]> git.proxmox.com Git - mirror_qemu.git/blob - gdbstub/gdbstub.c
projects / mirror_qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tests/qtest: libqtest: Correct the timeout unit of blocking receive calls for win32
[mirror_qemu.git] / gdbstub / gdbstub.c
1 /*
2 * gdb server stub
3 *
4 * This implements a subset of the remote protocol as described in:
5 *
6 * https://sourceware.org/gdb/onlinedocs/gdb/Remote-Protocol.html
7 *
8 * Copyright (c) 2003-2005 Fabrice Bellard
9 *
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
14 *
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
19 *
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
22 *
23 * SPDX-License-Identifier: LGPL-2.0+
24 */
25
26 #include "qemu/osdep.h"
27 #include "qapi/error.h"
28 #include "qemu/error-report.h"
29 #include "qemu/ctype.h"
30 #include "qemu/cutils.h"
31 #include "qemu/module.h"
32 #include "trace.h"
33 #include "exec/gdbstub.h"
34 #ifdef CONFIG_USER_ONLY
35 #include "qemu.h"
36 #else
37 #include "monitor/monitor.h"
38 #include "chardev/char.h"
39 #include "chardev/char-fe.h"
40 #include "hw/cpu/cluster.h"
41 #include "hw/boards.h"
42 #endif
43
44 #define MAX_PACKET_LENGTH 4096
45
46 #include "qemu/sockets.h"
47 #include "sysemu/hw_accel.h"
48 #include "sysemu/runstate.h"
49 #include "semihosting/semihost.h"
50 #include "exec/exec-all.h"
51 #include "exec/hwaddr.h"
52 #include "sysemu/replay.h"
53
54 #include "internals.h"
55
56 #ifdef CONFIG_USER_ONLY
57 #define GDB_ATTACHED "0"
58 #else
59 #define GDB_ATTACHED "1"
60 #endif
61
62 #ifndef CONFIG_USER_ONLY
63 static int phy_memory_mode;
64 #endif
65
66 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
67 uint8_t *buf, int len, bool is_write)
68 {
69 CPUClass *cc;
70
71 #ifndef CONFIG_USER_ONLY
72 if (phy_memory_mode) {
73 if (is_write) {
74 cpu_physical_memory_write(addr, buf, len);
75 } else {
76 cpu_physical_memory_read(addr, buf, len);
77 }
78 return 0;
79 }
80 #endif
81
82 cc = CPU_GET_CLASS(cpu);
83 if (cc->memory_rw_debug) {
84 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
85 }
86 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
87 }
88
89 /* Return the GDB index for a given vCPU state.
90 *
91 * For user mode this is simply the thread id. In system mode GDB
92 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
93 */
94 static inline int cpu_gdb_index(CPUState *cpu)
95 {
96 #if defined(CONFIG_USER_ONLY)
97 TaskState *ts = (TaskState *) cpu->opaque;
98 return ts ? ts->ts_tid : -1;
99 #else
100 return cpu->cpu_index + 1;
101 #endif
102 }
103
104 enum {
105 GDB_SIGNAL_0 = 0,
106 GDB_SIGNAL_INT = 2,
107 GDB_SIGNAL_QUIT = 3,
108 GDB_SIGNAL_TRAP = 5,
109 GDB_SIGNAL_ABRT = 6,
110 GDB_SIGNAL_ALRM = 14,
111 GDB_SIGNAL_IO = 23,
112 GDB_SIGNAL_XCPU = 24,
113 GDB_SIGNAL_UNKNOWN = 143
114 };
115
116 #ifdef CONFIG_USER_ONLY
117
118 /* Map target signal numbers to GDB protocol signal numbers and vice
119 * versa. For user emulation's currently supported systems, we can
120 * assume most signals are defined.
121 */
122
123 static int gdb_signal_table[] = {
124 0,
125 TARGET_SIGHUP,
126 TARGET_SIGINT,
127 TARGET_SIGQUIT,
128 TARGET_SIGILL,
129 TARGET_SIGTRAP,
130 TARGET_SIGABRT,
131 -1, /* SIGEMT */
132 TARGET_SIGFPE,
133 TARGET_SIGKILL,
134 TARGET_SIGBUS,
135 TARGET_SIGSEGV,
136 TARGET_SIGSYS,
137 TARGET_SIGPIPE,
138 TARGET_SIGALRM,
139 TARGET_SIGTERM,
140 TARGET_SIGURG,
141 TARGET_SIGSTOP,
142 TARGET_SIGTSTP,
143 TARGET_SIGCONT,
144 TARGET_SIGCHLD,
145 TARGET_SIGTTIN,
146 TARGET_SIGTTOU,
147 TARGET_SIGIO,
148 TARGET_SIGXCPU,
149 TARGET_SIGXFSZ,
150 TARGET_SIGVTALRM,
151 TARGET_SIGPROF,
152 TARGET_SIGWINCH,
153 -1, /* SIGLOST */
154 TARGET_SIGUSR1,
155 TARGET_SIGUSR2,
156 #ifdef TARGET_SIGPWR
157 TARGET_SIGPWR,
158 #else
159 -1,
160 #endif
161 -1, /* SIGPOLL */
162 -1,
163 -1,
164 -1,
165 -1,
166 -1,
167 -1,
168 -1,
169 -1,
170 -1,
171 -1,
172 -1,
173 #ifdef __SIGRTMIN
174 __SIGRTMIN + 1,
175 __SIGRTMIN + 2,
176 __SIGRTMIN + 3,
177 __SIGRTMIN + 4,
178 __SIGRTMIN + 5,
179 __SIGRTMIN + 6,
180 __SIGRTMIN + 7,
181 __SIGRTMIN + 8,
182 __SIGRTMIN + 9,
183 __SIGRTMIN + 10,
184 __SIGRTMIN + 11,
185 __SIGRTMIN + 12,
186 __SIGRTMIN + 13,
187 __SIGRTMIN + 14,
188 __SIGRTMIN + 15,
189 __SIGRTMIN + 16,
190 __SIGRTMIN + 17,
191 __SIGRTMIN + 18,
192 __SIGRTMIN + 19,
193 __SIGRTMIN + 20,
194 __SIGRTMIN + 21,
195 __SIGRTMIN + 22,
196 __SIGRTMIN + 23,
197 __SIGRTMIN + 24,
198 __SIGRTMIN + 25,
199 __SIGRTMIN + 26,
200 __SIGRTMIN + 27,
201 __SIGRTMIN + 28,
202 __SIGRTMIN + 29,
203 __SIGRTMIN + 30,
204 __SIGRTMIN + 31,
205 -1, /* SIGCANCEL */
206 __SIGRTMIN,
207 __SIGRTMIN + 32,
208 __SIGRTMIN + 33,
209 __SIGRTMIN + 34,
210 __SIGRTMIN + 35,
211 __SIGRTMIN + 36,
212 __SIGRTMIN + 37,
213 __SIGRTMIN + 38,
214 __SIGRTMIN + 39,
215 __SIGRTMIN + 40,
216 __SIGRTMIN + 41,
217 __SIGRTMIN + 42,
218 __SIGRTMIN + 43,
219 __SIGRTMIN + 44,
220 __SIGRTMIN + 45,
221 __SIGRTMIN + 46,
222 __SIGRTMIN + 47,
223 __SIGRTMIN + 48,
224 __SIGRTMIN + 49,
225 __SIGRTMIN + 50,
226 __SIGRTMIN + 51,
227 __SIGRTMIN + 52,
228 __SIGRTMIN + 53,
229 __SIGRTMIN + 54,
230 __SIGRTMIN + 55,
231 __SIGRTMIN + 56,
232 __SIGRTMIN + 57,
233 __SIGRTMIN + 58,
234 __SIGRTMIN + 59,
235 __SIGRTMIN + 60,
236 __SIGRTMIN + 61,
237 __SIGRTMIN + 62,
238 __SIGRTMIN + 63,
239 __SIGRTMIN + 64,
240 __SIGRTMIN + 65,
241 __SIGRTMIN + 66,
242 __SIGRTMIN + 67,
243 __SIGRTMIN + 68,
244 __SIGRTMIN + 69,
245 __SIGRTMIN + 70,
246 __SIGRTMIN + 71,
247 __SIGRTMIN + 72,
248 __SIGRTMIN + 73,
249 __SIGRTMIN + 74,
250 __SIGRTMIN + 75,
251 __SIGRTMIN + 76,
252 __SIGRTMIN + 77,
253 __SIGRTMIN + 78,
254 __SIGRTMIN + 79,
255 __SIGRTMIN + 80,
256 __SIGRTMIN + 81,
257 __SIGRTMIN + 82,
258 __SIGRTMIN + 83,
259 __SIGRTMIN + 84,
260 __SIGRTMIN + 85,
261 __SIGRTMIN + 86,
262 __SIGRTMIN + 87,
263 __SIGRTMIN + 88,
264 __SIGRTMIN + 89,
265 __SIGRTMIN + 90,
266 __SIGRTMIN + 91,
267 __SIGRTMIN + 92,
268 __SIGRTMIN + 93,
269 __SIGRTMIN + 94,
270 __SIGRTMIN + 95,
271 -1, /* SIGINFO */
272 -1, /* UNKNOWN */
273 -1, /* DEFAULT */
274 -1,
275 -1,
276 -1,
277 -1,
278 -1,
279 -1
280 #endif
281 };
282 #else
283 /* In system mode we only need SIGINT and SIGTRAP; other signals
284 are not yet supported. */
285
286 enum {
287 TARGET_SIGINT = 2,
288 TARGET_SIGTRAP = 5
289 };
290
291 static int gdb_signal_table[] = {
292 -1,
293 -1,
294 TARGET_SIGINT,
295 -1,
296 -1,
297 TARGET_SIGTRAP
298 };
299 #endif
300
301 #ifdef CONFIG_USER_ONLY
302 static int target_signal_to_gdb (int sig)
303 {
304 int i;
305 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
306 if (gdb_signal_table[i] == sig)
307 return i;
308 return GDB_SIGNAL_UNKNOWN;
309 }
310 #endif
311
312 static int gdb_signal_to_target (int sig)
313 {
314 if (sig < ARRAY_SIZE (gdb_signal_table))
315 return gdb_signal_table[sig];
316 else
317 return -1;
318 }
319
320 typedef struct GDBRegisterState {
321 int base_reg;
322 int num_regs;
323 gdb_get_reg_cb get_reg;
324 gdb_set_reg_cb set_reg;
325 const char *xml;
326 struct GDBRegisterState *next;
327 } GDBRegisterState;
328
329 typedef struct GDBProcess {
330 uint32_t pid;
331 bool attached;
332
333 char target_xml[1024];
334 } GDBProcess;
335
336 enum RSState {
337 RS_INACTIVE,
338 RS_IDLE,
339 RS_GETLINE,
340 RS_GETLINE_ESC,
341 RS_GETLINE_RLE,
342 RS_CHKSUM1,
343 RS_CHKSUM2,
344 };
345 typedef struct GDBState {
346 bool init; /* have we been initialised? */
347 CPUState *c_cpu; /* current CPU for step/continue ops */
348 CPUState *g_cpu; /* current CPU for other ops */
349 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
350 enum RSState state; /* parsing state */
351 char line_buf[MAX_PACKET_LENGTH];
352 int line_buf_index;
353 int line_sum; /* running checksum */
354 int line_csum; /* checksum at the end of the packet */
355 GByteArray *last_packet;
356 int signal;
357 #ifdef CONFIG_USER_ONLY
358 int fd;
359 char *socket_path;
360 int running_state;
361 #else
362 CharBackend chr;
363 Chardev *mon_chr;
364 #endif
365 bool multiprocess;
366 GDBProcess *processes;
367 int process_num;
368 char syscall_buf[256];
369 gdb_syscall_complete_cb current_syscall_cb;
370 GString *str_buf;
371 GByteArray *mem_buf;
372 int sstep_flags;
373 int supported_sstep_flags;
374 } GDBState;
375
376 static GDBState gdbserver_state;
377
378 static void init_gdbserver_state(void)
379 {
380 g_assert(!gdbserver_state.init);
381 memset(&gdbserver_state, 0, sizeof(GDBState));
382 gdbserver_state.init = true;
383 gdbserver_state.str_buf = g_string_new(NULL);
384 gdbserver_state.mem_buf = g_byte_array_sized_new(MAX_PACKET_LENGTH);
385 gdbserver_state.last_packet = g_byte_array_sized_new(MAX_PACKET_LENGTH + 4);
386
387 /*
388 * What single-step modes are supported is accelerator dependent.
389 * By default try to use no IRQs and no timers while single
390 * stepping so as to make single stepping like a typical ICE HW step.
