aboutsummaryrefslogtreecommitdiff
path: root/gdbstub.c
AgeCommit message (Collapse)Author
2015-11-06gdbstub: Fix buffer overflows in gdb_handle_packet()Kevin Wolf
Some places in gdb_handle_packet() can get an arbitrary length (most times directly from the client) and either didn't check it at all or checked against the wrong value, potentially causing buffer overflows. Cc: qemu-stable@nongnu.org Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-09-14Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into stagingPeter Maydell
* Support for jemalloc * qemu_mutex_lock_iothread "No such process" fix * cutils: qemu_strto* wrappers * iohandler.c simplification * Many other fixes and misc patches. And some MTTCG work (with Emilio's fixes squashed): * Signal-free TCG kick * Removing spinlock in favor of QemuMutex * User-mode emulation multi-threading fixes/docs # gpg: Signature made Thu 10 Sep 2015 09:03:07 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" * remotes/bonzini/tags/for-upstream: (44 commits) cutils: work around platform differences in strto{l,ul,ll,ull} cpu-exec: fix lock hierarchy for user-mode emulation exec: make mmap_lock/mmap_unlock globally available tcg: comment on which functions have to be called with mmap_lock held tcg: add memory barriers in page_find_alloc accesses remove unused spinlock. replace spinlock by QemuMutex. cpus: remove tcg_halt_cond and tcg_cpu_thread globals cpus: protect work list with work_mutex scripts/dump-guest-memory.py: fix after RAMBlock change configure: Add support for jemalloc add macro file for coccinelle configure: factor out adding disas configure vhost-scsi: fix wrong vhost-scsi firmware path checkpatch: remove tests that are not relevant outside the kernel checkpatch: adapt some tests to QEMU CODING_STYLE: update mixed declaration rules qmp: Add example usage of strto*l() qemu wrapper cutils: Add qemu_strtoull() wrapper cutils: Add qemu_strtoll() wrapper ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-09use qemu_cpu_kick instead of cpu_exit or qemu_cpu_kick_threadPaolo Bonzini
Use the same API to trigger interruption of a CPU, no matter if under TCG or KVM. There is no difference: these calls come from the CPU thread, so the qemu_cpu_kick calls will send a signal to the running thread and it will be processed synchronously, just like a call to cpu_exit. The only difference is in the overhead, but neither call to cpu_exit (now qemu_cpu_kick) is in a hot path. Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-07gdbstub: Implement gdb_do_syscallv()Peter Maydell
Implement a variant of the existing gdb_do_syscall() which takes a va_list. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Tested-by: Christopher Covington <cov@codeaurora.org> Message-id: 1439483745-28752-4-git-send-email-peter.maydell@linaro.org
2015-07-27gdbstub: Set current CPU on interruptionsJan Kiszka
gdb expects that the thread ID for c and g-class operations is set to the CPU we provide when reporting VM stop conditions. If the stub is still tuned to a different CPU, the wrong information is delivered to the gdb frontend. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-07-09gdbstub: Use cpu_set_pc() helperPeter Crosthwaite
Use the cpu_set_pc() helper which will take care of CPUClass retrieval for us. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-07-09gdbstub: Change gdbserver_fork() to accept cpu instead of envPeter Crosthwaite
All callsites to this function navigate the cpu->env_ptr only for the function to take the env ptr back to the original cpu ptr. Change the function to just pass in the CPU pointer instead. Removes a core code usage of ENV_GET_CPU() (in gdbstub.c). Cc: Riku Voipio <riku.voipio@iki.fi> Reviewed-by: Andreas Färber <afaerber@suse.de> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-07-09translate-all: Change tb_flush() env argument to cpuPeter Crosthwaite
All of the core-code usages of this API have the cpu pointer handy so pass it in. There are only 3 architecture specific usages (2 of which are commented out) which can just use ENV_GET_CPU() locally to get the cpu pointer. The reduces core code usage of the CPU env, which brings us closer to common-obj'ing these core files. Cc: Riku Voipio <riku.voipio@iki.fi> Cc: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Acked-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-06-19semihosting: create SemihostingConfig structure and semihost.hLeon Alrae
