Update version for v5.1.0-rc3 release
[qemu.git] / gdbstub.c
1 /*
2 * gdb server stub
3 *
4 * This implements a subset of the remote protocol as described in:
5 *
6 * https://sourceware.org/gdb/onlinedocs/gdb/Remote-Protocol.html
7 *
8 * Copyright (c) 2003-2005 Fabrice Bellard
9 *
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
14 *
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
19 *
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
22 *
23 * SPDX-License-Identifier: LGPL-2.0+
24 */
25
26 #include "qemu/osdep.h"
27 #include "qemu-common.h"
28 #include "qapi/error.h"
29 #include "qemu/error-report.h"
30 #include "qemu/ctype.h"
31 #include "qemu/cutils.h"
32 #include "qemu/module.h"
33 #include "trace-root.h"
34 #ifdef CONFIG_USER_ONLY
35 #include "qemu.h"
36 #else
37 #include "monitor/monitor.h"
38 #include "chardev/char.h"
39 #include "chardev/char-fe.h"
40 #include "sysemu/sysemu.h"
41 #include "exec/gdbstub.h"
42 #include "hw/cpu/cluster.h"
43 #include "hw/boards.h"
44 #endif
45
46 #define MAX_PACKET_LENGTH 4096
47
48 #include "qemu/sockets.h"
49 #include "sysemu/hw_accel.h"
50 #include "sysemu/kvm.h"
51 #include "sysemu/runstate.h"
52 #include "hw/semihosting/semihost.h"
53 #include "exec/exec-all.h"
54
55 #ifdef CONFIG_USER_ONLY
56 #define GDB_ATTACHED "0"
57 #else
58 #define GDB_ATTACHED "1"
59 #endif
60
61 #ifndef CONFIG_USER_ONLY
62 static int phy_memory_mode;
63 #endif
64
65 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
66 uint8_t *buf, int len, bool is_write)
67 {
68 CPUClass *cc;
69
70 #ifndef CONFIG_USER_ONLY
71 if (phy_memory_mode) {
72 if (is_write) {
73 cpu_physical_memory_write(addr, buf, len);
74 } else {
75 cpu_physical_memory_read(addr, buf, len);
76 }
77 return 0;
78 }
79 #endif
80
81 cc = CPU_GET_CLASS(cpu);
82 if (cc->memory_rw_debug) {
83 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
84 }
85 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
86 }
87
88 /* Return the GDB index for a given vCPU state.
89 *
90 * For user mode this is simply the thread id. In system mode GDB
91 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
92 */
93 static inline int cpu_gdb_index(CPUState *cpu)
94 {
95 #if defined(CONFIG_USER_ONLY)
96 TaskState *ts = (TaskState *) cpu->opaque;
97 return ts->ts_tid;
98 #else
99 return cpu->cpu_index + 1;
100 #endif
101 }
102
103 enum {
104 GDB_SIGNAL_0 = 0,
105 GDB_SIGNAL_INT = 2,
106 GDB_SIGNAL_QUIT = 3,
107 GDB_SIGNAL_TRAP = 5,
108 GDB_SIGNAL_ABRT = 6,
109 GDB_SIGNAL_ALRM = 14,
110 GDB_SIGNAL_IO = 23,
111 GDB_SIGNAL_XCPU = 24,
112 GDB_SIGNAL_UNKNOWN = 143
113 };
114
115 #ifdef CONFIG_USER_ONLY
116
117 /* Map target signal numbers to GDB protocol signal numbers and vice
118 * versa. For user emulation's currently supported systems, we can
119 * assume most signals are defined.
120 */
121
122 static int gdb_signal_table[] = {
123 0,
124 TARGET_SIGHUP,
125 TARGET_SIGINT,
126 TARGET_SIGQUIT,
127 TARGET_SIGILL,
128 TARGET_SIGTRAP,
129 TARGET_SIGABRT,
130 -1, /* SIGEMT */
131 TARGET_SIGFPE,
132 TARGET_SIGKILL,
133 TARGET_SIGBUS,
134 TARGET_SIGSEGV,
135 TARGET_SIGSYS,
136 TARGET_SIGPIPE,
137 TARGET_SIGALRM,
138 TARGET_SIGTERM,
139 TARGET_SIGURG,
140 TARGET_SIGSTOP,
141 TARGET_SIGTSTP,
142 TARGET_SIGCONT,
143 TARGET_SIGCHLD,
144 TARGET_SIGTTIN,
145 TARGET_SIGTTOU,
146 TARGET_SIGIO,
147 TARGET_SIGXCPU,
148 TARGET_SIGXFSZ,
149 TARGET_SIGVTALRM,
150 TARGET_SIGPROF,
151 TARGET_SIGWINCH,
152 -1, /* SIGLOST */
153 TARGET_SIGUSR1,
154 TARGET_SIGUSR2,
155 #ifdef TARGET_SIGPWR
156 TARGET_SIGPWR,
157 #else
158 -1,
159 #endif
160 -1, /* SIGPOLL */
161 -1,
162 -1,
163 -1,
164 -1,
165 -1,
166 -1,
167 -1,
168 -1,
169 -1,
170 -1,
171 -1,
172 #ifdef __SIGRTMIN
173 __SIGRTMIN + 1,
174 __SIGRTMIN + 2,
175 __SIGRTMIN + 3,
176 __SIGRTMIN + 4,
177 __SIGRTMIN + 5,
178 __SIGRTMIN + 6,
179 __SIGRTMIN + 7,
180 __SIGRTMIN + 8,
181 __SIGRTMIN + 9,
182 __SIGRTMIN + 10,
183 __SIGRTMIN + 11,
184 __SIGRTMIN + 12,
185 __SIGRTMIN + 13,
186 __SIGRTMIN + 14,
187 __SIGRTMIN + 15,
188 __SIGRTMIN + 16,
189 __SIGRTMIN + 17,
190 __SIGRTMIN + 18,
191 __SIGRTMIN + 19,
192 __SIGRTMIN + 20,
193 __SIGRTMIN + 21,
194 __SIGRTMIN + 22,
195 __SIGRTMIN + 23,
196 __SIGRTMIN + 24,
197 __SIGRTMIN + 25,
198 __SIGRTMIN + 26,
199 __SIGRTMIN + 27,
200 __SIGRTMIN + 28,
201 __SIGRTMIN + 29,
202 __SIGRTMIN + 30,
203 __SIGRTMIN + 31,
204 -1, /* SIGCANCEL */
205 __SIGRTMIN,
206 __SIGRTMIN + 32,
207 __SIGRTMIN + 33,
208 __SIGRTMIN + 34,
209 __SIGRTMIN + 35,
210 __SIGRTMIN + 36,
211 __SIGRTMIN + 37,
212 __SIGRTMIN + 38,
213 __SIGRTMIN + 39,
214 __SIGRTMIN + 40,
215 __SIGRTMIN + 41,
216 __SIGRTMIN + 42,
217 __SIGRTMIN + 43,
218 __SIGRTMIN + 44,
219 __SIGRTMIN + 45,
220 __SIGRTMIN + 46,
221 __SIGRTMIN + 47,
222 __SIGRTMIN + 48,
223 __SIGRTMIN + 49,
224 __SIGRTMIN + 50,
225 __SIGRTMIN + 51,
226 __SIGRTMIN + 52,
227 __SIGRTMIN + 53,
228 __SIGRTMIN + 54,
229 __SIGRTMIN + 55,
230 __SIGRTMIN + 56,
231 __SIGRTMIN + 57,
232 __SIGRTMIN + 58,
233 __SIGRTMIN + 59,
234 __SIGRTMIN + 60,
235 __SIGRTMIN + 61,
236 __SIGRTMIN + 62,
237 __SIGRTMIN + 63,
238 __SIGRTMIN + 64,
239 __SIGRTMIN + 65,
240 __SIGRTMIN + 66,
241 __SIGRTMIN + 67,
242 __SIGRTMIN + 68,
243 __SIGRTMIN + 69,
244 __SIGRTMIN + 70,
245 __SIGRTMIN + 71,
246 __SIGRTMIN + 72,
247 __SIGRTMIN + 73,
248 __SIGRTMIN + 74,
249 __SIGRTMIN + 75,
250 __SIGRTMIN + 76,
251 __SIGRTMIN + 77,
252 __SIGRTMIN + 78,
253 __SIGRTMIN + 79,
254 __SIGRTMIN + 80,
255 __SIGRTMIN + 81,
256 __SIGRTMIN + 82,
257 __SIGRTMIN + 83,
258 __SIGRTMIN + 84,
259 __SIGRTMIN + 85,
260 __SIGRTMIN + 86,
261 __SIGRTMIN + 87,
262 __SIGRTMIN + 88,
263 __SIGRTMIN + 89,
264 __SIGRTMIN + 90,
265 __SIGRTMIN + 91,
266 __SIGRTMIN + 92,
267 __SIGRTMIN + 93,
268 __SIGRTMIN + 94,
269 __SIGRTMIN + 95,
270 -1, /* SIGINFO */
271 -1, /* UNKNOWN */
272 -1, /* DEFAULT */
273 -1,
274 -1,
275 -1,
276 -1,
277 -1,
278 -1
279 #endif
280 };
281 #else
282 /* In system mode we only need SIGINT and SIGTRAP; other signals
283 are not yet supported. */
284
285 enum {
286 TARGET_SIGINT = 2,
287 TARGET_SIGTRAP = 5
288 };
289
290 static int gdb_signal_table[] = {
291 -1,
292 -1,
293 TARGET_SIGINT,
294 -1,
295 -1,
296 TARGET_SIGTRAP
297 };
298 #endif
299
300 #ifdef CONFIG_USER_ONLY
301 static int target_signal_to_gdb (int sig)
302 {
303 int i;
304 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
305 if (gdb_signal_table[i] == sig)
306 return i;
307 return GDB_SIGNAL_UNKNOWN;
308 }
309 #endif
310
311 static int gdb_signal_to_target (int sig)
312 {
313 if (sig < ARRAY_SIZE (gdb_signal_table))
314 return gdb_signal_table[sig];
315 else
316 return -1;
317 }
318
319 typedef struct GDBRegisterState {
320 int base_reg;
321 int num_regs;
322 gdb_get_reg_cb get_reg;
323 gdb_set_reg_cb set_reg;
324 const char *xml;
325 struct GDBRegisterState *next;
326 } GDBRegisterState;
327
328 typedef struct GDBProcess {
329 uint32_t pid;
330 bool attached;
331
332 char target_xml[1024];
333 } GDBProcess;
334
335 enum RSState {
336 RS_INACTIVE,
337 RS_IDLE,
338 RS_GETLINE,
339 RS_GETLINE_ESC,
340 RS_GETLINE_RLE,
341 RS_CHKSUM1,
342 RS_CHKSUM2,
343 };
344 typedef struct GDBState {
345 bool init; /* have we been initialised? */
346 CPUState *c_cpu; /* current CPU for step/continue ops */
347 CPUState *g_cpu; /* current CPU for other ops */
348 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
349 enum RSState state; /* parsing state */
350 char line_buf[MAX_PACKET_LENGTH];
351 int line_buf_index;
352 int line_sum; /* running checksum */
353 int line_csum; /* checksum at the end of the packet */
354 GByteArray *last_packet;
355 int signal;
356 #ifdef CONFIG_USER_ONLY
357 int fd;
358 char *socket_path;
359 int running_state;
360 #else
361 CharBackend chr;
362 Chardev *mon_chr;
363 #endif
364 bool multiprocess;
365 GDBProcess *processes;
366 int process_num;
367 char syscall_buf[256];
368 gdb_syscall_complete_cb current_syscall_cb;
369 GString *str_buf;
370 GByteArray *mem_buf;
371 } GDBState;
372
373 /* By default use no IRQs and no timers while single stepping so as to
374 * make single stepping like an ICE HW step.
375 */
376 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
377
378 static GDBState gdbserver_state;
379
380 static void init_gdbserver_state(void)
381 {
382 g_assert(!gdbserver_state.init);
383 memset(&gdbserver_state, 0, sizeof(GDBState));
384 gdbserver_state.init = true;
385 gdbserver_state.str_buf = g_string_new(NULL);
386 gdbserver_state.mem_buf = g_byte_array_sized_new(MAX_PACKET_LENGTH);
387 gdbserver_state.last_packet = g_byte_array_sized_new(MAX_PACKET_LENGTH + 4);
388 }
389
390 #ifndef CONFIG_USER_ONLY
391 static void reset_gdbserver_state(void)
392 {
393 g_free(gdbserver_state.processes);
394 gdbserver_state.processes = NULL;
395 gdbserver_state.process_num = 0;
396 }
397 #endif
398
399 bool gdb_has_xml;
400
401 #ifdef CONFIG_USER_ONLY
402
403 static int get_char(void)
404 {
405 uint8_t ch;
406 int ret;
407
408 for(;;) {
409 ret = qemu_recv(gdbserver_state.fd, &ch, 1, 0);
410 if (ret < 0) {
411 if (errno == ECONNRESET)
412 gdbserver_state.fd = -1;
413 if (errno != EINTR)
414 return -1;
415 } else if (ret == 0) {
416 close(gdbserver_state.fd);
417 gdbserver_state.fd = -1;
418 return -1;
419 } else {
420 break;
421 }
422 }
423 return ch;
424 }
425 #endif
426
427 static enum {
428 GDB_SYS_UNKNOWN,
429 GDB_SYS_ENABLED,
430 GDB_SYS_DISABLED,
431 } gdb_syscall_mode;
432
433 /* Decide if either remote gdb syscalls or native file IO should be used. */
434 int use_gdb_syscalls(void)
435 {
436 SemihostingTarget target = semihosting_get_target();
437 if (target == SEMIHOSTING_TARGET_NATIVE) {
438 /* -semihosting-config target=native */
439 return false;
440 } else if (target == SEMIHOSTING_TARGET_GDB) {
441 /* -semihosting-config target=gdb */
442 return true;
443 }
444
445 /* -semihosting-config target=auto */
446 /* On the first call check if gdb is connected and remember. */
447 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
448 gdb_syscall_mode = gdbserver_state.init ?
