]> git.proxmox.com Git - mirror_qemu.git/blob - gdbstub.c
projects / mirror_qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging
[mirror_qemu.git] / gdbstub.c
1 /*
2 * gdb server stub
3 *
4 * This implements a subset of the remote protocol as described in:
5 *
6 * https://sourceware.org/gdb/onlinedocs/gdb/Remote-Protocol.html
7 *
8 * Copyright (c) 2003-2005 Fabrice Bellard
9 *
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
14 *
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
19 *
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
22 *
23 * SPDX-License-Identifier: LGPL-2.0+
24 */
25
26 #include "qemu/osdep.h"
27 #include "qapi/error.h"
28 #include "qemu/error-report.h"
29 #include "qemu/ctype.h"
30 #include "qemu/cutils.h"
31 #include "qemu/module.h"
32 #include "trace/trace-root.h"
33 #include "exec/gdbstub.h"
34 #ifdef CONFIG_USER_ONLY
35 #include "qemu.h"
36 #else
37 #include "monitor/monitor.h"
38 #include "chardev/char.h"
39 #include "chardev/char-fe.h"
40 #include "hw/cpu/cluster.h"
41 #include "hw/boards.h"
42 #endif
43
44 #define MAX_PACKET_LENGTH 4096
45
46 #include "qemu/sockets.h"
47 #include "sysemu/hw_accel.h"
48 #include "sysemu/kvm.h"
49 #include "sysemu/runstate.h"
50 #include "semihosting/semihost.h"
51 #include "exec/exec-all.h"
52 #include "sysemu/replay.h"
53
54 #ifdef CONFIG_USER_ONLY
55 #define GDB_ATTACHED "0"
56 #else
57 #define GDB_ATTACHED "1"
58 #endif
59
60 #ifndef CONFIG_USER_ONLY
61 static int phy_memory_mode;
62 #endif
63
64 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
65 uint8_t *buf, int len, bool is_write)
66 {
67 CPUClass *cc;
68
69 #ifndef CONFIG_USER_ONLY
70 if (phy_memory_mode) {
71 if (is_write) {
72 cpu_physical_memory_write(addr, buf, len);
73 } else {
74 cpu_physical_memory_read(addr, buf, len);
75 }
76 return 0;
77 }
78 #endif
79
80 cc = CPU_GET_CLASS(cpu);
81 if (cc->memory_rw_debug) {
82 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
83 }
84 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
85 }
86
87 /* Return the GDB index for a given vCPU state.
88 *
89 * For user mode this is simply the thread id. In system mode GDB
90 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
91 */
92 static inline int cpu_gdb_index(CPUState *cpu)
93 {
94 #if defined(CONFIG_USER_ONLY)
95 TaskState *ts = (TaskState *) cpu->opaque;
96 return ts ? ts->ts_tid : -1;
97 #else
98 return cpu->cpu_index + 1;
99 #endif
100 }
101
102 enum {
103 GDB_SIGNAL_0 = 0,
104 GDB_SIGNAL_INT = 2,
105 GDB_SIGNAL_QUIT = 3,
106 GDB_SIGNAL_TRAP = 5,
107 GDB_SIGNAL_ABRT = 6,
108 GDB_SIGNAL_ALRM = 14,
109 GDB_SIGNAL_IO = 23,
110 GDB_SIGNAL_XCPU = 24,
111 GDB_SIGNAL_UNKNOWN = 143
112 };
113
114 #ifdef CONFIG_USER_ONLY
115
116 /* Map target signal numbers to GDB protocol signal numbers and vice
117 * versa. For user emulation's currently supported systems, we can
118 * assume most signals are defined.
119 */
120
121 static int gdb_signal_table[] = {
122 0,
123 TARGET_SIGHUP,
124 TARGET_SIGINT,
125 TARGET_SIGQUIT,
126 TARGET_SIGILL,
127 TARGET_SIGTRAP,
128 TARGET_SIGABRT,
129 -1, /* SIGEMT */
130 TARGET_SIGFPE,
131 TARGET_SIGKILL,
132 TARGET_SIGBUS,
133 TARGET_SIGSEGV,
134 TARGET_SIGSYS,
135 TARGET_SIGPIPE,
136 TARGET_SIGALRM,
137 TARGET_SIGTERM,
138 TARGET_SIGURG,
139 TARGET_SIGSTOP,
140 TARGET_SIGTSTP,
141 TARGET_SIGCONT,
142 TARGET_SIGCHLD,
143 TARGET_SIGTTIN,
144 TARGET_SIGTTOU,
145 TARGET_SIGIO,
146 TARGET_SIGXCPU,
147 TARGET_SIGXFSZ,
148 TARGET_SIGVTALRM,
149 TARGET_SIGPROF,
150 TARGET_SIGWINCH,
151 -1, /* SIGLOST */
152 TARGET_SIGUSR1,
153 TARGET_SIGUSR2,
154 #ifdef TARGET_SIGPWR
155 TARGET_SIGPWR,
156 #else
157 -1,
158 #endif
159 -1, /* SIGPOLL */
160 -1,
161 -1,
162 -1,
163 -1,
164 -1,
165 -1,
166 -1,
167 -1,
168 -1,
169 -1,
170 -1,
171 #ifdef __SIGRTMIN
172 __SIGRTMIN + 1,
173 __SIGRTMIN + 2,
174 __SIGRTMIN + 3,
175 __SIGRTMIN + 4,
176 __SIGRTMIN + 5,
177 __SIGRTMIN + 6,
178 __SIGRTMIN + 7,
179 __SIGRTMIN + 8,
180 __SIGRTMIN + 9,
181 __SIGRTMIN + 10,
182 __SIGRTMIN + 11,
183 __SIGRTMIN + 12,
184 __SIGRTMIN + 13,
185 __SIGRTMIN + 14,
186 __SIGRTMIN + 15,
187 __SIGRTMIN + 16,
188 __SIGRTMIN + 17,
189 __SIGRTMIN + 18,
190 __SIGRTMIN + 19,
191 __SIGRTMIN + 20,
192 __SIGRTMIN + 21,
193 __SIGRTMIN + 22,
194 __SIGRTMIN + 23,
195 __SIGRTMIN + 24,
196 __SIGRTMIN + 25,
197 __SIGRTMIN + 26,
198 __SIGRTMIN + 27,
199 __SIGRTMIN + 28,
200 __SIGRTMIN + 29,
201 __SIGRTMIN + 30,
202 __SIGRTMIN + 31,
203 -1, /* SIGCANCEL */
204 __SIGRTMIN,
205 __SIGRTMIN + 32,
206 __SIGRTMIN + 33,
207 __SIGRTMIN + 34,
208 __SIGRTMIN + 35,
209 __SIGRTMIN + 36,
210 __SIGRTMIN + 37,
211 __SIGRTMIN + 38,
212 __SIGRTMIN + 39,
213 __SIGRTMIN + 40,
214 __SIGRTMIN + 41,
215 __SIGRTMIN + 42,
216 __SIGRTMIN + 43,
217 __SIGRTMIN + 44,
218 __SIGRTMIN + 45,
219 __SIGRTMIN + 46,
220 __SIGRTMIN + 47,
221 __SIGRTMIN + 48,
222 __SIGRTMIN + 49,
223 __SIGRTMIN + 50,
224 __SIGRTMIN + 51,
225 __SIGRTMIN + 52,
226 __SIGRTMIN + 53,
227 __SIGRTMIN + 54,
228 __SIGRTMIN + 55,
229 __SIGRTMIN + 56,
230 __SIGRTMIN + 57,
231 __SIGRTMIN + 58,
232 __SIGRTMIN + 59,
233 __SIGRTMIN + 60,
234 __SIGRTMIN + 61,
235 __SIGRTMIN + 62,
236 __SIGRTMIN + 63,
237 __SIGRTMIN + 64,
238 __SIGRTMIN + 65,
239 __SIGRTMIN + 66,
240 __SIGRTMIN + 67,
241 __SIGRTMIN + 68,
242 __SIGRTMIN + 69,
243 __SIGRTMIN + 70,
244 __SIGRTMIN + 71,
245 __SIGRTMIN + 72,
246 __SIGRTMIN + 73,
247 __SIGRTMIN + 74,
248 __SIGRTMIN + 75,
249 __SIGRTMIN + 76,
250 __SIGRTMIN + 77,
251 __SIGRTMIN + 78,
252 __SIGRTMIN + 79,
253 __SIGRTMIN + 80,
254 __SIGRTMIN + 81,
255 __SIGRTMIN + 82,
256 __SIGRTMIN + 83,
257 __SIGRTMIN + 84,
258 __SIGRTMIN + 85,
259 __SIGRTMIN + 86,
260 __SIGRTMIN + 87,
261 __SIGRTMIN + 88,
262 __SIGRTMIN + 89,
263 __SIGRTMIN + 90,
264 __SIGRTMIN + 91,
265 __SIGRTMIN + 92,
266 __SIGRTMIN + 93,
267 __SIGRTMIN + 94,
268 __SIGRTMIN + 95,
269 -1, /* SIGINFO */
270 -1, /* UNKNOWN */
271 -1, /* DEFAULT */
272 -1,
273 -1,
274 -1,
275 -1,
276 -1,
277 -1
278 #endif
279 };
280 #else
281 /* In system mode we only need SIGINT and SIGTRAP; other signals
282 are not yet supported. */
283
284 enum {
285 TARGET_SIGINT = 2,
286 TARGET_SIGTRAP = 5
287 };
288
289 static int gdb_signal_table[] = {
290 -1,
291 -1,
292 TARGET_SIGINT,
293 -1,
294 -1,
295 TARGET_SIGTRAP
296 };
297 #endif
298
299 #ifdef CONFIG_USER_ONLY
300 static int target_signal_to_gdb (int sig)
301 {
302 int i;
303 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
304 if (gdb_signal_table[i] == sig)
305 return i;
306 return GDB_SIGNAL_UNKNOWN;
307 }
308 #endif
309
310 static int gdb_signal_to_target (int sig)
311 {
312 if (sig < ARRAY_SIZE (gdb_signal_table))
313 return gdb_signal_table[sig];
314 else
315 return -1;
316 }
317
318 typedef struct GDBRegisterState {
319 int base_reg;
320 int num_regs;
321 gdb_get_reg_cb get_reg;
322 gdb_set_reg_cb set_reg;
323 const char *xml;
324 struct GDBRegisterState *next;
325 } GDBRegisterState;
326
327 typedef struct GDBProcess {
328 uint32_t pid;
329 bool attached;
330
331 char target_xml[1024];
332 } GDBProcess;
333
334 enum RSState {
335 RS_INACTIVE,
336 RS_IDLE,
337 RS_GETLINE,
338 RS_GETLINE_ESC,
339 RS_GETLINE_RLE,
340 RS_CHKSUM1,
341 RS_CHKSUM2,
342 };
343 typedef struct GDBState {
344 bool init; /* have we been initialised? */
345 CPUState *c_cpu; /* current CPU for step/continue ops */
346 CPUState *g_cpu; /* current CPU for other ops */
347 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
348 enum RSState state; /* parsing state */
349 char line_buf[MAX_PACKET_LENGTH];
350 int line_buf_index;
351 int line_sum; /* running checksum */
352 int line_csum; /* checksum at the end of the packet */
353 GByteArray *last_packet;
354 int signal;
355 #ifdef CONFIG_USER_ONLY
356 int fd;
357 char *socket_path;
358 int running_state;
359 #else
360 CharBackend chr;
361 Chardev *mon_chr;
362 #endif
363 bool multiprocess;
364 GDBProcess *processes;
365 int process_num;
366 char syscall_buf[256];
367 gdb_syscall_complete_cb current_syscall_cb;
368 GString *str_buf;
369 GByteArray *mem_buf;
370 int sstep_flags;
371 int supported_sstep_flags;
372 } GDBState;
373
374 static GDBState gdbserver_state;
375
376 static void init_gdbserver_state(void)
377 {
378 g_assert(!gdbserver_state.init);
379 memset(&gdbserver_state, 0, sizeof(GDBState));
380 gdbserver_state.init = true;
381 gdbserver_state.str_buf = g_string_new(NULL);
382 gdbserver_state.mem_buf = g_byte_array_sized_new(MAX_PACKET_LENGTH);
383 gdbserver_state.last_packet = g_byte_array_sized_new(MAX_PACKET_LENGTH + 4);
384
385 /*
386 * In replay mode all events will come from the log and can't be
387 * suppressed otherwise we would break determinism. However as those
388 * events are tied to the number of executed instructions we won't see
389 * them occurring every time we single step.
390 */
391 if (replay_mode != REPLAY_MODE_NONE) {
392 gdbserver_state.supported_sstep_flags = SSTEP_ENABLE;
393 } else if (kvm_enabled()) {
394 gdbserver_state.supported_sstep_flags = kvm_get_supported_sstep_flags();
395 } else {
396 gdbserver_state.supported_sstep_flags =
397 SSTEP_ENABLE | SSTEP_NOIRQ | SSTEP_NOTIMER;
398 }
399
400 /*
401 * By default use no IRQs and no timers while single stepping so as to
402 * make single stepping like an ICE HW step.
403 */
404 gdbserver_state.sstep_flags = SSTEP_ENABLE | SSTEP_NOIRQ | SSTEP_NOTIMER;
405 gdbserver_state.sstep_flags &= gdbserver_state.supported_sstep_flags;
406
407 }
408
409 #ifndef CONFIG_USER_ONLY
410 static void reset_gdbserver_state(void)
411 {
412 g_free(gdbserver_state.processes);
413 gdbserver_state.processes = NULL;
414 gdbserver_state.process_num = 0;
415 }
416 #endif
417
418 bool gdb_has_xml;
419
420 #ifdef CONFIG_USER_ONLY
421
422 static int get_char(void)
423 {
424 uint8_t ch;
425 int ret;
426
427 for(;;) {
428 ret = recv(gdbserver_state.fd, &ch, 1, 0);
429 if (ret < 0) {
430 if (errno == ECONNRESET)
431 gdbserver_state.fd = -1;
432 if (errno != EINTR)
433 return -1;
434 } else if (ret == 0) {
435 close(gdbserver_state.fd);
436 gdbserver_state.fd = -1;
437 return -1;
438 } else {
439 break;
440 }
441 }
442 return ch;
443 }
444 #endif
445
446 static enum {
447 GDB_SYS_UNKNOWN,
448 GDB_SYS_ENABLED,
449 GDB_SYS_DISABLED,
450 } gdb_syscall_mode;
451
452 /* Decide if either remote gdb syscalls or native file IO should be used. */
453 int use_gdb_syscalls(void)
454 {
455 SemihostingTarget target = semihosting_get_target();
456 if (target == SEMIHOSTING_TARGET_NATIVE) {
457 /* -semihosting-config target=native */
458 return false;
459 } else if (target == SEMIHOSTING_TARGET_GDB) {
460 /* -semihosting-config target=gdb */
461 return true;
462 }
463
464 /* -semihosting-config target=auto */
465 /* On the first call check if gdb is connected and remember. */
466 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
467 gdb_syscall_mode = gdbserver_state.init ?
