search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
MAINTAINERS: Split the Alpha TCG/machine section
[qemu/rayw.git] / gdbstub.c
blobf1d51480f79d3604f5089a6684066e21740081f3
1 /*
2 * gdb server stub
3 *
4 * Copyright (c) 2003-2005 Fabrice Bellard
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18 */
19 #include "qemu/osdep.h"
20 #include "qapi/error.h"
21 #include "qemu/error-report.h"
22 #include "qemu/cutils.h"
23 #include "cpu.h"
24 #include "trace-root.h"
25 #ifdef CONFIG_USER_ONLY
26 #include "qemu.h"
27 #else
28 #include "monitor/monitor.h"
29 #include "chardev/char.h"
30 #include "chardev/char-fe.h"
31 #include "sysemu/sysemu.h"
32 #include "exec/gdbstub.h"
33 #endif
34
35 #define MAX_PACKET_LENGTH 4096
36
37 #include "qemu/sockets.h"
38 #include "sysemu/hw_accel.h"
39 #include "sysemu/kvm.h"
40 #include "exec/semihost.h"
41 #include "exec/exec-all.h"
42
43 #ifdef CONFIG_USER_ONLY
44 #define GDB_ATTACHED "0"
45 #else
46 #define GDB_ATTACHED "1"
47 #endif
48
49 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
50 uint8_t *buf, int len, bool is_write)
51 {
52 CPUClass *cc = CPU_GET_CLASS(cpu);
53
54 if (cc->memory_rw_debug) {
55 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
56 }
57 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
58 }
59
60 /* Return the GDB index for a given vCPU state.
61 *
62 * For user mode this is simply the thread id. In system mode GDB
63 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
64 */
65 static inline int cpu_gdb_index(CPUState *cpu)
66 {
67 #if defined(CONFIG_USER_ONLY)
68 TaskState *ts = (TaskState *) cpu->opaque;
69 return ts->ts_tid;
70 #else
71 return cpu->cpu_index + 1;
72 #endif
73 }
74
75 enum {
76 GDB_SIGNAL_0 = 0,
77 GDB_SIGNAL_INT = 2,
78 GDB_SIGNAL_QUIT = 3,
79 GDB_SIGNAL_TRAP = 5,
80 GDB_SIGNAL_ABRT = 6,
81 GDB_SIGNAL_ALRM = 14,
82 GDB_SIGNAL_IO = 23,
83 GDB_SIGNAL_XCPU = 24,
84 GDB_SIGNAL_UNKNOWN = 143
85 };
86
87 #ifdef CONFIG_USER_ONLY
88
89 /* Map target signal numbers to GDB protocol signal numbers and vice
90 * versa. For user emulation's currently supported systems, we can
91 * assume most signals are defined.
92 */
93
94 static int gdb_signal_table[] = {
95 0,
96 TARGET_SIGHUP,
97 TARGET_SIGINT,
98 TARGET_SIGQUIT,
99 TARGET_SIGILL,
100 TARGET_SIGTRAP,
101 TARGET_SIGABRT,
102 -1, /* SIGEMT */
103 TARGET_SIGFPE,
104 TARGET_SIGKILL,
105 TARGET_SIGBUS,
106 TARGET_SIGSEGV,
107 TARGET_SIGSYS,
108 TARGET_SIGPIPE,
109 TARGET_SIGALRM,
110 TARGET_SIGTERM,
111 TARGET_SIGURG,
112 TARGET_SIGSTOP,
113 TARGET_SIGTSTP,
114 TARGET_SIGCONT,
115 TARGET_SIGCHLD,
116 TARGET_SIGTTIN,
117 TARGET_SIGTTOU,
118 TARGET_SIGIO,
119 TARGET_SIGXCPU,
120 TARGET_SIGXFSZ,
121 TARGET_SIGVTALRM,
122 TARGET_SIGPROF,
123 TARGET_SIGWINCH,
124 -1, /* SIGLOST */
125 TARGET_SIGUSR1,
126 TARGET_SIGUSR2,
127 #ifdef TARGET_SIGPWR
128 TARGET_SIGPWR,
129 #else
130 -1,
131 #endif
132 -1, /* SIGPOLL */
133 -1,
134 -1,
135 -1,
136 -1,
137 -1,
138 -1,
139 -1,
140 -1,
141 -1,
142 -1,
143 -1,
144 #ifdef __SIGRTMIN
145 __SIGRTMIN + 1,
146 __SIGRTMIN + 2,
147 __SIGRTMIN + 3,
148 __SIGRTMIN + 4,
149 __SIGRTMIN + 5,
150 __SIGRTMIN + 6,
151 __SIGRTMIN + 7,
152 __SIGRTMIN + 8,
153 __SIGRTMIN + 9,
154 __SIGRTMIN + 10,
155 __SIGRTMIN + 11,
156 __SIGRTMIN + 12,
157 __SIGRTMIN + 13,
158 __SIGRTMIN + 14,
159 __SIGRTMIN + 15,
160 __SIGRTMIN + 16,
161 __SIGRTMIN + 17,
162 __SIGRTMIN + 18,
163 __SIGRTMIN + 19,
164 __SIGRTMIN + 20,
165 __SIGRTMIN + 21,
166 __SIGRTMIN + 22,
167 __SIGRTMIN + 23,
168 __SIGRTMIN + 24,
169 __SIGRTMIN + 25,
170 __SIGRTMIN + 26,
171 __SIGRTMIN + 27,
172 __SIGRTMIN + 28,
173 __SIGRTMIN + 29,
174 __SIGRTMIN + 30,
175 __SIGRTMIN + 31,
176 -1, /* SIGCANCEL */
177 __SIGRTMIN,
178 __SIGRTMIN + 32,
179 __SIGRTMIN + 33,
180 __SIGRTMIN + 34,
181 __SIGRTMIN + 35,
182 __SIGRTMIN + 36,
183 __SIGRTMIN + 37,
184 __SIGRTMIN + 38,
185 __SIGRTMIN + 39,
186 __SIGRTMIN + 40,
187 __SIGRTMIN + 41,
188 __SIGRTMIN + 42,
189 __SIGRTMIN + 43,
190 __SIGRTMIN + 44,
191 __SIGRTMIN + 45,
192 __SIGRTMIN + 46,
193 __SIGRTMIN + 47,
194 __SIGRTMIN + 48,
195 __SIGRTMIN + 49,
196 __SIGRTMIN + 50,
197 __SIGRTMIN + 51,
198 __SIGRTMIN + 52,
199 __SIGRTMIN + 53,
200 __SIGRTMIN + 54,
201 __SIGRTMIN + 55,
202 __SIGRTMIN + 56,
203 __SIGRTMIN + 57,
204 __SIGRTMIN + 58,
205 __SIGRTMIN + 59,
206 __SIGRTMIN + 60,
207 __SIGRTMIN + 61,
208 __SIGRTMIN + 62,
209 __SIGRTMIN + 63,
210 __SIGRTMIN + 64,
211 __SIGRTMIN + 65,
212 __SIGRTMIN + 66,
213 __SIGRTMIN + 67,
214 __SIGRTMIN + 68,
215 __SIGRTMIN + 69,
216 __SIGRTMIN + 70,
217 __SIGRTMIN + 71,
218 __SIGRTMIN + 72,
219 __SIGRTMIN + 73,
220 __SIGRTMIN + 74,
221 __SIGRTMIN + 75,
222 __SIGRTMIN + 76,
223 __SIGRTMIN + 77,
224 __SIGRTMIN + 78,
225 __SIGRTMIN + 79,
226 __SIGRTMIN + 80,
227 __SIGRTMIN + 81,
228 __SIGRTMIN + 82,
229 __SIGRTMIN + 83,
230 __SIGRTMIN + 84,
231 __SIGRTMIN + 85,
232 __SIGRTMIN + 86,
233 __SIGRTMIN + 87,
234 __SIGRTMIN + 88,
235 __SIGRTMIN + 89,
236 __SIGRTMIN + 90,
237 __SIGRTMIN + 91,
238 __SIGRTMIN + 92,
239 __SIGRTMIN + 93,
240 __SIGRTMIN + 94,
241 __SIGRTMIN + 95,
242 -1, /* SIGINFO */
243 -1, /* UNKNOWN */
244 -1, /* DEFAULT */
245 -1,
246 -1,
247 -1,
248 -1,
249 -1,
250 -1
251 #endif
252 };
253 #else
254 /* In system mode we only need SIGINT and SIGTRAP; other signals
255 are not yet supported. */
256
257 enum {
258 TARGET_SIGINT = 2,
259 TARGET_SIGTRAP = 5
260 };
261
262 static int gdb_signal_table[] = {
263 -1,
264 -1,
265 TARGET_SIGINT,
266 -1,
267 -1,
268 TARGET_SIGTRAP
269 };
270 #endif
271
272 #ifdef CONFIG_USER_ONLY
273 static int target_signal_to_gdb (int sig)
274 {
275 int i;
276 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
277 if (gdb_signal_table[i] == sig)
278 return i;
279 return GDB_SIGNAL_UNKNOWN;
280 }
281 #endif
282
283 static int gdb_signal_to_target (int sig)
284 {
285 if (sig < ARRAY_SIZE (gdb_signal_table))
286 return gdb_signal_table[sig];
287 else
288 return -1;
289 }
290
291 typedef struct GDBRegisterState {
292 int base_reg;
293 int num_regs;
294 gdb_reg_cb get_reg;
295 gdb_reg_cb set_reg;
296 const char *xml;
297 struct GDBRegisterState *next;
298 } GDBRegisterState;
299
300 enum RSState {
301 RS_INACTIVE,
302 RS_IDLE,
303 RS_GETLINE,
304 RS_GETLINE_ESC,
305 RS_GETLINE_RLE,
306 RS_CHKSUM1,
307 RS_CHKSUM2,
308 };
309 typedef struct GDBState {
310 CPUState *c_cpu; /* current CPU for step/continue ops */
311 CPUState *g_cpu; /* current CPU for other ops */
312 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
313 enum RSState state; /* parsing state */
314 char line_buf[MAX_PACKET_LENGTH];
315 int line_buf_index;
316 int line_sum; /* running checksum */
317 int line_csum; /* checksum at the end of the packet */
318 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
319 int last_packet_len;
320 int signal;
321 #ifdef CONFIG_USER_ONLY
322 int fd;
323 int running_state;
