jcs.org / qemu
qemu with hax to log dma reads & writes jcs.org/2018/11/12/vfio
fork atom
qemu / gdbstub.c
at master 3449 lines 90 kB view raw
Alex Bennée gdbstub/linux-user: support debugging over a unix socket
fcedd920
1/* 2 * gdb server stub 3 * 4 * This implements a subset of the remote protocol as described in: 5 * 6 * https://sourceware.org/gdb/onlinedocs/gdb/Remote-Protocol.html 7 * 8 * Copyright (c) 2003-2005 Fabrice Bellard 9 * 10 * This library is free software; you can redistribute it and/or 11 * modify it under the terms of the GNU Lesser General Public 12 * License as published by the Free Software Foundation; either 13 * version 2 of the License, or (at your option) any later version. 14 * 15 * This library is distributed in the hope that it will be useful, 16 * but WITHOUT ANY WARRANTY; without even the implied warranty of 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 18 * Lesser General Public License for more details. 19 * 20 * You should have received a copy of the GNU Lesser General Public 21 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 22 * 23 * SPDX-License-Identifier: LGPL-2.0+ 24 */ 25 26#include "qemu/osdep.h" 27#include "qemu-common.h" 28#include "qapi/error.h" 29#include "qemu/error-report.h" 30#include "qemu/ctype.h" 31#include "qemu/cutils.h" 32#include "qemu/module.h" 33#include "trace-root.h" 34#ifdef CONFIG_USER_ONLY 35#include "qemu.h" 36#else 37#include "monitor/monitor.h" 38#include "chardev/char.h" 39#include "chardev/char-fe.h" 40#include "sysemu/sysemu.h" 41#include "exec/gdbstub.h" 42#include "hw/cpu/cluster.h" 43#include "hw/boards.h" 44#endif 45 46#define MAX_PACKET_LENGTH 4096 47 48#include "qemu/sockets.h" 49#include "sysemu/hw_accel.h" 50#include "sysemu/kvm.h" 51#include "sysemu/runstate.h" 52#include "hw/semihosting/semihost.h" 53#include "exec/exec-all.h" 54 55#ifdef CONFIG_USER_ONLY 56#define GDB_ATTACHED "0" 57#else 58#define GDB_ATTACHED "1" 59#endif 60 61#ifndef CONFIG_USER_ONLY 62static int phy_memory_mode; 63#endif 64 65static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr, 66 uint8_t *buf, int len, bool is_write) 67{ 68 CPUClass *cc; 69 70#ifndef CONFIG_USER_ONLY 71 if (phy_memory_mode) { 72 if (is_write) { 73 cpu_physical_memory_write(addr, buf, len); 74 } else { 75 cpu_physical_memory_read(addr, buf, len); 76 } 77 return 0; 78 } 79#endif 80 81 cc = CPU_GET_CLASS(cpu); 82 if (cc->memory_rw_debug) { 83 return cc->memory_rw_debug(cpu, addr, buf, len, is_write); 84 } 85 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write); 86} 87 88/* Return the GDB index for a given vCPU state. 89 * 90 * For user mode this is simply the thread id. In system mode GDB 91 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index. 92 */ 93static inline int cpu_gdb_index(CPUState *cpu) 94{ 95#if defined(CONFIG_USER_ONLY) 96 TaskState *ts = (TaskState *) cpu->opaque; 97 return ts->ts_tid; 98#else 99 return cpu->cpu_index + 1; 100#endif 101} 102 103enum { 104 GDB_SIGNAL_0 = 0, 105 GDB_SIGNAL_INT = 2, 106 GDB_SIGNAL_QUIT = 3, 107 GDB_SIGNAL_TRAP = 5, 108 GDB_SIGNAL_ABRT = 6, 109 GDB_SIGNAL_ALRM = 14, 110 GDB_SIGNAL_IO = 23, 111 GDB_SIGNAL_XCPU = 24, 112 GDB_SIGNAL_UNKNOWN = 143 113}; 114 115#ifdef CONFIG_USER_ONLY 116 117/* Map target signal numbers to GDB protocol signal numbers and vice 118 * versa. For user emulation's currently supported systems, we can 119 * assume most signals are defined. 120 */ 121 122static int gdb_signal_table[] = { 123 0, 124 TARGET_SIGHUP, 125 TARGET_SIGINT, 126 TARGET_SIGQUIT, 127 TARGET_SIGILL, 128 TARGET_SIGTRAP, 129 TARGET_SIGABRT, 130 -1, /* SIGEMT */ 131 TARGET_SIGFPE, 132 TARGET_SIGKILL, 133 TARGET_SIGBUS, 134 TARGET_SIGSEGV, 135 TARGET_SIGSYS, 136 TARGET_SIGPIPE, 137 TARGET_SIGALRM, 138 TARGET_SIGTERM, 139 TARGET_SIGURG, 140 TARGET_SIGSTOP, 141 TARGET_SIGTSTP, 142 TARGET_SIGCONT, 143 TARGET_SIGCHLD, 144 TARGET_SIGTTIN, 145 TARGET_SIGTTOU, 146 TARGET_SIGIO, 147 TARGET_SIGXCPU, 148 TARGET_SIGXFSZ, 149 TARGET_SIGVTALRM, 150 TARGET_SIGPROF, 151 TARGET_SIGWINCH, 152 -1, /* SIGLOST */ 153 TARGET_SIGUSR1, 154 TARGET_SIGUSR2, 155#ifdef TARGET_SIGPWR 156 TARGET_SIGPWR, 157#else 158 -1, 159#endif 160 -1, /* SIGPOLL */ 161 -1, 162 -1, 163 -1, 164 -1, 165 -1, 166 -1, 167 -1, 168 -1, 169 -1, 170 -1, 171 -1, 172#ifdef __SIGRTMIN 173 __SIGRTMIN + 1, 174 __SIGRTMIN + 2, 175 __SIGRTMIN + 3, 176 __SIGRTMIN + 4, 177 __SIGRTMIN + 5, 178 __SIGRTMIN + 6, 179 __SIGRTMIN + 7, 180 __SIGRTMIN + 8, 181 __SIGRTMIN + 9, 182 __SIGRTMIN + 10, 183 __SIGRTMIN + 11, 184 __SIGRTMIN + 12, 185 __SIGRTMIN + 13, 186 __SIGRTMIN + 14, 187 __SIGRTMIN + 15, 188 __SIGRTMIN + 16, 189 __SIGRTMIN + 17, 190 __SIGRTMIN + 18, 191 __SIGRTMIN + 19, 192 __SIGRTMIN + 20, 193 __SIGRTMIN + 21, 194 __SIGRTMIN + 22, 195 __SIGRTMIN + 23, 196 __SIGRTMIN + 24, 197 __SIGRTMIN + 25, 198 __SIGRTMIN + 26, 199 __SIGRTMIN + 27, 200 __SIGRTMIN + 28, 201 __SIGRTMIN + 29, 202 __SIGRTMIN + 30, 203 __SIGRTMIN + 31, 204 -1, /* SIGCANCEL */ 205 __SIGRTMIN, 206 __SIGRTMIN + 32, 207 __SIGRTMIN + 33, 208 __SIGRTMIN + 34, 209 __SIGRTMIN + 35, 210 __SIGRTMIN + 36, 211 __SIGRTMIN + 37, 212 __SIGRTMIN + 38, 213 __SIGRTMIN + 39, 214 __SIGRTMIN + 40, 215 __SIGRTMIN + 41, 216 __SIGRTMIN + 42, 217 __SIGRTMIN + 43, 218 __SIGRTMIN + 44, 219 __SIGRTMIN + 45, 220 __SIGRTMIN + 46, 221 __SIGRTMIN + 47, 222 __SIGRTMIN + 48, 223 __SIGRTMIN + 49, 224 __SIGRTMIN + 50, 225 __SIGRTMIN + 51, 226 __SIGRTMIN + 52, 227 __SIGRTMIN + 53, 228 __SIGRTMIN + 54, 229 __SIGRTMIN + 55, 230 __SIGRTMIN + 56, 231 __SIGRTMIN + 57, 232 __SIGRTMIN + 58, 233 __SIGRTMIN + 59, 234 __SIGRTMIN + 60, 235 __SIGRTMIN + 61, 236 __SIGRTMIN + 62, 237 __SIGRTMIN + 63, 238 __SIGRTMIN + 64, 239 __SIGRTMIN + 65, 240 __SIGRTMIN + 66, 241 __SIGRTMIN + 67, 242 __SIGRTMIN + 68, 243 __SIGRTMIN + 69, 244 __SIGRTMIN + 70, 245 __SIGRTMIN + 71, 246 __SIGRTMIN + 72, 247 __SIGRTMIN + 73, 248 __SIGRTMIN + 74, 249 __SIGRTMIN + 75, 250 __SIGRTMIN + 76, 251 __SIGRTMIN + 77, 252 __SIGRTMIN + 78, 253 __SIGRTMIN + 79, 254 __SIGRTMIN + 80, 255 __SIGRTMIN + 81, 256 __SIGRTMIN + 82, 257 __SIGRTMIN + 83, 258 __SIGRTMIN + 84, 259 __SIGRTMIN + 85, 260 __SIGRTMIN + 86, 261 __SIGRTMIN + 87, 262 __SIGRTMIN + 88, 263 __SIGRTMIN + 89, 264 __SIGRTMIN + 90, 265 __SIGRTMIN + 91, 266 __SIGRTMIN + 92, 267 __SIGRTMIN + 93, 268 __SIGRTMIN + 94, 269 __SIGRTMIN + 95, 270 -1, /* SIGINFO */ 271 -1, /* UNKNOWN */ 272 -1, /* DEFAULT */ 273 -1, 274 -1, 275 -1, 276 -1, 277 -1, 278 -1 279#endif 280}; 281#else 282/* In system mode we only need SIGINT and SIGTRAP; other signals 283 are not yet supported. */ 284 285enum { 286 TARGET_SIGINT = 2, 287 TARGET_SIGTRAP = 5 288}; 289 290static int gdb_signal_table[] = { 291 -1, 292 -1, 293 TARGET_SIGINT, 294 -1, 295 -1, 296 TARGET_SIGTRAP 297}; 298#endif 299 300#ifdef CONFIG_USER_ONLY 301static int target_signal_to_gdb (int sig) 302{ 303 int i; 304 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++) 305 if (gdb_signal_table[i] == sig) 306 return i; 307 return GDB_SIGNAL_UNKNOWN; 308} 309#endif 310 311static int gdb_signal_to_target (int sig) 312{ 313 if (sig < ARRAY_SIZE (gdb_signal_table)) 314 return gdb_signal_table[sig]; 315 else 316 return -1; 317} 318 319typedef struct GDBRegisterState { 320 int base_reg; 321 int num_regs; 322 gdb_get_reg_cb get_reg; 323 gdb_set_reg_cb set_reg; 324 const char *xml; 325 struct GDBRegisterState *next; 326} GDBRegisterState; 327 328typedef struct GDBProcess { 329 uint32_t pid; 330 bool attached; 331 332 char target_xml[1024]; 333} GDBProcess; 334 335enum RSState { 336 RS_INACTIVE, 337 RS_IDLE, 338 RS_GETLINE, 339 RS_GETLINE_ESC, 340 RS_GETLINE_RLE, 341 RS_CHKSUM1, 342 RS_CHKSUM2, 343}; 344typedef struct GDBState { 345 bool init; /* have we been initialised? */ 346 CPUState *c_cpu; /* current CPU for step/continue ops */ 347 CPUState *g_cpu; /* current CPU for other ops */ 348 CPUState *query_cpu; /* for q{f|s}ThreadInfo */ 349 enum RSState state; /* parsing state */ 350 char line_buf[MAX_PACKET_LENGTH]; 351 int line_buf_index; 352 int line_sum; /* running checksum */ 353 int line_csum; /* checksum at the end of the packet */ 354 GByteArray *last_packet; 355 int signal; 356#ifdef CONFIG_USER_ONLY 357 int fd; 358 char *socket_path; 359 int running_state; 360#else 361 CharBackend chr; 362 Chardev *mon_chr; 363#endif 364 bool multiprocess; 365 GDBProcess *processes; 366 int process_num; 367 char syscall_buf[256]; 368 gdb_syscall_complete_cb current_syscall_cb; 369 GString *str_buf; 370 GByteArray *mem_buf; 371} GDBState; 372 373/* By default use no IRQs and no timers while single stepping so as to 374 * make single stepping like an ICE HW step. 375 */ 376static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER; 377 378static GDBState gdbserver_state; 379 380static void init_gdbserver_state(void) 381{ 382 g_assert(!gdbserver_state.init); 383 memset(&gdbserver_state, 0, sizeof(GDBState)); 384 gdbserver_state.init = true; 385 gdbserver_state.str_buf = g_string_new(NULL); 386 gdbserver_state.mem_buf = g_byte_array_sized_new(MAX_PACKET_LENGTH); 387 gdbserver_state.last_packet = g_byte_array_sized_new(MAX_PACKET_LENGTH + 4); 388} 389 390#ifndef CONFIG_USER_ONLY 391static void reset_gdbserver_state(void) 392{ 393 g_free(gdbserver_state.processes); 394 gdbserver_state.processes = NULL; 395 gdbserver_state.process_num = 0; 396} 397#endif 398 399bool gdb_has_xml; 400 401#ifdef CONFIG_USER_ONLY 402 403static int get_char(void) 404{ 405 uint8_t ch; 406 int ret; 407 408 for(;;) { 409 ret = qemu_recv(gdbserver_state.fd, &ch, 1, 0); 410 if (ret < 0) { 411 if (errno == ECONNRESET) 412 gdbserver_state.fd = -1; 413 if (errno != EINTR) 414 return -1; 415 } else if (ret == 0) { 416 close(gdbserver_state.fd); 417 gdbserver_state.fd = -1; 418 return -1; 419 } else { 420 break; 421 } 422 } 423 return ch; 424} 425#endif 426 427static enum { 428 GDB_SYS_UNKNOWN, 429 GDB_SYS_ENABLED, 430 GDB_SYS_DISABLED, 431} gdb_syscall_mode; 432 433/* Decide if either remote gdb syscalls or native file IO should be used. */ 434int use_gdb_syscalls(void) 435{ 436 SemihostingTarget target = semihosting_get_target(); 437 if (target == SEMIHOSTING_TARGET_NATIVE) { 438 /* -semihosting-config target=native */ 439 return false; 440 } else if (target == SEMIHOSTING_TARGET_GDB) { 441 /* -semihosting-config target=gdb */ 442 return true; 443 } 444 445 /* -semihosting-config target=auto */ 446 /* On the first call check if gdb is connected and remember. */ 447 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) { 448 gdb_syscall_mode = gdbserver_state.init ? 