Remove semihosting_enabled and semihosting_target and replace them with SemihostingConfig structure containing equivalent fields. The structure is defined in vl.c where it is actually set. Also introduce separate header file include/exec/semihost.h allowing to access semihosting config related stuff from target specific semihosting code. Signed-off-by: Leon Alrae <leon.alrae@imgtec.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1434643256-16858-2-git-send-email-leon.alrae@imgtec.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-28Revert "gdbstub: Do not kill target in system emulation mode"Fabien Chouteau
The requirements described in this patch are implemented by "Add GDB qAttached support". This reverts commit 00e94dbc7fd0110b0555d59592b004333adfb4b8. Signed-off-by: Fabien Chouteau <chouteau@adacore.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-28Add GDB qAttached supportJan Kiszka
With this patch QEMU handles qAttached request from gdb. When QEMU replies 1, GDB sends a "detach" command at the end of a debugging session otherwise GDB sends "kill". The default value for qAttached is 1 on system emulation and 0 on user emulation. Based on original version by Fabien Chouteau. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-28gdbstub: Introduce an is is_query_packet helperJan Kiszka
This helper supports parsing of query packets with optional extensions. The separator can be specified so that we can use it already for both qqemu.sstep[=] and qSupported[:feature]. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-28gdbstub: Fix qOffsets packet detectionJan Kiszka
qOffsets has no additional optional parameters. So match the complete string to avoid stumbling over possible future commands with identical prefix. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-03-10gdbstub: avoid possible NULL pointer dereferencePaolo Bonzini
Coverity reports that s->chr is checked after put_packet dereferences it. Move the check earlier, consistent with the code used for user-mode emulation. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-12-11Add the "-semihosting-config" option.Liviu Ionescu
The usual semihosting behaviour is to process the system calls locally and return; unfortuantelly the initial implementation dinamically changed the target to GDB during debug sessions, which, for the usual arm-none-eabi-gdb, is not implemented. The result was that during debug sessions the semihosting calls were discarded. This patch adds a configuration variable and an option to set it on the command line: -semihosting-config [enable=on|off,]target=native|gdb|auto This option enables semihosting and defines where the semihosting calls will be addressed, to QEMU ('native') or to GDB ('gdb'). The default is auto, which means 'gdb' during debug sessions and 'native' otherwise. Signed-off-by: Liviu Ionescu <ilg@livius.net> Message-id: 1416341957-9796-1-git-send-email-ilg@livius.net [PMM: moved declaration and definition of semihosting_target to gdbstub.h and gdbstub.c to fix build failure on linux-user] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-11-11gdbstub: Add a missing case of signal number translation in gdbstubMartin Simmons
While using qemu with gdb "target remote" to debug an application that uses fork and exec, the qemu process receives SIGSTOP every time the forked process terminates (sending SIGCHLD). This is caused by a missing call to gdb_signal_to_target in gdbstub.c, which is fixed by this patch: Signed-off-by: Martin Simmons <martin@lispworks.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-10-06gdbstub: Allow target CPUs to specify watchpoint STOP_BEFORE_ACCESS flagPeter Maydell
GDB assumes that watchpoint set via the gdbstub remote protocol will behave in the same way as hardware watchpoints for the target. In particular, whether the CPU stops with the PC before or after the insn which triggers the watchpoint is target dependent. Allow guest CPU code to specify which behaviour to use. This fixes a bug where with guest CPUs which stop before the accessing insn GDB would manually step forward over what it thought was the insn and end up one insn further forward than it should be. We set this flag for the CPU architectures which set gdbarch_have_nonsteppable_watchpoint in gdb 7.7: ARM, CRIS, LM32, MIPS and Xtensa. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Tested-by: Max Filippov <jcmvbkbc@gmail.com> Tested-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Tested-by: Michael Walle <michael@walle.cc> (for lm32) Message-id: 1410545057-14014-1-git-send-email-peter.maydell@linaro.org
2014-09-11gdbstub: init mon_chr through qemu_chr_allocPavel Dovgalyuk
