search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
hmp/migration: add migrate_recover command
[qemu/kevin.git] / gdbstub.c
blob3c3807358c843d64cb9326c6b544890919c603f6
1 /*
2 * gdb server stub
3 *
4 * Copyright (c) 2003-2005 Fabrice Bellard
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18 */
19 #include "qemu/osdep.h"
20 #include "qapi/error.h"
21 #include "qemu/error-report.h"
22 #include "qemu/cutils.h"
23 #include "cpu.h"
24 #include "trace-root.h"
25 #ifdef CONFIG_USER_ONLY
26 #include "qemu.h"
27 #else
28 #include "monitor/monitor.h"
29 #include "chardev/char.h"
30 #include "chardev/char-fe.h"
31 #include "sysemu/sysemu.h"
32 #include "exec/gdbstub.h"
33 #endif
34
35 #define MAX_PACKET_LENGTH 4096
36
37 #include "qemu/sockets.h"
38 #include "sysemu/hw_accel.h"
39 #include "sysemu/kvm.h"
40 #include "exec/semihost.h"
41 #include "exec/exec-all.h"
42
43 #ifdef CONFIG_USER_ONLY
44 #define GDB_ATTACHED "0"
45 #else
46 #define GDB_ATTACHED "1"
47 #endif
48
49 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
50 uint8_t *buf, int len, bool is_write)
51 {
52 CPUClass *cc = CPU_GET_CLASS(cpu);
53
54 if (cc->memory_rw_debug) {
55 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
56 }
57 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
58 }
59
60 /* Return the GDB index for a given vCPU state.
61 *
62 * For user mode this is simply the thread id. In system mode GDB
63 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
64 */
65 static inline int cpu_gdb_index(CPUState *cpu)
66 {
67 #if defined(CONFIG_USER_ONLY)
68 TaskState *ts = (TaskState *) cpu->opaque;
69 return ts->ts_tid;
70 #else
71 return cpu->cpu_index + 1;
72 #endif
73 }
74
75 enum {
76 GDB_SIGNAL_0 = 0,
77 GDB_SIGNAL_INT = 2,
78 GDB_SIGNAL_QUIT = 3,
79 GDB_SIGNAL_TRAP = 5,
80 GDB_SIGNAL_ABRT = 6,
81 GDB_SIGNAL_ALRM = 14,
82 GDB_SIGNAL_IO = 23,
83 GDB_SIGNAL_XCPU = 24,
84 GDB_SIGNAL_UNKNOWN = 143
85 };
86
87 #ifdef CONFIG_USER_ONLY
88
89 /* Map target signal numbers to GDB protocol signal numbers and vice
90 * versa. For user emulation's currently supported systems, we can
91 * assume most signals are defined.
92 */
93
94 static int gdb_signal_table[] = {
95 0,
96 TARGET_SIGHUP,
97 TARGET_SIGINT,
98 TARGET_SIGQUIT,
99 TARGET_SIGILL,
100 TARGET_SIGTRAP,
101 TARGET_SIGABRT,
102 -1, /* SIGEMT */
103 TARGET_SIGFPE,
104 TARGET_SIGKILL,
105 TARGET_SIGBUS,
106 TARGET_SIGSEGV,
107 TARGET_SIGSYS,
108 TARGET_SIGPIPE,
109 TARGET_SIGALRM,
110 TARGET_SIGTERM,
111 TARGET_SIGURG,
112 TARGET_SIGSTOP,
113 TARGET_SIGTSTP,
114 TARGET_SIGCONT,
115 TARGET_SIGCHLD,
116 TARGET_SIGTTIN,
117 TARGET_SIGTTOU,
118 TARGET_SIGIO,
119 TARGET_SIGXCPU,
120 TARGET_SIGXFSZ,
121 TARGET_SIGVTALRM,
122 TARGET_SIGPROF,
123 TARGET_SIGWINCH,
124 -1, /* SIGLOST */
125 TARGET_SIGUSR1,
126 TARGET_SIGUSR2,
127 #ifdef TARGET_SIGPWR
128 TARGET_SIGPWR,
129 #else
130 -1,
131 #endif
132 -1, /* SIGPOLL */
133 -1,
134 -1,
135 -1,
136 -1,
137 -1,
138 -1,
139 -1,
140 -1,
141 -1,
142 -1,
143 -1,
144 #ifdef __SIGRTMIN
145 __SIGRTMIN + 1,
146 __SIGRTMIN + 2,
147 __SIGRTMIN + 3,
148 __SIGRTMIN + 4,
149 __SIGRTMIN + 5,
150 __SIGRTMIN + 6,
151 __SIGRTMIN + 7,
152 __SIGRTMIN + 8,
153 __SIGRTMIN + 9,
154 __SIGRTMIN + 10,
155 __SIGRTMIN + 11,
156 __SIGRTMIN + 12,
157 __SIGRTMIN + 13,
158 __SIGRTMIN + 14,
159 __SIGRTMIN + 15,
160 __SIGRTMIN + 16,
161 __SIGRTMIN + 17,
162 __SIGRTMIN + 18,
163 __SIGRTMIN + 19,
164 __SIGRTMIN + 20,
165 __SIGRTMIN + 21,
166 __SIGRTMIN + 22,
167 __SIGRTMIN + 23,
168 __SIGRTMIN + 24,
169 __SIGRTMIN + 25,
170 __SIGRTMIN + 26,
171 __SIGRTMIN + 27,
172 __SIGRTMIN + 28,
173 __SIGRTMIN + 29,
174 __SIGRTMIN + 30,
175 __SIGRTMIN + 31,
176 -1, /* SIGCANCEL */
177 __SIGRTMIN,
178 __SIGRTMIN + 32,
179 __SIGRTMIN + 33,
180 __SIGRTMIN + 34,
181 __SIGRTMIN + 35,
182 __SIGRTMIN + 36,
183 __SIGRTMIN + 37,
184 __SIGRTMIN + 38,
185 __SIGRTMIN + 39,
186 __SIGRTMIN + 40,
187 __SIGRTMIN + 41,
188 __SIGRTMIN + 42,
189 __SIGRTMIN + 43,
190 __SIGRTMIN + 44,
191 __SIGRTMIN + 45,
192 __SIGRTMIN + 46,
193 __SIGRTMIN + 47,
194 __SIGRTMIN + 48,
195 __SIGRTMIN + 49,
196 __SIGRTMIN + 50,
197 __SIGRTMIN + 51,
198 __SIGRTMIN + 52,
199 __SIGRTMIN + 53,
200 __SIGRTMIN + 54,
201 __SIGRTMIN + 55,
202 __SIGRTMIN + 56,
203 __SIGRTMIN + 57,
204 __SIGRTMIN + 58,
205 __SIGRTMIN + 59,
206 __SIGRTMIN + 60,
207 __SIGRTMIN + 61,
208 __SIGRTMIN + 62,
209 __SIGRTMIN + 63,
210 __SIGRTMIN + 64,
211 __SIGRTMIN + 65,
212 __SIGRTMIN + 66,
213 __SIGRTMIN + 67,
214 __SIGRTMIN + 68,
215 __SIGRTMIN + 69,
216 __SIGRTMIN + 70,
217 __SIGRTMIN + 71,
218 __SIGRTMIN + 72,
219 __SIGRTMIN + 73,
220 __SIGRTMIN + 74,
221 __SIGRTMIN + 75,
222 __SIGRTMIN + 76,
223 __SIGRTMIN + 77,
224 __SIGRTMIN + 78,
225 __SIGRTMIN + 79,
226 __SIGRTMIN + 80,
227 __SIGRTMIN + 81,
228 __SIGRTMIN + 82,
229 __SIGRTMIN + 83,
230 __SIGRTMIN + 84,
231 __SIGRTMIN + 85,
232 __SIGRTMIN + 86,
233 __SIGRTMIN + 87,
234 __SIGRTMIN + 88,
235 __SIGRTMIN + 89,
236 __SIGRTMIN + 90,
237 __SIGRTMIN + 91,
238 __SIGRTMIN + 92,
239 __SIGRTMIN + 93,
240 __SIGRTMIN + 94,
241 __SIGRTMIN + 95,
242 -1, /* SIGINFO */
243 -1, /* UNKNOWN */
244 -1, /* DEFAULT */
245 -1,
246 -1,
247 -1,
248 -1,
249 -1,
250 -1
251 #endif
252 };
253 #else
254 /* In system mode we only need SIGINT and SIGTRAP; other signals
255 are not yet supported. */
256
257 enum {
258 TARGET_SIGINT = 2,
259 TARGET_SIGTRAP = 5
260 };
261
262 static int gdb_signal_table[] = {
263 -1,
264 -1,
265 TARGET_SIGINT,
266 -1,
267 -1,
268 TARGET_SIGTRAP
269 };
270 #endif
271
272 #ifdef CONFIG_USER_ONLY
273 static int target_signal_to_gdb (int sig)
274 {
275 int i;
276 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
277 if (gdb_signal_table[i] == sig)
278 return i;
279 return GDB_SIGNAL_UNKNOWN;
280 }
281 #endif
282
283 static int gdb_signal_to_target (int sig)
284 {
285 if (sig < ARRAY_SIZE (gdb_signal_table))
286 return gdb_signal_table[sig];
287 else
288 return -1;
289 }
290
291 typedef struct GDBRegisterState {
292 int base_reg;
293 int num_regs;
294 gdb_reg_cb get_reg;
295 gdb_reg_cb set_reg;
296 const char *xml;
297 struct GDBRegisterState *next;
298 } GDBRegisterState;
299
300 enum RSState {
301 RS_INACTIVE,
302 RS_IDLE,
303 RS_GETLINE,
304 RS_GETLINE_ESC,
305 RS_GETLINE_RLE,
306 RS_CHKSUM1,
307 RS_CHKSUM2,
308 };
309 typedef struct GDBState {
310 CPUState *c_cpu; /* current CPU for step/continue ops */
311 CPUState *g_cpu; /* current CPU for other ops */
312 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
313 enum RSState state; /* parsing state */
314 char line_buf[MAX_PACKET_LENGTH];
315 int line_buf_index;
316 int line_sum; /* running checksum */
317 int line_csum; /* checksum at the end of the packet */
318 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
319 int last_packet_len;
320 int signal;
321 #ifdef CONFIG_USER_ONLY
322 int fd;
323 int running_state;
324 #else
