]> git.proxmox.com Git - mirror_qemu.git/blob - gdbstub.c
projects / mirror_qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge tag 'pull-aspeed-20240201' of https://github.com/legoater/qemu into staging
[mirror_qemu.git] / gdbstub.c
1 /*
2 * gdb server stub
3 *
4 * Copyright (c) 2003-2005 Fabrice Bellard
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "qemu/osdep.h"
21 #include "qemu-common.h"
22 #include "qapi/error.h"
23 #include "qemu/error-report.h"
24 #include "qemu/ctype.h"
25 #include "qemu/cutils.h"
26 #include "qemu/module.h"
27 #include "trace-root.h"
28 #ifdef CONFIG_USER_ONLY
29 #include "qemu.h"
30 #else
31 #include "monitor/monitor.h"
32 #include "chardev/char.h"
33 #include "chardev/char-fe.h"
34 #include "sysemu/sysemu.h"
35 #include "exec/gdbstub.h"
36 #include "hw/cpu/cluster.h"
37 #include "hw/boards.h"
38 #endif
39
40 #define MAX_PACKET_LENGTH 4096
41
42 #include "qemu/sockets.h"
43 #include "sysemu/hw_accel.h"
44 #include "sysemu/kvm.h"
45 #include "hw/semihosting/semihost.h"
46 #include "exec/exec-all.h"
47
48 #ifdef CONFIG_USER_ONLY
49 #define GDB_ATTACHED "0"
50 #else
51 #define GDB_ATTACHED "1"
52 #endif
53
54 #ifndef CONFIG_USER_ONLY
55 static int phy_memory_mode;
56 #endif
57
58 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
59 uint8_t *buf, int len, bool is_write)
60 {
61 CPUClass *cc;
62
63 #ifndef CONFIG_USER_ONLY
64 if (phy_memory_mode) {
65 if (is_write) {
66 cpu_physical_memory_write(addr, buf, len);
67 } else {
68 cpu_physical_memory_read(addr, buf, len);
69 }
70 return 0;
71 }
72 #endif
73
74 cc = CPU_GET_CLASS(cpu);
75 if (cc->memory_rw_debug) {
76 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
77 }
78 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
79 }
80
81 /* Return the GDB index for a given vCPU state.
82 *
83 * For user mode this is simply the thread id. In system mode GDB
84 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
85 */
86 static inline int cpu_gdb_index(CPUState *cpu)
87 {
88 #if defined(CONFIG_USER_ONLY)
89 TaskState *ts = (TaskState *) cpu->opaque;
90 return ts->ts_tid;
91 #else
92 return cpu->cpu_index + 1;
93 #endif
94 }
95
96 enum {
97 GDB_SIGNAL_0 = 0,
98 GDB_SIGNAL_INT = 2,
99 GDB_SIGNAL_QUIT = 3,
100 GDB_SIGNAL_TRAP = 5,
101 GDB_SIGNAL_ABRT = 6,
102 GDB_SIGNAL_ALRM = 14,
103 GDB_SIGNAL_IO = 23,
104 GDB_SIGNAL_XCPU = 24,
105 GDB_SIGNAL_UNKNOWN = 143
106 };
107
108 #ifdef CONFIG_USER_ONLY
109
110 /* Map target signal numbers to GDB protocol signal numbers and vice
111 * versa. For user emulation's currently supported systems, we can
112 * assume most signals are defined.
113 */
114
115 static int gdb_signal_table[] = {
116 0,
117 TARGET_SIGHUP,
118 TARGET_SIGINT,
119 TARGET_SIGQUIT,
120 TARGET_SIGILL,
121 TARGET_SIGTRAP,
122 TARGET_SIGABRT,
123 -1, /* SIGEMT */
124 TARGET_SIGFPE,
125 TARGET_SIGKILL,
126 TARGET_SIGBUS,
127 TARGET_SIGSEGV,
128 TARGET_SIGSYS,
129 TARGET_SIGPIPE,
130 TARGET_SIGALRM,
131 TARGET_SIGTERM,
132 TARGET_SIGURG,
133 TARGET_SIGSTOP,
134 TARGET_SIGTSTP,
135 TARGET_SIGCONT,
136 TARGET_SIGCHLD,
137 TARGET_SIGTTIN,
138 TARGET_SIGTTOU,
139 TARGET_SIGIO,
140 TARGET_SIGXCPU,
141 TARGET_SIGXFSZ,
142 TARGET_SIGVTALRM,
143 TARGET_SIGPROF,
144 TARGET_SIGWINCH,
145 -1, /* SIGLOST */
146 TARGET_SIGUSR1,
147 TARGET_SIGUSR2,
148 #ifdef TARGET_SIGPWR
149 TARGET_SIGPWR,
150 #else
151 -1,
152 #endif
153 -1, /* SIGPOLL */
154 -1,
155 -1,
156 -1,
157 -1,
158 -1,
159 -1,
160 -1,
161 -1,
162 -1,
163 -1,
164 -1,
165 #ifdef __SIGRTMIN
166 __SIGRTMIN + 1,
167 __SIGRTMIN + 2,
168 __SIGRTMIN + 3,
169 __SIGRTMIN + 4,
170 __SIGRTMIN + 5,
171 __SIGRTMIN + 6,
172 __SIGRTMIN + 7,
173 __SIGRTMIN + 8,
174 __SIGRTMIN + 9,
175 __SIGRTMIN + 10,
176 __SIGRTMIN + 11,
177 __SIGRTMIN + 12,
178 __SIGRTMIN + 13,
179 __SIGRTMIN + 14,
180 __SIGRTMIN + 15,
181 __SIGRTMIN + 16,
182 __SIGRTMIN + 17,
183 __SIGRTMIN + 18,
184 __SIGRTMIN + 19,
185 __SIGRTMIN + 20,
186 __SIGRTMIN + 21,
187 __SIGRTMIN + 22,
188 __SIGRTMIN + 23,
189 __SIGRTMIN + 24,
190 __SIGRTMIN + 25,
191 __SIGRTMIN + 26,
192 __SIGRTMIN + 27,
193 __SIGRTMIN + 28,
194 __SIGRTMIN + 29,
195 __SIGRTMIN + 30,
196 __SIGRTMIN + 31,
197 -1, /* SIGCANCEL */
198 __SIGRTMIN,
199 __SIGRTMIN + 32,
200 __SIGRTMIN + 33,
201 __SIGRTMIN + 34,
202 __SIGRTMIN + 35,
203 __SIGRTMIN + 36,
204 __SIGRTMIN + 37,
205 __SIGRTMIN + 38,
206 __SIGRTMIN + 39,
207 __SIGRTMIN + 40,
208 __SIGRTMIN + 41,
209 __SIGRTMIN + 42,
210 __SIGRTMIN + 43,
211 __SIGRTMIN + 44,
212 __SIGRTMIN + 45,
213 __SIGRTMIN + 46,
214 __SIGRTMIN + 47,
215 __SIGRTMIN + 48,
216 __SIGRTMIN + 49,
217 __SIGRTMIN + 50,
218 __SIGRTMIN + 51,
219 __SIGRTMIN + 52,
220 __SIGRTMIN + 53,
221 __SIGRTMIN + 54,
222 __SIGRTMIN + 55,
223 __SIGRTMIN + 56,
224 __SIGRTMIN + 57,
225 __SIGRTMIN + 58,
226 __SIGRTMIN + 59,
227 __SIGRTMIN + 60,
228 __SIGRTMIN + 61,
229 __SIGRTMIN + 62,
230 __SIGRTMIN + 63,
231 __SIGRTMIN + 64,
232 __SIGRTMIN + 65,
233 __SIGRTMIN + 66,
234 __SIGRTMIN + 67,
235 __SIGRTMIN + 68,
236 __SIGRTMIN + 69,
237 __SIGRTMIN + 70,
238 __SIGRTMIN + 71,
239 __SIGRTMIN + 72,
240 __SIGRTMIN + 73,
241 __SIGRTMIN + 74,
242 __SIGRTMIN + 75,
243 __SIGRTMIN + 76,
244 __SIGRTMIN + 77,
245 __SIGRTMIN + 78,
246 __SIGRTMIN + 79,
247 __SIGRTMIN + 80,
248 __SIGRTMIN + 81,
249 __SIGRTMIN + 82,
250 __SIGRTMIN + 83,
251 __SIGRTMIN + 84,
252 __SIGRTMIN + 85,
253 __SIGRTMIN + 86,
254 __SIGRTMIN + 87,
255 __SIGRTMIN + 88,
256 __SIGRTMIN + 89,
257 __SIGRTMIN + 90,
258 __SIGRTMIN + 91,
259 __SIGRTMIN + 92,
260 __SIGRTMIN + 93,
261 __SIGRTMIN + 94,
262 __SIGRTMIN + 95,
263 -1, /* SIGINFO */
264 -1, /* UNKNOWN */
265 -1, /* DEFAULT */
266 -1,
267 -1,
268 -1,
269 -1,
270 -1,
271 -1
272 #endif
273 };
274 #else
275 /* In system mode we only need SIGINT and SIGTRAP; other signals
276 are not yet supported. */
277
278 enum {
279 TARGET_SIGINT = 2,
280 TARGET_SIGTRAP = 5
281 };
282
283 static int gdb_signal_table[] = {
284 -1,
285 -1,
286 TARGET_SIGINT,
287 -1,
288 -1,
289 TARGET_SIGTRAP
290 };
291 #endif
292
293 #ifdef CONFIG_USER_ONLY
294 static int target_signal_to_gdb (int sig)
295 {
296 int i;
297 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
298 if (gdb_signal_table[i] == sig)
299 return i;
300 return GDB_SIGNAL_UNKNOWN;
301 }
302 #endif
303
304 static int gdb_signal_to_target (int sig)
305 {
306 if (sig < ARRAY_SIZE (gdb_signal_table))
307 return gdb_signal_table[sig];
308 else
309 return -1;
310 }
311
312 typedef struct GDBRegisterState {
313 int base_reg;
314 int num_regs;
315 gdb_reg_cb get_reg;
316 gdb_reg_cb set_reg;
317 const char *xml;
318 struct GDBRegisterState *next;
319 } GDBRegisterState;
320
321 typedef struct GDBProcess {
322 uint32_t pid;
323 bool attached;
324
325 char target_xml[1024];
326 } GDBProcess;
327
328 enum RSState {
329 RS_INACTIVE,
330 RS_IDLE,
331 RS_GETLINE,
332 RS_GETLINE_ESC,
333 RS_GETLINE_RLE,
334 RS_CHKSUM1,
335 RS_CHKSUM2,
336 };
337 typedef struct GDBState {
338 CPUState *c_cpu; /* current CPU for step/continue ops */
339 CPUState *g_cpu; /* current CPU for other ops */
340 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
341 enum RSState state; /* parsing state */
342 char line_buf[MAX_PACKET_LENGTH];
343 int line_buf_index;
344 int line_sum; /* running checksum */
345 int line_csum; /* checksum at the end of the packet */
346 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
347 int last_packet_len;
348 int signal;
349 #ifdef CONFIG_USER_ONLY
350 int fd;
351 int running_state;
352 #else
353 CharBackend chr;
354 Chardev *mon_chr;
355 #endif
356 bool multiprocess;
357 GDBProcess *processes;
358 int process_num;
359 char syscall_buf[256];
360 gdb_syscall_complete_cb current_syscall_cb;
361 } GDBState;
362
363 /* By default use no IRQs and no timers while single stepping so as to
364 * make single stepping like an ICE HW step.
365 */
366 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
367
368 static GDBState *gdbserver_state;
369
370 bool gdb_has_xml;
371
372 #ifdef CONFIG_USER_ONLY
373 /* XXX: This is not thread safe. Do we care? */
374 static int gdbserver_fd = -1;
375
376 static int get_char(GDBState *s)
377 {
378 uint8_t ch;
379 int ret;
380
381 for(;;) {
382 ret = qemu_recv(s->fd, &ch, 1, 0);
383 if (ret < 0) {
384 if (errno == ECONNRESET)
385 s->fd = -1;
386 if (errno != EINTR)
387 return -1;
388 } else if (ret == 0) {
389 close(s->fd);
390 s->fd = -1;
391 return -1;
392 } else {
393 break;
394 }
395 }
396 return ch;
397 }
398 #endif
399
400 static enum {
401 GDB_SYS_UNKNOWN,
402 GDB_SYS_ENABLED,
403 GDB_SYS_DISABLED,
404 } gdb_syscall_mode;
405
406 /* Decide if either remote gdb syscalls or native file IO should be used. */
407 int use_gdb_syscalls(void)
408 {
409 SemihostingTarget target = semihosting_get_target();
410 if (target == SEMIHOSTING_TARGET_NATIVE) {
411 /* -semihosting-config target=native */
412 return false;
413 } else if (target == SEMIHOSTING_TARGET_GDB) {
414 /* -semihosting-config target=gdb */
415 return true;
416 }
417
418 /* -semihosting-config target=auto */
419 /* On the first call check if gdb is connected and remember. */
420 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
421 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
422 : GDB_SYS_DISABLED);
423 }
424 return gdb_syscall_mode == GDB_SYS_ENABLED;
425 }
426
427 /* Resume execution. */
428 static inline void gdb_continue(GDBState *s)
429 {
430
431 #ifdef CONFIG_USER_ONLY
432 s->running_state = 1;
433 trace_gdbstub_op_continue();
434 #else
435 if (!runstate_needs_reset()) {
436 trace_gdbstub_op_continue();
437 vm_start();
438 }
439 #endif
440 }
441
442 /*
443 * Resume execution, per CPU actions. For user-mode emulation it's
444 * equivalent to gdb_continue.
