gdbstub.c (92620B)
1/* 2 * gdb server stub 3 * 4 * This implements a subset of the remote protocol as described in: 5 * 6 * https://sourceware.org/gdb/onlinedocs/gdb/Remote-Protocol.html 7 * 8 * Copyright (c) 2003-2005 Fabrice Bellard 9 * 10 * This library is free software; you can redistribute it and/or 11 * modify it under the terms of the GNU Lesser General Public 12 * License as published by the Free Software Foundation; either 13 * version 2 of the License, or (at your option) any later version. 14 * 15 * This library is distributed in the hope that it will be useful, 16 * but WITHOUT ANY WARRANTY; without even the implied warranty of 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 18 * Lesser General Public License for more details. 19 * 20 * You should have received a copy of the GNU Lesser General Public 21 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 22 * 23 * SPDX-License-Identifier: LGPL-2.0+ 24 */ 25 26#include "qemu/osdep.h" 27#include "qemu-common.h" 28#include "qapi/error.h" 29#include "qemu/error-report.h" 30#include "qemu/ctype.h" 31#include "qemu/cutils.h" 32#include "qemu/module.h" 33#include "trace/trace-root.h" 34#include "exec/gdbstub.h" 35#ifdef CONFIG_USER_ONLY 36#include "qemu.h" 37#else 38#include "monitor/monitor.h" 39#include "chardev/char.h" 40#include "chardev/char-fe.h" 41#include "hw/cpu/cluster.h" 42#include "hw/boards.h" 43#endif 44 45#define MAX_PACKET_LENGTH 4096 46 47#include "qemu/sockets.h" 48#include "sysemu/hw_accel.h" 49#include "sysemu/kvm.h" 50#include "sysemu/runstate.h" 51#include "semihosting/semihost.h" 52#include "exec/exec-all.h" 53#include "sysemu/replay.h" 54 55#ifdef CONFIG_USER_ONLY 56#define GDB_ATTACHED "0" 57#else 58#define GDB_ATTACHED "1" 59#endif 60 61#ifndef CONFIG_USER_ONLY 62static int phy_memory_mode; 63#endif 64 65static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr, 66 uint8_t *buf, int len, bool is_write) 67{ 68 CPUClass *cc; 69 70#ifndef CONFIG_USER_ONLY 71 if (phy_memory_mode) { 72 if (is_write) { 73 cpu_physical_memory_write(addr, buf, len); 74 } else { 75 cpu_physical_memory_read(addr, buf, len); 76 } 77 return 0; 78 } 79#endif 80 81 cc = CPU_GET_CLASS(cpu); 82 if (cc->memory_rw_debug) { 83 return cc->memory_rw_debug(cpu, addr, buf, len, is_write); 84 } 85 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write); 86} 87 88/* Return the GDB index for a given vCPU state. 89 * 90 * For user mode this is simply the thread id. In system mode GDB 91 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index. 92 */ 93static inline int cpu_gdb_index(CPUState *cpu) 94{ 95#if defined(CONFIG_USER_ONLY) 96 TaskState *ts = (TaskState *) cpu->opaque; 97 return ts->ts_tid; 98#else 99 return cpu->cpu_index + 1; 100#endif 101} 102 103enum { 104 GDB_SIGNAL_0 = 0, 105 GDB_SIGNAL_INT = 2, 106 GDB_SIGNAL_QUIT = 3, 107 GDB_SIGNAL_TRAP = 5, 108 GDB_SIGNAL_ABRT = 6, 109 GDB_SIGNAL_ALRM = 14, 110 GDB_SIGNAL_IO = 23, 111 GDB_SIGNAL_XCPU = 24, 112 GDB_SIGNAL_UNKNOWN = 143 113}; 114 115#ifdef CONFIG_USER_ONLY 116 117/* Map target signal numbers to GDB protocol signal numbers and vice 118 * versa. For user emulation's currently supported systems, we can 119 * assume most signals are defined. 120 */ 121 122static int gdb_signal_table[] = { 123 0, 124 TARGET_SIGHUP, 125 TARGET_SIGINT, 126 TARGET_SIGQUIT, 127 TARGET_SIGILL, 128 TARGET_SIGTRAP, 129 TARGET_SIGABRT, 130 -1, /* SIGEMT */ 131 TARGET_SIGFPE, 132 TARGET_SIGKILL, 133 TARGET_SIGBUS, 134 TARGET_SIGSEGV, 135 TARGET_SIGSYS, 136 TARGET_SIGPIPE, 137 TARGET_SIGALRM, 138 TARGET_SIGTERM, 139 TARGET_SIGURG, 140 TARGET_SIGSTOP, 141 TARGET_SIGTSTP, 142 TARGET_SIGCONT, 143 TARGET_SIGCHLD, 144 TARGET_SIGTTIN, 145 TARGET_SIGTTOU, 146 TARGET_SIGIO, 147 TARGET_SIGXCPU, 148 TARGET_SIGXFSZ, 149 TARGET_SIGVTALRM, 150 TARGET_SIGPROF, 151 TARGET_SIGWINCH, 152 -1, /* SIGLOST */ 153 TARGET_SIGUSR1, 154 TARGET_SIGUSR2, 155#ifdef TARGET_SIGPWR 156 TARGET_SIGPWR, 157#else 158 -1, 159#endif 160 -1, /* SIGPOLL */ 161 -1, 162 -1, 163 -1, 164 -1, 165 -1, 166 -1, 167 -1, 168 -1, 169 -1, 170 -1, 171 -1, 172#ifdef __SIGRTMIN 173 __SIGRTMIN + 1, 174 __SIGRTMIN + 2, 175 __SIGRTMIN + 3, 176 __SIGRTMIN + 4, 177 __SIGRTMIN + 5, 178 __SIGRTMIN + 6, 179 __SIGRTMIN + 7, 180 __SIGRTMIN + 8, 181 __SIGRTMIN + 9, 182 __SIGRTMIN + 10, 183 __SIGRTMIN + 11, 184 __SIGRTMIN + 12, 185 __SIGRTMIN + 13, 186 __SIGRTMIN + 14, 187 __SIGRTMIN + 15, 188 __SIGRTMIN + 16, 189 __SIGRTMIN + 17, 190 __SIGRTMIN + 18, 191 __SIGRTMIN + 19, 192 __SIGRTMIN + 20, 193 __SIGRTMIN + 21, 194 __SIGRTMIN + 22, 195 __SIGRTMIN + 23, 196 __SIGRTMIN + 24, 197 __SIGRTMIN + 25, 198 __SIGRTMIN + 26, 199 __SIGRTMIN + 27, 200 __SIGRTMIN + 28, 201 __SIGRTMIN + 29, 202 __SIGRTMIN + 30, 203 __SIGRTMIN + 31, 204 -1, /* SIGCANCEL */ 205 __SIGRTMIN, 206 __SIGRTMIN + 32, 207 __SIGRTMIN + 33, 208 __SIGRTMIN + 34, 209 __SIGRTMIN + 35, 210 __SIGRTMIN + 36, 211 __SIGRTMIN + 37, 212 __SIGRTMIN + 38, 213 __SIGRTMIN + 39, 214 __SIGRTMIN + 40, 215 __SIGRTMIN + 41, 216 __SIGRTMIN + 42, 217 __SIGRTMIN + 43, 218 __SIGRTMIN + 44, 219 __SIGRTMIN + 45, 220 __SIGRTMIN + 46, 221 __SIGRTMIN + 47, 222 __SIGRTMIN + 48, 223 __SIGRTMIN + 49, 224 __SIGRTMIN + 50, 225 __SIGRTMIN + 51, 226 __SIGRTMIN + 52, 227 __SIGRTMIN + 53, 228 __SIGRTMIN + 54, 229 __SIGRTMIN + 55, 230 __SIGRTMIN + 56, 231 __SIGRTMIN + 57, 232 __SIGRTMIN + 58, 233 __SIGRTMIN + 59, 234 __SIGRTMIN + 60, 235 __SIGRTMIN + 61, 236 __SIGRTMIN + 62, 237 __SIGRTMIN + 63, 238 __SIGRTMIN + 64, 239 __SIGRTMIN + 65, 240 __SIGRTMIN + 66, 241 __SIGRTMIN + 67, 242 __SIGRTMIN + 68, 243 __SIGRTMIN + 69, 244 __SIGRTMIN + 70, 245 __SIGRTMIN + 71, 246 __SIGRTMIN + 72, 247 __SIGRTMIN + 73, 248 __SIGRTMIN + 74, 249 __SIGRTMIN + 75, 250 __SIGRTMIN + 76, 251 __SIGRTMIN + 77, 252 __SIGRTMIN + 78, 253 __SIGRTMIN + 79, 254 __SIGRTMIN + 80, 255 __SIGRTMIN + 81, 256 __SIGRTMIN + 82, 257 __SIGRTMIN + 83, 258 __SIGRTMIN + 84, 259 __SIGRTMIN + 85, 260 __SIGRTMIN + 86, 261 __SIGRTMIN + 87, 262 __SIGRTMIN + 88, 263 __SIGRTMIN + 89, 264 __SIGRTMIN + 90, 265 __SIGRTMIN + 91, 266 __SIGRTMIN + 92, 267 __SIGRTMIN + 93, 268 __SIGRTMIN + 94, 269 __SIGRTMIN + 95, 270 -1, /* SIGINFO */ 271 -1, /* UNKNOWN */ 272 -1, /* DEFAULT */ 273 -1, 274 -1, 275 -1, 276 -1, 277 -1, 278 -1 279#endif 280}; 281#else 282/* In system mode we only need SIGINT and SIGTRAP; other signals 283 are not yet supported. */ 284 285enum { 286 TARGET_SIGINT = 2, 287 TARGET_SIGTRAP = 5 288}; 289 290static int gdb_signal_table[] = { 291 -1, 292 -1, 293 TARGET_SIGINT, 294 -1, 295 -1, 296 TARGET_SIGTRAP 297}; 298#endif 299 300#ifdef CONFIG_USER_ONLY 301static int target_signal_to_gdb (int sig) 302{ 303 int i; 304 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++) 305 if (gdb_signal_table[i] == sig) 306 return i; 307 return GDB_SIGNAL_UNKNOWN; 308} 309#endif 310 311static int gdb_signal_to_target (int sig) 312{ 313 if (sig < ARRAY_SIZE (gdb_signal_table)) 314 return gdb_signal_table[sig]; 315 else 316 return -1; 317} 318 319typedef struct GDBRegisterState { 320 int base_reg; 321 int num_regs; 322 gdb_get_reg_cb get_reg; 323 gdb_set_reg_cb set_reg; 324 const char *xml; 325 struct GDBRegisterState *next; 326} GDBRegisterState; 327 328typedef struct GDBProcess { 329 uint32_t pid; 330 bool attached; 331 332 char target_xml[1024]; 333} GDBProcess; 334 335enum RSState { 336 RS_INACTIVE, 337 RS_IDLE, 338 RS_GETLINE, 339 RS_GETLINE_ESC, 340 RS_GETLINE_RLE, 341 RS_CHKSUM1, 342 RS_CHKSUM2, 343}; 344typedef struct GDBState { 345 bool init; /* have we been initialised? */ 346 CPUState *c_cpu; /* current CPU for step/continue ops */ 347 CPUState *g_cpu; /* current CPU for other ops */ 348 CPUState *query_cpu; /* for q{f|s}ThreadInfo */ 349 enum RSState state; /* parsing state */ 350 char line_buf[MAX_PACKET_LENGTH]; 351 int line_buf_index; 352 int line_sum; /* running checksum */ 353 int line_csum; /* checksum at the end of the packet */ 354 GByteArray *last_packet; 355 int signal; 356#ifdef CONFIG_USER_ONLY 357 int fd; 358 char *socket_path; 359 int running_state; 360#else 361 CharBackend chr; 362 Chardev *mon_chr; 363#endif 364 bool multiprocess; 365 GDBProcess *processes; 366 int process_num; 367 char syscall_buf[256]; 368 gdb_syscall_complete_cb current_syscall_cb; 369 GString *str_buf; 370 GByteArray *mem_buf; 371} GDBState; 372 373/* By default use no IRQs and no timers while single stepping so as to 374 * make single stepping like an ICE HW step. 375 */ 376static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER; 377 378/* Retrieves flags for single step mode. */ 379static int get_sstep_flags(void) 380{ 381 /* 382 * In replay mode all events written into the log should be replayed. 383 * That is why NOIRQ flag is removed in this mode. 384 */ 385 if (replay_mode != REPLAY_MODE_NONE) { 386 return SSTEP_ENABLE; 387 } else { 388 return sstep_flags; 389 } 390} 391 392static GDBState gdbserver_state; 393 394static void init_gdbserver_state(void) 395{ 396 g_assert(!gdbserver_state.init); 397 memset(&gdbserver_state, 0, sizeof(GDBState)); 398 gdbserver_state.init = true; 399 gdbserver_state.str_buf = g_string_new(NULL); 400 gdbserver_state.mem_buf = g_byte_array_sized_new(MAX_PACKET_LENGTH); 401 gdbserver_state.last_packet = g_byte_array_sized_new(MAX_PACKET_LENGTH + 4); 402} 403 404#ifndef CONFIG_USER_ONLY 405static void reset_gdbserver_state(void) 406{ 407 g_free(gdbserver_state.processes); 408 gdbserver_state.processes = NULL; 409 gdbserver_state.process_num = 0; 410} 411#endif 412 413bool gdb_has_xml; 414 415#ifdef CONFIG_USER_ONLY 416 417static int get_char(void) 418{ 419 uint8_t ch; 420 int ret; 421 422 for(;;) { 423 ret = qemu_recv(gdbserver_state.fd, &ch, 1, 0); 424 if (ret < 0) { 425 if (errno == ECONNRESET) 426 gdbserver_state.fd = -1; 427 if (errno != EINTR) 428 return -1; 429 } else if (ret == 0) { 430 close(gdbserver_state.fd); 431 gdbserver_state.fd = -1; 432 return -1; 433 } else { 434 break; 435 } 436 } 437 return ch; 438} 439#endif 440 441static enum { 442 GDB_SYS_UNKNOWN, 443 GDB_SYS_ENABLED, 444 GDB_SYS_DISABLED, 445} gdb_syscall_mode; 446 447/* Decide if either remote gdb syscalls or native file IO should be used. */ 448int use_gdb_syscalls(void) 449{ 450 SemihostingTarget target = semihosting_get_target(); 451 if (target == SEMIHOSTING_TARGET_NATIVE) { 452 /* -semihosting-config target=native */ 453 return false; 454 } else if (target == SEMIHOSTING_TARGET_GDB) { 455 /* -semihosting-config target=gdb */ 456 return true; 457 } 458 459 /* -semihosting-config target=auto */ 460 /* On the first call check if gdb is connected and remember. */ 461 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) { 462 gdb_syscall_mode = gdbserver_state.init ? 463 GDB_SYS_ENABLED : GDB_SYS_DISABLED; 464 } 465 return gdb_syscall_mode == GDB_SYS_ENABLED; 466} 467 468static bool stub_can_reverse(void) 469{ 470#ifdef CONFIG_USER_ONLY 471 return false; 472#else 473 return replay_mode == REPLAY_MODE_PLAY; 474#endif 475} 476 477/* Resume execution. */ 478static inline void gdb_continue(void) 479{ 480 481#ifdef CONFIG_USER_ONLY 482 gdbserver_state.running_state = 1; 483 trace_gdbstub_op_continue(); 484#else 485 if (!runstate_needs_reset()) { 486 trace_gdbstub_op_continue(); 487 vm_start(); 488 } 489#endif 490} 491 492/* 493 * Resume execution, per CPU actions. For user-mode emulation it's 494 * equivalent to gdb_continue. 