325 CharBackend chr;
326 Chardev *mon_chr;
327 #endif
328 char syscall_buf[256];
329 gdb_syscall_complete_cb current_syscall_cb;
330 } GDBState;
331
332 /* By default use no IRQs and no timers while single stepping so as to
333 * make single stepping like an ICE HW step.
334 */
335 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
336
337 static GDBState *gdbserver_state;
338
339 bool gdb_has_xml;
340
341 #ifdef CONFIG_USER_ONLY
342 /* XXX: This is not thread safe. Do we care? */
343 static int gdbserver_fd = -1;
344
345 static int get_char(GDBState *s)
346 {
347 uint8_t ch;
348 int ret;
349
350 for(;;) {
351 ret = qemu_recv(s->fd, &ch, 1, 0);
352 if (ret < 0) {
353 if (errno == ECONNRESET)
354 s->fd = -1;
355 if (errno != EINTR)
356 return -1;
357 } else if (ret == 0) {
358 close(s->fd);
359 s->fd = -1;
360 return -1;
361 } else {
362 break;
363 }
364 }
365 return ch;
366 }
367 #endif
368
369 static enum {
370 GDB_SYS_UNKNOWN,
371 GDB_SYS_ENABLED,
372 GDB_SYS_DISABLED,
373 } gdb_syscall_mode;
374
375 /* Decide if either remote gdb syscalls or native file IO should be used. */
376 int use_gdb_syscalls(void)
377 {
378 SemihostingTarget target = semihosting_get_target();
379 if (target == SEMIHOSTING_TARGET_NATIVE) {
380 /* -semihosting-config target=native */
381 return false;
382 } else if (target == SEMIHOSTING_TARGET_GDB) {
383 /* -semihosting-config target=gdb */
384 return true;
385 }
386
387 /* -semihosting-config target=auto */
388 /* On the first call check if gdb is connected and remember. */
389 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
390 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
391 : GDB_SYS_DISABLED);
392 }
393 return gdb_syscall_mode == GDB_SYS_ENABLED;
394 }
395
396 /* Resume execution. */
397 static inline void gdb_continue(GDBState *s)
398 {
399
400 #ifdef CONFIG_USER_ONLY
401 s->running_state = 1;
402 trace_gdbstub_op_continue();
403 #else
404 if (!runstate_needs_reset()) {
405 trace_gdbstub_op_continue();
406 vm_start();
407 }
408 #endif
409 }
410
411 /*
412 * Resume execution, per CPU actions. For user-mode emulation it's
413 * equivalent to gdb_continue.
414 */
415 static int gdb_continue_partial(GDBState *s, char *newstates)
416 {
417 CPUState *cpu;
418 int res = 0;
419 #ifdef CONFIG_USER_ONLY
420 /*
421 * This is not exactly accurate, but it's an improvement compared to the
422 * previous situation, where only one CPU would be single-stepped.
423 */
424 CPU_FOREACH(cpu) {
425 if (newstates[cpu->cpu_index] == 's') {
426 trace_gdbstub_op_stepping(cpu->cpu_index);
427 cpu_single_step(cpu, sstep_flags);
428 }
429 }
430 s->running_state = 1;
431 #else
432 int flag = 0;
433
434 if (!runstate_needs_reset()) {
435 if (vm_prepare_start()) {
436 return 0;
437 }
438
439 CPU_FOREACH(cpu) {
440 switch (newstates[cpu->cpu_index]) {
441 case 0:
442 case 1:
443 break; /* nothing to do here */
444 case 's':
445 trace_gdbstub_op_stepping(cpu->cpu_index);
446 cpu_single_step(cpu, sstep_flags);
447 cpu_resume(cpu);
448 flag = 1;
449 break;
450 case 'c':
451 trace_gdbstub_op_continue_cpu(cpu->cpu_index);
452 cpu_resume(cpu);
453 flag = 1;
454 break;
455 default:
456 res = -1;
457 break;
458 }
459 }
460 }
461 if (flag) {
462 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true);
463 }
464 #endif
465 return res;
466 }
467
468 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
469 {
470 #ifdef CONFIG_USER_ONLY
471 int ret;
472
473 while (len > 0) {
474 ret = send(s->fd, buf, len, 0);
475 if (ret < 0) {
476 if (errno != EINTR)
477 return;
478 } else {
479 buf += ret;
480 len -= ret;
481 }
482 }
483 #else
484 /* XXX this blocks entire thread. Rewrite to use
485 * qemu_chr_fe_write and background I/O callbacks */
486 qemu_chr_fe_write_all(&s->chr, buf, len);
487 #endif
488 }
489
490 static inline int fromhex(int v)
491 {
492 if (v >= '0' && v <= '9')
493 return v - '0';
494 else if (v >= 'A' && v <= 'F')
495 return v - 'A' + 10;
496 else if (v >= 'a' && v <= 'f')
497 return v - 'a' + 10;
498 else
499 return 0;
500 }
501
502 static inline int tohex(int v)
503 {
504 if (v < 10)
505 return v + '0';
506 else
507 return v - 10 + 'a';
508 }
509
510 /* writes 2*len+1 bytes in buf */
511 static void memtohex(char *buf, const uint8_t *mem, int len)
512 {
513 int i, c;
514 char *q;
515 q = buf;
516 for(i = 0; i < len; i++) {
517 c = mem[i];
518 *q++ = tohex(c >> 4);
519 *q++ = tohex(c & 0xf);
520 }
521 *q = '\0';
522 }
523
524 static void hextomem(uint8_t *mem, const char *buf, int len)
525 {
526 int i;
527
528 for(i = 0; i < len; i++) {
529 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
530 buf += 2;
531 }
532 }
533
534 static void hexdump(const char *buf, int len,
535 void (*trace_fn)(size_t ofs, char const *text))
536 {
537 char line_buffer[3 * 16 + 4 + 16 + 1];
538
539 size_t i;
540 for (i = 0; i < len || (i & 0xF); ++i) {
541 size_t byte_ofs = i & 15;
542
543 if (byte_ofs == 0) {
544 memset(line_buffer, ' ', 3 * 16 + 4 + 16);
545 line_buffer[3 * 16 + 4 + 16] = 0;
546 }
547
548 size_t col_group = (i >> 2) & 3;
549 size_t hex_col = byte_ofs * 3 + col_group;
550 size_t txt_col = 3 * 16 + 4 + byte_ofs;
551
552 if (i < len) {
553 char value = buf[i];
554
555 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF);
556 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF);
557 line_buffer[txt_col + 0] = (value >= ' ' && value < 127)
558 ? value
559 : '.';
560 }
561
562 if (byte_ofs == 0xF)
563 trace_fn(i & -16, line_buffer);
564 }
565 }
566
567 /* return -1 if error, 0 if OK */
568 static int put_packet_binary(GDBState *s, const char *buf, int len, bool dump)
569 {
570 int csum, i;
571 uint8_t *p;
572
573 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) {
574 hexdump(buf, len, trace_gdbstub_io_binaryreply);
575 }
576
577 for(;;) {
578 p = s->last_packet;
579 *(p++) = '$';
580 memcpy(p, buf, len);
581 p += len;
582 csum = 0;
583 for(i = 0; i < len; i++) {
584 csum += buf[i];
585 }
586 *(p++) = '#';
587 *(p++) = tohex((csum >> 4) & 0xf);
588 *(p++) = tohex((csum) & 0xf);
589
590 s->last_packet_len = p - s->last_packet;
591 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
592
593 #ifdef CONFIG_USER_ONLY
594 i = get_char(s);
595 if (i < 0)
596 return -1;
597 if (i == '+')
598 break;
599 #else
600 break;
601 #endif
602 }
603 return 0;
604 }
605
606 /* return -1 if error, 0 if OK */
607 static int put_packet(GDBState *s, const char *buf)
608 {
609 trace_gdbstub_io_reply(buf);
610
611 return put_packet_binary(s, buf, strlen(buf), false);
612 }
613
614 /* Encode data using the encoding for 'x' packets. */
615 static int memtox(char *buf, const char *mem, int len)
616 {
617 char *p = buf;
618 char c;
619
620 while (len--) {
621 c = *(mem++);
622 switch (c) {
623 case '#': case '$': case '*': case '}':
624 *(p++) = '}';
625 *(p++) = c ^ 0x20;
626 break;
627 default:
