search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
gdbstub: move mem_buf to GDBState and use GByteArray
[qemu/ar7.git] / gdbstub.c
blobdb537a712ccd87e79e726cae45c7d38677f73eff
1 /*
2 * gdb server stub
3 *
4 * This implements a subset of the remote protocol as described in:
5 *
6 * https://sourceware.org/gdb/onlinedocs/gdb/Remote-Protocol.html
7 *
8 * Copyright (c) 2003-2005 Fabrice Bellard
9 *
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
14 *
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
19 *
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
22 *
23 * SPDX-License-Identifier: LGPL-2.0+
24 */
25
26 #include "qemu/osdep.h"
27 #include "qemu-common.h"
28 #include "qapi/error.h"
29 #include "qemu/error-report.h"
30 #include "qemu/ctype.h"
31 #include "qemu/cutils.h"
32 #include "qemu/module.h"
33 #include "trace-root.h"
34 #ifdef CONFIG_USER_ONLY
35 #include "qemu.h"
36 #else
37 #include "monitor/monitor.h"
38 #include "chardev/char.h"
39 #include "chardev/char-fe.h"
40 #include "sysemu/sysemu.h"
41 #include "exec/gdbstub.h"
42 #include "hw/cpu/cluster.h"
43 #include "hw/boards.h"
44 #endif
45
46 #define MAX_PACKET_LENGTH 4096
47
48 #include "qemu/sockets.h"
49 #include "sysemu/hw_accel.h"
50 #include "sysemu/kvm.h"
51 #include "sysemu/runstate.h"
52 #include "hw/semihosting/semihost.h"
53 #include "exec/exec-all.h"
54
55 #ifdef CONFIG_USER_ONLY
56 #define GDB_ATTACHED "0"
57 #else
58 #define GDB_ATTACHED "1"
59 #endif
60
61 #ifndef CONFIG_USER_ONLY
62 static int phy_memory_mode;
63 #endif
64
65 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
66 uint8_t *buf, int len, bool is_write)
67 {
68 CPUClass *cc;
69
70 #ifndef CONFIG_USER_ONLY
71 if (phy_memory_mode) {
72 if (is_write) {
73 cpu_physical_memory_write(addr, buf, len);
74 } else {
75 cpu_physical_memory_read(addr, buf, len);
76 }
77 return 0;
78 }
79 #endif
80
81 cc = CPU_GET_CLASS(cpu);
82 if (cc->memory_rw_debug) {
83 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
84 }
85 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
86 }
87
88 /* Return the GDB index for a given vCPU state.
89 *
90 * For user mode this is simply the thread id. In system mode GDB
91 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
92 */
93 static inline int cpu_gdb_index(CPUState *cpu)
94 {
95 #if defined(CONFIG_USER_ONLY)
96 TaskState *ts = (TaskState *) cpu->opaque;
97 return ts->ts_tid;
98 #else
99 return cpu->cpu_index + 1;
100 #endif
101 }
102
103 enum {
104 GDB_SIGNAL_0 = 0,
105 GDB_SIGNAL_INT = 2,
106 GDB_SIGNAL_QUIT = 3,
107 GDB_SIGNAL_TRAP = 5,
108 GDB_SIGNAL_ABRT = 6,
109 GDB_SIGNAL_ALRM = 14,
110 GDB_SIGNAL_IO = 23,
111 GDB_SIGNAL_XCPU = 24,
112 GDB_SIGNAL_UNKNOWN = 143
113 };
114
115 #ifdef CONFIG_USER_ONLY
116
117 /* Map target signal numbers to GDB protocol signal numbers and vice
118 * versa. For user emulation's currently supported systems, we can
119 * assume most signals are defined.
120 */
121
122 static int gdb_signal_table[] = {
123 0,
124 TARGET_SIGHUP,
125 TARGET_SIGINT,
126 TARGET_SIGQUIT,
127 TARGET_SIGILL,
128 TARGET_SIGTRAP,
129 TARGET_SIGABRT,
130 -1, /* SIGEMT */
131 TARGET_SIGFPE,
132 TARGET_SIGKILL,
133 TARGET_SIGBUS,
134 TARGET_SIGSEGV,
135 TARGET_SIGSYS,
136 TARGET_SIGPIPE,
137 TARGET_SIGALRM,
138 TARGET_SIGTERM,
139 TARGET_SIGURG,
140 TARGET_SIGSTOP,
141 TARGET_SIGTSTP,
142 TARGET_SIGCONT,
143 TARGET_SIGCHLD,
144 TARGET_SIGTTIN,
145 TARGET_SIGTTOU,
146 TARGET_SIGIO,
147 TARGET_SIGXCPU,
148 TARGET_SIGXFSZ,
149 TARGET_SIGVTALRM,
150 TARGET_SIGPROF,
151 TARGET_SIGWINCH,
152 -1, /* SIGLOST */
153 TARGET_SIGUSR1,
154 TARGET_SIGUSR2,
155 #ifdef TARGET_SIGPWR
156 TARGET_SIGPWR,
157 #else
158 -1,
159 #endif
160 -1, /* SIGPOLL */
161 -1,
162 -1,
163 -1,
164 -1,
165 -1,
166 -1,
167 -1,
168 -1,
169 -1,
170 -1,
171 -1,
172 #ifdef __SIGRTMIN
173 __SIGRTMIN + 1,
174 __SIGRTMIN + 2,
175 __SIGRTMIN + 3,
176 __SIGRTMIN + 4,
177 __SIGRTMIN + 5,
178 __SIGRTMIN + 6,
179 __SIGRTMIN + 7,
180 __SIGRTMIN + 8,
181 __SIGRTMIN + 9,
182 __SIGRTMIN + 10,
183 __SIGRTMIN + 11,
184 __SIGRTMIN + 12,
185 __SIGRTMIN + 13,
186 __SIGRTMIN + 14,
187 __SIGRTMIN + 15,
188 __SIGRTMIN + 16,
189 __SIGRTMIN + 17,
190 __SIGRTMIN + 18,
191 __SIGRTMIN + 19,
192 __SIGRTMIN + 20,
193 __SIGRTMIN + 21,
194 __SIGRTMIN + 22,
195 __SIGRTMIN + 23,
196 __SIGRTMIN + 24,
197 __SIGRTMIN + 25,
198 __SIGRTMIN + 26,
199 __SIGRTMIN + 27,
200 __SIGRTMIN + 28,
201 __SIGRTMIN + 29,
202 __SIGRTMIN + 30,
203 __SIGRTMIN + 31,
204 -1, /* SIGCANCEL */
205 __SIGRTMIN,
206 __SIGRTMIN + 32,
207 __SIGRTMIN + 33,
208 __SIGRTMIN + 34,
209 __SIGRTMIN + 35,
210 __SIGRTMIN + 36,
211 __SIGRTMIN + 37,
212 __SIGRTMIN + 38,
213 __SIGRTMIN + 39,
214 __SIGRTMIN + 40,
215 __SIGRTMIN + 41,
216 __SIGRTMIN + 42,
217 __SIGRTMIN + 43,
218 __SIGRTMIN + 44,
219 __SIGRTMIN + 45,
220 __SIGRTMIN + 46,
221 __SIGRTMIN + 47,
222 __SIGRTMIN + 48,
223 __SIGRTMIN + 49,
224 __SIGRTMIN + 50,
225 __SIGRTMIN + 51,
226 __SIGRTMIN + 52,
227 __SIGRTMIN + 53,
228 __SIGRTMIN + 54,
229 __SIGRTMIN + 55,
230 __SIGRTMIN + 56,
231 __SIGRTMIN + 57,
232 __SIGRTMIN + 58,
233 __SIGRTMIN + 59,
234 __SIGRTMIN + 60,
235 __SIGRTMIN + 61,
236 __SIGRTMIN + 62,
237 __SIGRTMIN + 63,
238 __SIGRTMIN + 64,
239 __SIGRTMIN + 65,
240 __SIGRTMIN + 66,
241 __SIGRTMIN + 67,
242 __SIGRTMIN + 68,
243 __SIGRTMIN + 69,
244 __SIGRTMIN + 70,
245 __SIGRTMIN + 71,
246 __SIGRTMIN + 72,
247 __SIGRTMIN + 73,
248 __SIGRTMIN + 74,
249 __SIGRTMIN + 75,
250 __SIGRTMIN + 76,
251 __SIGRTMIN + 77,
252 __SIGRTMIN + 78,
253 __SIGRTMIN + 79,
254 __SIGRTMIN + 80,
255 __SIGRTMIN + 81,
256 __SIGRTMIN + 82,
257 __SIGRTMIN + 83,
258 __SIGRTMIN + 84,
259 __SIGRTMIN + 85,
260 __SIGRTMIN + 86,
261 __SIGRTMIN + 87,
262 __SIGRTMIN + 88,
263 __SIGRTMIN + 89,
264 __SIGRTMIN + 90,
265 __SIGRTMIN + 91,
266 __SIGRTMIN + 92,
267 __SIGRTMIN + 93,
268 __SIGRTMIN + 94,
269 __SIGRTMIN + 95,
270 -1, /* SIGINFO */
271 -1, /* UNKNOWN */
272 -1, /* DEFAULT */
273 -1,
274 -1,
275 -1,
276 -1,
277 -1,
278 -1
279 #endif
280 };
281 #else
282 /* In system mode we only need SIGINT and SIGTRAP; other signals
283 are not yet supported. */
284
285 enum {
286 TARGET_SIGINT = 2,
287 TARGET_SIGTRAP = 5
288 };
289
290 static int gdb_signal_table[] = {
291 -1,
292 -1,
293 TARGET_SIGINT,
294 -1,
295 -1,
296 TARGET_SIGTRAP
297 };
298 #endif
299
300 #ifdef CONFIG_USER_ONLY
301 static int target_signal_to_gdb (int sig)
302 {
303 int i;
304 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
305 if (gdb_signal_table[i] == sig)
306 return i;
307 return GDB_SIGNAL_UNKNOWN;
308 }
309 #endif
310
311 static int gdb_signal_to_target (int sig)
312 {
313 if (sig < ARRAY_SIZE (gdb_signal_table))
314 return gdb_signal_table[sig];
315 else
316 return -1;
317 }
318
319 typedef struct GDBRegisterState {
320 int base_reg;
321 int num_regs;
322 gdb_reg_cb get_reg;
323 gdb_reg_cb set_reg;
324 const char *xml;
325 struct GDBRegisterState *next;
326 } GDBRegisterState;
327
328 typedef struct GDBProcess {
329 uint32_t pid;
330 bool attached;
331
332 char target_xml[1024];
333 } GDBProcess;
334
335 enum RSState {
336 RS_INACTIVE,
337 RS_IDLE,
338 RS_GETLINE,
339 RS_GETLINE_ESC,
340 RS_GETLINE_RLE,
341 RS_CHKSUM1,
342 RS_CHKSUM2,
343 };
344 typedef struct GDBState {
345 bool init; /* have we been initialised? */
346 CPUState *c_cpu; /* current CPU for step/continue ops */
347 CPUState *g_cpu; /* current CPU for other ops */
348 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
349 enum RSState state; /* parsing state */
350 char line_buf[MAX_PACKET_LENGTH];
351 int line_buf_index;
352 int line_sum; /* running checksum */
353 int line_csum; /* checksum at the end of the packet */
354 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
355 int last_packet_len;
356 int signal;
357 #ifdef CONFIG_USER_ONLY
358 int fd;
359 int running_state;
360 #else
361 CharBackend chr;
362 Chardev *mon_chr;
363 #endif
364 bool multiprocess;
365 GDBProcess *processes;
366 int process_num;
367 char syscall_buf[256];
368 gdb_syscall_complete_cb current_syscall_cb;
369 GString *str_buf;
370 GByteArray *mem_buf;
371 } GDBState;
372
373 /* By default use no IRQs and no timers while single stepping so as to
374 * make single stepping like an ICE HW step.
375 */
376 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
377
378 static GDBState gdbserver_state;
379
380 static void init_gdbserver_state(void)
381 {
382 g_assert(!gdbserver_state.init);
383 memset(&gdbserver_state, 0, sizeof(GDBState));
384 gdbserver_state.init = true;
385 gdbserver_state.str_buf = g_string_new(NULL);
386 gdbserver_state.mem_buf = g_byte_array_sized_new(MAX_PACKET_LENGTH);
387 }
388
389 #ifndef CONFIG_USER_ONLY
390 static void reset_gdbserver_state(void)
391 {
392 g_free(gdbserver_state.processes);
393 gdbserver_state.processes = NULL;
394 gdbserver_state.process_num = 0;
395 }
396 #endif
397
398 bool gdb_has_xml;
399
400 #ifdef CONFIG_USER_ONLY
401 /* XXX: This is not thread safe. Do we care? */
402 static int gdbserver_fd = -1;
403
404 static int get_char(void)
405 {
406 uint8_t ch;
407 int ret;
408
409 for(;;) {
410 ret = qemu_recv(gdbserver_state.fd, &ch, 1, 0);
411 if (ret < 0) {
412 if (errno == ECONNRESET)
413 gdbserver_state.fd = -1;
414 if (errno != EINTR)
415 return -1;
416 } else if (ret == 0) {
417 close(gdbserver_state.fd);
418 gdbserver_state.fd = -1;
419 return -1;
420 } else {
421 break;
422 }
423 }
424 return ch;
425 }
426 #endif
427
428 static enum {
429 GDB_SYS_UNKNOWN,
430 GDB_SYS_ENABLED,
431 GDB_SYS_DISABLED,
432 } gdb_syscall_mode;
433
434 /* Decide if either remote gdb syscalls or native file IO should be used. */
435 int use_gdb_syscalls(void)
436 {
437 SemihostingTarget target = semihosting_get_target();
438 if (target == SEMIHOSTING_TARGET_NATIVE) {
439 /* -semihosting-config target=native */
440 return false;
441 } else if (target == SEMIHOSTING_TARGET_GDB) {
442 /* -semihosting-config target=gdb */
443 return true;
444 }
445
446 /* -semihosting-config target=auto */
447 /* On the first call check if gdb is connected and remember. */
448 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
449 gdb_syscall_mode = gdbserver_state.init ?