324 #else
325 CharBackend chr;
326 Chardev *mon_chr;
327 #endif
328 char syscall_buf[256];
329 gdb_syscall_complete_cb current_syscall_cb;
330 } GDBState;
331
332 /* By default use no IRQs and no timers while single stepping so as to
333 * make single stepping like an ICE HW step.
334 */
335 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
336
337 static GDBState *gdbserver_state;
338
339 bool gdb_has_xml;
340
341 #ifdef CONFIG_USER_ONLY
342 /* XXX: This is not thread safe. Do we care? */
343 static int gdbserver_fd = -1;
344
345 static int get_char(GDBState *s)
346 {
347 uint8_t ch;
348 int ret;
349
350 for(;;) {
351 ret = qemu_recv(s->fd, &ch, 1, 0);
352 if (ret < 0) {
353 if (errno == ECONNRESET)
354 s->fd = -1;
355 if (errno != EINTR)
356 return -1;
357 } else if (ret == 0) {
358 close(s->fd);
359 s->fd = -1;
360 return -1;
361 } else {
362 break;
363 }
364 }
365 return ch;
366 }
367 #endif
368
369 static enum {
370 GDB_SYS_UNKNOWN,
371 GDB_SYS_ENABLED,
372 GDB_SYS_DISABLED,
373 } gdb_syscall_mode;
374
375 /* Decide if either remote gdb syscalls or native file IO should be used. */
376 int use_gdb_syscalls(void)
377 {
378 SemihostingTarget target = semihosting_get_target();
379 if (target == SEMIHOSTING_TARGET_NATIVE) {
380 /* -semihosting-config target=native */
381 return false;
382 } else if (target == SEMIHOSTING_TARGET_GDB) {
383 /* -semihosting-config target=gdb */
384 return true;
385 }
386
387 /* -semihosting-config target=auto */
388 /* On the first call check if gdb is connected and remember. */
389 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
390 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
391 : GDB_SYS_DISABLED);
392 }
393 return gdb_syscall_mode == GDB_SYS_ENABLED;
394 }
395
396 /* Resume execution. */
397 static inline void gdb_continue(GDBState *s)
398 {
399
400 #ifdef CONFIG_USER_ONLY
401 s->running_state = 1;
402 trace_gdbstub_op_continue();
403 #else
404 if (!runstate_needs_reset()) {
405 trace_gdbstub_op_continue();
406 vm_start();
407 }
408 #endif
409 }
410
411 /*
412 * Resume execution, per CPU actions. For user-mode emulation it's
413 * equivalent to gdb_continue.
414 */
415 static int gdb_continue_partial(GDBState *s, char *newstates)
416 {
417 CPUState *cpu;
418 int res = 0;
419 #ifdef CONFIG_USER_ONLY
420 /*
421 * This is not exactly accurate, but it's an improvement compared to the
422 * previous situation, where only one CPU would be single-stepped.
423 */
424 CPU_FOREACH(cpu) {
425 if (newstates[cpu->cpu_index] == 's') {
426 trace_gdbstub_op_stepping(cpu->cpu_index);
427 cpu_single_step(cpu, sstep_flags);
428 }
429 }
430 s->running_state = 1;
431 #else
432 int flag = 0;
433
434 if (!runstate_needs_reset()) {
435 if (vm_prepare_start()) {
436 return 0;
437 }
438
439 CPU_FOREACH(cpu) {
440 switch (newstates[cpu->cpu_index]) {
441 case 0:
442 case 1:
443 break; /* nothing to do here */
444 case 's':
445 trace_gdbstub_op_stepping(cpu->cpu_index);
446 cpu_single_step(cpu, sstep_flags);
447 cpu_resume(cpu);
448 flag = 1;
449 break;
450 case 'c':
451 trace_gdbstub_op_continue_cpu(cpu->cpu_index);
452 cpu_resume(cpu);
453 flag = 1;
454 break;
455 default:
456 res = -1;
457 break;
458 }
459 }
460 }
461 if (flag) {
462 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true);
463 }
464 #endif
465 return res;
466 }
467
468 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
469 {
470 #ifdef CONFIG_USER_ONLY
471 int ret;
472
473 while (len > 0) {
474 ret = send(s->fd, buf, len, 0);
475 if (ret < 0) {
476 if (errno != EINTR)
477 return;
478 } else {
479 buf += ret;
480 len -= ret;
481 }
482 }
483 #else
484 /* XXX this blocks entire thread. Rewrite to use
485 * qemu_chr_fe_write and background I/O callbacks */
486 qemu_chr_fe_write_all(&s->chr, buf, len);
487 #endif
488 }
489
490 static inline int fromhex(int v)
491 {
492 if (v >= '0' && v <= '9')
493 return v - '0';
494 else if (v >= 'A' && v <= 'F')
495 return v - 'A' + 10;
496 else if (v >= 'a' && v <= 'f')
497 return v - 'a' + 10;
498 else
499 return 0;
500 }
501
502 static inline int tohex(int v)
503 {
504 if (v < 10)
505 return v + '0';
506 else
507 return v - 10 + 'a';
508 }
509
510 static void memtohex(char *buf, const uint8_t *mem, int len)
511 {
512 int i, c;
513 char *q;
514 q = buf;
515 for(i = 0; i < len; i++) {
516 c = mem[i];
517 *q++ = tohex(c >> 4);
518 *q++ = tohex(c & 0xf);
519 }
520 *q = '\0';
521 }
522
523 static void hextomem(uint8_t *mem, const char *buf, int len)
524 {
525 int i;
526
527 for(i = 0; i < len; i++) {
528 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
529 buf += 2;
530 }
531 }
532
533 static void hexdump(const char *buf, int len,
534 void (*trace_fn)(size_t ofs, char const *text))
535 {
536 char line_buffer[3 * 16 + 4 + 16 + 1];
537
538 size_t i;
539 for (i = 0; i < len || (i & 0xF); ++i) {
540 size_t byte_ofs = i & 15;
541
542 if (byte_ofs == 0) {
543 memset(line_buffer, ' ', 3 * 16 + 4 + 16);
544 line_buffer[3 * 16 + 4 + 16] = 0;
545 }
546
547 size_t col_group = (i >> 2) & 3;
548 size_t hex_col = byte_ofs * 3 + col_group;
549 size_t txt_col = 3 * 16 + 4 + byte_ofs;
550
551 if (i < len) {
552 char value = buf[i];
553
554 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF);
555 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF);
556 line_buffer[txt_col + 0] = (value >= ' ' && value < 127)
557 ? value
558 : '.';
559 }
560
561 if (byte_ofs == 0xF)
562 trace_fn(i & -16, line_buffer);
563 }
564 }
565
566 /* return -1 if error, 0 if OK */
567 static int put_packet_binary(GDBState *s, const char *buf, int len, bool dump)
568 {
569 int csum, i;
570 uint8_t *p;
571
572 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) {
573 hexdump(buf, len, trace_gdbstub_io_binaryreply);
574 }
575
576 for(;;) {
577 p = s->last_packet;
578 *(p++) = '$';
579 memcpy(p, buf, len);
580 p += len;
581 csum = 0;
582 for(i = 0; i < len; i++) {
583 csum += buf[i];
584 }
585 *(p++) = '#';
586 *(p++) = tohex((csum >> 4) & 0xf);
587 *(p++) = tohex((csum) & 0xf);
588
589 s->last_packet_len = p - s->last_packet;
590 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
591
592 #ifdef CONFIG_USER_ONLY
593 i = get_char(s);
594 if (i < 0)
595 return -1;
596 if (i == '+')
597 break;
598 #else
599 break;
600 #endif
601 }
602 return 0;
603 }
604
605 /* return -1 if error, 0 if OK */
606 static int put_packet(GDBState *s, const char *buf)
607 {
608 trace_gdbstub_io_reply(buf);
609
610 return put_packet_binary(s, buf, strlen(buf), false);
611 }
612
613 /* Encode data using the encoding for 'x' packets. */
614 static int memtox(char *buf, const char *mem, int len)
615 {
616 char *p = buf;
617 char c;
618
619 while (len--) {
620 c = *(mem++);
621 switch (c) {
622 case '#': case '$': case '*': case '}':
623 *(p++) = '}';
624 *(p++) = c ^ 0x20;
625 break;
626 default:
627 *(p++) = c;
