]> git.proxmox.com Git - mirror_qemu.git/blob - gdbstub.c
projects / mirror_qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
gdbstub: add reverse step support in replay mode
[mirror_qemu.git] / gdbstub.c
1 /*
2 * gdb server stub
3 *
4 * This implements a subset of the remote protocol as described in:
5 *
6 * https://sourceware.org/gdb/onlinedocs/gdb/Remote-Protocol.html
7 *
8 * Copyright (c) 2003-2005 Fabrice Bellard
9 *
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
14 *
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
19 *
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
22 *
23 * SPDX-License-Identifier: LGPL-2.0+
24 */
25
26 #include "qemu/osdep.h"
27 #include "qemu-common.h"
28 #include "qapi/error.h"
29 #include "qemu/error-report.h"
30 #include "qemu/ctype.h"
31 #include "qemu/cutils.h"
32 #include "qemu/module.h"
33 #include "trace/trace-root.h"
34 #ifdef CONFIG_USER_ONLY
35 #include "qemu.h"
36 #else
37 #include "monitor/monitor.h"
38 #include "chardev/char.h"
39 #include "chardev/char-fe.h"
40 #include "sysemu/sysemu.h"
41 #include "exec/gdbstub.h"
42 #include "hw/cpu/cluster.h"
43 #include "hw/boards.h"
44 #endif
45
46 #define MAX_PACKET_LENGTH 4096
47
48 #include "qemu/sockets.h"
49 #include "sysemu/hw_accel.h"
50 #include "sysemu/kvm.h"
51 #include "sysemu/runstate.h"
52 #include "hw/semihosting/semihost.h"
53 #include "exec/exec-all.h"
54 #include "sysemu/replay.h"
55
56 #ifdef CONFIG_USER_ONLY
57 #define GDB_ATTACHED "0"
58 #else
59 #define GDB_ATTACHED "1"
60 #endif
61
62 #ifndef CONFIG_USER_ONLY
63 static int phy_memory_mode;
64 #endif
65
66 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
67 uint8_t *buf, int len, bool is_write)
68 {
69 CPUClass *cc;
70
71 #ifndef CONFIG_USER_ONLY
72 if (phy_memory_mode) {
73 if (is_write) {
74 cpu_physical_memory_write(addr, buf, len);
75 } else {
76 cpu_physical_memory_read(addr, buf, len);
77 }
78 return 0;
79 }
80 #endif
81
82 cc = CPU_GET_CLASS(cpu);
83 if (cc->memory_rw_debug) {
84 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
85 }
86 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
87 }
88
89 /* Return the GDB index for a given vCPU state.
90 *
91 * For user mode this is simply the thread id. In system mode GDB
92 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
93 */
94 static inline int cpu_gdb_index(CPUState *cpu)
95 {
96 #if defined(CONFIG_USER_ONLY)
97 TaskState *ts = (TaskState *) cpu->opaque;
98 return ts->ts_tid;
99 #else
100 return cpu->cpu_index + 1;
101 #endif
102 }
103
104 enum {
105 GDB_SIGNAL_0 = 0,
106 GDB_SIGNAL_INT = 2,
107 GDB_SIGNAL_QUIT = 3,
108 GDB_SIGNAL_TRAP = 5,
109 GDB_SIGNAL_ABRT = 6,
110 GDB_SIGNAL_ALRM = 14,
111 GDB_SIGNAL_IO = 23,
112 GDB_SIGNAL_XCPU = 24,
113 GDB_SIGNAL_UNKNOWN = 143
114 };
115
116 #ifdef CONFIG_USER_ONLY
117
118 /* Map target signal numbers to GDB protocol signal numbers and vice
119 * versa. For user emulation's currently supported systems, we can
120 * assume most signals are defined.
121 */
122
123 static int gdb_signal_table[] = {
124 0,
125 TARGET_SIGHUP,
126 TARGET_SIGINT,
127 TARGET_SIGQUIT,
128 TARGET_SIGILL,
129 TARGET_SIGTRAP,
130 TARGET_SIGABRT,
131 -1, /* SIGEMT */
132 TARGET_SIGFPE,
133 TARGET_SIGKILL,
134 TARGET_SIGBUS,
135 TARGET_SIGSEGV,
136 TARGET_SIGSYS,
137 TARGET_SIGPIPE,
138 TARGET_SIGALRM,
139 TARGET_SIGTERM,
140 TARGET_SIGURG,
141 TARGET_SIGSTOP,
142 TARGET_SIGTSTP,
143 TARGET_SIGCONT,
144 TARGET_SIGCHLD,
145 TARGET_SIGTTIN,
146 TARGET_SIGTTOU,
147 TARGET_SIGIO,
148 TARGET_SIGXCPU,
149 TARGET_SIGXFSZ,
150 TARGET_SIGVTALRM,
151 TARGET_SIGPROF,
152 TARGET_SIGWINCH,
153 -1, /* SIGLOST */
154 TARGET_SIGUSR1,
155 TARGET_SIGUSR2,
156 #ifdef TARGET_SIGPWR
157 TARGET_SIGPWR,
158 #else
159 -1,
160 #endif
161 -1, /* SIGPOLL */
162 -1,
163 -1,
164 -1,
165 -1,
166 -1,
167 -1,
168 -1,
169 -1,
170 -1,
171 -1,
172 -1,
173 #ifdef __SIGRTMIN
174 __SIGRTMIN + 1,
175 __SIGRTMIN + 2,
176 __SIGRTMIN + 3,
177 __SIGRTMIN + 4,
178 __SIGRTMIN + 5,
179 __SIGRTMIN + 6,
180 __SIGRTMIN + 7,
181 __SIGRTMIN + 8,
182 __SIGRTMIN + 9,
183 __SIGRTMIN + 10,
184 __SIGRTMIN + 11,
185 __SIGRTMIN + 12,
186 __SIGRTMIN + 13,
187 __SIGRTMIN + 14,
188 __SIGRTMIN + 15,
189 __SIGRTMIN + 16,
190 __SIGRTMIN + 17,
191 __SIGRTMIN + 18,
192 __SIGRTMIN + 19,
193 __SIGRTMIN + 20,
194 __SIGRTMIN + 21,
195 __SIGRTMIN + 22,
196 __SIGRTMIN + 23,
197 __SIGRTMIN + 24,
198 __SIGRTMIN + 25,
199 __SIGRTMIN + 26,
200 __SIGRTMIN + 27,
201 __SIGRTMIN + 28,
202 __SIGRTMIN + 29,
203 __SIGRTMIN + 30,
204 __SIGRTMIN + 31,
205 -1, /* SIGCANCEL */
206 __SIGRTMIN,
207 __SIGRTMIN + 32,
208 __SIGRTMIN + 33,
209 __SIGRTMIN + 34,
210 __SIGRTMIN + 35,
211 __SIGRTMIN + 36,
212 __SIGRTMIN + 37,
213 __SIGRTMIN + 38,
214 __SIGRTMIN + 39,
215 __SIGRTMIN + 40,
216 __SIGRTMIN + 41,
217 __SIGRTMIN + 42,
218 __SIGRTMIN + 43,
219 __SIGRTMIN + 44,
220 __SIGRTMIN + 45,
221 __SIGRTMIN + 46,
222 __SIGRTMIN + 47,
223 __SIGRTMIN + 48,
224 __SIGRTMIN + 49,
225 __SIGRTMIN + 50,
226 __SIGRTMIN + 51,
227 __SIGRTMIN + 52,
228 __SIGRTMIN + 53,
229 __SIGRTMIN + 54,
230 __SIGRTMIN + 55,
231 __SIGRTMIN + 56,
232 __SIGRTMIN + 57,
233 __SIGRTMIN + 58,
234 __SIGRTMIN + 59,
235 __SIGRTMIN + 60,
236 __SIGRTMIN + 61,
237 __SIGRTMIN + 62,
238 __SIGRTMIN + 63,
239 __SIGRTMIN + 64,
240 __SIGRTMIN + 65,
241 __SIGRTMIN + 66,
242 __SIGRTMIN + 67,
243 __SIGRTMIN + 68,
244 __SIGRTMIN + 69,
245 __SIGRTMIN + 70,
246 __SIGRTMIN + 71,
247 __SIGRTMIN + 72,
248 __SIGRTMIN + 73,
249 __SIGRTMIN + 74,
250 __SIGRTMIN + 75,
251 __SIGRTMIN + 76,
252 __SIGRTMIN + 77,
253 __SIGRTMIN + 78,
254 __SIGRTMIN + 79,
255 __SIGRTMIN + 80,
256 __SIGRTMIN + 81,
257 __SIGRTMIN + 82,
258 __SIGRTMIN + 83,
259 __SIGRTMIN + 84,
260 __SIGRTMIN + 85,
261 __SIGRTMIN + 86,
262 __SIGRTMIN + 87,
263 __SIGRTMIN + 88,
264 __SIGRTMIN + 89,
265 __SIGRTMIN + 90,
266 __SIGRTMIN + 91,
267 __SIGRTMIN + 92,
268 __SIGRTMIN + 93,
269 __SIGRTMIN + 94,
270 __SIGRTMIN + 95,
271 -1, /* SIGINFO */
272 -1, /* UNKNOWN */
273 -1, /* DEFAULT */
274 -1,
275 -1,
276 -1,
277 -1,
278 -1,
279 -1
280 #endif
281 };
282 #else
283 /* In system mode we only need SIGINT and SIGTRAP; other signals
284 are not yet supported. */
285
286 enum {
287 TARGET_SIGINT = 2,
288 TARGET_SIGTRAP = 5
289 };
290
291 static int gdb_signal_table[] = {
292 -1,
293 -1,
294 TARGET_SIGINT,
295 -1,
296 -1,
297 TARGET_SIGTRAP
298 };
299 #endif
300
301 #ifdef CONFIG_USER_ONLY
302 static int target_signal_to_gdb (int sig)
303 {
304 int i;
305 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
306 if (gdb_signal_table[i] == sig)
307 return i;
308 return GDB_SIGNAL_UNKNOWN;
309 }
310 #endif
311
312 static int gdb_signal_to_target (int sig)
313 {
314 if (sig < ARRAY_SIZE (gdb_signal_table))
315 return gdb_signal_table[sig];
316 else
317 return -1;
318 }
319
320 typedef struct GDBRegisterState {
321 int base_reg;
322 int num_regs;
323 gdb_get_reg_cb get_reg;
324 gdb_set_reg_cb set_reg;
325 const char *xml;
326 struct GDBRegisterState *next;
327 } GDBRegisterState;
328
329 typedef struct GDBProcess {
330 uint32_t pid;
331 bool attached;
332
333 char target_xml[1024];
334 } GDBProcess;
335
336 enum RSState {
337 RS_INACTIVE,
338 RS_IDLE,
339 RS_GETLINE,
340 RS_GETLINE_ESC,
341 RS_GETLINE_RLE,
342 RS_CHKSUM1,
343 RS_CHKSUM2,
344 };
345 typedef struct GDBState {
346 bool init; /* have we been initialised? */
347 CPUState *c_cpu; /* current CPU for step/continue ops */
348 CPUState *g_cpu; /* current CPU for other ops */
349 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
350 enum RSState state; /* parsing state */
351 char line_buf[MAX_PACKET_LENGTH];
352 int line_buf_index;
353 int line_sum; /* running checksum */
354 int line_csum; /* checksum at the end of the packet */
355 GByteArray *last_packet;
356 int signal;
357 #ifdef CONFIG_USER_ONLY
358 int fd;
359 char *socket_path;
360 int running_state;
361 #else
362 CharBackend chr;
363 Chardev *mon_chr;
364 #endif
365 bool multiprocess;
366 GDBProcess *processes;
367 int process_num;
368 char syscall_buf[256];
369 gdb_syscall_complete_cb current_syscall_cb;
370 GString *str_buf;
371 GByteArray *mem_buf;
372 } GDBState;
373
374 /* By default use no IRQs and no timers while single stepping so as to
375 * make single stepping like an ICE HW step.
376 */
377 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
378
379 /* Retrieves flags for single step mode. */
380 static int get_sstep_flags(void)
381 {
382 /*
383 * In replay mode all events written into the log should be replayed.
384 * That is why NOIRQ flag is removed in this mode.
385 */
386 if (replay_mode != REPLAY_MODE_NONE) {
387 return SSTEP_ENABLE;
388 } else {
389 return sstep_flags;
390 }
391 }
392
393 static GDBState gdbserver_state;
394
395 static void init_gdbserver_state(void)
396 {
397 g_assert(!gdbserver_state.init);
398 memset(&gdbserver_state, 0, sizeof(GDBState));
399 gdbserver_state.init = true;
400 gdbserver_state.str_buf = g_string_new(NULL);
401 gdbserver_state.mem_buf = g_byte_array_sized_new(MAX_PACKET_LENGTH);
402 gdbserver_state.last_packet = g_byte_array_sized_new(MAX_PACKET_LENGTH + 4);
403 }
404
405 #ifndef CONFIG_USER_ONLY
406 static void reset_gdbserver_state(void)
407 {
408 g_free(gdbserver_state.processes);
409 gdbserver_state.processes = NULL;
410 gdbserver_state.process_num = 0;
411 }
412 #endif
413
414 bool gdb_has_xml;
415
416 #ifdef CONFIG_USER_ONLY
417
418 static int get_char(void)
419 {
420 uint8_t ch;
421 int ret;
422
423 for(;;) {
424 ret = qemu_recv(gdbserver_state.fd, &ch, 1, 0);
425 if (ret < 0) {
426 if (errno == ECONNRESET)
427 gdbserver_state.fd = -1;
428 if (errno != EINTR)
429 return -1;
430 } else if (ret == 0) {
431 close(gdbserver_state.fd);
432 gdbserver_state.fd = -1;
433 return -1;
434 } else {
435 break;
436 }
437 }
438 return ch;
439 }
440 #endif
441
442 static enum {
443 GDB_SYS_UNKNOWN,
444 GDB_SYS_ENABLED,
445 GDB_SYS_DISABLED,
446 } gdb_syscall_mode;
447
448 /* Decide if either remote gdb syscalls or native file IO should be used. */
449 int use_gdb_syscalls(void)
450 {
451 SemihostingTarget target = semihosting_get_target();
452 if (target == SEMIHOSTING_TARGET_NATIVE) {
453 /* -semihosting-config target=native */
454 return false;
455 } else if (target == SEMIHOSTING_TARGET_GDB) {
456 /* -semihosting-config target=gdb */
457 return true;
458 }
459
460 /* -semihosting-config target=auto */
461 /* On the first call check if gdb is connected and remember. */
462 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
463 gdb_syscall_mode = gdbserver_state.init ?
