search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
linux-user/aarch64: Do not allow duplicate or short sve records
[qemu/rayw.git] / gdbstub.c
blobcf869b10e3b74c130823534c486a20c21ddfed75
1 /*
2 * gdb server stub
3 *
4 * This implements a subset of the remote protocol as described in:
5 *
6 * https://sourceware.org/gdb/onlinedocs/gdb/Remote-Protocol.html
7 *
8 * Copyright (c) 2003-2005 Fabrice Bellard
9 *
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
14 *
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
19 *
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
22 *
23 * SPDX-License-Identifier: LGPL-2.0+
24 */
25
26 #include "qemu/osdep.h"
27 #include "qapi/error.h"
28 #include "qemu/error-report.h"
29 #include "qemu/ctype.h"
30 #include "qemu/cutils.h"
31 #include "qemu/module.h"
32 #include "trace/trace-root.h"
33 #include "exec/gdbstub.h"
34 #ifdef CONFIG_USER_ONLY
35 #include "qemu.h"
36 #else
37 #include "monitor/monitor.h"
38 #include "chardev/char.h"
39 #include "chardev/char-fe.h"
40 #include "hw/cpu/cluster.h"
41 #include "hw/boards.h"
42 #endif
43
44 #define MAX_PACKET_LENGTH 4096
45
46 #include "qemu/sockets.h"
47 #include "sysemu/hw_accel.h"
48 #include "sysemu/kvm.h"
49 #include "sysemu/runstate.h"
50 #include "semihosting/semihost.h"
51 #include "exec/exec-all.h"
52 #include "sysemu/replay.h"
53
54 #ifdef CONFIG_USER_ONLY
55 #define GDB_ATTACHED "0"
56 #else
57 #define GDB_ATTACHED "1"
58 #endif
59
60 #ifndef CONFIG_USER_ONLY
61 static int phy_memory_mode;
62 #endif
63
64 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
65 uint8_t *buf, int len, bool is_write)
66 {
67 CPUClass *cc;
68
69 #ifndef CONFIG_USER_ONLY
70 if (phy_memory_mode) {
71 if (is_write) {
72 cpu_physical_memory_write(addr, buf, len);
73 } else {
74 cpu_physical_memory_read(addr, buf, len);
75 }
76 return 0;
77 }
78 #endif
79
80 cc = CPU_GET_CLASS(cpu);
81 if (cc->memory_rw_debug) {
82 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
83 }
84 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
85 }
86
87 /* Return the GDB index for a given vCPU state.
88 *
89 * For user mode this is simply the thread id. In system mode GDB
90 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
91 */
92 static inline int cpu_gdb_index(CPUState *cpu)
93 {
94 #if defined(CONFIG_USER_ONLY)
95 TaskState *ts = (TaskState *) cpu->opaque;
96 return ts ? ts->ts_tid : -1;
97 #else
98 return cpu->cpu_index + 1;
99 #endif
100 }
101
102 enum {
103 GDB_SIGNAL_0 = 0,
104 GDB_SIGNAL_INT = 2,
105 GDB_SIGNAL_QUIT = 3,
106 GDB_SIGNAL_TRAP = 5,
107 GDB_SIGNAL_ABRT = 6,
108 GDB_SIGNAL_ALRM = 14,
109 GDB_SIGNAL_IO = 23,
110 GDB_SIGNAL_XCPU = 24,
111 GDB_SIGNAL_UNKNOWN = 143
112 };
113
114 #ifdef CONFIG_USER_ONLY
115
116 /* Map target signal numbers to GDB protocol signal numbers and vice
117 * versa. For user emulation's currently supported systems, we can
118 * assume most signals are defined.
119 */
120
121 static int gdb_signal_table[] = {
122 0,
123 TARGET_SIGHUP,
124 TARGET_SIGINT,
125 TARGET_SIGQUIT,
126 TARGET_SIGILL,
127 TARGET_SIGTRAP,
128 TARGET_SIGABRT,
129 -1, /* SIGEMT */
130 TARGET_SIGFPE,
131 TARGET_SIGKILL,
132 TARGET_SIGBUS,
133 TARGET_SIGSEGV,
134 TARGET_SIGSYS,
135 TARGET_SIGPIPE,
136 TARGET_SIGALRM,
137 TARGET_SIGTERM,
138 TARGET_SIGURG,
139 TARGET_SIGSTOP,
140 TARGET_SIGTSTP,
141 TARGET_SIGCONT,
142 TARGET_SIGCHLD,
143 TARGET_SIGTTIN,
144 TARGET_SIGTTOU,
145 TARGET_SIGIO,
146 TARGET_SIGXCPU,
147 TARGET_SIGXFSZ,
148 TARGET_SIGVTALRM,
149 TARGET_SIGPROF,
150 TARGET_SIGWINCH,
151 -1, /* SIGLOST */
152 TARGET_SIGUSR1,
153 TARGET_SIGUSR2,
154 #ifdef TARGET_SIGPWR
155 TARGET_SIGPWR,
156 #else
157 -1,
158 #endif
159 -1, /* SIGPOLL */
160 -1,
161 -1,
162 -1,
163 -1,
164 -1,
165 -1,
166 -1,
167 -1,
168 -1,
169 -1,
170 -1,
171 #ifdef __SIGRTMIN
172 __SIGRTMIN + 1,
173 __SIGRTMIN + 2,
174 __SIGRTMIN + 3,
175 __SIGRTMIN + 4,
176 __SIGRTMIN + 5,
177 __SIGRTMIN + 6,
178 __SIGRTMIN + 7,
179 __SIGRTMIN + 8,
180 __SIGRTMIN + 9,
181 __SIGRTMIN + 10,
182 __SIGRTMIN + 11,
183 __SIGRTMIN + 12,
184 __SIGRTMIN + 13,
185 __SIGRTMIN + 14,
186 __SIGRTMIN + 15,
187 __SIGRTMIN + 16,
188 __SIGRTMIN + 17,
189 __SIGRTMIN + 18,
190 __SIGRTMIN + 19,
191 __SIGRTMIN + 20,
192 __SIGRTMIN + 21,
193 __SIGRTMIN + 22,
194 __SIGRTMIN + 23,
195 __SIGRTMIN + 24,
196 __SIGRTMIN + 25,
197 __SIGRTMIN + 26,
198 __SIGRTMIN + 27,
199 __SIGRTMIN + 28,
200 __SIGRTMIN + 29,
201 __SIGRTMIN + 30,
202 __SIGRTMIN + 31,
203 -1, /* SIGCANCEL */
204 __SIGRTMIN,
205 __SIGRTMIN + 32,
206 __SIGRTMIN + 33,
207 __SIGRTMIN + 34,
208 __SIGRTMIN + 35,
209 __SIGRTMIN + 36,
210 __SIGRTMIN + 37,
211 __SIGRTMIN + 38,
212 __SIGRTMIN + 39,
213 __SIGRTMIN + 40,
214 __SIGRTMIN + 41,
215 __SIGRTMIN + 42,
216 __SIGRTMIN + 43,
217 __SIGRTMIN + 44,
218 __SIGRTMIN + 45,
219 __SIGRTMIN + 46,
220 __SIGRTMIN + 47,
221 __SIGRTMIN + 48,
222 __SIGRTMIN + 49,
223 __SIGRTMIN + 50,
224 __SIGRTMIN + 51,
225 __SIGRTMIN + 52,
226 __SIGRTMIN + 53,
227 __SIGRTMIN + 54,
228 __SIGRTMIN + 55,
229 __SIGRTMIN + 56,
230 __SIGRTMIN + 57,
231 __SIGRTMIN + 58,
232 __SIGRTMIN + 59,
233 __SIGRTMIN + 60,
234 __SIGRTMIN + 61,
235 __SIGRTMIN + 62,
236 __SIGRTMIN + 63,
237 __SIGRTMIN + 64,
238 __SIGRTMIN + 65,
239 __SIGRTMIN + 66,
240 __SIGRTMIN + 67,
241 __SIGRTMIN + 68,
242 __SIGRTMIN + 69,
243 __SIGRTMIN + 70,
244 __SIGRTMIN + 71,
245 __SIGRTMIN + 72,
246 __SIGRTMIN + 73,
247 __SIGRTMIN + 74,
248 __SIGRTMIN + 75,
249 __SIGRTMIN + 76,
250 __SIGRTMIN + 77,
251 __SIGRTMIN + 78,
252 __SIGRTMIN + 79,
253 __SIGRTMIN + 80,
254 __SIGRTMIN + 81,
255 __SIGRTMIN + 82,
256 __SIGRTMIN + 83,
257 __SIGRTMIN + 84,
258 __SIGRTMIN + 85,
259 __SIGRTMIN + 86,
260 __SIGRTMIN + 87,
261 __SIGRTMIN + 88,
262 __SIGRTMIN + 89,
263 __SIGRTMIN + 90,
264 __SIGRTMIN + 91,
265 __SIGRTMIN + 92,
266 __SIGRTMIN + 93,
267 __SIGRTMIN + 94,
268 __SIGRTMIN + 95,
269 -1, /* SIGINFO */
270 -1, /* UNKNOWN */
271 -1, /* DEFAULT */
272 -1,
273 -1,
274 -1,
275 -1,
276 -1,
277 -1
278 #endif
279 };
280 #else
281 /* In system mode we only need SIGINT and SIGTRAP; other signals
282 are not yet supported. */
283
284 enum {
285 TARGET_SIGINT = 2,
286 TARGET_SIGTRAP = 5
287 };
288
289 static int gdb_signal_table[] = {
290 -1,
291 -1,
292 TARGET_SIGINT,
293 -1,
294 -1,
295 TARGET_SIGTRAP
296 };
297 #endif
298
299 #ifdef CONFIG_USER_ONLY
300 static int target_signal_to_gdb (int sig)
301 {
302 int i;
303 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
304 if (gdb_signal_table[i] == sig)
305 return i;
306 return GDB_SIGNAL_UNKNOWN;
307 }
308 #endif
309
310 static int gdb_signal_to_target (int sig)
311 {
312 if (sig < ARRAY_SIZE (gdb_signal_table))
313 return gdb_signal_table[sig];
314 else
315 return -1;
316 }
317
318 typedef struct GDBRegisterState {
319 int base_reg;
320 int num_regs;
321 gdb_get_reg_cb get_reg;
322 gdb_set_reg_cb set_reg;
323 const char *xml;
324 struct GDBRegisterState *next;
325 } GDBRegisterState;
326
327 typedef struct GDBProcess {
328 uint32_t pid;
329 bool attached;
330
331 char target_xml[1024];
332 } GDBProcess;
333
334 enum RSState {
335 RS_INACTIVE,
336 RS_IDLE,
337 RS_GETLINE,
338 RS_GETLINE_ESC,
339 RS_GETLINE_RLE,
340 RS_CHKSUM1,
341 RS_CHKSUM2,
342 };
343 typedef struct GDBState {
344 bool init; /* have we been initialised? */
345 CPUState *c_cpu; /* current CPU for step/continue ops */
346 CPUState *g_cpu; /* current CPU for other ops */
347 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
348 enum RSState state; /* parsing state */
349 char line_buf[MAX_PACKET_LENGTH];
350 int line_buf_index;
351 int line_sum; /* running checksum */
352 int line_csum; /* checksum at the end of the packet */
353 GByteArray *last_packet;
354 int signal;
355 #ifdef CONFIG_USER_ONLY
356 int fd;
357 char *socket_path;
358 int running_state;
359 #else
360 CharBackend chr;
361 Chardev *mon_chr;
362 #endif
363 bool multiprocess;
364 GDBProcess *processes;
365 int process_num;
366 char syscall_buf[256];
367 gdb_syscall_complete_cb current_syscall_cb;
368 GString *str_buf;
369 GByteArray *mem_buf;
370 int sstep_flags;
371 int supported_sstep_flags;
372 } GDBState;
373
374 static GDBState gdbserver_state;
375
376 static void init_gdbserver_state(void)
377 {
378 g_assert(!gdbserver_state.init);
379 memset(&gdbserver_state, 0, sizeof(GDBState));
380 gdbserver_state.init = true;
381 gdbserver_state.str_buf = g_string_new(NULL);
382 gdbserver_state.mem_buf = g_byte_array_sized_new(MAX_PACKET_LENGTH);
383 gdbserver_state.last_packet = g_byte_array_sized_new(MAX_PACKET_LENGTH + 4);
384
385 /*
386 * In replay mode all events will come from the log and can't be
387 * suppressed otherwise we would break determinism. However as those
388 * events are tied to the number of executed instructions we won't see
389 * them occurring every time we single step.
390 */
391 if (replay_mode != REPLAY_MODE_NONE) {
392 gdbserver_state.supported_sstep_flags = SSTEP_ENABLE;
393 } else if (kvm_enabled()) {
394 gdbserver_state.supported_sstep_flags = kvm_get_supported_sstep_flags();
395 } else {
396 gdbserver_state.supported_sstep_flags =
397 SSTEP_ENABLE | SSTEP_NOIRQ | SSTEP_NOTIMER;
398 }
399
400 /*
401 * By default use no IRQs and no timers while single stepping so as to
402 * make single stepping like an ICE HW step.