628 break;
629 }
630 }
631 return p - buf;
632 }
633
634 static const char *get_feature_xml(const char *p, const char **newp,
635 CPUClass *cc)
636 {
637 size_t len;
638 int i;
639 const char *name;
640 static char target_xml[1024];
641
642 len = 0;
643 while (p[len] && p[len] != ':')
644 len++;
645 *newp = p + len;
646
647 name = NULL;
648 if (strncmp(p, "target.xml", len) == 0) {
649 /* Generate the XML description for this CPU. */
650 if (!target_xml[0]) {
651 GDBRegisterState *r;
652 CPUState *cpu = first_cpu;
653
654 pstrcat(target_xml, sizeof(target_xml),
655 "<?xml version=\"1.0\"?>"
656 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
657 "<target>");
658 if (cc->gdb_arch_name) {
659 gchar *arch = cc->gdb_arch_name(cpu);
660 pstrcat(target_xml, sizeof(target_xml), "<architecture>");
661 pstrcat(target_xml, sizeof(target_xml), arch);
662 pstrcat(target_xml, sizeof(target_xml), "</architecture>");
663 g_free(arch);
664 }
665 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
666 pstrcat(target_xml, sizeof(target_xml), cc->gdb_core_xml_file);
667 pstrcat(target_xml, sizeof(target_xml), "\"/>");
668 for (r = cpu->gdb_regs; r; r = r->next) {
669 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
670 pstrcat(target_xml, sizeof(target_xml), r->xml);
671 pstrcat(target_xml, sizeof(target_xml), "\"/>");
672 }
673 pstrcat(target_xml, sizeof(target_xml), "</target>");
674 }
675 return target_xml;
676 }
677 for (i = 0; ; i++) {
678 name = xml_builtin[i][0];
679 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
680 break;
681 }
682 return name ? xml_builtin[i][1] : NULL;
683 }
684
685 static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
686 {
687 CPUClass *cc = CPU_GET_CLASS(cpu);
688 CPUArchState *env = cpu->env_ptr;
689 GDBRegisterState *r;
690
691 if (reg < cc->gdb_num_core_regs) {
692 return cc->gdb_read_register(cpu, mem_buf, reg);
693 }
694
695 for (r = cpu->gdb_regs; r; r = r->next) {
696 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
697 return r->get_reg(env, mem_buf, reg - r->base_reg);
698 }
699 }
700 return 0;
701 }
702
703 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
704 {
705 CPUClass *cc = CPU_GET_CLASS(cpu);
706 CPUArchState *env = cpu->env_ptr;
707 GDBRegisterState *r;
708
709 if (reg < cc->gdb_num_core_regs) {
710 return cc->gdb_write_register(cpu, mem_buf, reg);
711 }
712
713 for (r = cpu->gdb_regs; r; r = r->next) {
714 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
715 return r->set_reg(env, mem_buf, reg - r->base_reg);
716 }
717 }
718 return 0;
719 }
720
721 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
722 specifies the first register number and these registers are included in
723 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
724 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
725 */
726
727 void gdb_register_coprocessor(CPUState *cpu,
728 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
729 int num_regs, const char *xml, int g_pos)
730 {
731 GDBRegisterState *s;
732 GDBRegisterState **p;
733
734 p = &cpu->gdb_regs;
735 while (*p) {
736 /* Check for duplicates. */
737 if (strcmp((*p)->xml, xml) == 0)
738 return;
739 p = &(*p)->next;
740 }
741
742 s = g_new0(GDBRegisterState, 1);
743 s->base_reg = cpu->gdb_num_regs;
744 s->num_regs = num_regs;
745 s->get_reg = get_reg;
746 s->set_reg = set_reg;
747 s->xml = xml;
748
749 /* Add to end of list. */
750 cpu->gdb_num_regs += num_regs;
751 *p = s;
752 if (g_pos) {
753 if (g_pos != s->base_reg) {
754 error_report("Error: Bad gdb register numbering for '%s', "
755 "expected %d got %d", xml, g_pos, s->base_reg);
756 } else {
757 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
758 }
759 }
760 }
761
762 #ifndef CONFIG_USER_ONLY
763 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
764 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
765 {
766 static const int xlat[] = {
767 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
768 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
769 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
770 };
771
772 CPUClass *cc = CPU_GET_CLASS(cpu);
773 int cputype = xlat[gdbtype];
774
775 if (cc->gdb_stop_before_watchpoint) {
776 cputype |= BP_STOP_BEFORE_ACCESS;
777 }
778 return cputype;
779 }
780 #endif
781
782 static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
783 {
784 CPUState *cpu;
785 int err = 0;
786
787 if (kvm_enabled()) {
788 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
789 }
790
791 switch (type) {
792 case GDB_BREAKPOINT_SW:
793 case GDB_BREAKPOINT_HW:
794 CPU_FOREACH(cpu) {
795 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
796 if (err) {
797 break;
798 }
799 }
800 return err;
801 #ifndef CONFIG_USER_ONLY
802 case GDB_WATCHPOINT_WRITE:
803 case GDB_WATCHPOINT_READ:
804 case GDB_WATCHPOINT_ACCESS:
805 CPU_FOREACH(cpu) {
806 err = cpu_watchpoint_insert(cpu, addr, len,
807 xlat_gdb_type(cpu, type), NULL);
808 if (err) {
809 break;
810 }
811 }
812 return err;
813 #endif
814 default:
815 return -ENOSYS;
816 }
817 }
818
819 static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
820 {
821 CPUState *cpu;
822 int err = 0;
823
824 if (kvm_enabled()) {
825 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
826 }
827
828 switch (type) {
829 case GDB_BREAKPOINT_SW:
830 case GDB_BREAKPOINT_HW:
831 CPU_FOREACH(cpu) {
832 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
833 if (err) {
834 break;
835 }
836 }
837 return err;
838 #ifndef CONFIG_USER_ONLY
839 case GDB_WATCHPOINT_WRITE:
840 case GDB_WATCHPOINT_READ:
841 case GDB_WATCHPOINT_ACCESS:
842 CPU_FOREACH(cpu) {
843 err = cpu_watchpoint_remove(cpu, addr, len,
844 xlat_gdb_type(cpu, type));
845 if (err)
846 break;
847 }
848 return err;
849 #endif
850 default:
851 return -ENOSYS;
852 }
853 }
854
855 static void gdb_breakpoint_remove_all(void)
856 {
857 CPUState *cpu;
858
859 if (kvm_enabled()) {
860 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
861 return;
862 }
863
864 CPU_FOREACH(cpu) {
865 cpu_breakpoint_remove_all(cpu, BP_GDB);
866 #ifndef CONFIG_USER_ONLY
867 cpu_watchpoint_remove_all(cpu, BP_GDB);
868 #endif
869 }
870 }
871
872 static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
873 {
874 CPUState *cpu = s->c_cpu;
875
876 cpu_synchronize_state(cpu);
877 cpu_set_pc(cpu, pc);
878 }
879
880 static CPUState *find_cpu(uint32_t thread_id)
881 {
882 CPUState *cpu;
883
884 CPU_FOREACH(cpu) {
885 if (cpu_gdb_index(cpu) == thread_id) {
886 return cpu;
887 }
888 }
889
890 return NULL;
891 }
892
893 static int is_query_packet(const char *p, const char *query, char separator)
894 {
895 unsigned int query_len = strlen(query);
896
897 return strncmp(p, query, query_len) == 0 &&
898 (p[query_len] == '\0' || p[query_len] == separator);
899 }
900
901 /**
902 * gdb_handle_vcont - Parses and handles a vCont packet.
