]> git.proxmox.com Git - mirror_qemu.git/blob - gdbstub.c
projects / mirror_qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
gdbstub: add multiprocess support to vCont packets
[mirror_qemu.git] / gdbstub.c
1 /*
2 * gdb server stub
3 *
4 * Copyright (c) 2003-2005 Fabrice Bellard
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18 */
19 #include "qemu/osdep.h"
20 #include "qapi/error.h"
21 #include "qemu/error-report.h"
22 #include "qemu/cutils.h"
23 #include "trace-root.h"
24 #ifdef CONFIG_USER_ONLY
25 #include "qemu.h"
26 #else
27 #include "monitor/monitor.h"
28 #include "chardev/char.h"
29 #include "chardev/char-fe.h"
30 #include "sysemu/sysemu.h"
31 #include "exec/gdbstub.h"
32 #include "hw/cpu/cluster.h"
33 #endif
34
35 #define MAX_PACKET_LENGTH 4096
36
37 #include "qemu/sockets.h"
38 #include "sysemu/hw_accel.h"
39 #include "sysemu/kvm.h"
40 #include "exec/semihost.h"
41 #include "exec/exec-all.h"
42
43 #ifdef CONFIG_USER_ONLY
44 #define GDB_ATTACHED "0"
45 #else
46 #define GDB_ATTACHED "1"
47 #endif
48
49 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
50 uint8_t *buf, int len, bool is_write)
51 {
52 CPUClass *cc = CPU_GET_CLASS(cpu);
53
54 if (cc->memory_rw_debug) {
55 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
56 }
57 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
58 }
59
60 /* Return the GDB index for a given vCPU state.
61 *
62 * For user mode this is simply the thread id. In system mode GDB
63 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
64 */
65 static inline int cpu_gdb_index(CPUState *cpu)
66 {
67 #if defined(CONFIG_USER_ONLY)
68 TaskState *ts = (TaskState *) cpu->opaque;
69 return ts->ts_tid;
70 #else
71 return cpu->cpu_index + 1;
72 #endif
73 }
74
75 enum {
76 GDB_SIGNAL_0 = 0,
77 GDB_SIGNAL_INT = 2,
78 GDB_SIGNAL_QUIT = 3,
79 GDB_SIGNAL_TRAP = 5,
80 GDB_SIGNAL_ABRT = 6,
81 GDB_SIGNAL_ALRM = 14,
82 GDB_SIGNAL_IO = 23,
83 GDB_SIGNAL_XCPU = 24,
84 GDB_SIGNAL_UNKNOWN = 143
85 };
86
87 #ifdef CONFIG_USER_ONLY
88
89 /* Map target signal numbers to GDB protocol signal numbers and vice
90 * versa. For user emulation's currently supported systems, we can
91 * assume most signals are defined.
92 */
93
94 static int gdb_signal_table[] = {
95 0,
96 TARGET_SIGHUP,
97 TARGET_SIGINT,
98 TARGET_SIGQUIT,
99 TARGET_SIGILL,
100 TARGET_SIGTRAP,
101 TARGET_SIGABRT,
102 -1, /* SIGEMT */
103 TARGET_SIGFPE,
104 TARGET_SIGKILL,
105 TARGET_SIGBUS,
106 TARGET_SIGSEGV,
107 TARGET_SIGSYS,
108 TARGET_SIGPIPE,
109 TARGET_SIGALRM,
110 TARGET_SIGTERM,
111 TARGET_SIGURG,
112 TARGET_SIGSTOP,
113 TARGET_SIGTSTP,
114 TARGET_SIGCONT,
115 TARGET_SIGCHLD,
116 TARGET_SIGTTIN,
117 TARGET_SIGTTOU,
118 TARGET_SIGIO,
119 TARGET_SIGXCPU,
120 TARGET_SIGXFSZ,
121 TARGET_SIGVTALRM,
122 TARGET_SIGPROF,
123 TARGET_SIGWINCH,
124 -1, /* SIGLOST */
125 TARGET_SIGUSR1,
126 TARGET_SIGUSR2,
127 #ifdef TARGET_SIGPWR
128 TARGET_SIGPWR,
129 #else
130 -1,
131 #endif
132 -1, /* SIGPOLL */
133 -1,
134 -1,
135 -1,
136 -1,
137 -1,
138 -1,
139 -1,
140 -1,
141 -1,
142 -1,
143 -1,
144 #ifdef __SIGRTMIN
145 __SIGRTMIN + 1,
146 __SIGRTMIN + 2,
147 __SIGRTMIN + 3,
148 __SIGRTMIN + 4,
149 __SIGRTMIN + 5,
150 __SIGRTMIN + 6,
151 __SIGRTMIN + 7,
152 __SIGRTMIN + 8,
153 __SIGRTMIN + 9,
154 __SIGRTMIN + 10,
155 __SIGRTMIN + 11,
156 __SIGRTMIN + 12,
157 __SIGRTMIN + 13,
158 __SIGRTMIN + 14,
159 __SIGRTMIN + 15,
160 __SIGRTMIN + 16,
161 __SIGRTMIN + 17,
162 __SIGRTMIN + 18,
163 __SIGRTMIN + 19,
164 __SIGRTMIN + 20,
165 __SIGRTMIN + 21,
166 __SIGRTMIN + 22,
167 __SIGRTMIN + 23,
168 __SIGRTMIN + 24,
169 __SIGRTMIN + 25,
170 __SIGRTMIN + 26,
171 __SIGRTMIN + 27,
172 __SIGRTMIN + 28,
173 __SIGRTMIN + 29,
174 __SIGRTMIN + 30,
175 __SIGRTMIN + 31,
176 -1, /* SIGCANCEL */
177 __SIGRTMIN,
178 __SIGRTMIN + 32,
179 __SIGRTMIN + 33,
180 __SIGRTMIN + 34,
181 __SIGRTMIN + 35,
182 __SIGRTMIN + 36,
183 __SIGRTMIN + 37,
184 __SIGRTMIN + 38,
185 __SIGRTMIN + 39,
186 __SIGRTMIN + 40,
187 __SIGRTMIN + 41,
188 __SIGRTMIN + 42,
189 __SIGRTMIN + 43,
190 __SIGRTMIN + 44,
191 __SIGRTMIN + 45,
192 __SIGRTMIN + 46,
193 __SIGRTMIN + 47,
194 __SIGRTMIN + 48,
195 __SIGRTMIN + 49,
196 __SIGRTMIN + 50,
197 __SIGRTMIN + 51,
198 __SIGRTMIN + 52,
199 __SIGRTMIN + 53,
200 __SIGRTMIN + 54,
201 __SIGRTMIN + 55,
202 __SIGRTMIN + 56,
203 __SIGRTMIN + 57,
204 __SIGRTMIN + 58,
205 __SIGRTMIN + 59,
206 __SIGRTMIN + 60,
207 __SIGRTMIN + 61,
208 __SIGRTMIN + 62,
209 __SIGRTMIN + 63,
210 __SIGRTMIN + 64,
211 __SIGRTMIN + 65,
212 __SIGRTMIN + 66,
213 __SIGRTMIN + 67,
214 __SIGRTMIN + 68,
215 __SIGRTMIN + 69,
216 __SIGRTMIN + 70,
217 __SIGRTMIN + 71,
218 __SIGRTMIN + 72,
219 __SIGRTMIN + 73,
220 __SIGRTMIN + 74,
221 __SIGRTMIN + 75,
222 __SIGRTMIN + 76,
223 __SIGRTMIN + 77,
224 __SIGRTMIN + 78,
225 __SIGRTMIN + 79,
226 __SIGRTMIN + 80,
227 __SIGRTMIN + 81,
228 __SIGRTMIN + 82,
229 __SIGRTMIN + 83,
230 __SIGRTMIN + 84,
231 __SIGRTMIN + 85,
232 __SIGRTMIN + 86,
233 __SIGRTMIN + 87,
234 __SIGRTMIN + 88,
235 __SIGRTMIN + 89,
236 __SIGRTMIN + 90,
237 __SIGRTMIN + 91,
238 __SIGRTMIN + 92,
239 __SIGRTMIN + 93,
240 __SIGRTMIN + 94,
241 __SIGRTMIN + 95,
242 -1, /* SIGINFO */
243 -1, /* UNKNOWN */
244 -1, /* DEFAULT */
245 -1,
246 -1,
247 -1,
248 -1,
249 -1,
250 -1
251 #endif
252 };
253 #else
254 /* In system mode we only need SIGINT and SIGTRAP; other signals
255 are not yet supported. */
256
257 enum {
258 TARGET_SIGINT = 2,
259 TARGET_SIGTRAP = 5
260 };
261
262 static int gdb_signal_table[] = {
263 -1,
264 -1,
265 TARGET_SIGINT,
266 -1,
267 -1,
268 TARGET_SIGTRAP
269 };
270 #endif
271
272 #ifdef CONFIG_USER_ONLY
273 static int target_signal_to_gdb (int sig)
274 {
275 int i;
276 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
277 if (gdb_signal_table[i] == sig)
278 return i;
279 return GDB_SIGNAL_UNKNOWN;
280 }
281 #endif
282
283 static int gdb_signal_to_target (int sig)
284 {
285 if (sig < ARRAY_SIZE (gdb_signal_table))
286 return gdb_signal_table[sig];
287 else
288 return -1;
289 }
290
291 typedef struct GDBRegisterState {
292 int base_reg;
293 int num_regs;
294 gdb_reg_cb get_reg;
295 gdb_reg_cb set_reg;
296 const char *xml;
297 struct GDBRegisterState *next;
298 } GDBRegisterState;
299
300 typedef struct GDBProcess {
301 uint32_t pid;
302 bool attached;
303 } GDBProcess;
304
305 enum RSState {
306 RS_INACTIVE,
307 RS_IDLE,
308 RS_GETLINE,
309 RS_GETLINE_ESC,
310 RS_GETLINE_RLE,
311 RS_CHKSUM1,
312 RS_CHKSUM2,
313 };
314 typedef struct GDBState {
315 CPUState *c_cpu; /* current CPU for step/continue ops */
316 CPUState *g_cpu; /* current CPU for other ops */
317 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
318 enum RSState state; /* parsing state */
319 char line_buf[MAX_PACKET_LENGTH];
320 int line_buf_index;
321 int line_sum; /* running checksum */
322 int line_csum; /* checksum at the end of the packet */
323 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
324 int last_packet_len;
325 int signal;
326 #ifdef CONFIG_USER_ONLY
327 int fd;
328 int running_state;
329 #else
330 CharBackend chr;
331 Chardev *mon_chr;
332 #endif
333 bool multiprocess;
334 GDBProcess *processes;
335 int process_num;
336 char syscall_buf[256];
337 gdb_syscall_complete_cb current_syscall_cb;
338 } GDBState;
339
340 /* By default use no IRQs and no timers while single stepping so as to
341 * make single stepping like an ICE HW step.
