]> git.proxmox.com Git - mirror_qemu.git/blob - gdbstub.c
projects / mirror_qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge tag 'for_upstream' of git://git.kernel.org/pub/scm/virt/kvm/mst/qemu into staging
[mirror_qemu.git] / gdbstub.c
1 /*
2 * gdb server stub
3 *
4 * This implements a subset of the remote protocol as described in:
5 *
6 * https://sourceware.org/gdb/onlinedocs/gdb/Remote-Protocol.html
7 *
8 * Copyright (c) 2003-2005 Fabrice Bellard
9 *
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
14 *
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
19 *
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
22 *
23 * SPDX-License-Identifier: LGPL-2.0+
24 */
25
26 #include "qemu/osdep.h"
27 #include "qapi/error.h"
28 #include "qemu/error-report.h"
29 #include "qemu/ctype.h"
30 #include "qemu/cutils.h"
31 #include "qemu/module.h"
32 #include "trace/trace-root.h"
33 #include "exec/gdbstub.h"
34 #ifdef CONFIG_USER_ONLY
35 #include "qemu.h"
36 #else
37 #include "monitor/monitor.h"
38 #include "chardev/char.h"
39 #include "chardev/char-fe.h"
40 #include "hw/cpu/cluster.h"
41 #include "hw/boards.h"
42 #endif
43
44 #define MAX_PACKET_LENGTH 4096
45
46 #include "qemu/sockets.h"
47 #include "sysemu/hw_accel.h"
48 #include "sysemu/kvm.h"
49 #include "sysemu/runstate.h"
50 #include "semihosting/semihost.h"
51 #include "exec/exec-all.h"
52 #include "sysemu/replay.h"
53
54 #ifdef CONFIG_USER_ONLY
55 #define GDB_ATTACHED "0"
56 #else
57 #define GDB_ATTACHED "1"
58 #endif
59
60 #ifndef CONFIG_USER_ONLY
61 static int phy_memory_mode;
62 #endif
63
64 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
65 uint8_t *buf, int len, bool is_write)
66 {
67 CPUClass *cc;
68
69 #ifndef CONFIG_USER_ONLY
70 if (phy_memory_mode) {
71 if (is_write) {
72 cpu_physical_memory_write(addr, buf, len);
73 } else {
74 cpu_physical_memory_read(addr, buf, len);
75 }
76 return 0;
77 }
78 #endif
79
80 cc = CPU_GET_CLASS(cpu);
81 if (cc->memory_rw_debug) {
82 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
83 }
84 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
85 }
86
87 /* Return the GDB index for a given vCPU state.
88 *
89 * For user mode this is simply the thread id. In system mode GDB
90 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
91 */
92 static inline int cpu_gdb_index(CPUState *cpu)
93 {
94 #if defined(CONFIG_USER_ONLY)
95 TaskState *ts = (TaskState *) cpu->opaque;
96 return ts ? ts->ts_tid : -1;
97 #else
98 return cpu->cpu_index + 1;
99 #endif
100 }
101
102 enum {
103 GDB_SIGNAL_0 = 0,
104 GDB_SIGNAL_INT = 2,
105 GDB_SIGNAL_QUIT = 3,
106 GDB_SIGNAL_TRAP = 5,
107 GDB_SIGNAL_ABRT = 6,
108 GDB_SIGNAL_ALRM = 14,
109 GDB_SIGNAL_IO = 23,
110 GDB_SIGNAL_XCPU = 24,
111 GDB_SIGNAL_UNKNOWN = 143
112 };
113
114 #ifdef CONFIG_USER_ONLY
115
116 /* Map target signal numbers to GDB protocol signal numbers and vice
117 * versa. For user emulation's currently supported systems, we can
118 * assume most signals are defined.
119 */
120
121 static int gdb_signal_table[] = {
122 0,
123 TARGET_SIGHUP,
124 TARGET_SIGINT,
125 TARGET_SIGQUIT,
126 TARGET_SIGILL,
127 TARGET_SIGTRAP,
128 TARGET_SIGABRT,
129 -1, /* SIGEMT */
130 TARGET_SIGFPE,
131 TARGET_SIGKILL,
132 TARGET_SIGBUS,
133 TARGET_SIGSEGV,
134 TARGET_SIGSYS,
135 TARGET_SIGPIPE,
136 TARGET_SIGALRM,
137 TARGET_SIGTERM,
138 TARGET_SIGURG,
139 TARGET_SIGSTOP,
140 TARGET_SIGTSTP,
141 TARGET_SIGCONT,
142 TARGET_SIGCHLD,
143 TARGET_SIGTTIN,
144 TARGET_SIGTTOU,
145 TARGET_SIGIO,
146 TARGET_SIGXCPU,
147 TARGET_SIGXFSZ,
148 TARGET_SIGVTALRM,
149 TARGET_SIGPROF,
150 TARGET_SIGWINCH,
151 -1, /* SIGLOST */
152 TARGET_SIGUSR1,
153 TARGET_SIGUSR2,
154 #ifdef TARGET_SIGPWR
155 TARGET_SIGPWR,
156 #else
157 -1,
158 #endif
159 -1, /* SIGPOLL */
160 -1,
161 -1,
162 -1,
163 -1,
164 -1,
165 -1,
166 -1,
167 -1,
168 -1,
169 -1,
170 -1,
171 #ifdef __SIGRTMIN
172 __SIGRTMIN + 1,
173 __SIGRTMIN + 2,
174 __SIGRTMIN + 3,
175 __SIGRTMIN + 4,
176 __SIGRTMIN + 5,
177 __SIGRTMIN + 6,
178 __SIGRTMIN + 7,
179 __SIGRTMIN + 8,
180 __SIGRTMIN + 9,
181 __SIGRTMIN + 10,
182 __SIGRTMIN + 11,
183 __SIGRTMIN + 12,
184 __SIGRTMIN + 13,
185 __SIGRTMIN + 14,
186 __SIGRTMIN + 15,
187 __SIGRTMIN + 16,
188 __SIGRTMIN + 17,
189 __SIGRTMIN + 18,
190 __SIGRTMIN + 19,
191 __SIGRTMIN + 20,
192 __SIGRTMIN + 21,
193 __SIGRTMIN + 22,
194 __SIGRTMIN + 23,
195 __SIGRTMIN + 24,
196 __SIGRTMIN + 25,
197 __SIGRTMIN + 26,
198 __SIGRTMIN + 27,
199 __SIGRTMIN + 28,
200 __SIGRTMIN + 29,
201 __SIGRTMIN + 30,
202 __SIGRTMIN + 31,
203 -1, /* SIGCANCEL */
204 __SIGRTMIN,
205 __SIGRTMIN + 32,
206 __SIGRTMIN + 33,
207 __SIGRTMIN + 34,
208 __SIGRTMIN + 35,
209 __SIGRTMIN + 36,
210 __SIGRTMIN + 37,
211 __SIGRTMIN + 38,
212 __SIGRTMIN + 39,
213 __SIGRTMIN + 40,
214 __SIGRTMIN + 41,
215 __SIGRTMIN + 42,
216 __SIGRTMIN + 43,
217 __SIGRTMIN + 44,
218 __SIGRTMIN + 45,
219 __SIGRTMIN + 46,
220 __SIGRTMIN + 47,
221 __SIGRTMIN + 48,
222 __SIGRTMIN + 49,
223 __SIGRTMIN + 50,
224 __SIGRTMIN + 51,
225 __SIGRTMIN + 52,
226 __SIGRTMIN + 53,
227 __SIGRTMIN + 54,
228 __SIGRTMIN + 55,
229 __SIGRTMIN + 56,
230 __SIGRTMIN + 57,
231 __SIGRTMIN + 58,
232 __SIGRTMIN + 59,
233 __SIGRTMIN + 60,
234 __SIGRTMIN + 61,
235 __SIGRTMIN + 62,
236 __SIGRTMIN + 63,
237 __SIGRTMIN + 64,
238 __SIGRTMIN + 65,
239 __SIGRTMIN + 66,
240 __SIGRTMIN + 67,
241 __SIGRTMIN + 68,
242 __SIGRTMIN + 69,
243 __SIGRTMIN + 70,
244 __SIGRTMIN + 71,
245 __SIGRTMIN + 72,
246 __SIGRTMIN + 73,
247 __SIGRTMIN + 74,
248 __SIGRTMIN + 75,
249 __SIGRTMIN + 76,
250 __SIGRTMIN + 77,
251 __SIGRTMIN + 78,
252 __SIGRTMIN + 79,
253 __SIGRTMIN + 80,
254 __SIGRTMIN + 81,
255 __SIGRTMIN + 82,
256 __SIGRTMIN + 83,
257 __SIGRTMIN + 84,
258 __SIGRTMIN + 85,
259 __SIGRTMIN + 86,
260 __SIGRTMIN + 87,
261 __SIGRTMIN + 88,
262 __SIGRTMIN + 89,
263 __SIGRTMIN + 90,
264 __SIGRTMIN + 91,
265 __SIGRTMIN + 92,
266 __SIGRTMIN + 93,
267 __SIGRTMIN + 94,
268 __SIGRTMIN + 95,
269 -1, /* SIGINFO */
270 -1, /* UNKNOWN */
271 -1, /* DEFAULT */
272 -1,
273 -1,
274 -1,
275 -1,
276 -1,
277 -1
278 #endif
279 };
280 #else
281 /* In system mode we only need SIGINT and SIGTRAP; other signals
282 are not yet supported. */
283
284 enum {
285 TARGET_SIGINT = 2,
286 TARGET_SIGTRAP = 5
287 };
288
289 static int gdb_signal_table[] = {
290 -1,
291 -1,
292 TARGET_SIGINT,
293 -1,
294 -1,
295 TARGET_SIGTRAP
296 };
297 #endif
298
299 #ifdef CONFIG_USER_ONLY
300 static int target_signal_to_gdb (int sig)
301 {
302 int i;
303 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
304 if (gdb_signal_table[i] == sig)
305 return i;
306 return GDB_SIGNAL_UNKNOWN;
307 }
308 #endif
309
310 static int gdb_signal_to_target (int sig)
311 {
312 if (sig < ARRAY_SIZE (gdb_signal_table))
313 return gdb_signal_table[sig];
314 else
315 return -1;
316 }
317
318 typedef struct GDBRegisterState {
319 int base_reg;
320 int num_regs;
321 gdb_get_reg_cb get_reg;
322 gdb_set_reg_cb set_reg;
323 const char *xml;
324 struct GDBRegisterState *next;
325 } GDBRegisterState;
326
327 typedef struct GDBProcess {
328 uint32_t pid;
329 bool attached;
330
331 char target_xml[1024];
332 } GDBProcess;
333
334 enum RSState {
335 RS_INACTIVE,
336 RS_IDLE,
337 RS_GETLINE,
338 RS_GETLINE_ESC,
339 RS_GETLINE_RLE,
340 RS_CHKSUM1,
341 RS_CHKSUM2,
342 };
343 typedef struct GDBState {
344 bool init; /* have we been initialised? */
345 CPUState *c_cpu; /* current CPU for step/continue ops */
346 CPUState *g_cpu; /* current CPU for other ops */
347 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
348 enum RSState state; /* parsing state */
349 char line_buf[MAX_PACKET_LENGTH];
350 int line_buf_index;
351 int line_sum; /* running checksum */
352 int line_csum; /* checksum at the end of the packet */
353 GByteArray *last_packet;
354 int signal;
355 #ifdef CONFIG_USER_ONLY
356 int fd;
357 char *socket_path;
358 int running_state;
359 #else
360 CharBackend chr;
361 Chardev *mon_chr;
362 #endif
363 bool multiprocess;
364 GDBProcess *processes;
365 int process_num;
366 char syscall_buf[256];
367 gdb_syscall_complete_cb current_syscall_cb;
368 GString *str_buf;
369 GByteArray *mem_buf;
370 int sstep_flags;
371 int supported_sstep_flags;
372 } GDBState;
373
374 static GDBState gdbserver_state;
375
376 static void init_gdbserver_state(void)
377 {
378 g_assert(!gdbserver_state.init);
379 memset(&gdbserver_state, 0, sizeof(GDBState));
380 gdbserver_state.init = true;
381 gdbserver_state.str_buf = g_string_new(NULL);
382 gdbserver_state.mem_buf = g_byte_array_sized_new(MAX_PACKET_LENGTH);
383 gdbserver_state.last_packet = g_byte_array_sized_new(MAX_PACKET_LENGTH + 4);
384
385 /*
386 * In replay mode all events will come from the log and can't be
387 * suppressed otherwise we would break determinism. However as those
388 * events are tied to the number of executed instructions we won't see
389 * them occurring every time we single step.
390 */
391 if (replay_mode != REPLAY_MODE_NONE) {
392 gdbserver_state.supported_sstep_flags = SSTEP_ENABLE;
393 } else if (kvm_enabled()) {
394 gdbserver_state.supported_sstep_flags = kvm_get_supported_sstep_flags();
395 } else {
396 gdbserver_state.supported_sstep_flags =
397 SSTEP_ENABLE | SSTEP_NOIRQ | SSTEP_NOTIMER;
398 }
399
400 /*
401 * By default use no IRQs and no timers while single stepping so as to
402 * make single stepping like an ICE HW step.