468 GDB_SYS_ENABLED : GDB_SYS_DISABLED;
469 }
470 return gdb_syscall_mode == GDB_SYS_ENABLED;
471 }
472
473 static bool stub_can_reverse(void)
474 {
475 #ifdef CONFIG_USER_ONLY
476 return false;
477 #else
478 return replay_mode == REPLAY_MODE_PLAY;
479 #endif
480 }
481
482 /* Resume execution. */
483 static inline void gdb_continue(void)
484 {
485
486 #ifdef CONFIG_USER_ONLY
487 gdbserver_state.running_state = 1;
488 trace_gdbstub_op_continue();
489 #else
490 if (!runstate_needs_reset()) {
491 trace_gdbstub_op_continue();
492 vm_start();
493 }
494 #endif
495 }
496
497 /*
498 * Resume execution, per CPU actions. For user-mode emulation it's
499 * equivalent to gdb_continue.
500 */
501 static int gdb_continue_partial(char *newstates)
502 {
503 CPUState *cpu;
504 int res = 0;
505 #ifdef CONFIG_USER_ONLY
506 /*
507 * This is not exactly accurate, but it's an improvement compared to the
508 * previous situation, where only one CPU would be single-stepped.
509 */
510 CPU_FOREACH(cpu) {
511 if (newstates[cpu->cpu_index] == 's') {
512 trace_gdbstub_op_stepping(cpu->cpu_index);
513 cpu_single_step(cpu, gdbserver_state.sstep_flags);
514 }
515 }
516 gdbserver_state.running_state = 1;
517 #else
518 int flag = 0;
519
520 if (!runstate_needs_reset()) {
521 bool step_requested = false;
522 CPU_FOREACH(cpu) {
523 if (newstates[cpu->cpu_index] == 's') {
524 step_requested = true;
525 break;
526 }
527 }
528
529 if (vm_prepare_start(step_requested)) {
530 return 0;
531 }
532
533 CPU_FOREACH(cpu) {
534 switch (newstates[cpu->cpu_index]) {
535 case 0:
536 case 1:
537 break; /* nothing to do here */
538 case 's':
539 trace_gdbstub_op_stepping(cpu->cpu_index);
540 cpu_single_step(cpu, gdbserver_state.sstep_flags);
541 cpu_resume(cpu);
542 flag = 1;
543 break;
544 case 'c':
545 trace_gdbstub_op_continue_cpu(cpu->cpu_index);
546 cpu_resume(cpu);
547 flag = 1;
548 break;
549 default:
550 res = -1;
551 break;
552 }
553 }
554 }
555 if (flag) {
556 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true);
557 }
558 #endif
559 return res;
560 }
561
562 static void put_buffer(const uint8_t *buf, int len)
563 {
564 #ifdef CONFIG_USER_ONLY
565 int ret;
566
567 while (len > 0) {
568 ret = send(gdbserver_state.fd, buf, len, 0);
569 if (ret < 0) {
570 if (errno != EINTR)
571 return;
572 } else {
573 buf += ret;
574 len -= ret;
575 }
576 }
577 #else
578 /* XXX this blocks entire thread. Rewrite to use
579 * qemu_chr_fe_write and background I/O callbacks */
580 qemu_chr_fe_write_all(&gdbserver_state.chr, buf, len);
581 #endif
582 }
583
584 static inline int fromhex(int v)
585 {
586 if (v >= '0' && v <= '9')
587 return v - '0';
588 else if (v >= 'A' && v <= 'F')
589 return v - 'A' + 10;
590 else if (v >= 'a' && v <= 'f')
591 return v - 'a' + 10;
592 else
593 return 0;
594 }
595
596 static inline int tohex(int v)
597 {
598 if (v < 10)
599 return v + '0';
600 else
601 return v - 10 + 'a';
602 }
603
604 /* writes 2*len+1 bytes in buf */
605 static void memtohex(GString *buf, const uint8_t *mem, int len)
606 {
607 int i, c;
608 for(i = 0; i < len; i++) {
609 c = mem[i];
610 g_string_append_c(buf, tohex(c >> 4));
611 g_string_append_c(buf, tohex(c & 0xf));
612 }
613 g_string_append_c(buf, '\0');
614 }
615
616 static void hextomem(GByteArray *mem, const char *buf, int len)
617 {
618 int i;
619
620 for(i = 0; i < len; i++) {
621 guint8 byte = fromhex(buf[0]) << 4 | fromhex(buf[1]);
622 g_byte_array_append(mem, &byte, 1);
623 buf += 2;
624 }
625 }
626
627 static void hexdump(const char *buf, int len,
628 void (*trace_fn)(size_t ofs, char const *text))
629 {
630 char line_buffer[3 * 16 + 4 + 16 + 1];
631
632 size_t i;
633 for (i = 0; i < len || (i & 0xF); ++i) {
634 size_t byte_ofs = i & 15;
635
636 if (byte_ofs == 0) {
637 memset(line_buffer, ' ', 3 * 16 + 4 + 16);
638 line_buffer[3 * 16 + 4 + 16] = 0;
639 }
640
641 size_t col_group = (i >> 2) & 3;
642 size_t hex_col = byte_ofs * 3 + col_group;
643 size_t txt_col = 3 * 16 + 4 + byte_ofs;
644
645 if (i < len) {
646 char value = buf[i];
647
648 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF);
649 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF);
650 line_buffer[txt_col + 0] = (value >= ' ' && value < 127)
651 ? value
652 : '.';
653 }
654
655 if (byte_ofs == 0xF)
656 trace_fn(i & -16, line_buffer);
657 }
658 }
659
660 /* return -1 if error, 0 if OK */
661 static int put_packet_binary(const char *buf, int len, bool dump)
662 {
663 int csum, i;
664 uint8_t footer[3];
665
666 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) {
667 hexdump(buf, len, trace_gdbstub_io_binaryreply);
668 }
669
670 for(;;) {
671 g_byte_array_set_size(gdbserver_state.last_packet, 0);
672 g_byte_array_append(gdbserver_state.last_packet,
673 (const uint8_t *) "$", 1);
674 g_byte_array_append(gdbserver_state.last_packet,
675 (const uint8_t *) buf, len);
676 csum = 0;
677 for(i = 0; i < len; i++) {
678 csum += buf[i];
679 }
680 footer[0] = '#';
681 footer[1] = tohex((csum >> 4) & 0xf);
682 footer[2] = tohex((csum) & 0xf);
683 g_byte_array_append(gdbserver_state.last_packet, footer, 3);
684
685 put_buffer(gdbserver_state.last_packet->data,
686 gdbserver_state.last_packet->len);
687
688 #ifdef CONFIG_USER_ONLY
689 i = get_char();
690 if (i < 0)
691 return -1;
692 if (i == '+')
693 break;
694 #else
695 break;
696 #endif
697 }
698 return 0;
699 }
700
701 /* return -1 if error, 0 if OK */
702 static int put_packet(const char *buf)
703 {
704 trace_gdbstub_io_reply(buf);
705
706 return put_packet_binary(buf, strlen(buf), false);
707 }
708
709 static void put_strbuf(void)
710 {
711 put_packet(gdbserver_state.str_buf->str);
712 }
713
714 /* Encode data using the encoding for 'x' packets. */
715 static void memtox(GString *buf, const char *mem, int len)
716 {
717 char c;
718
719 while (len--) {
720 c = *(mem++);
721 switch (c) {
722 case '#': case '$': case '*': case '}':
723 g_string_append_c(buf, '}');
724 g_string_append_c(buf, c ^ 0x20);
725 break;
726 default:
727 g_string_append_c(buf, c);
728 break;
729 }
730 }
731 }
732
733 static uint32_t gdb_get_cpu_pid(CPUState *cpu)
734 {
735 /* TODO: In user mode, we should use the task state PID */
736 if (cpu->cluster_index == UNASSIGNED_CLUSTER_INDEX) {
737 /* Return the default process' PID */
738 int index = gdbserver_state.process_num - 1;
739 return gdbserver_state.processes[index].pid;
740 }
741 return cpu->cluster_index + 1;
742 }
743
744 static GDBProcess *gdb_get_process(uint32_t pid)
745 {
746 int i;
747
748 if (!pid) {
749 /* 0 means any process, we take the first one */
750 return &gdbserver_state.processes[0];
751 }
752
753 for (i = 0; i < gdbserver_state.process_num; i++) {
754 if (gdbserver_state.processes[i].pid == pid) {
755 return &gdbserver_state.processes[i];
756 }
757 }
758
759 return NULL;
760 }
761
762 static GDBProcess *gdb_get_cpu_process(CPUState *cpu)
763 {
764 return gdb_get_process(gdb_get_cpu_pid(cpu));
765 }
766
767 static CPUState *find_cpu(uint32_t thread_id)
768 {
769 CPUState *cpu;
770
771 CPU_FOREACH(cpu) {
772 if (cpu_gdb_index(cpu) == thread_id) {
773 return cpu;
774 }
775 }
776
777 return NULL;
778 }
779
780 static CPUState *get_first_cpu_in_process(GDBProcess *process)
781 {
782 CPUState *cpu;
783
784 CPU_FOREACH(cpu) {
785 if (gdb_get_cpu_pid(cpu) == process->pid) {
786 return cpu;
787 }
788 }
789
790 return NULL;
791 }
792
793 static CPUState *gdb_next_cpu_in_process(CPUState *cpu)
794 {
795 uint32_t pid = gdb_get_cpu_pid(cpu);
796 cpu = CPU_NEXT(cpu);
797
798 while (cpu) {
799 if (gdb_get_cpu_pid(cpu) == pid) {
800 break;
801 }
802
803 cpu = CPU_NEXT(cpu);
804 }
805
806 return cpu;
807 }
808
809 /* Return the cpu following @cpu, while ignoring unattached processes. */
810 static CPUState *gdb_next_attached_cpu(CPUState *cpu)
811 {
812 cpu = CPU_NEXT(cpu);
813
814 while (cpu) {
815 if (gdb_get_cpu_process(cpu)->attached) {
816 break;
817 }
818
819 cpu = CPU_NEXT(cpu);
820 }
821
822 return cpu;
823 }
824
825 /* Return the first attached cpu */
826 static CPUState *gdb_first_attached_cpu(void)
827 {
828 CPUState *cpu = first_cpu;
829 GDBProcess *process = gdb_get_cpu_process(cpu);
830
831 if (!process->attached) {
832 return gdb_next_attached_cpu(cpu);
833 }
834
835 return cpu;
836 }
837
838 static CPUState *gdb_get_cpu(uint32_t pid, uint32_t tid)
839 {
840 GDBProcess *process;
841 CPUState *cpu;
842
843 if (!pid && !tid) {
844 /* 0 means any process/thread, we take the first attached one */
845 return gdb_first_attached_cpu();
846 } else if (pid && !tid) {
847 /* any thread in a specific process */
848 process = gdb_get_process(pid);
849
850 if (process == NULL) {
851 return NULL;
852 }
853
854 if (!process->attached) {
855 return NULL;
856 }
857
858 return get_first_cpu_in_process(process);
859 } else {
860 /* a specific thread */
861 cpu = find_cpu(tid);
862
863 if (cpu == NULL) {
864 return NULL;
865 }
866
867 process = gdb_get_cpu_process(cpu);
868
869 if (pid && process->pid != pid) {
870 return NULL;
871 }
872
873 if (!process->attached) {
874 return NULL;
875 }
876
877 return cpu;
878 }
879 }
880
881 static const char *get_feature_xml(const char *p, const char **newp,
882 GDBProcess *process)
883 {
884 size_t len;
885 int i;
886 const char *name;
887 CPUState *cpu = get_first_cpu_in_process(process);
888 CPUClass *cc = CPU_GET_CLASS(cpu);
889
890 len = 0;
891 while (p[len] && p[len] != ':')
892 len++;
893 *newp = p + len;
894
895 name = NULL;
896 if (strncmp(p, "target.xml", len) == 0) {
897 char *buf = process->target_xml;
898 const size_t buf_sz = sizeof(process->target_xml);
899
900 /* Generate the XML description for this CPU. */