628 *(p++) = c;
629 break;
630 }
631 }
632 return p - buf;
633 }
634
635 static const char *get_feature_xml(const char *p, const char **newp,
636 CPUClass *cc)
637 {
638 size_t len;
639 int i;
640 const char *name;
641 static char target_xml[1024];
642
643 len = 0;
644 while (p[len] && p[len] != ':')
645 len++;
646 *newp = p + len;
647
648 name = NULL;
649 if (strncmp(p, "target.xml", len) == 0) {
650 /* Generate the XML description for this CPU. */
651 if (!target_xml[0]) {
652 GDBRegisterState *r;
653 CPUState *cpu = first_cpu;
654
655 pstrcat(target_xml, sizeof(target_xml),
656 "<?xml version=\"1.0\"?>"
657 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
658 "<target>");
659 if (cc->gdb_arch_name) {
660 gchar *arch = cc->gdb_arch_name(cpu);
661 pstrcat(target_xml, sizeof(target_xml), "<architecture>");
662 pstrcat(target_xml, sizeof(target_xml), arch);
663 pstrcat(target_xml, sizeof(target_xml), "</architecture>");
664 g_free(arch);
665 }
666 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
667 pstrcat(target_xml, sizeof(target_xml), cc->gdb_core_xml_file);
668 pstrcat(target_xml, sizeof(target_xml), "\"/>");
669 for (r = cpu->gdb_regs; r; r = r->next) {
670 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
671 pstrcat(target_xml, sizeof(target_xml), r->xml);
672 pstrcat(target_xml, sizeof(target_xml), "\"/>");
673 }
674 pstrcat(target_xml, sizeof(target_xml), "</target>");
675 }
676 return target_xml;
677 }
678 for (i = 0; ; i++) {
679 name = xml_builtin[i][0];
680 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
681 break;
682 }
683 return name ? xml_builtin[i][1] : NULL;
684 }
685
686 static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
687 {
688 CPUClass *cc = CPU_GET_CLASS(cpu);
689 CPUArchState *env = cpu->env_ptr;
690 GDBRegisterState *r;
691
692 if (reg < cc->gdb_num_core_regs) {
693 return cc->gdb_read_register(cpu, mem_buf, reg);
694 }
695
696 for (r = cpu->gdb_regs; r; r = r->next) {
697 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
698 return r->get_reg(env, mem_buf, reg - r->base_reg);
699 }
700 }
701 return 0;
702 }
703
704 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
705 {
706 CPUClass *cc = CPU_GET_CLASS(cpu);
707 CPUArchState *env = cpu->env_ptr;
708 GDBRegisterState *r;
709
710 if (reg < cc->gdb_num_core_regs) {
711 return cc->gdb_write_register(cpu, mem_buf, reg);
712 }
713
714 for (r = cpu->gdb_regs; r; r = r->next) {
715 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
716 return r->set_reg(env, mem_buf, reg - r->base_reg);
717 }
718 }
719 return 0;
720 }
721
722 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
723 specifies the first register number and these registers are included in
724 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
725 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
726 */
727
728 void gdb_register_coprocessor(CPUState *cpu,
729 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
730 int num_regs, const char *xml, int g_pos)
731 {
732 GDBRegisterState *s;
733 GDBRegisterState **p;
734
735 p = &cpu->gdb_regs;
736 while (*p) {
737 /* Check for duplicates. */
738 if (strcmp((*p)->xml, xml) == 0)
739 return;
740 p = &(*p)->next;
741 }
742
743 s = g_new0(GDBRegisterState, 1);
744 s->base_reg = cpu->gdb_num_regs;
745 s->num_regs = num_regs;
746 s->get_reg = get_reg;
747 s->set_reg = set_reg;
748 s->xml = xml;
749
750 /* Add to end of list. */
751 cpu->gdb_num_regs += num_regs;
752 *p = s;
753 if (g_pos) {
754 if (g_pos != s->base_reg) {
755 error_report("Error: Bad gdb register numbering for '%s', "
756 "expected %d got %d", xml, g_pos, s->base_reg);
757 } else {
758 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
759 }
760 }
761 }
762
763 #ifndef CONFIG_USER_ONLY
764 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
765 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
766 {
767 static const int xlat[] = {
768 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
769 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
770 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
771 };
772
773 CPUClass *cc = CPU_GET_CLASS(cpu);
774 int cputype = xlat[gdbtype];
775
776 if (cc->gdb_stop_before_watchpoint) {
777 cputype |= BP_STOP_BEFORE_ACCESS;
778 }
779 return cputype;
780 }
781 #endif
782
783 static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
784 {
785 CPUState *cpu;
786 int err = 0;
787
788 if (kvm_enabled()) {
789 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
790 }
791
792 switch (type) {
793 case GDB_BREAKPOINT_SW:
794 case GDB_BREAKPOINT_HW:
795 CPU_FOREACH(cpu) {
796 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
797 if (err) {
798 break;
799 }
800 }
801 return err;
802 #ifndef CONFIG_USER_ONLY
803 case GDB_WATCHPOINT_WRITE:
804 case GDB_WATCHPOINT_READ:
805 case GDB_WATCHPOINT_ACCESS:
806 CPU_FOREACH(cpu) {
807 err = cpu_watchpoint_insert(cpu, addr, len,
808 xlat_gdb_type(cpu, type), NULL);
809 if (err) {
810 break;
811 }
812 }
813 return err;
814 #endif
815 default:
816 return -ENOSYS;
817 }
818 }
819
820 static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
821 {
822 CPUState *cpu;
823 int err = 0;
824
825 if (kvm_enabled()) {
826 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
827 }
828
829 switch (type) {
830 case GDB_BREAKPOINT_SW:
831 case GDB_BREAKPOINT_HW:
832 CPU_FOREACH(cpu) {
833 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
834 if (err) {
835 break;
836 }
837 }
838 return err;
839 #ifndef CONFIG_USER_ONLY
840 case GDB_WATCHPOINT_WRITE:
841 case GDB_WATCHPOINT_READ:
842 case GDB_WATCHPOINT_ACCESS:
843 CPU_FOREACH(cpu) {
844 err = cpu_watchpoint_remove(cpu, addr, len,
845 xlat_gdb_type(cpu, type));
846 if (err)
847 break;
848 }
849 return err;
850 #endif
851 default:
852 return -ENOSYS;
853 }
854 }
855
856 static void gdb_breakpoint_remove_all(void)
857 {
858 CPUState *cpu;
859
860 if (kvm_enabled()) {
861 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
862 return;
863 }
864
865 CPU_FOREACH(cpu) {
866 cpu_breakpoint_remove_all(cpu, BP_GDB);
867 #ifndef CONFIG_USER_ONLY
868 cpu_watchpoint_remove_all(cpu, BP_GDB);
869 #endif
870 }
871 }
872
873 static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
874 {
875 CPUState *cpu = s->c_cpu;
876
877 cpu_synchronize_state(cpu);
878 cpu_set_pc(cpu, pc);
879 }
880
881 static CPUState *find_cpu(uint32_t thread_id)
882 {
883 CPUState *cpu;
884
885 CPU_FOREACH(cpu) {
886 if (cpu_gdb_index(cpu) == thread_id) {
887 return cpu;
888 }
889 }
890
891 return NULL;
892 }
893
894 static int is_query_packet(const char *p, const char *query, char separator)
895 {
896 unsigned int query_len = strlen(query);
897
898 return strncmp(p, query, query_len) == 0 &&
899 (p[query_len] == '\0' || p[query_len] == separator);
900 }
901
902 /**
903 * gdb_handle_vcont - Parses and handles a vCont packet.
