[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
** Changed in: qemu (Ubuntu)
Milestone: None => ubuntu-26.04
** Changed in: qemu (Ubuntu)
Assignee: Heinrich Schuchardt (xypron) => (unassigned)
** Changed in: qemu (Ubuntu)
Importance: Medium => High
** Also affects: qemu (Ubuntu Questing)
Importance: Undecided
Status: New
** Also affects: qemu (Ubuntu Resolute)
Importance: High
Status: Confirmed
** Summary changed:
- Illegal instruction in memset under qemu-user for riscv64
+ [SRU] RISC-V vector state not restored by signal handler
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/2133188
Title:
[SRU] RISC-V vector state not restored by signal handler
Status in QEMU:
New
Status in qemu package in Ubuntu:
Confirmed
Status in qemu source package in Noble:
New
Status in qemu source package in Plucky:
New
Status in qemu source package in Questing:
New
Status in qemu source package in Resolute:
Confirmed
Bug description:
# Title
qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset
(vse64.v) when running cmake in riscv64 container (Ubuntu 26.04)
## Summary
While running cmake (and other build steps) inside a linux/riscv64 Ubuntu
26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static)
registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction
(core dumped)" or "died with signal 4". The illegal instruction is observed
inside glibc's memset implementation at an instruction that uses RISC-V vector
extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using
a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb /
enabling QEMU_STRACE significantly reduces or eliminates the failure, which
strongly suggests a qemu-user/emulation bug (vector handling / code generation
/ state corruption), not a cmake bug.
## Affects
- qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu
10.1.0+ds-5ubuntu3)
- Running in Docker container for riscv64 on x86_64 host via binfmt_misc
qemu-user static interpreter
## Environment / Context
- Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64)
- Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10)
- Container image: ubuntu:26.04 for riscv64
- qemu package used:
- downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1,
qemu-user_10.0.6+ds-0+deb13u2).
- copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host
and registered via /proc/sys/fs/binfmt_misc/register
- CMake version used inside container (bootstrap/build may use
system-provided cmake binary): cmake 3.x (bootstrapping cmake while building
also triggers crash)
- Reproduction frequency: intermittent, ~50% (can get large variance: several
consecutive successes or failures)
- Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) —
almost completely avoids crash; running under gdb or enabling QEMU_STRACE also
makes it much harder to reproduce.
## Full reproduction steps
1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary:
wget
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
qemu-user_10.1.0+ds-5ubuntu3_amd64
sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64
/usr/bin/qemu-riscv64-static
2. Register qemu-riscv64 with binfmt_misc:
echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64
echo
':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF'
>/proc/sys/fs/binfmt_misc/register
3. Start riscv64 ubuntu container:
docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash
docker exec -it ubuntu26 bash -i
4. Inside container:
apt update
apt install -y build-essential cmake
5. Reproducer 1:
cmake --system-information
-> Often fails with:
bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device
Illegal instruction (core dumped)
6. Reproducer 2 (minimal C project):
Create test_cmake/CMakeLists.txt:
cmake_minimum_required(VERSION 3.10)
project(HelloCMake C)
add_executable(hello main.c)
Create test_cmake/main.c:
#include
int main() {
printf("Hello, CMake!\n");
return 0;
}
cd test_cmake
cmake .
-> Crash with:
-- Detecting C compiler ABI info
bash: line 1: 8489 Illegal instruction(core dumped) cmake .
7. Reproducer 3 (rebuild cmake from source inside container):
apt source cmake
cd cmake
apt-get build-dep .
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
The patch series is also available at https://lore.kernel.org/qemu-riscv/[email protected]/ -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/2133188 Title: Illegal instruction in memset under qemu-user for riscv64 Status in QEMU: New Status in qemu package in Ubuntu: Confirmed Bug description: # Title qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset (vse64.v) when running cmake in riscv64 container (Ubuntu 26.04) ## Summary While running cmake (and other build steps) inside a linux/riscv64 Ubuntu 26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static) registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction (core dumped)" or "died with signal 4". The illegal instruction is observed inside glibc's memset implementation at an instruction that uses RISC-V vector extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb / enabling QEMU_STRACE significantly reduces or eliminates the failure, which strongly suggests a qemu-user/emulation bug (vector handling / code generation / state corruption), not a cmake bug. ## Affects - qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu 10.1.0+ds-5ubuntu3) - Running in Docker container for riscv64 on x86_64 host via binfmt_misc qemu-user static interpreter ## Environment / Context - Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64) - Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10) - Container image: ubuntu:26.04 for riscv64 - qemu package used: - downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1, qemu-user_10.0.6+ds-0+deb13u2). - copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host and registered via /proc/sys/fs/binfmt_misc/register - CMake version used inside container (bootstrap/build may use system-provided cmake binary): cmake 3.x (bootstrapping cmake while building also triggers crash) - Reproduction frequency: intermittent, ~50% (can get large variance: several consecutive successes or failures) - Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) — almost completely avoids crash; running under gdb or enabling QEMU_STRACE also makes it much harder to reproduce. ## Full reproduction steps 1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary: wget https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb qemu-user_10.1.0+ds-5ubuntu3_amd64 sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64 /usr/bin/qemu-riscv64-static 2. Register qemu-riscv64 with binfmt_misc: echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64 echo ':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF' >/proc/sys/fs/binfmt_misc/register 3. Start riscv64 ubuntu container: docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash docker exec -it ubuntu26 bash -i 4. Inside container: apt update apt install -y build-essential cmake 5. Reproducer 1: cmake --system-information -> Often fails with: bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device Illegal instruction (core dumped) 6. Reproducer 2 (minimal C project): Create test_cmake/CMakeLists.txt: cmake_minimum_required(VERSION 3.10) project(HelloCMake C) add_executable(hello main.c) Create test_cmake/main.c: #include int main() { printf("Hello, CMake!\n"); return 0; } cd test_cmake cmake . -> Crash with: -- Detecting C compiler ABI info bash: line 1: 8489 Illegal instruction(core dumped) cmake . 7. Reproducer 3 (rebuild cmake from source inside container): apt source cmake cd cmake apt-get build-dep . dpkg-buildpackage -us -uc -b -> Bootstrapping error: Illegal instruction (core dumped) Error when bootstrapping CMake: Problem while running initial CMake 8. Observed crash location (from gdb/QEMU_STRACE when available): - Illegal instruction is in memset@@GLIBC_2.27+0x52 - Faulting instruction: vse64.v v1,(a5)(RISC-V vector store of 64-bit elements) ## Workarounds - LD_PRELOAD a scalar-only memset library (libnovecmem.so) to avoid glibc using vectorized memset. - Run the failing process under gdb (slower) or enable QEMU_STRACE=1 — both make th
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
qianqiu wrote on Gitlab:
This patch (https://lists.nongnu.org/archive/html/qemu-
riscv/2025-09/msg00096.html) has been verified to solve my problem.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/2133188
Title:
Illegal instruction in memset under qemu-user for riscv64
Status in QEMU:
New
Status in qemu package in Ubuntu:
Confirmed
Bug description:
# Title
qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset
(vse64.v) when running cmake in riscv64 container (Ubuntu 26.04)
## Summary
While running cmake (and other build steps) inside a linux/riscv64 Ubuntu
26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static)
registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction
(core dumped)" or "died with signal 4". The illegal instruction is observed
inside glibc's memset implementation at an instruction that uses RISC-V vector
extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using
a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb /
enabling QEMU_STRACE significantly reduces or eliminates the failure, which
strongly suggests a qemu-user/emulation bug (vector handling / code generation
/ state corruption), not a cmake bug.
## Affects
- qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu
10.1.0+ds-5ubuntu3)
- Running in Docker container for riscv64 on x86_64 host via binfmt_misc
qemu-user static interpreter
## Environment / Context
- Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64)
- Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10)
- Container image: ubuntu:26.04 for riscv64
- qemu package used:
- downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1,
qemu-user_10.0.6+ds-0+deb13u2).
- copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host
and registered via /proc/sys/fs/binfmt_misc/register
- CMake version used inside container (bootstrap/build may use
system-provided cmake binary): cmake 3.x (bootstrapping cmake while building
also triggers crash)
- Reproduction frequency: intermittent, ~50% (can get large variance: several
consecutive successes or failures)
- Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) —
almost completely avoids crash; running under gdb or enabling QEMU_STRACE also
makes it much harder to reproduce.
## Full reproduction steps
1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary:
wget
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
qemu-user_10.1.0+ds-5ubuntu3_amd64
sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64
/usr/bin/qemu-riscv64-static
2. Register qemu-riscv64 with binfmt_misc:
echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64
echo
':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF'
>/proc/sys/fs/binfmt_misc/register
3. Start riscv64 ubuntu container:
docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash
docker exec -it ubuntu26 bash -i
4. Inside container:
apt update
apt install -y build-essential cmake
5. Reproducer 1:
cmake --system-information
-> Often fails with:
bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device
Illegal instruction (core dumped)
6. Reproducer 2 (minimal C project):
Create test_cmake/CMakeLists.txt:
cmake_minimum_required(VERSION 3.10)
project(HelloCMake C)
add_executable(hello main.c)
Create test_cmake/main.c:
#include
int main() {
printf("Hello, CMake!\n");
return 0;
}
cd test_cmake
cmake .
-> Crash with:
-- Detecting C compiler ABI info
bash: line 1: 8489 Illegal instruction(core dumped) cmake .
7. Reproducer 3 (rebuild cmake from source inside container):
apt source cmake
cd cmake
apt-get build-dep .
dpkg-buildpackage -us -uc -b
-> Bootstrapping error:
Illegal instruction (core dumped)
Error when bootstrapping CMake:
Problem while running initial CMake
8. Observed crash location (from gdb/QEMU_STRACE when available):
- Illegal instruction is in memset@@GLIBC_2.27+0x52
- Faulting instruction: vse64.v v1,(a5)(RISC-V vector store of 64-bit
elements)
## Workarounds
- LD_PRELOAD a scalar-only memset library (libnovecmem.so) to avoid glibc
using vectorized memset.
- Run the failing process under gdb (slower) or en
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
The bug being caused by interrupts can explain why the error was only
observed sporadically.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/2133188
Title:
Illegal instruction in memset under qemu-user for riscv64
Status in QEMU:
New
Status in qemu package in Ubuntu:
Confirmed
Bug description:
# Title
qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset
(vse64.v) when running cmake in riscv64 container (Ubuntu 26.04)
## Summary
While running cmake (and other build steps) inside a linux/riscv64 Ubuntu
26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static)
registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction
(core dumped)" or "died with signal 4". The illegal instruction is observed
inside glibc's memset implementation at an instruction that uses RISC-V vector
extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using
a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb /
enabling QEMU_STRACE significantly reduces or eliminates the failure, which
strongly suggests a qemu-user/emulation bug (vector handling / code generation
/ state corruption), not a cmake bug.
## Affects
- qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu
10.1.0+ds-5ubuntu3)
- Running in Docker container for riscv64 on x86_64 host via binfmt_misc
qemu-user static interpreter
## Environment / Context
- Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64)
- Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10)
- Container image: ubuntu:26.04 for riscv64
- qemu package used:
- downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1,
qemu-user_10.0.6+ds-0+deb13u2).
- copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host
and registered via /proc/sys/fs/binfmt_misc/register
- CMake version used inside container (bootstrap/build may use
system-provided cmake binary): cmake 3.x (bootstrapping cmake while building
also triggers crash)
- Reproduction frequency: intermittent, ~50% (can get large variance: several
consecutive successes or failures)
- Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) —
almost completely avoids crash; running under gdb or enabling QEMU_STRACE also
makes it much harder to reproduce.
## Full reproduction steps
1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary:
wget
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
qemu-user_10.1.0+ds-5ubuntu3_amd64
sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64
/usr/bin/qemu-riscv64-static
2. Register qemu-riscv64 with binfmt_misc:
echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64
echo
':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF'
>/proc/sys/fs/binfmt_misc/register
3. Start riscv64 ubuntu container:
docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash
docker exec -it ubuntu26 bash -i
4. Inside container:
apt update
apt install -y build-essential cmake
5. Reproducer 1:
cmake --system-information
-> Often fails with:
bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device
Illegal instruction (core dumped)
6. Reproducer 2 (minimal C project):
Create test_cmake/CMakeLists.txt:
cmake_minimum_required(VERSION 3.10)
project(HelloCMake C)
add_executable(hello main.c)
Create test_cmake/main.c:
#include
int main() {
printf("Hello, CMake!\n");
return 0;
}
cd test_cmake
cmake .
-> Crash with:
-- Detecting C compiler ABI info
bash: line 1: 8489 Illegal instruction(core dumped) cmake .
7. Reproducer 3 (rebuild cmake from source inside container):
apt source cmake
cd cmake
apt-get build-dep .
dpkg-buildpackage -us -uc -b
-> Bootstrapping error:
Illegal instruction (core dumped)
Error when bootstrapping CMake:
Problem while running initial CMake
8. Observed crash location (from gdb/QEMU_STRACE when available):
- Illegal instruction is in memset@@GLIBC_2.27+0x52
- Faulting instruction: vse64.v v1,(a5)(RISC-V vector store of 64-bit
elements)
## Workarounds
- LD_PRELOAD a scalar-only memset library (libnovecmem.so) to avoid glibc
using vectorized memset.