450 GDB_SYS_ENABLED : GDB_SYS_DISABLED;
451 }
452 return gdb_syscall_mode == GDB_SYS_ENABLED;
453 }
454
455 /* Resume execution. */
456 static inline void gdb_continue(void)
457 {
458
459 #ifdef CONFIG_USER_ONLY
460 gdbserver_state.running_state = 1;
461 trace_gdbstub_op_continue();
462 #else
463 if (!runstate_needs_reset()) {
464 trace_gdbstub_op_continue();
465 vm_start();
466 }
467 #endif
468 }
469
470 /*
471 * Resume execution, per CPU actions. For user-mode emulation it's
472 * equivalent to gdb_continue.
473 */
474 static int gdb_continue_partial(char *newstates)
475 {
476 CPUState *cpu;
477 int res = 0;
478 #ifdef CONFIG_USER_ONLY
479 /*
480 * This is not exactly accurate, but it's an improvement compared to the
481 * previous situation, where only one CPU would be single-stepped.
482 */
483 CPU_FOREACH(cpu) {
484 if (newstates[cpu->cpu_index] == 's') {
485 trace_gdbstub_op_stepping(cpu->cpu_index);
486 cpu_single_step(cpu, sstep_flags);
487 }
488 }
489 gdbserver_state.running_state = 1;
490 #else
491 int flag = 0;
492
493 if (!runstate_needs_reset()) {
494 if (vm_prepare_start()) {
495 return 0;
496 }
497
498 CPU_FOREACH(cpu) {
499 switch (newstates[cpu->cpu_index]) {
500 case 0:
501 case 1:
502 break; /* nothing to do here */
503 case 's':
504 trace_gdbstub_op_stepping(cpu->cpu_index);
505 cpu_single_step(cpu, sstep_flags);
506 cpu_resume(cpu);
507 flag = 1;
508 break;
509 case 'c':
510 trace_gdbstub_op_continue_cpu(cpu->cpu_index);
511 cpu_resume(cpu);
512 flag = 1;
513 break;
514 default:
515 res = -1;
516 break;
517 }
518 }
519 }
520 if (flag) {
521 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true);
522 }
523 #endif
524 return res;
525 }
526
527 static void put_buffer(const uint8_t *buf, int len)
528 {
529 #ifdef CONFIG_USER_ONLY
530 int ret;
531
532 while (len > 0) {
533 ret = send(gdbserver_state.fd, buf, len, 0);
534 if (ret < 0) {
535 if (errno != EINTR)
536 return;
537 } else {
538 buf += ret;
539 len -= ret;
540 }
541 }
542 #else
543 /* XXX this blocks entire thread. Rewrite to use
544 * qemu_chr_fe_write and background I/O callbacks */
545 qemu_chr_fe_write_all(&gdbserver_state.chr, buf, len);
546 #endif
547 }
548
549 static inline int fromhex(int v)
550 {
551 if (v >= '0' && v <= '9')
552 return v - '0';
553 else if (v >= 'A' && v <= 'F')
554 return v - 'A' + 10;
555 else if (v >= 'a' && v <= 'f')
556 return v - 'a' + 10;
557 else
558 return 0;
559 }
560
561 static inline int tohex(int v)
562 {
563 if (v < 10)
564 return v + '0';
565 else
566 return v - 10 + 'a';
567 }
568
569 /* writes 2*len+1 bytes in buf */
570 static void memtohex(GString *buf, const uint8_t *mem, int len)
571 {
572 int i, c;
573 for(i = 0; i < len; i++) {
574 c = mem[i];
575 g_string_append_c(buf, tohex(c >> 4));
576 g_string_append_c(buf, tohex(c & 0xf));
577 }
578 g_string_append_c(buf, '\0');
579 }
580
581 static void hextomem(GByteArray *mem, const char *buf, int len)
582 {
583 int i;
584
585 for(i = 0; i < len; i++) {
586 guint8 byte = fromhex(buf[0]) << 4 | fromhex(buf[1]);
587 g_byte_array_append(mem, &byte, 1);
588 buf += 2;
589 }
590 }
591
592 static void hexdump(const char *buf, int len,
593 void (*trace_fn)(size_t ofs, char const *text))
594 {
595 char line_buffer[3 * 16 + 4 + 16 + 1];
596
597 size_t i;
598 for (i = 0; i < len || (i & 0xF); ++i) {
599 size_t byte_ofs = i & 15;
600
601 if (byte_ofs == 0) {
602 memset(line_buffer, ' ', 3 * 16 + 4 + 16);
603 line_buffer[3 * 16 + 4 + 16] = 0;
604 }
605
606 size_t col_group = (i >> 2) & 3;
607 size_t hex_col = byte_ofs * 3 + col_group;
608 size_t txt_col = 3 * 16 + 4 + byte_ofs;
609
610 if (i < len) {
611 char value = buf[i];
612
613 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF);
614 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF);
615 line_buffer[txt_col + 0] = (value >= ' ' && value < 127)
616 ? value
617 : '.';
618 }
619
620 if (byte_ofs == 0xF)
621 trace_fn(i & -16, line_buffer);
622 }
623 }
624
625 /* return -1 if error, 0 if OK */
626 static int put_packet_binary(const char *buf, int len, bool dump)
627 {
628 int csum, i;
629 uint8_t *p;
630 uint8_t *ps = &gdbserver_state.last_packet[0];
631
632 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) {
633 hexdump(buf, len, trace_gdbstub_io_binaryreply);
634 }
635
636 for(;;) {
637 p = ps;
638 *(p++) = '$';
639 memcpy(p, buf, len);
640 p += len;
641 csum = 0;
642 for(i = 0; i < len; i++) {
643 csum += buf[i];
644 }
645 *(p++) = '#';
646 *(p++) = tohex((csum >> 4) & 0xf);
647 *(p++) = tohex((csum) & 0xf);
648
649 gdbserver_state.last_packet_len = p - ps;
650 put_buffer(ps, gdbserver_state.last_packet_len);
651
652 #ifdef CONFIG_USER_ONLY
653 i = get_char();
654 if (i < 0)
655 return -1;
656 if (i == '+')
657 break;
658 #else
659 break;
660 #endif
661 }
662 return 0;
663 }
664
665 /* return -1 if error, 0 if OK */
666 static int put_packet(const char *buf)
667 {
668 trace_gdbstub_io_reply(buf);
669
670 return put_packet_binary(buf, strlen(buf), false);
671 }
672
673 static void put_strbuf(void)
674 {
675 put_packet(gdbserver_state.str_buf->str);
676 }
677
678 /* Encode data using the encoding for 'x' packets. */
679 static void memtox(GString *buf, const char *mem, int len)
680 {
681 char c;
682
683 while (len--) {
684 c = *(mem++);
685 switch (c) {
686 case '#': case '$': case '*': case '}':
687 g_string_append_c(buf, '}');
688 g_string_append_c(buf, c ^ 0x20);
689 break;
690 default:
691 g_string_append_c(buf, c);
692 break;
693 }
694 }
695 }
696
697 static uint32_t gdb_get_cpu_pid(CPUState *cpu)
698 {
699 /* TODO: In user mode, we should use the task state PID */
700 if (cpu->cluster_index == UNASSIGNED_CLUSTER_INDEX) {
701 /* Return the default process' PID */
702 int index = gdbserver_state.process_num - 1;
703 return gdbserver_state.processes[index].pid;
704 }
705 return cpu->cluster_index + 1;
706 }
707
708 static GDBProcess *gdb_get_process(uint32_t pid)
709 {
710 int i;
711
712 if (!pid) {
713 /* 0 means any process, we take the first one */
714 return &gdbserver_state.processes[0];
715 }
716
717 for (i = 0; i < gdbserver_state.process_num; i++) {
718 if (gdbserver_state.processes[i].pid == pid) {
719 return &gdbserver_state.processes[i];
720 }
721 }
722
723 return NULL;
724 }
725
726 static GDBProcess *gdb_get_cpu_process(CPUState *cpu)
727 {
728 return gdb_get_process(gdb_get_cpu_pid(cpu));
729 }
730
731 static CPUState *find_cpu(uint32_t thread_id)
732 {
733 CPUState *cpu;
734
735 CPU_FOREACH(cpu) {
736 if (cpu_gdb_index(cpu) == thread_id) {
737 return cpu;
738 }
739 }
740
741 return NULL;
742 }
743
744 static CPUState *get_first_cpu_in_process(GDBProcess *process)
745 {
746 CPUState *cpu;
747
748 CPU_FOREACH(cpu) {
749 if (gdb_get_cpu_pid(cpu) == process->pid) {
750 return cpu;
751 }
752 }
753
754 return NULL;
755 }
756
757 static CPUState *gdb_next_cpu_in_process(CPUState *cpu)
758 {
759 uint32_t pid = gdb_get_cpu_pid(cpu);
760 cpu = CPU_NEXT(cpu);
761
762 while (cpu) {
763 if (gdb_get_cpu_pid(cpu) == pid) {
764 break;
765 }
766
767 cpu = CPU_NEXT(cpu);
768 }
769
770 return cpu;
771 }
772
773 /* Return the cpu following @cpu, while ignoring unattached processes. */
774 static CPUState *gdb_next_attached_cpu(CPUState *cpu)
775 {
776 cpu = CPU_NEXT(cpu);
777
778 while (cpu) {
779 if (gdb_get_cpu_process(cpu)->attached) {
780 break;
781 }
782
783 cpu = CPU_NEXT(cpu);
784 }
785
786 return cpu;
787 }
788
789 /* Return the first attached cpu */
790 static CPUState *gdb_first_attached_cpu(void)
791 {
792 CPUState *cpu = first_cpu;
793 GDBProcess *process = gdb_get_cpu_process(cpu);
794
795 if (!process->attached) {
796 return gdb_next_attached_cpu(cpu);
797 }
798
799 return cpu;
800 }
801
802 static CPUState *gdb_get_cpu(uint32_t pid, uint32_t tid)
803 {
804 GDBProcess *process;
805 CPUState *cpu;
806
807 if (!pid && !tid) {
808 /* 0 means any process/thread, we take the first attached one */
809 return gdb_first_attached_cpu();
810 } else if (pid && !tid) {
811 /* any thread in a specific process */
812 process = gdb_get_process(pid);
813
814 if (process == NULL) {
815 return NULL;
816 }
817
818 if (!process->attached) {
819 return NULL;
820 }
821
822 return get_first_cpu_in_process(process);
823 } else {
824 /* a specific thread */
825 cpu = find_cpu(tid);
826
827 if (cpu == NULL) {
828 return NULL;
829 }
830
831 process = gdb_get_cpu_process(cpu);
832
833 if (pid && process->pid != pid) {
834 return NULL;
835 }
836
837 if (!process->attached) {
838 return NULL;
839 }
840
841 return cpu;
842 }
843 }
844
845 static const char *get_feature_xml(const char *p, const char **newp,
846 GDBProcess *process)
847 {
848 size_t len;
849 int i;
850 const char *name;
851 CPUState *cpu = get_first_cpu_in_process(process);
852 CPUClass *cc = CPU_GET_CLASS(cpu);
853
854 len = 0;
855 while (p[len] && p[len] != ':')
856 len++;
857 *newp = p + len;
858
859 name = NULL;
860 if (strncmp(p, "target.xml", len) == 0) {
861 char *buf = process->target_xml;
862 const size_t buf_sz = sizeof(process->target_xml);
863
864 /* Generate the XML description for this CPU. */
865 if (!buf[0]) {
866 GDBRegisterState *r;
867
868 pstrcat(buf, buf_sz,
869 "<?xml version=\"1.0\"?>"
870 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
871 "<target>");
872 if (cc->gdb_arch_name) {
873 gchar *arch = cc->gdb_arch_name(cpu);