904 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
905 * a format error, 0 on success.
906 */
907 static int gdb_handle_vcont(GDBState *s, const char *p)
908 {
909 int res, idx, signal = 0;
910 char cur_action;
911 char *newstates;
912 unsigned long tmp;
913 CPUState *cpu;
914 #ifdef CONFIG_USER_ONLY
915 int max_cpus = 1; /* global variable max_cpus exists only in system mode */
916
917 CPU_FOREACH(cpu) {
918 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus;
919 }
920 #endif
921 /* uninitialised CPUs stay 0 */
922 newstates = g_new0(char, max_cpus);
923
924 /* mark valid CPUs with 1 */
925 CPU_FOREACH(cpu) {
926 newstates[cpu->cpu_index] = 1;
927 }
928
929 /*
930 * res keeps track of what error we are returning, with -ENOTSUP meaning
931 * that the command is unknown or unsupported, thus returning an empty
932 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
933 * or incorrect parameters passed.
934 */
935 res = 0;
936 while (*p) {
937 if (*p++ != ';') {
938 res = -ENOTSUP;
939 goto out;
940 }
941
942 cur_action = *p++;
943 if (cur_action == 'C' || cur_action == 'S') {
944 cur_action = qemu_tolower(cur_action);
945 res = qemu_strtoul(p + 1, &p, 16, &tmp);
946 if (res) {
947 goto out;
948 }
949 signal = gdb_signal_to_target(tmp);
950 } else if (cur_action != 'c' && cur_action != 's') {
951 /* unknown/invalid/unsupported command */
952 res = -ENOTSUP;
953 goto out;
954 }
955 /* thread specification. special values: (none), -1 = all; 0 = any */
956 if ((p[0] == ':' && p[1] == '-' && p[2] == '1') || (p[0] != ':')) {
957 if (*p == ':') {
958 p += 3;
959 }
960 for (idx = 0; idx < max_cpus; idx++) {
961 if (newstates[idx] == 1) {
962 newstates[idx] = cur_action;
963 }
964 }
965 } else if (*p == ':') {
966 p++;
967 res = qemu_strtoul(p, &p, 16, &tmp);
968 if (res) {
969 goto out;
970 }
971
972 /* 0 means any thread, so we pick the first valid CPU */
973 cpu = tmp ? find_cpu(tmp) : first_cpu;
974
975 /* invalid CPU/thread specified */
976 if (!cpu) {
977 res = -EINVAL;
978 goto out;
979 }
980
981 /* only use if no previous match occourred */
982 if (newstates[cpu->cpu_index] == 1) {
983 newstates[cpu->cpu_index] = cur_action;
984 }
985 }
986 }
987 s->signal = signal;
988 gdb_continue_partial(s, newstates);
989
990 out:
991 g_free(newstates);
992
993 return res;
994 }
995
996 static int gdb_handle_packet(GDBState *s, const char *line_buf)
997 {
998 CPUState *cpu;
999 CPUClass *cc;
1000 const char *p;
1001 uint32_t thread;
1002 int ch, reg_size, type, res;
1003 uint8_t mem_buf[MAX_PACKET_LENGTH];
1004 char buf[sizeof(mem_buf) + 1 /* trailing NUL */];
1005 uint8_t *registers;
1006 target_ulong addr, len;
1007
1008 trace_gdbstub_io_command(line_buf);
1009
1010 p = line_buf;
1011 ch = *p++;
1012 switch(ch) {
1013 case '?':
1014 /* TODO: Make this return the correct value for user-mode. */
1015 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", GDB_SIGNAL_TRAP,
1016 cpu_gdb_index(s->c_cpu));
1017 put_packet(s, buf);
1018 /* Remove all the breakpoints when this query is issued,
1019 * because gdb is doing and initial connect and the state
1020 * should be cleaned up.