This patch initializes monitor for gdbstub with the qemu_chr_alloc function instead of just allocating the memory. Initialization function call is required, because it also creates chr_write_lock mutex, which is used when writing to this character device. Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@ispras.ru> Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-03-13exec: Change cpu_breakpoint_{insert,remove{,_by_ref,_all}} argumentAndreas Färber
Use CPUState. Allows to clean up CPUArchState in gdbstub. Signed-off-by: Andreas Färber <afaerber@suse.de>
2014-03-13exec: Change cpu_watchpoint_{insert,remove{,_by_ref,_all}} argumentAndreas Färber
Use CPUState. This lets us drop a few local env usages. Signed-off-by: Andreas Färber <afaerber@suse.de>
2014-03-13cpu: Move watchpoint fields from CPU_COMMON to CPUStateAndreas Färber
Signed-off-by: Andreas Färber <afaerber@suse.de>
2014-03-13cpu: Move opaque field from CPU_COMMON to CPUStateAndreas Färber
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-04vl: allow "cont" from panicked statePaolo Bonzini
After reporting the GUEST_PANICKED monitor event, QEMU stops the VM. The reason for this is that events are edge-triggered, and can be lost if management dies at the wrong time. Stopping a panicked VM lets management know of a panic even if it has crashed; management can learn about the panic when it restarts and queries running QEMU processes. The downside is of course that the VM will be paused while management is not running, but that is acceptable if it only happens with explicit "-device pvpanic". Upon learning of a panic, management (if configured to do so) can pick a variety of behaviors: leave the VM paused, reset it, destroy it. In addition to all of these behaviors, it is possible to dump the VM core from the host. However, right now, the panicked state is irreversible, and can only be exited by resetting the machine. This means that any policy decision is entirely in the hands of the host. In particular there is no way to use the "reboot on panic" option together with pvpanic. This patch makes the panicked state reversible (and removes various workarounds that were there because of the state being irreversible). With this change, management has a wider set of possible policies: it can just log the crash and leave policy to the guest, it can leave the VM paused. In particular, the "log the crash and continue" is implemented simply by sending a "cont" as soon as management learns about the panic. Management could also implement the "irreversible paused state" itself. And again, all such actions can be coupled with dumping the VM core. Unfortunately we cannot change the behavior of 1.6.0. Thus, even if it uses "-device pvpanic", management should check for "cont" failures. If "cont" fails, management can then log that the VM remained paused and urge the administrator to update QEMU. Reviewed-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-02gdbstub: call socket_set_fast_reuse instead of setting SO_REUSEADDRSebastian Ottlik
SO_REUSEADDR should be avoided on Windows but is desired on other operating systems. So instead of setting it we call socket_set_fast_reuse that will result in the appropriate behaviour on all operating systems. Signed-off-by: Sebastian Ottlik <ottlik@fzi.de> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Stefan Weil <sw@weilnetz.de>
2013-09-03cpu: Use QTAILQ for CPU listAndreas Färber
Introduce CPU_FOREACH(), CPU_FOREACH_SAFE() and CPU_NEXT() shorthand macros. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-08-16gdbstub: Fix gdb_register_coprocessor() register countingAndreas Färber
Commit a0e372f0c49ac01faeaeb73a6e8f50e8ac615f34 reorganized the register counting for GDB. While it seems correct not to let the total number of registers skyrocket in an SMP scenario through a static variable, the distinction between total register count and 'g' packet register count (last_reg vs. num_g_regs) got lost among the way. Fix this by introducing CPUState::gdb_num_g_regs and using that in gdb_handle_packet(). Reported-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Cc: qemu-stable@nongnu.org (stable-1.6) Tested-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Tested-by: Max Filippov <jcmvbkbc@gmail.com> Tested-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-27cpu: Introduce CPUClass::gdb_core_xml_file for GDB_CORE_XMLAndreas Färber
Replace the GDB_CORE_XML define in gdbstub.c with a CPUClass field. Use first_cpu for qSupported and qXfer:features:read: for now. Add a stub for xml_builtin. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-27cpu: Introduce CPUClass::gdb_{read,write}_register()Andreas Färber