903 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
904 * a format error, 0 on success.
905 */
906 static int gdb_handle_vcont(GDBState *s, const char *p)
907 {
908 int res, idx, signal = 0;
909 char cur_action;
910 char *newstates;
911 unsigned long tmp;
912 CPUState *cpu;
913 #ifdef CONFIG_USER_ONLY
914 int max_cpus = 1; /* global variable max_cpus exists only in system mode */
915
916 CPU_FOREACH(cpu) {
917 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus;
918 }
919 #endif
920 /* uninitialised CPUs stay 0 */
921 newstates = g_new0(char, max_cpus);
922
923 /* mark valid CPUs with 1 */
924 CPU_FOREACH(cpu) {
925 newstates[cpu->cpu_index] = 1;
926 }
927
928 /*
929 * res keeps track of what error we are returning, with -ENOTSUP meaning
930 * that the command is unknown or unsupported, thus returning an empty
931 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
932 * or incorrect parameters passed.
933 */
934 res = 0;
935 while (*p) {
936 if (*p++ != ';') {
937 res = -ENOTSUP;
938 goto out;
939 }
940
941 cur_action = *p++;
942 if (cur_action == 'C' || cur_action == 'S') {
943 cur_action = qemu_tolower(cur_action);
944 res = qemu_strtoul(p + 1, &p, 16, &tmp);
945 if (res) {
946 goto out;
947 }
948 signal = gdb_signal_to_target(tmp);
949 } else if (cur_action != 'c' && cur_action != 's') {
950 /* unknown/invalid/unsupported command */
951 res = -ENOTSUP;
952 goto out;
953 }
954 /* thread specification. special values: (none), -1 = all; 0 = any */
955 if ((p[0] == ':' && p[1] == '-' && p[2] == '1') || (p[0] != ':')) {
956 if (*p == ':') {
957 p += 3;
958 }
959 for (idx = 0; idx < max_cpus; idx++) {
960 if (newstates[idx] == 1) {
961 newstates[idx] = cur_action;
962 }
963 }
964 } else if (*p == ':') {
965 p++;
966 res = qemu_strtoul(p, &p, 16, &tmp);
967 if (res) {
968 goto out;
969 }
970
971 /* 0 means any thread, so we pick the first valid CPU */
972 cpu = tmp ? find_cpu(tmp) : first_cpu;
973
974 /* invalid CPU/thread specified */
975 if (!cpu) {
976 res = -EINVAL;
977 goto out;
978 }
979
980 /* only use if no previous match occourred */
981 if (newstates[cpu->cpu_index] == 1) {
982 newstates[cpu->cpu_index] = cur_action;
983 }
984 }
985 }
986 s->signal = signal;
987 gdb_continue_partial(s, newstates);
988
989 out:
990 g_free(newstates);
991
992 return res;
993 }
994
995 static int gdb_handle_packet(GDBState *s, const char *line_buf)
996 {
997 CPUState *cpu;
998 CPUClass *cc;
999 const char *p;
1000 uint32_t thread;
1001 int ch, reg_size, type, res;
1002 char buf[MAX_PACKET_LENGTH];
1003 uint8_t mem_buf[MAX_PACKET_LENGTH];
1004 uint8_t *registers;
1005 target_ulong addr, len;
1006
1007 trace_gdbstub_io_command(line_buf);
1008
1009 p = line_buf;
1010 ch = *p++;
1011 switch(ch) {
1012 case '?':
1013 /* TODO: Make this return the correct value for user-mode. */
1014 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", GDB_SIGNAL_TRAP,
1015 cpu_gdb_index(s->c_cpu));
1016 put_packet(s, buf);
1017 /* Remove all the breakpoints when this query is issued,
1018 * because gdb is doing and initial connect and the state
1019 * should be cleaned up.