449 GDB_SYS_ENABLED : GDB_SYS_DISABLED;
450 }
451 return gdb_syscall_mode == GDB_SYS_ENABLED;
452 }
453
454 /* Resume execution. */
455 static inline void gdb_continue(void)
456 {
457
458 #ifdef CONFIG_USER_ONLY
459 gdbserver_state.running_state = 1;
460 trace_gdbstub_op_continue();
461 #else
462 if (!runstate_needs_reset()) {
463 trace_gdbstub_op_continue();
464 vm_start();
465 }
466 #endif
467 }
468
469 /*
470 * Resume execution, per CPU actions. For user-mode emulation it's
471 * equivalent to gdb_continue.
472 */
473 static int gdb_continue_partial(char *newstates)
474 {
475 CPUState *cpu;
476 int res = 0;
477 #ifdef CONFIG_USER_ONLY
478 /*
479 * This is not exactly accurate, but it's an improvement compared to the
480 * previous situation, where only one CPU would be single-stepped.
481 */
482 CPU_FOREACH(cpu) {
483 if (newstates[cpu->cpu_index] == 's') {
484 trace_gdbstub_op_stepping(cpu->cpu_index);
485 cpu_single_step(cpu, sstep_flags);
486 }
487 }
488 gdbserver_state.running_state = 1;
489 #else
490 int flag = 0;
491
492 if (!runstate_needs_reset()) {
493 if (vm_prepare_start()) {
494 return 0;
495 }
496
497 CPU_FOREACH(cpu) {
498 switch (newstates[cpu->cpu_index]) {
499 case 0:
500 case 1:
501 break; /* nothing to do here */
502 case 's':
503 trace_gdbstub_op_stepping(cpu->cpu_index);
504 cpu_single_step(cpu, sstep_flags);
505 cpu_resume(cpu);
506 flag = 1;
507 break;
508 case 'c':
509 trace_gdbstub_op_continue_cpu(cpu->cpu_index);
510 cpu_resume(cpu);
511 flag = 1;
512 break;
513 default:
514 res = -1;
515 break;
516 }
517 }
518 }
519 if (flag) {
520 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true);
521 }
522 #endif
523 return res;
524 }
525
526 static void put_buffer(const uint8_t *buf, int len)
527 {
528 #ifdef CONFIG_USER_ONLY
529 int ret;
530
531 while (len > 0) {
532 ret = send(gdbserver_state.fd, buf, len, 0);
533 if (ret < 0) {
534 if (errno != EINTR)
535 return;
536 } else {
537 buf += ret;
538 len -= ret;
539 }
540 }
541 #else
542 /* XXX this blocks entire thread. Rewrite to use
543 * qemu_chr_fe_write and background I/O callbacks */
544 qemu_chr_fe_write_all(&gdbserver_state.chr, buf, len);
545 #endif
546 }
547
548 static inline int fromhex(int v)
549 {
550 if (v >= '0' && v <= '9')
551 return v - '0';
552 else if (v >= 'A' && v <= 'F')
553 return v - 'A' + 10;
554 else if (v >= 'a' && v <= 'f')
555 return v - 'a' + 10;
556 else
557 return 0;
558 }
559
560 static inline int tohex(int v)
561 {
562 if (v < 10)
563 return v + '0';
564 else
565 return v - 10 + 'a';
566 }
567
568 /* writes 2*len+1 bytes in buf */
569 static void memtohex(GString *buf, const uint8_t *mem, int len)
570 {
571 int i, c;
572 for(i = 0; i < len; i++) {
573 c = mem[i];
574 g_string_append_c(buf, tohex(c >> 4));
575 g_string_append_c(buf, tohex(c & 0xf));
576 }
577 g_string_append_c(buf, '\0');
578 }
579
580 static void hextomem(GByteArray *mem, const char *buf, int len)
581 {
582 int i;
583
584 for(i = 0; i < len; i++) {
585 guint8 byte = fromhex(buf[0]) << 4 | fromhex(buf[1]);
586 g_byte_array_append(mem, &byte, 1);
587 buf += 2;
588 }
589 }
590
591 static void hexdump(const char *buf, int len,
592 void (*trace_fn)(size_t ofs, char const *text))
593 {
594 char line_buffer[3 * 16 + 4 + 16 + 1];
595
596 size_t i;
597 for (i = 0; i < len || (i & 0xF); ++i) {
598 size_t byte_ofs = i & 15;
599
600 if (byte_ofs == 0) {
601 memset(line_buffer, ' ', 3 * 16 + 4 + 16);
602 line_buffer[3 * 16 + 4 + 16] = 0;
603 }
604
605 size_t col_group = (i >> 2) & 3;
606 size_t hex_col = byte_ofs * 3 + col_group;
607 size_t txt_col = 3 * 16 + 4 + byte_ofs;
608
609 if (i < len) {
610 char value = buf[i];
611
612 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF);
613 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF);
614 line_buffer[txt_col + 0] = (value >= ' ' && value < 127)
615 ? value
616 : '.';
617 }
618
619 if (byte_ofs == 0xF)
620 trace_fn(i & -16, line_buffer);
621 }
622 }
623
624 /* return -1 if error, 0 if OK */
625 static int put_packet_binary(const char *buf, int len, bool dump)
626 {
627 int csum, i;
628 uint8_t footer[3];
629
630 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) {
631 hexdump(buf, len, trace_gdbstub_io_binaryreply);
632 }
633
634 for(;;) {
635 g_byte_array_set_size(gdbserver_state.last_packet, 0);
636 g_byte_array_append(gdbserver_state.last_packet,
637 (const uint8_t *) "$", 1);
638 g_byte_array_append(gdbserver_state.last_packet,
639 (const uint8_t *) buf, len);
640 csum = 0;
641 for(i = 0; i < len; i++) {
642 csum += buf[i];
643 }
644 footer[0] = '#';
645 footer[1] = tohex((csum >> 4) & 0xf);
646 footer[2] = tohex((csum) & 0xf);
647 g_byte_array_append(gdbserver_state.last_packet, footer, 3);
648
649 put_buffer(gdbserver_state.last_packet->data,
650 gdbserver_state.last_packet->len);
651
652 #ifdef CONFIG_USER_ONLY
653 i = get_char();
654 if (i < 0)
655 return -1;
656 if (i == '+')
657 break;
658 #else
659 break;
660 #endif
661 }
662 return 0;
663 }
664
665 /* return -1 if error, 0 if OK */
666 static int put_packet(const char *buf)
667 {
668 trace_gdbstub_io_reply(buf);
669
670 return put_packet_binary(buf, strlen(buf), false);
671 }
672
673 static void put_strbuf(void)
674 {
675 put_packet(gdbserver_state.str_buf->str);
676 }
677
678 /* Encode data using the encoding for 'x' packets. */
679 static void memtox(GString *buf, const char *mem, int len)
680 {
681 char c;
682
683 while (len--) {
684 c = *(mem++);
685 switch (c) {
686 case '#': case '$': case '*': case '}':
687 g_string_append_c(buf, '}');
688 g_string_append_c(buf, c ^ 0x20);
689 break;
690 default:
691 g_string_append_c(buf, c);
692 break;
693 }
694 }
695 }
696
697 static uint32_t gdb_get_cpu_pid(CPUState *cpu)
698 {
699 /* TODO: In user mode, we should use the task state PID */
700 if (cpu->cluster_index == UNASSIGNED_CLUSTER_INDEX) {
701 /* Return the default process' PID */
702 int index = gdbserver_state.process_num - 1;
703 return gdbserver_state.processes[index].pid;
704 }
705 return cpu->cluster_index + 1;
706 }
707
708 static GDBProcess *gdb_get_process(uint32_t pid)
709 {
710 int i;
711
712 if (!pid) {
713 /* 0 means any process, we take the first one */
714 return &gdbserver_state.processes[0];
715 }
716
717 for (i = 0; i < gdbserver_state.process_num; i++) {
718 if (gdbserver_state.processes[i].pid == pid) {
719 return &gdbserver_state.processes[i];
720 }
721 }
722
723 return NULL;
724 }
725
726 static GDBProcess *gdb_get_cpu_process(CPUState *cpu)
727 {
728 return gdb_get_process(gdb_get_cpu_pid(cpu));
729 }
730
731 static CPUState *find_cpu(uint32_t thread_id)
732 {
733 CPUState *cpu;
734
735 CPU_FOREACH(cpu) {
736 if (cpu_gdb_index(cpu) == thread_id) {
737 return cpu;
738 }
739 }
740
741 return NULL;
742 }
743
744 static CPUState *get_first_cpu_in_process(GDBProcess *process)
745 {
746 CPUState *cpu;
747
748 CPU_FOREACH(cpu) {
749 if (gdb_get_cpu_pid(cpu) == process->pid) {
750 return cpu;
751 }
752 }
753
754 return NULL;
755 }
756
757 static CPUState *gdb_next_cpu_in_process(CPUState *cpu)
758 {
759 uint32_t pid = gdb_get_cpu_pid(cpu);
760 cpu = CPU_NEXT(cpu);
761
762 while (cpu) {
763 if (gdb_get_cpu_pid(cpu) == pid) {
764 break;
765 }
766
767 cpu = CPU_NEXT(cpu);
768 }
769
770 return cpu;
771 }
772
773 /* Return the cpu following @cpu, while ignoring unattached processes. */
774 static CPUState *gdb_next_attached_cpu(CPUState *cpu)
775 {
776 cpu = CPU_NEXT(cpu);
777
778 while (cpu) {
779 if (gdb_get_cpu_process(cpu)->attached) {
780 break;
781 }
782
783 cpu = CPU_NEXT(cpu);
784 }
785
786 return cpu;
787 }
788
789 /* Return the first attached cpu */
790 static CPUState *gdb_first_attached_cpu(void)
791 {
792 CPUState *cpu = first_cpu;
793 GDBProcess *process = gdb_get_cpu_process(cpu);
794
795 if (!process->attached) {
796 return gdb_next_attached_cpu(cpu);
797 }
798
799 return cpu;
800 }
801
802 static CPUState *gdb_get_cpu(uint32_t pid, uint32_t tid)
803 {
804 GDBProcess *process;
805 CPUState *cpu;
806
807 if (!pid && !tid) {
808 /* 0 means any process/thread, we take the first attached one */
809 return gdb_first_attached_cpu();
810 } else if (pid && !tid) {
811 /* any thread in a specific process */
812 process = gdb_get_process(pid);
813
814 if (process == NULL) {
815 return NULL;
816 }
817
818 if (!process->attached) {
819 return NULL;
820 }
821
822 return get_first_cpu_in_process(process);
823 } else {
824 /* a specific thread */
825 cpu = find_cpu(tid);
826
827 if (cpu == NULL) {
828 return NULL;
829 }
830
831 process = gdb_get_cpu_process(cpu);
832
833 if (pid && process->pid != pid) {
834 return NULL;
835 }
836
837 if (!process->attached) {
838 return NULL;
839 }
840
841 return cpu;
842 }
843 }
844
845 static const char *get_feature_xml(const char *p, const char **newp,
846 GDBProcess *process)
847 {
848 size_t len;
849 int i;
850 const char *name;
851 CPUState *cpu = get_first_cpu_in_process(process);
852 CPUClass *cc = CPU_GET_CLASS(cpu);
853
854 len = 0;
855 while (p[len] && p[len] != ':')
856 len++;
857 *newp = p + len;
858
859 name = NULL;
860 if (strncmp(p, "target.xml", len) == 0) {
861 char *buf = process->target_xml;
862 const size_t buf_sz = sizeof(process->target_xml);
863
864 /* Generate the XML description for this CPU. */
865 if (!buf[0]) {
866 GDBRegisterState *r;
867
868 pstrcat(buf, buf_sz,
869 "<?xml version=\"1.0\"?>"
870 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