445 */
446 static int gdb_continue_partial(GDBState *s, char *newstates)
447 {
448 CPUState *cpu;
449 int res = 0;
450 #ifdef CONFIG_USER_ONLY
451 /*
452 * This is not exactly accurate, but it's an improvement compared to the
453 * previous situation, where only one CPU would be single-stepped.
454 */
455 CPU_FOREACH(cpu) {
456 if (newstates[cpu->cpu_index] == 's') {
457 trace_gdbstub_op_stepping(cpu->cpu_index);
458 cpu_single_step(cpu, sstep_flags);
459 }
460 }
461 s->running_state = 1;
462 #else
463 int flag = 0;
464
465 if (!runstate_needs_reset()) {
466 if (vm_prepare_start()) {
467 return 0;
468 }
469
470 CPU_FOREACH(cpu) {
471 switch (newstates[cpu->cpu_index]) {
472 case 0:
473 case 1:
474 break; /* nothing to do here */
475 case 's':
476 trace_gdbstub_op_stepping(cpu->cpu_index);
477 cpu_single_step(cpu, sstep_flags);
478 cpu_resume(cpu);
479 flag = 1;
480 break;
481 case 'c':
482 trace_gdbstub_op_continue_cpu(cpu->cpu_index);
483 cpu_resume(cpu);
484 flag = 1;
485 break;
486 default:
487 res = -1;
488 break;
489 }
490 }
491 }
492 if (flag) {
493 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true);
494 }
495 #endif
496 return res;
497 }
498
499 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
500 {
501 #ifdef CONFIG_USER_ONLY
502 int ret;
503
504 while (len > 0) {
505 ret = send(s->fd, buf, len, 0);
506 if (ret < 0) {
507 if (errno != EINTR)
508 return;
509 } else {
510 buf += ret;
511 len -= ret;
512 }
513 }
514 #else
515 /* XXX this blocks entire thread. Rewrite to use
516 * qemu_chr_fe_write and background I/O callbacks */
517 qemu_chr_fe_write_all(&s->chr, buf, len);
518 #endif
519 }
520
521 static inline int fromhex(int v)
522 {
523 if (v >= '0' && v <= '9')
524 return v - '0';
525 else if (v >= 'A' && v <= 'F')
526 return v - 'A' + 10;
527 else if (v >= 'a' && v <= 'f')
528 return v - 'a' + 10;
529 else
530 return 0;
531 }
532
533 static inline int tohex(int v)
534 {
535 if (v < 10)
536 return v + '0';
537 else
538 return v - 10 + 'a';
539 }
540
541 /* writes 2*len+1 bytes in buf */
542 static void memtohex(char *buf, const uint8_t *mem, int len)
543 {
544 int i, c;
545 char *q;
546 q = buf;
547 for(i = 0; i < len; i++) {
548 c = mem[i];
549 *q++ = tohex(c >> 4);
550 *q++ = tohex(c & 0xf);
551 }
552 *q = '\0';
553 }
554
555 static void hextomem(uint8_t *mem, const char *buf, int len)
556 {
557 int i;
558
559 for(i = 0; i < len; i++) {
560 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
561 buf += 2;
562 }
563 }
564
565 static void hexdump(const char *buf, int len,
566 void (*trace_fn)(size_t ofs, char const *text))
567 {
568 char line_buffer[3 * 16 + 4 + 16 + 1];
569
570 size_t i;
571 for (i = 0; i < len || (i & 0xF); ++i) {
572 size_t byte_ofs = i & 15;
573
574 if (byte_ofs == 0) {
575 memset(line_buffer, ' ', 3 * 16 + 4 + 16);
576 line_buffer[3 * 16 + 4 + 16] = 0;
577 }
578
579 size_t col_group = (i >> 2) & 3;
580 size_t hex_col = byte_ofs * 3 + col_group;
581 size_t txt_col = 3 * 16 + 4 + byte_ofs;
582
583 if (i < len) {
584 char value = buf[i];
585
586 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF);
587 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF);
588 line_buffer[txt_col + 0] = (value >= ' ' && value < 127)
589 ? value
590 : '.';
591 }
592
593 if (byte_ofs == 0xF)
594 trace_fn(i & -16, line_buffer);
595 }
596 }
597
598 /* return -1 if error, 0 if OK */
599 static int put_packet_binary(GDBState *s, const char *buf, int len, bool dump)
600 {
601 int csum, i;
602 uint8_t *p;
603
604 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) {
605 hexdump(buf, len, trace_gdbstub_io_binaryreply);
606 }
607
608 for(;;) {
609 p = s->last_packet;
610 *(p++) = '$';
611 memcpy(p, buf, len);
612 p += len;
613 csum = 0;
614 for(i = 0; i < len; i++) {
615 csum += buf[i];
616 }
617 *(p++) = '#';
618 *(p++) = tohex((csum >> 4) & 0xf);
619 *(p++) = tohex((csum) & 0xf);
620
621 s->last_packet_len = p - s->last_packet;
622 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
623
624 #ifdef CONFIG_USER_ONLY
625 i = get_char(s);
626 if (i < 0)
627 return -1;
628 if (i == '+')
629 break;
630 #else
631 break;
632 #endif
633 }
634 return 0;
635 }
636
637 /* return -1 if error, 0 if OK */
638 static int put_packet(GDBState *s, const char *buf)
639 {
640 trace_gdbstub_io_reply(buf);
641
642 return put_packet_binary(s, buf, strlen(buf), false);
643 }
644
645 /* Encode data using the encoding for 'x' packets. */
646 static int memtox(char *buf, const char *mem, int len)
647 {
648 char *p = buf;
649 char c;
650
651 while (len--) {
652 c = *(mem++);
653 switch (c) {
654 case '#': case '$': case '*': case '}':
655 *(p++) = '}';
656 *(p++) = c ^ 0x20;
657 break;
658 default:
659 *(p++) = c;
660 break;
661 }
662 }
663 return p - buf;
664 }
665
666 static uint32_t gdb_get_cpu_pid(const GDBState *s, CPUState *cpu)
667 {
668 /* TODO: In user mode, we should use the task state PID */
669 if (cpu->cluster_index == UNASSIGNED_CLUSTER_INDEX) {
670 /* Return the default process' PID */
671 return s->processes[s->process_num - 1].pid;
672 }
673 return cpu->cluster_index + 1;
674 }
675
676 static GDBProcess *gdb_get_process(const GDBState *s, uint32_t pid)
677 {
678 int i;
679
680 if (!pid) {
681 /* 0 means any process, we take the first one */
682 return &s->processes[0];
683 }
684
685 for (i = 0; i < s->process_num; i++) {
686 if (s->processes[i].pid == pid) {
687 return &s->processes[i];
688 }
689 }
690
691 return NULL;
692 }
693
694 static GDBProcess *gdb_get_cpu_process(const GDBState *s, CPUState *cpu)
695 {
696 return gdb_get_process(s, gdb_get_cpu_pid(s, cpu));
697 }
698
699 static CPUState *find_cpu(uint32_t thread_id)
700 {
701 CPUState *cpu;
702
703 CPU_FOREACH(cpu) {
704 if (cpu_gdb_index(cpu) == thread_id) {
705 return cpu;
706 }
707 }
708
709 return NULL;
710 }
711
712 static CPUState *get_first_cpu_in_process(const GDBState *s,
713 GDBProcess *process)
714 {
715 CPUState *cpu;
716
717 CPU_FOREACH(cpu) {
718 if (gdb_get_cpu_pid(s, cpu) == process->pid) {
719 return cpu;
720 }
721 }
722
723 return NULL;
724 }
725
726 static CPUState *gdb_next_cpu_in_process(const GDBState *s, CPUState *cpu)
727 {
728 uint32_t pid = gdb_get_cpu_pid(s, cpu);
729 cpu = CPU_NEXT(cpu);
730
731 while (cpu) {
732 if (gdb_get_cpu_pid(s, cpu) == pid) {
733 break;
734 }
735
736 cpu = CPU_NEXT(cpu);
737 }
738
739 return cpu;
740 }
741
742 /* Return the cpu following @cpu, while ignoring unattached processes. */
743 static CPUState *gdb_next_attached_cpu(const GDBState *s, CPUState *cpu)
744 {
745 cpu = CPU_NEXT(cpu);
746
747 while (cpu) {
748 if (gdb_get_cpu_process(s, cpu)->attached) {
749 break;
750 }
751
752 cpu = CPU_NEXT(cpu);
753 }
754
755 return cpu;
756 }
757
758 /* Return the first attached cpu */
759 static CPUState *gdb_first_attached_cpu(const GDBState *s)
760 {
761 CPUState *cpu = first_cpu;
762 GDBProcess *process = gdb_get_cpu_process(s, cpu);
763
764 if (!process->attached) {
765 return gdb_next_attached_cpu(s, cpu);
766 }
767
768 return cpu;
769 }
770
771 static CPUState *gdb_get_cpu(const GDBState *s, uint32_t pid, uint32_t tid)
772 {
773 GDBProcess *process;
774 CPUState *cpu;
775
776 if (!pid && !tid) {
777 /* 0 means any process/thread, we take the first attached one */
778 return gdb_first_attached_cpu(s);
779 } else if (pid && !tid) {
780 /* any thread in a specific process */
781 process = gdb_get_process(s, pid);
782
783 if (process == NULL) {
784 return NULL;
785 }
786
787 if (!process->attached) {
788 return NULL;
789 }
790
791 return get_first_cpu_in_process(s, process);
792 } else {
793 /* a specific thread */
794 cpu = find_cpu(tid);
795
796 if (cpu == NULL) {
797 return NULL;
798 }
799
800 process = gdb_get_cpu_process(s, cpu);
801
802 if (pid && process->pid != pid) {
803 return NULL;
804 }
805
806 if (!process->attached) {
807 return NULL;
808 }
809
810 return cpu;
811 }
812 }
813
814 static const char *get_feature_xml(const GDBState *s, const char *p,
815 const char **newp, GDBProcess *process)
816 {
817 size_t len;
818 int i;
819 const char *name;
820 CPUState *cpu = get_first_cpu_in_process(s, process);
821 CPUClass *cc = CPU_GET_CLASS(cpu);
822
823 len = 0;
824 while (p[len] && p[len] != ':')
825 len++;
826 *newp = p + len;
827
828 name = NULL;
829 if (strncmp(p, "target.xml", len) == 0) {
830 char *buf = process->target_xml;
831 const size_t buf_sz = sizeof(process->target_xml);
832
833 /* Generate the XML description for this CPU. */
834 if (!buf[0]) {
835 GDBRegisterState *r;
836
837 pstrcat(buf, buf_sz,
838 "<?xml version=\"1.0\"?>"
839 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
840 "<target>");
841 if (cc->gdb_arch_name) {
842 gchar *arch = cc->gdb_arch_name(cpu);
843 pstrcat(buf, buf_sz, "<architecture>");
844 pstrcat(buf, buf_sz, arch);
845 pstrcat(buf, buf_sz, "</architecture>");
846 g_free(arch);
847 }
848 pstrcat(buf, buf_sz, "<xi:include href=\"");
849 pstrcat(buf, buf_sz, cc->gdb_core_xml_file);
850 pstrcat(buf, buf_sz, "\"/>");
851 for (r = cpu->gdb_regs; r; r = r->next) {
852 pstrcat(buf, buf_sz, "<xi:include href=\"");
853 pstrcat(buf, buf_sz, r->xml);
854 pstrcat(buf, buf_sz, "\"/>");
855 }
856 pstrcat(buf, buf_sz, "</target>");
857 }
858 return buf;
859 }
860 if (cc->gdb_get_dynamic_xml) {
861 char *xmlname = g_strndup(p, len);
862 const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname);
863
864 g_free(xmlname);
865 if (xml) {
866 return xml;
867 }
868 }
869 for (i = 0; ; i++) {
870 name = xml_builtin[i][0];
871 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
872 break;
873 }
874 return name ? xml_builtin[i][1] : NULL;
875 }
876
877 static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
878 {
879 CPUClass *cc = CPU_GET_CLASS(cpu);
880 CPUArchState *env = cpu->env_ptr;
881 GDBRegisterState *r;
882
883 if (reg < cc->gdb_num_core_regs) {
884 return cc->gdb_read_register(cpu, mem_buf, reg);
885 }
886
887 for (r = cpu->gdb_regs; r; r = r->next) {
888 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
889 return r->get_reg(env, mem_buf, reg - r->base_reg);