1020 */
1021 gdb_breakpoint_remove_all();
1022 break;
1023 case 'c':
1024 if (*p != '\0') {
1025 addr = strtoull(p, (char **)&p, 16);
1026 gdb_set_cpu_pc(s, addr);
1027 }
1028 s->signal = 0;
1029 gdb_continue(s);
1030 return RS_IDLE;
1031 case 'C':
1032 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
1033 if (s->signal == -1)
1034 s->signal = 0;
1035 gdb_continue(s);
1036 return RS_IDLE;
1037 case 'v':
1038 if (strncmp(p, "Cont", 4) == 0) {
1039 p += 4;
1040 if (*p == '?') {
1041 put_packet(s, "vCont;c;C;s;S");
1042 break;
1043 }
1044
1045 res = gdb_handle_vcont(s, p);
1046
1047 if (res) {
1048 if ((res == -EINVAL) || (res == -ERANGE)) {
1049 put_packet(s, "E22");
1050 break;
1051 }
1052 goto unknown_command;
1053 }
1054 break;
1055 } else {
1056 goto unknown_command;
1057 }
1058 case 'k':
1059 /* Kill the target */
1060 error_report("QEMU: Terminated via GDBstub");
1061 exit(0);
1062 case 'D':
1063 /* Detach packet */
1064 gdb_breakpoint_remove_all();
1065 gdb_syscall_mode = GDB_SYS_DISABLED;
1066 gdb_continue(s);
1067 put_packet(s, "OK");
1068 break;
1069 case 's':
1070 if (*p != '\0') {
1071 addr = strtoull(p, (char **)&p, 16);
1072 gdb_set_cpu_pc(s, addr);
1073 }
1074 cpu_single_step(s->c_cpu, sstep_flags);
1075 gdb_continue(s);
1076 return RS_IDLE;
1077 case 'F':
1078 {
1079 target_ulong ret;
1080 target_ulong err;
1081
1082 ret = strtoull(p, (char **)&p, 16);
1083 if (*p == ',') {
1084 p++;
1085 err = strtoull(p, (char **)&p, 16);
1086 } else {
1087 err = 0;
1088 }
1089 if (*p == ',')
1090 p++;
1091 type = *p;
1092 if (s->current_syscall_cb) {
1093 s->current_syscall_cb(s->c_cpu, ret, err);
1094 s->current_syscall_cb = NULL;
1095 }
1096 if (type == 'C') {
1097 put_packet(s, "T02");
1098 } else {
1099 gdb_continue(s);
1100 }
1101 }
1102 break;
1103 case 'g':
1104 cpu_synchronize_state(s->g_cpu);
1105 len = 0;
1106 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs; addr++) {
1107 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
1108 len += reg_size;
1109 }
1110 memtohex(buf, mem_buf, len);
1111 put_packet(s, buf);
1112 break;
1113 case 'G':
1114 cpu_synchronize_state(s->g_cpu);
1115 registers = mem_buf;
1116 len = strlen(p) / 2;
1117 hextomem((uint8_t *)registers, p, len);
1118 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs && len > 0; addr++) {
1119 reg_size = gdb_write_register(s->g_cpu, registers, addr);
1120 len -= reg_size;
1121 registers += reg_size;
1122 }
1123 put_packet(s, "OK");
1124 break;
1125 case 'm':
1126 addr = strtoull(p, (char **)&p, 16);
1127 if (*p == ',')
1128 p++;
1129 len = strtoull(p, NULL, 16);
1130
1131 /* memtohex() doubles the required space */
1132 if (len > MAX_PACKET_LENGTH / 2) {
1133 put_packet (s, "E22");
1134 break;
1135 }
1136
1137 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, false) != 0) {
1138 put_packet (s, "E14");
1139 } else {
1140 memtohex(buf, mem_buf, len);
1141 put_packet(s, buf);
1142 }
1143 break;
1144 case 'M':
1145 addr = strtoull(p, (char **)&p, 16);
1146 if (*p == ',')
1147 p++;
1148 len = strtoull(p, (char **)&p, 16);
1149 if (*p == ':')
1150 p++;
1151
1152 /* hextomem() reads 2*len bytes */
1153 if (len > strlen(p) / 2) {
1154 put_packet (s, "E22");
1155 break;
1156 }
1157 hextomem(mem_buf, p, len);
1158 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len,
1159 true) != 0) {
1160 put_packet(s, "E14");
1161 } else {
1162 put_packet(s, "OK");
1163 }
1164 break;
1165 case 'p':
1166 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
1167 This works, but can be very slow. Anything new enough to
1168 understand XML also knows how to use this properly. */
1169 if (!gdb_has_xml)
1170 goto unknown_command;
1171 addr = strtoull(p, (char **)&p, 16);
1172 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
1173 if (reg_size) {
1174 memtohex(buf, mem_buf, reg_size);
1175 put_packet(s, buf);
1176 } else {
1177 put_packet(s, "E14");
1178 }
1179 break;
1180 case 'P':
1181 if (!gdb_has_xml)
1182 goto unknown_command;
1183 addr = strtoull(p, (char **)&p, 16);
1184 if (*p == '=')
1185 p++;
1186 reg_size = strlen(p) / 2;
1187 hextomem(mem_buf, p, reg_size);
1188 gdb_write_register(s->g_cpu, mem_buf, addr);
1189 put_packet(s, "OK");
1190 break;
1191 case 'Z':
1192 case 'z':
1193 type = strtoul(p, (char **)&p, 16);
1194 if (*p == ',')
1195 p++;
1196 addr = strtoull(p, (char **)&p, 16);
1197 if (*p == ',')
1198 p++;
1199 len = strtoull(p, (char **)&p, 16);
1200 if (ch == 'Z')
1201 res = gdb_breakpoint_insert(addr, len, type);
1202 else
1203 res = gdb_breakpoint_remove(addr, len, type);
1204 if (res >= 0)
1205 put_packet(s, "OK");
1206 else if (res == -ENOSYS)
1207 put_packet(s, "");
1208 else
1209 put_packet(s, "E22");
1210 break;
1211 case 'H':
1212 type = *p++;
1213 thread = strtoull(p, (char **)&p, 16);
1214 if (thread == -1 || thread == 0) {
1215 put_packet(s, "OK");
1216 break;
1217 }
1218 cpu = find_cpu(thread);
1219 if (cpu == NULL) {
1220 put_packet(s, "E22");
1221 break;
1222 }
1223 switch (type) {
1224 case 'c':
1225 s->c_cpu = cpu;
1226 put_packet(s, "OK");
1227 break;
1228 case 'g':
1229 s->g_cpu = cpu;
1230 put_packet(s, "OK");
1231 break;
1232 default:
1233 put_packet(s, "E22");
1234 break;
1235 }
1236 break;
1237 case 'T':
1238 thread = strtoull(p, (char **)&p, 16);
1239 cpu = find_cpu(thread);
1240
1241 if (cpu != NULL) {
1242 put_packet(s, "OK");
1243 } else {
1244 put_packet(s, "E22");
1245 }
1246 break;
1247 case 'q':
1248 case 'Q':
1249 /* parse any 'q' packets here */
1250 if (!strcmp(p,"qemu.sstepbits")) {
1251 /* Query Breakpoint bit definitions */
1252 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1253 SSTEP_ENABLE,
1254 SSTEP_NOIRQ,
1255 SSTEP_NOTIMER);
1256 put_packet(s, buf);
1257 break;
1258 } else if (is_query_packet(p, "qemu.sstep", '=')) {
1259 /* Display or change the sstep_flags */
1260 p += 10;
1261 if (*p != '=') {
1262 /* Display current setting */
1263 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
1264 put_packet(s, buf);
1265 break;
1266 }
1267 p++;
1268 type = strtoul(p, (char **)&p, 16);
1269 sstep_flags = type;
1270 put_packet(s, "OK");
1271 break;
1272 } else if (strcmp(p,"C") == 0) {