871 "<target>");
872 if (cc->gdb_arch_name) {
873 gchar *arch = cc->gdb_arch_name(cpu);
874 pstrcat(buf, buf_sz, "<architecture>");
875 pstrcat(buf, buf_sz, arch);
876 pstrcat(buf, buf_sz, "</architecture>");
877 g_free(arch);
878 }
879 pstrcat(buf, buf_sz, "<xi:include href=\"");
880 pstrcat(buf, buf_sz, cc->gdb_core_xml_file);
881 pstrcat(buf, buf_sz, "\"/>");
882 for (r = cpu->gdb_regs; r; r = r->next) {
883 pstrcat(buf, buf_sz, "<xi:include href=\"");
884 pstrcat(buf, buf_sz, r->xml);
885 pstrcat(buf, buf_sz, "\"/>");
886 }
887 pstrcat(buf, buf_sz, "</target>");
888 }
889 return buf;
890 }
891 if (cc->gdb_get_dynamic_xml) {
892 char *xmlname = g_strndup(p, len);
893 const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname);
894
895 g_free(xmlname);
896 if (xml) {
897 return xml;
898 }
899 }
900 for (i = 0; ; i++) {
901 name = xml_builtin[i][0];
902 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
903 break;
904 }
905 return name ? xml_builtin[i][1] : NULL;
906 }
907
908 static int gdb_read_register(CPUState *cpu, GByteArray *buf, int reg)
909 {
910 CPUClass *cc = CPU_GET_CLASS(cpu);
911 CPUArchState *env = cpu->env_ptr;
912 GDBRegisterState *r;
913
914 if (reg < cc->gdb_num_core_regs) {
915 return cc->gdb_read_register(cpu, buf, reg);
916 }
917
918 for (r = cpu->gdb_regs; r; r = r->next) {
919 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
920 return r->get_reg(env, buf, reg - r->base_reg);
921 }
922 }
923 return 0;
924 }
925
926 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
927 {
928 CPUClass *cc = CPU_GET_CLASS(cpu);
929 CPUArchState *env = cpu->env_ptr;
930 GDBRegisterState *r;
931
932 if (reg < cc->gdb_num_core_regs) {
933 return cc->gdb_write_register(cpu, mem_buf, reg);
934 }
935
936 for (r = cpu->gdb_regs; r; r = r->next) {
937 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
938 return r->set_reg(env, mem_buf, reg - r->base_reg);
939 }
940 }
941 return 0;
942 }
943
944 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
945 specifies the first register number and these registers are included in
946 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
947 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
948 */
949
950 void gdb_register_coprocessor(CPUState *cpu,
951 gdb_get_reg_cb get_reg, gdb_set_reg_cb set_reg,
952 int num_regs, const char *xml, int g_pos)
953 {
954 GDBRegisterState *s;
955 GDBRegisterState **p;
956
957 p = &cpu->gdb_regs;
958 while (*p) {
959 /* Check for duplicates. */
960 if (strcmp((*p)->xml, xml) == 0)
961 return;
962 p = &(*p)->next;
963 }
964
965 s = g_new0(GDBRegisterState, 1);
966 s->base_reg = cpu->gdb_num_regs;
967 s->num_regs = num_regs;
968 s->get_reg = get_reg;
969 s->set_reg = set_reg;
970 s->xml = xml;
971
972 /* Add to end of list. */
973 cpu->gdb_num_regs += num_regs;
974 *p = s;
975 if (g_pos) {
976 if (g_pos != s->base_reg) {
977 error_report("Error: Bad gdb register numbering for '%s', "
978 "expected %d got %d", xml, g_pos, s->base_reg);
979 } else {
980 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
981 }
982 }
983 }
984
985 #ifndef CONFIG_USER_ONLY
986 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
987 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
988 {
989 static const int xlat[] = {
990 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
991 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
992 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
993 };
994
995 CPUClass *cc = CPU_GET_CLASS(cpu);
996 int cputype = xlat[gdbtype];
997
998 if (cc->gdb_stop_before_watchpoint) {
999 cputype |= BP_STOP_BEFORE_ACCESS;
1000 }
1001 return cputype;
1002 }
1003 #endif
1004
1005 static int gdb_breakpoint_insert(int type, target_ulong addr, target_ulong len)
1006 {
1007 CPUState *cpu;
1008 int err = 0;
1009
1010 if (kvm_enabled()) {
1011 return kvm_insert_breakpoint(gdbserver_state.c_cpu, addr, len, type);
1012 }
1013
1014 switch (type) {
1015 case GDB_BREAKPOINT_SW:
1016 case GDB_BREAKPOINT_HW:
1017 CPU_FOREACH(cpu) {
1018 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
1019 if (err) {
1020 break;
1021 }
1022 }
1023 return err;
1024 #ifndef CONFIG_USER_ONLY
1025 case GDB_WATCHPOINT_WRITE:
1026 case GDB_WATCHPOINT_READ:
1027 case GDB_WATCHPOINT_ACCESS:
1028 CPU_FOREACH(cpu) {
1029 err = cpu_watchpoint_insert(cpu, addr, len,
1030 xlat_gdb_type(cpu, type), NULL);
1031 if (err) {
1032 break;
1033 }
1034 }
1035 return err;
1036 #endif
1037 default:
1038 return -ENOSYS;
1039 }
1040 }
1041
1042 static int gdb_breakpoint_remove(int type, target_ulong addr, target_ulong len)
1043 {
1044 CPUState *cpu;
1045 int err = 0;
1046
1047 if (kvm_enabled()) {
1048 return kvm_remove_breakpoint(gdbserver_state.c_cpu, addr, len, type);
1049 }
1050
1051 switch (type) {
1052 case GDB_BREAKPOINT_SW:
1053 case GDB_BREAKPOINT_HW:
1054 CPU_FOREACH(cpu) {
1055 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
1056 if (err) {
1057 break;
1058 }
1059 }
1060 return err;
1061 #ifndef CONFIG_USER_ONLY
1062 case GDB_WATCHPOINT_WRITE:
1063 case GDB_WATCHPOINT_READ:
1064 case GDB_WATCHPOINT_ACCESS:
1065 CPU_FOREACH(cpu) {
1066 err = cpu_watchpoint_remove(cpu, addr, len,
1067 xlat_gdb_type(cpu, type));
1068 if (err)
1069 break;
1070 }
1071 return err;
1072 #endif
1073 default:
1074 return -ENOSYS;
1075 }
1076 }
1077
1078 static inline void gdb_cpu_breakpoint_remove_all(CPUState *cpu)
1079 {
1080 cpu_breakpoint_remove_all(cpu, BP_GDB);
1081 #ifndef CONFIG_USER_ONLY
1082 cpu_watchpoint_remove_all(cpu, BP_GDB);
1083 #endif
1084 }
1085
1086 static void gdb_process_breakpoint_remove_all(GDBProcess *p)
1087 {
1088 CPUState *cpu = get_first_cpu_in_process(p);
1089
1090 while (cpu) {
1091 gdb_cpu_breakpoint_remove_all(cpu);
1092 cpu = gdb_next_cpu_in_process(cpu);
1093 }
1094 }
1095
1096 static void gdb_breakpoint_remove_all(void)
1097 {
1098 CPUState *cpu;
1099
1100 if (kvm_enabled()) {
1101 kvm_remove_all_breakpoints(gdbserver_state.c_cpu);
1102 return;
1103 }
1104
1105 CPU_FOREACH(cpu) {
1106 gdb_cpu_breakpoint_remove_all(cpu);
1107 }
1108 }
1109
1110 static void gdb_set_cpu_pc(target_ulong pc)
1111 {
1112 CPUState *cpu = gdbserver_state.c_cpu;
1113
1114 cpu_synchronize_state(cpu);
1115 cpu_set_pc(cpu, pc);
1116 }
1117
1118 static void gdb_append_thread_id(CPUState *cpu, GString *buf)
1119 {
1120 if (gdbserver_state.multiprocess) {
1121 g_string_append_printf(buf, "p%02x.%02x",
1122 gdb_get_cpu_pid(cpu), cpu_gdb_index(cpu));
1123 } else {
1124 g_string_append_printf(buf, "%02x", cpu_gdb_index(cpu));
1125 }
1126 }
1127
1128 typedef enum GDBThreadIdKind {
1129 GDB_ONE_THREAD = 0,
1130 GDB_ALL_THREADS, /* One process, all threads */
1131 GDB_ALL_PROCESSES,
1132 GDB_READ_THREAD_ERR
1133 } GDBThreadIdKind;
1134
1135 static GDBThreadIdKind read_thread_id(const char *buf, const char **end_buf,
1136 uint32_t *pid, uint32_t *tid)
1137 {
1138 unsigned long p, t;
1139 int ret;
1140
1141 if (*buf == 'p') {
1142 buf++;
1143 ret = qemu_strtoul(buf, &buf, 16, &p);
1144
1145 if (ret) {
1146 return GDB_READ_THREAD_ERR;
1147 }
1148
1149 /* Skip '.' */
1150 buf++;
1151 } else {
1152 p = 1;
1153 }
1154
1155 ret = qemu_strtoul(buf, &buf, 16, &t);
1156
1157 if (ret) {
1158 return GDB_READ_THREAD_ERR;
1159 }
1160
1161 *end_buf = buf;
1162
1163 if (p == -1) {
1164 return GDB_ALL_PROCESSES;
1165 }
1166
1167 if (pid) {
1168 *pid = p;
1169 }
1170
1171 if (t == -1) {
1172 return GDB_ALL_THREADS;
1173 }
1174
1175 if (tid) {
1176 *tid = t;
1177 }
1178
1179 return GDB_ONE_THREAD;
1180 }
1181
1182 /**
1183 * gdb_handle_vcont - Parses and handles a vCont packet.
1184 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
1185 * a format error, 0 on success.
1186 */
1187 static int gdb_handle_vcont(const char *p)
1188 {
1189 int res, signal = 0;
1190 char cur_action;
1191 char *newstates;
1192 unsigned long tmp;
1193 uint32_t pid, tid;
1194 GDBProcess *process;
1195 CPUState *cpu;
1196 GDBThreadIdKind kind;
1197 #ifdef CONFIG_USER_ONLY
1198 int max_cpus = 1; /* global variable max_cpus exists only in system mode */
1199
1200 CPU_FOREACH(cpu) {
1201 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus;
1202 }
1203 #else
1204 MachineState *ms = MACHINE(qdev_get_machine());
1205 unsigned int max_cpus = ms->smp.max_cpus;
1206 #endif
1207 /* uninitialised CPUs stay 0 */
1208 newstates = g_new0(char, max_cpus);
1209
1210 /* mark valid CPUs with 1 */
1211 CPU_FOREACH(cpu) {
1212 newstates[cpu->cpu_index] = 1;
1213 }
1214
1215 /*
1216 * res keeps track of what error we are returning, with -ENOTSUP meaning
1217 * that the command is unknown or unsupported, thus returning an empty
1218 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
1219 * or incorrect parameters passed.
1220 */
1221 res = 0;
1222 while (*p) {
1223 if (*p++ != ';') {
1224 res = -ENOTSUP;
1225 goto out;
1226 }
1227
1228 cur_action = *p++;
1229 if (cur_action == 'C' || cur_action == 'S') {
1230 cur_action = qemu_tolower(cur_action);
1231 res = qemu_strtoul(p + 1, &p, 16, &tmp);
1232 if (res) {
1233 goto out;
1234 }
1235 signal = gdb_signal_to_target(tmp);
1236 } else if (cur_action != 'c' && cur_action != 's') {
1237 /* unknown/invalid/unsupported command */
1238 res = -ENOTSUP;
1239 goto out;
1240 }
1241
1242 if (*p == '\0' || *p == ';') {
1243 /*
1244 * No thread specifier, action is on "all threads". The
1245 * specification is unclear regarding the process to act on. We
1246 * choose all processes.