391 */
392 gdbserver_state.supported_sstep_flags = accel_supported_gdbstub_sstep_flags();
393 gdbserver_state.sstep_flags = SSTEP_ENABLE | SSTEP_NOIRQ | SSTEP_NOTIMER;
394 gdbserver_state.sstep_flags &= gdbserver_state.supported_sstep_flags;
395 }
396
397 #ifndef CONFIG_USER_ONLY
398 static void reset_gdbserver_state(void)
399 {
400 g_free(gdbserver_state.processes);
401 gdbserver_state.processes = NULL;
402 gdbserver_state.process_num = 0;
403 }
404 #endif
405
406 bool gdb_has_xml;
407
408 #ifdef CONFIG_USER_ONLY
409
410 static int get_char(void)
411 {
412 uint8_t ch;
413 int ret;
414
415 for(;;) {
416 ret = recv(gdbserver_state.fd, &ch, 1, 0);
417 if (ret < 0) {
418 if (errno == ECONNRESET)
419 gdbserver_state.fd = -1;
420 if (errno != EINTR)
421 return -1;
422 } else if (ret == 0) {
423 close(gdbserver_state.fd);
424 gdbserver_state.fd = -1;
425 return -1;
426 } else {
427 break;
428 }
429 }
430 return ch;
431 }
432 #endif
433
434 /*
435 * Return true if there is a GDB currently connected to the stub
436 * and attached to a CPU
437 */
438 static bool gdb_attached(void)
439 {
440 return gdbserver_state.init && gdbserver_state.c_cpu;
441 }
442
443 static enum {
444 GDB_SYS_UNKNOWN,
445 GDB_SYS_ENABLED,
446 GDB_SYS_DISABLED,
447 } gdb_syscall_mode;
448
449 /* Decide if either remote gdb syscalls or native file IO should be used. */
450 int use_gdb_syscalls(void)
451 {
452 SemihostingTarget target = semihosting_get_target();
453 if (target == SEMIHOSTING_TARGET_NATIVE) {
454 /* -semihosting-config target=native */
455 return false;
456 } else if (target == SEMIHOSTING_TARGET_GDB) {
457 /* -semihosting-config target=gdb */
458 return true;
459 }
460
461 /* -semihosting-config target=auto */
462 /* On the first call check if gdb is connected and remember. */
463 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
464 gdb_syscall_mode = gdb_attached() ? GDB_SYS_ENABLED : GDB_SYS_DISABLED;
465 }
466 return gdb_syscall_mode == GDB_SYS_ENABLED;
467 }
468
469 static bool stub_can_reverse(void)
470 {
471 #ifdef CONFIG_USER_ONLY
472 return false;
473 #else
474 return replay_mode == REPLAY_MODE_PLAY;
475 #endif
476 }
477
478 /* Resume execution. */
479 static inline void gdb_continue(void)
480 {
481
482 #ifdef CONFIG_USER_ONLY
483 gdbserver_state.running_state = 1;
484 trace_gdbstub_op_continue();
485 #else
486 if (!runstate_needs_reset()) {
487 trace_gdbstub_op_continue();
488 vm_start();
489 }
490 #endif
491 }
492
493 /*
494 * Resume execution, per CPU actions. For user-mode emulation it's
495 * equivalent to gdb_continue.
496 */
497 static int gdb_continue_partial(char *newstates)
498 {
499 CPUState *cpu;
500 int res = 0;
501 #ifdef CONFIG_USER_ONLY
502 /*
503 * This is not exactly accurate, but it's an improvement compared to the
504 * previous situation, where only one CPU would be single-stepped.
505 */
506 CPU_FOREACH(cpu) {
507 if (newstates[cpu->cpu_index] == 's') {
508 trace_gdbstub_op_stepping(cpu->cpu_index);
509 cpu_single_step(cpu, gdbserver_state.sstep_flags);
510 }
511 }
512 gdbserver_state.running_state = 1;
513 #else
514 int flag = 0;
515
516 if (!runstate_needs_reset()) {
517 bool step_requested = false;
518 CPU_FOREACH(cpu) {
519 if (newstates[cpu->cpu_index] == 's') {
520 step_requested = true;
521 break;
522 }
523 }
524
525 if (vm_prepare_start(step_requested)) {
526 return 0;
527 }
528
529 CPU_FOREACH(cpu) {
530 switch (newstates[cpu->cpu_index]) {
531 case 0:
532 case 1:
533 break; /* nothing to do here */
534 case 's':
535 trace_gdbstub_op_stepping(cpu->cpu_index);
536 cpu_single_step(cpu, gdbserver_state.sstep_flags);
537 cpu_resume(cpu);
538 flag = 1;
539 break;
540 case 'c':
541 trace_gdbstub_op_continue_cpu(cpu->cpu_index);
542 cpu_resume(cpu);
543 flag = 1;
544 break;
545 default:
546 res = -1;
547 break;
548 }
549 }
550 }
551 if (flag) {
552 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true);
553 }
554 #endif
555 return res;
556 }
557
558 static void put_buffer(const uint8_t *buf, int len)
559 {
560 #ifdef CONFIG_USER_ONLY
561 int ret;
562
563 while (len > 0) {
564 ret = send(gdbserver_state.fd, buf, len, 0);
565 if (ret < 0) {
566 if (errno != EINTR)
567 return;
568 } else {
569 buf += ret;
570 len -= ret;
571 }
572 }
573 #else
574 /* XXX this blocks entire thread. Rewrite to use
575 * qemu_chr_fe_write and background I/O callbacks */
576 qemu_chr_fe_write_all(&gdbserver_state.chr, buf, len);
577 #endif
578 }
579
580 static inline int fromhex(int v)
581 {
582 if (v >= '0' && v <= '9')
583 return v - '0';
584 else if (v >= 'A' && v <= 'F')
585 return v - 'A' + 10;
586 else if (v >= 'a' && v <= 'f')
587 return v - 'a' + 10;
588 else
589 return 0;
590 }
591
592 static inline int tohex(int v)
593 {
594 if (v < 10)
595 return v + '0';
596 else
597 return v - 10 + 'a';
598 }
599
600 /* writes 2*len+1 bytes in buf */
601 static void memtohex(GString *buf, const uint8_t *mem, int len)
602 {
603 int i, c;
604 for(i = 0; i < len; i++) {
605 c = mem[i];
606 g_string_append_c(buf, tohex(c >> 4));
607 g_string_append_c(buf, tohex(c & 0xf));
608 }
609 g_string_append_c(buf, '\0');
610 }
611
612 static void hextomem(GByteArray *mem, const char *buf, int len)
613 {
614 int i;
615
616 for(i = 0; i < len; i++) {
617 guint8 byte = fromhex(buf[0]) << 4 | fromhex(buf[1]);
618 g_byte_array_append(mem, &byte, 1);
619 buf += 2;
620 }
621 }
622
623 static void hexdump(const char *buf, int len,
624 void (*trace_fn)(size_t ofs, char const *text))
625 {
626 char line_buffer[3 * 16 + 4 + 16 + 1];
627
628 size_t i;
629 for (i = 0; i < len || (i & 0xF); ++i) {
630 size_t byte_ofs = i & 15;
631
632 if (byte_ofs == 0) {
633 memset(line_buffer, ' ', 3 * 16 + 4 + 16);
634 line_buffer[3 * 16 + 4 + 16] = 0;
635 }
636
637 size_t col_group = (i >> 2) & 3;
638 size_t hex_col = byte_ofs * 3 + col_group;
639 size_t txt_col = 3 * 16 + 4 + byte_ofs;
640
641 if (i < len) {
642 char value = buf[i];
643
644 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF);
645 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF);
646 line_buffer[txt_col + 0] = (value >= ' ' && value < 127)
647 ? value
648 : '.';
649 }
650
651 if (byte_ofs == 0xF)
652 trace_fn(i & -16, line_buffer);
653 }
654 }
655
656 /* return -1 if error, 0 if OK */
657 static int put_packet_binary(const char *buf, int len, bool dump)
658 {
659 int csum, i;
660 uint8_t footer[3];
661
662 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) {
663 hexdump(buf, len, trace_gdbstub_io_binaryreply);
664 }
665
666 for(;;) {
667 g_byte_array_set_size(gdbserver_state.last_packet, 0);
668 g_byte_array_append(gdbserver_state.last_packet,
669 (const uint8_t *) "$", 1);
670 g_byte_array_append(gdbserver_state.last_packet,
671 (const uint8_t *) buf, len);
672 csum = 0;
673 for(i = 0; i < len; i++) {
674 csum += buf[i];
675 }
676 footer[0] = '#';
677 footer[1] = tohex((csum >> 4) & 0xf);
678 footer[2] = tohex((csum) & 0xf);
679 g_byte_array_append(gdbserver_state.last_packet, footer, 3);
680
681 put_buffer(gdbserver_state.last_packet->data,
682 gdbserver_state.last_packet->len);
683
684 #ifdef CONFIG_USER_ONLY
685 i = get_char();
686 if (i < 0)
687 return -1;
688 if (i == '+')
689 break;
690 #else
691 break;
692 #endif
693 }
694 return 0;
695 }
696
697 /* return -1 if error, 0 if OK */
698 static int put_packet(const char *buf)
699 {
700 trace_gdbstub_io_reply(buf);
701
702 return put_packet_binary(buf, strlen(buf), false);
703 }
704
705 static void put_strbuf(void)
706 {
707 put_packet(gdbserver_state.str_buf->str);
708 }
709
710 /* Encode data using the encoding for 'x' packets. */
711 static void memtox(GString *buf, const char *mem, int len)
712 {
713 char c;
714
715 while (len--) {
716 c = *(mem++);
717 switch (c) {
718 case '#': case '$': case '*': case '}':
719 g_string_append_c(buf, '}');
720 g_string_append_c(buf, c ^ 0x20);
721 break;
722 default:
723 g_string_append_c(buf, c);
724 break;
725 }
726 }
727 }
728
729 static uint32_t gdb_get_cpu_pid(CPUState *cpu)
730 {
731 /* TODO: In user mode, we should use the task state PID */
732 if (cpu->cluster_index == UNASSIGNED_CLUSTER_INDEX) {
733 /* Return the default process' PID */
734 int index = gdbserver_state.process_num - 1;
735 return gdbserver_state.processes[index].pid;
736 }
737 return cpu->cluster_index + 1;
738 }
739
740 static GDBProcess *gdb_get_process(uint32_t pid)
741 {
742 int i;
743
744 if (!pid) {
745 /* 0 means any process, we take the first one */
746 return &gdbserver_state.processes[0];
747 }
748
749 for (i = 0; i < gdbserver_state.process_num; i++) {
750 if (gdbserver_state.processes[i].pid == pid) {
751 return &gdbserver_state.processes[i];
752 }
753 }
754
755 return NULL;
756 }
757
758 static GDBProcess *gdb_get_cpu_process(CPUState *cpu)
759 {
760 return gdb_get_process(gdb_get_cpu_pid(cpu));
761 }
762
763 static CPUState *find_cpu(uint32_t thread_id)
764 {
765 CPUState *cpu;
766
767 CPU_FOREACH(cpu) {
768 if (cpu_gdb_index(cpu) == thread_id) {
769 return cpu;
770 }
771 }
772
773 return NULL;
774 }
775
776 static CPUState *get_first_cpu_in_process(GDBProcess *process)
777 {
778 CPUState *cpu;
779
780 CPU_FOREACH(cpu) {
781 if (gdb_get_cpu_pid(cpu) == process->pid) {
782 return cpu;
783 }
784 }
785
786 return NULL;
787 }
788
789 static CPUState *gdb_next_cpu_in_process(CPUState *cpu)
790 {
791 uint32_t pid = gdb_get_cpu_pid(cpu);
792 cpu = CPU_NEXT(cpu);
793
794 while (cpu) {
795 if (gdb_get_cpu_pid(cpu) == pid) {
796 break;
797 }
798
799 cpu = CPU_NEXT(cpu);
800 }
801
802 return cpu;
803 }
804
805 /* Return the cpu following @cpu, while ignoring unattached processes. */
806 static CPUState *gdb_next_attached_cpu(CPUState *cpu)
807 {
808 cpu = CPU_NEXT(cpu);
809
810 while (cpu) {
811 if (gdb_get_cpu_process(cpu)->attached) {
812 break;
813 }
814
815 cpu = CPU_NEXT(cpu);
816 }
817
818 return cpu;
819 }
820
821 /* Return the first attached cpu */
822 static CPUState *gdb_first_attached_cpu(void)
823 {
824 CPUState *cpu = first_cpu;
825 GDBProcess *process = gdb_get_cpu_process(cpu);
826
827 if (!process->attached) {
828 return gdb_next_attached_cpu(cpu);
829 }
830
831 return cpu;
832 }
833
834 static CPUState *gdb_get_cpu(uint32_t pid, uint32_t tid)
835 {
836 GDBProcess *process;
837 CPUState *cpu;
838
839 if (!pid && !tid) {
840 /* 0 means any process/thread, we take the first attached one */
841 return gdb_first_attached_cpu();
842 } else if (pid && !tid) {
843 /* any thread in a specific process */
844 process = gdb_get_process(pid);
845
846 if (process == NULL) {
847 return NULL;
848 }
849
850 if (!process->attached) {
851 return NULL;
852 }
853
854 return get_first_cpu_in_process(process);
855 } else {
856 /* a specific thread */
857 cpu = find_cpu(tid);
858
859 if (cpu == NULL) {
860 return NULL;
861 }
862
863 process = gdb_get_cpu_process(cpu);
864
865 if (pid && process->pid != pid) {
866 return NULL;
867 }
868
869 if (!process->attached) {
870 return NULL;
871 }
872
873 return cpu;
874 }
875 }
876
877 static const char *get_feature_xml(const char *p, const char **newp,
878 GDBProcess *process)
879 {
880 size_t len;
881 int i;
882 const char *name;
883 CPUState *cpu = get_first_cpu_in_process(process);
884 CPUClass *cc = CPU_GET_CLASS(cpu);
885
886 len = 0;
887 while (p[len] && p[len] != ':')