449 GDB_SYS_ENABLED : GDB_SYS_DISABLED; 450 } 451 return gdb_syscall_mode == GDB_SYS_ENABLED; 452} 453 454/* Resume execution. */ 455static inline void gdb_continue(void) 456{ 457 458#ifdef CONFIG_USER_ONLY 459 gdbserver_state.running_state = 1; 460 trace_gdbstub_op_continue(); 461#else 462 if (!runstate_needs_reset()) { 463 trace_gdbstub_op_continue(); 464 vm_start(); 465 } 466#endif 467} 468 469/* 470 * Resume execution, per CPU actions. For user-mode emulation it's 471 * equivalent to gdb_continue. 472 */ 473static int gdb_continue_partial(char *newstates) 474{ 475 CPUState *cpu; 476 int res = 0; 477#ifdef CONFIG_USER_ONLY 478 /* 479 * This is not exactly accurate, but it's an improvement compared to the 480 * previous situation, where only one CPU would be single-stepped. 481 */ 482 CPU_FOREACH(cpu) { 483 if (newstates[cpu->cpu_index] == 's') { 484 trace_gdbstub_op_stepping(cpu->cpu_index); 485 cpu_single_step(cpu, sstep_flags); 486 } 487 } 488 gdbserver_state.running_state = 1; 489#else 490 int flag = 0; 491 492 if (!runstate_needs_reset()) { 493 if (vm_prepare_start()) { 494 return 0; 495 } 496 497 CPU_FOREACH(cpu) { 498 switch (newstates[cpu->cpu_index]) { 499 case 0: 500 case 1: 501 break; /* nothing to do here */ 502 case 's': 503 trace_gdbstub_op_stepping(cpu->cpu_index); 504 cpu_single_step(cpu, sstep_flags); 505 cpu_resume(cpu); 506 flag = 1; 507 break; 508 case 'c': 509 trace_gdbstub_op_continue_cpu(cpu->cpu_index); 510 cpu_resume(cpu); 511 flag = 1; 512 break; 513 default: 514 res = -1; 515 break; 516 } 517 } 518 } 519 if (flag) { 520 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true); 521 } 522#endif 523 return res; 524} 525 526static void put_buffer(const uint8_t *buf, int len) 527{ 528#ifdef CONFIG_USER_ONLY 529 int ret; 530 531 while (len > 0) { 532 ret = send(gdbserver_state.fd, buf, len, 0); 533 if (ret < 0) { 534 if (errno != EINTR) 535 return; 536 } else { 537 buf += ret; 538 len -= ret; 539 } 540 } 541#else 542 /* XXX this blocks entire thread. Rewrite to use 543 * qemu_chr_fe_write and background I/O callbacks */ 544 qemu_chr_fe_write_all(&gdbserver_state.chr, buf, len); 545#endif 546} 547 548static inline int fromhex(int v) 549{ 550 if (v >= '0' && v <= '9') 551 return v - '0'; 552 else if (v >= 'A' && v <= 'F') 553 return v - 'A' + 10; 554 else if (v >= 'a' && v <= 'f') 555 return v - 'a' + 10; 556 else 557 return 0; 558} 559 560static inline int tohex(int v) 561{ 562 if (v < 10) 563 return v + '0'; 564 else 565 return v - 10 + 'a'; 566} 567 568/* writes 2*len+1 bytes in buf */ 569static void memtohex(GString *buf, const uint8_t *mem, int len) 570{ 571 int i, c; 572 for(i = 0; i < len; i++) { 573 c = mem[i]; 574 g_string_append_c(buf, tohex(c >> 4)); 575 g_string_append_c(buf, tohex(c & 0xf)); 576 } 577 g_string_append_c(buf, '\0'); 578} 579 580static void hextomem(GByteArray *mem, const char *buf, int len) 581{ 582 int i; 583 584 for(i = 0; i < len; i++) { 585 guint8 byte = fromhex(buf[0]) << 4 | fromhex(buf[1]); 586 g_byte_array_append(mem, &byte, 1); 587 buf += 2; 588 } 589} 590 591static void hexdump(const char *buf, int len, 592 void (*trace_fn)(size_t ofs, char const *text)) 593{ 594 char line_buffer[3 * 16 + 4 + 16 + 1]; 595 596 size_t i; 597 for (i = 0; i < len || (i & 0xF); ++i) { 598 size_t byte_ofs = i & 15; 599 600 if (byte_ofs == 0) { 601 memset(line_buffer, ' ', 3 * 16 + 4 + 16); 602 line_buffer[3 * 16 + 4 + 16] = 0; 603 } 604 605 size_t col_group = (i >> 2) & 3; 606 size_t hex_col = byte_ofs * 3 + col_group; 607 size_t txt_col = 3 * 16 + 4 + byte_ofs; 608 609 if (i < len) { 610 char value = buf[i]; 611 612 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF); 613 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF); 614 line_buffer[txt_col + 0] = (value >= ' ' && value < 127) 615 ? value 616 : '.'; 617 } 618 619 if (byte_ofs == 0xF) 620 trace_fn(i & -16, line_buffer); 621 } 622} 623 624/* return -1 if error, 0 if OK */ 625static int put_packet_binary(const char *buf, int len, bool dump) 626{ 627 int csum, i; 628 uint8_t footer[3]; 629 630 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) { 631 hexdump(buf, len, trace_gdbstub_io_binaryreply); 632 } 633 634 for(;;) { 635 g_byte_array_set_size(gdbserver_state.last_packet, 0); 636 g_byte_array_append(gdbserver_state.last_packet, 637 (const uint8_t *) "$", 1); 638 g_byte_array_append(gdbserver_state.last_packet, 639 (const uint8_t *) buf, len); 640 csum = 0; 641 for(i = 0; i < len; i++) { 642 csum += buf[i]; 643 } 644 footer[0] = '#'; 645 footer[1] = tohex((csum >> 4) & 0xf); 646 footer[2] = tohex((csum) & 0xf); 647 g_byte_array_append(gdbserver_state.last_packet, footer, 3); 648 649 put_buffer(gdbserver_state.last_packet->data, 650 gdbserver_state.last_packet->len); 651 652#ifdef CONFIG_USER_ONLY 653 i = get_char(); 654 if (i < 0) 655 return -1; 656 if (i == '+') 657 break; 658#else 659 break; 660#endif 661 } 662 return 0; 663} 664 665/* return -1 if error, 0 if OK */ 666static int put_packet(const char *buf) 667{ 668 trace_gdbstub_io_reply(buf); 669 670 return put_packet_binary(buf, strlen(buf), false); 671} 672 673static void put_strbuf(void) 674{ 675 put_packet(gdbserver_state.str_buf->str); 676} 677 678/* Encode data using the encoding for 'x' packets. */ 679static void memtox(GString *buf, const char *mem, int len) 680{ 681 char c; 682 683 while (len--) { 684 c = *(mem++); 685 switch (c) { 686 case '#': case '$': case '*': case '}': 687 g_string_append_c(buf, '}'); 688 g_string_append_c(buf, c ^ 0x20); 689 break; 690 default: 691 g_string_append_c(buf, c); 692 break; 693 } 694 } 695} 696 697static uint32_t gdb_get_cpu_pid(CPUState *cpu) 698{ 699 /* TODO: In user mode, we should use the task state PID */ 700 if (cpu->cluster_index == UNASSIGNED_CLUSTER_INDEX) { 701 /* Return the default process' PID */ 702 int index = gdbserver_state.process_num - 1; 703 return gdbserver_state.processes[index].pid; 704 } 705 return cpu->cluster_index + 1; 706} 707 708static GDBProcess *gdb_get_process(uint32_t pid) 709{ 710 int i; 711 712 if (!pid) { 713 /* 0 means any process, we take the first one */ 714 return &gdbserver_state.processes[0]; 715 } 716 717 for (i = 0; i < gdbserver_state.process_num; i++) { 718 if (gdbserver_state.processes[i].pid == pid) { 719 return &gdbserver_state.processes[i]; 720 } 721 } 722 723 return NULL; 724} 725 726static GDBProcess *gdb_get_cpu_process(CPUState *cpu) 727{ 728 return gdb_get_process(gdb_get_cpu_pid(cpu)); 729} 730 731static CPUState *find_cpu(uint32_t thread_id) 732{ 733 CPUState *cpu; 734 735 CPU_FOREACH(cpu) { 736 if (cpu_gdb_index(cpu) == thread_id) { 737 return cpu; 738 } 739 } 740 741 return NULL; 742} 743 744static CPUState *get_first_cpu_in_process(GDBProcess *process) 745{ 746 CPUState *cpu; 747 748 CPU_FOREACH(cpu) { 749 if (gdb_get_cpu_pid(cpu) == process->pid) { 750 return cpu; 751 } 752 } 753 754 return NULL; 755} 756 757static CPUState *gdb_next_cpu_in_process(CPUState *cpu) 758{ 759 uint32_t pid = gdb_get_cpu_pid(cpu); 760 cpu = CPU_NEXT(cpu); 761 762 while (cpu) { 763 if (gdb_get_cpu_pid(cpu) == pid) { 764 break; 765 } 766 767 cpu = CPU_NEXT(cpu); 768 } 769 770 return cpu; 771} 772 773/* Return the cpu following @cpu, while ignoring unattached processes. */ 774static CPUState *gdb_next_attached_cpu(CPUState *cpu) 775{ 776 cpu = CPU_NEXT(cpu); 777 778 while (cpu) { 779 if (gdb_get_cpu_process(cpu)->attached) { 780 break; 781 } 782 783 cpu = CPU_NEXT(cpu); 784 } 785 786 return cpu; 787} 788 789/* Return the first attached cpu */ 790static CPUState *gdb_first_attached_cpu(void) 791{ 792 CPUState *cpu = first_cpu; 793 GDBProcess *process = gdb_get_cpu_process(cpu); 794 795 if (!process->attached) { 796 return gdb_next_attached_cpu(cpu); 797 } 798 799 return cpu; 800} 801 802static CPUState *gdb_get_cpu(uint32_t pid, uint32_t tid) 803{ 804 GDBProcess *process; 805 CPUState *cpu; 806 807 if (!pid && !tid) { 808 /* 0 means any process/thread, we take the first attached one */ 809 return gdb_first_attached_cpu(); 810 } else if (pid && !tid) { 811 /* any thread in a specific process */ 812 process = gdb_get_process(pid); 813 814 if (process == NULL) { 815 return NULL; 816 } 817 818 if (!process->attached) { 819 return NULL; 820 } 821 822 return get_first_cpu_in_process(process); 823 } else { 824 /* a specific thread */ 825 cpu = find_cpu(tid); 826 827 if (cpu == NULL) { 828 return NULL; 829 } 830 831 process = gdb_get_cpu_process(cpu); 832 833 if (pid && process->pid != pid) { 834 return NULL; 835 } 836 837 if (!process->attached) { 838 return NULL; 839 } 840 841 return cpu; 842 } 843} 844 845static const char *get_feature_xml(const char *p, const char **newp, 846 GDBProcess *process) 847{ 848 size_t len; 849 int i; 850 const char *name; 851 CPUState *cpu = get_first_cpu_in_process(process); 852 CPUClass *cc = CPU_GET_CLASS(cpu); 853 854 len = 0; 855 while (p[len] && p[len] != ':') 856 len++; 857 *newp = p + len; 858 859 name = NULL; 860 if (strncmp(p, "target.xml", len) == 0) { 861 char *buf = process->target_xml; 862 const size_t buf_sz = sizeof(process->target_xml); 863 864 /* Generate the XML description for this CPU. */ 865 if (!buf[0]) { 866 GDBRegisterState *r; 867 868 pstrcat(buf, buf_sz, 869 "<?xml version=\"1.0\"?>" 870 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">" 871 "<target>"); 872 if (cc->gdb_arch_name) { 873 gchar *arch = cc->gdb_arch_name(cpu); 874 pstrcat(buf, buf_sz, "<architecture>"); 875 pstrcat(buf, buf_sz, arch); 876 pstrcat(buf, buf_sz, "</architecture>"); 877 g_free(arch); 878 } 879 pstrcat(buf, buf_sz, "<xi:include href=\""); 880 pstrcat(buf, buf_sz, cc->gdb_core_xml_file); 881 pstrcat(buf, buf_sz, "\"/>"); 882 for (r = cpu->gdb_regs; r; r = r->next) { 883 pstrcat(buf, buf_sz, "<xi:include href=\""); 884 pstrcat(buf, buf_sz, r->xml); 885 pstrcat(buf, buf_sz, "\"/>"); 886 } 887 pstrcat(buf, buf_sz, "</target>"); 888 } 889 return buf; 890 } 891 if (cc->gdb_get_dynamic_xml) { 892 char *xmlname = g_strndup(p, len); 893 const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname); 894 895 g_free(xmlname); 896 if (xml) { 897 return xml; 898 } 899 } 900 for (i = 0; ; i++) { 901 name = xml_builtin[i][0]; 902 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len)) 903 break; 904 } 905 return name ? xml_builtin[i][1] : NULL; 906} 907 908static int gdb_read_register(CPUState *cpu, GByteArray *buf, int reg) 909{ 910 CPUClass *cc = CPU_GET_CLASS(cpu); 911 CPUArchState *env = cpu->env_ptr; 912 GDBRegisterState *r; 913 914 if (reg < cc->gdb_num_core_regs) { 915 return cc->gdb_read_register(cpu, buf, reg); 916 } 917 918 for (r = cpu->gdb_regs; r; r = r->next) { 919 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) { 920 return r->get_reg(env, buf, reg - r->base_reg); 921 } 922 } 923 return 0; 924} 925 926static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg) 927{ 928 CPUClass *cc = CPU_GET_CLASS(cpu); 929 CPUArchState *env = cpu->env_ptr; 930 GDBRegisterState *r; 931 932 if (reg < cc->gdb_num_core_regs) { 933 return cc->gdb_write_register(cpu, mem_buf, reg); 934 } 935 936 for (r = cpu->gdb_regs; r; r = r->next) { 937 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) { 938 return r->set_reg(env, mem_buf, reg - r->base_reg); 939 } 940 } 941 return 0; 942} 943 944/* Register a supplemental set of CPU registers. If g_pos is nonzero it 945 specifies the first register number and these registers are included in 946 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is 947 gdb reading a CPU register, and set_reg is gdb modifying a CPU register. 