342 */
343 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
344
345 static GDBState *gdbserver_state;
346
347 bool gdb_has_xml;
348
349 #ifdef CONFIG_USER_ONLY
350 /* XXX: This is not thread safe. Do we care? */
351 static int gdbserver_fd = -1;
352
353 static int get_char(GDBState *s)
354 {
355 uint8_t ch;
356 int ret;
357
358 for(;;) {
359 ret = qemu_recv(s->fd, &ch, 1, 0);
360 if (ret < 0) {
361 if (errno == ECONNRESET)
362 s->fd = -1;
363 if (errno != EINTR)
364 return -1;
365 } else if (ret == 0) {
366 close(s->fd);
367 s->fd = -1;
368 return -1;
369 } else {
370 break;
371 }
372 }
373 return ch;
374 }
375 #endif
376
377 static enum {
378 GDB_SYS_UNKNOWN,
379 GDB_SYS_ENABLED,
380 GDB_SYS_DISABLED,
381 } gdb_syscall_mode;
382
383 /* Decide if either remote gdb syscalls or native file IO should be used. */
384 int use_gdb_syscalls(void)
385 {
386 SemihostingTarget target = semihosting_get_target();
387 if (target == SEMIHOSTING_TARGET_NATIVE) {
388 /* -semihosting-config target=native */
389 return false;
390 } else if (target == SEMIHOSTING_TARGET_GDB) {
391 /* -semihosting-config target=gdb */
392 return true;
393 }
394
395 /* -semihosting-config target=auto */
396 /* On the first call check if gdb is connected and remember. */
397 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
398 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
399 : GDB_SYS_DISABLED);
400 }
401 return gdb_syscall_mode == GDB_SYS_ENABLED;
402 }
403
404 /* Resume execution. */
405 static inline void gdb_continue(GDBState *s)
406 {
407
408 #ifdef CONFIG_USER_ONLY
409 s->running_state = 1;
410 trace_gdbstub_op_continue();
411 #else
412 if (!runstate_needs_reset()) {
413 trace_gdbstub_op_continue();
414 vm_start();
415 }
416 #endif
417 }
418
419 /*
420 * Resume execution, per CPU actions. For user-mode emulation it's
421 * equivalent to gdb_continue.
422 */
423 static int gdb_continue_partial(GDBState *s, char *newstates)
424 {
425 CPUState *cpu;
426 int res = 0;
427 #ifdef CONFIG_USER_ONLY
428 /*
429 * This is not exactly accurate, but it's an improvement compared to the
430 * previous situation, where only one CPU would be single-stepped.
431 */
432 CPU_FOREACH(cpu) {
433 if (newstates[cpu->cpu_index] == 's') {
434 trace_gdbstub_op_stepping(cpu->cpu_index);
435 cpu_single_step(cpu, sstep_flags);
436 }
437 }
438 s->running_state = 1;
439 #else
440 int flag = 0;
441
442 if (!runstate_needs_reset()) {
443 if (vm_prepare_start()) {
444 return 0;
445 }
446
447 CPU_FOREACH(cpu) {
448 switch (newstates[cpu->cpu_index]) {
449 case 0:
450 case 1:
451 break; /* nothing to do here */
452 case 's':
453 trace_gdbstub_op_stepping(cpu->cpu_index);
454 cpu_single_step(cpu, sstep_flags);
455 cpu_resume(cpu);
456 flag = 1;
457 break;
458 case 'c':
459 trace_gdbstub_op_continue_cpu(cpu->cpu_index);
460 cpu_resume(cpu);
461 flag = 1;
462 break;
463 default:
464 res = -1;
465 break;
466 }
467 }
468 }
469 if (flag) {
470 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true);
471 }
472 #endif
473 return res;
474 }
475
476 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
477 {
478 #ifdef CONFIG_USER_ONLY
479 int ret;
480
481 while (len > 0) {
482 ret = send(s->fd, buf, len, 0);
483 if (ret < 0) {
484 if (errno != EINTR)
485 return;
486 } else {
487 buf += ret;
488 len -= ret;
489 }
490 }
491 #else
492 /* XXX this blocks entire thread. Rewrite to use
493 * qemu_chr_fe_write and background I/O callbacks */
494 qemu_chr_fe_write_all(&s->chr, buf, len);
495 #endif
496 }
497
498 static inline int fromhex(int v)
499 {
500 if (v >= '0' && v <= '9')
501 return v - '0';
502 else if (v >= 'A' && v <= 'F')
503 return v - 'A' + 10;
504 else if (v >= 'a' && v <= 'f')
505 return v - 'a' + 10;
506 else
507 return 0;
508 }
509
510 static inline int tohex(int v)
511 {
512 if (v < 10)
513 return v + '0';
514 else
515 return v - 10 + 'a';
516 }
517
518 /* writes 2*len+1 bytes in buf */
519 static void memtohex(char *buf, const uint8_t *mem, int len)
520 {
521 int i, c;
522 char *q;
523 q = buf;
524 for(i = 0; i < len; i++) {
525 c = mem[i];
526 *q++ = tohex(c >> 4);
527 *q++ = tohex(c & 0xf);
528 }
529 *q = '\0';
530 }
531
532 static void hextomem(uint8_t *mem, const char *buf, int len)
533 {
534 int i;
535
536 for(i = 0; i < len; i++) {
537 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
538 buf += 2;
539 }
540 }
541
542 static void hexdump(const char *buf, int len,
543 void (*trace_fn)(size_t ofs, char const *text))
544 {
545 char line_buffer[3 * 16 + 4 + 16 + 1];
546
547 size_t i;
548 for (i = 0; i < len || (i & 0xF); ++i) {
549 size_t byte_ofs = i & 15;
550
551 if (byte_ofs == 0) {
552 memset(line_buffer, ' ', 3 * 16 + 4 + 16);
553 line_buffer[3 * 16 + 4 + 16] = 0;
554 }
555
556 size_t col_group = (i >> 2) & 3;
557 size_t hex_col = byte_ofs * 3 + col_group;
558 size_t txt_col = 3 * 16 + 4 + byte_ofs;
559
560 if (i < len) {
561 char value = buf[i];
562
563 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF);
564 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF);
565 line_buffer[txt_col + 0] = (value >= ' ' && value < 127)
566 ? value
567 : '.';
568 }
569
570 if (byte_ofs == 0xF)
571 trace_fn(i & -16, line_buffer);
572 }
573 }
574
575 /* return -1 if error, 0 if OK */
576 static int put_packet_binary(GDBState *s, const char *buf, int len, bool dump)
577 {
578 int csum, i;
579 uint8_t *p;
580
581 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) {
582 hexdump(buf, len, trace_gdbstub_io_binaryreply);
583 }
584
585 for(;;) {
586 p = s->last_packet;
587 *(p++) = '$';
588 memcpy(p, buf, len);
589 p += len;
590 csum = 0;
591 for(i = 0; i < len; i++) {
592 csum += buf[i];
593 }
594 *(p++) = '#';
595 *(p++) = tohex((csum >> 4) & 0xf);
596 *(p++) = tohex((csum) & 0xf);
597
598 s->last_packet_len = p - s->last_packet;
599 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
600
601 #ifdef CONFIG_USER_ONLY
602 i = get_char(s);
603 if (i < 0)
604 return -1;
605 if (i == '+')
606 break;
607 #else
608 break;
609 #endif
610 }
611 return 0;
612 }
613
614 /* return -1 if error, 0 if OK */
615 static int put_packet(GDBState *s, const char *buf)
616 {
617 trace_gdbstub_io_reply(buf);
618
619 return put_packet_binary(s, buf, strlen(buf), false);
620 }
621
622 /* Encode data using the encoding for 'x' packets. */
623 static int memtox(char *buf, const char *mem, int len)
624 {
625 char *p = buf;
626 char c;
627
628 while (len--) {
629 c = *(mem++);
630 switch (c) {
631 case '#': case '$': case '*': case '}':
632 *(p++) = '}';
633 *(p++) = c ^ 0x20;
634 break;
635 default:
636 *(p++) = c;
637 break;
638 }
639 }
640 return p - buf;
641 }
642
643 static uint32_t gdb_get_cpu_pid(const GDBState *s, CPUState *cpu)
644 {
645 #ifndef CONFIG_USER_ONLY
646 gchar *path, *name = NULL;
647 Object *obj;
648 CPUClusterState *cluster;
649 uint32_t ret;
650
651 path = object_get_canonical_path(OBJECT(cpu));
652
653 if (path == NULL) {
654 /* Return the default process' PID */
655 ret = s->processes[s->process_num - 1].pid;
656 goto out;
657 }
658
659 name = object_get_canonical_path_component(OBJECT(cpu));
660 assert(name != NULL);
661
662 /*
663 * Retrieve the CPU parent path by removing the last '/' and the CPU name
664 * from the CPU canonical path.