403 */
404 gdbserver_state.sstep_flags = SSTEP_ENABLE | SSTEP_NOIRQ | SSTEP_NOTIMER;
405 gdbserver_state.sstep_flags &= gdbserver_state.supported_sstep_flags;
406
407 }
408
409 #ifndef CONFIG_USER_ONLY
410 static void reset_gdbserver_state(void)
411 {
412 g_free(gdbserver_state.processes);
413 gdbserver_state.processes = NULL;
414 gdbserver_state.process_num = 0;
415 }
416 #endif
417
418 bool gdb_has_xml;
419
420 #ifdef CONFIG_USER_ONLY
421
422 static int get_char(void)
423 {
424 uint8_t ch;
425 int ret;
426
427 for(;;) {
428 ret = recv(gdbserver_state.fd, &ch, 1, 0);
429 if (ret < 0) {
430 if (errno == ECONNRESET)
431 gdbserver_state.fd = -1;
432 if (errno != EINTR)
433 return -1;
434 } else if (ret == 0) {
435 close(gdbserver_state.fd);
436 gdbserver_state.fd = -1;
437 return -1;
438 } else {
439 break;
440 }
441 }
442 return ch;
443 }
444 #endif
445
446 /*
447 * Return true if there is a GDB currently connected to the stub
448 * and attached to a CPU
449 */
450 static bool gdb_attached(void)
451 {
452 return gdbserver_state.init && gdbserver_state.c_cpu;
453 }
454
455 static enum {
456 GDB_SYS_UNKNOWN,
457 GDB_SYS_ENABLED,
458 GDB_SYS_DISABLED,
459 } gdb_syscall_mode;
460
461 /* Decide if either remote gdb syscalls or native file IO should be used. */
462 int use_gdb_syscalls(void)
463 {
464 SemihostingTarget target = semihosting_get_target();
465 if (target == SEMIHOSTING_TARGET_NATIVE) {
466 /* -semihosting-config target=native */
467 return false;
468 } else if (target == SEMIHOSTING_TARGET_GDB) {
469 /* -semihosting-config target=gdb */
470 return true;
471 }
472
473 /* -semihosting-config target=auto */
474 /* On the first call check if gdb is connected and remember. */
475 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
476 gdb_syscall_mode = gdb_attached() ? GDB_SYS_ENABLED : GDB_SYS_DISABLED;
477 }
478 return gdb_syscall_mode == GDB_SYS_ENABLED;
479 }
480
481 static bool stub_can_reverse(void)
482 {
483 #ifdef CONFIG_USER_ONLY
484 return false;
485 #else
486 return replay_mode == REPLAY_MODE_PLAY;
487 #endif
488 }
489
490 /* Resume execution. */
491 static inline void gdb_continue(void)
492 {
493
494 #ifdef CONFIG_USER_ONLY
495 gdbserver_state.running_state = 1;
496 trace_gdbstub_op_continue();
497 #else
498 if (!runstate_needs_reset()) {
499 trace_gdbstub_op_continue();
500 vm_start();
501 }
502 #endif
503 }
504
505 /*
506 * Resume execution, per CPU actions. For user-mode emulation it's
507 * equivalent to gdb_continue.
508 */
509 static int gdb_continue_partial(char *newstates)
510 {
511 CPUState *cpu;
512 int res = 0;
513 #ifdef CONFIG_USER_ONLY
514 /*
515 * This is not exactly accurate, but it's an improvement compared to the
516 * previous situation, where only one CPU would be single-stepped.
517 */
518 CPU_FOREACH(cpu) {
519 if (newstates[cpu->cpu_index] == 's') {
520 trace_gdbstub_op_stepping(cpu->cpu_index);
521 cpu_single_step(cpu, gdbserver_state.sstep_flags);
522 }
523 }
524 gdbserver_state.running_state = 1;
525 #else
526 int flag = 0;
527
528 if (!runstate_needs_reset()) {
529 bool step_requested = false;
530 CPU_FOREACH(cpu) {
531 if (newstates[cpu->cpu_index] == 's') {
532 step_requested = true;
533 break;
534 }
535 }
536
537 if (vm_prepare_start(step_requested)) {
538 return 0;
539 }
540
541 CPU_FOREACH(cpu) {
542 switch (newstates[cpu->cpu_index]) {
543 case 0:
544 case 1:
545 break; /* nothing to do here */
546 case 's':
547 trace_gdbstub_op_stepping(cpu->cpu_index);
548 cpu_single_step(cpu, gdbserver_state.sstep_flags);
549 cpu_resume(cpu);
550 flag = 1;
551 break;
552 case 'c':
553 trace_gdbstub_op_continue_cpu(cpu->cpu_index);
554 cpu_resume(cpu);
555 flag = 1;
556 break;
557 default:
558 res = -1;
559 break;
560 }
561 }
562 }
563 if (flag) {
564 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true);
565 }
566 #endif
567 return res;
568 }
569
570 static void put_buffer(const uint8_t *buf, int len)
571 {
572 #ifdef CONFIG_USER_ONLY
573 int ret;
574
575 while (len > 0) {
576 ret = send(gdbserver_state.fd, buf, len, 0);
577 if (ret < 0) {
578 if (errno != EINTR)
579 return;
580 } else {
581 buf += ret;
582 len -= ret;
583 }
584 }
585 #else
586 /* XXX this blocks entire thread. Rewrite to use
587 * qemu_chr_fe_write and background I/O callbacks */
588 qemu_chr_fe_write_all(&gdbserver_state.chr, buf, len);
589 #endif
590 }
591
592 static inline int fromhex(int v)
593 {
594 if (v >= '0' && v <= '9')
595 return v - '0';
596 else if (v >= 'A' && v <= 'F')
597 return v - 'A' + 10;
598 else if (v >= 'a' && v <= 'f')
599 return v - 'a' + 10;
600 else
601 return 0;
602 }
603
604 static inline int tohex(int v)
605 {
606 if (v < 10)
607 return v + '0';
608 else
609 return v - 10 + 'a';
610 }
611
612 /* writes 2*len+1 bytes in buf */
613 static void memtohex(GString *buf, const uint8_t *mem, int len)
614 {
615 int i, c;
616 for(i = 0; i < len; i++) {
617 c = mem[i];
618 g_string_append_c(buf, tohex(c >> 4));
619 g_string_append_c(buf, tohex(c & 0xf));
620 }
621 g_string_append_c(buf, '\0');
622 }
623
624 static void hextomem(GByteArray *mem, const char *buf, int len)
625 {
626 int i;
627
628 for(i = 0; i < len; i++) {
629 guint8 byte = fromhex(buf[0]) << 4 | fromhex(buf[1]);
630 g_byte_array_append(mem, &byte, 1);
631 buf += 2;
632 }
633 }
634
635 static void hexdump(const char *buf, int len,
636 void (*trace_fn)(size_t ofs, char const *text))
637 {
638 char line_buffer[3 * 16 + 4 + 16 + 1];
639
640 size_t i;
641 for (i = 0; i < len || (i & 0xF); ++i) {
642 size_t byte_ofs = i & 15;
643
644 if (byte_ofs == 0) {
645 memset(line_buffer, ' ', 3 * 16 + 4 + 16);
646 line_buffer[3 * 16 + 4 + 16] = 0;
647 }
648
649 size_t col_group = (i >> 2) & 3;
650 size_t hex_col = byte_ofs * 3 + col_group;
651 size_t txt_col = 3 * 16 + 4 + byte_ofs;
652
653 if (i < len) {
654 char value = buf[i];
655
656 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF);
657 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF);
658 line_buffer[txt_col + 0] = (value >= ' ' && value < 127)
659 ? value
660 : '.';
661 }
662
663 if (byte_ofs == 0xF)
664 trace_fn(i & -16, line_buffer);
665 }
666 }
667
668 /* return -1 if error, 0 if OK */
669 static int put_packet_binary(const char *buf, int len, bool dump)
670 {
671 int csum, i;
672 uint8_t footer[3];
673
674 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) {
675 hexdump(buf, len, trace_gdbstub_io_binaryreply);
676 }
677
678 for(;;) {
679 g_byte_array_set_size(gdbserver_state.last_packet, 0);
680 g_byte_array_append(gdbserver_state.last_packet,
681 (const uint8_t *) "$", 1);
682 g_byte_array_append(gdbserver_state.last_packet,
683 (const uint8_t *) buf, len);
684 csum = 0;
685 for(i = 0; i < len; i++) {
686 csum += buf[i];
687 }
688 footer[0] = '#';
689 footer[1] = tohex((csum >> 4) & 0xf);
690 footer[2] = tohex((csum) & 0xf);
691 g_byte_array_append(gdbserver_state.last_packet, footer, 3);
692
693 put_buffer(gdbserver_state.last_packet->data,
694 gdbserver_state.last_packet->len);
695
696 #ifdef CONFIG_USER_ONLY
697 i = get_char();
698 if (i < 0)
699 return -1;
700 if (i == '+')
701 break;
702 #else
703 break;
704 #endif
705 }
706 return 0;
707 }
708
709 /* return -1 if error, 0 if OK */
710 static int put_packet(const char *buf)
711 {
712 trace_gdbstub_io_reply(buf);
713
714 return put_packet_binary(buf, strlen(buf), false);
715 }
716
717 static void put_strbuf(void)
718 {
719 put_packet(gdbserver_state.str_buf->str);
720 }
721
722 /* Encode data using the encoding for 'x' packets. */
723 static void memtox(GString *buf, const char *mem, int len)
724 {
725 char c;
726
727 while (len--) {
728 c = *(mem++);
729 switch (c) {
730 case '#': case '$': case '*': case '}':
731 g_string_append_c(buf, '}');
732 g_string_append_c(buf, c ^ 0x20);
733 break;
734 default:
735 g_string_append_c(buf, c);
736 break;
737 }
738 }
739 }
740
741 static uint32_t gdb_get_cpu_pid(CPUState *cpu)
742 {
743 /* TODO: In user mode, we should use the task state PID */
744 if (cpu->cluster_index == UNASSIGNED_CLUSTER_INDEX) {
745 /* Return the default process' PID */
746 int index = gdbserver_state.process_num - 1;
747 return gdbserver_state.processes[index].pid;
748 }
749 return cpu->cluster_index + 1;
750 }
751
752 static GDBProcess *gdb_get_process(uint32_t pid)
753 {
754 int i;
755
756 if (!pid) {
757 /* 0 means any process, we take the first one */
758 return &gdbserver_state.processes[0];
759 }
760
761 for (i = 0; i < gdbserver_state.process_num; i++) {
762 if (gdbserver_state.processes[i].pid == pid) {
763 return &gdbserver_state.processes[i];
764 }
765 }
766
767 return NULL;
768 }
769
770 static GDBProcess *gdb_get_cpu_process(CPUState *cpu)
771 {
772 return gdb_get_process(gdb_get_cpu_pid(cpu));
773 }
774
775 static CPUState *find_cpu(uint32_t thread_id)
776 {
777 CPUState *cpu;
778
779 CPU_FOREACH(cpu) {
780 if (cpu_gdb_index(cpu) == thread_id) {
781 return cpu;
782 }
783 }
784
785 return NULL;
786 }
787
788 static CPUState *get_first_cpu_in_process(GDBProcess *process)
789 {
790 CPUState *cpu;
791
792 CPU_FOREACH(cpu) {
793 if (gdb_get_cpu_pid(cpu) == process->pid) {
794 return cpu;
795 }
796 }
797
798 return NULL;
799 }
800
801 static CPUState *gdb_next_cpu_in_process(CPUState *cpu)
802 {
803 uint32_t pid = gdb_get_cpu_pid(cpu);
804 cpu = CPU_NEXT(cpu);
805
806 while (cpu) {
807 if (gdb_get_cpu_pid(cpu) == pid) {
808 break;
809 }
810
811 cpu = CPU_NEXT(cpu);
812 }
813
814 return cpu;
815 }
816
817 /* Return the cpu following @cpu, while ignoring unattached processes. */
818 static CPUState *gdb_next_attached_cpu(CPUState *cpu)
819 {
820 cpu = CPU_NEXT(cpu);
821
822 while (cpu) {
823 if (gdb_get_cpu_process(cpu)->attached) {
824 break;
825 }
826
827 cpu = CPU_NEXT(cpu);
828 }
829
830 return cpu;
831 }
832
833 /* Return the first attached cpu */
834 static CPUState *gdb_first_attached_cpu(void)
835 {
836 CPUState *cpu = first_cpu;
837 GDBProcess *process = gdb_get_cpu_process(cpu);
838
839 if (!process->attached) {
840 return gdb_next_attached_cpu(cpu);
841 }
842
843 return cpu;
844 }
845
846 static CPUState *gdb_get_cpu(uint32_t pid, uint32_t tid)
847 {
848 GDBProcess *process;
849 CPUState *cpu;
850
851 if (!pid && !tid) {
852 /* 0 means any process/thread, we take the first attached one */
853 return gdb_first_attached_cpu();
854 } else if (pid && !tid) {
855 /* any thread in a specific process */
856 process = gdb_get_process(pid);
857
858 if (process == NULL) {
859 return NULL;
860 }
861
862 if (!process->attached) {
863 return NULL;
864 }
865