901 if (!buf[0]) {
902 GDBRegisterState *r;
903
904 pstrcat(buf, buf_sz,
905 "<?xml version=\"1.0\"?>"
906 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
907 "<target>");
908 if (cc->gdb_arch_name) {
909 gchar *arch = cc->gdb_arch_name(cpu);
910 pstrcat(buf, buf_sz, "<architecture>");
911 pstrcat(buf, buf_sz, arch);
912 pstrcat(buf, buf_sz, "</architecture>");
913 g_free(arch);
914 }
915 pstrcat(buf, buf_sz, "<xi:include href=\"");
916 pstrcat(buf, buf_sz, cc->gdb_core_xml_file);
917 pstrcat(buf, buf_sz, "\"/>");
918 for (r = cpu->gdb_regs; r; r = r->next) {
919 pstrcat(buf, buf_sz, "<xi:include href=\"");
920 pstrcat(buf, buf_sz, r->xml);
921 pstrcat(buf, buf_sz, "\"/>");
922 }
923 pstrcat(buf, buf_sz, "</target>");
924 }
925 return buf;
926 }
927 if (cc->gdb_get_dynamic_xml) {
928 char *xmlname = g_strndup(p, len);
929 const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname);
930
931 g_free(xmlname);
932 if (xml) {
933 return xml;
934 }
935 }
936 for (i = 0; ; i++) {
937 name = xml_builtin[i][0];
938 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
939 break;
940 }
941 return name ? xml_builtin[i][1] : NULL;
942 }
943
944 static int gdb_read_register(CPUState *cpu, GByteArray *buf, int reg)
945 {
946 CPUClass *cc = CPU_GET_CLASS(cpu);
947 CPUArchState *env = cpu->env_ptr;
948 GDBRegisterState *r;
949
950 if (reg < cc->gdb_num_core_regs) {
951 return cc->gdb_read_register(cpu, buf, reg);
952 }
953
954 for (r = cpu->gdb_regs; r; r = r->next) {
955 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
956 return r->get_reg(env, buf, reg - r->base_reg);
957 }
958 }
959 return 0;
960 }
961
962 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
963 {
964 CPUClass *cc = CPU_GET_CLASS(cpu);
965 CPUArchState *env = cpu->env_ptr;
966 GDBRegisterState *r;
967
968 if (reg < cc->gdb_num_core_regs) {
969 return cc->gdb_write_register(cpu, mem_buf, reg);
970 }
971
972 for (r = cpu->gdb_regs; r; r = r->next) {
973 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
974 return r->set_reg(env, mem_buf, reg - r->base_reg);
975 }
976 }
977 return 0;
978 }
979
980 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
981 specifies the first register number and these registers are included in
982 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
983 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
984 */
985
986 void gdb_register_coprocessor(CPUState *cpu,
987 gdb_get_reg_cb get_reg, gdb_set_reg_cb set_reg,
988 int num_regs, const char *xml, int g_pos)
989 {
990 GDBRegisterState *s;
991 GDBRegisterState **p;
992
993 p = &cpu->gdb_regs;
994 while (*p) {
995 /* Check for duplicates. */
996 if (strcmp((*p)->xml, xml) == 0)
997 return;
998 p = &(*p)->next;
999 }
1000
1001 s = g_new0(GDBRegisterState, 1);
1002 s->base_reg = cpu->gdb_num_regs;
1003 s->num_regs = num_regs;
1004 s->get_reg = get_reg;
1005 s->set_reg = set_reg;
1006 s->xml = xml;
1007
1008 /* Add to end of list. */
1009 cpu->gdb_num_regs += num_regs;
1010 *p = s;
1011 if (g_pos) {
1012 if (g_pos != s->base_reg) {
1013 error_report("Error: Bad gdb register numbering for '%s', "
1014 "expected %d got %d", xml, g_pos, s->base_reg);
1015 } else {
1016 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
1017 }
1018 }
1019 }
1020
1021 #ifndef CONFIG_USER_ONLY
1022 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
1023 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
1024 {
1025 static const int xlat[] = {
1026 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
1027 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
1028 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
1029 };
1030
1031 CPUClass *cc = CPU_GET_CLASS(cpu);
1032 int cputype = xlat[gdbtype];
1033
1034 if (cc->gdb_stop_before_watchpoint) {
1035 cputype |= BP_STOP_BEFORE_ACCESS;
1036 }
1037 return cputype;
1038 }
1039 #endif
1040
1041 static int gdb_breakpoint_insert(int type, target_ulong addr, target_ulong len)
1042 {
1043 CPUState *cpu;
1044 int err = 0;
1045
1046 if (kvm_enabled()) {
1047 return kvm_insert_breakpoint(gdbserver_state.c_cpu, addr, len, type);
1048 }
1049
1050 switch (type) {
1051 case GDB_BREAKPOINT_SW:
1052 case GDB_BREAKPOINT_HW:
1053 CPU_FOREACH(cpu) {
1054 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
1055 if (err) {
1056 break;
1057 }
1058 }
1059 return err;
1060 #ifndef CONFIG_USER_ONLY
1061 case GDB_WATCHPOINT_WRITE:
1062 case GDB_WATCHPOINT_READ:
1063 case GDB_WATCHPOINT_ACCESS:
1064 CPU_FOREACH(cpu) {
1065 err = cpu_watchpoint_insert(cpu, addr, len,
1066 xlat_gdb_type(cpu, type), NULL);
1067 if (err) {
1068 break;
1069 }
1070 }
1071 return err;
1072 #endif
1073 default:
1074 return -ENOSYS;
1075 }
1076 }
1077
1078 static int gdb_breakpoint_remove(int type, target_ulong addr, target_ulong len)
1079 {
1080 CPUState *cpu;
1081 int err = 0;
1082
1083 if (kvm_enabled()) {
1084 return kvm_remove_breakpoint(gdbserver_state.c_cpu, addr, len, type);
1085 }
1086
1087 switch (type) {
1088 case GDB_BREAKPOINT_SW:
1089 case GDB_BREAKPOINT_HW:
1090 CPU_FOREACH(cpu) {
1091 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
1092 if (err) {
1093 break;
1094 }
1095 }
1096 return err;
1097 #ifndef CONFIG_USER_ONLY
1098 case GDB_WATCHPOINT_WRITE:
1099 case GDB_WATCHPOINT_READ:
1100 case GDB_WATCHPOINT_ACCESS:
1101 CPU_FOREACH(cpu) {
1102 err = cpu_watchpoint_remove(cpu, addr, len,
1103 xlat_gdb_type(cpu, type));
1104 if (err)
1105 break;
1106 }
1107 return err;
1108 #endif
1109 default:
1110 return -ENOSYS;
1111 }
1112 }
1113
1114 static inline void gdb_cpu_breakpoint_remove_all(CPUState *cpu)
1115 {
1116 cpu_breakpoint_remove_all(cpu, BP_GDB);
1117 #ifndef CONFIG_USER_ONLY
1118 cpu_watchpoint_remove_all(cpu, BP_GDB);
1119 #endif
1120 }
1121
1122 static void gdb_process_breakpoint_remove_all(GDBProcess *p)
1123 {
1124 CPUState *cpu = get_first_cpu_in_process(p);
1125
1126 while (cpu) {
1127 gdb_cpu_breakpoint_remove_all(cpu);
1128 cpu = gdb_next_cpu_in_process(cpu);
1129 }
1130 }
1131
1132 static void gdb_breakpoint_remove_all(void)
1133 {
1134 CPUState *cpu;
1135
1136 if (kvm_enabled()) {
1137 kvm_remove_all_breakpoints(gdbserver_state.c_cpu);
1138 return;
1139 }
1140
1141 CPU_FOREACH(cpu) {
1142 gdb_cpu_breakpoint_remove_all(cpu);
1143 }
1144 }
1145
1146 static void gdb_set_cpu_pc(target_ulong pc)
1147 {
1148 CPUState *cpu = gdbserver_state.c_cpu;
1149
1150 cpu_synchronize_state(cpu);
1151 cpu_set_pc(cpu, pc);
1152 }
1153
1154 static void gdb_append_thread_id(CPUState *cpu, GString *buf)
1155 {
1156 if (gdbserver_state.multiprocess) {
1157 g_string_append_printf(buf, "p%02x.%02x",
1158 gdb_get_cpu_pid(cpu), cpu_gdb_index(cpu));
1159 } else {
1160 g_string_append_printf(buf, "%02x", cpu_gdb_index(cpu));
1161 }
1162 }
1163
1164 typedef enum GDBThreadIdKind {
1165 GDB_ONE_THREAD = 0,
1166 GDB_ALL_THREADS, /* One process, all threads */
1167 GDB_ALL_PROCESSES,
1168 GDB_READ_THREAD_ERR
1169 } GDBThreadIdKind;
1170
1171 static GDBThreadIdKind read_thread_id(const char *buf, const char **end_buf,
1172 uint32_t *pid, uint32_t *tid)
1173 {
1174 unsigned long p, t;
1175 int ret;
1176
1177 if (*buf == 'p') {
1178 buf++;
1179 ret = qemu_strtoul(buf, &buf, 16, &p);
1180
1181 if (ret) {
1182 return GDB_READ_THREAD_ERR;
1183 }
1184
1185 /* Skip '.' */
1186 buf++;
1187 } else {
1188 p = 1;
1189 }
1190
1191 ret = qemu_strtoul(buf, &buf, 16, &t);
1192
1193 if (ret) {
1194 return GDB_READ_THREAD_ERR;
1195 }
1196
1197 *end_buf = buf;
1198
1199 if (p == -1) {
1200 return GDB_ALL_PROCESSES;
1201 }
1202
1203 if (pid) {
1204 *pid = p;
1205 }
1206
1207 if (t == -1) {
1208 return GDB_ALL_THREADS;
1209 }
1210
1211 if (tid) {
1212 *tid = t;
1213 }
1214
1215 return GDB_ONE_THREAD;
1216 }
1217
1218 /**
1219 * gdb_handle_vcont - Parses and handles a vCont packet.
1220 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
1221 * a format error, 0 on success.
1222 */
1223 static int gdb_handle_vcont(const char *p)
1224 {
1225 int res, signal = 0;
1226 char cur_action;
1227 char *newstates;
1228 unsigned long tmp;
1229 uint32_t pid, tid;
1230 GDBProcess *process;
1231 CPUState *cpu;
1232 GDBThreadIdKind kind;
1233 #ifdef CONFIG_USER_ONLY
1234 int max_cpus = 1; /* global variable max_cpus exists only in system mode */
1235
1236 CPU_FOREACH(cpu) {
1237 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus;
1238 }
1239 #else
1240 MachineState *ms = MACHINE(qdev_get_machine());
1241 unsigned int max_cpus = ms->smp.max_cpus;
1242 #endif
1243 /* uninitialised CPUs stay 0 */
1244 newstates = g_new0(char, max_cpus);
1245
1246 /* mark valid CPUs with 1 */
1247 CPU_FOREACH(cpu) {
1248 newstates[cpu->cpu_index] = 1;
1249 }
1250
1251 /*
1252 * res keeps track of what error we are returning, with -ENOTSUP meaning
1253 * that the command is unknown or unsupported, thus returning an empty
1254 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
1255 * or incorrect parameters passed.
1256 */
1257 res = 0;
1258 while (*p) {
1259 if (*p++ != ';') {
1260 res = -ENOTSUP;
1261 goto out;
1262 }
1263
1264 cur_action = *p++;
1265 if (cur_action == 'C' || cur_action == 'S') {
1266 cur_action = qemu_tolower(cur_action);
1267 res = qemu_strtoul(p, &p, 16, &tmp);
1268 if (res) {
1269 goto out;
1270 }
1271 signal = gdb_signal_to_target(tmp);
1272 } else if (cur_action != 'c' && cur_action != 's') {
1273 /* unknown/invalid/unsupported command */
1274 res = -ENOTSUP;
1275 goto out;
1276 }
1277
1278 if (*p == '\0' || *p == ';') {
1279 /*
1280 * No thread specifier, action is on "all threads". The
1281 * specification is unclear regarding the process to act on. We
1282 * choose all processes.