890 }
891 }
892 return 0;
893 }
894
895 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
896 {
897 CPUClass *cc = CPU_GET_CLASS(cpu);
898 CPUArchState *env = cpu->env_ptr;
899 GDBRegisterState *r;
900
901 if (reg < cc->gdb_num_core_regs) {
902 return cc->gdb_write_register(cpu, mem_buf, reg);
903 }
904
905 for (r = cpu->gdb_regs; r; r = r->next) {
906 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
907 return r->set_reg(env, mem_buf, reg - r->base_reg);
908 }
909 }
910 return 0;
911 }
912
913 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
914 specifies the first register number and these registers are included in
915 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
916 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
917 */
918
919 void gdb_register_coprocessor(CPUState *cpu,
920 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
921 int num_regs, const char *xml, int g_pos)
922 {
923 GDBRegisterState *s;
924 GDBRegisterState **p;
925
926 p = &cpu->gdb_regs;
927 while (*p) {
928 /* Check for duplicates. */
929 if (strcmp((*p)->xml, xml) == 0)
930 return;
931 p = &(*p)->next;
932 }
933
934 s = g_new0(GDBRegisterState, 1);
935 s->base_reg = cpu->gdb_num_regs;
936 s->num_regs = num_regs;
937 s->get_reg = get_reg;
938 s->set_reg = set_reg;
939 s->xml = xml;
940
941 /* Add to end of list. */
942 cpu->gdb_num_regs += num_regs;
943 *p = s;
944 if (g_pos) {
945 if (g_pos != s->base_reg) {
946 error_report("Error: Bad gdb register numbering for '%s', "
947 "expected %d got %d", xml, g_pos, s->base_reg);
948 } else {
949 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
950 }
951 }
952 }
953
954 #ifndef CONFIG_USER_ONLY
955 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
956 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
957 {
958 static const int xlat[] = {
959 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
960 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
961 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
962 };
963
964 CPUClass *cc = CPU_GET_CLASS(cpu);
965 int cputype = xlat[gdbtype];
966
967 if (cc->gdb_stop_before_watchpoint) {
968 cputype |= BP_STOP_BEFORE_ACCESS;
969 }
970 return cputype;
971 }
972 #endif
973
974 static int gdb_breakpoint_insert(int type, target_ulong addr, target_ulong len)
975 {
976 CPUState *cpu;
977 int err = 0;
978
979 if (kvm_enabled()) {
980 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
981 }
982
983 switch (type) {
984 case GDB_BREAKPOINT_SW:
985 case GDB_BREAKPOINT_HW:
986 CPU_FOREACH(cpu) {
987 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
988 if (err) {
989 break;
990 }
991 }
992 return err;
993 #ifndef CONFIG_USER_ONLY
994 case GDB_WATCHPOINT_WRITE:
995 case GDB_WATCHPOINT_READ:
996 case GDB_WATCHPOINT_ACCESS:
997 CPU_FOREACH(cpu) {
998 err = cpu_watchpoint_insert(cpu, addr, len,
999 xlat_gdb_type(cpu, type), NULL);
1000 if (err) {
1001 break;
1002 }
1003 }
1004 return err;
1005 #endif
1006 default:
1007 return -ENOSYS;
1008 }
1009 }
1010
1011 static int gdb_breakpoint_remove(int type, target_ulong addr, target_ulong len)
1012 {
1013 CPUState *cpu;
1014 int err = 0;
1015
1016 if (kvm_enabled()) {
1017 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
1018 }
1019
1020 switch (type) {
1021 case GDB_BREAKPOINT_SW:
1022 case GDB_BREAKPOINT_HW:
1023 CPU_FOREACH(cpu) {
1024 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
1025 if (err) {
1026 break;
1027 }
1028 }
1029 return err;
1030 #ifndef CONFIG_USER_ONLY
1031 case GDB_WATCHPOINT_WRITE:
1032 case GDB_WATCHPOINT_READ:
1033 case GDB_WATCHPOINT_ACCESS:
1034 CPU_FOREACH(cpu) {
1035 err = cpu_watchpoint_remove(cpu, addr, len,
1036 xlat_gdb_type(cpu, type));
1037 if (err)
1038 break;
1039 }
1040 return err;
1041 #endif
1042 default:
1043 return -ENOSYS;
1044 }
1045 }
1046
1047 static inline void gdb_cpu_breakpoint_remove_all(CPUState *cpu)
1048 {
1049 cpu_breakpoint_remove_all(cpu, BP_GDB);
1050 #ifndef CONFIG_USER_ONLY
1051 cpu_watchpoint_remove_all(cpu, BP_GDB);
1052 #endif
1053 }
1054
1055 static void gdb_process_breakpoint_remove_all(const GDBState *s, GDBProcess *p)
1056 {
1057 CPUState *cpu = get_first_cpu_in_process(s, p);
1058
1059 while (cpu) {
1060 gdb_cpu_breakpoint_remove_all(cpu);
1061 cpu = gdb_next_cpu_in_process(s, cpu);
1062 }
1063 }
1064
1065 static void gdb_breakpoint_remove_all(void)
1066 {
1067 CPUState *cpu;
1068
1069 if (kvm_enabled()) {
1070 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
1071 return;
1072 }
1073
1074 CPU_FOREACH(cpu) {
1075 gdb_cpu_breakpoint_remove_all(cpu);
1076 }
1077 }
1078
1079 static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
1080 {
1081 CPUState *cpu = s->c_cpu;
1082
1083 cpu_synchronize_state(cpu);
1084 cpu_set_pc(cpu, pc);
1085 }
1086
1087 static char *gdb_fmt_thread_id(const GDBState *s, CPUState *cpu,
1088 char *buf, size_t buf_size)
1089 {
1090 if (s->multiprocess) {
1091 snprintf(buf, buf_size, "p%02x.%02x",
1092 gdb_get_cpu_pid(s, cpu), cpu_gdb_index(cpu));
1093 } else {
1094 snprintf(buf, buf_size, "%02x", cpu_gdb_index(cpu));
1095 }
1096
1097 return buf;
1098 }
1099
1100 typedef enum GDBThreadIdKind {
1101 GDB_ONE_THREAD = 0,
1102 GDB_ALL_THREADS, /* One process, all threads */
1103 GDB_ALL_PROCESSES,
1104 GDB_READ_THREAD_ERR
1105 } GDBThreadIdKind;
1106
1107 static GDBThreadIdKind read_thread_id(const char *buf, const char **end_buf,
1108 uint32_t *pid, uint32_t *tid)
1109 {
1110 unsigned long p, t;
1111 int ret;
1112
1113 if (*buf == 'p') {
1114 buf++;
1115 ret = qemu_strtoul(buf, &buf, 16, &p);
1116
1117 if (ret) {
1118 return GDB_READ_THREAD_ERR;
1119 }
1120
1121 /* Skip '.' */
1122 buf++;
1123 } else {
1124 p = 1;
1125 }
1126
1127 ret = qemu_strtoul(buf, &buf, 16, &t);
1128
1129 if (ret) {
1130 return GDB_READ_THREAD_ERR;
1131 }
1132
1133 *end_buf = buf;
1134
1135 if (p == -1) {
1136 return GDB_ALL_PROCESSES;
1137 }
1138
1139 if (pid) {
1140 *pid = p;
1141 }
1142
1143 if (t == -1) {
1144 return GDB_ALL_THREADS;
1145 }
1146
1147 if (tid) {
1148 *tid = t;
1149 }
1150
1151 return GDB_ONE_THREAD;
1152 }
1153
1154 /**
1155 * gdb_handle_vcont - Parses and handles a vCont packet.
1156 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
1157 * a format error, 0 on success.
1158 */
1159 static int gdb_handle_vcont(GDBState *s, const char *p)
1160 {
1161 int res, signal = 0;
1162 char cur_action;
1163 char *newstates;
1164 unsigned long tmp;
1165 uint32_t pid, tid;
1166 GDBProcess *process;
1167 CPUState *cpu;
1168 GDBThreadIdKind kind;
1169 #ifdef CONFIG_USER_ONLY
1170 int max_cpus = 1; /* global variable max_cpus exists only in system mode */
1171
1172 CPU_FOREACH(cpu) {
1173 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus;
1174 }
1175 #else
1176 MachineState *ms = MACHINE(qdev_get_machine());
1177 unsigned int max_cpus = ms->smp.max_cpus;
1178 #endif
1179 /* uninitialised CPUs stay 0 */
1180 newstates = g_new0(char, max_cpus);
1181
1182 /* mark valid CPUs with 1 */
1183 CPU_FOREACH(cpu) {
1184 newstates[cpu->cpu_index] = 1;
1185 }
1186
1187 /*
1188 * res keeps track of what error we are returning, with -ENOTSUP meaning
1189 * that the command is unknown or unsupported, thus returning an empty
1190 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
1191 * or incorrect parameters passed.
1192 */
1193 res = 0;
1194 while (*p) {
1195 if (*p++ != ';') {
1196 res = -ENOTSUP;
1197 goto out;
1198 }
1199
1200 cur_action = *p++;
1201 if (cur_action == 'C' || cur_action == 'S') {
1202 cur_action = qemu_tolower(cur_action);
1203 res = qemu_strtoul(p + 1, &p, 16, &tmp);
1204 if (res) {
1205 goto out;
1206 }
1207 signal = gdb_signal_to_target(tmp);
1208 } else if (cur_action != 'c' && cur_action != 's') {
1209 /* unknown/invalid/unsupported command */
1210 res = -ENOTSUP;
1211 goto out;
1212 }
1213
1214 if (*p == '\0' || *p == ';') {
1215 /*
1216 * No thread specifier, action is on "all threads". The
1217 * specification is unclear regarding the process to act on. We
1218 * choose all processes.
1219 */
1220 kind = GDB_ALL_PROCESSES;
1221 } else if (*p++ == ':') {
1222 kind = read_thread_id(p, &p, &pid, &tid);
1223 } else {
1224 res = -ENOTSUP;
1225 goto out;
1226 }
1227
1228 switch (kind) {
1229 case GDB_READ_THREAD_ERR:
1230 res = -EINVAL;
1231 goto out;
1232
1233 case GDB_ALL_PROCESSES:
1234 cpu = gdb_first_attached_cpu(s);
1235 while (cpu) {
1236 if (newstates[cpu->cpu_index] == 1) {
1237 newstates[cpu->cpu_index] = cur_action;
1238 }
1239
1240 cpu = gdb_next_attached_cpu(s, cpu);
1241 }
1242 break;
1243
1244 case GDB_ALL_THREADS:
1245 process = gdb_get_process(s, pid);
1246
1247 if (!process->attached) {
1248 res = -EINVAL;
1249 goto out;
1250 }
1251
1252 cpu = get_first_cpu_in_process(s, process);
1253 while (cpu) {
1254 if (newstates[cpu->cpu_index] == 1) {
1255 newstates[cpu->cpu_index] = cur_action;
1256 }
1257
1258 cpu = gdb_next_cpu_in_process(s, cpu);
1259 }
1260 break;
1261
1262 case GDB_ONE_THREAD:
1263 cpu = gdb_get_cpu(s, pid, tid);
1264
1265 /* invalid CPU/thread specified */
1266 if (!cpu) {
1267 res = -EINVAL;
1268 goto out;
1269 }
1270
1271 /* only use if no previous match occourred */
1272 if (newstates[cpu->cpu_index] == 1) {
1273 newstates[cpu->cpu_index] = cur_action;
1274 }
1275 break;
1276 }
1277 }
1278 s->signal = signal;
1279 gdb_continue_partial(s, newstates);
1280
1281 out:
1282 g_free(newstates);
1283
1284 return res;
1285 }
1286
1287 typedef union GdbCmdVariant {
1288 const char *data;
1289 uint8_t opcode;
1290 unsigned long val_ul;
1291 unsigned long long val_ull;
1292 struct {
1293 GDBThreadIdKind kind;
1294 uint32_t pid;
1295 uint32_t tid;
1296 } thread_id;
1297 } GdbCmdVariant;
1298
1299 static const char *cmd_next_param(const char *param, const char delimiter)
1300 {
1301 static const char all_delimiters[] = ",;:=";
1302 char curr_delimiters[2] = {0};
1303 const char *delimiters;
1304
1305 if (delimiter == '?') {
1306 delimiters = all_delimiters;
1307 } else if (delimiter == '0') {
1308 return strchr(param, '\0');
1309 } else if (delimiter == '.' && *param) {