1247 */
1248 kind = GDB_ALL_PROCESSES;
1249 } else if (*p++ == ':') {
1250 kind = read_thread_id(p, &p, &pid, &tid);
1251 } else {
1252 res = -ENOTSUP;
1253 goto out;
1254 }
1255
1256 switch (kind) {
1257 case GDB_READ_THREAD_ERR:
1258 res = -EINVAL;
1259 goto out;
1260
1261 case GDB_ALL_PROCESSES:
1262 cpu = gdb_first_attached_cpu();
1263 while (cpu) {
1264 if (newstates[cpu->cpu_index] == 1) {
1265 newstates[cpu->cpu_index] = cur_action;
1266 }
1267
1268 cpu = gdb_next_attached_cpu(cpu);
1269 }
1270 break;
1271
1272 case GDB_ALL_THREADS:
1273 process = gdb_get_process(pid);
1274
1275 if (!process->attached) {
1276 res = -EINVAL;
1277 goto out;
1278 }
1279
1280 cpu = get_first_cpu_in_process(process);
1281 while (cpu) {
1282 if (newstates[cpu->cpu_index] == 1) {
1283 newstates[cpu->cpu_index] = cur_action;
1284 }
1285
1286 cpu = gdb_next_cpu_in_process(cpu);
1287 }
1288 break;
1289
1290 case GDB_ONE_THREAD:
1291 cpu = gdb_get_cpu(pid, tid);
1292
1293 /* invalid CPU/thread specified */
1294 if (!cpu) {
1295 res = -EINVAL;
1296 goto out;
1297 }
1298
1299 /* only use if no previous match occourred */
1300 if (newstates[cpu->cpu_index] == 1) {
1301 newstates[cpu->cpu_index] = cur_action;
1302 }
1303 break;
1304 }
1305 }
1306 gdbserver_state.signal = signal;
1307 gdb_continue_partial(newstates);
1308
1309 out:
1310 g_free(newstates);
1311
1312 return res;
1313 }
1314
1315 typedef union GdbCmdVariant {
1316 const char *data;
1317 uint8_t opcode;
1318 unsigned long val_ul;
1319 unsigned long long val_ull;
1320 struct {
1321 GDBThreadIdKind kind;
1322 uint32_t pid;
1323 uint32_t tid;
1324 } thread_id;
1325 } GdbCmdVariant;
1326
1327 static const char *cmd_next_param(const char *param, const char delimiter)
1328 {
1329 static const char all_delimiters[] = ",;:=";
1330 char curr_delimiters[2] = {0};
1331 const char *delimiters;
1332
1333 if (delimiter == '?') {
1334 delimiters = all_delimiters;
1335 } else if (delimiter == '0') {
1336 return strchr(param, '\0');
1337 } else if (delimiter == '.' && *param) {
1338 return param + 1;
1339 } else {
1340 curr_delimiters[0] = delimiter;
1341 delimiters = curr_delimiters;
1342 }
1343
1344 param += strcspn(param, delimiters);
1345 if (*param) {
1346 param++;
1347 }
1348 return param;
1349 }
1350
1351 static int cmd_parse_params(const char *data, const char *schema,
1352 GdbCmdVariant *params, int *num_params)
1353 {
1354 int curr_param;
1355 const char *curr_schema, *curr_data;
1356
1357 *num_params = 0;
1358
1359 if (!schema) {
1360 return 0;
1361 }
1362
1363 curr_schema = schema;
1364 curr_param = 0;
1365 curr_data = data;
1366 while (curr_schema[0] && curr_schema[1] && *curr_data) {
1367 switch (curr_schema[0]) {
1368 case 'l':
1369 if (qemu_strtoul(curr_data, &curr_data, 16,
1370 &params[curr_param].val_ul)) {
1371 return -EINVAL;
1372 }
1373 curr_param++;
1374 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1375 break;
1376 case 'L':
1377 if (qemu_strtou64(curr_data, &curr_data, 16,
1378 (uint64_t *)&params[curr_param].val_ull)) {
1379 return -EINVAL;
1380 }
1381 curr_param++;
1382 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1383 break;
1384 case 's':
1385 params[curr_param].data = curr_data;
1386 curr_param++;
1387 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1388 break;
1389 case 'o':
1390 params[curr_param].opcode = *(uint8_t *)curr_data;
1391 curr_param++;
1392 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1393 break;
1394 case 't':
1395 params[curr_param].thread_id.kind =
1396 read_thread_id(curr_data, &curr_data,
1397 &params[curr_param].thread_id.pid,
1398 &params[curr_param].thread_id.tid);
1399 curr_param++;
1400 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1401 break;
1402 case '?':
1403 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1404 break;
1405 default:
1406 return -EINVAL;
1407 }
1408 curr_schema += 2;
1409 }
1410
1411 *num_params = curr_param;
1412 return 0;
1413 }
1414
1415 typedef struct GdbCmdContext {
1416 GdbCmdVariant *params;
1417 int num_params;
1418 } GdbCmdContext;
1419
1420 typedef void (*GdbCmdHandler)(GdbCmdContext *gdb_ctx, void *user_ctx);
1421
1422 /*
1423 * cmd_startswith -> cmd is compared using startswith
1424 *
1425 *
1426 * schema definitions:
1427 * Each schema parameter entry consists of 2 chars,
1428 * the first char represents the parameter type handling
1429 * the second char represents the delimiter for the next parameter
1430 *
1431 * Currently supported schema types:
1432 * 'l' -> unsigned long (stored in .val_ul)
1433 * 'L' -> unsigned long long (stored in .val_ull)
1434 * 's' -> string (stored in .data)
1435 * 'o' -> single char (stored in .opcode)
1436 * 't' -> thread id (stored in .thread_id)
1437 * '?' -> skip according to delimiter
1438 *
1439 * Currently supported delimiters:
1440 * '?' -> Stop at any delimiter (",;:=\0")
1441 * '0' -> Stop at "\0"
1442 * '.' -> Skip 1 char unless reached "\0"
1443 * Any other value is treated as the delimiter value itself
1444 */
1445 typedef struct GdbCmdParseEntry {
1446 GdbCmdHandler handler;
1447 const char *cmd;
1448 bool cmd_startswith;
1449 const char *schema;
1450 } GdbCmdParseEntry;
1451
1452 static inline int startswith(const char *string, const char *pattern)
1453 {
1454 return !strncmp(string, pattern, strlen(pattern));
1455 }
1456
1457 static int process_string_cmd(void *user_ctx, const char *data,
1458 const GdbCmdParseEntry *cmds, int num_cmds)
1459 {
1460 int i, schema_len, max_num_params = 0;
1461 GdbCmdContext gdb_ctx;
1462
1463 if (!cmds) {
1464 return -1;
1465 }
1466
1467 for (i = 0; i < num_cmds; i++) {
1468 const GdbCmdParseEntry *cmd = &cmds[i];
1469 g_assert(cmd->handler && cmd->cmd);
1470
1471 if ((cmd->cmd_startswith && !startswith(data, cmd->cmd)) ||
1472 (!cmd->cmd_startswith && strcmp(cmd->cmd, data))) {
1473 continue;
1474 }
1475
1476 if (cmd->schema) {
1477 schema_len = strlen(cmd->schema);
1478 if (schema_len % 2) {
1479 return -2;
1480 }
1481
1482 max_num_params = schema_len / 2;
1483 }
1484
1485 gdb_ctx.params =
1486 (GdbCmdVariant *)alloca(sizeof(*gdb_ctx.params) * max_num_params);
1487 memset(gdb_ctx.params, 0, sizeof(*gdb_ctx.params) * max_num_params);
1488
1489 if (cmd_parse_params(&data[strlen(cmd->cmd)], cmd->schema,
1490 gdb_ctx.params, &gdb_ctx.num_params)) {
1491 return -1;
1492 }
1493
1494 cmd->handler(&gdb_ctx, user_ctx);
1495 return 0;
1496 }
1497
1498 return -1;
1499 }
1500
1501 static void run_cmd_parser(const char *data, const GdbCmdParseEntry *cmd)
1502 {
1503 if (!data) {
1504 return;
1505 }
1506
1507 g_string_set_size(gdbserver_state.str_buf, 0);
1508 g_byte_array_set_size(gdbserver_state.mem_buf, 0);
1509
1510 /* In case there was an error during the command parsing we must
1511 * send a NULL packet to indicate the command is not supported */
1512 if (process_string_cmd(NULL, data, cmd, 1)) {
1513 put_packet("");
1514 }
1515 }
1516
1517 static void handle_detach(GdbCmdContext *gdb_ctx, void *user_ctx)
1518 {
1519 GDBProcess *process;
1520 uint32_t pid = 1;
1521
1522 if (gdbserver_state.multiprocess) {
1523 if (!gdb_ctx->num_params) {
1524 put_packet("E22");
1525 return;
1526 }
1527
1528 pid = gdb_ctx->params[0].val_ul;
1529 }
1530
1531 process = gdb_get_process(pid);
1532 gdb_process_breakpoint_remove_all(process);
1533 process->attached = false;
1534
1535 if (pid == gdb_get_cpu_pid(gdbserver_state.c_cpu)) {
1536 gdbserver_state.c_cpu = gdb_first_attached_cpu();
1537 }
1538
1539 if (pid == gdb_get_cpu_pid(gdbserver_state.g_cpu)) {
1540 gdbserver_state.g_cpu = gdb_first_attached_cpu();
1541 }
1542
1543 if (!gdbserver_state.c_cpu) {
1544 /* No more process attached */
1545 gdb_syscall_mode = GDB_SYS_DISABLED;
1546 gdb_continue();
1547 }
1548 put_packet("OK");
1549 }
1550
1551 static void handle_thread_alive(GdbCmdContext *gdb_ctx, void *user_ctx)
1552 {
1553 CPUState *cpu;
1554
1555 if (!gdb_ctx->num_params) {
1556 put_packet("E22");
1557 return;
1558 }
1559
1560 if (gdb_ctx->params[0].thread_id.kind == GDB_READ_THREAD_ERR) {
1561 put_packet("E22");
1562 return;
1563 }
1564
1565 cpu = gdb_get_cpu(gdb_ctx->params[0].thread_id.pid,
1566 gdb_ctx->params[0].thread_id.tid);
1567 if (!cpu) {
1568 put_packet("E22");
1569 return;
1570 }
1571
1572 put_packet("OK");
1573 }
1574
1575 static void handle_continue(GdbCmdContext *gdb_ctx, void *user_ctx)
1576 {
1577 if (gdb_ctx->num_params) {
1578 gdb_set_cpu_pc(gdb_ctx->params[0].val_ull);
1579 }
1580
1581 gdbserver_state.signal = 0;
1582 gdb_continue();
1583 }
1584
1585 static void handle_cont_with_sig(GdbCmdContext *gdb_ctx, void *user_ctx)
1586 {
1587 unsigned long signal = 0;
1588
1589 /*
1590 * Note: C sig;[addr] is currently unsupported and we simply
1591 * omit the addr parameter
1592 */
1593 if (gdb_ctx->num_params) {
1594 signal = gdb_ctx->params[0].val_ul;
1595 }
1596
1597 gdbserver_state.signal = gdb_signal_to_target(signal);
1598 if (gdbserver_state.signal == -1) {
1599 gdbserver_state.signal = 0;
1600 }
1601 gdb_continue();
1602 }
1603
1604 static void handle_set_thread(GdbCmdContext *gdb_ctx, void *user_ctx)
1605 {
1606 CPUState *cpu;
1607
1608 if (gdb_ctx->num_params != 2) {
1609 put_packet("E22");
1610 return;
1611 }
1612
1613 if (gdb_ctx->params[1].thread_id.kind == GDB_READ_THREAD_ERR) {
1614 put_packet("E22");
1615 return;
1616 }
1617
1618 if (gdb_ctx->params[1].thread_id.kind != GDB_ONE_THREAD) {
1619 put_packet("OK");
1620 return;
1621 }
1622
1623 cpu = gdb_get_cpu(gdb_ctx->params[1].thread_id.pid,
1624 gdb_ctx->params[1].thread_id.tid);
1625 if (!cpu) {
1626 put_packet("E22");
1627 return;
1628 }
1629
1630 /*
1631 * Note: This command is deprecated and modern gdb's will be using the
1632 * vCont command instead.
1633 */
1634 switch (gdb_ctx->params[0].opcode) {
1635 case 'c':
1636 gdbserver_state.c_cpu = cpu;
1637 put_packet("OK");
1638 break;
1639 case 'g':
1640 gdbserver_state.g_cpu = cpu;
1641 put_packet("OK");
1642 break;
1643 default:
1644 put_packet("E22");
1645 break;
1646 }
1647 }
1648
1649 static void handle_insert_bp(GdbCmdContext *gdb_ctx, void *user_ctx)
1650 {
1651 int res;
1652
1653 if (gdb_ctx->num_params != 3) {
1654 put_packet("E22");
1655 return;
1656 }
1657
1658 res = gdb_breakpoint_insert(gdb_ctx->params[0].val_ul,
1659 gdb_ctx->params[1].val_ull,
1660 gdb_ctx->params[2].val_ull);
1661 if (res >= 0) {
1662 put_packet("OK");
1663 return;
1664 } else if (res == -ENOSYS) {
1665 put_packet("");
1666 return;
1667 }
1668
1669 put_packet("E22");
1670 }
1671
1672 static void handle_remove_bp(GdbCmdContext *gdb_ctx, void *user_ctx)
1673 {
1674 int res;
1675
1676 if (gdb_ctx->num_params != 3) {
1677 put_packet("E22");
1678 return;
1679 }
1680
1681 res = gdb_breakpoint_remove(gdb_ctx->params[0].val_ul,
1682 gdb_ctx->params[1].val_ull,
1683 gdb_ctx->params[2].val_ull);
1684 if (res >= 0) {
1685 put_packet("OK");
1686 return;
1687 } else if (res == -ENOSYS) {
1688 put_packet("");
1689 return;
1690 }
1691
1692 put_packet("E22");
1693 }
1694
1695 /*
1696 * handle_set/get_reg
1697 *
1698 * Older gdb are really dumb, and don't use 'G/g' if 'P/p' is available.
1699 * This works, but can be very slow. Anything new enough to understand
1700 * XML also knows how to use this properly. However to use this we
1701 * need to define a local XML file as well as be talking to a
1702 * reasonably modern gdb. Responding with an empty packet will cause
1703 * the remote gdb to fallback to older methods.