464 GDB_SYS_ENABLED : GDB_SYS_DISABLED;
465 }
466 return gdb_syscall_mode == GDB_SYS_ENABLED;
467 }
468
469 /* Resume execution. */
470 static inline void gdb_continue(void)
471 {
472
473 #ifdef CONFIG_USER_ONLY
474 gdbserver_state.running_state = 1;
475 trace_gdbstub_op_continue();
476 #else
477 if (!runstate_needs_reset()) {
478 trace_gdbstub_op_continue();
479 vm_start();
480 }
481 #endif
482 }
483
484 /*
485 * Resume execution, per CPU actions. For user-mode emulation it's
486 * equivalent to gdb_continue.
487 */
488 static int gdb_continue_partial(char *newstates)
489 {
490 CPUState *cpu;
491 int res = 0;
492 #ifdef CONFIG_USER_ONLY
493 /*
494 * This is not exactly accurate, but it's an improvement compared to the
495 * previous situation, where only one CPU would be single-stepped.
496 */
497 CPU_FOREACH(cpu) {
498 if (newstates[cpu->cpu_index] == 's') {
499 trace_gdbstub_op_stepping(cpu->cpu_index);
500 cpu_single_step(cpu, sstep_flags);
501 }
502 }
503 gdbserver_state.running_state = 1;
504 #else
505 int flag = 0;
506
507 if (!runstate_needs_reset()) {
508 if (vm_prepare_start()) {
509 return 0;
510 }
511
512 CPU_FOREACH(cpu) {
513 switch (newstates[cpu->cpu_index]) {
514 case 0:
515 case 1:
516 break; /* nothing to do here */
517 case 's':
518 trace_gdbstub_op_stepping(cpu->cpu_index);
519 cpu_single_step(cpu, get_sstep_flags());
520 cpu_resume(cpu);
521 flag = 1;
522 break;
523 case 'c':
524 trace_gdbstub_op_continue_cpu(cpu->cpu_index);
525 cpu_resume(cpu);
526 flag = 1;
527 break;
528 default:
529 res = -1;
530 break;
531 }
532 }
533 }
534 if (flag) {
535 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true);
536 }
537 #endif
538 return res;
539 }
540
541 static void put_buffer(const uint8_t *buf, int len)
542 {
543 #ifdef CONFIG_USER_ONLY
544 int ret;
545
546 while (len > 0) {
547 ret = send(gdbserver_state.fd, buf, len, 0);
548 if (ret < 0) {
549 if (errno != EINTR)
550 return;
551 } else {
552 buf += ret;
553 len -= ret;
554 }
555 }
556 #else
557 /* XXX this blocks entire thread. Rewrite to use
558 * qemu_chr_fe_write and background I/O callbacks */
559 qemu_chr_fe_write_all(&gdbserver_state.chr, buf, len);
560 #endif
561 }
562
563 static inline int fromhex(int v)
564 {
565 if (v >= '0' && v <= '9')
566 return v - '0';
567 else if (v >= 'A' && v <= 'F')
568 return v - 'A' + 10;
569 else if (v >= 'a' && v <= 'f')
570 return v - 'a' + 10;
571 else
572 return 0;
573 }
574
575 static inline int tohex(int v)
576 {
577 if (v < 10)
578 return v + '0';
579 else
580 return v - 10 + 'a';
581 }
582
583 /* writes 2*len+1 bytes in buf */
584 static void memtohex(GString *buf, const uint8_t *mem, int len)
585 {
586 int i, c;
587 for(i = 0; i < len; i++) {
588 c = mem[i];
589 g_string_append_c(buf, tohex(c >> 4));
590 g_string_append_c(buf, tohex(c & 0xf));
591 }
592 g_string_append_c(buf, '\0');
593 }
594
595 static void hextomem(GByteArray *mem, const char *buf, int len)
596 {
597 int i;
598
599 for(i = 0; i < len; i++) {
600 guint8 byte = fromhex(buf[0]) << 4 | fromhex(buf[1]);
601 g_byte_array_append(mem, &byte, 1);
602 buf += 2;
603 }
604 }
605
606 static void hexdump(const char *buf, int len,
607 void (*trace_fn)(size_t ofs, char const *text))
608 {
609 char line_buffer[3 * 16 + 4 + 16 + 1];
610
611 size_t i;
612 for (i = 0; i < len || (i & 0xF); ++i) {
613 size_t byte_ofs = i & 15;
614
615 if (byte_ofs == 0) {
616 memset(line_buffer, ' ', 3 * 16 + 4 + 16);
617 line_buffer[3 * 16 + 4 + 16] = 0;
618 }
619
620 size_t col_group = (i >> 2) & 3;
621 size_t hex_col = byte_ofs * 3 + col_group;
622 size_t txt_col = 3 * 16 + 4 + byte_ofs;
623
624 if (i < len) {
625 char value = buf[i];
626
627 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF);
628 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF);
629 line_buffer[txt_col + 0] = (value >= ' ' && value < 127)
630 ? value
631 : '.';
632 }
633
634 if (byte_ofs == 0xF)
635 trace_fn(i & -16, line_buffer);
636 }
637 }
638
639 /* return -1 if error, 0 if OK */
640 static int put_packet_binary(const char *buf, int len, bool dump)
641 {
642 int csum, i;
643 uint8_t footer[3];
644
645 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) {
646 hexdump(buf, len, trace_gdbstub_io_binaryreply);
647 }
648
649 for(;;) {
650 g_byte_array_set_size(gdbserver_state.last_packet, 0);
651 g_byte_array_append(gdbserver_state.last_packet,
652 (const uint8_t *) "$", 1);
653 g_byte_array_append(gdbserver_state.last_packet,
654 (const uint8_t *) buf, len);
655 csum = 0;
656 for(i = 0; i < len; i++) {
657 csum += buf[i];
658 }
659 footer[0] = '#';
660 footer[1] = tohex((csum >> 4) & 0xf);
661 footer[2] = tohex((csum) & 0xf);
662 g_byte_array_append(gdbserver_state.last_packet, footer, 3);
663
664 put_buffer(gdbserver_state.last_packet->data,
665 gdbserver_state.last_packet->len);
666
667 #ifdef CONFIG_USER_ONLY
668 i = get_char();
669 if (i < 0)
670 return -1;
671 if (i == '+')
672 break;
673 #else
674 break;
675 #endif
676 }
677 return 0;
678 }
679
680 /* return -1 if error, 0 if OK */
681 static int put_packet(const char *buf)
682 {
683 trace_gdbstub_io_reply(buf);
684
685 return put_packet_binary(buf, strlen(buf), false);
686 }
687
688 static void put_strbuf(void)
689 {
690 put_packet(gdbserver_state.str_buf->str);
691 }
692
693 /* Encode data using the encoding for 'x' packets. */
694 static void memtox(GString *buf, const char *mem, int len)
695 {
696 char c;
697
698 while (len--) {
699 c = *(mem++);
700 switch (c) {
701 case '#': case '$': case '*': case '}':
702 g_string_append_c(buf, '}');
703 g_string_append_c(buf, c ^ 0x20);
704 break;
705 default:
706 g_string_append_c(buf, c);
707 break;
708 }
709 }
710 }
711
712 static uint32_t gdb_get_cpu_pid(CPUState *cpu)
713 {
714 /* TODO: In user mode, we should use the task state PID */
715 if (cpu->cluster_index == UNASSIGNED_CLUSTER_INDEX) {
716 /* Return the default process' PID */
717 int index = gdbserver_state.process_num - 1;
718 return gdbserver_state.processes[index].pid;
719 }
720 return cpu->cluster_index + 1;
721 }
722
723 static GDBProcess *gdb_get_process(uint32_t pid)
724 {
725 int i;
726
727 if (!pid) {
728 /* 0 means any process, we take the first one */
729 return &gdbserver_state.processes[0];
730 }
731
732 for (i = 0; i < gdbserver_state.process_num; i++) {
733 if (gdbserver_state.processes[i].pid == pid) {
734 return &gdbserver_state.processes[i];
735 }
736 }
737
738 return NULL;
739 }
740
741 static GDBProcess *gdb_get_cpu_process(CPUState *cpu)
742 {
743 return gdb_get_process(gdb_get_cpu_pid(cpu));
744 }
745
746 static CPUState *find_cpu(uint32_t thread_id)
747 {
748 CPUState *cpu;
749
750 CPU_FOREACH(cpu) {
751 if (cpu_gdb_index(cpu) == thread_id) {
752 return cpu;
753 }
754 }
755
756 return NULL;
757 }
758
759 static CPUState *get_first_cpu_in_process(GDBProcess *process)
760 {
761 CPUState *cpu;
762
763 CPU_FOREACH(cpu) {
764 if (gdb_get_cpu_pid(cpu) == process->pid) {
765 return cpu;
766 }
767 }
768
769 return NULL;
770 }
771
772 static CPUState *gdb_next_cpu_in_process(CPUState *cpu)
773 {
774 uint32_t pid = gdb_get_cpu_pid(cpu);
775 cpu = CPU_NEXT(cpu);
776
777 while (cpu) {
778 if (gdb_get_cpu_pid(cpu) == pid) {
779 break;
780 }
781
782 cpu = CPU_NEXT(cpu);
783 }
784
785 return cpu;
786 }
787
788 /* Return the cpu following @cpu, while ignoring unattached processes. */
789 static CPUState *gdb_next_attached_cpu(CPUState *cpu)
790 {
791 cpu = CPU_NEXT(cpu);
792
793 while (cpu) {
794 if (gdb_get_cpu_process(cpu)->attached) {
795 break;
796 }
797
798 cpu = CPU_NEXT(cpu);
799 }
800
801 return cpu;
802 }
803
804 /* Return the first attached cpu */
805 static CPUState *gdb_first_attached_cpu(void)
806 {
807 CPUState *cpu = first_cpu;
808 GDBProcess *process = gdb_get_cpu_process(cpu);
809
810 if (!process->attached) {
811 return gdb_next_attached_cpu(cpu);
812 }
813
814 return cpu;
815 }
816
817 static CPUState *gdb_get_cpu(uint32_t pid, uint32_t tid)
818 {
819 GDBProcess *process;
820 CPUState *cpu;
821
822 if (!pid && !tid) {
823 /* 0 means any process/thread, we take the first attached one */
824 return gdb_first_attached_cpu();
825 } else if (pid && !tid) {
826 /* any thread in a specific process */
827 process = gdb_get_process(pid);
828
829 if (process == NULL) {
830 return NULL;
831 }
832
833 if (!process->attached) {
834 return NULL;
835 }
836
837 return get_first_cpu_in_process(process);
838 } else {
839 /* a specific thread */
840 cpu = find_cpu(tid);
841
842 if (cpu == NULL) {
843 return NULL;
844 }
845
846 process = gdb_get_cpu_process(cpu);
847
848 if (pid && process->pid != pid) {
849 return NULL;
850 }
851
852 if (!process->attached) {
853 return NULL;
854 }
855
856 return cpu;
857 }
858 }
859
860 static const char *get_feature_xml(const char *p, const char **newp,
861 GDBProcess *process)
862 {
863 size_t len;
864 int i;
865 const char *name;
866 CPUState *cpu = get_first_cpu_in_process(process);
867 CPUClass *cc = CPU_GET_CLASS(cpu);
868
869 len = 0;
870 while (p[len] && p[len] != ':')
871 len++;
872 *newp = p + len;
873
874 name = NULL;
875 if (strncmp(p, "target.xml", len) == 0) {
876 char *buf = process->target_xml;
877 const size_t buf_sz = sizeof(process->target_xml);
878
879 /* Generate the XML description for this CPU. */
880 if (!buf[0]) {
881 GDBRegisterState *r;
882
883 pstrcat(buf, buf_sz,
884 "<?xml version=\"1.0\"?>"
885 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