874 pstrcat(buf, buf_sz, "<architecture>");
875 pstrcat(buf, buf_sz, arch);
876 pstrcat(buf, buf_sz, "</architecture>");
877 g_free(arch);
878 }
879 pstrcat(buf, buf_sz, "<xi:include href=\"");
880 pstrcat(buf, buf_sz, cc->gdb_core_xml_file);
881 pstrcat(buf, buf_sz, "\"/>");
882 for (r = cpu->gdb_regs; r; r = r->next) {
883 pstrcat(buf, buf_sz, "<xi:include href=\"");
884 pstrcat(buf, buf_sz, r->xml);
885 pstrcat(buf, buf_sz, "\"/>");
886 }
887 pstrcat(buf, buf_sz, "</target>");
888 }
889 return buf;
890 }
891 if (cc->gdb_get_dynamic_xml) {
892 char *xmlname = g_strndup(p, len);
893 const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname);
894
895 g_free(xmlname);
896 if (xml) {
897 return xml;
898 }
899 }
900 for (i = 0; ; i++) {
901 name = xml_builtin[i][0];
902 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
903 break;
904 }
905 return name ? xml_builtin[i][1] : NULL;
906 }
907
908 static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
909 {
910 CPUClass *cc = CPU_GET_CLASS(cpu);
911 CPUArchState *env = cpu->env_ptr;
912 GDBRegisterState *r;
913
914 if (reg < cc->gdb_num_core_regs) {
915 return cc->gdb_read_register(cpu, mem_buf, reg);
916 }
917
918 for (r = cpu->gdb_regs; r; r = r->next) {
919 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
920 return r->get_reg(env, mem_buf, reg - r->base_reg);
921 }
922 }
923 return 0;
924 }
925
926 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
927 {
928 CPUClass *cc = CPU_GET_CLASS(cpu);
929 CPUArchState *env = cpu->env_ptr;
930 GDBRegisterState *r;
931
932 if (reg < cc->gdb_num_core_regs) {
933 return cc->gdb_write_register(cpu, mem_buf, reg);
934 }
935
936 for (r = cpu->gdb_regs; r; r = r->next) {
937 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
938 return r->set_reg(env, mem_buf, reg - r->base_reg);
939 }
940 }
941 return 0;
942 }
943
944 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
945 specifies the first register number and these registers are included in
946 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
947 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
948 */
949
950 void gdb_register_coprocessor(CPUState *cpu,
951 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
952 int num_regs, const char *xml, int g_pos)
953 {
954 GDBRegisterState *s;
955 GDBRegisterState **p;
956
957 p = &cpu->gdb_regs;
958 while (*p) {
959 /* Check for duplicates. */
960 if (strcmp((*p)->xml, xml) == 0)
961 return;
962 p = &(*p)->next;
963 }
964
965 s = g_new0(GDBRegisterState, 1);
966 s->base_reg = cpu->gdb_num_regs;
967 s->num_regs = num_regs;
968 s->get_reg = get_reg;
969 s->set_reg = set_reg;
970 s->xml = xml;
971
972 /* Add to end of list. */
973 cpu->gdb_num_regs += num_regs;
974 *p = s;
975 if (g_pos) {
976 if (g_pos != s->base_reg) {
977 error_report("Error: Bad gdb register numbering for '%s', "
978 "expected %d got %d", xml, g_pos, s->base_reg);
979 } else {
980 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
981 }
982 }
983 }
984
985 #ifndef CONFIG_USER_ONLY
986 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
987 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
988 {
989 static const int xlat[] = {
990 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
991 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
992 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
993 };
994
995 CPUClass *cc = CPU_GET_CLASS(cpu);
996 int cputype = xlat[gdbtype];
997
998 if (cc->gdb_stop_before_watchpoint) {
999 cputype |= BP_STOP_BEFORE_ACCESS;
1000 }
1001 return cputype;
1002 }
1003 #endif
1004
1005 static int gdb_breakpoint_insert(int type, target_ulong addr, target_ulong len)
1006 {
1007 CPUState *cpu;
1008 int err = 0;
1009
1010 if (kvm_enabled()) {
1011 return kvm_insert_breakpoint(gdbserver_state.c_cpu, addr, len, type);
1012 }
1013
1014 switch (type) {
1015 case GDB_BREAKPOINT_SW:
1016 case GDB_BREAKPOINT_HW:
1017 CPU_FOREACH(cpu) {
1018 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
1019 if (err) {
1020 break;
1021 }
1022 }
1023 return err;
1024 #ifndef CONFIG_USER_ONLY
1025 case GDB_WATCHPOINT_WRITE:
1026 case GDB_WATCHPOINT_READ:
1027 case GDB_WATCHPOINT_ACCESS:
1028 CPU_FOREACH(cpu) {
1029 err = cpu_watchpoint_insert(cpu, addr, len,
1030 xlat_gdb_type(cpu, type), NULL);
1031 if (err) {
1032 break;
1033 }
1034 }
1035 return err;
1036 #endif
1037 default:
1038 return -ENOSYS;
1039 }
1040 }
1041
1042 static int gdb_breakpoint_remove(int type, target_ulong addr, target_ulong len)
1043 {
1044 CPUState *cpu;
1045 int err = 0;
1046
1047 if (kvm_enabled()) {
1048 return kvm_remove_breakpoint(gdbserver_state.c_cpu, addr, len, type);
1049 }
1050
1051 switch (type) {
1052 case GDB_BREAKPOINT_SW:
1053 case GDB_BREAKPOINT_HW:
1054 CPU_FOREACH(cpu) {
1055 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
1056 if (err) {
1057 break;
1058 }
1059 }
1060 return err;
1061 #ifndef CONFIG_USER_ONLY
1062 case GDB_WATCHPOINT_WRITE:
1063 case GDB_WATCHPOINT_READ:
1064 case GDB_WATCHPOINT_ACCESS:
1065 CPU_FOREACH(cpu) {
1066 err = cpu_watchpoint_remove(cpu, addr, len,
1067 xlat_gdb_type(cpu, type));
1068 if (err)
1069 break;
1070 }
1071 return err;
1072 #endif
1073 default:
1074 return -ENOSYS;
1075 }
1076 }
1077
1078 static inline void gdb_cpu_breakpoint_remove_all(CPUState *cpu)
1079 {
1080 cpu_breakpoint_remove_all(cpu, BP_GDB);
1081 #ifndef CONFIG_USER_ONLY
1082 cpu_watchpoint_remove_all(cpu, BP_GDB);
1083 #endif
1084 }
1085
1086 static void gdb_process_breakpoint_remove_all(GDBProcess *p)
1087 {
1088 CPUState *cpu = get_first_cpu_in_process(p);
1089
1090 while (cpu) {
1091 gdb_cpu_breakpoint_remove_all(cpu);
1092 cpu = gdb_next_cpu_in_process(cpu);
1093 }
1094 }
1095
1096 static void gdb_breakpoint_remove_all(void)
1097 {
1098 CPUState *cpu;
1099
1100 if (kvm_enabled()) {
1101 kvm_remove_all_breakpoints(gdbserver_state.c_cpu);
1102 return;
1103 }
1104
1105 CPU_FOREACH(cpu) {
1106 gdb_cpu_breakpoint_remove_all(cpu);
1107 }
1108 }
1109
1110 static void gdb_set_cpu_pc(target_ulong pc)
1111 {
1112 CPUState *cpu = gdbserver_state.c_cpu;
1113
1114 cpu_synchronize_state(cpu);
1115 cpu_set_pc(cpu, pc);
1116 }
1117
1118 static void gdb_append_thread_id(CPUState *cpu, GString *buf)
1119 {
1120 if (gdbserver_state.multiprocess) {
1121 g_string_append_printf(buf, "p%02x.%02x",
1122 gdb_get_cpu_pid(cpu), cpu_gdb_index(cpu));
1123 } else {
1124 g_string_append_printf(buf, "%02x", cpu_gdb_index(cpu));
1125 }
1126 }
1127
1128 typedef enum GDBThreadIdKind {
1129 GDB_ONE_THREAD = 0,
1130 GDB_ALL_THREADS, /* One process, all threads */
1131 GDB_ALL_PROCESSES,
1132 GDB_READ_THREAD_ERR
1133 } GDBThreadIdKind;
1134
1135 static GDBThreadIdKind read_thread_id(const char *buf, const char **end_buf,
1136 uint32_t *pid, uint32_t *tid)
1137 {
1138 unsigned long p, t;
1139 int ret;
1140
1141 if (*buf == 'p') {
1142 buf++;
1143 ret = qemu_strtoul(buf, &buf, 16, &p);
1144
1145 if (ret) {
1146 return GDB_READ_THREAD_ERR;
1147 }
1148
1149 /* Skip '.' */
1150 buf++;
1151 } else {
1152 p = 1;
1153 }
1154
1155 ret = qemu_strtoul(buf, &buf, 16, &t);
1156
1157 if (ret) {
1158 return GDB_READ_THREAD_ERR;
1159 }
1160
1161 *end_buf = buf;
1162
1163 if (p == -1) {
1164 return GDB_ALL_PROCESSES;
1165 }
1166
1167 if (pid) {
1168 *pid = p;
1169 }
1170
1171 if (t == -1) {
1172 return GDB_ALL_THREADS;
1173 }
1174
1175 if (tid) {
1176 *tid = t;
1177 }
1178
1179 return GDB_ONE_THREAD;
1180 }
1181
1182 /**
1183 * gdb_handle_vcont - Parses and handles a vCont packet.
1184 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
1185 * a format error, 0 on success.
1186 */
1187 static int gdb_handle_vcont(const char *p)
1188 {
1189 int res, signal = 0;
1190 char cur_action;
1191 char *newstates;
1192 unsigned long tmp;
1193 uint32_t pid, tid;
1194 GDBProcess *process;
1195 CPUState *cpu;
1196 GDBThreadIdKind kind;
1197 #ifdef CONFIG_USER_ONLY
1198 int max_cpus = 1; /* global variable max_cpus exists only in system mode */
1199
1200 CPU_FOREACH(cpu) {
1201 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus;
1202 }
1203 #else
1204 MachineState *ms = MACHINE(qdev_get_machine());
1205 unsigned int max_cpus = ms->smp.max_cpus;
1206 #endif
1207 /* uninitialised CPUs stay 0 */
1208 newstates = g_new0(char, max_cpus);
1209
1210 /* mark valid CPUs with 1 */
1211 CPU_FOREACH(cpu) {
1212 newstates[cpu->cpu_index] = 1;
1213 }
1214
1215 /*
1216 * res keeps track of what error we are returning, with -ENOTSUP meaning
1217 * that the command is unknown or unsupported, thus returning an empty
1218 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
1219 * or incorrect parameters passed.
1220 */
1221 res = 0;
1222 while (*p) {
1223 if (*p++ != ';') {
1224 res = -ENOTSUP;
1225 goto out;
1226 }
1227
1228 cur_action = *p++;
1229 if (cur_action == 'C' || cur_action == 'S') {
1230 cur_action = qemu_tolower(cur_action);
1231 res = qemu_strtoul(p + 1, &p, 16, &tmp);
1232 if (res) {
1233 goto out;
1234 }
1235 signal = gdb_signal_to_target(tmp);
1236 } else if (cur_action != 'c' && cur_action != 's') {
1237 /* unknown/invalid/unsupported command */
1238 res = -ENOTSUP;
1239 goto out;
1240 }
1241
1242 if (*p == '\0' || *p == ';') {
1243 /*
1244 * No thread specifier, action is on "all threads". The
1245 * specification is unclear regarding the process to act on. We
1246 * choose all processes.