1704 */
1705
1706 static void handle_set_reg(GdbCmdContext *gdb_ctx, void *user_ctx)
1707 {
1708 int reg_size;
1709
1710 if (!gdb_has_xml) {
1711 put_packet("");
1712 return;
1713 }
1714
1715 if (gdb_ctx->num_params != 2) {
1716 put_packet("E22");
1717 return;
1718 }
1719
1720 reg_size = strlen(gdb_ctx->params[1].data) / 2;
1721 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[1].data, reg_size);
1722 gdb_write_register(gdbserver_state.g_cpu, gdbserver_state.mem_buf->data,
1723 gdb_ctx->params[0].val_ull);
1724 put_packet("OK");
1725 }
1726
1727 static void handle_get_reg(GdbCmdContext *gdb_ctx, void *user_ctx)
1728 {
1729 int reg_size;
1730
1731 if (!gdb_has_xml) {
1732 put_packet("");
1733 return;
1734 }
1735
1736 if (!gdb_ctx->num_params) {
1737 put_packet("E14");
1738 return;
1739 }
1740
1741 reg_size = gdb_read_register(gdbserver_state.g_cpu,
1742 gdbserver_state.mem_buf,
1743 gdb_ctx->params[0].val_ull);
1744 if (!reg_size) {
1745 put_packet("E14");
1746 return;
1747 } else {
1748 g_byte_array_set_size(gdbserver_state.mem_buf, reg_size);
1749 }
1750
1751 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, reg_size);
1752 put_strbuf();
1753 }
1754
1755 static void handle_write_mem(GdbCmdContext *gdb_ctx, void *user_ctx)
1756 {
1757 if (gdb_ctx->num_params != 3) {
1758 put_packet("E22");
1759 return;
1760 }
1761
1762 /* hextomem() reads 2*len bytes */
1763 if (gdb_ctx->params[1].val_ull > strlen(gdb_ctx->params[2].data) / 2) {
1764 put_packet("E22");
1765 return;
1766 }
1767
1768 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[2].data,
1769 gdb_ctx->params[1].val_ull);
1770 if (target_memory_rw_debug(gdbserver_state.g_cpu, gdb_ctx->params[0].val_ull,
1771 gdbserver_state.mem_buf->data,
1772 gdbserver_state.mem_buf->len, true)) {
1773 put_packet("E14");
1774 return;
1775 }
1776
1777 put_packet("OK");
1778 }
1779
1780 static void handle_read_mem(GdbCmdContext *gdb_ctx, void *user_ctx)
1781 {
1782 if (gdb_ctx->num_params != 2) {
1783 put_packet("E22");
1784 return;
1785 }
1786
1787 /* memtohex() doubles the required space */
1788 if (gdb_ctx->params[1].val_ull > MAX_PACKET_LENGTH / 2) {
1789 put_packet("E22");
1790 return;
1791 }
1792
1793 g_byte_array_set_size(gdbserver_state.mem_buf, gdb_ctx->params[1].val_ull);
1794
1795 if (target_memory_rw_debug(gdbserver_state.g_cpu, gdb_ctx->params[0].val_ull,
1796 gdbserver_state.mem_buf->data,
1797 gdbserver_state.mem_buf->len, false)) {
1798 put_packet("E14");
1799 return;
1800 }
1801
1802 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data,
1803 gdbserver_state.mem_buf->len);
1804 put_strbuf();
1805 }
1806
1807 static void handle_write_all_regs(GdbCmdContext *gdb_ctx, void *user_ctx)
1808 {
1809 target_ulong addr, len;
1810 uint8_t *registers;
1811 int reg_size;
1812
1813 if (!gdb_ctx->num_params) {
1814 return;
1815 }
1816
1817 cpu_synchronize_state(gdbserver_state.g_cpu);
1818 len = strlen(gdb_ctx->params[0].data) / 2;
1819 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[0].data, len);
1820 registers = gdbserver_state.mem_buf->data;
1821 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs && len > 0;
1822 addr++) {
1823 reg_size = gdb_write_register(gdbserver_state.g_cpu, registers, addr);
1824 len -= reg_size;
1825 registers += reg_size;
1826 }
1827 put_packet("OK");
1828 }
1829
1830 static void handle_read_all_regs(GdbCmdContext *gdb_ctx, void *user_ctx)
1831 {
1832 target_ulong addr, len;
1833
1834 cpu_synchronize_state(gdbserver_state.g_cpu);
1835 g_byte_array_set_size(gdbserver_state.mem_buf, 0);
1836 len = 0;
1837 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs; addr++) {
1838 len += gdb_read_register(gdbserver_state.g_cpu,
1839 gdbserver_state.mem_buf,
1840 addr);
1841 }
1842 g_assert(len == gdbserver_state.mem_buf->len);
1843
1844 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, len);
1845 put_strbuf();
1846 }
1847
1848 static void handle_file_io(GdbCmdContext *gdb_ctx, void *user_ctx)
1849 {
1850 if (gdb_ctx->num_params >= 1 && gdbserver_state.current_syscall_cb) {
1851 target_ulong ret, err;
1852
1853 ret = (target_ulong)gdb_ctx->params[0].val_ull;
1854 if (gdb_ctx->num_params >= 2) {
1855 err = (target_ulong)gdb_ctx->params[1].val_ull;
1856 } else {
1857 err = 0;
1858 }
1859 gdbserver_state.current_syscall_cb(gdbserver_state.c_cpu, ret, err);
1860 gdbserver_state.current_syscall_cb = NULL;
1861 }
1862
1863 if (gdb_ctx->num_params >= 3 && gdb_ctx->params[2].opcode == (uint8_t)'C') {
1864 put_packet("T02");
1865 return;
1866 }
1867
1868 gdb_continue();
1869 }
1870
1871 static void handle_step(GdbCmdContext *gdb_ctx, void *user_ctx)
1872 {
1873 if (gdb_ctx->num_params) {
1874 gdb_set_cpu_pc((target_ulong)gdb_ctx->params[0].val_ull);
1875 }
1876
1877 cpu_single_step(gdbserver_state.c_cpu, sstep_flags);
1878 gdb_continue();
1879 }
1880
1881 static void handle_v_cont_query(GdbCmdContext *gdb_ctx, void *user_ctx)
1882 {
1883 put_packet("vCont;c;C;s;S");
1884 }
1885
1886 static void handle_v_cont(GdbCmdContext *gdb_ctx, void *user_ctx)
1887 {
1888 int res;
1889
1890 if (!gdb_ctx->num_params) {
1891 return;
1892 }
1893
1894 res = gdb_handle_vcont(gdb_ctx->params[0].data);
1895 if ((res == -EINVAL) || (res == -ERANGE)) {
1896 put_packet("E22");
1897 } else if (res) {
1898 put_packet("");
1899 }
1900 }
1901
1902 static void handle_v_attach(GdbCmdContext *gdb_ctx, void *user_ctx)
1903 {
1904 GDBProcess *process;
1905 CPUState *cpu;
1906
1907 g_string_assign(gdbserver_state.str_buf, "E22");
1908 if (!gdb_ctx->num_params) {
1909 goto cleanup;
1910 }
1911
1912 process = gdb_get_process(gdb_ctx->params[0].val_ul);
1913 if (!process) {
1914 goto cleanup;
1915 }
1916
1917 cpu = get_first_cpu_in_process(process);
1918 if (!cpu) {
1919 goto cleanup;
1920 }
1921
1922 process->attached = true;
1923 gdbserver_state.g_cpu = cpu;
1924 gdbserver_state.c_cpu = cpu;
1925
1926 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
1927 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
1928 g_string_append_c(gdbserver_state.str_buf, ';');
1929 cleanup:
1930 put_strbuf();
1931 }
1932
1933 static void handle_v_kill(GdbCmdContext *gdb_ctx, void *user_ctx)
1934 {
1935 /* Kill the target */
1936 put_packet("OK");
1937 error_report("QEMU: Terminated via GDBstub");
1938 exit(0);
1939 }
1940
1941 static GdbCmdParseEntry gdb_v_commands_table[] = {
1942 /* Order is important if has same prefix */
1943 {
1944 .handler = handle_v_cont_query,
1945 .cmd = "Cont?",
1946 .cmd_startswith = 1
1947 },
1948 {
1949 .handler = handle_v_cont,
1950 .cmd = "Cont",
1951 .cmd_startswith = 1,
1952 .schema = "s0"
1953 },
1954 {
1955 .handler = handle_v_attach,
1956 .cmd = "Attach;",
1957 .cmd_startswith = 1,
1958 .schema = "l0"
1959 },
1960 {
1961 .handler = handle_v_kill,
1962 .cmd = "Kill;",
1963 .cmd_startswith = 1
1964 },
1965 };
1966
1967 static void handle_v_commands(GdbCmdContext *gdb_ctx, void *user_ctx)
1968 {
1969 if (!gdb_ctx->num_params) {
1970 return;
1971 }
1972
1973 if (process_string_cmd(NULL, gdb_ctx->params[0].data,
1974 gdb_v_commands_table,
1975 ARRAY_SIZE(gdb_v_commands_table))) {
1976 put_packet("");
1977 }
1978 }
1979
1980 static void handle_query_qemu_sstepbits(GdbCmdContext *gdb_ctx, void *user_ctx)
1981 {
1982 g_string_printf(gdbserver_state.str_buf, "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1983 SSTEP_ENABLE, SSTEP_NOIRQ, SSTEP_NOTIMER);
1984 put_strbuf();
1985 }
1986
1987 static void handle_set_qemu_sstep(GdbCmdContext *gdb_ctx, void *user_ctx)
1988 {
1989 if (!gdb_ctx->num_params) {
1990 return;
1991 }
1992
1993 sstep_flags = gdb_ctx->params[0].val_ul;
1994 put_packet("OK");
1995 }
1996
1997 static void handle_query_qemu_sstep(GdbCmdContext *gdb_ctx, void *user_ctx)
1998 {
1999 g_string_printf(gdbserver_state.str_buf, "0x%x", sstep_flags);
2000 put_strbuf();
2001 }
2002
2003 static void handle_query_curr_tid(GdbCmdContext *gdb_ctx, void *user_ctx)
2004 {
2005 CPUState *cpu;
2006 GDBProcess *process;
2007
2008 /*
2009 * "Current thread" remains vague in the spec, so always return
2010 * the first thread of the current process (gdb returns the
2011 * first thread).
2012 */
2013 process = gdb_get_cpu_process(gdbserver_state.g_cpu);
2014 cpu = get_first_cpu_in_process(process);
2015 g_string_assign(gdbserver_state.str_buf, "QC");
2016 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
2017 put_strbuf();
2018 }
2019
2020 static void handle_query_threads(GdbCmdContext *gdb_ctx, void *user_ctx)
2021 {
2022 if (!gdbserver_state.query_cpu) {
2023 put_packet("l");
2024 return;
2025 }
2026
2027 g_string_assign(gdbserver_state.str_buf, "m");
2028 gdb_append_thread_id(gdbserver_state.query_cpu, gdbserver_state.str_buf);
2029 put_strbuf();
2030 gdbserver_state.query_cpu = gdb_next_attached_cpu(gdbserver_state.query_cpu);
2031 }
2032
2033 static void handle_query_first_threads(GdbCmdContext *gdb_ctx, void *user_ctx)
2034 {
2035 gdbserver_state.query_cpu = gdb_first_attached_cpu();
2036 handle_query_threads(gdb_ctx, user_ctx);
2037 }
2038
2039 static void handle_query_thread_extra(GdbCmdContext *gdb_ctx, void *user_ctx)
2040 {
2041 g_autoptr(GString) rs = g_string_new(NULL);
2042 CPUState *cpu;
2043
2044 if (!gdb_ctx->num_params ||
2045 gdb_ctx->params[0].thread_id.kind == GDB_READ_THREAD_ERR) {
2046 put_packet("E22");
2047 return;
2048 }
2049
2050 cpu = gdb_get_cpu(gdb_ctx->params[0].thread_id.pid,
2051 gdb_ctx->params[0].thread_id.tid);
2052 if (!cpu) {
2053 return;
2054 }
2055
2056 cpu_synchronize_state(cpu);
2057
2058 if (gdbserver_state.multiprocess && (gdbserver_state.process_num > 1)) {
2059 /* Print the CPU model and name in multiprocess mode */
2060 ObjectClass *oc = object_get_class(OBJECT(cpu));
2061 const char *cpu_model = object_class_get_name(oc);
2062 const char *cpu_name =
2063 object_get_canonical_path_component(OBJECT(cpu));
2064 g_string_printf(rs, "%s %s [%s]", cpu_model, cpu_name,
2065 cpu->halted ? "halted " : "running");
2066 } else {
2067 g_string_printf(rs, "CPU#%d [%s]", cpu->cpu_index,
2068 cpu->halted ? "halted " : "running");
2069 }
2070 trace_gdbstub_op_extra_info(rs->str);
2071 memtohex(gdbserver_state.str_buf, (uint8_t *)rs->str, rs->len);
2072 put_strbuf();
2073 }
2074
2075 #ifdef CONFIG_USER_ONLY
2076 static void handle_query_offsets(GdbCmdContext *gdb_ctx, void *user_ctx)
2077 {
2078 TaskState *ts;
2079
2080 ts = gdbserver_state.c_cpu->opaque;
2081 g_string_printf(gdbserver_state.str_buf,
2082 "Text=" TARGET_ABI_FMT_lx
2083 ";Data=" TARGET_ABI_FMT_lx
2084 ";Bss=" TARGET_ABI_FMT_lx,
2085 ts->info->code_offset,
2086 ts->info->data_offset,
2087 ts->info->data_offset);
2088 put_strbuf();
2089 }
2090 #else
2091 static void handle_query_rcmd(GdbCmdContext *gdb_ctx, void *user_ctx)
2092 {
2093 const guint8 zero = 0;
2094 int len;
2095
2096 if (!gdb_ctx->num_params) {
2097 put_packet("E22");
2098 return;
2099 }
2100
2101 len = strlen(gdb_ctx->params[0].data);
2102 if (len % 2) {
2103 put_packet("E01");
2104 return;
2105 }
2106
2107 g_assert(gdbserver_state.mem_buf->len == 0);
2108 len = len / 2;
2109 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[0].data, len);
2110 g_byte_array_append(gdbserver_state.mem_buf, &zero, 1);
2111 qemu_chr_be_write(gdbserver_state.mon_chr, gdbserver_state.mem_buf->data,
2112 gdbserver_state.mem_buf->len);
2113 put_packet("OK");
2114 }
2115 #endif
2116
2117 static void handle_query_supported(GdbCmdContext *gdb_ctx, void *user_ctx)
2118 {
2119 CPUClass *cc;
2120
2121 g_string_printf(gdbserver_state.str_buf, "PacketSize=%x", MAX_PACKET_LENGTH);
2122 cc = CPU_GET_CLASS(first_cpu);
2123 if (cc->gdb_core_xml_file) {
2124 g_string_append(gdbserver_state.str_buf, ";qXfer:features:read+");
2125 }
2126
2127 if (gdb_ctx->num_params &&