1310 return param + 1;
1311 } else {
1312 curr_delimiters[0] = delimiter;
1313 delimiters = curr_delimiters;
1314 }
1315
1316 param += strcspn(param, delimiters);
1317 if (*param) {
1318 param++;
1319 }
1320 return param;
1321 }
1322
1323 static int cmd_parse_params(const char *data, const char *schema,
1324 GdbCmdVariant *params, int *num_params)
1325 {
1326 int curr_param;
1327 const char *curr_schema, *curr_data;
1328
1329 *num_params = 0;
1330
1331 if (!schema) {
1332 return 0;
1333 }
1334
1335 curr_schema = schema;
1336 curr_param = 0;
1337 curr_data = data;
1338 while (curr_schema[0] && curr_schema[1] && *curr_data) {
1339 switch (curr_schema[0]) {
1340 case 'l':
1341 if (qemu_strtoul(curr_data, &curr_data, 16,
1342 &params[curr_param].val_ul)) {
1343 return -EINVAL;
1344 }
1345 curr_param++;
1346 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1347 break;
1348 case 'L':
1349 if (qemu_strtou64(curr_data, &curr_data, 16,
1350 (uint64_t *)&params[curr_param].val_ull)) {
1351 return -EINVAL;
1352 }
1353 curr_param++;
1354 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1355 break;
1356 case 's':
1357 params[curr_param].data = curr_data;
1358 curr_param++;
1359 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1360 break;
1361 case 'o':
1362 params[curr_param].opcode = *(uint8_t *)curr_data;
1363 curr_param++;
1364 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1365 break;
1366 case 't':
1367 params[curr_param].thread_id.kind =
1368 read_thread_id(curr_data, &curr_data,
1369 &params[curr_param].thread_id.pid,
1370 &params[curr_param].thread_id.tid);
1371 curr_param++;
1372 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1373 break;
1374 case '?':
1375 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1376 break;
1377 default:
1378 return -EINVAL;
1379 }
1380 curr_schema += 2;
1381 }
1382
1383 *num_params = curr_param;
1384 return 0;
1385 }
1386
1387 typedef struct GdbCmdContext {
1388 GDBState *s;
1389 GdbCmdVariant *params;
1390 int num_params;
1391 uint8_t mem_buf[MAX_PACKET_LENGTH];
1392 char str_buf[MAX_PACKET_LENGTH + 1];
1393 } GdbCmdContext;
1394
1395 typedef void (*GdbCmdHandler)(GdbCmdContext *gdb_ctx, void *user_ctx);
1396
1397 /*
1398 * cmd_startswith -> cmd is compared using startswith
1399 *
1400 *
1401 * schema definitions:
1402 * Each schema parameter entry consists of 2 chars,
1403 * the first char represents the parameter type handling
1404 * the second char represents the delimiter for the next parameter
1405 *
1406 * Currently supported schema types:
1407 * 'l' -> unsigned long (stored in .val_ul)
1408 * 'L' -> unsigned long long (stored in .val_ull)
1409 * 's' -> string (stored in .data)
1410 * 'o' -> single char (stored in .opcode)
1411 * 't' -> thread id (stored in .thread_id)
1412 * '?' -> skip according to delimiter
1413 *
1414 * Currently supported delimiters:
1415 * '?' -> Stop at any delimiter (",;:=\0")
1416 * '0' -> Stop at "\0"
1417 * '.' -> Skip 1 char unless reached "\0"
1418 * Any other value is treated as the delimiter value itself
1419 */
1420 typedef struct GdbCmdParseEntry {
1421 GdbCmdHandler handler;
1422 const char *cmd;
1423 bool cmd_startswith;
1424 const char *schema;
1425 } GdbCmdParseEntry;
1426
1427 static inline int startswith(const char *string, const char *pattern)
1428 {
1429 return !strncmp(string, pattern, strlen(pattern));
1430 }
1431
1432 static int process_string_cmd(GDBState *s, void *user_ctx, const char *data,
1433 const GdbCmdParseEntry *cmds, int num_cmds)
1434 {
1435 int i, schema_len, max_num_params = 0;
1436 GdbCmdContext gdb_ctx;
1437
1438 if (!cmds) {
1439 return -1;
1440 }
1441
1442 for (i = 0; i < num_cmds; i++) {
1443 const GdbCmdParseEntry *cmd = &cmds[i];
1444 g_assert(cmd->handler && cmd->cmd);
1445
1446 if ((cmd->cmd_startswith && !startswith(data, cmd->cmd)) ||
1447 (!cmd->cmd_startswith && strcmp(cmd->cmd, data))) {
1448 continue;
1449 }
1450
1451 if (cmd->schema) {
1452 schema_len = strlen(cmd->schema);
1453 if (schema_len % 2) {
1454 return -2;
1455 }
1456
1457 max_num_params = schema_len / 2;
1458 }
1459
1460 gdb_ctx.params =
1461 (GdbCmdVariant *)alloca(sizeof(*gdb_ctx.params) * max_num_params);
1462 memset(gdb_ctx.params, 0, sizeof(*gdb_ctx.params) * max_num_params);
1463
1464 if (cmd_parse_params(&data[strlen(cmd->cmd)], cmd->schema,
1465 gdb_ctx.params, &gdb_ctx.num_params)) {
1466 return -1;
1467 }
1468
1469 gdb_ctx.s = s;
1470 cmd->handler(&gdb_ctx, user_ctx);
1471 return 0;
1472 }
1473
1474 return -1;
1475 }
1476
1477 static void run_cmd_parser(GDBState *s, const char *data,
1478 const GdbCmdParseEntry *cmd)
1479 {
1480 if (!data) {
1481 return;
1482 }
1483
1484 /* In case there was an error during the command parsing we must
1485 * send a NULL packet to indicate the command is not supported */
1486 if (process_string_cmd(s, NULL, data, cmd, 1)) {
1487 put_packet(s, "");
1488 }
1489 }
1490
1491 static void handle_detach(GdbCmdContext *gdb_ctx, void *user_ctx)
1492 {
1493 GDBProcess *process;
1494 GDBState *s = gdb_ctx->s;
1495 uint32_t pid = 1;
1496
1497 if (s->multiprocess) {
1498 if (!gdb_ctx->num_params) {
1499 put_packet(s, "E22");
1500 return;
1501 }
1502
1503 pid = gdb_ctx->params[0].val_ul;
1504 }
1505
1506 process = gdb_get_process(s, pid);
1507 gdb_process_breakpoint_remove_all(s, process);
1508 process->attached = false;
1509
1510 if (pid == gdb_get_cpu_pid(s, s->c_cpu)) {
1511 s->c_cpu = gdb_first_attached_cpu(s);
1512 }
1513
1514 if (pid == gdb_get_cpu_pid(s, s->g_cpu)) {
1515 s->g_cpu = gdb_first_attached_cpu(s);
1516 }
1517
1518 if (!s->c_cpu) {
1519 /* No more process attached */
1520 gdb_syscall_mode = GDB_SYS_DISABLED;
1521 gdb_continue(s);
1522 }
1523 put_packet(s, "OK");
1524 }
1525
1526 static void handle_thread_alive(GdbCmdContext *gdb_ctx, void *user_ctx)
1527 {
1528 CPUState *cpu;
1529
1530 if (!gdb_ctx->num_params) {
1531 put_packet(gdb_ctx->s, "E22");
1532 return;
1533 }
1534
1535 if (gdb_ctx->params[0].thread_id.kind == GDB_READ_THREAD_ERR) {
1536 put_packet(gdb_ctx->s, "E22");
1537 return;
1538 }
1539
1540 cpu = gdb_get_cpu(gdb_ctx->s, gdb_ctx->params[0].thread_id.pid,
1541 gdb_ctx->params[0].thread_id.tid);
1542 if (!cpu) {
1543 put_packet(gdb_ctx->s, "E22");
1544 return;
1545 }
1546
1547 put_packet(gdb_ctx->s, "OK");
1548 }
1549
1550 static void handle_continue(GdbCmdContext *gdb_ctx, void *user_ctx)
1551 {
1552 if (gdb_ctx->num_params) {
1553 gdb_set_cpu_pc(gdb_ctx->s, gdb_ctx->params[0].val_ull);
1554 }
1555
1556 gdb_ctx->s->signal = 0;
1557 gdb_continue(gdb_ctx->s);
1558 }
1559
1560 static void handle_cont_with_sig(GdbCmdContext *gdb_ctx, void *user_ctx)
1561 {
1562 unsigned long signal = 0;
1563
1564 /*
1565 * Note: C sig;[addr] is currently unsupported and we simply
1566 * omit the addr parameter
1567 */
1568 if (gdb_ctx->num_params) {
1569 signal = gdb_ctx->params[0].val_ul;
1570 }
1571
1572 gdb_ctx->s->signal = gdb_signal_to_target(signal);
1573 if (gdb_ctx->s->signal == -1) {
1574 gdb_ctx->s->signal = 0;
1575 }
1576 gdb_continue(gdb_ctx->s);
1577 }
1578
1579 static void handle_set_thread(GdbCmdContext *gdb_ctx, void *user_ctx)
1580 {
1581 CPUState *cpu;
1582
1583 if (gdb_ctx->num_params != 2) {
1584 put_packet(gdb_ctx->s, "E22");
1585 return;
1586 }
1587
1588 if (gdb_ctx->params[1].thread_id.kind == GDB_READ_THREAD_ERR) {
1589 put_packet(gdb_ctx->s, "E22");
1590 return;
1591 }
1592
1593 if (gdb_ctx->params[1].thread_id.kind != GDB_ONE_THREAD) {
1594 put_packet(gdb_ctx->s, "OK");
1595 return;
1596 }
1597
1598 cpu = gdb_get_cpu(gdb_ctx->s, gdb_ctx->params[1].thread_id.pid,
1599 gdb_ctx->params[1].thread_id.tid);
1600 if (!cpu) {
1601 put_packet(gdb_ctx->s, "E22");
1602 return;
1603 }
1604
1605 /*
1606 * Note: This command is deprecated and modern gdb's will be using the
1607 * vCont command instead.
1608 */
1609 switch (gdb_ctx->params[0].opcode) {
1610 case 'c':
1611 gdb_ctx->s->c_cpu = cpu;
1612 put_packet(gdb_ctx->s, "OK");
1613 break;
1614 case 'g':
1615 gdb_ctx->s->g_cpu = cpu;
1616 put_packet(gdb_ctx->s, "OK");
1617 break;
1618 default:
1619 put_packet(gdb_ctx->s, "E22");
1620 break;
1621 }
1622 }
1623
1624 static void handle_insert_bp(GdbCmdContext *gdb_ctx, void *user_ctx)
1625 {
1626 int res;
1627
1628 if (gdb_ctx->num_params != 3) {
1629 put_packet(gdb_ctx->s, "E22");
1630 return;
1631 }
1632
1633 res = gdb_breakpoint_insert(gdb_ctx->params[0].val_ul,
1634 gdb_ctx->params[1].val_ull,
1635 gdb_ctx->params[2].val_ull);
1636 if (res >= 0) {
1637 put_packet(gdb_ctx->s, "OK");
1638 return;
1639 } else if (res == -ENOSYS) {
1640 put_packet(gdb_ctx->s, "");
1641 return;
1642 }
1643
1644 put_packet(gdb_ctx->s, "E22");
1645 }
1646
1647 static void handle_remove_bp(GdbCmdContext *gdb_ctx, void *user_ctx)
1648 {
1649 int res;
1650
1651 if (gdb_ctx->num_params != 3) {
1652 put_packet(gdb_ctx->s, "E22");
1653 return;
1654 }
1655
1656 res = gdb_breakpoint_remove(gdb_ctx->params[0].val_ul,
1657 gdb_ctx->params[1].val_ull,
1658 gdb_ctx->params[2].val_ull);
1659 if (res >= 0) {
1660 put_packet(gdb_ctx->s, "OK");
1661 return;
1662 } else if (res == -ENOSYS) {
1663 put_packet(gdb_ctx->s, "");
1664 return;
1665 }
1666
1667 put_packet(gdb_ctx->s, "E22");
1668 }
1669
1670 static void handle_set_reg(GdbCmdContext *gdb_ctx, void *user_ctx)
1671 {
1672 int reg_size;
1673
1674 if (!gdb_has_xml) {
1675 put_packet(gdb_ctx->s, "E00");
1676 return;
1677 }
1678
1679 if (gdb_ctx->num_params != 2) {
1680 put_packet(gdb_ctx->s, "E22");
1681 return;
1682 }
1683
1684 reg_size = strlen(gdb_ctx->params[1].data) / 2;
1685 hextomem(gdb_ctx->mem_buf, gdb_ctx->params[1].data, reg_size);
1686 gdb_write_register(gdb_ctx->s->g_cpu, gdb_ctx->mem_buf,
1687 gdb_ctx->params[0].val_ull);
1688 put_packet(gdb_ctx->s, "OK");
1689 }
1690
1691 static void handle_get_reg(GdbCmdContext *gdb_ctx, void *user_ctx)
1692 {
1693 int reg_size;
1694
1695 /*
1696 * Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
1697 * This works, but can be very slow. Anything new enough to
1698 * understand XML also knows how to use this properly.