1247 */
1248 kind = GDB_ALL_PROCESSES;
1249 } else if (*p++ == ':') {
1250 kind = read_thread_id(p, &p, &pid, &tid);
1251 } else {
1252 res = -ENOTSUP;
1253 goto out;
1254 }
1255
1256 switch (kind) {
1257 case GDB_READ_THREAD_ERR:
1258 res = -EINVAL;
1259 goto out;
1260
1261 case GDB_ALL_PROCESSES:
1262 cpu = gdb_first_attached_cpu();
1263 while (cpu) {
1264 if (newstates[cpu->cpu_index] == 1) {
1265 newstates[cpu->cpu_index] = cur_action;
1266 }
1267
1268 cpu = gdb_next_attached_cpu(cpu);
1269 }
1270 break;
1271
1272 case GDB_ALL_THREADS:
1273 process = gdb_get_process(pid);
1274
1275 if (!process->attached) {
1276 res = -EINVAL;
1277 goto out;
1278 }
1279
1280 cpu = get_first_cpu_in_process(process);
1281 while (cpu) {
1282 if (newstates[cpu->cpu_index] == 1) {
1283 newstates[cpu->cpu_index] = cur_action;
1284 }
1285
1286 cpu = gdb_next_cpu_in_process(cpu);
1287 }
1288 break;
1289
1290 case GDB_ONE_THREAD:
1291 cpu = gdb_get_cpu(pid, tid);
1292
1293 /* invalid CPU/thread specified */
1294 if (!cpu) {
1295 res = -EINVAL;
1296 goto out;
1297 }
1298
1299 /* only use if no previous match occourred */
1300 if (newstates[cpu->cpu_index] == 1) {
1301 newstates[cpu->cpu_index] = cur_action;
1302 }
1303 break;
1304 }
1305 }
1306 gdbserver_state.signal = signal;
1307 gdb_continue_partial(newstates);
1308
1309 out:
1310 g_free(newstates);
1311
1312 return res;
1313 }
1314
1315 typedef union GdbCmdVariant {
1316 const char *data;
1317 uint8_t opcode;
1318 unsigned long val_ul;
1319 unsigned long long val_ull;
1320 struct {
1321 GDBThreadIdKind kind;
1322 uint32_t pid;
1323 uint32_t tid;
1324 } thread_id;
1325 } GdbCmdVariant;
1326
1327 static const char *cmd_next_param(const char *param, const char delimiter)
1328 {
1329 static const char all_delimiters[] = ",;:=";
1330 char curr_delimiters[2] = {0};
1331 const char *delimiters;
1332
1333 if (delimiter == '?') {
1334 delimiters = all_delimiters;
1335 } else if (delimiter == '0') {
1336 return strchr(param, '\0');
1337 } else if (delimiter == '.' && *param) {
1338 return param + 1;
1339 } else {
1340 curr_delimiters[0] = delimiter;
1341 delimiters = curr_delimiters;
1342 }
1343
1344 param += strcspn(param, delimiters);
1345 if (*param) {
1346 param++;
1347 }
1348 return param;
1349 }
1350
1351 static int cmd_parse_params(const char *data, const char *schema,
1352 GdbCmdVariant *params, int *num_params)
1353 {
1354 int curr_param;
1355 const char *curr_schema, *curr_data;
1356
1357 *num_params = 0;
1358
1359 if (!schema) {
1360 return 0;
1361 }
1362
1363 curr_schema = schema;
1364 curr_param = 0;
1365 curr_data = data;
1366 while (curr_schema[0] && curr_schema[1] && *curr_data) {
1367 switch (curr_schema[0]) {
1368 case 'l':
1369 if (qemu_strtoul(curr_data, &curr_data, 16,
1370 &params[curr_param].val_ul)) {
1371 return -EINVAL;
1372 }
1373 curr_param++;
1374 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1375 break;
1376 case 'L':
1377 if (qemu_strtou64(curr_data, &curr_data, 16,
1378 (uint64_t *)&params[curr_param].val_ull)) {
1379 return -EINVAL;
1380 }
1381 curr_param++;
1382 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1383 break;
1384 case 's':
1385 params[curr_param].data = curr_data;
1386 curr_param++;
1387 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1388 break;
1389 case 'o':
1390 params[curr_param].opcode = *(uint8_t *)curr_data;
1391 curr_param++;
1392 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1393 break;
1394 case 't':
1395 params[curr_param].thread_id.kind =
1396 read_thread_id(curr_data, &curr_data,
1397 &params[curr_param].thread_id.pid,
1398 &params[curr_param].thread_id.tid);
1399 curr_param++;
1400 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1401 break;
1402 case '?':
1403 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1404 break;
1405 default:
1406 return -EINVAL;
1407 }
1408 curr_schema += 2;
1409 }
1410
1411 *num_params = curr_param;
1412 return 0;
1413 }
1414
1415 typedef struct GdbCmdContext {
1416 GdbCmdVariant *params;
1417 int num_params;
1418 } GdbCmdContext;
1419
1420 typedef void (*GdbCmdHandler)(GdbCmdContext *gdb_ctx, void *user_ctx);
1421
1422 /*
1423 * cmd_startswith -> cmd is compared using startswith
1424 *
1425 *
1426 * schema definitions:
1427 * Each schema parameter entry consists of 2 chars,
1428 * the first char represents the parameter type handling
1429 * the second char represents the delimiter for the next parameter
1430 *
1431 * Currently supported schema types:
1432 * 'l' -> unsigned long (stored in .val_ul)
1433 * 'L' -> unsigned long long (stored in .val_ull)
1434 * 's' -> string (stored in .data)
1435 * 'o' -> single char (stored in .opcode)
1436 * 't' -> thread id (stored in .thread_id)
1437 * '?' -> skip according to delimiter
1438 *
1439 * Currently supported delimiters:
1440 * '?' -> Stop at any delimiter (",;:=\0")
1441 * '0' -> Stop at "\0"
1442 * '.' -> Skip 1 char unless reached "\0"
1443 * Any other value is treated as the delimiter value itself
1444 */
1445 typedef struct GdbCmdParseEntry {
1446 GdbCmdHandler handler;
1447 const char *cmd;
1448 bool cmd_startswith;
1449 const char *schema;
1450 } GdbCmdParseEntry;
1451
1452 static inline int startswith(const char *string, const char *pattern)
1453 {
1454 return !strncmp(string, pattern, strlen(pattern));
1455 }
1456
1457 static int process_string_cmd(void *user_ctx, const char *data,
1458 const GdbCmdParseEntry *cmds, int num_cmds)
1459 {
1460 int i, schema_len, max_num_params = 0;
1461 GdbCmdContext gdb_ctx;
1462
1463 if (!cmds) {
1464 return -1;
1465 }
1466
1467 for (i = 0; i < num_cmds; i++) {
1468 const GdbCmdParseEntry *cmd = &cmds[i];
1469 g_assert(cmd->handler && cmd->cmd);
1470
1471 if ((cmd->cmd_startswith && !startswith(data, cmd->cmd)) ||
1472 (!cmd->cmd_startswith && strcmp(cmd->cmd, data))) {
1473 continue;
1474 }
1475
1476 if (cmd->schema) {
1477 schema_len = strlen(cmd->schema);
1478 if (schema_len % 2) {
1479 return -2;
1480 }
1481
1482 max_num_params = schema_len / 2;
1483 }
1484
1485 gdb_ctx.params =
1486 (GdbCmdVariant *)alloca(sizeof(*gdb_ctx.params) * max_num_params);
1487 memset(gdb_ctx.params, 0, sizeof(*gdb_ctx.params) * max_num_params);
1488
1489 if (cmd_parse_params(&data[strlen(cmd->cmd)], cmd->schema,
1490 gdb_ctx.params, &gdb_ctx.num_params)) {
1491 return -1;
1492 }
1493
1494 cmd->handler(&gdb_ctx, user_ctx);
1495 return 0;
1496 }
1497
1498 return -1;
1499 }
1500
1501 static void run_cmd_parser(const char *data, const GdbCmdParseEntry *cmd)
1502 {
1503 if (!data) {
1504 return;
1505 }
1506
1507 g_string_set_size(gdbserver_state.str_buf, 0);
1508 g_byte_array_set_size(gdbserver_state.mem_buf, 0);
1509
1510 /* In case there was an error during the command parsing we must
1511 * send a NULL packet to indicate the command is not supported */
1512 if (process_string_cmd(NULL, data, cmd, 1)) {
1513 put_packet("");
1514 }
1515 }
1516
1517 static void handle_detach(GdbCmdContext *gdb_ctx, void *user_ctx)
1518 {
1519 GDBProcess *process;
1520 uint32_t pid = 1;
1521
1522 if (gdbserver_state.multiprocess) {
1523 if (!gdb_ctx->num_params) {
1524 put_packet("E22");
1525 return;
1526 }
1527
1528 pid = gdb_ctx->params[0].val_ul;
1529 }
1530
1531 process = gdb_get_process(pid);
1532 gdb_process_breakpoint_remove_all(process);
1533 process->attached = false;
1534
1535 if (pid == gdb_get_cpu_pid(gdbserver_state.c_cpu)) {
1536 gdbserver_state.c_cpu = gdb_first_attached_cpu();
1537 }
1538
1539 if (pid == gdb_get_cpu_pid(gdbserver_state.g_cpu)) {
1540 gdbserver_state.g_cpu = gdb_first_attached_cpu();
1541 }
1542
1543 if (!gdbserver_state.c_cpu) {
1544 /* No more process attached */
1545 gdb_syscall_mode = GDB_SYS_DISABLED;
1546 gdb_continue();
1547 }
1548 put_packet("OK");
1549 }
1550
1551 static void handle_thread_alive(GdbCmdContext *gdb_ctx, void *user_ctx)
1552 {
1553 CPUState *cpu;
1554
1555 if (!gdb_ctx->num_params) {
1556 put_packet("E22");
1557 return;
1558 }
1559
1560 if (gdb_ctx->params[0].thread_id.kind == GDB_READ_THREAD_ERR) {
1561 put_packet("E22");
1562 return;
1563 }
1564
1565 cpu = gdb_get_cpu(gdb_ctx->params[0].thread_id.pid,
1566 gdb_ctx->params[0].thread_id.tid);
1567 if (!cpu) {
1568 put_packet("E22");
1569 return;
1570 }
1571
1572 put_packet("OK");
1573 }
1574
1575 static void handle_continue(GdbCmdContext *gdb_ctx, void *user_ctx)
1576 {
1577 if (gdb_ctx->num_params) {
1578 gdb_set_cpu_pc(gdb_ctx->params[0].val_ull);
1579 }
1580
1581 gdbserver_state.signal = 0;
1582 gdb_continue();
1583 }
1584
1585 static void handle_cont_with_sig(GdbCmdContext *gdb_ctx, void *user_ctx)
1586 {
1587 unsigned long signal = 0;
1588
1589 /*
1590 * Note: C sig;[addr] is currently unsupported and we simply
1591 * omit the addr parameter
1592 */
1593 if (gdb_ctx->num_params) {
1594 signal = gdb_ctx->params[0].val_ul;
1595 }
1596
1597 gdbserver_state.signal = gdb_signal_to_target(signal);
1598 if (gdbserver_state.signal == -1) {
1599 gdbserver_state.signal = 0;
1600 }
1601 gdb_continue();
1602 }
1603
1604 static void handle_set_thread(GdbCmdContext *gdb_ctx, void *user_ctx)
1605 {
1606 CPUState *cpu;
1607
1608 if (gdb_ctx->num_params != 2) {
1609 put_packet("E22");
1610 return;
1611 }
1612
1613 if (gdb_ctx->params[1].thread_id.kind == GDB_READ_THREAD_ERR) {
1614 put_packet("E22");
1615 return;
1616 }
1617
1618 if (gdb_ctx->params[1].thread_id.kind != GDB_ONE_THREAD) {
1619 put_packet("OK");
1620 return;
1621 }
1622
1623 cpu = gdb_get_cpu(gdb_ctx->params[1].thread_id.pid,
1624 gdb_ctx->params[1].thread_id.tid);
1625 if (!cpu) {
1626 put_packet("E22");
1627 return;
1628 }
1629
1630 /*
1631 * Note: This command is deprecated and modern gdb's will be using the
1632 * vCont command instead.
1633 */
1634 switch (gdb_ctx->params[0].opcode) {
1635 case 'c':
1636 gdbserver_state.c_cpu = cpu;
1637 put_packet("OK");
1638 break;
1639 case 'g':
1640 gdbserver_state.g_cpu = cpu;
1641 put_packet("OK");
1642 break;
1643 default:
1644 put_packet("E22");
1645 break;
1646 }
1647 }
1648
1649 static void handle_insert_bp(GdbCmdContext *gdb_ctx, void *user_ctx)
1650 {
1651 int res;
1652
1653 if (gdb_ctx->num_params != 3) {
1654 put_packet("E22");
1655 return;
1656 }
1657
1658 res = gdb_breakpoint_insert(gdb_ctx->params[0].val_ul,
1659 gdb_ctx->params[1].val_ull,
1660 gdb_ctx->params[2].val_ull);
1661 if (res >= 0) {
1662 put_packet("OK");
1663 return;
1664 } else if (res == -ENOSYS) {
1665 put_packet("");
1666 return;
1667 }
1668
1669 put_packet("E22");
1670 }
1671
1672 static void handle_remove_bp(GdbCmdContext *gdb_ctx, void *user_ctx)
1673 {
1674 int res;
1675
1676 if (gdb_ctx->num_params != 3) {
1677 put_packet("E22");
1678 return;
1679 }
1680
1681 res = gdb_breakpoint_remove(gdb_ctx->params[0].val_ul,
1682 gdb_ctx->params[1].val_ull,
1683 gdb_ctx->params[2].val_ull);
1684 if (res >= 0) {
1685 put_packet("OK");
1686 return;
1687 } else if (res == -ENOSYS) {
1688 put_packet("");
1689 return;
1690 }
1691
1692 put_packet("E22");
1693 }
1694
1695 /*
1696 * handle_set/get_reg
1697 *
1698 * Older gdb are really dumb, and don't use 'G/g' if 'P/p' is available.
1699 * This works, but can be very slow. Anything new enough to understand
1700 * XML also knows how to use this properly. However to use this we
1701 * need to define a local XML file as well as be talking to a
1702 * reasonably modern gdb. Responding with an empty packet will cause
1703 * the remote gdb to fallback to older methods.