866 return get_first_cpu_in_process(process);
867 } else {
868 /* a specific thread */
869 cpu = find_cpu(tid);
870
871 if (cpu == NULL) {
872 return NULL;
873 }
874
875 process = gdb_get_cpu_process(cpu);
876
877 if (pid && process->pid != pid) {
878 return NULL;
879 }
880
881 if (!process->attached) {
882 return NULL;
883 }
884
885 return cpu;
886 }
887 }
888
889 static const char *get_feature_xml(const char *p, const char **newp,
890 GDBProcess *process)
891 {
892 size_t len;
893 int i;
894 const char *name;
895 CPUState *cpu = get_first_cpu_in_process(process);
896 CPUClass *cc = CPU_GET_CLASS(cpu);
897
898 len = 0;
899 while (p[len] && p[len] != ':')
900 len++;
901 *newp = p + len;
902
903 name = NULL;
904 if (strncmp(p, "target.xml", len) == 0) {
905 char *buf = process->target_xml;
906 const size_t buf_sz = sizeof(process->target_xml);
907
908 /* Generate the XML description for this CPU. */
909 if (!buf[0]) {
910 GDBRegisterState *r;
911
912 pstrcat(buf, buf_sz,
913 "<?xml version=\"1.0\"?>"
914 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
915 "<target>");
916 if (cc->gdb_arch_name) {
917 gchar *arch = cc->gdb_arch_name(cpu);
918 pstrcat(buf, buf_sz, "<architecture>");
919 pstrcat(buf, buf_sz, arch);
920 pstrcat(buf, buf_sz, "</architecture>");
921 g_free(arch);
922 }
923 pstrcat(buf, buf_sz, "<xi:include href=\"");
924 pstrcat(buf, buf_sz, cc->gdb_core_xml_file);
925 pstrcat(buf, buf_sz, "\"/>");
926 for (r = cpu->gdb_regs; r; r = r->next) {
927 pstrcat(buf, buf_sz, "<xi:include href=\"");
928 pstrcat(buf, buf_sz, r->xml);
929 pstrcat(buf, buf_sz, "\"/>");
930 }
931 pstrcat(buf, buf_sz, "</target>");
932 }
933 return buf;
934 }
935 if (cc->gdb_get_dynamic_xml) {
936 char *xmlname = g_strndup(p, len);
937 const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname);
938
939 g_free(xmlname);
940 if (xml) {
941 return xml;
942 }
943 }
944 for (i = 0; ; i++) {
945 name = xml_builtin[i][0];
946 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
947 break;
948 }
949 return name ? xml_builtin[i][1] : NULL;
950 }
951
952 static int gdb_read_register(CPUState *cpu, GByteArray *buf, int reg)
953 {
954 CPUClass *cc = CPU_GET_CLASS(cpu);
955 CPUArchState *env = cpu->env_ptr;
956 GDBRegisterState *r;
957
958 if (reg < cc->gdb_num_core_regs) {
959 return cc->gdb_read_register(cpu, buf, reg);
960 }
961
962 for (r = cpu->gdb_regs; r; r = r->next) {
963 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
964 return r->get_reg(env, buf, reg - r->base_reg);
965 }
966 }
967 return 0;
968 }
969
970 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
971 {
972 CPUClass *cc = CPU_GET_CLASS(cpu);
973 CPUArchState *env = cpu->env_ptr;
974 GDBRegisterState *r;
975
976 if (reg < cc->gdb_num_core_regs) {
977 return cc->gdb_write_register(cpu, mem_buf, reg);
978 }
979
980 for (r = cpu->gdb_regs; r; r = r->next) {
981 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
982 return r->set_reg(env, mem_buf, reg - r->base_reg);
983 }
984 }
985 return 0;
986 }
987
988 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
989 specifies the first register number and these registers are included in
990 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
991 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
992 */
993
994 void gdb_register_coprocessor(CPUState *cpu,
995 gdb_get_reg_cb get_reg, gdb_set_reg_cb set_reg,
996 int num_regs, const char *xml, int g_pos)
997 {
998 GDBRegisterState *s;
999 GDBRegisterState **p;
1000
1001 p = &cpu->gdb_regs;
1002 while (*p) {
1003 /* Check for duplicates. */
1004 if (strcmp((*p)->xml, xml) == 0)
1005 return;
1006 p = &(*p)->next;
1007 }
1008
1009 s = g_new0(GDBRegisterState, 1);
1010 s->base_reg = cpu->gdb_num_regs;
1011 s->num_regs = num_regs;
1012 s->get_reg = get_reg;
1013 s->set_reg = set_reg;
1014 s->xml = xml;
1015
1016 /* Add to end of list. */
1017 cpu->gdb_num_regs += num_regs;
1018 *p = s;
1019 if (g_pos) {
1020 if (g_pos != s->base_reg) {
1021 error_report("Error: Bad gdb register numbering for '%s', "
1022 "expected %d got %d", xml, g_pos, s->base_reg);
1023 } else {
1024 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
1025 }
1026 }
1027 }
1028
1029 #ifndef CONFIG_USER_ONLY
1030 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
1031 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
1032 {
1033 static const int xlat[] = {
1034 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
1035 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
1036 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
1037 };
1038
1039 CPUClass *cc = CPU_GET_CLASS(cpu);
1040 int cputype = xlat[gdbtype];
1041
1042 if (cc->gdb_stop_before_watchpoint) {
1043 cputype |= BP_STOP_BEFORE_ACCESS;
1044 }
1045 return cputype;
1046 }
1047 #endif
1048
1049 static int gdb_breakpoint_insert(int type, target_ulong addr, target_ulong len)
1050 {
1051 CPUState *cpu;
1052 int err = 0;
1053
1054 if (kvm_enabled()) {
1055 return kvm_insert_breakpoint(gdbserver_state.c_cpu, addr, len, type);
1056 }
1057
1058 switch (type) {
1059 case GDB_BREAKPOINT_SW:
1060 case GDB_BREAKPOINT_HW:
1061 CPU_FOREACH(cpu) {
1062 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
1063 if (err) {
1064 break;
1065 }
1066 }
1067 return err;
1068 #ifndef CONFIG_USER_ONLY
1069 case GDB_WATCHPOINT_WRITE:
1070 case GDB_WATCHPOINT_READ:
1071 case GDB_WATCHPOINT_ACCESS:
1072 CPU_FOREACH(cpu) {
1073 err = cpu_watchpoint_insert(cpu, addr, len,
1074 xlat_gdb_type(cpu, type), NULL);
1075 if (err) {
1076 break;
1077 }
1078 }
1079 return err;
1080 #endif
1081 default:
1082 return -ENOSYS;
1083 }
1084 }
1085
1086 static int gdb_breakpoint_remove(int type, target_ulong addr, target_ulong len)
1087 {
1088 CPUState *cpu;
1089 int err = 0;
1090
1091 if (kvm_enabled()) {
1092 return kvm_remove_breakpoint(gdbserver_state.c_cpu, addr, len, type);
1093 }
1094
1095 switch (type) {
1096 case GDB_BREAKPOINT_SW:
1097 case GDB_BREAKPOINT_HW:
1098 CPU_FOREACH(cpu) {
1099 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
1100 if (err) {
1101 break;
1102 }
1103 }
1104 return err;
1105 #ifndef CONFIG_USER_ONLY
1106 case GDB_WATCHPOINT_WRITE:
1107 case GDB_WATCHPOINT_READ:
1108 case GDB_WATCHPOINT_ACCESS:
1109 CPU_FOREACH(cpu) {
1110 err = cpu_watchpoint_remove(cpu, addr, len,
1111 xlat_gdb_type(cpu, type));
1112 if (err)
1113 break;
1114 }
1115 return err;
1116 #endif
1117 default:
1118 return -ENOSYS;
1119 }
1120 }
1121
1122 static inline void gdb_cpu_breakpoint_remove_all(CPUState *cpu)
1123 {
1124 cpu_breakpoint_remove_all(cpu, BP_GDB);
1125 #ifndef CONFIG_USER_ONLY
1126 cpu_watchpoint_remove_all(cpu, BP_GDB);
1127 #endif
1128 }
1129
1130 static void gdb_process_breakpoint_remove_all(GDBProcess *p)
1131 {
1132 CPUState *cpu = get_first_cpu_in_process(p);
1133
1134 while (cpu) {
1135 gdb_cpu_breakpoint_remove_all(cpu);
1136 cpu = gdb_next_cpu_in_process(cpu);
1137 }
1138 }
1139
1140 static void gdb_breakpoint_remove_all(void)
1141 {
1142 CPUState *cpu;
1143
1144 if (kvm_enabled()) {
1145 kvm_remove_all_breakpoints(gdbserver_state.c_cpu);
1146 return;
1147 }
1148
1149 CPU_FOREACH(cpu) {
1150 gdb_cpu_breakpoint_remove_all(cpu);
1151 }
1152 }
1153
1154 static void gdb_set_cpu_pc(target_ulong pc)
1155 {
1156 CPUState *cpu = gdbserver_state.c_cpu;
1157
1158 cpu_synchronize_state(cpu);
1159 cpu_set_pc(cpu, pc);
1160 }
1161
1162 static void gdb_append_thread_id(CPUState *cpu, GString *buf)
1163 {
1164 if (gdbserver_state.multiprocess) {
1165 g_string_append_printf(buf, "p%02x.%02x",
1166 gdb_get_cpu_pid(cpu), cpu_gdb_index(cpu));
1167 } else {
1168 g_string_append_printf(buf, "%02x", cpu_gdb_index(cpu));
1169 }
1170 }
1171
1172 typedef enum GDBThreadIdKind {
1173 GDB_ONE_THREAD = 0,
1174 GDB_ALL_THREADS, /* One process, all threads */
1175 GDB_ALL_PROCESSES,
1176 GDB_READ_THREAD_ERR
1177 } GDBThreadIdKind;
1178
1179 static GDBThreadIdKind read_thread_id(const char *buf, const char **end_buf,
1180 uint32_t *pid, uint32_t *tid)
1181 {
1182 unsigned long p, t;
1183 int ret;
1184
1185 if (*buf == 'p') {
1186 buf++;
1187 ret = qemu_strtoul(buf, &buf, 16, &p);
1188
1189 if (ret) {
1190 return GDB_READ_THREAD_ERR;
1191 }
1192
1193 /* Skip '.' */
1194 buf++;
1195 } else {
1196 p = 1;
1197 }
1198
1199 ret = qemu_strtoul(buf, &buf, 16, &t);
1200
1201 if (ret) {
1202 return GDB_READ_THREAD_ERR;
1203 }
1204
1205 *end_buf = buf;
1206
1207 if (p == -1) {
1208 return GDB_ALL_PROCESSES;
1209 }
1210
1211 if (pid) {
1212 *pid = p;
1213 }
1214
1215 if (t == -1) {
1216 return GDB_ALL_THREADS;
1217 }
1218
1219 if (tid) {
1220 *tid = t;
1221 }
1222
1223 return GDB_ONE_THREAD;
1224 }
1225
1226 /**
1227 * gdb_handle_vcont - Parses and handles a vCont packet.
1228 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
1229 * a format error, 0 on success.
1230 */
1231 static int gdb_handle_vcont(const char *p)
1232 {
1233 int res, signal = 0;
1234 char cur_action;
1235 char *newstates;
1236 unsigned long tmp;
1237 uint32_t pid, tid;
1238 GDBProcess *process;
1239 CPUState *cpu;
1240 GDBThreadIdKind kind;
1241 #ifdef CONFIG_USER_ONLY
1242 int max_cpus = 1; /* global variable max_cpus exists only in system mode */
1243
1244 CPU_FOREACH(cpu) {
1245 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus;
1246 }
1247 #else
1248 MachineState *ms = MACHINE(qdev_get_machine());
1249 unsigned int max_cpus = ms->smp.max_cpus;
1250 #endif
1251 /* uninitialised CPUs stay 0 */
1252 newstates = g_new0(char, max_cpus);
1253
1254 /* mark valid CPUs with 1 */
1255 CPU_FOREACH(cpu) {
1256 newstates[cpu->cpu_index] = 1;
1257 }
1258
1259 /*
1260 * res keeps track of what error we are returning, with -ENOTSUP meaning
1261 * that the command is unknown or unsupported, thus returning an empty
1262 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
1263 * or incorrect parameters passed.
1264 */
1265 res = 0;
1266 while (*p) {
1267 if (*p++ != ';') {
1268 res = -ENOTSUP;
1269 goto out;
1270 }
1271
1272 cur_action = *p++;
1273 if (cur_action == 'C' || cur_action == 'S') {
1274 cur_action = qemu_tolower(cur_action);
1275 res = qemu_strtoul(p, &p, 16, &tmp);
1276 if (res) {
1277 goto out;
1278 }
1279 signal = gdb_signal_to_target(tmp);
1280 } else if (cur_action != 'c' && cur_action != 's') {
1281 /* unknown/invalid/unsupported command */
1282 res = -ENOTSUP;
1283 goto out;
1284 }
1285
1286 if (*p == '\0' || *p == ';') {
1287 /*
1288 * No thread specifier, action is on "all threads". The
1289 * specification is unclear regarding the process to act on. We
1290 * choose all processes.