495 */ 496static int gdb_continue_partial(char *newstates) 497{ 498 CPUState *cpu; 499 int res = 0; 500#ifdef CONFIG_USER_ONLY 501 /* 502 * This is not exactly accurate, but it's an improvement compared to the 503 * previous situation, where only one CPU would be single-stepped. 504 */ 505 CPU_FOREACH(cpu) { 506 if (newstates[cpu->cpu_index] == 's') { 507 trace_gdbstub_op_stepping(cpu->cpu_index); 508 cpu_single_step(cpu, sstep_flags); 509 } 510 } 511 gdbserver_state.running_state = 1; 512#else 513 int flag = 0; 514 515 if (!runstate_needs_reset()) { 516 if (vm_prepare_start()) { 517 return 0; 518 } 519 520 CPU_FOREACH(cpu) { 521 switch (newstates[cpu->cpu_index]) { 522 case 0: 523 case 1: 524 break; /* nothing to do here */ 525 case 's': 526 trace_gdbstub_op_stepping(cpu->cpu_index); 527 cpu_single_step(cpu, get_sstep_flags()); 528 cpu_resume(cpu); 529 flag = 1; 530 break; 531 case 'c': 532 trace_gdbstub_op_continue_cpu(cpu->cpu_index); 533 cpu_resume(cpu); 534 flag = 1; 535 break; 536 default: 537 res = -1; 538 break; 539 } 540 } 541 } 542 if (flag) { 543 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true); 544 } 545#endif 546 return res; 547} 548 549static void put_buffer(const uint8_t *buf, int len) 550{ 551#ifdef CONFIG_USER_ONLY 552 int ret; 553 554 while (len > 0) { 555 ret = send(gdbserver_state.fd, buf, len, 0); 556 if (ret < 0) { 557 if (errno != EINTR) 558 return; 559 } else { 560 buf += ret; 561 len -= ret; 562 } 563 } 564#else 565 /* XXX this blocks entire thread. Rewrite to use 566 * qemu_chr_fe_write and background I/O callbacks */ 567 qemu_chr_fe_write_all(&gdbserver_state.chr, buf, len); 568#endif 569} 570 571static inline int fromhex(int v) 572{ 573 if (v >= '0' && v <= '9') 574 return v - '0'; 575 else if (v >= 'A' && v <= 'F') 576 return v - 'A' + 10; 577 else if (v >= 'a' && v <= 'f') 578 return v - 'a' + 10; 579 else 580 return 0; 581} 582 583static inline int tohex(int v) 584{ 585 if (v < 10) 586 return v + '0'; 587 else 588 return v - 10 + 'a'; 589} 590 591/* writes 2*len+1 bytes in buf */ 592static void memtohex(GString *buf, const uint8_t *mem, int len) 593{ 594 int i, c; 595 for(i = 0; i < len; i++) { 596 c = mem[i]; 597 g_string_append_c(buf, tohex(c >> 4)); 598 g_string_append_c(buf, tohex(c & 0xf)); 599 } 600 g_string_append_c(buf, '\0'); 601} 602 603static void hextomem(GByteArray *mem, const char *buf, int len) 604{ 605 int i; 606 607 for(i = 0; i < len; i++) { 608 guint8 byte = fromhex(buf[0]) << 4 | fromhex(buf[1]); 609 g_byte_array_append(mem, &byte, 1); 610 buf += 2; 611 } 612} 613 614static void hexdump(const char *buf, int len, 615 void (*trace_fn)(size_t ofs, char const *text)) 616{ 617 char line_buffer[3 * 16 + 4 + 16 + 1]; 618 619 size_t i; 620 for (i = 0; i < len || (i & 0xF); ++i) { 621 size_t byte_ofs = i & 15; 622 623 if (byte_ofs == 0) { 624 memset(line_buffer, ' ', 3 * 16 + 4 + 16); 625 line_buffer[3 * 16 + 4 + 16] = 0; 626 } 627 628 size_t col_group = (i >> 2) & 3; 629 size_t hex_col = byte_ofs * 3 + col_group; 630 size_t txt_col = 3 * 16 + 4 + byte_ofs; 631 632 if (i < len) { 633 char value = buf[i]; 634 635 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF); 636 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF); 637 line_buffer[txt_col + 0] = (value >= ' ' && value < 127) 638 ? value 639 : '.'; 640 } 641 642 if (byte_ofs == 0xF) 643 trace_fn(i & -16, line_buffer); 644 } 645} 646 647/* return -1 if error, 0 if OK */ 648static int put_packet_binary(const char *buf, int len, bool dump) 649{ 650 int csum, i; 651 uint8_t footer[3]; 652 653 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) { 654 hexdump(buf, len, trace_gdbstub_io_binaryreply); 655 } 656 657 for(;;) { 658 g_byte_array_set_size(gdbserver_state.last_packet, 0); 659 g_byte_array_append(gdbserver_state.last_packet, 660 (const uint8_t *) "$", 1); 661 g_byte_array_append(gdbserver_state.last_packet, 662 (const uint8_t *) buf, len); 663 csum = 0; 664 for(i = 0; i < len; i++) { 665 csum += buf[i]; 666 } 667 footer[0] = '#'; 668 footer[1] = tohex((csum >> 4) & 0xf); 669 footer[2] = tohex((csum) & 0xf); 670 g_byte_array_append(gdbserver_state.last_packet, footer, 3); 671 672 put_buffer(gdbserver_state.last_packet->data, 673 gdbserver_state.last_packet->len); 674 675#ifdef CONFIG_USER_ONLY 676 i = get_char(); 677 if (i < 0) 678 return -1; 679 if (i == '+') 680 break; 681#else 682 break; 683#endif 684 } 685 return 0; 686} 687 688/* return -1 if error, 0 if OK */ 689static int put_packet(const char *buf) 690{ 691 trace_gdbstub_io_reply(buf); 692 693 return put_packet_binary(buf, strlen(buf), false); 694} 695 696static void put_strbuf(void) 697{ 698 put_packet(gdbserver_state.str_buf->str); 699} 700 701/* Encode data using the encoding for 'x' packets. */ 702static void memtox(GString *buf, const char *mem, int len) 703{ 704 char c; 705 706 while (len--) { 707 c = *(mem++); 708 switch (c) { 709 case '#': case '$': case '*': case '}': 710 g_string_append_c(buf, '}'); 711 g_string_append_c(buf, c ^ 0x20); 712 break; 713 default: 714 g_string_append_c(buf, c); 715 break; 716 } 717 } 718} 719 720static uint32_t gdb_get_cpu_pid(CPUState *cpu) 721{ 722 /* TODO: In user mode, we should use the task state PID */ 723 if (cpu->cluster_index == UNASSIGNED_CLUSTER_INDEX) { 724 /* Return the default process' PID */ 725 int index = gdbserver_state.process_num - 1; 726 return gdbserver_state.processes[index].pid; 727 } 728 return cpu->cluster_index + 1; 729} 730 731static GDBProcess *gdb_get_process(uint32_t pid) 732{ 733 int i; 734 735 if (!pid) { 736 /* 0 means any process, we take the first one */ 737 return &gdbserver_state.processes[0]; 738 } 739 740 for (i = 0; i < gdbserver_state.process_num; i++) { 741 if (gdbserver_state.processes[i].pid == pid) { 742 return &gdbserver_state.processes[i]; 743 } 744 } 745 746 return NULL; 747} 748 749static GDBProcess *gdb_get_cpu_process(CPUState *cpu) 750{ 751 return gdb_get_process(gdb_get_cpu_pid(cpu)); 752} 753 754static CPUState *find_cpu(uint32_t thread_id) 755{ 756 CPUState *cpu; 757 758 CPU_FOREACH(cpu) { 759 if (cpu_gdb_index(cpu) == thread_id) { 760 return cpu; 761 } 762 } 763 764 return NULL; 765} 766 767static CPUState *get_first_cpu_in_process(GDBProcess *process) 768{ 769 CPUState *cpu; 770 771 CPU_FOREACH(cpu) { 772 if (gdb_get_cpu_pid(cpu) == process->pid) { 773 return cpu; 774 } 775 } 776 777 return NULL; 778} 779 780static CPUState *gdb_next_cpu_in_process(CPUState *cpu) 781{ 782 uint32_t pid = gdb_get_cpu_pid(cpu); 783 cpu = CPU_NEXT(cpu); 784 785 while (cpu) { 786 if (gdb_get_cpu_pid(cpu) == pid) { 787 break; 788 } 789 790 cpu = CPU_NEXT(cpu); 791 } 792 793 return cpu; 794} 795 796/* Return the cpu following @cpu, while ignoring unattached processes. */ 797static CPUState *gdb_next_attached_cpu(CPUState *cpu) 798{ 799 cpu = CPU_NEXT(cpu); 800 801 while (cpu) { 802 if (gdb_get_cpu_process(cpu)->attached) { 803 break; 804 } 805 806 cpu = CPU_NEXT(cpu); 807 } 808 809 return cpu; 810} 811 812/* Return the first attached cpu */ 813static CPUState *gdb_first_attached_cpu(void) 814{ 815 CPUState *cpu = first_cpu; 816 GDBProcess *process = gdb_get_cpu_process(cpu); 817 818 if (!process->attached) { 819 return gdb_next_attached_cpu(cpu); 820 } 821 822 return cpu; 823} 824 825static CPUState *gdb_get_cpu(uint32_t pid, uint32_t tid) 826{ 827 GDBProcess *process; 828 CPUState *cpu; 829 830 if (!pid && !tid) { 831 /* 0 means any process/thread, we take the first attached one */ 832 return gdb_first_attached_cpu(); 833 } else if (pid && !tid) { 834 /* any thread in a specific process */ 835 process = gdb_get_process(pid); 836 837 if (process == NULL) { 838 return NULL; 839 } 840 841 if (!process->attached) { 842 return NULL; 843 } 844 845 return get_first_cpu_in_process(process); 846 } else { 847 /* a specific thread */ 848 cpu = find_cpu(tid); 849 850 if (cpu == NULL) { 851 return NULL; 852 } 853 854 process = gdb_get_cpu_process(cpu); 855 856 if (pid && process->pid != pid) { 857 return NULL; 858 } 859 860 if (!process->attached) { 861 return NULL; 862 } 863 864 return cpu; 865 } 866} 867 868static const char *get_feature_xml(const char *p, const char **newp, 869 GDBProcess *process) 870{ 871 size_t len; 872 int i; 873 const char *name; 874 CPUState *cpu = get_first_cpu_in_process(process); 875 CPUClass *cc = CPU_GET_CLASS(cpu); 876 877 len = 0; 878 while (p[len] && p[len] != ':') 879 len++; 880 *newp = p + len; 881 882 name = NULL; 883 if (strncmp(p, "target.xml", len) == 0) { 884 char *buf = process->target_xml; 885 const size_t buf_sz = sizeof(process->target_xml); 886 887 /* Generate the XML description for this CPU. */ 888 if (!buf[0]) { 889 GDBRegisterState *r; 890 891 pstrcat(buf, buf_sz, 892 "<?xml version=\"1.0\"?>" 893 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">" 894 "<target>"); 895 if (cc->gdb_arch_name) { 896 gchar *arch = cc->gdb_arch_name(cpu); 897 pstrcat(buf, buf_sz, "<architecture>"); 898 pstrcat(buf, buf_sz, arch); 899 pstrcat(buf, buf_sz, "</architecture>"); 900 g_free(arch); 901 } 902 pstrcat(buf, buf_sz, "<xi:include href=\""); 903 pstrcat(buf, buf_sz, cc->gdb_core_xml_file); 904 pstrcat(buf, buf_sz, "\"/>"); 905 for (r = cpu->gdb_regs; r; r = r->next) { 906 pstrcat(buf, buf_sz, "<xi:include href=\""); 907 pstrcat(buf, buf_sz, r->xml); 908 pstrcat(buf, buf_sz, "\"/>"); 909 } 910 pstrcat(buf, buf_sz, "</target>"); 911 } 912 return buf; 913 } 914 if (cc->gdb_get_dynamic_xml) { 915 char *xmlname = g_strndup(p, len); 916 const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname); 917 918 g_free(xmlname); 919 if (xml) { 920 return xml; 921 } 922 } 923 for (i = 0; ; i++) { 924 name = xml_builtin[i][0]; 925 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len)) 926 break; 927 } 928 return name ? xml_builtin[i][1] : NULL; 929} 930 931static int gdb_read_register(CPUState *cpu, GByteArray *buf, int reg) 932{ 933 CPUClass *cc = CPU_GET_CLASS(cpu); 934 CPUArchState *env = cpu->env_ptr; 935 GDBRegisterState *r; 936 937 if (reg < cc->gdb_num_core_regs) { 938 return cc->gdb_read_register(cpu, buf, reg); 939 } 940 941 for (r = cpu->gdb_regs; r; r = r->next) { 942 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) { 943 return r->get_reg(env, buf, reg - r->base_reg); 944 } 945 } 946 return 0; 947} 948 949static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg) 950{ 951 CPUClass *cc = CPU_GET_CLASS(cpu); 952 CPUArchState *env = cpu->env_ptr; 953 GDBRegisterState *r; 954 955 if (reg < cc->gdb_num_core_regs) { 956 return cc->gdb_write_register(cpu, mem_buf, reg); 957 } 958 959 for (r = cpu->gdb_regs; r; r = r->next) { 960 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) { 961 return r->set_reg(env, mem_buf, reg - r->base_reg); 962 } 963 } 964 return 0; 965} 966 967/* Register a supplemental set of CPU registers. If g_pos is nonzero it 968 specifies the first register number and these registers are included in 969 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is 970 gdb reading a CPU register, and set_reg is gdb modifying a CPU register. 