1704 */
1705
1706 static void handle_set_reg(GdbCmdContext *gdb_ctx, void *user_ctx)
1707 {
1708 int reg_size;
1709
1710 if (!gdb_has_xml) {
1711 put_packet("");
1712 return;
1713 }
1714
1715 if (gdb_ctx->num_params != 2) {
1716 put_packet("E22");
1717 return;
1718 }
1719
1720 reg_size = strlen(gdb_ctx->params[1].data) / 2;
1721 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[1].data, reg_size);
1722 gdb_write_register(gdbserver_state.g_cpu, gdbserver_state.mem_buf->data,
1723 gdb_ctx->params[0].val_ull);
1724 put_packet("OK");
1725 }
1726
1727 static void handle_get_reg(GdbCmdContext *gdb_ctx, void *user_ctx)
1728 {
1729 int reg_size;
1730
1731 if (!gdb_has_xml) {
1732 put_packet("");
1733 return;
1734 }
1735
1736 if (!gdb_ctx->num_params) {
1737 put_packet("E14");
1738 return;
1739 }
1740
1741 reg_size = gdb_read_register(gdbserver_state.g_cpu,
1742 gdbserver_state.mem_buf->data,
1743 gdb_ctx->params[0].val_ull);
1744 if (!reg_size) {
1745 put_packet("E14");
1746 return;
1747 } else {
1748 g_byte_array_set_size(gdbserver_state.mem_buf, reg_size);
1749 }
1750
1751 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, reg_size);
1752 put_strbuf();
1753 }
1754
1755 static void handle_write_mem(GdbCmdContext *gdb_ctx, void *user_ctx)
1756 {
1757 if (gdb_ctx->num_params != 3) {
1758 put_packet("E22");
1759 return;
1760 }
1761
1762 /* hextomem() reads 2*len bytes */
1763 if (gdb_ctx->params[1].val_ull > strlen(gdb_ctx->params[2].data) / 2) {
1764 put_packet("E22");
1765 return;
1766 }
1767
1768 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[2].data,
1769 gdb_ctx->params[1].val_ull);
1770 if (target_memory_rw_debug(gdbserver_state.g_cpu, gdb_ctx->params[0].val_ull,
1771 gdbserver_state.mem_buf->data,
1772 gdbserver_state.mem_buf->len, true)) {
1773 put_packet("E14");
1774 return;
1775 }
1776
1777 put_packet("OK");
1778 }
1779
1780 static void handle_read_mem(GdbCmdContext *gdb_ctx, void *user_ctx)
1781 {
1782 if (gdb_ctx->num_params != 2) {
1783 put_packet("E22");
1784 return;
1785 }
1786
1787 /* memtohex() doubles the required space */
1788 if (gdb_ctx->params[1].val_ull > MAX_PACKET_LENGTH / 2) {
1789 put_packet("E22");
1790 return;
1791 }
1792
1793 g_byte_array_set_size(gdbserver_state.mem_buf, gdb_ctx->params[1].val_ull);
1794
1795 if (target_memory_rw_debug(gdbserver_state.g_cpu, gdb_ctx->params[0].val_ull,
1796 gdbserver_state.mem_buf->data,
1797 gdbserver_state.mem_buf->len, false)) {
1798 put_packet("E14");
1799 return;
1800 }
1801
1802 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data,
1803 gdbserver_state.mem_buf->len);
1804 put_strbuf();
1805 }
1806
1807 static void handle_write_all_regs(GdbCmdContext *gdb_ctx, void *user_ctx)
1808 {
1809 target_ulong addr, len;
1810 uint8_t *registers;
1811 int reg_size;
1812
1813 if (!gdb_ctx->num_params) {
1814 return;
1815 }
1816
1817 cpu_synchronize_state(gdbserver_state.g_cpu);
1818 len = strlen(gdb_ctx->params[0].data) / 2;
1819 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[0].data, len);
1820 registers = gdbserver_state.mem_buf->data;
1821 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs && len > 0;
1822 addr++) {
1823 reg_size = gdb_write_register(gdbserver_state.g_cpu, registers, addr);
1824 len -= reg_size;
1825 registers += reg_size;
1826 }
1827 put_packet("OK");
1828 }
1829
1830 static void handle_read_all_regs(GdbCmdContext *gdb_ctx, void *user_ctx)
1831 {
1832 target_ulong addr, len;
1833
1834 cpu_synchronize_state(gdbserver_state.g_cpu);
1835 len = 0;
1836 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs; addr++) {
1837 len += gdb_read_register(gdbserver_state.g_cpu,
1838 gdbserver_state.mem_buf->data + len,
1839 addr);
1840 }
1841 /* FIXME: This is after the fact sizing */
1842 g_byte_array_set_size(gdbserver_state.mem_buf, len);
1843
1844 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, len);
1845 put_strbuf();
1846 }
1847
1848 static void handle_file_io(GdbCmdContext *gdb_ctx, void *user_ctx)
1849 {
1850 if (gdb_ctx->num_params >= 1 && gdbserver_state.current_syscall_cb) {
1851 target_ulong ret, err;
1852
1853 ret = (target_ulong)gdb_ctx->params[0].val_ull;
1854 if (gdb_ctx->num_params >= 2) {
1855 err = (target_ulong)gdb_ctx->params[1].val_ull;
1856 } else {
1857 err = 0;
1858 }
1859 gdbserver_state.current_syscall_cb(gdbserver_state.c_cpu, ret, err);
1860 gdbserver_state.current_syscall_cb = NULL;
1861 }
1862
1863 if (gdb_ctx->num_params >= 3 && gdb_ctx->params[2].opcode == (uint8_t)'C') {
1864 put_packet("T02");
1865 return;
1866 }
1867
1868 gdb_continue();
1869 }
1870
1871 static void handle_step(GdbCmdContext *gdb_ctx, void *user_ctx)
1872 {
1873 if (gdb_ctx->num_params) {
1874 gdb_set_cpu_pc((target_ulong)gdb_ctx->params[0].val_ull);
1875 }
1876
1877 cpu_single_step(gdbserver_state.c_cpu, sstep_flags);
1878 gdb_continue();
1879 }
1880
1881 static void handle_v_cont_query(GdbCmdContext *gdb_ctx, void *user_ctx)
1882 {
1883 put_packet("vCont;c;C;s;S");
1884 }
1885
1886 static void handle_v_cont(GdbCmdContext *gdb_ctx, void *user_ctx)
1887 {
1888 int res;
1889
1890 if (!gdb_ctx->num_params) {
1891 return;
1892 }
1893
1894 res = gdb_handle_vcont(gdb_ctx->params[0].data);
1895 if ((res == -EINVAL) || (res == -ERANGE)) {
1896 put_packet("E22");
1897 } else if (res) {
1898 put_packet("");
1899 }
1900 }
1901
1902 static void handle_v_attach(GdbCmdContext *gdb_ctx, void *user_ctx)
1903 {
1904 GDBProcess *process;
1905 CPUState *cpu;
1906
1907 g_string_assign(gdbserver_state.str_buf, "E22");
1908 if (!gdb_ctx->num_params) {
1909 goto cleanup;
1910 }
1911
1912 process = gdb_get_process(gdb_ctx->params[0].val_ul);
1913 if (!process) {
1914 goto cleanup;
1915 }
1916
1917 cpu = get_first_cpu_in_process(process);
1918 if (!cpu) {
1919 goto cleanup;
1920 }
1921
1922 process->attached = true;
1923 gdbserver_state.g_cpu = cpu;
1924 gdbserver_state.c_cpu = cpu;
1925
1926 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
1927 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
1928 g_string_append_c(gdbserver_state.str_buf, ';');
1929 cleanup:
1930 put_strbuf();
1931 }
1932
1933 static void handle_v_kill(GdbCmdContext *gdb_ctx, void *user_ctx)
1934 {
1935 /* Kill the target */
1936 put_packet("OK");
1937 error_report("QEMU: Terminated via GDBstub");
1938 exit(0);
1939 }
1940
1941 static GdbCmdParseEntry gdb_v_commands_table[] = {
1942 /* Order is important if has same prefix */
1943 {
1944 .handler = handle_v_cont_query,
1945 .cmd = "Cont?",
1946 .cmd_startswith = 1
1947 },
1948 {
1949 .handler = handle_v_cont,
1950 .cmd = "Cont",
1951 .cmd_startswith = 1,
1952 .schema = "s0"
1953 },
1954 {
1955 .handler = handle_v_attach,
1956 .cmd = "Attach;",
1957 .cmd_startswith = 1,
1958 .schema = "l0"
1959 },
1960 {
1961 .handler = handle_v_kill,
1962 .cmd = "Kill;",
1963 .cmd_startswith = 1
1964 },
1965 };
1966
1967 static void handle_v_commands(GdbCmdContext *gdb_ctx, void *user_ctx)
1968 {
1969 if (!gdb_ctx->num_params) {
1970 return;
1971 }
1972
1973 if (process_string_cmd(NULL, gdb_ctx->params[0].data,
1974 gdb_v_commands_table,
1975 ARRAY_SIZE(gdb_v_commands_table))) {
1976 put_packet("");
1977 }
1978 }
1979
1980 static void handle_query_qemu_sstepbits(GdbCmdContext *gdb_ctx, void *user_ctx)
1981 {
1982 g_string_printf(gdbserver_state.str_buf, "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1983 SSTEP_ENABLE, SSTEP_NOIRQ, SSTEP_NOTIMER);
1984 put_strbuf();
1985 }
1986
1987 static void handle_set_qemu_sstep(GdbCmdContext *gdb_ctx, void *user_ctx)
1988 {
1989 if (!gdb_ctx->num_params) {
1990 return;
1991 }
1992
1993 sstep_flags = gdb_ctx->params[0].val_ul;
1994 put_packet("OK");
1995 }
1996
1997 static void handle_query_qemu_sstep(GdbCmdContext *gdb_ctx, void *user_ctx)
1998 {
1999 g_string_printf(gdbserver_state.str_buf, "0x%x", sstep_flags);
2000 put_strbuf();
2001 }
2002
2003 static void handle_query_curr_tid(GdbCmdContext *gdb_ctx, void *user_ctx)
2004 {
2005 CPUState *cpu;
2006 GDBProcess *process;
2007
2008 /*
2009 * "Current thread" remains vague in the spec, so always return
2010 * the first thread of the current process (gdb returns the
2011 * first thread).
2012 */
2013 process = gdb_get_cpu_process(gdbserver_state.g_cpu);
2014 cpu = get_first_cpu_in_process(process);
2015 g_string_assign(gdbserver_state.str_buf, "QC");
2016 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
2017 put_strbuf();
2018 }
2019
2020 static void handle_query_threads(GdbCmdContext *gdb_ctx, void *user_ctx)
2021 {
2022 if (!gdbserver_state.query_cpu) {
2023 put_packet("l");
2024 return;
2025 }
2026
2027 g_string_assign(gdbserver_state.str_buf, "m");
2028 gdb_append_thread_id(gdbserver_state.query_cpu, gdbserver_state.str_buf);
2029 put_strbuf();
2030 gdbserver_state.query_cpu = gdb_next_attached_cpu(gdbserver_state.query_cpu);
2031 }
2032
2033 static void handle_query_first_threads(GdbCmdContext *gdb_ctx, void *user_ctx)
2034 {
2035 gdbserver_state.query_cpu = gdb_first_attached_cpu();
2036 handle_query_threads(gdb_ctx, user_ctx);
2037 }
2038
2039 static void handle_query_thread_extra(GdbCmdContext *gdb_ctx, void *user_ctx)
2040 {
2041 g_autoptr(GString) rs = g_string_new(NULL);
2042 CPUState *cpu;
2043
2044 if (!gdb_ctx->num_params ||
2045 gdb_ctx->params[0].thread_id.kind == GDB_READ_THREAD_ERR) {
2046 put_packet("E22");
2047 return;
2048 }
2049
2050 cpu = gdb_get_cpu(gdb_ctx->params[0].thread_id.pid,
2051 gdb_ctx->params[0].thread_id.tid);
2052 if (!cpu) {
2053 return;
2054 }
2055
2056 cpu_synchronize_state(cpu);
2057
2058 if (gdbserver_state.multiprocess && (gdbserver_state.process_num > 1)) {
2059 /* Print the CPU model and name in multiprocess mode */
2060 ObjectClass *oc = object_get_class(OBJECT(cpu));
2061 const char *cpu_model = object_class_get_name(oc);
2062 g_autofree char *cpu_name;
2063 cpu_name = object_get_canonical_path_component(OBJECT(cpu));
2064 g_string_printf(rs, "%s %s [%s]", cpu_model, cpu_name,
2065 cpu->halted ? "halted " : "running");
2066 } else {
2067 g_string_printf(rs, "CPU#%d [%s]", cpu->cpu_index,
2068 cpu->halted ? "halted " : "running");
2069 }
2070 trace_gdbstub_op_extra_info(rs->str);
2071 memtohex(gdbserver_state.str_buf, (uint8_t *)rs->str, rs->len);
2072 put_strbuf();
2073 }
2074
2075 #ifdef CONFIG_USER_ONLY
2076 static void handle_query_offsets(GdbCmdContext *gdb_ctx, void *user_ctx)
2077 {
2078 TaskState *ts;
2079
2080 ts = gdbserver_state.c_cpu->opaque;
2081 g_string_printf(gdbserver_state.str_buf,
2082 "Text=" TARGET_ABI_FMT_lx
2083 ";Data=" TARGET_ABI_FMT_lx
2084 ";Bss=" TARGET_ABI_FMT_lx,
2085 ts->info->code_offset,
2086 ts->info->data_offset,
2087 ts->info->data_offset);
2088 put_strbuf();
2089 }
2090 #else
2091 static void handle_query_rcmd(GdbCmdContext *gdb_ctx, void *user_ctx)
2092 {
2093 const guint8 zero = 0;
2094 int len;
2095
2096 if (!gdb_ctx->num_params) {
2097 put_packet("E22");
2098 return;
2099 }
2100
2101 len = strlen(gdb_ctx->params[0].data);
2102 if (len % 2) {
2103 put_packet("E01");
2104 return;
2105 }
2106
2107 g_assert(gdbserver_state.mem_buf->len == 0);
2108 len = len / 2;
2109 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[0].data, len);
2110 g_byte_array_append(gdbserver_state.mem_buf, &zero, 1);
2111 qemu_chr_be_write(gdbserver_state.mon_chr, gdbserver_state.mem_buf->data,
2112 gdbserver_state.mem_buf->len);
2113 put_packet("OK");
2114 }
2115 #endif
2116
2117 static void handle_query_supported(GdbCmdContext *gdb_ctx, void *user_ctx)
2118 {
2119 CPUClass *cc;
2120
2121 g_string_printf(gdbserver_state.str_buf, "PacketSize=%x", MAX_PACKET_LENGTH);
2122 cc = CPU_GET_CLASS(first_cpu);
2123 if (cc->gdb_core_xml_file) {
2124 g_string_append(gdbserver_state.str_buf, ";qXfer:features:read+");
2125 }
2126
2127 if (gdb_ctx->num_params &&