1291 */
1292 kind = GDB_ALL_PROCESSES;
1293 } else if (*p++ == ':') {
1294 kind = read_thread_id(p, &p, &pid, &tid);
1295 } else {
1296 res = -ENOTSUP;
1297 goto out;
1298 }
1299
1300 switch (kind) {
1301 case GDB_READ_THREAD_ERR:
1302 res = -EINVAL;
1303 goto out;
1304
1305 case GDB_ALL_PROCESSES:
1306 cpu = gdb_first_attached_cpu();
1307 while (cpu) {
1308 if (newstates[cpu->cpu_index] == 1) {
1309 newstates[cpu->cpu_index] = cur_action;
1310 }
1311
1312 cpu = gdb_next_attached_cpu(cpu);
1313 }
1314 break;
1315
1316 case GDB_ALL_THREADS:
1317 process = gdb_get_process(pid);
1318
1319 if (!process->attached) {
1320 res = -EINVAL;
1321 goto out;
1322 }
1323
1324 cpu = get_first_cpu_in_process(process);
1325 while (cpu) {
1326 if (newstates[cpu->cpu_index] == 1) {
1327 newstates[cpu->cpu_index] = cur_action;
1328 }
1329
1330 cpu = gdb_next_cpu_in_process(cpu);
1331 }
1332 break;
1333
1334 case GDB_ONE_THREAD:
1335 cpu = gdb_get_cpu(pid, tid);
1336
1337 /* invalid CPU/thread specified */
1338 if (!cpu) {
1339 res = -EINVAL;
1340 goto out;
1341 }
1342
1343 /* only use if no previous match occourred */
1344 if (newstates[cpu->cpu_index] == 1) {
1345 newstates[cpu->cpu_index] = cur_action;
1346 }
1347 break;
1348 }
1349 }
1350 gdbserver_state.signal = signal;
1351 gdb_continue_partial(newstates);
1352
1353 out:
1354 g_free(newstates);
1355
1356 return res;
1357 }
1358
1359 typedef union GdbCmdVariant {
1360 const char *data;
1361 uint8_t opcode;
1362 unsigned long val_ul;
1363 unsigned long long val_ull;
1364 struct {
1365 GDBThreadIdKind kind;
1366 uint32_t pid;
1367 uint32_t tid;
1368 } thread_id;
1369 } GdbCmdVariant;
1370
1371 #define get_param(p, i) (&g_array_index(p, GdbCmdVariant, i))
1372
1373 static const char *cmd_next_param(const char *param, const char delimiter)
1374 {
1375 static const char all_delimiters[] = ",;:=";
1376 char curr_delimiters[2] = {0};
1377 const char *delimiters;
1378
1379 if (delimiter == '?') {
1380 delimiters = all_delimiters;
1381 } else if (delimiter == '0') {
1382 return strchr(param, '\0');
1383 } else if (delimiter == '.' && *param) {
1384 return param + 1;
1385 } else {
1386 curr_delimiters[0] = delimiter;
1387 delimiters = curr_delimiters;
1388 }
1389
1390 param += strcspn(param, delimiters);
1391 if (*param) {
1392 param++;
1393 }
1394 return param;
1395 }
1396
1397 static int cmd_parse_params(const char *data, const char *schema,
1398 GArray *params)
1399 {
1400 const char *curr_schema, *curr_data;
1401
1402 g_assert(schema);
1403 g_assert(params->len == 0);
1404
1405 curr_schema = schema;
1406 curr_data = data;
1407 while (curr_schema[0] && curr_schema[1] && *curr_data) {
1408 GdbCmdVariant this_param;
1409
1410 switch (curr_schema[0]) {
1411 case 'l':
1412 if (qemu_strtoul(curr_data, &curr_data, 16,
1413 &this_param.val_ul)) {
1414 return -EINVAL;
1415 }
1416 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1417 g_array_append_val(params, this_param);
1418 break;
1419 case 'L':
1420 if (qemu_strtou64(curr_data, &curr_data, 16,
1421 (uint64_t *)&this_param.val_ull)) {
1422 return -EINVAL;
1423 }
1424 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1425 g_array_append_val(params, this_param);
1426 break;
1427 case 's':
1428 this_param.data = curr_data;
1429 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1430 g_array_append_val(params, this_param);
1431 break;
1432 case 'o':
1433 this_param.opcode = *(uint8_t *)curr_data;
1434 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1435 g_array_append_val(params, this_param);
1436 break;
1437 case 't':
1438 this_param.thread_id.kind =
1439 read_thread_id(curr_data, &curr_data,
1440 &this_param.thread_id.pid,
1441 &this_param.thread_id.tid);
1442 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1443 g_array_append_val(params, this_param);
1444 break;
1445 case '?':
1446 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1447 break;
1448 default:
1449 return -EINVAL;
1450 }
1451 curr_schema += 2;
1452 }
1453
1454 return 0;
1455 }
1456
1457 typedef void (*GdbCmdHandler)(GArray *params, void *user_ctx);
1458
1459 /*
1460 * cmd_startswith -> cmd is compared using startswith
1461 *
1462 *
1463 * schema definitions:
1464 * Each schema parameter entry consists of 2 chars,
1465 * the first char represents the parameter type handling
1466 * the second char represents the delimiter for the next parameter
1467 *
1468 * Currently supported schema types:
1469 * 'l' -> unsigned long (stored in .val_ul)
1470 * 'L' -> unsigned long long (stored in .val_ull)
1471 * 's' -> string (stored in .data)
1472 * 'o' -> single char (stored in .opcode)
1473 * 't' -> thread id (stored in .thread_id)
1474 * '?' -> skip according to delimiter
1475 *
1476 * Currently supported delimiters:
1477 * '?' -> Stop at any delimiter (",;:=\0")
1478 * '0' -> Stop at "\0"
1479 * '.' -> Skip 1 char unless reached "\0"
1480 * Any other value is treated as the delimiter value itself
1481 */
1482 typedef struct GdbCmdParseEntry {
1483 GdbCmdHandler handler;
1484 const char *cmd;
1485 bool cmd_startswith;
1486 const char *schema;
1487 } GdbCmdParseEntry;
1488
1489 static inline int startswith(const char *string, const char *pattern)
1490 {
1491 return !strncmp(string, pattern, strlen(pattern));
1492 }
1493
1494 static int process_string_cmd(void *user_ctx, const char *data,
1495 const GdbCmdParseEntry *cmds, int num_cmds)
1496 {
1497 int i;
1498 g_autoptr(GArray) params = g_array_new(false, true, sizeof(GdbCmdVariant));
1499
1500 if (!cmds) {
1501 return -1;
1502 }
1503
1504 for (i = 0; i < num_cmds; i++) {
1505 const GdbCmdParseEntry *cmd = &cmds[i];
1506 g_assert(cmd->handler && cmd->cmd);
1507
1508 if ((cmd->cmd_startswith && !startswith(data, cmd->cmd)) ||
1509 (!cmd->cmd_startswith && strcmp(cmd->cmd, data))) {
1510 continue;
1511 }
1512
1513 if (cmd->schema) {
1514 if (cmd_parse_params(&data[strlen(cmd->cmd)],
1515 cmd->schema, params)) {
1516 return -1;
1517 }
1518 }
1519
1520 cmd->handler(params, user_ctx);
1521 return 0;
1522 }
1523
1524 return -1;
1525 }
1526
1527 static void run_cmd_parser(const char *data, const GdbCmdParseEntry *cmd)
1528 {
1529 if (!data) {
1530 return;
1531 }
1532
1533 g_string_set_size(gdbserver_state.str_buf, 0);
1534 g_byte_array_set_size(gdbserver_state.mem_buf, 0);
1535
1536 /* In case there was an error during the command parsing we must
1537 * send a NULL packet to indicate the command is not supported */
1538 if (process_string_cmd(NULL, data, cmd, 1)) {
1539 put_packet("");
1540 }
1541 }
1542
1543 static void handle_detach(GArray *params, void *user_ctx)
1544 {
1545 GDBProcess *process;
1546 uint32_t pid = 1;
1547
1548 if (gdbserver_state.multiprocess) {
1549 if (!params->len) {
1550 put_packet("E22");
1551 return;
1552 }
1553
1554 pid = get_param(params, 0)->val_ul;
1555 }
1556
1557 process = gdb_get_process(pid);
1558 gdb_process_breakpoint_remove_all(process);
1559 process->attached = false;
1560
1561 if (pid == gdb_get_cpu_pid(gdbserver_state.c_cpu)) {
1562 gdbserver_state.c_cpu = gdb_first_attached_cpu();
1563 }
1564
1565 if (pid == gdb_get_cpu_pid(gdbserver_state.g_cpu)) {
1566 gdbserver_state.g_cpu = gdb_first_attached_cpu();
1567 }
1568
1569 if (!gdbserver_state.c_cpu) {
1570 /* No more process attached */
1571 gdb_syscall_mode = GDB_SYS_DISABLED;
1572 gdb_continue();
1573 }
1574 put_packet("OK");
1575 }
1576
1577 static void handle_thread_alive(GArray *params, void *user_ctx)
1578 {
1579 CPUState *cpu;
1580
1581 if (!params->len) {
1582 put_packet("E22");
1583 return;
1584 }
1585
1586 if (get_param(params, 0)->thread_id.kind == GDB_READ_THREAD_ERR) {
1587 put_packet("E22");
1588 return;
1589 }
1590
1591 cpu = gdb_get_cpu(get_param(params, 0)->thread_id.pid,
1592 get_param(params, 0)->thread_id.tid);
1593 if (!cpu) {
1594 put_packet("E22");
1595 return;
1596 }
1597
1598 put_packet("OK");
1599 }
1600
1601 static void handle_continue(GArray *params, void *user_ctx)
1602 {
1603 if (params->len) {
1604 gdb_set_cpu_pc(get_param(params, 0)->val_ull);
1605 }
1606
1607 gdbserver_state.signal = 0;
1608 gdb_continue();
1609 }
1610
1611 static void handle_cont_with_sig(GArray *params, void *user_ctx)
1612 {
1613 unsigned long signal = 0;
1614
1615 /*
1616 * Note: C sig;[addr] is currently unsupported and we simply
1617 * omit the addr parameter
1618 */
1619 if (params->len) {
1620 signal = get_param(params, 0)->val_ul;
1621 }
1622
1623 gdbserver_state.signal = gdb_signal_to_target(signal);
1624 if (gdbserver_state.signal == -1) {
1625 gdbserver_state.signal = 0;
1626 }
1627 gdb_continue();
1628 }
1629
1630 static void handle_set_thread(GArray *params, void *user_ctx)
1631 {
1632 CPUState *cpu;
1633
1634 if (params->len != 2) {
1635 put_packet("E22");
1636 return;
1637 }
1638
1639 if (get_param(params, 1)->thread_id.kind == GDB_READ_THREAD_ERR) {
1640 put_packet("E22");
1641 return;
1642 }
1643
1644 if (get_param(params, 1)->thread_id.kind != GDB_ONE_THREAD) {
1645 put_packet("OK");
1646 return;
1647 }
1648
1649 cpu = gdb_get_cpu(get_param(params, 1)->thread_id.pid,
1650 get_param(params, 1)->thread_id.tid);
1651 if (!cpu) {
1652 put_packet("E22");
1653 return;
1654 }
1655
1656 /*
1657 * Note: This command is deprecated and modern gdb's will be using the
1658 * vCont command instead.
1659 */
1660 switch (get_param(params, 0)->opcode) {
1661 case 'c':
1662 gdbserver_state.c_cpu = cpu;
1663 put_packet("OK");
1664 break;
1665 case 'g':
1666 gdbserver_state.g_cpu = cpu;
1667 put_packet("OK");
1668 break;
1669 default:
1670 put_packet("E22");
1671 break;
1672 }
1673 }
1674
1675 static void handle_insert_bp(GArray *params, void *user_ctx)
1676 {
1677 int res;
1678
1679 if (params->len != 3) {
1680 put_packet("E22");
1681 return;
1682 }
1683
1684 res = gdb_breakpoint_insert(get_param(params, 0)->val_ul,
1685 get_param(params, 1)->val_ull,
1686 get_param(params, 2)->val_ull);
1687 if (res >= 0) {
1688 put_packet("OK");
1689 return;
1690 } else if (res == -ENOSYS) {
1691 put_packet("");
1692 return;
1693 }
1694
1695 put_packet("E22");
1696 }
1697
1698 static void handle_remove_bp(GArray *params, void *user_ctx)
1699 {
1700 int res;
1701
1702 if (params->len != 3) {
1703 put_packet("E22");
1704 return;
1705 }
1706
1707 res = gdb_breakpoint_remove(get_param(params, 0)->val_ul,
1708 get_param(params, 1)->val_ull,
1709 get_param(params, 2)->val_ull);
1710 if (res >= 0) {
1711 put_packet("OK");
1712 return;
1713 } else if (res == -ENOSYS) {
1714 put_packet("");
1715 return;
1716 }
1717
1718 put_packet("E22");
1719 }
1720
1721 /*
1722 * handle_set/get_reg
1723 *
1724 * Older gdb are really dumb, and don't use 'G/g' if 'P/p' is available.
1725 * This works, but can be very slow. Anything new enough to understand
1726 * XML also knows how to use this properly. However to use this we
1727 * need to define a local XML file as well as be talking to a
1728 * reasonably modern gdb. Responding with an empty packet will cause
1729 * the remote gdb to fallback to older methods.
1730 */
1731
1732 static void handle_set_reg(GArray *params, void *user_ctx)
1733 {
1734 int reg_size;
1735
1736 if (!gdb_has_xml) {
1737 put_packet("");
1738 return;
1739 }
1740
1741 if (params->len != 2) {
1742 put_packet("E22");
1743 return;
1744 }
1745
1746 reg_size = strlen(get_param(params, 1)->data) / 2;
1747 hextomem(gdbserver_state.mem_buf, get_param(params, 1)->data, reg_size);
1748 gdb_write_register(gdbserver_state.g_cpu, gdbserver_state.mem_buf->data,
1749 get_param(params, 0)->val_ull);
1750 put_packet("OK");
1751 }
1752
1753 static void handle_get_reg(GArray *params, void *user_ctx)
1754 {
1755 int reg_size;
1756
1757 if (!gdb_has_xml) {
1758 put_packet("");
1759 return;
1760 }
1761
1762 if (!params->len) {
1763 put_packet("E14");
1764 return;
1765 }
1766
1767 reg_size = gdb_read_register(gdbserver_state.g_cpu,
1768 gdbserver_state.mem_buf,
1769 get_param(params, 0)->val_ull);
1770 if (!reg_size) {
1771 put_packet("E14");
1772 return;
1773 } else {
1774 g_byte_array_set_size(gdbserver_state.mem_buf, reg_size);
1775 }
1776
1777 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, reg_size);
1778 put_strbuf();
1779 }
1780
1781 static void handle_write_mem(GArray *params, void *user_ctx)
1782 {
1783 if (params->len != 3) {
1784 put_packet("E22");
1785 return;
1786 }
1787
1788 /* hextomem() reads 2*len bytes */
1789 if (get_param(params, 1)->val_ull >
1790 strlen(get_param(params, 2)->data) / 2) {
1791 put_packet("E22");