888 len++;
889 *newp = p + len;
890
891 name = NULL;
892 if (strncmp(p, "target.xml", len) == 0) {
893 char *buf = process->target_xml;
894 const size_t buf_sz = sizeof(process->target_xml);
895
896 /* Generate the XML description for this CPU. */
897 if (!buf[0]) {
898 GDBRegisterState *r;
899
900 pstrcat(buf, buf_sz,
901 "<?xml version=\"1.0\"?>"
902 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
903 "<target>");
904 if (cc->gdb_arch_name) {
905 gchar *arch = cc->gdb_arch_name(cpu);
906 pstrcat(buf, buf_sz, "<architecture>");
907 pstrcat(buf, buf_sz, arch);
908 pstrcat(buf, buf_sz, "</architecture>");
909 g_free(arch);
910 }
911 pstrcat(buf, buf_sz, "<xi:include href=\"");
912 pstrcat(buf, buf_sz, cc->gdb_core_xml_file);
913 pstrcat(buf, buf_sz, "\"/>");
914 for (r = cpu->gdb_regs; r; r = r->next) {
915 pstrcat(buf, buf_sz, "<xi:include href=\"");
916 pstrcat(buf, buf_sz, r->xml);
917 pstrcat(buf, buf_sz, "\"/>");
918 }
919 pstrcat(buf, buf_sz, "</target>");
920 }
921 return buf;
922 }
923 if (cc->gdb_get_dynamic_xml) {
924 char *xmlname = g_strndup(p, len);
925 const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname);
926
927 g_free(xmlname);
928 if (xml) {
929 return xml;
930 }
931 }
932 for (i = 0; ; i++) {
933 name = xml_builtin[i][0];
934 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
935 break;
936 }
937 return name ? xml_builtin[i][1] : NULL;
938 }
939
940 static int gdb_read_register(CPUState *cpu, GByteArray *buf, int reg)
941 {
942 CPUClass *cc = CPU_GET_CLASS(cpu);
943 CPUArchState *env = cpu->env_ptr;
944 GDBRegisterState *r;
945
946 if (reg < cc->gdb_num_core_regs) {
947 return cc->gdb_read_register(cpu, buf, reg);
948 }
949
950 for (r = cpu->gdb_regs; r; r = r->next) {
951 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
952 return r->get_reg(env, buf, reg - r->base_reg);
953 }
954 }
955 return 0;
956 }
957
958 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
959 {
960 CPUClass *cc = CPU_GET_CLASS(cpu);
961 CPUArchState *env = cpu->env_ptr;
962 GDBRegisterState *r;
963
964 if (reg < cc->gdb_num_core_regs) {
965 return cc->gdb_write_register(cpu, mem_buf, reg);
966 }
967
968 for (r = cpu->gdb_regs; r; r = r->next) {
969 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
970 return r->set_reg(env, mem_buf, reg - r->base_reg);
971 }
972 }
973 return 0;
974 }
975
976 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
977 specifies the first register number and these registers are included in
978 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
979 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
980 */
981
982 void gdb_register_coprocessor(CPUState *cpu,
983 gdb_get_reg_cb get_reg, gdb_set_reg_cb set_reg,
984 int num_regs, const char *xml, int g_pos)
985 {
986 GDBRegisterState *s;
987 GDBRegisterState **p;
988
989 p = &cpu->gdb_regs;
990 while (*p) {
991 /* Check for duplicates. */
992 if (strcmp((*p)->xml, xml) == 0)
993 return;
994 p = &(*p)->next;
995 }
996
997 s = g_new0(GDBRegisterState, 1);
998 s->base_reg = cpu->gdb_num_regs;
999 s->num_regs = num_regs;
1000 s->get_reg = get_reg;
1001 s->set_reg = set_reg;
1002 s->xml = xml;
1003
1004 /* Add to end of list. */
1005 cpu->gdb_num_regs += num_regs;
1006 *p = s;
1007 if (g_pos) {
1008 if (g_pos != s->base_reg) {
1009 error_report("Error: Bad gdb register numbering for '%s', "
1010 "expected %d got %d", xml, g_pos, s->base_reg);
1011 } else {
1012 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
1013 }
1014 }
1015 }
1016
1017 static void gdb_process_breakpoint_remove_all(GDBProcess *p)
1018 {
1019 CPUState *cpu = get_first_cpu_in_process(p);
1020
1021 while (cpu) {
1022 gdb_breakpoint_remove_all(cpu);
1023 cpu = gdb_next_cpu_in_process(cpu);
1024 }
1025 }
1026
1027
1028 static void gdb_set_cpu_pc(target_ulong pc)
1029 {
1030 CPUState *cpu = gdbserver_state.c_cpu;
1031
1032 cpu_synchronize_state(cpu);
1033 cpu_set_pc(cpu, pc);
1034 }
1035
1036 static void gdb_append_thread_id(CPUState *cpu, GString *buf)
1037 {
1038 if (gdbserver_state.multiprocess) {
1039 g_string_append_printf(buf, "p%02x.%02x",
1040 gdb_get_cpu_pid(cpu), cpu_gdb_index(cpu));
1041 } else {
1042 g_string_append_printf(buf, "%02x", cpu_gdb_index(cpu));
1043 }
1044 }
1045
1046 typedef enum GDBThreadIdKind {
1047 GDB_ONE_THREAD = 0,
1048 GDB_ALL_THREADS, /* One process, all threads */
1049 GDB_ALL_PROCESSES,
1050 GDB_READ_THREAD_ERR
1051 } GDBThreadIdKind;
1052
1053 static GDBThreadIdKind read_thread_id(const char *buf, const char **end_buf,
1054 uint32_t *pid, uint32_t *tid)
1055 {
1056 unsigned long p, t;
1057 int ret;
1058
1059 if (*buf == 'p') {
1060 buf++;
1061 ret = qemu_strtoul(buf, &buf, 16, &p);
1062
1063 if (ret) {
1064 return GDB_READ_THREAD_ERR;
1065 }
1066
1067 /* Skip '.' */
1068 buf++;
1069 } else {
1070 p = 1;
1071 }
1072
1073 ret = qemu_strtoul(buf, &buf, 16, &t);
1074
1075 if (ret) {
1076 return GDB_READ_THREAD_ERR;
1077 }
1078
1079 *end_buf = buf;
1080
1081 if (p == -1) {
1082 return GDB_ALL_PROCESSES;
1083 }
1084
1085 if (pid) {
1086 *pid = p;
1087 }
1088
1089 if (t == -1) {
1090 return GDB_ALL_THREADS;
1091 }
1092
1093 if (tid) {
1094 *tid = t;
1095 }
1096
1097 return GDB_ONE_THREAD;
1098 }
1099
1100 /**
1101 * gdb_handle_vcont - Parses and handles a vCont packet.
1102 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
1103 * a format error, 0 on success.
1104 */
1105 static int gdb_handle_vcont(const char *p)
1106 {
1107 int res, signal = 0;
1108 char cur_action;
1109 char *newstates;
1110 unsigned long tmp;
1111 uint32_t pid, tid;
1112 GDBProcess *process;
1113 CPUState *cpu;
1114 GDBThreadIdKind kind;
1115 #ifdef CONFIG_USER_ONLY
1116 int max_cpus = 1; /* global variable max_cpus exists only in system mode */
1117
1118 CPU_FOREACH(cpu) {
1119 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus;
1120 }
1121 #else
1122 MachineState *ms = MACHINE(qdev_get_machine());
1123 unsigned int max_cpus = ms->smp.max_cpus;
1124 #endif
1125 /* uninitialised CPUs stay 0 */
1126 newstates = g_new0(char, max_cpus);
1127
1128 /* mark valid CPUs with 1 */
1129 CPU_FOREACH(cpu) {
1130 newstates[cpu->cpu_index] = 1;
1131 }
1132
1133 /*
1134 * res keeps track of what error we are returning, with -ENOTSUP meaning
1135 * that the command is unknown or unsupported, thus returning an empty
1136 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
1137 * or incorrect parameters passed.
1138 */
1139 res = 0;
1140 while (*p) {
1141 if (*p++ != ';') {
1142 res = -ENOTSUP;
1143 goto out;
1144 }
1145
1146 cur_action = *p++;
1147 if (cur_action == 'C' || cur_action == 'S') {
1148 cur_action = qemu_tolower(cur_action);
1149 res = qemu_strtoul(p, &p, 16, &tmp);
1150 if (res) {
1151 goto out;
1152 }
1153 signal = gdb_signal_to_target(tmp);
1154 } else if (cur_action != 'c' && cur_action != 's') {
1155 /* unknown/invalid/unsupported command */
1156 res = -ENOTSUP;
1157 goto out;
1158 }
1159
1160 if (*p == '\0' || *p == ';') {
1161 /*
1162 * No thread specifier, action is on "all threads". The
1163 * specification is unclear regarding the process to act on. We
1164 * choose all processes.
1165 */
1166 kind = GDB_ALL_PROCESSES;
1167 } else if (*p++ == ':') {
1168 kind = read_thread_id(p, &p, &pid, &tid);
1169 } else {
1170 res = -ENOTSUP;
1171 goto out;
1172 }
1173
1174 switch (kind) {
1175 case GDB_READ_THREAD_ERR:
1176 res = -EINVAL;
1177 goto out;
1178
1179 case GDB_ALL_PROCESSES:
1180 cpu = gdb_first_attached_cpu();
1181 while (cpu) {
1182 if (newstates[cpu->cpu_index] == 1) {
1183 newstates[cpu->cpu_index] = cur_action;
1184 }
1185
1186 cpu = gdb_next_attached_cpu(cpu);
1187 }
1188 break;
1189
1190 case GDB_ALL_THREADS:
1191 process = gdb_get_process(pid);
1192
1193 if (!process->attached) {
1194 res = -EINVAL;
1195 goto out;
1196 }
1197
1198 cpu = get_first_cpu_in_process(process);
1199 while (cpu) {
1200 if (newstates[cpu->cpu_index] == 1) {
1201 newstates[cpu->cpu_index] = cur_action;
1202 }
1203
1204 cpu = gdb_next_cpu_in_process(cpu);
1205 }
1206 break;
1207
1208 case GDB_ONE_THREAD:
1209 cpu = gdb_get_cpu(pid, tid);
1210
1211 /* invalid CPU/thread specified */
1212 if (!cpu) {
1213 res = -EINVAL;
1214 goto out;
1215 }
1216
1217 /* only use if no previous match occourred */
1218 if (newstates[cpu->cpu_index] == 1) {
1219 newstates[cpu->cpu_index] = cur_action;
1220 }
1221 break;
1222 }
1223 }
1224 gdbserver_state.signal = signal;
1225 gdb_continue_partial(newstates);
1226
1227 out:
1228 g_free(newstates);
1229
1230 return res;
1231 }
1232
1233 typedef union GdbCmdVariant {
1234 const char *data;
1235 uint8_t opcode;
1236 unsigned long val_ul;
1237 unsigned long long val_ull;
1238 struct {
1239 GDBThreadIdKind kind;
1240 uint32_t pid;
1241 uint32_t tid;
1242 } thread_id;
1243 } GdbCmdVariant;
1244
1245 #define get_param(p, i) (&g_array_index(p, GdbCmdVariant, i))
1246
1247 static const char *cmd_next_param(const char *param, const char delimiter)
1248 {
1249 static const char all_delimiters[] = ",;:=";
1250 char curr_delimiters[2] = {0};
1251 const char *delimiters;
1252
1253 if (delimiter == '?') {
1254 delimiters = all_delimiters;
1255 } else if (delimiter == '0') {
1256 return strchr(param, '\0');
1257 } else if (delimiter == '.' && *param) {
1258 return param + 1;
1259 } else {
1260 curr_delimiters[0] = delimiter;
1261 delimiters = curr_delimiters;
1262 }
1263
1264 param += strcspn(param, delimiters);
1265 if (*param) {
1266 param++;
1267 }
1268 return param;
1269 }
1270
1271 static int cmd_parse_params(const char *data, const char *schema,
1272 GArray *params)
1273 {
1274 const char *curr_schema, *curr_data;
1275
1276 g_assert(schema);
1277 g_assert(params->len == 0);
1278
1279 curr_schema = schema;
1280 curr_data = data;
1281 while (curr_schema[0] && curr_schema[1] && *curr_data) {
1282 GdbCmdVariant this_param;
1283
1284 switch (curr_schema[0]) {
1285 case 'l':
1286 if (qemu_strtoul(curr_data, &curr_data, 16,
1287 &this_param.val_ul)) {
1288 return -EINVAL;
1289 }
1290 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1291 g_array_append_val(params, this_param);
1292 break;
1293 case 'L':
1294 if (qemu_strtou64(curr_data, &curr_data, 16,
1295 (uint64_t *)&this_param.val_ull)) {
1296 return -EINVAL;
1297 }
1298 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1299 g_array_append_val(params, this_param);
1300 break;
1301 case 's':
1302 this_param.data = curr_data;
1303 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1304 g_array_append_val(params, this_param);
1305 break;
1306 case 'o':
1307 this_param.opcode = *(uint8_t *)curr_data;
1308 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1309 g_array_append_val(params, this_param);
1310 break;
1311 case 't':
1312 this_param.thread_id.kind =
1313 read_thread_id(curr_data, &curr_data,
1314 &this_param.thread_id.pid,
1315 &this_param.thread_id.tid);
1316 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1317 g_array_append_val(params, this_param);
1318 break;
1319 case '?':
1320 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1321 break;
1322 default:
1323 return -EINVAL;
1324 }
1325 curr_schema += 2;
1326 }
1327
1328 return 0;
1329 }
1330
1331 typedef void (*GdbCmdHandler)(GArray *params, void *user_ctx);
1332
1333 /*
1334 * cmd_startswith -> cmd is compared using startswith