971 */ 972 973void gdb_register_coprocessor(CPUState *cpu, 974 gdb_get_reg_cb get_reg, gdb_set_reg_cb set_reg, 975 int num_regs, const char *xml, int g_pos) 976{ 977 GDBRegisterState *s; 978 GDBRegisterState **p; 979 980 p = &cpu->gdb_regs; 981 while (*p) { 982 /* Check for duplicates. */ 983 if (strcmp((*p)->xml, xml) == 0) 984 return; 985 p = &(*p)->next; 986 } 987 988 s = g_new0(GDBRegisterState, 1); 989 s->base_reg = cpu->gdb_num_regs; 990 s->num_regs = num_regs; 991 s->get_reg = get_reg; 992 s->set_reg = set_reg; 993 s->xml = xml; 994 995 /* Add to end of list. */ 996 cpu->gdb_num_regs += num_regs; 997 *p = s; 998 if (g_pos) { 999 if (g_pos != s->base_reg) { 1000 error_report("Error: Bad gdb register numbering for '%s', " 1001 "expected %d got %d", xml, g_pos, s->base_reg); 1002 } else { 1003 cpu->gdb_num_g_regs = cpu->gdb_num_regs; 1004 } 1005 } 1006} 1007 1008#ifndef CONFIG_USER_ONLY 1009/* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */ 1010static inline int xlat_gdb_type(CPUState *cpu, int gdbtype) 1011{ 1012 static const int xlat[] = { 1013 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE, 1014 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ, 1015 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS, 1016 }; 1017 1018 CPUClass *cc = CPU_GET_CLASS(cpu); 1019 int cputype = xlat[gdbtype]; 1020 1021 if (cc->gdb_stop_before_watchpoint) { 1022 cputype |= BP_STOP_BEFORE_ACCESS; 1023 } 1024 return cputype; 1025} 1026#endif 1027 1028static int gdb_breakpoint_insert(int type, target_ulong addr, target_ulong len) 1029{ 1030 CPUState *cpu; 1031 int err = 0; 1032 1033 if (kvm_enabled()) { 1034 return kvm_insert_breakpoint(gdbserver_state.c_cpu, addr, len, type); 1035 } 1036 1037 switch (type) { 1038 case GDB_BREAKPOINT_SW: 1039 case GDB_BREAKPOINT_HW: 1040 CPU_FOREACH(cpu) { 1041 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL); 1042 if (err) { 1043 break; 1044 } 1045 } 1046 return err; 1047#ifndef CONFIG_USER_ONLY 1048 case GDB_WATCHPOINT_WRITE: 1049 case GDB_WATCHPOINT_READ: 1050 case GDB_WATCHPOINT_ACCESS: 1051 CPU_FOREACH(cpu) { 1052 err = cpu_watchpoint_insert(cpu, addr, len, 1053 xlat_gdb_type(cpu, type), NULL); 1054 if (err) { 1055 break; 1056 } 1057 } 1058 return err; 1059#endif 1060 default: 1061 return -ENOSYS; 1062 } 1063} 1064 1065static int gdb_breakpoint_remove(int type, target_ulong addr, target_ulong len) 1066{ 1067 CPUState *cpu; 1068 int err = 0; 1069 1070 if (kvm_enabled()) { 1071 return kvm_remove_breakpoint(gdbserver_state.c_cpu, addr, len, type); 1072 } 1073 1074 switch (type) { 1075 case GDB_BREAKPOINT_SW: 1076 case GDB_BREAKPOINT_HW: 1077 CPU_FOREACH(cpu) { 1078 err = cpu_breakpoint_remove(cpu, addr, BP_GDB); 1079 if (err) { 1080 break; 1081 } 1082 } 1083 return err; 1084#ifndef CONFIG_USER_ONLY 1085 case GDB_WATCHPOINT_WRITE: 1086 case GDB_WATCHPOINT_READ: 1087 case GDB_WATCHPOINT_ACCESS: 1088 CPU_FOREACH(cpu) { 1089 err = cpu_watchpoint_remove(cpu, addr, len, 1090 xlat_gdb_type(cpu, type)); 1091 if (err) 1092 break; 1093 } 1094 return err; 1095#endif 1096 default: 1097 return -ENOSYS; 1098 } 1099} 1100 1101static inline void gdb_cpu_breakpoint_remove_all(CPUState *cpu) 1102{ 1103 cpu_breakpoint_remove_all(cpu, BP_GDB); 1104#ifndef CONFIG_USER_ONLY 1105 cpu_watchpoint_remove_all(cpu, BP_GDB); 1106#endif 1107} 1108 1109static void gdb_process_breakpoint_remove_all(GDBProcess *p) 1110{ 1111 CPUState *cpu = get_first_cpu_in_process(p); 1112 1113 while (cpu) { 1114 gdb_cpu_breakpoint_remove_all(cpu); 1115 cpu = gdb_next_cpu_in_process(cpu); 1116 } 1117} 1118 1119static void gdb_breakpoint_remove_all(void) 1120{ 1121 CPUState *cpu; 1122 1123 if (kvm_enabled()) { 1124 kvm_remove_all_breakpoints(gdbserver_state.c_cpu); 1125 return; 1126 } 1127 1128 CPU_FOREACH(cpu) { 1129 gdb_cpu_breakpoint_remove_all(cpu); 1130 } 1131} 1132 1133static void gdb_set_cpu_pc(target_ulong pc) 1134{ 1135 CPUState *cpu = gdbserver_state.c_cpu; 1136 1137 cpu_synchronize_state(cpu); 1138 cpu_set_pc(cpu, pc); 1139} 1140 1141static void gdb_append_thread_id(CPUState *cpu, GString *buf) 1142{ 1143 if (gdbserver_state.multiprocess) { 1144 g_string_append_printf(buf, "p%02x.%02x", 1145 gdb_get_cpu_pid(cpu), cpu_gdb_index(cpu)); 1146 } else { 1147 g_string_append_printf(buf, "%02x", cpu_gdb_index(cpu)); 1148 } 1149} 1150 1151typedef enum GDBThreadIdKind { 1152 GDB_ONE_THREAD = 0, 1153 GDB_ALL_THREADS, /* One process, all threads */ 1154 GDB_ALL_PROCESSES, 1155 GDB_READ_THREAD_ERR 1156} GDBThreadIdKind; 1157 1158static GDBThreadIdKind read_thread_id(const char *buf, const char **end_buf, 1159 uint32_t *pid, uint32_t *tid) 1160{ 1161 unsigned long p, t; 1162 int ret; 1163 1164 if (*buf == 'p') { 1165 buf++; 1166 ret = qemu_strtoul(buf, &buf, 16, &p); 1167 1168 if (ret) { 1169 return GDB_READ_THREAD_ERR; 1170 } 1171 1172 /* Skip '.' */ 1173 buf++; 1174 } else { 1175 p = 1; 1176 } 1177 1178 ret = qemu_strtoul(buf, &buf, 16, &t); 1179 1180 if (ret) { 1181 return GDB_READ_THREAD_ERR; 1182 } 1183 1184 *end_buf = buf; 1185 1186 if (p == -1) { 1187 return GDB_ALL_PROCESSES; 1188 } 1189 1190 if (pid) { 1191 *pid = p; 1192 } 1193 1194 if (t == -1) { 1195 return GDB_ALL_THREADS; 1196 } 1197 1198 if (tid) { 1199 *tid = t; 1200 } 1201 1202 return GDB_ONE_THREAD; 1203} 1204 1205/** 1206 * gdb_handle_vcont - Parses and handles a vCont packet. 1207 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is 1208 * a format error, 0 on success. 1209 */ 1210static int gdb_handle_vcont(const char *p) 1211{ 1212 int res, signal = 0; 1213 char cur_action; 1214 char *newstates; 1215 unsigned long tmp; 1216 uint32_t pid, tid; 1217 GDBProcess *process; 1218 CPUState *cpu; 1219 GDBThreadIdKind kind; 1220#ifdef CONFIG_USER_ONLY 1221 int max_cpus = 1; /* global variable max_cpus exists only in system mode */ 1222 1223 CPU_FOREACH(cpu) { 1224 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus; 1225 } 1226#else 1227 MachineState *ms = MACHINE(qdev_get_machine()); 1228 unsigned int max_cpus = ms->smp.max_cpus; 1229#endif 1230 /* uninitialised CPUs stay 0 */ 1231 newstates = g_new0(char, max_cpus); 1232 1233 /* mark valid CPUs with 1 */ 1234 CPU_FOREACH(cpu) { 1235 newstates[cpu->cpu_index] = 1; 1236 } 1237 1238 /* 1239 * res keeps track of what error we are returning, with -ENOTSUP meaning 1240 * that the command is unknown or unsupported, thus returning an empty 1241 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid, 1242 * or incorrect parameters passed. 1243 */ 1244 res = 0; 1245 while (*p) { 1246 if (*p++ != ';') { 1247 res = -ENOTSUP; 1248 goto out; 1249 } 1250 1251 cur_action = *p++; 1252 if (cur_action == 'C' || cur_action == 'S') { 1253 cur_action = qemu_tolower(cur_action); 1254 res = qemu_strtoul(p, &p, 16, &tmp); 1255 if (res) { 1256 goto out; 1257 } 1258 signal = gdb_signal_to_target(tmp); 1259 } else if (cur_action != 'c' && cur_action != 's') { 1260 /* unknown/invalid/unsupported command */ 1261 res = -ENOTSUP; 1262 goto out; 1263 } 1264 1265 if (*p == '\0' || *p == ';') { 1266 /* 1267 * No thread specifier, action is on "all threads". The 1268 * specification is unclear regarding the process to act on. We 1269 * choose all processes. 1270 */ 1271 kind = GDB_ALL_PROCESSES; 1272 } else if (*p++ == ':') { 1273 kind = read_thread_id(p, &p, &pid, &tid); 1274 } else { 1275 res = -ENOTSUP; 1276 goto out; 1277 } 1278 1279 switch (kind) { 1280 case GDB_READ_THREAD_ERR: 1281 res = -EINVAL; 1282 goto out; 1283 1284 case GDB_ALL_PROCESSES: 1285 cpu = gdb_first_attached_cpu(); 1286 while (cpu) { 1287 if (newstates[cpu->cpu_index] == 1) { 1288 newstates[cpu->cpu_index] = cur_action; 1289 } 1290 1291 cpu = gdb_next_attached_cpu(cpu); 1292 } 1293 break; 1294 1295 case GDB_ALL_THREADS: 1296 process = gdb_get_process(pid); 1297 1298 if (!process->attached) { 1299 res = -EINVAL; 1300 goto out; 1301 } 1302 1303 cpu = get_first_cpu_in_process(process); 1304 while (cpu) { 1305 if (newstates[cpu->cpu_index] == 1) { 1306 newstates[cpu->cpu_index] = cur_action; 1307 } 1308 1309 cpu = gdb_next_cpu_in_process(cpu); 1310 } 1311 break; 1312 1313 case GDB_ONE_THREAD: 1314 cpu = gdb_get_cpu(pid, tid); 1315 1316 /* invalid CPU/thread specified */ 1317 if (!cpu) { 1318 res = -EINVAL; 1319 goto out; 1320 } 1321 1322 /* only use if no previous match occourred */ 1323 if (newstates[cpu->cpu_index] == 1) { 1324 newstates[cpu->cpu_index] = cur_action; 1325 } 1326 break; 1327 } 1328 } 1329 gdbserver_state.signal = signal; 1330 gdb_continue_partial(newstates); 1331 1332out: 1333 g_free(newstates); 1334 1335 return res; 1336} 1337 1338typedef union GdbCmdVariant { 1339 const char *data; 1340 uint8_t opcode; 1341 unsigned long val_ul; 1342 unsigned long long val_ull; 1343 struct { 1344 GDBThreadIdKind kind; 1345 uint32_t pid; 1346 uint32_t tid; 1347 } thread_id; 1348} GdbCmdVariant; 1349 1350#define get_param(p, i) (&g_array_index(p, GdbCmdVariant, i)) 1351 1352static const char *cmd_next_param(const char *param, const char delimiter) 1353{ 1354 static const char all_delimiters[] = ",;:="; 1355 char curr_delimiters[2] = {0}; 1356 const char *delimiters; 1357 1358 if (delimiter == '?') { 1359 delimiters = all_delimiters; 1360 } else if (delimiter == '0') { 1361 return strchr(param, '\0'); 1362 } else if (delimiter == '.' && *param) { 1363 return param + 1; 1364 } else { 1365 curr_delimiters[0] = delimiter; 1366 delimiters = curr_delimiters; 1367 } 1368 1369 param += strcspn(param, delimiters); 1370 if (*param) { 1371 param++; 1372 } 1373 return param; 1374} 1375 1376static int cmd_parse_params(const char *data, const char *schema, 1377 GArray *params) 1378{ 1379 const char *curr_schema, *curr_data; 1380 1381 g_assert(schema); 1382 g_assert(params->len == 0); 1383 1384 curr_schema = schema; 1385 curr_data = data; 1386 while (curr_schema[0] && curr_schema[1] && *curr_data) { 1387 GdbCmdVariant this_param; 1388 1389 switch (curr_schema[0]) { 1390 case 'l': 1391 if (qemu_strtoul(curr_data, &curr_data, 16, 1392 &this_param.val_ul)) { 1393 return -EINVAL; 1394 } 1395 curr_data = cmd_next_param(curr_data, curr_schema[1]); 1396 g_array_append_val(params, this_param); 1397 break; 1398 case 'L': 1399 if (qemu_strtou64(curr_data, &curr_data, 16, 1400 (uint64_t *)&this_param.val_ull)) { 1401 return -EINVAL; 1402 } 1403 curr_data = cmd_next_param(curr_data, curr_schema[1]); 1404 g_array_append_val(params, this_param); 1405 break; 1406 case 's': 1407 this_param.data = curr_data; 1408 curr_data = cmd_next_param(curr_data, curr_schema[1]); 1409 g_array_append_val(params, this_param); 1410 break; 1411 case 'o': 1412 this_param.opcode = *(uint8_t *)curr_data; 1413 curr_data = cmd_next_param(curr_data, curr_schema[1]); 