948 */ 949 950void gdb_register_coprocessor(CPUState *cpu, 951 gdb_get_reg_cb get_reg, gdb_set_reg_cb set_reg, 952 int num_regs, const char *xml, int g_pos) 953{ 954 GDBRegisterState *s; 955 GDBRegisterState **p; 956 957 p = &cpu->gdb_regs; 958 while (*p) { 959 /* Check for duplicates. */ 960 if (strcmp((*p)->xml, xml) == 0) 961 return; 962 p = &(*p)->next; 963 } 964 965 s = g_new0(GDBRegisterState, 1); 966 s->base_reg = cpu->gdb_num_regs; 967 s->num_regs = num_regs; 968 s->get_reg = get_reg; 969 s->set_reg = set_reg; 970 s->xml = xml; 971 972 /* Add to end of list. */ 973 cpu->gdb_num_regs += num_regs; 974 *p = s; 975 if (g_pos) { 976 if (g_pos != s->base_reg) { 977 error_report("Error: Bad gdb register numbering for '%s', " 978 "expected %d got %d", xml, g_pos, s->base_reg); 979 } else { 980 cpu->gdb_num_g_regs = cpu->gdb_num_regs; 981 } 982 } 983} 984 985#ifndef CONFIG_USER_ONLY 986/* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */ 987static inline int xlat_gdb_type(CPUState *cpu, int gdbtype) 988{ 989 static const int xlat[] = { 990 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE, 991 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ, 992 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS, 993 }; 994 995 CPUClass *cc = CPU_GET_CLASS(cpu); 996 int cputype = xlat[gdbtype]; 997 998 if (cc->gdb_stop_before_watchpoint) { 999 cputype |= BP_STOP_BEFORE_ACCESS; 1000 } 1001 return cputype; 1002} 1003#endif 1004 1005static int gdb_breakpoint_insert(int type, target_ulong addr, target_ulong len) 1006{ 1007 CPUState *cpu; 1008 int err = 0; 1009 1010 if (kvm_enabled()) { 1011 return kvm_insert_breakpoint(gdbserver_state.c_cpu, addr, len, type); 1012 } 1013 1014 switch (type) { 1015 case GDB_BREAKPOINT_SW: 1016 case GDB_BREAKPOINT_HW: 1017 CPU_FOREACH(cpu) { 1018 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL); 1019 if (err) { 1020 break; 1021 } 1022 } 1023 return err; 1024#ifndef CONFIG_USER_ONLY 1025 case GDB_WATCHPOINT_WRITE: 1026 case GDB_WATCHPOINT_READ: 1027 case GDB_WATCHPOINT_ACCESS: 1028 CPU_FOREACH(cpu) { 1029 err = cpu_watchpoint_insert(cpu, addr, len, 1030 xlat_gdb_type(cpu, type), NULL); 1031 if (err) { 1032 break; 1033 } 1034 } 1035 return err; 1036#endif 1037 default: 1038 return -ENOSYS; 1039 } 1040} 1041 1042static int gdb_breakpoint_remove(int type, target_ulong addr, target_ulong len) 1043{ 1044 CPUState *cpu; 1045 int err = 0; 1046 1047 if (kvm_enabled()) { 1048 return kvm_remove_breakpoint(gdbserver_state.c_cpu, addr, len, type); 1049 } 1050 1051 switch (type) { 1052 case GDB_BREAKPOINT_SW: 1053 case GDB_BREAKPOINT_HW: 1054 CPU_FOREACH(cpu) { 1055 err = cpu_breakpoint_remove(cpu, addr, BP_GDB); 1056 if (err) { 1057 break; 1058 } 1059 } 1060 return err; 1061#ifndef CONFIG_USER_ONLY 1062 case GDB_WATCHPOINT_WRITE: 1063 case GDB_WATCHPOINT_READ: 1064 case GDB_WATCHPOINT_ACCESS: 1065 CPU_FOREACH(cpu) { 1066 err = cpu_watchpoint_remove(cpu, addr, len, 1067 xlat_gdb_type(cpu, type)); 1068 if (err) 1069 break; 1070 } 1071 return err; 1072#endif 1073 default: 1074 return -ENOSYS; 1075 } 1076} 1077 1078static inline void gdb_cpu_breakpoint_remove_all(CPUState *cpu) 1079{ 1080 cpu_breakpoint_remove_all(cpu, BP_GDB); 1081#ifndef CONFIG_USER_ONLY 1082 cpu_watchpoint_remove_all(cpu, BP_GDB); 1083#endif 1084} 1085 1086static void gdb_process_breakpoint_remove_all(GDBProcess *p) 1087{ 1088 CPUState *cpu = get_first_cpu_in_process(p); 1089 1090 while (cpu) { 1091 gdb_cpu_breakpoint_remove_all(cpu); 1092 cpu = gdb_next_cpu_in_process(cpu); 1093 } 1094} 1095 1096static void gdb_breakpoint_remove_all(void) 1097{ 1098 CPUState *cpu; 1099 1100 if (kvm_enabled()) { 1101 kvm_remove_all_breakpoints(gdbserver_state.c_cpu); 1102 return; 1103 } 1104 1105 CPU_FOREACH(cpu) { 1106 gdb_cpu_breakpoint_remove_all(cpu); 1107 } 1108} 1109 1110static void gdb_set_cpu_pc(target_ulong pc) 1111{ 1112 CPUState *cpu = gdbserver_state.c_cpu; 1113 1114 cpu_synchronize_state(cpu); 1115 cpu_set_pc(cpu, pc); 1116} 1117 1118static void gdb_append_thread_id(CPUState *cpu, GString *buf) 1119{ 1120 if (gdbserver_state.multiprocess) { 1121 g_string_append_printf(buf, "p%02x.%02x", 1122 gdb_get_cpu_pid(cpu), cpu_gdb_index(cpu)); 1123 } else { 1124 g_string_append_printf(buf, "%02x", cpu_gdb_index(cpu)); 1125 } 1126} 1127 1128typedef enum GDBThreadIdKind { 1129 GDB_ONE_THREAD = 0, 1130 GDB_ALL_THREADS, /* One process, all threads */ 1131 GDB_ALL_PROCESSES, 1132 GDB_READ_THREAD_ERR 1133} GDBThreadIdKind; 1134 1135static GDBThreadIdKind read_thread_id(const char *buf, const char **end_buf, 1136 uint32_t *pid, uint32_t *tid) 1137{ 1138 unsigned long p, t; 1139 int ret; 1140 1141 if (*buf == 'p') { 1142 buf++; 1143 ret = qemu_strtoul(buf, &buf, 16, &p); 1144 1145 if (ret) { 1146 return GDB_READ_THREAD_ERR; 1147 } 1148 1149 /* Skip '.' */ 1150 buf++; 1151 } else { 1152 p = 1; 1153 } 1154 1155 ret = qemu_strtoul(buf, &buf, 16, &t); 1156 1157 if (ret) { 1158 return GDB_READ_THREAD_ERR; 1159 } 1160 1161 *end_buf = buf; 1162 1163 if (p == -1) { 1164 return GDB_ALL_PROCESSES; 1165 } 1166 1167 if (pid) { 1168 *pid = p; 1169 } 1170 1171 if (t == -1) { 1172 return GDB_ALL_THREADS; 1173 } 1174 1175 if (tid) { 1176 *tid = t; 1177 } 1178 1179 return GDB_ONE_THREAD; 1180} 1181 1182/** 1183 * gdb_handle_vcont - Parses and handles a vCont packet. 1184 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is 1185 * a format error, 0 on success. 1186 */ 1187static int gdb_handle_vcont(const char *p) 1188{ 1189 int res, signal = 0; 1190 char cur_action; 1191 char *newstates; 1192 unsigned long tmp; 1193 uint32_t pid, tid; 1194 GDBProcess *process; 1195 CPUState *cpu; 1196 GDBThreadIdKind kind; 1197#ifdef CONFIG_USER_ONLY 1198 int max_cpus = 1; /* global variable max_cpus exists only in system mode */ 1199 1200 CPU_FOREACH(cpu) { 1201 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus; 1202 } 1203#else 1204 MachineState *ms = MACHINE(qdev_get_machine()); 1205 unsigned int max_cpus = ms->smp.max_cpus; 1206#endif 1207 /* uninitialised CPUs stay 0 */ 1208 newstates = g_new0(char, max_cpus); 1209 1210 /* mark valid CPUs with 1 */ 1211 CPU_FOREACH(cpu) { 1212 newstates[cpu->cpu_index] = 1; 1213 } 1214 1215 /* 1216 * res keeps track of what error we are returning, with -ENOTSUP meaning 1217 * that the command is unknown or unsupported, thus returning an empty 1218 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid, 1219 * or incorrect parameters passed. 1220 */ 1221 res = 0; 1222 while (*p) { 1223 if (*p++ != ';') { 1224 res = -ENOTSUP; 1225 goto out; 1226 } 1227 1228 cur_action = *p++; 1229 if (cur_action == 'C' || cur_action == 'S') { 1230 cur_action = qemu_tolower(cur_action); 1231 res = qemu_strtoul(p + 1, &p, 16, &tmp); 1232 if (res) { 1233 goto out; 1234 } 1235 signal = gdb_signal_to_target(tmp); 1236 } else if (cur_action != 'c' && cur_action != 's') { 1237 /* unknown/invalid/unsupported command */ 1238 res = -ENOTSUP; 1239 goto out; 1240 } 1241 1242 if (*p == '\0' || *p == ';') { 1243 /* 1244 * No thread specifier, action is on "all threads". The 1245 * specification is unclear regarding the process to act on. We 1246 * choose all processes. 1247 */ 1248 kind = GDB_ALL_PROCESSES; 1249 } else if (*p++ == ':') { 1250 kind = read_thread_id(p, &p, &pid, &tid); 1251 } else { 1252 res = -ENOTSUP; 1253 goto out; 1254 } 1255 1256 switch (kind) { 1257 case GDB_READ_THREAD_ERR: 1258 res = -EINVAL; 1259 goto out; 1260 1261 case GDB_ALL_PROCESSES: 1262 cpu = gdb_first_attached_cpu(); 1263 while (cpu) { 1264 if (newstates[cpu->cpu_index] == 1) { 1265 newstates[cpu->cpu_index] = cur_action; 1266 } 1267 1268 cpu = gdb_next_attached_cpu(cpu); 1269 } 1270 break; 1271 1272 case GDB_ALL_THREADS: 1273 process = gdb_get_process(pid); 1274 1275 if (!process->attached) { 1276 res = -EINVAL; 1277 goto out; 1278 } 1279 1280 cpu = get_first_cpu_in_process(process); 1281 while (cpu) { 1282 if (newstates[cpu->cpu_index] == 1) { 1283 newstates[cpu->cpu_index] = cur_action; 1284 } 1285 1286 cpu = gdb_next_cpu_in_process(cpu); 1287 } 1288 break; 1289 1290 case GDB_ONE_THREAD: 1291 cpu = gdb_get_cpu(pid, tid); 1292 1293 /* invalid CPU/thread specified */ 1294 if (!cpu) { 1295 res = -EINVAL; 1296 goto out; 1297 } 1298 1299 /* only use if no previous match occourred */ 1300 if (newstates[cpu->cpu_index] == 1) { 1301 newstates[cpu->cpu_index] = cur_action; 1302 } 1303 break; 1304 } 1305 } 1306 gdbserver_state.signal = signal; 1307 gdb_continue_partial(newstates); 1308 1309out: 1310 g_free(newstates); 1311 1312 return res; 1313} 1314 1315typedef union GdbCmdVariant { 1316 const char *data; 1317 uint8_t opcode; 1318 unsigned long val_ul; 1319 unsigned long long val_ull; 1320 struct { 1321 GDBThreadIdKind kind; 1322 uint32_t pid; 1323 uint32_t tid; 1324 } thread_id; 1325} GdbCmdVariant; 1326 1327static const char *cmd_next_param(const char *param, const char delimiter) 1328{ 1329 static const char all_delimiters[] = ",;:="; 1330 char curr_delimiters[2] = {0}; 1331 const char *delimiters; 1332 1333 if (delimiter == '?') { 1334 delimiters = all_delimiters; 1335 } else if (delimiter == '0') { 1336 return strchr(param, '\0'); 1337 } else if (delimiter == '.' && *param) { 1338 return param + 1; 1339 } else { 1340 curr_delimiters[0] = delimiter; 1341 delimiters = curr_delimiters; 1342 } 1343 1344 param += strcspn(param, delimiters); 1345 if (*param) { 1346 param++; 1347 } 1348 return param; 1349} 1350 1351static int cmd_parse_params(const char *data, const char *schema, 1352 GdbCmdVariant *params, int *num_params) 1353{ 1354 int curr_param; 1355 const char *curr_schema, *curr_data; 1356 1357 *num_params = 0; 1358 1359 if (!schema) { 1360 return 0; 1361 } 1362 1363 curr_schema = schema; 1364 curr_param = 0; 1365 curr_data = data; 1366 while (curr_schema[0] && curr_schema[1] && *curr_data) { 1367 switch (curr_schema[0]) { 1368 case 'l': 1369 if (qemu_strtoul(curr_data, &curr_data, 16, 1370 &params[curr_param].val_ul)) { 1371 return -EINVAL; 1372 } 1373 curr_param++; 1374 curr_data = cmd_next_param(curr_data, curr_schema[1]); 1375 break; 1376 case 'L': 1377 if (qemu_strtou64(curr_data, &curr_data, 16, 1378 (uint64_t *)&params[curr_param].val_ull)) { 1379 return -EINVAL; 1380 } 1381 curr_param++; 1382 curr_data = cmd_next_param(curr_data, curr_schema[1]); 1383 break; 1384 case 's': 1385 params[curr_param].data = curr_data; 1386 curr_param++; 1387 curr_data = cmd_next_param(curr_data, curr_schema[1]); 1388 break; 1389 case 'o': 1390 params[curr_param].opcode = *(uint8_t *)curr_data; 1391 curr_param++; 1392 curr_data = cmd_next_param(curr_data, curr_schema[1]); 1393 break; 1394 case 't': 1395 params[curr_param].thread_id.kind = 1396 read_thread_id(curr_data, &curr_data, 1397 &params[curr_param].thread_id.pid, 1398 &params[curr_param].thread_id.tid); 1399 curr_param++; 1400 curr_data = cmd_next_param(curr_data, curr_schema[1]); 1401 break; 1402 case '?': 1403 curr_data = cmd_next_param(curr_data, curr_schema[1]); 1404 break; 1405 default: 1406 return -EINVAL; 1407 } 1408 curr_schema += 2; 1409 } 1410 1411 *num_params = curr_param; 1412 return 0; 1413} 1414 1415typedef struct GdbCmdContext { 1416 GdbCmdVariant *params; 1417 int num_params; 1418} GdbCmdContext; 1419 1420typedef void (*GdbCmdHandler)(GdbCmdContext *gdb_ctx, void *user_ctx); 1421 1422/* 1423 * cmd_startswith -> cmd is compared using startswith 1424 * 1425 * 1426 * schema definitions: 1427 * Each schema parameter entry consists of 2 chars, 1428 * the first char represents the parameter type handling 1429 * the second char represents the delimiter for the next parameter 1430 * 1431 * Currently supported schema types: 1432 * 'l' -> unsigned long (stored in .val_ul) 1433 * 'L' -> unsigned long long (stored in .val_ull) 1434 * 's' -> string (stored in .data) 1435 * 'o' -> single char (stored in .opcode) 1436 * 't' -> thread id (stored in .thread_id) 1437 * '?' -> skip according to delimiter 1438 * 1439 * Currently supported delimiters: 1440 * '?' -> Stop at any delimiter (",;:=\0") 1441 * '0' -> Stop at "\0" 1442 * '.' -> Skip 1 char unless reached "\0" 1443 * Any other value is treated as the delimiter value itself 1444 */ 1445typedef struct GdbCmdParseEntry { 1446 GdbCmdHandler handler; 1447 const char *cmd; 1448 bool cmd_startswith; 1449 const char *schema; 1450} GdbCmdParseEntry; 1451 1452static inline int startswith(const char *string, const char *pattern) 1453{ 1454 return !strncmp(string, pattern, strlen(pattern)); 1455} 1456 1457static int process_string_cmd(void *user_ctx, const char *data, 1458 const GdbCmdParseEntry *cmds, int num_cmds) 1459{ 1460 int i, schema_len, max_num_params = 0; 1461 GdbCmdContext gdb_ctx; 1462 1463 if (!cmds) { 1464 return -1; 1465 } 1466 1467 for (i = 0; i < num_cmds; i++) { 1468 const GdbCmdParseEntry *cmd = &cmds[i]; 1469 g_assert(cmd->handler && cmd->cmd); 1470 1471 if ((cmd->cmd_startswith && !startswith(data, cmd->cmd)) || 1472 (!cmd->cmd_startswith && strcmp(cmd->cmd, data))) { 1473 continue; 1474 } 1475 1476 if (cmd->schema) { 1477 schema_len = strlen(cmd->schema); 1478 if (schema_len % 2) { 1479 return -2; 1480 } 1481 1482 max_num_params = schema_len / 2; 1483 } 1484 1485 gdb_ctx.params = 1486 (GdbCmdVariant *)alloca(sizeof(*gdb_ctx.params) * max_num_params); 1487 memset(gdb_ctx.params, 0, sizeof(*gdb_ctx.params) * max_num_params); 1488 1489 if (cmd_parse_params(&data[strlen(cmd->cmd)], cmd->schema, 1490 gdb_ctx.params, &gdb_ctx.num_params)) { 1491 return -1; 1492 } 1493 1494 cmd->handler(&gdb_ctx, user_ctx); 1495 return 0; 1496 } 1497 1498 return -1; 1499} 1500 1501static void run_cmd_parser(const char *data, const GdbCmdParseEntry *cmd) 1502{ 1503 if (!data) { 1504 return; 1505 } 1506 1507 g_string_set_size(gdbserver_state.str_buf, 0); 1508 g_byte_array_set_size(gdbserver_state.mem_buf, 0); 1509 1510 /* In case there was an error during the command parsing we must 1511 * send a NULL packet to indicate the command is not supported */ 1512 if (process_string_cmd(NULL, data, cmd, 1)) { 1513 put_packet(""); 1514 } 1515} 1516 1517static void handle_detach(GdbCmdContext *gdb_ctx, void *user_ctx) 1518{ 1519 GDBProcess *process; 1520 uint32_t pid = 1; 1521 1522 if (gdbserver_state.multiprocess) { 1523 if (!gdb_ctx->num_params) { 1524 put_packet("E22"); 1525 return; 1526 } 1527 1528 pid = gdb_ctx->params[0].val_ul; 1529 } 1530 1531 process = gdb_get_process(pid); 1532 gdb_process_breakpoint_remove_all(process); 1533 process->attached = false; 1534 1535 if (pid == gdb_get_cpu_pid(gdbserver_state.c_cpu)) { 1536 gdbserver_state.c_cpu = gdb_first_attached_cpu(); 1537 } 1538 1539 if (pid == gdb_get_cpu_pid(gdbserver_state.g_cpu)) { 1540 gdbserver_state.g_cpu = gdb_first_attached_cpu(); 1541 } 1542 1543 if (!gdbserver_state.c_cpu) { 1544 /* No more process attached */ 1545 gdb_syscall_mode = GDB_SYS_DISABLED; 1546 gdb_continue(); 1547 } 1548 put_packet("OK"); 1549} 1550 1551static void handle_thread_alive(GdbCmdContext *gdb_ctx, void *user_ctx) 1552{ 1553 CPUState *cpu; 1554 1555 if (!gdb_ctx->num_params) { 1556 put_packet("E22"); 1557 return; 1558 } 1559 1560 if (gdb_ctx->params[0].thread_id.kind == GDB_READ_THREAD_ERR) { 1561 put_packet("E22"); 1562 return; 1563 } 1564 1565 cpu = gdb_get_cpu(gdb_ctx->params[0].thread_id.pid, 1566 gdb_ctx->params[0].thread_id.tid); 1567 if (!cpu) { 1568 put_packet("E22"); 1569 return; 1570 } 1571 1572 put_packet("OK"); 1573} 1574 1575static void handle_continue(GdbCmdContext *gdb_ctx, void *user_ctx) 1576{ 1577 if (gdb_ctx->num_params) { 1578 gdb_set_cpu_pc(gdb_ctx->params[0].val_ull); 1579 } 1580 1581 gdbserver_state.signal = 0; 1582 gdb_continue(); 1583} 1584 1585static void handle_cont_with_sig(GdbCmdContext *gdb_ctx, void *user_ctx) 1586{ 1587 unsigned long signal = 0; 1588 1589 /* 1590 * Note: C sig;[addr] is currently unsupported and we simply 1591 * omit the addr parameter 1592 */ 1593 if (gdb_ctx->num_params) { 1594 signal = gdb_ctx->params[0].val_ul; 1595 } 1596 1597 gdbserver_state.signal = gdb_signal_to_target(signal); 1598 if (gdbserver_state.signal == -1) { 1599 gdbserver_state.signal = 0; 1600 } 1601 gdb_continue(); 1602} 1603 1604static void handle_set_thread(GdbCmdContext *gdb_ctx, void *user_ctx) 1605{ 1606 CPUState *cpu; 1607 1608 if (gdb_ctx->num_params != 2) { 1609 put_packet("E22"); 1610 return; 1611 } 1612 1613 if (gdb_ctx->params[1].thread_id.kind == GDB_READ_THREAD_ERR) { 1614 put_packet("E22"); 1615 return; 1616 } 1617 1618 if (gdb_ctx->params[1].thread_id.kind != GDB_ONE_THREAD) { 1619 put_packet("OK"); 1620 return; 1621 } 1622 1623 cpu = gdb_get_cpu(gdb_ctx->params[1].thread_id.pid, 1624 gdb_ctx->params[1].thread_id.tid); 1625 if (!cpu) { 1626 put_packet("E22"); 1627 return; 1628 } 1629 1630 /* 1631 * Note: This command is deprecated and modern gdb's will be using the 1632 * vCont command instead. 1633 */ 1634 switch (gdb_ctx->params[0].opcode) { 1635 case 'c': 1636 gdbserver_state.c_cpu = cpu; 1637 put_packet("OK"); 1638 break; 1639 case 'g': 1640 gdbserver_state.g_cpu = cpu; 1641 put_packet("OK"); 1642 break; 1643 default: 1644 put_packet("E22"); 1645 break; 1646 } 1647} 1648 1649static void handle_insert_bp(GdbCmdContext *gdb_ctx, void *user_ctx) 1650{ 1651 int res; 1652 1653 if (gdb_ctx->num_params != 3) { 1654 put_packet("E22"); 1655 return; 1656 } 1657 1658 res = gdb_breakpoint_insert(gdb_ctx->params[0].val_ul, 1659 gdb_ctx->params[1].val_ull, 1660 gdb_ctx->params[2].val_ull); 1661 if (res >= 0) { 1662 put_packet("OK"); 1663 return; 1664 } else if (res == -ENOSYS) { 1665 put_packet(""); 1666 return; 1667 } 1668 1669 put_packet("E22"); 1670} 1671 1672static void handle_remove_bp(GdbCmdContext *gdb_ctx, void *user_ctx) 1673{ 1674 int res; 1675 1676 if (gdb_ctx->num_params != 3) { 1677 put_packet("E22"); 1678 return; 1679 } 1680 1681 res = gdb_breakpoint_remove(gdb_ctx->params[0].val_ul, 1682 gdb_ctx->params[1].val_ull, 1683 gdb_ctx->params[2].val_ull); 1684 if (res >= 0) { 1685 put_packet("OK"); 1686 return; 1687 } else if (res == -ENOSYS) { 1688 put_packet(""); 1689 return; 1690 } 1691 1692 put_packet("E22"); 1693} 1694 1695/* 1696 * handle_set/get_reg 1697 * 1698 * Older gdb are really dumb, and don't use 'G/g' if 'P/p' is available. 1699 * This works, but can be very slow. Anything new enough to understand 1700 * XML also knows how to use this properly. However to use this we 1701 * need to define a local XML file as well as be talking to a 1702 * reasonably modern gdb. Responding with an empty packet will cause 1703 * the remote gdb to fallback to older methods. 1704 */ 1705 1706static void handle_set_reg(GdbCmdContext *gdb_ctx, void *user_ctx) 1707{ 1708 int reg_size; 1709 1710 if (!gdb_has_xml) { 1711 put_packet(""); 1712 return; 1713 } 1714 1715 if (gdb_ctx->num_params != 2) { 1716 put_packet("E22"); 1717 return; 1718 } 1719 1720 reg_size = strlen(gdb_ctx->params[1].data) / 2; 1721 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[1].data, reg_size); 1722 gdb_write_register(gdbserver_state.g_cpu, gdbserver_state.mem_buf->data, 1723 gdb_ctx->params[0].val_ull); 1724 put_packet("OK"); 1725} 1726 1727static void handle_get_reg(GdbCmdContext *gdb_ctx, void *user_ctx) 1728{ 1729 int reg_size; 1730 1731 if (!gdb_has_xml) { 1732 put_packet(""); 1733 return; 1734 } 1735 1736 if (!gdb_ctx->num_params) { 1737 put_packet("E14"); 1738 return; 1739 } 1740 1741 reg_size = gdb_read_register(gdbserver_state.g_cpu, 1742 gdbserver_state.mem_buf, 1743 gdb_ctx->params[0].val_ull); 1744 if (!reg_size) { 1745 put_packet("E14"); 1746 return; 1747 } else { 1748 g_byte_array_set_size(gdbserver_state.mem_buf, reg_size); 1749 } 1750 1751 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, reg_size); 1752 put_strbuf(); 1753} 1754 1755static void handle_write_mem(GdbCmdContext *gdb_ctx, void *user_ctx) 1756{ 1757 if (gdb_ctx->num_params != 3) { 1758 put_packet("E22"); 1759 return; 1760 } 1761 1762 /* hextomem() reads 2*len bytes */ 1763 if (gdb_ctx->params[1].val_ull > strlen(gdb_ctx->params[2].data) / 2) { 1764 put_packet("E22"); 1765 return; 1766 } 1767 1768 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[2].data, 1769 gdb_ctx->params[1].val_ull); 1770 if (target_memory_rw_debug(gdbserver_state.g_cpu, gdb_ctx->params[0].val_ull, 1771 gdbserver_state.mem_buf->data, 1772 gdbserver_state.mem_buf->len, true)) { 1773 put_packet("E14"); 1774 return; 1775 } 1776 1777 put_packet("OK"); 1778} 1779 1780static void handle_read_mem(GdbCmdContext *gdb_ctx, void *user_ctx) 1781{ 1782 if (gdb_ctx->num_params != 2) { 1783 put_packet("E22"); 1784 return; 1785 } 1786 1787 /* memtohex() doubles the required space */ 1788 if (gdb_ctx->params[1].val_ull > MAX_PACKET_LENGTH / 2) { 1789 put_packet("E22"); 1790 return; 1791 } 1792 1793 g_byte_array_set_size(gdbserver_state.mem_buf, gdb_ctx->params[1].val_ull); 1794 1795 if (target_memory_rw_debug(gdbserver_state.g_cpu, gdb_ctx->params[0].val_ull, 1796 gdbserver_state.mem_buf->data, 