- Run the failing process under gdb (slower) or enable QEMU_STRACE=1 — both
make the failure much less lik
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
setup_sigcontext() only saves integer and floating point registers and
misses out on vector registers and vector state CSRs.
Emulation of the aarch64 architecture saves vector registers in function
target_setup_fpsimd_record() when processing signals.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/2133188
Title:
Illegal instruction in memset under qemu-user for riscv64
Status in QEMU:
New
Status in qemu package in Ubuntu:
Confirmed
Bug description:
# Title
qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset
(vse64.v) when running cmake in riscv64 container (Ubuntu 26.04)
## Summary
While running cmake (and other build steps) inside a linux/riscv64 Ubuntu
26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static)
registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction
(core dumped)" or "died with signal 4". The illegal instruction is observed
inside glibc's memset implementation at an instruction that uses RISC-V vector
extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using
a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb /
enabling QEMU_STRACE significantly reduces or eliminates the failure, which
strongly suggests a qemu-user/emulation bug (vector handling / code generation
/ state corruption), not a cmake bug.
## Affects
- qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu
10.1.0+ds-5ubuntu3)
- Running in Docker container for riscv64 on x86_64 host via binfmt_misc
qemu-user static interpreter
## Environment / Context
- Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64)
- Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10)
- Container image: ubuntu:26.04 for riscv64
- qemu package used:
- downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1,
qemu-user_10.0.6+ds-0+deb13u2).
- copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host
and registered via /proc/sys/fs/binfmt_misc/register
- CMake version used inside container (bootstrap/build may use
system-provided cmake binary): cmake 3.x (bootstrapping cmake while building
also triggers crash)
- Reproduction frequency: intermittent, ~50% (can get large variance: several
consecutive successes or failures)
- Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) —
almost completely avoids crash; running under gdb or enabling QEMU_STRACE also
makes it much harder to reproduce.
## Full reproduction steps
1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary:
wget
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
qemu-user_10.1.0+ds-5ubuntu3_amd64
sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64
/usr/bin/qemu-riscv64-static
2. Register qemu-riscv64 with binfmt_misc:
echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64
echo
':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF'
>/proc/sys/fs/binfmt_misc/register
3. Start riscv64 ubuntu container:
docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash
docker exec -it ubuntu26 bash -i
4. Inside container:
apt update
apt install -y build-essential cmake
5. Reproducer 1:
cmake --system-information
-> Often fails with:
bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device
Illegal instruction (core dumped)
6. Reproducer 2 (minimal C project):
Create test_cmake/CMakeLists.txt:
cmake_minimum_required(VERSION 3.10)
project(HelloCMake C)
add_executable(hello main.c)
Create test_cmake/main.c:
#include
int main() {
printf("Hello, CMake!\n");
return 0;
}
cd test_cmake
cmake .
-> Crash with:
-- Detecting C compiler ABI info
bash: line 1: 8489 Illegal instruction(core dumped) cmake .
7. Reproducer 3 (rebuild cmake from source inside container):
apt source cmake
cd cmake
apt-get build-dep .
dpkg-buildpackage -us -uc -b
-> Bootstrapping error:
Illegal instruction (core dumped)
Error when bootstrapping CMake:
Problem while running initial CMake
8. Observed crash location (from gdb/QEMU_STRACE when available):
- Illegal instruction is in memset@@GLIBC_2.27+0x52
- Faulting instruction: vse64.v v1,(a5)(RISC-V vector store of 64-bit
elements)
## Workarounds
- LD_PRELOAD a scalar-only memset library (libnov
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
I have now been logging with -d exec. The error seems always to occur after __vdso_rt_sigreturn Trace 0: 0x7856cd9ff840 [003411ef/7856cc13d868/020ea078/]· Trace 0: 0x7856ccf63640 [003411ef/7856cc0ebc72/020ea078/]· Trace 0: 0x7856ccf63a80 [003411ef/7856cc0ebc62/020ea078/]· Trace 0: 0x7856ccf63b80 [003411ef/7856cc0ebc7e/020ea078/]· Trace 0: 0x7856cda00300 [003411ef/7856d4e37a4c/020ea078/]· Trace 0: 0x7856cda007c0 [003411ef/7856d5dc46cc/020ea078/] __vdso_rt_sigreturn riscv_tr_init_disas_context: pc: 0x7856cc10095a, ctx->sew set to 0 vext_check_store: pc: 0x7856cc10095a eew = 3, s->sew = 0, s->lmul = 0 emul = 3 : emul >= -3 && emul <= 3 = 1 require_align(vd = 1, emul = 3) = 0 require_nf(vd = 1, nf = 1, emul = 3) = 1 IN:· 0x7856cc10095a: 0207f0a7 vse64.v v1,(a5) OUT: [size=64] -- guest addr 0x7856cc10095a + tb prologue 0x7856ce1bc400:·· OBJD-H: 8b5df085db0f8c2900c645f401c7857013a7f00702488d1d3a45f4fd OBJD-H: 48899d3012be0200488bfde86cad7207488d0508ffe9d83bc4fe Trace 0: 0x7856ce1bc400 [003411ef/7856cc10095a/020ea078/]· -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/2133188 Title: Illegal instruction in memset under qemu-user for riscv64 Status in QEMU: New Status in qemu package in Ubuntu: Confirmed Bug description: # Title qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset (vse64.v) when running cmake in riscv64 container (Ubuntu 26.04) ## Summary While running cmake (and other build steps) inside a linux/riscv64 Ubuntu 26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static) registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction (core dumped)" or "died with signal 4". The illegal instruction is observed inside glibc's memset implementation at an instruction that uses RISC-V vector extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb / enabling QEMU_STRACE significantly reduces or eliminates the failure, which strongly suggests a qemu-user/emulation bug (vector handling / code generation / state corruption), not a cmake bug. ## Affects - qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu 10.1.0+ds-5ubuntu3) - Running in Docker container for riscv64 on x86_64 host via binfmt_misc qemu-user static interpreter ## Environment / Context - Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64) - Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10) - Container image: ubuntu:26.04 for riscv64 - qemu package used: - downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1, qemu-user_10.0.6+ds-0+deb13u2). - copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host and registered via /proc/sys/fs/binfmt_misc/register - CMake version used inside container (bootstrap/build may use system-provided cmake binary): cmake 3.x (bootstrapping cmake while building also triggers crash) - Reproduction frequency: intermittent, ~50% (can get large variance: several consecutive successes or failures) - Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) — almost completely avoids crash; running under gdb or enabling QEMU_STRACE also makes it much harder to reproduce. ## Full reproduction steps 1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary: wget https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb qemu-user_10.1.0+ds-5ubuntu3_amd64 sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64 /usr/bin/qemu-riscv64-static 2. Register qemu-riscv64 with binfmt_misc: echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64 echo ':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF' >/proc/sys/fs/binfmt_misc/register 3. Start riscv64 ubuntu container: docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash docker exec -it ubuntu26 bash -i 4. Inside container: apt update apt install -y build-essential cmake 5. Reproducer 1: cmake --system-information -> Often fails with: bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device Illegal instruction (core dumped) 6. Reproducer 2 (minimal C project): Create test_cmake/CMakeLists.txt: cmake_minimum_required(VERSION 3.10) project(H
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
The failure is cause in QEMU function vext_check_store() function
require_align() is invoked.
For the failing instruction the following test is not passed:
/*
* Vector register should aligned with the passed-in LMUL (EMUL).
* If LMUL < 0, i.e. fractional LMUL, any vector register is allowed.
*/
static bool require_align(const int8_t val, const int8_t lmul)
{
return lmul <= 0 || extract32(val, 0, lmul) == 0;
}
I added some debug output for function vext_check_store():
eew = 3 but s->seq = 0.
eew = 3, s->sew = 0, s->lmul = 0
emul = 3 : emul >= -3 && emul <= 3 = 1
require_align(vd = 1, emul = 3) = 0
require_nf(vd = 1, nf = 1, emul = 3) = 1
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/2133188
Title:
Illegal instruction in memset under qemu-user for riscv64
Status in QEMU:
New
Status in qemu package in Ubuntu:
Confirmed
Bug description:
# Title
qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset
(vse64.v) when running cmake in riscv64 container (Ubuntu 26.04)
## Summary
While running cmake (and other build steps) inside a linux/riscv64 Ubuntu
26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static)
registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction
(core dumped)" or "died with signal 4". The illegal instruction is observed
inside glibc's memset implementation at an instruction that uses RISC-V vector
extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using
a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb /
enabling QEMU_STRACE significantly reduces or eliminates the failure, which
strongly suggests a qemu-user/emulation bug (vector handling / code generation
/ state corruption), not a cmake bug.
## Affects
- qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu
10.1.0+ds-5ubuntu3)
- Running in Docker container for riscv64 on x86_64 host via binfmt_misc
qemu-user static interpreter
## Environment / Context
- Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64)
- Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10)
- Container image: ubuntu:26.04 for riscv64
- qemu package used:
- downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1,
qemu-user_10.0.6+ds-0+deb13u2).
- copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host
and registered via /proc/sys/fs/binfmt_misc/register
- CMake version used inside container (bootstrap/build may use
system-provided cmake binary): cmake 3.x (bootstrapping cmake while building
also triggers crash)
- Reproduction frequency: intermittent, ~50% (can get large variance: several
consecutive successes or failures)
- Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) —
almost completely avoids crash; running under gdb or enabling QEMU_STRACE also
makes it much harder to reproduce.
## Full reproduction steps
1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary:
wget
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
qemu-user_10.1.0+ds-5ubuntu3_amd64
sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64
/usr/bin/qemu-riscv64-static
2. Register qemu-riscv64 with binfmt_misc:
echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64
echo
':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF'
>/proc/sys/fs/binfmt_misc/register
3. Start riscv64 ubuntu container:
docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash
docker exec -it ubuntu26 bash -i
4. Inside container:
apt update
apt install -y build-essential cmake
5. Reproducer 1:
cmake --system-information
-> Often fails with:
bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device
Illegal instruction (core dumped)
6. Reproducer 2 (minimal C project):
Create test_cmake/CMakeLists.txt:
cmake_minimum_required(VERSION 3.10)
project(HelloCMake C)
add_executable(hello main.c)
Create test_cmake/main.c:
#include
int main() {
printf("Hello, CMake!\n");
return 0;
}
cd test_cmake
cmake .
-> Crash with:
-- Detecting C compiler ABI info
bash: line 1: 8489 Illegal instruction(core dumped) cmake .
7. Reproducer 3 (rebuild cmake from source inside container):
apt source cmake
cd cmake
apt-get build-dep .
dpkg-buildpackage -us -uc -b
-> Bootstrapping error:
I
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
The error can be reproduced outside of Docker:
$ /usr/bin/qemu-riscv64 -L chroot -trace "*,file=trace.out"
chroot/usr/bin/cmake --system-information
Illegal instruction(core dumped) /usr/bin/qemu-riscv64 -L chroot -trace
file=trace.out chroot/usr/bin/cmake --system-information
The trace file ends with
...
qemu_mutex_locked taken mutex 0x565d9ac0 (tcg/region.c:228)
qemu_mutex_unlock released mutex 0x565d9ac0 (tcg/region.c:230)
exec_tb tb:0x7726d1ee9340 pc=0x7726cf50095a
riscv_exception 2 (illegal_instruction) on epc 0x7726cf50095a
qemu_mutex_lock waiting on mutex 0x565da718 (cpu-common.c:352)
qemu_mutex_locked taken mutex 0x565da718 (cpu-common.c:352)
qemu_mutex_unlock released mutex 0x565da718 (cpu-common.c:354)
user_queue_signal env=0x565dd100 signal 4
user_handle_signal env=0x565dd100 signal 4
user_dump_core_and_abort env=0x565dd100 signal 4 (host 4)
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/2133188
Title:
Illegal instruction in memset under qemu-user for riscv64
Status in QEMU:
New
Status in qemu package in Ubuntu:
Confirmed
Bug description:
# Title
qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset
(vse64.v) when running cmake in riscv64 container (Ubuntu 26.04)
## Summary
While running cmake (and other build steps) inside a linux/riscv64 Ubuntu
26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static)
registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction
(core dumped)" or "died with signal 4". The illegal instruction is observed
inside glibc's memset implementation at an instruction that uses RISC-V vector
extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using
a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb /
enabling QEMU_STRACE significantly reduces or eliminates the failure, which
strongly suggests a qemu-user/emulation bug (vector handling / code generation
/ state corruption), not a cmake bug.
## Affects
- qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu
10.1.0+ds-5ubuntu3)
- Running in Docker container for riscv64 on x86_64 host via binfmt_misc
qemu-user static interpreter
## Environment / Context
- Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64)
- Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10)
- Container image: ubuntu:26.04 for riscv64
- qemu package used:
- downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1,
qemu-user_10.0.6+ds-0+deb13u2).
- copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host
and registered via /proc/sys/fs/binfmt_misc/register
- CMake version used inside container (bootstrap/build may use
system-provided cmake binary): cmake 3.x (bootstrapping cmake while building
also triggers crash)
- Reproduction frequency: intermittent, ~50% (can get large variance: several
consecutive successes or failures)
- Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) —
almost completely avoids crash; running under gdb or enabling QEMU_STRACE also
makes it much harder to reproduce.