665 */
666 path[strlen(path) - strlen(name) - 1] = '\0';
667
668 obj = object_resolve_path_type(path, TYPE_CPU_CLUSTER, NULL);
669
670 if (obj == NULL) {
671 /* Return the default process' PID */
672 ret = s->processes[s->process_num - 1].pid;
673 goto out;
674 }
675
676 cluster = CPU_CLUSTER(obj);
677 ret = cluster->cluster_id + 1;
678
679 out:
680 g_free(name);
681 g_free(path);
682
683 return ret;
684
685 #else
686 /* TODO: In user mode, we should use the task state PID */
687 return s->processes[s->process_num - 1].pid;
688 #endif
689 }
690
691 static GDBProcess *gdb_get_process(const GDBState *s, uint32_t pid)
692 {
693 int i;
694
695 if (!pid) {
696 /* 0 means any process, we take the first one */
697 return &s->processes[0];
698 }
699
700 for (i = 0; i < s->process_num; i++) {
701 if (s->processes[i].pid == pid) {
702 return &s->processes[i];
703 }
704 }
705
706 return NULL;
707 }
708
709 static GDBProcess *gdb_get_cpu_process(const GDBState *s, CPUState *cpu)
710 {
711 return gdb_get_process(s, gdb_get_cpu_pid(s, cpu));
712 }
713
714 static CPUState *find_cpu(uint32_t thread_id)
715 {
716 CPUState *cpu;
717
718 CPU_FOREACH(cpu) {
719 if (cpu_gdb_index(cpu) == thread_id) {
720 return cpu;
721 }
722 }
723
724 return NULL;
725 }
726
727 static CPUState *get_first_cpu_in_process(const GDBState *s,
728 GDBProcess *process)
729 {
730 CPUState *cpu;
731
732 CPU_FOREACH(cpu) {
733 if (gdb_get_cpu_pid(s, cpu) == process->pid) {
734 return cpu;
735 }
736 }
737
738 return NULL;
739 }
740
741 static CPUState *gdb_next_cpu_in_process(const GDBState *s, CPUState *cpu)
742 {
743 uint32_t pid = gdb_get_cpu_pid(s, cpu);
744 cpu = CPU_NEXT(cpu);
745
746 while (cpu) {
747 if (gdb_get_cpu_pid(s, cpu) == pid) {
748 break;
749 }
750
751 cpu = CPU_NEXT(cpu);
752 }
753
754 return cpu;
755 }
756
757 static CPUState *gdb_get_cpu(const GDBState *s, uint32_t pid, uint32_t tid)
758 {
759 GDBProcess *process;
760 CPUState *cpu;
761
762 if (!tid) {
763 /* 0 means any thread, we take the first one */
764 tid = 1;
765 }
766
767 cpu = find_cpu(tid);
768
769 if (cpu == NULL) {
770 return NULL;
771 }
772
773 process = gdb_get_cpu_process(s, cpu);
774
775 if (process->pid != pid) {
776 return NULL;
777 }
778
779 if (!process->attached) {
780 return NULL;
781 }
782
783 return cpu;
784 }
785
786 /* Return the cpu following @cpu, while ignoring unattached processes. */
787 static CPUState *gdb_next_attached_cpu(const GDBState *s, CPUState *cpu)
788 {
789 cpu = CPU_NEXT(cpu);
790
791 while (cpu) {
792 if (gdb_get_cpu_process(s, cpu)->attached) {
793 break;
794 }
795
796 cpu = CPU_NEXT(cpu);
797 }
798
799 return cpu;
800 }
801
802 /* Return the first attached cpu */
803 static CPUState *gdb_first_attached_cpu(const GDBState *s)
804 {
805 CPUState *cpu = first_cpu;
806 GDBProcess *process = gdb_get_cpu_process(s, cpu);
807
808 if (!process->attached) {
809 return gdb_next_attached_cpu(s, cpu);
810 }
811
812 return cpu;
813 }
814
815 static const char *get_feature_xml(const char *p, const char **newp,
816 CPUClass *cc)
817 {
818 size_t len;
819 int i;
820 const char *name;
821 static char target_xml[1024];
822
823 len = 0;
824 while (p[len] && p[len] != ':')
825 len++;
826 *newp = p + len;
827
828 name = NULL;
829 if (strncmp(p, "target.xml", len) == 0) {
830 /* Generate the XML description for this CPU. */
831 if (!target_xml[0]) {
832 GDBRegisterState *r;
833 CPUState *cpu = first_cpu;
834
835 pstrcat(target_xml, sizeof(target_xml),
836 "<?xml version=\"1.0\"?>"
837 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
838 "<target>");
839 if (cc->gdb_arch_name) {
840 gchar *arch = cc->gdb_arch_name(cpu);
841 pstrcat(target_xml, sizeof(target_xml), "<architecture>");
842 pstrcat(target_xml, sizeof(target_xml), arch);
843 pstrcat(target_xml, sizeof(target_xml), "</architecture>");
844 g_free(arch);
845 }
846 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
847 pstrcat(target_xml, sizeof(target_xml), cc->gdb_core_xml_file);
848 pstrcat(target_xml, sizeof(target_xml), "\"/>");
849 for (r = cpu->gdb_regs; r; r = r->next) {
850 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
851 pstrcat(target_xml, sizeof(target_xml), r->xml);
852 pstrcat(target_xml, sizeof(target_xml), "\"/>");
853 }
854 pstrcat(target_xml, sizeof(target_xml), "</target>");
855 }
856 return target_xml;
857 }
858 if (cc->gdb_get_dynamic_xml) {
859 CPUState *cpu = first_cpu;
860 char *xmlname = g_strndup(p, len);
861 const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname);
862
863 g_free(xmlname);
864 if (xml) {
865 return xml;
866 }
867 }
868 for (i = 0; ; i++) {
869 name = xml_builtin[i][0];
870 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
871 break;
872 }
873 return name ? xml_builtin[i][1] : NULL;
874 }
875
876 static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
877 {
878 CPUClass *cc = CPU_GET_CLASS(cpu);
879 CPUArchState *env = cpu->env_ptr;
880 GDBRegisterState *r;
881
882 if (reg < cc->gdb_num_core_regs) {
883 return cc->gdb_read_register(cpu, mem_buf, reg);
884 }
885
886 for (r = cpu->gdb_regs; r; r = r->next) {
887 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
888 return r->get_reg(env, mem_buf, reg - r->base_reg);
889 }
890 }
891 return 0;
892 }
893
894 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
895 {
896 CPUClass *cc = CPU_GET_CLASS(cpu);
897 CPUArchState *env = cpu->env_ptr;
898 GDBRegisterState *r;
899
900 if (reg < cc->gdb_num_core_regs) {
901 return cc->gdb_write_register(cpu, mem_buf, reg);
902 }
903
904 for (r = cpu->gdb_regs; r; r = r->next) {
905 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
906 return r->set_reg(env, mem_buf, reg - r->base_reg);
907 }
908 }
909 return 0;
910 }
911
912 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
913 specifies the first register number and these registers are included in
914 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
915 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
916 */
917
918 void gdb_register_coprocessor(CPUState *cpu,
919 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
920 int num_regs, const char *xml, int g_pos)
921 {
922 GDBRegisterState *s;
923 GDBRegisterState **p;
924
925 p = &cpu->gdb_regs;
926 while (*p) {
927 /* Check for duplicates. */
928 if (strcmp((*p)->xml, xml) == 0)
929 return;
930 p = &(*p)->next;
931 }
932
933 s = g_new0(GDBRegisterState, 1);
934 s->base_reg = cpu->gdb_num_regs;
935 s->num_regs = num_regs;
936 s->get_reg = get_reg;
937 s->set_reg = set_reg;
938 s->xml = xml;
939
940 /* Add to end of list. */
941 cpu->gdb_num_regs += num_regs;
942 *p = s;
943 if (g_pos) {
944 if (g_pos != s->base_reg) {
945 error_report("Error: Bad gdb register numbering for '%s', "
946 "expected %d got %d", xml, g_pos, s->base_reg);
947 } else {
948 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
949 }
950 }
951 }
952
953 #ifndef CONFIG_USER_ONLY
954 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
955 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
956 {
957 static const int xlat[] = {
958 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
959 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
960 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
961 };
962
963 CPUClass *cc = CPU_GET_CLASS(cpu);
964 int cputype = xlat[gdbtype];
965
966 if (cc->gdb_stop_before_watchpoint) {
967 cputype |= BP_STOP_BEFORE_ACCESS;
968 }
969 return cputype;
970 }
971 #endif
972
973 static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