1699 */
1700 if (!gdb_has_xml) {
1701 put_packet(gdb_ctx->s, "");
1702 return;
1703 }
1704
1705 if (!gdb_ctx->num_params) {
1706 put_packet(gdb_ctx->s, "E14");
1707 return;
1708 }
1709
1710 reg_size = gdb_read_register(gdb_ctx->s->g_cpu, gdb_ctx->mem_buf,
1711 gdb_ctx->params[0].val_ull);
1712 if (!reg_size) {
1713 put_packet(gdb_ctx->s, "E14");
1714 return;
1715 }
1716
1717 memtohex(gdb_ctx->str_buf, gdb_ctx->mem_buf, reg_size);
1718 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
1719 }
1720
1721 static void handle_write_mem(GdbCmdContext *gdb_ctx, void *user_ctx)
1722 {
1723 if (gdb_ctx->num_params != 3) {
1724 put_packet(gdb_ctx->s, "E22");
1725 return;
1726 }
1727
1728 /* hextomem() reads 2*len bytes */
1729 if (gdb_ctx->params[1].val_ull > strlen(gdb_ctx->params[2].data) / 2) {
1730 put_packet(gdb_ctx->s, "E22");
1731 return;
1732 }
1733
1734 hextomem(gdb_ctx->mem_buf, gdb_ctx->params[2].data,
1735 gdb_ctx->params[1].val_ull);
1736 if (target_memory_rw_debug(gdb_ctx->s->g_cpu, gdb_ctx->params[0].val_ull,
1737 gdb_ctx->mem_buf,
1738 gdb_ctx->params[1].val_ull, true)) {
1739 put_packet(gdb_ctx->s, "E14");
1740 return;
1741 }
1742
1743 put_packet(gdb_ctx->s, "OK");
1744 }
1745
1746 static void handle_read_mem(GdbCmdContext *gdb_ctx, void *user_ctx)
1747 {
1748 if (gdb_ctx->num_params != 2) {
1749 put_packet(gdb_ctx->s, "E22");
1750 return;
1751 }
1752
1753 /* memtohex() doubles the required space */
1754 if (gdb_ctx->params[1].val_ull > MAX_PACKET_LENGTH / 2) {
1755 put_packet(gdb_ctx->s, "E22");
1756 return;
1757 }
1758
1759 if (target_memory_rw_debug(gdb_ctx->s->g_cpu, gdb_ctx->params[0].val_ull,
1760 gdb_ctx->mem_buf,
1761 gdb_ctx->params[1].val_ull, false)) {
1762 put_packet(gdb_ctx->s, "E14");
1763 return;
1764 }
1765
1766 memtohex(gdb_ctx->str_buf, gdb_ctx->mem_buf, gdb_ctx->params[1].val_ull);
1767 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
1768 }
1769
1770 static void handle_write_all_regs(GdbCmdContext *gdb_ctx, void *user_ctx)
1771 {
1772 target_ulong addr, len;
1773 uint8_t *registers;
1774 int reg_size;
1775
1776 if (!gdb_ctx->num_params) {
1777 return;
1778 }
1779
1780 cpu_synchronize_state(gdb_ctx->s->g_cpu);
1781 registers = gdb_ctx->mem_buf;
1782 len = strlen(gdb_ctx->params[0].data) / 2;
1783 hextomem(registers, gdb_ctx->params[0].data, len);
1784 for (addr = 0; addr < gdb_ctx->s->g_cpu->gdb_num_g_regs && len > 0;
1785 addr++) {
1786 reg_size = gdb_write_register(gdb_ctx->s->g_cpu, registers, addr);
1787 len -= reg_size;
1788 registers += reg_size;
1789 }
1790 put_packet(gdb_ctx->s, "OK");
1791 }
1792
1793 static void handle_read_all_regs(GdbCmdContext *gdb_ctx, void *user_ctx)
1794 {
1795 target_ulong addr, len;
1796
1797 cpu_synchronize_state(gdb_ctx->s->g_cpu);
1798 len = 0;
1799 for (addr = 0; addr < gdb_ctx->s->g_cpu->gdb_num_g_regs; addr++) {
1800 len += gdb_read_register(gdb_ctx->s->g_cpu, gdb_ctx->mem_buf + len,
1801 addr);
1802 }
1803
1804 memtohex(gdb_ctx->str_buf, gdb_ctx->mem_buf, len);
1805 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
1806 }
1807
1808 static void handle_file_io(GdbCmdContext *gdb_ctx, void *user_ctx)
1809 {
1810 if (gdb_ctx->num_params >= 2 && gdb_ctx->s->current_syscall_cb) {
1811 target_ulong ret, err;
1812
1813 ret = (target_ulong)gdb_ctx->params[0].val_ull;
1814 err = (target_ulong)gdb_ctx->params[1].val_ull;
1815 gdb_ctx->s->current_syscall_cb(gdb_ctx->s->c_cpu, ret, err);
1816 gdb_ctx->s->current_syscall_cb = NULL;
1817 }
1818
1819 if (gdb_ctx->num_params >= 3 && gdb_ctx->params[2].opcode == (uint8_t)'C') {
1820 put_packet(gdb_ctx->s, "T02");
1821 return;
1822 }
1823
1824 gdb_continue(gdb_ctx->s);
1825 }
1826
1827 static void handle_step(GdbCmdContext *gdb_ctx, void *user_ctx)
1828 {
1829 if (gdb_ctx->num_params) {
1830 gdb_set_cpu_pc(gdb_ctx->s, (target_ulong)gdb_ctx->params[0].val_ull);
1831 }
1832
1833 cpu_single_step(gdb_ctx->s->c_cpu, sstep_flags);
1834 gdb_continue(gdb_ctx->s);
1835 }
1836
1837 static void handle_v_cont_query(GdbCmdContext *gdb_ctx, void *user_ctx)
1838 {
1839 put_packet(gdb_ctx->s, "vCont;c;C;s;S");
1840 }
1841
1842 static void handle_v_cont(GdbCmdContext *gdb_ctx, void *user_ctx)
1843 {
1844 int res;
1845
1846 if (!gdb_ctx->num_params) {
1847 return;
1848 }
1849
1850 res = gdb_handle_vcont(gdb_ctx->s, gdb_ctx->params[0].data);
1851 if ((res == -EINVAL) || (res == -ERANGE)) {
1852 put_packet(gdb_ctx->s, "E22");
1853 } else if (res) {
1854 put_packet(gdb_ctx->s, "");
1855 }
1856 }
1857
1858 static void handle_v_attach(GdbCmdContext *gdb_ctx, void *user_ctx)
1859 {
1860 GDBProcess *process;
1861 CPUState *cpu;
1862 char thread_id[16];
1863
1864 pstrcpy(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), "E22");
1865 if (!gdb_ctx->num_params) {
1866 goto cleanup;
1867 }
1868
1869 process = gdb_get_process(gdb_ctx->s, gdb_ctx->params[0].val_ul);
1870 if (!process) {
1871 goto cleanup;
1872 }
1873
1874 cpu = get_first_cpu_in_process(gdb_ctx->s, process);
1875 if (!cpu) {
1876 goto cleanup;
1877 }
1878
1879 process->attached = true;
1880 gdb_ctx->s->g_cpu = cpu;
1881 gdb_ctx->s->c_cpu = cpu;
1882
1883 gdb_fmt_thread_id(gdb_ctx->s, cpu, thread_id, sizeof(thread_id));
1884 snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), "T%02xthread:%s;",
1885 GDB_SIGNAL_TRAP, thread_id);
1886 cleanup:
1887 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
1888 }
1889
1890 static void handle_v_kill(GdbCmdContext *gdb_ctx, void *user_ctx)
1891 {
1892 /* Kill the target */
1893 put_packet(gdb_ctx->s, "OK");
1894 error_report("QEMU: Terminated via GDBstub");
1895 exit(0);
1896 }
1897
1898 static GdbCmdParseEntry gdb_v_commands_table[] = {
1899 /* Order is important if has same prefix */
1900 {
1901 .handler = handle_v_cont_query,
1902 .cmd = "Cont?",
1903 .cmd_startswith = 1
1904 },
1905 {
1906 .handler = handle_v_cont,
1907 .cmd = "Cont",
1908 .cmd_startswith = 1,
1909 .schema = "s0"
1910 },
1911 {
1912 .handler = handle_v_attach,
1913 .cmd = "Attach;",
1914 .cmd_startswith = 1,
1915 .schema = "l0"
1916 },
1917 {
1918 .handler = handle_v_kill,
1919 .cmd = "Kill;",
1920 .cmd_startswith = 1
1921 },
1922 };
1923
1924 static void handle_v_commands(GdbCmdContext *gdb_ctx, void *user_ctx)
1925 {
1926 if (!gdb_ctx->num_params) {
1927 return;
1928 }
1929
1930 if (process_string_cmd(gdb_ctx->s, NULL, gdb_ctx->params[0].data,
1931 gdb_v_commands_table,
1932 ARRAY_SIZE(gdb_v_commands_table))) {
1933 put_packet(gdb_ctx->s, "");
1934 }
1935 }
1936
1937 static void handle_query_qemu_sstepbits(GdbCmdContext *gdb_ctx, void *user_ctx)
1938 {
1939 snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf),
1940 "ENABLE=%x,NOIRQ=%x,NOTIMER=%x", SSTEP_ENABLE,
1941 SSTEP_NOIRQ, SSTEP_NOTIMER);
1942 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
1943 }
1944
1945 static void handle_set_qemu_sstep(GdbCmdContext *gdb_ctx, void *user_ctx)
1946 {
1947 if (!gdb_ctx->num_params) {
1948 return;
1949 }
1950
1951 sstep_flags = gdb_ctx->params[0].val_ul;
1952 put_packet(gdb_ctx->s, "OK");
1953 }
1954
1955 static void handle_query_qemu_sstep(GdbCmdContext *gdb_ctx, void *user_ctx)
1956 {
1957 snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), "0x%x", sstep_flags);
1958 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
1959 }
1960
1961 static void handle_query_curr_tid(GdbCmdContext *gdb_ctx, void *user_ctx)
1962 {
1963 CPUState *cpu;
1964 GDBProcess *process;
1965 char thread_id[16];
1966
1967 /*
1968 * "Current thread" remains vague in the spec, so always return
1969 * the first thread of the current process (gdb returns the
1970 * first thread).
1971 */
1972 process = gdb_get_cpu_process(gdb_ctx->s, gdb_ctx->s->g_cpu);
1973 cpu = get_first_cpu_in_process(gdb_ctx->s, process);
1974 gdb_fmt_thread_id(gdb_ctx->s, cpu, thread_id, sizeof(thread_id));
1975 snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), "QC%s", thread_id);
1976 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
1977 }
1978
1979 static void handle_query_threads(GdbCmdContext *gdb_ctx, void *user_ctx)
1980 {
1981 char thread_id[16];
1982
1983 if (!gdb_ctx->s->query_cpu) {
1984 put_packet(gdb_ctx->s, "l");
1985 return;
1986 }
1987
1988 gdb_fmt_thread_id(gdb_ctx->s, gdb_ctx->s->query_cpu, thread_id,
1989 sizeof(thread_id));
1990 snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), "m%s", thread_id);
1991 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
1992 gdb_ctx->s->query_cpu =
1993 gdb_next_attached_cpu(gdb_ctx->s, gdb_ctx->s->query_cpu);
1994 }
1995
1996 static void handle_query_first_threads(GdbCmdContext *gdb_ctx, void *user_ctx)
1997 {
1998 gdb_ctx->s->query_cpu = gdb_first_attached_cpu(gdb_ctx->s);
1999 handle_query_threads(gdb_ctx, user_ctx);
2000 }
2001
2002 static void handle_query_thread_extra(GdbCmdContext *gdb_ctx, void *user_ctx)
2003 {
2004 CPUState *cpu;
2005 int len;
2006
2007 if (!gdb_ctx->num_params ||
2008 gdb_ctx->params[0].thread_id.kind == GDB_READ_THREAD_ERR) {
2009 put_packet(gdb_ctx->s, "E22");
2010 return;
2011 }
2012
2013 cpu = gdb_get_cpu(gdb_ctx->s, gdb_ctx->params[0].thread_id.pid,
2014 gdb_ctx->params[0].thread_id.tid);
2015 if (!cpu) {
2016 return;
2017 }
2018
2019 cpu_synchronize_state(cpu);
2020
2021 if (gdb_ctx->s->multiprocess && (gdb_ctx->s->process_num > 1)) {
2022 /* Print the CPU model and name in multiprocess mode */
2023 ObjectClass *oc = object_get_class(OBJECT(cpu));
2024 const char *cpu_model = object_class_get_name(oc);
2025 char *cpu_name = object_get_canonical_path_component(OBJECT(cpu));
2026 len = snprintf((char *)gdb_ctx->mem_buf, sizeof(gdb_ctx->str_buf) / 2,
2027 "%s %s [%s]", cpu_model, cpu_name,
2028 cpu->halted ? "halted " : "running");
2029 g_free(cpu_name);
2030 } else {
2031 /* memtohex() doubles the required space */
2032 len = snprintf((char *)gdb_ctx->mem_buf, sizeof(gdb_ctx->str_buf) / 2,
2033 "CPU#%d [%s]", cpu->cpu_index,
2034 cpu->halted ? "halted " : "running");
2035 }
2036 trace_gdbstub_op_extra_info((char *)gdb_ctx->mem_buf);
2037 memtohex(gdb_ctx->str_buf, gdb_ctx->mem_buf, len);
2038 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
2039 }
2040
2041 #ifdef CONFIG_USER_ONLY
2042 static void handle_query_offsets(GdbCmdContext *gdb_ctx, void *user_ctx)
2043 {
2044 TaskState *ts;
2045
2046 ts = gdb_ctx->s->c_cpu->opaque;
2047 snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf),
2048 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
2049 ";Bss=" TARGET_ABI_FMT_lx,
2050 ts->info->code_offset,
2051 ts->info->data_offset,
2052 ts->info->data_offset);
2053 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
2054 }
2055 #else
2056 static void handle_query_rcmd(GdbCmdContext *gdb_ctx, void *user_ctx)
2057 {
2058 int len;
2059
2060 if (!gdb_ctx->num_params) {
2061 put_packet(gdb_ctx->s, "E22");
2062 return;
2063 }
2064
2065 len = strlen(gdb_ctx->params[0].data);
2066 if (len % 2) {
2067 put_packet(gdb_ctx->s, "E01");
2068 return;
2069 }
2070
2071 len = len / 2;
2072 hextomem(gdb_ctx->mem_buf, gdb_ctx->params[0].data, len);
2073 gdb_ctx->mem_buf[len++] = 0;
2074 qemu_chr_be_write(gdb_ctx->s->mon_chr, gdb_ctx->mem_buf, len);
2075 put_packet(gdb_ctx->s, "OK");
2076
2077 }
2078 #endif
2079
2080 static void handle_query_supported(GdbCmdContext *gdb_ctx, void *user_ctx)
2081 {
2082 CPUClass *cc;
2083
2084 snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), "PacketSize=%x",
2085 MAX_PACKET_LENGTH);
2086 cc = CPU_GET_CLASS(first_cpu);
2087 if (cc->gdb_core_xml_file) {
2088 pstrcat(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf),
2089 ";qXfer:features:read+");
2090 }
2091
2092 if (gdb_ctx->num_params &&
2093 strstr(gdb_ctx->params[0].data, "multiprocess+")) {
2094 gdb_ctx->s->multiprocess = true;
2095 }
2096
2097 pstrcat(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), ";multiprocess+");
2098 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
2099 }
2100