2128 strstr(gdb_ctx->params[0].data, "multiprocess+")) {
2129 gdbserver_state.multiprocess = true;
2130 }
2131
2132 g_string_append(gdbserver_state.str_buf, ";vContSupported+;multiprocess+");
2133 put_strbuf();
2134 }
2135
2136 static void handle_query_xfer_features(GdbCmdContext *gdb_ctx, void *user_ctx)
2137 {
2138 GDBProcess *process;
2139 CPUClass *cc;
2140 unsigned long len, total_len, addr;
2141 const char *xml;
2142 const char *p;
2143
2144 if (gdb_ctx->num_params < 3) {
2145 put_packet("E22");
2146 return;
2147 }
2148
2149 process = gdb_get_cpu_process(gdbserver_state.g_cpu);
2150 cc = CPU_GET_CLASS(gdbserver_state.g_cpu);
2151 if (!cc->gdb_core_xml_file) {
2152 put_packet("");
2153 return;
2154 }
2155
2156 gdb_has_xml = true;
2157 p = gdb_ctx->params[0].data;
2158 xml = get_feature_xml(p, &p, process);
2159 if (!xml) {
2160 put_packet("E00");
2161 return;
2162 }
2163
2164 addr = gdb_ctx->params[1].val_ul;
2165 len = gdb_ctx->params[2].val_ul;
2166 total_len = strlen(xml);
2167 if (addr > total_len) {
2168 put_packet("E00");
2169 return;
2170 }
2171
2172 if (len > (MAX_PACKET_LENGTH - 5) / 2) {
2173 len = (MAX_PACKET_LENGTH - 5) / 2;
2174 }
2175
2176 if (len < total_len - addr) {
2177 g_string_assign(gdbserver_state.str_buf, "m");
2178 memtox(gdbserver_state.str_buf, xml + addr, len);
2179 } else {
2180 g_string_assign(gdbserver_state.str_buf, "l");
2181 memtox(gdbserver_state.str_buf, xml + addr, total_len - addr);
2182 }
2183
2184 put_packet_binary(gdbserver_state.str_buf->str,
2185 gdbserver_state.str_buf->len, true);
2186 }
2187
2188 static void handle_query_attached(GdbCmdContext *gdb_ctx, void *user_ctx)
2189 {
2190 put_packet(GDB_ATTACHED);
2191 }
2192
2193 static void handle_query_qemu_supported(GdbCmdContext *gdb_ctx, void *user_ctx)
2194 {
2195 g_string_printf(gdbserver_state.str_buf, "sstepbits;sstep");
2196 #ifndef CONFIG_USER_ONLY
2197 g_string_append(gdbserver_state.str_buf, ";PhyMemMode");
2198 #endif
2199 put_strbuf();
2200 }
2201
2202 #ifndef CONFIG_USER_ONLY
2203 static void handle_query_qemu_phy_mem_mode(GdbCmdContext *gdb_ctx,
2204 void *user_ctx)
2205 {
2206 g_string_printf(gdbserver_state.str_buf, "%d", phy_memory_mode);
2207 put_strbuf();
2208 }
2209
2210 static void handle_set_qemu_phy_mem_mode(GdbCmdContext *gdb_ctx, void *user_ctx)
2211 {
2212 if (!gdb_ctx->num_params) {
2213 put_packet("E22");
2214 return;
2215 }
2216
2217 if (!gdb_ctx->params[0].val_ul) {
2218 phy_memory_mode = 0;
2219 } else {
2220 phy_memory_mode = 1;
2221 }
2222 put_packet("OK");
2223 }
2224 #endif
2225
2226 static GdbCmdParseEntry gdb_gen_query_set_common_table[] = {
2227 /* Order is important if has same prefix */
2228 {
2229 .handler = handle_query_qemu_sstepbits,
2230 .cmd = "qemu.sstepbits",
2231 },
2232 {
2233 .handler = handle_query_qemu_sstep,
2234 .cmd = "qemu.sstep",
2235 },
2236 {
2237 .handler = handle_set_qemu_sstep,
2238 .cmd = "qemu.sstep=",
2239 .cmd_startswith = 1,
2240 .schema = "l0"
2241 },
2242 };
2243
2244 static GdbCmdParseEntry gdb_gen_query_table[] = {
2245 {
2246 .handler = handle_query_curr_tid,
2247 .cmd = "C",
2248 },
2249 {
2250 .handler = handle_query_threads,
2251 .cmd = "sThreadInfo",
2252 },
2253 {
2254 .handler = handle_query_first_threads,
2255 .cmd = "fThreadInfo",
2256 },
2257 {
2258 .handler = handle_query_thread_extra,
2259 .cmd = "ThreadExtraInfo,",
2260 .cmd_startswith = 1,
2261 .schema = "t0"
2262 },
2263 #ifdef CONFIG_USER_ONLY
2264 {
2265 .handler = handle_query_offsets,
2266 .cmd = "Offsets",
2267 },
2268 #else
2269 {
2270 .handler = handle_query_rcmd,
2271 .cmd = "Rcmd,",
2272 .cmd_startswith = 1,
2273 .schema = "s0"
2274 },
2275 #endif
2276 {
2277 .handler = handle_query_supported,
2278 .cmd = "Supported:",
2279 .cmd_startswith = 1,
2280 .schema = "s0"
2281 },
2282 {
2283 .handler = handle_query_supported,
2284 .cmd = "Supported",
2285 .schema = "s0"
2286 },
2287 {
2288 .handler = handle_query_xfer_features,
2289 .cmd = "Xfer:features:read:",
2290 .cmd_startswith = 1,
2291 .schema = "s:l,l0"
2292 },
2293 {
2294 .handler = handle_query_attached,
2295 .cmd = "Attached:",
2296 .cmd_startswith = 1
2297 },
2298 {
2299 .handler = handle_query_attached,
2300 .cmd = "Attached",
2301 },
2302 {
2303 .handler = handle_query_qemu_supported,
2304 .cmd = "qemu.Supported",
2305 },
2306 #ifndef CONFIG_USER_ONLY
2307 {
2308 .handler = handle_query_qemu_phy_mem_mode,
2309 .cmd = "qemu.PhyMemMode",
2310 },
2311 #endif
2312 };
2313
2314 static GdbCmdParseEntry gdb_gen_set_table[] = {
2315 /* Order is important if has same prefix */
2316 {
2317 .handler = handle_set_qemu_sstep,
2318 .cmd = "qemu.sstep:",
2319 .cmd_startswith = 1,
2320 .schema = "l0"
2321 },
2322 #ifndef CONFIG_USER_ONLY
2323 {
2324 .handler = handle_set_qemu_phy_mem_mode,
2325 .cmd = "qemu.PhyMemMode:",
2326 .cmd_startswith = 1,
2327 .schema = "l0"
2328 },
2329 #endif
2330 };
2331
2332 static void handle_gen_query(GdbCmdContext *gdb_ctx, void *user_ctx)
2333 {
2334 if (!gdb_ctx->num_params) {
2335 return;
2336 }
2337
2338 if (!process_string_cmd(NULL, gdb_ctx->params[0].data,
2339 gdb_gen_query_set_common_table,
2340 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2341 return;
2342 }
2343
2344 if (process_string_cmd(NULL, gdb_ctx->params[0].data,
2345 gdb_gen_query_table,
2346 ARRAY_SIZE(gdb_gen_query_table))) {
2347 put_packet("");
2348 }
2349 }
2350
2351 static void handle_gen_set(GdbCmdContext *gdb_ctx, void *user_ctx)
2352 {
2353 if (!gdb_ctx->num_params) {
2354 return;
2355 }
2356
2357 if (!process_string_cmd(NULL, gdb_ctx->params[0].data,
2358 gdb_gen_query_set_common_table,
2359 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2360 return;
2361 }
2362
2363 if (process_string_cmd(NULL, gdb_ctx->params[0].data,
2364 gdb_gen_set_table,
2365 ARRAY_SIZE(gdb_gen_set_table))) {
2366 put_packet("");
2367 }
2368 }
2369
2370 static void handle_target_halt(GdbCmdContext *gdb_ctx, void *user_ctx)
2371 {
2372 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
2373 gdb_append_thread_id(gdbserver_state.c_cpu, gdbserver_state.str_buf);
2374 g_string_append_c(gdbserver_state.str_buf, ';');
2375 put_strbuf();
2376 /*
2377 * Remove all the breakpoints when this query is issued,
2378 * because gdb is doing an initial connect and the state
2379 * should be cleaned up.
2380 */
2381 gdb_breakpoint_remove_all();
2382 }
2383
2384 static int gdb_handle_packet(const char *line_buf)
2385 {
2386 const GdbCmdParseEntry *cmd_parser = NULL;
2387
2388 trace_gdbstub_io_command(line_buf);
2389
2390 switch (line_buf[0]) {
2391 case '!':
2392 put_packet("OK");
2393 break;
2394 case '?':
2395 {
2396 static const GdbCmdParseEntry target_halted_cmd_desc = {
2397 .handler = handle_target_halt,
2398 .cmd = "?",
2399 .cmd_startswith = 1
2400 };
2401 cmd_parser = &target_halted_cmd_desc;
2402 }
2403 break;
2404 case 'c':
2405 {
2406 static const GdbCmdParseEntry continue_cmd_desc = {
2407 .handler = handle_continue,
2408 .cmd = "c",
2409 .cmd_startswith = 1,
2410 .schema = "L0"
2411 };
2412 cmd_parser = &continue_cmd_desc;
2413 }
2414 break;
2415 case 'C':
2416 {
2417 static const GdbCmdParseEntry cont_with_sig_cmd_desc = {
2418 .handler = handle_cont_with_sig,
2419 .cmd = "C",
2420 .cmd_startswith = 1,
2421 .schema = "l0"
2422 };
2423 cmd_parser = &cont_with_sig_cmd_desc;
2424 }
2425 break;
2426 case 'v':
2427 {
2428 static const GdbCmdParseEntry v_cmd_desc = {
2429 .handler = handle_v_commands,
2430 .cmd = "v",
2431 .cmd_startswith = 1,
2432 .schema = "s0"
2433 };
2434 cmd_parser = &v_cmd_desc;
2435 }
2436 break;
2437 case 'k':
2438 /* Kill the target */
2439 error_report("QEMU: Terminated via GDBstub");
2440 exit(0);
2441 case 'D':
2442 {
2443 static const GdbCmdParseEntry detach_cmd_desc = {
2444 .handler = handle_detach,
2445 .cmd = "D",
2446 .cmd_startswith = 1,
2447 .schema = "?.l0"
2448 };
2449 cmd_parser = &detach_cmd_desc;
2450 }
2451 break;
2452 case 's':
2453 {
2454 static const GdbCmdParseEntry step_cmd_desc = {
2455 .handler = handle_step,
2456 .cmd = "s",
2457 .cmd_startswith = 1,
2458 .schema = "L0"
2459 };
2460 cmd_parser = &step_cmd_desc;
2461 }
2462 break;
2463 case 'F':
2464 {
2465 static const GdbCmdParseEntry file_io_cmd_desc = {
2466 .handler = handle_file_io,
2467 .cmd = "F",
2468 .cmd_startswith = 1,
2469 .schema = "L,L,o0"
2470 };
2471 cmd_parser = &file_io_cmd_desc;
2472 }
2473 break;
2474 case 'g':
2475 {
2476 static const GdbCmdParseEntry read_all_regs_cmd_desc = {
2477 .handler = handle_read_all_regs,
2478 .cmd = "g",
2479 .cmd_startswith = 1
2480 };
2481 cmd_parser = &read_all_regs_cmd_desc;
2482 }
2483 break;
2484 case 'G':
2485 {
2486 static const GdbCmdParseEntry write_all_regs_cmd_desc = {
2487 .handler = handle_write_all_regs,
2488 .cmd = "G",
2489 .cmd_startswith = 1,
2490 .schema = "s0"
2491 };
2492 cmd_parser = &write_all_regs_cmd_desc;
2493 }
2494 break;
2495 case 'm':
2496 {
2497 static const GdbCmdParseEntry read_mem_cmd_desc = {
2498 .handler = handle_read_mem,
2499 .cmd = "m",
2500 .cmd_startswith = 1,
2501 .schema = "L,L0"
2502 };
2503 cmd_parser = &read_mem_cmd_desc;
2504 }
2505 break;
2506 case 'M':
2507 {
2508 static const GdbCmdParseEntry write_mem_cmd_desc = {
2509 .handler = handle_write_mem,
2510 .cmd = "M",
2511 .cmd_startswith = 1,
2512 .schema = "L,L:s0"
2513 };
2514 cmd_parser = &write_mem_cmd_desc;
2515 }
2516 break;
2517 case 'p':
2518 {
2519 static const GdbCmdParseEntry get_reg_cmd_desc = {
2520 .handler = handle_get_reg,
2521 .cmd = "p",
2522 .cmd_startswith = 1,
2523 .schema = "L0"
2524 };
2525 cmd_parser = &get_reg_cmd_desc;
2526 }
2527 break;
2528 case 'P':
2529 {
2530 static const GdbCmdParseEntry set_reg_cmd_desc = {
2531 .handler = handle_set_reg,
2532 .cmd = "P",
2533 .cmd_startswith = 1,
2534 .schema = "L?s0"
2535 };
2536 cmd_parser = &set_reg_cmd_desc;
2537 }
2538 break;
2539 case 'Z':
2540 {
2541 static const GdbCmdParseEntry insert_bp_cmd_desc = {
2542 .handler = handle_insert_bp,
2543 .cmd = "Z",
2544 .cmd_startswith = 1,
2545 .schema = "l?L?L0"
2546 };
2547 cmd_parser = &insert_bp_cmd_desc;
2548 }
2549 break;
2550 case 'z':
2551 {
2552 static const GdbCmdParseEntry remove_bp_cmd_desc = {
2553 .handler = handle_remove_bp,
2554 .cmd = "z",
2555 .cmd_startswith = 1,
2556 .schema = "l?L?L0"
2557 };
2558 cmd_parser = &remove_bp_cmd_desc;
2559 }
2560 break;
2561 case 'H':
2562 {
2563 static const GdbCmdParseEntry set_thread_cmd_desc = {
2564 .handler = handle_set_thread,
2565 .cmd = "H",
2566 .cmd_startswith = 1,
2567 .schema = "o.t0"
2568 };
2569 cmd_parser = &set_thread_cmd_desc;
2570 }
2571 break;
2572 case 'T':
2573 {
2574 static const GdbCmdParseEntry thread_alive_cmd_desc = {
2575 .handler = handle_thread_alive,
2576 .cmd = "T",
2577 .cmd_startswith = 1,
2578 .schema = "t0"
2579 };
2580 cmd_parser = &thread_alive_cmd_desc;
2581 }
2582 break;
2583 case 'q':
2584 {
2585 static const GdbCmdParseEntry gen_query_cmd_desc = {
2586 .handler = handle_gen_query,
2587 .cmd = "q",
2588 .cmd_startswith = 1,
2589 .schema = "s0"
2590 };
2591 cmd_parser = &gen_query_cmd_desc;
2592 }
2593 break;
2594 case 'Q':
2595 {
2596 static const GdbCmdParseEntry gen_set_cmd_desc = {
2597 .handler = handle_gen_set,
2598 .cmd = "Q",
2599 .cmd_startswith = 1,
2600 .schema = "s0"
2601 };
2602 cmd_parser = &gen_set_cmd_desc;
2603 }
2604 break;
2605 default:
2606 /* put empty packet */
2607 put_packet("");
2608 break;
2609 }
2610
2611 if (cmd_parser) {
2612 run_cmd_parser(line_buf, cmd_parser);
2613 }
2614
2615 return RS_IDLE;
2616 }
2617
2618 void gdb_set_stop_cpu(CPUState *cpu)
2619 {
2620 GDBProcess *p = gdb_get_cpu_process(cpu);
2621
2622 if (!p->attached) {
2623 /*
2624 * Having a stop CPU corresponding to a process that is not attached
2625 * confuses GDB. So we ignore the request.
