Testing Linux usermode emulation with the Linux Test Project
You can use the Linux Test Project's syscall tests to test QEMU's linux-user mode support. These instructions are for how to do that using a Debian chroot running under an x86 Ubuntu or Debian host (I tested with Ubuntu Precise).
These instructions set up an armhf chroot; they should in theory work for any architecture supported by both Debian and QEMU.
Setting up the testsuite environment
First we need to set up the chroot. This takes a while but once you've done it you can reuse the chroot for multiple test runs. We build the LTP testsuite inside the chroot, which is slow but simpler than setting up a cross-build environment. The finished chroot including the compiled testsuite needs about 620MB of disk space. [This could almost certainly be trimmed down but disk is cheap and time is expensive :-)]
Download the LTP source tarball; I used the tar.gz of tag 20150903 from https://github.com/linux-test-project/ltp/tags but really you should use a newer version, at least 20160920.
As root in the host system:
mkdir /srv/chroot/ltp-armhf qemu-debootstrap --arch armhf --variant=buildd jessie /srv/chroot/ltp-armhf-20150903 echo "deb http://ftp.uk.debian.org/debian jessie main" > /srv/chroot/ltp-armhf-20150903/etc/apt/sources.list cd /srv/chroot/ltp-armhf-20150903 tar xvjf ltp-full-20150903.bz2 chroot /srv/chroot/ltp-armhf-20150903
Note: for older architectures which aren't supported by Debian any more and whose packages have moved into the archives you can use a command line like this:
qemu-debootstrap --arch alpha --variant=buildd lenny /srv/chroot/alpha http://archive.debian.org/debian
Then in the chroot (the compile stage will take an hour or two):
[ -e /proc/cpuinfo ] || mount proc /proc -t proc touch /etc/hosts cd ltp-full-20150903 apt-get update apt-get install automake autoconf iproute2 net-tools sudo make autotools && ./configure && make && make install
This will install the tests in
/opt/ltp/ inside the chroot.
(We touch /etc/hosts because the LTP getdtablesize test assumes that file exists. We install iproute2 and net-tools for the benefit of the sendmsg01 test. We install sudo for the utimensat tests.)
/opt/ltp/qemu.skiplist file inside the chroot with the following contents:
# skiplist for QEMU testing # This is a list of tests which hang completely under QEMU # or are otherwise badly behaved (as opposed to merely failing). # # Updated skiplist as of 2016-10-20 # # we don't implement clone flags correctly, so in clone2 # the child gets the wrong return value for getppid() and kills # the test harness by accident clone02 # Seems to hang fork13 futex_wait03 # This runs OK but thrashes the machine with lots of processes msgctl11 # these tests try to restart syslogd, which is a bad idea in a chroot syslog01 syslog02 syslog03 syslog04 syslog05 syslog06 syslog07 syslog08 syslog09 syslog10 syslog11 syslog12 # This doesn't hang but it seems to get very confused and I think # it ends up not unmounting a loopback device, which then makes a # lot of later tests bail out (and the whole test framework complains # that it can't remove its temp dir when it cleans up). mmap16
WARNING: this skiplist might not be entirely sufficient. Best to keep an eye on what's running; if a qemu process seems to have got stuck running one test for a long time you can just kill it (and add the missing entry to the skiplist).
OK, now we're ready to actually do a test run! You'll need to build the QEMU to test as a static executable, for example:
./configure --target-list=arm-linux-user --static && make -j2
Then copy the
arm-linux-user/qemu-arm binary into
/srv/chroot/ltp-armhf-20150903/usr/bin/qemu-arm-static (you'll need to make sure you don't still have a shell open in the chroot or the copy will fail).
To run tests in the chroot:
[ -e /proc/cpuinfo ] || mount proc /proc -t proc cd /opt/ltp ./runltp -p -l "qemu-$(date +%FT%T).log" -o "qemu-$(date +%FT%T).out" -f /opt/ltp/runtest/syscalls -S /opt/ltp/qemu.skiplist
This will take an hour or so, and writes a human readable results summary to a file in
/opt/ltp/results/, and the complete test output dump to a file in
/opt/ltp/output/. You can track its progress by tailing the output file that is created in
(The LTP test runner appends results to existing log files rather than overwriting them, which is why we make sure to include a date/timestamp in the filenames.)
Note that the test suite often considers "syscall unimplemented" as a PASS condition. To find out whether QEMU is just missing syscalls completely you'll need to look for "qemu: Unsupported syscall:" lines in the output file.
You can investigate a failure by running a single test like this:
./runltp -f /opt/ltp/runtest/syscalls -s accept4
-s option takes a regex specifying tests to run).
As of v1.4.0-rc1 the ARM QEMU ran 959 tests with 86 failures. If anybody would like to set up an automated system to run these tests nightly and produce pretty web pages of regressions/progressions that would be cool :-)