1273 /* "Current thread" remains vague in the spec, so always return
1274 * the first CPU (gdb returns the first thread). */
1275 put_packet(s, "QC1");
1276 break;
1277 } else if (strcmp(p,"fThreadInfo") == 0) {
1278 s->query_cpu = first_cpu;
1279 goto report_cpuinfo;
1280 } else if (strcmp(p,"sThreadInfo") == 0) {
1281 report_cpuinfo:
1282 if (s->query_cpu) {
1283 snprintf(buf, sizeof(buf), "m%x", cpu_gdb_index(s->query_cpu));
1284 put_packet(s, buf);
1285 s->query_cpu = CPU_NEXT(s->query_cpu);
1286 } else
1287 put_packet(s, "l");
1288 break;
1289 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
1290 thread = strtoull(p+16, (char **)&p, 16);
1291 cpu = find_cpu(thread);
1292 if (cpu != NULL) {
1293 cpu_synchronize_state(cpu);
1294 /* memtohex() doubles the required space */
1295 len = snprintf((char *)mem_buf, sizeof(buf) / 2,
1296 "CPU#%d [%s]", cpu->cpu_index,
1297 cpu->halted ? "halted " : "running");
1298 trace_gdbstub_op_extra_info((char *)mem_buf);
1299 memtohex(buf, mem_buf, len);
1300 put_packet(s, buf);
1301 }
1302 break;
1303 }
1304 #ifdef CONFIG_USER_ONLY
1305 else if (strcmp(p, "Offsets") == 0) {
1306 TaskState *ts = s->c_cpu->opaque;
1307
1308 snprintf(buf, sizeof(buf),
1309 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1310 ";Bss=" TARGET_ABI_FMT_lx,
1311 ts->info->code_offset,
1312 ts->info->data_offset,
1313 ts->info->data_offset);
1314 put_packet(s, buf);
1315 break;
1316 }
1317 #else /* !CONFIG_USER_ONLY */
1318 else if (strncmp(p, "Rcmd,", 5) == 0) {
1319 int len = strlen(p + 5);
1320
1321 if ((len % 2) != 0) {
1322 put_packet(s, "E01");
1323 break;
1324 }
1325 len = len / 2;
1326 hextomem(mem_buf, p + 5, len);
1327 mem_buf[len++] = 0;
1328 qemu_chr_be_write(s->mon_chr, mem_buf, len);
1329 put_packet(s, "OK");
1330 break;
1331 }
1332 #endif /* !CONFIG_USER_ONLY */
1333 if (is_query_packet(p, "Supported", ':')) {
1334 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
1335 cc = CPU_GET_CLASS(first_cpu);
1336 if (cc->gdb_core_xml_file != NULL) {
1337 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
1338 }
1339 put_packet(s, buf);
1340 break;
1341 }
1342 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1343 const char *xml;
1344 target_ulong total_len;
1345
1346 cc = CPU_GET_CLASS(first_cpu);
1347 if (cc->gdb_core_xml_file == NULL) {
1348 goto unknown_command;
1349 }
1350
1351 gdb_has_xml = true;
1352 p += 19;
1353 xml = get_feature_xml(p, &p, cc);
1354 if (!xml) {
1355 snprintf(buf, sizeof(buf), "E00");
1356 put_packet(s, buf);
1357 break;
1358 }
1359
1360 if (*p == ':')
1361 p++;
1362 addr = strtoul(p, (char **)&p, 16);
1363 if (*p == ',')
1364 p++;
1365 len = strtoul(p, (char **)&p, 16);
1366
1367 total_len = strlen(xml);
1368 if (addr > total_len) {
1369 snprintf(buf, sizeof(buf), "E00");
1370 put_packet(s, buf);
1371 break;
1372 }
1373 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1374 len = (MAX_PACKET_LENGTH - 5) / 2;
1375 if (len < total_len - addr) {
1376 buf[0] = 'm';
1377 len = memtox(buf + 1, xml + addr, len);
1378 } else {
1379 buf[0] = 'l';
1380 len = memtox(buf + 1, xml + addr, total_len - addr);
1381 }
1382 put_packet_binary(s, buf, len + 1, true);
1383 break;
1384 }
1385 if (is_query_packet(p, "Attached", ':')) {
1386 put_packet(s, GDB_ATTACHED);
1387 break;
1388 }
1389 /* Unrecognised 'q' command. */
1390 goto unknown_command;
1391
1392 default:
1393 unknown_command:
1394 /* put empty packet */
1395 buf[0] = '\0';
1396 put_packet(s, buf);
1397 break;
1398 }
1399 return RS_IDLE;
1400 }
1401
1402 void gdb_set_stop_cpu(CPUState *cpu)
1403 {
1404 gdbserver_state->c_cpu = cpu;
1405 gdbserver_state->g_cpu = cpu;
1406 }
1407
1408 #ifndef CONFIG_USER_ONLY
1409 static void gdb_vm_state_change(void *opaque, int running, RunState state)
1410 {
1411 GDBState *s = gdbserver_state;
1412 CPUState *cpu = s->c_cpu;
1413 char buf[256];
1414 const char *type;
1415 int ret;
1416
1417 if (running || s->state == RS_INACTIVE) {
1418 return;
1419 }
1420 /* Is there a GDB syscall waiting to be sent? */
1421 if (s->current_syscall_cb) {
1422 put_packet(s, s->syscall_buf);
1423 return;
1424 }
1425 switch (state) {
1426 case RUN_STATE_DEBUG:
1427 if (cpu->watchpoint_hit) {
1428 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
1429 case BP_MEM_READ:
1430 type = "r";
1431 break;
1432 case BP_MEM_ACCESS:
1433 type = "a";
1434 break;
1435 default:
1436 type = "";
1437 break;
1438 }
1439 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu),
1440 (target_ulong)cpu->watchpoint_hit->vaddr);
1441 snprintf(buf, sizeof(buf),
1442 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
1443 GDB_SIGNAL_TRAP, cpu_gdb_index(cpu), type,
1444 (target_ulong)cpu->watchpoint_hit->vaddr);
1445 cpu->watchpoint_hit = NULL;
1446 goto send_packet;
1447 } else {
1448 trace_gdbstub_hit_break();
1449 }
1450 tb_flush(cpu);
1451 ret = GDB_SIGNAL_TRAP;
1452 break;
1453 case RUN_STATE_PAUSED:
1454 trace_gdbstub_hit_paused();
1455 ret = GDB_SIGNAL_INT;
1456 break;
1457 case RUN_STATE_SHUTDOWN:
1458 trace_gdbstub_hit_shutdown();
1459 ret = GDB_SIGNAL_QUIT;
1460 break;
1461 case RUN_STATE_IO_ERROR:
1462 trace_gdbstub_hit_io_error();
1463 ret = GDB_SIGNAL_IO;
1464 break;
1465 case RUN_STATE_WATCHDOG:
1466 trace_gdbstub_hit_watchdog();
1467 ret = GDB_SIGNAL_ALRM;
1468 break;
1469 case RUN_STATE_INTERNAL_ERROR:
1470 trace_gdbstub_hit_internal_error();
1471 ret = GDB_SIGNAL_ABRT;
1472 break;
1473 case RUN_STATE_SAVE_VM:
1474 case RUN_STATE_RESTORE_VM:
1475 return;
1476 case RUN_STATE_FINISH_MIGRATE:
1477 ret = GDB_SIGNAL_XCPU;
1478 break;
1479 default:
1480 trace_gdbstub_hit_unknown(state);
1481 ret = GDB_SIGNAL_UNKNOWN;
1482 break;
1483 }
1484 gdb_set_stop_cpu(cpu);
1485 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, cpu_gdb_index(cpu));
1486
1487 send_packet:
1488 put_packet(s, buf);
1489
1490 /* disable single step if it was enabled */
1491 cpu_single_step(cpu, 0);
1492 }
1493 #endif
1494
1495 /* Send a gdb syscall request.
1496 This accepts limited printf-style format specifiers, specifically:
1497 %x - target_ulong argument printed in hex.
1498 %lx - 64-bit argument printed in hex.
