPROCESSORS_CONF
-
+
+
+
TODO why in User mode simulation QEMU always shows the number of cores of the host. E.g., both of the following output the same as nproc on the host:
+
+
+
+
nproc
+./run --userland userland/cpp/thread_hardware_concurrency.cpp
+./run --cpus 2 --userland userland/cpp/thread_hardware_concurrency.cpp
+
+
+
+
+
We can confirm that with:
+
+
+
+
./run --userland userland/posix/pthread_count.c --userland-args 4
+ps Haux | grep qemu | wc
+
+
+
+
+
At 369a47fc6e5c2f4a7f911c1c058b6088f8824463 + 1 QEMU appears to spawn 3 host threads plus one for every new guest thread created. Remember that userland/posix/pthread_count.c spawns N + 1 total threads if you count the main thread.
+
+
+
+
+
gem5 user mode multi core has been particularly flaky compared to QEMU’s.
+
+
+
You have the limitation that you must have at least one core per guest thread, otherwise pthread_create fails. For example:
+
+
+
+
./run --cpus 1 --emulator gem5 --static --userland userland/posix/pthread_self.c --userland-args 1
+
+
+
+
fails because that process has a total of 2 threads: one for main and one extra thread spawned: userland/posix/pthread_self.c The error message is:
+
+
+
+
pthread_create: Resource temporarily unavailable
+
+
+
+
It works however if we add on extra CPU:
+
+
+
+
./run --cpus 2 --emulator gem5 --static --userland userland/posix/pthread_self.c --userland-args 1
+
+
+
+
This has to do with the fact that gem5 has a more simplistic thread implementation that does not spawn one host thread per guest thread CPU. Maybe this is required to achieve reproducible runs? What is the task switch algorithm then?
+
+
+
gem5 threading does however show the expected number of cores, e.g.:
+
+
+
+
./run --cpus 1 --userland userland/cpp/thread_hardware_concurrency.cpp --emulator gem5 --static
+./run --cpus 2 --userland userland/cpp/thread_hardware_concurrency.cpp --emulator gem5 --static
+
+
+
+
outputs 1 and 2 respectively.
+
+
+
TODO: aarch64 seems to failing to spawn more than 2 threads at 369a47fc6e5c2f4a7f911c1c058b6088f8824463 + 1:
+
+
+
+
./run --arch aarch64 --cpus 3 --emulator gem5 --static --userland userland/posix/pthread_self.c --userland-args 2
+
+
+
+
+
+
Exiting @ tick 18446744073709551615 because simulate() limit reached
+
+
+
+
@@ -16913,7 +17079,7 @@ getconf _NPROCESSORS_CONF
Table 2. gem5 cache support in function of CPU type
@@ -17184,7 +17350,7 @@ m5 dumpstats
@@ -17277,10 +17443,10 @@ xdg-open bst_vs_heap_vs_hashmap_gem5.tmp.png
TODO: the gem5 simulation blows up on a tcmalloc allocation somewhere near 25k elements as of 3fdd83c2c58327d9714fa2347c724b78d7c05e2b + 1, likely linked to the extreme inefficiency of the stats collection?
-
The cache sizes were chosen to match the host P51 to improve the comparison. Ideally we sould also use the same standard library.
+
The cache sizes were chosen to match the host P51 to improve the comparison. Ideally we should also use the same standard library.
Sources:
@@ -17571,7 +17737,7 @@ parsecmgmt -a run -p splash2x.fmm -i test
-
If you want to remove PARSEC later, Buildroot doesn’t provide an automated package removal mechanism: Remove Buildroot packages, but the following procedure should be satisfactory:
+
If you want to remove PARSEC later, Buildroot doesn’t provide an automated package removal mechanism as mentioned at: Section 19.6, “Remove Buildroot packages”, but the following procedure should be satisfactory:
@@ -17706,13 +17872,13 @@ git clean -xdf .
When you want to break, just do a Ctrl-C on GDB shell, and then continue.
@@ -18547,10 +18713,10 @@ git -C "$(./getvar linux_source_dir)" checkout -
@@ -18918,7 +19084,42 @@ clock=500
-
+
+
+
In order to use different build options, you might also want to use gem5 build variants to keep the build outputs separate from one another.
+
+
+
+
+
The gem5.debug executable has optimizations turned off unlike the default gem5.opt, and provides a much better debug experience:
+
+
+
+
./build-gem5 --arch aarch64 --gem5-build-type debug
+./run --arch aarch64 --debug-vm --emulator gem5 --gem5-build-type debug
+
+
+
+
The build outputs are automatically stored in a different directory from other build types such as .opt build, which prevents .debug files from overwriting .opt ones.
+
+
+
Therefore, --gem5-build-id is not required.
+
+
+
The price to pay for debuggability is high however: a Linux kernel boot was about 14 times slower than opt at 71e927e63bda6507d5a528f22c78d65099bdf36f between the commands:
+
+
+
+
./run --arch aarch64 --eval 'm5 exit' --emulator gem5 --linux-build-id v4.16
+./run --arch aarch64 --eval 'm5 exit' --emulator gem5 --linux-build-id v4.16 --gem5-build-type debug
+
+
+
+
+
+
TODO test properly, benchmark vs GCC.