1283 */
1284 kind = GDB_ALL_PROCESSES;
1285 } else if (*p++ == ':') {
1286 kind = read_thread_id(p, &p, &pid, &tid);
1287 } else {
1288 res = -ENOTSUP;
1289 goto out;
1290 }
1291
1292 switch (kind) {
1293 case GDB_READ_THREAD_ERR:
1294 res = -EINVAL;
1295 goto out;
1296
1297 case GDB_ALL_PROCESSES:
1298 cpu = gdb_first_attached_cpu();
1299 while (cpu) {
1300 if (newstates[cpu->cpu_index] == 1) {
1301 newstates[cpu->cpu_index] = cur_action;
1302 }
1303
1304 cpu = gdb_next_attached_cpu(cpu);
1305 }
1306 break;
1307
1308 case GDB_ALL_THREADS:
1309 process = gdb_get_process(pid);
1310
1311 if (!process->attached) {
1312 res = -EINVAL;
1313 goto out;
1314 }
1315
1316 cpu = get_first_cpu_in_process(process);
1317 while (cpu) {
1318 if (newstates[cpu->cpu_index] == 1) {
1319 newstates[cpu->cpu_index] = cur_action;
1320 }
1321
1322 cpu = gdb_next_cpu_in_process(cpu);
1323 }
1324 break;
1325
1326 case GDB_ONE_THREAD:
1327 cpu = gdb_get_cpu(pid, tid);
1328
1329 /* invalid CPU/thread specified */
1330 if (!cpu) {
1331 res = -EINVAL;
1332 goto out;
1333 }
1334
1335 /* only use if no previous match occourred */
1336 if (newstates[cpu->cpu_index] == 1) {
1337 newstates[cpu->cpu_index] = cur_action;
1338 }
1339 break;
1340 }
1341 }
1342 gdbserver_state.signal = signal;
1343 gdb_continue_partial(newstates);
1344
1345 out:
1346 g_free(newstates);
1347
1348 return res;
1349 }
1350
1351 typedef union GdbCmdVariant {
1352 const char *data;
1353 uint8_t opcode;
1354 unsigned long val_ul;
1355 unsigned long long val_ull;
1356 struct {
1357 GDBThreadIdKind kind;
1358 uint32_t pid;
1359 uint32_t tid;
1360 } thread_id;
1361 } GdbCmdVariant;
1362
1363 #define get_param(p, i) (&g_array_index(p, GdbCmdVariant, i))
1364
1365 static const char *cmd_next_param(const char *param, const char delimiter)
1366 {
1367 static const char all_delimiters[] = ",;:=";
1368 char curr_delimiters[2] = {0};
1369 const char *delimiters;
1370
1371 if (delimiter == '?') {
1372 delimiters = all_delimiters;
1373 } else if (delimiter == '0') {
1374 return strchr(param, '\0');
1375 } else if (delimiter == '.' && *param) {
1376 return param + 1;
1377 } else {
1378 curr_delimiters[0] = delimiter;
1379 delimiters = curr_delimiters;
1380 }
1381
1382 param += strcspn(param, delimiters);
1383 if (*param) {
1384 param++;
1385 }
1386 return param;
1387 }
1388
1389 static int cmd_parse_params(const char *data, const char *schema,
1390 GArray *params)
1391 {
1392 const char *curr_schema, *curr_data;
1393
1394 g_assert(schema);
1395 g_assert(params->len == 0);
1396
1397 curr_schema = schema;
1398 curr_data = data;
1399 while (curr_schema[0] && curr_schema[1] && *curr_data) {
1400 GdbCmdVariant this_param;
1401
1402 switch (curr_schema[0]) {
1403 case 'l':
1404 if (qemu_strtoul(curr_data, &curr_data, 16,
1405 &this_param.val_ul)) {
1406 return -EINVAL;
1407 }
1408 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1409 g_array_append_val(params, this_param);
1410 break;
1411 case 'L':
1412 if (qemu_strtou64(curr_data, &curr_data, 16,
1413 (uint64_t *)&this_param.val_ull)) {
1414 return -EINVAL;
1415 }
1416 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1417 g_array_append_val(params, this_param);
1418 break;
1419 case 's':
1420 this_param.data = curr_data;
1421 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1422 g_array_append_val(params, this_param);
1423 break;
1424 case 'o':
1425 this_param.opcode = *(uint8_t *)curr_data;
1426 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1427 g_array_append_val(params, this_param);
1428 break;
1429 case 't':
1430 this_param.thread_id.kind =
1431 read_thread_id(curr_data, &curr_data,
1432 &this_param.thread_id.pid,
1433 &this_param.thread_id.tid);
1434 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1435 g_array_append_val(params, this_param);
1436 break;
1437 case '?':
1438 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1439 break;
1440 default:
1441 return -EINVAL;
1442 }
1443 curr_schema += 2;
1444 }
1445
1446 return 0;
1447 }
1448
1449 typedef void (*GdbCmdHandler)(GArray *params, void *user_ctx);
1450
1451 /*
1452 * cmd_startswith -> cmd is compared using startswith
1453 *
1454 *
1455 * schema definitions:
1456 * Each schema parameter entry consists of 2 chars,
1457 * the first char represents the parameter type handling
1458 * the second char represents the delimiter for the next parameter
1459 *
1460 * Currently supported schema types:
1461 * 'l' -> unsigned long (stored in .val_ul)
1462 * 'L' -> unsigned long long (stored in .val_ull)
1463 * 's' -> string (stored in .data)
1464 * 'o' -> single char (stored in .opcode)
1465 * 't' -> thread id (stored in .thread_id)
1466 * '?' -> skip according to delimiter
1467 *
1468 * Currently supported delimiters:
1469 * '?' -> Stop at any delimiter (",;:=\0")
1470 * '0' -> Stop at "\0"
1471 * '.' -> Skip 1 char unless reached "\0"
1472 * Any other value is treated as the delimiter value itself
1473 */
1474 typedef struct GdbCmdParseEntry {
1475 GdbCmdHandler handler;
1476 const char *cmd;
1477 bool cmd_startswith;
1478 const char *schema;
1479 } GdbCmdParseEntry;
1480
1481 static inline int startswith(const char *string, const char *pattern)
1482 {
1483 return !strncmp(string, pattern, strlen(pattern));
1484 }
1485
1486 static int process_string_cmd(void *user_ctx, const char *data,
1487 const GdbCmdParseEntry *cmds, int num_cmds)
1488 {
1489 int i;
1490 g_autoptr(GArray) params = g_array_new(false, true, sizeof(GdbCmdVariant));
1491
1492 if (!cmds) {
1493 return -1;
1494 }
1495
1496 for (i = 0; i < num_cmds; i++) {
1497 const GdbCmdParseEntry *cmd = &cmds[i];
1498 g_assert(cmd->handler && cmd->cmd);
1499
1500 if ((cmd->cmd_startswith && !startswith(data, cmd->cmd)) ||
1501 (!cmd->cmd_startswith && strcmp(cmd->cmd, data))) {
1502 continue;
1503 }
1504
1505 if (cmd->schema) {
1506 if (cmd_parse_params(&data[strlen(cmd->cmd)],
1507 cmd->schema, params)) {
1508 return -1;
1509 }
1510 }
1511
1512 cmd->handler(params, user_ctx);
1513 return 0;
1514 }
1515
1516 return -1;
1517 }
1518
1519 static void run_cmd_parser(const char *data, const GdbCmdParseEntry *cmd)
1520 {
1521 if (!data) {
1522 return;
1523 }
1524
1525 g_string_set_size(gdbserver_state.str_buf, 0);
1526 g_byte_array_set_size(gdbserver_state.mem_buf, 0);
1527
1528 /* In case there was an error during the command parsing we must
1529 * send a NULL packet to indicate the command is not supported */
1530 if (process_string_cmd(NULL, data, cmd, 1)) {
1531 put_packet("");
1532 }
1533 }
1534
1535 static void handle_detach(GArray *params, void *user_ctx)
1536 {
1537 GDBProcess *process;
1538 uint32_t pid = 1;
1539
1540 if (gdbserver_state.multiprocess) {
1541 if (!params->len) {
1542 put_packet("E22");
1543 return;
1544 }
1545
1546 pid = get_param(params, 0)->val_ul;
1547 }
1548
1549 process = gdb_get_process(pid);
1550 gdb_process_breakpoint_remove_all(process);
1551 process->attached = false;
1552
1553 if (pid == gdb_get_cpu_pid(gdbserver_state.c_cpu)) {
1554 gdbserver_state.c_cpu = gdb_first_attached_cpu();
1555 }
1556
1557 if (pid == gdb_get_cpu_pid(gdbserver_state.g_cpu)) {
1558 gdbserver_state.g_cpu = gdb_first_attached_cpu();
1559 }
1560
1561 if (!gdbserver_state.c_cpu) {
1562 /* No more process attached */
1563 gdb_syscall_mode = GDB_SYS_DISABLED;
1564 gdb_continue();
1565 }
1566 put_packet("OK");
1567 }
1568
1569 static void handle_thread_alive(GArray *params, void *user_ctx)
1570 {
1571 CPUState *cpu;
1572
1573 if (!params->len) {
1574 put_packet("E22");
1575 return;
1576 }
1577
1578 if (get_param(params, 0)->thread_id.kind == GDB_READ_THREAD_ERR) {
1579 put_packet("E22");
1580 return;
1581 }
1582
1583 cpu = gdb_get_cpu(get_param(params, 0)->thread_id.pid,
1584 get_param(params, 0)->thread_id.tid);
1585 if (!cpu) {
1586 put_packet("E22");
1587 return;
1588 }
1589
1590 put_packet("OK");
1591 }
1592
1593 static void handle_continue(GArray *params, void *user_ctx)
1594 {
1595 if (params->len) {
1596 gdb_set_cpu_pc(get_param(params, 0)->val_ull);
1597 }
1598
1599 gdbserver_state.signal = 0;
1600 gdb_continue();
1601 }
1602
1603 static void handle_cont_with_sig(GArray *params, void *user_ctx)
1604 {
1605 unsigned long signal = 0;
1606
1607 /*
1608 * Note: C sig;[addr] is currently unsupported and we simply
1609 * omit the addr parameter
1610 */
1611 if (params->len) {
1612 signal = get_param(params, 0)->val_ul;
1613 }
1614
1615 gdbserver_state.signal = gdb_signal_to_target(signal);
1616 if (gdbserver_state.signal == -1) {
1617 gdbserver_state.signal = 0;
1618 }
1619 gdb_continue();
1620 }
1621
1622 static void handle_set_thread(GArray *params, void *user_ctx)
1623 {
1624 CPUState *cpu;
1625
1626 if (params->len != 2) {
1627 put_packet("E22");
1628 return;
1629 }
1630
1631 if (get_param(params, 1)->thread_id.kind == GDB_READ_THREAD_ERR) {
1632 put_packet("E22");
1633 return;
1634 }
1635
1636 if (get_param(params, 1)->thread_id.kind != GDB_ONE_THREAD) {
1637 put_packet("OK");
1638 return;
1639 }
1640
1641 cpu = gdb_get_cpu(get_param(params, 1)->thread_id.pid,
1642 get_param(params, 1)->thread_id.tid);
1643 if (!cpu) {
1644 put_packet("E22");
1645 return;
1646 }
1647
1648 /*
1649 * Note: This command is deprecated and modern gdb's will be using the
1650 * vCont command instead.
1651 */
1652 switch (get_param(params, 0)->opcode) {
1653 case 'c':
1654 gdbserver_state.c_cpu = cpu;
1655 put_packet("OK");
1656 break;
1657 case 'g':
1658 gdbserver_state.g_cpu = cpu;
1659 put_packet("OK");
1660 break;
1661 default:
1662 put_packet("E22");
1663 break;
1664 }
1665 }
1666
1667 static void handle_insert_bp(GArray *params, void *user_ctx)
1668 {
1669 int res;
1670
1671 if (params->len != 3) {
1672 put_packet("E22");
1673 return;
1674 }
1675
1676 res = gdb_breakpoint_insert(get_param(params, 0)->val_ul,
1677 get_param(params, 1)->val_ull,
1678 get_param(params, 2)->val_ull);
1679 if (res >= 0) {
1680 put_packet("OK");
1681 return;
1682 } else if (res == -ENOSYS) {
1683 put_packet("");
1684 return;
1685 }
1686
1687 put_packet("E22");
1688 }
1689
1690 static void handle_remove_bp(GArray *params, void *user_ctx)
1691 {
1692 int res;
1693
1694 if (params->len != 3) {
1695 put_packet("E22");
1696 return;
1697 }
1698
1699 res = gdb_breakpoint_remove(get_param(params, 0)->val_ul,
1700 get_param(params, 1)->val_ull,
1701 get_param(params, 2)->val_ull);
1702 if (res >= 0) {
1703 put_packet("OK");
1704 return;
1705 } else if (res == -ENOSYS) {
1706 put_packet("");
1707 return;
1708 }
1709
1710 put_packet("E22");
1711 }
1712
1713 /*
1714 * handle_set/get_reg
1715 *
1716 * Older gdb are really dumb, and don't use 'G/g' if 'P/p' is available.
1717 * This works, but can be very slow. Anything new enough to understand
1718 * XML also knows how to use this properly. However to use this we
1719 * need to define a local XML file as well as be talking to a
1720 * reasonably modern gdb. Responding with an empty packet will cause
1721 * the remote gdb to fallback to older methods.
1722 */
1723
1724 static void handle_set_reg(GArray *params, void *user_ctx)
1725 {
1726 int reg_size;
1727
1728 if (!gdb_has_xml) {
1729 put_packet("");
1730 return;
1731 }
1732
1733 if (params->len != 2) {
1734 put_packet("E22");
1735 return;
1736 }
1737
1738 reg_size = strlen(get_param(params, 1)->data) / 2;
1739 hextomem(gdbserver_state.mem_buf, get_param(params, 1)->data, reg_size);
1740 gdb_write_register(gdbserver_state.g_cpu, gdbserver_state.mem_buf->data,
1741 get_param(params, 0)->val_ull);
1742 put_packet("OK");
1743 }
1744
1745 static void handle_get_reg(GArray *params, void *user_ctx)
1746 {
1747 int reg_size;
1748
1749 if (!gdb_has_xml) {
1750 put_packet("");
1751 return;
1752 }
1753
1754 if (!params->len) {
1755 put_packet("E14");
1756 return;
1757 }
1758
1759 reg_size = gdb_read_register(gdbserver_state.g_cpu,
1760 gdbserver_state.mem_buf,
1761 get_param(params, 0)->val_ull);
1762 if (!reg_size) {
1763 put_packet("E14");
1764 return;
1765 } else {
1766 g_byte_array_set_size(gdbserver_state.mem_buf, reg_size);
1767 }
1768
1769 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, reg_size);
1770 put_strbuf();
1771 }
1772
1773 static void handle_write_mem(GArray *params, void *user_ctx)
1774 {
1775 if (params->len != 3) {
1776 put_packet("E22");
1777 return;
1778 }
1779
1780 /* hextomem() reads 2*len bytes */
1781 if (get_param(params, 1)->val_ull >
1782 strlen(get_param(params, 2)->data) / 2) {
1783 put_packet("E22");