1499 %s - string pointer (target_ulong) and length (int) pair. */
1500 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
1501 {
1502 char *p;
1503 char *p_end;
1504 target_ulong addr;
1505 uint64_t i64;
1506 GDBState *s;
1507
1508 s = gdbserver_state;
1509 if (!s)
1510 return;
1511 s->current_syscall_cb = cb;
1512 #ifndef CONFIG_USER_ONLY
1513 vm_stop(RUN_STATE_DEBUG);
1514 #endif
1515 p = s->syscall_buf;
1516 p_end = &s->syscall_buf[sizeof(s->syscall_buf)];
1517 *(p++) = 'F';
1518 while (*fmt) {
1519 if (*fmt == '%') {
1520 fmt++;
1521 switch (*fmt++) {
1522 case 'x':
1523 addr = va_arg(va, target_ulong);
1524 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
1525 break;
1526 case 'l':
1527 if (*(fmt++) != 'x')
1528 goto bad_format;
1529 i64 = va_arg(va, uint64_t);
1530 p += snprintf(p, p_end - p, "%" PRIx64, i64);
1531 break;
1532 case 's':
1533 addr = va_arg(va, target_ulong);
1534 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
1535 addr, va_arg(va, int));
1536 break;
1537 default:
1538 bad_format:
1539 error_report("gdbstub: Bad syscall format string '%s'",
1540 fmt - 1);
1541 break;
1542 }
1543 } else {
1544 *(p++) = *(fmt++);
1545 }
1546 }
1547 *p = 0;
1548 #ifdef CONFIG_USER_ONLY
1549 put_packet(s, s->syscall_buf);
1550 gdb_handlesig(s->c_cpu, 0);
1551 #else
1552 /* In this case wait to send the syscall packet until notification that
1553 the CPU has stopped. This must be done because if the packet is sent
1554 now the reply from the syscall request could be received while the CPU
1555 is still in the running state, which can cause packets to be dropped
1556 and state transition 'T' packets to be sent while the syscall is still
1557 being processed. */
1558 qemu_cpu_kick(s->c_cpu);
1559 #endif
1560 }
1561
1562 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
1563 {
1564 va_list va;
1565
1566 va_start(va, fmt);
1567 gdb_do_syscallv(cb, fmt, va);
1568 va_end(va);
1569 }
1570
1571 static void gdb_read_byte(GDBState *s, int ch)
1572 {
1573 uint8_t reply;
1574
1575 #ifndef CONFIG_USER_ONLY
1576 if (s->last_packet_len) {
1577 /* Waiting for a response to the last packet. If we see the start
1578 of a new command then abandon the previous response. */
1579 if (ch == '-') {
1580 trace_gdbstub_err_got_nack();
1581 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
1582 } else if (ch == '+') {
1583 trace_gdbstub_io_got_ack();
1584 } else {
1585 trace_gdbstub_io_got_unexpected((uint8_t)ch);
1586 }
1587
1588 if (ch == '+' || ch == '$')
1589 s->last_packet_len = 0;
1590 if (ch != '$')
1591 return;
1592 }
1593 if (runstate_is_running()) {
1594 /* when the CPU is running, we cannot do anything except stop
1595 it when receiving a char */
1596 vm_stop(RUN_STATE_PAUSED);
1597 } else
1598 #endif
1599 {
1600 switch(s->state) {
1601 case RS_IDLE:
1602 if (ch == '$') {
1603 /* start of command packet */
1604 s->line_buf_index = 0;
1605 s->line_sum = 0;
1606 s->state = RS_GETLINE;
1607 } else {
1608 trace_gdbstub_err_garbage((uint8_t)ch);
1609 }
1610 break;
1611 case RS_GETLINE:
1612 if (ch == '}') {
1613 /* start escape sequence */
1614 s->state = RS_GETLINE_ESC;
1615 s->line_sum += ch;
1616 } else if (ch == '*') {
1617 /* start run length encoding sequence */
1618 s->state = RS_GETLINE_RLE;
1619 s->line_sum += ch;
1620 } else if (ch == '#') {
1621 /* end of command, start of checksum*/
1622 s->state = RS_CHKSUM1;
1623 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1624 trace_gdbstub_err_overrun();
1625 s->state = RS_IDLE;
1626 } else {
1627 /* unescaped command character */
1628 s->line_buf[s->line_buf_index++] = ch;
1629 s->line_sum += ch;
1630 }
1631 break;
1632 case RS_GETLINE_ESC:
1633 if (ch == '#') {
1634 /* unexpected end of command in escape sequence */
1635 s->state = RS_CHKSUM1;
1636 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1637 /* command buffer overrun */
1638 trace_gdbstub_err_overrun();
1639 s->state = RS_IDLE;
1640 } else {
1641 /* parse escaped character and leave escape state */
1642 s->line_buf[s->line_buf_index++] = ch ^ 0x20;
1643 s->line_sum += ch;
1644 s->state = RS_GETLINE;
1645 }
1646 break;
1647 case RS_GETLINE_RLE:
1648 if (ch < ' ') {
1649 /* invalid RLE count encoding */
1650 trace_gdbstub_err_invalid_repeat((uint8_t)ch);
1651 s->state = RS_GETLINE;
1652 } else {
1653 /* decode repeat length */
1654 int repeat = (unsigned char)ch - ' ' + 3;
1655 if (s->line_buf_index + repeat >= sizeof(s->line_buf) - 1) {
1656 /* that many repeats would overrun the command buffer */
1657 trace_gdbstub_err_overrun();
1658 s->state = RS_IDLE;
1659 } else if (s->line_buf_index < 1) {
1660 /* got a repeat but we have nothing to repeat */
1661 trace_gdbstub_err_invalid_rle();
1662 s->state = RS_GETLINE;
1663 } else {
1664 /* repeat the last character */
1665 memset(s->line_buf + s->line_buf_index,
1666 s->line_buf[s->line_buf_index - 1], repeat);
1667 s->line_buf_index += repeat;
1668 s->line_sum += ch;
1669 s->state = RS_GETLINE;
1670 }
1671 }
1672 break;
1673 case RS_CHKSUM1:
1674 /* get high hex digit of checksum */
1675 if (!isxdigit(ch)) {
1676 trace_gdbstub_err_checksum_invalid((uint8_t)ch);
1677 s->state = RS_GETLINE;
1678 break;
1679 }
1680 s->line_buf[s->line_buf_index] = '\0';
1681 s->line_csum = fromhex(ch) << 4;
1682 s->state = RS_CHKSUM2;
1683 break;
1684 case RS_CHKSUM2:
1685 /* get low hex digit of checksum */
1686 if (!isxdigit(ch)) {
1687 trace_gdbstub_err_checksum_invalid((uint8_t)ch);
1688 s->state = RS_GETLINE;
1689 break;
1690 }
1691 s->line_csum |= fromhex(ch);
1692
1693 if (s->line_csum != (s->line_sum & 0xff)) {
1694 trace_gdbstub_err_checksum_incorrect(s->line_sum, s->line_csum);
1695 /* send NAK reply */
1696 reply = '-';
1697 put_buffer(s, &reply, 1);
1698 s->state = RS_IDLE;
1699 } else {
1700 /* send ACK reply */
1701 reply = '+';
1702 put_buffer(s, &reply, 1);
1703 s->state = gdb_handle_packet(s, s->line_buf);
1704 }
1705 break;
1706 default:
1707 abort();
1708 }
1709 }
1710 }
1711
1712 /* Tell the remote gdb that the process has exited. */
1713 void gdb_exit(CPUArchState *env, int code)
1714 {
1715 GDBState *s;
1716 char buf[4];
1717
1718 s = gdbserver_state;
1719 if (!s) {
1720 return;
1721 }
1722 #ifdef CONFIG_USER_ONLY
1723 if (gdbserver_fd < 0 || s->fd < 0) {
1724 return;
1725 }
1726 #endif
1727
1728 trace_gdbstub_op_exiting((uint8_t)code);
1729
1730 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
1731 put_packet(s, buf);
1732
1733 #ifndef CONFIG_USER_ONLY
1734 qemu_chr_fe_deinit(&s->chr, true);
1735 #endif
1736 }
1737
1738 #ifdef CONFIG_USER_ONLY
1739 int
1740 gdb_handlesig(CPUState *cpu, int sig)
1741 {
1742 GDBState *s;
1743 char buf[256];
1744 int n;
1745
1746 s = gdbserver_state;
1747 if (gdbserver_fd < 0 || s->fd < 0) {
1748 return sig;
1749 }
1750
1751 /* disable single step if it was enabled */
1752 cpu_single_step(cpu, 0);
1753 tb_flush(cpu);
1754
1755 if (sig != 0) {
1756 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
1757 put_packet(s, buf);
1758 }
1759 /* put_packet() might have detected that the peer terminated the