886 "<target>");
887 if (cc->gdb_arch_name) {
888 gchar *arch = cc->gdb_arch_name(cpu);
889 pstrcat(buf, buf_sz, "<architecture>");
890 pstrcat(buf, buf_sz, arch);
891 pstrcat(buf, buf_sz, "</architecture>");
892 g_free(arch);
893 }
894 pstrcat(buf, buf_sz, "<xi:include href=\"");
895 pstrcat(buf, buf_sz, cc->gdb_core_xml_file);
896 pstrcat(buf, buf_sz, "\"/>");
897 for (r = cpu->gdb_regs; r; r = r->next) {
898 pstrcat(buf, buf_sz, "<xi:include href=\"");
899 pstrcat(buf, buf_sz, r->xml);
900 pstrcat(buf, buf_sz, "\"/>");
901 }
902 pstrcat(buf, buf_sz, "</target>");
903 }
904 return buf;
905 }
906 if (cc->gdb_get_dynamic_xml) {
907 char *xmlname = g_strndup(p, len);
908 const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname);
909
910 g_free(xmlname);
911 if (xml) {
912 return xml;
913 }
914 }
915 for (i = 0; ; i++) {
916 name = xml_builtin[i][0];
917 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
918 break;
919 }
920 return name ? xml_builtin[i][1] : NULL;
921 }
922
923 static int gdb_read_register(CPUState *cpu, GByteArray *buf, int reg)
924 {
925 CPUClass *cc = CPU_GET_CLASS(cpu);
926 CPUArchState *env = cpu->env_ptr;
927 GDBRegisterState *r;
928
929 if (reg < cc->gdb_num_core_regs) {
930 return cc->gdb_read_register(cpu, buf, reg);
931 }
932
933 for (r = cpu->gdb_regs; r; r = r->next) {
934 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
935 return r->get_reg(env, buf, reg - r->base_reg);
936 }
937 }
938 return 0;
939 }
940
941 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
942 {
943 CPUClass *cc = CPU_GET_CLASS(cpu);
944 CPUArchState *env = cpu->env_ptr;
945 GDBRegisterState *r;
946
947 if (reg < cc->gdb_num_core_regs) {
948 return cc->gdb_write_register(cpu, mem_buf, reg);
949 }
950
951 for (r = cpu->gdb_regs; r; r = r->next) {
952 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
953 return r->set_reg(env, mem_buf, reg - r->base_reg);
954 }
955 }
956 return 0;
957 }
958
959 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
960 specifies the first register number and these registers are included in
961 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
962 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
963 */
964
965 void gdb_register_coprocessor(CPUState *cpu,
966 gdb_get_reg_cb get_reg, gdb_set_reg_cb set_reg,
967 int num_regs, const char *xml, int g_pos)
968 {
969 GDBRegisterState *s;
970 GDBRegisterState **p;
971
972 p = &cpu->gdb_regs;
973 while (*p) {
974 /* Check for duplicates. */
975 if (strcmp((*p)->xml, xml) == 0)
976 return;
977 p = &(*p)->next;
978 }
979
980 s = g_new0(GDBRegisterState, 1);
981 s->base_reg = cpu->gdb_num_regs;
982 s->num_regs = num_regs;
983 s->get_reg = get_reg;
984 s->set_reg = set_reg;
985 s->xml = xml;
986
987 /* Add to end of list. */
988 cpu->gdb_num_regs += num_regs;
989 *p = s;
990 if (g_pos) {
991 if (g_pos != s->base_reg) {
992 error_report("Error: Bad gdb register numbering for '%s', "
993 "expected %d got %d", xml, g_pos, s->base_reg);
994 } else {
995 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
996 }
997 }
998 }
999
1000 #ifndef CONFIG_USER_ONLY
1001 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
1002 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
1003 {
1004 static const int xlat[] = {
1005 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
1006 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
1007 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
1008 };
1009
1010 CPUClass *cc = CPU_GET_CLASS(cpu);
1011 int cputype = xlat[gdbtype];
1012
1013 if (cc->gdb_stop_before_watchpoint) {
1014 cputype |= BP_STOP_BEFORE_ACCESS;
1015 }
1016 return cputype;
1017 }
1018 #endif
1019
1020 static int gdb_breakpoint_insert(int type, target_ulong addr, target_ulong len)
1021 {
1022 CPUState *cpu;
1023 int err = 0;
1024
1025 if (kvm_enabled()) {
1026 return kvm_insert_breakpoint(gdbserver_state.c_cpu, addr, len, type);
1027 }
1028
1029 switch (type) {
1030 case GDB_BREAKPOINT_SW:
1031 case GDB_BREAKPOINT_HW:
1032 CPU_FOREACH(cpu) {
1033 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
1034 if (err) {
1035 break;
1036 }
1037 }
1038 return err;
1039 #ifndef CONFIG_USER_ONLY
1040 case GDB_WATCHPOINT_WRITE:
1041 case GDB_WATCHPOINT_READ:
1042 case GDB_WATCHPOINT_ACCESS:
1043 CPU_FOREACH(cpu) {
1044 err = cpu_watchpoint_insert(cpu, addr, len,
1045 xlat_gdb_type(cpu, type), NULL);
1046 if (err) {
1047 break;
1048 }
1049 }
1050 return err;
1051 #endif
1052 default:
1053 return -ENOSYS;
1054 }
1055 }
1056
1057 static int gdb_breakpoint_remove(int type, target_ulong addr, target_ulong len)
1058 {
1059 CPUState *cpu;
1060 int err = 0;
1061
1062 if (kvm_enabled()) {
1063 return kvm_remove_breakpoint(gdbserver_state.c_cpu, addr, len, type);
1064 }
1065
1066 switch (type) {
1067 case GDB_BREAKPOINT_SW:
1068 case GDB_BREAKPOINT_HW:
1069 CPU_FOREACH(cpu) {
1070 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
1071 if (err) {
1072 break;
1073 }
1074 }
1075 return err;
1076 #ifndef CONFIG_USER_ONLY
1077 case GDB_WATCHPOINT_WRITE:
1078 case GDB_WATCHPOINT_READ:
1079 case GDB_WATCHPOINT_ACCESS:
1080 CPU_FOREACH(cpu) {
1081 err = cpu_watchpoint_remove(cpu, addr, len,
1082 xlat_gdb_type(cpu, type));
1083 if (err)
1084 break;
1085 }
1086 return err;
1087 #endif
1088 default:
1089 return -ENOSYS;
1090 }
1091 }
1092
1093 static inline void gdb_cpu_breakpoint_remove_all(CPUState *cpu)
1094 {
1095 cpu_breakpoint_remove_all(cpu, BP_GDB);
1096 #ifndef CONFIG_USER_ONLY
1097 cpu_watchpoint_remove_all(cpu, BP_GDB);
1098 #endif
1099 }
1100
1101 static void gdb_process_breakpoint_remove_all(GDBProcess *p)
1102 {
1103 CPUState *cpu = get_first_cpu_in_process(p);
1104
1105 while (cpu) {
1106 gdb_cpu_breakpoint_remove_all(cpu);
1107 cpu = gdb_next_cpu_in_process(cpu);
1108 }
1109 }
1110
1111 static void gdb_breakpoint_remove_all(void)
1112 {
1113 CPUState *cpu;
1114
1115 if (kvm_enabled()) {
1116 kvm_remove_all_breakpoints(gdbserver_state.c_cpu);
1117 return;
1118 }
1119
1120 CPU_FOREACH(cpu) {
1121 gdb_cpu_breakpoint_remove_all(cpu);
1122 }
1123 }
1124
1125 static void gdb_set_cpu_pc(target_ulong pc)
1126 {
1127 CPUState *cpu = gdbserver_state.c_cpu;
1128
1129 cpu_synchronize_state(cpu);
1130 cpu_set_pc(cpu, pc);
1131 }
1132
1133 static void gdb_append_thread_id(CPUState *cpu, GString *buf)
1134 {
1135 if (gdbserver_state.multiprocess) {
1136 g_string_append_printf(buf, "p%02x.%02x",
1137 gdb_get_cpu_pid(cpu), cpu_gdb_index(cpu));
1138 } else {
1139 g_string_append_printf(buf, "%02x", cpu_gdb_index(cpu));
1140 }
1141 }
1142
1143 typedef enum GDBThreadIdKind {
1144 GDB_ONE_THREAD = 0,
1145 GDB_ALL_THREADS, /* One process, all threads */
1146 GDB_ALL_PROCESSES,
1147 GDB_READ_THREAD_ERR
1148 } GDBThreadIdKind;
1149
1150 static GDBThreadIdKind read_thread_id(const char *buf, const char **end_buf,
1151 uint32_t *pid, uint32_t *tid)
1152 {
1153 unsigned long p, t;
1154 int ret;
1155
1156 if (*buf == 'p') {
1157 buf++;
1158 ret = qemu_strtoul(buf, &buf, 16, &p);
1159
1160 if (ret) {
1161 return GDB_READ_THREAD_ERR;
1162 }
1163
1164 /* Skip '.' */
1165 buf++;
1166 } else {
1167 p = 1;
1168 }
1169
1170 ret = qemu_strtoul(buf, &buf, 16, &t);
1171
1172 if (ret) {
1173 return GDB_READ_THREAD_ERR;
1174 }
1175
1176 *end_buf = buf;
1177
1178 if (p == -1) {
1179 return GDB_ALL_PROCESSES;
1180 }
1181
1182 if (pid) {
1183 *pid = p;
1184 }
1185
1186 if (t == -1) {
1187 return GDB_ALL_THREADS;
1188 }
1189
1190 if (tid) {
1191 *tid = t;
1192 }
1193
1194 return GDB_ONE_THREAD;
1195 }
1196
1197 /**
1198 * gdb_handle_vcont - Parses and handles a vCont packet.
1199 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
1200 * a format error, 0 on success.
1201 */
1202 static int gdb_handle_vcont(const char *p)
1203 {
1204 int res, signal = 0;
1205 char cur_action;
1206 char *newstates;
1207 unsigned long tmp;
1208 uint32_t pid, tid;
1209 GDBProcess *process;
1210 CPUState *cpu;
1211 GDBThreadIdKind kind;
1212 #ifdef CONFIG_USER_ONLY
1213 int max_cpus = 1; /* global variable max_cpus exists only in system mode */
1214
1215 CPU_FOREACH(cpu) {
1216 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus;
1217 }
1218 #else
1219 MachineState *ms = MACHINE(qdev_get_machine());
1220 unsigned int max_cpus = ms->smp.max_cpus;
1221 #endif
1222 /* uninitialised CPUs stay 0 */
1223 newstates = g_new0(char, max_cpus);
1224
1225 /* mark valid CPUs with 1 */
1226 CPU_FOREACH(cpu) {
1227 newstates[cpu->cpu_index] = 1;
1228 }
1229
1230 /*
1231 * res keeps track of what error we are returning, with -ENOTSUP meaning
1232 * that the command is unknown or unsupported, thus returning an empty
1233 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
1234 * or incorrect parameters passed.
1235 */
1236 res = 0;
1237 while (*p) {
1238 if (*p++ != ';') {
1239 res = -ENOTSUP;
1240 goto out;
1241 }
1242
1243 cur_action = *p++;
1244 if (cur_action == 'C' || cur_action == 'S') {
1245 cur_action = qemu_tolower(cur_action);
1246 res = qemu_strtoul(p + 1, &p, 16, &tmp);
1247 if (res) {
1248 goto out;
1249 }
1250 signal = gdb_signal_to_target(tmp);
1251 } else if (cur_action != 'c' && cur_action != 's') {
1252 /* unknown/invalid/unsupported command */
1253 res = -ENOTSUP;
1254 goto out;
1255 }
1256
1257 if (*p == '\0' || *p == ';') {
1258 /*
1259 * No thread specifier, action is on "all threads". The
1260 * specification is unclear regarding the process to act on. We
1261 * choose all processes.