## Full reproduction steps
1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary:
wget
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
qemu-user_10.1.0+ds-5ubuntu3_amd64
sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64
/usr/bin/qemu-riscv64-static
2. Register qemu-riscv64 with binfmt_misc:
echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64
echo
':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF'
>/proc/sys/fs/binfmt_misc/register
3. Start riscv64 ubuntu container:
docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash
docker exec -it ubuntu26 bash -i
4. Inside container:
apt update
apt install -y build-essential cmake
5. Reproducer 1:
cmake --system-information
-> Often fails with:
bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device
Illegal instruction (core dumped)
6. Reproducer 2 (minimal C project):
Create test_cmake/CMakeLists.txt:
cmake_minimum_required(VERSION 3.10)
project(HelloCMake C)
add_executable(hello main.c)
Create test_cmake/main.c:
#include
int main() {
printf("Hello, CMake!\n");
return 0;
}
cd test_cmake
cmake .
-> Crash with:
-- Detecting C compiler ABI info
bash: line 1:
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
I can reproduce the issue with cmake and see the debugger indicating the
illegal instruction occurs in cmake when trying to memset() an 8 aligned
buffer.
The following also does a memset() on an 8 aligned buffer but does not
crash:
#include
#include
#include
#include
#define OFFSET 0x8
int main(void) {
printf("Starting test\n");
size_t alignment = 128;
size_t size = 1024;
char *ptr = NULL;
char *new_ptr;
ptr = aligned_alloc(alignment, size);
if (ptr == NULL) {
fprintf(stderr, "Memory allocation failed\n");
return EXIT_FAILURE;
}
new_ptr = ptr + OFFSET;
memset(new_ptr, 0xff, size - OFFSET);
free(ptr);
return EXIT_SUCCESS;
}
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/2133188
Title:
Illegal instruction in memset under qemu-user for riscv64
Status in QEMU:
New
Status in qemu package in Ubuntu:
Confirmed
Bug description:
# Title
qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset
(vse64.v) when running cmake in riscv64 container (Ubuntu 26.04)
## Summary
While running cmake (and other build steps) inside a linux/riscv64 Ubuntu
26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static)
registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction
(core dumped)" or "died with signal 4". The illegal instruction is observed
inside glibc's memset implementation at an instruction that uses RISC-V vector
extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using
a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb /
enabling QEMU_STRACE significantly reduces or eliminates the failure, which
strongly suggests a qemu-user/emulation bug (vector handling / code generation
/ state corruption), not a cmake bug.
## Affects
- qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu
10.1.0+ds-5ubuntu3)
- Running in Docker container for riscv64 on x86_64 host via binfmt_misc
qemu-user static interpreter
## Environment / Context
- Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64)
- Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10)
- Container image: ubuntu:26.04 for riscv64
- qemu package used:
- downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1,
qemu-user_10.0.6+ds-0+deb13u2).
- copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host
and registered via /proc/sys/fs/binfmt_misc/register
- CMake version used inside container (bootstrap/build may use
system-provided cmake binary): cmake 3.x (bootstrapping cmake while building
also triggers crash)
- Reproduction frequency: intermittent, ~50% (can get large variance: several
consecutive successes or failures)
- Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) —
almost completely avoids crash; running under gdb or enabling QEMU_STRACE also
makes it much harder to reproduce.
## Full reproduction steps
1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary:
wget
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
qemu-user_10.1.0+ds-5ubuntu3_amd64
sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64
/usr/bin/qemu-riscv64-static
2. Register qemu-riscv64 with binfmt_misc:
echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64
echo
':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF'
>/proc/sys/fs/binfmt_misc/register
3. Start riscv64 ubuntu container:
docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash
docker exec -it ubuntu26 bash -i
4. Inside container:
apt update
apt install -y build-essential cmake
5. Reproducer 1:
cmake --system-information
-> Often fails with:
bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device
Illegal instruction (core dumped)
6. Reproducer 2 (minimal C project):
Create test_cmake/CMakeLists.txt:
cmake_minimum_required(VERSION 3.10)
project(HelloCMake C)
add_executable(hello main.c)
Create test_cmake/main.c:
#include
int main() {
printf("Hello, CMake!\n");
return 0;
}
cd test_cmake
cmake .
-> Crash with:
-- Detecting C compiler ABI info
bash: line 1: 8489 Illegal instruction(core dumped) cmake .
7. Reproducer 3 (rebuild cmake from source inside container):
apt source cma
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
@qianqiu wrote in a mail:
Inside the RISC-V container:
QEMU_GDB=1 cmake --system-information
This launches your program with QEMU’s built-in GDB server listening on port
1.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/2133188
Title:
Illegal instruction in memset under qemu-user for riscv64
Status in QEMU:
New
Status in qemu package in Ubuntu:
Confirmed
Bug description:
# Title
qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset
(vse64.v) when running cmake in riscv64 container (Ubuntu 26.04)
## Summary
While running cmake (and other build steps) inside a linux/riscv64 Ubuntu
26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static)
registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction
(core dumped)" or "died with signal 4". The illegal instruction is observed
inside glibc's memset implementation at an instruction that uses RISC-V vector
extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using
a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb /
enabling QEMU_STRACE significantly reduces or eliminates the failure, which
strongly suggests a qemu-user/emulation bug (vector handling / code generation
/ state corruption), not a cmake bug.
## Affects
- qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu
10.1.0+ds-5ubuntu3)
- Running in Docker container for riscv64 on x86_64 host via binfmt_misc
qemu-user static interpreter
## Environment / Context
- Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64)
- Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10)
- Container image: ubuntu:26.04 for riscv64
- qemu package used:
- downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1,
qemu-user_10.0.6+ds-0+deb13u2).
- copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host
and registered via /proc/sys/fs/binfmt_misc/register
- CMake version used inside container (bootstrap/build may use
system-provided cmake binary): cmake 3.x (bootstrapping cmake while building
also triggers crash)
- Reproduction frequency: intermittent, ~50% (can get large variance: several
consecutive successes or failures)
- Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) —
almost completely avoids crash; running under gdb or enabling QEMU_STRACE also
makes it much harder to reproduce.
## Full reproduction steps
1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary:
wget
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
qemu-user_10.1.0+ds-5ubuntu3_amd64
sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64
/usr/bin/qemu-riscv64-static
2. Register qemu-riscv64 with binfmt_misc:
echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64
echo
':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF'
>/proc/sys/fs/binfmt_misc/register
3. Start riscv64 ubuntu container:
docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash
docker exec -it ubuntu26 bash -i
4. Inside container:
apt update
apt install -y build-essential cmake
5. Reproducer 1:
cmake --system-information
-> Often fails with:
bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device
Illegal instruction (core dumped)
6. Reproducer 2 (minimal C project):
Create test_cmake/CMakeLists.txt:
cmake_minimum_required(VERSION 3.10)
project(HelloCMake C)
add_executable(hello main.c)
Create test_cmake/main.c:
#include
int main() {
printf("Hello, CMake!\n");
return 0;
}
cd test_cmake
cmake .
-> Crash with:
-- Detecting C compiler ABI info
bash: line 1: 8489 Illegal instruction(core dumped) cmake .
7. Reproducer 3 (rebuild cmake from source inside container):
apt source cmake
cd cmake
apt-get build-dep .
dpkg-buildpackage -us -uc -b
-> Bootstrapping error:
Illegal instruction (core dumped)
Error when bootstrapping CMake:
Problem while running initial CMake
8. Observed crash location (from gdb/QEMU_STRACE when available):
- Illegal instruction is in memset@@GLIBC_2.27+0x52
- Faulting instruction: vse64.v v1,(a5)(RISC-V vector store of 64-bit
elements)
## Workarounds
- LD_PRELOAD a scalar-only memset library (libnovecmem.so) to avoid glibc
using vectorized memset.
- Run the failing
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
The root cause of the invalid instructions is that qemu-user does not correctly
handle saving and restoring the vector context when switching signal stack
frames. Although community patches addressing this issue exist, they remain
unmerged. Details can be found here:
https://lists.nongnu.org/archive/html/qemu-riscv/2025-09/msg00096.html
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/2133188
Title:
Illegal instruction in memset under qemu-user for riscv64
Status in QEMU:
New
Status in qemu package in Ubuntu:
Confirmed
Bug description:
# Title
qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset
(vse64.v) when running cmake in riscv64 container (Ubuntu 26.04)
## Summary
While running cmake (and other build steps) inside a linux/riscv64 Ubuntu
26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static)
registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction
(core dumped)" or "died with signal 4". The illegal instruction is observed
inside glibc's memset implementation at an instruction that uses RISC-V vector
extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using
a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb /
enabling QEMU_STRACE significantly reduces or eliminates the failure, which
strongly suggests a qemu-user/emulation bug (vector handling / code generation
/ state corruption), not a cmake bug.
## Affects
- qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu
10.1.0+ds-5ubuntu3)
- Running in Docker container for riscv64 on x86_64 host via binfmt_misc
qemu-user static interpreter
## Environment / Context
- Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64)
- Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10)
- Container image: ubuntu:26.04 for riscv64
- qemu package used:
- downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1,
qemu-user_10.0.6+ds-0+deb13u2).
- copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host
and registered via /proc/sys/fs/binfmt_misc/register
- CMake version used inside container (bootstrap/build may use
system-provided cmake binary): cmake 3.x (bootstrapping cmake while building
also triggers crash)
- Reproduction frequency: intermittent, ~50% (can get large variance: several
consecutive successes or failures)
- Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) —
almost completely avoids crash; running under gdb or enabling QEMU_STRACE also
makes it much harder to reproduce.
## Full reproduction steps
1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary:
wget
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
qemu-user_10.1.0+ds-5ubuntu3_amd64
sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64
/usr/bin/qemu-riscv64-static
2. Register qemu-riscv64 with binfmt_misc:
echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64
echo
':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF'
>/proc/sys/fs/binfmt_misc/register
3. Start riscv64 ubuntu container:
docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash
docker exec -it ubuntu26 bash -i
4. Inside container:
apt update
apt install -y build-essential cmake
5. Reproducer 1:
cmake --system-information
-> Often fails with:
bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device
Illegal instruction (core dumped)
6. Reproducer 2 (minimal C project):
Create test_cmake/CMakeLists.txt:
cmake_minimum_required(VERSION 3.10)
project(HelloCMake C)
add_executable(hello main.c)
Create test_cmake/main.c:
#include
int main() {
printf("Hello, CMake!\n");
return 0;
}
cd test_cmake
cmake .
-> Crash with:
-- Detecting C compiler ABI info
bash: line 1: 8489 Illegal instruction(core dumped) cmake .
7. Reproducer 3 (rebuild cmake from source inside container):
apt source cmake
cd cmake
apt-get build-dep .
dpkg-buildpackage -us -uc -b
-> Bootstrapping error:
Illegal instruction (core dumped)
Error when bootstrapping CMake:
Problem while running initial CMake
8. Observed crash location (from gdb/QEMU_STRACE when available):
- Illegal instruction is in memset@@GLIBC_2.27+0x52
- Faulting instruction: vse64.v v1,(a5)(RISC-V vector store of
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
@xypron You can set the QEMU_GDB environment variable inside the riscv64 container, then launch the cross-toolchain gdb on your external x86 host (for example, from Spacemit toolchain https://archive.spacemit.com/toolchain/spacemit-toolchain-linux- glibc-x86_64-v1.1.2.tar.xz) to debug RISC-V applications. Steps: Inside the RISC-V container: QEMU_GDB=1 cmake --system-information This launches your program with QEMU’s built-in GDB server listening on port 1. On your x86 host, start the RISC-V cross GDB: ./spacemit-toolchain-linux-glibc-x86_64-v1.1.2/bin/riscv64-unknown-linux-gnu-gdb (Standard GDB output...) Then connect to the remote target: (gdb) target remote :1 If the connection times out, check that your container exposes the port, and QEMU is running. Once connected, run your program. If you hit a SIGILL (illegal instruction): Program received signal SIGILL, Illegal instruction. 0x7fffee44695a in ?? () (gdb) bt #0 0x7fffee44695a in ?? () (gdb) x/16i $pc-32 You observe output like this, including: => 0x7fffee44695a:.insn4, 0x0207f0a7 When decoding 0x0207f0a7 with an online RISC-V disassembler (such as AboutRV, https://www.aboutrv.com/tools/disassembler?code=IDB4MDIwN2YwYTc%3D), you find the instruction is: 0x0207f0a7 → vse64.v v1, (a5) -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/2133188 Title: Illegal instruction in memset under qemu-user for riscv64 Status in QEMU: New Status in qemu package in Ubuntu: Confirmed Bug description: # Title qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset (vse64.v) when running cmake in riscv64 container (Ubuntu 26.04) ## Summary While running cmake (and other build steps) inside a linux/riscv64 Ubuntu 26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static) registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction (core dumped)" or "died with signal 4". The illegal instruction is observed inside glibc's memset implementation at an instruction that uses RISC-V vector extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb / enabling QEMU_STRACE significantly reduces or eliminates the failure, which strongly suggests a qemu-user/emulation bug (vector handling / code generation / state corruption), not a cmake bug. ## Affects - qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu 10.1.0+ds-5ubuntu3) - Running in Docker container for riscv64 on x86_64 host via binfmt_misc qemu-user static interpreter ## Environment / Context - Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64) - Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10) - Container image: ubuntu:26.04 for riscv64 - qemu package used: - downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1, qemu-user_10.0.6+ds-0+deb13u2). - copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host and registered via /proc/sys/fs/binfmt_misc/register - CMake version used inside container (bootstrap/build may use system-provided cmake binary): cmake 3.x (bootstrapping cmake while building also triggers crash) - Reproduction frequency: intermittent, ~50% (can get large variance: several consecutive successes or failures) - Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) — almost completely avoids crash; running under gdb or enabling QEMU_STRACE also makes it much harder to reproduce. ## Full reproduction steps 1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary: wget https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb qemu-user_10.1.0+ds-5ubuntu3_amd64 sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64 /usr/bin/qemu-riscv64-static 2. Register qemu-riscv64 with binfmt_misc: echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64 echo ':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF' >/proc/sys/fs/binfmt_misc/register 3. Start riscv64 ubuntu container: docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash docker exec -it ubuntu26 bash -i 4. Inside container: apt update apt install -y build-essential cmake 5. Reproducer 1: cmake --system-information -> Often fails with: bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device Illegal instruction (core dumped) 6. Reproducer 2 (minimal C project):
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
@qianqiu how did you attach GDB to find the cmake failure is related to
a vector instruction?