1021 */
1022 gdb_breakpoint_remove_all();
1023 break;
1024 case 'c':
1025 if (*p != '\0') {
1026 addr = strtoull(p, (char **)&p, 16);
1027 gdb_set_cpu_pc(s, addr);
1028 }
1029 s->signal = 0;
1030 gdb_continue(s);
1031 return RS_IDLE;
1032 case 'C':
1033 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
1034 if (s->signal == -1)
1035 s->signal = 0;
1036 gdb_continue(s);
1037 return RS_IDLE;
1038 case 'v':
1039 if (strncmp(p, "Cont", 4) == 0) {
1040 p += 4;
1041 if (*p == '?') {
1042 put_packet(s, "vCont;c;C;s;S");
1043 break;
1044 }
1045
1046 res = gdb_handle_vcont(s, p);
1047
1048 if (res) {
1049 if ((res == -EINVAL) || (res == -ERANGE)) {
1050 put_packet(s, "E22");
1051 break;
1052 }
1053 goto unknown_command;
1054 }
1055 break;
1056 } else {
1057 goto unknown_command;
1058 }
1059 case 'k':
1060 /* Kill the target */
1061 error_report("QEMU: Terminated via GDBstub");
1062 exit(0);
1063 case 'D':
1064 /* Detach packet */
1065 gdb_breakpoint_remove_all();
1066 gdb_syscall_mode = GDB_SYS_DISABLED;
1067 gdb_continue(s);
1068 put_packet(s, "OK");
1069 break;
1070 case 's':
1071 if (*p != '\0') {
1072 addr = strtoull(p, (char **)&p, 16);
1073 gdb_set_cpu_pc(s, addr);
1074 }
1075 cpu_single_step(s->c_cpu, sstep_flags);
1076 gdb_continue(s);
1077 return RS_IDLE;
1078 case 'F':
1079 {
1080 target_ulong ret;
1081 target_ulong err;
1082
1083 ret = strtoull(p, (char **)&p, 16);
1084 if (*p == ',') {
1085 p++;
1086 err = strtoull(p, (char **)&p, 16);
1087 } else {
1088 err = 0;
1089 }
1090 if (*p == ',')
1091 p++;
1092 type = *p;
1093 if (s->current_syscall_cb) {
1094 s->current_syscall_cb(s->c_cpu, ret, err);
1095 s->current_syscall_cb = NULL;
1096 }
1097 if (type == 'C') {
1098 put_packet(s, "T02");
1099 } else {
1100 gdb_continue(s);
1101 }
1102 }
1103 break;
1104 case 'g':
1105 cpu_synchronize_state(s->g_cpu);
1106 len = 0;
1107 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs; addr++) {
1108 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
1109 len += reg_size;
1110 }
1111 memtohex(buf, mem_buf, len);
1112 put_packet(s, buf);
1113 break;
1114 case 'G':
1115 cpu_synchronize_state(s->g_cpu);
1116 registers = mem_buf;
1117 len = strlen(p) / 2;
1118 hextomem((uint8_t *)registers, p, len);
1119 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs && len > 0; addr++) {
1120 reg_size = gdb_write_register(s->g_cpu, registers, addr);
1121 len -= reg_size;
1122 registers += reg_size;
1123 }
1124 put_packet(s, "OK");
1125 break;
1126 case 'm':
1127 addr = strtoull(p, (char **)&p, 16);
1128 if (*p == ',')
1129 p++;
1130 len = strtoull(p, NULL, 16);
1131
1132 /* memtohex() doubles the required space */
1133 if (len > MAX_PACKET_LENGTH / 2) {
1134 put_packet (s, "E22");
1135 break;
1136 }
1137
1138 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, false) != 0) {
1139 put_packet (s, "E14");
1140 } else {
1141 memtohex(buf, mem_buf, len);
1142 put_packet(s, buf);
1143 }
1144 break;
1145 case 'M':
1146 addr = strtoull(p, (char **)&p, 16);
1147 if (*p == ',')
1148 p++;
1149 len = strtoull(p, (char **)&p, 16);
1150 if (*p == ':')
1151 p++;
1152
1153 /* hextomem() reads 2*len bytes */
1154 if (len > strlen(p) / 2) {
1155 put_packet (s, "E22");
1156 break;
1157 }
1158 hextomem(mem_buf, p, len);
1159 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len,
1160 true) != 0) {
1161 put_packet(s, "E14");
1162 } else {
1163 put_packet(s, "OK");
1164 }
1165 break;
1166 case 'p':
1167 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
1168 This works, but can be very slow. Anything new enough to
1169 understand XML also knows how to use this properly. */
1170 if (!gdb_has_xml)
1171 goto unknown_command;
1172 addr = strtoull(p, (char **)&p, 16);
1173 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
1174 if (reg_size) {
1175 memtohex(buf, mem_buf, reg_size);
1176 put_packet(s, buf);
1177 } else {
1178 put_packet(s, "E14");
1179 }
1180 break;
1181 case 'P':
1182 if (!gdb_has_xml)
1183 goto unknown_command;
1184 addr = strtoull(p, (char **)&p, 16);
1185 if (*p == '=')
1186 p++;
1187 reg_size = strlen(p) / 2;
1188 hextomem(mem_buf, p, reg_size);
1189 gdb_write_register(s->g_cpu, mem_buf, addr);
1190 put_packet(s, "OK");
1191 break;
1192 case 'Z':
1193 case 'z':
1194 type = strtoul(p, (char **)&p, 16);
1195 if (*p == ',')
1196 p++;
1197 addr = strtoull(p, (char **)&p, 16);
1198 if (*p == ',')
1199 p++;
1200 len = strtoull(p, (char **)&p, 16);
1201 if (ch == 'Z')
1202 res = gdb_breakpoint_insert(addr, len, type);
1203 else
1204 res = gdb_breakpoint_remove(addr, len, type);
1205 if (res >= 0)
1206 put_packet(s, "OK");
1207 else if (res == -ENOSYS)
1208 put_packet(s, "");
1209 else
1210 put_packet(s, "E22");
1211 break;
1212 case 'H':
1213 type = *p++;
1214 thread = strtoull(p, (char **)&p, 16);
1215 if (thread == -1 || thread == 0) {
1216 put_packet(s, "OK");
1217 break;
1218 }
1219 cpu = find_cpu(thread);
1220 if (cpu == NULL) {
1221 put_packet(s, "E22");
1222 break;
1223 }
1224 switch (type) {
1225 case 'c':
1226 s->c_cpu = cpu;
1227 put_packet(s, "OK");
1228 break;
1229 case 'g':
1230 s->g_cpu = cpu;
1231 put_packet(s, "OK");
1232 break;
1233 default:
1234 put_packet(s, "E22");
1235 break;
1236 }
1237 break;
1238 case 'T':
1239 thread = strtoull(p, (char **)&p, 16);
1240 cpu = find_cpu(thread);
1241
1242 if (cpu != NULL) {
1243 put_packet(s, "OK");
1244 } else {
1245 put_packet(s, "E22");
1246 }
1247 break;
1248 case 'q':
1249 case 'Q':
1250 /* parse any 'q' packets here */
1251 if (!strcmp(p,"qemu.sstepbits")) {
1252 /* Query Breakpoint bit definitions */
1253 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1254 SSTEP_ENABLE,
1255 SSTEP_NOIRQ,
1256 SSTEP_NOTIMER);
1257 put_packet(s, buf);
1258 break;
1259 } else if (is_query_packet(p, "qemu.sstep", '=')) {
1260 /* Display or change the sstep_flags */
1261 p += 10;
1262 if (*p != '=') {
1263 /* Display current setting */
1264 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
1265 put_packet(s, buf);
1266 break;
1267 }
1268 p++;
1269 type = strtoul(p, (char **)&p, 16);
1270 sstep_flags = type;
1271 put_packet(s, "OK");
1272 break;
1273 } else if (strcmp(p,"C") == 0) {