2128 strstr(gdb_ctx->params[0].data, "multiprocess+")) {
2129 gdbserver_state.multiprocess = true;
2130 }
2131
2132 g_string_append(gdbserver_state.str_buf, ";multiprocess+");
2133 put_strbuf();
2134 }
2135
2136 static void handle_query_xfer_features(GdbCmdContext *gdb_ctx, void *user_ctx)
2137 {
2138 GDBProcess *process;
2139 CPUClass *cc;
2140 unsigned long len, total_len, addr;
2141 const char *xml;
2142 const char *p;
2143
2144 if (gdb_ctx->num_params < 3) {
2145 put_packet("E22");
2146 return;
2147 }
2148
2149 process = gdb_get_cpu_process(gdbserver_state.g_cpu);
2150 cc = CPU_GET_CLASS(gdbserver_state.g_cpu);
2151 if (!cc->gdb_core_xml_file) {
2152 put_packet("");
2153 return;
2154 }
2155
2156 gdb_has_xml = true;
2157 p = gdb_ctx->params[0].data;
2158 xml = get_feature_xml(p, &p, process);
2159 if (!xml) {
2160 put_packet("E00");
2161 return;
2162 }
2163
2164 addr = gdb_ctx->params[1].val_ul;
2165 len = gdb_ctx->params[2].val_ul;
2166 total_len = strlen(xml);
2167 if (addr > total_len) {
2168 put_packet("E00");
2169 return;
2170 }
2171
2172 if (len > (MAX_PACKET_LENGTH - 5) / 2) {
2173 len = (MAX_PACKET_LENGTH - 5) / 2;
2174 }
2175
2176 if (len < total_len - addr) {
2177 g_string_assign(gdbserver_state.str_buf, "m");
2178 memtox(gdbserver_state.str_buf, xml + addr, len);
2179 } else {
2180 g_string_assign(gdbserver_state.str_buf, "l");
2181 memtox(gdbserver_state.str_buf, xml + addr, total_len - addr);
2182 }
2183
2184 put_packet_binary(gdbserver_state.str_buf->str,
2185 gdbserver_state.str_buf->len, true);
2186 }
2187
2188 static void handle_query_attached(GdbCmdContext *gdb_ctx, void *user_ctx)
2189 {
2190 put_packet(GDB_ATTACHED);
2191 }
2192
2193 static void handle_query_qemu_supported(GdbCmdContext *gdb_ctx, void *user_ctx)
2194 {
2195 g_string_printf(gdbserver_state.str_buf, "sstepbits;sstep");
2196 #ifndef CONFIG_USER_ONLY
2197 g_string_append(gdbserver_state.str_buf, ";PhyMemMode");
2198 #endif
2199 put_strbuf();
2200 }
2201
2202 #ifndef CONFIG_USER_ONLY
2203 static void handle_query_qemu_phy_mem_mode(GdbCmdContext *gdb_ctx,
2204 void *user_ctx)
2205 {
2206 g_string_printf(gdbserver_state.str_buf, "%d", phy_memory_mode);
2207 put_strbuf();
2208 }
2209
2210 static void handle_set_qemu_phy_mem_mode(GdbCmdContext *gdb_ctx, void *user_ctx)
2211 {
2212 if (!gdb_ctx->num_params) {
2213 put_packet("E22");
2214 return;
2215 }
2216
2217 if (!gdb_ctx->params[0].val_ul) {
2218 phy_memory_mode = 0;
2219 } else {
2220 phy_memory_mode = 1;
2221 }
2222 put_packet("OK");
2223 }
2224 #endif
2225
2226 static GdbCmdParseEntry gdb_gen_query_set_common_table[] = {
2227 /* Order is important if has same prefix */
2228 {
2229 .handler = handle_query_qemu_sstepbits,
2230 .cmd = "qemu.sstepbits",
2231 },
2232 {
2233 .handler = handle_query_qemu_sstep,
2234 .cmd = "qemu.sstep",
2235 },
2236 {
2237 .handler = handle_set_qemu_sstep,
2238 .cmd = "qemu.sstep=",
2239 .cmd_startswith = 1,
2240 .schema = "l0"
2241 },
2242 };
2243
2244 static GdbCmdParseEntry gdb_gen_query_table[] = {
2245 {
2246 .handler = handle_query_curr_tid,
2247 .cmd = "C",
2248 },
2249 {
2250 .handler = handle_query_threads,
2251 .cmd = "sThreadInfo",
2252 },
2253 {
2254 .handler = handle_query_first_threads,
2255 .cmd = "fThreadInfo",
2256 },
2257 {
2258 .handler = handle_query_thread_extra,
2259 .cmd = "ThreadExtraInfo,",
2260 .cmd_startswith = 1,
2261 .schema = "t0"
2262 },
2263 #ifdef CONFIG_USER_ONLY
2264 {
2265 .handler = handle_query_offsets,
2266 .cmd = "Offsets",
2267 },
2268 #else
2269 {
2270 .handler = handle_query_rcmd,
2271 .cmd = "Rcmd,",
2272 .cmd_startswith = 1,
2273 .schema = "s0"
2274 },
2275 #endif
2276 {
2277 .handler = handle_query_supported,
2278 .cmd = "Supported:",
2279 .cmd_startswith = 1,
2280 .schema = "s0"
2281 },
2282 {
2283 .handler = handle_query_supported,
2284 .cmd = "Supported",
2285 .schema = "s0"
2286 },
2287 {
2288 .handler = handle_query_xfer_features,
2289 .cmd = "Xfer:features:read:",
2290 .cmd_startswith = 1,
2291 .schema = "s:l,l0"
2292 },
2293 {
2294 .handler = handle_query_attached,
2295 .cmd = "Attached:",
2296 .cmd_startswith = 1
2297 },
2298 {
2299 .handler = handle_query_attached,
2300 .cmd = "Attached",
2301 },
2302 {
2303 .handler = handle_query_qemu_supported,
2304 .cmd = "qemu.Supported",
2305 },
2306 #ifndef CONFIG_USER_ONLY
2307 {
2308 .handler = handle_query_qemu_phy_mem_mode,
2309 .cmd = "qemu.PhyMemMode",
2310 },
2311 #endif
2312 };
2313
2314 static GdbCmdParseEntry gdb_gen_set_table[] = {
2315 /* Order is important if has same prefix */
2316 {
2317 .handler = handle_set_qemu_sstep,
2318 .cmd = "qemu.sstep:",
2319 .cmd_startswith = 1,
2320 .schema = "l0"
2321 },
2322 #ifndef CONFIG_USER_ONLY
2323 {
2324 .handler = handle_set_qemu_phy_mem_mode,
2325 .cmd = "qemu.PhyMemMode:",
2326 .cmd_startswith = 1,
2327 .schema = "l0"
2328 },
2329 #endif
2330 };
2331
2332 static void handle_gen_query(GdbCmdContext *gdb_ctx, void *user_ctx)
2333 {
2334 if (!gdb_ctx->num_params) {
2335 return;
2336 }
2337
2338 if (!process_string_cmd(NULL, gdb_ctx->params[0].data,
2339 gdb_gen_query_set_common_table,
2340 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2341 return;
2342 }
2343
2344 if (process_string_cmd(NULL, gdb_ctx->params[0].data,
2345 gdb_gen_query_table,
2346 ARRAY_SIZE(gdb_gen_query_table))) {
2347 put_packet("");
2348 }
2349 }
2350
2351 static void handle_gen_set(GdbCmdContext *gdb_ctx, void *user_ctx)
2352 {
2353 if (!gdb_ctx->num_params) {
2354 return;
2355 }
2356
2357 if (!process_string_cmd(NULL, gdb_ctx->params[0].data,
2358 gdb_gen_query_set_common_table,
2359 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2360 return;
2361 }
2362
2363 if (process_string_cmd(NULL, gdb_ctx->params[0].data,
2364 gdb_gen_set_table,
2365 ARRAY_SIZE(gdb_gen_set_table))) {
2366 put_packet("");
2367 }
2368 }
2369
2370 static void handle_target_halt(GdbCmdContext *gdb_ctx, void *user_ctx)
2371 {
2372 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
2373 gdb_append_thread_id(gdbserver_state.c_cpu, gdbserver_state.str_buf);
2374 g_string_append_c(gdbserver_state.str_buf, ';');
2375 put_strbuf();
2376 /*
2377 * Remove all the breakpoints when this query is issued,
2378 * because gdb is doing an initial connect and the state
2379 * should be cleaned up.
2380 */
2381 gdb_breakpoint_remove_all();
2382 }
2383
2384 static int gdb_handle_packet(const char *line_buf)
2385 {
2386 const GdbCmdParseEntry *cmd_parser = NULL;
2387
2388 trace_gdbstub_io_command(line_buf);
2389
2390 switch (line_buf[0]) {
2391 case '!':
2392 put_packet("OK");
2393 break;
2394 case '?':
2395 {
2396 static const GdbCmdParseEntry target_halted_cmd_desc = {
2397 .handler = handle_target_halt,
2398 .cmd = "?",
2399 .cmd_startswith = 1
2400 };
2401 cmd_parser = &target_halted_cmd_desc;
2402 }
2403 break;
2404 case 'c':
2405 {
2406 static const GdbCmdParseEntry continue_cmd_desc = {
2407 .handler = handle_continue,
2408 .cmd = "c",
2409 .cmd_startswith = 1,
2410 .schema = "L0"
2411 };
2412 cmd_parser = &continue_cmd_desc;
2413 }
2414 break;
2415 case 'C':
2416 {
2417 static const GdbCmdParseEntry cont_with_sig_cmd_desc = {
2418 .handler = handle_cont_with_sig,
2419 .cmd = "C",
2420 .cmd_startswith = 1,
2421 .schema = "l0"
2422 };
2423 cmd_parser = &cont_with_sig_cmd_desc;
2424 }
2425 break;
2426 case 'v':
2427 {
2428 static const GdbCmdParseEntry v_cmd_desc = {
2429 .handler = handle_v_commands,
2430 .cmd = "v",
2431 .cmd_startswith = 1,
2432 .schema = "s0"
2433 };
2434 cmd_parser = &v_cmd_desc;
2435 }
2436 break;
2437 case 'k':
2438 /* Kill the target */
2439 error_report("QEMU: Terminated via GDBstub");
2440 exit(0);
2441 case 'D':
2442 {
2443 static const GdbCmdParseEntry detach_cmd_desc = {
2444 .handler = handle_detach,
2445 .cmd = "D",
2446 .cmd_startswith = 1,
2447 .schema = "?.l0"
2448 };
2449 cmd_parser = &detach_cmd_desc;
2450 }
2451 break;
2452 case 's':
2453 {
2454 static const GdbCmdParseEntry step_cmd_desc = {
2455 .handler = handle_step,
2456 .cmd = "s",
2457 .cmd_startswith = 1,
2458 .schema = "L0"
2459 };
2460 cmd_parser = &step_cmd_desc;
2461 }
2462 break;
2463 case 'F':
2464 {
2465 static const GdbCmdParseEntry file_io_cmd_desc = {
2466 .handler = handle_file_io,
2467 .cmd = "F",
2468 .cmd_startswith = 1,
2469 .schema = "L,L,o0"
2470 };
2471 cmd_parser = &file_io_cmd_desc;
2472 }
2473 break;
2474 case 'g':
2475 {
2476 static const GdbCmdParseEntry read_all_regs_cmd_desc = {
2477 .handler = handle_read_all_regs,
2478 .cmd = "g",
2479 .cmd_startswith = 1
2480 };
2481 cmd_parser = &read_all_regs_cmd_desc;
2482 }
2483 break;
2484 case 'G':
2485 {
2486 static const GdbCmdParseEntry write_all_regs_cmd_desc = {
2487 .handler = handle_write_all_regs,
2488 .cmd = "G",
2489 .cmd_startswith = 1,
2490 .schema = "s0"
2491 };
2492 cmd_parser = &write_all_regs_cmd_desc;
2493 }
2494 break;
2495 case 'm':
2496 {
2497 static const GdbCmdParseEntry read_mem_cmd_desc = {
2498 .handler = handle_read_mem,
2499 .cmd = "m",
2500 .cmd_startswith = 1,
2501 .schema = "L,L0"
2502 };
2503 cmd_parser = &read_mem_cmd_desc;
2504 }
2505 break;
2506 case 'M':
2507 {
2508 static const GdbCmdParseEntry write_mem_cmd_desc = {
2509 .handler = handle_write_mem,
2510 .cmd = "M",
2511 .cmd_startswith = 1,
2512 .schema = "L,L:s0"
2513 };
2514 cmd_parser = &write_mem_cmd_desc;
2515 }
2516 break;
2517 case 'p':
2518 {
2519 static const GdbCmdParseEntry get_reg_cmd_desc = {
2520 .handler = handle_get_reg,
2521 .cmd = "p",
2522 .cmd_startswith = 1,
2523 .schema = "L0"
2524 };
2525 cmd_parser = &get_reg_cmd_desc;
2526 }
2527 break;
2528 case 'P':
2529 {
2530 static const GdbCmdParseEntry set_reg_cmd_desc = {
2531 .handler = handle_set_reg,
2532 .cmd = "P",
2533 .cmd_startswith = 1,
2534 .schema = "L?s0"
2535 };
2536 cmd_parser = &set_reg_cmd_desc;
2537 }
2538 break;
2539 case 'Z':
2540 {
2541 static const GdbCmdParseEntry insert_bp_cmd_desc = {
2542 .handler = handle_insert_bp,
2543 .cmd = "Z",
2544 .cmd_startswith = 1,
2545 .schema = "l?L?L0"
2546 };
2547 cmd_parser = &insert_bp_cmd_desc;
2548 }
2549 break;
2550 case 'z':
2551 {
2552 static const GdbCmdParseEntry remove_bp_cmd_desc = {
2553 .handler = handle_remove_bp,
2554 .cmd = "z",
2555 .cmd_startswith = 1,
2556 .schema = "l?L?L0"
2557 };
2558 cmd_parser = &remove_bp_cmd_desc;
2559 }
2560 break;
2561 case 'H':
2562 {
2563 static const GdbCmdParseEntry set_thread_cmd_desc = {
2564 .handler = handle_set_thread,
2565 .cmd = "H",
2566 .cmd_startswith = 1,
2567 .schema = "o.t0"
2568 };
2569 cmd_parser = &set_thread_cmd_desc;
2570 }
2571 break;
2572 case 'T':
2573 {
2574 static const GdbCmdParseEntry thread_alive_cmd_desc = {
2575 .handler = handle_thread_alive,
2576 .cmd = "T",
2577 .cmd_startswith = 1,
2578 .schema = "t0"
2579 };
2580 cmd_parser = &thread_alive_cmd_desc;
2581 }
2582 break;
2583 case 'q':
2584 {
2585 static const GdbCmdParseEntry gen_query_cmd_desc = {
2586 .handler = handle_gen_query,
2587 .cmd = "q",
2588 .cmd_startswith = 1,
2589 .schema = "s0"
2590 };
2591 cmd_parser = &gen_query_cmd_desc;
2592 }
2593 break;
2594 case 'Q':
2595 {
2596 static const GdbCmdParseEntry gen_set_cmd_desc = {
2597 .handler = handle_gen_set,
2598 .cmd = "Q",
2599 .cmd_startswith = 1,
2600 .schema = "s0"
2601 };
2602 cmd_parser = &gen_set_cmd_desc;
2603 }
2604 break;
2605 default:
2606 /* put empty packet */
2607 put_packet("");
2608 break;
2609 }
2610
2611 if (cmd_parser) {
2612 run_cmd_parser(line_buf, cmd_parser);
2613 }
2614
2615 return RS_IDLE;
2616 }
2617
2618 void gdb_set_stop_cpu(CPUState *cpu)
2619 {
2620 GDBProcess *p = gdb_get_cpu_process(cpu);
2621
2622 if (!p->attached) {
2623 /*
2624 * Having a stop CPU corresponding to a process that is not attached
2625 * confuses GDB. So we ignore the request.