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/2133188
Title:
Illegal instruction in memset under qemu-user for riscv64
Status in QEMU:
New
Status in qemu package in Ubuntu:
Confirmed
Bug description:
# Title
qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset
(vse64.v) when running cmake in riscv64 container (Ubuntu 26.04)
## Summary
While running cmake (and other build steps) inside a linux/riscv64 Ubuntu
26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static)
registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction
(core dumped)" or "died with signal 4". The illegal instruction is observed
inside glibc's memset implementation at an instruction that uses RISC-V vector
extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using
a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb /
enabling QEMU_STRACE significantly reduces or eliminates the failure, which
strongly suggests a qemu-user/emulation bug (vector handling / code generation
/ state corruption), not a cmake bug.
## Affects
- qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu
10.1.0+ds-5ubuntu3)
- Running in Docker container for riscv64 on x86_64 host via binfmt_misc
qemu-user static interpreter
## Environment / Context
- Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64)
- Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10)
- Container image: ubuntu:26.04 for riscv64
- qemu package used:
- downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1,
qemu-user_10.0.6+ds-0+deb13u2).
- copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host
and registered via /proc/sys/fs/binfmt_misc/register
- CMake version used inside container (bootstrap/build may use
system-provided cmake binary): cmake 3.x (bootstrapping cmake while building
also triggers crash)
- Reproduction frequency: intermittent, ~50% (can get large variance: several
consecutive successes or failures)
- Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) —
almost completely avoids crash; running under gdb or enabling QEMU_STRACE also
makes it much harder to reproduce.
## Full reproduction steps
1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary:
wget
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
qemu-user_10.1.0+ds-5ubuntu3_amd64
sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64
/usr/bin/qemu-riscv64-static
2. Register qemu-riscv64 with binfmt_misc:
echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64
echo
':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF'
>/proc/sys/fs/binfmt_misc/register
3. Start riscv64 ubuntu container:
docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash
docker exec -it ubuntu26 bash -i
4. Inside container:
apt update
apt install -y build-essential cmake
5. Reproducer 1:
cmake --system-information
-> Often fails with:
bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device
Illegal instruction (core dumped)
6. Reproducer 2 (minimal C project):
Create test_cmake/CMakeLists.txt:
cmake_minimum_required(VERSION 3.10)
project(HelloCMake C)
add_executable(hello main.c)
Create test_cmake/main.c:
#include
int main() {
printf("Hello, CMake!\n");
return 0;
}
cd test_cmake
cmake .
-> Crash with:
-- Detecting C compiler ABI info
bash: line 1: 8489 Illegal instruction(core dumped) cmake .
7. Reproducer 3 (rebuild cmake from source inside container):
apt source cmake
cd cmake
apt-get build-dep .
dpkg-buildpackage -us -uc -b
-> Bootstrapping error:
Illegal instruction (core dumped)
Error when bootstrapping CMake:
Problem while running initial CMake
8. Observed crash location (from gdb/QEMU_STRACE when available):
- Illegal instruction is in memset@@GLIBC_2.27+0x52
- Faulting instruction: vse64.v v1,(a5)(RISC-V vector store of 64-bit
elements)
## Workarounds
- LD_PRELOAD a scalar-only memset library (libnovecmem.so) to avoid glibc
using vectorized memset.
- Run the failing process under gdb (slower) or enable QEMU_STRACE=1 — both
make the failure much less li
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
I have split of LP 2133804 for handling the IOCTL issues. Let's leave
the cmake crash in this bug report.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/2133188
Title:
Illegal instruction in memset under qemu-user for riscv64
Status in QEMU:
New
Status in qemu package in Ubuntu:
Confirmed
Bug description:
# Title
qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset
(vse64.v) when running cmake in riscv64 container (Ubuntu 26.04)
## Summary
While running cmake (and other build steps) inside a linux/riscv64 Ubuntu
26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static)
registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction
(core dumped)" or "died with signal 4". The illegal instruction is observed
inside glibc's memset implementation at an instruction that uses RISC-V vector
extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using
a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb /
enabling QEMU_STRACE significantly reduces or eliminates the failure, which
strongly suggests a qemu-user/emulation bug (vector handling / code generation
/ state corruption), not a cmake bug.
## Affects
- qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu
10.1.0+ds-5ubuntu3)
- Running in Docker container for riscv64 on x86_64 host via binfmt_misc
qemu-user static interpreter
## Environment / Context
- Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64)
- Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10)
- Container image: ubuntu:26.04 for riscv64
- qemu package used:
- downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1,
qemu-user_10.0.6+ds-0+deb13u2).
- copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host
and registered via /proc/sys/fs/binfmt_misc/register
- CMake version used inside container (bootstrap/build may use
system-provided cmake binary): cmake 3.x (bootstrapping cmake while building
also triggers crash)
- Reproduction frequency: intermittent, ~50% (can get large variance: several
consecutive successes or failures)
- Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) —
almost completely avoids crash; running under gdb or enabling QEMU_STRACE also
makes it much harder to reproduce.
## Full reproduction steps
1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary:
wget
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
qemu-user_10.1.0+ds-5ubuntu3_amd64
sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64
/usr/bin/qemu-riscv64-static
2. Register qemu-riscv64 with binfmt_misc:
echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64
echo
':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF'
>/proc/sys/fs/binfmt_misc/register
3. Start riscv64 ubuntu container:
docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash
docker exec -it ubuntu26 bash -i
4. Inside container:
apt update
apt install -y build-essential cmake
5. Reproducer 1:
cmake --system-information
-> Often fails with:
bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device
Illegal instruction (core dumped)
6. Reproducer 2 (minimal C project):
Create test_cmake/CMakeLists.txt:
cmake_minimum_required(VERSION 3.10)
project(HelloCMake C)
add_executable(hello main.c)
Create test_cmake/main.c:
#include
int main() {
printf("Hello, CMake!\n");
return 0;
}
cd test_cmake
cmake .
-> Crash with:
-- Detecting C compiler ABI info
bash: line 1: 8489 Illegal instruction(core dumped) cmake .
7. Reproducer 3 (rebuild cmake from source inside container):
apt source cmake
cd cmake
apt-get build-dep .
dpkg-buildpackage -us -uc -b
-> Bootstrapping error:
Illegal instruction (core dumped)
Error when bootstrapping CMake:
Problem while running initial CMake
8. Observed crash location (from gdb/QEMU_STRACE when available):
- Illegal instruction is in memset@@GLIBC_2.27+0x52
- Faulting instruction: vse64.v v1,(a5)(RISC-V vector store of 64-bit
elements)
## Workarounds
- LD_PRELOAD a scalar-only memset library (libnovecmem.so) to avoid glibc
using vectorized memset.
- Run the failing process under gdb (slower) or enable QEMU_STRACE=1 — both
make the failure
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
I hacked up an implementation of TCGETS2, TCSETS2, TCSETSF2, TCSETSW2 in QEMU and used it ti run the resolute docker images. A proper implementation will include: Functions: in linux-user/syscall.c: host_to_target_termios2() target_to_host_termios2() print_termios2() Definitions: in linux-user/syscall.c #define termios2 host_termios2 in linux-user/syscall_types.h STRUCT_SPECIAL(termios2) in linux-user/ioctls.h: IOCTL(TCGETS2, IOC_R, MK_PTR(MK_STRUCT(STRUCT_termios2))) IOCTL(TCSETS2, IOC_W, MK_PTR(MK_STRUCT(STRUCT_termios2))) IOCTL(TCSETSF2, IOC_W, MK_PTR(MK_STRUCT(STRUCT_termios2))) IOCTL(TCSETSW2, IOC_W, MK_PTR(MK_STRUCT(STRUCT_termios2))) in linux-user/user-internals.h: void print_termios2(void *arg); With the hacked up qemu-riscv64 I get: root@b0ee67925b73:/# tty /dev/pts/0 root@b0ee67925b73:/# cmake --system-information Illegal instruction(core dumped) cmake --system-information Debugging with GDB is not possible: Reading symbols from cmake... Reading symbols from /usr/lib/debug/.build-id/ab/670866ae2092b8fb1236f5f740619ad80ab79c.debug... (gdb) r Starting program: /usr/bin/cmake --system-information warning: Error disabling address space randomization: Operation not permitted warning: Could not trace the inferior process. warning: ptrace: Function not implemented During startup program exited with code 127. -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/2133188 Title: Illegal instruction in memset under qemu-user for riscv64 Status in QEMU: New Status in qemu package in Ubuntu: Confirmed Bug description: # Title qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset (vse64.v) when running cmake in riscv64 container (Ubuntu 26.04) ## Summary While running cmake (and other build steps) inside a linux/riscv64 Ubuntu 26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static) registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction (core dumped)" or "died with signal 4". The illegal instruction is observed inside glibc's memset implementation at an instruction that uses RISC-V vector extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb / enabling QEMU_STRACE significantly reduces or eliminates the failure, which strongly suggests a qemu-user/emulation bug (vector handling / code generation / state corruption), not a cmake bug. ## Affects - qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu 10.1.0+ds-5ubuntu3) - Running in Docker container for riscv64 on x86_64 host via binfmt_misc qemu-user static interpreter ## Environment / Context - Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64) - Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10) - Container image: ubuntu:26.04 for riscv64 - qemu package used: - downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1, qemu-user_10.0.6+ds-0+deb13u2). - copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host and registered via /proc/sys/fs/binfmt_misc/register - CMake version used inside container (bootstrap/build may use system-provided cmake binary): cmake 3.x (bootstrapping cmake while building also triggers crash) - Reproduction frequency: intermittent, ~50% (can get large variance: several consecutive successes or failures) - Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) — almost completely avoids crash; running under gdb or enabling QEMU_STRACE also makes it much harder to reproduce. ## Full reproduction steps 1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary: wget https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb qemu-user_10.1.0+ds-5ubuntu3_amd64 sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64 /usr/bin/qemu-riscv64-static 2. Register qemu-riscv64 with binfmt_misc: echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64 echo ':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF' >/proc/sys/fs/binfmt_misc/register 3. Start riscv64 ubuntu container: docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash docker exec -it ubuntu26 bash -i 4. Inside container: apt update apt install -y build-essential cmake 5. Reproducer 1: cmake --system-information -> Often fails with: bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device Illegal in
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
In the resolute container I get the following output
./check_tcgets_2504 /dev/pts/0
/dev/pts/0 is a terminal (tty) using TCGETS.
/dev/pts/0 is NOT a terminal (tty) using TCGETS2.
with this program
#include
#include
#include
#include
#include // For TCGETS2
#include // For struct termios2
int main(int argc, char *argv[]) {
// Check for the correct number of command-line arguments
if (argc != 2) {
fprintf(stderr, "Usage: %s \n", argv[0]);
return 1;
}
// Open the specified device
int fd = open(argv[1], O_RDONLY);
if (fd < 0) {
perror("Failed to open device");
return 1;
}
// Check using TCGETS
struct termios tty;
if (ioctl(fd, TCGETS, &tty) == 0) {
printf("%s is a terminal (tty) using TCGETS.\n", argv[1]);
} else {
printf("%s is NOT a terminal (tty) using TCGETS.\n", argv[1]);
}
// Check using TCGETS2 with struct termios2
struct termios2 tty2;
if (ioctl(fd, TCGETS2, &tty2) == 0) {
printf("%s is a terminal (tty) using TCGETS2.\n", argv[1]);
} else {
printf("%s is NOT a terminal (tty) using TCGETS2.\n", argv[1]);
}
// Close the device
close(fd);
return 0;
}
Something might be wrong in the translation of TCGETS2 in QEMU.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/2133188
Title:
Illegal instruction in memset under qemu-user for riscv64
Status in QEMU:
New
Status in qemu package in Ubuntu:
Confirmed
Bug description:
# Title
qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset
(vse64.v) when running cmake in riscv64 container (Ubuntu 26.04)
## Summary
While running cmake (and other build steps) inside a linux/riscv64 Ubuntu
26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static)
registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction
(core dumped)" or "died with signal 4". The illegal instruction is observed
inside glibc's memset implementation at an instruction that uses RISC-V vector
extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using
a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb /
enabling QEMU_STRACE significantly reduces or eliminates the failure, which
strongly suggests a qemu-user/emulation bug (vector handling / code generation
/ state corruption), not a cmake bug.
