ARM semihosting SYS_GET_CMDLINE does not return arguments
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
QEMU |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
I have downloaded version 0.13.0 of the code, configured with: './configure' '--prefix=
and built using gcc version 4.3.2 (Debian 4.3.2-1.1). Execution environment is Debian, kernel 2.6.26-2-686.
I am running a barebone helloworld.c which echoes its commandline arguments, compiled with ADS1.2 from ARM. The arguments never get echoed back.
I have found the culprit in the source code, lines 3020 and 3022 of linux-user/main.c which free target_argv[]. However, loader_exec(), which is called a couple lines above, records the pointer to target_argv[]. So, when the data is accessed in arm-semi.c, it is actually trying to load from memory that has been free()d already.
This bug manifests itself for baremetal simulation, but I suspect it hits other platforms as well.
Changed in qemu: | |
status: | New → Fix Committed |
Changed in qemu: | |
status: | Fix Committed → Fix Released |
I see this bug has been reported before, for instance here: /msg29250. html /msg22251. html
http://<email address hidden>
and Laurent Desnogues noticed the problem while reviewing a patch in this area:
http://<email address hidden>
The only code which looks at ts->info->host_argv is the code to handle SYS_GET_CMDLINE in the ARM semihosting support code arm-semi.c. My tentative suggestion is that we should instead make the semihosting support code read the argc/argv out of the userspace memory which loader_build_argptr has set up. (This is what linux-user/ elfload. c does in fill_psinfo() as part of creating core dumps.)