403 */
404 gdbserver_state.sstep_flags = SSTEP_ENABLE | SSTEP_NOIRQ | SSTEP_NOTIMER;
405 gdbserver_state.sstep_flags &= gdbserver_state.supported_sstep_flags;
406
407 }
408
409 #ifndef CONFIG_USER_ONLY
410 static void reset_gdbserver_state(void)
411 {
412 g_free(gdbserver_state.processes);
413 gdbserver_state.processes = NULL;
414 gdbserver_state.process_num = 0;
415 }
416 #endif
417
418 bool gdb_has_xml;
419
420 #ifdef CONFIG_USER_ONLY
421
422 static int get_char(void)
423 {
424 uint8_t ch;
425 int ret;
426
427 for(;;) {
428 ret = recv(gdbserver_state.fd, &ch, 1, 0);
429 if (ret < 0) {
430 if (errno == ECONNRESET)
431 gdbserver_state.fd = -1;
432 if (errno != EINTR)
433 return -1;
434 } else if (ret == 0) {
435 close(gdbserver_state.fd);
436 gdbserver_state.fd = -1;
437 return -1;
438 } else {
439 break;
440 }
441 }
442 return ch;
443 }
444 #endif
445
446 /*
447 * Return true if there is a GDB currently connected to the stub
448 * and attached to a CPU
449 */
450 static bool gdb_attached(void)
451 {
452 return gdbserver_state.init && gdbserver_state.c_cpu;
453 }
454
455 static enum {
456 GDB_SYS_UNKNOWN,
457 GDB_SYS_ENABLED,
458 GDB_SYS_DISABLED,
459 } gdb_syscall_mode;
460
461 /* Decide if either remote gdb syscalls or native file IO should be used. */
462 int use_gdb_syscalls(void)
463 {
464 SemihostingTarget target = semihosting_get_target();
465 if (target == SEMIHOSTING_TARGET_NATIVE) {
466 /* -semihosting-config target=native */
467 return false;
468 } else if (target == SEMIHOSTING_TARGET_GDB) {
469 /* -semihosting-config target=gdb */
470 return true;
471 }
472
473 /* -semihosting-config target=auto */
474 /* On the first call check if gdb is connected and remember. */
475 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
476 gdb_syscall_mode = gdb_attached() ? GDB_SYS_ENABLED : GDB_SYS_DISABLED;
477 }
478 return gdb_syscall_mode == GDB_SYS_ENABLED;
479 }
480
481 static bool stub_can_reverse(void)
482 {
483 #ifdef CONFIG_USER_ONLY
484 return false;
485 #else
486 return replay_mode == REPLAY_MODE_PLAY;
487 #endif
488 }
489
490 /* Resume execution. */
491 static inline void gdb_continue(void)
492 {
493
494 #ifdef CONFIG_USER_ONLY
495 gdbserver_state.running_state = 1;
496 trace_gdbstub_op_continue();
497 #else
498 if (!runstate_needs_reset()) {
499 trace_gdbstub_op_continue();
500 vm_start();
501 }
502 #endif
503 }
504
505 /*
506 * Resume execution, per CPU actions. For user-mode emulation it's
507 * equivalent to gdb_continue.
508 */
509 static int gdb_continue_partial(char *newstates)
510 {
511 CPUState *cpu;
512 int res = 0;
513 #ifdef CONFIG_USER_ONLY
514 /*
515 * This is not exactly accurate, but it's an improvement compared to the
516 * previous situation, where only one CPU would be single-stepped.
517 */
518 CPU_FOREACH(cpu) {
519 if (newstates[cpu->cpu_index] == 's') {
520 trace_gdbstub_op_stepping(cpu->cpu_index);
521 cpu_single_step(cpu, gdbserver_state.sstep_flags);
522 }
523 }
524 gdbserver_state.running_state = 1;
525 #else
526 int flag = 0;
527
528 if (!runstate_needs_reset()) {
529 bool step_requested = false;
530 CPU_FOREACH(cpu) {
531 if (newstates[cpu->cpu_index] == 's') {
532 step_requested = true;
533 break;
534 }
535 }
536
537 if (vm_prepare_start(step_requested)) {
538 return 0;
539 }
540
541 CPU_FOREACH(cpu) {
542 switch (newstates[cpu->cpu_index]) {
543 case 0:
544 case 1:
545 break; /* nothing to do here */
546 case 's':
547 trace_gdbstub_op_stepping(cpu->cpu_index);
548 cpu_single_step(cpu, gdbserver_state.sstep_flags);
549 cpu_resume(cpu);
550 flag = 1;
551 break;
552 case 'c':
553 trace_gdbstub_op_continue_cpu(cpu->cpu_index);
554 cpu_resume(cpu);
555 flag = 1;
556 break;
557 default:
558 res = -1;
559 break;
560 }
561 }
562 }
563 if (flag) {
564 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true);
565 }
566 #endif
567 return res;
568 }
569
570 static void put_buffer(const uint8_t *buf, int len)
571 {
572 #ifdef CONFIG_USER_ONLY
573 int ret;
574
575 while (len > 0) {
576 ret = send(gdbserver_state.fd, buf, len, 0);
577 if (ret < 0) {
578 if (errno != EINTR)
579 return;
580 } else {
581 buf += ret;
582 len -= ret;
583 }
584 }
585 #else
586 /* XXX this blocks entire thread. Rewrite to use
587 * qemu_chr_fe_write and background I/O callbacks */
588 qemu_chr_fe_write_all(&gdbserver_state.chr, buf, len);
589 #endif
590 }
591
592 static inline int fromhex(int v)
593 {
594 if (v >= '0' && v <= '9')
595 return v - '0';
596 else if (v >= 'A' && v <= 'F')
597 return v - 'A' + 10;
598 else if (v >= 'a' && v <= 'f')
599 return v - 'a' + 10;
600 else
601 return 0;
602 }
603
604 static inline int tohex(int v)
605 {
606 if (v < 10)
607 return v + '0';
608 else
609 return v - 10 + 'a';
610 }
611
612 /* writes 2*len+1 bytes in buf */
613 static void memtohex(GString *buf, const uint8_t *mem, int len)
614 {
615 int i, c;
616 for(i = 0; i < len; i++) {
617 c = mem[i];
618 g_string_append_c(buf, tohex(c >> 4));
619 g_string_append_c(buf, tohex(c & 0xf));
620 }
621 g_string_append_c(buf, '\0');
622 }
623
624 static void hextomem(GByteArray *mem, const char *buf, int len)
625 {
626 int i;
627
628 for(i = 0; i < len; i++) {
629 guint8 byte = fromhex(buf[0]) << 4 | fromhex(buf[1]);
630 g_byte_array_append(mem, &byte, 1);
631 buf += 2;
632 }
633 }
634
635 static void hexdump(const char *buf, int len,
636 void (*trace_fn)(size_t ofs, char const *text))
637 {
638 char line_buffer[3 * 16 + 4 + 16 + 1];
639
640 size_t i;
641 for (i = 0; i < len || (i & 0xF); ++i) {
642 size_t byte_ofs = i & 15;
643
644 if (byte_ofs == 0) {
645 memset(line_buffer, ' ', 3 * 16 + 4 + 16);
646 line_buffer[3 * 16 + 4 + 16] = 0;
647 }
648
649 size_t col_group = (i >> 2) & 3;
650 size_t hex_col = byte_ofs * 3 + col_group;
651 size_t txt_col = 3 * 16 + 4 + byte_ofs;
652
653 if (i < len) {
654 char value = buf[i];
655
656 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF);
657 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF);
658 line_buffer[txt_col + 0] = (value >= ' ' && value < 127)
659 ? value
660 : '.';
661 }
662
663 if (byte_ofs == 0xF)
664 trace_fn(i & -16, line_buffer);
665 }
666 }
667
668 /* return -1 if error, 0 if OK */
669 static int put_packet_binary(const char *buf, int len, bool dump)
670 {
671 int csum, i;
672 uint8_t footer[3];
673
674 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) {
675 hexdump(buf, len, trace_gdbstub_io_binaryreply);
676 }
677
678 for(;;) {
679 g_byte_array_set_size(gdbserver_state.last_packet, 0);
680 g_byte_array_append(gdbserver_state.last_packet,
681 (const uint8_t *) "$", 1);
682 g_byte_array_append(gdbserver_state.last_packet,
683 (const uint8_t *) buf, len);
684 csum = 0;
685 for(i = 0; i < len; i++) {
686 csum += buf[i];
687 }
688 footer[0] = '#';
689 footer[1] = tohex((csum >> 4) & 0xf);
690 footer[2] = tohex((csum) & 0xf);
691 g_byte_array_append(gdbserver_state.last_packet, footer, 3);
692
693 put_buffer(gdbserver_state.last_packet->data,
694 gdbserver_state.last_packet->len);
695
696 #ifdef CONFIG_USER_ONLY
697 i = get_char();
698 if (i < 0)
699 return -1;
700 if (i == '+')
701 break;
702 #else
703 break;
704 #endif
705 }
706 return 0;
707 }
708
709 /* return -1 if error, 0 if OK */
710 static int put_packet(const char *buf)
711 {
712 trace_gdbstub_io_reply(buf);
713
714 return put_packet_binary(buf, strlen(buf), false);
715 }
716
717 static void put_strbuf(void)
718 {
719 put_packet(gdbserver_state.str_buf->str);
720 }
721
722 /* Encode data using the encoding for 'x' packets. */
723 static void memtox(GString *buf, const char *mem, int len)
724 {
725 char c;
726
727 while (len--) {
728 c = *(mem++);
729 switch (c) {
730 case '#': case '$': case '*': case '}':
731 g_string_append_c(buf, '}');
732 g_string_append_c(buf, c ^ 0x20);
733 break;
734 default:
735 g_string_append_c(buf, c);
736 break;
737 }
738 }
739 }
740
741 static uint32_t gdb_get_cpu_pid(CPUState *cpu)
742 {
743 /* TODO: In user mode, we should use the task state PID */
744 if (cpu->cluster_index == UNASSIGNED_CLUSTER_INDEX) {
745 /* Return the default process' PID */
746 int index = gdbserver_state.process_num - 1;
747 return gdbserver_state.processes[index].pid;
748 }
749 return cpu->cluster_index + 1;
750 }
751
752 static GDBProcess *gdb_get_process(uint32_t pid)
753 {
754 int i;
755
756 if (!pid) {
757 /* 0 means any process, we take the first one */
758 return &gdbserver_state.processes[0];
759 }
760
761 for (i = 0; i < gdbserver_state.process_num; i++) {
762 if (gdbserver_state.processes[i].pid == pid) {
763 return &gdbserver_state.processes[i];
764 }
765 }
766
767 return NULL;
768 }
769
770 static GDBProcess *gdb_get_cpu_process(CPUState *cpu)
771 {
772 return gdb_get_process(gdb_get_cpu_pid(cpu));
773 }
774
775 static CPUState *find_cpu(uint32_t thread_id)
776 {
777 CPUState *cpu;
778
779 CPU_FOREACH(cpu) {
780 if (cpu_gdb_index(cpu) == thread_id) {
781 return cpu;
782 }
783 }
784
785 return NULL;
786 }
787
788 static CPUState *get_first_cpu_in_process(GDBProcess *process)
789 {
790 CPUState *cpu;
791
792 CPU_FOREACH(cpu) {
793 if (gdb_get_cpu_pid(cpu) == process->pid) {
794 return cpu;
795 }
796 }
797
798 return NULL;
799 }
800
801 static CPUState *gdb_next_cpu_in_process(CPUState *cpu)
802 {
803 uint32_t pid = gdb_get_cpu_pid(cpu);
804 cpu = CPU_NEXT(cpu);
805
806 while (cpu) {
807 if (gdb_get_cpu_pid(cpu) == pid) {
808 break;
809 }
810
811 cpu = CPU_NEXT(cpu);
812 }
813
814 return cpu;
815 }
816
817 /* Return the cpu following @cpu, while ignoring unattached processes. */
818 static CPUState *gdb_next_attached_cpu(CPUState *cpu)
819 {
820 cpu = CPU_NEXT(cpu);
821
822 while (cpu) {
823 if (gdb_get_cpu_process(cpu)->attached) {
824 break;
825 }
826
827 cpu = CPU_NEXT(cpu);
828 }
829
830 return cpu;
831 }
832
833 /* Return the first attached cpu */
834 static CPUState *gdb_first_attached_cpu(void)
835 {
836 CPUState *cpu = first_cpu;
837 GDBProcess *process = gdb_get_cpu_process(cpu);
838
839 if (!process->attached) {
840 return gdb_next_attached_cpu(cpu);
841 }
842
843 return cpu;
844 }
845
846 static CPUState *gdb_get_cpu(uint32_t pid, uint32_t tid)
847 {
848 GDBProcess *process;
849 CPUState *cpu;
850
851 if (!pid && !tid) {
852 /* 0 means any process/thread, we take the first attached one */
853 return gdb_first_attached_cpu();
854 } else if (pid && !tid) {
855 /* any thread in a specific process */
856 process = gdb_get_process(pid);
857
858 if (process == NULL) {
859 return NULL;
860 }
861
862 if (!process->attached) {
863 return NULL;
864 }
865