974 {
975 CPUState *cpu;
976 int err = 0;
977
978 if (kvm_enabled()) {
979 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
980 }
981
982 switch (type) {
983 case GDB_BREAKPOINT_SW:
984 case GDB_BREAKPOINT_HW:
985 CPU_FOREACH(cpu) {
986 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
987 if (err) {
988 break;
989 }
990 }
991 return err;
992 #ifndef CONFIG_USER_ONLY
993 case GDB_WATCHPOINT_WRITE:
994 case GDB_WATCHPOINT_READ:
995 case GDB_WATCHPOINT_ACCESS:
996 CPU_FOREACH(cpu) {
997 err = cpu_watchpoint_insert(cpu, addr, len,
998 xlat_gdb_type(cpu, type), NULL);
999 if (err) {
1000 break;
1001 }
1002 }
1003 return err;
1004 #endif
1005 default:
1006 return -ENOSYS;
1007 }
1008 }
1009
1010 static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
1011 {
1012 CPUState *cpu;
1013 int err = 0;
1014
1015 if (kvm_enabled()) {
1016 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
1017 }
1018
1019 switch (type) {
1020 case GDB_BREAKPOINT_SW:
1021 case GDB_BREAKPOINT_HW:
1022 CPU_FOREACH(cpu) {
1023 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
1024 if (err) {
1025 break;
1026 }
1027 }
1028 return err;
1029 #ifndef CONFIG_USER_ONLY
1030 case GDB_WATCHPOINT_WRITE:
1031 case GDB_WATCHPOINT_READ:
1032 case GDB_WATCHPOINT_ACCESS:
1033 CPU_FOREACH(cpu) {
1034 err = cpu_watchpoint_remove(cpu, addr, len,
1035 xlat_gdb_type(cpu, type));
1036 if (err)
1037 break;
1038 }
1039 return err;
1040 #endif
1041 default:
1042 return -ENOSYS;
1043 }
1044 }
1045
1046 static void gdb_breakpoint_remove_all(void)
1047 {
1048 CPUState *cpu;
1049
1050 if (kvm_enabled()) {
1051 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
1052 return;
1053 }
1054
1055 CPU_FOREACH(cpu) {
1056 cpu_breakpoint_remove_all(cpu, BP_GDB);
1057 #ifndef CONFIG_USER_ONLY
1058 cpu_watchpoint_remove_all(cpu, BP_GDB);
1059 #endif
1060 }
1061 }
1062
1063 static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
1064 {
1065 CPUState *cpu = s->c_cpu;
1066
1067 cpu_synchronize_state(cpu);
1068 cpu_set_pc(cpu, pc);
1069 }
1070
1071 static char *gdb_fmt_thread_id(const GDBState *s, CPUState *cpu,
1072 char *buf, size_t buf_size)
1073 {
1074 if (s->multiprocess) {
1075 snprintf(buf, buf_size, "p%02x.%02x",
1076 gdb_get_cpu_pid(s, cpu), cpu_gdb_index(cpu));
1077 } else {
1078 snprintf(buf, buf_size, "%02x", cpu_gdb_index(cpu));
1079 }
1080
1081 return buf;
1082 }
1083
1084 typedef enum GDBThreadIdKind {
1085 GDB_ONE_THREAD = 0,
1086 GDB_ALL_THREADS, /* One process, all threads */
1087 GDB_ALL_PROCESSES,
1088 GDB_READ_THREAD_ERR
1089 } GDBThreadIdKind;
1090
1091 static GDBThreadIdKind read_thread_id(const char *buf, const char **end_buf,
1092 uint32_t *pid, uint32_t *tid)
1093 {
1094 unsigned long p, t;
1095 int ret;
1096
1097 if (*buf == 'p') {
1098 buf++;
1099 ret = qemu_strtoul(buf, &buf, 16, &p);
1100
1101 if (ret) {
1102 return GDB_READ_THREAD_ERR;
1103 }
1104
1105 /* Skip '.' */
1106 buf++;
1107 } else {
1108 p = 1;
1109 }
1110
1111 ret = qemu_strtoul(buf, &buf, 16, &t);
1112
1113 if (ret) {
1114 return GDB_READ_THREAD_ERR;
1115 }
1116
1117 *end_buf = buf;
1118
1119 if (p == -1) {
1120 return GDB_ALL_PROCESSES;
1121 }
1122
1123 if (pid) {
1124 *pid = p;
1125 }
1126
1127 if (t == -1) {
1128 return GDB_ALL_THREADS;
1129 }
1130
1131 if (tid) {
1132 *tid = t;
1133 }
1134
1135 return GDB_ONE_THREAD;
1136 }
1137
1138 static int is_query_packet(const char *p, const char *query, char separator)
1139 {
1140 unsigned int query_len = strlen(query);
1141
1142 return strncmp(p, query, query_len) == 0 &&
1143 (p[query_len] == '\0' || p[query_len] == separator);
1144 }
1145
1146 /**
1147 * gdb_handle_vcont - Parses and handles a vCont packet.
1148 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
1149 * a format error, 0 on success.
1150 */
1151 static int gdb_handle_vcont(GDBState *s, const char *p)
1152 {
1153 int res, signal = 0;
1154 char cur_action;
1155 char *newstates;
1156 unsigned long tmp;
1157 uint32_t pid, tid;
1158 GDBProcess *process;
1159 CPUState *cpu;
1160 #ifdef CONFIG_USER_ONLY
1161 int max_cpus = 1; /* global variable max_cpus exists only in system mode */
1162
1163 CPU_FOREACH(cpu) {
1164 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus;
1165 }
1166 #endif
1167 /* uninitialised CPUs stay 0 */
1168 newstates = g_new0(char, max_cpus);
1169
1170 /* mark valid CPUs with 1 */
1171 CPU_FOREACH(cpu) {
1172 newstates[cpu->cpu_index] = 1;
1173 }
1174
1175 /*
1176 * res keeps track of what error we are returning, with -ENOTSUP meaning
1177 * that the command is unknown or unsupported, thus returning an empty
1178 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
1179 * or incorrect parameters passed.
1180 */
1181 res = 0;
1182 while (*p) {
1183 if (*p++ != ';') {
1184 res = -ENOTSUP;
1185 goto out;
1186 }
1187
1188 cur_action = *p++;
1189 if (cur_action == 'C' || cur_action == 'S') {
1190 cur_action = qemu_tolower(cur_action);
1191 res = qemu_strtoul(p + 1, &p, 16, &tmp);
1192 if (res) {
1193 goto out;
1194 }
1195 signal = gdb_signal_to_target(tmp);
1196 } else if (cur_action != 'c' && cur_action != 's') {
1197 /* unknown/invalid/unsupported command */
1198 res = -ENOTSUP;
1199 goto out;
1200 }
1201
1202 if (*p++ != ':') {
1203 res = -ENOTSUP;
1204 goto out;
1205 }
1206
1207 switch (read_thread_id(p, &p, &pid, &tid)) {
1208 case GDB_READ_THREAD_ERR:
1209 res = -EINVAL;
1210 goto out;
1211
1212 case GDB_ALL_PROCESSES:
1213 cpu = gdb_first_attached_cpu(s);
1214 while (cpu) {
1215 if (newstates[cpu->cpu_index] == 1) {
1216 newstates[cpu->cpu_index] = cur_action;
1217 }
1218
1219 cpu = gdb_next_attached_cpu(s, cpu);
1220 }
1221 break;
1222
1223 case GDB_ALL_THREADS:
1224 process = gdb_get_process(s, pid);
1225
1226 if (!process->attached) {
1227 res = -EINVAL;
1228 goto out;
1229 }
1230
1231 cpu = get_first_cpu_in_process(s, process);
1232 while (cpu) {
1233 if (newstates[cpu->cpu_index] == 1) {
1234 newstates[cpu->cpu_index] = cur_action;
1235 }
1236
1237 cpu = gdb_next_cpu_in_process(s, cpu);
1238 }
1239 break;
1240
1241 case GDB_ONE_THREAD:
1242 cpu = gdb_get_cpu(s, pid, tid);
1243
1244 /* invalid CPU/thread specified */
1245 if (!cpu) {
1246 res = -EINVAL;
1247 goto out;
1248 }
1249
1250 /* only use if no previous match occourred */
1251 if (newstates[cpu->cpu_index] == 1) {
1252 newstates[cpu->cpu_index] = cur_action;
1253 }
1254 break;
1255 }
1256 }
1257 s->signal = signal;
1258 gdb_continue_partial(s, newstates);
1259
1260 out:
1261 g_free(newstates);
1262
1263 return res;
1264 }
1265
1266 static int gdb_handle_packet(GDBState *s, const char *line_buf)
1267 {
1268 CPUState *cpu;
1269 CPUClass *cc;
1270 const char *p;
1271 uint32_t thread;
1272 uint32_t pid, tid;
1273 int ch, reg_size, type, res;
1274 uint8_t mem_buf[MAX_PACKET_LENGTH];
1275 char buf[sizeof(mem_buf) + 1 /* trailing NUL */];
1276 char thread_id[16];
1277 uint8_t *registers;
1278 target_ulong addr, len;
1279 GDBThreadIdKind thread_kind;
1280
1281 trace_gdbstub_io_command(line_buf);
1282
1283 p = line_buf;
1284 ch = *p++;
1285 switch(ch) {
1286 case '?':
1287 /* TODO: Make this return the correct value for user-mode. */
1288 snprintf(buf, sizeof(buf), "T%02xthread:%s;", GDB_SIGNAL_TRAP,
1289 gdb_fmt_thread_id(s, s->c_cpu, thread_id, sizeof(thread_id)));
1290 put_packet(s, buf);
1291 /* Remove all the breakpoints when this query is issued,
1292 * because gdb is doing and initial connect and the state
1293 * should be cleaned up.