## Affects
- qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu
10.1.0+ds-5ubuntu3)
- Running in Docker container for riscv64 on x86_64 host via binfmt_misc
qemu-user static interpreter
## Environment / Context
- Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64)
- Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10)
- Container image: ubuntu:26.04 for riscv64
- qemu package used:
- downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1,
qemu-user_10.0.6+ds-0+deb13u2).
- copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host
and registered via /proc/sys/fs/binfmt_misc/register
- CMake version used inside container (bootstrap/build may use
system-provided cmake binary): cmake 3.x (bootstrapping cmake while building
also triggers crash)
- Reproduction frequency: intermittent, ~50% (can get large variance: several
consecutive successes or failures)
- Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) —
almost completely avoids crash; running under gdb or enabling QEMU_STRACE also
makes it much harder to reproduce.
## Full reproduction steps
1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary:
wget
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
qemu-user_10.1.0+ds-5ubuntu3_amd64
sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64
/usr/bin/qemu-riscv64-static
2. Register qemu-riscv64 with binfmt_misc:
echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64
echo
':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF'
>/proc/sys/fs/binfmt_misc/register
3. Start riscv64 ubuntu container:
docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash
docker exec -it ubuntu26 bash -i
4. Inside container:
apt update
apt install -y build-essential cmake
5. Reproducer 1:
cmake --system-information
-> Often fails with:
bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device
Illegal instruction (core dumped)
6. Reproducer 2 (mi
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
TCGETS2 is missing in QEMU's linux-user/ioctls.h.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/2133188
Title:
Illegal instruction in memset under qemu-user for riscv64
Status in QEMU:
New
Status in qemu package in Ubuntu:
Confirmed
Bug description:
# Title
qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset
(vse64.v) when running cmake in riscv64 container (Ubuntu 26.04)
## Summary
While running cmake (and other build steps) inside a linux/riscv64 Ubuntu
26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static)
registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction
(core dumped)" or "died with signal 4". The illegal instruction is observed
inside glibc's memset implementation at an instruction that uses RISC-V vector
extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using
a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb /
enabling QEMU_STRACE significantly reduces or eliminates the failure, which
strongly suggests a qemu-user/emulation bug (vector handling / code generation
/ state corruption), not a cmake bug.
## Affects
- qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu
10.1.0+ds-5ubuntu3)
- Running in Docker container for riscv64 on x86_64 host via binfmt_misc
qemu-user static interpreter
## Environment / Context
- Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64)
- Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10)
- Container image: ubuntu:26.04 for riscv64
- qemu package used:
- downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1,
qemu-user_10.0.6+ds-0+deb13u2).
- copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host
and registered via /proc/sys/fs/binfmt_misc/register
- CMake version used inside container (bootstrap/build may use
system-provided cmake binary): cmake 3.x (bootstrapping cmake while building
also triggers crash)
- Reproduction frequency: intermittent, ~50% (can get large variance: several
consecutive successes or failures)
- Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) —
almost completely avoids crash; running under gdb or enabling QEMU_STRACE also
makes it much harder to reproduce.
## Full reproduction steps
1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary:
wget
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
qemu-user_10.1.0+ds-5ubuntu3_amd64
sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64
/usr/bin/qemu-riscv64-static
2. Register qemu-riscv64 with binfmt_misc:
echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64
echo
':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF'
>/proc/sys/fs/binfmt_misc/register
3. Start riscv64 ubuntu container:
docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash
docker exec -it ubuntu26 bash -i
4. Inside container:
apt update
apt install -y build-essential cmake
5. Reproducer 1:
cmake --system-information
-> Often fails with:
bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device
Illegal instruction (core dumped)
6. Reproducer 2 (minimal C project):
Create test_cmake/CMakeLists.txt:
cmake_minimum_required(VERSION 3.10)
project(HelloCMake C)
add_executable(hello main.c)
Create test_cmake/main.c:
#include
int main() {
printf("Hello, CMake!\n");
return 0;
}
cd test_cmake
cmake .
-> Crash with:
-- Detecting C compiler ABI info
bash: line 1: 8489 Illegal instruction(core dumped) cmake .
7. Reproducer 3 (rebuild cmake from source inside container):
apt source cmake
cd cmake
apt-get build-dep .
dpkg-buildpackage -us -uc -b
-> Bootstrapping error:
Illegal instruction (core dumped)
Error when bootstrapping CMake:
Problem while running initial CMake
8. Observed crash location (from gdb/QEMU_STRACE when available):
- Illegal instruction is in memset@@GLIBC_2.27+0x52
- Faulting instruction: vse64.v v1,(a5)(RISC-V vector store of 64-bit
elements)
## Workarounds
- LD_PRELOAD a scalar-only memset library (libnovecmem.so) to avoid glibc
using vectorized memset.
- Run the failing process under gdb (slower) or enable QEMU_STRACE=1 — both
make the failure much less likely.
Note: The same workload does not re
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
I compiled the following program as static binaries both on Ubuntu 26.04
and Ubuntu 25.04.
#include
#include
#include
#include
#include
int main(int argc, char *argv[]) {
struct winsize w;
int fd;
if (argc != 2) {
fprintf(stderr, "Usage: %s \n", argv[0]);
return 1;
}
// Open the specified device
fd = open(argv[1], O_RDONLY);
if (fd < 0) {
perror("Failed to open device");
return 1;
}
// Use ioctl to check if the device is a TTY
printf("Check for TTY via ioctl(TIOCGWINSZ)\n");
if (ioctl(fd, TIOCGWINSZ, &w) == -1) {
// If ioctl fails, it's not a tty
printf("%s is NOT a terminal (tty) or error occurred", argv[1]);
} else {
// If ioctl succeeds, it's a tty
printf("%s is a terminal (tty).\n", argv[1]);
}
printf("\nCheck for TTY via isatty()\n");
// Use isatty() to check if the file descriptor refers to a terminal
if (isatty(fd)) {
printf("%s is a terminal (tty).\n", argv[1]);
} else {
printf("%s is NOT a terminal (tty).\n", argv[1]);
}
// Close the device
close(fd);
return 0;
}
The result differs:
Check for TTY via ioctl(TIOCGWINSZ)
/dev/pts/0 is a terminal (tty).
Check for TTY via isatty()
/dev/pts/0 is a terminal (tty).
./check_tty_2604 /dev/pts/0
Check for TTY via ioctl(TIOCGWINSZ)
/dev/pts/0 is a terminal (tty).
Check for TTY via isatty()
/dev/pts/0 is NOT a terminal (tty).
So the proble seems to be in function isatty() which is implemente in
glibc.
glibc 2.41 and 2.42 show the following difference:
2.41:
__tcgetattr (int fd, struct termios *termios_p)
retval = INLINE_SYSCALL (ioctl, 3, fd, TCGETS, &k_termios);
2.42:
__tcgetattr (int fd, struct termios *termios_p)
long int retval = INLINE_SYSCALL_CALL (ioctl, fd, TCGETS2, &k_termios);
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/2133188
Title:
Illegal instruction in memset under qemu-user for riscv64
Status in QEMU:
New
Status in qemu package in Ubuntu:
Confirmed
Bug description:
# Title
qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset
(vse64.v) when running cmake in riscv64 container (Ubuntu 26.04)
## Summary
While running cmake (and other build steps) inside a linux/riscv64 Ubuntu
26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static)
registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction
(core dumped)" or "died with signal 4". The illegal instruction is observed
inside glibc's memset implementation at an instruction that uses RISC-V vector
extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using
a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb /
enabling QEMU_STRACE significantly reduces or eliminates the failure, which
strongly suggests a qemu-user/emulation bug (vector handling / code generation
/ state corruption), not a cmake bug.
## Affects
- qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu
10.1.0+ds-5ubuntu3)
- Running in Docker container for riscv64 on x86_64 host via binfmt_misc
qemu-user static interpreter
## Environment / Context
- Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64)
- Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10)
- Container image: ubuntu:26.04 for riscv64
- qemu package used:
- downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1,
qemu-user_10.0.6+ds-0+deb13u2).
- copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host
and registered via /proc/sys/fs/binfmt_misc/register
- CMake version used inside container (bootstrap/build may use
system-provided cmake binary): cmake 3.x (bootstrapping cmake while building
also triggers crash)
- Reproduction frequency: intermittent, ~50% (can get large variance: several
consecutive successes or failures)
- Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) —
almost completely avoids crash; running under gdb or enabling QEMU_STRACE also
makes it much harder to reproduce.
## Full reproduction steps
1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary:
wget
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
qemu-user_10.1.0+ds-5ubuntu3_amd64
sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64
/usr/bin/qemu-riscv64-static
2. Register qemu-riscv64 with binfmt_misc:
echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64
echo
':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
I compiled the following program on a riscv64 Ubuntu 26.04 system as
static binary
#include
#include
#include
#include
#include
int main(int argc, char *argv[]) {
if (argc != 2) {
fprintf(stderr, "Usage: %s \n", argv[0]);
return 1;
}
// Open the specified device
int fd = open(argv[1], O_RDONLY);
if (fd < 0) {
perror("Failed to open device");
return 1;
}
// Use ioctl to check if the device is a TTY
struct winsize w;
if (ioctl(fd, TIOCGWINSZ, &w) == -1) {
// If ioctl fails, it's not a tty
perror("Not a terminal (tty) or error occurred");
} else {
// If ioctl succeeds, it's a tty
printf("%s is a terminal (tty).\n", argv[1]);
}
// Close the device
close(fd);
return 0;
}
I then transferred it to the Ubuntu 26.10 container and executed it:
/tmp/check_tty /dev/pts/0
/dev/pts/0 is a terminal (tty)
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/2133188
Title:
Illegal instruction in memset under qemu-user for riscv64
Status in QEMU:
New
Status in qemu package in Ubuntu:
Confirmed
Bug description:
# Title
qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset
(vse64.v) when running cmake in riscv64 container (Ubuntu 26.04)
## Summary
While running cmake (and other build steps) inside a linux/riscv64 Ubuntu
26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static)
registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction
(core dumped)" or "died with signal 4". The illegal instruction is observed
inside glibc's memset implementation at an instruction that uses RISC-V vector
extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using
a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb /
enabling QEMU_STRACE significantly reduces or eliminates the failure, which
strongly suggests a qemu-user/emulation bug (vector handling / code generation
/ state corruption), not a cmake bug.
## Affects
- qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu
10.1.0+ds-5ubuntu3)
- Running in Docker container for riscv64 on x86_64 host via binfmt_misc
qemu-user static interpreter
## Environment / Context
- Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64)
- Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10)
- Container image: ubuntu:26.04 for riscv64
- qemu package used:
- downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1,
qemu-user_10.0.6+ds-0+deb13u2).
- copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host
and registered via /proc/sys/fs/binfmt_misc/register
- CMake version used inside container (bootstrap/build may use
system-provided cmake binary): cmake 3.x (bootstrapping cmake while building
also triggers crash)
- Reproduction frequency: intermittent, ~50% (can get large variance: several
consecutive successes or failures)
- Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) —
almost completely avoids crash; running under gdb or enabling QEMU_STRACE also
makes it much harder to reproduce.
## Full reproduction steps
1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary:
wget
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
qemu-user_10.1.0+ds-5ubuntu3_amd64
sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64
/usr/bin/qemu-riscv64-static
2. Register qemu-riscv64 with binfmt_misc:
echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64
echo
':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF'
>/proc/sys/fs/binfmt_misc/register
3. Start riscv64 ubuntu container:
docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash
docker exec -it ubuntu26 bash -i
4. Inside container:
apt update
apt install -y build-essential cmake
5. Reproducer 1:
cmake --system-information
-> Often fails with:
bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device
Illegal instruction (core dumped)
6. Reproducer 2 (minimal C project):
Create test_cmake/CMakeLists.txt:
cmake_minimum_required(VERSION 3.10)
project(HelloCMake C)
add_executable(hello main.c)
Create test_cmake/main.c:
#include
int main() {
printf("Hello, CMake!\n");
return 0;
}
cd test_cmake
cmake .
-> Crash with:
-- Detecting C compiler ABI inf
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
In the failing Questing and Resolute docker images the tty command
shows:
tty
not a tty
In Plucky I get:
root@2e594bfd4897:/# tty
/dev/pts/0
In both cases I see
mount | grep devpts
devpts on /dev/pts type devpts
(rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=666)
devpts on /dev/console type devpts
(rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=666)
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/2133188
Title:
Illegal instruction in memset under qemu-user for riscv64
Status in QEMU:
New
Status in qemu package in Ubuntu:
Confirmed
Bug description:
# Title
qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset
(vse64.v) when running cmake in riscv64 container (Ubuntu 26.04)
## Summary
While running cmake (and other build steps) inside a linux/riscv64 Ubuntu
26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static)
registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction
(core dumped)" or "died with signal 4". The illegal instruction is observed
inside glibc's memset implementation at an instruction that uses RISC-V vector
extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using
a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb /
enabling QEMU_STRACE significantly reduces or eliminates the failure, which
strongly suggests a qemu-user/emulation bug (vector handling / code generation
/ state corruption), not a cmake bug.