866 return get_first_cpu_in_process(process);
867 } else {
868 /* a specific thread */
869 cpu = find_cpu(tid);
870
871 if (cpu == NULL) {
872 return NULL;
873 }
874
875 process = gdb_get_cpu_process(cpu);
876
877 if (pid && process->pid != pid) {
878 return NULL;
879 }
880
881 if (!process->attached) {
882 return NULL;
883 }
884
885 return cpu;
886 }
887 }
888
889 static const char *get_feature_xml(const char *p, const char **newp,
890 GDBProcess *process)
891 {
892 size_t len;
893 int i;
894 const char *name;
895 CPUState *cpu = get_first_cpu_in_process(process);
896 CPUClass *cc = CPU_GET_CLASS(cpu);
897
898 len = 0;
899 while (p[len] && p[len] != ':')
900 len++;
901 *newp = p + len;
902
903 name = NULL;
904 if (strncmp(p, "target.xml", len) == 0) {
905 char *buf = process->target_xml;
906 const size_t buf_sz = sizeof(process->target_xml);
907
908 /* Generate the XML description for this CPU. */
909 if (!buf[0]) {
910 GDBRegisterState *r;
911
912 pstrcat(buf, buf_sz,
913 "<?xml version=\"1.0\"?>"
914 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
915 "<target>");
916 if (cc->gdb_arch_name) {
917 gchar *arch = cc->gdb_arch_name(cpu);
918 pstrcat(buf, buf_sz, "<architecture>");
919 pstrcat(buf, buf_sz, arch);
920 pstrcat(buf, buf_sz, "</architecture>");
921 g_free(arch);
922 }
923 pstrcat(buf, buf_sz, "<xi:include href=\"");
924 pstrcat(buf, buf_sz, cc->gdb_core_xml_file);
925 pstrcat(buf, buf_sz, "\"/>");
926 for (r = cpu->gdb_regs; r; r = r->next) {
927 pstrcat(buf, buf_sz, "<xi:include href=\"");
928 pstrcat(buf, buf_sz, r->xml);
929 pstrcat(buf, buf_sz, "\"/>");
930 }
931 pstrcat(buf, buf_sz, "</target>");
932 }
933 return buf;
934 }
935 if (cc->gdb_get_dynamic_xml) {
936 char *xmlname = g_strndup(p, len);
937 const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname);
938
939 g_free(xmlname);
940 if (xml) {
941 return xml;
942 }
943 }
944 for (i = 0; ; i++) {
945 name = xml_builtin[i][0];
946 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
947 break;
948 }
949 return name ? xml_builtin[i][1] : NULL;
950 }
951
952 static int gdb_read_register(CPUState *cpu, GByteArray *buf, int reg)
953 {
954 CPUClass *cc = CPU_GET_CLASS(cpu);
955 CPUArchState *env = cpu->env_ptr;
956 GDBRegisterState *r;
957
958 if (reg < cc->gdb_num_core_regs) {
959 return cc->gdb_read_register(cpu, buf, reg);
960 }
961
962 for (r = cpu->gdb_regs; r; r = r->next) {
963 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
964 return r->get_reg(env, buf, reg - r->base_reg);
965 }
966 }
967 return 0;
968 }
969
970 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
971 {
972 CPUClass *cc = CPU_GET_CLASS(cpu);
973 CPUArchState *env = cpu->env_ptr;
974 GDBRegisterState *r;
975
976 if (reg < cc->gdb_num_core_regs) {
977 return cc->gdb_write_register(cpu, mem_buf, reg);
978 }
979
980 for (r = cpu->gdb_regs; r; r = r->next) {
981 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
982 return r->set_reg(env, mem_buf, reg - r->base_reg);
983 }
984 }
985 return 0;
986 }
987
988 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
989 specifies the first register number and these registers are included in
990 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
991 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
992 */
993
994 void gdb_register_coprocessor(CPUState *cpu,
995 gdb_get_reg_cb get_reg, gdb_set_reg_cb set_reg,
996 int num_regs, const char *xml, int g_pos)
997 {
998 GDBRegisterState *s;
999 GDBRegisterState **p;
1000
1001 p = &cpu->gdb_regs;
1002 while (*p) {
1003 /* Check for duplicates. */
1004 if (strcmp((*p)->xml, xml) == 0)
1005 return;
1006 p = &(*p)->next;
1007 }
1008
1009 s = g_new0(GDBRegisterState, 1);
1010 s->base_reg = cpu->gdb_num_regs;
1011 s->num_regs = num_regs;
1012 s->get_reg = get_reg;
1013 s->set_reg = set_reg;
1014 s->xml = xml;
1015
1016 /* Add to end of list. */
1017 cpu->gdb_num_regs += num_regs;
1018 *p = s;
1019 if (g_pos) {
1020 if (g_pos != s->base_reg) {
1021 error_report("Error: Bad gdb register numbering for '%s', "
1022 "expected %d got %d", xml, g_pos, s->base_reg);
1023 } else {
1024 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
1025 }
1026 }
1027 }
1028
1029 #ifndef CONFIG_USER_ONLY
1030 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
1031 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
1032 {
1033 static const int xlat[] = {
1034 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
1035 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
1036 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
1037 };
1038
1039 CPUClass *cc = CPU_GET_CLASS(cpu);
1040 int cputype = xlat[gdbtype];
1041
1042 if (cc->gdb_stop_before_watchpoint) {
1043 cputype |= BP_STOP_BEFORE_ACCESS;
1044 }
1045 return cputype;
1046 }
1047 #endif
1048
1049 static int gdb_breakpoint_insert(int type, target_ulong addr, target_ulong len)
1050 {
1051 CPUState *cpu;
1052 int err = 0;
1053
1054 if (kvm_enabled()) {
1055 return kvm_insert_breakpoint(gdbserver_state.c_cpu, addr, len, type);
1056 }
1057
1058 switch (type) {
1059 case GDB_BREAKPOINT_SW:
1060 case GDB_BREAKPOINT_HW:
1061 CPU_FOREACH(cpu) {
1062 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
1063 if (err) {
1064 break;
1065 }
1066 }
1067 return err;
1068 #ifndef CONFIG_USER_ONLY
1069 case GDB_WATCHPOINT_WRITE:
1070 case GDB_WATCHPOINT_READ:
1071 case GDB_WATCHPOINT_ACCESS:
1072 CPU_FOREACH(cpu) {
1073 err = cpu_watchpoint_insert(cpu, addr, len,
1074 xlat_gdb_type(cpu, type), NULL);
1075 if (err) {
1076 break;
1077 }
1078 }
1079 return err;
1080 #endif
1081 default:
1082 return -ENOSYS;
1083 }
1084 }
1085
1086 static int gdb_breakpoint_remove(int type, target_ulong addr, target_ulong len)
1087 {
1088 CPUState *cpu;
1089 int err = 0;
1090
1091 if (kvm_enabled()) {
1092 return kvm_remove_breakpoint(gdbserver_state.c_cpu, addr, len, type);
1093 }
1094
1095 switch (type) {
1096 case GDB_BREAKPOINT_SW:
1097 case GDB_BREAKPOINT_HW:
1098 CPU_FOREACH(cpu) {
1099 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
1100 if (err) {
1101 break;
1102 }
1103 }
1104 return err;
1105 #ifndef CONFIG_USER_ONLY
1106 case GDB_WATCHPOINT_WRITE:
1107 case GDB_WATCHPOINT_READ:
1108 case GDB_WATCHPOINT_ACCESS:
1109 CPU_FOREACH(cpu) {
1110 err = cpu_watchpoint_remove(cpu, addr, len,
1111 xlat_gdb_type(cpu, type));
1112 if (err)
1113 break;
1114 }
1115 return err;
1116 #endif
1117 default:
1118 return -ENOSYS;
1119 }
1120 }
1121
1122 static inline void gdb_cpu_breakpoint_remove_all(CPUState *cpu)
1123 {
1124 cpu_breakpoint_remove_all(cpu, BP_GDB);
1125 #ifndef CONFIG_USER_ONLY
1126 cpu_watchpoint_remove_all(cpu, BP_GDB);
1127 #endif
1128 }
1129
1130 static void gdb_process_breakpoint_remove_all(GDBProcess *p)
1131 {
1132 CPUState *cpu = get_first_cpu_in_process(p);
1133
1134 while (cpu) {
1135 gdb_cpu_breakpoint_remove_all(cpu);
1136 cpu = gdb_next_cpu_in_process(cpu);
1137 }
1138 }
1139
1140 static void gdb_breakpoint_remove_all(void)
1141 {
1142 CPUState *cpu;
1143
1144 if (kvm_enabled()) {
1145 kvm_remove_all_breakpoints(gdbserver_state.c_cpu);
1146 return;
1147 }
1148
1149 CPU_FOREACH(cpu) {
1150 gdb_cpu_breakpoint_remove_all(cpu);
1151 }
1152 }
1153
1154 static void gdb_set_cpu_pc(target_ulong pc)
1155 {
1156 CPUState *cpu = gdbserver_state.c_cpu;
1157
1158 cpu_synchronize_state(cpu);
1159 cpu_set_pc(cpu, pc);
1160 }
1161
1162 static void gdb_append_thread_id(CPUState *cpu, GString *buf)
1163 {
1164 if (gdbserver_state.multiprocess) {
1165 g_string_append_printf(buf, "p%02x.%02x",
1166 gdb_get_cpu_pid(cpu), cpu_gdb_index(cpu));
1167 } else {
1168 g_string_append_printf(buf, "%02x", cpu_gdb_index(cpu));
1169 }
1170 }
1171
1172 typedef enum GDBThreadIdKind {
1173 GDB_ONE_THREAD = 0,
1174 GDB_ALL_THREADS, /* One process, all threads */
1175 GDB_ALL_PROCESSES,
1176 GDB_READ_THREAD_ERR
1177 } GDBThreadIdKind;
1178
1179 static GDBThreadIdKind read_thread_id(const char *buf, const char **end_buf,
1180 uint32_t *pid, uint32_t *tid)
1181 {
1182 unsigned long p, t;
1183 int ret;
1184
1185 if (*buf == 'p') {
1186 buf++;
1187 ret = qemu_strtoul(buf, &buf, 16, &p);
1188
1189 if (ret) {
1190 return GDB_READ_THREAD_ERR;
1191 }
1192
1193 /* Skip '.' */
1194 buf++;
1195 } else {
1196 p = 1;
1197 }
1198
1199 ret = qemu_strtoul(buf, &buf, 16, &t);
1200
1201 if (ret) {
1202 return GDB_READ_THREAD_ERR;
1203 }
1204
1205 *end_buf = buf;
1206
1207 if (p == -1) {
1208 return GDB_ALL_PROCESSES;
1209 }
1210
1211 if (pid) {
1212 *pid = p;
1213 }
1214
1215 if (t == -1) {
1216 return GDB_ALL_THREADS;
1217 }
1218
1219 if (tid) {
1220 *tid = t;
1221 }
1222
1223 return GDB_ONE_THREAD;
1224 }
1225
1226 /**
1227 * gdb_handle_vcont - Parses and handles a vCont packet.
1228 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
1229 * a format error, 0 on success.
1230 */
1231 static int gdb_handle_vcont(const char *p)
1232 {
1233 int res, signal = 0;
1234 char cur_action;
1235 char *newstates;
1236 unsigned long tmp;
1237 uint32_t pid, tid;
1238 GDBProcess *process;
1239 CPUState *cpu;
1240 GDBThreadIdKind kind;
1241 #ifdef CONFIG_USER_ONLY
1242 int max_cpus = 1; /* global variable max_cpus exists only in system mode */
1243
1244 CPU_FOREACH(cpu) {
1245 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus;
1246 }
1247 #else
1248 MachineState *ms = MACHINE(qdev_get_machine());
1249 unsigned int max_cpus = ms->smp.max_cpus;
1250 #endif
1251 /* uninitialised CPUs stay 0 */
1252 newstates = g_new0(char, max_cpus);
1253
1254 /* mark valid CPUs with 1 */
1255 CPU_FOREACH(cpu) {
1256 newstates[cpu->cpu_index] = 1;
1257 }
1258
1259 /*
1260 * res keeps track of what error we are returning, with -ENOTSUP meaning
1261 * that the command is unknown or unsupported, thus returning an empty
1262 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
1263 * or incorrect parameters passed.
1264 */
1265 res = 0;
1266 while (*p) {
1267 if (*p++ != ';') {
1268 res = -ENOTSUP;
1269 goto out;
1270 }
1271
1272 cur_action = *p++;
1273 if (cur_action == 'C' || cur_action == 'S') {
1274 cur_action = qemu_tolower(cur_action);
1275 res = qemu_strtoul(p, &p, 16, &tmp);
1276 if (res) {
1277 goto out;
1278 }
1279 signal = gdb_signal_to_target(tmp);
1280 } else if (cur_action != 'c' && cur_action != 's') {
1281 /* unknown/invalid/unsupported command */
1282 res = -ENOTSUP;
1283 goto out;
1284 }
1285
1286 if (*p == '\0' || *p == ';') {
1287 /*
1288 * No thread specifier, action is on "all threads". The
1289 * specification is unclear regarding the process to act on. We
1290 * choose all processes.