2101 static void handle_query_xfer_features(GdbCmdContext *gdb_ctx, void *user_ctx)
2102 {
2103 GDBProcess *process;
2104 CPUClass *cc;
2105 unsigned long len, total_len, addr;
2106 const char *xml;
2107 const char *p;
2108
2109 if (gdb_ctx->num_params < 3) {
2110 put_packet(gdb_ctx->s, "E22");
2111 return;
2112 }
2113
2114 process = gdb_get_cpu_process(gdb_ctx->s, gdb_ctx->s->g_cpu);
2115 cc = CPU_GET_CLASS(gdb_ctx->s->g_cpu);
2116 if (!cc->gdb_core_xml_file) {
2117 put_packet(gdb_ctx->s, "");
2118 return;
2119 }
2120
2121 gdb_has_xml = true;
2122 p = gdb_ctx->params[0].data;
2123 xml = get_feature_xml(gdb_ctx->s, p, &p, process);
2124 if (!xml) {
2125 put_packet(gdb_ctx->s, "E00");
2126 return;
2127 }
2128
2129 addr = gdb_ctx->params[1].val_ul;
2130 len = gdb_ctx->params[2].val_ul;
2131 total_len = strlen(xml);
2132 if (addr > total_len) {
2133 put_packet(gdb_ctx->s, "E00");
2134 return;
2135 }
2136
2137 if (len > (MAX_PACKET_LENGTH - 5) / 2) {
2138 len = (MAX_PACKET_LENGTH - 5) / 2;
2139 }
2140
2141 if (len < total_len - addr) {
2142 gdb_ctx->str_buf[0] = 'm';
2143 len = memtox(gdb_ctx->str_buf + 1, xml + addr, len);
2144 } else {
2145 gdb_ctx->str_buf[0] = 'l';
2146 len = memtox(gdb_ctx->str_buf + 1, xml + addr, total_len - addr);
2147 }
2148
2149 put_packet_binary(gdb_ctx->s, gdb_ctx->str_buf, len + 1, true);
2150 }
2151
2152 static void handle_query_attached(GdbCmdContext *gdb_ctx, void *user_ctx)
2153 {
2154 put_packet(gdb_ctx->s, GDB_ATTACHED);
2155 }
2156
2157 static void handle_query_qemu_supported(GdbCmdContext *gdb_ctx, void *user_ctx)
2158 {
2159 snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), "sstepbits;sstep");
2160 #ifndef CONFIG_USER_ONLY
2161 pstrcat(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), ";PhyMemMode");
2162 #endif
2163 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
2164 }
2165
2166 #ifndef CONFIG_USER_ONLY
2167 static void handle_query_qemu_phy_mem_mode(GdbCmdContext *gdb_ctx,
2168 void *user_ctx)
2169 {
2170 snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), "%d", phy_memory_mode);
2171 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
2172 }
2173
2174 static void handle_set_qemu_phy_mem_mode(GdbCmdContext *gdb_ctx, void *user_ctx)
2175 {
2176 if (!gdb_ctx->num_params) {
2177 put_packet(gdb_ctx->s, "E22");
2178 return;
2179 }
2180
2181 if (!gdb_ctx->params[0].val_ul) {
2182 phy_memory_mode = 0;
2183 } else {
2184 phy_memory_mode = 1;
2185 }
2186 put_packet(gdb_ctx->s, "OK");
2187 }
2188 #endif
2189
2190 static GdbCmdParseEntry gdb_gen_query_set_common_table[] = {
2191 /* Order is important if has same prefix */
2192 {
2193 .handler = handle_query_qemu_sstepbits,
2194 .cmd = "qemu.sstepbits",
2195 },
2196 {
2197 .handler = handle_query_qemu_sstep,
2198 .cmd = "qemu.sstep",
2199 },
2200 {
2201 .handler = handle_set_qemu_sstep,
2202 .cmd = "qemu.sstep=",
2203 .cmd_startswith = 1,
2204 .schema = "l0"
2205 },
2206 };
2207
2208 static GdbCmdParseEntry gdb_gen_query_table[] = {
2209 {
2210 .handler = handle_query_curr_tid,
2211 .cmd = "C",
2212 },
2213 {
2214 .handler = handle_query_threads,
2215 .cmd = "sThreadInfo",
2216 },
2217 {
2218 .handler = handle_query_first_threads,
2219 .cmd = "fThreadInfo",
2220 },
2221 {
2222 .handler = handle_query_thread_extra,
2223 .cmd = "ThreadExtraInfo,",
2224 .cmd_startswith = 1,
2225 .schema = "t0"
2226 },
2227 #ifdef CONFIG_USER_ONLY
2228 {
2229 .handler = handle_query_offsets,
2230 .cmd = "Offsets",
2231 },
2232 #else
2233 {
2234 .handler = handle_query_rcmd,
2235 .cmd = "Rcmd,",
2236 .cmd_startswith = 1,
2237 .schema = "s0"
2238 },
2239 #endif
2240 {
2241 .handler = handle_query_supported,
2242 .cmd = "Supported:",
2243 .cmd_startswith = 1,
2244 .schema = "s0"
2245 },
2246 {
2247 .handler = handle_query_supported,
2248 .cmd = "Supported",
2249 .schema = "s0"
2250 },
2251 {
2252 .handler = handle_query_xfer_features,
2253 .cmd = "Xfer:features:read:",
2254 .cmd_startswith = 1,
2255 .schema = "s:l,l0"
2256 },
2257 {
2258 .handler = handle_query_attached,
2259 .cmd = "Attached:",
2260 .cmd_startswith = 1
2261 },
2262 {
2263 .handler = handle_query_attached,
2264 .cmd = "Attached",
2265 },
2266 {
2267 .handler = handle_query_qemu_supported,
2268 .cmd = "qemu.Supported",
2269 },
2270 #ifndef CONFIG_USER_ONLY
2271 {
2272 .handler = handle_query_qemu_phy_mem_mode,
2273 .cmd = "qemu.PhyMemMode",
2274 },
2275 #endif
2276 };
2277
2278 static GdbCmdParseEntry gdb_gen_set_table[] = {
2279 /* Order is important if has same prefix */
2280 {
2281 .handler = handle_set_qemu_sstep,
2282 .cmd = "qemu.sstep:",
2283 .cmd_startswith = 1,
2284 .schema = "l0"
2285 },
2286 #ifndef CONFIG_USER_ONLY
2287 {
2288 .handler = handle_set_qemu_phy_mem_mode,
2289 .cmd = "qemu.PhyMemMode:",
2290 .cmd_startswith = 1,
2291 .schema = "l0"
2292 },
2293 #endif
2294 };
2295
2296 static void handle_gen_query(GdbCmdContext *gdb_ctx, void *user_ctx)
2297 {
2298 if (!gdb_ctx->num_params) {
2299 return;
2300 }
2301
2302 if (!process_string_cmd(gdb_ctx->s, NULL, gdb_ctx->params[0].data,
2303 gdb_gen_query_set_common_table,
2304 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2305 return;
2306 }
2307
2308 if (process_string_cmd(gdb_ctx->s, NULL, gdb_ctx->params[0].data,
2309 gdb_gen_query_table,
2310 ARRAY_SIZE(gdb_gen_query_table))) {
2311 put_packet(gdb_ctx->s, "");
2312 }
2313 }
2314
2315 static void handle_gen_set(GdbCmdContext *gdb_ctx, void *user_ctx)
2316 {
2317 if (!gdb_ctx->num_params) {
2318 return;
2319 }
2320
2321 if (!process_string_cmd(gdb_ctx->s, NULL, gdb_ctx->params[0].data,
2322 gdb_gen_query_set_common_table,
2323 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2324 return;
2325 }
2326
2327 if (process_string_cmd(gdb_ctx->s, NULL, gdb_ctx->params[0].data,
2328 gdb_gen_set_table,
2329 ARRAY_SIZE(gdb_gen_set_table))) {
2330 put_packet(gdb_ctx->s, "");
2331 }
2332 }
2333
2334 static void handle_target_halt(GdbCmdContext *gdb_ctx, void *user_ctx)
2335 {
2336 char thread_id[16];
2337
2338 gdb_fmt_thread_id(gdb_ctx->s, gdb_ctx->s->c_cpu, thread_id,
2339 sizeof(thread_id));
2340 snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), "T%02xthread:%s;",
2341 GDB_SIGNAL_TRAP, thread_id);
2342 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
2343 /*
2344 * Remove all the breakpoints when this query is issued,
2345 * because gdb is doing an initial connect and the state
2346 * should be cleaned up.
2347 */
2348 gdb_breakpoint_remove_all();
2349 }
2350
2351 static int gdb_handle_packet(GDBState *s, const char *line_buf)
2352 {
2353 const GdbCmdParseEntry *cmd_parser = NULL;
2354
2355 trace_gdbstub_io_command(line_buf);
2356
2357 switch (line_buf[0]) {
2358 case '!':
2359 put_packet(s, "OK");
2360 break;
2361 case '?':
2362 {
2363 static const GdbCmdParseEntry target_halted_cmd_desc = {
2364 .handler = handle_target_halt,
2365 .cmd = "?",
2366 .cmd_startswith = 1
2367 };
2368 cmd_parser = &target_halted_cmd_desc;
2369 }
2370 break;
2371 case 'c':
2372 {
2373 static const GdbCmdParseEntry continue_cmd_desc = {
2374 .handler = handle_continue,
2375 .cmd = "c",
2376 .cmd_startswith = 1,
2377 .schema = "L0"
2378 };
2379 cmd_parser = &continue_cmd_desc;
2380 }
2381 break;
2382 case 'C':
2383 {
2384 static const GdbCmdParseEntry cont_with_sig_cmd_desc = {
2385 .handler = handle_cont_with_sig,
2386 .cmd = "C",
2387 .cmd_startswith = 1,
2388 .schema = "l0"
2389 };
2390 cmd_parser = &cont_with_sig_cmd_desc;
2391 }
2392 break;
2393 case 'v':
2394 {
2395 static const GdbCmdParseEntry v_cmd_desc = {
2396 .handler = handle_v_commands,
2397 .cmd = "v",
2398 .cmd_startswith = 1,
2399 .schema = "s0"
2400 };
2401 cmd_parser = &v_cmd_desc;
2402 }
2403 break;
2404 case 'k':
2405 /* Kill the target */
2406 error_report("QEMU: Terminated via GDBstub");
2407 exit(0);
2408 case 'D':
2409 {
2410 static const GdbCmdParseEntry detach_cmd_desc = {
2411 .handler = handle_detach,
2412 .cmd = "D",
2413 .cmd_startswith = 1,
2414 .schema = "?.l0"
2415 };
2416 cmd_parser = &detach_cmd_desc;
2417 }
2418 break;
2419 case 's':
2420 {
2421 static const GdbCmdParseEntry step_cmd_desc = {
2422 .handler = handle_step,
2423 .cmd = "s",
2424 .cmd_startswith = 1,
2425 .schema = "L0"
2426 };
2427 cmd_parser = &step_cmd_desc;
2428 }
2429 break;
2430 case 'F':
2431 {
2432 static const GdbCmdParseEntry file_io_cmd_desc = {
2433 .handler = handle_file_io,
2434 .cmd = "F",
2435 .cmd_startswith = 1,
2436 .schema = "L,L,o0"
2437 };
2438 cmd_parser = &file_io_cmd_desc;
2439 }
2440 break;
2441 case 'g':
2442 {
2443 static const GdbCmdParseEntry read_all_regs_cmd_desc = {
2444 .handler = handle_read_all_regs,
2445 .cmd = "g",
2446 .cmd_startswith = 1
2447 };
2448 cmd_parser = &read_all_regs_cmd_desc;
2449 }
2450 break;
2451 case 'G':
2452 {
2453 static const GdbCmdParseEntry write_all_regs_cmd_desc = {
2454 .handler = handle_write_all_regs,
2455 .cmd = "G",
2456 .cmd_startswith = 1,
2457 .schema = "s0"
2458 };
2459 cmd_parser = &write_all_regs_cmd_desc;
2460 }
2461 break;
2462 case 'm':
2463 {
2464 static const GdbCmdParseEntry read_mem_cmd_desc = {
2465 .handler = handle_read_mem,
2466 .cmd = "m",
2467 .cmd_startswith = 1,
2468 .schema = "L,L0"
2469 };
2470 cmd_parser = &read_mem_cmd_desc;
2471 }
2472 break;
2473 case 'M':
2474 {
2475 static const GdbCmdParseEntry write_mem_cmd_desc = {
2476 .handler = handle_write_mem,
2477 .cmd = "M",
2478 .cmd_startswith = 1,
2479 .schema = "L,L:s0"
2480 };
2481 cmd_parser = &write_mem_cmd_desc;
2482 }
2483 break;
2484 case 'p':
2485 {
2486 static const GdbCmdParseEntry get_reg_cmd_desc = {
2487 .handler = handle_get_reg,
2488 .cmd = "p",
2489 .cmd_startswith = 1,
2490 .schema = "L0"
2491 };
2492 cmd_parser = &get_reg_cmd_desc;
2493 }
2494 break;
2495 case 'P':
2496 {
2497 static const GdbCmdParseEntry set_reg_cmd_desc = {
2498 .handler = handle_set_reg,
2499 .cmd = "P",
2500 .cmd_startswith = 1,
2501 .schema = "L?s0"
2502 };
2503 cmd_parser = &set_reg_cmd_desc;
2504 }
2505 break;
2506 case 'Z':
2507 {
2508 static const GdbCmdParseEntry insert_bp_cmd_desc = {
2509 .handler = handle_insert_bp,
2510 .cmd = "Z",
2511 .cmd_startswith = 1,
2512 .schema = "l?L?L0"
2513 };
2514 cmd_parser = &insert_bp_cmd_desc;
2515 }
2516 break;
2517 case 'z':
2518 {
2519 static const GdbCmdParseEntry remove_bp_cmd_desc = {
2520 .handler = handle_remove_bp,
2521 .cmd = "z",
2522 .cmd_startswith = 1,
2523 .schema = "l?L?L0"
2524 };
2525 cmd_parser = &remove_bp_cmd_desc;
2526 }
2527 break;
2528 case 'H':
2529 {
2530 static const GdbCmdParseEntry set_thread_cmd_desc = {
2531 .handler = handle_set_thread,
2532 .cmd = "H",
2533 .cmd_startswith = 1,
2534 .schema = "o.t0"
2535 };
2536 cmd_parser = &set_thread_cmd_desc;
2537 }
2538 break;
2539 case 'T':
2540 {
2541 static const GdbCmdParseEntry thread_alive_cmd_desc = {
2542 .handler = handle_thread_alive,
2543 .cmd = "T",
2544 .cmd_startswith = 1,
2545 .schema = "t0"
2546 };
2547 cmd_parser = &thread_alive_cmd_desc;
2548 }
2549 break;
2550 case 'q':
2551 {
2552 static const GdbCmdParseEntry gen_query_cmd_desc = {
2553 .handler = handle_gen_query,
2554 .cmd = "q",
2555 .cmd_startswith = 1,
2556 .schema = "s0"
2557 };
2558 cmd_parser = &gen_query_cmd_desc;
2559 }
2560 break;
2561 case 'Q':
2562 {
2563 static const GdbCmdParseEntry gen_set_cmd_desc = {
2564 .handler = handle_gen_set,
2565 .cmd = "Q",
2566 .cmd_startswith = 1,
2567 .schema = "s0"
2568 };
2569 cmd_parser = &gen_set_cmd_desc;
2570 }
2571 break;
2572 default:
2573 /* put empty packet */
2574 put_packet(s, "");
2575 break;
2576 }
2577
2578 run_cmd_parser(s, line_buf, cmd_parser);
2579
2580 return RS_IDLE;
2581 }
2582
2583 void gdb_set_stop_cpu(CPUState *cpu)
2584 {
2585 GDBProcess *p = gdb_get_cpu_process(gdbserver_state, cpu);
2586
2587 if (!p->attached) {
2588 /*
2589 * Having a stop CPU corresponding to a process that is not attached
2590 * confuses GDB. So we ignore the request.