1784 return;
1785 }
1786
1787 hextomem(gdbserver_state.mem_buf, get_param(params, 2)->data,
1788 get_param(params, 1)->val_ull);
1789 if (target_memory_rw_debug(gdbserver_state.g_cpu,
1790 get_param(params, 0)->val_ull,
1791 gdbserver_state.mem_buf->data,
1792 gdbserver_state.mem_buf->len, true)) {
1793 put_packet("E14");
1794 return;
1795 }
1796
1797 put_packet("OK");
1798 }
1799
1800 static void handle_read_mem(GArray *params, void *user_ctx)
1801 {
1802 if (params->len != 2) {
1803 put_packet("E22");
1804 return;
1805 }
1806
1807 /* memtohex() doubles the required space */
1808 if (get_param(params, 1)->val_ull > MAX_PACKET_LENGTH / 2) {
1809 put_packet("E22");
1810 return;
1811 }
1812
1813 g_byte_array_set_size(gdbserver_state.mem_buf,
1814 get_param(params, 1)->val_ull);
1815
1816 if (target_memory_rw_debug(gdbserver_state.g_cpu,
1817 get_param(params, 0)->val_ull,
1818 gdbserver_state.mem_buf->data,
1819 gdbserver_state.mem_buf->len, false)) {
1820 put_packet("E14");
1821 return;
1822 }
1823
1824 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data,
1825 gdbserver_state.mem_buf->len);
1826 put_strbuf();
1827 }
1828
1829 static void handle_write_all_regs(GArray *params, void *user_ctx)
1830 {
1831 target_ulong addr, len;
1832 uint8_t *registers;
1833 int reg_size;
1834
1835 if (!params->len) {
1836 return;
1837 }
1838
1839 cpu_synchronize_state(gdbserver_state.g_cpu);
1840 len = strlen(get_param(params, 0)->data) / 2;
1841 hextomem(gdbserver_state.mem_buf, get_param(params, 0)->data, len);
1842 registers = gdbserver_state.mem_buf->data;
1843 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs && len > 0;
1844 addr++) {
1845 reg_size = gdb_write_register(gdbserver_state.g_cpu, registers, addr);
1846 len -= reg_size;
1847 registers += reg_size;
1848 }
1849 put_packet("OK");
1850 }
1851
1852 static void handle_read_all_regs(GArray *params, void *user_ctx)
1853 {
1854 target_ulong addr, len;
1855
1856 cpu_synchronize_state(gdbserver_state.g_cpu);
1857 g_byte_array_set_size(gdbserver_state.mem_buf, 0);
1858 len = 0;
1859 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs; addr++) {
1860 len += gdb_read_register(gdbserver_state.g_cpu,
1861 gdbserver_state.mem_buf,
1862 addr);
1863 }
1864 g_assert(len == gdbserver_state.mem_buf->len);
1865
1866 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, len);
1867 put_strbuf();
1868 }
1869
1870 static void handle_file_io(GArray *params, void *user_ctx)
1871 {
1872 if (params->len >= 1 && gdbserver_state.current_syscall_cb) {
1873 target_ulong ret, err;
1874
1875 ret = (target_ulong)get_param(params, 0)->val_ull;
1876 if (params->len >= 2) {
1877 err = (target_ulong)get_param(params, 1)->val_ull;
1878 } else {
1879 err = 0;
1880 }
1881 gdbserver_state.current_syscall_cb(gdbserver_state.c_cpu, ret, err);
1882 gdbserver_state.current_syscall_cb = NULL;
1883 }
1884
1885 if (params->len >= 3 && get_param(params, 2)->opcode == (uint8_t)'C') {
1886 put_packet("T02");
1887 return;
1888 }
1889
1890 gdb_continue();
1891 }
1892
1893 static void handle_step(GArray *params, void *user_ctx)
1894 {
1895 if (params->len) {
1896 gdb_set_cpu_pc((target_ulong)get_param(params, 0)->val_ull);
1897 }
1898
1899 cpu_single_step(gdbserver_state.c_cpu, gdbserver_state.sstep_flags);
1900 gdb_continue();
1901 }
1902
1903 static void handle_backward(GArray *params, void *user_ctx)
1904 {
1905 if (!stub_can_reverse()) {
1906 put_packet("E22");
1907 }
1908 if (params->len == 1) {
1909 switch (get_param(params, 0)->opcode) {
1910 case 's':
1911 if (replay_reverse_step()) {
1912 gdb_continue();
1913 } else {
1914 put_packet("E14");
1915 }
1916 return;
1917 case 'c':
1918 if (replay_reverse_continue()) {
1919 gdb_continue();
1920 } else {
1921 put_packet("E14");
1922 }
1923 return;
1924 }
1925 }
1926
1927 /* Default invalid command */
1928 put_packet("");
1929 }
1930
1931 static void handle_v_cont_query(GArray *params, void *user_ctx)
1932 {
1933 put_packet("vCont;c;C;s;S");
1934 }
1935
1936 static void handle_v_cont(GArray *params, void *user_ctx)
1937 {
1938 int res;
1939
1940 if (!params->len) {
1941 return;
1942 }
1943
1944 res = gdb_handle_vcont(get_param(params, 0)->data);
1945 if ((res == -EINVAL) || (res == -ERANGE)) {
1946 put_packet("E22");
1947 } else if (res) {
1948 put_packet("");
1949 }
1950 }
1951
1952 static void handle_v_attach(GArray *params, void *user_ctx)
1953 {
1954 GDBProcess *process;
1955 CPUState *cpu;
1956
1957 g_string_assign(gdbserver_state.str_buf, "E22");
1958 if (!params->len) {
1959 goto cleanup;
1960 }
1961
1962 process = gdb_get_process(get_param(params, 0)->val_ul);
1963 if (!process) {
1964 goto cleanup;
1965 }
1966
1967 cpu = get_first_cpu_in_process(process);
1968 if (!cpu) {
1969 goto cleanup;
1970 }
1971
1972 process->attached = true;
1973 gdbserver_state.g_cpu = cpu;
1974 gdbserver_state.c_cpu = cpu;
1975
1976 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
1977 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
1978 g_string_append_c(gdbserver_state.str_buf, ';');
1979 cleanup:
1980 put_strbuf();
1981 }
1982
1983 static void handle_v_kill(GArray *params, void *user_ctx)
1984 {
1985 /* Kill the target */
1986 put_packet("OK");
1987 error_report("QEMU: Terminated via GDBstub");
1988 gdb_exit(0);
1989 exit(0);
1990 }
1991
1992 static const GdbCmdParseEntry gdb_v_commands_table[] = {
1993 /* Order is important if has same prefix */
1994 {
1995 .handler = handle_v_cont_query,
1996 .cmd = "Cont?",
1997 .cmd_startswith = 1
1998 },
1999 {
2000 .handler = handle_v_cont,
2001 .cmd = "Cont",
2002 .cmd_startswith = 1,
2003 .schema = "s0"
2004 },
2005 {
2006 .handler = handle_v_attach,
2007 .cmd = "Attach;",
2008 .cmd_startswith = 1,
2009 .schema = "l0"
2010 },
2011 {
2012 .handler = handle_v_kill,
2013 .cmd = "Kill;",
2014 .cmd_startswith = 1
2015 },
2016 };
2017
2018 static void handle_v_commands(GArray *params, void *user_ctx)
2019 {
2020 if (!params->len) {
2021 return;
2022 }
2023
2024 if (process_string_cmd(NULL, get_param(params, 0)->data,
2025 gdb_v_commands_table,
2026 ARRAY_SIZE(gdb_v_commands_table))) {
2027 put_packet("");
2028 }
2029 }
2030
2031 static void handle_query_qemu_sstepbits(GArray *params, void *user_ctx)
2032 {
2033 g_string_printf(gdbserver_state.str_buf, "ENABLE=%x", SSTEP_ENABLE);
2034
2035 if (gdbserver_state.supported_sstep_flags & SSTEP_NOIRQ) {
2036 g_string_append_printf(gdbserver_state.str_buf, ",NOIRQ=%x",
2037 SSTEP_NOIRQ);
2038 }
2039
2040 if (gdbserver_state.supported_sstep_flags & SSTEP_NOTIMER) {
2041 g_string_append_printf(gdbserver_state.str_buf, ",NOTIMER=%x",
2042 SSTEP_NOTIMER);
2043 }
2044
2045 put_strbuf();
2046 }
2047
2048 static void handle_set_qemu_sstep(GArray *params, void *user_ctx)
2049 {
2050 int new_sstep_flags;
2051
2052 if (!params->len) {
2053 return;
2054 }
2055
2056 new_sstep_flags = get_param(params, 0)->val_ul;
2057
2058 if (new_sstep_flags & ~gdbserver_state.supported_sstep_flags) {
2059 put_packet("E22");
2060 return;
2061 }
2062
2063 gdbserver_state.sstep_flags = new_sstep_flags;
2064 put_packet("OK");
2065 }
2066
2067 static void handle_query_qemu_sstep(GArray *params, void *user_ctx)
2068 {
2069 g_string_printf(gdbserver_state.str_buf, "0x%x",
2070 gdbserver_state.sstep_flags);
2071 put_strbuf();
2072 }
2073
2074 static void handle_query_curr_tid(GArray *params, void *user_ctx)
2075 {
2076 CPUState *cpu;
2077 GDBProcess *process;
2078
2079 /*
2080 * "Current thread" remains vague in the spec, so always return
2081 * the first thread of the current process (gdb returns the
2082 * first thread).
2083 */
2084 process = gdb_get_cpu_process(gdbserver_state.g_cpu);
2085 cpu = get_first_cpu_in_process(process);
2086 g_string_assign(gdbserver_state.str_buf, "QC");
2087 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
2088 put_strbuf();
2089 }
2090
2091 static void handle_query_threads(GArray *params, void *user_ctx)
2092 {
2093 if (!gdbserver_state.query_cpu) {
2094 put_packet("l");
2095 return;
2096 }
2097
2098 g_string_assign(gdbserver_state.str_buf, "m");
2099 gdb_append_thread_id(gdbserver_state.query_cpu, gdbserver_state.str_buf);
2100 put_strbuf();
2101 gdbserver_state.query_cpu = gdb_next_attached_cpu(gdbserver_state.query_cpu);
2102 }
2103
2104 static void handle_query_first_threads(GArray *params, void *user_ctx)
2105 {
2106 gdbserver_state.query_cpu = gdb_first_attached_cpu();
2107 handle_query_threads(params, user_ctx);
2108 }
2109
2110 static void handle_query_thread_extra(GArray *params, void *user_ctx)
2111 {
2112 g_autoptr(GString) rs = g_string_new(NULL);
2113 CPUState *cpu;
2114
2115 if (!params->len ||
2116 get_param(params, 0)->thread_id.kind == GDB_READ_THREAD_ERR) {
2117 put_packet("E22");
2118 return;
2119 }
2120
2121 cpu = gdb_get_cpu(get_param(params, 0)->thread_id.pid,
2122 get_param(params, 0)->thread_id.tid);
2123 if (!cpu) {
2124 return;
2125 }
2126
2127 cpu_synchronize_state(cpu);
2128
2129 if (gdbserver_state.multiprocess && (gdbserver_state.process_num > 1)) {
2130 /* Print the CPU model and name in multiprocess mode */
2131 ObjectClass *oc = object_get_class(OBJECT(cpu));
2132 const char *cpu_model = object_class_get_name(oc);
2133 const char *cpu_name =
2134 object_get_canonical_path_component(OBJECT(cpu));
2135 g_string_printf(rs, "%s %s [%s]", cpu_model, cpu_name,
2136 cpu->halted ? "halted " : "running");
2137 } else {
2138 g_string_printf(rs, "CPU#%d [%s]", cpu->cpu_index,
2139 cpu->halted ? "halted " : "running");
2140 }
2141 trace_gdbstub_op_extra_info(rs->str);
2142 memtohex(gdbserver_state.str_buf, (uint8_t *)rs->str, rs->len);
2143 put_strbuf();
2144 }
2145
2146 #ifdef CONFIG_USER_ONLY
2147 static void handle_query_offsets(GArray *params, void *user_ctx)
2148 {
2149 TaskState *ts;
2150
2151 ts = gdbserver_state.c_cpu->opaque;
2152 g_string_printf(gdbserver_state.str_buf,
2153 "Text=" TARGET_ABI_FMT_lx
2154 ";Data=" TARGET_ABI_FMT_lx
2155 ";Bss=" TARGET_ABI_FMT_lx,
2156 ts->info->code_offset,
2157 ts->info->data_offset,
2158 ts->info->data_offset);
2159 put_strbuf();
2160 }
2161 #else
2162 static void handle_query_rcmd(GArray *params, void *user_ctx)
2163 {
2164 const guint8 zero = 0;
2165 int len;
2166
2167 if (!params->len) {
2168 put_packet("E22");
2169 return;
2170 }
2171
2172 len = strlen(get_param(params, 0)->data);
2173 if (len % 2) {
2174 put_packet("E01");
2175 return;
2176 }
2177
2178 g_assert(gdbserver_state.mem_buf->len == 0);
2179 len = len / 2;
2180 hextomem(gdbserver_state.mem_buf, get_param(params, 0)->data, len);
2181 g_byte_array_append(gdbserver_state.mem_buf, &zero, 1);
2182 qemu_chr_be_write(gdbserver_state.mon_chr, gdbserver_state.mem_buf->data,
2183 gdbserver_state.mem_buf->len);
2184 put_packet("OK");
2185 }
2186 #endif
2187
2188 static void handle_query_supported(GArray *params, void *user_ctx)
2189 {
2190 CPUClass *cc;
2191
2192 g_string_printf(gdbserver_state.str_buf, "PacketSize=%x", MAX_PACKET_LENGTH);
2193 cc = CPU_GET_CLASS(first_cpu);
2194 if (cc->gdb_core_xml_file) {
2195 g_string_append(gdbserver_state.str_buf, ";qXfer:features:read+");
2196 }
2197
2198 if (stub_can_reverse()) {
2199 g_string_append(gdbserver_state.str_buf,
2200 ";ReverseStep+;ReverseContinue+");
2201 }
2202
2203 #ifdef CONFIG_USER_ONLY
2204 if (gdbserver_state.c_cpu->opaque) {
2205 g_string_append(gdbserver_state.str_buf, ";qXfer:auxv:read+");
2206 }
2207 #endif
2208
2209 if (params->len &&
2210 strstr(get_param(params, 0)->data, "multiprocess+")) {
2211 gdbserver_state.multiprocess = true;
2212 }
2213
2214 g_string_append(gdbserver_state.str_buf, ";vContSupported+;multiprocess+");
2215 put_strbuf();
2216 }
2217
2218 static void handle_query_xfer_features(GArray *params, void *user_ctx)
2219 {
2220 GDBProcess *process;
2221 CPUClass *cc;
2222 unsigned long len, total_len, addr;
2223 const char *xml;
2224 const char *p;
2225
2226 if (params->len < 3) {
2227 put_packet("E22");
2228 return;
2229 }
2230
2231 process = gdb_get_cpu_process(gdbserver_state.g_cpu);
2232 cc = CPU_GET_CLASS(gdbserver_state.g_cpu);
2233 if (!cc->gdb_core_xml_file) {
2234 put_packet("");
2235 return;
2236 }
2237
2238 gdb_has_xml = true;
2239 p = get_param(params, 0)->data;
2240 xml = get_feature_xml(p, &p, process);
2241 if (!xml) {
2242 put_packet("E00");
2243 return;
2244 }
2245
2246 addr = get_param(params, 1)->val_ul;
2247 len = get_param(params, 2)->val_ul;
2248 total_len = strlen(xml);
2249 if (addr > total_len) {
2250 put_packet("E00");