1797 gdbserver_state.mem_buf->len, false)) { 1798 put_packet("E14"); 1799 return; 1800 } 1801 1802 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, 1803 gdbserver_state.mem_buf->len); 1804 put_strbuf(); 1805} 1806 1807static void handle_write_all_regs(GdbCmdContext *gdb_ctx, void *user_ctx) 1808{ 1809 target_ulong addr, len; 1810 uint8_t *registers; 1811 int reg_size; 1812 1813 if (!gdb_ctx->num_params) { 1814 return; 1815 } 1816 1817 cpu_synchronize_state(gdbserver_state.g_cpu); 1818 len = strlen(gdb_ctx->params[0].data) / 2; 1819 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[0].data, len); 1820 registers = gdbserver_state.mem_buf->data; 1821 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs && len > 0; 1822 addr++) { 1823 reg_size = gdb_write_register(gdbserver_state.g_cpu, registers, addr); 1824 len -= reg_size; 1825 registers += reg_size; 1826 } 1827 put_packet("OK"); 1828} 1829 1830static void handle_read_all_regs(GdbCmdContext *gdb_ctx, void *user_ctx) 1831{ 1832 target_ulong addr, len; 1833 1834 cpu_synchronize_state(gdbserver_state.g_cpu); 1835 g_byte_array_set_size(gdbserver_state.mem_buf, 0); 1836 len = 0; 1837 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs; addr++) { 1838 len += gdb_read_register(gdbserver_state.g_cpu, 1839 gdbserver_state.mem_buf, 1840 addr); 1841 } 1842 g_assert(len == gdbserver_state.mem_buf->len); 1843 1844 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, len); 1845 put_strbuf(); 1846} 1847 1848static void handle_file_io(GdbCmdContext *gdb_ctx, void *user_ctx) 1849{ 1850 if (gdb_ctx->num_params >= 1 && gdbserver_state.current_syscall_cb) { 1851 target_ulong ret, err; 1852 1853 ret = (target_ulong)gdb_ctx->params[0].val_ull; 1854 if (gdb_ctx->num_params >= 2) { 1855 err = (target_ulong)gdb_ctx->params[1].val_ull; 1856 } else { 1857 err = 0; 1858 } 1859 gdbserver_state.current_syscall_cb(gdbserver_state.c_cpu, ret, err); 1860 gdbserver_state.current_syscall_cb = NULL; 1861 } 1862 1863 if (gdb_ctx->num_params >= 3 && gdb_ctx->params[2].opcode == (uint8_t)'C') { 1864 put_packet("T02"); 1865 return; 1866 } 1867 1868 gdb_continue(); 1869} 1870 1871static void handle_step(GdbCmdContext *gdb_ctx, void *user_ctx) 1872{ 1873 if (gdb_ctx->num_params) { 1874 gdb_set_cpu_pc((target_ulong)gdb_ctx->params[0].val_ull); 1875 } 1876 1877 cpu_single_step(gdbserver_state.c_cpu, sstep_flags); 1878 gdb_continue(); 1879} 1880 1881static void handle_v_cont_query(GdbCmdContext *gdb_ctx, void *user_ctx) 1882{ 1883 put_packet("vCont;c;C;s;S"); 1884} 1885 1886static void handle_v_cont(GdbCmdContext *gdb_ctx, void *user_ctx) 1887{ 1888 int res; 1889 1890 if (!gdb_ctx->num_params) { 1891 return; 1892 } 1893 1894 res = gdb_handle_vcont(gdb_ctx->params[0].data); 1895 if ((res == -EINVAL) || (res == -ERANGE)) { 1896 put_packet("E22"); 1897 } else if (res) { 1898 put_packet(""); 1899 } 1900} 1901 1902static void handle_v_attach(GdbCmdContext *gdb_ctx, void *user_ctx) 1903{ 1904 GDBProcess *process; 1905 CPUState *cpu; 1906 1907 g_string_assign(gdbserver_state.str_buf, "E22"); 1908 if (!gdb_ctx->num_params) { 1909 goto cleanup; 1910 } 1911 1912 process = gdb_get_process(gdb_ctx->params[0].val_ul); 1913 if (!process) { 1914 goto cleanup; 1915 } 1916 1917 cpu = get_first_cpu_in_process(process); 1918 if (!cpu) { 1919 goto cleanup; 1920 } 1921 1922 process->attached = true; 1923 gdbserver_state.g_cpu = cpu; 1924 gdbserver_state.c_cpu = cpu; 1925 1926 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP); 1927 gdb_append_thread_id(cpu, gdbserver_state.str_buf); 1928 g_string_append_c(gdbserver_state.str_buf, ';'); 1929cleanup: 1930 put_strbuf(); 1931} 1932 1933static void handle_v_kill(GdbCmdContext *gdb_ctx, void *user_ctx) 1934{ 1935 /* Kill the target */ 1936 put_packet("OK"); 1937 error_report("QEMU: Terminated via GDBstub"); 1938 exit(0); 1939} 1940 1941static GdbCmdParseEntry gdb_v_commands_table[] = { 1942 /* Order is important if has same prefix */ 1943 { 1944 .handler = handle_v_cont_query, 1945 .cmd = "Cont?", 1946 .cmd_startswith = 1 1947 }, 1948 { 1949 .handler = handle_v_cont, 1950 .cmd = "Cont", 1951 .cmd_startswith = 1, 1952 .schema = "s0" 1953 }, 1954 { 1955 .handler = handle_v_attach, 1956 .cmd = "Attach;", 1957 .cmd_startswith = 1, 1958 .schema = "l0" 1959 }, 1960 { 1961 .handler = handle_v_kill, 1962 .cmd = "Kill;", 1963 .cmd_startswith = 1 1964 }, 1965}; 1966 1967static void handle_v_commands(GdbCmdContext *gdb_ctx, void *user_ctx) 1968{ 1969 if (!gdb_ctx->num_params) { 1970 return; 1971 } 1972 1973 if (process_string_cmd(NULL, gdb_ctx->params[0].data, 1974 gdb_v_commands_table, 1975 ARRAY_SIZE(gdb_v_commands_table))) { 1976 put_packet(""); 1977 } 1978} 1979 1980static void handle_query_qemu_sstepbits(GdbCmdContext *gdb_ctx, void *user_ctx) 1981{ 1982 g_string_printf(gdbserver_state.str_buf, "ENABLE=%x,NOIRQ=%x,NOTIMER=%x", 1983 SSTEP_ENABLE, SSTEP_NOIRQ, SSTEP_NOTIMER); 1984 put_strbuf(); 1985} 1986 1987static void handle_set_qemu_sstep(GdbCmdContext *gdb_ctx, void *user_ctx) 1988{ 1989 if (!gdb_ctx->num_params) { 1990 return; 1991 } 1992 1993 sstep_flags = gdb_ctx->params[0].val_ul; 1994 put_packet("OK"); 1995} 1996 1997static void handle_query_qemu_sstep(GdbCmdContext *gdb_ctx, void *user_ctx) 1998{ 1999 g_string_printf(gdbserver_state.str_buf, "0x%x", sstep_flags); 2000 put_strbuf(); 2001} 2002 2003static void handle_query_curr_tid(GdbCmdContext *gdb_ctx, void *user_ctx) 2004{ 2005 CPUState *cpu; 2006 GDBProcess *process; 2007 2008 /* 2009 * "Current thread" remains vague in the spec, so always return 2010 * the first thread of the current process (gdb returns the 2011 * first thread). 2012 */ 2013 process = gdb_get_cpu_process(gdbserver_state.g_cpu); 2014 cpu = get_first_cpu_in_process(process); 2015 g_string_assign(gdbserver_state.str_buf, "QC"); 2016 gdb_append_thread_id(cpu, gdbserver_state.str_buf); 2017 put_strbuf(); 2018} 2019 2020static void handle_query_threads(GdbCmdContext *gdb_ctx, void *user_ctx) 2021{ 2022 if (!gdbserver_state.query_cpu) { 2023 put_packet("l"); 2024 return; 2025 } 2026 2027 g_string_assign(gdbserver_state.str_buf, "m"); 2028 gdb_append_thread_id(gdbserver_state.query_cpu, gdbserver_state.str_buf); 2029 put_strbuf(); 2030 gdbserver_state.query_cpu = gdb_next_attached_cpu(gdbserver_state.query_cpu); 2031} 2032 2033static void handle_query_first_threads(GdbCmdContext *gdb_ctx, void *user_ctx) 2034{ 2035 gdbserver_state.query_cpu = gdb_first_attached_cpu(); 2036 handle_query_threads(gdb_ctx, user_ctx); 2037} 2038 2039static void handle_query_thread_extra(GdbCmdContext *gdb_ctx, void *user_ctx) 2040{ 2041 g_autoptr(GString) rs = g_string_new(NULL); 2042 CPUState *cpu; 2043 2044 if (!gdb_ctx->num_params || 2045 gdb_ctx->params[0].thread_id.kind == GDB_READ_THREAD_ERR) { 2046 put_packet("E22"); 2047 return; 2048 } 2049 2050 cpu = gdb_get_cpu(gdb_ctx->params[0].thread_id.pid, 2051 gdb_ctx->params[0].thread_id.tid); 2052 if (!cpu) { 2053 return; 2054 } 2055 2056 cpu_synchronize_state(cpu); 2057 2058 if (gdbserver_state.multiprocess && (gdbserver_state.process_num > 1)) { 2059 /* Print the CPU model and name in multiprocess mode */ 2060 ObjectClass *oc = object_get_class(OBJECT(cpu)); 2061 const char *cpu_model = object_class_get_name(oc); 2062 g_autofree char *cpu_name = 2063 object_get_canonical_path_component(OBJECT(cpu)); 2064 g_string_printf(rs, "%s %s [%s]", cpu_model, cpu_name, 2065 cpu->halted ? "halted " : "running"); 2066 } else { 2067 g_string_printf(rs, "CPU#%d [%s]", cpu->cpu_index, 2068 cpu->halted ? "halted " : "running"); 2069 } 2070 trace_gdbstub_op_extra_info(rs->str); 2071 memtohex(gdbserver_state.str_buf, (uint8_t *)rs->str, rs->len); 2072 put_strbuf(); 2073} 2074 2075#ifdef CONFIG_USER_ONLY 2076static void handle_query_offsets(GdbCmdContext *gdb_ctx, void *user_ctx) 2077{ 2078 TaskState *ts; 2079 2080 ts = gdbserver_state.c_cpu->opaque; 2081 g_string_printf(gdbserver_state.str_buf, 2082 "Text=" TARGET_ABI_FMT_lx 2083 ";Data=" TARGET_ABI_FMT_lx 2084 ";Bss=" TARGET_ABI_FMT_lx, 2085 ts->info->code_offset, 2086 ts->info->data_offset, 2087 ts->info->data_offset); 2088 put_strbuf(); 2089} 2090#else 2091static void handle_query_rcmd(GdbCmdContext *gdb_ctx, void *user_ctx) 2092{ 2093 const guint8 zero = 0; 2094 int len; 2095 2096 if (!gdb_ctx->num_params) { 2097 put_packet("E22"); 2098 return; 2099 } 2100 2101 len = strlen(gdb_ctx->params[0].data); 2102 if (len % 2) { 2103 put_packet("E01"); 2104 return; 2105 } 2106 2107 g_assert(gdbserver_state.mem_buf->len == 0); 2108 len = len / 2; 2109 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[0].data, len); 2110 g_byte_array_append(gdbserver_state.mem_buf, &zero, 1); 2111 qemu_chr_be_write(gdbserver_state.mon_chr, gdbserver_state.mem_buf->data, 2112 gdbserver_state.mem_buf->len); 2113 put_packet("OK"); 2114} 2115#endif 2116 2117static void handle_query_supported(GdbCmdContext *gdb_ctx, void *user_ctx) 2118{ 2119 CPUClass *cc; 2120 2121 g_string_printf(gdbserver_state.str_buf, "PacketSize=%x", MAX_PACKET_LENGTH); 2122 cc = CPU_GET_CLASS(first_cpu); 2123 if (cc->gdb_core_xml_file) { 2124 g_string_append(gdbserver_state.str_buf, ";qXfer:features:read+"); 2125 } 2126 2127 if (gdb_ctx->num_params && 2128 strstr(gdb_ctx->params[0].data, "multiprocess+")) { 2129 gdbserver_state.multiprocess = true; 2130 } 2131 2132 g_string_append(gdbserver_state.str_buf, ";vContSupported+;multiprocess+"); 2133 put_strbuf(); 2134} 2135 2136static void handle_query_xfer_features(GdbCmdContext *gdb_ctx, void *user_ctx) 2137{ 2138 GDBProcess *process; 2139 CPUClass *cc; 2140 unsigned long len, total_len, addr; 2141 const char *xml; 2142 const char *p; 2143 2144 if (gdb_ctx->num_params < 3) { 2145 put_packet("E22"); 2146 return; 2147 } 2148 2149 process = gdb_get_cpu_process(gdbserver_state.g_cpu); 2150 cc = CPU_GET_CLASS(gdbserver_state.g_cpu); 2151 if (!cc->gdb_core_xml_file) { 2152 put_packet(""); 2153 return; 2154 } 2155 2156 gdb_has_xml = true; 2157 p = gdb_ctx->params[0].data; 2158 xml = get_feature_xml(p, &p, process); 2159 if (!xml) { 2160 put_packet("E00"); 2161 return; 2162 } 2163 2164 addr = gdb_ctx->params[1].val_ul; 2165 len = gdb_ctx->params[2].val_ul; 2166 total_len = strlen(xml); 2167 if (addr > total_len) { 2168 put_packet("E00"); 2169 return; 2170 } 2171 2172 if (len > (MAX_PACKET_LENGTH - 5) / 2) { 2173 len = (MAX_PACKET_LENGTH - 5) / 2; 2174 } 2175 2176 if (len < total_len - addr) { 2177 g_string_assign(gdbserver_state.str_buf, "m"); 2178 memtox(gdbserver_state.str_buf, xml + addr, len); 2179 } else { 2180 g_string_assign(gdbserver_state.str_buf, "l"); 2181 memtox(gdbserver_state.str_buf, xml + addr, total_len - addr); 2182 } 2183 2184 put_packet_binary(gdbserver_state.str_buf->str, 2185 