1291 */
1292 kind = GDB_ALL_PROCESSES;
1293 } else if (*p++ == ':') {
1294 kind = read_thread_id(p, &p, &pid, &tid);
1295 } else {
1296 res = -ENOTSUP;
1297 goto out;
1298 }
1299
1300 switch (kind) {
1301 case GDB_READ_THREAD_ERR:
1302 res = -EINVAL;
1303 goto out;
1304
1305 case GDB_ALL_PROCESSES:
1306 cpu = gdb_first_attached_cpu();
1307 while (cpu) {
1308 if (newstates[cpu->cpu_index] == 1) {
1309 newstates[cpu->cpu_index] = cur_action;
1310 }
1311
1312 cpu = gdb_next_attached_cpu(cpu);
1313 }
1314 break;
1315
1316 case GDB_ALL_THREADS:
1317 process = gdb_get_process(pid);
1318
1319 if (!process->attached) {
1320 res = -EINVAL;
1321 goto out;
1322 }
1323
1324 cpu = get_first_cpu_in_process(process);
1325 while (cpu) {
1326 if (newstates[cpu->cpu_index] == 1) {
1327 newstates[cpu->cpu_index] = cur_action;
1328 }
1329
1330 cpu = gdb_next_cpu_in_process(cpu);
1331 }
1332 break;
1333
1334 case GDB_ONE_THREAD:
1335 cpu = gdb_get_cpu(pid, tid);
1336
1337 /* invalid CPU/thread specified */
1338 if (!cpu) {
1339 res = -EINVAL;
1340 goto out;
1341 }
1342
1343 /* only use if no previous match occourred */
1344 if (newstates[cpu->cpu_index] == 1) {
1345 newstates[cpu->cpu_index] = cur_action;
1346 }
1347 break;
1348 }
1349 }
1350 gdbserver_state.signal = signal;
1351 gdb_continue_partial(newstates);
1352
1353 out:
1354 g_free(newstates);
1355
1356 return res;
1357 }
1358
1359 typedef union GdbCmdVariant {
1360 const char *data;
1361 uint8_t opcode;
1362 unsigned long val_ul;
1363 unsigned long long val_ull;
1364 struct {
1365 GDBThreadIdKind kind;
1366 uint32_t pid;
1367 uint32_t tid;
1368 } thread_id;
1369 } GdbCmdVariant;
1370
1371 #define get_param(p, i) (&g_array_index(p, GdbCmdVariant, i))
1372
1373 static const char *cmd_next_param(const char *param, const char delimiter)
1374 {
1375 static const char all_delimiters[] = ",;:=";
1376 char curr_delimiters[2] = {0};
1377 const char *delimiters;
1378
1379 if (delimiter == '?') {
1380 delimiters = all_delimiters;
1381 } else if (delimiter == '0') {
1382 return strchr(param, '\0');
1383 } else if (delimiter == '.' && *param) {
1384 return param + 1;
1385 } else {
1386 curr_delimiters[0] = delimiter;
1387 delimiters = curr_delimiters;
1388 }
1389
1390 param += strcspn(param, delimiters);
1391 if (*param) {
1392 param++;
1393 }
1394 return param;
1395 }
1396
1397 static int cmd_parse_params(const char *data, const char *schema,
1398 GArray *params)
1399 {
1400 const char *curr_schema, *curr_data;
1401
1402 g_assert(schema);
1403 g_assert(params->len == 0);
1404
1405 curr_schema = schema;
1406 curr_data = data;
1407 while (curr_schema[0] && curr_schema[1] && *curr_data) {
1408 GdbCmdVariant this_param;
1409
1410 switch (curr_schema[0]) {
1411 case 'l':
1412 if (qemu_strtoul(curr_data, &curr_data, 16,
1413 &this_param.val_ul)) {
1414 return -EINVAL;
1415 }
1416 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1417 g_array_append_val(params, this_param);
1418 break;
1419 case 'L':
1420 if (qemu_strtou64(curr_data, &curr_data, 16,
1421 (uint64_t *)&this_param.val_ull)) {
1422 return -EINVAL;
1423 }
1424 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1425 g_array_append_val(params, this_param);
1426 break;
1427 case 's':
1428 this_param.data = curr_data;
1429 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1430 g_array_append_val(params, this_param);
1431 break;
1432 case 'o':
1433 this_param.opcode = *(uint8_t *)curr_data;
1434 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1435 g_array_append_val(params, this_param);
1436 break;
1437 case 't':
1438 this_param.thread_id.kind =
1439 read_thread_id(curr_data, &curr_data,
1440 &this_param.thread_id.pid,
1441 &this_param.thread_id.tid);
1442 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1443 g_array_append_val(params, this_param);
1444 break;
1445 case '?':
1446 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1447 break;
1448 default:
1449 return -EINVAL;
1450 }
1451 curr_schema += 2;
1452 }
1453
1454 return 0;
1455 }
1456
1457 typedef void (*GdbCmdHandler)(GArray *params, void *user_ctx);
1458
1459 /*
1460 * cmd_startswith -> cmd is compared using startswith
1461 *
1462 *
1463 * schema definitions:
1464 * Each schema parameter entry consists of 2 chars,
1465 * the first char represents the parameter type handling
1466 * the second char represents the delimiter for the next parameter
1467 *
1468 * Currently supported schema types:
1469 * 'l' -> unsigned long (stored in .val_ul)
1470 * 'L' -> unsigned long long (stored in .val_ull)
1471 * 's' -> string (stored in .data)
1472 * 'o' -> single char (stored in .opcode)
1473 * 't' -> thread id (stored in .thread_id)
1474 * '?' -> skip according to delimiter
1475 *
1476 * Currently supported delimiters:
1477 * '?' -> Stop at any delimiter (",;:=\0")
1478 * '0' -> Stop at "\0"
1479 * '.' -> Skip 1 char unless reached "\0"
1480 * Any other value is treated as the delimiter value itself
1481 */
1482 typedef struct GdbCmdParseEntry {
1483 GdbCmdHandler handler;
1484 const char *cmd;
1485 bool cmd_startswith;
1486 const char *schema;
1487 } GdbCmdParseEntry;
1488
1489 static inline int startswith(const char *string, const char *pattern)
1490 {
1491 return !strncmp(string, pattern, strlen(pattern));
1492 }
1493
1494 static int process_string_cmd(void *user_ctx, const char *data,
1495 const GdbCmdParseEntry *cmds, int num_cmds)
1496 {
1497 int i;
1498 g_autoptr(GArray) params = g_array_new(false, true, sizeof(GdbCmdVariant));
1499
1500 if (!cmds) {
1501 return -1;
1502 }
1503
1504 for (i = 0; i < num_cmds; i++) {
1505 const GdbCmdParseEntry *cmd = &cmds[i];
1506 g_assert(cmd->handler && cmd->cmd);
1507
1508 if ((cmd->cmd_startswith && !startswith(data, cmd->cmd)) ||
1509 (!cmd->cmd_startswith && strcmp(cmd->cmd, data))) {
1510 continue;
1511 }
1512
1513 if (cmd->schema) {
1514 if (cmd_parse_params(&data[strlen(cmd->cmd)],
1515 cmd->schema, params)) {
1516 return -1;
1517 }
1518 }
1519
1520 cmd->handler(params, user_ctx);
1521 return 0;
1522 }
1523
1524 return -1;
1525 }
1526
1527 static void run_cmd_parser(const char *data, const GdbCmdParseEntry *cmd)
1528 {
1529 if (!data) {
1530 return;
1531 }
1532
1533 g_string_set_size(gdbserver_state.str_buf, 0);
1534 g_byte_array_set_size(gdbserver_state.mem_buf, 0);
1535
1536 /* In case there was an error during the command parsing we must
1537 * send a NULL packet to indicate the command is not supported */
1538 if (process_string_cmd(NULL, data, cmd, 1)) {
1539 put_packet("");
1540 }
1541 }
1542
1543 static void handle_detach(GArray *params, void *user_ctx)
1544 {
1545 GDBProcess *process;
1546 uint32_t pid = 1;
1547
1548 if (gdbserver_state.multiprocess) {
1549 if (!params->len) {
1550 put_packet("E22");
1551 return;
1552 }
1553
1554 pid = get_param(params, 0)->val_ul;
1555 }
1556
1557 process = gdb_get_process(pid);
1558 gdb_process_breakpoint_remove_all(process);
1559 process->attached = false;
1560
1561 if (pid == gdb_get_cpu_pid(gdbserver_state.c_cpu)) {
1562 gdbserver_state.c_cpu = gdb_first_attached_cpu();
1563 }
1564
1565 if (pid == gdb_get_cpu_pid(gdbserver_state.g_cpu)) {
1566 gdbserver_state.g_cpu = gdb_first_attached_cpu();
1567 }
1568
1569 if (!gdbserver_state.c_cpu) {
1570 /* No more process attached */
1571 gdb_syscall_mode = GDB_SYS_DISABLED;
1572 gdb_continue();
1573 }
1574 put_packet("OK");
1575 }
1576
1577 static void handle_thread_alive(GArray *params, void *user_ctx)
1578 {
1579 CPUState *cpu;
1580
1581 if (!params->len) {
1582 put_packet("E22");
1583 return;
1584 }
1585
1586 if (get_param(params, 0)->thread_id.kind == GDB_READ_THREAD_ERR) {
1587 put_packet("E22");
1588 return;
1589 }
1590
1591 cpu = gdb_get_cpu(get_param(params, 0)->thread_id.pid,
1592 get_param(params, 0)->thread_id.tid);
1593 if (!cpu) {
1594 put_packet("E22");
1595 return;
1596 }
1597
1598 put_packet("OK");
1599 }
1600
1601 static void handle_continue(GArray *params, void *user_ctx)
1602 {
1603 if (params->len) {
1604 gdb_set_cpu_pc(get_param(params, 0)->val_ull);
1605 }
1606
1607 gdbserver_state.signal = 0;
1608 gdb_continue();
1609 }
1610
1611 static void handle_cont_with_sig(GArray *params, void *user_ctx)
1612 {
1613 unsigned long signal = 0;
1614
1615 /*
1616 * Note: C sig;[addr] is currently unsupported and we simply
1617 * omit the addr parameter
1618 */
1619 if (params->len) {
1620 signal = get_param(params, 0)->val_ul;
1621 }
1622
1623 gdbserver_state.signal = gdb_signal_to_target(signal);
1624 if (gdbserver_state.signal == -1) {
1625 gdbserver_state.signal = 0;
1626 }
1627 gdb_continue();
1628 }
1629
1630 static void handle_set_thread(GArray *params, void *user_ctx)
1631 {
1632 CPUState *cpu;
1633
1634 if (params->len != 2) {
1635 put_packet("E22");
1636 return;
1637 }
1638
1639 if (get_param(params, 1)->thread_id.kind == GDB_READ_THREAD_ERR) {
1640 put_packet("E22");
1641 return;
1642 }
1643
1644 if (get_param(params, 1)->thread_id.kind != GDB_ONE_THREAD) {
1645 put_packet("OK");
1646 return;
1647 }
1648
1649 cpu = gdb_get_cpu(get_param(params, 1)->thread_id.pid,
1650 get_param(params, 1)->thread_id.tid);
1651 if (!cpu) {
1652 put_packet("E22");
1653 return;
1654 }
1655
1656 /*
1657 * Note: This command is deprecated and modern gdb's will be using the
1658 * vCont command instead.
1659 */
1660 switch (get_param(params, 0)->opcode) {
1661 case 'c':
1662 gdbserver_state.c_cpu = cpu;
1663 put_packet("OK");
1664 break;
1665 case 'g':
1666 gdbserver_state.g_cpu = cpu;
1667 put_packet("OK");
1668 break;
1669 default:
1670 put_packet("E22");
1671 break;
1672 }
1673 }
1674
1675 static void handle_insert_bp(GArray *params, void *user_ctx)
1676 {
1677 int res;
1678
1679 if (params->len != 3) {
1680 put_packet("E22");
1681 return;
1682 }
1683
1684 res = gdb_breakpoint_insert(get_param(params, 0)->val_ul,
1685 get_param(params, 1)->val_ull,
1686 get_param(params, 2)->val_ull);
1687 if (res >= 0) {
1688 put_packet("OK");
1689 return;
1690 } else if (res == -ENOSYS) {
1691 put_packet("");
1692 return;
1693 }
1694
1695 put_packet("E22");
1696 }
1697
1698 static void handle_remove_bp(GArray *params, void *user_ctx)
1699 {
1700 int res;
1701
1702 if (params->len != 3) {
1703 put_packet("E22");
1704 return;
1705 }
1706
1707 res = gdb_breakpoint_remove(get_param(params, 0)->val_ul,
1708 get_param(params, 1)->val_ull,
1709 get_param(params, 2)->val_ull);
1710 if (res >= 0) {
1711 put_packet("OK");
1712 return;
1713 } else if (res == -ENOSYS) {
1714 put_packet("");
1715 return;
1716 }
1717
1718 put_packet("E22");
1719 }
1720
1721 /*
1722 * handle_set/get_reg
1723 *
1724 * Older gdb are really dumb, and don't use 'G/g' if 'P/p' is available.
1725 * This works, but can be very slow. Anything new enough to understand
1726 * XML also knows how to use this properly. However to use this we
1727 * need to define a local XML file as well as be talking to a
1728 * reasonably modern gdb. Responding with an empty packet will cause
1729 * the remote gdb to fallback to older methods.
1730 */
1731
1732 static void handle_set_reg(GArray *params, void *user_ctx)
1733 {
1734 int reg_size;
1735
1736 if (!gdb_has_xml) {
1737 put_packet("");
1738 return;
1739 }
1740
1741 if (params->len != 2) {
1742 put_packet("E22");
1743 return;
1744 }
1745
1746 reg_size = strlen(get_param(params, 1)->data) / 2;
1747 hextomem(gdbserver_state.mem_buf, get_param(params, 1)->data, reg_size);
1748 gdb_write_register(gdbserver_state.g_cpu, gdbserver_state.mem_buf->data,
1749 get_param(params, 0)->val_ull);
1750 put_packet("OK");
1751 }
1752
1753 static void handle_get_reg(GArray *params, void *user_ctx)
1754 {
1755 int reg_size;
1756
1757 if (!gdb_has_xml) {
1758 put_packet("");
1759 return;
1760 }
1761
1762 if (!params->len) {
1763 put_packet("E14");
1764 return;
1765 }
1766
1767 reg_size = gdb_read_register(gdbserver_state.g_cpu,
1768 gdbserver_state.mem_buf,
1769 get_param(params, 0)->val_ull);
1770 if (!reg_size) {
1771 put_packet("E14");
1772 return;
1773 } else {
1774 g_byte_array_set_size(gdbserver_state.mem_buf, reg_size);
1775 }
1776
1777 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, reg_size);
1778 put_strbuf();
1779 }
1780
1781 static void handle_write_mem(GArray *params, void *user_ctx)
1782 {
1783 if (params->len != 3) {
1784 put_packet("E22");
1785 return;
1786 }
1787
1788 /* hextomem() reads 2*len bytes */
1789 if (get_param(params, 1)->val_ull >
1790 strlen(get_param(params, 2)->data) / 2) {
1791 put_packet("E22");
1792 return;
1793 }
1794
1795 hextomem(gdbserver_state.mem_buf, get_param(params, 2)->data,
1796 get_param(params, 1)->val_ull);
1797 if (target_memory_rw_debug(gdbserver_state.g_cpu,