1792 return;
1793 }
1794
1795 hextomem(gdbserver_state.mem_buf, get_param(params, 2)->data,
1796 get_param(params, 1)->val_ull);
1797 if (target_memory_rw_debug(gdbserver_state.g_cpu,
1798 get_param(params, 0)->val_ull,
1799 gdbserver_state.mem_buf->data,
1800 gdbserver_state.mem_buf->len, true)) {
1801 put_packet("E14");
1802 return;
1803 }
1804
1805 put_packet("OK");
1806 }
1807
1808 static void handle_read_mem(GArray *params, void *user_ctx)
1809 {
1810 if (params->len != 2) {
1811 put_packet("E22");
1812 return;
1813 }
1814
1815 /* memtohex() doubles the required space */
1816 if (get_param(params, 1)->val_ull > MAX_PACKET_LENGTH / 2) {
1817 put_packet("E22");
1818 return;
1819 }
1820
1821 g_byte_array_set_size(gdbserver_state.mem_buf,
1822 get_param(params, 1)->val_ull);
1823
1824 if (target_memory_rw_debug(gdbserver_state.g_cpu,
1825 get_param(params, 0)->val_ull,
1826 gdbserver_state.mem_buf->data,
1827 gdbserver_state.mem_buf->len, false)) {
1828 put_packet("E14");
1829 return;
1830 }
1831
1832 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data,
1833 gdbserver_state.mem_buf->len);
1834 put_strbuf();
1835 }
1836
1837 static void handle_write_all_regs(GArray *params, void *user_ctx)
1838 {
1839 target_ulong addr, len;
1840 uint8_t *registers;
1841 int reg_size;
1842
1843 if (!params->len) {
1844 return;
1845 }
1846
1847 cpu_synchronize_state(gdbserver_state.g_cpu);
1848 len = strlen(get_param(params, 0)->data) / 2;
1849 hextomem(gdbserver_state.mem_buf, get_param(params, 0)->data, len);
1850 registers = gdbserver_state.mem_buf->data;
1851 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs && len > 0;
1852 addr++) {
1853 reg_size = gdb_write_register(gdbserver_state.g_cpu, registers, addr);
1854 len -= reg_size;
1855 registers += reg_size;
1856 }
1857 put_packet("OK");
1858 }
1859
1860 static void handle_read_all_regs(GArray *params, void *user_ctx)
1861 {
1862 target_ulong addr, len;
1863
1864 cpu_synchronize_state(gdbserver_state.g_cpu);
1865 g_byte_array_set_size(gdbserver_state.mem_buf, 0);
1866 len = 0;
1867 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs; addr++) {
1868 len += gdb_read_register(gdbserver_state.g_cpu,
1869 gdbserver_state.mem_buf,
1870 addr);
1871 }
1872 g_assert(len == gdbserver_state.mem_buf->len);
1873
1874 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, len);
1875 put_strbuf();
1876 }
1877
1878 static void handle_file_io(GArray *params, void *user_ctx)
1879 {
1880 if (params->len >= 1 && gdbserver_state.current_syscall_cb) {
1881 target_ulong ret, err;
1882
1883 ret = (target_ulong)get_param(params, 0)->val_ull;
1884 if (params->len >= 2) {
1885 err = (target_ulong)get_param(params, 1)->val_ull;
1886 } else {
1887 err = 0;
1888 }
1889 gdbserver_state.current_syscall_cb(gdbserver_state.c_cpu, ret, err);
1890 gdbserver_state.current_syscall_cb = NULL;
1891 }
1892
1893 if (params->len >= 3 && get_param(params, 2)->opcode == (uint8_t)'C') {
1894 put_packet("T02");
1895 return;
1896 }
1897
1898 gdb_continue();
1899 }
1900
1901 static void handle_step(GArray *params, void *user_ctx)
1902 {
1903 if (params->len) {
1904 gdb_set_cpu_pc((target_ulong)get_param(params, 0)->val_ull);
1905 }
1906
1907 cpu_single_step(gdbserver_state.c_cpu, gdbserver_state.sstep_flags);
1908 gdb_continue();
1909 }
1910
1911 static void handle_backward(GArray *params, void *user_ctx)
1912 {
1913 if (!stub_can_reverse()) {
1914 put_packet("E22");
1915 }
1916 if (params->len == 1) {
1917 switch (get_param(params, 0)->opcode) {
1918 case 's':
1919 if (replay_reverse_step()) {
1920 gdb_continue();
1921 } else {
1922 put_packet("E14");
1923 }
1924 return;
1925 case 'c':
1926 if (replay_reverse_continue()) {
1927 gdb_continue();
1928 } else {
1929 put_packet("E14");
1930 }
1931 return;
1932 }
1933 }
1934
1935 /* Default invalid command */
1936 put_packet("");
1937 }
1938
1939 static void handle_v_cont_query(GArray *params, void *user_ctx)
1940 {
1941 put_packet("vCont;c;C;s;S");
1942 }
1943
1944 static void handle_v_cont(GArray *params, void *user_ctx)
1945 {
1946 int res;
1947
1948 if (!params->len) {
1949 return;
1950 }
1951
1952 res = gdb_handle_vcont(get_param(params, 0)->data);
1953 if ((res == -EINVAL) || (res == -ERANGE)) {
1954 put_packet("E22");
1955 } else if (res) {
1956 put_packet("");
1957 }
1958 }
1959
1960 static void handle_v_attach(GArray *params, void *user_ctx)
1961 {
1962 GDBProcess *process;
1963 CPUState *cpu;
1964
1965 g_string_assign(gdbserver_state.str_buf, "E22");
1966 if (!params->len) {
1967 goto cleanup;
1968 }
1969
1970 process = gdb_get_process(get_param(params, 0)->val_ul);
1971 if (!process) {
1972 goto cleanup;
1973 }
1974
1975 cpu = get_first_cpu_in_process(process);
1976 if (!cpu) {
1977 goto cleanup;
1978 }
1979
1980 process->attached = true;
1981 gdbserver_state.g_cpu = cpu;
1982 gdbserver_state.c_cpu = cpu;
1983
1984 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
1985 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
1986 g_string_append_c(gdbserver_state.str_buf, ';');
1987 cleanup:
1988 put_strbuf();
1989 }
1990
1991 static void handle_v_kill(GArray *params, void *user_ctx)
1992 {
1993 /* Kill the target */
1994 put_packet("OK");
1995 error_report("QEMU: Terminated via GDBstub");
1996 gdb_exit(0);
1997 exit(0);
1998 }
1999
2000 static const GdbCmdParseEntry gdb_v_commands_table[] = {
2001 /* Order is important if has same prefix */
2002 {
2003 .handler = handle_v_cont_query,
2004 .cmd = "Cont?",
2005 .cmd_startswith = 1
2006 },
2007 {
2008 .handler = handle_v_cont,
2009 .cmd = "Cont",
2010 .cmd_startswith = 1,
2011 .schema = "s0"
2012 },
2013 {
2014 .handler = handle_v_attach,
2015 .cmd = "Attach;",
2016 .cmd_startswith = 1,
2017 .schema = "l0"
2018 },
2019 {
2020 .handler = handle_v_kill,
2021 .cmd = "Kill;",
2022 .cmd_startswith = 1
2023 },
2024 };
2025
2026 static void handle_v_commands(GArray *params, void *user_ctx)
2027 {
2028 if (!params->len) {
2029 return;
2030 }
2031
2032 if (process_string_cmd(NULL, get_param(params, 0)->data,
2033 gdb_v_commands_table,
2034 ARRAY_SIZE(gdb_v_commands_table))) {
2035 put_packet("");
2036 }
2037 }
2038
2039 static void handle_query_qemu_sstepbits(GArray *params, void *user_ctx)
2040 {
2041 g_string_printf(gdbserver_state.str_buf, "ENABLE=%x", SSTEP_ENABLE);
2042
2043 if (gdbserver_state.supported_sstep_flags & SSTEP_NOIRQ) {
2044 g_string_append_printf(gdbserver_state.str_buf, ",NOIRQ=%x",
2045 SSTEP_NOIRQ);
2046 }
2047
2048 if (gdbserver_state.supported_sstep_flags & SSTEP_NOTIMER) {
2049 g_string_append_printf(gdbserver_state.str_buf, ",NOTIMER=%x",
2050 SSTEP_NOTIMER);
2051 }
2052
2053 put_strbuf();
2054 }
2055
2056 static void handle_set_qemu_sstep(GArray *params, void *user_ctx)
2057 {
2058 int new_sstep_flags;
2059
2060 if (!params->len) {
2061 return;
2062 }
2063
2064 new_sstep_flags = get_param(params, 0)->val_ul;
2065
2066 if (new_sstep_flags & ~gdbserver_state.supported_sstep_flags) {
2067 put_packet("E22");
2068 return;
2069 }
2070
2071 gdbserver_state.sstep_flags = new_sstep_flags;
2072 put_packet("OK");
2073 }
2074
2075 static void handle_query_qemu_sstep(GArray *params, void *user_ctx)
2076 {
2077 g_string_printf(gdbserver_state.str_buf, "0x%x",
2078 gdbserver_state.sstep_flags);
2079 put_strbuf();
2080 }
2081
2082 static void handle_query_curr_tid(GArray *params, void *user_ctx)
2083 {
2084 CPUState *cpu;
2085 GDBProcess *process;
2086
2087 /*
2088 * "Current thread" remains vague in the spec, so always return
2089 * the first thread of the current process (gdb returns the
2090 * first thread).
2091 */
2092 process = gdb_get_cpu_process(gdbserver_state.g_cpu);
2093 cpu = get_first_cpu_in_process(process);
2094 g_string_assign(gdbserver_state.str_buf, "QC");
2095 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
2096 put_strbuf();
2097 }
2098
2099 static void handle_query_threads(GArray *params, void *user_ctx)
2100 {
2101 if (!gdbserver_state.query_cpu) {
2102 put_packet("l");
2103 return;
2104 }
2105
2106 g_string_assign(gdbserver_state.str_buf, "m");
2107 gdb_append_thread_id(gdbserver_state.query_cpu, gdbserver_state.str_buf);
2108 put_strbuf();
2109 gdbserver_state.query_cpu = gdb_next_attached_cpu(gdbserver_state.query_cpu);
2110 }
2111
2112 static void handle_query_first_threads(GArray *params, void *user_ctx)
2113 {
2114 gdbserver_state.query_cpu = gdb_first_attached_cpu();
2115 handle_query_threads(params, user_ctx);
2116 }
2117
2118 static void handle_query_thread_extra(GArray *params, void *user_ctx)
2119 {
2120 g_autoptr(GString) rs = g_string_new(NULL);
2121 CPUState *cpu;
2122
2123 if (!params->len ||
2124 get_param(params, 0)->thread_id.kind == GDB_READ_THREAD_ERR) {
2125 put_packet("E22");
2126 return;
2127 }
2128
2129 cpu = gdb_get_cpu(get_param(params, 0)->thread_id.pid,
2130 get_param(params, 0)->thread_id.tid);
2131 if (!cpu) {
2132 return;
2133 }
2134
2135 cpu_synchronize_state(cpu);
2136
2137 if (gdbserver_state.multiprocess && (gdbserver_state.process_num > 1)) {
2138 /* Print the CPU model and name in multiprocess mode */
2139 ObjectClass *oc = object_get_class(OBJECT(cpu));
2140 const char *cpu_model = object_class_get_name(oc);
2141 const char *cpu_name =
2142 object_get_canonical_path_component(OBJECT(cpu));
2143 g_string_printf(rs, "%s %s [%s]", cpu_model, cpu_name,
2144 cpu->halted ? "halted " : "running");
2145 } else {
2146 g_string_printf(rs, "CPU#%d [%s]", cpu->cpu_index,
2147 cpu->halted ? "halted " : "running");
2148 }
2149 trace_gdbstub_op_extra_info(rs->str);
2150 memtohex(gdbserver_state.str_buf, (uint8_t *)rs->str, rs->len);
2151 put_strbuf();
2152 }
2153
2154 #ifdef CONFIG_USER_ONLY
2155 static void handle_query_offsets(GArray *params, void *user_ctx)
2156 {
2157 TaskState *ts;
2158
2159 ts = gdbserver_state.c_cpu->opaque;
2160 g_string_printf(gdbserver_state.str_buf,
2161 "Text=" TARGET_ABI_FMT_lx
2162 ";Data=" TARGET_ABI_FMT_lx
2163 ";Bss=" TARGET_ABI_FMT_lx,
2164 ts->info->code_offset,
2165 ts->info->data_offset,
2166 ts->info->data_offset);
2167 put_strbuf();
2168 }
2169 #else
2170 static void handle_query_rcmd(GArray *params, void *user_ctx)
2171 {
2172 const guint8 zero = 0;
2173 int len;
2174
2175 if (!params->len) {
2176 put_packet("E22");
2177 return;
2178 }
2179
2180 len = strlen(get_param(params, 0)->data);
2181 if (len % 2) {
2182 put_packet("E01");
2183 return;
2184 }
2185
2186 g_assert(gdbserver_state.mem_buf->len == 0);
2187 len = len / 2;
2188 hextomem(gdbserver_state.mem_buf, get_param(params, 0)->data, len);
2189 g_byte_array_append(gdbserver_state.mem_buf, &zero, 1);
2190 qemu_chr_be_write(gdbserver_state.mon_chr, gdbserver_state.mem_buf->data,
2191 gdbserver_state.mem_buf->len);
2192 put_packet("OK");
2193 }
2194 #endif
2195
2196 static void handle_query_supported(GArray *params, void *user_ctx)
2197 {
2198 CPUClass *cc;
2199
2200 g_string_printf(gdbserver_state.str_buf, "PacketSize=%x", MAX_PACKET_LENGTH);
2201 cc = CPU_GET_CLASS(first_cpu);
2202 if (cc->gdb_core_xml_file) {
2203 g_string_append(gdbserver_state.str_buf, ";qXfer:features:read+");
2204 }
2205
2206 if (stub_can_reverse()) {
2207 g_string_append(gdbserver_state.str_buf,
2208 ";ReverseStep+;ReverseContinue+");
2209 }
2210
2211 #ifdef CONFIG_USER_ONLY
2212 if (gdbserver_state.c_cpu->opaque) {
2213 g_string_append(gdbserver_state.str_buf, ";qXfer:auxv:read+");
2214 }
2215 #endif
2216
2217 if (params->len &&
2218 strstr(get_param(params, 0)->data, "multiprocess+")) {
2219 gdbserver_state.multiprocess = true;
2220 }
2221
2222 g_string_append(gdbserver_state.str_buf, ";vContSupported+;multiprocess+");
2223 put_strbuf();
2224 }
2225
2226 static void handle_query_xfer_features(GArray *params, void *user_ctx)
2227 {
2228 GDBProcess *process;
2229 CPUClass *cc;
2230 unsigned long len, total_len, addr;
2231 const char *xml;
2232 const char *p;
2233
2234 if (params->len < 3) {
2235 put_packet("E22");
2236 return;
2237 }
2238
2239 process = gdb_get_cpu_process(gdbserver_state.g_cpu);
2240 cc = CPU_GET_CLASS(gdbserver_state.g_cpu);
2241 if (!cc->gdb_core_xml_file) {
2242 put_packet("");
2243 return;
2244 }
2245
2246 gdb_has_xml = true;
2247 p = get_param(params, 0)->data;
2248 xml = get_feature_xml(p, &p, process);
2249 if (!xml) {
2250 put_packet("E00");
2251 return;
2252 }
2253
2254 addr = get_param(params, 1)->val_ul;
2255 len = get_param(params, 2)->val_ul;
2256 total_len = strlen(xml);
2257 if (addr > total_len) {
2258 put_packet("E00");