1760 connection. */
1761 if (s->fd < 0) {
1762 return sig;
1763 }
1764
1765 sig = 0;
1766 s->state = RS_IDLE;
1767 s->running_state = 0;
1768 while (s->running_state == 0) {
1769 n = read(s->fd, buf, 256);
1770 if (n > 0) {
1771 int i;
1772
1773 for (i = 0; i < n; i++) {
1774 gdb_read_byte(s, buf[i]);
1775 }
1776 } else {
1777 /* XXX: Connection closed. Should probably wait for another
1778 connection before continuing. */
1779 if (n == 0) {
1780 close(s->fd);
1781 }
1782 s->fd = -1;
1783 return sig;
1784 }
1785 }
1786 sig = s->signal;
1787 s->signal = 0;
1788 return sig;
1789 }
1790
1791 /* Tell the remote gdb that the process has exited due to SIG. */
1792 void gdb_signalled(CPUArchState *env, int sig)
1793 {
1794 GDBState *s;
1795 char buf[4];
1796
1797 s = gdbserver_state;
1798 if (gdbserver_fd < 0 || s->fd < 0) {
1799 return;
1800 }
1801
1802 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
1803 put_packet(s, buf);
1804 }
1805
1806 static void gdb_accept(void)
1807 {
1808 GDBState *s;
1809 struct sockaddr_in sockaddr;
1810 socklen_t len;
1811 int fd;
1812
1813 for(;;) {
1814 len = sizeof(sockaddr);
1815 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
1816 if (fd < 0 && errno != EINTR) {
1817 perror("accept");
1818 return;
1819 } else if (fd >= 0) {
1820 #ifndef _WIN32
1821 fcntl(fd, F_SETFD, FD_CLOEXEC);
1822 #endif
1823 break;
1824 }
1825 }
1826
1827 /* set short latency */
1828 socket_set_nodelay(fd);
1829
1830 s = g_malloc0(sizeof(GDBState));
1831 s->c_cpu = first_cpu;
1832 s->g_cpu = first_cpu;
1833 s->fd = fd;
1834 gdb_has_xml = false;
1835
1836 gdbserver_state = s;
1837 }
1838
1839 static int gdbserver_open(int port)
1840 {
1841 struct sockaddr_in sockaddr;
1842 int fd, ret;
1843
1844 fd = socket(PF_INET, SOCK_STREAM, 0);
1845 if (fd < 0) {
1846 perror("socket");
1847 return -1;
1848 }
1849 #ifndef _WIN32
1850 fcntl(fd, F_SETFD, FD_CLOEXEC);
1851 #endif
1852
1853 socket_set_fast_reuse(fd);
1854
1855 sockaddr.sin_family = AF_INET;
1856 sockaddr.sin_port = htons(port);
1857 sockaddr.sin_addr.s_addr = 0;
1858 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
1859 if (ret < 0) {
1860 perror("bind");
1861 close(fd);
1862 return -1;
1863 }
1864 ret = listen(fd, 1);
1865 if (ret < 0) {
1866 perror("listen");
1867 close(fd);
1868 return -1;
1869 }
1870 return fd;
1871 }
1872
1873 int gdbserver_start(int port)
1874 {
1875 gdbserver_fd = gdbserver_open(port);
1876 if (gdbserver_fd < 0)
1877 return -1;
1878 /* accept connections */
1879 gdb_accept();
1880 return 0;
1881 }
1882
1883 /* Disable gdb stub for child processes. */
1884 void gdbserver_fork(CPUState *cpu)
1885 {
1886 GDBState *s = gdbserver_state;
1887
1888 if (gdbserver_fd < 0 || s->fd < 0) {
1889 return;
1890 }
1891 close(s->fd);
1892 s->fd = -1;
1893 cpu_breakpoint_remove_all(cpu, BP_GDB);
1894 cpu_watchpoint_remove_all(cpu, BP_GDB);
1895 }
1896 #else
1897 static int gdb_chr_can_receive(void *opaque)
1898 {
1899 /* We can handle an arbitrarily large amount of data.
1900 Pick the maximum packet size, which is as good as anything. */
1901 return MAX_PACKET_LENGTH;
1902 }
1903
1904 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
1905 {
1906 int i;
1907
1908 for (i = 0; i < size; i++) {
1909 gdb_read_byte(gdbserver_state, buf[i]);
1910 }
1911 }
1912
1913 static void gdb_chr_event(void *opaque, int event)
1914 {
1915 switch (event) {
1916 case CHR_EVENT_OPENED:
1917 vm_stop(RUN_STATE_PAUSED);
1918 gdb_has_xml = false;
1919 break;
1920 default:
1921 break;
1922 }
1923 }
1924
1925 static void gdb_monitor_output(GDBState *s, const char *msg, int len)
1926 {
1927 char buf[MAX_PACKET_LENGTH];
1928
1929 buf[0] = 'O';
1930 if (len > (MAX_PACKET_LENGTH/2) - 1)
1931 len = (MAX_PACKET_LENGTH/2) - 1;
1932 memtohex(buf + 1, (uint8_t *)msg, len);
1933 put_packet(s, buf);
1934 }
1935
1936 static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len)
1937 {
1938 const char *p = (const char *)buf;
1939 int max_sz;
1940
1941 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
1942 for (;;) {
1943 if (len <= max_sz) {
1944 gdb_monitor_output(gdbserver_state, p, len);
1945 break;
1946 }
1947 gdb_monitor_output(gdbserver_state, p, max_sz);
1948 p += max_sz;
1949 len -= max_sz;
1950 }
1951 return len;
1952 }
1953
1954 #ifndef _WIN32
1955 static void gdb_sigterm_handler(int signal)
1956 {
1957 if (runstate_is_running()) {
1958 vm_stop(RUN_STATE_PAUSED);
1959 }
1960 }
1961 #endif
1962
1963 static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend,
1964 bool *be_opened, Error **errp)
1965 {
1966 *be_opened = false;
1967 }
1968
1969 static void char_gdb_class_init(ObjectClass *oc, void *data)
1970 {
1971 ChardevClass *cc = CHARDEV_CLASS(oc);
1972
1973 cc->internal = true;
1974 cc->open = gdb_monitor_open;
1975 cc->chr_write = gdb_monitor_write;
1976 }
1977
1978 #define TYPE_CHARDEV_GDB "chardev-gdb"
1979
1980 static const TypeInfo char_gdb_type_info = {
1981 .name = TYPE_CHARDEV_GDB,
1982 .parent = TYPE_CHARDEV,
1983 .class_init = char_gdb_class_init,
1984 };
1985
1986 int gdbserver_start(const char *device)
1987 {
1988 trace_gdbstub_op_start(device);
1989
1990 GDBState *s;
1991 char gdbstub_device_name[128];
1992 Chardev *chr = NULL;
1993 Chardev *mon_chr;
1994
1995 if (!first_cpu) {
1996 error_report("gdbstub: meaningless to attach gdb to a "
1997 "machine without any CPU.");
1998 return -1;
1999 }
2000
2001 if (!device)
2002 return -1;
2003 if (strcmp(device, "none") != 0) {
2004 if (strstart(device, "tcp:", NULL)) {
2005 /* enforce required TCP attributes */
2006 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
2007 "%s,nowait,nodelay,server", device);
2008 device = gdbstub_device_name;
2009 }
2010 #ifndef _WIN32
2011 else if (strcmp(device, "stdio") == 0) {
2012 struct sigaction act;
2013
2014 memset(&act, 0, sizeof(act));
2015 act.sa_handler = gdb_sigterm_handler;
2016 sigaction(SIGINT, &act, NULL);
2017 }
2018 #endif
2019 chr = qemu_chr_new_noreplay("gdb", device);
2020 if (!chr)
2021 return -1;
2022 }
2023
2024 s = gdbserver_state;
2025 if (!s) {
2026 s = g_malloc0(sizeof(GDBState));
2027 gdbserver_state = s;
2028
2029 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
2030
2031 /* Initialize a monitor terminal for gdb */
2032 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB,
2033 NULL, &error_abort);
2034 monitor_init(mon_chr, 0);
2035 } else {
2036 qemu_chr_fe_deinit(&s->chr, true);
2037 mon_chr = s->mon_chr;
2038 memset(s, 0, sizeof(GDBState));
2039 s->mon_chr = mon_chr;
2040 }
2041 s->c_cpu = first_cpu;
2042 s->g_cpu = first_cpu;
2043 if (chr) {
2044 qemu_chr_fe_init(&s->chr, chr, &error_abort);
2045 qemu_chr_fe_set_handlers(&s->chr, gdb_chr_can_receive, gdb_chr_receive,
2046 gdb_chr_event, NULL, NULL, NULL, true);
2047 }
2048 s->state = chr ? RS_IDLE : RS_INACTIVE;
2049 s->mon_chr = mon_chr;
2050 s->current_syscall_cb = NULL;
2051
2052 return 0;
2053 }
2054
2055 static void register_types(void)
2056 {
2057 type_register_static(&char_gdb_type_info);
2058 }
2059
2060 type_init(register_types);
2061 #endif
Ray Wang's QEMU Repository