1274 /* "Current thread" remains vague in the spec, so always return
1275 * the first CPU (gdb returns the first thread). */
1276 put_packet(s, "QC1");
1277 break;
1278 } else if (strcmp(p,"fThreadInfo") == 0) {
1279 s->query_cpu = first_cpu;
1280 goto report_cpuinfo;
1281 } else if (strcmp(p,"sThreadInfo") == 0) {
1282 report_cpuinfo:
1283 if (s->query_cpu) {
1284 snprintf(buf, sizeof(buf), "m%x", cpu_gdb_index(s->query_cpu));
1285 put_packet(s, buf);
1286 s->query_cpu = CPU_NEXT(s->query_cpu);
1287 } else
1288 put_packet(s, "l");
1289 break;
1290 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
1291 thread = strtoull(p+16, (char **)&p, 16);
1292 cpu = find_cpu(thread);
1293 if (cpu != NULL) {
1294 cpu_synchronize_state(cpu);
1295 /* memtohex() doubles the required space */
1296 len = snprintf((char *)mem_buf, sizeof(buf) / 2,
1297 "CPU#%d [%s]", cpu->cpu_index,
1298 cpu->halted ? "halted " : "running");
1299 trace_gdbstub_op_extra_info((char *)mem_buf);
1300 memtohex(buf, mem_buf, len);
1301 put_packet(s, buf);
1302 }
1303 break;
1304 }
1305 #ifdef CONFIG_USER_ONLY
1306 else if (strcmp(p, "Offsets") == 0) {
1307 TaskState *ts = s->c_cpu->opaque;
1308
1309 snprintf(buf, sizeof(buf),
1310 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1311 ";Bss=" TARGET_ABI_FMT_lx,
1312 ts->info->code_offset,
1313 ts->info->data_offset,
1314 ts->info->data_offset);
1315 put_packet(s, buf);
1316 break;
1317 }
1318 #else /* !CONFIG_USER_ONLY */
1319 else if (strncmp(p, "Rcmd,", 5) == 0) {
1320 int len = strlen(p + 5);
1321
1322 if ((len % 2) != 0) {
1323 put_packet(s, "E01");
1324 break;
1325 }
1326 len = len / 2;
1327 hextomem(mem_buf, p + 5, len);
1328 mem_buf[len++] = 0;
1329 qemu_chr_be_write(s->mon_chr, mem_buf, len);
1330 put_packet(s, "OK");
1331 break;
1332 }
1333 #endif /* !CONFIG_USER_ONLY */
1334 if (is_query_packet(p, "Supported", ':')) {
1335 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
1336 cc = CPU_GET_CLASS(first_cpu);
1337 if (cc->gdb_core_xml_file != NULL) {
1338 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
1339 }
1340 put_packet(s, buf);
1341 break;
1342 }
1343 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1344 const char *xml;
1345 target_ulong total_len;
1346
1347 cc = CPU_GET_CLASS(first_cpu);
1348 if (cc->gdb_core_xml_file == NULL) {
1349 goto unknown_command;
1350 }
1351
1352 gdb_has_xml = true;
1353 p += 19;
1354 xml = get_feature_xml(p, &p, cc);
1355 if (!xml) {
1356 snprintf(buf, sizeof(buf), "E00");
1357 put_packet(s, buf);
1358 break;
1359 }
1360
1361 if (*p == ':')
1362 p++;
1363 addr = strtoul(p, (char **)&p, 16);
1364 if (*p == ',')
1365 p++;
1366 len = strtoul(p, (char **)&p, 16);
1367
1368 total_len = strlen(xml);
1369 if (addr > total_len) {
1370 snprintf(buf, sizeof(buf), "E00");
1371 put_packet(s, buf);
1372 break;
1373 }
1374 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1375 len = (MAX_PACKET_LENGTH - 5) / 2;
1376 if (len < total_len - addr) {
1377 buf[0] = 'm';
1378 len = memtox(buf + 1, xml + addr, len);
1379 } else {
1380 buf[0] = 'l';
1381 len = memtox(buf + 1, xml + addr, total_len - addr);
1382 }
1383 put_packet_binary(s, buf, len + 1, true);
1384 break;
1385 }
1386 if (is_query_packet(p, "Attached", ':')) {
1387 put_packet(s, GDB_ATTACHED);
1388 break;
1389 }
1390 /* Unrecognised 'q' command. */
1391 goto unknown_command;
1392
1393 default:
1394 unknown_command:
1395 /* put empty packet */
1396 buf[0] = '\0';
1397 put_packet(s, buf);
1398 break;
1399 }
1400 return RS_IDLE;
1401 }
1402
1403 void gdb_set_stop_cpu(CPUState *cpu)
1404 {
1405 gdbserver_state->c_cpu = cpu;
1406 gdbserver_state->g_cpu = cpu;
1407 }
1408
1409 #ifndef CONFIG_USER_ONLY
1410 static void gdb_vm_state_change(void *opaque, int running, RunState state)
1411 {
1412 GDBState *s = gdbserver_state;
1413 CPUState *cpu = s->c_cpu;
1414 char buf[256];
1415 const char *type;
1416 int ret;
1417
1418 if (running || s->state == RS_INACTIVE) {
1419 return;
1420 }
1421 /* Is there a GDB syscall waiting to be sent? */
1422 if (s->current_syscall_cb) {
1423 put_packet(s, s->syscall_buf);
1424 return;
1425 }
1426 switch (state) {
1427 case RUN_STATE_DEBUG:
1428 if (cpu->watchpoint_hit) {
1429 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
1430 case BP_MEM_READ:
1431 type = "r";
1432 break;
1433 case BP_MEM_ACCESS:
1434 type = "a";
1435 break;
1436 default:
1437 type = "";
1438 break;
1439 }
1440 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu),
1441 (target_ulong)cpu->watchpoint_hit->vaddr);
1442 snprintf(buf, sizeof(buf),
1443 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
1444 GDB_SIGNAL_TRAP, cpu_gdb_index(cpu), type,
1445 (target_ulong)cpu->watchpoint_hit->vaddr);
1446 cpu->watchpoint_hit = NULL;
1447 goto send_packet;
1448 } else {
1449 trace_gdbstub_hit_break();
1450 }
1451 tb_flush(cpu);
1452 ret = GDB_SIGNAL_TRAP;
1453 break;
1454 case RUN_STATE_PAUSED:
1455 trace_gdbstub_hit_paused();
1456 ret = GDB_SIGNAL_INT;
1457 break;
1458 case RUN_STATE_SHUTDOWN:
1459 trace_gdbstub_hit_shutdown();
1460 ret = GDB_SIGNAL_QUIT;
1461 break;
1462 case RUN_STATE_IO_ERROR:
1463 trace_gdbstub_hit_io_error();
1464 ret = GDB_SIGNAL_IO;
1465 break;
1466 case RUN_STATE_WATCHDOG:
1467 trace_gdbstub_hit_watchdog();
1468 ret = GDB_SIGNAL_ALRM;
1469 break;
1470 case RUN_STATE_INTERNAL_ERROR:
1471 trace_gdbstub_hit_internal_error();
1472 ret = GDB_SIGNAL_ABRT;
1473 break;
1474 case RUN_STATE_SAVE_VM:
1475 case RUN_STATE_RESTORE_VM:
1476 return;
1477 case RUN_STATE_FINISH_MIGRATE:
1478 ret = GDB_SIGNAL_XCPU;
1479 break;
1480 default:
1481 trace_gdbstub_hit_unknown(state);
1482 ret = GDB_SIGNAL_UNKNOWN;
1483 break;
1484 }
1485 gdb_set_stop_cpu(cpu);
1486 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, cpu_gdb_index(cpu));
1487
1488 send_packet:
1489 put_packet(s, buf);
1490
1491 /* disable single step if it was enabled */
1492 cpu_single_step(cpu, 0);
1493 }
1494 #endif
1495
1496 /* Send a gdb syscall request.
1497 This accepts limited printf-style format specifiers, specifically:
1498 %x - target_ulong argument printed in hex.
1499 %lx - 64-bit argument printed in hex.