2626 */
2627 return;
2628 }
2629
2630 gdbserver_state.c_cpu = cpu;
2631 gdbserver_state.g_cpu = cpu;
2632 }
2633
2634 #ifndef CONFIG_USER_ONLY
2635 static void gdb_vm_state_change(void *opaque, int running, RunState state)
2636 {
2637 CPUState *cpu = gdbserver_state.c_cpu;
2638 g_autoptr(GString) buf = g_string_new(NULL);
2639 g_autoptr(GString) tid = g_string_new(NULL);
2640 const char *type;
2641 int ret;
2642
2643 if (running || gdbserver_state.state == RS_INACTIVE) {
2644 return;
2645 }
2646 /* Is there a GDB syscall waiting to be sent? */
2647 if (gdbserver_state.current_syscall_cb) {
2648 put_packet(gdbserver_state.syscall_buf);
2649 return;
2650 }
2651
2652 if (cpu == NULL) {
2653 /* No process attached */
2654 return;
2655 }
2656
2657 gdb_append_thread_id(cpu, tid);
2658
2659 switch (state) {
2660 case RUN_STATE_DEBUG:
2661 if (cpu->watchpoint_hit) {
2662 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
2663 case BP_MEM_READ:
2664 type = "r";
2665 break;
2666 case BP_MEM_ACCESS:
2667 type = "a";
2668 break;
2669 default:
2670 type = "";
2671 break;
2672 }
2673 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu),
2674 (target_ulong)cpu->watchpoint_hit->vaddr);
2675 g_string_printf(buf, "T%02xthread:%s;%swatch:" TARGET_FMT_lx ";",
2676 GDB_SIGNAL_TRAP, tid->str, type,
2677 (target_ulong)cpu->watchpoint_hit->vaddr);
2678 cpu->watchpoint_hit = NULL;
2679 goto send_packet;
2680 } else {
2681 trace_gdbstub_hit_break();
2682 }
2683 tb_flush(cpu);
2684 ret = GDB_SIGNAL_TRAP;
2685 break;
2686 case RUN_STATE_PAUSED:
2687 trace_gdbstub_hit_paused();
2688 ret = GDB_SIGNAL_INT;
2689 break;
2690 case RUN_STATE_SHUTDOWN:
2691 trace_gdbstub_hit_shutdown();
2692 ret = GDB_SIGNAL_QUIT;
2693 break;
2694 case RUN_STATE_IO_ERROR:
2695 trace_gdbstub_hit_io_error();
2696 ret = GDB_SIGNAL_IO;
2697 break;
2698 case RUN_STATE_WATCHDOG:
2699 trace_gdbstub_hit_watchdog();
2700 ret = GDB_SIGNAL_ALRM;
2701 break;
2702 case RUN_STATE_INTERNAL_ERROR:
2703 trace_gdbstub_hit_internal_error();
2704 ret = GDB_SIGNAL_ABRT;
2705 break;
2706 case RUN_STATE_SAVE_VM:
2707 case RUN_STATE_RESTORE_VM:
2708 return;
2709 case RUN_STATE_FINISH_MIGRATE:
2710 ret = GDB_SIGNAL_XCPU;
2711 break;
2712 default:
2713 trace_gdbstub_hit_unknown(state);
2714 ret = GDB_SIGNAL_UNKNOWN;
2715 break;
2716 }
2717 gdb_set_stop_cpu(cpu);
2718 g_string_printf(buf, "T%02xthread:%s;", ret, tid->str);
2719
2720 send_packet:
2721 put_packet(buf->str);
2722
2723 /* disable single step if it was enabled */
2724 cpu_single_step(cpu, 0);
2725 }
2726 #endif
2727
2728 /* Send a gdb syscall request.
2729 This accepts limited printf-style format specifiers, specifically:
2730 %x - target_ulong argument printed in hex.
2731 %lx - 64-bit argument printed in hex.
2732 %s - string pointer (target_ulong) and length (int) pair. */
2733 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
2734 {
2735 char *p;
2736 char *p_end;
2737 target_ulong addr;
2738 uint64_t i64;
2739
2740 if (!gdbserver_state.init) {
2741 return;
2742 }
2743
2744 gdbserver_state.current_syscall_cb = cb;
2745 #ifndef CONFIG_USER_ONLY
2746 vm_stop(RUN_STATE_DEBUG);
2747 #endif
2748 p = &gdbserver_state.syscall_buf[0];
2749 p_end = &gdbserver_state.syscall_buf[sizeof(gdbserver_state.syscall_buf)];
2750 *(p++) = 'F';
2751 while (*fmt) {
2752 if (*fmt == '%') {
2753 fmt++;
2754 switch (*fmt++) {
2755 case 'x':
2756 addr = va_arg(va, target_ulong);
2757 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
2758 break;
2759 case 'l':
2760 if (*(fmt++) != 'x')
2761 goto bad_format;
2762 i64 = va_arg(va, uint64_t);
2763 p += snprintf(p, p_end - p, "%" PRIx64, i64);
2764 break;
2765 case 's':
2766 addr = va_arg(va, target_ulong);
2767 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
2768 addr, va_arg(va, int));
2769 break;
2770 default:
2771 bad_format:
2772 error_report("gdbstub: Bad syscall format string '%s'",
2773 fmt - 1);
2774 break;
2775 }
2776 } else {
2777 *(p++) = *(fmt++);
2778 }
2779 }
2780 *p = 0;
2781 #ifdef CONFIG_USER_ONLY
2782 put_packet(gdbserver_state.syscall_buf);
2783 /* Return control to gdb for it to process the syscall request.
2784 * Since the protocol requires that gdb hands control back to us
2785 * using a "here are the results" F packet, we don't need to check
2786 * gdb_handlesig's return value (which is the signal to deliver if
2787 * execution was resumed via a continue packet).
2788 */
2789 gdb_handlesig(gdbserver_state.c_cpu, 0);
2790 #else
2791 /* In this case wait to send the syscall packet until notification that
2792 the CPU has stopped. This must be done because if the packet is sent
2793 now the reply from the syscall request could be received while the CPU
2794 is still in the running state, which can cause packets to be dropped
2795 and state transition 'T' packets to be sent while the syscall is still
2796 being processed. */
2797 qemu_cpu_kick(gdbserver_state.c_cpu);
2798 #endif
2799 }
2800
2801 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
2802 {
2803 va_list va;
2804
2805 va_start(va, fmt);
2806 gdb_do_syscallv(cb, fmt, va);
2807 va_end(va);
2808 }
2809
2810 static void gdb_read_byte(uint8_t ch)
2811 {
2812 uint8_t reply;
2813
2814 #ifndef CONFIG_USER_ONLY
2815 if (gdbserver_state.last_packet->len) {
2816 /* Waiting for a response to the last packet. If we see the start
2817 of a new command then abandon the previous response. */
2818 if (ch == '-') {
2819 trace_gdbstub_err_got_nack();
2820 put_buffer(gdbserver_state.last_packet->data,
2821 gdbserver_state.last_packet->len);
2822 } else if (ch == '+') {
2823 trace_gdbstub_io_got_ack();
2824 } else {
2825 trace_gdbstub_io_got_unexpected(ch);
2826 }
2827
2828 if (ch == '+' || ch == '$') {
2829 g_byte_array_set_size(gdbserver_state.last_packet, 0);
2830 }
2831 if (ch != '$')
2832 return;
2833 }
2834 if (runstate_is_running()) {
2835 /* when the CPU is running, we cannot do anything except stop
2836 it when receiving a char */
2837 vm_stop(RUN_STATE_PAUSED);
2838 } else
2839 #endif
2840 {
2841 switch(gdbserver_state.state) {
2842 case RS_IDLE:
2843 if (ch == '$') {
2844 /* start of command packet */
2845 gdbserver_state.line_buf_index = 0;
2846 gdbserver_state.line_sum = 0;
2847 gdbserver_state.state = RS_GETLINE;
2848 } else {
2849 trace_gdbstub_err_garbage(ch);
2850 }
2851 break;
2852 case RS_GETLINE:
2853 if (ch == '}') {
2854 /* start escape sequence */
2855 gdbserver_state.state = RS_GETLINE_ESC;
2856 gdbserver_state.line_sum += ch;
2857 } else if (ch == '*') {
2858 /* start run length encoding sequence */
2859 gdbserver_state.state = RS_GETLINE_RLE;
2860 gdbserver_state.line_sum += ch;
2861 } else if (ch == '#') {
2862 /* end of command, start of checksum*/
2863 gdbserver_state.state = RS_CHKSUM1;
2864 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
2865 trace_gdbstub_err_overrun();
2866 gdbserver_state.state = RS_IDLE;
2867 } else {
2868 /* unescaped command character */
2869 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch;
2870 gdbserver_state.line_sum += ch;
2871 }
2872 break;
2873 case RS_GETLINE_ESC:
2874 if (ch == '#') {
2875 /* unexpected end of command in escape sequence */
2876 gdbserver_state.state = RS_CHKSUM1;
2877 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
2878 /* command buffer overrun */
2879 trace_gdbstub_err_overrun();
2880 gdbserver_state.state = RS_IDLE;
2881 } else {
2882 /* parse escaped character and leave escape state */
2883 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch ^ 0x20;
2884 gdbserver_state.line_sum += ch;
2885 gdbserver_state.state = RS_GETLINE;
2886 }
2887 break;
2888 case RS_GETLINE_RLE:
2889 /*
2890 * Run-length encoding is explained in "Debugging with GDB /
2891 * Appendix E GDB Remote Serial Protocol / Overview".
2892 */
2893 if (ch < ' ' || ch == '#' || ch == '$' || ch > 126) {
2894 /* invalid RLE count encoding */
2895 trace_gdbstub_err_invalid_repeat(ch);
2896 gdbserver_state.state = RS_GETLINE;
2897 } else {
2898 /* decode repeat length */
2899 int repeat = ch - ' ' + 3;
2900 if (gdbserver_state.line_buf_index + repeat >= sizeof(gdbserver_state.line_buf) - 1) {
2901 /* that many repeats would overrun the command buffer */
2902 trace_gdbstub_err_overrun();
2903 gdbserver_state.state = RS_IDLE;
2904 } else if (gdbserver_state.line_buf_index < 1) {
2905 /* got a repeat but we have nothing to repeat */
2906 trace_gdbstub_err_invalid_rle();
2907 gdbserver_state.state = RS_GETLINE;
2908 } else {
2909 /* repeat the last character */
2910 memset(gdbserver_state.line_buf + gdbserver_state.line_buf_index,
2911 gdbserver_state.line_buf[gdbserver_state.line_buf_index - 1], repeat);
2912 gdbserver_state.line_buf_index += repeat;
2913 gdbserver_state.line_sum += ch;
2914 gdbserver_state.state = RS_GETLINE;
2915 }
2916 }
2917 break;
2918 case RS_CHKSUM1:
2919 /* get high hex digit of checksum */
2920 if (!isxdigit(ch)) {
2921 trace_gdbstub_err_checksum_invalid(ch);
2922 gdbserver_state.state = RS_GETLINE;
2923 break;
2924 }
2925 gdbserver_state.line_buf[gdbserver_state.line_buf_index] = '\0';
2926 gdbserver_state.line_csum = fromhex(ch) << 4;
2927 gdbserver_state.state = RS_CHKSUM2;
2928 break;
2929 case RS_CHKSUM2:
2930 /* get low hex digit of checksum */
2931 if (!isxdigit(ch)) {
2932 trace_gdbstub_err_checksum_invalid(ch);
2933 gdbserver_state.state = RS_GETLINE;
2934 break;
2935 }
2936 gdbserver_state.line_csum |= fromhex(ch);
2937
2938 if (gdbserver_state.line_csum != (gdbserver_state.line_sum & 0xff)) {
2939 trace_gdbstub_err_checksum_incorrect(gdbserver_state.line_sum, gdbserver_state.line_csum);
2940 /* send NAK reply */
2941 reply = '-';
2942 put_buffer(&reply, 1);
2943 gdbserver_state.state = RS_IDLE;
2944 } else {
2945 /* send ACK reply */
2946 reply = '+';
2947 put_buffer(&reply, 1);
2948 gdbserver_state.state = gdb_handle_packet(gdbserver_state.line_buf);
2949 }
2950 break;
2951 default:
2952 abort();
2953 }
2954 }
2955 }
2956
2957 /* Tell the remote gdb that the process has exited. */
2958 void gdb_exit(CPUArchState *env, int code)
2959 {
2960 char buf[4];
2961
2962 if (!gdbserver_state.init) {
2963 return;
2964 }
2965 #ifdef CONFIG_USER_ONLY
2966 if (gdbserver_state.socket_path) {
2967 unlink(gdbserver_state.socket_path);
2968 }
2969 if (gdbserver_state.fd < 0) {
2970 return;
2971 }
2972 #endif
2973
2974 trace_gdbstub_op_exiting((uint8_t)code);
2975
2976 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
2977 put_packet(buf);
2978
2979 #ifndef CONFIG_USER_ONLY
2980 qemu_chr_fe_deinit(&gdbserver_state.chr, true);
2981 #endif
2982 }
2983
2984 /*
2985 * Create the process that will contain all the "orphan" CPUs (that are not
2986 * part of a CPU cluster). Note that if this process contains no CPUs, it won't
2987 * be attachable and thus will be invisible to the user.