1262 */
1263 kind = GDB_ALL_PROCESSES;
1264 } else if (*p++ == ':') {
1265 kind = read_thread_id(p, &p, &pid, &tid);
1266 } else {
1267 res = -ENOTSUP;
1268 goto out;
1269 }
1270
1271 switch (kind) {
1272 case GDB_READ_THREAD_ERR:
1273 res = -EINVAL;
1274 goto out;
1275
1276 case GDB_ALL_PROCESSES:
1277 cpu = gdb_first_attached_cpu();
1278 while (cpu) {
1279 if (newstates[cpu->cpu_index] == 1) {
1280 newstates[cpu->cpu_index] = cur_action;
1281 }
1282
1283 cpu = gdb_next_attached_cpu(cpu);
1284 }
1285 break;
1286
1287 case GDB_ALL_THREADS:
1288 process = gdb_get_process(pid);
1289
1290 if (!process->attached) {
1291 res = -EINVAL;
1292 goto out;
1293 }
1294
1295 cpu = get_first_cpu_in_process(process);
1296 while (cpu) {
1297 if (newstates[cpu->cpu_index] == 1) {
1298 newstates[cpu->cpu_index] = cur_action;
1299 }
1300
1301 cpu = gdb_next_cpu_in_process(cpu);
1302 }
1303 break;
1304
1305 case GDB_ONE_THREAD:
1306 cpu = gdb_get_cpu(pid, tid);
1307
1308 /* invalid CPU/thread specified */
1309 if (!cpu) {
1310 res = -EINVAL;
1311 goto out;
1312 }
1313
1314 /* only use if no previous match occourred */
1315 if (newstates[cpu->cpu_index] == 1) {
1316 newstates[cpu->cpu_index] = cur_action;
1317 }
1318 break;
1319 }
1320 }
1321 gdbserver_state.signal = signal;
1322 gdb_continue_partial(newstates);
1323
1324 out:
1325 g_free(newstates);
1326
1327 return res;
1328 }
1329
1330 typedef union GdbCmdVariant {
1331 const char *data;
1332 uint8_t opcode;
1333 unsigned long val_ul;
1334 unsigned long long val_ull;
1335 struct {
1336 GDBThreadIdKind kind;
1337 uint32_t pid;
1338 uint32_t tid;
1339 } thread_id;
1340 } GdbCmdVariant;
1341
1342 static const char *cmd_next_param(const char *param, const char delimiter)
1343 {
1344 static const char all_delimiters[] = ",;:=";
1345 char curr_delimiters[2] = {0};
1346 const char *delimiters;
1347
1348 if (delimiter == '?') {
1349 delimiters = all_delimiters;
1350 } else if (delimiter == '0') {
1351 return strchr(param, '\0');
1352 } else if (delimiter == '.' && *param) {
1353 return param + 1;
1354 } else {
1355 curr_delimiters[0] = delimiter;
1356 delimiters = curr_delimiters;
1357 }
1358
1359 param += strcspn(param, delimiters);
1360 if (*param) {
1361 param++;
1362 }
1363 return param;
1364 }
1365
1366 static int cmd_parse_params(const char *data, const char *schema,
1367 GdbCmdVariant *params, int *num_params)
1368 {
1369 int curr_param;
1370 const char *curr_schema, *curr_data;
1371
1372 *num_params = 0;
1373
1374 if (!schema) {
1375 return 0;
1376 }
1377
1378 curr_schema = schema;
1379 curr_param = 0;
1380 curr_data = data;
1381 while (curr_schema[0] && curr_schema[1] && *curr_data) {
1382 switch (curr_schema[0]) {
1383 case 'l':
1384 if (qemu_strtoul(curr_data, &curr_data, 16,
1385 &params[curr_param].val_ul)) {
1386 return -EINVAL;
1387 }
1388 curr_param++;
1389 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1390 break;
1391 case 'L':
1392 if (qemu_strtou64(curr_data, &curr_data, 16,
1393 (uint64_t *)&params[curr_param].val_ull)) {
1394 return -EINVAL;
1395 }
1396 curr_param++;
1397 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1398 break;
1399 case 's':
1400 params[curr_param].data = curr_data;
1401 curr_param++;
1402 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1403 break;
1404 case 'o':
1405 params[curr_param].opcode = *(uint8_t *)curr_data;
1406 curr_param++;
1407 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1408 break;
1409 case 't':
1410 params[curr_param].thread_id.kind =
1411 read_thread_id(curr_data, &curr_data,
1412 &params[curr_param].thread_id.pid,
1413 &params[curr_param].thread_id.tid);
1414 curr_param++;
1415 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1416 break;
1417 case '?':
1418 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1419 break;
1420 default:
1421 return -EINVAL;
1422 }
1423 curr_schema += 2;
1424 }
1425
1426 *num_params = curr_param;
1427 return 0;
1428 }
1429
1430 typedef struct GdbCmdContext {
1431 GdbCmdVariant *params;
1432 int num_params;
1433 } GdbCmdContext;
1434
1435 typedef void (*GdbCmdHandler)(GdbCmdContext *gdb_ctx, void *user_ctx);
1436
1437 /*
1438 * cmd_startswith -> cmd is compared using startswith
1439 *
1440 *
1441 * schema definitions:
1442 * Each schema parameter entry consists of 2 chars,
1443 * the first char represents the parameter type handling
1444 * the second char represents the delimiter for the next parameter
1445 *
1446 * Currently supported schema types:
1447 * 'l' -> unsigned long (stored in .val_ul)
1448 * 'L' -> unsigned long long (stored in .val_ull)
1449 * 's' -> string (stored in .data)
1450 * 'o' -> single char (stored in .opcode)
1451 * 't' -> thread id (stored in .thread_id)
1452 * '?' -> skip according to delimiter
1453 *
1454 * Currently supported delimiters:
1455 * '?' -> Stop at any delimiter (",;:=\0")
1456 * '0' -> Stop at "\0"
1457 * '.' -> Skip 1 char unless reached "\0"
1458 * Any other value is treated as the delimiter value itself
1459 */
1460 typedef struct GdbCmdParseEntry {
1461 GdbCmdHandler handler;
1462 const char *cmd;
1463 bool cmd_startswith;
1464 const char *schema;
1465 } GdbCmdParseEntry;
1466
1467 static inline int startswith(const char *string, const char *pattern)
1468 {
1469 return !strncmp(string, pattern, strlen(pattern));
1470 }
1471
1472 static int process_string_cmd(void *user_ctx, const char *data,
1473 const GdbCmdParseEntry *cmds, int num_cmds)
1474 {
1475 int i, schema_len, max_num_params = 0;
1476 GdbCmdContext gdb_ctx;
1477
1478 if (!cmds) {
1479 return -1;
1480 }
1481
1482 for (i = 0; i < num_cmds; i++) {
1483 const GdbCmdParseEntry *cmd = &cmds[i];
1484 g_assert(cmd->handler && cmd->cmd);
1485
1486 if ((cmd->cmd_startswith && !startswith(data, cmd->cmd)) ||
1487 (!cmd->cmd_startswith && strcmp(cmd->cmd, data))) {
1488 continue;
1489 }
1490
1491 if (cmd->schema) {
1492 schema_len = strlen(cmd->schema);
1493 if (schema_len % 2) {
1494 return -2;
1495 }
1496
1497 max_num_params = schema_len / 2;
1498 }
1499
1500 gdb_ctx.params =
1501 (GdbCmdVariant *)alloca(sizeof(*gdb_ctx.params) * max_num_params);
1502 memset(gdb_ctx.params, 0, sizeof(*gdb_ctx.params) * max_num_params);
1503
1504 if (cmd_parse_params(&data[strlen(cmd->cmd)], cmd->schema,
1505 gdb_ctx.params, &gdb_ctx.num_params)) {
1506 return -1;
1507 }
1508
1509 cmd->handler(&gdb_ctx, user_ctx);
1510 return 0;
1511 }
1512
1513 return -1;
1514 }
1515
1516 static void run_cmd_parser(const char *data, const GdbCmdParseEntry *cmd)
1517 {
1518 if (!data) {
1519 return;
1520 }
1521
1522 g_string_set_size(gdbserver_state.str_buf, 0);
1523 g_byte_array_set_size(gdbserver_state.mem_buf, 0);
1524
1525 /* In case there was an error during the command parsing we must
1526 * send a NULL packet to indicate the command is not supported */
1527 if (process_string_cmd(NULL, data, cmd, 1)) {
1528 put_packet("");
1529 }
1530 }
1531
1532 static void handle_detach(GdbCmdContext *gdb_ctx, void *user_ctx)
1533 {
1534 GDBProcess *process;
1535 uint32_t pid = 1;
1536
1537 if (gdbserver_state.multiprocess) {
1538 if (!gdb_ctx->num_params) {
1539 put_packet("E22");
1540 return;
1541 }
1542
1543 pid = gdb_ctx->params[0].val_ul;
1544 }
1545
1546 process = gdb_get_process(pid);
1547 gdb_process_breakpoint_remove_all(process);
1548 process->attached = false;
1549
1550 if (pid == gdb_get_cpu_pid(gdbserver_state.c_cpu)) {
1551 gdbserver_state.c_cpu = gdb_first_attached_cpu();
1552 }
1553
1554 if (pid == gdb_get_cpu_pid(gdbserver_state.g_cpu)) {
1555 gdbserver_state.g_cpu = gdb_first_attached_cpu();
1556 }
1557
1558 if (!gdbserver_state.c_cpu) {
1559 /* No more process attached */
1560 gdb_syscall_mode = GDB_SYS_DISABLED;
1561 gdb_continue();
1562 }
1563 put_packet("OK");
1564 }
1565
1566 static void handle_thread_alive(GdbCmdContext *gdb_ctx, void *user_ctx)
1567 {
1568 CPUState *cpu;
1569
1570 if (!gdb_ctx->num_params) {
1571 put_packet("E22");
1572 return;
1573 }
1574
1575 if (gdb_ctx->params[0].thread_id.kind == GDB_READ_THREAD_ERR) {
1576 put_packet("E22");
1577 return;
1578 }
1579
1580 cpu = gdb_get_cpu(gdb_ctx->params[0].thread_id.pid,
1581 gdb_ctx->params[0].thread_id.tid);
1582 if (!cpu) {
1583 put_packet("E22");
1584 return;
1585 }
1586
1587 put_packet("OK");
1588 }
1589
1590 static void handle_continue(GdbCmdContext *gdb_ctx, void *user_ctx)
1591 {
1592 if (gdb_ctx->num_params) {
1593 gdb_set_cpu_pc(gdb_ctx->params[0].val_ull);
1594 }
1595
1596 gdbserver_state.signal = 0;
1597 gdb_continue();
1598 }
1599
1600 static void handle_cont_with_sig(GdbCmdContext *gdb_ctx, void *user_ctx)
1601 {
1602 unsigned long signal = 0;
1603
1604 /*
1605 * Note: C sig;[addr] is currently unsupported and we simply
1606 * omit the addr parameter
1607 */
1608 if (gdb_ctx->num_params) {
1609 signal = gdb_ctx->params[0].val_ul;
1610 }
1611
1612 gdbserver_state.signal = gdb_signal_to_target(signal);
1613 if (gdbserver_state.signal == -1) {
1614 gdbserver_state.signal = 0;
1615 }
1616 gdb_continue();
1617 }
1618
1619 static void handle_set_thread(GdbCmdContext *gdb_ctx, void *user_ctx)
1620 {
1621 CPUState *cpu;
1622
1623 if (gdb_ctx->num_params != 2) {
1624 put_packet("E22");
1625 return;
1626 }
1627
1628 if (gdb_ctx->params[1].thread_id.kind == GDB_READ_THREAD_ERR) {
1629 put_packet("E22");
1630 return;
1631 }
1632
1633 if (gdb_ctx->params[1].thread_id.kind != GDB_ONE_THREAD) {
1634 put_packet("OK");
1635 return;
1636 }
1637
1638 cpu = gdb_get_cpu(gdb_ctx->params[1].thread_id.pid,
1639 gdb_ctx->params[1].thread_id.tid);
1640 if (!cpu) {
1641 put_packet("E22");
1642 return;
1643 }
1644
1645 /*
1646 * Note: This command is deprecated and modern gdb's will be using the
1647 * vCont command instead.
1648 */
1649 switch (gdb_ctx->params[0].opcode) {
1650 case 'c':
1651 gdbserver_state.c_cpu = cpu;
1652 put_packet("OK");
1653 break;
1654 case 'g':
1655 gdbserver_state.g_cpu = cpu;
1656 put_packet("OK");
1657 break;
1658 default:
1659 put_packet("E22");
1660 break;
1661 }
1662 }
1663
1664 static void handle_insert_bp(GdbCmdContext *gdb_ctx, void *user_ctx)
1665 {
1666 int res;
1667
1668 if (gdb_ctx->num_params != 3) {
1669 put_packet("E22");
1670 return;
1671 }
1672
1673 res = gdb_breakpoint_insert(gdb_ctx->params[0].val_ul,
1674 gdb_ctx->params[1].val_ull,
1675 gdb_ctx->params[2].val_ull);
1676 if (res >= 0) {
1677 put_packet("OK");
1678 return;
1679 } else if (res == -ENOSYS) {
1680 put_packet("");
1681 return;
1682 }
1683
1684 put_packet("E22");
1685 }
1686
1687 static void handle_remove_bp(GdbCmdContext *gdb_ctx, void *user_ctx)
1688 {
1689 int res;
1690
1691 if (gdb_ctx->num_params != 3) {
1692 put_packet("E22");
1693 return;
1694 }
1695
1696 res = gdb_breakpoint_remove(gdb_ctx->params[0].val_ul,
1697 gdb_ctx->params[1].val_ull,
1698 gdb_ctx->params[2].val_ull);
1699 if (res >= 0) {
1700 put_packet("OK");
1701 return;
1702 } else if (res == -ENOSYS) {
1703 put_packet("");
1704 return;
1705 }
1706
1707 put_packet("E22");
1708 }
1709
1710 /*
1711 * handle_set/get_reg
1712 *
1713 * Older gdb are really dumb, and don't use 'G/g' if 'P/p' is available.
1714 * This works, but can be very slow. Anything new enough to understand
1715 * XML also knows how to use this properly. However to use this we
1716 * need to define a local XML file as well as be talking to a
1717 * reasonably modern gdb. Responding with an empty packet will cause
1718 * the remote gdb to fallback to older methods.