1294 */
1295 gdb_breakpoint_remove_all();
1296 break;
1297 case 'c':
1298 if (*p != '\0') {
1299 addr = strtoull(p, (char **)&p, 16);
1300 gdb_set_cpu_pc(s, addr);
1301 }
1302 s->signal = 0;
1303 gdb_continue(s);
1304 return RS_IDLE;
1305 case 'C':
1306 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
1307 if (s->signal == -1)
1308 s->signal = 0;
1309 gdb_continue(s);
1310 return RS_IDLE;
1311 case 'v':
1312 if (strncmp(p, "Cont", 4) == 0) {
1313 p += 4;
1314 if (*p == '?') {
1315 put_packet(s, "vCont;c;C;s;S");
1316 break;
1317 }
1318
1319 res = gdb_handle_vcont(s, p);
1320
1321 if (res) {
1322 if ((res == -EINVAL) || (res == -ERANGE)) {
1323 put_packet(s, "E22");
1324 break;
1325 }
1326 goto unknown_command;
1327 }
1328 break;
1329 } else {
1330 goto unknown_command;
1331 }
1332 case 'k':
1333 /* Kill the target */
1334 error_report("QEMU: Terminated via GDBstub");
1335 exit(0);
1336 case 'D':
1337 /* Detach packet */
1338 gdb_breakpoint_remove_all();
1339 gdb_syscall_mode = GDB_SYS_DISABLED;
1340 gdb_continue(s);
1341 put_packet(s, "OK");
1342 break;
1343 case 's':
1344 if (*p != '\0') {
1345 addr = strtoull(p, (char **)&p, 16);
1346 gdb_set_cpu_pc(s, addr);
1347 }
1348 cpu_single_step(s->c_cpu, sstep_flags);
1349 gdb_continue(s);
1350 return RS_IDLE;
1351 case 'F':
1352 {
1353 target_ulong ret;
1354 target_ulong err;
1355
1356 ret = strtoull(p, (char **)&p, 16);
1357 if (*p == ',') {
1358 p++;
1359 err = strtoull(p, (char **)&p, 16);
1360 } else {
1361 err = 0;
1362 }
1363 if (*p == ',')
1364 p++;
1365 type = *p;
1366 if (s->current_syscall_cb) {
1367 s->current_syscall_cb(s->c_cpu, ret, err);
1368 s->current_syscall_cb = NULL;
1369 }
1370 if (type == 'C') {
1371 put_packet(s, "T02");
1372 } else {
1373 gdb_continue(s);
1374 }
1375 }
1376 break;
1377 case 'g':
1378 cpu_synchronize_state(s->g_cpu);
1379 len = 0;
1380 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs; addr++) {
1381 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
1382 len += reg_size;
1383 }
1384 memtohex(buf, mem_buf, len);
1385 put_packet(s, buf);
1386 break;
1387 case 'G':
1388 cpu_synchronize_state(s->g_cpu);
1389 registers = mem_buf;
1390 len = strlen(p) / 2;
1391 hextomem((uint8_t *)registers, p, len);
1392 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs && len > 0; addr++) {
1393 reg_size = gdb_write_register(s->g_cpu, registers, addr);
1394 len -= reg_size;
1395 registers += reg_size;
1396 }
1397 put_packet(s, "OK");
1398 break;
1399 case 'm':
1400 addr = strtoull(p, (char **)&p, 16);
1401 if (*p == ',')
1402 p++;
1403 len = strtoull(p, NULL, 16);
1404
1405 /* memtohex() doubles the required space */
1406 if (len > MAX_PACKET_LENGTH / 2) {
1407 put_packet (s, "E22");
1408 break;
1409 }
1410
1411 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, false) != 0) {
1412 put_packet (s, "E14");
1413 } else {
1414 memtohex(buf, mem_buf, len);
1415 put_packet(s, buf);
1416 }
1417 break;
1418 case 'M':
1419 addr = strtoull(p, (char **)&p, 16);
1420 if (*p == ',')
1421 p++;
1422 len = strtoull(p, (char **)&p, 16);
1423 if (*p == ':')
1424 p++;
1425
1426 /* hextomem() reads 2*len bytes */
1427 if (len > strlen(p) / 2) {
1428 put_packet (s, "E22");
1429 break;
1430 }
1431 hextomem(mem_buf, p, len);
1432 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len,
1433 true) != 0) {
1434 put_packet(s, "E14");
1435 } else {
1436 put_packet(s, "OK");
1437 }
1438 break;
1439 case 'p':
1440 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
1441 This works, but can be very slow. Anything new enough to
1442 understand XML also knows how to use this properly. */
1443 if (!gdb_has_xml)
1444 goto unknown_command;
1445 addr = strtoull(p, (char **)&p, 16);
1446 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
1447 if (reg_size) {
1448 memtohex(buf, mem_buf, reg_size);
1449 put_packet(s, buf);
1450 } else {
1451 put_packet(s, "E14");
1452 }
1453 break;
1454 case 'P':
1455 if (!gdb_has_xml)
1456 goto unknown_command;
1457 addr = strtoull(p, (char **)&p, 16);
1458 if (*p == '=')
1459 p++;
1460 reg_size = strlen(p) / 2;
1461 hextomem(mem_buf, p, reg_size);
1462 gdb_write_register(s->g_cpu, mem_buf, addr);
1463 put_packet(s, "OK");
1464 break;
1465 case 'Z':
1466 case 'z':
1467 type = strtoul(p, (char **)&p, 16);
1468 if (*p == ',')
1469 p++;
1470 addr = strtoull(p, (char **)&p, 16);
1471 if (*p == ',')
1472 p++;
1473 len = strtoull(p, (char **)&p, 16);
1474 if (ch == 'Z')
1475 res = gdb_breakpoint_insert(addr, len, type);
1476 else
1477 res = gdb_breakpoint_remove(addr, len, type);
1478 if (res >= 0)
1479 put_packet(s, "OK");
1480 else if (res == -ENOSYS)
1481 put_packet(s, "");
1482 else
1483 put_packet(s, "E22");
1484 break;
1485 case 'H':
1486 type = *p++;
1487
1488 thread_kind = read_thread_id(p, &p, &pid, &tid);
1489 if (thread_kind == GDB_READ_THREAD_ERR) {
1490 put_packet(s, "E22");
1491 break;
1492 }
1493
1494 if (thread_kind != GDB_ONE_THREAD) {
1495 put_packet(s, "OK");
1496 break;
1497 }
1498 cpu = gdb_get_cpu(s, pid, tid);
1499 if (cpu == NULL) {
1500 put_packet(s, "E22");
1501 break;
1502 }
1503 switch (type) {
1504 case 'c':
1505 s->c_cpu = cpu;
1506 put_packet(s, "OK");
1507 break;
1508 case 'g':
1509 s->g_cpu = cpu;
1510 put_packet(s, "OK");
1511 break;
1512 default:
1513 put_packet(s, "E22");
1514 break;
1515 }
1516 break;
1517 case 'T':
1518 thread_kind = read_thread_id(p, &p, &pid, &tid);
1519 if (thread_kind == GDB_READ_THREAD_ERR) {
1520 put_packet(s, "E22");
1521 break;
1522 }
1523 cpu = gdb_get_cpu(s, pid, tid);
1524
1525 if (cpu != NULL) {
1526 put_packet(s, "OK");
1527 } else {
1528 put_packet(s, "E22");
1529 }
1530 break;
1531 case 'q':
1532 case 'Q':
1533 /* parse any 'q' packets here */
1534 if (!strcmp(p,"qemu.sstepbits")) {
1535 /* Query Breakpoint bit definitions */
1536 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1537 SSTEP_ENABLE,
1538 SSTEP_NOIRQ,
1539 SSTEP_NOTIMER);
1540 put_packet(s, buf);
1541 break;
1542 } else if (is_query_packet(p, "qemu.sstep", '=')) {
1543 /* Display or change the sstep_flags */
1544 p += 10;
1545 if (*p != '=') {
1546 /* Display current setting */
1547 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
1548 put_packet(s, buf);
1549 break;
1550 }
1551 p++;
1552 type = strtoul(p, (char **)&p, 16);
1553 sstep_flags = type;
1554 put_packet(s, "OK");
1555 break;
1556 } else if (strcmp(p,"C") == 0) {
1557 /* "Current thread" remains vague in the spec, so always return
1558 * the first CPU (gdb returns the first thread). */
1559 put_packet(s, "QC1");
1560 break;
1561 } else if (strcmp(p,"fThreadInfo") == 0) {
1562 s->query_cpu = first_cpu;
1563 goto report_cpuinfo;
1564 } else if (strcmp(p,"sThreadInfo") == 0) {
1565 report_cpuinfo:
1566 if (s->query_cpu) {
1567 snprintf(buf, sizeof(buf), "m%x", cpu_gdb_index(s->query_cpu));
1568 put_packet(s, buf);
1569 s->query_cpu = CPU_NEXT(s->query_cpu);
1570 } else
1571 put_packet(s, "l");
1572 break;
1573 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
1574 thread = strtoull(p+16, (char **)&p, 16);