1414 g_array_append_val(params, this_param); 1415 break; 1416 case 't': 1417 this_param.thread_id.kind = 1418 read_thread_id(curr_data, &curr_data, 1419 &this_param.thread_id.pid, 1420 &this_param.thread_id.tid); 1421 curr_data = cmd_next_param(curr_data, curr_schema[1]); 1422 g_array_append_val(params, this_param); 1423 break; 1424 case '?': 1425 curr_data = cmd_next_param(curr_data, curr_schema[1]); 1426 break; 1427 default: 1428 return -EINVAL; 1429 } 1430 curr_schema += 2; 1431 } 1432 1433 return 0; 1434} 1435 1436typedef void (*GdbCmdHandler)(GArray *params, void *user_ctx); 1437 1438/* 1439 * cmd_startswith -> cmd is compared using startswith 1440 * 1441 * 1442 * schema definitions: 1443 * Each schema parameter entry consists of 2 chars, 1444 * the first char represents the parameter type handling 1445 * the second char represents the delimiter for the next parameter 1446 * 1447 * Currently supported schema types: 1448 * 'l' -> unsigned long (stored in .val_ul) 1449 * 'L' -> unsigned long long (stored in .val_ull) 1450 * 's' -> string (stored in .data) 1451 * 'o' -> single char (stored in .opcode) 1452 * 't' -> thread id (stored in .thread_id) 1453 * '?' -> skip according to delimiter 1454 * 1455 * Currently supported delimiters: 1456 * '?' -> Stop at any delimiter (",;:=\0") 1457 * '0' -> Stop at "\0" 1458 * '.' -> Skip 1 char unless reached "\0" 1459 * Any other value is treated as the delimiter value itself 1460 */ 1461typedef struct GdbCmdParseEntry { 1462 GdbCmdHandler handler; 1463 const char *cmd; 1464 bool cmd_startswith; 1465 const char *schema; 1466} GdbCmdParseEntry; 1467 1468static inline int startswith(const char *string, const char *pattern) 1469{ 1470 return !strncmp(string, pattern, strlen(pattern)); 1471} 1472 1473static int process_string_cmd(void *user_ctx, const char *data, 1474 const GdbCmdParseEntry *cmds, int num_cmds) 1475{ 1476 int i; 1477 g_autoptr(GArray) params = g_array_new(false, true, sizeof(GdbCmdVariant)); 1478 1479 if (!cmds) { 1480 return -1; 1481 } 1482 1483 for (i = 0; i < num_cmds; i++) { 1484 const GdbCmdParseEntry *cmd = &cmds[i]; 1485 g_assert(cmd->handler && cmd->cmd); 1486 1487 if ((cmd->cmd_startswith && !startswith(data, cmd->cmd)) || 1488 (!cmd->cmd_startswith && strcmp(cmd->cmd, data))) { 1489 continue; 1490 } 1491 1492 if (cmd->schema) { 1493 if (cmd_parse_params(&data[strlen(cmd->cmd)], 1494 cmd->schema, params)) { 1495 return -1; 1496 } 1497 } 1498 1499 cmd->handler(params, user_ctx); 1500 return 0; 1501 } 1502 1503 return -1; 1504} 1505 1506static void run_cmd_parser(const char *data, const GdbCmdParseEntry *cmd) 1507{ 1508 if (!data) { 1509 return; 1510 } 1511 1512 g_string_set_size(gdbserver_state.str_buf, 0); 1513 g_byte_array_set_size(gdbserver_state.mem_buf, 0); 1514 1515 /* In case there was an error during the command parsing we must 1516 * send a NULL packet to indicate the command is not supported */ 1517 if (process_string_cmd(NULL, data, cmd, 1)) { 1518 put_packet(""); 1519 } 1520} 1521 1522static void handle_detach(GArray *params, void *user_ctx) 1523{ 1524 GDBProcess *process; 1525 uint32_t pid = 1; 1526 1527 if (gdbserver_state.multiprocess) { 1528 if (!params->len) { 1529 put_packet("E22"); 1530 return; 1531 } 1532 1533 pid = get_param(params, 0)->val_ul; 1534 } 1535 1536 process = gdb_get_process(pid); 1537 gdb_process_breakpoint_remove_all(process); 1538 process->attached = false; 1539 1540 if (pid == gdb_get_cpu_pid(gdbserver_state.c_cpu)) { 1541 gdbserver_state.c_cpu = gdb_first_attached_cpu(); 1542 } 1543 1544 if (pid == gdb_get_cpu_pid(gdbserver_state.g_cpu)) { 1545 gdbserver_state.g_cpu = gdb_first_attached_cpu(); 1546 } 1547 1548 if (!gdbserver_state.c_cpu) { 1549 /* No more process attached */ 1550 gdb_syscall_mode = GDB_SYS_DISABLED; 1551 gdb_continue(); 1552 } 1553 put_packet("OK"); 1554} 1555 1556static void handle_thread_alive(GArray *params, void *user_ctx) 1557{ 1558 CPUState *cpu; 1559 1560 if (!params->len) { 1561 put_packet("E22"); 1562 return; 1563 } 1564 1565 if (get_param(params, 0)->thread_id.kind == GDB_READ_THREAD_ERR) { 1566 put_packet("E22"); 1567 return; 1568 } 1569 1570 cpu = gdb_get_cpu(get_param(params, 0)->thread_id.pid, 1571 get_param(params, 0)->thread_id.tid); 1572 if (!cpu) { 1573 put_packet("E22"); 1574 return; 1575 } 1576 1577 put_packet("OK"); 1578} 1579 1580static void handle_continue(GArray *params, void *user_ctx) 1581{ 1582 if (params->len) { 1583 gdb_set_cpu_pc(get_param(params, 0)->val_ull); 1584 } 1585 1586 gdbserver_state.signal = 0; 1587 gdb_continue(); 1588} 1589 1590static void handle_cont_with_sig(GArray *params, void *user_ctx) 1591{ 1592 unsigned long signal = 0; 1593 1594 /* 1595 * Note: C sig;[addr] is currently unsupported and we simply 1596 * omit the addr parameter 1597 */ 1598 if (params->len) { 1599 signal = get_param(params, 0)->val_ul; 1600 } 1601 1602 gdbserver_state.signal = gdb_signal_to_target(signal); 1603 if (gdbserver_state.signal == -1) { 1604 gdbserver_state.signal = 0; 1605 } 1606 gdb_continue(); 1607} 1608 1609static void handle_set_thread(GArray *params, void *user_ctx) 1610{ 1611 CPUState *cpu; 1612 1613 if (params->len != 2) { 1614 put_packet("E22"); 1615 return; 1616 } 1617 1618 if (get_param(params, 1)->thread_id.kind == GDB_READ_THREAD_ERR) { 1619 put_packet("E22"); 1620 return; 1621 } 1622 1623 if (get_param(params, 1)->thread_id.kind != GDB_ONE_THREAD) { 1624 put_packet("OK"); 1625 return; 1626 } 1627 1628 cpu = gdb_get_cpu(get_param(params, 1)->thread_id.pid, 1629 get_param(params, 1)->thread_id.tid); 1630 if (!cpu) { 1631 put_packet("E22"); 1632 return; 1633 } 1634 1635 /* 1636 * Note: This command is deprecated and modern gdb's will be using the 1637 * vCont command instead. 1638 */ 1639 switch (get_param(params, 0)->opcode) { 1640 case 'c': 1641 gdbserver_state.c_cpu = cpu; 1642 put_packet("OK"); 1643 break; 1644 case 'g': 1645 gdbserver_state.g_cpu = cpu; 1646 put_packet("OK"); 1647 break; 1648 default: 1649 put_packet("E22"); 1650 break; 1651 } 1652} 1653 1654static void handle_insert_bp(GArray *params, void *user_ctx) 1655{ 1656 int res; 1657 1658 if (params->len != 3) { 1659 put_packet("E22"); 1660 return; 1661 } 1662 1663 res = gdb_breakpoint_insert(get_param(params, 0)->val_ul, 1664 get_param(params, 1)->val_ull, 1665 get_param(params, 2)->val_ull); 1666 if (res >= 0) { 1667 put_packet("OK"); 1668 return; 1669 } else if (res == -ENOSYS) { 1670 put_packet(""); 1671 return; 1672 } 1673 1674 put_packet("E22"); 1675} 1676 1677static void handle_remove_bp(GArray *params, void *user_ctx) 1678{ 1679 int res; 1680 1681 if (params->len != 3) { 1682 put_packet("E22"); 1683 return; 1684 } 1685 1686 res = gdb_breakpoint_remove(get_param(params, 0)->val_ul, 1687 get_param(params, 1)->val_ull, 1688 get_param(params, 2)->val_ull); 1689 if (res >= 0) { 1690 put_packet("OK"); 1691 return; 1692 } else if (res == -ENOSYS) { 1693 put_packet(""); 1694 return; 1695 } 1696 1697 put_packet("E22"); 1698} 1699 1700/* 1701 * handle_set/get_reg 1702 * 1703 * Older gdb are really dumb, and don't use 'G/g' if 'P/p' is available. 1704 * This works, but can be very slow. Anything new enough to understand 1705 * XML also knows how to use this properly. However to use this we 1706 * need to define a local XML file as well as be talking to a 1707 * reasonably modern gdb. Responding with an empty packet will cause 1708 * the remote gdb to fallback to older methods. 1709 */ 1710 1711static void handle_set_reg(GArray *params, void *user_ctx) 1712{ 1713 int reg_size; 1714 1715 if (!gdb_has_xml) { 1716 put_packet(""); 1717 return; 1718 } 1719 1720 if (params->len != 2) { 1721 put_packet("E22"); 1722 return; 1723 } 1724 1725 reg_size = strlen(get_param(params, 1)->data) / 2; 1726 hextomem(gdbserver_state.mem_buf, get_param(params, 1)->data, reg_size); 1727 gdb_write_register(gdbserver_state.g_cpu, gdbserver_state.mem_buf->data, 1728 get_param(params, 0)->val_ull); 1729 put_packet("OK"); 1730} 1731 1732static void handle_get_reg(GArray *params, void *user_ctx) 1733{ 1734 int reg_size; 1735 1736 if (!gdb_has_xml) { 1737 put_packet(""); 1738 return; 1739 } 1740 1741 if (!params->len) { 1742 put_packet("E14"); 1743 return; 1744 } 1745 1746 reg_size = gdb_read_register(gdbserver_state.g_cpu, 1747 gdbserver_state.mem_buf, 1748 get_param(params, 0)->val_ull); 1749 if (!reg_size) { 1750 put_packet("E14"); 1751 return; 1752 } else { 1753 g_byte_array_set_size(gdbserver_state.mem_buf, reg_size); 1754 } 1755 1756 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, reg_size); 1757 put_strbuf(); 1758} 1759 1760static void handle_write_mem(GArray *params, void *user_ctx) 1761{ 1762 if (params->len != 3) { 1763 put_packet("E22"); 1764 return; 1765 } 1766 1767 /* hextomem() reads 2*len bytes */ 1768 if (get_param(params, 1)->val_ull > 1769 strlen(get_param(params, 2)->data) / 2) { 1770 put_packet("E22"); 1771 return; 1772 } 1773 1774 hextomem(gdbserver_state.mem_buf, get_param(params, 2)->data, 1775 get_param(params, 1)->val_ull); 1776 if (target_memory_rw_debug(gdbserver_state.g_cpu, 1777 get_param(params, 0)->val_ull, 1778 gdbserver_state.mem_buf->data, 1779 gdbserver_state.mem_buf->len, true)) { 1780 put_packet("E14"); 1781 return; 1782 } 1783 1784 put_packet("OK"); 1785} 1786 1787static void handle_read_mem(GArray *params, void *user_ctx) 1788{ 1789 if (params->len != 2) { 1790 put_packet("E22"); 1791 return; 1792 } 1793 1794 /* memtohex() doubles the required space */ 1795 if (get_param(params, 1)->val_ull > MAX_PACKET_LENGTH / 2) { 1796 put_packet("E22"); 1797 return; 1798 } 1799 1800 g_byte_array_set_size(gdbserver_state.mem_buf, 1801 get_param(params, 1)->val_ull); 1802 1803 if (target_memory_rw_debug(gdbserver_state.g_cpu, 1804 get_param(params, 0)->val_ull, 1805 gdbserver_state.mem_buf->data, 1806 gdbserver_state.mem_buf->len, false)) { 1807 put_packet("E14"); 1808 return; 1809 } 1810 1811 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, 1812 gdbserver_state.mem_buf->len); 1813 put_strbuf(); 1814} 1815 1816static void handle_write_all_regs(GArray *params, void *user_ctx) 1817{ 1818 target_ulong addr, len; 1819 uint8_t *registers; 1820 int reg_size; 1821 1822 if (!params->len) { 1823 return; 1824 } 1825 1826 cpu_synchronize_state(gdbserver_state.g_cpu); 1827 len = strlen(get_param(params, 0)->data) / 2; 1828 hextomem(gdbserver_state.mem_buf, get_param(params, 0)->data, len); 1829 registers = gdbserver_state.mem_buf->data; 1830 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs && len > 0; 1831 addr++) { 1832 reg_size = gdb_write_register(gdbserver_state.g_cpu, registers, addr); 1833 len -= reg_size; 1834 registers += reg_size; 1835 } 1836 put_packet("OK"); 1837} 1838 1839static void handle_read_all_regs(GArray *params, void *user_ctx) 1840{ 1841 target_ulong addr, len; 1842 1843 cpu_synchronize_state(gdbserver_state.g_cpu); 1844 g_byte_array_set_size(gdbserver_state.mem_buf, 0); 1845 len = 0; 1846 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs; addr++) { 