1719 */
1720
1721 static void handle_set_reg(GdbCmdContext *gdb_ctx, void *user_ctx)
1722 {
1723 int reg_size;
1724
1725 if (!gdb_has_xml) {
1726 put_packet("");
1727 return;
1728 }
1729
1730 if (gdb_ctx->num_params != 2) {
1731 put_packet("E22");
1732 return;
1733 }
1734
1735 reg_size = strlen(gdb_ctx->params[1].data) / 2;
1736 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[1].data, reg_size);
1737 gdb_write_register(gdbserver_state.g_cpu, gdbserver_state.mem_buf->data,
1738 gdb_ctx->params[0].val_ull);
1739 put_packet("OK");
1740 }
1741
1742 static void handle_get_reg(GdbCmdContext *gdb_ctx, void *user_ctx)
1743 {
1744 int reg_size;
1745
1746 if (!gdb_has_xml) {
1747 put_packet("");
1748 return;
1749 }
1750
1751 if (!gdb_ctx->num_params) {
1752 put_packet("E14");
1753 return;
1754 }
1755
1756 reg_size = gdb_read_register(gdbserver_state.g_cpu,
1757 gdbserver_state.mem_buf,
1758 gdb_ctx->params[0].val_ull);
1759 if (!reg_size) {
1760 put_packet("E14");
1761 return;
1762 } else {
1763 g_byte_array_set_size(gdbserver_state.mem_buf, reg_size);
1764 }
1765
1766 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, reg_size);
1767 put_strbuf();
1768 }
1769
1770 static void handle_write_mem(GdbCmdContext *gdb_ctx, void *user_ctx)
1771 {
1772 if (gdb_ctx->num_params != 3) {
1773 put_packet("E22");
1774 return;
1775 }
1776
1777 /* hextomem() reads 2*len bytes */
1778 if (gdb_ctx->params[1].val_ull > strlen(gdb_ctx->params[2].data) / 2) {
1779 put_packet("E22");
1780 return;
1781 }
1782
1783 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[2].data,
1784 gdb_ctx->params[1].val_ull);
1785 if (target_memory_rw_debug(gdbserver_state.g_cpu, gdb_ctx->params[0].val_ull,
1786 gdbserver_state.mem_buf->data,
1787 gdbserver_state.mem_buf->len, true)) {
1788 put_packet("E14");
1789 return;
1790 }
1791
1792 put_packet("OK");
1793 }
1794
1795 static void handle_read_mem(GdbCmdContext *gdb_ctx, void *user_ctx)
1796 {
1797 if (gdb_ctx->num_params != 2) {
1798 put_packet("E22");
1799 return;
1800 }
1801
1802 /* memtohex() doubles the required space */
1803 if (gdb_ctx->params[1].val_ull > MAX_PACKET_LENGTH / 2) {
1804 put_packet("E22");
1805 return;
1806 }
1807
1808 g_byte_array_set_size(gdbserver_state.mem_buf, gdb_ctx->params[1].val_ull);
1809
1810 if (target_memory_rw_debug(gdbserver_state.g_cpu, gdb_ctx->params[0].val_ull,
1811 gdbserver_state.mem_buf->data,
1812 gdbserver_state.mem_buf->len, false)) {
1813 put_packet("E14");
1814 return;
1815 }
1816
1817 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data,
1818 gdbserver_state.mem_buf->len);
1819 put_strbuf();
1820 }
1821
1822 static void handle_write_all_regs(GdbCmdContext *gdb_ctx, void *user_ctx)
1823 {
1824 target_ulong addr, len;
1825 uint8_t *registers;
1826 int reg_size;
1827
1828 if (!gdb_ctx->num_params) {
1829 return;
1830 }
1831
1832 cpu_synchronize_state(gdbserver_state.g_cpu);
1833 len = strlen(gdb_ctx->params[0].data) / 2;
1834 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[0].data, len);
1835 registers = gdbserver_state.mem_buf->data;
1836 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs && len > 0;
1837 addr++) {
1838 reg_size = gdb_write_register(gdbserver_state.g_cpu, registers, addr);
1839 len -= reg_size;
1840 registers += reg_size;
1841 }
1842 put_packet("OK");
1843 }
1844
1845 static void handle_read_all_regs(GdbCmdContext *gdb_ctx, void *user_ctx)
1846 {
1847 target_ulong addr, len;
1848
1849 cpu_synchronize_state(gdbserver_state.g_cpu);
1850 g_byte_array_set_size(gdbserver_state.mem_buf, 0);
1851 len = 0;
1852 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs; addr++) {
1853 len += gdb_read_register(gdbserver_state.g_cpu,
1854 gdbserver_state.mem_buf,
1855 addr);
1856 }
1857 g_assert(len == gdbserver_state.mem_buf->len);
1858
1859 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, len);
1860 put_strbuf();
1861 }
1862
1863 static void handle_file_io(GdbCmdContext *gdb_ctx, void *user_ctx)
1864 {
1865 if (gdb_ctx->num_params >= 1 && gdbserver_state.current_syscall_cb) {
1866 target_ulong ret, err;
1867
1868 ret = (target_ulong)gdb_ctx->params[0].val_ull;
1869 if (gdb_ctx->num_params >= 2) {
1870 err = (target_ulong)gdb_ctx->params[1].val_ull;
1871 } else {
1872 err = 0;
1873 }
1874 gdbserver_state.current_syscall_cb(gdbserver_state.c_cpu, ret, err);
1875 gdbserver_state.current_syscall_cb = NULL;
1876 }
1877
1878 if (gdb_ctx->num_params >= 3 && gdb_ctx->params[2].opcode == (uint8_t)'C') {
1879 put_packet("T02");
1880 return;
1881 }
1882
1883 gdb_continue();
1884 }
1885
1886 static void handle_step(GdbCmdContext *gdb_ctx, void *user_ctx)
1887 {
1888 if (gdb_ctx->num_params) {
1889 gdb_set_cpu_pc((target_ulong)gdb_ctx->params[0].val_ull);
1890 }
1891
1892 cpu_single_step(gdbserver_state.c_cpu, get_sstep_flags());
1893 gdb_continue();
1894 }
1895
1896 static void handle_backward(GdbCmdContext *gdb_ctx, void *user_ctx)
1897 {
1898 if (replay_mode != REPLAY_MODE_PLAY) {
1899 put_packet("E22");
1900 }
1901 if (gdb_ctx->num_params == 1) {
1902 switch (gdb_ctx->params[0].opcode) {
1903 case 's':
1904 if (replay_reverse_step()) {
1905 gdb_continue();
1906 } else {
1907 put_packet("E14");
1908 }
1909 return;
1910 }
1911 }
1912
1913 /* Default invalid command */
1914 put_packet("");
1915 }
1916
1917 static void handle_v_cont_query(GdbCmdContext *gdb_ctx, void *user_ctx)
1918 {
1919 put_packet("vCont;c;C;s;S");
1920 }
1921
1922 static void handle_v_cont(GdbCmdContext *gdb_ctx, void *user_ctx)
1923 {
1924 int res;
1925
1926 if (!gdb_ctx->num_params) {
1927 return;
1928 }
1929
1930 res = gdb_handle_vcont(gdb_ctx->params[0].data);
1931 if ((res == -EINVAL) || (res == -ERANGE)) {
1932 put_packet("E22");
1933 } else if (res) {
1934 put_packet("");
1935 }
1936 }
1937
1938 static void handle_v_attach(GdbCmdContext *gdb_ctx, void *user_ctx)
1939 {
1940 GDBProcess *process;
1941 CPUState *cpu;
1942
1943 g_string_assign(gdbserver_state.str_buf, "E22");
1944 if (!gdb_ctx->num_params) {
1945 goto cleanup;
1946 }
1947
1948 process = gdb_get_process(gdb_ctx->params[0].val_ul);
1949 if (!process) {
1950 goto cleanup;
1951 }
1952
1953 cpu = get_first_cpu_in_process(process);
1954 if (!cpu) {
1955 goto cleanup;
1956 }
1957
1958 process->attached = true;
1959 gdbserver_state.g_cpu = cpu;
1960 gdbserver_state.c_cpu = cpu;
1961
1962 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
1963 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
1964 g_string_append_c(gdbserver_state.str_buf, ';');
1965 cleanup:
1966 put_strbuf();
1967 }
1968
1969 static void handle_v_kill(GdbCmdContext *gdb_ctx, void *user_ctx)
1970 {
1971 /* Kill the target */
1972 put_packet("OK");
1973 error_report("QEMU: Terminated via GDBstub");
1974 exit(0);
1975 }
1976
1977 static GdbCmdParseEntry gdb_v_commands_table[] = {
1978 /* Order is important if has same prefix */
1979 {
1980 .handler = handle_v_cont_query,
1981 .cmd = "Cont?",
1982 .cmd_startswith = 1
1983 },
1984 {
1985 .handler = handle_v_cont,
1986 .cmd = "Cont",
1987 .cmd_startswith = 1,
1988 .schema = "s0"
1989 },
1990 {
1991 .handler = handle_v_attach,
1992 .cmd = "Attach;",
1993 .cmd_startswith = 1,
1994 .schema = "l0"
1995 },
1996 {
1997 .handler = handle_v_kill,
1998 .cmd = "Kill;",
1999 .cmd_startswith = 1
2000 },
2001 };
2002
2003 static void handle_v_commands(GdbCmdContext *gdb_ctx, void *user_ctx)
2004 {
2005 if (!gdb_ctx->num_params) {
2006 return;
2007 }
2008
2009 if (process_string_cmd(NULL, gdb_ctx->params[0].data,
2010 gdb_v_commands_table,
2011 ARRAY_SIZE(gdb_v_commands_table))) {
2012 put_packet("");
2013 }
2014 }
2015
2016 static void handle_query_qemu_sstepbits(GdbCmdContext *gdb_ctx, void *user_ctx)
2017 {
2018 g_string_printf(gdbserver_state.str_buf, "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
2019 SSTEP_ENABLE, SSTEP_NOIRQ, SSTEP_NOTIMER);
2020 put_strbuf();
2021 }
2022
2023 static void handle_set_qemu_sstep(GdbCmdContext *gdb_ctx, void *user_ctx)
2024 {
2025 if (!gdb_ctx->num_params) {
2026 return;
2027 }
2028
2029 sstep_flags = gdb_ctx->params[0].val_ul;
2030 put_packet("OK");
2031 }
2032
2033 static void handle_query_qemu_sstep(GdbCmdContext *gdb_ctx, void *user_ctx)
2034 {
2035 g_string_printf(gdbserver_state.str_buf, "0x%x", sstep_flags);
2036 put_strbuf();
2037 }
2038
2039 static void handle_query_curr_tid(GdbCmdContext *gdb_ctx, void *user_ctx)
2040 {
2041 CPUState *cpu;
2042 GDBProcess *process;
2043
2044 /*
2045 * "Current thread" remains vague in the spec, so always return
2046 * the first thread of the current process (gdb returns the
2047 * first thread).
2048 */
2049 process = gdb_get_cpu_process(gdbserver_state.g_cpu);
2050 cpu = get_first_cpu_in_process(process);
2051 g_string_assign(gdbserver_state.str_buf, "QC");
2052 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
2053 put_strbuf();
2054 }
2055
2056 static void handle_query_threads(GdbCmdContext *gdb_ctx, void *user_ctx)
2057 {
2058 if (!gdbserver_state.query_cpu) {
2059 put_packet("l");
2060 return;
2061 }
2062
2063 g_string_assign(gdbserver_state.str_buf, "m");
2064 gdb_append_thread_id(gdbserver_state.query_cpu, gdbserver_state.str_buf);
2065 put_strbuf();
2066 gdbserver_state.query_cpu = gdb_next_attached_cpu(gdbserver_state.query_cpu);
2067 }
2068
2069 static void handle_query_first_threads(GdbCmdContext *gdb_ctx, void *user_ctx)
2070 {
2071 gdbserver_state.query_cpu = gdb_first_attached_cpu();
2072 handle_query_threads(gdb_ctx, user_ctx);
2073 }
2074
2075 static void handle_query_thread_extra(GdbCmdContext *gdb_ctx, void *user_ctx)
2076 {
2077 g_autoptr(GString) rs = g_string_new(NULL);
2078 CPUState *cpu;
2079
2080 if (!gdb_ctx->num_params ||
2081 gdb_ctx->params[0].thread_id.kind == GDB_READ_THREAD_ERR) {
2082 put_packet("E22");
2083 return;
2084 }
2085
2086 cpu = gdb_get_cpu(gdb_ctx->params[0].thread_id.pid,
2087 gdb_ctx->params[0].thread_id.tid);
2088 if (!cpu) {
2089 return;
2090 }
2091
2092 cpu_synchronize_state(cpu);
2093
2094 if (gdbserver_state.multiprocess && (gdbserver_state.process_num > 1)) {
2095 /* Print the CPU model and name in multiprocess mode */
2096 ObjectClass *oc = object_get_class(OBJECT(cpu));
2097 const char *cpu_model = object_class_get_name(oc);
2098 const char *cpu_name =
2099 object_get_canonical_path_component(OBJECT(cpu));
2100 g_string_printf(rs, "%s %s [%s]", cpu_model, cpu_name,
2101 cpu->halted ? "halted " : "running");
2102 } else {
2103 g_string_printf(rs, "CPU#%d [%s]", cpu->cpu_index,
2104 cpu->halted ? "halted " : "running");
2105 }
2106 trace_gdbstub_op_extra_info(rs->str);
2107 memtohex(gdbserver_state.str_buf, (uint8_t *)rs->str, rs->len);
2108 put_strbuf();
2109 }
2110
2111 #ifdef CONFIG_USER_ONLY
2112 static void handle_query_offsets(GdbCmdContext *gdb_ctx, void *user_ctx)
2113 {
2114 TaskState *ts;
2115
2116 ts = gdbserver_state.c_cpu->opaque;
2117 g_string_printf(gdbserver_state.str_buf,
2118 "Text=" TARGET_ABI_FMT_lx
2119 ";Data=" TARGET_ABI_FMT_lx
2120 ";Bss=" TARGET_ABI_FMT_lx,
2121 ts->info->code_offset,
2122 ts->info->data_offset,
2123 ts->info->data_offset);
2124 put_strbuf();
2125 }
2126 #else
2127 static void handle_query_rcmd(GdbCmdContext *gdb_ctx, void *user_ctx)
2128 {
2129 const guint8 zero = 0;
2130 int len;
2131
2132 if (!gdb_ctx->num_params) {
2133 put_packet("E22");
2134 return;
2135 }
2136
2137 len = strlen(gdb_ctx->params[0].data);
2138 if (len % 2) {
2139 put_packet("E01");
2140 return;
2141 }
2142
2143 g_assert(gdbserver_state.mem_buf->len == 0);
2144 len = len / 2;
2145 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[0].data, len);
2146 g_byte_array_append(gdbserver_state.mem_buf, &zero, 1);
2147 qemu_chr_be_write(gdbserver_state.mon_chr, gdbserver_state.mem_buf->data,
2148 gdbserver_state.mem_buf->len);
2149 put_packet("OK");
2150 }
2151 #endif
2152
2153 static void handle_query_supported(GdbCmdContext *gdb_ctx, void *user_ctx)
2154 {
2155 CPUClass *cc;
2156
2157 g_string_printf(gdbserver_state.str_buf, "PacketSize=%x", MAX_PACKET_LENGTH);
2158 cc = CPU_GET_CLASS(first_cpu);
2159 if (cc->gdb_core_xml_file) {
2160 g_string_append(gdbserver_state.str_buf, ";qXfer:features:read+");
2161 }
2162