1798 get_param(params, 0)->val_ull,
1799 gdbserver_state.mem_buf->data,
1800 gdbserver_state.mem_buf->len, true)) {
1801 put_packet("E14");
1802 return;
1803 }
1804
1805 put_packet("OK");
1806 }
1807
1808 static void handle_read_mem(GArray *params, void *user_ctx)
1809 {
1810 if (params->len != 2) {
1811 put_packet("E22");
1812 return;
1813 }
1814
1815 /* memtohex() doubles the required space */
1816 if (get_param(params, 1)->val_ull > MAX_PACKET_LENGTH / 2) {
1817 put_packet("E22");
1818 return;
1819 }
1820
1821 g_byte_array_set_size(gdbserver_state.mem_buf,
1822 get_param(params, 1)->val_ull);
1823
1824 if (target_memory_rw_debug(gdbserver_state.g_cpu,
1825 get_param(params, 0)->val_ull,
1826 gdbserver_state.mem_buf->data,
1827 gdbserver_state.mem_buf->len, false)) {
1828 put_packet("E14");
1829 return;
1830 }
1831
1832 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data,
1833 gdbserver_state.mem_buf->len);
1834 put_strbuf();
1835 }
1836
1837 static void handle_write_all_regs(GArray *params, void *user_ctx)
1838 {
1839 target_ulong addr, len;
1840 uint8_t *registers;
1841 int reg_size;
1842
1843 if (!params->len) {
1844 return;
1845 }
1846
1847 cpu_synchronize_state(gdbserver_state.g_cpu);
1848 len = strlen(get_param(params, 0)->data) / 2;
1849 hextomem(gdbserver_state.mem_buf, get_param(params, 0)->data, len);
1850 registers = gdbserver_state.mem_buf->data;
1851 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs && len > 0;
1852 addr++) {
1853 reg_size = gdb_write_register(gdbserver_state.g_cpu, registers, addr);
1854 len -= reg_size;
1855 registers += reg_size;
1856 }
1857 put_packet("OK");
1858 }
1859
1860 static void handle_read_all_regs(GArray *params, void *user_ctx)
1861 {
1862 target_ulong addr, len;
1863
1864 cpu_synchronize_state(gdbserver_state.g_cpu);
1865 g_byte_array_set_size(gdbserver_state.mem_buf, 0);
1866 len = 0;
1867 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs; addr++) {
1868 len += gdb_read_register(gdbserver_state.g_cpu,
1869 gdbserver_state.mem_buf,
1870 addr);
1871 }
1872 g_assert(len == gdbserver_state.mem_buf->len);
1873
1874 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, len);
1875 put_strbuf();
1876 }
1877
1878 static void handle_file_io(GArray *params, void *user_ctx)
1879 {
1880 if (params->len >= 1 && gdbserver_state.current_syscall_cb) {
1881 uint64_t ret;
1882 int err;
1883
1884 ret = get_param(params, 0)->val_ull;
1885 if (params->len >= 2) {
1886 err = get_param(params, 1)->val_ull;
1887 } else {
1888 err = 0;
1889 }
1890
1891 /* Convert GDB error numbers back to host error numbers. */
1892 #define E(X) case GDB_E##X: err = E##X; break
1893 switch (err) {
1894 case 0:
1895 break;
1896 E(PERM);
1897 E(NOENT);
1898 E(INTR);
1899 E(BADF);
1900 E(ACCES);
1901 E(FAULT);
1902 E(BUSY);
1903 E(EXIST);
1904 E(NODEV);
1905 E(NOTDIR);
1906 E(ISDIR);
1907 E(INVAL);
1908 E(NFILE);
1909 E(MFILE);
1910 E(FBIG);
1911 E(NOSPC);
1912 E(SPIPE);
1913 E(ROFS);
1914 E(NAMETOOLONG);
1915 default:
1916 err = EINVAL;
1917 break;
1918 }
1919 #undef E
1920
1921 gdbserver_state.current_syscall_cb(gdbserver_state.c_cpu, ret, err);
1922 gdbserver_state.current_syscall_cb = NULL;
1923 }
1924
1925 if (params->len >= 3 && get_param(params, 2)->opcode == (uint8_t)'C') {
1926 put_packet("T02");
1927 return;
1928 }
1929
1930 gdb_continue();
1931 }
1932
1933 static void handle_step(GArray *params, void *user_ctx)
1934 {
1935 if (params->len) {
1936 gdb_set_cpu_pc((target_ulong)get_param(params, 0)->val_ull);
1937 }
1938
1939 cpu_single_step(gdbserver_state.c_cpu, gdbserver_state.sstep_flags);
1940 gdb_continue();
1941 }
1942
1943 static void handle_backward(GArray *params, void *user_ctx)
1944 {
1945 if (!stub_can_reverse()) {
1946 put_packet("E22");
1947 }
1948 if (params->len == 1) {
1949 switch (get_param(params, 0)->opcode) {
1950 case 's':
1951 if (replay_reverse_step()) {
1952 gdb_continue();
1953 } else {
1954 put_packet("E14");
1955 }
1956 return;
1957 case 'c':
1958 if (replay_reverse_continue()) {
1959 gdb_continue();
1960 } else {
1961 put_packet("E14");
1962 }
1963 return;
1964 }
1965 }
1966
1967 /* Default invalid command */
1968 put_packet("");
1969 }
1970
1971 static void handle_v_cont_query(GArray *params, void *user_ctx)
1972 {
1973 put_packet("vCont;c;C;s;S");
1974 }
1975
1976 static void handle_v_cont(GArray *params, void *user_ctx)
1977 {
1978 int res;
1979
1980 if (!params->len) {
1981 return;
1982 }
1983
1984 res = gdb_handle_vcont(get_param(params, 0)->data);
1985 if ((res == -EINVAL) || (res == -ERANGE)) {
1986 put_packet("E22");
1987 } else if (res) {
1988 put_packet("");
1989 }
1990 }
1991
1992 static void handle_v_attach(GArray *params, void *user_ctx)
1993 {
1994 GDBProcess *process;
1995 CPUState *cpu;
1996
1997 g_string_assign(gdbserver_state.str_buf, "E22");
1998 if (!params->len) {
1999 goto cleanup;
2000 }
2001
2002 process = gdb_get_process(get_param(params, 0)->val_ul);
2003 if (!process) {
2004 goto cleanup;
2005 }
2006
2007 cpu = get_first_cpu_in_process(process);
2008 if (!cpu) {
2009 goto cleanup;
2010 }
2011
2012 process->attached = true;
2013 gdbserver_state.g_cpu = cpu;
2014 gdbserver_state.c_cpu = cpu;
2015
2016 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
2017 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
2018 g_string_append_c(gdbserver_state.str_buf, ';');
2019 cleanup:
2020 put_strbuf();
2021 }
2022
2023 static void handle_v_kill(GArray *params, void *user_ctx)
2024 {
2025 /* Kill the target */
2026 put_packet("OK");
2027 error_report("QEMU: Terminated via GDBstub");
2028 gdb_exit(0);
2029 exit(0);
2030 }
2031
2032 static const GdbCmdParseEntry gdb_v_commands_table[] = {
2033 /* Order is important if has same prefix */
2034 {
2035 .handler = handle_v_cont_query,
2036 .cmd = "Cont?",
2037 .cmd_startswith = 1
2038 },
2039 {
2040 .handler = handle_v_cont,
2041 .cmd = "Cont",
2042 .cmd_startswith = 1,
2043 .schema = "s0"
2044 },
2045 {
2046 .handler = handle_v_attach,
2047 .cmd = "Attach;",
2048 .cmd_startswith = 1,
2049 .schema = "l0"
2050 },
2051 {
2052 .handler = handle_v_kill,
2053 .cmd = "Kill;",
2054 .cmd_startswith = 1
2055 },
2056 };
2057
2058 static void handle_v_commands(GArray *params, void *user_ctx)
2059 {
2060 if (!params->len) {
2061 return;
2062 }
2063
2064 if (process_string_cmd(NULL, get_param(params, 0)->data,
2065 gdb_v_commands_table,
2066 ARRAY_SIZE(gdb_v_commands_table))) {
2067 put_packet("");
2068 }
2069 }
2070
2071 static void handle_query_qemu_sstepbits(GArray *params, void *user_ctx)
2072 {
2073 g_string_printf(gdbserver_state.str_buf, "ENABLE=%x", SSTEP_ENABLE);
2074
2075 if (gdbserver_state.supported_sstep_flags & SSTEP_NOIRQ) {
2076 g_string_append_printf(gdbserver_state.str_buf, ",NOIRQ=%x",
2077 SSTEP_NOIRQ);
2078 }
2079
2080 if (gdbserver_state.supported_sstep_flags & SSTEP_NOTIMER) {
2081 g_string_append_printf(gdbserver_state.str_buf, ",NOTIMER=%x",
2082 SSTEP_NOTIMER);
2083 }
2084
2085 put_strbuf();
2086 }
2087
2088 static void handle_set_qemu_sstep(GArray *params, void *user_ctx)
2089 {
2090 int new_sstep_flags;
2091
2092 if (!params->len) {
2093 return;
2094 }
2095
2096 new_sstep_flags = get_param(params, 0)->val_ul;
2097
2098 if (new_sstep_flags & ~gdbserver_state.supported_sstep_flags) {
2099 put_packet("E22");
2100 return;
2101 }
2102
2103 gdbserver_state.sstep_flags = new_sstep_flags;
2104 put_packet("OK");
2105 }
2106
2107 static void handle_query_qemu_sstep(GArray *params, void *user_ctx)
2108 {
2109 g_string_printf(gdbserver_state.str_buf, "0x%x",
2110 gdbserver_state.sstep_flags);
2111 put_strbuf();
2112 }
2113
2114 static void handle_query_curr_tid(GArray *params, void *user_ctx)
2115 {
2116 CPUState *cpu;
2117 GDBProcess *process;
2118
2119 /*
2120 * "Current thread" remains vague in the spec, so always return
2121 * the first thread of the current process (gdb returns the
2122 * first thread).
2123 */
2124 process = gdb_get_cpu_process(gdbserver_state.g_cpu);
2125 cpu = get_first_cpu_in_process(process);
2126 g_string_assign(gdbserver_state.str_buf, "QC");
2127 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
2128 put_strbuf();
2129 }
2130
2131 static void handle_query_threads(GArray *params, void *user_ctx)
2132 {
2133 if (!gdbserver_state.query_cpu) {
2134 put_packet("l");
2135 return;
2136 }
2137
2138 g_string_assign(gdbserver_state.str_buf, "m");
2139 gdb_append_thread_id(gdbserver_state.query_cpu, gdbserver_state.str_buf);
2140 put_strbuf();
2141 gdbserver_state.query_cpu = gdb_next_attached_cpu(gdbserver_state.query_cpu);
2142 }
2143
2144 static void handle_query_first_threads(GArray *params, void *user_ctx)
2145 {
2146 gdbserver_state.query_cpu = gdb_first_attached_cpu();
2147 handle_query_threads(params, user_ctx);
2148 }
2149
2150 static void handle_query_thread_extra(GArray *params, void *user_ctx)
2151 {
2152 g_autoptr(GString) rs = g_string_new(NULL);
2153 CPUState *cpu;
2154
2155 if (!params->len ||
2156 get_param(params, 0)->thread_id.kind == GDB_READ_THREAD_ERR) {
2157 put_packet("E22");
2158 return;
2159 }
2160
2161 cpu = gdb_get_cpu(get_param(params, 0)->thread_id.pid,
2162 get_param(params, 0)->thread_id.tid);
2163 if (!cpu) {
2164 return;
2165 }
2166
2167 cpu_synchronize_state(cpu);
2168
2169 if (gdbserver_state.multiprocess && (gdbserver_state.process_num > 1)) {
2170 /* Print the CPU model and name in multiprocess mode */
2171 ObjectClass *oc = object_get_class(OBJECT(cpu));
2172 const char *cpu_model = object_class_get_name(oc);
2173 const char *cpu_name =
2174 object_get_canonical_path_component(OBJECT(cpu));
2175 g_string_printf(rs, "%s %s [%s]", cpu_model, cpu_name,
2176 cpu->halted ? "halted " : "running");
2177 } else {
2178 g_string_printf(rs, "CPU#%d [%s]", cpu->cpu_index,
2179 cpu->halted ? "halted " : "running");
2180 }
2181 trace_gdbstub_op_extra_info(rs->str);
2182 memtohex(gdbserver_state.str_buf, (uint8_t *)rs->str, rs->len);
2183 put_strbuf();
2184 }
2185
2186 #ifdef CONFIG_USER_ONLY
2187 static void handle_query_offsets(GArray *params, void *user_ctx)
2188 {
2189 TaskState *ts;
2190
2191 ts = gdbserver_state.c_cpu->opaque;
2192 g_string_printf(gdbserver_state.str_buf,
2193 "Text=" TARGET_ABI_FMT_lx
2194 ";Data=" TARGET_ABI_FMT_lx
2195 ";Bss=" TARGET_ABI_FMT_lx,
2196 ts->info->code_offset,
2197 ts->info->data_offset,
2198 ts->info->data_offset);
2199 put_strbuf();
2200 }
2201 #else
2202 static void handle_query_rcmd(GArray *params, void *user_ctx)
2203 {
2204 const guint8 zero = 0;
2205 int len;
2206
2207 if (!params->len) {
2208 put_packet("E22");
2209 return;
2210 }
2211
2212 len = strlen(get_param(params, 0)->data);
2213 if (len % 2) {
2214 put_packet("E01");
2215 return;
2216 }
2217
2218 g_assert(gdbserver_state.mem_buf->len == 0);
2219 len = len / 2;
2220 hextomem(gdbserver_state.mem_buf, get_param(params, 0)->data, len);
2221 g_byte_array_append(gdbserver_state.mem_buf, &zero, 1);
2222 qemu_chr_be_write(gdbserver_state.mon_chr, gdbserver_state.mem_buf->data,
2223 gdbserver_state.mem_buf->len);
2224 put_packet("OK");
2225 }
2226 #endif
2227
2228 static void handle_query_supported(GArray *params, void *user_ctx)
2229 {
2230 CPUClass *cc;
2231
2232 g_string_printf(gdbserver_state.str_buf, "PacketSize=%x", MAX_PACKET_LENGTH);
2233 cc = CPU_GET_CLASS(first_cpu);
2234 if (cc->gdb_core_xml_file) {
2235 g_string_append(gdbserver_state.str_buf, ";qXfer:features:read+");
2236 }
2237
2238 if (stub_can_reverse()) {
2239 g_string_append(gdbserver_state.str_buf,
2240 ";ReverseStep+;ReverseContinue+");
2241 }
2242
2243 #ifdef CONFIG_USER_ONLY
2244 if (gdbserver_state.c_cpu->opaque) {
2245 g_string_append(gdbserver_state.str_buf, ";qXfer:auxv:read+");
2246 }
2247 #endif
2248
2249 if (params->len &&
2250 strstr(get_param(params, 0)->data, "multiprocess+")) {
2251 gdbserver_state.multiprocess = true;
2252 }
2253
2254 g_string_append(gdbserver_state.str_buf, ";vContSupported+;multiprocess+");
2255 put_strbuf();
2256 }
2257
2258 static void handle_query_xfer_features(GArray *params, void *user_ctx)
2259 {
2260 GDBProcess *process;
2261 CPUClass *cc;
2262 unsigned long len, total_len, addr;
2263 const char *xml;
2264 const char *p;
2265
2266 if (params->len < 3) {
2267 put_packet("E22");
2268 return;
2269 }
2270
2271 process = gdb_get_cpu_process(gdbserver_state.g_cpu);
2272 cc = CPU_GET_CLASS(gdbserver_state.g_cpu);
2273 if (!cc->gdb_core_xml_file) {
2274 put_packet("");
2275 return;
2276 }
2277
2278 gdb_has_xml = true;
2279 p = get_param(params, 0)->data;
2280 xml = get_feature_xml(p, &p, process);
2281 if (!xml) {
2282 put_packet("E00");
2283 return;
2284 }
2285