gdbserver_state.str_buf->len, true); 2186} 2187 2188static void handle_query_attached(GdbCmdContext *gdb_ctx, void *user_ctx) 2189{ 2190 put_packet(GDB_ATTACHED); 2191} 2192 2193static void handle_query_qemu_supported(GdbCmdContext *gdb_ctx, void *user_ctx) 2194{ 2195 g_string_printf(gdbserver_state.str_buf, "sstepbits;sstep"); 2196#ifndef CONFIG_USER_ONLY 2197 g_string_append(gdbserver_state.str_buf, ";PhyMemMode"); 2198#endif 2199 put_strbuf(); 2200} 2201 2202#ifndef CONFIG_USER_ONLY 2203static void handle_query_qemu_phy_mem_mode(GdbCmdContext *gdb_ctx, 2204 void *user_ctx) 2205{ 2206 g_string_printf(gdbserver_state.str_buf, "%d", phy_memory_mode); 2207 put_strbuf(); 2208} 2209 2210static void handle_set_qemu_phy_mem_mode(GdbCmdContext *gdb_ctx, void *user_ctx) 2211{ 2212 if (!gdb_ctx->num_params) { 2213 put_packet("E22"); 2214 return; 2215 } 2216 2217 if (!gdb_ctx->params[0].val_ul) { 2218 phy_memory_mode = 0; 2219 } else { 2220 phy_memory_mode = 1; 2221 } 2222 put_packet("OK"); 2223} 2224#endif 2225 2226static GdbCmdParseEntry gdb_gen_query_set_common_table[] = { 2227 /* Order is important if has same prefix */ 2228 { 2229 .handler = handle_query_qemu_sstepbits, 2230 .cmd = "qemu.sstepbits", 2231 }, 2232 { 2233 .handler = handle_query_qemu_sstep, 2234 .cmd = "qemu.sstep", 2235 }, 2236 { 2237 .handler = handle_set_qemu_sstep, 2238 .cmd = "qemu.sstep=", 2239 .cmd_startswith = 1, 2240 .schema = "l0" 2241 }, 2242}; 2243 2244static GdbCmdParseEntry gdb_gen_query_table[] = { 2245 { 2246 .handler = handle_query_curr_tid, 2247 .cmd = "C", 2248 }, 2249 { 2250 .handler = handle_query_threads, 2251 .cmd = "sThreadInfo", 2252 }, 2253 { 2254 .handler = handle_query_first_threads, 2255 .cmd = "fThreadInfo", 2256 }, 2257 { 2258 .handler = handle_query_thread_extra, 2259 .cmd = "ThreadExtraInfo,", 2260 .cmd_startswith = 1, 2261 .schema = "t0" 2262 }, 2263#ifdef CONFIG_USER_ONLY 2264 { 2265 .handler = handle_query_offsets, 2266 .cmd = "Offsets", 2267 }, 2268#else 2269 { 2270 .handler = handle_query_rcmd, 2271 .cmd = "Rcmd,", 2272 .cmd_startswith = 1, 2273 .schema = "s0" 2274 }, 2275#endif 2276 { 2277 .handler = handle_query_supported, 2278 .cmd = "Supported:", 2279 .cmd_startswith = 1, 2280 .schema = "s0" 2281 }, 2282 { 2283 .handler = handle_query_supported, 2284 .cmd = "Supported", 2285 .schema = "s0" 2286 }, 2287 { 2288 .handler = handle_query_xfer_features, 2289 .cmd = "Xfer:features:read:", 2290 .cmd_startswith = 1, 2291 .schema = "s:l,l0" 2292 }, 2293 { 2294 .handler = handle_query_attached, 2295 .cmd = "Attached:", 2296 .cmd_startswith = 1 2297 }, 2298 { 2299 .handler = handle_query_attached, 2300 .cmd = "Attached", 2301 }, 2302 { 2303 .handler = handle_query_qemu_supported, 2304 .cmd = "qemu.Supported", 2305 }, 2306#ifndef CONFIG_USER_ONLY 2307 { 2308 .handler = handle_query_qemu_phy_mem_mode, 2309 .cmd = "qemu.PhyMemMode", 2310 }, 2311#endif 2312}; 2313 2314static GdbCmdParseEntry gdb_gen_set_table[] = { 2315 /* Order is important if has same prefix */ 2316 { 2317 .handler = handle_set_qemu_sstep, 2318 .cmd = "qemu.sstep:", 2319 .cmd_startswith = 1, 2320 .schema = "l0" 2321 }, 2322#ifndef CONFIG_USER_ONLY 2323 { 2324 .handler = handle_set_qemu_phy_mem_mode, 2325 .cmd = "qemu.PhyMemMode:", 2326 .cmd_startswith = 1, 2327 .schema = "l0" 2328 }, 2329#endif 2330}; 2331 2332static void handle_gen_query(GdbCmdContext *gdb_ctx, void *user_ctx) 2333{ 2334 if (!gdb_ctx->num_params) { 2335 return; 2336 } 2337 2338 if (!process_string_cmd(NULL, gdb_ctx->params[0].data, 2339 gdb_gen_query_set_common_table, 2340 ARRAY_SIZE(gdb_gen_query_set_common_table))) { 2341 return; 2342 } 2343 2344 if (process_string_cmd(NULL, gdb_ctx->params[0].data, 2345 gdb_gen_query_table, 2346 ARRAY_SIZE(gdb_gen_query_table))) { 2347 put_packet(""); 2348 } 2349} 2350 2351static void handle_gen_set(GdbCmdContext *gdb_ctx, void *user_ctx) 2352{ 2353 if (!gdb_ctx->num_params) { 2354 return; 2355 } 2356 2357 if (!process_string_cmd(NULL, gdb_ctx->params[0].data, 2358 gdb_gen_query_set_common_table, 2359 ARRAY_SIZE(gdb_gen_query_set_common_table))) { 2360 return; 2361 } 2362 2363 if (process_string_cmd(NULL, gdb_ctx->params[0].data, 2364 gdb_gen_set_table, 2365 ARRAY_SIZE(gdb_gen_set_table))) { 2366 put_packet(""); 2367 } 2368} 2369 2370static void handle_target_halt(GdbCmdContext *gdb_ctx, void *user_ctx) 2371{ 2372 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP); 2373 gdb_append_thread_id(gdbserver_state.c_cpu, gdbserver_state.str_buf); 2374 g_string_append_c(gdbserver_state.str_buf, ';'); 2375 put_strbuf(); 2376 /* 2377 * Remove all the breakpoints when this query is issued, 2378 * because gdb is doing an initial connect and the state 2379 * should be cleaned up. 2380 */ 2381 gdb_breakpoint_remove_all(); 2382} 2383 2384static int gdb_handle_packet(const char *line_buf) 2385{ 2386 const GdbCmdParseEntry *cmd_parser = NULL; 2387 2388 trace_gdbstub_io_command(line_buf); 2389 2390 switch (line_buf[0]) { 2391 case '!': 2392 put_packet("OK"); 2393 break; 2394 case '?': 2395 { 2396 static const GdbCmdParseEntry target_halted_cmd_desc = { 2397 .handler = handle_target_halt, 2398 .cmd = "?", 2399 .cmd_startswith = 1 2400 }; 2401 cmd_parser = &target_halted_cmd_desc; 2402 } 2403 break; 2404 case 'c': 2405 { 2406 static const GdbCmdParseEntry continue_cmd_desc = { 2407 .handler = handle_continue, 2408 .cmd = "c", 2409 .cmd_startswith = 1, 2410 .schema = "L0" 2411 }; 2412 cmd_parser = &continue_cmd_desc; 2413 } 2414 break; 2415 case 'C': 2416 { 2417 static const GdbCmdParseEntry cont_with_sig_cmd_desc = { 2418 .handler = handle_cont_with_sig, 2419 .cmd = "C", 2420 .cmd_startswith = 1, 2421 .schema = "l0" 2422 }; 2423 cmd_parser = &cont_with_sig_cmd_desc; 2424 } 2425 break; 2426 case 'v': 2427 { 2428 static const GdbCmdParseEntry v_cmd_desc = { 2429 .handler = handle_v_commands, 2430 .cmd = "v", 2431 .cmd_startswith = 1, 2432 .schema = "s0" 2433 }; 2434 cmd_parser = &v_cmd_desc; 2435 } 2436 break; 2437 case 'k': 2438 /* Kill the target */ 2439 error_report("QEMU: Terminated via GDBstub"); 2440 exit(0); 2441 case 'D': 2442 { 2443 static const GdbCmdParseEntry detach_cmd_desc = { 2444 .handler = handle_detach, 2445 .cmd = "D", 2446 .cmd_startswith = 1, 2447 .schema = "?.l0" 2448 }; 2449 cmd_parser = &detach_cmd_desc; 2450 } 2451 break; 2452 case 's': 2453 { 2454 static const GdbCmdParseEntry step_cmd_desc = { 2455 .handler = handle_step, 2456 .cmd = "s", 2457 .cmd_startswith = 1, 2458 .schema = "L0" 2459 }; 2460 cmd_parser = &step_cmd_desc; 2461 } 2462 break; 2463 case 'F': 2464 { 2465 static const GdbCmdParseEntry file_io_cmd_desc = { 2466 .handler = handle_file_io, 2467 .cmd = "F", 2468 .cmd_startswith = 1, 2469 .schema = "L,L,o0" 2470 }; 2471 cmd_parser = &file_io_cmd_desc; 2472 } 2473 break; 2474 case 'g': 2475 { 2476 static const GdbCmdParseEntry read_all_regs_cmd_desc = { 2477 .handler = handle_read_all_regs, 2478 .cmd = "g", 2479 .cmd_startswith = 1 2480 }; 2481 cmd_parser = &read_all_regs_cmd_desc; 2482 } 2483 break; 2484 case 'G': 2485 { 2486 static const GdbCmdParseEntry write_all_regs_cmd_desc = { 2487 .handler = handle_write_all_regs, 2488 .cmd = "G", 2489 .cmd_startswith = 1, 2490 .schema = "s0" 2491 }; 2492 cmd_parser = &write_all_regs_cmd_desc; 2493 } 2494 break; 2495 case 'm': 2496 { 2497 static const GdbCmdParseEntry read_mem_cmd_desc = { 2498 .handler = handle_read_mem, 2499 .cmd = "m", 2500 .cmd_startswith = 1, 2501 .schema = "L,L0" 2502 }; 2503 cmd_parser = &read_mem_cmd_desc; 2504 } 2505 break; 2506 case 'M': 2507 { 2508 static const GdbCmdParseEntry write_mem_cmd_desc = { 2509 .handler = handle_write_mem, 2510 .cmd = "M", 2511 .cmd_startswith = 1, 2512 .schema = "L,L:s0" 2513 }; 2514 cmd_parser = &write_mem_cmd_desc; 2515 } 2516 break; 2517 case 'p': 2518 { 2519 static const GdbCmdParseEntry get_reg_cmd_desc = { 2520 .handler = handle_get_reg, 2521 .cmd = "p", 2522 .cmd_startswith = 1, 2523 .schema = "L0" 2524 }; 2525 cmd_parser = &get_reg_cmd_desc; 2526 } 2527 break; 2528 case 'P': 2529 { 2530 static const GdbCmdParseEntry set_reg_cmd_desc = { 2531 .handler = handle_set_reg, 2532 .cmd = "P", 2533 .cmd_startswith = 1, 2534 .schema = "L?s0" 2535 }; 2536 cmd_parser = &set_reg_cmd_desc; 2537 } 2538 break; 2539 case 'Z': 2540 { 2541 static const GdbCmdParseEntry insert_bp_cmd_desc = { 2542 .handler = handle_insert_bp, 2543 .cmd = "Z", 2544 .cmd_startswith = 1, 2545 .schema = "l?L?L0" 2546 }; 2547 cmd_parser = &insert_bp_cmd_desc; 2548 } 2549 break; 2550 case 'z': 2551 { 2552 static const GdbCmdParseEntry remove_bp_cmd_desc = { 2553 .handler = handle_remove_bp, 2554 .cmd = "z", 2555 .cmd_startswith = 1, 2556 .schema = "l?L?L0" 2557 }; 2558 cmd_parser = &remove_bp_cmd_desc; 2559 } 2560 break; 2561 case 'H': 2562 { 2563 static const GdbCmdParseEntry set_thread_cmd_desc = { 2564 .handler = handle_set_thread, 2565 .cmd = "H", 2566 .cmd_startswith = 1, 2567 .schema = "o.t0" 2568 }; 2569 cmd_parser = &set_thread_cmd_desc; 2570 } 2571 break; 2572 case 'T': 2573 { 2574 static const GdbCmdParseEntry thread_alive_cmd_desc = { 2575 .handler = handle_thread_alive, 2576 .cmd = "T", 2577 .cmd_startswith = 1, 2578 .schema = "t0" 2579 }; 2580 cmd_parser = &thread_alive_cmd_desc; 2581 } 2582 break; 2583 case 'q': 2584 { 2585 static const GdbCmdParseEntry gen_query_cmd_desc = { 2586 .handler = handle_gen_query, 2587 .cmd = "q", 2588 .cmd_startswith = 1, 2589 .schema = "s0" 2590 }; 2591 cmd_parser = &gen_query_cmd_desc; 2592 } 2593 break; 2594 case 'Q': 2595 { 2596 static const GdbCmdParseEntry gen_set_cmd_desc = { 2597 .handler = handle_gen_set, 2598 .cmd = "Q", 2599 .cmd_startswith = 1, 2600 .schema = "s0" 2601 }; 2602 cmd_parser = &gen_set_cmd_desc; 2603 } 2604 break; 2605 default: 2606 /* put empty packet */ 2607 put_packet(""); 2608 break; 2609 } 2610 2611 if (cmd_parser) { 2612 run_cmd_parser(line_buf, cmd_parser); 2613 } 2614 2615 return RS_IDLE; 2616} 2617 2618void gdb_set_stop_cpu(CPUState *cpu) 2619{ 2620 GDBProcess *p = gdb_get_cpu_process(cpu); 2621 2622 if (!p->attached) { 2623 /* 2624 * Having a stop CPU corresponding to a process that is not attached 2625 * confuses GDB. So we ignore the request. 