2163 if (replay_mode == REPLAY_MODE_PLAY) {
2164 g_string_append(gdbserver_state.str_buf, ";ReverseStep+");
2165 }
2166
2167 if (gdb_ctx->num_params &&
2168 strstr(gdb_ctx->params[0].data, "multiprocess+")) {
2169 gdbserver_state.multiprocess = true;
2170 }
2171
2172 g_string_append(gdbserver_state.str_buf, ";vContSupported+;multiprocess+");
2173 put_strbuf();
2174 }
2175
2176 static void handle_query_xfer_features(GdbCmdContext *gdb_ctx, void *user_ctx)
2177 {
2178 GDBProcess *process;
2179 CPUClass *cc;
2180 unsigned long len, total_len, addr;
2181 const char *xml;
2182 const char *p;
2183
2184 if (gdb_ctx->num_params < 3) {
2185 put_packet("E22");
2186 return;
2187 }
2188
2189 process = gdb_get_cpu_process(gdbserver_state.g_cpu);
2190 cc = CPU_GET_CLASS(gdbserver_state.g_cpu);
2191 if (!cc->gdb_core_xml_file) {
2192 put_packet("");
2193 return;
2194 }
2195
2196 gdb_has_xml = true;
2197 p = gdb_ctx->params[0].data;
2198 xml = get_feature_xml(p, &p, process);
2199 if (!xml) {
2200 put_packet("E00");
2201 return;
2202 }
2203
2204 addr = gdb_ctx->params[1].val_ul;
2205 len = gdb_ctx->params[2].val_ul;
2206 total_len = strlen(xml);
2207 if (addr > total_len) {
2208 put_packet("E00");
2209 return;
2210 }
2211
2212 if (len > (MAX_PACKET_LENGTH - 5) / 2) {
2213 len = (MAX_PACKET_LENGTH - 5) / 2;
2214 }
2215
2216 if (len < total_len - addr) {
2217 g_string_assign(gdbserver_state.str_buf, "m");
2218 memtox(gdbserver_state.str_buf, xml + addr, len);
2219 } else {
2220 g_string_assign(gdbserver_state.str_buf, "l");
2221 memtox(gdbserver_state.str_buf, xml + addr, total_len - addr);
2222 }
2223
2224 put_packet_binary(gdbserver_state.str_buf->str,
2225 gdbserver_state.str_buf->len, true);
2226 }
2227
2228 static void handle_query_attached(GdbCmdContext *gdb_ctx, void *user_ctx)
2229 {
2230 put_packet(GDB_ATTACHED);
2231 }
2232
2233 static void handle_query_qemu_supported(GdbCmdContext *gdb_ctx, void *user_ctx)
2234 {
2235 g_string_printf(gdbserver_state.str_buf, "sstepbits;sstep");
2236 #ifndef CONFIG_USER_ONLY
2237 g_string_append(gdbserver_state.str_buf, ";PhyMemMode");
2238 #endif
2239 put_strbuf();
2240 }
2241
2242 #ifndef CONFIG_USER_ONLY
2243 static void handle_query_qemu_phy_mem_mode(GdbCmdContext *gdb_ctx,
2244 void *user_ctx)
2245 {
2246 g_string_printf(gdbserver_state.str_buf, "%d", phy_memory_mode);
2247 put_strbuf();
2248 }
2249
2250 static void handle_set_qemu_phy_mem_mode(GdbCmdContext *gdb_ctx, void *user_ctx)
2251 {
2252 if (!gdb_ctx->num_params) {
2253 put_packet("E22");
2254 return;
2255 }
2256
2257 if (!gdb_ctx->params[0].val_ul) {
2258 phy_memory_mode = 0;
2259 } else {
2260 phy_memory_mode = 1;
2261 }
2262 put_packet("OK");
2263 }
2264 #endif
2265
2266 static GdbCmdParseEntry gdb_gen_query_set_common_table[] = {
2267 /* Order is important if has same prefix */
2268 {
2269 .handler = handle_query_qemu_sstepbits,
2270 .cmd = "qemu.sstepbits",
2271 },
2272 {
2273 .handler = handle_query_qemu_sstep,
2274 .cmd = "qemu.sstep",
2275 },
2276 {
2277 .handler = handle_set_qemu_sstep,
2278 .cmd = "qemu.sstep=",
2279 .cmd_startswith = 1,
2280 .schema = "l0"
2281 },
2282 };
2283
2284 static GdbCmdParseEntry gdb_gen_query_table[] = {
2285 {
2286 .handler = handle_query_curr_tid,
2287 .cmd = "C",
2288 },
2289 {
2290 .handler = handle_query_threads,
2291 .cmd = "sThreadInfo",
2292 },
2293 {
2294 .handler = handle_query_first_threads,
2295 .cmd = "fThreadInfo",
2296 },
2297 {
2298 .handler = handle_query_thread_extra,
2299 .cmd = "ThreadExtraInfo,",
2300 .cmd_startswith = 1,
2301 .schema = "t0"
2302 },
2303 #ifdef CONFIG_USER_ONLY
2304 {
2305 .handler = handle_query_offsets,
2306 .cmd = "Offsets",
2307 },
2308 #else
2309 {
2310 .handler = handle_query_rcmd,
2311 .cmd = "Rcmd,",
2312 .cmd_startswith = 1,
2313 .schema = "s0"
2314 },
2315 #endif
2316 {
2317 .handler = handle_query_supported,
2318 .cmd = "Supported:",
2319 .cmd_startswith = 1,
2320 .schema = "s0"
2321 },
2322 {
2323 .handler = handle_query_supported,
2324 .cmd = "Supported",
2325 .schema = "s0"
2326 },
2327 {
2328 .handler = handle_query_xfer_features,
2329 .cmd = "Xfer:features:read:",
2330 .cmd_startswith = 1,
2331 .schema = "s:l,l0"
2332 },
2333 {
2334 .handler = handle_query_attached,
2335 .cmd = "Attached:",
2336 .cmd_startswith = 1
2337 },
2338 {
2339 .handler = handle_query_attached,
2340 .cmd = "Attached",
2341 },
2342 {
2343 .handler = handle_query_qemu_supported,
2344 .cmd = "qemu.Supported",
2345 },
2346 #ifndef CONFIG_USER_ONLY
2347 {
2348 .handler = handle_query_qemu_phy_mem_mode,
2349 .cmd = "qemu.PhyMemMode",
2350 },
2351 #endif
2352 };
2353
2354 static GdbCmdParseEntry gdb_gen_set_table[] = {
2355 /* Order is important if has same prefix */
2356 {
2357 .handler = handle_set_qemu_sstep,
2358 .cmd = "qemu.sstep:",
2359 .cmd_startswith = 1,
2360 .schema = "l0"
2361 },
2362 #ifndef CONFIG_USER_ONLY
2363 {
2364 .handler = handle_set_qemu_phy_mem_mode,
2365 .cmd = "qemu.PhyMemMode:",
2366 .cmd_startswith = 1,
2367 .schema = "l0"
2368 },
2369 #endif
2370 };
2371
2372 static void handle_gen_query(GdbCmdContext *gdb_ctx, void *user_ctx)
2373 {
2374 if (!gdb_ctx->num_params) {
2375 return;
2376 }
2377
2378 if (!process_string_cmd(NULL, gdb_ctx->params[0].data,
2379 gdb_gen_query_set_common_table,
2380 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2381 return;
2382 }
2383
2384 if (process_string_cmd(NULL, gdb_ctx->params[0].data,
2385 gdb_gen_query_table,
2386 ARRAY_SIZE(gdb_gen_query_table))) {
2387 put_packet("");
2388 }
2389 }
2390
2391 static void handle_gen_set(GdbCmdContext *gdb_ctx, void *user_ctx)
2392 {
2393 if (!gdb_ctx->num_params) {
2394 return;
2395 }
2396
2397 if (!process_string_cmd(NULL, gdb_ctx->params[0].data,
2398 gdb_gen_query_set_common_table,
2399 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2400 return;
2401 }
2402
2403 if (process_string_cmd(NULL, gdb_ctx->params[0].data,
2404 gdb_gen_set_table,
2405 ARRAY_SIZE(gdb_gen_set_table))) {
2406 put_packet("");
2407 }
2408 }
2409
2410 static void handle_target_halt(GdbCmdContext *gdb_ctx, void *user_ctx)
2411 {
2412 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
2413 gdb_append_thread_id(gdbserver_state.c_cpu, gdbserver_state.str_buf);
2414 g_string_append_c(gdbserver_state.str_buf, ';');
2415 put_strbuf();
2416 /*
2417 * Remove all the breakpoints when this query is issued,
2418 * because gdb is doing an initial connect and the state
2419 * should be cleaned up.
2420 */
2421 gdb_breakpoint_remove_all();
2422 }
2423
2424 static int gdb_handle_packet(const char *line_buf)
2425 {
2426 const GdbCmdParseEntry *cmd_parser = NULL;
2427
2428 trace_gdbstub_io_command(line_buf);
2429
2430 switch (line_buf[0]) {
2431 case '!':
2432 put_packet("OK");
2433 break;
2434 case '?':
2435 {
2436 static const GdbCmdParseEntry target_halted_cmd_desc = {
2437 .handler = handle_target_halt,
2438 .cmd = "?",
2439 .cmd_startswith = 1
2440 };
2441 cmd_parser = &target_halted_cmd_desc;
2442 }
2443 break;
2444 case 'c':
2445 {
2446 static const GdbCmdParseEntry continue_cmd_desc = {
2447 .handler = handle_continue,
2448 .cmd = "c",
2449 .cmd_startswith = 1,
2450 .schema = "L0"
2451 };
2452 cmd_parser = &continue_cmd_desc;
2453 }
2454 break;
2455 case 'C':
2456 {
2457 static const GdbCmdParseEntry cont_with_sig_cmd_desc = {
2458 .handler = handle_cont_with_sig,
2459 .cmd = "C",
2460 .cmd_startswith = 1,
2461 .schema = "l0"
2462 };
2463 cmd_parser = &cont_with_sig_cmd_desc;
2464 }
2465 break;
2466 case 'v':
2467 {
2468 static const GdbCmdParseEntry v_cmd_desc = {
2469 .handler = handle_v_commands,
2470 .cmd = "v",
2471 .cmd_startswith = 1,
2472 .schema = "s0"
2473 };
2474 cmd_parser = &v_cmd_desc;
2475 }
2476 break;
2477 case 'k':
2478 /* Kill the target */
2479 error_report("QEMU: Terminated via GDBstub");
2480 exit(0);
2481 case 'D':
2482 {
2483 static const GdbCmdParseEntry detach_cmd_desc = {
2484 .handler = handle_detach,
2485 .cmd = "D",
2486 .cmd_startswith = 1,
2487 .schema = "?.l0"
2488 };
2489 cmd_parser = &detach_cmd_desc;
2490 }
2491 break;
2492 case 's':
2493 {
2494 static const GdbCmdParseEntry step_cmd_desc = {
2495 .handler = handle_step,
2496 .cmd = "s",
2497 .cmd_startswith = 1,
2498 .schema = "L0"
2499 };
2500 cmd_parser = &step_cmd_desc;
2501 }
2502 break;
2503 case 'b':
2504 {
2505 static const GdbCmdParseEntry backward_cmd_desc = {
2506 .handler = handle_backward,
2507 .cmd = "b",
2508 .cmd_startswith = 1,
2509 .schema = "o0"
2510 };
2511 cmd_parser = &backward_cmd_desc;
2512 }
2513 break;
2514 case 'F':
2515 {
2516 static const GdbCmdParseEntry file_io_cmd_desc = {
2517 .handler = handle_file_io,
2518 .cmd = "F",
2519 .cmd_startswith = 1,
2520 .schema = "L,L,o0"
2521 };
2522 cmd_parser = &file_io_cmd_desc;
2523 }
2524 break;
2525 case 'g':
2526 {
2527 static const GdbCmdParseEntry read_all_regs_cmd_desc = {
2528 .handler = handle_read_all_regs,
2529 .cmd = "g",
2530 .cmd_startswith = 1
2531 };
2532 cmd_parser = &read_all_regs_cmd_desc;
2533 }
2534 break;
2535 case 'G':
2536 {
2537 static const GdbCmdParseEntry write_all_regs_cmd_desc = {
2538 .handler = handle_write_all_regs,
2539 .cmd = "G",
2540 .cmd_startswith = 1,
2541 .schema = "s0"
2542 };
2543 cmd_parser = &write_all_regs_cmd_desc;
2544 }
2545 break;
2546 case 'm':
2547 {
2548 static const GdbCmdParseEntry read_mem_cmd_desc = {
2549 .handler = handle_read_mem,
2550 .cmd = "m",
2551 .cmd_startswith = 1,
2552 .schema = "L,L0"
2553 };
2554 cmd_parser = &read_mem_cmd_desc;
2555 }
2556 break;
2557 case 'M':
2558 {
2559 static const GdbCmdParseEntry write_mem_cmd_desc = {
2560 .handler = handle_write_mem,
2561 .cmd = "M",
2562 .cmd_startswith = 1,
2563 .schema = "L,L:s0"
2564 };
2565 cmd_parser = &write_mem_cmd_desc;
2566 }
2567 break;
2568 case 'p':
2569 {
2570 static const GdbCmdParseEntry get_reg_cmd_desc = {
2571 .handler = handle_get_reg,
2572 .cmd = "p",
2573 .cmd_startswith = 1,
2574 .schema = "L0"
2575 };
2576 cmd_parser = &get_reg_cmd_desc;
2577 }
2578 break;
2579 case 'P':
2580 {
2581 static const GdbCmdParseEntry set_reg_cmd_desc = {
2582 .handler = handle_set_reg,
2583 .cmd = "P",
2584 .cmd_startswith = 1,
2585 .schema = "L?s0"
2586 };
2587 cmd_parser = &set_reg_cmd_desc;
2588 }
2589 break;
2590 case 'Z':
2591 {
2592 static const GdbCmdParseEntry insert_bp_cmd_desc = {
2593 .handler = handle_insert_bp,
2594 .cmd = "Z",
2595 .cmd_startswith = 1,
2596 .schema = "l?L?L0"
2597 };
2598 cmd_parser = &insert_bp_cmd_desc;
2599 }
2600 break;
2601 case 'z':
2602 {
2603 static const GdbCmdParseEntry remove_bp_cmd_desc = {
2604 .handler = handle_remove_bp,
2605 .cmd = "z",
2606 .cmd_startswith = 1,
2607 .schema = "l?L?L0"
2608 };
2609 cmd_parser = &remove_bp_cmd_desc;
2610 }
2611 break;
2612 case 'H':
2613 {
2614 static const GdbCmdParseEntry set_thread_cmd_desc = {
2615 .handler = handle_set_thread,
2616 .cmd = "H",
2617 .cmd_startswith = 1,
2618 .schema = "o.t0"
2619 };
2620 cmd_parser = &set_thread_cmd_desc;
2621 }
2622 break;
2623 case 'T':
2624 {
2625 static const GdbCmdParseEntry thread_alive_cmd_desc = {
2626 .handler = handle_thread_alive,
2627 .cmd = "T",
2628 .cmd_startswith = 1,
2629 .schema = "t0"
2630 };
2631 cmd_parser = &thread_alive_cmd_desc;
2632 }
2633 break;
2634 case 'q':
2635 {
2636 static const GdbCmdParseEntry gen_query_cmd_desc = {
2637 .handler = handle_gen_query,
2638 .cmd = "q",
2639 .cmd_startswith = 1,
2640 .schema = "s0"
2641 };
2642 cmd_parser = &gen_query_cmd_desc;
2643 }
2644 break;
2645 case 'Q':
2646 {
2647 static const GdbCmdParseEntry gen_set_cmd_desc = {
2648 .handler = handle_gen_set,
2649 .cmd = "Q",
2650 .cmd_startswith = 1,
2651 .schema = "s0"
2652 };
2653 cmd_parser = &gen_set_cmd_desc;
2654 }
2655 break;
2656 default:
2657 /* put empty packet */
2658 put_packet("");
2659 break;
2660 }
2661
2662 if (cmd_parser) {
2663 run_cmd_parser(line_buf, cmd_parser);
2664 }
2665
2666 return RS_IDLE;
2667 }
2668
2669 void gdb_set_stop_cpu(CPUState *cpu)
2670 {
2671 GDBProcess *p = gdb_get_cpu_process(cpu);
2672
2673 if (!p->attached) {
2674 /*
2675 * Having a stop CPU corresponding to a process that is not attached
2676 * confuses GDB. So we ignore the request.