1847 len += gdb_read_register(gdbserver_state.g_cpu, 1848 gdbserver_state.mem_buf, 1849 addr); 1850 } 1851 g_assert(len == gdbserver_state.mem_buf->len); 1852 1853 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, len); 1854 put_strbuf(); 1855} 1856 1857static void handle_file_io(GArray *params, void *user_ctx) 1858{ 1859 if (params->len >= 1 && gdbserver_state.current_syscall_cb) { 1860 target_ulong ret, err; 1861 1862 ret = (target_ulong)get_param(params, 0)->val_ull; 1863 if (params->len >= 2) { 1864 err = (target_ulong)get_param(params, 1)->val_ull; 1865 } else { 1866 err = 0; 1867 } 1868 gdbserver_state.current_syscall_cb(gdbserver_state.c_cpu, ret, err); 1869 gdbserver_state.current_syscall_cb = NULL; 1870 } 1871 1872 if (params->len >= 3 && get_param(params, 2)->opcode == (uint8_t)'C') { 1873 put_packet("T02"); 1874 return; 1875 } 1876 1877 gdb_continue(); 1878} 1879 1880static void handle_step(GArray *params, void *user_ctx) 1881{ 1882 if (params->len) { 1883 gdb_set_cpu_pc((target_ulong)get_param(params, 0)->val_ull); 1884 } 1885 1886 cpu_single_step(gdbserver_state.c_cpu, get_sstep_flags()); 1887 gdb_continue(); 1888} 1889 1890static void handle_backward(GArray *params, void *user_ctx) 1891{ 1892 if (!stub_can_reverse()) { 1893 put_packet("E22"); 1894 } 1895 if (params->len == 1) { 1896 switch (get_param(params, 0)->opcode) { 1897 case 's': 1898 if (replay_reverse_step()) { 1899 gdb_continue(); 1900 } else { 1901 put_packet("E14"); 1902 } 1903 return; 1904 case 'c': 1905 if (replay_reverse_continue()) { 1906 gdb_continue(); 1907 } else { 1908 put_packet("E14"); 1909 } 1910 return; 1911 } 1912 } 1913 1914 /* Default invalid command */ 1915 put_packet(""); 1916} 1917 1918static void handle_v_cont_query(GArray *params, void *user_ctx) 1919{ 1920 put_packet("vCont;c;C;s;S"); 1921} 1922 1923static void handle_v_cont(GArray *params, void *user_ctx) 1924{ 1925 int res; 1926 1927 if (!params->len) { 1928 return; 1929 } 1930 1931 res = gdb_handle_vcont(get_param(params, 0)->data); 1932 if ((res == -EINVAL) || (res == -ERANGE)) { 1933 put_packet("E22"); 1934 } else if (res) { 1935 put_packet(""); 1936 } 1937} 1938 1939static void handle_v_attach(GArray *params, void *user_ctx) 1940{ 1941 GDBProcess *process; 1942 CPUState *cpu; 1943 1944 g_string_assign(gdbserver_state.str_buf, "E22"); 1945 if (!params->len) { 1946 goto cleanup; 1947 } 1948 1949 process = gdb_get_process(get_param(params, 0)->val_ul); 1950 if (!process) { 1951 goto cleanup; 1952 } 1953 1954 cpu = get_first_cpu_in_process(process); 1955 if (!cpu) { 1956 goto cleanup; 1957 } 1958 1959 process->attached = true; 1960 gdbserver_state.g_cpu = cpu; 1961 gdbserver_state.c_cpu = cpu; 1962 1963 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP); 1964 gdb_append_thread_id(cpu, gdbserver_state.str_buf); 1965 g_string_append_c(gdbserver_state.str_buf, ';'); 1966cleanup: 1967 put_strbuf(); 1968} 1969 1970static void handle_v_kill(GArray *params, void *user_ctx) 1971{ 1972 /* Kill the target */ 1973 put_packet("OK"); 1974 error_report("QEMU: Terminated via GDBstub"); 1975 gdb_exit(0); 1976 exit(0); 1977} 1978 1979static const GdbCmdParseEntry gdb_v_commands_table[] = { 1980 /* Order is important if has same prefix */ 1981 { 1982 .handler = handle_v_cont_query, 1983 .cmd = "Cont?", 1984 .cmd_startswith = 1 1985 }, 1986 { 1987 .handler = handle_v_cont, 1988 .cmd = "Cont", 1989 .cmd_startswith = 1, 1990 .schema = "s0" 1991 }, 1992 { 1993 .handler = handle_v_attach, 1994 .cmd = "Attach;", 1995 .cmd_startswith = 1, 1996 .schema = "l0" 1997 }, 1998 { 1999 .handler = handle_v_kill, 2000 .cmd = "Kill;", 2001 .cmd_startswith = 1 2002 }, 2003}; 2004 2005static void handle_v_commands(GArray *params, void *user_ctx) 2006{ 2007 if (!params->len) { 2008 return; 2009 } 2010 2011 if (process_string_cmd(NULL, get_param(params, 0)->data, 2012 gdb_v_commands_table, 2013 ARRAY_SIZE(gdb_v_commands_table))) { 2014 put_packet(""); 2015 } 2016} 2017 2018static void handle_query_qemu_sstepbits(GArray *params, void *user_ctx) 2019{ 2020 g_string_printf(gdbserver_state.str_buf, "ENABLE=%x,NOIRQ=%x,NOTIMER=%x", 2021 SSTEP_ENABLE, SSTEP_NOIRQ, SSTEP_NOTIMER); 2022 put_strbuf(); 2023} 2024 2025static void handle_set_qemu_sstep(GArray *params, void *user_ctx) 2026{ 2027 if (!params->len) { 2028 return; 2029 } 2030 2031 sstep_flags = get_param(params, 0)->val_ul; 2032 put_packet("OK"); 2033} 2034 2035static void handle_query_qemu_sstep(GArray *params, void *user_ctx) 2036{ 2037 g_string_printf(gdbserver_state.str_buf, "0x%x", sstep_flags); 2038 put_strbuf(); 2039} 2040 2041static void handle_query_curr_tid(GArray *params, void *user_ctx) 2042{ 2043 CPUState *cpu; 2044 GDBProcess *process; 2045 2046 /* 2047 * "Current thread" remains vague in the spec, so always return 2048 * the first thread of the current process (gdb returns the 2049 * first thread). 2050 */ 2051 process = gdb_get_cpu_process(gdbserver_state.g_cpu); 2052 cpu = get_first_cpu_in_process(process); 2053 g_string_assign(gdbserver_state.str_buf, "QC"); 2054 gdb_append_thread_id(cpu, gdbserver_state.str_buf); 2055 put_strbuf(); 2056} 2057 2058static void handle_query_threads(GArray *params, void *user_ctx) 2059{ 2060 if (!gdbserver_state.query_cpu) { 2061 put_packet("l"); 2062 return; 2063 } 2064 2065 g_string_assign(gdbserver_state.str_buf, "m"); 2066 gdb_append_thread_id(gdbserver_state.query_cpu, gdbserver_state.str_buf); 2067 put_strbuf(); 2068 gdbserver_state.query_cpu = gdb_next_attached_cpu(gdbserver_state.query_cpu); 2069} 2070 2071static void handle_query_first_threads(GArray *params, void *user_ctx) 2072{ 2073 gdbserver_state.query_cpu = gdb_first_attached_cpu(); 2074 handle_query_threads(params, user_ctx); 2075} 2076 2077static void handle_query_thread_extra(GArray *params, void *user_ctx) 2078{ 2079 g_autoptr(GString) rs = g_string_new(NULL); 2080 CPUState *cpu; 2081 2082 if (!params->len || 2083 get_param(params, 0)->thread_id.kind == GDB_READ_THREAD_ERR) { 2084 put_packet("E22"); 2085 return; 2086 } 2087 2088 cpu = gdb_get_cpu(get_param(params, 0)->thread_id.pid, 2089 get_param(params, 0)->thread_id.tid); 2090 if (!cpu) { 2091 return; 2092 } 2093 2094 cpu_synchronize_state(cpu); 2095 2096 if (gdbserver_state.multiprocess && (gdbserver_state.process_num > 1)) { 2097 /* Print the CPU model and name in multiprocess mode */ 2098 ObjectClass *oc = object_get_class(OBJECT(cpu)); 2099 const char *cpu_model = object_class_get_name(oc); 2100 const char *cpu_name = 2101 object_get_canonical_path_component(OBJECT(cpu)); 2102 g_string_printf(rs, "%s %s [%s]", cpu_model, cpu_name, 2103 cpu->halted ? "halted " : "running"); 2104 } else { 2105 g_string_printf(rs, "CPU#%d [%s]", cpu->cpu_index, 2106 cpu->halted ? "halted " : "running"); 2107 } 2108 trace_gdbstub_op_extra_info(rs->str); 2109 memtohex(gdbserver_state.str_buf, (uint8_t *)rs->str, rs->len); 2110 put_strbuf(); 2111} 2112 2113#ifdef CONFIG_USER_ONLY 2114static void handle_query_offsets(GArray *params, void *user_ctx) 2115{ 2116 TaskState *ts; 2117 2118 ts = gdbserver_state.c_cpu->opaque; 2119 g_string_printf(gdbserver_state.str_buf, 2120 "Text=" TARGET_ABI_FMT_lx 2121 ";Data=" TARGET_ABI_FMT_lx 2122 ";Bss=" TARGET_ABI_FMT_lx, 2123 ts->info->code_offset, 2124 ts->info->data_offset, 2125 ts->info->data_offset); 2126 put_strbuf(); 2127} 2128#else 2129static void handle_query_rcmd(GArray *params, void *user_ctx) 2130{ 2131 const guint8 zero = 0; 2132 int len; 2133 2134 if (!params->len) { 2135 put_packet("E22"); 2136 return; 2137 } 2138 2139 len = strlen(get_param(params, 0)->data); 2140 if (len % 2) { 2141 put_packet("E01"); 2142 return; 2143 } 2144 2145 g_assert(gdbserver_state.mem_buf->len == 0); 2146 len = len / 2; 2147 hextomem(gdbserver_state.mem_buf, get_param(params, 0)->data, len); 2148 g_byte_array_append(gdbserver_state.mem_buf, &zero, 1); 2149 qemu_chr_be_write(gdbserver_state.mon_chr, gdbserver_state.mem_buf->data, 2150 gdbserver_state.mem_buf->len); 2151 put_packet("OK"); 2152} 2153#endif 2154 2155static void handle_query_supported(GArray *params, void *user_ctx) 2156{ 2157 CPUClass *cc; 2158 2159 g_string_printf(gdbserver_state.str_buf, "PacketSize=%x", MAX_PACKET_LENGTH); 2160 cc = CPU_GET_CLASS(first_cpu); 2161 if (cc->gdb_core_xml_file) { 2162 g_string_append(gdbserver_state.str_buf, ";qXfer:features:read+"); 2163 } 2164 2165 if (stub_can_reverse()) { 2166 g_string_append(gdbserver_state.str_buf, 2167 ";ReverseStep+;ReverseContinue+"); 2168 } 2169 2170#ifdef CONFIG_USER_ONLY 2171 if (gdbserver_state.c_cpu->opaque) { 2172 g_string_append(gdbserver_state.str_buf, ";qXfer:auxv:read+"); 2173 } 2174#endif 2175 2176 if (params->len && 2177 strstr(get_param(params, 0)->data, "multiprocess+")) { 2178 gdbserver_state.multiprocess = true; 2179 } 2180 2181 g_string_append(gdbserver_state.str_buf, ";vContSupported+;multiprocess+"); 2182 put_strbuf(); 2183} 2184 2185static void handle_query_xfer_features(GArray *params, void *user_ctx) 2186{ 2187 GDBProcess *process; 2188 CPUClass *cc; 2189 unsigned long len, total_len, addr; 2190 const char *xml; 2191 const char *p; 2192 2193 if (params->len < 3) { 2194 put_packet("E22"); 2195 return; 2196 } 2197 2198 process = gdb_get_cpu_process(gdbserver_state.g_cpu); 2199 cc = CPU_GET_CLASS(gdbserver_state.g_cpu); 2200 if (!cc->gdb_core_xml_file) { 2201 put_packet(""); 2202 return; 2203 } 2204 2205 gdb_has_xml = true; 2206 p = get_param(params, 0)->data; 2207 xml = get_feature_xml(p, &p, process); 2208 if (!xml) { 2209 put_packet("E00"); 2210 return; 2211 } 2212 2213 addr = get_param(params, 1)->val_ul; 2214 len = get_param(params, 2)->val_ul; 2215 total_len = strlen(xml); 2216 if (addr > total_len) { 2217 put_packet("E00"); 2218 return; 2219 } 2220 2221 if (len > (MAX_PACKET_LENGTH - 5) / 2) { 2222 len = (MAX_PACKET_LENGTH - 5) / 2; 2223 } 2224 2225 if (len < total_len - addr) { 2226 g_string_assign(gdbserver_state.str_buf, "m"); 2227 memtox(gdbserver_state.str_buf, xml + addr, len); 2228 } else { 2229 g_string_assign(gdbserver_state.str_buf, "l"); 2230 memtox(gdbserver_state.str_buf, xml + addr, total_len - addr); 2231 } 2232 2233 put_packet_binary(gdbserver_state.str_buf->str, 2234 gdbserver_state.str_buf->len, true); 2235} 2236 2237#if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER) 2238static void handle_query_xfer_auxv(GArray *params, void *user_ctx) 2239{ 2240 TaskState *ts; 2241 unsigned long offset, len, saved_auxv, auxv_len; 2242 2243 if (params->len < 2) { 2244 put_packet("E22"); 2245 return; 2246 } 2247 2248 offset = get_param(params, 0)->val_ul; 2249 len = get_param(params, 1)->val_ul; 2250 ts = gdbserver_state.c_cpu->opaque; 2251 saved_auxv = ts->info->saved_auxv; 2252 auxv_len = ts->info->auxv_len; 2253 2254 if (offset >= auxv_len) { 2255 put_packet("E00"); 2256 return; 2257 } 2258 2259 if (len > (MAX_PACKET_LENGTH - 5) / 2) { 2260 len = (MAX_PACKET_LENGTH - 5) / 2; 2261 } 2262 2263 if (len < auxv_len - offset) { 2264 g_string_assign(gdbserver_state.str_buf, "m"); 2265 } else { 2266 