2626 */ 2627 return; 2628 } 2629 2630 gdbserver_state.c_cpu = cpu; 2631 gdbserver_state.g_cpu = cpu; 2632} 2633 2634#ifndef CONFIG_USER_ONLY 2635static void gdb_vm_state_change(void *opaque, int running, RunState state) 2636{ 2637 CPUState *cpu = gdbserver_state.c_cpu; 2638 g_autoptr(GString) buf = g_string_new(NULL); 2639 g_autoptr(GString) tid = g_string_new(NULL); 2640 const char *type; 2641 int ret; 2642 2643 if (running || gdbserver_state.state == RS_INACTIVE) { 2644 return; 2645 } 2646 /* Is there a GDB syscall waiting to be sent? */ 2647 if (gdbserver_state.current_syscall_cb) { 2648 put_packet(gdbserver_state.syscall_buf); 2649 return; 2650 } 2651 2652 if (cpu == NULL) { 2653 /* No process attached */ 2654 return; 2655 } 2656 2657 gdb_append_thread_id(cpu, tid); 2658 2659 switch (state) { 2660 case RUN_STATE_DEBUG: 2661 if (cpu->watchpoint_hit) { 2662 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) { 2663 case BP_MEM_READ: 2664 type = "r"; 2665 break; 2666 case BP_MEM_ACCESS: 2667 type = "a"; 2668 break; 2669 default: 2670 type = ""; 2671 break; 2672 } 2673 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu), 2674 (target_ulong)cpu->watchpoint_hit->vaddr); 2675 g_string_printf(buf, "T%02xthread:%s;%swatch:" TARGET_FMT_lx ";", 2676 GDB_SIGNAL_TRAP, tid->str, type, 2677 (target_ulong)cpu->watchpoint_hit->vaddr); 2678 cpu->watchpoint_hit = NULL; 2679 goto send_packet; 2680 } else { 2681 trace_gdbstub_hit_break(); 2682 } 2683 tb_flush(cpu); 2684 ret = GDB_SIGNAL_TRAP; 2685 break; 2686 case RUN_STATE_PAUSED: 2687 trace_gdbstub_hit_paused(); 2688 ret = GDB_SIGNAL_INT; 2689 break; 2690 case RUN_STATE_SHUTDOWN: 2691 trace_gdbstub_hit_shutdown(); 2692 ret = GDB_SIGNAL_QUIT; 2693 break; 2694 case RUN_STATE_IO_ERROR: 2695 trace_gdbstub_hit_io_error(); 2696 ret = GDB_SIGNAL_IO; 2697 break; 2698 case RUN_STATE_WATCHDOG: 2699 trace_gdbstub_hit_watchdog(); 2700 ret = GDB_SIGNAL_ALRM; 2701 break; 2702 case RUN_STATE_INTERNAL_ERROR: 2703 trace_gdbstub_hit_internal_error(); 2704 ret = GDB_SIGNAL_ABRT; 2705 break; 2706 case RUN_STATE_SAVE_VM: 2707 case RUN_STATE_RESTORE_VM: 2708 return; 2709 case RUN_STATE_FINISH_MIGRATE: 2710 ret = GDB_SIGNAL_XCPU; 2711 break; 2712 default: 2713 trace_gdbstub_hit_unknown(state); 2714 ret = GDB_SIGNAL_UNKNOWN; 2715 break; 2716 } 2717 gdb_set_stop_cpu(cpu); 2718 g_string_printf(buf, "T%02xthread:%s;", ret, tid->str); 2719 2720send_packet: 2721 put_packet(buf->str); 2722 2723 /* disable single step if it was enabled */ 2724 cpu_single_step(cpu, 0); 2725} 2726#endif 2727 2728/* Send a gdb syscall request. 2729 This accepts limited printf-style format specifiers, specifically: 2730 %x - target_ulong argument printed in hex. 2731 %lx - 64-bit argument printed in hex. 2732 %s - string pointer (target_ulong) and length (int) pair. */ 2733void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va) 2734{ 2735 char *p; 2736 char *p_end; 2737 target_ulong addr; 2738 uint64_t i64; 2739 2740 if (!gdbserver_state.init) { 2741 return; 2742 } 2743 2744 gdbserver_state.current_syscall_cb = cb; 2745#ifndef CONFIG_USER_ONLY 2746 vm_stop(RUN_STATE_DEBUG); 2747#endif 2748 p = &gdbserver_state.syscall_buf[0]; 2749 p_end = &gdbserver_state.syscall_buf[sizeof(gdbserver_state.syscall_buf)]; 2750 *(p++) = 'F'; 2751 while (*fmt) { 2752 if (*fmt == '%') { 2753 fmt++; 2754 switch (*fmt++) { 2755 case 'x': 2756 addr = va_arg(va, target_ulong); 2757 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr); 2758 break; 2759 case 'l': 2760 if (*(fmt++) != 'x') 2761 goto bad_format; 2762 i64 = va_arg(va, uint64_t); 2763 p += snprintf(p, p_end - p, "%" PRIx64, i64); 2764 break; 2765 case 's': 2766 addr = va_arg(va, target_ulong); 2767 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x", 2768 addr, va_arg(va, int)); 2769 break; 2770 default: 2771 bad_format: 2772 error_report("gdbstub: Bad syscall format string '%s'", 2773 fmt - 1); 2774 break; 2775 } 2776 } else { 2777 *(p++) = *(fmt++); 2778 } 2779 } 2780 *p = 0; 2781#ifdef CONFIG_USER_ONLY 2782 put_packet(gdbserver_state.syscall_buf); 2783 /* Return control to gdb for it to process the syscall request. 2784 * Since the protocol requires that gdb hands control back to us 2785 * using a "here are the results" F packet, we don't need to check 2786 * gdb_handlesig's return value (which is the signal to deliver if 2787 * execution was resumed via a continue packet). 2788 */ 2789 gdb_handlesig(gdbserver_state.c_cpu, 0); 2790#else 2791 /* In this case wait to send the syscall packet until notification that 2792 the CPU has stopped. This must be done because if the packet is sent 2793 now the reply from the syscall request could be received while the CPU 2794 is still in the running state, which can cause packets to be dropped 2795 and state transition 'T' packets to be sent while the syscall is still 2796 being processed. */ 2797 qemu_cpu_kick(gdbserver_state.c_cpu); 2798#endif 2799} 2800 2801void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...) 2802{ 2803 va_list va; 2804 2805 va_start(va, fmt); 2806 gdb_do_syscallv(cb, fmt, va); 2807 va_end(va); 2808} 2809 2810static void gdb_read_byte(uint8_t ch) 2811{ 2812 uint8_t reply; 2813 2814#ifndef CONFIG_USER_ONLY 2815 if (gdbserver_state.last_packet->len) { 2816 /* Waiting for a response to the last packet. If we see the start 2817 of a new command then abandon the previous response. */ 2818 if (ch == '-') { 2819 trace_gdbstub_err_got_nack(); 2820 put_buffer(gdbserver_state.last_packet->data, 2821 gdbserver_state.last_packet->len); 2822 } else if (ch == '+') { 2823 trace_gdbstub_io_got_ack(); 2824 } else { 2825 trace_gdbstub_io_got_unexpected(ch); 2826 } 2827 2828 if (ch == '+' || ch == '$') { 2829 g_byte_array_set_size(gdbserver_state.last_packet, 0); 2830 } 2831 if (ch != '$') 2832 return; 2833 } 2834 if (runstate_is_running()) { 2835 /* when the CPU is running, we cannot do anything except stop 2836 it when receiving a char */ 2837 vm_stop(RUN_STATE_PAUSED); 2838 } else 2839#endif 2840 { 2841 switch(gdbserver_state.state) { 2842 case RS_IDLE: 2843 if (ch == '$') { 2844 /* start of command packet */ 2845 gdbserver_state.line_buf_index = 0; 2846 gdbserver_state.line_sum = 0; 2847 gdbserver_state.state = RS_GETLINE; 2848 } else { 2849 trace_gdbstub_err_garbage(ch); 2850 } 2851 break; 2852 case RS_GETLINE: 2853 if (ch == '}') { 2854 /* start escape sequence */ 2855 gdbserver_state.state = RS_GETLINE_ESC; 2856 gdbserver_state.line_sum += ch; 2857 } else if (ch == '*') { 2858 /* start run length encoding sequence */ 2859 gdbserver_state.state = RS_GETLINE_RLE; 2860 gdbserver_state.line_sum += ch; 2861 } else if (ch == '#') { 2862 /* end of command, start of checksum*/ 2863 gdbserver_state.state = RS_CHKSUM1; 2864 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) { 2865 trace_gdbstub_err_overrun(); 2866 gdbserver_state.state = RS_IDLE; 2867 } else { 2868 /* unescaped command character */ 2869 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch; 2870 gdbserver_state.line_sum += ch; 2871 } 2872 break; 2873 case RS_GETLINE_ESC: 2874 if (ch == '#') { 2875 /* unexpected end of command in escape sequence */ 2876 gdbserver_state.state = RS_CHKSUM1; 2877 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) { 2878 /* command buffer overrun */ 2879 trace_gdbstub_err_overrun(); 2880 gdbserver_state.state = RS_IDLE; 2881 } else { 2882 /* parse escaped character and leave escape state */ 2883 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch ^ 0x20; 2884 gdbserver_state.line_sum += ch; 2885 gdbserver_state.state = RS_GETLINE; 2886 } 2887 break; 2888 case RS_GETLINE_RLE: 2889 /* 2890 * Run-length encoding is explained in "Debugging with GDB / 2891 * Appendix E GDB Remote Serial Protocol / Overview". 2892 */ 2893 if (ch < ' ' || ch == '#' || ch == '$' || ch > 126) { 2894 /* invalid RLE count encoding */ 2895 trace_gdbstub_err_invalid_repeat(ch); 2896 gdbserver_state.state = RS_GETLINE; 2897 } else { 2898 /* decode repeat length */ 2899 int repeat = ch - ' ' + 3; 2900 if (gdbserver_state.line_buf_index + repeat >= sizeof(gdbserver_state.line_buf) - 1) { 2901 /* that many repeats would overrun the command buffer */ 2902 trace_gdbstub_err_overrun(); 2903 gdbserver_state.state = RS_IDLE; 2904 } else if (gdbserver_state.line_buf_index < 1) { 2905 /* got a repeat but we have nothing to repeat */ 2906 trace_gdbstub_err_invalid_rle(); 2907 gdbserver_state.state = RS_GETLINE; 2908 } else { 2909 /* repeat the last character */ 2910 memset(gdbserver_state.line_buf + gdbserver_state.line_buf_index, 2911 gdbserver_state.line_buf[gdbserver_state.line_buf_index - 1], repeat); 2912 gdbserver_state.line_buf_index += repeat; 2913 gdbserver_state.line_sum += ch; 2914 gdbserver_state.state = RS_GETLINE; 2915 } 2916 } 2917 break; 2918 case RS_CHKSUM1: 2919 /* get high hex digit of checksum */ 2920 if (!isxdigit(ch)) { 2921 trace_gdbstub_err_checksum_invalid(ch); 2922 gdbserver_state.state = RS_GETLINE; 2923 break; 2924 } 2925 gdbserver_state.line_buf[gdbserver_state.line_buf_index] = '\0'; 2926 gdbserver_state.line_csum = fromhex(ch) << 4; 2927 gdbserver_state.state = RS_CHKSUM2; 2928 break; 2929 case RS_CHKSUM2: 2930 /* get low hex digit of checksum */ 2931 if (!isxdigit(ch)) { 2932 trace_gdbstub_err_checksum_invalid(ch); 2933 gdbserver_state.state = RS_GETLINE; 2934 break; 2935 } 2936 gdbserver_state.line_csum |= fromhex(ch); 2937 2938 if (gdbserver_state.line_csum != (gdbserver_state.line_sum & 0xff)) { 2939 trace_gdbstub_err_checksum_incorrect(gdbserver_state.line_sum, gdbserver_state.line_csum); 2940 /* send NAK reply */ 2941 reply = '-'; 2942 put_buffer(&reply, 1); 2943 gdbserver_state.state = RS_IDLE; 2944 } else { 2945 /* send ACK reply */ 2946 reply = '+'; 2947 put_buffer(&reply, 1); 2948 gdbserver_state.state = gdb_handle_packet(gdbserver_state.line_buf); 2949 } 2950 break; 2951 default: 2952 abort(); 2953 } 2954 } 2955} 2956 2957/* Tell the remote gdb that the process has exited. */ 2958void gdb_exit(CPUArchState *env, int code) 2959{ 2960 char buf[4]; 2961 2962 if (!gdbserver_state.init) { 2963 return; 2964 } 2965#ifdef CONFIG_USER_ONLY 2966 if (gdbserver_state.socket_path) { 2967 unlink(gdbserver_state.socket_path); 2968 } 2969 if (gdbserver_state.fd < 0) { 2970 return; 2971 } 2972#endif 2973 2974 trace_gdbstub_op_exiting((uint8_t)code); 2975 2976 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code); 2977 put_packet(buf); 2978 2979#ifndef CONFIG_USER_ONLY 2980 qemu_chr_fe_deinit(&gdbserver_state.chr, true); 2981#endif 2982} 2983 2984/* 2985 * Create the process that will contain all the "orphan" CPUs (that are not 2986 * part of a CPU cluster). Note that if this process contains no CPUs, it won't 2987 * be attachable and thus will be invisible to the user. 2988 */ 2989static void create_default_process(GDBState *s) 2990{ 2991 GDBProcess *process; 2992 int max_pid = 0; 2993 2994 if (gdbserver_state.process_num) { 2995 max_pid = s->processes[s->process_num - 1].pid; 2996 } 2997 2998 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num); 2999 process = &s->processes[s->process_num - 1]; 3000 3001 /* We need an available PID slot for this process */ 3002 assert(max_pid < UINT32_MAX); 3003 3004 process->pid = max_pid + 1; 3005 process->attached = false; 3006 process->target_xml[0] = '\0'; 3007} 3008 3009#ifdef