2286 addr = get_param(params, 1)->val_ul;
2287 len = get_param(params, 2)->val_ul;
2288 total_len = strlen(xml);
2289 if (addr > total_len) {
2290 put_packet("E00");
2291 return;
2292 }
2293
2294 if (len > (MAX_PACKET_LENGTH - 5) / 2) {
2295 len = (MAX_PACKET_LENGTH - 5) / 2;
2296 }
2297
2298 if (len < total_len - addr) {
2299 g_string_assign(gdbserver_state.str_buf, "m");
2300 memtox(gdbserver_state.str_buf, xml + addr, len);
2301 } else {
2302 g_string_assign(gdbserver_state.str_buf, "l");
2303 memtox(gdbserver_state.str_buf, xml + addr, total_len - addr);
2304 }
2305
2306 put_packet_binary(gdbserver_state.str_buf->str,
2307 gdbserver_state.str_buf->len, true);
2308 }
2309
2310 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER)
2311 static void handle_query_xfer_auxv(GArray *params, void *user_ctx)
2312 {
2313 TaskState *ts;
2314 unsigned long offset, len, saved_auxv, auxv_len;
2315
2316 if (params->len < 2) {
2317 put_packet("E22");
2318 return;
2319 }
2320
2321 offset = get_param(params, 0)->val_ul;
2322 len = get_param(params, 1)->val_ul;
2323 ts = gdbserver_state.c_cpu->opaque;
2324 saved_auxv = ts->info->saved_auxv;
2325 auxv_len = ts->info->auxv_len;
2326
2327 if (offset >= auxv_len) {
2328 put_packet("E00");
2329 return;
2330 }
2331
2332 if (len > (MAX_PACKET_LENGTH - 5) / 2) {
2333 len = (MAX_PACKET_LENGTH - 5) / 2;
2334 }
2335
2336 if (len < auxv_len - offset) {
2337 g_string_assign(gdbserver_state.str_buf, "m");
2338 } else {
2339 g_string_assign(gdbserver_state.str_buf, "l");
2340 len = auxv_len - offset;
2341 }
2342
2343 g_byte_array_set_size(gdbserver_state.mem_buf, len);
2344 if (target_memory_rw_debug(gdbserver_state.g_cpu, saved_auxv + offset,
2345 gdbserver_state.mem_buf->data, len, false)) {
2346 put_packet("E14");
2347 return;
2348 }
2349
2350 memtox(gdbserver_state.str_buf,
2351 (const char *)gdbserver_state.mem_buf->data, len);
2352 put_packet_binary(gdbserver_state.str_buf->str,
2353 gdbserver_state.str_buf->len, true);
2354 }
2355 #endif
2356
2357 static void handle_query_attached(GArray *params, void *user_ctx)
2358 {
2359 put_packet(GDB_ATTACHED);
2360 }
2361
2362 static void handle_query_qemu_supported(GArray *params, void *user_ctx)
2363 {
2364 g_string_printf(gdbserver_state.str_buf, "sstepbits;sstep");
2365 #ifndef CONFIG_USER_ONLY
2366 g_string_append(gdbserver_state.str_buf, ";PhyMemMode");
2367 #endif
2368 put_strbuf();
2369 }
2370
2371 #ifndef CONFIG_USER_ONLY
2372 static void handle_query_qemu_phy_mem_mode(GArray *params,
2373 void *user_ctx)
2374 {
2375 g_string_printf(gdbserver_state.str_buf, "%d", phy_memory_mode);
2376 put_strbuf();
2377 }
2378
2379 static void handle_set_qemu_phy_mem_mode(GArray *params, void *user_ctx)
2380 {
2381 if (!params->len) {
2382 put_packet("E22");
2383 return;
2384 }
2385
2386 if (!get_param(params, 0)->val_ul) {
2387 phy_memory_mode = 0;
2388 } else {
2389 phy_memory_mode = 1;
2390 }
2391 put_packet("OK");
2392 }
2393 #endif
2394
2395 static const GdbCmdParseEntry gdb_gen_query_set_common_table[] = {
2396 /* Order is important if has same prefix */
2397 {
2398 .handler = handle_query_qemu_sstepbits,
2399 .cmd = "qemu.sstepbits",
2400 },
2401 {
2402 .handler = handle_query_qemu_sstep,
2403 .cmd = "qemu.sstep",
2404 },
2405 {
2406 .handler = handle_set_qemu_sstep,
2407 .cmd = "qemu.sstep=",
2408 .cmd_startswith = 1,
2409 .schema = "l0"
2410 },
2411 };
2412
2413 static const GdbCmdParseEntry gdb_gen_query_table[] = {
2414 {
2415 .handler = handle_query_curr_tid,
2416 .cmd = "C",
2417 },
2418 {
2419 .handler = handle_query_threads,
2420 .cmd = "sThreadInfo",
2421 },
2422 {
2423 .handler = handle_query_first_threads,
2424 .cmd = "fThreadInfo",
2425 },
2426 {
2427 .handler = handle_query_thread_extra,
2428 .cmd = "ThreadExtraInfo,",
2429 .cmd_startswith = 1,
2430 .schema = "t0"
2431 },
2432 #ifdef CONFIG_USER_ONLY
2433 {
2434 .handler = handle_query_offsets,
2435 .cmd = "Offsets",
2436 },
2437 #else
2438 {
2439 .handler = handle_query_rcmd,
2440 .cmd = "Rcmd,",
2441 .cmd_startswith = 1,
2442 .schema = "s0"
2443 },
2444 #endif
2445 {
2446 .handler = handle_query_supported,
2447 .cmd = "Supported:",
2448 .cmd_startswith = 1,
2449 .schema = "s0"
2450 },
2451 {
2452 .handler = handle_query_supported,
2453 .cmd = "Supported",
2454 .schema = "s0"
2455 },
2456 {
2457 .handler = handle_query_xfer_features,
2458 .cmd = "Xfer:features:read:",
2459 .cmd_startswith = 1,
2460 .schema = "s:l,l0"
2461 },
2462 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER)
2463 {
2464 .handler = handle_query_xfer_auxv,
2465 .cmd = "Xfer:auxv:read::",
2466 .cmd_startswith = 1,
2467 .schema = "l,l0"
2468 },
2469 #endif
2470 {
2471 .handler = handle_query_attached,
2472 .cmd = "Attached:",
2473 .cmd_startswith = 1
2474 },
2475 {
2476 .handler = handle_query_attached,
2477 .cmd = "Attached",
2478 },
2479 {
2480 .handler = handle_query_qemu_supported,
2481 .cmd = "qemu.Supported",
2482 },
2483 #ifndef CONFIG_USER_ONLY
2484 {
2485 .handler = handle_query_qemu_phy_mem_mode,
2486 .cmd = "qemu.PhyMemMode",
2487 },
2488 #endif
2489 };
2490
2491 static const GdbCmdParseEntry gdb_gen_set_table[] = {
2492 /* Order is important if has same prefix */
2493 {
2494 .handler = handle_set_qemu_sstep,
2495 .cmd = "qemu.sstep:",
2496 .cmd_startswith = 1,
2497 .schema = "l0"
2498 },
2499 #ifndef CONFIG_USER_ONLY
2500 {
2501 .handler = handle_set_qemu_phy_mem_mode,
2502 .cmd = "qemu.PhyMemMode:",
2503 .cmd_startswith = 1,
2504 .schema = "l0"
2505 },
2506 #endif
2507 };
2508
2509 static void handle_gen_query(GArray *params, void *user_ctx)
2510 {
2511 if (!params->len) {
2512 return;
2513 }
2514
2515 if (!process_string_cmd(NULL, get_param(params, 0)->data,
2516 gdb_gen_query_set_common_table,
2517 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2518 return;
2519 }
2520
2521 if (process_string_cmd(NULL, get_param(params, 0)->data,
2522 gdb_gen_query_table,
2523 ARRAY_SIZE(gdb_gen_query_table))) {
2524 put_packet("");
2525 }
2526 }
2527
2528 static void handle_gen_set(GArray *params, void *user_ctx)
2529 {
2530 if (!params->len) {
2531 return;
2532 }
2533
2534 if (!process_string_cmd(NULL, get_param(params, 0)->data,
2535 gdb_gen_query_set_common_table,
2536 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2537 return;
2538 }
2539
2540 if (process_string_cmd(NULL, get_param(params, 0)->data,
2541 gdb_gen_set_table,
2542 ARRAY_SIZE(gdb_gen_set_table))) {
2543 put_packet("");
2544 }
2545 }
2546
2547 static void handle_target_halt(GArray *params, void *user_ctx)
2548 {
2549 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
2550 gdb_append_thread_id(gdbserver_state.c_cpu, gdbserver_state.str_buf);
2551 g_string_append_c(gdbserver_state.str_buf, ';');
2552 put_strbuf();
2553 /*
2554 * Remove all the breakpoints when this query is issued,
2555 * because gdb is doing an initial connect and the state
2556 * should be cleaned up.
2557 */
2558 gdb_breakpoint_remove_all();
2559 }
2560
2561 static int gdb_handle_packet(const char *line_buf)
2562 {
2563 const GdbCmdParseEntry *cmd_parser = NULL;
2564
2565 trace_gdbstub_io_command(line_buf);
2566
2567 switch (line_buf[0]) {
2568 case '!':
2569 put_packet("OK");
2570 break;
2571 case '?':
2572 {
2573 static const GdbCmdParseEntry target_halted_cmd_desc = {
2574 .handler = handle_target_halt,
2575 .cmd = "?",
2576 .cmd_startswith = 1
2577 };
2578 cmd_parser = &target_halted_cmd_desc;
2579 }
2580 break;
2581 case 'c':
2582 {
2583 static const GdbCmdParseEntry continue_cmd_desc = {
2584 .handler = handle_continue,
2585 .cmd = "c",
2586 .cmd_startswith = 1,
2587 .schema = "L0"
2588 };
2589 cmd_parser = &continue_cmd_desc;
2590 }
2591 break;
2592 case 'C':
2593 {
2594 static const GdbCmdParseEntry cont_with_sig_cmd_desc = {
2595 .handler = handle_cont_with_sig,
2596 .cmd = "C",
2597 .cmd_startswith = 1,
2598 .schema = "l0"
2599 };
2600 cmd_parser = &cont_with_sig_cmd_desc;
2601 }
2602 break;
2603 case 'v':
2604 {
2605 static const GdbCmdParseEntry v_cmd_desc = {
2606 .handler = handle_v_commands,
2607 .cmd = "v",
2608 .cmd_startswith = 1,
2609 .schema = "s0"
2610 };
2611 cmd_parser = &v_cmd_desc;
2612 }
2613 break;
2614 case 'k':
2615 /* Kill the target */
2616 error_report("QEMU: Terminated via GDBstub");
2617 gdb_exit(0);
2618 exit(0);
2619 case 'D':
2620 {
2621 static const GdbCmdParseEntry detach_cmd_desc = {
2622 .handler = handle_detach,
2623 .cmd = "D",
2624 .cmd_startswith = 1,
2625 .schema = "?.l0"
2626 };
2627 cmd_parser = &detach_cmd_desc;
2628 }
2629 break;
2630 case 's':
2631 {
2632 static const GdbCmdParseEntry step_cmd_desc = {
2633 .handler = handle_step,
2634 .cmd = "s",
2635 .cmd_startswith = 1,
2636 .schema = "L0"
2637 };
2638 cmd_parser = &step_cmd_desc;
2639 }
2640 break;
2641 case 'b':
2642 {
2643 static const GdbCmdParseEntry backward_cmd_desc = {
2644 .handler = handle_backward,
2645 .cmd = "b",
2646 .cmd_startswith = 1,
2647 .schema = "o0"
2648 };
2649 cmd_parser = &backward_cmd_desc;
2650 }
2651 break;
2652 case 'F':
2653 {
2654 static const GdbCmdParseEntry file_io_cmd_desc = {
2655 .handler = handle_file_io,
2656 .cmd = "F",
2657 .cmd_startswith = 1,
2658 .schema = "L,L,o0"
2659 };
2660 cmd_parser = &file_io_cmd_desc;
2661 }
2662 break;
2663 case 'g':
2664 {
2665 static const GdbCmdParseEntry read_all_regs_cmd_desc = {
2666 .handler = handle_read_all_regs,
2667 .cmd = "g",
2668 .cmd_startswith = 1
2669 };
2670 cmd_parser = &read_all_regs_cmd_desc;
2671 }
2672 break;
2673 case 'G':
2674 {
2675 static const GdbCmdParseEntry write_all_regs_cmd_desc = {
2676 .handler = handle_write_all_regs,
2677 .cmd = "G",
2678 .cmd_startswith = 1,
2679 .schema = "s0"
2680 };
2681 cmd_parser = &write_all_regs_cmd_desc;
2682 }
2683 break;
2684 case 'm':
2685 {
2686 static const GdbCmdParseEntry read_mem_cmd_desc = {
2687 .handler = handle_read_mem,
2688 .cmd = "m",
2689 .cmd_startswith = 1,
2690 .schema = "L,L0"
2691 };
2692 cmd_parser = &read_mem_cmd_desc;
2693 }
2694 break;
2695 case 'M':
2696 {
2697 static const GdbCmdParseEntry write_mem_cmd_desc = {
2698 .handler = handle_write_mem,
2699 .cmd = "M",
2700 .cmd_startswith = 1,
2701 .schema = "L,L:s0"
2702 };
2703 cmd_parser = &write_mem_cmd_desc;
2704 }
2705 break;
2706 case 'p':
2707 {
2708 static const GdbCmdParseEntry get_reg_cmd_desc = {
2709 .handler = handle_get_reg,
2710 .cmd = "p",
2711 .cmd_startswith = 1,
2712 .schema = "L0"
2713 };
2714 cmd_parser = &get_reg_cmd_desc;
2715 }
2716 break;
2717 case 'P':
2718 {
2719 static const GdbCmdParseEntry set_reg_cmd_desc = {
2720 .handler = handle_set_reg,
2721 .cmd = "P",
2722 .cmd_startswith = 1,
2723 .schema = "L?s0"
2724 };
2725 cmd_parser = &set_reg_cmd_desc;
2726 }
2727 break;
2728 case 'Z':
2729 {
2730 static const GdbCmdParseEntry insert_bp_cmd_desc = {
2731 .handler = handle_insert_bp,
2732 .cmd = "Z",
2733 .cmd_startswith = 1,
2734 .schema = "l?L?L0"
2735 };
2736 cmd_parser = &insert_bp_cmd_desc;
2737 }
2738 break;
2739 case 'z':
2740 {
2741 static const GdbCmdParseEntry remove_bp_cmd_desc = {
2742 .handler = handle_remove_bp,
2743 .cmd = "z",
2744 .cmd_startswith = 1,
2745 .schema = "l?L?L0"
2746 };
2747 cmd_parser = &remove_bp_cmd_desc;
2748 }
2749 break;
2750 case 'H':
2751 {
2752 static const GdbCmdParseEntry set_thread_cmd_desc = {
2753 .handler = handle_set_thread,
2754 .cmd = "H",
2755 .cmd_startswith = 1,
2756 .schema = "o.t0"
2757 };
2758 cmd_parser = &set_thread_cmd_desc;
2759 }
2760 break;
2761 case 'T':
2762 {
2763 static const GdbCmdParseEntry thread_alive_cmd_desc = {
2764 .handler = handle_thread_alive,
2765 .cmd = "T",
2766 .cmd_startswith = 1,
2767 .schema = "t0"
2768 };
2769 cmd_parser = &thread_alive_cmd_desc;
2770 }
2771 break;
2772 case 'q':
2773 {
2774 static const GdbCmdParseEntry gen_query_cmd_desc = {
2775 .handler = handle_gen_query,
2776 .cmd = "q",
2777 .cmd_startswith = 1,
2778 .schema = "s0"
2779 };
2780 cmd_parser = &gen_query_cmd_desc;
2781 }
2782 break;
2783 case 'Q':
2784 {
2785 static const GdbCmdParseEntry gen_set_cmd_desc = {
2786 .handler = handle_gen_set,
2787 .cmd = "Q",
2788 .cmd_startswith = 1,
2789 .schema = "s0"
2790 };
2791 cmd_parser = &gen_set_cmd_desc;
2792 }
2793 break;
2794 default:
2795 /* put empty packet */
2796 put_packet("");
2797 break;
2798 }
2799
2800 if (cmd_parser) {
2801 run_cmd_parser(line_buf, cmd_parser);
2802 }
2803
2804 return RS_IDLE;
2805 }
2806
2807 void gdb_set_stop_cpu(CPUState *cpu)
2808 {
2809 GDBProcess *p = gdb_get_cpu_process(cpu);
2810
2811 if (!p->attached) {
2812 /*
2813 * Having a stop CPU corresponding to a process that is not attached
2814 * confuses GDB. So we ignore the request.