## Affects
- qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu
10.1.0+ds-5ubuntu3)
- Running in Docker container for riscv64 on x86_64 host via binfmt_misc
qemu-user static interpreter
## Environment / Context
- Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64)
- Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10)
- Container image: ubuntu:26.04 for riscv64
- qemu package used:
- downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1,
qemu-user_10.0.6+ds-0+deb13u2).
- copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host
and registered via /proc/sys/fs/binfmt_misc/register
- CMake version used inside container (bootstrap/build may use
system-provided cmake binary): cmake 3.x (bootstrapping cmake while building
also triggers crash)
- Reproduction frequency: intermittent, ~50% (can get large variance: several
consecutive successes or failures)
- Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) —
almost completely avoids crash; running under gdb or enabling QEMU_STRACE also
makes it much harder to reproduce.
## Full reproduction steps
1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary:
wget
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
qemu-user_10.1.0+ds-5ubuntu3_amd64
sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64
/usr/bin/qemu-riscv64-static
2. Register qemu-riscv64 with binfmt_misc:
echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64
echo
':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF'
>/proc/sys/fs/binfmt_misc/register
3. Start riscv64 ubuntu container:
docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash
docker exec -it ubuntu26 bash -i
4. Inside container:
apt update
apt install -y build-essential cmake
5. Reproducer 1:
cmake --system-information
-> Often fails with:
bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device
Illegal instruction (core dumped)
6. Reproducer 2 (minimal C project):
Create test_cmake/CMakeLists.txt:
cmake_minimum_required(VERSION 3.10)
project(HelloCMake C)
add_executable(hello main.c)
Create test_cmake/main.c:
#include
int main() {
printf("Hello, CMake!\n");
return 0;
}
cd test_cmake
cmake .
-> Crash with:
-- Detecting C compiler ABI info
bash: line 1: 8489 Illegal instruction(core dumped) cmake .
7. Reproducer 3 (rebuild cmake from source inside container):
apt source cmake
cd cmake
apt-get build-dep .
dpkg-buildpackage -us -uc -b
-> Bootstrapping error:
Illegal instruction (core dumped)
Error when bootstrapping CMake:
Problem while running initial CMake
8. Observed crash location (from gdb/QEMU_STRACE when available):
- Illegal instruction is in memset@@GLIBC_2.27+0x52
- Faulting instruction: vse64.v v1,(a5)
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
I created a Docker image from out preinstalled RISC-V 26.04 image:
wget
https://cdimage.ubuntu.com/ubuntu-server/daily-preinstalled/current/resolute-preinstalled-server-riscv64.img.xz
xz -d resolute-preinstalled-server-riscv64.img.xz
sudo kpartx -a -v resolute-preinstalled-server-riscv64.img
sudo mount /dev/mapper/loop*p1 /mnt
tar --transform "s/^\/mnt//" -czf img_resolute.tgz /mnt
cat > Dockerfile_img_resolute << eof
FROM scratch
ADD img_resolute.tgz /
CMD ["bash"]
eof
sudo docker build -t img_resolute -f Dockerfile_img_resolute .
sudo umount /mnt
sudo kpartx -d -v resolute-preinstalled-server-riscv64.img
sudo docker run -ti img_resolute /bin/bash
Again no command line prompt in the container.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/2133188
Title:
Illegal instruction in memset under qemu-user for riscv64
Status in QEMU:
New
Status in qemu package in Ubuntu:
Confirmed
Bug description:
# Title
qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset
(vse64.v) when running cmake in riscv64 container (Ubuntu 26.04)
## Summary
While running cmake (and other build steps) inside a linux/riscv64 Ubuntu
26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static)
registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction
(core dumped)" or "died with signal 4". The illegal instruction is observed
inside glibc's memset implementation at an instruction that uses RISC-V vector
extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using
a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb /
enabling QEMU_STRACE significantly reduces or eliminates the failure, which
strongly suggests a qemu-user/emulation bug (vector handling / code generation
/ state corruption), not a cmake bug.
## Affects
- qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu
10.1.0+ds-5ubuntu3)
- Running in Docker container for riscv64 on x86_64 host via binfmt_misc
qemu-user static interpreter
## Environment / Context
- Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64)
- Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10)
- Container image: ubuntu:26.04 for riscv64
- qemu package used:
- downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1,
qemu-user_10.0.6+ds-0+deb13u2).
- copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host
and registered via /proc/sys/fs/binfmt_misc/register
- CMake version used inside container (bootstrap/build may use
system-provided cmake binary): cmake 3.x (bootstrapping cmake while building
also triggers crash)
- Reproduction frequency: intermittent, ~50% (can get large variance: several
consecutive successes or failures)
- Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) —
almost completely avoids crash; running under gdb or enabling QEMU_STRACE also
makes it much harder to reproduce.
## Full reproduction steps
1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary:
wget
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
qemu-user_10.1.0+ds-5ubuntu3_amd64
sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64
/usr/bin/qemu-riscv64-static
2. Register qemu-riscv64 with binfmt_misc:
echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64
echo
':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF'
>/proc/sys/fs/binfmt_misc/register
3. Start riscv64 ubuntu container:
docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash
docker exec -it ubuntu26 bash -i
4. Inside container:
apt update
apt install -y build-essential cmake
5. Reproducer 1:
cmake --system-information
-> Often fails with:
bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device
Illegal instruction (core dumped)
6. Reproducer 2 (minimal C project):
Create test_cmake/CMakeLists.txt:
cmake_minimum_required(VERSION 3.10)
project(HelloCMake C)
add_executable(hello main.c)
Create test_cmake/main.c:
#include
int main() {
printf("Hello, CMake!\n");
return 0;
}
cd test_cmake
cmake .
-> Crash with:
-- Detecting C compiler ABI info
bash: line 1: 8489 Illegal instruction(core dumped) cmake .
7. Reproducer 3 (rebuild cmake from source inside container):
apt source cmake
cd cmake
apt-get build-dep .
dpkg-buildpackag
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
I now created Docker images uses debootstrap:
sudo debootstrap --arch riscv64 --foreign resolute chroot/
http://ports.ubuntu.com/ubuntu-ports
sudo chroot chroot /debootstrap/debootstrap --second-stage
cat > Dockerfile_debootstrap_resolute << eof
FROM scratch
ADD chroot/ /
CMD ["bash"]
eof
sudo docker build -t debootstrap_resolute -f Dockerfile_debootstrap_resolute .
sudo docker run -ti debootstrap_resolute /bin/bash
rm -rf chroot/
sudo debootstrap --arch riscv64 --foreign plucky chroot/
http://ports.ubuntu.com/ubuntu-ports
sudo chroot chroot /debootstrap/debootstrap --second-stage
cat > Dockerfile_debootstrap_plucky << eof
FROM scratch
ADD chroot/ /
CMD ["bash"]
eof
sudo docker build -t debootstrap_plucky -f Dockerfile_debootstrap_plucky .
sudo docker run -ti debootstrap_plucky /bin/bash
Again with Resolute no prompt.
With Plucky a proper command line prompt.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/2133188
Title:
Illegal instruction in memset under qemu-user for riscv64
Status in QEMU:
New
Status in qemu package in Ubuntu:
Confirmed
Bug description:
# Title
qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset
(vse64.v) when running cmake in riscv64 container (Ubuntu 26.04)
## Summary
While running cmake (and other build steps) inside a linux/riscv64 Ubuntu
26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static)
registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction
(core dumped)" or "died with signal 4". The illegal instruction is observed
inside glibc's memset implementation at an instruction that uses RISC-V vector
extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using
a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb /
enabling QEMU_STRACE significantly reduces or eliminates the failure, which
strongly suggests a qemu-user/emulation bug (vector handling / code generation
/ state corruption), not a cmake bug.
## Affects
- qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu
10.1.0+ds-5ubuntu3)
- Running in Docker container for riscv64 on x86_64 host via binfmt_misc
qemu-user static interpreter
## Environment / Context
- Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64)
- Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10)
- Container image: ubuntu:26.04 for riscv64
- qemu package used:
- downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1,
qemu-user_10.0.6+ds-0+deb13u2).
- copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host
and registered via /proc/sys/fs/binfmt_misc/register
- CMake version used inside container (bootstrap/build may use
system-provided cmake binary): cmake 3.x (bootstrapping cmake while building
also triggers crash)
- Reproduction frequency: intermittent, ~50% (can get large variance: several
consecutive successes or failures)
- Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) —
almost completely avoids crash; running under gdb or enabling QEMU_STRACE also
makes it much harder to reproduce.
## Full reproduction steps
1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary:
wget
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
qemu-user_10.1.0+ds-5ubuntu3_amd64
sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64
/usr/bin/qemu-riscv64-static
2. Register qemu-riscv64 with binfmt_misc:
echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64
echo
':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF'
>/proc/sys/fs/binfmt_misc/register
3. Start riscv64 ubuntu container:
docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash
docker exec -it ubuntu26 bash -i
4. Inside container:
apt update
apt install -y build-essential cmake
5. Reproducer 1:
cmake --system-information
-> Often fails with:
bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device
Illegal instruction (core dumped)
6. Reproducer 2 (minimal C project):
Create test_cmake/CMakeLists.txt:
cmake_minimum_required(VERSION 3.10)
project(HelloCMake C)
add_executable(hello main.c)
Create test_cmake/main.c:
#include
int main() {
printf("Hello, CMake!\n");
return 0;
}
cd test_cmake
cmake .
-> Crash with:
-- Detecting C compiler ABI info
bash: line 1: 8489 Illegal instruction
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
I have created RISC-V containers for Ubuntu 25.04, 25.10, and 26.10 as follows: sudo -s wget http://cdimage.ubuntu.com/ubuntu-base/daily/current/resolute-base-riscv64.tar.gz cat > Dockerfile_resolute << eof FROM scratch ADD resolute-base-riscv64.tar.gz / CMD ["bash"] eof docker build -t lp2133188_resolute -f Dockerfile_resolute . docker run -ti lp2133188_resolute /bin/bash wget http://cdimage.ubuntu.com/ubuntu-base/releases/questing/release/ubuntu-base-25.10-base-riscv64.tar.gz cat > Dockerfile_questing << eof FROM scratch ADD ubuntu-base-25.10-base-riscv64.tar.gz / CMD ["bash"] eof docker build -t lp2133188_questing -f Dockerfile_questing . docker run -ti lp2133188_questing /bin/bash wget http://cdimage.ubuntu.com/ubuntu-base/releases/plucky/release/ubuntu-base-25.04-base-riscv64.tar.gz cat > Dockerfile_plucky << eof FROM scratch ADD ubuntu-base-25.04-base-riscv64.tar.gz / CMD ["bash"] eof docker build -t lp2133188_plucky -f Dockerfile_plucky . docker run -ti lp2133188_plucky /bin/bash In container lp2133188_resolute and lp2133188_questing /root is empty. No prompt is shown when entering. export PS1=$ has not effect. Container lp2133188_plucky shows a console prompt 'root@817acf060fbf:/#' defined by PS1. So it seems we removed something between Plucky and Questing that is needed for a proper console in Docker. This seems to be the explanation for the observed error bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device seen in cmake which is not correctly handled. -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/2133188 Title: Illegal instruction in memset under qemu-user for riscv64 Status in QEMU: New Status in qemu package in Ubuntu: Confirmed Bug description: # Title qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset (vse64.v) when running cmake in riscv64 container (Ubuntu 26.04) ## Summary While running cmake (and other build steps) inside a linux/riscv64 Ubuntu 26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static) registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction (core dumped)" or "died with signal 4". The illegal instruction is observed inside glibc's memset implementation at an instruction that uses RISC-V vector extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb / enabling QEMU_STRACE significantly reduces or eliminates the failure, which strongly suggests a qemu-user/emulation bug (vector handling / code generation / state corruption), not a cmake bug. ## Affects - qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu 10.1.0+ds-5ubuntu3) - Running in Docker container for riscv64 on x86_64 host via binfmt_misc qemu-user static interpreter ## Environment / Context - Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64) - Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10) - Container image: ubuntu:26.04 for riscv64 - qemu package used: - downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1, qemu-user_10.0.6+ds-0+deb13u2). - copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host and registered via /proc/sys/fs/binfmt_misc/register - CMake version used inside container (bootstrap/build may use system-provided cmake binary): cmake 3.x (bootstrapping cmake while building also triggers crash) - Reproduction frequency: intermittent, ~50% (can get large variance: several consecutive successes or failures) - Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) — almost completely avoids crash; running under gdb or enabling QEMU_STRACE also makes it much harder to reproduce. ## Full reproduction steps 1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary: wget https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb qemu-user_10.1.0+ds-5ubuntu3_amd64 sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64 /usr/bin/qemu-riscv64-static 2. Register qemu-riscv64 with binfmt_misc: echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64 echo ':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF' >/proc/sys/fs/binfmt_misc/register 3. Start riscv64 ubuntu container: docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash docker exec -it ubuntu26 bash -i 4. Inside container: apt update apt install -y build-essential cmake 5.