2251 return;
2252 }
2253
2254 if (len > (MAX_PACKET_LENGTH - 5) / 2) {
2255 len = (MAX_PACKET_LENGTH - 5) / 2;
2256 }
2257
2258 if (len < total_len - addr) {
2259 g_string_assign(gdbserver_state.str_buf, "m");
2260 memtox(gdbserver_state.str_buf, xml + addr, len);
2261 } else {
2262 g_string_assign(gdbserver_state.str_buf, "l");
2263 memtox(gdbserver_state.str_buf, xml + addr, total_len - addr);
2264 }
2265
2266 put_packet_binary(gdbserver_state.str_buf->str,
2267 gdbserver_state.str_buf->len, true);
2268 }
2269
2270 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER)
2271 static void handle_query_xfer_auxv(GArray *params, void *user_ctx)
2272 {
2273 TaskState *ts;
2274 unsigned long offset, len, saved_auxv, auxv_len;
2275
2276 if (params->len < 2) {
2277 put_packet("E22");
2278 return;
2279 }
2280
2281 offset = get_param(params, 0)->val_ul;
2282 len = get_param(params, 1)->val_ul;
2283 ts = gdbserver_state.c_cpu->opaque;
2284 saved_auxv = ts->info->saved_auxv;
2285 auxv_len = ts->info->auxv_len;
2286
2287 if (offset >= auxv_len) {
2288 put_packet("E00");
2289 return;
2290 }
2291
2292 if (len > (MAX_PACKET_LENGTH - 5) / 2) {
2293 len = (MAX_PACKET_LENGTH - 5) / 2;
2294 }
2295
2296 if (len < auxv_len - offset) {
2297 g_string_assign(gdbserver_state.str_buf, "m");
2298 } else {
2299 g_string_assign(gdbserver_state.str_buf, "l");
2300 len = auxv_len - offset;
2301 }
2302
2303 g_byte_array_set_size(gdbserver_state.mem_buf, len);
2304 if (target_memory_rw_debug(gdbserver_state.g_cpu, saved_auxv + offset,
2305 gdbserver_state.mem_buf->data, len, false)) {
2306 put_packet("E14");
2307 return;
2308 }
2309
2310 memtox(gdbserver_state.str_buf,
2311 (const char *)gdbserver_state.mem_buf->data, len);
2312 put_packet_binary(gdbserver_state.str_buf->str,
2313 gdbserver_state.str_buf->len, true);
2314 }
2315 #endif
2316
2317 static void handle_query_attached(GArray *params, void *user_ctx)
2318 {
2319 put_packet(GDB_ATTACHED);
2320 }
2321
2322 static void handle_query_qemu_supported(GArray *params, void *user_ctx)
2323 {
2324 g_string_printf(gdbserver_state.str_buf, "sstepbits;sstep");
2325 #ifndef CONFIG_USER_ONLY
2326 g_string_append(gdbserver_state.str_buf, ";PhyMemMode");
2327 #endif
2328 put_strbuf();
2329 }
2330
2331 #ifndef CONFIG_USER_ONLY
2332 static void handle_query_qemu_phy_mem_mode(GArray *params,
2333 void *user_ctx)
2334 {
2335 g_string_printf(gdbserver_state.str_buf, "%d", phy_memory_mode);
2336 put_strbuf();
2337 }
2338
2339 static void handle_set_qemu_phy_mem_mode(GArray *params, void *user_ctx)
2340 {
2341 if (!params->len) {
2342 put_packet("E22");
2343 return;
2344 }
2345
2346 if (!get_param(params, 0)->val_ul) {
2347 phy_memory_mode = 0;
2348 } else {
2349 phy_memory_mode = 1;
2350 }
2351 put_packet("OK");
2352 }
2353 #endif
2354
2355 static const GdbCmdParseEntry gdb_gen_query_set_common_table[] = {
2356 /* Order is important if has same prefix */
2357 {
2358 .handler = handle_query_qemu_sstepbits,
2359 .cmd = "qemu.sstepbits",
2360 },
2361 {
2362 .handler = handle_query_qemu_sstep,
2363 .cmd = "qemu.sstep",
2364 },
2365 {
2366 .handler = handle_set_qemu_sstep,
2367 .cmd = "qemu.sstep=",
2368 .cmd_startswith = 1,
2369 .schema = "l0"
2370 },
2371 };
2372
2373 static const GdbCmdParseEntry gdb_gen_query_table[] = {
2374 {
2375 .handler = handle_query_curr_tid,
2376 .cmd = "C",
2377 },
2378 {
2379 .handler = handle_query_threads,
2380 .cmd = "sThreadInfo",
2381 },
2382 {
2383 .handler = handle_query_first_threads,
2384 .cmd = "fThreadInfo",
2385 },
2386 {
2387 .handler = handle_query_thread_extra,
2388 .cmd = "ThreadExtraInfo,",
2389 .cmd_startswith = 1,
2390 .schema = "t0"
2391 },
2392 #ifdef CONFIG_USER_ONLY
2393 {
2394 .handler = handle_query_offsets,
2395 .cmd = "Offsets",
2396 },
2397 #else
2398 {
2399 .handler = handle_query_rcmd,
2400 .cmd = "Rcmd,",
2401 .cmd_startswith = 1,
2402 .schema = "s0"
2403 },
2404 #endif
2405 {
2406 .handler = handle_query_supported,
2407 .cmd = "Supported:",
2408 .cmd_startswith = 1,
2409 .schema = "s0"
2410 },
2411 {
2412 .handler = handle_query_supported,
2413 .cmd = "Supported",
2414 .schema = "s0"
2415 },
2416 {
2417 .handler = handle_query_xfer_features,
2418 .cmd = "Xfer:features:read:",
2419 .cmd_startswith = 1,
2420 .schema = "s:l,l0"
2421 },
2422 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER)
2423 {
2424 .handler = handle_query_xfer_auxv,
2425 .cmd = "Xfer:auxv:read::",
2426 .cmd_startswith = 1,
2427 .schema = "l,l0"
2428 },
2429 #endif
2430 {
2431 .handler = handle_query_attached,
2432 .cmd = "Attached:",
2433 .cmd_startswith = 1
2434 },
2435 {
2436 .handler = handle_query_attached,
2437 .cmd = "Attached",
2438 },
2439 {
2440 .handler = handle_query_qemu_supported,
2441 .cmd = "qemu.Supported",
2442 },
2443 #ifndef CONFIG_USER_ONLY
2444 {
2445 .handler = handle_query_qemu_phy_mem_mode,
2446 .cmd = "qemu.PhyMemMode",
2447 },
2448 #endif
2449 };
2450
2451 static const GdbCmdParseEntry gdb_gen_set_table[] = {
2452 /* Order is important if has same prefix */
2453 {
2454 .handler = handle_set_qemu_sstep,
2455 .cmd = "qemu.sstep:",
2456 .cmd_startswith = 1,
2457 .schema = "l0"
2458 },
2459 #ifndef CONFIG_USER_ONLY
2460 {
2461 .handler = handle_set_qemu_phy_mem_mode,
2462 .cmd = "qemu.PhyMemMode:",
2463 .cmd_startswith = 1,
2464 .schema = "l0"
2465 },
2466 #endif
2467 };
2468
2469 static void handle_gen_query(GArray *params, void *user_ctx)
2470 {
2471 if (!params->len) {
2472 return;
2473 }
2474
2475 if (!process_string_cmd(NULL, get_param(params, 0)->data,
2476 gdb_gen_query_set_common_table,
2477 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2478 return;
2479 }
2480
2481 if (process_string_cmd(NULL, get_param(params, 0)->data,
2482 gdb_gen_query_table,
2483 ARRAY_SIZE(gdb_gen_query_table))) {
2484 put_packet("");
2485 }
2486 }
2487
2488 static void handle_gen_set(GArray *params, void *user_ctx)
2489 {
2490 if (!params->len) {
2491 return;
2492 }
2493
2494 if (!process_string_cmd(NULL, get_param(params, 0)->data,
2495 gdb_gen_query_set_common_table,
2496 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2497 return;
2498 }
2499
2500 if (process_string_cmd(NULL, get_param(params, 0)->data,
2501 gdb_gen_set_table,
2502 ARRAY_SIZE(gdb_gen_set_table))) {
2503 put_packet("");
2504 }
2505 }
2506
2507 static void handle_target_halt(GArray *params, void *user_ctx)
2508 {
2509 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
2510 gdb_append_thread_id(gdbserver_state.c_cpu, gdbserver_state.str_buf);
2511 g_string_append_c(gdbserver_state.str_buf, ';');
2512 put_strbuf();
2513 /*
2514 * Remove all the breakpoints when this query is issued,
2515 * because gdb is doing an initial connect and the state
2516 * should be cleaned up.
2517 */
2518 gdb_breakpoint_remove_all();
2519 }
2520
2521 static int gdb_handle_packet(const char *line_buf)
2522 {
2523 const GdbCmdParseEntry *cmd_parser = NULL;
2524
2525 trace_gdbstub_io_command(line_buf);
2526
2527 switch (line_buf[0]) {
2528 case '!':
2529 put_packet("OK");
2530 break;
2531 case '?':
2532 {
2533 static const GdbCmdParseEntry target_halted_cmd_desc = {
2534 .handler = handle_target_halt,
2535 .cmd = "?",
2536 .cmd_startswith = 1
2537 };
2538 cmd_parser = &target_halted_cmd_desc;
2539 }
2540 break;
2541 case 'c':
2542 {
2543 static const GdbCmdParseEntry continue_cmd_desc = {
2544 .handler = handle_continue,
2545 .cmd = "c",
2546 .cmd_startswith = 1,
2547 .schema = "L0"
2548 };
2549 cmd_parser = &continue_cmd_desc;
2550 }
2551 break;
2552 case 'C':
2553 {
2554 static const GdbCmdParseEntry cont_with_sig_cmd_desc = {
2555 .handler = handle_cont_with_sig,
2556 .cmd = "C",
2557 .cmd_startswith = 1,
2558 .schema = "l0"
2559 };
2560 cmd_parser = &cont_with_sig_cmd_desc;
2561 }
2562 break;
2563 case 'v':
2564 {
2565 static const GdbCmdParseEntry v_cmd_desc = {
2566 .handler = handle_v_commands,
2567 .cmd = "v",
2568 .cmd_startswith = 1,
2569 .schema = "s0"
2570 };
2571 cmd_parser = &v_cmd_desc;
2572 }
2573 break;
2574 case 'k':
2575 /* Kill the target */
2576 error_report("QEMU: Terminated via GDBstub");
2577 gdb_exit(0);
2578 exit(0);
2579 case 'D':
2580 {
2581 static const GdbCmdParseEntry detach_cmd_desc = {
2582 .handler = handle_detach,
2583 .cmd = "D",
2584 .cmd_startswith = 1,
2585 .schema = "?.l0"
2586 };
2587 cmd_parser = &detach_cmd_desc;
2588 }
2589 break;
2590 case 's':
2591 {
2592 static const GdbCmdParseEntry step_cmd_desc = {
2593 .handler = handle_step,
2594 .cmd = "s",
2595 .cmd_startswith = 1,
2596 .schema = "L0"
2597 };
2598 cmd_parser = &step_cmd_desc;
2599 }
2600 break;
2601 case 'b':
2602 {
2603 static const GdbCmdParseEntry backward_cmd_desc = {
2604 .handler = handle_backward,
2605 .cmd = "b",
2606 .cmd_startswith = 1,
2607 .schema = "o0"
2608 };
2609 cmd_parser = &backward_cmd_desc;
2610 }
2611 break;
2612 case 'F':
2613 {
2614 static const GdbCmdParseEntry file_io_cmd_desc = {
2615 .handler = handle_file_io,
2616 .cmd = "F",
2617 .cmd_startswith = 1,
2618 .schema = "L,L,o0"
2619 };
2620 cmd_parser = &file_io_cmd_desc;
2621 }
2622 break;
2623 case 'g':
2624 {
2625 static const GdbCmdParseEntry read_all_regs_cmd_desc = {
2626 .handler = handle_read_all_regs,
2627 .cmd = "g",
2628 .cmd_startswith = 1
2629 };
2630 cmd_parser = &read_all_regs_cmd_desc;
2631 }
2632 break;
2633 case 'G':
2634 {
2635 static const GdbCmdParseEntry write_all_regs_cmd_desc = {
2636 .handler = handle_write_all_regs,
2637 .cmd = "G",
2638 .cmd_startswith = 1,
2639 .schema = "s0"
2640 };
2641 cmd_parser = &write_all_regs_cmd_desc;
2642 }
2643 break;
2644 case 'm':
2645 {
2646 static const GdbCmdParseEntry read_mem_cmd_desc = {
2647 .handler = handle_read_mem,
2648 .cmd = "m",
2649 .cmd_startswith = 1,
2650 .schema = "L,L0"
2651 };
2652 cmd_parser = &read_mem_cmd_desc;
2653 }
2654 break;
2655 case 'M':
2656 {
2657 static const GdbCmdParseEntry write_mem_cmd_desc = {
2658 .handler = handle_write_mem,
2659 .cmd = "M",
2660 .cmd_startswith = 1,
2661 .schema = "L,L:s0"
2662 };
2663 cmd_parser = &write_mem_cmd_desc;
2664 }
2665 break;
2666 case 'p':
2667 {
2668 static const GdbCmdParseEntry get_reg_cmd_desc = {
2669 .handler = handle_get_reg,
2670 .cmd = "p",
2671 .cmd_startswith = 1,
2672 .schema = "L0"
2673 };
2674 cmd_parser = &get_reg_cmd_desc;
2675 }
2676 break;
2677 case 'P':
2678 {
2679 static const GdbCmdParseEntry set_reg_cmd_desc = {
2680 .handler = handle_set_reg,
2681 .cmd = "P",
2682 .cmd_startswith = 1,
2683 .schema = "L?s0"
2684 };
2685 cmd_parser = &set_reg_cmd_desc;
2686 }
2687 break;
2688 case 'Z':
2689 {
2690 static const GdbCmdParseEntry insert_bp_cmd_desc = {
2691 .handler = handle_insert_bp,
2692 .cmd = "Z",
2693 .cmd_startswith = 1,
2694 .schema = "l?L?L0"
2695 };
2696 cmd_parser = &insert_bp_cmd_desc;
2697 }
2698 break;
2699 case 'z':
2700 {
2701 static const GdbCmdParseEntry remove_bp_cmd_desc = {
2702 .handler = handle_remove_bp,
2703 .cmd = "z",
2704 .cmd_startswith = 1,
2705 .schema = "l?L?L0"
2706 };
2707 cmd_parser = &remove_bp_cmd_desc;
2708 }
2709 break;
2710 case 'H':
2711 {
2712 static const GdbCmdParseEntry set_thread_cmd_desc = {
2713 .handler = handle_set_thread,
2714 .cmd = "H",
2715 .cmd_startswith = 1,
2716 .schema = "o.t0"
2717 };
2718 cmd_parser = &set_thread_cmd_desc;
2719 }
2720 break;
2721 case 'T':
2722 {
2723 static const GdbCmdParseEntry thread_alive_cmd_desc = {
2724 .handler = handle_thread_alive,
2725 .cmd = "T",
2726 .cmd_startswith = 1,
2727 .schema = "t0"
2728 };
2729 cmd_parser = &thread_alive_cmd_desc;
2730 }
2731 break;
2732 case 'q':
2733 {
2734 static const GdbCmdParseEntry gen_query_cmd_desc = {
2735 .handler = handle_gen_query,
2736 .cmd = "q",
2737 .cmd_startswith = 1,
2738 .schema = "s0"
2739 };
2740 cmd_parser = &gen_query_cmd_desc;
2741 }
2742 break;
2743 case 'Q':
2744 {
2745 static const GdbCmdParseEntry gen_set_cmd_desc = {
2746 .handler = handle_gen_set,
2747 .cmd = "Q",
2748 .cmd_startswith = 1,
2749 .schema = "s0"
2750 };
2751 cmd_parser = &gen_set_cmd_desc;
2752 }
2753 break;
2754 default:
2755 /* put empty packet */
2756 put_packet("");
2757 break;
2758 }
2759
2760 if (cmd_parser) {
2761 run_cmd_parser(line_buf, cmd_parser);
2762 }
2763
2764 return RS_IDLE;
2765 }
2766
2767 void gdb_set_stop_cpu(CPUState *cpu)
2768 {
2769 GDBProcess *p = gdb_get_cpu_process(cpu);
2770
2771 if (!p->attached) {
2772 /*
2773 * Having a stop CPU corresponding to a process that is not attached
2774 * confuses GDB. So we ignore the request.