2988 */
2989 static void create_default_process(GDBState *s)
2990 {
2991 GDBProcess *process;
2992 int max_pid = 0;
2993
2994 if (gdbserver_state.process_num) {
2995 max_pid = s->processes[s->process_num - 1].pid;
2996 }
2997
2998 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
2999 process = &s->processes[s->process_num - 1];
3000
3001 /* We need an available PID slot for this process */
3002 assert(max_pid < UINT32_MAX);
3003
3004 process->pid = max_pid + 1;
3005 process->attached = false;
3006 process->target_xml[0] = '\0';
3007 }
3008
3009 #ifdef CONFIG_USER_ONLY
3010 int
3011 gdb_handlesig(CPUState *cpu, int sig)
3012 {
3013 char buf[256];
3014 int n;
3015
3016 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3017 return sig;
3018 }
3019
3020 /* disable single step if it was enabled */
3021 cpu_single_step(cpu, 0);
3022 tb_flush(cpu);
3023
3024 if (sig != 0) {
3025 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
3026 put_packet(buf);
3027 }
3028 /* put_packet() might have detected that the peer terminated the
3029 connection. */
3030 if (gdbserver_state.fd < 0) {
3031 return sig;
3032 }
3033
3034 sig = 0;
3035 gdbserver_state.state = RS_IDLE;
3036 gdbserver_state.running_state = 0;
3037 while (gdbserver_state.running_state == 0) {
3038 n = read(gdbserver_state.fd, buf, 256);
3039 if (n > 0) {
3040 int i;
3041
3042 for (i = 0; i < n; i++) {
3043 gdb_read_byte(buf[i]);
3044 }
3045 } else {
3046 /* XXX: Connection closed. Should probably wait for another
3047 connection before continuing. */
3048 if (n == 0) {
3049 close(gdbserver_state.fd);
3050 }
3051 gdbserver_state.fd = -1;
3052 return sig;
3053 }
3054 }
3055 sig = gdbserver_state.signal;
3056 gdbserver_state.signal = 0;
3057 return sig;
3058 }
3059
3060 /* Tell the remote gdb that the process has exited due to SIG. */
3061 void gdb_signalled(CPUArchState *env, int sig)
3062 {
3063 char buf[4];
3064
3065 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3066 return;
3067 }
3068
3069 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
3070 put_packet(buf);
3071 }
3072
3073 static void gdb_accept_init(int fd)
3074 {
3075 init_gdbserver_state();
3076 create_default_process(&gdbserver_state);
3077 gdbserver_state.processes[0].attached = true;
3078 gdbserver_state.c_cpu = gdb_first_attached_cpu();
3079 gdbserver_state.g_cpu = gdbserver_state.c_cpu;
3080 gdbserver_state.fd = fd;
3081 gdb_has_xml = false;
3082 }
3083
3084 static bool gdb_accept_socket(int gdb_fd)
3085 {
3086 int fd;
3087
3088 for(;;) {
3089 fd = accept(gdb_fd, NULL, NULL);
3090 if (fd < 0 && errno != EINTR) {
3091 perror("accept socket");
3092 return false;
3093 } else if (fd >= 0) {
3094 qemu_set_cloexec(fd);
3095 break;
3096 }
3097 }
3098
3099 gdb_accept_init(fd);
3100 return true;
3101 }
3102
3103 static int gdbserver_open_socket(const char *path)
3104 {
3105 struct sockaddr_un sockaddr;
3106 int fd, ret;
3107
3108 fd = socket(AF_UNIX, SOCK_STREAM, 0);
3109 if (fd < 0) {
3110 perror("create socket");
3111 return -1;
3112 }
3113
3114 sockaddr.sun_family = AF_UNIX;
3115 pstrcpy(sockaddr.sun_path, sizeof(sockaddr.sun_path) - 1, path);
3116 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
3117 if (ret < 0) {
3118 perror("bind socket");
3119 close(fd);
3120 return -1;
3121 }
3122 ret = listen(fd, 1);
3123 if (ret < 0) {
3124 perror("listen socket");
3125 close(fd);
3126 return -1;
3127 }
3128
3129 return fd;
3130 }
3131
3132 static bool gdb_accept_tcp(int gdb_fd)
3133 {
3134 struct sockaddr_in sockaddr;
3135 socklen_t len;
3136 int fd;
3137
3138 for(;;) {
3139 len = sizeof(sockaddr);
3140 fd = accept(gdb_fd, (struct sockaddr *)&sockaddr, &len);
3141 if (fd < 0 && errno != EINTR) {
3142 perror("accept");
3143 return false;
3144 } else if (fd >= 0) {
3145 qemu_set_cloexec(fd);
3146 break;
3147 }
3148 }
3149
3150 /* set short latency */
3151 if (socket_set_nodelay(fd)) {
3152 perror("setsockopt");
3153 close(fd);
3154 return false;
3155 }
3156
3157 gdb_accept_init(fd);
3158 return true;
3159 }
3160
3161 static int gdbserver_open_port(int port)
3162 {
3163 struct sockaddr_in sockaddr;
3164 int fd, ret;
3165
3166 fd = socket(PF_INET, SOCK_STREAM, 0);
3167 if (fd < 0) {
3168 perror("socket");
3169 return -1;
3170 }
3171 qemu_set_cloexec(fd);
3172
3173 socket_set_fast_reuse(fd);
3174
3175 sockaddr.sin_family = AF_INET;
3176 sockaddr.sin_port = htons(port);
3177 sockaddr.sin_addr.s_addr = 0;
3178 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
3179 if (ret < 0) {
3180 perror("bind");
3181 close(fd);
3182 return -1;
3183 }
3184 ret = listen(fd, 1);
3185 if (ret < 0) {
3186 perror("listen");
3187 close(fd);
3188 return -1;
3189 }
3190
3191 return fd;
3192 }
3193
3194 int gdbserver_start(const char *port_or_path)
3195 {
3196 int port = g_ascii_strtoull(port_or_path, NULL, 10);
3197 int gdb_fd;
3198
3199 if (port > 0) {
3200 gdb_fd = gdbserver_open_port(port);
3201 } else {
3202 gdb_fd = gdbserver_open_socket(port_or_path);
3203 }
3204
3205 if (gdb_fd < 0) {
3206 return -1;
3207 }
3208
3209 if (port > 0 && gdb_accept_tcp(gdb_fd)) {
3210 return 0;
3211 } else if (gdb_accept_socket(gdb_fd)) {
3212 gdbserver_state.socket_path = g_strdup(port_or_path);
3213 return 0;
3214 }
3215
3216 /* gone wrong */
3217 close(gdb_fd);
3218 return -1;
3219 }
3220
3221 /* Disable gdb stub for child processes. */
3222 void gdbserver_fork(CPUState *cpu)
3223 {
3224 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3225 return;
3226 }
3227 close(gdbserver_state.fd);
3228 gdbserver_state.fd = -1;
3229 cpu_breakpoint_remove_all(cpu, BP_GDB);
3230 cpu_watchpoint_remove_all(cpu, BP_GDB);
3231 }
3232 #else
3233 static int gdb_chr_can_receive(void *opaque)
3234 {
3235 /* We can handle an arbitrarily large amount of data.
3236 Pick the maximum packet size, which is as good as anything. */
3237 return MAX_PACKET_LENGTH;
3238 }
3239
3240 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
3241 {
3242 int i;
3243
3244 for (i = 0; i < size; i++) {
3245 gdb_read_byte(buf[i]);
3246 }
3247 }
3248
3249 static void gdb_chr_event(void *opaque, QEMUChrEvent event)
3250 {
3251 int i;
3252 GDBState *s = (GDBState *) opaque;
3253
3254 switch (event) {
3255 case CHR_EVENT_OPENED:
3256 /* Start with first process attached, others detached */
3257 for (i = 0; i < s->process_num; i++) {
3258 s->processes[i].attached = !i;
3259 }
3260
3261 s->c_cpu = gdb_first_attached_cpu();
3262 s->g_cpu = s->c_cpu;
3263
3264 vm_stop(RUN_STATE_PAUSED);
3265 gdb_has_xml = false;
3266 break;
3267 default:
3268 break;
3269 }
3270 }
3271
3272 static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len)
3273 {
3274 g_autoptr(GString) hex_buf = g_string_new("O");
3275 memtohex(hex_buf, buf, len);
3276 put_packet(hex_buf->str);
3277 return len;
3278 }
3279
3280 #ifndef _WIN32
3281 static void gdb_sigterm_handler(int signal)
3282 {
3283 if (runstate_is_running()) {
3284 vm_stop(RUN_STATE_PAUSED);
3285 }
3286 }
3287 #endif
3288
3289 static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend,
3290 bool *be_opened, Error **errp)
3291 {
3292 *be_opened = false;
3293 }
3294
3295 static void char_gdb_class_init(ObjectClass *oc, void *data)
3296 {
3297 ChardevClass *cc = CHARDEV_CLASS(oc);
3298
3299 cc->internal = true;
3300 cc->open = gdb_monitor_open;
3301 cc->chr_write = gdb_monitor_write;
3302 }
3303
3304 #define TYPE_CHARDEV_GDB "chardev-gdb"
3305
3306 static const TypeInfo char_gdb_type_info = {
3307 .name = TYPE_CHARDEV_GDB,
3308 .parent = TYPE_CHARDEV,
3309 .class_init = char_gdb_class_init,
3310 };
3311
3312 static int find_cpu_clusters(Object *child, void *opaque)
3313 {
3314 if (object_dynamic_cast(child, TYPE_CPU_CLUSTER)) {
3315 GDBState *s = (GDBState *) opaque;
3316 CPUClusterState *cluster = CPU_CLUSTER(child);
3317 GDBProcess *process;
3318
3319 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
3320
3321 process = &s->processes[s->process_num - 1];
3322
3323 /*
3324 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at
3325 * runtime, we enforce here that the machine does not use a cluster ID
3326 * that would lead to PID 0.
3327 */
3328 assert(cluster->cluster_id != UINT32_MAX);
3329 process->pid = cluster->cluster_id + 1;
3330 process->attached = false;
3331 process->target_xml[0] = '\0';
3332
3333 return 0;
3334 }
3335
3336 return object_child_foreach(child, find_cpu_clusters, opaque);
3337 }
3338
3339 static int pid_order(const void *a, const void *b)
3340 {
3341 GDBProcess *pa = (GDBProcess *) a;
3342 GDBProcess *pb = (GDBProcess *) b;
3343
3344 if (pa->pid < pb->pid) {
3345 return -1;
3346 } else if (pa->pid > pb->pid) {
3347 return 1;
3348 } else {
3349 return 0;
3350 }
3351 }
3352
3353 static void create_processes(GDBState *s)
3354 {
3355 object_child_foreach(object_get_root(), find_cpu_clusters, s);
3356
3357 if (gdbserver_state.processes) {
3358 /* Sort by PID */
3359 qsort(gdbserver_state.processes, gdbserver_state.process_num, sizeof(gdbserver_state.processes[0]), pid_order);
3360 }
3361
3362 create_default_process(s);
3363 }
3364
3365 int gdbserver_start(const char *device)
3366 {
3367 trace_gdbstub_op_start(device);
3368
3369 char gdbstub_device_name[128];
3370 Chardev *chr = NULL;
3371 Chardev *mon_chr;
3372
3373 if (!first_cpu) {
3374 error_report("gdbstub: meaningless to attach gdb to a "
3375 "machine without any CPU.");
3376 return -1;
3377 }
3378
3379 if (!device)
3380 return -1;
3381 if (strcmp(device, "none") != 0) {
3382 if (strstart(device, "tcp:", NULL)) {
3383 /* enforce required TCP attributes */
3384 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
3385 "%s,nowait,nodelay,server", device);
3386 device = gdbstub_device_name;
3387 }
3388 #ifndef _WIN32
3389 else if (strcmp(device, "stdio") == 0) {
3390 struct sigaction act;
3391
3392 memset(&act, 0, sizeof(act));
3393 act.sa_handler = gdb_sigterm_handler;
3394 sigaction(SIGINT, &act, NULL);
3395 }
3396 #endif
3397 /*
3398 * FIXME: it's a bit weird to allow using a mux chardev here
3399 * and implicitly setup a monitor. We may want to break this.
3400 */
3401 chr = qemu_chr_new_noreplay("gdb", device, true, NULL);
3402 if (!chr)
3403 return -1;
3404 }
3405
3406 if (!gdbserver_state.init) {
3407 init_gdbserver_state();
3408
3409 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
3410
3411 /* Initialize a monitor terminal for gdb */
3412 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB,
3413 NULL, NULL, &error_abort);
3414 monitor_init_hmp(mon_chr, false, &error_abort);
3415 } else {
3416 qemu_chr_fe_deinit(&gdbserver_state.chr, true);
3417 mon_chr = gdbserver_state.mon_chr;
3418 reset_gdbserver_state();
3419 }
3420
3421 create_processes(&gdbserver_state);
3422
3423 if (chr) {
3424 qemu_chr_fe_init(&gdbserver_state.chr, chr, &error_abort);
3425 qemu_chr_fe_set_handlers(&gdbserver_state.chr, gdb_chr_can_receive,
3426 gdb_chr_receive, gdb_chr_event,
3427 NULL, &gdbserver_state, NULL, true);
3428 }
3429 gdbserver_state.state = chr ? RS_IDLE : RS_INACTIVE;
3430 gdbserver_state.mon_chr = mon_chr;
3431 gdbserver_state.current_syscall_cb = NULL;
3432
3433 return 0;
3434 }
3435
3436 void gdbserver_cleanup(void)
3437 {
3438 if (gdbserver_state.init) {
3439 put_packet("W00");
3440 }
3441 }
3442
3443 static void register_types(void)
3444 {
3445 type_register_static(&char_gdb_type_info);
3446 }
3447
3448 type_init(register_types);
3449 #endif