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
In the noble Docker container I have been running the following program:
#include
#include
#define VECTOR_SIZE 8 // Number of 64-bit elements
void store_vector_values(int64_t* buffer) {
int64_t values[VECTOR_SIZE] = {0x1001, 0x2, 0x3, 0x4, 0x5, 0x6,
0x7, 0x8};
// Inline assembly to load values into the vector register and store them
asm volatile (
"vsetvli t0, zero, e64, m2;" // Set vector length to 2 elements of 64
bits
"vle64.v v0, (%0);"// Load values into vector register v0
"vse64.v v0, (%1);"// Store the contents of v0 into the
buffer
:
: "r"(values), "r"(buffer) // Input operands
: "v0", "t0", "memory" // Clobbered registers
);
}
int main() {
int64_t buffer[VECTOR_SIZE] = {0}; // Buffer to store 64-bit values
for (int i = 0; i < VECTOR_SIZE; i++) {
printf("buffer[%d] = 0x%lx\n", i, buffer[i]);
}
store_vector_values(buffer);
// Output the stored values for verification
printf("Stored vector values:\n");
for (int i = 0; i < VECTOR_SIZE; i++) {
printf("buffer[%d] = 0x%lx\n", i, buffer[i]);
}
return 0;
}
And received this output:
./test
buffer[0] = 0x0
buffer[1] = 0x0
buffer[2] = 0x0
buffer[3] = 0x0
buffer[4] = 0x0
buffer[5] = 0x0
buffer[6] = 0x0
buffer[7] = 0x0
Stored vector values:
buffer[0] = 0x1001
buffer[1] = 0x2
buffer[2] = 0x3
buffer[3] = 0x4
buffer[4] = 0x0
buffer[5] = 0x0
buffer[6] = 0x0
buffer[7] = 0x0
So it seems that QEMU can emulate the vse64.v instruction. It is not
clear to me why for "m2" four elements are transferred and not two.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/2133188
Title:
Illegal instruction in memset under qemu-user for riscv64
Status in QEMU:
New
Status in qemu package in Ubuntu:
Confirmed
Bug description:
# Title
qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset
(vse64.v) when running cmake in riscv64 container (Ubuntu 26.04)
## Summary
While running cmake (and other build steps) inside a linux/riscv64 Ubuntu
26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static)
registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction
(core dumped)" or "died with signal 4". The illegal instruction is observed
inside glibc's memset implementation at an instruction that uses RISC-V vector
extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using
a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb /
enabling QEMU_STRACE significantly reduces or eliminates the failure, which
strongly suggests a qemu-user/emulation bug (vector handling / code generation
/ state corruption), not a cmake bug.
## Affects
- qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu
10.1.0+ds-5ubuntu3)
- Running in Docker container for riscv64 on x86_64 host via binfmt_misc
qemu-user static interpreter
## Environment / Context
- Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64)
- Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10)
- Container image: ubuntu:26.04 for riscv64
- qemu package used:
- downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1,
qemu-user_10.0.6+ds-0+deb13u2).
- copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host
and registered via /proc/sys/fs/binfmt_misc/register
- CMake version used inside container (bootstrap/build may use
system-provided cmake binary): cmake 3.x (bootstrapping cmake while building
also triggers crash)
- Reproduction frequency: intermittent, ~50% (can get large variance: several
consecutive successes or failures)
- Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) —
almost completely avoids crash; running under gdb or enabling QEMU_STRACE also
makes it much harder to reproduce.
## Full reproduction steps
1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary:
wget
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
qemu-user_10.1.0+ds-5ubuntu3_amd64
sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64
/usr/bin/qemu-riscv64-static
2. Register qemu-riscv64 with binfmt_misc:
echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64
echo
':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF'
>/proc/sys/fs/binfmt_misc/register
3. Start riscv64 ubuntu container:
docker run --platform=linux/riscv64 --name ubuntu2
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
Inside the noble image the following extension where shown in
/proc/cpuinfo:
rv64imafdcbvh_zic64b_zicbom_zicbop_zicboz_ziccamoa_ziccif_zicclsm_ziccrse_zicfilp_zicfiss_zicond_zicntr_zicsr_zifencei_zihintntl_zihintpause_zihpm_zimop_zmmul_za64rs_zaamo_zabha_zacas_zalrsc_zama16b_zawrs_zfa_zfbfmin_zfh_zfhmin_zca_zcb_zcd_zcmop_zba_zbb_zbc_zbkb_zbkc_zbkx_zbs_zk_zkn_zknd_zkne_zknh_zkr_zks_zksed_zksh_zkt_ztso_zvbb_zvbc_zve32f_zve32x_zve64f_zve64d_zve64x_zvfbfmin_zvfbfwma_zvfh_zvfhmin_zvkb_zvkg_zvkn_zvknc_zvkned_zvkng_zvknha_zvknhb_zvks_zvksc_zvksed_zvksg_zvksh_zvkt_sdtrig_shcounterenw_sha_shgatpa_shtvala_shvsatpa_shvstvala_shvstvecd_smaia_smcdeleg_smcntrpmf_smcsrind_smepmp_smmpm_smnpm_smstateen_ssaia_ssccfg_ssccptr_sscofpmf_sscounterenw_sscsrind_ssdbltrp_ssnpm_sspm_ssstateen_ssstrict_sstc_sstvala_sstvecd_ssu64xl_supm_smctr_ssctr_svadu_svinval_svnapot_svpbmt_svrsw60t59b_svvptc
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/2133188
Title:
Illegal instruction in memset under qemu-user for riscv64
Status in QEMU:
New
Status in qemu package in Ubuntu:
Confirmed
Bug description:
# Title
qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset
(vse64.v) when running cmake in riscv64 container (Ubuntu 26.04)
## Summary
While running cmake (and other build steps) inside a linux/riscv64 Ubuntu
26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static)
registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction
(core dumped)" or "died with signal 4". The illegal instruction is observed
inside glibc's memset implementation at an instruction that uses RISC-V vector
extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using
a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb /
enabling QEMU_STRACE significantly reduces or eliminates the failure, which
strongly suggests a qemu-user/emulation bug (vector handling / code generation
/ state corruption), not a cmake bug.
## Affects
- qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu
10.1.0+ds-5ubuntu3)
- Running in Docker container for riscv64 on x86_64 host via binfmt_misc
qemu-user static interpreter
## Environment / Context
- Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64)
- Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10)
- Container image: ubuntu:26.04 for riscv64
- qemu package used:
- downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1,
qemu-user_10.0.6+ds-0+deb13u2).
- copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host
and registered via /proc/sys/fs/binfmt_misc/register
- CMake version used inside container (bootstrap/build may use
system-provided cmake binary): cmake 3.x (bootstrapping cmake while building
also triggers crash)
- Reproduction frequency: intermittent, ~50% (can get large variance: several
consecutive successes or failures)
- Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) —
almost completely avoids crash; running under gdb or enabling QEMU_STRACE also
makes it much harder to reproduce.
## Full reproduction steps
1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary:
wget
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
qemu-user_10.1.0+ds-5ubuntu3_amd64
sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64
/usr/bin/qemu-riscv64-static
2. Register qemu-riscv64 with binfmt_misc:
echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64
echo
':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF'
>/proc/sys/fs/binfmt_misc/register
3. Start riscv64 ubuntu container:
docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash
docker exec -it ubuntu26 bash -i
4. Inside container:
apt update
apt install -y build-essential cmake
5. Reproducer 1:
cmake --system-information
-> Often fails with:
bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device
Illegal instruction (core dumped)
6. Reproducer 2 (minimal C project):
Create test_cmake/CMakeLists.txt:
cmake_minimum_required(VERSION 3.10)
project(HelloCMake C)
add_executable(hello main.c)
Create test_cmake/main.c:
#include
int main() {
printf("Hello, CMake!\n");
return 0;
}
cd test_cmake
cmake .
-> Crash with:
-- Detecting C compiler ABI info
bash: line 1: 8489 Illegal instruction
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
On Ubuntu 26.04 I used a Dockerfile:
# Ubuntu noble-riscv64-20251013
FROM
ubuntu:noble@sha256:4fdf0125919d24aec972544669dcd7d6a26a8ad7e6561c73d5549bd6db258ac2
I could log into the container with
docker buildx build --platform linux/riscv64 -t lp2133188:latest .
docker run --platform linux/riscv64 -ti lp2133188:latest /bin/bash
I the created a Dockerfile
# Ubuntu resolute-riscv64-20251101
FROM
ubuntu:resolute@sha256:e5bd70f715735ea3e9c95414af38151aaa6619b7393e254852a0a2c879685bb4
I build it with
docker buildx build --platform linux/riscv64 -t lp2133188:latest .
But when trying to log in with
docker run --platform linux/riscv64 -ti lp2133188:latest /bin/bash
But there was no console output
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/2133188
Title:
Illegal instruction in memset under qemu-user for riscv64
Status in QEMU:
New
Status in qemu package in Ubuntu:
Confirmed
Bug description:
# Title
qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset
(vse64.v) when running cmake in riscv64 container (Ubuntu 26.04)
## Summary
While running cmake (and other build steps) inside a linux/riscv64 Ubuntu
26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static)
registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction
(core dumped)" or "died with signal 4". The illegal instruction is observed
inside glibc's memset implementation at an instruction that uses RISC-V vector
extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using
a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb /
enabling QEMU_STRACE significantly reduces or eliminates the failure, which
strongly suggests a qemu-user/emulation bug (vector handling / code generation
/ state corruption), not a cmake bug.
## Affects
- qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu
10.1.0+ds-5ubuntu3)
- Running in Docker container for riscv64 on x86_64 host via binfmt_misc
qemu-user static interpreter
## Environment / Context
- Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64)
- Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10)
- Container image: ubuntu:26.04 for riscv64
- qemu package used:
- downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1,
qemu-user_10.0.6+ds-0+deb13u2).
- copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host
and registered via /proc/sys/fs/binfmt_misc/register
- CMake version used inside container (bootstrap/build may use
system-provided cmake binary): cmake 3.x (bootstrapping cmake while building
also triggers crash)
- Reproduction frequency: intermittent, ~50% (can get large variance: several
consecutive successes or failures)
- Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) —
almost completely avoids crash; running under gdb or enabling QEMU_STRACE also
makes it much harder to reproduce.
## Full reproduction steps
1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary:
wget
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
qemu-user_10.1.0+ds-5ubuntu3_amd64
sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64
/usr/bin/qemu-riscv64-static
2. Register qemu-riscv64 with binfmt_misc:
echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64
echo
':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF'
>/proc/sys/fs/binfmt_misc/register
3. Start riscv64 ubuntu container:
docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash
docker exec -it ubuntu26 bash -i
4. Inside container:
apt update
apt install -y build-essential cmake
5. Reproducer 1:
cmake --system-information
-> Often fails with:
bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device
Illegal instruction (core dumped)
6. Reproducer 2 (minimal C project):
Create test_cmake/CMakeLists.txt:
cmake_minimum_required(VERSION 3.10)
project(HelloCMake C)
add_executable(hello main.c)
Create test_cmake/main.c:
#include
int main() {
printf("Hello, CMake!\n");
return 0;
}
cd test_cmake
cmake .
-> Crash with:
-- Detecting C compiler ABI info
bash: line 1: 8489 Illegal instruction(core dumped) cmake .
7. Reproducer 3 (rebuild cmake from source inside container):
apt source cmake
cd cmake
apt-get build-dep .
dpkg-buildpackag
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: qemu (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/2133188
Title:
Illegal instruction in memset under qemu-user for riscv64
Status in QEMU:
New
Status in qemu package in Ubuntu:
Confirmed
Bug description:
# Title
qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset
(vse64.v) when running cmake in riscv64 container (Ubuntu 26.04)
## Summary
While running cmake (and other build steps) inside a linux/riscv64 Ubuntu
26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static)
registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction
(core dumped)" or "died with signal 4". The illegal instruction is observed
inside glibc's memset implementation at an instruction that uses RISC-V vector
extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using
a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb /
enabling QEMU_STRACE significantly reduces or eliminates the failure, which
strongly suggests a qemu-user/emulation bug (vector handling / code generation
/ state corruption), not a cmake bug.
## Affects
- qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu
10.1.0+ds-5ubuntu3)
- Running in Docker container for riscv64 on x86_64 host via binfmt_misc
qemu-user static interpreter
## Environment / Context
- Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64)
- Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10)
- Container image: ubuntu:26.04 for riscv64
- qemu package used:
- downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1,
qemu-user_10.0.6+ds-0+deb13u2).
- copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host
and registered via /proc/sys/fs/binfmt_misc/register
- CMake version used inside container (bootstrap/build may use
system-provided cmake binary): cmake 3.x (bootstrapping cmake while building
also triggers crash)
- Reproduction frequency: intermittent, ~50% (can get large variance: several
consecutive successes or failures)
- Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) —
almost completely avoids crash; running under gdb or enabling QEMU_STRACE also
makes it much harder to reproduce.