1575 cpu = find_cpu(thread);
1576 if (cpu != NULL) {
1577 cpu_synchronize_state(cpu);
1578 /* memtohex() doubles the required space */
1579 len = snprintf((char *)mem_buf, sizeof(buf) / 2,
1580 "CPU#%d [%s]", cpu->cpu_index,
1581 cpu->halted ? "halted " : "running");
1582 trace_gdbstub_op_extra_info((char *)mem_buf);
1583 memtohex(buf, mem_buf, len);
1584 put_packet(s, buf);
1585 }
1586 break;
1587 }
1588 #ifdef CONFIG_USER_ONLY
1589 else if (strcmp(p, "Offsets") == 0) {
1590 TaskState *ts = s->c_cpu->opaque;
1591
1592 snprintf(buf, sizeof(buf),
1593 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1594 ";Bss=" TARGET_ABI_FMT_lx,
1595 ts->info->code_offset,
1596 ts->info->data_offset,
1597 ts->info->data_offset);
1598 put_packet(s, buf);
1599 break;
1600 }
1601 #else /* !CONFIG_USER_ONLY */
1602 else if (strncmp(p, "Rcmd,", 5) == 0) {
1603 int len = strlen(p + 5);
1604
1605 if ((len % 2) != 0) {
1606 put_packet(s, "E01");
1607 break;
1608 }
1609 len = len / 2;
1610 hextomem(mem_buf, p + 5, len);
1611 mem_buf[len++] = 0;
1612 qemu_chr_be_write(s->mon_chr, mem_buf, len);
1613 put_packet(s, "OK");
1614 break;
1615 }
1616 #endif /* !CONFIG_USER_ONLY */
1617 if (is_query_packet(p, "Supported", ':')) {
1618 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
1619 cc = CPU_GET_CLASS(first_cpu);
1620 if (cc->gdb_core_xml_file != NULL) {
1621 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
1622 }
1623 put_packet(s, buf);
1624 break;
1625 }
1626 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1627 const char *xml;
1628 target_ulong total_len;
1629
1630 cc = CPU_GET_CLASS(first_cpu);
1631 if (cc->gdb_core_xml_file == NULL) {
1632 goto unknown_command;
1633 }
1634
1635 gdb_has_xml = true;
1636 p += 19;
1637 xml = get_feature_xml(p, &p, cc);
1638 if (!xml) {
1639 snprintf(buf, sizeof(buf), "E00");
1640 put_packet(s, buf);
1641 break;
1642 }
1643
1644 if (*p == ':')
1645 p++;
1646 addr = strtoul(p, (char **)&p, 16);
1647 if (*p == ',')
1648 p++;
1649 len = strtoul(p, (char **)&p, 16);
1650
1651 total_len = strlen(xml);
1652 if (addr > total_len) {
1653 snprintf(buf, sizeof(buf), "E00");
1654 put_packet(s, buf);
1655 break;
1656 }
1657 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1658 len = (MAX_PACKET_LENGTH - 5) / 2;
1659 if (len < total_len - addr) {
1660 buf[0] = 'm';
1661 len = memtox(buf + 1, xml + addr, len);
1662 } else {
1663 buf[0] = 'l';
1664 len = memtox(buf + 1, xml + addr, total_len - addr);
1665 }
1666 put_packet_binary(s, buf, len + 1, true);
1667 break;
1668 }
1669 if (is_query_packet(p, "Attached", ':')) {
1670 put_packet(s, GDB_ATTACHED);
1671 break;
1672 }
1673 /* Unrecognised 'q' command. */
1674 goto unknown_command;
1675
1676 default:
1677 unknown_command:
1678 /* put empty packet */
1679 buf[0] = '\0';
1680 put_packet(s, buf);
1681 break;
1682 }
1683 return RS_IDLE;
1684 }
1685
1686 void gdb_set_stop_cpu(CPUState *cpu)
1687 {
1688 gdbserver_state->c_cpu = cpu;
1689 gdbserver_state->g_cpu = cpu;
1690 }
1691
1692 #ifndef CONFIG_USER_ONLY
1693 static void gdb_vm_state_change(void *opaque, int running, RunState state)
1694 {
1695 GDBState *s = gdbserver_state;
1696 CPUState *cpu = s->c_cpu;
1697 char buf[256];
1698 const char *type;
1699 int ret;
1700
1701 if (running || s->state == RS_INACTIVE) {
1702 return;
1703 }
1704 /* Is there a GDB syscall waiting to be sent? */
1705 if (s->current_syscall_cb) {
1706 put_packet(s, s->syscall_buf);
1707 return;
1708 }
1709 switch (state) {
1710 case RUN_STATE_DEBUG:
1711 if (cpu->watchpoint_hit) {
1712 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
1713 case BP_MEM_READ:
1714 type = "r";
1715 break;
1716 case BP_MEM_ACCESS:
1717 type = "a";
1718 break;
1719 default:
1720 type = "";
1721 break;
1722 }
1723 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu),
1724 (target_ulong)cpu->watchpoint_hit->vaddr);
1725 snprintf(buf, sizeof(buf),
1726 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
1727 GDB_SIGNAL_TRAP, cpu_gdb_index(cpu), type,
1728 (target_ulong)cpu->watchpoint_hit->vaddr);
1729 cpu->watchpoint_hit = NULL;
1730 goto send_packet;
1731 } else {
1732 trace_gdbstub_hit_break();
1733 }
1734 tb_flush(cpu);
1735 ret = GDB_SIGNAL_TRAP;
1736 break;
1737 case RUN_STATE_PAUSED:
1738 trace_gdbstub_hit_paused();
1739 ret = GDB_SIGNAL_INT;
1740 break;
1741 case RUN_STATE_SHUTDOWN:
1742 trace_gdbstub_hit_shutdown();
1743 ret = GDB_SIGNAL_QUIT;
1744 break;
1745 case RUN_STATE_IO_ERROR:
1746 trace_gdbstub_hit_io_error();
1747 ret = GDB_SIGNAL_IO;
1748 break;
1749 case RUN_STATE_WATCHDOG:
1750 trace_gdbstub_hit_watchdog();
1751 ret = GDB_SIGNAL_ALRM;
1752 break;
1753 case RUN_STATE_INTERNAL_ERROR:
1754 trace_gdbstub_hit_internal_error();
1755 ret = GDB_SIGNAL_ABRT;
1756 break;
1757 case RUN_STATE_SAVE_VM:
1758 case RUN_STATE_RESTORE_VM:
1759 return;
1760 case RUN_STATE_FINISH_MIGRATE:
1761 ret = GDB_SIGNAL_XCPU;
1762 break;
1763 default:
1764 trace_gdbstub_hit_unknown(state);
1765 ret = GDB_SIGNAL_UNKNOWN;
1766 break;
1767 }
1768 gdb_set_stop_cpu(cpu);
1769 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, cpu_gdb_index(cpu));
1770
1771 send_packet:
1772 put_packet(s, buf);
1773
1774 /* disable single step if it was enabled */
1775 cpu_single_step(cpu, 0);
1776 }
1777 #endif
1778
1779 /* Send a gdb syscall request.
1780 This accepts limited printf-style format specifiers, specifically:
1781 %x - target_ulong argument printed in hex.
1782 %lx - 64-bit argument printed in hex.
1783 %s - string pointer (target_ulong) and length (int) pair. */
1784 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
1785 {
1786 char *p;
1787 char *p_end;
1788 target_ulong addr;
1789 uint64_t i64;
1790 GDBState *s;
1791
1792 s = gdbserver_state;
1793 if (!s)
1794 return;
1795 s->current_syscall_cb = cb;
1796 #ifndef CONFIG_USER_ONLY
1797 vm_stop(RUN_STATE_DEBUG);
1798 #endif
1799 p = s->syscall_buf;
1800 p_end = &s->syscall_buf[sizeof(s->syscall_buf)];
1801 *(p++) = 'F';
1802 while (*fmt) {
1803 if (*fmt == '%') {
1804 fmt++;
1805 switch (*fmt++) {
1806 case 'x':
1807 addr = va_arg(va, target_ulong);
1808 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
1809 break;
1810 case 'l':
1811 if (*(fmt++) != 'x')
1812 goto bad_format;
1813 i64 = va_arg(va, uint64_t);
1814 p += snprintf(p, p_end - p, "%" PRIx64, i64);
1815 break;
1816 case 's':
1817 addr = va_arg(va, target_ulong);
1818 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
1819 addr, va_arg(va, int));
1820 break;
1821 default:
1822 bad_format:
1823 error_report("gdbstub: Bad syscall format string '%s'",
1824 fmt - 1);
1825 break;
1826 }
1827 } else {
1828 *(p++) = *(fmt++);
1829 }
1830 }
1831 *p = 0;
1832 #ifdef CONFIG_USER_ONLY
1833 put_packet(s, s->syscall_buf);
1834 /* Return control to gdb for it to process the syscall request.
1835 * Since the protocol requires that gdb hands control back to us
1836 * using a "here are the results" F packet, we don't need to check
1837 * gdb_handlesig's return value (which is the signal to deliver if
1838 * execution was resumed via a continue packet).