g_string_assign(gdbserver_state.str_buf, "l"); 2267 len = auxv_len - offset; 2268 } 2269 2270 g_byte_array_set_size(gdbserver_state.mem_buf, len); 2271 if (target_memory_rw_debug(gdbserver_state.g_cpu, saved_auxv + offset, 2272 gdbserver_state.mem_buf->data, len, false)) { 2273 put_packet("E14"); 2274 return; 2275 } 2276 2277 memtox(gdbserver_state.str_buf, 2278 (const char *)gdbserver_state.mem_buf->data, len); 2279 put_packet_binary(gdbserver_state.str_buf->str, 2280 gdbserver_state.str_buf->len, true); 2281} 2282#endif 2283 2284static void handle_query_attached(GArray *params, void *user_ctx) 2285{ 2286 put_packet(GDB_ATTACHED); 2287} 2288 2289static void handle_query_qemu_supported(GArray *params, void *user_ctx) 2290{ 2291 g_string_printf(gdbserver_state.str_buf, "sstepbits;sstep"); 2292#ifndef CONFIG_USER_ONLY 2293 g_string_append(gdbserver_state.str_buf, ";PhyMemMode"); 2294#endif 2295 put_strbuf(); 2296} 2297 2298#ifndef CONFIG_USER_ONLY 2299static void handle_query_qemu_phy_mem_mode(GArray *params, 2300 void *user_ctx) 2301{ 2302 g_string_printf(gdbserver_state.str_buf, "%d", phy_memory_mode); 2303 put_strbuf(); 2304} 2305 2306static void handle_set_qemu_phy_mem_mode(GArray *params, void *user_ctx) 2307{ 2308 if (!params->len) { 2309 put_packet("E22"); 2310 return; 2311 } 2312 2313 if (!get_param(params, 0)->val_ul) { 2314 phy_memory_mode = 0; 2315 } else { 2316 phy_memory_mode = 1; 2317 } 2318 put_packet("OK"); 2319} 2320#endif 2321 2322static const GdbCmdParseEntry gdb_gen_query_set_common_table[] = { 2323 /* Order is important if has same prefix */ 2324 { 2325 .handler = handle_query_qemu_sstepbits, 2326 .cmd = "qemu.sstepbits", 2327 }, 2328 { 2329 .handler = handle_query_qemu_sstep, 2330 .cmd = "qemu.sstep", 2331 }, 2332 { 2333 .handler = handle_set_qemu_sstep, 2334 .cmd = "qemu.sstep=", 2335 .cmd_startswith = 1, 2336 .schema = "l0" 2337 }, 2338}; 2339 2340static const GdbCmdParseEntry gdb_gen_query_table[] = { 2341 { 2342 .handler = handle_query_curr_tid, 2343 .cmd = "C", 2344 }, 2345 { 2346 .handler = handle_query_threads, 2347 .cmd = "sThreadInfo", 2348 }, 2349 { 2350 .handler = handle_query_first_threads, 2351 .cmd = "fThreadInfo", 2352 }, 2353 { 2354 .handler = handle_query_thread_extra, 2355 .cmd = "ThreadExtraInfo,", 2356 .cmd_startswith = 1, 2357 .schema = "t0" 2358 }, 2359#ifdef CONFIG_USER_ONLY 2360 { 2361 .handler = handle_query_offsets, 2362 .cmd = "Offsets", 2363 }, 2364#else 2365 { 2366 .handler = handle_query_rcmd, 2367 .cmd = "Rcmd,", 2368 .cmd_startswith = 1, 2369 .schema = "s0" 2370 }, 2371#endif 2372 { 2373 .handler = handle_query_supported, 2374 .cmd = "Supported:", 2375 .cmd_startswith = 1, 2376 .schema = "s0" 2377 }, 2378 { 2379 .handler = handle_query_supported, 2380 .cmd = "Supported", 2381 .schema = "s0" 2382 }, 2383 { 2384 .handler = handle_query_xfer_features, 2385 .cmd = "Xfer:features:read:", 2386 .cmd_startswith = 1, 2387 .schema = "s:l,l0" 2388 }, 2389#if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER) 2390 { 2391 .handler = handle_query_xfer_auxv, 2392 .cmd = "Xfer:auxv:read::", 2393 .cmd_startswith = 1, 2394 .schema = "l,l0" 2395 }, 2396#endif 2397 { 2398 .handler = handle_query_attached, 2399 .cmd = "Attached:", 2400 .cmd_startswith = 1 2401 }, 2402 { 2403 .handler = handle_query_attached, 2404 .cmd = "Attached", 2405 }, 2406 { 2407 .handler = handle_query_qemu_supported, 2408 .cmd = "qemu.Supported", 2409 }, 2410#ifndef CONFIG_USER_ONLY 2411 { 2412 .handler = handle_query_qemu_phy_mem_mode, 2413 .cmd = "qemu.PhyMemMode", 2414 }, 2415#endif 2416}; 2417 2418static const GdbCmdParseEntry gdb_gen_set_table[] = { 2419 /* Order is important if has same prefix */ 2420 { 2421 .handler = handle_set_qemu_sstep, 2422 .cmd = "qemu.sstep:", 2423 .cmd_startswith = 1, 2424 .schema = "l0" 2425 }, 2426#ifndef CONFIG_USER_ONLY 2427 { 2428 .handler = handle_set_qemu_phy_mem_mode, 2429 .cmd = "qemu.PhyMemMode:", 2430 .cmd_startswith = 1, 2431 .schema = "l0" 2432 }, 2433#endif 2434}; 2435 2436static void handle_gen_query(GArray *params, void *user_ctx) 2437{ 2438 if (!params->len) { 2439 return; 2440 } 2441 2442 if (!process_string_cmd(NULL, get_param(params, 0)->data, 2443 gdb_gen_query_set_common_table, 2444 ARRAY_SIZE(gdb_gen_query_set_common_table))) { 2445 return; 2446 } 2447 2448 if (process_string_cmd(NULL, get_param(params, 0)->data, 2449 gdb_gen_query_table, 2450 ARRAY_SIZE(gdb_gen_query_table))) { 2451 put_packet(""); 2452 } 2453} 2454 2455static void handle_gen_set(GArray *params, void *user_ctx) 2456{ 2457 if (!params->len) { 2458 return; 2459 } 2460 2461 if (!process_string_cmd(NULL, get_param(params, 0)->data, 2462 gdb_gen_query_set_common_table, 2463 ARRAY_SIZE(gdb_gen_query_set_common_table))) { 2464 return; 2465 } 2466 2467 if (process_string_cmd(NULL, get_param(params, 0)->data, 2468 gdb_gen_set_table, 2469 ARRAY_SIZE(gdb_gen_set_table))) { 2470 put_packet(""); 2471 } 2472} 2473 2474static void handle_target_halt(GArray *params, void *user_ctx) 2475{ 2476 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP); 2477 gdb_append_thread_id(gdbserver_state.c_cpu, gdbserver_state.str_buf); 2478 g_string_append_c(gdbserver_state.str_buf, ';'); 2479 put_strbuf(); 2480 /* 2481 * Remove all the breakpoints when this query is issued, 2482 * because gdb is doing an initial connect and the state 2483 * should be cleaned up. 2484 */ 2485 gdb_breakpoint_remove_all(); 2486} 2487 2488static int gdb_handle_packet(const char *line_buf) 2489{ 2490 const GdbCmdParseEntry *cmd_parser = NULL; 2491 2492 trace_gdbstub_io_command(line_buf); 2493 2494 switch (line_buf[0]) { 2495 case '!': 2496 put_packet("OK"); 2497 break; 2498 case '?': 2499 { 2500 static const GdbCmdParseEntry target_halted_cmd_desc = { 2501 .handler = handle_target_halt, 2502 .cmd = "?", 2503 .cmd_startswith = 1 2504 }; 2505 cmd_parser = &target_halted_cmd_desc; 2506 } 2507 break; 2508 case 'c': 2509 { 2510 static const GdbCmdParseEntry continue_cmd_desc = { 2511 .handler = handle_continue, 2512 .cmd = "c", 2513 .cmd_startswith = 1, 2514 .schema = "L0" 2515 }; 2516 cmd_parser = &continue_cmd_desc; 2517 } 2518 break; 2519 case 'C': 2520 { 2521 static const GdbCmdParseEntry cont_with_sig_cmd_desc = { 2522 .handler = handle_cont_with_sig, 2523 .cmd = "C", 2524 .cmd_startswith = 1, 2525 .schema = "l0" 2526 }; 2527 cmd_parser = &cont_with_sig_cmd_desc; 2528 } 2529 break; 2530 case 'v': 2531 { 2532 static const GdbCmdParseEntry v_cmd_desc = { 2533 .handler = handle_v_commands, 2534 .cmd = "v", 2535 .cmd_startswith = 1, 2536 .schema = "s0" 2537 }; 2538 cmd_parser = &v_cmd_desc; 2539 } 2540 break; 2541 case 'k': 2542 /* Kill the target */ 2543 error_report("QEMU: Terminated via GDBstub"); 2544 gdb_exit(0); 2545 exit(0); 2546 case 'D': 2547 { 2548 static const GdbCmdParseEntry detach_cmd_desc = { 2549 .handler = handle_detach, 2550 .cmd = "D", 2551 .cmd_startswith = 1, 2552 .schema = "?.l0" 2553 }; 2554 cmd_parser = &detach_cmd_desc; 2555 } 2556 break; 2557 case 's': 2558 { 2559 static const GdbCmdParseEntry step_cmd_desc = { 2560 .handler = handle_step, 2561 .cmd = "s", 2562 .cmd_startswith = 1, 2563 .schema = "L0" 2564 }; 2565 cmd_parser = &step_cmd_desc; 2566 } 2567 break; 2568 case 'b': 2569 { 2570 static const GdbCmdParseEntry backward_cmd_desc = { 2571 .handler = handle_backward, 2572 .cmd = "b", 2573 .cmd_startswith = 1, 2574 .schema = "o0" 2575 }; 2576 cmd_parser = &backward_cmd_desc; 2577 } 2578 break; 2579 case 'F': 2580 { 2581 static const GdbCmdParseEntry file_io_cmd_desc = { 2582 .handler = handle_file_io, 2583 .cmd = "F", 2584 .cmd_startswith = 1, 2585 .schema = "L,L,o0" 2586 }; 2587 cmd_parser = &file_io_cmd_desc; 2588 } 2589 break; 2590 case 'g': 2591 { 2592 static const GdbCmdParseEntry read_all_regs_cmd_desc = { 2593 .handler = handle_read_all_regs, 2594 .cmd = "g", 2595 .cmd_startswith = 1 2596 }; 2597 cmd_parser = &read_all_regs_cmd_desc; 2598 } 2599 break; 2600 case 'G': 2601 { 2602 static const GdbCmdParseEntry write_all_regs_cmd_desc = { 2603 .handler = handle_write_all_regs, 2604 .cmd = "G", 2605 .cmd_startswith = 1, 2606 .schema = "s0" 2607 }; 2608 cmd_parser = &write_all_regs_cmd_desc; 2609 } 2610 break; 2611 case 'm': 2612 { 2613 static const GdbCmdParseEntry read_mem_cmd_desc = { 2614 .handler = handle_read_mem, 2615 .cmd = "m", 2616 .cmd_startswith = 1, 2617 .schema = "L,L0" 2618 }; 2619 cmd_parser = &read_mem_cmd_desc; 2620 } 2621 break; 2622 case 'M': 2623 { 2624 static const GdbCmdParseEntry write_mem_cmd_desc = { 2625 .handler = handle_write_mem, 2626 .cmd = "M", 2627 .cmd_startswith = 1, 2628 .schema = "L,L:s0" 2629 }; 2630 cmd_parser = &write_mem_cmd_desc; 2631 } 2632 break; 2633 case 'p': 2634 { 2635 static const GdbCmdParseEntry get_reg_cmd_desc = { 2636 .handler = handle_get_reg, 2637 .cmd = "p", 2638 .cmd_startswith = 1, 2639 .schema = "L0" 2640 }; 2641 cmd_parser = &get_reg_cmd_desc; 2642 } 2643 break; 2644 case 'P': 2645 { 2646 static const GdbCmdParseEntry set_reg_cmd_desc = { 2647 .handler = handle_set_reg, 2648 .cmd = "P", 2649 .cmd_startswith = 1, 2650 .schema = "L?s0" 2651 }; 2652 cmd_parser = &set_reg_cmd_desc; 2653 } 2654 break; 2655 case 'Z': 2656 { 2657 static const GdbCmdParseEntry insert_bp_cmd_desc = { 2658 .handler = handle_insert_bp, 2659 .cmd = "Z", 2660 .cmd_startswith = 1, 2661 .schema = "l?L?L0" 2662 }; 2663 cmd_parser = &insert_bp_cmd_desc; 2664 } 2665 break; 2666 case 'z': 2667 { 2668 static const GdbCmdParseEntry remove_bp_cmd_desc = { 2669 .handler = handle_remove_bp, 2670 .cmd = "z", 2671 .cmd_startswith = 1, 2672 .schema = "l?L?L0" 2673 }; 2674 cmd_parser = &remove_bp_cmd_desc; 2675 } 2676 break; 2677 case 'H': 2678 { 2679 static const GdbCmdParseEntry set_thread_cmd_desc = { 2680 .handler = handle_set_thread, 2681 .cmd = "H", 2682 .cmd_startswith = 1, 2683 .schema = "o.t0" 2684 }; 2685 cmd_parser = &set_thread_cmd_desc; 2686 } 2687 break; 2688 case 'T': 2689 { 2690 static const GdbCmdParseEntry thread_alive_cmd_desc = { 2691 .handler = handle_thread_alive, 2692 .cmd = "T", 2693 .cmd_startswith = 1, 2694 .schema = "t0" 2695 }; 2696 cmd_parser = &thread_alive_cmd_desc; 2697 } 2698 break; 2699 case 'q': 2700 { 2701 static const GdbCmdParseEntry gen_query_cmd_desc = { 2702 .handler = handle_gen_query, 2703 .cmd = "q", 2704 .cmd_startswith = 1, 2705 .schema = "s0" 2706 }; 2707 cmd_parser = &gen_query_cmd_desc; 2708 } 2709 break; 2710 case 'Q': 2711 { 2712 static const GdbCmdParseEntry gen_set_cmd_desc = { 2713 .handler = handle_gen_set, 2714 .cmd = "Q", 2715 .cmd_startswith = 1, 2716 .schema = "s0" 2717 }; 2718 cmd_parser = &gen_set_cmd_desc; 2719 } 2720 break; 2721 default: 2722 /* put empty packet */ 2723 put_packet(""); 2724 break; 2725 } 2726 2727 if (cmd_parser) { 2728 run_cmd_parser(line_buf, cmd_parser); 2729 } 2730 2731 return RS_IDLE; 2732} 2733 2734void gdb_set_stop_cpu(CPUState *cpu) 2735{ 2736 GDBProcess *p = gdb_get_cpu_process(cpu); 2737 2738 if (!p->attached) { 2739 /* 2740 * Having a stop CPU corresponding to a process that is not attached 2741 * confuses GDB. So we ignore the request. 