2259 return;
2260 }
2261
2262 if (len > (MAX_PACKET_LENGTH - 5) / 2) {
2263 len = (MAX_PACKET_LENGTH - 5) / 2;
2264 }
2265
2266 if (len < total_len - addr) {
2267 g_string_assign(gdbserver_state.str_buf, "m");
2268 memtox(gdbserver_state.str_buf, xml + addr, len);
2269 } else {
2270 g_string_assign(gdbserver_state.str_buf, "l");
2271 memtox(gdbserver_state.str_buf, xml + addr, total_len - addr);
2272 }
2273
2274 put_packet_binary(gdbserver_state.str_buf->str,
2275 gdbserver_state.str_buf->len, true);
2276 }
2277
2278 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER)
2279 static void handle_query_xfer_auxv(GArray *params, void *user_ctx)
2280 {
2281 TaskState *ts;
2282 unsigned long offset, len, saved_auxv, auxv_len;
2283
2284 if (params->len < 2) {
2285 put_packet("E22");
2286 return;
2287 }
2288
2289 offset = get_param(params, 0)->val_ul;
2290 len = get_param(params, 1)->val_ul;
2291 ts = gdbserver_state.c_cpu->opaque;
2292 saved_auxv = ts->info->saved_auxv;
2293 auxv_len = ts->info->auxv_len;
2294
2295 if (offset >= auxv_len) {
2296 put_packet("E00");
2297 return;
2298 }
2299
2300 if (len > (MAX_PACKET_LENGTH - 5) / 2) {
2301 len = (MAX_PACKET_LENGTH - 5) / 2;
2302 }
2303
2304 if (len < auxv_len - offset) {
2305 g_string_assign(gdbserver_state.str_buf, "m");
2306 } else {
2307 g_string_assign(gdbserver_state.str_buf, "l");
2308 len = auxv_len - offset;
2309 }
2310
2311 g_byte_array_set_size(gdbserver_state.mem_buf, len);
2312 if (target_memory_rw_debug(gdbserver_state.g_cpu, saved_auxv + offset,
2313 gdbserver_state.mem_buf->data, len, false)) {
2314 put_packet("E14");
2315 return;
2316 }
2317
2318 memtox(gdbserver_state.str_buf,
2319 (const char *)gdbserver_state.mem_buf->data, len);
2320 put_packet_binary(gdbserver_state.str_buf->str,
2321 gdbserver_state.str_buf->len, true);
2322 }
2323 #endif
2324
2325 static void handle_query_attached(GArray *params, void *user_ctx)
2326 {
2327 put_packet(GDB_ATTACHED);
2328 }
2329
2330 static void handle_query_qemu_supported(GArray *params, void *user_ctx)
2331 {
2332 g_string_printf(gdbserver_state.str_buf, "sstepbits;sstep");
2333 #ifndef CONFIG_USER_ONLY
2334 g_string_append(gdbserver_state.str_buf, ";PhyMemMode");
2335 #endif
2336 put_strbuf();
2337 }
2338
2339 #ifndef CONFIG_USER_ONLY
2340 static void handle_query_qemu_phy_mem_mode(GArray *params,
2341 void *user_ctx)
2342 {
2343 g_string_printf(gdbserver_state.str_buf, "%d", phy_memory_mode);
2344 put_strbuf();
2345 }
2346
2347 static void handle_set_qemu_phy_mem_mode(GArray *params, void *user_ctx)
2348 {
2349 if (!params->len) {
2350 put_packet("E22");
2351 return;
2352 }
2353
2354 if (!get_param(params, 0)->val_ul) {
2355 phy_memory_mode = 0;
2356 } else {
2357 phy_memory_mode = 1;
2358 }
2359 put_packet("OK");
2360 }
2361 #endif
2362
2363 static const GdbCmdParseEntry gdb_gen_query_set_common_table[] = {
2364 /* Order is important if has same prefix */
2365 {
2366 .handler = handle_query_qemu_sstepbits,
2367 .cmd = "qemu.sstepbits",
2368 },
2369 {
2370 .handler = handle_query_qemu_sstep,
2371 .cmd = "qemu.sstep",
2372 },
2373 {
2374 .handler = handle_set_qemu_sstep,
2375 .cmd = "qemu.sstep=",
2376 .cmd_startswith = 1,
2377 .schema = "l0"
2378 },
2379 };
2380
2381 static const GdbCmdParseEntry gdb_gen_query_table[] = {
2382 {
2383 .handler = handle_query_curr_tid,
2384 .cmd = "C",
2385 },
2386 {
2387 .handler = handle_query_threads,
2388 .cmd = "sThreadInfo",
2389 },
2390 {
2391 .handler = handle_query_first_threads,
2392 .cmd = "fThreadInfo",
2393 },
2394 {
2395 .handler = handle_query_thread_extra,
2396 .cmd = "ThreadExtraInfo,",
2397 .cmd_startswith = 1,
2398 .schema = "t0"
2399 },
2400 #ifdef CONFIG_USER_ONLY
2401 {
2402 .handler = handle_query_offsets,
2403 .cmd = "Offsets",
2404 },
2405 #else
2406 {
2407 .handler = handle_query_rcmd,
2408 .cmd = "Rcmd,",
2409 .cmd_startswith = 1,
2410 .schema = "s0"
2411 },
2412 #endif
2413 {
2414 .handler = handle_query_supported,
2415 .cmd = "Supported:",
2416 .cmd_startswith = 1,
2417 .schema = "s0"
2418 },
2419 {
2420 .handler = handle_query_supported,
2421 .cmd = "Supported",
2422 .schema = "s0"
2423 },
2424 {
2425 .handler = handle_query_xfer_features,
2426 .cmd = "Xfer:features:read:",
2427 .cmd_startswith = 1,
2428 .schema = "s:l,l0"
2429 },
2430 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER)
2431 {
2432 .handler = handle_query_xfer_auxv,
2433 .cmd = "Xfer:auxv:read::",
2434 .cmd_startswith = 1,
2435 .schema = "l,l0"
2436 },
2437 #endif
2438 {
2439 .handler = handle_query_attached,
2440 .cmd = "Attached:",
2441 .cmd_startswith = 1
2442 },
2443 {
2444 .handler = handle_query_attached,
2445 .cmd = "Attached",
2446 },
2447 {
2448 .handler = handle_query_qemu_supported,
2449 .cmd = "qemu.Supported",
2450 },
2451 #ifndef CONFIG_USER_ONLY
2452 {
2453 .handler = handle_query_qemu_phy_mem_mode,
2454 .cmd = "qemu.PhyMemMode",
2455 },
2456 #endif
2457 };
2458
2459 static const GdbCmdParseEntry gdb_gen_set_table[] = {
2460 /* Order is important if has same prefix */
2461 {
2462 .handler = handle_set_qemu_sstep,
2463 .cmd = "qemu.sstep:",
2464 .cmd_startswith = 1,
2465 .schema = "l0"
2466 },
2467 #ifndef CONFIG_USER_ONLY
2468 {
2469 .handler = handle_set_qemu_phy_mem_mode,
2470 .cmd = "qemu.PhyMemMode:",
2471 .cmd_startswith = 1,
2472 .schema = "l0"
2473 },
2474 #endif
2475 };
2476
2477 static void handle_gen_query(GArray *params, void *user_ctx)
2478 {
2479 if (!params->len) {
2480 return;
2481 }
2482
2483 if (!process_string_cmd(NULL, get_param(params, 0)->data,
2484 gdb_gen_query_set_common_table,
2485 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2486 return;
2487 }
2488
2489 if (process_string_cmd(NULL, get_param(params, 0)->data,
2490 gdb_gen_query_table,
2491 ARRAY_SIZE(gdb_gen_query_table))) {
2492 put_packet("");
2493 }
2494 }
2495
2496 static void handle_gen_set(GArray *params, void *user_ctx)
2497 {
2498 if (!params->len) {
2499 return;
2500 }
2501
2502 if (!process_string_cmd(NULL, get_param(params, 0)->data,
2503 gdb_gen_query_set_common_table,
2504 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2505 return;
2506 }
2507
2508 if (process_string_cmd(NULL, get_param(params, 0)->data,
2509 gdb_gen_set_table,
2510 ARRAY_SIZE(gdb_gen_set_table))) {
2511 put_packet("");
2512 }
2513 }
2514
2515 static void handle_target_halt(GArray *params, void *user_ctx)
2516 {
2517 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
2518 gdb_append_thread_id(gdbserver_state.c_cpu, gdbserver_state.str_buf);
2519 g_string_append_c(gdbserver_state.str_buf, ';');
2520 put_strbuf();
2521 /*
2522 * Remove all the breakpoints when this query is issued,
2523 * because gdb is doing an initial connect and the state
2524 * should be cleaned up.
2525 */
2526 gdb_breakpoint_remove_all();
2527 }
2528
2529 static int gdb_handle_packet(const char *line_buf)
2530 {
2531 const GdbCmdParseEntry *cmd_parser = NULL;
2532
2533 trace_gdbstub_io_command(line_buf);
2534
2535 switch (line_buf[0]) {
2536 case '!':
2537 put_packet("OK");
2538 break;
2539 case '?':
2540 {
2541 static const GdbCmdParseEntry target_halted_cmd_desc = {
2542 .handler = handle_target_halt,
2543 .cmd = "?",
2544 .cmd_startswith = 1
2545 };
2546 cmd_parser = &target_halted_cmd_desc;
2547 }
2548 break;
2549 case 'c':
2550 {
2551 static const GdbCmdParseEntry continue_cmd_desc = {
2552 .handler = handle_continue,
2553 .cmd = "c",
2554 .cmd_startswith = 1,
2555 .schema = "L0"
2556 };
2557 cmd_parser = &continue_cmd_desc;
2558 }
2559 break;
2560 case 'C':
2561 {
2562 static const GdbCmdParseEntry cont_with_sig_cmd_desc = {
2563 .handler = handle_cont_with_sig,
2564 .cmd = "C",
2565 .cmd_startswith = 1,
2566 .schema = "l0"
2567 };
2568 cmd_parser = &cont_with_sig_cmd_desc;
2569 }
2570 break;
2571 case 'v':
2572 {
2573 static const GdbCmdParseEntry v_cmd_desc = {
2574 .handler = handle_v_commands,
2575 .cmd = "v",
2576 .cmd_startswith = 1,
2577 .schema = "s0"
2578 };
2579 cmd_parser = &v_cmd_desc;
2580 }
2581 break;
2582 case 'k':
2583 /* Kill the target */
2584 error_report("QEMU: Terminated via GDBstub");
2585 gdb_exit(0);
2586 exit(0);
2587 case 'D':
2588 {
2589 static const GdbCmdParseEntry detach_cmd_desc = {
2590 .handler = handle_detach,
2591 .cmd = "D",
2592 .cmd_startswith = 1,
2593 .schema = "?.l0"
2594 };
2595 cmd_parser = &detach_cmd_desc;
2596 }
2597 break;
2598 case 's':
2599 {
2600 static const GdbCmdParseEntry step_cmd_desc = {
2601 .handler = handle_step,
2602 .cmd = "s",
2603 .cmd_startswith = 1,
2604 .schema = "L0"
2605 };
2606 cmd_parser = &step_cmd_desc;
2607 }
2608 break;
2609 case 'b':
2610 {
2611 static const GdbCmdParseEntry backward_cmd_desc = {
2612 .handler = handle_backward,
2613 .cmd = "b",
2614 .cmd_startswith = 1,
2615 .schema = "o0"
2616 };
2617 cmd_parser = &backward_cmd_desc;
2618 }
2619 break;
2620 case 'F':
2621 {
2622 static const GdbCmdParseEntry file_io_cmd_desc = {
2623 .handler = handle_file_io,
2624 .cmd = "F",
2625 .cmd_startswith = 1,
2626 .schema = "L,L,o0"
2627 };
2628 cmd_parser = &file_io_cmd_desc;
2629 }
2630 break;
2631 case 'g':
2632 {
2633 static const GdbCmdParseEntry read_all_regs_cmd_desc = {
2634 .handler = handle_read_all_regs,
2635 .cmd = "g",
2636 .cmd_startswith = 1
2637 };
2638 cmd_parser = &read_all_regs_cmd_desc;
2639 }
2640 break;
2641 case 'G':
2642 {
2643 static const GdbCmdParseEntry write_all_regs_cmd_desc = {
2644 .handler = handle_write_all_regs,
2645 .cmd = "G",
2646 .cmd_startswith = 1,
2647 .schema = "s0"
2648 };
2649 cmd_parser = &write_all_regs_cmd_desc;
2650 }
2651 break;
2652 case 'm':
2653 {
2654 static const GdbCmdParseEntry read_mem_cmd_desc = {
2655 .handler = handle_read_mem,
2656 .cmd = "m",
2657 .cmd_startswith = 1,
2658 .schema = "L,L0"
2659 };
2660 cmd_parser = &read_mem_cmd_desc;
2661 }
2662 break;
2663 case 'M':
2664 {
2665 static const GdbCmdParseEntry write_mem_cmd_desc = {
2666 .handler = handle_write_mem,
2667 .cmd = "M",
2668 .cmd_startswith = 1,
2669 .schema = "L,L:s0"
2670 };
2671 cmd_parser = &write_mem_cmd_desc;
2672 }
2673 break;
2674 case 'p':
2675 {
2676 static const GdbCmdParseEntry get_reg_cmd_desc = {
2677 .handler = handle_get_reg,
2678 .cmd = "p",
2679 .cmd_startswith = 1,
2680 .schema = "L0"
2681 };
2682 cmd_parser = &get_reg_cmd_desc;
2683 }
2684 break;
2685 case 'P':
2686 {
2687 static const GdbCmdParseEntry set_reg_cmd_desc = {
2688 .handler = handle_set_reg,
2689 .cmd = "P",
2690 .cmd_startswith = 1,
2691 .schema = "L?s0"
2692 };
2693 cmd_parser = &set_reg_cmd_desc;
2694 }
2695 break;
2696 case 'Z':
2697 {
2698 static const GdbCmdParseEntry insert_bp_cmd_desc = {
2699 .handler = handle_insert_bp,
2700 .cmd = "Z",
2701 .cmd_startswith = 1,
2702 .schema = "l?L?L0"
2703 };
2704 cmd_parser = &insert_bp_cmd_desc;
2705 }
2706 break;
2707 case 'z':
2708 {
2709 static const GdbCmdParseEntry remove_bp_cmd_desc = {
2710 .handler = handle_remove_bp,
2711 .cmd = "z",
2712 .cmd_startswith = 1,
2713 .schema = "l?L?L0"
2714 };
2715 cmd_parser = &remove_bp_cmd_desc;
2716 }
2717 break;
2718 case 'H':
2719 {
2720 static const GdbCmdParseEntry set_thread_cmd_desc = {
2721 .handler = handle_set_thread,
2722 .cmd = "H",
2723 .cmd_startswith = 1,
2724 .schema = "o.t0"
2725 };
2726 cmd_parser = &set_thread_cmd_desc;
2727 }
2728 break;
2729 case 'T':
2730 {
2731 static const GdbCmdParseEntry thread_alive_cmd_desc = {
2732 .handler = handle_thread_alive,
2733 .cmd = "T",
2734 .cmd_startswith = 1,
2735 .schema = "t0"
2736 };
2737 cmd_parser = &thread_alive_cmd_desc;
2738 }
2739 break;
2740 case 'q':
2741 {
2742 static const GdbCmdParseEntry gen_query_cmd_desc = {
2743 .handler = handle_gen_query,
2744 .cmd = "q",
2745 .cmd_startswith = 1,
2746 .schema = "s0"
2747 };
2748 cmd_parser = &gen_query_cmd_desc;
2749 }
2750 break;
2751 case 'Q':
2752 {
2753 static const GdbCmdParseEntry gen_set_cmd_desc = {
2754 .handler = handle_gen_set,
2755 .cmd = "Q",
2756 .cmd_startswith = 1,
2757 .schema = "s0"
2758 };
2759 cmd_parser = &gen_set_cmd_desc;
2760 }
2761 break;
2762 default:
2763 /* put empty packet */
2764 put_packet("");
2765 break;
2766 }
2767
2768 if (cmd_parser) {
2769 run_cmd_parser(line_buf, cmd_parser);
2770 }
2771
2772 return RS_IDLE;
2773 }
2774
2775 void gdb_set_stop_cpu(CPUState *cpu)
2776 {
2777 GDBProcess *p = gdb_get_cpu_process(cpu);
2778
2779 if (!p->attached) {
2780 /*
2781 * Having a stop CPU corresponding to a process that is not attached
2782 * confuses GDB. So we ignore the request.