## Full reproduction steps
1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary:
wget
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
qemu-user_10.1.0+ds-5ubuntu3_amd64
sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64
/usr/bin/qemu-riscv64-static
2. Register qemu-riscv64 with binfmt_misc:
echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64
echo
':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF'
>/proc/sys/fs/binfmt_misc/register
3. Start riscv64 ubuntu container:
docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash
docker exec -it ubuntu26 bash -i
4. Inside container:
apt update
apt install -y build-essential cmake
5. Reproducer 1:
cmake --system-information
-> Often fails with:
bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device
Illegal instruction (core dumped)
6. Reproducer 2 (minimal C project):
Create test_cmake/CMakeLists.txt:
cmake_minimum_required(VERSION 3.10)
project(HelloCMake C)
add_executable(hello main.c)
Create test_cmake/main.c:
#include
int main() {
printf("Hello, CMake!\n");
return 0;
}
cd test_cmake
cmake .
-> Crash with:
-- Detecting C compiler ABI info
bash: line 1: 8489 Illegal instruction(core dumped) cmake .
7. Reproducer 3 (rebuild cmake from source inside container):
apt source cmake
cd cmake
apt-get build-dep .
dpkg-buildpackage -us -uc -b
-> Bootstrapping error:
Illegal instruction (core dumped)
Error when bootstrapping CMake:
Problem while running initial CMake
8. Observed crash location (from gdb/QEMU_STRACE when available):
- Illegal instruction is in memset@@GLIBC_2.27+0x52
- Faulting instruction: vse64.v v1,(a5)(RISC-V vector store of 64-bit
elements)
## Workarounds
- LD_PRELOAD a scalar-only memset library (libnovecmem.so) to avoid glibc
using vectorized memset.
- Run the failing process under gdb (slower) or enable QEMU_STRACE=1
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
** Changed in: qemu (Ubuntu)
Assignee: (unassigned) => Heinrich Schuchardt (xypron)
** Changed in: qemu (Ubuntu)
Importance: Undecided => Medium
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/2133188
Title:
Illegal instruction in memset under qemu-user for riscv64
Status in QEMU:
New
Status in qemu package in Ubuntu:
New
Bug description:
# Title
qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset
(vse64.v) when running cmake in riscv64 container (Ubuntu 26.04)
## Summary
While running cmake (and other build steps) inside a linux/riscv64 Ubuntu
26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static)
registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction
(core dumped)" or "died with signal 4". The illegal instruction is observed
inside glibc's memset implementation at an instruction that uses RISC-V vector
extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using
a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb /
enabling QEMU_STRACE significantly reduces or eliminates the failure, which
strongly suggests a qemu-user/emulation bug (vector handling / code generation
/ state corruption), not a cmake bug.
## Affects
- qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu
10.1.0+ds-5ubuntu3)
- Running in Docker container for riscv64 on x86_64 host via binfmt_misc
qemu-user static interpreter
## Environment / Context
- Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64)
- Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10)
- Container image: ubuntu:26.04 for riscv64
- qemu package used:
- downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1,
qemu-user_10.0.6+ds-0+deb13u2).
- copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host
and registered via /proc/sys/fs/binfmt_misc/register
- CMake version used inside container (bootstrap/build may use
system-provided cmake binary): cmake 3.x (bootstrapping cmake while building
also triggers crash)
- Reproduction frequency: intermittent, ~50% (can get large variance: several
consecutive successes or failures)
- Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) —
almost completely avoids crash; running under gdb or enabling QEMU_STRACE also
makes it much harder to reproduce.
## Full reproduction steps
1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary:
wget
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
qemu-user_10.1.0+ds-5ubuntu3_amd64
sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64
/usr/bin/qemu-riscv64-static
2. Register qemu-riscv64 with binfmt_misc:
echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64
echo
':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF'
>/proc/sys/fs/binfmt_misc/register
3. Start riscv64 ubuntu container:
docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash
docker exec -it ubuntu26 bash -i
4. Inside container:
apt update
apt install -y build-essential cmake
5. Reproducer 1:
cmake --system-information
-> Often fails with:
bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device
Illegal instruction (core dumped)
6. Reproducer 2 (minimal C project):
Create test_cmake/CMakeLists.txt:
cmake_minimum_required(VERSION 3.10)
project(HelloCMake C)
add_executable(hello main.c)
Create test_cmake/main.c:
#include
int main() {
printf("Hello, CMake!\n");
return 0;
}
cd test_cmake
cmake .
-> Crash with:
-- Detecting C compiler ABI info
bash: line 1: 8489 Illegal instruction(core dumped) cmake .
7. Reproducer 3 (rebuild cmake from source inside container):
apt source cmake
cd cmake
apt-get build-dep .
dpkg-buildpackage -us -uc -b
-> Bootstrapping error:
Illegal instruction (core dumped)
Error when bootstrapping CMake:
Problem while running initial CMake
8. Observed crash location (from gdb/QEMU_STRACE when available):
- Illegal instruction is in memset@@GLIBC_2.27+0x52
- Faulting instruction: vse64.v v1,(a5)(RISC-V vector store of 64-bit
elements)
## Workarounds
- LD_PRELOAD a scalar-only memset library (libnovecmem.so) to avoid glibc
using vectorized memset.
- Run the failing process under gdb (slower) or enab
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
** Changed in: qemu
Status: Unknown => New
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/2133188
Title:
Illegal instruction in memset under qemu-user for riscv64
Status in QEMU:
New
Status in qemu package in Ubuntu:
New
Bug description:
# Title
qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset
(vse64.v) when running cmake in riscv64 container (Ubuntu 26.04)
## Summary
While running cmake (and other build steps) inside a linux/riscv64 Ubuntu
26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static)
registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction
(core dumped)" or "died with signal 4". The illegal instruction is observed
inside glibc's memset implementation at an instruction that uses RISC-V vector
extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using
a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb /
enabling QEMU_STRACE significantly reduces or eliminates the failure, which
strongly suggests a qemu-user/emulation bug (vector handling / code generation
/ state corruption), not a cmake bug.
## Affects
- qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu
10.1.0+ds-5ubuntu3)
- Running in Docker container for riscv64 on x86_64 host via binfmt_misc
qemu-user static interpreter
## Environment / Context
- Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64)
- Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10)
- Container image: ubuntu:26.04 for riscv64
- qemu package used:
- downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1,
qemu-user_10.0.6+ds-0+deb13u2).
- copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host
and registered via /proc/sys/fs/binfmt_misc/register
- CMake version used inside container (bootstrap/build may use
system-provided cmake binary): cmake 3.x (bootstrapping cmake while building
also triggers crash)
- Reproduction frequency: intermittent, ~50% (can get large variance: several
consecutive successes or failures)
- Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) —
almost completely avoids crash; running under gdb or enabling QEMU_STRACE also
makes it much harder to reproduce.
## Full reproduction steps
1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary:
wget
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
qemu-user_10.1.0+ds-5ubuntu3_amd64
sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64
/usr/bin/qemu-riscv64-static
2. Register qemu-riscv64 with binfmt_misc:
echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64
echo
':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF'
>/proc/sys/fs/binfmt_misc/register
3. Start riscv64 ubuntu container:
docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash
docker exec -it ubuntu26 bash -i
4. Inside container:
apt update
apt install -y build-essential cmake
5. Reproducer 1:
cmake --system-information
-> Often fails with:
bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device
Illegal instruction (core dumped)
6. Reproducer 2 (minimal C project):
Create test_cmake/CMakeLists.txt:
cmake_minimum_required(VERSION 3.10)
project(HelloCMake C)
add_executable(hello main.c)
Create test_cmake/main.c:
#include
int main() {
printf("Hello, CMake!\n");
return 0;
}
cd test_cmake
cmake .
-> Crash with:
-- Detecting C compiler ABI info
bash: line 1: 8489 Illegal instruction(core dumped) cmake .
7. Reproducer 3 (rebuild cmake from source inside container):
apt source cmake
cd cmake
apt-get build-dep .
dpkg-buildpackage -us -uc -b
-> Bootstrapping error:
Illegal instruction (core dumped)
Error when bootstrapping CMake:
Problem while running initial CMake
8. Observed crash location (from gdb/QEMU_STRACE when available):
- Illegal instruction is in memset@@GLIBC_2.27+0x52
- Faulting instruction: vse64.v v1,(a5)(RISC-V vector store of 64-bit
elements)
## Workarounds
- LD_PRELOAD a scalar-only memset library (libnovecmem.so) to avoid glibc
using vectorized memset.
- Run the failing process under gdb (slower) or enable QEMU_STRACE=1 — both
make the failure much less likely.
Note: The same workload does not reproduc
[Bug 2133188] Re: Illegal instruction in memset under qemu-user for riscv64
** Bug watch added: gitlab.com/qemu-project/qemu/-/issues #3224
https://gitlab.com/qemu-project/qemu/-/issues/3224
** Also affects: qemu via
https://gitlab.com/qemu-project/qemu/-/issues/3224
Importance: Unknown
Status: Unknown
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/2133188
Title:
Illegal instruction in memset under qemu-user for riscv64
Status in QEMU:
Unknown
Status in qemu package in Ubuntu:
New
Bug description:
# Title
qemu-user (qemu-riscv64-static): intermittent Illegal instruction in memset
(vse64.v) when running cmake in riscv64 container (Ubuntu 26.04)
## Summary
While running cmake (and other build steps) inside a linux/riscv64 Ubuntu
26.04 container on an x86_64 host using qemu-user (qemu-riscv64-static)
registered via binfmt_misc, cmake sometimes crashes with "Illegal instruction
(core dumped)" or "died with signal 4". The illegal instruction is observed
inside glibc's memset implementation at an instruction that uses RISC-V vector
extension (vse64.v). The failure is intermittent (~50% reproducer rate). Using
a scalar-only memset (libnovecmem.so via LD_PRELOAD) or running under gdb /
enabling QEMU_STRACE significantly reduces or eliminates the failure, which
strongly suggests a qemu-user/emulation bug (vector handling / code generation
/ state corruption), not a cmake bug.
## Affects
- qemu-user qemu-riscv64-static (as packaged in Ubuntu qemu
10.1.0+ds-5ubuntu3)
- Running in Docker container for riscv64 on x86_64 host via binfmt_misc
qemu-user static interpreter
## Environment / Context
- Host CPU: x86_64 (Docker multiarch running qemu-user for riscv64)
- Host OS:multiple Ubuntu releases (22.04, 24.04, 25.10)
- Container image: ubuntu:26.04 for riscv64
- qemu package used:
- downloaded .deb from Launchpad: qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
and on several Debian qemu-user packages (qemu-user_10.2.0~rc1+ds-1,
qemu-user_10.0.6+ds-0+deb13u2).
- copied qemu-riscv64 binary into /usr/bin/qemu-riscv64-static inside host
and registered via /proc/sys/fs/binfmt_misc/register
- CMake version used inside container (bootstrap/build may use
system-provided cmake binary): cmake 3.x (bootstrapping cmake while building
also triggers crash)
- Reproduction frequency: intermittent, ~50% (can get large variance: several
consecutive successes or failures)
- Observed behavior changes when: LD_PRELOAD libnovecmem.so (scalar memset) —
almost completely avoids crash; running under gdb or enabling QEMU_STRACE also
makes it much harder to reproduce.
## Full reproduction steps
1. On x86_64 host, fetch qemu-user .deb and extract the riscv static binary:
wget
https://launchpad.net/ubuntu/+source/qemu/1:10.1.0+ds-5ubuntu3/+build/31393935/+files/qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
dpkg-deb -x qemu-user_10.1.0+ds-5ubuntu3_amd64.deb
qemu-user_10.1.0+ds-5ubuntu3_amd64
sudo cp qemu-user_10.1.0+ds-5ubuntu3_amd64/usr/bin/qemu-riscv64
/usr/bin/qemu-riscv64-static
2. Register qemu-riscv64 with binfmt_misc:
echo -1 > /proc/sys/fs/binfmt_misc/qemu-riscv64
echo
':qemu-riscv64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-riscv64-static:POCF'
>/proc/sys/fs/binfmt_misc/register
3. Start riscv64 ubuntu container:
docker run --platform=linux/riscv64 --name ubuntu26 -itd ubuntu:26.04 bash
docker exec -it ubuntu26 bash -i
4. Inside container:
apt update
apt install -y build-essential cmake
5. Reproducer 1:
cmake --system-information
-> Often fails with:
bash: [15: 1 (255)] tcsetattr: Inappropriate ioctl for device
Illegal instruction (core dumped)
6. Reproducer 2 (minimal C project):
Create test_cmake/CMakeLists.txt:
cmake_minimum_required(VERSION 3.10)
project(HelloCMake C)
add_executable(hello main.c)
Create test_cmake/main.c:
#include
int main() {
printf("Hello, CMake!\n");
return 0;
}
cd test_cmake
cmake .
-> Crash with:
-- Detecting C compiler ABI info
bash: line 1: 8489 Illegal instruction(core dumped) cmake .
7. Reproducer 3 (rebuild cmake from source inside container):
apt source cmake
cd cmake
apt-get build-dep .
dpkg-buildpackage -us -uc -b
-> Bootstrapping error:
Illegal instruction (core dumped)
Error when bootstrapping CMake:
Problem while running initial CMake
8. Observed crash location (from gdb/QEMU_STRACE when available):
- Illegal instruction is in memset@@GLIBC_2.27+0x52
- Faulting instruction: vse64.v v1,(a5)(RISC-V vector store of 64-bit
elements)
## Workarounds
- LD_PRELOAD a scalar-only memset library (libnovecmem.so)