1500 %s - string pointer (target_ulong) and length (int) pair. */
1501 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
1502 {
1503 char *p;
1504 char *p_end;
1505 target_ulong addr;
1506 uint64_t i64;
1507 GDBState *s;
1508
1509 s = gdbserver_state;
1510 if (!s)
1511 return;
1512 s->current_syscall_cb = cb;
1513 #ifndef CONFIG_USER_ONLY
1514 vm_stop(RUN_STATE_DEBUG);
1515 #endif
1516 p = s->syscall_buf;
1517 p_end = &s->syscall_buf[sizeof(s->syscall_buf)];
1518 *(p++) = 'F';
1519 while (*fmt) {
1520 if (*fmt == '%') {
1521 fmt++;
1522 switch (*fmt++) {
1523 case 'x':
1524 addr = va_arg(va, target_ulong);
1525 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
1526 break;
1527 case 'l':
1528 if (*(fmt++) != 'x')
1529 goto bad_format;
1530 i64 = va_arg(va, uint64_t);
1531 p += snprintf(p, p_end - p, "%" PRIx64, i64);
1532 break;
1533 case 's':
1534 addr = va_arg(va, target_ulong);
1535 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
1536 addr, va_arg(va, int));
1537 break;
1538 default:
1539 bad_format:
1540 error_report("gdbstub: Bad syscall format string '%s'",
1541 fmt - 1);
1542 break;
1543 }
1544 } else {
1545 *(p++) = *(fmt++);
1546 }
1547 }
1548 *p = 0;
1549 #ifdef CONFIG_USER_ONLY
1550 put_packet(s, s->syscall_buf);
1551 gdb_handlesig(s->c_cpu, 0);
1552 #else
1553 /* In this case wait to send the syscall packet until notification that
1554 the CPU has stopped. This must be done because if the packet is sent
1555 now the reply from the syscall request could be received while the CPU
1556 is still in the running state, which can cause packets to be dropped
1557 and state transition 'T' packets to be sent while the syscall is still
1558 being processed. */
1559 qemu_cpu_kick(s->c_cpu);
1560 #endif
1561 }
1562
1563 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
1564 {
1565 va_list va;
1566
1567 va_start(va, fmt);
1568 gdb_do_syscallv(cb, fmt, va);
1569 va_end(va);
1570 }
1571
1572 static void gdb_read_byte(GDBState *s, int ch)
1573 {
1574 uint8_t reply;
1575
1576 #ifndef CONFIG_USER_ONLY
1577 if (s->last_packet_len) {
1578 /* Waiting for a response to the last packet. If we see the start
1579 of a new command then abandon the previous response. */
1580 if (ch == '-') {
1581 trace_gdbstub_err_got_nack();
1582 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
1583 } else if (ch == '+') {
1584 trace_gdbstub_io_got_ack();
1585 } else {
1586 trace_gdbstub_io_got_unexpected((uint8_t)ch);
1587 }
1588
1589 if (ch == '+' || ch == '$')
1590 s->last_packet_len = 0;
1591 if (ch != '$')
1592 return;
1593 }
1594 if (runstate_is_running()) {
1595 /* when the CPU is running, we cannot do anything except stop
1596 it when receiving a char */
1597 vm_stop(RUN_STATE_PAUSED);
1598 } else
1599 #endif
1600 {
1601 switch(s->state) {
1602 case RS_IDLE:
1603 if (ch == '$') {
1604 /* start of command packet */
1605 s->line_buf_index = 0;
1606 s->line_sum = 0;
1607 s->state = RS_GETLINE;
1608 } else {
1609 trace_gdbstub_err_garbage((uint8_t)ch);
1610 }
1611 break;
1612 case RS_GETLINE:
1613 if (ch == '}') {
1614 /* start escape sequence */
1615 s->state = RS_GETLINE_ESC;
1616 s->line_sum += ch;
1617 } else if (ch == '*') {
1618 /* start run length encoding sequence */
1619 s->state = RS_GETLINE_RLE;
1620 s->line_sum += ch;
1621 } else if (ch == '#') {
1622 /* end of command, start of checksum*/
1623 s->state = RS_CHKSUM1;
1624 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1625 trace_gdbstub_err_overrun();
1626 s->state = RS_IDLE;
1627 } else {
1628 /* unescaped command character */
1629 s->line_buf[s->line_buf_index++] = ch;
1630 s->line_sum += ch;
1631 }
1632 break;
1633 case RS_GETLINE_ESC:
1634 if (ch == '#') {
1635 /* unexpected end of command in escape sequence */
1636 s->state = RS_CHKSUM1;
1637 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1638 /* command buffer overrun */
1639 trace_gdbstub_err_overrun();
1640 s->state = RS_IDLE;
1641 } else {
1642 /* parse escaped character and leave escape state */
1643 s->line_buf[s->line_buf_index++] = ch ^ 0x20;
1644 s->line_sum += ch;
1645 s->state = RS_GETLINE;
1646 }
1647 break;
1648 case RS_GETLINE_RLE:
1649 if (ch < ' ') {
1650 /* invalid RLE count encoding */
1651 trace_gdbstub_err_invalid_repeat((uint8_t)ch);
1652 s->state = RS_GETLINE;
1653 } else {
1654 /* decode repeat length */
1655 int repeat = (unsigned char)ch - ' ' + 3;
1656 if (s->line_buf_index + repeat >= sizeof(s->line_buf) - 1) {
1657 /* that many repeats would overrun the command buffer */
1658 trace_gdbstub_err_overrun();
1659 s->state = RS_IDLE;
1660 } else if (s->line_buf_index < 1) {
1661 /* got a repeat but we have nothing to repeat */
1662 trace_gdbstub_err_invalid_rle();
1663 s->state = RS_GETLINE;
1664 } else {
1665 /* repeat the last character */
1666 memset(s->line_buf + s->line_buf_index,
1667 s->line_buf[s->line_buf_index - 1], repeat);
1668 s->line_buf_index += repeat;
1669 s->line_sum += ch;
1670 s->state = RS_GETLINE;
1671 }
1672 }
1673 break;
1674 case RS_CHKSUM1:
1675 /* get high hex digit of checksum */
1676 if (!isxdigit(ch)) {
1677 trace_gdbstub_err_checksum_invalid((uint8_t)ch);
1678 s->state = RS_GETLINE;
1679 break;
1680 }
1681 s->line_buf[s->line_buf_index] = '\0';
1682 s->line_csum = fromhex(ch) << 4;
1683 s->state = RS_CHKSUM2;
1684 break;
1685 case RS_CHKSUM2:
1686 /* get low hex digit of checksum */
1687 if (!isxdigit(ch)) {
1688 trace_gdbstub_err_checksum_invalid((uint8_t)ch);
1689 s->state = RS_GETLINE;
1690 break;
1691 }
1692 s->line_csum |= fromhex(ch);
1693
1694 if (s->line_csum != (s->line_sum & 0xff)) {
1695 trace_gdbstub_err_checksum_incorrect(s->line_sum, s->line_csum);
1696 /* send NAK reply */
1697 reply = '-';
1698 put_buffer(s, &reply, 1);
1699 s->state = RS_IDLE;
1700 } else {
1701 /* send ACK reply */
1702 reply = '+';
1703 put_buffer(s, &reply, 1);
1704 s->state = gdb_handle_packet(s, s->line_buf);
1705 }
1706 break;
1707 default:
1708 abort();
1709 }
1710 }
1711 }
1712
1713 /* Tell the remote gdb that the process has exited. */
1714 void gdb_exit(CPUArchState *env, int code)
1715 {
1716 GDBState *s;
1717 char buf[4];
1718
1719 s = gdbserver_state;
1720 if (!s) {
1721 return;
1722 }
1723 #ifdef CONFIG_USER_ONLY
1724 if (gdbserver_fd < 0 || s->fd < 0) {
1725 return;
1726 }
1727 #endif
1728
1729 trace_gdbstub_op_exiting((uint8_t)code);
1730
1731 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
1732 put_packet(s, buf);
1733
1734 #ifndef CONFIG_USER_ONLY
1735 qemu_chr_fe_deinit(&s->chr, true);
1736 #endif
1737 }
1738
1739 #ifdef CONFIG_USER_ONLY
1740 int
1741 gdb_handlesig(CPUState *cpu, int sig)
1742 {
1743 GDBState *s;
1744 char buf[256];
1745 int n;
1746
1747 s = gdbserver_state;
1748 if (gdbserver_fd < 0 || s->fd < 0) {
1749 return sig;
1750 }
1751
1752 /* disable single step if it was enabled */
1753 cpu_single_step(cpu, 0);
1754 tb_flush(cpu);
1755
1756 if (sig != 0) {
1757 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
1758 put_packet(s, buf);
1759 }
1760 /* put_packet() might have detected that the peer terminated the
1761 connection. */
1762 if (s->fd < 0) {
1763 return sig;
1764 }