2815 */
2816 return;
2817 }
2818
2819 gdbserver_state.c_cpu = cpu;
2820 gdbserver_state.g_cpu = cpu;
2821 }
2822
2823 #ifndef CONFIG_USER_ONLY
2824 static void gdb_vm_state_change(void *opaque, bool running, RunState state)
2825 {
2826 CPUState *cpu = gdbserver_state.c_cpu;
2827 g_autoptr(GString) buf = g_string_new(NULL);
2828 g_autoptr(GString) tid = g_string_new(NULL);
2829 const char *type;
2830 int ret;
2831
2832 if (running || gdbserver_state.state == RS_INACTIVE) {
2833 return;
2834 }
2835 /* Is there a GDB syscall waiting to be sent? */
2836 if (gdbserver_state.current_syscall_cb) {
2837 put_packet(gdbserver_state.syscall_buf);
2838 return;
2839 }
2840
2841 if (cpu == NULL) {
2842 /* No process attached */
2843 return;
2844 }
2845
2846 gdb_append_thread_id(cpu, tid);
2847
2848 switch (state) {
2849 case RUN_STATE_DEBUG:
2850 if (cpu->watchpoint_hit) {
2851 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
2852 case BP_MEM_READ:
2853 type = "r";
2854 break;
2855 case BP_MEM_ACCESS:
2856 type = "a";
2857 break;
2858 default:
2859 type = "";
2860 break;
2861 }
2862 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu),
2863 (target_ulong)cpu->watchpoint_hit->vaddr);
2864 g_string_printf(buf, "T%02xthread:%s;%swatch:" TARGET_FMT_lx ";",
2865 GDB_SIGNAL_TRAP, tid->str, type,
2866 (target_ulong)cpu->watchpoint_hit->vaddr);
2867 cpu->watchpoint_hit = NULL;
2868 goto send_packet;
2869 } else {
2870 trace_gdbstub_hit_break();
2871 }
2872 tb_flush(cpu);
2873 ret = GDB_SIGNAL_TRAP;
2874 break;
2875 case RUN_STATE_PAUSED:
2876 trace_gdbstub_hit_paused();
2877 ret = GDB_SIGNAL_INT;
2878 break;
2879 case RUN_STATE_SHUTDOWN:
2880 trace_gdbstub_hit_shutdown();
2881 ret = GDB_SIGNAL_QUIT;
2882 break;
2883 case RUN_STATE_IO_ERROR:
2884 trace_gdbstub_hit_io_error();
2885 ret = GDB_SIGNAL_IO;
2886 break;
2887 case RUN_STATE_WATCHDOG:
2888 trace_gdbstub_hit_watchdog();
2889 ret = GDB_SIGNAL_ALRM;
2890 break;
2891 case RUN_STATE_INTERNAL_ERROR:
2892 trace_gdbstub_hit_internal_error();
2893 ret = GDB_SIGNAL_ABRT;
2894 break;
2895 case RUN_STATE_SAVE_VM:
2896 case RUN_STATE_RESTORE_VM:
2897 return;
2898 case RUN_STATE_FINISH_MIGRATE:
2899 ret = GDB_SIGNAL_XCPU;
2900 break;
2901 default:
2902 trace_gdbstub_hit_unknown(state);
2903 ret = GDB_SIGNAL_UNKNOWN;
2904 break;
2905 }
2906 gdb_set_stop_cpu(cpu);
2907 g_string_printf(buf, "T%02xthread:%s;", ret, tid->str);
2908
2909 send_packet:
2910 put_packet(buf->str);
2911
2912 /* disable single step if it was enabled */
2913 cpu_single_step(cpu, 0);
2914 }
2915 #endif
2916
2917 /* Send a gdb syscall request.
2918 This accepts limited printf-style format specifiers, specifically:
2919 %x - target_ulong argument printed in hex.
2920 %lx - 64-bit argument printed in hex.
2921 %s - string pointer (target_ulong) and length (int) pair. */
2922 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
2923 {
2924 char *p;
2925 char *p_end;
2926 target_ulong addr;
2927 uint64_t i64;
2928
2929 if (!gdb_attached()) {
2930 return;
2931 }
2932
2933 gdbserver_state.current_syscall_cb = cb;
2934 #ifndef CONFIG_USER_ONLY
2935 vm_stop(RUN_STATE_DEBUG);
2936 #endif
2937 p = &gdbserver_state.syscall_buf[0];
2938 p_end = &gdbserver_state.syscall_buf[sizeof(gdbserver_state.syscall_buf)];
2939 *(p++) = 'F';
2940 while (*fmt) {
2941 if (*fmt == '%') {
2942 fmt++;
2943 switch (*fmt++) {
2944 case 'x':
2945 addr = va_arg(va, target_ulong);
2946 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
2947 break;
2948 case 'l':
2949 if (*(fmt++) != 'x')
2950 goto bad_format;
2951 i64 = va_arg(va, uint64_t);
2952 p += snprintf(p, p_end - p, "%" PRIx64, i64);
2953 break;
2954 case 's':
2955 addr = va_arg(va, target_ulong);
2956 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
2957 addr, va_arg(va, int));
2958 break;
2959 default:
2960 bad_format:
2961 error_report("gdbstub: Bad syscall format string '%s'",
2962 fmt - 1);
2963 break;
2964 }
2965 } else {
2966 *(p++) = *(fmt++);
2967 }
2968 }
2969 *p = 0;
2970 #ifdef CONFIG_USER_ONLY
2971 put_packet(gdbserver_state.syscall_buf);
2972 /* Return control to gdb for it to process the syscall request.
2973 * Since the protocol requires that gdb hands control back to us
2974 * using a "here are the results" F packet, we don't need to check
2975 * gdb_handlesig's return value (which is the signal to deliver if
2976 * execution was resumed via a continue packet).
2977 */
2978 gdb_handlesig(gdbserver_state.c_cpu, 0);
2979 #else
2980 /* In this case wait to send the syscall packet until notification that
2981 the CPU has stopped. This must be done because if the packet is sent
2982 now the reply from the syscall request could be received while the CPU
2983 is still in the running state, which can cause packets to be dropped
2984 and state transition 'T' packets to be sent while the syscall is still
2985 being processed. */
2986 qemu_cpu_kick(gdbserver_state.c_cpu);
2987 #endif
2988 }
2989
2990 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
2991 {
2992 va_list va;
2993
2994 va_start(va, fmt);
2995 gdb_do_syscallv(cb, fmt, va);
2996 va_end(va);
2997 }
2998
2999 static void gdb_read_byte(uint8_t ch)
3000 {
3001 uint8_t reply;
3002
3003 #ifndef CONFIG_USER_ONLY
3004 if (gdbserver_state.last_packet->len) {
3005 /* Waiting for a response to the last packet. If we see the start
3006 of a new command then abandon the previous response. */
3007 if (ch == '-') {
3008 trace_gdbstub_err_got_nack();
3009 put_buffer(gdbserver_state.last_packet->data,
3010 gdbserver_state.last_packet->len);
3011 } else if (ch == '+') {
3012 trace_gdbstub_io_got_ack();
3013 } else {
3014 trace_gdbstub_io_got_unexpected(ch);
3015 }
3016
3017 if (ch == '+' || ch == '$') {
3018 g_byte_array_set_size(gdbserver_state.last_packet, 0);
3019 }
3020 if (ch != '$')
3021 return;
3022 }
3023 if (runstate_is_running()) {
3024 /* when the CPU is running, we cannot do anything except stop
3025 it when receiving a char */
3026 vm_stop(RUN_STATE_PAUSED);
3027 } else
3028 #endif
3029 {
3030 switch(gdbserver_state.state) {
3031 case RS_IDLE:
3032 if (ch == '$') {
3033 /* start of command packet */
3034 gdbserver_state.line_buf_index = 0;
3035 gdbserver_state.line_sum = 0;
3036 gdbserver_state.state = RS_GETLINE;
3037 } else {
3038 trace_gdbstub_err_garbage(ch);
3039 }
3040 break;
3041 case RS_GETLINE:
3042 if (ch == '}') {
3043 /* start escape sequence */
3044 gdbserver_state.state = RS_GETLINE_ESC;
3045 gdbserver_state.line_sum += ch;
3046 } else if (ch == '*') {
3047 /* start run length encoding sequence */
3048 gdbserver_state.state = RS_GETLINE_RLE;
3049 gdbserver_state.line_sum += ch;
3050 } else if (ch == '#') {
3051 /* end of command, start of checksum*/
3052 gdbserver_state.state = RS_CHKSUM1;
3053 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
3054 trace_gdbstub_err_overrun();
3055 gdbserver_state.state = RS_IDLE;
3056 } else {
3057 /* unescaped command character */
3058 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch;
3059 gdbserver_state.line_sum += ch;
3060 }
3061 break;
3062 case RS_GETLINE_ESC:
3063 if (ch == '#') {
3064 /* unexpected end of command in escape sequence */
3065 gdbserver_state.state = RS_CHKSUM1;
3066 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
3067 /* command buffer overrun */
3068 trace_gdbstub_err_overrun();
3069 gdbserver_state.state = RS_IDLE;
3070 } else {
3071 /* parse escaped character and leave escape state */
3072 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch ^ 0x20;
3073 gdbserver_state.line_sum += ch;
3074 gdbserver_state.state = RS_GETLINE;
3075 }
3076 break;
3077 case RS_GETLINE_RLE:
3078 /*
3079 * Run-length encoding is explained in "Debugging with GDB /
3080 * Appendix E GDB Remote Serial Protocol / Overview".
3081 */
3082 if (ch < ' ' || ch == '#' || ch == '$' || ch > 126) {
3083 /* invalid RLE count encoding */
3084 trace_gdbstub_err_invalid_repeat(ch);
3085 gdbserver_state.state = RS_GETLINE;
3086 } else {
3087 /* decode repeat length */
3088 int repeat = ch - ' ' + 3;
3089 if (gdbserver_state.line_buf_index + repeat >= sizeof(gdbserver_state.line_buf) - 1) {
3090 /* that many repeats would overrun the command buffer */
3091 trace_gdbstub_err_overrun();
3092 gdbserver_state.state = RS_IDLE;
3093 } else if (gdbserver_state.line_buf_index < 1) {
3094 /* got a repeat but we have nothing to repeat */
3095 trace_gdbstub_err_invalid_rle();
3096 gdbserver_state.state = RS_GETLINE;
3097 } else {
3098 /* repeat the last character */
3099 memset(gdbserver_state.line_buf + gdbserver_state.line_buf_index,
3100 gdbserver_state.line_buf[gdbserver_state.line_buf_index - 1], repeat);
3101 gdbserver_state.line_buf_index += repeat;
3102 gdbserver_state.line_sum += ch;
3103 gdbserver_state.state = RS_GETLINE;
3104 }
3105 }
3106 break;
3107 case RS_CHKSUM1:
3108 /* get high hex digit of checksum */
3109 if (!isxdigit(ch)) {
3110 trace_gdbstub_err_checksum_invalid(ch);
3111 gdbserver_state.state = RS_GETLINE;
3112 break;
3113 }
3114 gdbserver_state.line_buf[gdbserver_state.line_buf_index] = '\0';
3115 gdbserver_state.line_csum = fromhex(ch) << 4;
3116 gdbserver_state.state = RS_CHKSUM2;
3117 break;
3118 case RS_CHKSUM2:
3119 /* get low hex digit of checksum */
3120 if (!isxdigit(ch)) {
3121 trace_gdbstub_err_checksum_invalid(ch);
3122 gdbserver_state.state = RS_GETLINE;
3123 break;
3124 }
3125 gdbserver_state.line_csum |= fromhex(ch);
3126
3127 if (gdbserver_state.line_csum != (gdbserver_state.line_sum & 0xff)) {
3128 trace_gdbstub_err_checksum_incorrect(gdbserver_state.line_sum, gdbserver_state.line_csum);
3129 /* send NAK reply */
3130 reply = '-';
3131 put_buffer(&reply, 1);
3132 gdbserver_state.state = RS_IDLE;
3133 } else {
3134 /* send ACK reply */
3135 reply = '+';
3136 put_buffer(&reply, 1);
3137 gdbserver_state.state = gdb_handle_packet(gdbserver_state.line_buf);
3138 }
3139 break;
3140 default:
3141 abort();
3142 }
3143 }
3144 }
3145
3146 /* Tell the remote gdb that the process has exited. */
3147 void gdb_exit(int code)
3148 {
3149 char buf[4];
3150
3151 if (!gdbserver_state.init) {
3152 return;
3153 }
3154 #ifdef CONFIG_USER_ONLY
3155 if (gdbserver_state.socket_path) {
3156 unlink(gdbserver_state.socket_path);
3157 }
3158 if (gdbserver_state.fd < 0) {
3159 return;
3160 }
3161 #endif
3162
3163 trace_gdbstub_op_exiting((uint8_t)code);
3164
3165 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
3166 put_packet(buf);
3167
3168 #ifndef CONFIG_USER_ONLY
3169 qemu_chr_fe_deinit(&gdbserver_state.chr, true);
3170 #endif
3171 }
3172
3173 /*
3174 * Create the process that will contain all the "orphan" CPUs (that are not
3175 * part of a CPU cluster). Note that if this process contains no CPUs, it won't
3176 * be attachable and thus will be invisible to the user.