2775 */
2776 return;
2777 }
2778
2779 gdbserver_state.c_cpu = cpu;
2780 gdbserver_state.g_cpu = cpu;
2781 }
2782
2783 #ifndef CONFIG_USER_ONLY
2784 static void gdb_vm_state_change(void *opaque, bool running, RunState state)
2785 {
2786 CPUState *cpu = gdbserver_state.c_cpu;
2787 g_autoptr(GString) buf = g_string_new(NULL);
2788 g_autoptr(GString) tid = g_string_new(NULL);
2789 const char *type;
2790 int ret;
2791
2792 if (running || gdbserver_state.state == RS_INACTIVE) {
2793 return;
2794 }
2795 /* Is there a GDB syscall waiting to be sent? */
2796 if (gdbserver_state.current_syscall_cb) {
2797 put_packet(gdbserver_state.syscall_buf);
2798 return;
2799 }
2800
2801 if (cpu == NULL) {
2802 /* No process attached */
2803 return;
2804 }
2805
2806 gdb_append_thread_id(cpu, tid);
2807
2808 switch (state) {
2809 case RUN_STATE_DEBUG:
2810 if (cpu->watchpoint_hit) {
2811 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
2812 case BP_MEM_READ:
2813 type = "r";
2814 break;
2815 case BP_MEM_ACCESS:
2816 type = "a";
2817 break;
2818 default:
2819 type = "";
2820 break;
2821 }
2822 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu),
2823 (target_ulong)cpu->watchpoint_hit->vaddr);
2824 g_string_printf(buf, "T%02xthread:%s;%swatch:" TARGET_FMT_lx ";",
2825 GDB_SIGNAL_TRAP, tid->str, type,
2826 (target_ulong)cpu->watchpoint_hit->vaddr);
2827 cpu->watchpoint_hit = NULL;
2828 goto send_packet;
2829 } else {
2830 trace_gdbstub_hit_break();
2831 }
2832 tb_flush(cpu);
2833 ret = GDB_SIGNAL_TRAP;
2834 break;
2835 case RUN_STATE_PAUSED:
2836 trace_gdbstub_hit_paused();
2837 ret = GDB_SIGNAL_INT;
2838 break;
2839 case RUN_STATE_SHUTDOWN:
2840 trace_gdbstub_hit_shutdown();
2841 ret = GDB_SIGNAL_QUIT;
2842 break;
2843 case RUN_STATE_IO_ERROR:
2844 trace_gdbstub_hit_io_error();
2845 ret = GDB_SIGNAL_IO;
2846 break;
2847 case RUN_STATE_WATCHDOG:
2848 trace_gdbstub_hit_watchdog();
2849 ret = GDB_SIGNAL_ALRM;
2850 break;
2851 case RUN_STATE_INTERNAL_ERROR:
2852 trace_gdbstub_hit_internal_error();
2853 ret = GDB_SIGNAL_ABRT;
2854 break;
2855 case RUN_STATE_SAVE_VM:
2856 case RUN_STATE_RESTORE_VM:
2857 return;
2858 case RUN_STATE_FINISH_MIGRATE:
2859 ret = GDB_SIGNAL_XCPU;
2860 break;
2861 default:
2862 trace_gdbstub_hit_unknown(state);
2863 ret = GDB_SIGNAL_UNKNOWN;
2864 break;
2865 }
2866 gdb_set_stop_cpu(cpu);
2867 g_string_printf(buf, "T%02xthread:%s;", ret, tid->str);
2868
2869 send_packet:
2870 put_packet(buf->str);
2871
2872 /* disable single step if it was enabled */
2873 cpu_single_step(cpu, 0);
2874 }
2875 #endif
2876
2877 /* Send a gdb syscall request.
2878 This accepts limited printf-style format specifiers, specifically:
2879 %x - target_ulong argument printed in hex.
2880 %lx - 64-bit argument printed in hex.
2881 %s - string pointer (target_ulong) and length (int) pair. */
2882 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
2883 {
2884 char *p;
2885 char *p_end;
2886 target_ulong addr;
2887 uint64_t i64;
2888
2889 if (!gdbserver_state.init) {
2890 return;
2891 }
2892
2893 gdbserver_state.current_syscall_cb = cb;
2894 #ifndef CONFIG_USER_ONLY
2895 vm_stop(RUN_STATE_DEBUG);
2896 #endif
2897 p = &gdbserver_state.syscall_buf[0];
2898 p_end = &gdbserver_state.syscall_buf[sizeof(gdbserver_state.syscall_buf)];
2899 *(p++) = 'F';
2900 while (*fmt) {
2901 if (*fmt == '%') {
2902 fmt++;
2903 switch (*fmt++) {
2904 case 'x':
2905 addr = va_arg(va, target_ulong);
2906 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
2907 break;
2908 case 'l':
2909 if (*(fmt++) != 'x')
2910 goto bad_format;
2911 i64 = va_arg(va, uint64_t);
2912 p += snprintf(p, p_end - p, "%" PRIx64, i64);
2913 break;
2914 case 's':
2915 addr = va_arg(va, target_ulong);
2916 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
2917 addr, va_arg(va, int));
2918 break;
2919 default:
2920 bad_format:
2921 error_report("gdbstub: Bad syscall format string '%s'",
2922 fmt - 1);
2923 break;
2924 }
2925 } else {
2926 *(p++) = *(fmt++);
2927 }
2928 }
2929 *p = 0;
2930 #ifdef CONFIG_USER_ONLY
2931 put_packet(gdbserver_state.syscall_buf);
2932 /* Return control to gdb for it to process the syscall request.
2933 * Since the protocol requires that gdb hands control back to us
2934 * using a "here are the results" F packet, we don't need to check
2935 * gdb_handlesig's return value (which is the signal to deliver if
2936 * execution was resumed via a continue packet).
2937 */
2938 gdb_handlesig(gdbserver_state.c_cpu, 0);
2939 #else
2940 /* In this case wait to send the syscall packet until notification that
2941 the CPU has stopped. This must be done because if the packet is sent
2942 now the reply from the syscall request could be received while the CPU
2943 is still in the running state, which can cause packets to be dropped
2944 and state transition 'T' packets to be sent while the syscall is still
2945 being processed. */
2946 qemu_cpu_kick(gdbserver_state.c_cpu);
2947 #endif
2948 }
2949
2950 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
2951 {
2952 va_list va;
2953
2954 va_start(va, fmt);
2955 gdb_do_syscallv(cb, fmt, va);
2956 va_end(va);
2957 }
2958
2959 static void gdb_read_byte(uint8_t ch)
2960 {
2961 uint8_t reply;
2962
2963 #ifndef CONFIG_USER_ONLY
2964 if (gdbserver_state.last_packet->len) {
2965 /* Waiting for a response to the last packet. If we see the start
2966 of a new command then abandon the previous response. */
2967 if (ch == '-') {
2968 trace_gdbstub_err_got_nack();
2969 put_buffer(gdbserver_state.last_packet->data,
2970 gdbserver_state.last_packet->len);
2971 } else if (ch == '+') {
2972 trace_gdbstub_io_got_ack();
2973 } else {
2974 trace_gdbstub_io_got_unexpected(ch);
2975 }
2976
2977 if (ch == '+' || ch == '$') {
2978 g_byte_array_set_size(gdbserver_state.last_packet, 0);
2979 }
2980 if (ch != '$')
2981 return;
2982 }
2983 if (runstate_is_running()) {
2984 /* when the CPU is running, we cannot do anything except stop
2985 it when receiving a char */
2986 vm_stop(RUN_STATE_PAUSED);
2987 } else
2988 #endif
2989 {
2990 switch(gdbserver_state.state) {
2991 case RS_IDLE:
2992 if (ch == '$') {
2993 /* start of command packet */
2994 gdbserver_state.line_buf_index = 0;
2995 gdbserver_state.line_sum = 0;
2996 gdbserver_state.state = RS_GETLINE;
2997 } else {
2998 trace_gdbstub_err_garbage(ch);
2999 }
3000 break;
3001 case RS_GETLINE:
3002 if (ch == '}') {
3003 /* start escape sequence */
3004 gdbserver_state.state = RS_GETLINE_ESC;
3005 gdbserver_state.line_sum += ch;
3006 } else if (ch == '*') {
3007 /* start run length encoding sequence */
3008 gdbserver_state.state = RS_GETLINE_RLE;
3009 gdbserver_state.line_sum += ch;
3010 } else if (ch == '#') {
3011 /* end of command, start of checksum*/
3012 gdbserver_state.state = RS_CHKSUM1;
3013 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
3014 trace_gdbstub_err_overrun();
3015 gdbserver_state.state = RS_IDLE;
3016 } else {
3017 /* unescaped command character */
3018 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch;
3019 gdbserver_state.line_sum += ch;
3020 }
3021 break;
3022 case RS_GETLINE_ESC:
3023 if (ch == '#') {
3024 /* unexpected end of command in escape sequence */
3025 gdbserver_state.state = RS_CHKSUM1;
3026 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
3027 /* command buffer overrun */
3028 trace_gdbstub_err_overrun();
3029 gdbserver_state.state = RS_IDLE;
3030 } else {
3031 /* parse escaped character and leave escape state */
3032 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch ^ 0x20;
3033 gdbserver_state.line_sum += ch;
3034 gdbserver_state.state = RS_GETLINE;
3035 }
3036 break;
3037 case RS_GETLINE_RLE:
3038 /*
3039 * Run-length encoding is explained in "Debugging with GDB /
3040 * Appendix E GDB Remote Serial Protocol / Overview".
3041 */
3042 if (ch < ' ' || ch == '#' || ch == '$' || ch > 126) {
3043 /* invalid RLE count encoding */
3044 trace_gdbstub_err_invalid_repeat(ch);
3045 gdbserver_state.state = RS_GETLINE;
3046 } else {
3047 /* decode repeat length */
3048 int repeat = ch - ' ' + 3;
3049 if (gdbserver_state.line_buf_index + repeat >= sizeof(gdbserver_state.line_buf) - 1) {
3050 /* that many repeats would overrun the command buffer */
3051 trace_gdbstub_err_overrun();
3052 gdbserver_state.state = RS_IDLE;
3053 } else if (gdbserver_state.line_buf_index < 1) {
3054 /* got a repeat but we have nothing to repeat */
3055 trace_gdbstub_err_invalid_rle();
3056 gdbserver_state.state = RS_GETLINE;
3057 } else {
3058 /* repeat the last character */
3059 memset(gdbserver_state.line_buf + gdbserver_state.line_buf_index,
3060 gdbserver_state.line_buf[gdbserver_state.line_buf_index - 1], repeat);
3061 gdbserver_state.line_buf_index += repeat;
3062 gdbserver_state.line_sum += ch;
3063 gdbserver_state.state = RS_GETLINE;
3064 }
3065 }
3066 break;
3067 case RS_CHKSUM1:
3068 /* get high hex digit of checksum */
3069 if (!isxdigit(ch)) {
3070 trace_gdbstub_err_checksum_invalid(ch);
3071 gdbserver_state.state = RS_GETLINE;
3072 break;
3073 }
3074 gdbserver_state.line_buf[gdbserver_state.line_buf_index] = '\0';
3075 gdbserver_state.line_csum = fromhex(ch) << 4;
3076 gdbserver_state.state = RS_CHKSUM2;
3077 break;
3078 case RS_CHKSUM2:
3079 /* get low hex digit of checksum */
3080 if (!isxdigit(ch)) {
3081 trace_gdbstub_err_checksum_invalid(ch);
3082 gdbserver_state.state = RS_GETLINE;
3083 break;
3084 }
3085 gdbserver_state.line_csum |= fromhex(ch);
3086
3087 if (gdbserver_state.line_csum != (gdbserver_state.line_sum & 0xff)) {
3088 trace_gdbstub_err_checksum_incorrect(gdbserver_state.line_sum, gdbserver_state.line_csum);
3089 /* send NAK reply */
3090 reply = '-';
3091 put_buffer(&reply, 1);
3092 gdbserver_state.state = RS_IDLE;
3093 } else {
3094 /* send ACK reply */
3095 reply = '+';
3096 put_buffer(&reply, 1);
3097 gdbserver_state.state = gdb_handle_packet(gdbserver_state.line_buf);
3098 }
3099 break;
3100 default:
3101 abort();
3102 }
3103 }
3104 }
3105
3106 /* Tell the remote gdb that the process has exited. */
3107 void gdb_exit(int code)
3108 {
3109 char buf[4];
3110
3111 if (!gdbserver_state.init) {
3112 return;
3113 }
3114 #ifdef CONFIG_USER_ONLY
3115 if (gdbserver_state.socket_path) {
3116 unlink(gdbserver_state.socket_path);
3117 }
3118 if (gdbserver_state.fd < 0) {
3119 return;
3120 }
3121 #endif
3122
3123 trace_gdbstub_op_exiting((uint8_t)code);
3124
3125 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
3126 put_packet(buf);
3127
3128 #ifndef CONFIG_USER_ONLY
3129 qemu_chr_fe_deinit(&gdbserver_state.chr, true);
3130 #endif
3131 }
3132
3133 /*
3134 * Create the process that will contain all the "orphan" CPUs (that are not
3135 * part of a CPU cluster). Note that if this process contains no CPUs, it won't
3136 * be attachable and thus will be invisible to the user.