2591 */
2592 return;
2593 }
2594
2595 gdbserver_state->c_cpu = cpu;
2596 gdbserver_state->g_cpu = cpu;
2597 }
2598
2599 #ifndef CONFIG_USER_ONLY
2600 static void gdb_vm_state_change(void *opaque, int running, RunState state)
2601 {
2602 GDBState *s = gdbserver_state;
2603 CPUState *cpu = s->c_cpu;
2604 char buf[256];
2605 char thread_id[16];
2606 const char *type;
2607 int ret;
2608
2609 if (running || s->state == RS_INACTIVE) {
2610 return;
2611 }
2612 /* Is there a GDB syscall waiting to be sent? */
2613 if (s->current_syscall_cb) {
2614 put_packet(s, s->syscall_buf);
2615 return;
2616 }
2617
2618 if (cpu == NULL) {
2619 /* No process attached */
2620 return;
2621 }
2622
2623 gdb_fmt_thread_id(s, cpu, thread_id, sizeof(thread_id));
2624
2625 switch (state) {
2626 case RUN_STATE_DEBUG:
2627 if (cpu->watchpoint_hit) {
2628 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
2629 case BP_MEM_READ:
2630 type = "r";
2631 break;
2632 case BP_MEM_ACCESS:
2633 type = "a";
2634 break;
2635 default:
2636 type = "";
2637 break;
2638 }
2639 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu),
2640 (target_ulong)cpu->watchpoint_hit->vaddr);
2641 snprintf(buf, sizeof(buf),
2642 "T%02xthread:%s;%swatch:" TARGET_FMT_lx ";",
2643 GDB_SIGNAL_TRAP, thread_id, type,
2644 (target_ulong)cpu->watchpoint_hit->vaddr);
2645 cpu->watchpoint_hit = NULL;
2646 goto send_packet;
2647 } else {
2648 trace_gdbstub_hit_break();
2649 }
2650 tb_flush(cpu);
2651 ret = GDB_SIGNAL_TRAP;
2652 break;
2653 case RUN_STATE_PAUSED:
2654 trace_gdbstub_hit_paused();
2655 ret = GDB_SIGNAL_INT;
2656 break;
2657 case RUN_STATE_SHUTDOWN:
2658 trace_gdbstub_hit_shutdown();
2659 ret = GDB_SIGNAL_QUIT;
2660 break;
2661 case RUN_STATE_IO_ERROR:
2662 trace_gdbstub_hit_io_error();
2663 ret = GDB_SIGNAL_IO;
2664 break;
2665 case RUN_STATE_WATCHDOG:
2666 trace_gdbstub_hit_watchdog();
2667 ret = GDB_SIGNAL_ALRM;
2668 break;
2669 case RUN_STATE_INTERNAL_ERROR:
2670 trace_gdbstub_hit_internal_error();
2671 ret = GDB_SIGNAL_ABRT;
2672 break;
2673 case RUN_STATE_SAVE_VM:
2674 case RUN_STATE_RESTORE_VM:
2675 return;
2676 case RUN_STATE_FINISH_MIGRATE:
2677 ret = GDB_SIGNAL_XCPU;
2678 break;
2679 default:
2680 trace_gdbstub_hit_unknown(state);
2681 ret = GDB_SIGNAL_UNKNOWN;
2682 break;
2683 }
2684 gdb_set_stop_cpu(cpu);
2685 snprintf(buf, sizeof(buf), "T%02xthread:%s;", ret, thread_id);
2686
2687 send_packet:
2688 put_packet(s, buf);
2689
2690 /* disable single step if it was enabled */
2691 cpu_single_step(cpu, 0);
2692 }
2693 #endif
2694
2695 /* Send a gdb syscall request.
2696 This accepts limited printf-style format specifiers, specifically:
2697 %x - target_ulong argument printed in hex.
2698 %lx - 64-bit argument printed in hex.
2699 %s - string pointer (target_ulong) and length (int) pair. */
2700 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
2701 {
2702 char *p;
2703 char *p_end;
2704 target_ulong addr;
2705 uint64_t i64;
2706 GDBState *s;
2707
2708 s = gdbserver_state;
2709 if (!s)
2710 return;
2711 s->current_syscall_cb = cb;
2712 #ifndef CONFIG_USER_ONLY
2713 vm_stop(RUN_STATE_DEBUG);
2714 #endif
2715 p = s->syscall_buf;
2716 p_end = &s->syscall_buf[sizeof(s->syscall_buf)];
2717 *(p++) = 'F';
2718 while (*fmt) {
2719 if (*fmt == '%') {
2720 fmt++;
2721 switch (*fmt++) {
2722 case 'x':
2723 addr = va_arg(va, target_ulong);
2724 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
2725 break;
2726 case 'l':
2727 if (*(fmt++) != 'x')
2728 goto bad_format;
2729 i64 = va_arg(va, uint64_t);
2730 p += snprintf(p, p_end - p, "%" PRIx64, i64);
2731 break;
2732 case 's':
2733 addr = va_arg(va, target_ulong);
2734 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
2735 addr, va_arg(va, int));
2736 break;
2737 default:
2738 bad_format:
2739 error_report("gdbstub: Bad syscall format string '%s'",
2740 fmt - 1);
2741 break;
2742 }
2743 } else {
2744 *(p++) = *(fmt++);
2745 }
2746 }
2747 *p = 0;
2748 #ifdef CONFIG_USER_ONLY
2749 put_packet(s, s->syscall_buf);
2750 /* Return control to gdb for it to process the syscall request.
2751 * Since the protocol requires that gdb hands control back to us
2752 * using a "here are the results" F packet, we don't need to check
2753 * gdb_handlesig's return value (which is the signal to deliver if
2754 * execution was resumed via a continue packet).
2755 */
2756 gdb_handlesig(s->c_cpu, 0);
2757 #else
2758 /* In this case wait to send the syscall packet until notification that
2759 the CPU has stopped. This must be done because if the packet is sent
2760 now the reply from the syscall request could be received while the CPU
2761 is still in the running state, which can cause packets to be dropped
2762 and state transition 'T' packets to be sent while the syscall is still
2763 being processed. */
2764 qemu_cpu_kick(s->c_cpu);
2765 #endif
2766 }
2767
2768 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
2769 {
2770 va_list va;
2771
2772 va_start(va, fmt);
2773 gdb_do_syscallv(cb, fmt, va);
2774 va_end(va);
2775 }
2776
2777 static void gdb_read_byte(GDBState *s, uint8_t ch)
2778 {
2779 uint8_t reply;
2780
2781 #ifndef CONFIG_USER_ONLY
2782 if (s->last_packet_len) {
2783 /* Waiting for a response to the last packet. If we see the start
2784 of a new command then abandon the previous response. */
2785 if (ch == '-') {
2786 trace_gdbstub_err_got_nack();
2787 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
2788 } else if (ch == '+') {
2789 trace_gdbstub_io_got_ack();
2790 } else {
2791 trace_gdbstub_io_got_unexpected(ch);
2792 }
2793
2794 if (ch == '+' || ch == '$')
2795 s->last_packet_len = 0;
2796 if (ch != '$')
2797 return;
2798 }
2799 if (runstate_is_running()) {
2800 /* when the CPU is running, we cannot do anything except stop
2801 it when receiving a char */
2802 vm_stop(RUN_STATE_PAUSED);
2803 } else
2804 #endif
2805 {
2806 switch(s->state) {
2807 case RS_IDLE:
2808 if (ch == '$') {
2809 /* start of command packet */
2810 s->line_buf_index = 0;
2811 s->line_sum = 0;
2812 s->state = RS_GETLINE;
2813 } else {
2814 trace_gdbstub_err_garbage(ch);
2815 }
2816 break;
2817 case RS_GETLINE:
2818 if (ch == '}') {
2819 /* start escape sequence */
2820 s->state = RS_GETLINE_ESC;
2821 s->line_sum += ch;
2822 } else if (ch == '*') {
2823 /* start run length encoding sequence */
2824 s->state = RS_GETLINE_RLE;
2825 s->line_sum += ch;
2826 } else if (ch == '#') {
2827 /* end of command, start of checksum*/
2828 s->state = RS_CHKSUM1;
2829 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
2830 trace_gdbstub_err_overrun();
2831 s->state = RS_IDLE;
2832 } else {
2833 /* unescaped command character */
2834 s->line_buf[s->line_buf_index++] = ch;
2835 s->line_sum += ch;
2836 }
2837 break;
2838 case RS_GETLINE_ESC:
2839 if (ch == '#') {
2840 /* unexpected end of command in escape sequence */
2841 s->state = RS_CHKSUM1;
2842 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
2843 /* command buffer overrun */
2844 trace_gdbstub_err_overrun();
2845 s->state = RS_IDLE;
2846 } else {
2847 /* parse escaped character and leave escape state */
2848 s->line_buf[s->line_buf_index++] = ch ^ 0x20;
2849 s->line_sum += ch;
2850 s->state = RS_GETLINE;
2851 }
2852 break;
2853 case RS_GETLINE_RLE:
2854 /*
2855 * Run-length encoding is explained in "Debugging with GDB /
2856 * Appendix E GDB Remote Serial Protocol / Overview".
2857 */
2858 if (ch < ' ' || ch == '#' || ch == '$' || ch > 126) {
2859 /* invalid RLE count encoding */
2860 trace_gdbstub_err_invalid_repeat(ch);
2861 s->state = RS_GETLINE;
2862 } else {
2863 /* decode repeat length */
2864 int repeat = ch - ' ' + 3;
2865 if (s->line_buf_index + repeat >= sizeof(s->line_buf) - 1) {
2866 /* that many repeats would overrun the command buffer */
2867 trace_gdbstub_err_overrun();
2868 s->state = RS_IDLE;
2869 } else if (s->line_buf_index < 1) {
2870 /* got a repeat but we have nothing to repeat */
2871 trace_gdbstub_err_invalid_rle();
2872 s->state = RS_GETLINE;
2873 } else {
2874 /* repeat the last character */
2875 memset(s->line_buf + s->line_buf_index,
2876 s->line_buf[s->line_buf_index - 1], repeat);
2877 s->line_buf_index += repeat;
2878 s->line_sum += ch;
2879 s->state = RS_GETLINE;
2880 }
2881 }
2882 break;
2883 case RS_CHKSUM1:
2884 /* get high hex digit of checksum */
2885 if (!isxdigit(ch)) {
2886 trace_gdbstub_err_checksum_invalid(ch);
2887 s->state = RS_GETLINE;
2888 break;
2889 }
2890 s->line_buf[s->line_buf_index] = '\0';
2891 s->line_csum = fromhex(ch) << 4;
2892 s->state = RS_CHKSUM2;
2893 break;
2894 case RS_CHKSUM2:
2895 /* get low hex digit of checksum */
2896 if (!isxdigit(ch)) {
2897 trace_gdbstub_err_checksum_invalid(ch);
2898 s->state = RS_GETLINE;
2899 break;
2900 }
2901 s->line_csum |= fromhex(ch);
2902
2903 if (s->line_csum != (s->line_sum & 0xff)) {
2904 trace_gdbstub_err_checksum_incorrect(s->line_sum, s->line_csum);
2905 /* send NAK reply */
2906 reply = '-';
2907 put_buffer(s, &reply, 1);
2908 s->state = RS_IDLE;
2909 } else {
2910 /* send ACK reply */
2911 reply = '+';
2912 put_buffer(s, &reply, 1);
2913 s->state = gdb_handle_packet(s, s->line_buf);
2914 }
2915 break;
2916 default:
2917 abort();
2918 }
2919 }
2920 }
2921
2922 /* Tell the remote gdb that the process has exited. */
2923 void gdb_exit(CPUArchState *env, int code)
2924 {
2925 GDBState *s;
2926 char buf[4];
2927
2928 s = gdbserver_state;
2929 if (!s) {
2930 return;
2931 }
2932 #ifdef CONFIG_USER_ONLY
2933 if (gdbserver_fd < 0 || s->fd < 0) {
2934 return;
2935 }
2936 #endif
2937
2938 trace_gdbstub_op_exiting((uint8_t)code);
2939
2940 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
2941 put_packet(s, buf);
2942
2943 #ifndef CONFIG_USER_ONLY
2944 qemu_chr_fe_deinit(&s->chr, true);
2945 #endif
2946 }
2947
2948 /*
2949 * Create the process that will contain all the "orphan" CPUs (that are not
2950 * part of a CPU cluster). Note that if this process contains no CPUs, it won't
2951 * be attachable and thus will be invisible to the user.