1335 *
1336 *
1337 * schema definitions:
1338 * Each schema parameter entry consists of 2 chars,
1339 * the first char represents the parameter type handling
1340 * the second char represents the delimiter for the next parameter
1341 *
1342 * Currently supported schema types:
1343 * 'l' -> unsigned long (stored in .val_ul)
1344 * 'L' -> unsigned long long (stored in .val_ull)
1345 * 's' -> string (stored in .data)
1346 * 'o' -> single char (stored in .opcode)
1347 * 't' -> thread id (stored in .thread_id)
1348 * '?' -> skip according to delimiter
1349 *
1350 * Currently supported delimiters:
1351 * '?' -> Stop at any delimiter (",;:=\0")
1352 * '0' -> Stop at "\0"
1353 * '.' -> Skip 1 char unless reached "\0"
1354 * Any other value is treated as the delimiter value itself
1355 */
1356 typedef struct GdbCmdParseEntry {
1357 GdbCmdHandler handler;
1358 const char *cmd;
1359 bool cmd_startswith;
1360 const char *schema;
1361 } GdbCmdParseEntry;
1362
1363 static inline int startswith(const char *string, const char *pattern)
1364 {
1365 return !strncmp(string, pattern, strlen(pattern));
1366 }
1367
1368 static int process_string_cmd(void *user_ctx, const char *data,
1369 const GdbCmdParseEntry *cmds, int num_cmds)
1370 {
1371 int i;
1372 g_autoptr(GArray) params = g_array_new(false, true, sizeof(GdbCmdVariant));
1373
1374 if (!cmds) {
1375 return -1;
1376 }
1377
1378 for (i = 0; i < num_cmds; i++) {
1379 const GdbCmdParseEntry *cmd = &cmds[i];
1380 g_assert(cmd->handler && cmd->cmd);
1381
1382 if ((cmd->cmd_startswith && !startswith(data, cmd->cmd)) ||
1383 (!cmd->cmd_startswith && strcmp(cmd->cmd, data))) {
1384 continue;
1385 }
1386
1387 if (cmd->schema) {
1388 if (cmd_parse_params(&data[strlen(cmd->cmd)],
1389 cmd->schema, params)) {
1390 return -1;
1391 }
1392 }
1393
1394 cmd->handler(params, user_ctx);
1395 return 0;
1396 }
1397
1398 return -1;
1399 }
1400
1401 static void run_cmd_parser(const char *data, const GdbCmdParseEntry *cmd)
1402 {
1403 if (!data) {
1404 return;
1405 }
1406
1407 g_string_set_size(gdbserver_state.str_buf, 0);
1408 g_byte_array_set_size(gdbserver_state.mem_buf, 0);
1409
1410 /* In case there was an error during the command parsing we must
1411 * send a NULL packet to indicate the command is not supported */
1412 if (process_string_cmd(NULL, data, cmd, 1)) {
1413 put_packet("");
1414 }
1415 }
1416
1417 static void handle_detach(GArray *params, void *user_ctx)
1418 {
1419 GDBProcess *process;
1420 uint32_t pid = 1;
1421
1422 if (gdbserver_state.multiprocess) {
1423 if (!params->len) {
1424 put_packet("E22");
1425 return;
1426 }
1427
1428 pid = get_param(params, 0)->val_ul;
1429 }
1430
1431 process = gdb_get_process(pid);
1432 gdb_process_breakpoint_remove_all(process);
1433 process->attached = false;
1434
1435 if (pid == gdb_get_cpu_pid(gdbserver_state.c_cpu)) {
1436 gdbserver_state.c_cpu = gdb_first_attached_cpu();
1437 }
1438
1439 if (pid == gdb_get_cpu_pid(gdbserver_state.g_cpu)) {
1440 gdbserver_state.g_cpu = gdb_first_attached_cpu();
1441 }
1442
1443 if (!gdbserver_state.c_cpu) {
1444 /* No more process attached */
1445 gdb_syscall_mode = GDB_SYS_DISABLED;
1446 gdb_continue();
1447 }
1448 put_packet("OK");
1449 }
1450
1451 static void handle_thread_alive(GArray *params, void *user_ctx)
1452 {
1453 CPUState *cpu;
1454
1455 if (!params->len) {
1456 put_packet("E22");
1457 return;
1458 }
1459
1460 if (get_param(params, 0)->thread_id.kind == GDB_READ_THREAD_ERR) {
1461 put_packet("E22");
1462 return;
1463 }
1464
1465 cpu = gdb_get_cpu(get_param(params, 0)->thread_id.pid,
1466 get_param(params, 0)->thread_id.tid);
1467 if (!cpu) {
1468 put_packet("E22");
1469 return;
1470 }
1471
1472 put_packet("OK");
1473 }
1474
1475 static void handle_continue(GArray *params, void *user_ctx)
1476 {
1477 if (params->len) {
1478 gdb_set_cpu_pc(get_param(params, 0)->val_ull);
1479 }
1480
1481 gdbserver_state.signal = 0;
1482 gdb_continue();
1483 }
1484
1485 static void handle_cont_with_sig(GArray *params, void *user_ctx)
1486 {
1487 unsigned long signal = 0;
1488
1489 /*
1490 * Note: C sig;[addr] is currently unsupported and we simply
1491 * omit the addr parameter
1492 */
1493 if (params->len) {
1494 signal = get_param(params, 0)->val_ul;
1495 }
1496
1497 gdbserver_state.signal = gdb_signal_to_target(signal);
1498 if (gdbserver_state.signal == -1) {
1499 gdbserver_state.signal = 0;
1500 }
1501 gdb_continue();
1502 }
1503
1504 static void handle_set_thread(GArray *params, void *user_ctx)
1505 {
1506 CPUState *cpu;
1507
1508 if (params->len != 2) {
1509 put_packet("E22");
1510 return;
1511 }
1512
1513 if (get_param(params, 1)->thread_id.kind == GDB_READ_THREAD_ERR) {
1514 put_packet("E22");
1515 return;
1516 }
1517
1518 if (get_param(params, 1)->thread_id.kind != GDB_ONE_THREAD) {
1519 put_packet("OK");
1520 return;
1521 }
1522
1523 cpu = gdb_get_cpu(get_param(params, 1)->thread_id.pid,
1524 get_param(params, 1)->thread_id.tid);
1525 if (!cpu) {
1526 put_packet("E22");
1527 return;
1528 }
1529
1530 /*
1531 * Note: This command is deprecated and modern gdb's will be using the
1532 * vCont command instead.
1533 */
1534 switch (get_param(params, 0)->opcode) {
1535 case 'c':
1536 gdbserver_state.c_cpu = cpu;
1537 put_packet("OK");
1538 break;
1539 case 'g':
1540 gdbserver_state.g_cpu = cpu;
1541 put_packet("OK");
1542 break;
1543 default:
1544 put_packet("E22");
1545 break;
1546 }
1547 }
1548
1549 static void handle_insert_bp(GArray *params, void *user_ctx)
1550 {
1551 int res;
1552
1553 if (params->len != 3) {
1554 put_packet("E22");
1555 return;
1556 }
1557
1558 res = gdb_breakpoint_insert(gdbserver_state.c_cpu,
1559 get_param(params, 0)->val_ul,
1560 get_param(params, 1)->val_ull,
1561 get_param(params, 2)->val_ull);
1562 if (res >= 0) {
1563 put_packet("OK");
1564 return;
1565 } else if (res == -ENOSYS) {
1566 put_packet("");
1567 return;
1568 }
1569
1570 put_packet("E22");
1571 }
1572
1573 static void handle_remove_bp(GArray *params, void *user_ctx)
1574 {
1575 int res;
1576
1577 if (params->len != 3) {
1578 put_packet("E22");
1579 return;
1580 }
1581
1582 res = gdb_breakpoint_remove(gdbserver_state.c_cpu,
1583 get_param(params, 0)->val_ul,
1584 get_param(params, 1)->val_ull,
1585 get_param(params, 2)->val_ull);
1586 if (res >= 0) {
1587 put_packet("OK");
1588 return;
1589 } else if (res == -ENOSYS) {
1590 put_packet("");
1591 return;
1592 }
1593
1594 put_packet("E22");
1595 }
1596
1597 /*
1598 * handle_set/get_reg
1599 *
1600 * Older gdb are really dumb, and don't use 'G/g' if 'P/p' is available.
1601 * This works, but can be very slow. Anything new enough to understand
1602 * XML also knows how to use this properly. However to use this we
1603 * need to define a local XML file as well as be talking to a
1604 * reasonably modern gdb. Responding with an empty packet will cause
1605 * the remote gdb to fallback to older methods.
1606 */
1607
1608 static void handle_set_reg(GArray *params, void *user_ctx)
1609 {
1610 int reg_size;
1611
1612 if (!gdb_has_xml) {
1613 put_packet("");
1614 return;
1615 }
1616
1617 if (params->len != 2) {
1618 put_packet("E22");
1619 return;
1620 }
1621
1622 reg_size = strlen(get_param(params, 1)->data) / 2;
1623 hextomem(gdbserver_state.mem_buf, get_param(params, 1)->data, reg_size);
1624 gdb_write_register(gdbserver_state.g_cpu, gdbserver_state.mem_buf->data,
1625 get_param(params, 0)->val_ull);
1626 put_packet("OK");
1627 }
1628
1629 static void handle_get_reg(GArray *params, void *user_ctx)
1630 {
1631 int reg_size;
1632
1633 if (!gdb_has_xml) {
1634 put_packet("");
1635 return;
1636 }
1637
1638 if (!params->len) {
1639 put_packet("E14");
1640 return;
1641 }
1642
1643 reg_size = gdb_read_register(gdbserver_state.g_cpu,
1644 gdbserver_state.mem_buf,
1645 get_param(params, 0)->val_ull);
1646 if (!reg_size) {
1647 put_packet("E14");
1648 return;
1649 } else {
1650 g_byte_array_set_size(gdbserver_state.mem_buf, reg_size);
1651 }
1652
1653 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, reg_size);
1654 put_strbuf();
1655 }
1656
1657 static void handle_write_mem(GArray *params, void *user_ctx)
1658 {
1659 if (params->len != 3) {
1660 put_packet("E22");
1661 return;
1662 }
1663
1664 /* hextomem() reads 2*len bytes */
1665 if (get_param(params, 1)->val_ull >
1666 strlen(get_param(params, 2)->data) / 2) {
1667 put_packet("E22");
1668 return;
1669 }
1670
1671 hextomem(gdbserver_state.mem_buf, get_param(params, 2)->data,
1672 get_param(params, 1)->val_ull);
1673 if (target_memory_rw_debug(gdbserver_state.g_cpu,
1674 get_param(params, 0)->val_ull,
1675 gdbserver_state.mem_buf->data,
1676 gdbserver_state.mem_buf->len, true)) {
1677 put_packet("E14");
1678 return;
1679 }
1680
1681 put_packet("OK");
1682 }
1683
1684 static void handle_read_mem(GArray *params, void *user_ctx)
1685 {
1686 if (params->len != 2) {
1687 put_packet("E22");
1688 return;
1689 }
1690
1691 /* memtohex() doubles the required space */
1692 if (get_param(params, 1)->val_ull > MAX_PACKET_LENGTH / 2) {
1693 put_packet("E22");
1694 return;
1695 }
1696
1697 g_byte_array_set_size(gdbserver_state.mem_buf,
1698 get_param(params, 1)->val_ull);
1699
1700 if (target_memory_rw_debug(gdbserver_state.g_cpu,
1701 get_param(params, 0)->val_ull,
1702 gdbserver_state.mem_buf->data,
1703 gdbserver_state.mem_buf->len, false)) {
1704 put_packet("E14");
1705 return;
1706 }
1707
1708 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data,
1709 gdbserver_state.mem_buf->len);
1710 put_strbuf();
1711 }
1712
1713 static void handle_write_all_regs(GArray *params, void *user_ctx)
1714 {
1715 target_ulong addr, len;
1716 uint8_t *registers;
1717 int reg_size;
1718
1719 if (!params->len) {
1720 return;
1721 }
1722
1723 cpu_synchronize_state(gdbserver_state.g_cpu);
1724 len = strlen(get_param(params, 0)->data) / 2;
1725 hextomem(gdbserver_state.mem_buf, get_param(params, 0)->data, len);
1726 registers = gdbserver_state.mem_buf->data;
1727 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs && len > 0;
1728 addr++) {
1729 reg_size = gdb_write_register(gdbserver_state.g_cpu, registers, addr);
1730 len -= reg_size;
1731 registers += reg_size;
1732 }
1733 put_packet("OK");
1734 }
1735
1736 static void handle_read_all_regs(GArray *params, void *user_ctx)
1737 {
1738 target_ulong addr, len;
1739
1740 cpu_synchronize_state(gdbserver_state.g_cpu);
1741 g_byte_array_set_size(gdbserver_state.mem_buf, 0);
1742 len = 0;
1743 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs; addr++) {
1744 len += gdb_read_register(gdbserver_state.g_cpu,
1745 gdbserver_state.mem_buf,
1746 addr);
1747 }
1748 g_assert(len == gdbserver_state.mem_buf->len);
1749
1750 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, len);
1751 put_strbuf();
1752 }
1753
1754 static void handle_file_io(GArray *params, void *user_ctx)
1755 {
1756 if (params->len >= 1 && gdbserver_state.current_syscall_cb) {
1757 uint64_t ret;
1758 int err;
1759
1760 ret = get_param(params, 0)->val_ull;
1761 if (params->len >= 2) {
1762 err = get_param(params, 1)->val_ull;
1763 } else {
1764 err = 0;
1765 }
1766
1767 /* Convert GDB error numbers back to host error numbers. */
1768 #define E(X) case GDB_E##X: err = E##X; break
1769 switch (err) {
1770 case 0:
1771 break;
1772 E(PERM);
1773 E(NOENT);