2626 */
2627 return;
2628 }
2629
2630 gdbserver_state.c_cpu = cpu;
2631 gdbserver_state.g_cpu = cpu;
2632 }
2633
2634 #ifndef CONFIG_USER_ONLY
2635 static void gdb_vm_state_change(void *opaque, int running, RunState state)
2636 {
2637 CPUState *cpu = gdbserver_state.c_cpu;
2638 g_autoptr(GString) buf = g_string_new(NULL);
2639 g_autoptr(GString) tid = g_string_new(NULL);
2640 const char *type;
2641 int ret;
2642
2643 if (running || gdbserver_state.state == RS_INACTIVE) {
2644 return;
2645 }
2646 /* Is there a GDB syscall waiting to be sent? */
2647 if (gdbserver_state.current_syscall_cb) {
2648 put_packet(gdbserver_state.syscall_buf);
2649 return;
2650 }
2651
2652 if (cpu == NULL) {
2653 /* No process attached */
2654 return;
2655 }
2656
2657 gdb_append_thread_id(cpu, tid);
2658
2659 switch (state) {
2660 case RUN_STATE_DEBUG:
2661 if (cpu->watchpoint_hit) {
2662 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
2663 case BP_MEM_READ:
2664 type = "r";
2665 break;
2666 case BP_MEM_ACCESS:
2667 type = "a";
2668 break;
2669 default:
2670 type = "";
2671 break;
2672 }
2673 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu),
2674 (target_ulong)cpu->watchpoint_hit->vaddr);
2675 g_string_printf(buf, "T%02xthread:%s;%swatch:" TARGET_FMT_lx ";",
2676 GDB_SIGNAL_TRAP, tid->str, type,
2677 (target_ulong)cpu->watchpoint_hit->vaddr);
2678 cpu->watchpoint_hit = NULL;
2679 goto send_packet;
2680 } else {
2681 trace_gdbstub_hit_break();
2682 }
2683 tb_flush(cpu);
2684 ret = GDB_SIGNAL_TRAP;
2685 break;
2686 case RUN_STATE_PAUSED:
2687 trace_gdbstub_hit_paused();
2688 ret = GDB_SIGNAL_INT;
2689 break;
2690 case RUN_STATE_SHUTDOWN:
2691 trace_gdbstub_hit_shutdown();
2692 ret = GDB_SIGNAL_QUIT;
2693 break;
2694 case RUN_STATE_IO_ERROR:
2695 trace_gdbstub_hit_io_error();
2696 ret = GDB_SIGNAL_IO;
2697 break;
2698 case RUN_STATE_WATCHDOG:
2699 trace_gdbstub_hit_watchdog();
2700 ret = GDB_SIGNAL_ALRM;
2701 break;
2702 case RUN_STATE_INTERNAL_ERROR:
2703 trace_gdbstub_hit_internal_error();
2704 ret = GDB_SIGNAL_ABRT;
2705 break;
2706 case RUN_STATE_SAVE_VM:
2707 case RUN_STATE_RESTORE_VM:
2708 return;
2709 case RUN_STATE_FINISH_MIGRATE:
2710 ret = GDB_SIGNAL_XCPU;
2711 break;
2712 default:
2713 trace_gdbstub_hit_unknown(state);
2714 ret = GDB_SIGNAL_UNKNOWN;
2715 break;
2716 }
2717 gdb_set_stop_cpu(cpu);
2718 g_string_printf(buf, "T%02xthread:%s;", ret, tid->str);
2719
2720 send_packet:
2721 put_packet(buf->str);
2722
2723 /* disable single step if it was enabled */
2724 cpu_single_step(cpu, 0);
2725 }
2726 #endif
2727
2728 /* Send a gdb syscall request.
2729 This accepts limited printf-style format specifiers, specifically:
2730 %x - target_ulong argument printed in hex.
2731 %lx - 64-bit argument printed in hex.
2732 %s - string pointer (target_ulong) and length (int) pair. */
2733 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
2734 {
2735 char *p;
2736 char *p_end;
2737 target_ulong addr;
2738 uint64_t i64;
2739
2740 if (!gdbserver_state.init) {
2741 return;
2742 }
2743
2744 gdbserver_state.current_syscall_cb = cb;
2745 #ifndef CONFIG_USER_ONLY
2746 vm_stop(RUN_STATE_DEBUG);
2747 #endif
2748 p = &gdbserver_state.syscall_buf[0];
2749 p_end = &gdbserver_state.syscall_buf[sizeof(gdbserver_state.syscall_buf)];
2750 *(p++) = 'F';
2751 while (*fmt) {
2752 if (*fmt == '%') {
2753 fmt++;
2754 switch (*fmt++) {
2755 case 'x':
2756 addr = va_arg(va, target_ulong);
2757 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
2758 break;
2759 case 'l':
2760 if (*(fmt++) != 'x')
2761 goto bad_format;
2762 i64 = va_arg(va, uint64_t);
2763 p += snprintf(p, p_end - p, "%" PRIx64, i64);
2764 break;
2765 case 's':
2766 addr = va_arg(va, target_ulong);
2767 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
2768 addr, va_arg(va, int));
2769 break;
2770 default:
2771 bad_format:
2772 error_report("gdbstub: Bad syscall format string '%s'",
2773 fmt - 1);
2774 break;
2775 }
2776 } else {
2777 *(p++) = *(fmt++);
2778 }
2779 }
2780 *p = 0;
2781 #ifdef CONFIG_USER_ONLY
2782 put_packet(gdbserver_state.syscall_buf);
2783 /* Return control to gdb for it to process the syscall request.
2784 * Since the protocol requires that gdb hands control back to us
2785 * using a "here are the results" F packet, we don't need to check
2786 * gdb_handlesig's return value (which is the signal to deliver if
2787 * execution was resumed via a continue packet).
2788 */
2789 gdb_handlesig(gdbserver_state.c_cpu, 0);
2790 #else
2791 /* In this case wait to send the syscall packet until notification that
2792 the CPU has stopped. This must be done because if the packet is sent
2793 now the reply from the syscall request could be received while the CPU
2794 is still in the running state, which can cause packets to be dropped
2795 and state transition 'T' packets to be sent while the syscall is still
2796 being processed. */
2797 qemu_cpu_kick(gdbserver_state.c_cpu);
2798 #endif
2799 }
2800
2801 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
2802 {
2803 va_list va;
2804
2805 va_start(va, fmt);
2806 gdb_do_syscallv(cb, fmt, va);
2807 va_end(va);
2808 }
2809
2810 static void gdb_read_byte(uint8_t ch)
2811 {
2812 uint8_t reply;
2813
2814 #ifndef CONFIG_USER_ONLY
2815 if (gdbserver_state.last_packet_len) {
2816 /* Waiting for a response to the last packet. If we see the start
2817 of a new command then abandon the previous response. */
2818 if (ch == '-') {
2819 trace_gdbstub_err_got_nack();
2820 put_buffer((uint8_t *)gdbserver_state.last_packet, gdbserver_state.last_packet_len);
2821 } else if (ch == '+') {
2822 trace_gdbstub_io_got_ack();
2823 } else {
2824 trace_gdbstub_io_got_unexpected(ch);
2825 }
2826
2827 if (ch == '+' || ch == '$')
2828 gdbserver_state.last_packet_len = 0;
2829 if (ch != '$')
2830 return;
2831 }
2832 if (runstate_is_running()) {
2833 /* when the CPU is running, we cannot do anything except stop
2834 it when receiving a char */
2835 vm_stop(RUN_STATE_PAUSED);
2836 } else
2837 #endif
2838 {
2839 switch(gdbserver_state.state) {
2840 case RS_IDLE:
2841 if (ch == '$') {
2842 /* start of command packet */
2843 gdbserver_state.line_buf_index = 0;
2844 gdbserver_state.line_sum = 0;
2845 gdbserver_state.state = RS_GETLINE;
2846 } else {
2847 trace_gdbstub_err_garbage(ch);
2848 }
2849 break;
2850 case RS_GETLINE:
2851 if (ch == '}') {
2852 /* start escape sequence */
2853 gdbserver_state.state = RS_GETLINE_ESC;
2854 gdbserver_state.line_sum += ch;
2855 } else if (ch == '*') {
2856 /* start run length encoding sequence */
2857 gdbserver_state.state = RS_GETLINE_RLE;
2858 gdbserver_state.line_sum += ch;
2859 } else if (ch == '#') {
2860 /* end of command, start of checksum*/
2861 gdbserver_state.state = RS_CHKSUM1;
2862 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
2863 trace_gdbstub_err_overrun();
2864 gdbserver_state.state = RS_IDLE;
2865 } else {
2866 /* unescaped command character */
2867 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch;
2868 gdbserver_state.line_sum += ch;
2869 }
2870 break;
2871 case RS_GETLINE_ESC:
2872 if (ch == '#') {
2873 /* unexpected end of command in escape sequence */
2874 gdbserver_state.state = RS_CHKSUM1;
2875 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
2876 /* command buffer overrun */
2877 trace_gdbstub_err_overrun();
2878 gdbserver_state.state = RS_IDLE;
2879 } else {
2880 /* parse escaped character and leave escape state */
2881 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch ^ 0x20;
2882 gdbserver_state.line_sum += ch;
2883 gdbserver_state.state = RS_GETLINE;
2884 }
2885 break;
2886 case RS_GETLINE_RLE:
2887 /*
2888 * Run-length encoding is explained in "Debugging with GDB /
2889 * Appendix E GDB Remote Serial Protocol / Overview".
2890 */
2891 if (ch < ' ' || ch == '#' || ch == '$' || ch > 126) {
2892 /* invalid RLE count encoding */
2893 trace_gdbstub_err_invalid_repeat(ch);
2894 gdbserver_state.state = RS_GETLINE;
2895 } else {
2896 /* decode repeat length */
2897 int repeat = ch - ' ' + 3;
2898 if (gdbserver_state.line_buf_index + repeat >= sizeof(gdbserver_state.line_buf) - 1) {
2899 /* that many repeats would overrun the command buffer */
2900 trace_gdbstub_err_overrun();
2901 gdbserver_state.state = RS_IDLE;
2902 } else if (gdbserver_state.line_buf_index < 1) {
2903 /* got a repeat but we have nothing to repeat */
2904 trace_gdbstub_err_invalid_rle();
2905 gdbserver_state.state = RS_GETLINE;
2906 } else {
2907 /* repeat the last character */
2908 memset(gdbserver_state.line_buf + gdbserver_state.line_buf_index,
2909 gdbserver_state.line_buf[gdbserver_state.line_buf_index - 1], repeat);
2910 gdbserver_state.line_buf_index += repeat;
2911 gdbserver_state.line_sum += ch;
2912 gdbserver_state.state = RS_GETLINE;
2913 }
2914 }
2915 break;
2916 case RS_CHKSUM1:
2917 /* get high hex digit of checksum */
2918 if (!isxdigit(ch)) {
2919 trace_gdbstub_err_checksum_invalid(ch);
2920 gdbserver_state.state = RS_GETLINE;
2921 break;
2922 }
2923 gdbserver_state.line_buf[gdbserver_state.line_buf_index] = '\0';
2924 gdbserver_state.line_csum = fromhex(ch) << 4;
2925 gdbserver_state.state = RS_CHKSUM2;
2926 break;
2927 case RS_CHKSUM2:
2928 /* get low hex digit of checksum */
2929 if (!isxdigit(ch)) {
2930 trace_gdbstub_err_checksum_invalid(ch);
2931 gdbserver_state.state = RS_GETLINE;
2932 break;
2933 }
2934 gdbserver_state.line_csum |= fromhex(ch);
2935
2936 if (gdbserver_state.line_csum != (gdbserver_state.line_sum & 0xff)) {
2937 trace_gdbstub_err_checksum_incorrect(gdbserver_state.line_sum, gdbserver_state.line_csum);
2938 /* send NAK reply */
2939 reply = '-';
2940 put_buffer(&reply, 1);
2941 gdbserver_state.state = RS_IDLE;
2942 } else {
2943 /* send ACK reply */
2944 reply = '+';
2945 put_buffer(&reply, 1);
2946 gdbserver_state.state = gdb_handle_packet(gdbserver_state.line_buf);
2947 }
2948 break;
2949 default:
2950 abort();
2951 }
2952 }
2953 }
2954
2955 /* Tell the remote gdb that the process has exited. */
2956 void gdb_exit(CPUArchState *env, int code)
2957 {
2958 char buf[4];
2959
2960 if (!gdbserver_state.init) {
2961 return;
2962 }
2963 #ifdef CONFIG_USER_ONLY
2964 if (gdbserver_fd < 0 || gdbserver_state.fd < 0) {
2965 return;
2966 }
2967 #endif
2968
2969 trace_gdbstub_op_exiting((uint8_t)code);
2970
2971 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
2972 put_packet(buf);
2973
2974 #ifndef CONFIG_USER_ONLY
2975 qemu_chr_fe_deinit(&gdbserver_state.chr, true);
2976 #endif
2977 }
2978
2979 /*
2980 * Create the process that will contain all the "orphan" CPUs (that are not
2981 * part of a CPU cluster). Note that if this process contains no CPUs, it won't
2982 * be attachable and thus will be invisible to the user.