2952 */
2953 static void create_default_process(GDBState *s)
2954 {
2955 GDBProcess *process;
2956 int max_pid = 0;
2957
2958 if (s->process_num) {
2959 max_pid = s->processes[s->process_num - 1].pid;
2960 }
2961
2962 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
2963 process = &s->processes[s->process_num - 1];
2964
2965 /* We need an available PID slot for this process */
2966 assert(max_pid < UINT32_MAX);
2967
2968 process->pid = max_pid + 1;
2969 process->attached = false;
2970 process->target_xml[0] = '\0';
2971 }
2972
2973 #ifdef CONFIG_USER_ONLY
2974 int
2975 gdb_handlesig(CPUState *cpu, int sig)
2976 {
2977 GDBState *s;
2978 char buf[256];
2979 int n;
2980
2981 s = gdbserver_state;
2982 if (gdbserver_fd < 0 || s->fd < 0) {
2983 return sig;
2984 }
2985
2986 /* disable single step if it was enabled */
2987 cpu_single_step(cpu, 0);
2988 tb_flush(cpu);
2989
2990 if (sig != 0) {
2991 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
2992 put_packet(s, buf);
2993 }
2994 /* put_packet() might have detected that the peer terminated the
2995 connection. */
2996 if (s->fd < 0) {
2997 return sig;
2998 }
2999
3000 sig = 0;
3001 s->state = RS_IDLE;
3002 s->running_state = 0;
3003 while (s->running_state == 0) {
3004 n = read(s->fd, buf, 256);
3005 if (n > 0) {
3006 int i;
3007
3008 for (i = 0; i < n; i++) {
3009 gdb_read_byte(s, buf[i]);
3010 }
3011 } else {
3012 /* XXX: Connection closed. Should probably wait for another
3013 connection before continuing. */
3014 if (n == 0) {
3015 close(s->fd);
3016 }
3017 s->fd = -1;
3018 return sig;
3019 }
3020 }
3021 sig = s->signal;
3022 s->signal = 0;
3023 return sig;
3024 }
3025
3026 /* Tell the remote gdb that the process has exited due to SIG. */
3027 void gdb_signalled(CPUArchState *env, int sig)
3028 {
3029 GDBState *s;
3030 char buf[4];
3031
3032 s = gdbserver_state;
3033 if (gdbserver_fd < 0 || s->fd < 0) {
3034 return;
3035 }
3036
3037 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
3038 put_packet(s, buf);
3039 }
3040
3041 static bool gdb_accept(void)
3042 {
3043 GDBState *s;
3044 struct sockaddr_in sockaddr;
3045 socklen_t len;
3046 int fd;
3047
3048 for(;;) {
3049 len = sizeof(sockaddr);
3050 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
3051 if (fd < 0 && errno != EINTR) {
3052 perror("accept");
3053 return false;
3054 } else if (fd >= 0) {
3055 qemu_set_cloexec(fd);
3056 break;
3057 }
3058 }
3059
3060 /* set short latency */
3061 if (socket_set_nodelay(fd)) {
3062 perror("setsockopt");
3063 close(fd);
3064 return false;
3065 }
3066
3067 s = g_malloc0(sizeof(GDBState));
3068 create_default_process(s);
3069 s->processes[0].attached = true;
3070 s->c_cpu = gdb_first_attached_cpu(s);
3071 s->g_cpu = s->c_cpu;
3072 s->fd = fd;
3073 gdb_has_xml = false;
3074
3075 gdbserver_state = s;
3076 return true;
3077 }
3078
3079 static int gdbserver_open(int port)
3080 {
3081 struct sockaddr_in sockaddr;
3082 int fd, ret;
3083
3084 fd = socket(PF_INET, SOCK_STREAM, 0);
3085 if (fd < 0) {
3086 perror("socket");
3087 return -1;
3088 }
3089 qemu_set_cloexec(fd);
3090
3091 socket_set_fast_reuse(fd);
3092
3093 sockaddr.sin_family = AF_INET;
3094 sockaddr.sin_port = htons(port);
3095 sockaddr.sin_addr.s_addr = 0;
3096 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
3097 if (ret < 0) {
3098 perror("bind");
3099 close(fd);
3100 return -1;
3101 }
3102 ret = listen(fd, 1);
3103 if (ret < 0) {
3104 perror("listen");
3105 close(fd);
3106 return -1;
3107 }
3108 return fd;
3109 }
3110
3111 int gdbserver_start(int port)
3112 {
3113 gdbserver_fd = gdbserver_open(port);
3114 if (gdbserver_fd < 0)
3115 return -1;
3116 /* accept connections */
3117 if (!gdb_accept()) {
3118 close(gdbserver_fd);
3119 gdbserver_fd = -1;
3120 return -1;
3121 }
3122 return 0;
3123 }
3124
3125 /* Disable gdb stub for child processes. */
3126 void gdbserver_fork(CPUState *cpu)
3127 {
3128 GDBState *s = gdbserver_state;
3129
3130 if (gdbserver_fd < 0 || s->fd < 0) {
3131 return;
3132 }
3133 close(s->fd);
3134 s->fd = -1;
3135 cpu_breakpoint_remove_all(cpu, BP_GDB);
3136 cpu_watchpoint_remove_all(cpu, BP_GDB);
3137 }
3138 #else
3139 static int gdb_chr_can_receive(void *opaque)
3140 {
3141 /* We can handle an arbitrarily large amount of data.
3142 Pick the maximum packet size, which is as good as anything. */
3143 return MAX_PACKET_LENGTH;
3144 }
3145
3146 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
3147 {
3148 int i;
3149
3150 for (i = 0; i < size; i++) {
3151 gdb_read_byte(gdbserver_state, buf[i]);
3152 }
3153 }
3154
3155 static void gdb_chr_event(void *opaque, int event)
3156 {
3157 int i;
3158 GDBState *s = (GDBState *) opaque;
3159
3160 switch (event) {
3161 case CHR_EVENT_OPENED:
3162 /* Start with first process attached, others detached */
3163 for (i = 0; i < s->process_num; i++) {
3164 s->processes[i].attached = !i;
3165 }
3166
3167 s->c_cpu = gdb_first_attached_cpu(s);
3168 s->g_cpu = s->c_cpu;
3169
3170 vm_stop(RUN_STATE_PAUSED);
3171 gdb_has_xml = false;
3172 break;
3173 default:
3174 break;
3175 }
3176 }
3177
3178 static void gdb_monitor_output(GDBState *s, const char *msg, int len)
3179 {
3180 char buf[MAX_PACKET_LENGTH];
3181
3182 buf[0] = 'O';
3183 if (len > (MAX_PACKET_LENGTH/2) - 1)
3184 len = (MAX_PACKET_LENGTH/2) - 1;
3185 memtohex(buf + 1, (uint8_t *)msg, len);
3186 put_packet(s, buf);
3187 }
3188
3189 static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len)
3190 {
3191 const char *p = (const char *)buf;
3192 int max_sz;
3193
3194 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
3195 for (;;) {
3196 if (len <= max_sz) {
3197 gdb_monitor_output(gdbserver_state, p, len);
3198 break;
3199 }
3200 gdb_monitor_output(gdbserver_state, p, max_sz);
3201 p += max_sz;
3202 len -= max_sz;
3203 }
3204 return len;
3205 }
3206
3207 #ifndef _WIN32
3208 static void gdb_sigterm_handler(int signal)
3209 {
3210 if (runstate_is_running()) {
3211 vm_stop(RUN_STATE_PAUSED);
3212 }
3213 }
3214 #endif
3215
3216 static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend,
3217 bool *be_opened, Error **errp)
3218 {
3219 *be_opened = false;
3220 }
3221
3222 static void char_gdb_class_init(ObjectClass *oc, void *data)
3223 {
3224 ChardevClass *cc = CHARDEV_CLASS(oc);
3225
3226 cc->internal = true;
3227 cc->open = gdb_monitor_open;
3228 cc->chr_write = gdb_monitor_write;
3229 }
3230
3231 #define TYPE_CHARDEV_GDB "chardev-gdb"
3232
3233 static const TypeInfo char_gdb_type_info = {
3234 .name = TYPE_CHARDEV_GDB,
3235 .parent = TYPE_CHARDEV,
3236 .class_init = char_gdb_class_init,
3237 };
3238
3239 static int find_cpu_clusters(Object *child, void *opaque)
3240 {
3241 if (object_dynamic_cast(child, TYPE_CPU_CLUSTER)) {
3242 GDBState *s = (GDBState *) opaque;
3243 CPUClusterState *cluster = CPU_CLUSTER(child);
3244 GDBProcess *process;
3245
3246 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
3247
3248 process = &s->processes[s->process_num - 1];
3249
3250 /*
3251 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at
3252 * runtime, we enforce here that the machine does not use a cluster ID
3253 * that would lead to PID 0.
3254 */
3255 assert(cluster->cluster_id != UINT32_MAX);
3256 process->pid = cluster->cluster_id + 1;
3257 process->attached = false;
3258 process->target_xml[0] = '\0';
3259
3260 return 0;
3261 }
3262
3263 return object_child_foreach(child, find_cpu_clusters, opaque);
3264 }
3265
3266 static int pid_order(const void *a, const void *b)
3267 {
3268 GDBProcess *pa = (GDBProcess *) a;
3269 GDBProcess *pb = (GDBProcess *) b;
3270
3271 if (pa->pid < pb->pid) {
3272 return -1;
3273 } else if (pa->pid > pb->pid) {
3274 return 1;
3275 } else {
3276 return 0;
3277 }
3278 }
3279
3280 static void create_processes(GDBState *s)
3281 {
3282 object_child_foreach(object_get_root(), find_cpu_clusters, s);
3283
3284 if (s->processes) {
3285 /* Sort by PID */
3286 qsort(s->processes, s->process_num, sizeof(s->processes[0]), pid_order);
3287 }
3288
3289 create_default_process(s);
3290 }
3291
3292 static void cleanup_processes(GDBState *s)
3293 {
3294 g_free(s->processes);
3295 s->process_num = 0;
3296 s->processes = NULL;
3297 }
3298
3299 int gdbserver_start(const char *device)
3300 {
3301 trace_gdbstub_op_start(device);
3302
3303 GDBState *s;
3304 char gdbstub_device_name[128];
3305 Chardev *chr = NULL;
3306 Chardev *mon_chr;
3307
3308 if (!first_cpu) {
3309 error_report("gdbstub: meaningless to attach gdb to a "
3310 "machine without any CPU.");
3311 return -1;
3312 }
3313
3314 if (!device)
3315 return -1;
3316 if (strcmp(device, "none") != 0) {
3317 if (strstart(device, "tcp:", NULL)) {
3318 /* enforce required TCP attributes */
3319 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
3320 "%s,nowait,nodelay,server", device);
3321 device = gdbstub_device_name;
3322 }
3323 #ifndef _WIN32
3324 else if (strcmp(device, "stdio") == 0) {
3325 struct sigaction act;
3326
3327 memset(&act, 0, sizeof(act));
3328 act.sa_handler = gdb_sigterm_handler;
3329 sigaction(SIGINT, &act, NULL);
3330 }
3331 #endif
3332 /*
3333 * FIXME: it's a bit weird to allow using a mux chardev here
3334 * and implicitly setup a monitor. We may want to break this.
3335 */
3336 chr = qemu_chr_new_noreplay("gdb", device, true, NULL);
3337 if (!chr)
3338 return -1;
3339 }
3340
3341 s = gdbserver_state;
3342 if (!s) {
3343 s = g_malloc0(sizeof(GDBState));
3344 gdbserver_state = s;
3345
3346 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
3347
3348 /* Initialize a monitor terminal for gdb */
3349 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB,
3350 NULL, NULL, &error_abort);
3351 monitor_init_hmp(mon_chr, false);
3352 } else {
3353 qemu_chr_fe_deinit(&s->chr, true);
3354 mon_chr = s->mon_chr;
3355 cleanup_processes(s);
3356 memset(s, 0, sizeof(GDBState));
3357 s->mon_chr = mon_chr;
3358 }
3359
3360 create_processes(s);
3361
3362 if (chr) {
3363 qemu_chr_fe_init(&s->chr, chr, &error_abort);
3364 qemu_chr_fe_set_handlers(&s->chr, gdb_chr_can_receive, gdb_chr_receive,
3365 gdb_chr_event, NULL, s, NULL, true);
3366 }
3367 s->state = chr ? RS_IDLE : RS_INACTIVE;
3368 s->mon_chr = mon_chr;
3369 s->current_syscall_cb = NULL;
3370
3371 return 0;
3372 }
3373
3374 void gdbserver_cleanup(void)
3375 {
3376 if (gdbserver_state) {
3377 put_packet(gdbserver_state, "W00");
3378 }
3379 }
3380
3381 static void register_types(void)
3382 {
3383 type_register_static(&char_gdb_type_info);
3384 }
3385
3386 type_init(register_types);
3387 #endif
QEMU mirror