On 07/22/2018 01:47 PM, Jason A. Donenfeld wrote:
> Hello,
>
> Gcc 7.3 compiles bash's array_flush's dual assignment using:
>
> STP X20, X20, [X20,#0x10]
>
> But gcc 8.1 compiles it as:
>
> STR Q0, [X20,#0x10]
>
> Real processors seem okay, and qemu 2.11 seems okay. But qemu 2.12
> results in a segfaulting process. I'm pretty sure this is a TCG bug.
>
> In the attached tarball, please find kernel and run.sh. Calling
> ./run.sh will start the kernel with the bad bash executable that tries
> to execute `config=({1..100000})` and crashes. Also included in there
> is the actual crashing bash binary, in case you'd like to disassemble
> a little bit.
Interesting. The test passes on master with --enable-debug, but fails when
qemu is compiled with optimization...
I'll dig a bit deeper.
r~