CONFIG_USER_ONLY 3010int 3011gdb_handlesig(CPUState *cpu, int sig) 3012{ 3013 char buf[256]; 3014 int n; 3015 3016 if (!gdbserver_state.init || gdbserver_state.fd < 0) { 3017 return sig; 3018 } 3019 3020 /* disable single step if it was enabled */ 3021 cpu_single_step(cpu, 0); 3022 tb_flush(cpu); 3023 3024 if (sig != 0) { 3025 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig)); 3026 put_packet(buf); 3027 } 3028 /* put_packet() might have detected that the peer terminated the 3029 connection. */ 3030 if (gdbserver_state.fd < 0) { 3031 return sig; 3032 } 3033 3034 sig = 0; 3035 gdbserver_state.state = RS_IDLE; 3036 gdbserver_state.running_state = 0; 3037 while (gdbserver_state.running_state == 0) { 3038 n = read(gdbserver_state.fd, buf, 256); 3039 if (n > 0) { 3040 int i; 3041 3042 for (i = 0; i < n; i++) { 3043 gdb_read_byte(buf[i]); 3044 } 3045 } else { 3046 /* XXX: Connection closed. Should probably wait for another 3047 connection before continuing. */ 3048 if (n == 0) { 3049 close(gdbserver_state.fd); 3050 } 3051 gdbserver_state.fd = -1; 3052 return sig; 3053 } 3054 } 3055 sig = gdbserver_state.signal; 3056 gdbserver_state.signal = 0; 3057 return sig; 3058} 3059 3060/* Tell the remote gdb that the process has exited due to SIG. */ 3061void gdb_signalled(CPUArchState *env, int sig) 3062{ 3063 char buf[4]; 3064 3065 if (!gdbserver_state.init || gdbserver_state.fd < 0) { 3066 return; 3067 } 3068 3069 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig)); 3070 put_packet(buf); 3071} 3072 3073static void gdb_accept_init(int fd) 3074{ 3075 init_gdbserver_state(); 3076 create_default_process(&gdbserver_state); 3077 gdbserver_state.processes[0].attached = true; 3078 gdbserver_state.c_cpu = gdb_first_attached_cpu(); 3079 gdbserver_state.g_cpu = gdbserver_state.c_cpu; 3080 gdbserver_state.fd = fd; 3081 gdb_has_xml = false; 3082} 3083 3084static bool gdb_accept_socket(int gdb_fd) 3085{ 3086 int fd; 3087 3088 for(;;) { 3089 fd = accept(gdb_fd, NULL, NULL); 3090 if (fd < 0 && errno != EINTR) { 3091 perror("accept socket"); 3092 return false; 3093 } else if (fd >= 0) { 3094 qemu_set_cloexec(fd); 3095 break; 3096 } 3097 } 3098 3099 gdb_accept_init(fd); 3100 return true; 3101} 3102 3103static int gdbserver_open_socket(const char *path) 3104{ 3105 struct sockaddr_un sockaddr; 3106 int fd, ret; 3107 3108 fd = socket(AF_UNIX, SOCK_STREAM, 0); 3109 if (fd < 0) { 3110 perror("create socket"); 3111 return -1; 3112 } 3113 3114 sockaddr.sun_family = AF_UNIX; 3115 pstrcpy(sockaddr.sun_path, sizeof(sockaddr.sun_path) - 1, path); 3116 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr)); 3117 if (ret < 0) { 3118 perror("bind socket"); 3119 close(fd); 3120 return -1; 3121 } 3122 ret = listen(fd, 1); 3123 if (ret < 0) { 3124 perror("listen socket"); 3125 close(fd); 3126 return -1; 3127 } 3128 3129 return fd; 3130} 3131 3132static bool gdb_accept_tcp(int gdb_fd) 3133{ 3134 struct sockaddr_in sockaddr; 3135 socklen_t len; 3136 int fd; 3137 3138 for(;;) { 3139 len = sizeof(sockaddr); 3140 fd = accept(gdb_fd, (struct sockaddr *)&sockaddr, &len); 3141 if (fd < 0 && errno != EINTR) { 3142 perror("accept"); 3143 return false; 3144 } else if (fd >= 0) { 3145 qemu_set_cloexec(fd); 3146 break; 3147 } 3148 } 3149 3150 /* set short latency */ 3151 if (socket_set_nodelay(fd)) { 3152 perror("setsockopt"); 3153 close(fd); 3154 return false; 3155 } 3156 3157 gdb_accept_init(fd); 3158 return true; 3159} 3160 3161static int gdbserver_open_port(int port) 3162{ 3163 struct sockaddr_in sockaddr; 3164 int fd, ret; 3165 3166 fd = socket(PF_INET, SOCK_STREAM, 0); 3167 if (fd < 0) { 3168 perror("socket"); 3169 return -1; 3170 } 3171 qemu_set_cloexec(fd); 3172 3173 socket_set_fast_reuse(fd); 3174 3175 sockaddr.sin_family = AF_INET; 3176 sockaddr.sin_port = htons(port); 3177 sockaddr.sin_addr.s_addr = 0; 3178 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr)); 3179 if (ret < 0) { 3180 perror("bind"); 3181 close(fd); 3182 return -1; 3183 } 3184 ret = listen(fd, 1); 3185 if (ret < 0) { 3186 perror("listen"); 3187 close(fd); 3188 return -1; 3189 } 3190 3191 return fd; 3192} 3193 3194int gdbserver_start(const char *port_or_path) 3195{ 3196 int port = g_ascii_strtoull(port_or_path, NULL, 10); 3197 int gdb_fd; 3198 3199 if (port > 0) { 3200 gdb_fd = gdbserver_open_port(port); 3201 } else { 3202 gdb_fd = gdbserver_open_socket(port_or_path); 3203 } 3204 3205 if (gdb_fd < 0) { 3206 return -1; 3207 } 3208 3209 if (port > 0 && gdb_accept_tcp(gdb_fd)) { 3210 return 0; 3211 } else if (gdb_accept_socket(gdb_fd)) { 3212 gdbserver_state.socket_path = g_strdup(port_or_path); 3213 return 0; 3214 } 3215 3216 /* gone wrong */ 3217 close(gdb_fd); 3218 return -1; 3219} 3220 3221/* Disable gdb stub for child processes. */ 3222void gdbserver_fork(CPUState *cpu) 3223{ 3224 if (!gdbserver_state.init || gdbserver_state.fd < 0) { 3225 return; 3226 } 3227 close(gdbserver_state.fd); 3228 gdbserver_state.fd = -1; 3229 cpu_breakpoint_remove_all(cpu, BP_GDB); 3230 cpu_watchpoint_remove_all(cpu, BP_GDB); 3231} 3232#else 3233static int gdb_chr_can_receive(void *opaque) 3234{ 3235 /* We can handle an arbitrarily large amount of data. 3236 Pick the maximum packet size, which is as good as anything. */ 3237 return MAX_PACKET_LENGTH; 3238} 3239 3240static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size) 3241{ 3242 int i; 3243 3244 for (i = 0; i < size; i++) { 3245 gdb_read_byte(buf[i]); 3246 } 3247} 3248 3249static void gdb_chr_event(void *opaque, QEMUChrEvent event) 3250{ 3251 int i; 3252 GDBState *s = (GDBState *) opaque; 3253 3254 switch (event) { 3255 case CHR_EVENT_OPENED: 3256 /* Start with first process attached, others detached */ 3257 for (i = 0; i < s->process_num; i++) { 3258 s->processes[i].attached = !i; 3259 } 3260 3261 s->c_cpu = gdb_first_attached_cpu(); 3262 s->g_cpu = s->c_cpu; 3263 3264 vm_stop(RUN_STATE_PAUSED); 3265 gdb_has_xml = false; 3266 break; 3267 default: 3268 break; 3269 } 3270} 3271 3272static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len) 3273{ 3274 g_autoptr(GString) hex_buf = g_string_new("O"); 3275 memtohex(hex_buf, buf, len); 3276 put_packet(hex_buf->str); 3277 return len; 3278} 3279 3280#ifndef _WIN32 3281static void gdb_sigterm_handler(int signal) 3282{ 3283 if (runstate_is_running()) { 3284 vm_stop(RUN_STATE_PAUSED); 3285 } 3286} 3287#endif 3288 3289static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend, 3290 bool *be_opened, Error **errp) 3291{ 3292 *be_opened = false; 3293} 3294 3295static void char_gdb_class_init(ObjectClass *oc, void *data) 3296{ 3297 ChardevClass *cc = CHARDEV_CLASS(oc); 3298 3299 cc->internal = true; 3300 cc->open = gdb_monitor_open; 3301 cc->chr_write = gdb_monitor_write; 3302} 3303 3304#define TYPE_CHARDEV_GDB "chardev-gdb" 3305 3306static const TypeInfo char_gdb_type_info = { 3307 .name = TYPE_CHARDEV_GDB, 3308 .parent = TYPE_CHARDEV, 3309 .class_init = char_gdb_class_init, 3310}; 3311 3312static int find_cpu_clusters(Object *child, void *opaque) 3313{ 3314 if (object_dynamic_cast(child, TYPE_CPU_CLUSTER)) { 3315 GDBState *s = (GDBState *) opaque; 3316 CPUClusterState *cluster = CPU_CLUSTER(child); 3317 GDBProcess *process; 3318 3319 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num); 3320 3321 process = &s->processes[s->process_num - 1]; 3322 3323 /* 3324 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at 3325 * runtime, we enforce here that the machine does not use a cluster ID 3326 * that would lead to PID 0. 3327 */ 3328 assert(cluster->cluster_id != UINT32_MAX); 3329 process->pid = cluster->cluster_id + 1; 3330 process->attached = false; 3331 process->target_xml[0] = '\0'; 3332 3333 return 0; 3334 } 3335 3336 return object_child_foreach(child, find_cpu_clusters, opaque); 3337} 3338 3339static int pid_order(const void *a, const void *b) 3340{ 3341 GDBProcess *pa = (GDBProcess *) a; 3342 GDBProcess *pb = (GDBProcess *) b; 3343 3344 if (pa->pid < pb->pid) { 3345 return -1; 3346 } else if (pa->pid > pb->pid) { 3347 return 1; 3348 } else { 3349 return 0; 3350 } 3351} 3352 3353static void create_processes(GDBState *s) 3354{ 3355 object_child_foreach(object_get_root(), find_cpu_clusters, s); 3356 3357 if (gdbserver_state.processes) { 3358 /* Sort by PID */ 3359 qsort(gdbserver_state.processes, gdbserver_state.process_num, sizeof(gdbserver_state.processes[0]), pid_order); 3360 } 3361 3362 create_default_process(s); 3363} 3364 3365int gdbserver_start(const char *device) 3366{ 3367 trace_gdbstub_op_start(device); 3368 3369 char gdbstub_device_name[128]; 3370 Chardev *chr = NULL; 3371 Chardev *mon_chr; 3372 3373 if (!first_cpu) { 3374 error_report("gdbstub: meaningless to attach gdb to a " 3375 "machine without any CPU."); 3376 return -1; 3377 } 3378 3379 if (!device) 3380 return -1; 3381 if (strcmp(device, "none") != 0) { 3382 if (strstart(device, "tcp:", NULL)) { 3383 /* enforce required TCP attributes */ 3384 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name), 3385 "%s,nowait,nodelay,server", device); 3386 device = gdbstub_device_name; 3387 } 3388#ifndef _WIN32 3389 else if (strcmp(device, "stdio") == 0) { 3390 struct sigaction act; 3391 3392 memset(&act, 0, sizeof(act)); 3393 act.sa_handler = gdb_sigterm_handler; 3394 sigaction(SIGINT, &act, NULL); 3395 } 3396#endif 3397 /* 3398 * FIXME: it's a bit weird to allow using a mux chardev here 3399 * and implicitly setup a monitor. We may want to break this. 3400 */ 3401 chr = qemu_chr_new_noreplay("gdb", device, true, NULL); 3402 if (!chr) 3403 return -1; 3404 } 3405 3406 if (!gdbserver_state.init) { 3407 init_gdbserver_state(); 3408 3409 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL); 3410 3411 /* Initialize a monitor terminal for gdb */ 3412 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB, 3413 NULL, NULL, &error_abort); 3414 monitor_init_hmp(mon_chr, false, &error_abort); 3415 } else { 3416 qemu_chr_fe_deinit(&gdbserver_state.chr, true); 3417 mon_chr = gdbserver_state.mon_chr; 3418 reset_gdbserver_state(); 3419 } 3420 3421 create_processes(&gdbserver_state); 3422 3423 if (chr) { 3424 qemu_chr_fe_init(&gdbserver_state.chr, chr, &error_abort); 3425 qemu_chr_fe_set_handlers(&gdbserver_state.chr, gdb_chr_can_receive, 3426 gdb_chr_receive, gdb_chr_event, 3427 NULL, &gdbserver_state, NULL, true); 3428 } 3429 gdbserver_state.state = chr ? RS_IDLE : RS_INACTIVE; 3430 gdbserver_state.mon_chr = mon_chr; 3431 gdbserver_state.current_syscall_cb = NULL; 3432 3433 return 0; 3434} 3435 3436void gdbserver_cleanup(void) 3437{ 3438 if (gdbserver_state.init) { 3439 put_packet("W00"); 3440 } 3441} 3442 3443static void register_types(void) 3444{ 3445 type_register_static(&char_gdb_type_info); 3446} 3447 3448type_init(register_types); 3449#endif