Completes migration of target-specific code to new target-*/gdbstub.c. Acked-by: Michael Walle <michael@walle.cc> (for lm32) Acked-by: Max Filippov <jcmvbkbc@gmail.com> (for xtensa) Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-27gdbstub: Replace GET_REG*() macros with gdb_get_reg*() functionsAndreas Färber
This avoids polluting the global namespace with a non-prefixed macro and makes it obvious in the call sites that we return. Semi-automatic conversion using, e.g., sed -i 's/GET_REGL(/return gdb_get_regl(mem_buf, /g' target-*/gdbstub.c followed by manual tweaking for sparc's GET_REGA() and Coding Style. Acked-by: Michael Walle <michael@walle.cc> (for lm32) Acked-by: Max Filippov <jcmvbkbc@gmail.com> (for xtensa) Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-27target-xtensa: Move cpu_gdb_{read,write}_register()Andreas Färber
Acked-by: Max Filippov <jcmvbkbc@gmail.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-27target-lm32: Move cpu_gdb_{read,write}_register()Andreas Färber
Acked-by: Michael Walle <michael@walle.cc> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-27target-s390x: Move cpu_gdb_{read,write}_register()Andreas Färber
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-27target-alpha: Move cpu_gdb_{read,write}_register()Andreas Färber
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-27target-cris: Move cpu_gdb_{read,write}_register()Andreas Färber
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-27target-microblaze: Move cpu_gdb_{read,write}_register()Andreas Färber
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-27target-sh4: Move cpu_gdb_{read,write}_register()Andreas Färber
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-27target-openrisc: Move cpu_gdb_{read,write}_register()Andreas Färber
Reviewed-by: Jia Liu <proljc@gmail.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-26target-mips: Move cpu_gdb_{read,write}_register()Andreas Färber
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-26target-m68k: Move cpu_gdb_{read,write}_register()Andreas Färber
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-26target-arm: Move cpu_gdb_{read,write}_register()Andreas Färber
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-26target-sparc: Move cpu_gdb_{read,write}_register()Andreas Färber
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-26target-ppc: Move cpu_gdb_{read,write}_register()Andreas Färber
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-26target-i386: Move cpu_gdb_{read,write}_register()Andreas Färber
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-26cpu: Introduce CPUState::gdb_num_regs and CPUClass::gdb_num_core_regsAndreas Färber
CPUState::gdb_num_regs replaces num_g_regs. CPUClass::gdb_num_core_regs replaces NUM_CORE_REGS. Allows building gdb_register_coprocessor() for xtensa, too. As a side effect this should fix coprocessor register numbering for SMP. Acked-by: Michael Walle <michael@walle.cc> (for lm32) Acked-by: Max Filippov <jcmvbkbc@gmail.com> (for xtensa) Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-26gdbstub: Drop dead code in cpu_gdb_{read,write}_register()Andreas Färber
GET_REG*() macros include a return statement, thus no need for break. Acked-by: Michael Walle <michael@walle.cc> (for lm32) Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-26gdbstub: Fix cpu_gdb_{read,write}_register() Coding StyleAndreas Färber
Add braces, replace tabs, remove trailing whitespace, drop space before parenthesis and place break etc. below case statements. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-23gdbstub: Change gdb_register_coprocessor() argument to CPUStateAndreas Färber
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-23cpu: Move gdb_regs field from CPU_COMMON to CPUStateAndreas Färber
Prepares for changing gdb_register_coprocessor() argument to CPUState. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-23gdbstub: Change GDBState::{c,g}_cpu and find_cpu() to CPUStateAndreas Färber
Use CPUState::env_ptr where still needed. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-23cpu: Introduce CPUClass::memory_rw_debug() for target_memory_rw_debug()Andreas Färber
Make inline target_memory_rw_debug() always available and change its argument to CPUState. Let it check if CPUClass::memory_rw_debug provides a specialized callback and fall back to cpu_memory_rw_debug() otherwise. The only overriding implementation is for 32-bit sparc. This prepares for changing GDBState::g_cpu to CPUState. Signed-off-by: Andreas Färber <afaerber@suse.de>