@@ -18930,6 +19131,69 @@ clock=500
+
+
+
+
If there gem5 appears to have a C++ undefined behaviour bug, which is often very difficult to track down, you can try to build it with the following extra SCons options:
+
+
+
+
./build-gem5 --gem5-build-id san --verbose -- --with-ubsan --without-tcmalloc
+
+
+
+
This will make GCC do a lot of extra sanitation checks at compile and run time.
+
+
+
As a result, the build and runtime will be way slower than normal, but that still might be the fastest way to solve undefined behaviour problems.
+
+
+
Ideally, we should also be able to run it with asan with --with-asan, but if we try then the build fails at gem5 16eeee5356585441a49d05c78abc328ef09f7ace (with two ubsan trivial fixes I’ll push soon):
+
+
+
+
=================================================================
+==9621==ERROR: LeakSanitizer: detected memory leaks
+
+Direct leak of 371712 byte(s) in 107 object(s) allocated from:
+ #0 0x7ff039804448 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x10c448)
+ #1 0x7ff03950d065 in dictresize ../Objects/dictobject.c:643
+
+Direct leak of 23728 byte(s) in 26 object(s) allocated from:
+ #0 0x7ff039804448 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x10c448)
+ #1 0x7ff03945e40d in _PyObject_GC_Malloc ../Modules/gcmodule.c:1499
+ #2 0x7ff03945e40d in _PyObject_GC_Malloc ../Modules/gcmodule.c:1493
+
+Direct leak of 2928 byte(s) in 43 object(s) allocated from:
+ #0 0x7ff03980487e in __interceptor_realloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x10c87e)
+ #1 0x7ff03951d763 in list_resize ../Objects/listobject.c:62
+ #2 0x7ff03951d763 in app1 ../Objects/listobject.c:277
+ #3 0x7ff03951d763 in PyList_Append ../Objects/listobject.c:289
+
+Direct leak of 2002 byte(s) in 3 object(s) allocated from:
+ #0 0x7ff039804448 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x10c448)
+ #1 0x7ff0394fd813 in PyString_FromStringAndSize ../Objects/stringobject.c:88
+ #2 0x7ff0394fd813 in PyString_FromStringAndSize ../Objects/stringobject.c:57 Direct leak of 40 byte(s) in 2 object(s) allocated from: #0 0x7ff039804448 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x10c448)
+ #1 0x7ff03951ea4b in PyList_New ../Objects/listobject.c:152
+
+Indirect leak of 10384 byte(s) in 11 object(s) allocated from: #0 0x7ff039804448 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x10c448) #1 0x7ff03945e40d in _PyObject_GC_Malloc ../Modules/gcmodule.c:1499 #2 0x7ff03945e40d in _PyObject_GC_Malloc ../Modules/gcmodule.c:1493
+
+Indirect leak of 4089 byte(s) in 6 object(s) allocated from:
+ #0 0x7ff039804448 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x10c448)
+ #1 0x7ff0394fd648 in PyString_FromString ../Objects/stringobject.c:143
+
+Indirect leak of 2090 byte(s) in 3 object(s) allocated from:
+ #0 0x7ff039804448 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x10c448) #1 0x7ff0394eb36f in type_new ../Objects/typeobject.c:2421 #2 0x7ff0394eb36f in type_new ../Objects/typeobject.c:2094
+Indirect leak of 1346 byte(s) in 2 object(s) allocated from:
+ #0 0x7ff039804448 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x10c448)
+ #1 0x7ff0394fd813 in PyString_FromStringAndSize ../Objects/stringobject.c:88 #2 0x7ff0394fd813 in PyString_FromStringAndSize ../Objects/stringobject.c:57 SUMMARY: AddressSanitizer: 418319 byte(s) leaked in 203 allocation(s).
+
+
+
+
From the message, this appears however to be a Python / pyenv11 bug however and not in gem5 specifically. I think it worked when I tried it in the past in an older gem5 / Ubuntu.
+
+
@@ -18949,7 +19213,7 @@ clock=500
Linux kernel
-
-
C standard library: Buildroot supports several implementations, see: libc choice
+C standard library: Buildroot supports several implementations, see: Section 19.10, “libc choice”
-
BusyBox: provides the shell and basic command line utilities
@@ -19032,7 +19296,7 @@ qemu-system-aarch64 -M virt -cpu cortex-a57 -nographic -smp 1 -kernel output/ima
The clean is necessary because the source files didn’t change, so make would just check the timestamps and not build anything.