2677 */
2678 return;
2679 }
2680
2681 gdbserver_state.c_cpu = cpu;
2682 gdbserver_state.g_cpu = cpu;
2683 }
2684
2685 #ifndef CONFIG_USER_ONLY
2686 static void gdb_vm_state_change(void *opaque, int running, RunState state)
2687 {
2688 CPUState *cpu = gdbserver_state.c_cpu;
2689 g_autoptr(GString) buf = g_string_new(NULL);
2690 g_autoptr(GString) tid = g_string_new(NULL);
2691 const char *type;
2692 int ret;
2693
2694 if (running || gdbserver_state.state == RS_INACTIVE) {
2695 return;
2696 }
2697 /* Is there a GDB syscall waiting to be sent? */
2698 if (gdbserver_state.current_syscall_cb) {
2699 put_packet(gdbserver_state.syscall_buf);
2700 return;
2701 }
2702
2703 if (cpu == NULL) {
2704 /* No process attached */
2705 return;
2706 }
2707
2708 gdb_append_thread_id(cpu, tid);
2709
2710 switch (state) {
2711 case RUN_STATE_DEBUG:
2712 if (cpu->watchpoint_hit) {
2713 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
2714 case BP_MEM_READ:
2715 type = "r";
2716 break;
2717 case BP_MEM_ACCESS:
2718 type = "a";
2719 break;
2720 default:
2721 type = "";
2722 break;
2723 }
2724 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu),
2725 (target_ulong)cpu->watchpoint_hit->vaddr);
2726 g_string_printf(buf, "T%02xthread:%s;%swatch:" TARGET_FMT_lx ";",
2727 GDB_SIGNAL_TRAP, tid->str, type,
2728 (target_ulong)cpu->watchpoint_hit->vaddr);
2729 cpu->watchpoint_hit = NULL;
2730 goto send_packet;
2731 } else {
2732 trace_gdbstub_hit_break();
2733 }
2734 tb_flush(cpu);
2735 ret = GDB_SIGNAL_TRAP;
2736 break;
2737 case RUN_STATE_PAUSED:
2738 trace_gdbstub_hit_paused();
2739 ret = GDB_SIGNAL_INT;
2740 break;
2741 case RUN_STATE_SHUTDOWN:
2742 trace_gdbstub_hit_shutdown();
2743 ret = GDB_SIGNAL_QUIT;
2744 break;
2745 case RUN_STATE_IO_ERROR:
2746 trace_gdbstub_hit_io_error();
2747 ret = GDB_SIGNAL_IO;
2748 break;
2749 case RUN_STATE_WATCHDOG:
2750 trace_gdbstub_hit_watchdog();
2751 ret = GDB_SIGNAL_ALRM;
2752 break;
2753 case RUN_STATE_INTERNAL_ERROR:
2754 trace_gdbstub_hit_internal_error();
2755 ret = GDB_SIGNAL_ABRT;
2756 break;
2757 case RUN_STATE_SAVE_VM:
2758 case RUN_STATE_RESTORE_VM:
2759 return;
2760 case RUN_STATE_FINISH_MIGRATE:
2761 ret = GDB_SIGNAL_XCPU;
2762 break;
2763 default:
2764 trace_gdbstub_hit_unknown(state);
2765 ret = GDB_SIGNAL_UNKNOWN;
2766 break;
2767 }
2768 gdb_set_stop_cpu(cpu);
2769 g_string_printf(buf, "T%02xthread:%s;", ret, tid->str);
2770
2771 send_packet:
2772 put_packet(buf->str);
2773
2774 /* disable single step if it was enabled */
2775 cpu_single_step(cpu, 0);
2776 }
2777 #endif
2778
2779 /* Send a gdb syscall request.
2780 This accepts limited printf-style format specifiers, specifically:
2781 %x - target_ulong argument printed in hex.
2782 %lx - 64-bit argument printed in hex.
2783 %s - string pointer (target_ulong) and length (int) pair. */
2784 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
2785 {
2786 char *p;
2787 char *p_end;
2788 target_ulong addr;
2789 uint64_t i64;
2790
2791 if (!gdbserver_state.init) {
2792 return;
2793 }
2794
2795 gdbserver_state.current_syscall_cb = cb;
2796 #ifndef CONFIG_USER_ONLY
2797 vm_stop(RUN_STATE_DEBUG);
2798 #endif
2799 p = &gdbserver_state.syscall_buf[0];
2800 p_end = &gdbserver_state.syscall_buf[sizeof(gdbserver_state.syscall_buf)];
2801 *(p++) = 'F';
2802 while (*fmt) {
2803 if (*fmt == '%') {
2804 fmt++;
2805 switch (*fmt++) {
2806 case 'x':
2807 addr = va_arg(va, target_ulong);
2808 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
2809 break;
2810 case 'l':
2811 if (*(fmt++) != 'x')
2812 goto bad_format;
2813 i64 = va_arg(va, uint64_t);
2814 p += snprintf(p, p_end - p, "%" PRIx64, i64);
2815 break;
2816 case 's':
2817 addr = va_arg(va, target_ulong);
2818 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
2819 addr, va_arg(va, int));
2820 break;
2821 default:
2822 bad_format:
2823 error_report("gdbstub: Bad syscall format string '%s'",
2824 fmt - 1);
2825 break;
2826 }
2827 } else {
2828 *(p++) = *(fmt++);
2829 }
2830 }
2831 *p = 0;
2832 #ifdef CONFIG_USER_ONLY
2833 put_packet(gdbserver_state.syscall_buf);
2834 /* Return control to gdb for it to process the syscall request.
2835 * Since the protocol requires that gdb hands control back to us
2836 * using a "here are the results" F packet, we don't need to check
2837 * gdb_handlesig's return value (which is the signal to deliver if
2838 * execution was resumed via a continue packet).
2839 */
2840 gdb_handlesig(gdbserver_state.c_cpu, 0);
2841 #else
2842 /* In this case wait to send the syscall packet until notification that
2843 the CPU has stopped. This must be done because if the packet is sent
2844 now the reply from the syscall request could be received while the CPU
2845 is still in the running state, which can cause packets to be dropped
2846 and state transition 'T' packets to be sent while the syscall is still
2847 being processed. */
2848 qemu_cpu_kick(gdbserver_state.c_cpu);
2849 #endif
2850 }
2851
2852 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
2853 {
2854 va_list va;
2855
2856 va_start(va, fmt);
2857 gdb_do_syscallv(cb, fmt, va);
2858 va_end(va);
2859 }
2860
2861 static void gdb_read_byte(uint8_t ch)
2862 {
2863 uint8_t reply;
2864
2865 #ifndef CONFIG_USER_ONLY
2866 if (gdbserver_state.last_packet->len) {
2867 /* Waiting for a response to the last packet. If we see the start
2868 of a new command then abandon the previous response. */
2869 if (ch == '-') {
2870 trace_gdbstub_err_got_nack();
2871 put_buffer(gdbserver_state.last_packet->data,
2872 gdbserver_state.last_packet->len);
2873 } else if (ch == '+') {
2874 trace_gdbstub_io_got_ack();
2875 } else {
2876 trace_gdbstub_io_got_unexpected(ch);
2877 }
2878
2879 if (ch == '+' || ch == '$') {
2880 g_byte_array_set_size(gdbserver_state.last_packet, 0);
2881 }
2882 if (ch != '$')
2883 return;
2884 }
2885 if (runstate_is_running()) {
2886 /* when the CPU is running, we cannot do anything except stop
2887 it when receiving a char */
2888 vm_stop(RUN_STATE_PAUSED);
2889 } else
2890 #endif
2891 {
2892 switch(gdbserver_state.state) {
2893 case RS_IDLE:
2894 if (ch == '$') {
2895 /* start of command packet */
2896 gdbserver_state.line_buf_index = 0;
2897 gdbserver_state.line_sum = 0;
2898 gdbserver_state.state = RS_GETLINE;
2899 } else {
2900 trace_gdbstub_err_garbage(ch);
2901 }
2902 break;
2903 case RS_GETLINE:
2904 if (ch == '}') {
2905 /* start escape sequence */
2906 gdbserver_state.state = RS_GETLINE_ESC;
2907 gdbserver_state.line_sum += ch;
2908 } else if (ch == '*') {
2909 /* start run length encoding sequence */
2910 gdbserver_state.state = RS_GETLINE_RLE;
2911 gdbserver_state.line_sum += ch;
2912 } else if (ch == '#') {
2913 /* end of command, start of checksum*/
2914 gdbserver_state.state = RS_CHKSUM1;
2915 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
2916 trace_gdbstub_err_overrun();
2917 gdbserver_state.state = RS_IDLE;
2918 } else {
2919 /* unescaped command character */
2920 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch;
2921 gdbserver_state.line_sum += ch;
2922 }
2923 break;
2924 case RS_GETLINE_ESC:
2925 if (ch == '#') {
2926 /* unexpected end of command in escape sequence */
2927 gdbserver_state.state = RS_CHKSUM1;
2928 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
2929 /* command buffer overrun */
2930 trace_gdbstub_err_overrun();
2931 gdbserver_state.state = RS_IDLE;
2932 } else {
2933 /* parse escaped character and leave escape state */
2934 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch ^ 0x20;
2935 gdbserver_state.line_sum += ch;
2936 gdbserver_state.state = RS_GETLINE;
2937 }
2938 break;
2939 case RS_GETLINE_RLE:
2940 /*
2941 * Run-length encoding is explained in "Debugging with GDB /
2942 * Appendix E GDB Remote Serial Protocol / Overview".
2943 */
2944 if (ch < ' ' || ch == '#' || ch == '$' || ch > 126) {
2945 /* invalid RLE count encoding */
2946 trace_gdbstub_err_invalid_repeat(ch);
2947 gdbserver_state.state = RS_GETLINE;
2948 } else {
2949 /* decode repeat length */
2950 int repeat = ch - ' ' + 3;
2951 if (gdbserver_state.line_buf_index + repeat >= sizeof(gdbserver_state.line_buf) - 1) {
2952 /* that many repeats would overrun the command buffer */
2953 trace_gdbstub_err_overrun();
2954 gdbserver_state.state = RS_IDLE;
2955 } else if (gdbserver_state.line_buf_index < 1) {
2956 /* got a repeat but we have nothing to repeat */
2957 trace_gdbstub_err_invalid_rle();
2958 gdbserver_state.state = RS_GETLINE;
2959 } else {
2960 /* repeat the last character */
2961 memset(gdbserver_state.line_buf + gdbserver_state.line_buf_index,
2962 gdbserver_state.line_buf[gdbserver_state.line_buf_index - 1], repeat);
2963 gdbserver_state.line_buf_index += repeat;
2964 gdbserver_state.line_sum += ch;
2965 gdbserver_state.state = RS_GETLINE;
2966 }
2967 }
2968 break;
2969 case RS_CHKSUM1:
2970 /* get high hex digit of checksum */
2971 if (!isxdigit(ch)) {
2972 trace_gdbstub_err_checksum_invalid(ch);
2973 gdbserver_state.state = RS_GETLINE;
2974 break;
2975 }
2976 gdbserver_state.line_buf[gdbserver_state.line_buf_index] = '\0';
2977 gdbserver_state.line_csum = fromhex(ch) << 4;
2978 gdbserver_state.state = RS_CHKSUM2;
2979 break;
2980 case RS_CHKSUM2:
2981 /* get low hex digit of checksum */
2982 if (!isxdigit(ch)) {
2983 trace_gdbstub_err_checksum_invalid(ch);
2984 gdbserver_state.state = RS_GETLINE;
2985 break;
2986 }
2987 gdbserver_state.line_csum |= fromhex(ch);
2988
2989 if (gdbserver_state.line_csum != (gdbserver_state.line_sum & 0xff)) {
2990 trace_gdbstub_err_checksum_incorrect(gdbserver_state.line_sum, gdbserver_state.line_csum);
2991 /* send NAK reply */
2992 reply = '-';
2993 put_buffer(&reply, 1);
2994 gdbserver_state.state = RS_IDLE;
2995 } else {
2996 /* send ACK reply */
2997 reply = '+';
2998 put_buffer(&reply, 1);
2999 gdbserver_state.state = gdb_handle_packet(gdbserver_state.line_buf);
3000 }
3001 break;
3002 default:
3003 abort();
3004 }
3005 }
3006 }
3007
3008 /* Tell the remote gdb that the process has exited. */
3009 void gdb_exit(CPUArchState *env, int code)
3010 {
3011 char buf[4];
3012
3013 if (!gdbserver_state.init) {
3014 return;
3015 }
3016 #ifdef CONFIG_USER_ONLY
3017 if (gdbserver_state.socket_path) {
3018 unlink(gdbserver_state.socket_path);
3019 }
3020 if (gdbserver_state.fd < 0) {
3021 return;
3022 }
3023 #endif
3024
3025 trace_gdbstub_op_exiting((uint8_t)code);
3026
3027 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
3028 put_packet(buf);
3029
3030 #ifndef CONFIG_USER_ONLY
3031 qemu_chr_fe_deinit(&gdbserver_state.chr, true);
3032 #endif
3033 }
3034
3035 /*
3036 * Create the process that will contain all the "orphan" CPUs (that are not
3037 * part of a CPU cluster). Note that if this process contains no CPUs, it won't
3038 * be attachable and thus will be invisible to the user.