2783 */
2784 return;
2785 }
2786
2787 gdbserver_state.c_cpu = cpu;
2788 gdbserver_state.g_cpu = cpu;
2789 }
2790
2791 #ifndef CONFIG_USER_ONLY
2792 static void gdb_vm_state_change(void *opaque, bool running, RunState state)
2793 {
2794 CPUState *cpu = gdbserver_state.c_cpu;
2795 g_autoptr(GString) buf = g_string_new(NULL);
2796 g_autoptr(GString) tid = g_string_new(NULL);
2797 const char *type;
2798 int ret;
2799
2800 if (running || gdbserver_state.state == RS_INACTIVE) {
2801 return;
2802 }
2803 /* Is there a GDB syscall waiting to be sent? */
2804 if (gdbserver_state.current_syscall_cb) {
2805 put_packet(gdbserver_state.syscall_buf);
2806 return;
2807 }
2808
2809 if (cpu == NULL) {
2810 /* No process attached */
2811 return;
2812 }
2813
2814 gdb_append_thread_id(cpu, tid);
2815
2816 switch (state) {
2817 case RUN_STATE_DEBUG:
2818 if (cpu->watchpoint_hit) {
2819 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
2820 case BP_MEM_READ:
2821 type = "r";
2822 break;
2823 case BP_MEM_ACCESS:
2824 type = "a";
2825 break;
2826 default:
2827 type = "";
2828 break;
2829 }
2830 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu),
2831 (target_ulong)cpu->watchpoint_hit->vaddr);
2832 g_string_printf(buf, "T%02xthread:%s;%swatch:" TARGET_FMT_lx ";",
2833 GDB_SIGNAL_TRAP, tid->str, type,
2834 (target_ulong)cpu->watchpoint_hit->vaddr);
2835 cpu->watchpoint_hit = NULL;
2836 goto send_packet;
2837 } else {
2838 trace_gdbstub_hit_break();
2839 }
2840 tb_flush(cpu);
2841 ret = GDB_SIGNAL_TRAP;
2842 break;
2843 case RUN_STATE_PAUSED:
2844 trace_gdbstub_hit_paused();
2845 ret = GDB_SIGNAL_INT;
2846 break;
2847 case RUN_STATE_SHUTDOWN:
2848 trace_gdbstub_hit_shutdown();
2849 ret = GDB_SIGNAL_QUIT;
2850 break;
2851 case RUN_STATE_IO_ERROR:
2852 trace_gdbstub_hit_io_error();
2853 ret = GDB_SIGNAL_IO;
2854 break;
2855 case RUN_STATE_WATCHDOG:
2856 trace_gdbstub_hit_watchdog();
2857 ret = GDB_SIGNAL_ALRM;
2858 break;
2859 case RUN_STATE_INTERNAL_ERROR:
2860 trace_gdbstub_hit_internal_error();
2861 ret = GDB_SIGNAL_ABRT;
2862 break;
2863 case RUN_STATE_SAVE_VM:
2864 case RUN_STATE_RESTORE_VM:
2865 return;
2866 case RUN_STATE_FINISH_MIGRATE:
2867 ret = GDB_SIGNAL_XCPU;
2868 break;
2869 default:
2870 trace_gdbstub_hit_unknown(state);
2871 ret = GDB_SIGNAL_UNKNOWN;
2872 break;
2873 }
2874 gdb_set_stop_cpu(cpu);
2875 g_string_printf(buf, "T%02xthread:%s;", ret, tid->str);
2876
2877 send_packet:
2878 put_packet(buf->str);
2879
2880 /* disable single step if it was enabled */
2881 cpu_single_step(cpu, 0);
2882 }
2883 #endif
2884
2885 /* Send a gdb syscall request.
2886 This accepts limited printf-style format specifiers, specifically:
2887 %x - target_ulong argument printed in hex.
2888 %lx - 64-bit argument printed in hex.
2889 %s - string pointer (target_ulong) and length (int) pair. */
2890 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
2891 {
2892 char *p;
2893 char *p_end;
2894 target_ulong addr;
2895 uint64_t i64;
2896
2897 if (!gdb_attached()) {
2898 return;
2899 }
2900
2901 gdbserver_state.current_syscall_cb = cb;
2902 #ifndef CONFIG_USER_ONLY
2903 vm_stop(RUN_STATE_DEBUG);
2904 #endif
2905 p = &gdbserver_state.syscall_buf[0];
2906 p_end = &gdbserver_state.syscall_buf[sizeof(gdbserver_state.syscall_buf)];
2907 *(p++) = 'F';
2908 while (*fmt) {
2909 if (*fmt == '%') {
2910 fmt++;
2911 switch (*fmt++) {
2912 case 'x':
2913 addr = va_arg(va, target_ulong);
2914 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
2915 break;
2916 case 'l':
2917 if (*(fmt++) != 'x')
2918 goto bad_format;
2919 i64 = va_arg(va, uint64_t);
2920 p += snprintf(p, p_end - p, "%" PRIx64, i64);
2921 break;
2922 case 's':
2923 addr = va_arg(va, target_ulong);
2924 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
2925 addr, va_arg(va, int));
2926 break;
2927 default:
2928 bad_format:
2929 error_report("gdbstub: Bad syscall format string '%s'",
2930 fmt - 1);
2931 break;
2932 }
2933 } else {
2934 *(p++) = *(fmt++);
2935 }
2936 }
2937 *p = 0;
2938 #ifdef CONFIG_USER_ONLY
2939 put_packet(gdbserver_state.syscall_buf);
2940 /* Return control to gdb for it to process the syscall request.
2941 * Since the protocol requires that gdb hands control back to us
2942 * using a "here are the results" F packet, we don't need to check
2943 * gdb_handlesig's return value (which is the signal to deliver if
2944 * execution was resumed via a continue packet).
2945 */
2946 gdb_handlesig(gdbserver_state.c_cpu, 0);
2947 #else
2948 /* In this case wait to send the syscall packet until notification that
2949 the CPU has stopped. This must be done because if the packet is sent
2950 now the reply from the syscall request could be received while the CPU
2951 is still in the running state, which can cause packets to be dropped
2952 and state transition 'T' packets to be sent while the syscall is still
2953 being processed. */
2954 qemu_cpu_kick(gdbserver_state.c_cpu);
2955 #endif
2956 }
2957
2958 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
2959 {
2960 va_list va;
2961
2962 va_start(va, fmt);
2963 gdb_do_syscallv(cb, fmt, va);
2964 va_end(va);
2965 }
2966
2967 static void gdb_read_byte(uint8_t ch)
2968 {
2969 uint8_t reply;
2970
2971 #ifndef CONFIG_USER_ONLY
2972 if (gdbserver_state.last_packet->len) {
2973 /* Waiting for a response to the last packet. If we see the start
2974 of a new command then abandon the previous response. */
2975 if (ch == '-') {
2976 trace_gdbstub_err_got_nack();
2977 put_buffer(gdbserver_state.last_packet->data,
2978 gdbserver_state.last_packet->len);
2979 } else if (ch == '+') {
2980 trace_gdbstub_io_got_ack();
2981 } else {
2982 trace_gdbstub_io_got_unexpected(ch);
2983 }
2984
2985 if (ch == '+' || ch == '$') {
2986 g_byte_array_set_size(gdbserver_state.last_packet, 0);
2987 }
2988 if (ch != '$')
2989 return;
2990 }
2991 if (runstate_is_running()) {
2992 /* when the CPU is running, we cannot do anything except stop
2993 it when receiving a char */
2994 vm_stop(RUN_STATE_PAUSED);
2995 } else
2996 #endif
2997 {
2998 switch(gdbserver_state.state) {
2999 case RS_IDLE:
3000 if (ch == '$') {
3001 /* start of command packet */
3002 gdbserver_state.line_buf_index = 0;
3003 gdbserver_state.line_sum = 0;
3004 gdbserver_state.state = RS_GETLINE;
3005 } else {
3006 trace_gdbstub_err_garbage(ch);
3007 }
3008 break;
3009 case RS_GETLINE:
3010 if (ch == '}') {
3011 /* start escape sequence */
3012 gdbserver_state.state = RS_GETLINE_ESC;
3013 gdbserver_state.line_sum += ch;
3014 } else if (ch == '*') {
3015 /* start run length encoding sequence */
3016 gdbserver_state.state = RS_GETLINE_RLE;
3017 gdbserver_state.line_sum += ch;
3018 } else if (ch == '#') {
3019 /* end of command, start of checksum*/
3020 gdbserver_state.state = RS_CHKSUM1;
3021 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
3022 trace_gdbstub_err_overrun();
3023 gdbserver_state.state = RS_IDLE;
3024 } else {
3025 /* unescaped command character */
3026 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch;
3027 gdbserver_state.line_sum += ch;
3028 }
3029 break;
3030 case RS_GETLINE_ESC:
3031 if (ch == '#') {
3032 /* unexpected end of command in escape sequence */
3033 gdbserver_state.state = RS_CHKSUM1;
3034 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
3035 /* command buffer overrun */
3036 trace_gdbstub_err_overrun();
3037 gdbserver_state.state = RS_IDLE;
3038 } else {
3039 /* parse escaped character and leave escape state */
3040 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch ^ 0x20;
3041 gdbserver_state.line_sum += ch;
3042 gdbserver_state.state = RS_GETLINE;
3043 }
3044 break;
3045 case RS_GETLINE_RLE:
3046 /*
3047 * Run-length encoding is explained in "Debugging with GDB /
3048 * Appendix E GDB Remote Serial Protocol / Overview".
3049 */
3050 if (ch < ' ' || ch == '#' || ch == '$' || ch > 126) {
3051 /* invalid RLE count encoding */
3052 trace_gdbstub_err_invalid_repeat(ch);
3053 gdbserver_state.state = RS_GETLINE;
3054 } else {
3055 /* decode repeat length */
3056 int repeat = ch - ' ' + 3;
3057 if (gdbserver_state.line_buf_index + repeat >= sizeof(gdbserver_state.line_buf) - 1) {
3058 /* that many repeats would overrun the command buffer */
3059 trace_gdbstub_err_overrun();
3060 gdbserver_state.state = RS_IDLE;
3061 } else if (gdbserver_state.line_buf_index < 1) {
3062 /* got a repeat but we have nothing to repeat */
3063 trace_gdbstub_err_invalid_rle();
3064 gdbserver_state.state = RS_GETLINE;
3065 } else {
3066 /* repeat the last character */
3067 memset(gdbserver_state.line_buf + gdbserver_state.line_buf_index,
3068 gdbserver_state.line_buf[gdbserver_state.line_buf_index - 1], repeat);
3069 gdbserver_state.line_buf_index += repeat;
3070 gdbserver_state.line_sum += ch;
3071 gdbserver_state.state = RS_GETLINE;
3072 }
3073 }
3074 break;
3075 case RS_CHKSUM1:
3076 /* get high hex digit of checksum */
3077 if (!isxdigit(ch)) {
3078 trace_gdbstub_err_checksum_invalid(ch);
3079 gdbserver_state.state = RS_GETLINE;
3080 break;
3081 }
3082 gdbserver_state.line_buf[gdbserver_state.line_buf_index] = '\0';
3083 gdbserver_state.line_csum = fromhex(ch) << 4;
3084 gdbserver_state.state = RS_CHKSUM2;
3085 break;
3086 case RS_CHKSUM2:
3087 /* get low hex digit of checksum */
3088 if (!isxdigit(ch)) {
3089 trace_gdbstub_err_checksum_invalid(ch);
3090 gdbserver_state.state = RS_GETLINE;
3091 break;
3092 }
3093 gdbserver_state.line_csum |= fromhex(ch);
3094
3095 if (gdbserver_state.line_csum != (gdbserver_state.line_sum & 0xff)) {
3096 trace_gdbstub_err_checksum_incorrect(gdbserver_state.line_sum, gdbserver_state.line_csum);
3097 /* send NAK reply */
3098 reply = '-';
3099 put_buffer(&reply, 1);
3100 gdbserver_state.state = RS_IDLE;
3101 } else {
3102 /* send ACK reply */
3103 reply = '+';
3104 put_buffer(&reply, 1);
3105 gdbserver_state.state = gdb_handle_packet(gdbserver_state.line_buf);
3106 }
3107 break;
3108 default:
3109 abort();
3110 }
3111 }
3112 }
3113
3114 /* Tell the remote gdb that the process has exited. */
3115 void gdb_exit(int code)
3116 {
3117 char buf[4];
3118
3119 if (!gdbserver_state.init) {
3120 return;
3121 }
3122 #ifdef CONFIG_USER_ONLY
3123 if (gdbserver_state.socket_path) {
3124 unlink(gdbserver_state.socket_path);
3125 }
3126 if (gdbserver_state.fd < 0) {
3127 return;
3128 }
3129 #endif
3130
3131 trace_gdbstub_op_exiting((uint8_t)code);
3132
3133 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
3134 put_packet(buf);
3135
3136 #ifndef CONFIG_USER_ONLY
3137 qemu_chr_fe_deinit(&gdbserver_state.chr, true);
3138 #endif
3139 }
3140
3141 /*
3142 * Create the process that will contain all the "orphan" CPUs (that are not
3143 * part of a CPU cluster). Note that if this process contains no CPUs, it won't
3144 * be attachable and thus will be invisible to the user.