1774 E(INTR);
1775 E(BADF);
1776 E(ACCES);
1777 E(FAULT);
1778 E(BUSY);
1779 E(EXIST);
1780 E(NODEV);
1781 E(NOTDIR);
1782 E(ISDIR);
1783 E(INVAL);
1784 E(NFILE);
1785 E(MFILE);
1786 E(FBIG);
1787 E(NOSPC);
1788 E(SPIPE);
1789 E(ROFS);
1790 E(NAMETOOLONG);
1791 default:
1792 err = EINVAL;
1793 break;
1794 }
1795 #undef E
1796
1797 gdbserver_state.current_syscall_cb(gdbserver_state.c_cpu, ret, err);
1798 gdbserver_state.current_syscall_cb = NULL;
1799 }
1800
1801 if (params->len >= 3 && get_param(params, 2)->opcode == (uint8_t)'C') {
1802 put_packet("T02");
1803 return;
1804 }
1805
1806 gdb_continue();
1807 }
1808
1809 static void handle_step(GArray *params, void *user_ctx)
1810 {
1811 if (params->len) {
1812 gdb_set_cpu_pc((target_ulong)get_param(params, 0)->val_ull);
1813 }
1814
1815 cpu_single_step(gdbserver_state.c_cpu, gdbserver_state.sstep_flags);
1816 gdb_continue();
1817 }
1818
1819 static void handle_backward(GArray *params, void *user_ctx)
1820 {
1821 if (!stub_can_reverse()) {
1822 put_packet("E22");
1823 }
1824 if (params->len == 1) {
1825 switch (get_param(params, 0)->opcode) {
1826 case 's':
1827 if (replay_reverse_step()) {
1828 gdb_continue();
1829 } else {
1830 put_packet("E14");
1831 }
1832 return;
1833 case 'c':
1834 if (replay_reverse_continue()) {
1835 gdb_continue();
1836 } else {
1837 put_packet("E14");
1838 }
1839 return;
1840 }
1841 }
1842
1843 /* Default invalid command */
1844 put_packet("");
1845 }
1846
1847 static void handle_v_cont_query(GArray *params, void *user_ctx)
1848 {
1849 put_packet("vCont;c;C;s;S");
1850 }
1851
1852 static void handle_v_cont(GArray *params, void *user_ctx)
1853 {
1854 int res;
1855
1856 if (!params->len) {
1857 return;
1858 }
1859
1860 res = gdb_handle_vcont(get_param(params, 0)->data);
1861 if ((res == -EINVAL) || (res == -ERANGE)) {
1862 put_packet("E22");
1863 } else if (res) {
1864 put_packet("");
1865 }
1866 }
1867
1868 static void handle_v_attach(GArray *params, void *user_ctx)
1869 {
1870 GDBProcess *process;
1871 CPUState *cpu;
1872
1873 g_string_assign(gdbserver_state.str_buf, "E22");
1874 if (!params->len) {
1875 goto cleanup;
1876 }
1877
1878 process = gdb_get_process(get_param(params, 0)->val_ul);
1879 if (!process) {
1880 goto cleanup;
1881 }
1882
1883 cpu = get_first_cpu_in_process(process);
1884 if (!cpu) {
1885 goto cleanup;
1886 }
1887
1888 process->attached = true;
1889 gdbserver_state.g_cpu = cpu;
1890 gdbserver_state.c_cpu = cpu;
1891
1892 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
1893 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
1894 g_string_append_c(gdbserver_state.str_buf, ';');
1895 cleanup:
1896 put_strbuf();
1897 }
1898
1899 static void handle_v_kill(GArray *params, void *user_ctx)
1900 {
1901 /* Kill the target */
1902 put_packet("OK");
1903 error_report("QEMU: Terminated via GDBstub");
1904 gdb_exit(0);
1905 exit(0);
1906 }
1907
1908 static const GdbCmdParseEntry gdb_v_commands_table[] = {
1909 /* Order is important if has same prefix */
1910 {
1911 .handler = handle_v_cont_query,
1912 .cmd = "Cont?",
1913 .cmd_startswith = 1
1914 },
1915 {
1916 .handler = handle_v_cont,
1917 .cmd = "Cont",
1918 .cmd_startswith = 1,
1919 .schema = "s0"
1920 },
1921 {
1922 .handler = handle_v_attach,
1923 .cmd = "Attach;",
1924 .cmd_startswith = 1,
1925 .schema = "l0"
1926 },
1927 {
1928 .handler = handle_v_kill,
1929 .cmd = "Kill;",
1930 .cmd_startswith = 1
1931 },
1932 };
1933
1934 static void handle_v_commands(GArray *params, void *user_ctx)
1935 {
1936 if (!params->len) {
1937 return;
1938 }
1939
1940 if (process_string_cmd(NULL, get_param(params, 0)->data,
1941 gdb_v_commands_table,
1942 ARRAY_SIZE(gdb_v_commands_table))) {
1943 put_packet("");
1944 }
1945 }
1946
1947 static void handle_query_qemu_sstepbits(GArray *params, void *user_ctx)
1948 {
1949 g_string_printf(gdbserver_state.str_buf, "ENABLE=%x", SSTEP_ENABLE);
1950
1951 if (gdbserver_state.supported_sstep_flags & SSTEP_NOIRQ) {
1952 g_string_append_printf(gdbserver_state.str_buf, ",NOIRQ=%x",
1953 SSTEP_NOIRQ);
1954 }
1955
1956 if (gdbserver_state.supported_sstep_flags & SSTEP_NOTIMER) {
1957 g_string_append_printf(gdbserver_state.str_buf, ",NOTIMER=%x",
1958 SSTEP_NOTIMER);
1959 }
1960
1961 put_strbuf();
1962 }
1963
1964 static void handle_set_qemu_sstep(GArray *params, void *user_ctx)
1965 {
1966 int new_sstep_flags;
1967
1968 if (!params->len) {
1969 return;
1970 }
1971
1972 new_sstep_flags = get_param(params, 0)->val_ul;
1973
1974 if (new_sstep_flags & ~gdbserver_state.supported_sstep_flags) {
1975 put_packet("E22");
1976 return;
1977 }
1978
1979 gdbserver_state.sstep_flags = new_sstep_flags;
1980 put_packet("OK");
1981 }
1982
1983 static void handle_query_qemu_sstep(GArray *params, void *user_ctx)
1984 {
1985 g_string_printf(gdbserver_state.str_buf, "0x%x",
1986 gdbserver_state.sstep_flags);
1987 put_strbuf();
1988 }
1989
1990 static void handle_query_curr_tid(GArray *params, void *user_ctx)
1991 {
1992 CPUState *cpu;
1993 GDBProcess *process;
1994
1995 /*
1996 * "Current thread" remains vague in the spec, so always return
1997 * the first thread of the current process (gdb returns the
1998 * first thread).
1999 */
2000 process = gdb_get_cpu_process(gdbserver_state.g_cpu);
2001 cpu = get_first_cpu_in_process(process);
2002 g_string_assign(gdbserver_state.str_buf, "QC");
2003 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
2004 put_strbuf();
2005 }
2006
2007 static void handle_query_threads(GArray *params, void *user_ctx)
2008 {
2009 if (!gdbserver_state.query_cpu) {
2010 put_packet("l");
2011 return;
2012 }
2013
2014 g_string_assign(gdbserver_state.str_buf, "m");
2015 gdb_append_thread_id(gdbserver_state.query_cpu, gdbserver_state.str_buf);
2016 put_strbuf();
2017 gdbserver_state.query_cpu = gdb_next_attached_cpu(gdbserver_state.query_cpu);
2018 }
2019
2020 static void handle_query_first_threads(GArray *params, void *user_ctx)
2021 {
2022 gdbserver_state.query_cpu = gdb_first_attached_cpu();
2023 handle_query_threads(params, user_ctx);
2024 }
2025
2026 static void handle_query_thread_extra(GArray *params, void *user_ctx)
2027 {
2028 g_autoptr(GString) rs = g_string_new(NULL);
2029 CPUState *cpu;
2030
2031 if (!params->len ||
2032 get_param(params, 0)->thread_id.kind == GDB_READ_THREAD_ERR) {
2033 put_packet("E22");
2034 return;
2035 }
2036
2037 cpu = gdb_get_cpu(get_param(params, 0)->thread_id.pid,
2038 get_param(params, 0)->thread_id.tid);
2039 if (!cpu) {
2040 return;
2041 }
2042
2043 cpu_synchronize_state(cpu);
2044
2045 if (gdbserver_state.multiprocess && (gdbserver_state.process_num > 1)) {
2046 /* Print the CPU model and name in multiprocess mode */
2047 ObjectClass *oc = object_get_class(OBJECT(cpu));
2048 const char *cpu_model = object_class_get_name(oc);
2049 const char *cpu_name =
2050 object_get_canonical_path_component(OBJECT(cpu));
2051 g_string_printf(rs, "%s %s [%s]", cpu_model, cpu_name,
2052 cpu->halted ? "halted " : "running");
2053 } else {
2054 g_string_printf(rs, "CPU#%d [%s]", cpu->cpu_index,
2055 cpu->halted ? "halted " : "running");
2056 }
2057 trace_gdbstub_op_extra_info(rs->str);
2058 memtohex(gdbserver_state.str_buf, (uint8_t *)rs->str, rs->len);
2059 put_strbuf();
2060 }
2061
2062 #ifdef CONFIG_USER_ONLY
2063 static void handle_query_offsets(GArray *params, void *user_ctx)
2064 {
2065 TaskState *ts;
2066
2067 ts = gdbserver_state.c_cpu->opaque;
2068 g_string_printf(gdbserver_state.str_buf,
2069 "Text=" TARGET_ABI_FMT_lx
2070 ";Data=" TARGET_ABI_FMT_lx
2071 ";Bss=" TARGET_ABI_FMT_lx,
2072 ts->info->code_offset,
2073 ts->info->data_offset,
2074 ts->info->data_offset);
2075 put_strbuf();
2076 }
2077 #else
2078 static void handle_query_rcmd(GArray *params, void *user_ctx)
2079 {
2080 const guint8 zero = 0;
2081 int len;
2082
2083 if (!params->len) {
2084 put_packet("E22");
2085 return;
2086 }
2087
2088 len = strlen(get_param(params, 0)->data);
2089 if (len % 2) {
2090 put_packet("E01");
2091 return;
2092 }
2093
2094 g_assert(gdbserver_state.mem_buf->len == 0);
2095 len = len / 2;
2096 hextomem(gdbserver_state.mem_buf, get_param(params, 0)->data, len);
2097 g_byte_array_append(gdbserver_state.mem_buf, &zero, 1);
2098 qemu_chr_be_write(gdbserver_state.mon_chr, gdbserver_state.mem_buf->data,
2099 gdbserver_state.mem_buf->len);
2100 put_packet("OK");
2101 }
2102 #endif
2103
2104 static void handle_query_supported(GArray *params, void *user_ctx)
2105 {
2106 CPUClass *cc;
2107
2108 g_string_printf(gdbserver_state.str_buf, "PacketSize=%x", MAX_PACKET_LENGTH);
2109 cc = CPU_GET_CLASS(first_cpu);
2110 if (cc->gdb_core_xml_file) {
2111 g_string_append(gdbserver_state.str_buf, ";qXfer:features:read+");
2112 }
2113
2114 if (stub_can_reverse()) {
2115 g_string_append(gdbserver_state.str_buf,
2116 ";ReverseStep+;ReverseContinue+");
2117 }
2118
2119 #ifdef CONFIG_USER_ONLY
2120 if (gdbserver_state.c_cpu->opaque) {
2121 g_string_append(gdbserver_state.str_buf, ";qXfer:auxv:read+");
2122 }
2123 #endif
2124
2125 if (params->len &&
2126 strstr(get_param(params, 0)->data, "multiprocess+")) {
2127 gdbserver_state.multiprocess = true;
2128 }
2129
2130 g_string_append(gdbserver_state.str_buf, ";vContSupported+;multiprocess+");
2131 put_strbuf();
2132 }
2133
2134 static void handle_query_xfer_features(GArray *params, void *user_ctx)
2135 {
2136 GDBProcess *process;
2137 CPUClass *cc;
2138 unsigned long len, total_len, addr;
2139 const char *xml;
2140 const char *p;
2141
2142 if (params->len < 3) {
2143 put_packet("E22");
2144 return;
2145 }
2146
2147 process = gdb_get_cpu_process(gdbserver_state.g_cpu);
2148 cc = CPU_GET_CLASS(gdbserver_state.g_cpu);
2149 if (!cc->gdb_core_xml_file) {
2150 put_packet("");
2151 return;
2152 }
2153
2154 gdb_has_xml = true;
2155 p = get_param(params, 0)->data;
2156 xml = get_feature_xml(p, &p, process);
2157 if (!xml) {
2158 put_packet("E00");
2159 return;
2160 }
2161
2162 addr = get_param(params, 1)->val_ul;
2163 len = get_param(params, 2)->val_ul;
2164 total_len = strlen(xml);
2165 if (addr > total_len) {
2166 put_packet("E00");
2167 return;
2168 }
2169
2170 if (len > (MAX_PACKET_LENGTH - 5) / 2) {
2171 len = (MAX_PACKET_LENGTH - 5) / 2;
2172 }
2173
2174 if (len < total_len - addr) {
2175 g_string_assign(gdbserver_state.str_buf, "m");
2176 memtox(gdbserver_state.str_buf, xml + addr, len);
2177 } else {
2178 g_string_assign(gdbserver_state.str_buf, "l");
2179 memtox(gdbserver_state.str_buf, xml + addr, total_len - addr);
2180 }
2181
2182 put_packet_binary(gdbserver_state.str_buf->str,
2183 gdbserver_state.str_buf->len, true);
2184 }
2185
2186 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER)
2187 static void handle_query_xfer_auxv(GArray *params, void *user_ctx)
2188 {
2189 TaskState *ts;
2190 unsigned long offset, len, saved_auxv, auxv_len;
2191
2192 if (params->len < 2) {
2193 put_packet("E22");
2194 return;
2195 }
2196
2197 offset = get_param(params, 0)->val_ul;
2198 len = get_param(params, 1)->val_ul;
2199 ts = gdbserver_state.c_cpu->opaque;
2200 saved_auxv = ts->info->saved_auxv;
2201 auxv_len = ts->info->auxv_len;
2202
2203 if (offset >= auxv_len) {
2204 put_packet("E00");
2205 return;
2206 }
2207
2208 if (len > (MAX_PACKET_LENGTH - 5) / 2) {
2209 len = (MAX_PACKET_LENGTH - 5) / 2;
2210 }
2211