3177 */
3178 static void create_default_process(GDBState *s)
3179 {
3180 GDBProcess *process;
3181 int max_pid = 0;
3182
3183 if (gdbserver_state.process_num) {
3184 max_pid = s->processes[s->process_num - 1].pid;
3185 }
3186
3187 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
3188 process = &s->processes[s->process_num - 1];
3189
3190 /* We need an available PID slot for this process */
3191 assert(max_pid < UINT32_MAX);
3192
3193 process->pid = max_pid + 1;
3194 process->attached = false;
3195 process->target_xml[0] = '\0';
3196 }
3197
3198 #ifdef CONFIG_USER_ONLY
3199 int
3200 gdb_handlesig(CPUState *cpu, int sig)
3201 {
3202 char buf[256];
3203 int n;
3204
3205 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3206 return sig;
3207 }
3208
3209 /* disable single step if it was enabled */
3210 cpu_single_step(cpu, 0);
3211 tb_flush(cpu);
3212
3213 if (sig != 0) {
3214 gdb_set_stop_cpu(cpu);
3215 g_string_printf(gdbserver_state.str_buf,
3216 "T%02xthread:", target_signal_to_gdb(sig));
3217 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
3218 g_string_append_c(gdbserver_state.str_buf, ';');
3219 put_strbuf();
3220 }
3221 /* put_packet() might have detected that the peer terminated the
3222 connection. */
3223 if (gdbserver_state.fd < 0) {
3224 return sig;
3225 }
3226
3227 sig = 0;
3228 gdbserver_state.state = RS_IDLE;
3229 gdbserver_state.running_state = 0;
3230 while (gdbserver_state.running_state == 0) {
3231 n = read(gdbserver_state.fd, buf, 256);
3232 if (n > 0) {
3233 int i;
3234
3235 for (i = 0; i < n; i++) {
3236 gdb_read_byte(buf[i]);
3237 }
3238 } else {
3239 /* XXX: Connection closed. Should probably wait for another
3240 connection before continuing. */
3241 if (n == 0) {
3242 close(gdbserver_state.fd);
3243 }
3244 gdbserver_state.fd = -1;
3245 return sig;
3246 }
3247 }
3248 sig = gdbserver_state.signal;
3249 gdbserver_state.signal = 0;
3250 return sig;
3251 }
3252
3253 /* Tell the remote gdb that the process has exited due to SIG. */
3254 void gdb_signalled(CPUArchState *env, int sig)
3255 {
3256 char buf[4];
3257
3258 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3259 return;
3260 }
3261
3262 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
3263 put_packet(buf);
3264 }
3265
3266 static void gdb_accept_init(int fd)
3267 {
3268 init_gdbserver_state();
3269 create_default_process(&gdbserver_state);
3270 gdbserver_state.processes[0].attached = true;
3271 gdbserver_state.c_cpu = gdb_first_attached_cpu();
3272 gdbserver_state.g_cpu = gdbserver_state.c_cpu;
3273 gdbserver_state.fd = fd;
3274 gdb_has_xml = false;
3275 }
3276
3277 static bool gdb_accept_socket(int gdb_fd)
3278 {
3279 int fd;
3280
3281 for(;;) {
3282 fd = accept(gdb_fd, NULL, NULL);
3283 if (fd < 0 && errno != EINTR) {
3284 perror("accept socket");
3285 return false;
3286 } else if (fd >= 0) {
3287 qemu_set_cloexec(fd);
3288 break;
3289 }
3290 }
3291
3292 gdb_accept_init(fd);
3293 return true;
3294 }
3295
3296 static int gdbserver_open_socket(const char *path)
3297 {
3298 struct sockaddr_un sockaddr = {};
3299 int fd, ret;
3300
3301 fd = socket(AF_UNIX, SOCK_STREAM, 0);
3302 if (fd < 0) {
3303 perror("create socket");
3304 return -1;
3305 }
3306
3307 sockaddr.sun_family = AF_UNIX;
3308 pstrcpy(sockaddr.sun_path, sizeof(sockaddr.sun_path) - 1, path);
3309 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
3310 if (ret < 0) {
3311 perror("bind socket");
3312 close(fd);
3313 return -1;
3314 }
3315 ret = listen(fd, 1);
3316 if (ret < 0) {
3317 perror("listen socket");
3318 close(fd);
3319 return -1;
3320 }
3321
3322 return fd;
3323 }
3324
3325 static bool gdb_accept_tcp(int gdb_fd)
3326 {
3327 struct sockaddr_in sockaddr = {};
3328 socklen_t len;
3329 int fd;
3330
3331 for(;;) {
3332 len = sizeof(sockaddr);
3333 fd = accept(gdb_fd, (struct sockaddr *)&sockaddr, &len);
3334 if (fd < 0 && errno != EINTR) {
3335 perror("accept");
3336 return false;
3337 } else if (fd >= 0) {
3338 qemu_set_cloexec(fd);
3339 break;
3340 }
3341 }
3342
3343 /* set short latency */
3344 if (socket_set_nodelay(fd)) {
3345 perror("setsockopt");
3346 close(fd);
3347 return false;
3348 }
3349
3350 gdb_accept_init(fd);
3351 return true;
3352 }
3353
3354 static int gdbserver_open_port(int port)
3355 {
3356 struct sockaddr_in sockaddr;
3357 int fd, ret;
3358
3359 fd = socket(PF_INET, SOCK_STREAM, 0);
3360 if (fd < 0) {
3361 perror("socket");
3362 return -1;
3363 }
3364 qemu_set_cloexec(fd);
3365
3366 socket_set_fast_reuse(fd);
3367
3368 sockaddr.sin_family = AF_INET;
3369 sockaddr.sin_port = htons(port);
3370 sockaddr.sin_addr.s_addr = 0;
3371 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
3372 if (ret < 0) {
3373 perror("bind");
3374 close(fd);
3375 return -1;
3376 }
3377 ret = listen(fd, 1);
3378 if (ret < 0) {
3379 perror("listen");
3380 close(fd);
3381 return -1;
3382 }
3383
3384 return fd;
3385 }
3386
3387 int gdbserver_start(const char *port_or_path)
3388 {
3389 int port = g_ascii_strtoull(port_or_path, NULL, 10);
3390 int gdb_fd;
3391
3392 if (port > 0) {
3393 gdb_fd = gdbserver_open_port(port);
3394 } else {
3395 gdb_fd = gdbserver_open_socket(port_or_path);
3396 }
3397
3398 if (gdb_fd < 0) {
3399 return -1;
3400 }
3401
3402 if (port > 0 && gdb_accept_tcp(gdb_fd)) {
3403 return 0;
3404 } else if (gdb_accept_socket(gdb_fd)) {
3405 gdbserver_state.socket_path = g_strdup(port_or_path);
3406 return 0;
3407 }
3408
3409 /* gone wrong */
3410 close(gdb_fd);
3411 return -1;
3412 }
3413
3414 /* Disable gdb stub for child processes. */
3415 void gdbserver_fork(CPUState *cpu)
3416 {
3417 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3418 return;
3419 }
3420 close(gdbserver_state.fd);
3421 gdbserver_state.fd = -1;
3422 cpu_breakpoint_remove_all(cpu, BP_GDB);
3423 cpu_watchpoint_remove_all(cpu, BP_GDB);
3424 }
3425 #else
3426 static int gdb_chr_can_receive(void *opaque)
3427 {
3428 /* We can handle an arbitrarily large amount of data.
3429 Pick the maximum packet size, which is as good as anything. */
3430 return MAX_PACKET_LENGTH;
3431 }
3432
3433 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
3434 {
3435 int i;
3436
3437 for (i = 0; i < size; i++) {
3438 gdb_read_byte(buf[i]);
3439 }
3440 }
3441
3442 static void gdb_chr_event(void *opaque, QEMUChrEvent event)
3443 {
3444 int i;
3445 GDBState *s = (GDBState *) opaque;
3446
3447 switch (event) {
3448 case CHR_EVENT_OPENED:
3449 /* Start with first process attached, others detached */
3450 for (i = 0; i < s->process_num; i++) {
3451 s->processes[i].attached = !i;
3452 }
3453
3454 s->c_cpu = gdb_first_attached_cpu();
3455 s->g_cpu = s->c_cpu;
3456
3457 vm_stop(RUN_STATE_PAUSED);
3458 replay_gdb_attached();
3459 gdb_has_xml = false;
3460 break;
3461 default:
3462 break;
3463 }
3464 }
3465
3466 static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len)
3467 {
3468 g_autoptr(GString) hex_buf = g_string_new("O");
3469 memtohex(hex_buf, buf, len);
3470 put_packet(hex_buf->str);
3471 return len;
3472 }
3473
3474 #ifndef _WIN32
3475 static void gdb_sigterm_handler(int signal)
3476 {
3477 if (runstate_is_running()) {
3478 vm_stop(RUN_STATE_PAUSED);
3479 }
3480 }
3481 #endif
3482
3483 static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend,
3484 bool *be_opened, Error **errp)
3485 {
3486 *be_opened = false;
3487 }
3488
3489 static void char_gdb_class_init(ObjectClass *oc, void *data)
3490 {
3491 ChardevClass *cc = CHARDEV_CLASS(oc);
3492
3493 cc->internal = true;
3494 cc->open = gdb_monitor_open;
3495 cc->chr_write = gdb_monitor_write;
3496 }
3497
3498 #define TYPE_CHARDEV_GDB "chardev-gdb"
3499
3500 static const TypeInfo char_gdb_type_info = {
3501 .name = TYPE_CHARDEV_GDB,
3502 .parent = TYPE_CHARDEV,
3503 .class_init = char_gdb_class_init,
3504 };
3505
3506 static int find_cpu_clusters(Object *child, void *opaque)
3507 {
3508 if (object_dynamic_cast(child, TYPE_CPU_CLUSTER)) {
3509 GDBState *s = (GDBState *) opaque;
3510 CPUClusterState *cluster = CPU_CLUSTER(child);
3511 GDBProcess *process;
3512
3513 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
3514
3515 process = &s->processes[s->process_num - 1];
3516
3517 /*
3518 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at
3519 * runtime, we enforce here that the machine does not use a cluster ID
3520 * that would lead to PID 0.
3521 */
3522 assert(cluster->cluster_id != UINT32_MAX);
3523 process->pid = cluster->cluster_id + 1;
3524 process->attached = false;
3525 process->target_xml[0] = '\0';
3526
3527 return 0;
3528 }
3529
3530 return object_child_foreach(child, find_cpu_clusters, opaque);
3531 }
3532
3533 static int pid_order(const void *a, const void *b)
3534 {
3535 GDBProcess *pa = (GDBProcess *) a;
3536 GDBProcess *pb = (GDBProcess *) b;
3537
3538 if (pa->pid < pb->pid) {
3539 return -1;
3540 } else if (pa->pid > pb->pid) {
3541 return 1;
3542 } else {
3543 return 0;
3544 }
3545 }
3546
3547 static void create_processes(GDBState *s)
3548 {
3549 object_child_foreach(object_get_root(), find_cpu_clusters, s);
3550
3551 if (gdbserver_state.processes) {
3552 /* Sort by PID */
3553 qsort(gdbserver_state.processes, gdbserver_state.process_num, sizeof(gdbserver_state.processes[0]), pid_order);
3554 }
3555
3556 create_default_process(s);
3557 }
3558
3559 int gdbserver_start(const char *device)
3560 {
3561 trace_gdbstub_op_start(device);
3562
3563 char gdbstub_device_name[128];
3564 Chardev *chr = NULL;
3565 Chardev *mon_chr;
3566
3567 if (!first_cpu) {
3568 error_report("gdbstub: meaningless to attach gdb to a "
3569 "machine without any CPU.");
3570 return -1;
3571 }
3572
3573 if (kvm_enabled() && !kvm_supports_guest_debug()) {
3574 error_report("gdbstub: KVM doesn't support guest debugging");
3575 return -1;
3576 }
3577
3578 if (!device)
3579 return -1;
3580 if (strcmp(device, "none") != 0) {
3581 if (strstart(device, "tcp:", NULL)) {
3582 /* enforce required TCP attributes */
3583 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
3584 "%s,wait=off,nodelay=on,server=on", device);
3585 device = gdbstub_device_name;
3586 }
3587 #ifndef _WIN32
3588 else if (strcmp(device, "stdio") == 0) {
3589 struct sigaction act;
3590
3591 memset(&act, 0, sizeof(act));
3592 act.sa_handler = gdb_sigterm_handler;
3593 sigaction(SIGINT, &act, NULL);
3594 }
3595 #endif
3596 /*
3597 * FIXME: it's a bit weird to allow using a mux chardev here
3598 * and implicitly setup a monitor. We may want to break this.
3599 */
3600 chr = qemu_chr_new_noreplay("gdb", device, true, NULL);
3601 if (!chr)
3602 return -1;
3603 }
3604
3605 if (!gdbserver_state.init) {
3606 init_gdbserver_state();
3607
3608 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
3609
3610 /* Initialize a monitor terminal for gdb */
3611 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB,
3612 NULL, NULL, &error_abort);
3613 monitor_init_hmp(mon_chr, false, &error_abort);
3614 } else {
3615 qemu_chr_fe_deinit(&gdbserver_state.chr, true);
3616 mon_chr = gdbserver_state.mon_chr;
3617 reset_gdbserver_state();
3618 }
3619
3620 create_processes(&gdbserver_state);
3621
3622 if (chr) {
3623 qemu_chr_fe_init(&gdbserver_state.chr, chr, &error_abort);
3624 qemu_chr_fe_set_handlers(&gdbserver_state.chr, gdb_chr_can_receive,
3625 gdb_chr_receive, gdb_chr_event,
3626 NULL, &gdbserver_state, NULL, true);
3627 }
3628 gdbserver_state.state = chr ? RS_IDLE : RS_INACTIVE;
3629 gdbserver_state.mon_chr = mon_chr;
3630 gdbserver_state.current_syscall_cb = NULL;
3631
3632 return 0;
3633 }
3634
3635 static void register_types(void)
3636 {
3637 type_register_static(&char_gdb_type_info);
3638 }
3639
3640 type_init(register_types);
3641 #endif
Ray Wang's QEMU Repository