1839 */
1840 gdb_handlesig(s->c_cpu, 0);
1841 #else
1842 /* In this case wait to send the syscall packet until notification that
1843 the CPU has stopped. This must be done because if the packet is sent
1844 now the reply from the syscall request could be received while the CPU
1845 is still in the running state, which can cause packets to be dropped
1846 and state transition 'T' packets to be sent while the syscall is still
1847 being processed. */
1848 qemu_cpu_kick(s->c_cpu);
1849 #endif
1850 }
1851
1852 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
1853 {
1854 va_list va;
1855
1856 va_start(va, fmt);
1857 gdb_do_syscallv(cb, fmt, va);
1858 va_end(va);
1859 }
1860
1861 static void gdb_read_byte(GDBState *s, int ch)
1862 {
1863 uint8_t reply;
1864
1865 #ifndef CONFIG_USER_ONLY
1866 if (s->last_packet_len) {
1867 /* Waiting for a response to the last packet. If we see the start
1868 of a new command then abandon the previous response. */
1869 if (ch == '-') {
1870 trace_gdbstub_err_got_nack();
1871 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
1872 } else if (ch == '+') {
1873 trace_gdbstub_io_got_ack();
1874 } else {
1875 trace_gdbstub_io_got_unexpected((uint8_t)ch);
1876 }
1877
1878 if (ch == '+' || ch == '$')
1879 s->last_packet_len = 0;
1880 if (ch != '$')
1881 return;
1882 }
1883 if (runstate_is_running()) {
1884 /* when the CPU is running, we cannot do anything except stop
1885 it when receiving a char */
1886 vm_stop(RUN_STATE_PAUSED);
1887 } else
1888 #endif
1889 {
1890 switch(s->state) {
1891 case RS_IDLE:
1892 if (ch == '$') {
1893 /* start of command packet */
1894 s->line_buf_index = 0;
1895 s->line_sum = 0;
1896 s->state = RS_GETLINE;
1897 } else {
1898 trace_gdbstub_err_garbage((uint8_t)ch);
1899 }
1900 break;
1901 case RS_GETLINE:
1902 if (ch == '}') {
1903 /* start escape sequence */
1904 s->state = RS_GETLINE_ESC;
1905 s->line_sum += ch;
1906 } else if (ch == '*') {
1907 /* start run length encoding sequence */
1908 s->state = RS_GETLINE_RLE;
1909 s->line_sum += ch;
1910 } else if (ch == '#') {
1911 /* end of command, start of checksum*/
1912 s->state = RS_CHKSUM1;
1913 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1914 trace_gdbstub_err_overrun();
1915 s->state = RS_IDLE;
1916 } else {
1917 /* unescaped command character */
1918 s->line_buf[s->line_buf_index++] = ch;
1919 s->line_sum += ch;
1920 }
1921 break;
1922 case RS_GETLINE_ESC:
1923 if (ch == '#') {
1924 /* unexpected end of command in escape sequence */
1925 s->state = RS_CHKSUM1;
1926 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1927 /* command buffer overrun */
1928 trace_gdbstub_err_overrun();
1929 s->state = RS_IDLE;
1930 } else {
1931 /* parse escaped character and leave escape state */
1932 s->line_buf[s->line_buf_index++] = ch ^ 0x20;
1933 s->line_sum += ch;
1934 s->state = RS_GETLINE;
1935 }
1936 break;
1937 case RS_GETLINE_RLE:
1938 if (ch < ' ') {
1939 /* invalid RLE count encoding */
1940 trace_gdbstub_err_invalid_repeat((uint8_t)ch);
1941 s->state = RS_GETLINE;
1942 } else {
1943 /* decode repeat length */
1944 int repeat = (unsigned char)ch - ' ' + 3;
1945 if (s->line_buf_index + repeat >= sizeof(s->line_buf) - 1) {
1946 /* that many repeats would overrun the command buffer */
1947 trace_gdbstub_err_overrun();
1948 s->state = RS_IDLE;
1949 } else if (s->line_buf_index < 1) {
1950 /* got a repeat but we have nothing to repeat */
1951 trace_gdbstub_err_invalid_rle();
1952 s->state = RS_GETLINE;
1953 } else {
1954 /* repeat the last character */
1955 memset(s->line_buf + s->line_buf_index,
1956 s->line_buf[s->line_buf_index - 1], repeat);
1957 s->line_buf_index += repeat;
1958 s->line_sum += ch;
1959 s->state = RS_GETLINE;
1960 }
1961 }
1962 break;
1963 case RS_CHKSUM1:
1964 /* get high hex digit of checksum */
1965 if (!isxdigit(ch)) {
1966 trace_gdbstub_err_checksum_invalid((uint8_t)ch);
1967 s->state = RS_GETLINE;
1968 break;
1969 }
1970 s->line_buf[s->line_buf_index] = '\0';
1971 s->line_csum = fromhex(ch) << 4;
1972 s->state = RS_CHKSUM2;
1973 break;
1974 case RS_CHKSUM2:
1975 /* get low hex digit of checksum */
1976 if (!isxdigit(ch)) {
1977 trace_gdbstub_err_checksum_invalid((uint8_t)ch);
1978 s->state = RS_GETLINE;
1979 break;
1980 }
1981 s->line_csum |= fromhex(ch);
1982
1983 if (s->line_csum != (s->line_sum & 0xff)) {
1984 trace_gdbstub_err_checksum_incorrect(s->line_sum, s->line_csum);
1985 /* send NAK reply */
1986 reply = '-';
1987 put_buffer(s, &reply, 1);
1988 s->state = RS_IDLE;
1989 } else {
1990 /* send ACK reply */
1991 reply = '+';
1992 put_buffer(s, &reply, 1);
1993 s->state = gdb_handle_packet(s, s->line_buf);
1994 }
1995 break;
1996 default:
1997 abort();
1998 }
1999 }
2000 }
2001
2002 /* Tell the remote gdb that the process has exited. */
2003 void gdb_exit(CPUArchState *env, int code)
2004 {
2005 GDBState *s;
2006 char buf[4];
2007
2008 s = gdbserver_state;
2009 if (!s) {
2010 return;
2011 }
2012 #ifdef CONFIG_USER_ONLY
2013 if (gdbserver_fd < 0 || s->fd < 0) {
2014 return;
2015 }
2016 #endif
2017
2018 trace_gdbstub_op_exiting((uint8_t)code);
2019
2020 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
2021 put_packet(s, buf);
2022
2023 #ifndef CONFIG_USER_ONLY
2024 qemu_chr_fe_deinit(&s->chr, true);
2025 #endif
2026 }
2027
2028 /*
2029 * Create the process that will contain all the "orphan" CPUs (that are not
2030 * part of a CPU cluster). Note that if this process contains no CPUs, it won't
2031 * be attachable and thus will be invisible to the user.
2032 */
2033 static void create_default_process(GDBState *s)
2034 {
2035 GDBProcess *process;
2036 int max_pid = 0;
2037
2038 if (s->process_num) {
2039 max_pid = s->processes[s->process_num - 1].pid;
2040 }
2041
2042 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
2043 process = &s->processes[s->process_num - 1];
2044
2045 /* We need an available PID slot for this process */
2046 assert(max_pid < UINT32_MAX);
2047
2048 process->pid = max_pid + 1;
2049 process->attached = false;
2050 }
2051
2052 #ifdef CONFIG_USER_ONLY
2053 int
2054 gdb_handlesig(CPUState *cpu, int sig)
2055 {
2056 GDBState *s;
2057 char buf[256];
2058 int n;
2059
2060 s = gdbserver_state;
2061 if (gdbserver_fd < 0 || s->fd < 0) {
2062 return sig;
2063 }
2064
2065 /* disable single step if it was enabled */
2066 cpu_single_step(cpu, 0);
2067 tb_flush(cpu);
2068
2069 if (sig != 0) {
2070 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
2071 put_packet(s, buf);
2072 }
2073 /* put_packet() might have detected that the peer terminated the
2074 connection. */
2075 if (s->fd < 0) {
2076 return sig;
2077 }
2078
2079 sig = 0;
2080 s->state = RS_IDLE;
2081 s->running_state = 0;
2082 while (s->running_state == 0) {
2083 n = read(s->fd, buf, 256);
2084 if (n > 0) {
2085 int i;
2086
2087 for (i = 0; i < n; i++) {
2088 gdb_read_byte(s, buf[i]);
2089 }
2090 } else {
2091 /* XXX: Connection closed. Should probably wait for another
2092 connection before continuing. */
2093 if (n == 0) {
2094 close(s->fd);
2095 }
2096 s->fd = -1;
2097 return sig;
2098 }
2099 }
2100 sig = s->signal;
2101 s->signal = 0;
2102 return sig;
2103 }
2104
2105 /* Tell the remote gdb that the process has exited due to SIG. */
2106 void gdb_signalled(CPUArchState *env, int sig)
2107 {
2108 GDBState *s;
2109 char buf[4];
2110
2111 s = gdbserver_state;
2112 if (gdbserver_fd < 0 || s->fd < 0) {
2113 return;
2114 }
2115
2116 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
2117 put_packet(s, buf);
2118 }
2119
2120 static bool gdb_accept(void)
2121 {
2122 GDBState *s;
2123 struct sockaddr_in sockaddr;
2124 socklen_t len;
2125 int fd;
2126
2127 for(;;) {
2128 len = sizeof(sockaddr);
2129 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
2130 if (fd < 0 && errno != EINTR) {
2131 perror("accept");
2132 return false;
2133 } else if (fd >= 0) {
2134 qemu_set_cloexec(fd);
2135 break;
2136 }
2137 }
2138
2139 /* set short latency */
2140 if (socket_set_nodelay(fd)) {
2141 perror("setsockopt");
2142 close(fd);
2143 return false;
2144 }
2145
2146 s = g_malloc0(sizeof(GDBState));
2147 s->c_cpu = first_cpu;
2148 s->g_cpu = first_cpu;
2149 create_default_process(s);
2150 s->fd = fd;
2151 gdb_has_xml = false;
2152
2153 gdbserver_state = s;
2154 return true;
2155 }
2156
2157 static int gdbserver_open(int port)
2158 {
2159 struct sockaddr_in sockaddr;
2160 int fd, ret;
2161
2162 fd = socket(PF_INET, SOCK_STREAM, 0);
2163 if (fd < 0) {
2164 perror("socket");
2165 return -1;
2166 }
2167 qemu_set_cloexec(fd);
2168
2169 socket_set_fast_reuse(fd);
2170
2171 sockaddr.sin_family = AF_INET;
2172 sockaddr.sin_port = htons(port);
2173 sockaddr.sin_addr.s_addr = 0;
2174 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
2175 if (ret < 0) {
2176 perror("bind");
2177 close(fd);
2178 return -1;
2179 }
2180 ret = listen(fd, 1);
2181 if (ret < 0) {
2182 perror("listen");
2183 close(fd);
2184 return -1;
2185 }
2186 return fd;
2187 }
2188
2189 int gdbserver_start(int port)
2190 {
2191 gdbserver_fd = gdbserver_open(port);
2192 if (gdbserver_fd < 0)
2193 return -1;
2194 /* accept connections */
2195 if (!gdb_accept()) {
2196 close(gdbserver_fd);
2197 gdbserver_fd = -1;
2198 return -1;
2199 }
2200 return 0;
2201 }
2202
2203 /* Disable gdb stub for child processes. */
2204 void gdbserver_fork(CPUState *cpu)
2205 {
2206 GDBState *s = gdbserver_state;
2207
2208 if (gdbserver_fd < 0 || s->fd < 0) {
2209 return;
2210 }
2211 close(s->fd);
2212 s->fd = -1;
2213 cpu_breakpoint_remove_all(cpu, BP_GDB);
2214 cpu_watchpoint_remove_all(cpu, BP_GDB);
2215 }
2216 #else
2217 static int gdb_chr_can_receive(void *opaque)
2218 {
2219 /* We can handle an arbitrarily large amount of data.