1765
1766 sig = 0;
1767 s->state = RS_IDLE;
1768 s->running_state = 0;
1769 while (s->running_state == 0) {
1770 n = read(s->fd, buf, 256);
1771 if (n > 0) {
1772 int i;
1773
1774 for (i = 0; i < n; i++) {
1775 gdb_read_byte(s, buf[i]);
1776 }
1777 } else {
1778 /* XXX: Connection closed. Should probably wait for another
1779 connection before continuing. */
1780 if (n == 0) {
1781 close(s->fd);
1782 }
1783 s->fd = -1;
1784 return sig;
1785 }
1786 }
1787 sig = s->signal;
1788 s->signal = 0;
1789 return sig;
1790 }
1791
1792 /* Tell the remote gdb that the process has exited due to SIG. */
1793 void gdb_signalled(CPUArchState *env, int sig)
1794 {
1795 GDBState *s;
1796 char buf[4];
1797
1798 s = gdbserver_state;
1799 if (gdbserver_fd < 0 || s->fd < 0) {
1800 return;
1801 }
1802
1803 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
1804 put_packet(s, buf);
1805 }
1806
1807 static void gdb_accept(void)
1808 {
1809 GDBState *s;
1810 struct sockaddr_in sockaddr;
1811 socklen_t len;
1812 int fd;
1813
1814 for(;;) {
1815 len = sizeof(sockaddr);
1816 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
1817 if (fd < 0 && errno != EINTR) {
1818 perror("accept");
1819 return;
1820 } else if (fd >= 0) {
1821 #ifndef _WIN32
1822 fcntl(fd, F_SETFD, FD_CLOEXEC);
1823 #endif
1824 break;
1825 }
1826 }
1827
1828 /* set short latency */
1829 socket_set_nodelay(fd);
1830
1831 s = g_malloc0(sizeof(GDBState));
1832 s->c_cpu = first_cpu;
1833 s->g_cpu = first_cpu;
1834 s->fd = fd;
1835 gdb_has_xml = false;
1836
1837 gdbserver_state = s;
1838 }
1839
1840 static int gdbserver_open(int port)
1841 {
1842 struct sockaddr_in sockaddr;
1843 int fd, ret;
1844
1845 fd = socket(PF_INET, SOCK_STREAM, 0);
1846 if (fd < 0) {
1847 perror("socket");
1848 return -1;
1849 }
1850 #ifndef _WIN32
1851 fcntl(fd, F_SETFD, FD_CLOEXEC);
1852 #endif
1853
1854 socket_set_fast_reuse(fd);
1855
1856 sockaddr.sin_family = AF_INET;
1857 sockaddr.sin_port = htons(port);
1858 sockaddr.sin_addr.s_addr = 0;
1859 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
1860 if (ret < 0) {
1861 perror("bind");
1862 close(fd);
1863 return -1;
1864 }
1865 ret = listen(fd, 1);
1866 if (ret < 0) {
1867 perror("listen");
1868 close(fd);
1869 return -1;
1870 }
1871 return fd;
1872 }
1873
1874 int gdbserver_start(int port)
1875 {
1876 gdbserver_fd = gdbserver_open(port);
1877 if (gdbserver_fd < 0)
1878 return -1;
1879 /* accept connections */
1880 gdb_accept();
1881 return 0;
1882 }
1883
1884 /* Disable gdb stub for child processes. */
1885 void gdbserver_fork(CPUState *cpu)
1886 {
1887 GDBState *s = gdbserver_state;
1888
1889 if (gdbserver_fd < 0 || s->fd < 0) {
1890 return;
1891 }
1892 close(s->fd);
1893 s->fd = -1;
1894 cpu_breakpoint_remove_all(cpu, BP_GDB);
1895 cpu_watchpoint_remove_all(cpu, BP_GDB);
1896 }
1897 #else
1898 static int gdb_chr_can_receive(void *opaque)
1899 {
1900 /* We can handle an arbitrarily large amount of data.
1901 Pick the maximum packet size, which is as good as anything. */
1902 return MAX_PACKET_LENGTH;
1903 }
1904
1905 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
1906 {
1907 int i;
1908
1909 for (i = 0; i < size; i++) {
1910 gdb_read_byte(gdbserver_state, buf[i]);
1911 }
1912 }
1913
1914 static void gdb_chr_event(void *opaque, int event)
1915 {
1916 switch (event) {
1917 case CHR_EVENT_OPENED:
1918 vm_stop(RUN_STATE_PAUSED);
1919 gdb_has_xml = false;
1920 break;
1921 default:
1922 break;
1923 }
1924 }
1925
1926 static void gdb_monitor_output(GDBState *s, const char *msg, int len)
1927 {
1928 char buf[MAX_PACKET_LENGTH];
1929
1930 buf[0] = 'O';
1931 if (len > (MAX_PACKET_LENGTH/2) - 1)
1932 len = (MAX_PACKET_LENGTH/2) - 1;
1933 memtohex(buf + 1, (uint8_t *)msg, len);
1934 put_packet(s, buf);
1935 }
1936
1937 static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len)
1938 {
1939 const char *p = (const char *)buf;
1940 int max_sz;
1941
1942 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
1943 for (;;) {
1944 if (len <= max_sz) {
1945 gdb_monitor_output(gdbserver_state, p, len);
1946 break;
1947 }
1948 gdb_monitor_output(gdbserver_state, p, max_sz);
1949 p += max_sz;
1950 len -= max_sz;
1951 }
1952 return len;
1953 }
1954
1955 #ifndef _WIN32
1956 static void gdb_sigterm_handler(int signal)
1957 {
1958 if (runstate_is_running()) {
1959 vm_stop(RUN_STATE_PAUSED);
1960 }
1961 }
1962 #endif
1963
1964 static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend,
1965 bool *be_opened, Error **errp)
1966 {
1967 *be_opened = false;
1968 }
1969
1970 static void char_gdb_class_init(ObjectClass *oc, void *data)
1971 {
1972 ChardevClass *cc = CHARDEV_CLASS(oc);
1973
1974 cc->internal = true;
1975 cc->open = gdb_monitor_open;
1976 cc->chr_write = gdb_monitor_write;
1977 }
1978
1979 #define TYPE_CHARDEV_GDB "chardev-gdb"
1980
1981 static const TypeInfo char_gdb_type_info = {
1982 .name = TYPE_CHARDEV_GDB,
1983 .parent = TYPE_CHARDEV,
1984 .class_init = char_gdb_class_init,
1985 };
1986
1987 int gdbserver_start(const char *device)
1988 {
1989 trace_gdbstub_op_start(device);
1990
1991 GDBState *s;
1992 char gdbstub_device_name[128];
1993 Chardev *chr = NULL;
1994 Chardev *mon_chr;
1995
1996 if (!first_cpu) {
1997 error_report("gdbstub: meaningless to attach gdb to a "
1998 "machine without any CPU.");
1999 return -1;
2000 }
2001
2002 if (!device)
2003 return -1;
2004 if (strcmp(device, "none") != 0) {
2005 if (strstart(device, "tcp:", NULL)) {
2006 /* enforce required TCP attributes */
2007 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
2008 "%s,nowait,nodelay,server", device);
2009 device = gdbstub_device_name;
2010 }
2011 #ifndef _WIN32
2012 else if (strcmp(device, "stdio") == 0) {
2013 struct sigaction act;
2014
2015 memset(&act, 0, sizeof(act));
2016 act.sa_handler = gdb_sigterm_handler;
2017 sigaction(SIGINT, &act, NULL);
2018 }
2019 #endif
2020 chr = qemu_chr_new_noreplay("gdb", device);
2021 if (!chr)
2022 return -1;
2023 }
2024
2025 s = gdbserver_state;
2026 if (!s) {
2027 s = g_malloc0(sizeof(GDBState));
2028 gdbserver_state = s;
2029
2030 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
2031
2032 /* Initialize a monitor terminal for gdb */
2033 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB,
2034 NULL, &error_abort);
2035 monitor_init(mon_chr, 0);
2036 } else {
2037 qemu_chr_fe_deinit(&s->chr, true);
2038 mon_chr = s->mon_chr;
2039 memset(s, 0, sizeof(GDBState));
2040 s->mon_chr = mon_chr;
2041 }
2042 s->c_cpu = first_cpu;
2043 s->g_cpu = first_cpu;
2044 if (chr) {
2045 qemu_chr_fe_init(&s->chr, chr, &error_abort);
2046 qemu_chr_fe_set_handlers(&s->chr, gdb_chr_can_receive, gdb_chr_receive,
2047 gdb_chr_event, NULL, NULL, NULL, true);
2048 }
2049 s->state = chr ? RS_IDLE : RS_INACTIVE;
2050 s->mon_chr = mon_chr;
2051 s->current_syscall_cb = NULL;
2052
2053 return 0;
2054 }
2055
2056 void gdbserver_cleanup(void)
2057 {
2058 if (gdbserver_state) {
2059 put_packet(gdbserver_state, "W00");
2060 }
2061 }
2062
2063 static void register_types(void)
2064 {
2065 type_register_static(&char_gdb_type_info);
2066 }
2067
2068 type_init(register_types);
2069 #endif
Random patches