On Sat, 3 Mar 2012, Alexander Graf wrote: > > On 02.03.2012, at 18:49, Peter Maydell wrote: > > > On 27 February 2012 15:16, Bernhard M. Wiedemann <bwiedem...@suse.de> wrote: > >> I found that running a debian arm5 bash with qemu runs into varying > >> problems with -R but works without. > > > > So I had a look at this this afternoon, and what seems to be happening > > is that with -R, the call to target_mmap() in elfload.c:setup_arg_pages() > > (which creates the stack) is putting the stack immediately after the > > bash BSS segment in the address space. This means that brk() will > > never be able to expand, and it looks like something in either bash > > or libc's locale code isn't correctly handling the failure, so we > > crash. (The segfault is from a strlen(NULL) from setlocale() I think.) > > > > We should probably try to put the stack somewhere more sensible than > > where it currently ends up... > > I wrote a small test case to reproduce the breakage as far as I understood it > at least: > > #include <stdio.h> > #include <stdlib.h> > #include <unistd.h> > #include <sys/mman.h> > #include <sys/types.h> > #include <sys/stat.h> > #include <sys/fcntl.h> > > int main(int argc, char **argv) > { > void *curbrk; > void *tmp; > char buf[1024]; > int fd, r; > > tmp = mmap((void*)0x5000UL, 0x10000, PROT_READ|PROT_WRITE, > MAP_PRIVATE|MAP_ANONYMOUS, 0, 0);
You are setting a bad example here (not that i know if that makes a dent of a practical difference in this case): passing 0 as an fd even in MAP_ANONYMOUS case is unsafe. [..snip..] -- mailto:av1...@comtv.ru