2212 if (len < auxv_len - offset) {
2213 g_string_assign(gdbserver_state.str_buf, "m");
2214 } else {
2215 g_string_assign(gdbserver_state.str_buf, "l");
2216 len = auxv_len - offset;
2217 }
2218
2219 g_byte_array_set_size(gdbserver_state.mem_buf, len);
2220 if (target_memory_rw_debug(gdbserver_state.g_cpu, saved_auxv + offset,
2221 gdbserver_state.mem_buf->data, len, false)) {
2222 put_packet("E14");
2223 return;
2224 }
2225
2226 memtox(gdbserver_state.str_buf,
2227 (const char *)gdbserver_state.mem_buf->data, len);
2228 put_packet_binary(gdbserver_state.str_buf->str,
2229 gdbserver_state.str_buf->len, true);
2230 }
2231 #endif
2232
2233 static void handle_query_attached(GArray *params, void *user_ctx)
2234 {
2235 put_packet(GDB_ATTACHED);
2236 }
2237
2238 static void handle_query_qemu_supported(GArray *params, void *user_ctx)
2239 {
2240 g_string_printf(gdbserver_state.str_buf, "sstepbits;sstep");
2241 #ifndef CONFIG_USER_ONLY
2242 g_string_append(gdbserver_state.str_buf, ";PhyMemMode");
2243 #endif
2244 put_strbuf();
2245 }
2246
2247 #ifndef CONFIG_USER_ONLY
2248 static void handle_query_qemu_phy_mem_mode(GArray *params,
2249 void *user_ctx)
2250 {
2251 g_string_printf(gdbserver_state.str_buf, "%d", phy_memory_mode);
2252 put_strbuf();
2253 }
2254
2255 static void handle_set_qemu_phy_mem_mode(GArray *params, void *user_ctx)
2256 {
2257 if (!params->len) {
2258 put_packet("E22");
2259 return;
2260 }
2261
2262 if (!get_param(params, 0)->val_ul) {
2263 phy_memory_mode = 0;
2264 } else {
2265 phy_memory_mode = 1;
2266 }
2267 put_packet("OK");
2268 }
2269 #endif
2270
2271 static const GdbCmdParseEntry gdb_gen_query_set_common_table[] = {
2272 /* Order is important if has same prefix */
2273 {
2274 .handler = handle_query_qemu_sstepbits,
2275 .cmd = "qemu.sstepbits",
2276 },
2277 {
2278 .handler = handle_query_qemu_sstep,
2279 .cmd = "qemu.sstep",
2280 },
2281 {
2282 .handler = handle_set_qemu_sstep,
2283 .cmd = "qemu.sstep=",
2284 .cmd_startswith = 1,
2285 .schema = "l0"
2286 },
2287 };
2288
2289 static const GdbCmdParseEntry gdb_gen_query_table[] = {
2290 {
2291 .handler = handle_query_curr_tid,
2292 .cmd = "C",
2293 },
2294 {
2295 .handler = handle_query_threads,
2296 .cmd = "sThreadInfo",
2297 },
2298 {
2299 .handler = handle_query_first_threads,
2300 .cmd = "fThreadInfo",
2301 },
2302 {
2303 .handler = handle_query_thread_extra,
2304 .cmd = "ThreadExtraInfo,",
2305 .cmd_startswith = 1,
2306 .schema = "t0"
2307 },
2308 #ifdef CONFIG_USER_ONLY
2309 {
2310 .handler = handle_query_offsets,
2311 .cmd = "Offsets",
2312 },
2313 #else
2314 {
2315 .handler = handle_query_rcmd,
2316 .cmd = "Rcmd,",
2317 .cmd_startswith = 1,
2318 .schema = "s0"
2319 },
2320 #endif
2321 {
2322 .handler = handle_query_supported,
2323 .cmd = "Supported:",
2324 .cmd_startswith = 1,
2325 .schema = "s0"
2326 },
2327 {
2328 .handler = handle_query_supported,
2329 .cmd = "Supported",
2330 .schema = "s0"
2331 },
2332 {
2333 .handler = handle_query_xfer_features,
2334 .cmd = "Xfer:features:read:",
2335 .cmd_startswith = 1,
2336 .schema = "s:l,l0"
2337 },
2338 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER)
2339 {
2340 .handler = handle_query_xfer_auxv,
2341 .cmd = "Xfer:auxv:read::",
2342 .cmd_startswith = 1,
2343 .schema = "l,l0"
2344 },
2345 #endif
2346 {
2347 .handler = handle_query_attached,
2348 .cmd = "Attached:",
2349 .cmd_startswith = 1
2350 },
2351 {
2352 .handler = handle_query_attached,
2353 .cmd = "Attached",
2354 },
2355 {
2356 .handler = handle_query_qemu_supported,
2357 .cmd = "qemu.Supported",
2358 },
2359 #ifndef CONFIG_USER_ONLY
2360 {
2361 .handler = handle_query_qemu_phy_mem_mode,
2362 .cmd = "qemu.PhyMemMode",
2363 },
2364 #endif
2365 };
2366
2367 static const GdbCmdParseEntry gdb_gen_set_table[] = {
2368 /* Order is important if has same prefix */
2369 {
2370 .handler = handle_set_qemu_sstep,
2371 .cmd = "qemu.sstep:",
2372 .cmd_startswith = 1,
2373 .schema = "l0"
2374 },
2375 #ifndef CONFIG_USER_ONLY
2376 {
2377 .handler = handle_set_qemu_phy_mem_mode,
2378 .cmd = "qemu.PhyMemMode:",
2379 .cmd_startswith = 1,
2380 .schema = "l0"
2381 },
2382 #endif
2383 };
2384
2385 static void handle_gen_query(GArray *params, void *user_ctx)
2386 {
2387 if (!params->len) {
2388 return;
2389 }
2390
2391 if (!process_string_cmd(NULL, get_param(params, 0)->data,
2392 gdb_gen_query_set_common_table,
2393 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2394 return;
2395 }
2396
2397 if (process_string_cmd(NULL, get_param(params, 0)->data,
2398 gdb_gen_query_table,
2399 ARRAY_SIZE(gdb_gen_query_table))) {
2400 put_packet("");
2401 }
2402 }
2403
2404 static void handle_gen_set(GArray *params, void *user_ctx)
2405 {
2406 if (!params->len) {
2407 return;
2408 }
2409
2410 if (!process_string_cmd(NULL, get_param(params, 0)->data,
2411 gdb_gen_query_set_common_table,
2412 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2413 return;
2414 }
2415
2416 if (process_string_cmd(NULL, get_param(params, 0)->data,
2417 gdb_gen_set_table,
2418 ARRAY_SIZE(gdb_gen_set_table))) {
2419 put_packet("");
2420 }
2421 }
2422
2423 static void handle_target_halt(GArray *params, void *user_ctx)
2424 {
2425 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
2426 gdb_append_thread_id(gdbserver_state.c_cpu, gdbserver_state.str_buf);
2427 g_string_append_c(gdbserver_state.str_buf, ';');
2428 put_strbuf();
2429 /*
2430 * Remove all the breakpoints when this query is issued,
2431 * because gdb is doing an initial connect and the state
2432 * should be cleaned up.
2433 */
2434 gdb_breakpoint_remove_all(gdbserver_state.c_cpu);
2435 }
2436
2437 static int gdb_handle_packet(const char *line_buf)
2438 {
2439 const GdbCmdParseEntry *cmd_parser = NULL;
2440
2441 trace_gdbstub_io_command(line_buf);
2442
2443 switch (line_buf[0]) {
2444 case '!':
2445 put_packet("OK");
2446 break;
2447 case '?':
2448 {
2449 static const GdbCmdParseEntry target_halted_cmd_desc = {
2450 .handler = handle_target_halt,
2451 .cmd = "?",
2452 .cmd_startswith = 1
2453 };
2454 cmd_parser = &target_halted_cmd_desc;
2455 }
2456 break;
2457 case 'c':
2458 {
2459 static const GdbCmdParseEntry continue_cmd_desc = {
2460 .handler = handle_continue,
2461 .cmd = "c",
2462 .cmd_startswith = 1,
2463 .schema = "L0"
2464 };
2465 cmd_parser = &continue_cmd_desc;
2466 }
2467 break;
2468 case 'C':
2469 {
2470 static const GdbCmdParseEntry cont_with_sig_cmd_desc = {
2471 .handler = handle_cont_with_sig,
2472 .cmd = "C",
2473 .cmd_startswith = 1,
2474 .schema = "l0"
2475 };
2476 cmd_parser = &cont_with_sig_cmd_desc;
2477 }
2478 break;
2479 case 'v':
2480 {
2481 static const GdbCmdParseEntry v_cmd_desc = {
2482 .handler = handle_v_commands,
2483 .cmd = "v",
2484 .cmd_startswith = 1,
2485 .schema = "s0"
2486 };
2487 cmd_parser = &v_cmd_desc;
2488 }
2489 break;
2490 case 'k':
2491 /* Kill the target */
2492 error_report("QEMU: Terminated via GDBstub");
2493 gdb_exit(0);
2494 exit(0);
2495 case 'D':
2496 {
2497 static const GdbCmdParseEntry detach_cmd_desc = {
2498 .handler = handle_detach,
2499 .cmd = "D",
2500 .cmd_startswith = 1,
2501 .schema = "?.l0"
2502 };
2503 cmd_parser = &detach_cmd_desc;
2504 }
2505 break;
2506 case 's':
2507 {
2508 static const GdbCmdParseEntry step_cmd_desc = {
2509 .handler = handle_step,
2510 .cmd = "s",
2511 .cmd_startswith = 1,
2512 .schema = "L0"
2513 };
2514 cmd_parser = &step_cmd_desc;
2515 }
2516 break;
2517 case 'b':
2518 {
2519 static const GdbCmdParseEntry backward_cmd_desc = {
2520 .handler = handle_backward,
2521 .cmd = "b",
2522 .cmd_startswith = 1,
2523 .schema = "o0"
2524 };
2525 cmd_parser = &backward_cmd_desc;
2526 }
2527 break;
2528 case 'F':
2529 {
2530 static const GdbCmdParseEntry file_io_cmd_desc = {
2531 .handler = handle_file_io,
2532 .cmd = "F",
2533 .cmd_startswith = 1,
2534 .schema = "L,L,o0"
2535 };
2536 cmd_parser = &file_io_cmd_desc;
2537 }
2538 break;
2539 case 'g':
2540 {
2541 static const GdbCmdParseEntry read_all_regs_cmd_desc = {
2542 .handler = handle_read_all_regs,
2543 .cmd = "g",
2544 .cmd_startswith = 1
2545 };
2546 cmd_parser = &read_all_regs_cmd_desc;
2547 }
2548 break;
2549 case 'G':
2550 {
2551 static const GdbCmdParseEntry write_all_regs_cmd_desc = {
2552 .handler = handle_write_all_regs,
2553 .cmd = "G",
2554 .cmd_startswith = 1,
2555 .schema = "s0"
2556 };
2557 cmd_parser = &write_all_regs_cmd_desc;
2558 }
2559 break;
2560 case 'm':
2561 {
2562 static const GdbCmdParseEntry read_mem_cmd_desc = {
2563 .handler = handle_read_mem,
2564 .cmd = "m",
2565 .cmd_startswith = 1,
2566 .schema = "L,L0"
2567 };
2568 cmd_parser = &read_mem_cmd_desc;
2569 }
2570 break;
2571 case 'M':
2572 {
2573 static const GdbCmdParseEntry write_mem_cmd_desc = {
2574 .handler = handle_write_mem,
2575 .cmd = "M",
2576 .cmd_startswith = 1,
2577 .schema = "L,L:s0"
2578 };
2579 cmd_parser = &write_mem_cmd_desc;
2580 }
2581 break;
2582 case 'p':
2583 {
2584 static const GdbCmdParseEntry get_reg_cmd_desc = {
2585 .handler = handle_get_reg,
2586 .cmd = "p",
2587 .cmd_startswith = 1,
2588 .schema = "L0"
2589 };
2590 cmd_parser = &get_reg_cmd_desc;
2591 }
2592 break;
2593 case 'P':
2594 {
2595 static const GdbCmdParseEntry set_reg_cmd_desc = {
2596 .handler = handle_set_reg,
2597 .cmd = "P",
2598 .cmd_startswith = 1,
2599 .schema = "L?s0"
2600 };
2601 cmd_parser = &set_reg_cmd_desc;
2602 }
2603 break;
2604 case 'Z':
2605 {
2606 static const GdbCmdParseEntry insert_bp_cmd_desc = {
2607 .handler = handle_insert_bp,
2608 .cmd = "Z",
2609 .cmd_startswith = 1,
2610 .schema = "l?L?L0"
2611 };
2612 cmd_parser = &insert_bp_cmd_desc;
2613 }
2614 break;
2615 case 'z':
2616 {
2617 static const GdbCmdParseEntry remove_bp_cmd_desc = {
2618 .handler = handle_remove_bp,
2619 .cmd = "z",
2620 .cmd_startswith = 1,
2621 .schema = "l?L?L0"
2622 };
2623 cmd_parser = &remove_bp_cmd_desc;
2624 }
2625 break;
2626 case 'H':
2627 {
2628 static const GdbCmdParseEntry set_thread_cmd_desc = {
2629 .handler = handle_set_thread,
2630 .cmd = "H",
2631 .cmd_startswith = 1,
2632 .schema = "o.t0"
2633 };
2634 cmd_parser = &set_thread_cmd_desc;
2635 }
2636 break;
2637 case 'T':
2638 {
2639 static const GdbCmdParseEntry thread_alive_cmd_desc = {
2640 .handler = handle_thread_alive,
2641 .cmd = "T",
2642 .cmd_startswith = 1,
2643 .schema = "t0"
2644 };
2645 cmd_parser = &thread_alive_cmd_desc;
2646 }
2647 break;
2648 case 'q':
2649 {
2650 static const GdbCmdParseEntry gen_query_cmd_desc = {
2651 .handler = handle_gen_query,
2652 .cmd = "q",
2653 .cmd_startswith = 1,
2654 .schema = "s0"
2655 };
2656 cmd_parser = &gen_query_cmd_desc;
2657 }
2658 break;
2659 case 'Q':
2660 {
2661 static const GdbCmdParseEntry gen_set_cmd_desc = {
2662 .handler = handle_gen_set,
2663 .cmd = "Q",
2664 .cmd_startswith = 1,
2665 .schema = "s0"
2666 };
2667 cmd_parser = &gen_set_cmd_desc;
2668 }
2669 break;
2670 default:
2671 /* put empty packet */
2672 put_packet("");
2673 break;
2674 }
2675
2676 if (cmd_parser) {
2677 run_cmd_parser(line_buf, cmd_parser);
2678 }
2679
2680 return RS_IDLE;
2681 }
2682
2683 void gdb_set_stop_cpu(CPUState *cpu)
2684 {
2685 GDBProcess *p = gdb_get_cpu_process(cpu);
2686
2687 if (!p->attached) {
2688 /*
2689 * Having a stop CPU corresponding to a process that is not attached
2690 * confuses GDB. So we ignore the request.