3039 */
3040 static void create_default_process(GDBState *s)
3041 {
3042 GDBProcess *process;
3043 int max_pid = 0;
3044
3045 if (gdbserver_state.process_num) {
3046 max_pid = s->processes[s->process_num - 1].pid;
3047 }
3048
3049 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
3050 process = &s->processes[s->process_num - 1];
3051
3052 /* We need an available PID slot for this process */
3053 assert(max_pid < UINT32_MAX);
3054
3055 process->pid = max_pid + 1;
3056 process->attached = false;
3057 process->target_xml[0] = '\0';
3058 }
3059
3060 #ifdef CONFIG_USER_ONLY
3061 int
3062 gdb_handlesig(CPUState *cpu, int sig)
3063 {
3064 char buf[256];
3065 int n;
3066
3067 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3068 return sig;
3069 }
3070
3071 /* disable single step if it was enabled */
3072 cpu_single_step(cpu, 0);
3073 tb_flush(cpu);
3074
3075 if (sig != 0) {
3076 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
3077 put_packet(buf);
3078 }
3079 /* put_packet() might have detected that the peer terminated the
3080 connection. */
3081 if (gdbserver_state.fd < 0) {
3082 return sig;
3083 }
3084
3085 sig = 0;
3086 gdbserver_state.state = RS_IDLE;
3087 gdbserver_state.running_state = 0;
3088 while (gdbserver_state.running_state == 0) {
3089 n = read(gdbserver_state.fd, buf, 256);
3090 if (n > 0) {
3091 int i;
3092
3093 for (i = 0; i < n; i++) {
3094 gdb_read_byte(buf[i]);
3095 }
3096 } else {
3097 /* XXX: Connection closed. Should probably wait for another
3098 connection before continuing. */
3099 if (n == 0) {
3100 close(gdbserver_state.fd);
3101 }
3102 gdbserver_state.fd = -1;
3103 return sig;
3104 }
3105 }
3106 sig = gdbserver_state.signal;
3107 gdbserver_state.signal = 0;
3108 return sig;
3109 }
3110
3111 /* Tell the remote gdb that the process has exited due to SIG. */
3112 void gdb_signalled(CPUArchState *env, int sig)
3113 {
3114 char buf[4];
3115
3116 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3117 return;
3118 }
3119
3120 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
3121 put_packet(buf);
3122 }
3123
3124 static void gdb_accept_init(int fd)
3125 {
3126 init_gdbserver_state();
3127 create_default_process(&gdbserver_state);
3128 gdbserver_state.processes[0].attached = true;
3129 gdbserver_state.c_cpu = gdb_first_attached_cpu();
3130 gdbserver_state.g_cpu = gdbserver_state.c_cpu;
3131 gdbserver_state.fd = fd;
3132 gdb_has_xml = false;
3133 }
3134
3135 static bool gdb_accept_socket(int gdb_fd)
3136 {
3137 int fd;
3138
3139 for(;;) {
3140 fd = accept(gdb_fd, NULL, NULL);
3141 if (fd < 0 && errno != EINTR) {
3142 perror("accept socket");
3143 return false;
3144 } else if (fd >= 0) {
3145 qemu_set_cloexec(fd);
3146 break;
3147 }
3148 }
3149
3150 gdb_accept_init(fd);
3151 return true;
3152 }
3153
3154 static int gdbserver_open_socket(const char *path)
3155 {
3156 struct sockaddr_un sockaddr;
3157 int fd, ret;
3158
3159 fd = socket(AF_UNIX, SOCK_STREAM, 0);
3160 if (fd < 0) {
3161 perror("create socket");
3162 return -1;
3163 }
3164
3165 sockaddr.sun_family = AF_UNIX;
3166 pstrcpy(sockaddr.sun_path, sizeof(sockaddr.sun_path) - 1, path);
3167 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
3168 if (ret < 0) {
3169 perror("bind socket");
3170 close(fd);
3171 return -1;
3172 }
3173 ret = listen(fd, 1);
3174 if (ret < 0) {
3175 perror("listen socket");
3176 close(fd);
3177 return -1;
3178 }
3179
3180 return fd;
3181 }
3182
3183 static bool gdb_accept_tcp(int gdb_fd)
3184 {
3185 struct sockaddr_in sockaddr;
3186 socklen_t len;
3187 int fd;
3188
3189 for(;;) {
3190 len = sizeof(sockaddr);
3191 fd = accept(gdb_fd, (struct sockaddr *)&sockaddr, &len);
3192 if (fd < 0 && errno != EINTR) {
3193 perror("accept");
3194 return false;
3195 } else if (fd >= 0) {
3196 qemu_set_cloexec(fd);
3197 break;
3198 }
3199 }
3200
3201 /* set short latency */
3202 if (socket_set_nodelay(fd)) {
3203 perror("setsockopt");
3204 close(fd);
3205 return false;
3206 }
3207
3208 gdb_accept_init(fd);
3209 return true;
3210 }
3211
3212 static int gdbserver_open_port(int port)
3213 {
3214 struct sockaddr_in sockaddr;
3215 int fd, ret;
3216
3217 fd = socket(PF_INET, SOCK_STREAM, 0);
3218 if (fd < 0) {
3219 perror("socket");
3220 return -1;
3221 }
3222 qemu_set_cloexec(fd);
3223
3224 socket_set_fast_reuse(fd);
3225
3226 sockaddr.sin_family = AF_INET;
3227 sockaddr.sin_port = htons(port);
3228 sockaddr.sin_addr.s_addr = 0;
3229 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
3230 if (ret < 0) {
3231 perror("bind");
3232 close(fd);
3233 return -1;
3234 }
3235 ret = listen(fd, 1);
3236 if (ret < 0) {
3237 perror("listen");
3238 close(fd);
3239 return -1;
3240 }
3241
3242 return fd;
3243 }
3244
3245 int gdbserver_start(const char *port_or_path)
3246 {
3247 int port = g_ascii_strtoull(port_or_path, NULL, 10);
3248 int gdb_fd;
3249
3250 if (port > 0) {
3251 gdb_fd = gdbserver_open_port(port);
3252 } else {
3253 gdb_fd = gdbserver_open_socket(port_or_path);
3254 }
3255
3256 if (gdb_fd < 0) {
3257 return -1;
3258 }
3259
3260 if (port > 0 && gdb_accept_tcp(gdb_fd)) {
3261 return 0;
3262 } else if (gdb_accept_socket(gdb_fd)) {
3263 gdbserver_state.socket_path = g_strdup(port_or_path);
3264 return 0;
3265 }
3266
3267 /* gone wrong */
3268 close(gdb_fd);
3269 return -1;
3270 }
3271
3272 /* Disable gdb stub for child processes. */
3273 void gdbserver_fork(CPUState *cpu)
3274 {
3275 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3276 return;
3277 }
3278 close(gdbserver_state.fd);
3279 gdbserver_state.fd = -1;
3280 cpu_breakpoint_remove_all(cpu, BP_GDB);
3281 cpu_watchpoint_remove_all(cpu, BP_GDB);
3282 }
3283 #else
3284 static int gdb_chr_can_receive(void *opaque)
3285 {
3286 /* We can handle an arbitrarily large amount of data.
3287 Pick the maximum packet size, which is as good as anything. */
3288 return MAX_PACKET_LENGTH;
3289 }
3290
3291 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
3292 {
3293 int i;
3294
3295 for (i = 0; i < size; i++) {
3296 gdb_read_byte(buf[i]);
3297 }
3298 }
3299
3300 static void gdb_chr_event(void *opaque, QEMUChrEvent event)
3301 {
3302 int i;
3303 GDBState *s = (GDBState *) opaque;
3304
3305 switch (event) {
3306 case CHR_EVENT_OPENED:
3307 /* Start with first process attached, others detached */
3308 for (i = 0; i < s->process_num; i++) {
3309 s->processes[i].attached = !i;
3310 }
3311
3312 s->c_cpu = gdb_first_attached_cpu();
3313 s->g_cpu = s->c_cpu;
3314
3315 vm_stop(RUN_STATE_PAUSED);
3316 gdb_has_xml = false;
3317 break;
3318 default:
3319 break;
3320 }
3321 }
3322
3323 static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len)
3324 {
3325 g_autoptr(GString) hex_buf = g_string_new("O");
3326 memtohex(hex_buf, buf, len);
3327 put_packet(hex_buf->str);
3328 return len;
3329 }
3330
3331 #ifndef _WIN32
3332 static void gdb_sigterm_handler(int signal)
3333 {
3334 if (runstate_is_running()) {
3335 vm_stop(RUN_STATE_PAUSED);
3336 }
3337 }
3338 #endif
3339
3340 static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend,
3341 bool *be_opened, Error **errp)
3342 {
3343 *be_opened = false;
3344 }
3345
3346 static void char_gdb_class_init(ObjectClass *oc, void *data)
3347 {
3348 ChardevClass *cc = CHARDEV_CLASS(oc);
3349
3350 cc->internal = true;
3351 cc->open = gdb_monitor_open;
3352 cc->chr_write = gdb_monitor_write;
3353 }
3354
3355 #define TYPE_CHARDEV_GDB "chardev-gdb"
3356
3357 static const TypeInfo char_gdb_type_info = {
3358 .name = TYPE_CHARDEV_GDB,
3359 .parent = TYPE_CHARDEV,
3360 .class_init = char_gdb_class_init,
3361 };
3362
3363 static int find_cpu_clusters(Object *child, void *opaque)
3364 {
3365 if (object_dynamic_cast(child, TYPE_CPU_CLUSTER)) {
3366 GDBState *s = (GDBState *) opaque;
3367 CPUClusterState *cluster = CPU_CLUSTER(child);
3368 GDBProcess *process;
3369
3370 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
3371
3372 process = &s->processes[s->process_num - 1];
3373
3374 /*
3375 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at
3376 * runtime, we enforce here that the machine does not use a cluster ID
3377 * that would lead to PID 0.
3378 */
3379 assert(cluster->cluster_id != UINT32_MAX);
3380 process->pid = cluster->cluster_id + 1;
3381 process->attached = false;
3382 process->target_xml[0] = '\0';
3383
3384 return 0;
3385 }
3386
3387 return object_child_foreach(child, find_cpu_clusters, opaque);
3388 }
3389
3390 static int pid_order(const void *a, const void *b)
3391 {
3392 GDBProcess *pa = (GDBProcess *) a;
3393 GDBProcess *pb = (GDBProcess *) b;
3394
3395 if (pa->pid < pb->pid) {
3396 return -1;
3397 } else if (pa->pid > pb->pid) {
3398 return 1;
3399 } else {
3400 return 0;
3401 }
3402 }
3403
3404 static void create_processes(GDBState *s)
3405 {
3406 object_child_foreach(object_get_root(), find_cpu_clusters, s);
3407
3408 if (gdbserver_state.processes) {
3409 /* Sort by PID */
3410 qsort(gdbserver_state.processes, gdbserver_state.process_num, sizeof(gdbserver_state.processes[0]), pid_order);
3411 }
3412
3413 create_default_process(s);
3414 }
3415
3416 int gdbserver_start(const char *device)
3417 {
3418 trace_gdbstub_op_start(device);
3419
3420 char gdbstub_device_name[128];
3421 Chardev *chr = NULL;
3422 Chardev *mon_chr;
3423
3424 if (!first_cpu) {
3425 error_report("gdbstub: meaningless to attach gdb to a "
3426 "machine without any CPU.");
3427 return -1;
3428 }
3429
3430 if (!device)
3431 return -1;
3432 if (strcmp(device, "none") != 0) {
3433 if (strstart(device, "tcp:", NULL)) {
3434 /* enforce required TCP attributes */
3435 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
3436 "%s,nowait,nodelay,server", device);
3437 device = gdbstub_device_name;
3438 }
3439 #ifndef _WIN32
3440 else if (strcmp(device, "stdio") == 0) {
3441 struct sigaction act;
3442
3443 memset(&act, 0, sizeof(act));
3444 act.sa_handler = gdb_sigterm_handler;
3445 sigaction(SIGINT, &act, NULL);
3446 }
3447 #endif
3448 /*
3449 * FIXME: it's a bit weird to allow using a mux chardev here
3450 * and implicitly setup a monitor. We may want to break this.
3451 */
3452 chr = qemu_chr_new_noreplay("gdb", device, true, NULL);
3453 if (!chr)
3454 return -1;
3455 }
3456
3457 if (!gdbserver_state.init) {
3458 init_gdbserver_state();
3459
3460 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
3461
3462 /* Initialize a monitor terminal for gdb */
3463 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB,
3464 NULL, NULL, &error_abort);
3465 monitor_init_hmp(mon_chr, false, &error_abort);
3466 } else {
3467 qemu_chr_fe_deinit(&gdbserver_state.chr, true);
3468 mon_chr = gdbserver_state.mon_chr;
3469 reset_gdbserver_state();
3470 }
3471
3472 create_processes(&gdbserver_state);
3473
3474 if (chr) {
3475 qemu_chr_fe_init(&gdbserver_state.chr, chr, &error_abort);
3476 qemu_chr_fe_set_handlers(&gdbserver_state.chr, gdb_chr_can_receive,
3477 gdb_chr_receive, gdb_chr_event,
3478 NULL, &gdbserver_state, NULL, true);
3479 }
3480 gdbserver_state.state = chr ? RS_IDLE : RS_INACTIVE;
3481 gdbserver_state.mon_chr = mon_chr;
3482 gdbserver_state.current_syscall_cb = NULL;
3483
3484 return 0;
3485 }
3486
3487 void gdbserver_cleanup(void)
3488 {
3489 if (gdbserver_state.init) {
3490 put_packet("W00");
3491 }
3492 }
3493
3494 static void register_types(void)
3495 {
3496 type_register_static(&char_gdb_type_info);
3497 }
3498
3499 type_init(register_types);
3500 #endif
QEMU mirror