2983 */
2984 static void create_default_process(GDBState *s)
2985 {
2986 GDBProcess *process;
2987 int max_pid = 0;
2988
2989 if (gdbserver_state.process_num) {
2990 max_pid = s->processes[s->process_num - 1].pid;
2991 }
2992
2993 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
2994 process = &s->processes[s->process_num - 1];
2995
2996 /* We need an available PID slot for this process */
2997 assert(max_pid < UINT32_MAX);
2998
2999 process->pid = max_pid + 1;
3000 process->attached = false;
3001 process->target_xml[0] = '\0';
3002 }
3003
3004 #ifdef CONFIG_USER_ONLY
3005 int
3006 gdb_handlesig(CPUState *cpu, int sig)
3007 {
3008 char buf[256];
3009 int n;
3010
3011 if (gdbserver_fd < 0 || gdbserver_state.fd < 0) {
3012 return sig;
3013 }
3014
3015 /* disable single step if it was enabled */
3016 cpu_single_step(cpu, 0);
3017 tb_flush(cpu);
3018
3019 if (sig != 0) {
3020 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
3021 put_packet(buf);
3022 }
3023 /* put_packet() might have detected that the peer terminated the
3024 connection. */
3025 if (gdbserver_state.fd < 0) {
3026 return sig;
3027 }
3028
3029 sig = 0;
3030 gdbserver_state.state = RS_IDLE;
3031 gdbserver_state.running_state = 0;
3032 while (gdbserver_state.running_state == 0) {
3033 n = read(gdbserver_state.fd, buf, 256);
3034 if (n > 0) {
3035 int i;
3036
3037 for (i = 0; i < n; i++) {
3038 gdb_read_byte(buf[i]);
3039 }
3040 } else {
3041 /* XXX: Connection closed. Should probably wait for another
3042 connection before continuing. */
3043 if (n == 0) {
3044 close(gdbserver_state.fd);
3045 }
3046 gdbserver_state.fd = -1;
3047 return sig;
3048 }
3049 }
3050 sig = gdbserver_state.signal;
3051 gdbserver_state.signal = 0;
3052 return sig;
3053 }
3054
3055 /* Tell the remote gdb that the process has exited due to SIG. */
3056 void gdb_signalled(CPUArchState *env, int sig)
3057 {
3058 char buf[4];
3059
3060 if (gdbserver_fd < 0 || gdbserver_state.fd < 0) {
3061 return;
3062 }
3063
3064 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
3065 put_packet(buf);
3066 }
3067
3068 static bool gdb_accept(void)
3069 {
3070 struct sockaddr_in sockaddr;
3071 socklen_t len;
3072 int fd;
3073
3074 for(;;) {
3075 len = sizeof(sockaddr);
3076 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
3077 if (fd < 0 && errno != EINTR) {
3078 perror("accept");
3079 return false;
3080 } else if (fd >= 0) {
3081 qemu_set_cloexec(fd);
3082 break;
3083 }
3084 }
3085
3086 /* set short latency */
3087 if (socket_set_nodelay(fd)) {
3088 perror("setsockopt");
3089 close(fd);
3090 return false;
3091 }
3092
3093 init_gdbserver_state();
3094 create_default_process(&gdbserver_state);
3095 gdbserver_state.processes[0].attached = true;
3096 gdbserver_state.c_cpu = gdb_first_attached_cpu();
3097 gdbserver_state.g_cpu = gdbserver_state.c_cpu;
3098 gdbserver_state.fd = fd;
3099 gdb_has_xml = false;
3100 return true;
3101 }
3102
3103 static int gdbserver_open(int port)
3104 {
3105 struct sockaddr_in sockaddr;
3106 int fd, ret;
3107
3108 fd = socket(PF_INET, SOCK_STREAM, 0);
3109 if (fd < 0) {
3110 perror("socket");
3111 return -1;
3112 }
3113 qemu_set_cloexec(fd);
3114
3115 socket_set_fast_reuse(fd);
3116
3117 sockaddr.sin_family = AF_INET;
3118 sockaddr.sin_port = htons(port);
3119 sockaddr.sin_addr.s_addr = 0;
3120 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
3121 if (ret < 0) {
3122 perror("bind");
3123 close(fd);
3124 return -1;
3125 }
3126 ret = listen(fd, 1);
3127 if (ret < 0) {
3128 perror("listen");
3129 close(fd);
3130 return -1;
3131 }
3132 return fd;
3133 }
3134
3135 int gdbserver_start(int port)
3136 {
3137 gdbserver_fd = gdbserver_open(port);
3138 if (gdbserver_fd < 0)
3139 return -1;
3140 /* accept connections */
3141 if (!gdb_accept()) {
3142 close(gdbserver_fd);
3143 gdbserver_fd = -1;
3144 return -1;
3145 }
3146 return 0;
3147 }
3148
3149 /* Disable gdb stub for child processes. */
3150 void gdbserver_fork(CPUState *cpu)
3151 {
3152 if (gdbserver_fd < 0 || gdbserver_state.fd < 0) {
3153 return;
3154 }
3155 close(gdbserver_state.fd);
3156 gdbserver_state.fd = -1;
3157 cpu_breakpoint_remove_all(cpu, BP_GDB);
3158 cpu_watchpoint_remove_all(cpu, BP_GDB);
3159 }
3160 #else
3161 static int gdb_chr_can_receive(void *opaque)
3162 {
3163 /* We can handle an arbitrarily large amount of data.
3164 Pick the maximum packet size, which is as good as anything. */
3165 return MAX_PACKET_LENGTH;
3166 }
3167
3168 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
3169 {
3170 int i;
3171
3172 for (i = 0; i < size; i++) {
3173 gdb_read_byte(buf[i]);
3174 }
3175 }
3176
3177 static void gdb_chr_event(void *opaque, QEMUChrEvent event)
3178 {
3179 int i;
3180 GDBState *s = (GDBState *) opaque;
3181
3182 switch (event) {
3183 case CHR_EVENT_OPENED:
3184 /* Start with first process attached, others detached */
3185 for (i = 0; i < s->process_num; i++) {
3186 s->processes[i].attached = !i;
3187 }
3188
3189 s->c_cpu = gdb_first_attached_cpu();
3190 s->g_cpu = s->c_cpu;
3191
3192 vm_stop(RUN_STATE_PAUSED);
3193 gdb_has_xml = false;
3194 break;
3195 default:
3196 break;
3197 }
3198 }
3199
3200 static void gdb_monitor_output(const char *msg, int len)
3201 {
3202 g_autoptr(GString) buf = g_string_new("O");
3203 memtohex(buf, (uint8_t *)msg, len);
3204 put_packet(buf->str);
3205 }
3206
3207 static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len)
3208 {
3209 const char *p = (const char *)buf;
3210 int max_sz;
3211
3212 max_sz = (sizeof(gdbserver_state.last_packet) - 2) / 2;
3213 for (;;) {
3214 if (len <= max_sz) {
3215 gdb_monitor_output(p, len);
3216 break;
3217 }
3218 gdb_monitor_output(p, max_sz);
3219 p += max_sz;
3220 len -= max_sz;
3221 }
3222 return len;
3223 }
3224
3225 #ifndef _WIN32
3226 static void gdb_sigterm_handler(int signal)
3227 {
3228 if (runstate_is_running()) {
3229 vm_stop(RUN_STATE_PAUSED);
3230 }
3231 }
3232 #endif
3233
3234 static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend,
3235 bool *be_opened, Error **errp)
3236 {
3237 *be_opened = false;
3238 }
3239
3240 static void char_gdb_class_init(ObjectClass *oc, void *data)
3241 {
3242 ChardevClass *cc = CHARDEV_CLASS(oc);
3243
3244 cc->internal = true;
3245 cc->open = gdb_monitor_open;
3246 cc->chr_write = gdb_monitor_write;
3247 }
3248
3249 #define TYPE_CHARDEV_GDB "chardev-gdb"
3250
3251 static const TypeInfo char_gdb_type_info = {
3252 .name = TYPE_CHARDEV_GDB,
3253 .parent = TYPE_CHARDEV,
3254 .class_init = char_gdb_class_init,
3255 };
3256
3257 static int find_cpu_clusters(Object *child, void *opaque)
3258 {
3259 if (object_dynamic_cast(child, TYPE_CPU_CLUSTER)) {
3260 GDBState *s = (GDBState *) opaque;
3261 CPUClusterState *cluster = CPU_CLUSTER(child);
3262 GDBProcess *process;
3263
3264 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
3265
3266 process = &s->processes[s->process_num - 1];
3267
3268 /*
3269 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at
3270 * runtime, we enforce here that the machine does not use a cluster ID
3271 * that would lead to PID 0.
3272 */
3273 assert(cluster->cluster_id != UINT32_MAX);
3274 process->pid = cluster->cluster_id + 1;
3275 process->attached = false;
3276 process->target_xml[0] = '\0';
3277
3278 return 0;
3279 }
3280
3281 return object_child_foreach(child, find_cpu_clusters, opaque);
3282 }
3283
3284 static int pid_order(const void *a, const void *b)
3285 {
3286 GDBProcess *pa = (GDBProcess *) a;
3287 GDBProcess *pb = (GDBProcess *) b;
3288
3289 if (pa->pid < pb->pid) {
3290 return -1;
3291 } else if (pa->pid > pb->pid) {
3292 return 1;
3293 } else {
3294 return 0;
3295 }
3296 }
3297
3298 static void create_processes(GDBState *s)
3299 {
3300 object_child_foreach(object_get_root(), find_cpu_clusters, s);
3301
3302 if (gdbserver_state.processes) {
3303 /* Sort by PID */
3304 qsort(gdbserver_state.processes, gdbserver_state.process_num, sizeof(gdbserver_state.processes[0]), pid_order);
3305 }
3306
3307 create_default_process(s);
3308 }
3309
3310 int gdbserver_start(const char *device)
3311 {
3312 trace_gdbstub_op_start(device);
3313
3314 char gdbstub_device_name[128];
3315 Chardev *chr = NULL;
3316 Chardev *mon_chr;
3317
3318 if (!first_cpu) {
3319 error_report("gdbstub: meaningless to attach gdb to a "
3320 "machine without any CPU.");
3321 return -1;
3322 }
3323
3324 if (!device)
3325 return -1;
3326 if (strcmp(device, "none") != 0) {
3327 if (strstart(device, "tcp:", NULL)) {
3328 /* enforce required TCP attributes */
3329 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
3330 "%s,nowait,nodelay,server", device);
3331 device = gdbstub_device_name;
3332 }
3333 #ifndef _WIN32
3334 else if (strcmp(device, "stdio") == 0) {
3335 struct sigaction act;
3336
3337 memset(&act, 0, sizeof(act));
3338 act.sa_handler = gdb_sigterm_handler;
3339 sigaction(SIGINT, &act, NULL);
3340 }
3341 #endif
3342 /*
3343 * FIXME: it's a bit weird to allow using a mux chardev here
3344 * and implicitly setup a monitor. We may want to break this.
3345 */
3346 chr = qemu_chr_new_noreplay("gdb", device, true, NULL);
3347 if (!chr)
3348 return -1;
3349 }
3350
3351 if (!gdbserver_state.init) {
3352 init_gdbserver_state();
3353
3354 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
3355
3356 /* Initialize a monitor terminal for gdb */
3357 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB,
3358 NULL, NULL, &error_abort);
3359 monitor_init_hmp(mon_chr, false, &error_abort);
3360 } else {
3361 qemu_chr_fe_deinit(&gdbserver_state.chr, true);
3362 mon_chr = gdbserver_state.mon_chr;
3363 reset_gdbserver_state();
3364 }
3365
3366 create_processes(&gdbserver_state);
3367
3368 if (chr) {
3369 qemu_chr_fe_init(&gdbserver_state.chr, chr, &error_abort);
3370 qemu_chr_fe_set_handlers(&gdbserver_state.chr, gdb_chr_can_receive,
3371 gdb_chr_receive, gdb_chr_event,
3372 NULL, &gdbserver_state, NULL, true);
3373 }
3374 gdbserver_state.state = chr ? RS_IDLE : RS_INACTIVE;
3375 gdbserver_state.mon_chr = mon_chr;
3376 gdbserver_state.current_syscall_cb = NULL;
3377
3378 return 0;
3379 }
3380
3381 void gdbserver_cleanup(void)
3382 {
3383 if (gdbserver_state.init) {
3384 put_packet("W00");
3385 }
3386 }
3387
3388 static void register_types(void)
3389 {
3390 type_register_static(&char_gdb_type_info);
3391 }
3392
3393 type_init(register_types);
3394 #endif
AR7 emulation for QEMU