2691 */
2692 return;
2693 }
2694
2695 gdbserver_state.c_cpu = cpu;
2696 gdbserver_state.g_cpu = cpu;
2697 }
2698
2699 #ifndef CONFIG_USER_ONLY
2700 static void gdb_vm_state_change(void *opaque, bool running, RunState state)
2701 {
2702 CPUState *cpu = gdbserver_state.c_cpu;
2703 g_autoptr(GString) buf = g_string_new(NULL);
2704 g_autoptr(GString) tid = g_string_new(NULL);
2705 const char *type;
2706 int ret;
2707
2708 if (running || gdbserver_state.state == RS_INACTIVE) {
2709 return;
2710 }
2711 /* Is there a GDB syscall waiting to be sent? */
2712 if (gdbserver_state.current_syscall_cb) {
2713 put_packet(gdbserver_state.syscall_buf);
2714 return;
2715 }
2716
2717 if (cpu == NULL) {
2718 /* No process attached */
2719 return;
2720 }
2721
2722 gdb_append_thread_id(cpu, tid);
2723
2724 switch (state) {
2725 case RUN_STATE_DEBUG:
2726 if (cpu->watchpoint_hit) {
2727 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
2728 case BP_MEM_READ:
2729 type = "r";
2730 break;
2731 case BP_MEM_ACCESS:
2732 type = "a";
2733 break;
2734 default:
2735 type = "";
2736 break;
2737 }
2738 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu),
2739 (target_ulong)cpu->watchpoint_hit->vaddr);
2740 g_string_printf(buf, "T%02xthread:%s;%swatch:" TARGET_FMT_lx ";",
2741 GDB_SIGNAL_TRAP, tid->str, type,
2742 (target_ulong)cpu->watchpoint_hit->vaddr);
2743 cpu->watchpoint_hit = NULL;
2744 goto send_packet;
2745 } else {
2746 trace_gdbstub_hit_break();
2747 }
2748 tb_flush(cpu);
2749 ret = GDB_SIGNAL_TRAP;
2750 break;
2751 case RUN_STATE_PAUSED:
2752 trace_gdbstub_hit_paused();
2753 ret = GDB_SIGNAL_INT;
2754 break;
2755 case RUN_STATE_SHUTDOWN:
2756 trace_gdbstub_hit_shutdown();
2757 ret = GDB_SIGNAL_QUIT;
2758 break;
2759 case RUN_STATE_IO_ERROR:
2760 trace_gdbstub_hit_io_error();
2761 ret = GDB_SIGNAL_IO;
2762 break;
2763 case RUN_STATE_WATCHDOG:
2764 trace_gdbstub_hit_watchdog();
2765 ret = GDB_SIGNAL_ALRM;
2766 break;
2767 case RUN_STATE_INTERNAL_ERROR:
2768 trace_gdbstub_hit_internal_error();
2769 ret = GDB_SIGNAL_ABRT;
2770 break;
2771 case RUN_STATE_SAVE_VM:
2772 case RUN_STATE_RESTORE_VM:
2773 return;
2774 case RUN_STATE_FINISH_MIGRATE:
2775 ret = GDB_SIGNAL_XCPU;
2776 break;
2777 default:
2778 trace_gdbstub_hit_unknown(state);
2779 ret = GDB_SIGNAL_UNKNOWN;
2780 break;
2781 }
2782 gdb_set_stop_cpu(cpu);
2783 g_string_printf(buf, "T%02xthread:%s;", ret, tid->str);
2784
2785 send_packet:
2786 put_packet(buf->str);
2787
2788 /* disable single step if it was enabled */
2789 cpu_single_step(cpu, 0);
2790 }
2791 #endif
2792
2793 /* Send a gdb syscall request.
2794 This accepts limited printf-style format specifiers, specifically:
2795 %x - target_ulong argument printed in hex.
2796 %lx - 64-bit argument printed in hex.
2797 %s - string pointer (target_ulong) and length (int) pair. */
2798 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
2799 {
2800 char *p;
2801 char *p_end;
2802 target_ulong addr;
2803 uint64_t i64;
2804
2805 if (!gdb_attached()) {
2806 return;
2807 }
2808
2809 gdbserver_state.current_syscall_cb = cb;
2810 #ifndef CONFIG_USER_ONLY
2811 vm_stop(RUN_STATE_DEBUG);
2812 #endif
2813 p = &gdbserver_state.syscall_buf[0];
2814 p_end = &gdbserver_state.syscall_buf[sizeof(gdbserver_state.syscall_buf)];
2815 *(p++) = 'F';
2816 while (*fmt) {
2817 if (*fmt == '%') {
2818 fmt++;
2819 switch (*fmt++) {
2820 case 'x':
2821 addr = va_arg(va, target_ulong);
2822 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
2823 break;
2824 case 'l':
2825 if (*(fmt++) != 'x')
2826 goto bad_format;
2827 i64 = va_arg(va, uint64_t);
2828 p += snprintf(p, p_end - p, "%" PRIx64, i64);
2829 break;
2830 case 's':
2831 addr = va_arg(va, target_ulong);
2832 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
2833 addr, va_arg(va, int));
2834 break;
2835 default:
2836 bad_format:
2837 error_report("gdbstub: Bad syscall format string '%s'",
2838 fmt - 1);
2839 break;
2840 }
2841 } else {
2842 *(p++) = *(fmt++);
2843 }
2844 }
2845 *p = 0;
2846 #ifdef CONFIG_USER_ONLY
2847 put_packet(gdbserver_state.syscall_buf);
2848 /* Return control to gdb for it to process the syscall request.
2849 * Since the protocol requires that gdb hands control back to us
2850 * using a "here are the results" F packet, we don't need to check
2851 * gdb_handlesig's return value (which is the signal to deliver if
2852 * execution was resumed via a continue packet).
2853 */
2854 gdb_handlesig(gdbserver_state.c_cpu, 0);
2855 #else
2856 /* In this case wait to send the syscall packet until notification that
2857 the CPU has stopped. This must be done because if the packet is sent
2858 now the reply from the syscall request could be received while the CPU
2859 is still in the running state, which can cause packets to be dropped
2860 and state transition 'T' packets to be sent while the syscall is still
2861 being processed. */
2862 qemu_cpu_kick(gdbserver_state.c_cpu);
2863 #endif
2864 }
2865
2866 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
2867 {
2868 va_list va;
2869
2870 va_start(va, fmt);
2871 gdb_do_syscallv(cb, fmt, va);
2872 va_end(va);
2873 }
2874
2875 static void gdb_read_byte(uint8_t ch)
2876 {
2877 uint8_t reply;
2878
2879 #ifndef CONFIG_USER_ONLY
2880 if (gdbserver_state.last_packet->len) {
2881 /* Waiting for a response to the last packet. If we see the start
2882 of a new command then abandon the previous response. */
2883 if (ch == '-') {
2884 trace_gdbstub_err_got_nack();
2885 put_buffer(gdbserver_state.last_packet->data,
2886 gdbserver_state.last_packet->len);
2887 } else if (ch == '+') {
2888 trace_gdbstub_io_got_ack();
2889 } else {
2890 trace_gdbstub_io_got_unexpected(ch);
2891 }
2892
2893 if (ch == '+' || ch == '$') {
2894 g_byte_array_set_size(gdbserver_state.last_packet, 0);
2895 }
2896 if (ch != '$')
2897 return;
2898 }
2899 if (runstate_is_running()) {
2900 /* when the CPU is running, we cannot do anything except stop
2901 it when receiving a char */
2902 vm_stop(RUN_STATE_PAUSED);
2903 } else
2904 #endif
2905 {
2906 switch(gdbserver_state.state) {
2907 case RS_IDLE:
2908 if (ch == '$') {
2909 /* start of command packet */
2910 gdbserver_state.line_buf_index = 0;
2911 gdbserver_state.line_sum = 0;
2912 gdbserver_state.state = RS_GETLINE;
2913 } else {
2914 trace_gdbstub_err_garbage(ch);
2915 }
2916 break;
2917 case RS_GETLINE:
2918 if (ch == '}') {
2919 /* start escape sequence */
2920 gdbserver_state.state = RS_GETLINE_ESC;
2921 gdbserver_state.line_sum += ch;
2922 } else if (ch == '*') {
2923 /* start run length encoding sequence */
2924 gdbserver_state.state = RS_GETLINE_RLE;
2925 gdbserver_state.line_sum += ch;
2926 } else if (ch == '#') {
2927 /* end of command, start of checksum*/
2928 gdbserver_state.state = RS_CHKSUM1;
2929 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
2930 trace_gdbstub_err_overrun();
2931 gdbserver_state.state = RS_IDLE;
2932 } else {
2933 /* unescaped command character */
2934 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch;
2935 gdbserver_state.line_sum += ch;
2936 }
2937 break;
2938 case RS_GETLINE_ESC:
2939 if (ch == '#') {
2940 /* unexpected end of command in escape sequence */
2941 gdbserver_state.state = RS_CHKSUM1;
2942 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
2943 /* command buffer overrun */
2944 trace_gdbstub_err_overrun();
2945 gdbserver_state.state = RS_IDLE;
2946 } else {
2947 /* parse escaped character and leave escape state */
2948 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch ^ 0x20;
2949 gdbserver_state.line_sum += ch;
2950 gdbserver_state.state = RS_GETLINE;
2951 }
2952 break;
2953 case RS_GETLINE_RLE:
2954 /*
2955 * Run-length encoding is explained in "Debugging with GDB /
2956 * Appendix E GDB Remote Serial Protocol / Overview".
2957 */
2958 if (ch < ' ' || ch == '#' || ch == '$' || ch > 126) {
2959 /* invalid RLE count encoding */
2960 trace_gdbstub_err_invalid_repeat(ch);
2961 gdbserver_state.state = RS_GETLINE;
2962 } else {
2963 /* decode repeat length */
2964 int repeat = ch - ' ' + 3;
2965 if (gdbserver_state.line_buf_index + repeat >= sizeof(gdbserver_state.line_buf) - 1) {
2966 /* that many repeats would overrun the command buffer */
2967 trace_gdbstub_err_overrun();
2968 gdbserver_state.state = RS_IDLE;
2969 } else if (gdbserver_state.line_buf_index < 1) {
2970 /* got a repeat but we have nothing to repeat */
2971 trace_gdbstub_err_invalid_rle();
2972 gdbserver_state.state = RS_GETLINE;
2973 } else {
2974 /* repeat the last character */
2975 memset(gdbserver_state.line_buf + gdbserver_state.line_buf_index,
2976 gdbserver_state.line_buf[gdbserver_state.line_buf_index - 1], repeat);
2977 gdbserver_state.line_buf_index += repeat;
2978 gdbserver_state.line_sum += ch;
2979 gdbserver_state.state = RS_GETLINE;
2980 }
2981 }
2982 break;
2983 case RS_CHKSUM1:
2984 /* get high hex digit of checksum */
2985 if (!isxdigit(ch)) {
2986 trace_gdbstub_err_checksum_invalid(ch);
2987 gdbserver_state.state = RS_GETLINE;
2988 break;
2989 }
2990 gdbserver_state.line_buf[gdbserver_state.line_buf_index] = '\0';
2991 gdbserver_state.line_csum = fromhex(ch) << 4;
2992 gdbserver_state.state = RS_CHKSUM2;
2993 break;
2994 case RS_CHKSUM2:
2995 /* get low hex digit of checksum */
2996 if (!isxdigit(ch)) {
2997 trace_gdbstub_err_checksum_invalid(ch);
2998 gdbserver_state.state = RS_GETLINE;
2999 break;
3000 }
3001 gdbserver_state.line_csum |= fromhex(ch);
3002
3003 if (gdbserver_state.line_csum != (gdbserver_state.line_sum & 0xff)) {
3004 trace_gdbstub_err_checksum_incorrect(gdbserver_state.line_sum, gdbserver_state.line_csum);
3005 /* send NAK reply */
3006 reply = '-';
3007 put_buffer(&reply, 1);
3008 gdbserver_state.state = RS_IDLE;
3009 } else {
3010 /* send ACK reply */
3011 reply = '+';
3012 put_buffer(&reply, 1);
3013 gdbserver_state.state = gdb_handle_packet(gdbserver_state.line_buf);
3014 }
3015 break;
3016 default:
3017 abort();
3018 }
3019 }
3020 }
3021
3022 /* Tell the remote gdb that the process has exited. */
3023 void gdb_exit(int code)
3024 {
3025 char buf[4];
3026
3027 if (!gdbserver_state.init) {
3028 return;
3029 }
3030 #ifdef CONFIG_USER_ONLY
3031 if (gdbserver_state.socket_path) {
3032 unlink(gdbserver_state.socket_path);
3033 }
3034 if (gdbserver_state.fd < 0) {
3035 return;
3036 }
3037 #endif
3038
3039 trace_gdbstub_op_exiting((uint8_t)code);
3040
3041 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
3042 put_packet(buf);
3043
3044 #ifndef CONFIG_USER_ONLY
3045 qemu_chr_fe_deinit(&gdbserver_state.chr, true);
3046 #endif
3047 }
3048
3049 /*
3050 * Create the process that will contain all the "orphan" CPUs (that are not
3051 * part of a CPU cluster). Note that if this process contains no CPUs, it won't
3052 * be attachable and thus will be invisible to the user.