3145 */
3146 static void create_default_process(GDBState *s)
3147 {
3148 GDBProcess *process;
3149 int max_pid = 0;
3150
3151 if (gdbserver_state.process_num) {
3152 max_pid = s->processes[s->process_num - 1].pid;
3153 }
3154
3155 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
3156 process = &s->processes[s->process_num - 1];
3157
3158 /* We need an available PID slot for this process */
3159 assert(max_pid < UINT32_MAX);
3160
3161 process->pid = max_pid + 1;
3162 process->attached = false;
3163 process->target_xml[0] = '\0';
3164 }
3165
3166 #ifdef CONFIG_USER_ONLY
3167 int
3168 gdb_handlesig(CPUState *cpu, int sig)
3169 {
3170 char buf[256];
3171 int n;
3172
3173 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3174 return sig;
3175 }
3176
3177 /* disable single step if it was enabled */
3178 cpu_single_step(cpu, 0);
3179 tb_flush(cpu);
3180
3181 if (sig != 0) {
3182 gdb_set_stop_cpu(cpu);
3183 g_string_printf(gdbserver_state.str_buf,
3184 "T%02xthread:", target_signal_to_gdb(sig));
3185 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
3186 g_string_append_c(gdbserver_state.str_buf, ';');
3187 put_strbuf();
3188 }
3189 /* put_packet() might have detected that the peer terminated the
3190 connection. */
3191 if (gdbserver_state.fd < 0) {
3192 return sig;
3193 }
3194
3195 sig = 0;
3196 gdbserver_state.state = RS_IDLE;
3197 gdbserver_state.running_state = 0;
3198 while (gdbserver_state.running_state == 0) {
3199 n = read(gdbserver_state.fd, buf, 256);
3200 if (n > 0) {
3201 int i;
3202
3203 for (i = 0; i < n; i++) {
3204 gdb_read_byte(buf[i]);
3205 }
3206 } else {
3207 /* XXX: Connection closed. Should probably wait for another
3208 connection before continuing. */
3209 if (n == 0) {
3210 close(gdbserver_state.fd);
3211 }
3212 gdbserver_state.fd = -1;
3213 return sig;
3214 }
3215 }
3216 sig = gdbserver_state.signal;
3217 gdbserver_state.signal = 0;
3218 return sig;
3219 }
3220
3221 /* Tell the remote gdb that the process has exited due to SIG. */
3222 void gdb_signalled(CPUArchState *env, int sig)
3223 {
3224 char buf[4];
3225
3226 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3227 return;
3228 }
3229
3230 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
3231 put_packet(buf);
3232 }
3233
3234 static void gdb_accept_init(int fd)
3235 {
3236 init_gdbserver_state();
3237 create_default_process(&gdbserver_state);
3238 gdbserver_state.processes[0].attached = true;
3239 gdbserver_state.c_cpu = gdb_first_attached_cpu();
3240 gdbserver_state.g_cpu = gdbserver_state.c_cpu;
3241 gdbserver_state.fd = fd;
3242 gdb_has_xml = false;
3243 }
3244
3245 static bool gdb_accept_socket(int gdb_fd)
3246 {
3247 int fd;
3248
3249 for(;;) {
3250 fd = accept(gdb_fd, NULL, NULL);
3251 if (fd < 0 && errno != EINTR) {
3252 perror("accept socket");
3253 return false;
3254 } else if (fd >= 0) {
3255 qemu_set_cloexec(fd);
3256 break;
3257 }
3258 }
3259
3260 gdb_accept_init(fd);
3261 return true;
3262 }
3263
3264 static int gdbserver_open_socket(const char *path)
3265 {
3266 struct sockaddr_un sockaddr = {};
3267 int fd, ret;
3268
3269 fd = socket(AF_UNIX, SOCK_STREAM, 0);
3270 if (fd < 0) {
3271 perror("create socket");
3272 return -1;
3273 }
3274
3275 sockaddr.sun_family = AF_UNIX;
3276 pstrcpy(sockaddr.sun_path, sizeof(sockaddr.sun_path) - 1, path);
3277 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
3278 if (ret < 0) {
3279 perror("bind socket");
3280 close(fd);
3281 return -1;
3282 }
3283 ret = listen(fd, 1);
3284 if (ret < 0) {
3285 perror("listen socket");
3286 close(fd);
3287 return -1;
3288 }
3289
3290 return fd;
3291 }
3292
3293 static bool gdb_accept_tcp(int gdb_fd)
3294 {
3295 struct sockaddr_in sockaddr = {};
3296 socklen_t len;
3297 int fd;
3298
3299 for(;;) {
3300 len = sizeof(sockaddr);
3301 fd = accept(gdb_fd, (struct sockaddr *)&sockaddr, &len);
3302 if (fd < 0 && errno != EINTR) {
3303 perror("accept");
3304 return false;
3305 } else if (fd >= 0) {
3306 qemu_set_cloexec(fd);
3307 break;
3308 }
3309 }
3310
3311 /* set short latency */
3312 if (socket_set_nodelay(fd)) {
3313 perror("setsockopt");
3314 close(fd);
3315 return false;
3316 }
3317
3318 gdb_accept_init(fd);
3319 return true;
3320 }
3321
3322 static int gdbserver_open_port(int port)
3323 {
3324 struct sockaddr_in sockaddr;
3325 int fd, ret;
3326
3327 fd = socket(PF_INET, SOCK_STREAM, 0);
3328 if (fd < 0) {
3329 perror("socket");
3330 return -1;
3331 }
3332 qemu_set_cloexec(fd);
3333
3334 socket_set_fast_reuse(fd);
3335
3336 sockaddr.sin_family = AF_INET;
3337 sockaddr.sin_port = htons(port);
3338 sockaddr.sin_addr.s_addr = 0;
3339 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
3340 if (ret < 0) {
3341 perror("bind");
3342 close(fd);
3343 return -1;
3344 }
3345 ret = listen(fd, 1);
3346 if (ret < 0) {
3347 perror("listen");
3348 close(fd);
3349 return -1;
3350 }
3351
3352 return fd;
3353 }
3354
3355 int gdbserver_start(const char *port_or_path)
3356 {
3357 int port = g_ascii_strtoull(port_or_path, NULL, 10);
3358 int gdb_fd;
3359
3360 if (port > 0) {
3361 gdb_fd = gdbserver_open_port(port);
3362 } else {
3363 gdb_fd = gdbserver_open_socket(port_or_path);
3364 }
3365
3366 if (gdb_fd < 0) {
3367 return -1;
3368 }
3369
3370 if (port > 0 && gdb_accept_tcp(gdb_fd)) {
3371 return 0;
3372 } else if (gdb_accept_socket(gdb_fd)) {
3373 gdbserver_state.socket_path = g_strdup(port_or_path);
3374 return 0;
3375 }
3376
3377 /* gone wrong */
3378 close(gdb_fd);
3379 return -1;
3380 }
3381
3382 /* Disable gdb stub for child processes. */
3383 void gdbserver_fork(CPUState *cpu)
3384 {
3385 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3386 return;
3387 }
3388 close(gdbserver_state.fd);
3389 gdbserver_state.fd = -1;
3390 cpu_breakpoint_remove_all(cpu, BP_GDB);
3391 cpu_watchpoint_remove_all(cpu, BP_GDB);
3392 }
3393 #else
3394 static int gdb_chr_can_receive(void *opaque)
3395 {
3396 /* We can handle an arbitrarily large amount of data.
3397 Pick the maximum packet size, which is as good as anything. */
3398 return MAX_PACKET_LENGTH;
3399 }
3400
3401 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
3402 {
3403 int i;
3404
3405 for (i = 0; i < size; i++) {
3406 gdb_read_byte(buf[i]);
3407 }
3408 }
3409
3410 static void gdb_chr_event(void *opaque, QEMUChrEvent event)
3411 {
3412 int i;
3413 GDBState *s = (GDBState *) opaque;
3414
3415 switch (event) {
3416 case CHR_EVENT_OPENED:
3417 /* Start with first process attached, others detached */
3418 for (i = 0; i < s->process_num; i++) {
3419 s->processes[i].attached = !i;
3420 }
3421
3422 s->c_cpu = gdb_first_attached_cpu();
3423 s->g_cpu = s->c_cpu;
3424
3425 vm_stop(RUN_STATE_PAUSED);
3426 replay_gdb_attached();
3427 gdb_has_xml = false;
3428 break;
3429 default:
3430 break;
3431 }
3432 }
3433
3434 static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len)
3435 {
3436 g_autoptr(GString) hex_buf = g_string_new("O");
3437 memtohex(hex_buf, buf, len);
3438 put_packet(hex_buf->str);
3439 return len;
3440 }
3441
3442 #ifndef _WIN32
3443 static void gdb_sigterm_handler(int signal)
3444 {
3445 if (runstate_is_running()) {
3446 vm_stop(RUN_STATE_PAUSED);
3447 }
3448 }
3449 #endif
3450
3451 static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend,
3452 bool *be_opened, Error **errp)
3453 {
3454 *be_opened = false;
3455 }
3456
3457 static void char_gdb_class_init(ObjectClass *oc, void *data)
3458 {
3459 ChardevClass *cc = CHARDEV_CLASS(oc);
3460
3461 cc->internal = true;
3462 cc->open = gdb_monitor_open;
3463 cc->chr_write = gdb_monitor_write;
3464 }
3465
3466 #define TYPE_CHARDEV_GDB "chardev-gdb"
3467
3468 static const TypeInfo char_gdb_type_info = {
3469 .name = TYPE_CHARDEV_GDB,
3470 .parent = TYPE_CHARDEV,
3471 .class_init = char_gdb_class_init,
3472 };
3473
3474 static int find_cpu_clusters(Object *child, void *opaque)
3475 {
3476 if (object_dynamic_cast(child, TYPE_CPU_CLUSTER)) {
3477 GDBState *s = (GDBState *) opaque;
3478 CPUClusterState *cluster = CPU_CLUSTER(child);
3479 GDBProcess *process;
3480
3481 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
3482
3483 process = &s->processes[s->process_num - 1];
3484
3485 /*
3486 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at
3487 * runtime, we enforce here that the machine does not use a cluster ID
3488 * that would lead to PID 0.
3489 */
3490 assert(cluster->cluster_id != UINT32_MAX);
3491 process->pid = cluster->cluster_id + 1;
3492 process->attached = false;
3493 process->target_xml[0] = '\0';
3494
3495 return 0;
3496 }
3497
3498 return object_child_foreach(child, find_cpu_clusters, opaque);
3499 }
3500
3501 static int pid_order(const void *a, const void *b)
3502 {
3503 GDBProcess *pa = (GDBProcess *) a;
3504 GDBProcess *pb = (GDBProcess *) b;
3505
3506 if (pa->pid < pb->pid) {
3507 return -1;
3508 } else if (pa->pid > pb->pid) {
3509 return 1;
3510 } else {
3511 return 0;
3512 }
3513 }
3514
3515 static void create_processes(GDBState *s)
3516 {
3517 object_child_foreach(object_get_root(), find_cpu_clusters, s);
3518
3519 if (gdbserver_state.processes) {
3520 /* Sort by PID */
3521 qsort(gdbserver_state.processes, gdbserver_state.process_num, sizeof(gdbserver_state.processes[0]), pid_order);
3522 }
3523
3524 create_default_process(s);
3525 }
3526
3527 int gdbserver_start(const char *device)
3528 {
3529 trace_gdbstub_op_start(device);
3530
3531 char gdbstub_device_name[128];
3532 Chardev *chr = NULL;
3533 Chardev *mon_chr;
3534
3535 if (!first_cpu) {
3536 error_report("gdbstub: meaningless to attach gdb to a "
3537 "machine without any CPU.");
3538 return -1;
3539 }
3540
3541 if (kvm_enabled() && !kvm_supports_guest_debug()) {
3542 error_report("gdbstub: KVM doesn't support guest debugging");
3543 return -1;
3544 }
3545
3546 if (!device)
3547 return -1;
3548 if (strcmp(device, "none") != 0) {
3549 if (strstart(device, "tcp:", NULL)) {
3550 /* enforce required TCP attributes */
3551 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
3552 "%s,wait=off,nodelay=on,server=on", device);
3553 device = gdbstub_device_name;
3554 }
3555 #ifndef _WIN32
3556 else if (strcmp(device, "stdio") == 0) {
3557 struct sigaction act;
3558
3559 memset(&act, 0, sizeof(act));
3560 act.sa_handler = gdb_sigterm_handler;
3561 sigaction(SIGINT, &act, NULL);
3562 }
3563 #endif
3564 /*
3565 * FIXME: it's a bit weird to allow using a mux chardev here
3566 * and implicitly setup a monitor. We may want to break this.
3567 */
3568 chr = qemu_chr_new_noreplay("gdb", device, true, NULL);
3569 if (!chr)
3570 return -1;
3571 }
3572
3573 if (!gdbserver_state.init) {
3574 init_gdbserver_state();
3575
3576 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
3577
3578 /* Initialize a monitor terminal for gdb */
3579 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB,
3580 NULL, NULL, &error_abort);
3581 monitor_init_hmp(mon_chr, false, &error_abort);
3582 } else {
3583 qemu_chr_fe_deinit(&gdbserver_state.chr, true);
3584 mon_chr = gdbserver_state.mon_chr;
3585 reset_gdbserver_state();
3586 }
3587
3588 create_processes(&gdbserver_state);
3589
3590 if (chr) {
3591 qemu_chr_fe_init(&gdbserver_state.chr, chr, &error_abort);
3592 qemu_chr_fe_set_handlers(&gdbserver_state.chr, gdb_chr_can_receive,
3593 gdb_chr_receive, gdb_chr_event,
3594 NULL, &gdbserver_state, NULL, true);
3595 }
3596 gdbserver_state.state = chr ? RS_IDLE : RS_INACTIVE;
3597 gdbserver_state.mon_chr = mon_chr;
3598 gdbserver_state.current_syscall_cb = NULL;
3599
3600 return 0;
3601 }
3602
3603 static void register_types(void)
3604 {
3605 type_register_static(&char_gdb_type_info);
3606 }
3607
3608 type_init(register_types);
3609 #endif
QEMU mirror