3137 */
3138 static void create_default_process(GDBState *s)
3139 {
3140 GDBProcess *process;
3141 int max_pid = 0;
3142
3143 if (gdbserver_state.process_num) {
3144 max_pid = s->processes[s->process_num - 1].pid;
3145 }
3146
3147 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
3148 process = &s->processes[s->process_num - 1];
3149
3150 /* We need an available PID slot for this process */
3151 assert(max_pid < UINT32_MAX);
3152
3153 process->pid = max_pid + 1;
3154 process->attached = false;
3155 process->target_xml[0] = '\0';
3156 }
3157
3158 #ifdef CONFIG_USER_ONLY
3159 int
3160 gdb_handlesig(CPUState *cpu, int sig)
3161 {
3162 char buf[256];
3163 int n;
3164
3165 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3166 return sig;
3167 }
3168
3169 /* disable single step if it was enabled */
3170 cpu_single_step(cpu, 0);
3171 tb_flush(cpu);
3172
3173 if (sig != 0) {
3174 gdb_set_stop_cpu(cpu);
3175 g_string_printf(gdbserver_state.str_buf,
3176 "T%02xthread:", target_signal_to_gdb(sig));
3177 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
3178 g_string_append_c(gdbserver_state.str_buf, ';');
3179 put_strbuf();
3180 }
3181 /* put_packet() might have detected that the peer terminated the
3182 connection. */
3183 if (gdbserver_state.fd < 0) {
3184 return sig;
3185 }
3186
3187 sig = 0;
3188 gdbserver_state.state = RS_IDLE;
3189 gdbserver_state.running_state = 0;
3190 while (gdbserver_state.running_state == 0) {
3191 n = read(gdbserver_state.fd, buf, 256);
3192 if (n > 0) {
3193 int i;
3194
3195 for (i = 0; i < n; i++) {
3196 gdb_read_byte(buf[i]);
3197 }
3198 } else {
3199 /* XXX: Connection closed. Should probably wait for another
3200 connection before continuing. */
3201 if (n == 0) {
3202 close(gdbserver_state.fd);
3203 }
3204 gdbserver_state.fd = -1;
3205 return sig;
3206 }
3207 }
3208 sig = gdbserver_state.signal;
3209 gdbserver_state.signal = 0;
3210 return sig;
3211 }
3212
3213 /* Tell the remote gdb that the process has exited due to SIG. */
3214 void gdb_signalled(CPUArchState *env, int sig)
3215 {
3216 char buf[4];
3217
3218 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3219 return;
3220 }
3221
3222 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
3223 put_packet(buf);
3224 }
3225
3226 static void gdb_accept_init(int fd)
3227 {
3228 init_gdbserver_state();
3229 create_default_process(&gdbserver_state);
3230 gdbserver_state.processes[0].attached = true;
3231 gdbserver_state.c_cpu = gdb_first_attached_cpu();
3232 gdbserver_state.g_cpu = gdbserver_state.c_cpu;
3233 gdbserver_state.fd = fd;
3234 gdb_has_xml = false;
3235 }
3236
3237 static bool gdb_accept_socket(int gdb_fd)
3238 {
3239 int fd;
3240
3241 for(;;) {
3242 fd = accept(gdb_fd, NULL, NULL);
3243 if (fd < 0 && errno != EINTR) {
3244 perror("accept socket");
3245 return false;
3246 } else if (fd >= 0) {
3247 qemu_set_cloexec(fd);
3248 break;
3249 }
3250 }
3251
3252 gdb_accept_init(fd);
3253 return true;
3254 }
3255
3256 static int gdbserver_open_socket(const char *path)
3257 {
3258 struct sockaddr_un sockaddr = {};
3259 int fd, ret;
3260
3261 fd = socket(AF_UNIX, SOCK_STREAM, 0);
3262 if (fd < 0) {
3263 perror("create socket");
3264 return -1;
3265 }
3266
3267 sockaddr.sun_family = AF_UNIX;
3268 pstrcpy(sockaddr.sun_path, sizeof(sockaddr.sun_path) - 1, path);
3269 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
3270 if (ret < 0) {
3271 perror("bind socket");
3272 close(fd);
3273 return -1;
3274 }
3275 ret = listen(fd, 1);
3276 if (ret < 0) {
3277 perror("listen socket");
3278 close(fd);
3279 return -1;
3280 }
3281
3282 return fd;
3283 }
3284
3285 static bool gdb_accept_tcp(int gdb_fd)
3286 {
3287 struct sockaddr_in sockaddr = {};
3288 socklen_t len;
3289 int fd;
3290
3291 for(;;) {
3292 len = sizeof(sockaddr);
3293 fd = accept(gdb_fd, (struct sockaddr *)&sockaddr, &len);
3294 if (fd < 0 && errno != EINTR) {
3295 perror("accept");
3296 return false;
3297 } else if (fd >= 0) {
3298 qemu_set_cloexec(fd);
3299 break;
3300 }
3301 }
3302
3303 /* set short latency */
3304 if (socket_set_nodelay(fd)) {
3305 perror("setsockopt");
3306 close(fd);
3307 return false;
3308 }
3309
3310 gdb_accept_init(fd);
3311 return true;
3312 }
3313
3314 static int gdbserver_open_port(int port)
3315 {
3316 struct sockaddr_in sockaddr;
3317 int fd, ret;
3318
3319 fd = socket(PF_INET, SOCK_STREAM, 0);
3320 if (fd < 0) {
3321 perror("socket");
3322 return -1;
3323 }
3324 qemu_set_cloexec(fd);
3325
3326 socket_set_fast_reuse(fd);
3327
3328 sockaddr.sin_family = AF_INET;
3329 sockaddr.sin_port = htons(port);
3330 sockaddr.sin_addr.s_addr = 0;
3331 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
3332 if (ret < 0) {
3333 perror("bind");
3334 close(fd);
3335 return -1;
3336 }
3337 ret = listen(fd, 1);
3338 if (ret < 0) {
3339 perror("listen");
3340 close(fd);
3341 return -1;
3342 }
3343
3344 return fd;
3345 }
3346
3347 int gdbserver_start(const char *port_or_path)
3348 {
3349 int port = g_ascii_strtoull(port_or_path, NULL, 10);
3350 int gdb_fd;
3351
3352 if (port > 0) {
3353 gdb_fd = gdbserver_open_port(port);
3354 } else {
3355 gdb_fd = gdbserver_open_socket(port_or_path);
3356 }
3357
3358 if (gdb_fd < 0) {
3359 return -1;
3360 }
3361
3362 if (port > 0 && gdb_accept_tcp(gdb_fd)) {
3363 return 0;
3364 } else if (gdb_accept_socket(gdb_fd)) {
3365 gdbserver_state.socket_path = g_strdup(port_or_path);
3366 return 0;
3367 }
3368
3369 /* gone wrong */
3370 close(gdb_fd);
3371 return -1;
3372 }
3373
3374 /* Disable gdb stub for child processes. */
3375 void gdbserver_fork(CPUState *cpu)
3376 {
3377 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3378 return;
3379 }
3380 close(gdbserver_state.fd);
3381 gdbserver_state.fd = -1;
3382 cpu_breakpoint_remove_all(cpu, BP_GDB);
3383 cpu_watchpoint_remove_all(cpu, BP_GDB);
3384 }
3385 #else
3386 static int gdb_chr_can_receive(void *opaque)
3387 {
3388 /* We can handle an arbitrarily large amount of data.
3389 Pick the maximum packet size, which is as good as anything. */
3390 return MAX_PACKET_LENGTH;
3391 }
3392
3393 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
3394 {
3395 int i;
3396
3397 for (i = 0; i < size; i++) {
3398 gdb_read_byte(buf[i]);
3399 }
3400 }
3401
3402 static void gdb_chr_event(void *opaque, QEMUChrEvent event)
3403 {
3404 int i;
3405 GDBState *s = (GDBState *) opaque;
3406
3407 switch (event) {
3408 case CHR_EVENT_OPENED:
3409 /* Start with first process attached, others detached */
3410 for (i = 0; i < s->process_num; i++) {
3411 s->processes[i].attached = !i;
3412 }
3413
3414 s->c_cpu = gdb_first_attached_cpu();
3415 s->g_cpu = s->c_cpu;
3416
3417 vm_stop(RUN_STATE_PAUSED);
3418 replay_gdb_attached();
3419 gdb_has_xml = false;
3420 break;
3421 default:
3422 break;
3423 }
3424 }
3425
3426 static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len)
3427 {
3428 g_autoptr(GString) hex_buf = g_string_new("O");
3429 memtohex(hex_buf, buf, len);
3430 put_packet(hex_buf->str);
3431 return len;
3432 }
3433
3434 #ifndef _WIN32
3435 static void gdb_sigterm_handler(int signal)
3436 {
3437 if (runstate_is_running()) {
3438 vm_stop(RUN_STATE_PAUSED);
3439 }
3440 }
3441 #endif
3442
3443 static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend,
3444 bool *be_opened, Error **errp)
3445 {
3446 *be_opened = false;
3447 }
3448
3449 static void char_gdb_class_init(ObjectClass *oc, void *data)
3450 {
3451 ChardevClass *cc = CHARDEV_CLASS(oc);
3452
3453 cc->internal = true;
3454 cc->open = gdb_monitor_open;
3455 cc->chr_write = gdb_monitor_write;
3456 }
3457
3458 #define TYPE_CHARDEV_GDB "chardev-gdb"
3459
3460 static const TypeInfo char_gdb_type_info = {
3461 .name = TYPE_CHARDEV_GDB,
3462 .parent = TYPE_CHARDEV,
3463 .class_init = char_gdb_class_init,
3464 };
3465
3466 static int find_cpu_clusters(Object *child, void *opaque)
3467 {
3468 if (object_dynamic_cast(child, TYPE_CPU_CLUSTER)) {
3469 GDBState *s = (GDBState *) opaque;
3470 CPUClusterState *cluster = CPU_CLUSTER(child);
3471 GDBProcess *process;
3472
3473 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
3474
3475 process = &s->processes[s->process_num - 1];
3476
3477 /*
3478 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at
3479 * runtime, we enforce here that the machine does not use a cluster ID
3480 * that would lead to PID 0.
3481 */
3482 assert(cluster->cluster_id != UINT32_MAX);
3483 process->pid = cluster->cluster_id + 1;
3484 process->attached = false;
3485 process->target_xml[0] = '\0';
3486
3487 return 0;
3488 }
3489
3490 return object_child_foreach(child, find_cpu_clusters, opaque);
3491 }
3492
3493 static int pid_order(const void *a, const void *b)
3494 {
3495 GDBProcess *pa = (GDBProcess *) a;
3496 GDBProcess *pb = (GDBProcess *) b;
3497
3498 if (pa->pid < pb->pid) {
3499 return -1;
3500 } else if (pa->pid > pb->pid) {
3501 return 1;
3502 } else {
3503 return 0;
3504 }
3505 }
3506
3507 static void create_processes(GDBState *s)
3508 {
3509 object_child_foreach(object_get_root(), find_cpu_clusters, s);
3510
3511 if (gdbserver_state.processes) {
3512 /* Sort by PID */
3513 qsort(gdbserver_state.processes, gdbserver_state.process_num, sizeof(gdbserver_state.processes[0]), pid_order);
3514 }
3515
3516 create_default_process(s);
3517 }
3518
3519 int gdbserver_start(const char *device)
3520 {
3521 trace_gdbstub_op_start(device);
3522
3523 char gdbstub_device_name[128];
3524 Chardev *chr = NULL;
3525 Chardev *mon_chr;
3526
3527 if (!first_cpu) {
3528 error_report("gdbstub: meaningless to attach gdb to a "
3529 "machine without any CPU.");
3530 return -1;
3531 }
3532
3533 if (kvm_enabled() && !kvm_supports_guest_debug()) {
3534 error_report("gdbstub: KVM doesn't support guest debugging");
3535 return -1;
3536 }
3537
3538 if (!device)
3539 return -1;
3540 if (strcmp(device, "none") != 0) {
3541 if (strstart(device, "tcp:", NULL)) {
3542 /* enforce required TCP attributes */
3543 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
3544 "%s,wait=off,nodelay=on,server=on", device);
3545 device = gdbstub_device_name;
3546 }
3547 #ifndef _WIN32
3548 else if (strcmp(device, "stdio") == 0) {
3549 struct sigaction act;
3550
3551 memset(&act, 0, sizeof(act));
3552 act.sa_handler = gdb_sigterm_handler;
3553 sigaction(SIGINT, &act, NULL);
3554 }
3555 #endif
3556 /*
3557 * FIXME: it's a bit weird to allow using a mux chardev here
3558 * and implicitly setup a monitor. We may want to break this.
3559 */
3560 chr = qemu_chr_new_noreplay("gdb", device, true, NULL);
3561 if (!chr)
3562 return -1;
3563 }
3564
3565 if (!gdbserver_state.init) {
3566 init_gdbserver_state();
3567
3568 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
3569
3570 /* Initialize a monitor terminal for gdb */
3571 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB,
3572 NULL, NULL, &error_abort);
3573 monitor_init_hmp(mon_chr, false, &error_abort);
3574 } else {
3575 qemu_chr_fe_deinit(&gdbserver_state.chr, true);
3576 mon_chr = gdbserver_state.mon_chr;
3577 reset_gdbserver_state();
3578 }
3579
3580 create_processes(&gdbserver_state);
3581
3582 if (chr) {
3583 qemu_chr_fe_init(&gdbserver_state.chr, chr, &error_abort);
3584 qemu_chr_fe_set_handlers(&gdbserver_state.chr, gdb_chr_can_receive,
3585 gdb_chr_receive, gdb_chr_event,
3586 NULL, &gdbserver_state, NULL, true);
3587 }
3588 gdbserver_state.state = chr ? RS_IDLE : RS_INACTIVE;
3589 gdbserver_state.mon_chr = mon_chr;
3590 gdbserver_state.current_syscall_cb = NULL;
3591
3592 return 0;
3593 }
3594
3595 static void register_types(void)
3596 {
3597 type_register_static(&char_gdb_type_info);
3598 }
3599
3600 type_init(register_types);
3601 #endif
QEMU mirror