3053 */
3054 static void create_default_process(GDBState *s)
3055 {
3056 GDBProcess *process;
3057 int max_pid = 0;
3058
3059 if (gdbserver_state.process_num) {
3060 max_pid = s->processes[s->process_num - 1].pid;
3061 }
3062
3063 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
3064 process = &s->processes[s->process_num - 1];
3065
3066 /* We need an available PID slot for this process */
3067 assert(max_pid < UINT32_MAX);
3068
3069 process->pid = max_pid + 1;
3070 process->attached = false;
3071 process->target_xml[0] = '\0';
3072 }
3073
3074 #ifdef CONFIG_USER_ONLY
3075 int
3076 gdb_handlesig(CPUState *cpu, int sig)
3077 {
3078 char buf[256];
3079 int n;
3080
3081 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3082 return sig;
3083 }
3084
3085 /* disable single step if it was enabled */
3086 cpu_single_step(cpu, 0);
3087 tb_flush(cpu);
3088
3089 if (sig != 0) {
3090 gdb_set_stop_cpu(cpu);
3091 g_string_printf(gdbserver_state.str_buf,
3092 "T%02xthread:", target_signal_to_gdb(sig));
3093 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
3094 g_string_append_c(gdbserver_state.str_buf, ';');
3095 put_strbuf();
3096 }
3097 /* put_packet() might have detected that the peer terminated the
3098 connection. */
3099 if (gdbserver_state.fd < 0) {
3100 return sig;
3101 }
3102
3103 sig = 0;
3104 gdbserver_state.state = RS_IDLE;
3105 gdbserver_state.running_state = 0;
3106 while (gdbserver_state.running_state == 0) {
3107 n = read(gdbserver_state.fd, buf, 256);
3108 if (n > 0) {
3109 int i;
3110
3111 for (i = 0; i < n; i++) {
3112 gdb_read_byte(buf[i]);
3113 }
3114 } else {
3115 /* XXX: Connection closed. Should probably wait for another
3116 connection before continuing. */
3117 if (n == 0) {
3118 close(gdbserver_state.fd);
3119 }
3120 gdbserver_state.fd = -1;
3121 return sig;
3122 }
3123 }
3124 sig = gdbserver_state.signal;
3125 gdbserver_state.signal = 0;
3126 return sig;
3127 }
3128
3129 /* Tell the remote gdb that the process has exited due to SIG. */
3130 void gdb_signalled(CPUArchState *env, int sig)
3131 {
3132 char buf[4];
3133
3134 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3135 return;
3136 }
3137
3138 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
3139 put_packet(buf);
3140 }
3141
3142 static void gdb_accept_init(int fd)
3143 {
3144 init_gdbserver_state();
3145 create_default_process(&gdbserver_state);
3146 gdbserver_state.processes[0].attached = true;
3147 gdbserver_state.c_cpu = gdb_first_attached_cpu();
3148 gdbserver_state.g_cpu = gdbserver_state.c_cpu;
3149 gdbserver_state.fd = fd;
3150 gdb_has_xml = false;
3151 }
3152
3153 static bool gdb_accept_socket(int gdb_fd)
3154 {
3155 int fd;
3156
3157 for(;;) {
3158 fd = accept(gdb_fd, NULL, NULL);
3159 if (fd < 0 && errno != EINTR) {
3160 perror("accept socket");
3161 return false;
3162 } else if (fd >= 0) {
3163 qemu_set_cloexec(fd);
3164 break;
3165 }
3166 }
3167
3168 gdb_accept_init(fd);
3169 return true;
3170 }
3171
3172 static int gdbserver_open_socket(const char *path)
3173 {
3174 struct sockaddr_un sockaddr = {};
3175 int fd, ret;
3176
3177 fd = socket(AF_UNIX, SOCK_STREAM, 0);
3178 if (fd < 0) {
3179 perror("create socket");
3180 return -1;
3181 }
3182
3183 sockaddr.sun_family = AF_UNIX;
3184 pstrcpy(sockaddr.sun_path, sizeof(sockaddr.sun_path) - 1, path);
3185 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
3186 if (ret < 0) {
3187 perror("bind socket");
3188 close(fd);
3189 return -1;
3190 }
3191 ret = listen(fd, 1);
3192 if (ret < 0) {
3193 perror("listen socket");
3194 close(fd);
3195 return -1;
3196 }
3197
3198 return fd;
3199 }
3200
3201 static bool gdb_accept_tcp(int gdb_fd)
3202 {
3203 struct sockaddr_in sockaddr = {};
3204 socklen_t len;
3205 int fd;
3206
3207 for(;;) {
3208 len = sizeof(sockaddr);
3209 fd = accept(gdb_fd, (struct sockaddr *)&sockaddr, &len);
3210 if (fd < 0 && errno != EINTR) {
3211 perror("accept");
3212 return false;
3213 } else if (fd >= 0) {
3214 qemu_set_cloexec(fd);
3215 break;
3216 }
3217 }
3218
3219 /* set short latency */
3220 if (socket_set_nodelay(fd)) {
3221 perror("setsockopt");
3222 close(fd);
3223 return false;
3224 }
3225
3226 gdb_accept_init(fd);
3227 return true;
3228 }
3229
3230 static int gdbserver_open_port(int port)
3231 {
3232 struct sockaddr_in sockaddr;
3233 int fd, ret;
3234
3235 fd = socket(PF_INET, SOCK_STREAM, 0);
3236 if (fd < 0) {
3237 perror("socket");
3238 return -1;
3239 }
3240 qemu_set_cloexec(fd);
3241
3242 socket_set_fast_reuse(fd);
3243
3244 sockaddr.sin_family = AF_INET;
3245 sockaddr.sin_port = htons(port);
3246 sockaddr.sin_addr.s_addr = 0;
3247 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
3248 if (ret < 0) {
3249 perror("bind");
3250 close(fd);
3251 return -1;
3252 }
3253 ret = listen(fd, 1);
3254 if (ret < 0) {
3255 perror("listen");
3256 close(fd);
3257 return -1;
3258 }
3259
3260 return fd;
3261 }
3262
3263 int gdbserver_start(const char *port_or_path)
3264 {
3265 int port = g_ascii_strtoull(port_or_path, NULL, 10);
3266 int gdb_fd;
3267
3268 if (port > 0) {
3269 gdb_fd = gdbserver_open_port(port);
3270 } else {
3271 gdb_fd = gdbserver_open_socket(port_or_path);
3272 }
3273
3274 if (gdb_fd < 0) {
3275 return -1;
3276 }
3277
3278 if (port > 0 && gdb_accept_tcp(gdb_fd)) {
3279 return 0;
3280 } else if (gdb_accept_socket(gdb_fd)) {
3281 gdbserver_state.socket_path = g_strdup(port_or_path);
3282 return 0;
3283 }
3284
3285 /* gone wrong */
3286 close(gdb_fd);
3287 return -1;
3288 }
3289
3290 /* Disable gdb stub for child processes. */
3291 void gdbserver_fork(CPUState *cpu)
3292 {
3293 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3294 return;
3295 }
3296 close(gdbserver_state.fd);
3297 gdbserver_state.fd = -1;
3298 cpu_breakpoint_remove_all(cpu, BP_GDB);
3299 cpu_watchpoint_remove_all(cpu, BP_GDB);
3300 }
3301 #else
3302 static int gdb_chr_can_receive(void *opaque)
3303 {
3304 /* We can handle an arbitrarily large amount of data.
3305 Pick the maximum packet size, which is as good as anything. */
3306 return MAX_PACKET_LENGTH;
3307 }
3308
3309 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
3310 {
3311 int i;
3312
3313 for (i = 0; i < size; i++) {
3314 gdb_read_byte(buf[i]);
3315 }
3316 }
3317
3318 static void gdb_chr_event(void *opaque, QEMUChrEvent event)
3319 {
3320 int i;
3321 GDBState *s = (GDBState *) opaque;
3322
3323 switch (event) {
3324 case CHR_EVENT_OPENED:
3325 /* Start with first process attached, others detached */
3326 for (i = 0; i < s->process_num; i++) {
3327 s->processes[i].attached = !i;
3328 }
3329
3330 s->c_cpu = gdb_first_attached_cpu();
3331 s->g_cpu = s->c_cpu;
3332
3333 vm_stop(RUN_STATE_PAUSED);
3334 replay_gdb_attached();
3335 gdb_has_xml = false;
3336 break;
3337 default:
3338 break;
3339 }
3340 }
3341
3342 static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len)
3343 {
3344 g_autoptr(GString) hex_buf = g_string_new("O");
3345 memtohex(hex_buf, buf, len);
3346 put_packet(hex_buf->str);
3347 return len;
3348 }
3349
3350 #ifndef _WIN32
3351 static void gdb_sigterm_handler(int signal)
3352 {
3353 if (runstate_is_running()) {
3354 vm_stop(RUN_STATE_PAUSED);
3355 }
3356 }
3357 #endif
3358
3359 static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend,
3360 bool *be_opened, Error **errp)
3361 {
3362 *be_opened = false;
3363 }
3364
3365 static void char_gdb_class_init(ObjectClass *oc, void *data)
3366 {
3367 ChardevClass *cc = CHARDEV_CLASS(oc);
3368
3369 cc->internal = true;
3370 cc->open = gdb_monitor_open;
3371 cc->chr_write = gdb_monitor_write;
3372 }
3373
3374 #define TYPE_CHARDEV_GDB "chardev-gdb"
3375
3376 static const TypeInfo char_gdb_type_info = {
3377 .name = TYPE_CHARDEV_GDB,
3378 .parent = TYPE_CHARDEV,
3379 .class_init = char_gdb_class_init,
3380 };
3381
3382 static int find_cpu_clusters(Object *child, void *opaque)
3383 {
3384 if (object_dynamic_cast(child, TYPE_CPU_CLUSTER)) {
3385 GDBState *s = (GDBState *) opaque;
3386 CPUClusterState *cluster = CPU_CLUSTER(child);
3387 GDBProcess *process;
3388
3389 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
3390
3391 process = &s->processes[s->process_num - 1];
3392
3393 /*
3394 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at
3395 * runtime, we enforce here that the machine does not use a cluster ID
3396 * that would lead to PID 0.
3397 */
3398 assert(cluster->cluster_id != UINT32_MAX);
3399 process->pid = cluster->cluster_id + 1;
3400 process->attached = false;
3401 process->target_xml[0] = '\0';
3402
3403 return 0;
3404 }
3405
3406 return object_child_foreach(child, find_cpu_clusters, opaque);
3407 }
3408
3409 static int pid_order(const void *a, const void *b)
3410 {
3411 GDBProcess *pa = (GDBProcess *) a;
3412 GDBProcess *pb = (GDBProcess *) b;
3413
3414 if (pa->pid < pb->pid) {
3415 return -1;
3416 } else if (pa->pid > pb->pid) {
3417 return 1;
3418 } else {
3419 return 0;
3420 }
3421 }
3422
3423 static void create_processes(GDBState *s)
3424 {
3425 object_child_foreach(object_get_root(), find_cpu_clusters, s);
3426
3427 if (gdbserver_state.processes) {
3428 /* Sort by PID */
3429 qsort(gdbserver_state.processes, gdbserver_state.process_num, sizeof(gdbserver_state.processes[0]), pid_order);
3430 }
3431
3432 create_default_process(s);
3433 }
3434
3435 int gdbserver_start(const char *device)
3436 {
3437 trace_gdbstub_op_start(device);
3438
3439 char gdbstub_device_name[128];
3440 Chardev *chr = NULL;
3441 Chardev *mon_chr;
3442
3443 if (!first_cpu) {
3444 error_report("gdbstub: meaningless to attach gdb to a "
3445 "machine without any CPU.");
3446 return -1;
3447 }
3448
3449 if (!gdb_supports_guest_debug()) {
3450 error_report("gdbstub: current accelerator doesn't support guest debugging");
3451 return -1;
3452 }
3453
3454 if (!device)
3455 return -1;
3456 if (strcmp(device, "none") != 0) {
3457 if (strstart(device, "tcp:", NULL)) {
3458 /* enforce required TCP attributes */
3459 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
3460 "%s,wait=off,nodelay=on,server=on", device);
3461 device = gdbstub_device_name;
3462 }
3463 #ifndef _WIN32
3464 else if (strcmp(device, "stdio") == 0) {
3465 struct sigaction act;
3466
3467 memset(&act, 0, sizeof(act));
3468 act.sa_handler = gdb_sigterm_handler;
3469 sigaction(SIGINT, &act, NULL);
3470 }
3471 #endif
3472 /*
3473 * FIXME: it's a bit weird to allow using a mux chardev here
3474 * and implicitly setup a monitor. We may want to break this.
3475 */
3476 chr = qemu_chr_new_noreplay("gdb", device, true, NULL);
3477 if (!chr)
3478 return -1;
3479 }
3480
3481 if (!gdbserver_state.init) {
3482 init_gdbserver_state();
3483
3484 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
3485
3486 /* Initialize a monitor terminal for gdb */
3487 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB,
3488 NULL, NULL, &error_abort);
3489 monitor_init_hmp(mon_chr, false, &error_abort);
3490 } else {
3491 qemu_chr_fe_deinit(&gdbserver_state.chr, true);
3492 mon_chr = gdbserver_state.mon_chr;
3493 reset_gdbserver_state();
3494 }
3495
3496 create_processes(&gdbserver_state);
3497
3498 if (chr) {
3499 qemu_chr_fe_init(&gdbserver_state.chr, chr, &error_abort);
3500 qemu_chr_fe_set_handlers(&gdbserver_state.chr, gdb_chr_can_receive,
3501 gdb_chr_receive, gdb_chr_event,
3502 NULL, &gdbserver_state, NULL, true);
3503 }
3504 gdbserver_state.state = chr ? RS_IDLE : RS_INACTIVE;
3505 gdbserver_state.mon_chr = mon_chr;
3506 gdbserver_state.current_syscall_cb = NULL;
3507
3508 return 0;
3509 }
3510
3511 static void register_types(void)
3512 {
3513 type_register_static(&char_gdb_type_info);
3514 }
3515
3516 type_init(register_types);
3517 #endif
QEMU mirror