@@ -19067,7 +19331,7 @@ qemu-system-aarch64 -M virt -cpu cortex-a57 -nographic -smp 1 -kernel output/ima
-
-
if you already have a full -O0 build, you can choose to rebuild just your package of interest to save some time as described at: Custom Buildroot configs
+if you already have a full -O0 build, you can choose to rebuild just your package of interest to save some time as described at: Section 19.2, “Custom Buildroot configs”
./build-buildroot \
@@ -19086,7 +19350,7 @@ qemu-system-aarch64 -M virt -cpu cortex-a57 -nographic -smp 1 -kernel output/ima
Maybe you can get away with rebuilding libc, but I’m not sure that it will work properly.
-
@@ -19199,7 +19463,7 @@ make menuconfig
if you have a standalone C file with no dependencies besides the C standard library to be compiled with GCC, just add a new file under buildroot_packages/sample_package and you are done
-
-
if you have a dependency on a library, first check if Buildroot doesn’t have a package for it already with ls buildroot/package. If yes, just enable that package as explained at: Custom Buildroot configs
+if you have a dependency on a library, first check if Buildroot doesn’t have a package for it already with ls buildroot/package. If yes, just enable that package as explained at: Section 19.2, “Custom Buildroot configs”
@@ -19207,7 +19471,7 @@ make menuconfig
If none of those methods are flexible enough for you, you can just fork or hack up buildroot_packages/sample_package the sample package to do what you want.
@@ -19392,7 +19656,7 @@ git -C "$(./getvar qemu_source_dir)" checkout -
Then, you will also want to do a Bisection to pinpoint the exact commit to blame, and CC that developer.
For Buildroot problems, you should wither provide the config you have:
@@ -19451,7 +19715,7 @@ git -C "$(./getvar qemu_source_dir)" checkout -
-
One "downside" of glibc is that it exercises much more kernel functionality on its more bloated pre-main init, which breaks user mode C hello worlds more often, see: User mode simulation with glibc. I quote "downside" because glibc is actually exposing emulator bugs which we should actually go and fix.
+
One "downside" of glibc is that it exercises much more kernel functionality on its more bloated pre-main init, which breaks user mode C hello worlds more often, see: Section 10.4, “User mode simulation with glibc”. I quote "downside" because glibc is actually exposing emulator bugs which we should actually go and fix.
This section contains userland content, such as C, C++ and POSIX examples.
-
Userland assembly content is located at: Userland assembly. It was split from this section basically becase we were hitting the HTML h6 limit, stupid web :-)
+
Userland assembly content is located at: Section 21, “Userland assembly”. It was split from this section basically because we were hitting the HTML h6 limit, stupid web :-)
This content makes up the bulk of the userland/ directory.
This section was originally moved in here from: https://github.com/cirosantilli/cpp-cheat
@@ -19654,7 +19918,20 @@ git -C "$(./getvar qemu_source_dir)" checkout -
-
+
Like for C, you have to pay for the standards… insane. So we just use the closest free drafts instead.
@@ -19688,7 +19965,7 @@ git -C "$(./getvar qemu_source_dir)" checkout -
Programs under userland/posix/ are examples of POSIX C programming.
-
What is POSIX:
+
These links provide a clear overview of what POSIX is:
@@ -19701,7 +19978,36 @@ git -C "$(./getvar qemu_source_dir)" checkout -
+
+
+
+
POSIX' multithreading API. This was for a looong time the only "portable" multithreading alternative, until C++11 finally added threads, thus also extending the portability to Windows.
+
+
+
+
+
@@ -19742,9 +20048,23 @@ git -C "$(./getvar qemu_source_dir)" checkout -
-
-
<cpp-multithreading>
+language topics:
+
+
+-
+
ISA topics:
+
+
+-
+
emulator topics:
+
+
+
+
@@ -19788,7 +20124,7 @@ git -C "$(./getvar qemu_source_dir)" checkout -
As a quick reminder, the fastest setups to get started are:
@@ -19804,7 +20140,7 @@ git -C "$(./getvar qemu_source_dir)" checkout -
The first examples you should look into are:
@@ -19857,7 +20193,7 @@ git -C "$(./getvar qemu_source_dir)" checkout -
-
-
registers: Assembly registers
+registers, see: Section 21.1, “Assembly registers”
-
jumping:
@@ -20007,7 +20343,7 @@ error: asm_main returned 1 at line 8
-
-
x86: x86 registers
+x86, see: Section 22.1, “x86 registers”
-
arm
@@ -20262,7 +20598,7 @@ When instructions do not interpret this operand encoding as the zero register, u
@@ -20315,13 +20651,13 @@ When instructions do not interpret this operand encoding as the zero register, u
One big difference between both is that we can run userland assembly on Userland setup, which is easier to get running and debug.
Userland assembly is generally simpler, and a pre-requisite for Baremetal setup.
@@ -20363,7 +20699,7 @@ When instructions do not interpret this operand encoding as the zero register, u
Unlike most our other assembly examples, which use the C standard library for portability, examples under freestanding/ directories don’t link to the C standard library.
-
As a result, those examples cannot do IO portably, and so they make raw system calls and only be run on one given OS, e.g. Linux: Linux system calls.
+
As a result, those examples cannot do IO portably, and so they make raw system calls and only be run on one given OS, e.g. Linux system calls.