qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [Bug 673613] [NEW] ARM semihosting SYS_GET_CMDLINE does not


From: Wolfgang Schildbach
Subject: [Qemu-devel] [Bug 673613] [NEW] ARM semihosting SYS_GET_CMDLINE does not return arguments
Date: Wed, 10 Nov 2010 16:43:46 -0000

Public bug reported:

I have downloaded version 0.13.0 of the code, configured with:
'./configure' '--prefix=/tmp/qemu-0.13.0' '--interp-
prefix=/tmp/qemu-0.13.0/usr/local/gnemul/qemu-%M' '--target-list=arm-
softmmu arm-linux-user armeb-linux-user'

and built using gcc version 4.3.2 (Debian 4.3.2-1.1). Execution
environment is Debian, kernel 2.6.26-2-686.

I am running a barebone helloworld.c which echoes its commandline
arguments, compiled with ADS1.2 from ARM. The arguments never get echoed
back.

I have found the culprit in the source code, lines 3020 and 3022 of
linux-user/main.c which free target_argv[]. However, loader_exec(),
which is called a couple lines above, records the pointer to
target_argv[]. So, when the data is accessed in arm-semi.c, it is
actually trying to load from memory that has been free()d already.

This bug manifests itself for baremetal simulation, but I suspect it
hits other platforms as well.

** Affects: qemu
     Importance: Undecided
         Status: New

-- 
ARM semihosting SYS_GET_CMDLINE does not return arguments
https://bugs.launchpad.net/bugs/673613
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.

Status in QEMU: New

Bug description:
I have downloaded version 0.13.0 of the code, configured with: './configure' 
'--prefix=/tmp/qemu-0.13.0' 
'--interp-prefix=/tmp/qemu-0.13.0/usr/local/gnemul/qemu-%M' 
'--target-list=arm-softmmu arm-linux-user armeb-linux-user'

and built using gcc version 4.3.2 (Debian 4.3.2-1.1). Execution environment is 
Debian, kernel 2.6.26-2-686.

I am running a barebone helloworld.c which echoes its commandline arguments, 
compiled with ADS1.2 from ARM. The arguments never get echoed back.

I have found the culprit in the source code, lines 3020 and 3022 of 
linux-user/main.c which free target_argv[]. However, loader_exec(), which is 
called a couple lines above, records the pointer to target_argv[]. So, when the 
data is accessed in arm-semi.c, it is actually trying to load from memory that 
has been free()d already.

This bug manifests itself for baremetal simulation, but I suspect it hits other 
platforms as well.





reply via email to

[Prev in Thread] Current Thread [Next in Thread]