2220 Pick the maximum packet size, which is as good as anything. */
2221 return MAX_PACKET_LENGTH;
2222 }
2223
2224 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
2225 {
2226 int i;
2227
2228 for (i = 0; i < size; i++) {
2229 gdb_read_byte(gdbserver_state, buf[i]);
2230 }
2231 }
2232
2233 static void gdb_chr_event(void *opaque, int event)
2234 {
2235 switch (event) {
2236 case CHR_EVENT_OPENED:
2237 vm_stop(RUN_STATE_PAUSED);
2238 gdb_has_xml = false;
2239 break;
2240 default:
2241 break;
2242 }
2243 }
2244
2245 static void gdb_monitor_output(GDBState *s, const char *msg, int len)
2246 {
2247 char buf[MAX_PACKET_LENGTH];
2248
2249 buf[0] = 'O';
2250 if (len > (MAX_PACKET_LENGTH/2) - 1)
2251 len = (MAX_PACKET_LENGTH/2) - 1;
2252 memtohex(buf + 1, (uint8_t *)msg, len);
2253 put_packet(s, buf);
2254 }
2255
2256 static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len)
2257 {
2258 const char *p = (const char *)buf;
2259 int max_sz;
2260
2261 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
2262 for (;;) {
2263 if (len <= max_sz) {
2264 gdb_monitor_output(gdbserver_state, p, len);
2265 break;
2266 }
2267 gdb_monitor_output(gdbserver_state, p, max_sz);
2268 p += max_sz;
2269 len -= max_sz;
2270 }
2271 return len;
2272 }
2273
2274 #ifndef _WIN32
2275 static void gdb_sigterm_handler(int signal)
2276 {
2277 if (runstate_is_running()) {
2278 vm_stop(RUN_STATE_PAUSED);
2279 }
2280 }
2281 #endif
2282
2283 static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend,
2284 bool *be_opened, Error **errp)
2285 {
2286 *be_opened = false;
2287 }
2288
2289 static void char_gdb_class_init(ObjectClass *oc, void *data)
2290 {
2291 ChardevClass *cc = CHARDEV_CLASS(oc);
2292
2293 cc->internal = true;
2294 cc->open = gdb_monitor_open;
2295 cc->chr_write = gdb_monitor_write;
2296 }
2297
2298 #define TYPE_CHARDEV_GDB "chardev-gdb"
2299
2300 static const TypeInfo char_gdb_type_info = {
2301 .name = TYPE_CHARDEV_GDB,
2302 .parent = TYPE_CHARDEV,
2303 .class_init = char_gdb_class_init,
2304 };
2305
2306 static int find_cpu_clusters(Object *child, void *opaque)
2307 {
2308 if (object_dynamic_cast(child, TYPE_CPU_CLUSTER)) {
2309 GDBState *s = (GDBState *) opaque;
2310 CPUClusterState *cluster = CPU_CLUSTER(child);
2311 GDBProcess *process;
2312
2313 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
2314
2315 process = &s->processes[s->process_num - 1];
2316
2317 /*
2318 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at
2319 * runtime, we enforce here that the machine does not use a cluster ID
2320 * that would lead to PID 0.
2321 */
2322 assert(cluster->cluster_id != UINT32_MAX);
2323 process->pid = cluster->cluster_id + 1;
2324 process->attached = false;
2325
2326 return 0;
2327 }
2328
2329 return object_child_foreach(child, find_cpu_clusters, opaque);
2330 }
2331
2332 static int pid_order(const void *a, const void *b)
2333 {
2334 GDBProcess *pa = (GDBProcess *) a;
2335 GDBProcess *pb = (GDBProcess *) b;
2336
2337 if (pa->pid < pb->pid) {
2338 return -1;
2339 } else if (pa->pid > pb->pid) {
2340 return 1;
2341 } else {
2342 return 0;
2343 }
2344 }
2345
2346 static void create_processes(GDBState *s)
2347 {
2348 object_child_foreach(object_get_root(), find_cpu_clusters, s);
2349
2350 if (s->processes) {
2351 /* Sort by PID */
2352 qsort(s->processes, s->process_num, sizeof(s->processes[0]), pid_order);
2353 }
2354
2355 create_default_process(s);
2356 }
2357
2358 static void cleanup_processes(GDBState *s)
2359 {
2360 g_free(s->processes);
2361 s->process_num = 0;
2362 s->processes = NULL;
2363 }
2364
2365 int gdbserver_start(const char *device)
2366 {
2367 trace_gdbstub_op_start(device);
2368
2369 GDBState *s;
2370 char gdbstub_device_name[128];
2371 Chardev *chr = NULL;
2372 Chardev *mon_chr;
2373
2374 if (!first_cpu) {
2375 error_report("gdbstub: meaningless to attach gdb to a "
2376 "machine without any CPU.");
2377 return -1;
2378 }
2379
2380 if (!device)
2381 return -1;
2382 if (strcmp(device, "none") != 0) {
2383 if (strstart(device, "tcp:", NULL)) {
2384 /* enforce required TCP attributes */
2385 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
2386 "%s,nowait,nodelay,server", device);
2387 device = gdbstub_device_name;
2388 }
2389 #ifndef _WIN32
2390 else if (strcmp(device, "stdio") == 0) {
2391 struct sigaction act;
2392
2393 memset(&act, 0, sizeof(act));
2394 act.sa_handler = gdb_sigterm_handler;
2395 sigaction(SIGINT, &act, NULL);
2396 }
2397 #endif
2398 /*
2399 * FIXME: it's a bit weird to allow using a mux chardev here
2400 * and implicitly setup a monitor. We may want to break this.
2401 */
2402 chr = qemu_chr_new_noreplay("gdb", device, true);
2403 if (!chr)
2404 return -1;
2405 }
2406
2407 s = gdbserver_state;
2408 if (!s) {
2409 s = g_malloc0(sizeof(GDBState));
2410 gdbserver_state = s;
2411
2412 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
2413
2414 /* Initialize a monitor terminal for gdb */
2415 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB,
2416 NULL, &error_abort);
2417 monitor_init(mon_chr, 0);
2418 } else {
2419 qemu_chr_fe_deinit(&s->chr, true);
2420 mon_chr = s->mon_chr;
2421 cleanup_processes(s);
2422 memset(s, 0, sizeof(GDBState));
2423 s->mon_chr = mon_chr;
2424 }
2425 s->c_cpu = first_cpu;
2426 s->g_cpu = first_cpu;
2427
2428 create_processes(s);
2429
2430 if (chr) {
2431 qemu_chr_fe_init(&s->chr, chr, &error_abort);
2432 qemu_chr_fe_set_handlers(&s->chr, gdb_chr_can_receive, gdb_chr_receive,
2433 gdb_chr_event, NULL, NULL, NULL, true);
2434 }
2435 s->state = chr ? RS_IDLE : RS_INACTIVE;
2436 s->mon_chr = mon_chr;
2437 s->current_syscall_cb = NULL;
2438
2439 return 0;
2440 }
2441
2442 void gdbserver_cleanup(void)
2443 {
2444 if (gdbserver_state) {
2445 put_packet(gdbserver_state, "W00");
2446 }
2447 }
2448
2449 static void register_types(void)
2450 {
2451 type_register_static(&char_gdb_type_info);
2452 }
2453
2454 type_init(register_types);
2455 #endif
QEMU mirror