2742 */ 2743 return; 2744 } 2745 2746 gdbserver_state.c_cpu = cpu; 2747 gdbserver_state.g_cpu = cpu; 2748} 2749 2750#ifndef CONFIG_USER_ONLY 2751static void gdb_vm_state_change(void *opaque, bool running, RunState state) 2752{ 2753 CPUState *cpu = gdbserver_state.c_cpu; 2754 g_autoptr(GString) buf = g_string_new(NULL); 2755 g_autoptr(GString) tid = g_string_new(NULL); 2756 const char *type; 2757 int ret; 2758 2759 if (running || gdbserver_state.state == RS_INACTIVE) { 2760 return; 2761 } 2762 /* Is there a GDB syscall waiting to be sent? */ 2763 if (gdbserver_state.current_syscall_cb) { 2764 put_packet(gdbserver_state.syscall_buf); 2765 return; 2766 } 2767 2768 if (cpu == NULL) { 2769 /* No process attached */ 2770 return; 2771 } 2772 2773 gdb_append_thread_id(cpu, tid); 2774 2775 switch (state) { 2776 case RUN_STATE_DEBUG: 2777 if (cpu->watchpoint_hit) { 2778 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) { 2779 case BP_MEM_READ: 2780 type = "r"; 2781 break; 2782 case BP_MEM_ACCESS: 2783 type = "a"; 2784 break; 2785 default: 2786 type = ""; 2787 break; 2788 } 2789 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu), 2790 (target_ulong)cpu->watchpoint_hit->vaddr); 2791 g_string_printf(buf, "T%02xthread:%s;%swatch:" TARGET_FMT_lx ";", 2792 GDB_SIGNAL_TRAP, tid->str, type, 2793 (target_ulong)cpu->watchpoint_hit->vaddr); 2794 cpu->watchpoint_hit = NULL; 2795 goto send_packet; 2796 } else { 2797 trace_gdbstub_hit_break(); 2798 } 2799 tb_flush(cpu); 2800 ret = GDB_SIGNAL_TRAP; 2801 break; 2802 case RUN_STATE_PAUSED: 2803 trace_gdbstub_hit_paused(); 2804 ret = GDB_SIGNAL_INT; 2805 break; 2806 case RUN_STATE_SHUTDOWN: 2807 trace_gdbstub_hit_shutdown(); 2808 ret = GDB_SIGNAL_QUIT; 2809 break; 2810 case RUN_STATE_IO_ERROR: 2811 trace_gdbstub_hit_io_error(); 2812 ret = GDB_SIGNAL_IO; 2813 break; 2814 case RUN_STATE_WATCHDOG: 2815 trace_gdbstub_hit_watchdog(); 2816 ret = GDB_SIGNAL_ALRM; 2817 break; 2818 case RUN_STATE_INTERNAL_ERROR: 2819 trace_gdbstub_hit_internal_error(); 2820 ret = GDB_SIGNAL_ABRT; 2821 break; 2822 case RUN_STATE_SAVE_VM: 2823 case RUN_STATE_RESTORE_VM: 2824 return; 2825 case RUN_STATE_FINISH_MIGRATE: 2826 ret = GDB_SIGNAL_XCPU; 2827 break; 2828 default: 2829 trace_gdbstub_hit_unknown(state); 2830 ret = GDB_SIGNAL_UNKNOWN; 2831 break; 2832 } 2833 gdb_set_stop_cpu(cpu); 2834 g_string_printf(buf, "T%02xthread:%s;", ret, tid->str); 2835 2836send_packet: 2837 put_packet(buf->str); 2838 2839 /* disable single step if it was enabled */ 2840 cpu_single_step(cpu, 0); 2841} 2842#endif 2843 2844/* Send a gdb syscall request. 2845 This accepts limited printf-style format specifiers, specifically: 2846 %x - target_ulong argument printed in hex. 2847 %lx - 64-bit argument printed in hex. 2848 %s - string pointer (target_ulong) and length (int) pair. */ 2849void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va) 2850{ 2851 char *p; 2852 char *p_end; 2853 target_ulong addr; 2854 uint64_t i64; 2855 2856 if (!gdbserver_state.init) { 2857 return; 2858 } 2859 2860 gdbserver_state.current_syscall_cb = cb; 2861#ifndef CONFIG_USER_ONLY 2862 vm_stop(RUN_STATE_DEBUG); 2863#endif 2864 p = &gdbserver_state.syscall_buf[0]; 2865 p_end = &gdbserver_state.syscall_buf[sizeof(gdbserver_state.syscall_buf)]; 2866 *(p++) = 'F'; 2867 while (*fmt) { 2868 if (*fmt == '%') { 2869 fmt++; 2870 switch (*fmt++) { 2871 case 'x': 2872 addr = va_arg(va, target_ulong); 2873 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr); 2874 break; 2875 case 'l': 2876 if (*(fmt++) != 'x') 2877 goto bad_format; 2878 i64 = va_arg(va, uint64_t); 2879 p += snprintf(p, p_end - p, "%" PRIx64, i64); 2880 break; 2881 case 's': 2882 addr = va_arg(va, target_ulong); 2883 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x", 2884 addr, va_arg(va, int)); 2885 break; 2886 default: 2887 bad_format: 2888 error_report("gdbstub: Bad syscall format string '%s'", 2889 fmt - 1); 2890 break; 2891 } 2892 } else { 2893 *(p++) = *(fmt++); 2894 } 2895 } 2896 *p = 0; 2897#ifdef CONFIG_USER_ONLY 2898 put_packet(gdbserver_state.syscall_buf); 2899 /* Return control to gdb for it to process the syscall request. 2900 * Since the protocol requires that gdb hands control back to us 2901 * using a "here are the results" F packet, we don't need to check 2902 * gdb_handlesig's return value (which is the signal to deliver if 2903 * execution was resumed via a continue packet). 2904 */ 2905 gdb_handlesig(gdbserver_state.c_cpu, 0); 2906#else 2907 /* In this case wait to send the syscall packet until notification that 2908 the CPU has stopped. This must be done because if the packet is sent 2909 now the reply from the syscall request could be received while the CPU 2910 is still in the running state, which can cause packets to be dropped 2911 and state transition 'T' packets to be sent while the syscall is still 2912 being processed. */ 2913 qemu_cpu_kick(gdbserver_state.c_cpu); 2914#endif 2915} 2916 2917void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...) 2918{ 2919 va_list va; 2920 2921 va_start(va, fmt); 2922 gdb_do_syscallv(cb, fmt, va); 2923 va_end(va); 2924} 2925 2926static void gdb_read_byte(uint8_t ch) 2927{ 2928 uint8_t reply; 2929 2930#ifndef CONFIG_USER_ONLY 2931 if (gdbserver_state.last_packet->len) { 2932 /* Waiting for a response to the last packet. If we see the start 2933 of a new command then abandon the previous response. */ 2934 if (ch == '-') { 2935 trace_gdbstub_err_got_nack(); 2936 put_buffer(gdbserver_state.last_packet->data, 2937 gdbserver_state.last_packet->len); 2938 } else if (ch == '+') { 2939 trace_gdbstub_io_got_ack(); 2940 } else { 2941 trace_gdbstub_io_got_unexpected(ch); 2942 } 2943 2944 if (ch == '+' || ch == '$') { 2945 g_byte_array_set_size(gdbserver_state.last_packet, 0); 2946 } 2947 if (ch != '$') 2948 return; 2949 } 2950 if (runstate_is_running()) { 2951 /* when the CPU is running, we cannot do anything except stop 2952 it when receiving a char */ 2953 vm_stop(RUN_STATE_PAUSED); 2954 } else 2955#endif 2956 { 2957 switch(gdbserver_state.state) { 2958 case RS_IDLE: 2959 if (ch == '$') { 2960 /* start of command packet */ 2961 gdbserver_state.line_buf_index = 0; 2962 gdbserver_state.line_sum = 0; 2963 gdbserver_state.state = RS_GETLINE; 2964 } else { 2965 trace_gdbstub_err_garbage(ch); 2966 } 2967 break; 2968 case RS_GETLINE: 2969 if (ch == '}') { 2970 /* start escape sequence */ 2971 gdbserver_state.state = RS_GETLINE_ESC; 2972 gdbserver_state.line_sum += ch; 2973 } else if (ch == '*') { 2974 /* start run length encoding sequence */ 2975 gdbserver_state.state = RS_GETLINE_RLE; 2976 gdbserver_state.line_sum += ch; 2977 } else if (ch == '#') { 2978 /* end of command, start of checksum*/ 2979 gdbserver_state.state = RS_CHKSUM1; 2980 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) { 2981 trace_gdbstub_err_overrun(); 2982 gdbserver_state.state = RS_IDLE; 2983 } else { 2984 /* unescaped command character */ 2985 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch; 2986 gdbserver_state.line_sum += ch; 2987 } 2988 break; 2989 case RS_GETLINE_ESC: 2990 if (ch == '#') { 2991 /* unexpected end of command in escape sequence */ 2992 gdbserver_state.state = RS_CHKSUM1; 2993 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) { 2994 /* command buffer overrun */ 2995 trace_gdbstub_err_overrun(); 2996 gdbserver_state.state = RS_IDLE; 2997 } else { 2998 /* parse escaped character and leave escape state */ 2999 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch ^ 0x20; 3000 gdbserver_state.line_sum += ch; 3001 gdbserver_state.state = RS_GETLINE; 3002 } 3003 break; 3004 case RS_GETLINE_RLE: 3005 /* 3006 * Run-length encoding is explained in "Debugging with GDB / 3007 * Appendix E GDB Remote Serial Protocol / Overview". 3008 */ 3009 if (ch < ' ' || ch == '#' || ch == '$' || ch > 126) { 3010 /* invalid RLE count encoding */ 3011 trace_gdbstub_err_invalid_repeat(ch); 3012 gdbserver_state.state = RS_GETLINE; 3013 } else { 3014 /* decode repeat length */ 3015 int repeat = ch - ' ' + 3; 3016 if (gdbserver_state.line_buf_index + repeat >= sizeof(gdbserver_state.line_buf) - 1) { 3017 /* that many repeats would overrun the command buffer */ 3018 trace_gdbstub_err_overrun(); 3019 gdbserver_state.state = RS_IDLE; 3020 } else if (gdbserver_state.line_buf_index < 1) { 3021 /* got a repeat but we have nothing to repeat */ 3022 trace_gdbstub_err_invalid_rle(); 3023 gdbserver_state.state = RS_GETLINE; 3024 } else { 3025 /* repeat the last character */ 3026 memset(gdbserver_state.line_buf + gdbserver_state.line_buf_index, 3027 gdbserver_state.line_buf[gdbserver_state.line_buf_index - 1], repeat); 3028 gdbserver_state.line_buf_index += repeat; 3029 gdbserver_state.line_sum += ch; 3030 gdbserver_state.state = RS_GETLINE; 3031 } 3032 } 3033 break; 3034 case RS_CHKSUM1: 3035 /* get high hex digit of checksum */ 3036 if (!isxdigit(ch)) { 3037 trace_gdbstub_err_checksum_invalid(ch); 3038 gdbserver_state.state = RS_GETLINE; 3039 break; 3040 } 3041 gdbserver_state.line_buf[gdbserver_state.line_buf_index] = '\0'; 3042 gdbserver_state.line_csum = fromhex(ch) << 4; 3043 gdbserver_state.state = RS_CHKSUM2; 3044 break; 3045 case RS_CHKSUM2: 3046 /* get low hex digit of checksum */ 3047 if (!isxdigit(ch)) { 3048 trace_gdbstub_err_checksum_invalid(ch); 3049 gdbserver_state.state = RS_GETLINE; 3050 break; 3051 } 3052 gdbserver_state.line_csum |= fromhex(ch); 3053 3054 if (gdbserver_state.line_csum != (gdbserver_state.line_sum & 0xff)) { 3055 trace_gdbstub_err_checksum_incorrect(gdbserver_state.line_sum, gdbserver_state.line_csum); 3056 /* send NAK reply */ 3057 reply = '-'; 3058 put_buffer(&reply, 1); 3059 gdbserver_state.state = RS_IDLE; 3060 } else { 3061 /* send ACK reply */ 3062 reply = '+'; 3063 put_buffer(&reply, 1); 3064 gdbserver_state.state = gdb_handle_packet(gdbserver_state.line_buf); 3065 } 3066 break; 3067 default: 3068 abort(); 3069 } 3070 } 3071} 3072 3073/* Tell the remote gdb that the process has exited. */ 3074void gdb_exit(int code) 3075{ 3076 char buf[4]; 3077 3078 if (!gdbserver_state.init) { 3079 return; 3080 } 3081#ifdef CONFIG_USER_ONLY 3082 if (gdbserver_state.socket_path) { 3083 unlink(gdbserver_state.socket_path); 3084 } 3085 if (gdbserver_state.fd < 0) { 3086 return; 3087 } 3088#endif 3089 3090 trace_gdbstub_op_exiting((uint8_t)code); 3091 3092 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code); 3093 put_packet(buf); 3094 3095#ifndef CONFIG_USER_ONLY 3096 qemu_chr_fe_deinit(&gdbserver_state.chr, true); 3097#endif 3098} 3099 3100/* 3101 * Create the process that will contain all the "orphan" CPUs (that are not 3102 * part of a CPU cluster). Note that if this process contains no CPUs, it won't 3103 * be attachable and thus will be invisible to the user. 3104 */ 3105static void create_default_process(GDBState *s) 3106{ 3107 GDBProcess *process; 3108 int max_pid = 0; 3109 3110 if (gdbserver_state.process_num) { 3111 max_pid = s->processes[s->process_num - 1].pid; 3112 } 3113 3114 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num); 3115 process = &s->processes[s->process_num - 1]; 3116 3117 /* We need an available PID slot for this process */ 3118 assert(max_pid < UINT32_MAX); 3119 3120 process->pid = max_pid + 1; 3121 process->attached = false; 3122 process->target_xml[0] = '\0'; 3123} 3124 3125#ifdef CONFIG_USER_ONLY 3126int 3127gdb_handlesig(CPUState *cpu, int sig) 3128{ 3129 char buf[256]; 3130 int n; 3131 3132 if (!gdbserver_state.init || gdbserver_state.fd < 0) { 3133 return sig; 3134 } 3135 3136 /* disable single step if it was enabled */ 3137 cpu_single_step(cpu, 0); 3138 tb_flush(cpu); 3139 3140 if (sig != 0) { 3141 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig)); 3142 put_packet(buf); 3143 } 3144 /* put_packet() might have detected that the peer terminated the 3145 connection. */ 3146 if (gdbserver_state.fd < 0) { 3147 return sig; 3148 } 3149 3150 sig = 0; 3151 gdbserver_state.state = RS_IDLE; 3152 gdbserver_state.running_state = 0; 3153 while (gdbserver_state.running_state == 0) { 3154 n = read(gdbserver_state.fd, buf, 256); 3155 if (n > 0) { 3156 int i; 3157 3158 for (i = 0; i < n; i++) { 3159 gdb_read_byte(buf[i]); 3160 } 3161 } else { 3162 /* XXX: Connection closed. Should probably wait for another 3163 connection before continuing. */ 3164 if (n == 0) { 3165 close(gdbserver_state.fd); 3166 } 3167 gdbserver_state.fd = -1; 3168 return sig; 3169 } 3170 } 3171 sig = gdbserver_state.signal; 3172 gdbserver_state.signal = 0; 3173 return sig; 3174} 3175 3176/* Tell the remote gdb that the process has exited due to SIG. */ 3177void gdb_signalled(CPUArchState *env, int sig) 3178{ 3179 char buf[4]; 3180 3181 if (!gdbserver_state.init || gdbserver_state.fd < 0) { 3182 return; 3183 } 3184 3185 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig)); 3186 put_packet(buf); 3187} 3188 3189static void gdb_accept_init(int fd) 3190{ 3191 init_gdbserver_state(); 3192 create_default_process(&gdbserver_state); 3193 gdbserver_state.processes[0].attached = true; 3194 gdbserver_state.c_cpu = gdb_first_attached_cpu(); 3195 gdbserver_state.g_cpu = gdbserver_state.c_cpu; 3196 gdbserver_state.fd = fd; 3197 gdb_has_xml = false; 3198} 3199 3200static bool gdb_accept_socket(int gdb_fd) 3201{ 3202 int fd; 3203 3204 for(;;) { 3205 fd = accept(gdb_fd, NULL, NULL); 3206 if (fd < 0 && errno != EINTR) { 3207 perror("accept socket"); 3208 return false; 3209 } else if (fd >= 0) { 3210 qemu_set_cloexec(fd); 3211 break; 3212 } 3213 } 3214 3215 gdb_accept_init(fd); 3216 return true; 3217} 3218 3219static int gdbserver_open_socket(const char *path) 3220{ 3221 struct sockaddr_un sockaddr = {}; 3222 int fd, ret; 3223 3224 fd = socket(AF_UNIX, SOCK_STREAM, 0); 3225 if (fd < 0) { 3226 perror("create socket"); 3227 return -1; 3228 } 3229 3230 sockaddr.sun_family = AF_UNIX; 3231 pstrcpy(sockaddr.sun_path, sizeof(sockaddr.sun_path) - 1, path); 3232 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr)); 3233 if (ret < 0) { 3234 perror("bind socket"); 3235 close(fd); 3236 return -1; 3237 } 3238 ret = listen(fd, 1); 3239 if (ret < 0) { 3240 perror("listen socket"); 3241 close(fd); 3242 return -1; 3243 } 3244 3245 return fd; 3246} 3247 3248static bool gdb_accept_tcp(int gdb_fd) 3249{ 3250 struct sockaddr_in sockaddr = {}; 3251 socklen_t len; 3252 int fd; 3253 3254 for(;;) { 3255 len = sizeof(sockaddr); 3256 fd = accept(gdb_fd, (struct sockaddr *)&sockaddr, &len); 3257 if (fd < 0 && errno != EINTR) { 3258 perror("accept"); 3259 return false; 3260 } else if (fd >= 0) { 3261 qemu_set_cloexec(fd); 3262 break; 3263 } 3264 } 3265 3266 /* set short latency */ 3267 if (socket_set_nodelay(fd)) { 3268 perror("setsockopt"); 3269 close(fd); 3270 return false; 3271 } 3272 3273 gdb_accept_init(fd); 3274 return true; 3275} 3276 3277static int gdbserver_open_port(int port) 3278{ 3279 struct sockaddr_in sockaddr; 3280 int fd, ret; 3281 3282 fd = socket(PF_INET, SOCK_STREAM, 0); 3283 if (fd < 0) { 3284 perror("socket"); 3285 return -1; 3286 } 3287 qemu_set_cloexec(fd); 3288 3289 socket_set_fast_reuse(fd); 3290 3291 sockaddr.sin_family = AF_INET; 3292 sockaddr.sin_port = htons(port); 3293 sockaddr.sin_addr.s_addr = 0; 3294 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr)); 3295 if (ret < 0) { 3296 perror("bind"); 3297 close(fd); 3298 return -1; 3299 } 3300 ret = listen(fd, 1); 3301 if (ret < 0) { 3302 perror("listen"); 3303 close(fd); 3304 return -1; 3305 } 3306 3307 return fd; 3308} 3309 3310int gdbserver_start(const char *port_or_path) 3311{ 3312 int port = g_ascii_strtoull(port_or_path, NULL, 10); 3313 int gdb_fd; 3314 3315 if (port > 0) { 3316 gdb_fd = gdbserver_open_port(port); 3317 } else { 3318 gdb_fd = gdbserver_open_socket(port_or_path); 3319 } 3320 3321 if (gdb_fd < 0) { 3322 return -1; 3323 } 3324 3325 if (port > 0 && gdb_accept_tcp(gdb_fd)) { 3326 return 0; 3327 } else if (gdb_accept_socket(gdb_fd)) { 3328 gdbserver_state.socket_path = g_strdup(port_or_path); 3329 return 0; 3330 } 3331 3332 /* gone wrong */ 3333 close(gdb_fd); 3334 return -1; 3335} 3336 3337/* Disable gdb stub for child processes. */ 3338void gdbserver_fork(CPUState *cpu) 3339{ 3340 if (!gdbserver_state.init || gdbserver_state.fd < 0) { 3341 return; 3342 } 3343 close(gdbserver_state.fd); 3344 gdbserver_state.fd = -1; 3345 cpu_breakpoint_remove_all(cpu, BP_GDB); 3346 cpu_watchpoint_remove_all(cpu, BP_GDB); 3347} 3348#else 3349static int gdb_chr_can_receive(void *opaque) 3350{ 3351 /* We can handle an arbitrarily large amount of data. 3352 Pick the maximum packet size, which is as good as anything. */ 3353 return MAX_PACKET_LENGTH; 3354} 3355 3356static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size) 3357{ 3358 int i; 3359 3360 for (i = 0; i < size; i++) { 3361 gdb_read_byte(buf[i]); 3362 } 3363} 3364 3365static void gdb_chr_event(void *opaque, QEMUChrEvent event) 3366{ 3367 int i; 3368 GDBState *s = (GDBState *) opaque; 3369 3370 switch (event) { 3371 case CHR_EVENT_OPENED: 3372 /* Start with first process attached, others detached */ 3373 for (i = 0; i < s->process_num; i++) { 3374 s->processes[i].attached = !i; 3375 } 3376 3377 s->c_cpu = gdb_first_attached_cpu(); 3378 s->g_cpu = s->c_cpu; 3379 3380 vm_stop(RUN_STATE_PAUSED); 3381 replay_gdb_attached(); 3382 gdb_has_xml = false; 3383 break; 3384 default: 3385 break; 3386 } 3387} 3388 3389static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len) 3390{ 3391 g_autoptr(GString) hex_buf = g_string_new("O"); 3392 memtohex(hex_buf, buf, len); 3393 put_packet(hex_buf->str); 3394 return len; 3395} 3396 3397#ifndef _WIN32 3398static void gdb_sigterm_handler(int signal) 3399{ 3400 if (runstate_is_running()) { 3401 vm_stop(RUN_STATE_PAUSED); 3402 } 3403} 3404#endif 3405 3406static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend, 3407 bool *be_opened, Error **errp) 3408{ 3409 *be_opened = false; 3410} 3411 3412static void char_gdb_class_init(ObjectClass *oc, void *data) 3413{ 3414 ChardevClass *cc = CHARDEV_CLASS(oc); 3415 3416 cc->internal = true; 3417 cc->open = gdb_monitor_open; 3418 cc->chr_write = gdb_monitor_write; 3419} 3420 3421#define TYPE_CHARDEV_GDB "chardev-gdb" 3422 3423static const TypeInfo char_gdb_type_info = { 3424 .name = TYPE_CHARDEV_GDB, 3425 .parent = TYPE_CHARDEV, 3426 .class_init = char_gdb_class_init, 3427}; 3428 3429static int find_cpu_clusters(Object *child, void *opaque) 3430{ 3431 if (object_dynamic_cast(child, TYPE_CPU_CLUSTER)) { 3432 GDBState *s = (GDBState *) opaque; 3433 CPUClusterState *cluster = CPU_CLUSTER(child); 3434 GDBProcess *process; 3435 3436 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num); 3437 3438 process = &s->processes[s->process_num - 1]; 3439 3440 /* 3441 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at 3442 * runtime, we enforce here that the machine does not use a cluster ID 3443 * that would lead to PID 0. 3444 */ 3445 assert(cluster->cluster_id != UINT32_MAX); 3446 process->pid = cluster->cluster_id + 1; 3447 process->attached = false; 3448 process->target_xml[0] = '\0'; 3449 3450 return 0; 3451 } 3452 3453 return object_child_foreach(child, find_cpu_clusters, opaque); 3454} 3455 3456static int pid_order(const void *a, const void *b) 3457{ 3458 GDBProcess *pa = (GDBProcess *) a; 3459 GDBProcess *pb = (GDBProcess *) b; 3460 3461 if (pa->pid < pb->pid) { 3462 return -1; 3463 } else if (pa->pid > pb->pid) { 3464 return 1; 3465 } else { 3466 return 0; 3467 } 3468} 3469 3470static void create_processes(GDBState *s) 3471{ 3472 object_child_foreach(object_get_root(), find_cpu_clusters, s); 3473 3474 if (gdbserver_state.processes) { 3475 /* Sort by PID */ 3476 qsort(gdbserver_state.processes, gdbserver_state.process_num, sizeof(gdbserver_state.processes[0]), pid_order); 3477 } 3478 3479 create_default_process(s); 3480} 3481 3482int gdbserver_start(const char *device) 3483{ 3484 trace_gdbstub_op_start(device); 3485 3486 char gdbstub_device_name[128]; 3487 Chardev *chr = NULL; 3488 Chardev *mon_chr; 3489 3490 if (!first_cpu) { 3491 error_report("gdbstub: meaningless to attach gdb to a " 3492 "machine without any CPU."); 3493 return -1; 3494 } 3495 3496 if (!device) 3497 return -1; 3498 if (strcmp(device, "none") != 0) { 3499 if (strstart(device, "tcp:", NULL)) { 3500 /* enforce required TCP attributes */ 3501 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name), 3502 "%s,wait=off,nodelay=on,server=on", device); 3503 device = gdbstub_device_name; 3504 } 3505#ifndef _WIN32 3506 else if (strcmp(device, "stdio") == 0) { 3507 struct sigaction act; 3508 3509 memset(&act, 0, sizeof(act)); 3510 act.sa_handler = gdb_sigterm_handler; 3511 sigaction(SIGINT, &act, NULL); 3512 } 3513#endif 3514 /* 3515 * FIXME: it's a bit weird to allow using a mux chardev here 3516 * and implicitly setup a monitor. We may want to break this. 3517 */ 3518 chr = qemu_chr_new_noreplay("gdb", device, true, NULL); 3519 if (!chr) 3520 return -1; 3521 } 3522 3523 if (!gdbserver_state.init) { 3524 init_gdbserver_state(); 3525 3526 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL); 3527 3528 /* Initialize a monitor terminal for gdb */ 3529 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB, 3530 NULL, NULL, &error_abort); 3531 monitor_init_hmp(mon_chr, false, &error_abort); 3532 } else { 3533 qemu_chr_fe_deinit(&gdbserver_state.chr, true); 3534 mon_chr = gdbserver_state.mon_chr; 3535 reset_gdbserver_state(); 3536 } 3537 3538 create_processes(&gdbserver_state); 3539 3540 if (chr) { 3541 qemu_chr_fe_init(&gdbserver_state.chr, chr, &error_abort); 3542 qemu_chr_fe_set_handlers(&gdbserver_state.chr, gdb_chr_can_receive, 3543 gdb_chr_receive, gdb_chr_event, 3544 NULL, &gdbserver_state, NULL, true); 3545 } 3546 gdbserver_state.state = chr ? RS_IDLE : RS_INACTIVE; 3547 gdbserver_state.mon_chr = mon_chr; 3548 gdbserver_state.current_syscall_cb = NULL; 3549 3550 return 0; 3551} 3552 3553static void register_types(void) 3554{ 3555 type_register_static(&char_gdb_type_info); 3556} 3557 3558type_init(register_types); 3559#endif